forked from coop-cloud/mediawiki
Rename services, add EXTRA_DOMAINS
See compose-stacks/organising#15 & compose-stacks/organising#19
This commit is contained in:
parent
ecf91f0154
commit
6e10ec2d24
|
@ -55,9 +55,9 @@ $wgEmailAuthentication = true;
|
||||||
|
|
||||||
## Database settings
|
## Database settings
|
||||||
$wgDBtype = "mysql";
|
$wgDBtype = "mysql";
|
||||||
$wgDBserver = "mariadb";
|
$wgDBserver = "{{ env "DB_HOST" }}";
|
||||||
$wgDBname = "mediawiki";
|
$wgDBname = "{{ env "DB_NAME" }}";
|
||||||
$wgDBuser = "mediawiki";
|
$wgDBuser = "{{ env "DB_USER" }}";
|
||||||
$wgDBpassword = rtrim(file_get_contents('/run/secrets/db_password'));
|
$wgDBpassword = rtrim(file_get_contents('/run/secrets/db_password'));
|
||||||
|
|
||||||
# MySQL specific settings
|
# MySQL specific settings
|
||||||
|
|
|
@ -32,7 +32,7 @@ This app includes optional SAML Single Sign On using
|
||||||
NOTE: currently, if you enable SAML then it'll disable Mediawiki's own user account
|
NOTE: currently, if you enable SAML then it'll disable Mediawiki's own user account
|
||||||
system. Patches to make this configurable are welcome!
|
system. Patches to make this configurable are welcome!
|
||||||
|
|
||||||
1. Edit `.envrc` and uncomment lines in the `SAML` section (including `COMPOSE`)
|
1. Edit `.envrc` and uncomment lines in the `SAML` section (including `COMPOSE_FILE`)
|
||||||
2. `direnv allow`
|
2. `direnv allow`
|
||||||
3. Generate secrets:
|
3. Generate secrets:
|
||||||
```
|
```
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
version: '3.8'
|
version: '3.8'
|
||||||
|
|
||||||
services:
|
services:
|
||||||
mediawiki:
|
app:
|
||||||
volumes:
|
volumes:
|
||||||
- 'simplesaml:/var/simplesamlphp/'
|
- 'simplesaml:/var/simplesamlphp/'
|
||||||
- 'simplesaml_log:/var/simplesamlphp/log'
|
- 'simplesaml_log:/var/simplesamlphp/log'
|
||||||
|
@ -56,6 +56,7 @@ services:
|
||||||
deploy:
|
deploy:
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
|
- "traefik.docker.network=proxy"
|
||||||
- "traefik.http.services.${STACK_NAME}_simplesaml.loadbalancer.server.port=80"
|
- "traefik.http.services.${STACK_NAME}_simplesaml.loadbalancer.server.port=80"
|
||||||
- "traefik.http.routers.${STACK_NAME}_simplesaml.rule=(Host(`${DOMAIN}`) && PathPrefix(`/simplesaml`))"
|
- "traefik.http.routers.${STACK_NAME}_simplesaml.rule=(Host(`${DOMAIN}`) && PathPrefix(`/simplesaml`))"
|
||||||
- "traefik.http.routers.${STACK_NAME}_simplesaml.entrypoints=web-secure"
|
- "traefik.http.routers.${STACK_NAME}_simplesaml.entrypoints=web-secure"
|
||||||
|
|
88
compose.yml
88
compose.yml
|
@ -2,7 +2,54 @@
|
||||||
version: '3.8'
|
version: '3.8'
|
||||||
|
|
||||||
services:
|
services:
|
||||||
mariadb:
|
app:
|
||||||
|
image: 'revianlabs/mediawiki-ve-bundle'
|
||||||
|
environment:
|
||||||
|
- DOMAIN
|
||||||
|
- STACK_NAME
|
||||||
|
- MEDIAWIKI_EMAIL_CONTACT
|
||||||
|
- MEDIAWIKI_EMAIL_FROM
|
||||||
|
- MEDIAWIKI_SITENAME
|
||||||
|
- MEDIAWIKI_SITENAMESPACE
|
||||||
|
- SAML_ENABLED
|
||||||
|
- DB_HOST=db
|
||||||
|
- DB_USER=mediawiki
|
||||||
|
- DB_NAME=mediawiki
|
||||||
|
volumes:
|
||||||
|
- 'mediawiki_images:/var/www/html/images'
|
||||||
|
- 'parsoid:/usr/lib/parsoid'
|
||||||
|
configs:
|
||||||
|
- source: LocalSettings_conf
|
||||||
|
target: /var/www/html/LocalSettings.php
|
||||||
|
- source: htaccess_conf
|
||||||
|
target: /var/www/html/.htaccess
|
||||||
|
- source: entrypoint2_conf
|
||||||
|
target: /docker-entrypoint2.sh
|
||||||
|
mode: 0555
|
||||||
|
depends_on:
|
||||||
|
- db
|
||||||
|
secrets:
|
||||||
|
- db_password
|
||||||
|
- mediawiki_secret_key
|
||||||
|
networks:
|
||||||
|
- proxy
|
||||||
|
- internal
|
||||||
|
deploy:
|
||||||
|
update_config:
|
||||||
|
failure_action: rollback
|
||||||
|
labels:
|
||||||
|
- "traefik.enable=true"
|
||||||
|
- "traefik.docker.network=proxy"
|
||||||
|
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
|
||||||
|
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
|
||||||
|
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||||
|
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||||
|
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
|
||||||
|
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
|
||||||
|
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
||||||
|
entrypoint: /docker-entrypoint2.sh
|
||||||
|
|
||||||
|
db:
|
||||||
image: 'mariadb:10.5'
|
image: 'mariadb:10.5'
|
||||||
environment:
|
environment:
|
||||||
- MYSQL_USER=mediawiki
|
- MYSQL_USER=mediawiki
|
||||||
|
@ -23,45 +70,6 @@ services:
|
||||||
max_attempts: 3
|
max_attempts: 3
|
||||||
window: 120s
|
window: 120s
|
||||||
|
|
||||||
mediawiki:
|
|
||||||
image: 'revianlabs/mediawiki-ve-bundle'
|
|
||||||
environment:
|
|
||||||
- DOMAIN
|
|
||||||
- STACK_NAME
|
|
||||||
- MEDIAWIKI_EMAIL_CONTACT
|
|
||||||
- MEDIAWIKI_EMAIL_FROM
|
|
||||||
- MEDIAWIKI_SITENAME
|
|
||||||
- MEDIAWIKI_SITENAMESPACE
|
|
||||||
- SAML_ENABLED
|
|
||||||
volumes:
|
|
||||||
- 'mediawiki_images:/var/www/html/images'
|
|
||||||
- 'parsoid:/usr/lib/parsoid'
|
|
||||||
configs:
|
|
||||||
- source: LocalSettings_conf
|
|
||||||
target: /var/www/html/LocalSettings.php
|
|
||||||
- source: htaccess_conf
|
|
||||||
target: /var/www/html/.htaccess
|
|
||||||
- source: entrypoint2_conf
|
|
||||||
target: /docker-entrypoint2.sh
|
|
||||||
mode: 0555
|
|
||||||
depends_on:
|
|
||||||
- mariadb
|
|
||||||
secrets:
|
|
||||||
- db_password
|
|
||||||
- mediawiki_secret_key
|
|
||||||
networks:
|
|
||||||
- proxy
|
|
||||||
- internal
|
|
||||||
deploy:
|
|
||||||
update_config:
|
|
||||||
failure_action: rollback
|
|
||||||
labels:
|
|
||||||
- "traefik.enable=true"
|
|
||||||
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
|
|
||||||
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
|
|
||||||
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
|
||||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
|
||||||
entrypoint: /docker-entrypoint2.sh
|
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
mariadb:
|
mariadb:
|
||||||
|
|
|
@ -9,11 +9,11 @@ init_db() {
|
||||||
apt update && apt install -y mariadb-client
|
apt update && apt install -y mariadb-client
|
||||||
fi
|
fi
|
||||||
|
|
||||||
PASSWORD=`cat /run/secrets/db_password`
|
PASSWORD=$(cat /run/secrets/db_password)
|
||||||
TABLE_COUNT=$(mysql -u mediawiki --password="$PASSWORD" -h mariadb mediawiki -e "SELECT count(*) AS TOTAL FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA = 'mediawiki';" -N -B)
|
TABLE_COUNT=$(mysql -u "${DB_USER}" --password="$PASSWORD" -h "${DB_HOST}" "${DB_NAME}" -e "SELECT count(*) AS TOTAL FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA = 'mediawiki';" -N -B)
|
||||||
|
|
||||||
if [[ "${TABLE_COUNT}" == "0" ]]; then
|
if [[ "${TABLE_COUNT}" == "0" ]]; then
|
||||||
mysql -u mediawiki --password="$PASSWORD" -h mariadb mediawiki < /var/www/html/maintenance/tables.sql
|
mysql -u "${DB_USER}" --password="$PASSWORD" -h "${DB_HOST}" "${DB_NAME}" < /var/www/html/maintenance/tables.sql
|
||||||
else
|
else
|
||||||
php /var/www/html/maintenance/update.php
|
php /var/www/html/maintenance/update.php
|
||||||
fi
|
fi
|
||||||
|
|
|
@ -1,7 +1,5 @@
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
set -e
|
|
||||||
|
|
||||||
file_env() {
|
file_env() {
|
||||||
local var="$1"
|
local var="$1"
|
||||||
local fileVar="${var}_FILE"
|
local fileVar="${var}_FILE"
|
||||||
|
|
Loading…
Reference in New Issue