infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions
ansible/roles/mediawiki/templates/LocalSettings.php.fp.j2
Stephen Smoogen 14ccfa20e3 Add in virtual ipv6 hosts for proxy03 and proxy14
2020-04-24 21:34:20 +02:00

536 lines
17 KiB
Django/Jinja
Raw Blame History

<?php
# This file was automatically generated by the MediaWiki installer.
# If you make manual changes, please keep track in case you need to
# recreate them later.
#
# See includes/DefaultSettings.php for all configurable settings
# and their default values, but don't forget to make changes in _this_
# file, not there.
#error_reporting(1);
#session_start();
# Added for timeout testing
require_once( "includes/DefaultSettings.php" );
#$wgDebugLogFile = '/tmp/out.log';
$wgCaptchaClass = 'SimpleCaptcha';
#$wgCaptchaClass = 'FancyCaptcha';
#$wgCaptchaDirectory = "/mnt/web/attachments/captchas";
#$wgCaptchaDirectoryLevels = 0;
#$wgCaptchaSecret = "{{ mediawikiCaptchaKey }}";
$wgCaptchaTriggers['edit'] = true;
$wgCaptchaTriggers['create'] = true;
$wgCaptchaTriggers['addurl'] = true;
$wgCaptchaTriggers['createaccount'] = true;
$wgCaptchaTriggers['badlogin'] = false;
$wgRawHtml = false;
$wgProto = "https";
{% if env == "staging" %}
$wgServer = "https://stg.fedoraproject.org";
{% else %}
$wgServer = "https://fedoraproject.org";
{% endif %}
$wgCookieSecure = true;
$wgFeedDiffCutoff=32000;
$wgUsePrivateIPs = true;
# Caching Settings
$wgUseFileCache = false;
$wgFileCacheDirectory = '/var/cache/mediawiki/';
$wgShowIPinHeader = false;
$wgUseETag = true;
if ( $wgCommandLineMode ) {
if ( isset( $_SERVER ) && array_key_exists( 'REQUEST_METHOD', $_SERVER ) ) {
die( "This script must be run from the command line\n" );
}
}
## Uncomment this to disable output compression
# $wgDisableOutputCompression = true;
$wgSitename = "Fedora Project Wiki";
$wgUploadPath = "$wgScriptPath/attachments"; /// defaults to "{$wgScriptPath}/images"
$wgUploadPath = "/w/uploads"; /// defaults to "{$wgScriptPath}/images"
$wgUploadDirectory = "/mnt/web/attachments"; /// defaults to "{$IP}/images"
$wgHashedUploadDirectory = true;
$wgCheckFileExtensions=false;
$wgStrictFileExtensions=false;
#$wgLoadFileinfoExtension=false;
$wgVerifyMimeType= false;
$wgMimeDetectorCommand= "file -bi";
#$wgFileExtensions = false;
#$wgGroupPermissions['user' ]['delete'] = true;
$wgGroupPermissions['*']['createaccount'] = false;
$wgGroupPermissions['user']['skipcaptcha'] = true;
# HNP Can't manage the interwiki right... - Nigel
$wgGroupPermissions['*']['interwiki'] = false;
$wgGroupPermissions['sysop']['interwiki'] = true;
# Create a patrollers group to help check wiki edits - Ian
$wgGroupPermissions['patrollers']['patrol'] = true;
$wgGroupPermissions['patrollers']['autopatrol'] = true;
$wgGroupPermissions['sysop']['patrol'] = false;
$wgGroupPermissions['sysop']['autopatrol'] = false;
# Create a pruners group to delete pages in accordance with new deletion policy - Ian
$wgGroupPermissions['pruners']['delete'] = true;
$wgGroupPermissions['pruners']['bigdelete'] = true;
$wgGroupPermissions['pruners']['deletedhistory'] = true;
$wgGroupPermissions['pruners']['undelete'] = true;
# Create a protectors group for people who need to protect/unprotect pages
$wgGroupPermissions['protectors']['protect'] = true;
$wgGroupPermissions['protectors']['editprotected'] = true;
$wgGroupPermissions['protectors']['editsemiprotected'] = true;
## The URL base path to the directory containing the wiki;
## defaults for all runtime URL paths are based off of this.
#$wgScriptPath = "/wiki";
$wgScriptPath = "/{{ wpath }}";
$wgScriptExtension = ".php";
$wgScript = "$wgScriptPath/index.php";
$wgRedirectScript = "$wgScriptPath/redirect.php";
$wgArticlePath = "/{{ wikipath }}/$1";
## For more information on customizing the URLs please see:
## http://www.mediawiki.org/wiki/Manual:Short_URL
$wgEnableEmail = true;
$wgEnableUserEmail = true;
$wgEmergencyContact = "webmaster@fedoraproject.org";
$wgPasswordSender = "fedorawiki-noreply@fedoraproject.org";
$wgNoReplyAddress = "fedorawiki-noreply@fedoraproject.org";
#$wgSMTP = array(
# "host" => 'bastion',
# "port" => '25'
#);
## For a detailed description of the following switches see
## http://meta.wikimedia.org/Enotif and http://meta.wikimedia.org/Eauthent
## There are many more options for fine tuning available see
## /includes/DefaultSettings.php
## UPO means: this is also a user preference option
$wgEnotifUserTalk = true; # UPO
$wgEnotifWatchlist = true; # UPO
$wgEmailAuthentication = false;
$wgDBtype = "mysql";
$wgDBserver = "db03";
$wgDBname = "fpo-mediawiki";
$wgDBuser = "fpo-mw-user";
$wgDBpassword = "{{ fpoPassword }}";
$wgDBport = "5432";
$wgDBprefix = "en_";
# MySQL table options to use during installation or update
$wgDBTableOptions = "TYPE=InnoDB";
# Schemas for Postgres
#$wgDBmwschema = "mediawiki";
$wgDBts2schema = "public";
# Experimental charset support for MySQL 4.1/5.0.
$wgDBmysql5 = false;
## Shared memory settings
$wgMainCacheType = CACHE_MEMCACHED;
$wgParserCacheType = CACHE_MEMCACHED;
$wgMessageCacheType = CACHE_MEMCACHED;
$wgSessionsInMemcached = true;
$wgMemCachedServers = array (
0 => 'memcached01:11211',
);
## To enable image uploads, make sure the 'images' directory
## is writable, then set this to true:
$wgEnableUploads = true;
$wgUseImageMagick = false;
#$wgUseImageMagick = true;
#$wgImageMagickConvertCommand = "/usr/bin/convert";
## If you want to use image uploads under safe mode,
## create the directories images/archive, images/thumb and
## images/temp, and make them all writable. Then uncomment
## this, if it's not already uncommented:
# $wgHashedUploadDirectory = false;
## If you have the appropriate support software installed
## you can enable inline LaTeX equations:
$wgUseTeX = false;
$wgLocalInterwiki = $wgSitename;
$wgLanguageCode = "en";
$wgProxyKey = "b957b9365f724d22f666998b751507c551c66484bf75b1cc33802a67e92b0827";
## Default skin: you can change the default skin. Use the internal symbolic
## names, ie 'standard', 'nostalgia', 'cologneblue', 'monobook':
wfLoadSkin( 'Fedora' );
$wgDefaultSkin = 'Fedora';
## For attaching licensing metadata to pages, and displaying an
## appropriate copyright notice / icon. GNU Free Documentation
## License and Creative Commons licenses are supported so far.
$wgEnableCreativeCommonsRdf = false;
$wgRightsPage = "Legal:Main"; # Set to the title of a wiki page that describes your license/copyright
$wgRightsUrl = "http://creativecommons.org/licenses/by-sa/3.0/";
$wgRightsText = "Attribution-Share Alike 3.0 Unported";
$wgRightsIcon = "";
# $wgRightsCode = "[license_code]"; # Not yet used
$wgDiff3 = "/usr/bin/diff3";
# When you make changes to this configuration file, this will make
# sure that cached pages are cleared.
$configdate = gmdate( 'YmdHis', @filemtime( __FILE__ ) );
$wgCacheEpoch = max( $wgCacheEpoch, $configdate );
define("NS_ARCHIVE", 100);
define("NS_ARCHIVE_TALK",101);
define("NS_MEETING",102);
define("NS_MEETING_TALK",103);
define("NS_QA",104);
define("NS_QA_TALK",105);
define("NS_LEGAL", 106);
define("NS_LEGAL_TALK", 107);
define("NS_LICENSING", 108);
define("NS_LICENSING_TALK", 109);
define("NS_PACKAGING", 110);
define("NS_PACKAGING_TALK", 111);
define("NS_FUDCON", 112);
define("NS_FUDCON_TALK", 113);
define("NS_TEST_DAY", 114);
define("NS_TEST_DAY_TALK", 115);
define("NS_TEST_RESULTS", 116);
define("NS_TEST_RESULTS_TALK", 117);
$wgExtraNamespaces[NS_ARCHIVE] = "Archive";
$wgExtraNamespaces[NS_ARCHIVE_TALK] = "Archive_talk";
$wgExtraNamespaces[NS_MEETING] = "Meeting";
$wgExtraNamespaces[NS_MEETING_TALK] = "Meeting_talk";
$wgExtraNamespaces[NS_QA] = "QA";
$wgExtraNamespaces[NS_QA_TALK] = "QA_talk";
$wgExtraNamespaces[NS_LEGAL] = "Legal";
$wgExtraNamespaces[NS_LEGAL_TALK] = "Legal_talk";
$wgExtraNamespaces[NS_LICENSING] = "Licensing";
$wgExtraNamespaces[NS_LICENSING_TALK] = "Licensing_talk";
$wgExtraNamespaces[NS_PACKAGING] = "Packaging";
$wgExtraNamespaces[NS_PACKAGING_TALK] = "Packaging_talk";
$wgExtraNamespaces[NS_FUDCON] = "FUDCon";
$wgExtraNamespaces[NS_FUDCON_TALK] = "FUDCon_talk";
$wgExtraNamespaces[NS_TEST_DAY] = "Test_Day";
$wgExtraNamespaces[NS_TEST_DAY_TALK] = "Test_Day_talk";
$wgExtraNamespaces[NS_TEST_RESULTS] = "Test_Results";
$wgExtraNamespaces[NS_TEST_RESULTS_TALK] = "Test_Results_talk";
$wgNamespacesWithSubpages = array(
NS_MAIN => true,
NS_TALK => true,
NS_USER => true,
NS_USER_TALK => true,
NS_PROJECT_TALK => true,
NS_IMAGE_TALK => true,
NS_MEDIAWIKI_TALK => true,
NS_TEMPLATE_TALK => true,
NS_HELP_TALK => true,
NS_CATEGORY_TALK => true,
NS_ARCHIVE => true,
NS_ARCHIVE_TALK => true,
NS_MEETING => true,
NS_MEETING_TALK => true,
NS_QA => true,
NS_QA_TALK => true,
NS_LEGAL => true,
NS_LEGAL_TALK => true,
NS_LICENSING => true,
NS_LICENSING_TALK => true,
NS_PACKAGING => true,
NS_PACKAGING_TALK => true,
NS_FUDCON => true,
NS_FUDCON_TALK => true,
NS_TEST_DAY => true,
NS_TEST_DAY_TALK => true,
NS_TEST_RESULTS => true,
NS_TEST_RESULTS_TALK => true
);
$wgNamespacesToBeSearchedDefault = array(
NS_MAIN => true,
NS_TALK => false,
NS_USER => false,
NS_USER_TALK => false,
NS_PROJECT => true,
NS_PROJECT_TALK => false,
NS_IMAGE => true,
NS_IMAGE_TALK => false,
NS_MEDIAWIKI => false,
NS_MEDIAWIKI_TALK => false,
NS_TEMPLATE => false,
NS_TEMPLATE_TALK => false,
NS_HELP => true,
NS_HELP_TALK => false,
NS_CATEGORY => true,
NS_CATEGORY_TALK => false,
NS_ARCHIVE => false,
NS_ARCHIVE_TALK => false,
NS_MEETING => false,
NS_MEETING_TALK => false,
NS_QA => false,
NS_QA_TALK => false,
NS_LEGAL => true,
NS_LEGAL_TALK => false,
NS_LICENSING => true,
NS_LICENSING_TALK => false,
NS_PACKAGING => true,
NS_PACKAGING_TALK => false,
NS_FUDCON => true,
NS_FUDCON_TALK => false,
NS_TEST_DAY => true,
NS_TEST_DAY_TALK => false,
NS_TEST_RESULTS => true,
NS_TEST_RESULTS_TALK => false
);
require_once "$IP/extensions/fedmsg-emit.php";
# require_once "$IP/extensions/fedora-messaging-emit.php";
require_once "$IP/extensions/HTTP302Found/HTTP302Found.php";
require_once "$IP/extensions/RSS/RSS.php";
require_once "$IP/extensions/FedoraDocsRedirect/FedoraDocsRedirect.php";
wfLoadExtension( 'ParserFunctions' );
wfLoadExtension( 'Interwiki' );
wfLoadExtension( 'Cite' );
wfLoadExtension( 'ConfirmEdit' );
$wgShowExceptionDetails = true;
$wgSkipSkins = array("chick", "cologneblue", "monobook", "myskin", "nostalgia", "simple", "standard");
$wgSVGConverter = 'rsvg';
$wgAllowDisplayTitle = true;
$wgRestrictDisplayTitle = false;
# This series of settings is used for reverse proxies
$wgUseSquid = true;
# The SquidNoPurge setting is used to determine reverse proxies
$wgSquidServersNoPurge = array(
"::1",
{% if env == "staging" %}
# proxy01.stg
"10.5.128.177",
{% else %}
# proxy01
"10.5.126.52",
"192.168.1.11",
# proxy02
"85.236.55.6",
"2001:4178:2:1269::fed2",
"192.168.1.12",
# proxy03
"8.43.85.73",
"2620:52:3:1:dead:beef:cafe:fed6",
"192.168.1.7",
# proxy04
"152.19.134.142",
"2610:28:3090:3001:dead:beef:cafe:fed3",
"192.168.1.14",
# proxy05
"5.175.150.50",
"2a00:d1a0:1::131",
"192.168.1.25",
# proxy06
"140.211.169.196",
"192.168.1.63",
# proxy09
"140.211.169.206",
"192.168.1.15",
# proxy10
"10.5.126.51",
"192.168.1.17",
# proxy11
"67.219.144.68",
"2604:1580:fe00:0:dead:beef:cafe:fed1",
"192.168.1.37",
# proxy12
"152.19.134.198",
"192.168.1.13",
# proxy13
"209.132.190.2",
"192.168.1.158",
# proxy14
"8.43.85.67",
"2620:52:3:1:dead:beef:cafe:fed7",
"192.168.1.159",
{% endif %}
);
# This setting is used to send PURGE requests to varnish on reverse proxies upon page changes
$wgSquidServers = array(
{% if env == "staging" %}
# proxy01.stg
"10.5.128.177:6081",
{% else %}
# proxy01
"10.5.126.52:6081",
# proxy02
"192.168.1.12:6081",
# proxy03
"192.168.1.7:6081",
# proxy04
"192.168.1.14:6081",
# proxy05
"192.168.1.25:6081",
# proxy06
"192.168.1.63:6081",
# proxy10
"10.5.126.51:6081",
# proxy11
"192.168.1.37:6081",
# proxy12
"192.168.1.13:6081",
# proxy13
"192.168.1.158:6081",
# proxy14
"192.168.1.159:6081",
{% endif %}
);
$wgSquidMaxage = 21600;
# Don't add rel="nofollow"
$wgNoFollowLinks = false;
# This can be an array in version 1.14 and above.
$wgAllowExternalImagesFrom = array("http://fedoraproject.org/", "http://docs.fedoraproject.org", "http://fedorahosted.org/", "http://fedorapeople.org", "http://fedoraplanet.org");
$wgAllowUserCss = true;
$wgAllowUserJs = true;
$wgEnableWriteAPI = true;
$wgLogo = "https://fedoraproject.org/static/images/fedora-logo.png";
### LOCKDOWN PERMISSIONS ###
$wgGroupPermissions['Legal']['read'] = true;
$wgGroupPermissions['Packaging']['read'] = true;
require_once( "$IP/extensions/Lockdown/Lockdown.php" );
$wgSpecialPageLockdown['Export'] = array('*');
$wgNamespacePermissionLockdown['*']['edit'] = array('user');
$wgNamespacePermissionLockdown[NS_FUDCON]['edit'] = array('user');
$wgNamespacePermissionLockdown[NS_TEST_DAY]['edit'] = array('*');
$wgNamespacePermissionLockdown[NS_TEST_RESULTS]['edit'] = array('*');
$wgNamespacePermissionLockdown[NS_LEGAL]['edit'] = array('Legal');
$wgNamespacePermissionLockdown[NS_LICENSING]['edit'] = array('Legal');
$wgNamespacePermissionLockdown[NS_PACKAGING]['edit'] = array('Packaging');
$wgNamespacePermissionLockdown['*']['move'] = array('user');
$wgNamespacePermissionLockdown[NS_LEGAL]['move'] = array('Legal');
$wgNamespacePermissionLockdown[NS_LICENSING]['move'] = array('Legal');
$wgNamespacePermissionLockdown[NS_PACKAGING]['move'] = array('Packaging');
### END LOCKDOWN PERMISSIONS ###
# Experimentation - Added by nigelj 30/Dec/2008
$wgSearchType = "SearchMySQL";
# page_counter is known to be slow, disabled for performance reasons
$wgDisableCounters = true;
#$wgReadOnly = "Wiki Maintenance In Progress - ETA: 15 August 08 04:00 UTC";
$wgStyleVersion = '273';
# Fedora Badges Extension
require_once( "$IP/extensions/FedoraBadges/FedoraBadges.php" );
wfLoadExtension( 'WikiEditor' );
# Enables use of WikiEditor by default but still allows users to disable it in preferences
$wgDefaultUserOptions['usebetatoolbar'] = 1;
# Enables link and table wizards by default but still allows users to disable them in preferences
$wgDefaultUserOptions['usebetatoolbar-cgd'] = 1;
# Displays the Preview and Changes tabs
$wgDefaultUserOptions['wikieditor-preview'] = 1;
# Displays the Publish and Cancel buttons on the top right side
$wgDefaultUserOptions['wikieditor-publish'] = 1;
# Work around issue with cancel button, needs removal for next mediawiki release
$wgOOUIEditPage = false;
# OpenID Connect
wfLoadExtension( 'PluggableAuth' );
wfLoadExtension( 'OpenIDConnect' );
wfLoadExtension( 'OpenIDConnectAPI' );
# BacktickCode
wfLoadExtension( 'BacktickCode' );
require_once('/usr/share/php/Fedora/Autoloader/autoload.php');
\Fedora\Autoloader\Dependencies::required(array(
'/usr/share/php/jumbojett/OpenID-Connect-PHP/autoload.php',
'/usr/share/php/phpseclib/autoload.php'
));
$wgPluggableAuth_EnableAutoLogin = false;
$wgPluggableAuth_EnableLocalLogin = false;
$wgPluggableAuth_EnableLocalProperties = false;
$wgPluggableAuth_Class = 'OpenIDConnect';
$wgGroupPermissions['*']['autocreateaccount'] = true;
$wgOpenIDConnect_Config['https://id{{ env_suffix }}.fedoraproject.org/openidc/'] = [
'clientID' => 'fpwiki',
{% if env == "staging" %}
'clientsecret' => '{{ fpwiki_stg_client_secret }}',
{% else %}
'clientsecret' => '{{ fpwiki_prod_client_secret }}',
{% endif %}
'name' => "Fedora Authentication",
'scope' => [ 'openid', 'profile', 'email',
'https://id.fedoraproject.org/scope/groups',
'https://id.fedoraproject.org/scope/cla' ]
];
$wgOpenIDConnect_UseRealNameAsUserName = false;
$wgOpenIDConnect_UseEmailNameAsUserName = false;
$wgOpenIDConnect_MigrateUsersByUserName = false;
$wgOpenIDConnect_MigrateUsersByEmail = false;
$wgOpenIDConnect_ForceLogout = false;
$wgOpenIDConnectAPI_Issuer = 'https://id{{ env_suffix }}.fedoraproject.org/openidc/';
$wgOpenIDConnectAPI_TokenInfoURL = "https://id{{ env_suffix }}.fedoraproject.org/openidc/TokenInfo";
$wgOpenIDConnectAPI_TokenScope = "https://fedoraproject.org/wiki/api";
# Badges DSN to talk to tahrir db (readonly user)
$wgFedoraBadgesDSN = 'pgsql:host=db01;port=5432;dbname=tahrir;user={{tahrir_ro_user}};password={{tahrir_ro_pass}}';
# Fixed for OIDC redirect url generation
{% if env == "staging" %}
$_SERVER['HTTP_HOST'] = 'stg.fedoraproject.org';
{% else %}
$_SERVER['HTTP_HOST'] = 'fedoraproject.org';
{% endif %}
$_SERVER['REQUEST_SCHEME'] = 'https';
$_SERVER['SERVER_PORT'] = 443;
# Looks like mediawiki is using undefined constants.... Let's shut that up
error_reporting(E_ALL ^ E_NOTICE);
View git blame Copy permalink