services: passbolt-db: profiles: ["apps","all","passbolt"] container_name: passbolt-db image: mariadb:12 restart: always environment: MYSQL_RANDOM_ROOT_PASSWORD: "true" MYSQL_DATABASE: "passbolt" MYSQL_USER: "passbolt" MYSQL_PASSWORD: "P4ssb0lt" volumes: - ${PROJECT_ROOT}/apps/passbolt/data/database:/var/lib/mysql networks: - passbolt healthcheck: test: ["CMD-SHELL", "mariadb-admin ping -h 127.0.0.1 -u\"$$MARIADB_USER\" -p\"$$MARIADB_PASSWORD\" --silent"] interval: 10s timeout: 5s retries: 12 start_period: 60s labels: - "io.portainer.accesscontrol.public" passbolt-webapp: image: passbolt/passbolt:latest-ce profiles: ["apps","all","passbolt"] container_name: passbolt-webapp #Alternatively you can use rootless: restart: always depends_on: - passbolt-db environment: APP_FULL_BASE_URL: https://passbolt.lan.ddnsgeek.com DATASOURCES_DEFAULT_HOST: "passbolt-db" DATASOURCES_DEFAULT_USERNAME: "passbolt" DATASOURCES_DEFAULT_PASSWORD: "P4ssb0lt" DATASOURCES_DEFAULT_DATABASE: "passbolt" PASSBOLT_GPG_SERVER_KEY_FINGERPRINT: "CBBB2B8F3E9FACA114537ACB8965B750F7363586" volumes: - ${PROJECT_ROOT}/apps/passbolt/data/gpg:/etc/passbolt/gpg - ${PROJECT_ROOT}/apps/passbolt/data/jwt:/etc/passbolt/jwt command: [ "/usr/bin/wait-for.sh", "-t", "0", "passbolt-db:3306", "--", "/docker-entrypoint.sh", ] networks: - traefik - passbolt labels: - "traefik.http.routers.passbolt.rule=Host(`passbolt.lan.ddnsgeek.com`)" - "traefik.enable=true" - "traefik.http.routers.passbolt.entrypoints=websecure" - "traefik.http.routers.passbolt.tls.certresolver=myresolver" - "io.portainer.accesscontrol.public" - "traefik.docker.network=core_traefik" healthcheck: test: ["CMD-SHELL", "curl -fsS http://localhost/healthcheck/status | grep -qx OK"] # su -s /bin/sh -c "/usr/share/php/passbolt/bin/cake passbolt healthcheck" www-data # | grep -q "No error found" interval: 30s timeout: 10s retries: 6 start_period: 120s networks: # traefik_reverse_proxy: # external: true # internal: # driver: bridge passbolt: