X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;f=Mediawiki_Setup_Guide;h=ff7ee77a976dcc1fbc7e7a490847afb0a7f905d2;hb=ab8c0dee45e63d3216aace79c9d96bec53d9e28b;hp=6acc2432992fd4978b098db1a47ce6a3237a3553;hpb=2631a87ebcd3c7b743d968cf3d1f67fa2b0254db;p=mediawiki-setup
diff --git a/Mediawiki_Setup_Guide b/Mediawiki_Setup_Guide
index 6acc243..ff7ee77 100644
--- a/Mediawiki_Setup_Guide
+++ b/Mediawiki_Setup_Guide
@@ -22,10 +22,10 @@
'''Version Support'''
Very minor adjustments needed for other distros. Help expand this list.
-* Mediawiki 1.28, updated as new versions are released
+* Mediawiki 1.28, 1.27 support is planned to be re-added.
* Debian 8 + backports
* Debian 8
-* Debian testing (last tested Aug 7, 2016)
+* Debian stretch
Pre 5/2016 revisions ran Mediawiki 1.23, tested on Fedora 20 and Ubuntu 14.04.
@@ -39,8 +39,12 @@ The most common route and the one taken by this site is buying a domain name fro
For debian jessie with backports:
-apt-get install --install-suggests jessie-backports certbot
+# if we have jessie-backports, we need to use it.
+if ! apt-get install -t jessie-backports certbot python-certbot-apache; then
+ apt-get install certbot python-certbot-apache
+fi
+
For other distros, follow instructions at [https://certbot.eff.org/ certbot.eff.org].
'''Email Setup'''
@@ -66,7 +70,7 @@ export mwdescription="REPLACE_ME" # eg. Opinionated Free Software Wiki
export wikiuser="REPLACE_ME"
export wikipass=REPLACE_ME
-# root password for the mysql database
+# root & user password for the mysql database
export dbpass=REPLACE_ME
export mwdomain=REPLACE_ME # domain name. for this site, it's ofswiki.org
@@ -230,8 +234,12 @@ if isdeb; then
apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install -y imagemagick curl
if apt-get install -s mediawiki &>/dev/null; then
- # mediawiki is packaged in jessie backports.
- DEBIAN_FRONTEND=noninteractive apt-get -y install php5-apcu mediawiki
+ apcu=php5-apcu
+ if apt-get install -s php7.0-apcu &>/dev/null; then
+ apcu=php7.0-apcu
+ fi
+ # mediawiki is packaged in jessie backports & stretch
+ DEBIAN_FRONTEND=noninteractive apt-get -y install $apcu mediawiki
else
# https://www.mediawiki.org/wiki/Manual:Installation_requirements
if apt-get install -s php7.0 &>/dev/null; then
@@ -264,18 +272,26 @@ else
fi
-# slightly different depending on if we already set the root pass
-if echo exit|mysql -u root -p"$dbpass"; then
- # answer interactive prompts:
- # mysql root pass, change pass? no, remove anon users? (default, yes)
- # disallow remote root (default, yes), reload? (default, yes)
- echo -e "$dbpass\nn\n\n\n\n" | mysql_secure_installation
-else
- # I had 1 less newline at the start when doing ubuntu 14.04,
+# skip if we already set the root pass and are on pre-debian 9.
+if ! echo exit|mysql -uroot "-p$dbpass"; then
+ # Note: we set a root password here, but in debian 9+, it is ignored;
+ # only the local user root can login, and any password is accepted.
+ # We answer these interactive prompts:
+ # Enter current password for root (enter for none):
+ # Set root password? [Y/n]
+ # New password:
+ # Re-enter new password:
+ # Remove anonymous users? [Y/n]
+ # Disallow root login remotely? [Y/n]
+ # Remove test database and access to it? [Y/n]
+ # Reload privilege tables now? [Y/n]
+ # Note, I had 1 less newline at the start when doing ubuntu 14.04,
# compared to debian 8, so can't say this is especially portable.
- # It won't hurt if it fails.
echo -e "\n\n$dbpass\n$dbpass\n\n\n\n\n" | mysql_secure_installation
fi
+mysql -uroot "-p$dbpass" <
@@ -321,12 +337,12 @@ cd ..
# Drop any previous database which may have been installed while testing.
# If upgrading, we should have a db backup which will get restored.
# https://www.mediawiki.org/wiki/Manual:Upgrading
-mysql -u root -p$dbpass <<'EOF' ||:
+mysql -uroot "-p$dbpass" <<'EOF' ||:
drop database my_wiki;
exit
EOF
php $mw/maintenance/install.php --pass $wikipass --scriptpath /w \
- --dbuser root --dbpass $dbpass "$mwdescription" "$wikiuser"
+ --dbuser wikiuser --dbpass $dbpass "$mwdescription" "$wikiuser"
teeu $mwc <<'EOF'
# lock down the wiki to only the initial owner until anti-spam measures are put in place
# limit edits to registered users
@@ -383,14 +399,14 @@ Here, we use some scripts automate setting up the Let 's Encrypt cert and
the apache config.
-temp=$(mktemp -d)
-cd $temp
-git_site=https://iankelling.org/git
l=$mw/../../logs
mkdir -p $l
-
-git clone $git_site/basic-https-conf
-basic-https-conf/web-conf -r ${mw%/*} - apache2 $mwdomain <\n $(< $line)\n";
done
+} | basic-https-conf/web-conf -r ${mw%/*} - apache2 $mwdomain
cd
rm -rf $temp
@@ -505,7 +522,7 @@ EOF
# Make the toolbox go into the drop down.
cd $mw/skins/Vector
if ! git remote show ian-kelling &>/dev/null; then
- git remote add ian-kelling https://iankelling.org/git/forks/Vector
+ git remote add ian-kelling https://iankelling.org/git/mediawiki-sidebar-patch
fi
git fetch ian-kelling
git checkout ian-kelling/${mw_branch}-toolbox-in-dropdown
@@ -970,7 +987,7 @@ ssh $o root@$mwdomain <
@@ -1119,3 +1136,5 @@ This means the code is compatible with gplv3.
* Get Visual editor extension.
* Don't require registration for edits
+* Take a look at the new debian mediawiki package's apache conf
+* For perf, translate extensions allow/deny directives, and set AllowOverride None in apache.conf