Categories
DevOps

How to build DokuWiki container with podman

Build DokuWiki container with podman.

Project structure.

$ tree
.
├── configuration
│   ├── acl.auth.php
│   ├── local.php
│   ├── plugins.php
│   ├── unit.config.json
│   └── users.auth.php
└── Dockerfile

Initial DokuWiki configuration.

$ cat configuration/acl.auth.php
# acl.auth.php
# <?php exit()?>
# Don't modify the lines above
#
# Access Control Lists
#
# Auto-generated by install script
# Date: Sat, 04 Sep 2021 19:55:29 +0000
*               @ALL          0
*               @user         8
$ cat configuration/local.php   
<?php
/**
 * Dokuwiki's Main Configuration File - Local Settings
 * Auto-generated by install script
 * Date: Sat, 04 Sep 2021 19:55:29 +0000
 */
$conf['title'] = 'DokuWiki instance';
$conf['lang'] = 'en';
$conf['license'] = 'cc-by-sa';
$conf['useacl'] = 1;
$conf['superuser'] = '@admin';
$conf['disableactions'] = 'register';
$ cat configuration/plugins.php 
<?php
/**
 * This file configures the default states of available plugins. All settings in
 * the plugins.*.php files will override those here.
 */
$plugins['testing'] = 0;
$ cat configuration/users.auth.php 
# users.auth.php
# <?php exit()?>
# Don't modify the lines above
#
# Userfile
#
# Auto-generated by install script
# Date: Sat, 04 Sep 2021 21:11:06 +0000
#
# Format:
# login:passwordhash:Real Name:email:groups,comma,separated

# user admin password c0nv3rg3nce37
admin:$2y$10$SnnI9kDh8ixXlJ0aE68nMe1R6n5J9CSVB/Z/3wcdPEfJk8psZ/rcy:admin:admin@example.org:admin,user

Nginx unit configuration.

$ cat configuration/unit.config.json 
{
  "listeners": {
    "*:8080": {
      "pass": "routes"
    }
  },
  "routes": [
    {
      "match": {
        "uri": [
          "/data/*",
          "/conf/*",
          "/bin/*",
          "/inc/*",
          "/vendor/*"
        ]
      },
      "action": {
        "return": 404
      }
    },
    {
      "match": {
        "uri": [
          "/",
          "*.php"
        ]
      },
      "action": {
        "pass": "applications/dokuwiki"
      }
    },
    {
      "action": {
        "share": "/opt/dokuwiki/",
      }
    }
  ],
  "applications": {
    "dokuwiki": {
      "type": "php",
      "root": "/opt/dokuwiki/",
      "index": "doku.php"
    }
  }
}

Dockerfile definition.

$ cat Dockerfile
FROM alpine AS source-code

RUN mkdir -p /opt/dokuwiki \
 && wget -q -P /tmp https://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz \
 && tar -x -z -f /tmp/dokuwiki-stable.tgz -C /opt/dokuwiki --strip-components 1

FROM alpine

ARG UID=5000
ARG GID=5000
ARG BUILD_DATE

LABEL maintainer Milosz Galazka 
LABEL build_date $BUILD_DATE
LABEL application DokuWiki

COPY --from=source-code /opt/dokuwiki /opt/dokuwiki

RUN apk add --no-cache shadow \
 && groupadd -r -g $GID  dokuwiki \
 && useradd --no-log-init -u $UID -r -g dokuwiki dokuwiki  \
 && chown -R dokuwiki:dokuwiki /opt/dokuwiki \
 && apk del shadow

RUN apk add --no-cache unit-php7 php7-session php7-gd php7-xml php7-json php7-openssl

COPY configuration/acl.auth.php   /opt/dokuwiki/conf/acl.auth.php
COPY configuration/local.php      /opt/dokuwiki/conf/local.php
COPY configuration/plugins.php    /opt/dokuwiki/conf/plugins.php
COPY configuration/users.auth.php /opt/dokuwiki/conf/users.auth.php

COPY configuration/unit.config.json /var/lib/unit/conf.json
RUN chown -R dokuwiki:dokuwiki /var/lib/unit

EXPOSE 8080

USER dokuwiki

WORKDIR /opt/dokuwiki

CMD [ "unitd", "--no-daemon", \
               "--control", "unix:/var/lib/unit/control.unit.sock", \
               "--pid", "/var/lib/unit/unit.pid", \
               "--log", "/dev/stdout" ]

Build an image. Define UID and GID to reflect the user that will be running the container.

$ podman build --build-arg BUILD_DATE="$(date +%d-%m-%Y)" --build-arg UID=1000 --build-arg GID=1000 --tag dokuwiki:latest .
STEP 1: FROM alpine AS source-code
STEP 2: RUN mkdir -p /opt/dokuwiki  && wget -q -P /tmp https://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz  && tar -x -z -f /tmp/dokuwiki-stable.tgz -C /opt/dokuwiki --strip-components 1
--> e7f857cf139
STEP 3: FROM alpine
STEP 4: ARG UID=5000
--> 0f79e0b115e
STEP 5: ARG GID=5000
--> 3bfbd930f8c
STEP 6: ARG BUILD_DATE
--> 93134c231a8
STEP 7: LABEL maintainer Milosz Galazka 
--> a590e022122
STEP 8: LABEL build_date $BUILD_DATE
--> 2800656e0c0
STEP 9: LABEL application DokuWiki
--> 19cf7591fa4
STEP 10: COPY --from=source-code /opt/dokuwiki /opt/dokuwiki
--> 725290fa3bf
STEP 11: RUN apk add --no-cache shadow  && groupadd -r -g $GID  dokuwiki  && useradd --no-log-init -u $UID -r -g dokuwiki dokuwiki   && chown -R dokuwiki:dokuwiki /opt/dokuwiki  && apk del shadow
fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/community/x86_64/APKINDEX.tar.gz
(1/2) Installing linux-pam (1.5.1-r1)
(2/2) Installing shadow (4.8.1-r0)
Executing busybox-1.33.1-r3.trigger
OK: 8 MiB in 16 packages
WARNING: Ignoring https://dl-cdn.alpinelinux.org/alpine/v3.14/main: No such file or directory
WARNING: Ignoring https://dl-cdn.alpinelinux.org/alpine/v3.14/community: No such file or directory
(1/2) Purging shadow (4.8.1-r0)
(2/2) Purging linux-pam (1.5.1-r1)
Executing busybox-1.33.1-r3.trigger
OK: 6 MiB in 14 packages
--> 459a712f81b
STEP 12: RUN apk add --no-cache unit-php7 php7-session php7-gd php7-xml php7-json php7-openssl
fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/community/x86_64/APKINDEX.tar.gz
(1/34) Installing php7-common (7.4.23-r0)
(2/34) Installing libxau (1.0.9-r0)
(3/34) Installing libmd (1.0.3-r0)
(4/34) Installing libbsd (0.11.3-r0)
(5/34) Installing libxdmcp (1.1.3-r0)
(6/34) Installing libxcb (1.14-r2)
(7/34) Installing libx11 (1.7.2-r0)
(8/34) Installing libxext (1.3.4-r0)
(9/34) Installing libice (1.0.10-r0)
(10/34) Installing libuuid (2.37-r0)
(11/34) Installing libsm (1.2.3-r0)
(12/34) Installing libxt (1.2.1-r0)
(13/34) Installing libxpm (3.5.13-r0)
(14/34) Installing brotli-libs (1.0.9-r5)
(15/34) Installing libbz2 (1.0.8-r1)
(16/34) Installing libpng (1.6.37-r1)
(17/34) Installing freetype (2.10.4-r1)
(18/34) Installing libjpeg-turbo (2.1.0-r0)
(19/34) Installing libwebp (1.2.0-r2)
(20/34) Installing php7-gd (7.4.23-r0)
(21/34) Installing php7-json (7.4.23-r0)
(22/34) Installing php7-openssl (7.4.23-r0)
(23/34) Installing php7-session (7.4.23-r0)
(24/34) Installing xz-libs (5.2.5-r0)
(25/34) Installing libxml2 (2.9.12-r1)
(26/34) Installing php7-xml (7.4.23-r0)
(27/34) Installing pcre2 (10.36-r0)
(28/34) Installing unit (1.23.0-r1)
Executing unit-1.23.0-r1.pre-install
(29/34) Installing argon2-libs (20190702-r1)
(30/34) Installing ncurses-terminfo-base (6.2_p20210612-r0)
(31/34) Installing ncurses-libs (6.2_p20210612-r0)
(32/34) Installing libedit (20210216.3.1-r0)
(33/34) Installing php7-embed (7.4.23-r0)
(34/34) Installing unit-php7 (1.23.0-r1)
Executing busybox-1.33.1-r3.trigger
OK: 23 MiB in 48 packages
--> c7729928af7
STEP 13: COPY configuration/acl.auth.php   /opt/dokuwiki/conf/acl.auth.php
--> f5e3c44b280
STEP 14: COPY configuration/local.php      /opt/dokuwiki/conf/local.php
--> f8c327f8f60
STEP 15: COPY configuration/plugins.php    /opt/dokuwiki/conf/plugins.php
--> 153cf83de1b
STEP 16: COPY configuration/users.auth.php /opt/dokuwiki/conf/users.auth.php
--> ce4fc06b480
STEP 17: COPY configuration/unit.config.json /var/lib/unit/conf.json
--> 304407727f1
STEP 18: RUN chown -R dokuwiki:dokuwiki /var/lib/unit
--> acc0f75d30f
STEP 19: EXPOSE 8080
--> 1dfe4a2e6e5
STEP 20: USER dokuwiki
--> 963bafa4407
STEP 21: WORKDIR /opt/dokuwiki
--> 45ffe922c7f
STEP 22: CMD [ "unitd", "--no-daemon",                "--control", "unix:/var/lib/unit/control.unit.sock",                "--pid", "/var/lib/unit/unit.pid",                "--log", "/dev/stdout" ]
STEP 23: COMMIT dokuwiki:latest
--> 9389ef017f1
9389ef017f1cbe9b5d8d6c2864c8e532f734e08fc7018f21c1d4e953732877e9

List images.

$ podman image ls
REPOSITORY                TAG     IMAGE ID      CREATED             SIZE
localhost/dokuwiki        latest  9389ef017f1c  47 seconds ago      60.1 MB
<none>                    <none>  e7f857cf1399  About a minute ago  28.2 MB
docker.io/library/alpine  latest  14119a10abf4  8 days ago          5.87 MB

Inspect labels.

$ podman inspect --format "{{ json .Config.Labels }}" dokuwiki:latest | jq .
{
  "application": "DokuWiki",
  "build_date": "05-09-2021",
  "io.buildah.version": "1.19.6",
  "maintainer": "Milosz Galazka <milosz@sleeplessbeastie.eu>"
}

Start DokuWiki container. I will skip media, plugins, and configuration override and mount only pages to keep this example clear.

$ mkdir pages
$ podman run --publish 18080:8080 --userns=keep-id --volume ./pages:/opt/dokuwiki/data/pages --detach dokuwiki:latest
250573f5a4945b8806d4b1f4ff049c5b9335dc63edf955c2e32cccb9f778064c

Open a browser.

Success! DokuWiki installed. Simplest possible solution.