diff --git a/bookstack/docker-compose copy.yml b/bookstack/docker-compose copy.yml new file mode 100644 index 0000000..f90da9a --- /dev/null +++ b/bookstack/docker-compose copy.yml @@ -0,0 +1,78 @@ +--- +version: "2" +services: + app: + image: lscr.io/linuxserver/bookstack:latest + environment: + PUID: 1000 + PGID: 1000 + APP_URL: https://bookstack.sectorq.eu + DB_HOST: db + DB_PORT: 3306 + DB_USER: bookstack + DB_PASS: l4c1j4yd33Du5lo + DB_DATABASE: bookstackapp + # Set authentication method to be saml2 + AUTH_METHOD: saml2 + # Control if BookStack automatically initiates login via your SAML system if it's the only authentication method. + # Prevents the need for the user to click the "Login with x" button on the login page. + # Setting this to true enables auto-initiation. + AUTH_AUTO_INITIATE: true + # Set the display name to be shown on the login button. + # (Login with ) + SAML2_NAME: authentik + # Name of the attribute which provides the user's email address + SAML2_EMAIL_ATTRIBUTE: email + # Name of the attribute to use as an ID for the SAML user. + SAML2_EXTERNAL_ID_ATTRIBUTE: uid + # Enable SAML group sync. + SAML2_USER_TO_GROUPS: true + # Set the attribute from which BookStack will read groups names from. + # You will need to rename your roles in Bookstack to match your groups in authentik. + SAML2_GROUP_ATTRIBUTE: http://schemas.xmlsoap.org/claims/Group + # Name of the attribute(s) to use for the user's display name + # Can have multiple attributes listed, separated with a '|' in which + # case those values will be joined with a space. + # Example: SAML2_DISPLAY_NAME_ATTRIBUTES=firstName|lastName + # Defaults to the ID value if not found. + SAML2_DISPLAY_NAME_ATTRIBUTES: http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname + # Identity Provider entityID URL + SAML2_IDP_ENTITYID: https://auth.sectorq.eu/api/v3/providers/saml/10/metadata/?download + # Auto-load metadata from the IDP + # Setting this to true negates the need to specify the next three options + SAML2_AUTOLOAD_METADATA: true + volumes: + - /share/docker_data/bookstack/bookstack_app_data:/config + ports: + - 6875:80 + restart: always + depends_on: + - db + labels: + com.centurylinklabs.watchtower.enable: true + homepage.group: Utilities + homepage.name: Bookstack + homepage.weight: 1 + homepage.icon: bookstack.png + homepage.href: https://bookstack.sectorq.eu + homepage.description: Books + homepage.server: my-docker + homepage.container: bookstack-app-1 + # homepage.widget.type: ${APPNAME} + # homepage.widget.url: https://${APPNAME}.sectorq.eu + # homepage.widget.key: ddfc91b29920082636da70cc677aec74c88a7666 + # homepage.widget.version: 2 + db: + image: lscr.io/linuxserver/mariadb + environment: + PUID: 0 + PGID: 0 + MYSQL_ROOT_PASSWORD: l4c1j4yd33Du5lo + TZ: Europe/Bratislava + MYSQL_DATABASE: bookstackapp + MYSQL_USER: bookstack + MYSQL_PASSWORD: l4c1j4yd33Du5lo + + volumes: + - /share/docker_data/bookstack/bookstack_db_data:/config + restart: always diff --git a/bookstack/docker-compose.yml b/bookstack/docker-compose.yml index f90da9a..5a3f4ee 100644 --- a/bookstack/docker-compose.yml +++ b/bookstack/docker-compose.yml @@ -1,78 +1,89 @@ --- -version: "2" + +# This is an example complete example docker-compose.yml +# file for a linuxserver.io based BookStack setup +# using the linuxserver.io MariaDB conatiner. + +# ENSURE YOU PAY ATTENTION TO ALL COMMENTS BELOW. +# Many of the values are just examples, and you WILL +# have to make changes to suit your environment. + +# These containers are maintained by the linuxserver.io +# team, not the official BookStack project. + +# For non-commented options, refer to the linuxserver documentation: +# https://docs.linuxserver.io/images/docker-bookstack/#environment-variables-e + services: - app: - image: lscr.io/linuxserver/bookstack:latest + + # The container for BookStack itself + bookstack: + # You should update the version here to match the latest + # release of BookStack: https://github.com/BookStackApp/BookStack/releases + # You'll change this when wanting to update the version of BookStack used. + image: lscr.io/linuxserver/bookstack:24.12.1 + container_name: bookstack environment: - PUID: 1000 - PGID: 1000 - APP_URL: https://bookstack.sectorq.eu - DB_HOST: db - DB_PORT: 3306 - DB_USER: bookstack - DB_PASS: l4c1j4yd33Du5lo - DB_DATABASE: bookstackapp - # Set authentication method to be saml2 - AUTH_METHOD: saml2 - # Control if BookStack automatically initiates login via your SAML system if it's the only authentication method. - # Prevents the need for the user to click the "Login with x" button on the login page. - # Setting this to true enables auto-initiation. - AUTH_AUTO_INITIATE: true - # Set the display name to be shown on the login button. - # (Login with ) - SAML2_NAME: authentik - # Name of the attribute which provides the user's email address - SAML2_EMAIL_ATTRIBUTE: email - # Name of the attribute to use as an ID for the SAML user. - SAML2_EXTERNAL_ID_ATTRIBUTE: uid - # Enable SAML group sync. - SAML2_USER_TO_GROUPS: true - # Set the attribute from which BookStack will read groups names from. - # You will need to rename your roles in Bookstack to match your groups in authentik. - SAML2_GROUP_ATTRIBUTE: http://schemas.xmlsoap.org/claims/Group - # Name of the attribute(s) to use for the user's display name - # Can have multiple attributes listed, separated with a '|' in which - # case those values will be joined with a space. - # Example: SAML2_DISPLAY_NAME_ATTRIBUTES=firstName|lastName - # Defaults to the ID value if not found. - SAML2_DISPLAY_NAME_ATTRIBUTES: http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname - # Identity Provider entityID URL - SAML2_IDP_ENTITYID: https://auth.sectorq.eu/api/v3/providers/saml/10/metadata/?download - # Auto-load metadata from the IDP - # Setting this to true negates the need to specify the next three options - SAML2_AUTOLOAD_METADATA: true + - PUID=1000 + - PGID=1000 + - TZ=Etc/UTC + # APP_URL must be set as the base URL you'd expect to access BookStack + # on via the browser. The default shown here is what you might use if accessing + # direct from the browser on the docker host, hence the use of the port as configured below. + - APP_URL=http://localhost:6875 + # APP_KEY must be a unique key. Generate your own by running + # docker run -it --rm --entrypoint /bin/bash lscr.io/linuxserver/bookstack:latest appkey + # You should keep the "base64:" part for the option value. + - APP_KEY=base64:3qjlIoUX4Tw6fUQgZcxMbz6lb8+dAzqpvItqHvahW1c= + + # The below database details are purposefully aligned with those + # configuted for the "mariadb" service below: + - DB_HOST=mariadb + - DB_PORT=3306 + - DB_DATABASE=bookstack + - DB_USERNAME=bookstack + - DB_PASSWORD=bookstack8432 volumes: + # You generally only ever need to map this one volume. + # This maps it to a "bookstack_app_data" folder in the same + # directory as this compose config file. - /share/docker_data/bookstack/bookstack_app_data:/config ports: + # This exposes port 6875 for general web access. + # Commonly you'd have a reverse proxy in front of this, + # redirecting incoming requests to this port. - 6875:80 - restart: always - depends_on: - - db - labels: - com.centurylinklabs.watchtower.enable: true - homepage.group: Utilities - homepage.name: Bookstack - homepage.weight: 1 - homepage.icon: bookstack.png - homepage.href: https://bookstack.sectorq.eu - homepage.description: Books - homepage.server: my-docker - homepage.container: bookstack-app-1 - # homepage.widget.type: ${APPNAME} - # homepage.widget.url: https://${APPNAME}.sectorq.eu - # homepage.widget.key: ddfc91b29920082636da70cc677aec74c88a7666 - # homepage.widget.version: 2 - db: - image: lscr.io/linuxserver/mariadb + restart: unless-stopped + + # The container for the database which BookStack will use to store + # most of its core data/content. + mariadb: + # You should update the version here to match the latest + # main version of the linuxserver mariadb container version: + # https://github.com/linuxserver/docker-mariadb/pkgs/container/mariadb/versions?filters%5Bversion_type%5D=tagged + image: lscr.io/linuxserver/mariadb:11.4.4 + container_name: mariadb environment: - PUID: 0 - PGID: 0 - MYSQL_ROOT_PASSWORD: l4c1j4yd33Du5lo - TZ: Europe/Bratislava - MYSQL_DATABASE: bookstackapp - MYSQL_USER: bookstack - MYSQL_PASSWORD: l4c1j4yd33Du5lo - + - PUID=1000 + - PGID=1000 + - TZ=Etc/UTC + # You may want to change the credentials used below, + # but be aware the latter three options need to align + # with the DB_* options for the BookStack container. + - MYSQL_ROOT_PASSWORD=mysupersecretrootpassword + - MYSQL_DATABASE=bookstack + - MYSQL_USER=bookstack + - MYSQL_PASSWORD=bookstack8432 volumes: + # You generally only ever need to map this one volume. + # This maps it to a "bookstack_db_data" folder in the same + # directory as this compose config file. - /share/docker_data/bookstack/bookstack_db_data:/config - restart: always + + # These ports are commented out as you don't really need this port + # exposed for normal use, mainly only if connecting direct the the + # database externally. Otherwise, this risks exposing access to the + # database when not needed. + # ports: + # - 3306:3306 + restart: unless-stopped \ No newline at end of file