Some experimental docker changes.

.deploy/docker/build-amd64.sh

@@ -3,8 +3,6 @@
 # build image
 echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
 
-
-
 if [ "$TRAVIS_BRANCH" == "develop" ]; then
     echo "Build develop amd64"
     docker build -t jc5x/firefly-iii:develop-amd64 -f Dockerfile.amd64 .

.deploy/docker/build-arm.sh

@@ -2,7 +2,6 @@
 
 docker run --rm --privileged multiarch/qemu-user-static:register --reset
 
-
 # get qemu-arm-static binary
 mkdir tmp
 pushd tmp && \

.deploy/docker/entrypoint.sh

@@ -2,8 +2,6 @@
 
 echo "Now in entrypoint.sh for Firefly III"
 
-lscpu
-
 # make sure the correct directories exists (suggested by @chrif):
 echo "Making directories..."
 mkdir -p $FIREFLY_PATH/storage/app/public
@@ -37,15 +35,12 @@ chmod -R 775 $FIREFLY_PATH/storage
 echo "Remove log file..."
 rm -f $FIREFLY_PATH/storage/logs/laravel.log
 
-#echo "Map environment variables on .env file..."
-#cat $FIREFLY_PATH/.deploy/docker/.env.docker | envsubst > $FIREFLY_PATH/.env
 echo "Dump auto load..."
 composer dump-autoload
 echo "Discover packages..."
 php artisan package:discover
 
 echo "Run various artisan commands..."
-#. $FIREFLY_PATH/.env
 if [[ -z "$DB_PORT" ]]; then
   if [[ $DB_CONNECTION == "pgsql" ]]; then
     DB_PORT=5432

.env.example

@@ -22,6 +22,7 @@ TZ=Europe/Amsterdam
 APP_URL=http://localhost
 
 # TRUSTED_PROXIES is a useful variable when using Docker and/or a reverse proxy.
+# Set it to ** and reverse proxies work just fine.
 TRUSTED_PROXIES=
 
 # The log channel defines where your log entries go to.
@@ -105,6 +106,7 @@ MAPBOX_API_KEY=
 # RatesApi.IO (see https://ratesapi.io) is a FREE and OPEN SOURCE live currency exchange rates,
 # built compatible with Fixer.IO, based on data published by European Central Bank, and doesn't require API key.
 CER_PROVIDER=ratesapi
+
 # If you have select "fixer" as default currency exchange rates,
 # set a Fixer IO API key here (see https://fixer.io) to enable live currency exchange rates.
 # Please note that this WILL ONLY WORK FOR PAID fixer.io accounts because they severely limited

docker-compose.yml

@@ -4,23 +4,14 @@ networks:
     driver: bridge
 services: 
   firefly_iii_app: 
-    environment: 
-      - DB_HOST=firefly_iii_db
-      - DB_NAME=firefly
-      - DB_USER=firefly
-      - DB_PASSWORD=firefly
-      - APP_KEY=S0m3R@nd0mStr1ngOf32Ch@rsEx@ctly
-      - APP_ENV=local
-      - DB_CONNECTION=pgsql
-      - TZ=Europe/Amsterdam
-      - APP_LOG_LEVEL=debug
-    image: jc5x/firefly-iii
-    links: 
+    image: jc5x/firefly-iii:develop
+    depends_on:
       - firefly_iii_db
     networks: 
       - firefly_iii_net
     ports: 
       - "80:80"
+    env_file: docker-variables.txt
     volumes: 
       - 
         source: firefly_iii_export
@@ -31,14 +22,14 @@ services:
         target: /var/www/firefly-iii/storage/upload
         type: volume
   firefly_iii_db: 
-    environment: 
-      - POSTGRES_PASSWORD=firefly
-      - POSTGRES_USER=firefly
     image: "postgres:10"
+    environment:
+      - POSTGRES_PASSWORD=secret_firefly_password
+      - POSTGRES_USER=firefly
     networks: 
       - firefly_iii_net
     volumes: 
-      - "firefly_iii_db:/var/lib/postgresql/data"
+      - firefly_iii_db:/var/lib/postgresql/data
 version: "3.2"
 volumes: 
   firefly_iii_db: ~

docker-variables.txt

@@ -1,57 +1,57 @@
 # You can leave this on "local". If you change it to production most console commands will ask for extra confirmation.
 # Never set it to "testing".
-APP_ENV=${APP_ENV}
+APP_ENV=local
 
 # Set to true if you want to see debug information in error screens.
-APP_DEBUG=${APP_DEBUG}
+APP_DEBUG=false
 
 # This should be your email address
-SITE_OWNER=${SITE_OWNER}
+SITE_OWNER=mail@example.com
 
-# The encryption key for your database and sessions. Keep this very secure.
-# If you generate a new one all existing data must be considered LOST.
+# The encryption key for your sessions. Keep this very secure.
+# If you generate a new one existing data must be considered LOST.
 # Change it to a string of exactly 32 chars or use command `php artisan key:generate` to generate it
-APP_KEY=${APP_KEY}
+APP_KEY=SomeRandomStringOf32CharsExactly
 
 # Change this value to your preferred time zone.
 # Example: Europe/Amsterdam
-TZ=${TZ}
+TZ=Europe/Amsterdam
 
 # This variable must match your installation's external address but keep in mind that
 # it's only used on the command line as a fallback value.
-APP_URL=${APP_URL}
+APP_URL=http://localhost
 
 # TRUSTED_PROXIES is a useful variable when using Docker and/or a reverse proxy.
-TRUSTED_PROXIES=${TRUSTED_PROXIES}
+# Set it to ** and reverse proxies work just fine.
+TRUSTED_PROXIES=
 
 # The log channel defines where your log entries go to.
 # 'daily' is the default logging mode giving you 5 daily rotated log files in /storage/logs/.
 # Several other options exist. You can use 'single' for one big fat error log (not recommended).
 # Also available are 'syslog', 'errorlog' and 'stdout' which will log to the system itself.
-LOG_CHANNEL=stdout
+LOG_CHANNEL=daily
 
 # Log level. You can set this from least severe to most severe:
 # debug, info, notice, warning, error, critical, alert, emergency
 # If you set it to debug your logs will grow large, and fast. If you set it to emergency probably
 # nothing will get logged, ever.
-APP_LOG_LEVEL=${APP_LOG_LEVEL}
+APP_LOG_LEVEL=notice
 
 # Database credentials. Make sure the database exists. I recommend a dedicated user for Firefly III
 # For other database types, please see the FAQ: http://firefly-iii.readthedocs.io/en/latest/support/faq.html
-DB_CONNECTION=${DB_CONNECTION}
-DB_HOST=${DB_HOST}
-DB_PORT=${DB_PORT}
-DB_DATABASE=${DB_NAME}
-DB_USERNAME=${DB_USER}
-DB_PASSWORD="${DB_PASSWORD}"
+DB_CONNECTION=pgsql
+DB_HOST=127.0.0.1
+DB_PORT=5432
+DB_DATABASE=firefly
+DB_USERNAME=firefly
+DB_PASSWORD=secret_firefly_password
 
 # PostgreSQL supports SSL. You can configure it here.
-PGSQL_SSL=${PGSQL_SSL}
-PGSQL_SSL_MODE=${PGSQL_SSL_MODE}
-PGSQL_SSL_ROOT_CERT=${PGSQL_SSL_ROOT_CERT}
-PGSQL_SSL_CERT=${PGSQL_SSL_CERT}
-PGSQL_SSL_KEY=${PGSQL_SSL_KEY}
-PGSQL_SSL_CRL_FILE=${PGSQL_SSL_CRL_FILE}
+PGSQL_SSL_MODE=prefer
+PGSQL_SSL_ROOT_CERT=null
+PGSQL_SSL_CERT=null
+PGSQL_SSL_KEY=null
+PGSQL_SSL_CRL_FILE=null
 
 # If you're looking for performance improvements, you could install memcached.
 CACHE_DRIVER=file
@@ -60,15 +60,15 @@ SESSION_DRIVER=file
 # You can configure another file storage backend if you cannot use the local storage option.
 # To set this up, fill in the following variables. The upload path is used to store uploaded
 # files and the export path is to store exported data (before download).
-SFTP_HOST=${SFTP_HOST}
-SFTP_PORT=${SFTP_PORT}
-SFTP_UPLOAD_PATH=${SFTP_UPLOAD_PATH}
-SFTP_EXPORT_PATH=${SFTP_EXPORT_PATH}
+SFTP_HOST=
+SFTP_PORT=
+SFTP_UPLOAD_PATH=
+SFTP_EXPORT_PATH=
 
 # SFTP uses either the username/password combination or the private key to authenticate.
-SFTP_USERNAME=${SFTP_USERNAME}
-SFTP_PASSWORD="${SFTP_PASSWORD}"
-SFTP_PRIV_KEY=${SFTP_PRIV_KEY}
+SFTP_USERNAME=
+SFTP_PASSWORD=
+SFTP_PRIV_KEY=
 
 # Cookie settings. Should not be necessary to change these.
 COOKIE_PATH="/"
@@ -77,90 +77,88 @@ COOKIE_SECURE=false
 
 # If you want Firefly III to mail you, update these settings
 # For instructions, see: https://firefly-iii.readthedocs.io/en/latest/installation/mail.html
-MAIL_DRIVER=${MAIL_DRIVER}
-MAIL_HOST=${MAIL_HOST}
-MAIL_PORT=${MAIL_PORT}
-MAIL_FROM=${MAIL_FROM}
-MAIL_USERNAME=${MAIL_USERNAME}
-MAIL_PASSWORD="${MAIL_PASSWORD}"
-MAIL_ENCRYPTION=${MAIL_ENCRYPTION}
+MAIL_DRIVER=log
+MAIL_HOST=smtp.mailtrap.io
+MAIL_PORT=2525
+MAIL_FROM=changeme@example.com
+MAIL_USERNAME=null
+MAIL_PASSWORD=null
+MAIL_ENCRYPTION=null
 
 # Other mail drivers:
-MAILGUN_DOMAIN=${MAILGUN_DOMAIN}
-MAILGUN_SECRET=${MAILGUN_SECRET}
-MANDRILL_SECRET=${MANDRILL_SECRET}
-SPARKPOST_SECRET=${SPARKPOST_SECRET}
+MAILGUN_DOMAIN=
+MAILGUN_SECRET=
+MANDRILL_SECRET=
+SPARKPOST_SECRET=
 
 # Firefly III can send you the following messages
 SEND_REGISTRATION_MAIL=true
-SEND_ERROR_MESSAGE=false
+SEND_ERROR_MESSAGE=true
 
 # These messages contain (sensitive) transaction information:
-SEND_REPORT_JOURNALS=${SEND_REPORT_JOURNALS}
+SEND_REPORT_JOURNALS=true
 
 # Set a Mapbox API key here (see mapbox.com) so there might be a map available at various places.
-MAPBOX_API_KEY=${MAPBOX_API_KEY}
+MAPBOX_API_KEY=
 
 # Firefly III currently supports two provider for live Currency Exchange Rates:
 # "fixer" is the default (for backward compatibility), and "ratesapi" is the new one.
 # RatesApi.IO (see https://ratesapi.io) is a FREE and OPEN SOURCE live currency exchange rates,
-# built compatible with Fixer.IO, based on data published by European Central Bank, and don't require API key.
-CER_PROVIDER=${CER_PROVIDER}
+# built compatible with Fixer.IO, based on data published by European Central Bank, and doesn't require API key.
+CER_PROVIDER=ratesapi
+
 # If you have select "fixer" as default currency exchange rates,
 # set a Fixer IO API key here (see https://fixer.io) to enable live currency exchange rates.
 # Please note that this WILL ONLY WORK FOR PAID fixer.io accounts because they severely limited
 # the free API up to the point where you might as well offer nothing.
-FIXER_API_KEY=${FIXER_API_KEY}
+FIXER_API_KEY=
 
 # If you wish to track your own behavior over Firefly III, set a valid analytics tracker ID here.
-ANALYTICS_ID=${ANALYTICS_ID}
-
-# Most parts of the database are encrypted by default, but you can turn this off if you want to.
-# This makes it easier to migrate your database. Not that some fields will never be decrypted.
-USE_ENCRYPTION=true
+ANALYTICS_ID=
 
 # Firefly III has two options for user authentication. "eloquent" is the default,
 # and "ldap" for LDAP servers.
 # For full instructions on these settings please visit:
 # https://firefly-iii.readthedocs.io/en/latest/installation/authentication.html
-LOGIN_PROVIDER=${LOGIN_PROVIDER}
+LOGIN_PROVIDER=eloquent
 
 # LDAP connection configuration
-ADLDAP_CONNECTION_SCHEME=${ADLDAP_CONNECTION_SCHEME}
-ADLDAP_AUTO_CONNECT=${ADLDAP_AUTO_CONNECT}
+# OpenLDAP, FreeIPA or ActiveDirectory
+ADLDAP_CONNECTION_SCHEME=OpenLDAP
+ADLDAP_AUTO_CONNECT=true
 
 # LDAP connection settings
-ADLDAP_CONTROLLERS=${ADLDAP_CONTROLLERS}
-ADLDAP_PORT=${ADLDAP_PORT}
-ADLDAP_TIMEOUT=${ADLDAP_TIMEOUT}
-ADLDAP_BASEDN="${ADLDAP_BASEDN}"
-ADLDAP_FOLLOW_REFFERALS=${ADLDAP_FOLLOW_REFFERALS}
-ADLDAP_USE_SSL=${ADLDAP_USE_SSL}
-ADLDAP_USE_TLS=${ADLDAP_USE_TLS}
+ADLDAP_CONTROLLERS=
+ADLDAP_PORT=389
+ADLDAP_TIMEOUT=5
+ADLDAP_BASEDN=""
+ADLDAP_FOLLOW_REFFERALS=false
+ADLDAP_USE_SSL=false
+ADLDAP_USE_TLS=false
 
-ADLDAP_ADMIN_USERNAME=${ADLDAP_ADMIN_USERNAME}
-ADLDAP_ADMIN_PASSWORD="${ADLDAP_ADMIN_PASSWORD}"
+ADLDAP_ADMIN_USERNAME=
+ADLDAP_ADMIN_PASSWORD=
 
-ADLDAP_ACCOUNT_PREFIX="${ADLDAP_ACCOUNT_PREFIX}"
-ADLDAP_ACCOUNT_SUFFIX="${ADLDAP_ACCOUNT_SUFFIX}"
+ADLDAP_ACCOUNT_PREFIX=
+ADLDAP_ACCOUNT_SUFFIX=
 
 # LDAP authentication settings.
-ADLDAP_PASSWORD_SYNC=${ADLDAP_PASSWORD_SYNC}
-ADLDAP_LOGIN_FALLBACK=${ADLDAP_LOGIN_FALLBACK}
+ADLDAP_PASSWORD_SYNC=false
+ADLDAP_LOGIN_FALLBACK=false
 
-ADLDAP_DISCOVER_FIELD=${ADLDAP_DISCOVER_FIELD}
-ADLDAP_AUTH_FIELD=${ADLDAP_AUTH_FIELD}
+ADLDAP_DISCOVER_FIELD=distinguishedname
+ADLDAP_AUTH_FIELD=distinguishedname
 
 # Will allow SSO if your server provides an AUTH_USER field.
-WINDOWS_SSO_DISCOVER=${WINDOWS_SSO_DISCOVER}
-WINDOWS_SSO_KEY=${WINDOWS_SSO_KEY}
+WINDOWS_SSO_DISCOVER=samaccountname
+WINDOWS_SSO_KEY=AUTH_USER
 
 # field to sync as local username.
-ADLDAP_SYNC_FIELD=${ADLDAP_SYNC_FIELD}
+ADLDAP_SYNC_FIELD=userprincipalname
 
 # You can disable the X-Frame-Options header if it interfears with tools like
 # Organizr. This is at your own risk.
-DISABLE_FRAME_HEADER=${DISABLE_FRAME_HEADER}
+DISABLE_FRAME_HEADER=false
 
 # Leave the following configuration vars as is.
 # Unless you like to tinker and know what you're doing.
@@ -178,7 +176,8 @@ PUSHER_SECRET=
 PUSHER_ID=
 DEMO_USERNAME=
 DEMO_PASSWORD=
-IS_DOCKER=true
+IS_DOCKER=false
+USE_ENCRYPTION=false
 IS_SANDSTORM=false
 IS_HEROKU=false
 BUNQ_USE_SANDBOX=false