$wgEmergencyContact = "<%= @mediawiki[:email_contact] %>";
$wgPasswordSender = "<%= @mediawiki[:email_sender] %>";
$wgPasswordSenderName = "<%= @mediawiki[:email_sender_name] %>"; //Replaced by MediaWiki:Emailsender in v1.23.0
+$wgNoReplyAddress = "<%= @mediawiki[:email_sender] %>";
$wgEnotifUserTalk = true; # UPO
$wgEnotifWatchlist = true; # UPO
$wgPageLanguageUseDB = true;
$wgGroupPermissions['user']['pagelang'] = true;
-$wgSecretKey = '<%= @node[:mediawiki][:sites][@name][:wgSecretKey] %>';
+$wgSecretKey = '<%= @secret_key %>';
# Site upgrade key. Must be set to a string (default provided) to turn on the
# web installer while LocalSettings.php is in place
$wgGroupPermissions['bureaucrat']['suppressrevision'] = true;
$wgGroupPermissions['bureaucrat']['suppressionlog'] = true;
+# Since 1.32 MW introduced interface-admin group to separate all UI-related rights. This makes sense for bigger sites,
+# but for OSM it makes more sense to keep group structure simple. Give all interface-admin rights to sysops.
+# Also remove the interface-admin group to avoid confusion.
+$wgGroupPermissions['sysop'] = array_merge( $wgGroupPermissions['sysop'], $wgGroupPermissions['interface-admin'] );
+unset( $wgGroupPermissions['interface-admin'] );
+unset( $wgRevokePermissions['interface-admin'] );
+unset( $wgAddGroups['interface-admin'] );
+unset( $wgRemoveGroups['interface-admin'] );
+unset( $wgGroupsAddToSelf['interface-admin'] );
+unset( $wgGroupsRemoveFromSelf['interface-admin'] );
+
+# The v1.32+ gadget system also requires two additional rights
+# See https://www.mediawiki.org/wiki/Extension:Gadgets
+$wgGroupPermissions['sysop']['gadgets-edit'] = true;
+$wgGroupPermissions['sysop']['gadgets-definition-edit'] = true;
+
<% if @mediawiki[:private_accounts] -%>
# Prevent new user registrations except by existing users
$wgGroupPermissions['*']['createaccount'] = false;
# Prevent new user registrations except by sysops
$wgGroupPermissions['*']['createaccount'] = false;
-# Since 1.32 MW introduced interface-admin group to separate all UI-related rights. This makes sense for bigger sites,
-# but for OSM it makes more sense to keep group structure simple. Give all interface-admin rights to sysops.
-# Also remove the interface-admin group to avoid confusion.
-$wgGroupPermissions['sysop'] = array_merge( $wgGroupPermissions['sysop'], $wgGroupPermissions['interface-admin'] );
-unset( $wgGroupPermissions['interface-admin'] );
-unset( $wgRevokePermissions['interface-admin'] );
-unset( $wgAddGroups['interface-admin'] );
-unset( $wgRemoveGroups['interface-admin'] );
-unset( $wgGroupsAddToSelf['interface-admin'] );
-unset( $wgGroupsRemoveFromSelf['interface-admin'] );
-
# Restrict access to the upload directory
$wgUploadPath = "$wgScriptPath/img_auth.php";
<% end -%>
+<% if not(@mediawiki[:private_accounts]) and not(@mediawiki[:private_site]) -%>
+# user group "confirmed" with identical rights as "autoconfirmed", but assigned manually by sysops
+$wgGroupPermissions['confirmed'] = $wgGroupPermissions['autoconfirmed'];
+$wgAddGroups['sysop'][] = 'confirmed';
+$wgRemoveGroups['sysop'][] = 'confirmed';
+<% end -%>
+
# Allow Subpages on Main Namespace
$wgNamespacesWithSubpages[NS_MAIN] = true;
# DNS Blacklists to use
$wgEnableDnsBlacklist = true;
-$wgDnsBlacklistUrls = array( 'proxies.dnsbl.sorbs.net.', 'opm.tornevall.org.', 'xbl.spamhaus.org.', 'dnsbl-3.uceprotect.net.' );
+$wgDnsBlacklistUrls = array( 'proxies.dnsbl.sorbs.net.', 'opm.tornevall.org.', 'xbl.spamhaus.org.', 'dnsbl-2.uceprotect.net.' );
# Require validated email to edit
$wgEmailConfirmToEdit = true;
projects / chef.git / blobdiff