Passbolt expects certificates to be located in /etc/ssl/certs/certificate.crt and /etc/ssl/certs/certificate.key as you mentioned. On the very same doc you linked we also mention that you can leverage on bind mounts to mount this files on your container. There are no env variables for the nginx SSL certificates at the moment:
Persisting data in passbolt container
There are several locations that might be interesting for the users to persist data between container restarts:
- Images directory: /var/www/passbolt/webroot/img
- Gnupg serverkeys directory: /var/www/passbolt/config/gpg
- SSL certificate files: /etc/ssl/certs/certificate.crt /etc/ssl/certs/certificate.key
This files and directories can be persisted in the docker volume using docker volumes or using bind mounts
You can mount your SSL certificates on that location, the container will start, detect those files and won’t generate any SSL certificate.
We provide links on the docs to the docker official bind mounts and docker volumes for you to set them up. You could also set this up easily with docker compose, something like this (snippet of docker-compose.yml file):
We also provide examples on how to do bind mounts directly with docker, however you are right, none of those refer to the SSL certificates but to the images and gpg data directory. You could however take these examples and adapt to mount your SSL certs using docker without docker-compose involved.
$ docker run --name passbolt --net passbolt_network \
-p 443:443 \
-p 80:80 \
-e DATASOURCES_DEFAULT_HOST=mariadb \
-e DATASOURCES_DEFAULT_PASSWORD=<mariadb_password> \
-e DATASOURCES_DEFAULT_USERNAME=<mariadb_user> \
-e DATASOURCES_DEFAULT_DATABASE=<mariadb_database> \
-e APP_FULL_BASE_URL=https://mydomain.com \
Hope this helps.