MeidokonWiki:

what she hosts

build process

tweak firewall

The ISP firewall will have things locked down already, but defence in depth is good.

ufw is already installed and permits only SSH, we need HTTP too.

ufw allow http
ufw allow https
ufw prepend allow from 2404:e80:42e3:0::/64 to any app SSH
ufw prepend allow from 87.121.72.135/32 to any app SSH

# Existing rule is too broad
ufw delete allow 22

install apps

This uses a systemwide config in /etc/caddy/Caddyfile, and acts as a generic HTTP server initially. It's serving up a Caddy landing page from /usr/share/caddy at http://roberta.meidokon.net/

create user account

useradd -m -s /bin/bash blog
su - blog
mkdir -p ~/public_html/blog.meidokon.net

echo "<?php phpinfo(); ?>" > ~/public_html/blog.meidokon.net/index.php

get php working

Now try reaching the domain, it should work, and magically have TLS working.

Wordpress

Running a vanilla Wordpress 5.9 for https://blog.meidokon.net/

Wordpress has come a long way, I'm genuinely impressed. The editor is fantastic now, the new Content Blocks scheme makes it a contender to Squarespace in my eyes, but you can self-host instead of using their cloud. Full control over the potential for speed and caching is very, very nice.

Hit the domain and it'll ask you for setup credentials.

Trigger periodic backups

I'm using the "Backup Migration" plugin for Wordpress to get a periodic dump of the site: https://backupbliss.com/

It takes a weekly backup at Monday on 09:00 (Sydney time), and retains the last 8 backups. Backups are stored in ~blog/public_html/backups/

How does it work? It slides into the normal request flow and performs the necessary actions if it determines they're due. But what happens if your site isn't trafficked enough? Then it'll always be late.

This isn't really a problem, but I like my regular backups. I've setup a cronjob owned by the blog user to hit the frontpage every hour like so:

# m h  dom mon dow   command
0 * * * * wget -O /dev/null --quiet --timeout=60 --header='X-Purpose: trigger a periodic backup' https://blog.meidokon.net/

Tune PHP for uploads etc

Thanks to this page: https://www.kasareviews.com/fix-upload-max-filesize-wordpress-error/

Edit /etc/php/7.4/fpm/php.ini and set:

post_max_size = 32M
upload_max_filesize = 20M

Then restart the php-fpm service.

Importing a wordpress site

Assuming you do the XML dump, that gets you most of the way there. Assuming the source site is still up, it'll download all the media from the old site and bring it over. That rocks!

What you still need to do:

Import astcd2 wordpress

765.agency

Trying docker for moinmoin wiki

apt install docker.io

Hack up the dockerfile, and you know what just fork and tweak the whole thing: https://github.com/barneydesmond/moinmoin-wiki-docker

make build

useradd -m -s /bin/bash moin
usermod -aG docker moin
su - moin
mkdir ~/meidokon_wiki

docker run -e TZ=Australia/Sydney -e MOIN_UID=1003 -e MOIN_GID=1003 -d -p 8000:80 -v /home/moin/meidokon_wiki:/usr/local/share/moin/data --name meidokon_wiki meidokon-moin

Migrate the content over now

[root@roberta:~] rsync -avx arkroyal:/home/moin/moin_instance/data/ /home/moin/meidokon_wiki/

Kill and rm the container, then run it again as moin user

Yeah this seems to work. Jump into the container and clean the cache

moin --config-dir=/usr/local/share/moin/wikiconfig.py maint cleancache

Flip the DNS over to make it work, updating your caddy config and reloading it.

Yeah it looks surprisingly good, I even fixed up the light novel title generator too. You can reload the python runtime by doing:

root@roberta:~# make -C ~/git/moinmoin-wiki-docker/ shell
uwsgi --reload /run/uwsgi-moinmoin.pid
logout

Config

I forget how this was setup, but the config is at /usr/local/share/moin/wikiconfig.py

The theme is memodump, which is stored in a docker-mapped volume, I think. The CSS is tucked away in /usr/local/lib/python2.7/dist-packages/MoinMoin/web/static/htdocs/memodump/css/memodump.css

Little Makefile for management

We want the process to run as the moin user, and it needs to come up after reboot.

IMAGENAME := meidokon-moin
DATADIR := /home/moin/meidokon_wiki
HTTP_PORT := 8000
RUNNING_CONTAINER_NAME := meidokon_wiki
TZ := Australia/Sydney
MOIN_UID := 1003
MOIN_GID := 1003

run:
        -docker kill $(RUNNING_CONTAINER_NAME)
        sleep 2
        -docker container rm meidokon_wiki
        docker run -e TZ=$(TZ) -e MOIN_UID=$(MOIN_UID) -e MOIN_GID=$(MOIN_GID) -d --restart unless-stopped -p $(HTTP_PORT):80 -v $(DATADIR):/usr/local/share/moin/data --name $(RUNNING_CONTAINER_NAME) $(IMAGENAME)

shell:
        docker exec -it meidokon_wiki /bin/bash

cleancache:
        # Get a shell with `make shell` then run:
        #   moin --config-dir=/usr/local/share/moin/wikiconfig.py maint cleancache

reload-python-runtime:
        # Get a shell with `make shell` then run:
        #   uwsgi --reload /run/uwsgi-moinmoin.pid
        #   logout

MeidokonWiki: servers/roberta (last edited 2023-04-03 22:52:01 by furinkan)