Cryptpad

Aus Vosp.info
Version vom 21. November 2020, 15:28 Uhr von F (Diskussion | Beiträge) (als daemon - starten stoppen)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Wechseln zu:Navigation, Suche


Installation

Apache Proxy

  • bash
a2enmod ssl
a2enmod rewrite
a2enmod auth_basic
a2enmod proxy proxy_wstunnel proxy_http
a2enmod proxy*
  • /etc/apache2/sites-enabled/cryptpad.domain.tld.conf
<VirtualHost *:80>
        ServerName cryptpad.domain.tld
        Redirect permanent / https://cryptpad.domain.tld
</VirtualHost>

<VirtualHost *:443>
        ServerName cryptpad.domain.tld
        ServerAdmin admin@domain.com

    # Turn SSL on
    SSLEngine on
    SSLProxyEngine On

    # ProxyPreserveHost On to prevent SSL handshake fail for valid domainn.
    # Note: requires valid SSL Certificate obviously
    ProxyPreserveHost On

    # Do not enable proxying with ProxyRequests until you have secured your server.
    # Open proxy servers are dangerous both to your network and to the Internet at large.
    ProxyRequests Off

    # Certificate chain. Note: also add these in Cryptpad config.js as privKeyAndCertFiles value
        #    SSLCertificateFile /etc/letsencrypt/live/cryptpad.domain.com/fullchain.pem
        #    SSLCertificateKeyFile /etc/letsencrypt/live/cryptpad.domain.com/privkey.pem
        SSLCertificateKeyFile /etc/ssl/private/live/domain.tld/privkey.pem
        SSLCertificateFile /etc/ssl/private/live/domain.tld/cert.pem
        SSLCertificateChainFile /etc/ssl/private/live/domain.tld/chain.pem
#    Include /etc/letsencrypt/options-ssl-apache.conf

    # This is the "httpSafePort" from the Cryptpad config.js.
    # Not sure if this should be here. Note: in my setup changing this to port 3000 results in a 502 proxy error
    #ProxyPass / http://localhost:3001/
    ProxyPass / http://195.17.149.245:3001/
    ProxyPassReverse / http://195.17.149.245:3001/
    #ProxyPassReverse / http://localhost:3001/

    # Activate the Apache RewriteEngine
    RewriteEngine On

    # Catch websocket requests. Change this to value of your websocketPath in Cryptpad config.js
    RewriteCond %{REQUEST_URI}  ^/cryptpad_websocket     [NC]

    # Rewrite to websocket. Port number should be value of httpPort in Cryptpad config.js
    #RewriteRule /(.*)           ws://localhost:3000/$1  [P]
    RewriteRule /(.*)           ws://195.17.149.245:3000/$1  [P]

    ErrorLog ${APACHE_LOG_DIR}/error.cryptpad.domain.tld.log
    CustomLog ${APACHE_LOG_DIR}/access.cryptpad.domain.tld.log combined


    #<Location />
    #    AuthType Basic
    #    ...
    </Location>
</VirtualHost>

node.js und cryptpad

npm install -g bower
bower install
bower install --allow-root
git clone https://github.com/xwiki-labs/cryptpad.git cryptpad.domain.tld
cd /var/www/cryptpad.domain.tld/
cd config/
cp config.example.js config.js
cd /var/www/cryptpad.domain.tld/
  • /var/www/cryptpad.netz.coop/config/config.js - ausschließlich angepasste optionen (muss an entsprechenden stellen geändert werden, rest wie config.example.js
module.exports = {
	httpUnsafeOrigin: 'http://cryptpad.domain.tld:3000/',
	httpSafeOrigin: "https://cryptpad.domain.tld",
	httpAddress: 'cryptpad.domain.tld',
	httpSafePort: 3001,
	adminEmail: 'i.did.not.read.my.config@cryptpad.domain.tld',
	blockDailyCheck: true,
	defaultStorageLimit: 500 * 1024 * 1024,
	logLevel: 'error',
	
}


systemctl restart apache2.service  && node server


als daemon - starten stoppen

  • /etc/init.d/cryptpad.domain.tld
#!/bin/sh
### BEGIN INIT INFO
# Provides: cryptpad.domain.tld
# Required-Start:    $remote_fs $syslog
# Required-Stop:     $remote_fs $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start daemon at boot time
# Description:       Enable service provided by daemon.
### END INIT INFO

dir="/var/www/cryptpad.domain.tld"
cmd="node server"
user="root"

name=`basename $0`
pid_file="/var/run/$name.pid"
stdout_log="/var/log/$name.log"
stderr_log="/var/log/$name.err"

get_pid() {
    cat "$pid_file"
}

is_running() {
    [ -f "$pid_file" ] && ps -p `get_pid` > /dev/null 2>&1
}

case "$1" in
    start)
    if is_running; then
        echo "Already started"
    else
        echo "Starting $name"
        cd "$dir"
        if [ -z "$user" ]; then
            sudo $cmd >> "$stdout_log" 2>> "$stderr_log" &
        else
            sudo -u "$user" $cmd >> "$stdout_log" 2>> "$stderr_log" &
        fi
        echo $! > "$pid_file"
        if ! is_running; then
            echo "Unable to start, see $stdout_log and $stderr_log"
            exit 1
        fi
    fi
    ;;
    stop)
    if is_running; then
        echo -n "Stopping $name.."
        kill `get_pid`
        for i in 1 2 3 4 5 6 7 8 9 10
        # for i in `seq 10`
        do
            if ! is_running; then
                break
            fi

            echo -n "."
            sleep 1
        done
        echo

        if is_running; then
            echo "Not stopped; may still be shutting down or shutdown may have failed"
            exit 1
        else
            echo "Stopped"
            if [ -f "$pid_file" ]; then
                rm "$pid_file"
            fi
        fi
    else
        echo "Not running"
    fi
    ;;
    restart)
    $0 stop
    if is_running; then
        echo "Unable to stop, will not attempt to start"
        exit 1
    fi
    $0 start
    ;;
    status)
    if is_running; then
        echo "Running"
    else
        echo "Stopped"
        exit 1
    fi
    ;;
    *)
    echo "Usage: $0 {start|stop|restart|status}"
    exit 1
    ;;
esac

exit 0