5 changed files with 0 additions and 273 deletions
--- a/bundles/hedgedoc/files/config.json
+++ b/bundles/hedgedoc/files/config.json
@ -1,3 +0,0 @@
 <%
    from bundlewrap.metadata import metadata_to_json
 %>${metadata_to_json(repo.libs.faults.resolve_faults(node.metadata.get('hedgedoc/config')))}
--- a/bundles/hedgedoc/files/hedgedoc.service
+++ b/bundles/hedgedoc/files/hedgedoc.service
@ -1,47 +0,0 @@
 [Unit]
 Description=HedgeDoc - The best platform to write and share markdown.
 Documentation=https://docs.hedgedoc.org/
 After=network.target
 # Uncomment if you use MariaDB/MySQL
 # After=mysql.service
 # Uncomment if you use PostgreSQL
 After=postgresql.service
 [Service]
 Type=exec
 Environment=NODE_ENV=production
 Restart=always
 RestartSec=2s
 ExecStart=/opt/hedgedoc/node_modules/yarn/bin/yarn start --production
 CapabilityBoundingSet=
 NoNewPrivileges=true
 PrivateDevices=true
 RemoveIPC=true
 LockPersonality=true
 ProtectControlGroups=true
 ProtectKernelTunables=true
 ProtectKernelModules=true
 ProtectKernelLogs=true
 ProtectClock=true
 ProtectHostname=true
 ProtectProc=noaccess
 RestrictRealtime=true
 RestrictSUIDSGID=true
 RestrictNamespaces=true
 RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
 ProtectSystem=strict
 ProtectHome=true
 PrivateTmp=true
 SystemCallArchitectures=native
 SystemCallFilter=@system-service
 # You may have to adjust these settings
 User=hedgedoc
 Group=hedgedoc
 WorkingDirectory=/opt/hedgedoc
 # Example: local storage for uploads and SQLite
 ReadWritePaths=/var/opt/hedgedoc
 [Install]
 WantedBy=multi-user.target
--- a/bundles/hedgedoc/items.py
+++ b/bundles/hedgedoc/items.py
@ -1,85 +0,0 @@
 repo.libs.tools.require_bundle(node, 'nodejs')
 directories = {
    '/opt/hedgedoc': {}
 }
 git_deploy = {
    '/opt/hedgedoc': {
        'rev': node.metadata.get('hedgedoc/version'),
        'repo': 'https://github.com/hedgedoc/hedgedoc.git',
        'needs': {
            'directory:/opt/hedgedoc',
        },
        'triggers': {
            'action:hedgedoc_yarn',
            'svc_systemd:hedgedoc:restart',
        },
    },
 }
 files = {
    '/opt/hedgedoc/config.json': {
        'content_type': 'mako',
        'needs': {
            'git_deploy:/opt/hedgedoc',
        },
        'triggers': {
            'svc_systemd:hedgedoc:restart',
        },
    },
    '/etc/systemd/system/hedgedoc.service': {
        'triggers': {
            'action:systemd-reload',
            'svc_systemd:hedgedoc:restart',
        },
    }
 }
 directories = {
    '/opt/hedgedoc': {},
    '/var/opt/hedgedoc': {
        'owner': 'hedgedoc',
        'group': 'hedgedoc',
    },
    '/opt/hedgedoc/.yarn': {
        'owner': 'hedgedoc',
        'group': 'hedgedoc',
    },
 }
 actions = {
    'hedgedoc_yarn': {
        'command': ' && '.join([
            'cd /opt/hedgedoc',
            'npm install yarn',
            'node_modules/yarn/bin/yarn install --production=true --pure-lockfile',
            'node_modules/yarn/bin/yarn install',
            'node_modules/yarn/bin/yarn build',
        ]),
        'needs': {
            'file:/opt/hedgedoc/config.json',
            'git_deploy:/opt/hedgedoc',
            'pkg_apt:nodejs',
        },
        'triggered': True,
    },
 }
 svc_systemd = {
    'hedgedoc': {
        'needs': {
            'file:/opt/hedgedoc/config.json',
            'directory:/var/opt/hedgedoc',
            'directory:/opt/hedgedoc/.yarn',
            'action:hedgedoc_yarn',
            'postgres_db:hedgedoc',
        },
    },
 }
 users = {
    'hedgedoc': {
        'home': '/opt/hedgedoc',
    },
 }
--- a/bundles/hedgedoc/metadata.py
+++ b/bundles/hedgedoc/metadata.py
@ -1,129 +0,0 @@
 defaults = {
    'backups': {
        'paths': {
            '/var/opt/hedgedoc',
        },
    },
    'hedgedoc': {
        'config': {
            "production": {
                "loglevel": "info",
                "hsts": {
                    "enable": False,
                },
                "csp": {
                    "enable": True,
                    "directives": {},
                    "upgradeInsecureRequests": "auto",
                    "addDefaults": True,
                    "addDisqus": False,
                    "addGoogleAnalytics": False
                },
                "cookiePolicy": "lax",
                "db": {
                    "username": "hedgedoc",
                    "password": repo.vault.password_for('{} postgresql hedgedoc'.format(node.name)),
                    "database": "hedgedoc",
                    "host": "localhost",
                    "port": "5432",
                    "dialect": "postgres"
                },
                'imageUploadType': 'filesystem',
                'uploadsPath': '/var/opt/hedgedoc',
                'allowAnonymous': False,
                'allowFreeURL': True,
                'requireFreeURLAuthentication': True,
                'sessionSecret': repo.vault.password_for('{} hedgedoc sessionSecret'.format(node.name)),
                'allowEmailRegister': False,
                'protocolUseSSL': True,
            },
        },
    },
    'postgresql': {
        'roles': {
            'hedgedoc': {
                'password': repo.vault.password_for('{} postgresql hedgedoc'.format(node.name)),
            },
        },
        'databases': {
            'hedgedoc': {
                'owner': 'hedgedoc',
            },
        },
    },
    'zfs': {
        'datasets': {
            'tank/hedgedoc': {},
            'tank/hedgedoc/install': {
                'mountpoint': '/opt/hedgedoc',
                'needed_by': {
                    'directory:/opt/hedgedoc',
                },
            },
            'tank/hedgedoc/uploads': {
                'mountpoint': '/var/opt/hedgedoc',
                'needed_by': {
                    'directory:/var/opt/hedgedoc',
                },
            },
        },
    },
 }
@metadata_reactor.provides(
    'icinga2_api/hedgedoc/services',
 )
 def icinga_check_for_new_release(metadata):
    return {
        'icinga2_api': {
            'hedgedoc': {
                'services': {
                    'HEDGEDOC UPDATE': {
                        'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_github_for_new_release hedgedoc/hedgedoc {}'.format(metadata.get('hedgedoc/version')),
                        'vars.notification.mail': True,
                        'check_interval': '60m',
                    },
                },
            },
        },
    }
@metadata_reactor.provides(
    'nginx/vhosts',
 )
 def nginx(metadata):
    if not node.has_bundle('nginx'):
        raise DoNotRunAgain
    locations = {
        '/': {
            'target': 'http://127.0.0.1:3000',
            'proxy_set_header': {
                'X-Real-IP': '$remote_addr',
            },
        },
        '/socket.io/': {
            'target': 'http://127.0.0.1:3000',
            'websockets': True,
            'proxy_set_header': {
                'X-Real-IP': '$remote_addr',
            },
        },
    }
    vhosts = {
        'hedgedoc': {
            'domain': metadata.get('hedgedoc/config/production/domain'),
            'locations': locations,
            'website_check_path': '/',
            'website_check_string': 'HedgeDoc',
        },
    }
    return {
        'nginx': {
            'vhosts': vhosts
        },
    }
--- a/nodes/htz-cloud/miniserver.py
+++ b/nodes/htz-cloud/miniserver.py
@ -4,7 +4,6 @@
 nodes['htz-cloud.miniserver'] = {
    'bundles': {
        'element-web',
        'hedgedoc',
        'matrix-dimension',
        'matrix-media-repo',
        'matrix-synapse',
@ -82,14 +81,6 @@ nodes['htz-cloud.miniserver'] = {
                },
            },
        },
        'hedgedoc': {
            'version': '1.8.2',
            'config': {
                'production': {
                    'domain': 'pad.sophies-kitchen.eu',
                },
            },
        },
        'icinga_options': {
            'pretty_name': 'sophies-kitchen.eu',
            'vars.notification.sms': False,