How to
Add a COMPOSE_ENV_FILE and export it along with the location where this repo subdirectory lives, here for example /opt/containers/snipeit plus all other variables. At env/fully.qualified.domain.name_ctx.example you'll find an example file. For parameters that aren't self-explanatory check out Environment variables below. The COMPOSE_CTX here will be equal to whatever's in your CONTEXT down in Environment variables.
Prep
export COMPOSE_DIR='/opt/containers/snipeit'
export COMPOSE_CTX='ux_edmonton'
export COMPOSE_PROJECT_NAME='snipeit-'"${COMPOSE_CTX}"
export COMPOSE_FILE="${COMPOSE_DIR}"'/docker-compose.yml'
export COMPOSE_ENV_FILE=
Start
docker compose --project-name "${COMPOSE_PROJECT_NAME}" --file "${COMPOSE_FILE}" --env-file "${COMPOSE_ENV_FILE}" --profile full up --detach
MySQL
At the time of writing the manual (https://snipe-it.readme.io/docs/docker) recommends that for MySQL versions newer than 5.6 you should at first run MySQL without STRICT_TRANS_TABLES mode, quote:
Newer MySQL containers (5.7 and later, or MariaDB) may run in strict-mode by default, and the initial migrations and application setup will fail in strict mode. If you want to use one of those versions, you need to disable strict mode first!
Tests show that this was not needed on an example MySQL 8.0.33 instance. If you want to be sure to not mess anything up in docker-compose.yml remove the comment in front of command: mysqld --sql_mode="" so that this overrides the default command: mysqld thereby removing all enabled modes. Once initial database setup is done comment this line out again for subsequent starts.
By default the following modes are active:
ONLY_FULL_GROUP_BYSTRICT_TRANS_TABLESNO_ZERO_IN_DATENO_ZERO_DATEERROR_FOR_DIVISION_BY_ZERONO_ENGINE_SUBSTITUTION
Environment variables
Some non-standard env vars and some that can benefit from a short explanation are listed here. Whenever we're referring to the manual this was at the time of writing located at https://snipe-it.readme.io/docs/docker.
-
APP_KEY=base64:...Run
docker run --rm snipe/snipe-itto have the Snipe-IT container generate a randomAPP_KEY, print it out and terminate. You can put that randomly generatedAPP_KEYhere along with thebase64:prefix that's part of the string. -
APP_TRUSTED_PROXIES=172.16.0.0/12This comes from the manual for operation behind a reverse proxy. We're running Snipe-IT behind a reverse proxy on a Docker host with default network configs. Docker by default uses the address prefix
172.16.0.0/12for itself. To the Snipe-IT container a reverse proxy container will always send its traffic from this subnet. -
APP_URL=https://fully.qualified.domain.nameDo not add a trailing slash nor a port number.
-
CONTEXT=ux_edmontonWhatever context you're using to deploy any given Snipe-IT instance. The
CONTEXTvar is used for example in named volume paths on your file system. This example is intended to run for a User Experience team based in Edmonton, Alberta, Canada. -
MYSQL_PORT=33006We want our database exposed on the Docker host itelf to easily manage it with external SQL management tools.
-
MYSQL_PORT_3306_TCP_ADDR=mysqlFor reasons not entirely understood (by us) the Docker Compose service name
mysqlremained unresolvable to the Snipe-IT containers unless this hostname was given. -
MYSQL_ROOT_HOST=172.21.97.1In addition to the default user
'root'@'localhost'we want MySQL to also generate'root'@'172.21.97.1'to easily remote-manage this database instance for example by SSH-tunneling to the Docker host and the connecting to the MySQL daemon with SQL management tools. -
SECURE_COOKIES=trueThis also comes straight from the manual for operation behind a reverse proxy.
Reverse proxy
A reverse proxy server should send the X-Forwarded-Host header and X-Forwarded-Proto header. With an other wise standard Nginx config for example you'll want to add these settings.
Details for a complete Nginx (or other) reverse proxy config are beyond the scope of this document.
server {
listen ...
location / {
proxy_pass http://...;
...
proxy_set_header X-Forwarded-Proto $scheme; <---
proxy_set_header X-Forwarded-Host $http_host; <---
}
}