$wgScriptExtension = ".php";
## The protocol and server name to use in fully-qualified URLs
-$wgServer = "//<%= @mediawiki[:site] %>";
-$wgInternalServer = 'http://<%= @mediawiki[:site] %>';
+$wgServer = "//<%= @name %>";
+$wgInternalServer = 'http://<%= @name %>';
-<% if @mediawiki[:enable_ssl] -%>
+<% if @mediawiki[:ssl_enabled] -%>
$wgSecureLogin = true;
$wgDefaultUserOptions['prefershttps'] = 0;
<% end -%>
$wgFileExtensions[] = 'odt';
$wgFileExtensions[] = 'odp';
$wgFileExtensions[] = 'svg';
+<% @mediawiki[:extra_file_extensions].each do |mw_extra_file_extension| -%>
+ $wgFileExtensions[] = '<%= mw_extra_file_extension %>';
+<% end -%>
$wgSVGConverters = array( 'rsvg' => '/usr/bin/rsvg-convert -w $width -h $height -o $output $input');
$wgSVGConverter = 'rsvg';
# Site language code, should be one of the list in ./languages/Names.php
$wgLanguageCode = "en";
-$wgSecretKey = "<%= @node[:mediawiki][:sites][@name][:wgSecretKey] %>";
+$wgSecretKey = '<%= @node[:mediawiki][:sites][@name][:wgSecretKey] %>';
# Site upgrade key. Must be set to a string (default provided) to turn on the
# web installer while LocalSettings.php is in place
#Only Allow Signed-in users to edit
$wgGroupPermissions['*']['edit'] = false;
+#Only allow autoconfirmed for a few actions
+$wgGroupPermissions['user']['move'] = false;
+$wgGroupPermissions['user']['movefile'] = false;
+$wgGroupPermissions['user']['move-categorypages'] = false;
+$wgGroupPermissions['user']['upload'] = false;
+$wgGroupPermissions['autoconfirmed']['move'] = false;
+$wgGroupPermissions['autoconfirmed']['movefile'] = false;
+$wgGroupPermissions['autoconfirmed']['move-categorypages'] = false;
+$wgGroupPermissions['autoconfirmed']['upload'] = true;
+
#Allow bureaucrat group access to oversight options
$wgGroupPermissions['bureaucrat']['hideuser'] = true;
$wgGroupPermissions['bureaucrat']['deletelogentry'] = true;
$wgGroupPermissions['bureaucrat']['suppressrevision'] = true;
$wgGroupPermissions['bureaucrat']['suppressionlog'] = true;
+<% if @mediawiki[:private_accounts] -%>
+#Prevent new user registrations except by existing users
+$wgGroupPermissions['*']['createaccount'] = false;
+$wgGroupPermissions['user']['createaccount'] = true;
+<% end -%>
+<% if @mediawiki[:private] -%>
+
+#Disable reading by anonymous users
+$wgGroupPermissions['*']['read'] = false;
+
+#Allow anonymous users to access the login page
+$wgWhitelistRead = array ("Special:Userlogin");
+
+#Prevent new user registrations except by sysops
+$wgGroupPermissions['*']['createaccount'] = false;
+
+#Restrict access to the upload directory
+$wgUploadPath = "$wgScriptPath/img_auth.php";
+<% end -%>
+
#Allow Subpages on Main Namespace
$wgNamespacesWithSubpages[NS_MAIN] = true;
#DNS Blacklists to use
$wgEnableDnsBlacklist = true;
-$wgDnsBlacklistUrls = array( 'proxies.dnsbl.sorbs.net.', 'opm.tornevall.org.', 'xbl.spamhaus.org.' );
+$wgDnsBlacklistUrls = array( 'proxies.dnsbl.sorbs.net.', 'opm.tornevall.org.', 'xbl.spamhaus.org.', 'dnsbl-3.uceprotect.net.' );
+
+#Require validated email to edit
+$wgEmailConfirmToEdit = true;
+
+# Extend autoblock period
+$wgAutoblockExpiry = 7776000; // 90 days
+
+# Spam filter regex
+$wgSpamRegex = '/\b(epson|brother|canon|hp|kodak|lexmark|mcafee|norton|avira|kaspersky|avg|avast|microsoft|outlook|printer|quickbooks( payroll)?)( helpline| customer|( technical| tech)| customer service)? (support number|phone number|support phone number|care number)\b/i';
+
+#Autopromote users to autoconfirmed
+$wgAutoConfirmAge = 345600; // 4 days
+$wgAutoConfirmCount = 10;
#Disable Hit Counter for Performance
$wgDisableCounters = TRUE;
$wgReadOnly = "<%= @mediawiki[:site_readonly] %>";
<% end -%>
-<% Dir.glob("#{@mediawiki[:directory]}/LocalSettings.d/*.php") do |file| -%>
+<% Dir.glob("#{@directory}/LocalSettings.d/*.php") do |file| -%>
<%= "require_once('#{file}');" %>
<% end -%>
-