Mediawiki-docker-compose-ldap-ucs: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 55: | Zeile 55: | ||
URI ldaps://ox.meine-domain.org:7636 | URI ldaps://ox.meine-domain.org:7636 | ||
BASE dc=meine-domain,dc=org | BASE dc=meine-domain,dc=org | ||
| + | =LDAP json= | ||
| + | <pre> | ||
| + | { | ||
| + | "meine-domain.org": { | ||
| + | "connection": { | ||
| + | "server": "ox.meine-domain.org", | ||
| + | "port": "7636", | ||
| + | "user": "uid=ldapuser,cn=users,dc=meine-domain,dc=org", | ||
| + | "pass": "ganz-geheim", | ||
| + | "enctype": "ssl", | ||
| + | "options": { | ||
| + | "LDAP_OPT_DEBUG_LEVEL" : 7, | ||
| + | "LDAP_OPT_DEREF": 1 | ||
| + | |||
| + | }, | ||
| + | "basedn": "dc=meine-domain,dc=org", | ||
| + | "userbasedn": "dc=meine-domain,dc=org", | ||
| + | "groupbasedn": "dc=meine-domain,dc=org", | ||
| + | "searchattribute": "uid", | ||
| + | "usernameattribute": "uid", | ||
| + | "realnameattribute": "cn", | ||
| + | "emailattribute": "mail", | ||
| + | "grouprequest": "MediaWiki\\Extension\\LDAPProvider\\UserGroupsRequest\\UserMemberOf::factory", | ||
| + | "presearchusernamemodifiers": [ "spacestounderscores", "lowercase" ] | ||
| + | }, | ||
| + | "userinfo": [], | ||
| + | "authorization": { | ||
| + | "rules": { | ||
| + | "groups": { | ||
| + | "required" : ["cn=mediawiki,cn=groups,dc=meine-domain,dc=org"] | ||
| + | } | ||
| + | } | ||
| + | }, | ||
| + | "groupsync": { | ||
| + | "mapping": { | ||
| + | "sysop": "cn=mediawiki,cn=groups,dc=meine-domain,dc=org" | ||
| + | } | ||
| + | } | ||
| + | } | ||
| + | } | ||
| + | </pre> | ||
=Kommentarzeichen entfernen= | =Kommentarzeichen entfernen= | ||
Version vom 3. August 2021, 13:19 Uhr
UCS Vorarbeiten
- cat /etc/apache2/sites-enables/default-ssl.conf
ProxyPass /mediawiki/ http://127.0.0.1:30000/mediawiki/ retry=0 ProxyPassReverse /mediawiki/ http://127.0.0.1:30000/mediawiki/
Verzeichnisse anlegen
- cd /var/lib/univention-appcenter/apps
- mkdir mediawiki
- cd mediawiki
- mkdir mariadb html
Docker Compose
version: '3'
services:
mediawiki:
image: xinux/mediawiki-ldap-plugins:latest
restart: always
ports:
- 30000:80
links:
- database
#volumes:
# - ./html:/var/www/html/
environment:
LDAPCONF: "/var/www/html/ldap.conf"
database:
image: mariadb
restart: always
volumes:
- ./mariadb:/var/lib/mysql
env_file:
- mariadb.env
- cat mariadb.env
MYSQL_DATABASE=my_wiki
MYSQL_USER=wiki_user
MYSQL_PASSWORD=sysadm
MYSQL_RANDOM_ROOT_PASSWORD='yes'
Starten
- docker-compose up -d
HTML Verzeichnis kopieren
- docker cp mediawiki_mediawiki_1:/var/www/html html/mediawiki
LocalSettings kopieren
- cp /tmp/LocalSettings.php html/mediawiki
CA Cert kopieren
- cp /tmp/LocalSettings.php html/ca.crt
LDAP Conf anlegen
- cat html/ldap.conf
TLS_CACERT /var/www/html/ca.crt URI ldaps://ox.meine-domain.org:7636 BASE dc=meine-domain,dc=org
LDAP json
{
"meine-domain.org": {
"connection": {
"server": "ox.meine-domain.org",
"port": "7636",
"user": "uid=ldapuser,cn=users,dc=meine-domain,dc=org",
"pass": "ganz-geheim",
"enctype": "ssl",
"options": {
"LDAP_OPT_DEBUG_LEVEL" : 7,
"LDAP_OPT_DEREF": 1
},
"basedn": "dc=meine-domain,dc=org",
"userbasedn": "dc=meine-domain,dc=org",
"groupbasedn": "dc=meine-domain,dc=org",
"searchattribute": "uid",
"usernameattribute": "uid",
"realnameattribute": "cn",
"emailattribute": "mail",
"grouprequest": "MediaWiki\\Extension\\LDAPProvider\\UserGroupsRequest\\UserMemberOf::factory",
"presearchusernamemodifiers": [ "spacestounderscores", "lowercase" ]
},
"userinfo": [],
"authorization": {
"rules": {
"groups": {
"required" : ["cn=mediawiki,cn=groups,dc=meine-domain,dc=org"]
}
}
},
"groupsync": {
"mapping": {
"sysop": "cn=mediawiki,cn=groups,dc=meine-domain,dc=org"
}
}
}
}
Kommentarzeichen entfernen
volumes: - ./html:/var/www/html/
Restart
- docker-compose down ; docker-compose up -d