Add unfinished cryptpad post

2023-01-24 15:17:27 +01:00
parent 6565cd3519
commit 775a2afede
1 changed files with 154 additions and 0 deletions
--- a/content/post/cryptpad.md
+++ b/content/post/cryptpad.md
@@ -0,0 +1,154 @@
 ---
 title: "Cryptpad"
 date: 2021-05-7T22:08:55+02:00
 draft: true
 image: "uploads/ILMO_bordered.png"
 tags: [FOSS]
 categories: [Projects, English]
 ---
 # Prerequisites
 ## Install nginx, npm and bower
 ```
 $ sudo apt update
 $ sudo apt upgrade
 $ sudo apt install nginx npm certbot
 $ npm install -g bower
 ```
 ## Set domain to your server
 Your server should be reachable via `pad.example.com`
 # Installation
 In your webroot clone the repository
 ```
 $ git clone https://github.com/xwiki-labs/cryptpad
 cd ~/cryptpad
 ```
 List the latest releases
 ```
 $ git tag | tail
 4.0.0
 4.1.0
 4.2.0
 4.2.1
 4.3.0
 4.3.1
 4.4.0
 4.5.0 <--- this is the latest
 v1.14.0
 v1.15.0
 ```
 and checkout the latest
 ```
 $ git checkout 4.5.0
 ```
 Now install the needed dependencies
 ```
 $ npm install
 $ bower install
 ```
 And make sure that the files are owned by the web user
 ```
 $ cd ..
 $ chown -R www-data:www-data cryptpad/
 ```
 # Configure
 ## Configure reverse proxy and SSL
 Request your letsencrypt certificate 
 ```
 certbot certonly --nginx --agree-tos -d bbb.example.com
 ```
 $  ~/.acme.sh/acme.sh --issue --nginx -d pad.hyteck.de -d sandbox.hyteck.de
 curl https://get.acme.sh | sh -s email=julian-samuel@gebuehr.net
 ~/.acme.sh/acme.sh --issue -d pad.hyteck.de -d sandbox.hyteck.de -w /var/www/ILMO/
 Create the configuration for the site in `/etc/nginx-sites-enabled/pad`
 ```
 server {
        listen 80;
        listen [::]:80;
        if ($scheme = http) {
                return 301 https://$server_name$request_uri;
        }
        #
        listen 443 ssl;
        listen [::]:443 ssl;
        ssl_certificate     /etc/letsencrypt/live/pad.hyteck.de/cert.pem;
        ssl_certificate_key /etc/letsencrypt/live/pad.hyteck.de/privkey.pem;
        ssl_protocols       TLSv1.3;
        ssl_ciphers         HIGH:!aNULL:!MD5;
        server_name pad.hyteck.de;
    # Set header
    add_header X-Clacks-Overhead "GNU Terry Pratchett";
    add_header Permissions-Policy interest-cohort=(); #Anti FLoC
        location  / {
            if (-f $document_root/under_maintenance.html) {
                            return 503;
            }
                proxy_pass http://127.0.0.1:3000;
        }
    error_page 503 /under_maintenance.html;
                location = /under_maintenance.html {
        }
 }
 ```
 and test with `nginx -t`. If everything is fine use `nginx -s reload`.
 ## Configure cryptpad
 Copy the config, uncomment and adjust httpSafeOrigin
 $ cp config/config.example.js config/config.js
 $ vim config/config.js
 ```
 If you also want to run Grafana on this server adjust the httpPort and httpSafePort (dont forget the nginx configuration).
 # Start
 ## Start via systemd
 Create a service with the following content
 ```
 $ vim /etc/systemd/system/cryptpad.service
 ```
 enable and start the service
 ```
 $ systemctl enable cryptpad
 Created symlink /etc/systemd/system/multi-user.target.wants/cryptpad.service → /etc/systemd/system/cryptpad.service.
 $ systemctl start
 ```
 # Final notes
 The guide here was heavily inspired by the guide at [Uberspace](https://lab.uberspace.de/guide_cryptpad.html). If you want to only run a crpytpad, uberspace is a good solution!
 If you have any questions or you found any errors, please contact me!