See also:
The guide below is based on the Wiki.js Ubuntu install guide. However, this webserver is running on Red Hat Enterprise Linux (RHEL) 8.5, which is preferred by the server admins. The setup for this distro is similar to that on Ubuntu, but you might have to use some different commands, which can easily be googled.
First, Install docker (find the respective guide for your os)
# Create installation directory for Wiki.js (m,ight require sudo)
mkdir -p /etc/wiki
# Generate DB secret
openssl rand -base64 32 > /etc/wiki/.db-secret
# Create internal docker network
docker network create wikinet
# Create data volume for PostgreSQL
docker volume create pgdata
# Create the containers
docker create --name=db -e POSTGRES_DB=wiki -e POSTGRES_USER=wiki -e POSTGRES_PASSWORD_FILE=/etc/wiki/.db-secret -v /etc/wiki/.db-secret:/etc/wiki/.db-secret:ro -v pgdata:/var/lib/postgresql/data --restart=unless-stopped -h db --network=wikinet postgres:11
docker create --name=wiki -e DB_TYPE=postgres -e DB_HOST=db -e DB_PORT=5432 -e DB_PASS_FILE=/etc/wiki/.db-secret -v /etc/wiki/:/etc/wiki/:ro -e DB_USER=wiki -e DB_NAME=wiki -e UPGRADE_COMPANION=1 --restart=unless-stopped -h wiki --network=wikinet -p 80:3000 -p 443:3443 ghcr.io/requarks/wiki:2
docker create --name=wiki-update-companion -v /var/run/docker.sock:/var/run/docker.sock:ro --restart=unless-stopped -h wiki-update-companion --network=wikinet requarks/wiki-update-companion:latest
I changed the docker volume for the wiki container from what its defined as in the tutorial (
/etc/wiki/.db-secret) to/etc/wiki/, so that later we can place any files that are needed in this folder also (such as the git.pem file, we'll create later).
Make sure the firewall allows http and https, see Webserver.
Start the containers
docker start db
docker start wiki
docker start wiki-update-companion
Navigate to your url, e.g.: hri-wiki.tudelft.nl and complete the beginning setup (create account, log in, create a page, ...)
FIRST: complete the beginning setup (last step in creating the containers)
Stop & rm the wiki container
docker stop wiki
docker rm wiki
The settings will remain (placed in the PostgresQL DB).
Set up the new container. Make sure to set the correct LETSENCRYPT_DOMAIN (wiki domain) and LETSENCRYPT_EMAIL (admin email)
docker create --name=wiki -e LETSENCRYPT_DOMAIN=hri-wiki.tudelft.nl -e LETSENCRYPT_EMAIL=A.vandenBerg-2@tudelft.nl -e SSL_ACTIVE=1 -e DB_TYPE=postgres -e DB_HOST=db -e DB_PORT=5432 -e DB_PASS_FILE=/etc/wiki/.db-secret -v /etc/wiki/:/etc/wiki/:ro -e DB_USER=wiki -e DB_NAME=wiki -e UPGRADE_COMPANION=1 --restart=unless-stopped -h wiki --network=wikinet -p 80:3000 -p 443:3443 ghcr.io/requarks/wiki:2
Start the container again, wait for it to start & see the logs to check if everything succeeded:
docker start wiki
docker logs wiki
The process will be completed once you see the following lines in the logs:
(LETSENCRYPT) New certifiate received successfully: [ COMPLETED ]
HTTPS Server on port: [ 3443 ]
HTTPS Server: [ RUNNING ]
ssh into the server (see here), and generate a new key:
sudo ssh-keygen -t rsa -b 4096
Save to /etc/wiki/git.pem and leave password empty (2x enter).
Create GitLab repo on gitlab.tudelft.nl, go to its Settings > Repository > Deploy Keys. Paste the contents of your generated public key (sudo cat /etc/wiki/git.pem.pub to view). Enable Grant write permissions to this key.
If you get an error like:
warning: not sending a push certificate since the receiving end does not support --signed push remote: GitLab: You are not allowed to force push code to a protected branch on this project.Make sure to enable
Allow force pushin the Settings > Repository > Protected Branches > Expand > master branch, enable Allow Force Push (or remove the protection alltogether).
Because when we set up the container we linked our local /etc/wiki to that in the wiki container, we should now be able to access it from the container also.
We can check this as follow:
docker exec -u root -it wiki '/bin/bash' # get a bash terminal in the container
cd /etc/wiki/
ls -la # check if we can find our file, and what its rights are
# if we don't have read rights, we should enable them from outside the container
exit
chmod a+r /etc/wiki/git.pem
ls -la # now, read rights should be enabled
When this is done, go to Admin settings (of this wiki), and follow this guide.
We can also use cp to get our file into our container (if for some reason we don't want to link the entire folder). To achieve this:
docker cp /etc/wiki/git.pem wiki:/etc/wiki/
To start docker:
sudo systemctl start docker
To get it to automatically restart on reboot of the server (recommended, else any system update will crash your wiki):
sudo systemctl enable docker.service
sudo systemctl enable containerd.service
To disable this behavior, use disable instead.
sudo systemctl disable docker.service
sudo systemctl disable containerd.service
To do a quick restart of the docker service (for example after a renewal of the SSL certificate:
docker restart wiki