An official Docker image is available to run 2FAuth in a single Docker container. These are the Docker CLI Setup instructions, a docker-compose.yml file is also available.
- Compatible with: amd64 , 386 , arm64 , arm/v6 and arm/v7
- Stores data in a Sqlite database file
- Runs without root as user with id
1000and group id
Several Docker tags are available to let you choose which version you want to run:
||The current state of the master branch.
Considered stable. May include some fixes/changes not yet officially released.
||The version at a corresponding GitHub release.
Considered stable, and frozen.
||The current state of the dev branch
May be unstable or even broken.
Simply append the tag name to the docker image name in your command or script, separated by a colon, to specify which tag to use. e.g
If no tag is specified, Docker will default to
Docker CLI Setup
We assume your current directory is
Create a directory on your host
If your host is not Windows
Since the container runs without root as user
1000:1000, you need to fix the ownership and permissions of that directory:
chown 1000:1000 2fauth chmod 700 2fauth
If you feel like using another ID, you can
build the image with build arguments.
Run the container interactively
docker run -it --rm -p 8000:8000/tcp \ -v /yourpath/2fauth:/2fauth 2fauth/2fauth -e AUTHENTICATION_GUARD=web-guard
Access it in your browser
You can stop it with
- You can also run it in the background by replacing
- You can set available environment variables (see the .env.example) with
-e, for example
Use an existing SQLite file
If you already have an SQLite file, move it to
/yourpath/2fauth/database.sqlite on your host before starting the container. Don't forget to fix its ownership and permissions if you run on *nix:
chown 1000:1000 /yourpath/2fauth/database.sqlite chmod 700 /yourpath/2fauth/database.sqlite
The container will automatically pick it up.
Build the image
You can build the image from the
master branch with
docker build -t 2fauth/2fauth https://github.com/Bubka/2FAuth.git
Build the image for a specific release
You can build a specific release by appending the release tag with
#<release-tag> to the command. For example:
docker build -t 2fauth/2fauth https://github.com/Bubka/2FAuth.git#v2.1.0
Build the image for a specific commit
You can build a specific commit (see master's commits) by appending the commit hash with
#<commit-hash> to the command. For example:
docker build -t 2fauth/2fauth https://github.com/Bubka/2FAuth.git#fba9e29bd4e3bb697296bb0bde60ae869537528b
Build the image with build arguments
Use the following build arguments to customize the image with
||1000||The UID of the user to run the container as|
||1000||The GID of the user to run the container as|
||The Debian version to use|
||The PHP version to use to get composer dependencies|
||The version of composer to use|
||The version of supervisord to use|
||The version of the image|
||The date of the image build time|
||The commit hash of the Git commit used|
||The SMTP hostname|
||2525||The corresponding SMTP port|
||The sender address|
||null||The SMTP username|
||null||The SMTP password|
... -e MAIL_HOST=smtp.example.com -e MAIL_PORT=587 -e MAIL_FROMfirstname.lastname@example.org -e MAIL_USERNAMEemail@example.com -e MAIL_PASSWORD=password1234
- The final Docker image is based on alpine:3.14 with minimal packages installed
- The container runs
supervisordto handle both an Nginx server and a PHP-FPM server together
/srvdirectory holds the repository data and PHP code.
/2fauthdirectory is targeted for the container end users.
- By default, the container logs the Nginx logs and the PHP-FPM logs. The application logs (if any) can be found in