X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;f=Mediawiki_Setup_Guide;h=81f4d62dba3c76fa4b9d577331ebd4355f3ee661;hb=fb8c514f359f6fcb443d774c3c305f804a853857;hp=6acc2432992fd4978b098db1a47ce6a3237a3553;hpb=2631a87ebcd3c7b743d968cf3d1f67fa2b0254db;p=mediawiki-setup diff --git a/Mediawiki_Setup_Guide b/Mediawiki_Setup_Guide index 6acc243..81f4d62 100644 --- a/Mediawiki_Setup_Guide +++ b/Mediawiki_Setup_Guide @@ -66,7 +66,7 @@ export mwdescription="REPLACE_ME" # eg. Opinionated Free Software Wiki export wikiuser="REPLACE_ME" export wikipass=REPLACE_ME -# root password for the mysql database +# root & user password for the mysql database export dbpass=REPLACE_ME export mwdomain=REPLACE_ME # domain name. for this site, it's ofswiki.org @@ -264,18 +264,26 @@ else fi -# slightly different depending on if we already set the root pass -if echo exit|mysql -u root -p"$dbpass"; then - # answer interactive prompts: - # mysql root pass, change pass? no, remove anon users? (default, yes) - # disallow remote root (default, yes), reload? (default, yes) - echo -e "$dbpass\nn\n\n\n\n" | mysql_secure_installation -else - # I had 1 less newline at the start when doing ubuntu 14.04, +# skip if we already set the root pass and are on pre-debian 9. +if ! echo exit|mysql -uroot "-p$dbpass"; then + # Note: we set a root password here, but in debian 9+, it is ignored; + # only the local user root can login, and any password is accepted. + # We answer these interactive prompts: + # Enter current password for root (enter for none): + # Set root password? [Y/n] + # New password: + # Re-enter new password: + # Remove anonymous users? [Y/n] + # Disallow root login remotely? [Y/n] + # Remove test database and access to it? [Y/n] + # Reload privilege tables now? [Y/n] + # Note, I had 1 less newline at the start when doing ubuntu 14.04, # compared to debian 8, so can't say this is especially portable. - # It won't hurt if it fails. echo -e "\n\n$dbpass\n$dbpass\n\n\n\n\n" | mysql_secure_installation fi +mysql -uroot "-p$dbpass" < @@ -321,12 +329,12 @@ cd .. # Drop any previous database which may have been installed while testing. # If upgrading, we should have a db backup which will get restored. # https://www.mediawiki.org/wiki/Manual:Upgrading -mysql -u root -p$dbpass <<'EOF' ||: +mysql -uroot "-p$dbpass" <<'EOF' ||: drop database my_wiki; exit EOF php $mw/maintenance/install.php --pass $wikipass --scriptpath /w \ - --dbuser root --dbpass $dbpass "$mwdescription" "$wikiuser" + --dbuser wikiuser --dbpass $dbpass "$mwdescription" "$wikiuser" teeu $mwc <<'EOF' # lock down the wiki to only the initial owner until anti-spam measures are put in place # limit edits to registered users @@ -383,14 +391,12 @@ Here, we use some scripts automate setting up the Let 's Encrypt cert and the apache config. -temp=$(mktemp -d) -cd $temp -git_site=https://iankelling.org/git l=$mw/../../logs mkdir -p $l - -git clone $git_site/basic-https-conf -basic-https-conf/web-conf -r ${mw%/*} - apache2 $mwdomain <\n $(< $line)\n"; done +} | basic-https-conf/web-conf -r ${mw%/*} - apache2 $mwdomain cd rm -rf $temp @@ -970,7 +977,7 @@ ssh $o root@$mwdomain < @@ -1119,3 +1126,5 @@ This means the code is compatible with gplv3. * Get Visual editor extension. * Don't require registration for edits +* Take a look at the new debian mediawiki package's apache conf +* For perf, translate extensions allow/deny directives, and set AllowOverride None in apache.conf