add(hedgedoc): Add new hedgedoc integration so that you have a nice p…

…ossibility for documentation (#12)

`````release_notes
## Whats new
In this release I fixed the following things:
- Add new hedgedoc integration so that you have a nice possibility for documentation
````

.env.sample

@@ -254,3 +254,15 @@ MISP_PUBLIC__ADMIN_PASSPHRASE=${MISP_INTERNAL_ADMIN_PASSPHRASE}
 MISP_PUBLIC_POSTFIX_RELAY_HOST=${MISP_INTERNAL_POSTFIX_RELAY_HOST}
 MISP_PUBLIC_TIMEZONE=${MISP_INTERNAL_TIMEZONE}
 
+
+
+### Hedgedoc
+#HEDGEDOC_DEBUG=true
+HEDGEDOC_LDAP_SERVER_URI=ldap://ad-server
+HEDGEDOC_LDAP_BINDDN="cn=binduser,cn=Users,dc=internal,dc=example,dc=com"
+HEDGEDOC_LDAP_BINDCREDENTIALS="<super secret password>"
+HEDGEDOC_LDAP_SEARCHBASE="dc=internal,dc=example,dc=com"
+#HEDGEDOC_LDAP_SEARCHFILTER=(&(objectcategory=person)(objectclass=user)(|(sAMAccountName={{username}})(mail={{username}})))
+#HEDGEDOC_LDAP_USERIDFIELD=sAMAccountName
+#HEDGEDOC_LDAP_PROVIDERNAME="Example Inc AD"
+

.gitignore

@@ -1,6 +1,7 @@
 .env
 watcher/watcher
 opencti/opencti
+hedgedoc/hedgedoc
 /BACKUP/**
 /DATA/*
 !/DATA/ssl

README.md

@@ -34,6 +34,8 @@ see [Docs](docs/Home.md)
 This project thanks all contributors of the projects listed below, without them this project would never be possible:
 - Case Management
   - [TheHive](https://github.com/TheHive-Project/TheHive)
+- Case Documentation
+  - [Hedgedoc](https://docs.hedgedoc.org)
 - Threat Hunting
   - [Cortex](https://github.com/TheHive-Project/Cortex)
   - [Cortex-Analyzer](https://github.com/TheHive-Project/Cortex-Analyzers)

hedgedoc/Makefile

@@ -0,0 +1,32 @@
+FOLDER:=hedgedoc
+install:
+	git clone https://github.com/hedgedoc/container.git ${FOLDER}
+	ln -s $${PWD}/../.env ${FOLDER}/.env
+	ln -s $${PWD}/docker-compose.override.yml ${FOLDER}/
+	@echo "Please do not forget to comment out the port lines in the hedgedoc/docker-compose.yml file"
+backup:
+	 cd ${FOLDER}; docker-compose exec database pg_dump hedgedoc -U hedgedoc > ../backup_hedgedoc_$(date +%F).sql
+	 gzip backup_hedgedoc_$(date +%F).sql
+restore-%:
+	@echo "Try to restore the backup from date $*"
+	cp 
+	gunzip -k backup_hedgedoc_$*.sql.gz; mv backup_hedgedoc_$*.sql ${FOLDER}/
+	cd ${FOLDER}; docker-compose up -d database
+	cd ${FOLDER}; cat backup_hedgedoc_$*.sql | docker exec -i $(docker-compose ps -q database) psql -U hedgedoc
+	${MAKE} start
+#
+clean:
+	${MAKE} stop
+	rm -Rf ${FOLDER}
+update:
+	cd ${FOLDER}; git pull
+	${MAKE} start
+start:
+	cd ..; docker-compose up -d traefik
+	cd ${FOLDER}; docker-compose --compatibility up -d
+	${MAKE} logs
+stop:
+	cd ${FOLDER}; docker-compose --compatibility down
+
+logs:
+	cd ${FOLDER}; docker-compose --compatibility logs -f --tail 10

hedgedoc/Readme.md

@@ -0,0 +1,6 @@
+# Subfolder for Hedgedoc Integration
+In this subfolder I add all required files to use the official Hedgedoc Docker files.
+
+sources:
+- https://docs.hedgedoc.org/configuration/
+

hedgedoc/docker-compose.override.yml

@@ -0,0 +1,51 @@
+version: '3'
+networks:
+    traefik_internal:
+        external: true
+
+services:
+    database:
+        restart: unless-stopped
+        healthcheck:
+            test: ["CMD-SHELL", "pg_isready -U hedgedoc"]
+            interval: 10s
+            timeout: 5s
+            retries: 5
+    app:
+        # https://docs.hedgedoc.org/configuration/#nodejs
+        #image: quay.io/hedgedoc/hedgedoc:1.7.2-alpine
+        restart: unless-stopped
+        environment: 
+        - CMD_LDAP_URL=${HEDGEDOC_LDAP_SERVER_URI}
+        - CMD_LDAP_BINDDN=${HEDGEDOC_LDAP_BINDDN}
+        - CMD_LDAP_BINDCREDENTIALS=${HEDGEDOC_LDAP_BINDCREDENTIALS}
+        - CMD_LDAP_SEARCHBASE=${HEDGEDOC_LDAP_SEARCHBASE}
+        - CMD_LDAP_SEARCHFILTER=${HEDGEDOC_LDAP_SEARCHFILTER:-(&(objectcategory=person)(objectclass=user)(|(sAMAccountName={{username}})(mail={{username}})))}
+        - CMD_LDAP_USERIDFIELD=${HEDGEDOC_LDAP_USERIDFIELD:-sAMAccountName}
+        - CMD_LDAP_PROVIDERNAME=${HEDGEDOC_LDAP_PROVIDERNAME:-"Local AD"}
+        - DEBUG=${HEDGEDOC_DEBUG:-false}
+        - NODE_ENV=production
+        - CMD_ALLOW_EMAIL_REGISTER=true
+        - CMD_EMAIL=true
+        - CMD_ALLOW_ANONYMOUS=false
+        - CMD_ALLOW_GRAVATAR=false
+        - CMD_DOMAIN=doc.${FQDN}
+        - CMD_PROTOCOL_USESSL=true
+        - CMD_ALLOW_ORIGIN=doc.${FQDN}
+        - CMD_COOKIE_POLICY=strict
+        - CMD_REQUIRE_FREEURL_AUTHENTICATION=true
+        - CMD_DEFAULT_PERMISSION=private
+        healthcheck:
+            # details about the health checks: https://docs.docker.com/compose/compose-file/#healthcheck
+            test: wget -nv -t1 --spider 'http://localhost:3000/'
+            interval: 1m            # how often a health check is done
+            timeout: 10s
+            retries: 3
+        networks: 
+            traefik_internal:
+            backend:
+        labels:
+        - "traefik.enable=true"
+        - "traefik.http.routers.hedgedoc.rule=Host(`doc.${FQDN}`)"
+        - "traefik.http.services.hedgedoc.loadbalancer.server.port=3000"
+        - "traefik.http.routers.hedgedoc.entrypoints=https"