Mark Fowler (![[info]](http://l-stat.livejournal.com/img/userinfo.gif){kind=small} 2shortplanks) wrote,@ 2006-10-26 22:57:00 |
|
| Current location: | My House, Walthamstow, London, UK |
| Entry tags: | dokuwiki, macosx, php, wiki |
Getting Organised: A Local Wiki
In a burst of activity tonight I finally got round to one of the things I'd been meaning to do for months; Installing a wiki on my computer, which I'm planning to use to organise all my notes and random bits of electronic information in the same way that I use scraps of paper in a filing cabinet in the real world.
I asked around what wiki I should install. I've used mediawiki in the past, but find it over-bloated for my own, personal, needs. It also relies on mysql which is a pain to install, and even more of a pain to keep secure (I really wanted something that would run out of my home directory, so if my laptop got stolen all my data would be encrypted thanks to the wonders of FileVault.)
I've tried kwiki in the past. I found the code base terrible to work with, and despite the fact that I'm not planning to hack or extend my personal wiki that's left a bad enough taste in my mouth to ignore the whole thing.
tiddlywiki was suggested, but I'm not sure if my browser will fall over under the weight of the document if I start putting tons and tons of data into it (tiddly wiki is just an html page and javascript running entirely in the web browser.)
In the end I've decided to try out dokuwiki for a bit. I suspect, like all software, I'll find that it sucks after a few weeks.
Getting Web Pages in My Home Dir To Work
To turn on the webserver you need to click the ticky box next to "Personal Web Sharing" in the "Services" tab of the "Sharing" part of System Preferences.
I couldn't access files in ~/Sites from http://127.0.0.1/~mark/ until I made my home directory world readable. Apache complained by giving me a 403 Forbidden error and shoving the following into my error-log.
[Thu Oct 26 21:31:16 2006] [error] [client 127.0.0.1] (13)Permission denied: access to /~mark/index.html failed because search permissions are missing on a component of the path
(Note, the error log is located at /var/log/httpd/error-log)
The command to change my home directory's permissions is:
chmod 755 ~
I think I've got odd permissions because I use FileVault. Go figure.
Getting PHP to work
In order to enable php on the apache that ships with Mac OS X you simply have to uncomment a couple of lines in the apache config, which is located at "/etc/httpd/httpd.conf"
LoadModule php4_module libexec/httpd/libphp4.so AddModule mod_php4.c
This will (via more config options that are automatically enabled) to serve .php files as php. You'll need Stop and Start websharing for this to take effect.
Installing Dokuwiki
I Downloaded Dokuwiki from here and untarballed it with
gunzip -c dokuwiki-rc2006-10-19.tgz | tar -xvf -
(And from this you can tell I've spent too much time on systems that don't have a tar that can understand -z installed on them, right?)
I shoved it in ~/Sites/wiki:
mv dokuwiki-rc2006-10-19 ~/Sites/wiki
I then fixed up the permissions
cd ~/Sites/wiki sudo chown -r mark.www conf data chmod -R g+w conf data
To be honest, this gave me the chills, since what I'm doing here is saying that the webserver has the right to write files into directories that it'll execute code from, which raises an attack that manages to write to random files to an attack that can run arbitrary code. Oh well, I guess I'll have to suck it up.
I then pointed my web browser at http://127.0.0.1/wiki/install.php and ran the install script. I chose an open wiki, because of what I'm about to do next...
Limitting Access
I don't want anyone else on the network to be able to access my private wiki, but the way apache is set up at the moment it'll serve all files to anyone, no matter which computer you're on. We need to put some access controls in. The wiki has some of it's own, but I'm not sure I trust them, and I don't want to have to log in on my own computer. I'm going to put a block in at the apache level its self.
The way you'd normally do this is with a .htaccess file, but these aren't enabled by default on Mac OS X. The easiest thing to do is edit (as root) the /etc/httpd/users/mark.conf file, and append this section to the end of the file:
<Directory "/Users/mark/Sites/wiki">
Order allow,deny
Allow from 127.0.0.1
Deny from all
</directory>This means you can only access these pages from the local machine. Stop and Start apache from System Preferences to have this take effect.
