Mediawiki/en

De TechShareRoom wiki

What is it?

MediaWiki is open source software used to create collaborative online wikis. It's the same software that powers projects like Wikipedia, Wikimedia Commons, and Wiktionary. Originally developed by the Wikimedia Foundation, MediaWiki is highly customizable and allows users to collaboratively create, edit, and organize content on a website. It offers features such as the ability to create pages, internal and external links, text formats, and the ability to collaborate with other users through editing and discussing pages. Additionally, MediaWiki also includes advanced features such as access control, version management, and the ability to embed multimedia content.

The ideal is to host it on a server that has 24 hours of high availability, although it can also be installed locally for testing and later migrated to an external server.

Installation Types

It can be installed in several ways:

  • With a script that installs everything in the traditional way. This is very difficult and laborious, it is worth putting it here in the future
  • With a script that deplys a container that integrates it. With docker, for example, it will also be available soon.
  • Traditionally, manually, step by step. This is the way we are going to deal in the short term.
    • We are going to install it manually on an external server in this case with the Ubuntu 22.04 LTS version. Most of the steps are the same for previous and later versions, but with this version we can guarantee that it works 100% or at least very close to that percentage because these steps have not been tested to the maximum and will require time both to improve and its testing, so it is open to free editing.

We are going to put Apache, MySQL, PHP and Webmin. You can also use NGINX instead of Apache, but for now we will use Apache as it is the way that has been tested.

Installing the traditional way with Apache

We assume that you have access with administrator permissions to an Ubuntu server via ssh.

Preliminaries

sudo su

Now you have to execute the next scripts.

#!/bin/bash

#Upgrade system
apt update & apt upgrade -y

#Install ufw and configure it. 
apt install -y ufw
ufw allow 22
ufw allow 80
ufw allow 443
ufw allow 10000
ufw enable

#Enable extra firewall rules manually on your server, for example in Oracle Server this is necessary.

Webmin

#!/bin/bash

apt install -y software-properties-common apt-transport-https

wget https://raw.githubusercontent.com/webmin/webmin/master/setup-repos.sh
chmod +x setup-repos.sh
sh setup-repos.sh
apt install -y --install-recommends webmin

#Configure user login
username="admin"
password="YOURPASSWORD"

echo "${username}:${password}:0" >> /etc/webmin/miniserv.users
/usr/share/webmin/changepass.pl /etc/webmin ${username} ${password}
echo "${username}: acl adsl-client apache at backup-config bacula-backup bandwidth bind8 change-user cluster-copy cluster-cron cluster-passwd cluster-shell cluster-software cluster-useradmin cluster-usermin cluster-webmin cpan cron custom dfsadmin dhcpd dovecot exim exports fail2ban fdisk fetchmail filemin filter firewall firewall6 firewalld fsdump heartbeat htaccess-htpasswd idmapd inetd init inittab ipfilter ipfw ipsec iscsi-client iscsi-server iscsi-target iscsi-tgtd krb5 ldap-client ldap-server ldap-useradmin logrotate logviewer lpadmin lvm mailboxes mailcap man mount mysql net nis openslp package-updates pam pap passwd phpini postfix postgresql ppp-client pptp-client pptp-server proc procmail proftpd qmailadmin quota raid samba sarg sendmail servers shell shorewall shorewall6 smart-status smf software spam squid sshd status stunnel syslog-ng syslog system-status tcpwrappers time tunnel updown useradmin usermin webalizer webmin webmincron webminlog xinetd xterm" >> /etc/webmin/webmin.acl
systemctl restart webmin
systemctl status webmin

Apache

#!/bin/bash

apt install -y apache2

## Put YOURAPACHEFILE.conf in /etc/apache2/sites-available and enable with:

#a2ensite YOURAPACHEFILE.conf #enable site conf
#a2dissite 000-default.conf #disable a site conf
#a2enmod rewrite
#systemctl restart apache2

Apache file conf example

Located on /etc/apache2/sites-available

You have to replace 000-default.conf with YOURAPACHEFILE.conf

<VirtualHost *:80>
        ServerName domain.com
        ServerAlias www.domain.com
        Alias /wiki /var/www/html/wiki/index.php
		DocumentRoot /var/www/html/wiki

<Directory /var/www/>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
</Directory>
<Files xmlrpc.php> 
order deny,allow 
deny from all 
</Files>
RewriteEngine On
RewriteOptions inherit
RewriteCond %{HTTP_HOST} ^domain\.com
RewriteRule ^(.*)$ https://www.domain.com$1 [R=permanent,L]
RewriteCond %{SERVER_NAME} =www.domain.com [OR]
RewriteCond %{SERVER_NAME} =domain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

<IfModule mod_ssl.c>
<VirtualHost *:443>
        ServerName domain.com
        ServerAlias www.domain.com
        Alias /wiki /var/www/html/wiki/index.php
        DocumentRoot /var/www/html/wiki
<Directory /var/www/>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
</Directory>
<Files xmlrpc.php> 
order deny,allow 
deny from all 
</Files>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.domain\.com [NC]
RewriteRule ^(.*)$ https://domain.com$1 [L,R=301]
RedirectMatch ^/$ /domain/
SSLEngine on
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.com/privkey.pem
</VirtualHost>
</IfModule>

Cert

#!/bin/bash
apt install -y snapd
snap install core
snap refresh core
snap install --classic certbot
ln -s /snap/bin/certbot /usr/bin/certbot

certbot --apache -d DOMAINNAME.com -d www.DOMAINNAME.com

MYSQL

#!/bin/bash

apt install -y mysql-server

#configure mysql
##way 1
mysql -u root -p #Entering with blank password
sudo mysql
SELECT user,plugin,host FROM mysql.user WHERE user = 'root';
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'YOURPASSWORD';
FLUSH PRIVILEGES;
exit
#Now to enter you can use
#mysql -u root -pYOURPASSWORD

##way 2
mysql_secure_installation
#Now to enter you can use
#mysql -u root -pYOURPASSWORD

#create database
mysqladmin -uroot -pYOURPASSWORD create WIKIDATABASENAME

PHP + phpMyAdmin

#!/bin/bash
apt install -y php-cli php-fpm php-json php-common php-mysql php-zip php-gd php-mbstring php-curl php-xml php-pear php-bcmath libapache2-mod-php phpmyadmin php-intl

#Option YES
#password for "phpmyadmin" -> Left blank.

To access phpMyAdmin:

  • With SSL

https://domain.com/phpmyadmin

  • Without SSL

http://IP/phpmyadmin

Mediawiki

#!/bin/bash

major_release="1.41"
minor_release="1.41.0"
extract_folder="wiki"

wget https://releases.wikimedia.org/mediawiki/${major_release}/mediawiki-${minor_release}.tar.gz
tar xvzf mediawiki-${minor_release}.tar.gz -C /var/www/html/${extract_folder} --strip-components=1
rm mediawiki-${minor_release}.tar.gz

#Mediawiki permissions
chown -R www-data:www-data /var/www/html/${extract_folder}
chmod -R 755 /var/www/html/${extract_folder}

Different ways to access installed Mediawiki:

  • With SSL

https://domain.com

https://domain.com/wiki

  • Without SSL

http://IP

http://IP/wiki

Extra Scripts

Upgrade Mediawiki

#!/bin/bash
major_release="1.41"
minor_release="1.41.0"

wget https://releases.wikimedia.org/mediawiki/${major_release}/mediawiki-${minor_release}.tar.gz
tar xvzf mediawiki-${minor_release}.tar.gz -C /var/www/html/${extract_folder} --strip-components=1
rm mediawiki-${minor_release}.tar.gz
cd /var/www/html/${extract_folder}/maintenance
php update.php

Backup+Upgrade+Delete old backups Mediawiki

Resources