Etherpad lite: Unterschied zwischen den Versionen
Aus Vosp.info
F (Diskussion | Beiträge) |
F (Diskussion | Beiträge) |
||
(23 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
Zeile 1: | Zeile 1: | ||
* https://de.wikipedia.org/wiki/Etherpad | * https://de.wikipedia.org/wiki/Etherpad | ||
+ | wohl die neue alternative https://github.com/xwiki-labs/cryptpad [[cryptpad]] | ||
== minimal installation == | == minimal installation == | ||
+ | |||
+ | Grundsätzlich macht es Sinn npm und co nicht als root auszuführen, wegen der sicherheit und teilweise kommen auch fehler zu stande | ||
* https://github.com/ether/etherpad-lite#installation | * https://github.com/ether/etherpad-lite#installation | ||
Zeile 11: | Zeile 14: | ||
sudo apt-get install -y nodejs | sudo apt-get install -y nodejs | ||
git clone https://github.com/ether/etherpad-lite.git && cd etherpad-lite | git clone https://github.com/ether/etherpad-lite.git && cd etherpad-lite | ||
+ | |||
+ | |||
+ | # für den export !!! | ||
+ | apt-get install abiword | ||
# zum testen, ansich nicht als root | # zum testen, ansich nicht als root | ||
Zeile 17: | Zeile 24: | ||
</source> | </source> | ||
+ | == npm ... extensions == | ||
+ | <source lang=bash> | ||
+ | npm init | ||
+ | npm i ep_fileupload | ||
+ | # weitere siehe unten | ||
+ | </source> | ||
== mit apache ansprechen == | == mit apache ansprechen == | ||
Zeile 22: | Zeile 35: | ||
* https://github.com/ether/etherpad-lite/wiki/How-to-put-Etherpad-Lite-behind-a-reverse-Proxy#apache | * https://github.com/ether/etherpad-lite/wiki/How-to-put-Etherpad-Lite-behind-a-reverse-Proxy#apache | ||
− | <source > | + | * /etc/apache2/sites-available/pad.domain.tld.conf |
+ | |||
+ | <source lang=apache> | ||
+ | <VirtualHost *:80> | ||
+ | ServerName pad.domain.tld | ||
+ | ServerAlias www.pad.domain.tld | ||
+ | ServerAdmin webmaster@localhost | ||
+ | Redirect permanent / https://pad.domain.tld/ | ||
+ | </VirtualHost> | ||
+ | |||
+ | |||
+ | <IfModule mod_ssl.c> | ||
+ | <VirtualHost *:443> | ||
+ | ServerName pad.domain.tld | ||
+ | ServerAlias www.pad.domain.tld | ||
+ | |||
+ | # SSL configuration | ||
+ | SSLEngine on | ||
+ | # If you hold wildcard certificates for your domain the next two lines are not necessary. | ||
+ | SSLCertificateFile /etc/ssl/private/nc/SSLCertificateFile.crt | ||
+ | SSLCertificateKeyFile /etc/ssl/private/nc/SSLCertificateKeyFile.key | ||
+ | # nc bof | ||
+ | SSLCertificateChainFile /etc/ssl/private/nc/SSLCertificateChainFile.cer | ||
+ | SetEnv nokeepalive ssl-unclean-shutdown | ||
+ | # nc eof | ||
+ | |||
+ | ProxyVia On | ||
+ | ProxyRequests Off | ||
+ | ProxyPreserveHost on | ||
+ | |||
+ | # wenn zielserver https ist (etherpad-lite/settings.json ssl bereich!!!!) dann | ||
+ | SSLProxyEngine On | ||
+ | |||
+ | <Location /> | ||
+ | AuthType Basic | ||
+ | AuthName "Welcome to the domain.org Etherpad" | ||
+ | AuthUserFile /etc/htpasswd/htpasswd_nc | ||
+ | Require valid-user | ||
+ | ProxyPass http://localhost:9001/ retry=0 timeout=30 | ||
+ | ProxyPassReverse http://localhost:9001/ | ||
+ | </Location> | ||
+ | <Location /socket.io> | ||
+ | # This is needed to handle the websocket transport through the proxy, since | ||
+ | # etherpad does not use a specific sub-folder, such as /ws/ to handle this kind of traffic. | ||
+ | # Taken from https://github.com/ether/etherpad-lite/issues/2318#issuecomment-63548542 | ||
+ | # Thanks to beaugunderson for the semantics | ||
+ | RewriteEngine On | ||
+ | RewriteCond %{QUERY_STRING} transport=websocket [NC] | ||
+ | RewriteRule /(.*) ws://localhost:9001/socket.io/$1 [P,L] | ||
+ | ProxyPass http://localhost:9001/socket.io retry=0 timeout=30 | ||
+ | ProxyPassReverse http://localhost:9001/socket.io | ||
+ | </Location> | ||
+ | |||
+ | <Proxy *> | ||
+ | Options FollowSymLinks MultiViews | ||
+ | AllowOverride All | ||
+ | Order allow,deny | ||
+ | allow from all | ||
+ | </Proxy> | ||
+ | </VirtualHost> | ||
+ | </IfModule> | ||
</source> | </source> | ||
Zeile 31: | Zeile 104: | ||
systemctl restart apache2 | systemctl restart apache2 | ||
</source> | </source> | ||
+ | |||
+ | == Konfiguration == | ||
+ | nach folgendend die entscheidenen Einstellungen | ||
+ | |||
+ | === settings.json === | ||
+ | |||
+ | ==== ssl ==== | ||
+ | * Wichtig ist hier das der ausführende Nutzer lese berechtigung hat | ||
+ | |||
+ | * etherpad-lite/settings.json | ||
+ | <source lang=json> | ||
+ | "ssl" : { | ||
+ | "key" : "/etc/ssl/private/ssl.key", | ||
+ | "cert" : "/etc/ssl/private/ssl.crt", | ||
+ | "ca": ["/etc/ssl/private/ssl.cer"] | ||
+ | }, | ||
+ | </source> | ||
+ | |||
+ | ==== mysql ==== | ||
+ | |||
+ | * https://github.com/ether/etherpad-lite/wiki/How-to-use-Etherpad-Lite-with-MySQL | ||
+ | |||
+ | <source lang=mysql> | ||
+ | create database dbname; | ||
+ | create user 'dbuser'@'localhost' identified by 'dbpasswd'; | ||
+ | grant all on dbname.* to 'dbuser'@'localhost'; | ||
+ | </source> | ||
+ | |||
+ | |||
+ | * etherpad-lite/settings.json | ||
+ | <source lang=json> | ||
+ | "dbType" : "mysql", | ||
+ | "dbSettings" : { | ||
+ | "user" : "dbuser", | ||
+ | "host" : "localhost", | ||
+ | "port" : 3306, | ||
+ | "password": "dbpasswd", | ||
+ | "database": "dbname", | ||
+ | "charset" : "utf8mb4" | ||
+ | }, | ||
+ | </source> | ||
+ | |||
+ | |||
+ | ==== Benutzer Rechte ==== | ||
+ | * etherpad-lite/settings.json | ||
+ | <source lang=json> | ||
+ | "requireSession" : false, | ||
+ | "sessionNoPassword" : true, | ||
+ | "requireAuthentication" : false, // wichtig, macht sonst mit ep_mypads probleme | ||
+ | "requireAuthorization" : true, | ||
+ | |||
+ | "users": { | ||
+ | "admin": { | ||
+ | // "password" can be replaced with "hash" if you install ep_hash_auth | ||
+ | "password": "changeMe", | ||
+ | "is_admin": true | ||
+ | }, | ||
+ | }, | ||
+ | |||
+ | |||
+ | </source> | ||
+ | |||
+ | ==== abiword ==== | ||
+ | * wichtig. abiword muss natürlich mit apt-get installiert sein | ||
+ | ** achtung: funktioniert nicht mit ep_font_size | ||
+ | |||
+ | * etherpad-lite/settings.json | ||
+ | <source lang=json> | ||
+ | "abiword" : "/usr/bin/abiword", | ||
+ | </source> | ||
+ | |||
+ | === ep_mypads === | ||
+ | * https://pad.domain.tld:9001/mypads/index.html?/admin | ||
+ | |||
+ | * Anonymous pads: deaktivieren | ||
+ | |||
+ | * Registrierung öffnen: im Zweifel deaktivieren, wenn kein öffentliches pad | ||
+ | |||
+ | * E-Mail Einstellungen: müssen richtig sein, ansonsten Absturz | ||
+ | |||
+ | === Benutzer erstellen === | ||
+ | |||
+ | unter Authentifizierungseinstellungen die checkbox "Registrierung öffnen" aktivieren, dann können temporär user erstellt werden, hinterher evt. wieder schließen, weil sonst spam | ||
+ | |||
+ | == linux system daemon == | ||
+ | * https://github.com/ether/etherpad-lite/wiki/How-to-deploy-Etherpad-Lite-as-a-service#debian-8-jessie--systemd | ||
+ | |||
+ | == Installed plugins (tested)== | ||
+ | |||
+ | * ep_adminpads@0.0.12 | ||
+ | * ep_align@0.0.23 | ||
+ | * ep_authorship_toggle@0.0.3 | ||
+ | * ep_chatdate@1.0.0 | ||
+ | * ep_colors@0.0.3 | ||
+ | * ep_comments_page@0.0.35 | ||
+ | * ep_fileupload@0.0.10 | ||
+ | * ep_font_family@0.2.7 | ||
+ | * ep_message_all@1.0.0 | ||
+ | * ep_mypads@1.6.2 | ||
+ | * ep_page_view@0.5.24 | ||
+ | * ep_printer@0.0.2 | ||
+ | * ep_sync_status@0.0.1 | ||
+ | |||
+ | === problem plugins === | ||
+ | |||
+ | * ep_font_size@0.1.11 | ||
+ | ** macht Probleme beim export mit abiword | ||
+ | *** https://github.com/ether/etherpad-lite/issues/2915 | ||
+ | |||
+ | |||
+ | == Quellen == | ||
+ | * http://raphael.kallensee.name/journal/etherpad-lite-auf-ubuntu-server-apache-upstart/ |
Aktuelle Version vom 23. November 2020, 16:18 Uhr
wohl die neue alternative https://github.com/xwiki-labs/cryptpad cryptpad
Inhaltsverzeichnis
minimal installation
Grundsätzlich macht es Sinn npm und co nicht als root auszuführen, wegen der sicherheit und teilweise kommen auch fehler zu stande
apt install gzip git curl python libssl-dev pkg-config build-essential
curl -sL https://deb.nodesource.com/setup_9.x | sudo -E bash -
sudo apt-get install -y nodejs
git clone https://github.com/ether/etherpad-lite.git && cd etherpad-lite
# für den export !!!
apt-get install abiword
# zum testen, ansich nicht als root
bin/run.sh
# und dann im Browser http://127.0.0.1:9001/
npm ... extensions
npm init
npm i ep_fileupload
# weitere siehe unten
mit apache ansprechen
- /etc/apache2/sites-available/pad.domain.tld.conf
<VirtualHost *:80>
ServerName pad.domain.tld
ServerAlias www.pad.domain.tld
ServerAdmin webmaster@localhost
Redirect permanent / https://pad.domain.tld/
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName pad.domain.tld
ServerAlias www.pad.domain.tld
# SSL configuration
SSLEngine on
# If you hold wildcard certificates for your domain the next two lines are not necessary.
SSLCertificateFile /etc/ssl/private/nc/SSLCertificateFile.crt
SSLCertificateKeyFile /etc/ssl/private/nc/SSLCertificateKeyFile.key
# nc bof
SSLCertificateChainFile /etc/ssl/private/nc/SSLCertificateChainFile.cer
SetEnv nokeepalive ssl-unclean-shutdown
# nc eof
ProxyVia On
ProxyRequests Off
ProxyPreserveHost on
# wenn zielserver https ist (etherpad-lite/settings.json ssl bereich!!!!) dann
SSLProxyEngine On
<Location />
AuthType Basic
AuthName "Welcome to the domain.org Etherpad"
AuthUserFile /etc/htpasswd/htpasswd_nc
Require valid-user
ProxyPass http://localhost:9001/ retry=0 timeout=30
ProxyPassReverse http://localhost:9001/
</Location>
<Location /socket.io>
# This is needed to handle the websocket transport through the proxy, since
# etherpad does not use a specific sub-folder, such as /ws/ to handle this kind of traffic.
# Taken from https://github.com/ether/etherpad-lite/issues/2318#issuecomment-63548542
# Thanks to beaugunderson for the semantics
RewriteEngine On
RewriteCond %{QUERY_STRING} transport=websocket [NC]
RewriteRule /(.*) ws://localhost:9001/socket.io/$1 [P,L]
ProxyPass http://localhost:9001/socket.io retry=0 timeout=30
ProxyPassReverse http://localhost:9001/socket.io
</Location>
<Proxy *>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Proxy>
</VirtualHost>
</IfModule>
a2enmod proxy proxy_http
systemctl restart apache2
Konfiguration
nach folgendend die entscheidenen Einstellungen
settings.json
ssl
- Wichtig ist hier das der ausführende Nutzer lese berechtigung hat
- etherpad-lite/settings.json
"ssl" : {
"key" : "/etc/ssl/private/ssl.key",
"cert" : "/etc/ssl/private/ssl.crt",
"ca": ["/etc/ssl/private/ssl.cer"]
},
mysql
create database dbname;
create user 'dbuser'@'localhost' identified by 'dbpasswd';
grant all on dbname.* to 'dbuser'@'localhost';
- etherpad-lite/settings.json
"dbType" : "mysql",
"dbSettings" : {
"user" : "dbuser",
"host" : "localhost",
"port" : 3306,
"password": "dbpasswd",
"database": "dbname",
"charset" : "utf8mb4"
},
Benutzer Rechte
- etherpad-lite/settings.json
"requireSession" : false,
"sessionNoPassword" : true,
"requireAuthentication" : false, // wichtig, macht sonst mit ep_mypads probleme
"requireAuthorization" : true,
"users": {
"admin": {
// "password" can be replaced with "hash" if you install ep_hash_auth
"password": "changeMe",
"is_admin": true
},
},
abiword
- wichtig. abiword muss natürlich mit apt-get installiert sein
- achtung: funktioniert nicht mit ep_font_size
- etherpad-lite/settings.json
"abiword" : "/usr/bin/abiword",
ep_mypads
- Anonymous pads: deaktivieren
- Registrierung öffnen: im Zweifel deaktivieren, wenn kein öffentliches pad
- E-Mail Einstellungen: müssen richtig sein, ansonsten Absturz
Benutzer erstellen
unter Authentifizierungseinstellungen die checkbox "Registrierung öffnen" aktivieren, dann können temporär user erstellt werden, hinterher evt. wieder schließen, weil sonst spam
linux system daemon
Installed plugins (tested)
- ep_adminpads@0.0.12
- ep_align@0.0.23
- ep_authorship_toggle@0.0.3
- ep_chatdate@1.0.0
- ep_colors@0.0.3
- ep_comments_page@0.0.35
- ep_fileupload@0.0.10
- ep_font_family@0.2.7
- ep_message_all@1.0.0
- ep_mypads@1.6.2
- ep_page_view@0.5.24
- ep_printer@0.0.2
- ep_sync_status@0.0.1
problem plugins
- ep_font_size@0.1.11
- macht Probleme beim export mit abiword