Changes for page How to setup an XWiki docker container

Last modified by Alexandru Pentilescu on 2023/06/25 18:56

From 39.1 to 40.1 From 46.1 to 47.1

From version 40.1

edited by Alexandru Pentilescu
on 2022/06/09 22:47

Change comment: There is no comment for this version

To version 46.1

edited by Alexandru Pentilescu
on 2022/06/09 23:19

Change comment: There is no comment for this version

Raw
Rendered

Summary

Page properties (1 modified, 0 added, 0 removed)
Attachments (0 modified, 1 added, 0 removed)
- Mail.png

Details

Page properties

Content

@@ -263,10 +263,30 @@
  If you will allow unregistered users to comment, though, please consider checking the checkbox below for requiring them to solve a CAPTCHA for each comment, like I did. This will prevent technically savvy individuals from writing automated scripts or bots that will access your wiki and continously and automatically keep generating machine-generated text comments. While this will not prevent humans from posting spam on your Wiki, it should prevent bots from doing so.
--== Configuring an SMTP server for your XWiki==
++== Configuring an SMTP server for your XWiki ==
++Having a reachable SMTP server that your XWiki instance can use may come in handy, at some point.
++The most obvious example of this is when you forget your XWiki user's password. When this happens, you will not be able to login anymore and, if this was the password for your administrator account, then, you're out of luck.
++Having the option to reset your password via email will be really useful in this particular case. Of course, this implies that the email you set during your account setup is not outdated and still in your control.
++To configure an SMTP server, go to the "Administer Wiki" section of the hamburger menu again, then expand the "Mail" section of the options on the left side and finally click on the "Mail Sending" menu option.
++[[image:Mail.png]]
++Of course, the exact configuration options you have to enter depend on your SMTP server's configuration. If you configured mandatory authentication on your SMTP server, you will have to enter login credentials here. I don't have to do that, personally.
++The "EMAIL ADDRESS TO SEND FROM" can be any email address you wish to configure. Preferrably, it should be under the domain name of the machine where you're running your XWiki from (in my case, under "pentilescu.com").
++The "EMAIL SERVER" option is a bit trickier. Assuming you're using postfix as your SMTP server, this should be an email configured in the "inet_interfaces" setting from the "/etc/postfix/main.cf" configuration file.
++Also, if your postfix is not configured to accept email relays from outside its network, as mine does, you must remember to edit "/etc/postfix/main.cf" to add "192.168.80.3" to its "mynetworks" configuration, to, essentially, whitelist your docker container as a valid relay source, otherwise it will deny any email sending requests from it.
++Please be sure to use the appropriate IP address as configured in your "docker-compose.yml" file for your xwiki service.
++For more information about postfix and setting it up, please visit the "How to setup a postfix SMTP server" article in the external references section at the bottom of this article!
++== Modifying cookie encryption keys==
++XWiki has an interesting login mechanism. It doesn't use session tokens to keep track of your user account. What it does do is that it stores two session cookies in your browser: one for your username and one for your password.
++Every time you make a request to your server, these two session cookies are sent along with each request, effecitvely authenticating it.
++This might seem as a huge security problem, as the password is stored in the session cookie and it can be easily viewed by anyone with local access to the web browser's machine.
++To mitigate this security risk, XWiki encrypts both the username cookie's value and the password cookie's value using keys configured in a configuration file. These keys come with strong default values, by itself but, since these values are the same for everyone that downloads the docker image, are inherently public.
++As such, you, as the administrator, should change these encryption keys to your own, randomly generated ones. To do so, go to <your XWiki directory>/data/xwiki-data/data/ and modify the "xwiki.cfg" configuration file there. This file should have two configuration options called "xwiki.authentication.validationKey" and "xwiki.authentication.encryptionKey". Generate, from scratch, two different 32 character long encryption keys and replace the default ones with your ones. Uppercase and lowercase letters, as well as digits, are allowed. I don't believe other symbols are accepted though.
++Change these and restart the docker container, for the changes to apply.
++
  = External references =
  [[Official docker guide for installing XWiki>>https://github.com/xwiki/xwiki-docker/blob/master/README.md]]
--How to setup an Nginx reverse proxy and also provide a global X.509 certificate for it -- NOT YET WRITTEN!--
++How to setup an Nginx reverse proxy and also provide a global X.509 certificate for it [NOT YET WRITTEN!]
++How to setup a postfix SMTP server [NOT YET WRITTEN]

Mail.png

Author

...	...	@@ -1,0 +1,1 @@
	1	+XWiki.AlexandruPentilescu

Size

...	...	@@ -1,0 +1,1 @@
	1	+156.4 KB

Content