:site_readonly => params[:site_readonly] || FALSE,
:site_admin_user => "Admin",
:site_admin_pw => passwords["mediawiki-admin-user"],
- :enable_ssl => params[:enable_ssl] || FALSE
+ :enable_ssl => params[:enable_ssl] || FALSE,
+ :private => params[:private] || FALSE
}
#----------------
$wgGroupPermissions['bureaucrat']['deleterevision'] = true;
$wgGroupPermissions['bureaucrat']['suppressrevision'] = true;
$wgGroupPermissions['bureaucrat']['suppressionlog'] = true;
+<% if @mediawiki[:private] -%>
+
+#Disable reading by anonymous users
+$wgGroupPermissions['*']['read'] = false;
+
+#Allow anonymous users to access the login page
+$wgWhitelistRead = array ("Special:Userlogin");
+
+#Prevent new user registrations except by sysops
+$wgGroupPermissions['*']['createaccount'] = false;
+
+#Restrict access to the upload directory
+$wgUploadPath = "$wgScriptPath/img_auth.php";
+<% end -%>
#Allow Subpages on Main Namespace
$wgNamespacesWithSubpages[NS_MAIN] = true;
php_admin_flag engine off
Options -ExecCGI -Includes -Indexes
AllowOverride None
+<% if @mediawiki[:private] -%>
+<% if node[:lsb][:release].to_f >= 14.04 -%>
+ Require all denied
+<% else -%>
+ Order allow,deny
+ Deny from all
+<% end -%>
+<% end -%>
</Directory>
<Directory <%= @mediawiki[:directory] %>/images/thumb/>
projects / chef.git / commitdiff