summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--README.md381
-rw-r--r--docs/configuration-config-file.md64
-rw-r--r--docs/configuration-env-vars.md113
-rw-r--r--docs/dev/getting-started.md16
-rw-r--r--docs/dev/ot.md6
-rw-r--r--docs/guides/auth/github.md6
-rw-r--r--docs/guides/auth/gitlab-self-hosted.md6
-rw-r--r--docs/guides/auth/mattermost-self-hosted.md8
-rw-r--r--docs/guides/auth/nextcloud.md6
-rw-r--r--docs/guides/auth/oauth.md12
-rw-r--r--docs/guides/auth/saml-onelogin.md12
-rw-r--r--docs/guides/auth/twitter.md8
-rw-r--r--docs/guides/migrations-and-breaking-changes.md58
-rw-r--r--docs/guides/minio-image-upload.md10
-rw-r--r--docs/guides/s3-image-upload.md12
-rw-r--r--docs/history.md39
-rw-r--r--docs/images/CodiMD-1.3.2-features.pngbin0 -> 81971 bytes
-rw-r--r--docs/images/auth/application-page.png (renamed from docs/guides/images/auth/application-page.png)bin123152 -> 123152 bytes
-rw-r--r--docs/images/auth/create-oauth-app.png (renamed from docs/guides/images/auth/create-oauth-app.png)bin27920 -> 27920 bytes
-rw-r--r--docs/images/auth/create-twitter-app.png (renamed from docs/guides/images/auth/create-twitter-app.png)bin115406 -> 115406 bytes
-rw-r--r--docs/images/auth/gitlab-application-details.png (renamed from docs/guides/images/auth/gitlab-application-details.png)bin30378 -> 30378 bytes
-rw-r--r--docs/images/auth/gitlab-new-application.png (renamed from docs/guides/images/auth/gitlab-new-application.png)bin45457 -> 45457 bytes
-rw-r--r--docs/images/auth/gitlab-sign-in.png (renamed from docs/guides/images/auth/gitlab-sign-in.png)bin5590 -> 5590 bytes
-rw-r--r--docs/images/auth/mattermost-enable-oauth2.png (renamed from docs/guides/images/auth/mattermost-enable-oauth2.png)bin26034 -> 26034 bytes
-rw-r--r--docs/images/auth/mattermost-oauth-app-add.png (renamed from docs/guides/images/auth/mattermost-oauth-app-add.png)bin21443 -> 21443 bytes
-rw-r--r--docs/images/auth/mattermost-oauth-app-done.png (renamed from docs/guides/images/auth/mattermost-oauth-app-done.png)bin31767 -> 31767 bytes
-rw-r--r--docs/images/auth/mattermost-oauth-app-form.png (renamed from docs/guides/images/auth/mattermost-oauth-app-form.png)bin62160 -> 62160 bytes
-rw-r--r--docs/images/auth/nextcloud-oauth2-1-settings.png (renamed from docs/guides/images/auth/nextcloud-oauth2-1-settings.png)bin47047 -> 47047 bytes
-rw-r--r--docs/images/auth/nextcloud-oauth2-2-client-add.png (renamed from docs/guides/images/auth/nextcloud-oauth2-2-client-add.png)bin11684 -> 11684 bytes
-rw-r--r--docs/images/auth/nextcloud-oauth2-3-clientid-secret.png (renamed from docs/guides/images/auth/nextcloud-oauth2-3-clientid-secret.png)bin13428 -> 13428 bytes
-rw-r--r--docs/images/auth/onelogin-add-app.png (renamed from docs/guides/images/auth/onelogin-add-app.png)bin40519 -> 40519 bytes
-rw-r--r--docs/images/auth/onelogin-copy-idp-metadata.png (renamed from docs/guides/images/auth/onelogin-copy-idp-metadata.png)bin239493 -> 239493 bytes
-rw-r--r--docs/images/auth/onelogin-edit-app-name.png (renamed from docs/guides/images/auth/onelogin-edit-app-name.png)bin122369 -> 122369 bytes
-rw-r--r--docs/images/auth/onelogin-edit-sp-metadata.png (renamed from docs/guides/images/auth/onelogin-edit-sp-metadata.png)bin184470 -> 184470 bytes
-rw-r--r--docs/images/auth/onelogin-select-template.png (renamed from docs/guides/images/auth/onelogin-select-template.png)bin73244 -> 73244 bytes
-rw-r--r--docs/images/auth/onelogin-use-dashboard.png (renamed from docs/guides/images/auth/onelogin-use-dashboard.png)bin27216 -> 27216 bytes
-rw-r--r--docs/images/auth/register-oauth-application-form.png (renamed from docs/guides/images/auth/register-oauth-application-form.png)bin61453 -> 61453 bytes
-rw-r--r--docs/images/auth/register-twitter-application.png (renamed from docs/guides/images/auth/register-twitter-application.png)bin202414 -> 202414 bytes
-rw-r--r--docs/images/auth/twitter-app-confirmation.png (renamed from docs/guides/images/auth/twitter-app-confirmation.png)bin191064 -> 191064 bytes
-rw-r--r--docs/images/auth/twitter-app-keys.png (renamed from docs/guides/images/auth/twitter-app-keys.png)bin162703 -> 162703 bytes
-rw-r--r--docs/images/minio-image-upload/create-bucket.png (renamed from docs/guides/images/minio-image-upload/create-bucket.png)bin15207 -> 15207 bytes
-rw-r--r--docs/images/minio-image-upload/create-policy.png (renamed from docs/guides/images/minio-image-upload/create-policy.png)bin21156 -> 21156 bytes
-rw-r--r--docs/images/minio-image-upload/default-view.png (renamed from docs/guides/images/minio-image-upload/default-view.png)bin13061 -> 13061 bytes
-rw-r--r--docs/images/minio-image-upload/docker-logs.png (renamed from docs/guides/images/minio-image-upload/docker-logs.png)bin73263 -> 73263 bytes
-rw-r--r--docs/images/minio-image-upload/open-edit-policy.png (renamed from docs/guides/images/minio-image-upload/open-edit-policy.png)bin17514 -> 17514 bytes
-rw-r--r--docs/images/s3-image-upload/bucket-policy-editor.png (renamed from docs/guides/images/s3-image-upload/bucket-policy-editor.png)bin54641 -> 54641 bytes
-rw-r--r--docs/images/s3-image-upload/bucket-property.png (renamed from docs/guides/images/s3-image-upload/bucket-property.png)bin71762 -> 71762 bytes
-rw-r--r--docs/images/s3-image-upload/create-bucket.png (renamed from docs/guides/images/s3-image-upload/create-bucket.png)bin70260 -> 70260 bytes
-rw-r--r--docs/images/s3-image-upload/custom-policy.png (renamed from docs/guides/images/s3-image-upload/custom-policy.png)bin55804 -> 55804 bytes
-rw-r--r--docs/images/s3-image-upload/iam-user.png (renamed from docs/guides/images/s3-image-upload/iam-user.png)bin91526 -> 91526 bytes
-rw-r--r--docs/images/s3-image-upload/review-policy.png (renamed from docs/guides/images/s3-image-upload/review-policy.png)bin100067 -> 100067 bytes
-rw-r--r--docs/setup/cloudron.md5
-rw-r--r--docs/setup/docker.md22
-rw-r--r--docs/setup/heroku.md6
-rw-r--r--docs/setup/kubernetes.md5
-rw-r--r--docs/setup/manual-setup.md37
56 files changed, 458 insertions, 374 deletions
diff --git a/README.md b/README.md
index 75f11e87..6e4d349f 100644
--- a/README.md
+++ b/README.md
@@ -7,371 +7,71 @@ CodiMD
[![POEditor][poeditor-image]][poeditor-url]
CodiMD lets you create real-time collaborative markdown notes on all platforms.
-Inspired by Hackpad, with more focus on speed and flexibility, and build from [HackMD](https://hackmd.io) source code.
-Feel free to contribute.
+It is inspired by Hackpad, Etherpad and similar collaborative editors. This
+project originated with the team at [HackMD](https://hackmd.io) and now forked
+into its own organisation. [A longer writeup can be read in the history doc](docs/history.md).
-Thanks for using! :smile:
+![CodiMD 1.3.2 with its feature demonstration page open](docs/images/CodiMD-1.3.2-features.png)
-<!-- START doctoc generated TOC please keep comment here to allow auto update -->
-<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
-# Table of Contents
-- [HackMD CE became CodiMD](#hackmd-ce-became-codimd)
-- [Browsers Requirement](#browsers-requirement)
-- [Installation](#installation)
- - [Getting started (Native install)](#getting-started-native-install)
- - [Prerequisite](#prerequisite)
- - [Instructions](#instructions)
- - [Heroku Deployment](#heroku-deployment)
- - [Kubernetes](#kubernetes)
- - [CodiMD by docker container](#codimd-by-docker-container)
- - [Cloudron](#cloudron)
-- [Upgrade](#upgrade)
- - [Native setup](#native-setup)
-- [Configuration](#configuration)
- - [Environment variables (will overwrite other server configs)](#environment-variables-will-overwrite-other-server-configs)
- - [Application settings `config.json`](#application-settings-configjson)
- - [Third-party integration API key settings](#third-party-integration-api-key-settings)
- - [Third-party integration OAuth callback URLs](#third-party-integration-oauth-callback-urls)
-- [Developer Notes](#developer-notes)
- - [Structure](#structure)
- - [Operational Transformation](#operational-transformation)
-- [License](#license)
+## Community and Contributions
-<!-- END doctoc generated TOC please keep comment here to allow auto update -->
-
-# HackMD CE became CodiMD
-
-CodiMD was recently renamed from its former name was HackMD. CodiMD is the free software version of HackMD. It was the original Version of HackMD. The HackMD team initiated CodiMD and provided a solid code base. Due to the need of paying bills, A fork was created and called HackMD EE, which is a SaaS (Software as a Service) product available at [hackmd.io](https://hackmd.io).
-
-We decided to change the name to break the confusion between HackMD and CodiMD, formally known as HackMD CE, as it never was an open core project.
-
-Just to more confusion: We are still friends with HackMD :heart:
-
-*For the whole renaming story, see the [related issue](https://github.com/hackmdio/hackmd/issues/720)*
-
-# Browsers Requirement
-
-- ![Chrome](http://browserbadge.com/chrome/47/18px) Chrome >= 47, Chrome for Android >= 47
-- ![Safari](http://browserbadge.com/safari/9/18px) Safari >= 9, iOS Safari >= 8.4
-- ![Firefox](http://browserbadge.com/firefox/44/18px) Firefox >= 44
-- ![IE](http://browserbadge.com/ie/9/18px) IE >= 9, Edge >= 12
-- ![Opera](http://browserbadge.com/opera/34/18px) Opera >= 34, Opera Mini not supported
-- Android Browser >= 4.4
-
-# Installation
-
-## Getting started (Native install)
-
-### Prerequisite
-
-- Node.js 6.x or up (test up to 7.5.0) and <10.x
-- Database (PostgreSQL, MySQL, MariaDB, SQLite, MSSQL) use charset `utf8`
-- npm (and its dependencies, especially [uWebSockets](https://github.com/uWebSockets/uWebSockets#nodejs-developers), [node-gyp](https://github.com/nodejs/node-gyp#installation))
-- `libssl-dev` for building scrypt (see [here](https://github.com/ml1nk/node-scrypt/blob/master/README.md#installation-instructions) for further information)
-- For **building** CodiMD we recommend to use a machine with at least **2GB** RAM
-
-### Instructions
-
-1. Download a release and unzip or clone into a directory
-2. Enter the directory and type `bin/setup`, which will install npm dependencies and create configs. The setup script is written in Bash, you would need bash as a prerequisite.
-3. Setup the configs, see more below
-4. Setup environment variables which will overwrite the configs
-5. Build front-end bundle by `npm run build` (use `npm run dev` if you are in development)
-6. Modify the file named `.sequelizerc`, change the value of the variable `url` with your db connection string
- For example: `postgres://username:password@localhost:5432/codimd`
-7. Run `node_modules/.bin/sequelize db:migrate`, this step will migrate your db to the latest schema
-8. Run the server as you like (node, forever, pm2)
-
-To stay up to date with your installation it's recommended to join our [Matrix channel][matrix.org-url] or subscribe to the [release feed][github-release-feed].
-
-## Heroku Deployment
-
-You can quickly setup a sample Heroku CodiMD application by clicking the button below.
-
-[![Deploy on Heroku](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy?template=https://github.com/codimd/server/tree/master)
-
-If you deploy it without the button, keep in mind to use the right buildpacks. For details check `app.json`.
-
-## Kubernetes
-
-To install use `helm install stable/hackmd`.
-
-For all further details, please check out the offical CodiMD [K8s helm chart](https://github.com/kubernetes/charts/tree/master/stable/hackmd).
-
-## CodiMD by docker container
-[![Try in PWD](https://cdn.rawgit.com/play-with-docker/stacks/cff22438/assets/images/button.png)](http://play-with-docker.com?stack=https://github.com/codimd/container/raw/master/docker-compose.yml&stack_name=codimd)
-
-
-**Debian-based version:**
-
-[![Docker Repository on Quay](https://quay.io/repository/codimd/server/status "Docker Repository on Quay")](https://quay.io/repository/codimd/server)
-
-
-**Alpine-based version:**
-
-[![Docker Repository on Quay](https://quay.io/repository/codimd/server/status "Docker Repository on Quay")](https://quay.io/repository/codimd/server)
-
-The easiest way to setup CodiMD using docker are using the following three commands:
-
-```console
-git clone https://github.com/codimd/container.git
-cd codimd-container
-docker-compose up
-```
-Read more about it in the [container repository…](https://github.com/codimd/container)
-
-## Cloudron
-
-Install CodiMD on [Cloudron](https://cloudron.io):
-
-[![Install](https://cloudron.io/img/button.svg)](https://cloudron.io/button.html?app=io.hackmd.cloudronapp)
-
-# Upgrade
-
-## Native setup
-
-:warning: When you are still running from the old repository, please run: `git remote set-url origin https://github.com/codimd/server.git` :warning:
-
-If you are upgrading CodiMD from an older version, follow these steps:
-
-1. Fully stop your old server first (important)
-2. `git pull` or do whatever that updates the files
-3. `npm install` to update dependencies
-4. Build front-end bundle by `npm run build` (use `npm run dev` if you are in development)
-5. Modify the file named `.sequelizerc`, change the value of the variable `url` with your db connection string
- For example: `postgres://username:password@localhost:5432/codimd`
-6. Run `node_modules/.bin/sequelize db:migrate`, this step will migrate your db to the latest schema
-7. Start your whole new server!
+We welcome contributions! There's a lot to do. If you would like to report bugs
+the [issue tracker](github-issue-tracker) is the right place. If you want to
+help translating, find us on [POEditor](poeditor-url). To get started developing,
+take a look at the [docs/dev](docs/dev) directory. In any case: come talk to us,
+we'll be delighted to help you with the first steps.
To stay up to date with your installation it's recommended to join our [Matrix channel][matrix.org-url] or subscribe to the [release feed][github-release-feed].
-* **migrate-to-1.1.0**
-
-We deprecated the older lower case config style and moved on to camel case style. Please have a look at the current `config.json.example` and check the warnings on startup.
-
-*Notice: This is not a breaking change right now but in the future*
-* [**migration-to-0.5.0**](https://github.com/hackmdio/migration-to-0.5.0)
+## Installation / Upgrading
-We don't use LZString to compress socket.io data and DB data after version 0.5.0.
-Please run the migration tool if you're upgrading from the old version.
+You can run CodiMD in a number of ways, and we created setup instructions for
+all of these:
-* [**migration-to-0.4.0**](https://github.com/hackmdio/migration-to-0.4.0)
+* [Docker](docs/setup/docker.md)
+* [Kubernetes](docs/setup/kubernetes.md)
+* [Cloudron](docs/setup/cloudron.md)
+* [Heroku](docs/setup/heroku.md)
+* [manual setup](docs/setup/manual-setup.md)
-We've dropped MongoDB after version 0.4.0.
-So here is the migration tool for you to transfer the old DB data to the new DB.
-This tool is also used for official service.
+If you do not wish to run your own setup, you can find a commercial offering at
+https://hackmd.io. This is not the same codebase as this one, but it is a very
+similar project.
-# Configuration
-There are some config settings you need to change in the files below.
+## Configuration
-```
-./config.json ----application settings
-```
+Theres two main ways to configure your CodiMD instance:
+[Config file](docs/configuration-config-file.md) or
+[environment variables](docs/configuration-env-vars.md). You can choose what
+works best for you.
-## Environment variables (will overwrite other server configs)
+CodiMD can integrate with
-| variables | example values | description |
-| --------- | ------ | ----------- |
-| `NODE_ENV` | `production` or `development` | set current environment (will apply corresponding settings in the `config.json`) |
-| `DEBUG` | `true` or `false` | set debug mode; show more logs |
-| `CMD_CONFIG_FILE` | `/path/to/config.json` | optional override for the path to CodiMD's config file |
-| `CMD_DOMAIN` | `codimd.org` | domain name |
-| `CMD_URL_PATH` | `codimd` | sub URL path, like `www.example.com/<URL_PATH>` |
-| `CMD_HOST` | `localhost` | host to listen on |
-| `CMD_PORT` | `80` | web app port |
-| `CMD_PATH` | `/var/run/codimd.sock` | path to UNIX domain socket to listen on (if specified, `CMD_HOST` and `CMD_PORT` are ignored) |
-| `CMD_LOGLEVEL` | `info` | Defines what kind of logs are provided to stdout. |
-| `CMD_ALLOW_ORIGIN` | `localhost, codimd.org` | domain name whitelist (use comma to separate) |
-| `CMD_PROTOCOL_USESSL` | `true` or `false` | set to use SSL protocol for resources path (only applied when domain is set) |
-| `CMD_URL_ADDPORT` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) |
-| `CMD_USECDN` | `true` or `false` | set to use CDN resources or not (default is `true`) |
-| `CMD_ALLOW_ANONYMOUS` | `true` or `false` | set to allow anonymous usage (default is `true`) |
-| `CMD_ALLOW_ANONYMOUS_EDITS` | `true` or `false` | if `allowAnonymous` is `true`, allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) |
-| `CMD_ALLOW_FREEURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL |
-| `CMD_FORBIDDEN_NODE_IDS` | `'robots.txt'` | disallow creation of notes, even if `CMD_ALLOW_FREEURL` is `true` |
-| `CMD_DEFAULT_PERMISSION` | `freely`, `editable`, `limited`, `locked` or `private` | set notes default permission (only applied on signed users) |
-| `CMD_DB_URL` | `mysql://localhost:3306/database` | set the database URL |
-| `CMD_SESSION_SECRET` | no example | Secret used to sign the session cookie. If non is set, one will randomly generated on startup |
-| `CMD_SESSION_LIFE` | `1209600000` | Session life time. (milliseconds) |
-| `CMD_FACEBOOK_CLIENTID` | no example | Facebook API client id |
-| `CMD_FACEBOOK_CLIENTSECRET` | no example | Facebook API client secret |
-| `CMD_TWITTER_CONSUMERKEY` | no example | Twitter API consumer key |
-| `CMD_TWITTER_CONSUMERSECRET` | no example | Twitter API consumer secret |
-| `CMD_GITHUB_CLIENTID` | no example | GitHub API client id |
-| `CMD_GITHUB_CLIENTSECRET` | no example | GitHub API client secret |
-| `CMD_GITLAB_SCOPE` | `read_user` or `api` | GitLab API requested scope (default is `api`) (GitLab snippet import/export need `api` scope) |
-| `CMD_GITLAB_BASEURL` | no example | GitLab authentication endpoint, set to use other endpoint than GitLab.com (optional) |
-| `CMD_GITLAB_CLIENTID` | no example | GitLab API client id |
-| `CMD_GITLAB_CLIENTSECRET` | no example | GitLab API client secret |
-| `CMD_GITLAB_VERSION` | no example | GitLab API version (v3 or v4) |
-| `CMD_MATTERMOST_BASEURL` | no example | Mattermost authentication endpoint for versions below 5.0. For Mattermost version 5.0 and above, see [guide](docs/guides/auth/mattermost-self-hosted.md). |
-| `CMD_MATTERMOST_CLIENTID` | no example | Mattermost API client id |
-| `CMD_MATTERMOST_CLIENTSECRET` | no example | Mattermost API client secret |
-| `CMD_DROPBOX_CLIENTID` | no example | Dropbox API client id |
-| `CMD_DROPBOX_CLIENTSECRET` | no example | Dropbox API client secret |
-| `CMD_GOOGLE_CLIENTID` | no example | Google API client id |
-| `CMD_GOOGLE_CLIENTSECRET` | no example | Google API client secret |
-| `CMD_LDAP_URL` | `ldap://example.com` | URL of LDAP server |
-| `CMD_LDAP_BINDDN` | no example | bindDn for LDAP access |
-| `CMD_LDAP_BINDCREDENTIALS` | no example | bindCredentials for LDAP access |
-| `CMD_LDAP_SEARCHBASE` | `o=users,dc=example,dc=com` | LDAP directory to begin search from |
-| `CMD_LDAP_SEARCHFILTER` | `(uid={{username}})` | LDAP filter to search with |
-| `CMD_LDAP_SEARCHATTRIBUTES` | `displayName, mail` | LDAP attributes to search with (use comma to separate) |
-| `CMD_LDAP_USERIDFIELD` | `uidNumber` or `uid` or `sAMAccountName` | The LDAP field which is used uniquely identify a user on CodiMD |
-| `CMD_LDAP_USERNAMEFIELD` | Fallback to userid | The LDAP field which is used as the username on CodiMD |
-| `CMD_LDAP_TLS_CA` | `server-cert.pem, root.pem` | Root CA for LDAP TLS in PEM format (use comma to separate) |
-| `CMD_LDAP_PROVIDERNAME` | `My institution` | Optional name to be displayed at login form indicating the LDAP provider |
-| `CMD_SAML_IDPSSOURL` | `https://idp.example.com/sso` | authentication endpoint of IdP. for details, see [guide](docs/guides/auth/saml-onelogin.md). |
-| `CMD_SAML_IDPCERT` | `/path/to/cert.pem` | certificate file path of IdP in PEM format |
-| `CMD_SAML_ISSUER` | no example | identity of the service provider (optional, default: serverurl)" |
-| `CMD_SAML_IDENTIFIERFORMAT` | no example | name identifier format (optional, default: `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress`) |
-| `CMD_SAML_GROUPATTRIBUTE` | `memberOf` | attribute name for group list (optional) |
-| `CMD_SAML_REQUIREDGROUPS` | `Hackmd-users` | group names that allowed (use vertical bar to separate) (optional) |
-| `CMD_SAML_EXTERNALGROUPS` | `Temporary-staff` | group names that not allowed (use vertical bar to separate) (optional) |
-| `CMD_SAML_ATTRIBUTE_ID` | `sAMAccountName` | attribute map for `id` (optional, default: NameID of SAML response) |
-| `CMD_SAML_ATTRIBUTE_USERNAME` | `mailNickname` | attribute map for `username` (optional, default: NameID of SAML response) |
-| `CMD_SAML_ATTRIBUTE_EMAIL` | `mail` | attribute map for `email` (optional, default: NameID of SAML response if `CMD_SAML_IDENTIFIERFORMAT` is default) |
-| `CMD_OAUTH2_USER_PROFILE_URL` | `https://example.com` | where retrieve information about a user after succesful login. Needs to output JSON. (no default value) Refer to the [Mattermost](docs/guides/auth/mattermost-self-hosted.md) or [Nextcloud](docs/guides/auth/nextcloud.md) examples for more details on all of the `CMD_OAUTH2...` options. |
-| `CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR` | `name` | where to find the username in the JSON from the user profile URL. (no default value)|
-| `CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR` | `display-name` | where to find the display-name in the JSON from the user profile URL. (no default value) |
-| `CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR` | `email` | where to find the email address in the JSON from the user profile URL. (no default value) |
-| `CMD_OAUTH2_TOKEN_URL` | `https://example.com` | sometimes called token endpoint, please refer to the documentation of your OAuth2 provider (no default value) |
-| `CMD_OAUTH2_AUTHORIZATION_URL` | `https://example.com` | authorization URL of your provider, please refer to the documentation of your OAuth2 provider (no default value) |
-| `CMD_OAUTH2_CLIENT_ID` | `afae02fckafd...` | you will get this from your OAuth2 provider when you register CodiMD as OAuth2-client, (no default value) |
-| `CMD_OAUTH2_CLIENT_SECRET` | `afae02fckafd...` | you will get this from your OAuth2 provider when you register CodiMD as OAuth2-client, (no default value) |
-| `CMD_OAUTH2_PROVIDERNAME` | `My institution` | Optional name to be displayed at login form indicating the oAuth2 provider |
-| `CMD_IMGUR_CLIENTID` | no example | Imgur API client id |
-| `CMD_EMAIL` | `true` or `false` | set to allow email signin |
-| `CMD_ALLOW_PDF_EXPORT` | `true` or `false` | Enable or disable PDF exports |
-| `CMD_ALLOW_EMAIL_REGISTER` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) |
-| `CMD_ALLOW_GRAVATAR` | `true` or `false` | set to `false` to disable gravatar as profile picture source on your instance |
-| `CMD_IMAGE_UPLOAD_TYPE` | `imgur`, `s3`, `minio` or `filesystem` | Where to upload images. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md) |
-| `CMD_S3_ACCESS_KEY_ID` | no example | AWS access key id |
-| `CMD_S3_SECRET_ACCESS_KEY` | no example | AWS secret key |
-| `CMD_S3_REGION` | `ap-northeast-1` | AWS S3 region |
-| `CMD_S3_BUCKET` | no example | AWS S3 bucket name |
-| `CMD_MINIO_ACCESS_KEY` | no example | Minio access key |
-| `CMD_MINIO_SECRET_KEY` | no example | Minio secret key |
-| `CMD_MINIO_ENDPOINT` | `minio.example.org` | Address of your Minio endpoint/instance |
-| `CMD_MINIO_PORT` | `9000` | Port that is used for your Minio instance |
-| `CMD_MINIO_SECURE` | `true` | If set to `true` HTTPS is used for Minio |
-| `CMD_AZURE_CONNECTION_STRING` | no example | Azure Blob Storage connection string |
-| `CMD_AZURE_CONTAINER` | no example | Azure Blob Storage container name (automatically created if non existent) |
-| `CMD_HSTS_ENABLE` | ` true` | set to enable [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) if HTTPS is also enabled (default is ` true`) |
-| `CMD_HSTS_INCLUDE_SUBDOMAINS` | `true` | set to include subdomains in HSTS (default is `true`) |
-| `CMD_HSTS_MAX_AGE` | `31536000` | max duration in seconds to tell clients to keep HSTS status (default is a year) |
-| `CMD_HSTS_PRELOAD` | `true` | whether to allow preloading of the site's HSTS status (e.g. into browsers) |
-| `CMD_CSP_ENABLE` | `true` | whether to enable Content Security Policy (directives cannot be configured with environment variables) |
-| `CMD_CSP_REPORTURI` | `https://<someid>.report-uri.com/r/d/csp/enforce` | Allows to add a URL for CSP reports in case of violations |
-| `CMD_SOURCE_URL` | `https://github.com/codimd/server/tree/<current commit>` | Provides the link to the source code of CodiMD on the entry page (Please, make sure you change this when you run a modified version) |
+* facebook, twitter, github, gitlab, mattermost, dropbox, google, ldap, saml and [oauth2](docs/guides/auth/oauth.md) **for login**
+* imgur, s3, minio, azure **for image/attachment storage** (files can also be local!)
+* dropbox **for export and import**
-***Note:** Due to the rename process we renamed all `HMD_`-prefix variables to be `CMD_`-prefixed. The old ones continue to work.*
+More info about that can be found in the configuration docs above.
-## Application settings `config.json`
-| variables | example values | description |
-| --------- | ------ | ----------- |
-| `debug` | `true` or `false` | set debug mode, show more logs |
-| `domain` | `localhost` | domain name |
-| `urlPath` | `codimd` | sub URL path, like `www.example.com/<urlpath>` |
-| `host` | `localhost` | host to listen on |
-| `port` | `80` | web app port |
-| `path` | `/var/run/codimd.sock` | path to UNIX domain socket to listen on (if specified, `host` and `port` are ignored) |
-| `loglevel` | `info` | Defines what kind of logs are provided to stdout. |
-| `allowOrigin` | `['localhost']` | domain name whitelist |
-| `useSSL` | `true` or `false` | set to use SSL server (if `true`, will auto turn on `protocolUseSSL`) |
-| `hsts` | `{"enable": true, "maxAgeSeconds": 31536000, "includeSubdomains": true, "preload": true}` | [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) options to use with HTTPS (default is the example value, max age is a year) |
-| `csp` | `{"enable": true, "directives": {"scriptSrc": "trustworthy-scripts.example.com"}, "upgradeInsecureRequests": "auto", "addDefaults": true}` | Configures [Content Security Policy](https://helmetjs.github.io/docs/csp/). Directives are passed to Helmet - see [their documentation](https://helmetjs.github.io/docs/csp/) for more information on the format. Some defaults are added to the configured values so that the application doesn't break. To disable this behaviour, set `addDefaults` to `false`. Further, if `usecdn` is on, some CDN locations are allowed too. By default (`auto`), insecure (HTTP) requests are upgraded to HTTPS via CSP if `useSSL` is on. To change this behaviour, set `upgradeInsecureRequests` to either `true` or `false`. |
-| `protocolUseSSL` | `true` or `false` | set to use SSL protocol for resources path (only applied when domain is set) |
-| `urlAddPort` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) |
-| `useCDN` | `true` or `false` | set to use CDN resources or not (default is `true`) |
-| `allowAnonymous` | `true` or `false` | set to allow anonymous usage (default is `true`) |
-| `allowAnonymousEdits` | `true` or `false` | if `allowAnonymous` is `true`: allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) |
-| `allowFreeURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL |
-| `forbiddenNoteIDs` | `['robots.txt']` | disallow creation of notes, even if `allowFreeUrl` is `true` |
-| `defaultPermission` | `freely`, `editable`, `limited`, `locked`, `protected` or `private` | set notes default permission (only applied on signed users) |
-| `dbURL` | `mysql://localhost:3306/database` | set the db URL; if set, then db config (below) won't be applied |
-| `db` | `{ "dialect": "sqlite", "storage": "./db.codimd.sqlite" }` | set the db configs, [see more here](http://sequelize.readthedocs.org/en/latest/api/sequelize/) |
-| `sslKeyPath` | `./cert/client.key` | SSL key path<sup>1</sup> (only need when you set `useSSL`) |
-| `sslCertPath` | `./cert/codimd_io.crt` | SSL cert path<sup>1</sup> (only need when you set `useSSL`) |
-| `sslCAPath` | `['./cert/COMODORSAAddTrustCA.crt']` | SSL ca chain<sup>1</sup> (only need when you set `useSSL`) |
-| `dhParamPath` | `./cert/dhparam.pem` | SSL dhparam path<sup>1</sup> (only need when you set `useSSL`) |
-| `tmpPath` | `./tmp/` | temp directory path<sup>1</sup> |
-| `defaultNotePath` | `./public/default.md` | default note file path<sup>1</sup> |
-| `docsPath` | `./public/docs` | docs directory path<sup>1</sup> |
-| `viewPath` | `./public/views` | template directory path<sup>1</sup> |
-| `uploadsPath` | `./public/uploads` | uploads directory<sup>1</sup> - needs to be persistent when you use imageUploadType `filesystem` |
-| `sessionName` | `connect.sid` | cookie session name |
-| `sessionSecret` | `secret` | cookie session secret |
-| `sessionLife` | `14 * 24 * 60 * 60 * 1000` | cookie session life |
-| `staticCacheTime` | `1 * 24 * 60 * 60 * 1000` | static file cache time |
-| `heartbeatInterval` | `5000` | socket.io heartbeat interval |
-| `heartbeatTimeout` | `10000` | socket.io heartbeat timeout |
-| `documentMaxLength` | `100000` | note max length |
-| `email` | `true` or `false` | set to allow email signin |
-| `oauth2` | `{baseURL: ..., userProfileURL: ..., userProfileUsernameAttr: ..., userProfileDisplayNameAttr: ..., userProfileEmailAttr: ..., tokenURL: ..., authorizationURL: ..., clientID: ..., clientSecret: ...}` | An object detailing your OAuth2 provider. Refer to the [Mattermost](docs/guides/auth/mattermost-self-hosted.md) or [Nextcloud](docs/guides/auth/nextcloud.md) examples for more details!|
-| `allowEmailRegister` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) |
-| `allowGravatar` | `true` or `false` | set to `false` to disable gravatar as profile picture source on your instance |
-| `imageUploadType` | `imgur`, `s3`, `minio`, `azure` or `filesystem`(default) | Where to upload images. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md)|
-| `minio` | `{ "accessKey": "YOUR_MINIO_ACCESS_KEY", "secretKey": "YOUR_MINIO_SECRET_KEY", "endpoint": "YOUR_MINIO_HOST", port: 9000, secure: true }` | When `imageUploadType` is set to `minio`, you need to set this key. Also checkout our [Minio Image Upload Guide](docs/guides/minio-image-upload.md) |
-| `s3` | `{ "accessKeyId": "YOUR_S3_ACCESS_KEY_ID", "secretAccessKey": "YOUR_S3_ACCESS_KEY", "region": "YOUR_S3_REGION" }` | When `imageuploadtype` be set to `s3`, you would also need to setup this key, check our [S3 Image Upload Guide](docs/guides/s3-image-upload.md) |
-| `s3bucket` | `YOUR_S3_BUCKET_NAME` | bucket name when `imageUploadType` is set to `s3` or `minio` |
-| `sourceURL` | `https://github.com/codimd/server/tree/<current commit>` | Provides the link to the source code of CodiMD on the entry page (Please, make sure you change this when you run a modified version) |
+## Browser support
-<sup>1</sup>: relative paths are based on CodiMD's base directory
-
-## Third-party integration API key settings
-
-| service | settings location | description |
-| ------- | --------- | ----------- |
-| facebook, twitter, github, gitlab, mattermost, dropbox, google, ldap, saml | environment variables or `config.json` | for signin |
-| imgur, s3, minio, azure | environment variables or `config.json` | for image upload |
-| dropbox(`dropbox/appKey`) | `config.json` | for export and import |
-
-## Third-party integration OAuth callback URLs
-
-| service | callback URL (after the server URL) |
-| ------- | --------- |
-| facebook | `/auth/facebook/callback` |
-| twitter | `/auth/twitter/callback` |
-| github | `/auth/github/callback` |
-| gitlab | `/auth/gitlab/callback` |
-| mattermost | `/auth/mattermost/callback` |
-| dropbox | `/auth/dropbox/callback` |
-| google | `/auth/google/callback` |
-| saml | `/auth/saml/callback` |
-
-# Developer Notes
-
-## Structure
-
-```text
-codimd/
-├── tmp/ --- temporary files
-├── docs/ --- document files
-├── lib/ --- server libraries
-└── public/ --- client files
- ├── css/ --- css styles
- ├── js/ --- js scripts
- ├── vendor/ --- vendor includes
- └── views/ --- view templates
-```
-
-## Operational Transformation
-
-From 0.3.2, we started supporting operational transformation.
-It makes concurrent editing safe and will not break up other users' operations.
-Additionally, now can show other clients' selections.
-See more at [http://operational-transformation.github.io/](http://operational-transformation.github.io/)
+To use CodiMD, your browser should match or exceed these versions:
+- ![Chrome](http://browserbadge.com/chrome/47/18px) Chrome >= 47, Chrome for Android >= 47
+- ![Safari](http://browserbadge.com/safari/9/18px) Safari >= 9, iOS Safari >= 8.4
+- ![Firefox](http://browserbadge.com/firefox/44/18px) Firefox >= 44
+- ![IE](http://browserbadge.com/ie/9/18px) IE >= 9, Edge >= 12
+- ![Opera](http://browserbadge.com/opera/34/18px) Opera >= 34, Opera Mini not supported
+- Android Browser >= 4.4
# License
-**License under AGPL.**
+Licensed under AGPLv3. For our list of contributors, see [AUTHORS](AUTHORS).
[matrix.org-image]: https://img.shields.io/badge/Matrix.org-%23CodiMD@matrix.org-green.svg
[matrix.org-url]: https://riot.im/app/#/room/#codimd:matrix.org
@@ -380,5 +80,6 @@ See more at [http://operational-transformation.github.io/](http://operational-tr
[github-version-badge]: https://img.shields.io/github/release/codimd/server.svg
[github-release-page]: https://github.com/codimd/server/releases
[github-release-feed]: https://github.com/codimd/server/releases.atom
+[github-issue-tracker]: https://github.com/codimd/server/issues/
[poeditor-image]: https://img.shields.io/badge/POEditor-translate-blue.svg
[poeditor-url]: https://poeditor.com/join/project/1OpGjF2Jir
diff --git a/docs/configuration-config-file.md b/docs/configuration-config-file.md
new file mode 100644
index 00000000..4edbbf0f
--- /dev/null
+++ b/docs/configuration-config-file.md
@@ -0,0 +1,64 @@
+# Configuration Using Config file
+
+You can choose to configure CodiMD with either a config file or with
+[environment variables](configuration-env-vars.md). The config file is processed
+in [`lib/config/index.js`](lib/config/index.js) - so this is the first
+place to look if anything is missing not obvious from this document.
+
+Environment variables take precedence over configurations from the config files.
+To get started, it is a good idea to take the `config.json.example` and copy it
+to `config.json` before filling in your own details.
+
+[//]: # (TODO split up into chunks)
+
+
+| variables | example values | description |
+| --------- | ------ | ----------- |
+| `debug` | `true` or `false` | set debug mode, show more logs |
+| `domain` | `localhost` | domain name |
+| `urlPath` | `codimd` | sub URL path, like `www.example.com/<urlpath>` |
+| `host` | `localhost` | host to listen on |
+| `port` | `80` | web app port |
+| `path` | `/var/run/codimd.sock` | path to UNIX domain socket to listen on (if specified, `host` and `port` are ignored) |
+| `loglevel` | `info` | Defines what kind of logs are provided to stdout. |
+| `allowOrigin` | `['localhost']` | domain name whitelist |
+| `useSSL` | `true` or `false` | set to use SSL server (if `true`, will auto turn on `protocolUseSSL`) |
+| `hsts` | `{"enable": true, "maxAgeSeconds": 31536000, "includeSubdomains": true, "preload": true}` | [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) options to use with HTTPS (default is the example value, max age is a year) |
+| `csp` | `{"enable": true, "directives": {"scriptSrc": "trustworthy-scripts.example.com"}, "upgradeInsecureRequests": "auto", "addDefaults": true}` | Configures [Content Security Policy](https://helmetjs.github.io/docs/csp/). Directives are passed to Helmet - see [their documentation](https://helmetjs.github.io/docs/csp/) for more information on the format. Some defaults are added to the configured values so that the application doesn't break. To disable this behaviour, set `addDefaults` to `false`. Further, if `usecdn` is on, some CDN locations are allowed too. By default (`auto`), insecure (HTTP) requests are upgraded to HTTPS via CSP if `useSSL` is on. To change this behaviour, set `upgradeInsecureRequests` to either `true` or `false`. |
+| `protocolUseSSL` | `true` or `false` | set to use SSL protocol for resources path (only applied when domain is set) |
+| `urlAddPort` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) |
+| `useCDN` | `true` or `false` | set to use CDN resources or not (default is `true`) |
+| `allowAnonymous` | `true` or `false` | set to allow anonymous usage (default is `true`) |
+| `allowAnonymousEdits` | `true` or `false` | if `allowAnonymous` is `true`: allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) |
+| `allowFreeURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL |
+| `forbiddenNoteIDs` | `['robots.txt']` | disallow creation of notes, even if `allowFreeUrl` is `true` |
+| `defaultPermission` | `freely`, `editable`, `limited`, `locked`, `protected` or `private` | set notes default permission (only applied on signed users) |
+| `dbURL` | `mysql://localhost:3306/database` | set the db URL; if set, then db config (below) won't be applied |
+| `db` | `{ "dialect": "sqlite", "storage": "./db.codimd.sqlite" }` | set the db configs, [see more here](http://sequelize.readthedocs.org/en/latest/api/sequelize/) |
+| `sslKeyPath` | `./cert/client.key` | SSL key path<sup>1</sup> (only need when you set `useSSL`) |
+| `sslCertPath` | `./cert/codimd_io.crt` | SSL cert path<sup>1</sup> (only need when you set `useSSL`) |
+| `sslCAPath` | `['./cert/COMODORSAAddTrustCA.crt']` | SSL ca chain<sup>1</sup> (only need when you set `useSSL`) |
+| `dhParamPath` | `./cert/dhparam.pem` | SSL dhparam path<sup>1</sup> (only need when you set `useSSL`) |
+| `tmpPath` | `./tmp/` | temp directory path<sup>1</sup> |
+| `defaultNotePath` | `./public/default.md` | default note file path<sup>1</sup> |
+| `docsPath` | `./public/docs` | docs directory path<sup>1</sup> |
+| `viewPath` | `./public/views` | template directory path<sup>1</sup> |
+| `uploadsPath` | `./public/uploads` | uploads directory<sup>1</sup> - needs to be persistent when you use imageUploadType `filesystem` |
+| `sessionName` | `connect.sid` | cookie session name |
+| `sessionSecret` | `secret` | cookie session secret |
+| `sessionLife` | `14 * 24 * 60 * 60 * 1000` | cookie session life |
+| `staticCacheTime` | `1 * 24 * 60 * 60 * 1000` | static file cache time |
+| `heartbeatInterval` | `5000` | socket.io heartbeat interval |
+| `heartbeatTimeout` | `10000` | socket.io heartbeat timeout |
+| `documentMaxLength` | `100000` | note max length |
+| `email` | `true` or `false` | set to allow email signin |
+| `oauth2` | `{baseURL: ..., userProfileURL: ..., userProfileUsernameAttr: ..., userProfileDisplayNameAttr: ..., userProfileEmailAttr: ..., tokenURL: ..., authorizationURL: ..., clientID: ..., clientSecret: ...}` | An object detailing your OAuth2 provider. Refer to the [Mattermost](docs/guides/auth/mattermost-self-hosted.md) or [Nextcloud](docs/guides/auth/nextcloud.md) examples for more details!|
+| `allowEmailRegister` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) |
+| `allowGravatar` | `true` or `false` | set to `false` to disable gravatar as profile picture source on your instance |
+| `imageUploadType` | `imgur`, `s3`, `minio`, `azure` or `filesystem`(default) | Where to upload images. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md)|
+| `minio` | `{ "accessKey": "YOUR_MINIO_ACCESS_KEY", "secretKey": "YOUR_MINIO_SECRET_KEY", "endpoint": "YOUR_MINIO_HOST", port: 9000, secure: true }` | When `imageUploadType` is set to `minio`, you need to set this key. Also checkout our [Minio Image Upload Guide](docs/guides/minio-image-upload.md) |
+| `s3` | `{ "accessKeyId": "YOUR_S3_ACCESS_KEY_ID", "secretAccessKey": "YOUR_S3_ACCESS_KEY", "region": "YOUR_S3_REGION" }` | When `imageuploadtype` be set to `s3`, you would also need to setup this key, check our [S3 Image Upload Guide](docs/guides/s3-image-upload.md) |
+| `s3bucket` | `YOUR_S3_BUCKET_NAME` | bucket name when `imageUploadType` is set to `s3` or `minio` |
+| `sourceURL` | `https://github.com/codimd/server/tree/<current commit>` | Provides the link to the source code of CodiMD on the entry page (Please, make sure you change this when you run a modified version) |
+
+<sup>1</sup>: relative paths are based on CodiMD's base directory
diff --git a/docs/configuration-env-vars.md b/docs/configuration-env-vars.md
new file mode 100644
index 00000000..2823a402
--- /dev/null
+++ b/docs/configuration-env-vars.md
@@ -0,0 +1,113 @@
+# Configuration Using Environment variables
+
+You can choose to configure CodiMD with either a
+[config file](configuration-config-file.md) or with environment variables.
+Environment variables are processed in
+[`lib/config/environment.js`](lib/config/environment.js) - so this is the first
+place to look if anything is missing not obvious from this document.
+
+Environment variables take precedence over configurations from the config files.
+They generally start with `CMD_` for our own options, but we also list
+node-specific options you can configure this way.
+
+[//]: # (TODO split up into chunks)
+
+
+| variable | example value | description | default |
+| -------- | ------------- | ----------- | ------- |
+| `NODE_ENV` | `production` or `development` | set current environment (will apply corresponding settings in the `config.json`) |
+| `DEBUG` | `true` or `false` | set debug mode; show more logs |
+| `CMD_CONFIG_FILE` | `/path/to/config.json` | optional override for the path to CodiMD's config file |
+| `CMD_DOMAIN` | `codimd.org` | domain name |
+| `CMD_URL_PATH` | `codimd` | sub URL path, like `www.example.com/<URL_PATH>` |
+| `CMD_HOST` | `localhost` | host to listen on |
+| `CMD_PORT` | `80` | web app port |
+| `CMD_PATH` | `/var/run/codimd.sock` | path to UNIX domain socket to listen on (if specified, `CMD_HOST` and `CMD_PORT` are ignored) |
+| `CMD_LOGLEVEL` | `info` | Defines what kind of logs are provided to stdout. |
+| `CMD_ALLOW_ORIGIN` | `localhost, codimd.org` | domain name whitelist (use comma to separate) |
+| `CMD_PROTOCOL_USESSL` | `true` or `false` | set to use SSL protocol for resources path (only applied when domain is set) |
+| `CMD_URL_ADDPORT` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) |
+| `CMD_USECDN` | `true` or `false` | set to use CDN resources or not (default is `true`) |
+| `CMD_ALLOW_ANONYMOUS` | `true` or `false` | set to allow anonymous usage (default is `true`) |
+| `CMD_ALLOW_ANONYMOUS_EDITS` | `true` or `false` | if `allowAnonymous` is `true`, allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) |
+| `CMD_ALLOW_FREEURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL |
+| `CMD_FORBIDDEN_NODE_IDS` | `'robots.txt'` | disallow creation of notes, even if `CMD_ALLOW_FREEURL` is `true` |
+| `CMD_DEFAULT_PERMISSION` | `freely`, `editable`, `limited`, `locked` or `private` | set notes default permission (only applied on signed users) |
+| `CMD_DB_URL` | `mysql://localhost:3306/database` | set the database URL |
+| `CMD_SESSION_SECRET` | no example | Secret used to sign the session cookie. If non is set, one will randomly generated on startup |
+| `CMD_SESSION_LIFE` | `1209600000` | Session life time. (milliseconds) |
+| `CMD_FACEBOOK_CLIENTID` | no example | Facebook API client id |
+| `CMD_FACEBOOK_CLIENTSECRET` | no example | Facebook API client secret |
+| `CMD_TWITTER_CONSUMERKEY` | no example | Twitter API consumer key |
+| `CMD_TWITTER_CONSUMERSECRET` | no example | Twitter API consumer secret |
+| `CMD_GITHUB_CLIENTID` | no example | GitHub API client id |
+| `CMD_GITHUB_CLIENTSECRET` | no example | GitHub API client secret |
+| `CMD_GITLAB_SCOPE` | `read_user` or `api` | GitLab API requested scope (default is `api`) (GitLab snippet import/export need `api` scope) |
+| `CMD_GITLAB_BASEURL` | no example | GitLab authentication endpoint, set to use other endpoint than GitLab.com (optional) |
+| `CMD_GITLAB_CLIENTID` | no example | GitLab API client id |
+| `CMD_GITLAB_CLIENTSECRET` | no example | GitLab API client secret |
+| `CMD_GITLAB_VERSION` | no example | GitLab API version (v3 or v4) |
+| `CMD_MATTERMOST_BASEURL` | no example | Mattermost authentication endpoint for versions below 5.0. For Mattermost version 5.0 and above, see [guide](docs/guides/auth/mattermost-self-hosted.md). |
+| `CMD_MATTERMOST_CLIENTID` | no example | Mattermost API client id |
+| `CMD_MATTERMOST_CLIENTSECRET` | no example | Mattermost API client secret |
+| `CMD_DROPBOX_CLIENTID` | no example | Dropbox API client id |
+| `CMD_DROPBOX_CLIENTSECRET` | no example | Dropbox API client secret |
+| `CMD_GOOGLE_CLIENTID` | no example | Google API client id |
+| `CMD_GOOGLE_CLIENTSECRET` | no example | Google API client secret |
+| `CMD_LDAP_URL` | `ldap://example.com` | URL of LDAP server |
+| `CMD_LDAP_BINDDN` | no example | bindDn for LDAP access |
+| `CMD_LDAP_BINDCREDENTIALS` | no example | bindCredentials for LDAP access |
+| `CMD_LDAP_SEARCHBASE` | `o=users,dc=example,dc=com` | LDAP directory to begin search from |
+| `CMD_LDAP_SEARCHFILTER` | `(uid={{username}})` | LDAP filter to search with |
+| `CMD_LDAP_SEARCHATTRIBUTES` | `displayName, mail` | LDAP attributes to search with (use comma to separate) |
+| `CMD_LDAP_USERIDFIELD` | `uidNumber` or `uid` or `sAMAccountName` | The LDAP field which is used uniquely identify a user on CodiMD |
+| `CMD_LDAP_USERNAMEFIELD` | Fallback to userid | The LDAP field which is used as the username on CodiMD |
+| `CMD_LDAP_TLS_CA` | `server-cert.pem, root.pem` | Root CA for LDAP TLS in PEM format (use comma to separate) |
+| `CMD_LDAP_PROVIDERNAME` | `My institution` | Optional name to be displayed at login form indicating the LDAP provider |
+| `CMD_SAML_IDPSSOURL` | `https://idp.example.com/sso` | authentication endpoint of IdP. for details, see [guide](docs/guides/auth/saml-onelogin.md). |
+| `CMD_SAML_IDPCERT` | `/path/to/cert.pem` | certificate file path of IdP in PEM format |
+| `CMD_SAML_ISSUER` | no example | identity of the service provider (optional, default: serverurl)" |
+| `CMD_SAML_IDENTIFIERFORMAT` | no example | name identifier format (optional, default: `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress`) |
+| `CMD_SAML_GROUPATTRIBUTE` | `memberOf` | attribute name for group list (optional) |
+| `CMD_SAML_REQUIREDGROUPS` | `Hackmd-users` | group names that allowed (use vertical bar to separate) (optional) |
+| `CMD_SAML_EXTERNALGROUPS` | `Temporary-staff` | group names that not allowed (use vertical bar to separate) (optional) |
+| `CMD_SAML_ATTRIBUTE_ID` | `sAMAccountName` | attribute map for `id` (optional, default: NameID of SAML response) |
+| `CMD_SAML_ATTRIBUTE_USERNAME` | `mailNickname` | attribute map for `username` (optional, default: NameID of SAML response) |
+| `CMD_SAML_ATTRIBUTE_EMAIL` | `mail` | attribute map for `email` (optional, default: NameID of SAML response if `CMD_SAML_IDENTIFIERFORMAT` is default) |
+| `CMD_OAUTH2_USER_PROFILE_URL` | `https://example.com` | where retrieve information about a user after succesful login. Needs to output JSON. (no default value) Refer to the [Mattermost](docs/guides/auth/mattermost-self-hosted.md) or [Nextcloud](docs/guides/auth/nextcloud.md) examples for more details on all of the `CMD_OAUTH2...` options. |
+| `CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR` | `name` | where to find the username in the JSON from the user profile URL. (no default value)|
+| `CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR` | `display-name` | where to find the display-name in the JSON from the user profile URL. (no default value) |
+| `CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR` | `email` | where to find the email address in the JSON from the user profile URL. (no default value) |
+| `CMD_OAUTH2_TOKEN_URL` | `https://example.com` | sometimes called token endpoint, please refer to the documentation of your OAuth2 provider (no default value) |
+| `CMD_OAUTH2_AUTHORIZATION_URL` | `https://example.com` | authorization URL of your provider, please refer to the documentation of your OAuth2 provider (no default value) |
+| `CMD_OAUTH2_CLIENT_ID` | `afae02fckafd...` | you will get this from your OAuth2 provider when you register CodiMD as OAuth2-client, (no default value) |
+| `CMD_OAUTH2_CLIENT_SECRET` | `afae02fckafd...` | you will get this from your OAuth2 provider when you register CodiMD as OAuth2-client, (no default value) |
+| `CMD_OAUTH2_PROVIDERNAME` | `My institution` | Optional name to be displayed at login form indicating the oAuth2 provider |
+| `CMD_IMGUR_CLIENTID` | no example | Imgur API client id |
+| `CMD_EMAIL` | `true` or `false` | set to allow email signin |
+| `CMD_ALLOW_PDF_EXPORT` | `true` or `false` | Enable or disable PDF exports |
+| `CMD_ALLOW_EMAIL_REGISTER` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) |
+| `CMD_ALLOW_GRAVATAR` | `true` or `false` | set to `false` to disable gravatar as profile picture source on your instance |
+| `CMD_IMAGE_UPLOAD_TYPE` | `imgur`, `s3`, `minio` or `filesystem` | Where to upload images. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md) |
+| `CMD_S3_ACCESS_KEY_ID` | no example | AWS access key id |
+| `CMD_S3_SECRET_ACCESS_KEY` | no example | AWS secret key |
+| `CMD_S3_REGION` | `ap-northeast-1` | AWS S3 region |
+| `CMD_S3_BUCKET` | no example | AWS S3 bucket name |
+| `CMD_MINIO_ACCESS_KEY` | no example | Minio access key |
+| `CMD_MINIO_SECRET_KEY` | no example | Minio secret key |
+| `CMD_MINIO_ENDPOINT` | `minio.example.org` | Address of your Minio endpoint/instance |
+| `CMD_MINIO_PORT` | `9000` | Port that is used for your Minio instance |
+| `CMD_MINIO_SECURE` | `true` | If set to `true` HTTPS is used for Minio |
+| `CMD_AZURE_CONNECTION_STRING` | no example | Azure Blob Storage connection string |
+| `CMD_AZURE_CONTAINER` | no example | Azure Blob Storage container name (automatically created if non existent) |
+| `CMD_HSTS_ENABLE` | ` true` | set to enable [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) if HTTPS is also enabled (default is ` true`) |
+| `CMD_HSTS_INCLUDE_SUBDOMAINS` | `true` | set to include subdomains in HSTS (default is `true`) |
+| `CMD_HSTS_MAX_AGE` | `31536000` | max duration in seconds to tell clients to keep HSTS status (default is a year) |
+| `CMD_HSTS_PRELOAD` | `true` | whether to allow preloading of the site's HSTS status (e.g. into browsers) |
+| `CMD_CSP_ENABLE` | `true` | whether to enable Content Security Policy (directives cannot be configured with environment variables) |
+| `CMD_CSP_REPORTURI` | `https://<someid>.report-uri.com/r/d/csp/enforce` | Allows to add a URL for CSP reports in case of violations |
+| `CMD_SOURCE_URL` | `https://github.com/codimd/server/tree/<current commit>` | Provides the link to the source code of CodiMD on the entry page (Please, make sure you change this when you run a modified version) |
+
+**Note:** *Due to the rename process we renamed all `HMD_`-prefix variables to be `CMD_`-prefixed. The old ones continue to work.*
+
+**Note:** *relative paths are based on CodiMD's base directory*
diff --git a/docs/dev/getting-started.md b/docs/dev/getting-started.md
new file mode 100644
index 00000000..6eb1b136
--- /dev/null
+++ b/docs/dev/getting-started.md
@@ -0,0 +1,16 @@
+# Developer Notes
+
+## Structure
+
+```text
+codimd/
+├── test/ --- test suite
+├── docs/ --- documentation
+├── lib/ --- server libraries
+└── public/ --- client files
+ ├── css/ --- css styles
+ ├── docs/ --- default documents
+ ├── js/ --- js scripts
+ ├── vendor/ --- vendor includes
+ └── views/ --- view templates
+```
diff --git a/docs/dev/ot.md b/docs/dev/ot.md
new file mode 100644
index 00000000..71f7f78d
--- /dev/null
+++ b/docs/dev/ot.md
@@ -0,0 +1,6 @@
+## Operational Transformation
+
+From 0.3.2, we started supporting operational transformation.
+It makes concurrent editing safe and will not break up other users' operations.
+Additionally, now can show other clients' selections.
+See more at [http://operational-transformation.github.io/](http://operational-transformation.github.io/)
diff --git a/docs/guides/auth/github.md b/docs/guides/auth/github.md
index d6a1095e..482bca31 100644
--- a/docs/guides/auth/github.md
+++ b/docs/guides/auth/github.md
@@ -7,17 +7,17 @@ Authentication guide - GitHub
2. Navigate to developer settings in your GitHub account [here](https://github.com/settings/developers) and select the "OAuth Apps" tab
3. Click on the **New OAuth App** button, to create a new OAuth App:
-![create-oauth-app](../images/auth/create-oauth-app.png)
+![create-oauth-app](../../images/auth/create-oauth-app.png)
4. Fill out the new OAuth application registration form, and click **Register Application**
-![register-oauth-application-form](../images/auth/register-oauth-application-form.png)
+![register-oauth-application-form](../../images/auth/register-oauth-application-form.png)
*Note: The callback URL is <your-hackmd-url>/auth/github/callback*
5. After successfully registering the application, you'll receive the Client ID and Client Secret for the application
-![application-page](../images/auth/application-page.png)
+![application-page](../../images/auth/application-page.png)
6. Add the Client ID and Client Secret to your config.json file or pass them as environment variables
* config.json:
diff --git a/docs/guides/auth/gitlab-self-hosted.md b/docs/guides/auth/gitlab-self-hosted.md
index 60f62616..d19caf76 100644
--- a/docs/guides/auth/gitlab-self-hosted.md
+++ b/docs/guides/auth/gitlab-self-hosted.md
@@ -7,12 +7,12 @@
2. Navigate to the application management page at `https://your.gitlab.domain/admin/applications` (admin permissions required)
3. Click **New application** to create a new application and fill out the registration form:
-![New GitLab application](../images/auth/gitlab-new-application.png)
+![New GitLab application](../../images/auth/gitlab-new-application.png)
4. Click **Submit**
5. In the list of applications select **HackMD**. Leave that site open to copy the application ID and secret in the next step.
-![Application: HackMD](../images/auth/gitlab-application-details.png)
+![Application: HackMD](../../images/auth/gitlab-application-details.png)
6. In the `docker-compose.yml` add the following environment variables to `app:` `environment:`
@@ -29,4 +29,4 @@
7. Run `docker-compose up -d` to apply your settings.
8. Sign in to your HackMD using your GitLab ID:
-![Sign in via GitLab](../images/auth/gitlab-sign-in.png)
+![Sign in via GitLab](../../images/auth/gitlab-sign-in.png)
diff --git a/docs/guides/auth/mattermost-self-hosted.md b/docs/guides/auth/mattermost-self-hosted.md
index 631aabd3..e3050595 100644
--- a/docs/guides/auth/mattermost-self-hosted.md
+++ b/docs/guides/auth/mattermost-self-hosted.md
@@ -8,22 +8,22 @@ This guide uses the generic OAuth2 module for compatibility with Mattermost vers
1. Sign-in with an administrator account to your Mattermost instance
2. Make sure **OAuth 2.0 Service Provider** is enabled in the Main Menu (menu button next to your username in the top left corner) --> System Console --> Custom Integrations menu, which you can find at `https://your.mattermost.domain/admin_console/integrations/custom`
-![mattermost-enable-oauth2](../images/auth/mattermost-enable-oauth2.png)
+![mattermost-enable-oauth2](../../images/auth/mattermost-enable-oauth2.png)
3. Navigate to the OAuth integration settings through Main Menu --> Integrations --> OAuth 2.0 Applications, at `https://your.mattermost.domain/yourteam/integrations/oauth2-apps`
4. Click on the **Add OAuth 2.0 Application** button to add a new OAuth application
-![mattermost-oauth-app-add](../images/auth/mattermost-oauth-app-add.png)
+![mattermost-oauth-app-add](../../images/auth/mattermost-oauth-app-add.png)
5. Fill out the form and click **Save**
-![mattermost-oauth-app-form](../images/auth/mattermost-oauth-app-form.png)
+![mattermost-oauth-app-form](../../images/auth/mattermost-oauth-app-form.png)
*Note: The callback URL is \<your-codimd-url\>/auth/oauth2/callback*
6. After saving the application, you'll receive the Client ID and Client Secret
-![mattermost-oauth-app-done](../images/auth/mattermost-oauth-app-done.png)
+![mattermost-oauth-app-done](../../images/auth/mattermost-oauth-app-done.png)
7. Add the Client ID and Client Secret to your config.json file or pass them as environment variables
* config.json:
diff --git a/docs/guides/auth/nextcloud.md b/docs/guides/auth/nextcloud.md
index 108772dd..42db8b42 100644
--- a/docs/guides/auth/nextcloud.md
+++ b/docs/guides/auth/nextcloud.md
@@ -10,14 +10,14 @@ This guide uses the generic OAuth2 module for compatibility with Nextcloud 13 an
2. Navigate to the OAuth integration settings: Profile Icon (top right) --> Settings
Then choose Security Settings from the *Administration* part of the list - Don't confuse this with Personal Security Settings, where you would change your personal password!
At the top there's OAuth 2.0-Clients.
- ![Where to find OAuth2 in Nextcloud](../images/auth/nextcloud-oauth2-1-settings.png)
+ ![Where to find OAuth2 in Nextcloud](../../images/auth/nextcloud-oauth2-1-settings.png)
3. Add your CodiMD instance by giving it a *name* (perhaps CodiMD, but could be anything) and a *Redirection-URI*. The Redirection-URI will be `\<your-codimd-url\>/auth/oauth2/callback`. Click <kbd>Add</kbd>.
- ![Adding a client to Nextcloud](../images/auth/nextcloud-oauth2-2-client-add.png)
+ ![Adding a client to Nextcloud](../../images/auth/nextcloud-oauth2-2-client-add.png)
4. You'll now see a line containing a *client identifier* and a *Secret*.
- ![Successfully added OAuth2-client](../images/auth/nextcloud-oauth2-3-clientid-secret.png)
+ ![Successfully added OAuth2-client](../../images/auth/nextcloud-oauth2-3-clientid-secret.png)
5. That's it for Nextcloud, the rest is configured in your CodiMD `config.json` or via the `CMD_` environment variables!
diff --git a/docs/guides/auth/oauth.md b/docs/guides/auth/oauth.md
new file mode 100644
index 00000000..46314e26
--- /dev/null
+++ b/docs/guides/auth/oauth.md
@@ -0,0 +1,12 @@
+# OAuth general information
+
+| service | callback URL (after the server URL) |
+| ------- | --------- |
+| facebook | `/auth/facebook/callback` |
+| twitter | `/auth/twitter/callback` |
+| github | `/auth/github/callback` |
+| gitlab | `/auth/gitlab/callback` |
+| mattermost | `/auth/mattermost/callback` |
+| dropbox | `/auth/dropbox/callback` |
+| google | `/auth/google/callback` |
+| saml | `/auth/saml/callback` |
diff --git a/docs/guides/auth/saml-onelogin.md b/docs/guides/auth/saml-onelogin.md
index 02a5ffac..14ce61a5 100644
--- a/docs/guides/auth/saml-onelogin.md
+++ b/docs/guides/auth/saml-onelogin.md
@@ -7,15 +7,15 @@ Authentication guide - SAML (OneLogin)
2. Go to the administration page.
3. Select the **APPS** menu and click on the **Add Apps**.
-![onelogin-add-app](../images/auth/onelogin-add-app.png)
+![onelogin-add-app](../../images/auth/onelogin-add-app.png)
4. Find "SAML Test Connector (SP)" for template of settings and select it.
-![onelogin-select-template](../images/auth/onelogin-select-template.png)
+![onelogin-select-template](../../images/auth/onelogin-select-template.png)
5. Edit display name and icons for OneLogin dashboard as you want, and click **SAVE**.
-![onelogin-edit-app-name](../images/auth/onelogin-edit-app-name.png)
+![onelogin-edit-app-name](../../images/auth/onelogin-edit-app-name.png)
6. After that other tabs will appear, click the **Configuration**, and fill out the below items, and click **SAVE**.
* RelayState: The base URL of your hackmd, which is issuer. (last slash is not needed)
@@ -23,13 +23,13 @@ Authentication guide - SAML (OneLogin)
* ACS (Consumer) URL: same as above.
* Login URL: login URL(SAML requester) of your hackmd. (serverurl + /auth/saml)
-![onelogin-edit-sp-metadata](../images/auth/onelogin-edit-sp-metadata.png)
+![onelogin-edit-sp-metadata](../../images/auth/onelogin-edit-sp-metadata.png)
7. The registration is completed. Next, click **SSO** and copy or download the items below.
* X.509 Certificate: Click **View Details** and **DOWNLOAD** or copy the content of certificate ....(A)
* SAML 2.0 Endpoint (HTTP): Copy the URL ....(B)
-![onelogin-copy-idp-metadata](../images/auth/onelogin-copy-idp-metadata.png)
+![onelogin-copy-idp-metadata](../../images/auth/onelogin-copy-idp-metadata.png)
8. In your hackmd server, create IdP certificate file from (A)
9. Add the IdP URL (B) and the Idp certificate file path to your config.json file or pass them as environment variables.
@@ -51,4 +51,4 @@ Authentication guide - SAML (OneLogin)
````
10. Try sign-in with SAML from your hackmd sign-in button or OneLogin dashboard (like the screenshot below).
-![onelogin-use-dashboard](../images/auth/onelogin-use-dashboard.png)
+![onelogin-use-dashboard](../../images/auth/onelogin-use-dashboard.png)
diff --git a/docs/guides/auth/twitter.md b/docs/guides/auth/twitter.md
index 1b96288f..da35a4e3 100644
--- a/docs/guides/auth/twitter.md
+++ b/docs/guides/auth/twitter.md
@@ -7,11 +7,11 @@ Authentication guide - Twitter
2. Go to the Twitter Application management page [here](https://apps.twitter.com/)
3. Click on the **Create New App** button to create a new Twitter app:
-![create-twitter-app](../images/auth/create-twitter-app.png)
+![create-twitter-app](../../images/auth/create-twitter-app.png)
4. Fill out the create application form, check the developer agreement box, and click **Create Your Twitter Application**
-![register-twitter-application](../images/auth/register-twitter-application.png)
+![register-twitter-application](../../images/auth/register-twitter-application.png)
*Note: you may have to register your phone number with Twitter to create a Twitter application*
@@ -19,11 +19,11 @@ To do this Click your profile icon --> Settings and privacy --> Mobile --> Sele
5. After you receive confirmation that the Twitter application was created, click **Keys and Access Tokens**
-![twitter-app-confirmation](../images/auth/twitter-app-confirmation.png)
+![twitter-app-confirmation](../../images/auth/twitter-app-confirmation.png)
6. Obtain your Twitter Consumer Key and Consumer Secret
-![twitter-app-keys](../images/auth/twitter-app-keys.png)
+![twitter-app-keys](../../images/auth/twitter-app-keys.png)
7. Add your Consumer Key and Consumer Secret to your config.json file or pass them as environment variables:
* config.json:
diff --git a/docs/guides/migrations-and-breaking-changes.md b/docs/guides/migrations-and-breaking-changes.md
new file mode 100644
index 00000000..f5a416f6
--- /dev/null
+++ b/docs/guides/migrations-and-breaking-changes.md
@@ -0,0 +1,58 @@
+# Migrations and Notable Changes
+
+## Migrating to 1.3.2
+
+This is not a breaking change, but to stay up to date with the community
+repository, you may need to update a few urls. This is not a breaking change.
+
+See more at [issue #10](https://github.com/codimd/server/issues/10)
+
+**Native setup using git:**
+
+Change the upstream remote using `git remote set-url origin https://github.com/codimd/server.git`.
+
+**Docker:**
+
+When you use our [container repository](https://github.com/codimd/container)
+(which was previously `codimd-container`) all you can simply run `git pull` and
+your `docker-compose.yml` will be updated.
+
+When you setup things yourself, make sure you use the new image:
+[`quay.io/codimd/server`](https://quay.io/repository/codimd/server?tab=tags).
+
+**Heroku:**
+
+All you need to do is [disconnect GitHub](https://devcenter.heroku.com/articles/github-integration#disconnecting-from-github)
+and [reconnect it](https://devcenter.heroku.com/articles/github-integration#enabling-github-integration)
+with this new repository.
+
+Or you can use our Heroku button and redeploy your instance and link the old
+database again.
+
+## Migrating to 1.1.0
+
+We deprecated the older lower case config style and moved on to camel case style. Please have a look at the current `config.json.example` and check the warnings on startup.
+
+*Notice: This is not a breaking change right now but will be in the future*
+
+## Migrating to 0.5.0
+
+[**migration-to-0.5.0**](https://github.com/hackmdio/migration-to-0.5.0)
+
+We don't use LZString to compress socket.io data and DB data after version 0.5.0.
+Please run the migration tool if you're upgrading from the old version.
+
+## Migrating to 0.4.0
+
+[**migration-to-0.4.0**](https://github.com/hackmdio/migration-to-0.4.0)
+
+We've dropped MongoDB after version 0.4.0.
+So here is the migration tool for you to transfer the old DB data to the new DB.
+This tool is also used for official service.
+
+## Operational Transformation in 0.3.2
+
+From 0.3.2, we started supporting operational transformation.
+It makes concurrent editing safe and will not break up other users' operations.
+Additionally, now can show other clients' selections.
+See more at [http://operational-transformation.github.io/](http://operational-transformation.github.io/)
diff --git a/docs/guides/minio-image-upload.md b/docs/guides/minio-image-upload.md
index 7f5796ca..1544e249 100644
--- a/docs/guides/minio-image-upload.md
+++ b/docs/guides/minio-image-upload.md
@@ -22,22 +22,22 @@ Minio Guide for CodiMD
docker logs test-minio
```
- ![docker logs](images/minio-image-upload/docker-logs.png)
+ ![docker logs](../images/minio-image-upload/docker-logs.png)
3. Open http://localhost:9000 and login with the shown credentials.
- ![minio default view](images/minio-image-upload/default-view.png)
+ ![minio default view](../images/minio-image-upload/default-view.png)
4. Create a bucket for HackMD
- ![minio create bucket](images/minio-image-upload/create-bucket.png)
+ ![minio create bucket](../images/minio-image-upload/create-bucket.png)
5. Add a policy for the prefix `uploads` and make it read-only.
- ![minio edit policy](images/minio-image-upload/open-edit-policy.png)
+ ![minio edit policy](../images/minio-image-upload/open-edit-policy.png)
*Open policy editor*
- ![minio policy adding](images/minio-image-upload/create-policy.png)
+ ![minio policy adding](../images/minio-image-upload/create-policy.png)
*Add policy for uploads*
6. Set credentials and configs for Minio in HackMD's `config.json`
diff --git a/docs/guides/s3-image-upload.md b/docs/guides/s3-image-upload.md
index 40ab868a..29437019 100644
--- a/docs/guides/s3-image-upload.md
+++ b/docs/guides/s3-image-upload.md
@@ -4,15 +4,15 @@
1. Go to [AWS S3 console](https://console.aws.amazon.com/s3/home) and create a new bucket.
- ![create-bucket](images/s3-image-upload/create-bucket.png)
+ ![create-bucket](../images/s3-image-upload/create-bucket.png)
2. Click on bucket, select **Properties** on the side panel, and find **Permission** section. Click **Edit bucket policy**.
- ![bucket-property](images/s3-image-upload/bucket-property.png)
+ ![bucket-property](../images/s3-image-upload/bucket-property.png)
3. Enter the following policy, replace `bucket_name` with your bucket name:
- ![bucket-policy-editor](images/s3-image-upload/bucket-policy-editor.png)
+ ![bucket-policy-editor](../images/s3-image-upload/bucket-policy-editor.png)
```json
{
@@ -32,15 +32,15 @@
5. Enter user page, select **Permission** tab, look at **Inline Policies** section, and click **Create User Policy**
- ![iam-user](images/s3-image-upload/iam-user.png)
+ ![iam-user](../images/s3-image-upload/iam-user.png)
6. Select **Custom Policy**
- ![custom-policy](images/s3-image-upload/custom-policy.png)
+ ![custom-policy](../images/s3-image-upload/custom-policy.png)
7. Enter the following policy, replace `bucket_name` with your bucket name:
- ![review-policy](images/s3-image-upload/review-policy.png)
+ ![review-policy](../images/s3-image-upload/review-policy.png)
```json
{
diff --git a/docs/history.md b/docs/history.md
new file mode 100644
index 00000000..b1dfde8a
--- /dev/null
+++ b/docs/history.md
@@ -0,0 +1,39 @@
+# History of CodiMD
+
+## It started with HackMD
+
+HackMD is the origin of this project, which was mostly developed by Max Wu and
+Yukai Huang. Originally, this was open source under MIT license, but was
+[relicensed in October 2017 to be AGPLv3](https://github.com/hackmdio/codimd/pull/578).
+At the same time, [hackmd.io](https://hackmd.io) was founded to offer a
+commercial version of HackMD.
+
+The AGPLv3-version was developed and released by the community, this was for a
+while referred to as "HackMD community edition".
+
+*For more on the splitting of the projects, please refer to [A note to our community (2017-10-11)](https://hackmd.io/c/community-news/https%3A%2F%2Fhackmd.io%2Fs%2Fr1_4j9_hZ).*
+
+
+## HackMD CE became CodiMD
+
+In June 2018, CodiMD was renamed from its former name "HackMD" and continued to
+be developed under AGPLv3 by the community. We decided to change the name to
+break the confusion between HackMD (enterprise offering) and CodiMD (community
+project), as people mistook it for an open core development model.
+
+*For the whole renaming story, see the [issue where the renaming was discussed](https://github.com/hackmdio/hackmd/issues/720).*
+
+
+## CodiMD went independent
+
+In March 2019, a discussion over licensing, governance and the future of CodiMD
+lead to the formation of a distinct GitHub organization. Up to that point, the
+community project resided in the organization of hackmdio but was for the most
+part self-organized.
+
+During that debate, we did not reach an agreement that would have allowed us to
+move the repository, so we simply forked it. We still welcome the HackMD team
+as part of our community, especially since a large portion of this code base
+originated with them.
+
+*For the debate that lead to this step, please refer to the [governance debate](https://github.com/hackmdio/hackmd/issues/1170) and [the announcement of the new repository](https://github.com/codimd/server/issues/10).*
diff --git a/docs/images/CodiMD-1.3.2-features.png b/docs/images/CodiMD-1.3.2-features.png
new file mode 100644
index 00000000..952efe30
--- /dev/null
+++ b/docs/images/CodiMD-1.3.2-features.png
Binary files differ
diff --git a/docs/guides/images/auth/application-page.png b/docs/images/auth/application-page.png
index a57da017..a57da017 100644
--- a/docs/guides/images/auth/application-page.png
+++ b/docs/images/auth/application-page.png
Binary files differ
diff --git a/docs/guides/images/auth/create-oauth-app.png b/docs/images/auth/create-oauth-app.png
index 07d0b511..07d0b511 100644
--- a/docs/guides/images/auth/create-oauth-app.png
+++ b/docs/images/auth/create-oauth-app.png
Binary files differ
diff --git a/docs/guides/images/auth/create-twitter-app.png b/docs/images/auth/create-twitter-app.png
index c555464e..c555464e 100644
--- a/docs/guides/images/auth/create-twitter-app.png
+++ b/docs/images/auth/create-twitter-app.png
Binary files differ
diff --git a/docs/guides/images/auth/gitlab-application-details.png b/docs/images/auth/gitlab-application-details.png
index 6e042886..6e042886 100644
--- a/docs/guides/images/auth/gitlab-application-details.png
+++ b/docs/images/auth/gitlab-application-details.png
Binary files differ
diff --git a/docs/guides/images/auth/gitlab-new-application.png b/docs/images/auth/gitlab-new-application.png
index be9e4446..be9e4446 100644
--- a/docs/guides/images/auth/gitlab-new-application.png
+++ b/docs/images/auth/gitlab-new-application.png
Binary files differ
diff --git a/docs/guides/images/auth/gitlab-sign-in.png b/docs/images/auth/gitlab-sign-in.png
index 27aaf6dd..27aaf6dd 100644
--- a/docs/guides/images/auth/gitlab-sign-in.png
+++ b/docs/images/auth/gitlab-sign-in.png
Binary files differ
diff --git a/docs/guides/images/auth/mattermost-enable-oauth2.png b/docs/images/auth/mattermost-enable-oauth2.png
index af5cdbe2..af5cdbe2 100644
--- a/docs/guides/images/auth/mattermost-enable-oauth2.png
+++ b/docs/images/auth/mattermost-enable-oauth2.png
Binary files differ
diff --git a/docs/guides/images/auth/mattermost-oauth-app-add.png b/docs/images/auth/mattermost-oauth-app-add.png
index 4a8cdfa7..4a8cdfa7 100644
--- a/docs/guides/images/auth/mattermost-oauth-app-add.png
+++ b/docs/images/auth/mattermost-oauth-app-add.png
Binary files differ
diff --git a/docs/guides/images/auth/mattermost-oauth-app-done.png b/docs/images/auth/mattermost-oauth-app-done.png
index fcf1beaf..fcf1beaf 100644
--- a/docs/guides/images/auth/mattermost-oauth-app-done.png
+++ b/docs/images/auth/mattermost-oauth-app-done.png
Binary files differ
diff --git a/docs/guides/images/auth/mattermost-oauth-app-form.png b/docs/images/auth/mattermost-oauth-app-form.png
index 215947bf..215947bf 100644
--- a/docs/guides/images/auth/mattermost-oauth-app-form.png
+++ b/docs/images/auth/mattermost-oauth-app-form.png
Binary files differ
diff --git a/docs/guides/images/auth/nextcloud-oauth2-1-settings.png b/docs/images/auth/nextcloud-oauth2-1-settings.png
index 82652a54..82652a54 100644
--- a/docs/guides/images/auth/nextcloud-oauth2-1-settings.png
+++ b/docs/images/auth/nextcloud-oauth2-1-settings.png
Binary files differ
diff --git a/docs/guides/images/auth/nextcloud-oauth2-2-client-add.png b/docs/images/auth/nextcloud-oauth2-2-client-add.png
index 7909fa62..7909fa62 100644
--- a/docs/guides/images/auth/nextcloud-oauth2-2-client-add.png
+++ b/docs/images/auth/nextcloud-oauth2-2-client-add.png
Binary files differ
diff --git a/docs/guides/images/auth/nextcloud-oauth2-3-clientid-secret.png b/docs/images/auth/nextcloud-oauth2-3-clientid-secret.png
index b05513d1..b05513d1 100644
--- a/docs/guides/images/auth/nextcloud-oauth2-3-clientid-secret.png
+++ b/docs/images/auth/nextcloud-oauth2-3-clientid-secret.png
Binary files differ
diff --git a/docs/guides/images/auth/onelogin-add-app.png b/docs/images/auth/onelogin-add-app.png
index 356bb852..356bb852 100644
--- a/docs/guides/images/auth/onelogin-add-app.png
+++ b/docs/images/auth/onelogin-add-app.png
Binary files differ
diff --git a/docs/guides/images/auth/onelogin-copy-idp-metadata.png b/docs/images/auth/onelogin-copy-idp-metadata.png
index 7185f537..7185f537 100644
--- a/docs/guides/images/auth/onelogin-copy-idp-metadata.png
+++ b/docs/images/auth/onelogin-copy-idp-metadata.png
Binary files differ
diff --git a/docs/guides/images/auth/onelogin-edit-app-name.png b/docs/images/auth/onelogin-edit-app-name.png
index 634d1916..634d1916 100644
--- a/docs/guides/images/auth/onelogin-edit-app-name.png
+++ b/docs/images/auth/onelogin-edit-app-name.png
Binary files differ
diff --git a/docs/guides/images/auth/onelogin-edit-sp-metadata.png b/docs/images/auth/onelogin-edit-sp-metadata.png
index 111580b1..111580b1 100644
--- a/docs/guides/images/auth/onelogin-edit-sp-metadata.png
+++ b/docs/images/auth/onelogin-edit-sp-metadata.png
Binary files differ
diff --git a/docs/guides/images/auth/onelogin-select-template.png b/docs/images/auth/onelogin-select-template.png
index 13401816..13401816 100644
--- a/docs/guides/images/auth/onelogin-select-template.png
+++ b/docs/images/auth/onelogin-select-template.png
Binary files differ
diff --git a/docs/guides/images/auth/onelogin-use-dashboard.png b/docs/images/auth/onelogin-use-dashboard.png
index ea9038ff..ea9038ff 100644
--- a/docs/guides/images/auth/onelogin-use-dashboard.png
+++ b/docs/images/auth/onelogin-use-dashboard.png
Binary files differ
diff --git a/docs/guides/images/auth/register-oauth-application-form.png b/docs/images/auth/register-oauth-application-form.png
index bd27fd70..bd27fd70 100644
--- a/docs/guides/images/auth/register-oauth-application-form.png
+++ b/docs/images/auth/register-oauth-application-form.png
Binary files differ
diff --git a/docs/guides/images/auth/register-twitter-application.png b/docs/images/auth/register-twitter-application.png
index 442eb680..442eb680 100644
--- a/docs/guides/images/auth/register-twitter-application.png
+++ b/docs/images/auth/register-twitter-application.png
Binary files differ
diff --git a/docs/guides/images/auth/twitter-app-confirmation.png b/docs/images/auth/twitter-app-confirmation.png
index e24e9d56..e24e9d56 100644
--- a/docs/guides/images/auth/twitter-app-confirmation.png
+++ b/docs/images/auth/twitter-app-confirmation.png
Binary files differ
diff --git a/docs/guides/images/auth/twitter-app-keys.png b/docs/images/auth/twitter-app-keys.png
index e13be110..e13be110 100644
--- a/docs/guides/images/auth/twitter-app-keys.png
+++ b/docs/images/auth/twitter-app-keys.png
Binary files differ
diff --git a/docs/guides/images/minio-image-upload/create-bucket.png b/docs/images/minio-image-upload/create-bucket.png
index ccfb6715..ccfb6715 100644
--- a/docs/guides/images/minio-image-upload/create-bucket.png
+++ b/docs/images/minio-image-upload/create-bucket.png
Binary files differ
diff --git a/docs/guides/images/minio-image-upload/create-policy.png b/docs/images/minio-image-upload/create-policy.png
index f9cbd3bf..f9cbd3bf 100644
--- a/docs/guides/images/minio-image-upload/create-policy.png
+++ b/docs/images/minio-image-upload/create-policy.png
Binary files differ
diff --git a/docs/guides/images/minio-image-upload/default-view.png b/docs/images/minio-image-upload/default-view.png
index fadb50a4..fadb50a4 100644
--- a/docs/guides/images/minio-image-upload/default-view.png
+++ b/docs/images/minio-image-upload/default-view.png
Binary files differ
diff --git a/docs/guides/images/minio-image-upload/docker-logs.png b/docs/images/minio-image-upload/docker-logs.png
index a25f349a..a25f349a 100644
--- a/docs/guides/images/minio-image-upload/docker-logs.png
+++ b/docs/images/minio-image-upload/docker-logs.png
Binary files differ
diff --git a/docs/guides/images/minio-image-upload/open-edit-policy.png b/docs/images/minio-image-upload/open-edit-policy.png
index 1dac7bea..1dac7bea 100644
--- a/docs/guides/images/minio-image-upload/open-edit-policy.png
+++ b/docs/images/minio-image-upload/open-edit-policy.png
Binary files differ
diff --git a/docs/guides/images/s3-image-upload/bucket-policy-editor.png b/docs/images/s3-image-upload/bucket-policy-editor.png
index d5f4427f..d5f4427f 100644
--- a/docs/guides/images/s3-image-upload/bucket-policy-editor.png
+++ b/docs/images/s3-image-upload/bucket-policy-editor.png
Binary files differ
diff --git a/docs/guides/images/s3-image-upload/bucket-property.png b/docs/images/s3-image-upload/bucket-property.png
index 9f4dc828..9f4dc828 100644
--- a/docs/guides/images/s3-image-upload/bucket-property.png
+++ b/docs/images/s3-image-upload/bucket-property.png
Binary files differ
diff --git a/docs/guides/images/s3-image-upload/create-bucket.png b/docs/images/s3-image-upload/create-bucket.png
index 925f0926..925f0926 100644
--- a/docs/guides/images/s3-image-upload/create-bucket.png
+++ b/docs/images/s3-image-upload/create-bucket.png
Binary files differ
diff --git a/docs/guides/images/s3-image-upload/custom-policy.png b/docs/images/s3-image-upload/custom-policy.png
index 01c570cd..01c570cd 100644
--- a/docs/guides/images/s3-image-upload/custom-policy.png
+++ b/docs/images/s3-image-upload/custom-policy.png
Binary files differ
diff --git a/docs/guides/images/s3-image-upload/iam-user.png b/docs/images/s3-image-upload/iam-user.png
index b26be122..b26be122 100644
--- a/docs/guides/images/s3-image-upload/iam-user.png
+++ b/docs/images/s3-image-upload/iam-user.png
Binary files differ
diff --git a/docs/guides/images/s3-image-upload/review-policy.png b/docs/images/s3-image-upload/review-policy.png
index 7173788a..7173788a 100644
--- a/docs/guides/images/s3-image-upload/review-policy.png
+++ b/docs/images/s3-image-upload/review-policy.png
Binary files differ
diff --git a/docs/setup/cloudron.md b/docs/setup/cloudron.md
new file mode 100644
index 00000000..edab7d0d
--- /dev/null
+++ b/docs/setup/cloudron.md
@@ -0,0 +1,5 @@
+## Cloudron
+
+Install CodiMD on [Cloudron](https://cloudron.io):
+
+[![Install](https://cloudron.io/img/button.svg)](https://cloudron.io/button.html?app=io.hackmd.cloudronapp)
diff --git a/docs/setup/docker.md b/docs/setup/docker.md
new file mode 100644
index 00000000..defe467a
--- /dev/null
+++ b/docs/setup/docker.md
@@ -0,0 +1,22 @@
+
+## CodiMD by docker container
+[![Try in PWD](https://cdn.rawgit.com/play-with-docker/stacks/cff22438/assets/images/button.png)](http://play-with-docker.com?stack=https://github.com/codimd/container/raw/master/docker-compose.yml&stack_name=codimd)
+
+
+**Debian-based version:**
+
+[![Docker Repository on Quay](https://quay.io/repository/codimd/server/status "Docker Repository on Quay")](https://quay.io/repository/codimd/server)
+
+
+**Alpine-based version:**
+
+[![Docker Repository on Quay](https://quay.io/repository/codimd/server/status "Docker Repository on Quay")](https://quay.io/repository/codimd/server)
+
+The easiest way to setup CodiMD using docker are using the following three commands:
+
+```console
+git clone https://github.com/codimd/container.git
+cd codimd-container
+docker-compose up
+```
+Read more about it in the [container repository…](https://github.com/codimd/container)
diff --git a/docs/setup/heroku.md b/docs/setup/heroku.md
new file mode 100644
index 00000000..86b4ecae
--- /dev/null
+++ b/docs/setup/heroku.md
@@ -0,0 +1,6 @@
+## Heroku Deployment
+
+You can quickly setup a sample Heroku CodiMD application by clicking the button
+below.
+
+[![Deploy on Heroku](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy?template=https://github.com/codimd/server/tree/master)
diff --git a/docs/setup/kubernetes.md b/docs/setup/kubernetes.md
new file mode 100644
index 00000000..400e2b4f
--- /dev/null
+++ b/docs/setup/kubernetes.md
@@ -0,0 +1,5 @@
+## Kubernetes
+
+To install use `helm install stable/hackmd`.
+
+For all further details, please check out the offical CodiMD [K8s helm chart](https://github.com/kubernetes/charts/tree/master/stable/hackmd).
diff --git a/docs/setup/manual-setup.md b/docs/setup/manual-setup.md
new file mode 100644
index 00000000..25869ee0
--- /dev/null
+++ b/docs/setup/manual-setup.md
@@ -0,0 +1,37 @@
+# Manual Installation
+
+## Requirements on your server
+
+- Node.js 6.x or up (test up to 7.5.0) and <10.x
+- Database (PostgreSQL, MySQL, MariaDB, SQLite, MSSQL) use charset `utf8`
+- npm (and its dependencies, [node-gyp](https://github.com/nodejs/node-gyp#installation))
+- `libssl-dev` for building scrypt (see [here](https://github.com/ml1nk/node-scrypt/blob/master/README.md#installation-instructions) for further information)
+- For **building** CodiMD we recommend to use a machine with at least **2GB** RAM
+
+## Instructions
+
+1. Download a release and unzip or clone into a directory
+2. Enter the directory and type `bin/setup`, which will install npm dependencies and create configs. The setup script is written in Bash, you would need bash as a prerequisite.
+3. Setup the configs, see more below
+4. Setup environment variables which will overwrite the configs
+5. Build front-end bundle by `npm run build` (use `npm run dev` if you are in development)
+6. Modify the file named `.sequelizerc`, change the value of the variable `url` with your db connection string
+ For example: `postgres://username:password@localhost:5432/codimd`
+7. Run `node_modules/.bin/sequelize db:migrate`, this step will migrate your db to the latest schema
+8. Run the server as you like (node, forever, pm2)
+
+
+## How to upgrade your installation
+
+:warning: When you are still running from the old repository, please run: `git remote set-url origin https://github.com/codimd/server.git` :warning:
+
+If you are upgrading CodiMD from an older version, follow these steps:
+
+1. Fully stop your old server first (important)
+2. `git pull` or do whatever that updates the files
+3. `npm install` to update dependencies
+4. Build front-end bundle by `npm run build` (use `npm run dev` if you are in development)
+5. Modify the file named `.sequelizerc`, change the value of the variable `url` with your db connection string
+ For example: `postgres://username:password@localhost:5432/codimd`
+6. Run `node_modules/.bin/sequelize db:migrate`, this step will migrate your db to the latest schema
+7. Start your whole new server!