Cryptpad: Unterschied zwischen den Versionen

Aus Vosp.info
Wechseln zu:Navigation, Suche
Zeile 2: Zeile 2:
 
** https://github.com/xwiki-labs/cryptpad/wiki/Installation-guide
 
** https://github.com/xwiki-labs/cryptpad/wiki/Installation-guide
 
** https://github.com/xwiki-labs/cryptpad/wiki/Apache
 
** https://github.com/xwiki-labs/cryptpad/wiki/Apache
 +
 +
 +
== Apache Proxy ==
 +
* bash
 +
<source lang=bash>
 +
a2enmod ssl
 +
a2enmod rewrite
 +
a2enmod auth_basic
 +
a2enmod proxy
 +
a2enmod proxy_http
 +
</source>
 +
 +
* /etc/apache2/sites-enabled/cryptpad.domain.tld.conf
 +
<source lang=xml>
 +
<VirtualHost *:80>
 +
        ServerName cryptpad.domain.tld
 +
        Redirect permanent / https://cryptpad.domain.tld
 +
</VirtualHost>
 +
 +
<VirtualHost *:443>
 +
        ServerName cryptpad.domain.tld
 +
        ServerAdmin admin@domain.com
 +
 +
    # Turn SSL on
 +
    SSLEngine on
 +
    SSLProxyEngine On
 +
 +
    # ProxyPreserveHost On to prevent SSL handshake fail for valid domainn.
 +
    # Note: requires valid SSL Certificate obviously
 +
    ProxyPreserveHost On
 +
 +
    # Do not enable proxying with ProxyRequests until you have secured your server.
 +
    # Open proxy servers are dangerous both to your network and to the Internet at large.
 +
    ProxyRequests Off
 +
 +
    # Certificate chain. Note: also add these in Cryptpad config.js as privKeyAndCertFiles value
 +
        #    SSLCertificateFile /etc/letsencrypt/live/cryptpad.domain.com/fullchain.pem
 +
        #    SSLCertificateKeyFile /etc/letsencrypt/live/cryptpad.domain.com/privkey.pem
 +
        SSLCertificateKeyFile /etc/ssl/private/live/domain.tld/privkey.pem
 +
        SSLCertificateFile /etc/ssl/private/live/domain.tld/cert.pem
 +
        SSLCertificateChainFile /etc/ssl/private/live/domain.tld/chain.pem
 +
#    Include /etc/letsencrypt/options-ssl-apache.conf
 +
 +
    # This is the "httpSafePort" from the Cryptpad config.js.
 +
    # Not sure if this should be here. Note: in my setup changing this to port 3000 results in a 502 proxy error
 +
    #ProxyPass / http://localhost:3001/
 +
    ProxyPass / http://195.17.149.245:3001/
 +
    ProxyPassReverse / http://195.17.149.245:3001/
 +
    #ProxyPassReverse / http://localhost:3001/
 +
 +
    # Activate the Apache RewriteEngine
 +
    RewriteEngine On
 +
 +
    # Catch websocket requests. Change this to value of your websocketPath in Cryptpad config.js
 +
    RewriteCond %{REQUEST_URI}  ^/cryptpad_websocket    [NC]
 +
 +
    # Rewrite to websocket. Port number should be value of httpPort in Cryptpad config.js
 +
    #RewriteRule /(.*)          ws://localhost:3000/$1  [P]
 +
    RewriteRule /(.*)          ws://195.17.149.245:3000/$1  [P]
 +
 +
    ErrorLog ${APACHE_LOG_DIR}/error.cryptpad.domain.tld.log
 +
    CustomLog ${APACHE_LOG_DIR}/access.cryptpad.domain.tld.log combined
 +
 +
</VirtualHost>
 +
</source>

Version vom 21. November 2020, 10:04 Uhr


Apache Proxy

  • bash
a2enmod ssl
a2enmod rewrite
a2enmod auth_basic
a2enmod proxy
a2enmod proxy_http
  • /etc/apache2/sites-enabled/cryptpad.domain.tld.conf
<VirtualHost *:80>
        ServerName cryptpad.domain.tld
        Redirect permanent / https://cryptpad.domain.tld
</VirtualHost>

<VirtualHost *:443>
        ServerName cryptpad.domain.tld
        ServerAdmin admin@domain.com

    # Turn SSL on
    SSLEngine on
    SSLProxyEngine On

    # ProxyPreserveHost On to prevent SSL handshake fail for valid domainn.
    # Note: requires valid SSL Certificate obviously
    ProxyPreserveHost On

    # Do not enable proxying with ProxyRequests until you have secured your server.
    # Open proxy servers are dangerous both to your network and to the Internet at large.
    ProxyRequests Off

    # Certificate chain. Note: also add these in Cryptpad config.js as privKeyAndCertFiles value
        #    SSLCertificateFile /etc/letsencrypt/live/cryptpad.domain.com/fullchain.pem
        #    SSLCertificateKeyFile /etc/letsencrypt/live/cryptpad.domain.com/privkey.pem
        SSLCertificateKeyFile /etc/ssl/private/live/domain.tld/privkey.pem
        SSLCertificateFile /etc/ssl/private/live/domain.tld/cert.pem
        SSLCertificateChainFile /etc/ssl/private/live/domain.tld/chain.pem
#    Include /etc/letsencrypt/options-ssl-apache.conf

    # This is the "httpSafePort" from the Cryptpad config.js.
    # Not sure if this should be here. Note: in my setup changing this to port 3000 results in a 502 proxy error
    #ProxyPass / http://localhost:3001/
    ProxyPass / http://195.17.149.245:3001/
    ProxyPassReverse / http://195.17.149.245:3001/
    #ProxyPassReverse / http://localhost:3001/

    # Activate the Apache RewriteEngine
    RewriteEngine On

    # Catch websocket requests. Change this to value of your websocketPath in Cryptpad config.js
    RewriteCond %{REQUEST_URI}  ^/cryptpad_websocket     [NC]

    # Rewrite to websocket. Port number should be value of httpPort in Cryptpad config.js
    #RewriteRule /(.*)           ws://localhost:3000/$1  [P]
    RewriteRule /(.*)           ws://195.17.149.245:3000/$1  [P]

    ErrorLog ${APACHE_LOG_DIR}/error.cryptpad.domain.tld.log
    CustomLog ${APACHE_LOG_DIR}/access.cryptpad.domain.tld.log combined

</VirtualHost>