There is a new version of this tutorial available for Debian 12 (Bookworm).

How to Install DokuWiki with Let's Encrypt SSL on Debian 11

DokuWiki is a free, open-source and powerful Wiki software application written in PHP. It uses a file to store its data instead of using a database. It is simple, lightweight and allows you to create and edit a website from the web browser. It offers a lot of features that allow you to scale and optimize your website easily. It is used by many users due to its clean and readable syntax, ease of maintenance, backup and integration.

In this tutorial, I will show you how to install DokuWiki with Apache and Let's Encrypt SSL on Debian 11.

Prerequisites

  • A server running Ubuntu 20.04.
  • A valid domain name pointed with your server IP.
  • A root password is configured on the server.

Getting Started

Before starting, it is recommended to update your system packages to the latest version. You can update them by running the following command:

apt-get update -y

Once all the packages are updated, you can proceed to the next step.

Install Apache and PHP

DokuWiki runs on Apache or Nginx and is written in a PHP language. So you will need to install the Apache, PHP and other required extensions to your server. You can install them by running the following command:

apt-get install apache2 php php-gd php-xml php-json -y

Once all the packages are installed, start the Apache service and enable it to start at system reboot:

systemctl start apache2
systemctl enable apache2

Once you are finished, you can proceed to the next step.

Install DokuWiki

First, go to the DokuWiki download page and download the latest version of DokuWiki using the following command:

wget https://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz

Once the download is completed, create a directory for DokuWiki inside the Apache web root directory:

mkdir /var/www/html/dokuwiki

Next, extract the downloaded file to the DokuWiki directory wih the following command:

tar -xvzf dokuwiki-stable.tgz -C /var/www/html/dokuwiki/ --strip-components=1

Next, copy some necessary files using the following command:

cp /var/www/html/dokuwiki/.htaccess{.dist,}

Next, set proper ownership to the DokuWiki directory:

chown -R www-data:www-data /var/www/html/dokuwiki

Once you are finished, you can proceed to the next step.

Create an Apache Virtual Host for DokuWiki

Next, you will need to create an Apache virtual host configuration file to host DokuWiki on the internet, You can create it using the following command:

nano /etc/apache2/sites-available/dokuwiki.conf

Add the following lines:

<VirtualHost *:80>
        ServerName    dokuwiki.example.com      
        DocumentRoot  /var/www/html/dokuwiki

        <Directory ~ "/var/www/html/dokuwiki/(bin/|conf/|data/|inc/)">
            <IfModule mod_authz_core.c>
                AllowOverride All
                Require all denied
            </IfModule>
            <IfModule !mod_authz_core.c>
                Order allow,deny
                Deny from all
            </IfModule>
        </Directory>

        ErrorLog   /var/log/apache2/dokuwiki_error.log
        CustomLog  /var/log/apache2/dokuwiki_access.log combined
</VirtualHost>

Save and close the file then enable the virtual host configuration file using the following command:

a2ensite dokuwiki.conf

Next, reload the Apache to apply the changes.

systemctl reload apache2

You can also check the Apache status with the following command:

systemctl status apache2

You will get the following output:

? apache2.service - The Apache HTTP Server
     Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2021-10-24 04:01:29 UTC; 9min ago
       Docs: https://httpd.apache.org/docs/2.4/
    Process: 27698 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=0/SUCCESS)
      Tasks: 77 (limit: 4691)
     Memory: 12.5M
     CGroup: /system.slice/apache2.service
             ??21346 /usr/sbin/apache2 -k start
             ??27703 Passenger watchdog
             ??27706 Passenger core
             ??27711 Passenger ust-router
             ??27729 /usr/sbin/apache2 -k start
             ??27730 /usr/sbin/apache2 -k start

Secure DokuWiki with Let's Encrypt SSL

After configuring Apache, it is recommended to secure your wiki site with a Let's Encrypt SSL certificate. To do so, you will need to install the Certbot client in your system. The Certbot is an easy-to-use client that fetches a certificate from Let's Encrypt an open certificate authority launched by the EFF, Mozilla, and others—and deploys it to a web server. Using the Certbot Let's Encrypt client you can easily download, install and renew the SSL certificate for your domain.

You can install the Certbot with the following command:

apt-get install certbot python3-certbot-apache -y

Once the Certbot client has been installed successfully, run the following command to install the Let's Encrypt SSL for your website:

certbot --apache -d dokuwiki.example.com

You will be asked to provide your valid email and accept the term of service as shown below:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): [email protected]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y

Obtaining a new certificate
Performing the following challenges:
http-01 challenge for dokuwiki.example.com
Enabled Apache rewrite module
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/apache2/sites-available/dokuwiki-le-ssl.conf
Enabled Apache socache_shmcb module
Enabled Apache ssl module
Deploying Certificate to VirtualHost /etc/apache2/sites-available/dokuwiki-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/dokuwiki-le-ssl.conf

Next, select whether or not to redirect HTTP traffic to HTTPS or configure Nginx to redirect all traffic to secure HTTPS access as shown in the following output:

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

Type 2 and hit Enter to start the process. Once the installation is completed, you should get the following output:

Enabled Apache rewrite module
Redirecting vhost in /etc/apache2/sites-enabled/dokuwiki.conf to ssl vhost in /etc/apache2/sites-available/dokuwiki-le-ssl.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://dokuwiki.example.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=dokuwiki.example.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/dokuwiki.example.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/dokuwiki.example.com/privkey.pem
   Your cert will expire on 2021-01-25. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

At this point, your Dokuwiki site is secured with Let's Encrypt SSL. You can now access your site securely using HTTPS protocol.

Setting Up Let's Encrypt SSL Certificate Auto-Renewal

By default, Let’s Encrypt certificates are valid for 90 days. So, you will need to set up a cron job to auto-renew the SSL certificate. It is safe to create a cron job that runs every week or even every day.

If you want to renew the SSL certificate manually, run the following command:

certbot renew --dry-run

You can set up a cron job to auto-renew SSL certificate every day at 10:00 AM by editing the following file:

crontab -e

Add the following line:

00 10 * * *   root /usr/bin/certbot renew >/dev/null 2>&1

Save and close the file, when you are finished.

Access DokuWiki

Now, open your web browser and type the URL https://dokuwiki.example.com/install.php. You should see the DokuWiki installation screen:

DokuWiki Installer

Provide your wiki name, admin username, password, email, choose your policy and click on the Save button. You will be redirected to the following page:

Configuration finished

Click on "your new DokuWiki". You should see the following screen:

DokuWiki

Click on the Login button. You will be redirected to the DokuWiki login screen as shown below:

Login

Provide your admin username, password and click on the Log In button. You should see the DokuWiki dashboard on the following screen:

DokuWiki Dashboard

Conclusion

Congratulations! you have successfully installed DokuWiki and secured it with Let's Encrypt SSL on Debian 11. You can now start creating your first website using DokuWiki. Feel free to ask me if you have any questions.

Share this page:

1 Comment(s)