1
# -*- coding: iso-8859-1 -*-
2
# IMPORTANT! This encoding (charset) setting MUST be correct! If you live in a
3
# western country and you don't know that you use utf-8, you probably want to
4
# use iso-8859-1 (or some other iso charset). If you use utf-8 (a Unicode
5
# encoding) you MUST use: coding: utf-8
6
# That setting must match the encoding your editor uses when you modify the
7
# settings below. If it does not, special non-ASCII chars will be wrong.
10
MoinMoin - Configuration for a wiki farm
12
This is a sample configuration for a farm using ldap and smb auth plugins.
15
* user logs in via moin's form on UserPreferences
16
* ldap_login plugin checks username/password against LDAP
17
* if username/password is ok for LDAP, the plugin creates a user profile
18
with up-to-date settings from ldap (name, alias, email and crypted
19
password) and just hands over to the next auth plugin...
20
* if username/password is not ok for LDAP, it does not store/update
21
a user profile, but also hands over to the next auth plugin.
22
* smb_mount plugin also gets username/password and uses it to mount another
23
server's share on some mountpoint (using access rights of username,
24
authenticating using password) on the wiki server (very special use only -
25
if you don't need it, don't use it).
26
* moin_cookie finally gets username/password and uses it to load the
27
user's profile, set a cookie for subsequent requests and return a user
32
# Wikis in your farm --------------------------------------------------
34
# If you run multiple wikis, you need this list of pairs (wikiname, url
35
# regular expression). moin processes that list and tries to match the
36
# regular expression against the URL of this request - until it matches.
37
# Then it loads the <wikiname>.py config for handling that request.
40
# * the left part is the wikiname enclosed in double quotes
41
# * the left part must be a valid python module name, so better use only
42
# lower letters "a-z" and "_". Do not use blanks or "-" there!!!
43
# * the right part is the url re, use r"..." for it
44
# * the right part does NOT include "http://" nor "https://" at the beginning
45
# * in the right part ".*" means "everything". Just "*" does not work like
46
# for filenames on the shell / commandline, you must use ".*" as it is a RE.
47
# * in the right part, "^" means "beginning" and "$" means "end"
50
# Standalone server needs the port e.g. localhost:8000
51
# Twisted server can now use the port, too.
53
# wikiname, url regular expression (no protocol)
54
# ---------------------------------------------------------------
55
("info1", r"^info1.example.org/.*$"),
56
("info2", r"^info2.example.org/.*$"),
60
# Common configuration for all wikis ----------------------------------
62
# Everything that should be configured the same way should go here,
63
# anything else that should be different should go to the single wiki's
65
# In that single wiki's config, we will use the class FarmConfig we define
66
# below as the base config settings and only override what's different.
68
# In exactly the same way, we first include MoinMoin's Config Defaults here -
69
# this is to get everything to sane defaults, so we need to change only what
70
# we like to have different:
72
from MoinMoin.multiconfig import DefaultConfig
74
# Now we subclass this DefaultConfig. This means that we inherit every setting
75
# from the DefaultConfig, except those we explicitely define different.
77
class FarmConfig(DefaultConfig):
79
from MoinMoin import auth
80
auth = [auth.ldap_login, auth.smb_mount, auth.moin_cookie]
83
ldap_uri = 'ldap://ad.example.org' # ldap / active directory server URI
85
# We can either use some fixed user and password for binding to LDAP.
86
# Be careful if you need a % char in those strings - as they are used as
87
# a format string, you have to write %% to get a single % in the end.
88
#ldap_binddn = 'binduser@example.org'
89
#ldap_bindpw = 'secret'
91
# or we can use the username and password we got from the user:
92
ldap_binddn = '%(username)s@example.org' # DN we use for first bind
93
ldap_bindpw = '%(password)s' # password we use for first bind
95
# or we can bind anonymously (if that is supported by your directory).
96
# In any case, ldap_binddn and ldap_bindpw must be defined.
100
ldap_base = 'ou=SOMEUNIT,dc=example,dc=org' # base DN we use for searching
101
ldap_scope = ldap.SCOPE_SUBTREE # scope of the search we do
102
ldap_filter = '(sAMAccountName=%(username)s)' # ldap filter used for searching
103
# you can also do more complex filtering like:
104
# "(&(cn=%(username)s)(memberOf=CN=WikiUsers,OU=Groups,DC=example,DC=org))"
106
ldap_email_attribute = 'mail' # ldap attribute we get the email address from
107
ldap_givenname_attribute = 'givenName' # ldap attribute we get the first name from
108
ldap_surname_attribute = 'sn' # ldap attribute we get the family name from
109
ldap_aliasname_attribute = 'displayName' # ldap attribute we get the aliasname from
110
ldap_coding = 'utf-8' # coding used for ldap queries and result values
111
ldap_timeout = 10 # how long we wait for the ldap server [s]
112
ldap_verbose = True # if True, put lots of LDAP debug info into the log
113
cookie_lifetime = 1 # 1 hour after last access ldap login is required again
114
user_autocreate = True
116
# TLS / SSL related configuration (do not remove, even if you don't use TLS/SSL)
117
ldap_start_tls = 0 # 0 = No, 1 = Try, 2 = Required
118
ldap_tls_cacertdir = ''
119
ldap_tls_cacertfile = ''
120
ldap_tls_certfile = ''
121
ldap_tls_keyfile = ''
122
ldap_tls_require_cert = ldap.OPT_X_TLS_NEVER
124
smb_server = "smb.example.org" # smb server name
125
smb_domain = 'DOMAIN' # smb domain name
126
smb_share = 'FILESHARE' # smb share we mount
127
smb_mountpoint = u'/mnt/wiki/%(username)s' # where we mount the smb filesystem
128
smb_display_prefix = u"S:" # where //server/share is usually mounted for your windows users (display purposes only)
129
smb_dir_user = "wwwrun" # owner of the mounted directories
130
smb_dir_mode = "0700" # mode of the mounted directories
131
smb_file_mode = "0600" # mode of the mounted files
132
smb_iocharset = "iso8859-1" # "UTF-8" > cannot access needed shared library!
133
smb_coding = 'iso8859-1' # coding used for encoding the commandline for the mount command
134
smb_verbose = True # if True, put SMB debug info into log
135
smb_log = "/dev/null" # where we redirect mount command output to
137
# customize UserPreferences (optional)
138
user_checkbox_remove = [
139
'disabled', 'remember_me', 'edit_on_doubleclick', 'show_nonexist_qm',
140
'show_toolbar', 'show_topbottom', 'show_fancy_diff',
141
'wikiname_add_spaces', ]
142
user_checkbox_defaults = {'mailto_author': 0,
143
'edit_on_doubleclick': 0,
144
'remember_last_visit': 0,
145
'show_nonexist_qm': 0,
146
'show_page_trail': 1,
149
'show_fancy_diff': 1,
150
'wikiname_add_spaces': 0,
154
user_form_defaults = {
164
user_form_disable = ['name', 'aliasname', 'email', ]
165
user_form_remove = ['password', 'password2', 'css_url', 'logout', 'create', 'account_sendmail', ]
167
# Critical setup ---------------------------------------------------
169
# Misconfiguration here will render your wiki unusable. Check that
170
# all directories are accessible by the web server or moin server.
172
# If you encounter problems, try to set data_dir and data_underlay_dir
175
# Where your mutable wiki pages are. You want to make regular
176
# backups of this directory.
179
# Where read-only system and help page are. You might want to share
180
# this directory between several wikis. When you update MoinMoin,
181
# you can safely replace the underlay directory with a new one. This
182
# directory is part of MoinMoin distribution, you don't have to
184
data_underlay_dir = './underlay/'
186
# This must be '/wiki' for twisted and standalone. For CGI, it should
187
# match your Apache Alias setting.
191
# Security ----------------------------------------------------------
193
# This is checked by some rather critical and potentially harmful actions,
194
# like despam or PackageInstaller action:
195
#superuser = [u"AdminName", ]
197
# IMPORTANT: grant yourself admin rights! replace YourName with
198
# your user name. See HelpOnAccessControlLists for more help.
199
# All acl_rights_xxx options must use unicode [Unicode]
200
acl_rights_before = u"AdminGroup:admin,read,write,delete,revert"
201
acl_rights_default = u"EditorGroup:read,write.delete,revert ViewerGroup:read All:"
203
# Link spam protection for public wikis (uncomment to enable).
204
# Needs a reliable internet connection.
205
from MoinMoin.util.autoadmin import SecurityPolicy
208
# Mail --------------------------------------------------------------
210
# Configure to enable subscribing to pages (disabled by default) or
211
# sending forgotten passwords.
213
# SMTP server, e.g. "mail.provider.com" (empty or None to disable mail)
214
mail_smarthost = "mail.example.org"
216
# The return address, e.g u"J�rgen Wiki <noreply@mywiki.org>" [Unicode]
217
mail_from = u"wiki@example.org"
219
# "user pwd" if you need to use SMTP AUTH
223
# User interface ----------------------------------------------------
225
# Add your wikis important pages at the end. It is not recommended to
226
# remove the default links. Leave room for user links - don't use
227
# more than 6 short items.
228
# You MUST use Unicode strings here, but you need not use localized
229
# page names for system and help pages, those will be used automatically
230
# according to the user selected language. [Unicode]
232
# If you want to show your page_front_page here:
233
u'%(page_front_page)s',
239
# The default theme anonymous or new users get
240
theme_default = 'modern'
243
# Language options --------------------------------------------------
245
# See http://moinmoin.wikiwikiweb.de/ConfigMarket for configuration in
246
# YOUR language that other people contributed.
248
# The main wiki language, set the direction of the wiki pages
249
language_default = 'de'
251
# You must use Unicode strings here [Unicode]
252
page_category_regex = u'^Category[A-Z]'
253
page_dict_regex = u'[a-z]Dict$'
254
page_group_regex = u'[a-z]Group$'
255
page_template_regex = u'[a-z]Template$'
257
# Content options ---------------------------------------------------
259
# Show users hostnames in RecentChanges
262
# Show the interwiki name (and link it to page_front_page) in the Theme,
263
# nice for farm setups or when your logo does not show the wiki's name.
267
# Enable graphical charts, requires gdchart.
268
#chart_options = {'width': 600, 'height': 300}
271
#shared_intermap = ["/opt/moinfarm/common/intermap.txt", ]