Docker pod for (mediawiki + mysql + phpmyadmin + apache) + gitea + python + nginx. #krash
Charles Reid 4dfb36148e Merge branch 'master' of ssh:// 2 months ago
d-gitea @ 8c2bd1a55e update gitea submodule 3 months ago
d-mediawiki @ 1591083a8e update all submodules 3 months ago
d-mysql @ 4bd88e74c1 update all submodules 3 months ago
d-nginx-charlesreid1 @ 4acd5ed952 update config files to remove toots 3 months ago
d-phpmyadmin @ e84de96196 update all submodules 3 months ago
d-python-files @ 473b497e28 update all submodules 3 months ago
docs clean up the documenation, make readme/index consistent 3 months ago
mkdocs-material @ b0c6890853 Update mkdocs-material for mkdocs 1.0 4 months ago
utils-backup add utils backup readme 3 months ago
utils-gitea remove superfluous ls 5 months ago
utils-mw add change pw util 3 months ago
utils-mysql update utils scripts with set -x 8 months ago
.gitignore moving docs around, adding mkdocs.yml 8 months ago
.gitmodules update submodule URLs 6 months ago
LICENSE MIT licensed 8 months ago clean up the documenation, make readme/index consistent 3 months ago update todo 8 months ago
docker-compose.fixme.yml update docker-compose to log to json 2 months ago
mkdocs.yml update port information 3 months ago update the update submodules script 7 months ago


This repo contains a docker compose file for running the site.


The services available through pod-charlesreid1 are:

  • mediawiki
  • apache + php
  • mysql
  • phpmyadmin
  • nginx (Let’s Encrypt used offline for SSL certificates)
  • python
  • gitea


See the documentation site here:

Or visit docs/

Source code on

Source code on

Quick Start

From your project directory, start up the pod:

$ docker-compose up

If you want to rebuild the images (if you changed the Dockerfile), use the --build flag:

$ docker-compose up --build


See for info about running this docker pod:

  • Running the Docker Pod from Comand Line
  • Running the Docker Pod as a Startup Service
  • Workflow for Charlesreid1 Docker Pod Updates
  • Restoring the Docker Pod from Backups


See for info about data and volumes used by this docker pod:

  • Persistent Data Volumes
  • nginx
    • nginx + lets encrypt ssl certificates
    • nginx static content
    • nginx bind-mounted files
  • mysql
  • mediawiki
    • mediawiki data volume
    • mediawiki bind-mounted files
  • gitea
    • gitea data volume
    • gitea bind-mounted files
  • python file server (pyfiles)
    • pyfiles directory


There are a number of directories containing utility scripts - these are mostly dedicated to creating backups of any non-version-controlled data inside the container.

See for coverage of backup and utility scripts.

utils-backups - backup utilities (use the scripts below; good for cron jobs)

utils-mw - mediawiki backup utilities

utils-mysql mysql backup utilities

Domains and Ports

See Domains and for info about top-level domain names and ports used by this docker pod.

The domains ports document covers:

  • Domains
    • nginx domain handling
  • Ports
    • nginx ports
    • mediawiki/apache ports
    • phpmyadmin ports
    • mysql ports
    • gitea ports
    • python file server ports

Additional Port Info

The apache-mediawiki combination is running an apache service listening on port 8989. This can be adjusted, but should be adjusted in the Dockerfile, ports.conf, and wiki.conf.

The apache service listens on all interfaces (hence *:8989 in the apache conf file), but there is no port mapping specified in docker-compose.yml so it does not listen on any public interfaces.

Thus, the wiki is not publicly accessible via port 8989, but the wiki is available via port 8989 to any container linked to, or connected to the same network as, the mediawiki apache container.

Meanwhile, the nginx container has a public interface listening on port 80 and another listening on port 443. nginx listens for requests going to the wiki, detected via the url resource prefix being /w/ or /wiki/, and acts as a reverse proxy, forwarding the requests to Apache.

The user transparently sees everything happening via port 80 or (preferrably) 443, but on the backend nginx is passing along the URL request and returning the result.

Subdomains are served via reverse proxy on port 7777+.

The webhook server is a flask server listening on port 50000.


See for more info about getting secrets like passwords and sensitive files into various containers in the pod, without leaking out the information.

  • mysql database root password
  • mediawiki mysql database root password
  • gitea secret key and session id
  • nginx ssl certificates

Container-Specific Configuration Details

Each container has a different way of getting configuration files into the container. In the following documents we cover the specifics of each container.


docker compose documentation: