Most wiki farms are open. This is for flexibility, and ease of setup. But with a little work they don't have to be.
The main thing you need to create a closed farm is a list of wiki names, and the email addresses of the people that should own them.
The first step is to make sure only the right traffic can reach them. This should be done on the server using a reverse proxy. One easy way to set this up is to use nginx like you would for a virtual host setup. You can then direct only the domain names you want at your server.
Would a list of approved farm host names be a good feature to add? <-- I think so. So I proposed a way to add it.
Then you have to create the persona.identity file for each wiki, so that they can't be claimed by anyone else.
To do this for my own wiki, starting in the wiki db directory, I would do this:
mkdir -p ramble.nrn.io/status printf 'nick.niemeir@gmail.com' > ramble.nrn.io/status/persona.identity
If you had a newline separated list of student usernames, in the wiki db directory, and wanted to create wiki's with their user names, only able to be claimed by 'studentusername@school.edu' you could do this:
for i in `cat ./list`; do mkdir -p $i/status && printf "$i"@school.edu > $i/status/persona.identity;done
Possible Nginx Config
One thing to remember about ngnix configuration is that if you only specify a single server it will be treated as the default, so add something like:
server { listen 80 default_server; server_name _; return 444; }
this will cause connections that are not recognised to be simply dropped.
Restricting Site Creation
While we could configure DNS to point *.example.wiki at our site, and have a list of farm sites within the nginx configuration. New sites could then be added to the configuation, and nginx told to reload the configuration.
However, we probably don't want to be editing ngnix configuration each time we want to add a new site, so we will want to use something this:
server { listen 80; server_name example.wiki *.example.wiki; ... }
Though we will not want to point *.example.wiki at our server, as it would allow sites to be created by anybody at will. But, we can use cname entries in our DNS configuration to create new sites within our farm. Couple this with creating a persona.identify for the new site (see above), then the site is created owned by the intended owner.
This second option also potentially eases moving sites around between servers, as well as providing a route for site owners to migrate a site elsewhere as their needs grow.