From c9022c30946a62e75351e1864b0160b8110d1dc5 Mon Sep 17 00:00:00 2001 From: Yunohost-Bot <> Date: Sun, 7 Aug 2022 20:11:17 +0200 Subject: [PATCH 1/9] =?UTF-8?q?[autopatch]=20Add=20Common=20Platform=C2=A0?= =?UTF-8?q?Enumeration=20id=20to=20`manifest.json`?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- manifest.json | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/manifest.json b/manifest.json index c89aa0a..a300426 100644 --- a/manifest.json +++ b/manifest.json @@ -13,7 +13,8 @@ "website": "https://cryptpad.fr/", "demo": "https://cryptpad.fr/", "admindoc": "https://docs.cryptpad.fr/en/", - "code": "https://github.com/xwiki-labs/cryptpad" + "code": "https://github.com/xwiki-labs/cryptpad", + "cpe": "cpe:2.3:a:xwiki:cryptpad" }, "license": "AGPL-3.0-only", "maintainer": { @@ -53,4 +54,4 @@ } ] } -} +} \ No newline at end of file From 467dae519f6cc1ce916e26615d2b86dacc74fbaa Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Mon, 15 Aug 2022 19:04:47 +0200 Subject: [PATCH 2/9] set relative path for --keep opt --- scripts/upgrade | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade b/scripts/upgrade index 7b46a12..fe89061 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -90,7 +90,7 @@ then ynh_script_progression --message="Upgrading source files..." --weight=1 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" --keep="$final_path/config/config.js" + ynh_setup_source --dest_dir="$final_path" --keep="config/config.js" chmod 750 "$final_path" chmod -R o-rwx "$final_path" From 3f627932fbd3b84e3843c4782cfa126caa6d6fbd Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Mon, 15 Aug 2022 17:04:54 +0000 Subject: [PATCH 3/9] Auto-update README --- README.md | 1 + README_fr.md | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 9a5dcea..e861781 100644 --- a/README.md +++ b/README.md @@ -19,6 +19,7 @@ CryptPad is a collaboration suite that is end-to-end-encrypted and open-source. **Shipped version:** 4.12.0~ynh2 + **Demo:** https://cryptpad.fr/ ## Screenshots diff --git a/README_fr.md b/README_fr.md index f7532c0..facbe19 100644 --- a/README_fr.md +++ b/README_fr.md @@ -17,7 +17,8 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour CryptPad est une suite de collaboration chiffrée de bout en bout et open source. Il est conçu pour permettre la collaboration, en synchronisant les modifications apportées aux documents en temps réel. Étant donné que toutes les données sont chiffrées, le service et ses administrateurs n'ont aucun moyen de voir le contenu modifié et stocké. -**Version incluse :** 4.12.0~ynh2 +**Version incluse :** 4.12.0~ynh2 + **Démo :** https://cryptpad.fr/ From 16ecb70d8789f12cf4cfe0b7b1463ea6142af9ae Mon Sep 17 00:00:00 2001 From: DDATAA <45762540+Ddataa@users.noreply.github.com> Date: Fri, 9 Dec 2022 17:01:27 +0000 Subject: [PATCH 4/9] Use sandbox domain and upgrade to v5.1.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Éric Gaspar <46165813+ericgaspar@users.noreply.github.com> --- README.md | 9 +++- check_process | 5 ++ conf/app.src | 6 +-- conf/config.js | 4 +- conf/nginx.conf | 111 +++++++++++++++++++++++++++++++++++++-------- scripts/_common.sh | 2 +- scripts/install | 47 ++++++++++++++++++- scripts/remove | 23 ++++++++++ scripts/restore | 5 ++ scripts/upgrade | 60 ++++++++++++++++++++++++ 10 files changed, 245 insertions(+), 27 deletions(-) diff --git a/README.md b/README.md index e861781..f59e30d 100644 --- a/README.md +++ b/README.md @@ -30,7 +30,14 @@ CryptPad is a collaboration suite that is end-to-end-encrypted and open-source. ## Configuration -Once CryptPad is installed, create an account via the Register button on the home page. To make this account an instance administrator: +Once CryptPad is installed. + +We have created for you the mandatory sandbox domain. +You still need to install the certificate for it. +So first, hit the diagnosis page so we make sure your DNS configuration is correct. +Then, go into your domain SSL configuration to generate your Let's Encrypt certificate. + +Create an account via the Register button on the home page. To make this account an instance administrator: 1. Copy the public key found in User Menu (avatar at the top right) > Settings > Account > Public Signing Key 2. Paste this key in `/var/www/cryptpad/config/config.js` in the following array (uncomment and replace the placeholder): diff --git a/check_process b/check_process index 86b0fb0..657867b 100644 --- a/check_process +++ b/check_process @@ -13,6 +13,8 @@ upgrade=1 #4.10.0 upgrade=1 from_commit=2a54cd03f90c93b07150a64644ffc7f208110a18 + #4.12.0 + upgrade=1 from_commit=1e36039893dc35533b320257ca7f93ef1d07a164 backup_restore=1 multi_instance=0 port_already_use=0 @@ -23,3 +25,6 @@ Notification=none ;;; Upgrade options ; commit=2a54cd03f90c93b07150a64644ffc7f208110a18 name=update to 4.10.0 +;;; Upgrade options + ; commit=1e36039893dc35533b320257ca7f93ef1d07a164 + name=update to 4.12.0 diff --git a/conf/app.src b/conf/app.src index b4fdbbf..aed8119 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,6 +1,6 @@ -SOURCE_URL=https://github.com/xwiki-labs/cryptpad/archive/4.11.0.tar.gz -SOURCE_SUM=e529b484c297f73227f991971189c51f64da1ab53fc78334d1fb08e320d4385e +SOURCE_URL=https://github.com/xwiki-labs/cryptpad/archive/5.1.0.tar.gz +SOURCE_SUM=e8971f8a6439958e8328a8433a696e5ae3915740c5f93cfce9a13776edd83084 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true -SOURCE_FILENAME=cryptpad.tar.gz \ No newline at end of file +SOURCE_FILENAME=cryptpad.tar.gz diff --git a/conf/config.js b/conf/config.js index e3dd5ad..41b1075 100644 --- a/conf/config.js +++ b/conf/config.js @@ -72,7 +72,7 @@ module.exports = { * * CUSTOMIZE AND UNCOMMENT THIS FOR PRODUCTION INSTALLATIONS. */ - // httpSafeOrigin: "https://some-other-domain.xyz", + httpSafeOrigin: "https://sandbox-__DOMAIN__", /* httpAddress specifies the address on which the nodejs server * should be accessible. By default it will listen on 127.0.0.1 @@ -325,4 +325,4 @@ module.exports = { * */ installMethod: 'unspecified', -}; \ No newline at end of file +}; diff --git a/conf/nginx.conf b/conf/nginx.conf index c46b37c..9aeb854 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,19 +1,94 @@ -#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; -location __PATH__/ { - - proxy_pass http://127.0.0.1:__PORT__; - proxy_redirect off; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Host $server_name; - - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - - # Include SSOWAT user panel. - include conf.d/yunohost_panel.conf.inc; - more_clear_input_headers 'Accept-Encoding'; +set $main_domain "__DOMAIN__"; +set $sandbox_domain "sandbox-__DOMAIN__"; +set $allowed_origins "https://${sandbox_domain}"; +set $api_domain "__DOMAIN__"; +set $files_domain "__DOMAIN__"; +ssl_ecdh_curve secp384r1; +more_set_headers "Strict-Transport-Security: 'max-age=31536000; includeSubDomains' always"; +more_set_headers "X-XSS-Protection: '1; mode=block'"; +more_set_headers "X-Content-Type-Options: nosniff"; +more_set_headers "Access-Control-Allow-Origin: '${allowed_origins}'"; +more_set_headers "Cross-Origin-Resource-Policy: cross-origin"; +more_set_headers "Cross-Origin-Embedder-Policy: require-corp"; +root /var/www/cryptpad; +index index.html; +error_page 404 /customize.dist/404.html; +if ($uri ~ ^(\/|.*\/|.*\.html)$) { + set $cacheControl no-cache; } +if ($args ~ ver=) { + set $cacheControl max-age=31536000; +} +more_set_headers "Cache-Control: $cacheControl"; +set $styleSrc "'unsafe-inline' 'self' https://${main_domain}"; +set $connectSrc "'self' blob: https://${main_domain} https://${sandbox_domain} wss://${main_domain}"; +set $fontSrc "'self' data: https://${main_domain}"; +set $imgSrc "'self' data: blob: https://${main_domain}"; +set $frameSrc "'self' https://${sandbox_domain} blob:"; +set $mediaSrc "blob:"; +set $childSrc "https://${main_domain}"; +set $workerSrc "'self'"; +set $scriptSrc "'self' resource: https://${main_domain}"; +set $frameAncestors "'self' https://${main_domain}"; +set $unsafe 0; +if ($uri ~ ^\/(sheet|doc|presentation)\/inner.html.*$) { set $unsafe 1; } +if ($uri ~ ^\/common\/onlyoffice\/.*\/.*\.html.*$) { set $unsafe 1; } +if ($host != $sandbox_domain) { set $unsafe 0; } +if ($uri ~ ^\/unsafeiframe\/inner\.html.*$) { set $unsafe 1; } +if ($unsafe) { + set $scriptSrc "'self' 'unsafe-eval' 'unsafe-inline' resource: https://${main_domain}"; +} +more_set_headers "Content-Security-Policy: default-src 'none'; child-src $childSrc; worker-src $workerSrc; media-src $mediaSrc; style-src $styleSrc; script-src $scriptSrc; connect-src $connectSrc; font-src $fontSrc; img-src $imgSrc; frame-src $frameSrc; frame-ancestors $frameAncestors"; +location ^~ /cryptpad_websocket { + proxy_pass http://localhost:3000; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection upgrade; +} +location ^~ /customize.dist/ { + # This is needed in order to prevent infinite recursion between /customize/ and the root +} +location ^~ /customize/ { + rewrite ^/customize/(.*)$ $1 break; + try_files /customize/$uri /customize.dist/$uri; +} +location ~ ^/api/.*$ { + proxy_pass http://localhost:3000; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_hide_header Cross-Origin-Resource-Policy; + more_set_headers "Cross-Origin-Resource-Policy: cross-origin"; + proxy_hide_header Cross-Origin-Embedder-Policy; + more_set_headers "Cross-Origin-Embedder-Policy: require-corp"; +} +location ^~ /blob/ { + if ($request_method = 'OPTIONS') { + more_set_headers "Access-Control-Allow-Origin: '${allowed_origins}'"; + more_set_headers "Access-Control-Allow-Methods: 'GET, POST, OPTIONS'"; + more_set_headers "Access-Control-Allow-Headers: 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range'"; + more_set_headers "Access-Control-Max-Age: 1728000"; + more_set_headers "Content-Type: 'application/octet-stream; charset=utf-8'"; + more_set_headers "Content-Length: 0"; + return 204; + } + more_set_headers "X-Content-Type-Options: nosniff"; + more_set_headers "Cache-Control: max-age=31536000'"; + more_set_headers "Access-Control-Allow-Origin: '${allowed_origins}'"; + more_set_headers "Access-Control-Allow-Methods: 'GET, POST, OPTIONS'"; + more_set_headers "Access-Control-Allow-Headers: 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Content-Length'"; + more_set_headers "Access-Control-Expose-Headers: 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Content-Length'"; + try_files $uri =404; +} +location ^~ /block/ { + more_set_headers "X-Content-Type-Options: nosniff"; + more_set_headers "Cache-Control: max-age=0"; + try_files $uri =404; +} +location ~ ^/(register|login|settings|user|pad|drive|poll|slide|code|whiteboard|file|media|profile|contacts|todo|filepicker|debug|kanban|sheet|support|admin|notifications|teams|calendar|presentation|doc|form|report|convert|checkup)$ { + rewrite ^(.*)$ $1/ redirect; +} +try_files /customize/www/$uri /customize/www/$uri/index.html /www/$uri /www/$uri/index.html /customize/$uri; diff --git a/scripts/_common.sh b/scripts/_common.sh index f9d06de..af38340 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,7 +4,7 @@ # COMMON VARIABLES #================================================= -nodejs_version="14" +nodejs_version="16.14.2" #================================================= # PERSONAL HELPERS diff --git a/scripts/install b/scripts/install index 77ad500..eb995e5 100644 --- a/scripts/install +++ b/scripts/install @@ -66,6 +66,16 @@ ynh_app_setting_set --app=$app --key=port --value=$port porti=$(ynh_find_port --port=$(($port + 1))) ynh_app_setting_set --app=$app --key=porti --value=$porti +#================================================= +# CREATE A SANDBOX DOMAIN +#================================================= +sandboxdomain=sandbox-$domain +# We don't test that in CI +if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then + yunohost domain add $sandboxdomain + yunohost domain config set $sandboxdomain -a "mail_in=0&mail_out=0" +fi + #================================================= # INSTALL DEPENDENCIES #================================================= @@ -131,6 +141,8 @@ pushd "$final_path" ynh_exec_warn_less npm install --allow-root ynh_exec_warn_less npm install -g bower ynh_exec_warn_less bower install --allow-root + ynh_exec_warn_less bower update --allow-root + ynh_exec_warn_less npm run build popd #================================================= @@ -161,6 +173,36 @@ then ynh_permission_update --permission="main" --add="visitors" fi +# We authorize access to sandbox domain +# We don't test that in CI +if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then + ynh_permission_url --permission="main" --add_url=$sandboxdomain --auth_header=true + # there is a bug in core that add a slash at the end of domain in ssowat conf for uris var + # so we use ${sandboxdomain%/} to remove the eccessive trailing slash # it doesnt work + # we use jq to correct /etc/ssowat/conf.json + uri2=$sandboxdomain + touch /etc/ssowat/conf.json.persistent + cat /etc/ssowat/conf.json | jq --arg uri2 "$uri2" '(.permissions[] | select(.label=="CryptPad") | .uris[1]) |=$uri2' >> /etc/ssowat/conf.json.persistent +fi + +#================================================= +# APPLY FOLDER RIGHTS +#================================================= +chgrp -R www-data $final_path + +#================================================= +# COPY NGINX CONF IN SANDBOX DOMAIN +#================================================= +# We don't test that in CI +if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then + ynh_add_config --template="/etc/nginx/conf.d/$domain.d/cryptpad.conf" --destination="/etc/nginx/conf.d/$sandboxdomain.d/cryptpad.conf" +fi + +#================================================= +# RELOAD YUNOHOST-API to refresh web admin domains after domain creation (normal?) +#================================================= +ynh_systemd_action --service_name=yunohost-api --action=reload + #================================================= # RELOAD NGINX #================================================= @@ -175,9 +217,10 @@ ynh_script_progression --message="Sending a readme for the admin..." --weight=1 message="CryptPad was successfully installed :) -Please open your $app domain: https://$domain$path_url +We have added a sandbox domain for you but you still need to configure your DNS and generate Let's Encrypt Certificates for it. -Once CryptPad is installed, create an account via the Register button on the home page. To make this account an instance administrator: +Then you can please open your $app domain: https://$domain$path_url +Create an account via the Register button on the home page. To make this account an instance administrator: 1. Copy the public key found in User Menu (avatar at the top right) > Settings > Account > Public Signing Key 2. Paste this key in /var/www/cryptpad/config/config.js in the following array (uncomment and replace the placeholder): diff --git a/scripts/remove b/scripts/remove index e201fda..cdf4fee 100644 --- a/scripts/remove +++ b/scripts/remove @@ -64,6 +64,29 @@ ynh_script_progression --message="Removing dependencies..." --weight=3 ynh_remove_nodejs +#================================================= +# REMOVE SANDBOX DOMAIN +#================================================= +ynh_script_progression --message="Removing sandbox domain..." --weight=1 + +# We don't test that in CI +if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then + sandboxdomain=sandbox-$domain + + if yunohost domain list | grep -q $sandboxdomain + then #if domain exist we remove it + yunohost domain remove $sandboxdomain + # we clean the nginx configuration we added + ynh_secure_remove --file="/etc/nginx/conf.d/$sandboxdomain.d/" + fi +fi + + +#================================================= +# RELOAD YUNOHOST-API to refresh web admin domains after domain creation (bug core?) +#================================================= +#ynh_systemd_action --service_name=yunohost-api --action=reload + #================================================= # GENERIC FINALIZATION #================================================= diff --git a/scripts/restore b/scripts/restore index 81c92b5..8bea0d0 100644 --- a/scripts/restore +++ b/scripts/restore @@ -68,6 +68,11 @@ chmod -R o-rwx "$final_path" chown -R $app:$app "$final_path" chmod 600 "$final_path/config/config.js" +#================================================= +# APPLY FOLDER GROUP RIGHTS FOR WWW-DATA +#================================================= +chgrp -R www-data $final_path + #================================================= # REINSTALL DEPENDENCIES #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index fe89061..5aa6ad9 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -97,6 +97,21 @@ then chown -R $app:$app "$final_path" fi +#================================================= +# APPLY FOLDER GROUP RIGHTS FOR WWW-DATA +#================================================= +chgrp -R www-data $final_path + +#================================================= +# CREATE A SANDBOX DOMAIN +#================================================= +sandboxdomain=sandbox-$domain +# We don't test that in CI +if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then + yunohost domain add $sandboxdomain + yunohost domain config set $sandboxdomain -a "mail_in=0&mail_out=0" +fi + #================================================= # NGINX CONFIGURATION #================================================= @@ -122,6 +137,7 @@ pushd "$final_path" ynh_exec_warn_less npm install -g bower ynh_exec_warn_less bower update --allow-root ynh_exec_warn_less npm i + ynh_exec_warn_less npm run build popd #================================================= @@ -142,6 +158,11 @@ ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 yunohost service add $app --description="Zero Knowledge realtime collaborative editor" --log="/var/log/$app/$app.log" +#================================================= +# ADD UPGRADED CONFIG WITH SANDBOX +#================================================= +ynh_add_config --template="../conf/config.js" --destination="$final_path/config/config.js" + #================================================= # START SYSTEMD SERVICE #================================================= @@ -149,6 +170,26 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="server available" +#================================================= +# COPY NGINX CONF IN SANDBOX DOMAIN +#================================================= +# We don't test that in CI +if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then + ynh_add_config --template="/etc/nginx/conf.d/$domain.d/cryptpad.conf" --destination="/etc/nginx/conf.d/$sandboxdomain.d/cryptpad.conf" +fi + +# We authorize access to sandbox domain +# We don't test that in CI +if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then + ynh_permission_url --permission="main" --add_url=$sandboxdomain --auth_header=true + # there is a bug in core that add a slash at the end of domain in ssowat conf for uris var + # so we use ${sandboxdomain%/} to remove the eccessive trailing slash # it doesnt work + # we use jq to correct /etc/ssowat/conf.json + uri2=$sandboxdomain + touch /etc/ssowat/conf.json.persistent + cat /etc/ssowat/conf.json | jq --arg uri2 "$uri2" '(.permissions[] | select(.label=="CryptPad") | .uris[1]) |=$uri2' >> /etc/ssowat/conf.json.persistent +fi + #================================================= # RELOAD NGINX #================================================= @@ -156,6 +197,25 @@ ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload +#================================================= +# SEND A README FOR THE ADMIN +#================================================= +ynh_script_progression --message="Sending a readme for the admin..." --weight=1 + +message="CryptPad was successfully upgraded :) +We have added a sandbox domain for you but you still need to configure your DNS and generate Let's Encrypt Certificates for it !! +If not already done, then you can please open your $app domain: https://$domain$path_url +Create an account via the Register button on the home page. To make this account an instance administrator: +1. Copy the public key found in User Menu (avatar at the top right) > Settings > Account > Public Signing Key +2. Paste this key in /var/www/cryptpad/config/config.js in the following array (uncomment and replace the placeholder): +adminKeys: [ + "[cryptpad-user1@my.awesome.website/YZgXQxKR0Rcb6r6CmxHPdAGLVludrAF2lEnkbx1vVOo=]", +], +If you are facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/cryptpad_ynh" + +ynh_send_readme_to_admin "$message" + + #================================================= # END OF SCRIPT #================================================= From 3745c81a294c15b1028626b785c14ad8a8ef12b5 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Fri, 9 Dec 2022 17:01:31 +0000 Subject: [PATCH 5/9] Auto-update README --- README.md | 10 +--------- README_fr.md | 3 +-- 2 files changed, 2 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index f59e30d..9a5dcea 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,6 @@ CryptPad is a collaboration suite that is end-to-end-encrypted and open-source. **Shipped version:** 4.12.0~ynh2 - **Demo:** https://cryptpad.fr/ ## Screenshots @@ -30,14 +29,7 @@ CryptPad is a collaboration suite that is end-to-end-encrypted and open-source. ## Configuration -Once CryptPad is installed. - -We have created for you the mandatory sandbox domain. -You still need to install the certificate for it. -So first, hit the diagnosis page so we make sure your DNS configuration is correct. -Then, go into your domain SSL configuration to generate your Let's Encrypt certificate. - -Create an account via the Register button on the home page. To make this account an instance administrator: +Once CryptPad is installed, create an account via the Register button on the home page. To make this account an instance administrator: 1. Copy the public key found in User Menu (avatar at the top right) > Settings > Account > Public Signing Key 2. Paste this key in `/var/www/cryptpad/config/config.js` in the following array (uncomment and replace the placeholder): diff --git a/README_fr.md b/README_fr.md index facbe19..f7532c0 100644 --- a/README_fr.md +++ b/README_fr.md @@ -17,8 +17,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour CryptPad est une suite de collaboration chiffrée de bout en bout et open source. Il est conçu pour permettre la collaboration, en synchronisant les modifications apportées aux documents en temps réel. Étant donné que toutes les données sont chiffrées, le service et ses administrateurs n'ont aucun moyen de voir le contenu modifié et stocké. -**Version incluse :** 4.12.0~ynh2 - +**Version incluse :** 4.12.0~ynh2 **Démo :** https://cryptpad.fr/ From 1edac672509ffc6f84a293b639231e599efaab6c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Tue, 20 Dec 2022 18:43:28 +0100 Subject: [PATCH 6/9] 5.2.0 --- conf/app.src | 4 ++-- manifest.json | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/conf/app.src b/conf/app.src index aed8119..a2015d6 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/xwiki-labs/cryptpad/archive/5.1.0.tar.gz -SOURCE_SUM=e8971f8a6439958e8328a8433a696e5ae3915740c5f93cfce9a13776edd83084 +SOURCE_URL=https://github.com/xwiki-labs/cryptpad/archive/5.2.0.tar.gz +SOURCE_SUM=f611df046d42cdc50b919620b6145e5f8451ed076d77b757f5c2a5319557f71f SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/manifest.json b/manifest.json index a300426..b6806c8 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Zero Knowledge realtime collaborative editor", "fr": "Éditeur chiffré collaboratif en temps réel" }, - "version": "4.12.0~ynh2", + "version": "5.2.0~ynh1", "url": "https://cryptpad.fr/", "upstream": { "license": "AGPL-3.0-only", @@ -23,7 +23,7 @@ "url": "https://frju365.yunohost.support" }, "requirements": { - "yunohost": ">= 4.3.0" + "yunohost": ">= 11.0.9" }, "multi_instance": false, "services": [ From 20d7a97f628f2cce4031dbd23abbd862de8cb641 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Tue, 20 Dec 2022 17:43:33 +0000 Subject: [PATCH 7/9] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 9a5dcea..afd5822 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in CryptPad is a collaboration suite that is end-to-end-encrypted and open-source. It is built to enable collaboration, synchronizing changes to documents in real time. Because all data is encrypted, the service and its administrators have no way of seeing the content being edited and stored. -**Shipped version:** 4.12.0~ynh2 +**Shipped version:** 5.2.0~ynh1 **Demo:** https://cryptpad.fr/ diff --git a/README_fr.md b/README_fr.md index f7532c0..6fe9a64 100644 --- a/README_fr.md +++ b/README_fr.md @@ -17,7 +17,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour CryptPad est une suite de collaboration chiffrée de bout en bout et open source. Il est conçu pour permettre la collaboration, en synchronisant les modifications apportées aux documents en temps réel. Étant donné que toutes les données sont chiffrées, le service et ses administrateurs n'ont aucun moyen de voir le contenu modifié et stocké. -**Version incluse :** 4.12.0~ynh2 +**Version incluse :** 5.2.0~ynh1 **Démo :** https://cryptpad.fr/ From b25a65e89f8c452916ce535094fd6f82a173f069 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Tue, 20 Dec 2022 18:45:07 +0100 Subject: [PATCH 8/9] fix versions --- manifest.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifest.json b/manifest.json index a300426..6962236 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Zero Knowledge realtime collaborative editor", "fr": "Éditeur chiffré collaboratif en temps réel" }, - "version": "4.12.0~ynh2", + "version": "5.1.0~ynh1", "url": "https://cryptpad.fr/", "upstream": { "license": "AGPL-3.0-only", @@ -23,7 +23,7 @@ "url": "https://frju365.yunohost.support" }, "requirements": { - "yunohost": ">= 4.3.0" + "yunohost": ">= 11.0.9" }, "multi_instance": false, "services": [ From 74d6c90f6424ca641543664bb33b87cb28b1974a Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Tue, 20 Dec 2022 17:45:12 +0000 Subject: [PATCH 9/9] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 9a5dcea..7583385 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in CryptPad is a collaboration suite that is end-to-end-encrypted and open-source. It is built to enable collaboration, synchronizing changes to documents in real time. Because all data is encrypted, the service and its administrators have no way of seeing the content being edited and stored. -**Shipped version:** 4.12.0~ynh2 +**Shipped version:** 5.1.0~ynh1 **Demo:** https://cryptpad.fr/ diff --git a/README_fr.md b/README_fr.md index f7532c0..2ee328b 100644 --- a/README_fr.md +++ b/README_fr.md @@ -17,7 +17,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour CryptPad est une suite de collaboration chiffrée de bout en bout et open source. Il est conçu pour permettre la collaboration, en synchronisant les modifications apportées aux documents en temps réel. Étant donné que toutes les données sont chiffrées, le service et ses administrateurs n'ont aucun moyen de voir le contenu modifié et stocké. -**Version incluse :** 4.12.0~ynh2 +**Version incluse :** 5.1.0~ynh1 **Démo :** https://cryptpad.fr/