Dokuwiki

=Dokuwiki recipes= Here you can find snippets for configuring Dokuwiki to install in a root path of your server. If you had installed Dokuwiki in a non-root path, consider using a rewrite rule.

Dokuwiki without SSL
This is pretty straight-forward. Just add this to your. Note that the  is non-standard here.

server { server_name wiki.domain.tld; root /var/www/dokuwiki;

location / { index doku.php; try_files $uri $uri/ @dokuwiki; }

location ^~ /lib/ { expires 30d; }

location ^~ /conf/ { return 403; } location ^~ /data/ { return 403; }

location @dokuwiki { rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; rewrite ^/(.*) /doku.php?id=$1 last; }

location ~ \.php$ { include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass unix:/tmp/phpcgi.socket; } }

Dokuwiki with SSL
In http context you have to this line to fill the  variable that is later passed to your fcgi engine. It is required for Dokuwiki to switch properly between http and https.

map $scheme $php_https { default off; https on; }
 * 1) In http context

This goes into dokuwiki.conf, for convenience. This is basically the same as the above snippet but with the required


 * 1) File: /etc/nginx/dokuwiki.conf

include drop.conf;

client_max_body_size 15M; client_body_buffer_size 128k; location / { try_files $uri $uri/ @dw; }

location @dw { rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; rewrite ^/(.*) /doku.php?id=$1 last; }

location ~ \.php$ { include fastcgi_params; fastcgi_param HTTPS $php_https;#DW checks $_SERVER['HTTPS'] fastcgi_pass unix:/tmp/php5-fpm.sock; }

location ~ /(data|conf|bin|inc)/ { deny all; }
 * 1) Block access to data folders

location ~ /\.ht { deny all; }
 * 1) Block access to .htaccess files

You can force your users to switch to SSL for login and administration. As also displayed on the page HTTPS Login for Dokuwiki, you have to create two  instances.


 * 1) File: /etc/nginx/nginx.conf

map $scheme $php_https { default off; https on; }

server { server_name wiki.host.org root /path/to/dokuwiki; index doku.php; listen 80; #Enforce https for logins, admin if ($args ~* do=(log|admin|profile)) { rewrite ^ https://$host$request_uri? redirect; }	include dokuwiki.conf; }

server { server_name wiki.host.org; root /path/to/dokuwiki; index doku.php; listen 443 ssl; keepalive_requests   10; keepalive_timeout    60 60; ssl_certificate     /etc/ssl/certs/ssl-cert-snakeoil.pem; ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; #switch back to plain http for normal view

if ($args ~* (do=show|^$)){ rewrite ^ http://$host$request_uri? redirect; }	include dokuwiki.conf; }

For completeness sake, this goes into.


 * 1) file: /etc/nginx/conf.d/drop.conf

location = /robots.txt { access_log off; log_not_found off; } location = /favicon.ico { access_log off; log_not_found off; } location ~ /\. { access_log off; log_not_found off; deny all; } location ~ ~$          { access_log off; log_not_found off; deny all; }

Rewrite rule
Coming from apache, I realised that I have to install Dokuwiki inside root, because I couldn't rewrite the configuration accordingly. So I added this this to keep all the old links working that were pointing to  and redirect them to.

rewrite ^/dokuwiki(/.*)?$ http://wiki.host.tld$1 permanent;

Full working config
Here below is a full config running in a vhost that can simply be copy pasted and of course change the domain name to your liking.

server { server_name wiki.ulyaoth.net; listen 80; autoindex off; client_max_body_size 15M; client_body_buffer_size 128k; index index.html index.htm index.php doku.php; access_log /var/log/nginx/wiki.ulyaoth.net/access.log; error_log /var/log/nginx/wiki.ulyaoth.net/error.log; root /usr/share/nginx/dokuwiki;

location / { try_files $uri $uri/ @dokuwiki; }

location ~ ^/lib.*\.(gif|png|ico|jpg)$ { expires 30d; }

location = /robots.txt { access_log off; log_not_found off; } location = /favicon.ico { access_log off; log_not_found off; } location ~ /\. { access_log off; log_not_found off; deny all; } location ~ ~$          { access_log off; log_not_found off; deny all; }

location @dokuwiki { rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; rewrite ^/(.*) /doku.php?id=$1 last; }

location ~ \.php$ { try_files $uri =404; fastcgi_pass  unix:/var/run/php-fpm/wiki.ulyaoth.net.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include /etc/nginx/fastcgi_params; fastcgi_param QUERY_STRING     $query_string; fastcgi_param REQUEST_METHOD   $request_method; fastcgi_param CONTENT_TYPE     $content_type; fastcgi_param CONTENT_LENGTH   $content_length; fastcgi_intercept_errors       on; fastcgi_ignore_client_abort    off; fastcgi_connect_timeout 60; fastcgi_send_timeout 180; fastcgi_read_timeout 180; fastcgi_buffer_size 128k; fastcgi_buffers 4 256k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; }

location ~ /(data|conf|bin|inc)/ { deny all; }

location ~ /\.ht { deny all; }

}