diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 7b7d5d7..4c0ba74 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -7,7 +7,7 @@ variables: DOCKER_IMAGE_PUBLISH_NAME: 'docker-glpi' DOCKER_IMAGE_PUBLISH_REGISTRY: docker.io/nofusscomputing DOCKER_IMAGE_PUBLISH_URL: https://hub.docker.com/r/nofusscomputing/$DOCKER_IMAGE_PUBLISH_NAME - PAGES_ENVIRONMENT_PATH: projects/docker_glpi/ + PAGES_ENVIRONMENT_PATH: projects/glpi/ include: - project: nofusscomputing/projects/gitlab-ci diff --git a/.gitmodules b/.gitmodules index cc4d8a5..de6bfdd 100644 --- a/.gitmodules +++ b/.gitmodules @@ -2,3 +2,7 @@ path = gitlab-ci url = https://gitlab.com/nofusscomputing/projects/gitlab-ci.git branch = development +[submodule "website-template"] + path = website-template + url = https://gitlab.com/nofusscomputing/infrastructure/website-template.git + branch = development diff --git a/docs/articles/index.md b/docs/articles/index.md new file mode 100644 index 0000000..e69de29 diff --git a/docs/contact.md b/docs/contact.md new file mode 100644 index 0000000..e69de29 diff --git a/docs/index.md b/docs/index.md new file mode 100644 index 0000000..e69de29 diff --git a/docs/operations/index.md b/docs/operations/index.md new file mode 100644 index 0000000..e69de29 diff --git a/docs/projects/glpi/index.md b/docs/projects/glpi/index.md new file mode 100644 index 0000000..9de21c0 --- /dev/null +++ b/docs/projects/glpi/index.md @@ -0,0 +1,79 @@ +--- +title: Dockerized GLPI +description: How to use No Fuss Computings docker container GLPI. +date: 2023-08-29 +template: project.html +about: https://gitlab.com/nofusscomputing/projects/ansible/docker-glpi +--- + +This docker container contains GLPI and is intended to be production ready and requires minimal configuration to use. + +!!! info + **TLDR** The docker container is available on dockerhub. `docker pull nofusscomputing/docker-glpi:dev` + +This container is designed to be ephemeral with all data residing within docker volumes. Outside of this container, the only reqirements is hard disk space and a MySQL/MariaDB database. + + +## Features + +To see a full list of changes/features see the [changelog](https://gitlab.com/nofusscomputing/projects/docker-glpi/-/blob/development/CHANGELOG.md). + +- Data Volumes for _(relative paths are for glpi www root, `/var/www/html`)_ + + - `config/` + + - `data/` + + - `files/` + + - `plugins/` + + - `marketplace/` + + - `/var/log/` + +- Inventory endpoints only available with use of feature flag + +- Container health check reports for all services (apache, cron, supervisord) + +- GLPI cron script scheduled within container cron. _See notes below._ + +- GLPI WWW root setup under `public/` + + +## Inventory + +It is posssible to use the inventory features available within GLPI, however by default access to the endpoints is disabled and behind a feature flag.The image by default will return HTTP/404 for the following paths: + +- `plugins/fusioninventory/` fusioninventory + +- `front/inventory.php` Native (non-GlpiInventory plugin) + +- `marketplace/glpiinventory/` GlpiInventory plugin (Marketplace installed) + +- `plugins/glpiinventory/` GlpiInventory plugin (plugin folder installed) + +To enable an inventory endpoint, using the values above, set environmental variable `GLPI_INVENTORY_PATH` when launching the container. i.e. to use GLPI native inventory `GLPI_INVENTORY_PATH=front/inventory.php`. on launching the container with this variable set, that endpoint is available for use for the inventory feature of GLPI. + +!!! tip + when using either `marketplace/glpiinventory/` or `plugins/glpiinventory/` as the inventory path you are required to prepend `index.php` to the end of the `server` directive in `agent.cfg`. i.e. `server = https://my-glpi-server/plugins/glpiinventory/index.php` + +!!! warning + It is strongly advised that when using the inventory features of GLPI, that the endpoints be configured for client authentication. + + +### Clinet Authentication + +Due to the limitations of the inventory agents, mTLS is not available so HTTP Basic Authentication is configurable. by default, when you set the environmental variable `GLPI_INVENTORY_PATH` HTTP basic auth is enabled by default. To configure the users follow these steps: + +1. run command from within the container `htpasswd -c /apache-passwd-glpi-inventory {Username to create}` + +1. enter the password and confirm when prompted + +1. configure the `user` and `password` entries in the `agent.cfg` file. + +!!! tip + Ensure you limit the permissions on the `agent.cfg` file as it contains a password in clear text. Only the user the agent is run as requires access and you are encouraged to limit to that user only. + +!!! warning + HTTP Basic authentication is inherently insecure. to overcome this shortfall, ONLY use HTTP Basic Auth over a secure connection _(https)_. diff --git a/docs/projects/index.md b/docs/projects/index.md new file mode 100644 index 0000000..e69de29 diff --git a/docs/tags.md b/docs/tags.md new file mode 100644 index 0000000..e69de29 diff --git a/docs/task-doc-template.md b/docs/task-doc-template.md new file mode 100644 index 0000000..ade9fcd --- /dev/null +++ b/docs/task-doc-template.md @@ -0,0 +1,87 @@ + + +short summary of the task file + +## {Task Name} + +- **Name**: + +- **Description**: + +- **Module**: + +- **Arguments**: + + - + +- **Conditional**: + +- **Tags**: + + - + +## {Task Name} + +- **Name**: + +- **Description**: + +- **Module**: + +- **Arguments**: + + - + +- **Registers**: + +- **Conditional**: + +- **Tags**: + + - + + +## Variables + +The following variables can be customized in this task file: + +```yaml +variable_name: "default_value" +``` + +- `variable_name`: Description of the variable. + +## Tags + +The tasks in this task file are tagged with the following tags: + +- + +## Usage + +To use this Ansible task file, you can include it in your playbook or role and provide values for the required variables. Here's an example of how you can use this task file: + +1. Create a playbook (e.g., `your_playbook.yaml`) and define the necessary variables: + +```yaml +--- + +- hosts: your_hosts + vars: + variable_name: "value" + + tasks: + - include_tasks: path/to/task_file.yaml +``` + +2. Create a separate file for the task file (e.g., `task_file.yaml`) and copy the content of the task file into it. + +3. Run the playbook: + +```shell +ansible-playbook your_playbook.yaml +``` + +Make sure to replace the placeholder values (`variable_name`, `value`) with the appropriate values for your setup. + +Note: You may need to adjust the playbook structure and additional tasks based on your specific requirements and the tasks you want to execute. \ No newline at end of file diff --git a/mkdocs.yml b/mkdocs.yml new file mode 100644 index 0000000..318e4c2 --- /dev/null +++ b/mkdocs.yml @@ -0,0 +1,30 @@ +INHERIT: website-template/mkdocs.yml + +docs_dir: 'docs' + +repo_name: Docker GLPI +repo_url: https://gitlab.com/nofusscomputing/projects/docker-glpi +edit_uri: '/-/ide/project/nofusscomputing/projects/docker-glpi/edit/development/-/docs/' + +nav: +- Home: index.md + +- Articles: + + - articles/index.md + +- Projects: + + - projects/index.md + + - GLPI Docker: + + - projects/glpi/index.md + + +- Operations: + + - operations/index.md + +- Contact Us: contact.md + diff --git a/website-template b/website-template new file mode 160000 index 0000000..992b548 --- /dev/null +++ b/website-template @@ -0,0 +1 @@ +Subproject commit 992b54805b8b6c78a3d2a5ea7de71c7be2b070c8