This document describes the clean, reproducible installation workflow for deploying a new MediaWiki instance (newMW) on the existing 3‑VM infrastructure. The installation is intentionally split into two phases:

• Phase 1: Local installation and testing on VM1 (no reverse‑proxy required)
• Phase 2: Public exposure through VM3 (nginx reverse‑proxy)

This staged approach allows safe testing before the wiki becomes accessible from the internet.

All commands in this section are executed on VM2.

mysql -u root -p

CREATE DATABASE newwiki
  CHARACTER SET utf8mb4
  COLLATE utf8mb4_unicode_ci;

Replace VM1-IP with the internal Hyper‑V IP of the web server.

CREATE USER 'newwikiuser'@'VM1-IP' IDENTIFIED BY 'strongpassword';

GRANT ALL PRIVILEGES ON newwiki.* TO 'newwikiuser'@'VM1-IP';
FLUSH PRIVILEGES;

EXIT;

All commands below are executed on VM1.

mkdir /var/www/newMW

cd /var/www

Download the latest LTS tarball (example: 1.43.8):

wget https://releases.wikimedia.org/mediawiki/1.43/mediawiki-1.43.8.tar.gz

Extract the archive. This creates a directory such as mediawiki-1.43.8/.

tar -xvzf mediawiki-1.43.8.tar.gz

Move normal files:

mv mediawiki-1.43.8/* newMW/

Move hidden files (e.g. .htaccess):

mv mediawiki-1.43.8/.* newMW/ 2>/dev/null

Remove the now‑empty extraction directory:

rmdir mediawiki-1.43.8

Remove the tarball:

rm mediawiki-1.43.8.tar.gz

Use the preferred ownership model to allow editing via VS Code while keeping Apache fully functional.

chown -R mngr:apache /var/www/newMW

chmod -R g+w /var/www/newMW

Directories:

find /var/www/newMW -type d -exec chmod 775 {} \;

Files:

find /var/www/newMW -type f -exec chmod 664 {} \;

Ensures new files created inside inherit the apache group.

chmod g+s /var/www/newMW

Apache does not automatically listen on new ports defined in VirtualHost blocks. The port must be explicitly enabled in the main configuration.

Open the file:

/etc/httpd/conf/httpd.conf

Locate the existing Listen directive:

Listen 80

Add the following line directly below it:

Listen 8080

apachectl configtest

Expected output:

Syntax OK

systemctl restart httpd

ss -tlnp | grep httpd

Expected result:

0.0.0.0:80
0.0.0.0:8080

Apache is now ready to serve the temporary local-only vhost on port 8080.

This vhost allows installation and testing without involving the reverse‑proxy.

<VirtualHost *:8080>
    ServerName newmw.local
    DocumentRoot /var/www/newMW

    <Directory /var/www/newMW>
        AllowOverride All
        Require all granted
    </Directory>

    ErrorLog /var/log/httpd/newmw-local-error.log
    CustomLog /var/log/httpd/newmw-local-access.log combined
</VirtualHost>

Restart Apache:

systemctl restart httpd

Access the installer using one of:

• http://VM1-IP:8080
• http://newmw.local:8080 (if added to /etc/hosts)

Complete the installation.

The installer will generate a LocalSettings.php with:

$wgServer = "http://VM1-IP:8080";

Place the file in:

/var/www/newMW/LocalSettings.php

Before exposing the wiki publicly, verify:

• Page creation
• Editing
• File uploads (if enabled)
• User accounts
• Extensions
• Permissions
• Logging

This phase is isolated and safe.

Only after local testing is complete, add the nginx server block:

server {
    listen 80;
    server_name newwiki.example.com;

    location / {
        proxy_pass http://VM1-IP:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

Reload nginx:

systemctl reload nginx

Change:

$wgServer = "https://newwiki.example.com";

Optionally:

$wgCanonicalServer = "https://newwiki.example.com";

• Public URL loads correctly
• /wiki/Main_Page resolves
• Editing works
• Uploads work
• No rewrite errors in Apache logs
• nginx proxies correctly
• MariaDB connections succeed

This procedure installs MediaWiki in two safe phases:

• Phase 1: Local installation and validation on VM1
• Phase 2: Public exposure through VM3

This staged approach avoids dependency on the reverse‑proxy during installation and allows controlled, low‑risk rollout.