Mediawiki Install FC6
Jump to navigation
Jump to search
See also MediaWiki_Install
The documention here is based on the FC6 mediawiki and having multiple wiki's running all on the same ip address, on different domain names, with all http port 80 requests redirected to port 443 and a CAcert cert containing all the domain names -- this isn't a common setup...
Install
Fedora Core six has packaged mediawiki, and also seems to come with more apache packages that needed:
rpm -e mod_python mod_perl yum install mediawiki mysql-server php-eaccelerator chkconfig mysqld on chkconfig httpd on service mysqld start service httpd start mysqladmin -u root password 'new-password'
Then, following the wiki farm notes
elinks http://localhost/mediawiki/config/index.php
The fill in the following values (the rest can be the defaults):
Wiki name: TestWiki1 Contact e-mail: mediawiki @ aktivix.org Admin username: WikiSysop Password: ***** Password cobfirm: ***** Shared memory caching: * (X) eAccelerator Database name: testwiki1 DB username: testwiki1user DB password: ***** DB password confirm: ***** Superuser account: root Superuser password: *****
Create a MySQL account for AdminSettings.php:
mysql -uroot -p mysql mysql> GRANT ALL PRIVILEGES ON *.* TO 'wikiadmin'@'localhost' -> IDENTIFIED BY '****' WITH GRANT OPTION; Query OK, 0 rows affected (0.00 sec)
And move the sample file and then add the password to it:
cd /var/www/mediawiki mv AdminSettings.sample AdminSettings.php
Then
cd /var/www/mediawiki mv config/LocalSettings.php LocalSettings.php chown root.root LocalSettings.php chmod 644 LocalSettings.php
Then restart apache and the wiki should be working at http://localhost/mediawiki/
Site Install and Upgrade Script
Create the following script /root/bin/mediawiki-install, which is based on this document. This script uses elinks and you can turn off the elinks cache bu adding these two lines to ~/.elinks
set document.cache.format.size = 0 set document.cache.memory.size = 0
#!/bin/bash
# based on http://www.steverumberg.com/wiki/index.php/WikiHelp
BASE_DIR="/var/www/mediawiki-vhosts"
MEDIAWIKI_FILES="/var/www/mediawiki"
HTTPD_VHOSTS_DIR="/etc/httpd/vhosts.d"
WIKI_NAME="$1"
DATE=`date "+%Y-%m-%d_%H-%M-%S"`
# check for input
if [[ -z $1 ]]; then
echo "The first argument should be the new wiki SERVER_NAME"
exit
fi
# if the base directory doesn't exist then create it
if [[ ! -d $BASE_DIR ]]; then
mkdir -p $BASE_DIR
fi
if [[ -d $BASE_DIR/$WIKI_NAME ]]; then
echo "$WIKI_NAME exists, you may still want to run the web installer to upgrade"
echo "but you need to agree to LocalSettings.php to be deleted for the upgrade to run"
fi
# make the directory for the site
if [[ ! -d $BASE_DIR/$WIKI_NAME ]]; then
mkdir $BASE_DIR/$WIKI_NAME
fi
# change to the sites directory
cd $BASE_DIR/$WIKI_NAME
# create the images directory
if [[ ! -d images ]]; then
mkdir images
chown -R apache.apache images
fi
# create the config directory
if [[ ! -d config ]]; then
mkdir config
chown -R apache.apache config
fi
# create the sym link tree
for name in `ls $MEDIAWIKI_FILES`
do
if [[ -e $name ]]; then
# the file / sym link exists so do nothing
:;
else
# the file / sym link doesn't exist so create it
ln -s $MEDIAWIKI_FILES/$name
fi
done
# create a symlink for
if [[ ! -e icons ]]; then
ln -s /var/www/icons
fi
# remove the LocalSettings.php sym link
if [[ -L LocalSettings.php ]]; then
rm LocalSettings.php
else
if [[ -f LocalSettings.php ]]; then
printf "LocalSettings.php already exists do you want to back it up and regenerate it? (y or return to skip): "
read MV_LOCALSETTINGS
if [[ "$MV_LOCALSETTINGS" = "y" ]]; then
# backup old LocalSettings.php file
echo "When runningt he webbased installer you will need these values:"
grep wgDB LocalSettings.php
mv LocalSettings.php .LocalSettings.php.$DATE.bak
# delete the sym link to AdminSettings.php
if [[ -L AdminSettings.php ]]; then
rm AdminSettings.php
else
echo "AdminSettings.php isn't a symlink"
fi
fi
else
echo "LocalSettings.php doesn't exist"
fi
fi
# copy over the installer
cd $BASE_DIR/$WIKI_NAME/config
if [[ -e index.php ]]; then
echo "config/index.php already exists, skipping"
else
cp $MEDIAWIKI_FILES/config/index.php .
fi
if [[ -e LocalSettings.php ]]; then
echo "config/LocalSettings.php this indicated that the last install didn't complete"
rm LocalSettings.php
fi
cd $BASE_DIR/$WIKI_NAME
# do you want the apache config backed up?
HTTPD_CONF=$HTTPD_VHOSTS_DIR/$WIKI_NAME
if [[ -f $HTTPD_CONF ]]; then
printf "$HTTPD_CONF exists, do you want to back it up and regenerate it? (y or return to skip): "
read MV_HTTPD
if [ "$MV_HTTPD" = "y" ]; then
# backup old httpd.conf file
mv $HTTPD_CONF $HTTPD_VHOSTS_DIR/.$WIKI_NAME.$DATE.bak
fi
fi
# if the apache config doesn't exist then create it
if [[ ! -f $HTTPD_CONF ]]; then
# get Server_Alias'
echo "If you want any Server_Aliases please enter them now"
ALIAS=1 # bogus value to begin the loop
SERVER_ALIAS="" # sanitize
while [ ! "$ALIAS" = "" ]; do
printf "Server_Alias: "
read ALIAS
if [ "$ALIAS" = "" ]; then break; fi # end of input
if [ "$SERVER_ALIAS" = "" ]; then
SERVER_ALIAS="$ALIAS"
else
SERVER_ALIAS="$SERVER_ALIAS $ALIAS"
fi
done
(
cat <<EOF
# Editor: vim:syn=apache
# Mediawiki for $WIKI_NAME
# Installed on $DATE
# Generated by $0
<VirtualHost *:443>
ServerName $WIKI_NAME
ServerAlias $SERVER_ALIAS
ServerSignature Off
UseCanonicalName On
CustomLog logs/$WIKI_NAME-ssl_access_log combined
ErrorLog logs/$WIKI_NAME-ssl_error_log
SSLEngine on
SSLCipherSuite HIGH
SSLProtocol all -SSLv2
SSLCertificateFile /etc/httpd/conf/certs/mediawiki_cert.pem
SSLCertificateKeyFile /etc/httpd/conf/certs/mediawiki_privatekey.pem
DocumentRoot "$BASE_DIR/$WIKI_NAME"
<Directory "$BASE_DIR/$WIKI_NAME">
DirectoryIndex index.php
AddType 'image/x-icon' .ico
AddHandler php5-script .php
AddType text/html .php
SSLOptions +StdEnvVars
AllowOverride None
order allow,deny
allow from all
</Directory>
<Directory "$BASE_DIR/$WIKI_NAME/images">
Options Indexes
RemoveHandler .php
AllowOverride None
order allow,deny
allow from all
</Directory>
<Directory "$BASE_DIR/$WIKI_NAME/skins">
Options Indexes
RemoveHandler .php
AllowOverride None
order allow,deny
allow from all
</Directory>
<Location $BASE_DIR/$WIKI_NAME/config>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
<Location $BASE_DIR/$WIKI_NAME/includes>
Deny from all
</Location>
<Location $BASE_DIR/$WIKI_NAME/languages>
Deny from all
</Location>
<Location $BASE_DIR/$WIKI_NAME/maintenance>
Deny from all
</Location>
<Location $BASE_DIR/$WIKI_NAME/math>
Deny from all
</Location>
Include conf/error-docs.conf
Include conf/mediawiki-rewrite.conf
</VirtualHost>
EOF
) > $HTTPD_CONF
# restart apache
/etc/init.d/httpd restart
fi
# open the web based installer
printf "Open the webbased installer using elinks? (y or return to skip): "
read WEB_INSTALLER
if [ "$WEB_INSTALLER" = "y" ]; then
elinks https://$WIKI_NAME/config/index.php
fi
# move the new config file into place
# and munge it
if [[ -f config/LocalSettings.php ]]; then
# change some lines and delete the ?> at the end of the file
sed '
s/^\$wgScript = "\$wgScriptPath\/index.php";/$wgScript = "\/index.php";/
s/^\$wgScriptPath = "";/$wgScriptPath = "";/
s/^\$wgScriptPath = "\/mediawiki";/$wgScriptPath = "";/
s/^\$wgRedirectScript = "\$wgScriptPath\/redirect.php";/$wgRedirectScript = "\/redirect.php";/
s/^\$wgArticlePath = "\$wgScript?title=\$1";/$wgArticlePath = "\/$1";/
s/^\$wgArticlePath = "\$wgScript\/\$1";/$wgArticlePath = "\/$1";/
s/^\$wgStylePath = "\$wgScriptPath\/skins";/$wgStylePath = "\/skins";/
s/^\$wgLogo = "\$wgStylePath\/common\/images\/wiki.png";/$wgLogo = "$wgStylePath\/wiki.png";/
s/^\$wgUploadPath = "\$wgScriptPath\/images";/$wgUploadPath = "\/images";/
s/^\$wgEnableUploads = false;/$wgEnableUploads = true;/
/^\?>$/d
' config/LocalSettings.php > LocalSettings.php
# add some more rules to the end of the file
(
cat <<EOF
# No anonymous editing allowed -
\$wgGroupPermissions['*']['edit'] = false;
# allow users to be banned
\$wgSysopUserBans = true;
# spambot
\$wgSpamRegex=""; # this filter is omitted from this page since it prevents it from being edited!
# Mediawiki for $WIKI_NAME
# Installed on $DATE
# Generated by $0
# Don't manually edit this file since an upgrade will overwrite it!
?>
EOF
) >> LocalSettings.php
else
echo "Something must have gone wrong, no $BASE_DIR/$WIKI_NAME/config/LocalSettings.php file was generated"
fi
# delete the installer
rm -rf config/
# reinstate the AdminSettings.php symlink
if [[ -e AdminSettings.php ]]; then
echo "AdminSettings.php exists already"
else
ln -s $BASE_DIR/AdminSettings.php
fi
# generate a csr
echo "Now test your wiki! https://$WIKI_NAME/"
Apache Configuration
The following things were changed from the defaults in /etc/httpd/conf/httpd.conf
# remove some modules
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
#LoadModule authn_file_module modules/mod_authn_file.so
#LoadModule authn_alias_module modules/mod_authn_alias.so
#LoadModule authn_anon_module modules/mod_authn_anon.so
#LoadModule authn_dbm_module modules/mod_authn_dbm.so
#LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
#LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
#LoadModule authz_dbm_module modules/mod_authz_dbm.so
#LoadModule authz_default_module modules/mod_authz_default.so
#LoadModule ldap_module modules/mod_ldap.so
#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
#LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
#LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
#LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
#LoadModule usertrack_module modules/mod_usertrack.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
#LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
#LoadModule info_module modules/mod_info.so
#LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
#LoadModule actions_module modules/mod_actions.so
#LoadModule speling_module modules/mod_speling.so
#LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cache_module modules/mod_cache.so
#LoadModule suexec_module modules/mod_suexec.so
#LoadModule disk_cache_module modules/mod_disk_cache.so
#LoadModule file_cache_module modules/mod_file_cache.so
#LoadModule mem_cache_module modules/mod_mem_cache.so
LoadModule cgi_module modules/mod_cgi.so
UseCanonicalName On
# don't log ip's
#LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "0.0.0.0 %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
#AddType text/html .shtml
#AddOutputFilter INCLUDES .shtml
And in /etc/httpd/conf.d/php.conf
#AddHandler php5-script .php #AddType text/html .php #DirectoryIndex index.php
Create a new file that can be included for error documents, /etc/httpd/conf/error-docs.conf
# Editor: vim:syn=apache
Alias /error/ "/var/www/error/"
<IfModule mod_negotiation.c>
<IfModule mod_include.c>
<Directory "/var/www/error">
AllowOverride None
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
Order allow,deny
Allow from all
LanguagePriority en es de fr
ForceLanguagePriority Prefer Fallback
</Directory>
ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
ErrorDocument 410 /error/HTTP_GONE.html.var
ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
</IfModule>
</IfModule>
And one for the Rewrite rules, /etc/httpd/mediawiki-rewrite.conf
# Editor: vim:syn=apache
# Allow rewriting URLs
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/(config|skins|images|icons|error)/
RewriteCond %{REQUEST_URI} !^/(index|redirect|api|opensearch_desc|profileinfo|redirect|thumb|trackback).php
RewriteCond %{REQUEST_URI} !^/favicon.ico
RewriteCond %{REQUEST_URI} !^/robots.txt
RewriteRule ^/(.*) /index.php/$1 [L]
And an apache conf file for including the VirtualHosts, /etc/httpd/conf.d/vhosts.conf
# Editor: vim:syn=apache
NameVirtualHost *:80
<VirtualHost>
ServerName wiki.aktivix.org
ServerSignature Off
UseCanonicalName Off
AddDefaultCharset UTF-8
ScriptAlias / "/var/www/cgi-bin/index.pl/"
<Directory "/var/www/cgi-bin">
AllowOverride None
Options ExecCGI
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
NameVirtualHost *:443
Include vhosts.d/*
And the whole VirtualHost in /etc/httpd/conf.d/ssl.conf was commented out.
Redirect script
Create this as /var/www/cgi-bin/index.pl to redirect port 80 requests to port 443:
#!/usr/bin/perl -wT
# Redirect all http requests to https
my $server_name = "$ENV{'SERVER_NAME'}";
my $location = "";
my $path_info = "$ENV{'PATH_INFO'}";
my $https = "on";
# for some sites we need an extra redirect if www is missed off
if ($server_name eq "sheffieldagainstwar.org.uk") {
$server_name = "www.sheffieldagainstwar.org.uk";
}
if ($server_name eq "sheffieldsocialforum.org.uk") {
$server_name = "www.sheffieldsocialforum.org";
$https = "";
}
if ($server_name eq "www.sheffieldsocialforum.org.uk") {
$server_name = "www.sheffieldsocialforum.org";
$https = "";
}
if ($server_name eq "www.en.wiki.in-no.org") {
$server_name = "en.wiki.in-no.org";
}
if ($server_name eq "www.de.wiki.in-no.org") {
$server_name = "de.wiki.in-no.org";
}
else {
$server_name = "$ENV{'SERVER_NAME'}";
}
# construct the url and redirect
if ($https) {
$location = "https://" . "$server_name" . "$path_info";
} else {
$location = "http://" . "$server_name" . "$path_info";
}
print qq~Location: $location
~;
1;
General FC6 configuration
This server isn't doing anything apart from media wiki so some things can be turned off:
/sbin/chkconfig bluetooth off /sbin/chkconfig cups off /sbin/chkconfig firstboot off /sbin/chkconfig isdn off /sbin/chkconfig netfs off /sbin/chkconfig nfslock off /sbin/chkconfig portmap off