May 21, 2020
BookStack is a free and open source Wiki software. Its powerful markdown editor and ease of use has made it a popular alternative to software such as DokuWiki and Wiki.js. It is also very easy to setup and get running. In this article I will show you how to install and configure BookStack to work on Ubuntu Server 20.04 with an SSL certificate from LetsEncrypt.
The first thing you need to do is install Ubuntu Server 20.04 on any platform of your choice. Personally I use Linode, however any provider or even self-hosting would work just fine for this.
Once that is complete we can move onto installing BookStack itself, this is very easy and these couple of instructions are directly from their Wiki.
# Download the script
wget https://raw.githubusercontent.com/BookStackApp/devops/main/scripts/installation-ubuntu-20.04.sh
# Make it executable
chmod a+x installation-ubuntu-20.04.sh
# Run the script with admin permissions
sudo ./installation-ubuntu-20.04.sh
Enter your domain name that the server will be hosted at when prompted.
Once that completes you should be able to access BookStack in the browser. With the default username being [email protected] and password being password, these should be changed, but first lets setup SSL to make secure.
First thing to do is install certbot and get the certificate generated.
apt install certbot
certbot certonly --webroot --agree-tos --email <your email addreess> -d <your domain> --webroot-path /var/www/bookstack/public
# Finally add the following to your crontab
# 0 0 * * * certbot renew
Once that is done we can configure Apache to use the certificate for Bookstack.
This is what the file should look like before:
<VirtualHost *:80>
ServerName <your domain name>
...
This is after making the required changes: (the only changes required happen above line 10)
<VirtualHost *:80>
ServerName <your domain name>
Redirect permanent / https://<your domain name>/
</VirtualHost>
<VirtualHost *:443>
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/<your domain name>/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/<your domain name>/privkey.pem
ServerName <your domain name>
...
Finally you need to enable SSL on Apache2 and restart the service:
a2enmod ssl
systemctl restart apache2.service
Aaaaaaaand just like that you’re done! Its a fairly simple setup, and below you can find some extra steps for afterwards to help keep it secure.
SESSION_SECURE_COOKIE=true
to /var/www/bookstack/.env
so cookies are only delivered over SSL.