How do you use CodiMD?

I would love to know how you are using CodiMD. This question goes out in all directions, it is meant for admins, users and contributors alike!

To illustrate this a little bit better, I’ll go first:

I’ve been using it for a long time, I switched over from other tools like etherpad and hackpad. I was looking for something that I could run on my own machine. Right now, I run two CodiMD servers and am a user on a third one.

The two instances I run are very different. One is a private installation that perhaps 3 people know about. The other one has somewhere around 50 users.

I mainly use this to prepare a text or document something in a group, occasionally we organize an event in a group using these pads. I’m planning on converting presentations over to slide mode (Currently using LibreOffice).

1 Like

Let’s get this moving!

I’m running this very small CodiMD instance available at demo.codimd.org.

The instance serves between 10 and 50 (in avg. 24) actively editing users per 10 seconds every day. The number of notes went from 3.4k up to over 6k within the past 3 months and it’s growing around 30 notes per day. It’s running one of the latest versions directly of the master branch and seems to provide a quite stable experience. According to StatusCake which I use to monitor the instance, it had an availability of 99.96% within the past 30 days. Downtimes usually appear when the containers are recreated to deploy the new images. This takes just a few seconds.

Online Users

Live editing notes

The two red bars that you see there are deployment events. The instances are deployed using the official docker-compose.yml with small modifications to simplify builds of the latest master behind a Traefik reverse proxy (not included in the docker-compose.yml):

version: '2'
services:
  database:
    image: postgres:9.6
    mem_limit: 256mb
    memswap_limit: 512mb
    read_only: true
    tmpfs:
      - /run/postgresql:size=512K
      - /tmp:size=128K
    environment:
      - POSTGRES_USER=<hidden>
      - POSTGRES_PASSWORD=<hidden>
      - POSTGRES_DB=codimd
    volumes:
      - ./database:/var/lib/postgresql/data
    networks:
      backend:
    restart: always
  codimd:
    build:
      context: https://github.com/codimd/container.git
      dockerfile: ./debian/Dockerfile
    image:  quay.io/codimd/server:master
    mem_limit: 256mb
    memswap_limit: 512mb
    read_only: true
    tmpfs:
      - /tmp:size=10M
    environment:
      - "CMD_DB_URL=postgres://<hidden>:<hidden>@database:5432/codimd"
      - "CMD_MINIO_PORT=443"
      - "CMD_DOMAIN=demo.codimd.org"
      - "CMD_MINIO_SECRET_KEY=<hidden>"
      - "CMD_USECDN=false"
      - "CMD_PROTOCOL_USESSL=true"
      - "CMD_MINIO_ENDPOINT=codimd.s3.shivering-isles.com"
      - "CMD_S3_BUCKET=demo"
      - "CMD_IMAGE_UPLOAD_TYPE=minio"
      - "CMD_MINIO_ACCESS_KEY=<hidden>"
      - "CMD_ALLOW_FREE_URL=false"
      - "CMD_URL_ADDPORT=false"
      - "CMD_MINIO_SECURE=true"
      - "CMD_EMAIL=true"
      - "CMD_GITHUB_CLIENTID=<hidden>"
      - "CMD_GITHUB_CLIENTSECRET=<hidden>"
      - "CMD_SESSION_SECRET=<hidden>"
      - "CMD_ALLOW_PDF_EXPORT=false"
      - "CMD_CSP_REPORTURI=https://codimd.report-uri.com/r/d/csp/enforce"
      - "CMD_OPENID=true"

    labels:
      - "traefik.frontend.rule=Host:demo.codimd.org;PathPrefix:/"
      - "traefik.frontend.headers.STSSeconds=63072000"
      - "traefik.frontend.headers.browserXSSFilter=true"
      - "traefik.frontend.headers.contentTypeNosniff=true"
      - "traefik.frontend.headers.customResponseHeaders=alt-svc:h2=l3sb47bzhpbelafss42pspxzqo3tipuk6bg7nnbacxdfbz7ao6semtyd.onion:443; ma=2592000"
      - "traefik.enable=true"
      - "traefik.port=3000"
      - "traefik.docker.network=proxy"

    volumes:
      - './privacy.md:/codimd/public/docs/privacy.md:ro'

    networks:
      backend:
      proxy:

    restart: always
networks:
  backend:
  proxy:
    external: true

The whole setup is running on CentOS 7 on a small server with full disk encryption in order to make sure there is no data left once I decide to move somewhere else. Encrypted backups are done 3 times a week using LVM snapshots and duplicity to an external storage. And that’s it.

That’s how I run the CodiMD demo instance. I run two other CodiMD instances using the regular release versions, but I think they are less interesting to checkout :wink:

Hope this got you inspired and encourages you to share your setup story :slight_smile:

Oh and if you wonder what I do with this instance, I develop CodiMD and mainly write documents for the community there :smile:

I use CodiMD for drafting blog posts (published with Jekyll), collaborating with others, and for taking notes in class. With the last use, MathJax integration has been absolutely wonderful. It took me a long time to get up to speed but I can take realtime notes in calculus with it and share them with the rest of the class.

I’m also the admin that runs the instance so I’ll share a little bit about infrastructure as well :wink:

It’s just a manual installation on a server that runs 17 other applications (there’s a list with descriptions at nixnet.xyz). The OS is Debian Stable ,though I may go with Unstable next time, and I run CodiMD as a systemd service. That way, I don’t have to worry about starting it every time my server reboots; it’s automatic. The application is also run by its own user, codimd, so there’s little risk of it messing with other components of my system.

~ $ cat /etc/systemd/system/codimd.service

[Unit]
Description=Application service for collaborative markdown notes
After=systemd-networkd.service network.target

[Service]
Type=simple
#Environment=NODE_ENV=production
ExecStart=/usr/bin/npm start --production
RuntimeDirectory=codimd
WorkingDirectory=/home/codimd/codimd
StandardOutput=null
StandardError=null
User=codimd
RestartSec=15
Restart=always

[Install]
WantedBy=multi-user.target

Here’s my config file as well in case you’re curious:

{
    "production": {
        "domain": "codi.nixnet.xyz",
        "loglevel": "info",
        "hsts": {
            "enable": true,
            "maxAgeSeconds": 31536000,
            "includeSubdomains": true,
            "preload": true
        },
        "csp": {
            "enable": true,
            "directives": {
            },
            "upgradeInsecureRequests": false,
            "addDefaults": true,
            "addDisqus": false,
            "addGoogleAnalytics": false
        },
        "db": {
            "username": "codimd",
            "password": "<redacted>",
            "database": "codimd",
            "host": "localhost",
            "port": "3306",
            "dialect": "mysql"
        },
        "protocolUseSSL": true,
        "useCDN": false,
        "allowAnonymousEdits": true,
        "defaultPermission": "locked",
        "email": true,
        "allowEmailRegister": true,
        "allowGravatar": false,
        "imageUploadType": "filesystem",
        "port": "3000",
        "sessionSecret": "<redacted>"
    }
}
2 Likes

Hi,
I recently got very interested in CodiMD while looking for an alternative to tiddlywiki (TW) that could handle concurrent editing.

I’m currently porting my personal notes from TW to CodiMD because I like to have a powerful markdown editor (+ Vim mode), but I’ll try to stick to TW paradigm : chop everything in the smallest unit of knowledge and then navigate across them using tags.

The second usage I’d like to be able to achieve (and CodiMD seems not too far away from being able to handle it) is to use it at work to create a knowledge base. The team I work in (around 80 people, mostly tech but not only) is very distributed and with a huge range of skills/levels. It would allow to aggregate lots of interesting resources about programming & computer science and let everyone dig into / contribute to it according to their needs or wants.
My checklist was :

  • self-hosted
  • ACL
  • quick edition
  • oauth
  • tag navigation
  • not too bloated

Since the tech setup seems relevant, I just deployed the quay.io/codimd/server image to clever cloud tweaking just a few env vars in order to get it running there.

1 Like

Hi,
upon suggestion by @sheogorath, I thought I’d share my setup and some tricks I had to apply to make things work smoothly. I am on Debian 10, but the exact distro shouldn’t actually matter much. I’m using CodiMD version 1.5.0.

Manual CodiMD installation + MariaDB + Apache reverse proxy

Manual CodiMD installation

I followed the official manual setup instructions and configured CodiMD via the config.json file (no environment variables). I start the service with npm start --production because yarn start --production ignores the --production flag.

A systemd script similar to @Amolith’s is used to start CodiMD automatically on boot.

# /home/codimdrunner/server/config.json
{
    "production": {
       "domain": "codimd.domain.org",
	"protocolUseSSL": true, # important for use with reverse proxy and https github/gitlab authentication 
	"urlAddPort": false,
       "loglevel": "info",
	"defaultPermission": "locked",
        "hsts": {
            "enable": true,
            "maxAgeSeconds": 31536000,
            "includeSubdomains": true,
            "preload": true
        },
        "csp": {
            "enable": true,
            "directives": {
            },
            "upgradeInsecureRequests": "auto",
            "addDefaults": true,
            "addDisqus": true,
            "addGoogleAnalytics": false
        },
        "db": {
            "username": "codimd",
            "password": "...",
            "database": "codimd",
            "host": "localhost",
            "port": "3306",
            "dialect": "mysql"
        },
	"email": true,
	"allowEmailRegister": false,
	"allowAnonymous": false,
	"allowAnonymousEdits": false,
	"sessionSecret": "...",
	"github": {  # use https://codimd.domain.org/auth/github/callback as authentication URL
		"clientID": "...",
		"clientSecret": "..."
	},
	"gitlab": { # use https://codimd.domain.org/auth/gitlab/callback as authentication URL
		"clientID": "...",
		"clientSecret": "..."
	}
    }
}

# .sequelizerc
var path = require('path');

module.exports = {
    'config':          path.resolve('config.json'),
    'migrations-path': path.resolve('lib', 'migrations'),
    'models-path':     path.resolve('lib', 'models'),
    'url':             'mysql://codimd:PASSWORD@localhost:3306/codimd'
}
# /etc/systemd/system/codimd.service
[Unit]
Description=Start CodiMD

[Service]
ExecStart=/usr/bin/npm start --production
WorkingDirectory=/home/codimdrunner/server
Type=simple
User=codimdrunner

[Install]
WantedBy=multi-user.target

MariaDB

Due to a problem with Mysql and MariaDB, there is one important tweak that must be applied when creating the database:

$ mysql
> CREATE DATABASE codimd;
> CREATE USER codimd@'localhost' IDENTIFIED BY 'PASSWORD';
> GRANT ALL PRIVILEGES ON codimd.* TO 'codimd'@'localhost' IDENTIFIED BY 'PASSWORD';
> # and now the magic line
> ALTER DATABASE codimd CHARACTER SET utf8 COLLATE utf8_bin;

Apache reverse proxy

Setting up codimd in a subdirectory like domain.org/codimd does not work. We need to use a subdomain like codimd.domain.org. I made sure the DNS would point codimd.domain.org to the same IP address as domain.org and I created an SSL certificate for codimd.domain.org.

The apache virtual server configuration looks like this:

# /etc/apache2/sites-enabled/codimd.conf
# (redirects all traffic from http to https)
<VirtualHost *:80>
	ServerName codimd.domain.org
	RewriteEngine on
	RewriteCond %{SERVER_NAME} =codimd.domain.org
	RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
# /etc/apache2/sites-enabled/codimd-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
	ServerName codimd.domain.org

       # reverse proxy from Apache to CodiMD server running locally
	ProxyPass "/"  "http://127.0.0.1:3000/"
	ProxyPassReverse "/"  "http://127.0.0.1:3000/"

       # SSL certificate stuff
	SSLCertificateFile /etc/letsencrypt/live/domain.org/fullchain.pem
	SSLCertificateKeyFile /etc/letsencrypt/live/domain.org/privkey.pem
	Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

I hope this will save some time to people that want a similar setup! Happy writing!

Hei,

I have codimd running using traefik for routing and use acme to automagically generate ssl certificates from letsencrypt for each container defined domain name.

here is my docker-compose.yml:

version: '3'
services:
  database:
    image: postgres:9.6-alpine
    environment:
      - POSTGRES_USER=****
      - POSTGRES_PASSWORD=****
      - POSTGRES_DB=****
    volumes:
      - /live/storage/codimd/postgresql/data:/var/lib/postgresql/data/
    networks:
      - backend
    restart: always

  app:
    image: quay.io/codimd/server:1.5.0
    labels:
     - traefik.frontend.rule=Host:domain.tld
     - traefik.enable=true
     - traefik.port=3000
     - traefik.docker.network=world
    environment:
      - CMD_DB_URL=postgres://****:****@database:5432/hackmd
      - CMD_USECDN=false
      - CMD_IMAGE_UPLOAD_TYPE=filesystem
      - CMD_DOMAIN=domain.tld
      - CMD_PROTOCOL_USESSL=true
      - CMD_URL_ADDPORT=false
      - CMD_ALLOW_PDF_EXPORT=true
      - CMD_ALLOW_GRAVATAR=false
      - CMD_ALLOW_FREEURL=true
      - CMD_DEFAULT_PERMISSION=private
    networks:
      - backend
      - world
    volumes:
      - /live/storage/codimd/uploads:/hackmd/public/uploads
      - ./config.json:/hackmd/config.json:ro
    restart: always
    depends_on:
      - database

networks:
  backend:
  world:
     external: true

Hi folks,

Hosting codimd and mariadb using docker-compose on a local linux server.
Getting image from linuxserver/codimd:latest

codimd is proxied behind traefik, getting ssl certs from letsencrypt for its subdomain.

Main use is for mocking all sorts of notes at work, personal notes/documentation + sharing docs with friends.

Are there anyone that knows the differences between image hosted by linuxserver and the one at ```
quay.io/codimd/server


/Frode