Installation and Configuration of phpipam

Documentation

Linux

Setting up the phpipam Docker Container

On the docker server, create a new directory (in this example, /srv/docker/apps/phpipam) and create a docker-compose.yml file.

Also, generate a random password to be used with the mysql database. NOTE: Generate password from https://passwordsgenerator.net/ and de-select symbols/special chars

Copy this into the docker-compose.yml file (replace ipallthethings password with the one genrated from the step above):

version: '3'

services:
  mysql:
    image: mariadb:latest
    container_name: phpipam_mysql_1
    environment:
      - MYSQL_ROOT_PASSWORD=ipallthethings
    restart: unless-stopped
    volumes:
      - ./db_data:/var/lib/mysql

  ipam:
    depends_on:
      - mysql
    image: scrubs/phpipam-docker:latest
    environment:
      - MYSQL_ENV_MYSQL_USER=root
      - MYSQL_ENV_MYSQL_PASSWORD=ipallthethings
      - MYSQL_ENV_MYSQL_HOST=phpipam_mysql_1
    restart: unless-stopped
    ports:
      - "8000:80"

Create a DNS record for this: Record Name: ipam Record Type: CNAME Hostname: wt-docker01.weepytests.com

Once this record is created, go back to the docker machine and run this:

docker-compose up -d

Open a browser, and go to http://ipam.weepytests.com:8000 If you are greeted with the IPAM installation screen, everything is working, close the browser.

docker-compose down

Setting up Reverse Proxy

On the docker server, if an nginx reverse proxy docker is running, navigate to that directory, otherwise create it. Then, create the docker-compose file.

cd /srv/docker/apps
mkdir nginx
cd nginx
mkdir conf.d pki ipam
vim docker-compose.yml

Use this data for the docker-compose.yml file:

version: "3"

services:
  revproxy:
    image: nginx:latest
    container_name: nginx
    volumes:
      - ./conf.d:/etc/nginx/conf.d
      - ./pki:/etc/nginx/pki
    ports:
      - "443:443"
      - "80:80"
    dns:
      - 192.168.77.90
    restart: always

Now, navigate to the conf.d directory and add the ipam.conf file:

cd conf.d
vim ipam.conf


server {
        listen 80;
        server_name ipam.weepytests.com ipam;
        return 301 https://ipam.weepytests.com;
}

server {
        listen 443 ssl;
        ssl_certificate /etc/nginx/pki/ipam.weepytests.com.crt;
        ssl_certificate_key /etc/nginx/pki/ipam.weepytests.com.key;

        server_name ipam.weepytests.com;

        location / {
                proxy_pass http://192.168.77.100:8000;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-Host $host;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
        }
}

Save the above file. We will now add the TLS certificates. In this example, we have the certificate and keys in a zip file already on this machine.

cd pki
mv ~/ipam.weepytests.com.zip .
unzip ipam.weepytests.com
rm ipam.weepytests.com.zip
cd ..
docker-compose up -d

The reverse proxy should now be running. Go back to the ipam directory and bring that back online:

docker-compose up -d

Open a browser, and navigate to https://ipam.weepytests.com This should now send you to the phpipam setup screen. Run through the installation.

Go through the config options. When it gets to dataabse if you get the “connection refused”, click “advanced”, and select “drop database if it exists”. Fill out the admin password and you should be good to go.

Adding Client Machine to IPA Domain Installation and Configuration of phpipam