aboutsummaryrefslogtreecommitdiff
path: root/ansible
diff options
context:
space:
mode:
Diffstat (limited to 'ansible')
-rw-r--r--ansible/host_vars/mw/mediawiki.yml21
-rw-r--r--ansible/inventory15
-rw-r--r--ansible/mw.yml20
-rw-r--r--ansible/roles/apache/defaults/main.yml2
-rw-r--r--ansible/roles/apache/handlers/main.yml11
-rw-r--r--ansible/roles/apache/tasks/main.yml32
-rw-r--r--ansible/roles/mediawiki/defaults/main.yml2
-rw-r--r--ansible/roles/mediawiki/files/bin/mw-dump-backup (renamed from ansible/roles/mw-backend/files/bin/mw-dump-backup)2
-rw-r--r--ansible/roles/mediawiki/files/bin/mw-dump-db (renamed from ansible/roles/mw-backend/files/bin/mw-dump-db)0
-rw-r--r--ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.service13
-rw-r--r--ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.timer (renamed from ansible/roles/mw-backend/files/etc/systemd/system/mw-jobqueue.timer)0
-rw-r--r--ansible/roles/mediawiki/handlers/main.yml10
-rw-r--r--ansible/roles/mediawiki/tasks/main.yml177
-rw-r--r--ansible/roles/mw-backend/files/bin/mw-make-backup5
-rw-r--r--ansible/roles/mw-backend/files/etc/systemd/system/mw-jobqueue.service12
-rw-r--r--ansible/roles/mw-backend/handlers/main.yml13
-rw-r--r--ansible/roles/mw-backend/tasks/main.yml164
-rw-r--r--ansible/secrets.yml24
-rw-r--r--ansible/templates/mw/LocalSettings.php (renamed from ansible/roles/mw-backend/templates/etc/mediawiki/LocalSettings.php.j2)54
-rw-r--r--ansible/templates/mw/sites-enabled/000-default.conf (renamed from ansible/roles/mw-backend/files/etc/apache2/sites-enabled/000-default.conf)12
20 files changed, 339 insertions, 250 deletions
diff --git a/ansible/host_vars/mw/mediawiki.yml b/ansible/host_vars/mw/mediawiki.yml
new file mode 100644
index 0000000..cbf416f
--- /dev/null
+++ b/ansible/host_vars/mw/mediawiki.yml
@@ -0,0 +1,21 @@
+mediawiki__version: 1.31.1
+mediawiki__composer_require:
+ mediawiki/parser-hooks: ~1
+ mediawiki/validator: ~2
+ mediawiki/semantic-media-wiki: ~3.0
+ mediawiki/semantic-scribunto: 2.0.0
+ monolog/monolog: 1.22.1
+
+mediawiki__extensions:
+ - repo: https://github.com/wikimedia/mediawiki-extensions-googleAnalytics
+ dest: googleAnalytics
+ version: REL1_31
+ - repo: https://github.com/wikimedia/mediawiki-extensions-CharInsert
+ dest: CharInsert
+ version: REL1_31
+ - repo: https://github.com/wikimedia/mediawiki-extensions-Scribunto
+ dest: Scribunto
+ version: REL1_31
+ - repo: https://github.com/wikimedia/mediawiki-extensions-CodeEditor
+ dest: CodeEditor
+ version: REL1_31
diff --git a/ansible/inventory b/ansible/inventory
index de7c417..38f04d0 100644
--- a/ansible/inventory
+++ b/ansible/inventory
@@ -8,13 +8,20 @@ all:
ansible_host: vs.trygvis.io
arius:
ansible_host: arius.trygvis.io
+ mw:
+ ansible_host: 2a01:7e00:e000:272:2ff:aaff:fe7e:46b4
children:
- via_knot:
+ vm:
hosts:
mw:
- ansible_host: knot.trygvis.io
- ansible_connection: lxc_ssh
- ansible_ssh_extra_args: mw
+ vars:
+ lusers_authorized_keys_exclusive: yes
+ via_knot:
+ hosts:
+# mw:
+# ansible_host: knot.trygvis.io
+# ansible_connection: lxc_ssh
+# ansible_ssh_extra_args: mw
sz-prod:
ansible_host: knot.trygvis.io
ansible_connection: lxc_ssh
diff --git a/ansible/mw.yml b/ansible/mw.yml
index a46385b..dd799c4 100644
--- a/ansible/mw.yml
+++ b/ansible/mw.yml
@@ -19,6 +19,20 @@
extension: SemanticScribunto
roles:
- timezone
+ - lusers
+ - superusers
+ - role: apache
+ apache__template_prefix: mw/
+ apache__template: mw/sites-enabled/000-default.conf
+ - role: mediawiki
+ mediawiki__local_settings: mw/LocalSettings.php
+ mediawiki__wgDBserver: "10.0.3.1"
+ mediawiki__wgDBname: "mediawiki"
+ mediawiki__wgDBuser: "mediawiki"
+ mediawiki__wgDBpassword: "{{ mediawiki_secrets.mediawiki_password }}"
+ mediawiki__wgSecretKey: "{{ mediawiki_secrets.secret_key }}"
+ mediawiki__wgUpgradeKey: "{{ mediawiki_secrets.upgrade_key }}"
+
tasks:
- name: unix-machine
import_role: name=unix-machine
@@ -28,6 +42,6 @@
import_role: name=lxc-machine
tags: lxc-machine
- - name: mw-backend
- include_role: name=mw-backend
- tags: mw-backend
+# - name: mw-backend
+# include_role: name=mw-backend
+# tags: mw-backend
diff --git a/ansible/roles/apache/defaults/main.yml b/ansible/roles/apache/defaults/main.yml
new file mode 100644
index 0000000..e28958f
--- /dev/null
+++ b/ansible/roles/apache/defaults/main.yml
@@ -0,0 +1,2 @@
+apache__template:
+apache__copy:
diff --git a/ansible/roles/apache/handlers/main.yml b/ansible/roles/apache/handlers/main.yml
new file mode 100644
index 0000000..9a5a629
--- /dev/null
+++ b/ansible/roles/apache/handlers/main.yml
@@ -0,0 +1,11 @@
+- name: systemctl reload apache
+ become: yes
+ systemd:
+ name: apache2
+ state: reloaded
+
+- name: systemctl restart apache
+ become: yes
+ systemd:
+ name: apache2
+ state: restarted
diff --git a/ansible/roles/apache/tasks/main.yml b/ansible/roles/apache/tasks/main.yml
new file mode 100644
index 0000000..2bb953d
--- /dev/null
+++ b/ansible/roles/apache/tasks/main.yml
@@ -0,0 +1,32 @@
+- become: yes
+ tags:
+ - apache
+ block:
+ - name: packages
+ vars:
+ items:
+ - apache2
+ apt:
+ name: "{{ items }}"
+ install_recommends: no
+
+- become: yes
+ tags:
+ - apache
+ - apache-config
+ block:
+ - name: "fill /etc/apache2"
+ with_items: "{{ apache__copy }}"
+ when: item is defined and item
+ notify: systemctl reload apache
+ copy:
+ dest: "/etc/apache2/{{ item }}"
+ src: "{{ item }}"
+
+ - name: "fill /etc/apache2"
+ with_items: "{{ apache__template }}"
+ when: item is defined and item
+ notify: systemctl reload apache
+ template:
+ dest: "/etc/apache2/{{ item|replace(apache__template_prefix, '') }}"
+ src: "{{ item }}"
diff --git a/ansible/roles/mediawiki/defaults/main.yml b/ansible/roles/mediawiki/defaults/main.yml
new file mode 100644
index 0000000..5858563
--- /dev/null
+++ b/ansible/roles/mediawiki/defaults/main.yml
@@ -0,0 +1,2 @@
+mediawiki__enable_local_composer: no
+mediawiki__force_update: no
diff --git a/ansible/roles/mw-backend/files/bin/mw-dump-backup b/ansible/roles/mediawiki/files/bin/mw-dump-backup
index 0e21eb2..eb98d7d 100644
--- a/ansible/roles/mw-backend/files/bin/mw-dump-backup
+++ b/ansible/roles/mediawiki/files/bin/mw-dump-backup
@@ -2,7 +2,7 @@
set -euo pipefail
-exec php /usr/share/mediawiki/maintenance/dumpBackup.php \
+exec sudo -u www-data php /usr/share/mediawiki/maintenance/dumpBackup.php \
--full \
--include-files \
--uploads \
diff --git a/ansible/roles/mw-backend/files/bin/mw-dump-db b/ansible/roles/mediawiki/files/bin/mw-dump-db
index 5a6699a..5a6699a 100644
--- a/ansible/roles/mw-backend/files/bin/mw-dump-db
+++ b/ansible/roles/mediawiki/files/bin/mw-dump-db
diff --git a/ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.service b/ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.service
new file mode 100644
index 0000000..a27891e
--- /dev/null
+++ b/ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=MediaWiki job runner
+
+[Service]
+WorkingDirectory=/opt/mediawiki/mediawiki/maintenance
+# 900 is 15 minutes, this task is triggered every 15 minutes
+ExecStart=/usr/bin/php runJobs.php --conf ../LocalSettings.php --maxtime=800 --wait
+User=www-data
+Group=www-data
+StandardOutput=journal
+
+Nice=10
+OOMScoreAdjust=500
diff --git a/ansible/roles/mw-backend/files/etc/systemd/system/mw-jobqueue.timer b/ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.timer
index 1d12500..1d12500 100644
--- a/ansible/roles/mw-backend/files/etc/systemd/system/mw-jobqueue.timer
+++ b/ansible/roles/mediawiki/files/systemd/mediawiki-jobqueue.timer
diff --git a/ansible/roles/mediawiki/handlers/main.yml b/ansible/roles/mediawiki/handlers/main.yml
new file mode 100644
index 0000000..8735482
--- /dev/null
+++ b/ansible/roles/mediawiki/handlers/main.yml
@@ -0,0 +1,10 @@
+- name: systemd daemon-reload
+ become: yes
+ systemd:
+ daemon_reload: true
+
+- name: service restart php-fpm
+ become: yes
+ service:
+ name: php7.0-fpm
+ state: restarted
diff --git a/ansible/roles/mediawiki/tasks/main.yml b/ansible/roles/mediawiki/tasks/main.yml
new file mode 100644
index 0000000..6d1850b
--- /dev/null
+++ b/ansible/roles/mediawiki/tasks/main.yml
@@ -0,0 +1,177 @@
+- become: yes
+ tags:
+ - mediawiki
+ - mediawiki-packages
+ block:
+ - name: packages
+ vars:
+ items:
+ - composer
+ - php-apcu
+ - php-gd
+ - php-intl
+ - php-mbstring
+ - php-pgsql
+ - php-xml
+ - php-zip
+ apt:
+ name: "{{ items }}"
+ install_recommends: no
+
+- become: yes
+ tags:
+ - mediawiki
+ - mediawiki-php
+ block:
+ - name: increase maximum file size (for uploads) to 20M
+ notify: service restart php-fpm
+ ini_file:
+ path: /etc/php/7.0/fpm/php.ini
+ section: PHP
+ option: "{{ item.option }}"
+ value: "{{ item.value }}"
+ with_items:
+ - option: upload_max_filesize
+ value: 20M
+ - option: post_max_size
+ value: 20M
+
+- become: yes
+ tags:
+ - mediawiki
+ - mediawiki-clone
+ block:
+ - name: mkdir /opt/mediawiki
+ file:
+ path: /opt/mediawiki
+ state: directory
+
+ - name: mkdir /opt/mediawiki/mediawiki
+ file:
+ path: /opt/mediawiki/mediawiki
+ state: directory
+ owner: www-data
+
+ - name: git clone
+ become: yes
+ become_user: www-data
+ vars:
+ ansible_ssh_pipelining: true
+ git:
+ repo: https://github.com/bitraf/mediawiki
+ dest: /opt/mediawiki/mediawiki
+ version: "{{ mediawiki__version }}"
+ update: "{{ 'yes' if mediawiki__force_update else 'no' }}"
+ force: "{{ 'yes' if mediawiki__force_update else 'no' }}"
+
+- become: yes
+ tags:
+ - mediawiki
+ - mediawiki-composer
+ block:
+ - name: mkdirs
+ with_items:
+ - /var/www/.ansible
+ - /var/www/.composer
+ file:
+ path: "{{ item }}"
+ state: directory
+ group: www-data
+ owner: www-data
+
+ - name: Create composer.local.json
+ when: mediawiki__composer_require is defined
+ vars:
+ content: |
+ {{ '{ "require": {' }}
+ {% for k, v in mediawiki__composer_require.items() %}
+ "{{ k }}": "{{ v }}"{% if not loop.last %},{% endif %}
+ {% endfor %}
+ {{ '} }' }}
+ copy:
+ dest: /opt/mediawiki/mediawiki/composer.local.json
+ content: "{{ content | to_nice_json }}"
+
+ - name: run composer
+ become: yes
+ become_user: www-data
+ vars:
+ ansible_ssh_pipelining: true
+ composer:
+ command: update
+ working_dir: /opt/mediawiki/mediawiki
+
+- name: "Extensions"
+ become: yes
+ tags:
+ - mediawiki
+ - mediawiki-extensions
+ with_items: "{{ mediawiki__extensions }}"
+ git:
+ repo: "{{ item.repo }}"
+ dest: "/opt/mediawiki/mediawiki/extensions/{{ item.dest }}"
+ version: "{{ item.version }}"
+
+- become: yes
+ tags:
+ - mediawiki
+ - mediawiki-backup
+ block:
+ # TODO: install systemd timer and service to run these
+ - name: mkdir
+ file:
+ state: directory
+ path: "/opt/mediawiki/backup"
+ - copy:
+ src: "{{ item }}"
+ dest: "/{{ item }}"
+ mode: a+rx
+ with_items:
+ - bin/mw-dump-backup
+ - bin/mw-dump-db
+
+- become: yes
+ tags:
+ - mediawiki
+ - mediawiki-config
+ block:
+ - file:
+ path: /etc/mediawiki
+ state: directory
+ - file:
+ dest: /opt/mediawiki/mediawiki/LocalSettings.php
+ src: /etc/mediawiki/LocalSettings.php
+ state: link
+ force: yes
+
+ - name: mediawiki systemd timer
+ notify: systemd daemon-reload
+ copy:
+ src: "systemd/{{ item }}"
+ dest: "/etc/systemd/system/{{ item }}"
+ with_items:
+ - mediawiki-jobqueue.service
+ - mediawiki-jobqueue.timer
+
+- meta: flush_handlers
+
+- become: yes
+ tags:
+ - mediawiki
+ - mediawiki-config
+ block:
+ - systemd:
+ enabled: true
+ state: started
+ name: mediawiki-jobqueue.timer
+
+- become: yes
+ tags:
+ - mediawiki
+ - mediawiki-config
+ - update-password
+ block:
+ - name: LocalSettings.php
+ template:
+ dest: /etc/mediawiki
+ src: "{{ mediawiki__local_settings }}"
diff --git a/ansible/roles/mw-backend/files/bin/mw-make-backup b/ansible/roles/mw-backend/files/bin/mw-make-backup
deleted file mode 100644
index e99b909..0000000
--- a/ansible/roles/mw-backend/files/bin/mw-make-backup
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/bash
-
-set -euo pipefail
-
-exec borg create /opt/mediawiki/borg::mediawiki-{now:%Y%m%d-%H%M%S} /opt/mediawiki/backup
diff --git a/ansible/roles/mw-backend/files/etc/systemd/system/mw-jobqueue.service b/ansible/roles/mw-backend/files/etc/systemd/system/mw-jobqueue.service
deleted file mode 100644
index a944443..0000000
--- a/ansible/roles/mw-backend/files/etc/systemd/system/mw-jobqueue.service
+++ /dev/null
@@ -1,12 +0,0 @@
-[Unit]
-Description=MediaWiki Job runner
-
-[Service]
-WorkingDirectory=/var/lib/mediawiki/maintenance
-ExecStart=/usr/bin/php runJobs.php --maxjobs 100
-User=www-data
-Group=www-data
-StandardOutput=journal
-
-Nice=10
-OOMScoreAdjust=500
diff --git a/ansible/roles/mw-backend/handlers/main.yml b/ansible/roles/mw-backend/handlers/main.yml
deleted file mode 100644
index a8bccb6..0000000
--- a/ansible/roles/mw-backend/handlers/main.yml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-- name: update apt cache
- apt:
- update_cache: yes
-
-- name: reload apache
- service:
- name: apache2
- state: reloaded
-
-- name: systemd daemon-reload
- systemd:
- daemon_reload: true
diff --git a/ansible/roles/mw-backend/tasks/main.yml b/ansible/roles/mw-backend/tasks/main.yml
deleted file mode 100644
index f5d3e67..0000000
--- a/ansible/roles/mw-backend/tasks/main.yml
+++ /dev/null
@@ -1,164 +0,0 @@
----
-- name: apt setup
- tags:
- - mw-backend
- - packages
- block:
- - file:
- dest: /etc/apt/apt.conf.d/99force-ipv4
- state: absent
- - name: configure debian repositories
- notify: update apt cache
- copy:
- dest: /etc/apt/sources.list
- content: |
- deb http://httpredir.debian.org/debian/ stretch main contrib non-free
- deb http://security.debian.org/debian-security stretch/updates main contrib non-free
- deb http://httpredir.debian.org/debian/ stretch-updates main contrib non-free
- deb http://httpredir.debian.org/debian/ stretch-backports main contrib non-free
-
- - meta: flush_handlers
-
-# TODO: Remove, use unix-machine instead
- - name: packages
- apt:
- name: "{{ item }}"
- install_recommends: no
- with_items:
- - git
- - etckeeper
-
-- name: system setup
- tags:
- - mw-backend
- - packages
- block:
- - name: misc packages
- apt:
- name: "{{ item }}"
- install_recommends: no
- with_items:
- - iputils-ping
- - vim-nox
- - host
- - less
- - file:
- dest: /var/www/.ansible
- state: directory
- owner: www-data
- mode: u=rwX,go=
-
-- name: Mediawiki
- tags:
- - mw-backend
- - mediawiki
- block:
- - name: packages
- notify: reload apache
- apt:
- name: "{{ item }}"
- install_recommends: no
- with_items:
- - git
- - php-pgsql
- - php-intl
- - php-gd
- - php-apcu
- - composer
- - php-zip
- - mediawiki # TODO: this should be replaced with composer
- - name: /var/www/mw.trygvis.io
- tags: apache-config
- file:
- state: directory
- path: "/var/www/mw.trygvis.io"
- owner: root
- group: root
- - name: apache config
- notify: reload apache
- tags: apache-config
- copy:
- src: etc/apache2/sites-enabled/000-default.conf
- dest: /etc/apache2/sites-enabled/000-default.conf
- - name: mediawiki config
- template:
- src: etc/mediawiki/LocalSettings.php.j2
- dest: /etc/mediawiki/LocalSettings.php
- - name: mediawiki job systemd service
- notify: systemd daemon-reload
- copy:
- src: etc/systemd/system/mw-jobqueue.service
- dest: /etc/systemd/system/mw-jobqueue.service
- - name: mediawiki job systemd timer
- notify: systemd daemon-reload
- copy:
- src: etc/systemd/system/mw-jobqueue.timer
- dest: /etc/systemd/system/mw-jobqueue.timer
- - systemd:
- enabled: true
- state: started
- name: mw-jobqueue.timer
-
-- name: Mediawiki extensions
- tags: mw-extensions
- block:
- - name: directories
- file:
- state: directory
- path: /opt/mediawiki/extensions
- owner: www-data
- group: root
-
- - name: run composer install scribunto
- with_items: "{{ mediawiki_extensions }}"
- become: yes
- become_user: www-data
- composer:
- command: require
- arguments: "{{ item.package }} {{ item.version }}"
- working_dir: /opt/mediawiki/extensions
-
- - name: symlink extensions into mediawiki
- with_items: "{{ mediawiki_extensions }}"
- file:
- state: link
- dest: "/var/lib/mediawiki/extensions/{{ item.extension }}"
- src: "/opt/mediawiki/extensions/extensions/{{ item.extension }}"
-
- - name: symlink maintenance into smw
- file:
- state: link
- dest: "/opt/mediawiki/extensions/maintenance"
- src: "/var/lib/mediawiki/maintenance"
- owner: root
- group: root
-
-- name: Mediawiki Backup
- tags:
- - mw-backend
- - mediawiki-backup
- block:
- - name: packages
- apt:
- name: "{{ item }}"
- install_recommends: no
- with_items:
- - borgbackup
- - name: mkdir
- file:
- state: directory
- path: "/opt/mediawiki/backup"
-
- - name: borgbackup init
- shell: borgbackup init -e none /opt/mediawiki/borg
- args:
- creates: /opt/mediawiki/borg
-
- - copy:
- src: "{{ item }}"
- dest: "/{{ item }}"
- mode: a+rx
- with_items:
- - bin/mw-dump-backup
- - bin/mw-dump-db
- - bin/mw-make-backup
diff --git a/ansible/secrets.yml b/ansible/secrets.yml
index 3284771..11543bd 100644
--- a/ansible/secrets.yml
+++ b/ansible/secrets.yml
@@ -1,12 +1,14 @@
$ANSIBLE_VAULT;1.1;AES256
-63326262383165613634636232363636363666616339653063346164373131386230373466666337
-6634373236646365356432306630623332663336353230340a313065313138353465663635393432
-63653931653437353536343933613033613230316561663837656638353864303334613138353839
-3133656139303531310a626461393131323831653139393235613438323665373330653839626265
-61323266356137303834376166323437323538643333363731363533303862643862633234343038
-32306536383731636533666437363539623636343763343164353031363435383564303734393761
-39326261333962313563313564383634663465356339373937333036393165396238666134656463
-32386264663362326365306231353437633134663231303164373830303930356165323462663261
-31343235316538323733633562303661393034353966343432653835353565306233313563303163
-64663433343961333231663464316163323830646633633130386432643363343565356438666139
-363430656261616130323637626364326636
+65303565623964323134303539666433376134336233373031373861333733666531376465313732
+6564353464363361343430333935643935386332336663650a613562633635643032623864656131
+66363866646265613865393832353162353865396363313430343139643338626461623461633962
+6638653634616233610a643439353863373065323933373033343366356361313164366362623730
+32613330396639353961366239623334326632616431366133646566643930366537323139323565
+33626134363131643039633462323337666636653565646566653965333635613765663132303639
+37363237653231333437326565663034363963383766653634333062656264343330373130313037
+32343533313835316362613965653065326432663962383564333239316334386332653931393462
+66623734303935663962313235663730336432366365396564366634393632313565636337646165
+37316562306431663537306339393964633666363835363533643838306163616632393661343737
+32366435666636616435343664636365336330613139306236336536373666663062376666346130
+64383133383462386663643934343164313464316330363830306261633138376565613139376363
+6438
diff --git a/ansible/roles/mw-backend/templates/etc/mediawiki/LocalSettings.php.j2 b/ansible/templates/mw/LocalSettings.php
index 450dfab..91ded62 100644
--- a/ansible/roles/mw-backend/templates/etc/mediawiki/LocalSettings.php.j2
+++ b/ansible/templates/mw/LocalSettings.php
@@ -2,17 +2,10 @@
# This file was automatically generated by the MediaWiki 1.27.4
# installer. If you make manual changes, please keep track in case you
# need to recreate them later.
-#
-# See includes/DefaultSettings.php for all configurable settings
-# and their default values, but don't forget to make changes in _this_
-# file, not there.
-#
-# Further documentation for configuration settings may be found at:
-# https://www.mediawiki.org/wiki/Manual:Configuration_settings
# Protect against web entry
if ( !defined( 'MEDIAWIKI' ) ) {
- exit;
+ exit;
}
## Uncomment this to disable output compression
@@ -53,10 +46,10 @@ $wgEmailAuthentication = true;
## Database settings
$wgDBtype = "postgres";
-$wgDBserver = "10.0.3.1";
-$wgDBname = "mediawiki";
-$wgDBuser = "mediawiki";
-$wgDBpassword = "{{ mediawiki_secrets.mediawiki_password }}";
+$wgDBserver = "{{ mediawiki__wgDBserver }}";
+$wgDBname = "{{ mediawiki__wgDBname }}";
+$wgDBuser = "{{ mediawiki__wgDBuser }}";
+$wgDBpassword = "{{ mediawiki__wgDBpassword }}";
# Postgres specific settings
$wgDBport = "5432";
@@ -89,14 +82,14 @@ $wgShellLocale = "en_US.utf8";
# Site language code, should be one of the list in ./languages/data/Names.php
$wgLanguageCode = "en";
-$wgSecretKey = "{{ mediawiki_secrets.secret_key }}";
+$wgSecretKey = "{{ mediawiki__wgSecretKey }}";
# Changing this will log out all existing sessions.
$wgAuthenticationTokenVersion = "1";
# Site upgrade key. Must be set to a string (default provided) to turn on the
# web installer while LocalSettings.php is in place
-$wgUpgradeKey = "4eb6000bab511b23";
+$wgUpgradeKey = "{{ mediawiki__wgUpgradeKey }}";
## For attaching licensing metadata to pages, and displaying an
## appropriate copyright notice / icon. GNU Free Documentation
@@ -123,22 +116,13 @@ $wgDefaultSkin = "vector";
wfLoadExtension( 'Scribunto' );
$wgScribuntoDefaultEngine = 'luastandalone';
-wfLoadSkin( 'CologneBlue' );
-wfLoadSkin( 'Modern' );
wfLoadSkin( 'MonoBook' );
+wfLoadSkin( 'Timeless' );
wfLoadSkin( 'Vector' );
-
-# Enabled extensions. Most of the extensions are enabled by adding
-# wfLoadExtensions('ExtensionName');
-# to LocalSettings.php. Check specific extension documentation for more details.
-# The following extensions were automatically enabled:
wfLoadExtension( 'Cite' );
wfLoadExtension( 'ParserFunctions' );
-# Doesnt work yet: wfLoadExtension( 'SemanticMediaWiki' );
-require_once "/opt/mediawiki/extensions/vendor/autoload.php";
-
# End of automatically generated settings.
# Add more configuration options below.
@@ -147,16 +131,16 @@ require_once "/opt/mediawiki/extensions/vendor/autoload.php";
$wgMimeTypeFile = '/etc/mime.types';
# Load legacy extensions
if ( is_file( "/etc/mediawiki-extensions/extensions.php" ) ) {
- include "/etc/mediawiki-extensions/extensions.php";
+ include "/etc/mediawiki-extensions/extensions.php";
}
# Add a "powered by Debian" footer icon
$wgFooterIcons['poweredby']['debian'] = [
- "src" => "/w/resources/assets/debian/poweredby_debian_1x.png",
- "url" => "https://www.debian.org/",
- "alt" => "Powered by Debian",
- "srcset" =>
- "/w/resources/assets/debian/poweredby_debian_1_5x.png 1.5x, " .
- "/w/resources/assets/debian/poweredby_debian_2x.png 2x",
+ "src" => "/w/resources/assets/debian/poweredby_debian_1x.png",
+ "url" => "https://www.debian.org/",
+ "alt" => "Powered by Debian",
+ "srcset" =>
+ "/w/resources/assets/debian/poweredby_debian_1_5x.png 1.5x, " .
+ "/w/resources/assets/debian/poweredby_debian_2x.png 2x",
];
# End Debian specific generated settings
# Add more configuration options below.
@@ -186,3 +170,11 @@ $smwgNamespacesWithSemanticLinks[NS_BOARD] = true;
# https://www.mediawiki.org/wiki/Manual:$wgSMTP
$wgSMTP = array('host' => '10.0.3.1', 'auth' => false);
+
+wfLoadExtension( 'Interwiki' );
+// To grant sysops permissions to edit interwiki data
+$wgGroupPermissions['sysop']['interwiki'] = true;
+$wgEnableScaryTranscluding = true;
+
+$wgShowExceptionDetails = true;
+$wgShowDBErrorBacktrace = true;
diff --git a/ansible/roles/mw-backend/files/etc/apache2/sites-enabled/000-default.conf b/ansible/templates/mw/sites-enabled/000-default.conf
index 0af172a..ceed9b9 100644
--- a/ansible/roles/mw-backend/files/etc/apache2/sites-enabled/000-default.conf
+++ b/ansible/templates/mw/sites-enabled/000-default.conf
@@ -9,11 +9,11 @@
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
- Alias /w /var/lib/mediawiki
- Alias /wiki /var/lib/mediawiki/index.php
+ Alias /w /opt/mediawiki/mediawiki
+ Alias /wiki /opt/mediawiki/mediawiki/index.php
RedirectMatch permanent ^/$ /wiki/Main_Page
-<Directory /var/lib/mediawiki/>
+<Directory /opt/mediawiki/mediawiki/>
Options +FollowSymLinks
AllowOverride All
<IfVersion >= 2.3>
@@ -26,7 +26,7 @@
</Directory>
# some directories must be protected
-<Directory /var/lib/mediawiki/config>
+<Directory /opt/mediawiki/mediawiki/config>
Options -FollowSymLinks
AllowOverride None
<IfModule mod_php7.c>
@@ -36,7 +36,7 @@
php_admin_flag engine off
</IfModule>
</Directory>
-<Directory /var/lib/mediawiki/images>
+<Directory /opt/mediawiki/mediawiki/images>
Options -FollowSymLinks
AllowOverride None
<IfModule mod_php7.c>
@@ -46,7 +46,7 @@
php_admin_flag engine off
</IfModule>
</Directory>
-<Directory /var/lib/mediawiki/upload>
+<Directory /opt/mediawiki/mediawiki/upload>
Options -FollowSymLinks
AllowOverride None
<IfModule mod_php7.c>