Add initial XWiki role draft

- Added web-app-xwiki draft role with config, vars, templates, and docs - Registered new network and port for XWiki - Adjusted MediaWiki canonical domain to media.wiki https://chatgpt.com/share/68c18c65-a008-800f-8d62-b695df2c6fa1
2025-10-31 02:10:05 +00:00 · 2025-09-10 16:34:37 +02:00
parent 90843726de
commit 79c623d8db
12 changed files with 199 additions and 1 deletions
--- a/roles/web-app-xwiki/README.md
+++ b/roles/web-app-xwiki/README.md
@@ -0,0 +1,34 @@
+# XWiki
+
+## Description
+
+Empower your organization with **XWiki**, an open-source enterprise wiki and knowledge management platform. XWiki provides powerful collaboration features, structured content management, and extensibility through applications and plugins—all under your control.
+
+## Overview
+
+This role deploys XWiki using Docker, automating the installation, configuration, and management of your XWiki server. It integrates with an external PostgreSQL database, Redis for caching and sessions, and an Nginx reverse proxy. The role supports advanced features such as global CSS injection, Matomo analytics, OIDC authentication, and centralized logout, making it a powerful and customizable solution within the Infinito.Nexus ecosystem.
+
+## Features
+
+- **Enterprise Wiki Platform:** Create, edit, and organize pages with a powerful WYSIWYG editor and structured content support.  
+- **Advanced Rights Management:** Fine-grained permissions for users, groups, and spaces.  
+- **Extensions & Applications:** Extend functionality with hundreds of available XWiki extensions and macros.  
+- **Powerful Search:** Full-text and structured search to quickly find knowledge across spaces.  
+- **Office Integration:** Import, export, and collaborate on Office documents (Word, Excel, PDF).  
+- **Customization & Theming:** Adapt the look and feel of your wiki with skins, CSS, and scripting.  
+- **Integration Ready:** Connect with external systems such as Keycloak (OIDC), LDAP, or analytics tools like Matomo.  
+- **Scalability:** Backend support with PostgreSQL and Redis for performance and session handling.  
+
+## Further Resources
+
+- [XWiki Official Website](https://www.xwiki.org/)  
+- [XWiki Documentation](https://www.xwiki.org/xwiki/bin/view/Documentation/)  
+- [XWiki GitHub Repository](https://github.com/xwiki/xwiki-platform)  
+
+## Credits
+
+Developed and maintained by **Kevin Veen-Birkenbach**.  
+Learn more at [veen.world](https://www.veen.world).  
+
+Part of the [Infinito.Nexus Project](https://s.infinito.nexus/code)  
+Licensed under [Infinito.Nexus NonCommercial License](https://s.infinito.nexus/license).  
--- a/roles/web-app-xwiki/config/main.yml
+++ b/roles/web-app-xwiki/config/main.yml
@@ -0,0 +1,31 @@
+credentials: {}
+docker:
+  services:
+    redis:
+      enabled:      false
+    database:
+      enabled:      true
+    xwiki:
+      image:        xwiki
+      version:      stable-mariadb-tomcat
+      name:         xwiki
+      backup:
+        no_stop_required: true
+  volumes:
+    data:           "xwiki_data"
+features:
+  matomo:           true
+  css:              true
+  desktop:          true
+  central_database: true
+  logout:           true
+  oidc:             true
+server:
+  csp:
+    whitelist:      {}
+    flags:          {}
+  domains:
+    canonical:
+      - "x.wiki.{{ PRIMARY_DOMAIN }}"
+rbac:
+  roles: {}
--- a/roles/web-app-xwiki/meta/main.yml
+++ b/roles/web-app-xwiki/meta/main.yml
@@ -0,0 +1,21 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birkenbach"
+  description: "XWiki is an open-source enterprise wiki and knowledge management platform, offering collaboration tools, structured content, and extensibility through apps and plugins."
+  license: "Infinito.Nexus NonCommercial License"
+  license_url: "https://s.infinito.nexus/license"
+  company: | 
+    Kevin Veen-Birkenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  galaxy_tags: [wiki, collaboration, knowledge, documentation, cms]
+  repository: "https://s.infinito.nexus/code"
+  issue_tracker_url: "https://s.infinito.nexus/issues"
+  documentation: "https://s.infinito.nexus/code/"
+  logo:
+    class: "fas fa-book"
+  run_after:
+    - web-app-matomo
+    - web-app-keycloak
+    - web-app-mailu
+dependencies: []
--- a/roles/web-app-xwiki/schema/main.yml
+++ b/roles/web-app-xwiki/schema/main.yml
--- a/roles/web-app-xwiki/tasks/main.yml
+++ b/roles/web-app-xwiki/tasks/main.yml
@@ -0,0 +1,7 @@
+---
+- block:
+  - name: "load docker, db and proxy for {{ application_id }}"
+    include_role: 
+      name: sys-stk-full-stateful
+  - include_tasks: utils/run_once.yml
+  when: run_once_web_app_xwiki is not defined
--- a/roles/web-app-xwiki/templates/Dockerfile.j2
+++ b/roles/web-app-xwiki/templates/Dockerfile.j2
@@ -0,0 +1 @@
+FROM {{ XWIKI_IMAGE }}:{{ XWIKI_VERSION }}
--- a/roles/web-app-xwiki/templates/docker-compose.yml.j2
+++ b/roles/web-app-xwiki/templates/docker-compose.yml.j2
@@ -0,0 +1,23 @@
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
+  application:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    image: "{{ XWIKI_IMAGE_CUSTOM }}"
+    container_name: "{{ XWIKI_CONTAINER }}"
+    hostname: '{{ XWIKI_HOSTNAME}}'
+    command: ["all"]
+    ports:
+      - "127.0.0.1:{{ ports.localhost.http[application_id] }}:{{ container_port }}"
+    volumes:
+      - 'data:/usr/local/xwiki'
+{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on/dmbs_excl.yml.j2' %}
+{% include 'roles/docker-container/templates/networks.yml.j2' %}
+
+{% include 'roles/docker-compose/templates/volumes.yml.j2' %}
+  data:
+    name: {{ XWIKI_DATA_VOLUME }}
+
+{% include 'roles/docker-compose/templates/networks.yml.j2' %}
--- a/roles/web-app-xwiki/templates/env.j2
+++ b/roles/web-app-xwiki/templates/env.j2
@@ -0,0 +1,45 @@
+DB_USER="{{ database_username }}"
+DB_PASSWORD="{{ database_password }}"
+DB_HOST="{{ database_host }}"
+
+### Pretix core
+#XWIKI_XWIKI_INSTANCE_NAME="{{ PRIMARY_DOMAIN | upper }} Tickets"
+#XWIKI_XWIKI_ALLOWED_HOSTS="{{ XWIKI_HOSTNAME }},127.0.0.1,localhost"
+#XWIKI_XWIKI_URL="{{ XWIKI_URL }}"
+#XWIKI_XWIKI_AUTH_BACKENDS="xwiki.base.auth.NativeAuthBackend{% if XWIKI_OIDC_ENABLED %},xwiki_oidc.auth.OIDCAuthBackend{% endif %}"
+#
+### Locale
+#XWIKI_LOCALE_TIMEZONE="{{ HOST_TIMEZONE }}"
+#
+### Database
+#XWIKI_DATABASE_BACKEND="postgresql"
+#XWIKI_DATABASE_NAME="{{ database_name }}"
+#XWIKI_DATABASE_USER="{{ database_username }}"
+#XWIKI_DATABASE_PASSWORD="{{ database_password }}"
+#XWIKI_DATABASE_HOST="{{ database_host }}"
+#XWIKI_DATABASE_PORT="{{ database_port }}"
+#XWIKI_WEB_CONCURRENCY="{{ POSTGRES_ALLOWED_AVG_CONNECTIONS }}"
+#XWIKI_WORKER_THREADS="{{ (POSTGRES_ALLOWED_AVG_CONNECTIONS | int // 2 ) }}"
+#
+#{% if XWIKI_REDIS_ENABLED %}
+### Redis
+#XWIKI_REDIS_SESSIONS="true"
+#XWIKI_REDIS_LOCATION="redis://redis:6379/{{ XWIKI_REDIS_CACHE_DB }}"
+#CELERY_BROKER_URL="redis://redis:6379/{{ XWIKI_REDIS_BROKER_DB }}"
+#CELERY_RESULT_BACKEND="redis://redis:6379/{{ XWIKI_REDIS_RESULT_DB }}"
+#{% endif %}
+#
+#{% if XWIKI_OIDC_ENABLED %}
+### OIDC (plugin)
+#XWIKI_OIDC_TITLE="{{ XWIKI_OIDC_LABEL | replace('\"','\\\"') }}"
+#XWIKI_OIDC_ISSUER="{{ XWIKI_OIDC_ISSUER }}"
+#XWIKI_OIDC_AUTHORIZATION_ENDPOINT="{{ XWIKI_OIDC_AUTH_URL }}"
+#XWIKI_OIDC_TOKEN_ENDPOINT="{{ XWIKI_OIDC_TOKEN_URL }}"
+#XWIKI_OIDC_USERINFO_ENDPOINT="{{ XWIKI_OIDC_USERINFO_URL }}"
+#XWIKI_OIDC_END_SESSION_ENDPOINT="{{ XWIKI_OIDC_LOGOUT_URL }}"
+#XWIKI_OIDC_JWKS_URI="{{ XWIKI_OIDC_JWKS_URL }}"
+#XWIKI_OIDC_CLIENT_ID="{{ XWIKI_OIDC_CLIENT_ID }}"
+#XWIKI_OIDC_CLIENT_SECRET="{{ XWIKI_OIDC_CLIENT_SECRET }}"
+#XWIKI_OIDC_SCOPES="{{ XWIKI_OIDC_SCOPES }}"
+#XWIKI_OIDC_UNIQUE_ATTRIBUTE="{{ XWIKI_OIDC_UNIQUE_ATTRIBUTE }}"
+#{% endif %}
--- a/roles/web-app-xwiki/vars/main.yml
+++ b/roles/web-app-xwiki/vars/main.yml
@@ -0,0 +1,33 @@
+# General
+application_id:                 "web-app-xwiki"
+database_type:                  "postgres"
+container_port:                 8080
+container_hostname:             "{{ domains | get_domain(application_id) }}"
+
+# Pretix
+
+## URLs
+XWIKI_URL:                     "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
+XWIKI_HOSTNAME:                "{{ container_hostname }}"
+
+## OIDC (mirrors GitLab’s pattern)
+XWIKI_OIDC_ENABLED:            "{{ applications | get_app_conf(application_id, 'features.oidc') }}"
+XWIKI_OIDC_LABEL:              "{{ OIDC.BUTTON_TEXT }}"
+XWIKI_OIDC_CLIENT_ID:          "{{ OIDC.CLIENT.ID }}"
+XWIKI_OIDC_CLIENT_SECRET:      "{{ OIDC.CLIENT.SECRET }}"
+XWIKI_OIDC_ISSUER:             "{{ OIDC.CLIENT.ISSUER_URL }}"
+XWIKI_OIDC_AUTH_URL:           "{{ OIDC.CLIENT.AUTHORIZE_URL }}"
+XWIKI_OIDC_TOKEN_URL:          "{{ OIDC.CLIENT.TOKEN_URL }}"
+XWIKI_OIDC_USERINFO_URL:       "{{ OIDC.CLIENT.USER_INFO_URL }}"
+XWIKI_OIDC_LOGOUT_URL:         "{{ OIDC.CLIENT.LOGOUT_URL }}"
+XWIKI_OIDC_JWKS_URL:           "{{ OIDC.CLIENT.CERTS }}"
+XWIKI_OIDC_SCOPES:             "openid,email,profile"
+# Use Keycloak username claim by default (plugin default is 'sub')
+XWIKI_OIDC_UNIQUE_ATTRIBUTE:   "{{ OIDC.ATTRIBUTES.USERNAME }}"
+
+## Docker
+XWIKI_IMAGE_CUSTOM:            "xwiki_custom"
+XWIKI_IMAGE:                   "{{ applications | get_app_conf(application_id, 'docker.services.xwiki.image') }}"
+XWIKI_VERSION:                 "{{ applications | get_app_conf(application_id, 'docker.services.xwiki.version') }}"
+XWIKI_CONTAINER:               "{{ applications | get_app_conf(application_id, 'docker.services.xwiki.name') }}"
+XWIKI_DATA_VOLUME:             "{{ applications | get_app_conf(application_id, 'docker.volumes.data') }}"