Skip to content

Commit d71d839

Browse files
wizzdomwizzdom
authored
add hedgedoc docs (#30)
1 parent 6aa2e38 commit d71d839

File tree

2 files changed

+82
-11
lines changed

2 files changed

+82
-11
lines changed

docs/services/codimd.md

Lines changed: 0 additions & 11 deletions
This file was deleted.

docs/services/md.md

Lines changed: 82 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,82 @@
1+
---
2+
title: HedgeDoc
3+
author:
4+
- wizzdom
5+
tags:
6+
- aperture
7+
- nomad
8+
- docker
9+
---
10+
11+
# HedgeDoc - `wizzdom`
12+
13+
HedgeDoc is deployed with [nomad](nomad.md) on [`aperture`](../hardware/aperture/index.md) as a docker container. It is accessible through [md.redbrick.dcu.ie](https://md.redbrick.dcu.ie).
14+
15+
HedgeDoc auths against LDAP and its configuration is available [here](https://github.com/redbrick/nomad/blob/master/jobs/services/hedgedoc.hcl)
16+
17+
All sensitive variables are stored in the [`consul`](consul.md) KV store.
18+
19+
The important points are as follows:
20+
21+
- connecting to the database:
22+
23+
```bash
24+
CMD_DB_URL = "postgres://{{ key "hedgedoc/db/user" }}:{{ key "hedgedoc/db/password" }}@{{ env "NOMAD_ADDR_db" }}/{{ key "hedgedoc/db/name" }}"
25+
```
26+
27+
- disabling anonymous users and email signup:
28+
29+
```bash
30+
CMD_ALLOW_EMAIL_REGISTER = "false"
31+
CMD_ALLOW_ANONYMOUS = "false"
32+
CMD_EMAIL = "false"
33+
```
34+
35+
- LDAP configuration:
36+
37+
```bash
38+
CMD_LDAP_URL = "{{ key "hedgedoc/ldap/url" }}"
39+
CMD_LDAP_SEARCHBASE = "ou=accounts,o=redbrick"
40+
CMD_LDAP_SEARCHFILTER = "{{`(uid={{username}})`}}"
41+
CMD_LDAP_PROVIDERNAME = "Redbrick"
42+
CMD_LDAP_USERIDFIELD = "uidNumber"
43+
CMD_LDAP_USERNAMEFIELD = "uid"
44+
```
45+
46+
See the [HedgeDoc docs](https://docs.hedgedoc.org/configuration/) for more info on configuration.
47+
48+
## Backups
49+
50+
The HedgeDoc database is backed up periodically by a [nomad](nomad.md) job, the configuration for which is [here](https://github.com/redbrick/nomad/blob/master/jobs/services/hedgedoc-backup.hcl).
51+
52+
The bulk of this job is this script which:
53+
- grabs the `alloc_id` of the currently running HedgeDoc allocation from nomad
54+
- execs into the container running `pg_dumpall` dumping the database into a file with the current date and time
55+
- if the backup is unsuccessful the script notifies the admins on discord via a webhook.
56+
57+
```bash
58+
#!/bin/bash
59+
60+
file=/storage/backups/nomad/postgres/hedgedoc/postgresql-hedgedoc-$(date +%Y-%m-%d_%H-%M-%S).sql
61+
62+
mkdir -p /storage/backups/nomad/postgres/hedgedoc
63+
64+
alloc_id=$(nomad job status hedgedoc | grep running | tail -n 1 | cut -d " " -f 1)
65+
66+
job_name=$(echo ${NOMAD_JOB_NAME} | cut -d "/" -f 1)
67+
68+
nomad alloc exec -task hedgedoc-db $alloc_id pg_dumpall -U {{ key "hedgedoc/db/user" }} > "${file}"
69+
70+
find /storage/backups/nomad/postgres/hedgedoc/postgresql-hedgedoc* -ctime +3 -exec rm {} \; || true
71+
72+
if [ -s "$file" ]; then # check if file exists and is not empty
73+
echo "Backup successful"
74+
exit 0
75+
else
76+
rm $file
77+
curl -H "Content-Type: application/json" -d \
78+
'{"content": "<@&585512338728419341> `PostgreSQL` backup for **'"${job_name}"'** has just **FAILED**\nFile name: `'"$file"'`\nDate: `'"$(TZ=Europe/Dublin date)"'`\nTurn off this script with `nomad job stop '"${job_name}"'` \n\n## Remember to restart this backup job when fixed!!!"}' \
79+
{{ key "postgres/webhook/discord" }}
80+
fi
81+
```
82+

0 commit comments

Comments
 (0)