No description

Shell 50.7%
Dockerfile 49.3%

Find a file

Moritz Poldrack 26da686d00 generate ipconfig at startup		2026-03-30 18:27:35 +02:00
Containerfile	generate ipconfig at startup	2026-03-30 18:27:35 +02:00
entrypoint.sh	generate ipconfig at startup	2026-03-30 18:27:35 +02:00
README.md	generate ipconfig at startup	2026-03-30 18:27:35 +02:00

README.md

InvoicePlane Container

Runs InvoicePlane v1.7.1 in an Apache/PHP container. ipconfig.php is generated at startup from environment variables.

Environment Variables

Required

Variable	Description
`IP_URL`	Base URL of the installation, no trailing slash (e.g. `https://invoices.example.com`)
`DB_HOSTNAME`	MySQL/MariaDB hostname
`DB_USERNAME`	Database user
`DB_PASSWORD`	Database password
`DB_DATABASE`	Database name
`ENCRYPTION_KEY`	256-bit encryption key used to encrypt session data and sensitive fields

Generating `ENCRYPTION_KEY`

Generate a secure random key before the first deployment and store it somewhere safe (e.g. a secret manager). Do not rotate it after setup — doing so invalidates all existing sessions and encrypted data.

openssl rand -base64 32

Optional

Variable	Default	Description
`DB_PORT`	`3306`	Database port
`REMOVE_INDEXPHP`	`false`	Remove `index.php` from URLs (requires `.htaccess` rewriting)
`DISABLE_SETUP`	`false`	Disable the web-based setup wizard after initial setup
`SETUP_COMPLETED`	`false`	Set to `true` after completing initial setup
`ENABLE_DEBUG`	`false`	Enable advanced debug logging
`CI_ENV`	`production`	CodeIgniter environment (`production` or `development`)
`SESS_EXPIRATION`	`864000`	Session lifetime in seconds (default: 10 days; `0` = expire on browser close)
`SESS_MATCH_IP`	`true`	Invalidate session if client IP changes
`SESS_REGENERATE_DESTROY`	`false`	Destroy old session on regeneration
`ENCRYPTION_CIPHER`	`AES-256`	Cipher used with `ENCRYPTION_KEY`
`LEGACY_CALCULATION`	`true`	Use legacy tax/discount calculation (pre-1.6.3 behaviour)
`ENABLE_INVOICE_DELETION`	`false`	Allow permanent deletion of invoices
`DISABLE_READ_ONLY`	`false`	Disable read-only mode for sent invoices
`X_FRAME_OPTIONS`	`SAMEORIGIN`	`X-Frame-Options` response header value
`ENABLE_X_CONTENT_TYPE_OPTIONS`	`true`	Send `X-Content-Type-Options: nosniff` header
`PASSWORD_RESET_IP_MAX_ATTEMPTS`	`5`	Max password reset attempts per IP per window
`PASSWORD_RESET_IP_WINDOW_MINUTES`	`60`	IP rate-limit window (minutes)
`PASSWORD_RESET_EMAIL_MAX_ATTEMPTS`	`3`	Max password reset attempts per email per window
`PASSWORD_RESET_EMAIL_WINDOW_HOURS`	`1`	Email rate-limit window (hours)
`SUMEX_SETTINGS`	`false`	Enable Swiss medical invoice (Sumex) support
`SUMEX_URL`	(empty)	URL to post Sumex XML for PDF generation

Quick Start

# Generate a secret key once and save it
ENCRYPTION_KEY=$(openssl rand -base64 32)

podman run -d \
  -e IP_URL=https://invoices.example.com \
  -e DB_HOSTNAME=db \
  -e DB_USERNAME=invoiceplane \
  -e DB_PASSWORD=secret \
  -e DB_DATABASE=invoiceplane \
  -e ENCRYPTION_KEY="$ENCRYPTION_KEY" \
  -p 8080:80 \
  invoiceplane