Websites

From HerzbubeWiki
Jump to navigation Jump to search

This page contains information how the various websites that I administrate are configured and their content is maintained. The section Testing documents steps with which to test special configuration aspects of some websites.

ApacheVirtualHost is a similar, but older wiki page, where details are given how I used to configure the virtual hosts of the Apache web server that ran on a dedicated server. This machine is no longer in service, instead my websites are now hosted by an external web service provider (see the WebHosting wiki page), and the page you are now reading deals with how the sites need to be configured to run in this environment.


acexpander.herzbube.ch

This website is dedicated to the software project AcExpander, now obsolete.

URL: https://acexpander.herzbube.ch/


Content

None.


Filesystem layout

root
+-- .htaccess
+-- robots.txt


.htaccess

Redirect all requests to the project page on www.herzbube.ch. 

RewriteEngine On
RewriteRule ^.*$ https://www.herzbube.ch/project/acexpander/ [R,L]


robots.txt

Policy: Allow everything. 

User-agent: *
Allow: /


kino.herzbube.ch

This website is dedicated to personal movie-related stuff. Nothing has been going on here for a long time. I keep the website around for nostalgic reasons.

URL: https://kino.herzbube.ch/


Content

This is a static website. The content is generated with Hugo. The source is in a private repository.


Filesystem layout

root
+-- Hugo generated files
+-- robots.txt


.htaccess

None.


robots.txt

Policy: Disallow everything. 

User-agent: *
Disallow: /


wiki.herzbube.ch

This website is my personal wiki.

URL: https://wiki.herzbube.ch/


Content

This is a dynamic website powered by the Mediawiki software, the same software that is also used to run Wikipedia. The content is stored in a database.


Filesystem layout

root
+-- Mediawiki tar ball content
+-- LocalSettings.php
+-- .htaccess
+-- robots.txt


.htaccess

Intent: Disable PHP in the images folder.

This is a security measure in case someone finds a security hole that allows them to upload files even though I have disabled that feature. Any such uploaded files could be PHP files that would be executable without any countermeasures.

My .htaccess file duplicates the intent of the images/.htaccess file that is provided by the Mediawiki software itself. The Mediawiki-provided file uses directives from mod-php, but these don't work because my current web hosting provider uses php-fpm. In order not to clash with the Mediawiki-provided file I'm placing my own .htaccess file in the root folder. 

# Prevent executing scripts in the image upload folder
<If "%{REQUEST_URI} =~ m#^/images/#">
  SetHandler !
</If>

# Options for short URLs (https://wiki.herzbube.ch/wiki/Page_title).
# Note that in order to work properly this also requires options in LocalSettings.php.
# These options were recommended on 22-Mar-2025 by the MediaWiki ShortURL Builder tool: https://shorturls.redwerks.org/
# The tool is linked on the Mediawiki manual for short URLs: https://www.mediawiki.org/wiki/Manual:Short_URL
RewriteEngine On
RewriteRule ^/?wiki(/.*)?$ %{DOCUMENT_ROOT}/index.php [L]

RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-f
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-d
RewriteRule ^/?images/thumb/[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ %{DOCUMENT_ROOT}/thumb.php?f=$1&width=$2 [L,QSA,B]

RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-f
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-d
RewriteRule ^/?images/thumb/archive/[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ %{DOCUMENT_ROOT}/thumb.php?f=$1&width=$2&archived=1 [L,QSA,B]


robots.txt

Policy: Allow most things. 

# ------------------------------------------------------------
# Copied from http://www.mediawiki.org/wiki/Manual:Robots.txt
# ------------------------------------------------------------
User-agent: *
# No talk, edit, history, etc. pages, only the plain article
Disallow: /index.php?
# Namespaces
Disallow: /wiki/Help
Disallow: /wiki/MediaWiki
Disallow: /wiki/Special:
Disallow: /wiki/Template
# Other
Disallow: /skins/


Installation / updating

The procedure goes like this:

  • Download the software from the Mediawiki website.
  • Unpack the tar ball locally.
  • If it's a new installation
    • Upload the unpacked sources to the web server's document root.
    • Point your browser at the new installation and step through the setup wizard.
    • Eventually this will populate the database with the Mediawiki database schema.
    • At the end, download LocalSettings.php from the setup wizard, then upload the file to the document root.
  • If it's an update
    • Copy images and LocalSettings.php from the old installation into the newly unpacked local source folder.
    • Adapt LocalSettings.php to the new Mediawiki software version. Read the release notes first.
    • Alternatively, create a completely new installation first to get hold of a pristine LocalSettings.php that fits the new Mediawiki software version, then take over settings from the old LocalSettings.php into the new one. This process is described in detail below in the section Migration.
    • Upload the unpacked sources to the web server's document root.
    • Point your browser at the installation to update and execute the setup/update wizard (e.g. https://wiki.herzbube.ch/mw-config/index.php).
    • The wizard will tell you to put $wgUpgradeKey into LocalSettings.php, and which value to set.
    • Do this, then continue with the wizard.
    • Eventually this will upgrade the database to use the schema of the new Mediawiki version.
    • Once you're finished, remove $wgUpgradeKey from LocalSettings.php, to prevent the public from running the wizard.


Configuration

.htaccess and robots.txt are described in previous sections.


A fresh LocalSettings.php can be generated by creating a new installation and stepping through the setup wizard. This section does not go into detail about individual settings. The wiki page Mediawiki may have details.


Redis configuration

  • Information from web hosting provider tech support on 04-Mar-2025:
    • "Auf unseren Servern läuft redis, sie müssen es nur mit dem Default port auf "localhost" nutzen. Ganz wichtig: Es muss ein "Salt" verwendet werden, aber das müsste die Software automatisch machen."
  • Default Redis Port = 6379
  • Mediawiki documentation: https://www.mediawiki.org/wiki/Redis
  • These are the settings I use in my LocalSettings.php:
$wgMainCacheType = 'redis';

# Redis configuration, taken from https://www.mediawiki.org/wiki/Redis
$wgObjectCaches['redis'] = [
    'class'                => 'RedisBagOStuff',
    'servers'              => [ 'localhost:6379' ],
    // 'connectTimeout'    => 1,
    // 'persistent'        => false,
    // 'password'          => 'secret',
    // 'automaticFailOver' => true,
];


Short URL configuration. Note that the longer URLs still work, and that internal links are unaffected. Example: 

# ----------------------------------------------------------------------
# Options for short URLs (https://wiki.herzbube.ch/wiki/Page_title).
# Note that in order to work properly this also requires Rewrite rules in .htaccess.
# These options were recommended on 22-Mar-2025 by the MediaWiki ShortURL Builder tool: https://shorturls.redwerks.org/
# The tool is linked on the Mediawiki manual for short URLs: https://www.mediawiki.org/wiki/Manual:Short_URL
# ----------------------------------------------------------------------
$wgArticlePath = "/wiki/$1";
$wgUsePathInfo = true;


Migration

This section outlines how I did the migration of the wiki from my dedicated server (aka "old server") to my current web hosting provider (aka "new server").

  • Create new subdomain for testing purposes.
    • Create a new subdomain in DNS (e.g. testwiki.herzbube.ch).
    • Create new document root on new server that matches the new subdomain.
    • Add a dummy index.html to the new document root.
    • Configure new server to map the new subdomain to the new document root.
    • Wait until new server has generated a certificate for the new subdomain.
    • Test by accessing https://testwiki.herzbube.ch/index.html.
  • Create a new test database on the new server.
    • DB name = mediawikidbtest
    • User name = mediawikidbtest
    • Password = secret
  • Create a completely new test wiki installation.
    • Locally download the Mediawiki software (tar ball).
    • Unpack tar ball locally.
    • Transfer unpacked files to new document root on new server.
    • Remove dummy index.html.
    • In browser, navigate to new subdomain (e.g. https://testwiki.herzbube.ch).
    • Click link "set up the wiki", then step through the installer wizard.
      • Your language = en-gb
      • Wiki language = en-gb
      • Information about the system - check if everything that is needed is present. Object caching can remain disabled for now, it can be enabled later on.
      • Database - Supply the information about the newly created database.
      • Database account for web access = Use the same account as for installation
      • Wiki basics
        • Name of wiki = Testwiki
        • Project namespace = Same as the wiki name: Testwiki
        • Administrator account
          • Your username = admin
          • Password = secret
          • Email address = <empty>
        • Subscribe to the release announcements mailing list = No
        • Share data about this installation with MediaWiki developers = No
        • Ask me more questions = Yes
      • More questions
        • User rights profile = Authorised editors only
        • Copyright and licence = Creative Commons Attribution-ShareAlike
        • Email settings
          • Enable outbound email = No
        • Skins
          • Enable all 4 skins
          • Set Vector as default
        • Extensions
          • Interwiki
          • CategoryTree
          • Cite
          • ParserFunctions
          • Missing from old server, but I don't really need this: SyntaxHighlight_GeSHi
        • Remaining settings = Use defaults.
      • Once the setup is done, Mediawiki provides a link with which to download a LocalSettings.php file that contains the settings collected during the setup process.
    • Download LocalSettings.php.
    • Copy LocalSettings.php to new document root.
    • Done. The test wiki works out of the box.
  • Migrate database.
    • Old server: Create a database dump. Example command: mysqldump --add-drop-table -u root -p mediawikidb >/tmp/mediawikidb.sql
    • Transfer database dump file to local machine.
    • New server: Create new database.
    • New server: Restore database from dump.
      • Navigate to phpMyAdmin.
      • Select new database.
      • Go to tab "Import".
      • Clicke "Browse", then select database dump file on local machine.
      • Select character set = utf-8.
      • Click "Import".
      • The restore operation takes somewhere between 4-5 minutes without any progress indication. Be patient!
  • Migrate to user management without LDAP
    • On the old server users authenticated via LDAP, so the users in the database have either no password set, or something outdated that I can't remember.
    • To allow users to log in, a new password must be set for each one of them.
    • New server: Navigate to phpMyAdmin, then show all rows in the "users" table.
    • For each user execute the following SQL query, replacing "username" and "secret" with real credentials: UPDATE `user` SET user_password = CONCAT(':B:1234:', MD5(CONCAT('1234-', MD5('secret')))) WHERE user_name = 'username';.
    • This command comes from the Mediawiki manual on resetting passwords.
    • The SQL query sets a salted MD5 hash. As the manual page explains, this format will be updated to the correct hash/format when the user logs in the next time. For instance, after logging in with one of the users the new format looked like this: :pbkdf2:sha512:30000:64:iGl/b+u5/LqA3mrvFn/Umg==:zhBCVGlGHv6TosyE0OGGQZdWdvjape+4kxyskqvoA+rBan2oPVwAj8D+NszLZBq7mIsaMkkENzNdTMsRh8+OZw==.
    • Note that all methods for resetting passwords via the Mediawiki software itself cannot be used: The "Forgot your password" function cannot be used because the new web server does not support sending emails with a password reset link, and the wiki page "Special:ChangePassword only allows setting one's own password (even if you have admin rights).
  • Migrate images
    • Again, unpack the Mediawiki software tar ball locally.
    • Copy images from old server into the local images folder.
      • Actually this is only a single file, the wiki logo: images/7/7d/Herzbube.ch-logo.png.
  • Migrate configuration
    • Copy the LocalSettings.php file from the test wiki installation to the root of the local Mediawiki folder.
    • Take over settings from LocalSettings.php on the old server into the new LocalSettings.php.
    • For historical purposes, here are the changes I made when taking over the settings from my old dedicated server. When doing a new migration, there may be totally different changes needed.
      • Didn't take over require_once "$IP/includes/PlatformSettings.php";
      • Didn't take over $wgDBserver and the other database access settings - obviously these must match the new environment.
        • Use the correct MySQL server name.
        • Use the database name + credentials from when you created the new database (see above).
      • Didn't take over $wgMainCacheType = CACHE_ACCEL;. The new setting was $wgMainCacheType = CACHE_NONE; because the setup routine did not detect any object caching service. I later configured Redis.
      • Didn't take over $wgEnableUploads = true;. In all the years that I have been using my wiki, I never uploaded a single image, so I don't intend to start now.
      • Didn't take over $wgUseImageMagick = true; and $wgImageMagickConvertCommand = "/usr/bin/convert";.
        • On the old server they were enabled. On the new server ImageMagick apparently is not available, so the setup script commented out the two options instead of setting $wgUseImageMagick to false.
        • Since I don't have uploads enabled, disabling ImageMagick should not have any negative impact.
      • Didn't take over $wgLanguageCode = "en";. Instead I kept the language code "en-gb" that the setup script offered me for the test site installation.
      • Didn't take over $wgDiff3 = "/usr/bin/diff3";.
        • On the old server diff3 was present and enabled. On the new server diff3apparently is not available, so the setup script set the option to an empty string ($wgDiff3 = "";).
        • Based on the following remark shown by setup script, and that I am the sole wiki editor, I don't expect the lack of diff3 to have any negative impact: "GNU diff3 text comparison utility not found. You can ignore this for now, but might run into edit conflicts more frequently."
      • Didn't take over wfLoadExtension( 'SyntaxHighlight_GeSHi' );.
        • SyntaxHighlight_GeSHi does not work due to proc_open and other PHP functions not being available on the new server.
        • I don't think I have ever really used this extension, so I don't expect the lack of the extension to have any negative impact.
      • Don't take over any of the LDAP Authentication settings. I no longer use LDAP to authenticate users.
  • Configure Redis
  • Activate wiki
    • Transfer unpacked files + image files + configuration to new document root on new server.
    • Point DNS record for wiki.herzbube.ch to new server.
    • Wait until certificate has been created.
    • Point browser at the website: https://wiki.herzbube.ch/


www.francescamoser.ch

This is the personal website of my wife.

URL: https://www.francescamoser.ch/


Content

A dummy index page notifying the visitor that there is nothing to see.


Filesystem layout

root
+-- index.html
+-- robots.txt


.htaccess

None.


robots.txt

Policy: Disallow everything. 

User-agent: *
Disallow: /


www.grunzwanzling.ch

This website contains the famous poem from Douglas Adams' novel "The Hitchhiker's Guide to the Galaxy". I registered the domain for fun many years ago. Nothing has been going on here for a long time. I keep the website around for nostalgic reasons.

URL: https://www.grunzwanzling.ch/


Content

This is a static website. The content is generated with Hugo. The source is in a private repository.


Filesystem layout

root
+-- Hugo generated files
+-- robots.txt


.htaccess

None.


robots.txt

Policy: Allow everything. 

User-agent: *
Allow: /


www.herzbube.ch

This is my personal website.

URL: https://www.herzbube.ch/


Content

This is a static website.

  • Most of the content is generated with Hugo. The source is in a private repository.
  • The remaining content is manually curated.


Filesystem layout

root
+-- Hugo generated files
+-- .htaccess
+-- Eredain
|   +-- EredainIndex_d.shtml
|   +-- EredainIndex.shtml
+-- fuego
|   +-- additive-knowledge-type-comparison
+-- isfdb
+-- pgp-key-signing-policy.html
+-- PGPHerzbubeAtHerzbubeDotCH.txt
+-- robots.txt
+-- software-releases
+-- svn-replaced-by-git.html

Notes:

  • The files in the folder /fuego/additive-knowledge-type-comparison provide the background data for this Fuego wiki page.
  • The files in the folder /isfdb are image files that I used in the past to show in a discussion how a particular page or interior art piece looks like. I'm keeping the files around so the archived discussions remain valid.
  • The files in the folder /software-releases are software release files such as tar balls, .dmg files, ChangeLog files, etc.


.htaccess

# Force a content-type for files without an extension
<FilesMatch "^(README|ChangeLog)$">
  ForceType text/plain
</FilesMatch>

# Set a default charset for text/plain and text/html (in the latter case will override
# a charset specified via META element inside the HTML document).
#
# Specific resources that need this are:
# - Root dir of www.herzbube.ch: Has a couple of text files
# - Software directory on www.herzbube.ch: ChangeLog, README, etc.
AddDefaultCharset utf-8

# Fuego data directories must be browsable
<If "%{REQUEST_URI} =~ m#^/fuego/additive-knowledge-type-comparison/#">
  Options +Indexes
</If>

# Start of rewrite section
RewriteEngine On

# Rewrite requests to all resources below the "/Eredain/" folder to either the English or
# the German "dead page" placeholder (we try to be clever and guess whether the user
# wanted to see a German or an English page). Don't do the rewrite if the request is
# already for one of the placeholders. Notes:
# - The "L" flag indicates this is the last rewrite rule to be processed, no further
#   rewriting should be done.
# - The "PT" (passthrough) flag indicates that the target path is not a filesystem path
#   but an URI. This is not strictly necessary.
# - The RewriteRule directive does not use a leading "/", because leading slashes are
#   removed when rewriting within an .htaccess file. In RewriteCond we do use a leading
#   "/" because there we use %{REQUEST_URI} as the test string and that includes the
#   leading "/".
# - This does not issue a Redirect back to the browser - whenever I tried to use the
#   "R=301" flag the redirect issued was for the http:// protocol. So far I have been
#   unable to solve this issue.
RewriteCond "%{REQUEST_URI}" !=/Eredain/EredainIndex_d.shtml
RewriteRule ^Eredain/.*_d.*$ /Eredain/EredainIndex_d.shtml [L,PT]
RewriteCond "%{REQUEST_URI}" !=/Eredain/EredainIndex.shtml
RewriteCond "%{REQUEST_URI}" !=/Eredain/EredainIndex_d.shtml
RewriteRule ^Eredain/.*$ /Eredain/EredainIndex.shtml [L,PT]
# Special case: If the request is exactly for "/Eredain", we assume it's the folder
# itself and also rewrite to the "dead page" placeholder. We use this additional rule
# instead of using just one rule matching "^Eredain"
RewriteRule ^Eredain$ /Eredain/EredainIndex.shtml [L,PT]

# Rewrite requests for /svn or /websvn (or any path below those)
RewriteCond "%{REQUEST_URI}" !=/svn-replaced-by-git.html
RewriteRule ^(web){0,1}svn.*$ /svn-replaced-by-git.html [L,PT]

# Anything in a subfolder of /software is rewritten to /software-releases. This is to
# keep the software release files separate from the files generated by Hugo which are
# located directly in /software.
RewriteCond "%{REQUEST_URI}" "^/software/[^/]+/"
RewriteRule ^software/(.*)$ /software-releases/$1 [L,PT]


robots.txt

Policy: Allow everything. 

User-agent: *
Allow: /


www.moser-naef.ch

This is the website shared between me and my wife.

URL: https://www.moser-naef.ch/


Content

A dummy index page notifying the visitor that there is nothing to see.


Filesystem layout

root
+-- index.html
+-- robots.txt


.htaccess

None.


robots.txt

Policy: Disallow everything. 

User-agent: *
Disallow: /


Testing

Retrieved from "https://wiki.herzbube.ch/index.php?title=Websites&oldid=7120"