Hello,
I have a question about installing Passbolt CE under Docker.
Is a separate/exclusive database container required, and is it always set up during installation (docker-compose and .yaml)?
Alternatively, can it be linked to a database container already existing on the server (Docker) and run the Passbolt database there (with MariaDB)?
If so, are there any concerns (possible problems such as security, maintenance, etc.)?
And what about an external database server?
Entries can be made under: DATASOURCES_DEFAULT_HOST
How can this be implemented during installation and configuration?
https://www.passbolt.com/docs/hosting/install/ce/docker/
https://github.com/passbolt/passbolt_docker
Best regards
Andy
Hello @Andy555 and welcome to the forum!
It is not necessary to create a mariadb container specifically for Passbolt, you can edit the Passbolt environment variables to be able to connect your database (another server, another container …)
The only requirement is that the Passbolt container must be able to connect to the database, how to do it is your thing.
Following security concerns, I am not an expert in that matter, but I think it is better to separate the databases in defernetes containers to segment and prevent that in the case of intrusion, the lateral movement is difficult (because in case of accessing the database server, they would only see the database they have accessed, not the rest).
Surely someone else can give us a more exact recommendation about security, or maybe you can find it in some other post in the forum.
But it is not a requirement to put a mariadb container in the compose to use Passbolt
1 Like
