github.com/tiredofit/docker-bookstack

About

This will build a Docker image for Bookstack - A Knowledge Base/Information Manager.

Automatically installs and sets up installation upon first start

Maintainer

Dave Conroy

About
Maintainer
Table of Contents
Prerequisites and Assumptions
Installation
- Build from Source
- Prebuilt Images
Configuration
Maintenance
- Shell Access
Support
License
References

Prerequisites and Assumptions

Assumes you are using some sort of SSL terminating reverse proxy such as:
- Traefik
- Nginx
- Caddy
Requires access to a MySQL/MariaDB Database server

Installation

Build from Source

Clone this repository and build the image with docker build -t (imagename) .

Prebuilt Images

Builds of the image are available on Docker Hub

docker pull docker.io/tiredofit/bookstack:(imagetag)

Builds of the image are also available on the Github Container Registry

docker pull ghcr.io/tiredofit/docker-bookstack:(imagetag)

The following image tags are available along with their tagged release based on what's written in the Changelog:

Container OS	Tag
Alpine	`:latest`

Configuration

Quick Start

The quickest way to get started is using docker-compose. See the examples folder for a working docker-compose.yml that can be modified for development or production use.
Set various environment variables to understand the capabilities of this image.
Map persistent storage for access to configuration and data files for backup.
Make networking ports available for public access if necessary

The first boot can take from 2 minutes - 5 minutes depending on your CPU to setup the proper schemas.

Persistent Storage

The following directories are used for configuration and can be mapped for persistent storage.

Directory	Description
`/www/logs`	Nginx and PHP Log files
`/www/bookstack`	(Optional) If you want to expose the bookstack sourcecode expose this volume
OR
`/data`	Hold onto your persistent sessions and cache between container restarts

Environment Variables

Base Images used

This image relies on an Alpine Linux or Debian Linux base image that relies on an init system for added capabilities. Outgoing SMTP capabilities are handlded via msmtp. Individual container performance monitoring is performed by zabbix-agent. Additional tools include: bash,curl,less,logrotate,nano.

Be sure to view the following repositories to understand all the customizable options:

Image	Description
OS Base	Customized Image based on Alpine Linux
Nginx	Nginx webserver
PHP-FPM	PHP Interpreter

Core Options

Parameter	Description	Default	`_FILE`
`ADMIN_NAME`	Full name of Administrator Account	`BookStack Admin`	x
`ADMIN_PASS`	Password of Administrator account	`password`	x
`ADMIN_EMAIL`	Email address of Administrator Account	`[email protected]`	x
`DB_HOST`	Host or container name of MariaDB Server e.g. `bookstack-db`		x
`DB_NAME`	MariaDB Database name e.g. `bookstack`		x
`DB_PASS`	MariaDB Password for above Database e.g. `password`		x
`DB_PORT`	MariaDB Port	`3306`	x
`DB_USER`	MariaDB Username for above Database e.g. `bookstack`		x
`ENABLE_OPTMIZE_IMAGES`	Enable automatic image optimizations using optipng and jpegoptim	`TRUE`
`OPTIMIZE_IMAGES_BEGIN`	When to start image optimization use military time HHMM	`0300`
`OPTIMIZE_IMAGES_INTERVAL`	How often to perform image optimization in minutes	`1440`
`LANGUAGE`	Language for Application	`en`
`SETUP_TYPE`	`AUTO` generate configuration. `MANUAL` don't do anything	`AUTO`
`SITE_URL`	The full URL that you are serving this application from	`null`
`TIMEZONE`	Timezone - Use Unix Style	`Etc/UTC`

https://www.bookstackapp.com/docs/admin/language-config

Bookstack Options

Parameter	Description	Default
`ALLOWED_IFRAME_HOSTS`	Allow serving Bookstack via an IFrame - Multiple can be used seperated by a line
`ALLOWED_IFRAME_SOURCES`	Allow IFrames from specific domains `*` for All	`https://.draw.io https://.youtube.com https://.youtube-nocookie.com https://.vimeo.com`
`ALLOWED_SSR_HOSTS`	Allowed Server Side Request List (Webhooks)	`*`
`ALLOW_CONTENT_SCRIPTS`	Allow javascript within content	`false`
`ALLOW_ROBOTS`	Allow robots to Index site	`false`
`API_DEFAULT_ITEM_COUNT`	API Default Return Items Count	`100`
`API_DEFAULT_MAX_ITEM_COUNT`	API Default Maximum Items Count	`500`
`API_REQUESTS_PER_MIN`	API Requests per minute limit	`180`
`AVATAR_URL`	Set URL for external Avatar fetching
`DEFAULT_DARK_MODE`	Use Dark mode by default	`false`
`DISABLE_EXTERNAL_SERVICES`	Disable every external service	`false`
`DRAWIO_HOST`	Full URL of DrawIO server if not wanting to use default
`ENABLE_DRAWIO`	Enable DrawIO Functionality	`false`
`FILE_UPLOAD_MAX_SIZE`	Max MB of files to upload into the system	`50`
`IP_ADDRESS_PRECISION`	Alter precision of IP Addresses stored by bookstack `0` to `4`	`4`
`LOG_FILE`	Log File	`bokstack.log`
`LOG_PATH`	Log Path	`/www/logs/bokstack`
`LOG_FAILED_LOGIN_MESSAGE`	Enable logging of fdailed email and password logins with given message	`false`
`LOG_FAILED_LOGIN_CHANNEL`	Default log channel uses php_error_log function	`errorlog_plain_webserver`
`LANGUAGE_AUTO_DETECT`	Detect Language via Browser	`false`
`PDF_EXPORT`	Use `internal` domPDF functions or `external` wkhtmltopdf tool	`internal`
`PDF_EXPORT_PAGE_SIZE`	When using wkhtmlpdf choose which size you want `a4` or `letter`	`A4`
`QUEUE_CONNECTION`	Queue Connection	`sync`
`RECYCLE_BIN_LIFETIME`	How Many days Recycle Bin should wait before auto deleting. `0` for no feature, `-1` for unlimited	`30`
`REVISION_LIMIT`	Default Revision Limit for pages	`100`
`THEME`	Drop themes in /data/themes and set value here	`false`
`VIEW_BOOKS`	View books in either `list` or `grid` format	`list`
`VIEW_SHELVES`	View shelves in either `list` or `grid` format	`grid`

Authentication Settings

Parameter	Description	Default
`AUTHENTICATION_TYPE`	`STANDARD`, `LDAP`, `OIDC`, `SAML`	`STANDARD`

LDAP Options

Parameter	Description	Default	`_FILE`
`ENABLE_LDAP_USER_SYNC`	Enable Scheduled Syncing of LDAP User list	`TRUE`
`LDAP_ATTRIBUTE_DISPLAY_NAME`	Display Name Attribute	`cn`
`LDAP_ATTRIBUTE_GROUP`	Group Attribute	`memberOf`
`LDAP_ATTRIBUTE_ID`	Unique Identifier Attribute	`uid`
`LDAP_ATTRIBUTE_MAIL`	Mail Attribute	`mail`
`LDAP_THUMBNAIL_ATTRIBUTE`	Thumb nail attribute
`LDAP_BASE_DN`	Base DN to search		x
`LDAP_BIND_PASS`	Bind password for authentication		x
`LDAP_BIND_USER`	Bind User for authentication		x
`LDAP_DUMP_USER_DETAILS`	Used for Debugging	`false`
`LDAP_FILTER_USER`	User Filter	`(&(${LDAP_ATTRIBUTE_ID}=\${user}))`
`LDAP_FILTER_SYNC`	Filter for syncing users from LDAP	`false`
`LDAP_FOLLOW_REFERRALS`	Follow LDAP Referrals	`true`
`LDAP_HOST`	LDAP Hostname		x
`LDAP_SYNC_BEGIN`	When to start syncing in military time HHMM	`+0` (immediate)
`LDAP_SYNC_EXCLUDE_EMAIL`	Comma seperated values of emails to ignore when syncing
`LDAP_SYNC_INTERVAL`	In minutes amount of time to reperform LDAP Sync	`60`
`LDAP_SYNC_RECURSIVE`	Recursively search through LDAP Groups	`true`
`LDAP_REMOVE_FROM_GROUPS`	Remove user from Groups	`false`
`LDAP_TLS_INSECURE`	Use TLS without verifying	`false`
`LDAP_USER_TO_GROUPS`	Add user to Groups	`false`
`LDAP_VERSION`	Version of LDAP	`3`

https://www.bookstackapp.com/docs/admin/ldap-auth

SAML Options

Parameter	Description	Default
`SAML_IDP_ENTITYID`	URL of SAML IDP entity
`SAML_IDP_SLO`	SAML Single Log off URL
`SAML_IDP_SSO`	SAML Single Sign on URL
`SAML_ATTRIBUTE_DISPLAY_NAME`	SAML Display Name attribute	`givenName sn`
`SAML_ATTRIBUTE_GROUP`	SAML Group attribute	`groups`
`SAML_ATTRIBUTE_MAIL`	SAML Mail attribute	`mail`
`SAML_ATTRIBUTE_EXTERNAL_ID`	SAML External ID attribute	`uid`
`SAML_AUTOLOAD_METADATA`	Auto Load Metadata from SAML IDP	`true`
`SAML_DUMP_USER_DETAILS`	Used for debugging	`false`
`SAML_NAME`	SAML Public Service Name	`SSO`
`SAML_REMOVE_FROM_GROUPS`	Remove user from Groups	`false`
`SAML_USER_TO_GROUPS`	Add user to Groups	`true`
`SAML2_IDP_AUTHNCONTEXT`	AuthN Context	`true`
`SAML_SP_X509`	SAML SP Public Certificate	``
`SAML_SP_X509_KEY`	SAML SP Private Key	``

https://www.bookstackapp.com/docs/admin/saml2-auth

OpenID Connect

Parameter	Description	Default	`_FILE`
`OIDC_NAME`	Name to appear on login screen	`SSO`
`OIDC_DISPLAY_NAME_CLAIMS`	Claims to use for users display name	`name`	x
`OIDC_CLIENT_ID`	OIDC Client ID		x
`OIDC_CLIENT_SECRET`	OIDC Client Secret		x
`OIDC_ISSUER`	Issuer URL must start with https://		x
`OIDC_ISSUER_DISCOVER`	Auto Discover endpoints from .well-known	`TRUE`
`OIDC_PUBLIC_KEY`	(if above false) File path to where Public Key of provicer is stored		x
`OIDC_AUTH_ENDPOINT`	(if above false) Full URL to Authorize Endpoint		x
`OIDC_TOKEN_ENDPOINT`	(if above false) FulL URL to Token Endpoint		x
`OIDC_ADDITIONAL_SCOPES`	OIDC Additional Scopes	`null`
`OIDC_USER_TO_GROUPS`	Add user to Groups	`false`
`OIDC_ATTRIBUTE_GROUP`	Groups Attribute passed from OIDC Server	`groups`
`OIDC_REMOVE_FROM_GROUPS`	Remove user from groups	`false`

External Login Services

Parameter	Description	Default	`_FILE`
`ENABLE_LOGIN_AZURE`	Enable Logging in from Azure	`false`
`AZURE_APP_ID`	Application ID		x
`AZURE_APP_SECRET`	Application Secret		x
`AZURE_AUTO_CONFIRM_EMAIL`	Auto confirm email address	`false`
`AZURE_AUTO_REGISTER`	Auto register username	`false`	x
`AZURE_TENANT`	Tenant ID
`ENABLE_LOGIN_DISCORD`	Enable Logging in from Discord	`false`
`DISCORD_APP_ID`	Application ID		x
`DISCORD_APP_SECRET`	Application Secret		x
`DISCORD_AUTO_CONFIRM_EMAIL`	Auto confirm email address	`false`
`DISCORD_AUTO_REGISTER`	Auto register username	`false`
`ENABLE_LOGIN_FACEBOOK`	Enable Logging in from Facebook	`false`
`FACEBOOK_APP_ID`	Application ID		x
`FACEBOOK_APP_SECRET`	Application Secret		x
`FACEBOOK_AUTO_CONFIRM_EMAIL`	Auto confirm email address	`false`
`FACEBOOK_AUTO_REGISTER`	Auto register username	`false`
`ENABLE_LOGIN_GITHUB`	Enable Logging in from Github	`false`
`GITHUB_APP_ID`	Application ID		x
`GITHUB_APP_SECRET`	Application Secret		x
`GITHUB_AUTO_CONFIRM_EMAIL`	Auto confirm email address	`false`
`GITHUB_AUTO_REGISTER`	Auto register username	`false`
`ENABLE_LOGIN_GITLAB`	Enable Logging in from Gitlab	`false`
`GITLAB_APP_ID`	Application ID		x
`GITLAB_APP_SECRET`	Application Secret		x
`GITLAB_AUTO_CONFIRM_EMAIL`	Auto confirm email address	`false`
`GITLAB_AUTO_REGISTER`	Auto register username	`false`
`GITLAB_BASE_URI`	Gitlab URI		x
`ENABLE_LOGIN_GOOGLE`	Enable Logging in from Google	`false`
`GOOGLE_APP_ID`	Application ID		x
`GOOGLE_APP_SECRET`	Application Secret		x
`GOOGLE_AUTO_CONFIRM_EMAIL`	Auto confirm email address	`false`
`GOOGLE_AUTO_REGISTER`	Auto register username	`false`
`GOOGLE_SELECT_ACCOUNT`	Select Google Account		x
`ENABLE_LOGIN_OKTA`	Enable Logging in from OKTA	`false`
`OKTA_APP_ID`	Application ID		x
`OKTA_APP_SECRET`	Application Secret		x
`OKTA_AUTO_CONFIRM_EMAIL`	Auto confirm email address	`false`
`OKTA_AUTO_REGISTER`	Auto register username	`false`
`OKTA_BASE_URL`	OKTA Base URI		x
`ENABLE_LOGIN_SLACK`	Enable Logging in from Slack	`false`
`SLACK_APP_ID`	Application ID		x
`SLACK_APP_SECRET`	Application Secret		x
`SLACK_AUTO_CONFIRM_EMAIL`	Auto confirm email address	`false`
`SLACK_AUTO_REGISTER`	Auto register username	`false`
`ENABLE_LOGIN_TWITCH`	Enable Logging in from Twitch	`false`
`TWITCH_APP_ID`	Application ID		x
`TWITCH_APP_SECRET`	Application Secret		x
`TWITCH_AUTO_CONFIRM_EMAIL`	Auto confirm email address	`false`
`TWITCH_AUTO_REGISTER`	Auto register username	`false`
`ENABLE_LOGIN_TWITTER`	Enable Logging in from Twitter	`false`
`TWITTER_APP_ID`	Application ID		x
`TWITTER_APP_SECRET`	Application Secret		x
`TWITTER_AUTO_CONFIRM_EMAIL`	Auto confirm email address	`false`
`TWITTER_AUTO_REGISTER`	Auto register username	`false`

- https://www.bookstackapp.com/docs/admin/social-auth

Cache and Session Settings

Parameter	Description	Default	`_FILE`
`CACHE_DRIVER`	Use what backend for cache `file` `database` `redis` `memcached`	`file`
`CACHE_PREFIX`	Cache Prefix	`bookstack`
`SESSION_COOKIE_NAME`	Cookie Name	`bookstack_session`
`SESSION_DRIVER`	Use what backend for sesssion management `file` `database` `redis` `memcached`	`FILE`
`SESSION_LIFETIME`	How long in minutes for Ssession	`120`
`SESSION_SECURE_COOKIE`	Deliver HTTPS cookie	`true`
`MEMCACHED_HOST`	Memcached Hostname		x
`MEMCACHED_PORT`	Memcached Port	`11211`
`MEMCACHED_WEIGHT`	Memcached Weight	`100`
`REDIS_DB`	Redis DB	`0`	x
`REDIS_PORT`	Redis Port	`6379`	x
`REDIS_HOST`	Redis Hostname		x

https://www.bookstackapp.com/docs/admin/cache-session-config

Mail Settings

Parameter	Description	Default	`_FILE`
`MAIL_FROM_NAME`	Display name to be sent from Bookstack	`BookStack`
`MAIL_FROM`	Email address to be sent from Bookstack	`[email protected]`
`MAIL_TYPE`	How to send mail - `SMTP`	`SMTP`
`SMTP_HOST`	Hostname of SMTP Server	`postfix-relay`	x
`SMTP_PASS`	SMTP Password	`null`	x
`SMTP_PORT`	SMTP Port	`25`	x
`SMTP_TLS`	Enable TLS for SMTP Connections	`FALSE`
`SMTP_USER`	SMTP Username	`null`	x

https://www.bookstackapp.com/docs/admin/email-config

Storage Settings

Parameter	Description	Default	`FILE`
`STORAGE_TYPE`	How to store files `local` `local_secure` `s3`	`local`
`STORAGE_ATTACHMENT_TYPE`	Attachment storage type	`local_secure`
`STORAGE_IMAGE_TYPE`	Image storage type	`local`
`STORAGE_S3_BUCKET`	S3 Bucket		x
`STORAGE_S3_KEY`	S3 Key		x
`STORAGE_S3_REGION`	S3 Region		x
`STORAGE_S3_SECRET`	S3 Key		x
`STORAGE_URL`	Set this if you are connecting to a compatible service like Minio/Wasabi		x

https://www.bookstackapp.com/docs/admin/upload-config

Networking

The following ports are exposed.

Port	Description
`80`	HTTP

Maintenance

Shell Access

For debugging and maintenance purposes you may want access the containers shell.

bash docker exec -it (whatever your container name is) bash

Support

These images were built to serve a specific need in a production environment and gradually have had more functionality added based on requests from the community.

Usage

The Discussions board is a great place for working with the community on tips and tricks of using this image.
Sponsor me for personalized support

Bugfixes

Please, submit a Bug Report if something isn't working as expected. I'll do my best to issue a fix in short order.

Feature Requests

Feel free to submit a feature request, however there is no guarantee that it will be added, or at what timeline.
Sponsor me regarding development of features.

Updates

Best effort to track upstream changes, More priority if I am actively using the image in a production environment.
Sponsor me for up to date releases.

License

MIT. See LICENSE for more details.

References

https://www.bookstackapp.com/docs

tiredofit/docker-bookstack

tiredofit

Reviews

Repository Details