Home | Gifts

TWiki Installation Guide

The following is installation instructions for the TWiki-6.1 production release on an Apache web server on Linux. Visit TWiki:TWiki.InstallingTWiki for the latest updates to this guide and supplemental information for installing or upgrading TWiki, including notes on installing TWiki on different platforms, environments and web hosting sites.

If you are upgrading from a previous version of TWiki, you probably want to read TWikiUpgradeGuide instead.

On this page:

Preparing to install TWiki

Before attempting to install TWiki, you are encouraged to review the AdminSkillsAssumptions. This guide assumes you have, at a minimum, basic knowledge of server administration on the system on which TWiki is to be installed. While it is possible to install TWiki with FTP access alone (for example, on a hosted site), it is tricky and may require additional support from your hosting service (for example, in setting file ownership and installing missing Perl CPAN libraries).

To help setup a correct Apache configuration, you are very much encouraged to use the automatic tool TWiki:TWiki.ApacheConfigGenerator which generates the contents for an Apache config file for TWiki based on your inputs.

While this installation guide specifically describes installation on an Apache web server on Linux, TWiki should work fine with any web server and OS that meet the system requirements (see below). For additional notes on installing TWiki on other systems, see TWiki:TWiki.InstallingTWiki#OtherPlatforms.

If you are installing TWiki without Unix/Linux root (administrator) privileges (for example, on a hosted domain), see "Notes on Installing TWiki on Non-Root Account" below for supplemental instructions to the basic steps presented below.

If you are upgrading from an earlier major version of TWiki such as Cairo (TWiki-3) or TWiki 4.x you will need the information found at TWikiUpgradeGuide.

One of the more difficult tasks is installation of additional CPAN libraries. See TWiki:TWiki.HowToInstallCpanModules for detailed information on how to install CPAN libraries.

If you need help, ask a question in the TWiki:Support.WebHome web or on TWiki:Codev.TWikiIRC (irc.freenode.net, channel #twiki).

Basic Installation

  1. Download the TWiki distribution from http://TWiki.org/. (Example - download TWiki-6.1.0.tgz for Linux)
  2. Copy the downloaded package into the directory where you want to install TWiki (Example: /var/www). Unpack the distribution in it (Example: tar xvfz TWiki-6.1.0.tgz). The unpack will create a directory called twiki which contains the TWiki package. In the rest of this document we assume this directory is called twiki.
  3. Setup access file and directory rights to enable the webserver user (the user Apache runs the CGI scripts as) to read and write inside the twiki directory.
  4. Check the Perl installation and CPAN dependencies. Ensure that Perl 5 is installed on your system.
  5. Create the file LocalLib.cfg located as twiki/bin/LocalLib.cfg
  6. Choose best configuration method for your webserver. There are two ways to configure Apache: config file included from httpd.conf or .htaccess files.
  7. Configure the webserver * Make sure that Apache is configured to run CGI scripts. On Debian and Ubuntu, enter (with root privileges) a2enmod cgi. If the system may suggest cgid instead of cgi, either one is fine.
  8. Run the configure script from your browser (enter http://yourdomain/do/configure into your browser address bar)

You now have a basic, unauthenticated installation running. At this point you can just point your web browser at http://yourdomain.com/do/view and start TWiki-ing away!

Important Server Security Settings

Before you continue any further there are some basic and very important security settings you have to make sure are set correctly.

  1. You absolutely must turn off any kind of PHP, Perl, Python, Server Side Includes etc in the pub directory. TWiki has some built-in protection which renames files with dangerous file names by appending .txt to the file name. But this is a secondary security measure. The essential action that you must take is to turn off any possible execution of any of the attached files.
    Most Linux distributions have a default Apache installation which has PHP and server side include (SSI) enabled.
  2. Don't put the whole twiki distribution into an HTML document enabled directory. Apache needs to be aware of only two directories: The bin directory should be script enabled, and the pub directory should be HTML document enabled.
    For those who do not have access to the Apache config files, a sample misc/subdir-htaccess.txt file can be copied as .htaccess to the data, lib, locale, templates, tools and working directories.
  3. Attachments are not secured by default to the access control setting of the topic. In other words, anyone can read them if they know the direct URL of the attachment, which includes name of the web, topic and attachment. You can configure TWiki to secure attachments.

The TWiki:TWiki.ApacheConfigGenerator as well as the example misc/twiki_httpd_conf.txt and example misc/htaccess.txt files include the needed settings that protect against all 3 security elements.

Next Steps

Once you have TWiki installed and running, you might consider the following optional steps for setting up and customizing your TWiki site. Many of the references below refer to topics within your TWiki installation. For example, TWiki.TWikiSkins refers to the TWikiSkins topic in your TWiki web. Easy way to jump directly to view the pages is to open your own TWiki in your browser and write TWiki.TWikiSkins in the Jump test box to the right in the top bar and hit Enter. You can find these topics in the on-line reference copy at the official TWiki website: TWiki-6.1 Release.

Enable Authentication of Users

This step provides for site access control and user activity tracking on your TWiki site. This is particularly important for sites that are publicly accessible on the web. This guide describes only the most common of several possible authentication setups for TWiki and is suitable for public web sites. For information about other setups, see TWikiUserAuthentication, and TWiki:TWiki.TWikiUserAuthenticationSupplement.

These are the steps for enabling "Template Login" which asks for a username and password in a web page, and processes them using the Apache 'htpasswd' password manager. Users can log in and log out.

  1. Under the Security Settings pane of configure :
    1. Select TWiki::LoginManager::TemplateLogin for {LoginManager}.
    2. Select TWiki::Users::HtPasswdUser for {PasswordManager}.
    3. Save your configure settings.
    4. Register yourself using the TWikiRegistration topic.
      HELP Check that the password manager recognizes the new user. Check that a new line with the username and encrypted password is added to the data/.htpasswd file. If not, you probably got a path wrong, or the permissions may not allow the webserver user to write to that file.
  2. Edit a topic (by clicking on the Edit link at beginning or end of topic) to check if authentication works.

You are strongly encouraged to read TWikiUserAuthentication, TWiki:TWiki.TWikiUserAuthenticationSupplement, and TWiki:TWiki.SecuringTWikiSite for further information about managing users and security of your TWiki site.

Note: The other LoginManager option TWiki::LoginManager::ApacheLogin uses a basic Apache type authentication where the browser itself prompts you for username and password. Most will find the TemplateLogin looking nicer. But ApacheLogin is required when you use Apache authentication methods like mod_ldap where all authentication is handled by an Apache module and not by the TWiki perl code. When you use ApacheLogin the apache configuration must be set up to require authentication of the some but not all the scripts in the bin directory. This section in the Apache config (or .htaccess) controls this

<FilesMatch "(attach|edit|manage|rename|save|upload|mail|logon|rest|.*auth).*">
   require valid-user
</FilesMatch>

The TWiki:TWiki.ApacheConfigGenerator includes this section when you choose ApacheLogin. In the example misc/twiki_httpd_conf.txt and bin/.htaccess.txt files this section is commented out with #. Uncomment the section when you use ApacheLogin. It is important that this section is commented out or removed when you use TemplateLogin.

Define the Administrator User(s)

Administrators have read and write access to any topic in TWiki, regardless of TWiki access controls. When you install TWiki one of the first things you will want to do is define yourself as an administrator. You become an administrator simply by adding yourself to the TWikiAdminGroup. It is the WikiName and not the login name you add to the group. Editing the Main.TWikiAdminGroup topic requires that you are an administrator. So to add the first administrator you need to login using the internal TWiki admin user login and the password you defined in configure.

Set TWiki Preferences

Preferences for customizing many aspects of TWiki are set simply by editing a special topic with TWiki.

Enable Email Notification

Each TWiki web has an automatic email notification service that sends you an email with links to all of the topics modified since the last alert. To enable this service:

  1. Confirm the Mail and Proxies settings in the Configure interface.
  2. Setup a cron job (or equivalent) to call the tools/mailnotify script as described in the MailerContrib topic.

Enable Signed Email Notification

TWiki administrative e-mails are an attractive target for SPAM generators and phishing attacks. One good way to protect against this possibility to enable S/MIME signatures on all administrative e-mails. To do this, you need an an X.509 certificate and private key for the the {WebMasterEmail} email account. Obtain these as you would for any other S/MIME e-mail user.

To enable TWiki to sign administrative e-mails:

  1. Enable e-mail as described above
  2. If necessary, convert your certificate and key files to PEM format ( openssl has all the necessary utilities)
  3. Place the certificate anyplace convenient that the webserver can read. It should be protected against write. The conventional place under linux is /etc/pki/tls/certs
  4. Place the key file in a secure location that only the webserver can read. It must not be readable by anyone else, and must not be served by the webserver.
  5. Using the configure script, change the following settings under Mail and Proxies:
    1. Follow the directions under {MailProgram} to enable an external mail program such as sendmail. Net::SMTP is not supported.
    2. Enter the full path to the certificate file in the {SmimeCertificateFile} configuration variable
    3. Enter the full path to the private key file in the {SmimeKeyFile} configuration variable
    4. Save the configuration
  6. Re-run the configure script an resolve any errors that it identifies

All out-going administrative e-mails will now be signed.

Enable WebStatistics

You can generate a listing manually, or on an automated schedule, of visits to individual pages on a per web basis. For information on setting up this feature, see the TWikiSiteTools topic.

Automate removal of expired sessions and lease files

Per default TWiki cleans out expired session and lease files each time any topic is viewed. This however comes at a cost of lower performance. It is an advantage to define a negative value in configure for {Sessions}{ExpireAfter} (turn on expert mode to see it), and install a cronjob to run the tools/tick_twiki.pl script. Read The topic TWikiScripts#tick_twiki_pl for details how to do this.

Enable Localization

TWiki now supports displaying of national (non-ascii) characters and presentation of basic interface elements in different languages. To enable these features, see the Localization section of configure. For more information about these features, see TWiki:TWiki.InternationalizationSupplement.

Tailor New User Profile Topic

When a new users registers on your TWiki, a user profile topic is created for them based on the NewUserTemplate topic (and its UserForm). It contains additional resources you can use to:

If you choose to tailor anything you are strongly advised to copy NewUserTemplate and UserForm to the Main web and tailor the Main web copies. TWiki will look for the NewUserTemplate in the Main web first and if it does not exist TWiki uses the default from the TWiki web. By creating a Main.NewUserTemplate and its Main.UserForm you will not loose your customization next time you upgrade TWiki.

If you added or removed fields from the user form you may also want to tailor TWikiRegistration.

Custom Start Web and Homepage

By default the TWiki home is Main.WebHome. Users tend to create content starting from the homepage. In most cases it is better to create a new web (workspace) for default content. That way the Main web can be kept clean and used just for users and TWiki groups. For example, you could create an "Intranet" web if TWiki is primarily used as an intranet, or a "KB" web if used as a knowledge base, etc.

If you have a dedicated web as a starting point you obviously want users start at the home of that web. This can be configured in two places: 1. Redirect from site home to web home, and 2. Set the wiki logo URL.

1. Redirect from site home to web home

When a user enters the domain name of your TWiki she expects to see the homepage. You can do that either with an Apache rewrite rule or an HTML meta redirect to redirect from / to /bin/view/Intranet/WebHome. Here is an example index.html containing an HTML meta redirect you can use: Customize it and put it in your HTML document root on your TWiki sever:

<html>
<head>
<meta http-equiv="refresh" content="0;/do/view/Intranet/WebHome" />
</head>
<body>
Redirecting to <a href="/do/view/Intranet/WebHome">Intranet home</a>...
</body>
</html>

2. Set the wiki logo URL

When a user clicks on the logo in the upper left or on the "Home" link in the top-bar she expects to navigate to the new homepage. You can do that by defining and customizing the following setting in Main.TWikiPreferences as described in the Set TWiki Preferences section:

   * URL of the logo:
      * Set WIKILOGOURL = %SCRIPTURLPATH{view}%/Intranet/WebHome

Customize the Site Logo

Create a logo with a transparent background and a maximum height of 55 pixels. Attach it to Main.TWikiPreferences, raw-edit that topic, and set the following bullet, assuming the name of the logo is my-logo-100x50.png:

   * Logo of this TWiki installation:
      * Set WIKILOGOIMG = %PUBURLPATH%/%USERSWEB%/TWikiPreferences/my-logo-100x50.png

Customize the Look of Your TWiki!

The real power of TWiki lies in its flexibility to be customized to meet your needs. You can easily change the look of the default skins (called TopMenuSkin and PatternSkin) by reading the PatternSkinCustomization.

At the official TWiki website you can find more resources. A good place to start exploring what's possible is TWiki:TWiki.TWikiAdminCookBook which offers tips and tricks for customizing your TWiki site. Many of these are appropriate to implement immediately after installing TWiki and before adding content so now's a good time to look at these.

Customize Special Pages

Some pages are meant to be customized after choice of authentication. If you do not use the internal TWiki password manager the topics that contains the features for changing and resetting passwords and changing the email address should be changed to a note describing how to perform these tasks in your organization. The topics are:

Install Plugins

TWiki:Plugins.WebHome is an extensive library of plugins for TWiki, that enhance functionality in a huge number of ways. A few plugins are pre-installed in the TWiki distribution. For more information on these, see InstalledPlugins.

You activate installed plugin in the Plugins section of configure. In this section you also find a Find More Extensions button which opens an application which can install additional plugins from the TWiki.org website. If you are behind a firewall or your server has no access to the Internet it is also possible to install plugins manually. Manual installation instructions for the plugins can be found in the plugin topics on TWiki.org. Additional documentation on TWiki plugins can be found at TWiki:TWiki.TWikiPluginsSupplement.

Some plugins require that you define their settings in configure. You fill find these under the Extensions section of configure.

WYSIWYG And Raw Edit

From TWiki release 4.2.0 on the WYSIWYG editor has been replaced by a much better and more powerful editor and it was decided that WYSIWYG would be the default edit mode. An Edit Raw link is available for those that have a need or preference for this mode.

However you may prefer to have the same user interface as in TWiki 4.1 where Edit was the raw text editor and you had a WYSIWYG button. This is possible by adding the following setting in the Main.TWikiPreferences, WebPreferences or user hompages:

Copyright, License and Classification Statements

At the bottom of each topic you will find a default copyright message saying "Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors." The WEBCOPYRIGHT setting defines this. This is often not adequate.

You change the copy right statement globally by taking these steps.

Troubleshooting

The first step is to re-run the configure script and make sure you have resolved all errors, and are satisfied that you understand any warnings.

If, by any chance, you forget the "admin" password, the same used in "configure" script, then please login to the server. Delete $TWiki::cfg{Password}= ' ...';. Set the new password using "configure" script.

Failing that, please check TWiki:TWiki.InstallingTWiki on TWiki.org, the supplemental documentation that help you install TWiki on different platforms, environments and web hosting sites. For example:

It is also advisable to review TWiki:Codev/KnownIssuesOfTWiki06x01.

If you need help, ask a question in the TWiki:Support web or on TWiki:Codev/TWikiIRC (irc.freenode.net, channel #twiki)

Appendices

TWiki System Requirements

Low client and server base requirements are core features that keep TWiki widely deployable, particularly across a range of browser platforms and versions. Many Plugins and contrib modules exist which enhance and expand TWiki's capabilities; they may have additional requirements.

Server Requirements

TWiki is written in Perl 5, uses a number of shell commands, and requires RCS (Revision Control System), a GNU Free Software package. TWiki is developed in a basic Linux/Apache environment. It also works with Microsoft Windows, and should have no problem on any other platform that meets the requirements.

Resource Required Server Environment *
Perl 5.10.1 or higher
RCS 5.7 or higher (including GNU diff)
Optional, TWiki includes a pure Perl implementation of RCS that can be used instead (although it's slower)
GNU diff GNU diff 2.7 or higher is required when not using the all-Perl RcsLite.
Install on PATH if not included with RCS (check version with diff -v)
Must be the version used by RCS, to avoid problems with binary attachments - RCS may have hard-coded path to diff
GNU df Used by the site statistics to record disk usage statistics, optional. The df command is pre-installed on Linux and OS-X. On Windows install the CoreUtils for Windows.
GNU patch For upgrades only: GNU patch is required when using the TWiki:Codev.UpgradeTWiki script
GNU fgrep, egrep Modify command line parameters in configure if you use non-GNU grep programs
zip Zip archive command line utility. Used by the BackupRestorePlugin to create and restore from backups.
Cron/scheduler • Unix: cron
• Windows: cron equivalents
Web server Apache is well supported; see TWiki:TWiki.InstallingTWiki#OtherWebServers for other servers

Required CPAN Modules

Most of the CPAN libraries listesd below are part of a standard Perl installation so you most likely have them all!

See TWiki:TWiki.HowToInstallCpanModules for detailed information on how to install CPAN libraries

The following Perl CPAN modules are used by TWiki:

Module Preferred version Comment
Algorithm::Diff   Included in TWiki distribution
CGI >=3.18 & <=4.03 A suitable version ships with TWiki since TWiki-6.0.2 using CgiContrib, e.g. it is no longer necessary to install or downgrade this module. Versions 2.89 and 3.37, as well as version > 4.13 must be avoided.
CGI::Carp >=1.26  
Config >=0  
Cwd >=3.05  
Data::Dumper >=2.121  
Encode >=2.1  
Error   Included in TWiki distribution
File::Copy >=2.06  
File::Find >=1.05  
File::Spec >=3.05  
File::Temp >=0.18 This version included in Perl 5.9.5. File::Temp needs to be updated on RedHat 5 and CentOS 5.
FileHandle >=2.01  
HTML::Parser >=3.28 Needed by the WysiwygPlugin for WYSIWYG editing
HTML::Entities >=1.25 Needed by the WysiwygPlugin for WYSIWYG editing; part of the HTML::Parser package.
IO::File >=1.10  
LWP   Needed to install extensions in TWiki configure
Net::SMTP >=2.29 Used for sending mail
Text::Diff   Included in TWiki distribution
Time::Local >=1.11  

Optional CPAN Modules

The following Perl modules may be used by TWiki:

See TWiki:TWiki.HowToInstallCpanModules for detailed information on how to install CPAN libraries

Module Preferred version Description
Archive::Tar   May be required by the Extensions Installer in configure if command line tar or unzip is not available
Authen::SASL   Used for SMTP Authentication
CGI::Cookie >=1.24 Used for session support
CGI::Session >=3.95 Used for session support
Crypt::SMIME >=0.09 Required if S/MIME-signed administrative e-mail is enabled.
Digest::base    
Digest::SHA1    
JSON >=2.0 Required if TWikiSheetPlugin is used, or if JSON objects are stored and retrieved in SetGetPlugin
Locale::Maketext::Lexicon >=0 Used for I18N support
Net::SMTP >=2.29 Used for sending mail
URI   Used for configure

Most of them will probably already be available in your installation. You can check version numbers with the configure script, or if you're still trying to get to that point, check from the command line like this:

perl -e 'use FileHandle; print $FileHandle::VERSION."\n"'

Client Requirements

The TWiki standard installation has relatively low browser requirements:

CSS and Javascript are used in most skins, although there is a low-fat skin (Classic skin) available that minimizes these requirements. Some skins will require more recent releases of browsers. The default skin (Pattern) is tested on IE 6, Safari, and Mozilla 5.0 based browsers (such as Firefox).

You can easily select a balance of browser capability versus look and feel. Try the installed skins at TWikiSkinBrowser and more at TWiki:Plugins.SkinPackage.

Important note about TWiki Plugins

Notes on Installing TWiki on Non-Root Account

The following supplemental notes to the Basic Installation instructions apply to installing TWiki on a system where you don't have Unix/Linux root (administrator) privileges, for example, on a hosted Web account or an intranet server administered by someone else.

Referring to the Basic Installation steps presented above:

For additional information about installing TWiki on a hosted accounts, see TWiki:TWiki.InstallingTWiki#WebHostingSites

Installing Manually Without Configure

It is highly recommended to use run configure from the browser when setting up TWiki. Configure does a lot of the hard work for you.

But there may be instances where you do not want to use configure or where configure simply won't run because of a missing dependency.

The manual steps you have to take are:

Related Topics: AdminDocumentationCategory, TWiki:TWiki.InstallingTWiki, TWikiUpgradeGuide

Contributors: TWiki:Main.PeterThoeny, TWiki:Main.MikeMannix, TWiki:Main.RichardDonkin, TWiki:Main.KennethLavrsen, TWiki:Main.CrawfordCurrie, TWiki:Main.MartinGregory

Revision r83 - 2018-07-15 - 04:41:42 - TWikiContributor Edit