diff options
Diffstat (limited to 'ansible/roles/mediawiki')
-rw-r--r-- | ansible/roles/mediawiki/defaults/main.yml | 2 | ||||
-rw-r--r-- | ansible/roles/mediawiki/files/bin/mw-dump-backup | 9 | ||||
-rw-r--r-- | ansible/roles/mediawiki/files/bin/mw-dump-db | 12 | ||||
-rw-r--r-- | ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.service | 13 | ||||
-rw-r--r-- | ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.timer | 9 | ||||
-rw-r--r-- | ansible/roles/mediawiki/handlers/main.yml | 10 | ||||
-rw-r--r-- | ansible/roles/mediawiki/tasks/main.yml | 177 |
7 files changed, 232 insertions, 0 deletions
diff --git a/ansible/roles/mediawiki/defaults/main.yml b/ansible/roles/mediawiki/defaults/main.yml new file mode 100644 index 0000000..5858563 --- /dev/null +++ b/ansible/roles/mediawiki/defaults/main.yml @@ -0,0 +1,2 @@ +mediawiki__enable_local_composer: no +mediawiki__force_update: no diff --git a/ansible/roles/mediawiki/files/bin/mw-dump-backup b/ansible/roles/mediawiki/files/bin/mw-dump-backup new file mode 100644 index 0000000..eb98d7d --- /dev/null +++ b/ansible/roles/mediawiki/files/bin/mw-dump-backup @@ -0,0 +1,9 @@ +#!/bin/bash + +set -euo pipefail + +exec sudo -u www-data php /usr/share/mediawiki/maintenance/dumpBackup.php \ + --full \ + --include-files \ + --uploads \ + > /opt/mediawiki/backup/content-dump.xml diff --git a/ansible/roles/mediawiki/files/bin/mw-dump-db b/ansible/roles/mediawiki/files/bin/mw-dump-db new file mode 100644 index 0000000..5a6699a --- /dev/null +++ b/ansible/roles/mediawiki/files/bin/mw-dump-db @@ -0,0 +1,12 @@ +#!/bin/bash + +set -euo pipefail + +export PGHOST=$(sed -n 's,^.wgDBserver.*"\([^"]*\)".*,\1,p' /etc/mediawiki/LocalSettings.php) +export PGUDATABASE=$(sed -n 's,^.wgDBname.*"\([^"]*\)".*,\1,p' /etc/mediawiki/LocalSettings.php) +export PGUSER=$(sed -n 's,^.wgDBuser.*"\([^"]*\)".*,\1,p' /etc/mediawiki/LocalSettings.php) +export PGPASSWORD=$(sed -n 's,^.wgDBpassword.*"\([^"]*\)".*,\1,p' /etc/mediawiki/LocalSettings.php) +export PGPORT=$(sed -n 's,^.wgDBport.*"\([^"]*\)".*,\1,p' /etc/mediawiki/LocalSettings.php) + +rm -rf /opt/mediawiki/backup/db +exec pg_dump -b --format directory -f /opt/mediawiki/backup/db diff --git a/ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.service b/ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.service new file mode 100644 index 0000000..a27891e --- /dev/null +++ b/ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.service @@ -0,0 +1,13 @@ +[Unit] +Description=MediaWiki job runner + +[Service] +WorkingDirectory=/opt/mediawiki/mediawiki/maintenance +# 900 is 15 minutes, this task is triggered every 15 minutes +ExecStart=/usr/bin/php runJobs.php --conf ../LocalSettings.php --maxtime=800 --wait +User=www-data +Group=www-data +StandardOutput=journal + +Nice=10 +OOMScoreAdjust=500 diff --git a/ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.timer b/ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.timer new file mode 100644 index 0000000..1d12500 --- /dev/null +++ b/ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.timer @@ -0,0 +1,9 @@ +[Unit] +Description=MediaWiki job runner timer + +[Timer] +OnBootSec=15min +OnUnitActiveSec=10m + +[Install] +WantedBy=timers.target diff --git a/ansible/roles/mediawiki/handlers/main.yml b/ansible/roles/mediawiki/handlers/main.yml new file mode 100644 index 0000000..8735482 --- /dev/null +++ b/ansible/roles/mediawiki/handlers/main.yml @@ -0,0 +1,10 @@ +- name: systemd daemon-reload + become: yes + systemd: + daemon_reload: true + +- name: service restart php-fpm + become: yes + service: + name: php7.0-fpm + state: restarted diff --git a/ansible/roles/mediawiki/tasks/main.yml b/ansible/roles/mediawiki/tasks/main.yml new file mode 100644 index 0000000..6d1850b --- /dev/null +++ b/ansible/roles/mediawiki/tasks/main.yml @@ -0,0 +1,177 @@ +- become: yes + tags: + - mediawiki + - mediawiki-packages + block: + - name: packages + vars: + items: + - composer + - php-apcu + - php-gd + - php-intl + - php-mbstring + - php-pgsql + - php-xml + - php-zip + apt: + name: "{{ items }}" + install_recommends: no + +- become: yes + tags: + - mediawiki + - mediawiki-php + block: + - name: increase maximum file size (for uploads) to 20M + notify: service restart php-fpm + ini_file: + path: /etc/php/7.0/fpm/php.ini + section: PHP + option: "{{ item.option }}" + value: "{{ item.value }}" + with_items: + - option: upload_max_filesize + value: 20M + - option: post_max_size + value: 20M + +- become: yes + tags: + - mediawiki + - mediawiki-clone + block: + - name: mkdir /opt/mediawiki + file: + path: /opt/mediawiki + state: directory + + - name: mkdir /opt/mediawiki/mediawiki + file: + path: /opt/mediawiki/mediawiki + state: directory + owner: www-data + + - name: git clone + become: yes + become_user: www-data + vars: + ansible_ssh_pipelining: true + git: + repo: https://github.com/bitraf/mediawiki + dest: /opt/mediawiki/mediawiki + version: "{{ mediawiki__version }}" + update: "{{ 'yes' if mediawiki__force_update else 'no' }}" + force: "{{ 'yes' if mediawiki__force_update else 'no' }}" + +- become: yes + tags: + - mediawiki + - mediawiki-composer + block: + - name: mkdirs + with_items: + - /var/www/.ansible + - /var/www/.composer + file: + path: "{{ item }}" + state: directory + group: www-data + owner: www-data + + - name: Create composer.local.json + when: mediawiki__composer_require is defined + vars: + content: | + {{ '{ "require": {' }} + {% for k, v in mediawiki__composer_require.items() %} + "{{ k }}": "{{ v }}"{% if not loop.last %},{% endif %} + {% endfor %} + {{ '} }' }} + copy: + dest: /opt/mediawiki/mediawiki/composer.local.json + content: "{{ content | to_nice_json }}" + + - name: run composer + become: yes + become_user: www-data + vars: + ansible_ssh_pipelining: true + composer: + command: update + working_dir: /opt/mediawiki/mediawiki + +- name: "Extensions" + become: yes + tags: + - mediawiki + - mediawiki-extensions + with_items: "{{ mediawiki__extensions }}" + git: + repo: "{{ item.repo }}" + dest: "/opt/mediawiki/mediawiki/extensions/{{ item.dest }}" + version: "{{ item.version }}" + +- become: yes + tags: + - mediawiki + - mediawiki-backup + block: + # TODO: install systemd timer and service to run these + - name: mkdir + file: + state: directory + path: "/opt/mediawiki/backup" + - copy: + src: "{{ item }}" + dest: "/{{ item }}" + mode: a+rx + with_items: + - bin/mw-dump-backup + - bin/mw-dump-db + +- become: yes + tags: + - mediawiki + - mediawiki-config + block: + - file: + path: /etc/mediawiki + state: directory + - file: + dest: /opt/mediawiki/mediawiki/LocalSettings.php + src: /etc/mediawiki/LocalSettings.php + state: link + force: yes + + - name: mediawiki systemd timer + notify: systemd daemon-reload + copy: + src: "systemd/{{ item }}" + dest: "/etc/systemd/system/{{ item }}" + with_items: + - mediawiki-jobqueue.service + - mediawiki-jobqueue.timer + +- meta: flush_handlers + +- become: yes + tags: + - mediawiki + - mediawiki-config + block: + - systemd: + enabled: true + state: started + name: mediawiki-jobqueue.timer + +- become: yes + tags: + - mediawiki + - mediawiki-config + - update-password + block: + - name: LocalSettings.php + template: + dest: /etc/mediawiki + src: "{{ mediawiki__local_settings }}" |