M README.md => README.md +17 -0
@@ 2,6 2,7 @@
Deploy a moinmoin wiki using Docker.
+
## Setup
In `nginx/moinmoin.conf`, configure the server name (`s/example.com/your_domain_name_here/g`).
@@ 46,3 47,19 @@ In `moinmoin/wikiconfig.py`, configure the wiki name (`s/Untitled Wiki/your_wiki
The web server will be accessible on port 8080.
+
+## Security
+
+The stable release of moinmoin (v1.9) is written for python2. It is a complex
+(i.e. multiple vendored libraries), web-facing (i.e. interprets and executes
+user input) service. There have been high-risk CVE's as recently as November
+2020 (see CVE-2020-15275).
+
+Python 2.7 is unsupported as of January 2020.
+
+Alpine Linux v3.10 (the last to support critical python2 dependencies) receives
+security fixes only and will reach end of life in November 2021.
+
+Good luck.
+
+
M moinmoin/moin.wsgi => moinmoin/moin.wsgi +1 -1
@@ 29,7 29,7 @@ import sys, os
# a2) Path of the directory where wikiconfig.py / farmconfig.py is located.
# See wiki/config/... for some sample config files.
-#sys.path.insert(0, '/path/to/wikiconfigdir')
+sys.path.insert(0, '/var/moin/wiki')
#sys.path.insert(0, '/path/to/farmconfigdir')
# b) Configuration of moin's logging
M moinmoin/wikiconfig.py => moinmoin/wikiconfig.py +2 -2
@@ 110,12 110,12 @@ class Config(multiconfig.DefaultConfig):
# This is the default ACL that applies to pages without an ACL.
# Adapt it to your needs, consider using an EditorGroup.
- #acl_rights_default = u"Trusted:read,write,delete,revert Known:read All:read"
+ acl_rights_default = u"Trusted:read,write,delete,revert Known:read,write,delete,revert All:read"
# The default (ENABLED) password_checker will keep users from choosing too
# short or too easy passwords. If you don't like this and your site has
# rather low security requirements, feel free to DISABLE the checker by:
- #password_checker = None # None means "don't do any password strength checks"
+ password_checker = None
# Link spam protection for public wikis (Uncomment to enable)
# Needs a reliable internet connection.