In this tutorial, we are going to show you how to install XWiki with Tomcat 9, MariaDB, Nginx as a reverse proxy and Encrypt Let’s.

XWiki is a powerful and robust wiki open-source software. You can learn more about it XWiki on their website.

XWiki server requirements

According to their recommendations, you need a server with at least 1GB of RAM for small and medium-sized installations. You can do this Get one from Jmsolution. For this tutorial, we are using Ubuntu 20.04, but the instructions will work on pretty much any other Debian based distro, although they were only tested on Ubuntu 20.04.

Login as root on your server and follow the steps below.

Step 1: update your system

The first step is to always update your system. To do this, run the following command:

apt-get update
apt-get upgrade

Step 2: Use the .deb XWiki package

To add the XWiki package to your repository, run the following command:

wget -q "" -O- | apt-key add -
wget "" -P /etc/apt/sources.list.d/

Then, update the package list:

apt-get update

The next step is to install XWiki. There are several options on how you can set it up. You can use MariaDB, PostgreSQL or other databases. In this tutorial, we will use Tomcat 9 and MariaDB. Then, run the following command:

apt-get install xwiki-tomcat9-mariadb

And follow the prompts. In most cases, if you don’t know what to choose, stick with the default option. The password you will be prompted for is a new XWiki database password, not the root MariaDB password.

Step 3: Configure Tomcat for XWiki

By default, Tomcat uses much less memory than XWiki requires. To configure memory settings, edit the following file:

nano /etc/default/tomcat9

And update the previously unmodified JAVA_OPTS line.

In this case, we will modify it so that Tomcat uses 1GB of RAM:

JAVA_OPTS="-Djava.awt.headless=true -Xmx1024m"

You can convert it to -Xmx2048m for 2GB RAM etc.

Next, add this line to the same file:


Which will use dev / urandom instead of / dev / random using XWiki, which is very fast and sufficient for the needs of XWiki.

And finally, restart Tomcat:

systemctl restart tomcat9

Step 4: Other Configurations

Open the following file and go to lines 308 and 309:

nano -l /etc/xwiki/xwiki.cfg

Replace the strings / keys with a random one, it can be anything as long as both strings are of the same length.


The next step is to configure XWiki so that it uses HTTPS. Open the following file:

nano -l /etc/tomcat9/server.xml

And find the following line:

<Engine name="Catalina" defaultHost="localhost">

This line should be 132. Add blocks below that line:

<Engine name="Catalina" defaultHost="localhost">
<Valve className="org.apache.catalina.valves.RemoteIpValve"

And save the file.

Step 5: Install Nginx and Certbot

The next step is to install Nginx and Certbot to configure your XWiki so that it uses HTTPS.

First, install Nginx and Certbot with the following command:

apt-get install nginx certbot python3-certbot-nginx

Next, create a server block for your domain (you are yet to set 443):

Create a File:

nano /etc/nginx/conf.d/tomcat.conf

And add the following:

server {
    listen       80;

   # Normally root should not be accessed, however, root should not serve files that might compromise the security of your server. 
    root /var/www/html;

    location / {
        # All "root" requests will have /xwiki appended AND redirected to
        rewrite ^ $scheme://$server_name/xwiki$request_uri? permanent;

    location ^~ /xwiki {
       # If path starts with /xwiki - then redirect to backend: XWiki application in Tomcat
       # Read more about proxy_pass:
       proxy_pass http://localhost:8080;
       proxy_set_header        X-Real-IP $remote_addr;
       proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header        Host $http_host;
       proxy_set_header        X-Forwarded-Proto $scheme;

Be sure to change from your domain. Save and close the file. Check if the configuration is correct:

nginx -t

And resume the gemstone:

systemctl restart nginx

Next, run the certificate to encrypt a certificate for your own domain:

certbot --nginx -d

And follow self-explanatory signs. It is recommended to certify that the certificate takes care of redirection so that you can redirect all your HTTP traffic to HTTPS. Option 2 is when the prompt arrives.

The bot will automatically renew the certificate.

Once you are using a firewall, be sure to modify it with a new port. you can use:

ufw allow 'Nginx Full'
ufw reload

And thats pretty much it! The installation is now complete.

You can navigate to (or whatever your domain is) to complete your installation with the setup wizard.

Now be sure to secure your server, keep a backup, secure XWiki, and configure whatever is needed. You can read their detailed documentation for more information and help.