From c0c9249e5a79a4a0c3036c237dbf5aef9a267169 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Fri, 2 Feb 2024 21:09:58 +0100 Subject: [PATCH] remove old wiki module --- modules/wiki.nix | 117 ----------------------------------------------- 1 file changed, 117 deletions(-) delete mode 100644 modules/wiki.nix diff --git a/modules/wiki.nix b/modules/wiki.nix deleted file mode 100644 index f8fe604..0000000 --- a/modules/wiki.nix +++ /dev/null @@ -1,117 +0,0 @@ -{ config, pkgs, ... }: -let - domain = "wiki.${config.networking.domain}"; - listenPort = 8080; -in -{ - sops.secrets = { - "mediawiki/initial_admin".owner = config.users.users.mediawiki.name; - "mediawiki/oidc_secret".owner = config.users.users.mediawiki.name; - }; - - systemd.services.mediawiki-init.after = [ "postgresql.service" ]; - services = { - mediawiki = { - enable = true; - passwordFile = config.sops.secrets."mediawiki/initial_admin".path; - database.type = "postgres"; - url = "https://${domain}"; - - httpd.virtualHost = { - adminAddr = "root@ifsr.de"; - listen = [{ - ip = "127.0.0.1"; - port = listenPort; - ssl = false; - }]; - # Short url support (e.g. https://wiki.ifsr.de/Page instead of .../index.php?title=Page) - # Recommended config taken from https://www.mediawiki.org/wiki/Manual:Short_URL/Apache - # See paragraph "If you are using a root url ..." - extraConfig = '' - RewriteEngine On - RewriteCond %{REQUEST_URI} !^/rest\.php - RewriteCond %{REQUEST_URI} !^/images - RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-f - RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-d - RewriteRule ^(.*)$ %{DOCUMENT_ROOT}/index.php [L] - ''; - }; - - extraConfig = '' - $wgSitename = "FSR Wiki"; - $wgArticlePath = '/$1'; - - $wgLogo = "/images/3/3b/LogoiFSR.png"; - $wgLanguageCode = "de"; - - $wgGroupPermissions['*']['read'] = false; - $wgGroupPermissions['*']['edit'] = false; - $wgGroupPermissions['*']['createaccount'] = false; - $wgGroupPermissions['*']['autocreateaccount'] = true; - $wgGroupPermissions['sysop']['userrights'] = true; - $wgGroupPermissions['sysop']['deletelogentry'] = true; - $wgGroupPermissions['sysop']['deleterevision'] = true; - - $wgEnableAPI = true; - $wgAllowUserCss = true; - $wgUseAjax = true; - $wgEnableMWSuggest = true; - $wgDefaultSkin = 'timeless'; - - //TODO what about $wgUpgradeKey ? - - # Auth - # https://www.mediawiki.org/wiki/Extension:PluggableAuth - # https://www.mediawiki.org/wiki/Extension:OpenID_Connect - $wgPluggableAuth_EnableLocalLogin = true; - $wgPluggableAuth_Config["iFSR Login"] = [ - "plugin" => "OpenIDConnect", - "data" => [ - "providerURL" => "${config.services.portunus.domain}/dex", - "clientID" => "wiki", - "clientsecret" => file_get_contents('${config.sops.secrets."mediawiki/oidc_secret".path}'), - ], - ]; - ''; - - extensions = { - PluggableAuth = pkgs.fetchzip { - url = "https://extdist.wmflabs.org/dist/extensions/PluggableAuth-REL1_40-2d86d50.tar.gz"; - hash = "sha256-NAdjc8pqAjSZrsN2IQ/rESyZYEnesBT0cGg8CrIlvFM="; - }; - OpenIDConnect = pkgs.fetchzip { - url = "https://extdist.wmflabs.org/dist/extensions/OpenIDConnect-REL1_40-e97e0b1.tar.gz"; - hash = "sha256-UrxaszLL3e4PZmTOnGkNliQ8fjGVD37Xj7BjhvhQDJU="; - }; - VisualEditor = pkgs.fetchzip { - url = "https://extdist.wmflabs.org/dist/extensions/VisualEditor-REL1_40-c6aec49.tar.gz"; - hash = "sha256-p66C7ks0ocy5sL7LTkFQuDA3/2uSXdfldUXoOQ6afWM="; - }; - SyntaxHighlight = pkgs.fetchzip { - url = "https://extdist.wmflabs.org/dist/extensions/SyntaxHighlight_GeSHi-REL1_40-ded412b.tar.gz"; - hash = "sha256-mlNrcZhGADqzdLNeck0ATv44W3cTTOykQouHJTaj5cA="; - }; - }; - }; - - portunus.dex.oidcClients = [{ - id = "wiki"; - callbackURL = "https://${domain}/Spezial:PluggableAuthLogin"; - }]; - - nginx = { - recommendedProxySettings = true; - virtualHosts.${domain} = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:${toString listenPort}"; - proxyWebsockets = true; - }; - locations."~ ^/ese(/?[^\\n|\\r]*)$".return = "301 https://wiki.ese.ifsr.de$1"; - locations."~ ^/fsr(/?[^\\n|\\r]*)$".return = "301 https://wiki.ifsr.de$1"; - locations."~ ^/vernetzung(/?[^\\n|\\r]*)$".return = "301 https://vernetzung.ifsr.de$1"; - }; - }; - }; -}