Installation
Hackiki is tricky, but not impossible, to install properly. If you don't want to install a Hackiki instance yourself, the author may be willing to host it here (for a small fee); email him at Richards@codu.org to inquire. If there is interest, he may also be willing to create ready-to-run VM installations of Hackiki.
Automated installation
The process of setting up Hackiki is (mostly) automated in a script available as part of Hackiki, http://codu.org/projects/hackiki/hg/index.cgi/raw-file/tip/lib/installhackiki.sh . This script has been tested on Debian and OpenSUSE, and should work on any GNU/Linux distribution. Run the script as root (sorry, only root can chroot!). It will set up /var/chroots/hackiki as a Hackiki chroot. You must then set up your firewall, as per instruction 2 in the manual installation instructions. You may configure Hackiki further within the chroot, by first running the following command to get into the chroot:
chroot /var/chroots/hackiki su - www-data
Then editing the relevant configuration files, in particular /etc/lighttpd/lighttpd.conf and /var/www/lib/config.php . You may also want to replace the empty Hackiki filesystem with the template filesystem, as per the end of the manual installation instructions below.
Manual installation
To create a Hackiki instance:
1) You will need a debootstrap-created chroot to run Hackiki in, unless you want to (potentially) expose the host system. This is technically optional. All the following instructions assume you've already done this. Assuming you have debootstrap installed, this goes something like this:
debootstrap lenny [directory to create]
You may have more luck with plash if you replace squeeze with lenny, but it should work either way. For those unversed in chroots, you will have to do the following for the chroot to work properly (assuming /var/chroots/hackiki as the chroot directory):
mount -o bind /dev /var/chroots/hackiki/dev mount -o bind /proc /var/chroots/hackiki/proc mount -o bind /sys /var/chroots/hackiki/sys
Then, to switch into the chroot, use the following command as root:
chroot /var/chroots/hackiki su -
2) In the host system firewall, block processes with high UIDs from accessing the network. This is to prevent plash processes specifically. If you're using shorewall, add this to your /etc/shorewall/rules:
REJECT $FW net all - - - - 5500:2147483647
3) Install plash, lighthttpd (or apache), php5-cgi and mercurial in the chroot. Install the pcntl extension for PHP. If you want to use OpenID authentication, you will also need to install php-openid.
4) Configure lighttpd. If you want it to run on a port other than 80, configure that. Enable cgi, fastcgi, rewrite and PHP (via fastcgi):
$ lighttpd-enable-mod cgi fastcgi
Add the following to make Hackiki happy:
$HTTP["url"] =~ "^/lib" {
url.access-deny = ("")
}
$HTTP["url"] =~ "^/.hg" {
url.access-deny = ("")
}
url.rewrite-once = ( "^/wiki(.*)" => "/wiki.php$1",
"^/fs(.*)" => "/cgi-bin/fshg.cgi$1" )You may also want to configure lighttpd to use a different user than www-data. However, the rest of this installation guide assumes that you have not.
5) As www-data:
rm -f /var/www/* hg clone https://codu.org/projects/hackiki/hg/ /var/www/hackiki mv /var/www/hackiki/* /var/www/hackiki/.hg /var/www/ rmdir /var/www/hackiki
6) Edit the Hackiki configuration, if you'd like (/var/www/lib/config.php)
7) As www-data, create the hackiki configuration directory:
su -c "mkdir -p /var/lib/hackiki; chown www-data:www-data /var/lib/hackiki" cp /var/www/lib/limits /var/lib/hackiki/limits hg init /var/lib/hackiki/fs
8) Install hgweb.cgi to /var/www/cgi-bin/fshg.cgi , referring to the /var/lib/hackiki/fs Mercurial repository (see the Mercurial documentation on how to do this)
9) Visit http://[yoursite]:[yourport]/wiki/ , and you should get ... well, nothing useful. But if you visit http://[yoursite]:[yourport]/wiki/edit/bin/index , you can create your index script. If you'd like, you can replace the FS created above with a clone of the FS used for the Hackiki template at http://template.hackiki.org/ to start from something more substantial:
rm -rf /var/lib/hackiki/fs hg clone http://template.hackiki.org/fs/ /var/lib/hackiki/fs
Note that template.hackiki.org is configured through etc/permissions to allow no edits, so you will need to change or remove etc/permissions from the command line before you can do anything from Hackiki.