DevOps/docker-mediawiki-extended
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5a7f4a4d09
docker-mediawiki-extended/build/include/settings.d/LocalSettings.LDAP.php

143 lines
4.3 KiB
PHP
Raw Blame History

<?php
# debug - set to true for debugging
$wgShowExceptionDetails = false;
$wgDebugToolbar = false;
$wgShowDebug = false;
$wgDevelopmentWarnings = false;
$wgDebugLogGroups = array(
'resourceloader' => '/log/mediawiki/resourceloader.log',
'exception' => '/log/mediawiki/exception.log',
'exception-json' => '/log/mediawiki/exception.json',
'LDAPAuthentication2' => '/log/mediawiki/LDAPAuthentication2.log',
'LDAPAuthorization' => '/log/mediawiki/LDAPAuthorization.log',
'LDAPGroups' => '/log/mediawiki/LDAPGroups.log',
'LDAPUserInfo' => '/log/mediawiki/LDAPUserInfo.log',
'LDAPProvider' => '/log/mediawiki/LDAPProvider.log',
'LDAPSyncAll' => '/log/mediawiki/LDAPSyncAll.log',
'Auth_remoteuser' => '/log/mediawiki/Auth_remoteuser.log',
'PluggableAuth' => '/log/mediawiki/PluggableAuth.log',
'LDAP' => '/log/mediawiki/ldap.log',
'MediaWiki\\Extension\\LDAPProvider\\Client' => '/log/mediawiki/LDAPClient.log'
);
wfLoadExtensions( [
'LDAPAuthentication2',
'LDAPAuthorization',
'LDAPGroups',
'LDAPProvider',
'LDAPUserInfo',
'PluggableAuth'
] );
$wgAuthRemoteuserDomain = "LDAP_DOMAINNAME";
$wgAuthRemoteuserMailDomain = "LDAP_SERVER_NAME";
$wgAuthRemoteuserNotify = true;
#LDAPAuthorization
$wgLdapAuthDomainNames = "LDAP_DOMAINNAME";
$wgLdapAuthIsActiveDirectory = 'false';
$wgLdapAuthSearchTree = true ;
#PluggableAuth
$wgPluggableAuth_EnableAutoLogin = false ;
$wgPluggableAuth_EnableLocalProperties = false ;
$wgPluggableAuth_EnableLocalLogin = false ;
$wgPluggableAuth_ButtonLabel = "LDAP Log In"; # defaults to "Login with PluggableAuth "
#LDAPAuthentication2
$LDAPAuthenticationAllowLocalLogin = true;
$LDAPAuthenticationUsernameNormalizer = 'strtolower';
$LDAPProviderDomainConfigProvider = function() {
$config = [
"LDAP_DOMAINNAME" => [
"connection" => [
"server" => "LDAP_SERVER_NAME",
"port" => "LDAP_SERVER_PORT",
"enctype" => "LDAP_ENCTYPE",
"user" => "LDAP_BIND_USER",
"pass" => "LDAP_BIND_PASS",
"basedn" => "LDAP_BASE",
"userbasedn" => "LDAP_BASE",
"groupbasedn" => "LDAP_BASE",
"searchattribute" => "LDAP_USER_ATTR",
"usernameattribute" => "LDAP_USER_ATTR",
"realnameattribute" => "LDAP_REAL_NAME_ATTR",
"emailattribute" => "LDAP_MAIL_ATTR",
"grouprequest" => "MediaWiki\\Extension\\LDAPProvider\\UserGroupsRequest\\UserMemberOf::factory",
"nestedgroups" => true
],
"authorization" => [
"rules" => [
"attributes" => []
]
],
"userinfo" => [
"attributes-map" => [
"email" => "LDAP_MAIL_ATTR",
"realname" => "LDAP_REAL_NAME_ATTR"
]
],
"groupsync" => [
"mapping" => [
"bureaucrat" => "LDAP_BUREAUCRAT_GROUP",
"interface-admin" => "LDAP_INTERFACE_ADMIN_GROUP",
"sysop" => "LDAP_SYSOP_GROUP"
]
]
]
];
return new \MediaWiki\Extension\LDAPProvider\DomainConfigProvider\InlinePHPArray( $config );
};
$LDAPProviderCacheTime = 5;
$LDAPProviderCacheType = "CACHE_NONE" ;
$LDAPProviderDefaultDomain = "LDAP_DOMAINNAME" ;
$wgLdapAuthSearchFilter = 'LDAP_SEARCH_FILTER';
$wgExternalDataSources['LDAP_SERVER_NAME'] = [
'server' => 'LDAP_SERVER_NAME',
'base dn' => 'LDAP_BASE',
'user' => 'LDAP_BIND_USER',
'password' => 'LDAP_BIND_PASS'
];
# Group Permissions
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['*']['createaccount'] = false;
$wgGroupPermissions['*']['autocreateaccount'] = false;
$wgGroupPermissions['wiki-admins']['delete'] = true;
$wgGroupPermissions['wiki-admins']['undelete'] = true;
$wgGroupPermissions['wiki-admins']['undelete'] = true;
$wgGroupPermissions['wiki-admins']['editprotected'] = true;
$wgGroupPermissions['wiki-admins']['protect'] = true;
## Visual Editor Stuff
wfLoadExtension( 'VisualEditor' );
wfLoadExtension( 'WikiEditor' );
## Eric's extensions
$wgFavicon = "$wgResourceBasePath/resources/assets/wiki.png";
wfLoadExtension( 'Cargo' );
wfLoadExtension( 'Cite' );
wfLoadExtension( 'ExternalData' );
wfLoadExtension( 'Math' );
wfLoadExtension( 'PageForms' );
Reference in New Issue View Git Blame Copy Permalink