Setup:Installation Guide/Docker: Difference between revisions

Back to version history
Browse history interactively
← Older edit
VisualWikitext
Hua Jing (talk | contribs)
26 edits
m Correct typo of certificate directory
Tag: 2017 source edit
Hua Jing (talk | contribs)
26 edits
Improve tutorial
 
(27 intermediate revisions by 4 users not shown)
Line 1: Line 1:
{{Textbox
|boxtype=important
|header=Migration from 4.4
|text=With BlueSpice 4.5 there were some important changes to the container portfolio:
# There are no "all-in-one" containers anymore. Neither for FREE, nor for PRO and FARM editions
# The "distributed-services" setup for PRO and FARM edition has completely been reworked
If you are upgrading from one of the above-mentioned setups, please refer to the [[{{FULLPAGENAME}}/Migration_4.4 to 4.5|migration guide]]
|icon=yes
}}


__TOC__
== Overview ==
Starting with version 4.5, BlueSpice MediaWiki can be installed with a stack of Docker container images.


===Overview===
Everything is built in a modular way to allow different types of setups.
Since version 4.5, BlueSpice MediaWiki can be easily installed using a stack of Docker container images. Everything is build in a modular way to allow different types of setups.


The most common cases are
The most common cases are:
# "All-in-one" (with and without Let's Encrypt)
# "All-in-one" (with and without Let's Encrypt)
# Custom database and search service
# Custom database and search service
# Custom load balancer / proxy
# Custom load balancer / proxy


==== Architecture ====
== Architecture ==
<drawio filename="Setup:Installation_Guide_Docker-Achitecture" alt="Diagram of BlueSpice Docker Stack Architecture" />
<drawio filename="Setup:Installation_Guide_Docker-Achitecture" alt="Diagram of BlueSpice Docker Stack Architecture" />


Line 33: Line 24:
** When using "Let's Encrypt" Certbot, a HTTPS connection (port <code>443</code>) is used from the <code>acme-companion</code> container to the "Let's Encrypt" service
** When using "Let's Encrypt" Certbot, a HTTPS connection (port <code>443</code>) is used from the <code>acme-companion</code> container to the "Let's Encrypt" service


=== Step 1: Get the stack ===
== Step 1: Get the stack ==
Get "docker-compose" files from https://github.com/hallowelt/bluespice-deploy
Load project <code>bluespice-deploy</code> from https://github.com/hallowelt/bluespice-deploy/releases/latest and enter the sub-directory <code>compose</code> for Docker Compose files.
 
Example:
wget https://github.com/hallowelt/bluespice-deploy/archive/refs/heads/main.zip \
    && unzip main.zip \
    && cd bluespice-deploy-main/compose


{{Textbox|boxtype=important|header=PRO and FARM editions|text=All services configurations for PRO and FARM edition are already included, but access to private <code>docker.bluespice.com</code> is required to obtain the images.|icon=yes}}
For example, run:
<syntaxhighlight lang=sh>
wget https://github.com/hallowelt/bluespice-deploy/archive/refs/tags/5.1.1.zip \
  && unzip 5.1.1.zip \
  && cd bluespice-deploy-5.1.1/compose
</syntaxhighlight>


The directory contains the following files:
The directory contains the following files:
{| class="wikitable"
{| class="wikitable"
|+
|+
! style="width:350px;" |Filename
! style="width:375px;" |Filename
!Type
! style="" |Type
!Mandatory
! style="" |Comment
!Comment
|-
| style="width:375px;" |<code>bluespice-deploy</code>
| style="" |shell script
| style="" |Start-up script, wrapping command <code>docker compose</code> and service <code>yml</code> files.<br>Additional service <code>yml</code> files can be loaded by adding <code>-f <filename> </code>.
|-
| style="width:375px;" |<code>docker-compose.main.yml</code>
| style="" |yml
| style="" |Main containers of the wiki (<code>wiki-web</code> and <code>wiki-task</code>).
|-
|-
| style="width:350px;" |<code>bluespice-deploy</code>
| style="width:375px;" |<code>docker-compose.persistent-data-services.yml</code>
|bash-script
| style="" |yml
|false
| style="" |Containers of database and search services, storing persistent data onto the file system.<br />Optionally with external MySQL/MariaDB and OpenSearch one can skip loading this <code>.yml</code> in <code>bluespice-deploy</code>. Please then wire your services properly in the <code>.env</code> file.
|Wrapper for general start-up of needed containers
|-
|-
| style="width:350px;" |<code>bluespice-prepare</code>
| style="width:375px;" |<code>docker-compose.stateless-services.yml</code>
|bash-script
| style="" |yml
|false
| style="" |Containers for caching, PDF rendering, formula-rendering and diagram editing.
|Prepare Folder and Permissions before first start also registers the service at the operating system
|-
|-
| style="width:350px;" |<code>bluespice.service</code>
| style="width:375px;" |<code>docker-compose.helper-service.yml</code>
|service-script
| style="" |yml
|false
| style="" |Helper containers for file system preparation and automated BlueSpice upgrade.<br>These containers exit automatically after finishing tasks.
|Proper handling of the containers on reboot
|-
|-
| style="width:350px;" |<code>docker-compose.main.yml</code>
| style="width:375px;" |<code>docker-compose.proxy.yml</code>
|yml
| style="" |yml
|true
| style="" |Container of proxy service. Can be replaced by existing proxy/load-balancer infrastructure.
|Main application services/ run by <code>bluespice-deploy</code>
|-
|-
| style="width:350px;" |<code>docker-compose.persistent-data-services.yml</code>
| style="width:375px;" |<code>docker-compose.proxy-letsencrypt.yml</code>
|yml
| style="" |yml
|false
| style="" |Additional service for auto-renewal of "Let's Encrypt" certificates.<br>Only required when using the Let's Encrypt service and having no other TLS termination.
|Database and search/ run by <code>bluespice-deploy</code>
|-
|-
| style="width:350px;" |<code>docker-compose.stateless-services.yml</code>
| style="width:375px;" |<code>docker-compose.kerberos-proxy.yml</code>
|yml
| style="" |yml
|true
| style="" |Additional proxy for Kerberos based authentication.
|PDF-Renderer/Cache/Formula/Diagram-Service
|-
|-
| style="width:350px;" |<code>docker-compose.proxy.yml</code>
| style="width:375px;" |<code>docker-compose.collabpads-service.yml</code>
|yml
|yml
|false, but recommended
|Containers of back-end services for [[Manual:Extension/CollabPads|CollabPads]] (included in Pro and Farm editions).
|Proxy Service
|-
|-
| style="width:350px;" |<code>docker-compose.proxy-letsencrypt.yml</code>
| style="width:375px;" |<code>.env.sample</code>
|yml
| style="" |text
|false
| style="" |Sample for creating <code>.env</code> that defines key environment variables.
|Additional auto-renewal service for "Let's Encrypt" certificates
|-
|-
| style="width:350px;" |<code>docker-compose.kerberos-proxy.yml</code>
| style="width:375px;" |<code>bluespice.service.demo</code>
|yml
| style="" |service script
|false
| style="" |Demo-file for control the BlueSpice stack as a <code>systemctl</code> service.<br>One can create e.g a <code>/etc/systemd/system/bluespice.service</code>.
|Additional proxy for Kerberos based authenication
|}
|}


For convenience, the <code>bluespice-deploy</code> script wraps the first four <code>yml</code> files by default. This includes the main wiki application and also required backend services, like a database, search and application cache. Additional services can be loaded by adding <code>-f <filename> </code>.
== Step 2: Set up environment variables ==
Create your <code>.env</code> based on the sample file <code>.env.sample</code>.
 
Example:
<pre>
# set or use your data directory
DATADIR=/data/bluespice
VERSION=5.1.1
EDITION=free
BACKUP_HOUR=04
 
WIKI_NAME=BlueSpice
WIKI_LANG=en
WIKI_PASSWORDSENDER=no-reply@wiki.company.local
WIKI_EMERGENCYCONTACT=no-reply@wiki.company.local
WIKI_HOST=wiki.company.local
WIKI_PORT=443
WIKI_PROTOCOL=https
WIKI_BASE_PATH=


===Step 2: Set up environment variables===
DB_USER=set_or_use_your_db_user_name
Create <code>.env</code> file according to existing or state-to-be installation.
DB_PASS=SET_OR_USE_YOUR_DB_PASS_WORD
DB_ROOT_USER=root
DB_ROOT_PASS=$DB_PASS
DB_HOST=database
DB_NAME=bluespice
DB_PREFIX=


Example:
SMTP_HOST=mail.company.local
DATADIR=/data/bluespice
SMTP_PORT=25
VERSION=4.5
SMTP_USER=...
EDITION=pro
SMTP_PASS=...
BACKUP_HOUR=04
SMTP_ID_HOST=...
 
WIKI_NAME=BlueSpice
LETSENCRYPT=false
WIKI_LANG=en
</pre>
WIKI_PASSWORDSENDER=no-reply@wiki.company.local
{{Textbox|boxtype=note|header=Different editions|text=This config works for all editions, but the main image of Pro or Farm edition needs to be obtained differently, see [[{{FULLPAGENAME}}/Pro and Farm edition|Pro and Farm edition]]|icon=yes}}
WIKI_EMERGENCYCONTACT=no-reply@wiki.company.local
 
WIKI_HOST=wiki.company.local
== Step 3: Start the stack ==
WIKI_PORT=443
Use <code>bluespice-deploy up -d</code> to start the stack. Once all containers are shown as "ready" you can navigate to <code>$WIKI_PROTOCOL://$WIKI_HOST:$WIKI_PORT</code> (e.g. <code><nowiki>https://wiki.company.local</nowiki></code>) in your preferred web browser and start using the application.
WIKI_PROTOCOL=https
 
When starting the stack the first time, the <code>wiki-task</code> container will automatically perform the installation. It may take a couple of minutes for the process to set up the database and complete. Once it is finished, the password for the default <code>Admin</code> user can be found in <code>$DATADIR/wiki/initialAdminPassword</code>.
DB_USER=bluespice
DB_PASS=...
DB_HOST=database
DB_NAME=bluespice
DB_PREFIX=
SMTP_HOST=mail.company.local
SMTP_PORT=25
SMTP_USER=...
SMTP_PASS=...
SMTP_ID_HOST=...
{{Textbox|boxtype=note|header=Different editions|text=The example shows <code>EDITION=pro</code>. Be aware that for <code>pro</code> and <code>farm</code> you need to be logged into <code>docker.bluespice.com</code>.|icon=yes}}


=== Step 3: Prepare data directories===
== Additional options ==
Run <code>bluespice-prepare</code> script, helping you set up correct folder structure and permissions. Also installing a service for proper handling of the containers on reboots. Make sure to run this command with in a privileged user context (like <code>root</code>), as it will set permissions on the newly created directories.


=== Step 4: Start the stack ===
=== SSL certificates ===
{{Textbox
To use a Let's Encrypt certificate for your domain name, set <code>LETSENCRYPT=true</code> in your <code>.env</code> file.
|boxtype=important
|header=Initial installation
|text=When starting the stack the first time, the <code>wiki-task</code> container will automatically perform the installation. It may take a couple of minutes for the process to set up the database and complete. Once it is finished, the password for the default <code>Admin</code> user can be found in <code>$DATADIR/wiki/adminPassword</code>.
|icon=yes
}}
Use <code>bluespice-deploy up -d</code> to start the stack, once the <code>.env</code> file and the "data directories" are ready. Once all containers are shown as "ready" you can navigate to <code>$WIKI_PROTOCOL://$WIKI_HOST:$WIKI_PORT</code> (e.g. <code><nowiki>https://wiki.company.local</nowiki></code>) in your favorite web browser and start using the application.


=== Additional options ===
To use a self-signend certificate for your domain name, put its <code>.crt</code> and <code>.key</code> files in <code>${DATADIR}/proxy/certs</code>. For example, with <code>wiki.company.local</code> you should prepare <code>wiki.company.local.crt</code> and <code>wiki.company.local.key</code> files.
<!--TODO: ownership? restart stack needed?-->


==== SSL certificates ====
=== Configs for <code>LocalSettings.php</code> ===
For using Let's Encrypt certificates just set variable <code>LETSENCRYPT</code> to <code>true</code> in your <code>.env</code> file.
Instead of exposing the <code>LocalSettings.php</code> for [[mediawikiwiki:Manual:LocalSettings.php|adding additional configurations]], the stack offers two entry points. After the initial installation, you can add your configs to two files in <code>${DATADIR}/wiki/bluespice/</code> :


{{Textbox
* <code>pre-init-settings.php</code> - Set configs before the initialization of BlueSpice's debug logging, libraries, skins, extensions and default settings.  Configs set here can be picked up by the init process.
|boxtype=tip
* <code>post-init-settings.php</code> - Set configs after the initialization, manipulating configs that have been set by the init process.
|header=Self-signed certificates
|text=For using self-signend Certificates please put <code><bluespice-wiki.com>.crt</code> and <code><bluespice-wiki.com>.key</code> with the exact name of your Wikis URL in <code>${DATADIR}/proxy/certs</code>
|icon=yes
}}


====Operating system level service====
=== Run maintenance scripts ===
To run scripts from MediaWiki or from other extensions, please use the <code>wiki-task</code> container, which handles all back-end jobs and processes. You can connect into the container in two different ways:


{{Textbox
* run <code>./bluespice-deploy exec -it wiki-task bash</code> in the <code>compose</code> directory for Docker Compose files, or
|boxtype=tip
* run <code>docker exec -it bluespice-wiki-task bash</code> anywhere.  
|header=Adding additional services
|text=expand the <code>ExecStart</code> parameter in the <code>/etc/systemd/system/bluespice.service</code>
Example:
ExecStart=<WORKDIR>/bluespice-deploy -f docker-compose.proxy-letsencrypt.yml up -f -d --remove-orphans
|icon=yes
}}


==== Custom wiki application configuration ====
Inside the container you can find code base of the wiki at <code>/app/bluespice/w</code> , where one can run for example <code>php maintenance/run.php update --quick</code>.
After the initial installation, the <code>${DATADIR}/wiki/bluespice/</code> contains two files that can be used to set custom application configuration as it may be found on [https://www.mediawiki.org mediawiki.org]:


* <code>pre-init-settings.php</code>  - Can be used to set config that can be picked up by  the init process
=== Install further MediaWiki extensions ===
* <code>post-init-settings.php</code> - Can be used to manipulate configs that have been set by the init process


==== Custom database and search ====
== Additional authentication services ==
If you have a MySQL/MariaDB and an OpenSearch server running in your local network, you can remove <code>docker-compose.persistent-data-services.yml</code> entirely from your <code>bluespice-deploy</code>  file. Make sure to set the proper variables in the <code>.env</code> file.


====Kerberos proxy====
=== Kerberos proxy ===
For implicit authenticationusing Kerberos, an additional proxy must be used: <code>bluespice/kerberos-proxy</code> . The file <code>docker-compose.kerberos-proxy.yml</code> contains a common configuration. It can be used '''instead of''' the regular <code>docker-compose.proxy.yml</code> file inside <code>bluespice-deploy</code> .
For implicit authentication using Kerberos, an additional proxy must be used: <code>bluespice/kerberos-proxy</code> . The file <code>docker-compose.kerberos-proxy.yml</code> contains a common configuration. It can be used '''instead of''' the regular <code>docker-compose.proxy.yml</code> file inside <code>bluespice-deploy</code> .


Make sure to have the files
Make sure to have the files
Line 185: Line 167:
The file <code>${DATADIR}/wiki/bluespice/pre-init-settings.php</code> can then be used to set up [[mediawikiwiki:LDAP_hub|"Extension:Auth_remoteuser" and the LDAP stack extensions]].
The file <code>${DATADIR}/wiki/bluespice/pre-init-settings.php</code> can then be used to set up [[mediawikiwiki:LDAP_hub|"Extension:Auth_remoteuser" and the LDAP stack extensions]].


====SAML authentication====
=== SAML authentication ===
 
During the initial installation a certificate for message signing will automatically be created. It can be found in <code>${DATADIR}/wiki/simplesamlphp/certs/</code>.
During the initial installation a certificate for message signing will automatically be created. It can be found in <code>${DATADIR}/wiki/simplesamlphp/certs/</code>.


Line 213: Line 194:
After that, the authentication plugin configuration can be applied in [[Manual:Extension/BlueSpiceConfigManager|Special:BlueSpiceConfigManager]] under "Authentication".
After that, the authentication plugin configuration can be applied in [[Manual:Extension/BlueSpiceConfigManager|Special:BlueSpiceConfigManager]] under "Authentication".


==== OpenID Connect authentication ====
=== OpenID Connect authentication ===


The extensions "PluggableAuth" and "OpenIDConnect" must be enabled on the wiki. To do so, add<syntaxhighlight lang="php">
The extensions "PluggableAuth" and "OpenIDConnect" must be enabled on the wiki. To do so, add<syntaxhighlight lang="php">

Latest revision as of 16:16, 24 July 2025

Overview

Starting with version 4.5, BlueSpice MediaWiki can be installed with a stack of Docker container images.

Everything is built in a modular way to allow different types of setups.

The most common cases are:

  1. "All-in-one" (with and without Let's Encrypt)
  2. Custom database and search service
  3. Custom load balancer / proxy

Architecture

Diagram of BlueSpice Docker Stack Architecture

Notes

  • Internal HTTP connections may use non-standard ports. Those are noted next to the respective services.
    • HTTP (in-secure) is only used for internal communication within the virtual network the stack is operated in. All connections to the client use TLS.
  • Proprietary ports (esp. for database connections) are noted next to the respective services.
  • There may be additional services and ports in use, based on the setup. Some examples:
    • When using LDAP based authentication an LDAPS connection (port 636) is used from the bluespice/wiki containers to the LDAP-Server
    • When using Kerberos authentication, a connection (port 88) is used from the bluespice/kerberos-proxy containers to the Kerberos-Server
    • When using DeepL or OpenAI services, a HTTPS connection (port 443) is used from the bluespice/wiki containers to to the respective service
    • When using OpenIDConnect authentication, a HTTPS connection (port 443) is used from the bluespice/wiki "task" container to to the authentication provider
    • When using "Let's Encrypt" Certbot, a HTTPS connection (port 443) is used from the acme-companion container to the "Let's Encrypt" service

Step 1: Get the stack

Load project bluespice-deploy from https://github.com/hallowelt/bluespice-deploy/releases/latest and enter the sub-directory compose for Docker Compose files.

For example, run: 

wget https://github.com/hallowelt/bluespice-deploy/archive/refs/tags/5.1.1.zip \
  && unzip 5.1.1.zip \
  && cd bluespice-deploy-5.1.1/compose

The directory contains the following files:

Filename Type Comment
bluespice-deploy shell script Start-up script, wrapping command docker compose and service yml files.
Additional service yml files can be loaded by adding -f <filename> .
docker-compose.main.yml yml Main containers of the wiki (wiki-web and wiki-task).
docker-compose.persistent-data-services.yml yml Containers of database and search services, storing persistent data onto the file system.
Optionally with external MySQL/MariaDB and OpenSearch one can skip loading this .yml in bluespice-deploy. Please then wire your services properly in the .env file.
docker-compose.stateless-services.yml yml Containers for caching, PDF rendering, formula-rendering and diagram editing.
docker-compose.helper-service.yml yml Helper containers for file system preparation and automated BlueSpice upgrade.
These containers exit automatically after finishing tasks.
docker-compose.proxy.yml yml Container of proxy service. Can be replaced by existing proxy/load-balancer infrastructure.
docker-compose.proxy-letsencrypt.yml yml Additional service for auto-renewal of "Let's Encrypt" certificates.
Only required when using the Let's Encrypt service and having no other TLS termination.
docker-compose.kerberos-proxy.yml yml Additional proxy for Kerberos based authentication.
docker-compose.collabpads-service.yml yml Containers of back-end services for CollabPads (included in Pro and Farm editions).
.env.sample text Sample for creating .env that defines key environment variables.
bluespice.service.demo service script Demo-file for control the BlueSpice stack as a systemctl service.
One can create e.g a /etc/systemd/system/bluespice.service.

Step 2: Set up environment variables

Create your .env based on the sample file .env.sample.

Example: 

# set or use your data directory 
DATADIR=/data/bluespice
VERSION=5.1.1
EDITION=free
BACKUP_HOUR=04

WIKI_NAME=BlueSpice
WIKI_LANG=en
WIKI_PASSWORDSENDER=no-reply@wiki.company.local
WIKI_EMERGENCYCONTACT=no-reply@wiki.company.local
WIKI_HOST=wiki.company.local
WIKI_PORT=443
WIKI_PROTOCOL=https
WIKI_BASE_PATH=

DB_USER=set_or_use_your_db_user_name
DB_PASS=SET_OR_USE_YOUR_DB_PASS_WORD
DB_ROOT_USER=root 
DB_ROOT_PASS=$DB_PASS
DB_HOST=database
DB_NAME=bluespice
DB_PREFIX=

SMTP_HOST=mail.company.local
SMTP_PORT=25
SMTP_USER=...
SMTP_PASS=...
SMTP_ID_HOST=...

LETSENCRYPT=false
Different editions This config works for all editions, but the main image of Pro or Farm edition needs to be obtained differently, see Pro and Farm edition


Step 3: Start the stack

Use bluespice-deploy up -d to start the stack. Once all containers are shown as "ready" you can navigate to $WIKI_PROTOCOL://$WIKI_HOST:$WIKI_PORT (e.g. https://wiki.company.local) in your preferred web browser and start using the application.

When starting the stack the first time, the wiki-task container will automatically perform the installation. It may take a couple of minutes for the process to set up the database and complete. Once it is finished, the password for the default Admin user can be found in $DATADIR/wiki/initialAdminPassword.

Additional options

SSL certificates

To use a Let's Encrypt certificate for your domain name, set LETSENCRYPT=true in your .env file.

To use a self-signend certificate for your domain name, put its .crt and .key files in ${DATADIR}/proxy/certs. For example, with wiki.company.local you should prepare wiki.company.local.crt and wiki.company.local.key files.

Configs for LocalSettings.php

Instead of exposing the LocalSettings.php for adding additional configurations, the stack offers two entry points. After the initial installation, you can add your configs to two files in ${DATADIR}/wiki/bluespice/ :

  • pre-init-settings.php - Set configs before the initialization of BlueSpice's debug logging, libraries, skins, extensions and default settings. Configs set here can be picked up by the init process.
  • post-init-settings.php - Set configs after the initialization, manipulating configs that have been set by the init process.

Run maintenance scripts

To run scripts from MediaWiki or from other extensions, please use the wiki-task container, which handles all back-end jobs and processes. You can connect into the container in two different ways:

  • run ./bluespice-deploy exec -it wiki-task bash in the compose directory for Docker Compose files, or
  • run docker exec -it bluespice-wiki-task bash anywhere.

Inside the container you can find code base of the wiki at /app/bluespice/w , where one can run for example php maintenance/run.php update --quick.

Install further MediaWiki extensions

Additional authentication services

Kerberos proxy

For implicit authentication using Kerberos, an additional proxy must be used: bluespice/kerberos-proxy . The file docker-compose.kerberos-proxy.yml contains a common configuration. It can be used instead of the regular docker-compose.proxy.yml file inside bluespice-deploy .

Make sure to have the files

  • ${DATADIR}/kerberos/krb5.conf
  • ${DATADIR}/kerberos/kerberos.keytab

set up properly.

The file ${DATADIR}/wiki/bluespice/pre-init-settings.php can then be used to set up "Extension:Auth_remoteuser" and the LDAP stack extensions.

SAML authentication

During the initial installation a certificate for message signing will automatically be created. It can be found in ${DATADIR}/wiki/simplesamlphp/certs/.

In order to configure a remote IdP, one must copy the IdP metadata XML to a file called ${DATADIR}/wiki/simplesamlphp/saml_idp_metadata.xml. The SP metadata can then be obtained via https://{{$WIKI_HOST}}/_sp/module.php/saml/sp/metadata.php/default-sp. It must be configured in the remote IdP.

Test authentication You can test authentication directly within the SimpleSAMLphp application. To do so, navigate to https://{{$WIKI_HOST}}/_sp/module.php/admin and log in with admin and the INTERNAL_SIMPLESAMLPHP_ADMIN_PASS found in ${DATADIR}/wiki/.wikienv


Next, the extensions "PluggableAuth" and "SimpleSAMLphp" must be enabled on the wiki. To do so, add 

wfLoadExtensions( [
    'PluggableAuth',
    'SimpleSAMLphp'
] );

to the ${DATADIR}/wiki/bluespice/post-init-settings.php. Run 

./bluespice-deploy exec wiki-task /app/bluespice/w/maintenance/update.php --quick

to complete the installation.

After that, the authentication plugin configuration can be applied in Special:BlueSpiceConfigManager under "Authentication".

OpenID Connect authentication

The extensions "PluggableAuth" and "OpenIDConnect" must be enabled on the wiki. To do so, add

wfLoadExtensions( [
    'PluggableAuth',
    'OpenIDConnect'
] );

to the ${DATADIR}/wiki/bluespice/post-init-settings.php. Run 

./bluespice-deploy exec wiki-task /app/bluespice/w/maintenance/update.php --quick

to complete the installation.

After that, the authentication plugin configuration can be applied in Special:BlueSpiceConfigManager under "Authentication".


PDF exclude - start

To submit feedback about this documentation, visit our community forum.

PDF exclude - end
Retrieved from "https://en.wiki.bluespice.com/w/index.php?title=Setup:Installation_Guide/Docker&oldid=12637"