fix: update docker environment (#1438)

apps/documentation/pages/developers/local-development/signing-certificate.mdx

@@ -38,11 +38,17 @@ You will be prompted to enter some information, such as the certificate's Common
 Combine the private key and the self-signed certificate to create a `.p12` certificate. Use the following command:
 
 ```bash
-openssl pkcs12 -export -out certificate.p12 -inkey private.key -in certificate.crt
+openssl pkcs12 -export -out certificate.p12 -inkey private.key -in certificate.crt -legacy
 ```
 
 <Callout type="warning">
-  If you get the error "Error: Failed to get private key bags", add the `-legacy` flag to the command `openssl pkcs12 -export -out certificate.p12 -inkey private.key -in certificate.crt -legacy`.
+When running the application in Docker, you may encounter permission issues when attempting to sign documents using your certificate (.p12) file. This happens because the application runs as a non-root user inside the container and needs read access to the certificate.
+
+To resolve this, you'll need to update the certificate file permissions to allow the container user 1001, which runs NextJS, to read it:
+
+```bash
+sudo chown 1001 certificate.p12
+```
 
 </Callout>
 
@@ -54,8 +60,8 @@ Note that for local development, the password can be left empty.
 
 ### Add Certificate to the Project
 
-Finally, add the certificate to the project. Place the `certificate.p12` file in the `/apps/web/resources` directory. If the directory doesn't exist, create it.
+Use the `NEXT_PRIVATE_SIGNING_LOCAL_FILE_PATH` environment variable to point at the certificate you created.
 
-The final file path should be `/apps/web/resources/certificate.p12`.
+Details about environment variables associated with certificates can be found [here](/developers/self-hosting/signing-certificate#configure-documenso-to-use-the-certificate).
 
 </Steps>

apps/documentation/pages/developers/self-hosting/how-to.mdx

@@ -133,7 +133,7 @@ volumes:
 After updating the volume binding, save the `compose.yml` file and run the following command to start the containers:
 
 ```bash
-docker-compose --env-file ./.env -d up
+docker-compose --env-file ./.env up -d
 ```
 
 The command will start the PostgreSQL database and the Documenso application containers.

docker/production/compose.yml

@@ -61,6 +61,7 @@ services:
       - NEXT_PUBLIC_POSTHOG_KEY=${NEXT_PUBLIC_POSTHOG_KEY}
       - NEXT_PUBLIC_DISABLE_SIGNUP=${NEXT_PUBLIC_DISABLE_SIGNUP}
       - NEXT_PRIVATE_SIGNING_LOCAL_FILE_PATH=${NEXT_PRIVATE_SIGNING_LOCAL_FILE_PATH:-/opt/documenso/cert.p12}
+      - NEXT_PRIVATE_SIGNING_PASSPHRASE=${NEXT_PRIVATE_SIGNING_PASSPHRASE}
     ports:
       - ${PORT:-3000}:${PORT:-3000}
     volumes: