/Lychee-Docker

Docker image for Lychee

Primary LanguageShell

Build Status Last Commit Lychee Version Docker Pulls (new) Docker Pulls (old)
Supports amd64 Architecture Supports arm64/aarch64 Architecture Supports armv7 Architecture

Notice: Dockerhub repository has been migrated to lycheeorg/lychee

Make sure you update your docker-compose files accordingly

Table of Contents

Image Content

This image features Lychee, nginx and PHP-FPM. The provided configuration (PHP, nginx...) follows Lychee's official recommendations.

The following tags are available :

  • latest: Latest Lychee release
  • v[NUMBER]: Stable version tag for a Lychee release
  • nightly (also dev): Current master branch tag (Lychee operates on a stable master, so this should usually be safe)
  • devtools: As above, but includes development dependencies
  • testing: Tag for testing new branches and pull requests. Designed for internal use by LycheeOrg
  • alpha: Current alpha branch tag (The alpha branch contains bleeding edge changes that are not peer-reviewed)
  • alpha-devtools: As above, but includes development dependencies

Setup

Quick Start

To use the built-in SQLite support, no external dependencies are required. At its simplest, docker run -p 80 lycheeorg/lychee:dev will start Lychee listening on a random port on the local host.

For more runtime options, look below in Run with Docker and Available environment variables and defaults.

Prerequisites

To use this image with MySQL, MariaDB or PostgreSQL you will need a suitable database running externally. This may be through a Docker image, possibly in your docker-compose.yml.

  1. Create the db, username, password.
  2. Edit the environment variables (db credentials, language...) by :
    • Supplying the environment variables via docker run / docker-compose or
    • Creating a .env file with the appropriate info and mount it to /conf/.env or
    • Use the Lychee installer by passing -e DB_CONNECTION= on the command line and connecting to the container with your browser

Run with Docker

Make sure that you link to the container running your database !!

The example below shows --net and --link for these purposes. --net connects to the name of the network your database is on and --link connects to the database container.

docker run -d \
--name=lychee \
-v /host_path/lychee/conf:/conf \
-v /host_path/lychee/uploads:/uploads \
-v /host_path/lychee/sym:/sym \
-e PUID=1000 \
-e PGID=1000 \
-e PHP_TZ=America/New_York \
-e TIMEZONE=America/New_York \
-e DB_CONNECTION=mysql \
-e DB_HOST=mariadb \
-e DB_PORT=3306 \
-e DB_DATABASE=lychee \
-e DB_USERNAME=user \
-e DB_PASSWORD=password \
-p 90:80 \
--net network_name \
--link db_name \
lycheeorg/lychee

Warning : if you use a MySQL database, make sure to use the mysql_native_password authentication plugin, either by using the --default-authentication-plugin option when starting mysql, or by running a query to enable the authentication plugin for the lychee user, e.g. :

alter user 'lychee' identified with mysql_native_password by '<your password>';

Run with Docker Compose

Change the environment variables in the provided example to reflect your database credentials.

Note that in order to avoid writing credentials directly into the file, you can create a db_secrets.env and use the env_file directive (see the docs).

Create admin account during first run

When ADMIN_USER and ADMIN_PASSWORD (or ADMIN_PASSWORD_FILE) are set an admin user will be created with those credentials during the first run. Otherwise Lychee will prompt in the browser when first loaded.

Docker secrets

As an alternative to passing sensitive information via environment variables, _FILE may be appended to some of the environment variables, causing the initialization script to load the values for those variables from files present in the container. In particular, this can be used to load passwords from Docker secrets stored in /run/secrets/<secret_name> files.

If both the original variable and the _FILE (e.g. both DB_PASSWORD and DB_PASSWORD_FILE) are set, the original variable will be used.

The following _FILE variables are supported:

  • DB_PASSWORD_FILE
  • REDIS_PASSWORD_FILE
  • MAIL_PASSWORD_FILE
  • ADMIN_PASSWORD_FILE

Available environment variables and defaults

If you do not provide environment variables or .env file, the example .env file will be used with some values already set by default.

Some variables are specific to Docker, and the default values are :

  • PUID=1000
  • PGID=1000
  • USER=lychee
  • PHP_TZ=UTC
  • STARTUP_DELAY=0

Additionally, if SKIP_PERMISSIONS_CHECKS is set to "yes", the entrypoint script will not check or set the permissions of files and directories on startup. Users are strongly advised against using this option, and efforts have been made to keep the checks as fast as possible. Nonetheless, it may be suitable for some advanced use cases.

Advanced configuration

Note that nginx will accept by default images up to 100MB (client_max_body_size 100M) and that PHP parameters are overridden according to the recommendations of the Lychee FAQ.

You may still want to further customize PHP configuration. The first method is to mount a custom php.ini to /etc/php/8.2/fpm/php.ini when starting the container. However, this method is kind of brutal as it will override all parameters. It will also need to be remapped whenever an image is released with a new version of PHP.

Instead, we recommend to use the PHP_VALUE directive of PHP-FPM to override specific parameters. To do so, you will need to mount a custom nginx.conf in your container :

  1. Take the default.conf file as a base
  2. Find the line starting by fastcgi_param PHP_VALUE [...]
  3. Add a new line and set your new parameter
  4. Add or change any other parameters (e.g. client_max_body_size)
  5. Mount your new file to /etc/nginx/nginx.conf

If you need to add (not change) nginx directives, files mounted in /etc/nginx/conf.d/ will be included in the http context.