[MediaWiki-commits] [Gerrit] Private role for vagrant - change (mediawiki/vagrant)

jenkins-bot (Code Review) Sun, 29 Mar 2015 18:06:07 -0700

jenkins-bot has submitted this change and it was merged.

Change subject: Private role for vagrant
......................................................................



Private role for vagrant

Bug: T78227
Change-Id: Iaae3f821414cd0349b16823811675ea629ae38db
---
A puppet/modules/role/manifests/private.pp
A puppet/modules/role/templates/private_deny_images.conf.erb
A puppet/modules/role/templates/private_local_repo.php.erb
A puppet/modules/role/templates/private_rights.php.erb
4 files changed, 73 insertions(+), 0 deletions(-)

Approvals:
  BryanDavis: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/puppet/modules/role/manifests/private.pp 
b/puppet/modules/role/manifests/private.pp
new file mode 100644
index 0000000..7df203f
--- /dev/null
+++ b/puppet/modules/role/manifests/private.pp
@@ -0,0 +1,35 @@
+# == Class: role::private
+# This role creates one additional wiki, private.wiki.local.wmftest.net
+# which is configured to approximate the setup of the private WMF wikis
+#
+class role::private {
+    require ::role::mediawiki
+
+    mediawiki::wiki { 'private': }
+
+    mediawiki::settings { 'private:general':
+        values => {
+            wgUploadPath                        => '/w/img_auth.php',
+            wgThumbnailScriptPath               => '/w/thumb.php',
+            wgWhitelistRead                     => ['Main Page', 
'Special:UserLogin', 'Special:UserLogout'],
+            wgEmailAuthentication               => false,
+            wgBlockDisablesLogin                => true,
+            wgVisualEditorParsoidForwardCookies => true,
+        },
+    }
+    mediawiki::settings { 'private:repo':
+        values => template('role/private_local_repo.php.erb'),
+    }
+    mediawiki::settings { 'private:rights':
+        values => template('role/private_rights.php.erb'),
+    }
+
+    apache::site_conf { 'private_deny_images':
+        site    => $::mediawiki::wiki_name,
+        content => template('role/private_deny_images.conf.erb'),
+        require => Mediawiki::Wiki['private'],
+    }
+
+    # GlobalUsage (from the commons role) should be disabled but there is no 
easy way to do that
+}
+
diff --git a/puppet/modules/role/templates/private_deny_images.conf.erb 
b/puppet/modules/role/templates/private_deny_images.conf.erb
new file mode 100644
index 0000000..3461e42
--- /dev/null
+++ b/puppet/modules/role/templates/private_deny_images.conf.erb
@@ -0,0 +1,4 @@
+<Directory /srv/privateimages>
+    Deny from all
+</Directory>
+
diff --git a/puppet/modules/role/templates/private_local_repo.php.erb 
b/puppet/modules/role/templates/private_local_repo.php.erb
new file mode 100644
index 0000000..4c73c7b
--- /dev/null
+++ b/puppet/modules/role/templates/private_local_repo.php.erb
@@ -0,0 +1,17 @@
+$wgLocalFileRepo = array(
+       'class'             => 'LocalRepo',
+       'name'              => 'local',
+       'backend'           => 'local-backend',
+       'directory'         => $wgUploadDirectory,
+       'scriptDirUrl'      => $wgScriptPath,
+       'scriptExtension'   => $wgScriptExtension,
+       'url'               => $wgUploadBaseUrl ? $wgUploadBaseUrl . 
$wgUploadPath : $wgUploadPath,
+       'hashLevels'        => $wgHashedUploadDirectory ? 2 : 0,
+       'thumbScriptUrl'    => $wgThumbnailScriptPath,
+       'transformVia404'   => !$wgGenerateThumbnailOnParse,
+       'deletedDir'        => $wgDeletedDirectory,
+       'deletedHashLevels' => $wgHashedUploadDirectory ? 3 : 0,
+       'isPrivate'         => true,
+       'zones'             => array( 'thumb' => array( 'url' => 
"$wgScriptPath/thumb_handler.php" ) ),
+);
+
diff --git a/puppet/modules/role/templates/private_rights.php.erb 
b/puppet/modules/role/templates/private_rights.php.erb
new file mode 100644
index 0000000..097fa46
--- /dev/null
+++ b/puppet/modules/role/templates/private_rights.php.erb
@@ -0,0 +1,17 @@
+$wgGroupPermissions['*'] = array(
+       'read'                          => false,
+       'edit'                          => false,
+       'createaccount'                 => false,
+) + $wgGroupPermissions['*'];
+
+$wgGroupPermissions['user'] = array(
+       'move'                          => true,
+       'upload'                        => true,
+       'autoconfirmed'                 => true,
+       'editsemiprotected'             => true,
+       'reupload'                      => true,
+       'skipcaptcha'                   => true,
+       'collectionsaveascommunitypage' => true,
+       'collectionsaveasuserpage'      => true,
+) + $wgGroupPermissions['user'];
+

-- 
To view, visit https://gerrit.wikimedia.org/r/183009
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: Iaae3f821414cd0349b16823811675ea629ae38db
Gerrit-PatchSet: 3
Gerrit-Project: mediawiki/vagrant
Gerrit-Branch: master
Gerrit-Owner: Gergő Tisza <gti...@wikimedia.org>
Gerrit-Reviewer: BryanDavis <bda...@wikimedia.org>
Gerrit-Reviewer: Dduvall <dduv...@wikimedia.org>
Gerrit-Reviewer: Gilles <gdu...@wikimedia.org>
Gerrit-Reviewer: MaxSem <maxsem.w...@gmail.com>
Gerrit-Reviewer: Ori.livneh <o...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] Private role for vagrant - change (mediawiki/vagrant)

Reply via email to