Compare commits
26 Commits
0.2.0+1.9.
...
1.0.0+1.9.
| Author | SHA1 | Date | |
|---|---|---|---|
| c656afb176 | |||
| 97f2d94079 | |||
| 4846a09169 | |||
| 210a37cd0c | |||
| 914ef6b026 | |||
| 5f205c149f | |||
| d2c8993fcc | |||
| 1c93adcf21 | |||
| 7970e7c61e | |||
| e14f050ede | |||
| 5fd556d358 | |||
| 4c2417901e | |||
| 6bc2679dee | |||
| d2d5b8ceb1 | |||
| afd3b03b21 | |||
| b43724ecba | |||
| 8e973cbed1 | |||
| 7780eb9f13 | |||
| 9e88945b9b | |||
| 6139cff626 | |||
| 0c96d5a45f | |||
| a896d27542 | |||
| 90d5d3fc18 | |||
| b282386419 | |||
| 980cac71d8 | |||
| d277bd9ac1 |
20
.drone.yml
20
.drone.yml
@ -3,10 +3,12 @@ kind: pipeline
|
|||||||
name: deploy to swarm-test.autonomic.zone
|
name: deploy to swarm-test.autonomic.zone
|
||||||
steps:
|
steps:
|
||||||
- name: deployment
|
- name: deployment
|
||||||
image: decentral1se/stack-ssh-deploy:latest
|
image: git.coopcloud.tech/coop-cloud/stack-ssh-deploy:latest
|
||||||
settings:
|
settings:
|
||||||
host: swarm-test.autonomic.zone
|
host: swarm-test.autonomic.zone
|
||||||
stack: hedgedoc
|
stack: hedgedoc
|
||||||
|
networks:
|
||||||
|
- proxy
|
||||||
deploy_key:
|
deploy_key:
|
||||||
from_secret: drone_ssh_swarm_test
|
from_secret: drone_ssh_swarm_test
|
||||||
generate_secrets: true
|
generate_secrets: true
|
||||||
@ -22,11 +24,17 @@ trigger:
|
|||||||
- main
|
- main
|
||||||
---
|
---
|
||||||
kind: pipeline
|
kind: pipeline
|
||||||
name: recipe release
|
name: generate recipe catalogue
|
||||||
steps:
|
steps:
|
||||||
- name: release a new version
|
- name: release a new version
|
||||||
image: thecoopcloud/drone-abra:latest
|
image: plugins/downstream
|
||||||
settings:
|
settings:
|
||||||
command: recipe hedgedoc release
|
server: https://build.coopcloud.tech
|
||||||
deploy_key:
|
token:
|
||||||
from_secret: abra_bot_deploy_key
|
from_secret: drone_abra-bot_token
|
||||||
|
fork: true
|
||||||
|
repositories:
|
||||||
|
- coop-cloud/auto-recipes-catalogue-json
|
||||||
|
|
||||||
|
trigger:
|
||||||
|
event: tag
|
||||||
|
|||||||
17
.env.sample
17
.env.sample
@ -1,26 +1,29 @@
|
|||||||
TYPE=codimd
|
TYPE=hedgedoc
|
||||||
|
TIMEOUT=300
|
||||||
|
ENABLE_AUTO_UPDATE=true
|
||||||
|
|
||||||
DOMAIN=codimd.example.com
|
DOMAIN=hedgedoc.example.com
|
||||||
## Domain aliases
|
## Domain aliases
|
||||||
#EXTRA_DOMAINS=', `www.codimd.example.com`'
|
#EXTRA_DOMAINS=', `www.hedgedoc.example.com`'
|
||||||
LETS_ENCRYPT_ENV=production
|
LETS_ENCRYPT_ENV=production
|
||||||
|
|
||||||
SECRET_DB_PASSWORD_VERSION=v1
|
SECRET_DB_PASSWORD_VERSION=v1
|
||||||
|
|
||||||
COMPOSE_FILE="compose.yml"
|
COMPOSE_FILE="compose.yml"
|
||||||
|
|
||||||
# OAuth, see https://hackmd.io/@codimd/codimd-generic-oauth-2
|
# OAuth, see https://docs.hedgedoc.org/guides/auth/keycloak/
|
||||||
|
|
||||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.oauth.yml"
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.oauth.yml"
|
||||||
#CMD_OAUTH2_PROVIDERNAME="Keycloak"
|
#CMD_OAUTH2_PROVIDERNAME="Keycloak"
|
||||||
#CMD_OAUTH2_BASEURL="https://keycloak.example.com/realms/realmname/protocol/openid-connect/"
|
#CMD_OAUTH2_CLIENT_ID="hedgedoc"
|
||||||
#CMD_OAUTH2_CLIENT_ID="codimd"
|
|
||||||
#CMD_OAUTH2_AUTHORIZATION_URL="https://keycloak.example.com/auth/realms/realmname/protocol/openid-connect/auth"
|
#CMD_OAUTH2_AUTHORIZATION_URL="https://keycloak.example.com/auth/realms/realmname/protocol/openid-connect/auth"
|
||||||
#CMD_OAUTH2_TOKEN_URL="https://keycloak.example.com/auth/realms/realmname/protocol/openid-connect/token"
|
#CMD_OAUTH2_TOKEN_URL="https://keycloak.example.com/auth/realms/realmname/protocol/openid-connect/token"
|
||||||
#CMD_OAUTH2_USER_PROFILE_URL="https://keycloak.example.com/auth/realms/realmname/protocol/openid-connect/userinfo"
|
#CMD_OAUTH2_USER_PROFILE_URL="https://keycloak.example.com/auth/realms/realmname/protocol/openid-connect/userinfo"
|
||||||
#CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=ocs.data.id
|
#CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=ocs.data.id
|
||||||
#CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=ocs.data.display-name
|
#CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=ocs.data.display-name
|
||||||
#CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=ocs.data.email
|
#CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=ocs.data.email
|
||||||
|
#CMD_OAUTH2_PROVIDERNAME=Keycloak
|
||||||
|
#CMD_OAUTH2_SCOPE="openid email profile"
|
||||||
#
|
#
|
||||||
#SECRET_OAUTH_KEY_VERSION=v1
|
#SECRET_OAUTH_KEY_VERSION=v1
|
||||||
|
|
||||||
@ -40,3 +43,5 @@ COMPOSE_FILE="compose.yml"
|
|||||||
# CMD_DEFAULT_PERMISSION=editable
|
# CMD_DEFAULT_PERMISSION=editable
|
||||||
# CMD_EMAIL=true
|
# CMD_EMAIL=true
|
||||||
# CMD_SESSION_LIFE=1209600000
|
# CMD_SESSION_LIFE=1209600000
|
||||||
|
# Only present in config.json (no equivalent env var):
|
||||||
|
# DOCUMENT_MAX_LENGTH=100000
|
||||||
|
|||||||
15
README.md
15
README.md
@ -7,9 +7,9 @@
|
|||||||
<!-- metadata -->
|
<!-- metadata -->
|
||||||
* **Category**: Apps
|
* **Category**: Apps
|
||||||
* **Status**: 2, beta
|
* **Status**: 2, beta
|
||||||
* **Image**: [`quay.io/hedgedoc/hedgedoc:1.8.2`](https://quay.io/hedgedoc/hedgedoc:1.8.2), 4, upstream
|
* **Image**: [`quay.io/hedgedoc/hedgedoc`](https://quay.io/hedgedoc/hedgedoc), 4, upstream
|
||||||
* **Healthcheck**: Yes
|
* **Healthcheck**: Yes
|
||||||
* **Backups**: No
|
* **Backups**: Yes
|
||||||
* **Email**: No
|
* **Email**: No
|
||||||
* **Tests**: 2
|
* **Tests**: 2
|
||||||
* **SSO**: 3 (OAuth)
|
* **SSO**: 3 (OAuth)
|
||||||
@ -19,17 +19,16 @@
|
|||||||
|
|
||||||
1. Set up Docker Swarm and [`abra`][abra]
|
1. Set up Docker Swarm and [`abra`][abra]
|
||||||
2. Deploy [`coop-cloud/traefik`][compose-traefik]
|
2. Deploy [`coop-cloud/traefik`][compose-traefik]
|
||||||
3. `abra app new hedegedoc`
|
3. `abra app new hedgedoc`
|
||||||
4. `abra app YOURAPPDOMAIN config` - be sure to change `$DOMAIN` to something that resolves to
|
4. `abra app config YOURAPPDOMAIN` - be sure to change `$DOMAIN` to something that resolves to
|
||||||
your Docker swarm box
|
your Docker swarm box
|
||||||
5. `abra app YOURAPPDOMAIN deploy`
|
5. `abra app deploy YOURAPPDOMAIN`
|
||||||
6. Create initial user:
|
6. Create initial user:
|
||||||
```
|
```
|
||||||
abra app YOURAPPDOMAIN run app bash
|
abra app YOURAPPDOMAIN run app bash
|
||||||
. /docker-entrypoint2.sh -e
|
. /docker-entrypoint2.sh -e
|
||||||
bin/manage_users
|
bin/manage_users
|
||||||
```
|
|
||||||
|
|
||||||
[hedegedoc]: https://github.com/hackmdio/hedegedoc
|
[hedegedoc]: https://github.com/hedgedoc/hedgedoc
|
||||||
[abra]: https://git.autonomic.zone/autonomic-cooperative/abra
|
[abra]: https://git.autonomic.zone/autonomic-cooperative/abra
|
||||||
[compose-traefik]: https://git.autonomic.zone/coop-cloud/traefik
|
[compose-traefik]: https://git.autonomic.zone/coop-cloud/traefik
|
||||||
2
abra.sh
2
abra.sh
@ -1,4 +1,4 @@
|
|||||||
export ENTRYPOINT_CONF_VERSION=v5
|
export ENTRYPOINT_CONF_VERSION=v8
|
||||||
|
|
||||||
abra_backup_app() {
|
abra_backup_app() {
|
||||||
_abra_backup_dir "app:/home/hackmd/app/public/uploads/"
|
_abra_backup_dir "app:/home/hackmd/app/public/uploads/"
|
||||||
|
|||||||
@ -5,7 +5,6 @@ services:
|
|||||||
app:
|
app:
|
||||||
environment:
|
environment:
|
||||||
- CMD_OAUTH2_PROVIDERNAME
|
- CMD_OAUTH2_PROVIDERNAME
|
||||||
- CMD_OAUTH2_BASEURL
|
|
||||||
- CMD_OAUTH2_CLIENT_ID
|
- CMD_OAUTH2_CLIENT_ID
|
||||||
- CMD_OAUTH2_CLIENT_SECRET_FILE=/run/secrets/oauth_key
|
- CMD_OAUTH2_CLIENT_SECRET_FILE=/run/secrets/oauth_key
|
||||||
- CMD_OAUTH2_AUTHORIZATION_URL
|
- CMD_OAUTH2_AUTHORIZATION_URL
|
||||||
@ -14,6 +13,7 @@ services:
|
|||||||
- CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR
|
- CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR
|
||||||
- CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR
|
- CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR
|
||||||
- CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR
|
- CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR
|
||||||
|
- CMD_OAUTH2_SCOPE
|
||||||
secrets:
|
secrets:
|
||||||
- oauth_key
|
- oauth_key
|
||||||
|
|
||||||
|
|||||||
23
compose.yml
23
compose.yml
@ -1,7 +1,7 @@
|
|||||||
version: "3.8"
|
version: "3.8"
|
||||||
services:
|
services:
|
||||||
app:
|
app:
|
||||||
image: quay.io/hedgedoc/hedgedoc:1.9.3
|
image: quay.io/hedgedoc/hedgedoc:1.9.9
|
||||||
environment:
|
environment:
|
||||||
- CMD_USECDN=false
|
- CMD_USECDN=false
|
||||||
- CMD_URL_ADDPORT=false
|
- CMD_URL_ADDPORT=false
|
||||||
@ -26,6 +26,7 @@ services:
|
|||||||
- CMD_DEFAULT_PERMISSION
|
- CMD_DEFAULT_PERMISSION
|
||||||
- CMD_EMAIL
|
- CMD_EMAIL
|
||||||
- CMD_SESSION_LIFE
|
- CMD_SESSION_LIFE
|
||||||
|
- DOCUMENT_MAX_LENGTH
|
||||||
depends_on:
|
depends_on:
|
||||||
- db
|
- db
|
||||||
networks:
|
networks:
|
||||||
@ -40,6 +41,9 @@ services:
|
|||||||
- source: entrypoint_conf
|
- source: entrypoint_conf
|
||||||
target: /docker-entrypoint.sh
|
target: /docker-entrypoint.sh
|
||||||
mode: 0555
|
mode: 0555
|
||||||
|
- source: config_json
|
||||||
|
target: /files/config.json
|
||||||
|
mode: 0555
|
||||||
deploy:
|
deploy:
|
||||||
restart_policy:
|
restart_policy:
|
||||||
condition: on-failure
|
condition: on-failure
|
||||||
@ -53,7 +57,8 @@ services:
|
|||||||
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
|
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
|
||||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
|
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
|
||||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
||||||
- coop-cloud.${STACK_NAME}.version=0.2.0+1.9.3
|
- coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}
|
||||||
|
- coop-cloud.${STACK_NAME}.version=1.0.0+1.9.9
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: "nodejs -e \"http.get('http://localhost:3000', (res) => { console.log('status: ', res.statusCode); if (res.statusCode == 200) { process.exit(0); } else { process.exit(1); } });\""
|
test: "nodejs -e \"http.get('http://localhost:3000', (res) => { console.log('status: ', res.statusCode); if (res.statusCode == 200) { process.exit(0); } else { process.exit(1); } });\""
|
||||||
interval: 30s
|
interval: 30s
|
||||||
@ -61,7 +66,7 @@ services:
|
|||||||
retries: 10
|
retries: 10
|
||||||
start_period: 1m
|
start_period: 1m
|
||||||
db:
|
db:
|
||||||
image: postgres:11.15-alpine
|
image: postgres:16.1-alpine
|
||||||
environment:
|
environment:
|
||||||
- POSTGRES_USER=codimd
|
- POSTGRES_USER=codimd
|
||||||
- POSTGRES_PASSWORD_FILE=/run/secrets/db_password
|
- POSTGRES_PASSWORD_FILE=/run/secrets/db_password
|
||||||
@ -72,6 +77,14 @@ services:
|
|||||||
- db_password
|
- db_password
|
||||||
networks:
|
networks:
|
||||||
- internal
|
- internal
|
||||||
|
deploy:
|
||||||
|
labels:
|
||||||
|
backupbot.backup: "true"
|
||||||
|
backupbot.backup.pre-hook: "mkdir -p /tmp/backup/ && PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /tmp/backup/backup.sql"
|
||||||
|
backupbot.backup.post-hook: "rm -rf /tmp/backup"
|
||||||
|
backupbot.backup.path: "/tmp/backup/"
|
||||||
|
backupbot.restore: "true"
|
||||||
|
backupbot.restore.post-hook: "sh -c 'psql -U $${POSTGRES_USER} -d $${POSTGRES_DB} < ./backup.sql && rm -f ./backup.sql'"
|
||||||
volumes:
|
volumes:
|
||||||
postgres:
|
postgres:
|
||||||
codimd_uploads:
|
codimd_uploads:
|
||||||
@ -84,6 +97,10 @@ networks:
|
|||||||
external: true
|
external: true
|
||||||
internal:
|
internal:
|
||||||
configs:
|
configs:
|
||||||
|
config_json:
|
||||||
|
name: ${STACK_NAME}_config_${ENTRYPOINT_CONF_VERSION}
|
||||||
|
file: config.json.tmpl
|
||||||
|
template_driver: golang
|
||||||
entrypoint_conf:
|
entrypoint_conf:
|
||||||
name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_CONF_VERSION}
|
name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_CONF_VERSION}
|
||||||
file: entrypoint.sh.tmpl
|
file: entrypoint.sh.tmpl
|
||||||
|
|||||||
7
config.json.tmpl
Normal file
7
config.json.tmpl
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
{
|
||||||
|
{{ if (env "DOCUMENT_MAX_LENGTH") }}
|
||||||
|
"production": {
|
||||||
|
"documentMaxLength": {{ env "DOCUMENT_MAX_LENGTH" }}
|
||||||
|
}
|
||||||
|
{{ end }}
|
||||||
|
}
|
||||||
@ -30,6 +30,7 @@ main() {
|
|||||||
set -eu
|
set -eu
|
||||||
|
|
||||||
load_vars
|
load_vars
|
||||||
|
mkdir "/hedgedoc/.npm" && chown -R 10000:65534 "/hedgedoc/.npm" && chmod "u+rwx" "/hedgedoc/.npm"
|
||||||
}
|
}
|
||||||
|
|
||||||
main
|
main
|
||||||
@ -40,6 +41,7 @@ export CMD_DB_URL=postgres://$CMD_DB_USER:$CMD_DB_PASSWORD@$CMD_DB_HOST:5432/$CM
|
|||||||
if [ ! "${1-}" == "-e" ]; then
|
if [ ! "${1-}" == "-e" ]; then
|
||||||
# 3wc: upstream ENTRYPOINT
|
# 3wc: upstream ENTRYPOINT
|
||||||
# https://github.com/hedgedoc/container/blob/master/alpine/Dockerfile
|
# https://github.com/hedgedoc/container/blob/master/alpine/Dockerfile
|
||||||
|
mkdir -p "/hedgedoc/.npm" && chown -R 10000:65534 "/hedgedoc/.npm"
|
||||||
/usr/local/bin/docker-entrypoint.sh npm start
|
/usr/local/bin/docker-entrypoint.sh npm start
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|||||||
7
release/1.0.0+1.9
Normal file
7
release/1.0.0+1.9
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
WARNING WARNING WARNING 🚨
|
||||||
|
|
||||||
|
This release includes a major Postgres database upgrade, but does not yet include tools to automatically upgrade from older Postgres releases.
|
||||||
|
|
||||||
|
PLEASE DO NOT UPGRADE EXISTING INSTANCES TO THIS VERSION.
|
||||||
|
|
||||||
|
This should be fixed soon.
|
||||||
Reference in New Issue
Block a user