TODO: better structure with eik page and other similar infra info.
How does the actual site work?
This site and a few other Permacomputing sites run on a small (1GB) VPS generously donated by Servus. The physical hardware is located in the Statdwerkstatt in Linz, Austria.
We strive to make the site reflect the principles we articulate here, so you probably notice a somewhat "bare bones" design with very few images and no custom fonts or fancy interactive features.
The site uses a static site generator to build HTML versions of the pages only when they are edited. The only dynamic components are the editing and search functions. For our system administration, this makes things much simpler to understand and maintain.
HTTP vs HTTPS
It is possible to consult this wiki on port 80, that is to say using http:// instead of https://. The reason to keep providing such access is to allow modest but capable computers, as well as simple/legacy browsers, to access the content. Note that when registering, authenticating or editing, you will be redirected to port 443, https://.
Local/Offline copies
We use ikiwiki as wiki compiler. This wiki exists in fact as a collection of plaintext source files that are automatically turned into static HTML files whenever an edit is made to these source files.
Because these plaintext source files and HTLM files are very portable and easy to copy, you are encouraged to have local copies in order to be less dependent on WWW or individual server installations.
See cloning to learn how to make local/offline copies.
Install Notes
If you are curious how this was all installed and configured, we took some notes on this page.
These install notes make the following assumptions: Debian OS, nginx, fcgi-wrap, stagit. Also these are notes, not all the steps are provided, such as restarting nginx, enabling https, etc.
Base installation
sudo apt install ikiwiki
sudo mkdir /var/www/damaged.bleu255.com-src /var/www/damaged.bleu255.com
sudo chown $USER:$USER /var/www/damaged.bleu255.com*
echo "hello" > /var/www/damaged.bleu255.com-src/index.mdwn
mkdir ~/ikiwiki-cfg
ikiwiki --verbose /var/www/damaged.bleu255.com-src /var/www/damaged.bleu255.com --url=https://damaged.bleu255.com --dumpsetup ~/ikiwiki-cfg/damaged.setup
ikiwiki --setup ~/ikiwiki-cfg/damaged.setup
Configuration changes
IMPORTANT, any changes to the wiki configuration must be followed by this to reflect changes:
ikiwiki --setup ~/ikiwiki-cfg/damaged.setup
Enable CGI
# ~/ikiwiki-cfg/damaged.setup
cgiurl: 'https://damaged.bleu255.com/ikiwiki.cgi'
cgi_wrapper: '/var/www/damaged.bleu255.com/ikiwiki.cgi'
# /etc/nginx/sites-available/damages.bleu255.com
server {
listen 443;
server_name damaged.bleu255.com;
root /var/www/damaged.bleu255.com;
index index.html index.htm;
access_log /var/log/nginx/damaged.bleu255.com-access.log;
error_log /var/log/nginx/damaged.bleu255.com-error.log;
location / {
try_files $uri $uri/ =404;
}
# Max size of file upload
client_max_body_size 10m;
location /ikiwiki.cgi {
gzip off;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
fastcgi_index ikiwiki.cgi;
fastcgi_param SCRIPT_FILENAME /var/www/damaged.bleu255.com/ikiwiki.cgi;
fastcgi_param DOCUMENT_ROOT /var/www/damaged.bleu255.com/;
include /etc/nginx/fastcgi_params;
}
}
Enable git
ikiwiki-makerepo git /var/www/damaged.bleu255.com-src /var/www/git.bleu255.com/repos/damaged.bleu255.com.git
# ~/ikiwiki-cfg/damaged.setup
rcs: 'git'
ikiwiki --changesetup ~/ikiwiki-cfg/damaged.setup
# ~/ikiwiki-cfg/damaged.setup
git_wrapper: /var/www/git.bleu255.com/repos/damaged.bleu255.com.git/hooks/post-update
git_wrapper_background_command: git push
ikiwiki --setup ~/ikiwiki-cfg/damaged.setup
cd /var/www/damaged.bleu255.com-src
git config pull.rebase false
stagit hooks and stagit diff URLs
cd /var/www/git.bleu255.com/repos/damaged.bleu255.com.git/hooks
ln -s ../../../update_single.sh post-receive
# ~/ikiwiki-cfg/damaged.setup
diffurl: https://git.bleu255.com/damaged.bleu255.com/commit/\[\[sha1_commit\]\].html
Limited web access
There are 2 ways to deal with user:pass for web access (if we rule out external auth like openid):
- outsource it to httpd-auth, implies that someone has to maintain the list of users and their passwd manually
or add a password prompt during account creation, something we'd share with only trusted people, or people showing interest, etc. We choose this approach
# ~/ikiwiki-cfg/damaged.setup account_creation_password: pa55w0rd ikiwiki --setup ~/ikiwiki-cfg/damaged.setup
Support for sending emails
Useful to reset passwords, etc.
sudo apt install libmail-sendmail-perl
# ~/ikiwiki-cfg/damaged.setup
adminemail: yolo29383@hotmail.com
ikiwiki --setup ~/ikiwiki-cfg/damaged.setup
Stronger password hashes
sudo apt install libauthen-passphrase-perl
# ~/ikiwiki-cfg/damaged.setup
password_cost: 16
Disable OpenID and emailauth
ikiwiki --setup ikiwiki-cfg/damaged.setup --disable-plugin openid
ikiwiki --setup ikiwiki-cfg/damaged.setup --disable-plugin emailauth
# ~/ikiwiki-cfg/damaged.setup
disable_plugins: [emailauth, openid]
Default git commit message when none provided
Ikiwiki and a recent enough version of git allow for empty git messages (the "Optional description of this change" while editing on the web), that's nice but it makes stagit history impossible to browse because it uses such messages as links. To make ikiwiki provide a default commit message when non given, you can do this:
diff --git a/git.pm.old b/git.pm
index 2bc2500..2198207 100644
--- a/git.pm.old
+++ b/git.pm
@@ -680,21 +680,8 @@ sub rcs_commit_helper (@) {
$params{message} = IkiWiki::possibly_foolish_untaint($params{message});
my @opts;
if ($params{message} !~ /\S/) {
- # Force git to allow empty commit messages.
- # (If this version of git supports it.)
- my ($version)=`git --version` =~ /git version (.*)/;
- if ($version ge "1.7.8") {
- push @opts, "--allow-empty-message", "--no-edit";
- }
- if ($version ge "1.7.2") {
- push @opts, "--allow-empty-message";
- }
- elsif ($version ge "1.5.4") {
- push @opts, '--cleanup=verbatim';
- }
- else {
- $params{message}.=".";
- }
+ # Force a message to commit if none given.
+ $params{message}.="empty web commit";
}
if (exists $params{file}) {
push @opts, '--', $params{file};