Difference between revisions of "Startup Instructions"

Welcome!

Welcome to The Interventional Services Wiki Project! This page will walk you through the process of creating your very own wiki for your lab.

This startup guide will include all of the information needed to get your wiki running. It will also provide links to further information if you want to dive deeper into the subject matter.

AWS Mini Tutorial

Terminology

• AMI - Amazon Machine Image. An AMI is a “hard-drive” containing all of the software and data needed to run your wiki. these images are vetted by Amazon and available on the AWS marketplace. A Ubuntu Unix ami was used as a starting point for the wiki. You will go to the AWS marketplace to select the Interventional services wiki AMI.

• Instance - the instance is the “hard-drive“ and the “server“. In this case, it is a virtualized server that mimics the hardware that you choose to run the image. Once you have made all of the configurations to the instance, and launch it, then you will have a running server that you can connect to.

• IAM - Identity and Access Management. AWS includes some very powerful tools for controlling back-end access to your AWS account and instances. For example, the main AWS account that owns the wiki and domain names must include credit card and billing info. It might not be a good idea to have this information available to day-to-day staff. You can create another AWS account that can access the wiki Dashboard without having access to the billing module. This also makes it easy to manage access to any account in case of personnel changes.

• Key Pair - This is a cryptographic tool to keep access to your servers back end, called the command line, secure. You can think of it like a password, but it’s more like a paragraph. One part of the key, called the public key is stored on your server, and isn’t a secret, hence the name. The second part of the pair is the private key. You must keep this protected on your local computer. You will create one as part of the process of launching your first instance.

• Security Group - This is where you define your "firewall" settings. What ports (Channels) your server will communicate on, and whether it will talk to everybody, or only certain people. Like the Key Pair, you will define this before launching your first instance.

Create an AWS account (Free)

The first step is to create an Amazon Web Services(AWS) account. If you already have one, that will work, but we encourage you to create an account solely for the wiki. A later tutorial will show you how to access the wiki from your AWS account. AWS requires a unique email address for a new account, so you may need to create one. Gmail works for this, or a dedicated account at your facility. Again, it is good practice to use a dedicated email for this and not a personal email account.

Launch your instance (Free)

Once you have an AWS account, you will need to visit the EC2 service. This stands for Elastic Computing Cloud and manages your virtual servers. When it’s time to choose a domain name and link it to your server you will need to visit Route 53.

Once you are in EC2, click on instances. This is where you start, stop, and get info on all running instances. Click on Launch Instance to start your server. The next page will require some info:

1. Give it a name
2. Pick an AMI. Do this by searching for theInterWiki Project AMI.
3. Instance type: we recommend t2.micro its free for the first year, and more than enough to run the wiki.
4. Choose your key pair
5. Choose your security group
6. The storage default should be fine (8Gb)

Configure your wiki

Create a domain name ($)

You will need to log-in to the Unix command-line interface(CLI) to make these changes. When you launched your instance from the AMI, you created a key pair. You will reference this key pair when using SSH to connect.

You can find a connection guide by clicking the connect button after selecting your instance from the list on your AWS EC2 dashboard.

Once you are connected to your CLI, you will need to edit the LocalSettings.php file.

First, change directory (cd) to the web server directory:

cd /var/www/html

Now, list all the files:

ls -al

This is your wiki code, the actual information in your pages will be stored in a database, more on that later.

Open a simple text editor and tell it to open the LocalSettings.php file with this command:

sudo nano LocalSettings.php

If you have never used a simple text editor, you may want to read up on it. Just Google "unix nano".

Let's change the name of your wiki first. Look for this section near the top:

$wgSitename = "YourWikiName";
$wgMetaNamespace = "YourWikiName";

Change these to the name of your wiki.

Next, a few lines down is this:

## The protocol and server name to use in fully-qualified URLs
$wgServer = "http://00.00.00.00";

This must be changed to the IP address of your server. You can find this on your Instances page in your AWS console. Click on your instance, and the info will show up below it.

You can save the file at this point by using ctrl-x and entering a "y" for yes. At this point, your wiki should load if you point your web browser to the ip address. Please note you will have to specify a plain http connection, not https. Your browser will probably warn you the connection is unsecure, it's OK we will change this later to be secure.

As long as your wiki page loads, you're good so far! But we're not out of the woods yet, all the passwords and secret stuff needs to be changed as anyone who has this snapshot knows all of your passwords(not secure!)

Securing your server

Here is a list of things to change from the command line via SSH:

• MySQL (or MariaDB):
  • There is no access to the mysql root user, so no need to change it.
  • Create a new user (there isn't one at install)
  • Grant all privileges on database "my_wiki" to new user
• edit LocalSettings "#Database Settings" section to reflect these changes
• Admin user password ("Admin12345" at install)
  • Use the php script ChangePassword.php in the /maintenance directory to change the Admin password so you can log-in to the wiki.
• Change the secret key for the SecureHTML extension at the bottom of LocalSettings.php to a string of your own choosing

Open your Wiki for new users

• Edit LocalSettings.php
  • Change the $wgGroupPermissions to allow account creation

Warning: This shouldn't be left on more than a couple days. Bots will find you!