initial code commit

.gitignore

@@ -0,0 +1,26 @@
+# General
+.DS_Store
+.AppleDouble
+.LSOverride
+
+# Icon must end with two \r
+Icon
+
+# Thumbnails
+._*
+
+# Files that might appear in the root of a volume
+.DocumentRevisions-V100
+.fseventsd
+.Spotlight-V100
+.TemporaryItems
+.Trashes
+.VolumeIcon.icns
+.com.apple.timemachine.donotpresent
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk

README.md

@@ -0,0 +1,33 @@
+# swarmstack/teampass
+
+Docker compose file for TeamPass. Requires Docker swarm.
+
+## USAGE
+
+Edit the docker-compose.yml and replace fqdn.example.com with your swarm http address. TeamPass database credentials for later configuration are also found within this same file.
+
+```
+docker stack deploy -c docker-compose.yml teampass
+```
+
+[swarmstack](https://github.com/swarmstack/swarmstack) users should use docker-compose-swarmstack.yml above instead.
+
+---
+
+You can then configure TeamPass at http://fqdn.example.com:6443/index.php
+
+It is HIGHLY recommended to remove the exposed "ports:" section within the compose file, and instead secure the traffic behind HTTPS/TLS via a proxy. swarmstack users can add the following stanza to their existing Caddy proxy configuration:
+
+```
+{$CADDY_URL}:6443 {
+  errors stderr
+  prometheus 0.0.0.0:9180 {
+    hostname 6443
+  }
+  tls {$CADDY_CERT} {$CADDY_KEY}
+
+  proxy / teampass:80 {
+    transparent
+  }
+}
+```

bounce

@@ -0,0 +1,5 @@
+#!/bin/sh
+
+./down
+sleep 5
+./up

docker-compose-swarmstack.yaml

@@ -0,0 +1,63 @@
+version: "3.4"
+
+networks:
+  default:
+    external:
+      name: swarmstack_net
+
+configs:
+  teampass_docker_start:
+    file: ./teampass-docker-start.sh
+
+volumes:
+    teampass-data:
+      driver: pxd
+      driver_opts:
+        repl: 2
+        size: 2
+    teampass-php:
+      driver: pxd
+      driver_opts:
+        repl: 2
+        size: 1 
+    teampass-mysql:
+      driver: pxd
+      driver_opts:
+        repl: 2
+        size: 4 
+
+services:
+  teampass:
+    image: teampass/teampass
+    configs:
+      - source: teampass_docker_start
+        target: /teampass-docker-start.sh
+    deploy:
+      mode: replicated
+      placement:
+        constraints:
+          - node.Labels.storagegroup==RED
+      replicas: 1
+    environment:
+      VIRTUAL_HOST: fqdn.example.com
+    ports:
+      - "6443:80"
+    volumes:
+      - teampass-data:/var/www/html
+      - teampass-php:/var/php/session
+
+  db:
+    image: mysql/mysql-server:5.7
+    deploy:
+      mode: replicated
+      placement:
+        constraints:
+          - node.Labels.storagegroup==RED
+      replicas: 1
+    environment:
+      MYSQL_ROOT_PASSWORD: mypass
+      MYSQL_DATABASE: teampass
+      MYSQL_PASSWORD: teampass
+      MYSQL_USER: teampass
+    volumes:
+      - teampass-mysql:/var/lib/mysql

docker-compose.yaml

@@ -0,0 +1,35 @@
+version: "3.4"
+
+configs:
+  teampass_docker_start:
+    file: ./teampass-docker-start.sh
+
+services:
+  teampass:
+    image: teampass/teampass
+    configs:
+      - source: teampass_docker_start
+        target: /teampass-docker-start.sh
+    deploy:
+      mode: replicated
+      replicas: 1
+    environment:
+      VIRTUAL_HOST: fqdn.example.com
+    ports:
+      - "6443:80"
+    volumes:
+      - ./local_bind_volume_dir/var/www/html:/var/www/html
+      - ./local_bind_volume_dir/var/php/session:/var/php/session
+
+  db:
+    image: mysql/mysql-server:5.7
+    deploy:
+      mode: replicated
+      replicas: 1
+    environment:
+      MYSQL_ROOT_PASSWORD: mypass
+      MYSQL_DATABASE: teampass
+      MYSQL_PASSWORD: teampass
+      MYSQL_USER: teampass
+    volumes:
+      - ./local_bind_volume_dir/var/lib/mysql:/var/lib/mysql

down

@@ -0,0 +1,3 @@
+#!/bin/sh
+
+docker stack rm teampass

local_bind_volume_dir/README.md

@@ -0,0 +1 @@
+This directory exists as "permanent" storage for your container, just in case you forget to edit the local_bind_volume_dir to another directory on your local Docker system towards the bottom of docker-compose.yml, or use persistent storage as with the swarmstack version.

teampass-docker-start.sh

@@ -0,0 +1,22 @@
+#!/bin/sh
+if [ ! -d ${VOL}/.git ];
+then
+	echo "Initial setup..."
+        rm -Rf ${VOL}/*
+	git clone $REPO_URL ${VOL}
+	mkdir ${VOL}/sk
+	chown -Rf nginx:nginx ${VOL}
+fi
+
+if [ -f ${VOL}/includes/config/settings.php ] ;
+then
+	echo "Teampass is ready."
+	rm -rf ${VOL}/install
+else
+	echo "Teampass is not configured yet. Open it in a web browser to run the install process."
+	echo "Use ${VOL}/sk for the absolute path of your saltkey."
+	echo "When setup is complete, restart this image to remove the install directory."
+fi
+
+# Pass off to the image's script
+exec /start.sh

up

@@ -0,0 +1,3 @@
+#!/bin/sh
+
+docker stack deploy -c docker-compose.yaml teampass