Initial work on HedgeDoc v2

- Project split into backend and frontend - Relevant services and configuration files created Status: - can be cleanly installed and removed. - services start but the frontend gets caught in the SSO somewhere
2024-09-03 19:25:52 +02:00 · 2021-06-20 23:33:46 +02:00 · 2021-06-20 23:33:46 +02:00 · 23819b78d5
commit 23819b78d5
parent 2fed60aff7
7 changed files with 109 additions and 77 deletions
--- a/conf/backend.service
+++ b/conf/backend.service
@ -1,5 +1,5 @@
 [Unit]
-Description=HedgeDoc: collaborative Markdown notes
+Description=HedgeDoc: collaborative Markdown notes backend
 Documentation=https://github.com/hedgedoc/hedgedoc
 After=network.target postgresql.service

@ -7,10 +7,10 @@ After=network.target postgresql.service
 Type=simple
 User=__APP__
 Group=__APP__
-WorkingDirectory=__FINALPATH__
+WorkingDirectory=__FINALPATH__/backend
 Environment="PATH=__ENV_PATH__"
 Environment="NODE_ENV=production"
-ExecStart=__YNH_NPM__ start --production
+ExecStart=__YNH_NPM__ start
 Restart=always
 PrivateTmp=true
 PrivateDevices=true
--- a/conf/config.json.example
+++ b/conf/config.json.example
@ -1,51 +0,0 @@
-{
-    "production": {
-        "protocolUseSSL": true,
-        "domain": "__DOMAIN__",
-        "port": "__PORT__",
-        "urlPath": "__PATH__",
-        "loglevel": "info",
-        "useCDN": false,
-        "allowGravatar": false,
-        "allowFreeURL": false,
-        "allowAnonymousEdits": true,
-        "defaultPermission": "locked",
-        "email": true,
-        "allowEmailRegister": true,
-        "imageUploadType": "filesystem",
-        "tooBusyLag": 1000,
-        "hsts": {
-            "enable": true,
-            "maxAgeSeconds": 31536000,
-            "includeSubdomains": true,
-            "preload": true
-        },
-        "csp": {
-            "enable": true,
-            "directives": {
-            },
-            "upgradeInsecureRequests": "auto",
-            "addDefaults": true,
-            "addDisqus": true,
-            "addGoogleAnalytics": false
-        },
-        "db": {
-            "username": "__DB_NAME__",
-            "password": "__DB_PWD__",
-            "database": "__DB_NAME__",
-            "host": "localhost",
-            "port": "5432",
-            "dialect": "postgres"
-        },
-        "ldap": {
-            "url": "ldap://127.0.0.1:389",
-            "bindDn": null,
-            "bindCredentials": null,
-            "searchBase": "ou=users,dc=yunohost,dc=org",
-            "searchFilter": "(&(|(objectclass=posixAccount))(uid={{username}})(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))",
-            "usernameField": "cn",
-            "useridField": "uid",
-            "providerName": "YunoHost"
-        }
-    }
-}
--- a/conf/env_backend
+++ b/conf/env_backend
@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2021 The HedgeDoc developers (see AUTHORS file)
+#
+# SPDX-License-Identifier: CC0-1.0
+
+HD_DOMAIN="https://__DOMAIN____PATH__"
+PORT=__PORT_BACKEND__
+HD_MEDIA_BACKEND="filesystem"
+HD_MEDIA_BACKEND_FILESYSTEM_UPLOAD_PATH="uploads/"
+
+HD_DATABASE_NAME="__DB_NAME__"
+HD_DATABASE_USER="__DB_NAME__"
+HD_DATABASE_PASS="__DB_PWD__"
+HD_DATABASE_HOST="localhost"
+HD_DATABASE_PORT="5432"
+HD_DATABASE_DIALECT="postgres"
+
+HD_AUTH_LDAPS="YUNOHOST"
+HD_AUTH_LDAP_YUNOHOST_PROVIDER_NAME="YunoHost"
+HD_AUTH_LDAP_YUNOHOST_URL="ldap://127.0.0.1:389"
+#HD_AUTH_LDAP_YUNOHOST_BIND_DN=null
+#HD_AUTH_LDAP_YUNOHOST_BIND_CREDENTIALS=null
+HD_AUTH_LDAP_YUNOHOST_SEARCH_BASE="ou=users,dc=yunohost,dc=org"
+HD_AUTH_LDAP_YUNOHOST_SEARCH_FILTER="(&(|(objectclass=posixAccount))(uid={{username}})(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))"
+#HD_AUTH_LDAP_YUNOHOST_SEARCH_ATTRIBUTES=
+HD_AUTH_LDAP_YUNOHOST_USERNAME_FIELD="cn"
+HD_AUTH_LDAP_YUNOHOST_USERID_FIELD="uid"
+#HD_AUTH_LDAP_YUNOHOST_TLS_CA=
+
--- a/conf/frontend.service
+++ b/conf/frontend.service
@ -0,0 +1,27 @@
+[Unit]
+Description=HedgeDoc: collaborative Markdown notes frontend
+Documentation=https://github.com/hedgedoc/hedgedoc
+After=network.target postgresql.service __APP___backend.service
+
+[Service]
+Type=simple
+User=__APP__
+Group=__APP__
+WorkingDirectory=__FINALPATH__/frontend
+Environment="PATH=__ENV_PATH__"
+Environment="NODE_ENV=production"
+Environment="PORT=__PORT_FRONTEND__"
+Environment="REACT_APP_BACKEND_BASE_URL=http://localhost:__PORT_BACKEND__/"
+ExecStart=__FINALPATH__/frontend/node_modules/.bin/cross-env PORT=__PORT_FRONTEND__ REACT_APP_BACKEND_BASE_URL=http://localhost:__PORT_BACKEND__/ __FINAL_PATH__/frontend/node_modules/.bin/craco start
+Restart=always
+PrivateTmp=true
+PrivateDevices=true
+
+ProtectControlGroups=true
+ProtectHome=true
+ProtectKernelTunables=true
+ProtectSystem=full
+RestrictSUIDSGID=true
+
+[Install]
+WantedBy=multi-user.target
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -5,7 +5,7 @@ location ^~ __PATH__/ {
    rewrite ^ https://$server_name$request_uri? permanent;
  }

-  proxy_pass        http://127.0.0.1:__PORT__/;
+  proxy_pass        http://127.0.0.1:__PORT_FRONTEND__/;
  proxy_redirect    off;
  proxy_set_header  Host $host;
  proxy_set_header  X-Real-IP $remote_addr;
--- a/scripts/install
+++ b/scripts/install
@ -53,11 +53,15 @@ ynh_app_setting_set --app=$app --key=path --value=$path_url
 #=================================================
 # FIND AND OPEN A PORT
 #=================================================
-ynh_script_progression --message="Finding an available port..." --weight=2
+ynh_script_progression --message="Finding available ports..." --weight=2

-# Find an available port
-port=$(ynh_find_port --port=3000)
-ynh_app_setting_set --app=$app --key=port --value=$port
+# Find an available port for the backend
+port_backend=$(ynh_find_port --port=3000)
+ynh_app_setting_set --app=$app --key=port_backend --value=$port_backend
+
+# Find an available port for the frontend
+port_frontend=$(ynh_find_port --port=$(($port_backend+1)))
+ynh_app_setting_set --app=$app --key=port_frontend --value=$port_frontend

 #=================================================
 # INSTALL DEPENDENCIES
@ -97,7 +101,11 @@ ynh_script_progression --message="Setting up source files..." --weight=2

 ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 # Download, check integrity, uncompress and patch the source from app.src
-ynh_setup_source --dest_dir=$final_path
+#ynh_setup_source --dest_dir=$final_path
+mkdir -p $final_path/backend
+mkdir -p $final_path/frontend
+git clone --depth 1 https://github.com/hedgedoc/hedgedoc -b develop $final_path/backend
+git clone --depth 1 https://github.com/hedgedoc/react-client $final_path/frontend

 #=================================================
 # NGINX CONFIGURATION
@ -112,11 +120,22 @@ ynh_add_nginx_config
 #==============================================
 # INSTALL HEDGEDOC
 #==============================================
-ynh_script_progression --message="Building HedgeDoc... (this will take some time and resources!)" --weight=20
+ynh_use_nodejs

-pushd "$final_path" || ynh_die
-	ynh_use_nodejs
-	bin/setup
+ynh_script_progression --message="Building HedgeDoc backend... (this will take some time and resources!)" --weight=20
+
+pushd "$final_path/backend" || ynh_die
+	ynh_exec_warn_less yarn install
+popd || ynh_die
+
+ynh_script_progression --message="Building HedgeDoc frontend... (this will take some time and resources!)" --weight=20
+
+pushd "$final_path/frontend" || ynh_die
+	ynh_exec_warn_less yarn install
+	# TODO: Fails out of memory in my tests
+	# Production build
+	# Not sure if PORT is necessary here
+	# PORT=$port_frontend REACT_APP_BACKEND_BASE_URL=http://localhost:$port_backend/ yarn build:production
 popd || ynh_die

 #=================================================
@ -124,18 +143,19 @@ popd || ynh_die
 #=================================================
 ynh_script_progression --message="Configuring a systemd service..." --weight=1

-ynh_replace_string --match_string="__ENV_PATH__" --replace_string="$PATH" --target_file="../conf/systemd.service"
+ynh_replace_string --match_string="__ENV_PATH__" --replace_string="$PATH" --target_file="../conf/backend.service"
+ynh_replace_string --match_string="__ENV_PATH__" --replace_string="$PATH" --target_file="../conf/frontend.service"

-ynh_add_systemd_config
+ynh_add_systemd_config --service="${app}_backend" --template="../conf/backend.service"
+ynh_add_systemd_config --service="${app}_frontend" --template="../conf/frontend.service"

 #=================================================
 # MODIFY A CONFIG FILE
 #=================================================
 ynh_script_progression --message="Modifying a config file..." --weight=1

-path=${path_url:1}
-
-ynh_add_config --template="../conf/config.json.example" --destination="$final_path/config.json"
+#path=${path_url:1}
+ynh_add_config --template="../conf/env_backend" --destination="$final_path/backend/.env"

 #=================================================
 # GENERIC FINALIZATION
@ -147,14 +167,14 @@ ynh_script_progression --message="Securing files and directories..." --weight=1
 # Set permissions to app files
 chown -R $app:$app $final_path
 chmod o-rwx $final_path
-chmod 600 $final_path/config.json

 #=================================================
 # INTEGRATE SERVICE IN YUNOHOST
 #=================================================
 ynh_script_progression --message="Integrating service in YunoHost..." --weight=2

-yunohost service add $app --description="Collaborative Markdown editor" --log="/var/log/$app/$app.log"
+yunohost service add "${app}_backend" --description="Collaborative Markdown editor's backend" --log="/var/log/$app/$app.log"
+yunohost service add "${app}_frontend" --description="Collaborative Markdown editor's frontend" --log="/var/log/$app/$app.log"

 #=================================================
 # START SYSTEMD SERVICE
@ -162,7 +182,8 @@ yunohost service add $app --description="Collaborative Markdown editor" --log="/
 ynh_script_progression --message="Starting a systemd service..." --weight=2

 # Start a systemd service
-ynh_systemd_action --service_name=$app --action=start --log_path=systemd --line_match="HTTP Server listening"
+ynh_systemd_action --service_name="${app}_backend" --action=start --log_path=systemd
+ynh_systemd_action --service_name="${app}_frontend" --action=start --log_path=systemd

 #=================================================
 # SETUP SSOWAT
--- a/scripts/remove
+++ b/scripts/remove
@ -28,19 +28,26 @@ db_user=$db_name
 #=================================================

 # Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
-if ynh_exec_warn_less yunohost service status $app >/dev/null
+if ynh_exec_warn_less yunohost service status ${app}_backend >/dev/null
 then
-	ynh_script_progression --message="Removing $app service..." --weight=1
-	yunohost service remove $app
+	ynh_script_progression --message="Removing ${app}_backend service..." --weight=1
+	yunohost service remove ${app}_backend
+fi
+
+if ynh_exec_warn_less yunohost service status ${app}_frontend >/dev/null
+then
+	ynh_script_progression --message="Removing ${app}_frontend service..." --weight=1
+	yunohost service remove ${app}_frontend
 fi

 #=================================================
 # STOP AND REMOVE SERVICE
 #=================================================
-ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1
+ynh_script_progression --message="Stopping and removing the systemd services..." --weight=1

 # Remove the dedicated systemd config
-ynh_remove_systemd_config
+ynh_remove_systemd_config --service=${app}_backend
+ynh_remove_systemd_config --service=${app}_frontend

 #=================================================
 # REMOVE THE POSTGRESQL DATABASE