schmonz/Apache with Kerberos

## Apache with Kerberos
<VirtualHost *:80>
        ServerName wiki.example.com
        DocumentRoot /home/wiki/html
        UserDir /home/wiki/html/users

        <Location />
                Require all granted
        </Location>

        ErrorLog "|/usr/pkg/sbin/rotatelogs /u0/log/httpd/wiki-error 86400"
        CustomLog "|/usr/pkg/sbin/rotatelogs /u0/log/httpd/wiki-access 86400" combined

        # we let people read by http, but search/edit/etc. is https-only
        RedirectPermanent \
                /cgi-bin/ikiwiki        https://wiki.example.com/cgi-bin/ikiwiki
        RedirectPermanent \
                /auth/ikiwiki           https://wiki.example.com/auth/ikiwiki
</VirtualHost>

<VirtualHost *:443>
        SSLEngine on

        ServerName wiki.example.com
        DocumentRoot /home/wiki/html
        UserDir /home/wiki/html/users

        <Location />
                Require all granted
        </Location>

        # for cvsweb
        Alias /icons/ /usr/pkg/share/httpd/icons/

        ScriptAlias /cgi-bin/ /home/wiki/cgi/
        ScriptAlias /auth/ /home/wiki/auth/
        <Location /auth/ikiwiki>
                AuthType Kerberos
                AuthName "ExampleCom Web Authentication"
                KrbServiceName "HTTP/wiki.example.com"
                Krb5Keytab "/usr/pkg/etc/httpd/wiki.kt"
                KrbLocalUserMapping on
                Require valid-user
        </Location>

        ErrorLog "|/usr/pkg/sbin/rotatelogs /u0/log/httpd/wiki-ssl-error 86400"
        CustomLog "|/usr/pkg/sbin/rotatelogs /u0/log/httpd/wiki-ssl-access 86400" combined
</VirtualHost>

## Ikiwiki with httpauth
#!/usr/pkg/bin/perl
# Setup file for ikiwiki.
#
# Passing this to ikiwiki --setup will make ikiwiki generate
# wrappers and build the wiki.
#
# Remember to re-run ikiwiki --setup any time you edit this file.

use IkiWiki::Setup::Standard {
        # name of the wiki
        wikiname => 'ExampleCom Wiki',
        # contact email for wiki
        adminemail => 'www@example.com',
        # users who are wiki admins
        adminuser => [qw(
                schmonz
        )],
        # users who are banned from the wiki
        banned_users => [],
        # where the source of the wiki is located
        srcdir => '/home/wiki/wikisrc',
        # where to build the wiki
        destdir => '/home/wiki/html',
        # base url to the wiki
        url => 'https://wiki.example.com',
        # url to the ikiwiki.cgi
        cgiurl => 'https://wiki.example.com/cgi-bin/ikiwiki',
        cgiauthurl => 'https://wiki.example.com/auth/ikiwiki',
        # filename of cgi wrapper to generate
        cgi_wrapper => '/home/wiki/cgi/ikiwiki',
        # mode for cgi_wrapper (can safely be made suid)
        cgi_wrappermode => '06755',
        # rcs backend to use
        rcs => 'cvs',
        # plugins to add to the default configuration
        add_plugins => [qw{
                aggregate
                blogspam
                calendar
                color
                comments
                cutpaste
                editdiff
                edittemplate
                favicon
                format
                getsource
                goodstuff
                highlight
                httpauth
                inline
                localstyle
                map
                openid
                prettydate
                recentchangesdiff
                relativedate
                remove
                rename
                search
                sidebar
                table
                tag
                testpagespec
                version
        }],
        # plugins to disable
        disable_plugins => [qw{
                passwordauth
                repolist
        }],
        # location of template files
        #templatedir => '/home/wiki/wikitemplates',
        # base wiki source location
        underlaydir => '/usr/pkg/share/ikiwiki/basewiki',
        # display verbose messages?
        #verbose => 1,
        # log to syslog?
        #syslog => 1,
        # create output files named page/index.html?
        usedirs => 1,
        # use '!'-prefixed preprocessor directives?
        prefix_directives => 1,
        # use page/index.mdwn source files
        indexpages => 0,
        # enable Discussion pages?
        discussion => 1,
        # only send cookies over SSL connections?
        sslcookie => 0,
        # extension to use for new pages
        default_pageext => 'mdwn',
        # extension to use for html files
        htmlext => 'html',
        # strftime format string to display date
        timeformat => '%c',
        # UTF-8 locale to use
        #locale => 'en_US.UTF-8',
        # put user pages below specified page
        userdir => 'users',
        # how many backlinks to show before hiding excess (0 to show all)
        numbacklinks => 10,
        # attempt to hardlink source files? (optimisation for large files)
        hardlink => 0,
        # force ikiwiki to use a particular umask
        umask => 002,
        # group for wrappers to run in
        wrappergroup => 'example',
        # extra library and plugin directory
        libdir => '/home/wiki/perl',
        # environment variables
        ENV => {},
        # regexp of source files to ignore
        #exclude => '\\.wav$',
        exclude => '\\.core$',
        # specifies the characters that are allowed in source filenames
        wiki_file_chars => '-[:alnum:]+/.:_',
        # allow symlinks in the path leading to the srcdir (potentially insecure)
        allow_symlinks_before_srcdir => 0,

        # aggregate plugin
        # enable aggregation to internal pages?
        #aggregateinternal => 1,
        # allow aggregation to be triggered via the web?
        #aggregate_webtrigger => 0,

        # anonok plugin
        # PageSpec to limit which pages anonymous users can edit
        #anonok_pagespec => '*/Discussion',

        # attachment plugin
        # enhanced PageSpec specifying what attachments are allowed
        #allowed_attachments => 'virusfree() and mimetype(image/*) and maxsize(50kb)',
        #allowed_attachments => 'mimetype(image/*) and maxsize(400kb)',

        # virus checker program (reads STDIN, returns nonzero if virus found)
        #virus_checker => 'clamdscan -',

        # blogspam plugin
        # PageSpec of pages to check for spam
        blogspam_pagespec => 'postcomment(*)',
        # options to send to blogspam server
        #blogspam_options => 'blacklist=1.2.3.4,blacklist=8.7.6.5,max-links=10',
        #blogspam_options => 'whitelist=69.203.118.245',
        # blogspam server XML-RPC url
        #blogspam_server => '',

        # bzr plugin
        # bzr post-commit hook to generate
        #bzr_wrapper => '',
        # mode for bzr_wrapper (can safely be made suid)
        #bzr_wrappermode => '06755',
        # url to show file history, using loggerhead ([[file]] substituted)
        #historyurl => '',
        # url to view a diff, using loggerhead ([[file]] and [[r2]] substituted)
        #diffurl => 'http://example.com/revision?start_revid=[[r2]]#[[file]]-s',

        # calendar plugin
        # base of the archives hierarchy
        #archivebase => 'archives',

        # camelcase plugin
        # list of words to not turn into links
        #camelcase_ignore => [],

        # comments plugin
        # PageSpec of pages where comments are allowed
        #comments_pagespec => 'blog/* and !*/Discussion',
        comments_pagespec => '*',
        # PageSpec of pages where posting new comments is not allowed
        #comments_closed_pagespec => 'blog/controversial or blog/flamewar',
        # Base name for comments, e.g. "comment_" for pages like "sandbox/comment_12"
        #comments_pagename => '',
        # Interpret directives in comments?
        #comments_allowdirectives => 0,
        # Allow anonymous commenters to set an author name?
        #comments_allowauthor => 0,
        # commit comments to the VCS
        #comments_commit => 1,

        # cvs plugin
        # cvs repository location
        cvsrepo => '/home/wiki/cvsroot',
        # path inside repository where the wiki is located
        cvspath => 'wikisrc',
        # cvs post-commit hook to generate (triggered by CVSROOT/loginfo entry
        cvs_wrapper => '/home/wiki/cvsroot/CVSROOT/post-commit',
        # mode for cvs_wrapper (can safely be made suid)
        cvs_wrappermode => '04755',
        # cvsweb url to show file history ([[file]] substituted)
        historyurl => 'https://wiki.example.com/cgi-bin/cvsweb/wikisrc/[[file]]',
        # cvsweb url to show a diff ([[file]], [[r1]], and [[r2]] substituted)
        diffurl => 'https://wiki.example.com/cgi-bin/cvsweb/wikisrc/[[file]].diff?r1=text&amp;tr1=[[r1]]&amp;r2=text&amp;tr2=[[r2]];f=h',

        # darcs plugin
        # wrapper to generate (set as master repo apply hook)
        #darcs_wrapper => '/darcs/repo/_darcs/ikiwiki-wrapper',
        # mode for darcs_wrapper (can safely be made suid)
        #darcs_wrappermode => '06755',
        # darcsweb url to show file history ([[file]] substituted)
        #historyurl => 'http://darcs.example.com/darcsweb.cgi?r=wiki;a=filehistory;f=[[file]]',
        # darcsweb url to show a diff ([[hash]] and [[file]] substituted)
        #diffurl => 'http://darcs.example.com/darcsweb.cgi?r=wiki;a=filediff;h=[[hash]];f=[[file]]',

        # git plugin
        # git hook to generate
        #git_wrapper => '/git/wiki.git/hooks/post-update',
        # mode for git_wrapper (can safely be made suid)
        #git_wrappermode => '06755',
        # git pre-receive hook to generate
        #git_test_receive_wrapper => '/git/wiki.git/hooks/pre-receive',
        # unix users whose commits should be checked by the pre-receive hook
        #untrusted_committers => [],
        # gitweb url to show file history ([[file]] substituted)
        #historyurl => 'http://git.example.com/gitweb.cgi?p=wiki.git;a=history;f=[[file]]',
        # gitweb url to show a diff ([[file]], [[sha1_to]], [[sha1_from]], [[sha1_commit]], and [[sha1_parent]] substituted)
        #diffurl => 'http://git.example.com/gitweb.cgi?p=wiki.git;a=blobdiff;f=[[file]];h=[[sha1_to]];hp=[[sha1_from]];hb=[[sha1_commit]];hpb=[[sha1_parent]]',
        # where to pull and push changes (set to empty string to disable)
        #gitorigin_branch => 'origin',
        # branch that the wiki is stored in
        #gitmaster_branch => 'master',

        # highlight plugin
        # types of source files to syntax highlight
        #tohighlight => '.c .h .cpp .pl .py Makefile:make',
        tohighlight => '.c .h .cpp .pl .py Makefile:make .diff:diff',
        #filetypes_conf => '/usr/pkg/etc/highlight/filetypes.conf',
        #langdefdir => '/usr/pkg/share/highlight/langDefs',

        # htmlscrubber plugin
        # PageSpec specifying pages not to scrub
        #htmlscrubber_skip => '!*/Discussion',

        # inline plugin
        # enable rss feeds by default?
        rss => 1,
        # enable atom feeds by default?
        atom => 1,
        # allow rss feeds to be used?
        #allowrss => 0,
        # allow atom feeds to be used?
        #allowatom => 0,
        # urls to ping (using XML-RPC) on feed update
        pingurl => [],

        # listdirectives plugin
        # directory in srcdir that contains directive descriptions
        #directive_description_dir => 'ikiwiki/directive',

        # lockedit plugin
        # PageSpec controlling which pages are locked
        #locked_pages => '!*/Discussion',
        #httpauth_pagespec => "!(Discussion or */Discussion or users/*)",
        # httpauth_pagespec => "!(Discussion or */Discussion)",
        httpauth_pagespec => "!postcomment(*)",


        # mdwn plugin
        # enable multimarkdown features?
        #multimarkdown => 0,

        # mercurial plugin
        # mercurial post-commit hook to generate
        #mercurial_wrapper => '',
        # mode for mercurial_wrapper (can safely be made suid)
        #mercurial_wrappermode => '06755',
        # url to hg serve'd repository, to show file history ([[file]] substituted)
        #historyurl => 'http://example.com:8000/log/tip/[[file]]',
        # url to hg serve'd repository, to show diff ([[file]] and [[r2]] substituted)
        #diffurl => 'http://localhost:8000/?fd=[[r2]];file=[[file]]',

        # mirrorlist plugin
        # list of mirrors
        #mirrorlist => {},

        # openid plugin
        # an url where users can signup for an OpenID
        #openidsignup => 'http://myopenid.com/',

        # passwordauth plugin
        # a password that must be entered when signing up for an account
        #account_creation_password => 's3cr1t',
        # cost of generating a password using Authen::Passphrase::BlowfishCrypt
        #password_cost => 8,

        # pinger plugin
        # how many seconds to try pinging before timing out
        #pinger_timeout => 15,

        # prettydate plugin
        # format to use to display date
        #prettydateformat => '%X, %B %o, %Y',

        # recentchanges plugin
        # name of the recentchanges page
        recentchangespage => 'recentchanges',
        # number of changes to track
        recentchangesnum => 100,

        # repolist plugin
        # URIs of repositories containing the wiki's source
        #repositories => [qw{svn://svn.example.org/wiki/trunk}],

        # search plugin
        # path to the omega cgi program
        omega_cgi => '/usr/pkg/libexec/cgi-bin/xapian-omega',

        # svn plugin
        # subversion repository location
        #svnrepo => '/svn/wiki',
        # path inside repository where the wiki is located
        #svnpath => 'trunk',
        # svn post-commit hook to generate
        #svn_wrapper => '/svn/wikirepo/hooks/post-commit',
        # mode for svn_wrapper (can safely be made suid)
        #svn_wrappermode => '04755',
        # viewvc url to show file history ([[file]] substituted)
        #historyurl => 'http://svn.example.org/trunk/[[file]]',
        # viewvc url to show a diff ([[file]], [[r1]], and [[r2]] substituted)
        #diffurl => 'http://svn.example.org/trunk/[[file]]?root=wiki&amp;r1=[[r1]]&amp;r2=[[r2]]',

        # tag plugin
        # parent page tags are located under
        #tagbase => 'tag',

        # teximg plugin
        # Should teximg use dvipng to render, or dvips and convert?
        #teximg_dvipng => '',
        # LaTeX prefix for teximg plugin
        #teximg_prefix => '\\documentclass{article}
        #\\usepackage{amsmath}
        #\\usepackage{amsfonts}
        #\\usepackage{amssymb}
        #\\pagestyle{empty}
        #\\begin{document}
        #',
        # LaTeX postfix for teximg plugin
        #teximg_postfix => '\\end{document}',

        # tla plugin
        # tla post-commit hook to generate
        #tla_wrapper => '',
        # mode for tla_wrapper (can safely be made suid)
        #tla_wrappermode => '06755',
        # url to show file history ([[file]] substituted)
        #historyurl => '',
        # url to show a diff ([[file]] and [[rev]] substituted)
        #diffurl => '',

        # underlay plugin
        # extra underlay directories to add
        #add_underlays => '',

        # websetup plugin
        # list of plugins that cannot be enabled/disabled via the web interface
        #websetup_force_plugins => [],
        # show unsafe settings, read-only, in web interface?
        #websetup_show_unsafe => 1,
}
	<VirtualHost *:80>
	ServerName wiki.example.com
	DocumentRoot /home/wiki/html
	UserDir /home/wiki/html/users

	<Location />
	Require all granted
	</Location>

	ErrorLog "\|/usr/pkg/sbin/rotatelogs /u0/log/httpd/wiki-error 86400"
	CustomLog "\|/usr/pkg/sbin/rotatelogs /u0/log/httpd/wiki-access 86400" combined

	# we let people read by http, but search/edit/etc. is https-only
	RedirectPermanent \
	/cgi-bin/ikiwiki https://wiki.example.com/cgi-bin/ikiwiki
	RedirectPermanent \
	/auth/ikiwiki https://wiki.example.com/auth/ikiwiki
	</VirtualHost>

	<VirtualHost *:443>
	SSLEngine on

	ServerName wiki.example.com
	DocumentRoot /home/wiki/html
	UserDir /home/wiki/html/users

	<Location />
	Require all granted
	</Location>

	# for cvsweb
	Alias /icons/ /usr/pkg/share/httpd/icons/

	ScriptAlias /cgi-bin/ /home/wiki/cgi/
	ScriptAlias /auth/ /home/wiki/auth/
	<Location /auth/ikiwiki>
	AuthType Kerberos
	AuthName "ExampleCom Web Authentication"
	KrbServiceName "HTTP/wiki.example.com"
	Krb5Keytab "/usr/pkg/etc/httpd/wiki.kt"
	KrbLocalUserMapping on
	Require valid-user
	</Location>

	ErrorLog "\|/usr/pkg/sbin/rotatelogs /u0/log/httpd/wiki-ssl-error 86400"
	CustomLog "\|/usr/pkg/sbin/rotatelogs /u0/log/httpd/wiki-ssl-access 86400" combined
	</VirtualHost>
	#!/usr/pkg/bin/perl
	# Setup file for ikiwiki.
	#
	# Passing this to ikiwiki --setup will make ikiwiki generate
	# wrappers and build the wiki.
	#
	# Remember to re-run ikiwiki --setup any time you edit this file.

	use IkiWiki::Setup::Standard {
	# name of the wiki
	wikiname => 'ExampleCom Wiki',
	# contact email for wiki
	adminemail => 'www@example.com',
	# users who are wiki admins
	adminuser => [qw(
	schmonz
	)],
	# users who are banned from the wiki
	banned_users => [],
	# where the source of the wiki is located
	srcdir => '/home/wiki/wikisrc',
	# where to build the wiki
	destdir => '/home/wiki/html',
	# base url to the wiki
	url => 'https://wiki.example.com',
	# url to the ikiwiki.cgi
	cgiurl => 'https://wiki.example.com/cgi-bin/ikiwiki',
	cgiauthurl => 'https://wiki.example.com/auth/ikiwiki',
	# filename of cgi wrapper to generate
	cgi_wrapper => '/home/wiki/cgi/ikiwiki',
	# mode for cgi_wrapper (can safely be made suid)
	cgi_wrappermode => '06755',
	# rcs backend to use
	rcs => 'cvs',
	# plugins to add to the default configuration
	add_plugins => [qw{
	aggregate
	blogspam
	calendar
	color
	comments
	cutpaste
	editdiff
	edittemplate
	favicon
	format
	getsource
	goodstuff
	highlight
	httpauth
	inline
	localstyle
	map
	openid
	prettydate
	recentchangesdiff
	relativedate
	remove
	rename
	search
	sidebar
	table
	tag
	testpagespec
	version
	}],
	# plugins to disable
	disable_plugins => [qw{
	passwordauth
	repolist
	}],
	# location of template files
	#templatedir => '/home/wiki/wikitemplates',
	# base wiki source location
	underlaydir => '/usr/pkg/share/ikiwiki/basewiki',
	# display verbose messages?
	#verbose => 1,
	# log to syslog?
	#syslog => 1,
	# create output files named page/index.html?
	usedirs => 1,
	# use '!'-prefixed preprocessor directives?
	prefix_directives => 1,
	# use page/index.mdwn source files
	indexpages => 0,
	# enable Discussion pages?
	discussion => 1,
	# only send cookies over SSL connections?
	sslcookie => 0,
	# extension to use for new pages
	default_pageext => 'mdwn',
	# extension to use for html files
	htmlext => 'html',
	# strftime format string to display date
	timeformat => '%c',
	# UTF-8 locale to use
	#locale => 'en_US.UTF-8',
	# put user pages below specified page
	userdir => 'users',
	# how many backlinks to show before hiding excess (0 to show all)
	numbacklinks => 10,
	# attempt to hardlink source files? (optimisation for large files)
	hardlink => 0,
	# force ikiwiki to use a particular umask
	umask => 002,
	# group for wrappers to run in
	wrappergroup => 'example',
	# extra library and plugin directory
	libdir => '/home/wiki/perl',
	# environment variables
	ENV => {},
	# regexp of source files to ignore
	#exclude => '\\.wav$',
	exclude => '\\.core$',
	# specifies the characters that are allowed in source filenames
	wiki_file_chars => '-[:alnum:]+/.:_',
	# allow symlinks in the path leading to the srcdir (potentially insecure)
	allow_symlinks_before_srcdir => 0,

	# aggregate plugin
	# enable aggregation to internal pages?
	#aggregateinternal => 1,
	# allow aggregation to be triggered via the web?
	#aggregate_webtrigger => 0,

	# anonok plugin
	# PageSpec to limit which pages anonymous users can edit
	#anonok_pagespec => '*/Discussion',

	# attachment plugin
	# enhanced PageSpec specifying what attachments are allowed
	#allowed_attachments => 'virusfree() and mimetype(image/*) and maxsize(50kb)',
	#allowed_attachments => 'mimetype(image/*) and maxsize(400kb)',

	# virus checker program (reads STDIN, returns nonzero if virus found)
	#virus_checker => 'clamdscan -',

	# blogspam plugin
	# PageSpec of pages to check for spam
	blogspam_pagespec => 'postcomment(*)',
	# options to send to blogspam server
	#blogspam_options => 'blacklist=1.2.3.4,blacklist=8.7.6.5,max-links=10',
	#blogspam_options => 'whitelist=69.203.118.245',
	# blogspam server XML-RPC url
	#blogspam_server => '',

	# bzr plugin
	# bzr post-commit hook to generate
	#bzr_wrapper => '',
	# mode for bzr_wrapper (can safely be made suid)
	#bzr_wrappermode => '06755',
	# url to show file history, using loggerhead ([[file]] substituted)
	#historyurl => '',
	# url to view a diff, using loggerhead ([[file]] and [[r2]] substituted)
	#diffurl => 'http://example.com/revision?start_revid=[[r2]]#[[file]]-s',

	# calendar plugin
	# base of the archives hierarchy
	#archivebase => 'archives',

	# camelcase plugin
	# list of words to not turn into links
	#camelcase_ignore => [],

	# comments plugin
	# PageSpec of pages where comments are allowed
	#comments_pagespec => 'blog/* and !*/Discussion',
	comments_pagespec => '*',
	# PageSpec of pages where posting new comments is not allowed
	#comments_closed_pagespec => 'blog/controversial or blog/flamewar',
	# Base name for comments, e.g. "comment_" for pages like "sandbox/comment_12"
	#comments_pagename => '',
	# Interpret directives in comments?
	#comments_allowdirectives => 0,
	# Allow anonymous commenters to set an author name?
	#comments_allowauthor => 0,
	# commit comments to the VCS
	#comments_commit => 1,

	# cvs plugin
	# cvs repository location
	cvsrepo => '/home/wiki/cvsroot',
	# path inside repository where the wiki is located
	cvspath => 'wikisrc',
	# cvs post-commit hook to generate (triggered by CVSROOT/loginfo entry
	cvs_wrapper => '/home/wiki/cvsroot/CVSROOT/post-commit',
	# mode for cvs_wrapper (can safely be made suid)
	cvs_wrappermode => '04755',
	# cvsweb url to show file history ([[file]] substituted)
	historyurl => 'https://wiki.example.com/cgi-bin/cvsweb/wikisrc/[[file]]',
	# cvsweb url to show a diff ([[file]], [[r1]], and [[r2]] substituted)
	diffurl => 'https://wiki.example.com/cgi-bin/cvsweb/wikisrc/[[file]].diff?r1=text&tr1=[[r1]]&r2=text&tr2=[[r2]];f=h',

	# darcs plugin
	# wrapper to generate (set as master repo apply hook)
	#darcs_wrapper => '/darcs/repo/_darcs/ikiwiki-wrapper',
	# mode for darcs_wrapper (can safely be made suid)
	#darcs_wrappermode => '06755',
	# darcsweb url to show file history ([[file]] substituted)
	#historyurl => 'http://darcs.example.com/darcsweb.cgi?r=wiki;a=filehistory;f=[[file]]',
	# darcsweb url to show a diff ([[hash]] and [[file]] substituted)
	#diffurl => 'http://darcs.example.com/darcsweb.cgi?r=wiki;a=filediff;h=[[hash]];f=[[file]]',

	# git plugin
	# git hook to generate
	#git_wrapper => '/git/wiki.git/hooks/post-update',
	# mode for git_wrapper (can safely be made suid)
	#git_wrappermode => '06755',
	# git pre-receive hook to generate
	#git_test_receive_wrapper => '/git/wiki.git/hooks/pre-receive',
	# unix users whose commits should be checked by the pre-receive hook
	#untrusted_committers => [],
	# gitweb url to show file history ([[file]] substituted)
	#historyurl => 'http://git.example.com/gitweb.cgi?p=wiki.git;a=history;f=[[file]]',
	# gitweb url to show a diff ([[file]], [[sha1_to]], [[sha1_from]], [[sha1_commit]], and [[sha1_parent]] substituted)
	#diffurl => 'http://git.example.com/gitweb.cgi?p=wiki.git;a=blobdiff;f=[[file]];h=[[sha1_to]];hp=[[sha1_from]];hb=[[sha1_commit]];hpb=[[sha1_parent]]',
	# where to pull and push changes (set to empty string to disable)
	#gitorigin_branch => 'origin',
	# branch that the wiki is stored in
	#gitmaster_branch => 'master',

	# highlight plugin
	# types of source files to syntax highlight
	#tohighlight => '.c .h .cpp .pl .py Makefile:make',
	tohighlight => '.c .h .cpp .pl .py Makefile:make .diff:diff',
	#filetypes_conf => '/usr/pkg/etc/highlight/filetypes.conf',
	#langdefdir => '/usr/pkg/share/highlight/langDefs',

	# htmlscrubber plugin
	# PageSpec specifying pages not to scrub
	#htmlscrubber_skip => '!*/Discussion',

	# inline plugin
	# enable rss feeds by default?
	rss => 1,
	# enable atom feeds by default?
	atom => 1,
	# allow rss feeds to be used?
	#allowrss => 0,
	# allow atom feeds to be used?
	#allowatom => 0,
	# urls to ping (using XML-RPC) on feed update
	pingurl => [],

	# listdirectives plugin
	# directory in srcdir that contains directive descriptions
	#directive_description_dir => 'ikiwiki/directive',

	# lockedit plugin
	# PageSpec controlling which pages are locked
	#locked_pages => '!*/Discussion',
	#httpauth_pagespec => "!(Discussion or /Discussion or users/)",
	# httpauth_pagespec => "!(Discussion or */Discussion)",
	httpauth_pagespec => "!postcomment(*)",


	# mdwn plugin
	# enable multimarkdown features?
	#multimarkdown => 0,

	# mercurial plugin
	# mercurial post-commit hook to generate
	#mercurial_wrapper => '',
	# mode for mercurial_wrapper (can safely be made suid)
	#mercurial_wrappermode => '06755',
	# url to hg serve'd repository, to show file history ([[file]] substituted)
	#historyurl => 'http://example.com:8000/log/tip/[[file]]',
	# url to hg serve'd repository, to show diff ([[file]] and [[r2]] substituted)
	#diffurl => 'http://localhost:8000/?fd=[[r2]];file=[[file]]',

	# mirrorlist plugin
	# list of mirrors
	#mirrorlist => {},

	# openid plugin
	# an url where users can signup for an OpenID
	#openidsignup => 'http://myopenid.com/',

	# passwordauth plugin
	# a password that must be entered when signing up for an account
	#account_creation_password => 's3cr1t',
	# cost of generating a password using Authen::Passphrase::BlowfishCrypt
	#password_cost => 8,

	# pinger plugin
	# how many seconds to try pinging before timing out
	#pinger_timeout => 15,

	# prettydate plugin
	# format to use to display date
	#prettydateformat => '%X, %B %o, %Y',

	# recentchanges plugin
	# name of the recentchanges page
	recentchangespage => 'recentchanges',
	# number of changes to track
	recentchangesnum => 100,

	# repolist plugin
	# URIs of repositories containing the wiki's source
	#repositories => [qw{svn://svn.example.org/wiki/trunk}],

	# search plugin
	# path to the omega cgi program
	omega_cgi => '/usr/pkg/libexec/cgi-bin/xapian-omega',

	# svn plugin
	# subversion repository location
	#svnrepo => '/svn/wiki',
	# path inside repository where the wiki is located
	#svnpath => 'trunk',
	# svn post-commit hook to generate
	#svn_wrapper => '/svn/wikirepo/hooks/post-commit',
	# mode for svn_wrapper (can safely be made suid)
	#svn_wrappermode => '04755',
	# viewvc url to show file history ([[file]] substituted)
	#historyurl => 'http://svn.example.org/trunk/[[file]]',
	# viewvc url to show a diff ([[file]], [[r1]], and [[r2]] substituted)
	#diffurl => 'http://svn.example.org/trunk/[[file]]?root=wiki&r1=[[r1]]&r2=[[r2]]',

	# tag plugin
	# parent page tags are located under
	#tagbase => 'tag',

	# teximg plugin
	# Should teximg use dvipng to render, or dvips and convert?
	#teximg_dvipng => '',
	# LaTeX prefix for teximg plugin
	#teximg_prefix => '\\documentclass{article}
	#\\usepackage{amsmath}
	#\\usepackage{amsfonts}
	#\\usepackage{amssymb}
	#\\pagestyle{empty}
	#\\begin{document}
	#',
	# LaTeX postfix for teximg plugin
	#teximg_postfix => '\\end{document}',

	# tla plugin
	# tla post-commit hook to generate
	#tla_wrapper => '',
	# mode for tla_wrapper (can safely be made suid)
	#tla_wrappermode => '06755',
	# url to show file history ([[file]] substituted)
	#historyurl => '',
	# url to show a diff ([[file]] and [[rev]] substituted)
	#diffurl => '',

	# underlay plugin
	# extra underlay directories to add
	#add_underlays => '',

	# websetup plugin
	# list of plugins that cannot be enabled/disabled via the web interface
	#websetup_force_plugins => [],
	# show unsafe settings, read-only, in web interface?
	#websetup_show_unsafe => 1,
	}