Wednesday, November 20, 2024
Google search engine
HomeGuest BlogsInstall DokuWiki on CentOS 7 with Let’s Encrypt SSL

Install DokuWiki on CentOS 7 with Let’s Encrypt SSL

This guide will take you through steps to Install DokuWiki behind nginx and Let’s Encrypt SSL certificate on CentOS 7 Linux. But before we can do any installation, I’ll assume you have a newly provisioned CentOS 7 Linux server that you need to do some pre-requisites prior to setting up DokuWiki.

Set server hostname. It is recommended to map IP address to the FQDN used in your DNS server.

sudo hostnamectl set-hostname wiki.mydomain.com

Also consider setting correct timezone:

sudo timedatectl set-timezone Region/Country
#Example:
sudo timedatectl set-timezone Africa/Nairobi

Sync time using NTP server

sudo yum -y install chrony
sudo systemctl enable --now chronyd
sudo chronyc sources

Step 1: Update system and install Development tools

It is recommended to ensure all system packages are updated:

sudo yum -y update
sudo yum -y install git vim bash-completion curl wget unzip tar

Reboot your server for new changes like kernel to take effect:

sudo reboot

Step 2: Add EPEL and Remi repository for php 7.x

Once the server is up after a reboot, proceed to install all required php modules including php fpm used by Nginx. But first, you’ll need to add epel and remi repositories to the system:

sudo yum -y install epel-release yum-utils
sudo yum -y install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
sudo yum clean all && sudo yum makecache fast
sudo yum-config-manager --disable remi-php54
sudo yum-config-manager --enable remi-php74

Step 3: Install php and required extensions

Install php 7.x by running the following commands:

sudo yum -y install php-cli php-fpm php-mysql php-zip php-ldap php-devel php-gd php-mcrypt php-mbstring php-curl php-xml php-pear php-bcmath

This should provide all the modules required by DokuWiki. Check your php version:

$ php -v
PHP 7.4.28 (cli) (built: Feb 15 2022 13:23:10) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies

Step 4: Download DokuWiki and extract

Before downloading any version of DokuWiki, check Github releases page for the latest stable release.

wget https://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz

Extract DokuWiki archive using tar

tar xvf dokuwiki-stable.tgz
sudo mkdir -p /var/www/html/ 
sudo mv dokuwiki-*/ /var/www/html/dokuwiki

Step 5: Install certbot

We will request for SSL certificate using certbot. Install it as below:

sudo yum -y install epel-release
sudo yum -y install vim certbot python2-certbot-nginx

Once downloaded, open http and https ports on the firewall if you have an active firewall service:

sudo firewall-cmd --add-service {http,https} --permanent

Step 6: Configure Nginx Web server (non https)

Install nginx web server

sudo yum -y install nginx

Create new configuration file:

sudo vim /etc/nginx/conf.d/dokuwiki.conf

Let’s add configuration block without HTTPS, while replacing wiki.mydomain.com with your actual domain name.

server {
 listen 80;
 server_name wiki.mydomain.com;
 root /var/www/html/;

 access_log /var/log/nginx/dokuwiki.access.log;
 error_log /var/log/nginx/dokuwiki.error.log;
 index index.html index.php doku.php;

 location / {
   try_files $uri $uri/ @dokuwiki;
 }

 location @dokuwiki {
   rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
   rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
   rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
   rewrite ^/(.*) /doku.php?id=$1 last;
 }

 location ~ /(data|conf|bin|inc)/ {
   deny all;
 }

 location ~* \.(css|js|gif|jpe?g|png)$ {
   expires 1M;
   add_header Pragma public;
   add_header Cache-Control "public, must-revalidate, proxy-revalidate";
 }

 location ~ \.php$ {
   fastcgi_split_path_info ^(.+\.php)(/.+)$;
   fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
   fastcgi_index index.php;
   include fastcgi_params;
   fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
   fastcgi_intercept_errors off;
   fastcgi_buffer_size 16k;
   fastcgi_buffers 4 16k;
 }

 location ~ /\.ht {
   deny all;
 }
}

Check Nginx configuration syntax:

$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Set data directory permissions:

sudo chown -R nginx:nginx /var/www/html/

If SELinux is enforcing configure labels correctly:

sudo yum -y install policycoreutils-python
sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?"
sudo restorecon -Rvv /var/www/html

Access DokuWiki web portal on http://wiki.mydomain.com

Configure php-fpm and start nginx/php-fpm

Now that we have nginx configured, let’s also configure php-fpm. Open the file:

sudo vim /etc/php-fpm.d/www.conf

Configure below parameters on the file as specified:

user = nginx
group = nginx
listen = /var/run/php-fpm/php-fpm.sock
listen.owner = nginx
listen.group = nginx
listen.mode = 0660

Start and enable nginx and php-fpm services:

sudo systemctl restart php-fpm nginx
sudo systemctl enable php-fpm nginx

Check service status and access DokuWiki web interface on http://wiki.mydomain/install.php

Step 7: Configure Let’s Encrypt SSL (Optional)

Request for Let’s Encrypt SSL certificate

sudo certbot --nginx -d wiki.mydomain.com

Sample output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Requesting a certificate for wiki.mydomain.com
Deploying Certificate to VirtualHost /etc/nginx/conf.d/dokuwiki.conf
Redirecting all traffic on port 80 to ssl in /etc/nginx/conf.d/dokuwiki.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://wiki.mydomain.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/wiki.mydomain.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/wiki.mydomain.com/privkey.pem
   Your certificate will expire on 2022-07-01. To obtain a new or
   tweaked version of this certificate in the future, simply run
   certbot again with the "certonly" option. To non-interactively
   renew *all* of your certificates, run "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Step 8: Configure DokuWiki on CentOS 7

Start DokuWiki configuration by opening the link: http://wiki.mydomain/install.php, you will get the installation page like below:

install dokuwiki ubuntu 18.04 01

Provide admin user details, under,Initial ACL policy choose your policy from one of:

  • Open Wiki – Open for everyone
  • Public Wiki – read for all, uploads and edits for registered users
  • Closed Wiki – Access only for registered users

Check whether you want to Allow users to register themselves

When done, click Save. The wiki page should now be ready.

install dokuwiki ubuntu 18.04 02

Click “your new DokuWiki” to get to DokuWiki home page.

Step 9: Adding users to DokuWiki

If you had selected “Closed Wiki | Public” as your ACL policy, you will be given login page for edits. Log in with admin account you created earlier to start adding other users to the system:

install dokuwiki ubuntu 18.04 login

Click “Admin” icon at the top of the page, this will take you to admin page:

dokuwiki add user acl

Click on “User Manager” to get add user page:

dokuwiki add users 02

Add User details and click “Add” button. After adding a user, you can assign ACL on “Access Control List Management” page.

dokuwiki add user acl

Select from given Permissions.

dokuwiki user permissions

Related Articles

RELATED ARTICLES

Most Popular

Recent Comments