not logged in | [Login]

Installing Gollum on Ubuntu with authentication

Introduction

This guide walks you through setting up Gollum wiki with Gollum Omniauth.

Setup

Install Gollum with Authentication

Assumes Ubuntu >= 15

# You will probably need these
sudo apt-get install ruby ruby-dev make zlib1g-dev libicu-dev build-essential git

sudo gem install gollum
sudo gem install omnigollum
sudo gem install github-markup

You'll need to install the specific OmniAuth authentication Gem as well, e.g. gem install omniauth-github. You can find a list of available authentication providers here https://github.com/intridea/omniauth.

Create your config.rb

Create a config.rb file, this file can be placed anywhere you wish but keep it out of your main wiki Git repo since it will contain sensitive information.

You can see examples on the OmniGollum wiki or view an example config.rb.example.

Note, make sure to allow public access to your email address in whatever OAuth service you are using.

Gollum::Page.send :remove_const, :FORMAT_NAMES if defined? Gollum::Page::FORMAT_NAMES

## Omni Auth
require 'omnigollum'
require 'omniauth/strategies/github'

wiki_options = {
  :live_preview => false,
  :allow_uploads => true,
  :per_page_uploads => true,
  :allow_editing => true,
  :css => true,
  :js => true,
  :mathjax => true,
  :h1_title => true
}
Precious::App.set(:wiki_options, wiki_options)

options = {
  # OmniAuth::Builder block is passed as a proc
  :providers => Proc.new do
    # Found https://github.com/settings/applications/
    provider :github, 'Client ID', 'Client Secret'
  end,
  :dummy_auth => false,
  # If you want to make pages private:
  #:protected_routes => ['/private*'],

  # Specify committer name as just the user name
  :author_format => Proc.new { |user| user.name },
  # Specify committer e-mail as just the user e-mail
  :author_email => Proc.new { |user| user.email },

  # Authorized users
  :authorized_users => ["your_email@example.com"],
}


## :omnigollum options *must* be set before the Omnigollum extension is registered
Precious::App.set(:omnigollum, options)
Precious::App.register Omnigollum::Sinatra

Create a startup script

Create a startup file

sudo touch /etc/init.d/gollum-server
sudo chmod +x /etc/init.d/gollum-server
sudo update-rc.d gollum-server defaults

Add the following code to it:

#!/bin/bash

######################################################
### Configuration
######################################################
PID="/var/run/gollum-server.pid"

# The location of the git repository
WIKI="/var/www/yourwiki/public_html/"

# The location if the gollum executable
DEAMON="/usr/local/bin/gollum"

# --config   : the location of your config file
DEAMON_OPT="--config /var/www/yourwiki/config.rb"
# The user the git repository belongs to
USER="gollum"
# The group the git repository belongs to
GROUP="gollum"

######################################################
### Script
######################################################

case "$1" in
  start)
    echo "Starting Gollum"
    start-stop-daemon --start --quiet -b -m -p $PID --chuid $USER:$GROUP --chdir $WIKI --exec $DEAMON -- $DEAMON_OPT
  ;;
  stop)
    echo "Stopping Gollum"
    start-stop-daemon --stop --quiet --pidfile $PID
    rm -f $PID
  ;;
  *)
    echo "Usage: service gollum {start|stop}"
    exit 1
  ;;
esac
exit 0

Setup Apache2 to expose Gollum to the world

Prerequisites:

sudo a2enmod proxy
sudo a2enmod proxy_http
sudo service apache2 restart

Create the file /etc/apache2/sites-available/gollum-site.conf with this content:

<VirtualHost *:80>
        ServerAdmin youremail@example.com
        ServerName w.example.com
        ProxyRequests Off

    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>

    ProxyPass / http://localhost:4567/
    ProxyPassReverse / http://localhost:4567/

    RewriteEngine on
    RewriteRule ^/robots.txt$ http://w.example.com/robots.txt [R,L]

    # rewrite rules for edit features and other features I don't want to expose on port 80
    RewriteRule ^/create(.*) https://w.example.com/create$1 [R,L]
    RewriteRule ^/edit(.*) https://w.example.com/edit$1 [R,L]
    RewriteRule ^/rename(.*) https://w.example.com/rename$1 [R,L]
    RewriteRule ^/delete(.*) https://w.example.com/delete$1 [R,L]
    RewriteRule ^/pages(.*) https://w.example.com/pages$1 [R,L]
    RewriteRule ^/fileview(.*) https://w.example.com/fileview$1 [R,L]

    <Location />
        Order deny,allow
        Allow from all
    </Location>

    ErrorLog /var/log/apache2/error.w.example.com.log

    # Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
    LogLevel info

    CustomLog /var/log/apache2/access.w.example.com.log combined
</VirtualHost>

<VirtualHost *:443>
    ServerName w.example.com
    ProxyRequests Off

    SSLEngine on
    SSLProxyEngine On
    SSLCertificateFile /etc/apache2/ssl/apache.crt
    SSLCertificateKeyFile /etc/apache2/ssl/apache.key

    ProxyPass / http://localhost:4567/
    ProxyPassReverse / http://localhost:4567/
    ProxyPreserveHost On

    <Location />
        Order deny,allow
        Allow from all
        SSLRequireSSL
    </Location>

    ErrorLog /var/log/apache2/error.w.example.com.log
    LogLevel info
    CustomLog /var/log/apache2/access.w.example.com.log combined
    #CookieLog /var/log/apache2/gollum-cookie.log

</VirtualHost>

Now enable the new configuration and reload Apache.

cd /etc/apache2/sites-available
sudo a2ensite
sudo /etc/init.d/apache2 reload

Operations

Start/Stop

/etc/init.d/gollum-server start
/etc/init.d/gollum-server stop

Sources