====== Description ======
This page describes the automated installation of DokuWiki (via the Tarball) on a Debian "wheezy" 7 target using [[http://www.ansible.com/|Ansible]] with ssh and ''root'' access.
===== Notes =====
This installation surely is not best practice since it uses ''root'' for ssh. Also it relies on builtin linux tools like tar, mv and chown. Anyone with ansible knowledge is kindly asked to improve these issues and provide better scripts.
The following scripts were tested on a Debian "wheezy" 7.2 installation in a VirtualBox environment with 512MB RAM. Later the RAM was once tentatively reduced to 64MB (post-installation) for an experiment, this means you may be lucky to get an instance up and running but without any warranty.
===== Security =====
There were no efforts made to harden the installation by using conservative permissions, SELinux or other restrictions.
====== Preparation ======
Have a installed Debian "wheezy" 7 instance with installed ssh key and root access. Ansible requires Python:
[sudo] apt-get install python
====== Installation ======
Edit your copy of ''dokuwiki.yml'' file to contain your target instance, refer to the [[http://docs.ansible.com/intro_inventory.html|ansible documentation]] for further details.
---
- name: Install dokuwiki
hosts:
user: root
roles:
- { role: nginx, configuration_file: 'roles/dokuwiki/templates/default.conf', dest: dokuwiki }
- php5-fpm
- dokuwiki
---
- name: Download latest stable dokuwiki tarball
get_url: url=http://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz dest=/var/tmp/dokuwiki-stable.tgz
- name: Unpack tarball
command: tar -xvf dokuwiki-stable.tgz chdir=/var/tmp
- name: Prepare target directory
command: mkdir /srv/dokuwiki
- name: Move dokuwiki
shell: mv /var/tmp/dokuwiki-2013-12-08/* /srv/dokuwiki/
- name: Fix permissions
shell: chown -R www-data /srv/dokuwiki/*
notify: restart nginx
server {
listen *:80;
root /srv;
index index.php;
# serve static files from nginx
location ~ ^/dokuwiki/lib/.+\.(css|gif|js|png)$ {
root /srv;
expires 30d;
}
location = /dokuwiki/install.php {
root /srv;
fastcgi_pass unix:/var/run/php5-fpm.sock;
include fastcgi_params;
}
location = /dokuwiki {
rewrite ^ /dokuwiki/ permanent;
}
location = /dokuwiki/ {
rewrite ^ /dokuwiki/doku.php last;
expires 30d;
}
location ~ ^/dokuwiki/(|lib/(exe|plugins/[^/]+)/)[^/]+\.php {
root /srv;
fastcgi_pass unix:/var/run/php5-fpm.sock;
include fastcgi_params;
}
location /dokuwiki/ {
deny all;
}
}
---
- name: Install nginx
apt: pkg=nginx state=present update_cache=yes
- name: Start nginx at boot
service: name=nginx state=started enabled=yes
- name: Copy nginx configuration
template: src={{ configuration_file }} dest=/etc/nginx/sites-enabled/{{ dest }}
notify: restart nginx
- name: Deny access to install.php
tags: after_installation
shell: sed -i '/location = \/dokuwiki\/install.php {/a \ \ \ \ \ \ \ \ deny all;' /etc/nginx/sites-enabled/dokuwiki
notify: restart nginx
---
- name: restart nginx
service: name=nginx state=restarted
---
- name: Install php5
apt: name=php5-fpm state=present
Now you can kick-off the installation process on your workstation with:
ansible-playbook --skip-tags=after_installation dokuwiki.yml
After the installation process terminated, you must finish the installation directing your browser to ''http://yourip.or.domain/dokuwiki/install.php''
====== Post-Installation ======
Just to be sure ''install.php'' cannot get called twice, deactivate the access:
ansible-playbook -t after_installation dokuwiki.yml