Add CodiMD

.gitignore

@@ -0,0 +1 @@
+data_*

README.md

@@ -6,4 +6,5 @@ L'idée est de pouvoir redonder les services « légers » entre les résidences
 
 En cours de test par erdnaxe.
 
-Pour lancer un service, aller dans le dossier puis `docker-compose up --build`.
+Pour lancer un service, aller dans le dossier puis
+`sudo docker-compose up --build`.

codimd/Dockerfile

@@ -0,0 +1,82 @@
+FROM node:8.16.0
+
+# Build arguments to change source url, branch or tag
+ARG CODIMD_REPOSITORY=https://github.com/codimd/server.git
+ARG VERSION=master
+ARG UID=10000
+
+# Set some default config variables
+ENV DEBIAN_FRONTEND noninteractive
+ENV DOCKERIZE_VERSION v0.6.1
+ENV NODE_ENV=production
+
+RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz && \
+    tar -C /usr/local/bin -xzvf dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz && \
+    rm dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz
+
+ENV GOSU_VERSION 1.11
+COPY resources/gosu-gpg.key /tmp/gosu.key
+RUN set -ex; \
+    dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+    wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+    wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+    \
+# verify the signature
+    export GNUPGHOME="$(mktemp -d)"; \
+    gpg --no-tty --import /tmp/gosu.key; \
+    gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+    rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+    \
+    chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+    gosu nobody true
+
+# Add configuraton files
+COPY resources/config.json resources/.sequelizerc /files/
+
+RUN apt-get update && \
+    apt-get install -y git build-essential jq && \
+    # Add fonts for PDF export
+    apt-get install -y fonts-noto && \
+
+    # Clone the source
+    git clone --depth 1 --branch "$VERSION" "$CODIMD_REPOSITORY" /codimd && \
+    # Print the cloned version and clean up git files
+    cd /codimd && \
+    git log --pretty=format:'%ad %h %d' --abbrev-commit --date=short -1 && echo && \
+    git rev-parse HEAD > /tmp/gitref && \
+    rm -rf /codimd/.git && \
+
+    # Mime the git repository for fullversion
+    mkdir /codimd/.git && \
+    mv /tmp/gitref /codimd/.git/HEAD && \
+    jq ".repository.url = \"${CODIMD_REPOSITORY}\"" /codimd/package.json > /codimd/package.new.json && \
+    mv /codimd/package.new.json /codimd/package.json && \
+
+    # Symlink configuration files
+    rm -f /codimd/config.json && ln -s /files/config.json /codimd/config.json && \
+    rm -f /codimd/.sequelizerc && ln -s /files/.sequelizerc /codimd/.sequelizerc && \
+
+    # Install NPM dependencies and build project
+    yarn install --pure-lockfile && \
+    yarn install --production=false --pure-lockfile && \
+    npm run build && \
+
+    # Clean up this layer
+    yarn install && \
+    yarn cache clean && \
+    apt-get remove -y --auto-remove build-essential git jq && \
+    apt-get clean && apt-get purge && rm -r /var/lib/apt/lists/* && \
+    # Create codimd user
+    adduser --uid $UID --home /codimd/ --disabled-password --system codimd && \
+    chown -R codimd /codimd/
+
+WORKDIR /codimd
+EXPOSE 3000
+
+COPY resources/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
+
+ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
+
+CMD ["node", "app.js"]
+

codimd/docker-compose.yml

@@ -0,0 +1,32 @@
+# From https://github.com/codimd/container/
+version: '3'
+services:
+  database:
+    # Don't upgrade PostgreSQL by simply changing the version number
+    # You need to migrate the Database to the new PostgreSQL version
+    image: postgres:9.6-alpine
+    environment:
+      - POSTGRES_USER=hackmd
+      - POSTGRES_PASSWORD=hackmdpass
+      - POSTGRES_DB=hackmd
+    volumes:
+      - ./data_db:/var/lib/postgresql/data
+    restart: always
+
+  app:
+    build:
+      context: .
+      args:
+        - "VERSION=1.4.0"
+        - "CODIMD_REPOSITORY=https://github.com/codimd/server.git"
+    environment:
+      # DB_URL is formatted like: <databasetype>://<username>:<password>@<hostname>/<database>
+      - CMD_DB_URL=postgres://hackmd:hackmdpass@database:5432/hackmd
+    ports:
+      - "8081:3000"
+    volumes:
+      - ./data_uploads:/codimd/public/uploads
+    restart: always
+    depends_on:
+      - database
+

codimd/resources/.sequelizerc

@@ -0,0 +1,8 @@
+var path = require('path');
+
+module.exports = {
+    'config':          path.resolve('config.json'),
+    'migrations-path': path.resolve('lib', 'migrations'),
+    'models-path':     path.resolve('lib', 'models'),
+    'url':             process.env.CMD_DB_URL
+}

codimd/resources/config.json

@@ -0,0 +1,32 @@
+{
+    "production": {
+        "urlAddPort": false,
+        "email": false,
+        "db": {
+            "username": "hackmd",
+            "password": "hackmdpass",
+            "database": "hackmd",
+            "host": "hackmdPostgres",
+            "port": "5432",
+            "dialect": "postgres"
+        },
+        "imageUploadType": "filesystem",
+        "domain": "codimd.auro.re",
+        "debug": false,
+        "useSSL": false,
+        "protocolUseSSL": true,
+        "useCDN": false,
+        "ldap": {
+            "url": "ldap://10.128.0.11",
+            "bindDn": "cn=codimd,ou=service-users,dc=auro,dc=re",
+            "bindCredentials": "CHANGE ME IN PRODUCTION, I WILL DIFFER !",
+            "searchBase": "cn=Utilisateurs,dc=auro,dc=re",
+            "searchFilter": "(uid={{username}})",
+            "searchAttributes": ["uid", "givenName", "mail"],
+            "usernameField": "uid",
+            "useridField": "uid",
+            "providerName": "Compte Aurore"
+        },
+        "allowFreeURL": true
+    }
+}

codimd/resources/docker-entrypoint.sh

@@ -0,0 +1,74 @@
+#!/bin/sh
+
+# Use gosu if the container started with root privileges
+UID="$(id -u)"
+[ "$UID" -eq 0 ] && GOSU="gosu codimd" || GOSU=""
+
+if [ "$HMD_DB_URL" != "" ] && [ "$CMD_DB_URL" = "" ]; then
+    CMD_DB_URL="$HMD_DB_URL"
+fi
+
+if [ "$HMD_IMAGE_UPLOAD_TYPE" != "" ] && [ "$CMD_IMAGE_UPLOAD_TYPE" = "" ]; then
+    CMD_IMAGE_UPLOAD_TYPE="$HMD_IMAGE_UPLOAD_TYPE"
+fi
+
+if [ "$CMD_DB_URL" = "" ]; then
+    CMD_DB_URL="postgres://hackmd:hackmdpass@hackmdPostgres:5432/hackmd"
+fi
+
+export CMD_DB_URL
+
+DB_SOCKET=$(echo ${CMD_DB_URL} | sed -e 's/.*:\/\//\/\//' -e 's/.*\/\/[^@]*@//' -e 's/\/.*$//')
+
+if [ "$DB_SOCKET" != "" ]; then
+    dockerize -wait "tcp://${DB_SOCKET}" -timeout 30s
+fi
+
+$GOSU ./node_modules/.bin/sequelize db:migrate
+
+# Print warning if local data storage is used but no volume is mounted
+[ "$CMD_IMAGE_UPLOAD_TYPE" = "filesystem" ] && { mountpoint -q ./public/uploads || {
+    echo "
+        #################################################################
+        ###                                                           ###
+        ###                        !!!WARNING!!!                      ###
+        ###                                                           ###
+        ###        Using local uploads without persistence is         ###
+        ###            dangerous. You'll loose your data on           ###
+        ###              container removal. Check out:                ###
+        ###  https://docs.docker.com/engine/tutorials/dockervolumes/  ###
+        ###                                                           ###
+        ###                       !!!WARNING!!!                       ###
+        ###                                                           ###
+        #################################################################
+    ";
+} ; }
+
+# Change owner and permission if filesystem backend is used and user has root permissions
+if [ "$UID" -eq 0 ] && [ "$CMD_IMAGE_UPLOAD_TYPE" = "filesystem" ]; then
+    if [ "$UID" -eq 0 ]; then
+        chown -R codimd ./public/uploads
+        chmod 700 ./public/uploads
+    else
+        echo "
+            #################################################################
+            ###                                                           ###
+            ###                        !!!WARNING!!!                      ###
+            ###                                                           ###
+            ###        Container was started without root permissions     ###
+            ###           and filesystem storage is being used.           ###
+            ###        In case of filesystem errors these need to be      ###
+            ###                      changed manually                     ###
+            ###                                                           ###
+            ###                       !!!WARNING!!!                       ###
+            ###                                                           ###
+            #################################################################
+        ";
+    fi
+fi
+
+# Sleep to make sure everything is fine...
+sleep 3
+
+# run
+exec $GOSU "$@"

codimd/resources/utf8.cnf

@@ -0,0 +1,11 @@
+[client]
+default-character-set=utf8
+
+[mysql]
+default-character-set=utf8
+
+
+[mysqld]
+collation-server = utf8_unicode_ci
+init-connect='SET NAMES utf8'
+character-set-server = utf8

riot/docker-compose.yml

@@ -12,4 +12,5 @@ services:
       - ./config.json:/etc/riot-web/config.json:ro
     ports:
       - 8080:80
+    restart: always