HedgeDoc Init

podman-hedgedoc/00_status.sh

@@ -0,0 +1 @@
+../_podman-common/00_status_pod.sh

podman-hedgedoc/05_freshinstall.sh

@@ -0,0 +1,34 @@
+#!/usr/bin/env bash
+
+ABSDIR="$( dirname "$(readlink -f -- "$0")" )"
+source ${ABSDIR}/../functions.sh
+source ${ABSDIR}/vars.sh
+
+ensure_pwd_is_scriptdir
+ensure_not_root
+
+ensure_variables_are_defined "$envvars"
+
+if podman volume exists ${dbvolume} ; then
+    echo "Error : DB volume ${dbvolume} already exists."
+    echo "Please remove it before a freshinstall, or continue with a standard installation."
+    exit 1
+fi
+
+if podman volume exists ${datavolume} ; then
+    echo "Error : DATA volume ${datavolume} already exists."
+    echo "Please remove it before a freshinstall, or continue with a standard installation."
+    exit 1
+fi
+
+if podman volume exists ${uploadsvolume} ; then
+    echo "Error : UPLOADS volume ${uploadsvolume} already exists."
+    echo "Please remove it before a freshinstall, or continue with a standard installation."
+    exit 1
+fi
+
+podman volume create ${dbvolume}
+podman volume create ${datavolume}
+podman volume create ${uploadsvolume}
+
+${ABSDIR}/10_install.sh

podman-hedgedoc/10_install.sh

@@ -0,0 +1,80 @@
+#!/usr/bin/env bash
+
+ABSDIR="$( dirname "$(readlink -f -- "$0")" )"
+source ${ABSDIR}/../functions.sh
+source ${ABSDIR}/vars.sh
+
+ensure_pwd_is_scriptdir
+ensure_not_root
+
+ensure_pod_not_exists ${pod_name}
+ensure_variables_are_defined "$envvars"
+
+if ! podman volume exists ${dbvolume} ; then
+    echo "Error : DB volume ${dbvolume} does not exists. Consider running 05_freshinstall.sh if this is the first install."
+    exit 1
+fi
+
+if ! podman volume exists ${datavolume} ; then
+    echo "Error : DATA volume ${datavolume} does not exists. Consider running 05_freshinstall.sh if this is the first install."
+    exit 1
+fi
+
+if ! podman volume exists ${uploadsvolume} ; then
+    echo "Error : UPLOADS volume ${uploasvolume} does not exists. Consider running 05_freshinstall.sh if this is the first install."
+    exit 1
+fi
+
+cat <<EOT >> .env
+# HedgeDoc https://docs.hedgedoc.org/configuration/
+## Node.JS
+NODE_ENV=production
+DEBUG=false
+## HedgeDoc basics
+CMD_CONFIG_FILE=/data/config.json
+CMD_DB_URL=sqlite:///data/sqlite.db
+#CMD_DB_URL=CMD_DB_URL=postgres://hedgedoc:${GARBAYE_HEDGEDOC_DATABASE_PASSWORD}@database:5432/hedgedoc
+#CMD_DB_URL=CMD_DB_URL=mysql://hedgedoc:${GARBAYE_HEDGEDOC_DATABASE_PASSWORD}@database:3306/hedgedoc
+CMD_IMAGE_UPLOAD_TYPE=filesystem
+## HedgeDoc Location
+CMD_DOMAIN=localhost
+CMD_URL_ADDPORT=true
+CMD_ALLOW_ORIGIN=['localhost','${GARBAYE_HEDGEDOC_DOMAIN}']
+## Web security aspects
+CMD_CSP_ALLOW_FRAMING=false
+CMD_CSP_ALLOW_PDF_EMBED=false
+CMD_COOKIE_POLICY=strict
+## Privacy and External Requests
+CMD_ALLOW_GRAVATAR=false
+## Users and Privileges
+CMD_ALLOW_ANONYMOUS=false
+## Login methods
+CMD_ALLOW_EMAIL_REGISTER=false
+# PostgreSQL
+POSTGRES_DB=hedgedoc
+POSTGRES_PASSWORD=${GARBAYE_HEDGEDOC_DATABASE_PASSWORD}
+POSTGRES_USER=hedgedoc
+# MySQL
+MYSQL_USER=hedgedoc
+MYSQL_PASSWORD=${GARBAYE_HEDGEDOC_DATABASE_PASSWORD}
+MYSQL_DATABASE=hedgedoc
+EOT
+
+export hedgedoc_image
+export hedgedoc_version
+export database_image
+export database_version
+
+if ! podman image exists ${hedgedoc_image}:${hedgedoc_version}; then
+    podman image pull ${hedgedoc_image}:${hedgedoc_version} || exit 1
+fi
+if ! podman image exists ${database_image}:${database_version}; then
+    podman pull ${database_image}:${database_version} &&
+fi
+podman-compose --pod-args="--infra=true --infra-name=${project_name}_infra --share=" --podman-run-args "--requires=${project_name}_infra --env-file .env" up -d &&
+echo -n "Waiting for hedgedoc to finish starting " &&
+( podman logs -f ${container_name} 2>&1 & ) | grep -q 'HTTP Server listening at ' &&
+echo "OK" &&
+podman pod stop ${pod_name} &&
+echo Pod built and stopped. &&
+shred -u .env

podman-hedgedoc/20_enable.sh

@@ -0,0 +1 @@
+../_podman-common/20_enable_pod.sh

podman-hedgedoc/30_start.sh

@@ -0,0 +1 @@
+../_podman-common/30_start_pod.sh

podman-hedgedoc/40_stop.sh

@@ -0,0 +1 @@
+../_podman-common/40_stop_pod.sh

podman-hedgedoc/70_disable.sh

@@ -0,0 +1 @@
+../_podman-common/70_disable_pod.sh

podman-hedgedoc/80_destroy.sh

@@ -0,0 +1 @@
+../_podman-common/80_destroy_pod.sh

podman-hedgedoc/90_prune.sh

@@ -0,0 +1 @@
+../_podman-common/90_prune_pod.sh

podman-hedgedoc/docker-compose.yml

@@ -0,0 +1,112 @@
+# Using version 3 to provide play-with-docker badge
+# You can change to version 2 without breaking.
+#version: '2'
+version: '3'
+services:
+  database:
+    # Don't upgrade PostgreSQL by simply changing the version number
+    # You need to migrate the Database to the new PostgreSQL version
+    image: ${database_image}:${database_version}
+    #mem_limit: 256mb         # version 2 only
+    #memswap_limit: 512mb     # version 2 only
+    #read_only: true          # not supported in swarm mode please enable along with tmpfs
+    #tmpfs:
+    #  - /run/postgresql:size=512K
+    #  - /tmp:size=256K
+    #environment:
+    #  - POSTGRES_USER=hedgedoc
+    #  - POSTGRES_PASSWORD=
+    #  - POSTGRES_DB=hedgedoc
+    volumes:
+      - database:/var/lib/postgresql/data
+    networks:
+      backend:
+    restart: always
+
+  # MySQL example
+  # Most of the documentation that applies to PostgreSQL applies also to MySQL
+  #database:
+  #    # You should be able to upgrade MySQL without problems
+  #    # but to make sure no even when a problem appears you
+  #    # should have a backup
+  #    image: mariadb:10
+  #    #environment:
+  #    #  - MYSQL_USER=hedgedoc
+  #    #  - MYSQL_PASSWORD=password
+  #    #  - MYSQL_DATABASE=hedgedoc
+  #    #  - MYSQL_ALLOW_EMPTY_PASSWORD=true
+  #    volumes:
+  #      - database:/var/lib/mysql
+  #      # This config provides UTF-8 support to the database by default
+  #      # If this config is not used, HedgeDoc breaks as it tries to write
+  #      # UTF-8 to a latin database.
+  #      - ./resources/utf8.cnf:/etc/mysql/conf.d/utf8.cnf
+  #    networks:
+  #      backend:
+  #    restart: always
+
+  app:
+    # Uncomment the following section to build the image yourself:
+    #build:
+    #  context: .
+    #  dockerfile: debian/Dockerfile
+    #  args:
+    #    - "VERSION=master"
+    #    - "HEDGEDOC_REPOSITORY=https://github.com/hedgedoc/hedgedoc.git"
+    image: ${hedgedoc_image}:${hedgedoc_version}
+    #mem_limit: 256mb         # version 2 only
+    #memswap_limit: 512mb     # version 2 only
+    #read_only: true          # not supported in swarm mode, enable along with tmpfs
+    #tmpfs:
+    #  - /tmp:size=10M
+    #  # Make sure you remove this when you use filesystem as upload type
+    #  - /hedgedoc/public/uploads:size=10M
+#    environment:
+#      # **DB_URL** is formatted like: <databasetype>://<username>:<password>@<hostname>:<port>/<database>
+#      # Other examples are:
+#      # - mysql://hedgedoc:password@database:3306/hedgedoc
+#      # - sqlite:///data/sqlite.db (NOT RECOMMENDED)
+#      # - For details see the official sequelize docs: http://docs.sequelizejs.com/en/v3/
+#      - CMD_DB_URL=postgres://hedgedoc:password@database:5432/hedgedoc
+#      # **DOMAIN** is the domain under which HedgeDoc will be available. Just the (sub)domain, no protocol or paths.
+#      # You MUST change this if your instance should be available under another domain than "localhost", otherwise your
+#      # instance may be broken.
+#      # You can define only ONE domain.
+#      - CMD_DOMAIN=localhost
+#      # **PROTOCOL_USESSL** defines if generated links should be HTTPS URLs.
+#      # This variable won't activate encryption on the listen port.
+#      # Set this to true if your reverse proxy exposes your instance via HTTPS.
+#      - CMD_PROTOCOL_USESSL=false
+#      # **HSTS_ENABLE** defines if HSTS headers should be sent. Set this to true if you use HTTPS.
+#      - CMD_HSTS_ENABLE=false
+#      # **URL_ADDPORT** defines if generated links should contain the port.
+#      # Set this to false if your reverse uses the default ports (443 for HTTPS or 80 for HTTP).
+#      - CMD_URL_ADDPORT=true
+    volumes:
+      - uploads:/hedgedoc/public/uploads
+      - data:/data
+    ports:
+      # Ports that are published to the outside.
+      # The latter port is the port inside the container. It should always stay on 3000
+      # If you only specify a port it'll published on all interfaces. If you want to use a
+      # local reverse proxy, you may want to listen on 127.0.0.1.
+      # Example:
+      # - "127.0.0.1:3000:3000"
+      - "3000:3000"
+    networks:
+      backend:
+    restart: always
+    depends_on:
+      - database
+
+# Define networks to allow best isolation
+networks:
+  # Internal network for communication with PostgreSQL/MySQL
+  backend:
+
+# Define named volumes so data stays in place
+volumes:
+  # Volume for PostgreSQL/MySQL database
+  database:
+  uploads:
+  data:

podman-hedgedoc/vars.sh

@@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+## vars
+hedgedoc_image="quay.io/hedgedoc/hedgedoc"
+hedgedoc_version='1.9.6'
+database_image="docker.io/library/postgres"
+database_version='14.5-alpine'
+## mandatory ENV vars
+envvars='GARBAYE_HEDGEDOC_DATABASE_PASSWORD GARBAYE_HEDGEDOC_ENV_DOMAIN'
+## internal vars : do not touch
+project_name=${PWD##*/}
+pod_name="pod_${project_name}"
+service_name="pod-${pod_name}.service"
+upstream_images="${hedgedoc_image} ${postgres_image}"
+datavolume='podman-hedgedoc_data'
+dbvolume='podman-hedgedoc_database'
+uploadsvolume='podman-hedgedoc_uploads'
+container_name='app'
+db_container_name='database'