Theodotos Andreou a133fde1b3 | 7年前 | |
---|---|---|
docker | 7年前 | |
realms | 7年前 | |
.bowerrc | 10年前 | |
.gitignore | 9年前 | |
.travis.yml | 8年前 | |
LICENSE | 9年前 | |
MANIFEST.in | 7年前 | |
README.md | 7年前 | |
Vagrantfile | 9年前 | |
bower.json | 7年前 | |
install.sh | 8年前 | |
realms-wiki | 9年前 | |
requirements-dev.txt | 9年前 | |
requirements.txt | 9年前 | |
setup.py | 7年前 |
This is a recipe of Realms Wiki patched so that a docker image is build with LDAP support. The Dockefile actually downloads the Realms Wiki code from Matthew Scragg's original repo and not from my fork.
git clone git@github.com:theodotos/realms-wiki.git
cd realms-wiki/docker
docker build -t realm-wiki-img .
If you prefer using my build, you can pull it from Docker Hub:
docker pull theodotos/realms-wiki
Create a realms-wiki volume:
docker volume create --name realms-wiki
For your own build:
docker run -d --name realms-wiki -p 5000:5000 --volume realms-wiki:/home/wiki realms-wiki-img
For my build:
docker run -d --name realms-wiki -p 5000:5000 --volume realms-wiki:/home/wiki theodotos/realms-wiki:latest
Prepare a realms-wiki.json file like this:
cat > realms-wiki.json << EOF
{
"ALLOW_ANON": true,
"BASE_URL": "http://realms.example.com",
"CACHE_TYPE": "simple",
"DB_URI": "sqlite:////home/wiki/data/wiki.db",
"PORT": 5000,
"REGISTRATION_ENABLED": true,
"SEARCH_TYPE": "simple",
"SECRET_KEY": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"SITE_TITLE": "Example Wiki",
"WIKI_PATH": "/home/wiki/data/repo",
"LDAP": {
"URI": "ldap://ldap.example.com:389",
"BIND_DN": "cn=realms,ou=services,dc=example,dc=com",
"BIND_AUTH": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"USER_SEARCH": {
"base": "ou=people,dc=example,dc=com",
"filter": "uid=%(username)s"},
"START_TLS": true,
"KEY_MAP": {
"username": "uid",
"email": "mail"},
"OPTIONS": {
"OPT_PROTOCOL_VERSION": 3}
}
}
EOF
NOTE: you can use the apg -n1 -x65 -m65
command to generate a SECRET_KEY
Copy the config over to the container:
cp realms-wiki.json realms-wiki:/home/wiki/realms-wiki
Restart the container:
docker restart realms-wiki
Browse to http://realms.example.com:5000 to test it.
If you ldap backend is not protected by a publicly trusted CA, you will need to add your Internal ROOT CA certificate in the trusted CA list of your container.
Copy your Internal ROOT CA certificate in the container:
docker cp example-rootca.crt realms-wiki:/usr/local/share/ca-certificates/
Add your Internal CA as trusted in the trusted CA list:
docker exec -i -t -u root realms-wiki /usr/sbin/update-ca-certificates
Restart the container and try again.