Text Blame History Raw


The CentOS wiki is a place where people can contribute to some documentation/howtos and SIGs are also (some of them) write quick tutorials on how to install packages, etc

The wiki engine is moin and is packaged and built through infra SIG tags

The ansible-role-moin ansible role is used to deploy/update/modify the existing wiki.

Worth knowing that on the CentOS Wiki, the default ACL is to forbid people to write content : that measure that to be taken some years ago to fight against spammers.

So the way to request edit permissions on the Wiki is to

  • register an account (wiki isn't tied to central SSO for now)
  • send a mail to centos-docs list and ask edit right

Some trusted users are added (through ansible) in the admins list, or directly in the Edit group (in moin) to have access everywhere.

Fighting with spammers

As all wiki instances, ours is also attracting bots/spammers, adding really heavy load. To fight against that , some measures are in place :

  • using the surge module option in moin (search for moin_surge_* settings in ansible) to limit number of requests one could do at the wiki level
  • using iptables/ipset lists to block some known bots/ip ranges (see the ansible-role-iptables and the ipset lists defined at the host_vars level for that host
  • Tuning the wsgi processes/threads at the apache level
  • using the mod_qos apache module to also block requests


Like for other roles, the ansible-role-moin one includes the centos-backup role, so backing up daily the wiki data/instance, that is pulled from central backup server, itself rotating and exporting to another site/DC the rotated pool