7 Commits

Author SHA1 Message Date
f
3efbfec419 chore: publish 1.2.2+1.10.1 release
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/tag Build is passing
2025-02-03 09:42:30 -03:00
f
93e5604fcb fix: GHSA-6w39-x2c6-6mpf
https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-6w39-x2c6-6mpf
2025-02-03 09:34:32 -03:00
917766023b Update .drone.yml
Some checks failed
continuous-integration/drone/push Build is failing
2025-01-08 10:09:12 -08:00
6feab6a99e Merge pull request 'envvars' (#16) from fauno/hedgedoc:envvars into main
Some checks failed
continuous-integration/drone/push Build is failing
Reviewed-on: #16
2024-10-27 06:22:01 +00:00
f
ca5a95bea6 fix: load secret from file into env var
Some checks failed
continuous-integration/drone/pr Build is failing
2024-10-26 11:01:18 -03:00
f
6a036c4c82 fix: set session secret
Some checks failed
continuous-integration/drone/pr Build is failing
2024-10-25 17:47:27 -03:00
f
d19f286c11 fix: require authentication for free urls 2024-10-25 17:46:47 -03:00
5 changed files with 13 additions and 3 deletions

View File

@ -35,7 +35,7 @@ steps:
from_secret: drone_abra-bot_token
fork: true
repositories:
- coop-cloud/auto-recipes-catalogue-json
- toolshed/auto-recipes-catalogue-json
trigger:
event: tag

View File

@ -9,6 +9,7 @@ DOMAIN=hedgedoc.example.com
LETS_ENCRYPT_ENV=production
SECRET_DB_PASSWORD_VERSION=v1
SECRET_SESSION_SECRET_VERSION=v1
COMPOSE_FILE="compose.yml"
@ -34,6 +35,7 @@ COMPOSE_FILE="compose.yml"
# CMD_ALLOW_ANONYMOUS_EDITS=false
# CMD_ALLOW_EMAIL_REGISTER=true
# CMD_ALLOW_FREEURL=false
# CMD_REQUIRE_FREEURL_AUTHENTICATION=true
# CMD_ALLOW_GRAVATAR=true
# CMD_ALLOW_ORIGIN=localhost
# CMD_COOKIE_POLICY=lax

View File

@ -1,7 +1,7 @@
version: "3.8"
services:
app:
image: quay.io/hedgedoc/hedgedoc:1.10.0
image: quay.io/hedgedoc/hedgedoc:1.10.1
environment:
- CMD_USECDN=false
- CMD_URL_ADDPORT=false
@ -16,6 +16,7 @@ services:
- CMD_ALLOW_ANONYMOUS_EDITS
- CMD_ALLOW_EMAIL_REGISTER
- CMD_ALLOW_FREEURL
- CMD_REQUIRE_FREEURL_AUTHENTICATION
- CMD_ALLOW_GRAVATAR
- CMD_ALLOW_ORIGIN
- CMD_COOKIE_POLICY
@ -26,6 +27,7 @@ services:
- CMD_DEFAULT_PERMISSION
- CMD_EMAIL
- CMD_SESSION_LIFE
- CMD_SESSION_SECRET_FILE=/run/secrets/session_secret
- DOCUMENT_MAX_LENGTH
depends_on:
- db
@ -36,6 +38,7 @@ services:
- codimd_uploads:/hedgedoc/public/uploads
secrets:
- db_password
- session_secret
entrypoint: /docker-entrypoint.sh
configs:
- source: entrypoint_conf
@ -57,7 +60,7 @@ services:
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
- "coop-cloud.${STACK_NAME}.version=1.2.1+1.10.0"
- "coop-cloud.${STACK_NAME}.version=1.2.2+1.10.1"
healthcheck:
test: "nodejs -e \"http.get('http://localhost:3000', (res) => { console.log('status: ', res.statusCode); if (res.statusCode == 200) { process.exit(0); } else { process.exit(1); } });\""
interval: 30s
@ -100,6 +103,9 @@ secrets:
db_password:
external: true
name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
session_secret:
external: true
name: ${STACK_NAME}_session_secret_${SECRET_SESSION_SECRET_VERSION}
networks:
proxy:
external: true

View File

@ -24,6 +24,7 @@ file_env() {
load_vars() {
file_env "CMD_DB_PASSWORD"
file_env "CMD_OAUTH2_CLIENT_SECRET"
file_env "CMD_SESSION_SECRET"
}
main() {

1
release/1.2.2+1.10.1 Normal file
View File

@ -0,0 +1 @@
Upgrade to fix GHSA-6w39-x2c6-6mpf