Add dokuwiki VM

inventories/z9/host_vars/wiki.yml

@@ -0,0 +1,5 @@
+nginx__version_spec: ""
+nginx__deploy_redirect_conf: false
+nginx__configurations:
+  - name: wiki.ccchh.net
+    content: "{{ lookup('ansible.builtin.file', 'configs/wiki/nginx/wiki.ccchh.net.conf') }}"

inventories/z9/hosts.yml

@@ -18,3 +18,6 @@ all:
         public-reverse-proxy:
           ansible_host: public-reverse-proxy.z9.ccchh.net
           ansible_user: chaos
+        wiki:
+          ansible_host: wiki.z9.ccchh.net
+          ansible_user: chaos

playbooks/deploy_dokuwiki.yml

@@ -0,0 +1,38 @@
+---
+- name: Configure wiki.z9 with dokuwiki
+  become: true
+  hosts: wiki
+  roles:
+    - nginx
+  tasks:
+    # TODO: make this a role
+    - name: Install php-fpm
+      ansible.builtin.apt:
+        name:
+          - php-fpm
+          - php-xml
+          - php-mbstring
+          - php-zip
+          - php-intl
+          - php-gd
+      diff: false
+    - name: Make sure php-fpm is enabled
+      ansible.builtin.systemd:
+        service: php7.4-fpm.service
+        enabled: true
+
+    # place dokuwiki zip into /var/www/dokuwiki manually!
+    - name: Create www dir
+      become: true
+      ansible.builtin.file:
+        path: /var/www
+        state: directory
+        owner: nginx
+        group: nginx
+        mode: "0755"
+    - name: Custom php-fpm config
+      become: true
+      ansible.builtin.copy:
+        src: configs/wiki/php-fpm-dokuwiki.conf
+        dest: /etc/php/7.4/fpm/pool.d/dokuwiki.conf
+        mode: "0755"

playbooks/files/configs/wiki/nginx/wiki.ccchh.net.conf

@@ -0,0 +1,42 @@
+# partly generated 2022-01-08, Mozilla Guideline v5.6, nginx 1.17.7, OpenSSL 1.1.1k, intermediate configuration
+# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1k&guideline=5.6
+server {
+    listen [::]:80 ipv6only=off;
+
+    server_name wiki.z9.ccchh.net;
+
+    # Maximum file upload size is 4MB - change accordingly if needed
+    client_max_body_size 4M;
+    client_body_buffer_size 128k;
+ 
+    root /var/www/dokuwiki;
+    index doku.php;
+ 
+    #Remember to comment the below out when you're installing, and uncomment it when done.
+    location ~ /(conf/|bin/|inc/|vendor/|install.php) { deny all; }
+ 
+    #Support for X-Accel-Redirect
+    location ~ ^/data/ { internal ; }
+ 
+    location ~ ^/lib.*\.(js|css|gif|png|ico|jpg|jpeg)$ {
+        expires 365d;
+    }
+ 
+    location / { try_files $uri $uri/ @dokuwiki; }
+ 
+    location @dokuwiki {
+        # rewrites "doku.php/" out of the URLs if you set the userwrite setting to .htaccess in dokuwiki config page
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1&$args last;
+    }
+ 
+    location ~ \.php$ {
+        try_files $uri $uri/ /doku.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param REDIRECT_STATUS 200;
+        fastcgi_pass unix:/var/run/php/php-fpm-dokuwiki.sock;
+    }
+}

playbooks/files/configs/wiki/php-fpm-dokuwiki.conf

@@ -0,0 +1,15 @@
+[dokuwiki]
+user = www-data
+group = www-data
+listen = /var/run/php/php-fpm-dokuwiki.sock
+listen.owner = nginx
+listen.group = nginx
+php_admin_value[disable_functions] = exec,passthru,shell_exec,system
+php_admin_flag[allow_url_fopen] = off
+; Choose how the process manager will control the number of child processes. 
+pm = dynamic
+pm.max_children = 75
+pm.start_servers = 10
+pm.min_spare_servers = 5
+pm.max_spare_servers = 20
+pm.process_idle_timeout = 10s