YunoHost-Apps/hedgedoc_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/hedgedoc_ynh.git synced 2024-09-03 19:25:52 +02:00
Code Issues Activity Actions

Merge b8ca88d3e1 into e5fec91d12

Browse source
This commit is contained in:
tituspijean 2024-06-24 10:02:58 +08:00 committed by GitHub
commit 418f2294ea
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
17 changed files with 159 additions and 132 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -29,7 +29,7 @@ You can use it to easily collaborate on notes, graphs and even presentations in
- Low system requirements - Low system requirements
**Shipped version:** 1.9.9~ynh3 **Shipped version:** 2.0.0~ynh1
**Demo:** <https://demo.hedgedoc.org/> **Demo:** <https://demo.hedgedoc.org/>

2
README_es.md
View file

@ -29,7 +29,7 @@ You can use it to easily collaborate on notes, graphs and even presentations in
- Low system requirements - Low system requirements
**Versión actual:** 1.9.9~ynh3 **Versión actual:** 2.0.0~ynh1
**Demo:** <https://demo.hedgedoc.org/> **Demo:** <https://demo.hedgedoc.org/>

2
README_eu.md
View file

@ -29,7 +29,7 @@ You can use it to easily collaborate on notes, graphs and even presentations in
- Low system requirements - Low system requirements
**Paketatutako bertsioa:** 1.9.9~ynh3 **Paketatutako bertsioa:** 2.0.0~ynh1
**Demoa:** <https://demo.hedgedoc.org/> **Demoa:** <https://demo.hedgedoc.org/>

2
README_fr.md
View file

@ -29,7 +29,7 @@ Vous pouvez l'utiliser pour collaborer facilement sur des notes, des graphiques
- Faible configuration système requise - Faible configuration système requise
**Version incluse:** 1.9.9~ynh3 **Version incluse:** 2.0.0~ynh1
**Démo:** <https://demo.hedgedoc.org/> **Démo:** <https://demo.hedgedoc.org/>

2
README_gl.md
View file

@ -29,7 +29,7 @@ You can use it to easily collaborate on notes, graphs and even presentations in
- Low system requirements - Low system requirements
**Versión proporcionada:** 1.9.9~ynh3 **Versión proporcionada:** 2.0.0~ynh1
**Demo:** <https://demo.hedgedoc.org/> **Demo:** <https://demo.hedgedoc.org/>

2
README_zh_Hans.md
View file

@ -29,7 +29,7 @@ You can use it to easily collaborate on notes, graphs and even presentations in
- Low system requirements - Low system requirements
**分发版本:** 1.9.9~ynh3 **分发版本:** 2.0.0~ynh1
**演示:** <https://demo.hedgedoc.org/> **演示:** <https://demo.hedgedoc.org/>

6
conf/systemd.service → conf/backend.service
View file

@ -1,5 +1,5 @@
[Unit] [Unit]
Description=HedgeDoc: collaborative Markdown notes Description=HedgeDoc: collaborative Markdown notes backend
Documentation=https://github.com/hedgedoc/hedgedoc Documentation=https://github.com/hedgedoc/hedgedoc
After=network.target postgresql.service After=network.target postgresql.service
@ -7,10 +7,10 @@ After=network.target postgresql.service
Type=simple Type=simple
User=__APP__ User=__APP__
Group=__APP__ Group=__APP__
WorkingDirectory=__INSTALL_DIR__ WorkingDirectory=__INSTALL_DIR__/backend
Environment="__YNH_NODE_LOAD_PATH__" Environment="__YNH_NODE_LOAD_PATH__"
Environment="NODE_ENV=production" Environment="NODE_ENV=production"
ExecStart=__YNH_NPM__ start --production ExecStart=__YNH_NPM__ start
Restart=always Restart=always
# Sandboxing options to harden security # Sandboxing options to harden security

61
conf/config.json.example
View file

@ -1,61 +0,0 @@
{
"production": {
"protocolUseSSL": true,
"domain": "__DOMAIN__",
"port": "__PORT__",
"urlPath": "__URL_PATH__",
"loglevel": "info",
"useCDN": false,
"allowGravatar": false,
"allowFreeURL": __ALLOW_FREE_URL__,
"requireFreeURLAuthentication": __REQUIRE_FREE_URL_AUTHENTICATION__,
"allowAnonymous": __ALLOW_ANONYMOUS__,
"allowAnonymousEdits": __ALLOW_ANONYMOUS_EDITS__,
"defaultPermission": "locked",
"email": true,
"allowEmailRegister": __ALLOW_EMAIL_REGISTRATION__,
"imageUploadType": "filesystem",
"tooBusyLag": 1000,
"hsts": {
"enable": true,
"maxAgeSeconds": 31536000,
"includeSubdomains": true,
"preload": true
},
"csp": {
"enable": true,
"directives": {
},
"upgradeInsecureRequests": "auto",
"addDefaults": true,
"addDisqus": true,
"allowFraming": false,
"addGoogleAnalytics": false
},
"minio": {
"accessKey": "",
"secretKey": "",
"endPoint": "localhost",
"port": 9000,
"secure": false
},
"db": {
"username": "__DB_USER__",
"password": "__DB_PWD__",
"database": "__DB_NAME__",
"host": "localhost",
"port": "5432",
"dialect": "postgres"
},
"ldap": {
"url": "ldap://127.0.0.1:389",
"bindDn": null,
"bindCredentials": null,
"searchBase": "ou=users,dc=yunohost,dc=org",
"searchFilter": "(&(|(objectclass=posixAccount))(uid={{username}})(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))",
"usernameField": "cn",
"useridField": "uid",
"providerName": "YunoHost"
}
}
}

28
conf/env_backend Normal file
View file

@ -0,0 +1,28 @@
# SPDX-FileCopyrightText: 2021 The HedgeDoc developers (see AUTHORS file)
#
# SPDX-License-Identifier: CC0-1.0
HD_DOMAIN="https://__DOMAIN____PATH__"
PORT=__PORT_BACKEND__
HD_MEDIA_BACKEND="filesystem"
HD_MEDIA_BACKEND_FILESYSTEM_UPLOAD_PATH="uploads/"
HD_DATABASE_NAME="__DB_NAME__"
HD_DATABASE_USER="__DB_NAME__"
HD_DATABASE_PASS="__DB_PWD__"
HD_DATABASE_HOST="localhost"
HD_DATABASE_PORT="5432"
HD_DATABASE_DIALECT="postgres"
HD_AUTH_LDAPS="YUNOHOST"
HD_AUTH_LDAP_YUNOHOST_PROVIDER_NAME="YunoHost"
HD_AUTH_LDAP_YUNOHOST_URL="ldap://127.0.0.1:389"
#HD_AUTH_LDAP_YUNOHOST_BIND_DN=null
#HD_AUTH_LDAP_YUNOHOST_BIND_CREDENTIALS=null
HD_AUTH_LDAP_YUNOHOST_SEARCH_BASE="ou=users,dc=yunohost,dc=org"
HD_AUTH_LDAP_YUNOHOST_SEARCH_FILTER="(&(|(objectclass=posixAccount))(uid={{username}})(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))"
#HD_AUTH_LDAP_YUNOHOST_SEARCH_ATTRIBUTES=
HD_AUTH_LDAP_YUNOHOST_USERNAME_FIELD="cn"
HD_AUTH_LDAP_YUNOHOST_USERID_FIELD="uid"
#HD_AUTH_LDAP_YUNOHOST_TLS_CA=

27
conf/frontend.service Normal file
View file

@ -0,0 +1,27 @@
[Unit]
Description=HedgeDoc: collaborative Markdown notes frontend
Documentation=https://github.com/hedgedoc/hedgedoc
After=network.target postgresql.service __APP___backend.service
[Service]
Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=__INSTALL_DIR__/frontend
Environment="__YNH_NODE_LOAD_PATH__"
Environment="NODE_ENV=production"
Environment="PORT=__PORT_FRONTEND__"
Environment="REACT_APP_BACKEND_BASE_URL=http://localhost:__PORT_BACKEND__/"
ExecStart=__INSTALL_DIR__/frontend/node_modules/.bin/cross-env PORT=__PORT_FRONTEND__ REACT_APP_BACKEND_BASE_URL=http://localhost:__PORT_BACKEND__/ __INSTALL_DIR__/frontend/node_modules/.bin/craco start
Restart=always
PrivateTmp=true
PrivateDevices=true
ProtectControlGroups=true
ProtectHome=true
ProtectKernelTunables=true
ProtectSystem=full
RestrictSUIDSGID=true
[Install]
WantedBy=multi-user.target

45
conf/nginx.conf
View file

@ -1,26 +1,27 @@
#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
location __PATH__/ { location __PATH__/ {
proxy_pass http://127.0.0.1:__PORT__/; proxy_pass http://127.0.0.1:__PORT_FRONTEND__;
proxy_redirect off; proxy_set_header X-Forwarded-Host $host;
proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; }
proxy_set_header X-Forwarded-Host $server_name;
location ~ ^__PATH__/(api|public|uploads|apidoc)/ {
proxy_http_version 1.1; proxy_pass http://127.0.0.1:__PORT_BACKEND__;
proxy_set_header Connection "upgrade"; proxy_set_header X-Forwarded-Host $host;
proxy_set_header Upgrade $http_upgrade; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# setup for image upload proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 256M; }
proxy_max_temp_file_size 1024M;
location __PATH__/realtime {
proxy_read_timeout 300; proxy_pass http://127.0.0.1:__PORT_BACKEND__;
proxy_connect_timeout 300; proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Real-IP $remote_addr;
# Include SSOWAT user panel. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
include conf.d/yunohost_panel.conf.inc; proxy_set_header X-Forwarded-Proto $scheme;
more_clear_input_headers 'Accept-Encoding'; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
} }

8
manifest.toml
View file

@ -5,7 +5,7 @@ name = "HedgeDoc"
description.en = "Collaborative editor to work on notes written in Markdown" description.en = "Collaborative editor to work on notes written in Markdown"
description.fr = "Éditeur collaboratif pour travailler sur des notes en Markdown" description.fr = "Éditeur collaboratif pour travailler sur des notes en Markdown"
version = "1.9.9~ynh3" version = "2.0.0~ynh1"
maintainers = [] maintainers = []
@ -48,11 +48,13 @@ ram.runtime = "50M"
[resources.sources] [resources.sources]
[resources.sources.main] [resources.sources.main]
url = "https://github.com/hedgedoc/hedgedoc/releases/download/1.9.9/hedgedoc-1.9.9.tar.gz" url = "https://github.com/hedgedoc/hedgedoc/archive/refs/tags/v2.0.0-alpha.2.tar.gz"
sha256 = "1769d30e60458040475a6d74f53952101962c40c390765e19e6ff6f3fe70c008" sha256 = "626bdb721b7ec13b4103bfc8b043cca6bc5037c87cbf73b5aace2e44758a0c2a"
autoupdate.strategy = "latest_github_tag" autoupdate.strategy = "latest_github_tag"
[resources.ports] [resources.ports]
frontend.default = 3001
backend.default = 3000
[resources.system_user] [resources.system_user]

2
scripts/change_url
View file

@ -36,7 +36,7 @@ ynh_backup_if_checksum_is_different --file="$install_dir/config.json"
domain=$new_domain domain=$new_domain
url_path=${new_path#/} url_path=${new_path#/}
ynh_add_config --template="../conf/config.json.example" --destination="$install_dir/config.json" ynh_add_config --template="config.json.example" --destination="$install_dir/config.json"
chmod 400 "$install_dir/config.json" chmod 400 "$install_dir/config.json"
chown $app:$app "$install_dir/config.json" chown $app:$app "$install_dir/config.json"

58
scripts/install
View file

@ -23,11 +23,8 @@ require_free_url_authentication=false
# STORE SETTINGS FROM MANIFEST # STORE SETTINGS FROM MANIFEST
#================================================= #=================================================
ynh_app_setting_set --app=$app --key=allow_anonymous --value=$allow_anonymous ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=allow_email_registration --value=$allow_email_registration ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=allow_free_url --value=$allow_free_url
ynh_app_setting_set --app=$app --key=require_free_url_authentication --value=$require_free_url_authentication
ynh_app_setting_set --app=$app --key=allow_anonymous_edits --value=$allow_anonymous_edits
#================================================= #=================================================
# INSTALL DEPENDENCIES # INSTALL DEPENDENCIES
@ -36,17 +33,17 @@ ynh_script_progression --message="Installing dependencies..." --weight=20
# Install Nodejs # Install Nodejs
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
ynh_use_nodejs
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================
ynh_script_progression --message="Setting up source files..." --weight=2 ynh_script_progression --message="Setting up source files..." --weight=1
# Download, check integrity, uncompress and patch the source from app.src # Download, check integrity, uncompress and patch the source from manifest.toml
ynh_setup_source --dest_dir=$install_dir ynh_setup_source --dest_dir="$install_dir"
chmod -R o-rwx "$install_dir" chown -R "$app:www-data" "$install_dir"
chown -R $app:www-data "$install_dir"
#================================================= #=================================================
# SYSTEM CONFIGURATION # SYSTEM CONFIGURATION
@ -55,21 +52,29 @@ ynh_script_progression --message="Adding system configurations related to $app..
ynh_add_nginx_config ynh_add_nginx_config
ynh_add_systemd_config ynh_add_systemd_config --service="${app}_backend" --template="../conf/backend.service"
ynh_add_systemd_config --service="${app}_frontend" --template="../conf/frontend.service"
yunohost service add $app --description="Collaborative Markdown editor" --log="/var/log/$app/$app.log" yunohost service add "${app}_backend" --description="Collaborative Markdown editor's backend" --log="/var/log/$app/$app.log"
yunohost service add "${app}_frontend" --description="Collaborative Markdown editor's frontend" --log="/var/log/$app/$app.log"
#================================================= #=================================================
# SPECIFIC SETUP # SPECIFIC SETUP
#============================================== #==============================================
# INSTALL HEDGEDOC # INSTALL HEDGEDOC
#============================================== #==============================================
ynh_script_progression --message="Building $app... (this will take some time and resources!)" --weight=10 ynh_script_progression --message="Building $app... (this will take some time and resources!)" --weight=20
pushd "$install_dir" pushd "$install_dir/backend"
ynh_use_nodejs ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn install
ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn workspaces focus --production popd
ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn cache clean
pushd "$install_dir/frontend"
ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn install
# TODO: Fails out of memory in my tests
# Production build
# Not sure if PORT is necessary here
# PORT=$port_frontend REACT_APP_BACKEND_BASE_URL=http://localhost:$port_backend/ yarn build:production
popd popd
#================================================= #=================================================
@ -77,11 +82,19 @@ popd
#================================================= #=================================================
ynh_script_progression --message="Modifying a config file..." --weight=1 ynh_script_progression --message="Modifying a config file..." --weight=1
url_path=${path#/} #path=${path_url:1}
ynh_add_config --template="config.json.example" --destination="$install_dir/config.json" ynh_add_config --template="env_backend" --destination="$install_dir/backend/.env"
chmod 600 "$install_dir/config.json" #=================================================
chown $app:$app "$install_dir/config.json" # GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
ynh_script_progression --message="Securing files and directories..." --weight=1
# Set permissions to app files
chown -R $app:$app $install_dir
chmod o-rwx $install_dir
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
@ -89,7 +102,8 @@ chown $app:$app "$install_dir/config.json"
ynh_script_progression --message="Starting a systemd service..." --weight=2 ynh_script_progression --message="Starting a systemd service..." --weight=2
# Start a systemd service # Start a systemd service
ynh_systemd_action --service_name=$app --action=start --log_path=systemd --line_match="HTTP Server listening" ynh_systemd_action --service_name="${app}_backend" --action=start --log_path=systemd
ynh_systemd_action --service_name="${app}_frontend" --action=start --log_path=systemd
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT

16
scripts/remove
View file

@ -17,13 +17,21 @@ source /usr/share/yunohost/helpers
ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) # Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
if ynh_exec_warn_less yunohost service status $app >/dev/null if ynh_exec_warn_less yunohost service status ${app}_backend >/dev/null
then then
ynh_script_progression --message="Removing $app service..." --weight=1 ynh_script_progression --message="Removing ${app}_backend service..." --weight=1
yunohost service remove $app yunohost service remove ${app}_backend
fi fi
ynh_remove_systemd_config if ynh_exec_warn_less yunohost service status ${app}_frontend >/dev/null
then
ynh_script_progression --message="Removing ${app}_frontend service..." --weight=1
yunohost service remove ${app}_frontend
fi
# Remove the dedicated systemd config
ynh_remove_systemd_config --service=${app}_backend
ynh_remove_systemd_config --service=${app}_frontend
ynh_remove_nodejs ynh_remove_nodejs

9
scripts/restore
View file

@ -43,17 +43,18 @@ ynh_script_progression --message="Restoring system configurations related to $ap
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_restore_file --origin_path="/etc/systemd/system/$app.service" ynh_restore_file --origin_path="/etc/systemd/system/${app}_backend.service"
ynh_restore_file --origin_path="/etc/systemd/system/${app}_frontend.service"
systemctl enable $app.service --quiet systemctl enable $app.service --quiet
yunohost service add $app --description="Collaborative Markdown editor" --log="/var/log/$app/$app.log"
#================================================= #=================================================
# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE # RELOAD NGINX AND PHP-FPM OR THE APP SERVICE
#================================================= #=================================================
ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
ynh_systemd_action --service_name=$app --action=start --log_path=systemd --line_match="HTTP Server listening" # Start a systemd service
ynh_systemd_action --service_name="${app}_backend" --action=start --log_path=systemd
ynh_systemd_action --service_name="${app}_frontend" --action=start --log_path=systemd
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload

19
scripts/upgrade
View file

@ -77,11 +77,16 @@ yunohost service add $app --description="Collaborative Markdown editor" --log="/
#============================================== #==============================================
ynh_script_progression --message="Building $app... (this will take some time and resources!)" --weight=10 ynh_script_progression --message="Building $app... (this will take some time and resources!)" --weight=10
pushd "$install_dir" pushd "$install_dir/backend"
ynh_secure_remove /usr/local/share/.cache/yarn ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn install
ynh_use_nodejs popd
ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn workspaces focus --production
ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn cache clean pushd "$install_dir/frontend"
ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn install
# TODO: Fails out of memory in my tests
# Production build
# Not sure if PORT is necessary here
# PORT=$port_frontend REACT_APP_BACKEND_BASE_URL=http://localhost:$port_backend/ yarn build:production
popd popd
#================================================= #=================================================
@ -100,7 +105,9 @@ chown $app:$app "$install_dir/config.json"
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action=start --log_path=systemd --line_match="HTTP Server listening" # Start a systemd service
ynh_systemd_action --service_name="${app}_backend" --action=start --log_path=systemd
ynh_systemd_action --service_name="${app}_frontend" --action=start --log_path=systemd
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT