Difference between revisions of "Docker MediaWiki Server"

From "PTTLink Wiki"
Jump to navigation Jump to search
(→‎Advanced: Updated Dockerfile to include more extensions)
Line 140: Line 140:
 
* ENV MEDIAWIKI_MAJOR_VERSION 1.36
 
* ENV MEDIAWIKI_MAJOR_VERSION 1.36
 
* ENV MEDIAWIKI_VERSION 1.36.1
 
* ENV MEDIAWIKI_VERSION 1.36.1
 +
* ENV MW_VERSION REL1_35
  
To change to version 1.35 (LTS until 2023) you can substitite 1.35 and 1.35.3 for the values above.
+
To change to version 1.35 (LTS until 2023) you can substitute 1.35, 1.35.3,and REL1_35 for the values above.
  
 
Copy the following to '''/srv/wiki/build/Dockerfile'''
 
Copy the following to '''/srv/wiki/build/Dockerfile'''
  
 
     FROM php:7.4-apache
 
     FROM php:7.4-apache
 +
   
 +
    COPY --from=composer /usr/bin/composer /usr/bin/composer
 
      
 
      
 
     # System dependencies
 
     # System dependencies
Line 229: Line 232:
 
      
 
      
 
     # Version
 
     # Version
     ENV MEDIAWIKI_MAJOR_VERSION 1.36
+
     ENV MEDIAWIKI_MAJOR_VERSION 1.35
     ENV MEDIAWIKI_VERSION 1.36.1
+
     ENV MEDIAWIKI_VERSION 1.35.3
 +
    ENV MW_VERSION=REL1_35
 +
   
 +
    # Home folder location
 +
    ENV MW_HOME=/var/www/html
 +
   
 
      
 
      
 
     # MediaWiki setup
 
     # MediaWiki setup
Line 256: Line 264:
 
     rm -r "$GNUPGHOME" mediawiki.tar.gz.sig mediawiki.tar.gz; \
 
     rm -r "$GNUPGHOME" mediawiki.tar.gz.sig mediawiki.tar.gz; \
 
     chown -R www-data:www-data extensions skins cache images; \
 
     chown -R www-data:www-data extensions skins cache images; \
    \
+
      \
    apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps; \
+
      apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps; \
    rm -rf /var/lib/apt/lists/*
+
      rm -rf /var/lib/apt/lists/*
 +
   
 +
    RUN set -eux; \
 +
            apt update; \
 +
            apt install -y --no-install-recommends \
 +
                unzip
 +
   
 +
    ##### Commonly used extensions
 +
    RUN set -x; \
 +
        cd $MW_HOME/extensions \
 +
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Echo \
 +
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Thanks \
 +
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CheckUser
 +
   
 +
    # Flow extension
 +
    RUN set -x; \
 +
        cd $MW_HOME/extensions \
 +
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Flow \
 +
        && cd Flow \
 +
        && composer install --no-dev \
 +
        && cd ..
 +
   
 +
    ### MediaWiki Language Extension Bundle
 +
    # Translate
 +
    RUN set -x; \
 +
        cd $MW_HOME/extensions \
 +
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Babel \
 +
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/cldr \
 +
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CleanChanges \
 +
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/UniversalLanguageSelector
 +
   
 +
    ##### ElasticSearch extensions
 +
    RUN set -x; \
 +
        cd $MW_HOME/extensions \
 +
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CirrusSearch \
 +
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Elastica \
 +
        && cd Elastica \
 +
        && composer install --no-dev \
 +
        && cd ..
 +
   
 +
    ##### MobileFrontend extension
 +
    RUN set -x; \
 +
        cd $MW_HOME/extensions \
 +
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/MobileFrontend
 +
   
 +
    ##### ElectronPdfService extension
 +
    RUN set -x; \
 +
        cd $MW_HOME/extensions \
 +
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/ElectronPdfService
 +
   
 +
    ##### ConfirmAccount, UploadWizard
 +
    RUN set -x; \
 +
        cd $MW_HOME/extensions \
 +
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/ConfirmAccount \
 +
        && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/UploadWizard
 +
   
 +
   
 +
    #### Add AutoSitemap extension ** disable if wiki is not reacahble from Internet!
 +
    RUN set -x; \
 +
        cd $MW_HOME/extensions \
 +
        && git clone --depth 1 https://github.com/dolfinus/AutoSitemap.git
 
      
 
      
     COPY ./extensions /var/www/html/extensions
+
    # Copy any other extenions from the ./build/extensions folder
 +
     COPY ./extensions $MW_HOME/extensions
 
      
 
      
 
     CMD ["apache2-foreground"]
 
     CMD ["apache2-foreground"]

Revision as of 06:26, 7 July 2021

Docker MediaWiki Server

Notes and configuration files for setting up MediaWiki with nginx-proxy for Let's Encrypt SSL certs.

This guide is comprised of two methods for building a dockerized MediaWiki site:

  • From the official MediaWiki docker image - easiest for beginners and those who just want to stand up a site (simple)
  • From scratch - allows you to tweak the image more from the start and can be more complicated (advanced)

Regardless of the method used, this guide will also include any extensions you have in the build/extensions folder.

nginx-proxy

  • Create /srv/nginx-proxy
  • Add this file

docker-compose.yml

docker-compose.yml

   version: '2'
   services:
     nginx-proxy:
       image: jwilder/nginx-proxy
       container_name: nginx-proxy
       environment:
         - "HTTPS_METHOD=noredirect"
       labels:
         - "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy"
       ports:
         - "80:80"
         - "443:443"
       restart: always
       volumes:
         - "./data/etc/certs:/etc/nginx/certs"
         - "./data/etc/nginx/vhost.d:/etc/nginx/vhost.d"
         - "./data/etc/nginx/htpasswd:/etc/nginx/htpasswd"
         - "./data/etc/nginx/html:/usr/share/nginx/html"
         - "/var/run/docker.sock:/tmp/docker.sock:ro"
   
     letsencrypt:
       image: jrcs/letsencrypt-nginx-proxy-companion
       environment:
       ### ToDo: Change to your e-mail address
       #      - DEFAULT_EMAIL=admin@demo.io
         - NGINX_PROXY_CONTAINER=nginx-proxy
       volumes_from:
         - nginx-proxy
       volumes:
         - /var/run/docker.sock:/var/run/docker.sock:ro
         - ./data/etc/certs:/etc/nginx/certs:rw
       restart: always
   
   networks:
     default:
       external:
         name: nginx-proxy

MediaWiki

  • Create /srv/wiki, /srv/wiki/build, /srv/wiki/build/extensions
  • Add the following files

docker-compose.yml

Copy the following to /srv/wiki/docker-compose.yml

   version: '3'
   services:
     web:
       image: mediawiki
       build: build/.
       container_name: wiki
       depends_on: 
         - database
         - parsoid
       restart: always
       environment:
         ## TODO: CHANGE VIRTUAL_HOST, LETSENCRYPT_HOST, and LETSENCRYPT_EMAIL TO YOUR OWN
         - VIRTUAL_HOST=wiki.example.com
         - HTTPS_METHOD=nohttp
         - LETSENCRYPT_HOST=wiki.example.com
         - LETSENCRYPT_EMAIL=nobody@example.com
       links:
         - database
       volumes:
         - /srv/wiki/html/images:/var/www/html/images
         ## TODO: remove the # below AFTER you have downloaded the LocalSettings.php file
         #- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php
       networks:
         - default
         - nginx-proxy
    
     database:
       image: mariadb
       container_name: db
       restart: always
       environment:
         MYSQL_DATABASE: mediawiki
         MYSQL_USER: wikiuser
         ## TODO: Change the password below
         MYSQL_PASSWORD: wiki
         ## TODO: Change the password below
         MYSQL_ROOT_PASSWORD: changeme
       volumes:
         - /srv/wiki/db:/var/lib/mysql
       networks:
         - default
   
     parsoid:
       image: thenets/parsoid:0.10
       container_name: parsoid
       restart: always
       environment:
   #      - PARSOID_NUM_WORKERS=0
         - PARSOID_DOMAIN_wiki=http://web/api.php
       networks: 
         - default
   
   networks:
     nginx-proxy:
       external:
         name: nginx-proxy

Dockerfile

There are two ways to create the Dockerfile for MediaWiki.

  • simple uses the MediaWiki image and adds your extension(s) to it.
  • advanced builds the MediaWiki image from scratch and adds your extension(s) to it.

For most users, the simple version of the Dockerfile will suffice.

Extract all extensions to the /srv/wiki/build/extensions directory.

Simple

Copy the following to /srv/wiki/build/Dockerfile

Note: You can change the version of the MediaWiki docker image used by changing the FROM line.

   FROM mediawiki:1.35.3
   COPY ./extensions /var/www/html/extensions

Advanced

Note: You can change the version installed by changing:

  • ENV MEDIAWIKI_MAJOR_VERSION 1.36
  • ENV MEDIAWIKI_VERSION 1.36.1
  • ENV MW_VERSION REL1_35

To change to version 1.35 (LTS until 2023) you can substitute 1.35, 1.35.3,and REL1_35 for the values above.

Copy the following to /srv/wiki/build/Dockerfile

   FROM php:7.4-apache
   
   COPY --from=composer /usr/bin/composer /usr/bin/composer
   
   # System dependencies
   RUN set -eux; \
   	\
   	apt-get update; \
   	apt-get install -y --no-install-recommends \
   		git \
   		librsvg2-bin \
   		imagemagick \
   		# Required for SyntaxHighlighting
   		python3 \
   	; \
   	rm -rf /var/lib/apt/lists/*
   
   # Install the PHP extensions we need
   RUN set -eux; \
   	\
   	savedAptMark="$(apt-mark showmanual)"; \
   	\
   	apt-get update; \
   	apt-get install -y --no-install-recommends \
   		libicu-dev \
   		libonig-dev \
   	; \
   	\
   	docker-php-ext-install -j "$(nproc)" \
   		intl \
   		mbstring \
   		mysqli \
   		opcache \
   	; \
   	\
   	pecl install APCu-5.1.20; \
   	docker-php-ext-enable \
   		apcu \
   	; \
   	rm -r /tmp/pear; \
   	\
   	# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
   	apt-mark auto '.*' > /dev/null; \
   	apt-mark manual $savedAptMark; \
   	ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \
   		| awk '/=>/ { print $3 }' \
   		| sort -u \
   		| xargs -r dpkg-query -S \
   		| cut -d: -f1 \
   		| sort -u \
   		| xargs -rt apt-mark manual; \
   	\
   	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
   	rm -rf /var/lib/apt/lists/*
   
   # Enable Short URLs
   RUN set -eux; \
   	a2enmod rewrite; \
   	{ \
   		echo "<Directory /var/www/html>"; \
   		echo "  RewriteEngine On"; \
   		echo "  RewriteCond %{REQUEST_FILENAME} !-f"; \
   		echo "  RewriteCond %{REQUEST_FILENAME} !-d"; \
   		echo "  RewriteRule ^ %{DOCUMENT_ROOT}/index.php [L]"; \
   		echo "</Directory>"; \
   	} > "$APACHE_CONFDIR/conf-available/short-url.conf"; \
   	a2enconf short-url
   
   # Enable AllowEncodedSlashes for VisualEditor
   RUN sed -i "s/<\/VirtualHost>/\tAllowEncodedSlashes NoDecode\n<\/VirtualHost>/" "$APACHE_CONFDIR/sites-available/000-default.conf"
   
   # set recommended PHP.ini settings
   # see https://secure.php.net/manual/en/opcache.installation.php
   RUN { \
   		echo 'opcache.memory_consumption=128'; \
   		echo 'opcache.interned_strings_buffer=8'; \
   		echo 'opcache.max_accelerated_files=4000'; \
   		echo 'opcache.revalidate_freq=60'; \
   	} > /usr/local/etc/php/conf.d/opcache-recommended.ini
   
   # SQLite Directory Setup
   RUN set -eux; \
   	mkdir -p /var/www/data; \
   	chown -R www-data:www-data /var/www/data
   
   # Version
   ENV MEDIAWIKI_MAJOR_VERSION 1.35
   ENV MEDIAWIKI_VERSION 1.35.3
   ENV MW_VERSION=REL1_35
   
   # Home folder location
   ENV MW_HOME=/var/www/html
   
   
   # MediaWiki setup
   RUN set -eux; \
   	fetchDeps=" \
   		gnupg \
   		dirmngr \
   	"; \
   	apt-get update; \
   	apt-get install -y --no-install-recommends $fetchDeps; \
   	\
   	curl -fSL "https://releases.wikimedia.org/mediawiki/${MEDIAWIKI_MAJOR_VERSION}/mediawiki-${MEDIAWIKI_VERSION}.tar.gz" -o mediawiki.tar.gz; \
   	curl -fSL "https://releases.wikimedia.org/mediawiki/${MEDIAWIKI_MAJOR_VERSION}/mediawiki-${MEDIAWIKI_VERSION}.tar.gz.sig" -o mediawiki.tar.gz.sig; \
   	export GNUPGHOME="$(mktemp -d)"; \
   # gpg key from https://www.mediawiki.org/keys/keys.txt
   	gpg --batch --keyserver keyserver.ubuntu.com --recv-keys \
   		D7D6767D135A514BEB86E9BA75682B08E8A3FEC4 \
   		441276E9CCD15F44F6D97D18C119E1A64D70938E \
   		F7F780D82EBFB8A56556E7EE82403E59F9F8CD79 \
   		1D98867E82982C8FE0ABC25F9B69B3109D3BB7B0 \
   	; \
   	gpg --batch --verify mediawiki.tar.gz.sig mediawiki.tar.gz; \
   	tar -x --strip-components=1 -f mediawiki.tar.gz; \
   	gpgconf --kill all; \
   	rm -r "$GNUPGHOME" mediawiki.tar.gz.sig mediawiki.tar.gz; \
   	chown -R www-data:www-data extensions skins cache images; \
      	\
      	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps; \
      	rm -rf /var/lib/apt/lists/*
   
   RUN set -eux; \
           apt update; \
           apt install -y --no-install-recommends \
                unzip
   
   ##### Commonly used extensions
   RUN set -x; \
       cd $MW_HOME/extensions \
       && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Echo \
       && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Thanks \
       && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CheckUser
   
   # Flow extension
   RUN set -x; \
       cd $MW_HOME/extensions \
       && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Flow \
       && cd Flow \
       && composer install --no-dev \
       && cd ..
   
   ### MediaWiki Language Extension Bundle
   # Translate
   RUN set -x; \
       cd $MW_HOME/extensions \
       && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Babel \
       && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/cldr \
       && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CleanChanges \
       && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/UniversalLanguageSelector
   
   ##### ElasticSearch extensions
   RUN set -x; \
       cd $MW_HOME/extensions \
       && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CirrusSearch \
       && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Elastica \
       && cd Elastica \
       && composer install --no-dev \
       && cd ..
   
   ##### MobileFrontend extension
   RUN set -x; \
       cd $MW_HOME/extensions \
       && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/MobileFrontend
   
   ##### ElectronPdfService extension
   RUN set -x; \
       cd $MW_HOME/extensions \
       && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/ElectronPdfService
   
   ##### ConfirmAccount, UploadWizard
   RUN set -x; \
       cd $MW_HOME/extensions \
       && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/ConfirmAccount \
       && git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/UploadWizard
   
   
   #### Add AutoSitemap extension ** disable if wiki is not reacahble from Internet!
   RUN set -x; \
       cd $MW_HOME/extensions \
       && git clone --depth 1 https://github.com/dolfinus/AutoSitemap.git
   
   # Copy any other extenions from the ./build/extensions folder
   COPY ./extensions $MW_HOME/extensions
   
   CMD ["apache2-foreground"]

First start

  • Update the /srv/wiki/docker-compose.yml file with the host, email and database password
  • Run docker-compose up -d to start
  • Login to wiki to complete setup (use https://<fqdn> specified in the files above)

Database connection details

When prompted for the database enter db://localhost

LocalSettings File

  • Download when prompted
  • Stop the wiki with docker-compose down
  • Copy LocalSettings.php to the /srv/wiki directory
  • Uncomment the #- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php line in the /srv/wiki/docker-compose.yml file
  • chmod 755 the LocalSettings.php file
  • Run docker-compose up -d
  • Wait a minute then navigate to your wiki with https://<fqdn>

Misc

Preventing access

Note: You can also choose an access level at initial installation.

https://www.mediawiki.org/wiki/Manual:Preventing_access#Simple_private_wiki

Upgrading

IMPORTANT: Read https://www.mediawiki.org/wiki/Manual:Upgrading first for information about upgrading.

  1. Update /srv/wiki/build/Dockerfile. Either update version (simple) or make sure Dockerfile has the required dependencies and update version (advanced).
  2. Run docker-compose build

If step 2 is successful:

  1. Run docker-compose up -d
  2. Run docker-compose exec web bash
  3. Run cd maintenance
  4. Run php update.php