Talk:Requests for comment/Configuration database 2

DefaultSettings.json?

 * Context: In an IRC conversation, ^d suggested turning DefaultSettings.php, which becomes a huge metadata file, into a JSON file

^demon, I thought about this a bit and don't think it'll work. The defaults need to be backend-independent, which means it can't be JSON. Legoktm (talk) 03:22, 9 November 2013 (UTC)
 * We do a lot of stuff like after extract globals:

and there even are some hooks and such written into WMF common settings, like SkinCopyrightFooter to set the CC-0 license for Wikidata data namespaces. Important that there is a way to do this stuff in a new system. Aude (talk) 10:12, 20 November 2013 (UTC)
 * Okay looks like maybe that hook is not actually used but there are numerous such hooks for specific things. Aude (talk) 10:17, 20 November 2013 (UTC)

All configuration settings? I hope not.
There are a lot of configuration settings that really don't need to be messed with by anyone except sysadmins. For example, there's no possibility that on-wiki configuring of $wgScriptPath is going to make any sense. A lot of other settings have security or performance implications that are not necessarily obvious. Personally, I think I'd rather see a whitelist of configuration settings that can be managed via this mechanism rather than an assumption that things will be managed this way by default. And that whitelist would, of course, not be able to whitelist itself. Anomie (talk) 15:15, 20 November 2013 (UTC)
 * IMO everything that can technically be configurable on-wiki should be. The user rights are flexible enough so that if a preference shouldn't be messed with by an administrator, then just restrict the rights so it can't be touched by anyone not in the 'sysadmin' group. I think it will be important to come up with sane defaults for a simple MediaWiki installation. Legoktm (talk) 18:22, 20 November 2013 (UTC)
 * Before we can proceed, do we need a list of what config settings would be available, by default, to be edited by which user groups, or is it enough if we can agree on some basic principles that will guide this default-setting process? For starters, how about saying that the ones listed at Manual:List of MediaWiki configuration settings containing sensitive data will not even be viewable by anyone but the site owner? The site owner should be in a group that doesn't yet exist, above even bureaucrats. Maybe it's time to bring back the old "developer" group. The developers would be at the top of the hierarchy. Leucosticte (talk) 18:31, 20 November 2013 (UTC)