{"id":13587876,"url":"https://github.com/georchestra/docker","last_synced_at":"2025-12-17T09:05:28.166Z","repository":{"id":22496408,"uuid":"91020179","full_name":"georchestra/docker","owner":"georchestra","description":"Quick start geOrchestra with docker","archived":false,"fork":false,"pushed_at":"2025-10-15T14:19:06.000Z","size":416,"stargazers_count":22,"open_issues_count":18,"forks_count":25,"subscribers_count":20,"default_branch":"master","last_synced_at":"2025-10-16T11:11:40.977Z","etag":null,"topics":["composition","deployment","docker","georchestra"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/georchestra.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2017-05-11T20:22:47.000Z","updated_at":"2025-10-15T14:18:49.000Z","dependencies_parsed_at":"2023-12-08T11:23:55.427Z","dependency_job_id":"385c9ceb-5fd9-4553-8ce1-443791bac8b1","html_url":"https://github.com/georchestra/docker","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/georchestra/docker","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/georchestra%2Fdocker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/georchestra%2Fdocker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/georchestra%2Fdocker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/georchestra%2Fdocker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/georchestra","download_url":"https://codeload.github.com/georchestra/docker/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/georchestra%2Fdocker/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":27780890,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-17T02:00:08.291Z","response_time":55,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["composition","deployment","docker","georchestra"],"created_at":"2024-08-01T15:06:24.195Z","updated_at":"2025-12-17T09:05:28.159Z","avatar_url":"https://github.com/georchestra.png","language":"Shell","funding_links":[],"categories":["Shell"],"sub_categories":[],"readme":"# geOrchestra on Docker\n\n## Quick Start\n\n**1. Prerequisite**\n\n* RAM\n\nGrab a machine with a decent amount of RAM (16Gb is mandatory to run the full composition, more is better).\n\n* Install Docker\n\nAn up-to-date [docker](https://docs.docker.com/engine/installation/) engine is required.\n\nNote that docker-compose is not necessary anymore. \n\n**2. Download sources**\n\nClone this repo and its submodule using:\n```\ngit clone --recurse-submodules https://github.com/georchestra/docker.git\n```\n\nChoose which branch to run, eg for latest stable:\n```\ngit checkout 24.0 \u0026\u0026 git submodule update\n```\n\n**3. Run**\n\nThe default docker-compose file contains all geOrchestra modules.\n\nIt's recommended to double-check the `docker-compose.yml` and `docker-compose.override.yml` files if you need to comment useless modules (e.g extractor, mapstore,... ).\n\nYou need to use the new Compose plugin V2, `docker-compose` (V1) is not supported by default: [https://docs.docker.com/compose/install/linux/](https://docs.docker.com/compose/install/linux/).   \nIf you still want to use the old `docker-compose` (V1), you need to remove all the parameters `depends_on` from the files `docker-compose.yml` and `docker-compose.override.yml`.\n\nTo run:\n\n```\ncd docker\ndocker compose up -d\n```\n\n\nTo stop geOrchestra:\n```\ndocker compose down\n```\n\n**4. Play**\n\nOpen [https://georchestra-127-0-0-1.nip.io/](https://georchestra-127-0-0-1.nip.io/) in your browser. Then:\n\n* Accept the security warning.\n* Or solve the security warning by [following this step](#locally-trust-the-tls-certificate-for-georchestra).\n\nTo login, use these credentials:\n * `testuser` / `testuser`\n * `testadmin` / `testadmin`\n\nTo upload data into the GeoServer data volume (`geoserver_geodata`), use `rsync`:\n```\nrsync -arv -e 'ssh -p 2222' /path/to/geodata/ geoserver@georchestra-127-0-0-1.nip.io:/mnt/geoserver_geodata/\n```\n(password is: `geoserver`)\n\nFiles uploaded into this volume will also be available to the geoserver instance in `/mnt/geoserver_geodata/`.\n\nEmails sent by the SDI (eg when users request a new password) will not be relayed on the internet but trapped by a local SMTP service.  \nThese emails can be read on https://georchestra-127-0-0-1.nip.io/webmail/ (with login `smtp` and password `smtp`).\n\n\n## Locally trust the TLS certificate for geOrchestra\n\nNote: If you don't use the docker composition for geOrchestra for a few days, we recommend to \"untrust\" the certificate due to security because the certificate installed will work on all the domains.\n\n### On Linux\n\n1. Download Caddy binary: `wget \"https://caddyserver.com/api/download?os=linux\u0026arch=amd64\" -O caddy`\n2. Make it executable: `chmod +x caddy`\n3. Trust the certificate using this command: `./caddy trust`.\n4. Open [https://georchestra-127-0-0-1.nip.io/](https://georchestra-127-0-0-1.nip.io/) in your browser.  \n   If that doesn't work, try to restart your browser. ⚠ Make sure to be running a browser not installed through snap.\n\n### On Windows\n1. Download Caddy binary: https://caddyserver.com/download  \n   Click on Download button on the website.\n2. Open the Downloads folder using your file explorer and rename the file downloaded to `caddy`.\n3. Open the command prompt (cmd) and navigate to your Downloads folder.\n   `cd \"C:\\Users\\%USERNAME%\\Downloads\"`\n3. Trust the certificate using this command: `caddy trust`.\n4. Open [https://georchestra-127-0-0-1.nip.io/](https://georchestra-127-0-0-1.nip.io/) in your browser.  \n   If that doesn't work, try to restart your browser.\n\n## About the domain name\n\nThe current FQDN `georchestra-127-0-0-1.nip.io` resolves to 127.0.1.1, thanks to [traefik.me](https://traefik.me/) which provides wildcard DNS for any IP address.\n\nTo change it:\n\n1. Update the FQDN variable in [.envs-common](.envs-common) file (hint: grep for `georchestra-127-0-0-1.nip.io`)\n2. Two options for the TLS/SSL certificate:\n    * If your web server is exposed to the internet (most likely it is), remove `tls internal` line in the file `resources/caddy/etc/Caddyfile`.\n    * If it is not, put a valid TLS certificate and a private key in the `resources/ssl` folder and declare it in the file `resources/caddy/etc/Caddyfile`.\n3. Reload the docker composition: `docker compose up -d`.  \n   May need to restart Caddy later if you are just modifying the Caddyfile or some file resources: `docker compose restart caddy`.\n\n## Notes\n\nFind the Caddy web server documentation here: https://caddyserver.com/docs/caddyfile/directives.\n\nThese docker-compose files describe:\n * which images / webapps will run,\n * how they are linked together,\n * where the configuration and data volumes are\n\nThe `docker-compose.override.yml` file adds services to interact with your geOrchestra instance (they are not part of geOrchestra \"core\"):\n * reverse proxy / load balancer\n * ssh / rsync services,\n * smtp, webmail.\n\n**Feel free to comment out the apps you do not need**.\n\nThe base docker composition does not include any standalone geowebcache instance, nor the atlas module.\nIf you need them, you have to include the corresponding complementary docker-compose file at run-time:\n```\ndocker compose -f docker-compose.yml -f docker-compose.override.yml -f docker-compose.gwc.yml -f docker-compose.atlas.yml up\n```\n\n## Upgrading\n\nImages and configuration are updated regularly.\n\nTo upgrade, we recommend you to:\n * update the configuration with `git submodule update`\n * update the software with `docker compose pull`\n\n\n## Customising\n\nThis docker composition supports environment variables, if you need to customize something it might be in the different environment variables files.\n\nHere is the list of these files:\n- [.envs-common](.envs-common) \n- [.envs-database-datafeeder](.envs-database-datafeeder)\n- [.envs-database-georchestra](.envs-database-georchestra)\n- [.envs-hosts](.envs-hosts)\n- [.envs-ldap](.envs-ldap)\n\nIf you add variables, be careful because it might be added into the wrong/unwanted container.\n\nYou can also add environment variables directly into the docker-compose.yaml if needed.\n\nTo check which container is including which envs file you can look at the docker-compose* files and search for the .envs-* filename wanted.\n\nIf you don't find the value in it, there is still a lot to\nadjust the configuration in the `config` folder according to your needs.\nReading the [quick configuration guide](https://github.com/georchestra/datadir/blob/docker-master/README.md) might help !\n\nAlso in production environment don't forget to change the file into the [secret/](secrets/) folder as they are default password.\n\n\nMost changes will require a service restart, except maybe updating viewer contexts \u0026 addons (`F5` will do).\n\n### Kibana\n\nIn order to have Kibana up and running, you will need to:\n1. After Elasticsearch up and healthy, launch the command `docker compose exec -it elasticsearch bin/elasticsearch-reset-password -u kibana_system`. It will ask to fill a password for the `kibana_system` user.\n2. Uncomment and fill this password into the `.envs-elastic` file.\n3. Enable kibana server with `scale: 1` in `docker-compose.yml`.\n4. Start Kibana with `docker compose up -d kibana`.\n\n## Building\n\nImages used in the current composition are pulled from docker hub, which means they've been compiled by [github actions](https://github.com/georchestra/georchestra/actions).\nIn case you have to build these images by yourself, please refer to the [docker images build instructions](https://github.com/georchestra/georchestra/blob/master/docker/README.md).\n\n\n## Geofence\n\nIf you want to run the Geofence enabled GeoServer, make sure the correct docker image is being used in `docker-compose.yml`:\n\n```\nimage: georchestra/geoserver:22.0.x-geofence\n```\n(replace `22.0.x-geofence` by the appropriate version - use `latest-geofence` on master).\n\nAnd change the `JAVA_OPTIONS` in the geoserver `environment` properties to indicate where the Geofence databaser configuration .properties file is:\n\n```\n    environment:\n      - JAVA_OPTIONS=-Dgeofence-ovr=file:/etc/georchestra/geoserver/geofence/geofence-datasource-ovr.properties\n```\n\n\nThen, edit the file `config/geoserver/geofence/geofence-datasource-ovr.properties`, and change the line\n\n```\n#geofenceEntityManagerFactory.jpaPropertyMap[hibernate.hbm2ddl.auto]=validate\n```\nto \n```\ngeofenceEntityManagerFactory.jpaPropertyMap[hibernate.hbm2ddl.auto]=update\n```\n\n## Kibana\n\nThe optional `kibana` service is used for dashboarding purposes and is integrated to the GeoNetwork admin UI. See in the `Statistics \u0026 status / Content statistics` admin menu to access it.\n\nA specific configuration is provided in the `kibana/` subdirectory.\n\nPlease note that it will require to load by hand the following file from the kibana admin ui:\n\nhttps://raw.githubusercontent.com/georchestra/geonetwork/georchestra-gn4-4.0.6/es/es-dashboards/data/export.ndjson#\n\n\n\n## Elasticsearch\n\nIn the current state of the docker composition, no volume is defined, so do not expect persistence of the indexes.\n\nIf you are running low on disk space, Elastic has a mechanism to pass the index in a read-only mode. You can deactivate this feature by following this guide:\n\nhttps://techoverflow.net/2019/04/17/how-to-disable-elasticsearch-disk-quota-watermark/\n\n\n\n# Developers corner\n\n**1. build source on every changes**\n\nBeside georchestra/docker directory, you need to clone [georchestra/georchestra repo](https://github.com/georchestra/georchestra) first.\n\nNext, install maven to execute [main georchestra Makefile](https://github.com/georchestra/georchestra/blob/master/Makefile) on each modification (e.g console, security-proxy, whatever you change).\n\nFor example, if you change some security-proxy code, use :\n\n`make docker-build-proxy`\n\n... to execute easily this maven command :\n\nhttps://github.com/georchestra/georchestra/blob/3b703b9f59a1d9091b7699c6656385f931e1f11e/Makefile#L41-L42\n\n**2. Compose**\n\nIn /docker :\n\n`docker compose up -d`\n\nYou can now test modifications locally with the current FQDN (by default `georchestra-127-0-0-1.nip.io`).\n\n**3. Debug**\n\nOpen `docker/docker-compose.yml` and identify `proxy` section.\n\nChange `proxy` section to insert some JAVA options and ports `5005` to get :\n\n```\n  proxy:\n    image: georchestra/security-proxy:latest\n    depends_on:\n      - ldap\n      - database\n    volumes:\n      - georchestra_datadir:/etc/georchestra\n    environment:\n      - JAVA_OPTIONS=-Dorg.eclipse.jetty.annotations.AnnotationParser.LEVEL=OFF -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=0.0.0.0:5005\n      - XMS=256M\n      - XMX=1G\n    restart: always\n    ports:\n      - \"5005:5005\"\n```\n\nApply Docker changes :\n\n`docker compose up -d`\n\nYou can now attach IDE to debug the code tep by step on port `5005`.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgeorchestra%2Fdocker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgeorchestra%2Fdocker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgeorchestra%2Fdocker/lists"}