Table of Contents
Description
This page describes the automated installation of DokuWiki (via the Tarball) on a Debian “wheezy” 7 target using Ansible with ssh and root
access.
Notes
This installation surely is not best practice since it uses root
for ssh. Also it relies on builtin linux tools like tar, mv and chown. Anyone with ansible knowledge is kindly asked to improve these issues and provide better scripts.
The following scripts were tested on a Debian “wheezy” 7.2 installation in a VirtualBox environment with 512MB RAM. Later the RAM was once tentatively reduced to 64MB (post-installation) for an experiment, this means you may be lucky to get an instance up and running but without any warranty.
Security
There were no efforts made to harden the installation by using conservative permissions, SELinux or other restrictions.
Preparation
Have a installed Debian “wheezy” 7 instance with installed ssh key and root access. Ansible requires Python:
[sudo] apt-get install python
Installation
Edit your copy of dokuwiki.yml
file to contain your target instance, refer to the ansible documentation for further details.
- dokuwiki.yml
--- - name: Install dokuwiki hosts: <yourip.or.domain> user: root roles: - { role: nginx, configuration_file: 'roles/dokuwiki/templates/default.conf', dest: dokuwiki } - php5-fpm - dokuwiki
- roles/dokuwiki/tasks/main.yml
--- - name: Download latest stable dokuwiki tarball get_url: url=http://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz dest=/var/tmp/dokuwiki-stable.tgz - name: Unpack tarball command: tar -xvf dokuwiki-stable.tgz chdir=/var/tmp - name: Prepare target directory command: mkdir /srv/dokuwiki - name: Move dokuwiki shell: mv /var/tmp/dokuwiki-2013-12-08/* /srv/dokuwiki/ - name: Fix permissions shell: chown -R www-data /srv/dokuwiki/* notify: restart nginx
- roles/dokuwiki/templates/default.conf
server { listen *:80; root /srv; index index.php; # serve static files from nginx location ~ ^/dokuwiki/lib/.+\.(css|gif|js|png)$ { root /srv; expires 30d; } location = /dokuwiki/install.php { root /srv; fastcgi_pass unix:/var/run/php5-fpm.sock; include fastcgi_params; } location = /dokuwiki { rewrite ^ /dokuwiki/ permanent; } location = /dokuwiki/ { rewrite ^ /dokuwiki/doku.php last; expires 30d; } location ~ ^/dokuwiki/(|lib/(exe|plugins/[^/]+)/)[^/]+\.php { root /srv; fastcgi_pass unix:/var/run/php5-fpm.sock; include fastcgi_params; } location /dokuwiki/ { deny all; } }
- roles/nginx/tasks/main.yml
--- - name: Install nginx apt: pkg=nginx state=present update_cache=yes - name: Start nginx at boot service: name=nginx state=started enabled=yes - name: Copy nginx configuration template: src={{ configuration_file }} dest=/etc/nginx/sites-enabled/{{ dest }} notify: restart nginx - name: Deny access to install.php tags: after_installation shell: sed -i '/location = \/dokuwiki\/install.php {/a \ \ \ \ \ \ \ \ deny all;' /etc/nginx/sites-enabled/dokuwiki notify: restart nginx
- roles/nginx/handlers/main.yml
--- - name: restart nginx service: name=nginx state=restarted
- roles/php5-fpm/tasks/main.yml
--- - name: Install php5 apt: name=php5-fpm state=present
Now you can kick-off the installation process on your workstation with:
ansible-playbook --skip-tags=after_installation dokuwiki.yml
After the installation process terminated, you must finish the installation directing your browser to http://yourip.or.domain/dokuwiki/install.php
Post-Installation
Just to be sure install.php
cannot get called twice, deactivate the access:
ansible-playbook -t after_installation dokuwiki.yml