Skip to main content

GLPI docker SSL + LDAP

1. INSTALLATION DOCKER & DOCKER-COMPOSE

# Mise à jour système
sudo apt update && sudo apt upgrade -y

# Installation Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh

# Installation Docker Compose
sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose

# Services + utilisateur
sudo systemctl enable --now docker
sudo usermod -aG docker $USER

# Vérification
docker --version
docker compose version

2. INSTALLATION MKCERT (SUR L'HÔTE)

# Dépendances
sudo apt install libnss3-tools wget -y

# Téléchargement mkcert
wget https://github.com/FiloSottile/mkcert/releases/latest/download/mkcert-v1.4.4-linux-amd64
sudo mv mkcert-v1.4.4-linux-amd64 /usr/local/bin/mkcert
sudo chmod +x /usr/local/bin/mkcert

# Installation CA locale
sudo mkcert -install

# Vérification
mkcert -version

3. CRÉATION DOSSIER & CERTIFICATS MKCERT

# Dossier GLPI
sudo mkdir -p /var/www/support.eyrode.lan
cd /var/www/support.eyrode.lan

# Génération certificats mkcert
mkcert support.eyrode.lan 172.16.82.2 localhost 127.0.0.1 ::1

# Vérification certificats
ls -la support.eyrode.lan*.pem
chmod 600 support.eyrode.lan*.pem

Fichiers créés :

support.eyrode.lan.pem      ← Certificat public

support.eyrode.lan-key.pem  ← Clé privée

5. CRÉATION DOCKER-COMPOSE.YML

cat > docker-compose.yml << 'EOF'
services:
  mariadb:
    image: mariadb
    container_name: mariadb
    hostname: mariadb
    volumes:
      - /var/lib/mysql:/var/lib/mysql
    env_file:
      - ./mariadb.env
    restart: always
    
  glpi:
    image: diouxx/glpi
    container_name: glpi
    hostname: glpi
    volumes:
      - /var/www/html/glpi/:/var/www/html/glpi
    environment:
      - TIMEZONE=Europe/Paris
    restart: always
  caddy:
    image: caddy:alpine
    container_name: caddy
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile
      - ./support.eyrode.lan.pem:/etc/caddy/certs/support.eyrode.lan.pem:ro
      - ./support.eyrode.lan-key.pem:/etc/caddy/certs/support.eyrode.lan-key.pem:ro
      - caddy_data:/data
      - caddy_config:/config
    depends_on:
      - glpi
    restart: always

volumes:
  caddy_data:
  caddy_config:
EOF

 

6. CRÉATION MARIADB.ENV

cat > mariadb.env << 'EOF'
MYSQL_ROOT_PASSWORD=SuperRoot2026!
MYSQL_DATABASE=glpidb
MYSQL_USER=glpi
MYSQL_PASSWORD=GlpiSupport2026!
EOF
chmod 600 mariadb.env

 

7. CRÉATION CADDYFILE

cat > Caddyfile << 'EOF'
support.eyrode.lan {
    tls /etc/caddy/certs/support.eyrode.lan.pem /etc/caddy/certs/support.eyrode.lan-key.pem
    reverse_proxy glpi:80 {
        header_up Host {upstream_hostport}
        header_up X-Real-IP {remote_host}
        header_up X-Forwarded-Proto https
        header_up X-Forwarded-For {remote_host}
    }
}
EOF

 

8. PRÉPARATION VOLUMES PERSISTANTS

sudo mkdir -p /var/www/html/glpi /var/lib/mysql
sudo chown -R 33:33 /var/www/html/glpi/
sudo chmod -R 755 /var/www/html/glpi/

 

9. DÉPLOIEMENT (Lancement)

cd /var/www/support.eyrode.lan/

# Lancement
docker compose up -d

# Attente initialisation
sleep 30

 

# Vérification
docker compose ps
docker compose logs caddy

 

Logs attendus :

caddy    | serving initial configuration

mariadb  | 2026-03-05 21:30:00 0 [Note] /usr/sbin/mariadbd: ready for connections

glpi     | Apache/2.4.x (Debian) Server started

 

10. CONFIGURATION INITIALE GLPI

Ouvrir : https://support.eyrode.lan

Assistant installation :Langue : Français

Base de données : 

  • Hôte : mariadb 
  • Utilisateur : root 
  • Mot de passe : SuperRoot2026! 
  • Base : glpidb

Continuer → Login : glpi/glpi 

11. VÉRIFICATIONS FINALES

# Statut services
docker compose ps  → 3/3 Up

# Test HTTPS mkcert (cadenas vert)
curl -k https://support.eyrode.lan  → HTML GLPI

# Test backend interne
docker exec caddy curl http://glpi:80  → Page login

# Base glpidb
docker exec mariadb mysql -u root -pSuperRoot2026! -e "SHOW TABLES FROM glpidb;" | wc -l  → 442

# Certificats mkcert
docker exec caddy ls -la /etc/caddy/certs/  → support.eyrode.lan.pem

12. SAUVEGARDE IMMÉDIATE

cd /var/www/support.eyrode.lan/

# Base + fichiers + mkcert
docker exec mariadb mysqldump -u root -pSuperRoot2026! glpidb > glpi-$(date +%Y%m%d).sql
tar czf glpi-complete-$(date +%Y%m%d).tar.gz docker-compose.yml mariadb.env Caddyfile support.eyrode.lan*.pem -C /var/www/html/glpi .
ls -lh glpi-*.sql glpi-complete-*.tar.gz

COMMANDES UTILITAIRES

# Redémarrage rapide
docker compose restart caddy

# Mise à jour
docker compose pull && docker compose up -d

# Logs temps réel
docker compose logs -f

# Nettoyage
docker compose down && docker system prune -f
Back to top