Manual:Shared database

From mediawiki.org

This page provides a brief overview of using shared databases in MediaWiki. Most of the information here should work with a plain installation of MediaWiki (no extensions). Any extension requirements are noted. Note that this is designed around MySQL databases. Support for SQLite was added in MediaWiki 1.17. Support for PostgreSQL was added in MediaWiki 1.19. Other database engines may not support shared databases in this way.

Caution! Caution: This guide assumes that you are either starting your wikis from scratch, or are transitioning from one wiki to multiple. This does not cover "merging" user tables nor a Wikimedia-style set up (with a global user table and local user tables) using CentralAuth .
Caution! Caution: Renameuser is currently incompatible with $wgSharedDB. See phab:T104830.

Basics[edit]

Shared databases are configured with 3 main global Configuration variables in your LocalSettings.php:

Depending on your needs and environment, you may not need to use all of these.

The simplest setup: A shared user table[edit]

A shared user table can be used to have multiple wikis that have shared user registrations, so that users need only sign up to one wiki.

$wgSharedDB = 'mainwiki'; # The $wgDBname for the wiki database holding the main user table
$wgSharedTables[] = 'actor';
$wgSharedPrefix = 'm_'; # The $wgDBprefix for the database. Defaults to the prefix of the current wiki if not specified

By default, $wgSharedTables contains the user and user_properties tables. Adding 'actor' to it is planned.

If you have two wikis, and you create different users on both, and then start sharing the actor table later, things do break because the user id that was referenced in the local actor table is not the same user id being referenced in the shared actor table. This ends up causing confusion and data corruption in many places, in more or less subtle ways. Unfortunately, there is also a bug that breaks login for new users on wikis with shared user tables but separate actor tables. Suggestion: For the reason mentioned above, it is advisable to share tables (especially user tables) right after creating a new wiki. Before any users get created or edits are made.

Database permissions[edit]

The MySQL user of the shared wiki must have at least SELECT and UPDATE permissions for the main wiki user tables. If you use different MySQL users for each wiki, you will need to grant additional permissions to the shared wiki user as specified in that wiki's $wgDBuser setting. For those who use shared hosting, note that this is possible at some but not all providers. Granting permissions can be performed using MySQL commands similar to the following:

grant select, update on mainwiki.user to 'sharedwikiuser'@'localhost';
grant select, update on mainwiki.user_properties to 'sharedwikiuser'@'localhost';

This will allow your wiki to read users from the main table, and also update the tables, which happens whenever a user logs in.

Sharing sessions[edit]

For up to date information on sessions in MediaWiki 1.27 and later, see SessionManager and AuthManager.

To share login sessions between your wikis, set $wgCookieDomain to include all subdomains under your root domain. For example, if you have the sites en.example.com, fr.example.com and pool.example.com, set:

$wgCookieDomain = '.example.com';

Upgrading[edit]

As of MediaWiki 1.21, when upgrading MediaWiki from the web installer, $wgSharedTables must be temporarily removed from LocalSettings.php during upgrade. Otherwise, the shared tables are not touched at all (neither tables with $wgSharedPrefix, nor those with $wgDBprefix), which may lead to a failed upgrade.

When upgrading from the command line, running the update.php script, you need to use the --doshared parameter for the script to upgrade the shared tables.

In MediaWiki 1.24 the default password type for MediaWiki has been changed from MD5 to PBKDF2, and passwords hashes will automatically be updated as users log in. To prevent this from happening until all wikis are upgraded, set $wgPasswordDefault to 'B' on all wikis, and remove it on all wikis when they have been upgraded to ensure a stronger encryption is used.

Sharing more tables[edit]

You can share tables other than the user table, but be careful when doing so. If a table contains any data specific to one wiki, sharing may cause problems. Note that each of the subsections here assume that you are also sharing the user table. Whenever adding other tables, be sure to either append to the array ($var[] = 'value') or include the user table in the new array definition.

The ipblocks table[edit]

$wgSharedTables[] = 'ipblocks';

By sharing the ipblocks table, you can have "global blocks" so that a block on one wiki will block the user or IP on all other wikis using the shared database.

Caveats[edit]

There can be some minor issues when sharing the ipblocks table:

  • The ipb_reason field is set as the "reason" on Special:Block when blocking a user. When a blocked user sees the "You are blocked" message, this is parsed as wikitext, and links are parsed on Special:BlockList, you will need to make sure when blocking a user that the message makes sense on all wikis.
  • Block logs will not be shared (sharing the logging table is not recommended).

The user_groups table[edit]

$wgSharedTables[] = 'user_groups';

Sharing the user_groups table will allow you to have global user groups.

Caveats[edit]

  • As with the block log, the user rights log is not shared.
  • All user groups will be global. You can work around this somewhat by customizing your user groups. For example, to have admins on one wiki be separate from admins on another, you could do something like the following:
In the config for wiki 1:
$wgGroupPermissions['wiki1_admin'] = $wgGroupPermissions['sysop']; // Copy the default sysop permissions to the new group
unset($wgGroupPermissions['sysop']); // Then remove the default sysop group
$wgGroupPermissions['wiki2_admin'] = array(); // Don't give admins from other wikis any extra rights
In the config for wiki 2:
$wgGroupPermissions['wiki2_admin'] = $wgGroupPermissions['sysop'];
unset($wgGroupPermissions['sysop']);
$wgGroupPermissions['wiki1_admin'] = array();
  • To prevent bureaucrats on one wiki from assigning themselves rights on other wikis that they shouldn't have, you can do a similar configuration to the above, but remove the 'userrights' right that allows them to set any group, and use $wgAddGroups /$wgRemoveGroups instead.

Other tables[edit]

This section covers other tables, with less common reasons to share, as well as which tables not to share.

  • The interwiki table contains mostly static data; it may be useful to share if you have many custom interwikis.
  • The site_stats table could possibly be shared, to aggregate data over all your wikis.
  • By default, the user_properties table is included in the list of shared tables. If your wikis were started using MediaWiki 1.15 or older, you should probably keep this for backward compatibility, as user preferences will be silently automatically migrated from the user table to the user_properties table. Otherwise, you can remove this from the array to allow users to have different preferences on each wiki (if desired)

Most other tables should not be shared, as they include wiki-specific data, typically connections to pages via a pageid or a namespace/title combination. This includes (but is not limited to):

  • Any of the links tables (pagelinks, templatelinks, etc.)
  • The page table
  • The revision table
  • The image table (to have a shared media repository, see $wgForeignFileRepos )

For more details, see Manual:Suitability of tables for sharing

See also[edit]

  • Extension:CentralAuth - A different method to have shared user tables. Used by Wikimedia, and probably the easiest option for merging already-established wikis.
  • Extension:GlobalBlocking - an extension that allows IP addresses to be blocked globally, without sharing other databases. The right to globally block users is separated from the normal 'block' right.
  • Extension:GlobalUserrights - An extension that enables global user groups and allows easy management of them via Special:GlobalUserrights.