Pad Thing with CodiMD
Jump to navigation
Jump to search
CodiMD is a browser-based real-time collaborative markdown notes/pad kind of thing.
Prerequisites
- Node v8.x https://nodejs.org/dist/latest-v8.x (tested with v8.15, support for v10.x is on the way)
- A MySQL database, for now it only works with an utf8 db, specifically
CHARACTER SET = utf8 COLLATE = utf8_general_ci
- a user with limited rights
- SSL certs
- NGINX HTTP server
Installation and Configuration
- get latest CodiMD stable release from https://github.com/hackmdio/codimd/releases (1.2.1 at time of writing)
wget https://github.com/hackmdio/codimd/archive/1.2.1.tar.gz tar xvf 1.2.1.tar.gz
- give it a place to stay if you like...
mv codimd-1.2.1 /path/to/somewhere/codimd cd /path/to/somewhere/codimd
- Edit
config.json
{ "production": { "host": "localhost", "debug": "false", "port": "3000", "domain": "${FQDN}", "sessionSecret": "${RANDOM_CRAP}", "useCDN": "false", "protocolUseSSL": "true", "allowOrigin": "['localhost']", "allowFreeURL": "true", "forbiddenNoteIDs": "['robots.txt']", "imageUploadType": "filesystem", "db": { "username": "${DB_USER}", "password": "${DB_USER_PASSWORD}", "database": "${DB}", "host": "localhost", "port": "3306", "dialect": "mysql" }, "csp": { "enable": "true", "directives": { "scriptSrc": "${FQDN}" }, "upgradeInsecureRequests": "auto", "addDefaults": "true" } } }
- You can fill the config as such:
${FQDN}
: your absolute domain name, ie subdomain.domain.yolo${RANDOM_CRAP}
: for instancecat /dev/urandom | tr -dc _A-Z-a-z-0-9 | head -c 32; echo
${DB_USER}
,${DB_USER_PASSWORD}
,${DB}
: info from the MySQL db and user you created for this app
- Edit
.sequelizerc
with the relevant MySQL info, again.
var path = require('path'); module.exports = { 'config': path.resolve('config.json'), 'migrations-path': path.resolve('lib', 'migrations'), 'models-path': path.resolve('lib', 'models'), 'url': 'mysql://${DB_USER}:${DB_USER_PASSWORD}@localhost:3306/${DB}' }
- Build
npm run build
- prepare database:
node_modules/.bin/sequelize db:migrate
- Make a site entry for you NGINX config, something along those lines:
server { listen 443; server_name subdomain.domain.yolo; access_log /var/log/nginx/subdomain.domain.yolo-access.log; error_log /var/log/nginx/subdomain.domain.yolo-error.log; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_http_version 1.1; proxy_pass http://localhost:3000; proxy_cache_bypass $http_upgrade; proxy_redirect off; } }
- Done!
Running CodiMD
Testing from the shell
(Or running from screen
/tmux
)
- su as your limited rights user:
su pooruser -s /bin/sh
- start CodiMD like this:
NODE_ENV="production" CMD_USECDN="false" CMD_ALLOW_GRAVATAR="false" node app.js
As a systemd service
TODO
Notes
- Configuration in CodiMD is a bit inconsistent, some settings exist in several places (like the db stuff, why???), and even though
env
variables are mirroring the config.json keys, some of these options will only work if passed asenv
variables... For instance"useCDN": "false"
does not work, butCMD_USECDN="false"
does. - By default client files, including the upload folder, will live inside the CodiMD folder, it can be moved elsewhere though, there are several options for setting various paths
"useCDN": "false"
andCMD_USECDN="false"
will prevent pulling stuff from various CDN, and serve the needed files from your server directly, which is nice. Similarly it's possible to disable Gravatar for registered users.- You can set
debug
totrue
inconfig.json
if you need more verbose output when trying things out