How to Deploy BookStack Wiki App

https://www.bookstackapp.com/

Docker Commands

docker network create bookstack_nw

docker run -d --net bookstack_nw  \
-e MYSQL_ROOT_PASSWORD=secret \
-e MYSQL_DATABASE=bookstack \
-e MYSQL_USER=bookstack \
-e MYSQL_PASSWORD=secret \
-v bookstack-mysql:/var/lib/mysql \
 --name="bookstack_db" \
 mysql:5.7.21

docker run -d --net bookstack_nw  \
-e DB_HOST=bookstack_db:3306 \
-e DB_DATABASE=bookstack \
-e DB_USERNAME=bookstack \
-e DB_PASSWORD=secret \
-e AZURE_APP_ID=*** \
-e AZURE_APP_SECRET=*** \
-e AZURE_TENANT=*** \
-e APP_URL=https://www.domain.com \
-v bookstack-uploads:/var/www/bookstack/public/uploads \
-v bookstack-storage:/var/www/bookstack/public/storage \
-p 8080:80 \
 --name="bookstack" \
 solidnerd/bookstack:0.24.2

docker run -d --net bookstack_nw \
-v ~/nginx:/etc/nginx/conf.d/ \
-p 80:80 -p 443:443 \
--name=nginx \
nginx

nginx config

server {
    listen 80;
    listen [::]:80;
    server_name _;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    listen [::]:443;

    server_name  www.domain.com;

    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:50m;
    ssl_session_tickets off;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 E                                                                                                                                                                                            ECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";
    ssl_prefer_server_ciphers on;

    ssl_certificate     /etc/nginx/conf.d/fullchain.pem;
    ssl_certificate_key /etc/nginx/conf.d/privkey.pem;
    #charset koi8-r;
    #access_log  /var/log/nginx/host.access.log  main;

    location / {
        proxy_pass http://bookstack:80;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_read_timeout 43200000;

        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;
    }

}

SSL Certificates

Self-signed
openssl req -x509 -newkey rsa:2048 \
-keyout key.pem -out cert.pem \
-days 30000 -nodes
Let's encrypt

https://letsencrypt.org/getting-started/

mysql Deployment Config

apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
  labels:
    app: cakephp-mysql-persistent
    template: cakephp-mysql-persistent
  name: mysql
spec:
  replicas: 1
  selector:
    name: mysql
  strategy:
    activeDeadlineSeconds: 21600
    recreateParams:
      timeoutSeconds: 600
    resources: {}
    type: Recreate
  template:
    metadata:
      creationTimestamp: null
      labels:
        name: mysql
      name: mysql
    spec:
      containers:
        - env:
            - name: MYSQL_USER
              valueFrom:
                secretKeyRef:
                  key: database-user
                  name: cakephp-mysql-persistent
            - name: MYSQL_PASSWORD
              valueFrom:
                secretKeyRef:
                  key: database-password
                  name: cakephp-mysql-persistent
            - name: MYSQL_DATABASE
              value: default
          image: >-
            server:5000/rhscl/mysql-57-rhel7@sha256:154cd19e9c2a9df09ad61ce61139b955499aecd2247eb32df299104c750c6feb
          imagePullPolicy: IfNotPresent
          livenessProbe:
            failureThreshold: 3
            initialDelaySeconds: 30
            periodSeconds: 10
            successThreshold: 1
            tcpSocket:
              port: 3306
            timeoutSeconds: 1
          name: mysql
          ports:
            - containerPort: 3306
              protocol: TCP
          readinessProbe:
            exec:
              command:
                - /bin/sh
                - '-i'
                - '-c'
                - >-
                  MYSQL_PWD='ymVAEh4ufpMShxgn' mysql -h 127.0.0.1 -u cakephp -D
                  default -e 'SELECT 1'
            failureThreshold: 3
            initialDelaySeconds: 5
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 1
          resources:
            limits:
              memory: 512Mi
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
          volumeMounts:
            - mountPath: /var/lib/mysql/data
              name: mysql-data
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30
      volumes:
        - name: mysql-data
          persistentVolumeClaim:
            claimName: mysql
  test: false
  triggers:
    - imageChangeParams:
        automatic: true
        containerNames:
          - mysql
        from:
          kind: ImageStreamTag
          name: 'mysql:5.7'
          namespace: openshift
        lastTriggeredImage: >-
          hoecprvnex01.na.xom.com:5000/rhscl/mysql-57-rhel7@sha256:154cd19e9c2a9df09ad61ce61139b955499aecd2247eb32df299104c750c6feb
      type: ImageChange
    - type: ConfigChange

References


Revision #6
Created 7 months ago by Chairat (Par)
Updated 2 weeks ago by Chairat (Par)