Working cryptpad

This commit is contained in:
Quentin 2022-05-10 15:17:55 +02:00
parent 79e61b6bfd
commit 8cd2f72926
Signed by untrusted user: quentin
GPG key ID: E9602264D639FF68
6 changed files with 78 additions and 38 deletions

View file

@ -1,6 +1,6 @@
rec { rec {
cryptpadVersion = "4.14.1"; cryptpadVersion = "4.14.1+2";
cryptpadCommit = "5979aafdee90aab232658374b11aca8331fd0421"; cryptpadCommit = "18c371bb5bda068a5d962dd7c4f0726320eea5e9";
pkgsSrc = fetchTarball { pkgsSrc = fetchTarball {
# Latest commit on https://github.com/NixOS/nixpkgs/tree/nixos-21.11 # Latest commit on https://github.com/NixOS/nixpkgs/tree/nixos-21.11
@ -9,7 +9,7 @@ rec {
sha256 = "sha256:1d7zg96xw4qsqh7c89pgha9wkq3rbi9as3k3d88jlxy2z0ns0cy2"; sha256 = "sha256:1d7zg96xw4qsqh7c89pgha9wkq3rbi9as3k3d88jlxy2z0ns0cy2";
}; };
cryptpadSrc = builtins.fetchGit { cryptpadSrc = builtins.fetchGit {
url = "https://github.com/xwiki-labs/cryptpad"; url = "https://github.com/superboum/cryptpad";
ref = "refs/tags/${cryptpadVersion}"; ref = "refs/tags/${cryptpadVersion}";
rev = cryptpadCommit; rev = cryptpadCommit;
}; };

View file

@ -39,30 +39,35 @@ in
find node_modules -type f ! -path 'node_modules/gar/*' -executable -print | tee >(xargs -n 20 rm) find node_modules -type f ! -path 'node_modules/gar/*' -executable -print | tee >(xargs -n 20 rm)
# Remove only office that IS BIG # Remove only office that IS BIG
rm -rf www/common/onlyoffice # COMMENTED as it is not as easy as planned.
# rm -rf www/common/onlyoffice
''; '';
installPhase = '' installPhase = ''
mkdir -p $out/{bin,opt} mkdir -p $out/{bin,opt}
out_cryptpad=$out/opt/
# copy the source code # copy the source code
cp -r .bowerrc bower.json package.json package-lock.json customize.dist lib server.js www $out/opt/ cp -r .bowerrc bower.json package.json package-lock.json customize.dist lib server.js www $out_cryptpad
# mount node_modules # mount node_modules
cp -r node_modules $out/opt/node_modules cp -r node_modules $out_cryptpad/node_modules
# patch
substituteInPlace $out_cryptpad/lib/workers/index.js --replace "lib/workers/db-worker" "$out_cryptpad/lib/workers/db-worker"
# mount bower, based on the .bowerrc file at the git repo root # mount bower, based on the .bowerrc file at the git repo root
cp -r ${bower}/bower_components $out/opt/www/ cp -r ${bower}/bower_components $out_cryptpad/www/
# cryptpad is bugged with absolute path, this is a workaround to use absolute path as relative path # cryptpad is bugged with absolute path, this is a workaround to use absolute path as relative path
ln -s / $out/opt/root ln -s / $out_cryptpad/root
# start script # start script, cryptpad is lost if its working directory is not its source directory
cat > $out/bin/cryptpad <<EOF cat > $out/bin/cryptpad <<EOF
#!${pkgs.stdenv.shell} #!${pkgs.stdenv.shell}
cd $out/opt/ cd $out_cryptpad
${nodejs}/bin/node server.js exec ${nodejs}/bin/node server.js
EOF EOF
chmod +x $out/bin/cryptpad chmod +x $out/bin/cryptpad

View file

@ -3,7 +3,7 @@ let
pkgs = import common.pkgsSrc {}; pkgs = import common.pkgsSrc {};
app = import ./default.nix; app = import ./default.nix;
in in
pkgs.dockerTools.buildImage { pkgs.dockerTools.buildLayeredImage {
name = "superboum/cryptpad"; name = "superboum/cryptpad";
config = { config = {
Cmd = [ "${app}/bin/cryptpad" ]; Cmd = [ "${app}/bin/cryptpad" ];

View file

@ -0,0 +1,40 @@
/*
* You can override the configurable values from this file.
* The recommended method is to make a copy of this file (/customize.dist/application_config.js)
in a 'customize' directory (/customize/application_config.js).
* If you want to check all the configurable values, you can open the internal configuration file
but you should not change it directly (/common/application_config_internal.js)
*/
define(['/common/application_config_internal.js'], function (AppConfig) {
// To inform users of the support ticket panel which languages your admins speak:
AppConfig.supportLanguages = [ 'en', 'fr' ];
/* Select the buttons displayed on the main page to create new collaborative sessions.
* Removing apps from the list will prevent users from accessing them. They will instead be
* redirected to the drive.
* You should never remove the drive from this list.
*/
AppConfig.availablePadTypes = ['drive', 'teams', 'doc', 'presentation', 'pad', 'kanban', 'code', 'form', 'poll', 'whiteboard',
'file', 'contacts', 'slide', 'convert'];
// disabled: sheet
/* You can display a link to your own privacy policy in the static pages footer.
* Since this is different for each individual or organization there is no default value.
* See the comments above for a description of possible configurations.
*/
AppConfig.privacy = {
"default": "https://deuxfleurs.fr/CGU.html",
};
/* You can display a link to your instances's terms of service in the static pages footer.
* A default is included for backwards compatibility, but we recommend replacing this
* with your own terms.
*
* See the comments above for a description of possible configurations.
*/
AppConfig.terms = {
"default": "https://deuxfleurs.fr/CGU.html",
};
return AppConfig;
});

View file

@ -90,7 +90,7 @@ module.exports = {
* that of your httpPort + 1. You probably don't need to change this. * that of your httpPort + 1. You probably don't need to change this.
* *
*/ */
httpSafePort: 3001, // httpSafePort: 3001,
/* CryptPad will launch a child process for every core available /* CryptPad will launch a child process for every core available
* in order to perform CPU-intensive tasks in parallel. * in order to perform CPU-intensive tasks in parallel.
@ -111,11 +111,9 @@ module.exports = {
* key, which can be found on the settings page for registered users. * key, which can be found on the settings page for registered users.
* Entries should be strings separated by a comma. * Entries should be strings separated by a comma.
*/ */
/*
adminKeys: [ adminKeys: [
//"[cryptpad-user1@my.awesome.website/YZgXQxKR0Rcb6r6CmxHPdAGLVludrAF2lEnkbx1vVOo=]", "[quentin@pad.deuxfleurs.fr/EWtzm-CiqJnM9RZL9mj-YyTgAtX-Zh76sru1K5bFpN8=]",
], ],
*/
/* ===================== /* =====================
* STORAGE * STORAGE
@ -253,7 +251,7 @@ module.exports = {
* *
* This will affect both logging to the console and the disk. * This will affect both logging to the console and the disk.
*/ */
logLevel: 'debug', logLevel: 'silly',
/* clients can use the /settings/ app to opt out of usage feedback /* clients can use the /settings/ app to opt out of usage feedback
* which informs the server of things like how much each app is being * which informs the server of things like how much each app is being

View file

@ -6,12 +6,9 @@ job "cryptpad" {
count = 1 count = 1
network { network {
port "unsafe" { port "http" {
to = 3000 to = 3000
} }
port "sandbox" {
to = 3001
}
} }
restart { restart {
@ -21,9 +18,16 @@ job "cryptpad" {
task "main" { task "main" {
driver = "docker" driver = "docker"
constraint {
attribute = "${attr.unique.hostname}"
operator = "="
value = "courgette"
}
config { config {
image = "superboum/cryptpad:7l2fgdl9bfvf8s87rparamm9cvhb5ind" image = "superboum/cryptpad:0p3s44hjh4s1x55kbwkmywmwmx4wfyb8"
ports = [ "unsafe", "sandbox" ] ports = [ "http" ]
volumes = [ volumes = [
"/mnt/storage/cryptpad:/mnt", "/mnt/storage/cryptpad:/mnt",
@ -39,29 +43,22 @@ job "cryptpad" {
destination = "secrets/config.js" destination = "secrets/config.js"
} }
/* Disabled because it requires modifications to the docker image and I do not want to invest the time yet
template {
data = file("../config/application_config.js")
destination = "secrets/config.js"
}
*/
resources { resources {
memory = 1000 memory = 1000
cpu = 500 cpu = 500
} }
service { service {
port = "unsafe" port = "http"
tags = [ tags = [
"tricot pad.deuxfleurs.fr", "tricot pad.deuxfleurs.fr",
"tricot-add-header Cross-Origin-Resource-Policy cross-origin",
"tricot-add-header Cross-Origin-Embedder-Policy require-corp",
]
check {
type = "http"
path = "/"
interval = "10s"
timeout = "2s"
}
}
service {
port = "sandbox"
tags = [
"tricot pad-sandbox.deuxfleurs.fr", "tricot pad-sandbox.deuxfleurs.fr",
"tricot-add-header Cross-Origin-Resource-Policy cross-origin", "tricot-add-header Cross-Origin-Resource-Policy cross-origin",
"tricot-add-header Cross-Origin-Embedder-Policy require-corp", "tricot-add-header Cross-Origin-Embedder-Policy require-corp",