Media Wiki Installation: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
 
(8 intermediate revisions by the same user not shown)
Line 85: Line 85:


⚠️ Do not use "=" as a password character.
⚠️ Do not use "=" as a password character.
⚠️ Pick user names shorter than 10 characters.


===New Instance in Production===
===New Instance in Production===
Line 278: Line 280:
Place <code>LocalSettings.php</code> in the wiki root folder, alongside <code>index.php</code> and make sure its permissions are consistent with the other files.
Place <code>LocalSettings.php</code> in the wiki root folder, alongside <code>index.php</code> and make sure its permissions are consistent with the other files.
<syntaxhighlight lang='bash'>
<syntaxhighlight lang='bash'>
chown apache:apache LocalSettings.php
chmod go-rwx LocalSettings.php
chmod go-rwx LocalSettings.php
</syntaxhighlight>
</syntaxhighlight>
On Linux with SELinux enabled:
<syntaxhighlight lang='bash'>
chcon -t httpd_sys_content_t ./LocalSettings.php
</syntaxhighlight>
=Restart=
=Restart=
Restart <code>httpd</code>
Restart <code>httpd</code>
Line 356: Line 364:
{{Internal|Media_Wiki_Visual_Editor|MediaWiki Visual Editor}}
{{Internal|Media_Wiki_Visual_Editor|MediaWiki Visual Editor}}


==SyntaxHighlight Reduce Font Size==
==SyntaxHighlight Extension==
===SELinux===
On Linux with SELinux enabled, adjust permissions: {{Internal|MediaWiki_Extension_SyntaxHighlight#SELinux|SyntaxHighlight SELinux}}
===Reduce Font Size===
{{Internal|MediaWiki_Extension_SyntaxHighlight#Reduce_Font_Size|SyntaxHighlight &#124; Reduce Font Size}}
{{Internal|MediaWiki_Extension_SyntaxHighlight#Reduce_Font_Size|SyntaxHighlight &#124; Reduce Font Size}}
==JSBreadCrumbs Extension==
{{Internal|MediaWiki_Extension_JSBreadCrumbs|JSBreadCrumbs Extension}}
==Secure Uploads==
==Secure Uploads==
<font color=darkkhaki>TODO: https://www.mediawiki.org/wiki/Manual:Security#Upload_security</font>
<font color=darkkhaki>TODO: https://www.mediawiki.org/wiki/Manual:Security#Upload_security</font>
==TODO==
<font color=darkkhaki>Modify the appearance of the Internal and External templates and the border of the syntaxhighlight areas to match 1.26:</font>
[[File:VisualDifferences.png|400px]]
=Optional Restoration=
=Optional Restoration=
At this point, the newly installed instance is ready for an older instance restoration procedure, described here:
At this point, the newly installed instance is ready for an older instance restoration procedure, described here:

Latest revision as of 04:59, 1 January 2024

External

Internal

Overview

A full new installation of the latest LTS (Long Term Support) Media Wiki instance is in most cases the best option, for both new deployments and restoration of older deployments from backup. This procedure has been written to support both new deployments and restoration of old deployments from backup and possibly upgrade into the new instance.

Pick the Latest LTS Release

Always install the latest LTS (Long Term Support) release.

Pick the latest LTS minor version from this pages:

https://www.mediawiki.org/wiki/Version_lifecycle
https://www.mediawiki.org/wiki/Release_notes

Pick the latest patch version from this page, by navigating down the minor version folder and selecting the latest released patch:

https://releases.wikimedia.org/mediawiki/

The article was last updated for Media Wiki 1.39.6.

Install httpd

Install or upgrade to the newest stable httpd version for your platform. The Media Wiki compatibility page does not recommend any specific httpd version.

Installation instructions:

RHEL/Centos 7 MacOS

Install letsencrypt Certificates

The specific Media Wiki SSL and certificate configuration from /etc/httpd/conf.d/ssl.conf (the Listen directive and the only virtual host) and /etc/letsencrypt or /etc/pki/tls must be transferred manually from the backup file, after the web server and generic HTTPS support is installed.

No change in /etc/httpd/conf/httpd.conf should be required. If the state of another wiki is restored, the restoration script will remind of the need to apply SSL configuration and the required steps.

RHEL/Centos 7

PHP

PHP Installation

Select the newest compatible stable version from:

https://www.mediawiki.org/wiki/Compatibility#PHP

It is probably OK to install the latest stable PHP version even if it is not explicitly specified on the compatibility page. Media Wiki 1.39 works well with PHP 8.3 even if PHP 8.3 is not mentioned on the compatibility page.

Installation and httpd configuration instructions:

RHEL/Centos 7 MacOS

PHP Configuration

Some PHP installations come with error reporting set to dump all errors, including some not appropriate for production, like deprecation messages.

PHP Error Reporting Configuration

Install MariaDB

Select the newest compatible stable version from:

https://www.mediawiki.org/wiki/Compatibility#Database

It is probably OK to install the latest stable MariaDB version even if it is not explicitly specified on the compatibility page.

Installation and post-install configuration instructions:

RHEL/Centos 7 MacOS

Perform a New Instance Initialization

Regardless on whether we are installing a new Media Wiki instance to use it as such, or we intend do restore an old instance, a full new instance initialization is required in both cases.

Install the Media Wiki Release Files

Go to https://releases.wikimedia.org/mediawiki/, download the latest patch corresponding to the selected LTS release and expand it in the httpd document root.

RHEL/Centos 7 MacOS

Create the Database

This procedure will create the Media Wiki dedicated database user and database. The difference between a new installation that will used as such and a new installation that will be used to restore an old instance is that in the former case the database and the user created now will be used in production. In the latter case, they will be eventually be discarded and deleted, to be replaced with the restored database and user.

⚠️ Do not use "=" as a password character.

⚠️ Pick user names shorter than 10 characters.

New Instance in Production

For a new instance to be used in production, use valid, production values:

export MEDIAWIKI_USER=novaordis_wiki
export MEDIAWIKI_PASSWORD=... # Do not use "=" as a password character
export MEDIAWIKI_DATABASE=novaordis_wiki
export MARIADB_ROOT_PASSWORD=...

Instance Restoration

For a restoration:

export MEDIAWIKI_USER=tmp_mediawiki_user
export MEDIAWIKI_PASSWORD=tmp_mediawiki_passwd
export MEDIAWIKI_DATABASE=tmp_mediawiki_db
export MARIADB_ROOT_PASSWORD=...

DDL Commands

Connect to MariaDB using the database root password configured when the database cluster was installed. You will need console access to verify the result of the DDL operations.

Connect to MariaDB

From a terminal, execute the following DDL operations.

Create the Media Wiki user:

mysql -u root -p${MARIADB_ROOT_PASSWORD} -e "CREATE USER '${MEDIAWIKI_USER}'@'localhost' IDENTIFIED BY '${MEDIAWIKI_PASSWORD}';"

Create the Media Wiki database:

mysql -u root -p${MARIADB_ROOT_PASSWORD} -e "CREATE DATABASE ${MEDIAWIKI_DATABASE};"

Grant privileges to the database:

mysql -u root -p${MARIADB_ROOT_PASSWORD} -e "\
GRANT ALL PRIVILEGES ON ${MEDIAWIKI_DATABASE}.* TO '${MEDIAWIKI_USER}'@'localhost';\
FLUSH PRIVILEGES;\
COMMIT;"

Verify:

SHOW DATABASES;
SHOW GRANTS FOR '<your-user>'@'localhost';
exit

Configure httpd to Serve the Media Wiki Instance

RHEL/Centos 7 MacOS

Run the Initialization Procedure and Create LocalSettings.php

Connect to the newly installed web server with a web browser and perform the setup procedure. The procedure will create a LocalSettings.php which will be download and installed manually in the server's document root.

The initial access should render something similar to:

MediaWikiUnconfigured.png

Click "set up the wiki".

Language

Your language: en - English

Wiki language: en - English

Continue

Environmental checks: "The environment has been checked. You can install MediaWiki."

Continue

Connect to database

Database type: MariaDB, MySQL, or compatible

Database host: localhost

Database name (no hyphens). For a new instance in production use New Instance in Production MEDIAWIKI_DATABASE values. For an instance restoration, use Instance Restoration MEDIAWIKI_DATABASE value.

Database table prefix (no hyphens): leave empty.

Database username: For a new instance in production use New Instance in Production MEDIAWIKI_USER values. For an instance restoration, use Instance Restoration MEDIAWIKI_USER value.

Database password: For a new instance in production use New Instance in Production MEDIAWIKI_PASSWORD values. For an instance restoration, use Instance Restoration MEDIAWIKI_PASSWORD value.

Continue.

Database account for web access: Use the same account as for installation

Continue.

Name

Name of wiki. For a new instance in production, use the production name. In case of a restoration, use the name of the old site, which can be retrieved from the back up. For details see:

Media Wiki Concepts | Name of Wiki

Project namespace: Same as the wiki name. For more details see:

Media Wiki Concepts | Project Namespace

Administrator account: if this is a new instance in production, choose carefully. In case of a restoration, will be overwritten by the old database content.

Media Wiki Security Concepts | Administrator Account

Email address.

Uncheck "Share data about this installation with MediaWiki developers"

Ask more questions.

Continue

Options

Users right profile: "Authorized editors only" (read can be anonymous) or "Private wiki". It can be changed later, see:

Media Wiki Security Concepts | User Rights Profile

Copyright and license: No license folder.

Email settings: Uncheck "Enable outbound email".

Skins: Check all and use Vector as default.

Extensions: Select the following extensions.

  • Special pages
    • CiteThisPage
    • Interwiki
    • Nuke
    • Renameuser
    • ReplaceText
  • Editors
    • CodeEditor (requires WikiEditor)
    • VisualEditor (⚠️ Do not enable)
    • WikiEditor
  • Parser hooks
    • CategoryTree
    • Cite
    • ImageMap
    • InputBox
    • Math
    • ParserFunctions
    • Poem
    • Scribunto
    • SyntaxHighlight_GeSHi
    • TemplateData
  • Media handlers
    • PdfHandler
  • Spam prevention
    • AbuseFilter
    • ConfirmEdit
    • SpamBlacklist
    • TitleBlacklist
  • API
    • PageImages
  • Other
    • Gadgets
    • MultimediaViewer
    • OATHAuth
    • SecureLinkFixer
    • TextExtracts

Images and file uploads:

Check "Enable file uploads"

Director for deleted files: Example: /opt/brew/var/www/mediawiki-1.35.14/images/deleted

Uncheck "Enable Instant Commons"

Personalization

Logo (icon)

Wordmark

Tagline

Sidebar logo

Advanced configuration

No caching.

Continue

Continue

The installation process automatically downloads a LocalSettings.php. Must be transferred in the base of the wiki installation (the same directory as index.php.

LocalSettings.php

Install LocalSettings.php

Place LocalSettings.php in the wiki root folder, alongside index.php and make sure its permissions are consistent with the other files.

chown apache:apache LocalSettings.php
chmod go-rwx LocalSettings.php

On Linux with SELinux enabled:

chcon -t httpd_sys_content_t ./LocalSettings.php

Restart

Restart httpd

Test the New Instance

  • Log in as administrator.
  • Create a new file.
  • Edit a new file.

Post-Installation

Allow PDF Uploading

Allowed file upload formats are specified using the $wgFileExtensions configuration directive of LocalSettings.php.

$wgFileExtensions[] = 'pdf';

If the variable is not specified in the file, add it at the bottom of the file, under the # End of automatically generated settings. Add more configuration options below. marker.

To add more than one format:

$wgFileExtensions = array_merge($wgFileExtensions, array( 'pdf', 'txt', 'mp3' ));

Note that the PDF extension will be added to the built-in list ("png", "gif", "jpg", "jpeg").

Increase the Maximum Size for Uploaded Files

https://www.mediawiki.org/wiki/Manual:$wgMaxUploadSize

Change the following in php.ini file. To locate the php.ini file, see How to Locate php.ini file. You will need to change both upload_max_filesize and post_max_size, as the lower of the two will be the effective one:

; Maximum allowed size for uploaded files.
; http://php.net/upload-max-filesize
upload_max_filesize = 10M
...
; Maximum size of POST data that PHP will accept.
; Its value may be 0 to disable the limit. It is ignored if POST data reading
; is disabled through enable_post_data_reading.
; http://php.net/post-max-size
post_max_size = 10M

A httpd server upload is required for the change to become effective. To verify that the change was applied correctly, go to "Upload File" and look for "Maximum file size:".

Modify the Rendering of the <code> Tag

Look up page MediaWiki:Common.css, or create if it does not exist, and append the following sequence:

/* <code> tag rendering */
code {
  font-family: Consolas,"menlo";
  color: DarkSlateGray;
  padding: 1px;
  background-color: #FCFCFC;
  border-color: Gainsboro;
  font-size: 77%;
}

Test it by creating a new page with a <code> tag. You must clear the browser cache to see the effects: Chrome, Safari, Firefox

Remove the "Discussions" Tab

https://www.mediawiki.org/wiki/User:Subfader/Hide_page_tabs

Look up page MediaWiki:Common.css, or create if it does not exist, and append the following sequence:

/* Remove the "Discussions" tab */
#ca-talk { display:none!important; }

Test it. To see the effects, clear the browser cache: Chrome, Safari, Firefox

Install Extensions

For a list of useful extensions, see:

MediaWiki Concepts | Useful Extensions

Configure Site Logo

favicon

Disable Visual Editor

MediaWiki Visual Editor

SyntaxHighlight Extension

SELinux

On Linux with SELinux enabled, adjust permissions:

SyntaxHighlight SELinux

Reduce Font Size

SyntaxHighlight | Reduce Font Size

JSBreadCrumbs Extension

JSBreadCrumbs Extension

Secure Uploads

TODO: https://www.mediawiki.org/wiki/Manual:Security#Upload_security

Optional Restoration

At this point, the newly installed instance is ready for an older instance restoration procedure, described here:

Media Wiki Restoration

Troubleshooting

Media Wiki Troubleshooting