63 Realms

Realms is a git-based wiki (like Gollum, but with basic authentication and registration)

Realms Screenshot

Features include:

  • Built with Bootstrap 3.
  • Markdown (w/ HTML Support).
  • Syntax highlighting (Ace Editor).
  • Live preview.
  • Collaboration (TogetherJS / Firepad).
  • Drafts saved to local storage.
  • Handlebars for templates and logic.
lessGollumi.e., you’re limited to markdown syntax only
source GitHub repo

63.1 Ingredients

  1. Docker swarm cluster with persistent shared storage
  2. Traefik configured per design
  3. DNS entry for the hostname you intend to use, pointed to your keepalived IP

63.2 Preparation

Setup data locations

Since we’ll start with a basic Realms install, let’s just create a single directory to hold the realms (SQLite) data:

mkdir /var/data/realms/

Create realms.env, and populate with the following variables (if you intend to use an oauth_proxy to double-secure your installation, which I recommend)

OAUTH2_PROXY_CLIENT_ID=
OAUTH2_PROXY_CLIENT_SECRET=
OAUTH2_PROXY_COOKIE_SECRET=

Setup Docker Swarm

Create a docker swarm config file in docker-compose syntax (v3), something like this:

with my patreon patronspremixgit pulldocker stack deploy
version: "3"

services:
  realms:
    image: realms/realms-wiki:latest
    env_file: /var/data/config/realms/realms.env
    volumes:
      - /var/data/realms:/home/wiki/data
    networks:
      - internal

  realms_proxy:
    image: funkypenguin/oauth2_proxy:latest
    env_file : /var/data/config/realms/realms.env
    networks:
      - internal
      - traefik_public
    deploy:
      labels:
        - traefik.frontend.rule=Host:realms.funkypenguin.co.nz
        - traefik.docker.network=traefik_public
        - traefik.port=4180
    volumes:
      - /var/data/config/realms/authenticated-emails.txt:/authenticated-email\
s.txt
    command: |
      -cookie-secure=false
      -upstream=http://realms:5000
      -redirect-url=https://realms.funkypenguin.co.nz
      -http-address=http://0.0.0.0:4180
      -email-domain=funkypenguin.co.nz
      -provider=github
      -authenticated-emails-file=/authenticated-emails.txt

networks:
  traefik_public:
    external: true
  internal:
    driver: overlay
    ipam:
      config:
        - subnet: 172.16.35.0/24
my list

63.3 Serving

Launch Realms stack

Launch the Wekan stack by running docker stack deploy realms -c <path -to-docker-compose.yml>

Log into your new instance at https://YOUR-FQDN, authenticate against oauth_proxy, and you’re immediately presented with Realms wiki, waiting for a fresh edit ;)

63.4 Chef’s Notes

  1. If you wanted to expose the Realms UI directly, you could remove the oauth2_proxy from the design, and move the traefik_public-related labels directly to the realms container. You’d also need to add the traefik_public network to the realms container.
  2. The inclusion of Realms was due to the efforts of @gkoerk in our Discord server. Thanks gkoerk!

Up next

64 Tiny Tiny RSS