ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Install BookStack on Fedora 27

    IT Discussion
    how to bookstack wiki fedora fedora 27 real instructions guide
    14
    64
    16.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      Obsolesce
      last edited by

      I'll use Bookstack as a wiki when they improve dev...

      https://www.cvedetails.com/cve/CVE-2017-1000462/
      https://github.com/BookStackApp/BookStack/issues/575

      This has been open since October.

      J 1 Reply Last reply Reply Quote 0
      • J
        JaredBusch @Obsolesce
        last edited by

        @tim_g said in Install BookStack on Fedora 27:

        I'll use Bookstack as a wiki when they improve dev...

        https://www.cvedetails.com/cve/CVE-2017-1000462/
        https://github.com/BookStackApp/BookStack/issues/575

        This has been open since October.

        Unless you have untrusted users in the wiki, this is not a serious issue.

        Sure, it needs handled, but you have to be able to author/edit a page in the first place in order to exploit this.

        O J 2 Replies Last reply Reply Quote 0
        • O
          Obsolesce @JaredBusch
          last edited by Obsolesce

          @jaredbusch said in Install BookStack on Fedora 27:

          @tim_g said in Install BookStack on Fedora 27:

          I'll use Bookstack as a wiki when they improve dev...

          https://www.cvedetails.com/cve/CVE-2017-1000462/
          https://github.com/BookStackApp/BookStack/issues/575

          This has been open since October.

          Unless you have untrusted users in the wiki, this is not a serious issue.

          Sure, it needs handled, but you have to be able to author/edit a page in the first place in order to exploit this.

          It's not the severity of it, it's that it's still open. It's that there's not enough development work on it that has me concerned. What's next?

          I know WP has a lot of vulnerabilities listed, but they are all patch, and they are quickly patched.

          It's a shame because Bookstack looks like a winner other than that.

          1 Reply Last reply Reply Quote 0
          • J
            JaredBusch @JaredBusch
            last edited by

            @jaredbusch said in Install BookStack on Fedora 27:

            @tim_g said in Install BookStack on Fedora 27:

            I'll use Bookstack as a wiki when they improve dev...

            https://www.cvedetails.com/cve/CVE-2017-1000462/
            https://github.com/BookStackApp/BookStack/issues/575

            This has been open since October.

            Unless you have untrusted users in the wiki, this is not a serious issue.

            Sure, it needs handled, but you have to be able to author/edit a page in the first place in order to exploit this.

            Also, I cannot replicate, I tried.

            O 1 Reply Last reply Reply Quote 0
            • J
              JaredBusch
              last edited by

              Looks like a misleading report.
              0_1519173031871_6c80a49a-c03f-4a74-9002-68696be105e5-image.png

              1 Reply Last reply Reply Quote 0
              • O
                Obsolesce @JaredBusch
                last edited by

                @jaredbusch said in Install BookStack on Fedora 27:

                @jaredbusch said in Install BookStack on Fedora 27:

                @tim_g said in Install BookStack on Fedora 27:

                I'll use Bookstack as a wiki when they improve dev...

                https://www.cvedetails.com/cve/CVE-2017-1000462/
                https://github.com/BookStackApp/BookStack/issues/575

                This has been open since October.

                Unless you have untrusted users in the wiki, this is not a serious issue.

                Sure, it needs handled, but you have to be able to author/edit a page in the first place in order to exploit this.

                Also, I cannot replicate, I tried.

                Still, I see it as a high-risk software. It's not widely used, the devs are slow, and I doubt big vulnerabilities are will be dealt with appropriately.

                If it's on a VPS for example, there can be a greater potential for server-wide compromising. When it becomes more popular (which I'm sure it will because it seems great), the vulnerabilities will be discovered... and they WILL be taken advantage of.

                I just don't trust putting software on a public server that isn't very widely used, active, and developed. I'd rather wait.

                J 1 Reply Last reply Reply Quote 0
                • J
                  JaredBusch @Obsolesce
                  last edited by

                  @tim_g said in Install BookStack on Fedora 27:

                  @jaredbusch said in Install BookStack on Fedora 27:

                  @jaredbusch said in Install BookStack on Fedora 27:

                  @tim_g said in Install BookStack on Fedora 27:

                  I'll use Bookstack as a wiki when they improve dev...

                  https://www.cvedetails.com/cve/CVE-2017-1000462/
                  https://github.com/BookStackApp/BookStack/issues/575

                  This has been open since October.

                  Unless you have untrusted users in the wiki, this is not a serious issue.

                  Sure, it needs handled, but you have to be able to author/edit a page in the first place in order to exploit this.

                  Also, I cannot replicate, I tried.

                  Still, I see it as a high-risk software. It's not widely used, the devs are slow, and I doubt big vulnerabilities are will be dealt with appropriately.

                  If it's on a VPS for example, there can be a greater potential for server-wide compromising. When it becomes more popular (which I'm sure it will because it seems great), the vulnerabilities will be discovered... and they WILL be taken advantage of.

                  I just don't trust putting software on a public server that isn't very widely used, active, and developed. I'd rather wait.

                  That is a bullshit answer.
                  Your pet issue has been disproved.

                  O 1 Reply Last reply Reply Quote 0
                  • O
                    Obsolesce @JaredBusch
                    last edited by

                    @jaredbusch said in Install BookStack on Fedora 27:

                    @tim_g said in Install BookStack on Fedora 27:

                    @jaredbusch said in Install BookStack on Fedora 27:

                    @jaredbusch said in Install BookStack on Fedora 27:

                    @tim_g said in Install BookStack on Fedora 27:

                    I'll use Bookstack as a wiki when they improve dev...

                    https://www.cvedetails.com/cve/CVE-2017-1000462/
                    https://github.com/BookStackApp/BookStack/issues/575

                    This has been open since October.

                    Unless you have untrusted users in the wiki, this is not a serious issue.

                    Sure, it needs handled, but you have to be able to author/edit a page in the first place in order to exploit this.

                    Also, I cannot replicate, I tried.

                    Still, I see it as a high-risk software. It's not widely used, the devs are slow, and I doubt big vulnerabilities are will be dealt with appropriately.

                    If it's on a VPS for example, there can be a greater potential for server-wide compromising. When it becomes more popular (which I'm sure it will because it seems great), the vulnerabilities will be discovered... and they WILL be taken advantage of.

                    I just don't trust putting software on a public server that isn't very widely used, active, and developed. I'd rather wait.

                    That is a bullshit answer.
                    Your pet issue has been disproved.

                    Not pet issue, just a CVE that I seen... which I did not test. I just assumed vulnerabilities on that site were legit. I guess not.

                    Now I have to question the credibility of every single security vulnerability on that website.

                    I don't have time to test every CVE out there to verify them.

                    Who knows, maybe Bookstack is completely secure with no possibility of a vulnerability. If that's the case, I'll definitly hop on board.

                    1 Reply Last reply Reply Quote 0
                    • I
                      i3
                      last edited by

                      Thank you @JaredBusch for the excellent write up. I followed your instructions (copy and paste after editing the first section only) and did not receive any errors, however when I navigate to fqdn, it directs me to a page cannot be found page. Looking at the url it looks like is is appending the url twice.

                      For example:
                      I enter wiki.example.com
                      and it navigates me to wiki.example.com/http:/wiki.example.com/login

                      If I manually go to wiki.example.com/login I get a login page that is missing images.

                      0_1519247086672_65e63e4c-d9c5-49bd-b0d3-87c79893b894-image.png

                      Any thoughts?

                      J 1 Reply Last reply Reply Quote 0
                      • J
                        JaredBusch @i3
                        last edited by JaredBusch

                        @i3 said in Install BookStack on Fedora 27:

                        Thank you @JaredBusch for the excellent write up. I followed your instructions (copy and paste after editing the first section only) and did not receive any errors, however when I navigate to fqdn, it directs me to a page cannot be found page. Looking at the url it looks like is is appending the url twice.

                        For example:
                        I enter wiki.example.com
                        and it navigates me to wiki.example.com/http:/wiki.example.com/login

                        If I manually go to wiki.example.com/login I get a login page that is missing images.

                        0_1519247086672_65e63e4c-d9c5-49bd-b0d3-87c79893b894-image.png

                        Any thoughts?

                        Check the APP_URL in your .env file.

                        grep APP_URL /var/www/html/bookstack/.env
                        

                        You should see something like this
                        0_1519247534365_6b542851-7a0a-47c5-b781-b4363796142c-image.png

                        1 Reply Last reply Reply Quote 1
                        • I
                          i3
                          last edited by

                          When I did that it showed app_url=http:\wiki.example.com
                          I edited it to show http:// and it is now working- thank you very much for the quick response!

                          I went back to my original file of what I entered in the app_url and I entered 'http:\wiki.example.com'

                          Did I do something wrong?

                          J 1 Reply Last reply Reply Quote 0
                          • J
                            JaredBusch @i3
                            last edited by

                            @i3 said in Install BookStack on Fedora 27:

                            When I did that it showed app_url=http:\wiki.example.com
                            I edited it to show http:// and it is now working- thank you very much for the quick response!

                            I went back to my original file of what I entered in the app_url and I entered 'http:\wiki.example.com'

                            Did I do something wrong?

                            Yes. You have to escape the / with a \ to make the script work.
                            Look at the note I had there.

                            # Note 2: You must escape the // hence \/\/
                            export APP_FQDN='http:\/\/wiki.domain.com'
                            
                            1 Reply Last reply Reply Quote 1
                            • I
                              i3
                              last edited by

                              Got it. I misunderstood and simply removed the two //

                              I understand now.

                              Again, thank you for the great write up and responses!

                              1 Reply Last reply Reply Quote 1
                              • J
                                JaredBusch
                                last edited by

                                Yup, loving it.

                                0_1519341548488_a1ca4829-39ae-40a7-b7d4-e0cf6b87f406-image.png

                                When you export to PDF, you get a log at the bottom too.
                                0_1519341594125_8b620af0-6098-4a71-8ae3-f4af8d2ed2a5-image.png

                                1 Reply Last reply Reply Quote 0
                                • PenguinWranglerP
                                  PenguinWrangler
                                  last edited by

                                  @JaredBusch Nice write-up. I am definitely going to be trying this soon.

                                  1 Reply Last reply Reply Quote 0
                                  • hobbit666H
                                    hobbit666
                                    last edited by

                                    This post is deleted!
                                    1 Reply Last reply Reply Quote 0
                                    • hobbit666H
                                      hobbit666
                                      last edited by

                                      Woop installed and ready to use.

                                      (Does it matter i have no idea what half those commands did, but yet i have a working system 🤔 )

                                      NashBrydgesN 1 Reply Last reply Reply Quote 0
                                      • NashBrydgesN
                                        NashBrydges @hobbit666
                                        last edited by

                                        @hobbit666 said in Install BookStack on Fedora 27:

                                        Woop installed and ready to use.

                                        (Does it matter i have no idea what half those commands did, but yet i have a working system 🤔 )

                                        I guess that was the point of the post, was to make it crazy simple. I suppose whether it matters if you have no idea or not depends on whether you want to learn what those commands do or not 😉

                                        J 1 Reply Last reply Reply Quote 1
                                        • hobbit666H
                                          hobbit666
                                          last edited by hobbit666

                                          Seem to have an issue with pages.
                                          Can add a new one but with no details
                                          0_1519654967201_layout.png

                                          But if i change the heading or add some text both editing the Page or when i first create one i get:-
                                          0_1519655017224_error.png

                                          So creating a New Book and Chapter works fine

                                          hobbit666H 1 Reply Last reply Reply Quote 0
                                          • hobbit666H
                                            hobbit666 @hobbit666
                                            last edited by

                                            @hobbit666 ignore me rebooted now working

                                            1 Reply Last reply Reply Quote 1
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 3 / 4
                                            • First post
                                              Last post