The goal of this howto is to

• set up a dokuwiki container using docker (and not e. g. podman, slightly different)
• use an SMB share for storing the data
• on a server using enforcing SELinux (Centos 7)

We use an “official” container image:

sudo docker run -d \
  --name=dokuwiki \
  -e PUID=1000 \
  -e PGID=1000 \
  -e TZ=Europe/Vienna \
  -p 50080:80 \
  -p 50443:443 \
  -v $(pwd)/dokuwiki:/config -v $(pwd)/dokuwiki/dokuwiki/data:/config/dokuwiki/data \
  --restart unless-stopped \
  lscr.io/linuxserver/dokuwiki:latest

This image stores all configuration in /config and all data in /config/dokuwiki/data. We want to keep config local but mount data from some SMB server.

For podman we can create such a container but need to mange start/stop with systemnd.

/etc/httpd/conf.d/sites-enabled/dokuwiki.siam.homeunux.net.conf

<VirtualHost *:80>
  ServerName dokuwiki.siam.homeunix.net
  ServerAlias dokuwiki.siam.homeunix.net
 
  Redirect / https://dokuwiki.siam.homeunix.net/
</VirtualHost>
<VirtualHost *:443>
  ServerName dokuwiki.siam.homeunix.net
  ServerAlias dokuwiki.siam.homeunix.net
 
  Include /etc/httpd/conf.d/shared/ssl.conf
 
 
 AllowEncodedSlashes NoDecode
 SSLProxyEngine On
 ProxyPreserveHost On
 
 
 # cert is issued for collaboraonline.example.com and we proxy to localhost
 SSLProxyVerify None
 SSLProxyCheckPeerCN Off
 SSLProxyCheckPeerName Off
 
 
 # static html, js, images, etc. served from coolwsd
 # browser is the client part of Collabora Online
 ProxyPass           / https://127.0.0.1:50443/ retry=0
 ProxyPassReverse    / https://127.0.0.1:50443/

setenforce 0
systemctl stop httpd
sudo docker run -it --rm --name certbot \
            -v "/etc/letsencrypt:/etc/letsencrypt" \
            -v "/var/lib/letsencrypt:/var/lib/letsencrypt" -v "/var/log/letsencrypt/:/var/log/letsencrypt/" \
            -p 80:80 -p 443:443 \
            certbot/certbot certonly --standalone -d [... the other letsencrypt domains],dokuwiki.siam.homeunix.net
systemctl start httpd
setenforce 1