Install and configuration of HackMd

Based on node.js

Installation with docker

Pre-requisites

https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-16-04

sudo apt install docker-compose

Installing docker

sudo su
mkdir /var/www/docker
cd /var/www/docker    
git clone https://github.com/hackmdio/docker-hackmd.git
cd docker-hackmd
docker-compose up

Configuring reverse proxy with apache :

ProxyPass / http://83.166.144.90:3000/
ProxyPassReverse / http://83.166.144.90:3000/
ProxyRequests Off
ProxyPreserveHost Off

Launch at machine startup

sudo nano /etc/rc.local

Add this line :

docker-compose -f /var/www/docker/docker-hackmd/docker-compose.yml up &

In short, my unsuccessful attempt to install without docker

To complete this notice : https://www.digitalocean.com/community/tutorials/how-to-install-node-js-on-ubuntu-16-04 And replace everything that is nvm install 6.0.0 then with 6.11.1 (not the latest version)

su ubuntu cd /var/www/wiki.communecter.org

git clone https://github.com/hackmdio/hackmd.git cd hackmd

sudo npm install -g node-gyp; sudo npm link node-gyp sudo npm install -g webpack; sudo npm link webpack sudo npm install -g common-chunks-webpack-plugin; sudo npm link common-chunks-webpack-plugin sudo npm install -g extract-text-webpack-plugin; sudo npm link extract-text-webpack-plugin sudo npm install -g i18n-webpack-plugin; sudo npm link i18n-webpack-plugin sudo npm install -g compression-webpack-plugin; sudo npm link compression-webpack-plugin sudo npm install -g html-webpack-plugin; sudo npm link html-webpack-plugin sudo npm install -g copy-webpack-plugin; sudo npm link copy-webpack-plugin

sudo ./bin/setup

nano config.json "domain": "test.make.social", "db": { "username": "hackmd", "password": "NSx^1SeT@byuTfYoOXBd", "database": "hackmd", "host": "localhost", "port": "3306", "dialect": "mysql"

NODE_ENV=production HMD_PROTOCOL_USESSL=true DEBUG=false HMD_ALLOW_ORIGIN=localhost,wiki.communecter.org,test.make.social HMD_DB_URL=mysql://localhost:3306/hackmd

sudo npm run build

sudo ufw allow 3000

sudo nodejs app.js

http://test.make.social:3000/

After that add it at server startup :

NODE_ENV=production HMD_PROTOCOL_USESSL=true DEBUG=false HMD_ALLOW_ORIGIN=localhost,wiki.communecter.org,test.make.social HMD_DB_URL=mysql://localhost:3306/hackmd nodejs /var/www/test.make.social/public_html/app.js


https://github.com/hackmdio/hackmd/issues/86


This is the Google cache of https://blog.matuni.xyz/archives/2017/05. This is a snapshot of the page as it was posted on May 10, 2017 07:45:36 GMT. The current page may have changed since that date. Learn more Version

Version intégraleVersion in text seulAfficher the sourceAstuce : For finding your search term on this page, press on Ctrl+F or on ⌘+F (Mac), then use the search bar. Archives may 2017 Set up Hackmd on its own server

Written by Mathias B. / 09 may 2017 / no comments
Hello to all,

I wrote this article "Block Notes" because I just finished installing Hackmd for Unixcorn, that by experience I know that it is not a simple software to install and that it will do a little documentation French (the origianl source of the translation is French).

Preparing the server for Hackmd

Here it will be what you want, a VPS (virtual private server), a container on your hypervisor or a similar dedicated server. Please note that once the installation is complete Hackmd does not consume very few resources. Two cores, 2 GB of RAM and a bit of bandwidth will be enough to meet its needs.

Here I created a non-privileged LXC container Debian 8 Jessie, on which I installed NodeJs.

Installation of NodeJs

To do this in the most comfortable way, it is good to go through the official deposits of the project. To do this launch this small script proposes :

curl -sL https://deb.nodesource.com/setup_7.x | bash -

It adds you the deposits, the signature key of the packages and reloads the cache. You just have to launch the installation :

apt install nodejs build-essential

For information the build-essential package is required for installing project dependencies which will be realized a little later.

Preparing the database

I use the PostgreSQL database server here. It runs on another container to which the, created previously, connects via a virtual local network. Let's create the necessary user, his database and assign him a password :

su - postgres psql CREATE USER hackmd; ALTER USER hackmd WITH PASSWORD 'tonsupermotdepasse'; CREATE DATABASE hackmd; \q

To allow access to this database through the network 26/5000 you must adapt the file pb_hba.conf by adding the following line :

host hackmd hackmd adresse.ip.de.hackmd/0 md5

Once done do not forget to relaunch PostgreSQL with a small :

service postgresql restart

Installing Dependencies

Hackmd's developer did it right, the installation itself is very simple. Clone the repository and run the installation script provided, which is summarized in the following steps :

git clone https://github.com/hackmdio/hackmd.git cd hackmd ./bin/setup

Configuring Hackmd

Here comes the time to put the nose in the configuration files. Edit the config.json file and make sure to fill in the following lines correctly :

"production": { "domain": "pad.unixcorn.org", "db": { "username": "hackmd", "password": "votresupermotdepasee", "database": "hackmd", "host": "adresse.ip.de.postgresql", "port": "5432", "dialect": "postgres" },

You should then note the environment variables needed to launch the NodeJs directives, here are the ones I use : NODE_ENV=production HMD_PROTOCOL_USESSL=true

Build and start of the server

We generate the assets with the following command :

NODE_ENV=production HMD_PROTOCOL_USESSL=true npm run build

The operation can take a long time depending on the hardware configuration of your machine, be patient. Once completed you can start the server with the following command :

NODE_ENV=production HMD_PROTOCOL_USESSL=true nodejs app.js

More than configuring your reverse proxy, here I would give the example of configuration of Nginx. Proxy Nginx

The following example takes into account a redirection to HTTPS by default, the integration of Let's Encrypt certificates provided by the acme.sh utility as well as advanced TLS settings (cyphers, HSTS (HTTP Strict Transport Security)...).

server {
  listen 80;
 listen [::]:80;
  server_name votresuper.nomdedomaine.lol;

  # Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
  return 301 https://$host$request_uri;
}

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  server_name votresuper.nomdedomaine.lol;

  # certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
  ssl_certificate /root/.acme.sh/pad.unixcorn.org_ecc/fullchain.cer;
  ssl_certificate_key /root/.acme.sh/pad.unixcorn.org_ecc/pad.unixcorn.org.key;
  ssl_session_timeout 1d;
  ssl_session_cache shared:SSL:50m;
 ssl_session_tickets off;

  # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
  ssl_dhparam /etc/ssl/certs/dhparam.pem;

  # modern configuration. tweak to your needs.
  ssl_protocols TLSv1.2;
  ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
  ssl_prefer_server_ciphers on;

  # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
  add_header Strict-Transport-Security max-age=15768000;

  # OCSP Stapling ---    # fetch OCSP records from URL in ssl_certificate and cache them
  ssl_stapling on;
  ssl_stapling_verify on;

  ## verify chain of trust of OCSP response using Root CA and Intermediate certs
  ssl_trusted_certificate /root/.acme.sh/pad.unixcorn.org_ecc/ca.cer;

  location / {
  proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header Host $http_host;
   proxy_set_header X-NginX-Proxy true;
   proxy_set_header Upgrade $http_upgrade;
   proxy_set_header Connection "upgrade";
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header Host $host;
   proxy_http_version 1.1;
   proxy_pass http://votre.ip.serveur.hackmd:3000;
   proxy_cache_bypass $http_upgrade;
      proxy_redirect off;
  }
}

Test your configuration, reload it and pop its done!

You can join us at any moment on the chat.