Bookstack, Docker & Tailscale

Written by Tamino on .

How to install bookstack in docker with docker compose and tailscale.

How to install Bookstack

The best and easiest way is to use Docker Compose. With Docker Compose, you have a file that you just run and the container is up and running. But how do I make it accessible to me over a VPN, e.g. with Tailscale, when I'm not at home?

I would like to briefly describe my setup based on Docker Compose, Tailscale and the Tailscale Side container. Familiarise yourself with the Tailscale and how to use the sidecar container. Here are some videos that I think explain it very well.

Setup

  1. Create new folder on your docker machine.

cd /home/xxxx/docker-files
mkdir bookstack 
cd bookstack

  1. Create docker compose file, open the editor nano to add/edit the code.

touch docker-compose.yaml
nano docker-compose.yaml

  1. Docker Compose Code 

services:
  ts-bookstack:
    image: tailscale/tailscale:latest
    hostname: bookstack
    environment:
      - TS_AUTHKEY=tskey-client-YOURAUTHCODE?ephemeral=false
      - TS_EXTRA_ARGS=--advertise-tags=tag:container --reset
      - TS_SERVE_CONFIG=/config/bookstack.json
      - TS_STATE_DIR=/var/lib/tailscale
      - TS_USERSPACE=false
    volumes:
      - ./config:/config
      - tailscale-data-bookstack:/var/lib/tailscale
      - /dev/net/tun:/dev/net/tun
    cap_add:
      - net_admin
      - sys_module
    restart: unless-stopped

  bookstack:
    image: solidnerd/bookstack:24.10.3
    depends_on:
    - mysql
    - ts-bookstack
    environment:
    - DB_HOST=127.0.0.1
    - DB_DATABASE=bookstack
    - DB_USERNAME=bookstack
    - DB_PASSWORD=your-bookstack-password
    - APP_KEY=base64:y14yIhAwgRLCzBWIlkmi+8iUNJezBpn+ZwdKnZodpGY=
    - APP_URL=https://yourdomain.tld

    volumes:
    - uploads:/var/www/bookstack/public/uploads
    - storage-uploads:/var/www/bookstack/storage/uploads
    network_mode: service:ts-bookstack  # Share network with ts-bookstack

  mysql:
    image: mysql:8.3
    environment:
    - MYSQL_ROOT_PASSWORD=your-root-password
    - MYSQL_DATABASE=bookstack
    - MYSQL_USER=bookstack
    - MYSQL_PASSWORD=your-bookstack-password
    volumes:
    - mysql-data:/var/lib/mysql
    depends_on:
      - ts-bookstack
    network_mode: service:ts-bookstack  # Share network with ts-bookstack    
    
volumes:
  tailscale-data-bookstack:
    driver: local
  mysql-data:
  uploads:
  storage-uploads:

  1. Tailscale configuration

{
    "TCP": {
      "443": {
        "HTTPS": true
      }
    },
    "Web": {
      "${TS_CERT_DOMAIN}:443": {
        "Handlers": {
          "/": {
            "Proxy": "http://127.0.0.1:8080"
          }
        }
      }
    },
    "AllowFunnel": {
      "${TS_CERT_DOMAIN}:443": false
    }
  }

Explanation

As you can see, we have 3 containers.

  • ts-bookstack (Tailscale sidecar container)

  • Bookstack (Application)

  • Mysql (Database)

Important Changes:

@ts-bookstack

  • Change "TS_AUTHKEY" and add your token

Create a subfolder called "config" and add a new file "bookstack.json". This file is needed get an SSL-Certificate and proxy the application.

See here how it works:

@Bookstack

  • change APP_KEY

  • change APP_URL and add here your Tailscale URL for this service. You get this in the Tailscale Management console.

  • add the proper right "DB_PASSWORD"

@mysql

  • change your mysql passwords "MYSQLROOTPASSWORD" and "MYSQL_PASSWORD". Don´t forget to add this changes also to the "Bookstack-Environment" variables.

Run the Application

If all this has been done, we can run the application.

docker-compose up -d

If all runs fine, alls 3 containers will be created. In your Tailscale Admin Console, you should see now your Tailscale sidecar container named "bookstack". here you can now pic the hostname and add this hostname to your bookstack container as environment variable "APP_URL". (I know, looks like the "hen egg problem"), but there is no other way. So you need to restart your container after you made the changes to the "APP_URL".

Restart the container can be done this way.

  1. Using the command "docker ps" to get all running services. Look for the container ID and kill the service with "docker kill <container-id>".

  2. Use docker "compose down" (this will shut down all containers)

  3. restart the container again with "docker-compose up -d"

docker ps 

CONTAINER ID   IMAGE                           COMMAND   CREATED      STATUS      PORTS                           NAMES
34ca4c1cddb7   solidnerd/bookstack:24.10.3   "/init"   6 days ago   Up 6 days   443/tcp, 0.0.0.0:6875->80/tcp   bookstack
docker kill 34ca4c1cddb7

or 

docker compose down
docker-compose up -d

Conclusion

Using Tailscale to connect to my home lab applications is quick and easy. It allows me to access my home environment without having to put the application on the wider internet. Bookstack itself is a good application to document my services and configurations.

Creative thinker, Curious lerner, Hard Worker

A Student with a keen interest in Artificial Intelligence and Information Technology. My goal is to excel as a student and develop into a highly skilled professional, seamlessly connecting academic knowledge with practical expertise through a dual-study program.

©