blob: 2cff3f2cb94eae099276ca3d0f4f25ebf660116f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
MediaWiki
=========
Description
-----------
The `mediawiki` role installs and configures [MediaWiki](https://www.mediawiki.org/wiki/MediaWiki),
an open source wiki server.
This role configures the PHP application only; it does not configure a reverse
proxy.
Variables
---------
This role **accepts** the following variables:
Variable | Default | Description
-----------------------------------|------------------------------------------------------------------|------------
`mediawiki_version` | see [default vars](defaults/main.yml) | MediaWiki version to install
`mediawiki_extension_version` | see [default vars](defaults/main.yml) | MediaWiki extension version
`mediawiki_kerberized_cidrs` | `{{ kerberized_cidrs }}` | Client networks which support GSSAPI authentication
`mediawiki_user` | `s-mediawiki` | FreeIPA user account for MediaWiki (will be created)
`mediawiki_db_name` | `mediawiki` | PostgreSQL database name
`mediawiki_db_host` | `{{ postgresql_host }}` | PostgreSQL hostname
`mediawiki_access_group` | `role-wiki-access` | FreeIPA group of MediaWiki users (will be created)
`mediawiki_admin_group` | `role-wiki-admin` | FreeIPA group of MediaWiki administrators (will be created)
`mediawiki_max_upload_size` | `50M` | Maximum file upload size
`mediawiki_max_upload_count` | 32 | Maximum simultaneous uploads per client
`mediawiki_custom_namespaces` | `[]` | List of custom namespaces (see [format](#mediawiki_custom_namespaces) below)
`mediawiki_use_subpages` | yes | Allow hierarchical pages
`mediawiki_ldap_servers` | `{{ freeipa_hosts }}` | FreeIPA LDAP hosts
`mediawiki_sysaccount_username` | `mediawiki` | FreeIPA [system account](../freeipa_system_account/) username
`mediawiki_sysaccount_password` | | FreeIPA [system account](../freeipa_system_account/) password
`mediawiki_site_name` | `{{ organization }} Wiki` | Name of wiki
`mediawiki_meta_namespace` | `{{ organization }}` without whitespace | Name of the [meta namespace](https://www.mediawiki.org/wiki/Manual:$wgMetaNamespace)
`mediawiki_fqdn` | `{{ ansible_fqdn }}` | Canonical HTTP hostname
`mediawiki_admin_username` | `admin` | Username for built-in admin account
`mediawiki_admin_password` | | Password for built-in admin account
`mediawiki_emergency_contact` | `root@{{ email_domain }}` | [Emergency contact](https://www.mediawiki.org/wiki/Manual:$wgEmergencyContact) for wiki
`mediawiki_password_sender` | `wiki-noreply@{{ email_domain }}` | Email `From:` address for [password reminders](https://www.mediawiki.org/wiki/Manual:$wgPasswordSender)
`mediawiki_email_authentication` | no | Require [email address confirmation](https://www.mediawiki.org/wiki/Manual:$wgEmailAuthentication)
`mediawiki_local_timezone` | `{{ timezone }}` | [Timezone](https://www.mediawiki.org/wiki/Manual:$wgLocaltimezone) of the wiki
`mediawiki_language_code` | `en` | [Language code](https://www.mediawiki.org/wiki/Manual:$wgLanguageCode) of the wiki
`mediawiki_default_skin` | `vector` | Default skin
`mediawiki_default_mobile_skin` | `minerva` | Default skin for mobile devices
`mediawiki_disable_anonymous_read` | no | Disable anonymous read access
`mediawiki_disable_anonymous_edit` | yes | Disable anonymous write access
`mediawiki_apc_shm_size` | `256M` | PHP opcode cache size
`mediawiki_skins` | `['Vector', 'MinervaNeue']` | Skins to install
`mediawiki_logo_1x` | | Path to 1x-size [logo](https://www.mediawiki.org/wiki/Manual:$wgLogos)
`mediawiki_logo_icon` | | Path to icon-size [logo](https://www.mediawiki.org/wiki/Manual:$wgLogos)
`mediawiki_logo_favicon` | | Path to [favicon](https://www.mediawiki.org/wiki/Manual:$wgFavicon)
### mediawiki\_custom\_namespaces
The `mediawiki_custom_namespaces` variable is used to create [custom namespaces](https://www.mediawiki.org/wiki/Manual:Using_custom_namespaces)
with their own permission schemes. It should contain a list of dictionaries of
the following format:
Key | Default | Description
------------|---------|------------
`namespace` | | Namespace name
`id` | | Even namespace ID between 3000-4999
`talk_id` | | This **must** be the following odd integer
`restrict` | `{}` | Mapping of MediaWiki [permission](https://www.mediawiki.org/wiki/Manual:User_rights#List_of_permissions) (or `*`) to group names
### Exports
This role **exports** the following variables:
Variable | Description
-----------------------------|------------
`mediawiki_home` | Path to MediaWiki installation
`mediawiki_apache_config` | Apache config block for MediaWiki
`mediawiki_php_environment` | Dictionary of required environment variables for PHP
`mediawiki_php_admin_values` | Dictionary of required admin values for PHP
`mediawiki_archive_shell` | Shell command to generate backup tarball
Usage
-----
Example playbook:
````yaml
- name: configure mediawiki
hosts: wiki_servers
roles:
- role: mediawiki
vars:
mediawiki_site_name: Example Wiki
mediawiki_site_fqdn: wiki.example.com
mediawiki_logo_1x: ~/assets/mediawiki_1x.png
mediawiki_logo_icon: ~/assets/mediawiki_icon.png
mediawiki_favicon: ~/assets/mediawiki_favicon.ico
mediawiki_custom_namespaces:
- namespace: HumanResources
id: 3000
talk_id: 3001
restrict:
'*': ['hr']
'read': ['legal', 'bookkeeping']
- role: apache_vhost
apache_default_vhost: yes
apache_document_root: '{{ mediawiki_home }}'
apache_config: '{{ mediawiki_apache_config }}'
- role: php
php_fpm_environment: '{{ mediawiki_php_environment }}'
php_fpm_admin_values: '{{ mediawiki_php_admin_values }}'
````
|