From 2310cb937818db017c6bba67c9a6df9c5471eda9 Mon Sep 17 00:00:00 2001
From: f <f@sutty.nl>
Date: Fri, 25 Oct 2024 17:50:18 -0300
Subject: [PATCH 1/6] feat: support sqlite

---
 .env.sample |  2 --
 compose.yml | 49 ++++---------------------------------------------
 2 files changed, 4 insertions(+), 47 deletions(-)

diff --git a/.env.sample b/.env.sample
index c6ba74f..57ff6ec 100644
--- a/.env.sample
+++ b/.env.sample
@@ -8,8 +8,6 @@ DOMAIN=hedgedoc.example.com
 #EXTRA_DOMAINS=', `www.hedgedoc.example.com`'
 LETS_ENCRYPT_ENV=production
 
-SECRET_DB_PASSWORD_VERSION=v1
-
 COMPOSE_FILE="compose.yml"
 
 # OAuth, see https://docs.hedgedoc.org/guides/auth/keycloak/
diff --git a/compose.yml b/compose.yml
index 02bfc7f..640b040 100644
--- a/compose.yml
+++ b/compose.yml
@@ -8,10 +8,7 @@ services:
       - CMD_DOMAIN=$DOMAIN
       - CMD_PROTOCOL_USESSL=true
       - CMD_HSTS_ENABLE=false
-      - CMD_DB_NAME=codimd
-      - CMD_DB_USER=codimd
-      - CMD_DB_HOST=db
-      - CMD_DB_PASSWORD_FILE=/run/secrets/db_password
+      - CMD_DB_URL=sqlite:/database/db.sqlite3
       - CMD_ALLOW_ANONYMOUS
       - CMD_ALLOW_ANONYMOUS_EDITS
       - CMD_ALLOW_EMAIL_REGISTER
@@ -27,13 +24,11 @@ services:
       - CMD_EMAIL
       - CMD_SESSION_LIFE
       - DOCUMENT_MAX_LENGTH
-    depends_on:
-      - db
     networks:
       - proxy
-      - internal
     volumes:
       - codimd_uploads:/hedgedoc/public/uploads
+      - codimd_database:/database
     secrets:
       - db_password
     entrypoint: /docker-entrypoint.sh
@@ -58,52 +53,19 @@ services:
         - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
         - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
         - "coop-cloud.${STACK_NAME}.version=1.2.1+1.10.0"
+        - "backupbot.backup=true"
     healthcheck:
       test: "nodejs -e \"http.get('http://localhost:3000', (res) => { console.log('status: ', res.statusCode); if (res.statusCode == 200) { process.exit(0); } else { process.exit(1); } });\""
       interval: 30s
       timeout: 10s
       retries: 10
       start_period: 1m
-  db:
-    image: postgres:16.4-alpine
-    environment:
-      - POSTGRES_USER=codimd
-      - POSTGRES_PASSWORD_FILE=/run/secrets/db_password
-      - POSTGRES_DB=codimd
-    volumes:
-      - "postgres:/var/lib/postgresql/data"
-    secrets:
-      - db_password
-    networks:
-      - internal
-    deploy:
-      labels:
-        backupbot.backup: "${ENABLE_BACKUPS:-true}"
-        backupbot.backup.pre-hook: "/pg_backup.sh backup"
-        backupbot.backup.volumes.postgres.path: "backup.sql"
-        backupbot.restore.post-hook: '/pg_backup.sh restore'
-    healthcheck:
-      test: "pg_isready"
-      interval: 30s
-      timeout: 10s
-      retries: 5
-      start_period: 1m
-    configs:
-        - source: pg_backup
-          target: /pg_backup.sh
-          mode: 0555
-
 volumes:
-  postgres:
   codimd_uploads:
-secrets:
-  db_password:
-    external: true
-    name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
+  codimd_database:
 networks:
   proxy:
     external: true
-  internal:
 configs:
   config_json:
     name: ${STACK_NAME}_config_${ENTRYPOINT_CONF_VERSION}
@@ -113,6 +75,3 @@ configs:
     name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_CONF_VERSION}
     file: entrypoint.sh.tmpl
     template_driver: golang
-  pg_backup:
-    name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION}
-    file: pg_backup.sh

From 3a98857b5c8979e1e8500621afe6f65f360fde8b Mon Sep 17 00:00:00 2001
From: f <f@sutty.nl>
Date: Fri, 25 Oct 2024 16:40:50 -0300
Subject: [PATCH 2/6] feat: postgresql support is optional

---
 .env.sample            |  5 ++++
 compose.postgresql.yml | 55 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 60 insertions(+)
 create mode 100644 compose.postgresql.yml

diff --git a/.env.sample b/.env.sample
index 57ff6ec..c31de57 100644
--- a/.env.sample
+++ b/.env.sample
@@ -10,6 +10,11 @@ LETS_ENCRYPT_ENV=production
 
 COMPOSE_FILE="compose.yml"
 
+# PostgreSQL
+
+#COMPOSE_FILE="$COMPOSE_FILE:compose.postgresql.yml"
+#SECRET_DB_PASSWORD_VERSION=v1
+
 # OAuth, see https://docs.hedgedoc.org/guides/auth/keycloak/
 
 #COMPOSE_FILE="$COMPOSE_FILE:compose.oauth.yml"
diff --git a/compose.postgresql.yml b/compose.postgresql.yml
new file mode 100644
index 0000000..6fc8ee5
--- /dev/null
+++ b/compose.postgresql.yml
@@ -0,0 +1,55 @@
+version: "3.8"
+services:
+  app:
+    environment:
+      - CMD_DB_URL=
+      - CMD_DB_NAME=codimd
+      - CMD_DB_USER=codimd
+      - CMD_DB_HOST=db
+      - CMD_DB_PASSWORD_FILE=/run/secrets/db_password
+    depends_on:
+      - db
+    networks:
+      - internal
+    secrets:
+      - db_password
+  db:
+    image: postgres:16.4-alpine
+    environment:
+      - POSTGRES_USER=codimd
+      - POSTGRES_PASSWORD_FILE=/run/secrets/db_password
+      - POSTGRES_DB=codimd
+    volumes:
+      - "postgres:/var/lib/postgresql/data"
+    secrets:
+      - db_password
+    networks:
+      - internal
+    deploy:
+      labels:
+        backupbot.backup: "${ENABLE_BACKUPS:-true}"
+        backupbot.backup.pre-hook: "/pg_backup.sh backup"
+        backupbot.backup.volumes.postgres.path: "backup.sql"
+        backupbot.restore.post-hook: '/pg_backup.sh restore'
+    healthcheck:
+      test: "pg_isready"
+      interval: 30s
+      timeout: 10s
+      retries: 5
+      start_period: 1m
+    configs:
+        - source: pg_backup
+          target: /pg_backup.sh
+          mode: 0555
+volumes:
+  postgres:
+secrets:
+  db_password:
+    external: true
+    name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
+networks:
+  internal:
+configs:
+  pg_backup:
+    name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION}
+    file: pg_backup.sh

From 35e78f4834f51a418f7e07448d4bac11f1a57a53 Mon Sep 17 00:00:00 2001
From: f <f@sutty.nl>
Date: Fri, 25 Oct 2024 17:52:50 -0300
Subject: [PATCH 3/6] fix: don't overwrite CMD_DB_URL

---
 entrypoint.sh.tmpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/entrypoint.sh.tmpl b/entrypoint.sh.tmpl
index 6692448..56b14ec 100644
--- a/entrypoint.sh.tmpl
+++ b/entrypoint.sh.tmpl
@@ -37,7 +37,7 @@ main() {
 
 main
 
-export CMD_DB_URL=postgres://$CMD_DB_USER:$CMD_DB_PASSWORD@$CMD_DB_HOST:5432/$CMD_DB_NAME
+export CMD_DB_URL="${CMD_DB_URL:-postgres://$CMD_DB_USER:$CMD_DB_PASSWORD@$CMD_DB_HOST:5432/$CMD_DB_NAME}"
 
 # 3wc: `source /docker-entrypoint.sh -e` to load CMD_DB_URL for CLI scripts
 if [ ! "${1-}" == "-e" ]; then

From 45986d1af4c28cc143c65d01f3df8d47c846b617 Mon Sep 17 00:00:00 2001
From: f <f@sutty.nl>
Date: Sat, 26 Oct 2024 10:59:54 -0300
Subject: [PATCH 4/6] fix: db_password secret not needed

---
 compose.yml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/compose.yml b/compose.yml
index 640b040..03af131 100644
--- a/compose.yml
+++ b/compose.yml
@@ -29,8 +29,6 @@ services:
     volumes:
       - codimd_uploads:/hedgedoc/public/uploads
       - codimd_database:/database
-    secrets:
-      - db_password
     entrypoint: /docker-entrypoint.sh
     configs:
       - source: entrypoint_conf

From 6429b2720fc6d534798fbcb832e7f13a0346e593 Mon Sep 17 00:00:00 2001
From: f <f@sutty.nl>
Date: Sat, 26 Oct 2024 13:11:12 -0300
Subject: [PATCH 5/6] fix: chown the database

---
 abra.sh            | 2 +-
 entrypoint.sh.tmpl | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/abra.sh b/abra.sh
index d5adac0..a26aebe 100644
--- a/abra.sh
+++ b/abra.sh
@@ -1,2 +1,2 @@
-export ENTRYPOINT_CONF_VERSION=v9
+export ENTRYPOINT_CONF_VERSION=v10
 export PG_BACKUP_VERSION=v1
diff --git a/entrypoint.sh.tmpl b/entrypoint.sh.tmpl
index 56b14ec..9cb07d8 100644
--- a/entrypoint.sh.tmpl
+++ b/entrypoint.sh.tmpl
@@ -33,6 +33,8 @@ main() {
   mkdir -p "/hedgedoc/.npm" && \
     chown -R 10000:65534 "/hedgedoc/.npm" && \
     chmod "u+rwx" "/hedgedoc/.npm"
+
+  chown -R 10000:65534 /database
 }
 
 main

From 24c3349074380e9f631f179d202f6520d3f03795 Mon Sep 17 00:00:00 2001
From: f <f@sutty.nl>
Date: Sat, 26 Oct 2024 13:20:05 -0300
Subject: [PATCH 6/6] fix: backup bot configuration

---
 compose.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/compose.yml b/compose.yml
index 03af131..ea60f45 100644
--- a/compose.yml
+++ b/compose.yml
@@ -51,7 +51,7 @@ services:
         - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
         - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
         - "coop-cloud.${STACK_NAME}.version=1.2.1+1.10.0"
-        - "backupbot.backup=true"
+        - "backupbot.backup=${ENABLE_BACKUPS:-true}"
     healthcheck:
       test: "nodejs -e \"http.get('http://localhost:3000', (res) => { console.log('status: ', res.statusCode); if (res.statusCode == 200) { process.exit(0); } else { process.exit(1); } });\""
       interval: 30s