samwightt/mediawiki

forked from coop-cloud/mediawiki

Go to file

3wc b2034900bf Ad SECRET_ to secret names so abra can find them

2020-12-27 15:55:26 +02:00

.drone.yml

Tell drone about PHP_INI_VERSION

2020-10-30 18:37:42 +02:00

.envrc.sample

Ad SECRET_ to secret names so abra can find them

2020-12-27 15:55:26 +02:00

.gitignore

Ignore live .envrc

2020-09-06 14:00:55 +02:00

compose.openid.yml

Ad SECRET_ to secret names so abra can find them

2020-12-27 15:55:26 +02:00

compose.simplesaml.yml

Ad SECRET_ to secret names so abra can find them

2020-12-27 15:55:26 +02:00

compose.yml

Ad SECRET_ to secret names so abra can find them

2020-12-27 15:55:26 +02:00

composer.local.json.tmpl

Rename composer local file

2020-10-19 16:53:12 +02:00

entrypoint.sh.tmpl

Further post-image-switch tidying

2020-10-24 19:04:24 +02:00

entrypoint.simplesaml.sh.tmpl

Rename services, add EXTRA_DOMAINS

2020-10-06 01:32:46 +02:00

LocalSettings.php.tmpl

Add 10mb upload limit

2020-10-30 13:56:47 +01:00

php.ini.tmpl

Add template file ending

2020-10-30 14:26:58 +01:00

README.md

Fix Mailu instructions

2020-10-24 20:13:39 +02:00

renovate.json

Add renovate.json

2020-09-14 20:02:21 +00:00

README.md

Mediawiki

Mediawiki version 1.35

Requires Docker version 1.11.2 or above to run.

Based on mediawiki.

Set up Docker Swarm and abra
Deploy coop-cloud/traefik
cp .envrc.sample .envrc
Edit .envrc - be sure to change $DOMAIN to something that resolves to your Docker swarm box
direnv allow (or source .envrc)

Generate secrets:

abra secret_generate db_password v1
abra secret_generate db_root_password v1
abra secret_generate mediawiki_secret_key v1 "pwgen -n 64 1"

abra deploy
Create an initial admin user: abra run app php /var/www/html/maintenance/createAndPromote.php --sysop YourUsername YourPassword

Email

Edit .envrc and uncomment the SMTP lines. Set SMTP_HOST to postfix_relay for coop-cloud/postfix_relay, or mailu_front for coop-cloud/mailu (assuming default stack names)
For postfix_relay, add the domain to your email config – EXTRA_SENDER_DOMAINS in postfix_relay. This doesn't seem to be required for Mailu.
direnv allow (or source .envrc)
abra deploy

Single Sign On

SimpleSAMLphp

This app includes optional SAML Single Sign On using SimpleSAMLphp and Mediawiki's Extension:SimpleSAMLphp, based on the venatorfox/simplesamlphp image.

NOTE: currently, if you enable SAML then it'll disable Mediawiki's own user account system. Patches to make this configurable are welcome!

Edit .envrc and uncomment lines in the SAML section (including COMPOSE_FILE)
direnv allow

Generate secrets:

abra secret_generate saml_admin_password v1
abra secret_generate saml_secret_salt v1 "pwgen -n 64 1"

abra deploy
Copy your SimpleSAMLphp metadata and certificates to the container (assuming you have local metadata and cert folders:
```
abra cp metadata simplesaml:/var/simplesamlphp/
abra cp cert simplesaml:/var/simplesamlphp/
```
You can log into SimpleSAMLphp using the password you generated at https://$DOMAIN/simplesaml/ and test authentication

Edit SimpleSAMLphp's config.php and change store.sql.dsn:

abra run simplesaml vi /var/simplesamlphp/config/config.php
# find 'store.sql.dsn' and edit to:
# 'sqlite:/var/simplesamlphp/data/simplesamlphp.sq3'

OpenID Connect

Edit .envrc and uncomment lines in the OPENID section (including COMPOSE_FILE)
direnv allow
Store your Keycloak-generated client secret in Docker:

abra secret insert openid_client_secret v1 put-your-secret-here

abra deploy

License

MIT License