This is a Docker multi-container of MediaWiki with MariaDB and OpenLDAP.
Two technical notes:
- We extend the official MediaWiki and MariaDB Docker images, but we employ our own OpenLDAP image (we elected not to use the popular https://github.com/osixia/docker-openldap because it appeared overengineered for our purpose and hard to assess.)
- We use implicit TLS instead of STARTTLS (this is not bad.)
To use, first run ./generate_privkey.sh once to generate the x509 certificate and private key. Then:
docker compose build && docker compose up -dand head to http://localhost:8080 in your web browser. You may log in to the wiki as the user rjsmith with password rJsmitH.
To bring it down use docker compose down.
You can read server logs with docker logs on the appropriate container listed via docker container ls.
You are encouraged to look at the files to understand which parts must be edited. We briefly explain each file.
.env, contains links to the MediaWiki plugin tarballs (always latest version.)generate_privkey.sh, will help you generate a self-signed x509 cert for the LDAP/MediaWiki communication. You may edit the details inx509-cert/cert.cnfto match your domain.secrets/, this directory contains all the secrets of this project: there’s only one, the private key of the x509 certificate. It is required by the LDAP server to establish TLS connections. The contents of thesecretsdirectory are ignored by.gitignore, so that no accidental commit occurs.wiki/andldap/containconfigdirectories that configure the corresponding services.
- You should configure backups for mediawiki, the database, and LDAP.
- You should change passwords on all the services (wiki, ldap, db.) You may want to use Docker’s secrets mechanism, use salted hashes in LDAP, etc.
- You may want to configure the access policy in LDAP to suit your needs.
- You should set up LDAP to use your real content database, not the one in
ldap/config/example.com.ldif. - Other modifications are possible. This is a minimal project. Maybe you want more MediaWiki LDAP plugins?