.drone.yml

@@ -35,7 +35,7 @@ steps:
         from_secret: drone_abra-bot_token
       fork: true
       repositories:
-        - coop-cloud/auto-recipes-catalogue-json
+        - toolshed/auto-recipes-catalogue-json
 
 trigger:
   event: tag

.env.sample

@@ -3,24 +3,32 @@ TYPE=federatedwiki
 DOMAIN=federatedwiki.example.com
 ## Domain aliases
 #EXTRA_DOMAINS=', `www.federatedwiki.example.com`'
+
 LETS_ENCRYPT_ENV=production
 
 COMPOSE_FILE="compose.yml"
 
-# Change to an absolute path to use a bind-mount, e.g. /opt/fedwiki
+## where the wiki data lives; change to an absolute path if you want a bind‑mount (e.g. /opt/fedwiki)
 FEDWIKI_VOLUME="fedwiki"
 
-# custom wiki.cafe image, for working oauth2 support
-#COMPOSE_FILE="$COMPOSE_FILE:compose.wikicafe.yml"
+## Persist the lib volume / node_modules directory. If you're not using plugmatic, you can disable this option.
+COMPOSE_FILE="$COMPOSE_FILE:compose.lib.yml"
 
-# Predefined "owner" security
-#COMPOSE_FILE="$COMPOSE_FILE:compose.owner.yml"
+## Note(3wc): If you change this after initial deployment, you will need to
+## manually copy the new value from `conf/config.initial.json`
+SECRET_COOKIE_SECRET_VERSION=v1  # length=30
 
-# persistent lib volume / node_modules directory, e.g. for plugmatic
-#COMPOSE_FILE="$COMPOSE_FILE:compose.lib.yml"
+## Specify wiki config filename. If running multiple farms on the same machine with unique configurations, each config needs a unique filename.
+## e.g. config-farm1.json, config-farm2.json, etc.
+## If there exists a config file named "config.json", it will be used by all farms by default.
+CONFIG_FILE="config.json"
 
-COOKIE_SECRET="asflkjqpweoriuwpeogdjgbpdofigh"
-AUTHOR="Baja Colorado"
-ADMIN_KEY="<paste from a .wiki/DOMAIN/status/owner.json file>"
+## If using Caddy:
+## Customize your Caddyfile to determine what domains are accessible and will get TLS certificates.
+## You are also able to enable access over HTTP by adding domains like: http://${DOMAIN}, http://*.${DOMAIN}, http://*.*.${DOMAIN}
+CADDY=https://${DOMAIN}, https://*.${DOMAIN}, https://*.*.${DOMAIN}, https://*.*.*.${DOMAIN}
 
-FEDWIKI_IS_PRIVATE=0
+## If using Traefik:
+## By default traefik allows: https://${DOMAIN}, https://*.${DOMAIN}, https://*.*.${DOMAIN}, https://*.*.*.${DOMAIN}
+## Uncomment the following line to also allow HTTP access
+#COMPOSE_FILE="$COMPOSE_FILE:compose.insecure.yml"

README.md

@@ -1,26 +1,25 @@
 # Federated Wiki
 
-Share pages circulating within a creative commons
+Share pages circulating within a creative commons.
+
+See [Federated Wiki on GitHub](https://github.com/fedwiki/wiki) for more information.
 
 <!-- metadata -->
+* **Maintainer**: [@3wordchant](https://git.coopcloud.tech/3wordchant), [@Bortseb](https://git.coopcloud.tech/Bortseb), [@cgalo5758](https://git.coopcloud.tech/cgalo5758)
+* **Status**: `stable`
 * **Category**: Apps
-* **Status**: 0, work-in-progress
-* **Image**: [`dobbs/farm`](https://hub.docker.com/r/dobbs/farm/), 4, upstream 
+* **Image**: [`wiki-cafe/fedwiki-oci-image`](https://git.coopcloud.tech/wiki-cafe/-/packages/container/fedwiki-oci-image/), 4, upstream 
 * **Healthcheck**: No
 * **Backups**: No
-* **Email**: No
+* **Email**: N/A
 * **Tests**: No
-* **SSO**: No
+* **SSO**: ? (Keycloak)
 <!-- endmetadata -->
 
 ## Basic usage
 
-1. Set up Docker Swarm and [`abra`]
-2. Deploy [`coop-cloud/traefik`]
-3. `abra app new federatedwiki`
-4. `abra app config YOURAPPDOMAIN` - be sure to change `DOMAIN` to something that resolves to
+1. Set up [Docker Swarm](https://docs.coopcloud.tech/operators/tutorial/#server-configuration) and [`abra`](https://docs.coopcloud.tech/abra/)
+2. `abra app new federatedwiki -S` - Copy the secret it generates, you will need it for your wiki config file.
+3. `abra app config YOURAPPDOMAIN` - be sure to change `DOMAIN` to something that resolves to
    your Docker swarm box
-5. `abra app deploy YOURAPPDOMAIN`
-
-[`abra`]: https://git.autonomic.zone/autonomic-cooperative/abra
-[`coop-cloud/traefik`]: https://git.autonomic.zone/coop-cloud/traefik
+4. `abra app deploy YOURAPPDOMAIN`

abra.sh

@@ -1,23 +1,2 @@
-export INSTALL_SH_VERSION=v9
-export CONFIG_JSON_VERSION=v7
-export CONFIG_OWNER_JSON_VERSION=v4
-
-abra_backup_app() {
-  _abra_backup_dir "app:/home/node/.wiki"
-}
-
-abra_restore_app() {
-  # shellcheck disable=SC2034
-  {
-	abra__src_="-"
-	abra__dst_="app:/home/node/.wiki"
-  }
-
-  zcat "$@" | sub_app_cp
-
-  success "Restored 'app'"
-}
-
-abra_backup() {
-  abra_backup_app
-}
+export ENTRYPOINT_SH_VERSION=v2
+export CONFIG_JSON_INITIAL_VERSION=v1

compose.insecure.yml

@@ -0,0 +1,11 @@
+---
+# NOTE: Do not use this in combination with the CADDY option in compose.yml
+version: "3.8"
+
+services:
+  app:
+    deploy:
+      labels:
+        - "traefik.http.services.${STACK_NAME}-non-tls.loadbalancer.server.port=3000"
+        - "traefik.http.routers.${STACK_NAME}-non-tls.rule=Host(`${DOMAIN}`) || HostRegexp(`{subdomain:\\w+}.${DOMAIN}`) || HostRegexp(`{subsubdomain:\\w+}.{subdomain:\\w+}.${DOMAIN}`) || HostRegexp(`{subsubsubdomain:\\w+}.{subsubdomain:\\w+}.{subdomain:\\w+}.${DOMAIN}`)"
+        - "traefik.http.routers.${STACK_NAME}-non-tls.entrypoints=web"

compose.owner.yml

@@ -1,15 +0,0 @@
-
----
-version: "3.8"
-
-services:
-  app:
-    configs:
-      - source: config_owner_json_conf
-        target: /home/node/config/config.owner.json
-
-configs:
-  config_owner_json_conf:
-    name: ${STACK_NAME}_config_owner_json_${CONFIG_OWNER_JSON_VERSION}
-    file: config.owner.json.tmpl
-    template_driver: golang

compose.wikicafe.yml

@@ -1,6 +0,0 @@
----
-version: "3.8"
-
-services:
-  app:
-    image: git.coopcloud.tech/wiki-cafe/wiki-farm:latest

compose.yml

@@ -3,61 +3,70 @@ version: "3.8"
 
 services:
   app:
-    image: dobbs/farm:1.0.18
-    command: /bin/sh config/install.sh
+    image: git.coopcloud.tech/wiki-cafe/fedwiki-oci-image:0.39.4-1
+    command: /bin/sh entrypoint.sh
     volumes:
-      - "fedwiki_friends:/home/node/config"
       - "${FEDWIKI_VOLUME}:/home/node/.wiki"
     networks:
       - proxy
     configs:
-      - source: install_sh_conf
-        target: /home/node/config/install.sh
-      - source: config_json_conf
-        target: /home/node/config/config.json
+      - source: entrypoint_sh
+        target: /home/node/entrypoint.sh
+      - source: config_json_initial
+        target: /home/node/initial-config/config.json
+    secrets:
+      - cookie_secret
     environment:
       - DOMAIN
       - COOKIE_SECRET
       - AUTHOR
       - ADMIN_KEY
     deploy:
+      update_config:
+        order: start-first
       restart_policy:
         condition: on-failure
       labels:
         - "traefik.enable=true"
         - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=3000"
-        - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`) || HostRegexp(`{subdomain:\\w+}.${DOMAIN}`)"
+        - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`) || HostRegexp(`{subdomain:\\w+}.${DOMAIN}`) || HostRegexp(`{subsubdomain:\\w+}.{subdomain:\\w+}.${DOMAIN}`) || HostRegexp(`{subsubsubdomain:\\w+}.{subsubdomain:\\w+}.{subdomain:\\w+}.${DOMAIN}`)"
         - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
         - "traefik.http.routers.${STACK_NAME}.tls.domains[0].main=${DOMAIN}"
         - "traefik.http.routers.${STACK_NAME}.tls.domains[0].sans=*.${DOMAIN}"
         - "traefik.http.routers.${STACK_NAME}.priority=1"
-        - "caddy=https://${DOMAIN}, https://*.${DOMAIN}, https://*.*.${DOMAIN}, https://*.*.*.${DOMAIN}"
+        - "caddy=${CADDY}"
         - "caddy.reverse_proxy={{upstreams 3000}}"
         - "caddy.tls.on_demand="
         - "backupbot.backup=true"
         - "backupbot.backup.path=/home/node/.wiki"
-        - "coop-cloud.${STACK_NAME}.version=1.0.1+1.0.18"
-    # healthcheck:
-    #   test: ["CMD", "curl", "-f", "http://localhost"]
-    #   interval: 30s
-    #   timeout: 10s
-    #   retries: 10
-    #   start_period: 1m
+        - "coop-cloud.${STACK_NAME}.version=3.1.3+0.39.4-1"
+#     healthcheck:
+#       test: "node -e 'var http = require(\"http\"); var options = { host : \"localhost\", port : \"3000\", timeout : 2000, path : \"/view/welcome-visitors\", headers: { \"Host\": \"${DOMAIN}\" }  }; var request = http.request(options, (res)
+#  => { console.log(`STATUS: $${res.statusCode}`); if (res.statusCode == 200) {  process.exit(0); } else { process.exit(1); } }); request.on(\"error\", function(err) { console.log('ERROR'); 
+# process.exit(1); }); request.end();'"
+#       interval: 10s
+#       timeout: 2s
+#       retries: 2
+#       start_period: 30s
 
 volumes:
   fedwiki:
-  fedwiki_friends:
 
 networks:
   proxy:
     external: true
 
+secrets:
+  cookie_secret:
+    external: true
+    name: ${STACK_NAME}_cookie_secret_${SECRET_COOKIE_SECRET_VERSION}
+
 configs:
-  install_sh_conf:
-    name: ${STACK_NAME}_install_sh_${INSTALL_SH_VERSION}
-    file: install.sh
-  config_json_conf:
-    name: ${STACK_NAME}_config_json_${CONFIG_JSON_VERSION}
-    file: config.json.tmpl
+  entrypoint_sh:
+    name: ${STACK_NAME}_entrypoint_sh_${ENTRYPOINT_SH_VERSION}
+    file: entrypoint.sh
+  config_json_initial:
+    name: ${STACK_NAME}_config_json_initial_${CONFIG_JSON_INITIAL_VERSION}
+    file: config.initial.json.tmpl
     template_driver: golang

config.initial.json.tmpl

@@ -0,0 +1,6 @@
+{
+  "farm": true,
+  "cookieSecret": "{{ secret "cookie_secret" }}",
+  "security_useHttps": true,
+  "security_type": "friends"
+}

config.json.tmpl

@@ -1,14 +0,0 @@
-{
-  "admin": "{{ env "ADMIN_KEY" }}",
-  "farm": true,
-  "cookieSecret": "{{ env "COOKIE_SECRET" }}",
-  "secure_cookie": true,
-  "security_type": "friends"
-  {{ if eq (env "FEDWIKI_IS_PRIVATE") "1" }},
-  "wikiDomains": {
-    "$DOMAIN": {
-      "id": "/home/node/.wiki/config.owner.json"
-    }
-  }
-  {{ end }}
-}

config.owner.json.tmpl

@@ -1,6 +0,0 @@
-{
-  "name": "{{ env "AUTHOR" }}",
-  "friend": {
-    "secret": "{{ env "PASSWORD" }}"
-  }
-}

entrypoint.sh

@@ -0,0 +1,9 @@
+#!/bin/sh
+
+config_file="$HOME/.wiki/${CONFIG_FILE:-config.json}"
+
+if [ ! -f "$config_file" ]; then
+	cp initial-config/config.json "$config_file"
+fi
+
+wiki --farm --config "$config_file"

install.sh

@@ -1,11 +0,0 @@
-#!/bin/sh
-
-if [ ! -f .wiki/config.json ]; then
-	cp config/config.json .wiki/config.json
-fi
-
-if [ ! -f .wiki/config.owner.json ]; then
-	cp config/config.owner.json .wiki/config.owner.json
-fi
-
-wiki --farm

release/2.0.0+1.0.20

@@ -0,0 +1,11 @@
+COOKIE_SECRET is now a Docker secret, and several config options have been
+dropped from the recipe -- this shouldn't affect running deplyoments, as
+the recipe currently just installs the generated `config.json` if there isn't
+one already -- but you will likely still need to run 
+`abra app secret generate ...` before deploying, in preparation for moving to
+ennvironment variables for config in a future release.
+
+Additionally, there is now a healthcheck, which may require tuning, especially
+on slower systems; please open a ticket on [the issue
+tracker](https://git.coopcloud.tech/coop-cloud/federatedwiki/issues) if you
+notice problems with the containers starting up.

release/2.1.5+1.0.27

@@ -0,0 +1 @@
+y

release/2.3.0+1.1.1

@@ -0,0 +1 @@
+decaffeinated

release/2.4.0+1.1.1

@@ -0,0 +1 @@
+decaffeinate

release/2.5.0+1.1.1

@@ -0,0 +1 @@
+decaffeinate

release/2.6.0+1.1.1

@@ -0,0 +1 @@
+decaffeinated

renovate.json

@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "config:recommended"
+  ]
+}