Major enhancements: Create wiki logging, etc.

"meza create wiki" logging implementation
-----------------------------------------

The new create-wiki logging mirrors the deploy logging architecture with both transactional and processing logs.

Transactional log: /opt/data-meza/logs/create-wiki/create-wiki.log (tracks operations with metadata)
Processing log: /opt/data-meza/logs/create-wiki-output/{env}-{timestamp}.log (captures ansible output)

/opt/data-meza/logs/
├── create-wiki/           # Transactional logs
│   └── create-wiki.log    # Audit trail
└── create-wiki-output/    # Processing logs
    ├── demo-2025-10-29_175734.log
    └── prod-2025-10-29_180234.log

Added two new commands:
sudo meza create-wiki-tail <env>
- tells you what log its tailing and provides a way to check status on the create wiki process in real-time

sudo meza create-wiki-log <env>
- tells you the path of the process log e.g.
/opt/data-meza/logs/create-wiki-output/monolith-2025-10-29_225319.log

Meza.py uses paths from paths.yml
---------------------------------

- Single Source of Truth: All paths defined in paths.yml, easy to maintain
- Removed hardcoded path definitions from meza.py
- Consistency: Python CLI uses same paths as Ansible roles
- Deterministic: No fallbacks, clear failures
- Jinja2 Template Support: variables found in yaml are resolved. {{ m_install }} resolves to 'opt'
- Error Handling: Clear error messages for configuration issues such as paths.yml missing
- new m_logs_create_wiki variable in paths.yml to define the location of the "meza create wiki" log

Verify-wiki enhanced
----------------------

wiki_id and wiki_name (as well as password) are passed by extra_vars in meza.py when it calls create-wiki-promptless playbook.
create-wiki playbook now prompts for Admin password and passes it on to the 'create-admin-account' task list in verify-wiki.

src/roles/verify-wiki/tasks/import-wiki-sql.yml is enhanced with output about wiki creation status

and the set_fact section was improved to clarify what's happening:
- New wiki was created (truly new, not from backup)
- Wiki created but from backup/import
- Wiki already existed

BEFORE the created_new_wiki flag logic was problematic.

Admin Account creation
----------------------

The admin account creation was hardcoded to only work for wikis with wiki_id == "demo"

Removed wiki_id restriction: Changed from when: wiki_id == "demo" to run for any new wiki
Updated prompts: Made the messages generic to work for any wiki name

Fixes Issue #217
Fixes Issue #220

Author: freephile

config/paths.yml

@@ -30,6 +30,7 @@ m_cache_directory: "{{ m_meza_data }}/cache"
 m_tmp: "{{ m_meza_data }}/tmp"
 m_logs: "{{ m_meza_data }}/logs"
 m_logs_deploy: "{{ m_meza_data }}/logs/deploy/deploy.log"
+m_logs_create_wiki: "{{ m_meza_data }}/logs/create-wiki/create-wiki.log"
 
 # uploads dir. This WILL BE OVERIDDEN if multiple app servers are used, and
 # instead will use /opt/data-meza/uploads-gluster to use GlusterFS distributed

src/playbooks/create-wiki-promptless.yml

@@ -2,6 +2,9 @@
 
 - hosts: app_servers
   become: true
+  vars:
+    # admin_password is passed via extra vars from meza.py
+    # wiki_id and wiki_name are also passed via extra vars
   roles:
     - set-vars
     - create-wiki-wrapper

src/playbooks/create-wiki.yml

@@ -3,7 +3,7 @@
 - hosts: app_servers
   become: true
 
-  # prompt for wiki_id and wiki_name
+  # prompt for wiki_id, wiki_name, and admin_password
   vars_prompt:
     - name: "wiki_id"
       prompt: |
@@ -25,6 +25,21 @@
         Type the desired wiki name and press [ENTER]:
       private: false
 
+    - name: "admin_password"
+      prompt: |
+        Creating Admin user for this new wiki.
+
+        MediaWiki Password Requirements:
+        - Minimum 8 characters
+        - Must contain at least one uppercase letter
+        - Must contain at least one lowercase letter  
+        - Must contain at least one number
+        - Must contain at least one special character (!@#$%^&*()_+-=[]{}|;:,.<>?)
+        - Cannot contain spaces
+
+        Enter a secure password for the Admin user:
+      private: true
+
   roles:
     - set-vars
     - create-wiki-wrapper

src/roles/create-wiki-wrapper/tasks/main.yml

@@ -30,6 +30,17 @@
   include_role:
     name: verify-wiki
 
+# Create symlink to core for short urls (from mediawiki role)
+# This is needed for new wikis created individually (not during full deploy)
+- name: Create symlink to core, to enable short urls
+  file:
+    src: "{{ m_mediawiki }}"
+    dest: "{{ m_htdocs }}/{{ wiki_id }}"
+    state: link
+    force: yes
+    owner: "{{ user_apache }}"
+    group: "{{ group_apache }}"
+
 # Wikis are totally built at this point, but search needs rebuilding?
 # Pretty sure this is taken care of in the MedidaWiki role.
 - name: (Re-)build search index for each wiki

src/roles/mediawiki/tasks/main.yml

@@ -513,8 +513,10 @@
     msg: "{{ item }}"
   loop: "{{ list_of_wikis|flatten(levels=1) }}"
 
-# create symlink to core for short urls
-# tag it latest, so that the symlink gets created whenever core is downloaded
+# Create symlink to core for short urls
+# Tag it latest, so that the symlink gets created whenever core is downloaded
+# This essential task is duplicated in the create-wiki-wrapper role for individual
+# wiki creation outside of full deploys.
 - name: Create symlink to core, to enable short urls
   file:
     src: "{{ m_mediawiki }}"

src/roles/verify-wiki/tasks/create-admin-account.yml

@@ -2,26 +2,7 @@
 
 # Renamed the file to create-admin-account.yml since that is its only purpose.
 # This task file is only included when initializing new wikis.
-# Prompt for secure admin password for Demo Wiki
-- name: Prompt for Admin password on Demo Wiki
-  ansible.builtin.pause:
-    prompt: |
-
-      Creating Admin user for Demo Wiki ({{ wiki_id }})
-
-      MediaWiki Password Requirements:
-      - Minimum 8 characters
-      - Must contain at least one uppercase letter
-      - Must contain at least one lowercase letter
-      - Must contain at least one number
-      - Must contain at least one special character (!@#$%^&*()_+-=[]{}|;:,.<>?)
-      - Cannot contain spaces
-
-      Enter a secure password for the Admin user
-    echo: false
-  register: admin_password_prompt
-  run_once: true
-  when: wiki_id == "demo"
+# The admin_password variable is provided by the playbook's vars_prompt
 
 # Validate password meets MediaWiki requirements
 - name: Validate Admin password meets requirements
@@ -31,23 +12,20 @@
       - Must be at least 8 characters long
       - Must contain uppercase, lowercase, number, and special character
       - Cannot contain spaces
-  when:
-    - wiki_id == "demo"
-    - >
-      admin_password_prompt.user_input | length < 8 or
-      admin_password_prompt.user_input is not regex('[A-Z]') or
-      admin_password_prompt.user_input is not regex('[a-z]') or
-      admin_password_prompt.user_input is not regex('[0-9]') or
-      admin_password_prompt.user_input is not regex('[!@#$%^&*()_+\-=\[\]{}|;:,.<>?]') or
-      ' ' in admin_password_prompt.user_input
+  when: >
+    admin_password | length < 8 or
+    admin_password is not regex('[A-Z]') or
+    admin_password is not regex('[a-z]') or
+    admin_password is not regex('[0-9]') or
+    admin_password is not regex('[!@#$%^&*()_+\-=\[\]{}|;:,.<>?]') or
+    ' ' in admin_password
   run_once: true
 
-# Create an admin user for Demo Wiki with the provided secure password
+# Create an admin user for the new wiki with the provided secure password
 # https://www.mediawiki.org/wiki/Manual:CreateAndPromote.php
 # https://meta.wikimedia.org/wiki/Password_policy
-- name: Create Admin user on Demo Wiki
+- name: Create Admin user on new wiki
   ansible.builtin.shell: >
-    WIKI={{ wiki_id | quote }} {{ m_mediawiki | quote }}/maintenance/run createAndPromote --force --sysop --bureaucrat Admin {{ admin_password_prompt.user_input | quote }}
+    WIKI={{ wiki_id | quote }} {{ m_mediawiki | quote }}/maintenance/run createAndPromote --force --sysop --bureaucrat Admin {{ admin_password | quote }}
   run_once: true
-  when: wiki_id == "demo"
   no_log: true

src/roles/verify-wiki/tasks/import-wiki-sql.yml

@@ -74,15 +74,22 @@
 #
 # Set fact if new wiki was created
 #
-- name: SET FACT - New wiki was created
+- name: SET FACT - New wiki was created (truly new, not from backup)
   set_fact:
     created_new_wiki: true
   when: (not wiki_exists) and (not imported_wiki_sql_on_db_master.stat.exists)
-- name: SET FACT - New wiki NOT created
+
+- name: SET FACT - Wiki created but from backup/import
   set_fact:
     created_new_wiki: false
-  # not a "new" wiki if one already existed _or_ an imported SQL file was used
-  when: (wiki_exists) or (imported_wiki_sql_on_db_master.stat.exists)
+    created_from_backup: true
+  when: (not wiki_exists) and (imported_wiki_sql_on_db_master.stat.exists)
+
+- name: SET FACT - Wiki already existed
+  set_fact:
+    created_new_wiki: false
+    created_from_backup: false
+  when: wiki_exists
 
 #
 # Do rebuild scripts (SMW and search index) need to run?
@@ -119,6 +126,16 @@
 #
 # SECTION: init new wiki
 #
+- name: Debug wiki creation status
+  debug:
+    msg: |
+      Wiki creation status for {{ wiki_id }}:
+      - wiki_exists: {{ wiki_exists | default('undefined') }}
+      - imported_wiki_sql_on_db_master.stat.exists: {{ imported_wiki_sql_on_db_master.stat.exists | default('undefined') }}
+      - created_new_wiki: {{ created_new_wiki | default('undefined') }}
+      - created_from_backup: {{ created_from_backup | default('undefined') }}
+      - Will create admin account: {{ created_new_wiki | default(false) }}
+
 - name: "Include create-admin-account.yml for a new (not imported) wiki - {{ wiki_id }}"
   include_tasks: create-admin-account.yml
   when: created_new_wiki