Projekte

User Tools

Site Tools

Trace: setup_using_docker
dokuwiki:docker:setup_using_docker

**This is an old revision of the document!**

Table of Contents

Setup dokuwiki using docker

The goal of this howto is to

  • set up a dokuwiki container using docker (and not e. g. podman, slightly different)
  • use an SMB share for storing the data
  • on a server using enforcing SELinux (Centos 7)

Mount the data on an SMB share

Add something similar to this to your /etc/fstab: 

//vmhost/dokumente/dokuwiki     /home/simar/dokuwiki/dokuwiki/data      cifs  credentials=/root/.cifs,vers=3.0,uid=1000,gid=1000,context=system_u:object_r:container_file_t:s0,noexec,nosuid  0 0

Note: on an SELinux enabled system you need the set the SEContext correctly (as in exactly what you see in a directory that works in a container with ls -lZ)

The credentials can be stored in a file only root can read. Use the highest number for vers possible, it maybe even better to use the smb3 filesystem with posix in newer versions of Linux. 

sudo mount /home/simar/dokuwiki/dokuwiki/data

Create the container and managing lifecycle via docker

We use an “official” container image: 

sudo docker run -d \
  --name=dokuwiki \
  -e PUID=1000 \
  -e PGID=1000 \
  -e TZ=Europe/Vienna \
  -p 50080:80 \
  -p 50443:443 \
  -v $(pwd)/dokuwiki:/config -v $(pwd)/dokuwiki/dokuwiki/data:/config/dokuwiki/data \
  --restart unless-stopped \
  lscr.io/linuxserver/dokuwiki:latest

This image stores all configuration in /config and all data in /config/dokuwiki/data. We want to keep config local but mount data from some SMB server.

For podman we can create such a container but need to mange start/stop with systemnd.

Reverse proxy on the host using apache

/etc/httpd/conf.d/sites-enabled/dokuwiki.siam.homeunux.net.conf 

<VirtualHost *:80>
  ServerName dokuwiki.siam.homeunix.net
  ServerAlias dokuwiki.siam.homeunix.net
 
  Redirect / https://dokuwiki.siam.homeunix.net/
</VirtualHost>
<VirtualHost *:443>
  ServerName dokuwiki.siam.homeunix.net
  ServerAlias dokuwiki.siam.homeunix.net
 
  Include /etc/httpd/conf.d/shared/ssl.conf
 
 
 AllowEncodedSlashes NoDecode
 SSLProxyEngine On
 ProxyPreserveHost On
 
 
 # cert is issued for collaboraonline.example.com and we proxy to localhost
 SSLProxyVerify None
 SSLProxyCheckPeerCN Off
 SSLProxyCheckPeerName Off
 
 
 # static html, js, images, etc. served from coolwsd
 # browser is the client part of Collabora Online
 ProxyPass           / https://127.0.0.1:50443/ retry=0
 ProxyPassReverse    / https://127.0.0.1:50443/

Add the new virtual host to Let's encrypt

setenforce 0
systemctl stop httpd
sudo docker run -it --rm --name certbot \
            -v "/etc/letsencrypt:/etc/letsencrypt" \
            -v "/var/lib/letsencrypt:/var/lib/letsencrypt" -v "/var/log/letsencrypt/:/var/log/letsencrypt/" \
            -p 80:80 -p 443:443 \
            certbot/certbot certonly --standalone -d [... the other letsencrypt domains],dokuwiki.siam.homeunix.net
systemctl start httpd
setenforce 1
dokuwiki/docker/setup_using_docker.1676831276.txt.gz · Last modified: by 127.0.0.1