Difference between revisions of "Docker MediaWiki Server"

From "PTTLink Wiki"
Jump to navigation Jump to search
m
m
 
(16 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
[[Category:How to]]
 
[[Category:Software]]
 
[[Category:Software]]
{{ Note|'''This document is a work in progress and should be considered a draft until this message disappears.''' }}
+
Notes and configuration files for setting up MediaWiki in a dockerized environment.
= Docker MediaWiki Server =
 
Notes and configuration files for setting up MediaWiki with nginx-proxy for Let's Encrypt SSL certs.
 
  
 
This guide is comprised of two methods for building a dockerized MediaWiki site:
 
This guide is comprised of two methods for building a dockerized MediaWiki site:
Line 10: Line 9:
 
Regardless of the method used, this guide will also include any extensions you have in the build/extensions folder.
 
Regardless of the method used, this guide will also include any extensions you have in the build/extensions folder.
  
== Intranet - no proxy ==
+
= Preparation =
Use this if on an Intranet with no Internet access.  NGINX-Proxy is using Let's Encrypt and will fail without Internet access.  If this becomes a heavily used site then consider putting this behind a proxy.
+
There are two setups available:
 +
* One for Intranet use that doesn't use a proxy or SSL.
 +
* One for Internet use that uses NGINX as a proxy and Let's Encrypt for SSL.
  
* Create '''/srv/nginx-proxy'''
+
===Intranet - no proxy===
* Add this file
+
* Create '''/srv/wiki''', '''/srv/wiki/build''', and '''/srv/wiki/build/extensions''' directories.
  
=== docker-compose.yml ===
+
===Internet===
 +
* Create '''/srv/wiki''', '''/srv/wiki/build''', '''/srv/wiki/build/extensions''', and '''/srv/nginx-proxy''' directories.
  
  version: '3'
+
=Installation=
  services:
+
Choose the type of installation that matches the one used in the preparation section above.
    web:
 
      image: mediawiki
 
      build: build/.
 
      container_name: wiki
 
      depends_on:
 
        - database
 
          ## parsoid is bundled as part of 1.35+, only uncomment if using an older version
 
          #- parsoid
 
      restart: always
 
      ports:
 
        - 8080:80
 
      links:
 
        - database
 
      volumes:
 
        - /srv/wiki/html/images:/var/www/html/images
 
        ## TODO: remove the # below AFTER you have downloaded the LocalSettings.php file
 
        #- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php
 
    database:
 
      image: mariadb
 
      container_name: db
 
      restart: always
 
      environment:
 
        MYSQL_DATABASE: mediawiki
 
        ## TODO: Change the password below
 
        MYSQL_USER: wikiuser
 
        ## TODO: Change the password below
 
        MYSQL_PASSWORD: wiki
 
        MYSQL_ROOT_PASSWORD: changeme
 
      volumes:
 
        - /srv/wiki/db:/var/lib/mysql
 
     
 
      ## parsoid is bundled as part of 1.35+, only uncomment if using an older version
 
      #parsoid:
 
      #  image: thenets/parsoid:0.10
 
      #  container_name: parsoid
 
      #  restart: always
 
      #  environment:
 
      #  - PARSOID_NUM_WORKERS=0
 
      #    - PARSOID_DOMAIN_wiki=http://web/api.php
 
      #  networks:
 
      #    - default
 
  
== nginx-proxy ==
+
==Intranet - no proxy==
Use this if your site is on the Internet
+
Use this if on an Intranet with no Internet access.  If this becomes a heavily used site then consider putting this behind a proxy.
  
* Create '''/srv/nginx-proxy'''
+
===MediaWiki===
* Add this file
+
Copy the following to '''/srv/wiki/docker-compose.yml'''
 +
<syntaxhighlight lang="yaml">
 +
version: '3'
 +
services:
 +
  web:
 +
    image: mediawiki
 +
    build: build/.
 +
    container_name: wiki
 +
    depends_on:
 +
      - database
 +
      ## parsoid is bundled as part of 1.35+, only uncomment if using an older version
 +
      #- parsoid
 +
    restart: always
 +
    ports:
 +
      - 80:80
 +
    links:
 +
      - database
 +
    volumes:
 +
      - /srv/wiki/html/images:/var/www/html/images
 +
      ## TODO: remove the # below AFTER you have downloaded the LocalSettings.php file
 +
      #- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php
 +
  database:
 +
    image: mariadb
 +
    container_name: db
 +
    restart: always
 +
    environment:
 +
      MYSQL_DATABASE: mediawiki
 +
      ## TODO: Change the password below
 +
      MYSQL_USER: wikiuser
 +
      ## TODO: Change the password below
 +
      MYSQL_PASSWORD: wiki
 +
      MYSQL_ROOT_PASSWORD: changeme
 +
    volumes:
 +
      - /srv/wiki/db:/var/lib/mysql
 +
 
 +
  ## parsoid is bundled as part of 1.35+, only uncomment if using an older version
 +
  #parsoid:
 +
  #  image: thenets/parsoid:0.10
 +
  #  container_name: parsoid
 +
  #  restart: always
 +
  #  environment:
 +
  #  - PARSOID_NUM_WORKERS=0
 +
  #    - PARSOID_DOMAIN_wiki=http://web/api.php
 +
</syntaxhighlight>
  
=== docker-compose.yml ===
+
==Internet==
docker-compose.yml
+
For an Internet setup you will use NGINX-Proxy with Let's Encrypt for SSL certificates.
  
    version: '2'
+
===NGINX-Proxy===
    services:
+
*Copy the following to '''/srv/nginx-proxy/docker-compose.yml'''
      nginx-proxy:
+
<syntaxhighlight lang="yaml">
        image: jwilder/nginx-proxy
+
version: '2'
        container_name: nginx-proxy
+
services:
        environment:
+
  nginx-proxy:
          - "HTTPS_METHOD=noredirect"
+
    image: jwilder/nginx-proxy
        labels:
+
    container_name: nginx-proxy
          - "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy"
+
    environment:
        ports:
+
      - "HTTPS_METHOD=noredirect"
          - "80:80"
+
    labels:
          - "443:443"
+
      - "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy"
        restart: always
+
    ports:
        volumes:
+
      - "80:80"
          - "./data/etc/certs:/etc/nginx/certs"
+
      - "443:443"
          - "./data/etc/nginx/vhost.d:/etc/nginx/vhost.d"
+
    restart: always
          - "./data/etc/nginx/htpasswd:/etc/nginx/htpasswd"
+
    volumes:
          - "./data/etc/nginx/html:/usr/share/nginx/html"
+
      - "./data/etc/certs:/etc/nginx/certs"
          - "/var/run/docker.sock:/tmp/docker.sock:ro"
+
      - "./data/etc/nginx/vhost.d:/etc/nginx/vhost.d"
   
+
      - "./data/etc/nginx/htpasswd:/etc/nginx/htpasswd"
      letsencrypt:
+
      - "./data/etc/nginx/html:/usr/share/nginx/html"
        image: jrcs/letsencrypt-nginx-proxy-companion
+
      - "./data/etc/nginx/conf.d:/etc/nginx/conf.d"
        environment:
+
      - "/var/run/docker.sock:/tmp/docker.sock:ro"
        ### ToDo: Change to your e-mail address
+
 
        #      - DEFAULT_EMAIL=admin@demo.io
+
  letsencrypt:
          - NGINX_PROXY_CONTAINER=nginx-proxy
+
    image: jrcs/letsencrypt-nginx-proxy-companion
        volumes_from:
+
    environment:
          - nginx-proxy
+
    ### ToDo: Change to your e-mail address
        volumes:
+
    #      - DEFAULT_EMAIL=admin@demo.io
          - /var/run/docker.sock:/var/run/docker.sock:ro
+
      - NGINX_PROXY_CONTAINER=nginx-proxy
          - ./data/etc/certs:/etc/nginx/certs:rw
+
    volumes_from:
        restart: always
+
      - nginx-proxy
   
+
    volumes:
    networks:
+
      - /var/run/docker.sock:/var/run/docker.sock:ro
      default:
+
      - ./data/etc/certs:/etc/nginx/certs:rw
        external:
+
    restart: always
          name: nginx-proxy
+
 
 +
networks:
 +
  default:
 +
    external:
 +
      name: nginx-proxy
 +
</syntaxhighlight>
 +
 
 +
*Copy the following to '''/srv/nginx-proxy/data/etc/nginx/conf.d/proxy-settings.conf'''
 +
<syntaxhighlight lang="text">
 +
proxy_connect_timeout      300;
 +
proxy_send_timeout          300;
 +
proxy_read_timeout          30m;
 +
send_timeout                300;
 +
</syntaxhighlight>
 +
 
 +
Note: Add the following line to the file above for large file upload issues:
 +
<syntaxhighlight lang="text">
 +
client_max_body_size        5000m;
 +
</syntaxhighlight>
 +
You will need to adjust the size to a value suitable for your environment.
  
== MediaWiki ==
+
====Create docker network====
* Create /srv/wiki, /srv/wiki/build, /srv/wiki/build/extensions
+
You will need to create an additional docker network for NGINX-Proxy and MediaWiki to talk on:
* Add the following files
+
* Run '''''docker network create nginx-proxy'''''
  
=== docker-compose.yml ===
+
===MediaWiki===
 
Copy the following to '''/srv/wiki/docker-compose.yml'''
 
Copy the following to '''/srv/wiki/docker-compose.yml'''
 +
<syntaxhighlight lang="yaml">
 +
version: '3'
 +
services:
 +
  web:
 +
    image: mediawiki
 +
    build: build/.
 +
    container_name: wiki
 +
    depends_on:
 +
      - database
 +
    ## parsoid is bundled as part of 1.35+, only uncomment if using an older version
 +
    #  - parsoid
 +
    restart: always
 +
    environment:
 +
      ## TODO: CHANGE VIRTUAL_HOST, LETSENCRYPT_HOST, and LETSENCRYPT_EMAIL TO YOUR OWN
 +
      - VIRTUAL_HOST=wiki.example.com
 +
      - HTTPS_METHOD=nohttp
 +
      - LETSENCRYPT_HOST=wiki.example.com
 +
      - LETSENCRYPT_EMAIL=nobody@example.com
 +
    links:
 +
      - database
 +
    volumes:
 +
      - /srv/wiki/html/images:/var/www/html/images
 +
      ## TODO: remove the # below AFTER you have downloaded the LocalSettings.php file
 +
      #- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php
 +
    networks:
 +
      - default
 +
      - nginx-proxy
 +
 
 +
  database:
 +
    image: mariadb
 +
    container_name: db
 +
    restart: always
 +
    environment:
 +
      MYSQL_DATABASE: mediawiki
 +
      MYSQL_USER: wikiuser
 +
      ## TODO: Change the password below
 +
      MYSQL_PASSWORD: wiki
 +
      ## TODO: Change the password below
 +
      MYSQL_ROOT_PASSWORD: changeme
 +
    volumes:
 +
      - /srv/wiki/db:/var/lib/mysql
 +
    networks:
 +
      - default
 +
  ## parsoid is bundled as part of 1.35+, only uncomment if using an older version
 +
  #parsoid:
 +
  #  image: thenets/parsoid:0.10
 +
  #  container_name: parsoid
 +
  #  restart: always
 +
  #  environment:
 +
  #    - PARSOID_NUM_WORKERS=0
 +
  #    - PARSOID_DOMAIN_wiki=http://web/api.php
 +
  #  networks:
 +
  #    - default
 +
   
 +
networks:
 +
  nginx-proxy:
 +
    external:
 +
      name: nginx-proxy
 +
</syntaxhighlight>
  
    version: '3'
+
=Mediawiki Docker Image=
    services:
+
Here you will find instructions on how to build your own custom MediaWiki docker image.
      web:
 
        image: mediawiki
 
        build: build/.
 
        container_name: wiki
 
        depends_on:
 
          - database
 
          - parsoid
 
        restart: always
 
        environment:
 
          ## TODO: CHANGE VIRTUAL_HOST, LETSENCRYPT_HOST, and LETSENCRYPT_EMAIL TO YOUR OWN
 
          - VIRTUAL_HOST=wiki.example.com
 
          - HTTPS_METHOD=nohttp
 
          - LETSENCRYPT_HOST=wiki.example.com
 
          - LETSENCRYPT_EMAIL=nobody@example.com
 
        links:
 
          - database
 
        volumes:
 
          - /srv/wiki/html/images:/var/www/html/images
 
          ## TODO: remove the # below AFTER you have downloaded the LocalSettings.php file
 
          #- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php
 
        networks:
 
          - default
 
          - nginx-proxy
 
   
 
      database:
 
        image: mariadb
 
        container_name: db
 
        restart: always
 
        environment:
 
          MYSQL_DATABASE: mediawiki
 
          MYSQL_USER: wikiuser
 
          ## TODO: Change the password below
 
          MYSQL_PASSWORD: wiki
 
          ## TODO: Change the password below
 
          MYSQL_ROOT_PASSWORD: changeme
 
        volumes:
 
          - /srv/wiki/db:/var/lib/mysql
 
        networks:
 
          - default
 
   
 
      parsoid:
 
        image: thenets/parsoid:0.10
 
        container_name: parsoid
 
        restart: always
 
        environment:
 
    #      - PARSOID_NUM_WORKERS=0
 
          - PARSOID_DOMAIN_wiki=http://web/api.php
 
        networks:
 
          - default
 
   
 
    networks:
 
      nginx-proxy:
 
        external:
 
          name: nginx-proxy
 
  
=== Dockerfile ===
+
===Dockerfile===
 
There are two ways to create the Dockerfile for MediaWiki.   
 
There are two ways to create the Dockerfile for MediaWiki.   
  
Line 187: Line 215:
  
 
Note: You can change the version of the MediaWiki docker image used by changing the FROM line.
 
Note: You can change the version of the MediaWiki docker image used by changing the FROM line.
 
+
<syntaxhighlight lang="dockerfile">
    FROM mediawiki:1.35.3
+
FROM mediawiki:1.35.3
    COPY ./extensions /var/www/html/extensions
+
COPY ./extensions /var/www/html/extensions
 +
</syntaxhighlight>
  
 
==== Advanced ====
 
==== Advanced ====
 
Note: You can change the version installed by changing:
 
Note: You can change the version installed by changing:
* ENV MEDIAWIKI_MAJOR_VERSION 1.36
+
* '''ENV MEDIAWIKI_MAJOR_VERSION 1.36'''
* ENV MEDIAWIKI_VERSION 1.36.1
+
* '''ENV MEDIAWIKI_VERSION 1.36.1'''
* ENV MW_VERSION REL1_35
+
* '''ENV MW_VERSION REL1_36'''
  
To change to version 1.35 (LTS until 2023) you can substitute 1.35, 1.35.3,and REL1_35 for the values above.
+
To change to version 1.35 (LTS until 2023) you can substitute 1.35, 1.35.3, and REL1_35 for the values above.
  
 
Copy the following to '''/srv/wiki/build/Dockerfile'''
 
Copy the following to '''/srv/wiki/build/Dockerfile'''
 +
<syntaxhighlight lang="dockerfile">
 +
FROM php:7.4-apache
 +
 +
COPY --from=composer /usr/bin/composer /usr/bin/composer
 +
 +
# System dependencies
 +
RUN set -eux; \
 +
\
 +
apt-get update; \
 +
apt-get install -y --no-install-recommends \
 +
git \
 +
librsvg2-bin \
 +
imagemagick \
 +
# Required for SyntaxHighlighting
 +
python3 \
 +
; \
 +
rm -rf /var/lib/apt/lists/*
 +
 +
# Install the PHP extensions we need
 +
RUN set -eux; \
 +
\
 +
savedAptMark="$(apt-mark showmanual)"; \
 +
\
 +
apt-get update; \
 +
apt-get install -y --no-install-recommends \
 +
libicu-dev \
 +
libonig-dev \
 +
; \
 +
\
 +
docker-php-ext-install -j "$(nproc)" \
 +
intl \
 +
mbstring \
 +
mysqli \
 +
opcache \
 +
; \
 +
\
 +
pecl install APCu-5.1.20; \
 +
docker-php-ext-enable \
 +
apcu \
 +
; \
 +
rm -r /tmp/pear; \
 +
\
 +
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
 +
apt-mark auto '.*' > /dev/null; \
 +
apt-mark manual $savedAptMark; \
 +
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \
 +
| awk '/=>/ { print $3 }' \
 +
| sort -u \
 +
| xargs -r dpkg-query -S \
 +
| cut -d: -f1 \
 +
| sort -u \
 +
| xargs -rt apt-mark manual; \
 +
\
 +
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
 +
rm -rf /var/lib/apt/lists/*
 +
 +
# Enable Short URLs
 +
RUN set -eux; \
 +
a2enmod rewrite; \
 +
{ \
 +
echo "<Directory /var/www/html>"; \
 +
echo "  RewriteEngine On"; \
 +
echo "  RewriteCond %{REQUEST_FILENAME} !-f"; \
 +
echo "  RewriteCond %{REQUEST_FILENAME} !-d"; \
 +
echo "  RewriteRule ^ %{DOCUMENT_ROOT}/index.php [L]"; \
 +
echo "</Directory>"; \
 +
} > "$APACHE_CONFDIR/conf-available/short-url.conf"; \
 +
a2enconf short-url
 +
 +
# Enable AllowEncodedSlashes for VisualEditor
 +
RUN sed -i "s/<\/VirtualHost>/\tAllowEncodedSlashes NoDecode\n<\/VirtualHost>/" "$APACHE_CONFDIR/sites-available/000-default.conf"
 +
 +
# set recommended PHP.ini settings
 +
# see https://secure.php.net/manual/en/opcache.installation.php
 +
RUN { \
 +
echo 'opcache.memory_consumption=128'; \
 +
echo 'opcache.interned_strings_buffer=8'; \
 +
echo 'opcache.max_accelerated_files=4000'; \
 +
echo 'opcache.revalidate_freq=60'; \
 +
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
 +
 +
# SQLite Directory Setup
 +
RUN set -eux; \
 +
mkdir -p /var/www/data; \
 +
chown -R www-data:www-data /var/www/data
 +
 +
# Version
 +
ENV MEDIAWIKI_MAJOR_VERSION 1.35
 +
ENV MEDIAWIKI_VERSION 1.35.3
 +
ENV MW_VERSION=REL1_35
 +
 +
# Home folder location
 +
ENV MW_HOME=/var/www/html
 +
 +
 +
# MediaWiki setup
 +
RUN set -eux; \
 +
fetchDeps=" \
 +
gnupg \
 +
dirmngr \
 +
"; \
 +
apt-get update; \
 +
apt-get install -y --no-install-recommends $fetchDeps; \
 +
\
 +
curl -fSL "https://releases.wikimedia.org/mediawiki/${MEDIAWIKI_MAJOR_VERSION}/mediawiki-${MEDIAWIKI_VERSION}.tar.gz" -o mediawiki.tar.gz; \
 +
curl -fSL "https://releases.wikimedia.org/mediawiki/${MEDIAWIKI_MAJOR_VERSION}/mediawiki-${MEDIAWIKI_VERSION}.tar.gz.sig" -o mediawiki.tar.gz.sig; \
 +
export GNUPGHOME="$(mktemp -d)"; \
 +
# gpg key from https://www.mediawiki.org/keys/keys.txt
 +
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys \
 +
D7D6767D135A514BEB86E9BA75682B08E8A3FEC4 \
 +
441276E9CCD15F44F6D97D18C119E1A64D70938E \
 +
F7F780D82EBFB8A56556E7EE82403E59F9F8CD79 \
 +
1D98867E82982C8FE0ABC25F9B69B3109D3BB7B0 \
 +
; \
 +
gpg --batch --verify mediawiki.tar.gz.sig mediawiki.tar.gz; \
 +
tar -x --strip-components=1 -f mediawiki.tar.gz; \
 +
gpgconf --kill all; \
 +
rm -r "$GNUPGHOME" mediawiki.tar.gz.sig mediawiki.tar.gz; \
 +
chown -R www-data:www-data extensions skins cache images; \
 +
  \
 +
  apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps; \
 +
  rm -rf /var/lib/apt/lists/*
 +
 +
RUN set -eux; \
 +
        apt update; \
 +
        apt install -y --no-install-recommends \
 +
            unzip
 +
 +
##### Commonly used extensions
 +
RUN set -x; \
 +
    cd $MW_HOME/extensions \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Echo \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Thanks \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CheckUser
 +
 +
# Flow extension
 +
RUN set -x; \
 +
    cd $MW_HOME/extensions \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Flow \
 +
    && cd Flow \
 +
    && composer install --no-dev \
 +
    && cd ..
 +
 +
### MediaWiki Language Extension Bundle
 +
# Translate
 +
RUN set -x; \
 +
    cd $MW_HOME/extensions \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Babel \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/cldr \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CleanChanges \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/UniversalLanguageSelector
 +
 +
##### ElasticSearch extensions
 +
RUN set -x; \
 +
    cd $MW_HOME/extensions \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CirrusSearch \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Elastica \
 +
    && cd Elastica \
 +
    && composer install --no-dev \
 +
    && cd ..
 +
 +
##### MobileFrontend extension
 +
RUN set -x; \
 +
    cd $MW_HOME/extensions \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/MobileFrontend
 +
 +
##### ElectronPdfService extension
 +
RUN set -x; \
 +
    cd $MW_HOME/extensions \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/ElectronPdfService
 +
 +
##### ConfirmAccount, UploadWizard
 +
RUN set -x; \
 +
    cd $MW_HOME/extensions \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/ConfirmAccount \
 +
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/UploadWizard
 +
 +
 +
#### Add AutoSitemap extension ** disable if wiki is not reacahble from Internet!
 +
RUN set -x; \
 +
    cd $MW_HOME/extensions \
 +
    && git clone --depth 1 https://github.com/dolfinus/AutoSitemap.git
 +
 +
# Copy any other extenions from the ./build/extensions folder
 +
COPY ./extensions $MW_HOME/extensions
  
    FROM php:7.4-apache
+
CMD ["apache2-foreground"]
   
+
</syntaxhighlight>
    COPY --from=composer /usr/bin/composer /usr/bin/composer
 
   
 
    # System dependencies
 
    RUN set -eux; \
 
    \
 
    apt-get update; \
 
    apt-get install -y --no-install-recommends \
 
    git \
 
    librsvg2-bin \
 
    imagemagick \
 
    # Required for SyntaxHighlighting
 
    python3 \
 
    ; \
 
    rm -rf /var/lib/apt/lists/*
 
   
 
    # Install the PHP extensions we need
 
    RUN set -eux; \
 
    \
 
    savedAptMark="$(apt-mark showmanual)"; \
 
    \
 
    apt-get update; \
 
    apt-get install -y --no-install-recommends \
 
    libicu-dev \
 
    libonig-dev \
 
    ; \
 
    \
 
    docker-php-ext-install -j "$(nproc)" \
 
    intl \
 
    mbstring \
 
    mysqli \
 
    opcache \
 
    ; \
 
    \
 
    pecl install APCu-5.1.20; \
 
    docker-php-ext-enable \
 
    apcu \
 
    ; \
 
    rm -r /tmp/pear; \
 
    \
 
    # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
 
    apt-mark auto '.*' > /dev/null; \
 
    apt-mark manual $savedAptMark; \
 
    ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \
 
    | awk '/=>/ { print $3 }' \
 
    | sort -u \
 
    | xargs -r dpkg-query -S \
 
    | cut -d: -f1 \
 
    | sort -u \
 
    | xargs -rt apt-mark manual; \
 
    \
 
    apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
 
    rm -rf /var/lib/apt/lists/*
 
   
 
    # Enable Short URLs
 
    RUN set -eux; \
 
    a2enmod rewrite; \
 
    { \
 
    echo "<Directory /var/www/html>"; \
 
    echo "  RewriteEngine On"; \
 
    echo "  RewriteCond %{REQUEST_FILENAME} !-f"; \
 
    echo " RewriteCond %{REQUEST_FILENAME} !-d"; \
 
    echo "  RewriteRule ^ %{DOCUMENT_ROOT}/index.php [L]"; \
 
    echo "</Directory>"; \
 
    } > "$APACHE_CONFDIR/conf-available/short-url.conf"; \
 
    a2enconf short-url
 
   
 
    # Enable AllowEncodedSlashes for VisualEditor
 
    RUN sed -i "s/<\/VirtualHost>/\tAllowEncodedSlashes NoDecode\n<\/VirtualHost>/" "$APACHE_CONFDIR/sites-available/000-default.conf"
 
   
 
    # set recommended PHP.ini settings
 
    # see https://secure.php.net/manual/en/opcache.installation.php
 
    RUN { \
 
    echo 'opcache.memory_consumption=128'; \
 
    echo 'opcache.interned_strings_buffer=8'; \
 
    echo 'opcache.max_accelerated_files=4000'; \
 
    echo 'opcache.revalidate_freq=60'; \
 
    } > /usr/local/etc/php/conf.d/opcache-recommended.ini
 
   
 
    # SQLite Directory Setup
 
    RUN set -eux; \
 
    mkdir -p /var/www/data; \
 
    chown -R www-data:www-data /var/www/data
 
   
 
    # Version
 
    ENV MEDIAWIKI_MAJOR_VERSION 1.35
 
    ENV MEDIAWIKI_VERSION 1.35.3
 
    ENV MW_VERSION=REL1_35
 
   
 
    # Home folder location
 
    ENV MW_HOME=/var/www/html
 
   
 
   
 
    # MediaWiki setup
 
    RUN set -eux; \
 
    fetchDeps=" \
 
    gnupg \
 
    dirmngr \
 
    "; \
 
    apt-get update; \
 
    apt-get install -y --no-install-recommends $fetchDeps; \
 
    \
 
    curl -fSL "https://releases.wikimedia.org/mediawiki/${MEDIAWIKI_MAJOR_VERSION}/mediawiki-${MEDIAWIKI_VERSION}.tar.gz" -o mediawiki.tar.gz; \
 
    curl -fSL "https://releases.wikimedia.org/mediawiki/${MEDIAWIKI_MAJOR_VERSION}/mediawiki-${MEDIAWIKI_VERSION}.tar.gz.sig" -o mediawiki.tar.gz.sig; \
 
    export GNUPGHOME="$(mktemp -d)"; \
 
    # gpg key from https://www.mediawiki.org/keys/keys.txt
 
    gpg --batch --keyserver keyserver.ubuntu.com --recv-keys \
 
    D7D6767D135A514BEB86E9BA75682B08E8A3FEC4 \
 
    441276E9CCD15F44F6D97D18C119E1A64D70938E \
 
    F7F780D82EBFB8A56556E7EE82403E59F9F8CD79 \
 
    1D98867E82982C8FE0ABC25F9B69B3109D3BB7B0 \
 
    ; \
 
    gpg --batch --verify mediawiki.tar.gz.sig mediawiki.tar.gz; \
 
    tar -x --strip-components=1 -f mediawiki.tar.gz; \
 
    gpgconf --kill all; \
 
    rm -r "$GNUPGHOME" mediawiki.tar.gz.sig mediawiki.tar.gz; \
 
    chown -R www-data:www-data extensions skins cache images; \
 
      \
 
      apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps; \
 
      rm -rf /var/lib/apt/lists/*
 
   
 
    RUN set -eux; \
 
            apt update; \
 
            apt install -y --no-install-recommends \
 
                unzip
 
   
 
    ##### Commonly used extensions
 
    RUN set -x; \
 
        cd $MW_HOME/extensions \
 
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Echo \
 
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Thanks \
 
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CheckUser
 
   
 
    # Flow extension
 
    RUN set -x; \
 
        cd $MW_HOME/extensions \
 
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Flow \
 
        && cd Flow \
 
        && composer install --no-dev \
 
        && cd ..
 
   
 
    ### MediaWiki Language Extension Bundle
 
    # Translate
 
    RUN set -x; \
 
        cd $MW_HOME/extensions \
 
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Babel \
 
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/cldr \
 
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CleanChanges \
 
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/UniversalLanguageSelector
 
   
 
    ##### ElasticSearch extensions
 
    RUN set -x; \
 
        cd $MW_HOME/extensions \
 
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CirrusSearch \
 
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Elastica \
 
        && cd Elastica \
 
        && composer install --no-dev \
 
        && cd ..
 
   
 
    ##### MobileFrontend extension
 
    RUN set -x; \
 
        cd $MW_HOME/extensions \
 
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/MobileFrontend
 
   
 
    ##### ElectronPdfService extension
 
    RUN set -x; \
 
        cd $MW_HOME/extensions \
 
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/ElectronPdfService
 
   
 
    ##### ConfirmAccount, UploadWizard
 
    RUN set -x; \
 
        cd $MW_HOME/extensions \
 
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/ConfirmAccount \
 
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/UploadWizard
 
   
 
   
 
    #### Add AutoSitemap extension ** disable if wiki is not reacahble from Internet!
 
    RUN set -x; \
 
        cd $MW_HOME/extensions \
 
        && git clone --depth 1 https://github.com/dolfinus/AutoSitemap.git
 
   
 
    # Copy any other extenions from the ./build/extensions folder
 
    COPY ./extensions $MW_HOME/extensions
 
   
 
    CMD ["apache2-foreground"]
 
  
=== First start ===
+
=Running=
* Update the /srv/wiki/docker-compose.yml file with the host, email and database password
+
==First start==
 +
* Update the /srv/wiki/docker-compose.yml file with the hostname (or FQDN for Internet), your email, and database passwords.
 
* Run '''''docker-compose up -d''''' to start  
 
* Run '''''docker-compose up -d''''' to start  
* Login to wiki to complete setup (use https://<fqdn> specified in the files above)
+
* Login to wiki to complete setup (use http://<hostname/IP> for Intranet or https://<FQDN> for Internet)
 +
 
 +
===Database connection details===
 +
* When prompted for the database enter '''db://localhost'''
  
=== Database connection details ===
+
''Note: When prompted have MediaWiki use the same user account (root) for the database that was used for setup.  Attempting to use a different user will result in an error and failure.  This is due to the MediaWiki setup script attempting to use the database connection string as the hostname for the user (<username>@<connection string>) when granting user access to the database.''
When prompted for the database enter '''db://localhost'''
 
  
=== LocalSettings File ===
+
==LocalSettings File==
 
* Download when prompted
 
* Download when prompted
* Stop the wiki with '''''docker-compose down'''''
 
 
* Copy LocalSettings.php to the /srv/wiki directory
 
* Copy LocalSettings.php to the /srv/wiki directory
 +
 +
==Finalize setup==
 
* Uncomment the '''#- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php''' line in the '''/srv/wiki/docker-compose.yml''' file
 
* Uncomment the '''#- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php''' line in the '''/srv/wiki/docker-compose.yml''' file
 
* chmod 755 the LocalSettings.php file
 
* chmod 755 the LocalSettings.php file
 
* Run '''''docker-compose up -d'''''
 
* Run '''''docker-compose up -d'''''
* Wait a minute then navigate to your wiki with https://<fqdn>
+
* Wait a minute then navigate to your wiki with https://<hostname/IP> for Intranet or https://<FQDN> for Internet.
 +
 
 +
===Private IPs===
 +
Mediawiki will only use the IP presented by the NGINX Proxy server (which will not be the client's real IP).  To have Mediawiki trust the X-Forwarded-For (and record them), add the following to the LocalSettings.php file:
 +
<syntaxhighlight lang="php">
 +
# Use X-ForwardedFor instead for Real IP
 +
$wgUseCdn = true;
 +
$wgCdnServersNoPurge = [];
 +
$wgCdnServersNoPurge[] = "172.18.0.0/24";
 +
</syntaxhighlight>
 +
Change the '''172.18.0.0/24''' to the subnet your container is using for talking to the NGINX Proxy.
 +
 
 +
Reference: https://www.mediawiki.org/wiki/Manual:$wgUsePrivateIPs
  
== Misc ==
+
=Misc=
=== Preventing access ===
+
==Preventing access==
 
Note:  You can also choose an access level at initial installation.
 
Note:  You can also choose an access level at initial installation.
  
 
https://www.mediawiki.org/wiki/Manual:Preventing_access#Simple_private_wiki
 
https://www.mediawiki.org/wiki/Manual:Preventing_access#Simple_private_wiki
=== Upgrading ===
+
==Upgrading==
 
IMPORTANT:  Read https://www.mediawiki.org/wiki/Manual:Upgrading first for information about upgrading.
 
IMPORTANT:  Read https://www.mediawiki.org/wiki/Manual:Upgrading first for information about upgrading.
  
Line 422: Line 468:
 
# Run '''''cd maintenance'''''
 
# Run '''''cd maintenance'''''
 
# Run '''''php update.php'''''
 
# Run '''''php update.php'''''
 +
 +
==File uploads==
 +
 +
===Allow .pdf files to be uploaded===
 +
 +
See https://www.mediawiki.org/wiki/Manual:Configuring_file_uploads#Configuring_file_types
 +
 +
Add this to your '''LocalSettings.php''' file:
 +
<syntaxhighlight lang="php>
 +
$wgFileExtensions = array( 'png', 'gif', 'jpg', 'jpeg', 'doc',
 +
    'xls', 'mpp', 'pdf', 'ppt', 'tiff', 'bmp', 'docx', 'xlsx',
 +
    'pptx', 'ps', 'odt', 'ods', 'odp', 'odg'
 +
);
 +
</syntaxhighlight>
 +
 +
===Increase file upload size===
 +
 +
See https://www.mediawiki.org/wiki/Manual:Configuring_file_uploads#Set_maximum_size_for_file_uploads
 +
 +
* Add this to your '''LocalSettings.php''' file to allow uploading of 2G files:
 +
<syntaxhighlight lang="php>
 +
$wgUploadSizeWarning = 2147483647;
 +
$wgMaxUploadSize = 2147483647;
 +
</syntaxhighlight>
 +
* Then create '''/srv/wiki/uploads.ini''' with the following:
 +
<syntaxhighlight lang="php>
 +
upload_max_filesize = 2048M
 +
post_max_size = 2048M
 +
max_execution_time = 7200
 +
max_file_uploads = 1000
 +
</syntaxhighlight>
 +
* Add the following line to the '''/srv/wiki/docker-compose.yml''' file under volumes
 +
 +
  - /srv/wiki/uploads.ini:/usr/local/etc/php/conf.d/uploads.ini:ro

Latest revision as of 06:52, 24 January 2022

Notes and configuration files for setting up MediaWiki in a dockerized environment.

This guide is comprised of two methods for building a dockerized MediaWiki site:

  • From the official MediaWiki docker image - easiest for beginners and those who just want to stand up a site (simple)
  • From scratch - allows you to tweak the image more from the start and can be more complicated (advanced)

Regardless of the method used, this guide will also include any extensions you have in the build/extensions folder.

Preparation

There are two setups available:

  • One for Intranet use that doesn't use a proxy or SSL.
  • One for Internet use that uses NGINX as a proxy and Let's Encrypt for SSL.

Intranet - no proxy

  • Create /srv/wiki, /srv/wiki/build, and /srv/wiki/build/extensions directories.

Internet

  • Create /srv/wiki, /srv/wiki/build, /srv/wiki/build/extensions, and /srv/nginx-proxy directories.

Installation

Choose the type of installation that matches the one used in the preparation section above.

Intranet - no proxy

Use this if on an Intranet with no Internet access. If this becomes a heavily used site then consider putting this behind a proxy.

MediaWiki

Copy the following to /srv/wiki/docker-compose.yml 

version: '3'
services:
  web:
    image: mediawiki
    build: build/.
    container_name: wiki
    depends_on: 
      - database
       ## parsoid is bundled as part of 1.35+, only uncomment if using an older version
       #- parsoid
    restart: always
    ports:
      - 80:80
    links:
      - database
    volumes:
      - /srv/wiki/html/images:/var/www/html/images
      ## TODO: remove the # below AFTER you have downloaded the LocalSettings.php file
      #- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php
  database:
    image: mariadb
    container_name: db
    restart: always
    environment:
      MYSQL_DATABASE: mediawiki
      ## TODO: Change the password below
      MYSQL_USER: wikiuser
      ## TODO: Change the password below
      MYSQL_PASSWORD: wiki
      MYSQL_ROOT_PASSWORD: changeme
    volumes:
      - /srv/wiki/db:/var/lib/mysql
   
  ## parsoid is bundled as part of 1.35+, only uncomment if using an older version
  #parsoid:
  #  image: thenets/parsoid:0.10
  #  container_name: parsoid
  #  restart: always
  #  environment:
  #   - PARSOID_NUM_WORKERS=0
  #    - PARSOID_DOMAIN_wiki=http://web/api.php

Internet

For an Internet setup you will use NGINX-Proxy with Let's Encrypt for SSL certificates.

NGINX-Proxy

  • Copy the following to /srv/nginx-proxy/docker-compose.yml
version: '2'
services:
  nginx-proxy:
    image: jwilder/nginx-proxy
    container_name: nginx-proxy
    environment:
      - "HTTPS_METHOD=noredirect"
    labels:
      - "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy"
    ports:
      - "80:80"
      - "443:443"
    restart: always
    volumes:
      - "./data/etc/certs:/etc/nginx/certs"
      - "./data/etc/nginx/vhost.d:/etc/nginx/vhost.d"
      - "./data/etc/nginx/htpasswd:/etc/nginx/htpasswd"
      - "./data/etc/nginx/html:/usr/share/nginx/html"
      - "./data/etc/nginx/conf.d:/etc/nginx/conf.d"
      - "/var/run/docker.sock:/tmp/docker.sock:ro"

  letsencrypt:
    image: jrcs/letsencrypt-nginx-proxy-companion
    environment:
    ### ToDo: Change to your e-mail address
    #      - DEFAULT_EMAIL=admin@demo.io
      - NGINX_PROXY_CONTAINER=nginx-proxy
    volumes_from:
      - nginx-proxy
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./data/etc/certs:/etc/nginx/certs:rw
    restart: always

networks:
  default:
    external:
      name: nginx-proxy
  • Copy the following to /srv/nginx-proxy/data/etc/nginx/conf.d/proxy-settings.conf
proxy_connect_timeout       300;
proxy_send_timeout          300;
proxy_read_timeout          30m;
send_timeout                300;

Note: Add the following line to the file above for large file upload issues: 

client_max_body_size        5000m;

You will need to adjust the size to a value suitable for your environment.

Create docker network

You will need to create an additional docker network for NGINX-Proxy and MediaWiki to talk on:

  • Run docker network create nginx-proxy

MediaWiki

Copy the following to /srv/wiki/docker-compose.yml 

version: '3'
services:
  web:
    image: mediawiki
    build: build/.
    container_name: wiki
    depends_on: 
      - database
    ## parsoid is bundled as part of 1.35+, only uncomment if using an older version
    #  - parsoid
    restart: always
    environment:
      ## TODO: CHANGE VIRTUAL_HOST, LETSENCRYPT_HOST, and LETSENCRYPT_EMAIL TO YOUR OWN
      - VIRTUAL_HOST=wiki.example.com
      - HTTPS_METHOD=nohttp
      - LETSENCRYPT_HOST=wiki.example.com
      - LETSENCRYPT_EMAIL=nobody@example.com
    links:
      - database
    volumes:
      - /srv/wiki/html/images:/var/www/html/images
      ## TODO: remove the # below AFTER you have downloaded the LocalSettings.php file
      #- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php
    networks:
      - default
      - nginx-proxy
  
  database:
    image: mariadb
    container_name: db
    restart: always
    environment:
      MYSQL_DATABASE: mediawiki
      MYSQL_USER: wikiuser
      ## TODO: Change the password below
      MYSQL_PASSWORD: wiki
      ## TODO: Change the password below
      MYSQL_ROOT_PASSWORD: changeme
    volumes:
      - /srv/wiki/db:/var/lib/mysql
    networks:
      - default
  ## parsoid is bundled as part of 1.35+, only uncomment if using an older version
  #parsoid:
  #  image: thenets/parsoid:0.10
  #  container_name: parsoid
  #  restart: always
  #  environment:
  #     - PARSOID_NUM_WORKERS=0
  #    - PARSOID_DOMAIN_wiki=http://web/api.php
  #  networks: 
  #    - default
    
networks:
  nginx-proxy:
    external:
      name: nginx-proxy

Mediawiki Docker Image

Here you will find instructions on how to build your own custom MediaWiki docker image.

Dockerfile

There are two ways to create the Dockerfile for MediaWiki.

  • simple uses the MediaWiki image and adds your extension(s) to it.
  • advanced builds the MediaWiki image from scratch and adds your extension(s) to it.

For most users, the simple version of the Dockerfile will suffice.

Extract all extensions to the /srv/wiki/build/extensions directory.

Simple

Copy the following to /srv/wiki/build/Dockerfile

Note: You can change the version of the MediaWiki docker image used by changing the FROM line. 

FROM mediawiki:1.35.3
COPY ./extensions /var/www/html/extensions

Advanced

Note: You can change the version installed by changing:

  • ENV MEDIAWIKI_MAJOR_VERSION 1.36
  • ENV MEDIAWIKI_VERSION 1.36.1
  • ENV MW_VERSION REL1_36

To change to version 1.35 (LTS until 2023) you can substitute 1.35, 1.35.3, and REL1_35 for the values above.

Copy the following to /srv/wiki/build/Dockerfile 

FROM php:7.4-apache

COPY --from=composer /usr/bin/composer /usr/bin/composer

# System dependencies
RUN set -eux; \
	\
	apt-get update; \
	apt-get install -y --no-install-recommends \
		git \
		librsvg2-bin \
		imagemagick \
		# Required for SyntaxHighlighting
		python3 \
	; \
	rm -rf /var/lib/apt/lists/*

# Install the PHP extensions we need
RUN set -eux; \
	\
	savedAptMark="$(apt-mark showmanual)"; \
	\
	apt-get update; \
	apt-get install -y --no-install-recommends \
		libicu-dev \
		libonig-dev \
	; \
	\
	docker-php-ext-install -j "$(nproc)" \
		intl \
		mbstring \
		mysqli \
		opcache \
	; \
	\
	pecl install APCu-5.1.20; \
	docker-php-ext-enable \
		apcu \
	; \
	rm -r /tmp/pear; \
	\
	# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
	apt-mark auto '.*' > /dev/null; \
	apt-mark manual $savedAptMark; \
	ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \
		| awk '/=>/ { print $3 }' \
		| sort -u \
		| xargs -r dpkg-query -S \
		| cut -d: -f1 \
		| sort -u \
		| xargs -rt apt-mark manual; \
	\
	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
	rm -rf /var/lib/apt/lists/*

# Enable Short URLs
RUN set -eux; \
	a2enmod rewrite; \
	{ \
		echo "<Directory /var/www/html>"; \
		echo "  RewriteEngine On"; \
		echo "  RewriteCond %{REQUEST_FILENAME} !-f"; \
		echo "  RewriteCond %{REQUEST_FILENAME} !-d"; \
		echo "  RewriteRule ^ %{DOCUMENT_ROOT}/index.php [L]"; \
		echo "</Directory>"; \
	} > "$APACHE_CONFDIR/conf-available/short-url.conf"; \
	a2enconf short-url

# Enable AllowEncodedSlashes for VisualEditor
RUN sed -i "s/<\/VirtualHost>/\tAllowEncodedSlashes NoDecode\n<\/VirtualHost>/" "$APACHE_CONFDIR/sites-available/000-default.conf"

# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
RUN { \
		echo 'opcache.memory_consumption=128'; \
		echo 'opcache.interned_strings_buffer=8'; \
		echo 'opcache.max_accelerated_files=4000'; \
		echo 'opcache.revalidate_freq=60'; \
	} > /usr/local/etc/php/conf.d/opcache-recommended.ini

# SQLite Directory Setup
RUN set -eux; \
	mkdir -p /var/www/data; \
	chown -R www-data:www-data /var/www/data

# Version
ENV MEDIAWIKI_MAJOR_VERSION 1.35
ENV MEDIAWIKI_VERSION 1.35.3
ENV MW_VERSION=REL1_35

# Home folder location
ENV MW_HOME=/var/www/html


# MediaWiki setup
RUN set -eux; \
	fetchDeps=" \
		gnupg \
		dirmngr \
	"; \
	apt-get update; \
	apt-get install -y --no-install-recommends $fetchDeps; \
	\
	curl -fSL "https://releases.wikimedia.org/mediawiki/${MEDIAWIKI_MAJOR_VERSION}/mediawiki-${MEDIAWIKI_VERSION}.tar.gz" -o mediawiki.tar.gz; \
	curl -fSL "https://releases.wikimedia.org/mediawiki/${MEDIAWIKI_MAJOR_VERSION}/mediawiki-${MEDIAWIKI_VERSION}.tar.gz.sig" -o mediawiki.tar.gz.sig; \
	export GNUPGHOME="$(mktemp -d)"; \
# gpg key from https://www.mediawiki.org/keys/keys.txt
	gpg --batch --keyserver keyserver.ubuntu.com --recv-keys \
		D7D6767D135A514BEB86E9BA75682B08E8A3FEC4 \
		441276E9CCD15F44F6D97D18C119E1A64D70938E \
		F7F780D82EBFB8A56556E7EE82403E59F9F8CD79 \
		1D98867E82982C8FE0ABC25F9B69B3109D3BB7B0 \
	; \
	gpg --batch --verify mediawiki.tar.gz.sig mediawiki.tar.gz; \
	tar -x --strip-components=1 -f mediawiki.tar.gz; \
	gpgconf --kill all; \
	rm -r "$GNUPGHOME" mediawiki.tar.gz.sig mediawiki.tar.gz; \
	chown -R www-data:www-data extensions skins cache images; \
   	\
   	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps; \
   	rm -rf /var/lib/apt/lists/*

RUN set -eux; \
        apt update; \
        apt install -y --no-install-recommends \
             unzip

##### Commonly used extensions
RUN set -x; \
    cd $MW_HOME/extensions \
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Echo \
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Thanks \
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CheckUser

# Flow extension
RUN set -x; \
    cd $MW_HOME/extensions \
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Flow \
    && cd Flow \
    && composer install --no-dev \
    && cd ..

### MediaWiki Language Extension Bundle
# Translate
RUN set -x; \
    cd $MW_HOME/extensions \
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Babel \
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/cldr \
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CleanChanges \
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/UniversalLanguageSelector

##### ElasticSearch extensions
RUN set -x; \
    cd $MW_HOME/extensions \
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CirrusSearch \
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Elastica \
    && cd Elastica \
    && composer install --no-dev \
    && cd ..

##### MobileFrontend extension
RUN set -x; \
    cd $MW_HOME/extensions \
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/MobileFrontend

##### ElectronPdfService extension
RUN set -x; \
    cd $MW_HOME/extensions \
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/ElectronPdfService

##### ConfirmAccount, UploadWizard
RUN set -x; \
    cd $MW_HOME/extensions \
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/ConfirmAccount \
    && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/UploadWizard


#### Add AutoSitemap extension ** disable if wiki is not reacahble from Internet!
RUN set -x; \
    cd $MW_HOME/extensions \
    && git clone --depth 1 https://github.com/dolfinus/AutoSitemap.git

# Copy any other extenions from the ./build/extensions folder
COPY ./extensions $MW_HOME/extensions

CMD ["apache2-foreground"]

Running

First start

  • Update the /srv/wiki/docker-compose.yml file with the hostname (or FQDN for Internet), your email, and database passwords.
  • Run docker-compose up -d to start
  • Login to wiki to complete setup (use http://<hostname/IP> for Intranet or https://<FQDN> for Internet)

Database connection details

  • When prompted for the database enter db://localhost

Note: When prompted have MediaWiki use the same user account (root) for the database that was used for setup. Attempting to use a different user will result in an error and failure. This is due to the MediaWiki setup script attempting to use the database connection string as the hostname for the user (<username>@<connection string>) when granting user access to the database.

LocalSettings File

  • Download when prompted
  • Copy LocalSettings.php to the /srv/wiki directory

Finalize setup

  • Uncomment the #- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php line in the /srv/wiki/docker-compose.yml file
  • chmod 755 the LocalSettings.php file
  • Run docker-compose up -d
  • Wait a minute then navigate to your wiki with https://<hostname/IP> for Intranet or https://<FQDN> for Internet.

Private IPs

Mediawiki will only use the IP presented by the NGINX Proxy server (which will not be the client's real IP). To have Mediawiki trust the X-Forwarded-For (and record them), add the following to the LocalSettings.php file: 

# Use X-ForwardedFor instead for Real IP
$wgUseCdn = true;
$wgCdnServersNoPurge = [];
$wgCdnServersNoPurge[] = "172.18.0.0/24";

Change the 172.18.0.0/24 to the subnet your container is using for talking to the NGINX Proxy.

Reference: https://www.mediawiki.org/wiki/Manual:$wgUsePrivateIPs

Misc

Preventing access

Note: You can also choose an access level at initial installation.

https://www.mediawiki.org/wiki/Manual:Preventing_access#Simple_private_wiki

Upgrading

IMPORTANT: Read https://www.mediawiki.org/wiki/Manual:Upgrading first for information about upgrading.

  1. Update /srv/wiki/build/Dockerfile. Either update version (simple) or make sure Dockerfile has the required dependencies and update version (advanced).
  2. Run docker-compose build

If step 2 is successful:

  1. Run docker-compose up -d
  2. Run docker-compose exec web bash
  3. Run cd maintenance
  4. Run php update.php

File uploads

Allow .pdf files to be uploaded

See https://www.mediawiki.org/wiki/Manual:Configuring_file_uploads#Configuring_file_types

Add this to your LocalSettings.php file: 

$wgFileExtensions = array( 'png', 'gif', 'jpg', 'jpeg', 'doc',
    'xls', 'mpp', 'pdf', 'ppt', 'tiff', 'bmp', 'docx', 'xlsx',
    'pptx', 'ps', 'odt', 'ods', 'odp', 'odg'
);

Increase file upload size

See https://www.mediawiki.org/wiki/Manual:Configuring_file_uploads#Set_maximum_size_for_file_uploads

  • Add this to your LocalSettings.php file to allow uploading of 2G files:
$wgUploadSizeWarning = 2147483647;
$wgMaxUploadSize = 2147483647;
  • Then create /srv/wiki/uploads.ini with the following:
upload_max_filesize = 2048M
post_max_size = 2048M
max_execution_time = 7200
max_file_uploads = 1000
  • Add the following line to the /srv/wiki/docker-compose.yml file under volumes
  - /srv/wiki/uploads.ini:/usr/local/etc/php/conf.d/uploads.ini:ro
Retrieved from "http://wiki.pttlink.org/index.php?title=Docker_MediaWiki_Server&oldid=10927"