forked from coop-cloud/mediawiki
Luke Murphy 7da9a97788 | ||
---|---|---|
.drone.yml | ||
.envrc.sample | ||
.gitignore | ||
LICENSE | ||
LocalSettings.php.tmpl | ||
README.md | ||
compose.openid.yml | ||
compose.simplesaml.yml | ||
compose.yml | ||
composer.local.json.tmpl | ||
entrypoint.sh.tmpl | ||
entrypoint.simplesaml.sh.tmpl | ||
htaccess.tmpl | ||
renovate.json |
README.md
Mediawiki
Mediawiki version 1.32.1
Requires Docker version 1.11.2 or above to run.
Based on mediawiki-ve-bundle
.
- Set up Docker Swarm and
abra
- Deploy
compose-stacks/traefik
cp .envrc.sample .envrc
- Edit
.envrc
- be sure to change$DOMAIN
to something that resolves to your Docker swarm box direnv allow
(or. .envrc
)- Generate secrets:
abra secret_generate db_password v1 abra secret_generate db_root_password v1 abra secret_generate mediawiki_secret_key v1 "pwgen -n 64 1"
abra deploy
- Create an initial admin user:
abra run app php /var/www/html/maintenance/createAndPromote.php YourUsername YourPassword
SimpleSAMLphp
This app includes optional SAML Single Sign On using
SimpleSAMLphp and Mediawiki's
Extension:SimpleSAMLphp, based on the
venatorfox/simplesamlphp
image.
NOTE: currently, if you enable SAML then it'll disable Mediawiki's own user account system. Patches to make this configurable are welcome!
- Edit
.envrc
and uncomment lines in theSAML
section (includingCOMPOSE_FILE
) direnv allow
- Generate secrets:
abra secret_generate saml_admin_password v1 abra secret_generate saml_secret_salt v1 "pwgen -n 64 1"
abra deploy
- Copy your SimpleSAMLphp metadata and certificates to the container (assuming
you have local
metadata
andcert
folders:abra cp metadata simplesaml:/var/simplesamlphp/ abra cp cert simplesaml:/var/simplesamlphp/
- You can log into SimpleSAMLphp using the password you generated at https://$DOMAIN/simplesaml/ and test authentication
- Edit SimpleSAMLphp's
config.php
and changestore.sql.dsn
:abra run simplesaml vi /var/simplesamlphp/config/config.php # find 'store.sql.dsn' and edit to: # 'sqlite:/var/simplesamlphp/data/simplesamlphp.sq3'
OpenID Connect
- Edit
.envrc
and uncomment lines in theOPENID
section (includingCOMPOSE_FILE
) direnv allow
- Get your Keycloak generated client secret and
docker secret create
it asopenid_client_secret
License
MIT License