SnipeIT Installation and configuration of the tool

tela inicial de snipeit

In the previous post, we talked about the Snipe-IT asset inventory. In this post, we will perform the snipeit installation with HTTPS security protocol and access control.

Installation Steps:

Install the necessary utilities, docker, and git.

yum install -y yum-utils &&
yum-config-manager --add-repo &&
yum install -y docker-ce docker-ce-cli docker-buildx-plugin docker-compose-plugin &&
yum install -y git vim docker-compose

Also, install Docker Compose:

sudo curl -L "$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose && sudo chmod +x /usr/local/bin/docker-compose && docker-compose --version

Start the Docker service:

systemctl enable docker && systemctl start docker

Download the Snipe-IT repository:

git clone

Navigate to the snipe-it directory:

cd snipe-it/

Edit the .env.docker file. Make the following changes:

Change the timezone according to your region:


Change the APP_URL variable to use the HTTPS protocol and assign the URL according to your hostname or IP. Change the port to 8100; it will point to port 443 of the container:


In the SMTP settings, add your email information. For example:

*Pode ser que o gmail bloqueie esta conexão, será necessário pesquisar o procedimento para permitir. Neste exemplo está sendo usado provedor de e-mail privado.

In the database settings, change the DB_HOST variable accordingly:


In the proxy settings, comment out the APP_TRUSTED_PROXIES variable:


Save the .env.docker file.

Edit the Dockerfile.alpine file by adding the apache2-ssl package to the package installation:

mysql-client \
tini \

At the end of the Dockerfile.alpine file, add port 443 with the expose parameter:


Save the Dockerfile.alpine file.

Edit the docker-compose.yml file and expose port 443 to the snipeit container:

- "8000:80"
- "8100:443"

Also, change the mariadb to snipedb:

depends on:
- snipedb
- redis
image: mariadb:10.6.4-focal

In the snipeit service, in the volume information, change the line to:

- logs:/var/www/html/storage/logs

In the volumes at the end of the file, add the logs volume:

db: {}
logs: {}

Save the docker-compose.yml file.

Now, deploy the application by creating the containers. Stay in the snipe-it directory and run the command:

docker-compose up -d

Once the deployment finishes, run the docker ps command to verify the containers. You should see the containers:


The volume of the snipeit container is: /var/lib/docker/volumes/snipe-it_logs/_data/. Access this directory:

cd /var/lib/docker/volumes/snipe-it_logs/_data/

Here, you need an SSL certificate to use HTTPS. If you already have the SSL certificate, copy it to this directory. You can also generate the certificate as follows:

Generate a signing key:

openssl genrsa -out mycert.key 2048

Using this key, request the certificate with the command:

openssl req -new -key mycert.key -out mycert.csr

Here, you should fill in the requested information according to your details.

exemplo de comando openssl

Now, sign the csr file:

openssl x509 -req -days 365 -in mycert.csr -signkey mycert.key -out mycert.crt

Checking the files, you should have these three files in the directory.

[root@server _data]# ls
mycert.crt mycert.csr mycert.key

To import this certificate, access the snipeit container. Run the command:

docker exec -it -uroot snipeit /bin/sh

Now, you are inside the snipeit container.

/var/www/html # 

Inside the container, edit the /etc/apache2/conf.d/ssl.conf file:

vi /etc/apache2/conf.d/ssl.conf

In the VirtualHost code block, edit it as follows:

<VirtualHost _default_:443>
	DocumentRoot "/var/www/html/public"
<Directory "/var/www/html/public">
	AllowOverride All
	Require all granted
	Order deny,allow
	Deny from all
	Allow from 192.168.0
ErrorLog logs/ssl_error.log
TransferLog logs/ssl_access.log

In the Allow from 192.168.0 line, the IP refers to your IP address. Provide only the first three numbers of the IP xx.xx.xx. This configuration will make the application accessible only from your internal network.

Edit the SSL certificate parameters and point to the certificates in the volumes directory. The volume of this container is in the directory /var/www/html/storage/logs.

Listing the contents of this directory will show the certificates created in this volume.

/var/www/html # ls /var/www/html/storage/logs/
mycert.crt mycert.csr mycert.key

Still in the ssl.conf file, edit the SSLCertificateFile and SSLCertificateKeyFile parameters:

SSLCertificateFile /var/www/html/storage/logs/mycert.crt
SSLCertificateKeyFile /var/www/html/storage/logs/mycert.key

Save the ssl.conf file and use the ctrl + p + q keys to exit the container without stopping it.

Restart the container:

docker restart snipeit

Now, access the web application via HTTPS on the hostname or IP and port you defined.


You will access the Snipe-IT configuration screen.

tela de configuração de snipeit

In the Email option, click on Send Test to validate this functionality.

*If you are using Gmail, it may block this function, and you may need to research the process to allow it.

validação de email de snipeit

Check your email inbox.

confirmação de email de snipeit

Click on Create Database

tela de confirmação de criação de banco de dados para snipeit

Create User

Fill in the user, company, and other information.

Once saved, you will be in the application interface.

tela inicial de snipeit

The installation is complete. More posts continuing this tutorial will be created, covering customization of the tool, asset importation, and steps necessary to back up the database.

Link para documentação - Installation

Leave a Reply

Your email address will not be published. Required fields are marked *