smeagol:smeagol

A simple Git-backed Wiki inspired by Gollum


Keywords
clojure, git, wiki-engine
Licenses
GPL-3.0/libpng-2.0/GFDL-1.3-or-later

Documentation

Welcome to Smeagol!

Smeagol is a simple Wiki engine inspired by Gollum. Gollum is a Wiki engine written in Ruby, which uses a number of simple text formats including Markdown, and which uses Git to provide versioning and backup. I needed a new Wiki for a project and thought Gollum would be ideal - but unfortunately it doesn't provide user authentication, which I needed, and it was simpler for me to reimplement the bits I did need in Clojure than to modify Gollum.

So at this stage Smeagol is a Wiki engine written in Clojure which uses Markdown as its text format, which does have user authentication, and which uses Git as its versioning and backup system.

Status

Smeagol is now a fully working small Wiki engine, and meets my own immediate needs. There are some obvious things which could be improved - see TODO list below - but it works now and doesn't seem to have any major problems.

Markup syntax

Smeagol uses the Markdown format as provided by markdown-clj, with the addition that anything enclosed in double square brackets, [[like this]], will be treated as a link into the wiki itself.

Security and authentication

Security is now greatly improved. There is a file called passwd in the resources directory, which contains a clojure map which maps usernames to maps with plain-text passwords and emails thus:

{:admin {:password "admin" :email "admin@localhost"}
 :adam {:password "secret" :email "adam@localhost"}}

that is to say, the username is a keyword and the corresponding password is a string. However, since version 0.5.0, users can now change their own passwords, and when the user changes their password their new password is encrypted using the scrypt one-way encryption scheme. The password file is now no longer either in the resources/public directory so cannot be downloaded through the browser, nor in the git archive to which the Wiki content is stored, so that even if that git archive is remotely clonable an attacker cannot get the password file that way.

There's still no mechanism to add a new user to the system through the user interface; you do sill have to do that by editing the password file in an editor.

Todo

  • Image (and other media) upload;
  • Improved editor. The editor is at present very primitive - right back from the beginnings of the Web. It would be nice to have a rich embedded editor like Hallo or Aloha but I haven't (yet) had time to integrate them!
  • Transform diff output to HTML to show changes in a more user friendly format;
  • Mechanism to add users through the user interface;

License

Copyright © 2014-2015 Simon Brooke. Licensed under the GNU General Public License, version 2.0 or (at your option) any later version. If you wish to incorporate parts of Smeagol into another open source project which uses a less restrictive license, please contact me; I'm open to dual licensing it.

Prerequisites

You will need Leiningen 2.0 or above installed.

Running

To start a web server for the application, run:

lein ring server

or more probably

  nohup lein ring server > smeagol.log &

Alternatively, if you want to deploy to a servlet container (which I would strongly recommend), the simplest thing is to run:

lein ring uberwar

(a command which I'm sure Smeagol would entirely appreciate) and deploy the resulting war file.