- docker-foswiki, with Solr and NatSkin, multi-instances and Traefik ready
Log an issue or drop by the #timlegge-docker-foswiki irc channel on Freenode
I finally got tired of the dependancy issues of Foswiki on RedHat so I modified michael34435/docker-foswiki. The goal of this release is to have a stable version that runs foswiki with all the perl modules required for foswiki to run almost any Plugin. It is served by nginx. Alpinelinux minimizes the size of the container, the total size for this image is 400MB
.
Three variations of the docker-compose
file are available in order to have a complete Foswiki + Solr faceted search application : a simple one, a pre-configured one for multiple instances and a Traefik ready one.
To start the image :
docker run -idt -p 80:80 timlegge/docker-foswiki
Once started, open http://localhost
in your browser. The user running the command is in the docker group otherwise sudo is required.
cd [where the project has been cloned]
docker exec -it docker-foswiki /bin/bash
cd /var/www/foswiki/
tools/configure -save -set {Password}='MyPassword'
The first compose file provides a Foswiki + Solr multi-container application. Start it with :
cp docker-compose.1-simple.yml docker-compose.yml
docker-compose up -d
Once started, open http://localhost:8765
in your browser.
The Solr container is set up on an private Docker network.
The second compose file provides a Foswiki + Solr multi-container application that enables HTTPS. Start it with :
cp docker-compose.2-simple-https.yml docker-compose.yml
docker-compose up -d
Once started, open https://localhost:8443
in your browser.
DO NOT use the certificates included here in a production environment (or really any environment). They are here to simply allow the start up of a fully functional https configuration. Simply run the following commands to replace the certificates with your own self-signed certificaes:
Note that this produces an unencrypted key file. This is needed to start the nginx web server without providing the password to decrypt the file. Take appropriate measure to secure the file as needed for the security of your installation.
openssl req -x509 -newkey rsa:4096 -nodes -keyout https/docker-foswiki.key -out https/docker-foswiki.crt -days 365
Generating a RSA private key
........................................................................................................................................................................++++
.................................................++++
writing new private key to 'https/docker-foswiki.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]: US
State or Province Name (full name) [Some-State]: NY
Locality Name (eg, city) []: New York
Organization Name (eg, company) [Internet Widgits Pty Ltd]: Docker Foswiki
Organizational Unit Name (eg, section) []: Security
Common Name (e.g. server FQDN or YOUR name) []:docker-foswiki.local
Email Address []:
You can define docker-foswiki.local in your host file to match the certificate name and nginx configuration. Change the server name in https/nginx.default.conf
to the server name you wish to use.
The Solr container is set up on an private Docker network.
See: https://foswiki.org/Extensions/SolrPlugin#Using_Solr_for_WebSearch_44_WebChanges_and_Main.WikiUsers
The Docker container includes iwatch which automatically indexes files that have changed. Everything is set up but you can review https://foswiki.org/Extensions/SolrPlugin#Realtime_indexing
If multiple instances of Foswiki are needed, each one has to have its own folder, at same level as this repo :
somepath/docker-foswiki/
: this reposomepath/instance1/
: folder for first Foswiki instancesomepath/instance2/
: folder for second Foswiki instance- and so on
Use the second compose file :
cd somepath/docker-foswiki/
cp docker-compose.3-multipleInstances.yml docker-compose.yml
Under each instance folder, simply copy the .env
file :
cd somepath/instance1
cp ../docker-foswiki/.env .
And edit it :
- do not change
COMPOSE_FILE
- change
COMPOSE_PROJECT_NAME
to this instance name, Docker will use it to prefix the containers name of this instance - change
EXTERNAL_PORT
so that each instance uses a different port number, for instance 8761, 8762 and so on - change
TZ
to your time zone ACME
is only used with Traefik, see below
Start each instance under its own folder with :
cd somepath/instance1
docker-compose up -d
If you use Traefik as a reverse proxy for multiple instances, use the third compose file :
cd somepath/docker-foswiki/
cp docker-compose.4-Traefik.yml docker-compose.yml
This compose file has all the labels required to work with your running Traefik container.
In the .env
file, change the ACME
variable to the certResolver
name you have declared within Traefik.
After each instance starts, check the Traefik dashboard to verify it has been registered correctly.
See the volume declaration in the docker-compose.yml
file :
- 4 volumes are created, for Foswiki data and Solr
- the
:z
after the volume declaration is necessary with selinux on RedHat to set the permissions correctly - the volumes are located by default under
/var/lib/docker/volumes/
The third compose file is configured so that the actual volumes data is located under its instance folder. To activate this run the following before starting your instance :
cd somepath/instance1
mkdir volumes
mkdir volumes/foswiki_www
mkdir volumes/solr_configsets
mkdir volumes/solr_foswiki
mkdir volumes/solr_logs
- CopyContrib
- DBCacheContrib
- FarscrollContrib
- InfiniteScrollContrib
- JQAutoColorContrib
- JQMomentContrib
- JQPhotoSwipeContrib
- JQSelect2Contrib
- JQSerialPagerContrib
- JQTwistyContrib
- JSTreeContrib
- LdapContrib
- OpenIDLoginContrib
- SamlLoginContrib
- StringifierContrib
- WebFontsContrib
- XSendFileContrib
- AttachContentPlugin
- AutoRedirectPlugin
- AutoTemplatePlugin
- BreadCrumbsPlugin
- CaptchaPlugin
- ClassificationPlugin
- DBCachePlugin
- DiffPlugin
- DigestPlugin
- DocumentViewerPlugin
- EditChapterPlugin
- FilterPlugin
- FlexFormPlugin
- FlexWebListPlugin
- GraphvizPlugin
- GridLayoutPlugin
- ImageGalleryPlugin
- ImagePlugin
- JQDataTablesPlugin
- LdapNgPlugin
- LikePlugin
- ListyPlugin
- MediaElementPlugin
- MetaCommentPlugin
- MetaDataPlugin
- MimeIconPlugin
- MoreFormfieldsPlugin
- MultiLingualPlugin
- NatSkinPlugin
- NewUserPlugin
- PageOptimizerPlugin
- PubLinkFixupPlugin
- RedDotPlugin
- RenderPlugin
- SecurityHeadersPlugin
- SolrPlugin
- TagCloudPlugin
- TopicInteractionPlugin
- TopicTitlePlugin
- WebLinkPlugin
- WorkflowPlugin
- NatSkin
The following base modules are installed to support Foswiki or the required Perl modules below.
Repo | Application | Alpine Package |
---|---|---|
main | Bash | bash |
main | Common-CA-certificates | ca-certificates |
main | GraphVis | graphviz |
main | Grep | grep |
main | mailcap | mailcap |
main | GNU-make | make |
main | Lynx Texte Browser | lynx |
main | musl-LibC | musl |
main | nginx-Web-Server | nginx |
main | openSSL | openssl |
main | Perl5 | perl |
main | poppler-utils | poppler-utils |
main | Timezone-Data | tzdata |
main | unzip | unzip |
main | wget | wget |
main | zip | zip |
community | ImageMagick | imagemagick |
community | PerlMagick | imagemagick-perlmagick |
testing | odt2txt | odt2txt |
A lot of perl modules required by Foswiki and many of its expensions are included in this Docker file as native alpine packages:
Repo | Perl Module | Alpine Package |
---|---|---|
main | Apache-LogFormat-Compiler | perl-apache-logformat-compiler |
main | Archive-Zip | perl-archive-zip |
main | Authen-SASL | perl-authen-sasl |
main | CGI | perl-cgi |
main | Cache-Cache | perl-cache-cache |
main | Crypt-Eksblowfish | perl-crypt-eksblowfish |
main | Crypt-OpenSSL-RSA | perl-crypt-openssl-rsa |
main | Crypt-OpenSSL-Random | perl-crypt-openssl-random |
main | Crypt-X509 | perl-crypt-x509 |
main | DBD-Pg | perl-dbd-pg |
main | DBD-SQLite | perl-dbd-sqlite |
main | DBD-mysql | perl-dbd-mysql |
main | DBI | perl-dbi |
main | DB_File | perl-db_file |
main | DateTime | perl-datetime |
main | Digest-SHA1 | perl-digest-sha1 |
main | Encode | perl-encode |
main | Error | perl-error |
main | FCGI | perl-fcgi |
main | FCGI-ProcManager | perl-fcgi-procmanager |
main | File-Copy-Recursive-$pkgver | perl-file-copy-recursive |
main | File-Remove | perl-file-remove |
main | File-Slurp | perl-file-slurp |
main | File-Which | perl-file-which |
main | GD | perl-gd |
main | HTML-Tree | perl-html-tree |
main | IO-Socket-INET6 | perl-io-socket-inet6 |
main | JSON | perl-json |
main | MIME-Base64 | perl-mime-base64 |
main | Module-Install | perl-module-install |
main | Module-Pluggable | perl-module-pluggable |
main | Path-Tiny | perl-path-tiny |
main | Stream-Buffered | perl-stream-buffered |
main | Test-LeakTrace | perl-test-leaktrace |
main | Text-Soundex | perl-text-soundex |
main | Type-Tiny | perl-type-tiny |
main | XML-Parser | perl-xml-parser |
main | YAML-Tiny | perl-yaml-tiny |
main | libwww-perl | perl-libwww |
main | Filesys-Notify-Simple | perl-filesys-notify-simple |
main | Hash-MultiValue | perl-hash-multivalue |
main | Locale-Maketext-Lexicon | perl-locale-maketext-lexicon |
main | URI | perl-uri |
main | perl-ldap | perl-ldap |
main | CGI-Session | perl-cgi-session |
main | Class-Accessor | perl-class-accessor |
community | Algorithm-Diff | perl-algorithm-diff |
community | Algorithm-Diff-XS | perl-algorithm-diff-xs |
community | AuthCAS | perl-authcas |
community | BerkeleyDB | perl-db |
community | CHI | perl-chi |
community | Crypt-PasswdMD5 | perl-crypt-passwdmd5 |
community | Crypt-SMIME | perl-crypt-smime |
community | Convert-PEM | perl-convert-pem |
community | Crypt-OpenSSL-Bignum | perl-crypt-openssl-bignum |
community | Crypt-OpenSSL-DSA | perl-crypt-openssl-dsa |
community | Crypt-OpenSSL-VerifyX509 | perl-crypt-openssl-verifyx509 |
community | Crypt-OpenSSL-X509 | perl-crypt-openssl-x509 |
community | Dancer | perl-dancer |
community | DB_File-Lock | perl-db_file-lock |
community | DateTime-Format-XSD | perl-datetime-format-xsd |
community | Devel-OverloadInfo | perl-devel-overloadinfo |
community | Digest-Perl-MD5 | perl-digest-perl-md5 |
communtiy | Email-Address-XS | perl-email-address-xs |
community | Email-MIME | perl-email-mime |
community | Hash-Merge-Simple | perl-hash-merge-simple |
community | Image-Info | perl-image-info |
community | JSON-XS | perl-json-xs |
community | GSSAPI | perl-gssapi |
community | Locale-Codes | perl-locale-codes |
community | Locale-Msgfmt | perl-locale-msgfmt |
community | LWP-Protocol-https | perl-lwp-protocol-https |
community | Moo | perl-moo |
community | MooX-Types-MooseLike | perl-moox-types-mooselike |
community | Moose | perl-moose |
community | MooseX | perl-moosex |
community | MooseX-Types | perl-moosex-types |
community | MooseX-Types-Common | perl-moosex-types-common |
community | MooseX-Types-DateTime | perl-moosex-types-datetime |
community | MooseX-Types-URI | perl-moosex-types-uri |
community | Spreadsheet-ParseExcel | perl-spreadsheet-parseexcel |
community | Spreadsheet-XLSX | perl-spreadsheet-xlsx |
community | Sub-Exporter-ForMethods | perl-sub-exporter-formethods |
community | WWW-Mechanize | perl-www-mechanize |
community | XML-CanonicalizeXML | perl-xml-canonicalizexml |
community | XML-Easy | perl-xml-easy |
community | XML-Generator | perl-xml-generator |
community | XML-Tidy | perl-xml-tidy |
community | XML-Writer | perl-xml-writer |
community | XML-XPath | perl-xml-xpath |
community | YAML | perl-yaml |
testing | Crypt-JWT | perl-crypt-jwt |
testing | Crypt-Random | perl-crypt-random |
testing | libapreq2 | perl-libapreq2 |
testing | Sereal | perl-sereal |
timlegge | Net-SAML2 | perl-net-saml2 |
You can build the docker image yourself from the git clone. Simply do the following in the git directory:
docker build --no-cache -t docker-foswiki .
Building the docker image requires parts of the build process to get access to the internet so if you have a proxy server you will need to follow the directions below to pass the proxy settings to the bulid prodess
docker build --no-cache --build-arg https_proxy=http://proxy.example.com:8080 --build-arg http_proxy=http://proxy.example.com:8080 --build-arg HTTPS_PROXY=http://proxy.example.com:8080 --build-arg HTTP_PROXY=http://proxy.example.com:8080 -t docker-foswiki .
Unfortunately as the build use's wget, perl LWP and apk from AlpineLinux all four environment variables are necessary as each uses a different case or protocol to download the proper files.
docker run --name docker-foswiki -d -p 80:80 docker-foswiki
docker exec -it docker-foswiki /bin/sh
docker stop docker-foswiki
docker rm docker-foswiki
docker login
docker tag docker-foswiki $DOCKER_ID_USER/docker-foswiki
docker push $DOCKER_ID_USER/docker-foswiki
This docker image is used by CapRover for their one-click app integration, see README-CAPROVER.md file.
MIT