Commit a30419ea authored by yzx9's avatar yzx9
Browse files

Disable secure cookie in no proxy settings

parent 78652946

README.md

+10 −9
Original line number Diff line number Diff line
@@ -141,7 +141,8 @@ OAUTH2_PROFILE_URL: https://api.github.com/user 
OAUTH2_USER_ATTR_EMAIL: email

OAUTH2_USER_ATTR_UID: id

OAUTH2_USER_ATTR_FIRSTNAME: name

OAUTH2_USER_ATTR_LASTNAME: site_admin

OAUTH2_USER_ATTR_LASTNAME:

OAUTH2_USER_ATTR_IS_ADMIN: site_admin

```



### Sharelatex Configuration
@@ -149,7 +150,7 @@ OAUTH2_USER_ATTR_LASTNAME: site_admin 
Edit SHARELATEX_ environment variables in [docker-compose.traefik.yml](docker-compose.traefik.yml) or [docker-compose.certbot.yml](docker-compose.certbot.yml) to fit your local setup 

(e.g. proper SMTP server, Header, Footer, App Name,...). See https://github.com/overleaf/overleaf/wiki/Quick-Start-Guide for more details.



## Installation, Usage and Inital startup

## Installation, Usage and Initial startup



Install the docker engine: https://docs.docker.com/engine/install/
@@ -177,9 +178,9 @@ docker network create web 


to create a network for the docker instances.



## Startup

### Startup



### Using without proxy

#### Using without proxy



In most cases, you should use a gateway reverse proxy for your requests (see the next section), as they can offer many benefits such as enhanced security and easier SSL certificate updates. This simple startup method is used for 1. Development 2. When you know what you're doing, for example, when there is an additional gateway layer outside your server.
@@ -189,11 +190,11 @@ Start docker containers: 
docker-compose up -d

```



### Using proxy

#### Using proxy



There are 2 different ways of starting either using Traefik or using Certbot. Adapt the one you want to use.



#### Using Traefik

##### Using Traefik



Then start docker containers (with loadbalancer):
@@ -202,7 +203,7 @@ export NUMINSTANCES=1 
docker-compose -f docker-compose.traefik.yml up -d --scale sharelatex=$NUMINSTANCES

```



#### Using Certbot 

##### Using Certbot 



Enable line 65/66 and 69/70 in ldapoverleaf-sl/Dockerfile and ``make`` again.
@@ -212,8 +213,8 @@ docker-compose -f docker-compose.certbot.yml up -d 


## Debug



1. Set the env variable `LOG_LEVEL` to debug (default is info - you can do this in the docker-compose file)

2. Look in the logs of sharelatex (e.g. `/var/log/sharelatex/web.log`)

1. Set the env variable `LOG_LEVEL` to `debug` (default is info - you can do this in the docker-compose file)

2. Check the logs in ShareLaTeX, particularly at `/var/log/sharelatex/web.log`. You can do this by using the command: `docker exec ldap-overleaf-sl cat /var/log/sharelatex/web.log`.



## Upgrading

docker-compose.certbot.yml

+2 −0
Original line number Diff line number Diff line
@@ -81,6 +81,7 @@ services: 
      LDAP_CONTACT_FILTER: "(memberof=cn=GROUPNAME,ou=groups,dc=DOMAIN,dc=TLD)"

      LDAP_CONTACTS: "false"



      ## OAuth2 Settings

      # OAUTH2_CLIENT_ID: YOUR_OAUTH2_CLIENT_ID

      # OAUTH2_CLIENT_SECRET: YOUR_OAUTH2_CLIENT_SECRET

      # OAUTH2_SCOPE: YOUR_OAUTH2_SCOPE
@@ -91,6 +92,7 @@ services: 
      # OAUTH2_USER_ATTR_UID: id

      # OAUTH2_USER_ATTR_FIRSTNAME: name

      # OAUTH2_USER_ATTR_LASTNAME:

      # OAUTH2_USER_ATTR_IS_ADMIN: site_admin



      # Same property, unfortunately with different names in

      # different locations

docker-compose.traefik.yml

+2 −0
Original line number Diff line number Diff line
@@ -162,6 +162,7 @@ services: 
      LDAP_CONTACT_FILTER: "(memberof=cn=GROUPNAME,ou=groups,dc=DOMAIN,dc=TLD)"

      LDAP_CONTACTS: "false"



      ## OAuth2 Settings

      # OAUTH2_CLIENT_ID: YOUR_OAUTH2_CLIENT_ID

      # OAUTH2_CLIENT_SECRET: YOUR_OAUTH2_CLIENT_SECRET

      # OAUTH2_SCOPE: YOUR_OAUTH2_SCOPE
@@ -172,6 +173,7 @@ services: 
      # OAUTH2_USER_ATTR_UID: id

      # OAUTH2_USER_ATTR_FIRSTNAME: name

      # OAUTH2_USER_ATTR_LASTNAME:

      # OAUTH2_USER_ATTR_IS_ADMIN: site_admin



      # Same property, unfortunately with different names in

      # different locations

docker-compose.yml

+5 −2
Original line number Diff line number Diff line
@@ -48,8 +48,9 @@ services: 
      SHARELATEX_ALLOW_PUBLIC_ACCESS: "true"

      SHARELATEX_ALLOW_ANONYMOUS_READ_AND_WRITE_SHARING: "true"



      SHARELATEX_SECURE_COOKIE: "true"

      SHARELATEX_BEHIND_PROXY: "true"

      # Uncomment the following line to enable secure cookies if you are using SSL

      # SHARELATEX_SECURE_COOKIE: "true"

      # SHARELATEX_BEHIND_PROXY: "true"



      LDAP_SERVER: ldaps://LDAPSERVER:636

      LDAP_BASE: ou=people,dc=DOMAIN,dc=TLD
@@ -78,6 +79,7 @@ services: 
      LDAP_CONTACT_FILTER: "(memberof=cn=GROUPNAME,ou=groups,dc=DOMAIN,dc=TLD)"

      LDAP_CONTACTS: "false"



      ## OAuth2 Settings

      # OAUTH2_CLIENT_ID: YOUR_OAUTH2_CLIENT_ID

      # OAUTH2_CLIENT_SECRET: YOUR_OAUTH2_CLIENT_SECRET

      # OAUTH2_SCOPE: YOUR_OAUTH2_SCOPE
@@ -88,6 +90,7 @@ services: 
      # OAUTH2_USER_ATTR_UID: id

      # OAUTH2_USER_ATTR_FIRSTNAME: name

      # OAUTH2_USER_ATTR_LASTNAME:

      # OAUTH2_USER_ATTR_IS_ADMIN: site_admin



      # Same property, unfortunately with different names in

      # different locations

CRA Git | Maintained and supported by SUSTech CRA and CCSE