#!/bin/bash
# Copyright (C) 2016 Ian Kelling
# This program is under GPL v. 3 or later, see <http://www.gnu.org/licenses/>
+set -x
+# <source lang="bash">
+# if we have jessie-backports, we need to use it.
+if ! apt-get install -t jessie-backports certbot python-certbot-apache; then
+ apt-get install certbot python-certbot-apache
+fi
+# </source>
# <source lang="bash">
# identify if this is a debian based distro
isdeb() { command -v apt &>/dev/null; }
local url=$1
local original_pwd="$PWD"
local name
- local re='[^/]*/[^/]*$'
+ local re='[^/]*/[^/]*$' # last 2 parts of path
[[ $url =~ $re ]] ||:
target=$mw/${BASH_REMATCH[0]}
if [[ ! -e $target/.git ]]; then
}
mw-ext () {
local ext
- for ext in "$@"; do
+ for ext; do
mw-clone https://gerrit.wikimedia.org/r/p/mediawiki/extensions/$ext
- if [[ -e $mw/ext/$ext/extension.json ]]; then
- # new style extension. remove old style declaration
- sed -i --follow-symlinks '#^require_once( "\\\$IP/extensions/\$ext/\$ext\.php" );#d' $mwc
+ if [[ -e $mw/extensions/$ext/extension.json ]]; then
+ # new style extension
teeu $mwc <<EOF
wfLoadExtension( '$ext' );
EOF
# main reference:
# https://www.mediawiki.org/wiki/Manual:Running_MediaWiki_on_Ubuntu
apt-get update
- apt-get install -y imagemagick
+ DEBIAN_FRONTEND=noninteractive apt-get install -y imagemagick curl
if apt-get install -s mediawiki &>/dev/null; then
- # in debian wheezy time-frame distros, mediawiki was packaged.
- apt-get -y install php-apc mediawiki php-mbstring
+ apcu=php5-apcu
+ if apt-get install -s php7.0-apcu &>/dev/null; then
+ apcu=php7.0-apcu
+ fi
+ # mediawiki is packaged in jessie backports & stretch
+ DEBIAN_FRONTEND=noninteractive apt-get -y install $apcu mediawiki
else
# https://www.mediawiki.org/wiki/Manual:Installation_requirements
if apt-get install -s php7.0 &>/dev/null; then
# available in debian 8. it's listed as supported
# in the mediawiki page.
# noninteractive to avoid mysql password prompt.
- DEBIAN_FRONTEND=noninteractive apt-get install -y apache2 mysql-server \
+ DEBIAN_FRONTEND=noninteractive apt-get install -y apache2 \
+ default-mysql-server \
php7.0 php7.0-mysql libapache2-mod-php7.0 php7.0-xml \
php7.0-apcu php7.0-mbstring
else
# note: mbstring is recommended, but it's not available for php5 in
# debian jessie.
- DEBIAN_FRONTEND=noninteractive apt-get install -y apache2 mysql-server \
+ DEBIAN_FRONTEND=noninteractive apt-get install -y apache2 \
+ default-mysql-server \
php5 php5-mysql libapache2-mod-php5 php5-apcu
fi
fi
fi
-# slightly different depending on if we already set the root pass
-if echo exit|mysql -u root -p"$dbpass"; then
- # answer interactive prompts:
- # mysql root pass, change pass? no, remove anon users? (default, yes)
- # disallow remote root (default, yes), reload? (default, yes)
- echo -e "$dbpass\nn\n\n\n\n" | mysql_secure_installation
-else
- # I had 1 less newline at the start when doing ubuntu 14.04,
+# skip if we already set the root pass and are on pre-debian 9.
+if ! echo exit|mysql -uroot "-p$dbpass"; then
+ # Note: we set a root password here, but in debian 9+, it is ignored;
+ # only the local user root can login, and any password is accepted.
+ # We answer these interactive prompts:
+ # Enter current password for root (enter for none):
+ # Set root password? [Y/n]
+ # New password:
+ # Re-enter new password:
+ # Remove anonymous users? [Y/n]
+ # Disallow root login remotely? [Y/n]
+ # Remove test database and access to it? [Y/n]
+ # Reload privilege tables now? [Y/n]
+ # Note, I had 1 less newline at the start when doing ubuntu 14.04,
# compared to debian 8, so can't say this is especially portable.
- # It won't hurt if it fails.
echo -e "\n\n$dbpass\n$dbpass\n\n\n\n\n" | mysql_secure_installation
fi
+mysql -uroot "-p$dbpass" <<EOF
+GRANT ALL PRIVILEGES ON my_wiki.* TO 'wikiuser'@'localhost' IDENTIFIED BY '$dbpass';
+EOF
# </source>
# <source lang="bash">
mkdir -p $mw
# git branch -r
git checkout -f origin/$mw_branch
git clean -ffxd
+# apply librejs patch
+curl "https://iankelling.org/git/?p=mediawiki-librejs-patch;a=blob_plain;f=mediawiki-1.28-librejs.patch;hb=HEAD" | patch -r - -N -p1
# Get the php libraries wmf uses. Based on:
# https://www.mediawiki.org/wiki/Download_from_Git#Fetch_external_libraries
if [[ ! -e vendor/.git ]]; then
# Drop any previous database which may have been installed while testing.
# If upgrading, we should have a db backup which will get restored.
# https://www.mediawiki.org/wiki/Manual:Upgrading
-mysql -u root -p$dbpass <<'EOF' ||:
+mysql -uroot "-p$dbpass" <<'EOF' ||:
drop database my_wiki;
exit
EOF
php $mw/maintenance/install.php --pass $wikipass --scriptpath /w \
- --dbuser root --dbpass $dbpass "$mwdescription" "$wikiuser"
+ --dbuser wikiuser --dbpass $dbpass "$mwdescription" "$wikiuser"
teeu $mwc <<'EOF'
# lock down the wiki to only the initial owner until anti-spam measures are put in place
# limit edits to registered users
EOF
# </source>
# <source lang="bash">
-temp=$(mktemp -d)
-cd $temp
-git_site=https://iankelling.org/git
-git clone $git_site/acme-tiny-wrapper
l=$mw/../../logs
mkdir -p $l
-
-acme-tiny-wrapper/acme-tiny-wrapper -t $mwdomain
-
-git clone $git_site/basic-https-conf
+temp=$(mktemp -d)
+cd $temp
+# for me, this repo is on the same server and apache needs a sec after restarting
+sleep 1
+git clone https://iankelling.org/git/basic-https-conf
{ cat <<EOF
ServerAdmin $mw_email
RewriteEngine On
| while read line; do
echo -e "<Directory ${line%/.htaccess}>\n $(< $line)\n</Directory>";
done
-} | basic-https-conf/apache-site -r ${mw%/*} - $mwdomain
+} | basic-https-conf/web-conf -r ${mw%/*} - apache2 $mwdomain
cd
rm -rf $temp
# </source>
\$wgMainCacheType = CACHE_ACCEL;
\$wgEnableUploads = true;
\$wgUseInstantCommons = true;
+\$wgPingback = true;
EOF
# </source>
# <source lang="bash">
# not using nofollow is good practice, as long as we avoid spam.
$wgNoFollowLinks = false;
# Allow user customization.
-$wgAllowUserJs = true;
$wgAllowUserCss = true;
-
# use imagemagick over GD
$wgUseImageMagick = true;
+# manual says this is not production ready, I think that is mostly
+# because they are using MobileFrontend extension instead, which gives
+# an even cleaner more minimal view, I plan to try setting it up
+# sometime but this seems like a very nice improvement for now.
+$wgVectorResponsive = true;
EOF
# Make the toolbox go into the drop down.
cd $mw/skins/Vector
if ! git remote show ian-kelling &>/dev/null; then
- git remote add ian-kelling https://iankelling.org/git/Vector
+ git remote add ian-kelling https://iankelling.org/git/mediawiki-sidebar-patch
fi
git fetch ian-kelling
-git checkout ian-kelling/REL1_27-toolbox-in-dropdown
+git checkout ian-kelling/${mw_branch}-toolbox-in-dropdown
# </source>
# <source lang="bash">
-mw-ext Cite CiteThisPage CSS Echo Gadgets ImageMap Interwiki News \
- Nuke ParserFunctions Poem SyntaxHighlight_GeSHi Variables
+mw-ext Cite CiteThisPage CheckUser CSS Echo Gadgets ImageMap Interwiki News \
+ Nuke ParserFunctions Poem Renameuser SyntaxHighlight_GeSHi Variables
# </source>
# <source lang="bash">
mw-ext AntiSpoof
sudo -u $apache_user php $mw/extensions/AntiSpoof/maintenance/batchAntiSpoof.php
# </source>
# <source lang="bash">
-mw-ext CheckUser
-sudo -u $apache_user php $mw/extensions/CheckUser/install.php; sleep 1
-# </source>
-# <source lang="bash">
if isdeb; then
apt-get -y install php-wikidiff2
teeu $mwc <<'EOF'
# remove side panel
# helpfull doc: https://www.mediawiki.org/wiki/Manual:Interface/Sidebar
x("mediawiki:Common.css", """/* adjust sidebar to just be home link and up top */
+/* adjust sidebar to just be home link and up top */
/* panel width increased to fit full wiki name. */
+/* selectors other than final id are for increasing priority of rule */
div#mw-panel { top: 10px; padding-top: 0em; width: 20em }
div#footer, #mw-head-base, div#content { margin-left: 1em; }
#left-navigation { margin-left: 1em; }
/* logo, and toolbar hidden */
-#p-logo, #p-tb.portal {
+#p-logo, div#mw-navigation div#mw-panel #p-tb {
display:none;
}
-/* make the font size smaller for the misc stuff */
-#p-personal {
- font-size: 0.8em;
-}
-
-#footer-info {
- font-size: 0.8em;
-}
div#mw-content-text {
max-width: 720px;
}
dd of=$s<<'EOF'
#!/bin/bash
source ~/mw_vars
-cd $mw
-for dir in extensions/* skins/* $mw; do
- [[ -d $dir ]] || continue
+update() {
+ dir=$1
+ cd $mw
+ [[ -d $dir ]] || return 1
cd $dir
branch=$(git describe --all)
branch=${branch#remotes/}
git fetch --all -q
new_head=$(git rev-parse $branch)
log=$(git log HEAD..$new_head)
- if [[ $log ]]; then
- pwd
- echo "$log"
+ if [[ ! $log ]]; then
+ return 1
fi
- git checkout -q $new_head
+ pwd
+ echo "$log"
+ git checkout -qf $new_head
cd $mw
+ return 0
+}
+for dir in extensions/* skins/* vendor; do
+ update "$dir" ||:
done
-php $mw/maintenance/update.php -q
+if update .; then
+ curl "https://iankelling.org/git/?p=mediawiki-librejs-patch;a=blob_plain;f=mediawiki-1.28-librejs.patch;hb=HEAD" | patch -r - -N -p1
+fi
+php $mw/maintenance/update.php -q --quick
EOF
# </source>
iankelling.org / git / mediawiki-setup / blobdiff