MediaWiki Install 2022-01-22: Difference between revisions

From Traxel Wiki
Jump to navigation Jump to search
No edit summary
 
(23 intermediate revisions by the same user not shown)
Line 1: Line 1:
[[Category:Hacking]]
* Active 2021-04 to 2022-01
[[Category:OpenDevOps]]
* First version: https://wiki.heatsynclabs.org/wiki/MediaWiki_On_Lightsail
* NameCheap Version, 2022-08-10: [[MediaWiki on Namecheap]]
* See Also: [[MediaWiki_On_Lightsail]], a copy of HSL install.
* I feel like I got really far with this, even building in automated backup to S3, but I can't find the documentation.
* [[MediaWikiHerdSecuritiesInstall]]


First version:
= DeadmanDAO =
https://wiki.heatsynclabs.org/wiki/MediaWiki_On_Lightsail


= HerdSecurities Install =


== Lightsail Instance ==
== Create Instance ==
 
=== Interserver Web Interface ===
# go to interserver
# create an instance
## Single Slice ($6/mo at this time)
## Debian 9 (Deb 9 has Mailman 2, Deb 10 has Mailman 3)
## KVM
# set reverse DNS to diffie.deadmandao.com
# Note the IP address
 
=== Update to Latest ===
 
Log in root@ip.address using password you provided
 
<pre>
apt-get update
apt-get -y upgrade
apt-get -y dist-upgrade # if needed
reboot
</pre>
 
=== Add User Account ===
 
Log in root@ip.address
 
<pre>
apt-get -y install sudo
adduser bob
usermod -G sudo bob
exit
</pre>
 
Log in to bob@ip.address
 
== Set SPF ==
<pre>
sudo apt-get install net-tools
sudo ifconfig
</pre>
 
That'll give you the ip4 and ip6 addresses, which go into the DNS text record:
 
* v=spf1 ip4:66.23.226.216 ip6:fe80::216:3eff:fe24:10e1 -all
 
== Set Other DNS ==
 
* A Record, diffie, 66.23.226.216
* A Record, @, 66.23.226.216
* CNAME Record, www, diffie.deadmandao.com
* CNAME Record, mail, diffie.deadmandao.com
* TXT Record, diffe, v=spf1 ip4:66.23.226.216 ip6:fe80::216:3eff:fe24:10e1 -all
* MX Record, deadmandao.com, mail.deadmandao.com, 10
 
== Set Hostname ==


Initialization Script
<pre>
<pre>
apt update -y
sudo apt-get install emacs-nox
apt upgrade -y
sudo emacs -nw /etc/hostname
apt install -y emacs-nox
> diffie
apt install -y apache2 certbot python3-certbot-apache
sudo emacs -nw /etc/hosts
apt install -y mariadb-server php php-mysql libapache2-mod-php php-xml php-mbstring
> 66.23.226.216 diffie.deadmandao.com diffie
# Extra Features:
sudo reboot
apt install -y php-apcu php-intl imagemagick php-cli php-curl git
</pre>
</pre>


OS Only, Debian Latest, Second Smallest Instance Type
Log in to bob@diffie.deadmandao.com


Set a static IP (35.81.57.143)
<pre>
hostname
hostname --all-fqdn
dnsdomainname
</pre>


DNS A record pointing wiki.herdsecurities.com to 35.81.57.143
== SMTP Server ==


== Certbot SSL ==
<pre>
sudo apt-get install postfix
</pre>


Create the wiki conf
* Internet Site
* deadmandao.com is the host domain
* send a test email
 
<pre>
echo "Subject: sendmail test" | /usr/sbin/sendmail -v emailaddress
</pre>
 
== Apache Install ==
 
<pre>
sudo apt install apache2
</pre>
 
=== 100-root.conf ===
 
Location: /etc/apache2/sites-available/100-root.conf


<pre>
<pre>
$ sudo emacs -nw /etc/apache2/sites-available/003-wiki.conf
<VirtualHost *:80>
<VirtualHost *:80>
    ServerName wiki.herdsecurities.com
        ServerName deadmandao.com
    ServerAdmin webmaster@localhost
        ServerName www.deadmandao.com
    DocumentRoot /var/www/mediawiki
 
    ErrorLog ${APACHE_LOG_DIR}/wiki-error.log
        ServerAdmin webmaster@localhost
    CustomLog ${APACHE_LOG_DIR}/wiki-access.log combined
        DocumentRoot /var/www/www
 
        ErrorLog ${APACHE_LOG_DIR}/www-error.log
        CustomLog ${APACHE_LOG_DIR}/www-access.log combined
</VirtualHost>
</VirtualHost>
</pre>
=== 200-wiki.conf ===
Location: /etc/apache2/sites-available/200-wiki.conf
<pre>
<VirtualHost *:80>
ServerName wiki.deadmandao.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/mediawiki
ErrorLog ${APACHE_LOG_DIR}/wiki-error.log
CustomLog ${APACHE_LOG_DIR}/wiki-access.log combined
</VirtualHost>
</pre>
== Add TLS/SSL ==
https://certbot.eff.org/instructions?ws=apache&os=debianbuster
=== Add Snapd ===
<pre>
sudo apt update
sudo apt install snapd
sudo snap install core
sudo snap refresh core
</pre>
=== Snap Install Certbot ===
<pre>
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
</pre>
=== Get a Cert for Apache ===
<pre>
sudo certbot --apache -d deadmandao.com -d www.deadmandao.com -d wiki.deadmandao.com
</pre>
== MediaWiki Supporting Software ==
First, the basics. You'll need all of these:
<pre>
$ sudo apt install mariadb-server php php-mysql libapache2-mod-php php-xml php-mbstring
</pre>
Next, the enhancements. These will give MediaWiki extra capabilities. See [https://www.mediawiki.org/wiki/Manual:Running_MediaWiki_on_Debian_or_Ubuntu#Optional_useful_packages Optional Packages]
<pre>
$ sudo apt install php-apcu php-intl imagemagick php-cli php-curl git
</pre>
== Configure PHP ==
There are a couple settings that are worth checking in PHP:
<pre>
$ cd /etc/php/7.3/apache2/
$ grep memory_limit php.ini
$ grep upload_max_filesize php.ini
</pre>
128 megs should be fine for memory.
I'm torn on filesize. I'm trying to fit on a $5/mo machine with a 40 Gig HDD. Most things other than video for use on the web can be under 2 megs (the default size). I feel like the best answer may be a plugin to store large files in S3 at 1/4th the price. It's not a one-way-door, though. I'm leaving mine at 2 megs for now.
Make sure the PHP plugins are enabled:
<pre>
$ sudo phpenmod apcu
$ sudo phpenmod curl
$ sudo phpenmod intl
$ sudo phpenmod mbstring
$ sudo phpenmod xml
$ sudo systemctl restart apache2
</pre>
== Configure MariaDB ==
It's time to stop generically referring to MariaDB as MySQL. MySQL is a once-great project that is no longer trustworthy. MariaDB is the leading Open Source RDBMS.
If you haven't done anything with it yet, there will be no password.
<pre>
$ sudo mariadb -u root
</pre>
Pick a username for MediaWiki to use (I'm using wiki_wiki as an example).
Pick a database name (I'm using hsl_wiki as an example).
Pick a password other than "CHANGE THIS PASSWORD".
<pre>
MariaDB> create database deadmandao_wiki;
MariaDB> grant all on deadmandao_wiki.* to 'wiki_wiki'@'localhost' identified by 'CHANGE THIS PASSWORD';
MariaDB> flush privileges;
</pre>
Then you can verify it worked if you like. (there won't be any tables, but it shouldn't give you an auth error)
<pre>
$ mariadb -u wiki_wiki -p
MariaDB> show tables in deadmandao_wiki;
MariaDB> exit
</pre>
</pre>

Latest revision as of 19:19, 28 September 2023

DeadmanDAO

Create Instance

Interserver Web Interface

  1. go to interserver
  2. create an instance
    1. Single Slice ($6/mo at this time)
    2. Debian 9 (Deb 9 has Mailman 2, Deb 10 has Mailman 3)
    3. KVM
  3. set reverse DNS to diffie.deadmandao.com
  4. Note the IP address

Update to Latest

Log in root@ip.address using password you provided

apt-get update
apt-get -y upgrade
apt-get -y dist-upgrade # if needed
reboot

Add User Account

Log in root@ip.address

apt-get -y install sudo
adduser bob
usermod -G sudo bob
exit

Log in to bob@ip.address

Set SPF

sudo apt-get install net-tools
sudo ifconfig

That'll give you the ip4 and ip6 addresses, which go into the DNS text record:

  • v=spf1 ip4:66.23.226.216 ip6:fe80::216:3eff:fe24:10e1 -all

Set Other DNS

  • A Record, diffie, 66.23.226.216
  • A Record, @, 66.23.226.216
  • CNAME Record, www, diffie.deadmandao.com
  • CNAME Record, mail, diffie.deadmandao.com
  • TXT Record, diffe, v=spf1 ip4:66.23.226.216 ip6:fe80::216:3eff:fe24:10e1 -all
  • MX Record, deadmandao.com, mail.deadmandao.com, 10

Set Hostname

sudo apt-get install emacs-nox
sudo emacs -nw /etc/hostname
> diffie
sudo emacs -nw /etc/hosts
> 66.23.226.216	diffie.deadmandao.com diffie
sudo reboot

Log in to bob@diffie.deadmandao.com

hostname
hostname --all-fqdn
dnsdomainname

SMTP Server

sudo apt-get install postfix
  • Internet Site
  • deadmandao.com is the host domain
  • send a test email
echo "Subject: sendmail test" | /usr/sbin/sendmail -v emailaddress

Apache Install

sudo apt install apache2

100-root.conf

Location: /etc/apache2/sites-available/100-root.conf

<VirtualHost *:80>
        ServerName deadmandao.com
        ServerName www.deadmandao.com

        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/www

        ErrorLog ${APACHE_LOG_DIR}/www-error.log
        CustomLog ${APACHE_LOG_DIR}/www-access.log combined
</VirtualHost>

200-wiki.conf

Location: /etc/apache2/sites-available/200-wiki.conf

<VirtualHost *:80>
	ServerName wiki.deadmandao.com

	ServerAdmin webmaster@localhost
	DocumentRoot /var/www/mediawiki

	ErrorLog ${APACHE_LOG_DIR}/wiki-error.log
	CustomLog ${APACHE_LOG_DIR}/wiki-access.log combined
</VirtualHost>

Add TLS/SSL

https://certbot.eff.org/instructions?ws=apache&os=debianbuster

Add Snapd

sudo apt update
sudo apt install snapd
sudo snap install core
sudo snap refresh core

Snap Install Certbot

sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot

Get a Cert for Apache

sudo certbot --apache -d deadmandao.com -d www.deadmandao.com -d wiki.deadmandao.com

MediaWiki Supporting Software

First, the basics. You'll need all of these:

$ sudo apt install mariadb-server php php-mysql libapache2-mod-php php-xml php-mbstring

Next, the enhancements. These will give MediaWiki extra capabilities. See Optional Packages

$ sudo apt install php-apcu php-intl imagemagick php-cli php-curl git

Configure PHP

There are a couple settings that are worth checking in PHP:

$ cd /etc/php/7.3/apache2/
$ grep memory_limit php.ini
$ grep upload_max_filesize php.ini

128 megs should be fine for memory.

I'm torn on filesize. I'm trying to fit on a $5/mo machine with a 40 Gig HDD. Most things other than video for use on the web can be under 2 megs (the default size). I feel like the best answer may be a plugin to store large files in S3 at 1/4th the price. It's not a one-way-door, though. I'm leaving mine at 2 megs for now.

Make sure the PHP plugins are enabled:

$ sudo phpenmod apcu
$ sudo phpenmod curl
$ sudo phpenmod intl
$ sudo phpenmod mbstring
$ sudo phpenmod xml
$ sudo systemctl restart apache2

Configure MariaDB

It's time to stop generically referring to MariaDB as MySQL. MySQL is a once-great project that is no longer trustworthy. MariaDB is the leading Open Source RDBMS.

If you haven't done anything with it yet, there will be no password.

$ sudo mariadb -u root

Pick a username for MediaWiki to use (I'm using wiki_wiki as an example).

Pick a database name (I'm using hsl_wiki as an example).

Pick a password other than "CHANGE THIS PASSWORD".

MariaDB> create database deadmandao_wiki;
MariaDB> grant all on deadmandao_wiki.* to 'wiki_wiki'@'localhost' identified by 'CHANGE THIS PASSWORD';
MariaDB> flush privileges;

Then you can verify it worked if you like. (there won't be any tables, but it shouldn't give you an auth error)

$ mariadb -u wiki_wiki -p
MariaDB> show tables in deadmandao_wiki;
MariaDB> exit