update latest

[mediawiki-setup] / Mediawiki_Setup_Guide

diff --git a/Mediawiki_Setup_Guide b/Mediawiki_Setup_Guide
index 74ca3a8100106eef68d0cfc3abfe0cb7614ad7eb..81f4d62dba3c76fa4b9d577331ebd4355f3ee661 100644 (file)
--- a/Mediawiki_Setup_Guide
+++ b/Mediawiki_Setup_Guide
@@ -6,24 +6,23 @@
 
 * Good recommendations. Official docs mostly avoid recommendations among a myriad of possibilities
 * Closely references & supplements official documentation
 
 * Good recommendations. Official docs mostly avoid recommendations among a myriad of possibilities
 * Closely references & supplements official documentation

+* Automatic security updates

 * Explicit automation support wherever practical
 * Explicit automation support wherever practical

-* Used to setup this site (style optional)
-* Contributions welcome and will be updated/tested on this very site!
+* Used to setup this site (style is optional)

 * Support for multiple gnu/linux distros
 * Support for multiple gnu/linux distros

-* Holistic scope (backups, server setup), but sections stand on their own
-* Explicit support for production & local testing instance. Additions for production like https and web analytics.
-* Edits to this page are closely monitored by the original author.
+* Holistic scope (backups, server setup), but sections are independent
+* Code blocks are [https://en.wikipedia.org/wiki/Idempotent idempotent]
+* Edits to this page are tested on this site and reviewed by the main author.

 
 '''Assumptions'''
 
 
 '''Assumptions'''
 

-* Self hosting, single GNU/Linux system with Bash shell
-* Root shell is assumed throughout
-* Code blocks are [https://en.wikipedia.org/wiki/Idempotent idempotent]
+* Self hosting, single GNU/Linux system with root Bash shell
+

 
 '''Version Support'''
 
 Very minor adjustments needed for other distros. Help expand this list.
 
 '''Version Support'''
 
 Very minor adjustments needed for other distros. Help expand this list.

-* Mediawiki 1.27 & 1.28
+* Mediawiki 1.28, updated as new versions are released

 * Debian 8 + backports
 * Debian 8
 * Debian testing (last tested Aug 7, 2016)
 * Debian 8 + backports
 * Debian 8
 * Debian testing (last tested Aug 7, 2016)


@@ -36,6 +35,14 @@ Pre 5/2016 revisions ran Mediawiki 1.23, tested on Fedora 20 and Ubuntu 14.04.
 
 The most common route and the one taken by this site is buying a domain name from a site like namecheap, and a cheap vps from companies like linode or digital ocean. They have good getting started guides which mostly apply beyond their own sites.
 
 
 The most common route and the one taken by this site is buying a domain name from a site like namecheap, and a cheap vps from companies like linode or digital ocean. They have good getting started guides which mostly apply beyond their own sites.
 

+'''Install Certbot'''
+
+For debian jessie with backports:
+<source lang="bash">
+apt-get install --install-suggests jessie-backports certbot
+</source>
+For other distros, follow instructions at [https://certbot.eff.org/ certbot.eff.org].
+

 '''Email Setup'''
 
 Setting up email can be an involved process, and this guide assumes that a some program (usually postfix or exim) is implementing a functional sendmail interface. Mediawiki uses email with to send password reminders or notifications, and this guide includes cronjobs for updating mediawiki and doing backups which will send mail in the case of an error. Email is also the recommended way to get notifications of package updates which require manual steps such as restarting of services.
 '''Email Setup'''
 
 Setting up email can be an involved process, and this guide assumes that a some program (usually postfix or exim) is implementing a functional sendmail interface. Mediawiki uses email with to send password reminders or notifications, and this guide includes cronjobs for updating mediawiki and doing backups which will send mail in the case of an error. Email is also the recommended way to get notifications of package updates which require manual steps such as restarting of services.


@@ -59,7 +66,7 @@ export mwdescription="REPLACE_ME" # eg. Opinionated Free Software Wiki
 export wikiuser="REPLACE_ME"
 export wikipass=REPLACE_ME
 
 export wikiuser="REPLACE_ME"
 export wikipass=REPLACE_ME
 

-# root password for the mysql database
+# root & user password for the mysql database

 export dbpass=REPLACE_ME
 
 export mwdomain=REPLACE_ME # domain name. for this site, it's ofswiki.org
 export dbpass=REPLACE_ME
 
 export mwdomain=REPLACE_ME # domain name. for this site, it's ofswiki.org


@@ -78,8 +85,7 @@ EOF
 
 # The rest of this section will work fine with no changes.
 
 
 # The rest of this section will work fine with no changes.
 

-# git branch for mediawiki + extensions.
-# This guide has only been tested with 1_28.
+# git branch for mediawiki + extensions. See intro for supported versions.

 # branch names: https://git.wikimedia.org/branches/mediawiki%2Fcore.git
 export mw_branch=REL1_28
 
 # branch names: https://git.wikimedia.org/branches/mediawiki%2Fcore.git
 export mw_branch=REL1_28
 


@@ -141,7 +147,7 @@ mw-clone() {
     local url=$1
     local original_pwd="$PWD"
     local name
     local url=$1
     local original_pwd="$PWD"
     local name

-    local re='[^/]*/[^/]*$'
+    local re='[^/]*/[^/]*$' # last 2 parts of path

     [[ $url =~ $re ]] ||:
     target=$mw/${BASH_REMATCH[0]}
     if [[ ! -e $target/.git ]]; then
     [[ $url =~ $re ]] ||:
     target=$mw/${BASH_REMATCH[0]}
     if [[ ! -e $target/.git ]]; then


@@ -159,11 +165,10 @@ mw-clone() {
 }
 mw-ext () {
     local ext
 }
 mw-ext () {
     local ext

-    for ext in "$@"; do
+    for ext; do

         mw-clone https://gerrit.wikimedia.org/r/p/mediawiki/extensions/$ext
         mw-clone https://gerrit.wikimedia.org/r/p/mediawiki/extensions/$ext

-        if [[ -e $mw/ext/$ext/extension.json ]]; then
-            # new style extension. remove old style declaration
-            sed -i --follow-symlinks '#^require_once( "\\\$IP/extensions/\$ext/\$ext\.php" );#d' $mwc
+        if [[ -e $mw/extensions/$ext/extension.json ]]; then
+            # new style extension

             teeu $mwc <<EOF
 wfLoadExtension( '$ext' );
 EOF
             teeu $mwc <<EOF
 wfLoadExtension( '$ext' );
 EOF


@@ -223,7 +228,7 @@ if isdeb; then
     # main reference:
     # https://www.mediawiki.org/wiki/Manual:Running_MediaWiki_on_Ubuntu
     apt-get update
     # main reference:
     # https://www.mediawiki.org/wiki/Manual:Running_MediaWiki_on_Ubuntu
     apt-get update

-    DEBIAN_FRONTEND=noninteractive apt-get install -y imagemagick
+    DEBIAN_FRONTEND=noninteractive apt-get install -y imagemagick curl

     if apt-get install -s mediawiki &>/dev/null; then
         # mediawiki is packaged in jessie backports.
         DEBIAN_FRONTEND=noninteractive apt-get -y install php5-apcu mediawiki
     if apt-get install -s mediawiki &>/dev/null; then
         # mediawiki is packaged in jessie backports.
         DEBIAN_FRONTEND=noninteractive apt-get -y install php5-apcu mediawiki


@@ -259,18 +264,26 @@ else
 fi
 
 
 fi
 
 

-# slightly different depending on if we already set the root pass
-if echo exit|mysql -u root -p"$dbpass"; then
-    # answer interactive prompts:
-    # mysql root pass, change pass? no, remove anon users? (default, yes)
-    # disallow remote root (default, yes), reload? (default, yes)
-    echo -e "$dbpass\nn\n\n\n\n" | mysql_secure_installation
-else
-    # I had 1 less newline at the start when doing ubuntu 14.04,
+# skip if we already set the root pass and are on pre-debian 9.
+if ! echo exit|mysql -uroot "-p$dbpass"; then
+    # Note: we set a root password here, but in debian 9+, it is ignored;
+    # only the local user root can login, and any password is accepted.
+    # We answer these interactive prompts:
+    # Enter current password for root (enter for none):
+    # Set root password? [Y/n]
+    # New password:
+    # Re-enter new password:
+    # Remove anonymous users? [Y/n]
+    # Disallow root login remotely? [Y/n]
+    # Remove test database and access to it? [Y/n]
+    # Reload privilege tables now? [Y/n]
+    # Note, I had 1 less newline at the start when doing ubuntu 14.04,

     # compared to debian 8, so can't say this is especially portable.
     # compared to debian 8, so can't say this is especially portable.

-    # It won't hurt if it fails.

     echo -e "\n\n$dbpass\n$dbpass\n\n\n\n\n" | mysql_secure_installation
 fi
     echo -e "\n\n$dbpass\n$dbpass\n\n\n\n\n" | mysql_secure_installation
 fi

+mysql -uroot "-p$dbpass" <<EOF
+GRANT ALL PRIVILEGES ON my_wiki.* TO 'wikiuser'@'localhost' IDENTIFIED BY '$dbpass';
+EOF

 </source>
 
 
 </source>
 
 


@@ -302,6 +315,8 @@ fi
 # git branch -r
 git checkout -f origin/$mw_branch
 git clean -ffxd
 # git branch -r
 git checkout -f origin/$mw_branch
 git clean -ffxd

+# apply librejs patch
+curl "https://iankelling.org/git/?p=mediawiki-librejs-patch;a=blob_plain;f=mediawiki-1.28-librejs.patch;hb=HEAD" | patch -r - -N -p1

 # Get the php libraries wmf uses. Based on:
 # https://www.mediawiki.org/wiki/Download_from_Git#Fetch_external_libraries
 if [[ ! -e vendor/.git ]]; then
 # Get the php libraries wmf uses. Based on:
 # https://www.mediawiki.org/wiki/Download_from_Git#Fetch_external_libraries
 if [[ ! -e vendor/.git ]]; then


@@ -314,12 +329,12 @@ cd ..
 # Drop any previous database which may have been installed while testing.
 # If upgrading, we should have a db backup which will get restored.
 # https://www.mediawiki.org/wiki/Manual:Upgrading
 # Drop any previous database which may have been installed while testing.
 # If upgrading, we should have a db backup which will get restored.
 # https://www.mediawiki.org/wiki/Manual:Upgrading

-mysql -u root -p$dbpass <<'EOF' ||:
+mysql -uroot "-p$dbpass" <<'EOF' ||:

 drop database my_wiki;
 exit
 EOF
 php $mw/maintenance/install.php --pass $wikipass --scriptpath /w \
 drop database my_wiki;
 exit
 EOF
 php $mw/maintenance/install.php --pass $wikipass --scriptpath /w \

-    --dbuser root --dbpass $dbpass "$mwdescription" "$wikiuser"
+    --dbuser wikiuser --dbpass $dbpass "$mwdescription" "$wikiuser"

 teeu $mwc <<'EOF'
 # lock down the wiki to only the initial owner until anti-spam measures are put in place
 # limit edits to registered users
 teeu $mwc <<'EOF'
 # lock down the wiki to only the initial owner until anti-spam measures are put in place
 # limit edits to registered users


@@ -376,16 +391,11 @@ Here, we use some scripts automate setting up the Let 's Encrypt cert and
 the apache config.
 
 <source lang="bash">
 the apache config.
 
 <source lang="bash">

-temp=$(mktemp -d)
-cd $temp
-git_site=https://iankelling.org/git
-git clone $git_site/acme-tiny-wrapper

 l=$mw/../../logs
 mkdir -p $l
 l=$mw/../../logs
 mkdir -p $l

-
-acme-tiny-wrapper/acme-tiny-wrapper -t $mwdomain
-
-git clone $git_site/basic-https-conf
+temp=$(mktemp -d)
+cd $temp
+git clone https://iankelling.org/git/basic-https-conf

 { cat <<EOF
 ServerAdmin $mw_email
 RewriteEngine On
 { cat <<EOF
 ServerAdmin $mw_email
 RewriteEngine On


@@ -398,7 +408,7 @@ find -L $(readlink -f $mw) -name .htaccess \
     | while read line; do
     echo -e "<Directory ${line%/.htaccess}>\n $(< $line)\n</Directory>";
 done
     | while read line; do
     echo -e "<Directory ${line%/.htaccess}>\n $(< $line)\n</Directory>";
 done

-} | basic-https-conf/apache-site -r ${mw%/*} - $mwdomain
+} | basic-https-conf/web-conf -r ${mw%/*} - apache2 $mwdomain

 cd
 rm -rf $temp
 </source>
 cd
 rm -rf $temp
 </source>


@@ -438,7 +448,7 @@ teeu $mwc<<EOF
 \$wgRightsIcon = "$mw_RightsIcon";
 EOF
 </source>
 \$wgRightsIcon = "$mw_RightsIcon";
 EOF
 </source>

-Settings I recommend which are different than the defaults.
+Settings asked by the gui setup which are different than the install script defaults. They different because the defaults are the most compatible and unobtrusive.

 <source lang="bash">
 teeu $mwc<<EOF
 \$wgPasswordSender = "$mw_email";
 <source lang="bash">
 teeu $mwc<<EOF
 \$wgPasswordSender = "$mw_email";


@@ -448,6 +458,7 @@ teeu $mwc<<EOF
 \$wgMainCacheType = CACHE_ACCEL;
 \$wgEnableUploads = true;
 \$wgUseInstantCommons = true;
 \$wgMainCacheType = CACHE_ACCEL;
 \$wgEnableUploads = true;
 \$wgUseInstantCommons = true;

+\$wgPingback = true;

 EOF
 </source>
 
 EOF
 </source>
 


@@ -463,9 +474,13 @@ $wgArticlePath = "/wiki/$1";
 $wgNoFollowLinks = false;
 # Allow user customization.
 $wgAllowUserCss = true;
 $wgNoFollowLinks = false;
 # Allow user customization.
 $wgAllowUserCss = true;

-

 # use imagemagick over GD
 $wgUseImageMagick = true;
 # use imagemagick over GD
 $wgUseImageMagick = true;

+# manual says this is not production ready, I think that is mostly
+# because they are using MobileFrontend extension instead, which gives
+# an even cleaner more minimal view, I plan to try setting it up
+# sometime but this seems like a very nice improvement for now.
+$wgVectorResponsive = true;

 EOF
 
 
 EOF
 
 


@@ -509,15 +524,18 @@ When installing extensions on a wiki with important content, backup first as a p
 
 ''' Extensions with no configuration needed '''
 
 
 ''' Extensions with no configuration needed '''
 

-{| class="wikitable"
+{| class="writable"

  ! Name
  ! Description
     |-
     | [[mediawikiwiki:Extension:Cite|Extension:Cite]]
  ! Name
  ! Description
     |-
     | [[mediawikiwiki:Extension:Cite|Extension:Cite]]

-    | Have references in footnotes.
+    | Have references in footnotes*

     |-
     | [[mediawikiwiki:Extension:CiteThisPage|Extension:CiteThisPage]]
     |-
     | [[mediawikiwiki:Extension:CiteThisPage|Extension:CiteThisPage]]

-    | Ability to generate citations to pages in a variety of styles.
+    | Ability to generate citations to pages in a variety of styles*
+    |-
+    | [[mediawikiwiki:CheckUser|Extension:CheckUser]]
+    | Get ip addresses from inside mediawiki so you can ban users''

     |-
     | [[mediawikiwiki:Extension:CSS|Extension:CSS]]
     | Allows CSS stylesheets to be included in specific articles
     |-
     | [[mediawikiwiki:Extension:CSS|Extension:CSS]]
     | Allows CSS stylesheets to be included in specific articles


@@ -526,36 +544,41 @@ When installing extensions on a wiki with important content, backup first as a p
     | Notification subsystem for usage by other extensions
     |-
     | [[mediawikiwiki:Extension:Gadgets|Extension:Gadgets]]
     | Notification subsystem for usage by other extensions
     |-
     | [[mediawikiwiki:Extension:Gadgets|Extension:Gadgets]]

-    | UI extension system for users
+    | UI extension system for users*

     |-
     | [[mediawikiwiki:Extension:ImageMap|Extension:ImageMap]]
     |-
     | [[mediawikiwiki:Extension:ImageMap|Extension:ImageMap]]

-    | Links for a region of an image
+    | Links for a region of an image*

     |-
     | [[mediawikiwiki:Extension:Interwiki|Extension:Interwiki]]
     |-
     | [[mediawikiwiki:Extension:Interwiki|Extension:Interwiki]]

-    | Tool for nice links to other wikis
+    | Tool for nice links to other wikis*

     |-
     | [[mediawikiwiki:Extension:News|Extension:News]]
     | Embed or rss recent changes
     |-
     | [[mediawikiwiki:Extension:Nuke|Extension:Nuke]]
     |-
     | [[mediawikiwiki:Extension:News|Extension:News]]
     | Embed or rss recent changes
     |-
     | [[mediawikiwiki:Extension:Nuke|Extension:Nuke]]

-    | Mass delete of pages, in the case of spam
+    | Mass delete of pages, in the case of spam*

     |-
     | [[mediawikiwiki:Extension:ParserFunctions|Extension:ParserFunctions]]
     |-
     | [[mediawikiwiki:Extension:ParserFunctions|Extension:ParserFunctions]]

-    | Useful for templates
+    | Useful for templates*

     |-
     | [[mediawikiwiki:Extension:Poem|Extension:Poem]]
     |-
     | [[mediawikiwiki:Extension:Poem|Extension:Poem]]

-    | Useful for formatting things various ways
+    | Useful for formatting things various ways*
+    |-
+    | [[mediawikiwiki:Extension:Renameuser|Extension:Renameuser]]
+    | Allows bureaucrats to rename user accounts*

     |-
     | [[mediawikiwiki:Extension:SyntaxHighlight_GeSHi|Extension:SyntaxHighlight_GeSHi]]
     |-
     | [[mediawikiwiki:Extension:SyntaxHighlight_GeSHi|Extension:SyntaxHighlight_GeSHi]]

-    | Source code highlighting
+    | Source code highlighting*

     |-
     | [[mediawikiwiki:Extension:Variables|Extension:Variables]]
     | Define per-page variables
     |}
 
     |-
     | [[mediawikiwiki:Extension:Variables|Extension:Variables]]
     | Define per-page variables
     |}
 

+<nowiki>*</nowiki> = Comes with the MediaWiki default download.
+

 <source lang="bash">
 <source lang="bash">

-mw-ext Cite CiteThisPage CSS Echo Gadgets ImageMap Interwiki News \
-       Nuke ParserFunctions Poem SyntaxHighlight_GeSHi Variables
+mw-ext Cite CiteThisPage CheckUser CSS Echo Gadgets ImageMap Interwiki News \
+       Nuke ParserFunctions Poem Renameuser SyntaxHighlight_GeSHi Variables

 </source>
 
 
 </source>
 
 


@@ -568,17 +591,6 @@ sudo -u $apache_user php $mw/extensions/AntiSpoof/maintenance/batchAntiSpoof.php
 </source>
 
 
 </source>
 
 

-''' [[mediawikiwiki:CheckUser|Extension:CheckUser]]: Get ip addresses from inside mediawiki so you can ban users'''
-
-On <= 1.27, requires special install steps or we can get into a bad state. Add a sleep like the default of update.php to avoid errors.
-<source lang="bash">
-mw-ext CheckUser
-if [[ -e $mw/extensions/CheckUser/install.php ]]; then
-    sudo -u $apache_user php $mw/extensions/CheckUser/install.php; sleep 1
-fi
-</source>
-
-

 '''[[mediawikiwiki:Extension:Wikidiff2|Extension:Wikidiff2]]: Faster and international character supported page diffs'''
 
 I used packaged version since this is a c++ and probably not very tied to the Mediawiki version. This isn't packaged in fedora, haven't gotten around to testing and adding the code to compile it for fedora.
 '''[[mediawikiwiki:Extension:Wikidiff2|Extension:Wikidiff2]]: Faster and international character supported page diffs'''
 
 I used packaged version since this is a c++ and probably not very tied to the Mediawiki version. This isn't packaged in fedora, haven't gotten around to testing and adding the code to compile it for fedora.


@@ -633,6 +645,8 @@ There is no current list of package depencies so I took dependencies from mediaw
 
 ''' [[mediawikiwiki:Extension:SpamBlacklist|Extension:SpamBlacklist]]: Import/create IP blacklists, mainly for spam'''
 
 
 ''' [[mediawikiwiki:Extension:SpamBlacklist|Extension:SpamBlacklist]]: Import/create IP blacklists, mainly for spam'''
 

+Comes with MediaWiki.
+

 <source lang="bash">
 mw-ext SpamBlacklist
 if ! grep -F '$wgSpamBlacklistFiles = array(' $mwc &>/dev/null; then
 <source lang="bash">
 mw-ext SpamBlacklist
 if ! grep -F '$wgSpamBlacklistFiles = array(' $mwc &>/dev/null; then


@@ -651,6 +665,8 @@ fi
 
 ''' [[mediawikiwiki:Extension:TitleBlacklist|Extension:TitleBlacklist]]: Anti-spam '''
 
 
 ''' [[mediawikiwiki:Extension:TitleBlacklist|Extension:TitleBlacklist]]: Anti-spam '''
 

+Comes with Mediawiki.
+

 <source lang="bash">
 mw-ext TitleBlacklist
 if ! grep -F '$wgTitleBlacklistSources = array(' $mwc &>/dev/null; then
 <source lang="bash">
 mw-ext TitleBlacklist
 if ! grep -F '$wgTitleBlacklistSources = array(' $mwc &>/dev/null; then


@@ -671,6 +687,8 @@ fi
 
 ''' [[mediawikiwiki:Extension:WikiEditor|Extension:WikiEditor]]: Editing box extras and a fast preview tab '''
 
 
 ''' [[mediawikiwiki:Extension:WikiEditor|Extension:WikiEditor]]: Editing box extras and a fast preview tab '''
 

+Comes with MediaWiki.
+

 <source lang="bash">
 mw-ext WikiEditor
 teeu $mwc <<'EOF'
 <source lang="bash">
 mw-ext WikiEditor
 teeu $mwc <<'EOF'


@@ -708,9 +726,9 @@ $wgGroupPermissions['sysop']['abusefilter-revert'] = true;
 EOF
 </source>
 
 EOF
 </source>
 

-'''[[mediawikiwiki:Extension:ConfirmEdit|Extension:ConfirmEdit]]: Custom Captcha'''
+'''[[mediawikiwiki:Extension:ConfirmEdit|Extension:ConfirmEdit]]: Custom Captcha.'''

 
 

-Uses captchaArray defined in mw_vars.
+Uses captchaArray defined in mw_vars. Comes with MediaWiki.

 
 <source lang="bash">
 mw-ext ConfirmEdit
 
 <source lang="bash">
 mw-ext ConfirmEdit


@@ -853,25 +871,19 @@ x("MediaWiki:Sidebar", """* navigation
 # remove side panel
 # helpfull doc: https://www.mediawiki.org/wiki/Manual:Interface/Sidebar
 x("mediawiki:Common.css", """/* adjust sidebar to just be home link and up top  */
 # remove side panel
 # helpfull doc: https://www.mediawiki.org/wiki/Manual:Interface/Sidebar
 x("mediawiki:Common.css", """/* adjust sidebar to just be home link and up top  */

+/* adjust sidebar to just be home link and up top  */

 /* panel width increased to fit full wiki name. */
 /* panel width increased to fit full wiki name. */

+/* selectors other than final id are for increasing priority of rule */

 div#mw-panel { top: 10px; padding-top: 0em; width: 20em }
 div#footer, #mw-head-base, div#content { margin-left: 1em; }
 #left-navigation { margin-left: 1em; }
 
 
 /* logo, and toolbar hidden */
 div#mw-panel { top: 10px; padding-top: 0em; width: 20em }
 div#footer, #mw-head-base, div#content { margin-left: 1em; }
 #left-navigation { margin-left: 1em; }
 
 
 /* logo, and toolbar hidden */

-#p-logo, #p-tb.portal {
+#p-logo, div#mw-navigation div#mw-panel #p-tb {

    display:none;
 }
 
    display:none;
 }
 

-/* make the font size smaller for the misc stuff */
-#p-personal {
-   font-size: 0.8em;
-}
-
-#footer-info {
-   font-size: 0.8em;
-}

 div#mw-content-text {
     max-width: 720px;
 }
 div#mw-content-text {
     max-width: 720px;
 }


@@ -965,7 +977,7 @@ ssh $o root@$mwdomain <<EOF
 set -e
 chmod -R g+w $mw/images
 chgrp -R www-data $mw/images
 set -e
 chmod -R g+w $mw/images
 chgrp -R www-data $mw/images

-mysql -u root -p$dbpass my_wiki < /tmp/wiki_db_restore/wiki_db_backup
+mysql -uroot "-p$dbpass" my_wiki < /tmp/wiki_db_restore/wiki_db_backup

 php $mw/maintenance/update.php
 EOF
 </source>
 php $mw/maintenance/update.php
 EOF
 </source>


@@ -986,22 +998,31 @@ s=/etc/cron.daily/mediawiki_update
 dd of=$s<<'EOF'
 #!/bin/bash
 source ~/mw_vars
 dd of=$s<<'EOF'
 #!/bin/bash
 source ~/mw_vars

-cd $mw
-for dir in extensions/* skins/* $mw; do
-    [[ -d $dir ]] || continue
+update() {
+    dir=$1
+    cd $mw
+    [[ -d $dir ]] || return 1

     cd $dir
     branch=$(git describe --all)
     branch=${branch#remotes/}
     git fetch --all -q
     new_head=$(git rev-parse $branch)
     log=$(git log HEAD..$new_head)
     cd $dir
     branch=$(git describe --all)
     branch=${branch#remotes/}
     git fetch --all -q
     new_head=$(git rev-parse $branch)
     log=$(git log HEAD..$new_head)

-    if [[ $log ]]; then
-        pwd
-        echo "$log"
+    if [[ ! $log ]]; then
+        return 1

     fi
     fi

-    git checkout -q $new_head
+    pwd
+    echo "$log"
+    git checkout -qf $new_head

     cd $mw
     cd $mw

+    return 0
+}
+for dir in extensions/* skins/* vendor; do
+    update "$dir" ||:

 done
 done

+if update .; then
+    curl "https://iankelling.org/git/?p=mediawiki-librejs-patch;a=blob_plain;f=mediawiki-1.28-librejs.patch;hb=HEAD" | patch -r - -N -p1
+fi

 php $mw/maintenance/update.php -q --quick
 EOF
 
 php $mw/maintenance/update.php -q --quick
 EOF
 


@@ -1035,26 +1056,27 @@ Mediawiki.org has pages for ~5200 extensions. Mediawiki maintains ~700 extension
 Here are brief descriptions of extensions that are part of distributions and why they were rejected for this wiki.
 
 {| class="wikitable"
 Here are brief descriptions of extensions that are part of distributions and why they were rejected for this wiki.
 
 {| class="wikitable"

+   |+
+   | '''Footnote''' || deprecated in newer versions

    |+
    | '''InputBox''' || Add html forms to pages. Can't imagine using it. Would install if I did.
    |+
    |+
    | '''InputBox''' || Add html forms to pages. Can't imagine using it. Would install if I did.
    |+

-   | '''Pdfhandler''' || Gallery of pages from a pdf file. Can't imagine using it. Would install if I did.
+   | '''LocalisationUpdate'''|| update localization only. I'm fine updating all of mediawiki, there aren't many updates.

    |+
    |+

-   | '''Footnote''' || deprecated in newer versions
+   | '''NewestPages''' ||  A page creation history that doesn't expire like recent-changes. Meh

    |+
    | '''NewUserNotif''' || Send me a notification when a user registers. Seems like an excessive notification.
    |+
    |+
    | '''NewUserNotif''' || Send me a notification when a user registers. Seems like an excessive notification.
    |+

-   | '''NewestPages''' ||  A page creation history that doesn't expire like recent-changes. Meh
+   | '''Openid''' || Poor UI. 2 pages & 2 links <login> <login with openid> which is confusing & ugly.
+   |+
+   | '''Pdfhandler''' || Gallery of pages from a pdf file. Can't imagine using it. Would install if I did.

    |+
    | '''RSSReader''' || Embed an rss feed. Can't imagine using it. Would install if I did.
    |+
    |+
    | '''RSSReader''' || Embed an rss feed. Can't imagine using it. Would install if I did.
    |+

-   | '''Openid''' || Poor UI. 2 pages & 2 links <login> <login with openid> which is confusing & ugly.
+   | '''Semantic''' || Seems like a lot of trouble around analyzing kinds of data which my wiki will not have.

    |+
    | '''Validator''' || dependency of of semantic
    |+
    |+
    | '''Validator''' || dependency of of semantic
    |+

-   | '''Semantic''' || Seems like a lot of trouble around analyzing kinds of data which my wiki will not have.
-   |+
-   | '''wikicalendar''' || Make a calendar of events etc. Can't imagine using it. Would install if I did.

 |}
 
 == Misc Notes ==
 |}
 
 == Misc Notes ==


@@ -1102,7 +1124,7 @@ This means the code is compatible with gplv3.
 
 == todo list for this page ==
 
 
 == todo list for this page ==
 

-* Check if there are any new default extensions 1.28 which I haven't evaluated.
-* Test for any new config values set by the 1.28 gui install method.

 * Get Visual editor extension.
 * Don't require registration for edits
 * Get Visual editor extension.
 * Don't require registration for edits

+* Take a look at the new debian mediawiki package's apache conf
+* For perf, translate extensions allow/deny directives, and set AllowOverride None in apache.conf