From edf301cfa320cce48eaf055a57f416bc1aa6ee1e Mon Sep 17 00:00:00 2001 From: Claudius Date: Sun, 31 Mar 2019 16:02:05 +0200 Subject: splitting README.md into files in /docs for better readability Signed-off-by: Claudius --- README.md | 381 +++------------------ docs/configuration-config-file.md | 64 ++++ docs/configuration-env-vars.md | 113 ++++++ docs/dev/getting-started.md | 16 + docs/dev/ot.md | 6 + docs/guides/auth/github.md | 6 +- docs/guides/auth/gitlab-self-hosted.md | 6 +- docs/guides/auth/mattermost-self-hosted.md | 8 +- docs/guides/auth/nextcloud.md | 6 +- docs/guides/auth/oauth.md | 12 + docs/guides/auth/saml-onelogin.md | 12 +- docs/guides/auth/twitter.md | 8 +- docs/guides/images/auth/application-page.png | Bin 123152 -> 0 bytes docs/guides/images/auth/create-oauth-app.png | Bin 27920 -> 0 bytes docs/guides/images/auth/create-twitter-app.png | Bin 115406 -> 0 bytes .../images/auth/gitlab-application-details.png | Bin 30378 -> 0 bytes docs/guides/images/auth/gitlab-new-application.png | Bin 45457 -> 0 bytes docs/guides/images/auth/gitlab-sign-in.png | Bin 5590 -> 0 bytes .../images/auth/mattermost-enable-oauth2.png | Bin 26034 -> 0 bytes .../images/auth/mattermost-oauth-app-add.png | Bin 21443 -> 0 bytes .../images/auth/mattermost-oauth-app-done.png | Bin 31767 -> 0 bytes .../images/auth/mattermost-oauth-app-form.png | Bin 62160 -> 0 bytes .../images/auth/nextcloud-oauth2-1-settings.png | Bin 47047 -> 0 bytes .../images/auth/nextcloud-oauth2-2-client-add.png | Bin 11684 -> 0 bytes .../auth/nextcloud-oauth2-3-clientid-secret.png | Bin 13428 -> 0 bytes docs/guides/images/auth/onelogin-add-app.png | Bin 40519 -> 0 bytes .../images/auth/onelogin-copy-idp-metadata.png | Bin 239493 -> 0 bytes docs/guides/images/auth/onelogin-edit-app-name.png | Bin 122369 -> 0 bytes .../images/auth/onelogin-edit-sp-metadata.png | Bin 184470 -> 0 bytes .../images/auth/onelogin-select-template.png | Bin 73244 -> 0 bytes docs/guides/images/auth/onelogin-use-dashboard.png | Bin 27216 -> 0 bytes .../auth/register-oauth-application-form.png | Bin 61453 -> 0 bytes .../images/auth/register-twitter-application.png | Bin 202414 -> 0 bytes .../images/auth/twitter-app-confirmation.png | Bin 191064 -> 0 bytes docs/guides/images/auth/twitter-app-keys.png | Bin 162703 -> 0 bytes .../images/minio-image-upload/create-bucket.png | Bin 15207 -> 0 bytes .../images/minio-image-upload/create-policy.png | Bin 21156 -> 0 bytes .../images/minio-image-upload/default-view.png | Bin 13061 -> 0 bytes .../images/minio-image-upload/docker-logs.png | Bin 73263 -> 0 bytes .../images/minio-image-upload/open-edit-policy.png | Bin 17514 -> 0 bytes .../s3-image-upload/bucket-policy-editor.png | Bin 54641 -> 0 bytes .../images/s3-image-upload/bucket-property.png | Bin 71762 -> 0 bytes .../images/s3-image-upload/create-bucket.png | Bin 70260 -> 0 bytes .../images/s3-image-upload/custom-policy.png | Bin 55804 -> 0 bytes docs/guides/images/s3-image-upload/iam-user.png | Bin 91526 -> 0 bytes .../images/s3-image-upload/review-policy.png | Bin 100067 -> 0 bytes docs/guides/migrations-and-breaking-changes.md | 58 ++++ docs/guides/minio-image-upload.md | 10 +- docs/guides/s3-image-upload.md | 12 +- docs/history.md | 39 +++ docs/images/CodiMD-1.3.2-features.png | Bin 0 -> 81971 bytes docs/images/auth/application-page.png | Bin 0 -> 123152 bytes docs/images/auth/create-oauth-app.png | Bin 0 -> 27920 bytes docs/images/auth/create-twitter-app.png | Bin 0 -> 115406 bytes docs/images/auth/gitlab-application-details.png | Bin 0 -> 30378 bytes docs/images/auth/gitlab-new-application.png | Bin 0 -> 45457 bytes docs/images/auth/gitlab-sign-in.png | Bin 0 -> 5590 bytes docs/images/auth/mattermost-enable-oauth2.png | Bin 0 -> 26034 bytes docs/images/auth/mattermost-oauth-app-add.png | Bin 0 -> 21443 bytes docs/images/auth/mattermost-oauth-app-done.png | Bin 0 -> 31767 bytes docs/images/auth/mattermost-oauth-app-form.png | Bin 0 -> 62160 bytes docs/images/auth/nextcloud-oauth2-1-settings.png | Bin 0 -> 47047 bytes docs/images/auth/nextcloud-oauth2-2-client-add.png | Bin 0 -> 11684 bytes .../auth/nextcloud-oauth2-3-clientid-secret.png | Bin 0 -> 13428 bytes docs/images/auth/onelogin-add-app.png | Bin 0 -> 40519 bytes docs/images/auth/onelogin-copy-idp-metadata.png | Bin 0 -> 239493 bytes docs/images/auth/onelogin-edit-app-name.png | Bin 0 -> 122369 bytes docs/images/auth/onelogin-edit-sp-metadata.png | Bin 0 -> 184470 bytes docs/images/auth/onelogin-select-template.png | Bin 0 -> 73244 bytes docs/images/auth/onelogin-use-dashboard.png | Bin 0 -> 27216 bytes .../auth/register-oauth-application-form.png | Bin 0 -> 61453 bytes docs/images/auth/register-twitter-application.png | Bin 0 -> 202414 bytes docs/images/auth/twitter-app-confirmation.png | Bin 0 -> 191064 bytes docs/images/auth/twitter-app-keys.png | Bin 0 -> 162703 bytes docs/images/minio-image-upload/create-bucket.png | Bin 0 -> 15207 bytes docs/images/minio-image-upload/create-policy.png | Bin 0 -> 21156 bytes docs/images/minio-image-upload/default-view.png | Bin 0 -> 13061 bytes docs/images/minio-image-upload/docker-logs.png | Bin 0 -> 73263 bytes .../images/minio-image-upload/open-edit-policy.png | Bin 0 -> 17514 bytes .../s3-image-upload/bucket-policy-editor.png | Bin 0 -> 54641 bytes docs/images/s3-image-upload/bucket-property.png | Bin 0 -> 71762 bytes docs/images/s3-image-upload/create-bucket.png | Bin 0 -> 70260 bytes docs/images/s3-image-upload/custom-policy.png | Bin 0 -> 55804 bytes docs/images/s3-image-upload/iam-user.png | Bin 0 -> 91526 bytes docs/images/s3-image-upload/review-policy.png | Bin 0 -> 100067 bytes docs/setup/cloudron.md | 5 + docs/setup/docker.md | 22 ++ docs/setup/heroku.md | 6 + docs/setup/kubernetes.md | 5 + docs/setup/manual-setup.md | 37 ++ 90 files changed, 458 insertions(+), 374 deletions(-) create mode 100644 docs/configuration-config-file.md create mode 100644 docs/configuration-env-vars.md create mode 100644 docs/dev/getting-started.md create mode 100644 docs/dev/ot.md create mode 100644 docs/guides/auth/oauth.md delete mode 100644 docs/guides/images/auth/application-page.png delete mode 100644 docs/guides/images/auth/create-oauth-app.png delete mode 100644 docs/guides/images/auth/create-twitter-app.png delete mode 100644 docs/guides/images/auth/gitlab-application-details.png delete mode 100644 docs/guides/images/auth/gitlab-new-application.png delete mode 100644 docs/guides/images/auth/gitlab-sign-in.png delete mode 100644 docs/guides/images/auth/mattermost-enable-oauth2.png delete mode 100644 docs/guides/images/auth/mattermost-oauth-app-add.png delete mode 100644 docs/guides/images/auth/mattermost-oauth-app-done.png delete mode 100644 docs/guides/images/auth/mattermost-oauth-app-form.png delete mode 100644 docs/guides/images/auth/nextcloud-oauth2-1-settings.png delete mode 100644 docs/guides/images/auth/nextcloud-oauth2-2-client-add.png delete mode 100644 docs/guides/images/auth/nextcloud-oauth2-3-clientid-secret.png delete mode 100644 docs/guides/images/auth/onelogin-add-app.png delete mode 100644 docs/guides/images/auth/onelogin-copy-idp-metadata.png delete mode 100644 docs/guides/images/auth/onelogin-edit-app-name.png delete mode 100644 docs/guides/images/auth/onelogin-edit-sp-metadata.png delete mode 100644 docs/guides/images/auth/onelogin-select-template.png delete mode 100644 docs/guides/images/auth/onelogin-use-dashboard.png delete mode 100644 docs/guides/images/auth/register-oauth-application-form.png delete mode 100644 docs/guides/images/auth/register-twitter-application.png delete mode 100644 docs/guides/images/auth/twitter-app-confirmation.png delete mode 100644 docs/guides/images/auth/twitter-app-keys.png delete mode 100644 docs/guides/images/minio-image-upload/create-bucket.png delete mode 100644 docs/guides/images/minio-image-upload/create-policy.png delete mode 100644 docs/guides/images/minio-image-upload/default-view.png delete mode 100644 docs/guides/images/minio-image-upload/docker-logs.png delete mode 100644 docs/guides/images/minio-image-upload/open-edit-policy.png delete mode 100644 docs/guides/images/s3-image-upload/bucket-policy-editor.png delete mode 100644 docs/guides/images/s3-image-upload/bucket-property.png delete mode 100644 docs/guides/images/s3-image-upload/create-bucket.png delete mode 100644 docs/guides/images/s3-image-upload/custom-policy.png delete mode 100644 docs/guides/images/s3-image-upload/iam-user.png delete mode 100644 docs/guides/images/s3-image-upload/review-policy.png create mode 100644 docs/guides/migrations-and-breaking-changes.md create mode 100644 docs/history.md create mode 100644 docs/images/CodiMD-1.3.2-features.png create mode 100644 docs/images/auth/application-page.png create mode 100644 docs/images/auth/create-oauth-app.png create mode 100644 docs/images/auth/create-twitter-app.png create mode 100644 docs/images/auth/gitlab-application-details.png create mode 100644 docs/images/auth/gitlab-new-application.png create mode 100644 docs/images/auth/gitlab-sign-in.png create mode 100644 docs/images/auth/mattermost-enable-oauth2.png create mode 100644 docs/images/auth/mattermost-oauth-app-add.png create mode 100644 docs/images/auth/mattermost-oauth-app-done.png create mode 100644 docs/images/auth/mattermost-oauth-app-form.png create mode 100644 docs/images/auth/nextcloud-oauth2-1-settings.png create mode 100644 docs/images/auth/nextcloud-oauth2-2-client-add.png create mode 100644 docs/images/auth/nextcloud-oauth2-3-clientid-secret.png create mode 100644 docs/images/auth/onelogin-add-app.png create mode 100644 docs/images/auth/onelogin-copy-idp-metadata.png create mode 100644 docs/images/auth/onelogin-edit-app-name.png create mode 100644 docs/images/auth/onelogin-edit-sp-metadata.png create mode 100644 docs/images/auth/onelogin-select-template.png create mode 100644 docs/images/auth/onelogin-use-dashboard.png create mode 100644 docs/images/auth/register-oauth-application-form.png create mode 100644 docs/images/auth/register-twitter-application.png create mode 100644 docs/images/auth/twitter-app-confirmation.png create mode 100644 docs/images/auth/twitter-app-keys.png create mode 100644 docs/images/minio-image-upload/create-bucket.png create mode 100644 docs/images/minio-image-upload/create-policy.png create mode 100644 docs/images/minio-image-upload/default-view.png create mode 100644 docs/images/minio-image-upload/docker-logs.png create mode 100644 docs/images/minio-image-upload/open-edit-policy.png create mode 100644 docs/images/s3-image-upload/bucket-policy-editor.png create mode 100644 docs/images/s3-image-upload/bucket-property.png create mode 100644 docs/images/s3-image-upload/create-bucket.png create mode 100644 docs/images/s3-image-upload/custom-policy.png create mode 100644 docs/images/s3-image-upload/iam-user.png create mode 100644 docs/images/s3-image-upload/review-policy.png create mode 100644 docs/setup/cloudron.md create mode 100644 docs/setup/docker.md create mode 100644 docs/setup/heroku.md create mode 100644 docs/setup/kubernetes.md create mode 100644 docs/setup/manual-setup.md diff --git a/README.md b/README.md index 75f11e87..6e4d349f 100644 --- a/README.md +++ b/README.md @@ -7,371 +7,71 @@ CodiMD [![POEditor][poeditor-image]][poeditor-url] CodiMD lets you create real-time collaborative markdown notes on all platforms. -Inspired by Hackpad, with more focus on speed and flexibility, and build from [HackMD](https://hackmd.io) source code. -Feel free to contribute. +It is inspired by Hackpad, Etherpad and similar collaborative editors. This +project originated with the team at [HackMD](https://hackmd.io) and now forked +into its own organisation. [A longer writeup can be read in the history doc](docs/history.md). -Thanks for using! :smile: +![CodiMD 1.3.2 with its feature demonstration page open](docs/images/CodiMD-1.3.2-features.png) - - -# Table of Contents -- [HackMD CE became CodiMD](#hackmd-ce-became-codimd) -- [Browsers Requirement](#browsers-requirement) -- [Installation](#installation) - - [Getting started (Native install)](#getting-started-native-install) - - [Prerequisite](#prerequisite) - - [Instructions](#instructions) - - [Heroku Deployment](#heroku-deployment) - - [Kubernetes](#kubernetes) - - [CodiMD by docker container](#codimd-by-docker-container) - - [Cloudron](#cloudron) -- [Upgrade](#upgrade) - - [Native setup](#native-setup) -- [Configuration](#configuration) - - [Environment variables (will overwrite other server configs)](#environment-variables-will-overwrite-other-server-configs) - - [Application settings `config.json`](#application-settings-configjson) - - [Third-party integration API key settings](#third-party-integration-api-key-settings) - - [Third-party integration OAuth callback URLs](#third-party-integration-oauth-callback-urls) -- [Developer Notes](#developer-notes) - - [Structure](#structure) - - [Operational Transformation](#operational-transformation) -- [License](#license) +## Community and Contributions - - -# HackMD CE became CodiMD - -CodiMD was recently renamed from its former name was HackMD. CodiMD is the free software version of HackMD. It was the original Version of HackMD. The HackMD team initiated CodiMD and provided a solid code base. Due to the need of paying bills, A fork was created and called HackMD EE, which is a SaaS (Software as a Service) product available at [hackmd.io](https://hackmd.io). - -We decided to change the name to break the confusion between HackMD and CodiMD, formally known as HackMD CE, as it never was an open core project. - -Just to more confusion: We are still friends with HackMD :heart: - -*For the whole renaming story, see the [related issue](https://github.com/hackmdio/hackmd/issues/720)* - -# Browsers Requirement - -- ![Chrome](http://browserbadge.com/chrome/47/18px) Chrome >= 47, Chrome for Android >= 47 -- ![Safari](http://browserbadge.com/safari/9/18px) Safari >= 9, iOS Safari >= 8.4 -- ![Firefox](http://browserbadge.com/firefox/44/18px) Firefox >= 44 -- ![IE](http://browserbadge.com/ie/9/18px) IE >= 9, Edge >= 12 -- ![Opera](http://browserbadge.com/opera/34/18px) Opera >= 34, Opera Mini not supported -- Android Browser >= 4.4 - -# Installation - -## Getting started (Native install) - -### Prerequisite - -- Node.js 6.x or up (test up to 7.5.0) and <10.x -- Database (PostgreSQL, MySQL, MariaDB, SQLite, MSSQL) use charset `utf8` -- npm (and its dependencies, especially [uWebSockets](https://github.com/uWebSockets/uWebSockets#nodejs-developers), [node-gyp](https://github.com/nodejs/node-gyp#installation)) -- `libssl-dev` for building scrypt (see [here](https://github.com/ml1nk/node-scrypt/blob/master/README.md#installation-instructions) for further information) -- For **building** CodiMD we recommend to use a machine with at least **2GB** RAM - -### Instructions - -1. Download a release and unzip or clone into a directory -2. Enter the directory and type `bin/setup`, which will install npm dependencies and create configs. The setup script is written in Bash, you would need bash as a prerequisite. -3. Setup the configs, see more below -4. Setup environment variables which will overwrite the configs -5. Build front-end bundle by `npm run build` (use `npm run dev` if you are in development) -6. Modify the file named `.sequelizerc`, change the value of the variable `url` with your db connection string - For example: `postgres://username:password@localhost:5432/codimd` -7. Run `node_modules/.bin/sequelize db:migrate`, this step will migrate your db to the latest schema -8. Run the server as you like (node, forever, pm2) - -To stay up to date with your installation it's recommended to join our [Matrix channel][matrix.org-url] or subscribe to the [release feed][github-release-feed]. - -## Heroku Deployment - -You can quickly setup a sample Heroku CodiMD application by clicking the button below. - -[![Deploy on Heroku](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy?template=https://github.com/codimd/server/tree/master) - -If you deploy it without the button, keep in mind to use the right buildpacks. For details check `app.json`. - -## Kubernetes - -To install use `helm install stable/hackmd`. - -For all further details, please check out the offical CodiMD [K8s helm chart](https://github.com/kubernetes/charts/tree/master/stable/hackmd). - -## CodiMD by docker container -[![Try in PWD](https://cdn.rawgit.com/play-with-docker/stacks/cff22438/assets/images/button.png)](http://play-with-docker.com?stack=https://github.com/codimd/container/raw/master/docker-compose.yml&stack_name=codimd) - - -**Debian-based version:** - -[![Docker Repository on Quay](https://quay.io/repository/codimd/server/status "Docker Repository on Quay")](https://quay.io/repository/codimd/server) - - -**Alpine-based version:** - -[![Docker Repository on Quay](https://quay.io/repository/codimd/server/status "Docker Repository on Quay")](https://quay.io/repository/codimd/server) - -The easiest way to setup CodiMD using docker are using the following three commands: - -```console -git clone https://github.com/codimd/container.git -cd codimd-container -docker-compose up -``` -Read more about it in the [container repository…](https://github.com/codimd/container) - -## Cloudron - -Install CodiMD on [Cloudron](https://cloudron.io): - -[![Install](https://cloudron.io/img/button.svg)](https://cloudron.io/button.html?app=io.hackmd.cloudronapp) - -# Upgrade - -## Native setup - -:warning: When you are still running from the old repository, please run: `git remote set-url origin https://github.com/codimd/server.git` :warning: - -If you are upgrading CodiMD from an older version, follow these steps: - -1. Fully stop your old server first (important) -2. `git pull` or do whatever that updates the files -3. `npm install` to update dependencies -4. Build front-end bundle by `npm run build` (use `npm run dev` if you are in development) -5. Modify the file named `.sequelizerc`, change the value of the variable `url` with your db connection string - For example: `postgres://username:password@localhost:5432/codimd` -6. Run `node_modules/.bin/sequelize db:migrate`, this step will migrate your db to the latest schema -7. Start your whole new server! +We welcome contributions! There's a lot to do. If you would like to report bugs +the [issue tracker](github-issue-tracker) is the right place. If you want to +help translating, find us on [POEditor](poeditor-url). To get started developing, +take a look at the [docs/dev](docs/dev) directory. In any case: come talk to us, +we'll be delighted to help you with the first steps. To stay up to date with your installation it's recommended to join our [Matrix channel][matrix.org-url] or subscribe to the [release feed][github-release-feed]. -* **migrate-to-1.1.0** - -We deprecated the older lower case config style and moved on to camel case style. Please have a look at the current `config.json.example` and check the warnings on startup. - -*Notice: This is not a breaking change right now but in the future* -* [**migration-to-0.5.0**](https://github.com/hackmdio/migration-to-0.5.0) +## Installation / Upgrading -We don't use LZString to compress socket.io data and DB data after version 0.5.0. -Please run the migration tool if you're upgrading from the old version. +You can run CodiMD in a number of ways, and we created setup instructions for +all of these: -* [**migration-to-0.4.0**](https://github.com/hackmdio/migration-to-0.4.0) +* [Docker](docs/setup/docker.md) +* [Kubernetes](docs/setup/kubernetes.md) +* [Cloudron](docs/setup/cloudron.md) +* [Heroku](docs/setup/heroku.md) +* [manual setup](docs/setup/manual-setup.md) -We've dropped MongoDB after version 0.4.0. -So here is the migration tool for you to transfer the old DB data to the new DB. -This tool is also used for official service. +If you do not wish to run your own setup, you can find a commercial offering at +https://hackmd.io. This is not the same codebase as this one, but it is a very +similar project. -# Configuration -There are some config settings you need to change in the files below. +## Configuration -``` -./config.json ----application settings -``` +Theres two main ways to configure your CodiMD instance: +[Config file](docs/configuration-config-file.md) or +[environment variables](docs/configuration-env-vars.md). You can choose what +works best for you. -## Environment variables (will overwrite other server configs) +CodiMD can integrate with -| variables | example values | description | -| --------- | ------ | ----------- | -| `NODE_ENV` | `production` or `development` | set current environment (will apply corresponding settings in the `config.json`) | -| `DEBUG` | `true` or `false` | set debug mode; show more logs | -| `CMD_CONFIG_FILE` | `/path/to/config.json` | optional override for the path to CodiMD's config file | -| `CMD_DOMAIN` | `codimd.org` | domain name | -| `CMD_URL_PATH` | `codimd` | sub URL path, like `www.example.com/` | -| `CMD_HOST` | `localhost` | host to listen on | -| `CMD_PORT` | `80` | web app port | -| `CMD_PATH` | `/var/run/codimd.sock` | path to UNIX domain socket to listen on (if specified, `CMD_HOST` and `CMD_PORT` are ignored) | -| `CMD_LOGLEVEL` | `info` | Defines what kind of logs are provided to stdout. | -| `CMD_ALLOW_ORIGIN` | `localhost, codimd.org` | domain name whitelist (use comma to separate) | -| `CMD_PROTOCOL_USESSL` | `true` or `false` | set to use SSL protocol for resources path (only applied when domain is set) | -| `CMD_URL_ADDPORT` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) | -| `CMD_USECDN` | `true` or `false` | set to use CDN resources or not (default is `true`) | -| `CMD_ALLOW_ANONYMOUS` | `true` or `false` | set to allow anonymous usage (default is `true`) | -| `CMD_ALLOW_ANONYMOUS_EDITS` | `true` or `false` | if `allowAnonymous` is `true`, allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) | -| `CMD_ALLOW_FREEURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL | -| `CMD_FORBIDDEN_NODE_IDS` | `'robots.txt'` | disallow creation of notes, even if `CMD_ALLOW_FREEURL` is `true` | -| `CMD_DEFAULT_PERMISSION` | `freely`, `editable`, `limited`, `locked` or `private` | set notes default permission (only applied on signed users) | -| `CMD_DB_URL` | `mysql://localhost:3306/database` | set the database URL | -| `CMD_SESSION_SECRET` | no example | Secret used to sign the session cookie. If non is set, one will randomly generated on startup | -| `CMD_SESSION_LIFE` | `1209600000` | Session life time. (milliseconds) | -| `CMD_FACEBOOK_CLIENTID` | no example | Facebook API client id | -| `CMD_FACEBOOK_CLIENTSECRET` | no example | Facebook API client secret | -| `CMD_TWITTER_CONSUMERKEY` | no example | Twitter API consumer key | -| `CMD_TWITTER_CONSUMERSECRET` | no example | Twitter API consumer secret | -| `CMD_GITHUB_CLIENTID` | no example | GitHub API client id | -| `CMD_GITHUB_CLIENTSECRET` | no example | GitHub API client secret | -| `CMD_GITLAB_SCOPE` | `read_user` or `api` | GitLab API requested scope (default is `api`) (GitLab snippet import/export need `api` scope) | -| `CMD_GITLAB_BASEURL` | no example | GitLab authentication endpoint, set to use other endpoint than GitLab.com (optional) | -| `CMD_GITLAB_CLIENTID` | no example | GitLab API client id | -| `CMD_GITLAB_CLIENTSECRET` | no example | GitLab API client secret | -| `CMD_GITLAB_VERSION` | no example | GitLab API version (v3 or v4) | -| `CMD_MATTERMOST_BASEURL` | no example | Mattermost authentication endpoint for versions below 5.0. For Mattermost version 5.0 and above, see [guide](docs/guides/auth/mattermost-self-hosted.md). | -| `CMD_MATTERMOST_CLIENTID` | no example | Mattermost API client id | -| `CMD_MATTERMOST_CLIENTSECRET` | no example | Mattermost API client secret | -| `CMD_DROPBOX_CLIENTID` | no example | Dropbox API client id | -| `CMD_DROPBOX_CLIENTSECRET` | no example | Dropbox API client secret | -| `CMD_GOOGLE_CLIENTID` | no example | Google API client id | -| `CMD_GOOGLE_CLIENTSECRET` | no example | Google API client secret | -| `CMD_LDAP_URL` | `ldap://example.com` | URL of LDAP server | -| `CMD_LDAP_BINDDN` | no example | bindDn for LDAP access | -| `CMD_LDAP_BINDCREDENTIALS` | no example | bindCredentials for LDAP access | -| `CMD_LDAP_SEARCHBASE` | `o=users,dc=example,dc=com` | LDAP directory to begin search from | -| `CMD_LDAP_SEARCHFILTER` | `(uid={{username}})` | LDAP filter to search with | -| `CMD_LDAP_SEARCHATTRIBUTES` | `displayName, mail` | LDAP attributes to search with (use comma to separate) | -| `CMD_LDAP_USERIDFIELD` | `uidNumber` or `uid` or `sAMAccountName` | The LDAP field which is used uniquely identify a user on CodiMD | -| `CMD_LDAP_USERNAMEFIELD` | Fallback to userid | The LDAP field which is used as the username on CodiMD | -| `CMD_LDAP_TLS_CA` | `server-cert.pem, root.pem` | Root CA for LDAP TLS in PEM format (use comma to separate) | -| `CMD_LDAP_PROVIDERNAME` | `My institution` | Optional name to be displayed at login form indicating the LDAP provider | -| `CMD_SAML_IDPSSOURL` | `https://idp.example.com/sso` | authentication endpoint of IdP. for details, see [guide](docs/guides/auth/saml-onelogin.md). | -| `CMD_SAML_IDPCERT` | `/path/to/cert.pem` | certificate file path of IdP in PEM format | -| `CMD_SAML_ISSUER` | no example | identity of the service provider (optional, default: serverurl)" | -| `CMD_SAML_IDENTIFIERFORMAT` | no example | name identifier format (optional, default: `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress`) | -| `CMD_SAML_GROUPATTRIBUTE` | `memberOf` | attribute name for group list (optional) | -| `CMD_SAML_REQUIREDGROUPS` | `Hackmd-users` | group names that allowed (use vertical bar to separate) (optional) | -| `CMD_SAML_EXTERNALGROUPS` | `Temporary-staff` | group names that not allowed (use vertical bar to separate) (optional) | -| `CMD_SAML_ATTRIBUTE_ID` | `sAMAccountName` | attribute map for `id` (optional, default: NameID of SAML response) | -| `CMD_SAML_ATTRIBUTE_USERNAME` | `mailNickname` | attribute map for `username` (optional, default: NameID of SAML response) | -| `CMD_SAML_ATTRIBUTE_EMAIL` | `mail` | attribute map for `email` (optional, default: NameID of SAML response if `CMD_SAML_IDENTIFIERFORMAT` is default) | -| `CMD_OAUTH2_USER_PROFILE_URL` | `https://example.com` | where retrieve information about a user after succesful login. Needs to output JSON. (no default value) Refer to the [Mattermost](docs/guides/auth/mattermost-self-hosted.md) or [Nextcloud](docs/guides/auth/nextcloud.md) examples for more details on all of the `CMD_OAUTH2...` options. | -| `CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR` | `name` | where to find the username in the JSON from the user profile URL. (no default value)| -| `CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR` | `display-name` | where to find the display-name in the JSON from the user profile URL. (no default value) | -| `CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR` | `email` | where to find the email address in the JSON from the user profile URL. (no default value) | -| `CMD_OAUTH2_TOKEN_URL` | `https://example.com` | sometimes called token endpoint, please refer to the documentation of your OAuth2 provider (no default value) | -| `CMD_OAUTH2_AUTHORIZATION_URL` | `https://example.com` | authorization URL of your provider, please refer to the documentation of your OAuth2 provider (no default value) | -| `CMD_OAUTH2_CLIENT_ID` | `afae02fckafd...` | you will get this from your OAuth2 provider when you register CodiMD as OAuth2-client, (no default value) | -| `CMD_OAUTH2_CLIENT_SECRET` | `afae02fckafd...` | you will get this from your OAuth2 provider when you register CodiMD as OAuth2-client, (no default value) | -| `CMD_OAUTH2_PROVIDERNAME` | `My institution` | Optional name to be displayed at login form indicating the oAuth2 provider | -| `CMD_IMGUR_CLIENTID` | no example | Imgur API client id | -| `CMD_EMAIL` | `true` or `false` | set to allow email signin | -| `CMD_ALLOW_PDF_EXPORT` | `true` or `false` | Enable or disable PDF exports | -| `CMD_ALLOW_EMAIL_REGISTER` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) | -| `CMD_ALLOW_GRAVATAR` | `true` or `false` | set to `false` to disable gravatar as profile picture source on your instance | -| `CMD_IMAGE_UPLOAD_TYPE` | `imgur`, `s3`, `minio` or `filesystem` | Where to upload images. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md) | -| `CMD_S3_ACCESS_KEY_ID` | no example | AWS access key id | -| `CMD_S3_SECRET_ACCESS_KEY` | no example | AWS secret key | -| `CMD_S3_REGION` | `ap-northeast-1` | AWS S3 region | -| `CMD_S3_BUCKET` | no example | AWS S3 bucket name | -| `CMD_MINIO_ACCESS_KEY` | no example | Minio access key | -| `CMD_MINIO_SECRET_KEY` | no example | Minio secret key | -| `CMD_MINIO_ENDPOINT` | `minio.example.org` | Address of your Minio endpoint/instance | -| `CMD_MINIO_PORT` | `9000` | Port that is used for your Minio instance | -| `CMD_MINIO_SECURE` | `true` | If set to `true` HTTPS is used for Minio | -| `CMD_AZURE_CONNECTION_STRING` | no example | Azure Blob Storage connection string | -| `CMD_AZURE_CONTAINER` | no example | Azure Blob Storage container name (automatically created if non existent) | -| `CMD_HSTS_ENABLE` | ` true` | set to enable [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) if HTTPS is also enabled (default is ` true`) | -| `CMD_HSTS_INCLUDE_SUBDOMAINS` | `true` | set to include subdomains in HSTS (default is `true`) | -| `CMD_HSTS_MAX_AGE` | `31536000` | max duration in seconds to tell clients to keep HSTS status (default is a year) | -| `CMD_HSTS_PRELOAD` | `true` | whether to allow preloading of the site's HSTS status (e.g. into browsers) | -| `CMD_CSP_ENABLE` | `true` | whether to enable Content Security Policy (directives cannot be configured with environment variables) | -| `CMD_CSP_REPORTURI` | `https://.report-uri.com/r/d/csp/enforce` | Allows to add a URL for CSP reports in case of violations | -| `CMD_SOURCE_URL` | `https://github.com/codimd/server/tree/` | Provides the link to the source code of CodiMD on the entry page (Please, make sure you change this when you run a modified version) | +* facebook, twitter, github, gitlab, mattermost, dropbox, google, ldap, saml and [oauth2](docs/guides/auth/oauth.md) **for login** +* imgur, s3, minio, azure **for image/attachment storage** (files can also be local!) +* dropbox **for export and import** -***Note:** Due to the rename process we renamed all `HMD_`-prefix variables to be `CMD_`-prefixed. The old ones continue to work.* +More info about that can be found in the configuration docs above. -## Application settings `config.json` -| variables | example values | description | -| --------- | ------ | ----------- | -| `debug` | `true` or `false` | set debug mode, show more logs | -| `domain` | `localhost` | domain name | -| `urlPath` | `codimd` | sub URL path, like `www.example.com/` | -| `host` | `localhost` | host to listen on | -| `port` | `80` | web app port | -| `path` | `/var/run/codimd.sock` | path to UNIX domain socket to listen on (if specified, `host` and `port` are ignored) | -| `loglevel` | `info` | Defines what kind of logs are provided to stdout. | -| `allowOrigin` | `['localhost']` | domain name whitelist | -| `useSSL` | `true` or `false` | set to use SSL server (if `true`, will auto turn on `protocolUseSSL`) | -| `hsts` | `{"enable": true, "maxAgeSeconds": 31536000, "includeSubdomains": true, "preload": true}` | [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) options to use with HTTPS (default is the example value, max age is a year) | -| `csp` | `{"enable": true, "directives": {"scriptSrc": "trustworthy-scripts.example.com"}, "upgradeInsecureRequests": "auto", "addDefaults": true}` | Configures [Content Security Policy](https://helmetjs.github.io/docs/csp/). Directives are passed to Helmet - see [their documentation](https://helmetjs.github.io/docs/csp/) for more information on the format. Some defaults are added to the configured values so that the application doesn't break. To disable this behaviour, set `addDefaults` to `false`. Further, if `usecdn` is on, some CDN locations are allowed too. By default (`auto`), insecure (HTTP) requests are upgraded to HTTPS via CSP if `useSSL` is on. To change this behaviour, set `upgradeInsecureRequests` to either `true` or `false`. | -| `protocolUseSSL` | `true` or `false` | set to use SSL protocol for resources path (only applied when domain is set) | -| `urlAddPort` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) | -| `useCDN` | `true` or `false` | set to use CDN resources or not (default is `true`) | -| `allowAnonymous` | `true` or `false` | set to allow anonymous usage (default is `true`) | -| `allowAnonymousEdits` | `true` or `false` | if `allowAnonymous` is `true`: allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) | -| `allowFreeURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL | -| `forbiddenNoteIDs` | `['robots.txt']` | disallow creation of notes, even if `allowFreeUrl` is `true` | -| `defaultPermission` | `freely`, `editable`, `limited`, `locked`, `protected` or `private` | set notes default permission (only applied on signed users) | -| `dbURL` | `mysql://localhost:3306/database` | set the db URL; if set, then db config (below) won't be applied | -| `db` | `{ "dialect": "sqlite", "storage": "./db.codimd.sqlite" }` | set the db configs, [see more here](http://sequelize.readthedocs.org/en/latest/api/sequelize/) | -| `sslKeyPath` | `./cert/client.key` | SSL key path1 (only need when you set `useSSL`) | -| `sslCertPath` | `./cert/codimd_io.crt` | SSL cert path1 (only need when you set `useSSL`) | -| `sslCAPath` | `['./cert/COMODORSAAddTrustCA.crt']` | SSL ca chain1 (only need when you set `useSSL`) | -| `dhParamPath` | `./cert/dhparam.pem` | SSL dhparam path1 (only need when you set `useSSL`) | -| `tmpPath` | `./tmp/` | temp directory path1 | -| `defaultNotePath` | `./public/default.md` | default note file path1 | -| `docsPath` | `./public/docs` | docs directory path1 | -| `viewPath` | `./public/views` | template directory path1 | -| `uploadsPath` | `./public/uploads` | uploads directory1 - needs to be persistent when you use imageUploadType `filesystem` | -| `sessionName` | `connect.sid` | cookie session name | -| `sessionSecret` | `secret` | cookie session secret | -| `sessionLife` | `14 * 24 * 60 * 60 * 1000` | cookie session life | -| `staticCacheTime` | `1 * 24 * 60 * 60 * 1000` | static file cache time | -| `heartbeatInterval` | `5000` | socket.io heartbeat interval | -| `heartbeatTimeout` | `10000` | socket.io heartbeat timeout | -| `documentMaxLength` | `100000` | note max length | -| `email` | `true` or `false` | set to allow email signin | -| `oauth2` | `{baseURL: ..., userProfileURL: ..., userProfileUsernameAttr: ..., userProfileDisplayNameAttr: ..., userProfileEmailAttr: ..., tokenURL: ..., authorizationURL: ..., clientID: ..., clientSecret: ...}` | An object detailing your OAuth2 provider. Refer to the [Mattermost](docs/guides/auth/mattermost-self-hosted.md) or [Nextcloud](docs/guides/auth/nextcloud.md) examples for more details!| -| `allowEmailRegister` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) | -| `allowGravatar` | `true` or `false` | set to `false` to disable gravatar as profile picture source on your instance | -| `imageUploadType` | `imgur`, `s3`, `minio`, `azure` or `filesystem`(default) | Where to upload images. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md)| -| `minio` | `{ "accessKey": "YOUR_MINIO_ACCESS_KEY", "secretKey": "YOUR_MINIO_SECRET_KEY", "endpoint": "YOUR_MINIO_HOST", port: 9000, secure: true }` | When `imageUploadType` is set to `minio`, you need to set this key. Also checkout our [Minio Image Upload Guide](docs/guides/minio-image-upload.md) | -| `s3` | `{ "accessKeyId": "YOUR_S3_ACCESS_KEY_ID", "secretAccessKey": "YOUR_S3_ACCESS_KEY", "region": "YOUR_S3_REGION" }` | When `imageuploadtype` be set to `s3`, you would also need to setup this key, check our [S3 Image Upload Guide](docs/guides/s3-image-upload.md) | -| `s3bucket` | `YOUR_S3_BUCKET_NAME` | bucket name when `imageUploadType` is set to `s3` or `minio` | -| `sourceURL` | `https://github.com/codimd/server/tree/` | Provides the link to the source code of CodiMD on the entry page (Please, make sure you change this when you run a modified version) | +## Browser support -1: relative paths are based on CodiMD's base directory - -## Third-party integration API key settings - -| service | settings location | description | -| ------- | --------- | ----------- | -| facebook, twitter, github, gitlab, mattermost, dropbox, google, ldap, saml | environment variables or `config.json` | for signin | -| imgur, s3, minio, azure | environment variables or `config.json` | for image upload | -| dropbox(`dropbox/appKey`) | `config.json` | for export and import | - -## Third-party integration OAuth callback URLs - -| service | callback URL (after the server URL) | -| ------- | --------- | -| facebook | `/auth/facebook/callback` | -| twitter | `/auth/twitter/callback` | -| github | `/auth/github/callback` | -| gitlab | `/auth/gitlab/callback` | -| mattermost | `/auth/mattermost/callback` | -| dropbox | `/auth/dropbox/callback` | -| google | `/auth/google/callback` | -| saml | `/auth/saml/callback` | - -# Developer Notes - -## Structure - -```text -codimd/ -├── tmp/ --- temporary files -├── docs/ --- document files -├── lib/ --- server libraries -└── public/ --- client files - ├── css/ --- css styles - ├── js/ --- js scripts - ├── vendor/ --- vendor includes - └── views/ --- view templates -``` - -## Operational Transformation - -From 0.3.2, we started supporting operational transformation. -It makes concurrent editing safe and will not break up other users' operations. -Additionally, now can show other clients' selections. -See more at [http://operational-transformation.github.io/](http://operational-transformation.github.io/) +To use CodiMD, your browser should match or exceed these versions: +- ![Chrome](http://browserbadge.com/chrome/47/18px) Chrome >= 47, Chrome for Android >= 47 +- ![Safari](http://browserbadge.com/safari/9/18px) Safari >= 9, iOS Safari >= 8.4 +- ![Firefox](http://browserbadge.com/firefox/44/18px) Firefox >= 44 +- ![IE](http://browserbadge.com/ie/9/18px) IE >= 9, Edge >= 12 +- ![Opera](http://browserbadge.com/opera/34/18px) Opera >= 34, Opera Mini not supported +- Android Browser >= 4.4 # License -**License under AGPL.** +Licensed under AGPLv3. For our list of contributors, see [AUTHORS](AUTHORS). [matrix.org-image]: https://img.shields.io/badge/Matrix.org-%23CodiMD@matrix.org-green.svg [matrix.org-url]: https://riot.im/app/#/room/#codimd:matrix.org @@ -380,5 +80,6 @@ See more at [http://operational-transformation.github.io/](http://operational-tr [github-version-badge]: https://img.shields.io/github/release/codimd/server.svg [github-release-page]: https://github.com/codimd/server/releases [github-release-feed]: https://github.com/codimd/server/releases.atom +[github-issue-tracker]: https://github.com/codimd/server/issues/ [poeditor-image]: https://img.shields.io/badge/POEditor-translate-blue.svg [poeditor-url]: https://poeditor.com/join/project/1OpGjF2Jir diff --git a/docs/configuration-config-file.md b/docs/configuration-config-file.md new file mode 100644 index 00000000..4edbbf0f --- /dev/null +++ b/docs/configuration-config-file.md @@ -0,0 +1,64 @@ +# Configuration Using Config file + +You can choose to configure CodiMD with either a config file or with +[environment variables](configuration-env-vars.md). The config file is processed +in [`lib/config/index.js`](lib/config/index.js) - so this is the first +place to look if anything is missing not obvious from this document. + +Environment variables take precedence over configurations from the config files. +To get started, it is a good idea to take the `config.json.example` and copy it +to `config.json` before filling in your own details. + +[//]: # (TODO split up into chunks) + + +| variables | example values | description | +| --------- | ------ | ----------- | +| `debug` | `true` or `false` | set debug mode, show more logs | +| `domain` | `localhost` | domain name | +| `urlPath` | `codimd` | sub URL path, like `www.example.com/` | +| `host` | `localhost` | host to listen on | +| `port` | `80` | web app port | +| `path` | `/var/run/codimd.sock` | path to UNIX domain socket to listen on (if specified, `host` and `port` are ignored) | +| `loglevel` | `info` | Defines what kind of logs are provided to stdout. | +| `allowOrigin` | `['localhost']` | domain name whitelist | +| `useSSL` | `true` or `false` | set to use SSL server (if `true`, will auto turn on `protocolUseSSL`) | +| `hsts` | `{"enable": true, "maxAgeSeconds": 31536000, "includeSubdomains": true, "preload": true}` | [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) options to use with HTTPS (default is the example value, max age is a year) | +| `csp` | `{"enable": true, "directives": {"scriptSrc": "trustworthy-scripts.example.com"}, "upgradeInsecureRequests": "auto", "addDefaults": true}` | Configures [Content Security Policy](https://helmetjs.github.io/docs/csp/). Directives are passed to Helmet - see [their documentation](https://helmetjs.github.io/docs/csp/) for more information on the format. Some defaults are added to the configured values so that the application doesn't break. To disable this behaviour, set `addDefaults` to `false`. Further, if `usecdn` is on, some CDN locations are allowed too. By default (`auto`), insecure (HTTP) requests are upgraded to HTTPS via CSP if `useSSL` is on. To change this behaviour, set `upgradeInsecureRequests` to either `true` or `false`. | +| `protocolUseSSL` | `true` or `false` | set to use SSL protocol for resources path (only applied when domain is set) | +| `urlAddPort` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) | +| `useCDN` | `true` or `false` | set to use CDN resources or not (default is `true`) | +| `allowAnonymous` | `true` or `false` | set to allow anonymous usage (default is `true`) | +| `allowAnonymousEdits` | `true` or `false` | if `allowAnonymous` is `true`: allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) | +| `allowFreeURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL | +| `forbiddenNoteIDs` | `['robots.txt']` | disallow creation of notes, even if `allowFreeUrl` is `true` | +| `defaultPermission` | `freely`, `editable`, `limited`, `locked`, `protected` or `private` | set notes default permission (only applied on signed users) | +| `dbURL` | `mysql://localhost:3306/database` | set the db URL; if set, then db config (below) won't be applied | +| `db` | `{ "dialect": "sqlite", "storage": "./db.codimd.sqlite" }` | set the db configs, [see more here](http://sequelize.readthedocs.org/en/latest/api/sequelize/) | +| `sslKeyPath` | `./cert/client.key` | SSL key path1 (only need when you set `useSSL`) | +| `sslCertPath` | `./cert/codimd_io.crt` | SSL cert path1 (only need when you set `useSSL`) | +| `sslCAPath` | `['./cert/COMODORSAAddTrustCA.crt']` | SSL ca chain1 (only need when you set `useSSL`) | +| `dhParamPath` | `./cert/dhparam.pem` | SSL dhparam path1 (only need when you set `useSSL`) | +| `tmpPath` | `./tmp/` | temp directory path1 | +| `defaultNotePath` | `./public/default.md` | default note file path1 | +| `docsPath` | `./public/docs` | docs directory path1 | +| `viewPath` | `./public/views` | template directory path1 | +| `uploadsPath` | `./public/uploads` | uploads directory1 - needs to be persistent when you use imageUploadType `filesystem` | +| `sessionName` | `connect.sid` | cookie session name | +| `sessionSecret` | `secret` | cookie session secret | +| `sessionLife` | `14 * 24 * 60 * 60 * 1000` | cookie session life | +| `staticCacheTime` | `1 * 24 * 60 * 60 * 1000` | static file cache time | +| `heartbeatInterval` | `5000` | socket.io heartbeat interval | +| `heartbeatTimeout` | `10000` | socket.io heartbeat timeout | +| `documentMaxLength` | `100000` | note max length | +| `email` | `true` or `false` | set to allow email signin | +| `oauth2` | `{baseURL: ..., userProfileURL: ..., userProfileUsernameAttr: ..., userProfileDisplayNameAttr: ..., userProfileEmailAttr: ..., tokenURL: ..., authorizationURL: ..., clientID: ..., clientSecret: ...}` | An object detailing your OAuth2 provider. Refer to the [Mattermost](docs/guides/auth/mattermost-self-hosted.md) or [Nextcloud](docs/guides/auth/nextcloud.md) examples for more details!| +| `allowEmailRegister` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) | +| `allowGravatar` | `true` or `false` | set to `false` to disable gravatar as profile picture source on your instance | +| `imageUploadType` | `imgur`, `s3`, `minio`, `azure` or `filesystem`(default) | Where to upload images. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md)| +| `minio` | `{ "accessKey": "YOUR_MINIO_ACCESS_KEY", "secretKey": "YOUR_MINIO_SECRET_KEY", "endpoint": "YOUR_MINIO_HOST", port: 9000, secure: true }` | When `imageUploadType` is set to `minio`, you need to set this key. Also checkout our [Minio Image Upload Guide](docs/guides/minio-image-upload.md) | +| `s3` | `{ "accessKeyId": "YOUR_S3_ACCESS_KEY_ID", "secretAccessKey": "YOUR_S3_ACCESS_KEY", "region": "YOUR_S3_REGION" }` | When `imageuploadtype` be set to `s3`, you would also need to setup this key, check our [S3 Image Upload Guide](docs/guides/s3-image-upload.md) | +| `s3bucket` | `YOUR_S3_BUCKET_NAME` | bucket name when `imageUploadType` is set to `s3` or `minio` | +| `sourceURL` | `https://github.com/codimd/server/tree/` | Provides the link to the source code of CodiMD on the entry page (Please, make sure you change this when you run a modified version) | + +1: relative paths are based on CodiMD's base directory diff --git a/docs/configuration-env-vars.md b/docs/configuration-env-vars.md new file mode 100644 index 00000000..2823a402 --- /dev/null +++ b/docs/configuration-env-vars.md @@ -0,0 +1,113 @@ +# Configuration Using Environment variables + +You can choose to configure CodiMD with either a +[config file](configuration-config-file.md) or with environment variables. +Environment variables are processed in +[`lib/config/environment.js`](lib/config/environment.js) - so this is the first +place to look if anything is missing not obvious from this document. + +Environment variables take precedence over configurations from the config files. +They generally start with `CMD_` for our own options, but we also list +node-specific options you can configure this way. + +[//]: # (TODO split up into chunks) + + +| variable | example value | description | default | +| -------- | ------------- | ----------- | ------- | +| `NODE_ENV` | `production` or `development` | set current environment (will apply corresponding settings in the `config.json`) | +| `DEBUG` | `true` or `false` | set debug mode; show more logs | +| `CMD_CONFIG_FILE` | `/path/to/config.json` | optional override for the path to CodiMD's config file | +| `CMD_DOMAIN` | `codimd.org` | domain name | +| `CMD_URL_PATH` | `codimd` | sub URL path, like `www.example.com/` | +| `CMD_HOST` | `localhost` | host to listen on | +| `CMD_PORT` | `80` | web app port | +| `CMD_PATH` | `/var/run/codimd.sock` | path to UNIX domain socket to listen on (if specified, `CMD_HOST` and `CMD_PORT` are ignored) | +| `CMD_LOGLEVEL` | `info` | Defines what kind of logs are provided to stdout. | +| `CMD_ALLOW_ORIGIN` | `localhost, codimd.org` | domain name whitelist (use comma to separate) | +| `CMD_PROTOCOL_USESSL` | `true` or `false` | set to use SSL protocol for resources path (only applied when domain is set) | +| `CMD_URL_ADDPORT` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) | +| `CMD_USECDN` | `true` or `false` | set to use CDN resources or not (default is `true`) | +| `CMD_ALLOW_ANONYMOUS` | `true` or `false` | set to allow anonymous usage (default is `true`) | +| `CMD_ALLOW_ANONYMOUS_EDITS` | `true` or `false` | if `allowAnonymous` is `true`, allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) | +| `CMD_ALLOW_FREEURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL | +| `CMD_FORBIDDEN_NODE_IDS` | `'robots.txt'` | disallow creation of notes, even if `CMD_ALLOW_FREEURL` is `true` | +| `CMD_DEFAULT_PERMISSION` | `freely`, `editable`, `limited`, `locked` or `private` | set notes default permission (only applied on signed users) | +| `CMD_DB_URL` | `mysql://localhost:3306/database` | set the database URL | +| `CMD_SESSION_SECRET` | no example | Secret used to sign the session cookie. If non is set, one will randomly generated on startup | +| `CMD_SESSION_LIFE` | `1209600000` | Session life time. (milliseconds) | +| `CMD_FACEBOOK_CLIENTID` | no example | Facebook API client id | +| `CMD_FACEBOOK_CLIENTSECRET` | no example | Facebook API client secret | +| `CMD_TWITTER_CONSUMERKEY` | no example | Twitter API consumer key | +| `CMD_TWITTER_CONSUMERSECRET` | no example | Twitter API consumer secret | +| `CMD_GITHUB_CLIENTID` | no example | GitHub API client id | +| `CMD_GITHUB_CLIENTSECRET` | no example | GitHub API client secret | +| `CMD_GITLAB_SCOPE` | `read_user` or `api` | GitLab API requested scope (default is `api`) (GitLab snippet import/export need `api` scope) | +| `CMD_GITLAB_BASEURL` | no example | GitLab authentication endpoint, set to use other endpoint than GitLab.com (optional) | +| `CMD_GITLAB_CLIENTID` | no example | GitLab API client id | +| `CMD_GITLAB_CLIENTSECRET` | no example | GitLab API client secret | +| `CMD_GITLAB_VERSION` | no example | GitLab API version (v3 or v4) | +| `CMD_MATTERMOST_BASEURL` | no example | Mattermost authentication endpoint for versions below 5.0. For Mattermost version 5.0 and above, see [guide](docs/guides/auth/mattermost-self-hosted.md). | +| `CMD_MATTERMOST_CLIENTID` | no example | Mattermost API client id | +| `CMD_MATTERMOST_CLIENTSECRET` | no example | Mattermost API client secret | +| `CMD_DROPBOX_CLIENTID` | no example | Dropbox API client id | +| `CMD_DROPBOX_CLIENTSECRET` | no example | Dropbox API client secret | +| `CMD_GOOGLE_CLIENTID` | no example | Google API client id | +| `CMD_GOOGLE_CLIENTSECRET` | no example | Google API client secret | +| `CMD_LDAP_URL` | `ldap://example.com` | URL of LDAP server | +| `CMD_LDAP_BINDDN` | no example | bindDn for LDAP access | +| `CMD_LDAP_BINDCREDENTIALS` | no example | bindCredentials for LDAP access | +| `CMD_LDAP_SEARCHBASE` | `o=users,dc=example,dc=com` | LDAP directory to begin search from | +| `CMD_LDAP_SEARCHFILTER` | `(uid={{username}})` | LDAP filter to search with | +| `CMD_LDAP_SEARCHATTRIBUTES` | `displayName, mail` | LDAP attributes to search with (use comma to separate) | +| `CMD_LDAP_USERIDFIELD` | `uidNumber` or `uid` or `sAMAccountName` | The LDAP field which is used uniquely identify a user on CodiMD | +| `CMD_LDAP_USERNAMEFIELD` | Fallback to userid | The LDAP field which is used as the username on CodiMD | +| `CMD_LDAP_TLS_CA` | `server-cert.pem, root.pem` | Root CA for LDAP TLS in PEM format (use comma to separate) | +| `CMD_LDAP_PROVIDERNAME` | `My institution` | Optional name to be displayed at login form indicating the LDAP provider | +| `CMD_SAML_IDPSSOURL` | `https://idp.example.com/sso` | authentication endpoint of IdP. for details, see [guide](docs/guides/auth/saml-onelogin.md). | +| `CMD_SAML_IDPCERT` | `/path/to/cert.pem` | certificate file path of IdP in PEM format | +| `CMD_SAML_ISSUER` | no example | identity of the service provider (optional, default: serverurl)" | +| `CMD_SAML_IDENTIFIERFORMAT` | no example | name identifier format (optional, default: `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress`) | +| `CMD_SAML_GROUPATTRIBUTE` | `memberOf` | attribute name for group list (optional) | +| `CMD_SAML_REQUIREDGROUPS` | `Hackmd-users` | group names that allowed (use vertical bar to separate) (optional) | +| `CMD_SAML_EXTERNALGROUPS` | `Temporary-staff` | group names that not allowed (use vertical bar to separate) (optional) | +| `CMD_SAML_ATTRIBUTE_ID` | `sAMAccountName` | attribute map for `id` (optional, default: NameID of SAML response) | +| `CMD_SAML_ATTRIBUTE_USERNAME` | `mailNickname` | attribute map for `username` (optional, default: NameID of SAML response) | +| `CMD_SAML_ATTRIBUTE_EMAIL` | `mail` | attribute map for `email` (optional, default: NameID of SAML response if `CMD_SAML_IDENTIFIERFORMAT` is default) | +| `CMD_OAUTH2_USER_PROFILE_URL` | `https://example.com` | where retrieve information about a user after succesful login. Needs to output JSON. (no default value) Refer to the [Mattermost](docs/guides/auth/mattermost-self-hosted.md) or [Nextcloud](docs/guides/auth/nextcloud.md) examples for more details on all of the `CMD_OAUTH2...` options. | +| `CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR` | `name` | where to find the username in the JSON from the user profile URL. (no default value)| +| `CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR` | `display-name` | where to find the display-name in the JSON from the user profile URL. (no default value) | +| `CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR` | `email` | where to find the email address in the JSON from the user profile URL. (no default value) | +| `CMD_OAUTH2_TOKEN_URL` | `https://example.com` | sometimes called token endpoint, please refer to the documentation of your OAuth2 provider (no default value) | +| `CMD_OAUTH2_AUTHORIZATION_URL` | `https://example.com` | authorization URL of your provider, please refer to the documentation of your OAuth2 provider (no default value) | +| `CMD_OAUTH2_CLIENT_ID` | `afae02fckafd...` | you will get this from your OAuth2 provider when you register CodiMD as OAuth2-client, (no default value) | +| `CMD_OAUTH2_CLIENT_SECRET` | `afae02fckafd...` | you will get this from your OAuth2 provider when you register CodiMD as OAuth2-client, (no default value) | +| `CMD_OAUTH2_PROVIDERNAME` | `My institution` | Optional name to be displayed at login form indicating the oAuth2 provider | +| `CMD_IMGUR_CLIENTID` | no example | Imgur API client id | +| `CMD_EMAIL` | `true` or `false` | set to allow email signin | +| `CMD_ALLOW_PDF_EXPORT` | `true` or `false` | Enable or disable PDF exports | +| `CMD_ALLOW_EMAIL_REGISTER` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) | +| `CMD_ALLOW_GRAVATAR` | `true` or `false` | set to `false` to disable gravatar as profile picture source on your instance | +| `CMD_IMAGE_UPLOAD_TYPE` | `imgur`, `s3`, `minio` or `filesystem` | Where to upload images. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md) | +| `CMD_S3_ACCESS_KEY_ID` | no example | AWS access key id | +| `CMD_S3_SECRET_ACCESS_KEY` | no example | AWS secret key | +| `CMD_S3_REGION` | `ap-northeast-1` | AWS S3 region | +| `CMD_S3_BUCKET` | no example | AWS S3 bucket name | +| `CMD_MINIO_ACCESS_KEY` | no example | Minio access key | +| `CMD_MINIO_SECRET_KEY` | no example | Minio secret key | +| `CMD_MINIO_ENDPOINT` | `minio.example.org` | Address of your Minio endpoint/instance | +| `CMD_MINIO_PORT` | `9000` | Port that is used for your Minio instance | +| `CMD_MINIO_SECURE` | `true` | If set to `true` HTTPS is used for Minio | +| `CMD_AZURE_CONNECTION_STRING` | no example | Azure Blob Storage connection string | +| `CMD_AZURE_CONTAINER` | no example | Azure Blob Storage container name (automatically created if non existent) | +| `CMD_HSTS_ENABLE` | ` true` | set to enable [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) if HTTPS is also enabled (default is ` true`) | +| `CMD_HSTS_INCLUDE_SUBDOMAINS` | `true` | set to include subdomains in HSTS (default is `true`) | +| `CMD_HSTS_MAX_AGE` | `31536000` | max duration in seconds to tell clients to keep HSTS status (default is a year) | +| `CMD_HSTS_PRELOAD` | `true` | whether to allow preloading of the site's HSTS status (e.g. into browsers) | +| `CMD_CSP_ENABLE` | `true` | whether to enable Content Security Policy (directives cannot be configured with environment variables) | +| `CMD_CSP_REPORTURI` | `https://.report-uri.com/r/d/csp/enforce` | Allows to add a URL for CSP reports in case of violations | +| `CMD_SOURCE_URL` | `https://github.com/codimd/server/tree/` | Provides the link to the source code of CodiMD on the entry page (Please, make sure you change this when you run a modified version) | + +**Note:** *Due to the rename process we renamed all `HMD_`-prefix variables to be `CMD_`-prefixed. The old ones continue to work.* + +**Note:** *relative paths are based on CodiMD's base directory* diff --git a/docs/dev/getting-started.md b/docs/dev/getting-started.md new file mode 100644 index 00000000..6eb1b136 --- /dev/null +++ b/docs/dev/getting-started.md @@ -0,0 +1,16 @@ +# Developer Notes + +## Structure + +```text +codimd/ +├── test/ --- test suite +├── docs/ --- documentation +├── lib/ --- server libraries +└── public/ --- client files + ├── css/ --- css styles + ├── docs/ --- default documents + ├── js/ --- js scripts + ├── vendor/ --- vendor includes + └── views/ --- view templates +``` diff --git a/docs/dev/ot.md b/docs/dev/ot.md new file mode 100644 index 00000000..71f7f78d --- /dev/null +++ b/docs/dev/ot.md @@ -0,0 +1,6 @@ +## Operational Transformation + +From 0.3.2, we started supporting operational transformation. +It makes concurrent editing safe and will not break up other users' operations. +Additionally, now can show other clients' selections. +See more at [http://operational-transformation.github.io/](http://operational-transformation.github.io/) diff --git a/docs/guides/auth/github.md b/docs/guides/auth/github.md index d6a1095e..482bca31 100644 --- a/docs/guides/auth/github.md +++ b/docs/guides/auth/github.md @@ -7,17 +7,17 @@ Authentication guide - GitHub 2. Navigate to developer settings in your GitHub account [here](https://github.com/settings/developers) and select the "OAuth Apps" tab 3. Click on the **New OAuth App** button, to create a new OAuth App: -![create-oauth-app](../images/auth/create-oauth-app.png) +![create-oauth-app](../../images/auth/create-oauth-app.png) 4. Fill out the new OAuth application registration form, and click **Register Application** -![register-oauth-application-form](../images/auth/register-oauth-application-form.png) +![register-oauth-application-form](../../images/auth/register-oauth-application-form.png) *Note: The callback URL is /auth/github/callback* 5. After successfully registering the application, you'll receive the Client ID and Client Secret for the application -![application-page](../images/auth/application-page.png) +![application-page](../../images/auth/application-page.png) 6. Add the Client ID and Client Secret to your config.json file or pass them as environment variables * config.json: diff --git a/docs/guides/auth/gitlab-self-hosted.md b/docs/guides/auth/gitlab-self-hosted.md index 60f62616..d19caf76 100644 --- a/docs/guides/auth/gitlab-self-hosted.md +++ b/docs/guides/auth/gitlab-self-hosted.md @@ -7,12 +7,12 @@ 2. Navigate to the application management page at `https://your.gitlab.domain/admin/applications` (admin permissions required) 3. Click **New application** to create a new application and fill out the registration form: -![New GitLab application](../images/auth/gitlab-new-application.png) +![New GitLab application](../../images/auth/gitlab-new-application.png) 4. Click **Submit** 5. In the list of applications select **HackMD**. Leave that site open to copy the application ID and secret in the next step. -![Application: HackMD](../images/auth/gitlab-application-details.png) +![Application: HackMD](../../images/auth/gitlab-application-details.png) 6. In the `docker-compose.yml` add the following environment variables to `app:` `environment:` @@ -29,4 +29,4 @@ 7. Run `docker-compose up -d` to apply your settings. 8. Sign in to your HackMD using your GitLab ID: -![Sign in via GitLab](../images/auth/gitlab-sign-in.png) +![Sign in via GitLab](../../images/auth/gitlab-sign-in.png) diff --git a/docs/guides/auth/mattermost-self-hosted.md b/docs/guides/auth/mattermost-self-hosted.md index 631aabd3..e3050595 100644 --- a/docs/guides/auth/mattermost-self-hosted.md +++ b/docs/guides/auth/mattermost-self-hosted.md @@ -8,22 +8,22 @@ This guide uses the generic OAuth2 module for compatibility with Mattermost vers 1. Sign-in with an administrator account to your Mattermost instance 2. Make sure **OAuth 2.0 Service Provider** is enabled in the Main Menu (menu button next to your username in the top left corner) --> System Console --> Custom Integrations menu, which you can find at `https://your.mattermost.domain/admin_console/integrations/custom` -![mattermost-enable-oauth2](../images/auth/mattermost-enable-oauth2.png) +![mattermost-enable-oauth2](../../images/auth/mattermost-enable-oauth2.png) 3. Navigate to the OAuth integration settings through Main Menu --> Integrations --> OAuth 2.0 Applications, at `https://your.mattermost.domain/yourteam/integrations/oauth2-apps` 4. Click on the **Add OAuth 2.0 Application** button to add a new OAuth application -![mattermost-oauth-app-add](../images/auth/mattermost-oauth-app-add.png) +![mattermost-oauth-app-add](../../images/auth/mattermost-oauth-app-add.png) 5. Fill out the form and click **Save** -![mattermost-oauth-app-form](../images/auth/mattermost-oauth-app-form.png) +![mattermost-oauth-app-form](../../images/auth/mattermost-oauth-app-form.png) *Note: The callback URL is \/auth/oauth2/callback* 6. After saving the application, you'll receive the Client ID and Client Secret -![mattermost-oauth-app-done](../images/auth/mattermost-oauth-app-done.png) +![mattermost-oauth-app-done](../../images/auth/mattermost-oauth-app-done.png) 7. Add the Client ID and Client Secret to your config.json file or pass them as environment variables * config.json: diff --git a/docs/guides/auth/nextcloud.md b/docs/guides/auth/nextcloud.md index 108772dd..42db8b42 100644 --- a/docs/guides/auth/nextcloud.md +++ b/docs/guides/auth/nextcloud.md @@ -10,14 +10,14 @@ This guide uses the generic OAuth2 module for compatibility with Nextcloud 13 an 2. Navigate to the OAuth integration settings: Profile Icon (top right) --> Settings Then choose Security Settings from the *Administration* part of the list - Don't confuse this with Personal Security Settings, where you would change your personal password! At the top there's OAuth 2.0-Clients. - ![Where to find OAuth2 in Nextcloud](../images/auth/nextcloud-oauth2-1-settings.png) + ![Where to find OAuth2 in Nextcloud](../../images/auth/nextcloud-oauth2-1-settings.png) 3. Add your CodiMD instance by giving it a *name* (perhaps CodiMD, but could be anything) and a *Redirection-URI*. The Redirection-URI will be `\/auth/oauth2/callback`. Click Add. - ![Adding a client to Nextcloud](../images/auth/nextcloud-oauth2-2-client-add.png) + ![Adding a client to Nextcloud](../../images/auth/nextcloud-oauth2-2-client-add.png) 4. You'll now see a line containing a *client identifier* and a *Secret*. - ![Successfully added OAuth2-client](../images/auth/nextcloud-oauth2-3-clientid-secret.png) + ![Successfully added OAuth2-client](../../images/auth/nextcloud-oauth2-3-clientid-secret.png) 5. That's it for Nextcloud, the rest is configured in your CodiMD `config.json` or via the `CMD_` environment variables! diff --git a/docs/guides/auth/oauth.md b/docs/guides/auth/oauth.md new file mode 100644 index 00000000..46314e26 --- /dev/null +++ b/docs/guides/auth/oauth.md @@ -0,0 +1,12 @@ +# OAuth general information + +| service | callback URL (after the server URL) | +| ------- | --------- | +| facebook | `/auth/facebook/callback` | +| twitter | `/auth/twitter/callback` | +| github | `/auth/github/callback` | +| gitlab | `/auth/gitlab/callback` | +| mattermost | `/auth/mattermost/callback` | +| dropbox | `/auth/dropbox/callback` | +| google | `/auth/google/callback` | +| saml | `/auth/saml/callback` | diff --git a/docs/guides/auth/saml-onelogin.md b/docs/guides/auth/saml-onelogin.md index 02a5ffac..14ce61a5 100644 --- a/docs/guides/auth/saml-onelogin.md +++ b/docs/guides/auth/saml-onelogin.md @@ -7,15 +7,15 @@ Authentication guide - SAML (OneLogin) 2. Go to the administration page. 3. Select the **APPS** menu and click on the **Add Apps**. -![onelogin-add-app](../images/auth/onelogin-add-app.png) +![onelogin-add-app](../../images/auth/onelogin-add-app.png) 4. Find "SAML Test Connector (SP)" for template of settings and select it. -![onelogin-select-template](../images/auth/onelogin-select-template.png) +![onelogin-select-template](../../images/auth/onelogin-select-template.png) 5. Edit display name and icons for OneLogin dashboard as you want, and click **SAVE**. -![onelogin-edit-app-name](../images/auth/onelogin-edit-app-name.png) +![onelogin-edit-app-name](../../images/auth/onelogin-edit-app-name.png) 6. After that other tabs will appear, click the **Configuration**, and fill out the below items, and click **SAVE**. * RelayState: The base URL of your hackmd, which is issuer. (last slash is not needed) @@ -23,13 +23,13 @@ Authentication guide - SAML (OneLogin) * ACS (Consumer) URL: same as above. * Login URL: login URL(SAML requester) of your hackmd. (serverurl + /auth/saml) -![onelogin-edit-sp-metadata](../images/auth/onelogin-edit-sp-metadata.png) +![onelogin-edit-sp-metadata](../../images/auth/onelogin-edit-sp-metadata.png) 7. The registration is completed. Next, click **SSO** and copy or download the items below. * X.509 Certificate: Click **View Details** and **DOWNLOAD** or copy the content of certificate ....(A) * SAML 2.0 Endpoint (HTTP): Copy the URL ....(B) -![onelogin-copy-idp-metadata](../images/auth/onelogin-copy-idp-metadata.png) +![onelogin-copy-idp-metadata](../../images/auth/onelogin-copy-idp-metadata.png) 8. In your hackmd server, create IdP certificate file from (A) 9. Add the IdP URL (B) and the Idp certificate file path to your config.json file or pass them as environment variables. @@ -51,4 +51,4 @@ Authentication guide - SAML (OneLogin) ```` 10. Try sign-in with SAML from your hackmd sign-in button or OneLogin dashboard (like the screenshot below). -![onelogin-use-dashboard](../images/auth/onelogin-use-dashboard.png) +![onelogin-use-dashboard](../../images/auth/onelogin-use-dashboard.png) diff --git a/docs/guides/auth/twitter.md b/docs/guides/auth/twitter.md index 1b96288f..da35a4e3 100644 --- a/docs/guides/auth/twitter.md +++ b/docs/guides/auth/twitter.md @@ -7,11 +7,11 @@ Authentication guide - Twitter 2. Go to the Twitter Application management page [here](https://apps.twitter.com/) 3. Click on the **Create New App** button to create a new Twitter app: -![create-twitter-app](../images/auth/create-twitter-app.png) +![create-twitter-app](../../images/auth/create-twitter-app.png) 4. Fill out the create application form, check the developer agreement box, and click **Create Your Twitter Application** -![register-twitter-application](../images/auth/register-twitter-application.png) +![register-twitter-application](../../images/auth/register-twitter-application.png) *Note: you may have to register your phone number with Twitter to create a Twitter application* @@ -19,11 +19,11 @@ To do this Click your profile icon --> Settings and privacy --> Mobile --> Sele 5. After you receive confirmation that the Twitter application was created, click **Keys and Access Tokens** -![twitter-app-confirmation](../images/auth/twitter-app-confirmation.png) +![twitter-app-confirmation](../../images/auth/twitter-app-confirmation.png) 6. Obtain your Twitter Consumer Key and Consumer Secret -![twitter-app-keys](../images/auth/twitter-app-keys.png) +![twitter-app-keys](../../images/auth/twitter-app-keys.png) 7. Add your Consumer Key and Consumer Secret to your config.json file or pass them as environment variables: * config.json: diff --git a/docs/guides/images/auth/application-page.png b/docs/guides/images/auth/application-page.png deleted file mode 100644 index a57da017..00000000 Binary files a/docs/guides/images/auth/application-page.png and /dev/null differ diff --git a/docs/guides/images/auth/create-oauth-app.png b/docs/guides/images/auth/create-oauth-app.png deleted file mode 100644 index 07d0b511..00000000 Binary files a/docs/guides/images/auth/create-oauth-app.png and /dev/null differ diff --git a/docs/guides/images/auth/create-twitter-app.png b/docs/guides/images/auth/create-twitter-app.png deleted file mode 100644 index c555464e..00000000 Binary files a/docs/guides/images/auth/create-twitter-app.png and /dev/null differ diff --git a/docs/guides/images/auth/gitlab-application-details.png b/docs/guides/images/auth/gitlab-application-details.png deleted file mode 100644 index 6e042886..00000000 Binary files a/docs/guides/images/auth/gitlab-application-details.png and /dev/null differ diff --git a/docs/guides/images/auth/gitlab-new-application.png b/docs/guides/images/auth/gitlab-new-application.png deleted file mode 100644 index be9e4446..00000000 Binary files a/docs/guides/images/auth/gitlab-new-application.png and /dev/null differ diff --git a/docs/guides/images/auth/gitlab-sign-in.png b/docs/guides/images/auth/gitlab-sign-in.png deleted file mode 100644 index 27aaf6dd..00000000 Binary files a/docs/guides/images/auth/gitlab-sign-in.png and /dev/null differ diff --git a/docs/guides/images/auth/mattermost-enable-oauth2.png b/docs/guides/images/auth/mattermost-enable-oauth2.png deleted file mode 100644 index af5cdbe2..00000000 Binary files a/docs/guides/images/auth/mattermost-enable-oauth2.png and /dev/null differ diff --git a/docs/guides/images/auth/mattermost-oauth-app-add.png b/docs/guides/images/auth/mattermost-oauth-app-add.png deleted file mode 100644 index 4a8cdfa7..00000000 Binary files a/docs/guides/images/auth/mattermost-oauth-app-add.png and /dev/null differ diff --git a/docs/guides/images/auth/mattermost-oauth-app-done.png b/docs/guides/images/auth/mattermost-oauth-app-done.png deleted file mode 100644 index fcf1beaf..00000000 Binary files a/docs/guides/images/auth/mattermost-oauth-app-done.png and /dev/null differ diff --git a/docs/guides/images/auth/mattermost-oauth-app-form.png b/docs/guides/images/auth/mattermost-oauth-app-form.png deleted file mode 100644 index 215947bf..00000000 Binary files a/docs/guides/images/auth/mattermost-oauth-app-form.png and /dev/null differ diff --git a/docs/guides/images/auth/nextcloud-oauth2-1-settings.png b/docs/guides/images/auth/nextcloud-oauth2-1-settings.png deleted file mode 100644 index 82652a54..00000000 Binary files a/docs/guides/images/auth/nextcloud-oauth2-1-settings.png and /dev/null differ diff --git a/docs/guides/images/auth/nextcloud-oauth2-2-client-add.png b/docs/guides/images/auth/nextcloud-oauth2-2-client-add.png deleted file mode 100644 index 7909fa62..00000000 Binary files a/docs/guides/images/auth/nextcloud-oauth2-2-client-add.png and /dev/null differ diff --git a/docs/guides/images/auth/nextcloud-oauth2-3-clientid-secret.png b/docs/guides/images/auth/nextcloud-oauth2-3-clientid-secret.png deleted file mode 100644 index b05513d1..00000000 Binary files a/docs/guides/images/auth/nextcloud-oauth2-3-clientid-secret.png and /dev/null differ diff --git a/docs/guides/images/auth/onelogin-add-app.png b/docs/guides/images/auth/onelogin-add-app.png deleted file mode 100644 index 356bb852..00000000 Binary files a/docs/guides/images/auth/onelogin-add-app.png and /dev/null differ diff --git a/docs/guides/images/auth/onelogin-copy-idp-metadata.png b/docs/guides/images/auth/onelogin-copy-idp-metadata.png deleted file mode 100644 index 7185f537..00000000 Binary files a/docs/guides/images/auth/onelogin-copy-idp-metadata.png and /dev/null differ diff --git a/docs/guides/images/auth/onelogin-edit-app-name.png b/docs/guides/images/auth/onelogin-edit-app-name.png deleted file mode 100644 index 634d1916..00000000 Binary files a/docs/guides/images/auth/onelogin-edit-app-name.png and /dev/null differ diff --git a/docs/guides/images/auth/onelogin-edit-sp-metadata.png b/docs/guides/images/auth/onelogin-edit-sp-metadata.png deleted file mode 100644 index 111580b1..00000000 Binary files a/docs/guides/images/auth/onelogin-edit-sp-metadata.png and /dev/null differ diff --git a/docs/guides/images/auth/onelogin-select-template.png b/docs/guides/images/auth/onelogin-select-template.png deleted file mode 100644 index 13401816..00000000 Binary files a/docs/guides/images/auth/onelogin-select-template.png and /dev/null differ diff --git a/docs/guides/images/auth/onelogin-use-dashboard.png b/docs/guides/images/auth/onelogin-use-dashboard.png deleted file mode 100644 index ea9038ff..00000000 Binary files a/docs/guides/images/auth/onelogin-use-dashboard.png and /dev/null differ diff --git a/docs/guides/images/auth/register-oauth-application-form.png b/docs/guides/images/auth/register-oauth-application-form.png deleted file mode 100644 index bd27fd70..00000000 Binary files a/docs/guides/images/auth/register-oauth-application-form.png and /dev/null differ diff --git a/docs/guides/images/auth/register-twitter-application.png b/docs/guides/images/auth/register-twitter-application.png deleted file mode 100644 index 442eb680..00000000 Binary files a/docs/guides/images/auth/register-twitter-application.png and /dev/null differ diff --git a/docs/guides/images/auth/twitter-app-confirmation.png b/docs/guides/images/auth/twitter-app-confirmation.png deleted file mode 100644 index e24e9d56..00000000 Binary files a/docs/guides/images/auth/twitter-app-confirmation.png and /dev/null differ diff --git a/docs/guides/images/auth/twitter-app-keys.png b/docs/guides/images/auth/twitter-app-keys.png deleted file mode 100644 index e13be110..00000000 Binary files a/docs/guides/images/auth/twitter-app-keys.png and /dev/null differ diff --git a/docs/guides/images/minio-image-upload/create-bucket.png b/docs/guides/images/minio-image-upload/create-bucket.png deleted file mode 100644 index ccfb6715..00000000 Binary files a/docs/guides/images/minio-image-upload/create-bucket.png and /dev/null differ diff --git a/docs/guides/images/minio-image-upload/create-policy.png b/docs/guides/images/minio-image-upload/create-policy.png deleted file mode 100644 index f9cbd3bf..00000000 Binary files a/docs/guides/images/minio-image-upload/create-policy.png and /dev/null differ diff --git a/docs/guides/images/minio-image-upload/default-view.png b/docs/guides/images/minio-image-upload/default-view.png deleted file mode 100644 index fadb50a4..00000000 Binary files a/docs/guides/images/minio-image-upload/default-view.png and /dev/null differ diff --git a/docs/guides/images/minio-image-upload/docker-logs.png b/docs/guides/images/minio-image-upload/docker-logs.png deleted file mode 100644 index a25f349a..00000000 Binary files a/docs/guides/images/minio-image-upload/docker-logs.png and /dev/null differ diff --git a/docs/guides/images/minio-image-upload/open-edit-policy.png b/docs/guides/images/minio-image-upload/open-edit-policy.png deleted file mode 100644 index 1dac7bea..00000000 Binary files a/docs/guides/images/minio-image-upload/open-edit-policy.png and /dev/null differ diff --git a/docs/guides/images/s3-image-upload/bucket-policy-editor.png b/docs/guides/images/s3-image-upload/bucket-policy-editor.png deleted file mode 100644 index d5f4427f..00000000 Binary files a/docs/guides/images/s3-image-upload/bucket-policy-editor.png and /dev/null differ diff --git a/docs/guides/images/s3-image-upload/bucket-property.png b/docs/guides/images/s3-image-upload/bucket-property.png deleted file mode 100644 index 9f4dc828..00000000 Binary files a/docs/guides/images/s3-image-upload/bucket-property.png and /dev/null differ diff --git a/docs/guides/images/s3-image-upload/create-bucket.png b/docs/guides/images/s3-image-upload/create-bucket.png deleted file mode 100644 index 925f0926..00000000 Binary files a/docs/guides/images/s3-image-upload/create-bucket.png and /dev/null differ diff --git a/docs/guides/images/s3-image-upload/custom-policy.png b/docs/guides/images/s3-image-upload/custom-policy.png deleted file mode 100644 index 01c570cd..00000000 Binary files a/docs/guides/images/s3-image-upload/custom-policy.png and /dev/null differ diff --git a/docs/guides/images/s3-image-upload/iam-user.png b/docs/guides/images/s3-image-upload/iam-user.png deleted file mode 100644 index b26be122..00000000 Binary files a/docs/guides/images/s3-image-upload/iam-user.png and /dev/null differ diff --git a/docs/guides/images/s3-image-upload/review-policy.png b/docs/guides/images/s3-image-upload/review-policy.png deleted file mode 100644 index 7173788a..00000000 Binary files a/docs/guides/images/s3-image-upload/review-policy.png and /dev/null differ diff --git a/docs/guides/migrations-and-breaking-changes.md b/docs/guides/migrations-and-breaking-changes.md new file mode 100644 index 00000000..f5a416f6 --- /dev/null +++ b/docs/guides/migrations-and-breaking-changes.md @@ -0,0 +1,58 @@ +# Migrations and Notable Changes + +## Migrating to 1.3.2 + +This is not a breaking change, but to stay up to date with the community +repository, you may need to update a few urls. This is not a breaking change. + +See more at [issue #10](https://github.com/codimd/server/issues/10) + +**Native setup using git:** + +Change the upstream remote using `git remote set-url origin https://github.com/codimd/server.git`. + +**Docker:** + +When you use our [container repository](https://github.com/codimd/container) +(which was previously `codimd-container`) all you can simply run `git pull` and +your `docker-compose.yml` will be updated. + +When you setup things yourself, make sure you use the new image: +[`quay.io/codimd/server`](https://quay.io/repository/codimd/server?tab=tags). + +**Heroku:** + +All you need to do is [disconnect GitHub](https://devcenter.heroku.com/articles/github-integration#disconnecting-from-github) +and [reconnect it](https://devcenter.heroku.com/articles/github-integration#enabling-github-integration) +with this new repository. + +Or you can use our Heroku button and redeploy your instance and link the old +database again. + +## Migrating to 1.1.0 + +We deprecated the older lower case config style and moved on to camel case style. Please have a look at the current `config.json.example` and check the warnings on startup. + +*Notice: This is not a breaking change right now but will be in the future* + +## Migrating to 0.5.0 + +[**migration-to-0.5.0**](https://github.com/hackmdio/migration-to-0.5.0) + +We don't use LZString to compress socket.io data and DB data after version 0.5.0. +Please run the migration tool if you're upgrading from the old version. + +## Migrating to 0.4.0 + +[**migration-to-0.4.0**](https://github.com/hackmdio/migration-to-0.4.0) + +We've dropped MongoDB after version 0.4.0. +So here is the migration tool for you to transfer the old DB data to the new DB. +This tool is also used for official service. + +## Operational Transformation in 0.3.2 + +From 0.3.2, we started supporting operational transformation. +It makes concurrent editing safe and will not break up other users' operations. +Additionally, now can show other clients' selections. +See more at [http://operational-transformation.github.io/](http://operational-transformation.github.io/) diff --git a/docs/guides/minio-image-upload.md b/docs/guides/minio-image-upload.md index 7f5796ca..1544e249 100644 --- a/docs/guides/minio-image-upload.md +++ b/docs/guides/minio-image-upload.md @@ -22,22 +22,22 @@ Minio Guide for CodiMD docker logs test-minio ``` - ![docker logs](images/minio-image-upload/docker-logs.png) + ![docker logs](../images/minio-image-upload/docker-logs.png) 3. Open http://localhost:9000 and login with the shown credentials. - ![minio default view](images/minio-image-upload/default-view.png) + ![minio default view](../images/minio-image-upload/default-view.png) 4. Create a bucket for HackMD - ![minio create bucket](images/minio-image-upload/create-bucket.png) + ![minio create bucket](../images/minio-image-upload/create-bucket.png) 5. Add a policy for the prefix `uploads` and make it read-only. - ![minio edit policy](images/minio-image-upload/open-edit-policy.png) + ![minio edit policy](../images/minio-image-upload/open-edit-policy.png) *Open policy editor* - ![minio policy adding](images/minio-image-upload/create-policy.png) + ![minio policy adding](../images/minio-image-upload/create-policy.png) *Add policy for uploads* 6. Set credentials and configs for Minio in HackMD's `config.json` diff --git a/docs/guides/s3-image-upload.md b/docs/guides/s3-image-upload.md index 40ab868a..29437019 100644 --- a/docs/guides/s3-image-upload.md +++ b/docs/guides/s3-image-upload.md @@ -4,15 +4,15 @@ 1. Go to [AWS S3 console](https://console.aws.amazon.com/s3/home) and create a new bucket. - ![create-bucket](images/s3-image-upload/create-bucket.png) + ![create-bucket](../images/s3-image-upload/create-bucket.png) 2. Click on bucket, select **Properties** on the side panel, and find **Permission** section. Click **Edit bucket policy**. - ![bucket-property](images/s3-image-upload/bucket-property.png) + ![bucket-property](../images/s3-image-upload/bucket-property.png) 3. Enter the following policy, replace `bucket_name` with your bucket name: - ![bucket-policy-editor](images/s3-image-upload/bucket-policy-editor.png) + ![bucket-policy-editor](../images/s3-image-upload/bucket-policy-editor.png) ```json { @@ -32,15 +32,15 @@ 5. Enter user page, select **Permission** tab, look at **Inline Policies** section, and click **Create User Policy** - ![iam-user](images/s3-image-upload/iam-user.png) + ![iam-user](../images/s3-image-upload/iam-user.png) 6. Select **Custom Policy** - ![custom-policy](images/s3-image-upload/custom-policy.png) + ![custom-policy](../images/s3-image-upload/custom-policy.png) 7. Enter the following policy, replace `bucket_name` with your bucket name: - ![review-policy](images/s3-image-upload/review-policy.png) + ![review-policy](../images/s3-image-upload/review-policy.png) ```json { diff --git a/docs/history.md b/docs/history.md new file mode 100644 index 00000000..b1dfde8a --- /dev/null +++ b/docs/history.md @@ -0,0 +1,39 @@ +# History of CodiMD + +## It started with HackMD + +HackMD is the origin of this project, which was mostly developed by Max Wu and +Yukai Huang. Originally, this was open source under MIT license, but was +[relicensed in October 2017 to be AGPLv3](https://github.com/hackmdio/codimd/pull/578). +At the same time, [hackmd.io](https://hackmd.io) was founded to offer a +commercial version of HackMD. + +The AGPLv3-version was developed and released by the community, this was for a +while referred to as "HackMD community edition". + +*For more on the splitting of the projects, please refer to [A note to our community (2017-10-11)](https://hackmd.io/c/community-news/https%3A%2F%2Fhackmd.io%2Fs%2Fr1_4j9_hZ).* + + +## HackMD CE became CodiMD + +In June 2018, CodiMD was renamed from its former name "HackMD" and continued to +be developed under AGPLv3 by the community. We decided to change the name to +break the confusion between HackMD (enterprise offering) and CodiMD (community +project), as people mistook it for an open core development model. + +*For the whole renaming story, see the [issue where the renaming was discussed](https://github.com/hackmdio/hackmd/issues/720).* + + +## CodiMD went independent + +In March 2019, a discussion over licensing, governance and the future of CodiMD +lead to the formation of a distinct GitHub organization. Up to that point, the +community project resided in the organization of hackmdio but was for the most +part self-organized. + +During that debate, we did not reach an agreement that would have allowed us to +move the repository, so we simply forked it. We still welcome the HackMD team +as part of our community, especially since a large portion of this code base +originated with them. + +*For the debate that lead to this step, please refer to the [governance debate](https://github.com/hackmdio/hackmd/issues/1170) and [the announcement of the new repository](https://github.com/codimd/server/issues/10).* diff --git a/docs/images/CodiMD-1.3.2-features.png b/docs/images/CodiMD-1.3.2-features.png new file mode 100644 index 00000000..952efe30 Binary files /dev/null and b/docs/images/CodiMD-1.3.2-features.png differ diff --git a/docs/images/auth/application-page.png b/docs/images/auth/application-page.png new file mode 100644 index 00000000..a57da017 Binary files /dev/null and b/docs/images/auth/application-page.png differ diff --git a/docs/images/auth/create-oauth-app.png b/docs/images/auth/create-oauth-app.png new file mode 100644 index 00000000..07d0b511 Binary files /dev/null and b/docs/images/auth/create-oauth-app.png differ diff --git a/docs/images/auth/create-twitter-app.png b/docs/images/auth/create-twitter-app.png new file mode 100644 index 00000000..c555464e Binary files /dev/null and b/docs/images/auth/create-twitter-app.png differ diff --git a/docs/images/auth/gitlab-application-details.png b/docs/images/auth/gitlab-application-details.png new file mode 100644 index 00000000..6e042886 Binary files /dev/null and b/docs/images/auth/gitlab-application-details.png differ diff --git a/docs/images/auth/gitlab-new-application.png b/docs/images/auth/gitlab-new-application.png new file mode 100644 index 00000000..be9e4446 Binary files /dev/null and b/docs/images/auth/gitlab-new-application.png differ diff --git a/docs/images/auth/gitlab-sign-in.png b/docs/images/auth/gitlab-sign-in.png new file mode 100644 index 00000000..27aaf6dd Binary files /dev/null and b/docs/images/auth/gitlab-sign-in.png differ diff --git a/docs/images/auth/mattermost-enable-oauth2.png b/docs/images/auth/mattermost-enable-oauth2.png new file mode 100644 index 00000000..af5cdbe2 Binary files /dev/null and b/docs/images/auth/mattermost-enable-oauth2.png differ diff --git a/docs/images/auth/mattermost-oauth-app-add.png b/docs/images/auth/mattermost-oauth-app-add.png new file mode 100644 index 00000000..4a8cdfa7 Binary files /dev/null and b/docs/images/auth/mattermost-oauth-app-add.png differ diff --git a/docs/images/auth/mattermost-oauth-app-done.png b/docs/images/auth/mattermost-oauth-app-done.png new file mode 100644 index 00000000..fcf1beaf Binary files /dev/null and b/docs/images/auth/mattermost-oauth-app-done.png differ diff --git a/docs/images/auth/mattermost-oauth-app-form.png b/docs/images/auth/mattermost-oauth-app-form.png new file mode 100644 index 00000000..215947bf Binary files /dev/null and b/docs/images/auth/mattermost-oauth-app-form.png differ diff --git a/docs/images/auth/nextcloud-oauth2-1-settings.png b/docs/images/auth/nextcloud-oauth2-1-settings.png new file mode 100644 index 00000000..82652a54 Binary files /dev/null and b/docs/images/auth/nextcloud-oauth2-1-settings.png differ diff --git a/docs/images/auth/nextcloud-oauth2-2-client-add.png b/docs/images/auth/nextcloud-oauth2-2-client-add.png new file mode 100644 index 00000000..7909fa62 Binary files /dev/null and b/docs/images/auth/nextcloud-oauth2-2-client-add.png differ diff --git a/docs/images/auth/nextcloud-oauth2-3-clientid-secret.png b/docs/images/auth/nextcloud-oauth2-3-clientid-secret.png new file mode 100644 index 00000000..b05513d1 Binary files /dev/null and b/docs/images/auth/nextcloud-oauth2-3-clientid-secret.png differ diff --git a/docs/images/auth/onelogin-add-app.png b/docs/images/auth/onelogin-add-app.png new file mode 100644 index 00000000..356bb852 Binary files /dev/null and b/docs/images/auth/onelogin-add-app.png differ diff --git a/docs/images/auth/onelogin-copy-idp-metadata.png b/docs/images/auth/onelogin-copy-idp-metadata.png new file mode 100644 index 00000000..7185f537 Binary files /dev/null and b/docs/images/auth/onelogin-copy-idp-metadata.png differ diff --git a/docs/images/auth/onelogin-edit-app-name.png b/docs/images/auth/onelogin-edit-app-name.png new file mode 100644 index 00000000..634d1916 Binary files /dev/null and b/docs/images/auth/onelogin-edit-app-name.png differ diff --git a/docs/images/auth/onelogin-edit-sp-metadata.png b/docs/images/auth/onelogin-edit-sp-metadata.png new file mode 100644 index 00000000..111580b1 Binary files /dev/null and b/docs/images/auth/onelogin-edit-sp-metadata.png differ diff --git a/docs/images/auth/onelogin-select-template.png b/docs/images/auth/onelogin-select-template.png new file mode 100644 index 00000000..13401816 Binary files /dev/null and b/docs/images/auth/onelogin-select-template.png differ diff --git a/docs/images/auth/onelogin-use-dashboard.png b/docs/images/auth/onelogin-use-dashboard.png new file mode 100644 index 00000000..ea9038ff Binary files /dev/null and b/docs/images/auth/onelogin-use-dashboard.png differ diff --git a/docs/images/auth/register-oauth-application-form.png b/docs/images/auth/register-oauth-application-form.png new file mode 100644 index 00000000..bd27fd70 Binary files /dev/null and b/docs/images/auth/register-oauth-application-form.png differ diff --git a/docs/images/auth/register-twitter-application.png b/docs/images/auth/register-twitter-application.png new file mode 100644 index 00000000..442eb680 Binary files /dev/null and b/docs/images/auth/register-twitter-application.png differ diff --git a/docs/images/auth/twitter-app-confirmation.png b/docs/images/auth/twitter-app-confirmation.png new file mode 100644 index 00000000..e24e9d56 Binary files /dev/null and b/docs/images/auth/twitter-app-confirmation.png differ diff --git a/docs/images/auth/twitter-app-keys.png b/docs/images/auth/twitter-app-keys.png new file mode 100644 index 00000000..e13be110 Binary files /dev/null and b/docs/images/auth/twitter-app-keys.png differ diff --git a/docs/images/minio-image-upload/create-bucket.png b/docs/images/minio-image-upload/create-bucket.png new file mode 100644 index 00000000..ccfb6715 Binary files /dev/null and b/docs/images/minio-image-upload/create-bucket.png differ diff --git a/docs/images/minio-image-upload/create-policy.png b/docs/images/minio-image-upload/create-policy.png new file mode 100644 index 00000000..f9cbd3bf Binary files /dev/null and b/docs/images/minio-image-upload/create-policy.png differ diff --git a/docs/images/minio-image-upload/default-view.png b/docs/images/minio-image-upload/default-view.png new file mode 100644 index 00000000..fadb50a4 Binary files /dev/null and b/docs/images/minio-image-upload/default-view.png differ diff --git a/docs/images/minio-image-upload/docker-logs.png b/docs/images/minio-image-upload/docker-logs.png new file mode 100644 index 00000000..a25f349a Binary files /dev/null and b/docs/images/minio-image-upload/docker-logs.png differ diff --git a/docs/images/minio-image-upload/open-edit-policy.png b/docs/images/minio-image-upload/open-edit-policy.png new file mode 100644 index 00000000..1dac7bea Binary files /dev/null and b/docs/images/minio-image-upload/open-edit-policy.png differ diff --git a/docs/images/s3-image-upload/bucket-policy-editor.png b/docs/images/s3-image-upload/bucket-policy-editor.png new file mode 100644 index 00000000..d5f4427f Binary files /dev/null and b/docs/images/s3-image-upload/bucket-policy-editor.png differ diff --git a/docs/images/s3-image-upload/bucket-property.png b/docs/images/s3-image-upload/bucket-property.png new file mode 100644 index 00000000..9f4dc828 Binary files /dev/null and b/docs/images/s3-image-upload/bucket-property.png differ diff --git a/docs/images/s3-image-upload/create-bucket.png b/docs/images/s3-image-upload/create-bucket.png new file mode 100644 index 00000000..925f0926 Binary files /dev/null and b/docs/images/s3-image-upload/create-bucket.png differ diff --git a/docs/images/s3-image-upload/custom-policy.png b/docs/images/s3-image-upload/custom-policy.png new file mode 100644 index 00000000..01c570cd Binary files /dev/null and b/docs/images/s3-image-upload/custom-policy.png differ diff --git a/docs/images/s3-image-upload/iam-user.png b/docs/images/s3-image-upload/iam-user.png new file mode 100644 index 00000000..b26be122 Binary files /dev/null and b/docs/images/s3-image-upload/iam-user.png differ diff --git a/docs/images/s3-image-upload/review-policy.png b/docs/images/s3-image-upload/review-policy.png new file mode 100644 index 00000000..7173788a Binary files /dev/null and b/docs/images/s3-image-upload/review-policy.png differ diff --git a/docs/setup/cloudron.md b/docs/setup/cloudron.md new file mode 100644 index 00000000..edab7d0d --- /dev/null +++ b/docs/setup/cloudron.md @@ -0,0 +1,5 @@ +## Cloudron + +Install CodiMD on [Cloudron](https://cloudron.io): + +[![Install](https://cloudron.io/img/button.svg)](https://cloudron.io/button.html?app=io.hackmd.cloudronapp) diff --git a/docs/setup/docker.md b/docs/setup/docker.md new file mode 100644 index 00000000..defe467a --- /dev/null +++ b/docs/setup/docker.md @@ -0,0 +1,22 @@ + +## CodiMD by docker container +[![Try in PWD](https://cdn.rawgit.com/play-with-docker/stacks/cff22438/assets/images/button.png)](http://play-with-docker.com?stack=https://github.com/codimd/container/raw/master/docker-compose.yml&stack_name=codimd) + + +**Debian-based version:** + +[![Docker Repository on Quay](https://quay.io/repository/codimd/server/status "Docker Repository on Quay")](https://quay.io/repository/codimd/server) + + +**Alpine-based version:** + +[![Docker Repository on Quay](https://quay.io/repository/codimd/server/status "Docker Repository on Quay")](https://quay.io/repository/codimd/server) + +The easiest way to setup CodiMD using docker are using the following three commands: + +```console +git clone https://github.com/codimd/container.git +cd codimd-container +docker-compose up +``` +Read more about it in the [container repository…](https://github.com/codimd/container) diff --git a/docs/setup/heroku.md b/docs/setup/heroku.md new file mode 100644 index 00000000..86b4ecae --- /dev/null +++ b/docs/setup/heroku.md @@ -0,0 +1,6 @@ +## Heroku Deployment + +You can quickly setup a sample Heroku CodiMD application by clicking the button +below. + +[![Deploy on Heroku](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy?template=https://github.com/codimd/server/tree/master) diff --git a/docs/setup/kubernetes.md b/docs/setup/kubernetes.md new file mode 100644 index 00000000..400e2b4f --- /dev/null +++ b/docs/setup/kubernetes.md @@ -0,0 +1,5 @@ +## Kubernetes + +To install use `helm install stable/hackmd`. + +For all further details, please check out the offical CodiMD [K8s helm chart](https://github.com/kubernetes/charts/tree/master/stable/hackmd). diff --git a/docs/setup/manual-setup.md b/docs/setup/manual-setup.md new file mode 100644 index 00000000..25869ee0 --- /dev/null +++ b/docs/setup/manual-setup.md @@ -0,0 +1,37 @@ +# Manual Installation + +## Requirements on your server + +- Node.js 6.x or up (test up to 7.5.0) and <10.x +- Database (PostgreSQL, MySQL, MariaDB, SQLite, MSSQL) use charset `utf8` +- npm (and its dependencies, [node-gyp](https://github.com/nodejs/node-gyp#installation)) +- `libssl-dev` for building scrypt (see [here](https://github.com/ml1nk/node-scrypt/blob/master/README.md#installation-instructions) for further information) +- For **building** CodiMD we recommend to use a machine with at least **2GB** RAM + +## Instructions + +1. Download a release and unzip or clone into a directory +2. Enter the directory and type `bin/setup`, which will install npm dependencies and create configs. The setup script is written in Bash, you would need bash as a prerequisite. +3. Setup the configs, see more below +4. Setup environment variables which will overwrite the configs +5. Build front-end bundle by `npm run build` (use `npm run dev` if you are in development) +6. Modify the file named `.sequelizerc`, change the value of the variable `url` with your db connection string + For example: `postgres://username:password@localhost:5432/codimd` +7. Run `node_modules/.bin/sequelize db:migrate`, this step will migrate your db to the latest schema +8. Run the server as you like (node, forever, pm2) + + +## How to upgrade your installation + +:warning: When you are still running from the old repository, please run: `git remote set-url origin https://github.com/codimd/server.git` :warning: + +If you are upgrading CodiMD from an older version, follow these steps: + +1. Fully stop your old server first (important) +2. `git pull` or do whatever that updates the files +3. `npm install` to update dependencies +4. Build front-end bundle by `npm run build` (use `npm run dev` if you are in development) +5. Modify the file named `.sequelizerc`, change the value of the variable `url` with your db connection string + For example: `postgres://username:password@localhost:5432/codimd` +6. Run `node_modules/.bin/sequelize db:migrate`, this step will migrate your db to the latest schema +7. Start your whole new server! -- cgit v1.2.3 From fb973d2a6f4b9873bd89cf0e3dcffa2472bdec39 Mon Sep 17 00:00:00 2001 From: Claudius Date: Sun, 31 Mar 2019 16:19:19 +0200 Subject: removing doctoc, which is no longer being used Signed-off-by: Claudius --- .travis.yml | 7 ------- package.json | 4 +--- 2 files changed, 1 insertion(+), 10 deletions(-) diff --git a/.travis.yml b/.travis.yml index 52da97f7..37e33525 100644 --- a/.travis.yml +++ b/.travis.yml @@ -30,13 +30,6 @@ jobs: script: - shellcheck bin/heroku bin/setup language: generic - - env: task=doctoc - install: npm install doctoc - script: - - cp README.md README.md.orig - - npm run doctoc - - diff -q README.md README.md.orig - language: generic - env: task=json-lint addons: apt: diff --git a/package.json b/package.json index c17c0dba..f265c6f4 100644 --- a/package.json +++ b/package.json @@ -12,8 +12,7 @@ "dev": "webpack --config webpack.dev.js --progress --colors --watch", "heroku-prebuild": "bin/heroku", "build": "webpack --config webpack.prod.js --progress --colors --bail", - "start": "sequelize db:migrate && node app.js", - "doctoc": "doctoc --title='# Table of Contents' README.md" + "start": "sequelize db:migrate && node app.js" }, "dependencies": { "@passport-next/passport-openid": "^1.0.0", @@ -172,7 +171,6 @@ "babel-runtime": "^6.26.0", "copy-webpack-plugin": "^4.5.2", "css-loader": "^1.0.0", - "doctoc": "^1.4.0", "ejs-loader": "^0.3.1", "eslint": "^5.9.0", "eslint-config-standard": "^12.0.0", -- cgit v1.2.3 From 74fdd26ea057dab77e761614497d69d2c90a66d7 Mon Sep 17 00:00:00 2001 From: Claudius Date: Sun, 31 Mar 2019 18:57:26 +0200 Subject: integrating information from the old wiki Signed-off-by: Claudius --- CHANGELOG.md | 7 ++ docs/dev/getting-started.md | 49 ++++++++++++-- docs/slide-options.md | 159 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 211 insertions(+), 4 deletions(-) create mode 100644 CHANGELOG.md create mode 100644 docs/slide-options.md diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 00000000..97224d1e --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,7 @@ +# CHANGELOG + +Please refer to the release notes published under +[`public/docs/release-notes.md`](public/docs/release-notes.md). + +These are also available on each CodiMD instance under +https://[domain-name]/release-notes diff --git a/docs/dev/getting-started.md b/docs/dev/getting-started.md index 6eb1b136..79a97d4a 100644 --- a/docs/dev/getting-started.md +++ b/docs/dev/getting-started.md @@ -1,13 +1,54 @@ # Developer Notes +## Preparing for running the code + +**Notice:** *If you're into [docker](../setup/docker.md) or [heroku](../setup/heroku.md), +there's extra documents for those!* + +1. Clone the repository (Cloning is the preferred way, but you can also download + and unzip a release) +2. Enter the directory and run `bin/setup`, which will install npm dependencies + and create configs. The setup script is written in Bash, you would need bash + as a prerequisite. +3. Setup the [config file](../configuration-config-file.md) or set up + [environment variables](../configuration-env-vars.md). + + +## Running the Code + +Now that everything is in place, we can start CodiMD: + +4. `npm run build` will build the frontend bundle. It uses webpack to do that. +5. Run the server with `node app.js` + + +## Running the Code with Auto-Reload + +The commands above are fine for production, but you're a developer and surely +you want to change things. You would need to restart both commands whenever you +change something. Luckily, you can run these commands that will automatically +rebuild the frontend or restart the server if necessary. + +The commands will stay active in your terminal, so you will need multiple tabs +to run both at the same time. + +4. Use `npm run dev` if you want webpack to continuously rebuild the frontend + code. +5. To auto-reload the server, the easiest method is to install [nodemon](https://www.npmjs.com/package/nodemon) + and run `nodemon --watch app.js --watch lib --watch locales app.js`. + + ## Structure +The repository contains two parts: a server (backend) and a client (frontend). +most of the server code is in `/lib` and most of the client code is in `public`. + ```text -codimd/ -├── test/ --- test suite +codimd-server/ ├── docs/ --- documentation -├── lib/ --- server libraries -└── public/ --- client files +├── lib/ --- server code +├── test/ --- test suite +└── public/ --- client code ├── css/ --- css styles ├── docs/ --- default documents ├── js/ --- js scripts diff --git a/docs/slide-options.md b/docs/slide-options.md new file mode 100644 index 00000000..8da5dc10 --- /dev/null +++ b/docs/slide-options.md @@ -0,0 +1,159 @@ +## Slide Separators +If you're getting started with reveal.js slides, there are a few things you need to know. + +There are two types of slides, those that transition horizontally and those that transition vertically (subslides). + +The following separators are used for each in the hackmd syntax: +``` +# First Slide + +--- + +# Next slide + +---- + +## Subslide +``` +as you can see, horizontal transitions are separated by `---` and vertical transitions by `----` + +## Basic YAML header +It's possible to customise the slide options using the YAML header in the slide markdown. + +eg: +``` +--- +title: Example Slide +tags: presentation +slideOptions: + theme: solarized + transition: 'fade' + # parallaxBackgroundImage: 'https://s3.amazonaws.com/hakim-static/reveal-js/reveal-parallax-1.jpg' +--- +``` +make sure to have two spaces only at the start of the listed slide options. + +you can comment out options with a `#` + +### Some other options +``` +# Display controls in the bottom right corner +controls: true + +# Display a presentation progress bar +progress: true + +# Set default timing of 2 minutes per slide +defaultTiming: 120 + +# Display the page number of the current slide +slideNumber: false + +# Push each slide change to the browser history +history: false + +# Enable keyboard shortcuts for navigation +keyboard: true + +# Enable the slide overview mode +overview: true + +# Vertical centering of slides +center: true + +# Enables touch navigation on devices with touch input +touch: true + +# Loop the presentation +loop: false + +# Change the presentation direction to be RTL +rtl: false + +# Randomizes the order of slides each time the presentation loads +shuffle: false + +# Turns fragments on and off globally +fragments: true + +# Flags if the presentation is running in an embedded mode, +# i.e. contained within a limited portion of the screen +embedded: false + +# Flags if we should show a help overlay when the questionmark +# key is pressed +help: true + +# Flags if speaker notes should be visible to all viewers +showNotes: false + +# Global override for autolaying embedded media (video/audio/iframe) +# - null: Media will only autoplay if data-autoplay is present +# - true: All media will autoplay, regardless of individual setting +# - false: No media will autoplay, regardless of individual setting +autoPlayMedia: null + +# Number of milliseconds between automatically proceeding to the +# next slide, disabled when set to 0, this value can be overwritten +# by using a data-autoslide attribute on your slides +autoSlide: 0 + +# Stop auto-sliding after user input +autoSlideStoppable: true + +# Use this method for navigation when auto-sliding +autoSlideMethod: Reveal.navigateNext + +# Enable slide navigation via mouse wheel +mouseWheel: false + +# Hides the address bar on mobile devices +hideAddressBar: true + +# Opens links in an iframe preview overlay +previewLinks: false + +# Transition style +transition: 'slide' +# none/fade/slide/convex/concave/zoom + +# Transition speed +transitionSpeed: 'default' +# default/fast/slow + +# Transition style for full page slide backgrounds +backgroundTransition: 'fade' +# none/fade/slide/convex/concave/zoom + +# Number of slides away from the current that are visible +viewDistance: 3 + +# Parallax background image +parallaxBackgroundImage: '' +# e.g. "'https://s3.amazonaws.com/hakim-static/reveal-js/reveal-parallax-1.jpg'" + +# Parallax background size +parallaxBackgroundSize: '' +# CSS syntax, e.g. "2100px 900px" + +# Number of pixels to move the parallax background per slide +# - Calculated automatically unless specified +# - Set to 0 to disable movement along an axis +parallaxBackgroundHorizontal: null +parallaxBackgroundVertical: null + +# The display mode that will be used to show slides +display: 'block' +``` + +## Customising individual slides + +custom background image: +``` +--- + + +#### testslide + +--- +``` -- cgit v1.2.3 From 54edec89000aec94cae325be3d5c85442ac21adf Mon Sep 17 00:00:00 2001 From: Claudius Date: Sun, 31 Mar 2019 20:10:32 +0200 Subject: striving for consistency across various docs Signed-off-by: Claudius --- .gitignore | 1 - README.md | 8 ++-- docs/configuration-config-file.md | 3 +- docs/configuration-env-vars.md | 3 +- docs/dev/getting-started.md | 10 ++--- docs/dev/ot.md | 12 ++++- docs/dev/webpack.md | 9 +++- docs/guides/auth/github.md | 31 ++++++------- docs/guides/auth/gitlab-self-hosted.md | 8 ++-- docs/guides/auth/ldap-AD.md | 1 - docs/guides/auth/mattermost-self-hosted.md | 32 ++++++------- docs/guides/auth/nextcloud.md | 4 +- docs/guides/auth/saml-onelogin.md | 52 ++++++++++----------- docs/guides/auth/saml.md | 62 +++++++++++++------------- docs/guides/auth/twitter.md | 42 ++++++++--------- docs/guides/migrations-and-breaking-changes.md | 14 ++---- docs/guides/minio-image-upload.md | 14 +++--- docs/guides/s3-image-upload.md | 7 +-- docs/history.md | 3 +- docs/setup/cloudron.md | 3 +- docs/setup/docker.md | 7 +-- docs/setup/heroku.md | 3 +- docs/setup/kubernetes.md | 3 +- docs/setup/manual-setup.md | 4 +- docs/slide-options.md | 6 ++- public/docs/features.md | 2 +- public/docs/release-notes.md | 2 +- 27 files changed, 175 insertions(+), 171 deletions(-) diff --git a/.gitignore b/.gitignore index 755e3f94..a31c3148 100644 --- a/.gitignore +++ b/.gitignore @@ -8,7 +8,6 @@ composer.lock .idea/ Thumbs.db npm-debug.log -hackmd_io newrelic_agent.log logs/ tmp/ diff --git a/README.md b/README.md index 6e4d349f..2cc9f46f 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,8 @@ CodiMD [![version][github-version-badge]][github-release-page] [![POEditor][poeditor-image]][poeditor-url] -CodiMD lets you create real-time collaborative markdown notes on all platforms. +CodiMD lets you create real-time collaborative markdown notes. + It is inspired by Hackpad, Etherpad and similar collaborative editors. This project originated with the team at [HackMD](https://hackmd.io) and now forked into its own organisation. [A longer writeup can be read in the history doc](docs/history.md). @@ -16,13 +17,14 @@ into its own organisation. [A longer writeup can be read in the history doc](doc ## Community and Contributions -We welcome contributions! There's a lot to do. If you would like to report bugs +We welcome contributions! There's a lot to do. If you would like to report bugs, the [issue tracker](github-issue-tracker) is the right place. If you want to help translating, find us on [POEditor](poeditor-url). To get started developing, take a look at the [docs/dev](docs/dev) directory. In any case: come talk to us, we'll be delighted to help you with the first steps. -To stay up to date with your installation it's recommended to join our [Matrix channel][matrix.org-url] or subscribe to the [release feed][github-release-feed]. +To stay up to date with our work it's recommended to join our +[Matrix channel][matrix.org-url] or subscribe to the [release feed][github-release-feed]. ## Installation / Upgrading diff --git a/docs/configuration-config-file.md b/docs/configuration-config-file.md index 4edbbf0f..bc9c19e3 100644 --- a/docs/configuration-config-file.md +++ b/docs/configuration-config-file.md @@ -1,4 +1,5 @@ -# Configuration Using Config file +Configuration Using Config file +=== You can choose to configure CodiMD with either a config file or with [environment variables](configuration-env-vars.md). The config file is processed diff --git a/docs/configuration-env-vars.md b/docs/configuration-env-vars.md index 2823a402..aa70b95d 100644 --- a/docs/configuration-env-vars.md +++ b/docs/configuration-env-vars.md @@ -1,4 +1,5 @@ -# Configuration Using Environment variables +Configuration Using Environment variables +=== You can choose to configure CodiMD with either a [config file](configuration-config-file.md) or with environment variables. diff --git a/docs/dev/getting-started.md b/docs/dev/getting-started.md index 79a97d4a..07524971 100644 --- a/docs/dev/getting-started.md +++ b/docs/dev/getting-started.md @@ -1,12 +1,12 @@ -# Developer Notes +Developer Notes +=== ## Preparing for running the code -**Notice:** *If you're into [docker](../setup/docker.md) or [heroku](../setup/heroku.md), -there's extra documents for those!* +**Notice:** *There's [specialised instructions for docker](../setup/docker.md) or [heroku](../setup/heroku.md), if you prefer running code this way!* -1. Clone the repository (Cloning is the preferred way, but you can also download - and unzip a release) +1. Clone the repository with `git clone https://github.com/codimd/server.git codimd-server` + (cloning is the preferred way, but you can also download and unzip a release) 2. Enter the directory and run `bin/setup`, which will install npm dependencies and create configs. The setup script is written in Bash, you would need bash as a prerequisite. diff --git a/docs/dev/ot.md b/docs/dev/ot.md index 71f7f78d..924be693 100644 --- a/docs/dev/ot.md +++ b/docs/dev/ot.md @@ -1,6 +1,14 @@ -## Operational Transformation +Operational Transformation +=== From 0.3.2, we started supporting operational transformation. It makes concurrent editing safe and will not break up other users' operations. Additionally, now can show other clients' selections. -See more at [http://operational-transformation.github.io/](http://operational-transformation.github.io/) + +See more at [https://operational-transformation.github.io/](https://operational-transformation.github.io/) + +And even more in this 2010 article series: + +* https://drive.googleblog.com/2010/09/whats-different-about-new-google-docs_21.html +* https://drive.googleblog.com/2010/09/whats-different-about-new-google-docs_22.html +* https://drive.googleblog.com/2010/09/whats-different-about-new-google-docs.html diff --git a/docs/dev/webpack.md b/docs/dev/webpack.md index 7b391f3a..b05fd1d3 100644 --- a/docs/dev/webpack.md +++ b/docs/dev/webpack.md @@ -1,4 +1,11 @@ -# Webpack Docs +Webpack +=== + +Webpack is a JavaScript build system for frontend code. You can find out all +about it on [the webpack website](https://webpack.js.org/). + +Here's how we're using it: + ## `webpack.common.js` This file contains all common definition for chunks and plugins, that are needed by the whole app. diff --git a/docs/guides/auth/github.md b/docs/guides/auth/github.md index 482bca31..d16b486f 100644 --- a/docs/guides/auth/github.md +++ b/docs/guides/auth/github.md @@ -1,27 +1,24 @@ Authentication guide - GitHub === -***Note:** This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* +**Note:** *This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* 1. Sign-in or sign-up for a GitHub account 2. Navigate to developer settings in your GitHub account [here](https://github.com/settings/developers) and select the "OAuth Apps" tab -3. Click on the **New OAuth App** button, to create a new OAuth App: +3. Click on the **New OAuth App** button, to create a new OAuth App: + ![create-oauth-app](../../images/auth/create-oauth-app.png) -![create-oauth-app](../../images/auth/create-oauth-app.png) +4. Fill out the new OAuth application registration form, and click **Register Application** + ![register-oauth-application-form](../../images/auth/register-oauth-application-form.png) -4. Fill out the new OAuth application registration form, and click **Register Application** + **Note:** *The callback URL is /auth/github/callback* -![register-oauth-application-form](../../images/auth/register-oauth-application-form.png) - -*Note: The callback URL is /auth/github/callback* - -5. After successfully registering the application, you'll receive the Client ID and Client Secret for the application - -![application-page](../../images/auth/application-page.png) +5. After successfully registering the application, you'll receive the Client ID and Client Secret for the application + ![application-page](../../images/auth/application-page.png) 6. Add the Client ID and Client Secret to your config.json file or pass them as environment variables - * config.json: - ````javascript + * `config.json`: + ```js { "production": { "github": { @@ -30,9 +27,9 @@ Authentication guide - GitHub } } } - ```` + ``` * environment variables: - ```` - HMD_GITHUB_CLIENTID=3747d30eaccXXXXXXXXX - HMD_GITHUB_CLIENTSECRET=2a8e682948eee0c580XXXXXXXXXXXXXXXXXXXXXX + ```sh + CMD_GITHUB_CLIENTID=3747d30eaccXXXXXXXXX + CMD_GITHUB_CLIENTSECRET=2a8e682948eee0c580XXXXXXXXXXXXXXXXXXXXXX ```` diff --git a/docs/guides/auth/gitlab-self-hosted.md b/docs/guides/auth/gitlab-self-hosted.md index d19caf76..ea1ad6bd 100644 --- a/docs/guides/auth/gitlab-self-hosted.md +++ b/docs/guides/auth/gitlab-self-hosted.md @@ -1,7 +1,7 @@ -# GitLab (self-hosted) +GitLab (self-hosted) === -***Note:** This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* +**Note:** *This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* 1. Sign in to your GitLab 2. Navigate to the application management page at `https://your.gitlab.domain/admin/applications` (admin permissions required) @@ -18,7 +18,7 @@ 6. In the `docker-compose.yml` add the following environment variables to `app:` `environment:` ``` -- HMD_DOMAIN=your.hackmd.domain +- HMD_DOMAIN=your.codimd.domain - HMD_URL_ADDPORT=443 - HMD_PROTOCOL_USESSL=true - HMD_GITLAB_BASEURL=https://your.gitlab.domain @@ -27,6 +27,6 @@ ``` 7. Run `docker-compose up -d` to apply your settings. -8. Sign in to your HackMD using your GitLab ID: +8. Sign in to your CodiMD using your GitLab ID: ![Sign in via GitLab](../../images/auth/gitlab-sign-in.png) diff --git a/docs/guides/auth/ldap-AD.md b/docs/guides/auth/ldap-AD.md index 77521db3..e74121f1 100644 --- a/docs/guides/auth/ldap-AD.md +++ b/docs/guides/auth/ldap-AD.md @@ -1,7 +1,6 @@ AD LDAP auth === - To setup your CodiMD instance with Active Directory you need the following configs: ``` diff --git a/docs/guides/auth/mattermost-self-hosted.md b/docs/guides/auth/mattermost-self-hosted.md index e3050595..d8280399 100644 --- a/docs/guides/auth/mattermost-self-hosted.md +++ b/docs/guides/auth/mattermost-self-hosted.md @@ -1,33 +1,29 @@ Authentication guide - Mattermost (self-hosted) === -*Note: The Mattermost setup portion of this document is just a quick guide. See the [official documentation](https://docs.mattermost.com/developer/oauth-2-0-applications.html) for more details.* +**Note:** *The Mattermost setup portion of this document is just a quick guide. See the [official documentation](https://docs.mattermost.com/developer/oauth-2-0-applications.html) for more details.* This guide uses the generic OAuth2 module for compatibility with Mattermost version 5.0 and above. 1. Sign-in with an administrator account to your Mattermost instance -2. Make sure **OAuth 2.0 Service Provider** is enabled in the Main Menu (menu button next to your username in the top left corner) --> System Console --> Custom Integrations menu, which you can find at `https://your.mattermost.domain/admin_console/integrations/custom` - -![mattermost-enable-oauth2](../../images/auth/mattermost-enable-oauth2.png) +2. Make sure **OAuth 2.0 Service Provider** is enabled in the Main Menu (menu button next to your username in the top left corner) --> System Console --> Custom Integrations menu, which you can find at `https://your.mattermost.domain/admin_console/integrations/custom` + ![mattermost-enable-oauth2](../../images/auth/mattermost-enable-oauth2.png) 3. Navigate to the OAuth integration settings through Main Menu --> Integrations --> OAuth 2.0 Applications, at `https://your.mattermost.domain/yourteam/integrations/oauth2-apps` -4. Click on the **Add OAuth 2.0 Application** button to add a new OAuth application - -![mattermost-oauth-app-add](../../images/auth/mattermost-oauth-app-add.png) +4. Click on the **Add OAuth 2.0 Application** button to add a new OAuth application + ![mattermost-oauth-app-add](../../images/auth/mattermost-oauth-app-add.png) -5. Fill out the form and click **Save** - -![mattermost-oauth-app-form](../../images/auth/mattermost-oauth-app-form.png) +5. Fill out the form and click **Save** + ![mattermost-oauth-app-form](../../images/auth/mattermost-oauth-app-form.png) *Note: The callback URL is \/auth/oauth2/callback* -6. After saving the application, you'll receive the Client ID and Client Secret - -![mattermost-oauth-app-done](../../images/auth/mattermost-oauth-app-done.png) +6. After saving the application, you'll receive the Client ID and Client Secret + ![mattermost-oauth-app-done](../../images/auth/mattermost-oauth-app-done.png) 7. Add the Client ID and Client Secret to your config.json file or pass them as environment variables - * config.json: - ````javascript + * `config.json`: + ```javascript { "production": { "oauth2": { @@ -43,9 +39,9 @@ This guide uses the generic OAuth2 module for compatibility with Mattermost vers } } } - ```` + ``` * environment variables: - ```` + ```sh CMD_OAUTH2_BASEURL=https://your.mattermost.domain CMD_OAUTH2_USER_PROFILE_URL=https://your.mattermost.domain/api/v4/users/me CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=id @@ -55,4 +51,4 @@ This guide uses the generic OAuth2 module for compatibility with Mattermost vers CMD_OAUTH2_AUTHORIZATION_URL=https://your.mattermost.domain/oauth/authorize CMD_OAUTH2_CLIENT_ID=ii4p1u3jz7dXXXXXXXXXXXXXXX CMD_OAUTH2_CLIENT_SECRET=mqzzx6fydbXXXXXXXXXXXXXXXX - ```` + ``` diff --git a/docs/guides/auth/nextcloud.md b/docs/guides/auth/nextcloud.md index 42db8b42..3bf86d31 100644 --- a/docs/guides/auth/nextcloud.md +++ b/docs/guides/auth/nextcloud.md @@ -9,10 +9,10 @@ This guide uses the generic OAuth2 module for compatibility with Nextcloud 13 an 2. Navigate to the OAuth integration settings: Profile Icon (top right) --> Settings Then choose Security Settings from the *Administration* part of the list - Don't confuse this with Personal Security Settings, where you would change your personal password! - At the top there's OAuth 2.0-Clients. + At the top there's OAuth 2.0-Clients. ![Where to find OAuth2 in Nextcloud](../../images/auth/nextcloud-oauth2-1-settings.png) -3. Add your CodiMD instance by giving it a *name* (perhaps CodiMD, but could be anything) and a *Redirection-URI*. The Redirection-URI will be `\/auth/oauth2/callback`. Click Add. +3. Add your CodiMD instance by giving it a *name* (perhaps CodiMD, but could be anything) and a *Redirection-URI*. The Redirection-URI will be `\/auth/oauth2/callback`. Click Add. ![Adding a client to Nextcloud](../../images/auth/nextcloud-oauth2-2-client-add.png) diff --git a/docs/guides/auth/saml-onelogin.md b/docs/guides/auth/saml-onelogin.md index 14ce61a5..785e36ba 100644 --- a/docs/guides/auth/saml-onelogin.md +++ b/docs/guides/auth/saml-onelogin.md @@ -1,40 +1,35 @@ Authentication guide - SAML (OneLogin) === -***Note:** This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* +**Note:** *This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* 1. Sign-in or sign-up for an OneLogin account. (available free trial for 2 weeks) 2. Go to the administration page. -3. Select the **APPS** menu and click on the **Add Apps**. +3. Select the **APPS** menu and click on the **Add Apps**. + ![onelogin-add-app](../../images/auth/onelogin-add-app.png) -![onelogin-add-app](../../images/auth/onelogin-add-app.png) +4. Find "SAML Test Connector (SP)" for template of settings and select it. + ![onelogin-select-template](../../images/auth/onelogin-select-template.png) -4. Find "SAML Test Connector (SP)" for template of settings and select it. - -![onelogin-select-template](../../images/auth/onelogin-select-template.png) - -5. Edit display name and icons for OneLogin dashboard as you want, and click **SAVE**. - -![onelogin-edit-app-name](../../images/auth/onelogin-edit-app-name.png) +5. Edit display name and icons for OneLogin dashboard as you want, and click **SAVE**. + ![onelogin-edit-app-name](../../images/auth/onelogin-edit-app-name.png) 6. After that other tabs will appear, click the **Configuration**, and fill out the below items, and click **SAVE**. - * RelayState: The base URL of your hackmd, which is issuer. (last slash is not needed) - * ACS (Consumer) URL Validator: The callback URL of your hackmd. (serverurl + /auth/saml/callback) + * RelayState: The base URL of your CodiMD, which is issuer. (last slash is not needed) + * ACS (Consumer) URL Validator: The callback URL of your CodiMD. (serverurl + /auth/saml/callback) * ACS (Consumer) URL: same as above. - * Login URL: login URL(SAML requester) of your hackmd. (serverurl + /auth/saml) - -![onelogin-edit-sp-metadata](../../images/auth/onelogin-edit-sp-metadata.png) + * Login URL: login URL(SAML requester) of your CopiMD. (serverurl + /auth/saml) + ![onelogin-edit-sp-metadata](../../images/auth/onelogin-edit-sp-metadata.png) 7. The registration is completed. Next, click **SSO** and copy or download the items below. * X.509 Certificate: Click **View Details** and **DOWNLOAD** or copy the content of certificate ....(A) - * SAML 2.0 Endpoint (HTTP): Copy the URL ....(B) - -![onelogin-copy-idp-metadata](../../images/auth/onelogin-copy-idp-metadata.png) + * SAML 2.0 Endpoint (HTTP): Copy the URL ....(B) + ![onelogin-copy-idp-metadata](../../images/auth/onelogin-copy-idp-metadata.png) -8. In your hackmd server, create IdP certificate file from (A) +8. In your CodiMD server, create IdP certificate file from (A) 9. Add the IdP URL (B) and the Idp certificate file path to your config.json file or pass them as environment variables. - * config.json: - ````javascript + * `config.json`: + ```javascript { "production": { "saml": { @@ -43,12 +38,11 @@ Authentication guide - SAML (OneLogin) } } } - ```` + ``` * environment variables - ```` - HMD_SAML_IDPSSOURL=https://*******.onelogin.com/trust/saml2/http-post/sso/****** - HMD_SAML_IDPCERT=/path/to/idp_cert.pem - ```` -10. Try sign-in with SAML from your hackmd sign-in button or OneLogin dashboard (like the screenshot below). - -![onelogin-use-dashboard](../../images/auth/onelogin-use-dashboard.png) + ```sh + CMD_SAML_IDPSSOURL=https://*******.onelogin.com/trust/saml2/http-post/sso/****** + CMD_SAML_IDPCERT=/path/to/idp_cert.pem + ``` +10. Try sign-in with SAML from your CodiMD sign-in button or OneLogin dashboard (like the screenshot below). + ![onelogin-use-dashboard](../../images/auth/onelogin-use-dashboard.png) diff --git a/docs/guides/auth/saml.md b/docs/guides/auth/saml.md index 7f63b748..3a64f5f7 100644 --- a/docs/guides/auth/saml.md +++ b/docs/guides/auth/saml.md @@ -1,7 +1,7 @@ Authentication guide - SAML === -***Note:** This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* +**Note:** *This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* The basic procedure is the same as the case of OneLogin which is mentioned in [OneLogin-Guide](./saml-onelogin.md). If you want to match your IdP, you can use more configurations as below. @@ -9,36 +9,36 @@ The basic procedure is the same as the case of OneLogin which is mentioned in [O * {{your-serverurl}}/auth/saml/metadata * _Note: If not accessible from IdP, download to local once and upload to IdP._ * Change the value of `issuer`, `identifierFormat` to match your IdP. - * `issuer`: A unique id to identify the application to the IdP, which is the base URL of your HackMD as default + * `issuer`: A unique id to identify the application to the IdP, which is the base URL of your CodiMD as default * `identifierFormat`: A format of unique id to identify the user of IdP, which is the format based on email address as default. It is recommend that you use as below. * urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress (default) * urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified - * config.json: - ````javascript + * `config.json`: + ```javascript { "production": { "saml": { /* omitted */ - "issuer": "myhackmd" + "issuer": "mycodimd" "identifierFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" } } } - ```` + ``` * environment variables - ```` - HMD_SAML_ISSUER=myhackmd - HMD_SAML_IDENTIFIERFORMAT=urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified - ```` + ``` + CMD_SAML_ISSUER=mycodimd + CMD_SAML_IDENTIFIERFORMAT=urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified + ``` * Change mapping of attribute names to customize the displaying user name and email address to match your IdP. * `attribute`: A dictionary to map attribute names - * `attribute.id`: A primary key of user table for your HackMD - * `attribute.username`: Attribute name of displaying user name on HackMD + * `attribute.id`: A primary key of user table for your CodiMD + * `attribute.username`: Attribute name of displaying user name on CodiMD * `attribute.email`: Attribute name of email address, which will be also used for Gravatar * _Note: Default value of all attributes is NameID of SAML response, which is email address if `identifierFormat` is default._ - * config.json: - ````javascript + * `config.json`: + ```javascript { "production": { "saml": { @@ -51,35 +51,35 @@ The basic procedure is the same as the case of OneLogin which is mentioned in [O } } } - ```` + ``` * environment variables - ```` - HMD_SAML_ATTRIBUTE_ID=sAMAccountName - HMD_SAML_ATTRIBUTE_USERNAME=nickName - HMD_SAML_ATTRIBUTE_EMAIL=mail - ```` + ```sh + CMD_SAML_ATTRIBUTE_ID=sAMAccountName + CMD_SAML_ATTRIBUTE_USERNAME=nickName + CMD_SAML_ATTRIBUTE_EMAIL=mail + ``` * If you want to control permission by group membership, add group attribute name and required group (allowed) or external group (not allowed). * `groupAttribute`: An attribute name of group membership - * `requiredGroups`: Group names array for allowed access to HackMD. Use vertical bar to separate for environment variables. - * `externalGroups`: Group names array for not allowed access to HackMD. Use vertical bar to separate for environment variables. + * `requiredGroups`: Group names array for allowed access to CodiMD. Use vertical bar to separate for environment variables. + * `externalGroups`: Group names array for not allowed access to CodiMD. Use vertical bar to separate for environment variables. * _Note: Evaluates `externalGroups` first_ - * config.json: - ````javascript + * `config.json`: + ```javascript { "production": { "saml": { /* omitted */ "groupAttribute": "memberOf", - "requiredGroups": [ "hackmd-users", "board-members" ], + "requiredGroups": [ "codimd-users", "board-members" ], "externalGroups": [ "temporary-staff" ] } } } - ```` + ``` * environment variables - ```` - HMD_SAML_GROUPATTRIBUTE=memberOf - HMD_SAML_REQUIREDGROUPS=hackmd-users|board-members - HMD_SAML_EXTERNALGROUPS=temporary-staff - ```` + ```sh + CMD_SAML_GROUPATTRIBUTE=memberOf + CMD_SAML_REQUIREDGROUPS=codimd-users|board-members + CMD_SAML_EXTERNALGROUPS=temporary-staff + ``` diff --git a/docs/guides/auth/twitter.md b/docs/guides/auth/twitter.md index da35a4e3..1973515c 100644 --- a/docs/guides/auth/twitter.md +++ b/docs/guides/auth/twitter.md @@ -1,33 +1,29 @@ Authentication guide - Twitter === -***Note:** This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* +**Note:** *This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* 1. Sign-in or sign-up for a Twitter account 2. Go to the Twitter Application management page [here](https://apps.twitter.com/) -3. Click on the **Create New App** button to create a new Twitter app: +3. Click on the **Create New App** button to create a new Twitter app: + ![create-twitter-app](../../images/auth/create-twitter-app.png) -![create-twitter-app](../../images/auth/create-twitter-app.png) +4. Fill out the create application form, check the developer agreement box, and click **Create Your Twitter Application** + ![register-twitter-application](../../images/auth/register-twitter-application.png) -4. Fill out the create application form, check the developer agreement box, and click **Create Your Twitter Application** + *Note: you may have to register your phone number with Twitter to create a Twitter application* -![register-twitter-application](../../images/auth/register-twitter-application.png) + To do this Click your profile icon --> Settings and privacy --> Mobile --> Select Country/region --> Enter phone number --> Click Continue -*Note: you may have to register your phone number with Twitter to create a Twitter application* +5. After you receive confirmation that the Twitter application was created, click **Keys and Access Tokens** + ![twitter-app-confirmation](../../images/auth/twitter-app-confirmation.png) -To do this Click your profile icon --> Settings and privacy --> Mobile --> Select Country/region --> Enter phone number --> Click Continue +6. Obtain your Twitter Consumer Key and Consumer Secret + ![twitter-app-keys](../../images/auth/twitter-app-keys.png) -5. After you receive confirmation that the Twitter application was created, click **Keys and Access Tokens** - -![twitter-app-confirmation](../../images/auth/twitter-app-confirmation.png) - -6. Obtain your Twitter Consumer Key and Consumer Secret - -![twitter-app-keys](../../images/auth/twitter-app-keys.png) - -7. Add your Consumer Key and Consumer Secret to your config.json file or pass them as environment variables: - * config.json: - ````javascript +7. Add your Consumer Key and Consumer Secret to your `config.json` file or pass them as environment variables: + * `config.json`: + ```javascript { "production": { "twitter": { @@ -36,9 +32,9 @@ To do this Click your profile icon --> Settings and privacy --> Mobile --> Sele } } } - ```` + ``` * environment variables: - ```` - HMD_TWITTER_CONSUMERKEY=esTCJFXXXXXXXXXXXXXXXXXXX - HMD_TWITTER_CONSUMERSECRET=zpCs4tU86pRVXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - ```` + ```sh + CMD_TWITTER_CONSUMERKEY=esTCJFXXXXXXXXXXXXXXXXXXX + CMD_TWITTER_CONSUMERSECRET=zpCs4tU86pRVXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + ``` diff --git a/docs/guides/migrations-and-breaking-changes.md b/docs/guides/migrations-and-breaking-changes.md index f5a416f6..776055b6 100644 --- a/docs/guides/migrations-and-breaking-changes.md +++ b/docs/guides/migrations-and-breaking-changes.md @@ -1,4 +1,5 @@ -# Migrations and Notable Changes +Migrations and Notable Changes +=== ## Migrating to 1.3.2 @@ -37,22 +38,15 @@ We deprecated the older lower case config style and moved on to camel case style ## Migrating to 0.5.0 -[**migration-to-0.5.0**](https://github.com/hackmdio/migration-to-0.5.0) +[migration-to-0.5.0 migration tool](https://github.com/hackmdio/migration-to-0.5.0) We don't use LZString to compress socket.io data and DB data after version 0.5.0. Please run the migration tool if you're upgrading from the old version. ## Migrating to 0.4.0 -[**migration-to-0.4.0**](https://github.com/hackmdio/migration-to-0.4.0) +[migration-to-0.4.0 migration tool](https://github.com/hackmdio/migration-to-0.4.0) We've dropped MongoDB after version 0.4.0. So here is the migration tool for you to transfer the old DB data to the new DB. This tool is also used for official service. - -## Operational Transformation in 0.3.2 - -From 0.3.2, we started supporting operational transformation. -It makes concurrent editing safe and will not break up other users' operations. -Additionally, now can show other clients' selections. -See more at [http://operational-transformation.github.io/](http://operational-transformation.github.io/) diff --git a/docs/guides/minio-image-upload.md b/docs/guides/minio-image-upload.md index 1544e249..258b0d90 100644 --- a/docs/guides/minio-image-upload.md +++ b/docs/guides/minio-image-upload.md @@ -1,7 +1,7 @@ Minio Guide for CodiMD === -***Note:** This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* +**Note:** *This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* 1. First of all you need to setup Minio itself. @@ -9,7 +9,7 @@ Minio Guide for CodiMD production setup. For checking it out and development purposes a non-persistent setup is enough: - ```console + ```sh docker run --name test-minio --rm -d -p 9000:9000 minio/minio server /data ``` @@ -18,7 +18,7 @@ Minio Guide for CodiMD 2. Next step is to get the credentials form the container: - ``` + ```sh docker logs test-minio ``` @@ -28,7 +28,7 @@ Minio Guide for CodiMD ![minio default view](../images/minio-image-upload/default-view.png) -4. Create a bucket for HackMD +4. Create a bucket for CodiMD ![minio create bucket](../images/minio-image-upload/create-bucket.png) @@ -40,7 +40,7 @@ Minio Guide for CodiMD ![minio policy adding](../images/minio-image-upload/create-policy.png) *Add policy for uploads* -6. Set credentials and configs for Minio in HackMD's `config.json` +6. Set credentials and configs for Minio in CodiMD's `config.json` ```JSON "minio": { @@ -58,7 +58,7 @@ Minio Guide for CodiMD 7. Set bucket name ```JSON - "s3bucket": "hackmd" + "s3bucket": "codimd" ``` 8. Set upload type. @@ -79,7 +79,7 @@ Minio Guide for CodiMD "port": 9000, "secure": false }, - "s3bucket": "hackmd", + "s3bucket": "codimd", "imageuploadtype": "minio" } ``` diff --git a/docs/guides/s3-image-upload.md b/docs/guides/s3-image-upload.md index 29437019..7ca8dd12 100644 --- a/docs/guides/s3-image-upload.md +++ b/docs/guides/s3-image-upload.md @@ -1,6 +1,7 @@ -# Guide - Setup CodiMD S3 image upload +Guide - Setup CodiMD S3 image upload +=== -***Note:** This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* +**Note:** *This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!* 1. Go to [AWS S3 console](https://console.aws.amazon.com/s3/home) and create a new bucket. @@ -76,7 +77,7 @@ } ``` -9. In additional to edit `config.json` directly, you could also try [environment variable](https://github.com/codimd/server#environment-variables-will-overwrite-other-server-configs). +9. In additional to edit `config.json` directly, you could also try [environment variables](../configuration-env-vars.md). ## Related Tools diff --git a/docs/history.md b/docs/history.md index b1dfde8a..cd12a369 100644 --- a/docs/history.md +++ b/docs/history.md @@ -1,4 +1,5 @@ -# History of CodiMD +History of CodiMD +=== ## It started with HackMD diff --git a/docs/setup/cloudron.md b/docs/setup/cloudron.md index edab7d0d..aa707dc4 100644 --- a/docs/setup/cloudron.md +++ b/docs/setup/cloudron.md @@ -1,4 +1,5 @@ -## Cloudron +Cloudron +=== Install CodiMD on [Cloudron](https://cloudron.io): diff --git a/docs/setup/docker.md b/docs/setup/docker.md index defe467a..1a9fd89f 100644 --- a/docs/setup/docker.md +++ b/docs/setup/docker.md @@ -1,5 +1,6 @@ +CodiMD by docker container +=== -## CodiMD by docker container [![Try in PWD](https://cdn.rawgit.com/play-with-docker/stacks/cff22438/assets/images/button.png)](http://play-with-docker.com?stack=https://github.com/codimd/container/raw/master/docker-compose.yml&stack_name=codimd) @@ -14,9 +15,9 @@ The easiest way to setup CodiMD using docker are using the following three commands: -```console +```sh git clone https://github.com/codimd/container.git cd codimd-container docker-compose up ``` -Read more about it in the [container repository…](https://github.com/codimd/container) +Read more about it in the [container repository](https://github.com/codimd/container). diff --git a/docs/setup/heroku.md b/docs/setup/heroku.md index 86b4ecae..9dc3bb3a 100644 --- a/docs/setup/heroku.md +++ b/docs/setup/heroku.md @@ -1,4 +1,5 @@ -## Heroku Deployment +Heroku Deployment +=== You can quickly setup a sample Heroku CodiMD application by clicking the button below. diff --git a/docs/setup/kubernetes.md b/docs/setup/kubernetes.md index 400e2b4f..db596851 100644 --- a/docs/setup/kubernetes.md +++ b/docs/setup/kubernetes.md @@ -1,4 +1,5 @@ -## Kubernetes +Kubernetes +=== To install use `helm install stable/hackmd`. diff --git a/docs/setup/manual-setup.md b/docs/setup/manual-setup.md index 25869ee0..721d5bf7 100644 --- a/docs/setup/manual-setup.md +++ b/docs/setup/manual-setup.md @@ -1,4 +1,5 @@ -# Manual Installation +Manual Installation +=== ## Requirements on your server @@ -8,6 +9,7 @@ - `libssl-dev` for building scrypt (see [here](https://github.com/ml1nk/node-scrypt/blob/master/README.md#installation-instructions) for further information) - For **building** CodiMD we recommend to use a machine with at least **2GB** RAM + ## Instructions 1. Download a release and unzip or clone into a directory diff --git a/docs/slide-options.md b/docs/slide-options.md index 8da5dc10..d1277831 100644 --- a/docs/slide-options.md +++ b/docs/slide-options.md @@ -1,9 +1,11 @@ -## Slide Separators +Slide Separators +=== + If you're getting started with reveal.js slides, there are a few things you need to know. There are two types of slides, those that transition horizontally and those that transition vertically (subslides). -The following separators are used for each in the hackmd syntax: +The following separators are used for each in the CodiMD syntax: ``` # First Slide diff --git a/public/docs/features.md b/public/docs/features.md index e17619fb..9f61992f 100644 --- a/public/docs/features.md +++ b/public/docs/features.md @@ -67,7 +67,7 @@ There are four possible options: Notes can be embedded as follows: ```xml - + ``` ## [Slide Mode](./slide-example): diff --git a/public/docs/release-notes.md b/public/docs/release-notes.md index 6c30a0ff..5eb2802d 100644 --- a/public/docs/release-notes.md +++ b/public/docs/release-notes.md @@ -184,7 +184,7 @@ Release Notes --- ### Announcement -* HackMD CE is renamed to CodiMD to prevent confusion. [For details see here](https://github.com/codimd/server#hackmd-ce-became-codimd) +* HackMD CE is renamed to CodiMD to prevent confusion. [For details see here](https://github.com/codimd/server/tree/master/docs/history.md) ### Enhancements * Show full title by hovering over to table of contents entries -- cgit v1.2.3 From 33b22cf26fc25feef5c4fb8d76a04c880d935bfe Mon Sep 17 00:00:00 2001 From: Claudius Date: Mon, 1 Apr 2019 00:50:06 +0200 Subject: breaking up config docs into sections Signed-off-by: Claudius --- docs/configuration-config-file.md | 142 +++++++++++++++++++----- docs/configuration-env-vars.md | 226 ++++++++++++++++++++++++++++++-------- 2 files changed, 292 insertions(+), 76 deletions(-) diff --git a/docs/configuration-config-file.md b/docs/configuration-config-file.md index bc9c19e3..41122aa1 100644 --- a/docs/configuration-config-file.md +++ b/docs/configuration-config-file.md @@ -4,62 +4,144 @@ Configuration Using Config file You can choose to configure CodiMD with either a config file or with [environment variables](configuration-env-vars.md). The config file is processed in [`lib/config/index.js`](lib/config/index.js) - so this is the first -place to look if anything is missing not obvious from this document. +place to look if anything is missing not obvious from this document. The +default values are defined in [`lib/config/default.js`](lib/config/default.js), +in case you wonder if you even need to override it. Environment variables take precedence over configurations from the config files. To get started, it is a good idea to take the `config.json.example` and copy it to `config.json` before filling in your own details. -[//]: # (TODO split up into chunks) +## Node.JS | variables | example values | description | | --------- | ------ | ----------- | | `debug` | `true` or `false` | set debug mode, show more logs | + + +## CodiMD basics + +| variables | example values | description | +| --------- | ------ | ----------- | +| `allowPDFExport` | `true` | Whether or not PDF export is offered. | +| `db` | `{ "dialect": "sqlite", "storage": "./db.codimd.sqlite" }` | set the db configs, [see more here](http://sequelize.readthedocs.org/en/latest/api/sequelize/) | +| `dbURL` | `mysql://localhost:3306/database` | set the db URL; if set, then db config (below) won't be applied | +| `forbiddenNoteIDs` | `['robots.txt']` | disallow creation of notes, even if `allowFreeUrl` is `true` | +| `loglevel` | `info` | Defines what kind of logs are provided to stdout. | +| `imageUploadType` | `imgur`, `s3`, `minio`, `azure` or `filesystem`(default) | Where to upload images. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md)| +| `sourceURL` | `https://github.com/codimd/server/tree/` | Provides the link to the source code of CodiMD on the entry page (Please, make sure you change this when you run a modified version) | +| `staticCacheTime` | `1 * 24 * 60 * 60 * 1000` | static file cache time | +| `heartbeatInterval` | `5000` | socket.io heartbeat interval | +| `heartbeatTimeout` | `10000` | socket.io heartbeat timeout | +| `documentMaxLength` | `100000` | note max length | + + +## CodiMD paths stuff + +these are rarely used for various reasons. + +| variables | example values | description | +| --------- | ------ | ----------- | +| `defaultNotePath` | `./public/default.md` | default note file path1, empty notes will be created with this template. | +| `dhParamPath` | `./cert/dhparam.pem` | SSL dhparam path1 (only need when you set `useSSL`) | +| `sslCAPath` | `['./cert/COMODORSAAddTrustCA.crt']` | SSL ca chain1 (only need when you set `useSSL`) | +| `sslCertPath` | `./cert/codimd_io.crt` | SSL cert path1 (only need when you set `useSSL`) | +| `sslKeyPath` | `./cert/client.key` | SSL key path1 (only need when you set `useSSL`) | +| `tmpPath` | `./tmp/` | temp directory path1 | +| `docsPath` | `./public/docs` | docs directory path1 | +| `viewPath` | `./public/views` | template directory path1 | +| `uploadsPath` | `./public/uploads` | uploads directory1 - needs to be persistent when you use imageUploadType `filesystem` | + + +## CodiMD Location + +| variables | example values | description | +| --------- | ------ | ----------- | | `domain` | `localhost` | domain name | | `urlPath` | `codimd` | sub URL path, like `www.example.com/` | -| `host` | `localhost` | host to listen on | -| `port` | `80` | web app port | +| `host` | `localhost` | interface/ip to listen on | +| `port` | `80` | port to listen on | | `path` | `/var/run/codimd.sock` | path to UNIX domain socket to listen on (if specified, `host` and `port` are ignored) | -| `loglevel` | `info` | Defines what kind of logs are provided to stdout. | -| `allowOrigin` | `['localhost']` | domain name whitelist | +| `protocolUseSSL` | `true` or `false` | set to use SSL protocol for resources path (only applied when domain is set) | | `useSSL` | `true` or `false` | set to use SSL server (if `true`, will auto turn on `protocolUseSSL`) | +| `urlAddPort` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) | +| `allowOrigin` | `['localhost']` | domain name whitelist | + + +## CSP and HSTS + +| variables | example values | description | +| --------- | ------ | ----------- | | `hsts` | `{"enable": true, "maxAgeSeconds": 31536000, "includeSubdomains": true, "preload": true}` | [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) options to use with HTTPS (default is the example value, max age is a year) | | `csp` | `{"enable": true, "directives": {"scriptSrc": "trustworthy-scripts.example.com"}, "upgradeInsecureRequests": "auto", "addDefaults": true}` | Configures [Content Security Policy](https://helmetjs.github.io/docs/csp/). Directives are passed to Helmet - see [their documentation](https://helmetjs.github.io/docs/csp/) for more information on the format. Some defaults are added to the configured values so that the application doesn't break. To disable this behaviour, set `addDefaults` to `false`. Further, if `usecdn` is on, some CDN locations are allowed too. By default (`auto`), insecure (HTTP) requests are upgraded to HTTPS via CSP if `useSSL` is on. To change this behaviour, set `upgradeInsecureRequests` to either `true` or `false`. | -| `protocolUseSSL` | `true` or `false` | set to use SSL protocol for resources path (only applied when domain is set) | -| `urlAddPort` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) | + +## Privacy and External Requests + +| variables | example values | description | +| --------- | ------ | ----------- | +| `allowGravatar` | `true` or `false` | set to `false` to disable gravatar as profile picture source on your instance | | `useCDN` | `true` or `false` | set to use CDN resources or not (default is `true`) | + +## Users and Privileges + +| variables | example values | description | +| --------- | ------ | ----------- | | `allowAnonymous` | `true` or `false` | set to allow anonymous usage (default is `true`) | | `allowAnonymousEdits` | `true` or `false` | if `allowAnonymous` is `true`: allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) | | `allowFreeURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL | -| `forbiddenNoteIDs` | `['robots.txt']` | disallow creation of notes, even if `allowFreeUrl` is `true` | | `defaultPermission` | `freely`, `editable`, `limited`, `locked`, `protected` or `private` | set notes default permission (only applied on signed users) | -| `dbURL` | `mysql://localhost:3306/database` | set the db URL; if set, then db config (below) won't be applied | -| `db` | `{ "dialect": "sqlite", "storage": "./db.codimd.sqlite" }` | set the db configs, [see more here](http://sequelize.readthedocs.org/en/latest/api/sequelize/) | -| `sslKeyPath` | `./cert/client.key` | SSL key path1 (only need when you set `useSSL`) | -| `sslCertPath` | `./cert/codimd_io.crt` | SSL cert path1 (only need when you set `useSSL`) | -| `sslCAPath` | `['./cert/COMODORSAAddTrustCA.crt']` | SSL ca chain1 (only need when you set `useSSL`) | -| `dhParamPath` | `./cert/dhparam.pem` | SSL dhparam path1 (only need when you set `useSSL`) | -| `tmpPath` | `./tmp/` | temp directory path1 | -| `defaultNotePath` | `./public/default.md` | default note file path1 | -| `docsPath` | `./public/docs` | docs directory path1 | -| `viewPath` | `./public/views` | template directory path1 | -| `uploadsPath` | `./public/uploads` | uploads directory1 - needs to be persistent when you use imageUploadType `filesystem` | | `sessionName` | `connect.sid` | cookie session name | -| `sessionSecret` | `secret` | cookie session secret | | `sessionLife` | `14 * 24 * 60 * 60 * 1000` | cookie session life | -| `staticCacheTime` | `1 * 24 * 60 * 60 * 1000` | static file cache time | -| `heartbeatInterval` | `5000` | socket.io heartbeat interval | -| `heartbeatTimeout` | `10000` | socket.io heartbeat timeout | -| `documentMaxLength` | `100000` | note max length | +| `sessionSecret` | `secret` | cookie session secret | If none is set, one will randomly generated on each startup, meaning all your users will be logged out. | + + +## Login methods + +Most of these have never been documented for the config.json, feel free to expand these + +### Email (local account) + +| variables | example values | description | +| --------- | ------ | ----------- | | `email` | `true` or `false` | set to allow email signin | -| `oauth2` | `{baseURL: ..., userProfileURL: ..., userProfileUsernameAttr: ..., userProfileDisplayNameAttr: ..., userProfileEmailAttr: ..., tokenURL: ..., authorizationURL: ..., clientID: ..., clientSecret: ...}` | An object detailing your OAuth2 provider. Refer to the [Mattermost](docs/guides/auth/mattermost-self-hosted.md) or [Nextcloud](docs/guides/auth/nextcloud.md) examples for more details!| | `allowEmailRegister` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) | -| `allowGravatar` | `true` or `false` | set to `false` to disable gravatar as profile picture source on your instance | -| `imageUploadType` | `imgur`, `s3`, `minio`, `azure` or `filesystem`(default) | Where to upload images. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md)| -| `minio` | `{ "accessKey": "YOUR_MINIO_ACCESS_KEY", "secretKey": "YOUR_MINIO_SECRET_KEY", "endpoint": "YOUR_MINIO_HOST", port: 9000, secure: true }` | When `imageUploadType` is set to `minio`, you need to set this key. Also checkout our [Minio Image Upload Guide](docs/guides/minio-image-upload.md) | + +### Dropbox Login +### Facebook Login +### GitHub Login +### GitLab Login +### Google Login +### LDAP Login +### Mattermost Login +### OAuth2 Login + +| variables | example values | description | +| --------- | ------ | ----------- | +| `oauth2` | `{baseURL: ..., userProfileURL: ..., userProfileUsernameAttr: ..., userProfileDisplayNameAttr: ..., userProfileEmailAttr: ..., tokenURL: ..., authorizationURL: ..., clientID: ..., clientSecret: ...}` | An object detailing your OAuth2 provider. Refer to the [Mattermost](docs/guides/auth/mattermost-self-hosted.md) or [Nextcloud](docs/guides/auth/nextcloud.md) examples for more details!| + +### SAML Login +### Twitter Login + + +## Upload Storage + +Most of these have never been documented for the config.json, feel free to expand these + + +### Amazon S3 + +| variables | example values | description | +| --------- | ------ | ----------- | | `s3` | `{ "accessKeyId": "YOUR_S3_ACCESS_KEY_ID", "secretAccessKey": "YOUR_S3_ACCESS_KEY", "region": "YOUR_S3_REGION" }` | When `imageuploadtype` be set to `s3`, you would also need to setup this key, check our [S3 Image Upload Guide](docs/guides/s3-image-upload.md) | | `s3bucket` | `YOUR_S3_BUCKET_NAME` | bucket name when `imageUploadType` is set to `s3` or `minio` | -| `sourceURL` | `https://github.com/codimd/server/tree/` | Provides the link to the source code of CodiMD on the entry page (Please, make sure you change this when you run a modified version) | + +### Azure Blob Storage +### imgur +### Minio + +| variables | example values | description | +| --------- | ------ | ----------- | +| `minio` | `{ "accessKey": "YOUR_MINIO_ACCESS_KEY", "secretKey": "YOUR_MINIO_SECRET_KEY", "endpoint": "YOUR_MINIO_HOST", port: 9000, secure: true }` | When `imageUploadType` is set to `minio`, you need to set this key. Also checkout our [Minio Image Upload Guide](docs/guides/minio-image-upload.md) | 1: relative paths are based on CodiMD's base directory diff --git a/docs/configuration-env-vars.md b/docs/configuration-env-vars.md index aa70b95d..55107367 100644 --- a/docs/configuration-env-vars.md +++ b/docs/configuration-env-vars.md @@ -5,56 +5,141 @@ You can choose to configure CodiMD with either a [config file](configuration-config-file.md) or with environment variables. Environment variables are processed in [`lib/config/environment.js`](lib/config/environment.js) - so this is the first -place to look if anything is missing not obvious from this document. +place to look if anything is missing not obvious from this document. The +default values are defined in [`lib/config/default.js`](lib/config/default.js), +in case you wonder if you even need to override it. Environment variables take precedence over configurations from the config files. They generally start with `CMD_` for our own options, but we also list node-specific options you can configure this way. -[//]: # (TODO split up into chunks) +## Node.JS -| variable | example value | description | default | -| -------- | ------------- | ----------- | ------- | -| `NODE_ENV` | `production` or `development` | set current environment (will apply corresponding settings in the `config.json`) | +| variable | example value | description | +| -------- | ------------- | ----------- | +| `NODE_ENV` | `production` or `development` | set current environment (will apply corresponding settings in the `config.json`) | | `DEBUG` | `true` or `false` | set debug mode; show more logs | + + +## CodiMD basics + +defaultNotePath can't be set from env-vars + +| variable | example value | description | +| -------- | ------------- | ----------- | +| `CMD_ALLOW_PDF_EXPORT` | `true` or `false` | Enable or disable PDF exports | | `CMD_CONFIG_FILE` | `/path/to/config.json` | optional override for the path to CodiMD's config file | +| `CMD_DB_URL` | `mysql://localhost:3306/database` | set the database URL | +| `CMD_LOGLEVEL` | `info`, `debug` ... | Defines what kind of logs are provided to stdout. | +| `CMD_FORBIDDEN_NOTE_IDS` | `'robots.txt'` | disallow creation of notes, even if `CMD_ALLOW_FREEURL` is `true` | +| `CMD_IMAGE_UPLOAD_TYPE` | `imgur`, `s3`, `minio` or `filesystem` | Where to upload images. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md), also there's a whole section on their respective env vars below. | +| `CMD_SOURCE_URL` | `https://github.com/codimd/server/tree/` | Provides the link to the source code of CodiMD on the entry page (Please, make sure you change this when you run a modified version) | + + +## CodiMD Location + +| variable | example value | description | +| -------- | ------------- | ----------- | | `CMD_DOMAIN` | `codimd.org` | domain name | -| `CMD_URL_PATH` | `codimd` | sub URL path, like `www.example.com/` | -| `CMD_HOST` | `localhost` | host to listen on | -| `CMD_PORT` | `80` | web app port | +| `CMD_URL_PATH` | `codimd` | If CodiMD is run from a subdirectory like `www.example.com/` | +| `CMD_HOST` | `localhost` | interface/ip to listen on | +| `CMD_PORT` | `80` | port to listen on | | `CMD_PATH` | `/var/run/codimd.sock` | path to UNIX domain socket to listen on (if specified, `CMD_HOST` and `CMD_PORT` are ignored) | -| `CMD_LOGLEVEL` | `info` | Defines what kind of logs are provided to stdout. | -| `CMD_ALLOW_ORIGIN` | `localhost, codimd.org` | domain name whitelist (use comma to separate) | | `CMD_PROTOCOL_USESSL` | `true` or `false` | set to use SSL protocol for resources path (only applied when domain is set) | | `CMD_URL_ADDPORT` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) | -| `CMD_USECDN` | `true` or `false` | set to use CDN resources or not (default is `true`) | +| `CMD_ALLOW_ORIGIN` | `localhost, codimd.org` | domain name whitelist (use comma to separate) | + + +## CSP and HSTS + +| variable | example value | description | +| -------- | ------------- | ----------- | +| `CMD_CSP_ENABLE` | `true` | whether to enable Content Security Policy (directives cannot be configured with environment variables) | +| `CMD_CSP_REPORTURI` | `https://.report-uri.com/r/d/csp/enforce` | Allows to add a URL for CSP reports in case of violations | +| `CMD_HSTS_ENABLE` | ` true` | set to enable [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) if HTTPS is also enabled (default is ` true`) | +| `CMD_HSTS_INCLUDE_SUBDOMAINS` | `true` | set to include subdomains in HSTS (default is `true`) | +| `CMD_HSTS_MAX_AGE` | `31536000` | max duration in seconds to tell clients to keep HSTS status (default is a year) | +| `CMD_HSTS_PRELOAD` | `true` | whether to allow preloading of the site's HSTS status (e.g. into browsers) | + + +## Privacy and External Requests + +| variable | example value | description | +| -------- | ------------- | ----------- | +| `CMD_ALLOW_GRAVATAR` | `true` or `false` | set to `false` to disable gravatar as profile picture source on your instance | +| `CMD_USECDN` | `true` or `false` | set to use CDN resources or not| + + +## Users and Privileges + +| variable | example value | description | +| -------- | ------------- | ----------- | | `CMD_ALLOW_ANONYMOUS` | `true` or `false` | set to allow anonymous usage (default is `true`) | | `CMD_ALLOW_ANONYMOUS_EDITS` | `true` or `false` | if `allowAnonymous` is `true`, allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) | | `CMD_ALLOW_FREEURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL | -| `CMD_FORBIDDEN_NODE_IDS` | `'robots.txt'` | disallow creation of notes, even if `CMD_ALLOW_FREEURL` is `true` | | `CMD_DEFAULT_PERMISSION` | `freely`, `editable`, `limited`, `locked` or `private` | set notes default permission (only applied on signed users) | -| `CMD_DB_URL` | `mysql://localhost:3306/database` | set the database URL | -| `CMD_SESSION_SECRET` | no example | Secret used to sign the session cookie. If non is set, one will randomly generated on startup | | `CMD_SESSION_LIFE` | `1209600000` | Session life time. (milliseconds) | +| `CMD_SESSION_SECRET` | no example | Secret used to sign the session cookie. If none is set, one will randomly generated on each startup, meaning all your users will be logged out. | + + +## Login methods + +### Email (local account) + +| variable | example value | description | +| -------- | ------------- | ----------- | +| `CMD_EMAIL` | `true` or `false` | set to allow email signin | +| `CMD_ALLOW_EMAIL_REGISTER` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) | + + +### Dropbox Login + +| variable | example value | description | +| -------- | ------------- | ----------- | +| `CMD_DROPBOX_CLIENTID` | no example | Dropbox API client id | +| `CMD_DROPBOX_CLIENTSECRET` | no example | Dropbox API client secret | + + +### Facebook Login + +| variable | example value | description | +| -------- | ------------- | ----------- | | `CMD_FACEBOOK_CLIENTID` | no example | Facebook API client id | | `CMD_FACEBOOK_CLIENTSECRET` | no example | Facebook API client secret | -| `CMD_TWITTER_CONSUMERKEY` | no example | Twitter API consumer key | -| `CMD_TWITTER_CONSUMERSECRET` | no example | Twitter API consumer secret | + + +### GitHub Login + +| variable | example value | description | +| -------- | ------------- | ----------- | | `CMD_GITHUB_CLIENTID` | no example | GitHub API client id | | `CMD_GITHUB_CLIENTSECRET` | no example | GitHub API client secret | + + +### GitLab Login + +| variable | example value | description | +| -------- | ------------- | ----------- | | `CMD_GITLAB_SCOPE` | `read_user` or `api` | GitLab API requested scope (default is `api`) (GitLab snippet import/export need `api` scope) | | `CMD_GITLAB_BASEURL` | no example | GitLab authentication endpoint, set to use other endpoint than GitLab.com (optional) | | `CMD_GITLAB_CLIENTID` | no example | GitLab API client id | | `CMD_GITLAB_CLIENTSECRET` | no example | GitLab API client secret | | `CMD_GITLAB_VERSION` | no example | GitLab API version (v3 or v4) | -| `CMD_MATTERMOST_BASEURL` | no example | Mattermost authentication endpoint for versions below 5.0. For Mattermost version 5.0 and above, see [guide](docs/guides/auth/mattermost-self-hosted.md). | -| `CMD_MATTERMOST_CLIENTID` | no example | Mattermost API client id | -| `CMD_MATTERMOST_CLIENTSECRET` | no example | Mattermost API client secret | -| `CMD_DROPBOX_CLIENTID` | no example | Dropbox API client id | -| `CMD_DROPBOX_CLIENTSECRET` | no example | Dropbox API client secret | + + +### Google Login + +| variable | example value | description | +| -------- | ------------- | ----------- | | `CMD_GOOGLE_CLIENTID` | no example | Google API client id | | `CMD_GOOGLE_CLIENTSECRET` | no example | Google API client secret | + + +### LDAP Login + +| variable | example value | description | +| -------- | ------------- | ----------- | | `CMD_LDAP_URL` | `ldap://example.com` | URL of LDAP server | | `CMD_LDAP_BINDDN` | no example | bindDn for LDAP access | | `CMD_LDAP_BINDCREDENTIALS` | no example | bindCredentials for LDAP access | @@ -65,16 +150,21 @@ node-specific options you can configure this way. | `CMD_LDAP_USERNAMEFIELD` | Fallback to userid | The LDAP field which is used as the username on CodiMD | | `CMD_LDAP_TLS_CA` | `server-cert.pem, root.pem` | Root CA for LDAP TLS in PEM format (use comma to separate) | | `CMD_LDAP_PROVIDERNAME` | `My institution` | Optional name to be displayed at login form indicating the LDAP provider | -| `CMD_SAML_IDPSSOURL` | `https://idp.example.com/sso` | authentication endpoint of IdP. for details, see [guide](docs/guides/auth/saml-onelogin.md). | -| `CMD_SAML_IDPCERT` | `/path/to/cert.pem` | certificate file path of IdP in PEM format | -| `CMD_SAML_ISSUER` | no example | identity of the service provider (optional, default: serverurl)" | -| `CMD_SAML_IDENTIFIERFORMAT` | no example | name identifier format (optional, default: `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress`) | -| `CMD_SAML_GROUPATTRIBUTE` | `memberOf` | attribute name for group list (optional) | -| `CMD_SAML_REQUIREDGROUPS` | `Hackmd-users` | group names that allowed (use vertical bar to separate) (optional) | -| `CMD_SAML_EXTERNALGROUPS` | `Temporary-staff` | group names that not allowed (use vertical bar to separate) (optional) | -| `CMD_SAML_ATTRIBUTE_ID` | `sAMAccountName` | attribute map for `id` (optional, default: NameID of SAML response) | -| `CMD_SAML_ATTRIBUTE_USERNAME` | `mailNickname` | attribute map for `username` (optional, default: NameID of SAML response) | -| `CMD_SAML_ATTRIBUTE_EMAIL` | `mail` | attribute map for `email` (optional, default: NameID of SAML response if `CMD_SAML_IDENTIFIERFORMAT` is default) | + + +### Mattermost Login + +| variable | example value | description | +| -------- | ------------- | ----------- | +| `CMD_MATTERMOST_BASEURL` | no example | Mattermost authentication endpoint for versions below 5.0. For Mattermost version 5.0 and above, see [guide](docs/guides/auth/mattermost-self-hosted.md). | +| `CMD_MATTERMOST_CLIENTID` | no example | Mattermost API client id | +| `CMD_MATTERMOST_CLIENTSECRET` | no example | Mattermost API client secret | + + +### OAuth2 Login + +| variable | example value | description | +| -------- | ------------- | ----------- | | `CMD_OAUTH2_USER_PROFILE_URL` | `https://example.com` | where retrieve information about a user after succesful login. Needs to output JSON. (no default value) Refer to the [Mattermost](docs/guides/auth/mattermost-self-hosted.md) or [Nextcloud](docs/guides/auth/nextcloud.md) examples for more details on all of the `CMD_OAUTH2...` options. | | `CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR` | `name` | where to find the username in the JSON from the user profile URL. (no default value)| | `CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR` | `display-name` | where to find the display-name in the JSON from the user profile URL. (no default value) | @@ -84,30 +174,74 @@ node-specific options you can configure this way. | `CMD_OAUTH2_CLIENT_ID` | `afae02fckafd...` | you will get this from your OAuth2 provider when you register CodiMD as OAuth2-client, (no default value) | | `CMD_OAUTH2_CLIENT_SECRET` | `afae02fckafd...` | you will get this from your OAuth2 provider when you register CodiMD as OAuth2-client, (no default value) | | `CMD_OAUTH2_PROVIDERNAME` | `My institution` | Optional name to be displayed at login form indicating the oAuth2 provider | -| `CMD_IMGUR_CLIENTID` | no example | Imgur API client id | -| `CMD_EMAIL` | `true` or `false` | set to allow email signin | -| `CMD_ALLOW_PDF_EXPORT` | `true` or `false` | Enable or disable PDF exports | -| `CMD_ALLOW_EMAIL_REGISTER` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) | -| `CMD_ALLOW_GRAVATAR` | `true` or `false` | set to `false` to disable gravatar as profile picture source on your instance | -| `CMD_IMAGE_UPLOAD_TYPE` | `imgur`, `s3`, `minio` or `filesystem` | Where to upload images. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md) | + + +### SAML Login + +| variable | example value | description | +| -------- | ------------- | ----------- | +| `CMD_SAML_IDPSSOURL` | `https://idp.example.com/sso` | authentication endpoint of IdP. for details, see [guide](docs/guides/auth/saml-onelogin.md). | +| `CMD_SAML_IDPCERT` | `/path/to/cert.pem` | certificate file path of IdP in PEM format | +| `CMD_SAML_ISSUER` | no example | identity of the service provider (optional, default: serverurl)" | +| `CMD_SAML_IDENTIFIERFORMAT` | no example | name identifier format (optional, default: `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress`) | +| `CMD_SAML_GROUPATTRIBUTE` | `memberOf` | attribute name for group list (optional) | +| `CMD_SAML_REQUIREDGROUPS` | `codimd-users` | group names that allowed (use vertical bar to separate) (optional) | +| `CMD_SAML_EXTERNALGROUPS` | `Temporary-staff` | group names that not allowed (use vertical bar to separate) (optional) | +| `CMD_SAML_ATTRIBUTE_ID` | `sAMAccountName` | attribute map for `id` (optional, default: NameID of SAML response) | +| `CMD_SAML_ATTRIBUTE_USERNAME` | `mailNickname` | attribute map for `username` (optional, default: NameID of SAML response) | +| `CMD_SAML_ATTRIBUTE_EMAIL` | `mail` | attribute map for `email` (optional, default: NameID of SAML response if `CMD_SAML_IDENTIFIERFORMAT` is default) | + + +### Twitter Login + +| variable | example value | description | +| -------- | ------------- | ----------- | +| `CMD_TWITTER_CONSUMERKEY` | no example | Twitter API consumer key | +| `CMD_TWITTER_CONSUMERSECRET` | no example | Twitter API consumer secret | + + +## Upload Storage + +These are only relevant when they are also configured in sync with their +`CMD_IMAGE_UPLOAD_TYPE`. Also keep in mind, that `filesystem` is available, so +you don't have to use either of these. + + +### Amazon S3 + +| variable | example value | description | +| -------- | ------------- | ----------- | | `CMD_S3_ACCESS_KEY_ID` | no example | AWS access key id | | `CMD_S3_SECRET_ACCESS_KEY` | no example | AWS secret key | | `CMD_S3_REGION` | `ap-northeast-1` | AWS S3 region | | `CMD_S3_BUCKET` | no example | AWS S3 bucket name | + + +### Azure Blob Storage + +| variable | example value | description | +| -------- | ------------- | ----------- | +| `CMD_AZURE_CONNECTION_STRING` | no example | Azure Blob Storage connection string | +| `CMD_AZURE_CONTAINER` | no example | Azure Blob Storage container name (automatically created if non existent) | + + +### imgur + +| variable | example value | description | +| -------- | ------------- | ----------- | +| `CMD_IMGUR_CLIENTID` | no example | Imgur API client id | + + +### Minio + +| variable | example value | description | +| -------- | ------------- | ----------- | | `CMD_MINIO_ACCESS_KEY` | no example | Minio access key | | `CMD_MINIO_SECRET_KEY` | no example | Minio secret key | | `CMD_MINIO_ENDPOINT` | `minio.example.org` | Address of your Minio endpoint/instance | | `CMD_MINIO_PORT` | `9000` | Port that is used for your Minio instance | | `CMD_MINIO_SECURE` | `true` | If set to `true` HTTPS is used for Minio | -| `CMD_AZURE_CONNECTION_STRING` | no example | Azure Blob Storage connection string | -| `CMD_AZURE_CONTAINER` | no example | Azure Blob Storage container name (automatically created if non existent) | -| `CMD_HSTS_ENABLE` | ` true` | set to enable [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) if HTTPS is also enabled (default is ` true`) | -| `CMD_HSTS_INCLUDE_SUBDOMAINS` | `true` | set to include subdomains in HSTS (default is `true`) | -| `CMD_HSTS_MAX_AGE` | `31536000` | max duration in seconds to tell clients to keep HSTS status (default is a year) | -| `CMD_HSTS_PRELOAD` | `true` | whether to allow preloading of the site's HSTS status (e.g. into browsers) | -| `CMD_CSP_ENABLE` | `true` | whether to enable Content Security Policy (directives cannot be configured with environment variables) | -| `CMD_CSP_REPORTURI` | `https://.report-uri.com/r/d/csp/enforce` | Allows to add a URL for CSP reports in case of violations | -| `CMD_SOURCE_URL` | `https://github.com/codimd/server/tree/` | Provides the link to the source code of CodiMD on the entry page (Please, make sure you change this when you run a modified version) | + **Note:** *Due to the rename process we renamed all `HMD_`-prefix variables to be `CMD_`-prefixed. The old ones continue to work.* -- cgit v1.2.3 From ba6ede57bd32aae79bbcf41964777374620aeab0 Mon Sep 17 00:00:00 2001 From: Claudius Date: Mon, 1 Apr 2019 01:26:36 +0200 Subject: moving code of conduct into its own file for better discoverability Signed-off-by: Claudius --- CODE_OF_CONDUCT.md | 37 +++++++++++++++++++++++++++++++++++++ CONTRIBUTING.md | 42 +++--------------------------------------- 2 files changed, 40 insertions(+), 39 deletions(-) create mode 100644 CODE_OF_CONDUCT.md diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 00000000..f15b5aff --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,37 @@ +Contributor Code of Conduct +=== + +As contributors and maintainers of this project, and in the interest of fostering an open and +welcoming community, we pledge to respect all people who contribute through reporting issues, +posting feature requests, updating documentation, submitting pull requests or patches, and other +activities. + +We are committed to making participation in this project a harassment-free experience for everyone, +regardless of level of experience, gender, gender identity and expression, sexual orientation, +disability, personal appearance, body size, race, ethnicity, age, religion, or nationality. + +Examples of unacceptable behavior by participants include: + +* The use of sexualized language or imagery +* Personal attacks +* Trolling or insulting/derogatory comments +* Public or private harassment +* Publishing other's private information, such as physical or electronic addresses, without explicit + permission +* Other unethical or unprofessional conduct. + +Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, +code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct. By +adopting this Code of Conduct, project maintainers commit themselves to fairly and consistently +applying these principles to every aspect of managing this project. Project maintainers who do not +follow or enforce the Code of Conduct may be permanently removed from the project team. + +This code of conduct applies both within project spaces and in public spaces when an individual is +representing the project or its community. + +Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by opening an +issue or contacting one or more of the project maintainers. + +This Code of Conduct is adapted from the [Contributor Covenant](http://contributor-covenant.org), +version 1.2.0, available at +[http://contributor-covenant.org/version/1/2/0/](http://contributor-covenant.org/version/1/2/0/) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 40f73553..05228746 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -3,7 +3,8 @@ When contributing to this repository, please first discuss the change you wish to make via issue, email, or any other method with the owners of this repository before making a change. -Please note we have a code of conduct, please follow it in all your interactions with the project. +Please note we have a [code of conduct](CODE_OF_CONDUCT.md), please follow it in all your +interactions with the project. ## Pull Request Process 1. Ensure you signed all your commits with Developer Certificate of Origin (DCO). @@ -16,44 +17,7 @@ Please note we have a code of conduct, please follow it in all your interactions 5. You may merge the Pull Request in once you have the sign-off of two other developers, or if you do not have permission to do that, you may request the second reviewer to merge it for you. -## Contributor Code of Conduct - -As contributors and maintainers of this project, and in the interest of fostering an open and -welcoming community, we pledge to respect all people who contribute through reporting issues, -posting feature requests, updating documentation, submitting pull requests or patches, and other -activities. - -We are committed to making participation in this project a harassment-free experience for everyone, -regardless of level of experience, gender, gender identity and expression, sexual orientation, -disability, personal appearance, body size, race, ethnicity, age, religion, or nationality. - -Examples of unacceptable behavior by participants include: - -* The use of sexualized language or imagery -* Personal attacks -* Trolling or insulting/derogatory comments -* Public or private harassment -* Publishing other's private information, such as physical or electronic addresses, without explicit - permission -* Other unethical or unprofessional conduct. - -Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, -code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct. By -adopting this Code of Conduct, project maintainers commit themselves to fairly and consistently -applying these principles to every aspect of managing this project. Project maintainers who do not -follow or enforce the Code of Conduct may be permanently removed from the project team. - -This code of conduct applies both within project spaces and in public spaces when an individual is -representing the project or its community. - -Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by opening an -issue or contacting one or more of the project maintainers. - -This Code of Conduct is adapted from the [Contributor Covenant](http://contributor-covenant.org), -version 1.2.0, available at -[http://contributor-covenant.org/version/1/2/0/](http://contributor-covenant.org/version/1/2/0/) - -### Sign your work +## Sign your work We use the Developer Certificate of Origin (DCO) as a additional safeguard for the CodiMD project. This is a well established and widely used -- cgit v1.2.3