HackMD
Migrate to 2.0.0
We always put privacy and stability at first when building CodiMD. In the past few months, we delivered not only a bunch of awesome features but also some critical bug fixes. Moreover, we refactored CodiMD's backend and started to write new tests.
To make it easier to maintain, we dropped legacy code, reorganize the repository, and add new documentation. For these reasons, we decide to make a huge leap toward version 2.0.0.
This document provides the details on how to migrate from versions before 2.0.0. Let's go through this.
1. Drop old environment variables support
In 2.0.0, we dropped old environment variables that start with HMD. Please check these affected environment variables as below.
For most cases, you can simply change the prefix from HMD to CMD.
Watch out for:
DEBUG, now setNODE_ENVtodevelopmentto enable itDATABASE_URLbecomeCMD_DB_URLURL_PATHbecomeCMD_URL_PATHPORTbecomeCMD_PORT
| Deprecated Environment variable in 2.0.0 | New Environment variable |
|---|---|
| HMD_DOMAIN | CMD_DOMAIN |
| HMD_URL_PATH | CMD_URL_PATH |
| HMD_PORT | CMD_PORT |
| HMD_URL_ADDPORT | CMD_URL_ADDPORT |
| HMD_USESSL | CMD_USESSL |
| HMD_HSTS_ENABLE | CMD_HSTS_ENABLE |
| HMD_HSTS_MAX_AGE | CMD_HSTS_MAX_AGE |
| HMD_HSTS_INCLUDE_SUBDOMAINS | CMD_HSTS_INCLUDE_SUBDOMAINS |
| HMD_HSTS_PRELOAD | CMD_HSTS_PRELOAD |
| HMD_CSP_ENABLE | CMD_CSP_ENABLE |
| HMD_CSP_REPORTURI | CMD_CSP_REPORTURI |
| HMD_PROTOCOL_USESSL | CMD_PROTOCOL_USESSL |
| HMD_ALLOW_ORIGIN | CMD_ALLOW_ORIGIN |
| HMD_USECDN | CMD_USECDN |
| HMD_ALLOW_ANONYMOUS | CMD_ALLOW_ANONYMOUS |
| HMD_ALLOW_ANONYMOUS_EDITS | CMD_ALLOW_ANONYMOUS_EDITS |
| HMD_ALLOW_FREEURL | CMD_ALLOW_FREEURL |
| HMD_DEFAULT_PERMISSION | CMD_DEFAULT_PERMISSION |
| HMD_DB_URL | CMD_DB_URL |
| HMD_SESSION_SECRET | CMD_SESSION_SECRET |
| HMD_SESSION_LIFE | CMD_SESSION_LIFE |
| HMD_RESPONSE_MAX_LAG | CMD_RESPONSE_MAX_LAG |
| HMD_IMAGE_UPLOAD_TYPE | CMD_IMAGE_UPLOAD_TYPE |
| HMD_IMGUR_CLIENTID | CMD_IMGUR_CLIENTID |
| HMD_S3_ACCESS_KEY_ID | CMD_S3_ACCESS_KEY_ID |
| HMD_S3_SECRET_ACCESS_KEY | CMD_S3_SECRET_ACCESS_KEY |
| HMD_S3_REGION | CMD_S3_REGION |
| HMD_MINIO_ACCESS_KEY | CMD_MINIO_ACCESS_KEY |
| HMD_MINIO_SECRET_KEY | CMD_MINIO_SECRET_KEY |
| HMD_MINIO_ENDPOINT | CMD_MINIO_ENDPOINT |
| HMD_MINIO_SECURE) | CMD_MINIO_SECURE) |
| HMD_MINIO_PORT | CMD_MINIO_PORT |
| HMD_S3_BUCKET | CMD_S3_BUCKET |
| HMD_AZURE_CONNECTION_STRING | CMD_AZURE_CONNECTION_STRING |
| HMD_AZURE_CONTAINER | CMD_AZURE_CONTAINER |
| HMD_FACEBOOK_CLIENTID | CMD_FACEBOOK_CLIENTID |
| HMD_FACEBOOK_CLIENTSECRET | CMD_FACEBOOK_CLIENTSECRET |
| HMD_TWITTER_CONSUMERKEY | CMD_TWITTER_CONSUMERKEY |
| HMD_TWITTER_CONSUMERSECRET | CMD_TWITTER_CONSUMERSECRET |
| HMD_GITHUB_CLIENTID | CMD_GITHUB_CLIENTID |
| HMD_GITHUB_CLIENTSECRET | CMD_GITHUB_CLIENTSECRET |
| HMD_BITBUCKET_CLIENTID | CMD_BITBUCKET_CLIENTID |
| HMD_BITBUCKET_CLIENTSECRET | CMD_BITBUCKET_CLIENTSECRET |
| HMD_GITLAB_BASEURL | CMD_GITLAB_BASEURL |
| HMD_GITLAB_CLIENTID | CMD_GITLAB_CLIENTID |
| HMD_GITLAB_CLIENTSECRET | CMD_GITLAB_CLIENTSECRET |
| HMD_GITLAB_SCOPE | CMD_GITLAB_SCOPE |
| HMD_MATTERMOST_BASEURL | CMD_MATTERMOST_BASEURL |
| HMD_MATTERMOST_CLIENTID | CMD_MATTERMOST_CLIENTID |
| HMD_MATTERMOST_CLIENTSECRET | CMD_MATTERMOST_CLIENTSECRET |
| HMD_OAUTH2_BASEURL | CMD_OAUTH2_BASEURL |
| HMD_OAUTH2_USER_PROFILE_URL | CMD_OAUTH2_USER_PROFILE_URL |
| HMD_OAUTH2_USER_PROFILE_USERNAME_ATTR | CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR |
| HMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR | CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR |
| HMD_OAUTH2_USER_PROFILE_EMAIL_ATTR | CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR |
| HMD_OAUTH2_TOKEN_URL | CMD_OAUTH2_TOKEN_URL |
| HMD_OAUTH2_AUTHORIZATION_URL | CMD_OAUTH2_AUTHORIZATION_URL |
| HMD_OAUTH2_CLIENT_ID | CMD_OAUTH2_CLIENT_ID |
| HMD_OAUTH2_CLIENT_SECRET | CMD_OAUTH2_CLIENT_SECRET |
| HMD_DROPBOX_CLIENTID | CMD_DROPBOX_CLIENTID |
| HMD_DROPBOX_CLIENTSECRET | CMD_DROPBOX_CLIENTSECRET |
| HMD_DROPBOX_APPKEY | CMD_DROPBOX_APPKEY |
| HMD_GOOGLE_CLIENTID | CMD_GOOGLE_CLIENTID |
| HMD_GOOGLE_CLIENTSECRET | CMD_GOOGLE_CLIENTSECRET |
| HMD_LDAP_PROVIDERNAME | CMD_LDAP_PROVIDERNAME |
| HMD_LDAP_URL | CMD_LDAP_URL |
| HMD_LDAP_BINDDN | CMD_LDAP_BINDDN |
| HMD_LDAP_BINDCREDENTIALS | CMD_LDAP_BINDCREDENTIALS |
| HMD_LDAP_SEARCHBASE | CMD_LDAP_SEARCHBASE |
| HMD_LDAP_SEARCHFILTER | CMD_LDAP_SEARCHFILTER |
| HMD_LDAP_SEARCHATTRIBUTES | CMD_LDAP_SEARCHATTRIBUTES |
| HMD_LDAP_USERNAMEFIELD | CMD_LDAP_USERNAMEFIELD |
| HMD_LDAP_USERIDFIELD | CMD_LDAP_USERIDFIELD |
| HMD_LDAP_TLS_CA | CMD_LDAP_TLS_CA |
| HMD_SAML_IDPSSOURL | CMD_SAML_IDPSSOURL |
| HMD_SAML_IDPCERT | CMD_SAML_IDPCERT |
| HMD_SAML_ISSUER | CMD_SAML_ISSUER |
| HMD_SAML_IDENTIFIERFORMAT | CMD_SAML_IDENTIFIERFORMAT |
| HMD_SAML_DISABLEREQUESTEDAUTHNCONTEXT | CMD_SAML_DISABLEREQUESTEDAUTHNCONTEXT |
| HMD_SAML_GROUPATTRIBUTE | CMD_SAML_GROUPATTRIBUTE |
| HMD_SAML_EXTERNALGROUPS | CMD_SAML_EXTERNALGROUPS |
| HMD_SAML_REQUIREDGROUPS | CMD_SAML_REQUIREDGROUPS |
| HMD_SAML_ATTRIBUTE_ID | CMD_SAML_ATTRIBUTE_ID |
| HMD_SAML_ATTRIBUTE_USERNAME | CMD_SAML_ATTRIBUTE_USERNAME |
| HMD_SAML_ATTRIBUTE_EMAIL | CMD_SAML_ATTRIBUTE_EMAIL |
| HMD_EMAIL | CMD_EMAIL |
| HMD_ALLOW_EMAIL_REGISTER | CMD_ALLOW_EMAIL_REGISTER |
| HMD_ALLOW_PDF_EXPORT | CMD_ALLOW_PDF_EXPORT |
| DEBUG | set NODE_ENV to development |
| DATABASE_URL | CMD_DB_URL |
| URL_PATH | CMD_URL_PATH |
| PORT | CMD_PORT |
2. Emphasize your privacy
The anonymous policy has been changed in 2.0.0 to provide better privacy defaults.
We changed CMD_ALLOW_ANONYMOUS to be false along with CMD_ALLOW_ANONYMOUS_EDITS and CMD_ALLOW_ANONYMOUS_VIEWS to be true.
Please check Anonymous (Guest) related config for detailed explanation.
3. To prevent unexpected HSTS behavior, HSTS IncludeSubdomain now defaults to be false
In previous default settings, it forced subdomain to use HSTS, but it might break the sites that hosted in the subdomain and didn't configured with HTTPS protocol.
We changed this behavior in 2.0.0, in order to disable HSTS IncludeSubdomain feature by default. If you want to turn on this feature, please set CMD_HSTS_INCLUDE_SUBDOMAINS to true.
