Add unfinished cryptpad post

content/post/cryptpad.md

@@ -0,0 +1,154 @@
+---
+title: "Cryptpad"
+date: 2021-05-7T22:08:55+02:00
+draft: true
+image: "uploads/ILMO_bordered.png"
+tags: [FOSS]
+categories: [Projects, English]
+---
+
+# Prerequisites
+
+## Install nginx, npm and bower
+
+```
+$ sudo apt update
+$ sudo apt upgrade
+$ sudo apt install nginx npm certbot
+$ npm install -g bower
+```
+## Set domain to your server
+
+Your server should be reachable via `pad.example.com`
+
+# Installation
+
+In your webroot clone the repository
+```
+$ git clone https://github.com/xwiki-labs/cryptpad
+cd ~/cryptpad
+```
+
+List the latest releases
+```
+$ git tag | tail
+4.0.0
+4.1.0
+4.2.0
+4.2.1
+4.3.0
+4.3.1
+4.4.0
+4.5.0 <--- this is the latest
+v1.14.0
+v1.15.0
+
+```
+and checkout the latest
+
+```
+$ git checkout 4.5.0
+```
+
+Now install the needed dependencies
+```
+$ npm install
+$ bower install
+```
+
+And make sure that the files are owned by the web user
+
+```
+$ cd ..
+$ chown -R www-data:www-data cryptpad/
+```
+
+# Configure
+
+## Configure reverse proxy and SSL
+
+Request your letsencrypt certificate 
+```
+certbot certonly --nginx --agree-tos -d bbb.example.com
+```
+
+$  ~/.acme.sh/acme.sh --issue --nginx -d pad.hyteck.de -d sandbox.hyteck.de
+curl https://get.acme.sh | sh -s email=julian-samuel@gebuehr.net
+~/.acme.sh/acme.sh --issue -d pad.hyteck.de -d sandbox.hyteck.de -w /var/www/ILMO/
+
+Create the configuration for the site in `/etc/nginx-sites-enabled/pad`
+
+```
+server {
+        listen 80;
+        listen [::]:80;
+
+        if ($scheme = http) {
+                return 301 https://$server_name$request_uri;
+        }
+
+        #
+        listen 443 ssl;
+        listen [::]:443 ssl;
+        ssl_certificate     /etc/letsencrypt/live/pad.hyteck.de/cert.pem;
+        ssl_certificate_key /etc/letsencrypt/live/pad.hyteck.de/privkey.pem;
+        ssl_protocols       TLSv1.3;
+        ssl_ciphers         HIGH:!aNULL:!MD5;
+
+
+        server_name pad.hyteck.de;
+
+
+    # Set header
+    add_header X-Clacks-Overhead "GNU Terry Pratchett";
+    add_header Permissions-Policy interest-cohort=(); #Anti FLoC
+
+
+        location  / {
+            if (-f $document_root/under_maintenance.html) {
+                            return 503;
+            }
+                proxy_pass http://127.0.0.1:3000;
+        }
+    error_page 503 /under_maintenance.html;
+                location = /under_maintenance.html {
+        }
+
+}
+```
+
+and test with `nginx -t`. If everything is fine use `nginx -s reload`.
+
+## Configure cryptpad
+
+Copy the config, uncomment and adjust httpSafeOrigin
+
+$ cp config/config.example.js config/config.js
+$ vim config/config.js
+```
+
+If you also want to run Grafana on this server adjust the httpPort and httpSafePort (dont forget the nginx configuration).
+
+
+# Start
+
+## Start via systemd
+
+Create a service with the following content
+
+```
+$ vim /etc/systemd/system/cryptpad.service
+```
+
+enable and start the service
+```
+$ systemctl enable cryptpad
+Created symlink /etc/systemd/system/multi-user.target.wants/cryptpad.service → /etc/systemd/system/cryptpad.service.
+$ systemctl start
+```
+
+# Final notes
+
+The guide here was heavily inspired by the guide at [Uberspace](https://lab.uberspace.de/guide_cryptpad.html). If you want to only run a crpytpad, uberspace is a good solution!
+
+If you have any questions or you found any errors, please contact me!