Differences

This shows you the differences between two versions of the page.

--- servers:nginx:dokuwiki [2019/10/23 20:49] – Sean Rhone
+++ servers:nginx:dokuwiki [2024/02/07 16:34] – [Server Block] Sean Rhone
@@ Line 7: / Line 7: @@
 ===== Prerequisites =====
-  * [[distros:ubuntu_server|Ubuntu Server]]
+  * [[distros:fedora_server|Fedora Server]]
   * [[servers:nginx_php_php-fpm|nginx + PHP + PHP-FPM]]
   * [[servers:nginx:lets_encrypt|Let's Encrypt]]
+====== Dependencies ======
+  * PHP Modules: gd sodium zip zlib xml
+  sudo dnf install php-gd php-sodium php-pecl-zip php-xml
 ====== Download Source ======
@@ Line 15: / Line 21: @@
 ****
-  sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/splitbrain/dokuwiki.git' '/var/www/wiki' && sudo chown -R 'www-data':'www-data' '/var/www/wiki' && sync
+  sudo git clone --branch 'master' --depth '1' --recurse-submodules 'https://github.com/splitbrain/dokuwiki.git' '/var/www/wiki' && sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' '/var/www/wiki(/.*)?' && sudo restorecon -F -I -R '/var/www/wiki' && sudo chown -R 'nginx':'nginx' '/var/www/wiki' && sync
 ====== nginx + PHP-FPM Configuration ======
@@ Line 21: / Line 27: @@
 ===== PHP-FPM Socket =====
-  sudo -e '/etc/php/7.2/fpm/pool.d/wiki.conf' && sudo systemctl restart 'php7.2-fpm'
+  sudo -e '/etc/php-fpm.d/wiki.conf' && sudo systemctl restart 'php-fpm'
 <code>
 [wiki]
-user = www-data
-group = www-data
-listen = /run/php/wiki.sock
+; User/Group
-listen.owner = www-data
+user = nginx
-listen.group = www-data
+group = nginx
+; Socket
+listen = /run/php-fpm/wiki.sock
+listen.acl_users = nginx
 listen.allowed_clients = 127.0.0.1
-pm = dynamic
+; Process Management
-pm.max_children = 8
+pm = ondemand
-pm.start_servers = 3
+pm.max_children = 4
-pm.min_spare_servers = 2
+pm.process_idle_timeout = 30
-pm.max_spare_servers = 4
-php_value[date.timezone] = "America/New_York"
-php_value[upload_tmp_dir] = "/tmp"
-php_value[max_execution_time] = "200"
-php_value[memory_limit] = "512M"
-php_value[post_max_size] = "10M"
-php_value[upload_max_filesize] = "10M"
-php_value[max_file_uploads] = "100"
+; Fedora php.ini Defaults
 php_value[session.save_handler] = "files"
 php_value[session.save_path] = "/var/lib/php/session"
-php_value[soap.wsdl_cache_dir] = "/var/lib/php/wsdlcache"
-php_value[opcache.file_cache] = "/var/lib/php/opcache"</code>
+; General
+php_value[date.timezone] = "America/New_York"
+;php_value[max_execution_time] = "200"
+;php_value[memory_limit] = "512M"
+;php_value[post_max_size] = "10M"
+;php_value[upload_max_filesize] = "10M"
+;php_value[max_file_uploads] = "100"
+; End</code>
 ===== FastCGI =====
-  sudo -e '/etc/nginx/snippets/wiki.conf'
+  sudo -e '/etc/nginx/default.d/wiki.conf'
 <code>
@@ Line 61: / Line 68: @@
 location ~ \.(php|phar)(/.*)?$ {
     fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;
     fastcgi_intercept_errors on;
     fastcgi_index doku.php;
     include fastcgi_params;
-    fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
     fastcgi_param PATH_INFO $fastcgi_path_info;
-    fastcgi_pass unix:/run/php/wiki.sock;
+    fastcgi_param HTTPS on;
+    fastcgi_pass unix:/run/php-fpm/wiki.sock;
 }</code>
 ===== Server Block ======
-  sudo -e '/etc/nginx/sites-available/wiki.conf'
+  * 2023/09/12: CSPs disabled; TODO: Re-figure out CSPs
+  sudo -e '/etc/nginx/vhosts.d/wiki.conf' && sudo systemctl reload 'nginx' && sync
 <code>
@@ Line 81: / Line 90: @@
     index 'doku.php';
-    include '/etc/nginx/snippets/wiki.conf';
+    include '/etc/nginx/default.d/wiki.conf';
-    include '/etc/nginx/snippets/headers.conf';
+    include '/etc/nginx/default.d/headers.conf';
     client_max_body_size '10M';
-    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:" always;
+#    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:" always;
+#    add_header Content-Security-Policy "default-src 'self';
 #    access_log  /var/log/nginx/wiki-access.log;
@@ Line 113: / Line 123: @@
 }</code>
-==== Enable =====
+====== Initial Setup ======
-****
+  * :!: TODO: https://www.dokuwiki.org/rewrite
-  sudo rm -f '/etc/nginx/sites-enabled/wiki.conf' && sudo ln -s '/etc/nginx/sites-available/wiki.conf' '/etc/nginx/sites-enabled/wiki.conf' && sudo systemctl reload 'nginx' && sync
+  * https://wiki.realmofespionage.xyz/install.php
-====== Initial Setup ======
+====== Settings ======
-  * https://wiki.realmofespionage.xyz/install.php
+===== Plugins =====
-====== Settings ======
+  * https://www.dokuwiki.org/plugin:searchindex
 ===== Template Style Settings =====
@@ Line 136: / Line 146: @@
   * Do after initial setup
-  sudo -e '/etc/nginx/sites-available/wiki.conf' && sudo systemctl reload 'nginx'
+  sudo -e '/etc/nginx/vhosts.d/wiki.conf' && sudo systemctl reload 'nginx'
 ===== URL Rewrite =====
-  * Admin -> Configuration Settings
+  * Admin -> Configuration Settings -> DokuWiki -> Advanced -> userewrite
-  * Set **Use nice URLs** to **.htaccess**
+  .htaccess
 ===== Double-hyphen Convert Disable =====
@@ Line 147: / Line 158: @@
   * This prevents -- from becoming a – (long hyphen), which breaks some command's syntax
-  echo '--      --' | sudo tee '/var/www/wiki/conf/entities.local.conf' > '/dev/null' && sudo chown 'www-data':'www-data' '/var/www/wiki/conf/entities.local.conf'
+  echo '--      --' | sudo tee '/var/www/wiki/conf/entities.local.conf' > '/dev/null' && sudo chown 'nginx':'nginx' '/var/www/wiki/conf/entities.local.conf' && sync
 ====== Services ======
@@ Line 163: / Line 174: @@
 Type=oneshot
 ExecStart='/usr/bin/git' -C '/var/www/wiki' pull origin 'master'
-ExecStartPost='/usr/bin/sync'</code>
+ExecStartPost='/usr/bin/touch' '/var/www/wiki/conf/local.php'
+ExecStartPost='/usr/bin/sync'
+# End</code>
 ==== Timer ====
-  * Every day at ''01:00:00''
+  * Every day at ''00:30:00''
   sudo -e '/etc/systemd/system/wiki-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'wiki-up.timer' --now && sudo systemctl start 'wiki-up' && sudo systemctl status 'wiki-up' -l
@@ Line 178: / Line 192: @@
 [Timer]
-OnCalendar=*-*-* 01:00:00
+OnCalendar=*-*-* 00:30:00
 Persistent=true
 [Install]
-WantedBy=timers.target</code>
+WantedBy=timers.target
+# End</code>
 ===== Maintenance =====
@@ Line 189: / Line 205: @@
 ==== Service ====
+  * :!: The commented ''ExecStart'' would remove page edits older than 90 days
   sudo -e '/etc/systemd/system/wiki-m.service'
@@ Line 200: / Line 218: @@
 ExecStart='/usr/bin/git' -C '/var/www/wiki' gc --aggressive --prune='all'
 ExecStart='/usr/bin/git' -C '/var/www/wiki' fsck --full --strict
-ExecStart='/usr/bin/bash' -c "find '/var/www/wiki/data'/{attic,cache,locks,media_attic}/ -type 'f' -mtime +'90' -delete"
+#ExecStart='/usr/bin/bash' -c "find '/var/www/wiki/data'/{attic,cache,locks,media_attic}/ -type 'f' -mtime +'90' -delete"
 ExecStart='/usr/bin/bash' -c "find '/var/www/wiki/data'/{attic,cache,index,locks,media,media_attic,media_meta,meta,pages,tmp}/ -mindepth '1' -type 'd' -empty -delete"
 ExecStart='/usr/bin/php' '/var/www/wiki/bin/indexer.php' --clear
-ExecStartPost='/usr/bin/sync'</code>
+ExecStartPost='/usr/bin/sync'
+# End</code>
 ==== Timer ====
-  * ''01'' day of every month at ''01:20:00''
+  * ''01'' day of every month at ''01:00:00''
   sudo -e '/etc/systemd/system/wiki-m.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'wiki-m.timer' --now
@@ Line 216: / Line 236: @@
 [Timer]
-OnCalendar=*-*-01 01:20:00
+OnCalendar=*-*-01 01:00:00
 Persistent=true
 [Install]
-WantedBy=timers.target</code>
+WantedBy=timers.target
+# End</code>
 ===== Backup =====
-  * This backs up an archive to the local disk and [[distros:ubuntu_server#nas_backups | to a NAS]]
+  * This backs up an archive to the local disk and to a NAS
 ==== Service ====
+  * :!: The extra ''ExecStart''s are additional backup locations that expect [[servers:vsftpd|vsftpd]]
   mkdir -p ~/'backups' && sudo -e '/etc/systemd/system/wiki-fb.service' && sudo sed -i 's/CHANGEME/'$USER'/g' '/etc/systemd/system/wiki-fb.service'
@@ Line 234: / Line 258: @@
 Type=oneshot
 WorkingDirectory=/var/www/wiki
-ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -cvzf "/home/CHANGEME/backups/dokuwiki-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "data/pages" "data/meta" "data/media" "data/media_meta" "data/attic" "data/media_attic" "conf"'
+ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/home/CHANGEME/backups/dokuwiki-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "data/pages" "data/meta" "data/media" "data/media_meta" "data/attic" "data/media_attic" "conf"'
-ExecStartPost='/usr/bin/sync'</code>
+#ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/srv/ftp/nas1/espionage724/Servers/Scheduled Backups/dokuwiki-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "data/pages" "data/meta" "data/media" "data/media_meta" "data/attic" "data/media_attic" "conf"'
+#ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -czf "/srv/ftp/nas2/Servers/Scheduled Backups/dokuwiki-files-auto-"$$(date +%%Y-%%m-%%d)".tar.gz" "data/pages" "data/meta" "data/media" "data/media_meta" "data/attic" "data/media_attic" "conf"'
+ExecStartPost='/usr/bin/sync'
+# End</code>
 ==== Timer ====
-  * Every day at ''01:50:00''
+  * Every day at ''01:30:00''
   sudo -e '/etc/systemd/system/wiki-fb.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'wiki-fb.timer' --now && sudo systemctl start 'wiki-fb' && sudo systemctl status 'wiki-fb' -l
@@ Line 248: / Line 276: @@
 [Timer]
-OnCalendar=*-*-* 01:50:00
+OnCalendar=*-*-* 01:30:00
 Persistent=true
 [Install]
-WantedBy=timers.target</code>
+WantedBy=timers.target
+# End</code>
 ====== Backup ======
@@ Line 272: / Line 302: @@
 ****
-  scp espionage724@192.168.1.153:~/'dokuwiki-files-'*'.tar.gz' ~/'Downloads' && sync
+  scp espionage724@192.168.1.152:~/'dokuwiki-files-'*'.tar.gz' ~/'Downloads' && sync
 ====== Restore ======
@@ Line 282: / Line 312: @@
 ****
-  scp ~/'Downloads/dokuwiki-files-'*'.tar.gz' espionage724@192.168.1.153:~
+  scp ~/'Downloads/dokuwiki-files-'*'.tar.gz' espionage724@192.168.1.152:~
 ==== Remove Archive ====
@@ Line 308: / Line 338: @@
 ****
-  cd '/var/www/wiki' && sudo tar -xvzf ~/'dokuwiki-files-'*'.tar.gz' 'data/pages' 'data/meta' 'data/media' 'data/media_meta' 'data/attic' 'data/media_attic' 'conf' && sudo chown -R 'nginx':'nginx' '/var/www/wiki' && cd ~ && sync
+  cd '/var/www/wiki' && sudo tar -xvzf ~/'dokuwiki-files-'*'.tar.gz' 'data/pages' 'data/meta' 'data/media' 'data/media_meta' 'data/attic' 'data/media_attic' 'conf' && sudo restorecon -F -I -R '/var/www/wiki' && sudo chown -R 'nginx':'nginx' '/var/www/wiki' && cd ~ && sync
-==== SELinux ====
-  sudo semanage fcontext --deleteall "/var/www/wiki(/.*)?"
-  sudo semanage fcontext --add --type 'httpd_sys_rw_content_t' "/var/www/wiki(/.*)?"
-  sudo restorecon -R -v '/var/www/wiki'
 ==== Start nginx ====
@@ Line 329: / Line 351: @@
   rm -R ~/'dokuwiki-files-'*'.tar.gz' && sync