Xwiki-helm offline

Hello!

I am seeking help after days trying to install XWiki on a Kubernetes cluster in an offline environment.

• I followed the installation instructions at https://www.xwiki.org/xwiki/bin/view/Documentation/AdminGuide/Installation/#HInstallingwithoutinternetconnection
• I used the helm Chart at xwiki-helm/charts/xwiki at master · xwiki-contrib/xwiki-helm · GitHub
• Helm chart version 1.3.1
• XWiki tag 15.10.12-postgres-tomcat
• use an external PostgreSQL

Adapting the instructions to this Kubernetes case, I:

• set the permanent directory at “/usr/local/xwiki/data” in the customConfigs.xwiki.properties.environment.permanentDirectory of the Chart values, as the PersistentVolumeClaim of the Chart is mounted there too
• helm install the xwiki chart
• downloaded the XIP package for version 15.10.12
• unzipped it
• used kubectl cp to copy it in the pod at “/usr/local/xwiki/data/extension/repository”
• verified access rights (everything is apparently root-owned in this chart)
• deleted the pod to restart xwiki
• verified the extensions where here after restart
• open XWiki web page, see the Distribution Wizard, but no Flavors were shown
• on top of page there is the following message

$xwiki.jsfx.use(‘uicomponents/model/entityReference.js’, {‘defer’: false}) $xwiki.jsfx.use(‘js/xwiki/xwiki.bundle.min.js’, {‘forceSkinAction’: true, ‘defer’: false, ‘language’: $xcontext.locale}) $xwiki.ssfx.use(‘css/xwiki.bundle.min.css’, {‘forceSkinAction’: true, ‘colorTheme’: $themeDoc, ‘language’: $xcontext.locale})$xwiki.jsfx.use(“flamingo$jsExtension”, {‘forceSkinAction’ : true, ‘language’ : $xcontext.locale})
$xwiki.ssfx.use(‘uicomponents/wizard/wizard.css’, {‘forceSkinAction’: true, ‘version’: $environmentVersion}) $xwiki.ssfx.use(‘uicomponents/extension/distribution.css’, {‘forceSkinAction’: true, ‘version’: $environmentVersion}) $xwiki.jsfx.use(‘uicomponents/extension/distribution.js’, {‘forceSkinAction’: true, ‘version’: $environmentVersion})

I have no idea what this means, but I somehow believe this is due to the offline aspect of my deployment.

Some of the logs:

root@xwiki-0:/usr/local/tomcat# cat /usr/local/tomcat/logs/localhost.2024-10-04.log
04-Oct-2024 11:09:48.782 INFO [http-nio-8080-exec-3 - http://172.18.3.23:8080/rest] org.apache.catalina.core.ApplicationContext.log RestletServlet: [Restlet] ServerServlet: component class is null

• catalina.log shows no error nor warnings
• manager and host-manager.log are empty

The only configs have added are:

customConfigs:
  xwiki.cfg:
    xwiki.home: "my-url"
  xwiki.properties:
        environment.permanentDirectory: "/usr/local/xwiki/data" # necessary to override default catalina conf
    extension.repositories: # empty to disable check for online repositories at startup
    extension.localRepository: "/usr/local/xwiki/data/extension/repository"

Any idea? Thanks.

Interesting. After a few hours I get this pod’s logs:
2024-10-04 15:27:57,488 [extension.index job group daemon thread - org.xwiki.extension.index.internal.job.ExtensionIndexJob@69d6ddc5([extension, index])] WARN o.x.e.i.i.j.ExtensionIndexJob - Failed to get remote extension from repository [store.xwiki.com:xwiki:https://store.xwiki.com/xwiki/rest]: EOFException: SSL peer shut down incorrectly

I believed these three lines are the source of my problem: xwiki-helm/charts/xwiki/templates/initialization-configmaps.yaml at master · xwiki-contrib/xwiki-helm · GitHub

Using an install with no customConfigs in my values.yaml, I can see a complete xwiki.cf of 537 lines at /usr/local/tomcat/webapps/ROOT/WEB-INF/xwiki.cfg and a xwiki.propoerties of 1560 lines at /usr/local/tomcat/webapps/ROOT/WEB-INF/xwiki.properties .

Now if I add a few lines in customConfigs like below:

customConfigs:
  xwiki.cfg:
    xwiki.home: "https://my.domain"
    xwiki.authentication.authclass: "org.xwiki.contrib.oidc.auth.OIDCAuthServiceImpl"
  xwiki.properties:
    oidc.provider: https://my.oidc

Then /usr/local/tomcat/webapps/ROOT/WEB-INF/xwiki.cfg and /usr/local/tomcat/webapps/ROOT/WEB-INF/xwiki.properties only contain these few lines I have added. But not the rest. So a lot of config is missing, and the UI complains about it.

l’ll try tomorrow to use the entire xwiki.cfg and xwiki.properties and just change the lines relevant to me to see if it works.

Something seems to be broken with the customConfigs key.
What is strange is those lines removing the config files. But somehow with no customConfigs provided, the config is there plain and well.

I confirm that putting the content of 537 lines from /usr/local/tomcat/webapps/ROOT/WEB-INF/xwiki.cfg and xwiki.properties of 1560 lines from /usr/local/tomcat/webapps/ROOT/WEB-INF/xwiki.properties, under the customConfigs key of the chart values, and then modifying only the lines I am interested in, the “helm install” works correcctly, and the content of xwiki.cfg and xwiki.properties is what I want.

The logic of merging config in the file xwiki-helm/charts/xwiki/templates/initialization-configmaps.yaml at master · xwiki-contrib/xwiki-helm · GitHub needs to be edited. I’ll try to do it and submit a Merge Request when I have time.
Also I would prefer having confirmation from someone else that this is the real source of the problem.

I have the samte behaviour as you mentioned. do you have already a solution?

My last message is how I finally handled the problem.
Make a fresh install with default values.
Copy content of xwiki.cfg and xwiki.properties under your “values.defaultConfigs”
Install again

So withouth xwifi.cfg and xwiki.properties it works but if i add then the following i have the error:

error3664×364 65.6 KB

customConfigs:
xwiki.cfg:
xwiki.authentication.authclass: “org.xwiki.contrib.oidc.auth.OIDCAuthServiceImpl”

xwiki.properties:
url.trustedDomains: “blabla.ch”
oidc.endpoint.authorization: “https://auth.blabla.ch/realms/blabla/protocol/openid-connect/auth”
oidc.endpoint.token: “https://auth.blabla.ch/realms/blabla/protocol/openid-connect/token”
oidc.endpoint.userinfo: “https://auth.blablab.ch/realms/blabla/protocol/openid-connect/userinfo”
oidc.scope: “openid,profile,email,address,xwiki_groups”
oidc.endpoint.userinfo.method: “GET”
oidc.user.nameFormater: “${oidc.user.preferredUsername._clean._lowerCase}”
oidc.user.subjectFormater: “${oidc.user.subject}”
oidc.groups.claim: “xwiki_groups”
oidc.groups.mapping: “MyXWikiGroupAdmin=/wiki_admin”
oidc.groups.mapping: “MyXWikiGroupViewer=/wiki_user”
oidc.userinfoclaims: “xwiki_groups,xwiki_user_accessibility,xwiki_user_company,xwiki_user_displayHiddenDocuments,xwiki_user_editor,xwiki_user_usertype”
# oidc.userinforefreshrate: 600000
oidc.clientid: “wikix”
oidc.secret: “blabla”
oidc.endpoint.token.auth_method: “client_secret_basic”
oidc.skipped: “false”

Here is my full customConfigs:

customConfigs:
  xwiki.cfg:
    xwiki.home: "https://xwiki.url"
    xwiki.authentication.authclass: "org.xwiki.contrib.oidc.auth.OIDCAuthServiceImpl"
    ### ABOVE ARE MODIFIED CONFIGS FOR US ###
    #######################################
    ### BELOW ARE DEFAULTS, UNTIL END OF xwiki.cfg ###
    xwiki.encoding: UTF-8
    xwiki.section.edit: 1
    xwiki.section.depth: 2
    xwiki.backlinks: 1
    xwiki.tags: 1
    xwiki.store.migration: 1
    xwiki.webapppath:
    xwiki.inactiveuser.allowedpages:
    xwiki.authentication.cookiedomains:
    xwiki.authentication.logoutpage: (/|/[^/]+/|/wiki/[^/]+/)logout/*
    xwiki.editcomment: 1
    xwiki.editcomment.mandatory: 0
    xwiki.defaultskin: flamingo
    xwiki.defaultbaseskin: flamingo
    xwiki.plugins: \
      com.xpn.xwiki.monitor.api.MonitorPlugin,\
      com.xpn.xwiki.plugin.skinx.JsSkinExtensionPlugin,\
      com.xpn.xwiki.plugin.skinx.JsSkinFileExtensionPlugin,\
      com.xpn.xwiki.plugin.skinx.JsResourceSkinExtensionPlugin,\
      com.xpn.xwiki.plugin.skinx.CssSkinExtensionPlugin,\
      com.xpn.xwiki.plugin.skinx.CssSkinFileExtensionPlugin,\
      com.xpn.xwiki.plugin.skinx.CssResourceSkinExtensionPlugin,\
      com.xpn.xwiki.plugin.skinx.LinkExtensionPlugin,\
      com.xpn.xwiki.plugin.feed.FeedPlugin,\
      com.xpn.xwiki.plugin.mail.MailPlugin,\
      com.xpn.xwiki.plugin.packaging.PackagePlugin,\
      com.xpn.xwiki.plugin.fileupload.FileUploadPlugin,\
      com.xpn.xwiki.plugin.image.ImagePlugin,\
      com.xpn.xwiki.plugin.rightsmanager.RightsManagerPlugin,\
      com.xpn.xwiki.plugin.jodatime.JodaTimePlugin,\
      com.xpn.xwiki.plugin.scheduler.SchedulerPlugin,\
      com.xpn.xwiki.plugin.mailsender.MailSenderPlugin,\
      com.xpn.xwiki.plugin.tag.TagPlugin,\
      com.xpn.xwiki.plugin.zipexplorer.ZipExplorerPlugin
    xwiki.plugin.image.cache.capacity: 30
    xwiki.stats.default: 0
  xwiki.properties:
    xwiki.auth.user.emailVerification: false
    oidc.endpoint.authorization: "<url>"
    oidc.endpoint.token: "<url>"
    oidc.endpoint.userinfo: "<url>"
    oidc.scope: "openid, profile, email, address"
    oidc.endpoint.userinfo.method: "GET"
    oidc.user.nameFormater: ${oidc.user.preferredUsername._clean._lowerCase}
    oidc.user.subjectFormater: ${oidc.user.subject}
    oidc.endpoint.token.auth_method: client_secret_basic
    oidc.skipped: false
    ### ABOVE ARE MODIFIED CONFIGS FOR US ###
    #######################################
    ### BELOW ARE DEFAULTS, UNTIL END OF FILE ###
    environment.permanentDirectory: /usr/local/xwiki/data
    openoffice.autoStart: true
    extension.oldflavors: \
      org.xwiki.enterprise:xwiki-enterprise-ui-mainwiki,\
      org.xwiki.enterprise:xwiki-enterprise-ui-wiki,\
      org.xwiki.manager:xwiki-manager-ui,\
      org.xwiki.manager:xwiki-manager-wiki-administrator,\
      org.xwiki.manager:xwiki-enterprise-manager-wiki-administrator,\
      com.xpn.xwiki.products:xwiki-enterprise-manager-wiki-administrator,\
      com.xpn.xwiki.products:xwiki-enterprise-wiki

The trick is to add the default lines for xwiki.cfg and xwiki.properties.

thanks now it works