TWiki架设

TWiki的介绍就不多说了，百度百科稍做简要介绍，详细的就进官网：www.twiki.org

下面主要讲配置步骤：

twiki安装文档
1、环境安装：(源码安装)
apr-1.4.5.tar.gz
./configure --prefix=/data/usr/apr
make
make install

apr-util-1.3.12.tar.gz
./configure --with-apr=/data/usr/apr --prefix=/data/usr/apr-util
make
make install

pcre-8.11.tar.gz
./configure --prefix=/data/usr/pcre
make
make install

httpd-2.4.6.tar.gz（./bin/apachectl start 如果启动失败，则需要setenforce 0）
./configure --with-pcre=/data/usr/pcre --with-apr=/data/usr/apr --with-apr-util=/data/usr/apr-util --prefix=/data/usr/httpd
make
make install

php-5.5.1.tar.gz(这个必须安装，否则apache起不来，在configure页面会报错)
./configure --prefix=/data/usr/php5 --with-apxs2=/data/usr/apache/bin/apxs --with-config-file-path=/data/usr/lib --enable-track-vars --with-xml --with-mysql --with-curl --enable-ftp --enable-soap --enable-sockets --enable-mbstring 
make
make install

以下是官方文档对于twiki安装的相关介绍，只作简单翻译：
basic installation
1.Download the TWiki distribution from http://TWiki.org/
2.Unpack the distribution
3.Setup access file and directory rights to enable the webserver user
chown -R apache:apache /path/to/twiki #这里需要将整个解压目录更改为apache权限，同时，apache启动用户必须设置为apache ，如果设置成daemon将报错
4.Check the Perl installation
The default location of Perl is /usr/bin/perl. If it's somewhere else, change the path to Perl in the first line of each script in the twiki/bin directory.
Some systems require a special extension on perl scripts (e.g. .cgi or .pl). This is normally only needed under Windows and only where perl scripts are only recognized by file extension. Linux and Unix users should normally never need to do this. If necessary, rename all files in twiki/bin (i.e. rename view to view.pl etc). If you do this, make sure you set the ScriptSuffix option in configure (Step 6).
5.Create the file LocalLib.cfg located as twiki/bin/LocalLib.cfg
There is a template for this file in twiki/bin/LocalLib.cfg.txt. Simply copy LocalLib.cfg.txt to LocalLib.cfg. Make sure the ownership and access rights of the copy are the same as LocalLib.cfg.txt
The file twiki/bin/LocalLib.cfg must contain a setting for $twikiLibPath, which must point to the absolute directory path of your twiki/lib e.g. /var/www/twiki/lib.
If you need to install additional CPAN modules, but can't update the main Perl installation files on the server, you can set $CPANBASE to point to your personal CPAN install. Don't forget that the webserver user has to be able to read those files as well.
6.Choose best configuration method for your webserver. There are two ways to configure Apache: config file included from httpd.conf or .htaccess files.#twiki 和apache结合的web配置，最好是利用官方提供的网页进行配置，简单方便
Apache config file: The recommended method is using a config file. With a config file you can put the entire（整个） TWiki configuration in ONE file (typically named twiki.conf). Performance（性能） is much better with a config file, and makes setting up a correct and safe installation easier. However using a config file requires that you can restart Apache which again means that you need root or sudo access to stop and start Apache. The TWiki apache config file is included from（包含在） the main Apache config file httpd.conf. Most distributions（分布） have a directory from which any file that ends with .conf gets included when you restart Apache (Example RedHat/Fedora/Centos: /etc/httpd/conf.d). If you use a virtual host setup in Apache you should include the twiki.conf file from inside the desired virtual host config in your Apache configuration.
.htaccess files: This option should only be used when you cannot use a config file. Performance is slowed down because Apache has to look through all directories in search of possible .htaccess files each time someone views a page in TWiki. Normally this is the only way to control Apache in a shared host environment where you have no root or sudo privileges.
7.Configure the webserver
Unless you are an Apache expert（专家） setting up the webserver can be quite difficult. But TWiki has three resources that make setting up Apache easier.
The best and easiest way is to use webpage TWiki:TWiki.ApacheConfigGenerator which contains a tool that can generate a safe and working config file for TWiki on Apache.
In the twiki installation you find an example config file misc/twiki_httpd_conf.txt (nevertheless, it is better to use the generator).
In case you do not have root privileges on the server:
In the root of the twiki installation and in the twiki/bin directory you find example .htaccess files you can copy and modify. The files contains help text explaining how to set them up. In twiki/bin you find .htaccess.txt which can be copied to .htaccess and defined access to the CGI scripts.
In the TWiki misc directory you find pub-htaccess.txt which you can copy to pub/.htaccess, subdir-htaccess.txt which you can copy to all directories as .htaccess except bin and pub, and you find root-htaccess.txt which you can copy to .htaccess in the twiki root directory. But again only use .htaccess files if you do not have root privileges.
If you are unsure about how to do this on your system, see TWiki:TWiki.InstallingTWiki#OtherPlatforms for links to information about various server setups.
Note: When you use config files you need to restart Apache each time you change a setting to make the new setting active.

http://twiki.org/cgi-bin/view/TWiki/ApacheConfigGenerator #官方提供的配置文件生成工具，必须填的以下几项：
Full file path to your twiki root directory (mandatory):完整的文件路径到你的TWiki的根目录下（必选）/data/var/twiki
URL path of the TWiki bin directory containing the scripts (mandatory):包含脚本的TWiki的bin目录的URL路径/do
URL path of the TWiki pub directory containing file attachments (mandatory):包含文件附件（强制）的TWiki的pub目录的URL路径/pub
生成配置文件添加到httpd.conf文件末尾
httpd.conf需要开启模块
IMPORTANT NOTE: Make sure to enable mod_cgi in the primary apache configuration file. #这里尤其注意，需要启动apache的mod_cgi模块，而且这个模块的启动必须是在php安装的时候要添加的。
# We set an environment variable called blockAccess.
#
# Setting a BrowserMatchNoCase to ^$ is important. It prevents TWiki from
# including its own topics as URLs and also prevents other TWikis from
# doing the same. This is important to prevent the most obvious
# Denial of Service attacks.
#
# You can expand this by adding more BrowserMatchNoCase statements to
# block evil browser agents trying the impossible task of mirroring a twiki
在浏览器输入：http://192.168.75.128/do/configure
配置的时候要配置好pub目录和do目录
Loalisation -- Languages -- zh-cn zh-tw勾选


8.Run the configure script from your browser (enter http://yourdomain/do/configure into your browser address bar)
Specify and reenter a password. This is your configure password, as well as the admin user password once TWiki is running.
Note: In case you forgot the password, you can reset it by deleting $TWiki::cfg{Password} from LocalSite.cfg file from {TWIKI_ROOT}/lib directory.
When you run configure for the first time, you can only edit the General Path Settings section. Save these settings, and then return to configure to continue configuration.
Resolve any errors or warnings it tells you about.
If your webserver can be accessed by more than one domain name make sure to add the additional alternative URLs to {PermittedRedirectHostUrls}
When you return to configure you now need to setup Mail and Proxies. Especially the {WebMasterEmail}, and {SMTP}{MAILHOST} must be defined to enable TWiki to send administrative emails, such as for registration and notification of topic changes. Many ISPs have introduced authentication when sending emails to fight spam so you may also have to set {SMTP}{Username} and {SMTP}{Password}. If you do not want to enable mailing or want to enable it later you can uncheck {EnableEmail}.
If you want administrative e-mails to be signed, see S/MIME setup instructions below.
You now have a basic, unauthenticated installation running. At this point you can just point your web browser at http://yourdomain.com/do/view and start TWiki-ing away!


2、Important Server Security Settings
Before you continue any further there are some basic and very important security settings you have to make sure are set correctly.
You absolutely must turn off any kind of PHP, Perl, Python, Server Side Includes etc in the pub directory. TWiki has some built-in protection which renames files with dangerous file names by appending .txt to the file name.(TWiki采用内置保护机制将危险文件重命名为.txt) But this is a secondary security measure. The essential action that you must take is to turn off any possible execution of any of the attached files.
Most Linux distributions have a default Apache installation which has PHP and server side include (SSI) enabled.
Don't put the whole twiki distribution into an HTML document enabled directory. Apache needs to be aware of only two directories: The bin directory should be script enabled, and the pub directory should be HTML document enabled. bin目录放script可执行脚本，pub目录放html脚本
For those who do not have access to the Apache config files, a sample misc/subdir-htaccess.txt file can be copied as .htaccess to the data, lib, locale, templates, tools and working directories.对于控制防止修改apache配置文件，可以将misc/subdir-htaccess.txt复制为.htaccess到data,lib,locale,templates,tools等工作目录
Attachments are not secured by default to the access control setting of the topic. In other words, anyone can read them if they know the direct URL of the attachment, which includes name of the web, topic and attachment. You can configure TWiki to secure attachments.
The TWiki:TWiki.ApacheConfigGenerator as well as the example misc/twiki_httpd_conf.txt and example misc/htaccess.txt files include the needed settings that protect against all 3 security elements.


3、Next Steps
Once you have TWiki installed and running, you might consider the following optional steps for setting up（设置） and customizing（自定义） your TWiki site . Many of the references below refer to topics within your TWiki installation. For example, TWiki.TWikiSkins refers to the TWikiSkins topic in your TWiki web. Easy way to jump directly to view the pages is to open your own TWiki in your browser and write TWiki.TWikiSkins in the Jump test box to the right in the top bar and hit Enter. You can find these topics in the on-line reference copy at the official TWiki website: TWiki-6.0 Release.


4、Enable Authentication of Users启用用户认证
This step provides for site access control（访问控制） and user activity tracking（用户行为追踪） on your TWiki site. This is particularly important for sites that are publicly accessible on the web. This guide describes only the most common of several possible authentication setups for TWiki and is suitable for public web sites. For information about other setups, see TWikiUserAuthentication, and TWiki:TWiki.TWikiUserAuthenticationSupplement.
These are the steps for enabling "Template Login" which asks for a username and password in a web page, and processes them using the Apache 'htpasswd' password manager. Users can log in and log out.
Under the Security Settings pane of configure :
Select TWiki::LoginManager::TemplateLogin for {LoginManager}.
Select TWiki::Users::HtPasswdUser for {PasswordManager}.
Save your configure settings.
Register yourself using the TWikiRegistration topic.
HELP Check that the password manager recognizes the new user. Check that a new line with the username and encrypted password is added to the data/.htpasswd file. If not, you probably got a path wrong, or the permissions may not allow the webserver user to write to that file.
需要手动新建文件.htpasswd，用于保存用户信息，否则用户无法注册(注意文件的权限apache:apache)
Edit a topic (by clicking on the Edit link at beginning or end of topic) to check if authentication works.
You are strongly encouraged to read TWikiUserAuthentication, TWiki:TWiki.TWikiUserAuthenticationSupplement, and TWiki:TWiki.SecuringTWikiSite for further information about managing users and security of your TWiki site.
Note: The other LoginManager option TWiki::LoginManager::ApacheLogin uses a basic Apache type authentication where the browser itself prompts you for username and password. Most will find the TemplateLogin looking nicer. But ApacheLogin is required when you use Apache authentication methods like mod_ldap where all authentication is handled by an Apache module and not by the TWiki perl code. When you use ApacheLogin the apache configuration must be set up to require authentication of the some but not all the scripts in the bin directory. This section in the Apache config (or .htaccess) controls this
<FilesMatch "(attach|edit|manage|rename|save|upload|mail|logon|rest|.*auth).*">
   require valid-user
</FilesMatch>
The TWiki:TWiki.ApacheConfigGenerator includes this section when you choose ApacheLogin. In the example misc/twiki_httpd_conf.txt and bin/.htaccess.txt files this section is commented out with #. Uncomment the section when you use ApacheLogin. It is important that this section is commented out or removed when you use TemplateLogin.


5、Define the Administrator User(s)定义系统管理员
Administrators have read and write access to any topic in TWiki, regardless of TWiki access controls. When you install TWiki one of the first things you will want to do is define yourself as an administrator. You become an administrator simply by adding yourself to the TWikiAdminGroup. It is the WikiName and not the login name you add to the group. Editing the Main.TWikiAdminGroup topic requires that you are an administrator. So to add the first administrator you need to login using the internal TWiki admin user login and the password you defined in configure.
Navigate to the Main.TWikiAdminGroup topic
Follow carefully the steps TWikiAdminGroup of how to become an admin（通过http://192.168.75.128/do/configure初次设置定义admin账户密码）
Note that if you use ApacheLogin you have to be registered and logged in before you use the internal admin login


6、Set TWiki Preferences设定twiki
Preferences for customizing many aspects of TWiki are set simply by editing a special topic with TWiki.
TWikiPreferences. Read through it and identify any additional settings or changes you think you might need. You can edit the settings in TWiki06x00.TWikiPreferences but these will be overwritten when you later upgrade to a newer TWiki version. Instead copy any settings or variables that you want to customize from TWiki06x00.TWikiPreferences and paste them into Main.TWikiPreferences. When you later upgrade TWiki simply avoid overwriting the data/Main/TWikiPreferences.txt file and all your settings will be kept. Settings in Main.TWikiPreferences overrides settings in both TWiki06x00.TWikiPreferences and any settings defined in plugin topics. See notes at the top of TWiki06x00.TWikiPreferences for more information.


7、Enable Email Notification 启用邮件通知
Each TWiki web has an automatic email notification service that sends you an email with links to all of the topics modified since the last alert. To enable this service:
Confirm the Mail and Proxies settings in the Configure interface.
Setup a cron job (or equivalent) to call the tools/mailnotify script as described in the MailerContrib topic.
NOTE: If you are using SELinux you might need to configure it to allow TWiki to send e-mails: 
$ sudo setsebool -P httpd_can_sendmail on 
$ sudo setsebool -P httpd_can_network_connect on


8、Enable Signed Email Notification
TWiki administrative e-mails are an attractive target for SPAM generators and phishing attacks. One good way to protect against this possibility to enable S/MIME signatures on all administrative e-mails. To do this, you need an an X.509 certificate and private key for the the {WebMasterEmail} email account. Obtain these as you would for any other S/MIME e-mail user.
To enable TWiki to sign administrative e-mails:
Enable e-mail as described above
If necessary, convert your certificate and key files to PEM format ( openssl has all the necessary utilities)
Place the certificate anyplace convenient that the webserver can read. It should be protected against write. The conventional place under linux is /etc/pki/tls/certs
Place the key file in a secure location that only the webserver can read. It must not be readable by anyone else, and must not be served by the webserver.
Using the configure script, change the following settings under Mail and Proxies:
Follow the directions under {MailProgram} to enable an external mail program such as sendmail. Net::SMTP is not supported.
Enter the full path to the certificate file in the {SmimeCertificateFile} configuration variable
Enter the full path to the private key file in the {SmimeKeyFile} configuration variable
Save the configuration
Re-run the configure script an resolve any errors that it identifies
All out-going administrative e-mails will now be signed.


TWiki删除用户教程。
TWiki删除用户步骤（假定要删除的用户是DeleteUser）：
编辑 data/.htpasswd 文件，删除以DeleteUser开头的行
在Main.TWikiUsers topic中移除以DeleteUser开头的行
把用户从所在的用户组移除，如果该用户设置了其他 ALLOWWEB/ALLOWTOPIC 等权限，也全部移除。这个是防止其他同名用户注册以后就拥有了原来的权限
（可选）删除topic文件 data/Main/DeleteUser.txt and data/Main/DeleteUser.txt,v