Difference between revisions of "User:Aexoxea/Tiki Wiki CMS Groupware"

From ArchWiki
Jump to: navigation, search
(Before Installation: Clarify the link at the top.)
(Installation and server set up: Clarify the purpose of the first links.)
Line 50: Line 50:
 
== Installation and server set up ==
 
== Installation and server set up ==
  
Tiki relies on a typical [https://en.wikipedia.org/wiki/LAMP_(software_bundle) LAMP]-like stack. See Tiki's [https://doc.tiki.org/Installation Installation] and [https://doc.tiki.org/Linux Linux] pages for specific information.
+
Tiki relies on a typical [https://en.wikipedia.org/wiki/LAMP_(software_bundle) LAMP]-like stack. See Tiki's [https://doc.tiki.org/Installation Installation] and [https://doc.tiki.org/Linux Linux] pages if you need specific information.
  
 
=== Install Tiki ===
 
=== Install Tiki ===

Revision as of 02:25, 16 April 2018

Warning: This is a work in progress and may not ever move to mainspace. Proceed at your own risk!

Tiki Wiki CMS Groupware (or just "Tiki") is a web-based content management system with collaboration features written in PHP.

Before Installation

See Tiki's Requirements if you need specific information.

Choose the PHP version

Tiki ships both stable and long-term support releases (see versioning policy and release roadmap). Different releases support different versions of PHP:

  • Stable series (18.x) supports PHP between 5.6 and 7.2.
  • Long-term support series (18.x) supports PHP between 5.6 and 7.2.
Note: While PHP 7.2 or 7.1 should work in most circumstances with Tiki 18.x series, if you encounter difficulties you should downgrade to PHP 7.0 or 5.6.
Note: When selecting the version of PHP to use, you should consider the currently supported versions and end of life for applicable PHP releases.

Set up PHP

You need to install a suitable version of PHP and its matching php-intl package. These will be available from either the main repositories (for the latest version) or from AUR (for previous versions).

One installed, you need to edit /etc/php/php.ini (or equivalent) and, at a minimum:

  • Set the default timezone (date.timezone=, see PHP's list of supported timezones for valid options).
  • Set the session data path (session.save_path=, the default "/tmp" works as a starting point).
  • Enable the calendar, iconv, intl, mysqli and pdo_mysql extensions (each has its own extension= entry).

It is also recommended to:

  • Enable the zip extension (it is enabled by default on new installs).
  • Enable the gd extension, then install the matching php-gd package it requires to work.

Next steps

Once done, continue with Package Tiki section.

Package Tiki

Make the appropriate package using the files on the linked page:

Once done, continue with Installation and server set up section (for new installs) or Apply the update section (for updates).

Installation and server set up

Tiki relies on a typical LAMP-like stack. See Tiki's Installation and Linux pages if you need specific information.

Install Tiki

Install the Tiki package that you made earlier.

Set up a web server

You need a running web server configured to use PHP and serve up files from /usr/share/webapps/tikiwiki/.

If not sure what to pick, choose Apache and follow the instructions below.

Apache

To use Tiki on Apache, you need to:

  1. Install Apache per instructions at Apache HTTP Server#Installation.
  2. Configure Apache to use PHP per instructions at Apache HTTP Server#PHP.
  3. Optionally configure Apache for HTTPS per instructions at Apache HTTP Server#TLS/SSL.
  4. Copy /etc/webapps/tikiwiki/apache.example.conf to /etc/httpd/conf/extra/tikiwiki.conf.
  5. Edit /etc/httpd/conf/httpd.conf to:
    • Enable LoadModule alias_module modules/mod_alias.so (it is enabled by default on new installs).
    • Add this line where appropriate (if unsure, place it at the end): Include conf/extra/tikiwiki.conf.
  6. Start/enable the Apache service per instructions at Apache HTTP Server#Configuration.

Set up a database server

Tiki supports either MariaDB or Oracle MySQL. If not sure what to pick, use MariaDB.

Either way, you need to install, set up and start/enable the database server per instructions at MySQL#Installation.

It is recommended to let Tiki create the database (and optionally -- but recommended for security reasons -- the database user account) that it will use. You will need to note down for later:

  • The database server host name (if not on localhost),
  • The username and password of a database user account (e.g. root) with access to create new databases and new database user accounts.

If you need or want to create these manually instead, see Database - Manual creation below.

Next steps

Once done, finish up with Tiki install and update workflow section.

Tiki install and update workflow

Open a web browser and access https://localhost/tiki/tiki-install.php (HTTP will also work, but see the warning below), substituting the web server address and path if needed.

For new installs, a web-based workflow will start to guide you through the final configuration steps (including setting up the database). When this workflow is complete, Tiki is ready to use.

For updates, you'll first be prompted to enter the username and password for Tiki's database user account. When the web-based workflow appears, there will be a notice about upgrading. Follow the link under that notice; it will take you to the correct part of the workflow to upgrade the database. Run through the workflow from there; when complete, your Tiki is updated, and you should finish up with After updating section.

Warning: As usernames and passwords are handled through the workflow, if the server is not on localhost or being accessed through trusted network, you should use HTTPS (which is part of the web server setup) or another secure communication method.
Note: Creating or upgrading the database tables can take some minutes. See Timeout updating or creating the database section if this becomes an issue for you.
Tip: The workflow defaults to English, but you can select a different language on the first page.

Updates

See Tiki's Upgrade page for detailed information about updating between versions.

Before updating

It is strongly recommended to:

  • Make sure you have a backup in place, as Tiki does not support downgrades. Take a system backup of your Arch, follow one of Tiki's Backup recommendations, or ideally, do both.
  • Close the site to non-admin users. This setting can be enabled by a Tiki admin user through the Control Panel (either General > Navigation or Security > Site Access).
  • Revert to a built-in theme, as custom themes are not guaranteed to work between versions. This setting can be changed by a Tiki admin user through the Control Panel (Look & Feel > Theme).

Apply the update

Make the new package (see Package Tiki section) and install it.

This will work in most circumstances, but if you run into difficulties, remove the existing package, troubleshoot around what files are left behind under /usr/share/webapps/tikiwiki/, then install the new package.

Note: By default, some of the directories under /usr/share/webapps/tikiwiki/ contain uploaded files (e.g. images and attachments). The update process shouldn't impact these, but if you would prefer they be located elsewhere, there are options to do so. See File Storage below for details.
Warning: Customisations to Tiki package files are likely to be lost when updating. If you make customisations, you should keep a copy of them elsewhere (e.g. in a version control system) so you can merge them back in after updating. Alternatively, if able and willing, you could consider submitting them upstream.

Once you've installed the new package successfully, continue with Tiki install and update workflow section.

After updating

Log in to your site, check that everything is as it should be, and re-open the site when you're ready. Points to look out for include:

  • Release notes. These exist for each major version under Tiki's "New in version" page.
  • The .htaccess file (or the file it's symlinked to, such as _htaccess). If you've made custom changes, such as for SEFURLs, you may need to re-apply them.
  • Feature defaults. New features will generally be set to default values, and features deemed 'unsafe' may have been reset to 'safe' values. Change these through the Control Panel etc. as needed.
  • Custom themes. If you were using a custom theme (and it supports the updated version of Tiki), switch back to it and check if it works.
    Tip: Consider keeping a separate browser window open that shows the Look & Feel > Theme Control Panel in a built-in theme while testing. This way, you can revert easily if needed.

Security

Tiki's Security documentation page describes the Security Control Panel and links to other security-related pages. The Security ArchWiki page complements this in respect of securing the underlying operating system.

Additionally, the Server Check script checks for a number of PHP functions that have security implications. If there are functions enabled which aren't needed for your use of Tiki (or anything else on that machine), you can disable them. This is done by adding them to the disable_functions= directive under /etc/php/php.ini (or equivalent) and reloading or restarting your web server as needed.

Permission check

The setup.sh script can be used after the initial configuration to lock down local file permissions. /usr/share/webapps/tikiwiki/permissioncheck/usecases.txt shows the permission names that the script will accept, along with the numeric permission levels that are set for directories and files.

The script can be run interactively by just entering:

# cd /usr/share/webapps/tikiwiki/
# sh setup.sh

Alternatively, you can print help for the script by entering:

# cd /usr/share/webapps/tikiwiki/
# sh setup.sh -h

See Tiki's Permission Check page for more information.

Tips and Tricks

Server check

Tiki ships a Server Check PHP script that allows you confirm if aspects of your web server, PHP and (optionally) database setup are compatible with Tiki, or will allow some optional features of Tiki to be used.

Tiki should work provided nothing in the script is flagged as "BAD". For items flagged as "UGLY" or "INFO", check the remarks, but any concerns can typically be dealt with after installation.

The script is available:

  • Before installation, as a separate download (upload it to a web server with PHP and run it in a web browser).
  • During installation, from the "Review the System Requirements" page in the workflow (see the link to "a detailed report about your server").
  • After installation, as an administration tool (you need to be logged in as a Tiki admin user).
Tip: Tiki's Requirements page lists some recommended defaults for PHP, as the script flags values that will/might be problematic but doesn't always suggest something better.

File gallery indexing dependencies

Warning: File gallery indexing presents the usual security risks if untrusted files can be uploaded.

If you want to use file gallery indexing, you need to do two things:

First, use the server check script to confirm that the popen and shell_exec PHP functions are enabled. If they aren't, remove them from the disable_functions= directive under /etc/php/php.ini (or equivalent) and reload or restart your web server as needed.

Second, install the following packages as desired:

Package Provides Binaries Used For Types
catdoc catdoc, catppt, xls2cvs Microsoft Office, RTF
docx2txt docx2txt Microsoft Word (OOXML)
elinks elinks HTML
odt2txt odt2txt OpenDocument
pstotext pstotext PDF, PostScript
unzip unzip Zip

For convenience, this PKGBUILD pulls in all packages that support file gallery indexing: Files Meta.

Database

Manual creation

Tiki needs its own, UTF-8 charset database, and access to an account with privileges to that database. Tiki can create these during the install workflow, or you can set these up manually and give Tiki the details instead.

An example of doing this manually through a terminal (change the bold bits as needed) is:

$ mysql -u root -p
mysql> CREATE DATABASE `tikiwiki` DEFAULT CHARACTER SET `utf8` COLLATE `utf8_unicode_ci`;
mysql> CREATE USER `tikiwiki`@'localhost' IDENTIFIED BY 'password';
mysql> GRANT ALL PRIVILEGES ON `tikiwiki`.* TO `tikiwiki`@'localhost';
mysql> FLUSH PRIVILEGES;
mysql> quit
Warning: The password in the above is the password of the database user account, not the authentication type. Make sure you don't accidentally set the password to "password" if you copy/paste!
Warning: The password you provide above will be saved to a local command history file at ~/.mysql_history. At a minimum, you should redact that part of the file when finished.

Manual removal

If you need or want to remove the Tiki database for any reason, you have to do so manually. An example of doing this through a terminal (change the bold bits as needed) is:

$ mysql -u root -p
mysql> DROP USER `tikiwiki`@'localhost';
mysql> DROP DATABASE `tikiwiki`;
mysql> quit

File Storage

Tiki is able to store uploaded files either in its database or on the file system. The pros and cons of each approach are covered on Tiki's File Storage page.

Uploaded files stored on the file system are located under /usr/share/webapps/tikiwiki/ by default. There are options to move these elsewhere on the file system if desired, again outlined on Tiki's File Storage page, and on the related Control Panel pages for the specific features that accept file uploads.

Note: Where directories are created outside the /usr/share/webapps/tikiwiki/ hierarchy, remember to update web server options and local file permissions so they can be accessed. For example, if using Apache, make sure the new directories are owned by http:http (or equivalent), then add their paths to the open_basedir parameter under /etc/httpd/conf/extra/tikiwiki.conf and restart the web server.

Troubleshooting

Timeout updating or creating the database

If you have a large site, a slow server or low PHP max time values, updating or creating the database may time out in the web-based workflow. Should this occur, you have two choices:

  1. Extend PHP's timeout values, then try again.
  2. Use a terminal to run the database creation or update instead, then manually lock the installer.

To update the database from a terminal:

# cd /usr/share/webapps/tikiwiki/
# php console.php database:update
# touch db/lock

You can then skip the web-based workflow, and continue from After updating section.

To create the database fresh from a terminal:

# cd /usr/share/webapps/tikiwiki/
# php console.php database:install

You should then run the web-based workflow again from the beginning, but can then just supply the database details directly.

Substitute php in the terminal examples above if using an earlier version of PHP.

"Installer not locked" warning

A warning will appear in the Tiki Control Panel if the installer lock file is missing. This can occur if the Tiki package is uninstalled and reinstalled, or the package is updated but the web-based workflow isn't completed.

In circumstances where there is no need to go through the web-based workflow, you should manually create the lock file as suggested in the warning. This can be done from a terminal like so:

# touch /usr/share/webapps/tikiwiki/db/lock

Miscellanea

Linter Errata

If running Namcap on the tikiwiki or tikiwiki-lts packages, it will print some or all of the following:

Message Remarks
W: Directory (usr/share/webapps/tikiwiki/<multiple>) is empty The package ships with a number of empty directories, and it's unclear which ones are safe to remove. You may wish to configure your web server to deny directory listings.
W: Potential non-FHS info page (usr/share/webapps/tikiwiki/vendor_bundled/vendor/fortawesome/font-awesome/src/<version>/icon/info/index.html) found All Font Awesome icon subdirectories have an equivalent index.html file. It appears this one is being singled out because of its path.
W: Referenced library 'node' is an uninstalled dependency This warning is ambiguous. In any case, all explicit requirements are satisfied by the package dependencies.
E: Dependency python detected and not included (programs ['python'] needed in scripts ['usr/share/webapps/tikiwiki/vendor_bundled/vendor/adodb/adodb-php/scripts/<multiple>', 'usr/share/webapps/tikiwiki/vendor_bundled/vendor/openid/php-openid/<multiple>']) These scripts (from ADOdb and Janrain) are not required for normal operation.
W: Dependency included and not needed ('php-intl') The PHP Intl module is required.

See Also