User:M.mendel/install.txt

Server
I install Ubuntu Server 10.10, choosing LAMP.

Note: I'm editing on the server using vi

On my windows XP machine, I edit windows/system32/drivers/etc/hosts to associate an IP with the host "guildwiki" for testing.

OpenSSH
Install Openssh to allow remote login
 * sudo apt-get install openssh-server
 * To test, I connect with putty and filezilla (sftp over ssh2)
 * Using puttygen, I generate a private 4096 bit ssh-2 RSA key on my windows machine, and save it to disk
 * I paste the public key into ~/.ssh/authorized_keys on the server
 * I put private key in putty config (connection/ssh/auth)
 * I use pageant for multiple login sessions
 * I downloaded putty etc. from http://www.chiark.greenend.org.uk/~sgtatham/putty/
 * I make a backup of the sshd config file
 * sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.factory-defaults
 * sudo chmod a-w /etc/ssh/sshd_config.factory-defaults
 * I disallow password authentication
 * sudo vi /etc/ssh/sshd_config
 * change "#PasswordAuthentication yes" to "PasswordAuthentication no"
 * sudo /etc/init.d/ssh restart
 * test via ssh localhost
 * I need pageant to use Filezilla (FZ version > 3.0.8), see http://wiki.filezilla-project.org/Howto ; also for tortoisesvn (see below)
 * I decide against changing the port, since password authentication is off anyway, and it saves me telling the port privately to every user
 * I used https://help.ubuntu.com/community/SSH/OpenSSH/Configuring

Subversion

 * I considered git, but decided against it because it is less established, and both Wikia and MediaWiki keep their source in svn right now. (cf. also Mercurial)
 * using aptitude, installing subversion
 * https://help.ubuntu.com/community/Subversion
 * sudo addgroup subversion
 * sudo adduser mendel subversion
 * sudo adduser www-data subversion
 * create /home/svn/guildwiki folder
 * sudo svnadmin create /home/svn/guildwiki/
 * sudo chown -R www-data:subversion guildwiki
 * sudo chown -R mendel:subversion guildwiki
 * sudo chmod -R g+rws guildwiki
 * I also make a 'trunk' folder within.

connecting the repository to the web server
 DAV svn SVNParentPath /home/svn SVNListParentPath On    AuthType Basic AuthName "GuildWiki test SVN" AuthUserFile /etc/subversion/passwd  Require valid-user  
 * install libapache2-svn via aptitude
 * restart apache: sudo /etc/init.d/apache2 restart
 * append /etc/apache2/mods-available/dav_svn.conf
 * The password file is empty to prevent unencrypted http authentication.

Accessing the svn from Windows via TortoiseSVN
I selected this free client from the comparison list on Wikipedia for no particular reason; the project is actively maintained and turns out to integrate well with the putty tools (pageant).

I install tortoisesvn on local machine from http://tortoisesvn.tigris.org/ To test, I checked out https://svn.wikia-code.com/wikia/releases/201009.5/ I set the tortoisesvn Settings/Network/SSH client to TortoisePlink (in the bin directory), using  to automatically log in using the key from pageant I check out svn+ssh://guildwiki/home/svn/guildwiki/ I can commit install.txt (this file) after creating it in my local trunk folder. I edit this file and commit it when I want to test the commit hook later (see below).

(using http access, which I later disabled, there was a problem with permissions where some file in the repository did not have group write permissions: "WebDAV always creates new files with a 755 pattern (no group write access)".)

Can I update the site from SVN automatically?
I am setting up a hook to automatically update a directory after each commit. The hook is a file placed in /home/svn/guildwiki/hooks named post-commit that has execute rights for the subversion group; since repository write access is only via svn+ssh, it runs as the user doing the commit. I have checked out the repository to /home/mendel/test/guildwiki/. umask 002 /usr/bin/svn update /home/mendel/test/guildwiki/ --non-interactive --accept mine-full >/home/mendel/test/guildwiki/svn-update-log.txt
 * 1) !/bin/sh

"accept mine-full" means to not update if the file has somehow changed, possibly because the server has written to it. (The log flags my test file with a "G" for "merGed".) TODO: I would like for the hook to somehow update the wiki as well, so that commit notifications appear in RecentChanges. Maybe filter the update log and post it to a wiki page via the api? I've removed www-data from the subversion group; read access is enough to allow anonymous checkouts of the repository via http. This allows me to make the server working copy accessible for the subversion group, using g+ws on directories and umask 002 to allow group writes; yet keep the web server from seeing .svn folders in the working copy because they can be set to have no world permissions.

TODO: find out how to create accounts that can use svn+ssh but can't get a shell

Moving the wiki
wget database dumps