Configuration for puppetized MediaWiki on trac.

(imported from commit cff2becbe590e50414f74a31ea2a2914de49f4bd)
This commit is contained in:
Luke Faraone 2013-07-25 17:38:40 -04:00
parent 85988df75d
commit 5e2dda4d73
5 changed files with 261 additions and 0 deletions

View File

@ -0,0 +1,57 @@
<VirtualHost *:80>
ServerName wiki.zulip.net
Redirect permanent / https://wiki.zulip.net/
</VirtualHost>
<VirtualHost *:443>
ServerName wiki.zulip.net
SSLEngine on
SSLCertificateFile /etc/ssl/certs/wiki.zulip.net.crt
SSLCertificateKeyFile /etc/ssl/private/wiki.key
SSLCertificateChainFile /etc/ssl/certs/sub.class1.server.ca.pem
SSLCACertificateFile /etc/ssl/certs/ca.pem
Header add Strict-Transport-Security "max-age=15768000"
Header add X-Frame-Options DENY
<Location "/">
AuthType Digest
AuthName "wiki"
AuthDigestProvider file
AuthUserFile /etc/apache2/users/wiki
Require valid-user
</Location>
Alias /wiki /var/lib/mediawiki/index.php
RewriteEngine on
RewriteRule ^(/)?$ /wiki [L,R=301]
ErrorLog /var/log/apache2/error.log
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature On
Alias /w /var/lib/mediawiki
<Directory /var/lib/mediawiki/>
Options +FollowSymLinks
AllowOverride All
order allow,deny
allow from all
</Directory>
# some directories must be protected
<Directory /var/lib/mediawiki/config>
Options -FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/lib/mediawiki/upload>
Options -FollowSymLinks
AllowOverride None
</Directory>
</VirtualHost>

View File

@ -0,0 +1,163 @@
<?php
# This file was automatically generated by the MediaWiki 1.19.5-1
# installer. If you make manual changes, please keep track in case you
# need to recreate them later.
#
# See includes/DefaultSettings.php for all configurable settings
# and their default values, but don't forget to make changes in _this_
# file, not there.
#
# Further documentation for configuration settings may be found at:
# http://www.mediawiki.org/wiki/Manual:Configuration_settings
# Protect against web entry
if ( !defined( 'MEDIAWIKI' ) ) {
exit;
}
# Debugging
#error_reporting( E_ALL );
#ini_set( 'display_errors', 1 );
## Uncomment this to disable output compression
# $wgDisableOutputCompression = true;
$wgSitename = "Zulip Wiki";
$wgMetaNamespace = "Project";
## The URL base path to the directory containing the wiki;
## defaults for all runtime URL paths are based off of this.
## For more information on customizing the URLs please see:
## http://www.mediawiki.org/wiki/Manual:Short_URL
$wgScriptPath = "/w";
$wgScriptExtension = ".php";
$wgArticlePath = "/wiki/$1";
## The protocol and server name to use in fully-qualified URLs
$wgServer = "https://wiki.zulip.net";
## The relative URL path to the skins directory
$wgStylePath = "$wgScriptPath/skins";
## The relative URL path to the logo. Make sure you change this from the default,
## or else you'll overwrite your logo when you upgrade!
$wgLogo = "$wgStylePath/common/images/wiki.png";
## UPO means: this is also a user preference option
$wgEnableEmail = true;
$wgEnableUserEmail = true; # UPO
$wgEmergencyContact = "support@zulip.com";
$wgPasswordSender = "support@zulip.com";
$wgEnotifUserTalk = true; # UPO
$wgEnotifWatchlist = true; # UPO
$wgEmailAuthentication = false;
## Database settings
$wgDBtype = "postgres";
$wgDBport = "5432";
$wgDBserver = "localhost";
$wgDBname = "wiki";
$wgDBuser = "wikiuser";
$wgDBpassword = "xxxxxxxxxx";
$wgDBport = "5432";
$wgDBmwschema = "mediawiki";
# MySQL specific settings
#$wgDBprefix = "";
# MySQL table options to use during installation or update
#$wgDBTableOptions = "ENGINE=InnoDB, DEFAULT CHARSET=binary";
# Experimental charset support for MySQL 5.0.
$wgDBmysql5 = false;
## Shared memory settings
$wgMainCacheType = CACHE_NONE;
$wgMemCachedServers = array();
## To enable image uploads, make sure the 'images' directory
## is writable, then set this to true:
$wgEnableUploads = true;
$wgUseImageMagick = true;
$wgImageMagickConvertCommand = "/usr/bin/convert";
# InstantCommons allows wiki to use images from http://commons.wikimedia.org
$wgUseInstantCommons = true;
## If you use ImageMagick (or any other shell command) on a
## Linux server, this will need to be set to the name of an
## available UTF-8 locale
$wgShellLocale = "en_US.utf8";
## If you want to use image uploads under safe mode,
## create the directories images/archive, images/thumb and
## images/temp, and make them all writable. Then uncomment
## this, if it's not already uncommented:
#$wgHashedUploadDirectory = false;
## Set $wgCacheDirectory to a writable directory on the web server
## to make your wiki go slightly faster. The directory should not
## be publically accessible from the web.
#$wgCacheDirectory = "$IP/cache";
# Site language code, should be one of the list in ./languages/Names.php
$wgLanguageCode = "en";
# Keeping this in git isn't the end of the world, see:
# <http://www.mediawiki.org/wiki/Manual:$wgSecretKey>
$wgSecretKey = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
# Site upgrade key. Must be set to a string (default provided) to turn on the
# web installer while LocalSettings.php is in place
$wgUpgradeKey = "xxxxxxxxxxxxxxxx";
## Default skin: you can change the default skin. Use the internal symbolic
## names, ie 'standard', 'nostalgia', 'cologneblue', 'monobook', 'vector':
$wgDefaultSkin = "modern";
## For attaching licensing metadata to pages, and displaying an
## appropriate copyright notice / icon. GNU Free Documentation
## License and Creative Commons licenses are supported so far.
$wgRightsPage = ""; # Set to the title of a wiki page that describes your license/copyright
$wgRightsUrl = "";
$wgRightsText = "";
$wgRightsIcon = "";
# Path to the GNU diff3 utility. Used for conflict resolution.
$wgDiff3 = "/usr/bin/diff3";
# debian-specific include:
if (is_file("/etc/mediawiki-extensions/extensions.php")) {
include("/etc/mediawiki-extensions/extensions.php");
}
# Query string length limit for ResourceLoader. You should only set this if
# your web server has a query string length limit (then set it to that limit),
# or if you have suhosin.get.max_value_length set in php.ini (then set it to
# that value)
$wgResourceLoaderMaxQueryLength = -1;
# Enabled Extensions. Most extensions are enabled by including the base extension file here
# but check specific extension documentation for more details
# The following extensions were automatically enabled:
require_once( "$IP/extensions/Cite/Cite.php" );
require_once( "$IP/extensions/Vector/Vector.php" );
require_once( "$IP/extensions/WikiEditor/WikiEditor.php" );
# End of automatically generated settings.
# Add more configuration options below.
$wgAuth = new Auth_remoteuser();
// Don't let anonymous people do things...
$wgGroupPermissions['*']['createaccount'] = false;
$wgGroupPermissions['*']['read'] = false;
$wgGroupPermissions['*']['edit'] = false;
$wgFileExtensions[] = 'svg';

View File

@ -0,0 +1 @@
../apache/sites/mediawiki

View File

@ -0,0 +1,39 @@
class humbug::mediawiki {
class { 'humbug::postgres-common': }
$mediawiki_packages = [ "mediawiki", "mediawiki-extensions" ]
package { $mediawiki_packages: ensure => "installed" }
apache2site {'mediawiki':
require => [File['/etc/apache2/sites-available/'],
Apache2mod['headers'], Apache2mod['ssl'],
],
ensure => present,
}
file { '/etc/mediawiki/LocalSettings.php':
ensure => file,
owner => "root",
group => "root",
mode => 644,
source => "puppet:///modules/humbug/mediawiki/LocalSettings.php",
}
file { '/usr/local/share/mediawiki/extensions/Auth_remoteuser.php':
ensure => file,
owner => "root",
group => "root",
mode => 644,
source => "puppet:///modules/humbug/mediawiki/Auth_remoteuser.php",
}
file { '/etc/mediawiki-extensions/extensions-available/Auth_remoteuser.php':
ensure => 'link',
target => '/usr/local/share/mediawiki/extensions/Auth_remoteuser.php',
}
file { '/etc/mediawiki-extensions/extensions-enabled/Auth_remoteuser.php':
ensure => 'link',
target => '../extensions-available/Auth_remoteuser.php',
}
}

View File

@ -1,6 +1,7 @@
class humbug::trac {
class { 'humbug::base': }
class { 'humbug::apache': }
class { 'humbug::mediawiki': }
$trac_packages = [ "trac", ]
package { $trac_packages: ensure => "installed" }