Local Modifications to TWiki

This page documents some notable local behind-the-scenes modifications to the TWiki software. Relevant only to those ServerPeople with SSH access. See also AdminLog for a chronological (as opposed to current-state) view of things.

See also: TWikiFiles, TWikiPerms

File Structure

A new doc subdirectory was created. The documentation present at the top-level (README, LICENSE, and such) were moved to this directory. Various sample files found in misc and bin directories were moved here as well. The now-empty misc directory was removed.

A webroot subdirectory was created for the Apache DocumentRoot. It only holds a single index.html telling people if they can see that file, things are broken.

A static subdirectory was created to contain a handful of static resources that are maintained outside of TWiki. The TWikiFiles page details them.

A etc subdirectory was created to contain resources which need to be readable (not writable) by the TWiki CGI scripts, but outside of web server nominal visibility. Again, see TWikiFiles.

Logs and Log Rotation

A new log subdirectory was created. Twiki was configured to write its log files there (instead of mixing logs in with page data as is the default). This is done in LocalSite.cfg in the various cfg{FooLogName} directives. log/old was also created, and logrotate was configured to rotate files there on a daily basis. (The built-in TWiki log rotation, which rotates monthly, yields unwieldy large log files.) The {Stats}{LogFileGlob} config directive was changed to access.????-??-??-???? (plus path) to match. Log files are separately compressed after 45 days, by the gnhlug_maint script. Since that glob does not match *.xz files, older logs are automagically excluded from consideration by the statistics script.

User Registration

The bin/register CGI script has Apache HTTP authentication placed in front of it, controlled by the etc/reg_htpasswd file. This is done to place a password on the registration process, to block spam robots. The actual password is currently disclosed on the public TWiki website. The theory is that spammers are unlikely to read the instructions to that level of detail. Should this prove inadequate, the password can be changed and only disclosed by email or some other method.

The lib/TWiki.cfg has a 1-line modification to purge the REMOTE_USER variable from the environment, to prevent TWiki from ever using Apache HTTP authentication for TWiki account identification. This is needed because of the password on bin/register as described above. Otherwise, TWiki would pick up the register user from Apache, and think the user was logged in as TWiki user register.

Template Tweaks

Several files in templates/ have been customized to suit our needs. Mainly, this means using our custom contact form (GNHLUG.ContactUs) instead of an email address.

• login.tmpl
• mailresetpassword.tmpl
• messages.tmpl
• registerconfirm.tmpl
• registernotify.tmpl
• twiki.tmpl
• viewbottombar.pattern.tmpl
• watchlistdigestnotify.tmpl
• watchlistimmediatenotify.tmpl