Changes for page How to setup an XWiki docker container

Summary

• Page properties (1 modified, 0 added, 0 removed)

Details

Page properties

Content

...	...	@@ -277,27 +277,6 @@
277	277	Please be sure to use the appropriate IP address as configured in your "docker-compose.yml" file for your xwiki service.
278	278	For more information about postfix and setting it up, please visit the "How to setup a postfix SMTP server" article in the external references section at the bottom of this article!
279	279
280		-
281		-=== Correcting "localhost" directing URLs in received emails ===
282		-
283		-This might be just a problem on my end but, after configuring my SMTP server and then requesting an unnecessary password reset for my account to test my configuration, the arrived email contained a password-reset URL which, instead of pointing to my server, as it should have, it pointed to http://localhost:8081. This is obviously wrong and NOT correct.
284		-Fix: go to "<your XWiki directory>/data/xwiki-data/data/" and open the "xwiki.cfg" configuration file there. Find the "xwiki.home" configuration option in that file, uncomment it if you have to, and set it to point to your actual fully qualified domain name (including the trailing "/" at the end) to correct this issue. Please remember to restart the XWiki docker container afterwards for the changes to take effect!
285		-
286		-== Modifying cookie encryption keys ==
287		-
288		-XWiki has an interesting login mechanism. It doesn't use session tokens to keep track of your user account. What it does do is that it stores two session cookies in your browser: one for your username and one for your password.
289		-Every time you make a request to your server, these two session cookies are sent along with each request, effecitvely authenticating it.
290		-This might seem as a huge security problem, as the password is stored in the session cookie and it can be easily viewed by anyone with local access to the web browser's machine.
291		-To mitigate this security risk, XWiki encrypts both the username cookie's value and the password cookie's value using keys configured in a configuration file. These keys come with strong default values, by itself but, since these values are the same for everyone that downloads the docker image, are inherently public.
292		-As such, you, as the administrator, should change these encryption keys to your own, randomly generated ones. To do so, go to <your XWiki directory>/data/xwiki-data/data/ and modify the "xwiki.cfg" configuration file there. This file should have two configuration options called "xwiki.authentication.validationKey" and "xwiki.authentication.encryptionKey". Generate, from scratch, two different 32 character long encryption keys and replace the default ones with your ones. Uppercase and lowercase letters, as well as digits, are allowed. I don't believe other symbols are accepted though.
293		-Change these and restart the docker container, for the changes to apply.
294		-
295		-
296		-== Make the "xwiki-data" directory accessible to non-root users ==
297		-
298		-For whatever reason, my setup generated the "xwiki-data" directory under my XWiki folder as being owned by the root user and under the root group, with permission levels of {{{"rwx------"}}}. If you're not already the root user on that machine, these permission levels are problematic as they will prevent you from cd-ing into it and making necessary configuration changes, nor even backing up that directory for the future.
299		-As such, please remember to "sudo chmode 655 -R xwiki-data/" to make it accessible! If this security configuration is not appropriate for your use cases, you may tweak it to fit your needs!
300		-
301	301	= External references =
302	302
303	303	[[Official docker guide for installing XWiki>>https://github.com/xwiki/xwiki-docker/blob/master/README.md]]