forked from coop-cloud/mediawiki
270 lines
8.5 KiB
Cheetah
270 lines
8.5 KiB
Cheetah
<?php
|
|
|
|
# Protect against web entry
|
|
if ( !defined( 'MEDIAWIKI' ) ) {
|
|
exit;
|
|
}
|
|
|
|
## Uncomment this to disable output compression
|
|
# $wgDisableOutputCompression = true;
|
|
|
|
$wgSitename = "{{ env "MEDIAWIKI_SITENAME" }}";
|
|
$wgMetaNamespace = "{{ env "MEDIAWIKI_SITENAMESPACE" }}";
|
|
|
|
## The URL base path to the directory containing the wiki;
|
|
## defaults for all runtime URL paths are based off of this.
|
|
## For more information on customizing the URLs
|
|
## (like /w/index.php/Page_title to /wiki/Page_title) please see:
|
|
## https://www.mediawiki.org/wiki/Manual:Short_URL
|
|
$wgScriptPath = "";
|
|
|
|
$wgArticlePath = "/wiki/$1";
|
|
|
|
## The protocol and server name to use in fully-qualified URLs
|
|
$wgServer = "https://{{ env "DOMAIN" }}";
|
|
|
|
## The URL path to static resources (images, scripts, etc.)
|
|
$wgResourceBasePath = $wgScriptPath;
|
|
|
|
## The URL path to the logo. Make sure you change this from the default,
|
|
## or else you'll overwrite your logo when you upgrade!
|
|
$wgLogo = "{{ env "MEDIAWIKI_LOGO_FILE" }}";
|
|
|
|
## UPO means: this is also a user preference option
|
|
|
|
$wgEnableEmail = true;
|
|
$wgEnableUserEmail = true; # UPO
|
|
|
|
$wgEmergencyContact = "{{ env "MEDIAWIKI_EMAIL_CONTACT" }}";
|
|
$wgPasswordSender = "{{ env "MEDIAWIKI_EMAIL_FROM" }}";
|
|
|
|
$wgEnotifUserTalk = false; # UPO
|
|
$wgEnotifWatchlist = false; # UPO
|
|
$wgEmailAuthentication = true;
|
|
|
|
## Database settings
|
|
$wgDBtype = "mysql";
|
|
$wgDBserver = "{{ env "DB_HOST" }}";
|
|
$wgDBname = "{{ env "DB_NAME" }}";
|
|
$wgDBuser = "{{ env "DB_USER" }}";
|
|
$wgDBpassword = rtrim(file_get_contents('/run/secrets/db_password'));
|
|
|
|
# MySQL specific settings
|
|
$wgDBprefix = "";
|
|
|
|
# MySQL table options to use during installation or update
|
|
$wgDBTableOptions = "ENGINE=InnoDB, DEFAULT CHARSET=binary";
|
|
|
|
## Shared memory settings
|
|
$wgMainCacheType = CACHE_ACCEL;
|
|
$wgMemCachedServers = [];
|
|
|
|
## To enable image uploads, make sure the 'images' directory
|
|
## is writable, then set this to true:
|
|
$wgEnableUploads = true;
|
|
$wgUseImageMagick = true;
|
|
$wgImageMagickConvertCommand = "/usr/bin/convert";
|
|
|
|
# InstantCommons allows wiki to use images from https://commons.wikimedia.org
|
|
$wgUseInstantCommons = false;
|
|
|
|
# Periodically send a pingback to https://www.mediawiki.org/ with basic data
|
|
# about this MediaWiki instance. The Wikimedia Foundation shares this data
|
|
# with MediaWiki developers to help guide future development efforts.
|
|
$wgPingback = false;
|
|
|
|
## If you use ImageMagick (or any other shell command) on a
|
|
## Linux server, this will need to be set to the name of an
|
|
## available UTF-8 locale
|
|
$wgShellLocale = "C.UTF-8";
|
|
|
|
## Set $wgCacheDirectory to a writable directory on the web server
|
|
## to make your wiki go slightly faster. The directory should not
|
|
## be publically accessible from the web.
|
|
#$wgCacheDirectory = "$IP/cache";
|
|
|
|
# Site language code, should be one of the list in ./languages/data/Names.php
|
|
$wgLanguageCode = "{{ env "MEDIAWIKI_LANGUAGE" }}";
|
|
|
|
$wgSecretKey = rtrim(file_get_contents('/run/secrets/mediawiki_secret_key'));
|
|
|
|
# Changing this will log out all existing sessions.
|
|
$wgAuthenticationTokenVersion = "1";
|
|
|
|
# Site upgrade key. Must be set to a string (default provided) to turn on the
|
|
# web installer while LocalSettings.php is in place
|
|
$wgUpgradeKey = "";
|
|
|
|
## For attaching licensing metadata to pages, and displaying an
|
|
## appropriate copyright notice / icon. GNU Free Documentation
|
|
## License and Creative Commons licenses are supported so far.
|
|
$wgRightsPage = ""; # Set to the title of a wiki page that describes your license/copyright
|
|
$wgRightsUrl = "";
|
|
$wgRightsText = "";
|
|
$wgRightsIcon = "";
|
|
|
|
# Path to the GNU diff3 utility. Used for conflict resolution.
|
|
$wgDiff3 = "/usr/bin/diff3";
|
|
|
|
{{ if eq (env "MEDIAWIKI_ALLOW_REGISTRATION") "1" }}
|
|
$wgGroupPermissions['*']['createaccount'] = true;
|
|
$wgEmailConfirmToEdit = true;
|
|
{{ else }}
|
|
$wgGroupPermissions['*']['createaccount'] = false;
|
|
{{ end }}
|
|
|
|
$wgGroupPermissions['*']['edit'] = false;
|
|
{{ if eq (env "MEDIAWIKI_IS_PRIVATE") "1" }}
|
|
$wgGroupPermissions['*']['read'] = false;
|
|
{{ else }}
|
|
$wgGroupPermissions['*']['read'] = true;
|
|
{{ end }}
|
|
|
|
{{ if ne (env "MEDIAWIKI_PROXY_SERVERS") "" }}
|
|
// In LocalSettings.php
|
|
$wgUseCdn = true;
|
|
$wgCdnServersNoPurge = [];
|
|
$wgCdnServersNoPurge[] = "{{ env "MEDIAWIKI_PROXY_SERVERS" }}";
|
|
{{ end }}
|
|
|
|
# Enabled skins.
|
|
# The following skins were automatically enabled:
|
|
wfLoadSkin( 'MonoBook' );
|
|
wfLoadSkin( 'Timeless' );
|
|
wfLoadSkin( 'Vector' );
|
|
wfLoadSkin( 'MinervaNeue' );
|
|
|
|
## Default skin: you can change the default skin. Use the internal symbolic
|
|
## names, ie 'vector', 'monobook':
|
|
|
|
{{ if eq (env "TWEEKI_ENABLED") "1" }}
|
|
wfLoadSkin( 'Tweeki' );
|
|
$wgDefaultSkin = "tweeki";
|
|
{{ else }}
|
|
$wgDefaultSkin = "vector";
|
|
{{ end }}
|
|
|
|
{{ if eq (env "MOBILEFRONTEND_ENABLED") "1" }}
|
|
wfLoadExtension( 'MobileFrontend' );
|
|
$wgDefaultMobileSkin = 'minerva';
|
|
{{ end }}
|
|
|
|
# Enabled extensions. Most of the extensions are enabled by adding
|
|
# wfLoadExtensions('ExtensionName');
|
|
# to LocalSettings.php. Check specific extension documentation for more details.
|
|
# The following extensions were automatically enabled:
|
|
wfLoadExtension( 'VisualEditor' );
|
|
|
|
wfLoadExtension( 'Interwiki' );
|
|
wfLoadExtension( 'Cite' );
|
|
wfLoadExtension( 'ParserFunctions' );
|
|
|
|
# End of automatically generated settings.
|
|
# Add more configuration options below.
|
|
|
|
$wgDefaultUserOptions['visualeditor-enable'] = 1;
|
|
|
|
$wgVisualEditorAllowLossySwitching = false;
|
|
|
|
{{ if eq (env "SAML_ENABLED") "1" }}
|
|
wfLoadExtension( 'PluggableAuth' );
|
|
|
|
wfLoadExtension( 'SimpleSAMLphp' );
|
|
|
|
$wgSimpleSAMLphp_InstallDir = "/var/simplesamlphp/";
|
|
|
|
$wgPluggableAuth_Config['Log in using my SAML'] = [
|
|
'plugin' => 'SimpleSAMLphp',
|
|
'data' => [
|
|
'authSourceId' => '{{ env "SAML_AUTH_SOURCE_ID" }}',
|
|
'usernameAttribute' => '{{ env "SAML_USERNAME_ATTRIBUTE" }}',
|
|
'realNameAttribute' => '{{ env "SAML_REAL_NAME_ATTRIBUTE" }}',
|
|
'emailAttribute' => '{{ env "SAML_EMAIL_ATTRIBUTE" }}'
|
|
]
|
|
];
|
|
|
|
$wgGroupPermissions['*']['autocreateaccount'] = true;
|
|
$wgGroupPermissions['*']['createaccount'] = false;
|
|
{{ end }}
|
|
|
|
{{ if eq (env "MEDIAWIKI_DEBUG") "1" }}
|
|
$wgDebugLogFile = "/var/log/debug-{$wgDBname}.log";
|
|
$wgShowExceptionDetails = true;
|
|
$wgDebugToolbar = true;
|
|
{{ end }}
|
|
|
|
{{ if eq (env "OPENID_ENABLED") "1" }}
|
|
wfLoadExtension( 'PluggableAuth' );
|
|
wfLoadExtension( 'OpenIDConnect' );
|
|
|
|
$wgPluggableAuth_Config[] = [
|
|
'plugin' => 'OpenIDConnect',
|
|
'data' => [
|
|
'providerURL' => '{{ env "OPENID_KEYCLOAK_URL" }}',
|
|
'clientID' => '{{ env "OPENID_CLIENT_ID"}}',
|
|
'clientsecret' => '{{ secret "openid_client_secret" }}'
|
|
]
|
|
];
|
|
|
|
$wgGroupPermissions['*']['autocreateaccount'] = true;
|
|
$wgGroupPermissions['*']['createaccount'] = false;
|
|
{{ end }}
|
|
|
|
{{ if env "SMTP_HOST" }}
|
|
$wgSMTP = [
|
|
'host' => '{{ env "SMTP_HOST" }}', // could also be an IP address. Where the SMTP server is located
|
|
'port' => {{ env "SMTP_PORT" }}, // Port to use when connecting to the SMTP server
|
|
{{ if env "SMTP_USER" }}
|
|
'auth' => true, // Should we use SMTP authentication (true or false)
|
|
'username' => '{{ env "SMTP_USER" }}', // Username to use for SMTP authentication (if being used)
|
|
'password' => '{{ secret "smtp_password" }}' // Password to use for SMTP authentication (if being used)
|
|
{{ else }}
|
|
'auth' => false
|
|
{{ end }}
|
|
];
|
|
{{ end }}
|
|
|
|
{{ if eq (env "MSU_ENABLED") "1" }}
|
|
wfLoadExtension( 'MsUpload' );
|
|
$wgAllowJavaUploads = true; // Solves problem with Office 2007 and newer files (docx, xlsx, etc.)
|
|
{{ end }}
|
|
|
|
{{ if eq (env "PAGEFORMS_ENABLED") "1" }}
|
|
wfLoadExtension( 'PageForms' );
|
|
{{ end }}
|
|
|
|
{{ if eq (env "PAGESCHEMAS_ENABLED") "1" }}
|
|
wfLoadExtension( 'PageSchemas' );
|
|
{{ end }}
|
|
|
|
{{ if eq (env "SEMANTICMW_ENABLED") "1" }}
|
|
wfLoadExtension( 'SemanticMediaWiki' );
|
|
enableSemantics( '{{ env "DOMAIN" }}' );
|
|
{{ end }}
|
|
|
|
{{ if eq (env "MARKDOWN_ENABLED") "1" }}
|
|
wfLoadExtension( 'WikiMarkdown' );
|
|
$wgAllowMarkdownExtra = true; // allows usage of Parsedown Extra
|
|
$wgAllowMarkdownExtended = true; // allows usage of Parsedown Extended
|
|
{{ end }}
|
|
|
|
$wgFileExtensions = array(
|
|
'png', 'gif', 'jpg', 'jpeg', 'doc', 'xls', 'mpp', 'pdf', 'ppt', 'tiff',
|
|
'bmp', 'docx', 'xlsx', 'pptx', 'ps', 'odt', 'ods', 'odp', 'odg'
|
|
);
|
|
|
|
$wgUploadSizeWarning = 1000000000;
|
|
$wgMaxUploadSize = 1000000000;
|
|
|
|
# Greatly relax IP-based throttling for logging in while we work around docker networking issues.
|
|
# https://social.coop/@flancian/110980993608947217
|
|
$wgPasswordAttemptThrottle = [
|
|
// Short term limit
|
|
[ 'count' => 9999, 'seconds' => 300 ],
|
|
// Long term limit. We need to balance the risk
|
|
// of somebody using this as a DoS attack to lock someone
|
|
// out of their account, and someone doing a brute force attack.
|
|
[ 'count' => 999999, 'seconds' => 60 * 60 * 48 ],
|
|
];
|
|
|