This tutorial I will show you how to install and configure the latest version DokuWiki CMS platform on Debian 9.2 release, in order to create online documentation websites.
DokuWiki is a free open source wiki application written completely in the PHP programming language and often deployed in Linux under Apache/Nginx web servers and PHP.
DokuWiki software platform requires no RDBMS SQL database to run. In exchange, it uses simple plain text files as backend in order to store all data. DokuWiki is a simple and flexible platform with a clean syntax that can be successfully used to deploy powerful and collaborative documentation websites.
Requirements
- Minimal installation of debian 9 on a bare-metal server machine or on a virtual private server.
- sudo root privileges for a local or remote account or direct access to root account.
- A static IP address configured for one of your system network interfaces cards.
- A domain name, private or public, depending on your deployment, with the proper DNS records configured for web services. If don’t have a valid or a registered domain name you can perform the installation and access the website via your server IP address.
- If you want to use website registration, mail order confirmations and other features, you should have a running mail server properly configured at your premises with remote access to its .IMAP and SMTP services.
Pre-Requirements
Before starting to install and configure DokuWiki from sources in your own server, first assure the system meets all the software requirements for compiling and installing the application. In the first step, update your system repositories and software packages by issuing the following command.
apt update
apt upgrade
On the next step, execute the following command in order to install some necessary utilities that will be used to further manage your system from the command line.
apt install wget bash-completion zip unzip curl
After the system has been fully updated and the required utilities to manage your server have been installed, setup the name for your system by executing the following command (replace your hostname variable accordingly).
hostnamectl set-hostname www.mywiki.com
Verify machine hostname and hosts file by issuing the below commands.
hostnamectl
cat /etc/hostname
hostname –s
hostname –f
Next, install the ImageMagick software, required by DokuWiki to create image thumbnailing by issuing the following command.
apt install imagemagick
Finally, reboot Debian server in order to apply kernel updates and the hostname changes properly.
init 6
DokuWiki is a web-based CMS wiki platform written in PHP server-side programming language. In order to execute the PHP file scripts of the application, a web server, such as Apache HTTP server, and a PHP processing gateway must be installed and operational in the system. In order to install Apache web server and the PHP interpreter alongside all required PHP modules needed by the application to run properly, issue the following command in your server console.
apt install apache2 libapache2-mod-php7.0 php7.0 php7.0-curl php7.0-gd php7.0-opcache php7.0-json php7.0-mbstring php7.0-intl php-imagick php7.0-xml
After Apache and PHP has been installed, test if the web server is up and running and listening for network connections on port 80 by issuing the following command with root privileges.
netstat –tlpn
In case the netstat network utility is not installed by default on your Debian system, execute the following command to install it.
apt install net-tools
By inspecting the netstat command output you can see the Apache web server is listening for incoming network connections on port 80. For the same task, you can also use the ss command, which is automatically installed by default in Debian 9.
ss- tulpn
In case you have a firewall enabled on your system, such as UFW firewall application, you should add a new rule to allow HTTP traffic to pass through the firewall by issuing the following command.
ufw allow WWW
or
ufw allow 80/tcp
If you’re using iptables raw rules to manage Firewall rules on your Debian server, add the following rules to allow port 80 inbound traffic on the firewall so that visitors can browse your wiki application.
apt-get install -y iptables-persistent
iptables -I INPUT -p tcp --destination-port 80 -j ACCEPT
iptables -I INPUT -p tcp --destination-port 22 -j ACCEPT
netfilter-persistent save
systemctl restart netfilter-persistent
systemctl status netfilter-persistent
systemctl enable netfilter-persistent.service
Next, enable and apply the following Apache module required by the the web application to activate the weboot .htaccess files. Run the following commands:
a2enmod rewrite
systemctl restart apache2
Finally, test if the Apache web server default web page can be displayed in your client’s browsers by visiting your Debian machine IP address or your domain name or server FQDN via HTTP protocol, as shown in the image below. If you don’t know your machine’s IP address, execute ifconfig or ip a command to reveal the IP address of your server.
In order to install and access DowuWiki web admin panel backend and the frontend website via HTTPS protocol that will secure the traffic for your clients, issue the following command to enable Apache web server SSL module and SSL site configuration file.
a2enmod ssl
a2ensite default-ssl.conf
Next, open Apache default SSL site configuration file with a text editor and enable URL rewrite rules by adding the following lines of code after DocumentRoot directive. Run the following command:
nano /etc/apache2/sites-enabled/default-ssl.conf
SSL site configuration file excerpt:
Options FollowSymlinks
AllowOverride All
Require all granted
Also, make the following change to VirtualHost line to make it look like the way it’s shown in the excerpt below:
Close the SSL Apache file and open the /etc/apache2/sites-enabled/000-default.conf file for editing and add the same URL rewrite rules for SSL configuration file. Insert the lines of code after DocumentRoot statement as shown in the following example.Advertisement
Options FollowSymlinks
AllowOverride All
Require all granted
Finally, restart Apache daemon to apply all rules configured so far and visit your domain via the HTTP protocol. Because you’re using the automatically Self-Signed certificates pairs issued by Apache at installation, a certificate that is untrusted by the browser, an error warning should be displayed in the browser.
systemctl restart apache2
Accept the warning in order to accept the untrusted certificate and continue to be redirected to Apache default web page, as illustrated in the image below.
In case the UFW firewall application blocks incoming network connections to HTTPS port, you should add a new rule to allow HTTPS traffic to pass through firewall by issuing the following command.
ufw allow ‘WWW Full’
or
ufw allow 443/tcp
If iptables is the default firewall application installed to protect your Debian system at the network level, add the following rule to allow port 443 inbound traffic in the firewall so that visitors can browse your domain name.
iptables -I INPUT -p tcp --destination-port 443 -j ACCEPT
netfilter-persistent save
systemctl restart netfilter-persistent
systemctl status netfilter-persistent
On the next step, we need to make some further changes to PHP default configuration file in order to assure that the following PHP variables are enabled and the PHP timezone setting is correctly configured and matches your system geographical location. Open /etc/php/7.0/apache2/php.ini file for editing and make sure that the following lines are setup as shown. Also, initially, make a backup of the PHP configuration file.
cp /etc/php/7.0/apache2/php.ini{,.backup}
nano /etc/php/7.0/apache2/php.ini
Search, edit and change the following variables in php.ini configuration file:
file_uploads = On
default_charset = UTF-8
memory_limit = 128M
max_execution_time = 300
upload_max_filesize = 100M
short_open_tag = Off
output_buffering = Off
output_handler =
zlib.output_compression = Off
implicit_flush = Off
max_input_time = 60
max_input_vars = 10000
error_reporting = E_ALL & ~E_NOTICE
display_startup_errors = Off
log_errors = On
variables_order = “EGPCS”
register_argc_argv = Off
session.use_cookies = 1
date.timezone = Europe/London
Increase upload_max_file_size variable as suitable to support large file attachments and replace the time.zone variable accordingly to your physical time by consulting the list of time zones provided by PHP docs at the following link http://php.net/manual/en/timezones.php
If you want to increase the load speed of your website pages via OPCache plugin available for PHP7, append the following OPCache settings at the bottom of the PHP interpreter configuration file, as detailed below:
[opcache]
opcache.enable=1
opcache.enable_cli=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1
Close the php.ini configuration and restart apache daemon to apply the new changes by issuing the following command.
systemctl restart apache2
Finally, create a PHP info file by executing the following command and check if the PHP time zone has been correctly configured by visiting the PHP info script file from a browser at the following URL, as illustrated in the below image. Scroll down to date setting to check PHP time zone configuration.
echo ''| tee /var/www/html/info.php
Install DokuWiki
After all system requirements are met for installing your wiki documentation CMS, visit DokuWiki official download page at https://download.dokuwiki.org/ and grab the latest stable zip package compressed archive in your system by issuing the following command.
wget https://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz
After the zip archive download finishes, extract the DokuWiki zip archive file to your current working directory and list the extracted files by issuing the following commands. Also, remove the default index.html file installed by Apache web server to webroot path and also delete the info.php file created earlier.
tar xzvf dokuwiki-stable.tgz
ls
rm /var/www/html/index.html
rm /var/www/html/info.php
The installation files of DokuWiki are located in your current working directory in dokuwiki-2017-20-19e directory. Issue the ls command to list the extracted directory files. Copy all the content of the extracted directory to your web server document root path by issuing the command below. Also, make sure you copy the hidden file .htaccess to HTTP server webroot path.
ls dokuwiki-2017-02-19e/
cp -rf dokuwiki-2017-02-19e/* /var/www/html/
cp dokuwiki-2017-02-19e/.htaccess.dist /var/www/html/
Next, execute the following commands in order to grant Apache runtime user with full write permissions to the web root path. Use the ls command to list permissions for application’s installed files located in the /var/www/html/ directory.
chown -R www-data:www-data /var/www/html/
ls –al /var/www/html/
Next, proceed with DokuWiki installation process by opening a browser and navigate your server’s IP address or domain name or server FQDN via HTTPS protocol and open install.php script.
https://yourdomain.tld/install.php
On the first installation script, add the name of your wiki platform and check Enable ACL. Supply a wiki superuser account name, the real name, and the email address of the superuser account, and choose a strong password to protect the superuser account.
Next, select Public Wiki (read for everyone, write and upload for registered users) as your initial ACL policy and uncheck Allow users to register themselves in order to disable wiki registration process for visitors. Also, select your favorite content license from the presented options and uncheck the option to send anonymous data to DokuWiki developers once a month.
When you finish, hit on Save button to apply the configuration.
On the next screen, the installer will inform you that your previous configurations had been successfully saved to the DokuWiki configuration file located in your web server document root path, and you can delete the installation file.
Before logging in to your wiki CMS backend admin panel, return to the server console and issue the following commands to delete the installation file and secure DokuWiki system configuration files.
rm -rf /var/www/html/install.php
chown -R root:root /var/www/html/
chown -R www-data:root /var/www/html/data/
chown -R www-data:root /var/www/html/lib/plugins/
chown -R www-data:root /var/www/html/lib/tpl/
chown -R www-data:root /var/www/html/conf/local.php*
chown -R www-data:root /var/www/html/conf/users.auth.php
chown -R www-data:root /var/www/html/conf/acl.auth.php
chown -R www-data:root /var/www/html/conf/plugins.local.php*
In order to visit your wiki application frontend, just navigate to your server IP address or domain name via HTTPS protocol and the default DokuWiki will be displayed as illustrated in the below screenshot.
To manage the DokuWiki platform, click on top Log In link and use the credentials configured during the installation process in order to log in to DokuWiki backend admin panel – as shown in the screenshot below.
To further configure your wiki platform, hit on top Admin button and use the Administration links to manage users, ACL, extensions, template style settings or other custom settings.
Finally, to force visitors to browse the wiki website and to securely access the backend interface via HTTPS protocol in order to encrypt the traffic between the server and client browsers, return to your server’s terminal and open the .htaccess file located in your website document root path, by issuing the following commands.
cp /var/www/html/.htaccess.dist /var/www/html/.htaccess
nano /var/www/html/.htaccess
Then, edit the .htaccess file and at the bottom of the file, you can change the native PHP server settings with the below configurations. Modify the PHP settings to match your own server resources and configurations.
.htaccess file excerpt:
# Modify PHP settings
php_value session.use_trans_sid 0
php_value register_globals 1
php_value upload_max_filesize 100M
php_value post_max_size 100M
Finally, add the following rules in the .htaccess file in order to automatically redirect domain traffic to HTTPS.
# Redirect to HTTPS for all pages including the main web page
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]Options -Indexes
In case you want to redirect to https only the login, profile and admin pages, replace the above redirect rules with the ones shown below. In this case, the main page of your wiki website will not be redirected to https protocol.
# Switch to HTTPS on login, profile and admin actions
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteCond %{QUERY_STRING} do=(log|profile|admin)
RewriteRule ^(.*) https://%{HTTP_HOST}/$1 [R,QSA,L,NE]
That’s all! You have successfully installed and configured DokuWiki platform in Debian 9.2. However, because the Apache HTTP server uses Self-Signed certificates to encrypt the traffic between the server and visitors’ browsers, a warning message will always be generated and displayed in their browsers. This warning is bad for your website reputation and SEO. In this case, you should buy a certificate issued by a trusted Certificate Authority or get a free certificate pair from Let’s Encrypt CA.
For other custom configurations regarding DokuWiki, visit the documentation page at the following address: https://www.dokuwiki.org/dokuwiki
