diff --git a/build/Dockerfile b/build/Dockerfile index 3fe187b..66bb23d 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -1,5 +1,4 @@ FROM mediawiki:1.35.8 -MAINTAINER david.martin@sodema.de RUN apt-get update && apt-get -y install libldb-dev git && rm -rf /var/lib/apt/lists/* @@ -8,6 +7,10 @@ ADD https://github.com/mlocati/docker-php-extension-installer/releases/latest/do RUN chmod +x /usr/local/bin/install-php-extensions && \ install-php-extensions ldap +RUN git clone --branch REL1_35 https://github.com/wikimedia/mediawiki-extensions-Math.git /var/www/html/extensions/Math +RUN git clone --branch REL1_35 https://github.com/wikimedia/mediawiki-extensions-ExternalData.git /var/www/html/extensions/ExternalData +RUN git clone --branch REL1_35 https://github.com/wikimedia/mediawiki-extensions-PageForms.git /var/www/html/extensions/PageForms +RUN git clone --branch REL1_35 https://github.com/wikimedia/mediawiki-extensions-Cargo.git /var/www/html/extensions/Cargo RUN git clone --branch REL1_35 https://github.com/wikimedia/mediawiki-extensions-LDAPAuthentication2.git /var/www/html/extensions/LDAPAuthentication2 RUN git clone --branch REL1_35 https://github.com/wikimedia/mediawiki-extensions-LDAPAuthorization.git /var/www/html/extensions/LDAPAuthorization RUN git clone --branch REL1_35 https://github.com/wikimedia/mediawiki-extensions-LDAPGroups.git /var/www/html/extensions/LDAPGroups diff --git a/build/include/install_wiki.sh b/build/include/install_wiki.sh index 71077e5..ada5925 100644 --- a/build/include/install_wiki.sh +++ b/build/include/install_wiki.sh @@ -13,6 +13,7 @@ do echo "$ext activated" done +cp /var/www/html/resources/assets/mediawiki.png /var/www/html/resources/assets/wiki.png sed -i "s/LDAP_DOMAINNAME/$LDAP_DOMAINNAME/g" /var/www/html/settings.d/LocalSettings.LDAP.php sed -i "s/LDAP_SERVER_NAME/$LDAP_SERVER_NAME/g" /var/www/html/settings.d/LocalSettings.LDAP.php @@ -22,6 +23,12 @@ sed -i "s/LDAP_BIND_USER/$LDAP_BIND_USER/g" /var/www/html/settings.d/LocalSettin sed -i "s/LDAP_BIND_PASS/$LDAP_BIND_PASS/g" /var/www/html/settings.d/LocalSettings.LDAP.php sed -i "s/LDAP_BASE/$LDAP_BASE/g" /var/www/html/settings.d/LocalSettings.LDAP.php sed -i "s/LDAP_USER_ATTR/$LDAP_USER_ATTR/g" /var/www/html/settings.d/LocalSettings.LDAP.php +sed -i "s/LDAP_REAL_NAME_ATTR/$LDAP_REAL_NAME_ATTR/g" /var/www/html/settings.d/LocalSettings.LDAP.php +sed -i "s/LDAP_MAIL_ATTR/$LDAP_MAIL_ATTR/g" /var/www/html/settings.d/LocalSettings.LDAP.php +sed -i "s/LDAP_BUREAUCRAT_GROUP/$LDAP_BUREAUCRAT_GROUP/g" /var/www/html/settings.d/LocalSettings.LDAP.php +sed -i "s/LDAP_INTERFACE_ADMIN_GROUP/$LDAP_INTERFACE_ADMIN_GROUP/g" /var/www/html/settings.d/LocalSettings.LDAP.php +sed -i "s/LDAP_SYSOP_GROUP/$LDAP_SYSOP_GROUP/g" /var/www/html/settings.d/LocalSettings.LDAP.php +sed -i "s/LDAP_SEARCH_FILTER/$LDAP_SEARCH_FILTER/g" /var/www/html/settings.d/LocalSettings.LDAP.php sed -i "s/WIKI_LANG/$WIKI_LANG/g" /var/www/html/settings.d/LocalSettings.LDAP.php php maintenance/update.php --quick diff --git a/build/include/settings.d/LocalSettings.LDAP.php b/build/include/settings.d/LocalSettings.LDAP.php index a91b879..fd6102f 100644 --- a/build/include/settings.d/LocalSettings.LDAP.php +++ b/build/include/settings.d/LocalSettings.LDAP.php @@ -62,15 +62,15 @@ $LDAPProviderDomainConfigProvider = function() { "server" => "LDAP_SERVER_NAME", "port" => "LDAP_SERVER_PORT", "enctype" => "LDAP_ENCTYPE", - "user" => LDAP_BIND_USER, - "pass" => LDAP_BIND_PASS, + "user" => "LDAP_BIND_USER", + "pass" => "LDAP_BIND_PASS", "basedn" => "LDAP_BASE", "userbasedn" => "LDAP_BASE", "groupbasedn" => "LDAP_BASE", "searchattribute" => "LDAP_USER_ATTR", "usernameattribute" => "LDAP_USER_ATTR", - "realnameattribute" => "displayname", - "emailattribute" => "mail", + "realnameattribute" => "LDAP_REAL_NAME_ATTR", + "emailattribute" => "LDAP_MAIL_ATTR", "grouprequest" => "MediaWiki\\Extension\\LDAPProvider\\UserGroupsRequest\\UserMemberOf::factory", "nestedgroups" => true ], @@ -81,12 +81,16 @@ $LDAPProviderDomainConfigProvider = function() { ], "userinfo" => [ "attributes-map" => [ - "email" => "mail", - "realname" => "displayname" + "email" => "LDAP_MAIL_ATTR", + "realname" => "LDAP_REAL_NAME_ATTR" ] ], "groupsync" => [ - "mechanism" => "allgroups" + "mapping" => [ + "bureaucrat" => "LDAP_BUREAUCRAT_GROUP", + "interface-admin" => "LDAP_INTERFACE_ADMIN_GROUP", + "sysop" => "LDAP_SYSOP_GROUP" + ] ] ] ]; @@ -96,14 +100,21 @@ $LDAPProviderDomainConfigProvider = function() { $LDAPProviderCacheTime = 5; $LDAPProviderCacheType = "CACHE_NONE" ; $LDAPProviderDefaultDomain = "LDAP_DOMAINNAME" ; +$wgLdapAuthSearchFilter = 'LDAP_SEARCH_FILTER'; +$wgExternalDataSources['LDAP_SERVER_NAME'] = [ + 'server' => 'LDAP_SERVER_NAME', + 'base dn' => 'LDAP_BASE', + 'user' => 'LDAP_BIND_USER', + 'password' => 'LDAP_BIND_PASS' +]; # Group Permissions $wgGroupPermissions['*']['edit'] = false; -$wgGroupPermissions['*']['createaccount'] = true; -$wgGroupPermissions['*']['autocreateaccount'] = true; +$wgGroupPermissions['*']['createaccount'] = false; +$wgGroupPermissions['*']['autocreateaccount'] = false; $wgGroupPermissions['wiki-admins']['delete'] = true; $wgGroupPermissions['wiki-admins']['undelete'] = true; @@ -119,4 +130,13 @@ $wgGroupPermissions['wiki-admins']['protect'] = true; wfLoadExtension( 'VisualEditor' ); wfLoadExtension( 'WikiEditor' ); +## Eric's extensions +$wgFavicon = "$wgResourceBasePath/resources/assets/wiki.png"; + +wfLoadExtension( 'Cargo' ); +wfLoadExtension( 'Cite' ); +wfLoadExtension( 'ExternalData' ); +wfLoadExtension( 'Math' ); +wfLoadExtension( 'PageForms' ); +