====== Install DokuWiKi on AWS EC2 Amazon Linux 2 AMI ======

  - Login to [[https://console.aws.amazon.com/|AWS EC2 Web Console]]
  - Launch a new **t2.micro** EC2 instance from **Amazon Linux 2 AMI**
  - Allocation new Elastic IP
  - Allocate the Elastic IP to newly create EC2 instance
  - Using [[https://putty.org|PuTTY]] SSH Client and PEM key login, SSH into in the new instance
  - Run the following Linux shell command to update Amazon Linux 2: <code>
sudo yum -y update
</code>
  - Run the following Linux shell command to install [[https://php.net/|PHP 7.2]]:<code>
sudo amazon-linux-extras install -y php7.2
</code>
  - Run the following Linux shell command to install [[https://httpd.apache.org/|Apache httpd]], PHP XML Parser (required by DokuWiki) and [[https://httpd.apache.org/docs/current/mod/mod_ssl.html|Apache SSL Module]]:<code>
sudo yum -y install httpd php-xml mod_ssl
</code>
  - Edit **httpd.conf** file by running ''sudo vi /etc/httpd/conf/httpd.conf'' Linux shell command with following contents: <WRAP center round alert 60%>
Replace //<<Server Administrator Email address>>// \\ 
Replace //<<Website DNS>>//
</WRAP><file conf httpd.conf>
#Listen 80
ServerAdmin <<Server Administrator Email address>>
ServerName <<Website DNS>>:80
<LocationMatch "/(data|conf|bin|inc|vendor)/">
     order allow,deny
     deny from all
     satisfy all
</LocationMatch>
</file>
  - Run the following Linux shell command to enable Apache httpd server to start at boot as well as immediately:<code>
sudo systemctl enable httpd
sudo systemctl start httpd
</code>
  - Run the following Linux shell commands to download and install [[doku>|DocuWiKi]]:<WRAP center round info 60%>
For detailed installation procedure, refer to [[doku>install:amazone_ec2]]
</WRAP><WRAP center round alert 60%>
To generate //<<dokuwiki download file>>//, Goto [[https://download.dokuwiki.org/]] URL from any web browser, select necessary options and click **Start Download** button
</WRAP><code>
cd /var/www/html
sudo wget https://download.dokuwiki.org/out/dokuwiki-<<.tgz
sudo tar -zxvf dokuwiki-<<dokuwiki download file>>.tgz
sudo rm -r dokuwiki-<<dokuwiki download file>>.tgz
sudo chown -R apache dokuwiki
sudo chgrp -R apache dokuwiki
cd dokuwiki
sudo mv * ../
cd ..
sudo rm -Rf docuwiki
sudo chmod -R 0700 data
sudo chmod -R 0700 conf
sudo chmod -R 0700 inc
sudo chmod -R 0700 vendor
</code>
  - Update DNS host record with your Domain Registrar or Domain Management Service
  - From web browser on your PC, go to ''https:%%//%%<<domain name>>/install.php''
  - Fill all the required details
  - Generate CloudFlare Origin Certificate
  - Run following Linux shell commands to create certificates:<WRAP center round info 60%>
[[https://www.digicert.com/kb/csr-ssl-installation/apache-openssl.htm#ssl_certificate_install]] \\
[[https://support.cloudflare.com/hc/en-us/articles/115000479507-Managing-Cloudflare-Origin-CA-certificates]]
</WRAP><WRAP center round alert 60%>
Replace //<<domain name>>// with your website's domain name \\
Replace //<<Paste Origin Certificate>>// with Origin Certificate generated in your CloudFlare account \\
Replace //<<Paste Private Key>>// with Private Key for Origin Certificate generated in your CloudFlare account 
</WRAP><code>
sudo mkdir /usr/local/ssl
sudo vi /usr/local/ssl/<<domain name>>.crt
<<Paste Origin Certificate>>
sudo vi /usr/local/ssl/<<domain name>>.crt
<<Paste Private Key>>
sudo vi /usr/local/ssl/cloudflare.crt
<<Paste CloudFlare certificate from below>>
</code>[[https://support.cloudflare.com/hc/article_attachments/360037885371/origin_ca_rsa_root.pem]]<file txt cloudflare.crt>
-----BEGIN CERTIFICATE-----
MIIEADCCAuigAwIBAgIID+rOSdTGfGcwDQYJKoZIhvcNAQELBQAwgYsxCzAJBgNV
BAYTAlVTMRkwFwYDVQQKExBDbG91ZEZsYXJlLCBJbmMuMTQwMgYDVQQLEytDbG91
ZEZsYXJlIE9yaWdpbiBTU0wgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MRYwFAYDVQQH
Ew1TYW4gRnJhbmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlhMB4XDTE5MDgyMzIx
MDgwMFoXDTI5MDgxNTE3MDAwMFowgYsxCzAJBgNVBAYTAlVTMRkwFwYDVQQKExBD
bG91ZEZsYXJlLCBJbmMuMTQwMgYDVQQLEytDbG91ZEZsYXJlIE9yaWdpbiBTU0wg
Q2VydGlmaWNhdGUgQXV0aG9yaXR5MRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRMw
EQYDVQQIEwpDYWxpZm9ybmlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwEiVZ/UoQpHmFsHvk5isBxRehukP8DG9JhFev3WZtG76WoTthvLJFRKFCHXm
V6Z5/66Z4S09mgsUuFwvJzMnE6Ej6yIsYNCb9r9QORa8BdhrkNn6kdTly3mdnykb
OomnwbUfLlExVgNdlP0XoRoeMwbQ4598foiHblO2B/LKuNfJzAMfS7oZe34b+vLB
yrP/1bgCSLdc1AxQc1AC0EsQQhgcyTJNgnG4va1c7ogPlwKyhbDyZ4e59N5lbYPJ
SmXI/cAe3jXj1FBLJZkwnoDKe0v13xeF+nF32smSH0qB7aJX2tBMW4TWtFPmzs5I
lwrFSySWAdwYdgxw180yKU0dvwIDAQABo2YwZDAOBgNVHQ8BAf8EBAMCAQYwEgYD
VR0TAQH/BAgwBgEB/wIBAjAdBgNVHQ4EFgQUJOhTV118NECHqeuU27rhFnj8KaQw
HwYDVR0jBBgwFoAUJOhTV118NECHqeuU27rhFnj8KaQwDQYJKoZIhvcNAQELBQAD
ggEBAHwOf9Ur1l0Ar5vFE6PNrZWrDfQIMyEfdgSKofCdTckbqXNTiXdgbHs+TWoQ
wAB0pfJDAHJDXOTCWRyTeXOseeOi5Btj5CnEuw3P0oXqdqevM1/+uWp0CM35zgZ8
VD4aITxity0djzE6Qnx3Syzz+ZkoBgTnNum7d9A66/V636x4vTeqbZFBr9erJzgz
hhurjcoacvRNhnjtDRM0dPeiCJ50CP3wEYuvUzDHUaowOsnLCjQIkWbR7Ni6KEIk
MOz2U0OBSif3FTkhCgZWQKOOLo1P42jHC3ssUZAtVNXrCk3fw9/E15k8NPkBazZ6
0iykLhH1trywrKRMVw67F44IE8Y=
-----END CERTIFICATE-----
</file>
  - Edit **ssl.conf** file by running ''sudo vi /etc/httpd/conf.d/ssl.conf'' Linux shell command with following contents:<WRAP center round alert 60%>
Replace //<<domain name>>// with your website's domain name
</WRAP><file txt ssl.conf>
SSLCertificateFile /usr/local/ssl/<<domain name>>.crt
SSLCertificateKeyFile /usr/local/ssl/<<domain name>>.key
SSLCertificateChainFile /usr/local/ssl/cloudflare.crt
</file>
  - Run following Linux shell command to restart Apache httpd service:<code>
sudo systemctl restart httpd
</code>
  - Test security of your website by accessing ''https:%%//%%<<domain name>>/data/pages/wiki/dokuwiki.txt''. Refer to [[doku>security#web_access_security]] for detailed instructions on how to properly secure important directories in your DokuWiki installation.