From f543dfab041a9ef06805a69057007912c744a8df Mon Sep 17 00:00:00 2001 From: Chris Thompson Date: Thu, 15 Dec 2022 16:20:09 -0500 Subject: [PATCH 1/8] Correct README re: configuring users --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index f1d0e4e..bd64245 100644 --- a/README.md +++ b/README.md @@ -25,8 +25,8 @@ 5. `abra app deploy YOURAPPDOMAIN` 6. Create initial user: ``` - abra app YOURAPPDOMAIN run app bash - . /docker-entrypoint2.sh -e + abra app run YOURAPPDOMAIN app bash + . /docker-entrypoint.sh -e bin/manage_users [hedegedoc]: https://github.com/hedgedoc/hedgedoc -- 2.49.0 From a3fecc1e3602b5e520a079914e2350675e477d77 Mon Sep 17 00:00:00 2001 From: Chris Thompson Date: Fri, 16 Dec 2022 15:46:36 -0500 Subject: [PATCH 2/8] Correct location of public upload files --- compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/compose.yml b/compose.yml index 8035b84..0614669 100644 --- a/compose.yml +++ b/compose.yml @@ -33,7 +33,7 @@ services: - proxy - internal volumes: - - codimd_uploads:/home/hackmd/app/public/uploads + - codimd_uploads:/hedgedoc/public/uploads secrets: - db_password entrypoint: /docker-entrypoint.sh -- 2.49.0 From 01a360cf6028b7005a2fcd3214d7a71ef34dbe09 Mon Sep 17 00:00:00 2001 From: Chris Thompson Date: Fri, 16 Dec 2022 15:46:52 -0500 Subject: [PATCH 3/8] Remove unnecessary mode assignment for config.json --- compose.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/compose.yml b/compose.yml index 0614669..dd27471 100644 --- a/compose.yml +++ b/compose.yml @@ -43,7 +43,6 @@ services: mode: 0555 - source: config_json target: /files/config.json - mode: 0555 deploy: restart_policy: condition: on-failure -- 2.49.0 From 398c254b89fc1a84e46976c9f8697c5f924f9ea9 Mon Sep 17 00:00:00 2001 From: Chris Thompson Date: Fri, 16 Dec 2022 15:48:20 -0500 Subject: [PATCH 4/8] Make backup configuration functional Add in hedgedoc documents --- compose.yml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/compose.yml b/compose.yml index dd27471..b371675 100644 --- a/compose.yml +++ b/compose.yml @@ -56,6 +56,8 @@ services: - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect" - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true" - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}" + - "backupbot.backup=true" + - "backupbot.backup.path=/hedgedoc/public/uploads" - coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120} - coop-cloud.${STACK_NAME}.version=0.5.1+1.9.8 healthcheck: @@ -78,12 +80,12 @@ services: - internal deploy: labels: - backupbot.backup: "true" - backupbot.backup.pre-hook: "mkdir -p /tmp/backup/ && PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /tmp/backup/backup.sql" - backupbot.backup.post-hook: "rm -rf /tmp/backup" - backupbot.backup.path: "/tmp/backup/" - backupbot.restore: "true" - backupbot.restore.post-hook: "sh -c 'psql -U $${POSTGRES_USER} -d $${POSTGRES_DB} < ./backup.sql && rm -f ./backup.sql'" + backupbot.backup: "true" + backupbot.backup.pre-hook: "mkdir -p /tmp/backup/ && PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /tmp/backup/backup.sql" + backupbot.backup.post-hook: "rm -rf /tmp/backup" + backupbot.backup.path: "/tmp/backup/" + backupbot.restore: "true" + backupbot.restore.post-hook: "sh -c 'psql -U $${POSTGRES_USER} -d $${POSTGRES_DB} < ./backup.sql && rm -f ./backup.sql'" volumes: postgres: codimd_uploads: -- 2.49.0 From e53e97e8d93848e8b111856dfc931cf794ef236f Mon Sep 17 00:00:00 2001 From: Chris Thompson Date: Fri, 16 Dec 2022 15:49:42 -0500 Subject: [PATCH 5/8] Remove legacy backup configuration --- abra.sh | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/abra.sh b/abra.sh index 76461a6..ab5889e 100644 --- a/abra.sh +++ b/abra.sh @@ -1,13 +1 @@ -export ENTRYPOINT_CONF_VERSION=v8 - -abra_backup_app() { - _abra_backup_dir "app:/home/hackmd/app/public/uploads/" -} - -abra_backup_db() { - _abra_backup_postgres "db" "codimd" "codimd" "db_password" -} - -abra_backup() { - abra_backup_app && abra_backup_db -} +export ENTRYPOINT_CONF_VERSION=v9 -- 2.49.0 From 317e6517a8e26bb21b9836669aa9a3b96298ee4c Mon Sep 17 00:00:00 2001 From: Chris Thompson Date: Fri, 28 Jul 2023 17:14:58 -0400 Subject: [PATCH 6/8] Add SESSION_SECRET variable --- .env.sample | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.env.sample b/.env.sample index d232c47..492c000 100644 --- a/.env.sample +++ b/.env.sample @@ -8,7 +8,7 @@ DOMAIN=hedgedoc.example.com LETS_ENCRYPT_ENV=production SECRET_DB_PASSWORD_VERSION=v1 - +SECRET_CMD_SESSION_SECRET=v1 COMPOSE_FILE="compose.yml" # OAuth, see https://docs.hedgedoc.org/guides/auth/keycloak/ -- 2.49.0 From 7159b3627235fd8ee367045a13d41086ae72308f Mon Sep 17 00:00:00 2001 From: Chris Thompson Date: Fri, 28 Jul 2023 17:19:01 -0400 Subject: [PATCH 7/8] Add FREEURL_AUTH setting --- .env.sample | 1 + compose.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.env.sample b/.env.sample index 492c000..41dda22 100644 --- a/.env.sample +++ b/.env.sample @@ -42,6 +42,7 @@ COMPOSE_FILE="compose.yml" # CMD_CSP_REPORTURI=undefined # CMD_DEFAULT_PERMISSION=editable # CMD_EMAIL=true +# CMD_REQUIRE_FREEURL_AUTHENTICATION=false # CMD_SESSION_LIFE=1209600000 # Only present in config.json (no equivalent env var): # DOCUMENT_MAX_LENGTH=100000 diff --git a/compose.yml b/compose.yml index b371675..20f41e7 100644 --- a/compose.yml +++ b/compose.yml @@ -25,6 +25,7 @@ services: - CMD_CSP_REPORTURI - CMD_DEFAULT_PERMISSION - CMD_EMAIL + - CMD_REQUIRE_FREEURL_AUTHENTICATION - CMD_SESSION_LIFE - DOCUMENT_MAX_LENGTH depends_on: -- 2.49.0 From d299d5461d7dbc07916f89df1e36f0a5e6a5800a Mon Sep 17 00:00:00 2001 From: Chris Thompson Date: Fri, 28 Jul 2023 17:19:13 -0400 Subject: [PATCH 8/8] Add basic health check for db container --- compose.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/compose.yml b/compose.yml index 20f41e7..a73d7cb 100644 --- a/compose.yml +++ b/compose.yml @@ -87,6 +87,12 @@ services: backupbot.backup.path: "/tmp/backup/" backupbot.restore: "true" backupbot.restore.post-hook: "sh -c 'psql -U $${POSTGRES_USER} -d $${POSTGRES_DB} < ./backup.sql && rm -f ./backup.sql'" + healthcheck: + test: "pg_isready" + interval: 30s + timeout: 10s + retries: 5 + start_period: 1m volumes: postgres: codimd_uploads: -- 2.49.0