This page describes the automated installation of DokuWiki (via the Tarball) on a Debian “wheezy” 7 target using Ansible with ssh and root access.

This installation surely is not best practice since it uses root for ssh. Also it relies on builtin linux tools like tar, mv and chown. Anyone with ansible knowledge is kindly asked to improve these issues and provide better scripts.

The following scripts were tested on a Debian “wheezy” 7.2 installation in a VirtualBox environment with 512MB RAM. Later the RAM was once tentatively reduced to 64MB (post-installation) for an experiment, this means you may be lucky to get an instance up and running but without any warranty.

There were no efforts made to harden the installation by using conservative permissions, SELinux or other restrictions.

Have a installed Debian “wheezy” 7 instance with installed ssh key and root access. Ansible requires Python:

[sudo] apt-get install python

Edit your copy of dokuwiki.yml file to contain your target instance, refer to the ansible documentation for further details.

dokuwiki.yml

---
- name: Install dokuwiki
  hosts: <yourip.or.domain>
  user: root
  
  roles:
   - { role: nginx, configuration_file: 'roles/dokuwiki/templates/default.conf', dest: dokuwiki }
   - php5-fpm
   - dokuwiki

roles/dokuwiki/tasks/main.yml

---
 - name: Download latest stable dokuwiki tarball
   get_url: url=http://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz dest=/var/tmp/dokuwiki-stable.tgz

 - name: Unpack tarball
   command: tar -xvf dokuwiki-stable.tgz chdir=/var/tmp

 - name: Prepare target directory
   command: mkdir /srv/dokuwiki
   
 - name: Move dokuwiki
   shell: mv /var/tmp/dokuwiki-2013-12-08/* /srv/dokuwiki/

 - name: Fix permissions
   shell: chown -R www-data /srv/dokuwiki/*

   notify: restart nginx

roles/dokuwiki/templates/default.conf

server {
    listen *:80;
    root /srv;
    index index.php;

    # serve static files from nginx
    location ~ ^/dokuwiki/lib/.+\.(css|gif|js|png)$ {
        root /srv;
        expires 30d;
    }
    location = /dokuwiki/install.php {
        root /srv;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        include        fastcgi_params;
    }
    location = /dokuwiki {
        rewrite ^ /dokuwiki/ permanent;
    }
    location = /dokuwiki/ {
        rewrite ^ /dokuwiki/doku.php last;
        expires 30d;
    }
    location ~ ^/dokuwiki/(|lib/(exe|plugins/[^/]+)/)[^/]+\.php {
        root /srv;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        include        fastcgi_params;
    }
    location /dokuwiki/ {
        deny all;
    }
}

roles/nginx/tasks/main.yml

---
- name: Install nginx
  apt: pkg=nginx state=present update_cache=yes

- name: Start nginx at boot
  service: name=nginx state=started enabled=yes

- name: Copy nginx configuration
  template: src={{ configuration_file }} dest=/etc/nginx/sites-enabled/{{ dest }}
  notify: restart nginx

- name: Deny access to install.php
  tags: after_installation
  shell: sed -i '/location = \/dokuwiki\/install.php {/a \ \ \ \ \ \ \ \ deny all;' /etc/nginx/sites-enabled/dokuwiki
  notify: restart nginx

roles/nginx/handlers/main.yml

---
- name: restart nginx
  service: name=nginx state=restarted

roles/php5-fpm/tasks/main.yml

---
- name: Install php5 
  apt: name=php5-fpm state=present

Now you can kick-off the installation process on your workstation with:

ansible-playbook --skip-tags=after_installation dokuwiki.yml

After the installation process terminated, you must finish the installation directing your browser to http://yourip.or.domain/dokuwiki/install.php

Just to be sure install.php cannot get called twice, deactivate the access:

ansible-playbook -t after_installation dokuwiki.yml