Twiki Installation
Note
Статья уже, скорее всего, морально устарела. Сейчас есть современные движки для ведения wiki. Основное удобство Twiki было отсутствее необходимости иметь БД. Например, DokuWiki умеет все тоже самое, на проще в настройке. Поэтому статья скорее архивная.
Подготовка сервера
# ssh ключ
cat .ssh/id_rsa.pub | ssh root@wiki.ksomov.ru "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"
# Меняем hostname и TZ
export LC_ALL=en_US.UTF-8
echo "twiki.ksomov.ru" > /etc/hostname
echo "LANG=en_US.UTF-8" >> /etc/environment
dpkg-reconfigure tzdata
shutdown -r now
## Готовим кодировки
sudo locale-gen UTF-8
echo "ru_RU.KOI8-R KOI8-R" >> /var/lib/locales/supported.d/local
locale-gen
# Обновляем пакеты
aptitude update && aptitude upgrade
# Устанавливаем пакеты
apt-get install apache2 libgdal-perl libcgi-session-perl libhtml-tree-perl liberror-perl libfreezethaw-perl libjpeg62 rcs libapache2-mod-perl2-doc libapache2-mod-perl2 libapache2-mod-php5 latex2html sendmail-bin
# Устанавливаем модули Perl
perl -MCPAN -e shell
install Algorithm::Diff CGI CGI::Carp Config Cwd Data::Dumper Encode File::Copy File::Find File::Spec File::Temp FileHandle HTML::Parser HTML::Entities IO::File Net::SMTP Text::Diff Time::Local Archive::Tar Authen::SASL CGI::Cookie CGI::Session Crypt::SMIME Digest::base Digest::SHA1 JSON Locale::Maketext::Lexicon Net::SMTP URI
# Перечитываем файл Апача
sudo /etc/init.d/apache2 reload
# Готовим каталог twiki
mkdir /websrv && cd /websrv
wget https://dl.dropboxusercontent.com/u/4094570/TWiki-6.0.1.tgz
tar -xvf TWiki-6.0.1.tgz && mv twiki twiki.ksomov.ru
chown -R www-data:www-data twiki.ksomov.ru
# Подготавливаем TWiki
mv /websrv/twiki.ksomov.ru/bin/LocalLib.cfg.txt /websrv/twiki.ksomov.ru/bin/LocalLib.cfg
# Редактируем файл LocalLib.cfg. Указываем правильный путь до каталога lib
# $twikiLibPath = "/websrv/twiki.ksomov.ru/lib";
# Используя http://twiki.org/cgi-bin/view/TWiki/ApacheConfigGenerator или http://foswiki.org/Support/ApacheConfigGenerator
# создаем файл конфигурации. см. ниже
# кладем в /etc/apache2/sites-available
ln -s /etc/apache2/sites-available/twiki.ksomov.ru.conf /etc/apache2/sites-enabled/
rm /etc/apache2/sites-enabled/000-default.conf
# Подключаем необходимые модули
a2enmod rewrite
a2enmod cgi
service apache2 restart
# Запускаем конфигуратор
http://twiki.ksomov.ru/bin/configure
# Далее можем ходить по http://twiki.ksomov.ru
Note
В web-конфигураторе указываем {Site}{Locale} = ru_RU.KOI8-R; {Site}{CharSet} = KOI8-R; {Languages}{ru}{Enabled} = true
Настройка Twiki
# Autogenerated httpd.conf file for TWiki.
# Generated at http://twiki.org/cgi-bin/view/TWiki/ApacheConfigGenerator
# IMPORTANT NOTE: Make sure to enable mod_cgi in the primary apache configuration file.
# We set an environment variable called blockAccess.
#
# Setting a BrowserMatchNoCase to ^$ is important. It prevents TWiki from
# including its own topics as URLs and also prevents other TWikis from
# doing the same. This is important to prevent the most obvious
# Denial of Service attacks.
#
# You can expand this by adding more BrowserMatchNoCase statements to
# block evil browser agents trying the impossible task of mirroring a twiki
#
# Example:
# BrowserMatchNoCase ^SiteSucker blockAccess
# BrowserMatchNoCase ^$ blockAccess
BrowserMatchNoCase ^$ blockAccess
<IfModule mod_perl.c>
# Mod_perl preloading
PerlSwitches -T
</IfModule>
# The ScriptAlias defines the bin directory as a directory where CGI
# scripts are allowed.
# The first parameter will be part of the URL to your installation e.g.
# http://example.com/do/view/...
# The second parameter must point to the physical path on your disc.
ScriptAlias /bin "/websrv/twiki.ksomov.ru/bin"
# The Alias defines a url that points to the twiki pub directory, which
# is the root of file attachments.
Alias /pub "/websrv/twiki.ksomov.ru/pub"
# Block access to typical spam related attachments
# Except the TWiki directory which is read only and does have attached html files.
SetEnvIf Request_URI "/pub/.*\.[hH][tT][mM][lL]?$" blockAccess
SetEnvIf Request_URI "/pub/TWiki/.*\.[hH][tT][mM][lL]?$" !blockAccess
# This specifies the options on the TWiki scripts directory. The ExecCGI
# and SetHandler tell apache that it contains scripts. "Require all granted"
# lets any IP address access this URL.
<Directory "/websrv/twiki.ksomov.ru/bin">
AllowOverride None
Require all granted
Deny from env=blockAccess
Options ExecCGI FollowSymLinks
SetHandler cgi-script
# Password file for TWiki users
AuthUserFile /websrv/twiki.ksomov.ru/data/.htpasswd
AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith)'
AuthType Basic
# File to return on access control error (e.g. wrong password)
ErrorDocument 401 /bin/view/TWiki/TWikiRegistration
</Directory>
# This sets the options on the pub directory, which contains attachments and
# other files like CSS stylesheets and icons. AllowOverride None stops a
# user installing a .htaccess file that overrides these options.
# Note that files in pub are *not* protected by TWiki Access Controls,
# so if you want to control access to files attached to topics you need to
# block access to the specific directories same way as the ApacheConfigGenerator
# blocks access to the pub directory of the Trash web
<Directory "/websrv/twiki.ksomov.ru/pub">
Options None
AllowOverride None
Require all granted
Deny from env=blockAccess
# Disable execusion of PHP scripts
php_admin_flag engine off
# This line will redefine the mime type for the most common types of scripts
AddType text/plain .shtml .php .php3 .phtml .phtm .pl .py .cgi
#add an Expires header that is sufficiently in the future that the browser does not even ask if its uptodate
# reducing the load on the server significantly
#IF you can, you should enable this - it _will_ improve your twiki experience, even if you set it to under one day.
# you may need to enable expires_module in your main apache config
#LoadModule expires_module libexec/httpd/mod_expires.so
#AddModule mod_expires.c
#<ifmodule mod_expires.c>
# <filesmatch "\.(jpg|gif|png|css|js)$">
# ExpiresActive on
# ExpiresDefault "access plus 11 days"
# </filesmatch>
#</ifmodule>
</Directory>
# Spammers are known to attach their stuff and then move it to trash where it remains unnoticed.
# We prevent viewing any attachments directly from pub
<Directory "/websrv/twiki.ksomov.ru/pub/Trash">
deny from all
</Directory>
Настройка Foswiki
Как альтернатива, можно использовать Foswiki - форк Twiki
# Autogenerated httpd.conf file for Foswiki.
# Generated at http://foswiki.org/Support/ApacheConfigGenerator?vhost=twiki.ksomov.ru;port=;dir=/websrv/twiki.ksomov.ru;symlink=;pathurl=/;shorterurls=enabled;engine=CGI;fastcgimodule=fcgid;fcgidreqlen=;apver=2;confighost=;configip=;configuser=;loginmanager=Template;htpath=;errordocument=UserRegistration;errorcustom=;disablephp=on;blockpubhtml=on;blocktrashpub=on;controlattach=;blockspiders=;foswikiversion=2.0;apacheversion=2.4;timeout=;ssl=;sslcert=/etc/ssl/apache2/yourservercert.pem;sslchain=/etc/ssl/apache2/sub.class1.server.ca.pem;sslkey=/etc/ssl/apache2/yourservercertkey.pem
# For Foswiki version 2.0, Apache 2.4
<VirtualHost *>
ServerAdmin webmaster@ksomov.ru
DocumentRoot "/websrv/twiki.ksomov.ru"
ServerName twiki.ksomov.ru
ServerAlias www.twiki.ksomov.ru # Optional. Add to list of redirect hosts in bin/configure
# The Alias defines a url that points to the root of the Foswiki installation.
# The first parameter will be part of the URL to your installation e.g.
# http://my.co.uk/foswiki/bin/view/...
# The second parameter must point to the physical path on your disc.
ScriptAlias /bin "/websrv/twiki.ksomov.ru/bin"
# The following Alias is used to access files in the pub directory (attachments etc)
# It must come _after_ the ScriptAlias.
# If short URLs are enabled, and any other local directories or files need to be accessed directly, they
# must also be specified in an Alias statement, and must not conflict with a web name.
Alias /pub "/websrv/twiki.ksomov.ru/pub"
Alias /robots.txt "/websrv/twiki.ksomov.ru/robots.txt"
# Rewriting is required for Short URLs, and Attachment redirecting to viewfile
RewriteEngine on
#RewriteLog "/var/log/apache/rewrite.log"
#RewriteLogLevel 0
# short urls
Alias / "/websrv/twiki.ksomov.ru/bin/view/"
RewriteRule ^/+bin/+view/+(.*) /$1 [L,NE,R]
RewriteRule ^/+bin/+view$ / [L,NE,R]
# Block access to typical spam related attachments
# Except the Foswiki directory which is read only and does have attached html files.
SetEnvIf Request_URI "/pub/.*\.[hH][tT][mM][lL]?$" blockAccess
SetEnvIf Request_URI "/pub/System/.*\.[hH][tT][mM][lL]?$" !blockAccess
# This enables access to the documents in the Foswiki root directory
<Directory "/websrv/twiki.ksomov.ru">
<RequireAll>
Require all granted
Require not env blockAccess
</RequireAll>
</Directory>
# This specifies the options on the Foswiki scripts directory. The ExecCGI
# and SetHandler tell apache that it contains scripts. "Allow from all"
# lets any IP address access this URL.
# Note: If you use SELinux, you also have to "Allow httpd cgi support" in your SELinux policies
<Directory "/websrv/twiki.ksomov.ru/bin">
AllowOverride None
<RequireAll>
Require all granted
Require not env blockAccess
</RequireAll>
Options +ExecCGI -FollowSymLinks
SetHandler cgi-script
# Password file for Foswiki users
AuthUserFile "/websrv/twiki.ksomov.ru/data/.htpasswd"
AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.'
AuthType Basic
# File to return on access control error (e.g. wrong password)
ErrorDocument 401 /System/UserRegistration
</Directory>
# This sets the options on the pub directory, which contains attachments and
# other files like CSS stylesheets and icons. AllowOverride None stops a
# user installing a .htaccess file that overrides these options.
# Note that files in pub are *not* protected by Foswiki Access Controls,
# so if you want to control access to files attached to topics you need to
# block access to the specific directories same way as the ApacheConfigGenerator
# blocks access to the pub directory of the Trash web
<Directory "/websrv/twiki.ksomov.ru/pub">
Options None
Options -FollowSymLinks
AllowOverride None
<RequireAll>
Require all granted
Require not env blockAccess
</RequireAll>
ErrorDocument 404 /bin/viewfile
# If you have PHP installed as Apache module, one of the below directives will ensure
# that it is disabled. The "ifmodule" statements should prevent this from causing
# errors if php is not installed.
<ifmodule mod_php3.c>
php3_engine off
</ifmodule>
<ifmodule mod_php4.c>
php_admin_flag engine off
</ifmodule>
<ifmodule mod_php5.c>
php_admin_flag engine off
</ifmodule>
# This line will redefine the mime type for the most common types of scripts
AddType text/plain .shtml .php .php3 .phtml .phtm .pl .py .cgi
#
# add an Expires header that is sufficiently in the future that the browser does not even ask if its uptodate
# reducing the load on the server significantly
# IF you can, you should enable this - it _will_ improve your Foswiki experience, even if you set it to under one day.
# you may need to enable expires_module in your main apache config
#LoadModule expires_module libexec/httpd/mod_expires.so
#AddModule mod_expires.c
#<ifmodule mod_expires.c>
# <filesmatch "\.(jpe?g|gif|png|css(\.gz)?|js(\.gz)?|ico)$">
# ExpiresActive on
# ExpiresDefault "access plus 11 days"
# </filesmatch>
#</ifmodule>
#
# Serve pre-compressed versions of .js and .css files, if they exist
# Some browsers do not handle this correctly, which is why it is disabled by default
# <FilesMatch "\.(js|css)$">
# RewriteEngine on
# RewriteCond %{HTTP:Accept-encoding} gzip
# RewriteCond %{REQUEST_FILENAME}.gz -f
# RewriteRule ^(.*)$ %{REQUEST_URI}.gz [L,QSA]
# </FilesMatch>
# <FilesMatch "\.(js|css)\?.*$">
# RewriteEngine on
# RewriteCond %{HTTP:Accept-encoding} gzip
# RewriteCond %{REQUEST_FILENAME}.gz -f
# RewriteRule ^([^?]*)\?(.*)$ $1.gz?$2 [L]
# </FilesMatch>
# <FilesMatch "\.js\.gz(\?.*)?$">
# AddEncoding x-gzip .gz
# AddType application/x-javascript .gz
# </FilesMatch>
# <FilesMatch "\.css\.gz(\?.*)?$">
# AddEncoding x-gzip .gz
# AddType text/css .gz
# </FilesMatch>
</Directory>
# Spammers are known to attach their stuff and then move it to trash where it remains unnoticed.
# We prevent viewing any attachments directly from pub
<Directory "/websrv/twiki.ksomov.ru/pub/Trash">
Require all denied
</Directory>
# Security note: All other directories should be set so
# that they are *not* visible as URLs, so we set them as =deny from all=.
<Directory "/websrv/twiki.ksomov.ru/data">
Require all denied
</Directory>
<Directory "/websrv/twiki.ksomov.ru/templates">
Require all denied
</Directory>
<Directory "/websrv/twiki.ksomov.ru/lib">
Require all denied
</Directory>
<Directory "/websrv/twiki.ksomov.ru/locale">
Require all denied
</Directory>
<Directory "/websrv/twiki.ksomov.ru/tools">
Require all denied
</Directory>
<Directory "/websrv/twiki.ksomov.ru/working">
Require all denied
</Directory>
# We set an environment variable called blockAccess.
#
# Setting a BrowserMatchNoCase to ^$ is important. It prevents Foswiki from
# including its own topics as URLs and also prevents other Foswikis from
# doing the same. This is important to prevent the most obvious
# Denial of Service attacks.
#
# You can expand this by adding more BrowserMatchNoCase statements to
# block evil browser agents trying to crawl your Foswiki
#
# Example:
# BrowserMatchNoCase ^SiteSucker blockAccess
# BrowserMatchNoCase ^$ blockAccess
BrowserMatchNoCase ^$ blockAccess
</VirtualHost>