Docker images configuration
This section covers the configuration details that applies to both images.
If you want the default configuration you can go to verify the image authencity.
You can also modify the behaviour of Tuleap with environment variables.
TULEAP_FQDN: the Tuleap server name (without protocol).
TULEAP_SYS_DBHOST: database server name. See database installation for specific configuration.
DB_ADMIN_USER: admin user (
DB_ADMIN_PASSWORD: admin user password.
TULEAP_SYS_DBPASSWD: application user (typically
TULEAP_SYS_DBPORT: define this variable if your database runs on a port different of
TULEAP_SYS_ENABLESSL: can be either
0to disable or
1to enable encryption of traffic with database. Default is
TULEAP_SYS_DB_SSL_VERIFY_CERT: can be either
0to disable or
1to enable verification of database’s certificates. Default is
0. WARNING: perl code (used for subversion core and some maintenance scripts) cannot enforce this, those parts will do encryption without certificate verification.
TULEAP_SYS_DB_SSL_CA: path toward a custom CA file for certifacte verification.
TULEAP_SYS_EMAIL_ADMIN: email address where all the system emails will be redirected (since 13.8).
TULEAP_FPM_SESSION_MODE: you can set it to
redisso php sessions will be stored in a Redis K/V store. This also activate usage of redis for Tuleap (background events, etc).
TULEAP_REDIS_SERVER: needed if you set
TULEAP_REDIS_PORT: needed if redis is listening on port that is not
TULEAP_REDIS_PASSWORD: needed if redis requires a password.
TULEAP_REDIS_USE_TLS: set to 1 if you want to encrypt the connection to Redis.
TULEAP_EMAIL_TRANSPORT: email transport (sendmail by default). (since 13.12).
TULEAP_EMAIL_RELAYHOST: email relay host (none by default).
Please note that not all plugins can be used with this configuration setting (email_relay) and you might need to customize the image to fit your needs.
We recommend at least 20 chars but only alphabetical & numbers,
They are set at the first run only (not updated automatically).
Tuleap container generate a self signed certificate can only communicate in https. In order to have a valid certificate for your end users you either need to:
Delegate the certificate management to your ingress controller (Kubernetes)
Have a reverse proxy in front of the Tuleap container to deal with the certificate
I you don’t want to bother with a reverse proxy, you can modify the certificate generated by tuleap and set yours:
They key must be
The cert must be
If you need something more complex, use a reverse proxy.