Importing Bitraf's mediawiki

o Some improvements, reusing old backup scripts.

7 files changed, 232 insertions, 0 deletions

diff --git a/ansible/roles/mediawiki/defaults/main.yml b/ansible/roles/mediawiki/defaults/main.yml
new file mode 100644
index 0000000..5858563
--- /dev/null
+++ b/ansible/roles/mediawiki/defaults/main.yml
@@ -0,0 +1,2 @@
+mediawiki__enable_local_composer: no
+mediawiki__force_update: no
diff --git a/ansible/roles/mediawiki/files/bin/mw-dump-backup b/ansible/roles/mediawiki/files/bin/mw-dump-backup
new file mode 100644
index 0000000..eb98d7d
--- /dev/null
+++ b/ansible/roles/mediawiki/files/bin/mw-dump-backup
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+set -euo pipefail
+
+exec sudo -u www-data php /usr/share/mediawiki/maintenance/dumpBackup.php \
+   --full \
+   --include-files \
+   --uploads \
+    > /opt/mediawiki/backup/content-dump.xml
diff --git a/ansible/roles/mediawiki/files/bin/mw-dump-db b/ansible/roles/mediawiki/files/bin/mw-dump-db
new file mode 100644
index 0000000..5a6699a
--- /dev/null
+++ b/ansible/roles/mediawiki/files/bin/mw-dump-db
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+set -euo pipefail
+
+export PGHOST=$(sed -n 's,^.wgDBserver.*"\([^"]*\)".*,\1,p' /etc/mediawiki/LocalSettings.php)
+export PGUDATABASE=$(sed -n 's,^.wgDBname.*"\([^"]*\)".*,\1,p' /etc/mediawiki/LocalSettings.php)
+export PGUSER=$(sed -n 's,^.wgDBuser.*"\([^"]*\)".*,\1,p' /etc/mediawiki/LocalSettings.php)
+export PGPASSWORD=$(sed -n 's,^.wgDBpassword.*"\([^"]*\)".*,\1,p' /etc/mediawiki/LocalSettings.php)
+export PGPORT=$(sed -n 's,^.wgDBport.*"\([^"]*\)".*,\1,p' /etc/mediawiki/LocalSettings.php)
+
+rm -rf /opt/mediawiki/backup/db
+exec pg_dump -b --format directory -f /opt/mediawiki/backup/db
diff --git a/ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.service b/ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.service
new file mode 100644
index 0000000..a27891e
--- /dev/null
+++ b/ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=MediaWiki job runner
+
+[Service]
+WorkingDirectory=/opt/mediawiki/mediawiki/maintenance
+# 900 is 15 minutes, this task is triggered every 15 minutes
+ExecStart=/usr/bin/php runJobs.php --conf ../LocalSettings.php --maxtime=800 --wait
+User=www-data
+Group=www-data
+StandardOutput=journal
+
+Nice=10
+OOMScoreAdjust=500
diff --git a/ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.timer b/ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.timer
new file mode 100644
index 0000000..1d12500
--- /dev/null
+++ b/ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.timer
@@ -0,0 +1,9 @@
+[Unit]
+Description=MediaWiki job runner timer
+
+[Timer]
+OnBootSec=15min
+OnUnitActiveSec=10m
+
+[Install]
+WantedBy=timers.target
diff --git a/ansible/roles/mediawiki/handlers/main.yml b/ansible/roles/mediawiki/handlers/main.yml
new file mode 100644
index 0000000..8735482
--- /dev/null
+++ b/ansible/roles/mediawiki/handlers/main.yml
@@ -0,0 +1,10 @@
+- name: systemd daemon-reload
+  become: yes
+  systemd:
+    daemon_reload: true
+
+- name: service restart php-fpm
+  become: yes
+  service:
+    name: php7.0-fpm
+    state: restarted
diff --git a/ansible/roles/mediawiki/tasks/main.yml b/ansible/roles/mediawiki/tasks/main.yml
new file mode 100644
index 0000000..6d1850b
--- /dev/null
+++ b/ansible/roles/mediawiki/tasks/main.yml
@@ -0,0 +1,177 @@
+- become: yes
+  tags:
+    - mediawiki
+    - mediawiki-packages
+  block:
+    - name: packages
+      vars:
+        items:
+          - composer
+          - php-apcu
+          - php-gd
+          - php-intl
+          - php-mbstring
+          - php-pgsql
+          - php-xml
+          - php-zip
+      apt:
+        name: "{{ items }}"
+        install_recommends: no
+
+- become: yes
+  tags:
+    - mediawiki
+    - mediawiki-php
+  block:
+    - name: increase maximum file size (for uploads) to 20M
+      notify: service restart php-fpm
+      ini_file:
+        path: /etc/php/7.0/fpm/php.ini
+        section: PHP
+        option: "{{ item.option }}"
+        value: "{{ item.value }}"
+      with_items:
+        - option: upload_max_filesize
+          value: 20M
+        - option: post_max_size
+          value: 20M
+
+- become: yes
+  tags:
+    - mediawiki
+    - mediawiki-clone
+  block:
+    - name: mkdir /opt/mediawiki
+      file:
+        path: /opt/mediawiki
+        state: directory
+
+    - name: mkdir /opt/mediawiki/mediawiki
+      file:
+        path: /opt/mediawiki/mediawiki
+        state: directory
+        owner: www-data
+
+    - name: git clone
+      become: yes
+      become_user: www-data
+      vars:
+        ansible_ssh_pipelining: true
+      git:
+        repo: https://github.com/bitraf/mediawiki
+        dest: /opt/mediawiki/mediawiki
+        version: "{{ mediawiki__version }}"
+        update: "{{ 'yes' if mediawiki__force_update else 'no' }}"
+        force: "{{ 'yes' if mediawiki__force_update else 'no' }}"
+
+- become: yes
+  tags:
+    - mediawiki
+    - mediawiki-composer
+  block:
+    - name: mkdirs
+      with_items:
+        - /var/www/.ansible
+        - /var/www/.composer
+      file:
+        path: "{{ item }}"
+        state: directory
+        group: www-data
+        owner: www-data
+
+    - name: Create composer.local.json
+      when: mediawiki__composer_require is defined
+      vars:
+        content: |
+          {{ '{ "require": {' }}
+          {% for k, v in mediawiki__composer_require.items() %}
+            "{{ k }}": "{{ v }}"{% if not loop.last %},{% endif %}
+          {% endfor %}
+          {{ '} }' }}
+      copy:
+        dest: /opt/mediawiki/mediawiki/composer.local.json
+        content: "{{ content | to_nice_json }}"
+
+    - name: run composer
+      become: yes
+      become_user: www-data
+      vars:
+        ansible_ssh_pipelining: true
+      composer:
+        command: update
+        working_dir: /opt/mediawiki/mediawiki
+
+- name: "Extensions"
+  become: yes
+  tags:
+    - mediawiki
+    - mediawiki-extensions
+  with_items: "{{ mediawiki__extensions }}"
+  git:
+    repo: "{{ item.repo }}"
+    dest: "/opt/mediawiki/mediawiki/extensions/{{ item.dest }}"
+    version: "{{ item.version }}"
+
+- become: yes
+  tags:
+    - mediawiki
+    - mediawiki-backup
+  block:
+    # TODO: install systemd timer and service to run these
+    - name: mkdir
+      file:
+        state: directory
+        path: "/opt/mediawiki/backup"
+    - copy:
+        src: "{{ item }}"
+        dest: "/{{ item }}"
+        mode: a+rx
+      with_items:
+        - bin/mw-dump-backup
+        - bin/mw-dump-db
+
+- become: yes
+  tags:
+    - mediawiki
+    - mediawiki-config
+  block:
+    - file:
+        path: /etc/mediawiki
+        state: directory
+    - file:
+        dest: /opt/mediawiki/mediawiki/LocalSettings.php
+        src: /etc/mediawiki/LocalSettings.php
+        state: link
+        force: yes
+
+    - name: mediawiki systemd timer
+      notify: systemd daemon-reload
+      copy:
+        src: "systemd/{{ item }}"
+        dest: "/etc/systemd/system/{{ item }}"
+      with_items:
+        - mediawiki-jobqueue.service
+        - mediawiki-jobqueue.timer
+
+- meta: flush_handlers
+
+- become: yes
+  tags:
+    - mediawiki
+    - mediawiki-config
+  block:
+    - systemd:
+        enabled: true
+        state: started
+        name: mediawiki-jobqueue.timer
+
+- become: yes
+  tags:
+    - mediawiki
+    - mediawiki-config
+    - update-password
+  block:
+    - name: LocalSettings.php
+      template:
+        dest: /etc/mediawiki
+        src: "{{ mediawiki__local_settings }}"