Dockerized GLPI
This docker container contains GLPI and is intended to be production ready and requires minimal configuration to use.
Info
TLDR The docker container is available on dockerhub. docker pull nofusscomputing/docker-glpi:dev
This container is designed to be ephemeral with all data residing within docker volumes. Outside of this container, the only reqirements is hard disk space and a MySQL/MariaDB database.
Features
To see a full list of changes/features see the changelog.
-
Data Volumes for (relative paths are for glpi www root,
/var/www/html
)-
config/
-
data/
-
files/
-
plugins/
-
marketplace/
-
/var/log/
-
-
Inventory endpoints only available with use of feature flag
-
Container health check reports for all services (apache, cron, supervisord)
-
GLPI cron script scheduled within container cron. See notes below.
-
GLPI WWW root setup under
public/
Cron
Cron is installed as part of the image and runs automagically on container start. GLPI cron script is also scheduled to run every minute. However for GLPI to use the CLI cron, you must configure it.
Once GLPI has been setup and configured:
-
navigate to
Setup -> Automatic Actions
-
select all items in the list
-
click the
Actions
button -
select
Update
-
select
Run Mode
-
select
CLI
-
click
Submit
Now GLPI will use the CLI cron script to run automagic actions.
Inventory
It is posssible to use the inventory features available within GLPI, however by default access to the endpoints is disabled and behind a feature flag.The image by default will return HTTP/404 for the following paths:
-
plugins/fusioninventory/
fusioninventory -
front/inventory.php
Native (non-GlpiInventory plugin) -
marketplace/glpiinventory/
GlpiInventory plugin (Marketplace installed) -
plugins/glpiinventory/
GlpiInventory plugin (plugin folder installed)
To enable an inventory endpoint, using the values above, set environmental variable GLPI_INVENTORY_PATH
when launching the container. i.e. to use GLPI native inventory GLPI_INVENTORY_PATH=front/inventory.php
. on launching the container with this variable set, that endpoint is available for use for the inventory feature of GLPI.
Tip
when using either marketplace/glpiinventory/
or plugins/glpiinventory/
as the inventory path you are required to prepend index.php
to the end of the server
directive in agent.cfg
. i.e. server = https://my-glpi-server/plugins/glpiinventory/index.php
Warning
It is strongly advised that when using the inventory features of GLPI, that the endpoints be configured for client authentication.
Client Authentication
Due to the limitations of the inventory agents, mTLS is not available so HTTP Basic Authentication is configurable. by default, when you set the environmental variable GLPI_INVENTORY_PATH
HTTP basic auth is enabled by default. To configure the users follow these steps:
-
run command from within the container
htpasswd -c /apache-passwd-glpi-inventory {Username to create}
-
enter the password and confirm when prompted
-
configure the
user
andpassword
entries in theagent.cfg
file.
Tip
Ensure you limit the permissions on the agent.cfg
file as it contains a password in clear text. Only the user the agent is run as requires access and you are encouraged to limit to that user only.
Warning
HTTP Basic authentication is inherently insecure. to overcome this shortfall, ONLY use HTTP Basic Auth over a secure connection (https).
Running the container
To quickly setup a container the following docker-compose.yaml
file could be used.
About:
This page forms part of our Project Docker GLPI.
Page Metadata
Version: ToDo: place files short git commit hereDate Created: 2023-08-29
Date Edited: 2023-08-29
Contribution:
Would You like to contribute to our Docker GLPI project? You can assist in the following ways:
- Edit This Page If there is a mistake or a way you can improve it.
- Add a Page to the Manual if you would like to add an item to our manual
- Raise an Issue if there is something about this page you would like to improve, and git is unfamiliar to you.
ToDo: Add the page list of contributors