Difference between revisions of "Mediawiki installation notes"

From Supercomputación y Cálculo Científico UIS
m (Reverted edits by Ltorres (talk) to last revision by Sgelvez)
Line 1: Line 1:
__NOTOC__
+
= Installation notes =
<div class="thumbnail img-thumbnail">http://wiki.sc3.uis.edu.co/images/a/a8/Logo_sc33.png</div>
+
 
 +
 
 +
Basic configuration (taken form internet and edited):
 +
 
 +
{{File|/var/www/mediawiki-folder/|<pre><nowiki>
 +
# LDAP
 +
require_once 'extensions/LdapAuthentication/LdapAuthentication.php';
 +
require_once 'includes/AuthPlugin.php';
 +
$wgAuth = new LdapAuthenticationPlugin();
 +
$wgLDAPDomainNames = array(
 +
  'GridUIS',
 +
);
 +
$wgLDAPServerNames = array(
 +
  'GridUIS' => '192.168.66.5',
 +
);
 +
$wgLDAPUseLocal = false;
 +
$wgLDAPEncryptionType = array(
 +
  'GridUIS' => 'clear',
 +
);
 +
$wgLDAPPort = array(
 +
  'GridUIS' => 389,
 +
);
 +
$wgLDAPProxyAgent = array(
 +
  'GridUIS' => 'cn=nss,ou=admin,dc=uis,dc=edu,dc=co',
 +
);
 +
$wgLDAPProxyAgentPassword = array(
 +
  'GridUIS' => 'griduis2o14sant',
 +
);
 +
$wgLDAPSearchAttributes = array(
 +
  'GridUIS' => 'uid'
 +
);
 +
$wgLDAPBaseDNs = array(
 +
  'GridUIS' => 'dc=uis,dc=edu,dc=co',
 +
);
 +
# To pull e-mail address from LDAP
 +
$wgLDAPPreferences = array(
 +
  'GridUIS' => array( 'email' => 'mail')
 +
);
 +
# Group based restriction
 +
$wgLDAPGroupUseFullDN = array( "openldap_example_com"=>false );
 +
$wgLDAPGroupObjectclass = array( "openldap_example_com"=>"posixgroup" );
 +
$wgLDAPGroupAttribute = array( "openldap_example_com"=>"memberuid" );
 +
$wgLDAPGroupSearchNestedGroups = array( "openldap_example_com"=>false );
 +
$wgLDAPGroupNameAttribute = array( "openldap_example_com"=>"cn" );
 +
$wgLDAPRequiredGroups = array( "openldap_example_com"=>array("cn=ldapwiki,ou=groups,dc=example,dc=com"));
 +
$wgLDAPLowerCaseUsername = array(
 +
  'openldap_example_com' => true,
 +
);
 +
</nowiki></pre>}}
  
<div class="btn btn-primary">[[Administración_del_SC3|Administración del SC3]]</div><div class="col-md-14"><div class="panel panel-darker-white-border"><div class="panel-heading">
 
=== Installation notes ===
 
</div><div class="panel-body">
 
Basic configuration (taken form internet and edited): {{File|/var/www/mediawiki-folder/|
 
<pre />}}
 
 
LDAP Setup:
 
LDAP Setup:
  
 +
{{File|/var/www/mediawiki-folder/|<pre><nowiki>
 +
// Nombre del dominio
 +
$wgLDAPDomainNames = array(
 +
  'GridUIS',
 +
);
  
 +
// FQDN del dominio
 +
$wgLDAPServerNames = array(
 +
  'GridUIS' => '192.168.66.5',
 +
);
  
            {{File|/var/www/mediawiki-folder/|
+
// Combinar con la base de datos local, dice que ponerlo en falso
<pre />}}
+
$wgLDAPUseLocal = false;
Last version:
+
 
 +
// Tipo de encriptamiento
 +
$wgLDAPEncryptionType = array(
 +
//'testADdomain' => 'tls', Deshabilitado por el moemnto
 +
  'GridUIS' => 'clear',
 +
);
 +
 
 +
// Usuario y contraseña usada para acceso de proxyagent
 +
// Usar usuario restringido, no el administrador
 +
$wgLDAPProxyAgent = array(
 +
  'GridUIS' => 'cn=nss,ou=admin,dc=uis,dc=edu,dc=co',
 +
);
 +
$wgLDAPProxyAgentPassword = array(
 +
  'GridUIS' => 'griduis2o14sant',
 +
);
  
 +
// Filtro de busqueda
 +
// These options are only needed if you want to search for users to bind with them. In otherwords,
 +
// if you cannot do direct binds based upon $wgLDAPSearchStrings, then you'll need these two options.
 +
// If you need a proxyagent to search, remember to set $wgLDAPProxyAgent, and $wgLDAPProxyAgentPassword.
 +
// Anonymous searching is supported. To do an anonymous search, use SearchAttibutes and don't set a Proxy
 +
// agent for the domain required.
 +
$wgLDAPSearchAttributes = array(
 +
  'GridUIS' => 'uid'
 +
);
 +
 +
// DN Base
 +
// Base DNs. Group and User base DNs will be used if available; if they are not defined, the search
 +
// will default to $wgLDAPBaseDNs
 +
$wgLDAPBaseDNs = array(
 +
  'GridUIS' => 'dc=uis,dc=edu,dc=co'
 +
);
  
 +
// No crear una cuenta para usuario si la cuenta existe en LDAP pero no en mediawiki
 +
// Default: false.
 +
$wgLDAPDisableAutoCreate = array(
 +
  'GridUIS' => true
 +
);
 +
</nowiki></pre>}}
  
            {{File|/var/www/mediawiki-folder/|
+
Last version:
<pre />}}
 
  
</div></div></div>
+
{{File|/var/www/mediawiki-folder/|<pre><nowiki>
 +
# LDAP
 +
require_once "$IP/extensions/LdapAuthentication/LdapAuthentication.php";
 +
$wgAuth = new LdapAuthenticationPlugin();
 +
$wgLDAPDomainNames = array("GridUIS");
 +
$wgLDAPServerNames = array("GridUIS" => "192.168.66.5");
 +
$wgLDAPUseLocal = true;
 +
$wgLDAPEncryptionType = array("GridUIS" => "clear");
 +
# $wgLDAPPort = array('GridUIS' => 389);
 +
$wgLDAPProxyAgent = array("GridUIS" => "cn=nss,ou=admin,dc=uis,dc=edu,dc=co");
 +
$wgLDAPProxyAgentPassword = array("GridUIS" => "griduis2o14sant");
 +
$wgLDAPSearchAttributes = array("GridUIS" => "uid");
 +
$wgLDAPBaseDNs = array("GridUIS" => "dc=uis,dc=edu,dc=co");
 +
# To pull e-mail address from LDAP
 +
$wgLDAPPreferences = array("GridUIS" => array( "email" => "mail"));
 +
$wgLDAPDebug = 3;
 +
//$wgLDAPDebug = 4; //for debugging LDAP
 +
$wgDebugLogGroups["ldap"] = "$IP/extensions/LdapAuthentication/perrito.log" ;
 +
# aparte
 +
$wgShowExceptionDetails = true; //for debugging MediaWiki
 +
$wgDebugLogFile = "/var/log/mediawiki/debug-{$wgDBname}.log";
 +
</nowiki></pre>}}

Revision as of 13:09, 21 May 2015

Installation notes

Basic configuration (taken form internet and edited):

File: /var/www/mediawiki-folder/
# LDAP
require_once 'extensions/LdapAuthentication/LdapAuthentication.php';
require_once 'includes/AuthPlugin.php';
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array(
  'GridUIS',
);
$wgLDAPServerNames = array(
  'GridUIS' => '192.168.66.5',
);
$wgLDAPUseLocal = false;
$wgLDAPEncryptionType = array(
  'GridUIS' => 'clear',
);
$wgLDAPPort = array(
  'GridUIS' => 389,
);
$wgLDAPProxyAgent = array(
  'GridUIS' => 'cn=nss,ou=admin,dc=uis,dc=edu,dc=co',
);
$wgLDAPProxyAgentPassword = array(
  'GridUIS' => 'griduis2o14sant',
);
$wgLDAPSearchAttributes = array(
  'GridUIS' => 'uid'
);
$wgLDAPBaseDNs = array(
  'GridUIS' => 'dc=uis,dc=edu,dc=co',
);
# To pull e-mail address from LDAP
$wgLDAPPreferences = array(
  'GridUIS' => array( 'email' => 'mail')
);
# Group based restriction
$wgLDAPGroupUseFullDN = array( "openldap_example_com"=>false );
$wgLDAPGroupObjectclass = array( "openldap_example_com"=>"posixgroup" );
$wgLDAPGroupAttribute = array( "openldap_example_com"=>"memberuid" );
$wgLDAPGroupSearchNestedGroups = array( "openldap_example_com"=>false );
$wgLDAPGroupNameAttribute = array( "openldap_example_com"=>"cn" );
$wgLDAPRequiredGroups = array( "openldap_example_com"=>array("cn=ldapwiki,ou=groups,dc=example,dc=com"));
$wgLDAPLowerCaseUsername = array(
  'openldap_example_com' => true,
);

LDAP Setup:

File: /var/www/mediawiki-folder/
// Nombre del dominio
$wgLDAPDomainNames = array(
  'GridUIS',
);

// FQDN del dominio
$wgLDAPServerNames = array(
  'GridUIS' => '192.168.66.5',
);

// Combinar con la base de datos local, dice que ponerlo en falso
$wgLDAPUseLocal = false;

// Tipo de encriptamiento
$wgLDAPEncryptionType = array(
//'testADdomain' => 'tls', Deshabilitado por el moemnto
  'GridUIS' => 'clear',
);

// Usuario y contraseña usada para acceso de proxyagent
// Usar usuario restringido, no el administrador
$wgLDAPProxyAgent = array(
  'GridUIS' => 'cn=nss,ou=admin,dc=uis,dc=edu,dc=co',
);
$wgLDAPProxyAgentPassword = array(
  'GridUIS' => 'griduis2o14sant',
);

// Filtro de busqueda
// These options are only needed if you want to search for users to bind with them. In otherwords,
// if you cannot do direct binds based upon $wgLDAPSearchStrings, then you'll need these two options.
// If you need a proxyagent to search, remember to set $wgLDAPProxyAgent, and $wgLDAPProxyAgentPassword.
// Anonymous searching is supported. To do an anonymous search, use SearchAttibutes and don't set a Proxy
// agent for the domain required.
$wgLDAPSearchAttributes = array(
  'GridUIS' => 'uid'
);
 
// DN Base
// Base DNs. Group and User base DNs will be used if available; if they are not defined, the search
// will default to $wgLDAPBaseDNs
$wgLDAPBaseDNs = array(
  'GridUIS' => 'dc=uis,dc=edu,dc=co'
);

// No crear una cuenta para usuario si la cuenta existe en LDAP pero no en mediawiki
// Default: false.
$wgLDAPDisableAutoCreate = array(
  'GridUIS' => true
);

Last version:

File: /var/www/mediawiki-folder/
# LDAP
require_once "$IP/extensions/LdapAuthentication/LdapAuthentication.php";
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array("GridUIS");
$wgLDAPServerNames = array("GridUIS" => "192.168.66.5");
$wgLDAPUseLocal = true;
$wgLDAPEncryptionType = array("GridUIS" => "clear");
# $wgLDAPPort = array('GridUIS' => 389);
$wgLDAPProxyAgent = array("GridUIS" => "cn=nss,ou=admin,dc=uis,dc=edu,dc=co");
$wgLDAPProxyAgentPassword = array("GridUIS" => "griduis2o14sant");
$wgLDAPSearchAttributes = array("GridUIS" => "uid");
$wgLDAPBaseDNs = array("GridUIS" => "dc=uis,dc=edu,dc=co");
# To pull e-mail address from LDAP
$wgLDAPPreferences = array("GridUIS" => array( "email" => "mail"));
$wgLDAPDebug = 3;
//$wgLDAPDebug = 4; //for debugging LDAP
$wgDebugLogGroups["ldap"] = "$IP/extensions/LdapAuthentication/perrito.log" ;
# aparte
$wgShowExceptionDetails = true; //for debugging MediaWiki
$wgDebugLogFile = "/var/log/mediawiki/debug-{$wgDBname}.log";