Hi,
I could be doing thing the hard way, but I have (or I believe I have) got Invoice ninja installed using docker. but I’m am getting a error on the login page
Error: please check that Invoice Ninja v5 is installed on the server
also the url is set to:
https://invoice.example.net/index.html/api/v1
don’t know if its a problem but setting it to https://invoice.example.net/api/v1
I still get the same error
current setup:
reverse proxy Traefik
web server caddy
database postgres
docker-compose file:
version: '3'
services:
traefik:
image: traefik:v2.2.8
container_name: traefik
# restart: unless-stopped
networks:
- external-network
- internal-network
ports:
- 80:80
- 443:443
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- /root/.containers/traefik/data/acme.json:/acme.json
- /root/.containers/traefik/data/logs:/var/log
command:
# Global
- "--global.checkNewVersion=true"
- "--global.sendAnonymousUsage=false"
# Loggin
- "--log.level=DEBUG"
- "--accesslog=true"
- "--accesslog.filepath=/var/log/access.log"
- "--accesslog.format=json"
- "--accesslog.fields.defaultmode=keep"
# api
- "--api=true"
- "--api.dashboard=true"
# Entry Points
# web
- "--entryPoints.web.address=:80"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--entrypoints.web.http.redirections.entrypoint.permanent=true"
- "--entryPoints.websecure.address=:443"
# Providers
- "--providers.docker=true"
- "--providers.docker.endpoint=unix:///var/run/docker.sock"
- "--providers.docker.exposedbydefault=false"
# Resolvers
- "--certificatesresolvers.resolver-lets-encrypt.acme.email=admin@example.net"
- "--certificatesresolvers.resolver-lets-encrypt.acme.storage=acme.json"
# - "--certificatesresolvers.resolver-lets-encrypt.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.resolver-lets-encrypt.acme.tlschallenge=true"
labels:
- "traefik.enable=true"
# Middlewares
- "traefik.http.middlewares.admin-auth.forwardauth.address=http://admin-auth:4181"
- "traefik.http.middlewares.admin-auth.forwardauth.authResponseHeaders=X-Forwarded-User"
- "traefik.http.middlewares.admin-auth.forwardauth.trustforwardheader=true"
# Routes to Dashboard
- "traefik.http.routers.traefik-secure.entrypoints=websecure"
- "traefik.http.routers.traefik-secure.rule=Host(`traefik.example.net`)"
- "traefik.http.routers.traefik-secure.middlewares=admin-auth"
- "traefik.http.routers.traefik-secure.tls=true"
- "traefik.http.routers.traefik-secure.tls.certresolver=resolver-lets-encrypt"
- "traefik.http.routers.traefik-secure.service=api@internal"
admin-auth:
container_name: admin-auth
image: thomseddon/traefik-forward-auth:2.2.0
# restart: unless-stopped
environment:
- DEFAULT_PROVIDER=generic-oauth
- PROVIDERS_GENERIC_OAUTH_AUTH_URL=https://auth.example.net/auth/realms/myrealm/protocol/openid-connect/auth
- PROVIDERS_GENERIC_OAUTH_TOKEN_URL=https://auth.example.net/auth/realms/myrealm/protocol/openid-connect/token
- PROVIDERS_GENERIC_OAUTH_USER_URL=https://auth.example.net/auth/realms/myrealm/protocol/openid-connect/userinfo
- LOGOUT_REDIRECT=https://auth.example.net/auth/realms/myrealm/protocol/openid-connect/logout?redirect_uri=https://example.net
- PROVIDERS_GENERIC_OAUTH_CLIENT_ID=traefik-auth
- PROVIDERS_GENERIC_OAUTH_CLIENT_SECRET=<secret>
- SECRET=<secret>
- LOG_LEVEL=debug
networks:
- internal-network
labels:
- "traefik.http.middlewares.admin-auth.forwardauth.address=http://admin-auth:4181"
- "traefik.http.middlewares.admin-auth.forwardauth.authResponseHeaders=X-Forwarded-User"
- "traefik.http.services.admin-auth.loadbalancer.server.port=4181"
invoiceninja-web:
image: "caddy:2.1.1-alpine"
container_name: invoiceninja-web
# restart: "unless-stopped"
networks:
- internal-network
volumes:
- "/root/.containers/caddy/config/caddy/Caddyfile:/etc/caddy/Caddyfile"
- "invoiceninja-public:/var/www/app/public"
- "invoiceninja-storage:/var/www/app/storage"
tty: true
labels:
- "traefik.enable=true"
- "traefik.http.routers.invoiceninja-web-secure.entrypoints=websecure"
# - "traefik.http.routers.invoiceninja-web-secure.middlewares=admin-auth"
- "traefik.http.routers.invoiceninja-web-secure.rule=Host(`invoice.example.net`)"
- "traefik.http.routers.invoiceninja-web-secure.tls=true"
- "traefik.http.routers.invoiceninja-web-secure.tls.certresolver=resolver-lets-encrypt"
- "traefik.http.routers.invoiceninja-web-secure.service=invoiceninja-web"
- "traefik.http.services.invoiceninja-web.loadbalancer.server.port=80"
- "traefik.docker.network=internal-network"
invoiceninja-app:
image: invoiceninja/invoiceninja:5.0.13
container_name: invoiceninja-app
# restart: unless-stopped
depends_on:
- invoiceninja-db
- invoiceninja-web
environment:
- "APP_ENV=production"
- "APP_DEBUG=0"
- "APP_URL=https://invoice.example.net"
- "APP_KEY=base64:xYmDmE2GOqsRoQ5GPCQeBdvogXchyFUA+53IbhL/dlU="
- "APP_CIPHER=AES-256-CBC"
- "APP_DEBUG=true"
- "MULTI_DB_ENABLED=false"
- "DB_TYPE=postgresql"
- "DB_STRICT=false"
- "DB_HOST=invoiceninja-db"
- "DB_DATABASE=ninja"
- "DB_USERNAME=postgres"
- "DB_PASSWORD=ninja"
expose:
- 9000
networks:
- internal-network
volumes:
- "/etc/localtime:/etc/localtime:ro"
- "invoiceninja-public:/var/www/app/public"
- "invoiceninja-storage:/var/www/app/storage"
invoiceninja-db:
image: postgres:12.3-alpine
container_name: invoiceninja-db
# restart: unless-stopped
environment:
- "POSTGRES_PASSWORD=ninja"
- "PGDATA=/var/lib/postgresql/data/pgdata"
networks:
- internal-network
volumes:
- /etc/localtime:/etc/localtime:ro
- /root/.containers/invoiceninja/data/database:/var/lib/postgresql/data
networks:
internal-network:
external-network:
external: true
volumes:
invoiceninja-public:
invoiceninja-storage:
and my Caddyfile
# The Caddyfile is an easy way to configure your Caddy web server.
#
# Unless the file starts with a global options block, the first
# uncommented line is always the address of your site.
#
# To use your own domain name (with automatic HTTPS), first make
# sure your domain's A/AAAA DNS records are properly pointed to
# this machine's public IP, then replace the line below with your
# domain name.
:80
root * /var/www/app/public
file_server browse
php_fastcgi invoiceninja-app:9000
encode zstd gzip