2022-05-20 21:09:07 +02:00

8.8 KiB

title
WikiJS

# apt install nginx podman nodejs

Preparation

Create a new network for the database and wikijs
$ podman network create wikijs

Database setup

# podman pull docker://postgres

# podman run -p 127.0.0.1:5432:5432 --name wikijsdb \
    -e POSTGRES_PASSWORD=wikijs \
    -e PGDATA=/var/lib/postgresql/data/pgdata \
    -v /mnt/postgres/wikijsdb:/var/lib/postgresql/data \
    -d docker.io/postgres

# podman exec -it wikijsdb bash

# psql -U postgres

Create database used by wikijs
=# CREATE DATABASE wikijs;

Systemd Service

Generate the systems service file following the podman guide

Wiki.JS Setup

$ cd /var
# wget https://github.com/Requarks/wiki/releases/download/(version)/wiki-js.tar.gz
# mkdir wiki
# tar xzf wiki-js.tar.gz -C ./wiki
$ cd ./wiki

Move default config
# mv config.sample.yml config.yml

#######################################################################
# Wiki.js - CONFIGURATION                                             #
#######################################################################
# Full documentation + examples:
# https://docs.requarks.io/install

# ---------------------------------------------------------------------
# Port the server should listen to
# ---------------------------------------------------------------------

port: 3000

# ---------------------------------------------------------------------
# Database
# ---------------------------------------------------------------------
# Supported Database Engines:
# - postgres = PostgreSQL 9.5 or later
# - mysql = MySQL 8.0 or later (5.7.8 partially supported, refer to docs)
# - mariadb = MariaDB 10.2.7 or later
# - mssql = MS SQL Server 2012 or later
# - sqlite = SQLite 3.9 or later

db:
  type: postgres

  # PostgreSQL / MySQL / MariaDB / MS SQL Server only:
  host: localhost
  port: 5432
  user: postgres
  pass: wikijs
  db: wikijs
  ssl: false

  # Optional - PostgreSQL / MySQL / MariaDB only:
  # -> Uncomment lines you need below and set `auto` to false
  # -> Full list of accepted options: https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options
  sslOptions:
    auto: true
    # rejectUnauthorized: false
    # ca: path/to/ca.crt
    # cert: path/to/cert.crt
    # key: path/to/key.pem
    # pfx: path/to/cert.pfx
    # passphrase: xyz123

  # SQLite only:
  storage: path/to/database.sqlite

#######################################################################
# ADVANCED OPTIONS                                                    #
#######################################################################
# Do not change unless you know what you are doing!

# ---------------------------------------------------------------------
# SSL/TLS Settings
# ---------------------------------------------------------------------
# Consider using a reverse proxy (e.g. nginx) if you require more
# advanced options than those provided below.

ssl:
  enabled: false
  port: 3443

  # Provider to use, possible values: custom, letsencrypt
  provider: custom

  # ++++++ For custom only ++++++
  # Certificate format, either 'pem' or 'pfx':
  format: pem
  # Using PEM format:
  key: path/to/key.pem
  cert: path/to/cert.pem
  # Using PFX format:
  pfx: path/to/cert.pfx
  # Passphrase when using encrypted PEM / PFX keys (default: null):
  passphrase: null
  # Diffie Hellman parameters, with key length being greater or equal
  # to 1024 bits (default: null):
  dhparam: null

  # ++++++ For letsencrypt only ++++++
  domain: wiki.yourdomain.com
  subscriberEmail: admin@example.com

# ---------------------------------------------------------------------
# Database Pool Options
# ---------------------------------------------------------------------
# Refer to https://github.com/vincit/tarn.js for all possible options

pool:
  # min: 2
  # max: 10

# ---------------------------------------------------------------------
# IP address the server should listen to
# ---------------------------------------------------------------------
# Leave 0.0.0.0 for all interfaces

bindIP: 0.0.0.0

# ---------------------------------------------------------------------
# Log Level
# ---------------------------------------------------------------------
# Possible values: error, warn, info (default), verbose, debug, silly

logLevel: info

# ---------------------------------------------------------------------
# Offline Mode
# ---------------------------------------------------------------------
# If your server cannot access the internet. Set to true and manually
# download the offline files for sideloading.

offline: false

# ---------------------------------------------------------------------
# High-Availability
# ---------------------------------------------------------------------
# Set to true if you have multiple concurrent instances running off the
# same DB (e.g. Kubernetes pods / load balanced instances). Leave false
# otherwise. You MUST be using PostgreSQL to use this feature.

ha: false

# ---------------------------------------------------------------------
# Data Path
# ---------------------------------------------------------------------
# Writeable data path used for cache and temporary user uploads.
dataPath: ./data

Don't forget to open permissions so the systemd service can run the server
# useradd -m wiki
# chown wiki:wiki -R /var/wiki

Run server directly:
$ node server

Systemd service

Put this under /etc/systemd/system/wiki.service

[Unit]
Description=Wiki.js
After=network.target
Wants=container-wikijsdb.service

[Service]
Type=simple
ExecStart=/usr/bin/node server
Restart=always
# Consider creating a dedicated user for Wiki.js here:
#User=nobody
User=wiki
Environment=NODE_ENV=production
WorkingDirectory=/var/wiki

[Install]
WantedBy=multi-user.target

# systemctl daemon-reload
# systemctl enable --now wiki

Nginx config

Replace "IPV4" and "IPV6"

server {
    server_name DOMAIN_NAME;

    # Security / XSS Mitigation Headers
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";

    location = / {
        return 302 https://$host/web/;
    }

    location / {
        # Proxy main traffic
        proxy_pass http://127.0.0.1:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
    }

    listen [IPV6]:443 ssl; #set ipv6 address
    # acme.sh
    ssl_certificate_key /etc/acme-sh/DOMAIN_NAME/key.pem;
    ssl_certificate /etc/acme-sh/DOMAIN_NAME/cert.pem;
    # letsencrypt
    #ssl_certificate /etc/letsencrypt/live/DOMAIN_NAME/fullchain.pem;
    #ssl_certificate_key /etc/letsencrypt/live/DOMAIN_NAME/privkey.pem;
    #include /etc/letsencrypt/options-ssl-nginx.conf;
    #ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}

server {
    if ($host = DOMAIN_NAME) {
        return 301 https://$host$request_uri;
    }

    listen [IPV6]:80; #set ipv6 address
    server_name DOMAIN_NAME;
    return 404;
}

Enable config
# ln -s /etc/nginx/sites-available/(config) /etc/nginx/sites-enabled

Restart nginx
# systemctl restart nginx

Wiki Settings

Storage with git

Create a home directory for the wiki user if you haven't used "-m" when creating the user.
Make sure not to have a "/" after the directory you want for your user

# mkdir /home/wiki
# chown wiki:wiki -R /home/wiki
# usermod -d /home/wiki wiki

Create ssh key as wiki user
$ ssh-keygen -t ed25519 -C wiki

  • DB - PostgreSQL used as Search Engine

Update Wiki

Download and install the latest release with these steps
# systemctl stop wiki
$ cd /var
# wget https://github.com/Requarks/wiki/releases/download/(version)/wiki-js.tar.gz
This is to ensure we have a known good version to go back to in case something goes wrong
# mv wiki wiki-old
# mkdir wiki
# tar xzf wiki-js.tar.gz -C ./wiki
# cp wiki-old/config.yml wiki/
# chown wiki:wiki -R /var/wiki
# systemctl start wiki

Database Backup

# podman exec (container name) pg_dump (database name) -U (database user) -F c > wikibackup.dump

Database Restore

The wiki has to be installed fully, but not yet configured
Also works for transfering wiki from one server to another
Stop the database and wiki

Drop the existing database and restore from the database
# podman exec -it (container name) dropdb -U (database user) (database name)
# podman exec -it (container name) createdb -U (database user) (database name)
cat ~/wikibackup.dump | docker exec -i (container name) pg_restore -U (database user) -d (database name)

Start the database and wiki again