How to Install DokuWiki with Nginx and Let's Encrypt SSL on FreeBSD 12
DokuWiki is a simple to use and highly versatile Open Source wiki software that doesn't require a database. It is loved by users for its clean and readable syntax. The ease of maintenance, backup, and integration makes it an administrator's favorite. Built-in access controls and authentication connectors make DokuWiki especially useful in the enterprise context and a large number of plugins contributed by its vibrant community allow for a broad range of use cases beyond a traditional wiki. This tutorial will show you how to install DokuWiki on FreeBSD 12 server.
Requirements
Make sure your server meets the following requirements.
- Web server software supporting PHP (Apache, NGINX, IIS, Lighttpd, LiteSpeed)
- PHP version 5.6 or later, newer versions are highly recommended.
Prerequisites
- A FreeBSD 12 operating system.
- A non-root user with
sudo
privileges.
Initial Steps
Check the FreeBSD version.
uname -ro
# FreeBSD 12.1-RELEASE
Update your operating system packages (software). This is an important first step because it ensures you have the latest updates and security fixes for your operating system's default software packages.
freebsd-update fetch install
pkg update && pkg upgrade -y
Install some essential packages that are necessary for the basic administration of the FreeBSD 12 operating system.
pkg install -y sudo vim unzip curl wget bash bash-completion socat git
Create a new user account with your preferred username, we use johndoe
.
adduser
# Username: johndoe
# Full name: John Doe
# Uid (Leave empty for default): <Enter>
# Login group [johndoe]: <Enter>
# Login group is johndoe. Invite johndoe into other groups? []: wheel
# Login class [default]: <Enter>
# Shell (sh csh tcsh nologin) [sh]: bash
# Home directory [/home/johndoe]: <Enter>
# Home directory permissions (Leave empty for default): <Enter>
# Use password-based authentication? [yes]: <Enter>
# Use an empty password? (yes/no) [no]: <Enter>
# Use a random password? (yes/no) [no]: <Enter>
# Enter password: your_secure_password
# Enter password again: your_secure_password
# Lock out the account after creation? [no]: <Enter>
# OK? (yes/no): yes
# Add another user? (yes/no): no
# Goodbye!
Run the visudo
command and uncomment %wheel ALL=(ALL) ALL
line, to allow members of the wheel
group to execute any command.
visudo
# Uncomment by removing hash (#) sign
%wheel ALL=(ALL) ALL
Now, switch to your newly created user with su
command.
su - johndoe
NOTE: Replace johndoe
with your username.
Set up the timezone.
sudo tzsetup
Step 1 - Install PHP and PHP extensions
Install PHP, as well as the necessary PHP extensions.
sudo pkg install -y php72 php72-mbstring php72-tokenizer php72-pdo php72-pdo_mysql php72-openssl php72-hash php72-json php72-phar php72-filter php72-zlib php72-dom php72-xml php72-xmlwriter php72-xmlreader php72-pecl-imagick php72-curl php72-session php72-ctype php72-iconv php72-gd php72-simplexml php72-zip php72-filter php72-tokenizer php72-calendar php72-fileinfo php72-intl php72-mysqli php72-phar php72-opcache php72-pdo_pgsql
Check the PHP version.
php --version
# PHP 7.2.17 (cli) (built: Apr 13 2019 01:13:32) ( NTS )
# Copyright (c) 1997-2018 The PHP Group
# Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
Soft-link php.ini-production
to php.ini
.
sudo ln -s /usr/local/etc/php.ini-production /usr/local/etc/php.ini
Enable and start PHP-FPM.
sudo sysrc php_fpm_enable=yes
sudo service php-fpm start
Step 2 - Install acme.sh client and obtain Let's Encrypt certificate ( optional )
Securing your site with HTTPS is not necessary, but it is a good practice to secure your site traffic. To obtain a TLS certificate from Let's Encrypt we will use acme.sh client. Acme.sh is a simple UNIX shell software for obtaining TLS certificates from Let's Encrypt with zero dependencies.
Download and install acme.sh:
sudo pkg install -y acme.sh
Check acme.sh version:
acme.sh --version
# v2.8.5
Obtain RSA and ECC/ECDSA certificates for your domain/hostname:
# RSA 2048
sudo acme.sh --issue --standalone -d example.com --keylength 2048
# ECDSA
sudo acme.sh --issue --standalone -d example.com --keylength ec-256
If you want fake certificates for testing, you can add --staging
flag to the above commands.
After running the above commands, your certificates and keys will be in:
- For RSA:
/home/username/example.com
directory. - For ECC/ECDSA:
/home/username/example.com_ecc
directory.
To list your issued certs you can run:
acme.sh --list
Create a directory to store your certs. We will use the /etc/letsencrypt
directory.
sudo mkdir -p /etc/letsecnrypt/example.com
sudo mkdir -p /etc/letsencrypt/example.com_ecc
Install/copy certificates to /etc/letsencrypt directory.
# RSA
sudo acme.sh --install-cert -d example.com --cert-file /etc/letsencrypt/example.com/cert.pem --key-file /etc/letsencrypt/example.com/private.key --fullchain-file /etc/letsencrypt/example.com/fullchain.pem --reloadcmd "sudo systemctl reload nginx.service"
# ECC/ECDSA
sudo acme.sh --install-cert -d example.com --ecc --cert-file /etc/letsencrypt/example.com_ecc/cert.pem --key-file /etc/letsencrypt/example.com_ecc/private.key --fullchain-file /etc/letsencrypt/example.com_ecc/fullchain.pem --reloadcmd "sudo systemctl reload nginx.service"
All the certificates will be automatically renewed every 60 days.
After obtaining certs exit from root user and return to regular sudo user:
exit
Step 3 - Install and configure Nginx
DokuWiki will run on any web server that supports PHP. In this tutorial, we will use Nginx. If you prefer Apache or another web server, you can use that instead of Nginx.
Install Nginx.
sudo pkg install -y nginx
Check the Nginx version.
nginx -v
# nginx version: nginx/1.16.1
Enable and start Nginx service.
sudo sysrc nginx_enable=yes
sudo service nginx start
Run sudo vim /usr/local/etc/nginx/dokuwiki.conf
and set up Nginx virtual server for DokuWiki.
sudo vim /usr/local/etc/nginx/dokuwiki.conf
Copy/paste the following Nginx configuration and save it:
server {
listen [::]:443 ssl;
listen 443 ssl;
listen [::]:80;
listen 80;
# RSA
ssl_certificate /etc/letsencrypt/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/example.com/private.key;
# ECC
ssl_certificate /etc/letsencrypt/example.com_ecc/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/example.com_ecc/private.key;
server_name wiki.example.com;
root /usr/local/www/dokuwiki;
index index.html index.htm index.php doku.php;
client_max_body_size 15M;
client_body_buffer_size 128K;
location / {
try_files $uri $uri/ @dokuwiki;
}
location ^~ /conf/ { return 403; }
location ^~ /data/ { return 403; }
location ~ /\.ht { deny all; }
location @dokuwiki {
rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
rewrite ^/(.*) /doku.php?id=$1 last;
}
location ~ \.php$ {
try_files $uri $uri/ /doku.php;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param REDIRECT_STATUS 200;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
Save the file and exit from your editor.
Include dokuwiki.conf
file to the main nginx.conf
file by running sudo vim /usr/local/etc/nginx/nginx.conf
and add the following line to the http {}
block.
include dokuwiki.conf;
Test our Nginx configuration changes.
sudo nginx -t
Reload Nginx.
sudo service nginx reload
Step 4 - Install DokuWiki
Create a document root directory:
sudo mkdir -p /usr/local/www/dokuwiki
Navigate to the document root:
cd /usr/local/www/dokuwiki
Download the newest stable release of DokuWiki from the DokuWiki download page:
sudo wget https://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz
Unpack DokuWiki tarball:
sudo tar xvf dokuwiki-stable.tgz
sudo rm dokuwiki-stable.tgz
sudo mv dokuwiki-2018-04-22b/* . && mv dokuwiki-2018-04-22b/.* .
sudo rmdir dokuwiki-2018-04-22b/
Change ownership of the /var/www/dokuwiki
directory to www:
sudo chown -R www:www /usr/local/www/dokuwiki
Restart PHP-FPM:
sudo service php-fpm restart
Open the DokuWiki setup script, install.php
, in your browser and setup DokuWiki. The setup script checks for the availability of required PHP functions and checks for needed file permissions. It also creates an initial administrator account and an initial ACL policy. To run the installer, open http://wiki.example.com/install.php
in the browser and follow the instructions.
Step 5 - Access DokuWiki Web Interface
Open your web browser and type the URL http://example.com/install.php. You will be redirected to the following page:
Provide all the required information like superuser name, email, password. Then, click on the Save button. Once the installation has been completed successfully, you should see the following page:
Now, click on your new DokuWiki. You should see the following page:
Now, click on the login button. You will be redirected to the following page:
Now, provide your Admin username and password. Then, click on the Log In button. You should see the DokuWiki dashboard in the following page:
After a successful configuration, delete the install.php
file from the DokuWiki root directory:
sudo rm /var/www/dokuwiki/install.php
Congratulations! You have successfully installed and configured DokuWiki on the FreeBSD 12 server. You can now create your own wiki site easily using DokuWiki.