From f1c6d780adefc9dac5fa7747ef8a291bff2241ca Mon Sep 17 00:00:00 2001 From: Dominic Ricottone Date: Wed, 11 Nov 2020 16:42:39 -0500 Subject: [PATCH] initial commit with unvendored files --- .gitignore | 2 + Dockerfile | 19 +++++ Makefile | 16 ++++ README.md | 48 +++++++++++ docker-compose.yml | 24 ++++++ moinmoin/moin.wsgi | 49 +++++++++++ moinmoin/uwsgi.ini | 15 ++++ moinmoin/wikiconfig.py | 185 +++++++++++++++++++++++++++++++++++++++++ nginx/moinmoin.conf | 24 ++++++ nginx/uwsgi_params | 17 ++++ 10 files changed, 399 insertions(+) create mode 100644 .gitignore create mode 100644 Dockerfile create mode 100644 Makefile create mode 100644 README.md create mode 100644 docker-compose.yml create mode 100644 moinmoin/moin.wsgi create mode 100644 moinmoin/uwsgi.ini create mode 100644 moinmoin/wikiconfig.py create mode 100644 nginx/moinmoin.conf create mode 100644 nginx/uwsgi_params diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..da63913 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +build/* + diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..c1bfc48 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,19 @@ + +# Alpine Linux removed uwsgi-python in v3.11 +FROM alpine:3.10 + +RUN apk add python uwsgi uwsgi-python + +COPY build/moin-1.9.11/setup.py /var/moin/install +COPY build/moin-1.9.11/wiki /var/moin/wiki +COPY moinmoin/* /var/moin/wiki/ + +RUN find /var/moin -type d -exec chmod 775 {} \; \ + && find /var/moin -type f -exec chmod 664 {} \; \ + && chown www-data:www-data /var/moin -R +RUN cd /var/moin/install && python setup.py install --record=install.log + +EXPOSE 9000 +WORKDIR /var/moin +CMD /usr/sbin/uwsgi --ini /var/moin/uwsgi.ini + diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..f31a3ae --- /dev/null +++ b/Makefile @@ -0,0 +1,16 @@ +UPSTREAM_URL_MOIN="http://static.moinmo.in/files/moin-1.9.11.tar.gz" +UPSTREAM_URL_SIG="http://static.moinmo.in/files/moin-1.9.11.tar.gz.asc" +UPSTREAM_SHA256="02be31d55f39d4fe0c6253df8b49e01b76d095634cbd1b56d185f66e1e0c3cf5" +UPSTREAM_GPG="FAF7B393" + +clean: + rm -f build/* + +download: + curl ${UPSTREAM_URL_MOIN} --output build/moin.tar.gz + curl ${UPSTREAM_URL_SIG} --output build/moin.tar.gz.asc + echo "${UPSTREAM_SHA256} build/moin.tar.gz" | sha256sum --check + gpg --keyserver keys.gnupg.net --recv-key ${UPSTREAM_GPG} + gpg --verify build/moin.tar.gz.asc build/moin.tar.gz + tar xzf build/moin.tar.gz --directory build/ + diff --git a/README.md b/README.md new file mode 100644 index 0000000..8b410f3 --- /dev/null +++ b/README.md @@ -0,0 +1,48 @@ +# docker-moin + +Deploy a moinmoin wiki using Docker. + +## Setup + +In `nginx/moinmoin.conf`, configure the server name (`s/example.com/your_domain_name_here/g`). + +In `moinmoin/wikiconfig.py`, configure the wiki name (`s/Untitled Wiki/your_wiki_name_here`). Also configure the security section to suit your needs. + +{{{ + # Security ---------------------------------------------------------- + + # This is checked by some rather critical and potentially harmful actions, + # like despam or PackageInstaller action: + superuser = [u"your_name_here"] + + # Some actions are by default only enabled for superusers and disabled + # for everybody else. + # 'newaccount' is one of these (used to let visitors create new accounts). + # You can create wiki users on the shell by using "moin account create". + # A superuser also can use "Settings" -> "Switch user" to create users. + # If you need the newaccount action for everybody (e.g. to create your + # very first [superuser] account), you can (temporarily) enable it: + #actions_superuser = multiconfig.DefaultConfig.actions_superuser[:] + #actions_superuser.remove('newaccount') + + # IMPORTANT: grant yourself admin rights! replace YourName with + # your user name. See HelpOnAccessControlLists for more help. + # All acl_rights_xxx options must use unicode [Unicode] + acl_rights_before = u"your_name_here:read,write,delete,revert,admin" + + # This is the default ACL that applies to pages without an ACL. + # Adapt it to your needs, consider using an EditorGroup. + acl_rights_default = u"Trusted:read,write,delete,revert Known:read,write,delete,revert All:read" + + # The default (ENABLED) password_checker will keep users from choosing too + # short or too easy passwords. If you don't like this and your site has + # rather low security requirements, feel free to DISABLE the checker by: + #password_checker = None # None means "don't do any password strength checks" + + # Link spam protection for public wikis (Uncomment to enable) + # Needs a reliable internet connection. + #from MoinMoin.security.antispam import SecurityPolicy +}}} + +The web server will be accessible on port 8080. + diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..86d1323 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,24 @@ +version: '3.7' +services: + web: + container_name: moin-nginx + image: nginx:stable-alpine + volumes: + - nginx:/etc/nginx/conf.d:ro + networks: + - backend + ports: + - 8080:80 + + app: + container_name: moin-uwsgi + build: . + volumes: + - /var/moin:/var/moin/wiki/data + networks: + - backend + +networks: + backend: + name: moin-net + diff --git a/moinmoin/moin.wsgi b/moinmoin/moin.wsgi new file mode 100644 index 0000000..1fa3928 --- /dev/null +++ b/moinmoin/moin.wsgi @@ -0,0 +1,49 @@ +# -*- coding: iso-8859-1 -*- +""" + MoinMoin - mod_wsgi driver script + + To use this, add those statements to your Apache's VirtualHost definition: + + # you will invoke your moin wiki at the root url, like http://servername/FrontPage: + WSGIScriptAlias / /some/path/moin.wsgi + + # create some wsgi daemons - use someuser.somegroup same as your data_dir: + WSGIDaemonProcess daemonname user=someuser group=somegroup processes=5 threads=10 maximum-requests=1000 umask=0007 + + # use the daemons we defined above to process requests! + WSGIProcessGroup daemonname + + @copyright: 2008 by MoinMoin:ThomasWaldmann + @license: GNU GPL, see COPYING for details. +""" + +import sys, os + +# a) Configuration of Python's code search path +# If you already have set up the PYTHONPATH environment variable for the +# stuff you see below, you don't need to do a1) and a2). + +# a1) Path of the directory where the MoinMoin code package is located. +# Needed if you installed with --prefix=PREFIX or you didn't use setup.py. +#sys.path.insert(0, 'PREFIX/lib/python2.7/site-packages') + +# a2) Path of the directory where wikiconfig.py / farmconfig.py is located. +# See wiki/config/... for some sample config files. +#sys.path.insert(0, '/path/to/wikiconfigdir') +#sys.path.insert(0, '/path/to/farmconfigdir') + +# b) Configuration of moin's logging +# If you have set up MOINLOGGINGCONF environment variable, you don't need this! +# You also don't need this if you are happy with the builtin defaults. +# See wiki/config/logging/... for some sample config files. +#from MoinMoin import log +#log.load_config('/path/to/logging_configuration_file') + +from MoinMoin.web.serving import make_application + +# Creating the WSGI application +# use shared=True to have moin serve the builtin static docs +# use shared=False to not have moin serve static docs +# use shared='/my/path/to/htdocs' to serve static docs from that path +application = make_application(shared=True) + diff --git a/moinmoin/uwsgi.ini b/moinmoin/uwsgi.ini new file mode 100644 index 0000000..b18370a --- /dev/null +++ b/moinmoin/uwsgi.ini @@ -0,0 +1,15 @@ +[uwsgi] +uid = www-data +gid = www-data +socket = :9000 +plugin = python + +chdir = /var/moin/wiki +wsgi-file = /var/moin/wiki/moin.wsgi + +master +workers = 3 +max-requests = 200 +harakiri = 60 +die-on-term + diff --git a/moinmoin/wikiconfig.py b/moinmoin/wikiconfig.py new file mode 100644 index 0000000..c5731aa --- /dev/null +++ b/moinmoin/wikiconfig.py @@ -0,0 +1,185 @@ +# -*- coding: iso-8859-1 -*- +# IMPORTANT! This encoding (charset) setting MUST be correct! If you live in a +# western country and you don't know that you use utf-8, you probably want to +# use iso-8859-1 (or some other iso charset). If you use utf-8 (a Unicode +# encoding) you MUST use: coding: utf-8 +# That setting must match the encoding your editor uses when you modify the +# settings below. If it does not, special non-ASCII chars will be wrong. + +""" + MoinMoin - Configuration for a single wiki + + If you run a single wiki only, you can omit the farmconfig.py config + file and just use wikiconfig.py - it will be used for every request + we get in that case. + + Note that there are more config options than you'll find in + the version of this file that is installed by default; see + the module MoinMoin.config.multiconfig for a full list of names and their + default values. + + Also, the URL http://moinmo.in/HelpOnConfiguration has + a list of config options. + + ** Please do not use this file for a wiki farm. Use the sample file + from the wikifarm directory instead! ** +""" + +import os + +from MoinMoin.config import multiconfig, url_prefix_static + + +class Config(multiconfig.DefaultConfig): + + # Critical setup --------------------------------------------------- + + # Directory containing THIS wikiconfig: + wikiconfig_dir = os.path.abspath(os.path.dirname(__file__)) + + # We assume that this config file is located in the instance directory, like: + # instance_dir/ + # wikiconfig.py + # data/ + # underlay/ + # If that's not true, feel free to just set instance_dir to the real path + # where data/ and underlay/ is located: + #instance_dir = '/where/ever/your/instance/is' + instance_dir = wikiconfig_dir + + # Where your own wiki pages are (make regular backups of this directory): + data_dir = os.path.join(instance_dir, 'data', '') # path with trailing / + + # Where system and help pages are (you may exclude this from backup): + data_underlay_dir = os.path.join(instance_dir, 'underlay', '') # path with trailing / + + # The URL prefix we use to access the static stuff (img, css, js). + # Note: moin runs a static file server at url_prefix_static path (relative + # to the script url). + # If you run your wiki script at the root of your site (/), just do NOT + # use this setting and it will automatically work. + # If you run your wiki script at /mywiki, you need to use this: + #url_prefix_static = '/mywiki' + url_prefix_static + + + # Wiki identity ---------------------------------------------------- + + # Site name, used by default for wiki name-logo [Unicode] + sitename = u'Untitled Wiki' + + # Wiki logo. You can use an image, text or both. [Unicode] + # For no logo or text, use '' - the default is to show the sitename. + # See also url_prefix setting below! + logo_string = u'MoinMoin Logo' % url_prefix_static + + # name of entry page / front page [Unicode], choose one of those: + + # a) if most wiki content is in a single language + #page_front_page = u"MyStartingPage" + + # b) if wiki content is maintained in many languages + #page_front_page = u"FrontPage" + + # The interwiki name used in interwiki links + #interwikiname = u'UntitledWiki' + # Show the interwiki name (and link it to page_front_page) in the Theme, + # nice for farm setups or when your logo does not show the wiki's name. + #show_interwiki = 1 + + + # Security ---------------------------------------------------------- + + # This is checked by some rather critical and potentially harmful actions, + # like despam or PackageInstaller action: + #superuser = [u"YourName", ] + + # Some actions are by default only enabled for superusers and disabled + # for everybody else. + # 'newaccount' is one of these (used to let visitors create new accounts). + # You can create wiki users on the shell by using "moin account create". + # A superuser also can use "Settings" -> "Switch user" to create users. + # If you need the newaccount action for everybody (e.g. to create your + # very first [superuser] account), you can (temporarily) enable it: + #actions_superuser = multiconfig.DefaultConfig.actions_superuser[:] + #actions_superuser.remove('newaccount') + + # IMPORTANT: grant yourself admin rights! replace YourName with + # your user name. See HelpOnAccessControlLists for more help. + # All acl_rights_xxx options must use unicode [Unicode] + #acl_rights_before = u"YourName:read,write,delete,revert,admin" + + # This is the default ACL that applies to pages without an ACL. + # Adapt it to your needs, consider using an EditorGroup. + #acl_rights_default = u"Trusted:read,write,delete,revert Known:read All:read" + + # The default (ENABLED) password_checker will keep users from choosing too + # short or too easy passwords. If you don't like this and your site has + # rather low security requirements, feel free to DISABLE the checker by: + #password_checker = None # None means "don't do any password strength checks" + + # Link spam protection for public wikis (Uncomment to enable) + # Needs a reliable internet connection. + #from MoinMoin.security.antispam import SecurityPolicy + + + # Mail -------------------------------------------------------------- + + # Configure to enable subscribing to pages (disabled by default) + # or sending forgotten passwords. + + # SMTP server, e.g. "mail.provider.com" (None to disable mail) + #mail_smarthost = "" + + # The return address, e.g u"Jürgen Wiki " [Unicode] + #mail_from = u"" + + # "user pwd" if you need to use SMTP AUTH + #mail_login = "" + + + # User interface ---------------------------------------------------- + + # Add your wikis important pages at the end. It is not recommended to + # remove the default links. Leave room for user links - don't use + # more than 6 short items. + # You MUST use Unicode strings here, but you need not use localized + # page names for system and help pages, those will be used automatically + # according to the user selected language. [Unicode] + navi_bar = [ + # If you want to show your page_front_page here: + #u'%(page_front_page)s', + u'RecentChanges', + u'FindPage', + u'HelpContents', + ] + + # The default theme anonymous or new users get + theme_default = 'modernized' + + + # Language options -------------------------------------------------- + + # See http://moinmo.in/ConfigMarket for configuration in + # YOUR language that other people contributed. + + # The main wiki language, set the direction of the wiki pages + language_default = 'en' + + # the following regexes should match the complete name when used in free text + # the group 'all' shall match all, while the group 'key' shall match the key only + # e.g. CategoryFoo -> group 'all' == CategoryFoo, group 'key' == Foo + # moin's code will add ^ / $ at beginning / end when needed + # You must use Unicode strings here [Unicode] + page_category_regex = ur'(?PCategory(?P(?!Template)\S+))' + page_dict_regex = ur'(?P(?P\S+)Dict)' + page_group_regex = ur'(?P(?P\S+)Group)' + page_template_regex = ur'(?P(?P\S+)Template)' + + # Content options --------------------------------------------------- + + # Show users hostnames in RecentChanges + show_hosts = 1 + + # Enable graphical charts, requires gdchart. + #chart_options = {'width': 600, 'height': 300} + diff --git a/nginx/moinmoin.conf b/nginx/moinmoin.conf new file mode 100644 index 0000000..76a4de5 --- /dev/null +++ b/nginx/moinmoin.conf @@ -0,0 +1,24 @@ +server { + listen 80 default_server; + listen [::]:80 default_server; + server_name _; + return 404; +} + +server { + listen 80; + listen [::]:80; + server_name example.com; + + location / { + include /etc/nginx/conf.d/uwsgi_params; + uwsgi_pass app:9000; + uwsgi_modifier1 30; + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } +} + diff --git a/nginx/uwsgi_params b/nginx/uwsgi_params new file mode 100644 index 0000000..090b93d --- /dev/null +++ b/nginx/uwsgi_params @@ -0,0 +1,17 @@ +uwsgi_param QUERY_STRING $query_string; +uwsgi_param REQUEST_METHOD $request_method; +uwsgi_param CONTENT_TYPE $content_type; +uwsgi_param CONTENT_LENGTH $content_length; + +uwsgi_param REQUEST_URI $request_uri; +uwsgi_param PATH_INFO $document_uri; +uwsgi_param DOCUMENT_ROOT $document_root; +uwsgi_param SERVER_PROTOCOL $server_protocol; +uwsgi_param REQUEST_SCHEME $scheme; +uwsgi_param HTTPS $https if_not_empty; + +uwsgi_param REMOTE_ADDR $remote_addr; +uwsgi_param REMOTE_PORT $remote_port; +uwsgi_param SERVER_PORT $server_port; +uwsgi_param SERVER_NAME $server_name; + -- 2.45.2