Ubuntu Server + Caddy + Mediawiki

Ubuntu Server 16.04 + Caddy 0.10.2 + Mediawiki 1.28.2

For use on your private LAN (no LetsEncrypt).

sudo ufw limit 22/tcp && sudo ufw allow 80/tcp && sudo ufw allow out 22/tcp && sudo ufw allow out 25/tcp && sudo ufw allow out 53/udp && sudo ufw allow out 80/tcp && sudo ufw deny out to any && sudo ufw enable && sudo ufw status verbose
sudo vim /etc/apt/sources.list

Delete all lines, use these instead:

deb https://mirrors.wikimedia.org/ubuntu/ xenial main restricted universe multiverse
deb https://mirrors.wikimedia.org/ubuntu/ xenial-updates main restricted universe multiverse
deb https://mirrors.wikimedia.org/ubuntu/ xenial-backports main restricted universe multiverse
deb https://mirrors.wikimedia.org/ubuntu/ xenial-security main restricted universe multiverse
sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get dist-upgrade -y && sudo shutdown -r now
sudo apt-get install mysql-server
mysql -u root -p
CREATE DATABASE mediawiki_db DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;

At the least, change the user and password:

GRANT ALL ON mediawiki_db.* TO 'mediawiki_user'@'localhost' IDENTIFIED BY 'mediawiki_pass';
FLUSH PRIVILEGES;
EXIT;
sudo add-apt-repository ppa:ondrej/php
sudo apt-get update && sudo apt-get install php7.1-fpm php7.1-cli php-mysql php7.1-intl php7.1-curl php7.1-gd php7.1-mbstring php7.1-xml
curl https://getcaddy.com | bash && sudo chown root:root /usr/local/bin/caddy && sudo chmod 755 /usr/local/bin/caddy && sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/caddy && sudo mkdir /etc/caddy && sudo chown -R root:www-data /etc/caddy && sudo mkdir /etc/ssl/caddy && sudo chown -R www-data:root /etc/ssl/caddy && sudo chmod 0770 /etc/ssl/caddy
sudo vim /etc/caddy/Caddyfile
*:80 {
        root /var/www/
        log stdout
        errors stderr

header / {
        Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'"
        Referrer-Policy "strict-origin, strict-origin-when-cross-origin"
        X-XSS-Protection "1; mode=block"
        X-Content-Type-Options "nosniff"
        X-Frame-Options "DENY"
        }

fastcgi / /var/run/php/php7.1-fpm.sock {
        ext .php
        split .php
        index index.php
        }

rewrite / {
        to {path} {path}/ /index.php?{query}
        }
}
sudo chown www-data:www-data /etc/caddy/Caddyfile && sudo chmod 444 /etc/caddy/Caddyfile && sudo mkdir /var/www && sudo chown -R www-data:www-data /var/www && sudo chmod -R 555 /var/www && cd /tmp && wget https://releases.wikimedia.org/mediawiki/1.28/mediawiki-1.28.2.tar.gz && tar -xvzf mediawiki-1.28.2.tar.gz && sudo mv mediawiki-1.28.2/* /var/www/ && sudo chown www-data:www-data -R /var/www/
cd ~ && wget https://raw.githubusercontent.com/mholt/caddy/master/dist/init/linux-systemd/caddy.service && sudo cp caddy.service /etc/systemd/system/ && sudo chown root:root /etc/systemd/system/caddy.service && sudo chmod 644 /etc/systemd/system/caddy.service && sudo systemctl daemon-reload && sudo systemctl enable caddy.service && sudo /usr/local/bin/caddy -log stdout -agree=true -conf=/etc/caddy/Caddyfile -root=/var/tmp

Setup Mediawiki by navigating to the internal IP address of the server. Upon completion, download LocalSettings.php then paste its contents to:

sudo vim /var/www/LocalSettings.php

Restart the server:

sudo shutdown -r now

Caddy will automatically start and you can start using your wiki!