Setting Up A Wiki Farm on OS X
This page serves to document the setup and maintenance of a wiki farm server. I used a mac mini to host about 20 wikis, and thought it might be useful to others to document what I did. I haven't had time to completely automate everything, but this is a start. If you're not using a mac, then you'll obviously have to figure out the specifics relevant to your platform.
Contents |
Starting Materials
- Mac running OS X 10.4 (Tiger)
- Admin account on the server (sudo privileges)
- MySQL - http://dev.mysql.com/downloads/
- Mediawiki - http://www.mediawiki.org/wiki/Download
Initial Setup
Configure Apache
- enable PHP by editing /etc/httpd/httpd.conf and uncommenting the following lines
# LoadModule php4_module libexec/httpd/libphp4.so # AddModule mod_php4.c
Enable web sharing
Configuring SSL
- This optional step allows us to password protect the wikis, and ensure that no passwords are sent as clear text when individuals log in.
- See http://developer.apple.com/internet/serverside/modssl.html
Install MySQL
- download MySQL e.g. from http://dev.mysql.com/downloads/mysql/5.0.html
- run installer
- also install included preference pane and startup item so the wiki server will come back up after a reboot (or power failure)
Install MediaWiki
- download from http://www.mediawiki.org/wiki/Download
tar -xzvf mediawiki-1.5.7.tar.gz mv mediawiki-1.5.7 /Library/WebServer/Documents
Link a new directory to install
- We are going to make "mediawiki" a symlink to "mediawiki-1.5.7".
- All wikis we create will have their own directory, which will contain symlinks to the mediawiki symlink.
- When we need to upgrade mediawiki, we simply extract a new mediawiki-1.x.x direectory, delete the old symlink and link to the new directory.
cd /Library/WebServer/Documents sudo ln -s mediawiki-1.5.7 mediawiki
- If things are set up properly, the document root directory should look like this:
% ls -l lrwxr-xr-x 1 shawn admin 15 Mar 7 13:13 mediawiki -> mediawiki-1.5.7 drwxr-xr-x 31 www wheel 1054 Mar 7 13:04 mediawiki-1.5.7
Upgrading MediaWiki
- Download latest version of mediawiki. Visit mediawiki's download page to get the url of a mirror.
wget http://prdownloads.sourceforge.net/wikipedia/mediawiki-1.5.7.tar.gz?use_mirror=superb tar -xzvf mediawiki-1.5.7.tar.gz mv mediawiki-1.5.7 /Library/WebServer/Documents
- Remove old symlink to previous version and then add symlink to new directory
cd /Library/WebServer/Documents rm mediawiki; ln -s mediawiki-1.5.7 mediawiki
- Fix any customization that was performed on the old version. In my case, I want a "View Source" page to show up when a non-logged-in user tries to edit a page. This hack was done by editing near line 158 of includes/EditPage.php:
if ( !$wgUser->isAllowed('edit') ) {
# if ( $wgUser->isAnon() ) {
# $this->userNotLoggedInPage();
# return;
# } else {
# $wgOut->readOnlyPage( $this->mArticle->getContent( true ), true );
# return;
# }
# Make source available to anon users
$wgOut->readOnlyPage( $this->mArticle->getContent( true ), true );
return;
}
Creation of a Blank Template Wiki
Create Directory and Symlinks
- In this example we're using directory 00.
cd /Library/WebServer/Documents mkdir 00 cd 00 ln -s ../mediawiki/COPYING ln -s ../mediawiki/FAQ ln -s ../mediawiki/HISTORY ln -s ../mediawiki/INSTALL ln -s ../mediawiki/README ln -s ../mediawiki/RELEASE-NOTES ln -s ../mediawiki/UPGRADE ln -s ../mediawiki/docs ln -s ../mediawiki/extensions ln -s ../mediawiki/img_auth.php ln -s ../mediawiki/includes ln -s ../mediawiki/index.php ln -s ../mediawiki/install-utils.inc ln -s ../mediawiki/languages ln -s ../mediawiki/maintenance ln -s ../mediawiki/math ln -s ../mediawiki/profileinfo.php ln -s ../mediawiki/redirect.php ln -s ../mediawiki/redirect.phtml ln -s ../mediawiki/skins ln -s ../mediawiki/tests ln -s ../mediawiki/thumb.php ln -s ../mediawiki/trackback.php ln -s ../mediawiki/wiki.phtml mkdir images sudo chown www:wheel images cp -R ../mediawiki-1.5.7/config . chmod a+w config/
Run Wiki Configuration Script
- Visit https://example.com/00/config/index.php and enter following
- Site name: Blank
- contact email: name@example.com
- WikiSysop: ********
- database name: wikidb00
- db password: ********
- superuser: root
- password: ************
- Submit
Delete config directory
cd /Library/WebServer/Documents/00 rm -rf config/
Set up LocalSettings.php
cp LocalSettings.php LocalSettings.php.backup pico LocalSettings.php
- LocalSettings.php should have the following changes
$IP = "/Library/WebServer/Documents/00";
$wgScriptPath = "/00";
# Clean URLs
$wgArticlePath = "/foo/$1";
#$wgArticlePath = "$wgScript?title=$1";
$wgEnableUploads = true;
$wgFileExtensions = array('tar', 'gz', 'png', 'gif', 'jpg');
# Disable Anonymous editing
$wgGroupPermissions['*']['edit'] = false;
# Hide IP from header for anonymous users
$wgShowIPinHeader = false;
# Disable new accounts -- uncomment this later if necessary
# $wgGroupPermissions['*']['createaccount'] = false;
- If things are set up properly, the document root directory should include the following (in addition to other things):
[foo:/Library/WebServer/Documents] shawn% ls -l total 232 drwxr-xr-x 29 shawn admin 986 Mar 5 13:56 00 lrwxr-xr-x 1 shawn admin 15 Mar 7 13:13 mediawiki -> mediawiki-1.5.7 drwxr-xr-x 31 www wheel 1054 Mar 7 13:04 mediawiki-1.5.7 ...
- An individual wiki directory should look like this:
[foo:WebServer/Documents/00] shawn% ls -l total 272 lrwxr-xr-x 1 shawn admin 20 Mar 1 11:48 COPYING -> ../mediawiki/COPYING lrwxr-xr-x 1 shawn admin 16 Mar 1 11:48 FAQ -> ../mediawiki/FAQ lrwxr-xr-x 1 shawn admin 20 Mar 1 11:48 HISTORY -> ../mediawiki/HISTORY lrwxr-xr-x 1 shawn admin 20 Mar 1 11:48 INSTALL -> ../mediawiki/INSTALL -rwxrwxr-x 1 shawn admin 4210 Mar 5 13:59 LocalSettings.php lrwxr-xr-x 1 shawn admin 19 Mar 1 11:48 README -> ../mediawiki/README lrwxr-xr-x 1 shawn admin 26 Mar 1 11:48 RELEASE-NOTES -> ../mediawiki/RELEASE-NOTES lrwxr-xr-x 1 shawn admin 20 Mar 1 11:48 UPGRADE -> ../mediawiki/UPGRADE lrwxr-xr-x 1 shawn admin 19 Mar 1 11:48 config -> ../mediawiki/config lrwxr-xr-x 1 shawn admin 17 Mar 1 11:48 docs -> ../mediawiki/docs lrwxr-xr-x 1 shawn admin 23 Mar 1 11:48 extensions -> ../mediawiki/extensions drwxrwx--- 25 www wheel 850 Jan 5 18:47 images lrwxr-xr-x 1 shawn admin 25 Mar 1 11:48 img_auth.php -> ../mediawiki/img_auth.php lrwxr-xr-x 1 shawn admin 21 Mar 1 11:48 includes -> ../mediawiki/includes lrwxr-xr-x 1 shawn admin 22 Mar 1 11:48 index.php -> ../mediawiki/index.php lrwxr-xr-x 1 shawn admin 30 Mar 1 11:48 install-utils.inc -> ../mediawiki/install-utils.inc lrwxr-xr-x 1 shawn admin 22 Mar 1 11:48 languages -> ../mediawiki/languages lrwxr-xr-x 1 shawn admin 24 Mar 1 11:48 maintenance -> ../mediawiki/maintenance lrwxr-xr-x 1 shawn admin 17 Mar 1 11:48 math -> ../mediawiki/math lrwxr-xr-x 1 shawn admin 28 Mar 1 11:48 profileinfo.php -> ../mediawiki/profileinfo.php lrwxr-xr-x 1 shawn admin 25 Mar 1 11:48 redirect.php -> ../mediawiki/redirect.php lrwxr-xr-x 1 shawn admin 27 Mar 1 11:48 redirect.phtml -> ../mediawiki/redirect.phtml lrwxr-xr-x 1 shawn admin 18 Mar 1 11:48 skins -> ../mediawiki/skins lrwxr-xr-x 1 shawn admin 18 Mar 1 11:48 tests -> ../mediawiki/tests lrwxr-xr-x 1 shawn admin 22 Mar 1 11:48 thumb.php -> ../mediawiki/thumb.php lrwxr-xr-x 1 shawn admin 26 Mar 1 11:48 trackback.php -> ../mediawiki/trackback.php lrwxr-xr-x 1 shawn admin 23 Mar 1 11:48 wiki.phtml -> ../mediawiki/wiki.phtml ...
- LocalSettings.php is not a symlink, but an actual file since it contains settings unique to this wiki.
Creating the Nth Wiki
- Once the template wiki is created and properly configured, we can create any number of cloned wikis
- I've written a shell script makewikis.sh to make new wikis
- before using this script, you need to run mysqldump on an new un-touched wiki database to create a template that we will clone
- the script handles all the directory & symlink modification, and outputs a sql file that you call from MySQL to populate the database of a new wiki
#!/bin/sh
if [ $# -ne 2 ]; then
echo 1>&2 Usage: $0 firstdb lastdb
exit 1
fi
START=$1
END=$2
cd /Library/WebServer/Documents
for (( i = $START; i <= $END; i++ ))
do
NUM=`echo $i | awk '{ printf "%02d\n", $1}'` # print leading zeros in front of i
mkdir $NUM
cd $NUM
ln -s ../mediawiki/COPYING
ln -s ../mediawiki/FAQ
ln -s ../mediawiki/HISTORY
ln -s ../mediawiki/INSTALL
ln -s ../mediawiki/README
ln -s ../mediawiki/RELEASE-NOTES
ln -s ../mediawiki/UPGRADE
ln -s ../mediawiki/docs
ln -s ../mediawiki/extensions
ln -s ../mediawiki/img_auth.php
ln -s ../mediawiki/includes
ln -s ../mediawiki/index.php
ln -s ../mediawiki/install-utils.inc
ln -s ../mediawiki/languages
ln -s ../mediawiki/maintenance
ln -s ../mediawiki/math
ln -s ../mediawiki/profileinfo.php
ln -s ../mediawiki/redirect.php
ln -s ../mediawiki/redirect.phtml
ln -s ../mediawiki/skins
ln -s ../mediawiki/tests
ln -s ../mediawiki/thumb.php
ln -s ../mediawiki/trackback.php
ln -s ../mediawiki/wiki.phtml
mkdir images
sudo chown www:wheel images
cd ..
cat /Library/WebServer/Documents/00/LocalSettings.php | sed s/00/$NUM/ > /Library/WebServer/Documents/$NUM/LocalSettings.php
NAME=/Users/shawn/wiki/wikidb$START-$END.sql
DBNAME=wikidb$NUM
cat >> $NAME <<EOF
create database $DBNAME;
use $DBNAME;
source /Users/shawn/wiki/blankwiki.sql
GRANT DELETE,INSERT,SELECT,UPDATE ON $DBNAME.* TO 'wikiuser'@'%' IDENTIFIED BY 'wikipass';
GRANT DELETE,INSERT,SELECT,UPDATE ON $DBNAME.* TO 'wikiuser'@localhost IDENTIFIED BY 'wikipass';
GRANT DELETE,INSERT,SELECT,UPDATE ON $DBNAME.* TO 'wikiuser'@localhost.localdomain IDENTIFIED BY 'wikipass';
EOF
done
echo Run this command to create wikis:
echo "echo \"source $NAME\" | /usr/local/mysql/bin/mysql -u root -p"
echo Update the ReWrite rules and fix LocalSettings.php for proper urls:
echo sudo pico +444 /etc/httpd/httpd.conf
echo also add user to appropriate htaccess and htgroup files
Password Protecting A Wiki
Create / Update .htgroup
- .htgroup should be in a directory visible to the web server, but not in a directory that is served by the web server. I use /Library/WebServer.
- add new username to htgroup.
pico /Library/WebServer/.htgroup members: username
Create / Update .htpasswd
- .htpasswd should be in a directory visible to the web server, but not in a directory that is served by the web server. I use /Library/WebServer.
cd /Library/WebServer sudo htpasswd .htpasswd username Password: New Password: Re-type Password:
Update /etc/httpd/httpd.conf
- Here we add the rewrite rule for nice URL formatting, as well as password protection
- In this example, "foo" is going to be in the nice url, while 01 is the directory of the wiki we created. These should obviously be changed according to the specific wiki you create.
<Directory "/Library/WebServer/Documents"> RewriteEngine on RewriteRule ^foo/?(.*)$ /01/index.php?title=$1 [L,QSA] AuthType Basic AuthUserFile /Library/WebServer/.htpasswd AuthGroupFile /Library/WebServer/.htgroup </Directory> <Directory "/Library/WebServer/Documents/00"> AuthName "Wiki Farm" require group members </Directory>
Backups
I've set up backups, but haven't had time to document it. Email me and I'll add it here.
Full Database & All Wiki Backup
- backup.sh (run as root using launchd)
#!/bin/sh apachectl stop /usr/local/mysql/bin/mysqldump --all-databases -u root -p > /Users/shawn/wiki/foo-all.sql /usr/local/bin/rdiff-backup /Library/WebServer /Users/shawn/WebServer.backup apachectl start
- get.sh (run from remote machine)
#!/bin/sh scp foo:/Users/shawn/wiki/foo-all.sql . scp foo:/Users/shawn/wiki/WebServer.backup.tgz .
Individual Backups
- dump each database independently
- tar & gzip each wiki directory
- restrict by user
Problems with mod_ssl and Firefox
- Note that when following the instructions here, we generated and self-signed our CA certificate.
- Some users report that Firefox returns an error (incorrect Message Authorization code) when trying to visit a page. This is a browser-configuration issue, not a problem with the ssl configuration
- To fix it, you must delete any previously saved certificates in Firefox and re-visit the site in question and permanently accept the certificate. The images below show more specific instructions
- Click the "View Certificates" button in Firefox preferences -> Advanced -> Security
- Go to the "Web Sites" tab to view saved certificates. Delete the certificate (you have to expand the name and delete the specific site)
- Visit the site again and permanently accept the self-signed certificate certificate
Problems with mod_ssl and Internet Explorer
- Internet Explorer seems to fail entirely when visiting a page using self-signed CA certificates. Since I don't use IE, you'll have to look elsewhere for the solution to this one.