(Grav GitSync) Automatic Commit from RealStickman
This commit is contained in:
parent
a83d08137b
commit
f7fa34a74f
301
pages/02.linux/11.wikijs/default.en.md
Normal file
301
pages/02.linux/11.wikijs/default.en.md
Normal file
@ -0,0 +1,301 @@
|
||||
---
|
||||
title: WikiJS
|
||||
---
|
||||
|
||||
`# apt install nginx podman nodejs`
|
||||
## Preparation
|
||||
Create a new network for the database and wikijs
|
||||
`$ podman network create wikijs`
|
||||
|
||||
## Database setup
|
||||
`# podman pull docker://postgres`
|
||||
|
||||
```
|
||||
# podman run -p 127.0.0.1:5432:5432 --name wikijsdb \
|
||||
-e POSTGRES_PASSWORD=wikijs \
|
||||
-e PGDATA=/var/lib/postgresql/data/pgdata \
|
||||
-v /mnt/postgres/wikijsdb:/var/lib/postgresql/data \
|
||||
-d docker.io/postgres
|
||||
```
|
||||
|
||||
`# podman exec -it wikijsdb bash`
|
||||
|
||||
`# psql -U postgres`
|
||||
|
||||
Create database used by wikijs
|
||||
`=# CREATE DATABASE wikijs;`
|
||||
|
||||
### Systemd Service
|
||||
Generate the systems service file following the [podman guide](/linux/services/podman)
|
||||
|
||||
## Wiki.JS Setup
|
||||
`$ cd /var`
|
||||
`# wget https://github.com/Requarks/wiki/releases/download/(version)/wiki-js.tar.gz`
|
||||
`# mkdir wiki`
|
||||
`# tar xzf wiki-js.tar.gz -C ./wiki`
|
||||
`$ cd ./wiki`
|
||||
|
||||
Move default config
|
||||
`# mv config.sample.yml config.yml`
|
||||
```
|
||||
#######################################################################
|
||||
# Wiki.js - CONFIGURATION #
|
||||
#######################################################################
|
||||
# Full documentation + examples:
|
||||
# https://docs.requarks.io/install
|
||||
|
||||
# ---------------------------------------------------------------------
|
||||
# Port the server should listen to
|
||||
# ---------------------------------------------------------------------
|
||||
|
||||
port: 3000
|
||||
|
||||
# ---------------------------------------------------------------------
|
||||
# Database
|
||||
# ---------------------------------------------------------------------
|
||||
# Supported Database Engines:
|
||||
# - postgres = PostgreSQL 9.5 or later
|
||||
# - mysql = MySQL 8.0 or later (5.7.8 partially supported, refer to docs)
|
||||
# - mariadb = MariaDB 10.2.7 or later
|
||||
# - mssql = MS SQL Server 2012 or later
|
||||
# - sqlite = SQLite 3.9 or later
|
||||
|
||||
db:
|
||||
type: postgres
|
||||
|
||||
# PostgreSQL / MySQL / MariaDB / MS SQL Server only:
|
||||
host: localhost
|
||||
port: 5432
|
||||
user: postgres
|
||||
pass: wikijs
|
||||
db: wikijs
|
||||
ssl: false
|
||||
|
||||
# Optional - PostgreSQL / MySQL / MariaDB only:
|
||||
# -> Uncomment lines you need below and set `auto` to false
|
||||
# -> Full list of accepted options: https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options
|
||||
sslOptions:
|
||||
auto: true
|
||||
# rejectUnauthorized: false
|
||||
# ca: path/to/ca.crt
|
||||
# cert: path/to/cert.crt
|
||||
# key: path/to/key.pem
|
||||
# pfx: path/to/cert.pfx
|
||||
# passphrase: xyz123
|
||||
|
||||
# SQLite only:
|
||||
storage: path/to/database.sqlite
|
||||
|
||||
#######################################################################
|
||||
# ADVANCED OPTIONS #
|
||||
#######################################################################
|
||||
# Do not change unless you know what you are doing!
|
||||
|
||||
# ---------------------------------------------------------------------
|
||||
# SSL/TLS Settings
|
||||
# ---------------------------------------------------------------------
|
||||
# Consider using a reverse proxy (e.g. nginx) if you require more
|
||||
# advanced options than those provided below.
|
||||
|
||||
ssl:
|
||||
enabled: false
|
||||
port: 3443
|
||||
|
||||
# Provider to use, possible values: custom, letsencrypt
|
||||
provider: custom
|
||||
|
||||
# ++++++ For custom only ++++++
|
||||
# Certificate format, either 'pem' or 'pfx':
|
||||
format: pem
|
||||
# Using PEM format:
|
||||
key: path/to/key.pem
|
||||
cert: path/to/cert.pem
|
||||
# Using PFX format:
|
||||
pfx: path/to/cert.pfx
|
||||
# Passphrase when using encrypted PEM / PFX keys (default: null):
|
||||
passphrase: null
|
||||
# Diffie Hellman parameters, with key length being greater or equal
|
||||
# to 1024 bits (default: null):
|
||||
dhparam: null
|
||||
|
||||
# ++++++ For letsencrypt only ++++++
|
||||
domain: wiki.yourdomain.com
|
||||
subscriberEmail: admin@example.com
|
||||
|
||||
# ---------------------------------------------------------------------
|
||||
# Database Pool Options
|
||||
# ---------------------------------------------------------------------
|
||||
# Refer to https://github.com/vincit/tarn.js for all possible options
|
||||
|
||||
pool:
|
||||
# min: 2
|
||||
# max: 10
|
||||
|
||||
# ---------------------------------------------------------------------
|
||||
# IP address the server should listen to
|
||||
# ---------------------------------------------------------------------
|
||||
# Leave 0.0.0.0 for all interfaces
|
||||
|
||||
bindIP: 0.0.0.0
|
||||
|
||||
# ---------------------------------------------------------------------
|
||||
# Log Level
|
||||
# ---------------------------------------------------------------------
|
||||
# Possible values: error, warn, info (default), verbose, debug, silly
|
||||
|
||||
logLevel: info
|
||||
|
||||
# ---------------------------------------------------------------------
|
||||
# Offline Mode
|
||||
# ---------------------------------------------------------------------
|
||||
# If your server cannot access the internet. Set to true and manually
|
||||
# download the offline files for sideloading.
|
||||
|
||||
offline: false
|
||||
|
||||
# ---------------------------------------------------------------------
|
||||
# High-Availability
|
||||
# ---------------------------------------------------------------------
|
||||
# Set to true if you have multiple concurrent instances running off the
|
||||
# same DB (e.g. Kubernetes pods / load balanced instances). Leave false
|
||||
# otherwise. You MUST be using PostgreSQL to use this feature.
|
||||
|
||||
ha: false
|
||||
|
||||
# ---------------------------------------------------------------------
|
||||
# Data Path
|
||||
# ---------------------------------------------------------------------
|
||||
# Writeable data path used for cache and temporary user uploads.
|
||||
dataPath: ./data
|
||||
```
|
||||
|
||||
Don't forget to open permissions so the systemd service can run the server
|
||||
`# useradd -m wiki`
|
||||
`# chown wiki:wiki -R /var/wiki`
|
||||
|
||||
Run server directly:
|
||||
`$ node server`
|
||||
|
||||
## Systemd service
|
||||
Put this under `/etc/systemd/system/wiki.service`
|
||||
```
|
||||
[Unit]
|
||||
Description=Wiki.js
|
||||
After=network.target
|
||||
Wants=container-wikijsdb.service
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStart=/usr/bin/node server
|
||||
Restart=always
|
||||
# Consider creating a dedicated user for Wiki.js here:
|
||||
#User=nobody
|
||||
User=wiki
|
||||
Environment=NODE_ENV=production
|
||||
WorkingDirectory=/var/wiki
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
```
|
||||
|
||||
`# systemctl daemon-reload`
|
||||
`# systemctl enable --now wiki`
|
||||
|
||||
## Nginx config
|
||||
*Replace "IPV4" and "IPV6"*
|
||||
```
|
||||
server {
|
||||
server_name DOMAIN_NAME;
|
||||
|
||||
# Security / XSS Mitigation Headers
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
|
||||
location = / {
|
||||
return 302 https://$host/web/;
|
||||
}
|
||||
|
||||
location / {
|
||||
# Proxy main traffic
|
||||
proxy_pass http://127.0.0.1:3000;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-Protocol $scheme;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
|
||||
listen [IPV6]:443 ssl; #set ipv6 address
|
||||
# acme.sh
|
||||
ssl_certificate_key /etc/acme-sh/DOMAIN_NAME/key.pem;
|
||||
ssl_certificate /etc/acme-sh/DOMAIN_NAME/cert.pem;
|
||||
# letsencrypt
|
||||
#ssl_certificate /etc/letsencrypt/live/DOMAIN_NAME/fullchain.pem;
|
||||
#ssl_certificate_key /etc/letsencrypt/live/DOMAIN_NAME/privkey.pem;
|
||||
#include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||
#ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||
}
|
||||
|
||||
server {
|
||||
if ($host = DOMAIN_NAME) {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
listen [IPV6]:80; #set ipv6 address
|
||||
server_name DOMAIN_NAME;
|
||||
return 404;
|
||||
}
|
||||
```
|
||||
|
||||
Enable config
|
||||
`# ln -s /etc/nginx/sites-available/(config) /etc/nginx/sites-enabled`
|
||||
|
||||
Restart nginx
|
||||
`# systemctl restart nginx`
|
||||
|
||||
## Wiki Settings
|
||||
|
||||
### Storage with git
|
||||
Create a home directory for the wiki user if you haven't used "-m" when creating the user.
|
||||
**Make sure not to have a "/" after the directory you want for your user**
|
||||
```
|
||||
# mkdir /home/wiki
|
||||
# chown wiki:wiki -R /home/wiki
|
||||
# usermod -d /home/wiki wiki
|
||||
```
|
||||
|
||||
Create ssh key as wiki user
|
||||
`$ ssh-keygen -t ed25519 -C wiki`
|
||||
|
||||
- DB - PostgreSQL used as Search Engine
|
||||
|
||||
## Update Wiki
|
||||
Download and install the latest release with these steps
|
||||
`# systemctl stop wiki`
|
||||
`$ cd /var`
|
||||
`# wget https://github.com/Requarks/wiki/releases/download/(version)/wiki-js.tar.gz`
|
||||
This is to ensure we have a known good version to go back to in case something goes wrong
|
||||
`# mv wiki wiki-old`
|
||||
`# mkdir wiki`
|
||||
`# tar xzf wiki-js.tar.gz -C ./wiki`
|
||||
`# cp wiki-old/config.yml wiki/`
|
||||
`# chown wiki:wiki -R /var/wiki`
|
||||
`# systemctl start wiki`
|
||||
|
||||
## Database Backup
|
||||
`# podman exec (container name) pg_dump (database name) -U (database user) -F c > wikibackup.dump`
|
||||
|
||||
## Database Restore
|
||||
**The wiki has to be installed fully, but not yet configured**
|
||||
*Also works for transfering wiki from one server to another*
|
||||
Stop the database and wiki
|
||||
|
||||
Drop the existing database and restore from the database
|
||||
`# podman exec -it (container name) dropdb -U (database user) (database name)`
|
||||
`# podman exec -it (container name) createdb -U (database user) (database name)`
|
||||
`cat ~/wikibackup.dump | docker exec -i (container name) pg_restore -U (database user) -d (database name)`
|
||||
|
||||
Start the database and wiki again
|
||||
|
Loading…
Reference in New Issue
Block a user