diff options
| -rw-r--r-- | CONTRIBUTING.md | 77 | ||||
| -rw-r--r-- | README.md | 2 | ||||
| -rw-r--r-- | docs/setup/reverse-proxy.md | 69 | ||||
| -rw-r--r-- | package.json | 2 | ||||
| -rw-r--r-- | yarn.lock | 8 |
5 files changed, 126 insertions, 32 deletions
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 9637979f..f0ce9931 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,42 +1,67 @@ -# Contributing +# Contributing to HedgeDoc -When contributing to this repository, please first discuss the change you wish to make via issue, -email, or any other method with the owners of this repository before making a change. +HedgeDoc is a volunteer effort. +We encourage you to pitch in and to help us making this project even better! -Please note we have a [code of conduct](CODE-OF-CONDUCT.md), please follow it in all your +Please note we have a [code of conduct][code-of-conduct], please respect it in all your interactions with the project. -## Pull Request Process +## Ways of contributing +### Do you have questions about the project? -1. Ensure you signed all your commits with Developer Certificate of Origin (DCO). +* Feel free to post your question on our [community forum][community-forum] or join our [matrix community chat][matrix-support]. -2. Ensure any install or build dependencies are removed before the end of the layer when doing a - build. +### Did you find a bug? -3. Update the README.md with details of changes to the interface, this includes new environment - variables, exposed ports, useful file locations and container parameters. +* **Ensure the bug wasn't already reported** by searching on GitHub under [Issues][issues]. -4. Increase the version numbers in any examples files and the README.md to the new version that this - Pull Request would represent. The versioning scheme we use is [SemVer](http://semver.org/). +* If you're unable to find an open issue addressing the problem, [open a new one][new_issue]. Be sure to use one of the templates we provide if your request applies to them. -5. You may merge the Pull Request in once you have the sign-off of two other developers, or if you - do not have permission to do that, you may request the second reviewer to merge it for you. +### Did you write a patch that fixes a bug? -## Sign your work +* Open a new GitHub pull request with the patch. See the section [submitting a pull request](#submitting-a-pull-request) for details on this. + +* Ensure the PR description is precise about the problem and your solution. Just fill out our template. That should cover the most important information. + +### Do you intend to add a new feature or change an existing one? + +* Suggest your idea via a new GitHub issue. After a confirmation about your idea, you can start writing code. Our maintainers and other project developers can provide useful details about the architecture and show you relevant issues and discussions. + +### Do you want to work on translations? + +* If you want to improve a translation or add a new translation altogether, we handle those via [POEditor][poeditor]. + +## Certificate of Origin + +By contributing to this project you agree to the [Developer Certificate of +Origin (DCO)](docs/legal/developer-certificate-of-origin.txt). This document was created by the Linux Kernel community and is a +simple statement that you, as a contributor, have the legal right to make the +contribution. +The DCO is a legally binding statement, please [read it carefully](docs/legal/developer-certificate-of-origin.txt). -We use the Developer Certificate of Origin (DCO) as a additional safeguard -for the HedgeDoc project. This is a well established and widely used -mechanism to assure contributors have confirmed their right to license -their contribution under the project's license. -Please read [docs/legal/developer-certificate-of-origin.txt][dcofile]. If you can certify it, then just add a line to every git commit message: -```git - Signed-off-by: Random J Developer <random@developer.example.org> +``` + Signed-off-by: Jane Doe <jane.doe@example.org> ``` Use your real name (sorry, no pseudonyms or anonymous contributions). -If you set your `user.name` and `user.email` git configs, you can sign your -commit automatically with `git commit -s`. You can also use git [aliases](https://git-scm.com/book/tr/v2/Git-Basics-Git-Aliases) -like `git config --global alias.ci 'commit -s'`. Now you can commit with -`git ci` and the commit will be signed. + +If you set your `user.name` and `user.email` git configs, you can sign your commit automatically with `git commit -s`. +You can also use git [aliases](https://git-scm.com/book/tr/v2/Git-Basics-Git-Aliases) like `git config --global alias.ci 'commit -s'`. +Now you can commit with `git ci` and the commit will be signed. + +## Submitting a Pull Request + +1. Submit an issue describing your proposed change. + We will try to respond to your issue as soon as possible. +2. Fork this repo, develop and test your code changes. Ensure you signed all your commits (see above for details). +3. Submit a pull request against this repo's `master` branch. +4. Your branch may be merged once all configured checks pass. + +[code-of-conduct]: ./CODE-OF-CONDUCT.md +[community-forum]: https://community.hedgedoc.org +[matrix-support]: https://chat.hedgedoc.org +[issues]: https://github.com/hedgedoc/hedgedoc/issues +[new_issue]: https://github.com/hedgedoc/hedgedoc/issues/new/choose +[poeditor]: https://translate.hedgedoc.org @@ -99,4 +99,4 @@ The license does not include the HedgeDoc logo, whose terms of usage can be foun [hedgedoc-community]: https://community.hedgedoc.org [hedgedoc-community-calls]: https://community.hedgedoc.org/t/codimd-community-call/19 [social-mastodon]: https://social.hedgedoc.org/mastodon -[social-mastodon-image]: https://img.shields.io/mastodon/follow/18547?domain=https%3A%2F%2Fsocial.snopyta.org&style=social +[social-mastodon-image]: https://img.shields.io/mastodon/follow/49593?domain=https%3A%2F%2Fsocial.snopyta.org&style=social diff --git a/docs/setup/reverse-proxy.md b/docs/setup/reverse-proxy.md new file mode 100644 index 00000000..8262100a --- /dev/null +++ b/docs/setup/reverse-proxy.md @@ -0,0 +1,69 @@ +# Using a Reverse Proxy with HedgeDoc + +If you want to use a reverse proxy to serve HedgeDoc, here are the essential +configs that you'll have to do. + +This documentation will cover HTTPS setup, with comments for HTTP setup. + +## HedgeDoc config + +[Full explaination of the configuration options](../configuration.md) + +| `config.json` parameter | Environment variable | Value | Example | +|-------------------------|----------------------|-------|---------| +| `domain` | `CMD_DOMAIN` | The full domain where your instance will be available | `hedgedoc.example.com` | +| `host` | `CMD_HOST` | An ip or domain name that is only available to HedgeDoc and your reverse proxy | `localhost` | +| `port` | `CMD_PORT` | An available port number on that IP | `3000` | +| `path` | `CMD_PATH` | path to UNIX domain socket to listen on (if specified, `host` or `CMD_HOST` and `port` or `CMD_PORT` are ignored) | `/var/run/hedgedoc.sock` | +| `protocolUseSSL` | `CMD_PROTOCOL_USESSL` | `true` if you want to serve your instance over SSL (HTTPS), `false` if you want to use plain HTTP | `true` | +| `useSSL` | | `false`, the communications between HedgeDoc and the proxy are unencrypted | `false` | +| `urlAddPort` | `CMD_URL_ADDPORT` | `false`, HedgeDoc should not append its port to the URLs it links | `false` | +| `hsts.enable` | `CMD_HSTS_ENABLE` | `true` if you host over SSL, `false` otherwise | `true` | + + +## Reverse Proxy config + +### Generic + +The reverse proxy must allow websocket `Upgrade` requests at path `/sockets.io/`. + +It must pass through the scheme used by the client (http or https). + +### Nginx + +Here is an example configuration for Nginx. + +``` +map $http_upgrade $connection_upgrade { + default upgrade; + '' close; +} +server { + server_name hedgedoc.example.com; + + location / { + proxy_pass http://127.0.0.1:3000; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + + location /socket.io/ { + proxy_pass http://127.0.0.1:3000; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + } + + listen [::]:443 ssl http2; + listen 443 ssl http2; + ssl_certificate fullchain.pem; + ssl_certificate_key privkey.pem; + include options-ssl-nginx.conf; + ssl_dhparam ssl-dhparams.pem; +} +``` diff --git a/package.json b/package.json index 5533fea0..d4173f8a 100644 --- a/package.json +++ b/package.json @@ -175,7 +175,7 @@ "babel-polyfill": "6.26.0", "babel-preset-env": "1.7.0", "babel-runtime": "6.26.0", - "copy-webpack-plugin": "6.3.1", + "copy-webpack-plugin": "6.3.2", "css-loader": "3.6.0", "eslint": "5.16.0", "eslint-config-standard": "12.0.0", @@ -2642,10 +2642,10 @@ copy-descriptor@^0.1.0: resolved "https://registry.yarnpkg.com/copy-descriptor/-/copy-descriptor-0.1.1.tgz#676f6eb3c39997c2ee1ac3a924fd6124748f578d" integrity sha1-Z29us8OZl8LuGsOpJP1hJHSPV40= -copy-webpack-plugin@6.3.1: - version "6.3.1" - resolved "https://registry.yarnpkg.com/copy-webpack-plugin/-/copy-webpack-plugin-6.3.1.tgz#ceb6e9c3e4910e63a774fd4a27451156775f6e2a" - integrity sha512-SyIMdP6H3v+zPU+VIhKRsK0ZEF82KZ93JBlKOoIW8SkkuI84FSrHxG+aMTE1u4csbi9PLRqqWTIK+bfJ2xsFuQ== +copy-webpack-plugin@6.3.2: + version "6.3.2" + resolved "https://registry.yarnpkg.com/copy-webpack-plugin/-/copy-webpack-plugin-6.3.2.tgz#0e920a6c181a5052aa6e2861b164bda03f83afeb" + integrity sha512-MgJ1uouLIbDg4ST1GzqrGQyKoXY5iPqi6fghFqarijam7FQcBa/r6Rg0VkoIuzx75Xq8iAMghyOueMkWUQ5OaA== dependencies: cacache "^15.0.5" fast-glob "^3.2.4" |