Page break

Management Summary[edit | edit source]

YourCompany has organizational wikis.

The organization wikis vary in size, some have a size of only a few pages. About 5 wikis have a much larger size. All model company wikis have a total of about 400 users.

The following procedure has been defined:

  • Users are currently managed by SAML. In addition, access to the individual wikis should be controlled via SAML.

Page break

Server Infrastructure[edit | edit source]

Server environment[edit | edit source]

Server Server name URL Configuration
Production System rz14.yourcompany.local https://wiki.yourcompany.de/ Ubuntu 16.04.

8 CPUs

32 GB RAM

Development System rz14.yourcompany.local https://wiki-a.yourcompany.de Ubuntu 16.04.

8 CPUs

32 GB RAM

Setup BlueSpice pro with WikiFarm[edit | edit source]

BlueSpice pro Services:[edit | edit source]

Services for the operation of BlueSpice pro:[edit | edit source]
  • Webserver (Apache) with PHP
  • Database (MariaDB)
Additonal Services:[edit | edit source]
Service required for
NodeJS/Parsoid VisualEditor
NodeJS/PhantomJS generating screenshots (e.g. recent changes)
Java Application Server (Jetty)/ Tomcat PDF export
Java Application Server (Jetty)/ VisualDiff compare versions of a page
Java Application Server (Jetty)/ TeX math formulas
Search Server (ElasticSearch) search
SVG-Renderer (Inkscape) .svg
Python/Pygmentize syntax highlighting source code in pages

Scheme Docker Container[edit | edit source]

drawio: Structure of the docker container

Page break

Production Wiki[edit | edit source]

History / Important Deployments[edit | edit source]

Protocol by Horst Schreiber
First installation 2017-04-02
Update to current codebase 3.0.0 2018-11-26
Update to 3.0.1 2019-03-27
Update


Access[edit | edit source]

Remote Access VPN -> SSH
ID a_exNNNNN
Username for SSH ICA\a_exNNNNN


Installed programs (applications)[edit | edit source]

URL https://wiki.yourcompany.com
Domains
  • wiki.yourcompany.com
  • wikidocs.yourcompany.com
Server name rz14.yourcompany.local
Operating System Ubuntu 16.04.
BlueSpice Version 3.0.1 per WikiFarm
MediaWiki Version 1.31.1
Deployment package Docker
Path to Docker files /data/bluespice/bluespice
Authentication SAML.php
Notes Group assignment to instances in 099-AdditionalPermissions.php


Please note for updates[edit | edit source]

Since it is currently not possible to set the permissions properly, the delete permission has been withdrawn from the editor DefaultSettings.php.


Docker[edit | edit source]

Starting Docker[edit | edit source]

docker run -d -v /data/bluespice/certificates:/etc/apache2/ssl  -v 
/data/bluespice/bluespice/099-AdditionalPermissions.php:/var/www/bluespice/w/settings.d/099-
    AdditionalPermissions.php -v 
/data/bluespice/database:/var/lib/mysql -v 
/data/bluespice/elasticsearch:/var/lib/elasticsearch -v 
/data/bluespice/bluespice:/opt/bluespice-docker -v /data/bluespice/backup:/backup -v 
/data/backups-mediawiki:/import -e "TZ=Europe/musterfirma"  -lCE -t -p 80:80 -p 443:443 -p 8000:8000 
    -p 8001:8001 1d85e6a800e9

Docker IP[edit | edit source]

cat /etc/doc ker/daemon.json
{
        "bip": "172.19.10.1/24",
        "fixed-cidr": "172.19.10.1/24"
}


Backup / Cronjobs[edit | edit source]

Cronjobs[edit | edit source]

runJobs daily

Backup[edit | edit source]

BackupDatabases daily


Services[edit | edit source]

Database[edit | edit source]

Programm MariaDB
Version 10.1.37

PHP[edit | edit source]

Version 7.0.30

Jetty[edit | edit source]

Version 9

Caching[edit | edit source]

opcache
memcached

Webserver[edit | edit source]

Programm Apache
Version 2.4.18

<b

Development Wiki[edit | edit source]

Belongs to: YourCompany
First installation: 2022-01-04
Contract start: 2021-12-17
Minimum contract period: 2 Years
Contract type: Subscription
Performance level: Standard with WikiFarm and Development
Account manager: Doe, John
Last update:
Short description Testsystem: BlueSpice 4 pro with WikiFarm and Development

History / Important Deployments[edit | edit source]

Protocol by Sarah Naumann
First Installation 2018-11-26
Update to 3.0.1 2019-03-26
Update

Access[edit | edit source]

Remote Access VPN -> SSH
ID a_exNNNNN
Username for SSH ICA\a_exNNNNN

Installed programs (applications)[edit | edit source]

URL https://wiki.yourcompany.com
Domains
  • wiki.yourcompany.com
  • wikidoc.yourcompany.com
Server Name rz17.musterfirma.local
Operating System Ubuntu 16.04.
BlueSpice Version 3.0.1 per WikiFarm
MediaWiki Version 1.31.1
Deployment Package Docker
Path to Docker files /data/bluespice/bluespice
Authentication SAML.php
Notes Group assignment to instances in 099-AdditionalPermissions.php

Please note for updates[edit | edit source]

Since it is currently not possible to set the permissions properly, the delete permission has been withdrawn from the editor DefaultSettings.php.

Docker[edit | edit source]

Starting Docker[edit | edit source]

docker run -d -v /data/bluespice/certificates:/etc/apache2/ssl  -v 
/data/bluespice/bluespice/099-AdditionalPermissions.php:/var/www/bluespice/w/settings.d/
	099-AdditionalPermissions.php -v 
/data/bluespice/database:/var/lib/mysql -v 
/data/bluespice/elasticsearch:/var/lib/elasticsearch -v 
/data/bluespice/bluespice:/opt/bluespice-docker -v /data/bluespice/backup:/backup -v 
/data/backups-mediawiki:/import -e "TZ=Europe/Berlin"  -lCE -t -p 80:80 -p 443:443 
	-p 8000:8000 -p 8001:8001 1d85e6a800e9

Docker IP[edit | edit source]

cat /etc/doc ker/daemon.json
{
        "bip": "172.19.10.1/24",
        "fixed-cidr": "172.19.10.1/24"
}

Backup / Cronjobs[edit | edit source]

Cronjobs[edit | edit source]

runJobs daily

Backup[edit | edit source]

BackupDatabases daily

Services[edit | edit source]

Database[edit | edit source]

Program MariaDB
Version 10.1.37

PHP[edit | edit source]

Version 7.0.30

Jetty[edit | edit source]

Version 9

Caching[edit | edit source]

opcache
memcached

Webserver[edit | edit source]

Program Apache
Version 2.4.18

<b

Authentication and Security Levels[edit | edit source]

SAML/Prod[edit | edit source]

The following domains are all connected to SAML:

  • wiki.yourcompany.com = Main Instance = WikiFarm Management
  • wiki.yourcompany.com redirects to wiki.yourcompany.com/yourcompany= YourCompany Wiki
  • wikidocs.yourcompany.com redirects to wiki.yourcompany.com/yourcompany with local login


Security levels of wikis[edit | edit source]

* = (all) = applies to every visitor of the wiki, including those who do not log in.

Public[edit | edit source]

permissions
user group login required sys admin wiki maintain admin editor reader
[...]_Admin x x x x x
* --- --- --- x x

Protected[edit | edit source]

permissions
user group login required sys admin wiki maintain admin editor reader
[...]_Admin x x x x x
[...]_Editeren x --- --- x x
* --- --- --- --- x

Private[edit | edit source]

permissions
user group login required sys admin wiki maintain admin editor reader
[...]_Admin x x x x x
[...]_Editeren x --- --- x x
[...]_Lezen x --- --- --- x
* --- --- --- --- ---

Admin[edit | edit source]

permissions
user group login required sys admin wiki maintain admin editor reader
[...]_Admin x x x x x
* --- --- --- --- ---


URL[edit | edit source]

If the URL of a wiki does not exist (or there is a letter error because of case-sensitivity), the user is currently redirected to the farm management. Depending on the authorization level, the user might not have access. It is possible to redirect the user to a page of another instance. However, this can only be done once. Redirects always link to the same instance. On the target page you could, for example, store an overview of operating wikis.

Discussions