How to Install DokuWiki with Nginx and Let's Encrypt SSL on FreeBSD 12

DokuWiki is a simple to use and highly versatile Open Source wiki software that doesn't require a database. It is loved by users for its clean and readable syntax. The ease of maintenance, backup, and integration makes it an administrator's favorite. Built-in access controls and authentication connectors make DokuWiki especially useful in the enterprise context and a large number of plugins contributed by its vibrant community allow for a broad range of use cases beyond a traditional wiki. This tutorial will show you how to install DokuWiki on FreeBSD 12 server.

Requirements

Make sure your server meets the following requirements.

  • Web server software supporting PHP (Apache, NGINX, IIS, Lighttpd, LiteSpeed)
  • PHP version 5.6 or later, newer versions are highly recommended.

Prerequisites

  • A FreeBSD 12 operating system.
  • A non-root user with sudo privileges.

Initial Steps

Check the FreeBSD version.

uname -ro
# FreeBSD 12.1-RELEASE

Update your operating system packages (software). This is an important first step because it ensures you have the latest updates and security fixes for your operating system's default software packages.

freebsd-update fetch install
pkg update && pkg upgrade -y

Install some essential packages that are necessary for the basic administration of the FreeBSD 12 operating system.

pkg install -y sudo vim unzip curl wget bash bash-completion socat git

Create a new user account with your preferred username, we use johndoe.

adduser
# Username: johndoe
# Full name: John Doe
# Uid (Leave empty for default): <Enter>
# Login group [johndoe]: <Enter>
# Login group is johndoe. Invite johndoe into other groups? []: wheel
# Login class [default]: <Enter>
# Shell (sh csh tcsh nologin) [sh]: bash
# Home directory [/home/johndoe]: <Enter>
# Home directory permissions (Leave empty for default): <Enter>
# Use password-based authentication? [yes]: <Enter>
# Use an empty password? (yes/no) [no]: <Enter>
# Use a random password? (yes/no) [no]: <Enter>
# Enter password: your_secure_password
# Enter password again: your_secure_password
# Lock out the account after creation? [no]: <Enter>
# OK? (yes/no): yes
# Add another user? (yes/no): no
# Goodbye!

Run the visudo command and uncomment %wheel ALL=(ALL) ALL line, to allow members of the wheel group to execute any command.

visudo

# Uncomment by removing hash (#) sign
%wheel ALL=(ALL) ALL

Now, switch to your newly created user with su command.

su - johndoe

NOTE: Replace johndoe with your username.

Set up the timezone.

sudo tzsetup

Step 1 - Install PHP and PHP extensions

Install PHP, as well as the necessary PHP extensions.

sudo pkg install -y php72 php72-mbstring php72-tokenizer php72-pdo php72-pdo_mysql php72-openssl php72-hash php72-json php72-phar php72-filter php72-zlib php72-dom php72-xml php72-xmlwriter php72-xmlreader php72-pecl-imagick php72-curl php72-session php72-ctype php72-iconv php72-gd php72-simplexml php72-zip php72-filter php72-tokenizer php72-calendar php72-fileinfo php72-intl php72-mysqli php72-phar php72-opcache php72-pdo_pgsql

Check the PHP version.

php --version
# PHP 7.2.17 (cli) (built: Apr 13 2019 01:13:32) ( NTS )
# Copyright (c) 1997-2018 The PHP Group
# Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies

Soft-link php.ini-production to php.ini.

sudo ln -s /usr/local/etc/php.ini-production /usr/local/etc/php.ini

Enable and start PHP-FPM.

sudo sysrc php_fpm_enable=yes
sudo service php-fpm start

Step 2 - Install acme.sh client and obtain Let's Encrypt certificate ( optional )

Securing your site with HTTPS is not necessary, but it is a good practice to secure your site traffic. To obtain a TLS certificate from Let's Encrypt we will use acme.sh client. Acme.sh is a simple UNIX shell software for obtaining TLS certificates from Let's Encrypt with zero dependencies.

Download and install acme.sh:

sudo pkg install -y acme.sh

Check acme.sh version:

acme.sh --version
# v2.8.5

Obtain RSA and ECC/ECDSA certificates for your domain/hostname:

# RSA 2048
sudo acme.sh --issue --standalone -d example.com --keylength 2048
# ECDSA
sudo acme.sh --issue --standalone -d example.com --keylength ec-256

If you want fake certificates for testing, you can add --staging flag to the above commands.

After running the above commands, your certificates and keys will be in:

  • For RSA: /home/username/example.com directory.
  • For ECC/ECDSA: /home/username/example.com_ecc directory.

To list your issued certs you can run:

acme.sh --list

Create a directory to store your certs. We will use the /etc/letsencrypt directory.

sudo mkdir -p /etc/letsecnrypt/example.com
sudo mkdir -p /etc/letsencrypt/example.com_ecc

Install/copy certificates to /etc/letsencrypt directory.

# RSA
sudo acme.sh --install-cert -d example.com --cert-file /etc/letsencrypt/example.com/cert.pem --key-file /etc/letsencrypt/example.com/private.key --fullchain-file /etc/letsencrypt/example.com/fullchain.pem --reloadcmd "sudo systemctl reload nginx.service"
# ECC/ECDSA
sudo acme.sh --install-cert -d example.com --ecc --cert-file /etc/letsencrypt/example.com_ecc/cert.pem --key-file /etc/letsencrypt/example.com_ecc/private.key --fullchain-file /etc/letsencrypt/example.com_ecc/fullchain.pem --reloadcmd "sudo systemctl reload nginx.service"

All the certificates will be automatically renewed every 60 days.

After obtaining certs exit from root user and return to regular sudo user:

exit

Step 3 - Install and configure Nginx

DokuWiki will run on any web server that supports PHP. In this tutorial, we will use Nginx. If you prefer Apache or another web server, you can use that instead of Nginx.

Install Nginx.

sudo pkg install -y nginx

Check the Nginx version.

nginx -v
# nginx version: nginx/1.16.1

Enable and start Nginx service.

sudo sysrc nginx_enable=yes
sudo service nginx start

Run sudo vim /usr/local/etc/nginx/dokuwiki.conf and set up Nginx virtual server for DokuWiki.

sudo vim /usr/local/etc/nginx/dokuwiki.conf

Copy/paste the following Nginx configuration and save it:

server {

listen [::]:443 ssl;
listen 443 ssl; listen [::]:80; listen 80; # RSA
ssl_certificate /etc/letsencrypt/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/example.com/private.key;
# ECC
ssl_certificate /etc/letsencrypt/example.com_ecc/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/example.com_ecc/private.key;
server_name wiki.example.com; root /usr/local/www/dokuwiki; index index.html index.htm index.php doku.php; client_max_body_size 15M; client_body_buffer_size 128K; location / { try_files $uri $uri/ @dokuwiki; } location ^~ /conf/ { return 403; } location ^~ /data/ { return 403; } location ~ /\.ht { deny all; } location @dokuwiki { rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; rewrite ^/(.*) /doku.php?id=$1 last; } location ~ \.php$ { try_files $uri $uri/ /doku.php; fastcgi_pass 127.0.0.1:9000; fastcgi_param REDIRECT_STATUS 200; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } }

Save the file and exit from your editor.

Include dokuwiki.conf file to the main nginx.conf file by running sudo vim /usr/local/etc/nginx/nginx.conf and add the following line to the http {} block.

include dokuwiki.conf;

Test our Nginx configuration changes.

sudo nginx -t

Reload Nginx.

sudo service nginx reload

Step 4 - Install DokuWiki

Create a document root directory:

sudo mkdir -p /usr/local/www/dokuwiki

Navigate to the document root:

cd /usr/local/www/dokuwiki

Download the newest stable release of DokuWiki from the DokuWiki download page:

sudo wget https://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz

Unpack DokuWiki tarball:

sudo tar xvf dokuwiki-stable.tgz
sudo rm dokuwiki-stable.tgz
sudo mv dokuwiki-2018-04-22b/* . && mv dokuwiki-2018-04-22b/.* .
sudo rmdir dokuwiki-2018-04-22b/

Change ownership of the /var/www/dokuwiki directory to www:

sudo chown -R www:www /usr/local/www/dokuwiki

Restart PHP-FPM:

sudo service php-fpm restart

Open the DokuWiki setup script, install.php, in your browser and setup DokuWiki. The setup script checks for the availability of required PHP functions and checks for needed file permissions. It also creates an initial administrator account and an initial ACL policy. To run the installer, open http://wiki.example.com/install.php in the browser and follow the instructions.

Step 5 - Access DokuWiki Web Interface

Open your web browser and type the URL http://example.com/install.php. You will be redirected to the following page:

DikuWiki installer

Provide all the required information like superuser name, email, password. Then, click on the Save button. Once the installation has been completed successfully, you should see the following page:

Set username and password

Now, click on your new DokuWiki. You should see the following page:

DokuWiki successfully installed

Now, click on the login button. You will be redirected to the following page:

Login

Now, provide your Admin username and password. Then, click on the Log In button. You should see the DokuWiki dashboard in the following page:

Welcome to DokuWiki

After a successful configuration, delete the install.php file from the DokuWiki root directory:

sudo rm /var/www/dokuwiki/install.php

Congratulations! You have successfully installed and configured DokuWiki on the FreeBSD 12 server. You can now create your own wiki site easily using DokuWiki.

Share this page:

0 Comment(s)