Add README.md

README.md

@@ -0,0 +1,110 @@
+
+# High Availability Passbolt CE Deployment with NGINX Reverse Proxy Architecture
+
+## System Architecture Overview
+
+This repository provides a containerized high-availability configuration for Passbolt CE implementation utilizing Docker orchestration. The architecture consists of dual Passbolt CE instances operating behind an NGINX reverse proxy with isolated database schemas within a shared DBMS.
+
+## Technical Prerequisites
+
+- Docker Engine (version 20.10.x or higher)
+- Docker Compose v2.x
+- Minimum 4GB RAM
+- x86_64/amd64 architecture support
+
+## Deployment Instructions
+
+### Initial Setup
+
+1. Clone the repository:
+```bash
+git clone <repository_url>
+cd <repository_name>
+```
+
+2. Initialize the deployment:
+```bash
+docker-compose -f docker-compose-ce.yaml up -d
+```
+
+### Service Endpoints
+
+Primary production endpoints are accessible at:
+- Instance 1: `https://passbolt.local/docker`
+- Instance 2: `https://passbolt.local:4443/k8s`
+
+**Technical Note:** URL paths (`/docker`, `/k8s`) are configurable endpoints that can be modified according to organizational requirements. Template extensibility allows for additional instance deployment by updating the following configuration files:
+- `.mysql/init.sql`: Database credentials and schema initialization
+- `.docker-compose-ce.yaml`: Container orchestration parameters
+- `.nginx/`: Proxy configuration files
+
+## Technical Configuration
+
+### NGINX Reverse Proxy Configuration
+
+The NGINX container implements a reverse proxy configuration with the following specifications:
+
+- Port Mapping:
+  - HTTP: 8080:80
+  - HTTPS: 4433:443
+- Configuration Path: 
+  - Primary: `./nginx/core.conf.d/proxy.conf`
+  - Global: `./nginx/nginx.conf`
+
+### Passbolt Instance Configuration
+
+Each Passbolt instance operates with isolated configurations and dedicated database schemas. Configuration is managed through environment variables:
+
+```yaml
+Environment Variables:
+  APP_FULL_BASE_URL: ${PROTOCOL}://${DOMAIN}:${PORT}/${PATH}
+  APP_BASE: /${PATH}
+  DATASOURCES_DEFAULT_HOST: ${DB_HOST}
+  DATASOURCES_DEFAULT_USERNAME: ${DB_USER}
+  DATASOURCES_DEFAULT_PASSWORD: ${DB_PASS}
+  DATASOURCES_DEFAULT_DATABASE: ${DB_NAME}
+```
+
+Container initialization implements health checks ensuring database availability before service startup.
+
+### Administrator Provisioning
+
+Administrator accounts must be provisioned for each Passbolt instance. Execute the following for each container:
+
+```bash
+docker-compose -f docker-compose-ce.yaml exec ${CONTAINER_NAME} su -m -c "/usr/share/php/passbolt/bin/cake \
+  passbolt register_user \
+  -u ${ADMIN_EMAIL} \
+  -f ${ADMIN_FIRSTNAME} \
+  -l ${ADMIN_LASTNAME} \
+  -r admin" -s /bin/sh www-data
+```
+
+Response: `https://passbolt.local:4443/${PATH}/setup/install/${USER_ID}/${TOKEN_ID}`
+
+### Persistent Storage Configuration
+
+The deployment utilizes Docker volumes for persistent data storage:
+
+```yaml
+Volumes:
+  database_volume: 
+    purpose: DBMS data persistence
+    
+  gpg_volume[1|2]:
+    purpose: GPG keyring storage
+    
+  jwt_volume[1|2]:
+    purpose: JWT authentication key storage
+    
+  init_sql:
+    purpose: Database initialization scripts
+    contents: Schema creation, user provisioning, privilege management
+```
+
+## Licensing Information
+
+This deployment configuration is distributed under Passbolt CE licensing terms. All intellectual property rights are reserved by Passbolt SA.
+
+Reference: [Passbolt CE License Agreement](https://www.passbolt.com/terms)
+