Setup Mediawiki on Nginx Linux Host

From Bonus Bits
Jump to: navigation, search

Purpose

This article gives the steps to install and configure Linux instance with Mediawiki running on Nginx and PHP-FPM 7.0. The example is based on Amazon Linux setup, but I'm sure would be little difference with Ubuntu etc.


Example Environment

  • AWS
  • Amazon Linux (RHEL 6)
  • RDS MySQL 5.7
  • EFS (Uploads)


Install Linux Packages

A few of these may not be required. They were carry overs from Apache setups.

yum install -y git vim nginx mysql56 php70-fpm php70-mysqlnd php70-gd php70-mbstring php70-mcrypt php70-cli php70-common php70-enchant php70-gd php70-intl php70-jsonc php70-mbstring php70-mcrypt php70-mysqlnd php70-pdo php70-pecl-apcu php70-pecl-http php70-pecl-imagick php70-pecl-raphf php70-process php70-xml apr apr-util enchant ImageMagick json-c mysql56 nfs-utils openssl openssl-devel perl-core perl-CPAN perl-Crypt-SSLeay perl-DateTime perl-libwww-perl perl-Sys-Syslog


Set PHP-FPM to Use Nginx User and Group

For whatever reason in my case the ownership of some files and folders plus the PHP-FPM daemon are set to apache:apache. We need to change that to nginx:nginx.

  1. Replace user:group that the php-fpm daemon runs as
    sed -i 's/apache/nginx/g' /etc/php-fpm-7.0.d/www.conf
    
  2. Replace user:group for logs folder
    chown -R nginx:nginx /var/log/php-fpm
    
  3. Replace user:group for lib folder
    chown -R root:nginx /var/lib/php/7.0/
    


Download Mediawiki

I'm so used to the and find it quicker to type the /var/www/html directory that I will make this directory and install it there instead of /usr/share/nginx/html.

  1. Create web content directory
    mkdir -p /var/www/html
    
  2. Git Clone Mediawiki content for the release version you want. Or you can drop the --branch REL1_28 to get the latest, but you'll need to match the release for the extensions.
    git clone --branch REL1_28 https://gerrit.wikimedia.org/r/p/mediawiki/core.git
    
  3. Rename the directory from core to mediawiki
    mv core mediawiki
    


Download Extensions (Optional)

Download matching release of all the extensions by repeating this step for each

HowTo:Download_MediaWiki_Extensions_with_Git


Download Vector Skin

  1. cd /var/www/html/mediawiki/skins
    
    git clone --branch REL1_28 https://gerrit.wikimedia.org/r/p/mediawiki/skins/Vector.git
    
  2. Drop Logo/s in images directory
  3. Upload favicon.ico in /var/www/html/mediawiki/


Setup EFS Uploads (Optional)

  1. Create uploads folder
    mkdir /var/www/html/mediawiki/uploads
    
  2. Setup EFS Mount to Uploads
    1. HowTo: Setup and Mount AWS EFS on Linux EC2 Instance

OR

Setup S3FS Uploads (Optional)

  1. Create uploads folder
    mkdir /var/www/html/mediawiki/uploads
    
  2. Setup EFS Mount to Uploads
    1. HowTo: Setup Mediawiki Upload Files on AWS S3


Create Robots.txt

Create a crawler Robots.txt file with your custom settings in the root of the site. Here's and example:

vim /var/www/html/mediawiki/robots.txt
User-agent: *
Disallow: /wiki/Help:*
Disallow: /wiki/MediaWiki:*
Disallow: /wiki/Special:*
Disallow: /wiki/Template:*
Disallow: /wiki/Manual:*
Disallow: /wiki/User:*
Disallow: /wiki/List:*
Disallow: /wiki/Category:*
Disallow: /index.php?*
Disallow: /images/*
Disallow: /skins/*
Disallow: /extensions/*
Disallow: /cache/*
Disallow: /uploads/*
Disallow: /mw-config/*
Disallow: /vendor/*
Disallow: /resources/*
Disallow: /includes/*
Disallow: /*.php
Disallow: /*.json
Disallow: /*.php5
Disallow: /wiki/Main_Page

Set Ownership

Set Ownership to nginx user and group

chown -R nginx:nginx /var/www/html/mediawiki


Write Nginx Configuration

vim /etc/nginx/conf.d/mediawiki.conf
Reference:Secure Mediawiki Nginx Configuration

Create Database

After MySQL is setup either Local, RDS or other do the following to create a blank database. I like to do this so I'm not passing around root creds through web wizard setup. Obviously skip this step if you already have a working database and you are simply migrating to Nginx or upgrading.

  1. Login to MySQL Command Line Utility
    mysql -h <hostname> -u <rootusername> -p
    
  2. Create Database
    CREATE DATABASE mediawiki;
    
  3. Create Database User
    CREATE USER 'mediawiki'@'%' identified by '123abcxya890';
    
  4. Grant Database User Full Permissions to the Database
    GRANT ALL PRIVILEGES ON mediawiki.* TO 'mediawiki'@'%' WITH GRANT OPTION;
    
  5. Flush Permissions
    FLUSH PRIVILEGES;
    
  6. Check User Permissions
    SHOW GRANTS FOR 'mediawiki'@'%;
    
  7. Exit MySQL Command Line Utility
    quit
    


Use Mediawiki Setup Wizard (Option 1)

Browse to your site URL and go through the setup wizard.


Manually Configure Mediawiki (Option 2)

Maybe you already have a database and LocalSettings.php. Skip to the next step.


Upload LocalSettings.php

  1. Either take the generated LocalSettings.php or your own and write it to the root of the site.
    cp LocalSettings.php /var/www/html/mediawiki
    
  2. Set Ownership
    chown nginx:nginx /var/www/html/mediawiki/LocalSettings.php
    
  3. Add extensions and customizations
    vim /var/www/html/mediawiki/LocalSettings.php
    
  4. Lockdown file
    chmod 0444 /var/www/html/mediawiki/LocalSettings.php
    


Convert MyISam to Innodb (Optional)

If you are using version 1.28+ (Not sure how far back) all the tables should be set up as InnoDB already. Besides the searchindex. So this step can be skipped. If upgrading or curious you can double check with query in below article.

Warning.png DO NOT convert searchindex table to InnoDB!

HowTo:Convert MySQL MyISam Tables to InnoDB


Gnome-sticky-notes-applet Most likely you do NOT need to convert the table engines. Unless the update schema script didn't work. The main reason you would make sure and convert any legacy tables to this engine is if it's running on an AWS RDS MySQL Instance for backup purposes. Amazon Backup Device Restrictions Doc


Set Network Backlog Socket Higher (Optional)

  1. List Current net.core.somaxconn setting
    sysctl -n net.core.somaxconn
    
  2. Set somaxconn in memory to 1024
    sysctl -w net.core.somaxconn=1024
    
  3. Set somaxconn for reboot
    echo 'net.core.somaxconn = 1024' >> /etc/sysctl.conf
    
  4. List Current net.core.somaxconn setting
    sysctl -n net.ipv4.tcp_syncookies
    
  5. Set syncookies in memory
    sysctl -w net.ipv4.tcp_syncookies=4096
    
  6. Set syncookies for boot
    echo 'net.ipv4.tcp_syncookies = 4096' >> /etc/sysctl.conf
    

Gnome-sticky-notes-applet To List current settings

Then add matching allow in Nginx config in server block.

listen 80 backlog=1024;


Raise PHP Limits (Optional)

If uploading large files or running long maintance scripts you may need to bump up some php limits.

vim /etc/php.ini

Examples

max_input_time = 24000
max_execution_time = 24000
upload_max_filesize = 12000M
post_max_size = 24000M
memory_limit = 12000M

Then add matching allow in Nginx config. Either HTML, server or location block.

client_max_body_size 24000M;

Related Articles