Wiki.js Setup Guide
Docker Compose one-click deployment with Git sync
Wiki.js is a lightweight, modern-looking open-source Wiki system that supports Markdown editing, Git sync backup, and multiple database backends. Below is a complete walkthrough of deploying with Docker Compose.
docker-compose.yml
version: "3.9"
networks:
wikinet:
driver: bridge
volumes:
pgdata:
services:
db:
image: postgres:17
container_name: db
hostname: db
restart: unless-stopped
networks:
- wikinet
environment:
POSTGRES_DB: wiki
POSTGRES_USER: wiki
POSTGRES_PASSWORD_FILE: /etc/wiki/.db-secret
volumes:
- /etc/wiki/.db-secret:/etc/wiki/.db-secret:ro
- /etc/wiki/pgdata:/var/lib/postgresql/data
wiki:
image: ghcr.io/requarks/wiki:2
container_name: wiki
hostname: wiki
restart: unless-stopped
networks:
- wikinet
depends_on:
- db
ports:
- "80:3000"
- "443:3443"
environment:
DB_TYPE: postgres
DB_HOST: db
DB_PORT: 5432
DB_USER: wiki
DB_NAME: wiki
DB_PASS_FILE: /etc/wiki/.db-secret
UPGRADE_COMPANION: "1"
volumes:
- /etc/wiki/.db-secret:/etc/wiki/.db-secret:ro
- /etc/wiki/keys:/etc/wiki/keys:ro
- /etc/wiki/ssh/known_hosts:/etc/ssh/ssh_known_hosts:ro
wiki-update-companion:
image: ghcr.io/requarks/wiki-update-companion:latest
container_name: wiki-update-companion
hostname: wiki-update-companion
restart: unless-stopped
networks:
- wikinet
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
1. Create Directories
sudo mkdir -p /etc/wiki
sudo mkdir -p /etc/wiki/keys
2. Generate Database Password
Use openssl to generate a random password and write it to the secret file:
openssl rand -base64 32 | sudo tee /etc/wiki/.db-secret > /dev/null
sudo chmod 644 /etc/wiki/.db-secret
Note: .db-secret file permissions can be set to 644 — PostgreSQL runs as root inside the container and can read it.
3. Start
docker compose up -d
After starting, visit http://your-server-ip to complete the initial setup (create admin account, etc.).
4. Configure Git Sync
Wiki.js supports automatically syncing content to a Git repository for backup and version control.
4.1 Generate Dedicated SSH Key
Generate a passwordless ed25519 key for Wiki.js:
sudo ssh-keygen -t ed25519 -N "" -f /etc/wiki/keys/wikijs_git
sudo chmod 600 /etc/wiki/keys/wikijs_git
4.2 Add Public Key to Git Repository
View the public key:
sudo cat /etc/wiki/keys/wikijs_git.pub
Using GitHub as an example:
Go to Repo → Settings → Deploy keys → Add deploy key
Paste the public key content and check Allow write access (Wiki.js needs write permission to push changes).
4.3 Generate known_hosts
Pre-generate GitHub's host key to avoid Host key verification failed errors on first connection:
sudo mkdir -p /etc/wiki/ssh
sudo ssh-keyscan -H github.com | sudo tee /etc/wiki/ssh/known_hosts > /dev/null
sudo chmod 644 /etc/wiki/ssh/known_hosts
4.4 Configure in Wiki.js Admin Panel
Enter the Wiki.js admin panel:
Git Sync → Authentication → SSH Private Key Path
Enter: /etc/wiki/keys/wikijs_git
Some Notes
Three containers communicate via the wikinet network, the database doesn't expose ports to the host, providing good security.
Passwords are passed via Docker Secret-style file mounts, avoiding plaintext passwords in docker-compose.yml.
The wiki-update-companion container is used for automatic Wiki.js version upgrades — recommended to keep it.
If you need a reverse proxy, change ports to only listen locally, then use Nginx/Caddy for reverse proxying.
|