Docker CLI
An official Docker image is available to run 2FAuth in a single Docker container. These are the Docker CLI Setup instructions, a docker-compose.yml file is also available.
Features
- Compatible with: amd64 , 386 , arm64 , arm/v6 and arm/v7
- Stores data in a Sqlite database file
- Runs without root as user with id
1000and group id1000
Tags
Several Docker tags are available to let you choose which version you want to run.
Simply append the tag name to the docker image name in your command or script, separated by a colon, to specify which tag to use. e.g 2fauth/2fauth:3.0.2, or 2fauth/2fauth:dev.
If no tag is specified, Docker will default to latest.
Docker CLI Setup
We assume your current directory is /yourpath.
-
Create a directory on your host
mkdir 2fauthIf your host is not Windows
Since the container runs without root as user
1000:1000, you need to fix the ownership and permissions of that directory:chown 1000:1000 2fauth chmod 700 2fauthIf you feel like using another ID, you can
build the image with build arguments . -
Run the container interactively
docker run -it --rm -p 8000:8000/tcp \ -v /yourpath/2fauth:/2fauth -e APP_KEY=SomeRandomStringOf32CharsExactly \ 2fauth/2fauthMandatory env var
The
APP_KEYenvironment variable must be set with a personal unique value. You can generate a brand new one using Laravel Encryption Key Generator. Alternatively, you can use the2fauthcontainer to generate a key locally:docker run -it --rm --entrypoint /usr/bin/php 2fauth/2fauth artisan key:generate --showIf you need to rotate the key, use the
APP_PREVIOUS_KEYSenvironment variable to list previous keys and avoid decryption issues or invalid access tokens. -
Access it in your browser
You can stop it with CTRL+C.
- You can also run it in the background by replacing
-it --rmwith-d. - You can set available environment variables with
-e, for example-e APP_NAME=2FAuth.
See Configuration to learn about all the environment variables that can be set.
Use an existing SQLite file
If you already have an SQLite file, move it to /yourpath/2fauth/database.sqlite on your host before starting the container. Don't forget to fix its ownership and permissions if you run on *nix:
chown 1000:1000 /yourpath/2fauth/database.sqlite
chmod 700 /yourpath/2fauth/database.sqlite
The container will automatically pick it up.
Build the image
You can build the image from the master branch with docker and git using:
docker build -t 2fauth/2fauth https://github.com/Bubka/2FAuth.git
Build the image for a specific release
You can build a specific release by appending the release tag with #<release-tag> to the command. For example:
docker build -t 2fauth/2fauth https://github.com/Bubka/2FAuth.git#v2.1.0
Build the image for a specific commit
You can build a specific commit (see master's commits) by appending the commit hash with #<commit-hash> to the command. For example:
docker build -t 2fauth/2fauth https://github.com/Bubka/2FAuth.git#fba9e29bd4e3bb697296bb0bde60ae869537528b
Build the image with build arguments
Use the following build arguments to customize the image with --build-arg key=value:
Mail settings
Example:
...
-e MAIL_HOST=smtp.example.com
-e MAIL_PORT=587
-e MAIL_FROM_ADDRESS=2fauth@example.com
-e MAIL_FROM_NAME=2fauth
-e MAIL_USERNAME=2fauth@example.com
-e MAIL_PASSWORD=password1234
Implementation details
- The final Docker image is based on alpine:3.14 with minimal packages installed
- The container runs
supervisordto handle both an Nginx server and a PHP-FPM server together - The
/srvdirectory holds the repository data and PHP code. - The
/2fauthdirectory is targeted for the container end users. - By default, the container logs the Nginx logs and the PHP-FPM logs. The application logs (if any) can be found in
/2fauth/storage/logs.