Changes for page How to setup an XWiki docker container
Last modified by Alexandru Pentilescu on 2023/06/25 18:56
From version 14.1
edited by Alexandru Pentilescu
on 2022/06/08 21:20
on 2022/06/08 21:20
Change comment:
There is no comment for this version
To version 18.1
edited by Alexandru Pentilescu
on 2022/06/08 21:50
on 2022/06/08 21:50
Change comment:
There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -150,6 +150,50 @@ 150 150 151 151 [[image:Screenshot_20220607_015727.png]] 152 152 153 +**While it may be tempting to immediately try to setup an administrator account from this portal, unless you're browsing this page from localhost (i.e. the XWiki server is on the exact same machine that you're running your web browser from) DO NOT register an account YET! All traffic is unencrypted to the server and may be intercepted by anyone sniffing your internet packets. We must first configure an X.509 TLS certificate with Nginx and configure Nginx to act as a reverse proxy for this wiki** 154 + 155 +For the time being, press the "Later" button on the dialog (not the "Never" one!) and then run a "docker-compose down" to stop the container from running. The first test run was a success! Congratulations! 156 + 157 += Nginx reverse proxy configuration = 158 + 159 +We assume you already have Nginx installed and properly configured on your machine. Also, we will assume you have an X.509 certificate whose Subject Alt Names includes both your domain name, as well as the subdomain for your wiki (i.e. in my case for pentilescu.com and wiki.pentilescu.com, respectively) and you've configured Nginx to utilize both of them! If this is not the case or you're unsure how to perform these configurations, please check the internal "How to setup an Nginx reverse proxy and also provide a global X.509 certificate for it" guide at the bottom of this page. 160 + 161 +In "/etc/nginx/sites-available/", please create a "xwiki.conf" file with the following contents: 162 + 163 +{{code language="nginx configuration file"}} 164 +server { 165 + server_name wiki.pentilescu.com; 166 + 167 + listen [::]:443 ssl http2; # managed by Certbot 168 + listen 443 ssl http2; # managed by Certbot 169 + 170 + include /etc/nginx/snippets/ssl.conf; 171 + 172 + location / { 173 + proxy_pass http://localhost:8081; 174 + } 175 +} 176 +{{/code}} 177 + 178 +Please replace "wiki.pentilescu.com" with the domain and subdomains that you desire for your particular website. Also, please adapt "/etc/nginx/snippets/ssl.conf" to reference the X.509 Nginx configuration file on your particular server. If you do not wish to support TLS at all, you may remove this line, as well as the "listen" directives from above. 179 + 180 +Effectively, what this configuration file will do is tell Nginx to redirect all HTTP/HTTPS connection verbs directed at wiki.pentilescu.com to localhost port 8081, optionally also injecting the TLS certificates into the connection to secure it as well. By doing this, instead of having to connect to port 8081 on your server manually, future users of your XWiki instance will have to type the subdomain in their browser's address bar instead, which is usually more human readable and more memorable for most people. Typing in "wiki.pentilescu.com" into your browser's address bar is more human friendly than typing "pentilescu.com:8081". Not only are numeric port numbers difficult to remember, but Nginx will also inject TLS into the connection to secure it if you configured the X.509 certificates properly, effectively securing your visitors' connection every time so that their login credentials are protected even against network sniffers. 181 + 182 +Once you've done this, create a symbolic link with the following command to activate your new configuration: 183 + 184 +{{code language="bash"}} 185 +sudo ln -s /etc/nginx/sites-available/xwiki.conf /etc/nginx/sites-enabled/xwiki.conf 186 +{{/code}} 187 + 188 +Finally, test your configuration before restarting Nginx with: 189 + 190 +{{code language="bash"}} 191 +sudo nginx -t 192 +{{/code}} 193 + 194 +If errors are reported, please review your configuration files and repair all the detected issues. If everything is fine then issue a "sudo systemctl restart nginx" and then you're pretty much good to go! 195 + 153 153 = External references = 154 154 155 155 [[Official docker guide for installing XWiki>>https://github.com/xwiki/xwiki-docker/blob/master/README.md]] 199 +How to setup an Nginx reverse proxy and also provide a global X.509 certificate for it -- NOT YET WRITTEN!--