X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/9b8faa3fefb5e71b55429bc6b86ba72383cbf3eb..9bb700cfe792fea35319206696cf4764a19c8f5a:/cookbooks/mediawiki/templates/default/LocalSettings.php.erb?ds=sidebyside diff --git a/cookbooks/mediawiki/templates/default/LocalSettings.php.erb b/cookbooks/mediawiki/templates/default/LocalSettings.php.erb index f8ad62897..9070c0ee8 100644 --- a/cookbooks/mediawiki/templates/default/LocalSettings.php.erb +++ b/cookbooks/mediawiki/templates/default/LocalSettings.php.erb @@ -25,6 +25,7 @@ $wgScriptExtension = ".php"; ## The protocol and server name to use in fully-qualified URLs $wgServer = "//<%= @name %>"; $wgInternalServer = 'https://<%= @name %>'; +$wgCanonicalServer = 'https://<%= @name %>'; $wgSecureLogin = true; $wgDefaultUserOptions['prefershttps'] = 1; @@ -45,6 +46,7 @@ $wgEnableUserEmail = true; # UPO $wgEmergencyContact = "<%= @mediawiki[:email_contact] %>"; $wgPasswordSender = "<%= @mediawiki[:email_sender] %>"; $wgPasswordSenderName = "<%= @mediawiki[:email_sender_name] %>"; //Replaced by MediaWiki:Emailsender in v1.23.0 +$wgNoReplyAddress = "<%= @mediawiki[:email_sender] %>"; $wgEnotifUserTalk = true; # UPO $wgEnotifWatchlist = true; # UPO @@ -52,6 +54,15 @@ $wgEmailAuthentication = true; $wgEnotifUseJobQ = true; +$wgSMTP = [ + "host" => "localhost", + "socket_options" => [ + "ssl" => [ + "verify_peer_name" => false + ] + ] +]; + ## Database settings $wgDBtype = "mysql"; $wgDBserver = "<%= @database_params[:host] %>"; @@ -70,6 +81,9 @@ $wgDBmysql5 = false; ## Shared memory settings $wgMainCacheType = CACHE_MEMCACHED; +$wgParserCacheType = CACHE_MEMCACHED; +$wgMessageCacheType = CACHE_MEMCACHED; +$wgSessionCacheType = CACHE_MEMCACHED; $wgMemCachedServers = array('127.0.0.1:11211'); $wgSessionsInObjectCache = TRUE; @@ -87,13 +101,13 @@ $wgMaxShellTime = 360; $wgMaxShellWallClockTime = 360; # Allow some more upload extensions -$wgFileExtensions[] = 'doc'; $wgFileExtensions[] = 'pdf'; $wgFileExtensions[] = 'odt'; $wgFileExtensions[] = 'odp'; $wgFileExtensions[] = 'ods'; $wgFileExtensions[] = 'svg'; $wgFileExtensions[] = 'osm'; +$wgFileExtensions[] = 'odg'; <% @mediawiki[:extra_file_extensions].each do |mw_extra_file_extension| -%> $wgFileExtensions[] = '<%= mw_extra_file_extension %>'; <% end -%> @@ -110,13 +124,6 @@ $wgSVGConverters = array( 'rsvg' => '/usr/bin/rsvg-convert -w $width -h $height $wgSVGConverter = 'rsvg'; $wgSVGMaxSize = 2000; -# InstantCommons allows wiki to use images from https://commons.wikimedia.org -<% if @mediawiki[:commons] -%> -$wgUseInstantCommons = true; -<% else -%> -$wgUseInstantCommons = false; -<% end -%> - ## If you use ImageMagick (or any other shell command) on a ## Linux server, this will need to be set to the name of an ## available UTF-8 locale @@ -131,12 +138,16 @@ $wgShellLocale = "en_US.utf8"; ## Set $wgCacheDirectory to a writable directory on the web server ## to make your wiki go slightly faster. The directory should not ## be publically accessible from the web. -#$wgCacheDirectory = "$IP/cache"; +$wgCacheDirectory = "$IP/cache"; # Site language code, should be one of the list in ./languages/Names.php $wgLanguageCode = "en"; -$wgSecretKey = '<%= @node[:mediawiki][:sites][@name][:wgSecretKey] %>'; +## Enable setting the page content language by users +$wgPageLanguageUseDB = true; +$wgGroupPermissions['user']['pagelang'] = true; + +$wgSecretKey = '<%= @secret_key %>'; # Site upgrade key. Must be set to a string (default provided) to turn on the # web installer while LocalSettings.php is in place @@ -168,88 +179,127 @@ $wgResourceLoaderMaxQueryLength = -1; # End of automatically generated settings. # Add more configuration options below. -#Only Allow Signed-in users to edit +# Only Allow Signed-in users to edit $wgGroupPermissions['*']['edit'] = false; -#Only allow autoconfirmed for a few actions -$wgGroupPermissions['user']['move'] = false; -$wgGroupPermissions['user']['movefile'] = false; -$wgGroupPermissions['user']['move-categorypages'] = false; -$wgGroupPermissions['user']['upload'] = false; -$wgGroupPermissions['autoconfirmed']['move'] = true; -$wgGroupPermissions['autoconfirmed']['movefile'] = true; -$wgGroupPermissions['autoconfirmed']['move-categorypages'] = true; -$wgGroupPermissions['autoconfirmed']['upload'] = true; - -#Allow bureaucrat group access to oversight options +# Allow bureaucrat group access to oversight options $wgGroupPermissions['bureaucrat']['hideuser'] = true; $wgGroupPermissions['bureaucrat']['deletelogentry'] = true; $wgGroupPermissions['bureaucrat']['deleterevision'] = true; $wgGroupPermissions['bureaucrat']['suppressrevision'] = true; $wgGroupPermissions['bureaucrat']['suppressionlog'] = true; +# Since 1.32 MW introduced interface-admin group to separate all UI-related rights. This makes sense for bigger sites, +# but for OSM it makes more sense to keep group structure simple. Give all interface-admin rights to sysops. +# Also remove the interface-admin group to avoid confusion. +$wgGroupPermissions['sysop'] = array_merge( $wgGroupPermissions['sysop'], $wgGroupPermissions['interface-admin'] ); +unset( $wgGroupPermissions['interface-admin'] ); +unset( $wgRevokePermissions['interface-admin'] ); +unset( $wgAddGroups['interface-admin'] ); +unset( $wgRemoveGroups['interface-admin'] ); +unset( $wgGroupsAddToSelf['interface-admin'] ); +unset( $wgGroupsRemoveFromSelf['interface-admin'] ); + +# The v1.32+ gadget system also requires two additional rights +# See https://www.mediawiki.org/wiki/Extension:Gadgets +$wgGroupPermissions['sysop']['gadgets-edit'] = true; +$wgGroupPermissions['sysop']['gadgets-definition-edit'] = true; + <% if @mediawiki[:private_accounts] -%> -#Prevent new user registrations except by existing users +# Prevent new user registrations except by existing users $wgGroupPermissions['*']['createaccount'] = false; $wgGroupPermissions['user']['createaccount'] = true; <% end -%> -<% if @mediawiki[:private_site] -%> -#Disable reading by anonymous users +<% if @mediawiki[:private_site] -%> +# Disable reading by anonymous users $wgGroupPermissions['*']['read'] = false; -#Allow anonymous users to access the login page +# Allow anonymous users to access the login page $wgWhitelistRead = array ("Special:Userlogin"); -#Prevent new user registrations except by sysops +# Prevent new user registrations except by sysops $wgGroupPermissions['*']['createaccount'] = false; -#Restrict access to the upload directory +# Restrict access to the upload directory $wgUploadPath = "$wgScriptPath/img_auth.php"; <% end -%> -#Allow Subpages on Main Namespace +# Allow Subpages on Main Namespace $wgNamespacesWithSubpages[NS_MAIN] = true; -#DNS Blacklists to use +# DNS Blacklists to use $wgEnableDnsBlacklist = true; -$wgDnsBlacklistUrls = array( 'proxies.dnsbl.sorbs.net.', 'opm.tornevall.org.', 'xbl.spamhaus.org.', 'dnsbl-3.uceprotect.net.' ); - -#Require validated email to edit +$wgDnsBlacklistUrls = [ + 'proxies.dnsbl.sorbs.net.', + 'opm.tornevall.org.', + 'xbl.spamhaus.org.', + 'dnsbl-2.uceprotect.net.' +]; + +# Require validated email to edit $wgEmailConfirmToEdit = true; # Extend autoblock period $wgAutoblockExpiry = 7776000; // 90 days -# Spam filter regex -$wgSpamRegex = '/\b(gmail|dell|asus|eps(o|0)n|br(o|0)ther|can(o|0)n|hp|k(o|0)dak|lexmark|mcafee|bitdefender|n(o|0)rt(o|0)n( 360)?|avira|kaspersky|avg|avast|micr(o|0)s(o|0)ft|(o|0)utl(o|0)(o|0)k|printer|netgear( r(o|0)uter)?|quickb(o|0)(o|0)ks( payr(o|0)ll)?)( antivirus)?( helpline| cust(o|0)mer|( technical| tech)| cust(o|0)mer service)? (supp(o|0)rt number|ph(o|0)ne number|supp(o|0)rt ph(o|0)ne number|care number|helpdesk number)\b/i'; - -#Autopromote users to autoconfirmed -$wgAutoConfirmAge = 345600; // 4 days -$wgAutoConfirmCount = 10; - -#Disable Hit Counter for Performance +# Disable Hit Counter for Performance $wgDisableCounters = TRUE; -#Disable IP in Header to avoid cache issue +# Disable IP in Header to avoid cache issue $wgShowIPinHeader = FALSE; -#Job Runs by cron +# Job Runs by cron $wgJobRunRate = 0; +# dissolves double redirects automatically +$wgFixDoubleRedirects = TRUE; + # Allow external images from a few sites -$wgAllowExternalImagesFrom = array( 'http://tile.openstreetmap.org/', 'http://svenanders.openstreetmap.de/', 'http://josm.openstreetmap.de/', 'http://trac.openstreetmap.org/', 'http://rweait.dev.openstreetmap.org/' ); +$wgAllowExternalImagesFrom = [ + 'http://tile.openstreetmap.org/', + 'https://tile.openstreetmap.org', + 'http://josm.openstreetmap.de/' +]; + +$wgNoFollowDomainExceptions = [ + 'www.openstreetmap.org', + 'josm.openstreetmap.de', + 'taginfo.openstreetmap.org', + 'blog.openstreetmap.org', + 'forum.openstreetmap.org', + 'community.openstreetmap.org', + 'lists.openstreetmap.org', + 'help.openstreetmap.org', + 'switch2osm.org', + 'wiki.osmfoundation.org', + 'www.openstreetmap.us', + 'learnosm.org', + 'nominatim.org', + 'openstreetmap.community', + 'www.openstreetbrowser.org', + 'openinframap.org', + 'leafletjs.com' +]; + +# FIXME - move to specific +$wgAllowUserJs = TRUE; +$wgAllowUserCss = TRUE; -$wgNoFollowDomainExceptions = array( 'www.openstreetmap.org', 'josm.openstreetmap.de', 'taginfo.openstreetmap.org', 'blog.openstreetmap.org', 'wiki.osmfoundation.org' ); +# Raise expensive lua (and other function) call limits to match WP +# Docs: https://www.mediawiki.org/wiki/Manual:$wgExpensiveParserFunctionLimit +# Wikipedia's Config: https://noc.wikimedia.org/conf/highlight.php?file=CommonSettings.php +$wgExpensiveParserFunctionLimit = 500; -#FIXME - move to specific -$wgForceUIMsgAsContentMsg = array( 'mainpage-url', 'portal-url', 'mapfeatures-url', 'helppage' ); -#FIXME - move to specific -$wgAllowUserJs = TRUE; -$wgAllowUserCss = TRUE; +<% if @mediawiki[:site_notice] -%> +$wgSiteNotice = "<%= @mediawiki[:site_notice] %>"; +<% end -%> +<% if @mediawiki[:site_readonly] -%> +$wgReadOnly = "<%= @mediawiki[:site_readonly] %>"; +<% end -%> -#FIXME - move to specific -#DE +<% if @name == "wiki.openstreetmap.org" -%> +# DE define('NS_LANG_DE', 200); $wgExtraNamespaces[NS_LANG_DE] = 'DE'; $wgNamespacesWithSubpages[NS_LANG_DE] = TRUE; @@ -258,7 +308,7 @@ define('NS_LANG_DE_TALK', 201); $wgExtraNamespaces[NS_LANG_DE_TALK] = 'DE_talk'; $wgNamespacesWithSubpages[NS_LANG_DE_TALK] = TRUE; -#FR +# FR define('NS_LANG_FR', 202); $wgExtraNamespaces[NS_LANG_FR] = 'FR'; $wgNamespacesWithSubpages[NS_LANG_FR] = TRUE; @@ -267,7 +317,7 @@ define('NS_LANG_FR_TALK', 203); $wgExtraNamespaces[NS_LANG_FR_TALK] = 'FR_talk'; $wgNamespacesWithSubpages[NS_LANG_FR_TALK] = TRUE; -#ES +# ES define('NS_LANG_ES', 204); $wgExtraNamespaces[NS_LANG_ES] = 'ES'; $wgNamespacesWithSubpages[NS_LANG_ES] = TRUE; @@ -276,7 +326,7 @@ define('NS_LANG_ES_TALK', 205); $wgExtraNamespaces[NS_LANG_ES_TALK] = 'ES_talk'; $wgNamespacesWithSubpages[NS_LANG_ES_TALK] = TRUE; -#IT +# IT define('NS_LANG_IT', 206); $wgExtraNamespaces[NS_LANG_IT] = 'IT'; $wgNamespacesWithSubpages[NS_LANG_IT] = TRUE; @@ -285,7 +335,7 @@ define('NS_LANG_IT_TALK', 207); $wgExtraNamespaces[NS_LANG_IT_TALK] = 'IT_talk'; $wgNamespacesWithSubpages[NS_LANG_IT_TALK] = TRUE; -#NL +# NL define('NS_LANG_NL', 208); $wgExtraNamespaces[NS_LANG_NL] = 'NL'; $wgNamespacesWithSubpages[NS_LANG_NL] = TRUE; @@ -294,7 +344,7 @@ define('NS_LANG_NL_TALK', 209); $wgExtraNamespaces[NS_LANG_NL_TALK] = 'NL_talk'; $wgNamespacesWithSubpages[NS_LANG_NL_TALK] = TRUE; -#RU +# RU define('NS_LANG_RU', 210); $wgExtraNamespaces[NS_LANG_RU] = 'RU'; $wgNamespacesWithSubpages[NS_LANG_RU] = TRUE; @@ -303,7 +353,7 @@ define('NS_LANG_RU_TALK', 211); $wgExtraNamespaces[NS_LANG_RU_TALK] = 'RU_talk'; $wgNamespacesWithSubpages[NS_LANG_RU_TALK] = TRUE; -#JA +# JA define('NS_LANG_JA', 212); $wgExtraNamespaces[NS_LANG_JA] = 'JA'; $wgNamespacesWithSubpages[NS_LANG_JA] = TRUE; @@ -312,6 +362,17 @@ define('NS_LANG_JA_TALK', 213); $wgExtraNamespaces[NS_LANG_JA_TALK] = 'JA_talk'; $wgNamespacesWithSubpages[NS_LANG_JA_TALK] = TRUE; +# Proposal +# namespace features a specific search weight defined at +# cookbooks/mediawiki/templates/default/mw-ext-CirrusSearch.inc.php.erb +define('NS_PROPOSAL', 3000); +$wgExtraNamespaces[NS_PROPOSAL] = 'Proposal'; +$wgNamespacesWithSubpages[NS_PROPOSAL] = TRUE; +$wgContentNamespaces[] = NS_PROPOSAL; +define('NS_PROPOSAL_TALK', 3001); +$wgExtraNamespaces[NS_PROPOSAL_TALK] = 'Proposal_talk'; +$wgNamespacesWithSubpages[NS_PROPOSAL_TALK] = TRUE; + $wgNamespacesToBeSearchedDefault[NS_LANG_DE] = TRUE; $wgNamespacesToBeSearchedDefault[NS_LANG_FR] = TRUE; $wgNamespacesToBeSearchedDefault[NS_LANG_ES] = TRUE; @@ -319,14 +380,57 @@ $wgNamespacesToBeSearchedDefault[NS_LANG_IT] = TRUE; $wgNamespacesToBeSearchedDefault[NS_LANG_NL] = TRUE; $wgNamespacesToBeSearchedDefault[NS_LANG_RU] = TRUE; $wgNamespacesToBeSearchedDefault[NS_LANG_JA] = TRUE; +$wgNamespacesToBeSearchedDefault[NS_PROPOSAL] = TRUE; -<% if @mediawiki[:site_notice] -%> -$wgSiteNotice = "<%= @mediawiki[:site_notice] %>"; -<% end -%> -<% if @mediawiki[:site_readonly] -%> -$wgReadOnly = "<%= @mediawiki[:site_readonly] %>"; +# defines which links of the sidebar are translatable +$wgForceUIMsgAsContentMsg = array( 'mainpage-url', 'mapfeatures-url', 'contributors-url', 'helppage', 'blogs-url', 'shop-url', 'sitesupport-url' ); <% end -%> +# load extensions <% Dir.glob("#{@directory}/LocalSettings.d/*.php") do |file| -%> <%= "require_once('#{file}');" %> <% end -%> + +<% if @name == "wiki.openstreetmap.org" -%> +# wiki.openstreetmap.org specific config loaded after extensions +$wgRCWatchCategoryMembership = true; +<% end -%> + +<% if not(@mediawiki[:private_accounts]) and not(@mediawiki[:private_site]) -%> +# require user confirmation for certain actions +$wgGroupPermissions['user']['move'] = false; +$wgGroupPermissions['user']['movefile'] = false; +$wgGroupPermissions['user']['move-categorypages'] = false; +$wgGroupPermissions['user']['upload'] = false; +$wgGroupPermissions['autoconfirmed']['move'] = true; +$wgGroupPermissions['autoconfirmed']['movefile'] = true; +$wgGroupPermissions['autoconfirmed']['move-categorypages'] = true; +$wgGroupPermissions['autoconfirmed']['upload'] = true; +# Autopromote users to autoconfirmed +$wgAutoConfirmAge = 345600; // 4 days +$wgAutoConfirmCount = 10; + +# user group "confirmed" with identical rights as "autoconfirmed", but assigned manually by sysops +$wgGroupPermissions['confirmed'] = $wgGroupPermissions['autoconfirmed']; +$wgAddGroups['sysop'][] = 'confirmed'; +$wgRemoveGroups['sysop'][] = 'confirmed'; +<% end -%> + +<% if @mediawiki[:private_accounts] or @mediawiki[:private_site] -%> +# disable automatic confirmation of users, grant all "autoconfirmed" rights to all users +$wgAutoConfirmAge = 0; +$wgAutoConfirmCount = 0; +$wgGroupPermissions['user'] = array_merge( $wgGroupPermissions['user'], $wgGroupPermissions['autoconfirmed'] ); + +unset( $wgGroupPermissions['autoconfirmed'] ); +unset( $wgRevokePermissions['autoconfirmed'] ); +unset( $wgAddGroups['autoconfirmed'] ); +unset( $wgRemoveGroups['autoconfirmed'] ); +unset( $wgGroupsAddToSelf['autoconfirmed'] ); +unset( $wgGroupsRemoveFromSelf['autoconfirmed'] ); +<% end -%> + +# Increase curl timeout to allow parsoid requests to heavy pages like Map Features +# Mediawiki 1.38 has fix to allow this to be set by $wgVirtualRestConfig +# https://phabricator.wikimedia.org/T285478 +$wgHTTPTimeout = 240;