261
edits
Docker MediaWiki Server: Difference between revisions
Jump to navigation
Jump to search
no edit summary
mNo edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
[[Category: How to]] | [[Category:How to]] | ||
[[Category:Software]] | [[Category:Software]] | ||
Notes and configuration files for setting up MediaWiki in a dockerized environment. | Notes and configuration files for setting up MediaWiki in a dockerized environment. | ||
| Line 30: | Line 28: | ||
===MediaWiki=== | ===MediaWiki=== | ||
Copy the following to '''/srv/wiki/docker-compose.yml''' | Copy the following to '''/srv/wiki/docker-compose.yml''' | ||
<syntaxhighlight lang="yaml"> | |||
version: '3' | |||
services: | |||
web: | |||
image: mediawiki | |||
build: build/. | |||
container_name: wiki | |||
depends_on: | |||
- database | |||
## parsoid is bundled as part of 1.35+, only uncomment if using an older version | |||
#- parsoid | |||
restart: always | |||
ports: | |||
- 80:80 | |||
links: | |||
- database | |||
volumes: | |||
- /srv/wiki/html/images:/var/www/html/images | |||
## TODO: remove the # below AFTER you have downloaded the LocalSettings.php file | |||
#- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php | |||
database: | |||
image: mariadb | |||
container_name: db | |||
restart: always | |||
environment: | |||
MYSQL_DATABASE: mediawiki | |||
## TODO: Change the password below | |||
MYSQL_USER: wikiuser | |||
## TODO: Change the password below | |||
MYSQL_PASSWORD: wiki | |||
MYSQL_ROOT_PASSWORD: changeme | |||
volumes: | |||
- /srv/wiki/db:/var/lib/mysql | |||
## parsoid is bundled as part of 1.35+, only uncomment if using an older version | |||
#parsoid: | |||
# image: thenets/parsoid:0.10 | |||
# container_name: parsoid | |||
# restart: always | |||
# environment: | |||
# - PARSOID_NUM_WORKERS=0 | |||
# - PARSOID_DOMAIN_wiki=http://web/api.php | |||
</syntaxhighlight> | |||
==Internet== | ==Internet== | ||
| Line 79: | Line 76: | ||
===NGINX-Proxy=== | ===NGINX-Proxy=== | ||
Copy the following to '''/srv/nginx-proxy/docker-compose.yml''' | *Copy the following to '''/srv/nginx-proxy/docker-compose.yml''' | ||
<syntaxhighlight lang="yaml"> | |||
version: '2' | |||
services: | |||
nginx-proxy: | |||
image: jwilder/nginx-proxy | |||
container_name: nginx-proxy | |||
environment: | |||
- "HTTPS_METHOD=noredirect" | |||
labels: | |||
- "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy" | |||
ports: | |||
- "80:80" | |||
- "443:443" | |||
restart: always | |||
volumes: | |||
- "./data/etc/certs:/etc/nginx/certs" | |||
- "./data/etc/nginx/vhost.d:/etc/nginx/vhost.d" | |||
- "./data/etc/nginx/htpasswd:/etc/nginx/htpasswd" | |||
- "./data/etc/nginx/html:/usr/share/nginx/html" | |||
- "./data/etc/nginx/conf.d:/etc/nginx/conf.d" | |||
- "/var/run/docker.sock:/tmp/docker.sock:ro" | |||
letsencrypt: | |||
image: jrcs/letsencrypt-nginx-proxy-companion | |||
environment: | |||
### ToDo: Change to your e-mail address | |||
# - DEFAULT_EMAIL=admin@demo.io | |||
- NGINX_PROXY_CONTAINER=nginx-proxy | |||
volumes_from: | |||
- nginx-proxy | |||
volumes: | |||
- /var/run/docker.sock:/var/run/docker.sock:ro | |||
- ./data/etc/certs:/etc/nginx/certs:rw | |||
restart: always | |||
networks: | |||
default: | |||
external: | |||
name: nginx-proxy | |||
</syntaxhighlight> | |||
*Copy the following to '''/srv/nginx-proxy/data/etc/nginx/conf.d/proxy-settings.conf''' | |||
<syntaxhighlight lang="text"> | |||
proxy_connect_timeout 300; | |||
proxy_send_timeout 300; | |||
proxy_read_timeout 30m; | |||
send_timeout 300; | |||
</syntaxhighlight> | |||
Note: Add the following line to the file above for large file upload issues: | |||
<syntaxhighlight lang="text"> | |||
client_max_body_size 5000m; | |||
</syntaxhighlight> | |||
You will need to adjust the size to a value suitable for your environment. | |||
====Create docker network==== | ====Create docker network==== | ||
| Line 125: | Line 138: | ||
===MediaWiki=== | ===MediaWiki=== | ||
Copy the following to '''/srv/wiki/docker-compose.yml''' | Copy the following to '''/srv/wiki/docker-compose.yml''' | ||
<syntaxhighlight lang="yaml"> | |||
version: '3' | |||
services: | |||
web: | |||
image: mediawiki | |||
build: build/. | |||
container_name: wiki | |||
depends_on: | |||
- database | |||
## parsoid is bundled as part of 1.35+, only uncomment if using an older version | |||
# - parsoid | |||
restart: always | |||
environment: | |||
## TODO: CHANGE VIRTUAL_HOST, LETSENCRYPT_HOST, and LETSENCRYPT_EMAIL TO YOUR OWN | |||
- VIRTUAL_HOST=wiki.example.com | |||
- HTTPS_METHOD=nohttp | |||
- LETSENCRYPT_HOST=wiki.example.com | |||
- LETSENCRYPT_EMAIL=nobody@example.com | |||
links: | |||
- database | |||
volumes: | |||
- /srv/wiki/html/images:/var/www/html/images | |||
## TODO: remove the # below AFTER you have downloaded the LocalSettings.php file | |||
#- /srv/wiki/LocalSettings.php:/var/www/html/LocalSettings.php | |||
networks: | |||
- default | |||
- nginx-proxy | |||
database: | |||
image: mariadb | |||
container_name: db | |||
restart: always | |||
environment: | |||
MYSQL_DATABASE: mediawiki | |||
MYSQL_USER: wikiuser | |||
## TODO: Change the password below | |||
MYSQL_PASSWORD: wiki | |||
## TODO: Change the password below | |||
MYSQL_ROOT_PASSWORD: changeme | |||
volumes: | |||
- /srv/wiki/db:/var/lib/mysql | |||
networks: | |||
- default | |||
## parsoid is bundled as part of 1.35+, only uncomment if using an older version | |||
#parsoid: | |||
# image: thenets/parsoid:0.10 | |||
# container_name: parsoid | |||
# restart: always | |||
# environment: | |||
# - PARSOID_NUM_WORKERS=0 | |||
# - PARSOID_DOMAIN_wiki=http://web/api.php | |||
# networks: | |||
# - default | |||
networks: | |||
nginx-proxy: | |||
external: | |||
name: nginx-proxy | |||
</syntaxhighlight> | |||
=Mediawiki Docker Image= | =Mediawiki Docker Image= | ||
| Line 201: | Line 215: | ||
Note: You can change the version of the MediaWiki docker image used by changing the FROM line. | Note: You can change the version of the MediaWiki docker image used by changing the FROM line. | ||
<syntaxhighlight lang="dockerfile"> | |||
FROM mediawiki:1.35.3 | |||
COPY ./extensions /var/www/html/extensions | |||
</syntaxhighlight> | |||
==== Advanced ==== | ==== Advanced ==== | ||
| Line 214: | Line 229: | ||
Copy the following to '''/srv/wiki/build/Dockerfile''' | Copy the following to '''/srv/wiki/build/Dockerfile''' | ||
<syntaxhighlight lang="dockerfile"> | |||
FROM php:7.4-apache | |||
COPY --from=composer /usr/bin/composer /usr/bin/composer | |||
# System dependencies | |||
RUN set -eux; \ | |||
\ | |||
apt-get update; \ | |||
apt-get install -y --no-install-recommends \ | |||
git \ | |||
librsvg2-bin \ | |||
imagemagick \ | |||
# Required for SyntaxHighlighting | |||
python3 \ | |||
; \ | |||
rm -rf /var/lib/apt/lists/* | |||
# Install the PHP extensions we need | |||
RUN set -eux; \ | |||
\ | |||
savedAptMark="$(apt-mark showmanual)"; \ | |||
\ | |||
apt-get update; \ | |||
apt-get install -y --no-install-recommends \ | |||
libicu-dev \ | |||
libonig-dev \ | |||
; \ | |||
\ | |||
docker-php-ext-install -j "$(nproc)" \ | |||
intl \ | |||
mbstring \ | |||
mysqli \ | |||
opcache \ | |||
; \ | |||
\ | |||
pecl install APCu-5.1.20; \ | |||
docker-php-ext-enable \ | |||
apcu \ | |||
; \ | |||
rm -r /tmp/pear; \ | |||
\ | |||
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies | |||
apt-mark auto '.*' > /dev/null; \ | |||
apt-mark manual $savedAptMark; \ | |||
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ | |||
| awk '/=>/ { print $3 }' \ | |||
| sort -u \ | |||
| xargs -r dpkg-query -S \ | |||
| cut -d: -f1 \ | |||
| sort -u \ | |||
| xargs -rt apt-mark manual; \ | |||
\ | |||
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ | |||
rm -rf /var/lib/apt/lists/* | |||
# Enable Short URLs | |||
RUN set -eux; \ | |||
a2enmod rewrite; \ | |||
{ \ | |||
echo "<Directory /var/www/html>"; \ | |||
echo " RewriteEngine On"; \ | |||
echo " RewriteCond %{REQUEST_FILENAME} !-f"; \ | |||
echo " RewriteCond %{REQUEST_FILENAME} !-d"; \ | |||
echo " RewriteRule ^ %{DOCUMENT_ROOT}/index.php [L]"; \ | |||
echo "</Directory>"; \ | |||
} > "$APACHE_CONFDIR/conf-available/short-url.conf"; \ | |||
a2enconf short-url | |||
# Enable AllowEncodedSlashes for VisualEditor | |||
RUN sed -i "s/<\/VirtualHost>/\tAllowEncodedSlashes NoDecode\n<\/VirtualHost>/" "$APACHE_CONFDIR/sites-available/000-default.conf" | |||
# set recommended PHP.ini settings | |||
# see https://secure.php.net/manual/en/opcache.installation.php | |||
RUN { \ | |||
echo 'opcache.memory_consumption=128'; \ | |||
echo 'opcache.interned_strings_buffer=8'; \ | |||
echo 'opcache.max_accelerated_files=4000'; \ | |||
echo 'opcache.revalidate_freq=60'; \ | |||
} > /usr/local/etc/php/conf.d/opcache-recommended.ini | |||
# SQLite Directory Setup | |||
RUN set -eux; \ | |||
mkdir -p /var/www/data; \ | |||
chown -R www-data:www-data /var/www/data | |||
# Version | |||
ENV MEDIAWIKI_MAJOR_VERSION 1.35 | |||
ENV MEDIAWIKI_VERSION 1.35.3 | |||
ENV MW_VERSION=REL1_35 | |||
# Home folder location | |||
ENV MW_HOME=/var/www/html | |||
# MediaWiki setup | |||
RUN set -eux; \ | |||
fetchDeps=" \ | |||
gnupg \ | |||
dirmngr \ | |||
"; \ | |||
apt-get update; \ | |||
apt-get install -y --no-install-recommends $fetchDeps; \ | |||
\ | |||
curl -fSL "https://releases.wikimedia.org/mediawiki/${MEDIAWIKI_MAJOR_VERSION}/mediawiki-${MEDIAWIKI_VERSION}.tar.gz" -o mediawiki.tar.gz; \ | |||
curl -fSL "https://releases.wikimedia.org/mediawiki/${MEDIAWIKI_MAJOR_VERSION}/mediawiki-${MEDIAWIKI_VERSION}.tar.gz.sig" -o mediawiki.tar.gz.sig; \ | |||
export GNUPGHOME="$(mktemp -d)"; \ | |||
# gpg key from https://www.mediawiki.org/keys/keys.txt | |||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys \ | |||
D7D6767D135A514BEB86E9BA75682B08E8A3FEC4 \ | |||
441276E9CCD15F44F6D97D18C119E1A64D70938E \ | |||
F7F780D82EBFB8A56556E7EE82403E59F9F8CD79 \ | |||
1D98867E82982C8FE0ABC25F9B69B3109D3BB7B0 \ | |||
; \ | |||
gpg --batch --verify mediawiki.tar.gz.sig mediawiki.tar.gz; \ | |||
tar -x --strip-components=1 -f mediawiki.tar.gz; \ | |||
gpgconf --kill all; \ | |||
rm -r "$GNUPGHOME" mediawiki.tar.gz.sig mediawiki.tar.gz; \ | |||
chown -R www-data:www-data extensions skins cache images; \ | |||
\ | |||
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps; \ | |||
rm -rf /var/lib/apt/lists/* | |||
RUN set -eux; \ | |||
apt update; \ | |||
apt install -y --no-install-recommends \ | |||
unzip | |||
##### Commonly used extensions | |||
RUN set -x; \ | |||
cd $MW_HOME/extensions \ | |||
&& git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Echo \ | |||
&& git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Thanks \ | |||
&& git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CheckUser | |||
# Flow extension | |||
RUN set -x; \ | |||
cd $MW_HOME/extensions \ | |||
&& git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Flow \ | |||
&& cd Flow \ | |||
&& composer install --no-dev \ | |||
&& cd .. | |||
### MediaWiki Language Extension Bundle | |||
# Translate | |||
RUN set -x; \ | |||
cd $MW_HOME/extensions \ | |||
&& git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Babel \ | |||
&& git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/cldr \ | |||
&& git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CleanChanges \ | |||
&& git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/UniversalLanguageSelector | |||
##### ElasticSearch extensions | |||
RUN set -x; \ | |||
cd $MW_HOME/extensions \ | |||
&& git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/CirrusSearch \ | |||
&& git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Elastica \ | |||
&& cd Elastica \ | |||
&& composer install --no-dev \ | |||
&& cd .. | |||
##### MobileFrontend extension | |||
RUN set -x; \ | |||
cd $MW_HOME/extensions \ | |||
&& git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/MobileFrontend | |||
##### ElectronPdfService extension | |||
RUN set -x; \ | |||
cd $MW_HOME/extensions \ | |||
&& git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/ElectronPdfService | |||
##### ConfirmAccount, UploadWizard | |||
RUN set -x; \ | |||
cd $MW_HOME/extensions \ | |||
&& git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/ConfirmAccount \ | |||
&& git clone --depth 1 -b $MW_VERSION https://gerrit.wikimedia.org/r/p/mediawiki/extensions/UploadWizard | |||
#### Add AutoSitemap extension ** disable if wiki is not reacahble from Internet! | |||
RUN set -x; \ | |||
cd $MW_HOME/extensions \ | |||
&& git clone --depth 1 https://github.com/dolfinus/AutoSitemap.git | |||
# Copy any other extenions from the ./build/extensions folder | |||
COPY ./extensions $MW_HOME/extensions | |||
CMD ["apache2-foreground"] | |||
</syntaxhighlight> | |||
=Running= | =Running= | ||
| Line 422: | Line 438: | ||
* Run '''''docker-compose up -d''''' | * Run '''''docker-compose up -d''''' | ||
* Wait a minute then navigate to your wiki with https://<hostname/IP> for Intranet or https://<FQDN> for Internet. | * Wait a minute then navigate to your wiki with https://<hostname/IP> for Intranet or https://<FQDN> for Internet. | ||
===Private IPs=== | |||
Mediawiki will only use the IP presented by the NGINX Proxy server (which will not be the client's real IP). To have Mediawiki trust the X-Forwarded-For (and record them), add the following to the LocalSettings.php file: | |||
<syntaxhighlight lang="php"> | |||
# Use X-ForwardedFor instead for Real IP | |||
$wgUseCdn = true; | |||
$wgCdnServersNoPurge = []; | |||
$wgCdnServersNoPurge[] = "172.18.0.0/24"; | |||
</syntaxhighlight> | |||
Change the '''172.18.0.0/24''' to the subnet your container is using for talking to the NGINX Proxy. | |||
Reference: https://www.mediawiki.org/wiki/Manual:$wgUsePrivateIPs | |||
=Misc= | =Misc= | ||
| Line 448: | Line 476: | ||
Add this to your '''LocalSettings.php''' file: | Add this to your '''LocalSettings.php''' file: | ||
<syntaxhighlight lang="php> | |||
$wgFileExtensions = array( 'png', 'gif', 'jpg', 'jpeg', 'doc', | |||
'xls', 'mpp', 'pdf', 'ppt', 'tiff', 'bmp', 'docx', 'xlsx', | |||
'pptx', 'ps', 'odt', 'ods', 'odp', 'odg' | |||
); | |||
</syntaxhighlight> | |||
===Increase file upload size=== | ===Increase file upload size=== | ||
| Line 459: | Line 488: | ||
* Add this to your '''LocalSettings.php''' file to allow uploading of 2G files: | * Add this to your '''LocalSettings.php''' file to allow uploading of 2G files: | ||
<syntaxhighlight lang="php> | |||
$wgUploadSizeWarning = 2147483647; | |||
$wgMaxUploadSize = 2147483647; | |||
</syntaxhighlight> | |||
* Then create '''/srv/wiki/uploads.ini''' with the following: | * Then create '''/srv/wiki/uploads.ini''' with the following: | ||
<syntaxhighlight lang="php> | |||
upload_max_filesize = 2048M | |||
post_max_size = 2048M | |||
max_execution_time = 7200 | |||
max_file_uploads = 1000 | |||
</syntaxhighlight> | |||
* Add the following line to the '''/srv/wiki/docker-compose.yml''' file under volumes | * Add the following line to the '''/srv/wiki/docker-compose.yml''' file under volumes | ||
- /srv/wiki/uploads.ini:/usr/local/etc/php/conf.d/uploads.ini:ro | - /srv/wiki/uploads.ini:/usr/local/etc/php/conf.d/uploads.ini:ro | ||