Plan de reprise d'activité du service Ikiwiki 🔗

Posted by Médéric Ribreux 🗓 In kb/drp/debianplug/

Introduction

Le service Ikiwiki est un compilateur de wiki. Il utilise un dépôt Git centralisé pour stocker les fichiers à compiler (et leur historique). Il permet de générer l'essentiel du site web public servi par le serveur Debianplug.

Conventions

Le nom de l'utilisateur par défaut sera user. Son répertoire home sera /home/user/.

Pré-requis

Pour la réinstallation d'Ikiwiki, une connexion à Internet est indispensable, ne serait-ce que pour télécharger les paquets d'installation.

Ikiwiki est destiné à être installé sur une distribution Debian Wheezy de base.

Pour effectuer une remise en service d'Ikiwiki, il est indispensable d'avoir réinstallé un serveur web fonctionnel.

Installation des paquets

Voici la commande complète qui permet de réinstaller les paquets indispensables au fonctionnement d'Ikiwiki et du wiki spécifique hébergé par ce service.

# aptitude install -R ikiwiki git libtext-multimarkdown-perl libtimedate-perl libsearch-xapian-perl xapian-omega libhighlight-perl perlmagick libcgi-session-perl libcgi-formbuilder-perl

Répertoires concernés

Le dépôt Git centralisé sera stocké dans /var/local/git/where_is_it.git. Le dépôt Git utilisateur sera stocké dans /home/user/where_is_it_src. Le fichier de configuration du wiki sera stocké dans /home/user/where_is_it.setup. Les fichiers compilés d'ikiwiki seront stockés dans /var/www/ qui est un lien symbolique vers /var/local/www/.

Création des répertoires indispensables:

# mkdir -p /var/local/git
# chown user:www-data /var/local/git
# chmod 775 git
# chmod g+s git
# mkdir -p /var/local/www
# chown root:www-data /var/local/www
# chmod 775 /var/local/www
# chmod g-s /var/local/www
# ln -s /var/local/www /var/www
# adduser user www-data

Restaurations

Le seul élément à restaurer est le dépôt Git qui contient l'ensemble des données du wiki. Se réferrer à la procédure de restauration générique pour y parvenir.

# restore ikiwiki /var/local/git/where_is_it.git
# restore ikiwiki_conf /home/user/

Il est également indispensable de gérer correctement les droits du répertoire du dépôt Git principal:

# find /var/local/git/where_is_it.git -type d -exec chmod 775 {} \;
# find /var/local/git/where_is_it.git -type f -exec chmod 664 {} \;

Normalement, le fichier de configuration d'Ikiwiki doit être restauré correctement. Dans le doute, voici son contenu:

#!/usr/bin/perl
#
# Setup file for ikiwiki.
#
# Passing this to ikiwiki --setup will make ikiwiki generate
# wrappers and build the wiki.
#
# Remember to re-run ikiwiki --setup any time you edit this file.
use IkiWiki::Setup::Standard {
  # name of the wiki
  wikiname => 'Where is it ?',

  # contact email for wiki
  adminemail => 'medspx@medspx.fr',

  # users who are wiki admins
  adminuser => [],

  # users who are banned from the wiki
  banned_users => [],

  # where the source of the wiki is located
  srcdir => '/home/medspx/where_is_it_src/',

  # where to build the wiki
  destdir => '/var/www',

  # base url to the wiki
  url => 'https://medspx.fr',

  # url to the ikiwiki.cgi
  cgiurl => 'https://medspx.fr/ikiwiki.cgi',

  # filename of cgi wrapper to generate
  cgi_wrapper => '/var/www/ikiwiki.cgi',

  # mode for cgi_wrapper (can safely be made suid)
  cgi_wrappermode => '06755',

  # rcs backend to use
  rcs => 'git',
  # plugins to add to the default configuration
  add_plugins => [qw{goodstuff format highlight toggle img rawhtml favicon sidebar meta calendar search httpauth editpage}],
  # plugins to disable
  disable_plugins => [qw{passwordauth openid}],
  # additional directory to search for template files
  templatedir => '/usr/share/ikiwiki/templates',
  # base wiki source location
  underlaydir => '/usr/share/ikiwiki/basewiki',
  # display verbose messages?
  verbose => 1,
  # log to syslog?
  #syslog => 1,
  # create output files named page/index.html?
  usedirs => 1,
  # use '!'-prefixed preprocessor directives?
  prefix_directives => 1,
  # use page/index.mdwn source files
  prefix_directives => 1,
  # use page/index.mdwn source files
  indexpages => 0,
  # enable Discussion pages?
  discussion => 0,
  # name of Discussion pages
  discussionpage => 'Discussion',
  # generate HTML5? (experimental)
  html5 => 0,
  # only send cookies over SSL connections?
  sslcookie => 0,
  # extension to use for new pages
  default_pageext => 'mdwn',
  # extension to use for html files
  htmlext => 'html',
  # strftime format string to display date
  timeformat => '%c',
  # UTF-8 locale to use
  #locale => 'en_US.UTF-8',
  # put user pages below specified page
  userdir => '',
  # how many backlinks to show before hiding excess (0 to show all)
  numbacklinks => 10,
  # attempt to hardlink source files? (optimisation for large files)
  hardlink => 0,
  # force ikiwiki to use a particular umask
  #umask => 022,
  # group for wrappers to run in
  #wrappergroup => 'ikiwiki',
  # extra library and plugin directory
  libdir => '',
  # environment variables
  ENV => {},
  # regexp of normally excluded files to include
  #include => '^\\.htaccess$',
  # regexp of files that should be skipped
  #exclude => '^(*\\.private|Makefile)$',
  # specifies the characters that are allowed in source filenames
  wiki_file_chars => '-[:alnum:]+/.:_',
  # allow symlinks in the path leading to the srcdir (potentially insecure)
  allow_symlinks_before_srcdir => 1,

######################################################################
# core plugins
#   (editpage, htmlscrubber, inline, link, meta, parentlinks)
######################################################################

  # Config Git
  git_wrapper => '/var/local/git/where_is_it.git/hooks/post-update.ikiwiki',
  # htmlscrubber plugin
  # PageSpec specifying pages not to scrub
  #htmlscrubber_skip => '!*/Discussion',

  # inline plugin
  # enable rss feeds by default?
  #rss => 0,
  # enable atom feeds by default?
  #atom => 0,
  # allow rss feeds to be used?
    allowrss => 1,
    # allow atom feeds to be used?
    allowatom => 1,
    # urls to ping (using XML-RPC) on feed update
    pingurl => [],

    ######################################################################
    # auth plugins
    #   (anonok, blogspam, httpauth, lockedit, moderatedcomments,
    #    opendiscussion, openid, passwordauth, signinedit)
    ######################################################################

    # anonok plugin
    # PageSpec to limit which pages anonymous users can edit
    #anonok_pagespec => '*/discussion',

    # blogspam plugin
    # PageSpec of pages to check for spam
    #blogspam_pagespec => 'postcomment(*)',
    # options to send to blogspam server
    #blogspam_options => 'blacklist=1.2.3.4,blacklist=8.7.6.5,max-links=10',
    # blogspam server XML-RPC url
    #blogspam_server => '',

    # httpauth plugin
    # url to redirect to when authentication is needed
    cgiauthurl => 'https://medspx.fr/auth/ikiwiki.cgi',
    # PageSpec of pages where only httpauth will be used for authentication
    #httpauth_pagespec => '!*/Discussion',

    # lockedit plugin
    # PageSpec controlling which pages are locked
    #locked_pages => '!*/Discussion',

    # moderatedcomments plugin
    # PageSpec matching users or comment locations to moderate
    #moderate_pagespec => '*',
    # PageSpec matching users or comment locations to moderate
    #moderate_pagespec => '*',

    # openid plugin
# url pattern of openid realm (default is cgiurl)
    #openid_realm => '',
    # url to ikiwiki cgi to use for openid authentication (default is cgiurl)
    #openid_cgiurl => '',

    # passwordauth plugin
    # a password that must be entered when signing up for an account
#account_creation_password => 's3cr1t',
    # cost of generating a password using Authen::Passphrase::BlowfishCrypt
#password_cost => 8,

######################################################################
# format plugins
#   (creole, highlight, hnb, html, mdwn, otl, rawhtml, textile, txt)
    ######################################################################

    # highlight plugin
    # types of source files to syntax highlight
#tohighlight => '.c .h .cpp .pl .py Makefile:make',

    # mdwn plugin
    # enable multimarkdown features?
multimarkdown => 1,

    # po plugin
    # Master language:
    #po_master_language => { 'code' => 'fr', 'name' => 'Français' },
    # Slave languages:
    #po_slave_languages => ['en|English'],
    # Quelles pages sont traduisibles:
#po_translatable_pages => 'kb/*',
    # Comportement de la traduction:
    #po_link_to => 'current',

    ######################################################################
    # misc plugins
#   (filecheck)
######################################################################

    ######################################################################
# web plugins
    #   (404, attachment, comments, editdiff, edittemplate, getsource,
    #    google, goto, mirrorlist, remove, rename, repolist, search,
    #    theme, websetup, wmd)
    #    google, goto, mirrorlist, remove, rename, repolist, search,
    #    theme, websetup, wmd)
######################################################################

# attachment plugin
    # enhanced PageSpec specifying what attachments are allowed
    #allowed_attachments => 'virusfree() and mimetype(image/*) and maxsize(50kb)',
    # virus checker program (reads STDIN, returns nonzero if virus found)
#virus_checker => 'clamdscan -',

    # comments plugin
# PageSpec of pages where comments are allowed
    #comments_pagespec => 'blog/* and !*/Discussion',
# PageSpec of pages where posting new comments is not allowed
#comments_closed_pagespec => 'blog/controversial or blog/flamewar',
# Base name for comments, e.g. "comment_" for pages like "sandbox/comment_12"
#comments_pagename => '',
# Interpret directives in comments?
    #comments_allowdirectives => 0,
# Allow anonymous commenters to set an author name?
#comments_allowauthor => 0,
    # commit comments to the VCS
#comments_commit => 1,

    # getsource plugin
    # Mime type for returned source.
#getsource_mimetype => 'text/plain; charset=utf-8',

    # mirrorlist plugin
    # list of mirrors
    #mirrorlist => {},

    # repolist plugin
    # URIs of repositories containing the wiki's source
#repositories => [qw{svn://svn.example.org/wiki/trunk}],

    # search plugin
# path to the omega cgi program
omega_cgi => '/usr/lib/cgi-bin/omega/omega',

# theme plugin
# name of theme to enable
#theme => 'actiontabs',

# websetup plugin
    # list of plugins that cannot be enabled/disabled via the web interface
    #websetup_force_plugins => [],
    # list of additional setup field keys to treat as unsafe
    #websetup_force_plugins => [],
    # list of additional setup field keys to treat as unsafe
    #websetup_unsafe => [],
    # show unsafe settings, read-only, in web interface?
    #websetup_show_unsafe => 1,

######################################################################
    # widget plugins
#   (calendar, color, conditional, cutpaste, date, format, fortune,
#    graphviz, haiku, img, linkmap, listdirectives, map, more,
    #    orphans, pagecount, pagestats, poll, polygen, postsparkline,
#    progress, shortcut, sparkline, table, template, teximg, toc,
    #    toggle, version)
######################################################################

# calendar plugin
# base of the archives hierarchy
archivebase => 'blog/archives',
    # PageSpec of pages to include in the archives; used by ikiwiki-calendar command
archive_pagespec => 'page(blog/*/*) and !blog/archives* and !*/Discussion',

    # listdirectives plugin
# directory in srcdir that contains directive descriptions
#directive_description_dir => 'ikiwiki/directive',

    # teximg plugin
# Should teximg use dvipng to render, or dvips and convert?
#teximg_dvipng => '',
    # LaTeX prefix for teximg plugin
    #teximg_prefix => '\\documentclass{article}
    #\\usepackage{amsmath}
#\\usepackage{amsfonts}
#\\usepackage{amssymb}
    #\\pagestyle{empty}
#\\begin{document}
#',
    # LaTeX postfix for teximg plugin
#teximg_postfix => '\\end{document}',

######################################################################
# other plugins
#   (aggregate, autoindex, brokenlinks, camelcase, ddate, embed,
#    favicon, goodstuff, htmlbalance, localstyle, pagetemplate,
#    pingee, pinger, prettydate, recentchanges, recentchangesdiff,
#    relativedate, rsync, sidebar, smiley, sortnaturally, tag,
    #    testpagespec, underlay)
    ######################################################################
######################################################################

    # aggregate plugin
    # enable aggregation to internal pages?
    #aggregateinternal => 1,
    # allow aggregation to be triggered via the web?
    #aggregate_webtrigger => 0,

# camelcase plugin
# list of words to not turn into links
    #camelcase_ignore => [],

    # pinger plugin
# how many seconds to try pinging before timing out
#pinger_timeout => 15,

# prettydate plugin
# format to use to display date
#prettydateformat => '%X, %B %o, %Y',

# recentchanges plugin
    # name of the recentchanges page
recentchangespage => 'recentchanges',
# number of changes to track
recentchangesnum => 100,

# rsync plugin
# command to run to sync updated pages
    #rsync_command => 'rsync -qa --delete . user@host:/path/to/docroot/',

    # sidebar plugin
# show sidebar page on all pages?
global_sidebars => 1,

# tag plugin
# parent page tags are located under
tagbase => 'tag',
# autocreate new tag pages?
tag_autocreate => 1,

# underlay plugin
# extra underlay directories to add
#add_underlays => [qw{/home/medspx/wiki.underlay}],
}

Verifier que le fichier de hook d'ikiwiki existe bien dans le répertoire ad-hoc:

# ls -lha /var/local/git/where_is_it.git/hooks/post-update

Normalement, son contenu a été restauré avec le dépôt Git mais, dans le doute, voici son contenu:

#!/bin/bash

# Script to generate calendar.json file

# make the update by ikiwiki
/var/local/git/where_is_it.git/hooks/post-update.ikiwiki

# global variables
echo "Compiling calendar.json..."
srcdir="/home/medspx/where_is_it_src"
destfile="/var/www/calendar.json"
blogrep="$srcdir/blog"

# Get all the mdwn in blog directory
lst_files=$(find $blogrep -type f \( -iname '*.mdwn' ! -regex '.*/archives/.*' \))

echo "[" > $destfile

# For each mdwn, get:
for file in $lst_files
do
  meta=$(grep '\[\[!meta' $file)
  url=${file#$srcdir}
  url=${url%.mdwn}
  title=""
  echo $meta | grep -q "title"
  if [ "$?" -eq "0" ]
  then
    title=$(echo $meta | sed 's/.*title="\([^"]*\)".*/\1/')
  fi

  date=$(echo $meta | sed 's/.*date="\([^"]*\)".*/\1/')
  date=${date:0:10}

  if [ "${#title}" -ne "0" ]
  then
    cat >> $destfile <<EOF
{ "url" : "$url",
"title" : "$title",
"date" : "$date" },
EOF

  fi
done

cat >> $destfile <<EOF
{ "url" : "/",
"title" : "Start",
"date" : "1977-01-01" }
]
EOF

exit 0

Une fois le dépôt Git centralisé restauré, il faut générer le dépôt Git utilisateur:

Génération du répertoire contenant le html

Si tout est correctement restauré, il suffit de lancer ikiwiki pour générer les fichiers html dans le répertoire /var/www. On utilise le compte user.

$ cd /home/user 
$ ikiwiki --setup where_is_it.setup --rebuild

Une fois le contenu web généré, il reste à créer le répertoire spécifique qui sert à l'authentification:

$ mkdir /var/local/www/auth
$ ln -s /var/local/www/ikiwiki.cgi /var/local/www/auth/ikiwiki.cgi

Procédure de vérification du service