~dricottone/docker-moinmoin19

0e57c36ebc25d243a07af0d186c410f1eeb63ea3 — Dominic Ricottone 4 years ago f1c6d78
minor vendoring
3 files changed, 20 insertions(+), 3 deletions(-)

M README.md
M moinmoin/moin.wsgi
M moinmoin/wikiconfig.py
M README.md => README.md +17 -0
@@ 2,6 2,7 @@

Deploy a moinmoin wiki using Docker.


## Setup

In `nginx/moinmoin.conf`, configure the server name (`s/example.com/your_domain_name_here/g`).


@@ 46,3 47,19 @@ In `moinmoin/wikiconfig.py`, configure the wiki name (`s/Untitled Wiki/your_wiki

The web server will be accessible on port 8080.


## Security

The stable release of moinmoin (v1.9) is written for python2. It is a complex
(i.e. multiple vendored libraries), web-facing (i.e. interprets and executes
user input) service. There have been high-risk CVE's as recently as November
2020 (see CVE-2020-15275).

Python 2.7 is unsupported as of January 2020.

Alpine Linux v3.10 (the last to support critical python2 dependencies) receives
security fixes only and will reach end of life in November 2021.

Good luck.



M moinmoin/moin.wsgi => moinmoin/moin.wsgi +1 -1
@@ 29,7 29,7 @@ import sys, os

# a2) Path of the directory where wikiconfig.py / farmconfig.py is located.
#     See wiki/config/... for some sample config files.
#sys.path.insert(0, '/path/to/wikiconfigdir')
sys.path.insert(0, '/var/moin/wiki')
#sys.path.insert(0, '/path/to/farmconfigdir')

# b) Configuration of moin's logging

M moinmoin/wikiconfig.py => moinmoin/wikiconfig.py +2 -2
@@ 110,12 110,12 @@ class Config(multiconfig.DefaultConfig):

    # This is the default ACL that applies to pages without an ACL.
    # Adapt it to your needs, consider using an EditorGroup.
    #acl_rights_default = u"Trusted:read,write,delete,revert Known:read All:read"
    acl_rights_default = u"Trusted:read,write,delete,revert Known:read,write,delete,revert All:read"

    # The default (ENABLED) password_checker will keep users from choosing too
    # short or too easy passwords. If you don't like this and your site has
    # rather low security requirements, feel free to DISABLE the checker by:
    #password_checker = None # None means "don't do any password strength checks"
    password_checker = None

    # Link spam protection for public wikis (Uncomment to enable)
    # Needs a reliable internet connection.