DokuWiki

It's better when it's simple

User Tools

Site Tools


install:centos

CentOS

CentOS 7.x with firewallcmd

Firewall Rules

Incoming traffic on port 80 may be blocked by default. If so, we must create a permanent firewall rule to accept incoming traffic to our DokuWiki website.

sudo firewall-cmd --permanent --zone=public --add-service=http 
sudo firewall-cmd --reload	 

Apache

Ensure apache service always starts on boot.

sudo systemctl enable httpd.service  

mod_rewrite must be enabled so the .htaccess file which locks down the /data directory can be executed.

mod_rewrite is enabled by default on CentOS 7.x, if you need to re-enable it add the following line to a new .conf file and restart apache to load the mod_rewrite module

echo LoadModule rewrite_module modules/mod_rewrite.so > /etc/httpd/conf.d/addModule-mod_rewrite.conf
sudo systemctl restart httpd.service

PHP GD Module Install

The PHP GD module must be installed for image resizing.

sudo yum install php-gd

SELinux Note

CentOS comes with SELinux enabled by default which prevents the apache user from writing to the Document Root and sub directories.

Option 1

Switch SELinux to permissive mode, only for the httpd(Apache) service. This will leave SELinux enforcing for the rest of the system. This is the easier solution, but arguably also the less safe, as SELinux does not provide any protection for httpd.

sudo yum install policycoreutils-python
sudo semanage permissive -a httpd_t

Option 2

Modify SELinux context (conf & data directories)

sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/dokuwiki/conf(/.*)?" (Try adding -h option if it doesn't work)
sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/dokuwiki/data(/.*)?"
sudo restorecon -Rv /var/www/html/dokuwiki/conf
sudo restorecon -Rv /var/www/html/dokuwiki/data

Using the Wiki Upgrade Plugin & the Extension Manager
To use the Wiki Upgrade Plugin & the Extension Manager with option 2 you also have to grant apache access to the network, otherwise you will get the error : Could not connect Permission denied

sudo setsebool -P httpd_can_network_connect on

check with getsebool -a | grep httpd_can_network_connect

Allowing apache to send mail using postfix
If you get error : open /etc/postfix/main.cf: Permission denied in /var/log/maillog, you have to grant apache to send e-mails:

sudo setsebool -P httpd_can_sendmail on

check with getsebool -a | grep httpd_can_sendmail

Additionally you need to modify the SElinux context for the extension manager:

sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/dokuwiki/lib/plugins(/.*)?"
sudo restorecon -Rv /var/www/html/dokuwiki/lib/plugins
sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/dokuwiki/lib/tpl(/.*)?"
sudo restorecon -Rv /var/www/html/dokuwiki/lib/tpl

When using the Wiki Upgrade Plugin, temporary access is needed for all dokuwiki directories, follow the steps below to accomplish this:

  1. Change the SElinux context for the dokuwiki folder:
    sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/dokuwiki(/.*)?"
    sudo restorecon -Rv /var/www/html/dokuwiki
  2. Use the wiki upgrade plugin to perform the upgrade
  3. Remove the SElinux context from the dokuwiki folder:
    sudo semanage fcontext --delete "/var/www/html/dokuwiki(/.*)?"
    sudo restorecon -Rv /var/www/html/dokuwiki

Troubleshooting

If a HTTP 500 error code is returned, maybe the SELinux context of the files in the /var/www/dokuwiki directory is incorrect. The required context appears to be “httpd_sys_content_t”

install/centos.txt · Last modified: 2023-04-27 16:18 by 96.225.177.69

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki