Projekte

User Tools

Site Tools

Trace: setup_using_docker
dokuwiki:docker:setup_using_docker

**This is an old revision of the document!**

Table of Contents

Setup dokuwiki using docker

The goal of this howto is to

  • set up a dokuwiki container using docker (and not e. g. podman, slightly different)
  • use an SMB share for storing the data
  • on a server using enforcing SELinux (Centos 7)

Mount the data on an SMB share

//vmhost/dokumente/dokuwiki     /home/simar/dokuwiki/dokuwiki/data      cifs  credentials=/root/.cifs,vers=3.0,uid=1000,gid=1000,context=system_u:object_r:container_file_t:s0,noexec,nosuid  0 0

Note: on an SELinux enabled system you need the set the SEContext correctly (as in exactly what you see in a directory that works in a container with ls -lZ)

The credentials can be stored in a file only root can read. Use the highest number for vers possible, it maybe even better to use the smb3 filesystem with posix in newer versions of Linux.

Create the container and managing lifecycle via docker

We use an “official” container image: 

sudo docker run -d \
  --name=dokuwiki \
  -e PUID=1000 \
  -e PGID=1000 \
  -e TZ=Europe/Vienna \
  -p 50080:80 \
  -p 50443:443 \
  -v $(pwd)/dokuwiki:/config -v $(pwd)/dokuwiki/dokuwiki/data:/config/dokuwiki/data \
  --restart unless-stopped \
  lscr.io/linuxserver/dokuwiki:latest

This image stores all configuration in /config and all data in /config/dokuwiki/data. We want to keep config local but mount data from some SMB server.

For podman we can create such a container but need to mange start/stop with systemnd.

Reverse proxy on the host using apache

/etc/httpd/conf.d/sites-enabled/dokuwiki.siam.homeunux.net.conf 

<VirtualHost *:80>
  ServerName dokuwiki.siam.homeunix.net
  ServerAlias dokuwiki.siam.homeunix.net
 
  Redirect / https://dokuwiki.siam.homeunix.net/
</VirtualHost>
<VirtualHost *:443>
  ServerName dokuwiki.siam.homeunix.net
  ServerAlias dokuwiki.siam.homeunix.net
 
  Include /etc/httpd/conf.d/shared/ssl.conf
 
 
 AllowEncodedSlashes NoDecode
 SSLProxyEngine On
 ProxyPreserveHost On
 
 
 # cert is issued for collaboraonline.example.com and we proxy to localhost
 SSLProxyVerify None
 SSLProxyCheckPeerCN Off
 SSLProxyCheckPeerName Off
 
 
 # static html, js, images, etc. served from coolwsd
 # browser is the client part of Collabora Online
 ProxyPass           / https://127.0.0.1:50443/ retry=0
 ProxyPassReverse    / https://127.0.0.1:50443/

Add the new virtual host to Let's encrypt

setenforce 0
systemctl stop httpd
sudo docker run -it --rm --name certbot \
            -v "/etc/letsencrypt:/etc/letsencrypt" \
            -v "/var/lib/letsencrypt:/var/lib/letsencrypt" -v "/var/log/letsencrypt/:/var/log/letsencrypt/" \
            -p 80:80 -p 443:443 \
            certbot/certbot certonly --standalone -d [... the other letsencrypt domains],dokuwiki.siam.homeunix.net
systemctl start httpd
setenforce 1
dokuwiki/docker/setup_using_docker.1676831212.txt.gz · Last modified: by 127.0.0.1