2 # Copyright (C) 2016 Ian Kelling
3 # This program is under GPL v. 3 or later, see <http://www.gnu.org/licenses/>
6 # identify if this is a debian based distro
7 isdeb
() { command -v apt
&>/dev
/null
; }
8 # tee unique. append each stdin line if it does not exist in the file
12 for line
in "${MAPFILE[@]}"; do
13 grep -xFq "$line" "$1" &>/dev
/null ||
tee -a "$1" <<<"$line"
17 # get and reset an extension/skin repository, and enable it
20 local original_pwd
="$PWD"
22 local re
='[^/]*/[^/]*$'
24 target
=$mw/${BASH_REMATCH[0]}
25 if [[ ! -e $target/.git
]]; then
26 git clone
$url $target
29 echo "mw-ext error: failed cd $target";
33 git checkout
-qf origin
/$mw_branch || git checkout
-qf origin
/master
41 mw-clone https
://gerrit.wikimedia.org
/r
/p
/mediawiki
/extensions
/$ext
42 if [[ -e $mw/ext
/$ext/extension.json
]]; then
43 # new style extension. remove old style declaration
44 sed -i --follow-symlinks '#^require_once( "\\\$IP/extensions/\$ext/\$ext\.php" );#d' $mwc
46 wfLoadExtension( '$ext' );
50 require_once( "\$IP/extensions/$ext/$ext.php" );
54 # --quick is quicker than default flags,
55 # but still add a sleep to make sure everything works right
56 sudo
-u $apache_user php
$mw/maintenance
/update.php
-q --quick; sleep 1
60 mw-clone https
://gerrit.wikimedia.org
/r
/p
/mediawiki
/skins
/$skin
61 sed -i --follow-symlinks '/^wfLoadSkin/d' $mwc
62 sed -i --follow-symlinks '/^\$wgDefaultSkin/d' $mwc
64 \$wgDefaultSkin = "${skin,,*}";
65 wfLoadSkin( '$skin' );
67 sudo
-u $apache_user php
$mw/maintenance
/update.php
-q --quick; sleep 1
70 if command -v apt
&>/dev
/null
; then
77 # <source lang="bash">
78 # From here on out, exit if a command fails.
79 # This will prevent us from not noticing an important failure.
80 # We recommend setting this for the entire installation session.
81 # If you are running commands interactively, it might be best to
82 # put it in your ~/.bashrc temporarily.
84 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
89 # https://www.mediawiki.org/wiki/Manual:Running_MediaWiki_on_Ubuntu
91 DEBIAN_FRONTEND
=noninteractive apt-get
install -y imagemagick curl
92 if apt-get
install -s mediawiki
&>/dev
/null
; then
93 # mediawiki is packaged in jessie backports.
94 DEBIAN_FRONTEND
=noninteractive apt-get
-y install php5-apcu mediawiki
96 # https://www.mediawiki.org/wiki/Manual:Installation_requirements
97 if apt-get
install -s php7.0
&>/dev
/null
; then
98 # note, 7.0 is untested by the editor here, since it's not
99 # available in debian 8. it's listed as supported
100 # in the mediawiki page.
101 # noninteractive to avoid mysql password prompt.
102 DEBIAN_FRONTEND
=noninteractive apt-get
install -y apache2 \
103 default-mysql-server \
104 php7.0 php7.0
-mysql libapache2-mod-php7.0 php7.0
-xml \
105 php7.0
-apcu php7.0
-mbstring
107 # note: mbstring is recommended, but it's not available for php5 in
109 DEBIAN_FRONTEND
=noninteractive apt-get
install -y apache2 \
110 default-mysql-server \
111 php5 php5-mysql libapache2-mod-php5 php5-apcu
114 service apache2 restart
117 # fedora deps are missing a database, so some is translated from debian packages
118 yum
-y install mediawiki ImageMagick php-mysqlnd php-pecl-apcu mariadb-server
120 systemctl restart mariadb.service
121 systemctl
enable mariadb.service
122 systemctl
enable httpd.service
123 systemctl restart httpd.service
127 # slightly different depending on if we already set the root pass
128 if echo exit|mysql
-u root
-p"$dbpass"; then
129 # answer interactive prompts:
130 # mysql root pass, change pass? no, remove anon users? (default, yes)
131 # disallow remote root (default, yes), reload? (default, yes)
132 echo -e "$dbpass\nn\n\n\n\n" | mysql_secure_installation
134 # I had 1 less newline at the start when doing ubuntu 14.04,
135 # compared to debian 8, so can't say this is especially portable.
136 # It won't hurt if it fails.
137 echo -e "\n\n$dbpass\n$dbpass\n\n\n\n\n" | mysql_secure_installation
140 # <source lang="bash">
143 # this will just fail if it already exists which is fine
144 if [[ ! -e .git
]]; then
145 git clone https
://gerrit.wikimedia.org
/r
/p
/mediawiki
/core.git .
147 # to see available branches: https://www.mediawiki.org/wiki/Version_lifecycle
150 git checkout
-f origin
/$mw_branch
152 # add some librejs support:
153 curl
"https://iankelling.org/git/?p=mediawiki-librejs-patch;a=blob_plain;f=mediawiki-librejs-patch;hb=HEAD" | bash
154 # Get the php libraries wmf uses. Based on:
155 # https://www.mediawiki.org/wiki/Download_from_Git#Fetch_external_libraries
156 if [[ ! -e vendor
/.git
]]; then
157 git clone https
://gerrit.wikimedia.org
/r
/p
/mediawiki
/vendor.git
160 git checkout
-f origin
/$mw_branch
163 # Drop any previous database which may have been installed while testing.
164 # If upgrading, we should have a db backup which will get restored.
165 # https://www.mediawiki.org/wiki/Manual:Upgrading
166 mysql
-u root
-p$dbpass <<'EOF' ||:
167 drop database my_wiki;
170 php
$mw/maintenance
/install.php
--pass $wikipass --scriptpath /w \
171 --dbuser root
--dbpass $dbpass "$mwdescription" "$wikiuser"
173 # lock down the wiki to only the initial owner until anti-spam measures are put in place
174 # limit edits to registered users
175 $wgGroupPermissions['*']['edit'] = false;
176 # don't allow any account creation
177 $wgGroupPermissions['*']['createaccount'] = false;
180 # <source lang="bash">
183 git_site
=https
://iankelling.org
/git
184 git clone
$git_site/acme-tiny-wrapper
188 acme-tiny-wrapper
/acme-tiny-wrapper
-t $mwdomain
190 git clone
$git_site/basic-https-conf
192 ServerAdmin $mw_email
194 # make the site's root url go to our main page
195 RewriteRule ^/?wiki(/.*)?\$ %{DOCUMENT_ROOT}/w/index.php [L]
196 # use short urls https://www.mediawiki.org/wiki/Manual:Short_URL
197 RewriteRule ^/*\$ %{DOCUMENT_ROOT}/w/index.php [L]
199 find -L $
(readlink
-f $mw) -name .htaccess \
200 |
while read line
; do
201 echo -e "<Directory ${line%/.htaccess}>\n $(< $line)\n</Directory>";
203 } | basic-https-conf
/apache-site
-r ${mw%/*} - $mwdomain
207 # <source lang="bash">
208 dd of
=$mw/..
/robots.txt
<<'EOF'
211 User-agent: ia_archiver
216 # <source lang="bash">
218 \$wgServer = "https://$mwdomain";
219 \$wgDBserver = "localhost";
220 \$wgRightsUrl = "$mw_RightsUrl";
221 \$wgRightsText = "$mw_RightsText";
222 \$wgRightsIcon = "$mw_RightsIcon";
225 # <source lang="bash">
227 \$wgPasswordSender = "$mw_email";
228 \$wgEmergencyContact = "$mw_email";
229 \$wgEnotifUserTalk = true; # UPO
230 \$wgEnotifWatchlist = true; # UPO
231 \$wgMainCacheType = CACHE_ACCEL;
232 \$wgEnableUploads = true;
233 \$wgUseInstantCommons = true;
237 # <source lang="bash">
239 # from https://www.mediawiki.org/wiki/Manual:Short_URL
240 $wgArticlePath = "/wiki/$1";
242 # https://www.mediawiki.org/wiki/Manual:Combating_spam
243 # check that url if our precautions don't work
244 # not using nofollow is good practice, as long as we avoid spam.
245 $wgNoFollowLinks = false;
246 # Allow user customization.
247 $wgAllowUserCss = true;
248 # use imagemagick over GD
249 $wgUseImageMagick = true;
250 # manual says this is not production ready, I think that is mostly
251 # because they are using MobileFrontend extension instead, which gives
252 # an even cleaner more minimal view, I plan to try setting it up
253 # sometime but this seems like a very nice improvement for now.
254 $wgVectorResponsive = true;
258 # https://www.mediawiki.org/wiki/Manual:Configuring_file_uploads
259 # Increase from default of 2M to 100M.
260 # This will at least allow high res pics etc.
261 php_ini
=$
(php
-r 'echo(php_ini_loaded_file());')
262 sed -i --follow-symlinks 's/^\(upload_max_filesize\|post_max_size\)\b.*/\1 = 100M/' $php_ini
264 service apache2 restart
266 systemctl restart httpd.service
269 # if you were to install as a normal user, you would need this for images
270 # sudo usermod -aG $apache_user $USER
272 # this doesn't propogate right away
273 chgrp
-R $apache_user $mw/images
274 chmod -R g
+w
$mw/images
276 # <source lang="bash">
279 #$wgFooterIcons = null;
281 # Make the toolbox go into the drop down.
283 if ! git remote show ian-kelling
&>/dev
/null
; then
284 git remote add ian-kelling https
://iankelling.org
/git
/forks
/Vector
286 git fetch ian-kelling
287 git checkout ian-kelling
/${mw_branch}-toolbox-in-dropdown
289 # <source lang="bash">
290 mw-ext Cite CiteThisPage CheckUser CSS Echo Gadgets ImageMap Interwiki News \
291 Nuke ParserFunctions Poem Renameuser SyntaxHighlight_GeSHi Variables
293 # <source lang="bash">
295 # recommended setup script to account for existing users
296 sudo
-u $apache_user php
$mw/extensions
/AntiSpoof
/maintenance
/batchAntiSpoof.php
298 # <source lang="bash">
300 apt-get
-y install php-wikidiff2
302 $wgExternalDiffEngine = 'wikidiff2';
304 dir
=$
(dirname $
(php
-r 'echo(php_ini_loaded_file());'))/..
/apache
2/conf.d
305 ln -sf ..
/..
/mods-available
/wikidiff2.ini
$dir
306 service apache2 restart
309 # <source lang="bash">
311 # php5-curl according to Math readme
314 if ! apt-get
-s install $curl_pkg &>/dev
/null
; then
317 apt-get
-y install latex-cjk-all texlive-latex-extra texlive-latex-base \
318 ghostscript imagemagick ocaml
$curl_pkg make
320 # todo, php5-curl equivalent on fedora
321 yum
-y install texlive-cjk ghostscript ImageMagick texlive ocaml
323 service apache2 restart
325 cd $mw/extensions
/Math
/math
; make # makes texvc
326 cd $mw/extensions
/Math
/texvccheck
; make
329 # Enable MathJax as rendering option
330 $wgUseMathJax = true;
331 # Enable LaTeXML as rendering option
332 $wgMathValidModes[] = 'latexml';
333 # Set LaTeXML as default rendering option, because it is nicest
334 $wgDefaultUserOptions['math'] = 'latexml';
337 # <source lang="bash">
339 if ! grep -F '$wgSpamBlacklistFiles = array(' $mwc &>/dev
/null
; then
341 $wgEnableDnsBlacklist = true;
342 $wgDnsBlacklistUrls = array( 'xbl.spamhaus.org', 'dnsbl.tornevall.org' );
344 ini_set( 'pcre.backtrack_limit', '10M' );
345 $wgSpamBlacklistFiles = array(
346 "[[m:Spam blacklist]]",
347 "http://en.wikipedia.org/wiki/MediaWiki:Spam-blacklist"
352 # <source lang="bash">
353 mw-ext TitleBlacklist
354 if ! grep -F '$wgTitleBlacklistSources = array(' $mwc &>/dev
/null
; then
356 $wgTitleBlacklistSources = array(
359 'src' => 'MediaWiki:Titleblacklist',
363 'src' => 'http://meta.wikimedia.org/w/index.php?title=Title_blacklist&action=raw',
369 # <source lang="bash">
372 # Enable Wikieditor by default
373 $wgDefaultUserOptions['usebetatoolbar'] = 1;
374 $wgDefaultUserOptions['usebetatoolbar-cgd'] = 1;
376 # Display the Preview and Changes tabs
377 $wgDefaultUserOptions['wikieditor-preview'] = 1;
380 # <source lang="bash">
383 # Mediawiki setting dependency for CategoryTree
387 # <source lang="bash">
390 $wgGroupPermissions['sysop']['abusefilter-modify'] = true;
391 $wgGroupPermissions['*']['abusefilter-log-detail'] = true;
392 $wgGroupPermissions['*']['abusefilter-view'] = true;
393 $wgGroupPermissions['*']['abusefilter-log'] = true;
394 $wgGroupPermissions['sysop']['abusefilter-private'] = true;
395 $wgGroupPermissions['sysop']['abusefilter-modify-restricted'] = true;
396 $wgGroupPermissions['sysop']['abusefilter-revert'] = true;
399 # <source lang="bash">
403 wfLoadExtension( 'ConfirmEdit/QuestyCaptcha' );
404 $wgCaptchaClass = 'QuestyCaptcha';
405 # only captcha on registration
406 $wgGroupPermissions['user' ]['skipcaptcha'] = true;
407 $wgGroupPermissions['autoconfirmed']['skipcaptcha'] = true;
409 if ! grep -Fx 'foreach ( $localSettingsQuestyQuestions as $key => $value ) {' $mwc; then
411 foreach ( $localSettingsQuestyQuestions as $key => $value ) {
412 $wgCaptchaQuestions[] = array( 'question' => $key, 'answer' => $value );
417 # <source lang="bash">
418 sed -i --follow-symlinks "/\\\$wgGroupPermissions\\['\\*'\\]\\['createaccount'\\] = false;/d" $mwc
420 # <source lang="bash">
422 if [[ ! -e ~
/pywikibot
/.git
]]; then
423 git clone
--recursive \
424 https
://gerrit.wikimedia.org
/r
/pywikibot
/core.git ~
/pywikibot
431 # <source lang="bash">
433 dd of
=user-config.py
<<EOF
435 usernames["$mwfamily"]['en'] = u'$wikiuser'
437 console_encoding = 'utf-8'
438 password_file = "secretsfile"
441 dd of
=secretsfile
<<EOF
442 ("$wikiuser", "$wikipass")
445 # it won't overrwrite an existing file. Remove if if one exists
446 rm -f pywikibot
/families
/${mwfamily}_family.py
448 apt-get
install -y python-requests
450 yum
-y install python-requests
453 python generate_family_file.py https
://$mwdomain/wiki
/Main_Page
"$mwfamily"
455 # Note, this needed only for ssl site
456 tee -a pywikibot
/families
/${mwfamily}_family.py
<<'EOF'
457 def protocol(self, code):
461 # <source lang="bash">
464 dd of
=scripts
/${mwfamily}_setup.py
<<EOF
468 site = pywikibot.Site()
470 page = pywikibot.Page(site, p)
472 #force is for some anti-bot thing, not necessary in my testing, but might as well include it
473 page.save(force=True)
475 # Small/medium noncommercial wiki should be fine with no privacy policy
476 # based on https://www.mediawiki.org/wiki/Manual:Footer
477 x("MediaWiki:Privacy")
479 # licenses for uploads. Modified from the mediawiki's wiki
480 x("MediaWiki:Licenses", u"""* Same as this wiki's text (preferred)
481 ** CC BY-SA or GFDL| Creative Commons Attribution ShareAlike or GNU Free Documentation License
483 ** Unknown_copyright|I don't know exactly
484 ** PD|PD: public domain
485 ** CC BY|Creative Commons Attribution
486 ** CC BY-SA|Creative Commons Attribution ShareAlike
487 ** GFDL|GFDL: GNU Free Documentation License
488 ** GPL|GPL: GNU General Public License
489 ** LGPL|LGPL: GNU Lesser General Public License""")
490 x("MediaWiki:Copyright", '$mw_license')
491 x("MediaWiki:Mainpage-description", "$mwdescription")
495 # The rest of the settings are for the site style
497 # Remove various clutter
498 x("MediaWiki:Lastmodifiedat")
499 x("MediaWiki:Disclaimers")
500 x("MediaWiki:Viewcount")
501 x("MediaWiki:Aboutsite")
502 # remove these lines from sidebar
503 # ** recentchanges-url|recentchanges
504 # ** randompage-url|randompage
506 x("MediaWiki:Sidebar", """* navigation
507 ** mainpage|mainpage-description
513 # helpfull doc: https://www.mediawiki.org/wiki/Manual:Interface/Sidebar
514 x("mediawiki:Common.css", """/* adjust sidebar to just be home link and up top */
515 /* panel width increased to fit full wiki name. */
516 div#mw-panel { top: 10px; padding-top: 0em; width: 20em }
517 div#footer, #mw-head-base, div#content { margin-left: 1em; }
518 #left-navigation { margin-left: 1em; }
521 /* logo, and toolbar hidden */
522 #p-logo, #p-tb.portal {
526 /* make the font size smaller for the misc stuff */
534 div#mw-content-text {
540 # this can spam a warning, so uniq it
541 python pwb.py
${mwfamily}_setup |
& uniq
543 # <source lang="bash">
544 s
=/etc
/cron.daily
/mediawiki_update
551 [[ -d $dir ]] || return 1
553 branch=$(git describe --all)
554 branch=${branch#remotes/}
556 new_head=$(git rev-parse $branch)
557 log=$(git log HEAD..$new_head)
558 if [[ ! $log ]]; then
563 git checkout -qf $new_head
567 for dir in extensions/* skins/* vendor; do
571 curl "https://iankelling.org/git/?p=mediawiki-librejs-patch;a=blob_plain;f=mediawiki-librejs-patch;hb=HEAD" | bash
573 php $mw/maintenance/update.php -q --quick