XWiki (Helm)

Version 7.1 by Itzhak Daniel on 2024/04/28 20:20

About

XWiki is a free wiki software platform written in Java with a design emphasis on extensibility. As an application wiki, XWiki allows for the storing of structured data and the execution of server side script within the wiki interface. Scripting languages including Velocity, Apache Groovy, Python, Ruby and PHP can be written directly into wiki pages using wiki macros. XWiki code is licensed under the GNU Lesser General Public License and hosted on GitHub where everyone is free to fork the source code and develop changes in their own repository. While most of the active developers are funded by commercial support company XWiki SAS, XWiki SAS maintains a strict boundary between itself and the XWiki free software project. [source]

Security

XWiki is running as root by default, we had to rebuild the image in order to enable us to run it as an unprivileged user (uid/gid: 30001:30001). With MySQL we didn't go to the same effort, but in that case we're running the process as uid/gid: 30001/0, which isn't perfect, but much better than running as root.

Background

Behemoth LTD was in a search for a 'knowledge base' software, a central place to collect and collaborate on documents which hold information, instructions, guide, etc. The requirement was simple, it required to be able to run on Kubernetes without too much customization, building, testing and other complex CI/CD prerequisite.

Things may change in the future, as Kubernetes becomes the de-facto way to run Apps, so do some homework before continuing, Awesome Selfhosted.

Requirements

Here is the list of things you need to have:

  • Kubernetes 1.27 (probably will work with later versions as well).
    • Automatic storage provisioner (Behemoth LTD special case).
  • Helm 3.12 (probably will work with later versions as well).

Deploying

We're going to deploy XWiki as a statefulset, the Database (MySQL) and the App, each will have a volume to store their content.

Note about Storage

Behemoth LTD is running an on-prem Kubernetes solutions, we (currently?) don't have any shared storage solution (ceph, nfs, ...) , which require two things:

  1. Creating the path/loop device prior of creating PV.
  2. The PV is manually created.
Contents