Verified Commit 6b61c8ae authored by erdnaxe's avatar erdnaxe 🦋

Add CodiMD, EtherPad and Riot

parent 1b9beb0c
# From https://github.com/codimd/container/
version: '3'
services:
database:
# Don't upgrade PostgreSQL by simply changing the version number
# You need to migrate the Database to the new PostgreSQL version
image: postgres:9.6-alpine
environment:
POSTGRES_USER: codimd
POSTGRES_PASSWORD: codimdpass
POSTGRES_DB: codimd
volumes:
- ./data_db:/var/lib/postgresql/data
restart: always
app:
image: quay.io/codimd/server:1.4.0
environment:
DEBUG: "false"
CMD_DB_URL: "postgres://codimd:codimdpass@database:5432/codimd"
CMD_URL_ADDPORT: "false"
CMD_EMAIL: "false"
CMD_DOMAIN: "${DOMAIN}"
CMD_PROTOCOL_USESSL: "true"
CMD_USECDN: "false"
CMD_ALLOW_FREEURL: "true"
CMD_IMAGE_UPLOAD_TYPE: "filesystem"
CMD_LDAP_URL: "${LDAP_URL}"
CMD_LDAP_BINDDN: "${LDAP_BINDDN}"
CMD_LDAP_BINDCREDENTIALS: "${LDAP_BINDCREDENTIALS}"
CMD_LDAP_SEARCHBASE: "${LDAP_SEARCHBASE}"
CMD_LDAP_SEARCHFILTER: "(uid={{username}})"
CMD_LDAP_SEARCHATTRIBUTES: "uid, givenName, mail"
CMD_LDAP_USERIDFIELD: "uid"
CMD_LDAP_USERNAMEFIELD: "uid"
CMD_LDAP_PROVIDERNAME: "${LDAP_PROVIDERNAME}"
ports:
- "8081:3000"
volumes:
- ./data_uploads:/codimd/public/uploads
restart: always
depends_on:
- database
DOMAIN=codimd.servens.club
LDAP_URL=ldap://10.0.0.10
LDAP_BINDDN="cn=codimd,ou=service-users,dc=servens,dc=club"
LDAP_BINDCREDENTIALS="Change me"
LDAP_SEARCHBASE="cn=Utilisateurs,dc=servens,dc=club"
LDAP_PROVIDERNAME="Servens"
# Etherpad Lite Dockerfile
#
# https://github.com/ether/etherpad-docker
#
# Author: muxator
#
# Version 0.1, patched by erdnaxe
FROM node:latest
LABEL maintainer="Etherpad team, https://github.com/ether/etherpad-lite"
# git hash of the version to be built.
# If not given, build the latest development version.
ARG ETHERPAD_VERSION=develop
# plugins to install while building the container. By default no plugins are
# installed.
# If given a value, it has to be a space-separated, quoted list of plugin names.
#
# EXAMPLE:
# ETHERPAD_PLUGINS="ep_codepad ep_author_neat"
ARG ETHERPAD_PLUGINS=
# Set the following to production to avoid installing devDeps
# this can be done with build args (and is mandatory to build ARM version)
ARG NODE_ENV=development
# grab the ETHERPAD_VERSION tarball from github (no need to clone the whole
# repository)
RUN echo "Getting version: ${ETHERPAD_VERSION}" && \
curl \
--location \
--fail \
--silent \
--show-error \
--output /opt/etherpad-lite.tar.gz \
https://github.com/ether/etherpad-lite/archive/"${ETHERPAD_VERSION}".tar.gz && \
mkdir /opt/etherpad-lite && \
tar xf /opt/etherpad-lite.tar.gz \
--directory /opt/etherpad-lite \
--strip-components=1 && \
rm /opt/etherpad-lite.tar.gz
WORKDIR /opt/etherpad-lite
# install node dependencies for Etherpad
RUN bin/installDeps.sh
# Install the plugins, if ETHERPAD_PLUGINS is not empty.
#
# Bash trick: in the for loop ${ETHERPAD_PLUGINS} is NOT quoted, in order to be
# able to split at spaces.
RUN for PLUGIN_NAME in ${ETHERPAD_PLUGINS}; do npm install "${PLUGIN_NAME}"; done
# Copy the custom configuration file
COPY settings.json /opt/etherpad-lite/
EXPOSE 9001
CMD ["node", "node_modules/ep_etherpad-lite/node/server.js"]
version: "3.7"
services:
etherpad:
build:
context: .
args:
ETHERPAD_VERSION: 1.7.5
NODE_ENV: production
ports:
- 8084:9001
restart: always
database:
# Don't upgrade PostgreSQL by simply changing the version number
# You need to migrate the Database to the new PostgreSQL version
image: postgres:9.6-alpine
environment:
POSTGRES_USER: etherpad
POSTGRES_PASSWORD: etherpadpass
POSTGRES_DB: etherpad
volumes:
- ./data_db:/var/lib/postgresql/data
restart: always
/*
* This file must be valid JSON. But comments are allowed
*
* Please edit settings.json, not settings.json.template
*
* Please note that since Etherpad 1.6.0 you can store DB credentials in a
* separate file (credentials.json).
*/
{
/*
* Name your instance!
*/
"title": "Etherpad Servens",
/*
* favicon default name
* alternatively, set up a fully specified Url to your own favicon
*/
"favicon": "favicon.ico",
/*
*/
"skinName": "no-skin",
/*
* IP and port which etherpad should bind at
*/
"ip": "0.0.0.0",
"port" : 9001,
/*
* Option to hide/show the settings.json in admin page.
*
* Default option is set to true
*/
"showSettingsInAdminPage" : true,
/*
* Node native SSL support
*
* This is disabled by default.
* Make sure to have the minimum and correct file access permissions set so
* that the Etherpad server can access them
*/
/*
"ssl" : {
"key" : "/path-to-your/epl-server.key",
"cert" : "/path-to-your/epl-server.crt",
"ca": ["/path-to-your/epl-intermediate-cert1.crt", "/path-to-your/epl-intermediate-cert2.crt"]
},
*/
/*
* The type of the database.
*
* You can choose between many DB drivers, for example: dirty, postgres,
* sqlite, mysql.
*
* You shouldn't use "dirty" for for anything else than testing or
* development.
*
* For a complete list of the supported drivers, please consult:
* https://www.npmjs.com/package/ueberdb2
*/
"dbType" : "postgres",
/*
* Database specific settings (dependent on dbType).
*
* Remember that since Etherpad 1.6.0 you can also store these informations in
* credentials.json.
*/
"dbSettings" : {
"user" : "etherpad",
"host" : "database",
"port" : 5432,
"password": "etherpadpass",
"database": "etherpad"
},
/*
* An Example of MySQL Configuration (commented out).
*
* See: https://github.com/ether/etherpad-lite/wiki/How-to-use-Etherpad-Lite-with-MySQL
*/
/*
"dbType" : "postgres",
"dbSettings" : {
"user" : "etherpaduser",
"host" : "localhost",
"port" : 3306,
"password": "PASSWORD",
"database": "etherpad_lite_db",
"charset" : "utf8mb4"
},
*/
/*
* The default text of a pad
*/
"defaultPadText" : "Bienvenue sur l'EtherPad d'Aurore !\n\nCe pad est public.\n",
/*
* Default Pad behavior.
*
* Change them if you want to override.
*/
"padOptions": {
"noColors": false,
"showControls": true,
"showChat": true,
"showLineNumbers": true,
"useMonospaceFont": false,
"userName": false,
"userColor": false,
"rtl": false,
"alwaysShowChat": false,
"chatAndUsers": false,
"lang": "fr-fr"
},
/*
* Pad Shortcut Keys
*/
"padShortcutEnabled" : {
"altF9" : true, /* focus on the File Menu and/or editbar */
"altC" : true, /* focus on the Chat window */
"cmdShift2" : true, /* shows a gritter popup showing a line author */
"delete" : true,
"return" : true,
"esc" : true, /* in mozilla versions 14-19 avoid reconnecting pad */
"cmdS" : true, /* save a revision */
"tab" : true, /* indent */
"cmdZ" : true, /* undo/redo */
"cmdY" : true, /* redo */
"cmdI" : true, /* italic */
"cmdB" : true, /* bold */
"cmdU" : true, /* underline */
"cmd5" : true, /* strike through */
"cmdShiftL" : true, /* unordered list */
"cmdShiftN" : true, /* ordered list */
"cmdShift1" : true, /* ordered list */
"cmdShiftC" : true, /* clear authorship */
"cmdH" : true, /* backspace */
"ctrlHome" : true, /* scroll to top of pad */
"pageUp" : true,
"pageDown" : true
},
/*
* Should we suppress errors from being visible in the default Pad Text?
*/
"suppressErrorsInPadText" : false,
/*
* If this option is enabled, a user must have a session to access pads.
* This effectively allows only group pads to be accessed.
*/
"requireSession" : false,
/*
* Users may edit pads but not create new ones.
*
* Pad creation is only via the API.
* This applies both to group pads and regular pads.
*/
"editOnly" : false,
/*
* If set to true, those users who have a valid session will automatically be
* granted access to password protected pads.
*/
"sessionNoPassword" : false,
/*
* If true, all css & js will be minified before sending to the client.
*
* This will improve the loading performance massively, but makes it difficult
* to debug the javascript/css
*/
"minify" : true,
/*
* How long may clients use served javascript code (in seconds)?
*
* Not setting this may cause problems during deployment.
* Set to 0 to disable caching.
*/
"maxAge" : 21600, // 60 * 60 * 6 = 6 hours
/*
* Absolute path to the Abiword executable.
*
* Abiword is needed to get advanced import/export features of pads. Setting
* it to null disables Abiword and will only allow plain text and HTML
* import/exports.
*/
"abiword" : null,
/*
* This is the absolute path to the soffice executable.
*
* LibreOffice can be used in lieu of Abiword to export pads.
* Setting it to null disables LibreOffice exporting.
*/
"soffice" : null,
/*
* Path to the Tidy executable.
*
* Tidy is used to improve the quality of exported pads.
* Setting it to null disables Tidy.
*/
"tidyHtml" : null,
/*
* Allow import of file types other than the supported ones:
* txt, doc, docx, rtf, odt, html & htm
*/
"allowUnknownFileEnds" : true,
/*
* This setting is used if you require authentication of all users.
*
* Note: "/admin" always requires authentication.
*/
"requireAuthentication" : false,
/*
* Require authorization by a module, or a user with is_admin set, see below.
*/
"requireAuthorization" : false,
/*
* When you use NGINX or another proxy/load-balancer set this to true.
*/
"trustProxy" : false,
/*
* Privacy: disable IP logging
*/
"disableIPlogging" : false,
/*
* Time (in seconds) to automatically reconnect pad when a "Force reconnect"
* message is shown to user.
*
* Set to 0 to disable automatic reconnection.
*/
"automaticReconnectionTimeout" : 0,
/*
* By default, when caret is moved out of viewport, it scrolls the minimum
* height needed to make this line visible.
*/
"scrollWhenFocusLineIsOutOfViewport": {
/*
* Percentage of viewport height to be additionally scrolled.
*
* E.g.: use "percentage.editionAboveViewport": 0.5, to place caret line in
* the middle of viewport, when user edits a line above of the
* viewport
*
* Set to 0 to disable extra scrolling
*/
"percentage": {
"editionAboveViewport": 0,
"editionBelowViewport": 0
},
/*
* Time (in milliseconds) used to animate the scroll transition.
* Set to 0 to disable animation
*/
"duration": 0,
/*
* Flag to control if it should scroll when user places the caret in the
* last line of the viewport
*/
"scrollWhenCaretIsInTheLastLineOfViewport": false,
/*
* Percentage of viewport height to be additionally scrolled when user
* presses arrow up in the line of the top of the viewport.
*
* Set to 0 to let the scroll to be handled as default by Etherpad
*/
"percentageToScrollWhenUserPressesArrowUp": 0
},
/*
* Users for basic authentication.
*
* is_admin = true gives access to /admin.
* If you do not uncomment this, /admin will not be available!
*
* WARNING: passwords should not be stored in plaintext in this file.
* If you want to mitigate this, please install ep_hash_auth and
* follow the section "secure your installation" in README.md
*/
/*
"users": {
"admin": {
// "password" can be replaced with "hash" if you install ep_hash_auth
"password": "changeme1",
"is_admin": true
},
"user": {
// "password" can be replaced with "hash" if you install ep_hash_auth
"password": "changeme1",
"is_admin": false
}
},
*/
/*
* Restrict socket.io transport methods
*/
"socketTransportProtocols" : ["xhr-polling", "jsonp-polling", "htmlfile"],
/*
* Allow Load Testing tools to hit the Etherpad Instance.
*
* WARNING: this will disable security on the instance.
*/
"loadTest": false,
/*
* Disable indentation on new line when previous line ends with some special
* chars (':', '[', '(', '{')
*/
/*
"indentationOnNewLine": false,
*/
/*
* Toolbar buttons configuration.
*
* Uncomment to customize.
*/
/*
"toolbar": {
"left": [
["bold", "italic", "underline", "strikethrough"],
["orderedlist", "unorderedlist", "indent", "outdent"],
["undo", "redo"],
["clearauthorship"]
],
"right": [
["importexport", "timeslider", "savedrevision"],
["settings", "embed"],
["showusers"]
],
"timeslider": [
["timeslider_export", "timeslider_returnToPad"]
]
},
*/
/*
* The log level we are using.
*
* Valid values: DEBUG, INFO, WARN, ERROR
*/
"loglevel": "INFO",
/*
* Logging configuration. See log4js documentation for further information:
* https://github.com/nomiddlename/log4js-node
*
* You can add as many appenders as you want here.
*/
"logconfig" :
{ "appenders": [
{ "type": "console"
//, "category": "access"// only logs pad access
}
/*
, { "type": "file"
, "filename": "your-log-file-here.log"
, "maxLogSize": 1024
, "backups": 3 // how many log files there're gonna be at max
//, "category": "test" // only log a specific category
}
*/
/*
, { "type": "logLevelFilter"
, "level": "warn" // filters out all log messages that have a lower level than "error"
, "appender":
{ Use whatever appender you want here }
}
*/
/*
, { "type": "logLevelFilter"
, "level": "error" // filters out all log messages that have a lower level than "error"
, "appender":
{ "type": "smtp"
, "subject": "An error occurred in your EPL instance!"
, "recipients": "bar@blurdybloop.com, baz@blurdybloop.com"
, "sendInterval": 300 // 60 * 5 = 5 minutes -- will buffer log messages; set to 0 to send a mail for every message
, "transport": "SMTP", "SMTP": { // see https://github.com/andris9/Nodemailer#possible-transport-methods
"host": "smtp.example.com", "port": 465,
"secureConnection": true,
"auth": {
"user": "foo@example.com",
"pass": "bar_foo"
}
}
}
}
*/
]
} // logconfig
}
FROM nginx:alpine
ARG version
ARG gpg_key
# Download Riot Web, verify with GPG, then install
RUN apk add --no-cache --virtual .build-deps curl gnupg &&\
curl -sSL https://github.com/vector-im/riot-web/releases/download/${version}/riot-${version}.tar.gz -o riot-web.tar.gz &&\
curl -sSL https://github.com/vector-im/riot-web/releases/download/${version}/riot-${version}.tar.gz.asc -o riot-web.tar.gz.asc &&\
for server in \
hkp://keyserver.ubuntu.com:80 \
hkp://p80.pool.sks-keyservers.net:80 \
ha.pool.sks-keyservers.net \
; do \
echo "Fetching GPG key $gpg_key from $server"; \
gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$gpg_key" && break; \
done &&\
gpg --batch --verify riot-web.tar.gz.asc riot-web.tar.gz &&\
tar -xzf riot-web.tar.gz &&\
mv riot-${version} /etc/riot-web &&\
cp /etc/riot-web/config.sample.json /etc/riot-web/config.json &&\
rm -rf /usr/share/nginx/html && ln -s /etc/riot-web /usr/share/nginx/html &&\
rm riot-web.tar.gz* &&\
apk del .build-deps
{
"default_server_config": {
"m.homeserver": {
"base_url": "https://auro.re",
"server_name": "auro.re"
},
"m.identity_server": {
"base_url": "https://auro.re"
}
},
"disable_custom_urls": false,
"disable_guests": false,
"disable_login_language_selector": false,
"disable_3pid_login": false,
"brand": "Chat Servens",
"integrations_ui_url": "https://scalar.vector.im/",
"integrations_rest_url": "https://scalar.vector.im/api",
"integrations_jitsi_widget_url": "https://scalar.vector.im/api/widgets/jitsi.html",
"bug_report_endpoint_url": "https://riot.im/bugreports/submit",
"defaultCountryCode": "GB",
"showLabsSettings": false,
"features": {
"feature_groups": "labs",
"feature_pinning": "labs"
},
"default_federate": true,
"default_theme": "light",
"roomDirectory": {
"servers": [
"matrix.org"
]