From c9022c30946a62e75351e1864b0160b8110d1dc5 Mon Sep 17 00:00:00 2001 From: Yunohost-Bot <> Date: Sun, 7 Aug 2022 20:11:17 +0200 Subject: [PATCH 01/32] =?UTF-8?q?[autopatch]=20Add=20Common=20Platform?= =?UTF-8?q?=C2=A0Enumeration=20id=20to=20`manifest.json`?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- manifest.json | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/manifest.json b/manifest.json index c89aa0a..a300426 100644 --- a/manifest.json +++ b/manifest.json @@ -13,7 +13,8 @@ "website": "https://cryptpad.fr/", "demo": "https://cryptpad.fr/", "admindoc": "https://docs.cryptpad.fr/en/", - "code": "https://github.com/xwiki-labs/cryptpad" + "code": "https://github.com/xwiki-labs/cryptpad", + "cpe": "cpe:2.3:a:xwiki:cryptpad" }, "license": "AGPL-3.0-only", "maintainer": { @@ -53,4 +54,4 @@ } ] } -} +} \ No newline at end of file From 467dae519f6cc1ce916e26615d2b86dacc74fbaa Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Mon, 15 Aug 2022 19:04:47 +0200 Subject: [PATCH 02/32] set relative path for --keep opt --- scripts/upgrade | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade b/scripts/upgrade index 7b46a12..fe89061 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -90,7 +90,7 @@ then ynh_script_progression --message="Upgrading source files..." --weight=1 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" --keep="$final_path/config/config.js" + ynh_setup_source --dest_dir="$final_path" --keep="config/config.js" chmod 750 "$final_path" chmod -R o-rwx "$final_path" From 3f627932fbd3b84e3843c4782cfa126caa6d6fbd Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Mon, 15 Aug 2022 17:04:54 +0000 Subject: [PATCH 03/32] Auto-update README --- README.md | 1 + README_fr.md | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 9a5dcea..e861781 100644 --- a/README.md +++ b/README.md @@ -19,6 +19,7 @@ CryptPad is a collaboration suite that is end-to-end-encrypted and open-source. **Shipped version:** 4.12.0~ynh2 + **Demo:** https://cryptpad.fr/ ## Screenshots diff --git a/README_fr.md b/README_fr.md index f7532c0..facbe19 100644 --- a/README_fr.md +++ b/README_fr.md @@ -17,7 +17,8 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour CryptPad est une suite de collaboration chiffrée de bout en bout et open source. Il est conçu pour permettre la collaboration, en synchronisant les modifications apportées aux documents en temps réel. Étant donné que toutes les données sont chiffrées, le service et ses administrateurs n'ont aucun moyen de voir le contenu modifié et stocké. -**Version incluse :** 4.12.0~ynh2 +**Version incluse :** 4.12.0~ynh2 + **Démo :** https://cryptpad.fr/ From 16ecb70d8789f12cf4cfe0b7b1463ea6142af9ae Mon Sep 17 00:00:00 2001 From: DDATAA <45762540+Ddataa@users.noreply.github.com> Date: Fri, 9 Dec 2022 17:01:27 +0000 Subject: [PATCH 04/32] Use sandbox domain and upgrade to v5.1.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Éric Gaspar <46165813+ericgaspar@users.noreply.github.com> --- README.md | 9 +++- check_process | 5 ++ conf/app.src | 6 +-- conf/config.js | 4 +- conf/nginx.conf | 111 +++++++++++++++++++++++++++++++++++++-------- scripts/_common.sh | 2 +- scripts/install | 47 ++++++++++++++++++- scripts/remove | 23 ++++++++++ scripts/restore | 5 ++ scripts/upgrade | 60 ++++++++++++++++++++++++ 10 files changed, 245 insertions(+), 27 deletions(-) diff --git a/README.md b/README.md index e861781..f59e30d 100644 --- a/README.md +++ b/README.md @@ -30,7 +30,14 @@ CryptPad is a collaboration suite that is end-to-end-encrypted and open-source. ## Configuration -Once CryptPad is installed, create an account via the Register button on the home page. To make this account an instance administrator: +Once CryptPad is installed. + +We have created for you the mandatory sandbox domain. +You still need to install the certificate for it. +So first, hit the diagnosis page so we make sure your DNS configuration is correct. +Then, go into your domain SSL configuration to generate your Let's Encrypt certificate. + +Create an account via the Register button on the home page. To make this account an instance administrator: 1. Copy the public key found in User Menu (avatar at the top right) > Settings > Account > Public Signing Key 2. Paste this key in `/var/www/cryptpad/config/config.js` in the following array (uncomment and replace the placeholder): diff --git a/check_process b/check_process index 86b0fb0..657867b 100644 --- a/check_process +++ b/check_process @@ -13,6 +13,8 @@ upgrade=1 #4.10.0 upgrade=1 from_commit=2a54cd03f90c93b07150a64644ffc7f208110a18 + #4.12.0 + upgrade=1 from_commit=1e36039893dc35533b320257ca7f93ef1d07a164 backup_restore=1 multi_instance=0 port_already_use=0 @@ -23,3 +25,6 @@ Notification=none ;;; Upgrade options ; commit=2a54cd03f90c93b07150a64644ffc7f208110a18 name=update to 4.10.0 +;;; Upgrade options + ; commit=1e36039893dc35533b320257ca7f93ef1d07a164 + name=update to 4.12.0 diff --git a/conf/app.src b/conf/app.src index b4fdbbf..aed8119 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,6 +1,6 @@ -SOURCE_URL=https://github.com/xwiki-labs/cryptpad/archive/4.11.0.tar.gz -SOURCE_SUM=e529b484c297f73227f991971189c51f64da1ab53fc78334d1fb08e320d4385e +SOURCE_URL=https://github.com/xwiki-labs/cryptpad/archive/5.1.0.tar.gz +SOURCE_SUM=e8971f8a6439958e8328a8433a696e5ae3915740c5f93cfce9a13776edd83084 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true -SOURCE_FILENAME=cryptpad.tar.gz \ No newline at end of file +SOURCE_FILENAME=cryptpad.tar.gz diff --git a/conf/config.js b/conf/config.js index e3dd5ad..41b1075 100644 --- a/conf/config.js +++ b/conf/config.js @@ -72,7 +72,7 @@ module.exports = { * * CUSTOMIZE AND UNCOMMENT THIS FOR PRODUCTION INSTALLATIONS. */ - // httpSafeOrigin: "https://some-other-domain.xyz", + httpSafeOrigin: "https://sandbox-__DOMAIN__", /* httpAddress specifies the address on which the nodejs server * should be accessible. By default it will listen on 127.0.0.1 @@ -325,4 +325,4 @@ module.exports = { * */ installMethod: 'unspecified', -}; \ No newline at end of file +}; diff --git a/conf/nginx.conf b/conf/nginx.conf index c46b37c..9aeb854 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,19 +1,94 @@ -#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; -location __PATH__/ { - - proxy_pass http://127.0.0.1:__PORT__; - proxy_redirect off; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Host $server_name; - - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - - # Include SSOWAT user panel. - include conf.d/yunohost_panel.conf.inc; - more_clear_input_headers 'Accept-Encoding'; +set $main_domain "__DOMAIN__"; +set $sandbox_domain "sandbox-__DOMAIN__"; +set $allowed_origins "https://${sandbox_domain}"; +set $api_domain "__DOMAIN__"; +set $files_domain "__DOMAIN__"; +ssl_ecdh_curve secp384r1; +more_set_headers "Strict-Transport-Security: 'max-age=31536000; includeSubDomains' always"; +more_set_headers "X-XSS-Protection: '1; mode=block'"; +more_set_headers "X-Content-Type-Options: nosniff"; +more_set_headers "Access-Control-Allow-Origin: '${allowed_origins}'"; +more_set_headers "Cross-Origin-Resource-Policy: cross-origin"; +more_set_headers "Cross-Origin-Embedder-Policy: require-corp"; +root /var/www/cryptpad; +index index.html; +error_page 404 /customize.dist/404.html; +if ($uri ~ ^(\/|.*\/|.*\.html)$) { + set $cacheControl no-cache; } +if ($args ~ ver=) { + set $cacheControl max-age=31536000; +} +more_set_headers "Cache-Control: $cacheControl"; +set $styleSrc "'unsafe-inline' 'self' https://${main_domain}"; +set $connectSrc "'self' blob: https://${main_domain} https://${sandbox_domain} wss://${main_domain}"; +set $fontSrc "'self' data: https://${main_domain}"; +set $imgSrc "'self' data: blob: https://${main_domain}"; +set $frameSrc "'self' https://${sandbox_domain} blob:"; +set $mediaSrc "blob:"; +set $childSrc "https://${main_domain}"; +set $workerSrc "'self'"; +set $scriptSrc "'self' resource: https://${main_domain}"; +set $frameAncestors "'self' https://${main_domain}"; +set $unsafe 0; +if ($uri ~ ^\/(sheet|doc|presentation)\/inner.html.*$) { set $unsafe 1; } +if ($uri ~ ^\/common\/onlyoffice\/.*\/.*\.html.*$) { set $unsafe 1; } +if ($host != $sandbox_domain) { set $unsafe 0; } +if ($uri ~ ^\/unsafeiframe\/inner\.html.*$) { set $unsafe 1; } +if ($unsafe) { + set $scriptSrc "'self' 'unsafe-eval' 'unsafe-inline' resource: https://${main_domain}"; +} +more_set_headers "Content-Security-Policy: default-src 'none'; child-src $childSrc; worker-src $workerSrc; media-src $mediaSrc; style-src $styleSrc; script-src $scriptSrc; connect-src $connectSrc; font-src $fontSrc; img-src $imgSrc; frame-src $frameSrc; frame-ancestors $frameAncestors"; +location ^~ /cryptpad_websocket { + proxy_pass http://localhost:3000; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection upgrade; +} +location ^~ /customize.dist/ { + # This is needed in order to prevent infinite recursion between /customize/ and the root +} +location ^~ /customize/ { + rewrite ^/customize/(.*)$ $1 break; + try_files /customize/$uri /customize.dist/$uri; +} +location ~ ^/api/.*$ { + proxy_pass http://localhost:3000; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_hide_header Cross-Origin-Resource-Policy; + more_set_headers "Cross-Origin-Resource-Policy: cross-origin"; + proxy_hide_header Cross-Origin-Embedder-Policy; + more_set_headers "Cross-Origin-Embedder-Policy: require-corp"; +} +location ^~ /blob/ { + if ($request_method = 'OPTIONS') { + more_set_headers "Access-Control-Allow-Origin: '${allowed_origins}'"; + more_set_headers "Access-Control-Allow-Methods: 'GET, POST, OPTIONS'"; + more_set_headers "Access-Control-Allow-Headers: 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range'"; + more_set_headers "Access-Control-Max-Age: 1728000"; + more_set_headers "Content-Type: 'application/octet-stream; charset=utf-8'"; + more_set_headers "Content-Length: 0"; + return 204; + } + more_set_headers "X-Content-Type-Options: nosniff"; + more_set_headers "Cache-Control: max-age=31536000'"; + more_set_headers "Access-Control-Allow-Origin: '${allowed_origins}'"; + more_set_headers "Access-Control-Allow-Methods: 'GET, POST, OPTIONS'"; + more_set_headers "Access-Control-Allow-Headers: 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Content-Length'"; + more_set_headers "Access-Control-Expose-Headers: 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Content-Length'"; + try_files $uri =404; +} +location ^~ /block/ { + more_set_headers "X-Content-Type-Options: nosniff"; + more_set_headers "Cache-Control: max-age=0"; + try_files $uri =404; +} +location ~ ^/(register|login|settings|user|pad|drive|poll|slide|code|whiteboard|file|media|profile|contacts|todo|filepicker|debug|kanban|sheet|support|admin|notifications|teams|calendar|presentation|doc|form|report|convert|checkup)$ { + rewrite ^(.*)$ $1/ redirect; +} +try_files /customize/www/$uri /customize/www/$uri/index.html /www/$uri /www/$uri/index.html /customize/$uri; diff --git a/scripts/_common.sh b/scripts/_common.sh index f9d06de..af38340 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,7 +4,7 @@ # COMMON VARIABLES #================================================= -nodejs_version="14" +nodejs_version="16.14.2" #================================================= # PERSONAL HELPERS diff --git a/scripts/install b/scripts/install index 77ad500..eb995e5 100644 --- a/scripts/install +++ b/scripts/install @@ -66,6 +66,16 @@ ynh_app_setting_set --app=$app --key=port --value=$port porti=$(ynh_find_port --port=$(($port + 1))) ynh_app_setting_set --app=$app --key=porti --value=$porti +#================================================= +# CREATE A SANDBOX DOMAIN +#================================================= +sandboxdomain=sandbox-$domain +# We don't test that in CI +if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then + yunohost domain add $sandboxdomain + yunohost domain config set $sandboxdomain -a "mail_in=0&mail_out=0" +fi + #================================================= # INSTALL DEPENDENCIES #================================================= @@ -131,6 +141,8 @@ pushd "$final_path" ynh_exec_warn_less npm install --allow-root ynh_exec_warn_less npm install -g bower ynh_exec_warn_less bower install --allow-root + ynh_exec_warn_less bower update --allow-root + ynh_exec_warn_less npm run build popd #================================================= @@ -161,6 +173,36 @@ then ynh_permission_update --permission="main" --add="visitors" fi +# We authorize access to sandbox domain +# We don't test that in CI +if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then + ynh_permission_url --permission="main" --add_url=$sandboxdomain --auth_header=true + # there is a bug in core that add a slash at the end of domain in ssowat conf for uris var + # so we use ${sandboxdomain%/} to remove the eccessive trailing slash # it doesnt work + # we use jq to correct /etc/ssowat/conf.json + uri2=$sandboxdomain + touch /etc/ssowat/conf.json.persistent + cat /etc/ssowat/conf.json | jq --arg uri2 "$uri2" '(.permissions[] | select(.label=="CryptPad") | .uris[1]) |=$uri2' >> /etc/ssowat/conf.json.persistent +fi + +#================================================= +# APPLY FOLDER RIGHTS +#================================================= +chgrp -R www-data $final_path + +#================================================= +# COPY NGINX CONF IN SANDBOX DOMAIN +#================================================= +# We don't test that in CI +if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then + ynh_add_config --template="/etc/nginx/conf.d/$domain.d/cryptpad.conf" --destination="/etc/nginx/conf.d/$sandboxdomain.d/cryptpad.conf" +fi + +#================================================= +# RELOAD YUNOHOST-API to refresh web admin domains after domain creation (normal?) +#================================================= +ynh_systemd_action --service_name=yunohost-api --action=reload + #================================================= # RELOAD NGINX #================================================= @@ -175,9 +217,10 @@ ynh_script_progression --message="Sending a readme for the admin..." --weight=1 message="CryptPad was successfully installed :) -Please open your $app domain: https://$domain$path_url +We have added a sandbox domain for you but you still need to configure your DNS and generate Let's Encrypt Certificates for it. -Once CryptPad is installed, create an account via the Register button on the home page. To make this account an instance administrator: +Then you can please open your $app domain: https://$domain$path_url +Create an account via the Register button on the home page. To make this account an instance administrator: 1. Copy the public key found in User Menu (avatar at the top right) > Settings > Account > Public Signing Key 2. Paste this key in /var/www/cryptpad/config/config.js in the following array (uncomment and replace the placeholder): diff --git a/scripts/remove b/scripts/remove index e201fda..cdf4fee 100644 --- a/scripts/remove +++ b/scripts/remove @@ -64,6 +64,29 @@ ynh_script_progression --message="Removing dependencies..." --weight=3 ynh_remove_nodejs +#================================================= +# REMOVE SANDBOX DOMAIN +#================================================= +ynh_script_progression --message="Removing sandbox domain..." --weight=1 + +# We don't test that in CI +if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then + sandboxdomain=sandbox-$domain + + if yunohost domain list | grep -q $sandboxdomain + then #if domain exist we remove it + yunohost domain remove $sandboxdomain + # we clean the nginx configuration we added + ynh_secure_remove --file="/etc/nginx/conf.d/$sandboxdomain.d/" + fi +fi + + +#================================================= +# RELOAD YUNOHOST-API to refresh web admin domains after domain creation (bug core?) +#================================================= +#ynh_systemd_action --service_name=yunohost-api --action=reload + #================================================= # GENERIC FINALIZATION #================================================= diff --git a/scripts/restore b/scripts/restore index 81c92b5..8bea0d0 100644 --- a/scripts/restore +++ b/scripts/restore @@ -68,6 +68,11 @@ chmod -R o-rwx "$final_path" chown -R $app:$app "$final_path" chmod 600 "$final_path/config/config.js" +#================================================= +# APPLY FOLDER GROUP RIGHTS FOR WWW-DATA +#================================================= +chgrp -R www-data $final_path + #================================================= # REINSTALL DEPENDENCIES #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index fe89061..5aa6ad9 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -97,6 +97,21 @@ then chown -R $app:$app "$final_path" fi +#================================================= +# APPLY FOLDER GROUP RIGHTS FOR WWW-DATA +#================================================= +chgrp -R www-data $final_path + +#================================================= +# CREATE A SANDBOX DOMAIN +#================================================= +sandboxdomain=sandbox-$domain +# We don't test that in CI +if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then + yunohost domain add $sandboxdomain + yunohost domain config set $sandboxdomain -a "mail_in=0&mail_out=0" +fi + #================================================= # NGINX CONFIGURATION #================================================= @@ -122,6 +137,7 @@ pushd "$final_path" ynh_exec_warn_less npm install -g bower ynh_exec_warn_less bower update --allow-root ynh_exec_warn_less npm i + ynh_exec_warn_less npm run build popd #================================================= @@ -142,6 +158,11 @@ ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 yunohost service add $app --description="Zero Knowledge realtime collaborative editor" --log="/var/log/$app/$app.log" +#================================================= +# ADD UPGRADED CONFIG WITH SANDBOX +#================================================= +ynh_add_config --template="../conf/config.js" --destination="$final_path/config/config.js" + #================================================= # START SYSTEMD SERVICE #================================================= @@ -149,6 +170,26 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="server available" +#================================================= +# COPY NGINX CONF IN SANDBOX DOMAIN +#================================================= +# We don't test that in CI +if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then + ynh_add_config --template="/etc/nginx/conf.d/$domain.d/cryptpad.conf" --destination="/etc/nginx/conf.d/$sandboxdomain.d/cryptpad.conf" +fi + +# We authorize access to sandbox domain +# We don't test that in CI +if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then + ynh_permission_url --permission="main" --add_url=$sandboxdomain --auth_header=true + # there is a bug in core that add a slash at the end of domain in ssowat conf for uris var + # so we use ${sandboxdomain%/} to remove the eccessive trailing slash # it doesnt work + # we use jq to correct /etc/ssowat/conf.json + uri2=$sandboxdomain + touch /etc/ssowat/conf.json.persistent + cat /etc/ssowat/conf.json | jq --arg uri2 "$uri2" '(.permissions[] | select(.label=="CryptPad") | .uris[1]) |=$uri2' >> /etc/ssowat/conf.json.persistent +fi + #================================================= # RELOAD NGINX #================================================= @@ -156,6 +197,25 @@ ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload +#================================================= +# SEND A README FOR THE ADMIN +#================================================= +ynh_script_progression --message="Sending a readme for the admin..." --weight=1 + +message="CryptPad was successfully upgraded :) +We have added a sandbox domain for you but you still need to configure your DNS and generate Let's Encrypt Certificates for it !! +If not already done, then you can please open your $app domain: https://$domain$path_url +Create an account via the Register button on the home page. To make this account an instance administrator: +1. Copy the public key found in User Menu (avatar at the top right) > Settings > Account > Public Signing Key +2. Paste this key in /var/www/cryptpad/config/config.js in the following array (uncomment and replace the placeholder): +adminKeys: [ + "[cryptpad-user1@my.awesome.website/YZgXQxKR0Rcb6r6CmxHPdAGLVludrAF2lEnkbx1vVOo=]", +], +If you are facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/cryptpad_ynh" + +ynh_send_readme_to_admin "$message" + + #================================================= # END OF SCRIPT #================================================= From 3745c81a294c15b1028626b785c14ad8a8ef12b5 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Fri, 9 Dec 2022 17:01:31 +0000 Subject: [PATCH 05/32] Auto-update README --- README.md | 10 +--------- README_fr.md | 3 +-- 2 files changed, 2 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index f59e30d..9a5dcea 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,6 @@ CryptPad is a collaboration suite that is end-to-end-encrypted and open-source. **Shipped version:** 4.12.0~ynh2 - **Demo:** https://cryptpad.fr/ ## Screenshots @@ -30,14 +29,7 @@ CryptPad is a collaboration suite that is end-to-end-encrypted and open-source. ## Configuration -Once CryptPad is installed. - -We have created for you the mandatory sandbox domain. -You still need to install the certificate for it. -So first, hit the diagnosis page so we make sure your DNS configuration is correct. -Then, go into your domain SSL configuration to generate your Let's Encrypt certificate. - -Create an account via the Register button on the home page. To make this account an instance administrator: +Once CryptPad is installed, create an account via the Register button on the home page. To make this account an instance administrator: 1. Copy the public key found in User Menu (avatar at the top right) > Settings > Account > Public Signing Key 2. Paste this key in `/var/www/cryptpad/config/config.js` in the following array (uncomment and replace the placeholder): diff --git a/README_fr.md b/README_fr.md index facbe19..f7532c0 100644 --- a/README_fr.md +++ b/README_fr.md @@ -17,8 +17,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour CryptPad est une suite de collaboration chiffrée de bout en bout et open source. Il est conçu pour permettre la collaboration, en synchronisant les modifications apportées aux documents en temps réel. Étant donné que toutes les données sont chiffrées, le service et ses administrateurs n'ont aucun moyen de voir le contenu modifié et stocké. -**Version incluse :** 4.12.0~ynh2 - +**Version incluse :** 4.12.0~ynh2 **Démo :** https://cryptpad.fr/ From b25a65e89f8c452916ce535094fd6f82a173f069 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Tue, 20 Dec 2022 18:45:07 +0100 Subject: [PATCH 06/32] fix versions --- manifest.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifest.json b/manifest.json index a300426..6962236 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Zero Knowledge realtime collaborative editor", "fr": "Éditeur chiffré collaboratif en temps réel" }, - "version": "4.12.0~ynh2", + "version": "5.1.0~ynh1", "url": "https://cryptpad.fr/", "upstream": { "license": "AGPL-3.0-only", @@ -23,7 +23,7 @@ "url": "https://frju365.yunohost.support" }, "requirements": { - "yunohost": ">= 4.3.0" + "yunohost": ">= 11.0.9" }, "multi_instance": false, "services": [ From 74d6c90f6424ca641543664bb33b87cb28b1974a Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Tue, 20 Dec 2022 17:45:12 +0000 Subject: [PATCH 07/32] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 9a5dcea..7583385 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in CryptPad is a collaboration suite that is end-to-end-encrypted and open-source. It is built to enable collaboration, synchronizing changes to documents in real time. Because all data is encrypted, the service and its administrators have no way of seeing the content being edited and stored. -**Shipped version:** 4.12.0~ynh2 +**Shipped version:** 5.1.0~ynh1 **Demo:** https://cryptpad.fr/ diff --git a/README_fr.md b/README_fr.md index f7532c0..2ee328b 100644 --- a/README_fr.md +++ b/README_fr.md @@ -17,7 +17,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour CryptPad est une suite de collaboration chiffrée de bout en bout et open source. Il est conçu pour permettre la collaboration, en synchronisant les modifications apportées aux documents en temps réel. Étant donné que toutes les données sont chiffrées, le service et ses administrateurs n'ont aucun moyen de voir le contenu modifié et stocké. -**Version incluse :** 4.12.0~ynh2 +**Version incluse :** 5.1.0~ynh1 **Démo :** https://cryptpad.fr/ From 18a1ea896f30c25741147a7f9a040af94442f1b2 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sat, 31 Dec 2022 14:55:09 +0100 Subject: [PATCH 08/32] Update install --- scripts/install | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/install b/scripts/install index eb995e5..4514014 100644 --- a/scripts/install +++ b/scripts/install @@ -220,7 +220,8 @@ message="CryptPad was successfully installed :) We have added a sandbox domain for you but you still need to configure your DNS and generate Let's Encrypt Certificates for it. Then you can please open your $app domain: https://$domain$path_url -Create an account via the Register button on the home page. To make this account an instance administrator: +Once CryptPad is installed, create an account via the Sign Up button on the home page which will take you to the Register page. +To make this account an instance administrator: 1. Copy the public key found in User Menu (avatar at the top right) > Settings > Account > Public Signing Key 2. Paste this key in /var/www/cryptpad/config/config.js in the following array (uncomment and replace the placeholder): From 20fcb5cdc17a6cffa5aa628f8ef556e55a21966f Mon Sep 17 00:00:00 2001 From: Xavier Brochard Date: Thu, 19 Jan 2023 11:38:08 +0100 Subject: [PATCH 09/32] Describe it as an office suite, not only an editor Show that Cryptpad is a complete office suite, not only an editor. --- manifest.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifest.json b/manifest.json index c89aa0a..c996772 100644 --- a/manifest.json +++ b/manifest.json @@ -3,8 +3,8 @@ "id": "cryptpad", "packaging_format": 1, "description": { - "en": "Zero Knowledge realtime collaborative editor", - "fr": "Éditeur chiffré collaboratif en temps réel" + "en": "Zero Knowledge realtime collaborative office suite", + "fr": "Suite bureautique chiffrée collaborative en temps réel" }, "version": "4.12.0~ynh2", "url": "https://cryptpad.fr/", From 02a6fd7457e660254bd299e71da167e8912a3a0d Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Sun, 22 Jan 2023 13:38:18 +0000 Subject: [PATCH 10/32] Auto-update README --- README.md | 2 +- README_fr.md | 20 ++++++++++---------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 7583385..e22fc52 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ It shall NOT be edited by hand. # CryptPad for YunoHost -[![Integration level](https://dash.yunohost.org/integration/cryptpad.svg)](https://dash.yunohost.org/appci/app/cryptpad) ![Working status](https://ci-apps.yunohost.org/ci/badges/cryptpad.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/cryptpad.maintain.svg) +[![Integration level](https://dash.yunohost.org/integration/cryptpad.svg)](https://dash.yunohost.org/appci/app/cryptpad) ![Working status](https://ci-apps.yunohost.org/ci/badges/cryptpad.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/cryptpad.maintain.svg) [![Install CryptPad with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=cryptpad) *[Lire ce readme en français.](./README_fr.md)* diff --git a/README_fr.md b/README_fr.md index 2ee328b..87a2123 100644 --- a/README_fr.md +++ b/README_fr.md @@ -5,15 +5,15 @@ It shall NOT be edited by hand. # CryptPad pour YunoHost -[![Niveau d'intégration](https://dash.yunohost.org/integration/cryptpad.svg)](https://dash.yunohost.org/appci/app/cryptpad) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/cryptpad.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/cryptpad.maintain.svg) +[![Niveau d’intégration](https://dash.yunohost.org/integration/cryptpad.svg)](https://dash.yunohost.org/appci/app/cryptpad) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/cryptpad.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/cryptpad.maintain.svg) [![Installer CryptPad avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=cryptpad) *[Read this readme in english.](./README.md)* -> *Ce package vous permet d'installer CryptPad rapidement et simplement sur un serveur YunoHost. -Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* +> *Ce package vous permet d’installer CryptPad rapidement et simplement sur un serveur YunoHost. +Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l’installer et en profiter.* -## Vue d'ensemble +## Vue d’ensemble CryptPad est une suite de collaboration chiffrée de bout en bout et open source. Il est conçu pour permettre la collaboration, en synchronisant les modifications apportées aux documents en temps réel. Étant donné que toutes les données sont chiffrées, le service et ses administrateurs n'ont aucun moyen de voir le contenu modifié et stocké. @@ -21,9 +21,9 @@ CryptPad est une suite de collaboration chiffrée de bout en bout et open source **Démo :** https://cryptpad.fr/ -## Captures d'écran +## Captures d’écran -![Capture d'écran de CryptPad](./doc/screenshots/screenshot.png) +![Capture d’écran de CryptPad](./doc/screenshots/screenshot.png) ## Avertissements / informations importantes @@ -43,9 +43,9 @@ adminKeys: [ ## Documentations et ressources -* Site officiel de l'app : -* Documentation officielle de l'admin : -* Dépôt de code officiel de l'app : +* Site officiel de l’app : +* Documentation officielle de l’admin : +* Dépôt de code officiel de l’app : * Documentation YunoHost pour cette app : * Signaler un bug : @@ -61,4 +61,4 @@ ou sudo yunohost app upgrade cryptpad -u https://github.com/YunoHost-Apps/cryptpad_ynh/tree/testing --debug ``` -**Plus d'infos sur le packaging d'applications :** +**Plus d’infos sur le packaging d’applications :** \ No newline at end of file From bd660864a6f6f549fc5f697dfbed4b11e68832cd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sun, 22 Jan 2023 18:15:10 +0100 Subject: [PATCH 11/32] Update manifest.json --- manifest.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.json b/manifest.json index 6277f00..3579fea 100644 --- a/manifest.json +++ b/manifest.json @@ -4,7 +4,7 @@ "packaging_format": 1, "description": { "en": "Zero Knowledge realtime collaborative office suite", - "fr": "Suite bureautique chiffrée collaborative en temps réel" + "fr": "Suite bureautique chiffrée pour la collaboration en temps réel" }, "version": "5.1.0~ynh1", "url": "https://cryptpad.fr/", From a0ede43e3185b6eba7ff961f597075f37c5d30ad Mon Sep 17 00:00:00 2001 From: DDATAA <45762540+Ddataa@users.noreply.github.com> Date: Thu, 9 Feb 2023 13:38:54 +0000 Subject: [PATCH 12/32] Update install --- scripts/install | 26 ++++++++++++++++++++------ 1 file changed, 20 insertions(+), 6 deletions(-) diff --git a/scripts/install b/scripts/install index 4514014..cf73eeb 100644 --- a/scripts/install +++ b/scripts/install @@ -69,7 +69,22 @@ ynh_app_setting_set --app=$app --key=porti --value=$porti #================================================= # CREATE A SANDBOX DOMAIN #================================================= -sandboxdomain=sandbox-$domain + +# if the main domain for the app is a root domain, we create a correct sandbox subdomain +if [ $domain == *"."* ]; then + sandboxdomain=sandbox.$domain +fi +# if the main domain for the app is already a sub-domain, we create a correct sandbox domain +if [ $domain == *"."*"."* ]; then + sandboxdomain=sandbox-$domain +fi +# if the main domain for the app is a .local root domain, we create a correct sandbox subdomain +if [ $domain == *".local" ]; then + sandboxdomain=sandbox-$domain +fi + +ynh_script_progression --message="Setting up sandobx domain $sandboxdomain..." --weight=1 + # We don't test that in CI if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then yunohost domain add $sandboxdomain @@ -176,13 +191,12 @@ fi # We authorize access to sandbox domain # We don't test that in CI if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then - ynh_permission_url --permission="main" --add_url=$sandboxdomain --auth_header=true + ynh_permission_url --permission="main" --add_url=re:$sandboxdomain --auth_header=true # there is a bug in core that add a slash at the end of domain in ssowat conf for uris var - # so we use ${sandboxdomain%/} to remove the eccessive trailing slash # it doesnt work # we use jq to correct /etc/ssowat/conf.json - uri2=$sandboxdomain - touch /etc/ssowat/conf.json.persistent - cat /etc/ssowat/conf.json | jq --arg uri2 "$uri2" '(.permissions[] | select(.label=="CryptPad") | .uris[1]) |=$uri2' >> /etc/ssowat/conf.json.persistent + #uri2=$sandboxdomain + #touch /etc/ssowat/conf.json.persistent + #cat /etc/ssowat/conf.json | jq --arg uri2 "$uri2" '(.permissions[] | select(.label=="CryptPad") | .uris[1]) |=$uri2' >> /etc/ssowat/conf.json.persistent fi #================================================= From 4fd449669b75f72335dcc00ad6e4451150c15908 Mon Sep 17 00:00:00 2001 From: DDATAA <45762540+Ddataa@users.noreply.github.com> Date: Thu, 9 Feb 2023 13:42:40 +0000 Subject: [PATCH 13/32] Update install --- scripts/install | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/install b/scripts/install index cf73eeb..ba54c9a 100644 --- a/scripts/install +++ b/scripts/install @@ -71,15 +71,15 @@ ynh_app_setting_set --app=$app --key=porti --value=$porti #================================================= # if the main domain for the app is a root domain, we create a correct sandbox subdomain -if [ $domain == *"."* ]; then +if [[ $domain == *"."* ]]; then sandboxdomain=sandbox.$domain fi # if the main domain for the app is already a sub-domain, we create a correct sandbox domain -if [ $domain == *"."*"."* ]; then +if [[ $domain == *"."*"."* ]]; then sandboxdomain=sandbox-$domain fi # if the main domain for the app is a .local root domain, we create a correct sandbox subdomain -if [ $domain == *".local" ]; then +if [[ $domain == *".local" ]]; then sandboxdomain=sandbox-$domain fi From a8c95bce23aff2d45b42681b0f921b08a345cfb0 Mon Sep 17 00:00:00 2001 From: DDATAA <45762540+Ddataa@users.noreply.github.com> Date: Thu, 9 Feb 2023 14:33:31 +0000 Subject: [PATCH 14/32] Update install --- scripts/install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install b/scripts/install index ba54c9a..40713fb 100644 --- a/scripts/install +++ b/scripts/install @@ -191,7 +191,7 @@ fi # We authorize access to sandbox domain # We don't test that in CI if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then - ynh_permission_url --permission="main" --add_url=re:$sandboxdomain --auth_header=true + ynh_permission_url --permission="main" --add_url=$sandboxdomain --auth_header=true # there is a bug in core that add a slash at the end of domain in ssowat conf for uris var # we use jq to correct /etc/ssowat/conf.json #uri2=$sandboxdomain From 315ad582d2f59b3061bf0c8f170aea4e74db2c27 Mon Sep 17 00:00:00 2001 From: DDATAA <45762540+Ddataa@users.noreply.github.com> Date: Thu, 9 Feb 2023 14:43:33 +0000 Subject: [PATCH 15/32] Update remove --- scripts/remove | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/scripts/remove b/scripts/remove index cdf4fee..6a1ae2e 100644 --- a/scripts/remove +++ b/scripts/remove @@ -67,12 +67,25 @@ ynh_remove_nodejs #================================================= # REMOVE SANDBOX DOMAIN #================================================= -ynh_script_progression --message="Removing sandbox domain..." --weight=1 # We don't test that in CI if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then - sandboxdomain=sandbox-$domain - + + # if the main domain for the app is a root domain, we create a correct sandbox subdomain + if [[ $domain == *"."* ]]; then + sandboxdomain=sandbox.$domain + fi + # if the main domain for the app is already a sub-domain, we create a correct sandbox domain + if [[ $domain == *"."*"."* ]]; then + sandboxdomain=sandbox-$domain + fi + # if the main domain for the app is a .local root domain, we create a correct sandbox subdomain + if [[ $domain == *".local" ]]; then + sandboxdomain=sandbox-$domain + fi + + ynh_script_progression --message="Removing sandbox domain : $sandboxdomain" --weight=1 + if yunohost domain list | grep -q $sandboxdomain then #if domain exist we remove it yunohost domain remove $sandboxdomain From c007140415cdecfdea2800268a3eb6cee7e414ac Mon Sep 17 00:00:00 2001 From: DDATAA <45762540+Ddataa@users.noreply.github.com> Date: Thu, 9 Feb 2023 14:43:37 +0000 Subject: [PATCH 16/32] Update install --- scripts/install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install b/scripts/install index 40713fb..618abc5 100644 --- a/scripts/install +++ b/scripts/install @@ -83,7 +83,7 @@ if [[ $domain == *".local" ]]; then sandboxdomain=sandbox-$domain fi -ynh_script_progression --message="Setting up sandobx domain $sandboxdomain..." --weight=1 +ynh_script_progression --message="Setting up sandobx domain : $sandboxdomain" --weight=1 # We don't test that in CI if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then From cf3bd348377abdc888372ff4acce19814a4cce2c Mon Sep 17 00:00:00 2001 From: DDATAA <45762540+Ddataa@users.noreply.github.com> Date: Thu, 9 Feb 2023 15:29:58 +0000 Subject: [PATCH 17/32] Update nginx.conf --- conf/nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 9aeb854..30bfdb0 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,5 +1,5 @@ set $main_domain "__DOMAIN__"; -set $sandbox_domain "sandbox-__DOMAIN__"; +set $sandbox_domain "__SANDBOXDOMAIN__"; set $allowed_origins "https://${sandbox_domain}"; set $api_domain "__DOMAIN__"; set $files_domain "__DOMAIN__"; From 8e0206cc7c21a5f60d6992c477ec2dca194d1c51 Mon Sep 17 00:00:00 2001 From: DDATAA <45762540+Ddataa@users.noreply.github.com> Date: Thu, 9 Feb 2023 16:12:57 +0000 Subject: [PATCH 18/32] Update install --- scripts/install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install b/scripts/install index 618abc5..e8baf4c 100644 --- a/scripts/install +++ b/scripts/install @@ -231,7 +231,7 @@ ynh_script_progression --message="Sending a readme for the admin..." --weight=1 message="CryptPad was successfully installed :) -We have added a sandbox domain for you but you still need to configure your DNS and generate Let's Encrypt Certificates for it. +We have added a sandbox domain : $sandboxdomain for you but you still need to configure your DNS and generate Let's Encrypt Certificates for it. Then you can please open your $app domain: https://$domain$path_url Once CryptPad is installed, create an account via the Sign Up button on the home page which will take you to the Register page. From 6f4d8abb480faf7c0cf021dd02ea17984972ed5e Mon Sep 17 00:00:00 2001 From: DDATAA <45762540+Ddataa@users.noreply.github.com> Date: Fri, 10 Feb 2023 09:55:57 +0000 Subject: [PATCH 19/32] Update install --- scripts/install | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/scripts/install b/scripts/install index e8baf4c..51dd891 100644 --- a/scripts/install +++ b/scripts/install @@ -192,11 +192,6 @@ fi # We don't test that in CI if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then ynh_permission_url --permission="main" --add_url=$sandboxdomain --auth_header=true - # there is a bug in core that add a slash at the end of domain in ssowat conf for uris var - # we use jq to correct /etc/ssowat/conf.json - #uri2=$sandboxdomain - #touch /etc/ssowat/conf.json.persistent - #cat /etc/ssowat/conf.json | jq --arg uri2 "$uri2" '(.permissions[] | select(.label=="CryptPad") | .uris[1]) |=$uri2' >> /etc/ssowat/conf.json.persistent fi #================================================= @@ -231,6 +226,8 @@ ynh_script_progression --message="Sending a readme for the admin..." --weight=1 message="CryptPad was successfully installed :) +READ CAREFULLY !! + We have added a sandbox domain : $sandboxdomain for you but you still need to configure your DNS and generate Let's Encrypt Certificates for it. Then you can please open your $app domain: https://$domain$path_url From 6e8b435075866a1c0f6fefe4ca7665c11d9268f4 Mon Sep 17 00:00:00 2001 From: DDATAA <45762540+Ddataa@users.noreply.github.com> Date: Fri, 10 Feb 2023 10:32:33 +0000 Subject: [PATCH 20/32] Update app.src --- conf/app.src | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/conf/app.src b/conf/app.src index aed8119..65512e9 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/xwiki-labs/cryptpad/archive/5.1.0.tar.gz -SOURCE_SUM=e8971f8a6439958e8328a8433a696e5ae3915740c5f93cfce9a13776edd83084 +SOURCE_URL=https://github.com/xwiki-labs/cryptpad/archive/5.2.1.tar.gz +SOURCE_SUM=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true From a0eabe2d53ecc5d786ccae1e1a93e6c7390cdd74 Mon Sep 17 00:00:00 2001 From: DDATAA <45762540+Ddataa@users.noreply.github.com> Date: Fri, 10 Feb 2023 10:56:14 +0000 Subject: [PATCH 21/32] Update app.src --- conf/app.src | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/app.src b/conf/app.src index 65512e9..2ab7c07 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ SOURCE_URL=https://github.com/xwiki-labs/cryptpad/archive/5.2.1.tar.gz -SOURCE_SUM=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 +SOURCE_SUM=945abe5bae0da25a4e2ef8e02730aaa5bb5e5a0b8bfd7a23a09ec38422d7c47f SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true From 630b30102630de6f9df37872ca19a80424385b7b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 10 Feb 2023 12:04:06 +0100 Subject: [PATCH 22/32] Update app.src --- conf/app.src | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/app.src b/conf/app.src index 65512e9..2ab7c07 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ SOURCE_URL=https://github.com/xwiki-labs/cryptpad/archive/5.2.1.tar.gz -SOURCE_SUM=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 +SOURCE_SUM=945abe5bae0da25a4e2ef8e02730aaa5bb5e5a0b8bfd7a23a09ec38422d7c47f SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true From 57afe236bdd3d3e162bf213d9a418bf2f6ad67c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 10 Feb 2023 12:04:30 +0100 Subject: [PATCH 23/32] Update manifest.json --- manifest.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.json b/manifest.json index 3579fea..4b84a7a 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Zero Knowledge realtime collaborative office suite", "fr": "Suite bureautique chiffrée pour la collaboration en temps réel" }, - "version": "5.1.0~ynh1", + "version": "5.2.1~ynh1", "url": "https://cryptpad.fr/", "upstream": { "license": "AGPL-3.0-only", From 016f7ecc6513bc3e58ae2da5471686d40730dcd5 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Fri, 10 Feb 2023 11:04:34 +0000 Subject: [PATCH 24/32] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index e22fc52..63f1d74 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in CryptPad is a collaboration suite that is end-to-end-encrypted and open-source. It is built to enable collaboration, synchronizing changes to documents in real time. Because all data is encrypted, the service and its administrators have no way of seeing the content being edited and stored. -**Shipped version:** 5.1.0~ynh1 +**Shipped version:** 5.2.1~ynh1 **Demo:** https://cryptpad.fr/ diff --git a/README_fr.md b/README_fr.md index 87a2123..51ca4e9 100644 --- a/README_fr.md +++ b/README_fr.md @@ -17,7 +17,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po CryptPad est une suite de collaboration chiffrée de bout en bout et open source. Il est conçu pour permettre la collaboration, en synchronisant les modifications apportées aux documents en temps réel. Étant donné que toutes les données sont chiffrées, le service et ses administrateurs n'ont aucun moyen de voir le contenu modifié et stocké. -**Version incluse :** 5.1.0~ynh1 +**Version incluse :** 5.2.1~ynh1 **Démo :** https://cryptpad.fr/ From 472a01ec0057d7c654368b629dd67edceeff6be3 Mon Sep 17 00:00:00 2001 From: DDATAA <45762540+Ddataa@users.noreply.github.com> Date: Fri, 10 Feb 2023 11:13:59 +0000 Subject: [PATCH 25/32] Update upgrade --- scripts/upgrade | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index 5aa6ad9..2d0e277 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -105,7 +105,21 @@ chgrp -R www-data $final_path #================================================= # CREATE A SANDBOX DOMAIN #================================================= -sandboxdomain=sandbox-$domain +# if the main domain for the app is a root domain, we create a correct sandbox subdomain +if [[ $domain == *"."* ]]; then + sandboxdomain=sandbox.$domain +fi +# if the main domain for the app is already a sub-domain, we create a correct sandbox domain +if [[ $domain == *"."*"."* ]]; then + sandboxdomain=sandbox-$domain +fi +# if the main domain for the app is a .local root domain, we create a correct sandbox subdomain +if [[ $domain == *".local" ]]; then + sandboxdomain=sandbox-$domain +fi + +ynh_script_progression --message="Setting up sandobx domain : $sandboxdomain" --weight=1 + # We don't test that in CI if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then yunohost domain add $sandboxdomain @@ -182,12 +196,6 @@ fi # We don't test that in CI if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then ynh_permission_url --permission="main" --add_url=$sandboxdomain --auth_header=true - # there is a bug in core that add a slash at the end of domain in ssowat conf for uris var - # so we use ${sandboxdomain%/} to remove the eccessive trailing slash # it doesnt work - # we use jq to correct /etc/ssowat/conf.json - uri2=$sandboxdomain - touch /etc/ssowat/conf.json.persistent - cat /etc/ssowat/conf.json | jq --arg uri2 "$uri2" '(.permissions[] | select(.label=="CryptPad") | .uris[1]) |=$uri2' >> /etc/ssowat/conf.json.persistent fi #================================================= From 11dce9b909d484755192166c5c14bb67b56e37c7 Mon Sep 17 00:00:00 2001 From: DDATAA <45762540+Ddataa@users.noreply.github.com> Date: Fri, 10 Feb 2023 14:36:15 +0000 Subject: [PATCH 26/32] Update config.js --- conf/config.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/config.js b/conf/config.js index 41b1075..5488347 100644 --- a/conf/config.js +++ b/conf/config.js @@ -324,5 +324,5 @@ module.exports = { * such as Docker. * */ - installMethod: 'unspecified', + installMethod: 'yunohost', }; From 9579f2749bd616345bb052b08b56208ccf660828 Mon Sep 17 00:00:00 2001 From: DDATAA <45762540+Ddataa@users.noreply.github.com> Date: Fri, 10 Feb 2023 14:46:42 +0000 Subject: [PATCH 27/32] Update install --- scripts/install | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/install b/scripts/install index 51dd891..f3fcddf 100644 --- a/scripts/install +++ b/scripts/install @@ -228,7 +228,8 @@ message="CryptPad was successfully installed :) READ CAREFULLY !! -We have added a sandbox domain : $sandboxdomain for you but you still need to configure your DNS and generate Let's Encrypt Certificates for it. +We have added a sandbox domain : $sandboxdomain for you but you still need to configure your DNS and generate the Let's Encrypt Certificates for it. +You will need also to restart CryptPad service after this is done. Then you can please open your $app domain: https://$domain$path_url Once CryptPad is installed, create an account via the Sign Up button on the home page which will take you to the Register page. From 1a22e036fc630e0f4f9d97fde2284d0397682cd3 Mon Sep 17 00:00:00 2001 From: Robles Rodolphe Date: Sun, 12 Feb 2023 17:21:22 +0100 Subject: [PATCH 28/32] keep customize folder --- scripts/upgrade | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade b/scripts/upgrade index 2d0e277..412f82e 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -90,7 +90,7 @@ then ynh_script_progression --message="Upgrading source files..." --weight=1 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" --keep="config/config.js" + ynh_setup_source --dest_dir="$final_path" --keep="config/config.js /customize" chmod 750 "$final_path" chmod -R o-rwx "$final_path" From fef096a3ca6705365be43dcba738063aa9f6a5c5 Mon Sep 17 00:00:00 2001 From: Robles Rodolphe Date: Sun, 12 Feb 2023 20:52:33 +0100 Subject: [PATCH 29/32] update --- scripts/upgrade | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade b/scripts/upgrade index 412f82e..4d1d69d 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -90,7 +90,7 @@ then ynh_script_progression --message="Upgrading source files..." --weight=1 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" --keep="config/config.js /customize" + ynh_setup_source --dest_dir="$final_path" --keep="config/config.js customize/" chmod 750 "$final_path" chmod -R o-rwx "$final_path" From 96c8cb4ae27b754052076dc852f5e2ac67e39072 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Mon, 13 Feb 2023 08:22:36 +0000 Subject: [PATCH 30/32] Auto-update README --- README.md | 1 + README_fr.md | 1 + 2 files changed, 2 insertions(+) diff --git a/README.md b/README.md index 63f1d74..09a9d66 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,7 @@ It shall NOT be edited by hand. # CryptPad for YunoHost [![Integration level](https://dash.yunohost.org/integration/cryptpad.svg)](https://dash.yunohost.org/appci/app/cryptpad) ![Working status](https://ci-apps.yunohost.org/ci/badges/cryptpad.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/cryptpad.maintain.svg) + [![Install CryptPad with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=cryptpad) *[Lire ce readme en français.](./README_fr.md)* diff --git a/README_fr.md b/README_fr.md index 51ca4e9..0d97673 100644 --- a/README_fr.md +++ b/README_fr.md @@ -6,6 +6,7 @@ It shall NOT be edited by hand. # CryptPad pour YunoHost [![Niveau d’intégration](https://dash.yunohost.org/integration/cryptpad.svg)](https://dash.yunohost.org/appci/app/cryptpad) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/cryptpad.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/cryptpad.maintain.svg) + [![Installer CryptPad avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=cryptpad) *[Read this readme in english.](./README.md)* From ff607f61bd0982139a6467c092533fde56368bb7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Mon, 13 Feb 2023 10:54:49 +0100 Subject: [PATCH 31/32] Bump requirements --- manifest.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.json b/manifest.json index 4b84a7a..04b968a 100644 --- a/manifest.json +++ b/manifest.json @@ -23,7 +23,7 @@ "url": "https://frju365.yunohost.support" }, "requirements": { - "yunohost": ">= 11.0.9" + "yunohost": ">= 11.1.6" }, "multi_instance": false, "services": [ From 0c6ad8e2379c9a2ae0a9a4f5442161cfbc258866 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Mon, 13 Feb 2023 10:56:17 +0100 Subject: [PATCH 32/32] Update config.js --- conf/config.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/config.js b/conf/config.js index 5488347..3b3d188 100644 --- a/conf/config.js +++ b/conf/config.js @@ -72,7 +72,7 @@ module.exports = { * * CUSTOMIZE AND UNCOMMENT THIS FOR PRODUCTION INSTALLATIONS. */ - httpSafeOrigin: "https://sandbox-__DOMAIN__", + httpSafeOrigin: "https://__SANDBOXDOMAIN__", /* httpAddress specifies the address on which the nodejs server * should be accessible. By default it will listen on 127.0.0.1