diff --git a/pages/02.linux/11.wikijs/default.en.md b/pages/02.linux/11.wikijs/default.en.md new file mode 100644 index 0000000..58ff9f7 --- /dev/null +++ b/pages/02.linux/11.wikijs/default.en.md @@ -0,0 +1,301 @@ +--- +title: WikiJS +--- + +`# apt install nginx podman nodejs` +## Preparation +Create a new network for the database and wikijs +`$ podman network create wikijs` + +## Database setup +`# podman pull docker://postgres` + +``` +# podman run -p 127.0.0.1:5432:5432 --name wikijsdb \ + -e POSTGRES_PASSWORD=wikijs \ + -e PGDATA=/var/lib/postgresql/data/pgdata \ + -v /mnt/postgres/wikijsdb:/var/lib/postgresql/data \ + -d docker.io/postgres +``` + +`# podman exec -it wikijsdb bash` + +`# psql -U postgres` + +Create database used by wikijs +`=# CREATE DATABASE wikijs;` + +### Systemd Service +Generate the systems service file following the [podman guide](/linux/services/podman) + +## Wiki.JS Setup +`$ cd /var` +`# wget https://github.com/Requarks/wiki/releases/download/(version)/wiki-js.tar.gz` +`# mkdir wiki` +`# tar xzf wiki-js.tar.gz -C ./wiki` +`$ cd ./wiki` + +Move default config +`# mv config.sample.yml config.yml` +``` +####################################################################### +# Wiki.js - CONFIGURATION # +####################################################################### +# Full documentation + examples: +# https://docs.requarks.io/install + +# --------------------------------------------------------------------- +# Port the server should listen to +# --------------------------------------------------------------------- + +port: 3000 + +# --------------------------------------------------------------------- +# Database +# --------------------------------------------------------------------- +# Supported Database Engines: +# - postgres = PostgreSQL 9.5 or later +# - mysql = MySQL 8.0 or later (5.7.8 partially supported, refer to docs) +# - mariadb = MariaDB 10.2.7 or later +# - mssql = MS SQL Server 2012 or later +# - sqlite = SQLite 3.9 or later + +db: + type: postgres + + # PostgreSQL / MySQL / MariaDB / MS SQL Server only: + host: localhost + port: 5432 + user: postgres + pass: wikijs + db: wikijs + ssl: false + + # Optional - PostgreSQL / MySQL / MariaDB only: + # -> Uncomment lines you need below and set `auto` to false + # -> Full list of accepted options: https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options + sslOptions: + auto: true + # rejectUnauthorized: false + # ca: path/to/ca.crt + # cert: path/to/cert.crt + # key: path/to/key.pem + # pfx: path/to/cert.pfx + # passphrase: xyz123 + + # SQLite only: + storage: path/to/database.sqlite + +####################################################################### +# ADVANCED OPTIONS # +####################################################################### +# Do not change unless you know what you are doing! + +# --------------------------------------------------------------------- +# SSL/TLS Settings +# --------------------------------------------------------------------- +# Consider using a reverse proxy (e.g. nginx) if you require more +# advanced options than those provided below. + +ssl: + enabled: false + port: 3443 + + # Provider to use, possible values: custom, letsencrypt + provider: custom + + # ++++++ For custom only ++++++ + # Certificate format, either 'pem' or 'pfx': + format: pem + # Using PEM format: + key: path/to/key.pem + cert: path/to/cert.pem + # Using PFX format: + pfx: path/to/cert.pfx + # Passphrase when using encrypted PEM / PFX keys (default: null): + passphrase: null + # Diffie Hellman parameters, with key length being greater or equal + # to 1024 bits (default: null): + dhparam: null + + # ++++++ For letsencrypt only ++++++ + domain: wiki.yourdomain.com + subscriberEmail: admin@example.com + +# --------------------------------------------------------------------- +# Database Pool Options +# --------------------------------------------------------------------- +# Refer to https://github.com/vincit/tarn.js for all possible options + +pool: + # min: 2 + # max: 10 + +# --------------------------------------------------------------------- +# IP address the server should listen to +# --------------------------------------------------------------------- +# Leave 0.0.0.0 for all interfaces + +bindIP: 0.0.0.0 + +# --------------------------------------------------------------------- +# Log Level +# --------------------------------------------------------------------- +# Possible values: error, warn, info (default), verbose, debug, silly + +logLevel: info + +# --------------------------------------------------------------------- +# Offline Mode +# --------------------------------------------------------------------- +# If your server cannot access the internet. Set to true and manually +# download the offline files for sideloading. + +offline: false + +# --------------------------------------------------------------------- +# High-Availability +# --------------------------------------------------------------------- +# Set to true if you have multiple concurrent instances running off the +# same DB (e.g. Kubernetes pods / load balanced instances). Leave false +# otherwise. You MUST be using PostgreSQL to use this feature. + +ha: false + +# --------------------------------------------------------------------- +# Data Path +# --------------------------------------------------------------------- +# Writeable data path used for cache and temporary user uploads. +dataPath: ./data +``` + +Don't forget to open permissions so the systemd service can run the server +`# useradd -m wiki` +`# chown wiki:wiki -R /var/wiki` + +Run server directly: +`$ node server` + +## Systemd service +Put this under `/etc/systemd/system/wiki.service` +``` +[Unit] +Description=Wiki.js +After=network.target +Wants=container-wikijsdb.service + +[Service] +Type=simple +ExecStart=/usr/bin/node server +Restart=always +# Consider creating a dedicated user for Wiki.js here: +#User=nobody +User=wiki +Environment=NODE_ENV=production +WorkingDirectory=/var/wiki + +[Install] +WantedBy=multi-user.target +``` + +`# systemctl daemon-reload` +`# systemctl enable --now wiki` + +## Nginx config +*Replace "IPV4" and "IPV6"* +``` +server { + server_name DOMAIN_NAME; + + # Security / XSS Mitigation Headers + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Content-Type-Options "nosniff"; + + location = / { + return 302 https://$host/web/; + } + + location / { + # Proxy main traffic + proxy_pass http://127.0.0.1:3000; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Protocol $scheme; + proxy_set_header X-Forwarded-Host $http_host; + } + + listen [IPV6]:443 ssl; #set ipv6 address + # acme.sh + ssl_certificate_key /etc/acme-sh/DOMAIN_NAME/key.pem; + ssl_certificate /etc/acme-sh/DOMAIN_NAME/cert.pem; + # letsencrypt + #ssl_certificate /etc/letsencrypt/live/DOMAIN_NAME/fullchain.pem; + #ssl_certificate_key /etc/letsencrypt/live/DOMAIN_NAME/privkey.pem; + #include /etc/letsencrypt/options-ssl-nginx.conf; + #ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; +} + +server { + if ($host = DOMAIN_NAME) { + return 301 https://$host$request_uri; + } + + listen [IPV6]:80; #set ipv6 address + server_name DOMAIN_NAME; + return 404; +} +``` + +Enable config +`# ln -s /etc/nginx/sites-available/(config) /etc/nginx/sites-enabled` + +Restart nginx +`# systemctl restart nginx` + +## Wiki Settings + +### Storage with git +Create a home directory for the wiki user if you haven't used "-m" when creating the user. +**Make sure not to have a "/" after the directory you want for your user** +``` +# mkdir /home/wiki +# chown wiki:wiki -R /home/wiki +# usermod -d /home/wiki wiki +``` + +Create ssh key as wiki user +`$ ssh-keygen -t ed25519 -C wiki` + +- DB - PostgreSQL used as Search Engine + +## Update Wiki +Download and install the latest release with these steps +`# systemctl stop wiki` +`$ cd /var` +`# wget https://github.com/Requarks/wiki/releases/download/(version)/wiki-js.tar.gz` +This is to ensure we have a known good version to go back to in case something goes wrong +`# mv wiki wiki-old` +`# mkdir wiki` +`# tar xzf wiki-js.tar.gz -C ./wiki` +`# cp wiki-old/config.yml wiki/` +`# chown wiki:wiki -R /var/wiki` +`# systemctl start wiki` + +## Database Backup +`# podman exec (container name) pg_dump (database name) -U (database user) -F c > wikibackup.dump` + +## Database Restore +**The wiki has to be installed fully, but not yet configured** +*Also works for transfering wiki from one server to another* +Stop the database and wiki + +Drop the existing database and restore from the database +`# podman exec -it (container name) dropdb -U (database user) (database name)` +`# podman exec -it (container name) createdb -U (database user) (database name)` +`cat ~/wikibackup.dump | docker exec -i (container name) pg_restore -U (database user) -d (database name)` + +Start the database and wiki again +