-
Notifications
You must be signed in to change notification settings - Fork 30
/
Copy pathconfig.inc.php
239 lines (189 loc) · 8.44 KB
/
config.inc.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
<?php
/******************************************************************************
* Wikipedia Account Creation Assistance tool *
* ACC Development Team. Please see team.json for a list of contributors. *
* *
* This is free and unencumbered software released into the public domain. *
* Please see LICENSE.md for the full licencing statement. *
******************************************************************************/
/**************************************************************************
********** IMPORTANT NOTICE **********
***************************************************************************
** YOU MUST OVERRIDE THE CONFIGURATION IN THIS FILE WITH A LOCAL COPY!!! **
** IT IS VERY IMPORTANT THAT THAT FILE IS CALLED config.local.inc.php **
***************************************************************************/
/*********************************
* Databases and stuff
*/
// Main database location and access details.
$toolserver_username = "";
$toolserver_password = "";
$toolserver_host = "";
$toolserver_database = "";
/**********************************
* File paths etc
*/
$metaWikimediaWebServiceEndpoint = "https://meta.wikimedia.org/w/api.php";
// URL of the current copy of the tool.
$baseurl = "https://accounts.wmflabs.org";
// Set up cookies and session information.
$cookiepath = '/acc/';
$sessionname = 'ACC';
$xff_trusted_hosts_file = '../TrustedXFF/trusted-hosts.txt';
/************************************
* Tool downtime
*/
$dontUseDb = 0; // Disable the tool completely.
$dontUseDbReason = ""; // Reason for disabling the tool.
$dontUseDbCulprit = ""; // Your name, or the person who broke the tool.
/**************************************
* ACCBot IRC bot
*/
$ircBotNotificationsEnabled = 1; // Enable Helpmebot's notifications.
// Name of this instance of the tool.
// This name would be used by the bot as reference point.
$whichami = 'Live';
// AMQP configuration for notifications.
$amqpConfiguration = ['host' => 'localhost', 'port' => 5672, 'user' => 'guest', 'password' => 'guest', 'vhost' => '/', 'exchange' => '', 'tls' => false];
/***************************************
* Email confirmation
*/
// Enable request email confirmation.
$enableEmailConfirm = 1;
// Number of days that are given for a requestor to confirm their email address.
$emailConfirmationExpiryDays = 7;
/**************************************
* Interface registration, interface users, etc.
*/
$allowRegistration = true;
// Force identification to the foundation
$forceIdentification = true;
// Time to cache positive automatic identification results, as a MySQL time interval
$identificationCacheExpiry = "1 DAY";
/************************************
* OAuth Configuration
*/
$oauthConsumerToken = "";
$oauthSecretToken = "";
// Formerly-used OAuth tokens to permit reading identities from
$oauthLegacyTokens = [];
$oauthMediaWikiCanonicalServer = "https://en.wikipedia.org";
$useOauthSignup = true;
$enforceOAuth = false;
// Password for the creation bot when this is used in place of OAuth
$creationBotUsername = '';
$creationBotPassword = '';
/************************************
* Providers Configuration
*/
// IP GeoLocation
// ------------------------
// To set this up, change the class to "IpLocationProvider", and put *your* ipinfodb API key in.
// You'll need to sign up at IpInfoDb.com to get an API key - it's free.
$locationProviderApiKey = null; // ipinfodb api key
/***********************************
* Data clear script
*/
$dataclear_interval = '15 DAY';
/***********************************
* Other stuff that doesn't fit in.
*/
$enableTitleblacklist = 0; // Enable Title Blacklist checks.
// user agent of the tool.
$toolUserAgent = "Wikipedia-ACC Tool/0.1 (+https://accounts.wmflabs.org/internal.php/team)";
// list of squid proxies requests go through.
$squidIpList = array();
// miser mode
$requestLimitShowOnly = 25;
// HSTS expiry - use false to disable header.
$strictTransportSecurityExpiry = false;
// CSP violation report URI
$cspReportUri = null;
// Must be disabled in production.
$enableErrorTrace = false;
$enableCssBreakpoints = false;
// Dangerous.
// Don't set this.
// Definitely don't set this if there's sensitive data stored here you care about such as OAuth credentials.
$curlDisableSSLVerifyPeer = false;
// Change this to be outside the web directory.
$curlCookieJar = __DIR__ . '/../cookies.txt';
$yubicoApiId = 0;
$yubicoApiKey = "";
$totpEncryptionKey = "1234";
// external resource cache epoch value. Bump me to force clients to reload assets
$resourceCacheEpoch = 1;
$commonEmailDomains = ['gmail.com', 'hotmail.com', 'outlook.com'];
// limit for block/drop ban actions
$banMaxIpBlockRange = [4 => 20, 6 => 48];
// limit for *all* ban actions, including block/drop.
$banMaxIpRange = [4 => 16, 6 => 32];
$jobQueueBatchSize = 10;
$emailSender = '[email protected]';
$identificationNoticeboardPage = 'Access to nonpublic personal data policy/Noticeboard';
$identificationNoticeboardApi = $metaWikimediaWebServiceEndpoint;
$acceptClientHints = [];
/**************************************************************************
********** IMPORTANT NOTICE **********
***************************************************************************
** DON'T ADD ANY NEW CONFIGURATION OPTIONS BELOW THIS LINE!!! **
** THEY WILL NOT BE CHANGABLE BY THE LOCAL CONFIGURATION FILE. **
***************************************************************************/
// Retrieving the local configuration file.
require_once('config.local.inc.php');
// Initialise the site configuration object
global $siteConfiguration;
$siteConfiguration->setBaseUrl($baseurl)
->setFilePath(__DIR__)
->setDebuggingTraceEnabled($enableErrorTrace)
->setDebuggingCssBreakpointsEnabled($enableCssBreakpoints)
->setForceIdentification($forceIdentification)
->setIdentificationCacheExpiry($identificationCacheExpiry)
->setMetaWikimediaWebServiceEndpoint($metaWikimediaWebServiceEndpoint)
->setEnforceOAuth($enforceOAuth)
->setEmailConfirmationEnabled($enableEmailConfirm == 1)
->setEmailConfirmationExpiryDays($emailConfirmationExpiryDays)
->setMiserModeLimit($requestLimitShowOnly)
->setSquidList($squidIpList)
->setUseStrictTransportSecurity($strictTransportSecurityExpiry)
->setUserAgent($toolUserAgent)
->setCurlDisableVerifyPeer($curlDisableSSLVerifyPeer)
->setUseOAuthSignup($useOauthSignup)
->setOAuthConsumerToken($oauthConsumerToken)
->setOAuthLegacyConsumerTokens($oauthLegacyTokens)
->setOAuthConsumerSecret($oauthSecretToken)
->setOauthMediaWikiCanonicalServer($oauthMediaWikiCanonicalServer)
->setDataClearInterval($dataclear_interval)
->setXffTrustedHostsFile($xff_trusted_hosts_file)
->setIrcNotificationsEnabled($ircBotNotificationsEnabled == 1)
->setIrcNotificationsInstance($whichami)
->setTitleBlacklistEnabled($enableTitleblacklist == 1)
->setTorExitPaths(array_merge(gethostbynamel('en.wikipedia.org'), gethostbynamel('accounts.wmflabs.org')))
->setCreationBotUsername($creationBotUsername)
->setCreationBotPassword($creationBotPassword)
->setCurlCookieJar($curlCookieJar)
->setYubicoApiId($yubicoApiId)
->setYubicoApiKey($yubicoApiKey)
->setTotpEncryptionKey($totpEncryptionKey)
->setRegistrationAllowed($allowRegistration)
->setCspReportUri($cspReportUri)
->setResourceCacheEpoch($resourceCacheEpoch)
->setLocationProviderApiKey($locationProviderApiKey)
->setCommonEmailDomains($commonEmailDomains)
->setBanMaxIpRange($banMaxIpRange)
->setBanMaxIpBlockRange($banMaxIpBlockRange)
->setJobQueueBatchSize($jobQueueBatchSize)
->setAmqpConfiguration($amqpConfiguration)
->setEmailSender($emailSender)
->setIdentificationNoticeboardPage($identificationNoticeboardPage)
->setIdentificationNoticeboardWebserviceEndpoint($identificationNoticeboardApi)
->setAcceptClientHints($acceptClientHints)
->setOffline(['offline' => $dontUseDb == 1, 'reason' => $dontUseDbReason, 'culprit' => $dontUseDbCulprit])
->setDatabaseConfig([
'datasource' => 'mysql:host=' . $toolserver_host . ';dbname=' . $toolserver_database,
'username' => $toolserver_username,
'password' => $toolserver_password,
])
->setCookiePath($cookiepath)
->setCookieSessionName($sessionname)
;