├── .rspec
├── srv
└── .gitignore
├── cache
├── npm
│ ├── .htaccess
│ └── .gitignore
├── apt
│ ├── .gitignore
│ └── partial
│ │ └── .gitignore
└── composer
│ └── .gitignore
├── puppet
├── modules
│ ├── local
│ │ ├── files
│ │ │ └── .gitignore
│ │ ├── manifests
│ │ │ └── .gitignore
│ │ └── templates
│ │ │ └── .gitignore
│ ├── service
│ │ ├── files
│ │ │ └── confd
│ │ │ │ └── .gitignore
│ │ └── templates
│ │ │ ├── logrotate.erb
│ │ │ ├── gitupdate.conf.erb
│ │ │ └── node
│ │ │ └── upstart.conf.erb
│ ├── elasticsearch
│ │ ├── files
│ │ │ ├── elasticsearch.yml
│ │ │ └── logrotate
│ │ └── templates
│ │ │ ├── CirrusSearchTest.php.erb
│ │ │ └── CirrusSearch-commons.php.erb
│ ├── stdlib
│ │ ├── tests
│ │ │ ├── init.pp
│ │ │ ├── has_ip_address.pp
│ │ │ ├── has_ip_network.pp
│ │ │ └── file_line.pp
│ │ ├── Rakefile
│ │ ├── spec
│ │ │ ├── spec.opts
│ │ │ ├── monkey_patches
│ │ │ │ ├── alias_should_to_must.rb
│ │ │ │ └── publicize_methods.rb
│ │ │ └── unit
│ │ │ │ └── puppet
│ │ │ │ ├── type
│ │ │ │ └── anchor_spec.rb
│ │ │ │ └── parser
│ │ │ │ └── functions
│ │ │ │ ├── zip_spec.rb
│ │ │ │ ├── strip_spec.rb
│ │ │ │ ├── chop_spec.rb
│ │ │ │ ├── chomp_spec.rb
│ │ │ │ ├── lstrip_spec.rb
│ │ │ │ ├── join_spec.rb
│ │ │ │ ├── reverse_spec.rb
│ │ │ │ ├── swapcase_spec.rb
│ │ │ │ └── hash_spec.rb
│ │ ├── Modulefile
│ │ ├── lib
│ │ │ ├── puppet
│ │ │ │ └── parser
│ │ │ │ │ └── functions
│ │ │ │ │ ├── max.rb
│ │ │ │ │ ├── min.rb
│ │ │ │ │ ├── is_hash.rb
│ │ │ │ │ ├── is_array.rb
│ │ │ │ │ ├── parseyaml.rb
│ │ │ │ │ ├── loadyaml.rb
│ │ │ │ │ ├── parsejson.rb
│ │ │ │ │ ├── keys.rb
│ │ │ │ │ └── sort.rb
│ │ │ └── facter
│ │ │ │ └── root_home.rb
│ │ └── manifests
│ │ │ └── init.pp
│ ├── postfix
│ │ └── templates
│ │ │ ├── virtual.erb
│ │ │ └── main.cf.erb
│ ├── role
│ │ ├── settings
│ │ │ ├── raita.yaml
│ │ │ ├── phabricator.yaml
│ │ │ ├── cassandra.yaml
│ │ │ ├── citoid.yaml
│ │ │ ├── parsoid.yaml
│ │ │ ├── swift.yaml
│ │ │ ├── zotero.yaml
│ │ │ ├── graphoid.yaml
│ │ │ ├── mathoid.yaml
│ │ │ ├── trafficserver.yaml
│ │ │ ├── contenttranslation.yaml
│ │ │ ├── elk.yaml
│ │ │ ├── hadoop.yaml
│ │ │ ├── restbase.yaml
│ │ │ ├── mobilecontentservice.yaml
│ │ │ ├── varnish.yaml
│ │ │ ├── kafka.yaml
│ │ │ ├── cirrussearch.yaml
│ │ │ ├── fundraising.yaml
│ │ │ ├── visualeditor.yaml
│ │ │ ├── thumbor.yaml
│ │ │ ├── eventbus.yaml
│ │ │ └── wikimetrics.yaml
│ │ ├── files
│ │ │ ├── simple_performant
│ │ │ │ └── skins-htaccess
│ │ │ ├── analytics
│ │ │ │ └── cdh5.apt-pin
│ │ │ ├── invitesignup
│ │ │ │ └── VagrantRoleInviteSignup.wiki
│ │ │ ├── elk
│ │ │ │ ├── filter-strip-ansi-color.conf
│ │ │ │ └── rsyslog.conf
│ │ │ ├── flow
│ │ │ │ └── logrotate.d-mediawiki-Flow
│ │ │ ├── oauth
│ │ │ │ └── VagrantRoleOAuth.wiki
│ │ │ ├── titleblacklist
│ │ │ │ └── VagrantRoleTitleBlacklist.wiki
│ │ │ └── https
│ │ │ │ └── nginx.conf
│ │ ├── templates
│ │ │ ├── private
│ │ │ │ └── apache2.conf.erb
│ │ │ ├── elk
│ │ │ │ ├── check-kibana-index.erb
│ │ │ │ ├── check-logstash-template.erb
│ │ │ │ ├── create-logstash-template.erb
│ │ │ │ ├── create-kibana-index.erb
│ │ │ │ └── monolog.php.erb
│ │ │ ├── raita
│ │ │ │ ├── index.json.erb
│ │ │ │ └── apache.conf.erb
│ │ │ ├── urlshortener
│ │ │ │ └── apache2.conf.erb
│ │ │ ├── oauth
│ │ │ │ ├── apache.conf.erb
│ │ │ │ ├── oauth-hello-world.ini.erb
│ │ │ │ ├── check-auth.sql.erb
│ │ │ │ └── check.sql.erb
│ │ │ ├── ldapauth
│ │ │ │ └── check_db.erb
│ │ │ ├── phragile
│ │ │ │ ├── update_app_key.erb
│ │ │ │ └── apache.conf.erb
│ │ │ ├── restbase
│ │ │ │ ├── apache2.conf.erb
│ │ │ │ └── vrs.php.erb
│ │ │ ├── wikitech
│ │ │ │ ├── Debug.php.erb
│ │ │ │ └── Private.php.erb
│ │ │ ├── striker
│ │ │ │ └── ldap_check.erb
│ │ │ ├── swift
│ │ │ │ └── apache2.conf.erb
│ │ │ ├── multimediaviewer
│ │ │ │ └── apache2.conf.erb
│ │ │ ├── wikidata
│ │ │ │ └── init.php.erb
│ │ │ ├── lockdown
│ │ │ │ ├── VagrantRoleLockdown.wiki.erb
│ │ │ │ └── settings.php.erb
│ │ │ ├── cirrussearch
│ │ │ │ ├── build_search_index.erb
│ │ │ │ └── is-cirrussearch-forceindex-needed.erb
│ │ │ ├── sentry
│ │ │ │ └── VagrantRoleSentry.wiki.erb
│ │ │ ├── questycaptcha
│ │ │ │ └── VagrantRoleQuestyCaptcha.wiki.erb
│ │ │ ├── securepoll
│ │ │ │ └── conf.php.erb
│ │ │ ├── warnings_as_errors
│ │ │ │ └── conf.php.erb
│ │ │ ├── visualeditor
│ │ │ │ └── conf.php.erb
│ │ │ ├── abusefilter
│ │ │ │ └── settings.php.erb
│ │ │ ├── sal
│ │ │ │ └── apache.conf.erb
│ │ │ ├── quips
│ │ │ │ └── apache.conf.erb
│ │ │ ├── externalstore
│ │ │ │ └── conf.php.erb
│ │ │ ├── wikimediamessages
│ │ │ │ └── conf.php.erb
│ │ │ ├── parsoid
│ │ │ │ └── vrs.php.erb
│ │ │ ├── thumbor
│ │ │ │ ├── apache2.conf.erb
│ │ │ │ └── nginx.conf.erb
│ │ │ ├── echo
│ │ │ │ └── CORS.php.erb
│ │ │ ├── centralauth
│ │ │ │ └── is-centralauth-migratePass0-needed.bash.erb
│ │ │ └── memcached
│ │ │ │ └── conf.php.erb
│ │ └── manifests
│ │ │ ├── poem.pp
│ │ │ ├── zotero.pp
│ │ │ ├── cassandra.pp
│ │ │ ├── doublewiki.pp
│ │ │ ├── newusermessage.pp
│ │ │ ├── kafka.pp
│ │ │ ├── wikispeech.pp
│ │ │ ├── apex.pp
│ │ │ ├── jsduck.pp
│ │ │ ├── newsletter.pp
│ │ │ ├── modern.pp
│ │ │ ├── xanalytics.pp
│ │ │ ├── gpgmail.pp
│ │ │ ├── monobook.pp
│ │ │ ├── torblock.pp
│ │ │ ├── easytimeline.pp
│ │ │ ├── greystuff.pp
│ │ │ ├── openbadges.pp
│ │ │ ├── pagetriage.pp
│ │ │ ├── sandboxlink.pp
│ │ │ ├── testwiki.pp
│ │ │ ├── wikimediamaintenance.pp
│ │ │ ├── wikihiero.pp
│ │ │ ├── cologneblue.pp
│ │ │ ├── featuredfeeds.pp
│ │ │ ├── geshi.pp
│ │ │ ├── embedvideo.pp
│ │ │ ├── gadgets.pp
│ │ │ ├── globalusage.pp
│ │ │ ├── kartographer.pp
│ │ │ ├── nuke.pp
│ │ │ ├── pageimages.pp
│ │ │ ├── textextracts.pp
│ │ │ ├── checkuser.pp
│ │ │ ├── betafeatures.pp
│ │ │ ├── cite.pp
│ │ │ ├── disambiguator.pp
│ │ │ ├── hue.pp
│ │ │ ├── massaction.pp
│ │ │ ├── mobilecontentservice.pp
│ │ │ ├── parserfunctions.pp
│ │ │ ├── codeeditor.pp
│ │ │ ├── labeledsectiontransclusion.pp
│ │ │ ├── performanceinspector.pp
│ │ │ ├── categorytree.pp
│ │ │ ├── inputbox.pp
│ │ │ ├── renameuser.pp
│ │ │ ├── wikimediaincubator.pp
│ │ │ ├── headertabs.pp
│ │ │ ├── usermerge.pp
│ │ │ ├── widgets.pp
│ │ │ ├── warnings_as_errors.pp
│ │ │ ├── centralnotice.pp
│ │ │ ├── l10nupdate.pp
│ │ │ ├── shorturl.pp
│ │ │ ├── uploadslink.pp
│ │ │ ├── revisionslider.pp
│ │ │ ├── youtube.pp
│ │ │ ├── buggy.pp
│ │ │ ├── oathauth.pp
│ │ │ ├── pageassessments.pp
│ │ │ ├── spark.pp
│ │ │ ├── apparmor.pp
│ │ │ ├── interwiki.pp
│ │ │ ├── payments.pp
│ │ │ ├── wikimediaevents.pp
│ │ │ ├── fundraising.pp
│ │ │ ├── guidedtour.pp
│ │ │ ├── urlgetparameters.pp
│ │ │ ├── popups.pp
│ │ │ ├── memcached.pp
│ │ │ ├── parsoid.pp
│ │ │ ├── geodata.pp
│ │ │ ├── notebook.pp
│ │ │ ├── mathoid.pp
│ │ │ ├── wikigrok.pp
│ │ │ ├── campaigns.pp
│ │ │ ├── mobileapp.pp
│ │ │ ├── scholarships.pp
│ │ │ ├── wikilove.pp
│ │ │ ├── iegreview.pp
│ │ │ ├── commonsmetadata.pp
│ │ │ ├── statsd.pp
│ │ │ ├── variables.pp
│ │ │ ├── sitematrix.pp
│ │ │ ├── education.pp
│ │ │ ├── wikieditor.pp
│ │ │ ├── liquidthreads.pp
│ │ │ ├── templatestyles.pp
│ │ │ ├── citoid.pp
│ │ │ ├── gather.pp
│ │ │ ├── massmessage.pp
│ │ │ ├── navigationtiming.pp
│ │ │ ├── antispam.pp
│ │ │ ├── disableaccount.pp
│ │ │ ├── phabricator.pp
│ │ │ ├── zend.pp
│ │ │ ├── kartographerwv.pp
│ │ │ ├── jsonconfig.pp
│ │ │ ├── pipeescape.pp
│ │ │ ├── swift.pp
│ │ │ ├── wikidiff2.pp
│ │ │ ├── vectorbeta.pp
│ │ │ ├── cldr.pp
│ │ │ ├── imagemetrics.pp
│ │ │ ├── wikimediamessages.pp
│ │ │ ├── phptags.pp
│ │ │ ├── accountinfo.pp
│ │ │ ├── semantictitle.pp
│ │ │ ├── thumb_on_404.pp
│ │ │ ├── abusefilter.pp
│ │ │ ├── lockdown.pp
│ │ │ ├── babel.pp
│ │ │ ├── trafficserver.pp
│ │ │ ├── semanticresultformats.pp
│ │ │ ├── securepoll.pp
│ │ │ ├── livingstyleguide.pp
│ │ │ ├── psr3.pp
│ │ │ ├── questycaptcha.pp
│ │ │ ├── score.pp
│ │ │ ├── fss.pp
│ │ │ ├── pagedtiffhandler.pp
│ │ │ ├── antispoof.pp
│ │ │ ├── svg.pp
│ │ │ ├── templatedata.pp
│ │ │ ├── uls.pp
│ │ │ ├── urlshortener.pp
│ │ │ ├── mathsearch.pp
│ │ │ ├── globaluserpage.pp
│ │ │ ├── oozie.pp
│ │ │ ├── semanticextraspecialproperties.pp
│ │ │ ├── semanticmediawiki.pp
│ │ │ ├── varnish.pp
│ │ │ └── molhandler.pp
│ ├── mediawiki
│ │ ├── files
│ │ │ ├── info.php
│ │ │ ├── phpsh
│ │ │ │ └── config
│ │ │ ├── favicon.ico
│ │ │ ├── robots.txt
│ │ │ ├── mediawiki-vagrant.png
│ │ │ ├── run-mediawiki-tests
│ │ │ ├── multiwiki
│ │ │ │ ├── priority-empty
│ │ │ │ │ └── README
│ │ │ │ └── stub.php
│ │ │ ├── wiki
│ │ │ │ ├── settings.d-empty
│ │ │ │ │ └── README
│ │ │ │ └── logrotate.d-mediawiki-shared-log-groups
│ │ │ ├── mediawiki-settings.d-empty
│ │ │ │ └── README
│ │ │ ├── composer.local.json
│ │ │ ├── import-mediawiki-dump
│ │ │ ├── logrotate.d_mediawiki_jobchron
│ │ │ ├── logrotate.d_mediawiki_jobrunner
│ │ │ ├── phpsh.sh
│ │ │ ├── main_page_template.wiki
│ │ │ └── main_page.wiki
│ │ └── templates
│ │ │ ├── multiwiki
│ │ │ ├── alldbs.erb
│ │ │ ├── mwscript.erb
│ │ │ └── multiversion-install.erb
│ │ │ ├── wiki
│ │ │ ├── run_installer.erb
│ │ │ ├── check_installed.erb
│ │ │ ├── dbConf.php.erb
│ │ │ └── apache-images.erb
│ │ │ ├── composer-require.json.erb
│ │ │ ├── jobrunner.default.erb
│ │ │ ├── logrotate.d-mediawiki-debug-log.erb
│ │ │ ├── skin.php.erb
│ │ │ ├── docroot
│ │ │ └── w
│ │ │ │ ├── dblist.php.erb
│ │ │ │ └── defines.php.erb
│ │ │ ├── mediawiki-bridge.conf.erb
│ │ │ ├── rc.php.erb
│ │ │ └── mwrepl
│ │ │ └── mwrepl.erb
│ ├── swift
│ │ ├── files
│ │ │ └── SwiftMedia
│ │ │ │ └── wmf
│ │ │ │ └── __init__.py
│ │ └── templates
│ │ │ ├── swift.conf.erb
│ │ │ └── upstart.erb
│ ├── env
│ │ ├── files
│ │ │ └── profile.d-empty
│ │ │ │ └── README
│ │ ├── templates
│ │ │ └── set_var.erb
│ │ └── manifests
│ │ │ └── init.pp
│ ├── trafficserver
│ │ └── templates
│ │ │ ├── cache.config.erb
│ │ │ ├── cacheurl.config.erb
│ │ │ ├── plugin.config.erb
│ │ │ ├── header_rewrite.config.erb
│ │ │ ├── regex_remap.config.erb
│ │ │ ├── remap.config.erb
│ │ │ ├── build.sh.erb
│ │ │ └── upstart.erb
│ ├── payments
│ │ └── files
│ │ │ ├── Donate-thanks.wiki
│ │ │ └── Donate-error.wiki
│ ├── vipsscaler
│ │ └── templates
│ │ │ └── vipstest.php.erb
│ ├── sudo
│ │ ├── manifests
│ │ │ └── init.pp
│ │ └── templates
│ │ │ └── sudoers.erb
│ ├── crm
│ │ ├── templates
│ │ │ ├── drush-wrapper.sh.erb
│ │ │ ├── crm-apache-site.erb
│ │ │ └── drupal-install.sh.erb
│ │ └── manifests
│ │ │ ├── apache.pp
│ │ │ └── drush.pp
│ ├── iegreview
│ │ └── templates
│ │ │ ├── create_user_unless.sql.erb
│ │ │ ├── load_schema_unless.sql.erb
│ │ │ ├── create_user.sql.erb
│ │ │ └── apache.conf.erb
│ ├── unfetter
│ │ └── files
│ │ │ ├── car.png
│ │ │ ├── attack.png
│ │ │ └── caret
│ │ │ └── styles
│ │ │ └── assets
│ │ │ └── fonts
│ │ │ ├── RobotoSlab-Bold.woff
│ │ │ ├── RobotoSlab-Regular.woff
│ │ │ ├── MaterialIcons-Regular.eot
│ │ │ ├── MaterialIcons-Regular.ttf
│ │ │ ├── MaterialIcons-Regular.woff
│ │ │ └── MaterialIcons-Regular.woff2
│ ├── varnish
│ │ ├── files
│ │ │ ├── build-varnish.sh
│ │ │ ├── build-tbf.sh
│ │ │ └── build-varnish-modules.sh
│ │ └── templates
│ │ │ ├── backend.vcl.erb
│ │ │ └── upstart.erb
│ ├── logstash
│ │ ├── templates
│ │ │ ├── input
│ │ │ │ ├── syslog.erb
│ │ │ │ ├── udp2log.erb
│ │ │ │ ├── gelf.erb
│ │ │ │ └── redis.erb
│ │ │ └── output
│ │ │ │ └── elasticsearch.erb
│ │ └── files
│ │ │ └── conf.d
│ │ │ └── README
│ ├── scholarships
│ │ └── templates
│ │ │ ├── create_user_unless.sql.erb
│ │ │ ├── load_schema_unless.sql.erb
│ │ │ ├── create_user.sql.erb
│ │ │ └── apache.conf.erb
│ ├── thumbor
│ │ ├── files
│ │ │ ├── tinyrgb.icc
│ │ │ └── thumbor.profile
│ │ └── lib
│ │ │ └── puppet
│ │ │ └── parser
│ │ │ └── functions
│ │ │ └── file_exists.rb
│ ├── apache
│ │ ├── manifests
│ │ │ └── mod
│ │ │ │ ├── cgi.pp
│ │ │ │ ├── dav.pp
│ │ │ │ ├── ssl.pp
│ │ │ │ ├── alias.pp
│ │ │ │ ├── proxy.pp
│ │ │ │ ├── actions.pp
│ │ │ │ ├── dav_fs.pp
│ │ │ │ ├── expires.pp
│ │ │ │ ├── filter.pp
│ │ │ │ ├── headers.pp
│ │ │ │ ├── rewrite.pp
│ │ │ │ ├── userdir.pp
│ │ │ │ ├── auth_basic.pp
│ │ │ │ ├── authn_file.pp
│ │ │ │ ├── authz_user.pp
│ │ │ │ ├── proxy_http.pp
│ │ │ │ ├── authnz_ldap.pp
│ │ │ │ ├── proxy_balancer.pp
│ │ │ │ ├── version.pp
│ │ │ │ ├── access_compat.pp
│ │ │ │ ├── php5.pp
│ │ │ │ ├── rpaf.pp
│ │ │ │ ├── wsgi.pp
│ │ │ │ ├── fcgid.pp
│ │ │ │ ├── perl.pp
│ │ │ │ ├── uwsgi.pp
│ │ │ │ ├── authz_svn.pp
│ │ │ │ ├── python.pp
│ │ │ │ ├── fastcgi.pp
│ │ │ │ ├── wsgi_py3.pp
│ │ │ │ ├── passenger.pp
│ │ │ │ └── proxy_fcgi.pp
│ │ ├── files
│ │ │ ├── rsyslog.conf
│ │ │ └── conf
│ │ │ │ └── fcgi_headers.conf
│ │ └── templates
│ │ │ ├── ports.conf.erb
│ │ │ └── site.conf.erb
│ ├── apt
│ │ ├── templates
│ │ │ ├── mwv-apt.list.erb
│ │ │ ├── wikimedia.list.erb
│ │ │ └── multiverse.list.erb
│ │ └── files
│ │ │ └── 01no-recommended
│ ├── kibana
│ │ ├── templates
│ │ │ ├── check-dashboard.erb
│ │ │ └── save-dashboard.erb
│ │ └── manifests
│ │ │ └── dashboard.pp
│ ├── statsd
│ │ ├── templates
│ │ │ ├── config.js.erb
│ │ │ ├── logrotate.erb
│ │ │ └── upstart.conf.erb
│ │ └── files
│ │ │ └── statsd-json-backend.js
│ ├── cassandra
│ │ └── files
│ │ │ └── datastax.sources.list
│ ├── labs
│ │ └── files
│ │ │ └── labs_vagrant_logo.png
│ ├── npm
│ │ ├── files
│ │ │ └── nodesource.sources.list
│ │ └── manifests
│ │ │ ├── globals.pp
│ │ │ └── global.pp
│ ├── php
│ │ └── templates
│ │ │ ├── prune_php_ini_files.bash.erb
│ │ │ └── conffile.ini.erb
│ ├── misc
│ │ ├── files
│ │ │ └── ackrc
│ │ └── templates
│ │ │ └── xdebug.erb
│ ├── hhvm
│ │ └── templates
│ │ │ ├── hhvm.default.erb
│ │ │ ├── rsyslog.conf.erb
│ │ │ └── admin-apache-site.erb
│ ├── rsyslog
│ │ └── files
│ │ │ └── rsyslog.d-empty
│ │ │ └── README
│ ├── contenttranslation
│ │ └── templates
│ │ │ ├── load_unless.sql.erb
│ │ │ └── cxserver.conf.erb
│ ├── browsertests
│ │ └── templates
│ │ │ ├── secret.yml.erb
│ │ │ └── mediawiki-url.sh.erb
│ ├── virtualenv
│ │ ├── templates
│ │ │ └── create-virtualenv.sh.erb
│ │ └── manifests
│ │ │ └── init.pp
│ ├── activemq
│ │ └── templates
│ │ │ └── activemq-upstart.conf.erb
│ ├── wikitools
│ │ └── manifests
│ │ │ └── init.pp
│ ├── ruby
│ │ └── manifests
│ │ │ ├── default.pp
│ │ │ └── ruby.pp
│ ├── memcached
│ │ ├── templates
│ │ │ └── memcached.conf.erb
│ │ └── manifests
│ │ │ └── php.pp
│ ├── kafka
│ │ └── files
│ │ │ ├── kafka.profile.sh
│ │ │ └── upstart
│ ├── jsduck
│ │ └── manifests
│ │ │ └── init.pp
│ ├── eventschemas
│ │ └── manifests
│ │ │ └── init.pp
│ ├── eventlogging
│ │ └── templates
│ │ │ ├── service.erb
│ │ │ ├── service.upstart.erb
│ │ │ └── devserver.upstart.erb
│ ├── mysql
│ │ ├── manifests
│ │ │ ├── packages.pp
│ │ │ └── large_prefix.pp
│ │ ├── templates
│ │ │ └── my.cnf.erb
│ │ └── files
│ │ │ └── innodb_large_prefix.cnf
│ ├── xhprofgui
│ │ └── templates
│ │ │ └── xhprof-apache-config.erb
│ ├── redis
│ │ ├── templates
│ │ │ └── redis.conf.erb
│ │ └── manifests
│ │ │ └── php.pp
│ ├── smashpig
│ │ └── templates
│ │ │ ├── apache-site.erb
│ │ │ └── SmashPig.yaml.erb
│ ├── sentry
│ │ └── templates
│ │ │ ├── apache-site.erb
│ │ │ ├── upstart-server.erb
│ │ │ └── upstart-worker.erb
│ ├── xvfb
│ │ └── templates
│ │ │ └── xvfb.conf.erb
│ ├── cgroup
│ │ └── files
│ │ │ └── cgrulesengd.conf
│ ├── openldap
│ │ └── templates
│ │ │ └── ldap.conf.erb
│ ├── puppet
│ │ └── manifests
│ │ │ └── agent.pp
│ ├── apparmor
│ │ ├── templates
│ │ │ └── usr.bin.redis-server.erb
│ │ └── files
│ │ │ └── isitapparmor
│ ├── motd
│ │ └── manifests
│ │ │ └── init.pp
│ ├── wmflib
│ │ └── lib
│ │ │ └── puppet
│ │ │ └── parser
│ │ │ └── functions
│ │ │ ├── to_seconds.rb
│ │ │ ├── validate_ensure.rb
│ │ │ ├── sequence_array.rb
│ │ │ └── apply_format.rb
│ └── parsoid
│ │ └── templates
│ │ └── localsettings.js.erb
├── hieradata
│ ├── .gitignore
│ ├── provider
│ │ └── lxc.yaml
│ └── environment
│ │ └── labs.yaml
├── extra
│ └── fileserver.conf
└── hiera.yaml
├── logs
└── puppet
│ └── .gitignore
├── .config
└── cucumber.yml
├── lib
└── mediawiki-vagrant
│ ├── version.rb
│ ├── destroy.rb
│ ├── plugin_environment.rb
│ ├── reload.rb
│ ├── run-tests.rb
│ ├── git-update.rb
│ └── import-dump.rb
├── .gitreview
├── .yardopts
├── .arcconfig
├── settings.d
└── puppet-managed
│ └── README
├── .gitattributes
├── features
└── support
│ └── env.rb
├── support
├── packager
│ ├── PACKAGER_README.txt
│ └── template
│ │ └── LICENSE
└── setup.rb
├── .puppet-lint.rc
├── spec
└── spec_helper.rb
├── HACKING.md
├── setup.bat
├── Gemfile
├── .gitmodules
└── .gitignore
/.rspec:
--------------------------------------------------------------------------------
1 | --color
2 |
--------------------------------------------------------------------------------
/srv/.gitignore:
--------------------------------------------------------------------------------
1 | *
2 |
--------------------------------------------------------------------------------
/cache/npm/.htaccess:
--------------------------------------------------------------------------------
1 | Deny from all
--------------------------------------------------------------------------------
/cache/npm/.gitignore:
--------------------------------------------------------------------------------
1 | *
2 | !.gitignore
3 |
--------------------------------------------------------------------------------
/puppet/modules/local/files/.gitignore:
--------------------------------------------------------------------------------
1 | *
2 |
--------------------------------------------------------------------------------
/cache/apt/.gitignore:
--------------------------------------------------------------------------------
1 | *
2 | !**/.gitignore
3 |
--------------------------------------------------------------------------------
/cache/composer/.gitignore:
--------------------------------------------------------------------------------
1 | *
2 | !.gitignore
3 |
--------------------------------------------------------------------------------
/logs/puppet/.gitignore:
--------------------------------------------------------------------------------
1 | *
2 | !.gitignore
3 |
--------------------------------------------------------------------------------
/puppet/modules/local/manifests/.gitignore:
--------------------------------------------------------------------------------
1 | *
2 |
--------------------------------------------------------------------------------
/puppet/modules/local/templates/.gitignore:
--------------------------------------------------------------------------------
1 | *
2 |
--------------------------------------------------------------------------------
/puppet/modules/service/files/confd/.gitignore:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/cache/apt/partial/.gitignore:
--------------------------------------------------------------------------------
1 | *
2 | !.gitignore
3 |
--------------------------------------------------------------------------------
/puppet/modules/elasticsearch/files/elasticsearch.yml:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/.config/cucumber.yml:
--------------------------------------------------------------------------------
1 | ---
2 | default: --format pretty
3 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/tests/init.pp:
--------------------------------------------------------------------------------
1 | include stdlib
2 |
--------------------------------------------------------------------------------
/puppet/modules/postfix/templates/virtual.erb:
--------------------------------------------------------------------------------
1 | /.+/ vagrant
2 |
--------------------------------------------------------------------------------
/puppet/modules/role/settings/raita.yaml:
--------------------------------------------------------------------------------
1 | vagrant_ram: 256
2 |
--------------------------------------------------------------------------------
/puppet/hieradata/.gitignore:
--------------------------------------------------------------------------------
1 | local.yaml
2 | vagrant-managed.yaml
3 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/files/info.php:
--------------------------------------------------------------------------------
1 | =<%= @value.to_s.inspect %>
3 |
--------------------------------------------------------------------------------
/puppet/modules/role/settings/mobilecontentservice.yaml:
--------------------------------------------------------------------------------
1 | forward_ports:
2 | 7231: 7231
3 | 8888: 8888
4 |
--------------------------------------------------------------------------------
/puppet/modules/role/settings/varnish.yaml:
--------------------------------------------------------------------------------
1 | forward_ports:
2 | 6081: 6081
3 | 6082: 6082 # Admin
4 |
5 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/spec/spec.opts:
--------------------------------------------------------------------------------
1 | --format
2 | s
3 | --colour
4 | --loadby
5 | mtime
6 | --backtrace
7 |
--------------------------------------------------------------------------------
/puppet/modules/vipsscaler/templates/vipstest.php.erb:
--------------------------------------------------------------------------------
1 | require_once("$IP/extensions/VipsScaler/VipsTest.php");
--------------------------------------------------------------------------------
/puppet/hieradata/provider/lxc.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | # Disable cachefilesd usage
3 | mwv::enable_cachefilesd: false
4 |
--------------------------------------------------------------------------------
/puppet/modules/payments/files/Donate-error.wiki:
--------------------------------------------------------------------------------
1 | So sorry, there was an error while processing your donation.
2 |
--------------------------------------------------------------------------------
/puppet/modules/role/settings/kafka.yaml:
--------------------------------------------------------------------------------
1 | vagrant_ram: 128
2 | forward_ports:
3 | 2181: 2181
4 | 9092: 9092
5 |
--------------------------------------------------------------------------------
/puppet/modules/sudo/manifests/init.pp:
--------------------------------------------------------------------------------
1 | # == Class: sudo
2 | #
3 | # Placeholder class
4 | class sudo {
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/trafficserver/templates/plugin.config.erb:
--------------------------------------------------------------------------------
1 | cacheurl.so
2 | header_rewrite.so header_rewrite.config
--------------------------------------------------------------------------------
/puppet/modules/role/files/simple_performant/skins-htaccess:
--------------------------------------------------------------------------------
1 | ExpiresActive On
2 | ExpiresDefault "access plus 1 month"
--------------------------------------------------------------------------------
/puppet/modules/role/files/analytics/cdh5.apt-pin:
--------------------------------------------------------------------------------
1 | Package: zookeeper
2 | Pin: version 3.4.5+cdh*
3 | Pin-Priority: 1001
4 |
--------------------------------------------------------------------------------
/puppet/modules/role/settings/cirrussearch.yaml:
--------------------------------------------------------------------------------
1 | vagrant_ram: 512
2 | forward_ports:
3 | 9200: 9200
4 | 9300: 9300
5 |
--------------------------------------------------------------------------------
/puppet/modules/role/settings/fundraising.yaml:
--------------------------------------------------------------------------------
1 | vagrant_ram: 512
2 |
3 | # ActiveMQ admin UI
4 | forward_ports:
5 | 8161: 8161
6 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/private/apache2.conf.erb:
--------------------------------------------------------------------------------
1 |
2 | Deny from all
3 |
4 |
5 |
--------------------------------------------------------------------------------
/puppet/modules/trafficserver/templates/header_rewrite.config.erb:
--------------------------------------------------------------------------------
1 | cond %{READ_REQUEST_PRE_REMAP_HOOK}
2 | add-header X-URI %
--------------------------------------------------------------------------------
/puppet/modules/crm/templates/drush-wrapper.sh.erb:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | sudo -u www-data -- /usr/bin/drush -y --root=<%= @root %> "$@"
4 |
--------------------------------------------------------------------------------
/puppet/modules/elasticsearch/templates/CirrusSearchTest.php.erb:
--------------------------------------------------------------------------------
1 | include_once "$IP/extensions/CirrusSearch/tests/jenkins/Jenkins.php";
2 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/elk/check-kibana-index.erb:
--------------------------------------------------------------------------------
1 | /usr/bin/curl -sf 'http://127.0.0.1:9200/kibana-int/_settings' >/dev/null
2 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/elk/check-logstash-template.erb:
--------------------------------------------------------------------------------
1 | /usr/bin/curl -sf 'http://127.0.0.1:9200/_template/logstash' >/dev/null
2 |
--------------------------------------------------------------------------------
/puppet/modules/sudo/templates/sudoers.erb:
--------------------------------------------------------------------------------
1 | <% @privileges.each do |privilege| -%>
2 | <%= @grantee %> <%= privilege %>
3 | <% end -%>
4 |
--------------------------------------------------------------------------------
/puppet/modules/iegreview/templates/create_user_unless.sql.erb:
--------------------------------------------------------------------------------
1 | SELECT COUNT(*)
2 | FROM <%= @db_name %>.users
3 | WHERE username = 'admin'
4 |
--------------------------------------------------------------------------------
/puppet/modules/unfetter/files/car.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mitre/unfetter-mediawiki-vagrant/HEAD/puppet/modules/unfetter/files/car.png
--------------------------------------------------------------------------------
/puppet/modules/varnish/files/build-varnish.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | cd /tmp/Varnish-Cache
3 | ./autogen.sh
4 | ./configure
5 | make
6 | make install
--------------------------------------------------------------------------------
/.gitreview:
--------------------------------------------------------------------------------
1 | [gerrit]
2 | host=gerrit.wikimedia.org
3 | port=29418
4 | project=mediawiki/vagrant.git
5 | defaultbranch=master
6 | defaultrebase=0
7 |
--------------------------------------------------------------------------------
/puppet/modules/logstash/templates/input/syslog.erb:
--------------------------------------------------------------------------------
1 | input {
2 | syslog {
3 | type => "syslog"
4 | port => <%= @port %>
5 | }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/raita/index.json.erb:
--------------------------------------------------------------------------------
1 | {
2 | "settings": {
3 | "number_of_shards": 1,
4 | "number_of_replicas": 0
5 | }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/scholarships/templates/create_user_unless.sql.erb:
--------------------------------------------------------------------------------
1 | SELECT COUNT(*)
2 | FROM <%= @db_name %>.users
3 | WHERE username = 'admin'
4 |
--------------------------------------------------------------------------------
/puppet/modules/thumbor/files/tinyrgb.icc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mitre/unfetter-mediawiki-vagrant/HEAD/puppet/modules/thumbor/files/tinyrgb.icc
--------------------------------------------------------------------------------
/puppet/modules/unfetter/files/attack.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mitre/unfetter-mediawiki-vagrant/HEAD/puppet/modules/unfetter/files/attack.png
--------------------------------------------------------------------------------
/.yardopts:
--------------------------------------------------------------------------------
1 | --readme README.md
2 | --charset utf-8
3 | --title "MediaWiki Vagrant"
4 | --markup markdown
5 | 'lib/**/*.rb' - '*.md' 'support/**/*.md'
6 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/cgi.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::cgi
2 | #
3 | class apache::mod::cgi {
4 | apache::mod_conf { 'cgi': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/dav.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::dav
2 | #
3 | class apache::mod::dav {
4 | apache::mod_conf { 'dav': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/ssl.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::ssl
2 | #
3 | class apache::mod::ssl {
4 | apache::mod_conf { 'ssl': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/files/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mitre/unfetter-mediawiki-vagrant/HEAD/puppet/modules/mediawiki/files/favicon.ico
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/files/robots.txt:
--------------------------------------------------------------------------------
1 | # This file was created by puppet but local changes will be preserved
2 | User-agent: *
3 | Disallow: /
4 |
--------------------------------------------------------------------------------
/puppet/modules/role/settings/visualeditor.yaml:
--------------------------------------------------------------------------------
1 | forward_ports:
2 | 1970: 1970 # Citoid
3 | 7231: 7231 # RESTBase
4 | 8000: 8000 # Parsoid
5 |
--------------------------------------------------------------------------------
/puppet/modules/apt/templates/mwv-apt.list.erb:
--------------------------------------------------------------------------------
1 | deb [trusted=yes arch=amd64] http://mwv-apt.wmflabs.org/repo <%= scope['::lsbdistcodename'] %>-mwv-apt main
2 |
--------------------------------------------------------------------------------
/puppet/modules/kibana/templates/check-dashboard.erb:
--------------------------------------------------------------------------------
1 | /usr/bin/curl -sf \
2 | 'http://127.0.0.1:9200/kibana-int/dashboard/<%= @safe_title %>' >/dev/null
3 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/urlshortener/apache2.conf.erb:
--------------------------------------------------------------------------------
1 | RewriteEngine On
2 | RewriteRule ^/s/(.*)$ /w/index.php?title=Special:UrlRedirector/$1 [PT]
3 |
--------------------------------------------------------------------------------
/puppet/modules/statsd/templates/config.js.erb:
--------------------------------------------------------------------------------
1 | {
2 | port: <%= @port %>
3 | , backends: [ "./backends/console", "./backends/statsd-json-backend" ]
4 | }
5 |
--------------------------------------------------------------------------------
/.arcconfig:
--------------------------------------------------------------------------------
1 | {
2 | "project.name": "mediawiki-vagrant",
3 | "phabricator.uri": "https://phabricator.wikimedia.org",
4 | "repository.callsign": "MWVA"
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/alias.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::alias
2 | #
3 | class apache::mod::alias {
4 | apache::mod_conf { 'alias': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/proxy.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::proxy
2 | #
3 | class apache::mod::proxy {
4 | apache::mod_conf { 'proxy': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/cassandra/files/datastax.sources.list:
--------------------------------------------------------------------------------
1 | # NOTE: This file is managed by Puppet
2 |
3 | deb http://debian.datastax.com/community stable main
4 |
5 |
--------------------------------------------------------------------------------
/puppet/modules/labs/files/labs_vagrant_logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mitre/unfetter-mediawiki-vagrant/HEAD/puppet/modules/labs/files/labs_vagrant_logo.png
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/poem.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::poem
2 | # The poem extension
3 | class role::poem {
4 | mediawiki::extension { 'Poem': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/actions.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::actions
2 | #
3 | class apache::mod::actions {
4 | apache::mod_conf { 'actions': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/dav_fs.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::dav_fs
2 | #
3 | class apache::mod::dav_fs {
4 | apache::mod_conf { 'dav_fs': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/expires.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::expires
2 | #
3 | class apache::mod::expires {
4 | apache::mod_conf { 'expires': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/filter.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::filter
2 | #
3 | class apache::mod::filter {
4 | apache::mod_conf { 'filter': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/headers.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::headers
2 | #
3 | class apache::mod::headers {
4 | apache::mod_conf { 'headers': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/rewrite.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::rewrite
2 | #
3 | class apache::mod::rewrite {
4 | apache::mod_conf { 'rewrite': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/userdir.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::userdir
2 | #
3 | class apache::mod::userdir {
4 | apache::mod_conf { 'userdir': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/npm/files/nodesource.sources.list:
--------------------------------------------------------------------------------
1 | deb https://deb.nodesource.com/node_4.x trusty main
2 | deb-src https://deb.nodesource.com/node_4.x trusty main
3 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/files/mediawiki-vagrant.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mitre/unfetter-mediawiki-vagrant/HEAD/puppet/modules/mediawiki/files/mediawiki-vagrant.png
--------------------------------------------------------------------------------
/puppet/modules/php/templates/prune_php_ini_files.bash.erb:
--------------------------------------------------------------------------------
1 | /bin/bash -O globstar -c 'for f in /etc/php5/**/conf.d/*.ini; do (test -r $f || unlink $f;); done' || /bin/true
2 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/zotero.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::zotero
2 | # Provisions Zotero, a dependency of Citoid.
3 | class role::zotero {
4 | include ::zotero
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/misc/files/ackrc:
--------------------------------------------------------------------------------
1 | # add some common file types so ack searches do not miss them
2 | --type-set=less=.less
3 | --type-set=json=.json
4 | --type-set=puppet=.pp
5 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/oauth/apache.conf.erb:
--------------------------------------------------------------------------------
1 | >
2 | Require all granted
3 |
4 |
5 | Alias /oauth-hello-world <%= @dir %>
6 |
7 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/auth_basic.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::auth_basic
2 | #
3 | class apache::mod::auth_basic {
4 | apache::mod_conf { 'auth_basic': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/authn_file.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::authn_file
2 | #
3 | class apache::mod::authn_file {
4 | apache::mod_conf { 'authn_file': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/authz_user.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::authz_user
2 | #
3 | class apache::mod::authz_user {
4 | apache::mod_conf { 'authz_user': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/proxy_http.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::proxy_http
2 | #
3 | class apache::mod::proxy_http {
4 | apache::mod_conf { 'proxy_http': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/trafficserver/templates/regex_remap.config.erb:
--------------------------------------------------------------------------------
1 | ^/images/thumb/([^/]+)/([^/]+)/([^/]+)/([0-9]+)px-.* $s://localhost:8888/unsafe/$4x/$s://localhost:8080/images/$1/$2/$3
--------------------------------------------------------------------------------
/puppet/modules/trafficserver/templates/remap.config.erb:
--------------------------------------------------------------------------------
1 | map /images/thumb/ http://localhost:8888 @plugin=regex_remap.so @pparam=<%= @deploy_dir %>/etc/trafficserver/regex_remap.config
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/authnz_ldap.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::authnz_ldap
2 | #
3 | class apache::mod::authnz_ldap {
4 | apache::mod_conf { 'authnz_ldap': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/files/run-mediawiki-tests:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | . /etc/profile.d/set_MW_INSTALL_PATH.sh
3 | cd "$MW_INSTALL_PATH"
4 | php tests/phpunit/phpunit.php --testdox "$@"
5 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/cassandra.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::cassandra
2 | # Configures Cassandra, a NoSQL storage
3 | class role::cassandra {
4 | include ::cassandra
5 | }
6 |
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/settings/thumbor.yaml:
--------------------------------------------------------------------------------
1 | vagrant_ram: 768
2 | forward_ports:
3 | 8888: 8888 # thumbor
4 | 6081: 6081 # varnish
5 | 6082: 6082 # varnish admin
6 | 8040: 8040 # swift
--------------------------------------------------------------------------------
/puppet/modules/role/templates/ldapauth/check_db.erb:
--------------------------------------------------------------------------------
1 | /usr/bin/ldapsearch -x -D '<%= @admin_dn %>' -w '<%= @admin_password %>' -b '<%= @base_dn %>' '(cn=writer)' | grep -q 'cn: writer'
2 |
--------------------------------------------------------------------------------
/puppet/modules/apache/files/rsyslog.conf:
--------------------------------------------------------------------------------
1 | # rsyslog configuration for Apache
2 | # This file is managed by Puppet
3 |
4 | :programname, isequal, "apache2" /vagrant/logs/apache2.log
5 | & ~
6 |
--------------------------------------------------------------------------------
/puppet/modules/env/manifests/init.pp:
--------------------------------------------------------------------------------
1 | # == Class: env
2 | #
3 | # This lightweight Puppet module is used to manage the configuration of
4 | # shell environments.
5 | #
6 | class env {
7 | }
8 |
--------------------------------------------------------------------------------
/puppet/modules/hhvm/templates/hhvm.default.erb:
--------------------------------------------------------------------------------
1 | # Default file for HHVM
2 | # This file is managed by Puppet.
3 |
4 | HHVM_LOG_DIR="<%= @logroot %>/hhvm"
5 | HHVM_RUN_DIR="<%= @hhbc_dir %>"
6 |
--------------------------------------------------------------------------------
/puppet/modules/role/files/invitesignup/VagrantRoleInviteSignup.wiki:
--------------------------------------------------------------------------------
1 | Use [[Special:InviteSignup]] to invite users. Mails will be sent to the vagrant user's postbox on the guest box.
2 |
3 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/doublewiki.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::doublewiki
2 | # The DoubleWiki extension
3 | class role::doublewiki {
4 | mediawiki::extension { 'DoubleWiki': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/phragile/update_app_key.erb:
--------------------------------------------------------------------------------
1 | printf 'APP_KEY=' >> <%= @install_dir %>/.env
2 | php artisan key:generate | awk -F '[][]' '{print $2}' >> <%= @install_dir %>/.env
3 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/proxy_balancer.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::proxy_balancer
2 | #
3 | class apache::mod::proxy_balancer {
4 | apache::mod_conf { 'proxy_balancer': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/iegreview/templates/load_schema_unless.sql.erb:
--------------------------------------------------------------------------------
1 | SELECT COUNT(*)
2 | FROM INFORMATION_SCHEMA.TABLES
3 | WHERE table_schema = '<%= @db_name %>'
4 | AND table_name = 'proposals'
5 |
--------------------------------------------------------------------------------
/puppet/modules/logstash/templates/input/udp2log.erb:
--------------------------------------------------------------------------------
1 | input {
2 | # MediaWiki log stream forwarded by udp2log
3 | udp {
4 | type => "udp2log"
5 | port => <%= @port %>
6 | }
7 | }
8 |
--------------------------------------------------------------------------------
/puppet/modules/rsyslog/files/rsyslog.d-empty/README:
--------------------------------------------------------------------------------
1 | This directory is managed by Puppet. Any configuration file in this directory
2 | that is not explicitly managed by Puppet will be purged.
3 |
--------------------------------------------------------------------------------
/puppet/modules/contenttranslation/templates/load_unless.sql.erb:
--------------------------------------------------------------------------------
1 | SELECT COUNT(*)
2 | FROM INFORMATION_SCHEMA.TABLES
3 | WHERE table_schema = '<%= @database %>'
4 | AND table_name = 'cx_translations'
5 |
--------------------------------------------------------------------------------
/puppet/modules/kibana/templates/save-dashboard.erb:
--------------------------------------------------------------------------------
1 | /usr/bin/curl -XPUT -s \
2 | 'http://127.0.0.1:9200/kibana-int/dashboard/<%= @safe_title %>' \
3 | --data-binary '<%= @dashboard.to_pson %>'
4 |
--------------------------------------------------------------------------------
/puppet/modules/scholarships/templates/load_schema_unless.sql.erb:
--------------------------------------------------------------------------------
1 | SELECT COUNT(*)
2 | FROM INFORMATION_SCHEMA.TABLES
3 | WHERE table_schema = '<%= @db_name %>'
4 | AND table_name = 'scholarships'
5 |
--------------------------------------------------------------------------------
/puppet/modules/varnish/files/build-tbf.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | cd /tmp/libvmod-tbf
3 | ./bootstrap
4 | ./configure VARNISHSRC=/tmp/Varnish-Cache VMODDIR=/usr/local/lib/varnish/vmods
5 | make
6 | make install
--------------------------------------------------------------------------------
/settings.d/puppet-managed/README:
--------------------------------------------------------------------------------
1 | This directory contains MediaWiki configuration fragments that are managed by Puppet.
2 | PUPPET WILL DELETE ANY UNMANAGED FILES IN THIS DIRECTORY WITHOUT WARNING.
3 |
--------------------------------------------------------------------------------
/.gitattributes:
--------------------------------------------------------------------------------
1 | * text eol=lf
2 | *.png binary
3 | *.ico binary
4 | *.ppk binary
5 |
6 | # Keep README for iso easily readable by Windows clients
7 | /support/packager/template/README.txt text eol=crlf
8 |
--------------------------------------------------------------------------------
/puppet/modules/logstash/templates/input/gelf.erb:
--------------------------------------------------------------------------------
1 | input {
2 | # Graylog extended logging format
3 | gelf {
4 | type => "gelf"
5 | port => <%= @port %>
6 | remap => false
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/elk/create-logstash-template.erb:
--------------------------------------------------------------------------------
1 | /usr/bin/curl -XPUT 'http://127.0.0.1:9200/_template/logstash' \
2 | -d @/vagrant/puppet/modules/logstash/files/elasticsearch-template.json
3 |
--------------------------------------------------------------------------------
/puppet/modules/apache/templates/ports.conf.erb:
--------------------------------------------------------------------------------
1 | # This file is managed by Puppet.
2 | Listen 80
3 | <%- if @forwarded_port and @forwarded_port.to_s != "80" -%>
4 | Listen <%= @forwarded_port %>
5 | <%- end -%>
6 |
--------------------------------------------------------------------------------
/puppet/modules/hhvm/templates/rsyslog.conf.erb:
--------------------------------------------------------------------------------
1 | # rsyslogd(8) configuration file for HHVM.
2 | # This file is managed by Puppet.
3 |
4 | :programname, startswith, "hhvm" <%= @logroot %>/hhvm/error.log
5 | & ~
6 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/files/multiwiki/priority-empty/README:
--------------------------------------------------------------------------------
1 | This directory is managed by Puppet.
2 |
3 | The purpose is to control the ordering of the various wikis for scripts that
4 | act on all of them.
5 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/templates/multiwiki/alldbs.erb:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env php5
2 | /dblist.php';
4 | foreach ( $wgLocalDatabases as $db ) {
5 | echo "{$db}\n";
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/newusermessage.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::newusermessage
2 | # The new user message extension
3 | class role::newusermessage {
4 | mediawiki::extension { 'NewUserMessage': }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/role/settings/eventbus.yaml:
--------------------------------------------------------------------------------
1 | # EventBus requires kafka role, so
2 | # use same settings as kafka.yaml.
3 | vagrant_ram: 128
4 | forward_ports:
5 | 2181: 2181
6 | 9092: 9092
7 | 8085: 8085
8 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/tests/has_ip_address.pp:
--------------------------------------------------------------------------------
1 | include stdlib
2 | info("has_ip_address('192.168.1.256'):", has_ip_address('192.168.1.256'))
3 | info("has_ip_address('127.0.0.1'):", has_ip_address('127.0.0.1'))
4 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/tests/has_ip_network.pp:
--------------------------------------------------------------------------------
1 | include stdlib
2 | info("has_ip_network('127.0.0.0'):", has_ip_network('127.0.0.0'))
3 | info("has_ip_network('128.0.0.0'):", has_ip_network('128.0.0.0'))
4 |
5 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/templates/wiki/run_installer.erb:
--------------------------------------------------------------------------------
1 | /usr/local/bin/multiversion-install <%= @src_dir %> <%= @installer_args.map { |k,v| v ? "--#{k} #{v} " : '' }.join() %> <%= @db_name %> <%= @admin_user %>
2 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/oauth/oauth-hello-world.ini.erb:
--------------------------------------------------------------------------------
1 | agent = "MediaWiki-Vagrant OAuth test client"
2 | consumerKey = <%= @example_consumer_key %>
3 | consumerSecret = <%= @example_consumer_secret %>
4 |
5 |
--------------------------------------------------------------------------------
/puppet/modules/apt/files/01no-recommended:
--------------------------------------------------------------------------------
1 | # Do not install recommended or suggested packages by default
2 | # See http://superuser.com/a/615583
3 | APT::Install-Recommends "false";
4 | APT::Install-Suggests "false";
5 |
--------------------------------------------------------------------------------
/puppet/modules/browsertests/templates/secret.yml.erb:
--------------------------------------------------------------------------------
1 | # Credentials for MediaWiki account used by the Selenium browser tests.
2 | # This file is managed by Puppet.
3 | #
4 | mediawiki_password: <%= @selenium_password %>
5 |
--------------------------------------------------------------------------------
/puppet/modules/logstash/files/conf.d/README:
--------------------------------------------------------------------------------
1 | # This directory contains Logstash configuration fragments that are
2 | # managed by Puppet. PUPPET WILL DELETE ANY UNMANAGED FILES IN THIS
3 | # DIRECTORY WITHOUT WARNING.
4 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/kafka.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::kafka
2 | # Kafka is a distributed publish-subscribe messaging systems used for
3 | # logging and EventBus.
4 | class role::kafka {
5 | include ::kafka
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/settings/wikimetrics.yaml:
--------------------------------------------------------------------------------
1 | # For running tests on 2014-08-21's master, ~2.1 GB RAM are needed
2 | vagrant_ram: 1536
3 | # Wikimetrics web frontend is on port 5000
4 | forward_ports:
5 | 5000: 5000
6 |
--------------------------------------------------------------------------------
/puppet/modules/unfetter/files/caret/styles/assets/fonts/RobotoSlab-Bold.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mitre/unfetter-mediawiki-vagrant/HEAD/puppet/modules/unfetter/files/caret/styles/assets/fonts/RobotoSlab-Bold.woff
--------------------------------------------------------------------------------
/puppet/modules/apache/templates/site.conf.erb:
--------------------------------------------------------------------------------
1 | # vim: filetype=apache sts=4 sw=4 autoindent
2 | # This file is managed by Puppet.
3 |
4 | Include site-confs/<%= @title_safe %>
5 |
6 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/files/wiki/settings.d-empty/README:
--------------------------------------------------------------------------------
1 | This directory contains MediaWiki configuration fragments that are managed by Puppet.
2 | PUPPET WILL DELETE ANY UNMANAGED FILES IN THIS DIRECTORY WITHOUT WARNING.
3 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/templates/wiki/check_installed.erb:
--------------------------------------------------------------------------------
1 | test -f '<%= @settings_root %>/LocalSettings.php' && mysql --defaults-extra-file=/home/vagrant/.my.cnf --execute="show databases;" | grep -q '^<%= @db_name %>$'
2 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/wikispeech.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::wikispeech
2 | # This role sets up the Wikispeech extension for MediaWiki.
3 | #
4 | class role::wikispeech {
5 | mediawiki::extension { 'Wikispeech': }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/unfetter/files/caret/styles/assets/fonts/RobotoSlab-Regular.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mitre/unfetter-mediawiki-vagrant/HEAD/puppet/modules/unfetter/files/caret/styles/assets/fonts/RobotoSlab-Regular.woff
--------------------------------------------------------------------------------
/features/support/env.rb:
--------------------------------------------------------------------------------
1 | require 'vagrant'
2 | require 'mediawiki-vagrant'
3 | require 'rspec/mocks'
4 |
5 | require_relative 'output_helper'
6 |
7 | World(RSpec::Mocks::ExampleMethods)
8 | World(MediaWikiVagrant::OutputHelper)
9 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/files/mediawiki-settings.d-empty/README:
--------------------------------------------------------------------------------
1 | This directory contains MediaWiki configuration fragments that are managed by Puppet.
2 | PUPPET WILL DELETE ANY UNMANAGED FILES IN THIS DIRECTORY WITHOUT WARNING.
3 |
--------------------------------------------------------------------------------
/puppet/modules/role/files/elk/filter-strip-ansi-color.conf:
--------------------------------------------------------------------------------
1 | # Strip ansi color escape sequences from the message
2 | filter {
3 | mutate {
4 | gsub => [ "message", "\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[m|K]", "" ]
5 | }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/apex.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::apex
2 | # Configures Apex, a MediaWiki skin, as an option.
3 | # https://www.mediawiki.org/wiki/Skin:Apex
4 | class role::apex {
5 | mediawiki::skin { 'apex': }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/jsduck.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::jsduck
2 | # This role provisions JSDuck, a Javascript documentation tool
3 | # commonly used in MediaWiki code.
4 | class role::jsduck {
5 | include ::jsduck
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/elk/create-kibana-index.erb:
--------------------------------------------------------------------------------
1 | /usr/bin/curl -XPUT 'http://127.0.0.1:9200/kibana-int/' -d '{
2 | "settings": {
3 | "number_of_shards": 1,
4 | "number_of_replicas": 0
5 | }
6 | }'
7 |
--------------------------------------------------------------------------------
/puppet/modules/unfetter/files/caret/styles/assets/fonts/MaterialIcons-Regular.eot:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mitre/unfetter-mediawiki-vagrant/HEAD/puppet/modules/unfetter/files/caret/styles/assets/fonts/MaterialIcons-Regular.eot
--------------------------------------------------------------------------------
/puppet/modules/unfetter/files/caret/styles/assets/fonts/MaterialIcons-Regular.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mitre/unfetter-mediawiki-vagrant/HEAD/puppet/modules/unfetter/files/caret/styles/assets/fonts/MaterialIcons-Regular.ttf
--------------------------------------------------------------------------------
/puppet/modules/unfetter/files/caret/styles/assets/fonts/MaterialIcons-Regular.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mitre/unfetter-mediawiki-vagrant/HEAD/puppet/modules/unfetter/files/caret/styles/assets/fonts/MaterialIcons-Regular.woff
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/version.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::version
2 | #
3 | class apache::mod::version {
4 | if versioncmp($::lsbdistrelease, '13.10') < 0 {
5 | apache::mod_conf { 'version': }
6 | }
7 | }
8 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/templates/composer-require.json.erb:
--------------------------------------------------------------------------------
1 | {
2 | "<% if @ensure == 'absent' %>conflict<% elseif @dev %>require-dev<% else %>require<% end %>": {
3 | "<%= @package %>": "<%= @version %>"
4 | }
5 | }
6 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/newsletter.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::newsletter
2 | # Configures Newsletter extension
3 | class role::newsletter {
4 | mediawiki::extension { 'Newsletter':
5 | needs_update => true,
6 | }
7 | }
8 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/restbase/apache2.conf.erb:
--------------------------------------------------------------------------------
1 | # Reverse proxy requests to RESTBase
2 | ProxyPass /api/rest_v1/ http://127.0.0.1:<%= scope['::restbase::port'] %>/<%= @domain %>/v1/
3 |
4 | # vim:sw=2:ts=2:sts=2:ft=apache:
5 |
--------------------------------------------------------------------------------
/puppet/modules/unfetter/files/caret/styles/assets/fonts/MaterialIcons-Regular.woff2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mitre/unfetter-mediawiki-vagrant/HEAD/puppet/modules/unfetter/files/caret/styles/assets/fonts/MaterialIcons-Regular.woff2
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/files/multiwiki/stub.php:
--------------------------------------------------------------------------------
1 | . &&
2 | <%- if @packages -%>
3 | ./bin/pip install '<%= @packages.join("' '") %>'
4 | <%- else -%>
5 | /bin/true
6 | <%- end -%>
7 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/templates/jobrunner.default.erb:
--------------------------------------------------------------------------------
1 | # Options for the MediaWiki jobrunner
2 | JOBRUNNER_USER="www-data"
3 | JOBRUNNER_GROUP="www-data"
4 | JOBRUNNER_DIR="/vagrant/mediawiki"
5 | <% if @verbose %>DAEMON_OPTS="--verbose"<% end %>
6 |
--------------------------------------------------------------------------------
/puppet/modules/npm/manifests/globals.pp:
--------------------------------------------------------------------------------
1 | # == Class: npm::globals
2 | #
3 | # Installs some commonly used NPM modules globally.
4 | #
5 | class npm::globals {
6 | npm::global { ['mocha', 'grunt', 'grunt-cli', 'node-gyp', 'node-pre-gyp']: }
7 | }
8 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/xanalytics.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::xanalytics
2 | # Configures XAnalytics, a MediaWiki extension for
3 | # sending the X-Analytics header
4 | class role::xanalytics {
5 | mediawiki::extension { 'XAnalytics': }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/gpgmail.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::gpgmail
2 | # GPGMail extension - encrypts emails with GPG.
3 | #
4 | class role::gpgmail {
5 | mediawiki::extension { 'GPGMail':
6 | composer => true,
7 | }
8 | }
9 |
10 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/monobook.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::monobook
2 | # Configures MonoBook, a MediaWiki skin, as an option.
3 | # https://www.mediawiki.org/wiki/Skin:MonoBook
4 | class role::monobook {
5 | mediawiki::skin { 'MonoBook': }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/torblock.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::torblock
2 | # Configures TorBlock, a MediaWiki extension that allows blocking
3 | # access to the wiki through Tor
4 | class role::torblock {
5 | mediawiki::extension { 'TorBlock': }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/access_compat.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::access_compat
2 | #
3 | class apache::mod::access_compat {
4 | if versioncmp($::lsbdistrelease, '13.10') >= 0 {
5 | apache::mod_conf { 'access_compat': }
6 | }
7 | }
8 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/php5.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::php5
2 | #
3 | class apache::mod::php5 {
4 | package { 'libapache2-mod-php5': }
5 | apache::mod_conf { 'php5':
6 | require => Package['libapache2-mod-php5'],
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/rpaf.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::rpaf
2 | #
3 | class apache::mod::rpaf {
4 | package { 'libapache2-mod-rpaf': }
5 | apache::mod_conf { 'rpaf':
6 | require => Package['libapache2-mod-rpaf'],
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/wsgi.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::wsgi
2 | #
3 | class apache::mod::wsgi {
4 | package { 'libapache2-mod-wsgi': }
5 | apache::mod_conf { 'wsgi':
6 | require => Package['libapache2-mod-wsgi'],
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/easytimeline.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::easytimeline
2 | # Configures the EasyTimeline extension
3 | class role::easytimeline {
4 | require_package('ploticus', 'ttf-freefont')
5 |
6 | mediawiki::extension { 'timeline': }
7 | }
8 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/greystuff.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::greystuff
2 | # Configures GreyStuff, a MediaWiki skin, as an option.
3 | # https://www.mediawiki.org/wiki/Skin:GreyStuff
4 | class role::greystuff {
5 | mediawiki::skin { 'GreyStuff': }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/openbadges.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::openbadges
2 | # This role sets up the OpenBadges extension for MediaWiki.
3 | class role::openbadges {
4 | mediawiki::extension { 'OpenBadges':
5 | needs_update => true
6 | }
7 | }
8 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/pagetriage.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::pagetriage
2 | # The extension that powers the New Page Patrol workflow
3 | class role::pagetriage {
4 | mediawiki::extension { 'PageTriage':
5 | needs_update => true,
6 | }
7 | }
8 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/sandboxlink.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::sandboxlink
2 | # The SandboxLink extension adds a link to a personal sandbox to
3 | # the personal tools menu.
4 | class role::sandboxlink {
5 | mediawiki::extension { 'SandboxLink': }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/testwiki.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::testwiki
2 | # Adds another wiki, available at
3 | # test.wiki.local.wmftest.net:
4 |
5 | class role::testwiki() {
6 | require ::role::mediawiki
7 | mediawiki::wiki { 'test': }
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/wikimediamaintenance.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::wikimediamaintenance
2 | #
3 | # Provision the WikimediaMaintenance extension
4 | #
5 | class role::wikimediamaintenance {
6 | mediawiki::extension { 'WikimediaMaintenance': }
7 | }
8 |
--------------------------------------------------------------------------------
/puppet/modules/service/templates/logrotate.erb:
--------------------------------------------------------------------------------
1 | # logrotate(8) config for <%= @title %>
2 |
3 | <%= @log_file %> {
4 | daily
5 | copytruncate
6 | missingok
7 | compress
8 | notifempty
9 | rotate 15
10 | size 32M
11 | }
12 |
--------------------------------------------------------------------------------
/support/packager/PACKAGER_README.txt:
--------------------------------------------------------------------------------
1 | To create a Vagrant USB drive:
2 |
3 | * Run build.sh (unless there is already a suitable ISO at https://mediawiki-vagrant-image.wmflabs.org/mediawiki-vagrant/).
4 | * Burn it to a USB drive using the FAT32 filesystem.
5 |
--------------------------------------------------------------------------------
/puppet/modules/activemq/templates/activemq-upstart.conf.erb:
--------------------------------------------------------------------------------
1 | description "ActiveMQ STOMP server"
2 |
3 | start on (local-filesystems and net-device-up IFACE!=lo)
4 |
5 | setuid activemq
6 | setgid activemq
7 |
8 | exec <%= @pkgdir %>/bin/activemq-admin start
9 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/fcgid.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::fcgid
2 | #
3 | class apache::mod::fcgid {
4 | package { 'libapache2-mod-fcgid': }
5 | apache::mod_conf { 'fcgid':
6 | require => Package['libapache2-mod-fcgid'],
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/perl.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::perl
2 | #
3 | class apache::mod::perl {
4 | package { 'libapache2-mod-perl2': }
5 | apache::mod_conf { 'perl':
6 | require => Package['libapache2-mod-perl2'],
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/uwsgi.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::uwsgi
2 | #
3 | class apache::mod::uwsgi {
4 | package { 'libapache2-mod-uwsgi': }
5 | apache::mod_conf { 'uwsgi':
6 | require => Package['libapache2-mod-uwsgi'],
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/crm/templates/crm-apache-site.erb:
--------------------------------------------------------------------------------
1 | DocumentRoot "<%= scope['crm::dir'] %>/drupal"
2 |
3 | ServerName <%= scope['crm::site_name'] %>
4 |
5 | >
6 | Require all granted
7 | AllowOverride all
8 |
9 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/wikihiero.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::wikihiero
2 | # Configures WikiHiero, an extension for displaying Egyptian hieroglyphs
3 | class role::wikihiero {
4 | mediawiki::extension { 'wikihiero':
5 | needs_update => true,
6 | }
7 | }
8 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/striker/ldap_check.erb:
--------------------------------------------------------------------------------
1 | /usr/bin/ldapsearch -x -D '<%= scope['::role::ldapauth::admin_dn'] %>' -w '<%= scope['::role::ldapauth::admin_password'] %>' -b '<%= scope['::role::ldapauth::base_dn'] %>' '(uid=admin)' | grep -q 'cn: Admin'
2 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/authz_svn.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::authz_svn
2 | #
3 | class apache::mod::authz_svn {
4 | package { 'libapache2-svn': }
5 | apache::mod_conf { 'authz_svn':
6 | require => Package['libapache2-svn'],
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/role/files/flow/logrotate.d-mediawiki-Flow:
--------------------------------------------------------------------------------
1 | # This file is managed by Puppet
2 |
3 | /vagrant/logs/mediawiki-Flow.log {
4 | daily
5 | missingok
6 | rotate 7
7 | compress
8 | notifempty
9 | nocreate
10 | nomail
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/cologneblue.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::cologneblue
2 | # Configures CologneBlue, a MediaWiki skin, as an option.
3 | # https://www.mediawiki.org/wiki/Skin:CologneBlue
4 | class role::cologneblue {
5 | mediawiki::skin { 'CologneBlue': }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/featuredfeeds.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::featuredfeeds
2 | # The FeaturedFeeds extension allows wikis to publish syndication feeds
3 | # of their content
4 | class role::featuredfeeds {
5 | mediawiki::extension { 'FeaturedFeeds': }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/geshi.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::geshi
2 | # Configures SyntaxHighlight_GeSHi, an extension for syntax-highlighting
3 | class role::geshi {
4 | mediawiki::extension { 'SyntaxHighlight_GeSHi':
5 | composer => true,
6 | }
7 | }
8 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/swift/apache2.conf.erb:
--------------------------------------------------------------------------------
1 | LoadModule proxy_module modules/mod_proxy.so
2 | LoadModule proxy_http_module modules/mod_proxy_http.so
3 | LogLevel trace8
4 | ProxyPassMatch "^/images/(.*)$" "http://127.0.0.1:<%= scope['::swift::port'] %>/wiki/en/$1"
--------------------------------------------------------------------------------
/puppet/modules/statsd/templates/logrotate.erb:
--------------------------------------------------------------------------------
1 | # logrotate(8) config for statsd
2 |
3 | "<%= @logdir %>/statsd.log" {
4 | daily
5 | copytruncate
6 | missingok
7 | compress
8 | notifempty
9 | rotate 15
10 | size 32M
11 | }
12 |
13 |
--------------------------------------------------------------------------------
/puppet/modules/varnish/files/build-varnish-modules.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | PREFIX=/usr/local
3 | export PKG_CONFIG_PATH=$PREFIX/lib/pkgconfig
4 | export ACLOCAL_PATH=$PREFIX/share/aclocal
5 | cd /tmp/varnish-modules
6 | ./bootstrap
7 | ./configure
8 | make check
9 | make install
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/python.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::python
2 | #
3 | class apache::mod::python {
4 | package { 'libapache2-mod-python': }
5 | apache::mod_conf { 'python':
6 | require => Package['libapache2-mod-python'],
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/apt/templates/wikimedia.list.erb:
--------------------------------------------------------------------------------
1 | deb http://apt.wikimedia.org/wikimedia <%= scope['::lsbdistcodename'] %>-wikimedia main universe thirdparty
2 | deb-src http://apt.wikimedia.org/wikimedia <%= scope['::lsbdistcodename'] %>-wikimedia main universe thirdparty
3 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/embedvideo.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::embedvideo
2 | # Installs EmbedVideo extension
3 | class role::embedvideo {
4 | mediawiki::extension { 'EmbedVideo':
5 | remote => 'https://github.com/Alexia/mediawiki-embedvideo.git'
6 | }
7 | }
8 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/gadgets.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::gadgets
2 | # The Gadgets extension provides a way for users to pick JavaScript
3 | # or CSS based "gadgets" that other wiki users provide.
4 | class role::gadgets {
5 | mediawiki::extension { 'Gadgets': }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/globalusage.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::globalusage
2 | # Configures a MediaWiki instance with
3 | # GlobalUsage[https://www.mediawiki.org/wiki/Extension:GlobalUsage]
4 | class role::globalusage {
5 | mediawiki::extension { 'GlobalUsage': }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/multimediaviewer/apache2.conf.erb:
--------------------------------------------------------------------------------
1 | RewriteEngine On
2 |
3 | RewriteCond %{REQUEST_URI} ^/images.*
4 | RewriteCond %{QUERY_STRING} ^download$
5 | RewriteRule .* - [E=DOWNLOAD:yes]
6 | Header set "Content-Disposition" "attachment" env=DOWNLOAD
7 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/fastcgi.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::fastcgi
2 | #
3 | class apache::mod::fastcgi {
4 | package { 'libapache2-mod-fastcgi': }
5 | apache::mod_conf { 'fastcgi':
6 | require => Package['libapache2-mod-fastcgi'],
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/wsgi_py3.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::wsgi_py3
2 | #
3 | class apache::mod::wsgi_py3 {
4 | package { 'libapache2-mod-wsgi-py3': }
5 | apache::mod_conf { 'wsgi':
6 | require => Package['libapache2-mod-wsgi-py3'],
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/kartographer.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::kartographer
2 | # Configures Kartographer, an extension for display maps in wiki pages
3 | class role::kartographer {
4 | mediawiki::extension { 'Kartographer':
5 | composer => true,
6 | }
7 | }
8 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/nuke.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::nuke
2 | # This role provisions the Nuke [https://www.mediawiki.org/wiki/Extension:Nuke] extension,
3 | # which gives sysops the ability to mass delete pages
4 | class role::nuke {
5 | mediawiki::extension { 'Nuke': }
6 | }
--------------------------------------------------------------------------------
/puppet/modules/stdlib/tests/file_line.pp:
--------------------------------------------------------------------------------
1 | # This is a simple smoke test
2 | # of the file_line resource type.
3 | file { '/tmp/dansfile':
4 | ensure => present
5 | }->
6 | file_line { 'dans_line':
7 | line => 'dan is awesome',
8 | path => '/tmp/dansfile',
9 | }
10 |
--------------------------------------------------------------------------------
/puppet/modules/wikitools/manifests/init.pp:
--------------------------------------------------------------------------------
1 | # == Class: wikitools
2 | #
3 | # Provisions Wikitools, a Python toolkit for MediaWiki.
4 | #
5 | class wikitools {
6 | package { 'wikitools':
7 | ensure => '1.1',
8 | provider => 'pip',
9 | }
10 | }
11 |
--------------------------------------------------------------------------------
/puppet/hiera.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | :backends:
3 | - yaml
4 | :yaml:
5 | :datadir: /vagrant/puppet/hieradata
6 | :hierarchy:
7 | - local
8 | - vagrant-managed
9 | - "environment/%{::environment}"
10 | - "provider/%{::provider_name}"
11 | - common
12 | :logger: console
13 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/pageimages.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::pageimages
2 | # Configures PageImages, a MediaWiki extension which provides an
3 | # API for getting the first meaningful image on a page
4 | class role::pageimages {
5 | mediawiki::extension { 'PageImages': }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/textextracts.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::textextracts
2 | # Configures TextExtracts, a MediaWiki extension which provides an
3 | # API for getting text extracts of articles
4 | class role::textextracts {
5 | mediawiki::extension { 'TextExtracts': }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/passenger.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::passenger
2 | #
3 | class apache::mod::passenger {
4 | package { 'libapache2-mod-passenger': }
5 | apache::mod_conf { 'passenger':
6 | require => Package['libapache2-mod-passenger'],
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/checkuser.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::checkuser
2 | #
3 | # Add the MediaWiki extensions to track IP and browser of editors.
4 | #
5 | class role::checkuser {
6 | mediawiki::extension { 'CheckUser':
7 | needs_update => true,
8 | }
9 | }
10 |
--------------------------------------------------------------------------------
/puppet/modules/swift/templates/swift.conf.erb:
--------------------------------------------------------------------------------
1 | #####################################################################
2 | ### THIS FILE IS MANAGED BY PUPPET
3 | #####################################################################
4 |
5 | [swift-hash]
6 | swift_hash_path_suffix = mystuff
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/betafeatures.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::betafeatures
2 | # Configures the BetaFeatures extension
3 | class role::betafeatures {
4 | mediawiki::extension { 'BetaFeatures':
5 | needs_update => true,
6 | priority => $::LOAD_EARLY,
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/wikidata/init.php.erb:
--------------------------------------------------------------------------------
1 | if ( $wgDBname === 'wikidatawiki' ) {
2 | $wmgUseWikibaseRepo = true;
3 | $wmgUseWikibaseClient = true;
4 | $wmgUseWikibasePropertySuggester = true;
5 | } else {
6 | $wmgUseWikibaseRepo = false;
7 | $wmgUseWikibaseClient = true;
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/varnish/templates/backend.vcl.erb:
--------------------------------------------------------------------------------
1 | vcl 4.0;
2 |
3 | backend <%= @title %> {
4 | .host = "<%= @host %>";
5 | .port = "<%= @port %>";
6 | }
7 |
8 | sub vcl_recv {
9 | if (<%= @onlyif %>) {
10 | set req.backend_hint = <%= @title %>;
11 | }
12 | }
13 |
--------------------------------------------------------------------------------
/puppet/hieradata/environment/labs.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | classes: ['::role::labs_initial_content']
3 |
4 | mwv::tld: '-%{::vmhost}.wmflabs.org'
5 | role::mediawiki::hostname: "%{::vmhost}.wmflabs.org"
6 | mediawiki::multiwiki::base_domain: "-%{::vmhost}.wmflabs.org"
7 |
8 | role::striker::use_xff: true
9 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/cite.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::cite
2 | # The cite extension adds support for citations and references
3 | class role::cite {
4 | mediawiki::extension { 'Cite':
5 | settings => {
6 | wgCiteEnablePopups => true,
7 | }
8 | }
9 | }
10 |
--------------------------------------------------------------------------------
/puppet/modules/ruby/manifests/default.pp:
--------------------------------------------------------------------------------
1 | # == Define: ruby::default
2 | #
3 | # Ensures the default version of Ruby (as defined by $ruby::default_version)
4 | # is installed.
5 | #
6 | class ruby::default {
7 | include ruby
8 |
9 | ruby::ruby { $ruby::default_version: }
10 | }
11 |
--------------------------------------------------------------------------------
/puppet/modules/memcached/templates/memcached.conf.erb:
--------------------------------------------------------------------------------
1 | # Configuration file for memcached.
2 | # This file is managed by Puppet.
3 | #
4 | -d
5 | -m <%= @size_mb %>
6 | -p <%= @port %>
7 | -u nobody
8 | -l <%= @iface %>
9 | -c 20000
10 | -n 5
11 | -f 1.05
12 | logfile /var/log/memcached.log
13 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/disambiguator.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::disambiguator
2 | # The Disambiguator extension provides functions to programmatically
3 | # mark disambiguation pages as such and keep a list of them.
4 | class role::disambiguator {
5 | mediawiki::extension { 'Disambiguator': }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/hue.pp:
--------------------------------------------------------------------------------
1 | # == Class role::hue
2 | # Installs Hue server.
3 | #
4 | class role::hue {
5 | require ::role::hadoop
6 | require ::role::hive
7 | require ::role::oozie
8 | require ::cdh::pig
9 | require ::cdh::sqoop
10 | require ::cdh::hue
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/massaction.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::massaction
2 | # This role provisions the MassAction extension.
3 | class role::massaction {
4 | include role::mediawiki
5 |
6 | mediawiki::extension { 'MassAction':
7 | needs_update => true,
8 | }
9 | }
10 |
11 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/lockdown/VagrantRoleLockdown.wiki.erb:
--------------------------------------------------------------------------------
1 | The '''lockdown''' role makes a wiki into a fishbowl (anons can read by not edit) and also disables account creation via the wiki itself. Accounts can still be created using maintenance scripts such as createAndPromote.php.
2 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/files/import-mediawiki-dump:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | # Command run in VM for `vagrant import-dump`
3 | . /etc/profile.d/set_MW_INSTALL_PATH.sh
4 | cd "$MW_INSTALL_PATH"
5 | /usr/local/bin/mwscript importDump.php -- "/vagrant/$1"
6 | /usr/local/bin/mwscript rebuildrecentchanges.php
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/mobilecontentservice.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::mobilecontentservice
2 | # This role installs the mobile content service.
3 | #
4 | class role::mobilecontentservice {
5 | include ::role::restbase
6 | include ::role::mobilefrontend
7 | include ::mobilecontentservice
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/cirrussearch/build_search_index.erb:
--------------------------------------------------------------------------------
1 | /usr/local/bin/foreachwikiwithextension CirrusSearch extensions/CirrusSearch/maintenance/updateSearchIndexConfig.php --startOver && /usr/local/bin/foreachwikiwithextension CirrusSearch extensions/CirrusSearch/maintenance/forceSearchIndex.php
2 |
--------------------------------------------------------------------------------
/puppet/modules/browsertests/templates/mediawiki-url.sh.erb:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | # Set 'MEDIAWIKI_URL' environment variable, used by the Selenium browser
3 | # tests to determine which MediaWiki instance to run against.
4 | #
5 | # This file is managed by Puppet.
6 | #
7 | export MEDIAWIKI_URL="<%= @mediawiki_url %>"
8 |
--------------------------------------------------------------------------------
/puppet/modules/kafka/files/kafka.profile.sh:
--------------------------------------------------------------------------------
1 | # NOTE: This file is managed by puppet.
2 |
3 | # These environment variables are used by the kafka CLI
4 | # so that you don't have to provide them as arguments
5 | # every time you use it.
6 | export ZOOKEEPER_URL=localhost:2181
7 | export BROKER_LIST=localhost:9092
8 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/parserfunctions.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::parserfunctions
2 | # The ParserFunctions extension enhances the wikitext parser with
3 | # helpful functions, mostly related to logic and string-handling.
4 | class role::parserfunctions {
5 | mediawiki::extension { 'ParserFunctions': }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/oauth/check-auth.sql.erb:
--------------------------------------------------------------------------------
1 | USE <%= scope.lookupvar('::mediawiki::db_name') %>;
2 | SELECT count(*)
3 | FROM oauth_accepted_consumer
4 | WHERE oaac_access_token = '<%= @access_token %>'
5 | AND oaac_access_secret = '<%= @access_secret %>'
6 | AND oaac_grants = '<%= @grants_json %>';
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/sentry/VagrantRoleSentry.wiki.erb:
--------------------------------------------------------------------------------
1 | Sentry instance: [//<%= @hostname %><%= @port_fragment %>/mediawiki/default/ <%= @hostname %>]
2 |
3 | See [https://www.mediawiki.org/wiki/Extension:Sentry the help page of the Sentry extension] for more information.
4 |
5 | {{:VagrantRoleBuggy}}
6 |
--------------------------------------------------------------------------------
/puppet/modules/jsduck/manifests/init.pp:
--------------------------------------------------------------------------------
1 | # == Class: jsduck
2 | #
3 | # This role provisions JSDuck, a Javascript documentation tool
4 | # commonly used in MediaWiki code.
5 | #
6 | class jsduck {
7 | package { 'jsduck':
8 | ensure => '5.3.4',
9 | provider => 'gem',
10 | }
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/codeeditor.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::codeeditor
2 | # The CodeEditor extension embeds the ACE code editor in the WikiEditor
3 | # edit interface when source code content.
4 | class role::codeeditor {
5 | include ::role::wikieditor
6 |
7 | mediawiki::extension { 'CodeEditor': }
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/labeledsectiontransclusion.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::labeledsectiontransclusion
2 | # Configures LabeledSectionTransclusion, an extension to let you
3 | # include parts of a page.
4 | class role::labeledsectiontransclusion {
5 | mediawiki::extension { 'LabeledSectionTransclusion': }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/eventschemas/manifests/init.pp:
--------------------------------------------------------------------------------
1 | # == Class eventschemas
2 | #
3 | class eventschemas {
4 | $path = "${::service::root_dir}/event-schemas"
5 |
6 | git::clone { 'mediawiki/event-schemas':
7 | directory => $path,
8 | }
9 |
10 | service::gitupdate { 'event-schemas': }
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/logstash/templates/input/redis.erb:
--------------------------------------------------------------------------------
1 | input {
2 | redis {
3 | host => "<%= @host %>"
4 | port => <%= @port %>
5 | data_type => "<%= @data_type %>"
6 | key => "<%= @key %>"
7 | <%- if @password -%>
8 | password => "<%= @password %>"
9 | <%- end -%>
10 | }
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/performanceinspector.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::performanceinspector
2 | # Configures PerformanceInspector, a MediaWiki extension that shows
3 | # performance metrics on the client side.
4 | class role::performanceinspector {
5 | mediawiki::extension { 'PerformanceInspector':
6 | }
7 | }
8 |
--------------------------------------------------------------------------------
/puppet/modules/apt/templates/multiverse.list.erb:
--------------------------------------------------------------------------------
1 | # Ubuntu multiverse package repository source file.
2 | # This file is managed by Puppet.
3 | #
4 | deb http://archive.ubuntu.com/ubuntu <%= scope['::lsbdistcodename'] %> multiverse
5 | deb http://security.ubuntu.com/ubuntu <%= scope['::lsbdistcodename'] %>-security multiverse
6 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/templates/logrotate.d-mediawiki-debug-log.erb:
--------------------------------------------------------------------------------
1 | # logrotate config for MediaWiki wgDebugLogFIle
2 | # This file is managed by Puppet
3 |
4 | <%= @debug_log_file %> {
5 | daily
6 | missingok
7 | rotate 7
8 | compress
9 | notifempty
10 | nocreate
11 | nomail
12 | }
13 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/categorytree.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::categorytree
2 | # Configures CategoryTree, an extension for making category trees
3 | class role::categorytree {
4 | mediawiki::extension { 'CategoryTree':
5 | settings => {
6 | wgUseAjax => true,
7 | }
8 | }
9 | }
10 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/inputbox.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::inputbox
2 | # The InputBox[1] extension extension adds support for embedding
3 | # simple navigational forms in wikitext.
4 | #
5 | # [1] https://www.mediawiki.org/wiki/Extension:InputBox
6 | class role::inputbox {
7 | mediawiki::extension { 'InputBox': }
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/renameuser.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::renameuser
2 | # The Renameuser extension provides a special page which allows authorized
3 | # users to rename user accounts. This will cause page histories, etc. to be
4 | # updated.
5 | class role::renameuser {
6 | mediawiki::extension { 'Renameuser': }
7 | }
8 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/wikimediaincubator.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::wikimediaincubator
2 | # The WikimediaIncubator extension adds support for workflows specific
3 | # to Wikimedia Incubator (https://incubator.wikimedia.org).
4 | class role::wikimediaincubator {
5 | mediawiki::extension { 'WikimediaIncubator': }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/spec/unit/puppet/type/anchor_spec.rb:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 |
3 | require 'puppet'
4 |
5 | anchor = Puppet::Type.type(:anchor).new(:name => "ntp::begin")
6 |
7 | describe anchor do
8 | it "should stringify normally" do
9 | anchor.to_s.should == "Anchor[ntp::begin]"
10 | end
11 | end
12 |
--------------------------------------------------------------------------------
/.puppet-lint.rc:
--------------------------------------------------------------------------------
1 | # Long lines are common in Exec and various config blocks.
2 | # Using templates or lint:ignore:80chars comments to work around that is
3 | # painful, so just ignore the automated check and rely on manual checks to see
4 | # that this is not abused.
5 | --no-80chars-check
6 |
7 | # Be strict.
8 | --fail-on-warnings
9 |
--------------------------------------------------------------------------------
/puppet/modules/eventlogging/templates/service.erb:
--------------------------------------------------------------------------------
1 | <% if @port -%>
2 | --port
3 | <%= @port %>
4 | <% end -%>
5 | <% if @num_processes -%>
6 | --num-processes
7 | <%= @num_processes %>
8 | <% end -%>
9 | --schemas-path
10 | <%= @schemas_path %>
11 | --topic-config
12 | <%= @topic_config %>
13 | <%= @outputs.join("\n") %>
14 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/templates/multiwiki/mwscript.erb:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | # Shell wrapper for multiwiki/MWScript.php.
3 |
4 | # Ensure that the script is run as the www-data user
5 | [[ $(whoami) = www-data ]] || exec sudo --preserve-env -u www-data -n -- "$0" "$@"
6 |
7 | exec php5 <%= @script_dir %>/MWScript.php "$@"
8 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/headertabs.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::headertabs
2 | # The HeaderTabs extension transforms top-level MediaWiki headers into tabs
3 | # using the jQuery UI JavaScript library.
4 | class role::headertabs {
5 |
6 | require ::role::mediawiki
7 |
8 | mediawiki::extension { 'HeaderTabs': }
9 | }
10 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/usermerge.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::usermerge
2 | # The UserMerge extension allows wiki users with the usermerge permission
3 | # (Bureaucrat by default) to merge one Wiki user's account with another Wiki
4 | # user's account.
5 | class role::usermerge {
6 | mediawiki::extension { 'UserMerge': }
7 | }
8 |
--------------------------------------------------------------------------------
/spec/spec_helper.rb:
--------------------------------------------------------------------------------
1 | require 'rspec'
2 | require 'fakefs/spec_helpers'
3 |
4 | require_relative 'support/mock_environment'
5 | require_relative 'support/string'
6 |
7 | RSpec.configure do |config|
8 | config.include FakeFS::SpecHelpers, fakefs: true
9 | config.include MediaWikiVagrant::SpecHelpers::String
10 | end
11 |
--------------------------------------------------------------------------------
/puppet/modules/mysql/manifests/packages.pp:
--------------------------------------------------------------------------------
1 | # == Class: mysql::packages
2 | #
3 | # MySQL package resources, abstracted out to a separate, unparametrized
4 | # class so they can be included from multiple locations.
5 | #
6 | class mysql::packages {
7 | package { 'mysql-server':
8 | ensure => present,
9 | }
10 | }
11 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/widgets.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::widgets
2 | # The Widgets extension allows the creation of raw HTML pages that can be
3 | # embedded (similarly to templates) in normal wiki pages.
4 | class role::widgets {
5 |
6 | require ::role::mediawiki
7 |
8 | mediawiki::extension { 'Widgets': }
9 | }
10 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/questycaptcha/VagrantRoleQuestyCaptcha.wiki.erb:
--------------------------------------------------------------------------------
1 | '''QuestyCaptcha''' is a plugin for ConfirmEdit that presents questions from the LocalSettings configuration to protect certain actions on-wiki.
2 |
3 | See [https://www.mediawiki.org/wiki/Extension:QuestyCaptcha Extension:QuestyCaptcha] for more information.
4 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/templates/wiki/dbConf.php.erb:
--------------------------------------------------------------------------------
1 | ';
6 | $wgCentralAuthAutoLoginWikis['<%= @wiki_name %>'] = '<%= @db_name %>';
7 | $wgMediawikiRoot['<%= @db_name %>'] = '<%= @src_dir %>';
8 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/warnings_as_errors.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::warnings_as_errors
2 | # Turns all PHP warnings and notices into errors, useful for testing
3 | class role::warnings_as_errors {
4 | mediawiki::settings { 'warnings_as_errors':
5 | values => template( 'role/warnings_as_errors/conf.php.erb' ),
6 | }
7 | }
8 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/securepoll/conf.php.erb:
--------------------------------------------------------------------------------
1 | if ( $wgDBname === 'votewiki' ) {
2 | $wgSecurePollUseNamespace = true;
3 | $wgGroupPermissions["sysop"]["securepoll-create-poll"] = true;
4 | }
5 |
6 | # It seems https isn't configured right in Vagrant, so use http instead.
7 | $wgSecurePollCreateRemoteScriptPath = 'http:$wgServer/w';
8 |
--------------------------------------------------------------------------------
/puppet/modules/virtualenv/manifests/init.pp:
--------------------------------------------------------------------------------
1 | # == Class virtualenv
2 | # Helper class to install python packages via virtualenv.
3 | # Require this class, then use virtualenv::environment.
4 | #
5 | class virtualenv {
6 | package { 'virtualenv':
7 | ensure => present,
8 | provider => pip,
9 | }
10 | }
11 |
12 |
--------------------------------------------------------------------------------
/puppet/modules/elasticsearch/templates/CirrusSearch-commons.php.erb:
--------------------------------------------------------------------------------
1 | $wgCirrusSearchNamespaceMappings[ NS_FILE ] = 'file';
2 | $wgCirrusSearchReplicaCount['file'] = 1;
3 | $wgCirrusSearchShardCount['file'] = 1;
4 | // Undo global config that includes commons files in other wikis search results
5 | unset( $wgCirrusSearchExtraIndexes[ NS_FILE ] );
6 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/templates/wiki/apache-images.erb:
--------------------------------------------------------------------------------
1 | # vim: filetype=apache sts=4 sw=4 autoindent
2 | #
3 | # This file is managed by Puppet.
4 | #
5 | >
6 | Require all granted
7 | Header set Access-Control-Allow-Origin "*"
8 |
9 |
10 | Alias <%= @upload_path %> <%= @upload_dir %>
11 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/centralnotice.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::centralnotice
2 | #
3 | # Add the MediaWiki extensions needed for developing banner delivery tools.
4 | #
5 | class role::centralnotice {
6 | include ::role::translate
7 |
8 | mediawiki::extension { 'CentralNotice':
9 | needs_update => true,
10 | }
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/l10nupdate.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::l10update
2 | #
3 | # Install the LocalisationUpdate extension
4 | #
5 | class role::l10nupdate {
6 | mediawiki::extension { 'LocalisationUpdate':
7 | settings => {
8 | 'wgLocalisationUpdateDirectory' => '$wgCacheDirectory',
9 | },
10 | }
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/shorturl.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::shorturl
2 | # Installs the [ShortUrl][1] extension which adds a
3 | # special page that helps create shortened URLs for wiki pages.
4 | #
5 | # [1] https://www.mediawiki.org/wiki/Extension:ShortUrl
6 | #
7 | class role::shorturl {
8 | mediawiki::extension { 'ShortUrl': }
9 | }
10 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/uploadslink.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::uploadslink
2 | # The UploadsLink extension adds a link to the personal uploads listing,
3 | # within the personal tools menu and one to the Tools-box on user pages
4 | # and pages that relate to a user.
5 | class role::uploadslink {
6 | mediawiki::extension { 'UploadsLink': }
7 | }
8 |
--------------------------------------------------------------------------------
/puppet/modules/xhprofgui/templates/xhprof-apache-config.erb:
--------------------------------------------------------------------------------
1 | # vim: filetype=apache sts=4 sw=4 autoindent
2 | #
3 | # Apache site configuration for XHProf
4 | # This file is managed by Puppet.
5 | #
6 |
7 | /xhprof_html>
8 | Require all granted
9 |
10 |
11 | Alias /xhprof "<%= @dir %>/xhprof_html"
12 |
13 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/templates/skin.php.erb:
--------------------------------------------------------------------------------
1 | if ( class_exists( 'ExtensionRegistry' ) && file_exists( "$IP/skins/<%= @skin %>/skin.json" ) ) {
2 | wfLoadSkin( '<%= @skin %>' );
3 | } else {
4 | include_once "$IP/skins/<%= @skin %>/<%= @skin %>.php";
5 | }
6 | <% if @default -%>
7 | $wgDefaultSkin = '<%= @skin.downcase %>';
8 | <% end -%>
9 |
10 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/revisionslider.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::revisionslider
2 | # The RevisionSlider extension adds a slider interface to the diff view
3 | # If the BetaFeatures extension is installed, the user should enable the feature to test the RevisionSlider
4 | class role::revisionslider {
5 | mediawiki::extension { 'RevisionSlider': }
6 | }
7 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/youtube.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::youtube
2 | # The YouTube extension allows users to embed YouTube and Google Video movies,
3 | # Archive.org audio and video, WeGame and Gametrailers video, Tangler forum,
4 | # and GoGreenTube video.
5 | class role::youtube {
6 |
7 | mediawiki::extension { 'YouTube': }
8 |
9 | }
10 |
--------------------------------------------------------------------------------
/puppet/modules/iegreview/templates/create_user.sql.erb:
--------------------------------------------------------------------------------
1 | INSERT INTO <%= @db_name %>.users (
2 | username,
3 | password,
4 | email,
5 | reviewer,
6 | isvalid,
7 | isadmin
8 | ) VALUES (
9 | 'admin',
10 | '\\\$2y\\\$08\\\$QeeLottZC5JIZnq/yzafNebEhyB4UPNIVtAWkxdKOpg58uawGfrri',
11 | 'admin@localhost',
12 | 1,
13 | 1,
14 | 1
15 | );
16 |
--------------------------------------------------------------------------------
/puppet/modules/redis/templates/redis.conf.erb:
--------------------------------------------------------------------------------
1 | # Configuration file for Redis, an in-memory key-value store.
2 | # This file is managed by Puppet.
3 |
4 | <%=
5 | @defaults.merge(@settings).select { |k,v|
6 | v and v.to_s != 'undef'
7 | }.map { |k,v|
8 | [k.tr('_','-')].push(v).flatten.join(' ')
9 | }.sort.join("\n")
10 | %>
11 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/buggy.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::buggy
2 | # Buggy extension - an extension that generates bugs.
3 | #
4 | class role::buggy {
5 | mediawiki::extension { 'Buggy': }
6 |
7 | mediawiki::import::text { 'VagrantRoleBuggy':
8 | source => 'puppet:///modules/role/buggy/VagrantRoleBuggy.wiki',
9 | }
10 | }
11 |
12 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/oathauth.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::oathauth
2 | # Provisions the OATHAuth[1] extension, which allows two-factor authentication.
3 | #
4 | # [1] https://www.mediawiki.org/wiki/Extension:OATHAuth
5 | #
6 | class role::oathauth {
7 | mediawiki::extension { 'OATHAuth':
8 | needs_update => true,
9 | }
10 | }
11 |
12 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/pageassessments.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::pageassessments
2 | # This extension is for the purposes of storing article assessments (for
3 | # WikiProjects) in a new database table.
4 | #
5 | class role::pageassessments {
6 | mediawiki::extension { 'PageAssessments':
7 | needs_update => true,
8 | }
9 | }
10 |
11 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/spark.pp:
--------------------------------------------------------------------------------
1 | # == Class role::spark
2 | #
3 | class role::spark {
4 | require ::role::hadoop
5 |
6 | class { '::cdh::spark': }
7 |
8 | # Make sure HDFS is totally ready before the CDH
9 | # module tries to create this directory.
10 | Exec['wait_for_hdfs'] -> Cdh::Hadoop::Directory['/user/spark']
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/smashpig/templates/apache-site.erb:
--------------------------------------------------------------------------------
1 | DocumentRoot "<%= scope.lookupvar('smashpig::dir') %>/PublicHttp"
2 |
3 | ServerName <%= scope.lookupvar('smashpig::vhost_name') %>
4 |
5 | /PublicHttp">
6 | Options -Indexes
7 | AllowOverride all
8 | Require all granted
9 |
10 |
--------------------------------------------------------------------------------
/puppet/modules/crm/templates/drupal-install.sh.erb:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | <%= scope['::crm::drush::wrapper'] %> \
4 | site-install standard \
5 | --db-url='<%= @db_url %>' \
6 | --site-name='<%= scope['::crm::site_name'] %>' \
7 | --account-name=admin --account-pass='vagrant' \
8 | install_configure_form.update_status_module='array(FALSE,FALSE)'
9 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/apparmor.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::apparmor
2 | #
3 | # Basic apparmor configuration. AppArmor is a Linux Security Module
4 | # implementation of name-based access controls. AppArmor confines individual
5 | # programs to a set of listed files and posix 1003.1e draft capabilities.
6 | class role::apparmor {
7 | include ::apparmor
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/interwiki.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::interwiki
2 | #
3 | # Provision and configure special page to view and edit interwiki table.
4 | #
5 | class role::interwiki {
6 | mediawiki::extension { 'Interwiki':
7 | settings => [
8 | '$wgGroupPermissions["sysop"]["interwiki"] = true',
9 | ],
10 | }
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/payments.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::payments
2 | # Provision a payments wiki using the fundraising deployment branch.
3 | #
4 | # This role creates one additional wiki, payments.wiki.local.wmftest.net
5 | #
6 | class role::payments {
7 | require ::role::mediawiki
8 | require ::role::memcached
9 |
10 | include ::payments
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/wikimediaevents.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::wikimediaevents
2 | # Configures WikimediaEvents, a MediaWiki extension that uses
3 | # EventLogging to log certain events.
4 | class role::wikimediaevents {
5 | include ::role::eventlogging
6 | include ::role::xanalytics
7 |
8 | mediawiki::extension { 'WikimediaEvents': }
9 | }
10 |
--------------------------------------------------------------------------------
/puppet/modules/scholarships/templates/create_user.sql.erb:
--------------------------------------------------------------------------------
1 | INSERT INTO <%= @db_name %>.users (
2 | username,
3 | password,
4 | email,
5 | reviewer,
6 | isvalid,
7 | isadmin
8 | ) VALUES (
9 | 'admin',
10 | '\\\$2y\\\$08\\\$QeeLottZC5JIZnq/yzafNebEhyB4UPNIVtAWkxdKOpg58uawGfrri',
11 | 'admin@localhost',
12 | 1,
13 | 1,
14 | 1
15 | );
16 |
--------------------------------------------------------------------------------
/puppet/modules/swift/templates/upstart.erb:
--------------------------------------------------------------------------------
1 | #####################################################################
2 | ### THIS FILE IS MANAGED BY PUPPET
3 | #####################################################################
4 |
5 | description "<%= @title %>"
6 |
7 | start on mediawiki-ready
8 | respawn
9 |
10 | exec /usr/bin/<%= @title %> <%= @cfg_file %>
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/fundraising.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::fundraising
2 | #
3 | # Provision subsystems being developed by the Fundraising group
4 | #
5 | class role::fundraising {
6 | include ::role::centralnotice
7 | include ::role::payments
8 | include ::activemq
9 | include ::crm
10 | include ::rsyslog
11 | include ::smashpig
12 | }
13 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/guidedtour.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::guidedtour
2 | # Configures Guided Tour, a MediaWiki extension which provides a
3 | # framework for creating "guided tours", or interactive tutorials
4 | # for MediaWiki features.
5 | class role::guidedtour {
6 | include ::role::eventlogging
7 |
8 | mediawiki::extension { 'GuidedTour': }
9 | }
10 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/lockdown/settings.php.erb:
--------------------------------------------------------------------------------
1 | // Disallow account creation from the wiki
2 | // Use `mwscript createAndPromote.php` instead
3 | $wgGroupPermissions['*']['createaccount'] = false;
4 | $wgGroupPermissions['sysop']['createaccount'] = false;
5 |
6 | // Block anons from editing
7 | $wgGroupPermissions['*']['edit'] = false;
8 | $wgShowIPinHeader = false;
9 |
--------------------------------------------------------------------------------
/puppet/modules/php/templates/conffile.ini.erb:
--------------------------------------------------------------------------------
1 | ; This file is managed by Puppet.
2 |
3 | <%=
4 | case @settings
5 | when Hash
6 | @settings.sort.map { |k,v|
7 | v = v ? 1 : 0 if [TrueClass, FalseClass].include? v.class
8 | %Q(#{k} = "#{v}")
9 | }.join("\n")
10 | when Array
11 | @settings.join("\n")
12 | else
13 | @settings
14 | end
15 | %>
16 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/urlgetparameters.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::urlgetparameters
2 | # The UrlGetParameters extension enables you to use and/or display the "GET"
3 | # parameters of the URL, i.e. the query string, on the wiki page.
4 | class role::urlgetparameters {
5 |
6 | require ::role::mediawiki
7 |
8 | mediawiki::extension { 'UrlGetParameters': }
9 | }
10 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/popups.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::popups
2 | # The Popups extension shows a popup when people hover over article
3 | # links.
4 | class role::popups {
5 | include ::role::eventlogging
6 | include ::role::pageimages
7 | include ::role::textextracts
8 | include ::role::betafeatures
9 |
10 | mediawiki::extension { 'Popups': }
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/service/templates/gitupdate.conf.erb:
--------------------------------------------------------------------------------
1 | SERVICE_NAME=<%= @title %>
2 | SERVICE_DIR=<%= @srv_dir %>
3 | NEED_CHDIR=<%= if @pull || @update then 'yes' else '' end %>
4 | DO_PULL=<%= if @pull then 'yes' else '' end %>
5 | UPDATE_CMD=<%= if @update then "'#{@up_cmd}'" else '' end %>
6 | DO_RESTART=<%= if @restart then 'yes' else '' end %>
7 | RESTART_NAME=<%= @restart_name %>
8 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/files/logrotate.d_mediawiki_jobchron:
--------------------------------------------------------------------------------
1 | # logrotate config for MediaWiki Jobrunner logs
2 | # This file is managed by Puppet
3 | /var/log/mediawiki/jobchron.log {
4 | daily
5 | missingok
6 | rotate 7
7 | compress
8 | notifempty
9 | nocreate
10 | postrotate
11 | /sbin/restart jobchron > /dev/null 2>&1
12 | endscript
13 | }
14 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/files/logrotate.d_mediawiki_jobrunner:
--------------------------------------------------------------------------------
1 | # logrotate config for MediaWiki Jobrunner logs
2 | # This file is managed by Puppet
3 | /var/log/mediawiki/jobrunner.log {
4 | daily
5 | missingok
6 | rotate 7
7 | compress
8 | notifempty
9 | nocreate
10 | postrotate
11 | /sbin/restart jobrunner > /dev/null 2>&1
12 | endscript
13 | }
14 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/memcached.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::memcached
2 | # This role installs and enables memcached, as configured by wmf in production.
3 | #
4 | class role::memcached {
5 | include ::memcached
6 | include ::memcached::php
7 |
8 | mediawiki::settings { 'Memcached':
9 | values => template('role/memcached/conf.php.erb'),
10 | }
11 |
12 | }
13 |
--------------------------------------------------------------------------------
/puppet/modules/memcached/manifests/php.pp:
--------------------------------------------------------------------------------
1 | # == Class: memcached::php
2 | #
3 | # This class configures a PHP extension that provides an API for communicating
4 | # with the memcached key-value store.
5 | #
6 | class memcached::php {
7 | include ::apache
8 |
9 | package { 'php5-memcached':
10 | ensure => present,
11 | notify => Service['apache2'],
12 | }
13 | }
14 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/parsoid.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::parsoid
2 | # Configures Parsoid, a wikitext parsing service
3 | class role::parsoid {
4 | include ::parsoid
5 |
6 | # register the PHP Virtual REST Service connector
7 | mediawiki::settings { 'parsoid-vrs':
8 | values => template('role/parsoid/vrs.php.erb'),
9 | priority => 4,
10 | }
11 |
12 | }
13 |
--------------------------------------------------------------------------------
/puppet/modules/trafficserver/templates/build.sh.erb:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | cd /tmp
3 | wget http://www.us.apache.org/dist/trafficserver/trafficserver-<%= @version %>.tar.bz2
4 | tar xjvf trafficserver-<%= @version %>.tar.bz2
5 | cd trafficserver-<%= @version %>
6 | ./configure --prefix=<%= @deploy_dir %> --enable-experimental-plugins --with-user=trafficserver --with-group=trafficserver
7 | make
8 | make install
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/geodata.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::geodata
2 | # GeoData is an extension that allows storing coordinates in articles
3 | # and searching for them.
4 | class role::geodata {
5 | mediawiki::extension { 'GeoData':
6 | needs_update => true,
7 | # Should come after either CirrusSearch or Solarium.
8 | priority => $::LOAD_LATER,
9 | }
10 | }
11 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/notebook.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::notebook
2 | # Sets up the NotebookViewer MW extension
3 | class role::notebook {
4 |
5 | package { [
6 | 'nbconvert',
7 | 'ipython',
8 | 'bleach',
9 | ]:
10 | ensure => present,
11 | provider => pip,
12 | }
13 |
14 | mediawiki::extension { 'NotebookViewer':
15 | }
16 | }
17 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/warnings_as_errors/conf.php.erb:
--------------------------------------------------------------------------------
1 | set_error_handler( function( $errno, $errstr, $errfile, $errline, $errcontext ) {
2 | $err = "Error: $errstr";
3 | if ( $errfile ) {
4 | $err .= " in $errfile";
5 | if ( $errline ) {
6 | $err .= ", line $errline";
7 | }
8 | }
9 | $err .= ".\n";
10 | die( $err );
11 | }, E_WARNING | E_NOTICE | E_USER_WARNING | E_USER_NOTICE );
--------------------------------------------------------------------------------
/HACKING.md:
--------------------------------------------------------------------------------
1 | # Puppet Code Conventions
2 | We mostly follow https://wikitech.wikimedia.org/wiki/Puppet_coding
3 |
4 | ## Exec resources
5 | * lowercase_with_underscore
6 | * Omit path, unless it's useful for some reason (for example, /bin/true
7 | to avoid confusion with boolean true).
8 | * No spaces in name (unless the name is the command).
9 | * Prefer a short, human-readable name to a command.
10 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/files/phpsh.sh:
--------------------------------------------------------------------------------
1 | # Alias for `phpsh` that ensures it is invoked with the MediaWiki
2 | # codebase as its working directory.
3 | #
4 | # This file is managed by Puppet.
5 | #
6 |
7 | # Ensure that we're in an interactive bash session.
8 | [ -z "$BASH_VERSION" -o -z "$PS1" ] && return
9 | phpsh () {
10 | (
11 | cd $MW_INSTALL_PATH
12 | command phpsh "$@"
13 | )
14 | }
15 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/mathoid.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::mathoid
2 | # This role installs the mathoid service for server side MathJax rendering.
3 | #
4 | class role::mathoid {
5 | include ::mathoid
6 | # use local mathoid renderer
7 | mediawiki::settings { 'Mathoid':
8 | values => [
9 | '$wgMathMathMLUrl = "http://localhost:10042";',
10 | ],
11 | }
12 | }
13 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/wikigrok.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::wikigrok
2 | # Creates an easy way to fill in missing Wikidata information
3 | class role::wikigrok {
4 | include ::role::wikidata
5 | include ::role::mobilefrontend
6 |
7 | mediawiki::extension { 'WikiGrok':
8 | settings => [
9 | '$wgWikiGrokRepoMode = $wmgUseWikibaseRepo;',
10 | ],
11 | }
12 | }
13 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/campaigns.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::campaigns
2 | # Provisions the Campaigns[1] extension, which allows tracking the source
3 | # of account creations via a 'campaign' URL parameter.
4 | #
5 | # [1] https://www.mediawiki.org/wiki/Extension:Campaigns
6 | #
7 | class role::campaigns {
8 | include role::eventlogging
9 |
10 | mediawiki::extension { 'Campaigns': }
11 | }
12 |
13 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/mobileapp.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::mobileapp
2 | # Configures MobileApp, which produces CSS files and hooks
3 | # for the Wikimedia Android & iOS Mobile apps
4 | class role::mobileapp {
5 | include ::role::mobilefrontend
6 | include ::role::cite
7 |
8 | mediawiki::extension { 'MobileApp':
9 | require => Mediawiki::Extension['MobileFrontend'],
10 | }
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/raita/apache.conf.erb:
--------------------------------------------------------------------------------
1 | ServerName <%= @vhost_name %>
2 | DocumentRoot "<%= @dir %>/docroot"
3 |
4 | Header set Access-Control-Allow-Origin "*"
5 | Header set Access-Control-Allow-Methods "GET,POST,HEAD,DELETE,PUT,OPTIONS"
6 |
7 | ProxyRequests Off
8 | ProxyPass /db "<%= @index_url %>"
9 |
10 | /docroot">
11 | Require all granted
12 |
13 |
--------------------------------------------------------------------------------
/puppet/modules/elasticsearch/files/logrotate:
--------------------------------------------------------------------------------
1 | #####################################################################
2 | ### THIS FILE IS MANAGED BY PUPPET
3 | ### puppet:///modules/elasticsearch/logrotate
4 | #####################################################################
5 |
6 | /var/log/elasticsearch/*.log {
7 | size 50M
8 | copytruncate
9 | missingok
10 | notifempty
11 | rotate 2
12 | }
13 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/scholarships.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::scholarships
2 | # Provisions the Wikimania Scholarships application.
3 | #
4 | # *Note*: The application is provisioned using an Apache named virtual host.
5 | # Once the role is enabled and provisioned use the URL
6 | # http://scholarships.local.wmftest.net:8080/ to access the site.
7 | class role::scholarships {
8 | include ::scholarships
9 | }
10 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/wikilove.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::wikilove
2 | # The WikiLove extension lets people send love to other wiki users
3 | # in the form of the Internet's most preferred currency, kittens.
4 | class role::wikilove {
5 | mediawiki::extension { 'WikiLove':
6 | needs_update => true,
7 | settings => {
8 | wgWikiLoveGlobal => true,
9 | }
10 | }
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/apache/manifests/mod/proxy_fcgi.pp:
--------------------------------------------------------------------------------
1 | # == Class: apache::mod::proxy_fcgi
2 | #
3 | class apache::mod::proxy_fcgi {
4 | if versioncmp($::lsbdistrelease, '13.10') >= 0 {
5 | apache::mod_conf { 'proxy_fcgi': }
6 |
7 | apache::conf { 'fcgi_headers':
8 | source => 'puppet:///modules/apache/conf/fcgi_headers.conf',
9 | priority => 0,
10 | }
11 | }
12 | }
13 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/iegreview.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::iegreview
2 | # Provisions the IEG grant review application.
3 | #
4 | # *Note*: The application is provisioned using an Apache named virtual host.
5 | # Once the role is enabled and provisioned use the URL
6 | # http://iegreview.local.wmftest.net:8080/ to access the site.
7 | class role::iegreview {
8 | include ::parsoid
9 | include ::iegreview
10 | }
11 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/commonsmetadata.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::commonsmetadata
2 | # This role provisions the CommonsMetadata[https://www.mediawiki.org/wiki/Extension:CommonsMetadata] extension,
3 | # which adds image metadata extracted from the
4 | # description page to the imageinfo API.
5 | class role::commonsmetadata {
6 | include ::role::multimedia
7 |
8 | mediawiki::extension { 'CommonsMetadata': }
9 | }
10 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/statsd.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::statsd
2 | # Installs a Statsd instance which collects statistics from your wiki
3 | # The statsd output goes to /vagrant/logs/statsd.log
4 | #
5 | class role::statsd (
6 | ) {
7 | include ::statsd
8 |
9 | mediawiki::settings { 'Statsd':
10 | values => {
11 | wgStatsdServer => "localhost:${::statsd::port}",
12 | },
13 | }
14 | }
15 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/variables.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::variables
2 | # The Variables extension allows you to define a variable on a page, use it
3 | # later in that same page or included templates, change its value, possibly to
4 | # a value given by an expression in terms of the old value, etc.
5 | class role::variables {
6 |
7 | require ::role::mediawiki
8 |
9 | mediawiki::extension { 'Variables': }
10 | }
11 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/sitematrix.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::sitematrix
2 | # The sitematrix extension adds a special page with a matrix of all sites
3 | class role::sitematrix {
4 | mediawiki::extension { 'SiteMatrix':
5 | # TODO: DB postfixes other than 'wiki' aren't supported elsewhere
6 | settings => "\$wgSiteMatrixSites['wiki']['host'] = 'www${mediawiki::multiwiki::base_domain}${::port_fragment}';",
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/education.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::education
2 | # Configures the Education Program extension & its dependencies.
3 | class role::education {
4 | include ::role::cldr
5 | include ::role::echo
6 | include ::role::parserfunctions
7 |
8 | mediawiki::extension { 'EducationProgram':
9 | needs_update => true,
10 | priority => $::LOAD_LAST, # load *after* CLDR
11 | }
12 | }
13 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/phragile/apache.conf.erb:
--------------------------------------------------------------------------------
1 | ServerName <%= @vhost_name %>
2 | DocumentRoot <%= @install_dir %>/public
3 | ProxyPass /index.php fcgi://127.0.0.1:9000/vagrant/srv/phragile/public/index.php retry=0
4 |
5 | RewriteCond %{REQUEST_FILENAME} !-d
6 | RewriteCond %{REQUEST_FILENAME} !-f
7 | RewriteRule ^ /index.php [L]
8 |
9 |
10 | AllowOverride All
11 | Require all granted
12 |
13 |
14 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/Modulefile:
--------------------------------------------------------------------------------
1 | name 'puppetlabs-stdlib'
2 | version '3.2.1'
3 | source 'git://github.com/puppetlabs/puppetlabs-stdlib'
4 | author 'puppetlabs'
5 | license 'Apache 2.0'
6 | summary 'Puppet Module Standard Library'
7 | description 'Standard Library for Puppet Modules'
8 | project_page 'https://github.com/puppetlabs/puppetlabs-stdlib'
9 |
10 | ## Add dependencies, if any:
11 | # dependency 'username/name', '>= 1.2.0'
12 |
--------------------------------------------------------------------------------
/puppet/modules/trafficserver/templates/upstart.erb:
--------------------------------------------------------------------------------
1 | #####################################################################
2 | ### THIS FILE IS MANAGED BY PUPPET
3 | #####################################################################
4 |
5 | description "Apache Traffic Server"
6 |
7 | start on mediawiki-ready
8 | respawn
9 |
10 | setuid trafficserver
11 | setgid trafficserver
12 |
13 | exec <%= @deploy_dir %>/bin/traffic_server
14 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/wikieditor.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::wikieditor
2 | # Configures WikiEditor, an extension which enable an extendable editing
3 | # toolbar and interface
4 | class role::wikieditor {
5 | mediawiki::extension { 'WikiEditor':
6 | settings => [
7 | '$wgDefaultUserOptions["usebetatoolbar"] = 1',
8 | '$wgDefaultUserOptions["usebetatoolbar-cgd"] = 1',
9 | ],
10 | }
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/visualeditor/conf.php.erb:
--------------------------------------------------------------------------------
1 | // http://www.mediawiki.org/wiki/Extension:VisualEditor#Basic_setup_instructions
2 | $wgVisualEditorAvailableNamespaces = [ NS_MAIN => true, NS_USER => true, NS_FILE => true ];
3 | $wgVisualEditorUseSingleEditTab = true;
4 | $wgDefaultUserOptions['visualeditor-enable'] = 1;
5 | $wgVisualEditorParsoidURL = 'http://localhost:<%= scope['parsoid::port'] %>';
6 | $wgVisualEditorEnableWikitext = true;
7 |
--------------------------------------------------------------------------------
/puppet/modules/sentry/templates/apache-site.erb:
--------------------------------------------------------------------------------
1 | #####################################################################
2 | ### THIS FILE IS MANAGED BY PUPPET
3 | #####################################################################
4 |
5 | ServerName <%= @vhost_name %>
6 |
7 | ProxyPass / http://localhost:9002/
8 | ProxyPassReverse / http://localhost:9002/
9 | ProxyPreserveHost On
10 | RequestHeader set X-Forwarded-Proto "https" env=HTTPS
11 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/files/main_page_template.wiki:
--------------------------------------------------------------------------------
1 | '''Welcome to MediaWiki-Vagrant!'''
2 |
3 | * [//www.mediawiki.org/wiki/MediaWiki-Vagrant MediaWiki-Vagrant help]
4 | * [//www.mediawiki.org/wiki/Help:Contents MediaWiki help]
5 |
6 | == Help for enabled roles ==
7 | :''(run vagrant roles help in the directory where you installed MediaWiki-Vagrant to get help about enabling roles)''
8 |
9 | {{Special:Prefixindex/VagrantRole}}
10 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/liquidthreads.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::liquidthreads
2 | # Configures LiquidThreads, a MediaWiki discussion system (note:
3 | # LiquidThreads is not being actively developed)
4 | class role::liquidthreads {
5 | include ::role::echo
6 | include ::role::wikieditor
7 |
8 | mediawiki::extension { 'LiquidThreads':
9 | settings => {
10 | wgLqtTalkPages => false
11 | }
12 | }
13 | }
14 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/templatestyles.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::templatestyles
2 | # Installs the [TemplateStyles][1] extension which introduces
3 | # a `` tag to supply a CSS stylesheet for a particular
4 | # template.
5 | #
6 | # [1] https://www.mediawiki.org/wiki/Extension:TemplateStyles
7 | class role::templatestyles {
8 | require ::role::mediawiki
9 |
10 | mediawiki::extension { 'TemplateStyles': }
11 | }
12 |
13 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/lib/puppet/parser/functions/max.rb:
--------------------------------------------------------------------------------
1 | module Puppet::Parser::Functions
2 | newfunction(:max, :type => :rvalue, :doc => <<-EOS
3 | Returns the highest value of all arguments.
4 | Requires at least one argument.
5 | EOS
6 | ) do |args|
7 |
8 | raise(Puppet::ParseError, "max(): Wrong number of arguments " +
9 | "need at least one") if args.size == 0
10 |
11 | return args.max
12 | end
13 | end
14 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/files/wiki/logrotate.d-mediawiki-shared-log-groups:
--------------------------------------------------------------------------------
1 | # logrotate config for MediaWiki shared log files
2 | # See top-level LocalSettings.php
3 | # This file is managed by Puppet
4 |
5 | /vagrant/logs/mediawiki-exception.log /vagrant/logs/mediawiki-runJobs.log /vagrant/logs/mediawiki-JobQueueRedis.log {
6 | daily
7 | missingok
8 | rotate 7
9 | compress
10 | notifempty
11 | nocreate
12 | nomail
13 | }
14 |
--------------------------------------------------------------------------------
/puppet/modules/redis/manifests/php.pp:
--------------------------------------------------------------------------------
1 | # == Class: redis::php
2 | #
3 | # This class configures phpredis, a PHP extension that provides an API
4 | # for communicating with the Redis key-value store.
5 | #
6 | class redis::php {
7 | include redis
8 | include apache
9 |
10 | package { 'php5-redis':
11 | ensure => present,
12 | require => Service['redis-server'],
13 | notify => Service['apache2'],
14 | }
15 | }
16 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/citoid.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::citoid
2 | # Provisions Citoid, a MediaWiki extension which adds an auto-
3 | # filled citation tool to VisualEditor using the citoid service.
4 | class role::citoid(
5 | $url,
6 | ) {
7 | include ::role::zotero
8 | include ::citoid
9 |
10 | mediawiki::extension { 'Citoid':
11 | settings => {
12 | wgCitoidServiceUrl => $url,
13 | }
14 | }
15 | }
16 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/gather.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::gather
2 | # Configures Gather, the MediaWiki extension which powers Special:Gather
3 | #
4 | class role::gather {
5 | include ::role::mediawiki
6 | include ::role::mobilefrontend
7 | include ::role::pageimages
8 | include ::role::textextracts
9 |
10 | mediawiki::extension { 'Gather':
11 | browser_tests => true,
12 | needs_update => true,
13 | }
14 | }
15 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/massmessage.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::massmessage
2 | # This role provisions the MassMessage extension, which allows users to
3 | # easily send a message to a list of pages via the job queue, and a set
4 | # of extensions which integrate with it: LiquidThreads and Echo.
5 | class role::massmessage {
6 | include ::role::echo
7 | include ::role::liquidthreads
8 |
9 | mediawiki::extension { 'MassMessage': }
10 | }
11 |
--------------------------------------------------------------------------------
/puppet/modules/crm/manifests/apache.pp:
--------------------------------------------------------------------------------
1 | # == Class: crm::apache
2 | #
3 | # Apache site configuration for the Fundraising CRM
4 | #
5 | class crm::apache {
6 | include ::crm
7 | include ::apache
8 | include ::apache::mod::rewrite
9 |
10 | apache::site { $crm::site_name:
11 | ensure => present,
12 | content => template('crm/crm-apache-site.erb'),
13 | require => Class['::apache::mod::rewrite'],
14 | }
15 | }
16 |
--------------------------------------------------------------------------------
/puppet/modules/kafka/files/upstart:
--------------------------------------------------------------------------------
1 | #####################################################################
2 | ### THIS FILE IS MANAGED BY PUPPET
3 | #####################################################################
4 |
5 | description "Kafka Broker"
6 |
7 | start on mediawiki-ready
8 | respawn
9 |
10 | setuid kafka
11 | setgid kafka
12 |
13 | env KAFKA_HEAP_OPTS="-Xmx164m -Xmx164m"
14 |
15 | exec /usr/bin/kafka-server-start /etc/kafka/server.properties
16 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/templates/docroot/w/dblist.php.erb:
--------------------------------------------------------------------------------
1 | /*dbConf.php' ) as $file ) {
10 | require $file;
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/role/files/elk/rsyslog.conf:
--------------------------------------------------------------------------------
1 | # rsyslogd(8) configuration file for Logstash.
2 | # This file is managed by Puppet.
3 |
4 | # Forward apache2 events to logstash
5 | :programname, isequal, "apache2" @127.0.0.1:10514
6 |
7 | # Forward hhvm events to logstash
8 | :programname, isequal, "hhvm" @127.0.0.1:10514
9 |
10 | # Forward kernel events mentioning hhvm to logstash
11 | if $msg contains "hhvm" and $programname == "kernel" then @127.0.0.1:10514
12 |
--------------------------------------------------------------------------------
/puppet/modules/role/files/oauth/VagrantRoleOAuth.wiki:
--------------------------------------------------------------------------------
1 | Documentation for OAuth: [[mw:Help:OAuth]], [[mw:Extension:OAuth]]
2 |
3 | Special pages:
4 | * list consumers: [[Special:OAuthListConsumers]]
5 | * manage own consumers: [[Special:OAuthConsumerRegistration]]
6 | * manage own grants: [[Special:OAuthManageMyGrants]]
7 | * consumer management log: [[Special:Log/mwoauthconsumer]]
8 |
9 | Test application: [{{SERVER}}/oauth-hello-world/ oauth-hello-world]
10 |
--------------------------------------------------------------------------------
/puppet/modules/role/files/titleblacklist/VagrantRoleTitleBlacklist.wiki:
--------------------------------------------------------------------------------
1 | The [[mw:Extension:TitleBlacklist|TitleBlacklist extension]] allows wiki administrators to block the creation, movement and upload of pages, the title of which matches one or more regular expressions, as well as blocking creation of accounts with matching usernames.
2 |
3 | The remote blacklist is fetched from [[metawikimedia:Title_blacklist]]. The local blacklist is at [[MediaWiki:Titleblacklist]].
4 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/navigationtiming.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::navigationtiming
2 | # Configures NavigationTiming, a MediaWiki extension that logs
3 | # client-side page load latency measurements via the EventLogging API.
4 | class role::navigationtiming {
5 | include ::role::eventlogging
6 |
7 | mediawiki::extension { 'NavigationTiming':
8 | settings => {
9 | wgNavigationTimingSamplingFactor => 1,
10 | },
11 | }
12 | }
13 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/antispam.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::antispam
2 | # Installs and sets up AntiSpoof, AbuseFilter, SpamBlacklist, and the
3 | # TitleBlacklist extensions
4 | class role::antispam {
5 | include ::role::abusefilter
6 | include ::role::antispoof
7 | include ::role::titleblacklist
8 |
9 | mediawiki::extension { 'SpamBlacklist':
10 | settings => {
11 | wgLogSpamBlacklistHits => true,
12 | },
13 | }
14 | }
15 |
--------------------------------------------------------------------------------
/puppet/modules/eventlogging/templates/service.upstart.erb:
--------------------------------------------------------------------------------
1 | #####################################################################
2 | ### THIS FILE IS MANAGED BY PUPPET
3 | #####################################################################
4 |
5 | description "EventLogging Produce HTTP Service"
6 |
7 | start on web
8 | respawn
9 |
10 | setuid www-data
11 | setgid www-data
12 |
13 | exec <%= @eventlogging_path %>/virtualenv/bin/eventlogging-service @<%= @config_file %>
14 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/templates/mediawiki-bridge.conf.erb:
--------------------------------------------------------------------------------
1 | # Upstart task for emitting MediaWiki ready event
2 | description "MediaWiki ready event emitter"
3 |
4 | start on runlevel [2345]
5 |
6 | emits mediawiki-ready
7 |
8 | script
9 | exec >/dev/null 2>&1
10 | while [ ! -r "<%= @dir %>/LocalSettings.php" ] || ! ( /usr/local/bin/mwscript sql.php [
10 | "\$wgGroupPermissions['sysop']['disableaccount'] = true;",
11 | ],
12 | }
13 | }
14 |
15 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/spec/monkey_patches/publicize_methods.rb:
--------------------------------------------------------------------------------
1 | # Some monkey-patching to allow us to test private methods.
2 | class Class
3 | def publicize_methods(*methods)
4 | saved_private_instance_methods = methods.empty? ? self.private_instance_methods : methods
5 |
6 | self.class_eval { public(*saved_private_instance_methods) }
7 | yield
8 | self.class_eval { private(*saved_private_instance_methods) }
9 | end
10 | end
11 |
12 |
--------------------------------------------------------------------------------
/puppet/modules/eventlogging/templates/devserver.upstart.erb:
--------------------------------------------------------------------------------
1 | #####################################################################
2 | ### THIS FILE IS MANAGED BY PUPPET
3 | #####################################################################
4 |
5 | description "EventLogging Dev Server"
6 |
7 | start on web
8 | respawn
9 |
10 | setuid www-data
11 | setgid www-data
12 |
13 | exec <%= @eventlogging_path %>/virtualenv/bin/eventlogging-devserver --append-to <%= @output_file %>
14 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/phabricator.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::phabricator
2 | # Phabricator is an open source collection of web applications which help
3 | # software companies build better software.
4 | #
5 | # *Note*: The application is provisioned using an Apache named virtual host.
6 | # Once the role is enabled and provisioned use the URL
7 | # http://phabricator.local.wmftest.net:8080/ to access the site.
8 | class role::phabricator {
9 | include ::phabricator
10 | }
11 |
--------------------------------------------------------------------------------
/puppet/modules/varnish/templates/upstart.erb:
--------------------------------------------------------------------------------
1 | #####################################################################
2 | ### THIS FILE IS MANAGED BY PUPPET
3 | #####################################################################
4 |
5 | description "Varnish"
6 |
7 | start on mediawiki-ready
8 | respawn
9 |
10 | setuid varnish
11 | setgid varnish
12 |
13 | exec /usr/local/sbin/varnishd -a :6081 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m -F
--------------------------------------------------------------------------------
/lib/mediawiki-vagrant/destroy.rb:
--------------------------------------------------------------------------------
1 | require 'mediawiki-vagrant/environment'
2 |
3 | module MediaWikiVagrant
4 | class Destroy
5 | def initialize(app, env)
6 | @app = app
7 | @mwv = Environment.new(env[:root_path] || env[:cwd])
8 | end
9 |
10 | def call(env)
11 | if @mwv.valid?
12 | env[:ui].info 'Removing puppet created files...'
13 | @mwv.purge_puppet_created_files
14 | end
15 | @app.call(env)
16 | end
17 | end
18 | end
19 |
--------------------------------------------------------------------------------
/puppet/modules/apache/files/conf/fcgi_headers.conf:
--------------------------------------------------------------------------------
1 | # Apache with mod_proxy_fcgi and apache_get_headers() do not play well toghether
2 | # So this is a hack to make that function work as expected.
3 | # See production patches at:
4 | # https://gerrit.wikimedia.org/r/#/c/175952/
5 | # https://gerrit.wikimedia.org/r/#/c/175975/
6 | SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
7 | SetEnvIf Content-Type "(.*)" HTTP_CONTENT_TYPE=$1
8 | SetEnvIf Content-Length "(.*)" HTTP_CONTENT_LENGTH=$1
9 |
--------------------------------------------------------------------------------
/puppet/modules/crm/manifests/drush.pp:
--------------------------------------------------------------------------------
1 | # == Class: crm::drush
2 | #
3 | # Drush commandline Drupal manipulation
4 | #
5 | class crm::drush( $root ) {
6 | include ::crm
7 |
8 | require_package('drush')
9 |
10 | # FIXME: Correctly handle path everywhere.
11 | $wrapper = '/usr/local/bin/drush'
12 |
13 | file { $wrapper:
14 | ensure => present,
15 | mode => '0755',
16 | content => template('crm/drush-wrapper.sh.erb'),
17 | }
18 | }
19 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/abusefilter/settings.php.erb:
--------------------------------------------------------------------------------
1 | $wgGroupPermissions['sysop']['abusefilter-modify'] = true;
2 | $wgGroupPermissions['*']['abusefilter-log-detail'] = true;
3 | $wgGroupPermissions['*']['abusefilter-view'] = true;
4 | $wgGroupPermissions['*']['abusefilter-log'] = true;
5 | $wgGroupPermissions['sysop']['abusefilter-private'] = true;
6 | $wgGroupPermissions['sysop']['abusefilter-modify-restricted'] = true;
7 | $wgGroupPermissions['sysop']['abusefilter-revert'] = true;
8 |
9 |
--------------------------------------------------------------------------------
/puppet/modules/xvfb/templates/xvfb.conf.erb:
--------------------------------------------------------------------------------
1 | # xvfb - X virtual framebuffer
2 | #
3 | # Xvfb or X virtual framebuffer is an X11 server that performs all
4 | # graphical operations in memory, not showing any screen output.
5 | #
6 | description "X virtual framebuffer"
7 |
8 | start on (local-filesystems and net-device-up IFACE!=lo)
9 |
10 | setuid xvfb
11 | setgid xvfb
12 |
13 | respawn
14 | respawn limit 10 5
15 |
16 | exec Xvfb :<%= @display %> -screen 0 <%= @resolution %> -ac
17 |
--------------------------------------------------------------------------------
/support/setup.rb:
--------------------------------------------------------------------------------
1 | # Cross-platform setup script for MediaWiki-Vagrant.
2 | #
3 |
4 | $LOAD_PATH << File.expand_path('../../lib', __FILE__)
5 |
6 | require 'mediawiki-vagrant/setup'
7 |
8 | begin
9 | setup = MediaWikiVagrant::Setup.new(ARGV.shift)
10 | setup.run
11 | rescue OptionParser::InvalidOption => e
12 | STDERR.puts e
13 | STDERR.puts setup.options
14 | rescue MediaWikiVagrant::Setup::ExecutionError => e
15 | STDERR.puts e
16 | exit e.status.exitstatus
17 | end
18 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/zend.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::zend
2 | # This role will configure your MediaWiki instance to run using
3 | # Zend PHP.
4 | class role::zend {
5 | include ::mediawiki::phpsh
6 |
7 | # Define a 'ZEND' parameter for Apache checks.
8 | apache::def { 'ZEND': }
9 |
10 | env::alternative { 'zend_as_default_php':
11 | alternative => 'php',
12 | target => '/usr/bin/php5',
13 | priority => 25,
14 | }
15 | }
16 |
--------------------------------------------------------------------------------
/puppet/modules/statsd/files/statsd-json-backend.js:
--------------------------------------------------------------------------------
1 | // THIS FILE IS MANAGED BY PUPPET
2 |
3 | // Simple statsd backend to show last flush in a file in proper
4 | // JSON format so it can be processed by tools like jq
5 |
6 | var fs = require('fs');
7 |
8 | exports.init = function(startup_time, config, events) {
9 | events.on('flush', function(timestamp, metrics) {
10 | fs.writeFile('/vagrant/logs/statsd.json', JSON.stringify(metrics));
11 | });
12 |
13 | return true;
14 | };
15 |
--------------------------------------------------------------------------------
/puppet/modules/statsd/templates/upstart.conf.erb:
--------------------------------------------------------------------------------
1 | # vim: set ft=upstart:
2 |
3 | # This file is managed by Puppet
4 | # Upstart init script for statsd
5 |
6 | description "statsd service"
7 |
8 | start on mediawiki-ready
9 | stop on runlevel [016]
10 |
11 | setuid "www-data"
12 | setgid "www-data"
13 |
14 | env NODE_PATH="<%= @dir %>/node_modules"
15 |
16 | chdir "<%= @dir %>"
17 | exec /usr/bin/nodejs stats.js <%= @dir %>/config.js > <%= @logdir %>/statsd.log
18 |
19 | respawn
20 |
21 |
--------------------------------------------------------------------------------
/puppet/modules/cgroup/files/cgrulesengd.conf:
--------------------------------------------------------------------------------
1 | #####################################################################
2 | ### THIS FILE IS MANAGED BY PUPPET
3 | #####################################################################
4 |
5 | description "cgrulesengd"
6 |
7 | pre-start exec /usr/sbin/cgconfigparser -l /etc/cgconfig.conf
8 |
9 | start on (local-filesystems and net-device-up IFACE!=lo)
10 | respawn
11 |
12 | setuid root
13 | setgid root
14 |
15 | exec /usr/sbin/cgrulesengd --nodaemon
--------------------------------------------------------------------------------
/puppet/modules/mysql/templates/my.cnf.erb:
--------------------------------------------------------------------------------
1 | # MySQL client configuration.
2 | # This file is managed by Puppet.
3 | #
4 | [client]
5 | user = "root"
6 | password = "<%= @root_password %>"
7 |
8 | [mysql]
9 | pager = "less -inSFX"
10 | prompt = "(\R:\m)\_\u@\h:[\d]>\_"
11 | <% if @default_db_name -%>
12 | database = "<%= @default_db_name %>"
13 | <% end -%>
14 | local-infile=1
15 | comments = true
16 | show-warnings = true
17 | default-character-set = utf8
18 |
19 | [mysqld]
20 | local-infile=1
21 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/kartographerwv.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::kartographerwv
2 | # Configures Kartographer with Wikivoyage customizations, an extension for display maps in wiki pages
3 | class role::kartographerwv {
4 |
5 | include ::role::kartographer
6 |
7 | mediawiki::settings { 'KartographerWV':
8 |
9 | values => {
10 | 'wgKartographerWikivoyageMode' => true,
11 | 'wgKartographerUseMarkerStyle' => true,
12 | },
13 | }
14 |
15 | }
16 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/templates/docroot/w/defines.php.erb:
--------------------------------------------------------------------------------
1 | ' );
8 | define( 'MULTIVER_404SCRIPT_PATH_HOME', '<%= @script_dir %>/missing.php' );
9 | define( 'MULTIVER_404SCRIPT_PATH_APACHE', MULTIVER_404SCRIPT_PATH_HOME );
10 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/templates/rc.php.erb:
--------------------------------------------------------------------------------
1 | MediaWiki codebase
7 | # 'phpsh -c none' -> Vanilla PHP
8 | #
9 | # This file is managed by Puppet.
10 | #
11 | switch ($___phpsh___codebase_mode) {
12 | case '':
13 | // MediaWiki codebase mode
14 | chdir( '<%= scope["mediawiki::dir"] %>' );
15 | include_once 'index.php';
16 | break;
17 | case 'none':
18 | // Vanilla PHP
19 | break;
20 | }
21 |
--------------------------------------------------------------------------------
/puppet/modules/openldap/templates/ldap.conf.erb:
--------------------------------------------------------------------------------
1 | #####################################################################
2 | ### THIS FILE IS MANAGED BY PUPPET
3 | ### puppet:///modules/openldap/templates/ldap.conf.erb
4 | ###################################################################
5 |
6 | # See ldap.conf(5) for details
7 | # This file should be world readable but not world writable.
8 |
9 | BASE <%= @suffix %>
10 | URI ldap://127.0.0.1
11 |
12 | # Do not derefernce aliases
13 | DEREF never
14 |
--------------------------------------------------------------------------------
/puppet/modules/puppet/manifests/agent.pp:
--------------------------------------------------------------------------------
1 | # == Class: puppet::agent
2 | #
3 | # Provision puppet agent service.
4 | #
5 | # === Parameters
6 | #
7 | # [*ensure*]
8 | # Whether the puppet agent should be running.
9 | #
10 | # [*enable*]
11 | # Whether the puppet agent service should be enabled to start at boot.
12 | #
13 | class puppet::agent(
14 | $ensure,
15 | $enable,
16 | ) {
17 | service { 'puppet':
18 | ensure => $ensure,
19 | enable => $enable,
20 | }
21 | }
22 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/jsonconfig.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::jsonconfig
2 | # The extension that allows other extensions to store JSON text in wiki pages
3 | # See http://www.mediawiki.org/wiki/Extension:JsonConfig
4 | class role::jsonconfig {
5 | include ::role::codeeditor # optional - looks better for editing
6 |
7 | mediawiki::extension { 'JsonConfig':
8 | # Ensure that extensions that use JsonConfig will load later.
9 | priority => $::LOAD_EARLY,
10 | }
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/pipeescape.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::pipeescape
2 | # The PipeEscape extension allows for pipe characters in parser function
3 | # arguments (and template argument calls) avoid being interpreted as an
4 | # argument delimiter. This is primarily for the purpose of using wiki tables
5 | # (or parts thereof) inside parser function calls or templates.
6 | class role::pipeescape {
7 |
8 | require ::role::mediawiki
9 |
10 | mediawiki::extension { 'PipeEscape': }
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/swift.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::swift
2 | # Installs a Swift instance
3 | #
4 | class role::swift {
5 | require ::role::mediawiki
6 | require ::role::memcached
7 | include ::swift
8 |
9 | mediawiki::settings { 'swift':
10 | values => template('swift/conf.php.erb'),
11 | }
12 |
13 | apache::site_conf { 'swift':
14 | site => $::mediawiki::wiki_name,
15 | content => template('role/swift/apache2.conf.erb'),
16 | }
17 | }
18 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/wikidiff2.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::wikidiff2
2 | # Installs wikidiff2 package that speeds up diff generation in MediaWiki
3 | # and configures MW to use it
4 |
5 | class role::wikidiff2 {
6 | require_package('php-wikidiff2')
7 |
8 | mediawiki::settings { 'wikidiff2':
9 | ensure => present,
10 | require => Package['php-wikidiff2'],
11 | values => {
12 | 'wgExternalDiffEngine' => 'wikidiff2',
13 | },
14 | }
15 | }
16 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/vectorbeta.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::vectorbeta
2 | #
3 | # The VectorBeta extension adds alterations to the Vector skin
4 | # to the list of the beta features.
5 | #
6 | class role::vectorbeta {
7 | include ::role::eventlogging
8 | include ::role::betafeatures
9 |
10 | mediawiki::extension { 'VectorBeta':
11 | settings => {
12 | wgVectorBetaPersonalBar => true,
13 | wgVectorBetaWinter => true,
14 | }
15 | }
16 | }
17 |
--------------------------------------------------------------------------------
/puppet/modules/apparmor/templates/usr.bin.redis-server.erb:
--------------------------------------------------------------------------------
1 | # Last Modified: Wed Apr 23 00:50:18 2014
2 | #include
3 |
4 | /usr/bin/redis-server {
5 | #include
6 |
7 | network inet stream,
8 |
9 |
10 | /etc/redis/redis.conf r,
11 | /proc/*/smaps r,
12 | /proc/sys/vm/overcommit_memory r,
13 | /run/redis/redis-server.pid w,
14 | <%= scope['::redis::dir'] %>/*.rdb rw,
15 | /usr/bin/redis-server mr,
16 | /var/log/redis/redis-server.log w,
17 |
18 | }
19 |
--------------------------------------------------------------------------------
/puppet/modules/sentry/templates/upstart-server.erb:
--------------------------------------------------------------------------------
1 | #####################################################################
2 | ### THIS FILE IS MANAGED BY PUPPET
3 | #####################################################################
4 |
5 | description "Sentry error log tracker (web interface)"
6 |
7 | start on mediawiki-ready
8 | respawn
9 |
10 | env SENTRY_CONF="<%= @cfg_file %>"
11 | export SENTRY_CONF
12 |
13 | setuid www-data
14 | setgid www-data
15 |
16 | exec <%= @deploy_dir %>/bin/sentry start
17 |
--------------------------------------------------------------------------------
/lib/mediawiki-vagrant/plugin_environment.rb:
--------------------------------------------------------------------------------
1 | require 'mediawiki-vagrant/environment'
2 |
3 | module MediaWikiVagrant
4 | module PluginEnvironment
5 | def initialize(*args)
6 | super
7 | env = @env || @machine.env
8 | @mwv = Environment.new(env.root_path || env.cwd)
9 | end
10 |
11 | # Whether we're sending output to an interactive terminal.
12 | #
13 | # @return [true, false]
14 | #
15 | def interactive_out?
16 | $stdout.tty?
17 | end
18 | end
19 | end
20 |
--------------------------------------------------------------------------------
/puppet/modules/contenttranslation/templates/cxserver.conf.erb:
--------------------------------------------------------------------------------
1 | # vim: set ft=upstart:
2 |
3 | # Upstart job configuration for cxserver
4 | # This file is managed by Puppet
5 |
6 | description "cxserver service"
7 |
8 | start on (local-filesystems and net-device-up IFACE!=lo)
9 | stop on runlevel [!2345]
10 |
11 | setuid "www-data"
12 | setgid "www-data"
13 |
14 | env NODE_PATH="<%= @dir %>/node_modules"
15 |
16 | chdir "<%= @dir %>"
17 | exec node src/Server.js --num-workers <%= @workers %>
18 |
19 | respawn
20 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/cldr.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::cldr
2 | # The CLDR extension provides functions to localize the names of languages,
3 | # countries, and currencies based on their language code, using data extracted
4 | # from the Common Locale Data Repository (CLDR), a project of the Unicode
5 | # Consortium to provide locale data in the XML format for use in computer
6 | # applications.
7 | class role::cldr {
8 | mediawiki::extension { 'cldr':
9 | priority => $::LOAD_LATER,
10 | }
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/imagemetrics.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::imagemetrics
2 | # Configures ImageMetrics, a MediaWiki extension that makes client-side
3 | # image usage and performance measurements via the EventLogging API.
4 | class role::imagemetrics {
5 | include ::role::eventlogging
6 |
7 | mediawiki::extension { 'ImageMetrics':
8 | settings => {
9 | wgImageMetricsSamplingFactor => 1,
10 | wgImageMetricsCorsSamplingFactor => 1,
11 | },
12 | }
13 | }
14 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/wikimediamessages.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::wikimediamessages
2 | # Provisions the WikimediaMessages[1] extension, which adds Wikimedia specific
3 | # messages and grammar, as well as Wikimedia specific overrides for license
4 | # related messages.
5 | #
6 | # [1]https://www.mediawiki.org/wiki/Extension:WikimediaMessages
7 | class role::wikimediamessages {
8 | mediawiki::extension { 'WikimediaMessages':
9 | settings => template('role/wikimediamessages/conf.php.erb')
10 | }
11 | }
12 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/phptags.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::phptags
2 | # Configures PhpTags, an extension that implements the concept of Magic
3 | # expressions with PHP language syntax in MediaWiki.
4 | #
5 | class role::phptags {
6 | mediawiki::extension { 'PhpTags': }
7 |
8 | mediawiki::extension { 'PhpTagsFunctions':
9 | require => Mediawiki::Extension['PhpTags'],
10 | }
11 | mediawiki::extension { 'PhpTagsWiki':
12 | require => Mediawiki::Extension['PhpTags'],
13 | }
14 | }
15 |
--------------------------------------------------------------------------------
/puppet/modules/sentry/templates/upstart-worker.erb:
--------------------------------------------------------------------------------
1 | #####################################################################
2 | ### THIS FILE IS MANAGED BY PUPPET
3 | #####################################################################
4 |
5 | description "Sentry error log tracker (worker)"
6 |
7 | start on mediawiki-ready
8 | respawn
9 |
10 | env SENTRY_CONF="<%= @cfg_file %>"
11 | export SENTRY_CONF
12 |
13 | setuid www-data
14 | setgid www-data
15 |
16 | exec <%= @deploy_dir %>/bin/sentry celery worker -B
17 |
18 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/lib/puppet/parser/functions/min.rb:
--------------------------------------------------------------------------------
1 | module Puppet::Parser::Functions
2 | newfunction(:min, :type => :rvalue, :doc => <<-EOS
3 | Returns the lowest value of all arguments.
4 | Requires at least one argument.
5 | EOS
6 | ) do |args|
7 |
8 | raise(Puppet::ParseError, "min(): Wrong number of arguments " +
9 | "need at least one") if args.size == 0
10 |
11 | result = args.map(&:to_f).min
12 | return result.to_i == result ? result.to_i : result
13 | end
14 | end
15 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/sal/apache.conf.erb:
--------------------------------------------------------------------------------
1 | ServerName <%= @vhost_name %>
2 |
3 | DocumentRoot <%= @dir %>/public
4 |
5 |
6 | Options FollowSymLinks
7 | AllowOverride None
8 | Require all denied
9 |
10 |
11 | /public>
12 | Require all granted
13 | RewriteEngine On
14 | RewriteCond %{REQUEST_FILENAME} !-f
15 | RewriteRule "^.*" index.php/$0 [L,PT]
16 |
17 |
18 | <% @env.each do |key, val| %>
19 | SetEnv <%= key %> <%= val %>
20 | <% end %>
21 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/wikitech/Private.php.erb:
--------------------------------------------------------------------------------
1 | $wgLDAPProxyAgent = array( 'labs' => 'cn=proxyagent,ou=profile,dc=wikimedia,dc=org' );
2 | $wgLDAPProxyAgentPassword = array( 'labs' => 'redacted' );
3 | $wgLDAPWriterDN = array( 'labs' => 'uid=novaadmin,ou=people,dc=wikimedia,dc=org' );
4 | $wgLDAPWriterPassword = array( 'labs' => 'redacted' );
5 | $wgOpenStackManagerLDAPUser = 'uid=novaadmin,ou=people,dc=wikimedia,dc=org';
6 | $wgOpenStackManagerLDAPUsername = 'novaadmin';
7 | $wgOpenStackManagerLDAPUserPassword = 'redacted';
8 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/manifests/init.pp:
--------------------------------------------------------------------------------
1 | # Class: stdlib
2 | #
3 | # This module manages stdlib. Most of stdlib's features are automatically
4 | # loaded by Puppet, but this class should be declared in order to use the
5 | # standardized run stages.
6 | #
7 | # Parameters: none
8 | #
9 | # Actions:
10 | #
11 | # Declares all other classes in the stdlib module. Currently, this consists
12 | # of stdlib::stages.
13 | #
14 | # Requires: nothing
15 | #
16 | class stdlib {
17 |
18 | class { 'stdlib::stages': }
19 |
20 | }
21 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/oauth/check.sql.erb:
--------------------------------------------------------------------------------
1 | USE <%= scope.lookupvar('::mediawiki::db_name') %>;
2 | SELECT count(*)
3 | FROM oauth_registered_consumer
4 | WHERE oarc_consumer_key = '<%= @consumer_key %>'
5 | AND oarc_callback_url = '<%= @callback_url %>'
6 | AND oarc_secret_key = '<%= @secret_key %>'
7 | AND oarc_grants = '<%= @grants_json %>'
8 | AND oarc_restrictions = '<%= @restrictions_json %>'
9 | AND oarc_callback_is_prefix = <%= @is_prefix ? 1 : 0 %>
10 | AND oarc_owner_only = <%= @owner_only ? 1 : 0 %>;
11 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/quips/apache.conf.erb:
--------------------------------------------------------------------------------
1 | ServerName <%= @vhost_name %>
2 |
3 | DocumentRoot <%= @dir %>/public
4 |
5 |
6 | Options FollowSymLinks
7 | AllowOverride None
8 | Require all denied
9 |
10 |
11 | /public>
12 | Require all granted
13 | RewriteEngine On
14 | RewriteCond %{REQUEST_FILENAME} !-f
15 | RewriteRule "^.*" index.php/$0 [L,PT]
16 |
17 |
18 | <% @env.each do |key, val| %>
19 | SetEnv <%= key %> <%= val %>
20 | <% end %>
21 |
--------------------------------------------------------------------------------
/setup.bat:
--------------------------------------------------------------------------------
1 | @echo off
2 |
3 | rem Finds the Ruby embedded with Vagrant and executes setup.rb
4 |
5 | where /q vagrant.exe
6 |
7 | if errorlevel 1 (
8 | echo "Vagrant doesn't seem to be installed. Please download and install it"
9 | echo "from http://www.vagrantup.com/downloads.html and re-run setup.bat."
10 | echo.
11 | pause
12 | exit /b 1
13 | )
14 |
15 | for /f "tokens=*" %%F in ('where vagrant.exe') do set vagrant=%%F
16 |
17 | "%vagrant%\..\..\embedded\bin\ruby.exe" "%~dp0\support\setup.rb" "%0" %*
18 |
--------------------------------------------------------------------------------
/puppet/modules/logstash/templates/output/elasticsearch.erb:
--------------------------------------------------------------------------------
1 | output {
2 | <%- if @require_tag %>if "<%= @require_tag %>" in [tags] {<% end -%>
3 | elasticsearch_http {
4 | flush_size => <%= @flush_size %>
5 | host => "<%= @host %>"
6 | idle_flush_time => <%= @idle_flush_time %>
7 | index => "<%= @index %>"
8 | port => <%= @port %>
9 | replication => "<%= @replication %>"
10 | }
11 | <% if @require_tag %>}<% end %>
12 | }
13 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/accountinfo.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::accountinfo
2 | # The AccountInfo extension allows users to look at private information
3 | # that is stored about them. It also includes the CheckUser extension,
4 | # which AccountInfo integrates with.
5 | class role::accountinfo {
6 | include ::role::checkuser
7 |
8 | mediawiki::extension { 'AccountInfo':
9 | settings => {
10 | 'wgPutIPinRC' => true,
11 | },
12 | require => Mediawiki::Extension['CheckUser'],
13 | }
14 | }
15 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/semantictitle.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::semantictitle
2 | # The Semantic Title extension allows an alternate display title to be
3 | # displayed on the title bar of a page and as the link text displayed for
4 | # links to a page
5 | class role::semantictitle {
6 |
7 | require ::role::mediawiki
8 |
9 | mediawiki::extension { 'SemanticTitle':
10 | settings => {
11 | 'wgAllowDisplayTitle' => true,
12 | 'wgRestrictDisplayTitle' => false
13 | }
14 | }
15 | }
16 |
--------------------------------------------------------------------------------
/puppet/modules/smashpig/templates/SmashPig.yaml.erb:
--------------------------------------------------------------------------------
1 | default:
2 | data-store:
3 | pending-db:
4 | inst-args:
5 | - mysql:host=127.0.0.1;dbname=smashpig
6 | - root
7 | - "<%= scope.lookupvar('mysql::root_password') %>"
8 |
9 | adyen:
10 | payment-provider:
11 | adyen:
12 | payments-wsdl: https://pal-test.adyen.com/pal/Payment.wsdl
13 |
14 | paypal:
15 | listener:
16 | postback-url: https://www.sandbox.paypal.com/cgi-bin/webscr
17 |
--------------------------------------------------------------------------------
/lib/mediawiki-vagrant/reload.rb:
--------------------------------------------------------------------------------
1 | require 'mediawiki-vagrant/plugin_environment'
2 |
3 | module MediaWikiVagrant
4 | class Reload < Vagrant.plugin('2', :provisioner)
5 | include PluginEnvironment
6 |
7 | def provision
8 | return unless @mwv.reload?
9 | @mwv.cancel_reload
10 |
11 | @machine.ui.warn 'Reloading vagrant...'
12 |
13 | @machine.action(:reload, {})
14 | sleep 0.5 until @machine.communicate.ready?
15 |
16 | @machine.ui.success 'Vagrant reloaded.'
17 | end
18 | end
19 | end
20 |
--------------------------------------------------------------------------------
/puppet/modules/motd/manifests/init.pp:
--------------------------------------------------------------------------------
1 | # == Class: motd
2 | #
3 | # Module for customizing MOTD (Message of the Day) banners.
4 | #
5 | class motd {
6 | file { '/etc/update-motd.d':
7 | ensure => directory,
8 | recurse => true,
9 | ignore => '9*',
10 | purge => true,
11 | notify => Exec['update_motd'],
12 | }
13 |
14 | exec { 'update_motd':
15 | command => '/bin/run-parts --lsbsysinit /etc/update-motd.d > /run/motd',
16 | refreshonly => true,
17 | }
18 | }
19 |
--------------------------------------------------------------------------------
/puppet/modules/mysql/files/innodb_large_prefix.cnf:
--------------------------------------------------------------------------------
1 | # This file is managed by puppet
2 | # See puppet/modules/mysql/files/innodb_large_prefix.cnf
3 | #
4 | # Enable settings to allow indexing >767 bytes.
5 | #
6 | # Tables needing innodb_large_prefix support will need to use
7 | # row_format= in their create statements in addition to
8 | # these settings. innodb_default_row_format is not supported until 5.7.9
9 | [mysqld]
10 | innodb_file_per_table = 1
11 | innodb_file_format = barracuda
12 | innodb_large_prefix = 1
13 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/externalstore/conf.php.erb:
--------------------------------------------------------------------------------
1 | $wgExternalServers['external'] = array(
2 | array(
3 | 'host' => '<%= @db_host %>',
4 | 'user' => '<%= @db_user %>',
5 | 'password' => '<%= @db_pass %>',
6 | 'dbname' => '<%= @db_name %>',
7 | 'type' => 'mysql',
8 | 'load' => 1,
9 | 'flags' => DBO_DEBUG | DBO_DEFAULT,
10 | ),
11 | );
12 |
13 | $wgExternalStores = array( 'DB' );
14 | $wgDefaultExternalStore = array( 'DB://external' ); // = $wgExternalServers['external']
15 |
--------------------------------------------------------------------------------
/puppet/modules/service/templates/node/upstart.conf.erb:
--------------------------------------------------------------------------------
1 | # This file is managed by Puppet
2 | # Upstart init script for <%= @title %>
3 |
4 | description "<%= @title %> service"
5 |
6 | start on mediawiki-ready
7 | stop on runlevel [016]
8 |
9 | setuid "www-data"
10 | setgid "www-data"
11 |
12 | env <%= @title.gsub(/[^a-zA-Z0-9_]/, '_').upcase %>_PORT="<%= @port %>"
13 | env NODE_PATH="<%= @dir %>/node_modules"
14 |
15 | chdir "<%= @dir %>"
16 | exec /usr/bin/nodejs <%= @script %> -c <%= @dir %>/config.vagrant.yaml
17 |
18 | respawn
19 |
20 |
--------------------------------------------------------------------------------
/puppet/modules/iegreview/templates/apache.conf.erb:
--------------------------------------------------------------------------------
1 | ServerName <%= @vhost_name %>
2 | ServerAdmin "https://meta.wikimedia.org/wiki/Grants:IEG"
3 |
4 | DocumentRoot <%= @deploy_dir %>/public
5 |
6 |
7 | Options FollowSymLinks
8 | AllowOverride None
9 | Require all denied
10 |
11 |
12 | /public>
13 | Require all granted
14 |
15 |
16 |
17 | RewriteEngine On
18 | RewriteCond %{REQUEST_FILENAME} !-f
19 | RewriteRule .* index.php/$0 [L,PT]
20 |
21 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/wikimediamessages/conf.php.erb:
--------------------------------------------------------------------------------
1 | include_once "$IP/extensions/WikimediaMessages/WikimediaLicenseTexts.php";
2 |
3 | // This is the default in InitialiseSettings.php and triggers special
4 | // behavior in WikimediaMessagesHooks::onSkinCopyrightFooter.
5 | $wgRightsUrl = '//creativecommons.org/licenses/by-sa/3.0/';
6 |
7 | // These are also defaults in InitialiseSettings.php.
8 | $wgRightsText = 'Creative Commons Attribution-Share Alike 3.0';
9 | $wgRightsIcon = '//creativecommons.org/images/public/somerights20.png';
10 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/thumb_on_404.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::thumb_on_404
2 | # This class configures MediaWiki to generate image thumbnails automatically
3 | # when an existing thumbnail is not found in cache.
4 | class role::thumb_on_404 {
5 | require ::role::mediawiki
6 |
7 | require_package('imagemagick')
8 |
9 | role::thumb_on_404::multiwiki { $::mediawiki::wiki_name:
10 | images_url => '/images',
11 | images_dir => "${::mwv::files_dir}/images",
12 | wiki => $::mediawiki::wiki_db,
13 | }
14 | }
15 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/files/main_page.wiki:
--------------------------------------------------------------------------------
1 |
10 | {{Main Page}}
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/abusefilter.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::abusefilter
2 | # Installs the [AbuseFilter][1] extension which allows privileged
3 | # users to set specific controls on actions by users, such as
4 | # edits, and create automated reactions for certain behaviors.
5 | #
6 | # [1] https://www.mediawiki.org/wiki/Extension:AbuseFilter
7 | #
8 | class role::abusefilter {
9 | mediawiki::extension { 'AbuseFilter':
10 | settings => template('role/abusefilter/settings.php.erb'),
11 | needs_update => true,
12 | }
13 | }
14 |
15 |
--------------------------------------------------------------------------------
/puppet/modules/mysql/manifests/large_prefix.pp:
--------------------------------------------------------------------------------
1 | # == Class: mysql::large_prefix
2 | #
3 | # Configures innodb_large_prefix support.
4 | #
5 | class mysql::large_prefix{
6 | include ::mysql
7 |
8 | file { '/etc/mysql/conf.d/innodb_large_prefix.cnf':
9 | ensure => 'file',
10 | owner => 'root',
11 | group => 'root',
12 | mode => '0444',
13 | source => 'puppet:///modules/mysql/innodb_large_prefix.cnf',
14 | require => Package['mysql-server'],
15 | notify => Service['mysql'],
16 | }
17 | }
18 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/lockdown.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::lockdown
2 | #
3 | # Harden a wiki by disabling account creation and blocking anon edits. This
4 | # can be handy for a testing wiki in Wikimedia Labs.
5 | #
6 | class role::lockdown {
7 | include ::role::mediawiki
8 |
9 | mediawiki::settings { 'lockdown':
10 | values => template('role/lockdown/settings.php.erb'),
11 | }
12 |
13 | mediawiki::import::text { 'VagrantRoleLockdown':
14 | content => template('role/lockdown/VagrantRoleLockdown.wiki.erb'),
15 | }
16 | }
17 |
--------------------------------------------------------------------------------
/Gemfile:
--------------------------------------------------------------------------------
1 | source 'https://rubygems.org'
2 |
3 | group :development do
4 | # Upstream no more updates rubygems.org and we need a more recent version
5 | # https://github.com/mitchellh/vagrant/issues/5546
6 | gem 'vagrant', git: 'https://github.com/mitchellh/vagrant.git', tag: 'v1.8.1'
7 |
8 | gem 'rubocop', '~> 0.35.1', require: false
9 | gem 'puppet-lint', '1.1.0'
10 | gem 'rake', '~> 10.4.2'
11 | end
12 |
13 | group :development, :test do
14 | gem 'fakefs', '~> 0.6.5'
15 | gem 'pry-byebug'
16 | end
17 |
18 | group :plugins do
19 | gemspec
20 | end
21 |
--------------------------------------------------------------------------------
/puppet/modules/misc/templates/xdebug.erb:
--------------------------------------------------------------------------------
1 | # Enable/disable Xdebug for PHP CLI scripts.
2 | # This file is managed by Puppet.
3 |
4 | xdebug_on() {
5 | # http://xdebug.org/docs/remote#starting
6 | export XDEBUG_CONFIG='idekey=xdebug remote_host=<%= scope['host_ip'] %>'
7 | # http://blog.jetbrains.com/webide/2012/03/new-in-4-0-easier-debugging-of-remote-php-command-line-scripts/
8 | export PHP_IDE_CONFIG='serverName=<%= scope['::role::mediawiki::hostname'] %>'
9 | }
10 | xdebug_off() {
11 | unset XDEBUG_CONFIG
12 | unset PHP_IDE_CONFIG
13 | }
14 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/babel.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::babel
2 | # On Wikimedia projects, the noun Babel (in reference to the Tower of Babel)
3 | # refers to the texts on user pages aiding multilingual communication by making
4 | # it easier to contact someone who speaks a certain language. The idea
5 | # originated on the Wikimedia Commons and has also been implemented on many
6 | # other wikis.
7 | class role::babel {
8 | include ::role::cldr
9 |
10 | mediawiki::extension { 'Babel':
11 | require => Mediawiki::Extension['cldr'],
12 | }
13 | }
14 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/trafficserver.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::trafficserver
2 | #
3 | # Installs an Apache Traffic Server instance, which only caches thumbnails
4 | # generated by thumbor.
5 | #
6 | class role::trafficserver {
7 | include ::role::thumbor
8 | include ::trafficserver
9 |
10 | mediawiki::settings { 'trafficserver':
11 | values => {
12 | 'wgUploadBaseUrl' => 'http://127.0.0.1:6090',
13 | 'wgUseSquid' => true,
14 | 'wgSquidServers' => [ '127.0.0.1:6090' ],
15 | }
16 | }
17 | }
18 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/parsoid/vrs.php.erb:
--------------------------------------------------------------------------------
1 |
2 | if( !isset( $wgVirtualRestConfig ) ) {
3 | $wgVirtualRestConfig = array(
4 | 'modules' => array(),
5 | 'global' => array(
6 | 'timeout' => 360,
7 | 'forwardCookies' => false,
8 | 'HTTPProxy' => null
9 | )
10 | );
11 | }
12 |
13 | $wgVirtualRestConfig['modules']['parsoid'] = array(
14 | 'url' => 'http://localhost:<%= scope.lookupvar('::parsoid::port') %>',
15 | 'domain' => '<%= scope.lookupvar('::parsoid::domain') %>',
16 | 'forwardCookies' => true,
17 | 'restbaseCompat' => false
18 | );
19 |
20 |
--------------------------------------------------------------------------------
/puppet/modules/scholarships/templates/apache.conf.erb:
--------------------------------------------------------------------------------
1 | ServerName <%= @vhost_name %>
2 | ServerAdmin "https://www.mediawiki.org/wiki/Wikimania_Scholarships_app"
3 |
4 | DocumentRoot <%= @deploy_dir %>/public
5 |
6 |
7 | Options FollowSymLinks
8 | AllowOverride None
9 | Require all denied
10 |
11 |
12 | /public>
13 | Require all granted
14 |
15 |
16 |
17 | RewriteEngine On
18 | RewriteCond %{REQUEST_FILENAME} !-f
19 | RewriteRule .* index.php/$0 [L,PT]
20 |
21 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/semanticresultformats.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::semanticresultformats
2 | # The Semantic Result Formats extension, used in conjunction with the Semantic
3 | # MediaWiki extension, bundles a number of further result formats for SMW's
4 | # inline queries
5 | class role::semanticresultformats {
6 |
7 | require ::role::mediawiki
8 | require ::role::semanticmediawiki
9 |
10 | mediawiki::composer::require { 'SemanticResultFormats':
11 | package => 'mediawiki/semantic-result-formats',
12 | version => '*'
13 | }
14 | }
15 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/restbase/vrs.php.erb:
--------------------------------------------------------------------------------
1 |
2 | if( !isset( $wgVirtualRestConfig ) ) {
3 | $wgVirtualRestConfig = array(
4 | 'modules' => array(),
5 | 'global' => array(
6 | 'timeout' => 360,
7 | 'forwardCookies' => false,
8 | 'HTTPProxy' => null
9 | )
10 | );
11 | }
12 |
13 | $wgVirtualRestConfig['modules']['restbase'] = array(
14 | 'url' => 'http://127.0.0.1:<%= scope.lookupvar('::restbase::port') %>',
15 | 'domain' => '<%= scope.lookupvar('::restbase::domain') %>',
16 | 'forwardCookies' => true,
17 | 'parsoidCompat' => false
18 | );
19 |
20 |
--------------------------------------------------------------------------------
/puppet/modules/wmflib/lib/puppet/parser/functions/to_seconds.rb:
--------------------------------------------------------------------------------
1 | # == Function: to_seconds( string $time_spec )
2 | #
3 | # Convert a unit of time expressed as a string to seconds.
4 | #
5 | # === Examples
6 | #
7 | # to_seconds('9000ms') # 9
8 | # to_seconds('1hr') # 3600
9 | # to_seconds('2 days') # 172800
10 | #
11 | module Puppet::Parser::Functions
12 | newfunction(:to_seconds, :type => :rvalue, :arity => 1) do |args|
13 | s = send(Puppet::Parser::Functions.function(:to_milliseconds), args) / 1000.0
14 | s.to_i == s ? s.to_i : s
15 | end
16 | end
17 |
--------------------------------------------------------------------------------
/.gitmodules:
--------------------------------------------------------------------------------
1 | [submodule "puppet/modules/wikimetrics"]
2 | path = puppet/modules/wikimetrics
3 | url = https://gerrit.wikimedia.org/r/operations/puppet/wikimetrics
4 | [submodule "puppet/modules/nginx"]
5 | path = puppet/modules/nginx
6 | url = https://gerrit.wikimedia.org/r/operations/puppet/nginx
7 | [submodule "puppet/modules/mariadb"]
8 | path = puppet/modules/mariadb
9 | url = https://gerrit.wikimedia.org/r/operations/puppet/mariadb
10 | [submodule "puppet/modules/cdh"]
11 | path = puppet/modules/cdh
12 | url = https://gerrit.wikimedia.org/r/operations/puppet/cdh
13 |
--------------------------------------------------------------------------------
/lib/mediawiki-vagrant/run-tests.rb:
--------------------------------------------------------------------------------
1 | module MediaWikiVagrant
2 | class RunTests < Vagrant.plugin(2, :command)
3 | def self.synopsis
4 | "runs MediaWiki's test suite"
5 | end
6 |
7 | def execute
8 | if ['-h', '--help'].include? @argv.first
9 | @env.ui.info 'Usage: vagrant run-tests [tests] [-h]'
10 | return 0
11 | end
12 | opts = { extra_args: @argv.unshift('run-mediawiki-tests') }
13 | with_target_vms(nil, single_target: true) do |vm|
14 | vm.action :ssh, ssh_opts: opts
15 | end
16 | end
17 | end
18 | end
19 |
--------------------------------------------------------------------------------
/puppet/modules/apparmor/files/isitapparmor:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # Part of puppet/manifests/roles/apparmor.pp
3 | # Check and see if apparmor has denied anything recently.
4 |
5 | if [[ $EUID -ne 0 ]]; then
6 | echo "This script must be run as root" 1>&2
7 | exit 1
8 | fi
9 |
10 | REGEX="apparmor=\"DENIED\""
11 | LOGFILE=/var/log/syslog
12 | DCOUNT=$(grep -c "$REGEX" $LOGFILE)
13 |
14 | echo "There are $DCOUNT instances of AppArmor denying applications in $LOGFILE"
15 | if [[ $DCOUNT > 0 ]]; then
16 | echo "Most recent entries:"
17 | grep "$REGEX" $LOGFILE | tail
18 | fi
19 |
--------------------------------------------------------------------------------
/puppet/modules/hhvm/templates/admin-apache-site.erb:
--------------------------------------------------------------------------------
1 | # vim: filetype=apache sts=4 sw=4 autoindent
2 | #
3 | # Apache site configuration for HHVM admin server
4 | # This file is managed by Puppet.
5 | #
6 | ServerName hhvm-admin
7 | ServerAlias <%= @admin_site_name %>
8 | ServerAdmin http://www.mediawiki.org/wiki/Vagrant
9 | DocumentRoot "<%= @docroot %>"
10 | LogLevel error
11 |
12 |
13 | Options FollowSymLinks
14 | AllowOverride None
15 |
16 |
17 | />
18 |
19 |
20 | ProxyPass / fcgi://127.0.0.1:9001/ retry=0
21 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/securepoll.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::securepoll
2 | # This role installs the SecurePoll extension and creates an additional wiki:
3 | #
4 | # _vote.wiki.local.wmftest.net_::
5 | # Wiki where voting happens. Sysops here can create polls.
6 | #
7 | class role::securepoll {
8 | require ::role::mediawiki
9 |
10 | require_package('gnupg')
11 |
12 | mediawiki::extension { 'SecurePoll':
13 | needs_update => true,
14 | settings => template('role/securepoll/conf.php.erb'),
15 | }
16 |
17 | mediawiki::wiki { 'vote': }
18 | }
19 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/livingstyleguide.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::livingstyleguide
2 | # Sets up a 'living style guide' wiki, with the custom Blueprint skin.
3 | # This wiki will be available, by default, at livingstyleguide.
4 | class role::livingstyleguide {
5 | mediawiki::wiki {'livingstyleguide': }
6 |
7 | mediawiki::extension { 'OOUIPlayground':
8 | composer => true,
9 | wiki => 'livingstyleguide',
10 | }
11 |
12 | mediawiki::skin { 'Blueprint':
13 | default => true,
14 | composer => true,
15 | wiki => 'livingstyleguide',
16 | }
17 | }
18 |
--------------------------------------------------------------------------------
/puppet/modules/ruby/manifests/ruby.pp:
--------------------------------------------------------------------------------
1 | # == Define: ruby::ruby
2 | #
3 | # Declare a version of Ruby that should be installed.
4 | #
5 | # === Examples
6 | #
7 | # Make sure Ruby version 1.9.3 is installed.
8 | #
9 | # ruby::ruby { '1.9.3': }
10 | #
11 | define ruby::ruby {
12 | include ruby
13 |
14 | package { "ruby${title}":
15 | ensure => latest,
16 | }
17 |
18 | package { "ruby${title}-dev":
19 | ensure => latest,
20 | }
21 |
22 | ruby::gem { "ruby${title}-bundler":
23 | gem => 'bundler',
24 | ruby => $title,
25 | }
26 | }
27 |
--------------------------------------------------------------------------------
/lib/mediawiki-vagrant/git-update.rb:
--------------------------------------------------------------------------------
1 | module MediaWikiVagrant
2 | class GitUpdates < Vagrant.plugin(2, :command)
3 | def self.synopsis
4 | 'fetches new code from Gerrit'
5 | end
6 |
7 | def execute
8 | if %w(-h --help).include? @argv.first
9 | @env.ui.info 'Usage: vagrant git-update [-h|--help|-f|--force]'
10 | return 0
11 | end
12 |
13 | with_target_vms(nil, single_target: true) do |vm|
14 | opts = { extra_args: @argv.unshift('run-git-update') }
15 | vm.action :ssh, ssh_opts: opts
16 | end
17 | end
18 | end
19 | end
20 |
--------------------------------------------------------------------------------
/puppet/modules/parsoid/templates/localsettings.js.erb:
--------------------------------------------------------------------------------
1 | /**
2 | * Parsoid web service configuration file.
3 | * This file is managed by Puppet.
4 | */
5 | exports.setup = function( parsoidConfig ) {
6 | parsoidConfig.setMwApi( {
7 | prefix: 'localhost',
8 | domain: '<%= @domain %>',
9 | uri: '<%= @uri %>',
10 | } );
11 |
12 | parsoidConfig.usePHPPreProcessor = <%= @use_php_preprocessor %>;
13 | parsoidConfig.useSelser = <%= @use_selser %>;
14 | <%- if @allow_cors -%>
15 | parsoidConfig.allowCORS = '<%= @allow_cors %>';
16 | <%- end %>
17 | };
18 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/thumbor/apache2.conf.erb:
--------------------------------------------------------------------------------
1 | >
2 | RewriteEngine on
3 | RewriteBase "/images/"
4 | RewriteRule "^thumb/(.*)/qlow-(\d+)px-.*\.jpg" "http://127.0.0.1:8888/unsafe/$2x/filters:quality(40):conditional_sharpen(0.6,0.01,false,0.85)/<%= @server_url %>/images/$1" [P]
5 | RewriteRule "^thumb/(.*)/(\d+)px-.*\.jpg" "http://127.0.0.1:8888/unsafe/$2x/filters:quality(87):conditional_sharpen(0.6,0.01,false,0.85)/<%= @server_url %>/images/$1" [P]
6 | RewriteRule "^thumb/(.*)/(\d+)px-.*\.png" "http://127.0.0.1:8888/unsafe/$2x/<%= @server_url %>/images/$1" [P]
7 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/spec/unit/puppet/parser/functions/zip_spec.rb:
--------------------------------------------------------------------------------
1 | #! /usr/bin/env ruby -S rspec
2 | require 'spec_helper'
3 |
4 | describe "the zip function" do
5 | let(:scope) { PuppetlabsSpec::PuppetInternals.scope }
6 |
7 | it "should raise a ParseError if there is less than 1 arguments" do
8 | lambda { scope.function_zip([]) }.should( raise_error(Puppet::ParseError))
9 | end
10 |
11 | it "should be able to zip an array" do
12 | result = scope.function_zip([['1','2','3'],['4','5','6']])
13 | result.should(eq([["1", "4"], ["2", "5"], ["3", "6"]]))
14 | end
15 | end
16 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | /.vagrant
2 | /.bundle
3 | /.gem
4 | /.idea
5 | /.rbenv-version
6 | /.settings.yaml
7 | /.yardoc/
8 | /*.gem
9 | /*.sublime-workspace
10 | /no-update
11 | /Vagrantfile-extra.rb
12 | /LocalSettings.php
13 | /mediawiki/
14 | /mediawiki-*/
15 | /settings.d
16 | !/settings.d/README
17 | !/settings.d/puppet-managed/README
18 | /puppet/manifests/manifests.d
19 | !/puppet/manifests/manifests.d/README
20 | !/puppet/manifests/manifests.d/dummy.pp
21 | /logs
22 | !/logs/puppet/.gitignore
23 | /vagrant.d/
24 | /support/packager/output
25 | /profiles
26 | /node_modules
27 | /tmp
28 | /doc/
29 | /*.iml
30 |
--------------------------------------------------------------------------------
/lib/mediawiki-vagrant/import-dump.rb:
--------------------------------------------------------------------------------
1 | module MediaWikiVagrant
2 | class ImportDump < Vagrant.plugin(2, :command)
3 | def self.synopsis
4 | 'imports an XML file into MediaWiki'
5 | end
6 |
7 | def execute
8 | if ['-h', '--help'].include? @argv.first
9 | @env.ui.info 'Usage: vagrant import-dump dumpfile.xml [-h]'
10 | return 0
11 | end
12 | opts = { extra_args: @argv.unshift('import-mediawiki-dump') }
13 | with_target_vms(nil, single_target: true) do |vm|
14 | vm.action :ssh, ssh_opts: opts
15 | end
16 | end
17 | end
18 | end
19 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/lib/puppet/parser/functions/is_hash.rb:
--------------------------------------------------------------------------------
1 | #
2 | # is_hash.rb
3 | #
4 |
5 | module Puppet::Parser::Functions
6 | newfunction(:is_hash, :type => :rvalue, :doc => <<-EOS
7 | Returns true if the variable passed to this function is a hash.
8 | EOS
9 | ) do |arguments|
10 |
11 | raise(Puppet::ParseError, "is_hash(): Wrong number of arguments " +
12 | "given (#{arguments.size} for 1)") if arguments.size != 1
13 |
14 | type = arguments[0]
15 |
16 | result = type.is_a?(Hash)
17 |
18 | return result
19 | end
20 | end
21 |
22 | # vim: set ts=2 sw=2 et :
23 |
--------------------------------------------------------------------------------
/puppet/modules/npm/manifests/global.pp:
--------------------------------------------------------------------------------
1 | # == Define: npm::global
2 | #
3 | # Resource for installing node.js modules globally
4 | #
5 | define npm::global {
6 | require ::npm
7 |
8 | exec { "npm_global_${title}":
9 | command => "/usr/bin/npm install -g ${title}",
10 | user => 'root',
11 | group => 'root',
12 | creates => "/usr/lib/node_modules/${title}",
13 | environment => [
14 | "NPM_CONFIG_CACHE=${::npm::cache_dir}",
15 | 'NPM_CONFIG_GLOBAL=false',
16 | 'LINK=g++',
17 | ],
18 | }
19 | }
20 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/psr3.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::psr3
2 | # Sets up PSR-3 structured logging (similar to how it is done on Wikimedia wikis)
3 | #
4 | class role::psr3 {
5 | mediawiki::composer::require { 'monolog/monolog for psr3 role':
6 | package => 'monolog/monolog',
7 | version => '~1.18.2',
8 | }
9 |
10 | mediawiki::settings { 'psr3': # the elk role depends on this
11 | priority => 1,
12 | values => template('role/psr3/settings.php.erb'),
13 | require => Mediawiki::Composer::Require['monolog/monolog for psr3 role'],
14 | }
15 | }
16 |
17 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/questycaptcha.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::questycaptcha
2 | #
3 | # Provision ConfirmEdit and enable the QuestyCaptcha plugin.
4 | #
5 | class role::questycaptcha {
6 | require ::role::confirmedit
7 | include ::role::mediawiki
8 |
9 | mediawiki::settings { 'QuestyCaptcha':
10 | values => template('role/questycaptcha/settings.php.erb'),
11 | priority => $::LOAD_LATER,
12 | }
13 |
14 | mediawiki::import::text { 'VagrantRoleQuestyCaptcha':
15 | content => template('role/questycaptcha/VagrantRoleQuestyCaptcha.wiki.erb'),
16 | }
17 | }
18 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/score.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::score
2 | # This role provisions the
3 | # Score[https://www.mediawiki.org/wiki/Extension:Score] extension, which
4 | # renders musical notation via GNU LilyPond.
5 | #
6 | class role::score {
7 | include ::role::multimedia
8 |
9 | require_package('lilypond', 'timidity', 'freepats')
10 |
11 | mediawiki::extension { 'Score':
12 | needs_update => true,
13 | require => [
14 | Package['lilypond'],
15 | Package['timidity'],
16 | Package['freepats'],
17 | ],
18 | }
19 | }
20 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/lib/puppet/parser/functions/is_array.rb:
--------------------------------------------------------------------------------
1 | #
2 | # is_array.rb
3 | #
4 |
5 | module Puppet::Parser::Functions
6 | newfunction(:is_array, :type => :rvalue, :doc => <<-EOS
7 | Returns true if the variable passed to this function is an array.
8 | EOS
9 | ) do |arguments|
10 |
11 | raise(Puppet::ParseError, "is_array(): Wrong number of arguments " +
12 | "given (#{arguments.size} for 1)") if arguments.size < 1
13 |
14 | type = arguments[0]
15 |
16 | result = type.is_a?(Array)
17 |
18 | return result
19 | end
20 | end
21 |
22 | # vim: set ts=2 sw=2 et :
23 |
--------------------------------------------------------------------------------
/puppet/modules/wmflib/lib/puppet/parser/functions/validate_ensure.rb:
--------------------------------------------------------------------------------
1 | # == Function: validate_ensure( string $ensure )
2 | #
3 | # Throw an error if the $ensure argument is not 'present' or 'absent'.
4 | #
5 | # === Examples
6 | #
7 | # # Abort compilation if $ensure is invalid
8 | # validate_ensure($ensure)
9 | #
10 | module Puppet::Parser::Functions
11 | newfunction(:validate_ensure, :arity => 1) do |args|
12 | unless %w(present absent).include?(args.first)
13 | fail(Puppet::ParseError, "$ensure must be \"present\" or \"absent\" (got: #{args.first.inspect}).")
14 | end
15 | end
16 | end
17 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/thumbor/nginx.conf.erb:
--------------------------------------------------------------------------------
1 | upstream thumbor {
2 | least_conn;
3 |
4 | <% @ports.each do |port| %>
5 | server 127.0.0.1:<%= port %>;
6 | <% end %>
7 | }
8 |
9 | server {
10 | listen 8888;
11 |
12 | keepalive_timeout 60;
13 |
14 | location / {
15 | proxy_redirect off;
16 | proxy_buffering off;
17 | proxy_set_header Host $http_host;
18 | proxy_set_header X-Real-IP $remote_addr;
19 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
20 | proxy_read_timeout 180s;
21 | proxy_pass http://thumbor;
22 | add_header X-Upstream $upstream_addr;
23 | }
24 | }
25 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/templates/multiwiki/multiversion-install.erb:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | # Wrapper for maintenance/install.php that moves the existing
3 | # LocalSettings.php script out of the way temporarily.
4 | #
5 |
6 | set -e
7 |
8 | IP=$1
9 | shift
10 | export MW_INSTALL_PATH=$IP
11 |
12 | if [[ -e $IP/LocalSettings.php ]]; then
13 | # Save existing LocalSettings
14 | mv $IP/LocalSettings.php $IP/LocalSettings.tmp
15 |
16 | # Restore previous LocalSettings on exit
17 | trap "mv $IP/LocalSettings.tmp $IP/LocalSettings.php" EXIT INT TERM
18 | fi
19 |
20 | php5 $IP/maintenance/install.php "$@"
21 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/fss.pp:
--------------------------------------------------------------------------------
1 | # == Class: roles::fss
2 | #
3 | # FastStringSearch is a PHP extension for fast string search and replace. It is
4 | # used by StringUtils.php. It supports multiple search terms. It is used as a
5 | # replacement for PHP's strtr, which is extremely slow in certain cases.
6 | # Chinese script conversion is one of those cases. This extension uses a
7 | # Commentz-Walter style algorithm for multiple search terms, or a Boyer-Moore
8 | # algorithm for single search terms.
9 | #
10 | # Only needed for php5-based wikis
11 | class role::fss {
12 | require_package('php5-fss')
13 | }
14 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/pagedtiffhandler.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::pagedtiffhandler
2 | # This role provisions the PagedTiffHandler[https://www.mediawiki.org/wiki/Extension:PagedTiffHandler] extension,
3 | # which improves the handling of TIFF files.
4 | class role::pagedtiffhandler {
5 | include ::role::multimedia
6 |
7 | require_package('exiv2')
8 | require_package('libtiff-tools')
9 |
10 | mediawiki::extension { 'PagedTiffHandler':
11 | require => Package['exiv2', 'libtiff-tools'],
12 | settings => {
13 | wgTiffUseTiffinfo => true,
14 | }
15 | }
16 | }
17 |
--------------------------------------------------------------------------------
/puppet/modules/kibana/manifests/dashboard.pp:
--------------------------------------------------------------------------------
1 | # == Define: kibana::dashboard
2 | #
3 | # === Parameters:
4 | # - $content: Dashboard contents
5 | #
6 | define kibana::dashboard(
7 | $content,
8 | ) {
9 | $safe_title = regsubst($title, '\W_', '-', 'G')
10 | $dashboard = {
11 | 'user' => 'guest',
12 | 'group' => 'guest',
13 | 'title' => $safe_title,
14 | 'dashboard' => $content,
15 | }
16 | exec { "save dashboard ${title}":
17 | command => template('kibana/save-dashboard.erb'),
18 | unless => template('kibana/check-dashboard.erb'),
19 | }
20 | }
21 |
--------------------------------------------------------------------------------
/puppet/modules/mediawiki/templates/mwrepl/mwrepl.erb:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # Based on operations/puppet at 504a37a
3 | # Shell wrapper for interactive hhvm for use with multiversion mediawiki
4 | # This script belongs in /usr/local/bin/ and should be in PATH.
5 |
6 | usage() {
7 | echo Error: $*
8 | echo Usage:
9 | echo -e "\t$0 "
10 | echo
11 | exit 1
12 | }
13 |
14 | if [[ $# -gt 1 ]]; then
15 | usage "Too many arguments"
16 | elif [[ $# -eq 0 ]]; then
17 | WIKI='<%= @default_db_name %>'
18 | else
19 | WIKI=$1
20 | fi
21 |
22 | sudo -u www-data hhvm -a "<%= @script_dir %>/MWScript.php" commandLine.inc "--wiki=$WIKI"
23 |
--------------------------------------------------------------------------------
/puppet/modules/role/files/https/nginx.conf:
--------------------------------------------------------------------------------
1 | server {
2 | listen 443 ssl;
3 | ssl_certificate /etc/ssl/certs/devwiki.pem;
4 | ssl_certificate_key /etc/ssl/certs/devwiki.key;
5 |
6 | keepalive_timeout 60;
7 |
8 | location / {
9 | proxy_redirect off;
10 | proxy_buffering off;
11 | # ensure that incoming request hostname is passed through
12 | proxy_set_header Host $http_host;
13 | proxy_set_header X-Real-IP $remote_addr;
14 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
15 | proxy_set_header X-Forwarded-Proto https;
16 | proxy_read_timeout 180s;
17 | proxy_pass http://127.0.0.1;
18 | }
19 | }
20 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/echo/CORS.php.erb:
--------------------------------------------------------------------------------
1 | $wgCrossSiteAJAXdomains = array_merge( array(
2 | // HTTP
3 | '127.0.0.1:<%= @forwarded_port %>',
4 | 'localhost:<%= @forwarded_port %>',
5 | '*<%= scope['::mediawiki::multiwiki::base_domain'] %><%= @port_fragment %>',
6 | // HTTPS
7 | '127.0.0.1:<%= @forwarded_https_port %>',
8 | 'localhost:<%= @forwarded_https_port %>',
9 | '*<%= scope['::mediawiki::multiwiki::base_domain'] %>:<%= @forwarded_https_port %>',
10 | // Varnish
11 | '127.0.0.1:6081',
12 | 'localhost:6081',
13 | '*<%= scope['::mediawiki::multiwiki::base_domain'] %>:6081'
14 | ), $wgCrossSiteAJAXdomains );
15 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/antispoof.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::antispoof
2 | # Installs and sets up the AntiSpoof extension
3 | class role::antispoof {
4 | require ::role::mediawiki
5 |
6 | mediawiki::extension { 'AntiSpoof':
7 | needs_update => true,
8 | }
9 |
10 | mediawiki::maintenance { 'populate_spoofuser':
11 | command => '/usr/local/bin/foreachwikiwithextension AntiSpoof extensions/AntiSpoof/maintenance/batchAntiSpoof.php',
12 | refreshonly => true,
13 | require => Mediawiki::Extension['AntiSpoof'],
14 | subscribe => Exec['update_all_databases'],
15 | }
16 | }
17 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/lib/puppet/parser/functions/parseyaml.rb:
--------------------------------------------------------------------------------
1 | #
2 | # parseyaml.rb
3 | #
4 |
5 | module Puppet::Parser::Functions
6 | newfunction(:parseyaml, :type => :rvalue, :doc => <<-EOS
7 | This function accepts YAML as a string and converts it into the correct
8 | Puppet structure.
9 | EOS
10 | ) do |arguments|
11 |
12 | if (arguments.size != 1) then
13 | raise(Puppet::ParseError, "parseyaml(): Wrong number of arguments "+
14 | "given #{arguments.size} for 1")
15 | end
16 |
17 | require 'yaml'
18 |
19 | YAML.load(arguments[0])
20 |
21 | end
22 | end
23 |
24 | # vim: set ts=2 sw=2 et :
25 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/svg.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::svg
2 | # Configures MediaWiki to allow SVG upload and rendering
3 | class role::svg {
4 | require_package('librsvg2-bin')
5 |
6 | mediawiki::settings { 'svg':
7 | ensure => present,
8 | require => Package['librsvg2-bin'],
9 | values => [
10 | '$wgEnableUploads = true',
11 | '$wgAllowTitlesInSVG = true',
12 | '$wgSVGConverter = "rsvg"',
13 | '$wgSVGConverters["rsvg"] = \'$path/rsvg-convert -w $width -h $height $input -o $output\'',
14 | '$wgFileExtensions[] = "svg"',
15 | ],
16 | }
17 | }
18 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/elk/monolog.php.erb:
--------------------------------------------------------------------------------
1 | # '\\MediaWiki\\Logger\\Monolog\\SyslogHandler',
9 | 'args' => array( 'mediawiki', '127.0.0.1', 10514 ),
10 | 'formatter' => 'logstash',
11 | );
12 | $wgMWLoggerDefaultSpi['args'][0]['formatters']['logstash'] = array(
13 | 'class' => '\\Monolog\\Formatter\\LogstashFormatter',
14 | 'args' => array( 'mediawiki', php_uname( 'n' ), null, '', 1 ),
15 | );
16 |
17 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/lib/puppet/parser/functions/loadyaml.rb:
--------------------------------------------------------------------------------
1 | module Puppet::Parser::Functions
2 |
3 | newfunction(:loadyaml, :type => :rvalue, :doc => <<-'ENDHEREDOC') do |args|
4 | Load a YAML file containing an array, string, or hash, and return the data
5 | in the corresponding native data type.
6 |
7 | For example:
8 |
9 | $myhash = loadyaml('/etc/puppet/data/myhash.yaml')
10 | ENDHEREDOC
11 |
12 | unless args.length == 1
13 | raise Puppet::ParseError, ("loadyaml(): wrong number of arguments (#{args.length}; must be 1)")
14 | end
15 |
16 | YAML.load_file(args[0])
17 |
18 | end
19 |
20 | end
21 |
--------------------------------------------------------------------------------
/puppet/modules/wmflib/lib/puppet/parser/functions/sequence_array.rb:
--------------------------------------------------------------------------------
1 | # == Function: sequence_array( $start, $count )
2 | #
3 | # Returns an array of integers, whose first value is $start and
4 | # with increment values, totalling $count items.
5 | #
6 | # === Examples
7 | #
8 | # sequence_array(8889, 4) # [8889, 8890, 8891, 8892]
9 | # sequence_array(80, 2) # [80, 81]
10 | #
11 | module Puppet::Parser::Functions
12 | newfunction(:sequence_array, :type => :rvalue, :arity => 2) do |args|
13 | start = args[0].to_i
14 | count = args[1].to_i
15 | stop = start + count
16 | range = start...stop
17 | range.to_a
18 | end
19 | end
20 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/templatedata.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::templatedata
2 | #
3 | # The TemplateData extension introduces a tag and an API
4 | # which together allow editors to specify how templates should be
5 | # invoked. This information is available as a nicely-formatted table for
6 | # end-users, and as a JSON API, which enables other systems (e.g.
7 | # VisualEditor) to build interfaces for working with templates and their
8 | # parameters.
9 | #
10 | class role::templatedata {
11 | mediawiki::extension { 'TemplateData':
12 | settings => {
13 | wgTemplateDataUseGUI => true,
14 | }
15 | }
16 | }
17 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/uls.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::uls
2 | # The Universal Language Selector extension (ULS) provides a flexible
3 | # way to configure and deliver language settings like interface
4 | # language, fonts, and input methods (keyboard mappings). This will
5 | # allow users to type text in different languages not directly supported
6 | # by their keyboard, read content in a script for which fonts are not
7 | # available locally, or customize the language in which menus are
8 | # displayed.
9 | class role::uls {
10 | mediawiki::extension { 'UniversalLanguageSelector':
11 | settings => { wgULSEnable => true },
12 | }
13 | }
14 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/urlshortener.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::urlshortener
2 | # Configures UrlShortener, a MediaWiki extension for making short URLs
3 | class role::urlshortener {
4 | require ::role::mediawiki
5 | include ::apache::mod::rewrite
6 |
7 | mediawiki::extension { 'UrlShortener':
8 | needs_update => true,
9 | settings => {
10 | 'wgUrlShortenerTemplate' => '/s/$1',
11 | },
12 | }
13 |
14 | apache::site_conf { 'urlshortener_short_url_support':
15 | site => $::mediawiki::wiki_name,
16 | content => template('role/urlshortener/apache2.conf.erb'),
17 | }
18 | }
19 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/centralauth/is-centralauth-migratePass0-needed.bash.erb:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # Exits with status 0 if migratePass0.php needs to run because
3 | # not all wikis are in localnames.
4 |
5 | alldbs_out=$(/usr/local/bin/wikihasextension CentralAuth)
6 | expected_count=$(echo "$alldbs_out"|wc -l)
7 |
8 | alldbs_comma=$(echo "$alldbs_out"|xargs|sed "s/ /', '/g")
9 | sql="SELECT COUNT(*) FROM centralauth.localnames WHERE ln_name = '<%= @canonical_admin_user %>' AND ln_wiki IN ('$alldbs_comma');"
10 |
11 | actual_count=$(echo "$sql"|mysql -u <%= @db_user %> -p<%= @db_pass %> --skip-column-names)
12 | [ $expected_count -ne $actual_count ]
13 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/cirrussearch/is-cirrussearch-forceindex-needed.erb:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | # Exits with status 0 if CirrusSearch isn't setup for a wiki.
3 | # Designed to be used as an 'onlyif' command in a Puppet exec.
4 |
5 | CHECK=extensions/CirrusSearch/maintenance/cirrusNeedsToBeBuilt.php
6 |
7 | for db in $(/usr/local/bin/wikihasextension CirrusSearch); do
8 | # When cirrusNeedsToBeBuilt.php exits successsfully it means that the wiki
9 | # needs to be setup.
10 | /usr/local/bin/mwscript ${CHECK} --wiki=${db} --quiet && exit 0
11 | done
12 |
13 | # If we didn't exit early then all wikis are setup for Cirrus.
14 | exit 1
15 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/mathsearch.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::mathsearch
2 | #
3 | # The MathSearch extension integrates the MathWeb Search, a
4 | # content-based search engine for mathematical formulae. It indexes
5 | # MathML formulae, using a technique derived from automated theorem
6 | # proving: term indexing.
7 | class role::mathsearch {
8 | include ::role::geshi
9 | include ::role::math
10 |
11 | mediawiki::extension { 'MathSearch':
12 | require => Mediawiki::Extension['Math'],
13 | needs_update => true,
14 | settings => [
15 | '$wgMathValidModes[] = "latexml"',
16 | ],
17 | }
18 | }
19 |
--------------------------------------------------------------------------------
/support/packager/template/LICENSE:
--------------------------------------------------------------------------------
1 | VirtualBox is released under the GNU General Public License v2
2 | (GPL-2.0.txt) license. Source code is available at
3 | https://www.virtualbox.org/browser .
4 |
5 | Vagrant is released under the MIT License (VAGRANT_MIT.txt). Source
6 | code is available at https://github.com/mitchellh/vagrant .
7 |
8 | MediaWiki-Vagrant is released under the MIT License. Source code and
9 | license are available in the MediaWiki-Vagrant repository by cloning
10 | bundle, per README.
11 |
12 | MediaWiki is released under GPLv2 or later. Source code and license are
13 | available in the MediaWiki repository by cloning bundle, per README.
14 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/globaluserpage.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::globaluserpage
2 | # The GlobalUserPage extension allows for a
3 | # user to create a user page on a central wiki
4 | # and have it displayed on all wikis where a local
5 | # page does not exist.
6 | #
7 | class role::globaluserpage {
8 | require ::role::mediawiki
9 |
10 | mediawiki::extension { 'GlobalUserPage':
11 | settings => {
12 | wgGlobalUserPageDBname => 'gupwiki',
13 | wgGlobalUserPageAPIUrl => "http://gup${::mediawiki::multiwiki::base_domain}${::port_fragment}/w/api.php",
14 | }
15 | }
16 |
17 |
18 | mediawiki::wiki { 'gup': }
19 | }
20 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/oozie.pp:
--------------------------------------------------------------------------------
1 | # == Class role::oozie
2 | # Install Oozie server and client.
3 | #
4 | class role::oozie {
5 | require ::mysql
6 | require ::role::hadoop
7 | class { '::cdh::oozie': }
8 | class { '::cdh::oozie::server':
9 | db_root_password => $::mysql::root_password,
10 | }
11 |
12 | # Make sure HDFS is totally ready before the CDH
13 | # module tries to create this directory.
14 | Exec['wait_for_hdfs'] -> Cdh::Hadoop::Directory['/user/oozie']
15 |
16 | # Make sure mysql is ready before cdh trys to setup it's db
17 | Exec['set_mysql_password'] -> Exec['oozie_mysql_create_database']
18 | }
19 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/spec/unit/puppet/parser/functions/strip_spec.rb:
--------------------------------------------------------------------------------
1 | #! /usr/bin/env ruby -S rspec
2 | require 'spec_helper'
3 |
4 | describe "the strip function" do
5 | let(:scope) { PuppetlabsSpec::PuppetInternals.scope }
6 | it "should exist" do
7 | Puppet::Parser::Functions.function("strip").should == "function_strip"
8 | end
9 |
10 | it "should raise a ParseError if there is less than 1 arguments" do
11 | lambda { scope.function_strip([]) }.should( raise_error(Puppet::ParseError))
12 | end
13 |
14 | it "should strip a string" do
15 | result = scope.function_strip([" ab cd "])
16 | result.should(eq('ab cd'))
17 | end
18 | end
19 |
--------------------------------------------------------------------------------
/puppet/modules/wmflib/lib/puppet/parser/functions/apply_format.rb:
--------------------------------------------------------------------------------
1 | # == Function: apply_format( string $format, array $items )
2 | #
3 | # Apply a format string to each element of an array.
4 | #
5 | # === Examples
6 | #
7 | # $languages = [ 'finnish', 'french', 'greek', 'hebrew' ]
8 | # $packages = apply_format('texlive-lang-%s', $languages)
9 | #
10 | module Puppet::Parser::Functions
11 | newfunction(:apply_format, :type => :rvalue, :arity => 2) do |args|
12 | format, *items = args
13 | fail(ArgumentError, 'apply_format(): a format string is required') unless format.is_a?(String)
14 | items.flatten.map { |item| format % item }
15 | end
16 | end
17 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/spec/unit/puppet/parser/functions/chop_spec.rb:
--------------------------------------------------------------------------------
1 | #! /usr/bin/env ruby -S rspec
2 | require 'spec_helper'
3 |
4 | describe "the chop function" do
5 | let(:scope) { PuppetlabsSpec::PuppetInternals.scope }
6 |
7 | it "should exist" do
8 | Puppet::Parser::Functions.function("chop").should == "function_chop"
9 | end
10 |
11 | it "should raise a ParseError if there is less than 1 arguments" do
12 | lambda { scope.function_chop([]) }.should( raise_error(Puppet::ParseError))
13 | end
14 |
15 | it "should chop the end of a string" do
16 | result = scope.function_chop(["asdf\n"])
17 | result.should(eq("asdf"))
18 | end
19 | end
20 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/lib/puppet/parser/functions/parsejson.rb:
--------------------------------------------------------------------------------
1 | #
2 | # parsejson.rb
3 | #
4 |
5 | module Puppet::Parser::Functions
6 | newfunction(:parsejson, :type => :rvalue, :doc => <<-EOS
7 | This function accepts JSON as a string and converts into the correct Puppet
8 | structure.
9 | EOS
10 | ) do |arguments|
11 |
12 | if (arguments.size != 1) then
13 | raise(Puppet::ParseError, "parsejson(): Wrong number of arguments "+
14 | "given #{arguments.size} for 1")
15 | end
16 |
17 | json = arguments[0]
18 |
19 | # PSON is natively available in puppet
20 | PSON.load(json)
21 | end
22 | end
23 |
24 | # vim: set ts=2 sw=2 et :
25 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/spec/unit/puppet/parser/functions/chomp_spec.rb:
--------------------------------------------------------------------------------
1 | #! /usr/bin/env ruby -S rspec
2 | require 'spec_helper'
3 |
4 | describe "the chomp function" do
5 | let(:scope) { PuppetlabsSpec::PuppetInternals.scope }
6 |
7 | it "should exist" do
8 | Puppet::Parser::Functions.function("chomp").should == "function_chomp"
9 | end
10 |
11 | it "should raise a ParseError if there is less than 1 arguments" do
12 | lambda { scope.function_chomp([]) }.should( raise_error(Puppet::ParseError))
13 | end
14 |
15 | it "should chomp the end of a string" do
16 | result = scope.function_chomp(["abc\n"])
17 | result.should(eq("abc"))
18 | end
19 | end
20 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/spec/unit/puppet/parser/functions/lstrip_spec.rb:
--------------------------------------------------------------------------------
1 | #! /usr/bin/env ruby -S rspec
2 | require 'spec_helper'
3 |
4 | describe "the lstrip function" do
5 | let(:scope) { PuppetlabsSpec::PuppetInternals.scope }
6 |
7 | it "should exist" do
8 | Puppet::Parser::Functions.function("lstrip").should == "function_lstrip"
9 | end
10 |
11 | it "should raise a ParseError if there is less than 1 arguments" do
12 | lambda { scope.function_lstrip([]) }.should( raise_error(Puppet::ParseError))
13 | end
14 |
15 | it "should lstrip a string" do
16 | result = scope.function_lstrip([" asdf"])
17 | result.should(eq('asdf'))
18 | end
19 | end
20 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/semanticextraspecialproperties.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::semanticextraspecialproperties
2 | # The Semantic Extra Special Properties extension, used in conjunction with the
3 | # Semantic MediaWiki extension, adds some extra special properties to all
4 | # content pages in the wiki
5 | class role::semanticextraspecialproperties {
6 |
7 | require ::role::mediawiki
8 | require ::role::semanticmediawiki
9 |
10 | mediawiki::composer::require { 'SemanticExtraSpecialProperties':
11 | package => 'mediawiki/semantic-extra-special-properties',
12 | version => '*',
13 | notify => Exec['update_all_databases']
14 | }
15 | }
16 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/semanticmediawiki.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::semanticmediawiki
2 | # The Semantic MediaWiki extension lets you store and query structured data
3 | # within wiki pages
4 | class role::semanticmediawiki {
5 |
6 | require ::role::mediawiki
7 |
8 | mediawiki::composer::require { 'Semantic MediaWiki':
9 | package => 'mediawiki/semantic-media-wiki',
10 | version => '*',
11 | notify => Exec['update_all_databases']
12 | }
13 |
14 | mediawiki::settings { 'Semantic MediaWiki':
15 | priority => $::LOAD_EARLY,
16 | values => [
17 | 'enableSemantics($wgSitename)',
18 | ]
19 | }
20 | }
21 |
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/varnish.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::varnish
2 | #
3 | # Installs a Varnish instance
4 | # To go through Varnish, use 127.0.0.1:6081 instead of 127.0.0.1:8080.
5 | class role::varnish {
6 | include ::varnish
7 |
8 | mediawiki::settings { 'varnish':
9 | values => {
10 | 'wgUploadBaseUrl' => 'http://127.0.0.1:6081',
11 | 'wgUseSquid' => true,
12 | # Address without port is needed for isTrustedProxy's sake
13 | 'wgSquidServers' => [ '127.0.0.1:6081', '127.0.0.1' ],
14 | # Makes X-Forwarded-For header trusted
15 | 'wgUsePrivateIPs' => true,
16 | }
17 | }
18 | }
19 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/lib/puppet/parser/functions/keys.rb:
--------------------------------------------------------------------------------
1 | #
2 | # keys.rb
3 | #
4 |
5 | module Puppet::Parser::Functions
6 | newfunction(:keys, :type => :rvalue, :doc => <<-EOS
7 | Returns the keys of a hash as an array.
8 | EOS
9 | ) do |arguments|
10 |
11 | raise(Puppet::ParseError, "keys(): Wrong number of arguments " +
12 | "given (#{arguments.size} for 1)") if arguments.size < 1
13 |
14 | hash = arguments[0]
15 |
16 | unless hash.is_a?(Hash)
17 | raise(Puppet::ParseError, 'keys(): Requires hash to work with')
18 | end
19 |
20 | result = hash.keys.sort
21 |
22 | return result
23 | end
24 | end
25 |
26 | # vim: set ts=2 sw=2 et :
27 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/lib/puppet/parser/functions/sort.rb:
--------------------------------------------------------------------------------
1 | #
2 | # sort.rb
3 | #
4 |
5 | module Puppet::Parser::Functions
6 | newfunction(:sort, :type => :rvalue, :doc => <<-EOS
7 | Sorts strings and arrays lexically.
8 | EOS
9 | ) do |arguments|
10 |
11 | if (arguments.size != 1) then
12 | raise(Puppet::ParseError, "sort(): Wrong number of arguments "+
13 | "given #{arguments.size} for 1")
14 | end
15 |
16 | value = arguments[0]
17 |
18 | if value.is_a?(Array) then
19 | value.sort
20 | elsif value.is_a?(String) then
21 | value.split("").sort.join("")
22 | end
23 |
24 | end
25 | end
26 |
27 | # vim: set ts=2 sw=2 et :
28 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/spec/unit/puppet/parser/functions/join_spec.rb:
--------------------------------------------------------------------------------
1 | #! /usr/bin/env ruby -S rspec
2 | require 'spec_helper'
3 |
4 | describe "the join function" do
5 | let(:scope) { PuppetlabsSpec::PuppetInternals.scope }
6 |
7 | it "should exist" do
8 | Puppet::Parser::Functions.function("join").should == "function_join"
9 | end
10 |
11 | it "should raise a ParseError if there is less than 1 arguments" do
12 | lambda { scope.function_join([]) }.should( raise_error(Puppet::ParseError))
13 | end
14 |
15 | it "should join an array into a string" do
16 | result = scope.function_join([["a","b","c"], ":"])
17 | result.should(eq("a:b:c"))
18 | end
19 | end
20 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/spec/unit/puppet/parser/functions/reverse_spec.rb:
--------------------------------------------------------------------------------
1 | #! /usr/bin/env ruby -S rspec
2 | require 'spec_helper'
3 |
4 | describe "the reverse function" do
5 | let(:scope) { PuppetlabsSpec::PuppetInternals.scope }
6 |
7 | it "should exist" do
8 | Puppet::Parser::Functions.function("reverse").should == "function_reverse"
9 | end
10 |
11 | it "should raise a ParseError if there is less than 1 arguments" do
12 | lambda { scope.function_reverse([]) }.should( raise_error(Puppet::ParseError))
13 | end
14 |
15 | it "should reverse a string" do
16 | result = scope.function_reverse(["asdfghijkl"])
17 | result.should(eq('lkjihgfdsa'))
18 | end
19 | end
20 |
--------------------------------------------------------------------------------
/puppet/modules/thumbor/files/thumbor.profile:
--------------------------------------------------------------------------------
1 | # system directories
2 | # python-wand fails to load when /sbin is blacklisted
3 | #blacklist /sbin
4 | blacklist /usr/sbin
5 | blacklist /usr/local/sbin
6 |
7 | # system management
8 | blacklist ${PATH}/umount
9 | blacklist ${PATH}/mount
10 | blacklist ${PATH}/fusermount
11 | blacklist ${PATH}/su
12 | blacklist ${PATH}/sudo
13 | blacklist ${PATH}/xinput
14 | blacklist ${PATH}/evtest
15 | blacklist ${PATH}/xev
16 | blacklist ${PATH}/strace
17 | blacklist ${PATH}/nc
18 | blacklist ${PATH}/ncat
19 |
20 | blacklist /etc/shadow
21 | blacklist /etc/ssh
22 | blacklist /root
23 | blacklist /home
24 | noroot
25 | caps.drop all
26 | seccomp
27 | private-dev
--------------------------------------------------------------------------------
/puppet/modules/role/manifests/molhandler.pp:
--------------------------------------------------------------------------------
1 | # == Class: role::molhandler
2 | # Configures MolHandler, an extension for embedding chemical table files
3 | # in MediaWiki.
4 | class role::molhandler {
5 | include ::role::svg
6 |
7 | require_package('indigo-utils')
8 | require_package('openbabel')
9 |
10 | mediawiki::extension { 'MolHandler':
11 | settings => [
12 | '$wgApiFrameOptions = \'SAMEORIGIN\'',
13 | '$wgFileExtensions = array_merge( $wgFileExtensions, array( \'mol\', \'rxn\' ) )',
14 | ],
15 | require => [
16 | Package['indigo-utils'],
17 | Package['openbabel'],
18 | ],
19 | }
20 | }
21 |
--------------------------------------------------------------------------------
/puppet/modules/role/templates/memcached/conf.php.erb:
--------------------------------------------------------------------------------
1 | $wgMainCacheType = 'memcached-pecl';
2 |
3 | // This currently doesn't set wgMainStash to use memcached,
4 | // since production uses Redis.
5 |
6 | $wgMemCachedPersistent = false;
7 | $wgMemCachedTimeout = 0.25 * 1e6; // 250kμs (a quarter of a second).
8 |
9 | $wgMemCachedServers = array( '127.0.0.1:<%= scope['::memcached::port'] %>' );
10 |
11 | $wgObjectCaches['memcached-pecl'] = array(
12 | 'class' => 'MemcachedPeclBagOStuff',
13 | 'use_binary_protocol' => true,
14 | 'serializer' => 'php',
15 | 'persistent' => false,
16 | 'servers' => $wgMemCachedServers,
17 | 'server_failure_limit' => 1e9,
18 | 'retry_timeout' => -1
19 | );
20 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/spec/unit/puppet/parser/functions/swapcase_spec.rb:
--------------------------------------------------------------------------------
1 | #! /usr/bin/env ruby -S rspec
2 | require 'spec_helper'
3 |
4 | describe "the swapcase function" do
5 | let(:scope) { PuppetlabsSpec::PuppetInternals.scope }
6 |
7 | it "should exist" do
8 | Puppet::Parser::Functions.function("swapcase").should == "function_swapcase"
9 | end
10 |
11 | it "should raise a ParseError if there is less than 1 arguments" do
12 | lambda { scope.function_swapcase([]) }.should( raise_error(Puppet::ParseError))
13 | end
14 |
15 | it "should swapcase a string" do
16 | result = scope.function_swapcase(["aaBBccDD"])
17 | result.should(eq('AAbbCCdd'))
18 | end
19 | end
20 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/spec/unit/puppet/parser/functions/hash_spec.rb:
--------------------------------------------------------------------------------
1 | #! /usr/bin/env ruby -S rspec
2 | require 'spec_helper'
3 |
4 | describe "the hash function" do
5 | let(:scope) { PuppetlabsSpec::PuppetInternals.scope }
6 |
7 | it "should exist" do
8 | Puppet::Parser::Functions.function("hash").should == "function_hash"
9 | end
10 |
11 | it "should raise a ParseError if there is less than 1 arguments" do
12 | lambda { scope.function_hash([]) }.should( raise_error(Puppet::ParseError))
13 | end
14 |
15 | it "should convert an array to a hash" do
16 | result = scope.function_hash([['a',1,'b',2,'c',3]])
17 | result.should(eq({'a'=>1,'b'=>2,'c'=>3}))
18 | end
19 | end
20 |
--------------------------------------------------------------------------------
/puppet/modules/stdlib/lib/facter/root_home.rb:
--------------------------------------------------------------------------------
1 | # A facter fact to determine the root home directory.
2 | # This varies on PE supported platforms and may be
3 | # reconfigured by the end user.
4 |
5 | module Facter::Util::RootHome
6 | class << self
7 | def get_root_home
8 | root_ent = Facter::Util::Resolution.exec("getent passwd root")
9 | # The home directory is the sixth element in the passwd entry
10 | # If the platform doesn't have getent, root_ent will be nil and we should
11 | # return it straight away.
12 | root_ent && root_ent.split(":")[5]
13 | end
14 | end
15 | end
16 |
17 | Facter.add(:root_home) do
18 | setcode { Facter::Util::RootHome.get_root_home }
19 | end
20 |
--------------------------------------------------------------------------------