diff --git a/README.md b/README.md
index 7b28129..8ec84a7 100644
--- a/README.md
+++ b/README.md
@@ -29,7 +29,7 @@ You can use it to easily collaborate on notes, graphs and even presentations in
- Low system requirements
-**Shipped version:** 1.9.9~ynh3
+**Shipped version:** 2.0.0~ynh1
**Demo:**
diff --git a/README_es.md b/README_es.md
index 5a3d137..20bd0cf 100644
--- a/README_es.md
+++ b/README_es.md
@@ -29,7 +29,7 @@ You can use it to easily collaborate on notes, graphs and even presentations in
- Low system requirements
-**Versión actual:** 1.9.9~ynh3
+**Versión actual:** 2.0.0~ynh1
**Demo:**
diff --git a/README_eu.md b/README_eu.md
index 589c529..c0459df 100644
--- a/README_eu.md
+++ b/README_eu.md
@@ -29,7 +29,7 @@ You can use it to easily collaborate on notes, graphs and even presentations in
- Low system requirements
-**Paketatutako bertsioa:** 1.9.9~ynh3
+**Paketatutako bertsioa:** 2.0.0~ynh1
**Demoa:**
diff --git a/README_fr.md b/README_fr.md
index 4dea3b7..f8dac27 100644
--- a/README_fr.md
+++ b/README_fr.md
@@ -29,7 +29,7 @@ Vous pouvez l'utiliser pour collaborer facilement sur des notes, des graphiques
- Faible configuration système requise
-**Version incluse :** 1.9.9~ynh3
+**Version incluse :** 2.0.0~ynh1
**Démo :**
diff --git a/README_gl.md b/README_gl.md
index 0f27824..d625360 100644
--- a/README_gl.md
+++ b/README_gl.md
@@ -29,7 +29,7 @@ You can use it to easily collaborate on notes, graphs and even presentations in
- Low system requirements
-**Versión proporcionada:** 1.9.9~ynh3
+**Versión proporcionada:** 2.0.0~ynh1
**Demo:**
diff --git a/README_zh_Hans.md b/README_zh_Hans.md
index 8b2602e..de69689 100644
--- a/README_zh_Hans.md
+++ b/README_zh_Hans.md
@@ -29,7 +29,7 @@ You can use it to easily collaborate on notes, graphs and even presentations in
- Low system requirements
-**分发版本:** 1.9.9~ynh3
+**分发版本:** 2.0.0~ynh1
**演示:**
diff --git a/conf/systemd.service b/conf/backend.service
similarity index 92%
rename from conf/systemd.service
rename to conf/backend.service
index 017e1d6..4b8b4f5 100644
--- a/conf/systemd.service
+++ b/conf/backend.service
@@ -1,5 +1,5 @@
[Unit]
-Description=HedgeDoc: collaborative Markdown notes
+Description=HedgeDoc: collaborative Markdown notes backend
Documentation=https://github.com/hedgedoc/hedgedoc
After=network.target postgresql.service
@@ -7,10 +7,10 @@ After=network.target postgresql.service
Type=simple
User=__APP__
Group=__APP__
-WorkingDirectory=__INSTALL_DIR__
+WorkingDirectory=__INSTALL_DIR__/backend
Environment="__YNH_NODE_LOAD_PATH__"
Environment="NODE_ENV=production"
-ExecStart=__YNH_NPM__ start --production
+ExecStart=__YNH_NPM__ start
Restart=always
# Sandboxing options to harden security
diff --git a/conf/config.json.example b/conf/config.json.example
deleted file mode 100644
index 19aadbd..0000000
--- a/conf/config.json.example
+++ /dev/null
@@ -1,61 +0,0 @@
-{
- "production": {
- "protocolUseSSL": true,
- "domain": "__DOMAIN__",
- "port": "__PORT__",
- "urlPath": "__URL_PATH__",
- "loglevel": "info",
- "useCDN": false,
- "allowGravatar": false,
- "allowFreeURL": __ALLOW_FREE_URL__,
- "requireFreeURLAuthentication": __REQUIRE_FREE_URL_AUTHENTICATION__,
- "allowAnonymous": __ALLOW_ANONYMOUS__,
- "allowAnonymousEdits": __ALLOW_ANONYMOUS_EDITS__,
- "defaultPermission": "locked",
- "email": true,
- "allowEmailRegister": __ALLOW_EMAIL_REGISTRATION__,
- "imageUploadType": "filesystem",
- "tooBusyLag": 1000,
- "hsts": {
- "enable": true,
- "maxAgeSeconds": 31536000,
- "includeSubdomains": true,
- "preload": true
- },
- "csp": {
- "enable": true,
- "directives": {
- },
- "upgradeInsecureRequests": "auto",
- "addDefaults": true,
- "addDisqus": true,
- "allowFraming": false,
- "addGoogleAnalytics": false
- },
- "minio": {
- "accessKey": "",
- "secretKey": "",
- "endPoint": "localhost",
- "port": 9000,
- "secure": false
- },
- "db": {
- "username": "__DB_USER__",
- "password": "__DB_PWD__",
- "database": "__DB_NAME__",
- "host": "localhost",
- "port": "5432",
- "dialect": "postgres"
- },
- "ldap": {
- "url": "ldap://127.0.0.1:389",
- "bindDn": null,
- "bindCredentials": null,
- "searchBase": "ou=users,dc=yunohost,dc=org",
- "searchFilter": "(&(|(objectclass=posixAccount))(uid={{username}})(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))",
- "usernameField": "cn",
- "useridField": "uid",
- "providerName": "YunoHost"
- }
- }
-}
diff --git a/conf/env_backend b/conf/env_backend
new file mode 100644
index 0000000..2fef918
--- /dev/null
+++ b/conf/env_backend
@@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: 2021 The HedgeDoc developers (see AUTHORS file)
+#
+# SPDX-License-Identifier: CC0-1.0
+
+HD_DOMAIN="https://__DOMAIN____PATH__"
+PORT=__PORT_BACKEND__
+HD_MEDIA_BACKEND="filesystem"
+HD_MEDIA_BACKEND_FILESYSTEM_UPLOAD_PATH="uploads/"
+
+HD_DATABASE_NAME="__DB_NAME__"
+HD_DATABASE_USER="__DB_NAME__"
+HD_DATABASE_PASS="__DB_PWD__"
+HD_DATABASE_HOST="localhost"
+HD_DATABASE_PORT="5432"
+HD_DATABASE_DIALECT="postgres"
+
+HD_AUTH_LDAPS="YUNOHOST"
+HD_AUTH_LDAP_YUNOHOST_PROVIDER_NAME="YunoHost"
+HD_AUTH_LDAP_YUNOHOST_URL="ldap://127.0.0.1:389"
+#HD_AUTH_LDAP_YUNOHOST_BIND_DN=null
+#HD_AUTH_LDAP_YUNOHOST_BIND_CREDENTIALS=null
+HD_AUTH_LDAP_YUNOHOST_SEARCH_BASE="ou=users,dc=yunohost,dc=org"
+HD_AUTH_LDAP_YUNOHOST_SEARCH_FILTER="(&(|(objectclass=posixAccount))(uid={{username}})(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))"
+#HD_AUTH_LDAP_YUNOHOST_SEARCH_ATTRIBUTES=
+HD_AUTH_LDAP_YUNOHOST_USERNAME_FIELD="cn"
+HD_AUTH_LDAP_YUNOHOST_USERID_FIELD="uid"
+#HD_AUTH_LDAP_YUNOHOST_TLS_CA=
+
diff --git a/conf/frontend.service b/conf/frontend.service
new file mode 100644
index 0000000..82896c1
--- /dev/null
+++ b/conf/frontend.service
@@ -0,0 +1,27 @@
+[Unit]
+Description=HedgeDoc: collaborative Markdown notes frontend
+Documentation=https://github.com/hedgedoc/hedgedoc
+After=network.target postgresql.service __APP___backend.service
+
+[Service]
+Type=simple
+User=__APP__
+Group=__APP__
+WorkingDirectory=__INSTALL_DIR__/frontend
+Environment="__YNH_NODE_LOAD_PATH__"
+Environment="NODE_ENV=production"
+Environment="PORT=__PORT_FRONTEND__"
+Environment="REACT_APP_BACKEND_BASE_URL=http://localhost:__PORT_BACKEND__/"
+ExecStart=__INSTALL_DIR__/frontend/node_modules/.bin/cross-env PORT=__PORT_FRONTEND__ REACT_APP_BACKEND_BASE_URL=http://localhost:__PORT_BACKEND__/ __INSTALL_DIR__/frontend/node_modules/.bin/craco start
+Restart=always
+PrivateTmp=true
+PrivateDevices=true
+
+ProtectControlGroups=true
+ProtectHome=true
+ProtectKernelTunables=true
+ProtectSystem=full
+RestrictSUIDSGID=true
+
+[Install]
+WantedBy=multi-user.target
diff --git a/conf/nginx.conf b/conf/nginx.conf
index c333c47..65cfb35 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -1,26 +1,27 @@
#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
location __PATH__/ {
- proxy_pass http://127.0.0.1:__PORT__/;
- proxy_redirect off;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Host $server_name;
-
- proxy_http_version 1.1;
- proxy_set_header Connection "upgrade";
- proxy_set_header Upgrade $http_upgrade;
-
- # setup for image upload
- client_max_body_size 256M;
- proxy_max_temp_file_size 1024M;
-
- proxy_read_timeout 300;
- proxy_connect_timeout 300;
-
- # Include SSOWAT user panel.
- include conf.d/yunohost_panel.conf.inc;
- more_clear_input_headers 'Accept-Encoding';
+ proxy_pass http://127.0.0.1:__PORT_FRONTEND__;
+ proxy_set_header X-Forwarded-Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+}
+
+location ~ ^__PATH__/(api|public|uploads|apidoc)/ {
+ proxy_pass http://127.0.0.1:__PORT_BACKEND__;
+ proxy_set_header X-Forwarded-Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+}
+
+location __PATH__/realtime {
+ proxy_pass http://127.0.0.1:__PORT_BACKEND__;
+ proxy_set_header X-Forwarded-Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection $connection_upgrade;
}
diff --git a/manifest.toml b/manifest.toml
index f1a94c0..812f772 100644
--- a/manifest.toml
+++ b/manifest.toml
@@ -5,7 +5,7 @@ name = "HedgeDoc"
description.en = "Collaborative editor to work on notes written in Markdown"
description.fr = "Éditeur collaboratif pour travailler sur des notes en Markdown"
-version = "1.9.9~ynh3"
+version = "2.0.0~ynh1"
maintainers = []
@@ -48,11 +48,13 @@ ram.runtime = "50M"
[resources.sources]
[resources.sources.main]
- url = "https://github.com/hedgedoc/hedgedoc/releases/download/1.9.9/hedgedoc-1.9.9.tar.gz"
- sha256 = "1769d30e60458040475a6d74f53952101962c40c390765e19e6ff6f3fe70c008"
+ url = "https://github.com/hedgedoc/hedgedoc/archive/refs/tags/v2.0.0-alpha.2.tar.gz"
+ sha256 = "626bdb721b7ec13b4103bfc8b043cca6bc5037c87cbf73b5aace2e44758a0c2a"
autoupdate.strategy = "latest_github_tag"
[resources.ports]
+ frontend.default = 3001
+ backend.default = 3000
[resources.system_user]
diff --git a/scripts/change_url b/scripts/change_url
index 85e7e6c..5360056 100644
--- a/scripts/change_url
+++ b/scripts/change_url
@@ -36,7 +36,7 @@ ynh_backup_if_checksum_is_different --file="$install_dir/config.json"
domain=$new_domain
url_path=${new_path#/}
-ynh_add_config --template="../conf/config.json.example" --destination="$install_dir/config.json"
+ynh_add_config --template="config.json.example" --destination="$install_dir/config.json"
chmod 400 "$install_dir/config.json"
chown $app:$app "$install_dir/config.json"
diff --git a/scripts/install b/scripts/install
index 934f387..c9b8069 100644
--- a/scripts/install
+++ b/scripts/install
@@ -23,11 +23,8 @@ require_free_url_authentication=false
# STORE SETTINGS FROM MANIFEST
#=================================================
-ynh_app_setting_set --app=$app --key=allow_anonymous --value=$allow_anonymous
-ynh_app_setting_set --app=$app --key=allow_email_registration --value=$allow_email_registration
-ynh_app_setting_set --app=$app --key=allow_free_url --value=$allow_free_url
-ynh_app_setting_set --app=$app --key=require_free_url_authentication --value=$require_free_url_authentication
-ynh_app_setting_set --app=$app --key=allow_anonymous_edits --value=$allow_anonymous_edits
+ynh_app_setting_set --app=$app --key=domain --value=$domain
+ynh_app_setting_set --app=$app --key=path --value=$path_url
#=================================================
# INSTALL DEPENDENCIES
@@ -36,17 +33,17 @@ ynh_script_progression --message="Installing dependencies..." --weight=20
# Install Nodejs
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
+ynh_use_nodejs
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
-ynh_script_progression --message="Setting up source files..." --weight=2
+ynh_script_progression --message="Setting up source files..." --weight=1
-# Download, check integrity, uncompress and patch the source from app.src
-ynh_setup_source --dest_dir=$install_dir
+# Download, check integrity, uncompress and patch the source from manifest.toml
+ynh_setup_source --dest_dir="$install_dir"
-chmod -R o-rwx "$install_dir"
-chown -R $app:www-data "$install_dir"
+chown -R "$app:www-data" "$install_dir"
#=================================================
# SYSTEM CONFIGURATION
@@ -55,21 +52,29 @@ ynh_script_progression --message="Adding system configurations related to $app..
ynh_add_nginx_config
-ynh_add_systemd_config
+ynh_add_systemd_config --service="${app}_backend" --template="../conf/backend.service"
+ynh_add_systemd_config --service="${app}_frontend" --template="../conf/frontend.service"
-yunohost service add $app --description="Collaborative Markdown editor" --log="/var/log/$app/$app.log"
+yunohost service add "${app}_backend" --description="Collaborative Markdown editor's backend" --log="/var/log/$app/$app.log"
+yunohost service add "${app}_frontend" --description="Collaborative Markdown editor's frontend" --log="/var/log/$app/$app.log"
#=================================================
# SPECIFIC SETUP
#==============================================
# INSTALL HEDGEDOC
#==============================================
-ynh_script_progression --message="Building $app... (this will take some time and resources!)" --weight=10
+ynh_script_progression --message="Building $app... (this will take some time and resources!)" --weight=20
-pushd "$install_dir"
- ynh_use_nodejs
- ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn workspaces focus --production
- ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn cache clean
+pushd "$install_dir/backend"
+ ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn install
+popd
+
+pushd "$install_dir/frontend"
+ ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn install
+ # TODO: Fails out of memory in my tests
+ # Production build
+ # Not sure if PORT is necessary here
+ # PORT=$port_frontend REACT_APP_BACKEND_BASE_URL=http://localhost:$port_backend/ yarn build:production
popd
#=================================================
@@ -77,11 +82,19 @@ popd
#=================================================
ynh_script_progression --message="Modifying a config file..." --weight=1
-url_path=${path#/}
-ynh_add_config --template="config.json.example" --destination="$install_dir/config.json"
+#path=${path_url:1}
+ynh_add_config --template="env_backend" --destination="$install_dir/backend/.env"
-chmod 600 "$install_dir/config.json"
-chown $app:$app "$install_dir/config.json"
+#=================================================
+# GENERIC FINALIZATION
+#=================================================
+# SECURE FILES AND DIRECTORIES
+#=================================================
+ynh_script_progression --message="Securing files and directories..." --weight=1
+
+# Set permissions to app files
+chown -R $app:$app $install_dir
+chmod o-rwx $install_dir
#=================================================
# START SYSTEMD SERVICE
@@ -89,7 +102,8 @@ chown $app:$app "$install_dir/config.json"
ynh_script_progression --message="Starting a systemd service..." --weight=2
# Start a systemd service
-ynh_systemd_action --service_name=$app --action=start --log_path=systemd --line_match="HTTP Server listening"
+ynh_systemd_action --service_name="${app}_backend" --action=start --log_path=systemd
+ynh_systemd_action --service_name="${app}_frontend" --action=start --log_path=systemd
#=================================================
# END OF SCRIPT
diff --git a/scripts/remove b/scripts/remove
index 159acb6..9921cdd 100644
--- a/scripts/remove
+++ b/scripts/remove
@@ -17,13 +17,21 @@ source /usr/share/yunohost/helpers
ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
-if ynh_exec_warn_less yunohost service status $app >/dev/null
+if ynh_exec_warn_less yunohost service status ${app}_backend >/dev/null
then
- ynh_script_progression --message="Removing $app service..." --weight=1
- yunohost service remove $app
+ ynh_script_progression --message="Removing ${app}_backend service..." --weight=1
+ yunohost service remove ${app}_backend
fi
-ynh_remove_systemd_config
+if ynh_exec_warn_less yunohost service status ${app}_frontend >/dev/null
+then
+ ynh_script_progression --message="Removing ${app}_frontend service..." --weight=1
+ yunohost service remove ${app}_frontend
+fi
+
+# Remove the dedicated systemd config
+ynh_remove_systemd_config --service=${app}_backend
+ynh_remove_systemd_config --service=${app}_frontend
ynh_remove_nodejs
diff --git a/scripts/restore b/scripts/restore
index f41173e..d675310 100644
--- a/scripts/restore
+++ b/scripts/restore
@@ -43,17 +43,18 @@ ynh_script_progression --message="Restoring system configurations related to $ap
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
-ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
+ynh_restore_file --origin_path="/etc/systemd/system/${app}_backend.service"
+ynh_restore_file --origin_path="/etc/systemd/system/${app}_frontend.service"
systemctl enable $app.service --quiet
-yunohost service add $app --description="Collaborative Markdown editor" --log="/var/log/$app/$app.log"
-
#=================================================
# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE
#=================================================
ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
-ynh_systemd_action --service_name=$app --action=start --log_path=systemd --line_match="HTTP Server listening"
+# Start a systemd service
+ynh_systemd_action --service_name="${app}_backend" --action=start --log_path=systemd
+ynh_systemd_action --service_name="${app}_frontend" --action=start --log_path=systemd
ynh_systemd_action --service_name=nginx --action=reload
diff --git a/scripts/upgrade b/scripts/upgrade
index 275c1d4..8044523 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -77,11 +77,16 @@ yunohost service add $app --description="Collaborative Markdown editor" --log="/
#==============================================
ynh_script_progression --message="Building $app... (this will take some time and resources!)" --weight=10
-pushd "$install_dir"
- ynh_secure_remove /usr/local/share/.cache/yarn
- ynh_use_nodejs
- ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn workspaces focus --production
- ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn cache clean
+pushd "$install_dir/backend"
+ ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn install
+popd
+
+pushd "$install_dir/frontend"
+ ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn install
+ # TODO: Fails out of memory in my tests
+ # Production build
+ # Not sure if PORT is necessary here
+ # PORT=$port_frontend REACT_APP_BACKEND_BASE_URL=http://localhost:$port_backend/ yarn build:production
popd
#=================================================
@@ -100,7 +105,9 @@ chown $app:$app "$install_dir/config.json"
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1
-ynh_systemd_action --service_name=$app --action=start --log_path=systemd --line_match="HTTP Server listening"
+# Start a systemd service
+ynh_systemd_action --service_name="${app}_backend" --action=start --log_path=systemd
+ynh_systemd_action --service_name="${app}_frontend" --action=start --log_path=systemd
#=================================================
# END OF SCRIPT