An Ansible playbook to provision a secure, private Gollum Wiki instance. Tested on Ubuntu 18.04/20.04.
- HTTPs-enabled via LetsEncrypt/Certbot
- Uses Apache HTTP Server with mod_proxy.
- Authentication via Apache Basic Auth
- UFW Firewall enabled with 443 (SSL) port and rate-limited 22 (SSH) port exposed.
- Updates to wiki entries are automatically pushed to your Github repo storing wiki entries.
First make sure there is a fresh Ubuntu 18.04 or 20.04 instance where you want to install Gollum on. Also, make sure you can ssh in, e.g. running the command ssh root@my-gollum-wiki.com
should be successful.
* If you want your notes to be secret, make sure the repo is set to Private.
For example:
gollum_login_username: jonmbake
gollum_login_password: "ykek88+>Foo"
certbot_contact_email: jonmbake@gmail.com
certbot_domain_name: notes.jonbake.com
github_ssh_repo_url: git@github.com:jonmbake/wiki-notes.git
[prod]
notes.jonbake.com ansible_user=root
ansible-playbook -i inventory site.yml
Towards the end of the playbook, the Github deploy public key will be logged:
Make sure to click Allow write access
- Login with
gollum_login_username
andgollum_login_password
- Create a page and save.
- Verify page is added to Github repo.
Add github_ssh_repo_url
to vars/local. Then run:
vagrant up
Add the logged deploy public key to your Github repo.
Restart gollum:
sudo service gollum restart
View the gollum logs:
tail /var/log/gollum.log
Navigate to local gollum wiki directory:
cd /home/gollum/data
Update gollum configuration:
sudo su gollum
vim /home/gollum/data/gollum-config.rb
- Add web hook so changes made outside of instance are synced