{"id":15134674,"url":"https://github.com/ubc/mediawiki-docker","last_synced_at":"2025-10-23T11:30:40.890Z","repository":{"id":46038820,"uuid":"95264366","full_name":"ubc/mediawiki-docker","owner":"ubc","description":"To generate a production use MediaWiki docker image","archived":false,"fork":false,"pushed_at":"2025-02-07T18:57:03.000Z","size":430,"stargazers_count":34,"open_issues_count":6,"forks_count":13,"subscribers_count":11,"default_branch":"master","last_synced_at":"2025-02-07T19:32:57.427Z","etag":null,"topics":["docker","docker-image","mediawiki"],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ubc.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-06-23T23:53:35.000Z","updated_at":"2025-02-03T10:53:21.000Z","dependencies_parsed_at":"2024-01-26T16:47:22.224Z","dependency_job_id":"7aa05e62-1649-41e7-aa38-61bcd0bce688","html_url":"https://github.com/ubc/mediawiki-docker","commit_stats":{"total_commits":190,"total_committers":10,"mean_commits":19.0,"dds":0.2894736842105263,"last_synced_commit":"53185c5a21d6cc18cc85dbf73f25e732e13c75c3"},"previous_names":[],"tags_count":52,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ubc%2Fmediawiki-docker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ubc%2Fmediawiki-docker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ubc%2Fmediawiki-docker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ubc%2Fmediawiki-docker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ubc","download_url":"https://codeload.github.com/ubc/mediawiki-docker/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":237811580,"owners_count":19370151,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","docker-image","mediawiki"],"created_at":"2024-09-26T05:23:44.425Z","updated_at":"2025-10-23T11:30:40.537Z","avatar_url":"https://github.com/ubc.png","language":"PHP","readme":"# MediaWiki Docker Image\n\nThis repo is largely based on MediaWiki offical [docker repo](https://github.com/wikimedia/mediawiki-docker).\n\nThe changes are:\n\n* Used \"Vector\" skin by default\n* Used PHP-Apache docker image as base\n* Used stable version of MediaWiki\n* Customized for the production use\n\n## Configuration options\n\nUse the following environmental variables to generate a `LocalSettings.php` and perform automatic installation of MediaWiki. If you don't include these, you'll need to go through the installation wizard. See `Installation Wizard` below for more details. Please see [Manual:Configuration_settings](https://www.mediawiki.org/wiki/Manual:Configuration_settings) for details about what these configuration variables do.\n\n - `-e MEDIAWIKI_SITE_SERVER=` (**required** set this to the server host and include the protocol (and port if necessary) like `http://my-wiki:8080`; configures `$wgServer`)\n - `-e MEDIAWIKI_SITE_NAME=` (defaults to `MediaWiki`; configures `$wgSitename`)\n - `-e MEDIAWIKI_SITE_LANG=` (defaults to `en`; configures `$wgLanguageCode`)\n - `-e MEDIAWIKI_ADMIN_USER=` (defaults to `admin`; configures default administrator username)\n - `-e MEDIAWIKI_ADMIN_PASS=` (defaults to `rosebud`; configures default administrator password)\n - `-e MEDIAWIKI_UPDATE=true` (defaults to `false`; run `php maintenance/update.php`)\n - `-e MEDIAWIKI_SLEEP=` (defaults to `0`; delays startup of container, useful when using Docker Compose)\n - `-e MEDIAWIKI_EXTENSIONS` (defaults to empty; specify which extensions to enable, comma separated. Extensions are installed through docker image build)\n - `-e PARSOID_DOMAIN` (defaults to `localhost`, parsoid domain)\n - `-e RESTBASE_URL` (defaults not set, RestBase instance URL, if not set, no RestBase will be configured)\n - `-e LDAP_DOMAIN` (defaults not set, LDAP domain, e.g. CWL)\n - `-e LDAP_SERVER` (defaults not set, LDAP server address)\n - `-e LDAP_PORT` (defaults to `389`, LDAP server port)\n - `-e LDAP_ENCRYPTION_TYPE` (defaults to `clear`, LDAP connection encryption type, possible values are `clear`, `ldapi`, `tls` and `ssl`)\n - `-e LDAP_BASE_DN` (defaults to `ou=Users,ou=LOCAL,dc=domain,dc=local`, LDAP base DN for searching)\n - `-e LDAP_USER_BASE_DN` (defaults to `ou=Users,ou=LOCAL,dc=domain,dc=local`, LDAP base DN for user info)\n - `-e LDAP_SEARCH_STRINGS` (defaults not set, LDAP search string)\n - `-e LDAP_SEARCH_ATTRS` (defaults not set, LDAP search attribute)\n - `-e LDAP_PROXY_AGENT` (defaults not set, LDAP proxy agent)\n - `-e LDAP_PROXY_PASSWORD` (defaults not set, LDAP proxy agent password)\n - `-e LDAP_USERNAME_ATTR` (defaults to `cn`, LDAP attribute for user name)\n - `-e LDAP_REALNAME_ATTR` (defaults to `displayname`, LDAP attribute for real name)\n - `-e LDAP_EMAIL_ATTR` (defaults to `mail`, LDAP attribute for for email address)\n - `-e MEDIAWIKI_MAIN_CACHE` (defaults to `CACHE_NONE`, main cache)\n - `-e MEDIAWIKI_MEMCACHED_SERVERS` (defaults to `[]`, list of memcched servers, comma separated, e.g.[\"memcached:11211\", \"memcached1:11211\"])\n - `-e UBC_AUTH` (defaults not set. Set o `true` to enable the UBC-specific authentication extension)\n - `-e AUTO_CREATED_USER_REDIRECT` (defaults not set.  Set it to a wiki page [e.g. `Main_page`] to redirect new users to a specific page when they first login via LDAP)\n\nAs mentioned, this will generate the `LocalSettings.php` file that is required by MediaWiki. If you mounted a shared volume (see `Shared Volume` below), the generated `LocalSettings.php` will be automatically moved to your share volume allowing you to edit it. If a `CustomSettings.php` file exists in your data file, a `require('/data/CustomSettings.php');` will be appended to the generated `LocalSettings.php` file.\n\n## Docker Compose\n\n```bash\ndocker-compose up\n```\nCustomization can be done through the environment variables in `docker-compose.yaml`.\n\n### Using Database Server\n\nYou can use the following environment variables for connecting to another database server:\n\n - `-e MEDIAWIKI_DB_TYPE=...` (defaults to `mysql`, but can also be `postgres`)\n - `-e MEDIAWIKI_DB_HOST=...` (defaults to the address of the linked database container)\n - `-e MEDIAWIKI_DB_PORT=...` (defaults to the port of the linked database container or to the default for specified db type)\n - `-e MEDIAWIKI_DB_USER=...` (defaults to `root` or `postgres` based on db type being `mysql`, or `postgres` respsectively)\n - `-e MEDIAWIKI_DB_PASSWORD=...` (defaults to the password of the linked database container)\n - `-e MEDIAWIKI_DB_NAME=...` (defaults to `mediawiki`)\n - `-e MEDIAWIKI_DB_SCHEMA`... (defaults to `mediawiki`, applies only to when using postgres)\n\nIf the `MEDIAWIKI_DB_NAME` specified does not already exist on the provided MySQL\nserver, it will be created automatically upon container startup, provided\nthat the `MEDIAWIKI_DB_USER` specified has the necessary permissions to create\nit.\n\nTo use with an external database server, use `MEDIAWIKI_DB_HOST` (along with\n`MEDIAWIKI_DB_USER` and `MEDIAWIKI_DB_PASSWORD` if necessary):\n\n    docker run --name some-mediawiki \\\n        -e MEDIAWIKI_DB_HOST=10.0.0.1\n        -e MEDIAWIKI_DB_PORT=3306 \\\n        -e MEDIAWIKI_DB_USER=app \\\n        -e MEDIAWIKI_DB_PASSWORD=secure \\\n        wikimedia/mediawiki\n\n## Shared Volume\n\nIf provided mount a shared volume using the `-v` argument when running `docker run`, the mediawiki container will automatically look for a `LocalSettings.php` file and `images`, `skins` and `extensions` folders. When found symbolic links will be automatically created to the respsective file or folder to replace the ones included with the default MediaWiki install. This allows you to easily configure (`LocalSettings.php`), backup uploaded files (`images`), and customize (`skins` and `extensions`) your instance of MediaWiki.\n\nIt is highly recommend you mount a shared volume so uploaded files and images will be outside of the docker container.\n\nBy default the shared volume must be mounted to `/data` on the container, you can change this using by using `-e MEDIAWIKI_SHARED=/new/data/path`.\n\nAdditionally if a `composer.lock` **and** a `composer.json` are detected, the container will automatically download [composer](https://getcomposer.org) and run `composer install`. Composer can be used to install additional extensions, skins and dependencies.\n\n## Accessing MediaWiki\n\nAccess it via `http://localhost:8080` or `http://host-ip:8080` in a browser.\n\nDatabase frontend Adminer is available at `http://localhost:8089`.\n\n\n## Setting up instance for development\n\nFirst startup the application for the first time with:\n\n```bash\ndocker-compose up -d\n```\n\nNext after startup run the following to add `the user_cwl_extended_account_data` table\n\n```bash\ndocker cp ./dev/add_table.sql mediawiki-docker_db_1:/add_table.sql\ndocker exec -it mediawiki-docker_db_1 /bin/bash -c \"mysql -u root -ppassword mediawiki \u003c /add_table.sql\"\n```\n\nNext you need to uncomment the line `- ./LocalSettings.php:/var/www/html/LocalSettings.php` in the docker compose file.\n\nFinally restart all the containers with:\n\n```bash\ndocker-compose down\ndocker-compose up -d\n```\n\n### Setting up SAML2 auth using the SimpleSAMLphp Extension.\n\nThe dev docker compose configuration expects the wiki to be located at\n`wiki.docker` and the IDP to be located at `idp.docker`. This can be easily\nconfigured by editing the hosts file and mapping both `wiki.docker` and\n`idp.docker` to `127.0.0.1`.\n\n#### Generate Key \u0026 Cert\n\n**WARNING** the certs provided in `docker/simplesamlphp/sp/cert/` must NOT be\nused in any kind of prod environment. They are only there for easier setup of\nthe docker compose dev environment.\n\nTo generate your own cert and key:\n\n```bash\nopenssl req -newkey rsa:4096 -new -x509 -days 3652 -nodes -out wiki-sp.crt -keyout wiki-sp.pem\n```\n\nThe key and cert can replace the ones in `docker/simplesamlphp/sp/cert/` which\nwill get mounted into the simplesamlphp container's\n/var/www/simplesamlphp/cert/ directory.\n\n#### SP Required Environment Variables\n\nDeployment of the SimpleSAMLphp SP is required if you want to use the\nSimpleSAMLphp extension. Note the IDP provided in docker compose is only for\ndevelopment purposes.\n\nThe SP pulls metadata from the target IDP's metadata URL.\n\nRequired SP environment variables:\n\n* SIMPLESAMLPHP_SECRET_SALT - Cryptographically secured random string used for salting purposes.\n* SIMPLESAMLPHP_ADMIN_PASSWORD - Password for the default admin user.\n* SIMPLESAMLPHP_MEMCACHED_SERVER - SimpleSAMLphp's SP cannot use the cookie cache as the wiki side SimpleSAMLphp extension will conflict with it. So we need to use a separate cache. For this purpose, we can just use the same Memcached server that the wiki uses.\n* SIMPLESAMLPHP_TRUSTED_DOMAIN - Enter the wiki's domain here so that the SP knows it is safe.\n* SIMPLESAMLPHP_BASEURL - Base URL for the SP (no path). The SP needs to share the same domain as the wiki (or you run into cookie domain issues), so the base URL should just be the wiki domain with an http:// or https:// prefix. This config lets SimpleSAMLphp knows it's running externally on https even if internally the backend server is plain http, such as when behind a load balancer/reverse proxy.\n* SIMPLESAMLPHP_BASEURLPATH - Base URL plus the path for the SP.\n* SIMPLESAMLPHP_SP_ENTITY_ID - The identifier that the SP uses to identify itself\n* SIMPLESAMLPHP_IDP_ENTITY_ID - The target IDP's identifier.\n* SIMPLESAMLPHP_IDP_METADATA_URL - URL where we can get the IDP's metadata.\n* SIMPLESAMLPHP_CRON_SECRET - Random alphanumeric string for cron security.\n\nOptional SP environment variables:\n\n* SIMPLESAMLPHP_DEV - This turns on dev mode which enables the admin interface at `\u003cSIMPLESAMLPHP_BASEURL\u003e/module.php/admin/`. It also allows SIMPLESAMLPHP_SECRET_SALT to default to 'secretsalt' if unset and SIMPLESAMLPHP_ADMIN_PASSWORD to default to 'admin' if unset.\n\n### Adding new LDAP users\n\nYou can connect to the LDAP container using your preferred LDAP GUI using `localhost:1389` with login `cn=admin,dc=example,dc=org` and password `admin`.\n\nWhen adding a new user, make sure to use `simpleSecurityObject`, `inetOrgPerson`, and `ubcEdu` classes.\n\n## Customization with LDAP authentication enabled\n\nCustomize the login button by modifying the page `MediaWiki:Pluggableauth-loginbutton-label`.  The default is \"Log in with PluggableAuth\".\n\nCustomize the login help message by modifying the page `MediaWiki:Userlogin-helplink2` and `MediaWiki:Helplogin-url`.  The default is a hyperlink \"Help with logging in\" that links to mediawiki help page.\n\nCustomize the help message on `Preferences` page about email addresses by editing the page `MediaWiki:Prefs-help-email`.  The default help messages mentioned email addresses are used for password reset, which is irrelevant if mediawiki is setup with LDAP authentication.\n\n## Custom Caliper actor data\n\nSee the [mediawiki-extensions-caliper](https://github.com/ubc/mediawiki-extensions-caliper/blob/master/caliper/actor.php) repo's `CaliperActor` object for the default logged in and logged out users.\n\nYou can customize the Caliper actor by using the `SetCaliperActorObject` hook. This container has uses this hook with the `SetCaliperActor` function inside of `CustomHooks.php`.\n\nBy default, the `SetCaliperActor` function will use UBC `puid` for the identifier and `CALIPER_LDAP_ACTOR_HOMEPAGE` environment variable as the base string so the actor identifier will take the form of `CaliperLDAPActorHomepage/LDAP_PUID` (ex: `https://www.ubc.ca/SOME_PUID`). you can instead remove this function and create your own depending on your institution needs, deployment settings, and/or authorization methods.\n\n## Debugging with Containers\n\nTo change the files in container:\n```bash\ndocker exec -it CONTAINER_ID share\nvi FILE_TO_CHANGE\n```\nYou may need to restart the container to load the change, use:\n```bash\ndocker-compose restart SERIVCE_NAME\n```\nwhere the SERIVCE_NAME can be any service in docker-compose, e.g. nodeservices, web, db, etc. The changes in the container will persist.\n\n## Version and Release Tags\n\nThe `REL*` branches track the upstream Mediawiki released versions. When something is updated in this repo and is ready to be deployed, a new tag should be created and the tag name should in the format of `BRANCH_NAME + BUILD NUMBER`, e.g. REL1_30_B2 or REL1_31_B5. The `BUILD_NUMBER` should be increased sequentially.\n\nThe same rules apply to node-services repo as well.\n\n## Upgrading\n\nWhen upgrading to a newer version, we can run the web updater, this requires\nsetting an upgrade key. A default upgrade key with value 'value' is set in\ndocker-compose.yml\n\n    http://localhost:8080/mw-config/index.php?page=Upgrade\n\nThere is also an maintenance update script that must be run, this can be done manually:\n\n    php maintenance/update.php\n\nAlternatively, setting the env var `MEDIAWIKI_UPDATE` to true will run the\nmaintenance update script on container startup.\n\n## Admin Access\n\nPromote a existing user to have all admin permissions:\n\n    php maintenance/createAndPromote.php Admin1 --force --bureaucrat --sysop --interface-admin\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fubc%2Fmediawiki-docker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fubc%2Fmediawiki-docker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fubc%2Fmediawiki-docker/lists"}