Changes

Jump to navigation Jump to search

Docker MediaWiki Server (view source)

Revision as of 06:52, 24 January 2022

2,399 bytes added ,  3 years ago
m
no edit summary
Line 1: Line 1:  +
[[Category:How to]]
 
[[Category:Software]]
 
[[Category:Software]]
{{ Note|'''This document is a work in progress should be considered a draft until this message disappears.''' }}
+
Notes and configuration files for setting up MediaWiki in a dockerized environment.
= Docker MediaWiki Server =
  −
Notes and configuration files for setting up MediaWiki with nginx-proxy for Let's Encrypt SSL certs.
      
This guide is comprised of two methods for building a dockerized MediaWiki site:
 
This guide is comprised of two methods for building a dockerized MediaWiki site:
Line 10: Line 9:  
Regardless of the method used, this guide will also include any extensions you have in the build/extensions folder.
 
Regardless of the method used, this guide will also include any extensions you have in the build/extensions folder.
   −
== Intranet - no proxy ==
+
= Preparation =
Use this if on an Intranet with no Internet access.  NGINX-Proxy is using Let's Encrypt and will fail without Internet access.  If this becomes a heavily used site then consider putting this behind a proxy.
+
There are two setups available:
 +
* One for Intranet use that doesn't use a proxy or SSL.
 +
* One for Internet use that uses NGINX as a proxy and Let's Encrypt for SSL.
   −
* Create '''/srv/nginx-proxy'''
+
===Intranet - no proxy===
* Add this file
+
* Create '''/srv/wiki''', '''/srv/wiki/build''', and '''/srv/wiki/build/extensions''' directories.
   −
=== docker-compose.yml ===
+
===Internet===
 +
* Create '''/srv/wiki''', '''/srv/wiki/build''', '''/srv/wiki/build/extensions''', and '''/srv/nginx-proxy''' directories.
   −
  version: '3'
+
=Installation=
  services:
+
Choose the type of installation that matches the one used in the preparation section above.
    web:
  −
      image: mediawiki
  −
      build: build/.
  −
      container_name: wiki
  −
      depends_on:
  −
        - database
  −
          ## parsoid is bundled as part of 1.35+, only uncomment if using an older version
  −
          #- parsoid
  −
      restart: always
  −
      ports:
  −
        - 8080:80
  −
      links:
  −
        - database
  −
      volumes:
  −
        - /srv/wiki/html/images:/var/www/html/images
  −
        ## TODO: remove the # below AFTER you have downloaded the LocalSettings.php file
  −
        #- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php
  −
    database:
  −
      image: mariadb
  −
      container_name: db
  −
      restart: always
  −
      environment:
  −
        MYSQL_DATABASE: mediawiki
  −
        ## TODO: Change the password below
  −
        MYSQL_USER: wikiuser
  −
        ## TODO: Change the password below
  −
        MYSQL_PASSWORD: wiki
  −
        MYSQL_ROOT_PASSWORD: changeme
  −
      volumes:
  −
        - /srv/wiki/db:/var/lib/mysql
  −
     
  −
      ## parsoid is bundled as part of 1.35+, only uncomment if using an older version
  −
      #parsoid:
  −
      #  image: thenets/parsoid:0.10
  −
      #  container_name: parsoid
  −
      #  restart: always
  −
      #  environment:
  −
      #  - PARSOID_NUM_WORKERS=0
  −
      #    - PARSOID_DOMAIN_wiki=http://web/api.php
  −
      #  networks:
  −
      #    - default
     −
== nginx-proxy ==
+
==Intranet - no proxy==
Use this if your site is on the Internet
+
Use this if on an Intranet with no Internet access.  If this becomes a heavily used site then consider putting this behind a proxy.
   −
* Create '''/srv/nginx-proxy'''
+
===MediaWiki===
* Add this file
+
Copy the following to '''/srv/wiki/docker-compose.yml'''
 +
<syntaxhighlight lang="yaml">
 +
version: '3'
 +
services:
 +
  web:
 +
    image: mediawiki
 +
    build: build/.
 +
    container_name: wiki
 +
    depends_on:
 +
      - database
 +
      ## parsoid is bundled as part of 1.35+, only uncomment if using an older version
 +
      #- parsoid
 +
    restart: always
 +
    ports:
 +
      - 80:80
 +
    links:
 +
      - database
 +
    volumes:
 +
      - /srv/wiki/html/images:/var/www/html/images
 +
      ## TODO: remove the # below AFTER you have downloaded the LocalSettings.php file
 +
      #- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php
 +
  database:
 +
    image: mariadb
 +
    container_name: db
 +
    restart: always
 +
    environment:
 +
      MYSQL_DATABASE: mediawiki
 +
      ## TODO: Change the password below
 +
      MYSQL_USER: wikiuser
 +
      ## TODO: Change the password below
 +
      MYSQL_PASSWORD: wiki
 +
      MYSQL_ROOT_PASSWORD: changeme
 +
    volumes:
 +
      - /srv/wiki/db:/var/lib/mysql
 +
 
 +
  ## parsoid is bundled as part of 1.35+, only uncomment if using an older version
 +
  #parsoid:
 +
  #  image: thenets/parsoid:0.10
 +
  #  container_name: parsoid
 +
  #  restart: always
 +
  #  environment:
 +
  #  - PARSOID_NUM_WORKERS=0
 +
  #    - PARSOID_DOMAIN_wiki=http://web/api.php
 +
</syntaxhighlight>
   −
=== docker-compose.yml ===
+
==Internet==
docker-compose.yml
+
For an Internet setup you will use NGINX-Proxy with Let's Encrypt for SSL certificates.
   −
    version: '2'
+
===NGINX-Proxy===
    services:
+
*Copy the following to '''/srv/nginx-proxy/docker-compose.yml'''
      nginx-proxy:
+
<syntaxhighlight lang="yaml">
        image: jwilder/nginx-proxy
+
version: '2'
        container_name: nginx-proxy
+
services:
        environment:
+
  nginx-proxy:
          - "HTTPS_METHOD=noredirect"
+
    image: jwilder/nginx-proxy
        labels:
+
    container_name: nginx-proxy
          - "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy"
+
    environment:
        ports:
+
      - "HTTPS_METHOD=noredirect"
          - "80:80"
+
    labels:
          - "443:443"
+
      - "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy"
        restart: always
+
    ports:
        volumes:
+
      - "80:80"
          - "./data/etc/certs:/etc/nginx/certs"
+
      - "443:443"
          - "./data/etc/nginx/vhost.d:/etc/nginx/vhost.d"
+
    restart: always
          - "./data/etc/nginx/htpasswd:/etc/nginx/htpasswd"
+
    volumes:
          - "./data/etc/nginx/html:/usr/share/nginx/html"
+
      - "./data/etc/certs:/etc/nginx/certs"
          - "/var/run/docker.sock:/tmp/docker.sock:ro"
+
      - "./data/etc/nginx/vhost.d:/etc/nginx/vhost.d"
   
+
      - "./data/etc/nginx/htpasswd:/etc/nginx/htpasswd"
      letsencrypt:
+
      - "./data/etc/nginx/html:/usr/share/nginx/html"
        image: jrcs/letsencrypt-nginx-proxy-companion
+
      - "./data/etc/nginx/conf.d:/etc/nginx/conf.d"
        environment:
+
      - "/var/run/docker.sock:/tmp/docker.sock:ro"
        ### ToDo: Change to your e-mail address
+
 
        #      - DEFAULT_EMAIL=admin@demo.io
+
  letsencrypt:
          - NGINX_PROXY_CONTAINER=nginx-proxy
+
    image: jrcs/letsencrypt-nginx-proxy-companion
        volumes_from:
+
    environment:
          - nginx-proxy
+
    ### ToDo: Change to your e-mail address
        volumes:
+
    #      - DEFAULT_EMAIL=admin@demo.io
          - /var/run/docker.sock:/var/run/docker.sock:ro
+
      - NGINX_PROXY_CONTAINER=nginx-proxy
          - ./data/etc/certs:/etc/nginx/certs:rw
+
    volumes_from:
        restart: always
+
      - nginx-proxy
   
+
    volumes:
    networks:
+
      - /var/run/docker.sock:/var/run/docker.sock:ro
      default:
+
      - ./data/etc/certs:/etc/nginx/certs:rw
        external:
+
    restart: always
          name: nginx-proxy
+
 
 +
networks:
 +
  default:
 +
    external:
 +
      name: nginx-proxy
 +
</syntaxhighlight>
 +
 
 +
*Copy the following to '''/srv/nginx-proxy/data/etc/nginx/conf.d/proxy-settings.conf'''
 +
<syntaxhighlight lang="text">
 +
proxy_connect_timeout      300;
 +
proxy_send_timeout          300;
 +
proxy_read_timeout          30m;
 +
send_timeout                300;
 +
</syntaxhighlight>
 +
 
 +
Note: Add the following line to the file above for large file upload issues:
 +
<syntaxhighlight lang="text">
 +
client_max_body_size        5000m;
 +
</syntaxhighlight>
 +
You will need to adjust the size to a value suitable for your environment.
   −
== MediaWiki ==
+
====Create docker network====
* Create /srv/wiki, /srv/wiki/build, /srv/wiki/build/extensions
+
You will need to create an additional docker network for NGINX-Proxy and MediaWiki to talk on:
* Add the following files
+
* Run '''''docker network create nginx-proxy'''''
   −
=== docker-compose.yml ===
+
===MediaWiki===
 
Copy the following to '''/srv/wiki/docker-compose.yml'''
 
Copy the following to '''/srv/wiki/docker-compose.yml'''
 +
<syntaxhighlight lang="yaml">
 +
version: '3'
 +
services:
 +
  web:
 +
    image: mediawiki
 +
    build: build/.
 +
    container_name: wiki
 +
    depends_on:
 +
      - database
 +
    ## parsoid is bundled as part of 1.35+, only uncomment if using an older version
 +
    #  - parsoid
 +
    restart: always
 +
    environment:
 +
      ## TODO: CHANGE VIRTUAL_HOST, LETSENCRYPT_HOST, and LETSENCRYPT_EMAIL TO YOUR OWN
 +
      - VIRTUAL_HOST=wiki.example.com
 +
      - HTTPS_METHOD=nohttp
 +
      - LETSENCRYPT_HOST=wiki.example.com
 +
      - LETSENCRYPT_EMAIL=nobody@example.com
 +
    links:
 +
      - database
 +
    volumes:
 +
      - /srv/wiki/html/images:/var/www/html/images
 +
      ## TODO: remove the # below AFTER you have downloaded the LocalSettings.php file
 +
      #- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php
 +
    networks:
 +
      - default
 +
      - nginx-proxy
 +
 
 +
  database:
 +
    image: mariadb
 +
    container_name: db
 +
    restart: always
 +
    environment:
 +
      MYSQL_DATABASE: mediawiki
 +
      MYSQL_USER: wikiuser
 +
      ## TODO: Change the password below
 +
      MYSQL_PASSWORD: wiki
 +
      ## TODO: Change the password below
 +
      MYSQL_ROOT_PASSWORD: changeme
 +
    volumes:
 +
      - /srv/wiki/db:/var/lib/mysql
 +
    networks:
 +
      - default
 +
  ## parsoid is bundled as part of 1.35+, only uncomment if using an older version
 +
  #parsoid:
 +
  #  image: thenets/parsoid:0.10
 +
  #  container_name: parsoid
 +
  #  restart: always
 +
  #  environment:
 +
  #    - PARSOID_NUM_WORKERS=0
 +
  #    - PARSOID_DOMAIN_wiki=http://web/api.php
 +
  #  networks:
 +
  #    - default
 +
   
 +
networks:
 +
  nginx-proxy:
 +
    external:
 +
      name: nginx-proxy
 +
</syntaxhighlight>
   −
    version: '3'
+
=Mediawiki Docker Image=
    services:
+
Here you will find instructions on how to build your own custom MediaWiki docker image.
      web:
  −
        image: mediawiki
  −
        build: build/.
  −
        container_name: wiki
  −
        depends_on:
  −
          - database
  −
          - parsoid
  −
        restart: always
  −
        environment:
  −
          ## TODO: CHANGE VIRTUAL_HOST, LETSENCRYPT_HOST, and LETSENCRYPT_EMAIL TO YOUR OWN
  −
          - VIRTUAL_HOST=wiki.example.com
  −
          - HTTPS_METHOD=nohttp
  −
          - LETSENCRYPT_HOST=wiki.example.com
  −
          - LETSENCRYPT_EMAIL=nobody@example.com
  −
        links:
  −
          - database
  −
        volumes:
  −
          - /srv/wiki/html/images:/var/www/html/images
  −
          ## TODO: remove the # below AFTER you have downloaded the LocalSettings.php file
  −
          #- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php
  −
        networks:
  −
          - default
  −
          - nginx-proxy
  −
   
  −
      database:
  −
        image: mariadb
  −
        container_name: db
  −
        restart: always
  −
        environment:
  −
          MYSQL_DATABASE: mediawiki
  −
          MYSQL_USER: wikiuser
  −
          ## TODO: Change the password below
  −
          MYSQL_PASSWORD: wiki
  −
          ## TODO: Change the password below
  −
          MYSQL_ROOT_PASSWORD: changeme
  −
        volumes:
  −
          - /srv/wiki/db:/var/lib/mysql
  −
        networks:
  −
          - default
  −
   
  −
      parsoid:
  −
        image: thenets/parsoid:0.10
  −
        container_name: parsoid
  −
        restart: always
  −
        environment:
  −
    #      - PARSOID_NUM_WORKERS=0
  −
          - PARSOID_DOMAIN_wiki=http://web/api.php
  −
        networks:
  −
          - default
  −
   
  −
    networks:
  −
      nginx-proxy:
  −
        external:
  −
          name: nginx-proxy
     −
=== Dockerfile ===
+
===Dockerfile===
 
There are two ways to create the Dockerfile for MediaWiki.   
 
There are two ways to create the Dockerfile for MediaWiki.   
   Line 187: Line 215:     
Note: You can change the version of the MediaWiki docker image used by changing the FROM line.
 
Note: You can change the version of the MediaWiki docker image used by changing the FROM line.
 
+
<syntaxhighlight lang="dockerfile">
    FROM mediawiki:1.35.3
+
FROM mediawiki:1.35.3
    COPY ./extensions /var/www/html/extensions
+
COPY ./extensions /var/www/html/extensions
 +
</syntaxhighlight>
    
==== Advanced ====
 
==== Advanced ====
 
Note: You can change the version installed by changing:
 
Note: You can change the version installed by changing:
* ENV MEDIAWIKI_MAJOR_VERSION 1.36
+
* '''ENV MEDIAWIKI_MAJOR_VERSION 1.36'''
* ENV MEDIAWIKI_VERSION 1.36.1
+
* '''ENV MEDIAWIKI_VERSION 1.36.1'''
* ENV MW_VERSION REL1_35
+
* '''ENV MW_VERSION REL1_36'''
   −
To change to version 1.35 (LTS until 2023) you can substitute 1.35, 1.35.3,and REL1_35 for the values above.
+
To change to version 1.35 (LTS until 2023) you can substitute 1.35, 1.35.3, and REL1_35 for the values above.
    
Copy the following to '''/srv/wiki/build/Dockerfile'''
 
Copy the following to '''/srv/wiki/build/Dockerfile'''
 +
<syntaxhighlight lang="dockerfile">
 +
FROM php:7.4-apache
 +
 +
COPY --from=composer /usr/bin/composer /usr/bin/composer
 +
 +
# System dependencies
 +
RUN set -eux; \
 +
\
 +
apt-get update; \
 +
apt-get install -y --no-install-recommends \
 +
git \
 +
librsvg2-bin \
 +
imagemagick \
 +
# Required for SyntaxHighlighting
 +
python3 \
 +
; \
 +
rm -rf /var/lib/apt/lists/*
 +
 +
# Install the PHP extensions we need
 +
RUN set -eux; \
 +
\
 +
savedAptMark="$(apt-mark showmanual)"; \
 +
\
 +
apt-get update; \
 +
apt-get install -y --no-install-recommends \
 +
libicu-dev \
 +
libonig-dev \
 +
; \
 +
\
 +
docker-php-ext-install -j "$(nproc)" \
 +
intl \
 +
mbstring \
 +
mysqli \
 +
opcache \
 +
; \
 +
\
 +
pecl install APCu-5.1.20; \
 +
docker-php-ext-enable \
 +
apcu \
 +
; \
 +
rm -r /tmp/pear; \
 +
\
 +
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
 +
apt-mark auto '.*' > /dev/null; \
 +
apt-mark manual $savedAptMark; \
 +
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \
 +
| awk '/=>/ { print $3 }' \
 +
| sort -u \
 +
| xargs -r dpkg-query -S \
 +
| cut -d: -f1 \
 +
| sort -u \
 +
| xargs -rt apt-mark manual; \
 +
\
 +
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
 +
rm -rf /var/lib/apt/lists/*
 +
 +
# Enable Short URLs
 +
RUN set -eux; \
 +
a2enmod rewrite; \
 +
{ \
 +
echo "<Directory /var/www/html>"; \
 +
echo "  RewriteEngine On"; \
 +
echo "  RewriteCond %{REQUEST_FILENAME} !-f"; \
 +
echo "  RewriteCond %{REQUEST_FILENAME} !-d"; \
 +
echo "  RewriteRule ^ %{DOCUMENT_ROOT}/index.php [L]"; \
 +
echo "</Directory>"; \
 +
} > "$APACHE_CONFDIR/conf-available/short-url.conf"; \
 +
a2enconf short-url
 +
 +
# Enable AllowEncodedSlashes for VisualEditor
 +
RUN sed -i "s/<\/VirtualHost>/\tAllowEncodedSlashes NoDecode\n<\/VirtualHost>/" "$APACHE_CONFDIR/sites-available/000-default.conf"
 +
 +
# set recommended PHP.ini settings
 +
# see https://secure.php.net/manual/en/opcache.installation.php
 +
RUN { \
 +
echo 'opcache.memory_consumption=128'; \
 +
echo 'opcache.interned_strings_buffer=8'; \
 +
echo 'opcache.max_accelerated_files=4000'; \
 +
echo 'opcache.revalidate_freq=60'; \
 +
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
 +
 +
# SQLite Directory Setup
 +
RUN set -eux; \
 +
mkdir -p /var/www/data; \
 +
chown -R www-data:www-data /var/www/data
 +
 +
# Version
 +
ENV MEDIAWIKI_MAJOR_VERSION 1.35
 +
ENV MEDIAWIKI_VERSION 1.35.3
 +
ENV MW_VERSION=REL1_35
 +
 +
# Home folder location
 +
ENV MW_HOME=/var/www/html
 +
 +
 +
# MediaWiki setup
 +
RUN set -eux; \
 +
fetchDeps=" \
 +
gnupg \
 +
dirmngr \
 +
"; \
 +
apt-get update; \
 +
apt-get install -y --no-install-recommends $fetchDeps; \
 +
\
 +
curl -fSL "https://releases.wikimedia.org/mediawiki/${MEDIAWIKI_MAJOR_VERSION}/mediawiki-${MEDIAWIKI_VERSION}.tar.gz" -o mediawiki.tar.gz; \
 +
curl -fSL "https://releases.wikimedia.org/mediawiki/${MEDIAWIKI_MAJOR_VERSION}/mediawiki-${MEDIAWIKI_VERSION}.tar.gz.sig" -o mediawiki.tar.gz.sig; \
 +
export GNUPGHOME="$(mktemp -d)"; \
 +
# gpg key from https://www.mediawiki.org/keys/keys.txt
 +
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys \
 +
D7D6767D135A514BEB86E9BA75682B08E8A3FEC4 \
 +
441276E9CCD15F44F6D97D18C119E1A64D70938E \
 +
F7F780D82EBFB8A56556E7EE82403E59F9F8CD79 \
 +
1D98867E82982C8FE0ABC25F9B69B3109D3BB7B0 \
 +
; \
 +
gpg --batch --verify mediawiki.tar.gz.sig mediawiki.tar.gz; \
 +
tar -x --strip-components=1 -f mediawiki.tar.gz; \
 +
gpgconf --kill all; \
 +
rm -r "$GNUPGHOME" mediawiki.tar.gz.sig mediawiki.tar.gz; \
 +
chown -R www-data:www-data extensions skins cache images; \
 +
  \
 +
  apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps; \
 +
  rm -rf /var/lib/apt/lists/*
 +
 +
RUN set -eux; \
 +
        apt update; \
 +
        apt install -y --no-install-recommends \
 +
            unzip
 +
 +
##### Commonly used extensions
 +
RUN set -x; \
 +
    cd $MW_HOME/extensions \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Echo \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Thanks \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CheckUser
 +
 +
# Flow extension
 +
RUN set -x; \
 +
    cd $MW_HOME/extensions \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Flow \
 +
    && cd Flow \
 +
    && composer install --no-dev \
 +
    && cd ..
 +
 +
### MediaWiki Language Extension Bundle
 +
# Translate
 +
RUN set -x; \
 +
    cd $MW_HOME/extensions \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Babel \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/cldr \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CleanChanges \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/UniversalLanguageSelector
 +
 +
##### ElasticSearch extensions
 +
RUN set -x; \
 +
    cd $MW_HOME/extensions \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CirrusSearch \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Elastica \
 +
    && cd Elastica \
 +
    && composer install --no-dev \
 +
    && cd ..
 +
 +
##### MobileFrontend extension
 +
RUN set -x; \
 +
    cd $MW_HOME/extensions \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/MobileFrontend
 +
 +
##### ElectronPdfService extension
 +
RUN set -x; \
 +
    cd $MW_HOME/extensions \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/ElectronPdfService
 +
 +
##### ConfirmAccount, UploadWizard
 +
RUN set -x; \
 +
    cd $MW_HOME/extensions \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/ConfirmAccount \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/UploadWizard
 +
 +
 +
#### Add AutoSitemap extension ** disable if wiki is not reacahble from Internet!
 +
RUN set -x; \
 +
    cd $MW_HOME/extensions \
 +
    && git clone --depth 1 https://github.com/dolfinus/AutoSitemap.git
 +
 +
# Copy any other extenions from the ./build/extensions folder
 +
COPY ./extensions $MW_HOME/extensions
   −
    FROM php:7.4-apache
+
CMD ["apache2-foreground"]
   
+
</syntaxhighlight>
    COPY --from=composer /usr/bin/composer /usr/bin/composer
  −
   
  −
    # System dependencies
  −
    RUN set -eux; \
  −
    \
  −
    apt-get update; \
  −
    apt-get install -y --no-install-recommends \
  −
    git \
  −
    librsvg2-bin \
  −
    imagemagick \
  −
    # Required for SyntaxHighlighting
  −
    python3 \
  −
    ; \
  −
    rm -rf /var/lib/apt/lists/*
  −
   
  −
    # Install the PHP extensions we need
  −
    RUN set -eux; \
  −
    \
  −
    savedAptMark="$(apt-mark showmanual)"; \
  −
    \
  −
    apt-get update; \
  −
    apt-get install -y --no-install-recommends \
  −
    libicu-dev \
  −
    libonig-dev \
  −
    ; \
  −
    \
  −
    docker-php-ext-install -j "$(nproc)" \
  −
    intl \
  −
    mbstring \
  −
    mysqli \
  −
    opcache \
  −
    ; \
  −
    \
  −
    pecl install APCu-5.1.20; \
  −
    docker-php-ext-enable \
  −
    apcu \
  −
    ; \
  −
    rm -r /tmp/pear; \
  −
    \
  −
    # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
  −
    apt-mark auto '.*' > /dev/null; \
  −
    apt-mark manual $savedAptMark; \
  −
    ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \
  −
    | awk '/=>/ { print $3 }' \
  −
    | sort -u \
  −
    | xargs -r dpkg-query -S \
  −
    | cut -d: -f1 \
  −
    | sort -u \
  −
    | xargs -rt apt-mark manual; \
  −
    \
  −
    apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
  −
    rm -rf /var/lib/apt/lists/*
  −
   
  −
    # Enable Short URLs
  −
    RUN set -eux; \
  −
    a2enmod rewrite; \
  −
    { \
  −
    echo "<Directory /var/www/html>"; \
  −
    echo "  RewriteEngine On"; \
  −
    echo "  RewriteCond %{REQUEST_FILENAME} !-f"; \
  −
    echo " RewriteCond %{REQUEST_FILENAME} !-d"; \
  −
    echo "  RewriteRule ^ %{DOCUMENT_ROOT}/index.php [L]"; \
  −
    echo "</Directory>"; \
  −
    } > "$APACHE_CONFDIR/conf-available/short-url.conf"; \
  −
    a2enconf short-url
  −
   
  −
    # Enable AllowEncodedSlashes for VisualEditor
  −
    RUN sed -i "s/<\/VirtualHost>/\tAllowEncodedSlashes NoDecode\n<\/VirtualHost>/" "$APACHE_CONFDIR/sites-available/000-default.conf"
  −
   
  −
    # set recommended PHP.ini settings
  −
    # see https://secure.php.net/manual/en/opcache.installation.php
  −
    RUN { \
  −
    echo 'opcache.memory_consumption=128'; \
  −
    echo 'opcache.interned_strings_buffer=8'; \
  −
    echo 'opcache.max_accelerated_files=4000'; \
  −
    echo 'opcache.revalidate_freq=60'; \
  −
    } > /usr/local/etc/php/conf.d/opcache-recommended.ini
  −
   
  −
    # SQLite Directory Setup
  −
    RUN set -eux; \
  −
    mkdir -p /var/www/data; \
  −
    chown -R www-data:www-data /var/www/data
  −
   
  −
    # Version
  −
    ENV MEDIAWIKI_MAJOR_VERSION 1.35
  −
    ENV MEDIAWIKI_VERSION 1.35.3
  −
    ENV MW_VERSION=REL1_35
  −
   
  −
    # Home folder location
  −
    ENV MW_HOME=/var/www/html
  −
   
  −
   
  −
    # MediaWiki setup
  −
    RUN set -eux; \
  −
    fetchDeps=" \
  −
    gnupg \
  −
    dirmngr \
  −
    "; \
  −
    apt-get update; \
  −
    apt-get install -y --no-install-recommends $fetchDeps; \
  −
    \
  −
    curl -fSL "https://releases.wikimedia.org/mediawiki/${MEDIAWIKI_MAJOR_VERSION}/mediawiki-${MEDIAWIKI_VERSION}.tar.gz" -o mediawiki.tar.gz; \
  −
    curl -fSL "https://releases.wikimedia.org/mediawiki/${MEDIAWIKI_MAJOR_VERSION}/mediawiki-${MEDIAWIKI_VERSION}.tar.gz.sig" -o mediawiki.tar.gz.sig; \
  −
    export GNUPGHOME="$(mktemp -d)"; \
  −
    # gpg key from https://www.mediawiki.org/keys/keys.txt
  −
    gpg --batch --keyserver keyserver.ubuntu.com --recv-keys \
  −
    D7D6767D135A514BEB86E9BA75682B08E8A3FEC4 \
  −
    441276E9CCD15F44F6D97D18C119E1A64D70938E \
  −
    F7F780D82EBFB8A56556E7EE82403E59F9F8CD79 \
  −
    1D98867E82982C8FE0ABC25F9B69B3109D3BB7B0 \
  −
    ; \
  −
    gpg --batch --verify mediawiki.tar.gz.sig mediawiki.tar.gz; \
  −
    tar -x --strip-components=1 -f mediawiki.tar.gz; \
  −
    gpgconf --kill all; \
  −
    rm -r "$GNUPGHOME" mediawiki.tar.gz.sig mediawiki.tar.gz; \
  −
    chown -R www-data:www-data extensions skins cache images; \
  −
      \
  −
      apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps; \
  −
      rm -rf /var/lib/apt/lists/*
  −
   
  −
    RUN set -eux; \
  −
            apt update; \
  −
            apt install -y --no-install-recommends \
  −
                unzip
  −
   
  −
    ##### Commonly used extensions
  −
    RUN set -x; \
  −
        cd $MW_HOME/extensions \
  −
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Echo \
  −
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Thanks \
  −
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CheckUser
  −
   
  −
    # Flow extension
  −
    RUN set -x; \
  −
        cd $MW_HOME/extensions \
  −
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Flow \
  −
        && cd Flow \
  −
        && composer install --no-dev \
  −
        && cd ..
  −
   
  −
    ### MediaWiki Language Extension Bundle
  −
    # Translate
  −
    RUN set -x; \
  −
        cd $MW_HOME/extensions \
  −
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Babel \
  −
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/cldr \
  −
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CleanChanges \
  −
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/UniversalLanguageSelector
  −
   
  −
    ##### ElasticSearch extensions
  −
    RUN set -x; \
  −
        cd $MW_HOME/extensions \
  −
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CirrusSearch \
  −
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Elastica \
  −
        && cd Elastica \
  −
        && composer install --no-dev \
  −
        && cd ..
  −
   
  −
    ##### MobileFrontend extension
  −
    RUN set -x; \
  −
        cd $MW_HOME/extensions \
  −
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/MobileFrontend
  −
   
  −
    ##### ElectronPdfService extension
  −
    RUN set -x; \
  −
        cd $MW_HOME/extensions \
  −
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/ElectronPdfService
  −
   
  −
    ##### ConfirmAccount, UploadWizard
  −
    RUN set -x; \
  −
        cd $MW_HOME/extensions \
  −
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/ConfirmAccount \
  −
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/UploadWizard
  −
   
  −
   
  −
    #### Add AutoSitemap extension ** disable if wiki is not reacahble from Internet!
  −
    RUN set -x; \
  −
        cd $MW_HOME/extensions \
  −
        && git clone --depth 1 https://github.com/dolfinus/AutoSitemap.git
  −
   
  −
    # Copy any other extenions from the ./build/extensions folder
  −
    COPY ./extensions $MW_HOME/extensions
  −
   
  −
    CMD ["apache2-foreground"]
     −
=== First start ===
+
=Running=
* Update the /srv/wiki/docker-compose.yml file with the host, email and database password
+
==First start==
 +
* Update the /srv/wiki/docker-compose.yml file with the hostname (or FQDN for Internet), your email, and database passwords.
 
* Run '''''docker-compose up -d''''' to start  
 
* Run '''''docker-compose up -d''''' to start  
* Login to wiki to complete setup (use https://<fqdn> specified in the files above)
+
* Login to wiki to complete setup (use http://<hostname/IP> for Intranet or https://<FQDN> for Internet)
 +
 
 +
===Database connection details===
 +
* When prompted for the database enter '''db://localhost'''
   −
=== Database connection details ===
+
''Note: When prompted have MediaWiki use the same user account (root) for the database that was used for setup.  Attempting to use a different user will result in an error and failure.  This is due to the MediaWiki setup script attempting to use the database connection string as the hostname for the user (<username>@<connection string>) when granting user access to the database.''
When prompted for the database enter '''db://localhost'''
     −
=== LocalSettings File ===
+
==LocalSettings File==
 
* Download when prompted
 
* Download when prompted
* Stop the wiki with '''''docker-compose down'''''
   
* Copy LocalSettings.php to the /srv/wiki directory
 
* Copy LocalSettings.php to the /srv/wiki directory
 +
 +
==Finalize setup==
 
* Uncomment the '''#- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php''' line in the '''/srv/wiki/docker-compose.yml''' file
 
* Uncomment the '''#- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php''' line in the '''/srv/wiki/docker-compose.yml''' file
 
* chmod 755 the LocalSettings.php file
 
* chmod 755 the LocalSettings.php file
 
* Run '''''docker-compose up -d'''''
 
* Run '''''docker-compose up -d'''''
* Wait a minute then navigate to your wiki with https://<fqdn>
+
* Wait a minute then navigate to your wiki with https://<hostname/IP> for Intranet or https://<FQDN> for Internet.
 +
 
 +
===Private IPs===
 +
Mediawiki will only use the IP presented by the NGINX Proxy server (which will not be the client's real IP).  To have Mediawiki trust the X-Forwarded-For (and record them), add the following to the LocalSettings.php file:
 +
<syntaxhighlight lang="php">
 +
# Use X-ForwardedFor instead for Real IP
 +
$wgUseCdn = true;
 +
$wgCdnServersNoPurge = [];
 +
$wgCdnServersNoPurge[] = "172.18.0.0/24";
 +
</syntaxhighlight>
 +
Change the '''172.18.0.0/24''' to the subnet your container is using for talking to the NGINX Proxy.
 +
 
 +
Reference: https://www.mediawiki.org/wiki/Manual:$wgUsePrivateIPs
   −
== Misc ==
+
=Misc=
=== Preventing access ===
+
==Preventing access==
 
Note:  You can also choose an access level at initial installation.
 
Note:  You can also choose an access level at initial installation.
    
https://www.mediawiki.org/wiki/Manual:Preventing_access#Simple_private_wiki
 
https://www.mediawiki.org/wiki/Manual:Preventing_access#Simple_private_wiki
=== Upgrading ===
+
==Upgrading==
 
IMPORTANT:  Read https://www.mediawiki.org/wiki/Manual:Upgrading first for information about upgrading.
 
IMPORTANT:  Read https://www.mediawiki.org/wiki/Manual:Upgrading first for information about upgrading.
   Line 422: Line 468:  
# Run '''''cd maintenance'''''
 
# Run '''''cd maintenance'''''
 
# Run '''''php update.php'''''
 
# Run '''''php update.php'''''
 +
 +
==File uploads==
 +
 +
===Allow .pdf files to be uploaded===
 +
 +
See https://www.mediawiki.org/wiki/Manual:Configuring_file_uploads#Configuring_file_types
 +
 +
Add this to your '''LocalSettings.php''' file:
 +
<syntaxhighlight lang="php>
 +
$wgFileExtensions = array( 'png', 'gif', 'jpg', 'jpeg', 'doc',
 +
    'xls', 'mpp', 'pdf', 'ppt', 'tiff', 'bmp', 'docx', 'xlsx',
 +
    'pptx', 'ps', 'odt', 'ods', 'odp', 'odg'
 +
);
 +
</syntaxhighlight>
 +
 +
===Increase file upload size===
 +
 +
See https://www.mediawiki.org/wiki/Manual:Configuring_file_uploads#Set_maximum_size_for_file_uploads
 +
 +
* Add this to your '''LocalSettings.php''' file to allow uploading of 2G files:
 +
<syntaxhighlight lang="php>
 +
$wgUploadSizeWarning = 2147483647;
 +
$wgMaxUploadSize = 2147483647;
 +
</syntaxhighlight>
 +
* Then create '''/srv/wiki/uploads.ini''' with the following:
 +
<syntaxhighlight lang="php>
 +
upload_max_filesize = 2048M
 +
post_max_size = 2048M
 +
max_execution_time = 7200
 +
max_file_uploads = 1000
 +
</syntaxhighlight>
 +
* Add the following line to the '''/srv/wiki/docker-compose.yml''' file under volumes
 +
 +
  - /srv/wiki/uploads.ini:/usr/local/etc/php/conf.d/uploads.ini:ro
Retrieved from "http://wiki.pttlink.org/wiki/Special:MobileDiff/2526...10927"

Navigation menu