在安装outline之前需要先安装postgres和keycloak来存储数据和单点登录,安装minio来存储图片等。
先创建统一的网络
docker network create outlinewiki
postgres
用 docker compose 安装postgres并启动
我将docker-compose-postgres.yml 和.env都存放在/app/postgres目录下
docker-compose-postgres.yml:
version: '3'
services:
postgres-db:
container_name: postgres-db
image: postgres:latest
restart: always
security_opt:
- label:disable
volumes:
- /app/postgres/postgres-db:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
environment:
POSTGRES_DB: ${POSTGRES_DB}
POSTGRES_USER: ${POSTGRES_DB_USER}
POSTGRES_PASSWORD: ${POSTGRES_DB_DB_PASSWORD}
networks:
- outlinewiki
networks:
outlinewiki:
external: true
编辑配置文件.env
POSTGRES_DB=raylen
POSTGRES_DB_USER=raylen
POSTGRES_DB_DB_PASSWORD=raylen123
启动容器
docker-compose -f docker-compose-postgres.yml up -d
创建项目需要的数据库信息
1. 先进入容器:
docker exec -it postgres-db bash
2. 登录 Postgres:
psql -U raylen
3. 创建第一个数据库和用户(keycloak_db):
a. 创建数据库 keycloak_db:
CREATE DATABASE keycloak_db;
b. 创建用户 keycloak 并设置密码:
CREATE USER keycloak WITH ENCRYPTED PASSWORD 'raylenkeycloak';
c. 赋予 keycloak 用户对 keycloak_db 数据库的所有权限:
GRANT ALL PRIVILEGES ON DATABASE "keycloak_db" TO keycloak;
3. 创建第二个数据库和用户(outline_db):
a. 创建数据库 outline_db:
CREATE DATABASE outline_db;
b. 创建用户 outline 并设置密码:
CREATE USER outline WITH ENCRYPTED PASSWORD 'raylenoutline';
c. 赋予 keycloak 用户对 outline_db 数据库的所有权限:
GRANT ALL PRIVILEGES ON DATABASE "outline_db" TO outline;
4. 退出容器
\q
5. 测试登录
psql -U outline -d outline_db
keycloak
用 docker compose 安装keycloak并启动
我将docker-compose-keycloak 和.env都存放在/app/keycloak目录下
docker-compose-keycloak.yml:
version: '3'
services:
keycloak:
container_name: keycloak
image: quay.io/keycloak/keycloak:latest
restart: always
environment:
KC_DB: postgres
KC_DB_URL: jdbc:postgresql://postgres-db:5432/keycloak_db
KC_DB_USER: ${KC_DB_USER}
KC_DB_SCHEMA: public
KC_DB_PASSWORD: ${KC_DB_PASSWORD}
KC_HOSTNAME: ${KC_HOSTNAME}
KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN}
KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
KC_PROXY: edge
ports:
- 7080:8080
networks:
- outlinewiki
command: start
networks:
outlinewiki:
external: true
编辑配置文件.env:
KC_DB_USER=keycloak
KC_DB_PASSWORD=raylenkeycloak
KC_HOSTNAME=sso.xxx.com
KEYCLOAK_ADMIN=raylen
KEYCLOAK_ADMIN_PASSWORD=raylen
启动容器:
docker-compose -f docker-compose-keycloak.yml up -d
关于 keycloak 的配置参考:https://www.heyvaldemar.com/install-outline-and-keycloak-using-docker-compose/
Redis
用 docker compose 安装Redis并启动
我将docker-compose-redis.yml存放在/app/redis目录下
docker-compose-outline.yml:
version: "3"
services:
redis:
image: redis
container_name: redis
ports:
- "6379:6379"
volumes:
- /app/redis/redis.conf:/data
networks:
- outlinewiki
networks:
outlinewiki:
external: true
启动容器:
docker-compose -f docker-compose-redis.yml up -d
Minio
用 docker compose 安装Minio并启动
我将docker-compose-minio.yml 和.env都存放在/app/minio目录下
docker-compose-minio.yml:
version: "3"
services:
minio:
image: minio/minio
environment:
MINIO_ROOT_USER:${MINIO_ROOT_USER}
MINIO_ROOT_PASSWORD:${MINIO_ROOT_PASSWORD}
TZ:Asia/Shanghai
networks:
- outlinewiki
ports:
- 9000:9000
- 9001:9001
deploy:
restart_policy:
condition: on-failure
volumes:
- ./minio-data:/data
- ./minio-config:/root/.minio
entrypoint: sh
command: -c 'minio server --console-address ":9001" /data'
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
networks:
outlinewiki:
external: true
volumes:
outline-minio-data:
配置文件.env:
MINIO_ROOT_USER=raylen
MINIO_ROOT_PASSWORD=123
启动容器:
docker-compose -f docker-compose-minio.yml up -d
outline
用 docker compose 安装outline并启动
我将docker-compose-outline.yml 和docker.env都存放在/app/outline目录下
docker-compose-outline.yml:
version: "3"
services:
outline:
image: docker.getoutline.com/outlinewiki/outline:latest
env_file: ./docker.env
networks:
- outlinewiki
ports:
- "3000:3000"
command: sh -c "yarn start --env=production-ssl-disabled"
networks:
outlinewiki:
external: true
配置文件docker.env:
# –––––––––––––––– REQUIRED ––––––––––––––––
NODE_ENV=production
# Generate a hex-encoded 32-byte random key. You should use `openssl rand -hex 32`
# in your terminal to generate a random value.
SECRET_KEY=xxx
# Generate a unique random key. The format is not important but you could still use
# `openssl rand -hex 32` in your terminal to produce this.
UTILS_SECRET=xxx
# For production point these at your databases, in development the default
# should work out of the box.
DATABASE_URL=postgres://outline:xxx@postgres-db:5432/outline-db
DATABASE_URL_TEST=postgres://outline:xxx@postgres-db:5432/outline-db-test
DATABASE_CONNECTION_POOL_MIN=
DATABASE_CONNECTION_POOL_MAX=
# Uncomment this to disable SSL for connecting to Postgres
PGSSLMODE=disable
# For redis you can either specify an ioredis compatible url like this
REDIS_URL=redis://redis:6379
# or alternatively, if you would like to provide additional connection options,
# use a base64 encoded JSON connection option object. Refer to the ioredis documentation
# for a list of available options.
# Example: Use Redis Sentinel for high availability
# {"sentinels":[{"host":"sentinel-0","port":26379},{"host":"sentinel-1","port":26379}],"name":"mymaster"}
# REDIS_URL=ioredis://eyJzZW50aW5lbHMiOlt7Imhvc3QiOiJzZW50aW5lbC0wIiwicG9ydCI6MjYzNzl9LHsiaG9zdCI6InNlbnRpbmVsLTEiLCJwb3J0IjoyNjM3OX1dLCJuYW1lIjoibXltYXN0ZXIifQ==
# URL should point to the fully qualified, publicly accessible URL. If using a
# proxy the port in URL and PORT may be different.
URL=https://docs.xxx.com
PORT=3000
# See [documentation](docs/SERVICES.md) on running a separate collaboration
# server, for normal operation this does not need to be set.
COLLABORATION_URL=
# To support uploading of images for avatars and document attachments an
# s3-compatible storage must be provided. AWS S3 is recommended for redundancy
# however if you want to keep all file storage local an alternative such as
# minio (https://github.com/minio/minio) can be used.
# A more detailed guide on setting up S3 is available here:
# => https://wiki.generaloutline.com/share/125de1cc-9ff6-424b-8415-0d58c809a40f
#
AWS_ACCESS_KEY_ID=xxx
AWS_SECRET_ACCESS_KEY=xxx
AWS_REGION=auto
AWS_S3_UPLOAD_BUCKET_URL=https://xxx.r2.cloudflarestorage.com
AWS_S3_UPLOAD_BUCKET_NAME=outline
AWS_S3_FORCE_PATH_STYLE=true
AWS_S3_ACL=private
# Specify what storage system to use. Possible value is one of "s3" or "local".
# For "local", the avatar images and document attachments will be saved on local disk.
FILE_STORAGE=s3
# If "local" is configured for FILE_STORAGE above, then this sets the parent directory under
# which all attachments/images go. Make sure that the process has permissions to create
# this path and also to write files to it.
FILE_STORAGE_LOCAL_ROOT_DIR=/var/lib/outline/data
# Maximum allowed size for the uploaded attachment.
FILE_STORAGE_UPLOAD_MAX_SIZE=26214400
# –––––––––––––– AUTHENTICATION ––––––––––––––
# To configure generic OIDC auth, you'll need some kind of identity provider.
# See documentation for whichever IdP you use to acquire the following info:
# Redirect URI is https://<URL>/auth/oidc.callback
OIDC_CLIENT_ID=outline
OIDC_CLIENT_SECRET=xxx
OIDC_AUTH_URI=https://sso.xxx.com/realms/outline/protocol/openid-connect/auth
OIDC_TOKEN_URI=https://sso.xxxx.com/realms/outline/protocol/openid-connect/token
OIDC_USERINFO_URI=https://sso.xxx.com/realms/outline/protocol/openid-connect/userinfo
# Specify which claims to derive user information from
# Supports any valid JSON path with the JWT payload
OIDC_USERNAME_CLAIM=preferred_username
# Display name for OIDC authentication
OIDC_DISPLAY_NAME=xxx SSO Server
# Space separated auth scopes.
OIDC_SCOPES=openid profile email
启动容器:
docker-compose -f docker-compose-outline.yml up -d
0