Mediawiki in Caddy

Help
1

Hello,

I’m new to Caddy and wanted some input if it is possible to run MediaWiki in Caddy+php-fpm, before I start digging into the docs to try to set up everything. So far I wasn’t able to find anything on the Web related to running MediaWiki in Caddy.

Just to note. I tried reverse_proxy with my Let’s Encrypt certs, which works as expected as far as I can tell, but I wanted to avoid the apache layer if possible :slight_smile:

The difficult parts I believe are the rewrites that are set in apache, but also in one of the .htaccess files.

Apache redirects

RewriteRule ^/?w(/.*)?$ %{DOCUMENT_ROOT}/mediawiki/index.php [L]
RewriteRule ^/?$ %{DOCUMENT_ROOT}/mediawiki/index.php [L]

/images/.htaccess contains

<IfModule rewrite_module>
 RewriteEngine On
 RewriteOptions inherit
 # Fix for bug T64289
 Options +FollowSymLinks
</IfModule>

I’m running Gentoo Linux with Caddy 2.4.2, which currently is the latest packaged version.

2

My idea is that I want to document Caddy usage with MediaWiki and also HTTP/3.

3

Please fill out the help topic template.

What exactly isn’t working? What behaviour do you see instead? Use curl -v to make requests and compare what you get. Turn on the debug global option in Caddy to show more information about the rewrites happening.

4

Thanks for the comment. I’ll fill the form out when I get back to the computer.

I’ll probably setup a second test site for MW because of it’s internal url rewrite, which removes the port number, and I don’t want to break the existing site.

What I remember off head is that the rewrite I made was too greedy.

Do you know of a working config for Caddy hosting MediaWiki that I can take a look at? Is it even possible is really what I’m asking :slight_smile: Because if it is known not to work with pretty urls(*) then I will stick to using reverse_proxy for now.

(*) changing http://example.org/w/index.php?title=Page_title into http://example.org/wiki/Page_title

5

Caddy should definitely be able to do this. I’m not aware of anyone trying this yet (no topics on the forums, anyway).

6

1. Caddy version (caddy version):

2.4.2 (latest packaged version in Gentoo)

2. How I run Caddy:

From the command line in /etc/caddy using caddy run (adjacent Caddyfile)

a. System environment:

Gentoo Linux 5.13.12.
Caddy installed through Portage

b. Command:

/etc/caddy # caddy run

c. Service/unit/compose file:

N/A

d. My complete Caddyfile or JSON config:

{
    debug
    #   http_port 60001
    auto_https off
    servers :60000 {
        protocol {
            experimental_http3
        }
    }

    servers [2001:470:28:704::100]:443 {
        protocol {
            experimental_http3
        }
    }
    servers [2001:470:28:704::100]:80 {
        protocol {
        }
    }
}

mirrors.tnonline.net:60000 {
    tls /etc/letsencrypt/live/mirrors.tnonline.net/fullchain.pem /etc/letsencrypt/live/mirrors.tnonline.net/privkey.pem {
    }
    root * /var/www/domains/mirrors.tnonline.net/
    php_fastcgi unix//var/run/php-fpm/fpm-www.socket
    file_server
    encode gzip   
}

wikidev.tnonline.net:443 {
    tls /etc/letsencrypt/live/wikidev.tnonline.net/fullchain.pem /etc/letsencrypt/live/wikidev.tnonline.net/privkey.pem {
    }
    bind 2001:470:28:704::100

    rewrite /w/* /mediawiki/index.php?{query}
    rewrite /* /mediawiki/index.php?{query}

    root * /var/www/domains/wikidev.tnonline.net/htdocs
    php_fastcgi unix//var/run/php-fpm/fpm-wiki.socket
    file_server
}

wikidev.tnonline.net:80 {
    bind 2001:470:28:704::100
    root * /var/www/domains/wikidev.tnonline.net/
    file_server
}

3. The problem I’m having:

The rewrite rules that MediaWiki needs to display https://wikidev.tnonline.net/w/Main_Page instead of https://wikidev.tnonline.net/mediawiki/index.php?title=Page_title do not work properly

Example of curl -i https://wikidev.tnonline.net/mediawiki/images/thumb/f/fb/Swedish_Lake.jpg/300px-Swedish_Lake.jpg

# curl -i https://wikidev.tnonline.net/mediawiki/images/thumb/f/fb/Swedish_Lake.jpg/300px-Swedish_Lake.jpg
HTTP/2 301 
alt-svc: h3=":443"; ma=2592000,h3-34=":443"; ma=2592000,h3-32=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, must-revalidate, max-age=0
content-type: text/html; charset=utf-8
expires: Wed, 15 Sep 2021 09:59:59 GMT
last-modified: Wed, 15 Sep 2021 09:59:59 GMT
location: https://wikidev.tnonline.net/w/Main_Page
server: Caddy
status: 301 Moved Permanently
vary: Accept-Encoding, Cookie
x-content-type-options: nosniff
x-request-id: d5225c727eff6ed27fad7c61
content-length: 0
date: Wed, 15 Sep 2021 09:59:59 GMT


# caddy run
2021/09/15 09:59:41.353 INFO    using adjacent Caddyfile
2021/09/15 09:59:41.355 WARN    input is not formatted with 'caddy fmt' {"adapter": "caddyfile", "file": "Caddyfile", "line": 37}
2021/09/15 09:59:41.357 INFO    admin   admin endpoint started  {"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["localhost:2019", "[::1]:2019", "127.0.0.1:2019"]}
2021/09/15 09:59:41.358 INFO    tls.cache.maintenance   started background certificate maintenance      {"cache": "0xc0001d4a80"}
2021/09/15 09:59:41.360 INFO    http    enabling experimental HTTP/3 listener   {"addr": ":60000"}
2021/09/15 09:59:41.360 INFO    tls     cleaning storage unit   {"description": "FileStorage:/root/.local/share/caddy"}
2021/09/15 09:59:41.360 DEBUG   http    starting server loop    {"address": "[::]:60000", "http3": true, "tls": true}
2021/09/15 09:59:41.360 INFO    http    enabling experimental HTTP/3 listener   {"addr": "[2001:470:28:704::100]:443"}
2021/09/15 09:59:41.360 DEBUG   http    starting server loop    {"address": "[2001:470:28:704::100]:443", "http3": true, "tls": true}
2021/09/15 09:59:41.360 DEBUG   http    starting server loop    {"address": "[2001:470:28:704::100]:80", "http3": false, "tls": false}
2021/09/15 09:59:41.360 INFO    autosaved config (load with --resume flag)      {"file": "/root/.config/caddy/autosave.json"}
2021/09/15 09:59:41.360 INFO    serving initial configuration
2021/09/15 09:59:41.361 INFO    tls     finished cleaning storage units
2021/09/15 09:59:59.018 DEBUG   http.handlers.rewrite   rewrote request {"request": {"remote_addr": "[2001:470:df1b::10]:40072", "proto": "HTTP/2.0", "method": "GET", "host": "wikidev.tnonline.net", "uri": "/mediawiki/images/thumb/f/fb/Swedish_Lake.jpg/300px-Swedish_Lake.jpg", "headers": {"User-Agent": ["curl/7.78.0"], "Accept": ["*/*"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "wikidev.tnonline.net"}}, "method": "GET", "uri": "/mediawiki/index.php"}
2021/09/15 09:59:59.018 DEBUG   http.reverse_proxy.transport.fastcgi    roundtrip       {"request": {"remote_addr": "[2001:470:df1b::10]:40072", "proto": "HTTP/2.0", "method": "GET", "host": "wikidev.tnonline.net", "uri": "/mediawiki/index.php", "headers": {"User-Agent": ["curl/7.78.0"], "Accept": ["*/*"], "X-Forwarded-For": ["2001:470:df1b::10"], "X-Forwarded-Proto": ["https"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "wikidev.tnonline.net"}}, "dial": "/var/run/php-fpm/fpm-wiki.socket", "env": {"AUTH_TYPE":"","CONTENT_LENGTH":"","CONTENT_TYPE":"","DOCUMENT_ROOT":"/var/www/domains/wikidev.tnonline.net/htdocs","DOCUMENT_URI":"/mediawiki/index.php","GATEWAY_INTERFACE":"CGI/1.1","HTTPS":"on","HTTP_ACCEPT":"*/*","HTTP_HOST":"wikidev.tnonline.net","HTTP_USER_AGENT":"curl/7.78.0","HTTP_X_FORWARDED_FOR":"2001:470:df1b::10","HTTP_X_FORWARDED_PROTO":"https","PATH_INFO":"","QUERY_STRING":"","REMOTE_ADDR":"2001:470:df1b::10","REMOTE_HOST":"2001:470:df1b::10","REMOTE_IDENT":"","REMOTE_PORT":"40072","REMOTE_USER":"","REQUEST_METHOD":"GET","REQUEST_SCHEME":"https","REQUEST_URI":"/mediawiki/images/thumb/f/fb/Swedish_Lake.jpg/300px-Swedish_Lake.jpg","SCRIPT_FILENAME":"/var/www/domains/wikidev.tnonline.net/htdocs/mediawiki/index.php","SCRIPT_NAME":"/mediawiki/index.php","SERVER_NAME":"wikidev.tnonline.net","SERVER_PROTOCOL":"HTTP/2.0","SERVER_SOFTWARE":"Caddy/(devel)","SSL_CIPHER":"TLS_AES_128_GCM_SHA256","SSL_PROTOCOL":"TLSv1.3"}}
2021/09/15 09:59:59.245 DEBUG   http.handlers.reverse_proxy     upstream roundtrip      {"upstream": "unix//var/run/php-fpm/fpm-wiki.socket", "request": {"remote_addr": "[2001:470:df1b::10]:40072", "proto": "HTTP/2.0", "method": "GET", "host": "wikidev.tnonline.net", "uri": "/mediawiki/index.php", "headers": {"User-Agent": ["curl/7.78.0"], "Accept": ["*/*"], "X-Forwarded-For": ["2001:470:df1b::10"], "X-Forwarded-Proto": ["https"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "wikidev.tnonline.net"}}, "headers": {"Status": ["301 Moved Permanently"], "Last-Modified": ["Wed, 15 Sep 2021 09:59:59 GMT"], "Content-Type": ["text/html; charset=utf-8"], "Location": ["https://wikidev.tnonline.net/w/Main_Page"], "X-Request-Id": ["d5225c727eff6ed27fad7c61"], "X-Content-Type-Options": ["nosniff"], "Vary": ["Accept-Encoding, Cookie"], "Expires": ["Wed, 15 Sep 2021 09:59:59 GMT"], "Cache-Control": ["private, must-revalidate, max-age=0"]}, "status": 301}

4. Error messages and/or full log output:

To long to inline. See paste:
https://paste.tnonline.net/files/RANa4qiyq3xy_caddy-log.txt

5. What I already tried:

I’ve only tried to set the rewrite rule in the Caddyfile.

6. Links to relevant resources:

Website is running on IPv6 only (because I only have 1 ipv4 address and so it conflicts with Apache): https://wikidev.tnonline.net/

Apache vhost config is:

<VirtualHost *:443>
    Protocols       h2 http/1.1
    H2EarlyHints    on
    ServerName      wiki.tnonline.net
    DocumentRoot    /var/www/domains/wiki.tnonline.net/htdocs/
    CustomLog       "/var/log/apache2/wiki.tnonline.net-access_log" vhost_combined
    ErrorLog        "/var/log/apache2/wiki.tnonline.net-error_log"

    AddDefaultCharset UTF-8

    Header  always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
    Header  always set Referrer-Policy "strict-origin"
    Header  always set X-Frame-Options "deny" 
    Header  always set X-XSS-Protection "1; mode=block"
    Header  always set X-Content-Type-Options "nosniff"

    RewriteEngine On
    RewriteRule ^/?w(/.*)?$ %{DOCUMENT_ROOT}/mediawiki/index.php [L]
    RewriteRule ^/?$ %{DOCUMENT_ROOT}/mediawiki/index.php [L]                

    BrotliCompressionQuality 1

    <If "%{HTTP:Accept-encoding} =~  /br/">
        SetOutputFilter BROTLI_COMPRESS
        SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png|web[pm]|woff2|xyz|zip|tar\.gz|7z?)$ no-brotli
    </If>
    <ElseIf "%{HTTP:Accept-encoding} =~  /deflate/">
        SetOutputFilter DEFLATE
        SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png|web[pm]|woff2|xyz|zip|tar\.gz|7z?)$ no-gzip
    </ElseIf>

    <Directory /var/www/domains/wiki.tnonline.net/htdocs>
        ExpiresActive On
        ExpiresDefault A0
        <FilesMatch "^favicon.ico">
            ExpiresDefault "access plus 3 month"
        </FilesMatch>
        DirectoryIndex index.html
        Options -Indexes +FollowSymlinks
        AllowOverride All
        Require all granted
    </Directory>

    AllowEncodedSlashes NoDecode
    <Directory /var/www/domains/wiki.tnonline.net/htdocs/mediawiki>
        ExpiresActive On
        ExpiresDefault A0
        DirectoryIndex index.php
        Options -Indexes +FollowSymlinks
        AllowOverride All
            Require all granted     
    </Directory>

    <FilesMatch "\.php$">
        SetHandler "proxy:unix:/run/php-fpm/fpm-wiki.socket|fcgi://localhost"
    </FilesMatch>
    <Proxy "fcgi://localhost/" enablereuse=on max=20 timeout=60>
    </Proxy>

    <Directory /var/www/domains/wiki.tnonline.net/htdocs/mediawiki/images>
        ExpiresActive On
        ExpiresDefault "access plus 3 months"
        #disable scripts
        AllowOverride None
        # Serve HTML as plaintext, don't execute SHTML
        AddType text/plain .html .htm .shtml
        <FilesMatch "\.ph(p[3457]?s?|tml)$">
            SetHandler None
        </FilesMatch>
    </Directory>
    
    <Directory /var/www/domains/wiki.tnonline.net/htdocs/mediawiki/resources/assets>
        ExpiresActive On
        ExpiresDefault "access plus 2 months"
    </Directory>

    GnuTLSCertificateFile /etc/letsencrypt/live/wiki.tnonline.net/fullchain.pem
    GnuTLSKeyFile /etc/letsencrypt/live/wiki.tnonline.net/privkey.pem
    Include /etc/letsencrypt/options-gnutls-apache.conf
</VirtualHost>
7

That’s not the latest version, and that’s not an official installation method. That package also looks to not use our systemd config. I hate it when distro maintainers do whatever they feel like without contacting us… :roll_eyes:

Please run Caddy as a systemd service, to make sure it restarts properly along with your server. Follow the manual installation steps here:

Also I recommend grabbing the latest version of Caddy from Github or building your own with xcaddy.

Hmm, I think the rewrite you want is this:

@title path_regexp title /w/(.*)
rewrite @title /mediawiki/index.php?title={re.title.1}

The second rewrite doesn’t really make sense, you don’t want to rewrite all requests like that. I’m not totally sure what the goal of that one is.

1 Like
8

Worth mentioning, it’s easier to port an Nginx config to Caddy than it is an Apache one to Caddy. You could take a look at MediaWiki | NGINX (quick google result) and see if it gets you any further. I’ll circle back if you can’t figure it out.

2 Likes
9

Thank you for the tips about nginx. The problem is that I do not know how to write the rewrite rule in Caddy. It does not accept same syntax.

There are two rules because:
One to redirect requests for / to /w/Main_Page
One to rewrite requests for /w/ to /mediawiki/index.php?

As for unsupported version I understand what you say. I will recompile from github releases instead. Also I use openrc and not systemd, but I do not think that is an issue at the moment though.

10

What exactly is the file structure of /var/www/domains/wikidev.tnonline.net/htdocs?

The nginx docs suggest having /mediawiki as part of your site root, and turning on $wgUsePathInfo = TRUE; in your LocalSettings.php file. That way, you have /index.php at the site root, which would simplify things.

Then it seems like all you need is:

@title {
	not file {path} {path}/
	not path /rest.php
	path_regexp title ^/(.*)$
}
rewrite @title /index.php?title={re.title.1}&{query}
11

Thank you.

MediaWiki does not recommend running MW in the webroot. Nevertheless I tried but get the same results as before.

https://wikidev.tnonline.net/

Screenshot_20210915-203343_Opera
Screenshot_20210915-203343_Opera1080×2280 145 KB

12

You’ll need to be more specific. What’s in Caddy’s logs? What requests are failing? Check your browser inspector’s network pane to see which requests are failing.

13

I think I figured it out thanks to your suggestion before. The page is now rendering OK for basic usage.

Still don’t understand how the rewrite rules work, but I am getting there I think :slight_smile:

wikidev.tnonline.net:443 {
    tls /etc/letsencrypt/live/wikidev.tnonline.net/fullchain.pem /etc/letsencrypt/live/wikidev.tnonline.net/privkey.pem {
    }
    bind 2001:470:28:704::100

    @title {
        not file {path} {path}/w/
        not path /mediawiki/rest.php
        path_regexp title ^/(.*)$
    }
    rewrite @title /mediawiki/index.php?title={re.title.1}&{query}

    root * /var/www/domains/wikidev.tnonline.net/htdocs
    php_fastcgi unix//var/run/php-fpm/fpm-wiki.socket
    file_server
}

Mediawiki Localsettings.php

## The URL base path to the directory containing the wiki;
## defaults for all runtime URL paths are based off of this.
## For more information on customizing the URLs
## (like /w/index.php/Page_title to /wiki/Page_title) please see:
## https://www.mediawiki.org/wiki/Manual:Short_URL
$wgScriptPath = "/mediawiki";
$wgScriptExtension = ".php";
$wgArticlePath = "/w/$1";
$wgUsePathInfo = true;


## The protocol and server name to use in fully-qualified URLs
$wgServer = "https://wikidev.tnonline.net";

## The URL path to static resources (images, scripts, etc.)
$wgResourceBasePath = $wgScriptPath;

What is not working is the Visual editor which is throwing an error:

  "code": "apierror-visualeditor-docserver-http",
    "info": "Error contacting the Parsoid/RESTBase server (HTTP 400)",
    "docref": "See https://wikidev.tnonline.net/mediawiki/api.php for API usage. Subscribe to the mediawiki-api-announce mailing list at &lt;https://lists.wikimedia.org/mailman/listinfo/mediawiki-api-announce&gt; for notice of API deprecations and breaking changes."
  }
}

The caddy debug log is:

2021/09/16 06:35:15.993 INFO    using adjacent Caddyfile
2021/09/16 06:35:15.995 WARN    input is not formatted with 'caddy fmt' {"adapter": "caddyfile", "file": "Caddyfile", "line": 37}
2021/09/16 06:35:15.996 INFO    admin   admin endpoint started  {"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["localhost:2019", "[::1]:2019", "127.0.0.1:2019"]}
2021/09/16 06:35:15.997 INFO    tls.cache.maintenance   started background certificate maintenance      {"cache": "0xc0002a6000"}
2021/09/16 06:35:15.998 INFO    http    enabling experimental HTTP/3 listener   {"addr": ":60000"}
2021/09/16 06:35:15.998 DEBUG   http    starting server loop    {"address": "[::]:60000", "http3": true, "tls": true}
2021/09/16 06:35:15.998 INFO    http    enabling experimental HTTP/3 listener   {"addr": "[2001:470:28:704::100]:443"}
2021/09/16 06:35:15.998 DEBUG   http    starting server loop    {"address": "[2001:470:28:704::100]:443", "http3": true, "tls": true}
2021/09/16 06:35:15.998 DEBUG   http    starting server loop    {"address": "[2001:470:28:704::100]:80", "http3": false, "tls": false}
2021/09/16 06:35:15.998 INFO    autosaved config (load with --resume flag)      {"file": "/root/.config/caddy/autosave.json"}
2021/09/16 06:35:15.998 INFO    serving initial configuration
2021/09/16 06:35:15.998 INFO    tls     cleaning storage unit   {"description": "FileStorage:/root/.local/share/caddy"}
2021/09/16 06:35:15.999 INFO    tls     finished cleaning storage units
2021/09/16 06:35:19.991 DEBUG   http.reverse_proxy.transport.fastcgi    roundtrip       {"request": {"remote_addr": "[2001:470:df1b::333]:52318", "proto": "HTTP/2.0", "method": "POST", "host": "wikidev.tnonline.net", "uri": "/mediawiki/api.php", "headers": {"User-Agent": ["Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:92.0) Gecko/20100101 Firefox/92.0"], "Accept": ["application/json, text/javascript, */*; q=0.01"], "Content-Length": ["81"], "Sec-Fetch-Dest": ["empty"], "Sec-Fetch-Mode": ["cors"], "Sec-Fetch-Site": ["same-origin"], "Referer": ["https://wikidev.tnonline.net/mediawiki/index.php?title=Main_Page&action=edit"], "Cookie": ["VEE=visualeditor; my_wikimwuser-sessionId=63c596394bc1200d40ee"], "Te": ["trailers"], "X-Forwarded-For": ["2001:470:df1b::333"], "Accept-Encoding": ["gzip, deflate, br"], "Content-Type": ["application/x-www-form-urlencoded; charset=UTF-8"], "Origin": ["https://wikidev.tnonline.net"], "Cache-Control": ["no-cache"], "X-Forwarded-Proto": ["https"], "Accept-Language": ["en-US,en;q=0.5"], "X-Requested-With": ["XMLHttpRequest"], "Pragma": ["no-cache"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "wikidev.tnonline.net"}}, "dial": "/var/run/php-fpm/fpm-wiki.socket", "env": {"AUTH_TYPE":"","CONTENT_LENGTH":"81","CONTENT_TYPE":"application/x-www-form-urlencoded; charset=UTF-8","DOCUMENT_ROOT":"/var/www/domains/wikidev.tnonline.net/htdocs","DOCUMENT_URI":"/mediawiki/api.php","GATEWAY_INTERFACE":"CGI/1.1","HTTPS":"on","HTTP_ACCEPT":"application/json, text/javascript, */*; q=0.01","HTTP_ACCEPT_ENCODING":"gzip, deflate, br","HTTP_ACCEPT_LANGUAGE":"en-US,en;q=0.5","HTTP_CACHE_CONTROL":"no-cache","HTTP_CONTENT_LENGTH":"81","HTTP_CONTENT_TYPE":"application/x-www-form-urlencoded; charset=UTF-8","HTTP_COOKIE":"VEE=visualeditor; my_wikimwuser-sessionId=63c596394bc1200d40ee","HTTP_HOST":"wikidev.tnonline.net","HTTP_ORIGIN":"https://wikidev.tnonline.net","HTTP_PRAGMA":"no-cache","HTTP_REFERER":"https://wikidev.tnonline.net/mediawiki/index.php?title=Main_Page&action=edit","HTTP_SEC_FETCH_DEST":"empty","HTTP_SEC_FETCH_MODE":"cors","HTTP_SEC_FETCH_SITE":"same-origin","HTTP_TE":"trailers","HTTP_USER_AGENT":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:92.0) Gecko/20100101 Firefox/92.0","HTTP_X_FORWARDED_FOR":"2001:470:df1b::333","HTTP_X_FORWARDED_PROTO":"https","HTTP_X_REQUESTED_WITH":"XMLHttpRequest","PATH_INFO":"","QUERY_STRING":"","REMOTE_ADDR":"2001:470:df1b::333","REMOTE_HOST":"2001:470:df1b::333","REMOTE_IDENT":"","REMOTE_PORT":"52318","REMOTE_USER":"","REQUEST_METHOD":"POST","REQUEST_SCHEME":"https","REQUEST_URI":"/mediawiki/api.php","SCRIPT_FILENAME":"/var/www/domains/wikidev.tnonline.net/htdocs/mediawiki/api.php","SCRIPT_NAME":"/mediawiki/api.php","SERVER_NAME":"wikidev.tnonline.net","SERVER_PROTOCOL":"HTTP/2.0","SERVER_SOFTWARE":"Caddy/(devel)","SSL_CIPHER":"TLS_AES_128_GCM_SHA256","SSL_PROTOCOL":"TLSv1.3"}}
2021/09/16 06:35:20.302 DEBUG   http.handlers.reverse_proxy     upstream roundtrip      {"upstream": "unix//var/run/php-fpm/fpm-wiki.socket", "request": {"remote_addr": "[2001:470:df1b::333]:52318", "proto": "HTTP/2.0", "method": "POST", "host": "wikidev.tnonline.net", "uri": "/mediawiki/api.php", "headers": {"Accept-Language": ["en-US,en;q=0.5"], "X-Requested-With": ["XMLHttpRequest"], "Pragma": ["no-cache"], "User-Agent": ["Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:92.0) Gecko/20100101 Firefox/92.0"], "Accept": ["application/json, text/javascript, */*; q=0.01"], "Content-Length": ["81"], "Sec-Fetch-Dest": ["empty"], "Sec-Fetch-Mode": ["cors"], "Sec-Fetch-Site": ["same-origin"], "Referer": ["https://wikidev.tnonline.net/mediawiki/index.php?title=Main_Page&action=edit"], "Cookie": ["VEE=visualeditor; my_wikimwuser-sessionId=63c596394bc1200d40ee"], "Te": ["trailers"], "X-Forwarded-For": ["2001:470:df1b::333"], "Accept-Encoding": ["gzip, deflate, br"], "Content-Type": ["application/x-www-form-urlencoded; charset=UTF-8"], "Origin": ["https://wikidev.tnonline.net"], "Cache-Control": ["no-cache"], "X-Forwarded-Proto": ["https"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "wikidev.tnonline.net"}}, "headers": {"X-Frame-Options": ["DENY"], "Content-Disposition": ["inline; filename=api-result.json"], "Cache-Control": ["private, must-revalidate, max-age=0"], "X-Request-Id": ["272d9397b8488766f1031583"], "X-Content-Type-Options": ["nosniff"], "Content-Type": ["application/json; charset=utf-8"]}, "status": 200}
2021/09/16 06:35:20.318 DEBUG   http.reverse_proxy.transport.fastcgi    roundtrip       {"request": {"remote_addr": "[2001:470:df1b::333]:52318", "proto": "HTTP/2.0", "method": "GET", "host": "wikidev.tnonline.net", "uri": "/mediawiki/api.php?action=visualeditor&format=json&paction=parse&page=Main_Page&uselang=en-gb&formatversion=2", "headers": {"Sec-Fetch-Site": ["same-origin"], "Pragma": ["no-cache"], "User-Agent": ["Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:92.0) Gecko/20100101 Firefox/92.0"], "Accept-Encoding": ["gzip, deflate, br"], "Cookie": ["VEE=visualeditor; my_wikimwuser-sessionId=63c596394bc1200d40ee"], "Accept-Language": ["en-US,en;q=0.5"], "Referer": ["https://wikidev.tnonline.net/mediawiki/index.php?title=Main_Page&action=edit"], "Te": ["trailers"], "X-Requested-With": ["XMLHttpRequest"], "Cache-Control": ["no-cache"], "X-Forwarded-For": ["2001:470:df1b::333"], "X-Forwarded-Proto": ["https"], "Accept": ["application/json, text/javascript, */*; q=0.01"], "Sec-Fetch-Dest": ["empty"], "Sec-Fetch-Mode": ["cors"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "wikidev.tnonline.net"}}, "dial": "/var/run/php-fpm/fpm-wiki.socket", "env": {"AUTH_TYPE":"","CONTENT_LENGTH":"","CONTENT_TYPE":"","DOCUMENT_ROOT":"/var/www/domains/wikidev.tnonline.net/htdocs","DOCUMENT_URI":"/mediawiki/api.php","GATEWAY_INTERFACE":"CGI/1.1","HTTPS":"on","HTTP_ACCEPT":"application/json, text/javascript, */*; q=0.01","HTTP_ACCEPT_ENCODING":"gzip, deflate, br","HTTP_ACCEPT_LANGUAGE":"en-US,en;q=0.5","HTTP_CACHE_CONTROL":"no-cache","HTTP_COOKIE":"VEE=visualeditor; my_wikimwuser-sessionId=63c596394bc1200d40ee","HTTP_HOST":"wikidev.tnonline.net","HTTP_PRAGMA":"no-cache","HTTP_REFERER":"https://wikidev.tnonline.net/mediawiki/index.php?title=Main_Page&action=edit","HTTP_SEC_FETCH_DEST":"empty","HTTP_SEC_FETCH_MODE":"cors","HTTP_SEC_FETCH_SITE":"same-origin","HTTP_TE":"trailers","HTTP_USER_AGENT":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:92.0) Gecko/20100101 Firefox/92.0","HTTP_X_FORWARDED_FOR":"2001:470:df1b::333","HTTP_X_FORWARDED_PROTO":"https","HTTP_X_REQUESTED_WITH":"XMLHttpRequest","PATH_INFO":"","QUERY_STRING":"action=visualeditor&format=json&paction=parse&page=Main_Page&uselang=en-gb&formatversion=2","REMOTE_ADDR":"2001:470:df1b::333","REMOTE_HOST":"2001:470:df1b::333","REMOTE_IDENT":"","REMOTE_PORT":"52318","REMOTE_USER":"","REQUEST_METHOD":"GET","REQUEST_SCHEME":"https","REQUEST_URI":"/mediawiki/api.php?action=visualeditor&format=json&paction=parse&page=Main_Page&uselang=en-gb&formatversion=2","SCRIPT_FILENAME":"/var/www/domains/wikidev.tnonline.net/htdocs/mediawiki/api.php","SCRIPT_NAME":"/mediawiki/api.php","SERVER_NAME":"wikidev.tnonline.net","SERVER_PROTOCOL":"HTTP/2.0","SERVER_SOFTWARE":"Caddy/(devel)","SSL_CIPHER":"TLS_AES_128_GCM_SHA256","SSL_PROTOCOL":"TLSv1.3"}}
2021/09/16 06:35:20.399 DEBUG   http.handlers.rewrite   rewrote request {"request": {"remote_addr": "[2001:470:28:704::100]:55288", "proto": "HTTP/2.0", "method": "GET", "host": "wikidev.tnonline.net", "uri": "/mediawiki/rest.php/wikidev.tnonline.net/v3/page/html/Main_Page/1056?redirect=false&stash=true", "headers": {"Accept": ["text/html; charset=utf-8; profile=\"https://www.mediawiki.org/wiki/Specs/HTML/2.0.0\""], "Accept-Language": ["en-gb"], "User-Agent": ["VisualEditor-MediaWiki/1.36.0"], "Api-User-Agent": ["VisualEditor-MediaWiki/1.36.0"], "Promise-Non-Write-Api-Action": ["true"], "Content-Length": ["0"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "wikidev.tnonline.net"}}, "method": "GET", "uri": "/mediawiki/index.php?title=mediawiki%2Frest.php%2Fwikidev.tnonline.net%2Fv3%2Fpage%2Fhtml%2FMain_Page%2F1056&redirect=false&stash=true"}
2021/09/16 06:35:20.399 DEBUG   http.reverse_proxy.transport.fastcgi    roundtrip       {"request": {"remote_addr": "[2001:470:28:704::100]:55288", "proto": "HTTP/2.0", "method": "GET", "host": "wikidev.tnonline.net", "uri": "/mediawiki/index.php?title=mediawiki%2Frest.php%2Fwikidev.tnonline.net%2Fv3%2Fpage%2Fhtml%2FMain_Page%2F1056&redirect=false&stash=true", "headers": {"Content-Length": ["0"], "X-Forwarded-For": ["2001:470:28:704::100"], "X-Forwarded-Proto": ["https"], "Accept": ["text/html; charset=utf-8; profile=\"https://www.mediawiki.org/wiki/Specs/HTML/2.0.0\""], "Accept-Language": ["en-gb"], "User-Agent": ["VisualEditor-MediaWiki/1.36.0"], "Api-User-Agent": ["VisualEditor-MediaWiki/1.36.0"], "Promise-Non-Write-Api-Action": ["true"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "wikidev.tnonline.net"}}, "dial": "/var/run/php-fpm/fpm-wiki.socket", "env": {"AUTH_TYPE":"","CONTENT_LENGTH":"0","CONTENT_TYPE":"","DOCUMENT_ROOT":"/var/www/domains/wikidev.tnonline.net/htdocs","DOCUMENT_URI":"/mediawiki/index.php","GATEWAY_INTERFACE":"CGI/1.1","HTTPS":"on","HTTP_ACCEPT":"text/html; charset=utf-8; profile=\"https://www.mediawiki.org/wiki/Specs/HTML/2.0.0\"","HTTP_ACCEPT_LANGUAGE":"en-gb","HTTP_API_USER_AGENT":"VisualEditor-MediaWiki/1.36.0","HTTP_CONTENT_LENGTH":"0","HTTP_HOST":"wikidev.tnonline.net","HTTP_PROMISE_NON_WRITE_API_ACTION":"true","HTTP_USER_AGENT":"VisualEditor-MediaWiki/1.36.0","HTTP_X_FORWARDED_FOR":"2001:470:28:704::100","HTTP_X_FORWARDED_PROTO":"https","PATH_INFO":"","QUERY_STRING":"title=mediawiki%2Frest.php%2Fwikidev.tnonline.net%2Fv3%2Fpage%2Fhtml%2FMain_Page%2F1056&redirect=false&stash=true","REMOTE_ADDR":"2001:470:28:704::100","REMOTE_HOST":"2001:470:28:704::100","REMOTE_IDENT":"","REMOTE_PORT":"55288","REMOTE_USER":"","REQUEST_METHOD":"GET","REQUEST_SCHEME":"https","REQUEST_URI":"/mediawiki/rest.php/wikidev.tnonline.net/v3/page/html/Main_Page/1056?redirect=false&stash=true","SCRIPT_FILENAME":"/var/www/domains/wikidev.tnonline.net/htdocs/mediawiki/index.php","SCRIPT_NAME":"/mediawiki/index.php","SERVER_NAME":"wikidev.tnonline.net","SERVER_PROTOCOL":"HTTP/2.0","SERVER_SOFTWARE":"Caddy/(devel)","SSL_CIPHER":"TLS_AES_128_GCM_SHA256","SSL_PROTOCOL":"TLSv1.3"}}
2021/09/16 06:35:20.409 DEBUG   http.handlers.reverse_proxy     upstream roundtrip      {"upstream": "unix//var/run/php-fpm/fpm-wiki.socket", "request": {"remote_addr": "[2001:470:28:704::100]:55288", "proto": "HTTP/2.0", "method": "GET", "host": "wikidev.tnonline.net", "uri": "/mediawiki/index.php?title=mediawiki%2Frest.php%2Fwikidev.tnonline.net%2Fv3%2Fpage%2Fhtml%2FMain_Page%2F1056&redirect=false&stash=true", "headers": {"Content-Length": ["0"], "X-Forwarded-For": ["2001:470:28:704::100"], "X-Forwarded-Proto": ["https"], "Accept": ["text/html; charset=utf-8; profile=\"https://www.mediawiki.org/wiki/Specs/HTML/2.0.0\""], "Accept-Language": ["en-gb"], "User-Agent": ["VisualEditor-MediaWiki/1.36.0"], "Api-User-Agent": ["VisualEditor-MediaWiki/1.36.0"], "Promise-Non-Write-Api-Action": ["true"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "wikidev.tnonline.net"}}, "headers": {"Status": ["400 Bad Request"], "X-Content-Type-Options": ["nosniff"], "Cache-Control": ["no-cache"], "Content-Type": ["text/html; charset=utf-8"], "Content-Length": ["194"], "X-Request-Id": ["7d4c2e790d81eb7c86b441e5"]}, "status": 400}
2021/09/16 06:35:20.416 DEBUG   http.handlers.reverse_proxy     upstream roundtrip      {"upstream": "unix//var/run/php-fpm/fpm-wiki.socket", "request": {"remote_addr": "[2001:470:df1b::333]:52318", "proto": "HTTP/2.0", "method": "GET", "host": "wikidev.tnonline.net", "uri": "/mediawiki/api.php?action=visualeditor&format=json&paction=parse&page=Main_Page&uselang=en-gb&formatversion=2", "headers": {"Referer": ["https://wikidev.tnonline.net/mediawiki/index.php?title=Main_Page&action=edit"], "Te": ["trailers"], "Accept-Language": ["en-US,en;q=0.5"], "Cache-Control": ["no-cache"], "X-Forwarded-For": ["2001:470:df1b::333"], "X-Requested-With": ["XMLHttpRequest"], "Sec-Fetch-Dest": ["empty"], "Sec-Fetch-Mode": ["cors"], "X-Forwarded-Proto": ["https"], "Accept": ["application/json, text/javascript, */*; q=0.01"], "Accept-Encoding": ["gzip, deflate, br"], "Cookie": ["VEE=visualeditor; my_wikimwuser-sessionId=63c596394bc1200d40ee"], "Sec-Fetch-Site": ["same-origin"], "Pragma": ["no-cache"], "User-Agent": ["Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:92.0) Gecko/20100101 Firefox/92.0"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "wikidev.tnonline.net"}}, "headers": {"Content-Disposition": ["inline; filename=api-result.json"], "Cache-Control": ["private, must-revalidate, max-age=0"], "X-Request-Id": ["9f3eb4e7c62d1d13fbc89a34"], "X-Content-Type-Options": ["nosniff"], "Mediawiki-Api-Error": ["apierror-visualeditor-docserver-http"], "Content-Type": ["application/json; charset=utf-8"], "X-Frame-Options": ["DENY"]}, "status": 200}

I cannot really see anything wrong in the actual URL’s requested. They look the same on the live server as on this. But for some reason the Visual editor is not working. Perhaps it is using some socket connection not working through the reverse_proxy bit?

Caddy: https://wikidev.tnonline.net/w/Main_Page?veaction=edit
Apache: https://wiki.tnonline.net/w/Main_Page?veaction=edit

It may be a MediaWiki configuration error, but hard to tell. The codebase is identical between the Apache and Caddy setup. I’ll check with the guys over at #mediawiki to see if they have any ideas here.

14

This sounds like the PHP script tried to contact another server, but that failed. I’m not seeing a HTTP 400 error in your Caddy logs so I think that’s a separate issue. Does it depend on the domain being the same as some configured value? Did you forget to update that config?

This matcher doesn’t really make sense now, I don’t think you wanted to add w/ there.

The point of the file matcher here is to avoid rewriting requests that have a path that matches a file or directory that exists on disk, so that php_fastcgi or file_server can handle them as-is. For example JS/CSS/images should not get rewritten to index.php. Adding w/ there would break the “directory that exists” part.

The other two matchers are pretty self explanatory I think (although now that I think about it, the rest.php one is probably redundant because file {path} should already cover it). The regexp one captures everything after the leading slash and uses it as the title query param, and then re-adds any existing query from the request at the end.

15

I decided I wanted to keep the /w in the URL so that external links to the page do not break. So the URL should look like https://wikidev.tnonline.net/w/Main_Page except for direct usage of files in /mediawiki/ as they should be served as is.

# ll /var/www/domains/wikidev.tnonline.net/htdocs/
total 1080
drwxr-xr-x 1 wiki   apache    430 15 sep 10.02 ./
drwxr-xr-x 1 apache apache     68 15 sep 10.02 ../
-rw-r--r-- 1 wiki   apache  67646  7 jul  2020 favicon.ico
-rw-r--r-- 1 wiki   apache      0 17 jul  2020 index.html
drwxr-xr-x 1 wiki   apache    692 30 maj 09.39 mediawiki/
-rw-r--r-- 1 wiki   apache    210  4 jul 00.49 robots.txt
-rw-r--r-- 1 wiki   apache    647 14 sep 18.20 sitemap-index-my_wiki.xml
-rw-r--r-- 1 wiki   apache   9702 14 sep 18.20 sitemap-my_wiki-NS_0-0.xml
-rw-r--r-- 1 wiki   apache    955 14 sep 18.20 sitemap-my_wiki-NS_14-0.xml
-rw-r--r-- 1 wiki   apache    899 14 sep 18.20 sitemap-my_wiki-NS_4-0.xml
-rw-r--r-- 1 wiki   apache   9741 14 sep 18.20 sitemap-my_wiki-NS_6-0.xml
lrwxrwxrwx 1 wiki   apache     25 14 sep 18.20 sitemap.xml -> sitemap-index-my_wiki.xml

# ll /var/www/domains/wikidev.tnonline.net/htdocs/mediawiki/
total 1584
drwxr-xr-x 1 wiki apache     692 30 maj 09.39 ./
drwxr-xr-x 1 wiki apache     430 15 sep 10.02 ../
-rw-r--r-- 1 wiki apache    4490  8 apr 23.39 api.php
-rw-r--r-- 1 wiki apache  156893 27 maj 20.45 autoload.php
drwxr-xr-x 1 wiki apache      18 30 maj 09.37 cache/
-rw-r--r-- 1 wiki apache     168  8 apr 23.39 CODE_OF_CONDUCT.md
-rw-r--r-- 1 wiki apache    5074 27 maj 20.45 composer.json
-rw-r--r-- 1 wiki apache     102  4 nov  2019 composer.local.json-sample
-rw-r--r-- 1 wiki apache   19421  4 nov  2019 COPYING
-rw-r--r-- 1 wiki apache   13612 27 maj 20.45 CREDITS
drwxr-xr-x 1 wiki apache    1010 30 maj 09.37 docs/
drwxr-xr-x 1 wiki apache     858 18 aug 05.54 extensions/
-rw-r--r-- 1 wiki apache      95  4 nov  2019 FAQ
-rw-r--r-- 1 wiki apache 1247893 27 maj 20.45 HISTORY
drwxr-xr-x 1 wiki apache     122 11 apr 10.50 images/
-rw-r--r-- 1 wiki apache    8245  8 apr 23.39 img_auth.php
drwxr-xr-x 1 wiki apache    3966 30 maj 09.37 includes/
-rw-r--r-- 1 wiki apache    1977  8 apr 23.39 index.php
-rw-r--r-- 1 wiki apache    3612 27 maj 20.45 INSTALL
-rw-r--r-- 1 wiki apache    1430 27 maj 20.45 jsduck.json
drwxr-xr-x 1 wiki apache      88 30 maj 09.37 languages/
-rw-r--r-- 1 wiki apache    1951 27 maj 20.45 load.php
-rwxr--r-- 1 wiki apache    9683 17 sep 11.54 LocalSettings.php*
drwxr-xr-x 1 wiki apache    7988 30 maj 09.48 maintenance/
drwxr-xr-x 1 wiki apache     112 30 maj 09.37 mw-config/
-rw-r--r-- 1 wiki apache    4610  8 apr 23.39 opensearch_desc.php
-rw-r--r-- 1 wiki apache    1525  8 apr 23.39 README.md
-rw-r--r-- 1 wiki apache   45495 27 maj 20.49 RELEASE-NOTES-1.36
drwxr-xr-x 1 wiki apache      50 30 maj 09.37 resources/
-rw-r--r-- 1 wiki apache     998  8 apr 23.39 rest.php
-rw-r--r-- 1 wiki apache     199  4 nov  2019 SECURITY
drwxr-xr-x 1 wiki apache      56 12 aug 16.18 skins/
drwxr-xr-x 1 wiki apache     126 30 maj 09.37 tests/
-rw-r--r-- 1 wiki apache    1439  8 apr 23.39 thumb_handler.php
-rw-r--r-- 1 wiki apache   23581  8 apr 23.39 thumb.php
-rw-r--r-- 1 wiki apache    4544 27 maj 20.45 UPGRADE
drwxr-xr-x 1 wiki apache     380 30 maj 09.37 vendor/

It looks like the problem is still in the rewrite rule/paths. Looking at the debug log we see that it rewrites requests to /mediawiki/rest.php to /mediawiki/index.php?title=...

2021/09/18 07:56:09.990 DEBUG   http.handlers.rewrite   rewrote request
{"request":
	{"remote_addr": "[2001:470:28:704::100]:55312", 
		"proto": "HTTP/2.0", 
		"method": "GET", 
		"host": "wikidev.tnonline.net", 
		"uri": "/mediawiki/rest.php/wikidev.tnonline.net/v3/page/html/Main_Page/1056?redirect=false&stash=true", 
		"headers": {"Content-Length": ["0"], 
			"Accept": ["text/html; charset=utf-8; profile=\"https://www.mediawiki.org/wiki/Specs/HTML/2.0.0\""], 
			"Accept-Language": ["en-gb"], 
			"User-Agent": ["VisualEditor-MediaWiki/1.36.0"], 
			"Api-User-Agent": ["VisualEditor-MediaWiki/1.36.0"], 
			"Promise-Non-Write-Api-Action": ["true"]
			}, 
		"tls": {"resumed": false, 
			"version": 772, 
			"cipher_suite": 4865, 
			"proto": "h2", 
			"proto_mutual": true, 
			"server_name": "wikidev.tnonline.net"
			}
		}, 
	"method": "GET", 
	"uri": "/mediawiki/index.php?title=mediawiki%2Frest.php%2Fwikidev.tnonline.net%2Fv3%2Fpage%2Fhtml%2FMain_Page%2F1056&redirect=false&stash=true"
}
16

This is the Caddyfile that leads to the output. It seems that the not file {path} does not trigger for the rest.php file and so rewrites it according to the rewrite rule.

wikidev.tnonline.net:443 {
    tls /etc/letsencrypt/live/wikidev.tnonline.net/fullchain.pem /etc/letsencrypt/live/wikidev.tnonline.net/privkey.pem {
    }
    bind 2001:470:28:704::100
    @title {
        not file {path} {path}/
        path_regexp title ^/(.*)$
    }
    rewrite @title /mediawiki/index.php?title={re.title.1}&{query}

    root * /var/www/domains/wikidev.tnonline.net/htdocs
    php_fastcgi unix//var/run/php-fpm/fpm-wiki.socket
    file_server
}

Having found this, we can now verify the behaviour using cURL :slight_smile:

# curl -I "https://wikidev.tnonline.net/mediawiki/rest.php/wikidev.tnonline.net/v3/page/html/Main_Page/1056?redirect=false&stash=true"
HTTP/2 404 
alt-svc: h3=":443"; ma=2592000,h3-34=":443"; ma=2592000,h3-32=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, must-revalidate, max-age=0
content-language: en-GB
content-type: text/html; charset=UTF-8
expires: Sat, 18 Sep 2021 09:23:05 GMT
server: Caddy
status: 404 Not Found
vary: Accept-Encoding, Cookie
x-content-type-options: nosniff
x-request-id: 860225681c8322f326cfc00a
date: Sat, 18 Sep 2021 09:23:05 GMT

Caddy debug output:

2021/09/18 09:20:16.622 DEBUG   http.handlers.rewrite   rewrote request
{
	"request":
	{
		"remote_addr": "[2001:470:df1b::10]:48184",
		"proto": "HTTP/2.0",
		"method": "GET",
		"host": "wikidev.tnonline.net",
		"uri": "/mediawiki/rest.php/wikidev.tnonline.net/v3/page/html/Main_Page/1056?redirect=false&stash=true",
		"headers": {
			"User-Agent": ["curl/7.78.0"],
			"Accept": ["*/*"]
		},
		"tls": {
			"resumed": false,
			"version": 772,
			"cipher_suite": 4865,
			"proto": "h2",
			"proto_mutual": true,
			"server_name": "wikidev.tnonline.net"
		}
	},
	"method": "GET",
	"uri": "/mediawiki/index.php?title=mediawiki%2Frest.php%2Fwikidev.tnonline.net%2Fv3%2Fpage%2Fhtml%2FMain_Page%2F1056&redirect=false&stash=true"
}

I’m thinking that the issue is that the file {path} matcher does not understand that /mediawiki/rest.php/wikidev.tnonline.net/v3/page/html/Main_Page/1056?redirect=false&stash=true is not a real file (/mediawiki/rest.php). We need another matcher that works on the request URI instead.

17

Ah, right. Small adjustment to the matcher:

    @title {
        not file {
            try_files {path} {path}/
            split_path .php
        }
        path_regexp title ^/(.*)$
    }

The split_path .php part is how php_fastcgi does it – see the expanded form. Basically it matches on the first .php part in the path, and uses the left-hand part to do the file lookup, storing the right-hand part as the PATH_INFO. In this case, it’s just to make sure paths to PHP files that append a path after the filename don’t get rewritten.

1 Like
18

Thanks! It works much better now :slight_smile: However it does not redirect https://wikidev.tnonline.net/ to https://wikidev.tnonline.net/w/Main_Page.

I tried another way that also works, replacing the files matcher with path. It isn’t as elegant as your suggestion, but it allows for the / → /w/Main_Page rewrite. Maybe this is a too greedy (not) match which could cause other issues or security problems? What do you think?

    @title {
        not path /mediawiki/* OR /resources/* OR /images/*
        path_regexp title ^/(.*)$
    }
19

Remove the OR, that’s not valid. When passing multiple arguments to path, they’re all OR’d, i.e. “if any of these paths match”

not path /mediawiki/* /resources/* /images/*

You can explicitly do that with:

redir / /w/Main_Page
1 Like
20

Would the following be the same?

@title {
   not path /mediawiki/* /resources/* /images/*
}

@title {
   not path /mediawiki/*
   not path /resources/*
   not path /images/*
}

Thanks foir the redir. This works great with your original suggestion. Thank you very much for your help.

wikidev.tnonline.net:443 {
    tls /etc/letsencrypt/live/wikidev.tnonline.net/fullchain.pem /etc/letsencrypt/live/wikidev.tnonline.net/privkey.pem {
    }
    bind 2001:470:28:704::100
    encode gzip
#   @title {
#       not path /mediawiki/* /resources/* /images/*
#       path_regexp title ^/(.*)$
#   }
    @title {
        not file {
            try_files {path} {path}/
            split_path .php
        }
        path_regexp title ^/(.*)$
    }
    rewrite @title /mediawiki/index.php?title={re.title.1}&{query}
    redir / /w/Main_Page
    
    root * /var/www/domains/wikidev.tnonline.net/htdocs
    php_fastcgi unix//var/run/php-fpm/fpm-wiki.socket
    file_server
}