因此這次就直接嘗試完全手動安裝了。
1、環境準備
這次使用的 Foswiki 環境,依然是 Ubuntu 12.04,不過就過程來說,使用 Ubuntu 14.04 應該也沒差差別大概只在於,依靠官方提供的工具產生 Apache 設定檔時,要依據安裝的 Apache 版本做調整而已。
(Ubuntu 12.04 中,透過 apt-get 工具安裝的 Apache2,預設會是 Apache 2.2,但 Ubuntu 14.04 則是 Apache 2.4)
1.1、安裝並設定 Apache2
首先,最開始當然是要先安裝網頁伺服器因為 Foswiki 完全支援 Apache,而且還有產生器可以產生 Apache 專用的設定檔
因此就直接選用 Apache 作為網頁伺服器了。
apt-get install apache2上述指令安裝完 Apache2 後,需要確認一下目前安裝的版本,以 Ubuntu 12.04 來說,應該會安裝到 Apache 2.2。
接著因為 Foswiki 會用到一個叫做 rewrite 的模組,所以要先啟用這個模組。
在 Apache 2.2 中,模組的 include 指令已經被獨立放成一個一個的檔案,並且放在 mods-available 資料夾中
因此只需要把模組的 include 檔案連結到 mods-enabled 資料夾即可。
ln -s /etc/apache2/mods-available/rewrite.load /etc/apache2/mods-enabled
1.2、安裝 Perl 執行環境
Perl 執行環境需要準備的東西就比較多了。為了簡單,這裡使用 CPAN(Comprehensive Perl Archive Network)這個工具來安裝 Perl 的套件 [1],因此第一步自然是先安裝 CPAN 了。
執行下面的安裝指令,除了安裝 CPAN 以外,還包含了一些 CPAN 會用到的其他東西,避免後續出現奇怪的錯誤。
apt-get install libcgi-session-perl liblocal-lib-perl build-essential libssl-dev安裝完成以後,使用以下的指令進入 CPAN 的指令介面。
perl -MCPAN -e shell在 CPAN 指令介面中,依序輸入以下的一大堆 install 指令,進行 Perl 套件的安裝與升級。
install Bundle::CPAN reload cpan install Locale::Maketext install HTML::Entities install HTML::Parser install HTML::Tree install URI install LWP install version install Digest::SHA install Digest::SHA1 install Archive::Tar install Archive::Zip install Error install JSON install File::Path install File::Copy::Recursive install Crypt::PasswdMD5 install Text::Diff install File::Grep install Email::MIME install Authen::SASL install Net::SSLeay install IO::Socket::SSL install Locale::Maketext::Lexicon install Locale::Msgfmt exit以上安裝的套件中,第一個是在升級 CPAN,然後重新讀取 CPAN;
第三到第七個是依據 Foswiki 官方安裝文件 [2] 中寫到的必備套件;
第八個開始則是從安裝過程的錯誤、以及 Foswiki 設定介面上的提示或者官方安裝文件 [2] 的選擇安裝項目依序加入的。
最後離開 CPAN 的指令介面。
2、Foswiki 的 Apache 環境設定
系統大環境準備好以後,就要開始準備讓 Foswiki 跑在 Apache 上需要的環境設定了。2.1、下載 Foswiki
這裡我下載的版本是 Foswiki 1.2.0 Beta 2 [3](不過過兩天就要釋出 Foswiki 2.0 了.....Orz)。下載回來的檔案是 Foswiki-1.2.0_Beta_2.tgz,將它解壓縮後放置到 /opt/foswiki
放置的位置是可以任意決定的,影響到的只是下個步驟在產生 Apache 設定檔時,要記得在產生器上填上正確的路徑。
接著要變更所有人,用以下的指令把整個資料夾全改成 Apache 的使用者擁有。
chown -R www-data:www-data /opt/foswiki然後變更權限的部分,我自己是偷懶全改成 770,但系統會暴露在網路上的話,建議要參考一下官方的文件 [4]
(雖然說官方文件目前沒有 1.2.0 或者是 2.0 版的權限設定建議,我自己不太確定直接用 1.0.x 的權限會不會有什麼問題)
chmod -R 770 /opt/foswiki
2.2、產生 Apache 設定檔
由於 Apache 的結構已經相當模組化了,因此 Foswiki 可以直接用官方提供的工具產生設定檔再把設定檔放到 Apache 放設定檔的資料夾就可以了。
設定檔產生器的連結請參考 [5],雖然看起來有點長,但其實在沒有特殊需求的情況下,很多設定是可以不用做的。
以下是我產生出來的設定檔。
# For Foswiki version 1.2, Apache 2.2
# The Alias defines a url that points to the root of the Foswiki installation.
# The first parameter will be part of the URL to your installation e.g.
# http://my.co.uk/foswiki/bin/view/...
# The second parameter must point to the physical path on your disc.
ScriptAlias /foswiki/bin "/opt/foswiki/bin"
# The following Alias is used to access files in the pub directory (attachments etc)
# It must come _after_ the ScriptAlias.
# If short URLs are enabled, and any other local directories or files need to be accessed directly, they
# must also be specified in an Alias statement, and must not conflict with a web name.
Alias /foswiki/pub "/opt/foswiki/pub"
Alias /foswiki/robots.txt "/opt/foswiki/robots.txt"
# Rewriting is required for Short URLs, and Attachment redirecting to viewfile
RewriteEngine on
#RewriteLog "/var/log/apache/rewrite.log"
#RewriteLogLevel 0
# short urls
Alias /foswiki "/opt/foswiki/bin/view"
RewriteRule ^/+foswiki/+bin/+view/+(.*) /foswiki/$1 [L,NE,R]
RewriteRule ^/+foswiki/+bin/+view$ /foswiki/ [L,NE,R]
# Block access to typical spam related attachments
# Except the Foswiki directory which is read only and does have attached html files.
SetEnvIf Request_URI "/foswiki/pub/.*\.[hH][tT][mM][lL]?$" blockAccess
SetEnvIf Request_URI "/foswiki/pub/System/.*\.[hH][tT][mM][lL]?$" !blockAccess
# This enables access to the documents in the Foswiki root directory
<Directory "/opt/foswiki">
Order Allow,Deny
Allow from all
Deny from env=blockAccess
</Directory>
# This specifies the options on the Foswiki scripts directory. The ExecCGI
# and SetHandler tell apache that it contains scripts. "Allow from all"
# lets any IP address access this URL.
# Note: If you use SELinux, you also have to "Allow httpd cgi support" in your SELinux policies
<Directory "/opt/foswiki/bin">
AllowOverride None
Order Allow,Deny
Allow from all
Deny from env=blockAccess
Options +ExecCGI -FollowSymLinks
SetHandler cgi-script
# Password file for Foswiki users
AuthUserFile "/opt/foswiki/data/.htpasswd"
AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.'
AuthType Basic
</Directory>
# This sets the options on the pub directory, which contains attachments and
# other files like CSS stylesheets and icons. AllowOverride None stops a
# user installing a .htaccess file that overrides these options.
# Note that files in pub are *not* protected by Foswiki Access Controls,
# so if you want to control access to files attached to topics you need to
# block access to the specific directories same way as the ApacheConfigGenerator
# blocks access to the pub directory of the Trash web
<Directory "/opt/foswiki/pub">
Options None
Options -FollowSymLinks
AllowOverride None
Order Allow,Deny
Allow from all
Deny from env=blockAccess
ErrorDocument 404 /foswiki/bin/viewfile
# This line will redefine the mime type for the most common types of scripts
AddType text/plain .shtml .php .php3 .phtml .phtm .pl .py .cgi
#
# add an Expires header that is sufficiently in the future that the browser does not even ask if its uptodate
# reducing the load on the server significantly
# IF you can, you should enable this - it _will_ improve your Foswiki experience, even if you set it to under one day.
# you may need to enable expires_module in your main apache config
#LoadModule expires_module libexec/httpd/mod_expires.so
#AddModule mod_expires.c
#<ifmodule mod_expires.c>
# <filesmatch "\.(jpe?g|gif|png|css(\.gz)?|js(\.gz)?|ico)$">
# ExpiresActive on
# ExpiresDefault "access plus 11 days"
# </filesmatch>
#</ifmodule>
#
# Serve pre-compressed versions of .js and .css files, if they exist
# Some browsers do not handle this correctly, which is why it is disabled by default
# <FilesMatch "\.(js|css)$">
# RewriteEngine on
# RewriteCond %{HTTP:Accept-encoding} gzip
# RewriteCond %{REQUEST_FILENAME}.gz -f
# RewriteRule ^(.*)$ %{REQUEST_URI}.gz [L,QSA]
# </FilesMatch>
# <FilesMatch "\.(js|css)\?.*$">
# RewriteEngine on
# RewriteCond %{HTTP:Accept-encoding} gzip
# RewriteCond %{REQUEST_FILENAME}.gz -f
# RewriteRule ^([^?]*)\?(.*)$ $1.gz?$2 [L]
# </FilesMatch>
# <FilesMatch "\.js\.gz(\?.*)?$">
# AddEncoding x-gzip .gz
# AddType application/x-javascript .gz
# </FilesMatch>
# <FilesMatch "\.css\.gz(\?.*)?$">
# AddEncoding x-gzip .gz
# AddType text/css .gz
# </FilesMatch>
</Directory>
# Spammers are known to attach their stuff and then move it to trash where it remains unnoticed.
# We prevent viewing any attachments directly from pub
<Directory "/opt/foswiki/pub/Trash">
deny from all
</Directory>
# Security note: All other directories should be set so
# that they are *not* visible as URLs, so we set them as =deny from all=.
<Directory "/opt/foswiki/data">
deny from all
</Directory>
<Directory "/opt/foswiki/templates">
deny from all
</Directory>
<Directory "/opt/foswiki/lib">
deny from all
</Directory>
<Directory "/opt/foswiki/locale">
deny from all
</Directory>
<Directory "/opt/foswiki/tools">
deny from all
</Directory>
<Directory "/opt/foswiki/working">
deny from all
</Directory>
# We set an environment variable called blockAccess.
#
# Setting a BrowserMatchNoCase to ^$ is important. It prevents Foswiki from
# including its own topics as URLs and also prevents other Foswikis from
# doing the same. This is important to prevent the most obvious
# Denial of Service attacks.
#
# You can expand this by adding more BrowserMatchNoCase statements to
# block evil browser agents trying to crawl your Foswiki
#
# Example:
# BrowserMatchNoCase ^SiteSucker blockAccess
# BrowserMatchNoCase ^$ blockAccess
BrowserMatchNoCase ^Accoona blockAccess
BrowserMatchNoCase ^ActiveAgent blockAccess
BrowserMatchNoCase ^Attache blockAccess
BrowserMatchNoCase BecomeBot blockAccess
BrowserMatchNoCase ^bot blockAccess
BrowserMatchNoCase Charlotte/ blockAccess
BrowserMatchNoCase ^ConveraCrawler blockAccess
BrowserMatchNoCase ^CrownPeak-HttpAgent blockAccess
BrowserMatchNoCase ^EmailCollector blockAccess
BrowserMatchNoCase ^EmailSiphon blockAccess
BrowserMatchNoCase ^e-SocietyRobot blockAccess
BrowserMatchNoCase ^Exabot blockAccess
BrowserMatchNoCase ^FAST blockAccess
BrowserMatchNoCase ^FDM blockAccess
BrowserMatchNoCase ^GetRight/6.0a blockAccess
BrowserMatchNoCase ^GetWebPics blockAccess
BrowserMatchNoCase ^Gigabot blockAccess
BrowserMatchNoCase ^gonzo1 blockAccess
BrowserMatchNoCase ^Google\sSpider blockAccess
BrowserMatchNoCase ^ichiro blockAccess
BrowserMatchNoCase ^ie_crawler blockAccess
BrowserMatchNoCase ^iGetter blockAccess
BrowserMatchNoCase ^IRLbot blockAccess
BrowserMatchNoCase Jakarta blockAccess
BrowserMatchNoCase ^Java blockAccess
BrowserMatchNoCase ^KrakSpider blockAccess
BrowserMatchNoCase ^larbin blockAccess
BrowserMatchNoCase ^LeechGet blockAccess
BrowserMatchNoCase ^LinkWalker blockAccess
BrowserMatchNoCase ^Lsearch blockAccess
BrowserMatchNoCase ^Microsoft blockAccess
BrowserMatchNoCase MJ12bot blockAccess
BrowserMatchNoCase MSIECrawler blockAccess
BrowserMatchNoCase ^MSRBOT blockAccess
BrowserMatchNoCase ^noxtrumbot blockAccess
BrowserMatchNoCase ^NutchCVS blockAccess
BrowserMatchNoCase ^RealDownload blockAccess
BrowserMatchNoCase ^Rome blockAccess
BrowserMatchNoCase ^Roverbot blockAccess
BrowserMatchNoCase ^schibstedsokbot blockAccess
BrowserMatchNoCase ^Seekbot blockAccess
BrowserMatchNoCase ^SiteSnagger blockAccess
BrowserMatchNoCase ^SiteSucker blockAccess
BrowserMatchNoCase ^Snapbot blockAccess
BrowserMatchNoCase ^sogou blockAccess
BrowserMatchNoCase ^SpiderKU blockAccess
BrowserMatchNoCase ^SpiderMan blockAccess
BrowserMatchNoCase ^Squid blockAccess
BrowserMatchNoCase ^Teleport blockAccess
BrowserMatchNoCase ^User-Agent\: blockAccess
BrowserMatchNoCase VoilaBot blockAccess
BrowserMatchNoCase ^voyager blockAccess
BrowserMatchNoCase ^w3search blockAccess
BrowserMatchNoCase ^Web\sDownloader blockAccess
BrowserMatchNoCase ^WebCopier blockAccess
BrowserMatchNoCase ^WebDevil blockAccess
BrowserMatchNoCase ^WebSec blockAccess
BrowserMatchNoCase ^WebVac blockAccess
BrowserMatchNoCase ^Webwhacker blockAccess
BrowserMatchNoCase ^Webzip blockAccess
BrowserMatchNoCase ^Wells blockAccess
BrowserMatchNoCase ^WhoWhere blockAccess
BrowserMatchNoCase www\.netforex\.org blockAccess
BrowserMatchNoCase ^WX_mail blockAccess
BrowserMatchNoCase ^yacybot blockAccess
BrowserMatchNoCase ^ZIBB blockAccess
# Setting the NO_FOSWIKI_SESSION environment variable prevents a
# session being created for the Google Search Appliance bot. This
# is useful if you have the Google Search Appliance installed on
# your intranet, as they can be very aggressive when indexing, creating
# a lot of session files and slowing Foswiki down.
# You can also set this environment variable for public sites, to
# prevent Google and other search engines' bots. However, these tend
# to index your site a lot less often than the Google Search Appliance.
# *Works on Foswiki 1.1 and later only*
BrowserMatch "^gsa-crawler" NO_FOSWIKI_SESSION
BrowserMatchNoCase ^$ blockAccess
設定檔產生出來以後,直接寫到 /etc/apache2/conf.d/foswiki.conf,然後重新啟動 Apache 即可。service apache2 restart
3、設定 Foswiki
前兩個步驟做完,其實 Foswiki 環境就已經建好了,可以從 http://hostname/foswiki/bin/configure 進入設定介面。從官方文件 [2] 的描述來看,這時會自動給予暫時的管理權限,並且一開始只能做 General Settings 的部份
把基本設定(主要是 Default Url Host 這個參數)設完,就可以再做其他分類的設定。
剛開始的設定中,一定要做的是 Security and Authentication > Passwords > Internal Admin Password 設定
把 admin 帳號的密碼設好以後,以後要使用 admin 功能,就可以用 admin 登入了。
另外 Mail 分類也建議一定要設定,否則註冊功能會有問題。
PS. 郵件伺服器如果要使用 Gmail 的話,有一點小撇步需要了解,預計我會寫在「自行架設 Wiki 引擎(三):Foswiki 基本設定」這篇文章中。
4、Trouble Shooting
- 2016-03-23 因為上面使用了 CPAN,發現如果要在 VM 內部屬的話,相同環境下記憶體必須超過 512MB,否則 CPAN 的各種安裝會無法完成。
- 2016-06-01 Foswiki 預設網址需要打像是 http://hostname/foswiki 才能進入首頁,如果想要直接打 http://hostname/ 就直接進入首頁的話,可以在上述設定檔的 24 行下面再加一行:
Alias /foswiki "/opt/foswiki/bin/view" Alias / "/opt/foswiki/bin/view"
參考資料:
沒有留言:
張貼留言