Changes for page How to setup an XWiki docker container
Last modified by Alexandru Pentilescu on 2023/06/25 18:56
From version 57.1
edited by Alexandru Pentilescu
on 2022/06/15 23:11
on 2022/06/15 23:11
Change comment:
There is no comment for this version
To version 58.1
edited by Alexandru Pentilescu
on 2023/06/25 18:56
on 2023/06/25 18:56
Change comment:
There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -4,7 +4,7 @@ 4 4 5 5 * You have sudo rights on the machine where you're trying to install the XWiki server on 6 6 * This machine already has docker fully installed and properly configured on it. Please perform a test installation of any random image from docker hub to ensure that everything works appropriately 7 -* You already own and are in control of a domain name for which you wish to make the XWiki server accessible through. This domain name is already pre-configured to point to the server that you wish to install XWiki on. In my particular case, I already have pentilescu.comconfigured to point to my VPS and, what I wished to accomplish was to have a subdomain via which I could access XWiki. In this particular case, this subdomain was wiki.pentilescu.com. To that end, you must have nginx also configured and running on the same server in the background, to have it redirect connections whose destination is a specific port to a subdomain7 +* You already own and are in control of a domain name for which you wish to make the XWiki server accessible through. This domain name is already pre-configured to point to the server that you wish to install XWiki on. In my particular case, I already have transistor.one configured to point to my VPS and, what I wished to accomplish was to have a subdomain via which I could access XWiki. In this particular case, this subdomain was wiki.transistor.one. To that end, you must have nginx also configured and running on the same server in the background, to have it redirect connections whose destination is a specific port to a subdomain 8 8 * Finally, it's recommended (although not mandatory) to have an SMTP email server running somewhere accessible to the docker instance. XWiki will need to use this server to relay account activation emails as well as password reset emails to its users 9 9 10 10 With all of these details in mind, let's begin! ... ... @@ -139,7 +139,7 @@ 139 139 140 140 Take your time and don't rush! 141 141 142 -When you want to see the status of your installation, visit the domain name pointing to your server at port 8081. In my case, I would visit http:// pentilescu.com:8081/142 +When you want to see the status of your installation, visit the domain name pointing to your server at port 8081. In my case, I would visit http://transistor.one:8081/ 143 143 144 144 You might see a page indicating that XWiki is initializing, as well as a percentage counter indicating its progress. Let the server finish doing its thing. 145 145 ... ... @@ -153,13 +153,13 @@ 153 153 154 154 = [OPTIONAL] Nginx reverse proxy configuration = 155 155 156 -We assume you already have Nginx installed and properly configured on your machine. Also, we will assume you have an X.509 certificate whose Subject Alt Names includes both your domain name, as well as the subdomain for your wiki (i.e. in my case for pentilescu.comand wiki.pentilescu.com, respectively) and you've configured Nginx to utilize both of them! If this is not the case or you're unsure how to perform these configurations, please check the internal "How to setup an Nginx reverse proxy and also provide a global X.509 certificate for it" guide at the bottom of this page.156 +We assume you already have Nginx installed and properly configured on your machine. Also, we will assume you have an X.509 certificate whose Subject Alt Names includes both your domain name, as well as the subdomain for your wiki (i.e. in my case for transistor.one and wiki.transistor.one, respectively) and you've configured Nginx to utilize both of them! If this is not the case or you're unsure how to perform these configurations, please check the internal "How to setup an Nginx reverse proxy and also provide a global X.509 certificate for it" guide at the bottom of this page. 157 157 158 158 In "/etc/nginx/sites-available/", please create a "xwiki.conf" file with the following contents: 159 159 160 160 {{code language="nginx"}} 161 161 server { 162 - server_name wiki. pentilescu.com;162 + server_name wiki.transistor.one; 163 163 164 164 listen [::]:443 ssl http2; # managed by Certbot 165 165 listen 443 ssl http2; # managed by Certbot ... ... @@ -172,9 +172,9 @@ 172 172 } 173 173 {{/code}} 174 174 175 -Please replace "wiki. pentilescu.com" with the domain and subdomains that you desire for your particular website. Also, please adapt "/etc/nginx/snippets/ssl.conf" to reference the X.509 Nginx configuration file on your particular server. If you do not wish to support TLS at all, you may remove this line, as well as the "listen" directives from above.175 +Please replace "wiki.transistor.one" with the domain and subdomains that you desire for your particular website. Also, please adapt "/etc/nginx/snippets/ssl.conf" to reference the X.509 Nginx configuration file on your particular server. If you do not wish to support TLS at all, you may remove this line, as well as the "listen" directives from above. 176 176 177 -Effectively, what this configuration file will do is tell Nginx to redirect all HTTP/HTTPS connection verbs directed at wiki. pentilescu.comto localhost port 8081, optionally also injecting the TLS certificates into the connection to secure it as well. By doing this, instead of having to connect to port 8081 on your server manually, future users of your XWiki instance will have to type the subdomain in their browser's address bar instead, which is usually more human readable and more memorable for most people. Typing in "wiki.pentilescu.com" into your browser's address bar is more human friendly than typing "pentilescu.com:8081". Not only are numeric port numbers difficult to remember, but Nginx will also inject TLS into the connection to secure it if you configured the X.509 certificates properly, effectively securing your visitors' connection every time so that their login credentials are protected even against network sniffers.177 +Effectively, what this configuration file will do is tell Nginx to redirect all HTTP/HTTPS connection verbs directed at wiki.transistor.one to localhost port 8081, optionally also injecting the TLS certificates into the connection to secure it as well. By doing this, instead of having to connect to port 8081 on your server manually, future users of your XWiki instance will have to type the subdomain in their browser's address bar instead, which is usually more human readable and more memorable for most people. Typing in "wiki.transistor.one" into your browser's address bar is more human friendly than typing "transistor.one:8081". Not only are numeric port numbers difficult to remember, but Nginx will also inject TLS into the connection to secure it if you configured the X.509 certificates properly, effectively securing your visitors' connection every time so that their login credentials are protected even against network sniffers. 178 178 179 179 Once you've done this, create a symbolic link with the following command to activate your new configuration: 180 180 ... ... @@ -264,7 +264,7 @@ 264 264 To configure an SMTP server, go to the "Administer Wiki" section of the hamburger menu again, then expand the "Mail" section of the options on the left side and finally click on the "Mail Sending" menu option. 265 265 [[image:Mail.png]] 266 266 Of course, the exact configuration options you have to enter depend on your SMTP server's configuration. If you configured mandatory authentication on your SMTP server, you will have to enter login credentials here. I don't have to do that, personally. 267 -The "EMAIL ADDRESS TO SEND FROM" can be any email address you wish to configure. Preferrably, it should be under the domain name of the machine where you're running your XWiki from (in my case, under " pentilescu.com").267 +The "EMAIL ADDRESS TO SEND FROM" can be any email address you wish to configure. Preferrably, it should be under the domain name of the machine where you're running your XWiki from (in my case, under "transistor.one"). 268 268 The "EMAIL SERVER" option is a bit trickier. Assuming you're using postfix as your SMTP server, this should be an email configured in the "inet_interfaces" setting from the "/etc/postfix/main.cf" configuration file. 269 269 Also, if your postfix is not configured to accept email relays from outside its network, as mine does, you must remember to edit "/etc/postfix/main.cf" to add "192.168.80.3" to its "mynetworks" configuration, to, essentially, whitelist your docker container as a valid relay source, otherwise it will deny any email sending requests from it. 270 270 Please be sure to use the appropriate IP address as configured in your "docker-compose.yml" file for your xwiki service. ... ... @@ -294,5 +294,5 @@ 294 294 = External references = 295 295 296 296 [[Official docker guide for installing XWiki>>https://github.com/xwiki/xwiki-docker/blob/master/README.md]] 297 -[[How to setup an Nginx reverse proxy and also provide a global X.509 certificate for it>>https://wiki. pentilescu.com/bin/view/Guides/How%20to%20setup%20an%20Nginx%20reverse%20proxy%20and%20also%20provide%20a%20global%20X.509%20certificate%20for%20it/]]298 -[[How to setup a postfix SMTP server>>https://wiki. pentilescu.com/bin/view/Guides/How%20to%20setup%20a%20postfix%20SMTP%20server/]]297 +[[How to setup an Nginx reverse proxy and also provide a global X.509 certificate for it>>https://wiki.transistor.one/bin/view/Guides/How%20to%20setup%20an%20Nginx%20reverse%20proxy%20and%20also%20provide%20a%20global%20X.509%20certificate%20for%20it/]] 298 +[[How to setup a postfix SMTP server>>https://wiki.transistor.one/bin/view/Guides/How%20to%20setup%20a%20postfix%20SMTP%20server/]]