Update README
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/push Build is failing
Details
This commit is contained in:
parent
b2034900bf
commit
96a96c22e6
48
README.md
48
README.md
|
@ -10,29 +10,23 @@ Based on [`mediawiki`][mediawiki].
|
||||||
|
|
||||||
1. Set up Docker Swarm and [`abra`][abra]
|
1. Set up Docker Swarm and [`abra`][abra]
|
||||||
2. Deploy [`coop-cloud/traefik`][traefik]
|
2. Deploy [`coop-cloud/traefik`][traefik]
|
||||||
3. `cp .envrc.sample .envrc`
|
3. `abra app new mediawiki`
|
||||||
4. Edit `.envrc` - be sure to change `$DOMAIN` to something that resolves to
|
4. `abra app YOURAPPDOMAIN config` - be sure to change `$DOMAIN` to something that resolves to
|
||||||
your Docker swarm box
|
your Docker swarm box
|
||||||
5. `direnv allow` (or `source .envrc`)
|
5. `abra app YOURAPPDOMAIN secret auto` (optionally with `--pass` if you'd like
|
||||||
6. Generate secrets:
|
to save secrets in `pass`).
|
||||||
```
|
6. `abra app YOURAPPDOMAIN deploy`
|
||||||
abra secret_generate db_password v1
|
7. Create an initial admin user:
|
||||||
abra secret_generate db_root_password v1
|
|
||||||
abra secret_generate mediawiki_secret_key v1 "pwgen -n 64 1"
|
|
||||||
```
|
|
||||||
7. `abra deploy`
|
|
||||||
8. Create an initial admin user:
|
|
||||||
`abra run app php /var/www/html/maintenance/createAndPromote.php --sysop YourUsername YourPassword`
|
`abra run app php /var/www/html/maintenance/createAndPromote.php --sysop YourUsername YourPassword`
|
||||||
|
|
||||||
## Email
|
## Email
|
||||||
|
|
||||||
1. Edit `.envrc` and uncomment the `SMTP` lines. Set `SMTP_HOST` to
|
1. `abra app YOURAPPDOMAIN config` - edit `.envrc` and uncomment the `SMTP` lines. Set `SMTP_HOST` to
|
||||||
`postfix_relay` for `coop-cloud/postfix_relay`, or `mailu_front` for
|
`postfix_relay` for `coop-cloud/postfix_relay`, or `mailu_front` for
|
||||||
`coop-cloud/mailu` (assuming default stack names)
|
`coop-cloud/mailu` (assuming default stack names)
|
||||||
2. For `postfix_relay`, add the domain to your email config – `EXTRA_SENDER_DOMAINS` in
|
2. For `postfix_relay`, add the domain to your email config – `EXTRA_SENDER_DOMAINS` in
|
||||||
`postfix_relay`. This doesn't seem to be required for Mailu.
|
`postfix_relay`. This doesn't seem to be required for Mailu.
|
||||||
3. `direnv allow` (or `source .envrc`)
|
3. `abra app YOURAPPDOMAIN deploy`
|
||||||
4. `abra deploy`
|
|
||||||
|
|
||||||
## Single Sign On
|
## Single Sign On
|
||||||
|
|
||||||
|
@ -46,38 +40,36 @@ This app includes optional SAML Single Sign On using
|
||||||
NOTE: currently, if you enable SAML then it'll disable Mediawiki's own user account
|
NOTE: currently, if you enable SAML then it'll disable Mediawiki's own user account
|
||||||
system. Patches to make this configurable are welcome!
|
system. Patches to make this configurable are welcome!
|
||||||
|
|
||||||
1. Edit `.envrc` and uncomment lines in the `SAML` section (including `COMPOSE_FILE`)
|
1. `abra app YOURAPPDOMAIN config` - uncomment lines in the `SAML` section (including `COMPOSE_FILE`)
|
||||||
2. `direnv allow`
|
2. Generate secrets: (add `--pass` if you want to store secrets in `pass`)
|
||||||
3. Generate secrets:
|
|
||||||
```
|
```
|
||||||
abra secret_generate saml_admin_password v1
|
abra app YOURAPPDOMAIN secret generate saml_admin_password v1
|
||||||
abra secret_generate saml_secret_salt v1 "pwgen -n 64 1"
|
abra app YOURAPPDOMAIN secret generate saml_secret_salt v1 "pwgen -n 64 1"
|
||||||
```
|
```
|
||||||
4. `abra deploy`
|
3. `abra app YOURAPPDOMAIN deploy`
|
||||||
5. Copy your SimpleSAMLphp metadata and certificates to the container (assuming
|
5. Copy your SimpleSAMLphp metadata and certificates to the container (assuming
|
||||||
you have local `metadata` and `cert` folders:
|
you have local `metadata` and `cert` folders:
|
||||||
```
|
```
|
||||||
abra cp metadata simplesaml:/var/simplesamlphp/
|
abra app YOURAPPDOMAIN cp metadata simplesaml:/var/simplesamlphp/
|
||||||
abra cp cert simplesaml:/var/simplesamlphp/
|
abra app YOURAPPDOMAIN cp cert simplesaml:/var/simplesamlphp/
|
||||||
```
|
```
|
||||||
6. You can log into SimpleSAMLphp using the password you generated at
|
6. You can log into SimpleSAMLphp using the password you generated at
|
||||||
https://$DOMAIN/simplesaml/ and test authentication
|
https://$DOMAIN/simplesaml/ and test authentication
|
||||||
7. Edit SimpleSAMLphp's `config.php` and change `store.sql.dsn`:
|
7. Edit SimpleSAMLphp's `config.php` and change `store.sql.dsn`:
|
||||||
```
|
```
|
||||||
abra run simplesaml vi /var/simplesamlphp/config/config.php
|
abra app YOURAPPDOMAIN run simplesaml vi /var/simplesamlphp/config/config.php
|
||||||
# find 'store.sql.dsn' and edit to:
|
# find 'store.sql.dsn' and edit to:
|
||||||
# 'sqlite:/var/simplesamlphp/data/simplesamlphp.sq3'
|
# 'sqlite:/var/simplesamlphp/data/simplesamlphp.sq3'
|
||||||
```
|
```
|
||||||
|
|
||||||
### OpenID Connect
|
### OpenID Connect
|
||||||
|
|
||||||
1. Edit `.envrc` and uncomment lines in the `OPENID` section (including `COMPOSE_FILE`)
|
1. `abra app YOURAPPDOMAIN config` - uncomment lines in the `OPENID` section (including `COMPOSE_FILE`)
|
||||||
2. `direnv allow`
|
2. Store your Keycloak-generated client secret in Docker:
|
||||||
3. Store your Keycloak-generated client secret in Docker:
|
|
||||||
```
|
```
|
||||||
abra secret insert openid_client_secret v1 put-your-secret-here
|
abra app YOURAPPDOMAIN secret insert openid_client_secret v1 put-your-secret-here
|
||||||
```
|
```
|
||||||
4. `abra deploy`
|
3. `abra deploy`
|
||||||
|
|
||||||
## License
|
## License
|
||||||
|
|
||||||
|
|
Reference in New Issue