We are considering uploading the Dokuwiki files to a new repository in Github to enable streamlining Debian builds.
See this post please
https://forum.dokuwiki.org/thread/16158 Request to move/copy Wiki to Github for streamlining Debian Packaging
I am unfamiliar with this process and would like to know if there is a problem with exposing login and access codes if we are doing this.
I would like to upload only "Public" pages to github and if there is something I should do to protect the admin and manager/editor logins that would be very useful to know.
Is it the exact same thing as creating a backup? Is a backup safe insofar as security and access?
Thank you.
Leamas suggested:
Adding conf/acl.auth.php, to .gitignore should remove all ACL:s on the replicated repo if I get it right.
Likewise, adding conf/acl.auth.php, to .gitignore should remove all ACL:s on the replicated repo if I git it right.
I would do something like:
$ cd /wherever/docuwiki/data
$ echo conf/acl_auth.php > .gitignore
$ echo conf/users.auth.php >> .gitignore
$ git add .
$ git commit -am "Initial release"
$ git ls-files # check that acl_auth.php and users.auth.php are not listed
$ git remote add origin
https://my-repo-address
$ git push --set-upstream origin master
Would this solve the security problem? - can I just delete those files and dokuwiki will make new ones?
Now I don't think so after some reading.
I've been reading to get my head around this.
https://www.dokuwiki.org/install:permissions
https://www.dokuwiki.org/acl
https://www.dokuwiki.org/faq:regdisable
I am still unclear what to do.
1. How to have the github copy: as everyone read, anyone edit? -With none of the ACL passwords in it. Who is admin?
I think this would be an opensource setup.
2. How to have the github copy be read only?