grim/containers/imfwiki

Initial revision
draft
2020-09-01, Gary Kramlich
a9a0d65d2f93
Parents
Children 2cd5c5e2526e
Initial revision
4 files changed, 82 insertions(+), 0 deletions(-)
  • +22 -0
    Dockerfile
  • +7 -0
    README.md
  • +10 -0
    conf-enabled/secure-upload.conf
  • +43 -0
    convey.yml
    • --- /dev/null Thu Jan 01 00:00:00 1970 +0000
    +++ b/Dockerfile Tue Sep 01 22:12:08 2020 -0500
    @@ -0,0 +1,22 @@
    +FROM mediawiki:stable
    +
    +# Secure the upload directory
    +COPY conf-enabled/ /etc/apache2/conf-enabled/
    +
    +# install composer as one of our extensions needs it
    +RUN set -ex && \
    + cd /usr/local/bin && \
    + php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" && \
    + php -r "if (hash_file('sha384', 'composer-setup.php') === '8a6138e2a05a8c28539c9f0fb361159823655d7ad2deecb371b04a83966c61223adc522b0189079e3e9e277cd72b8897') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" && \
    + php composer-setup.php && \
    + php -r "unlink('composer-setup.php');"
    +
    +# now install the mediawiki extensions we want
    +RUN set -ex && \
    + cd /var/www/html/extensions && \
    + git clone https://github.com/Schine/MW-OAuth2Client.git && \
    + cd MW-OAuth2Client && \
    + git submodule update --init && \
    + cd vendors/oauth2-client && \
    + composer.phar install
    +
    --- /dev/null Thu Jan 01 00:00:00 1970 +0000
    +++ b/README.md Tue Sep 01 22:12:08 2020 -0500
    @@ -0,0 +1,7 @@
    +# imfreedom/wiki
    +
    +This is a mediawiki image based on mediawiki:stable for Instant Messaging
    +Freedom and is deployed at https://wiki.imfreedom.org/.
    +
    +It has secured uploads and has github.com/Schine/MW-OAuth2Client pre-installed.
    +
    --- /dev/null Thu Jan 01 00:00:00 1970 +0000
    +++ b/conf-enabled/secure-upload.conf Tue Sep 01 22:12:08 2020 -0500
    @@ -0,0 +1,10 @@
    +<Directory "/var/www/html/images/">
    + # Ignore .htaccess files
    + AllowOverride None
    +
    + # Serve HTML as plaintext, don't execute SHTML
    + AddType text/plain .html .htm .shtml .phtml
    +
    + # Don't run arbitrary PHP code.
    + php_admin_flag engine off
    +</Directory>
    --- /dev/null Thu Jan 01 00:00:00 1970 +0000
    +++ b/convey.yml Tue Sep 01 22:12:08 2020 -0500
    @@ -0,0 +1,43 @@
    +environment:
    + - REPO=imfreedom/wiki
    + - TAG=latest
    + - REGISTRY=docker.io
    + - REGISTRY_USERNAME
    + - REGISTRY_PASSWORD
    +
    +tasks:
    + import:
    + type: docker/import
    + files: .:.
    +
    + build:
    + type: docker/build
    + dockerfile: Dockerfile
    + tag: ${REGISTRY}/${REPO}:${TAG}
    + files: .:.
    +
    + login:
    + type: docker/login
    + username: ${REGISTRY_USERNAME}
    + password: ${REGISTRY_PASSWORD}
    + server: ${REGISTRY}
    +
    + logout:
    + type: docker/logout
    + server: ${REGISTRY}
    +
    + push:
    + type: docker/push
    + images: ${REGISTRY}/${REPO}:${TAG}
    +
    +plans:
    + default:
    + stages:
    + - tasks: [import, build]
    +
    + ci:
    + stages:
    + - tasks: [import, build, login, push]
    + - tasks: [logout]
    + run: always
    +