Linux - Applications: Difference between revisions

From Smithnet Wiki
Jump to navigation Jump to search
 
(6 intermediate revisions by the same user not shown)
Line 1: Line 1:
== Apache ==
== Apache HTTPD ==


* /etc/httpd/conf/httpd.conf
* /etc/httpd/conf/httpd.conf
Line 8: Line 8:
   php php-mbstring php-pear php-fpm
   php php-mbstring php-pear php-fpm


User directories:
User directories using mod_user_dir enabled in:
* /etc/httpd/conf.d/userdir.conf


and set SELinux/permissions:
  setsebool -P httpd_enable_homedirs 1
  setsebool -P httpd_enable_homedirs 1
  chmod 711 /home/someuser
  chmod 711 /home/someuser
Line 16: Line 18:
After updating certificate (and key) SELinux may not allow access. Fix with:
After updating certificate (and key) SELinux may not allow access. Fix with:
  restorecon -v /etc/pki/tls/certs/www.smithnet.org.uk.cert.pem
  restorecon -v /etc/pki/tls/certs/www.smithnet.org.uk.cert.pem
Use [https://httpd.apache.org/docs/2.4/mod/mod_auth_basic.html Basic Auth] to hide a specific directory with user validation:
    <Directory "/var/www/html/protected">
        AuthType Basic
        AuthName "Protected Area"
        AuthBasicProvider file
        AuthUserFile "/etc/httpd/passwords"
        Require valid-user
    </Directory>
Update user accounts with:
htpasswd /etc/httpd/passwords jblogs


=== HTTP/2 ===
=== HTTP/2 ===
Line 35: Line 49:
  < HTTP/2 200
  < HTTP/2 200
  ...
  ...
== Daedalus ==
[https://daedaluswallet.io/ Daedalus Wallet] directories used:
* ~/.daedalus
* ~/.local/share/Daedalus
Main executable:
* ~/.local/bin/daedalus-mainnet


== Mediawiki ==
== Mediawiki ==
Line 61: Line 84:
Icon is nominally 50×50 pixels if SVG, or 100×100 pixels if raster. The 1x version hould be 135px wide by up to ~155px tall.
Icon is nominally 50×50 pixels if SVG, or 100×100 pixels if raster. The 1x version hould be 135px wide by up to ~155px tall.


Add new file types for upload, and enable uploads:
Ensure file uploads are allowed, and add new allowed file types:
$wgFileExtensions[] = 'pdf';
  $wgEnableUploads = true;
  $wgEnableUploads = true;
$wgFileExtensions = array_merge(
    $wgFileExtensions, [
        'pdf', 'ppt', 'jp2', 'doc', 'docx', 'xls', 'xlsx'
    ]
);


Extra Logging:
Extra Logging:
  $wgShowExceptionDetails = true;
  $wgShowExceptionDetails = true;
=== Math ===


The [https://www.mediawiki.org/wiki/Extension:Math Math] extension is now distributed in:
The [https://www.mediawiki.org/wiki/Extension:Math Math] extension is now distributed in:
Line 73: Line 102:
Add to configuration:
Add to configuration:
  wfLoadExtension( 'Math' );
  wfLoadExtension( 'Math' );
$wgDefaultUserOptions['math'] = 'mathml';
Update the database through the UI:
/wiki/mw-config/index.php
and check the Special:Version and Special:Math pages.


=== Access Control ===
=== Access Control ===
Line 100: Line 135:
or HTTPD (0 is unlimited):
or HTTPD (0 is unlimited):
  LimitRequestBody 0
  LimitRequestBody 0
Importing images from /wiki/images should be possible from the [https://www.mediawiki.org/wiki/Manual:ImportImages.php maintenance/importImages.php] script, but this didn't recognise any images for me.


== Tomcat ==
== Tomcat ==

Latest revision as of 04:37, 15 May 2024

Apache HTTPD

  • /etc/httpd/conf/httpd.conf
  • /etc/httpd/conf.d/ssl.conf
  • /etc/httpd/conf.d/proxy_ajp.conf to connect to Tomcat over AJP

PHP packages:

 php php-mbstring php-pear php-fpm

User directories using mod_user_dir enabled in:

  • /etc/httpd/conf.d/userdir.conf

and set SELinux/permissions:

setsebool -P httpd_enable_homedirs 1
chmod 711 /home/someuser
chmod 755 /home/someuser/public_html

After updating certificate (and key) SELinux may not allow access. Fix with:

restorecon -v /etc/pki/tls/certs/www.smithnet.org.uk.cert.pem

Use Basic Auth to hide a specific directory with user validation:

   <Directory "/var/www/html/protected">
       AuthType Basic
       AuthName "Protected Area"
       AuthBasicProvider file
       AuthUserFile "/etc/httpd/passwords"
       Require valid-user
   </Directory>

Update user accounts with:

htpasswd /etc/httpd/passwords jblogs

HTTP/2

Enable (globally or in a virtual host):

Protocols h2 h2c http/1.1

Use curl to check protocol switching:

curl --http2 -v localhost
...
< HTTP/1.1 101 Switching Protocols
< Upgrade: h2c
< Connection: Upgrade
* Received 101
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
< HTTP/2 200
...

Daedalus

Daedalus Wallet directories used:

  • ~/.daedalus
  • ~/.local/share/Daedalus

Main executable:

  • ~/.local/bin/daedalus-mainnet

Mediawiki

  • Install PHP, including php-pgsql driver and php-pecl-apcu object caching.
  • Uncomment in /etc/httpd/conf.d/mediawiki.conf

Set SELinux:

setsebool -P httpd_read_user_content 1
setsebool -P httpd_can_network_connect 1
setsebool -P httpd_can_network_connect_db 1
  • Run setup http://hostname/wiki
    • Allow it to create DB user/schema
  • Configuration: /var/www/wiki/LocalSettings.php

Customisations:

$wgServer           = "http://www.smithnet.org.uk";
$wgEmergencyContact = "[email protected]";
$wgPasswordSender   = "[email protected]";
$wgLogos = [
        '1x' => "/images/smithnet_wiki.png",
        'icon' => "/images/smithnet_wiki.png",
];

Icon is nominally 50×50 pixels if SVG, or 100×100 pixels if raster. The 1x version hould be 135px wide by up to ~155px tall.

Ensure file uploads are allowed, and add new allowed file types:

$wgEnableUploads = true;
$wgFileExtensions = array_merge(
   $wgFileExtensions, [
       'pdf', 'ppt', 'jp2', 'doc', 'docx', 'xls', 'xlsx'
   ]

);

Extra Logging:

$wgShowExceptionDetails = true;

Math

The Math extension is now distributed in:

/var/www/wiki/extensions/Math

Add to configuration:

wfLoadExtension( 'Math' );
$wgDefaultUserOptions['math'] = 'mathml';

Update the database through the UI:

/wiki/mw-config/index.php

and check the Special:Version and Special:Math pages.

Access Control

Prevent anonymous users creating accounts:

$wgGroupPermissions['*']['createaccount'] = false;

Prevent anonymous editing:

$wgGroupPermissions['*']['edit'] = false;

Allow anonymous reading:

$wgGroupPermissions['*']['read'] = true;

Export/Import

Export all content as XML:

php /usr/share/mediawiki/maintenance/dumpBackup.php --full --conf /var/www/wiki/LocalSettings.php > dump.xml

or use the UI: Special pages -> Export pages.

After RPM upgrade, may need to update database schema:

/usr/share/mediawiki/maintenance/update.php

Or use the UI: Special pages -> Import pages. File uploading may be limited by PHP (/etc/php.ini):

upload_max_filesize = 25M

or HTTPD (0 is unlimited):

LimitRequestBody 0

Importing images from /wiki/images should be possible from the maintenance/importImages.php script, but this didn't recognise any images for me.

Tomcat

  • /etc/tomcat/conf/server.xml (define required connectors)
  • /etc/tomcat/conf/tomcat-users.xml
  • Webapps deplyed to: /var/lib/tomcat/webapps
    • tomcat-webapps
    • tomcat-docs-webapps
    • tomcat-admin-webapps