Update docker-compose.yml

add optional SMTP env variables

README.md

@@ -48,6 +48,7 @@ docker compose up
 ### Password Management
 - [Vaultwarden](examples/vaultwarden) - Lightweight Bitwarden server API implementation written in Rust. Unlocks paid Bitwarden features such as 2FA.
 - [Bitwarden Unified](examples/bitwarden-unified) - Official Bitwarden deployment option (beta) targeting selfhosters by providing a resource-efficient, single Docker image with multiple database support.
+- [Passbolt CE](examples/passbolt) - Passbolt CE open source password manager for teams based on GPG.
 
 ### Reverse Proxies
 - [Traefik](examples/traefik) - Traefik is a modern HTTP reverse proxy and load balancer made to deploy microservices with ease. It supports several backends (Docker, Swarm, Mesos/Marathon, …) to manage its configuration automatically and dynamically.

examples/passbolt/README.md

@@ -0,0 +1,19 @@
+# References
+
+- https://help.passbolt.com/hosting/install/ce/docker.html
+
+# Notes
+
+Passbolt container runs as specific user with a UID and GUID of `33`.
+
+Therefore, ensure proper permissions on the Docker data bind mount volumes:
+
+````
+sudo chgrp 33 /mnt/docker-volumes/passbolt/gpg
+sudo chmod 770 /mnt/docker-volumes/passbolt/gpg
+
+sudo chgrp 33 /mnt/docker-volumes/passbolt/jwt
+sudo chmod 770 /mnt/docker-volumes/passbolt/jwt
+````
+
+After spawning up the container, you have to create your user account first. Please follow the referenced link above, which leads you to the official documentation and how-tos. It is also recommended to add SMTP into the mix to retrieve important emails.

examples/passbolt/docker-compose.yml

@@ -0,0 +1,45 @@
+version: '3.9'
+
+services:
+  db:
+    image: mariadb:10.3
+    container_name: passbolt-db
+    hostname: passbolt-db
+    restart: unless-stopped
+    environment:
+      MYSQL_RANDOM_ROOT_PASSWORD: "true"
+      MYSQL_DATABASE: "passbolt"
+      MYSQL_USER: "passbolt"
+      MYSQL_PASSWORD: "P4ssb0lt"
+    volumes:
+      - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/passbolt/mariadb:/var/lib/mysql
+
+  passbolt:
+    image: passbolt/passbolt:latest-ce # alternatively, you can use the rootless image passbolt/passbolt:latest-ce-non-root
+    container_name: passbolt
+    hostname: passbolt
+    restart: unless-stopped
+    depends_on:
+      - db
+    environment:
+      APP_FULL_BASE_URL: http://127.0.0.1:8543 # adjust http/https and add your hostname or domain
+      DATASOURCES_DEFAULT_HOST: "db"
+      DATASOURCES_DEFAULT_USERNAME: "passbolt"
+      DATASOURCES_DEFAULT_PASSWORD: "P4ssb0lt"
+      DATASOURCES_DEFAULT_DATABASE: "passbolt"
+      #EMAIL_DEFAULT_FROM_NAME: "Passbolt CE"
+      #EMAIL_DEFAULT_FROM: "passbolt@gmail.com"
+      #EMAIL_TRANSPORT_DEFAULT_HOST: smtp.gmail.com
+      #EMAIL_TRANSPORT_DEFAULT_PORT: 587
+      #EMAIL_TRANSPORT_DEFAULT_USERNAME: "smtp_user"
+      #EMAIL_TRANSPORT_DEFAULT_PASSWORD: "smtp_pass"
+      #EMAIL_TRANSPORT_DEFAULT_TLS: true # or false; default null
+    volumes:
+      - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/passbolt/gpg:/etc/passbolt/gpg
+      - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/passbolt/jwt:/etc/passbolt/jwt
+    command: ["/usr/bin/wait-for.sh", "-t", "0", "db:3306", "--", "/docker-entrypoint.sh"]
+    ports:
+      - 8543:80 # HTTP
+      - 8432:443 # HTTPS
+    # - 8543:8080 # alternative port mappings if rootless image is used
+    # - 8432:4433 # alternative port mappings if rootless image is used