Update README
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/push Build is failing
Details
This commit is contained in:
parent
b2034900bf
commit
96a96c22e6
48
README.md
48
README.md
|
@ -10,29 +10,23 @@ Based on [`mediawiki`][mediawiki].
|
|||
|
||||
1. Set up Docker Swarm and [`abra`][abra]
|
||||
2. Deploy [`coop-cloud/traefik`][traefik]
|
||||
3. `cp .envrc.sample .envrc`
|
||||
4. Edit `.envrc` - be sure to change `$DOMAIN` to something that resolves to
|
||||
3. `abra app new mediawiki`
|
||||
4. `abra app YOURAPPDOMAIN config` - be sure to change `$DOMAIN` to something that resolves to
|
||||
your Docker swarm box
|
||||
5. `direnv allow` (or `source .envrc`)
|
||||
6. Generate secrets:
|
||||
```
|
||||
abra secret_generate db_password v1
|
||||
abra secret_generate db_root_password v1
|
||||
abra secret_generate mediawiki_secret_key v1 "pwgen -n 64 1"
|
||||
```
|
||||
7. `abra deploy`
|
||||
8. Create an initial admin user:
|
||||
5. `abra app YOURAPPDOMAIN secret auto` (optionally with `--pass` if you'd like
|
||||
to save secrets in `pass`).
|
||||
6. `abra app YOURAPPDOMAIN deploy`
|
||||
7. Create an initial admin user:
|
||||
`abra run app php /var/www/html/maintenance/createAndPromote.php --sysop YourUsername YourPassword`
|
||||
|
||||
## Email
|
||||
|
||||
1. Edit `.envrc` and uncomment the `SMTP` lines. Set `SMTP_HOST` to
|
||||
1. `abra app YOURAPPDOMAIN config` - edit `.envrc` and uncomment the `SMTP` lines. Set `SMTP_HOST` to
|
||||
`postfix_relay` for `coop-cloud/postfix_relay`, or `mailu_front` for
|
||||
`coop-cloud/mailu` (assuming default stack names)
|
||||
2. For `postfix_relay`, add the domain to your email config – `EXTRA_SENDER_DOMAINS` in
|
||||
`postfix_relay`. This doesn't seem to be required for Mailu.
|
||||
3. `direnv allow` (or `source .envrc`)
|
||||
4. `abra deploy`
|
||||
3. `abra app YOURAPPDOMAIN deploy`
|
||||
|
||||
## Single Sign On
|
||||
|
||||
|
@ -46,38 +40,36 @@ This app includes optional SAML Single Sign On using
|
|||
NOTE: currently, if you enable SAML then it'll disable Mediawiki's own user account
|
||||
system. Patches to make this configurable are welcome!
|
||||
|
||||
1. Edit `.envrc` and uncomment lines in the `SAML` section (including `COMPOSE_FILE`)
|
||||
2. `direnv allow`
|
||||
3. Generate secrets:
|
||||
1. `abra app YOURAPPDOMAIN config` - uncomment lines in the `SAML` section (including `COMPOSE_FILE`)
|
||||
2. Generate secrets: (add `--pass` if you want to store secrets in `pass`)
|
||||
```
|
||||
abra secret_generate saml_admin_password v1
|
||||
abra secret_generate saml_secret_salt v1 "pwgen -n 64 1"
|
||||
abra app YOURAPPDOMAIN secret generate saml_admin_password v1
|
||||
abra app YOURAPPDOMAIN secret generate saml_secret_salt v1 "pwgen -n 64 1"
|
||||
```
|
||||
4. `abra deploy`
|
||||
3. `abra app YOURAPPDOMAIN deploy`
|
||||
5. Copy your SimpleSAMLphp metadata and certificates to the container (assuming
|
||||
you have local `metadata` and `cert` folders:
|
||||
```
|
||||
abra cp metadata simplesaml:/var/simplesamlphp/
|
||||
abra cp cert simplesaml:/var/simplesamlphp/
|
||||
abra app YOURAPPDOMAIN cp metadata simplesaml:/var/simplesamlphp/
|
||||
abra app YOURAPPDOMAIN cp cert simplesaml:/var/simplesamlphp/
|
||||
```
|
||||
6. You can log into SimpleSAMLphp using the password you generated at
|
||||
https://$DOMAIN/simplesaml/ and test authentication
|
||||
7. Edit SimpleSAMLphp's `config.php` and change `store.sql.dsn`:
|
||||
```
|
||||
abra run simplesaml vi /var/simplesamlphp/config/config.php
|
||||
abra app YOURAPPDOMAIN run simplesaml vi /var/simplesamlphp/config/config.php
|
||||
# find 'store.sql.dsn' and edit to:
|
||||
# 'sqlite:/var/simplesamlphp/data/simplesamlphp.sq3'
|
||||
```
|
||||
|
||||
### OpenID Connect
|
||||
|
||||
1. Edit `.envrc` and uncomment lines in the `OPENID` section (including `COMPOSE_FILE`)
|
||||
2. `direnv allow`
|
||||
3. Store your Keycloak-generated client secret in Docker:
|
||||
1. `abra app YOURAPPDOMAIN config` - uncomment lines in the `OPENID` section (including `COMPOSE_FILE`)
|
||||
2. Store your Keycloak-generated client secret in Docker:
|
||||
```
|
||||
abra secret insert openid_client_secret v1 put-your-secret-here
|
||||
abra app YOURAPPDOMAIN secret insert openid_client_secret v1 put-your-secret-here
|
||||
```
|
||||
4. `abra deploy`
|
||||
3. `abra deploy`
|
||||
|
||||
## License
|
||||
|
||||
|
|
Reference in New Issue