diff options
author | David Mehren | 2020-07-10 19:59:32 +0200 |
---|---|---|
committer | GitHub | 2020-07-10 19:59:32 +0200 |
commit | 3db8b0df43b027d15d13047e25617266ddc57f13 (patch) | |
tree | da64f90f7cd4ab4c1deaf67a572a45c2a583dc7e /docs | |
parent | 0b7dbd1f43899b4321ddf41bf98a64a7bd5fa48d (diff) | |
parent | 89895cef2e5785134bf1fdcc9c8813831c07f17b (diff) |
Merge pull request #410 from oupala/feature/markdown-linting
Diffstat (limited to '')
29 files changed, 314 insertions, 313 deletions
diff --git a/docs/configuration.md b/docs/configuration.md index aa6b5191..15335971 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -5,6 +5,7 @@ You can choose to configure CodiMD with either a config file or with environment Environment variables take precedence over configurations from the config files. They generally start with `CMD_` for our own options, but we also list node-specific options you can configure this way. - Environment variables are processed in [`lib/config/environment.js`](../lib/config/environment.js) - so this is the first place to look if anything is missing not obvious from this document. The default values are defined in [`lib/config/default.js`](../lib/config/default.js), in case you wonder if you even need to override it. + - The config file is processed in [`lib/config/index.js`](../lib/config/index.js) - so this is the first place to look if anything is missing not obvious from this document. The default values are defined in [`lib/config/default.js`](../lib/config/default.js), in case you wonder if you even need to override it. To get started, it is a good idea to take the `config.json.example` and copy it to `config.json` before filling in your own details. @@ -69,16 +70,16 @@ these are rarely used for various reasons. ## CSP and HSTS -| config file | environment | example value | description | -| ----------------------------- | ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `hsts` | | `{"enable": true, "maxAgeSeconds": 31536000, "includeSubdomains": true, "preload": true}` | [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) options to use with HTTPS (default is the example value, max age is a year) | -| | `CMD_HSTS_ENABLE` | ` true` | set to enable [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) if HTTPS is also enabled (default is ` true`) | -| | `CMD_HSTS_INCLUDE_SUBDOMAINS` | `true` | set to include subdomains in HSTS (default is `true`) | | -| | `CMD_HSTS_MAX_AGE` | `31536000` | max duration in seconds to tell clients to keep HSTS status (default is a year) | | -| | `CMD_HSTS_PRELOAD` | `true` | whether to allow preloading of the site's HSTS status (e.g. into browsers) | | -| `csp` | | `{"enable": true, "directives": {"scriptSrc": "trustworthy-scripts.example.com"}, "upgradeInsecureRequests": "auto", "addDefaults": true}` | Configures [Content Security Policy](https://helmetjs.github.io/docs/csp/). Directives are passed to Helmet - see [their documentation](https://helmetjs.github.io/docs/csp/) for more information on the format. Some defaults are added to the configured values so that the application doesn't break. To disable this behaviour, set `addDefaults` to `false`. Further, if `usecdn` is on, some CDN locations are allowed too. By default (`auto`), insecure (HTTP) requests are upgraded to HTTPS via CSP if `useSSL` is on. To change this behaviour, set `upgradeInsecureRequests` to either `true` or `false`. | -| | `CMD_CSP_ENABLE` | `true` | whether to enable Content Security Policy (directives cannot be configured with environment variables) | -| | `CMD_CSP_REPORTURI` | `https://<someid>.report-uri.com/r/d/csp/enforce` | Allows to add a URL for CSP reports in case of violations | | +| config file | environment | example value | description | +| ----------- | ----------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `hsts` | | `{"enable": true, "maxAgeSeconds": 31536000, "includeSubdomains": true, "preload": true}` | [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) options to use with HTTPS (default is the example value, max age is a year) | +| | `CMD_HSTS_ENABLE` | ` true` | set to enable [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) if HTTPS is also enabled (default is ` true`) | +| | `CMD_HSTS_INCLUDE_SUBDOMAINS` | `true` | set to include subdomains in HSTS (default is `true`) | +| | `CMD_HSTS_MAX_AGE` | `31536000` | max duration in seconds to tell clients to keep HSTS status (default is a year) | +| | `CMD_HSTS_PRELOAD` | `true` | whether to allow preloading of the site's HSTS status (e.g. into browsers) | +| `csp` | | `{"enable": true, "directives": {"scriptSrc": "trustworthy-scripts.example.com"}, "upgradeInsecureRequests": "auto", "addDefaults": true}` | Configures [Content Security Policy](https://helmetjs.github.io/docs/csp/). Directives are passed to Helmet - see [their documentation](https://helmetjs.github.io/docs/csp/) for more information on the format. Some defaults are added to the configured values so that the application doesn't break. To disable this behaviour, set `addDefaults` to `false`. Further, if `usecdn` is on, some CDN locations are allowed too. By default (`auto`), insecure (HTTP) requests are upgraded to HTTPS via CSP if `useSSL` is on. To change this behaviour, set `upgradeInsecureRequests` to either `true` or `false`. | +| | `CMD_CSP_ENABLE` | `true` | whether to enable Content Security Policy (directives cannot be configured with environment variables) | +| | `CMD_CSP_REPORTURI` | `https://<someid>.report-uri.com/r/d/csp/enforce` | Allows to add a URL for CSP reports in case of violations | ## Privacy and External Requests @@ -156,7 +157,7 @@ these are rarely used for various reasons. | config file | environment | example value | description | | ----------- | --------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------- | -| `ldap` | | `{providerName: ..., url: ..., bindDn: ..., bindCredentials: ..., searchBase: ..., searchFilter: ..., searchAttributes: ..., usernameField: ..., useridField: ..., tlsca: ...}` | An object detailing the LDAP connection. Refer to the [LDAP-AD guide](guides/auth/ldap-AD.md) for more details! | +| `ldap` | | `{providerName: ..., url: ..., bindDn: ..., bindCredentials: ..., searchBase: ..., searchFilter: ..., searchAttributes: ..., usernameField: ..., useridField: ..., tlsca: ...}` | An object detailing the LDAP connection. Refer to the [LDAP-AD guide](guides/auth/ldap-ad.md) for more details! | | | `CMD_LDAP_URL` | `ldap://example.com` | URL of LDAP server | | | `CMD_LDAP_BINDDN` | no example | bindDn for LDAP access | | | `CMD_LDAP_BINDCREDENTIALS` | no example | bindCredentials for LDAP access | @@ -179,19 +180,19 @@ these are rarely used for various reasons. ### OAuth2 Login -| config file | environment | example value | description | -| ----------- | ------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| config file | environment | example value | description | +| ----------- | ------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `oauth2` | | `{baseURL: ..., userProfileURL: ..., userProfileUsernameAttr: ..., userProfileDisplayNameAttr: ..., userProfileEmailAttr: ..., tokenURL: ..., authorizationURL: ..., clientID: ..., clientSecret: ..., scope: ...}` | An object detailing your OAuth2 provider. Refer to the [Mattermost](guides/auth/mattermost-self-hosted.md) or [Nextcloud](guides/auth/nextcloud.md) examples for more details! | -| | `CMD_OAUTH2_USER_PROFILE_URL` | `https://example.com` | Where to retrieve information about a user after successful login. Needs to output JSON. (no default value) Refer to the [Mattermost](guides/auth/mattermost-self-hosted.md) or [Nextcloud](guides/auth/nextcloud.md) examples for more details on all of the `CMD_OAUTH2...` options. | -| | `CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR` | `name` | where to find the username in the JSON from the user profile URL. (no default value) | -| | `CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR` | `display-name` | where to find the display-name in the JSON from the user profile URL. (no default value) | -| | `CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR` | `email` | where to find the email address in the JSON from the user profile URL. (no default value) | -| | `CMD_OAUTH2_TOKEN_URL` | `https://example.com` | sometimes called token endpoint, please refer to the documentation of your OAuth2 provider (no default value) | -| | `CMD_OAUTH2_AUTHORIZATION_URL` | `https://example.com` | authorization URL of your provider, please refer to the documentation of your OAuth2 provider (no default value) | -| | `CMD_OAUTH2_CLIENT_ID` | `afae02fckafd...` | you will get this from your OAuth2 provider when you register CodiMD as OAuth2-client, (no default value) | -| | `CMD_OAUTH2_CLIENT_SECRET` | `afae02fckafd...` | you will get this from your OAuth2 provider when you register CodiMD as OAuth2-client, (no default value) | -| | `CMD_OAUTH2_PROVIDERNAME` | `My institution` | Optional name to be displayed at login form indicating the oAuth2 provider | -| | `CMD_OAUTH2_SCOPE` | `openid email profile` | Scope to request for OIDC (OpenID Connect) providers. | +| | `CMD_OAUTH2_USER_PROFILE_URL` | `https://example.com` | Where to retrieve information about a user after successful login. Needs to output JSON. (no default value) Refer to the [Mattermost](guides/auth/mattermost-self-hosted.md) or [Nextcloud](guides/auth/nextcloud.md) examples for more details on all of the `CMD_OAUTH2...` options. | +| | `CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR` | `name` | where to find the username in the JSON from the user profile URL. (no default value) | +| | `CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR` | `display-name` | where to find the display-name in the JSON from the user profile URL. (no default value) | +| | `CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR` | `email` | where to find the email address in the JSON from the user profile URL. (no default value) | +| | `CMD_OAUTH2_TOKEN_URL` | `https://example.com` | sometimes called token endpoint, please refer to the documentation of your OAuth2 provider (no default value) | +| | `CMD_OAUTH2_AUTHORIZATION_URL` | `https://example.com` | authorization URL of your provider, please refer to the documentation of your OAuth2 provider (no default value) | +| | `CMD_OAUTH2_CLIENT_ID` | `afae02fckafd...` | you will get this from your OAuth2 provider when you register CodiMD as OAuth2-client, (no default value) | +| | `CMD_OAUTH2_CLIENT_SECRET` | `afae02fckafd...` | you will get this from your OAuth2 provider when you register CodiMD as OAuth2-client, (no default value) | +| | `CMD_OAUTH2_PROVIDERNAME` | `My institution` | Optional name to be displayed at login form indicating the oAuth2 provider | +| | `CMD_OAUTH2_SCOPE` | `openid email profile` | Scope to request for OIDC (OpenID Connect) providers. | ### SAML Login diff --git a/docs/dev/api.md b/docs/dev/api.md index 4c1365b5..fbbdae83 100644 --- a/docs/dev/api.md +++ b/docs/dev/api.md @@ -5,39 +5,38 @@ For code-autogeneration there is an OpenAPIv3-compatible description available [ ## Notes These endpoints create notes, return information about them or export them. -You have to replace _\<NOTE\>_ with either the alias or id of a note you want to work on. +You have to replace *\<NOTE\>* with either the alias or id of a note you want to work on. -| Endpoint | HTTP-Method | Description | -|---|---|---| -| `/new` | `GET` | **Creates a new note.**<br>A random id will be assigned and the content will equal to the template (blank by default). After note creation a redirect is issued to the created note. | -| `/new` | `POST` | **Imports some markdown data into a new note.**<br>A random id will be assigned and the content will equal to the body of the received HTTP-request. The `Content-Type: text/markdown` header should be set on this request. | -| `/new/<ALIAS>` | `POST` | **Imports some markdown data into a new note with a given alias.**<br>This endpoint equals to the above one except that the alias from the url will be assigned to the note if [FreeURL-mode](../configuration-env-vars.md#users-and-privileges) is enabled. | -| `/<NOTE>/download` or `/s/<SHORT-ID>/download` | `GET` | **Returns the raw markdown content of a note.** | -| `/<NOTE>/pdf` | `GET` | **Returns a generated pdf version of the note.**<br>If pdf-support is disabled, a HTTP 403 will be returned.<br>_Please note: Currently pdf export is disabled generally because of a security problem with it._ | -| `/<NOTE>/publish` | `GET` | **Redirects to the published version of the note.** | -| `/<NOTE>/slide` | `GET` | **Redirects to the slide-presentation of the note.**<br>This is only useful on notes which are designed to be slides. | -| `/<NOTE>/info` | `GET` | **Returns metadata about the note.**<br>This includes the title and description of the note as well as the creation date and viewcount. The data is returned as a JSON object. | -| `/<NOTE>/revision` | `GET` | **Returns a list of the available note revisions.**<br>The list is returned as a JSON object with an array of revision-id and length associations. The revision-id equals to the timestamp when the revision was saved. | -| `/<NOTE>/revision/<REVISION-ID>` | `GET` | **Returns the revision of the note with some metadata.**<br>The revision is returned as a JSON object with the content of the note and the authorship. | -| `/<NOTE>/gist` | `GET` | **Creates a new GitHub Gist with the note's content.**<br>If [GitHub integration](../configuration-env-vars.md#github-login) is configured, the user will be redirected to GitHub and a new Gist with the content of the note will be created. | +| Endpoint | HTTP-Method | Description | +| ---------------------------------------------- | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| `/new` | `GET` | **Creates a new note.**<br>A random id will be assigned and the content will equal to the template (blank by default). After note creation a redirect is issued to the created note. | +| `/new` | `POST` | **Imports some markdown data into a new note.**<br>A random id will be assigned and the content will equal to the body of the received HTTP-request. The `Content-Type: text/markdown` header should be set on this request. | +| `/new/<ALIAS>` | `POST` | **Imports some markdown data into a new note with a given alias.**<br>This endpoint equals to the above one except that the alias from the url will be assigned to the note if [FreeURL-mode](../configuration-env-vars.md#users-and-privileges) is enabled. | +| `/<NOTE>/download` or `/s/<SHORT-ID>/download` | `GET` | **Returns the raw markdown content of a note.** | +| `/<NOTE>/pdf` | `GET` | **Returns a generated pdf version of the note.**<br>If pdf-support is disabled, a HTTP 403 will be returned.<br>*Please note: Currently pdf export is disabled generally because of a security problem with it.* | +| `/<NOTE>/publish` | `GET` | **Redirects to the published version of the note.** | +| `/<NOTE>/slide` | `GET` | **Redirects to the slide-presentation of the note.**<br>This is only useful on notes which are designed to be slides. | +| `/<NOTE>/info` | `GET` | **Returns metadata about the note.**<br>This includes the title and description of the note as well as the creation date and viewcount. The data is returned as a JSON object. | +| `/<NOTE>/revision` | `GET` | **Returns a list of the available note revisions.**<br>The list is returned as a JSON object with an array of revision-id and length associations. The revision-id equals to the timestamp when the revision was saved. | +| `/<NOTE>/revision/<REVISION-ID>` | `GET` | **Returns the revision of the note with some metadata.**<br>The revision is returned as a JSON object with the content of the note and the authorship. | +| `/<NOTE>/gist` | `GET` | **Creates a new GitHub Gist with the note's content.**<br>If [GitHub integration](../configuration-env-vars.md#github-login) is configured, the user will be redirected to GitHub and a new Gist with the content of the note will be created. | ## User / History These endpoints return information about the current logged-in user and it's note history. If no user is logged-in, the most of this requests will fail with either a HTTP 403 or a JSON object containing `{"status":"forbidden"}`. -| Endpoint | HTTP-Method | Description | -|---|---|---| -| `/me` | `GET` | **Returns the profile data of the current logged-in user.**<br>The data is returned as a JSON object containing the user-id, the user's name and a url to the profile picture. | -| `/me/export` | `GET` | **Exports a zip-archive with all notes of the current user.** | -| `/history` | `GET` | **Returns a list of the last viewed notes.**<br>The list is returned as a JSON object with an array containing for each entry it's id, title, tags, last visit time and pinned status. | -| `/history` | `POST` | **Replace user's history with a new one.**<br>The body must be form-encoded and contain a field `history` with a JSON-encoded array like its returned from the server when exporting the history. | -| `/history` | `DELETE` | **Deletes the user's history.** | -| `/history/<NOTE>` | `POST` | **Toggles the pinned status in the history for a note.**<br>The body must be form-encoded and contain a field `pinned` that is either `true` or `false`. -| `/history/<NOTE>` | `DELETE` | **Deletes a note from the user's history.** | - +| Endpoint | HTTP-Method | Description | +| ----------------- | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `/me` | `GET` | **Returns the profile data of the current logged-in user.**<br>The data is returned as a JSON object containing the user-id, the user's name and a url to the profile picture. | +| `/me/export` | `GET` | **Exports a zip-archive with all notes of the current user.** | +| `/history` | `GET` | **Returns a list of the last viewed notes.**<br>The list is returned as a JSON object with an array containing for each entry it's id, title, tags, last visit time and pinned status. | +| `/history` | `POST` | **Replace user's history with a new one.**<br>The body must be form-encoded and contain a field `history` with a JSON-encoded array like its returned from the server when exporting the history. | +| `/history` | `DELETE` | **Deletes the user's history.** | +| `/history/<NOTE>` | `POST` | **Toggles the pinned status in the history for a note.**<br>The body must be form-encoded and contain a field `pinned` that is either `true` or `false`. | +| `/history/<NOTE>` | `DELETE` | **Deletes a note from the user's history.** | ## CodiMD-server These endpoints return information about the running CodiMD instance. -| Endpoint | HTTP-Method | Description | -|---|---|---| -| `/status` | `GET` | **Returns the current status of the CodiMD instance.**<br>The data is returned as a JSON object containing the number of notes stored on the server, (distinct) online users and more. | +| Endpoint | HTTP-Method | Description | +| --------- | ----------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `/status` | `GET` | **Returns the current status of the CodiMD instance.**<br>The data is returned as a JSON object containing the number of notes stored on the server, (distinct) online users and more. | diff --git a/docs/dev/getting-started.md b/docs/dev/getting-started.md index 9a35b71a..7ed96944 100644 --- a/docs/dev/getting-started.md +++ b/docs/dev/getting-started.md @@ -1,5 +1,4 @@ -Developer Notes -=== +# Developer Notes ## Preparing for running the code @@ -7,20 +6,20 @@ Developer Notes 1. Clone the repository with `git clone https://github.com/codimd/server.git codimd-server` (cloning is the preferred way, but you can also download and unzip a release) + 2. Enter the directory and run `bin/setup`, which will install npm dependencies and create configs. The setup script is written in Bash, you would need bash as a prerequisite. + 3. Setup the [config file](../configuration-config-file.md) or set up [environment variables](../configuration-env-vars.md). - ## Running the Code Now that everything is in place, we can start CodiMD: -4. `yarn run build` will build the frontend bundle. It uses webpack to do that. -5. Run the server with `node app.js` - +1. `yarn run build` will build the frontend bundle. It uses webpack to do that. +2. Run the server with `node app.js` ## Running the Code with Auto-Reload @@ -32,11 +31,11 @@ rebuild the frontend or restart the server if necessary. The commands will stay active in your terminal, so you will need multiple tabs to run both at the same time. -4. Use `yarn run dev` if you want webpack to continuously rebuild the frontend +1. Use `yarn run dev` if you want webpack to continuously rebuild the frontend code. -5. To auto-reload the server, the easiest method is to install [nodemon](https://www.npmjs.com/package/nodemon) - and run `nodemon --watch app.js --watch lib --watch locales app.js`. +2. To auto-reload the server, the easiest method is to install [nodemon](https://www.npmjs.com/package/nodemon) + and run `nodemon --watch app.js --watch lib --watch locales app.js`. ## Structure diff --git a/docs/dev/ot.md b/docs/dev/ot.md index 924be693..a1d0bebe 100644 --- a/docs/dev/ot.md +++ b/docs/dev/ot.md @@ -1,5 +1,4 @@ -Operational Transformation -=== +# Operational Transformation From 0.3.2, we started supporting operational transformation. It makes concurrent editing safe and will not break up other users' operations. @@ -9,6 +8,6 @@ See more at [https://operational-transformation.github.io/](https://operational- And even more in this 2010 article series: -* https://drive.googleblog.com/2010/09/whats-different-about-new-google-docs_21.html -* https://drive.googleblog.com/2010/09/whats-different-about-new-google-docs_22.html -* https://drive.googleblog.com/2010/09/whats-different-about-new-google-docs.html +- <https://drive.googleblog.com/2010/09/whats-different-about-new-google-docs_21.html> +- <https://drive.googleblog.com/2010/09/whats-different-about-new-google-docs_22.html> +- <https://drive.googleblog.com/2010/09/whats-different-about-new-google-docs.html> diff --git a/docs/dev/webpack.md b/docs/dev/webpack.md index 3d35b28a..23bbd7a1 100644 --- a/docs/dev/webpack.md +++ b/docs/dev/webpack.md @@ -1,5 +1,4 @@ -Webpack -=== +# Webpack Webpack is a JavaScript build system for frontend code. You can find out all about it on [the webpack website](https://webpack.js.org/). @@ -15,7 +14,6 @@ The `index` group for example bundles all javascript files and libraries used fo Entrypoints are referenced in the `plugins` section. The `HtmlWebpackPlugin` uses templates in `public/views/includes` to include the path to the generated resources in new templates under `public/views/build`. These templates are then used by the backend to serve HTML to the browser. - **TODO:** Document which entry points are used for what. ## `webpack.htmlexport.js` @@ -24,17 +22,16 @@ Packs all CSS from `public/js/htmlExport.js` to `build/html.min.css`. This file is then downloaded by client-side JS and used to create the HTML. See `exportToHTML()` in `public/js/extra.js`. - ## `webpack.dev.js` The development config uses both common configs, enables development mode and enables "cheap" source maps (lines only). If you need more detailed source maps while developing, you might want to use the `source-maps` option. -See https://webpack.js.org/configuration/devtool/ for details. +See <https://webpack.js.org/configuration/devtool/> for details. ## `webpack.prod.js` The production config uses both common configs and enables production mode. -This automatically enables various optimizations (e.g. UglifyJS). See https://webpack.js.org/concepts/mode/ for details. +This automatically enables various optimizations (e.g. UglifyJS). See <https://webpack.js.org/concepts/mode/> for details. For the global app config, the name of the emitted chunks is changed to include the content hash. -See https://webpack.js.org/guides/caching/ on why this is a good idea. +See <https://webpack.js.org/guides/caching/> on why this is a good idea. For the HTML export config, CSS minification is enabled. diff --git a/docs/guides/auth/github.md b/docs/guides/auth/github.md index d16b486f..dc46f74c 100644 --- a/docs/guides/auth/github.md +++ b/docs/guides/auth/github.md @@ -1,10 +1,11 @@ -Authentication guide - GitHub -=== +# Authentication guide - GitHub -**Note:** *This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* +*Note:* This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks! 1. Sign-in or sign-up for a GitHub account + 2. Navigate to developer settings in your GitHub account [here](https://github.com/settings/developers) and select the "OAuth Apps" tab + 3. Click on the **New OAuth App** button, to create a new OAuth App: ![create-oauth-app](../../images/auth/create-oauth-app.png) @@ -17,19 +18,20 @@ Authentication guide - GitHub ![application-page](../../images/auth/application-page.png) 6. Add the Client ID and Client Secret to your config.json file or pass them as environment variables - * `config.json`: - ```js - { - "production": { - "github": { - "clientID": "3747d30eaccXXXXXXXXX", - "clientSecret": "2a8e682948eee0c580XXXXXXXXXXXXXXXXXXXXXX" - } + - `config.json`: + ```js + { + "production": { + "github": { + "clientID": "3747d30eaccXXXXXXXXX", + "clientSecret": "2a8e682948eee0c580XXXXXXXXXXXXXXXXXXXXXX" } } - ``` - * environment variables: - ```sh - CMD_GITHUB_CLIENTID=3747d30eaccXXXXXXXXX - CMD_GITHUB_CLIENTSECRET=2a8e682948eee0c580XXXXXXXXXXXXXXXXXXXXXX - ```` + } + ``` + + - environment variables: + ```sh + CMD_GITHUB_CLIENTID=3747d30eaccXXXXXXXXX + CMD_GITHUB_CLIENTSECRET=2a8e682948eee0c580XXXXXXXXXXXXXXXXXXXXXX + ```` diff --git a/docs/guides/auth/gitlab-self-hosted.md b/docs/guides/auth/gitlab-self-hosted.md index 8b6e6c70..62ce1122 100644 --- a/docs/guides/auth/gitlab-self-hosted.md +++ b/docs/guides/auth/gitlab-self-hosted.md @@ -1,7 +1,6 @@ -GitLab (self-hosted) -=== +# GitLab (self-hosted) -**Note:** *This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* +*Note:* This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks! 1. Sign in to your GitLab 2. Navigate to the application management page at `https://your.gitlab.domain/admin/applications` (admin permissions required) @@ -14,10 +13,9 @@ GitLab (self-hosted) ![Application: HackMD](../../images/auth/gitlab-application-details.png) - 6. In the `docker-compose.yml` add the following environment variables to `app:` `environment:` -``` +```Dockerfile - CMD_DOMAIN=your.codimd.domain - CMD_URL_ADDPORT=true - CMD_PROTOCOL_USESSL=true diff --git a/docs/guides/auth/keycloak.md b/docs/guides/auth/keycloak.md index 437e01bf..cf667774 100644 --- a/docs/guides/auth/keycloak.md +++ b/docs/guides/auth/keycloak.md @@ -1,5 +1,4 @@ -Keycloak/Red Hat SSO (self-hosted) -=== +# Keycloak/Red Hat SSO (self-hosted) ## Prerequisites @@ -9,7 +8,7 @@ Where HTTPS is specified throughout, use HTTP instead. You may also have to spec ## Steps -1. Sign in to the administration portal for your Keycloak instance at https://keycloak.example.com/auth/admin/master/console +1. Sign in to the administration portal for your Keycloak instance at <https://keycloak.example.com/auth/admin/master/console> You may note that a separate realm is specified throughout this tutorial. It is best practice not to use the master realm, as it normally contains the realm-management client that federates access using the policies and permissions you can create. @@ -20,7 +19,7 @@ You may note that a separate realm is specified throughout this tutorial. It is --- -### Additional steps to circumvent generic OAuth2 issue: +### Additional steps to circumvent generic OAuth2 issue 1. Select Client Scopes from the sidebar, and begin to create a new client scope using the Create button. 2. Ensure that the **Name** field is set to `id`. @@ -29,9 +28,9 @@ You may note that a separate realm is specified throughout this tutorial. It is --- -6. In the `docker-compose.yml` add the following environment variables to `app:` `environment:` +5. In the `docker-compose.yml` add the following environment variables to `app:` `environment:` -``` +```Dockerfile CMD_OAUTH2_USER_PROFILE_URL=https://keycloak.example.com/auth/realms/your-realm/protocol/openid-connect/userinfo CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=preferred_username CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=name @@ -46,5 +45,5 @@ CMD_PROTOCOL_USESSL=true CMD_URL_ADDPORT=false ``` -7. Run `docker-compose up -d` to apply your settings. -8. Sign in to your CodiMD using your Keycloak ID +6. Run `docker-compose up -d` to apply your settings. +7. Sign in to your CodiMD using your Keycloak ID diff --git a/docs/guides/auth/ldap-AD.md b/docs/guides/auth/ldap-ad.md index e74121f1..fa41346e 100644 --- a/docs/guides/auth/ldap-AD.md +++ b/docs/guides/auth/ldap-ad.md @@ -1,9 +1,8 @@ -AD LDAP auth -=== +# AD LDAP auth To setup your CodiMD instance with Active Directory you need the following configs: -``` +```env CMD_LDAP_URL=ldap://internal.example.com CMD_LDAP_BINDDN=cn=binduser,cn=Users,dc=internal,dc=example,dc=com CMD_LDAP_BINDCREDENTIALS=<super secret password> @@ -13,7 +12,6 @@ CMD_LDAP_USERIDFIELD=sAMAccountName CMD_LDAP_PROVIDERNAME=Example Inc AD ``` - `CMD_LDAP_BINDDN` is either the `distinguishedName` or the `userPrincipalName`. *This can cause "username/password is invalid" when either this value or the password from `CMD_LDAP_BINDCREDENTIALS` are incorrect.* `CMD_LDAP_SEARCHFILTER` matches on all users and uses either the email address or the `sAMAccountName` (usually the login name you also use to login to Windows). @@ -24,7 +22,6 @@ CMD_LDAP_PROVIDERNAME=Example Inc AD `CMD_LDAP_PROVIDERNAME` just the name written above the username and password field on the login page. - Same in json: ```json @@ -38,4 +35,4 @@ Same in json: }, ``` -More details and example: https://www.npmjs.com/package/passport-ldapauth +More details and example: <https://www.npmjs.com/package/passport-ldapauth> diff --git a/docs/guides/auth/mattermost-self-hosted.md b/docs/guides/auth/mattermost-self-hosted.md index d8280399..5085b4e7 100644 --- a/docs/guides/auth/mattermost-self-hosted.md +++ b/docs/guides/auth/mattermost-self-hosted.md @@ -1,15 +1,16 @@ -Authentication guide - Mattermost (self-hosted) -=== +# Authentication guide - Mattermost (self-hosted) **Note:** *The Mattermost setup portion of this document is just a quick guide. See the [official documentation](https://docs.mattermost.com/developer/oauth-2-0-applications.html) for more details.* This guide uses the generic OAuth2 module for compatibility with Mattermost version 5.0 and above. 1. Sign-in with an administrator account to your Mattermost instance + 2. Make sure **OAuth 2.0 Service Provider** is enabled in the Main Menu (menu button next to your username in the top left corner) --> System Console --> Custom Integrations menu, which you can find at `https://your.mattermost.domain/admin_console/integrations/custom` ![mattermost-enable-oauth2](../../images/auth/mattermost-enable-oauth2.png) 3. Navigate to the OAuth integration settings through Main Menu --> Integrations --> OAuth 2.0 Applications, at `https://your.mattermost.domain/yourteam/integrations/oauth2-apps` + 4. Click on the **Add OAuth 2.0 Application** button to add a new OAuth application ![mattermost-oauth-app-add](../../images/auth/mattermost-oauth-app-add.png) @@ -22,25 +23,26 @@ This guide uses the generic OAuth2 module for compatibility with Mattermost vers ![mattermost-oauth-app-done](../../images/auth/mattermost-oauth-app-done.png) 7. Add the Client ID and Client Secret to your config.json file or pass them as environment variables - * `config.json`: - ```javascript - { - "production": { - "oauth2": { - "baseURL": "https://your.mattermost.domain", - "userProfileURL": "https://your.mattermost.domain/api/v4/users/me", - "userProfileUsernameAttr": "id", - "userProfileDisplayNameAttr": "username", - "userProfileEmailAttr": "email", - "tokenURL": "https://your.mattermost.domain/oauth/access_token", - "authorizationURL": "https://your.mattermost.domain/oauth/authorize", - "clientID": "ii4p1u3jz7dXXXXXXXXXXXXXXX", - "clientSecret": "mqzzx6fydbXXXXXXXXXXXXXXXX" - } + - `config.json`: + ```javascript + { + "production": { + "oauth2": { + "baseURL": "https://your.mattermost.domain", + "userProfileURL": "https://your.mattermost.domain/api/v4/users/me", + "userProfileUsernameAttr": "id", + "userProfileDisplayNameAttr": "username", + "userProfileEmailAttr": "email", + "tokenURL": "https://your.mattermost.domain/oauth/access_token", + "authorizationURL": "https://your.mattermost.domain/oauth/authorize", + "clientID": "ii4p1u3jz7dXXXXXXXXXXXXXXX", + "clientSecret": "mqzzx6fydbXXXXXXXXXXXXXXXX" } } - ``` - * environment variables: + } + ``` + + - environment variables: ```sh CMD_OAUTH2_BASEURL=https://your.mattermost.domain CMD_OAUTH2_USER_PROFILE_URL=https://your.mattermost.domain/api/v4/users/me diff --git a/docs/guides/auth/nextcloud.md b/docs/guides/auth/nextcloud.md index 3bf86d31..8ce90ca9 100644 --- a/docs/guides/auth/nextcloud.md +++ b/docs/guides/auth/nextcloud.md @@ -1,5 +1,4 @@ -Authentication guide - Nextcloud (self-hosted) -=== +# Authentication guide - Nextcloud (self-hosted) *This has been constructed using the [Nextcloud OAuth2 Documentation](https://docs.nextcloud.com/server/14/admin_manual/configuration_server/oauth2.html?highlight=oauth2) combined with [this issue comment on the nextcloud bugtracker](https://github.com/nextcloud/server/issues/5694#issuecomment-314761326).* @@ -22,24 +21,25 @@ This guide uses the generic OAuth2 module for compatibility with Nextcloud 13 an 5. That's it for Nextcloud, the rest is configured in your CodiMD `config.json` or via the `CMD_` environment variables! 6. Add the Client ID and Client Secret to your `config.json` file or pass them as environment variables. Make sure you also replace `<your-nextcloud-domain>` with the right domain name. - * `config.json`: - ```javascript - { - "production": { - "oauth2": { - "clientID": "ii4p1u3jz7dXXXXXXXXXXXXXXX", - "clientSecret": "mqzzx6fydbXXXXXXXXXXXXXXXX", - "authorizationURL": "https://<your-nextcloud-domain>/apps/oauth2/authorize", - "tokenURL": "https://<your-nextcloud-domain>/apps/oauth2/api/v1/token", - "userProfileURL": "https://<your-nextcloud-domain>/ocs/v2.php/cloud/user?format=json", - "userProfileUsernameAttr": "ocs.data.id", - "userProfileDisplayNameAttr": "ocs.data.display-name", - "userProfileEmailAttr": "ocs.data.email" - } + - `config.json`: + ```javascript + { + "production": { + "oauth2": { + "clientID": "ii4p1u3jz7dXXXXXXXXXXXXXXX", + "clientSecret": "mqzzx6fydbXXXXXXXXXXXXXXXX", + "authorizationURL": "https://<your-nextcloud-domain>/apps/oauth2/authorize", + "tokenURL": "https://<your-nextcloud-domain>/apps/oauth2/api/v1/token", + "userProfileURL": "https://<your-nextcloud-domain>/ocs/v2.php/cloud/user?format=json", + "userProfileUsernameAttr": "ocs.data.id", + "userProfileDisplayNameAttr": "ocs.data.display-name", + "userProfileEmailAttr": "ocs.data.email" } } - ``` - * environment variables: + } + ``` + + - environment variables: ```sh CMD_OAUTH2_CLIENT_ID=ii4p1u3jz7dXXXXXXXXXXXXXXX CMD_OAUTH2_CLIENT_SECRET=mqzzx6fydbXXXXXXXXXXXXXXXX diff --git a/docs/guides/auth/oauth.md b/docs/guides/auth/oauth.md index 46314e26..de2ca20a 100644 --- a/docs/guides/auth/oauth.md +++ b/docs/guides/auth/oauth.md @@ -1,12 +1,12 @@ # OAuth general information -| service | callback URL (after the server URL) | -| ------- | --------- | -| facebook | `/auth/facebook/callback` | -| twitter | `/auth/twitter/callback` | -| github | `/auth/github/callback` | -| gitlab | `/auth/gitlab/callback` | -| mattermost | `/auth/mattermost/callback` | -| dropbox | `/auth/dropbox/callback` | -| google | `/auth/google/callback` | -| saml | `/auth/saml/callback` | +| service | callback URL (after the server URL) | +| ---------- | ----------------------------------- | +| facebook | `/auth/facebook/callback` | +| twitter | `/auth/twitter/callback` | +| github | `/auth/github/callback` | +| gitlab | `/auth/gitlab/callback` | +| mattermost | `/auth/mattermost/callback` | +| dropbox | `/auth/dropbox/callback` | +| google | `/auth/google/callback` | +| saml | `/auth/saml/callback` | diff --git a/docs/guides/auth/saml-onelogin.md b/docs/guides/auth/saml-onelogin.md index 785e36ba..46134e60 100644 --- a/docs/guides/auth/saml-onelogin.md +++ b/docs/guides/auth/saml-onelogin.md @@ -1,10 +1,11 @@ -Authentication guide - SAML (OneLogin) -=== +# Authentication guide - SAML (OneLogin) **Note:** *This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* 1. Sign-in or sign-up for an OneLogin account. (available free trial for 2 weeks) + 2. Go to the administration page. + 3. Select the **APPS** menu and click on the **Add Apps**. ![onelogin-add-app](../../images/auth/onelogin-add-app.png) @@ -15,34 +16,40 @@ Authentication guide - SAML (OneLogin) ![onelogin-edit-app-name](../../images/auth/onelogin-edit-app-name.png) 6. After that other tabs will appear, click the **Configuration**, and fill out the below items, and click **SAVE**. - * RelayState: The base URL of your CodiMD, which is issuer. (last slash is not needed) - * ACS (Consumer) URL Validator: The callback URL of your CodiMD. (serverurl + /auth/saml/callback) - * ACS (Consumer) URL: same as above. - * Login URL: login URL(SAML requester) of your CopiMD. (serverurl + /auth/saml) - ![onelogin-edit-sp-metadata](../../images/auth/onelogin-edit-sp-metadata.png) + - RelayState: The base URL of your CodiMD, which is issuer. (last slash is not needed) + + - ACS (Consumer) URL Validator: The callback URL of your CodiMD. (serverurl + /auth/saml/callback) + + - ACS (Consumer) URL: same as above. + + - Login URL: login URL(SAML requester) of your CopiMD. (serverurl + /auth/saml) + ![onelogin-edit-sp-metadata](../../images/auth/onelogin-edit-sp-metadata.png) 7. The registration is completed. Next, click **SSO** and copy or download the items below. - * X.509 Certificate: Click **View Details** and **DOWNLOAD** or copy the content of certificate ....(A) - * SAML 2.0 Endpoint (HTTP): Copy the URL ....(B) - ![onelogin-copy-idp-metadata](../../images/auth/onelogin-copy-idp-metadata.png) + - X.509 Certificate: Click **View Details** and **DOWNLOAD** or copy the content of certificate ....(A) + + - SAML 2.0 Endpoint (HTTP): Copy the URL ....(B) + ![onelogin-copy-idp-metadata](../../images/auth/onelogin-copy-idp-metadata.png) 8. In your CodiMD server, create IdP certificate file from (A) 9. Add the IdP URL (B) and the Idp certificate file path to your config.json file or pass them as environment variables. - * `config.json`: - ```javascript - { - "production": { - "saml": { - "idpSsoUrl": "https://*******.onelogin.com/trust/saml2/http-post/sso/******", - "idpCert": "/path/to/idp_cert.pem" - } + - `config.json`: + ```javascript + { + "production": { + "saml": { + "idpSsoUrl": "https://*******.onelogin.com/trust/saml2/http-post/sso/******", + "idpCert": "/path/to/idp_cert.pem" } } - ``` - * environment variables + } + ``` + + - environment variables ```sh CMD_SAML_IDPSSOURL=https://*******.onelogin.com/trust/saml2/http-post/sso/****** CMD_SAML_IDPCERT=/path/to/idp_cert.pem ``` + 10. Try sign-in with SAML from your CodiMD sign-in button or OneLogin dashboard (like the screenshot below). ![onelogin-use-dashboard](../../images/auth/onelogin-use-dashboard.png) diff --git a/docs/guides/auth/saml.md b/docs/guides/auth/saml.md index 3a64f5f7..3b8291b7 100644 --- a/docs/guides/auth/saml.md +++ b/docs/guides/auth/saml.md @@ -1,19 +1,21 @@ -Authentication guide - SAML -=== +# Authentication guide - SAML -**Note:** *This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* +*Note:* This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks! The basic procedure is the same as the case of OneLogin which is mentioned in [OneLogin-Guide](./saml-onelogin.md). If you want to match your IdP, you can use more configurations as below. -* If your IdP accepts metadata XML of the service provider to ease configuration, use this url to download metadata XML. - * {{your-serverurl}}/auth/saml/metadata - * _Note: If not accessible from IdP, download to local once and upload to IdP._ -* Change the value of `issuer`, `identifierFormat` to match your IdP. - * `issuer`: A unique id to identify the application to the IdP, which is the base URL of your CodiMD as default - * `identifierFormat`: A format of unique id to identify the user of IdP, which is the format based on email address as default. It is recommend that you use as below. - * urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress (default) - * urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified - * `config.json`: +- If your IdP accepts metadata XML of the service provider to ease configuration, use this url to download metadata XML. + - {{your-serverurl}}/auth/saml/metadata + - *Note:* If not accessible from IdP, download to local once and upload to IdP. + +- Change the value of `issuer`, `identifierFormat` to match your IdP. + - `issuer`: A unique id to identify the application to the IdP, which is the base URL of your CodiMD as default + + - `identifierFormat`: A format of unique id to identify the user of IdP, which is the format based on email address as default. It is recommend that you use as below. + - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress (default) + - urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified + + - `config.json`: ```javascript { "production": { @@ -25,19 +27,24 @@ The basic procedure is the same as the case of OneLogin which is mentioned in [O } } ``` - * environment variables - ``` + + - environment variables + ```env CMD_SAML_ISSUER=mycodimd CMD_SAML_IDENTIFIERFORMAT=urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified ``` -* Change mapping of attribute names to customize the displaying user name and email address to match your IdP. - * `attribute`: A dictionary to map attribute names - * `attribute.id`: A primary key of user table for your CodiMD - * `attribute.username`: Attribute name of displaying user name on CodiMD - * `attribute.email`: Attribute name of email address, which will be also used for Gravatar - * _Note: Default value of all attributes is NameID of SAML response, which is email address if `identifierFormat` is default._ - * `config.json`: +- Change mapping of attribute names to customize the displaying user name and email address to match your IdP. + - `attribute`: A dictionary to map attribute names + + - `attribute.id`: A primary key of user table for your CodiMD + + - `attribute.username`: Attribute name of displaying user name on CodiMD + + - `attribute.email`: Attribute name of email address, which will be also used for Gravatar + - *Note:* Default value of all attributes is NameID of SAML response, which is email address if `identifierFormat` is default. + + - `config.json`: ```javascript { "production": { @@ -52,19 +59,23 @@ The basic procedure is the same as the case of OneLogin which is mentioned in [O } } ``` - * environment variables + + - environment variables ```sh CMD_SAML_ATTRIBUTE_ID=sAMAccountName CMD_SAML_ATTRIBUTE_USERNAME=nickName CMD_SAML_ATTRIBUTE_EMAIL=mail ``` -* If you want to control permission by group membership, add group attribute name and required group (allowed) or external group (not allowed). - * `groupAttribute`: An attribute name of group membership - * `requiredGroups`: Group names array for allowed access to CodiMD. Use vertical bar to separate for environment variables. - * `externalGroups`: Group names array for not allowed access to CodiMD. Use vertical bar to separate for environment variables. - * _Note: Evaluates `externalGroups` first_ - * `config.json`: +- If you want to control permission by group membership, add group attribute name and required group (allowed) or external group (not allowed). + - `groupAttribute`: An attribute name of group membership + + - `requiredGroups`: Group names array for allowed access to CodiMD. Use vertical bar to separate for environment variables. + + - `externalGroups`: Group names array for not allowed access to CodiMD. Use vertical bar to separate for environment variables. + - *Note:* Evaluates `externalGroups` first + + - `config.json`: ```javascript { "production": { @@ -77,7 +88,8 @@ The basic procedure is the same as the case of OneLogin which is mentioned in [O } } ``` - * environment variables + + - environment variables ```sh CMD_SAML_GROUPATTRIBUTE=memberOf CMD_SAML_REQUIREDGROUPS=codimd-users|board-members diff --git a/docs/guides/auth/twitter.md b/docs/guides/auth/twitter.md index 1973515c..5e709bb4 100644 --- a/docs/guides/auth/twitter.md +++ b/docs/guides/auth/twitter.md @@ -1,17 +1,18 @@ -Authentication guide - Twitter -=== +# Authentication guide - Twitter -**Note:** *This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* +*Note:* This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks! 1. Sign-in or sign-up for a Twitter account + 2. Go to the Twitter Application management page [here](https://apps.twitter.com/) + 3. Click on the **Create New App** button to create a new Twitter app: ![create-twitter-app](../../images/auth/create-twitter-app.png) 4. Fill out the create application form, check the developer agreement box, and click **Create Your Twitter Application** ![register-twitter-application](../../images/auth/register-twitter-application.png) - *Note: you may have to register your phone number with Twitter to create a Twitter application* + *Note:* you may have to register your phone number with Twitter to create a Twitter application To do this Click your profile icon --> Settings and privacy --> Mobile --> Select Country/region --> Enter phone number --> Click Continue @@ -21,20 +22,21 @@ Authentication guide - Twitter 6. Obtain your Twitter Consumer Key and Consumer Secret ![twitter-app-keys](../../images/auth/twitter-app-keys.png) -7. Add your Consumer Key and Consumer Secret to your `config.json` file or pass them as environment variables: - * `config.json`: - ```javascript - { - "production": { - "twitter": { - "consumerKey": "esTCJFXXXXXXXXXXXXXXXXXXX", - "consumerSecret": "zpCs4tU86pRVXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" - } +7. Add your Consumer Key and Consumer Secret to your `config.json` file or pass them as environment variables: + - `config.json`: + ```javascript + { + "production": { + "twitter": { + "consumerKey": "esTCJFXXXXXXXXXXXXXXXXXXX", + "consumerSecret": "zpCs4tU86pRVXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" } } - ``` - * environment variables: - ```sh - CMD_TWITTER_CONSUMERKEY=esTCJFXXXXXXXXXXXXXXXXXXX - CMD_TWITTER_CONSUMERSECRET=zpCs4tU86pRVXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - ``` + } + ``` + + - environment variables: + ```sh + CMD_TWITTER_CONSUMERKEY=esTCJFXXXXXXXXXXXXXXXXXXX + CMD_TWITTER_CONSUMERSECRET=zpCs4tU86pRVXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + ``` diff --git a/docs/guides/migrate-etherpad.md b/docs/guides/migrate-etherpad.md index 914a240d..b501d9ac 100644 --- a/docs/guides/migrate-etherpad.md +++ b/docs/guides/migrate-etherpad.md @@ -1,5 +1,4 @@ -Pad migration guide from etherpad-lite -=== +# Pad migration guide from etherpad-lite The goal of this migration is to do a "dumb" import from all the pads in Etherpad, to notes in CodiMD. In particular, the url locations of the pads in Etherpad will be lost. Furthermore, any @@ -9,19 +8,14 @@ to CodiMD (only the plain text contents). Note that this guide is not really meant as a support guide. I migrated my own Etherpad to CodiMD, and it turned out to be quite easy in my opinion. In this guide I share my experience. Stuff may require some creativity to work properly in your case. When I wrote this guide, I was using -[Etherpad 1.7.0] and [CodiMD 1.2.1]. Good luck! - -[Etherpad 1.7.0]: https://github.com/ether/etherpad-lite/tree/1.7.0 -[CodiMD 1.2.1]: https://github.com/codimd/server/tree/1.2.1 +[etherpad 1.7.0][] and [codimd 1.2.1][]. Good luck! ## 0. Requirements - `curl` - running Etherpad server - running CodiMD server -- [codimd-cli] - -[codimd-cli]: https://github.com/codimd/cli/blob/master/bin/codimd +- [codimd-cli][] ## 1. Retrieve the list of pads @@ -32,7 +26,7 @@ database][howtolistallpads]. You will end up with a file containing a pad name on each line: -``` +```bash date-ideas groceries london @@ -40,11 +34,9 @@ weddingchecklist (...) ``` -[howtolistallpads]: https://github.com/ether/etherpad-lite/wiki/How-to-list-all-pads/49701ecdcbe07aea7ad27ffa23aed0d99c2e17db - ## 2. Run the migration -Download [codimd-cli] and put the script in the same directory as the file containing the pad names. +Download [codimd-cli][] and put the script in the same directory as the file containing the pad names. Add to this directory the file listed below, I called it `migrate-etherpad.sh`. Modify at least the configuration settings `ETHERPAD_SERVER` and `CODIMD_SERVER`. @@ -102,7 +94,7 @@ etherpad using a `301 Permanent Redirect` status code (see the next section). I got a `redirects.txt` file that looked a bit like this: -``` +```log date-ideas -> Found. Redirecting to https://codimd.example.com/mPt0KfiKSBOTQ3mNcdfn groceries -> Found. Redirecting to https://codimd.example.com/UukqgwLfhYyUUtARlcJ2_y london -> Found. Redirecting to https://codimd.example.com/_d3wa-BE8t4Swv5w7O2_9R @@ -112,7 +104,7 @@ weddingchecklist -> Found. Redirecting to https://codimd.example.com/XcQGqlBjl0u Using some `sed` magic, I changed it to an nginx config snippet: -``` +```nginx location = /p/date-ideas { return 301 https://codimd.example.com/mPt0M1KfiKSBOTQ3mNcdfn; } @@ -129,3 +121,8 @@ location = /p/weddingchecklist { I put this file into my `etherpad.example.com` nginx config, such that all the users would be redirected accordingly. + +[etherpad 1.7.0]: https://github.com/ether/etherpad-lite/tree/1.7.0 +[codimd 1.2.1]: https://github.com/codimd/server/tree/1.2.1 +[codimd-cli]: https://github.com/codimd/cli/blob/master/bin/codimd +[howtolistallpads]: https://github.com/ether/etherpad-lite/wiki/How-to-list-all-pads/49701ecdcbe07aea7ad27ffa23aed0d99c2e17db diff --git a/docs/guides/migrations-and-breaking-changes.md b/docs/guides/migrations-and-breaking-changes.md index ef65db1c..593af446 100644 --- a/docs/guides/migrations-and-breaking-changes.md +++ b/docs/guides/migrations-and-breaking-changes.md @@ -1,5 +1,4 @@ -Migrations and Notable Changes -=== +# Migrations and Notable Changes ## Migrating to 1.4.0 @@ -12,11 +11,11 @@ repository, you may need to update a few urls. This is not a breaking change. See more at [issue #10](https://github.com/codimd/server/issues/10) -**Native setup using git:** +### Native setup using git Change the upstream remote using `git remote set-url origin https://github.com/codimd/server.git`. -**Docker:** +### Docker When you use our [container repository](https://github.com/codimd/container) (which was previously `codimd-container`) all you can simply run `git pull` and @@ -25,7 +24,7 @@ your `docker-compose.yml` will be updated. When you setup things yourself, make sure you use the new image: [`quay.io/codimd/server`](https://quay.io/repository/codimd/server?tab=tags). -**Heroku:** +### Heroku All you need to do is [disconnect GitHub](https://devcenter.heroku.com/articles/github-integration#disconnecting-from-github) and [reconnect it](https://devcenter.heroku.com/articles/github-integration#enabling-github-integration) diff --git a/docs/guides/minio-image-upload.md b/docs/guides/minio-image-upload.md index 258b0d90..d20dbf4a 100644 --- a/docs/guides/minio-image-upload.md +++ b/docs/guides/minio-image-upload.md @@ -1,7 +1,6 @@ -Minio Guide for CodiMD -=== +# Minio Guide for CodiMD -**Note:** *This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* +*Note:* This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks! 1. First of all you need to setup Minio itself. @@ -24,7 +23,7 @@ Minio Guide for CodiMD ![docker logs](../images/minio-image-upload/docker-logs.png) -3. Open http://localhost:9000 and login with the shown credentials. +3. Open <http://localhost:9000> and login with the shown credentials. ![minio default view](../images/minio-image-upload/default-view.png) diff --git a/docs/guides/providing-terms.md b/docs/guides/providing-terms.md index 73de2b37..c9330735 100644 --- a/docs/guides/providing-terms.md +++ b/docs/guides/providing-terms.md @@ -1,5 +1,6 @@ -Setup your terms of use -=== +# How to set up your terms of use + +## Setup your terms of use To setup your terms of use, you need to provide a document called `terms-of-use.md` which contains them. Of course written in Markdown. @@ -7,8 +8,7 @@ It has to be provided under `./public/docs/` and will be automatically turned in As soon as the file exists a link will show up in the bottom part along with the release notes and link to them. -Setup your privacy policy -=== +## Setup your privacy policy To add a privacy policy you can use the same technique as for the terms of use. The main difference is that the document is called `privacy.md`. @@ -16,8 +16,7 @@ See our example file `./public/docs/privacy.md.example` container some useful hi As with the terms of use, a link to the privacy notices will show up in the area where the release notes are provided on the index page. -Setup your imprint -=== +## Setup your imprint To add an imprint you can use the same technique as for the terms of use. The main difference is that the document is called `imprint.md`. diff --git a/docs/guides/s3-image-upload.md b/docs/guides/s3-image-upload.md index 7ca8dd12..cb3ae79f 100644 --- a/docs/guides/s3-image-upload.md +++ b/docs/guides/s3-image-upload.md @@ -1,19 +1,15 @@ -Guide - Setup CodiMD S3 image upload -=== +# Guide - Setup CodiMD S3 image upload **Note:** *This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* 1. Go to [AWS S3 console](https://console.aws.amazon.com/s3/home) and create a new bucket. - - ![create-bucket](../images/s3-image-upload/create-bucket.png) + ![create-bucket](../images/s3-image-upload/create-bucket.png) 2. Click on bucket, select **Properties** on the side panel, and find **Permission** section. Click **Edit bucket policy**. - - ![bucket-property](../images/s3-image-upload/bucket-property.png) + ![bucket-property](../images/s3-image-upload/bucket-property.png) 3. Enter the following policy, replace `bucket_name` with your bucket name: - - ![bucket-policy-editor](../images/s3-image-upload/bucket-policy-editor.png) + ![bucket-policy-editor](../images/s3-image-upload/bucket-policy-editor.png) ```json { @@ -32,16 +28,13 @@ Guide - Setup CodiMD S3 image upload 4. Go to IAM console and create a new IAM user. Remember your user credentials(`key`/`access token`) 5. Enter user page, select **Permission** tab, look at **Inline Policies** section, and click **Create User Policy** - - ![iam-user](../images/s3-image-upload/iam-user.png) + ![iam-user](../images/s3-image-upload/iam-user.png) 6. Select **Custom Policy** - - ![custom-policy](../images/s3-image-upload/custom-policy.png) + ![custom-policy](../images/s3-image-upload/custom-policy.png) 7. Enter the following policy, replace `bucket_name` with your bucket name: - - ![review-policy](../images/s3-image-upload/review-policy.png) + ![review-policy](../images/s3-image-upload/review-policy.png) ```json { @@ -62,23 +55,23 @@ Guide - Setup CodiMD S3 image upload 8. Edit `config.json` and set following keys: - ```javascript - { - "production": { - ... - "imageuploadtype": "s3", - "s3": { - "accessKeyId": "YOUR_S3_ACCESS_KEY_ID", - "secretAccessKey": "YOUR_S3_ACCESS_KEY", - "region": "YOUR_S3_REGION" // example: ap-northeast-1 - }, - "s3bucket": "YOUR_S3_BUCKET_NAME" - } - } - ``` + ```javascript + { + "production": { + ... + "imageuploadtype": "s3", + "s3": { + "accessKeyId": "YOUR_S3_ACCESS_KEY_ID", + "secretAccessKey": "YOUR_S3_ACCESS_KEY", + "region": "YOUR_S3_REGION" // example: ap-northeast-1 + }, + "s3bucket": "YOUR_S3_BUCKET_NAME" + } + } + ``` 9. In additional to edit `config.json` directly, you could also try [environment variables](../configuration-env-vars.md). ## Related Tools -* [AWS Policy Generator](http://awspolicygen.s3.amazonaws.com/policygen.html) +- [AWS Policy Generator](http://awspolicygen.s3.amazonaws.com/policygen.html) diff --git a/docs/history.md b/docs/history.md index cd12a369..7c77987c 100644 --- a/docs/history.md +++ b/docs/history.md @@ -1,5 +1,4 @@ -History of CodiMD -=== +# History of CodiMD ## It started with HackMD @@ -14,7 +13,6 @@ while referred to as "HackMD community edition". *For more on the splitting of the projects, please refer to [A note to our community (2017-10-11)](https://hackmd.io/c/community-news/https%3A%2F%2Fhackmd.io%2Fs%2Fr1_4j9_hZ).* - ## HackMD CE became CodiMD In June 2018, CodiMD was renamed from its former name "HackMD" and continued to @@ -24,7 +22,6 @@ project), as people mistook it for an open core development model. *For the whole renaming story, see the [issue where the renaming was discussed](https://github.com/hackmdio/hackmd/issues/720).* - ## CodiMD went independent In March 2019, a discussion over licensing, governance and the future of CodiMD diff --git a/docs/setup/cloudron.md b/docs/setup/cloudron.md index a33fd2f1..f2ba8b97 100644 --- a/docs/setup/cloudron.md +++ b/docs/setup/cloudron.md @@ -1,5 +1,4 @@ -Cloudron -=== +# Cloudron CodiMD is available as a 1-click install on [Cloudron](https://cloudron.io). Cloudron makes it easy to run apps like CodiMD on your server and keep them up-to-date and secure. diff --git a/docs/setup/docker-linuxserver.md b/docs/setup/docker-linuxserver.md index f99176e8..344bcfab 100644 --- a/docs/setup/docker-linuxserver.md +++ b/docs/setup/docker-linuxserver.md @@ -1,13 +1,11 @@ -LinuxServer.io CodiMD Image -=== +# LinuxServer.io CodiMD Image + [![LinuxServer.io Discord](https://img.shields.io/discord/354974912613449730.svg?logo=discord&label=LSIO%20Discord&style=flat-square)](https://discord.gg/YWrKVTn)[![container version badge](https://images.microbadger.com/badges/version/linuxserver/codimd.svg)](https://microbadger.com/images/linuxserver/codimd "Get your own version badge on microbadger.com")[![container image size badge](https://images.microbadger.com/badges/image/linuxserver/codimd.svg)](https://microbadger.com/images/linuxserver/codimd "Get your own version badge on microbadger.com")![Docker Pulls](https://img.shields.io/docker/pulls/linuxserver/codimd.svg)![Docker Stars](https://img.shields.io/docker/stars/linuxserver/codimd.svg)[![Build Status](https://ci.linuxserver.io/buildStatus/icon?job=Docker-Pipeline-Builders/docker-codimd/master)](https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-codimd/job/master/)[![LinuxServer.io CI summary](https://lsio-ci.ams3.digitaloceanspaces.com/linuxserver/codimd/latest/badge.svg)](https://lsio-ci.ams3.digitaloceanspaces.com/linuxserver/codimd/latest/index.html) [LinuxServer.io](https://linuxserver.io) have created an Ubuntu-based multi-arch container image for x86-64, arm64 and armhf which supports PDF export from all architectures using [PhantomJS](https://phantomjs.org/). - It supports all the environment variables detailed in the [configuration documentation](../configuration-env-vars.md) to modify it according to your needs. - - It gets rebuilt on new releases from CodiMD and also weekly if necessary to update any other package changes in the underlying container, making it easy to keep your CodiMD instance up to date. - - It also details how to easily [utilize Docker networking to reverse proxy](https://github.com/linuxserver/docker-codimd/#application-setup) CodiMD using their [LetsEncrypt docker image](https://github.com/linuxserver/docker-letsencrypt) In order to contribute check the LinuxServer.io [GitHub repository](https://github.com/linuxserver/docker-codimd/) for CodiMD. diff --git a/docs/setup/docker.md b/docs/setup/docker.md index 0268727c..a9a8b240 100644 --- a/docs/setup/docker.md +++ b/docs/setup/docker.md @@ -1,15 +1,12 @@ -CodiMD Docker Image -=== +# CodiMD Docker Image [![Try in PWD](https://cdn.rawgit.com/play-with-docker/stacks/cff22438/assets/images/button.png)](http://play-with-docker.com?stack=https://github.com/codimd/container/raw/master/docker-compose.yml&stack_name=codimd) - -**Debian-based version:** +## Debian-based version [![Docker Repository on Quay](https://quay.io/repository/codimd/server/status "Docker Repository on Quay")](https://quay.io/repository/codimd/server) - -**Alpine-based version:** +## Alpine-based version [![Docker Repository on Quay](https://quay.io/repository/codimd/server/status "Docker Repository on Quay")](https://quay.io/repository/codimd/server) diff --git a/docs/setup/heroku.md b/docs/setup/heroku.md index 9dc3bb3a..9f62e58c 100644 --- a/docs/setup/heroku.md +++ b/docs/setup/heroku.md @@ -1,5 +1,4 @@ -Heroku Deployment -=== +# Heroku Deployment You can quickly setup a sample Heroku CodiMD application by clicking the button below. diff --git a/docs/setup/kubernetes.md b/docs/setup/kubernetes.md index db596851..91c57188 100644 --- a/docs/setup/kubernetes.md +++ b/docs/setup/kubernetes.md @@ -1,5 +1,4 @@ -Kubernetes -=== +# Kubernetes To install use `helm install stable/hackmd`. diff --git a/docs/setup/manual-setup.md b/docs/setup/manual-setup.md index 3979cebc..4a2ad902 100644 --- a/docs/setup/manual-setup.md +++ b/docs/setup/manual-setup.md @@ -1,33 +1,42 @@ -Manual Installation -=== +# Manual Installation ## Requirements on your server - Node.js 8.5 or up + - Database (PostgreSQL, MySQL, MariaDB, SQLite, MSSQL). Must use charset `utf8`: this is typically the default in PostgreSQL and SQLite, while in MySQL and MariaDB utf8 might need to be set with `alter database <DBNAME> character set utf8 collate utf8_bin;` + - npm (and its dependencies, [node-gyp](https://github.com/nodejs/node-gyp#installation)) + - yarn + - Bash (for the setup script) -- For **building** CodiMD we recommend to use a machine with at least **2GB** RAM +- For **building** CodiMD we recommend to use a machine with at least **2GB** RAM ## Instructions 1. Check if you meet the [requirements at the top of this document](#requirements-on-your-server). + 2. Clone this repository (preferred) or download a release and unzip it. + 3. Enter the directory and type `bin/setup`, which will install npm dependencies and create configs. + 4. Modify `config.json` or configure CodiMD through environment variables which will overwrite the configs, see docs [here](https://github.com/codimd/server/blob/master/docs/configuration.md). + 5. Build front-end bundle by `yarn run build` (use `yarn run dev` if you are in development) + 6. Modify the file named `.sequelizerc`, change the value of the variable `url` with your db connection string. For example: - `postgres://username:password@localhost:5432/codimd` - `mysql://username:password@localhost:3306/codimd` - `sqlite://:memory:` + 7. It is recommended to start your server manually once: `npm start --production`, this way it's easier to see warnings or errors that might occur (leave out `--production` for development). -8. Run the server as you like (node, forever, pm2, SystemD, Init-Scripts) +8. Run the server as you like (node, forever, pm2, SystemD, Init-Scripts) ## How to upgrade your installation diff --git a/docs/slide-options.md b/docs/slide-options.md index d1277831..ec68f717 100644 --- a/docs/slide-options.md +++ b/docs/slide-options.md @@ -1,12 +1,12 @@ -Slide Separators -=== +# Slide Separators If you're getting started with reveal.js slides, there are a few things you need to know. There are two types of slides, those that transition horizontally and those that transition vertically (subslides). The following separators are used for each in the CodiMD syntax: -``` + +```markdown # First Slide --- @@ -23,7 +23,7 @@ as you can see, horizontal transitions are separated by `---` and vertical trans It's possible to customise the slide options using the YAML header in the slide markdown. eg: -``` +```yaml --- title: Example Slide tags: presentation @@ -38,7 +38,8 @@ make sure to have two spaces only at the start of the listed slide options. you can comment out options with a `#` ### Some other options -``` + +```markdown # Display controls in the bottom right corner controls: true @@ -151,7 +152,8 @@ display: 'block' ## Customising individual slides custom background image: -``` + +```markdown --- <!-- .slide: data-background="https://s3.amazonaws.com/hakim-static/reveal-js/reveal-parallax-1.jpg" --> diff --git a/docs/url-scheme.md b/docs/url-scheme.md index 88f34855..e2f2709e 100644 --- a/docs/url-scheme.md +++ b/docs/url-scheme.md @@ -9,7 +9,7 @@ When you create a new note by clicking the "New note" button, your note is given | example URL | prefix | mode | content updates | | -------------------------------------- | ------ | ----------------- | --------------- | -| pad.example.com/Ndmv3oCyREKZMjSGR9uhnQ | _none_ | editor | in realtime | +| pad.example.com/Ndmv3oCyREKZMjSGR9uhnQ | *none* | editor | in realtime | | pad.example.com/s/ByXF7k-YI | s/ | read-only version | on reload | | pad.example.com/p/ByXF7k-YI | p/ | presentation mode | on reload | @@ -19,7 +19,7 @@ If the setting `CMD_ALLOW_FREEURL` is enabled, users may create notes with a cus | example URL | prefix | mode | content updates | | --------------------------------- | ------ | ----------------- | --------------- | -| pad.example.com/my-awesome-note | _none_ | editor | in realtime | +| pad.example.com/my-awesome-note | *none* | editor | in realtime | | pad.example.com/s/my-awesome-note | s/ | read-only version | on reload | | pad.example.com/p/my-awesome-note | p/ | presentation mode | on reload | |