#!/bin/bash # Firefrost Gaming - Wiki.js "The Codex" Deployment (Services 4a & 4b) # Deploys: subscribers.firefrostgaming.com/codex + staff.firefrostgaming.com/codex # Date: February 9, 2026 # Method: Single Wiki.js instance, dual domains, /codex path, role-based access set -e echo "=== Wiki.js 'The Codex' Deployment Started ===" echo "Timestamp: $(date)" # Variables WIKIJS_VERSION="2.5.303" INSTALL_DIR="/opt/wikijs" DATA_DIR="/var/lib/wikijs" SERVICE_USER="wikijs" IP_ADDRESS="74.63.218.205" SUBSCRIBER_DOMAIN="subscribers.firefrostgaming.com" STAFF_DOMAIN="staff.firefrostgaming.com" echo "Step 1: Installing Node.js 18..." curl -fsSL https://deb.nodesource.com/setup_18.x | bash - apt-get install -y nodejs echo "Step 2: Creating system user..." useradd -r -s /bin/false $SERVICE_USER || echo "User already exists" echo "Step 3: Creating directories..." mkdir -p $INSTALL_DIR $DATA_DIR cd $INSTALL_DIR echo "Step 4: Downloading Wiki.js $WIKIJS_VERSION..." wget https://github.com/Requarks/wiki/releases/download/v${WIKIJS_VERSION}/wiki-js.tar.gz tar xzf wiki-js.tar.gz rm wiki-js.tar.gz echo "Step 5: Creating Wiki.js configuration..." cat > config.yml << 'WIKICFG' port: 3000 bindIP: 127.0.0.1 db: type: sqlite storage: /var/lib/wikijs/database.sqlite logLevel: info dataPath: /var/lib/wikijs WIKICFG echo "Step 6: Setting permissions..." chown -R $SERVICE_USER:$SERVICE_USER $INSTALL_DIR $DATA_DIR echo "Step 7: Creating systemd service..." cat > /etc/systemd/system/wikijs.service << 'SYSTEMD' [Unit] Description=Wiki.js - The Codex After=network.target [Service] Type=simple User=wikijs ExecStart=/usr/bin/node server WorkingDirectory=/opt/wikijs Restart=always RestartSec=10 [Install] WantedBy=multi-user.target SYSTEMD echo "Step 8: Starting Wiki.js service..." systemctl daemon-reload systemctl enable wikijs systemctl start wikijs echo "Step 9: Waiting for Wiki.js to initialize..." sleep 10 echo "Step 10: Creating Nginx config for subscribers.firefrostgaming.com..." cat > /etc/nginx/sites-available/subscribers.firefrostgaming.com << 'NGINX1' server { listen 74.63.218.205:80; server_name subscribers.firefrostgaming.com; location / { return 301 https://$server_name$request_uri; } } server { listen 74.63.218.205:443 ssl http2; server_name subscribers.firefrostgaming.com; # SSL certificates (configured by certbot) # Root redirect to /codex location = / { return 301 https://$server_name/codex; } # The Codex (Wiki.js) location /codex/ { proxy_pass http://127.0.0.1:3000/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_read_timeout 86400; } } NGINX1 echo "Step 11: Creating Nginx config for staff.firefrostgaming.com..." cat > /etc/nginx/sites-available/staff.firefrostgaming.com << 'NGINX2' server { listen 74.63.218.205:80; server_name staff.firefrostgaming.com; location / { return 301 https://$server_name$request_uri; } } server { listen 74.63.218.205:443 ssl http2; server_name staff.firefrostgaming.com; # SSL certificates (configured by certbot) # Root redirect to /codex location = / { return 301 https://$server_name/codex; } # The Codex (Wiki.js) location /codex/ { proxy_pass http://127.0.0.1:3000/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_read_timeout 86400; } } NGINX2 echo "Step 12: Enabling Nginx sites..." ln -sf /etc/nginx/sites-available/subscribers.firefrostgaming.com /etc/nginx/sites-enabled/ ln -sf /etc/nginx/sites-available/staff.firefrostgaming.com /etc/nginx/sites-enabled/ echo "Step 13: Testing Nginx configuration..." nginx -t echo "Step 14: Restarting Nginx..." systemctl restart nginx echo "Step 15: Configuring UFW firewall..." ufw allow in on ens3 to $IP_ADDRESS port 80 proto tcp ufw allow in on ens3 to $IP_ADDRESS port 443 proto tcp ufw reload echo "Step 16: Installing SSL certificates..." certbot --nginx -d $SUBSCRIBER_DOMAIN -d $STAFF_DOMAIN --non-interactive --agree-tos --email mkrause612@gmail.com --redirect echo "Step 17: Verification checks..." echo "Wiki.js service status:" systemctl status wikijs --no-pager echo "Port 3000 listening:" ss -tlnp | grep 3000 echo "Nginx configuration:" nginx -t echo "SSL certificates:" certbot certificates | grep -A2 $SUBSCRIBER_DOMAIN echo "=== Wiki.js 'The Codex' Deployment Complete ===" echo "" echo "Subscriber Codex: https://$SUBSCRIBER_DOMAIN/codex" echo "Staff Codex: https://$STAFF_DOMAIN/codex" echo "Root domains auto-redirect to /codex" echo "" echo "FIRST-TIME SETUP:" echo "1. Browse to either URL above" echo "2. Complete Wiki.js administrator setup" echo "3. Email: mkrause612@gmail.com" echo "4. Password: Butter2018!!" echo "5. Site URL: https://subscribers.firefrostgaming.com (or staff - doesn't matter for single instance)" echo "" echo "POST-SETUP TASKS:" echo "1. Create 'Subscribers' group with read-only permissions" echo "2. Create 'Staff' group with edit permissions" echo "3. Create 'Admin' group with full permissions" echo "4. Configure different home pages or content permissions per group" echo "5. Set up authentication (local users Phase 1, webhook automation Phase 2)" echo "" echo "Database: SQLite at $DATA_DIR/database.sqlite" echo "Service: systemctl status wikijs" exit 0