Configuring a Digital Ocean MediaWiki Droplet

From GlassTTY
Jump to: navigation, search

This article describes a few steps that I needed to take following the deployment of a Digital Ocean MediaWiki Droplet. The article is based on the version 1.27 of MediaWiki on Ubuntu 14.04.

Admin User

The initial user is not always made an admin so use the following command.

   mysql -uroot -pePMxN2IX6K

This gives the mySql prompt.

   use wiki;
   select user_id,user_name from user;

Once the user id is known add the user to the sysop group.

   INSERT INTO user_groups ( ug_user, ug_group ) VALUES ( 2, "sysop" );

Setting up a Virtual Host

This is recommended as it allows for simple installation of SSL etc using Certbot (LetsEncrypt).

Create a .conf file (e.g. gaframework.conf) in the directory /etc/apache2/sites-available.

   <VirtualHost *:80>
   
     ServerName gaframework.org
     ServerAlias www.gaframework.org
     ServerAdmin john@aiframeworks.net
   
     DocumentRoot /var/lib/mediawiki
   
     <Directory /var/lib/mediawiki>
       Options -Indexes +FollowSymLinks +MultiViews
       AllowOverride All
       Require all granted
     </Directory>
   
     ErrorLog ${APACHE_LOG_DIR}/gaframework-error.log
   
     # Possible values include: debug, info, notice, warn, error, crit,
     # alert, emerg.
     LogLevel warn
   
     CustomLog ${APACHE_LOG_DIR}/gaframework-access.log combined
   
     RewriteEngine on
     RewriteCond %{SERVER_NAME} =gaframework.org [OR]
     RewriteCond %{SERVER_NAME} =www.gaframework.org
     RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
   
   </VirtualHost>

The site can be enabled with the command

   a2ensite gaframework
   service apache2 reload


Google Analytics

See Adding Google Analytics to MediaWiki.

SSL

Installation

Install certbot as follows.

   # sudo add-apt-repository ppa:certbot/certbot
   # sudo apt update
   # sudo apt install python-certbot-apache

Launch the client with apache module and follow the instructions

   # sudo certbot --apache

Ensure that the firewall (UFW) is set to allow port 443

   ufw allow https

Renewal

   service apache2 stop
   certbot renew
   service apache2 start