Install TWiki on Ubuntu 12.04 Precise LTS

  1. Install Apache 2 and other required packages:
    sudo apt-get install apache2 libgdal-perl libcgi-session-perl libhtml-tree-perl liberror-perl libfreezethaw-perl libgd2-xpm rcs
  2. Download TWiki-5.1.2.tgz from http://twiki.org/cgi-bin/view/Codev/DownloadTWiki
  3. Install TWiki-5.1.2:
     
        cd /var/www
        tar -zxvf /path/to/TWiki-5.1.2.tgz
        chown -R www-data:www-data /var/www/twiki
        cp /var/www/twiki/bin/LocalLib.cfg.txt /var/www/twiki/bin/LocalLib.cfg
      
  4. Configure TWiki in Apache 2:
    • Go to http://twiki.org/cgi-bin/view/TWiki/ApacheConfigGenerator to generate your twiki configuration file online
    • save the generated configuration to /etc/apache2/conf.d/twiki.conf
    • Here is my twiki.conf:
      # Autogenerated httpd.conf file for TWiki.
      # Generated at http://twiki.org/cgi-bin/view/TWiki/ApacheConfigGenerator
      
      # We set an environment variable called blockAccess.
      #
      # Setting a BrowserMatchNoCase to ^$ is important. It prevents TWiki from
      # including its own topics as URLs and also prevents other TWikis from
      # doing the same. This is important to prevent the most obvious
      # Denial of Service attacks.
      #
      # You can expand this by adding more BrowserMatchNoCase statements to
      # block evil browser agents trying the impossible task of mirroring a twiki
      #
      # Example:
      # BrowserMatchNoCase ^SiteSucker blockAccess
      # BrowserMatchNoCase ^$ blockAccess
      
      BrowserMatchNoCase ^Accoona blockAccess
      BrowserMatchNoCase ^ActiveAgent blockAccess
      BrowserMatchNoCase ^Attache blockAccess
      BrowserMatchNoCase BecomeBot blockAccess
      BrowserMatchNoCase ^bot blockAccess
      BrowserMatchNoCase Charlotte/ blockAccess
      BrowserMatchNoCase ^ConveraCrawler blockAccess
      BrowserMatchNoCase ^CrownPeak-HttpAgent blockAccess
      BrowserMatchNoCase ^EmailCollector blockAccess
      BrowserMatchNoCase ^EmailSiphon blockAccess
      BrowserMatchNoCase ^e-SocietyRobot blockAccess
      BrowserMatchNoCase ^Exabot blockAccess
      BrowserMatchNoCase ^FAST blockAccess
      BrowserMatchNoCase ^FDM blockAccess
      BrowserMatchNoCase ^GetRight/6.0a blockAccess
      BrowserMatchNoCase ^GetWebPics blockAccess
      BrowserMatchNoCase ^Gigabot blockAccess
      BrowserMatchNoCase ^gonzo1 blockAccess
      BrowserMatchNoCase ^Google\sSpider blockAccess
      BrowserMatchNoCase ^ichiro blockAccess
      BrowserMatchNoCase ^ie_crawler blockAccess
      BrowserMatchNoCase ^iGetter blockAccess
      BrowserMatchNoCase ^IRLbot blockAccess
      BrowserMatchNoCase Jakarta blockAccess
      BrowserMatchNoCase ^Java blockAccess
      BrowserMatchNoCase ^KrakSpider blockAccess
      BrowserMatchNoCase ^larbin blockAccess
      BrowserMatchNoCase ^LeechGet blockAccess
      BrowserMatchNoCase ^LinkWalker blockAccess
      BrowserMatchNoCase ^Lsearch blockAccess
      BrowserMatchNoCase ^Microsoft blockAccess
      BrowserMatchNoCase ^MJ12bot blockAccess
      BrowserMatchNoCase MSIECrawler blockAccess
      BrowserMatchNoCase ^MSRBOT blockAccess
      BrowserMatchNoCase ^noxtrumbot blockAccess
      BrowserMatchNoCase ^NutchCVS blockAccess
      BrowserMatchNoCase ^RealDownload blockAccess
      BrowserMatchNoCase ^Rome blockAccess
      BrowserMatchNoCase ^Roverbot blockAccess
      BrowserMatchNoCase ^schibstedsokbot blockAccess
      BrowserMatchNoCase ^Seekbot blockAccess
      BrowserMatchNoCase ^SiteSnagger blockAccess
      BrowserMatchNoCase ^SiteSucker blockAccess
      BrowserMatchNoCase ^Snapbot blockAccess
      BrowserMatchNoCase ^sogou blockAccess
      BrowserMatchNoCase ^SpiderKU blockAccess
      BrowserMatchNoCase ^SpiderMan blockAccess
      BrowserMatchNoCase ^Squid blockAccess
      BrowserMatchNoCase ^Teleport blockAccess
      BrowserMatchNoCase ^User-Agent\: blockAccess
      BrowserMatchNoCase VoilaBot blockAccess
      BrowserMatchNoCase ^voyager blockAccess
      BrowserMatchNoCase ^W3C blockAccess
      BrowserMatchNoCase ^w3search blockAccess
      BrowserMatchNoCase ^Web\sDownloader blockAccess
      BrowserMatchNoCase ^WebCopier blockAccess
      BrowserMatchNoCase ^WebDevil blockAccess
      BrowserMatchNoCase ^WebSec blockAccess
      BrowserMatchNoCase ^WebVac blockAccess
      BrowserMatchNoCase ^Webwhacker blockAccess
      BrowserMatchNoCase ^Webzip blockAccess
      BrowserMatchNoCase ^Wells blockAccess
      BrowserMatchNoCase ^WhoWhere blockAccess
      BrowserMatchNoCase www\.netforex\.org blockAccess
      BrowserMatchNoCase ^WX_mail blockAccess
      BrowserMatchNoCase ^yacybot blockAccess
      BrowserMatchNoCase ^ZIBB blockAccess
      BrowserMatchNoCase ^$ blockAccess
      
      <IfModule mod_perl.c>
          # Mod_perl preloading
          PerlSwitches -T
      </IfModule>
      
      # The ScriptAlias defines the bin directory as a directory where CGI
      # scripts are allowed.
      # The first parameter will be part of the URL to your installation e.g.
      # http://example.com/do/view/...
      # The second parameter must point to the physical path on your disc.
      ScriptAlias /twiki/bin "/var/www/twiki/bin"
      
      # The Alias defines a url that points to the twiki pub directory, which
      # is the root of file attachments.
      Alias /twiki/pub "/var/www/twiki/pub"
      
      Alias /twiki "/var/www/twiki/bin/view"
      
      # Block access to typical spam related attachments
      # Except the TWiki directory which is read only and does have attached html files.
      SetEnvIf Request_URI "/pub/.*\.[hH][tT][mM][lL]?$" blockAccess
      SetEnvIf Request_URI "/pub/TWiki/.*\.[hH][tT][mM][lL]?$" !blockAccess
      
      # This specifies the options on the TWiki scripts directory. The ExecCGI
      # and SetHandler tell apache that it contains scripts. "Allow from all"
      # lets any IP address access this URL.
      <Directory "/var/www/twiki/bin">
          AllowOverride None
          Order Allow,Deny
          Allow from all
          Deny from env=blockAccess
      
          Options ExecCGI FollowSymLinks
          SetHandler cgi-script
      
          # Password file for TWiki users
          AuthUserFile /var/www/twiki/data/.htpasswd
          AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith)'
          AuthType Basic
      
          # File to return on access control error (e.g. wrong password)
          ErrorDocument 401 /bin/view/TWiki/TWikiRegistration
      
      
      # When using Apache type login the following defines the TWiki scripts
      # that makes Apache ask the browser to authenticate. It is correct that
      # scripts such as view are not authenticated.
      <FilesMatch "(attach|edit|manage|rename|save|upload|mail|logon|rest|.*auth).*">
         require valid-user
      </FilesMatch>
      
      
      </Directory>
      
      # This sets the options on the pub directory, which contains attachments and
      # other files like CSS stylesheets and icons. AllowOverride None stops a
      # user installing a .htaccess file that overrides these options.
      # Note that files in pub are *not* protected by TWiki Access Controls,
      # so if you want to control access to files attached to topics you need to
      # block access to the specific directories same way as the ApacheConfigGenerator
      # blocks access to the pub directory of the Trash web
      <Directory "/var/www/twiki/pub">
          Options None
          AllowOverride None
          Order Allow,Deny
          Allow from all
          Deny from env=blockAccess
      
          # Disable execusion of PHP scripts
          php_admin_flag engine off
      
          # This line will redefine the mime type for the most common types of scripts
          AddType text/plain .shtml .php .php3 .phtml .phtm .pl .py .cgi
      
      #add an Expires header that is sufficiently in the future that the browser does not even ask if its uptodate
      # reducing the load on the server significantly
      #IF you can, you should enable this - it _will_ improve your twiki experience, even if you set it to under one day.
      # you may need to enable expires_module in your main apache config
      #LoadModule expires_module libexec/httpd/mod_expires.so
      #AddModule mod_expires.c
      #<ifmodule mod_expires.c>
      #  <filesmatch "\.(jpg|gif|png|css|js)$">
      #       ExpiresActive on
      #       ExpiresDefault "access plus 11 days"
      #   </filesmatch>
      #</ifmodule>
      
      </Directory>
      
      # Spammers are known to attach their stuff and then move it to trash where it remains unnoticed.
      # We prevent viewing any attachments directly from pub
      <Directory "/var/www/twiki/pub/Trash">
         deny from all
      </Directory>
      
    • Allow configure TWiki from local ip (and/or remote admin hosts) by adding following to /etc/apache2/conf.d/twiki.conf:
      <FilesMatch "^configure.*">
             SetHandler cgi-script
             Order Deny,Allow
             Deny from all
             Allow from 127.0.0.1,192.168.20.8,192.168.20.11
      </FilesMatch>
      
  5. Reload Apache 2:
    sudo /etc/init.d/apache2 reload
  6. Edit /var/www/twiki/bin/LocalLib.cfg:
    $twikiLibPath = "/var/www/twiki/lib";
  7. Configure your twiki: go to http://yourtwikihost.org/twiki/bin/configure,  setup admin password and paths, save it.
  8. Add following line to /var/www/twiki/lib/LocalSite.cfg (DO NOT append to the very end of the file)
    $TWiki::cfg{ScriptUrlPaths}{view} = '';
    
    to short view action so that /twiki/view/WikiWord can be shorten to /twiki/WikiWord

See also

No comments:

Post a Comment