Install DokuWiki on CentOS 7 with Let’s Encrypt SSL

Posted on 40 views

This guide will take you through steps to Install DokuWiki behind nginx and Let’s Encrypt SSL certificate on CentOS 7 Linux. But before we can do any installation, I’ll assume you have a newly provisioned CentOS 7 Linux server that you need to do some pre-requisites prior to setting up DokuWiki.

Set server hostname. It is recommended to map IP address to the FQDN used in your DNS server.

sudo hostnamectl set-hostname wiki.mydomain.com

Also consider setting correct timezone:

sudo timedatectl set-timezone Region/Country
#Example:
sudo timedatectl set-timezone Africa/Nairobi

Sync time using NTP server

sudo yum -y install chrony
sudo systemctl enable --now chronyd
sudo chronyc sources

Step 1: Update system and install Development tools

It is recommended to ensure all system packages are updated:

sudo yum -y update
sudo yum -y install git vim bash-completion curl wget unzip tar

Reboot your server for new changes like kernel to take effect:

sudo reboot

Step 2: Add EPEL and Remi repository for php 7.x

Once the server is up after a reboot, proceed to install all required php modules including php fpm used by Nginx. But first, you’ll need to add epel and remi repositories to the system:

sudo yum -y install epel-release yum-utils
sudo yum -y install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
sudo yum clean all && sudo yum makecache fast
sudo yum-config-manager --disable remi-php54
sudo yum-config-manager --enable remi-php74

Step 3: Install php and required extensions

Install php 7.x by running the following commands:

sudo yum -y install php-cli php-fpm php-mysql php-zip php-ldap php-devel php-gd php-mcrypt php-mbstring php-curl php-xml php-pear php-bcmath

This should provide all the modules required by DokuWiki. Check your php version:

$ php -v
PHP 7.4.28 (cli) (built: Feb 15 2022 13:23:10) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies

Step 4: Download DokuWiki and extract it to your its Document root

Before downloading any version of DokuWiki, check Github releases page for the latest stable release.

wget https://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz

Extract DokuWiki archive using tar

tar xvf dokuwiki-stable.tgz
sudo mkdir -p /var/www/html/ 
sudo mv dokuwiki-*/ /var/www/html/dokuwiki

Step 5: Install certbot Let’s Encrypt SSL request tool

We will request for SSL certificate using certbot. Install it as below:

sudo yum -y install epel-release
sudo yum -y install vim certbot python2-certbot-nginx

Once downloaded, open http and https ports on the firewall if you have an active firewall service:

sudo firewall-cmd --add-service http,https --permanent

Step 6: Configure Nginx Web server (non https)

Install nginx web server

sudo yum -y install nginx

Create new configuration file:

sudo vim /etc/nginx/conf.d/dokuwiki.conf

Let’s add configuration block without HTTPS, while replacing wiki.mydomain.com with your actual domain name.

server png)$ 
   expires 1M;
   add_header Pragma public;
   add_header Cache-Control "public, must-revalidate, proxy-revalidate";
 

 location ~ \.php$ 
   fastcgi_split_path_info ^(.+\.php)(/.+)$;
   fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
   fastcgi_index index.php;
   include fastcgi_params;
   fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
   fastcgi_intercept_errors off;
   fastcgi_buffer_size 16k;
   fastcgi_buffers 4 16k;
 

 location ~ /\.ht 
   deny all;
 

Check Nginx configuration syntax:

$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Set data directory permissions:

sudo chown -R nginx:nginx /var/www/html/

If SELinux is enforcing configure labels correctly:

sudo yum -y install policycoreutils-python
sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?"
sudo restorecon -Rvv /var/www/html

Access DokuWiki web portal on http://wiki.mydomain.com

Configure php-fpm and start nginx/php-fpm

Now that we have nginx configured, let’s also configure php-fpm. Open the file:

sudo vim /etc/php-fpm.d/www.conf

Configure below parameters on the file as specified:

user = nginx
group = nginx
listen = /var/run/php-fpm/php-fpm.sock
listen.owner = nginx
listen.group = nginx
listen.mode = 0660

Start and enable nginx and php-fpm services:

sudo systemctl restart php-fpm nginx
sudo systemctl enable php-fpm nginx

Check service status and access DokuWiki web interface on http://wiki.mydomain/install.php

Step 7: Configure Let’s Encrypt SSL (Optional)

Request for Let’s Encrypt SSL certificate

sudo certbot --nginx -d wiki.mydomain.com

Sample output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Requesting a certificate for wiki.mydomain.com
Deploying Certificate to VirtualHost /etc/nginx/conf.d/dokuwiki.conf
Redirecting all traffic on port 80 to ssl in /etc/nginx/conf.d/dokuwiki.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://wiki.mydomain.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/wiki.mydomain.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/wiki.mydomain.com/privkey.pem
   Your certificate will expire on 2022-07-01. To obtain a new or
   tweaked version of this certificate in the future, simply run
   certbot again with the "certonly" option. To non-interactively
   renew *all* of your certificates, run "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Step 8: Configure DokuWiki on CentOS 7

Start DokuWiki configuration by opening the link: http://wiki.mydomain/install.php, you will get the installation page like below:

install-dokuwiki-ubuntu-18.04-01

Provide admin user details, under,Initial ACL policy choose your policy from one of:

  • Open Wiki – Open for everyone
  • Public Wiki – read for all, uploads and edits for registered users
  • Closed Wiki – Access only for registered users

Check whether you want to Allow users to register themselves

When done, click Save. The wiki page should now be ready.

install-dokuwiki-ubuntu-18.04-02

Click “your new DokuWiki” to get to DokuWiki home page.

Step 9: Adding users to DokuWiki

If you had selected “Closed Wiki | Public” as your ACL policy, you will be given login page for edits. Log in with admin account you created earlier to start adding other users to the system:

install-dokuwiki-ubuntu-18.04-login

Click “Admin” icon at the top of the page, this will take you to admin page:

dokuwiki-add-user-acl

Click on “User Manager” to get add user page:

dokuwiki-add-users-02

Add User details and click “Add” button. After adding a user, you can assign ACL on “Access Control List Management” page.

dokuwiki-add-user-acl (1)

Select from given Permissions.

dokuwiki-user-permissions

 

coffee

Gravatar Image
A systems engineer with excellent skills in systems administration, cloud computing, systems deployment, virtualization, containers, and a certified ethical hacker.