Tiki Wiki is a free open-source content management system (CMS) groupware platform written entirely in PHP programming language and deployed on Linux on Apache/Nginx web servers, PHP, and MySQL database as backend. Tiki Wiki is a powerful and flexible CMS platform that can deploy documentation or wiki pages, blogs, forums, and image galleries on the web or intranets.
This tutorial will show you how to install and configure the latest version of the Tiki Wiki CMS groupware software on a Debian 11 server to set up an online documentation portal.
Prerequisites
- A virtual machine or a virtual private server or a dedicated physical machine running the latest version of Debian 11 as the operating system.
- One of the server NICs is configured with a static IP address entry.
- Local root privileges on the server’s console or remotely via SSH or an account with sudo privileges on the system
- A publicly registered domain name to access the application over the Internet. If you are deploying the application to intranets, you can use an internal private domain name to install and browse the application. You can still access the application using your server’s IP address if you don’t use a local DNS server in your organization. This guide will use the www.twiki.com domain name as an example.
- You need a properly configured mail server at your site to use email registration for the app’s accounts or other features. If you want the application to be accessible online, you can use public email services for registration or other functions.
Prerequisites
In the first step, log in to the Debian server and update the system repositories and installed packages with the following command.
apt update
apt upgrade
In the next step, ensure you configure your host’s name with the following command. The hostname of the machine should be set to a descriptive name, and you should also append the domain name to form the FDQN of the machine (www.twiki.com in this guide – the machine name is www, and the domain name is twiki.com)
hostnamectl set-hostname www.twiki.com
To verify the hostname, first reboot the system to apply any changes, then run the following commands.
systemctl reboot
hostnamectl
Also, display the contents of the hostname file by running the following commands. It should return the name of your host and the FQDN.
cat /etc/hostname
hostname –s
hostname –f
To deploy the Tiki Wiki CMS groupware in Debian, we need a web server, a database server and a PHP interpreter to run the application scripts. In this tutorial, we will install Tiki Wiki on a LAMP stack. The first components of the LAMP stack we install are the Apache HTTP server and the PHP interpreter. We also install all the required PHP modules and extensions. Run the following command to install the described components on a Debian system in one go.
apt install apache2 libapache2-mod-php7.4 php7.4 php7.4-zip php7.4-gd php7.4-mbstring php7.4-json php7.4-curl php7.4-xml php7.4-opcache
In addition to the web server and the PHP programming language interpreter, we also need an RDBMS database server installed in Debian. The database is used to store various configurations of the application. This tutorial will use the Tiki Wiki application with the MariaDB database as the backend. To install the MariaDB database and client components, as well as the PHP module needed to access the MariaDB database backend, run the following command in the server’s console with root privileges
apt install mariadb-server mariadb-client php7.4-mysql
After the database is installed, log into the MySQL console and enter the following commands to set up the plugin for the MariaDB root account, which by default does not require a root password to log in.
mysql -h localhost
MariaDB [(none)]> use mysql; MariaDB [(none)]> update user set plugin='' where user='root'; MariaDB [(none)]> flush privileges; MariaDB [(none)]> exit MariaDB [(none)]> exit
Next, secure the MySQL database by running the mysql_secure_installation script. This script will ask you a series of questions to secure the MariaDB database, such as: Change the MySQL root password, remove anonymous users, disable remote root logins and remove the test database. To complete the security settings, you must answer “yes” to all questions.
sudo mysql_secure_installation
If the root password is specified, the login process for the root account should be granted in the MySQL console:
mysql -h localhost -u root -p
Enter password: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection identifier is 15 Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to delete the current input statement. MariaDB [(none)]> exit Bye
After all LAMP components have been installed in your system, run the following command to install some system utilities, such as the wget command line download utility, the zip file archiver utility, and the net-tools package, which is useful for viewing local network sockets.
apt install wget zip unzip net-tools
Finally, you need to restart the Apache web server so that it picks up all the installed PHP modules and calls your server IP address or domain name using the HTTP protocol.
systemctl restart apache2
http://your_domain.tld
The Apache default web page should be displayed in your browser. If you don’t know the IP address of your machine, run the ifconfig or ip a command to display the IP address of your server.
If you can’t reach the website through the browser, check if your system has a firewall enabled. If you have a UFW firewall, add the following rule to allow HTTP traffic through the firewall by typing the following command.
ufw allow WWW
or
ufw allow 80/tcp
If you are connected to the machine via SSH, you will also need to add the following rule to allow port 22/tcp traffic through the UFW firewall
ufw allow 22/tcp
If you are using iptables raw rules to manage your Debian server’s firewall rules, add the following rules to allow incoming traffic from ports 80 and 22 through the iptables firewall to browse the application and allow SSH remote connections.
apt-get install -y iptables-persistent
iptables -I INPUT -p tcp --destination-port 80 -j ACCEPT
iptables -I INPUT -p tcp --destination-port 22 -j ACCEPT
netfilter-persistent save
systemctl restart netfilter-persistent
systemctl status netfilter-persistent
systemctl enable netfilter-persistent.service
In the next step, change some PHP settings by editing the PHP default configuration file and adjusting the following PHP variables. Open the /etc/php/7.0/apache2/php.ini file and modify the following lines as follows. Also, make a backup of the PHP configuration file first.
cp /etc/php/7.4/apache2/php.ini{,.backup}
nano /etc/php/7.4/apache2/php.ini
Find, edit, and change the following variables in the php.ini configuration file:
file_uploads = On memory_limit = 128M post_max_size = 80M upload_max_filesize = 80M default_charset = "UTF-8" allow_url_fopen = On session.save_path = /tmp max_execution_time = 60 max_input_time = 60 mbstring.func_overload = 0 date.timezone = Europe/London
Change the time.zone variable to match the geographic location of your server. You can view the list of PHP time zones in the PHP docs at the following link http://php.net/manual/en/timezones.php
The next step is to enable the PHP7 OPCache plugin to increase the load time of your web pages. To enable OPCache, add the following lines to the end of the PHP interpreter configuration file after the [opcache] line, as described in the following excerpt:
[opcache] opcache.enable=1 opcache.enable_cli=1 opcache.interned_strings_buffer=8 opcache.max_accelerated_files=10000 opcache.memory_consumption=128 opcache.save_comments=1 opcache.revalidate_freq=1
Finally, enable the OPCache module and restart the Apache daemon to apply all the changes made so far by typing the following commands.
phpenmod opcache
systemctl restart apache2
To install and visit the Tiki Wiki website securely using the HTTPS protocol and enable Apache rewrite rules that activate .htaccess files, enter the following commands in the console.
a2enmod ssl rewrite headers
a2ensite default-ssl.conf
After enabling the TLS and rewrite modules, open the Apache default SSL site configuration file with a text editor and add the following lines of code after the DocumentRoot directive to fully enable the rewrite module, as shown in the following example:
nano /etc/apache2/sites-enabled/default-ssl.conf
Extract from SSL site configuration file:
<Directory /var/www/html> Options +FollowSymlinks AllowOverride All Require all granted </Directory>
In addition, add the above rewrite rules to Apache’s non-SSL configuration file. Open the /etc/apache2/sites-enabled/000-default.conf file for editing and add the following lines of code after the DocumentRoot statement, as shown in the following example.
<Directory /var/www/html> Options +FollowSymlinks AllowOverride All Require all granted </Directory>
To apply all enabled modules and rules, restart the Apache daemon and visit your domain or server IP address using the HTTP protocol.
systemctl restart apache2
https://yourdomain.tld
Since you use the self-signed certificate pairs issued automatically by Apache during installation, you should see a certificate error warning in the browser. Accept the warning to use the untrusted certificate and continue and be redirected to the Apache default web page.
If you can browse the domain over HTTPS, add the following UFW firewall application rule to unblock incoming network connections to the HTTPS port. This rule will allow all traffic going through port 443/TCP to pass through the firewall.
ufw allow 'WWW Full'
or
ufw allow 443/tcp
If iptables is the default firewall application installed to protect your Debian system at the network level, add the following rule to allow incoming traffic via port 443 in the firewall to allow visitors to browse your domain name via HTTPS.
iptables -I INPUT -p tcp --destination-port 443 -j ACCEPT
netfilter-persistent save
systemctl restart netfilter-persistent
Finally, use the following command to create a PHP info file in your domain’s webroot path to verify all PHP settings and that the PHP timezone is configured correctly.
echo '<?php phpinfo(); ?>'| tee /var/www/html/info.php
To view the PHP info script file, open a browser and navigate to the following URL, as shown in the image below. Scroll down to the Date setting to check the PHP timezone configuration.
https://domain.tld/info.php
Installing the Tiki Wiki CMS Groupware
After meeting all the system requirements for installing the application, visit the official download page of Tiki Wiki at https://tiki.org/download and download the latest zip archive using the utility wget by typing the following command. After the download is complete, list the contents of the current working directory to find out the name of the archive file.
wget https://sourceforge.net/projects/tikiwiki/files/Tiki_17.x_Zeta_Bootis/17.1/tiki-17.1.zip
ls
Next, unpack the compressed archive of Tiki Wiki into your current working directory and list the unpacked files using the following commands.
extract tiki-17.1.zip
ls -al tiki-17.1
In the next step, remove the default index.html file installed by the Apache web server from the webroot path and also delete the info.php file created earlier by running the following commands.
rm /var/www/html/index.html
rm /var/www/html/info.php
The Tiki Wiki installation files should be in your current working directory in the tiki-17.1 directory. Copy all the files contained in this directory to your domain’s webroot path by running the following commands.
cp -rf tiki-17.1/* /var/www/html/
Next, run the following commands to grant the Apache runtime user full write permissions to the root path of the web server document. Use the ls command to list the permissions for the application’s installed files in the /var/www/html/ directory.
chown -R www-data:www-data /var/www/
ls –al /var/www/html/
Next, log into the MariaDB database console and create the Tiki Wiki database. Also create a database user with a secure password. Give this MySQ account full rights to control and manage the Tiki Wiki application database by entering the following commands. For security reasons, you should replace the database name, user, and password used in this example with your own values.
mysql –u root -p
Welcome to the MariaDB monitor. Commands end with ; or \g.
MariaDB [(none)]> create database twiki_db;
Query OK, 1 line affected (0.00 sec)
MariaDB [(none)]> grant all privileges on twiki_db.* to 'twiki_user' identified by 'pass1234';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> exit
Let’s start the installation process of Tiki Wiki CMS by opening a browser and navigating to your server’s IP address or domain name using the HTTPS protocol.
https://yourdomain.tld
In the initial welcome screen, Tiki Wiki Installer displays a short list of document pages that you can follow to install the application. First, select the installation language and click on the Continue button to start the web installation process.
Read the Tiki Wiki license terms on the next installation screen and click the Next button to agree to the license and continue the installation process, as shown in the following image.
.
Next, the installer checks some system and PHP resources, such as PHP memory limit, mail function and GD image processing extension. If both requirements are met (highlighted in green), click the Next button to proceed to the next installation screen.
On the next screen, specify the connection information for the MySQL database. Select the MySQL DBMS driver as MySQL Improved (mysqli), add the database hostname (localhost), the name of the Tiki Wiki database, and the credentials required to log in to the Tiki Wiki database. Use the database name, username and password you created earlier for Tiki Wiki from the command line. After filling in all the database forms, check the box Character set “Always force a connection with UTF-8” and click the Next button, as shown in the screenshot below.
In the next step, select your preferred database engine (MyISAM or InnoDB) and click the Install button to start the installation process. If you don’t know which database engine to choose, read the following Stackoverflow topic to find out which engine is more suitable for your website: https://stackoverflow.com/questions/15678406/when-to-use-myisam-and-innodb
On completion of the database schema installation, a message will appear in your browser informing you that the default login credentials are required to log in to Tiki Wiki:
User name: admin
Password:admin
Click the Next button to begin configuring the application’s general settings.
In the next window, add the name of the Tiki Wiki website and the website’s sender email address, and scroll down to configure more settings.
Next, select “Allow secure (HTTPS) login” and 443 as the HTTPS port. Also, check “Users can choose to stay in SSL mode after HTTPS login” and select the application logging system error reporting level and scroll down to complete the final settings.
At the bottom of the page, add the administrator’s email address and select the automatic method to set up the .htaccess file for the application. When you’re done, click the Next button to move to the next setup screen.
Finally, read the final instructions page on the Tiki Wiki and click the Next button again to complete the installation process, as shown in the screenshots below.
After the installation, a message will appear on your screen with the default login details. To log in to the admin area, click on the “Enter Tiki and Lock Installer (recommended)” button to confirm the account.
The application will force you to change the default administrator password on your first login attempt. Choose a new, secure password for the administrator account and confirm the password change by clicking the Apply button.
To visit the Tiki Wiki front-end page, navigate to your domain name or server IP address using the HTTPS protocol. Since this is the first application instance, only a short “congratulations” page will be displayed in your browser, as shown in the following image.
https://www.yourdomain.com
To force the HTTPS transaction for the Tiki Wiki app, you’ll need to return to your server’s terminal and edit the .htaccess file in your webroot path with the following settings.
First, create the .htaccess file using a Linux symbolic link based on the _htaccess template.
ln -s /var/www/html/_htaccess /var/www/html/.htaccess
Edit the .htaccess file:
nano /var/www/html/.htaccess
.htaccessfile excerpt:
Search for the <IfModule mod_rewrite.c> line and add the following rules after RewriteEngine On to redirect domain traffic to HTTPS.
# Redirect to HTTPS
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Change the PHP settings at the bottom of the page, where you will find many commented examples.
php_flag register_globals off php_flag magic_quotes_gpc Off php_value upload_max_filesize 100M php_value post_max_size 100M
That’s it! You have successfully deployed the Tiki Wiki CMS groupware software in Debian 11 on a LAMP stack. If you want the wiki portal to be accessible online, buy a certificate from a trusted certificate authority or get a free pair from Let’s Encrypt CA.
You can find the documentation pages for Tiki Wiki CMS at the following URL: https://doc.tiki.org/Documentation