There are two ways to add a wiki space. These are notes by Alex for himself in case more spaces need to be added.
Simple wiki spaces are distinguished by the first path segment of the URL. They are simple to set up.
Examples:
The Test space at transjovian.org/test
The Phoebe space at transjovian.org/phoebe
In order to set these up, we must add an option to the script that starts Phoebe and specify the new space using the --wiki_space option.
As this particular instance of Phoebe serves multiple domains, we need to specify both host names and wiki space in one go:
Do this in 「farm/phoebe.service」 for systemd.
Once this is done, we need to reload systemd and have it restart Phoebe:
systemctl daemon-reload systemctl restart phoebe journalctl --follow --unit phoebe
Fancy wiki spaces are distinguished by the domain itself. They are harder to setup because this affects many different systems.
Examples:
The Toki space at toki.transjovian.org
The Next Oddmuse space at next.oddmuse.org
In order to set these up, we have to do multiple things.
First, we need to set up a subdomain. These names are all hosted by Gandi, so we need to log into Gandi and set up a new CNAME.
Second, we need to tell Apache to redirect connections from port 80 and port 443 to port 1965. We need to append the new subdomain to the ServerAlias lines. If we use RewriteRule, we can use the HTTP_HOST variable, which refers to the Host header, which names the server the client used to contact the server. Perfect!
We shouldn’t forward the requests to “well-known” URLs, because doing that breaks services like dehydrated which we use to get the certificates by Let’s Encrypt.
<VirtualHost *:80>
ServerName transjovian.org
ServerAlias vault.transjovian.org toki.transjovian.org
RewriteEngine on
RewriteRule ^/(.*) https://%{HTTP_HOST}:1965/$1
</VirtualHost>
<VirtualHost *:443>
ServerAdmin kensanata@gmail.com
ServerName transjovian.org
ServerAlias vault.transjovian.org toki.transjovian.org
RewriteEngine on
# Do not redirect /.well-known URL
RewriteCond %{REQUEST_URI} !^/\.well-known/
RewriteRule ^/(.*) https://%{HTTP_HOST}:1965/$1
Include conf-enabled/blocklist.conf
SSLEngine on
SSLCertificateFile /var/lib/dehydrated/certs/transjovian.org/cert.pem
SSLCertificateKeyFile /var/lib/dehydrated/certs/transjovian.org/privkey.pem
SSLCertificateChainFile /var/lib/dehydrated/certs/transjovian.org/chain.pem
SSLVerifyClient None
</VirtualHost>
Do this in 「/etc/apache2/sites-available/500-transjovian.org.conf」.
Once this is done, we need to restart Apache, gracefully:
apachectl graceful
As you can see in the Apache config, we refer to the certificates by dehydrated. The next step is to add the subdomains to 「/etc/dehydrated/domains.txt」.
Once we have done that, make a run of dehydrated:
dehydrated -c
Now we’re finally ready to do what we did for simple wiki spaces. This time, however, we specify the new host name to listen for, and the certificate to use for it.
Or:
Do this in 「farm/phoebe.service」 for systemd.
Once this is done, we need to reload systemd and have it restart Phoebe:
systemctl daemon-reload systemctl restart phoebe journalctl --follow --unit phoebe
If all we well, we can now visit our site both using a Gemini client and a web browser. If things didn’t work out, here’s how to verify the various steps.
If the host name cannot be found, check your DNS setup using dig. Both of these commands should point to the actual server name and IP number (IPv4 and IPv6, respectively):
dig toki.transjovian.org dig -t AAAA toki.transjovian.org
Once this works, verify the Apache setup using curl.
Both of these requests should redirect to port 1965:
curl http://toki.transjovian.org curl https://toki.transjovian.org
If you’re getting SSL errors, verify whether the correct certificate is being served on port 443:
openssl s_client -connect toki.transjovian.org:443
If this works and you’re on port 1965 but you’re still getting an SSL error, then the problem lies in how Phoebe was started. First, verify whether the correct certificate is being served on port 1965 and whether it is valid:
openssl s_client -connect toki.transjovian.org:1965
If that works but it seems the wiki space is unknown, make sure you start Phoebe with --log_level=debug and check the startup message. Right at the beginning, it should list the hosts it listens for and the spaces it knows:
Host transjovian.org toki.transjovian.org next.oddmuse.org … Space transjovian.org/test transjovian.org/phoebe
Good luck! 🚀🚀😁🎉
The main page starts with “This page does not yet exist.” In order to fix this, choose “New page” and create the “Welcome” page. This is the same for every wiki space for this instance of Phoebe.