baldnerd/mediawiki-server-appliance
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

First commit; not yet functional

Browse Source
This commit is contained in:
Robbie Ferguson
2025-07-18 10:26:44 -04:00
parent f43e9557a2
commit 4bcdb4cba7
3 changed files with 437 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

266
installer.sh Executable file
View File

@ -0,0 +1,266 @@
#!/bin/bash
# MediaWiki Server Appliance
# An Open Source Appliance from Robbie Ferguson
# (c) 2025 Robbie Ferguson. Licensed under the Apache License, Version 2.0
# This is the admin installer for building the appliance.
# Only to be run on a dedicated vanilla server to convert to this purpose.
# NEVER RUN THIS SCRIPT ON YOUR COMPUTER - it CONVERTS it to an appliance.
### HANDLE --purge ###
if [[ "$1" == "--purge" ]]; then
echo "[!] This will permanently remove all MediaWiki Appliance components."
echo " This will DESTROY a normal system; NEVER run this without exactly"
echo " understanding what the purpose is."
read -p "Are you sure you want to destory this system? [y/N]: " confirm
if [[ "$confirm" != "y" && "$confirm" != "Y" ]]; then
echo "Aborted."
exit 1
fi
echo "[*] Purging packages..."
systemctl stop nginx mariadb redis-server || true
apt purge -y nginx mariadb-server php* redis-server certbot python3-certbot-nginx
apt autoremove -y
rm -rf /var/www/html /etc/nginx/sites-available/mediawiki /etc/nginx/sites-enabled/default
rm -rf /etc/ssl/mediawiki
echo "[✓] Purge complete."
exit 0
fi
set -e
### CONFIG ###
MW_DIR="/var/www/html"
DB_NAME="mediawiki"
DB_USER="wikiuser"
DB_PASS="$(openssl rand -base64 18)"
INSTALLER_DIR="$(pwd)"
### UPDATE SYSTEM AND INSTALL DEPENDENCIES ###
echo "[*] Installing system packages..."
apt update
apt install -y nginx mariadb-server php php-fpm php-mysql php-intl php-xml php-mbstring php-apcu php-gd php-curl php-zip unzip git curl redis-server php-redis certbot python3-certbot-nginx
### CONFIGURE DATABASE ###
echo "[*] Configuring MariaDB..."
mysql -e "CREATE DATABASE ${DB_NAME};"
mysql -e "CREATE USER '${DB_USER}'@'localhost' IDENTIFIED BY '${DB_PASS}';"
mysql -e "GRANT ALL PRIVILEGES ON ${DB_NAME}.* TO '${DB_USER}'@'localhost';"
mysql -e "FLUSH PRIVILEGES;"
### DOWNLOAD MEDIAWIKI ###
echo "[*] Downloading latest MediaWiki..."
# A clever lil' way to detect the latest version of MediaWiki
MW_VERSION=$(curl -s https://releases.wikimedia.org/mediawiki/ | grep -oP 'href="([0-9]+\.[0-9]+(\.[0-9]+)?/)"' | cut -d'"' -f2 | sed 's:/$::' | sort -V | tail -n1)
# Now, git 'er!
DOWNLOAD_URL="https://releases.wikimedia.org/mediawiki/${MW_VERSION}/mediawiki-${MW_VERSION}.tar.gz"
FALLBACK_URL="https://releases.wikimedia.org/mediawiki/${MW_VERSION}/mediawiki-${MW_VERSION}.0.tar.gz"
echo "[*] Attempting to download MediaWiki version $MW_VERSION..."
cd /tmp
# This method ensures if the file is .0, we append that to the version for the extraction and installation portion
if wget "$DOWNLOAD_URL"; then
TAR_FILE="mediawiki-${MW_VERSION}.tar.gz"
elif wget "$FALLBACK_URL"; then
MW_VERSION="${MW_VERSION}.0"
TAR_FILE="mediawiki-${MW_VERSION}.tar.gz"
else
echo "[!] Failed to download MediaWiki source."
exit 1
fi
tar -xzf "mediawiki-${MW_VERSION}.tar.gz"
rm -rf "$MW_DIR"
mv "mediawiki-${MW_VERSION}" "$MW_DIR"
### AUTO-CONFIGURE MEDIAWIKI ###
echo "[*] Generating LocalSettings.php..."
WIKI_NAME="My Wiki"
ADMIN_USER="admin"
# WARNING: Default admin password is 'changeme'. User must change it immediately.
ADMIN_PASS="changeme"
### APPEND ADDITIONAL SETTINGS ###
LSETTINGS="$MW_DIR/LocalSettings.php"
echo "[*] Applying additional configuration..."
cat >> "$LSETTINGS" <<EOF
# Enable file uploads
\$wgEnableUploads = true;
# Set default skin
\$wgDefaultSkin = "vector";
# Enable Redis caching
\$wgMainCacheType = CACHE_REDIS;
\$wgMemCachedServers = ["127.0.0.1:6379"];
# Allow temporary simple admin password for first-run activation
\$wgMinimalPasswordLength = 6;
\$wgPasswordPolicy = [
'policies' => [
'default' => [
'MinimalPasswordLength' => 6,
'PasswordCannotBePopular' => false,
],
],
];
EOF
cd "$MW_DIR"
php maintenance/install.php \
--dbname="$DB_NAME" \
--dbuser="$DB_USER" \
--dbpass="$DB_PASS" \
--scriptpath="/" \
--server="https://localhost" \
--lang="en" \
"$WIKI_NAME" \
"$ADMIN_USER" --pass "$ADMIN_PASS"
### ENSURE DEFAULT SKIN IS VECTOR ###
if [[ -f "$LSETTINGS" ]]; then
if ! grep -q '$wgDefaultSkin' "$LSETTINGS"; then
echo "[*] Setting default skin to Vector in LocalSettings.php"
echo -e "\n# Set Vector as the default skin" >> "$LSETTINGS"
echo '$wgDefaultSkin = "vector";' >> "$LSETTINGS"
else
echo "[*] Default skin already configured in LocalSettings.php"
fi
else
echo "[*] LocalSettings.php not found — skipping skin configuration"
fi
### INSTALL EXTENSIONS ###
echo "[*] Installing common extensions..."
cd "$MW_DIR/extensions"
for ext in Cite WikiEditor SyntaxHighlight_GeSHi CategoryTree; do
if [[ ! -d "$MW_DIR/extensions/$ext" ]]; then
echo "[*] Installing extension: $ext"
git clone "https://gerrit.wikimedia.org/r/mediawiki/extensions/${ext}.git" "$MW_DIR/extensions/$ext"
cd "$MW_DIR/extensions/$ext" && git checkout "REL${MW_VERSION//./_}"
else
echo "[*] Extension $ext already exists — skipping"
fi
done
### ENABLE REDIS ###
systemctl enable redis-server
systemctl start redis-server
### CONFIGURE PHP ###
echo "[*] Adjusting PHP settings..."
PHP_INI=$(php --ini | grep "Loaded Configuration" | awk '{print $4}')
sed -i 's/upload_max_filesize = .*/upload_max_filesize = 20M/' "$PHP_INI"
sed -i 's/post_max_size = .*/post_max_size = 24M/' "$PHP_INI"
systemctl restart php*-fpm
### SETUP ACTIVATION ###
cd "$INSTALLER_DIR"
cp -R ./activate /var/www/html/
chown -R www-data:www-data /var/www/html/activate
if [[ ! -e /opt/mediawiki ]]; then
rm -rf /opt/mediawiki
fi
mkdir -p /opt/mediawiki
chown www-data:www-data /opt/mediawiki
### CONFIGURE NGINX ###
echo "[*] Setting up NGINX..."
cat > /etc/nginx/sites-available/mediawiki <<EOF
server {
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
server_name _;
root $MW_DIR;
index index.php;
ssl_certificate /etc/ssl/mediawiki/selfsigned.crt;
ssl_certificate_key /etc/ssl/mediawiki/selfsigned.key;
add_header X-Content-Type-Options nosniff;
location = /activate {
return 301 /activate/;
}
location / {
try_files \$uri \$uri/ @rewrite;
}
location @rewrite {
rewrite ^/(.*)$ /index.php?title=\$1&\$args;
}
location ^~ /maintenance/ {
return 403;
}
location ~ \.php\$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
include fastcgi_params;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|ttf|woff|woff2)$ {
try_files \$uri /index.php;
expires max;
log_not_found off;
}
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 301 https://\$host\$request_uri;
}
EOF
rm -f /etc/nginx/sites-enabled/*
ln -sf /etc/nginx/sites-available/mediawiki /etc/nginx/sites-enabled/default
### SELF-SIGNED SSL ###
echo "[*] Generating self-signed HTTPS cert..."
mkdir -p /etc/ssl/mediawiki
openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-keyout /etc/ssl/mediawiki/selfsigned.key \
-out /etc/ssl/mediawiki/selfsigned.crt \
-subj "/C=US/ST=None/L=None/O=MediaWikiAppliance/CN=localhost"
### FINALIZE ###
nginx -t && systemctl reload nginx
### DONE ###
echo
echo "===================================================================="
echo "MediaWiki Appliance Installed!"
echo
echo "To complete setup, visit: https://your-server-ip/"
echo
echo "Use the following database settings during setup:"
echo " DB Name: $DB_NAME"
echo " DB User: $DB_USER"
echo " DB Password: $DB_PASS"
echo
echo "Admin login:"
echo " Username: $ADMIN_USER"
echo " Password: $ADMIN_PASS"
echo
echo "File uploads enabled, Vector skin and core extensions preloaded."
echo "Redis enabled for caching. PHP limits adjusted for media upload."
echo "Self-signed cert installed. Let's Encrypt ready but not configured."
echo
echo "Certbot is installed. See README.md to enable Let's Encrypt."
echo "===================================================================="