From 03864b4426833fd641b104dc9808a1436b205202 Mon Sep 17 00:00:00 2001 From: Robert Best Date: Wed, 11 Mar 2026 15:54:49 -0400 Subject: [PATCH 1/2] Suggesting changes to Federated Wiki recipe --- .env.sample | 31 ++++++++++++++++++------------- README.md | 25 ++++++++++++------------- compose.insecure.yml | 5 ++--- compose.yml | 4 ++-- config.initial.json.tmpl | 2 +- 5 files changed, 35 insertions(+), 32 deletions(-) diff --git a/.env.sample b/.env.sample index 80c5812..0d36fa9 100644 --- a/.env.sample +++ b/.env.sample @@ -3,27 +3,32 @@ TYPE=federatedwiki DOMAIN=federatedwiki.example.com ## Domain aliases #EXTRA_DOMAINS=', `www.federatedwiki.example.com`' + LETS_ENCRYPT_ENV=production COMPOSE_FILE="compose.yml" -# Change to an absolute path to use a bind-mount, e.g. /opt/fedwiki +## where the wiki data lives; change to an absolute path if you want a bind‑mount (e.g. /opt/fedwiki) FEDWIKI_VOLUME="fedwiki" -# custom wiki.cafe image, for working oauth2 support -#COMPOSE_FILE="$COMPOSE_FILE:compose.wikicafe.yml" +## Persist the lib volume / node_modules directory. If you're not using plugmatic, you can disable this option. +COMPOSE_FILE="$COMPOSE_FILE:compose.lib.yml" -# persistent lib volume / node_modules directory, e.g. for plugmatic -#COMPOSE_FILE="$COMPOSE_FILE:compose.lib.yml" - -# Note(3wc): If you change this after initial deployment, you will need to -# manually copy the new value from `conf/config.initial.json` +## Note(3wc): If you change this after initial deployment, you will need to +## manually copy the new value from `conf/config.initial.json` SECRET_COOKIE_SECRET_VERSION=v1 # length=30 -# Disable SSL encryption (not recommended) -#COMPOSE_FILE="$COMPOSE_FILE:compose.insecure.yml" - +## Specify wiki config filename. If running multiple farms on the same machine with unique configurations, each farm needs a unique filename. +## e.g. config-farm1.json, config-farm2.json, etc. +## If there exists a config file named "config.json", it will be used by all farms by default. CONFIG_FILE="config.json" -# Customize caddyfile -#CADDY=https://foo.bar.com https://*.foo.bar.com... +## If using Caddy: +## Customize your Caddyfile to determine what domains are accessible and will get TLS certificates. +## You are also able to enable access over HTTP by adding domains like: http://${DOMAIN}, http://*.${DOMAIN}, http://*.*.${DOMAIN} +CADDY=https://${DOMAIN}, https://*.${DOMAIN}, https://*.*.${DOMAIN}, https://*.*.*.${DOMAIN} + +## If using Traefik: +## By default traefik allows: https://${DOMAIN}, https://*.${DOMAIN}, https://*.*.${DOMAIN}, https://*.*.*.${DOMAIN} +## Uncomment the following line to also allow HTTP access +#COMPOSE_FILE="$COMPOSE_FILE:compose.insecure.yml" \ No newline at end of file diff --git a/README.md b/README.md index 30f8cef..f20addd 100644 --- a/README.md +++ b/README.md @@ -1,26 +1,25 @@ # Federated Wiki -Share pages circulating within a creative commons +Share pages circulating within a creative commons. + +See [Federated Wiki on GitHub](https://github.com/fedwiki/wiki) for more information. +* **Maintainer**: [@3wordchant](https://git.coopcloud.tech/3wordchant), [@Bortseb](https://git.coopcloud.tech/Bortseb), [@cgalo5758](https://git.coopcloud.tech/cgalo5758) +* **Status**: `stable` * **Category**: Apps -* **Status**: 0, work-in-progress -* **Image**: [`dobbs/farm`](https://hub.docker.com/r/dobbs/farm/), 4, upstream +* **Image**: [`wiki-cafe/fedwiki-oci-image`](https://git.coopcloud.tech/wiki-cafe/-/packages/container/fedwiki-oci-image/), 4, upstream * **Healthcheck**: No * **Backups**: No -* **Email**: No +* **Email**: N/A * **Tests**: No -* **SSO**: No +* **SSO**: ? (Keycloak) ## Basic usage -1. Set up Docker Swarm and [`abra`] -2. Deploy [`coop-cloud/traefik`] -3. `abra app new federatedwiki` -4. `abra app config YOURAPPDOMAIN` - be sure to change `DOMAIN` to something that resolves to +1. Set up [Docker Swarm](https://docs.coopcloud.tech/operators/tutorial/#server-configuration) and [`abra`](https://docs.coopcloud.tech/abra/) +2. `abra app new federatedwiki -S` - Copy the secret it generates, you will need it for your wiki config file. +3. `abra app config YOURAPPDOMAIN` - be sure to change `DOMAIN` to something that resolves to your Docker swarm box -5. `abra app deploy YOURAPPDOMAIN` - -[`abra`]: https://git.autonomic.zone/autonomic-cooperative/abra -[`coop-cloud/traefik`]: https://git.autonomic.zone/coop-cloud/traefik +4. `abra app deploy YOURAPPDOMAIN` diff --git a/compose.insecure.yml b/compose.insecure.yml index 7414cd2..459de1c 100644 --- a/compose.insecure.yml +++ b/compose.insecure.yml @@ -7,6 +7,5 @@ services: deploy: labels: - "traefik.http.services.${STACK_NAME}-non-tls.loadbalancer.server.port=3000" - - "traefik.http.routers.${STACK_NAME}-non-tls.rule=Host(`${DOMAIN}`) || HostRegexp(`{subdomain:\\w+}.${DOMAIN}`) || HostRegexp(`{subsubdomain:\\w+}.{subdomain:\\w+}.${DOMAIN}`)" - - "traefik.http.routers.${STACK_NAME}-non-tls.entrypoints=web" - - "caddy=https://${DOMAIN}, https://*.${DOMAIN}, https://*.*.${DOMAIN}, https://*.*.*.${DOMAIN}, http://${DOMAIN}, http://*.${DOMAIN}, http://*.*.${DOMAIN}, http://*.*.*.${DOMAIN}" + - "traefik.http.routers.${STACK_NAME}-non-tls.rule=Host(`${DOMAIN}`) || HostRegexp(`{subdomain:\\w+}.${DOMAIN}`) || HostRegexp(`{subsubdomain:\\w+}.{subdomain:\\w+}.${DOMAIN}`) || HostRegexp(`{subsubsubdomain:\\w+}.{subsubdomain:\\w+}.{subdomain:\\w+}.${DOMAIN}`)" + - "traefik.http.routers.${STACK_NAME}-non-tls.entrypoints=web" \ No newline at end of file diff --git a/compose.yml b/compose.yml index f0b7205..436a184 100644 --- a/compose.yml +++ b/compose.yml @@ -29,13 +29,13 @@ services: labels: - "traefik.enable=true" - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=3000" - - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`) || HostRegexp(`{subdomain:\\w+}.${DOMAIN}`)" + - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`) || HostRegexp(`{subdomain:\\w+}.${DOMAIN}`) || HostRegexp(`{subsubdomain:\\w+}.{subdomain:\\w+}.${DOMAIN}`) || HostRegexp(`{subsubsubdomain:\\w+}.{subsubdomain:\\w+}.{subdomain:\\w+}.${DOMAIN}`)" - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure" - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" - "traefik.http.routers.${STACK_NAME}.tls.domains[0].main=${DOMAIN}" - "traefik.http.routers.${STACK_NAME}.tls.domains[0].sans=*.${DOMAIN}" - "traefik.http.routers.${STACK_NAME}.priority=1" - - "caddy=${CADDY:-https://${DOMAIN}, https://*.${DOMAIN}, https://*.*.${DOMAIN}, https://*.*.*.${DOMAIN}}" + - "caddy=${CADDY}" - "caddy.reverse_proxy={{upstreams 3000}}" - "caddy.tls.on_demand=" - "backupbot.backup=true" diff --git a/config.initial.json.tmpl b/config.initial.json.tmpl index b9c46a6..a58805a 100644 --- a/config.initial.json.tmpl +++ b/config.initial.json.tmpl @@ -1,6 +1,6 @@ { "farm": true, "cookieSecret": "{{ secret "cookie_secret" }}", - "secure_cookie": true, + "security_useHttps": true, "security_type": "friends" } -- 2.49.0 From 50b68b02718de0d9f66b6263bfd41aea224b734a Mon Sep 17 00:00:00 2001 From: Robert Best Date: Fri, 13 Mar 2026 11:02:47 -0400 Subject: [PATCH 2/2] Update .env.sample --- .env.sample | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.env.sample b/.env.sample index 0d36fa9..87a2aa5 100644 --- a/.env.sample +++ b/.env.sample @@ -18,7 +18,7 @@ COMPOSE_FILE="$COMPOSE_FILE:compose.lib.yml" ## manually copy the new value from `conf/config.initial.json` SECRET_COOKIE_SECRET_VERSION=v1 # length=30 -## Specify wiki config filename. If running multiple farms on the same machine with unique configurations, each farm needs a unique filename. +## Specify wiki config filename. If running multiple farms on the same machine with unique configurations, each config needs a unique filename. ## e.g. config-farm1.json, config-farm2.json, etc. ## If there exists a config file named "config.json", it will be used by all farms by default. CONFIG_FILE="config.json" -- 2.49.0