|
|
@@ -84,6 +84,7 @@ The following environment variables are available:
|
|
|
- `NEO4J_KEEP_LOGICAL_LOGS`: the retention policy for logical logs, defaults to `100M size`
|
|
|
- `NEO4J_AUTH`: controls authentication, set to `none` to disable authentication or `neo4j/<password>` to override the default password (see documentation [here](http://neo4j.com/docs/stable/rest-api-security.html))
|
|
|
- `NEO4J_THIRDPARTY_JAXRS_CLASSES`: URI mappings for unmanaged extensions (see below)
|
|
|
+- `NEO4J_ALLOW_STORE_UPGRADE`: set to `true` to enable upgrades, defaults to `false` (see the [manual](http://neo4j.com/docs/stable/deployment-upgrading.html) for details)
|
|
|
|
|
|
#### Enterprise Edition
|
|
|
|
|
|
@@ -125,6 +126,17 @@ For more complex customization of the image you can create a new image based on
|
|
|
FROM neo4j
|
|
|
```
|
|
|
|
|
|
+If you need to make your own configuration changes, we provide a hook so you can do that in a script:
|
|
|
+
|
|
|
+ COPY extra_conf.sh /extra_conf.sh
|
|
|
+
|
|
|
+Then you can pass in the `EXTENSION_SCRIPT` environment variable at runtime to source the script:
|
|
|
+
|
|
|
+ docker run -e "EXTENSION_SCRIPT=/extra_conf.sh" cafe12345678
|
|
|
+
|
|
|
+When the extension script is sourced, the current working directory will be the root of the Neo4j installation.
|
|
|
+
|
|
|
+
|
|
|
## Neo4j HA
|
|
|
|
|
|
(This feature is only available in Neo4j Enterprise Edition.)
|
|
|
@@ -169,3 +181,21 @@ The Neo4j shell can be run locally within a container using a command like this:
|
|
|
```console
|
|
|
$ docker exec --interactive <container> bin/neo4j-shell
|
|
|
```
|
|
|
+
|
|
|
+## AppArmor
|
|
|
+
|
|
|
+Neo4j currently makes use of `lsof` to ensure the server is running and accepting connections on a given port. Some AppArmor configurations (specifically the default configuration on Linux Mint) prevent `lsof` from working as expected.
|
|
|
+
|
|
|
+A workaround is to run the docker image in privileged mode, by adding `--privileged=true` to the docker command line. This is a workaround that disables the security provided by AppArmor, and is not recommended for deployments.
|
|
|
+
|
|
|
+The current best known solution is to enable the use of ptrace in the docker profile of AppArmor. Do this by adding the following line to `/etc/init.d/docker`:
|
|
|
+
|
|
|
+ ptrace peer=docker-default,
|
|
|
+
|
|
|
+Add this line before the last curly brace, and restart docker.
|
|
|
+
|
|
|
+## HTTPS support
|
|
|
+
|
|
|
+To use your own key and certificate, provide an `/ssl` volume with the key and certificate inside. The key filename must end in `.key`, and the certificate in `.cert`. Only one of each file may be present. You must also publish port `7473` to access the HTTPS endpoint.
|
|
|
+
|
|
|
+ docker run --publish 7473:7473 --volume $HOME/neo4j/ssl:/ssl neo4j
|
Steven R. Baker