privacyIDEA Docker ππ
Docker runtime container for privacyIDEA with docker-compose.
Deployment
Configuration via environment variables. Move sample file and configure according to the privacyIDEA documentation.
mv dotenv-sample .env;
vi .env
Start the containers using docker-compose up
; all relevant logs are sent to stdout. Afterwards an administrative user can be created using:
docker-compose exec privacyidea pi-manage admin add admin -e admin@localhost
Configuration
privacyIDEA Configuration
privacyIDEA-specific configuration is done via pi.cfg
and should be fine as-is.
mv data/privacyidea/sampe-pi.cfg
vi data/privacyidea/pi.cfg
The database is initialized automatically upon first execution and kept in persistent data. Same for Encryption and Audit Keys.
If you're migrating from an already existing installation, make sure you dump your MySQL database and add your Encryption + Audit Keys
to the data/privacyidea
folder before starting the container.
Certificates
Certificates have to be added to the folders before initializing starting up the containers.
- Active Directory CA certificate
- add to
data/privacyidea/ldap-ca.crt
- available in-container via
/etc/privacyidea/ldap-ca.crt
- add to
- Apache webserver certificates:
data/certs/apache/apache.pem
(incl. intermediate certificates)data/certs/apache/apache.key
(unencrypted)