Differences

This shows you the differences between two versions of the page.

--- servers:nginx:dokuwiki [2019/06/28 20:11] – Sean Rhone
+++ servers:nginx:dokuwiki [2024/02/07 16:34] – [Server Block] Sean Rhone
@@ Line 8: / Line 8: @@
   * [[distros:fedora_server|Fedora Server]]
-  * [[servers:nginx_php_php-fpm | nginx + PHP + PHP-FPM]]
+  * [[servers:nginx_php_php-fpm|nginx + PHP + PHP-FPM]]
-  * [[servers:nginx:lets_encrypt | Let's Encrypt]]
+  * [[servers:nginx:lets_encrypt|Let's Encrypt]]
 ====== Dependencies ======
-****
+  * PHP Modules: gd sodium zip zlib xml
-  sudo dnf install php-cli php-json php-gd
+  sudo dnf install php-gd php-sodium php-pecl-zip php-xml
 ====== Download Source ======
@@ Line 21: / Line 21: @@
 ****
-  sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/splitbrain/dokuwiki.git' '/var/www/wiki' && sudo chown -R 'nginx':'nginx' '/var/www/wiki' && sync
+  sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/splitbrain/dokuwiki.git' '/var/www/wiki' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/wiki(/.*)?' && sudo restorecon -F -I -R '/var/www/wiki' && sudo chown -R 'nginx':'nginx' '/var/www/wiki' && sync
-===== SELinux =====
-  sudo semanage fcontext --deleteall "/var/www/wiki(/.*)?"
-  sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' "/var/www/wiki(/.*)?"
-  sudo restorecon -R -v '/var/www/wiki'
 ====== nginx + PHP-FPM Configuration ======
@@ Line 39: / Line 31: @@
 <code>
 [wiki]
+; User/Group
 user = nginx
 group = nginx
+; Socket
 listen = /run/php-fpm/wiki.sock
-listen.owner = nginx
+listen.acl_users = nginx
-listen.group = nginx
 listen.allowed_clients = 127.0.0.1
-pm = dynamic
+; Process Management
-pm.max_children = 8
+pm = ondemand
-pm.start_servers = 3
+pm.max_children = 4
-pm.min_spare_servers = 2
+pm.process_idle_timeout = 30
-pm.max_spare_servers = 4
-php_value[date.timezone] = "America/New_York"
+; Fedora php.ini Defaults
-php_value[upload_tmp_dir] = "/tmp"
+php_value[session.save_handler] = "files"
+php_value[session.save_path] = "/var/lib/php/session"
-php_value[max_execution_time] = "200"
+; General
-php_value[memory_limit] = "512M"
+php_value[date.timezone] = "America/New_York"
-php_value[post_max_size] = "10M"
+;php_value[max_execution_time] = "200"
-php_value[upload_max_filesize] = "10M"
+;php_value[memory_limit] = "512M"
-php_value[max_file_uploads] = "100"
+;php_value[post_max_size] = "10M"
+;php_value[upload_max_filesize] = "10M"
+;php_value[max_file_uploads] = "100"
-php_value[session.save_handler] = files
+; End</code>
-php_value[session.save_path] = /var/lib/php/session
-php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
-php_value[opcache.file_cache] = /var/lib/php/opcache</code>
 ===== FastCGI =====
@@ Line 75: / Line 68: @@
 location ~ \.(php|phar)(/.*)?$ {
     fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;
     fastcgi_intercept_errors on;
     fastcgi_index doku.php;
     include fastcgi_params;
-    fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
     fastcgi_param PATH_INFO $fastcgi_path_info;
+    fastcgi_param HTTPS on;
     fastcgi_pass unix:/run/php-fpm/wiki.sock;
 }</code>
@@ Line 86: / Line 79: @@
 ===== Server Block ======
-  sudo -e '/etc/nginx/conf.d/wiki.conf'
+  * 2023/09/12: CSPs disabled; TODO: Re-figure out CSPs
+  sudo -e '/etc/nginx/vhosts.d/wiki.conf' && sudo systemctl reload 'nginx' && sync
 <code>
@@ Line 100: / Line 95: @@
     client_max_body_size '10M';
-    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:" always;
+#    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:" always;
+#    add_header Content-Security-Policy "default-src 'self';
 #    access_log  /var/log/nginx/wiki-access.log;
@@ Line 128: / Line 124: @@
 ====== Initial Setup ======
+  * :!: TODO: https://www.dokuwiki.org/rewrite
   * https://wiki.realmofespionage.xyz/install.php
 ====== Settings ======
+===== Plugins =====
+  * https://www.dokuwiki.org/plugin:searchindex
 ===== Template Style Settings =====
@@ Line 144: / Line 146: @@
   * Do after initial setup
-  sudo -e '/etc/nginx/conf.d/wiki.conf' && sudo systemctl reload 'nginx'
+  sudo -e '/etc/nginx/vhosts.d/wiki.conf' && sudo systemctl reload 'nginx'
 ===== URL Rewrite =====
-  * Admin -> Configuration Settings
+  * Admin -> Configuration Settings -> DokuWiki -> Advanced -> userewrite
-  * Set **Use nice URLs** to **.htaccess**
+  .htaccess
 ===== Double-hyphen Convert Disable =====
@@ Line 155: / Line 158: @@
   * This prevents -- from becoming a – (long hyphen), which breaks some command's syntax
-  echo '--      --' | sudo tee '/var/www/wiki/conf/entities.local.conf' > '/dev/null' && sudo chown 'nginx':'nginx' '/var/www/wiki/conf/entities.local.conf'
+  echo '--      --' | sudo tee '/var/www/wiki/conf/entities.local.conf' > '/dev/null' && sudo chown 'nginx':'nginx' '/var/www/wiki/conf/entities.local.conf' && sync
 ====== Services ======
@@ Line 171: / Line 174: @@
 Type=oneshot
 ExecStart='/usr/bin/git' -C '/var/www/wiki' pull origin 'master'
-ExecStartPost='/usr/bin/sync'</code>
+ExecStartPost='/usr/bin/touch' '/var/www/wiki/conf/local.php'
+ExecStartPost='/usr/bin/sync'
+# End</code>
 ==== Timer ====
-  * Every day at ''01:00:00''
+  * Every day at ''00:30:00''
   sudo -e '/etc/systemd/system/wiki-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'wiki-up.timer' --now && sudo systemctl start 'wiki-up' && sudo systemctl status 'wiki-up' -l
@@ Line 186: / Line 192: @@
 [Timer]
-OnCalendar=*-*-* 01:00:00
+OnCalendar=*-*-* 00:30:00
 Persistent=true
 [Install]
-WantedBy=timers.target</code>
+WantedBy=timers.target
+# End</code>
 ===== Maintenance =====
@@ Line 197: / Line 205: @@
 ==== Service ====
+  * :!: The commented ''ExecStart'' would remove page edits older than 90 days
   sudo -e '/etc/systemd/system/wiki-m.service'
@@ Line 208: / Line 218: @@
 ExecStart='/usr/bin/git' -C '/var/www/wiki' gc --aggressive --prune='all'
 ExecStart='/usr/bin/git' -C '/var/www/wiki' fsck --full --strict
-ExecStart='/usr/bin/bash' -c "find '/var/www/wiki/data'/{attic,cache,locks,media_attic}/ -type 'f' -mtime +'90' -delete"
+#ExecStart='/usr/bin/bash' -c "find '/var/www/wiki/data'/{attic,cache,locks,media_attic}/ -type 'f' -mtime +'90' -delete"
 ExecStart='/usr/bin/bash' -c "find '/var/www/wiki/data'/{attic,cache,index,locks,media,media_attic,media_meta,meta,pages,tmp}/ -mindepth '1' -type 'd' -empty -delete"
 ExecStart='/usr/bin/php' '/var/www/wiki/bin/indexer.php' --clear
-ExecStartPost='/usr/bin/sync'</code>
+ExecStartPost='/usr/bin/sync'
+# End</code>
 ==== Timer ====
-  * ''01'' day of every month at ''01:20:00''
+  * ''01'' day of every month at ''01:00:00''
   sudo -e '/etc/systemd/system/wiki-m.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'wiki-m.timer' --now
@@ Line 224: / Line 236: @@
 [Timer]
-OnCalendar=*-*-01 01:20:00
+OnCalendar=*-*-01 01:00:00
 Persistent=true
 [Install]
-WantedBy=timers.target</code>
+WantedBy=timers.target
+# End</code>
 ===== Backup =====
-  * This backs up an archive to the local disk and [[distros:ubuntu_server#nas_backups | to a NAS]]
+  * This backs up an archive to the local disk and to a NAS
 ==== Service ====
+  * :!: The extra ''ExecStart''s are additional backup locations that expect [[servers:vsftpd|vsftpd]]
   mkdir -p ~/'backups' && sudo -e '/etc/systemd/system/wiki-fb.service' && sudo sed -i 's/CHANGEME/'$USER'/g' '/etc/systemd/system/wiki-fb.service'
@@ Line 242: / Line 258: @@
 Type=oneshot
 WorkingDirectory=/var/www/wiki
-ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -cvzf "/home/CHANGEME/backups/dokuwiki-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "data/pages" "data/meta" "data/media" "data/media_meta" "data/attic" "data/media_attic" "conf"'
+ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/home/CHANGEME/backups/dokuwiki-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "data/pages" "data/meta" "data/media" "data/media_meta" "data/attic" "data/media_attic" "conf"'
-ExecStartPost='/usr/bin/sync'</code>
+#ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/srv/ftp/nas1/espionage724/Servers/Scheduled Backups/dokuwiki-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "data/pages" "data/meta" "data/media" "data/media_meta" "data/attic" "data/media_attic" "conf"'
+#ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/srv/ftp/nas2/Servers/Scheduled Backups/dokuwiki-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "data/pages" "data/meta" "data/media" "data/media_meta" "data/attic" "data/media_attic" "conf"'
+ExecStartPost='/usr/bin/sync'
+# End</code>
 ==== Timer ====
-  * Every day at ''01:50:00''
+  * Every day at ''01:30:00''
   sudo -e '/etc/systemd/system/wiki-fb.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'wiki-fb.timer' --now && sudo systemctl start 'wiki-fb' && sudo systemctl status 'wiki-fb' -l
@@ Line 256: / Line 276: @@
 [Timer]
-OnCalendar=*-*-* 01:50:00
+OnCalendar=*-*-* 01:30:00
 Persistent=true
 [Install]
-WantedBy=timers.target</code>
+WantedBy=timers.target
+# End</code>
 ====== Backup ======
@@ Line 280: / Line 302: @@
 ****
-  scp espionage724@192.168.1.153:~/'dokuwiki-files-'*'.tar.gz' ~/'Downloads' && sync
+  scp espionage724@192.168.1.152:~/'dokuwiki-files-'*'.tar.gz' ~/'Downloads' && sync
 ====== Restore ======
@@ Line 290: / Line 312: @@
 ****
-  scp ~/'Downloads/dokuwiki-files-'*'.tar.gz' espionage724@192.168.1.153:~
+  scp ~/'Downloads/dokuwiki-files-'*'.tar.gz' espionage724@192.168.1.152:~
 ==== Remove Archive ====
@@ Line 316: / Line 338: @@
 ****
-  cd '/var/www/wiki' && sudo tar -xvzf ~/'dokuwiki-files-'*'.tar.gz' 'data/pages' 'data/meta' 'data/media' 'data/media_meta' 'data/attic' 'data/media_attic' 'conf' && sudo chown -R 'nginx':'nginx' '/var/www/wiki' && cd ~ && sync
+  cd '/var/www/wiki' && sudo tar -xvzf ~/'dokuwiki-files-'*'.tar.gz' 'data/pages' 'data/meta' 'data/media' 'data/media_meta' 'data/attic' 'data/media_attic' 'conf' && sudo restorecon -F -I -R '/var/www/wiki' && sudo chown -R 'nginx':'nginx' '/var/www/wiki' && cd ~ && sync
-==== SELinux ====
-  sudo semanage fcontext --deleteall "/var/www/wiki(/.*)?"
-  sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' "/var/www/wiki(/.*)?"
-  sudo restorecon -R -v '/var/www/wiki'
 ==== Start nginx ====
@@ Line 337: / Line 351: @@
   rm -R ~/'dokuwiki-files-'*'.tar.gz' && sync