Joerg Joerg - 1 month ago 14
MySQL Question

Run Teampass in docker with a running nginx proxy

@Moderators: can you please add the Tag teampass to the tag list?

I want to run Teampass as a docker container with a nginx as a proxy.

I'm not sure if the problem, that Teampass brings it own Apache and works against my nginx or, if I got something else completely wrong.

I enter this like this
enter image description here

The problem is, that it's not passing this page, because the connection to the mySQL port is not working.

When I try to install it, without a running nginx , everything works as expected. But when I'm using nginx, it's not running anymore

docker-compose file:

teampass:
container_name: teampass
image: teampass/teampass
ports:
- 127.0.0.1:8787:80
volumes:
- /opt/teampass:/teampass
links:
- teampass_mysql

teampass_mysql:
restart: always
image: mysql/mysql-server:5.5
ports:
- 127.0.0.1:13306:3306
environment:
- MYSQL_ROOT_PASSWORD=TEAMPASS_MYSQL_ROOT_PASSWORD
- MYSQL_DATABASE=TEAMPASS_MYSQL_DATABASE
- MYSQL_PASSWORD=TEAMPASS_MYSQL_PASSWORD
- MYSQL_USER=TEAMPASS_MYSQL_USER
volumes:
- /opt/dbteampass:/var/lib/mysql


nginx file:

upstream teampass {
server 127.0.0.1:8787;
}

upstream sqlteampass {
server 127.0.0.1:13306;
}

server {
listen 80;
server_tokens off;
server_name teampass.domain.tld;
return 301 https://$host$request_uri;
}

server {
listen 443 ssl;
server_tokens off;
server_name teampass.domain.tld;

ssl_certificate /path/fullchain.pem;
ssl_certificate_key /path/privkey.pem;

location / {
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://teampass;
}
}



server {
listen 80;
server_tokens off;
server_name sql.teampass.domain.tld;
return 301 https://$host$request_uri;
}

server {
listen 443 ssl;
server_tokens off;
server_name sql.teampass.domain.tld;

ssl_certificate /path/fullchain.pem;
ssl_certificate_key /path/privkey.pem;

location / {
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://sqlteampass;
}
}

Answer

First make sure you get networking between your containers properly working.

Let's start with a barebones compose file, note that I'm leaving out the volume directive for now:

# docker-compose.yml

version: '2'
services:
  teampass:
      image: teampass/teampass
      ports:
        - "80:80"
      links:
          - db
  db:
      image: mysql:latest
      ports:
          - "3306:3306"
      environment:
          - MYSQL_DATABASE=teampass
          - MYSQL_PASSWORD=pass
          - MYSQL_ROOT_PASSWORD=rootpass
          - MYSQL_USER=user

If you still have your old teampass container running, make sure you get rid of the old containers via docker-compose rm -v !

Now run, docker-compose up, once you see the db and teampass container are running, you can validate that the docker containers can see each other:

$ docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
263d801cdf85        teampass/teampass   "/bin/sh -c /start.sh"   14 minutes ago      Up 14 minutes       0.0.0.0:80->80/tcp       dockerteampass_teampass_1
fcb750fffd4f        mysql:latest        "docker-entrypoint.sh"   14 minutes ago      Up 14 minutes       0.0.0.0:3306->3306/tcp   dockerteampass_db_1

Note down the name of YOUR running teampass container.

$ docker exec -it dockerteampass_teampass_1 bash

Now you're inside the teampass container. To ping the db container, simply do

$ ping db

This should NOT timeout!

Now go to your browser and start the setup, make sure you enter db as the host!

This should remove your above error. Once you have this working, you can try to reverse proxy via nginx.

enter image description here

To learn more about docker networking see the documentation.