crans
/
nixos
mirror of https://gitlab.crans.org/nounous/nixos
19
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nixos/modules/services/mediawiki.nix

203 lines
6.4 KiB
Nix
Raw Blame History

{ lib, pkgs, config, ... }:
let
version = pkgs.mediawiki.version;
major = lib.versions.major version;
minor = lib.versions.minor version;
in
{
age.secrets.mediawiki-admin-passwd = {
file = ../../secrets/mediakiwi/mediawiki-admin-passwd.age;
owner = "mediawiki";
};
age.secrets.mediawiki-ldap = {
file = ../../secrets/mediakiwi/mediawiki-ldap.age;
owner = "mediawiki";
};
services.phpfpm.pools.mediawiki.phpOptions = ''
upload_max_filesize = 512M
post_max_size = 512M
max_execution_time = 1000
max_input_time = 2000
default_socket_timeout = 2000
'';
services.nginx.clientMaxBodySize = "512M";
services.mediawiki = {
enable = true;
name = "Wiki Crans";
nginx.hostName = "mediakiwi.crans.org";
webserver = "nginx";
passwordFile = config.age.secrets.mediawiki-admin-passwd.path;
extraConfig = ''
# Server settings
$wgFavicon = 'https://www.crans.org/images/favicon.ico';
$wgLogo = 'https://www.crans.org/images/crans.svg';
# Files and Uploads
$wgMaxUploadSize = 512 * 1024 * 1024;
# E-mail settings
$wgEnableEmail = true;
# $wgSMTP = [
# 'host' => 'smtp.adm.crans.org',
# 'IDHost' => 'crans.org',
# 'localhost' => 'crans.org',
# 'port' => ,
# 'auth' => false,
# # 'username' => ,
# # 'password' => ,
# ];
$wgPasswordSender = 'root@crans.org';
$wgEmergencyContact = 'contact@crans.org';
$wgNoReplyAddress = 'root@crans.org';
$wgEnableUserEmail = false;
# $wgEnableSpecialMute = true;
$wgAllowHTMLEmail = true;
$wgEnotifUseRealName = false;
$wgEnotifFromEditor = false;
$wgEnotifRevealEditorAddress = false;
$wgEnotifUserTalk = true;
$wgEnotifMinorEdits = true;
$wgEnotifWatchlist = true;
# Peut-être utilisé pour les Wikistes
$wgUsersNotifiedOnAllChanges = [];
# Auth
$wgPluggableAuth_EnableLocalLogin = true;
$LDAPAuthentication2AllowLocalLogin = true;
$LDAPProviderDomainConfigs = "${config.age.secrets.mediawiki-ldap.path}";
$wgPluggableAuth_Config = [
"Compte Crans" => [
'plugin' => 'LDAPAuthentication2',
'data' => [
'domain' => 'crans'
]
],
# "Note BDE" => [
# 'plugin' => 'OpenIDConnect',
# ]
];
# Theme
$wgDefaultSkin = 'citizen';
$wgCitizenThemeColor = '#AD1F1F';
$wgCitizenEnableARFonts = true;
$wgCitizenEnableCJKFonts = true;
$wgLanguageCode = 'fr';
# Disable anonymous editing
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['*']['read'] = false;
# Extensions
$wgWikiEditorRealtimePreview = true;
# Custom Namespaces
define("NS_ARCHIVE", 3000);
define("NS_ARCHIVE_TALK", 3001);
$wgExtraNamespaces[NS_ARCHIVE] = "Archive";
$wgExtraNamespaces[NS_ARCHIVE_TALK] = "Discussion_archive";
# Debug
$wgShowExceptionDetails = true;
$wgDebugToolbar = true;
# $wgShowDebug = true;
# $wgDevelopmentWarnings = true;
'';
skins = {
Citizen = pkgs.fetchFromGitHub {
name = "Citizen";
owner = "StarCitizenTools";
repo = "mediawiki-skins-Citizen";
tag = "v3.2.0";
sha256 = "sha256-XtjYMBK2pINwbAzAKFJ+nWxcFXQd2E/Gqf3x+3Pa8VE=";
};
};
extensions = {
# Enables embedded extensions
Math = null;
MultimediaViewer = null;
Nuke = null;
SyntaxHighlight_GeSHi = null;
TemplateData = null;
VisualEditor = null;
WikiEditor = null;
# Bundled with next version, put as null in the next update
TemplateStyles = pkgs.fetchFromGitHub {
name = "TemplateStyles";
owner = "wikimedia";
repo = "mediawiki-extensions-TemplateStyles";
rev = "REL" + major + "_" + minor;
# Le SHA doit être changé à chaque nouveau commit de traduction.
# Pas de meilleure solution à ma connaissance pour suivre les releases.
sha256 = "sha256-fCBccHTIBJrUyxe6oP7VR84HO65ICETE73X4rswQo4c=";
};
# Popups
TextExtracts = null;
PageImages = null;
Popups = pkgs.fetchFromGitHub {
name = "Popups";
owner = "wikimedia";
repo = "mediawiki-extensions-Popups";
rev = "REL" + major + "_" + minor;
# Le SHA doit être changé à chaque nouveau commit de traduction.
# Pas de meilleure solution à ma connaissance pour suivre les releases.
sha256 = "sha256-Vn/XGVYvM5doPtTEONESdVhgZlH/Fku74MeQbGrwU/E=";
};
# Auth
PluggableAuth = pkgs.fetchFromGitHub {
name = "PluggableAuth";
owner = "wikimedia";
repo = "mediawiki-extensions-PluggableAuth";
rev = "REL" + major + "_" + minor;
# Le SHA doit être changé à chaque nouveau commit de traduction.
# Pas de meilleure solution à ma connaissance pour suivre les releases.
sha256 = "sha256-3+nzeWemVAHGmLz3ZMvDSvP2UCmsnEiGJcE/oEakr2s=";
};
LDAPProvider = pkgs.fetchFromGitHub {
name = "LDAPProvider";
owner = "wikimedia";
repo = "mediawiki-extensions-LDAPProvider";
rev = "REL" + major + "_" + minor;
# Le SHA doit être changé à chaque nouveau commit de traduction.
# Pas de meilleure solution à ma connaissance pour suivre les releases.
sha256 = "sha256-bpj+MS4XKLoDdtEK+Mv7Ifa6qz215jKhSL1DOOw4ZPs=";
};
LDAPAuthentication2 = pkgs.fetchFromGitHub {
name = "LDAPAuthentication2";
owner = "wikimedia";
repo = "mediawiki-extensions-LDAPAuthentication2";
rev = "REL" + major + "_" + minor;
# Le SHA doit être changé à chaque nouveau commit de traduction.
# Pas de meilleure solution à ma connaissance pour suivre les releases.
sha256 = "sha256-oi5rliHb4KnLbvQxO7MGuLp/FEucoGR/Z0NP1gmbgMc=";
};
OpenIDConnect = pkgs.fetchFromGitHub {
name = "OpenIDConnect";
owner = "wikimedia";
repo = "mediawiki-extensions-OpenIDConnect";
rev = "REL" + major + "_" + minor;
# Le SHA doit être changé à chaque nouveau commit de traduction.
# Pas de meilleure solution à ma connaissance pour suivre les releases.
sha256 = "sha256-KoBULn53xnY+ydodeTGN7YEoqgLr9qhhuR5mNibbh5s=";
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink