diff options
author | Vianney le Clément de Saint-Marcq | 2019-09-12 12:06:03 +0200 |
---|---|---|
committer | Vianney le Clément de Saint-Marcq | 2019-09-12 12:06:03 +0200 |
commit | c07cfaf381bb9b6313d5ab2b98c4aa0b163cb494 (patch) | |
tree | a5624973115811e871dd5748d04e78b88428d6f6 | |
download | aur-c07cfaf381bb9b6313d5ab2b98c4aa0b163cb494.tar.gz |
Initial commit
-rw-r--r-- | .SRCINFO | 23 | ||||
-rw-r--r-- | PKGBUILD | 36 | ||||
-rw-r--r-- | codimd.service | 24 | ||||
-rw-r--r-- | config.json | 28 | ||||
-rw-r--r-- | environment | 282 | ||||
-rw-r--r-- | sysusers.conf | 1 |
6 files changed, 394 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..0f3b5f52f54c --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,23 @@ +pkgbase = codimd-bin + pkgdesc = Realtime collaborative markdown notes + pkgver = 1.5.0 + pkgrel = 1 + url = https://github.com/codimd/server + arch = x86_64 + license = AGPL3 + makedepends = skopeo + makedepends = undocker + options = !strip + backup = etc/codimd/environment + backup = etc/codimd/config.json + source = codimd.service + source = sysusers.conf + source = environment + source = config.json + sha256sums = dcb7d3a23b8d3be3a5b1067dc71e0e25046962c8bcf4e90e808cd9005fb32241 + sha256sums = 25e696ca1202b9df1287e23f40ffa8b909a629f4b3916c572561d953e44e3b22 + sha256sums = 523ccf9d8c1795bd70523f22b0268be3efdc42a3e8bed7008285bc3b894e53c2 + sha256sums = befaec00c6bfd3e6472659ae52639cd94ddd8d10edb5c7d0301ede6d9a817917 + +pkgname = codimd-bin + diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..0cd390529437 --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,36 @@ +# Maintainer: Vianney le Clément de Saint-Marcq <code AT quartic·eu> +pkgname=codimd-bin +pkgver=1.5.0 +pkgrel=1 +pkgdesc="Realtime collaborative markdown notes" +arch=('x86_64') +url="https://github.com/codimd/server" +license=('AGPL3') +makedepends=('skopeo' 'undocker') +options=('!strip') +backup=('etc/codimd/environment' + 'etc/codimd/config.json') +source=('codimd.service' + 'sysusers.conf' + 'environment' + 'config.json') +sha256sums=('dcb7d3a23b8d3be3a5b1067dc71e0e25046962c8bcf4e90e808cd9005fb32241' + '25e696ca1202b9df1287e23f40ffa8b909a629f4b3916c572561d953e44e3b22' + '523ccf9d8c1795bd70523f22b0268be3efdc42a3e8bed7008285bc3b894e53c2' + 'befaec00c6bfd3e6472659ae52639cd94ddd8d10edb5c7d0301ede6d9a817917') + +_dockerimage="linuxserver/codimd:1.5.0-ls12" + +prepare() { + rm -f codimd.tar + skopeo copy "docker://${_dockerimage}" "docker-archive:${srcdir}/codimd.tar:latest" +} + +package() { + mkdir -p "${pkgdir}/opt/codimd" + cat codimd.tar | undocker -o "${pkgdir}/opt/codimd" + install -Dm644 codimd.service "${pkgdir}/usr/lib/systemd/system/codimd.service" + install -Dm644 sysusers.conf "${pkgdir}/usr/lib/sysusers.d/codimd.conf" + install -Dm600 environment "${pkgdir}/etc/codimd/environment" + install -Dm644 config.json "${pkgdir}/etc/codimd/config.json" +} diff --git a/codimd.service b/codimd.service new file mode 100644 index 000000000000..0d11dbb1e047 --- /dev/null +++ b/codimd.service @@ -0,0 +1,24 @@ +[Unit] +Description=Realtime collaborative markdown notes + +[Service] +Type=simple +RootDirectory=/opt/codimd +WorkingDirectory=/opt/codimd +EnvironmentFile=/etc/codimd/environment +ExecStartPre=/opt/codimd/node_modules/sequelize-cli/lib/sequelize db:migrate --url ${CMD_DB_URL} +ExecStart=/usr/bin/node app.js +User=codimd +ConfigurationDirectory=codimd +StateDirectory=codimd codimd/uploads +MountAPIVFS=true +NoNewPrivileges=true +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectControlGroups=true +PrivateDevices=true +PrivateUsers=true +PrivateTmp=true + +[Install] +WantedBy=multi-user.target diff --git a/config.json b/config.json new file mode 100644 index 000000000000..7a8a1be06c7c --- /dev/null +++ b/config.json @@ -0,0 +1,28 @@ +{ + "development": { + "loglevel": "debug", + "hsts": { + "enable": false + }, + "uploadsPath": "/var/lib/codimd/uploads" + }, + "production": { + "loglevel": "info", + "hsts": { + "enable": true, + "maxAgeSeconds": 31536000, + "includeSubdomains": true, + "preload": true + }, + "csp": { + "enable": true, + "directives": { + }, + "upgradeInsecureRequests": "auto", + "addDefaults": true, + "addDisqus": false, + "addGoogleAnalytics": false + }, + "uploadsPath": "/var/lib/codimd/uploads" + } +} diff --git a/environment b/environment new file mode 100644 index 000000000000..36059513002d --- /dev/null +++ b/environment @@ -0,0 +1,282 @@ +# CodiMD configuration file +# +# This file is read as an environment file by the systemd service. +# +# See https://github.com/codimd/server/blob/master/docs/configuration-env-vars.md +# for all configuration options + + +############################################################################### +# Node.JS +############################################################################### + +# Current environment (production or development) +NODE_ENV=production + +# Debug mode showing more logs +DEBUG=false + + +############################################################################### +# CodiMD Basics +############################################################################### + +# Override path to CodiMD's config file (DO NOT CHANGE THIS) +CMD_CONFIG_FILE=/etc/codimd/config.json + +# Database URL +CMD_DB_URL=sqlite:///var/lib/codimd/db.sqlite + +# Log level to provide to stdout +CMD_LOGLEVEL=info + +# Disallow creation of notes, even if CMD_ALLOW_FREEURL is true +#CMD_FORBIDDEN_NOTE_IDS=robots.txt,favicon.ico,api + +# Where to upload images +#CMD_IMAGE_UPLOAD_TYPE=filesystem + +# Provides the link to the source code of CodiMD on the entry page. +#CMD_SOURCE_URL= + +# CPU time for one event loop tick until node throttles connections. +# (milliseconds) +#CMD_TOOBUSY_LAG=70 + +# Enable/disable PDF exports +CMD_ALLOW_PDF_EXPORT=false + + +############################################################################### +# Location +############################################################################### + +# Domain name +CMD_DOMAIN=localhost + +# If CodiMD is run from a subdirectory like www.example.com/<urlpath> +#CMD_URL_PATH= + +# Interface/IP to listen on +CMD_HOST=127.0.0.1 + +# Port to listen on +CMD_PORT=3000 + +# Path to UNIX domain socket to listen on +# (if specified, CMD_HOST and CMD_PORT are ignored) +#CMD_PATH=/run/codimd/codimd.sock + +# Set to use SSL protocol for resources path (only applied when domain is set) +#CMD_PROTOCOL_USESSL=false + +# Set to add port on callback URL (ports 80 or 443 won't be applied) +# (only applied when domain is set) +CMD_URL_ADDPORT=true + +# Domain name whitelist (use comma to separate) +#CMD_ALLOW_ORIGIN=localhost + + +############################################################################### +# CSP and HSTS +############################################################################### + +# Whether to enable Content Security Policy +# (directives cannot be configured with environment variables) +#CMD_CSP_ENABLE=true + +# Allows to add a URL for CSP reports in case of violations +#CMD_CSP_REPORTURI= + +# Set to enable HSTS if HTTPS is also enabled (default is true) +#CMD_HSTS_ENABLE=true + +# Set to include subdomains in HSTS (default is true) +#CMD_HSTS_INCLUDE_SUBDOMAINS=true + +# Max duration in seconds to tell clients to keep HSTS status +# (default is a year) +#CMD_HSTS_MAX_AGE=31536000 + +# Whether to allow preloading of the site's HSTS status (e.g. into browsers) +#CMD_HSTS_PRELOAD=true + + +############################################################################### +# Privacy and External Requests +############################################################################### + +# Set to false to disable gravatar as profile picture source on your instance +CMD_ALLOW_GRAVATAR=false + +# Set to use CDN resources or not +CMD_USECDN=false + + +############################################################################### +# Users and Privileges +############################################################################### + +# Set to allow anonymous usage +CMD_ALLOW_ANONYMOUS=false + +# If allowAnonymous is true: allow users to select freely permission, +# allowing guests to edit existing notes +CMD_ALLOW_ANONYMOUS_EDITS=false + +# Set to allow new note creation by accessing a nonexistent note URL. +# This is the behavior familiar from Etherpad. +CMD_ALLOW_FREEURL=false + +# Set notes default permission (only applied on signed-in users). +# Values: freely, editable, limited, locked, protected, private +CMD_DEFAULT_PERMISSION=private + +# Cookie session life time in milliseconds (default: 14 days) +#CMD_SESSION_LIFE=1209600000 + +# Secret used to sign the session cookie. If none is set, one will randomly +# generated on each startup, meaning all your users will be logged out. +#CMD_SESSION_SECRET=set_this_to_a_very_private_string + + +############################################################################### +# Login methods +############################################################################### + +## Email (local accounts) + +# Set to allow email sign-in +CMD_EMAIL=true + +# Set to allow registration of new accounts using an email address. +# If set to false, you can still create accounts using the command line - +# see bin/manage_users for details. +# This setting has no effect if CMD_EMAIL is false. +CMD_ALLOW_EMAIL_REGISTER=true + + +## Dropbox Login + +#CMD_DROPBOX_CLIENTID= +#CMD_DROPBOX_CLIENTSECRET= + + +## Facebook Login + +#CMD_FACEBOOK_CLIENTID= +#CMD_FACEBOOK_CLIENTSECRET= + + +## GitHub Login + +#CMD_GITHUB_CLIENTID= +#CMD_GITHUB_CLIENTSECRET= + + +## GitLab Login + +#CMD_GITLAB_SCOPE=api +#CMD_GITLAB_BASEURL= +#CMD_GITLAB_CLIENTID= +#CMD_GITLAB_CLIENTSECRET= +#CMD_GITLAB_VERSION= + + +## Google Login + +#CMD_GOOGLE_CLIENTID= +#CMD_GOOGLE_CLIENTSECRET= + + +## LDAP Login + +#CMD_LDAP_URL= +#CMD_LDAP_BINDDN= +#CMD_LDAP_BINDCREDENTIALS= +#CMD_LDAP_SEARCHBASE= +#CMD_LDAP_SEARCHFILTER= +#CMD_LDAP_SEARCHATTRIBUTES= +#CMD_LDAP_USERIDFIELD= +#CMD_LDAP_USERNAMEFIELD= +#CMD_LDAP_TLS_CA= +#CMD_LDAP_PROVIDERNAME= + + +## Mattermost Login + +#CMD_MATTERMOST_BASEURL= +#CMD_MATTERMOST_CLIENTID= +#CMD_MATTERMOST_CLIENTSECRET= + + +## OAuth2 Login + +#CMD_OAUTH2_USER_PROFILE_URL= +#CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR= +#CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR= +#CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR= +#CMD_OAUTH2_TOKEN_URL= +#CMD_OAUTH2_AUTHORIZATION_URL= +#CMD_OAUTH2_CLIENT_ID= +#CMD_OAUTH2_CLIENT_SECRET= +#CMD_OAUTH2_PROVIDERNAME= + + +## SAML Login + +#CMD_SAML_IDPSSOURL= +#CMD_SAML_IDPCERT= +#CMD_SAML_ISSUER= +#CMD_SAML_DISABLEREQUESTEDAUTHNCONTEXT= +#CMD_SAML_IDENTIFIERFORMAT= +#CMD_SAML_GROUPATTRIBUTE= +#CMD_SAML_REQUIREDGROUPS= +#CMD_SAML_EXTERNALGROUPS= +#CMD_SAML_ATTRIBUTE_ID= +#CMD_SAML_ATTRIBUTE_USERNAME= +#CMD_SAML_ATTRIBUTE_EMAIL= + + +## Twitter Login + +#CMD_TWITTER_CONSUMERKEY= +#CMD_TWITTER_CONSUMERSECRET= + + +############################################################################### +# Upload Storage +############################################################################### + +## Amazon S3 + +#CMD_S3_ACCESS_KEY_ID= +#CMD_S3_SECRET_ACCESS_KEY= +#CMD_S3_REGION= +#CMD_S3_BUCKET= + + +## Asure Blob Storage + +#CMD_AZURE_CONNECTION_STRING= +#CMD_AZURE_CONTAINER= + + +## imgur + +#CMD_IMGUR_CLIENTID= + + +## Minio + +#CMD_MINIO_ACCESS_KEY= +#CMD_MINIO_SECRET_KEY= +#CMD_MINIO_ENDPOINT= +#CMD_MINIO_PORT= +#CMD_MINIO_SECURE= + + +## Lutim + +#CMD_LUTIM_URL= diff --git a/sysusers.conf b/sysusers.conf new file mode 100644 index 000000000000..3ced9913c4de --- /dev/null +++ b/sysusers.conf @@ -0,0 +1 @@ +u codimd |