Difference between revisions of "Wiki install"

From Richmond MakerLabs
Jump to navigation Jump to search
(Created page with " Check on [https://www.mediawiki.org/wiki/Manual:Installation_guide mediawiki site] for latest version and edit the wget below accordingly Don't just paste this, you'll have...")
 
 
(14 intermediate revisions by the same user not shown)
Line 7: Line 7:
  
 
Assumes backups of sql databases already
 
Assumes backups of sql databases already
 +
  
 
<pre>
 
<pre>
sudo apt update && sudo apt dist-upgrade -y
+
sudo apt update && sudo apt dist-upgrade -y && sudo apt autoremove -y
sudo apt install locate apache2 mariadb-server php php-mysql libapache2-mod-php php-xml php-mbstring php-apcu imagemagick php-cli php-curl git -y
+
sudo apt install locate apache2 mariadb-server php php-mysql libapache2-mod-php php-xml php-mbstring php-apcu imagemagick php-cli php-curl git php-intl imagemagick inkscape php-gd -y
sudo apt-get install php-apcu php-intl imagemagick inkscape php-gd php-cli php-curl git
+
 
 +
# secure mysql - remove anonymous access and test database and change root password. Only allow root from localhost, reload tables
 +
# Note that console root still doesn't ask for a password (makes sense as root can reset this anyway)
 +
# see https://stackoverflow.com/questions/44298160/mysql-mariadb-10-0-29-set-root-password-but-still-can-login-without-asking-p
 +
 
 
mysql_secure_installation
 
mysql_secure_installation
sudo service apache2 reload
+
 
 +
#setup wikidb
 +
#enter mysql
 +
sudo mysql -u root
 +
create wiki user - set and note password
 +
CREATE USER 'wiki'@'localhost' IDENTIFIED BY '*****';
 +
CREATE DATABASE wiki;
 +
use wiki;
 +
GRANT ALL ON wiki.* TO 'wiki'@'localhost';
 +
\q
 +
 
 +
#enable and restart apache - check access from web (assumes you've done the dns)
 +
 
 +
sudo systemctl enable apache2
 +
sudo systemctl restart apache2
 +
sudo systemctl status apache2
 
wget https://releases.wikimedia.org/mediawiki/1.33/mediawiki-1.33.0.tar.gz
 
wget https://releases.wikimedia.org/mediawiki/1.33/mediawiki-1.33.0.tar.gz
mysql -u root
+
 
mkdir -p  tmp && cd "$_"
+
# install mediawiki
tar -xvzf /tmp/mediawiki-*.tar.gz
+
 
 +
cd ~ && mkdir -p  tmp && cd "$_"
 +
wget https://releases.wikimedia.org/mediawiki/1.33/mediawiki-1.33.0.tar.gz
 +
tar -xvzf /mediawiki-*.tar.gz
 
sudo mkdir /var/lib/mediawiki
 
sudo mkdir /var/lib/mediawiki
 
sudo mv mediawiki-*/* /var/lib/mediawiki
 
sudo mv mediawiki-*/* /var/lib/mediawiki
cd ..
+
 
 +
 
 +
#Install required skins and extensions
 +
#These can probably go one day, just doing it to keep it in line with previous install otherwise it errors
 +
 
 +
sudo mkdir -p /var/lib/mediawiki/skins
 +
wget https://extdist.wmflabs.org/dist/skins/CologneBlue-REL1_32-a6ec4db.tar.gz
 +
tar -xzf CologneBlue-REL1_32-a6ec4db.tar.gz -C /var/lib/mediawiki/skins
 +
wget https://extdist.wmflabs.org/dist/skins/Modern-REL1_32-de2d416.tar.gz
 +
tar -xzf Modern-REL1_32-de2d416.tar.gz -C /var/lib/mediawiki/skins
 +
wget https://extdist.wmflabs.org/dist/extensions/MobileFrontend-REL1_32-9b48b3c.tar.gz
 +
tar -xzf MobileFrontend-REL1_32-9b48b3c.tar.gz -C /var/lib/mediawiki/extensions
 +
wget https://extdist.wmflabs.org/dist/extensions/TemplateData-REL1_32-73aed63.tar.gz
 +
tar -xzf TemplateData-REL1_32-73aed63.tar.gz -C /var/lib/mediawiki/extensions
 +
wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.8.0/EmbedVideo-v2.8.0.zip
 +
unzip EmbedVideo-v2.8.0.zip
 +
sudo mv EmbedVideo-v2.8.0 /var/lib/mediawiki/extensions/EmbedVideo/
 +
 
 +
 
 +
#let's just tidy up
 +
cd ~
 
sudo rm -rf tmp
 
sudo rm -rf tmp
ls /var/lib/mediawiki/
+
 
 +
 
 
sudo phpenmod mbstring
 
sudo phpenmod mbstring
 
sudo phpenmod xml
 
sudo phpenmod xml
sudo systemctl restart apache2.service
+
sudo systemctl restart apache2
 
sudo updatedb
 
sudo updatedb
 
cd /var/lib/mediawiki/
 
cd /var/lib/mediawiki/
 +
 +
#create the apache links
 +
#sudo mkdir -p /var/www/mediawik
 +
sudo ln -s /var/lib/mediawiki/ /var/www/mediawiki
 +
sudo systemctl restart apache2
  
 
locate php.ini
 
locate php.ini
Line 41: Line 90:
 
</pre>
 
</pre>
  
Install required skins
+
 
These can probably go one day, just doing it to keep it in line with previous install otherwise it errors
 
 
cd /var/www/wiki/images/
 
cd /var/www/wiki/images/
  
 +
==Apache config==
  
 +
/etc/apache2/sites-available/001-wiki.conf
  
 +
ln -s /etc/apache2/sites-available/001-wiki.conf /etc/apache2/sites-enabled/001-wiki.conf
 +
 +
sudo systemctl restart apache2
 +
 +
 +
<pre>
 +
<VirtualHost *:80>
 +
 +
    ServerName wiki.example.com
 +
    ServerAdmin admin@wiki.example.com
 +
    DocumentRoot /var/www/wiki.example.com
 +
 +
    # According MWiki Manual:Security
 +
    php_flag register_globals off
 +
 +
    ErrorLog ${APACHE_LOG_DIR}/wiki.example.com.error.log
 +
    CustomLog ${APACHE_LOG_DIR}/wiki.example.com.access.log combined
 +
 +
    <FilesMatch "\.(cgi|shtml|phtml|php)$">
 +
            SSLOptions +StdEnvVars
 +
    </FilesMatch>
 +
 +
    <Directory /usr/lib/cgi-bin>
 +
            SSLOptions +StdEnvVars
 +
    </Directory>
 +
 +
    <Directory /var/www/wiki.example.com>
 +
            Options None FollowSymLinks
 +
            #Allow .htaccess
 +
            AllowOverride All
 +
            Require all granted
 +
            <IfModule security2_module>
 +
                    SecRuleEngine Off
 +
                    # or disable only problematic rules
 +
            </IfModule>
 +
    </Directory>
 +
 +
    # According to MWiki Manual:Security
 +
    <Directory /var/www/wiki.example.com/images>
 +
            # Ignore .htaccess files
 +
            AllowOverride None
 +
            # Serve HTML as plaintext, don't execute SHTML
 +
            AddType text/plain .html .htm .shtml .php .phtml .php5
 +
            # Don't run arbitrary PHP code.
 +
            php_admin_flag engine off
 +
            # If you've other scripting languages, disable them too.
 +
    </Directory>
 +
 +
    #According to MWiki Manual:Security
 +
    <Directory /var/www/wiki.example.com/images/deleted>
 +
            Deny from all
 +
            AllowOverride AuthConfig Limit
 +
            Require local
 +
    </Directory>
 +
 +
</VirtualHost>
 +
 +
</pre>
  
 
==Current LocalSettings.php with database settings information removed ==
 
==Current LocalSettings.php with database settings information removed ==
 +
===Debugging===
 +
Add to top of LocalSettings, under  <?php
 +
<pre>
 +
error_reporting( -1 );
 +
ini_set( 'display_errors', 1 );
 +
</pre>
 +
 +
 
===Removed Items for posting on wiki===
 
===Removed Items for posting on wiki===
  
 
Andy knows where backups are
 
Andy knows where backups are
 
+
$wgUpgradeKey
 
$wgSecretKey  
 
$wgSecretKey  
  
Line 170: Line 286:
 
# Site upgrade key. Must be set to a string (default provided) to turn on the
 
# Site upgrade key. Must be set to a string (default provided) to turn on the
 
# web installer while LocalSettings.php is in place
 
# web installer while LocalSettings.php is in place
$wgUpgradeKey = "64b92ee4cf2e4085";
+
$wgUpgradeKey = "";
  
 
## Default skin: you can change the default skin. Use the internal symbolic
 
## Default skin: you can change the default skin. Use the internal symbolic
Line 255: Line 371:
 
</pre>
 
</pre>
  
==regular Backups to be implemented
+
 
 +
==Followup==
 +
 
 +
==Enable https through certbot==
 +
 
 +
===regular Backups to be implemented===
 
tar of wiki directory
 
tar of wiki directory
 
Seperate backup of images/ documents
 
Seperate backup of images/ documents
 
Mysql database - regular backup to proxrml
 
Mysql database - regular backup to proxrml

Latest revision as of 13:35, 8 July 2019

Check on mediawiki site for latest version and edit the wget below accordingly

Don't just paste this, you'll have different versions of things like php etc.

Process for New Install

Assumes backups of sql databases already


sudo apt update && sudo apt dist-upgrade -y && sudo apt autoremove -y
sudo apt install locate apache2 mariadb-server php php-mysql libapache2-mod-php php-xml php-mbstring php-apcu imagemagick php-cli php-curl git php-intl imagemagick inkscape php-gd -y

# secure mysql - remove anonymous access and test database and change root password. Only allow root from localhost, reload tables
# Note that console root still doesn't ask for a password (makes sense as root can reset this anyway)
# see https://stackoverflow.com/questions/44298160/mysql-mariadb-10-0-29-set-root-password-but-still-can-login-without-asking-p

mysql_secure_installation

#setup wikidb
#enter mysql
sudo mysql -u root 
create wiki user - set and note password
CREATE USER 'wiki'@'localhost' IDENTIFIED BY '*****';
CREATE DATABASE wiki;
use wiki;
GRANT ALL ON wiki.* TO 'wiki'@'localhost';
\q

#enable and restart apache - check access from web (assumes you've done the dns)

sudo systemctl enable apache2
sudo systemctl restart apache2
sudo systemctl status apache2
wget https://releases.wikimedia.org/mediawiki/1.33/mediawiki-1.33.0.tar.gz

# install mediawiki

cd ~ && mkdir -p  tmp && cd "$_"
wget https://releases.wikimedia.org/mediawiki/1.33/mediawiki-1.33.0.tar.gz
tar -xvzf /mediawiki-*.tar.gz
sudo mkdir /var/lib/mediawiki
sudo mv mediawiki-*/* /var/lib/mediawiki


#Install required skins and extensions
#These can probably go one day, just doing it to keep it in line with previous install otherwise it errors

sudo mkdir -p /var/lib/mediawiki/skins
wget https://extdist.wmflabs.org/dist/skins/CologneBlue-REL1_32-a6ec4db.tar.gz
tar -xzf CologneBlue-REL1_32-a6ec4db.tar.gz -C /var/lib/mediawiki/skins
wget https://extdist.wmflabs.org/dist/skins/Modern-REL1_32-de2d416.tar.gz
tar -xzf Modern-REL1_32-de2d416.tar.gz -C /var/lib/mediawiki/skins
wget https://extdist.wmflabs.org/dist/extensions/MobileFrontend-REL1_32-9b48b3c.tar.gz
tar -xzf MobileFrontend-REL1_32-9b48b3c.tar.gz -C /var/lib/mediawiki/extensions
wget https://extdist.wmflabs.org/dist/extensions/TemplateData-REL1_32-73aed63.tar.gz
tar -xzf TemplateData-REL1_32-73aed63.tar.gz -C /var/lib/mediawiki/extensions
wget https://gitlab.com/hydrawiki/extensions/EmbedVideo/-/archive/v2.8.0/EmbedVideo-v2.8.0.zip
unzip EmbedVideo-v2.8.0.zip
sudo mv EmbedVideo-v2.8.0 /var/lib/mediawiki/extensions/EmbedVideo/


#let's just tidy up 
cd ~
sudo rm -rf tmp


sudo phpenmod mbstring
sudo phpenmod xml
sudo systemctl restart apache2
sudo updatedb
cd /var/lib/mediawiki/

#create the apache links
#sudo mkdir -p /var/www/mediawik
sudo ln -s /var/lib/mediawiki/ /var/www/mediawiki
sudo systemctl restart apache2

locate php.ini

Edit the php for filesizes

Restore the sql wiki database

mysql -u root wiki < ~/2019-05-23_02-00-02-wiki.sql 


cd /var/www/wiki/images/

Apache config

/etc/apache2/sites-available/001-wiki.conf

ln -s /etc/apache2/sites-available/001-wiki.conf /etc/apache2/sites-enabled/001-wiki.conf

sudo systemctl restart apache2


<VirtualHost *:80>

    ServerName wiki.example.com
    ServerAdmin admin@wiki.example.com
    DocumentRoot /var/www/wiki.example.com

    # According MWiki Manual:Security
    php_flag register_globals off

    ErrorLog ${APACHE_LOG_DIR}/wiki.example.com.error.log
    CustomLog ${APACHE_LOG_DIR}/wiki.example.com.access.log combined

    <FilesMatch "\.(cgi|shtml|phtml|php)$">
            SSLOptions +StdEnvVars
    </FilesMatch>

    <Directory /usr/lib/cgi-bin>
            SSLOptions +StdEnvVars
    </Directory>

    <Directory /var/www/wiki.example.com>
            Options None FollowSymLinks
            #Allow .htaccess
            AllowOverride All
            Require all granted
            <IfModule security2_module>
                    SecRuleEngine Off
                    # or disable only problematic rules
            </IfModule>
    </Directory>

    # According to MWiki Manual:Security
    <Directory /var/www/wiki.example.com/images>
            # Ignore .htaccess files
            AllowOverride None
            # Serve HTML as plaintext, don't execute SHTML
            AddType text/plain .html .htm .shtml .php .phtml .php5
            # Don't run arbitrary PHP code.
            php_admin_flag engine off
            # If you've other scripting languages, disable them too.
    </Directory>

    #According to MWiki Manual:Security
    <Directory /var/www/wiki.example.com/images/deleted>
            Deny from all
            AllowOverride AuthConfig Limit
            Require local
    </Directory>

</VirtualHost>

Current LocalSettings.php with database settings information removed

Debugging

Add to top of LocalSettings, under <?php

error_reporting( -1 );
ini_set( 'display_errors', 1 );


Removed Items for posting on wiki

Andy knows where backups are $wgUpgradeKey $wgSecretKey

$wgDBtype = ""; $wgDBserver = ""; $wgDBname = ""; $wgDBuser = ""; $wgDBpassword = "";

Local Settings.php

<?php
# This file was automatically generated by the MediaWiki 1.22.6
# installer. If you make manual changes, please keep track in case you
# need to recreate them later.
#
# See includes/DefaultSettings.php for all configurable settings
# and their default values, but don't forget to make changes in _this_
# file, not there.
#
# Further documentation for configuration settings may be found at:
# http://www.mediawiki.org/wiki/Manual:Configuration_settings

# Protect against web entry
if ( !defined( 'MEDIAWIKI' ) ) {
        exit;
}

## Uncomment this to disable output compression
# $wgDisableOutputCompression = true;

$wgSitename = "Richmond MakerLabs";
$wgMetaNamespace = "Richmond_MakerLabs";

## The URL base path to the directory containing the wiki;
## defaults for all runtime URL paths are based off of this.
## For more information on customizing the URLs
## (like /w/index.php/Page_title to /wiki/Page_title) please see:
## http://www.mediawiki.org/wiki/Manual:Short_URL
$wgScriptPath = "";
$wgScriptExtension = ".php";

## The protocol and server name to use in fully-qualified URLs
$wgServer = "http://wiki.richmondmakerlabs.uk";

## The relative URL path to the skins directory
$wgStylePath = "$wgScriptPath/skins";

## The relative URL path to the logo.  Make sure you change this from the default,
## or else you'll overwrite your logo when you upgrade!
## $wgLogo             = "/wiki/skins/common/images/wiki.png";
# $wgLogo             = "/skins/common/images/rmllogo1.png";
$wgLogo             = "/skins/common/images/rmllogo3.png";

## UPO means: this is also a user preference option

$wgEnableEmail = true;
$wgEnableUserEmail = true; # UPO

$wgEmergencyContact = "info@richmondmakerlabs.uk";
$wgPasswordSender = "info@richmondmakerlabs.uk";

$wgEnotifUserTalk = false; # UPO
$wgEnotifWatchlist = false; # UPO
$wgEmailAuthentication = true;

## Database settings
$wgDBtype = "";
$wgDBserver = "";
$wgDBname = "";
$wgDBuser = "";
$wgDBpassword = "";

# MySQL specific settings
$wgDBprefix = "wiki_";

# MySQL table options to use during installation or update
$wgDBTableOptions = "ENGINE=InnoDB, DEFAULT CHARSET=utf8";

# Experimental charset support for MySQL 5.0.
$wgDBmysql5 = false;

## Shared memory settings
$wgMainCacheType = CACHE_NONE;
$wgMemCachedServers = array();

## To enable image uploads, make sure the 'images' directory
## is writable, then set this to true:
$wgEnableUploads = true;
$wgUseImageMagick = false;
$wgImageMagickConvertCommand = "/usr/bin/convert";

# InstantCommons allows wiki to use images from http://commons.wikimedia.org
$wgUseInstantCommons = false;

## If you use ImageMagick (or any other shell command) on a
## Linux server, this will need to be set to the name of an
## available UTF-8 locale
$wgShellLocale = "en_US.utf8";

## If you want to use image uploads under safe mode,
## create the directories images/archive, images/thumb and
## images/temp, and make them all writable. Then uncomment
## this, if it's not already uncommented:
#$wgHashedUploadDirectory = false;

## Set $wgCacheDirectory to a writable directory on the web server
## to make your wiki go slightly faster. The directory should not
## be publically accessible from the web.
#$wgCacheDirectory = "$IP/cache";

# Site language code, should be one of the list in ./languages/Names.php
$wgLanguageCode = "en";

$wgSecretKey = "";

# Site upgrade key. Must be set to a string (default provided) to turn on the
# web installer while LocalSettings.php is in place
$wgUpgradeKey = "";

## Default skin: you can change the default skin. Use the internal symbolic
## names, ie 'cologneblue', 'monobook', 'vector':
 $wgDefaultSkin = "vector";
 wfLoadSkin( 'Vector' );
 $wgMFDefaultSkinClass = 'SkinVector'; // use Vector skin


## For attaching licensing metadata to pages, and displaying an
## appropriate copyright notice / icon. GNU Free Documentation
## License and Creative Commons licenses are supported so far.
$wgRightsPage = ""; # Set to the title of a wiki page that describes your license/copyright
$wgRightsUrl = "";
$wgRightsText = "";
$wgRightsIcon = "";

# Path to the GNU diff3 utility. Used for conflict resolution.
$wgDiff3 = "/usr/bin/diff3";



# End of automatically generated settings.
# Add more configuration options below.

$wgShowExceptionDetails = true;

wfLoadSkin( 'CologneBlue' );
wfLoadSkin( 'Modern' );
wfLoadSkin( 'MonoBook' );
wfLoadSkin( 'Vector' );

# Disable reading by anonymous users
$wgGroupPermissions['*']['read'] = true;

# But allow them to access the login page or else there will be no way to log in!
# [You also might want to add access to "Main Page", "Wikipedia:Help", etc.)
$wgWhitelistRead = array ("Special:Userlogin");

# Disable anonymous editing
$wgGroupPermissions['*']['edit'] = false;

# Prevent new user registrations except by sysops
$wgGroupPermissions['*']['createaccount'] = false;

# Enable Parser Functions
require_once "$IP/extensions/ParserFunctions/ParserFunctions.php";

# Mobile compatibility
wfLoadExtension( 'MobileFrontend' );
$wgMFAutodetectMobileView = true;

wfLoadExtension( 'WikiEditor' );
# Displays the Preview and Changes tabs
$wgDefaultUserOptions['wikieditor-preview'] = 1;
# Enables use of WikiEditor by default but allows users to disable in prefs
$wgDefaultUserOptions['usebetatoolbar'] = 1;
# Displays the Publish and Cancel buttons on the top right side
$wgDefaultUserOptions['wikieditor-publish'] = 1;
# Enable the loading of WikiEditor extension
wfLoadExtension( 'WikiEditor' );
# Enable the loading of Extension:EmbedVideo (Ryan Sayre addition Aug 2016)
wfLoadExtension("EmbedVideo");
# Enable extension TemplateData to calculate 2nd and 4th mondays (IanB Sep 2016)
wfLoadExtension( 'TemplateData' );
// Set this to true to enable the TemplateData GUI editor
$wgTemplateDataUseGUI = true;

# extra files

$wgFileExtensions = array( 'png', 'gif', 'jpg', 'jpeg', 'doc', 'xls', 'mpp', 'pdf', 'svg', 'ppt', 'tiff', 'bmp', 'docx', 'xlsx', 'pptx', 'ps', 'odt', 'ods', 'odp', 'odg' ,'rd', 'rld', 'dxf', 'xlsm' );



# Add new types to the existing list from DefaultSettings.php

$wgFileExtensions[] = 'rld';

$wgFileExtensions[] = 'dxf';

# this is for Google Calendar Widget
# require_once "$IP/extensions/Widgets/Widgets.php";


Followup

Enable https through certbot

regular Backups to be implemented

tar of wiki directory Seperate backup of images/ documents Mysql database - regular backup to proxrml