diff --git a/manifests/mediawiki.pp b/manifests/mediawiki.pp
index 0b0607d..002987b 100644
--- a/manifests/mediawiki.pp
+++ b/manifests/mediawiki.pp
@@ -1,142 +1,54 @@
 # Deployment of mediawiki for the Software Heritage intranet
 class profile::mediawiki {
+  $mediawiki_fpm_root = hiera('mediawiki::php::fpm_listen')
+
   $mediawiki_db_user = hiera('mediawiki::mysql::username')
   $mediawiki_db_basename = hiera('mediawiki::mysql::dbname')
   $mediawiki_db_password = hiera('mediawiki::mysql::password')
 
-  $mediawiki_fpm_listen = hiera('mediawiki::php::fpm_listen')
-
   $mediawiki_vhost_name = hiera('mediawiki::vhost::name')
   $mediawiki_vhost_docroot = hiera('mediawiki::vhost::docroot')
-  $mediawiki_vhost_basic_auth_file = "/etc/apache2/mediawiki_http_auth"
   $mediawiki_vhost_basic_auth_content = hiera('mediawiki::vhost::basic_auth_content')
   $mediawiki_vhost_ssl_protocol = hiera('mediawiki::vhost::ssl_protocol')
   $mediawiki_vhost_ssl_honorcipherorder = hiera('mediawiki::vhost::ssl_honorcipherorder')
   $mediawiki_vhost_ssl_cipher = hiera('mediawiki::vhost::ssl_cipher')
   $mediawiki_vhost_hsts_header = hiera('mediawiki::vhost::hsts_header')
 
-  $mediawiki_config = "/etc/mediawiki/LocalSettings_${mediawiki_vhost_name}.php"
-  $mediawiki_config_meta = "/etc/mediawiki/LocalSettings.php"
   $mediawiki_config_secret_key = hiera('mediawiki::conf::secret_key')
   $mediawiki_config_upgrade_key = hiera('mediawiki::conf::upgrade_key')
 
-  $packages = [
-    'mediawiki',
-    'mediawiki-extensions',
-  ]
-
-  package {$packages:
-    ensure => latest,
-  }
-
-  include ::mysql::client
-
-  ::mysql::db {$mediawiki_db_basename:
-    user     => $mediawiki_db_username,
-    password => $mediawiki_db_password,
-    host     => 'localhost',
-    grant    => ['ALL'],
-  }
-
   include ::php::fpm::daemon
 
   ::php::fpm::conf {'mediawiki':
-    listen => $mediawiki_fpm_listen,
+    listen => $mediawiki_fpm_root,
     user   => 'www-data',
   }
 
   include ::profile::ssl
-  include ::apache
-  include ::apache::mod::proxy
-  include ::profile::apache::mod_proxy_fcgi
-
-  ::apache::vhost {"${mediawiki_vhost_name}_non-ssl":
-    servername      => $mediawiki_vhost_name,
-    port            => '80',
-    docroot         => $mediawiki_vhost_docroot,
-    redirect_status => 'permanent',
-    redirect_dest   => "https://${mediawiki_vhost_name}/",
-  }
 
   $ssl_cert_name = 'star_softwareheritage_org'
   $ssl_cert = $::profile::ssl::certificate_paths[$ssl_cert_name]
   $ssl_ca   = $::profile::ssl::ca_paths[$ssl_cert_name]
   $ssl_key  = $::profile::ssl::private_key_paths[$ssl_cert_name]
 
-  ::apache::vhost {"${mediawiki_vhost_name}_ssl":
-    servername           => $mediawiki_vhost_name,
-    port                 => '443',
-    ssl                  => true,
-    ssl_protocol         => $mediawiki_vhost_ssl_protocol,
-    ssl_honorcipherorder => $mediawiki_vhost_ssl_honorcipherorder,
-    ssl_cipher           => $mediawiki_vhost_ssl_cipher,
-    ssl_cert             => $ssl_cert,
-    ssl_ca               => $ssl_ca,
-    ssl_key              => $ssl_key,
-    headers              => [$mediawiki_vhost_hsts_header],
-    docroot              => $mediawiki_vhost_docroot,
-    proxy_pass_match     => [
-      { path => '^/(.*\.php(/.*)?)$',
-        url  => "fcgi://${mediawiki_fpm_listen}${mediawiki_vhost_docroot}/\$1",
-      },
-    ],
-    directories          => [
-      { path           => '/',
-        provider       => 'location',
-        auth_type      => 'Basic',
-        auth_name      => 'Software Heritage development',
-        auth_user_file => $mediawiki_vhost_basic_auth_file,
-        auth_require   => 'valid-user',
-      },
-      { path           => "${mediawiki_vhost_docroot}/config",
-        provider       => 'directory',
-        override       => ['None'],
-      },
-      { path           => "${mediawiki_vhost_docroot}/images",
-        provider       => 'directory',
-        override       => ['None'],
-      },
-      { path           => "${mediawiki_vhost_docroot}/upload",
-        provider       => 'directory',
-        override       => ['None'],
-      },
-    ],
-    require              => [
-      File[$mediawiki_vhost_basic_auth_file],
-      File[$mediawiki_config],
-      File[$mediawiki_config_meta],
-      File[$ssl_cert],
-      File[$ssl_ca],
-      File[$ssl_key],
-    ],
-  }
-
-  file {$mediawiki_vhost_basic_auth_file:
-    ensure  => present,
-    owner   => 'root',
-    group   => 'www-data',
-    mode    => '0640',
-    content => $mediawiki_vhost_basic_auth_content,
-  }
-
-  file {$mediawiki_config_meta:
-    ensure  => present,
-    owner   => 'root',
-    group   => 'www-data',
-    mode    => '0640',
-    # TODO actually use this to generate a proper vhost dispatcher config file
-    # XXX currently LocalSettings.php should be hand maintained when modifying vhosts
-    # content => template('profile/mediawiki/LocalSettings.php.erb'),
-    require => Package['mediawiki'],
-  }
-
-  file {$mediawiki_config:
-    ensure  => present,
-    owner   => 'root',
-    group   => 'www-data',
-    mode    => '0640',
-    content => template('profile/mediawiki/LocalSettings_vhost.php.erb'),
-    require => Package['mediawiki'],
-    notify  => Service['php5-fpm'],
+  include ::mediawiki
+
+  ::mediawiki::instance { $mediawiki_vhost_name:
+    vhost_docroot              => $mediawiki_vhost_docroot,
+    vhost_fpm_root             => $mediawiki_fpm_root,
+    vhost_basic_auth           => $mediawiki_vhost_basic_auth_content,
+    vhost_ssl_protocol         => $mediawiki_vhost_ssl_protocol,
+    vhost_ssl_honorcipherorder => $mediawiki_vhost_ssl_honorcipherorder,
+    vhost_ssl_cipher           => $mediawiki_vhost_ssl_cipher,
+    vhost_ssl_cert             => $ssl_cert,
+    vhost_ssl_ca               => $ssl_ca,
+    vhost_ssl_key              => $ssl_key,
+    vhost_ssl_hsts_header      => $mediawiki_vhost_hsts_header,
+    db_user                    => $mediawiki_db_user,
+    db_basename                => $mediawiki_db_basename,
+    db_host                    => 'localhost',
+    db_password                => $mediawiki_db_password,
+    secret_key                 => $mediawiki_config_secret_key,
+    upgrade_key                => $mediawiki_config_upgrade_key,
   }
 }
diff --git a/templates/mediawiki/LocalSettings.php.erb b/templates/mediawiki/LocalSettings.php.erb
deleted file mode 100644
index 4196791..0000000
--- a/templates/mediawiki/LocalSettings.php.erb
+++ /dev/null
@@ -1,12 +0,0 @@
-<?php
-# This file is managed by puppet. Local modifications will be overwritten.
-
-	switch ( $_SERVER["SERVER_NAME"] ) {
-		case "intranet.softwareheritage.org":
-			require_once "LocalSettings_intranet.softwareheritage.org.php";
-			break;
- 
-		default:
-			echo "This wiki is not available. Check server configuration.";
-			exit( 0 );
-	}
diff --git a/templates/mediawiki/LocalSettings_vhost.php.erb b/templates/mediawiki/LocalSettings_vhost.php.erb
deleted file mode 100644
index 71172cb..0000000
--- a/templates/mediawiki/LocalSettings_vhost.php.erb
+++ /dev/null
@@ -1,161 +0,0 @@
-<?php
-# This file is managed by puppet. Local modifications will be overwritten.
-#
-# This file was automatically generated by the MediaWiki 1.19.20+dfsg-0+deb7u3
-# installer. If you make manual changes, please keep track in case you
-# need to recreate them later.
-#
-# See includes/DefaultSettings.php for all configurable settings
-# and their default values, but don't forget to make changes in _this_
-# file, not there.
-#
-# Further documentation for configuration settings may be found at:
-# http://www.mediawiki.org/wiki/Manual:Configuration_settings
-
-# Protect against web entry
-if ( !defined( 'MEDIAWIKI' ) ) {
-	exit;
-}
-
-## Uncomment this to disable output compression
-# $wgDisableOutputCompression = true;
-
-$wgSitename      = "SoftwareHeritage";
-
-## The URL base path to the directory containing the wiki;
-## defaults for all runtime URL paths are based off of this.
-## For more information on customizing the URLs please see:
-## http://www.mediawiki.org/wiki/Manual:Short_URL
-$wgScriptPath       = "";
-$wgScriptExtension  = ".php";
-
-## The protocol and server name to use in fully-qualified URLs
-$wgServer           = "https://<%= @mediawiki_vhost_name %>";
-
-## The relative URL path to the skins directory
-$wgStylePath        = "$wgScriptPath/skins";
-
-## The relative URL path to the logo.  Make sure you change this from the default,
-## or else you'll overwrite your logo when you upgrade!
-$wgLogo             = "/images/b/b2/Swh-logo.png";
-$wgFavicon          = "/images/b/b2/Swh-logo.png";
-
-## UPO means: this is also a user preference option
-
-$wgEnableEmail      = true;
-$wgEnableUserEmail  = true; # UPO
-
-$wgEmergencyContact = "info@softwareheritage.org";
-$wgPasswordSender   = "info@softwareheritage.org";
-
-$wgEnotifUserTalk      = true; # UPO
-$wgEnotifWatchlist     = true; # UPO
-$wgEmailAuthentication = true;
-
-## Database settings
-$wgDBtype           = "mysql";
-$wgDBserver         = "localhost";
-$wgDBname           = "<%= @mediawiki_db_basename %>";
-$wgDBuser           = "<%= @mediawiki_db_user %>";
-$wgDBpassword       = "<%= @mediawiki_db_password %>";
-
-# MySQL specific settings
-$wgDBprefix         = "";
-
-# MySQL table options to use during installation or update
-$wgDBTableOptions   = "ENGINE=InnoDB, DEFAULT CHARSET=binary";
-
-# Experimental charset support for MySQL 5.0.
-$wgDBmysql5 = false;
-
-## Shared memory settings
-$wgMainCacheType    = CACHE_NONE;
-$wgMemCachedServers = array();
-
-## To enable image uploads, make sure the 'images' directory
-## is writable, then set this to true:
-$wgEnableUploads  = true;
-$wgUseImageMagick = true;
-$wgImageMagickConvertCommand = "/usr/bin/convert";
-
-# InstantCommons allows wiki to use images from http://commons.wikimedia.org
-$wgUseInstantCommons  = false;
-
-## If you use ImageMagick (or any other shell command) on a
-## Linux server, this will need to be set to the name of an
-## available UTF-8 locale
-$wgShellLocale = "en_US.utf8";
-
-## If you want to use image uploads under safe mode,
-## create the directories images/archive, images/thumb and
-## images/temp, and make them all writable. Then uncomment
-## this, if it's not already uncommented:
-#$wgHashedUploadDirectory = false;
-
-## Set $wgCacheDirectory to a writable directory on the web server
-## to make your wiki go slightly faster. The directory should not
-## be publically accessible from the web.
-#$wgCacheDirectory = "$IP/cache";
-
-# Site language code, should be one of the list in ./languages/Names.php
-$wgLanguageCode = "en";
-
-$wgSecretKey = "<%= @mediawiki_config_secret_key %>";
-
-# Site upgrade key. Must be set to a string (default provided) to turn on the
-# web installer while LocalSettings.php is in place
-$wgUpgradeKey = "<%= @mediawiki_config_upgrade_key %>";
-
-## Default skin: you can change the default skin. Use the internal symbolic
-## names, ie 'standard', 'nostalgia', 'cologneblue', 'monobook', 'vector':
-$wgDefaultSkin = "vector";
-
-## For attaching licensing metadata to pages, and displaying an
-## appropriate copyright notice / icon. GNU Free Documentation
-## License and Creative Commons licenses are supported so far.
-$wgRightsPage = ""; # Set to the title of a wiki page that describes your license/copyright
-$wgRightsUrl  = "";
-$wgRightsText = "";
-$wgRightsIcon = "";
-
-# Path to the GNU diff3 utility. Used for conflict resolution.
-$wgDiff3 = "/usr/bin/diff3";
-
-# debian-specific include:
-if (is_file("/etc/mediawiki-extensions/extensions.php")) {
-	include("/etc/mediawiki-extensions/extensions.php");
-}
-
-# Query string length limit for ResourceLoader. You should only set this if
-# your web server has a query string length limit (then set it to that limit),
-# or if you have suhosin.get.max_value_length set in php.ini (then set it to
-# that value)
-$wgResourceLoaderMaxQueryLength = -1;
-
-
-
-# End of automatically generated settings.
-# Add more configuration options below.
-
-$wgGroupPermissions['*']['edit'] = false;
-
-$wgFileExtensions[] = 'pdf';
-
-$wgNamespacesToBeSearchedDefault = array(
-	NS_MAIN =>           true,
-	NS_TALK =>           true,
-	NS_USER =>           true,
-	NS_USER_TALK =>      true,
-	NS_PROJECT =>        true,
-	NS_PROJECT_TALK =>   true,
-	NS_FILE =>           true,
-	NS_FILE_TALK =>      true,
-	NS_MEDIAWIKI =>      true,
-	NS_MEDIAWIKI_TALK => true,
-	NS_TEMPLATE =>       true,
-	NS_TEMPLATE_TALK =>  true,
-	NS_HELP =>           true,
-	NS_HELP_TALK =>      true,
-	NS_CATEGORY =>       true,
-	NS_CATEGORY_TALK =>  true
-);