05 Jan

How-to: Setup private wiki

Some people where interested in using a wiki for taking notes, so I wrote a guide for setting up a wiki. I’m still figuring out how to best use the functionality provided for taking notes, but I will probably write some post in the future about that as well.

A quick word of warning: If you decide to run this on your own server, you should make sure you are aware of the risks. Unless you have some experience running servers you should consider getting a hosted wiki.
Also I’m not sure any of the configurations mentioned in this guide would be considered “best practice”. If anyone has suggestions for improvements or problems with this setup, I would love to hear them. If you have problems with setting up your wiki, feel free to contact me.

Now we got that out of the way, let’s get started.

For this guide I will be using Ubuntu 16.04. I will also assume the server has (s)ftp installed (if not DigitalOcean has some good guides on this).

Basic Configuration

Open the /etc/hosts file with your favorite text editor (I personally use Vi, though Nano or any other text editor will do) and add your domain name to the localhost entry, like (replace yourdomainname.com with the domain name you want to use for the wiki):

127.0.0.1	yourdomainname.com 	servername	localhost
127.0.0.1 	parsoid.yourdomainname.com

Make sure to open the file with sudo, otherwise you will get permission denied errors.

Install LAMP

Install Apache2

sudo apt-get install apache2

Open the /etc/apache2/apache2.conf file and edit the ServerName value:

ServerName yourdomainname.com

Then restart Apache by running

sudo systemctl restart apache2

Test if is working about browsing to yourdomainname.com, you should get apache’s default page.

Now install mysql server

sudo apt-get install mysql-server

When it asks, enter a root password. When the installation is done, run the security script:

sudo mysql_secure_installation

Choose “no” to validate password plugin (you should still have a secure, unique password for your root mysql user), and “no” for change root user password. Choose “yes” for the remaining questions.

Install php

Sudo apt-get install php libapache2-mod-php php-mcrypt php-mysql

Make sure Apache loads php files by opening the /etc/apache2/mods-enabled/dir.conf file and changing the following line:

<IfModule mod_dir.c>
	DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm
</IfModule>

Restart Apache again.
Now to test our configuration so far we will create a php info file. Create the /var/www/html/info.php file and add the following:

<?php
phpinfo();

Now browse to yourdomainname.com/info.php. You should now see a page with information about php.

Remove the info.php file

sudo rm /var/www/html/info.php

Go into the /etc/php/7.0/apache2/php.ini file and change the following values:

upload_max_filesize = 128M
post_max_size = 128M
memory_limit = 256M

<h1>VirtualHost setup</h1>
Create the following folder and test page:

sudo mkdir -p /var/www/yourdomainname.com/public_html
echo "yourdomainname.com homepage" | sudo tee /var/www/yourdomainname.com/public_html/index.html

Now create the virtualhostfile for youdomainname.com by creating the /etc/apache2/sites-available/yourdomainname.com.conf file, and add the following:

<VirtualHost *:80>
    ServerAdmin webmaster@yourdomainname.com
    ServerName yourdomainname.com
    ServerAlias www.yourdomainname.com
    DocumentRoot /var/www/yourdomainname.com/public_html
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Save and exit, then copy the file:

sudo cp /etc/apache2/sites-available/yourdomainname.com.conf /etc/apache2/sites-available/parsoid.yourdomainname.com.conf

Parsoid is a piece of software that is needed for the WYSIWYG editor VisualEditor. This piece of software doesn’t work with HTTPS (which we will add later), so while we will later redirect all HTTP traffic to yourdomainname.com to HTTPS, the parsoid.yourdomainname.com virtualhost will give parsoid a HTTP way to access the wiki content.

I’m not sure if this is considered best practice, and I’m happy to hear of any other way to make parsoid work with HTTPS, but this is how I got it working for now. Since it is all running on the same server, this should not be a huge deal. If I find a better solution I will update this post.

Anyway, edit the /etc/apache2/sites-available/parsoid.yourdomainname.com.conf file and change the following lines:

ServerName parsoid.yourdomainname.com
ServerAlias www.parsoid.yourdomainname.com

Save and exit. then enable the new virtualhosts, disable the default virtualhost and enable mod rewrite:

sudo a2ensite yourdomainname.com.conf
sudo a2ensite parsoid.yourdomainname.com.conf
sudo a2dissite 000-default.conf
sudo a2enmod rewrite
sudo systemctl restart apache2

Test if both virtualhosts work (you might need to edit the host file of your computer temporarily to access parsoid.yourdomainname.com, as it will only be used by the server itself normally), you should get the test page you created earlier with both URL’s.

Remove the test page:

sudo rm /var/www/yourdomainname.com/publichtml/index.html

Install Mediawiki

Install the prerequisites:

sudo apt-get install php-xml php-mbstring php-apcu php-intl imagemagick php-cli

Create a temporary folder, download Mediawiki, and move it to the correct folder:

mkdir ~/temp && cd ~/temp
wget https://releases.wikimedia.org/mediawiki/1.28/mediawiki-1.28.0.tar.gz’
tar –xvzf mediawiki-1.28.0.tar.gz
sudo mv /mediawiki-1.28.0/* /var/www/yourdomainname.com/public_html/

Go into mysql:

mysql -u root -p

Enter the root password you setup earlier.

Now create a user and database for the wiki, in the sql shell enter (password should be replaced by your own password for the new user):

CREATE USER ‘wikiuser’@’localhost’ IDENTIFIED BY ‘password’;
CREATE DATABASE wikidb;
GRANT ALL PRIVILEGES ON wikidb.* TO ‘wikiuser’@’localhost’;
quit

Make sure the permissions are set correctly:

sudo chown –R www-data:www-data /var/www/ 
sudo find . –type d –exec chmod 755 {} +
sudo find . –type f –exec chmod 644 {} +
sudo chmod –R g+s /var/www/

Now go to yourdomainname.com and follow the instructions of the installer (enter the database information you created in the previous step). This part of the process should be straight forward.

Your wiki should now be working with the default editor. But this editor won’t do for normal everyday editing, so let’s install VisualEditor.

VisualEditor

First install the prerequisites:

sudo apt-get install nodejs npm curl php7.0-curl php-curl
sudo systemctl apache2 restart

Install parsoid

sudo apt-key advanced –keyserver pgp.mit.edu –recv-keys 90E9F83F22250DD7
sudo apt-add-repository “deb https:/releases.wikimedia.org/debian jessie-mediawiki main”
sudo apt-get install apt-transport-http
sudo apt-get update
sudo apt-get install parsoid

Now open the /etc/mediawiki/parsoid/config.yalm file and change the following lines:

uri: ‘http://parsoid.yourdomainname.com/api.php
domain: ‘yourdomainname.com’

Restart Parsoid:

sudo service parsoid restart

Istall VisualEditor:

cd /var/www/yourdomainname.com/public_html/extensions
sudo git clone https://gerrit.wikimedia.org/r/p/mediawiki/extensions/VisualEditor.git

Now open the /var/www/yourdomainname.com/LocalSettings.php file and add the follwing:

# Visual Editor

wfLoadExtension( 'VisualEditor' );

// Enable by default for everybody
$wgDefaultUserOptions['visualeditor-enable'] = 1;

// Optional: Set VisualEditor as the default for anonymous users
// otherwise they will have to switch to VE
// $wgDefaultUserOptions['visualeditor-editor'] = "visualeditor";

// Don't allow users to disable it
$wgHiddenPrefs[] = 'visualeditor-enable';

// OPTIONAL: Enable VisualEditor's experimental code features
#$wgDefaultUserOptions['visualeditor-enable-experimental'] = 1;

$wgVirtualRestConfig['modules']['parsoid'] = array(
	// URL to the Parsoid instance
	// Use port 8142 if you use the Ubuntu or Debian packages
	'url' => 'http://parsoid.yourdomainname.com:8142', 
	// Parsoid "domain" -- ADAPT TO YOUR NEED, i.e. replace "your_wiki" by the same "domain" name you gave in the yaml.config file.
	'domain' => 'parsoid.yourdomainname.com’
);

// This feature requires a non-locking session store. The default session store will not work and
// will cause deadlocks (connection timeouts from Parsoid) when trying to use this feature.
$wgSessionsInObjectCache = true;

// Forward users' Cookie: headers to Parsoid. Required for private wikis (login required to read).
// If the wiki is not private (i.e. $wgGroupPermissions['*']['read'] is true) this configuration
// variable will be ignored.
//
// WARNING: ONLY enable this on private wikis and ONLY IF you understand the SECURITY IMPLICATIONS
// of sending Cookie headers to Parsoid over HTTP. For security reasons, it is strongly recommended
// that $wgVirtualRestConfig['modules']['parsoid']['url'] be pointed to localhost if this setting is enabled.
$wgVirtualRestConfig['modules']['parsoid']['forwardCookies'] = true;

Restart Apache and test if the wiki and the VisualEditor are working.

HTTPS with Let’s Encrypt

This step is optional but HIGHLY RECOMMENDED!

Install the letsencrypt tool and setup the certificate:

sudo apt-get install python-letencrypt-apache
sudo letsencrypt –apache –d yourdomainname.com

When asked to redirect all HTTP traffic to HTTPS, answer “no”, we will do this manually later.

You will have to renew this certificate every 3 months by running:

sudo letsencrypt renew

This process can be automated but I won’t go into that in this post.

To finish the installation, let’s redirect all HTTP traffic to HTTPS for yourdomainname.com by opening the /etc/apache2/sites-available/yourdomainname.com.conf file and making it look like:

<VirtualHost *:80>
    ServerAdmin webmaster@yourdomainname.com
    ServerName yourdomainname.com
    ServerAlias www.yourdomainname.com
    DocumentRoot /var/www/yourdomainname.com/public_html
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
    Redirect / https://yourdomainname.com/
    <Directory /var/www/yourdomainname.com/public_html>
        AllowOverride All
    </Directory>
</VirtualHost>

<VirtualHost *:443>
    ServerAdmin webmaster@yourdomainname.com
    ServerName yourdomainname.com
    ServerAlias www.yourdomainname.com
    DocumentRoot /var/www/yourdomainname.com/public_html
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
    <Directory /var/www/yourdomainname.com/public_html>
        AllowOverride All
    </Directory>
</VirtualHost>

Save and exit the file and create a new file, /etc/apache2/sites-available/eddyvandenaker.com-li-ssl.conf and make it look like:

<IfModule mod_ssl.c>
    <VirtualHost *:443>
        ServerAdmin webmaster@yourdomainname.com
        ServerName yourdomainname.com
        ServerAlias www. yourdomainname.com        
        DocumentRoot /var/www/eddyvandenaker.com/public_html
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
        <Directory /var/www/eddyvandenaker.com/public_html>
            AllowOverride All
        </Directory>
        SSLCertificateFile /etc/letsencrypt/live/youdomainname.com/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/yourdomainname.com/privkey.pem
        Include /etc/letsencrypt/options-ssl-apache.conf
    </VirtualHost>
</IfModule>

Restart Apache one last time. Your wiki should now work over HTTPS with the VisualEditor.

Leave a Reply

Your email address will not be published. Required fields are marked *