mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-08-30 15:28:12 +02:00
feat(mediawiki): Refactor OIDC + debug; install Composer deps in-container; modularize role
Discussion: https://chatgpt.com/share/68b10c0a-c308-800f-93ac-2ffb386cf58b - Split tasks into 01_install, 02_debug, 03_admin, 04_extensions, 05_oidc. - Ensure unzip+git+composer on demand in the container; run Composer as www-data with COMPOSER_HOME=/tmp/composer. - Idempotently unpack/install PluggableAuth & OpenIDConnect; run composer install only if vendor/ is missing. - Add sanity check for Jumbojett\OpenIDConnectClient. - Copy oidc.php only when changed and append a single require_once to LocalSettings.php. - Use REL1_44-compatible numeric array for $wgPluggableAuth_Config; set $wgPluggableAuth_ButtonLabelMessage. - Debug: add debug.php that logs to STDERR (visible via docker logs); toggle cleanly with MODE_DEBUG. - Enable OIDC feature in config; add paths/OIDC/extension vars in vars/main.yml. fix(services): include SYS_SERVICE_GROUP_CLEANUP in StartPre lock (ssd-hdd, docker-hard). fix(desktop/joomla): simplify MODE_DEBUG templating. chore: minor cleanups and renames.
This commit is contained in:
45
roles/web-app-mediawiki/tasks/_enable_debug.yml
Normal file
45
roles/web-app-mediawiki/tasks/_enable_debug.yml
Normal file
@@ -0,0 +1,45 @@
|
||||
- name: "Render debug.php locally"
|
||||
template:
|
||||
src: "debug.php.j2"
|
||||
dest: "{{ MEDIAWIKI_CONFIG_DIR }}/debug.php"
|
||||
mode: "0644"
|
||||
|
||||
- name: "Compute local checksum"
|
||||
stat:
|
||||
path: "{{ MEDIAWIKI_CONFIG_DIR }}/debug.php"
|
||||
checksum_algorithm: sha256
|
||||
register: _dbg_local
|
||||
|
||||
- name: "Compute container checksum (if exists)"
|
||||
shell: >
|
||||
docker exec {{ MEDIAWIKI_CONTAINER }} bash -lc
|
||||
"test -f {{ MEDIAWIKI_HTML_DIR }}/debug.php &&
|
||||
sha256sum {{ MEDIAWIKI_HTML_DIR }}/debug.php | awk '{print $1}' || echo MISSING"
|
||||
args: { executable: /bin/bash }
|
||||
register: _dbg_remote
|
||||
changed_when: false
|
||||
|
||||
- name: "Copy debug.php into container only if different"
|
||||
shell: >
|
||||
if [ "{{ (_dbg_remote.stdout | default('') | trim) }}" != "{{ _dbg_local.stat.checksum }}" ]; then
|
||||
docker cp "{{ MEDIAWIKI_CONFIG_DIR }}/debug.php" "{{ MEDIAWIKI_CONTAINER }}:{{ MEDIAWIKI_HTML_DIR }}/debug.php" &&
|
||||
docker exec {{ MEDIAWIKI_CONTAINER }} bash -lc "chown {{ MEDIAWIKI_USER }}:{{ MEDIAWIKI_USER }} {{ MEDIAWIKI_HTML_DIR }}/debug.php && chmod 0644 {{ MEDIAWIKI_HTML_DIR }}/debug.php" &&
|
||||
echo COPIED;
|
||||
fi
|
||||
args: { executable: /bin/bash }
|
||||
register: _dbg_cp
|
||||
changed_when: "'COPIED' in (_dbg_cp.stdout | default(''))"
|
||||
|
||||
- name: "require_once debug.php in LocalSettings.php"
|
||||
shell: |
|
||||
docker exec -u {{ MEDIAWIKI_USER }} {{ MEDIAWIKI_CONTAINER }} bash -lc '
|
||||
LSP={{ MEDIAWIKI_HTML_DIR }}/LocalSettings.php
|
||||
LINE="require_once __DIR__ . '\''/debug.php'\'';"
|
||||
if ! grep -Fqx -- "$LINE" "$LSP"; then
|
||||
printf "%s\n" "$LINE" >> "$LSP"
|
||||
echo ADDED_DEBUG_REQUIRE
|
||||
fi
|
||||
'
|
||||
args: { executable: /bin/bash }
|
||||
register: _dbg_req
|
||||
changed_when: "'ADDED_DEBUG_REQUIRE' in (_dbg_req.stdout | default(''))"
|
Reference in New Issue
Block a user