Book creator ( disable )

Meza/flow

From Freephile Wiki
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Create Wiki[edit]

Creating a wiki in Meza now prompts for the Admin account password. The password is validated against MediaWiki password guidelines[1]. Promptless mode can generate secure passwords automatically. Previously, an Admin account was only created for the 'demo' wiki.

# Interactive mode (will prompt for wiki details and admin password)
meza create wiki monolith

# Non-interactive with provided password
meza create wiki-promptless monolith testwiki "Test Wiki" "SecureP@ssw0rd123!"

# Non-interactive with auto-generated password
meza create wiki-promptless monolith testwiki "Test Wiki"

There was a lot to make this happen. Even after completing logic and features, I still received [Errno 25] Inappropriate ioctl for device during create wiki execution. The error occurred because the ansible.builtin.pause module in create-admin-account.yml was trying to prompt for input in a non-interactive environment. When meza_shell_exec runs Ansible playbooks with stdout=subprocess.PIPE, it breaks the TTY connection needed for interactive prompts.

1. Updated create-wiki.yml playbook to collect the admin password upfront using vars_prompt:

  • Added admin_password to the vars_prompt section
  • This works because vars_prompt runs before the subprocess redirection happens
  • Added proper password requirements documentation in the prompt

2. Updated create-admin-account.yml tasks to use the pre-collected password:

  • Removed the problematic ansible.builtin.pause module
  • Changed validation and creation tasks to use the admin_password variable instead of admin_password_prompt.user_input
  • Kept all the MediaWiki password requirement validation

3. Enhanced create-wiki-promptless.yml to support admin passwords:

  • Updated to accept an optional admin_password parameter

4. Updated meza.py CLI to handle the new admin password parameter:

  • Added secure password generation when password not provided
  • Updated documentation and examples

Note that it is the verify-wiki role that owns/includes the create-admin-account tasks. The password prompt is done separately (earlier) and passed as a variable.

Import wiki SQL[edit]

This is the flow in import-wiki-sql.yml:

  1. Database gets imported (community.mysql.mysql_db with state: import)
  2. created_new_wiki fact gets set
  3. update.php role runs (which interacts with the database)
  4. create-admin-account.yml is included

Under the previous problematic logic, the database manipulation in step 3 would change the perception of whether the wiki is "new" or not.

Analysis: meza deploy vs meza create wiki[edit]

meza deploy flow (from site.yml):[edit]

  1. Bootstrap and setup (localhost, all servers)
  2. Infrastructure roles (load balancers, app servers, memcached, database, elasticsearch, etc.)
  3. MediaWiki role (app_servers) - This is where the core symlink is created
    • Includes the "Create symlink to core, to enable short urls" task
    • Runs on ALL wikis in list_of_wikis
    • Tagged with latest

meza create wiki flow (from create-wiki-wrapper):[edit]

  1. Sync configurations
  2. configure-wiki role - Adds wiki to configuration (doesn't create the database)
  3. Re-sync configs
  4. verify-wiki role - Sets up individual wiki (database, uploads, directories)
  5. Search index rebuild

The problem: The create wiki flow never runs the mediawiki role, so the core symlink creation task is never executed for new wikis.

Creating symlinks to core for short URLs[edit]

Create wiki was not working completely because symlinks were missing. The symlinks to core get made in the mediawiki role, which doesn't get included at all in the create wiki flow. I was thinking of moving the symlink task to verify-wiki, but ended up putting the task in two places because these flows are pretty distinct.

During meza deploy:[edit]

  • mediawiki role creates symlinks for ALL wikis first
  • Then verify-wiki is called for each wiki (but doesn't need to create symlinks since they already exist)

During meza create wiki:[edit]

  • verify-wiki is called for the new wiki only
  • create-wiki-wrapper needs to create the symlink (since the mediawiki role is not included - and including it would add a lot of overhead to 'create wiki').

So the new implementation is correct:

  • mediawiki role: Bulk symlink creation for all wikis during full deployment
  • create-wiki-wrapper: Individual symlink creation for single wiki creation
  • verify-wiki: Focuses on database, uploads, and directory verification (no symlinks)

The symlink creation happens at different stages depending on the workflow, which is why both are needed.

ToDo[edit]

  1. Put the password entry in a loop until it passes validation instead of failing the play (many steps later!)
  2. in meza.py write_create_wiki_log is better than write_deploy_wiki_log, and the two functions should be merged

Notes[edit]

When meza.py uses meza_shell_exec to run commands, it's running with redirected stdout/stderr for logging purposes, which breaks the interactive pause module of Ansible. subprocess.Popen with stdout=subprocess.PIPE breaks the TTY connection needed for interactive prompts. The ansible.builtin.pause module needs access to the real terminal to prompt for input. So, don't use 'pause' to wait for a prompt. Instead, use vars_prompt like create-wiki

  1. https://meta.wikimedia.org/wiki/Password_policy

Uniform Resource Locator = an address of a web page or other component, including the protocol.

Retrieved from "https://wiki.freephile.org/wiki/index.php?title=Meza/flow&oldid=12496"
Powered by QualityBox
Powered by Semantic MediaWiki