Merge pull request #24 from YunoHost-Apps/testing

Testing

README.md

@@ -22,7 +22,7 @@ Be aware, Redis database backup and restore is not fully implemented.
 If you want to install Etherpad with plugins and mysql database: https://github.com/YunoHost-Apps/etherpad_mypads_ynh",
 
 
-**Shipped version:** 1.9.2~ynh1
+**Shipped version:** 1.9.3~ynh1
 
 **Demo:** https://video.etherpad.com/
 
@@ -33,7 +33,7 @@ If you want to install Etherpad with plugins and mysql database: https://github.
 ## Documentation and resources
 
 * Official app website: <https://etherpad.org/>
-* Official admin documentation: <http://etherpad.org/doc/v1.9.2>
+* Official admin documentation: <http://etherpad.org/doc/v1.9.3>
 * Upstream app code repository: <https://github.com/ether/etherpad-lite>
 * YunoHost documentation for this app: <https://yunohost.org/app_etherpad>
 * Report a bug: <https://github.com/YunoHost-Apps/etherpad_ynh/issues>

README_fr.md

@@ -22,7 +22,7 @@ Attention, la sauvegarde et la restauration de la base de données Redis ne sont
 Si vous souhaitez installer Etherpad avec les plugins et la base de données mysql : https://github.com/YunoHost-Apps/etherpad_mypads_ynh",
 
 
-**Version incluse :** 1.9.2~ynh1
+**Version incluse :** 1.9.3~ynh1
 
 **Démo :** https://video.etherpad.com/
 
@@ -33,7 +33,7 @@ Si vous souhaitez installer Etherpad avec les plugins et la base de données mys
 ## Documentations et ressources
 
 * Site officiel de l’app : <https://etherpad.org/>
-* Documentation officielle de l’admin : <http://etherpad.org/doc/v1.9.2>
+* Documentation officielle de l’admin : <http://etherpad.org/doc/v1.9.3>
 * Dépôt de code officiel de l’app : <https://github.com/ether/etherpad-lite>
 * Documentation YunoHost pour cette app : <https://yunohost.org/app_etherpad>
 * Signaler un bug : <https://github.com/YunoHost-Apps/etherpad_ynh/issues>

conf/nginx.conf

@@ -1,21 +1,24 @@
 #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
 location __PATH__/ {
 
-  proxy_pass         http://127.0.0.1:__PORT__/;
-  proxy_set_header   Host $host;
-  proxy_pass_header  Server;
+    proxy_pass         http://127.0.0.1:__PORT__/;
+    proxy_set_header   Host $host;
+    proxy_pass_header  Server;
 
-  proxy_buffering off;
-  more_set_headers "X-Frame-Options : ALLOWALL";
-  proxy_set_header X-Real-IP $remote_addr;       # http://wiki.nginx.org/HttpProxyModule
-  proxy_set_header X-Forwarded-For $remote_addr; # EP logs to show the actual remote IP
-  proxy_set_header X-Forwarded-Proto $scheme;    # for EP to set secure cookie flag when https is used
-  proxy_set_header Host $host;                   # pass the host header
-  proxy_http_version 1.1;                        # recommended with keepalive connections
+    proxy_buffering off;
+    more_set_headers "X-Frame-Options : ALLOWALL";
+    proxy_set_header X-Real-IP $remote_addr;       # http://wiki.nginx.org/HttpProxyModule
+    proxy_set_header X-Forwarded-For $remote_addr; # EP logs to show the actual remote IP
+    proxy_set_header X-Forwarded-Proto $scheme;    # for EP to set secure cookie flag when https is used
+    proxy_set_header Host $host;                   # pass the host header
+    proxy_http_version 1.1;                        # recommended with keepalive connections
   
-  # WebSocket proxying - from http://nginx.org/en/docs/http/websocket.html
-  proxy_set_header Upgrade $http_upgrade;
-  proxy_set_header Connection $connection_upgrade;
+    # WebSocket proxying - from http://nginx.org/en/docs/http/websocket.html
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection $connection_upgrade;
+
+    # Include SSOWAT user panel.
+    include conf.d/yunohost_panel.conf.inc;
 }
 
 location ~* __PATH__/p/[^/]*(_|%|\*)[^/]*/export/etherpad {

conf/settings.json

@@ -204,8 +204,8 @@
     "showChat":         true,
     "showLineNumbers":  true,
     "useMonospaceFont": false,
-    "userName":         false,
-    "userColor":        false,
+    "userName":         null,
+    "userColor":        null,
     "rtl":              false,
     "alwaysShowChat":   false,
     "chatAndUsers":     false,
@@ -333,6 +333,22 @@
    * Settings controlling the session cookie issued by Etherpad.
    */
   "cookie": {
+    /*
+     * How often (in milliseconds) the key used to sign the express_sid cookie
+     * should be rotated. Long rotation intervals reduce signature verification
+     * overhead (because there are fewer historical keys to check) and database
+     * load (fewer historical keys to store, and less frequent queries to
+     * get/update the keys). Short rotation intervals are slightly more secure.
+     *
+     * Multiple Etherpad processes sharing the same database (table) is
+     * supported as long as the clock sync error is significantly less than this
+     * value.
+     *
+     * Key rotation can be disabled (not recommended) by setting this to 0 or
+     * null, or by disabling session expiration (see sessionLifetime).
+     */
+    "keyRotationInterval": 86400000, // = 1d * 24h/d * 60m/h * 60s/m * 1000ms/s
+
     /*
      * Value of the SameSite cookie property. "Lax" is recommended unless
      * Etherpad will be embedded in an iframe from another site, in which case
@@ -344,7 +360,51 @@
      * significant usability drawbacks vs. "Lax". See
      * https://stackoverflow.com/q/41841880 for discussion.
      */
-    "sameSite": "Lax"
+    "sameSite": "Lax",
+
+    /*
+     * How long (in milliseconds) after navigating away from Etherpad before the
+     * user is required to log in again. (The express_sid cookie is set to
+     * expire at time now + sessionLifetime when first created, and its
+     * expiration time is periodically refreshed to a new now + sessionLifetime
+     * value.) If requireAuthentication is false then this value does not really
+     * matter.
+     *
+     * The "best" value depends on your users' usage patterns and the amount of
+     * convenience you desire. A long lifetime is more convenient (users won't
+     * have to log back in as often) but has some drawbacks:
+     *   - It increases the amount of state kept in the database.
+     *   - It might weaken security somewhat: The cookie expiration is refreshed
+     *     indefinitely without consulting authentication or authorization
+     *     hooks, so once a user has accessed a pad, the user can continue to
+     *     use the pad until the user leaves for longer than sessionLifetime.
+     *   - More historical keys (sessionLifetime / keyRotationInterval) must be
+     *     checked when verifying signatures.
+     *
+     * Session lifetime can be set to infinity (not recommended) by setting this
+     * to null or 0. Note that if the session does not expire, most browsers
+     * will delete the cookie when the browser exits, but a session record is
+     * kept in the database forever.
+     */
+    "sessionLifetime": 864000000, // = 10d * 24h/d * 60m/h * 60s/m * 1000ms/s
+
+    /*
+     * How long (in milliseconds) before the expiration time of an active user's
+     * session is refreshed (to now + sessionLifetime). This setting affects the
+     * following:
+     *   - How often a new session expiration time will be written to the
+     *     database.
+     *   - How often each user's browser will ping the Etherpad server to
+     *     refresh the expiration time of the session cookie.
+     *
+     * High values reduce the load on the database and the load from browsers,
+     * but can shorten the effective session lifetime if Etherpad is restarted
+     * or the user navigates away.
+     *
+     * Automatic session refreshes can be disabled (not recommended) by setting
+     * this to null.
+     */
+    "sessionRefreshInterval": 86400000 // = 1d * 24h/d * 60m/h * 60s/m * 1000ms/s
   },
 
   /*
@@ -519,7 +579,6 @@
     "points": 10
   },
 
-
   /*
    * Toolbar buttons configuration.
    *
@@ -563,5 +622,10 @@
   "customLocaleStrings": {},
 
   /* Disable Admin UI tests */
-  "enableAdminUITests": false
+  "enableAdminUITests": false,
+
+  /*
+   * Enable/Disable case-insensitive pad names.
+   */
+  "lowerCasePadIds": false
 }

conf/systemd.service

@@ -1,5 +1,5 @@
 [Unit]
-Description=Etherpad-lite: Collaborative editor
+Description=Etherpad-lite: collaborative editor
 After=syslog.target network.target postgresql.service
 
 [Service]

doc/ADMIN.md

@@ -1,3 +1,3 @@
 You can access Etherpad's admin panel at `__DOMAIN____PATH__/admin`. The configuration file for Etherpad is at the path `__INSTALL_DIR__/settings.json`.
 
-*Skin Builder* (accessible at this address `domain.tld/pad/p/test#skinvariantsbuilder`) allows you to customize the skin of your pad. It will give you a parameter to copy into your configuration file `__INSTALL_DIR__/settings.json`.
+*Skin Builder* (accessible at this address `__DOMAIN____PATH__/pad/p/test#skinvariantsbuilder`) allows you to customize the skin of your pad. It will give you a parameter to copy into your configuration file `__INSTALL_DIR__/settings.json`.

manifest.toml

@@ -5,7 +5,7 @@ name = "Etherpad"
 description.en = "Online editor providing collaborative editing in real-time"
 description.fr = "Éditeur en ligne fournissant l'édition collaborative en temps réel"
 
-version = "1.9.2~ynh1"
+version = "1.9.4~ynh1"
 
 maintainers = ["eric_G"]
 
@@ -13,7 +13,7 @@ maintainers = ["eric_G"]
 license = "Apache-2.0"
 website = "https://etherpad.org/"
 demo = "https://video.etherpad.com/"
-admindoc = "http://etherpad.org/doc/v1.9.2"
+admindoc = "http://etherpad.org/doc/v1.9.3"
 code = "https://github.com/ether/etherpad-lite"
 
 [integration]
@@ -60,8 +60,8 @@ ram.runtime = "50M"
 
 [resources]
         [resources.sources.main]
-        url = "https://github.com/ether/etherpad-lite/archive/1.9.2.tar.gz"
-        sha256 = "7d8168cdb6d6ca84ee48978e8c654f75703d6431203c756ba55c50aa54cc75a3"
+        url = "https://github.com/ether/etherpad-lite/archive/refs/tags/v1.9.4.tar.gz"
+        sha256 = "5b8ccf2a3c92cbd9bb578f684bc52d2ea27fc3fb30cdc76341f9ccffe0c0ff7f"
         autoupdate.strategy = "latest_github_tag"
 
     [resources.ports]
@@ -75,9 +75,10 @@ ram.runtime = "50M"
     admin.url = "/admin"
     admin.allowed = ["admins"]
     admin.auth_header = false
+    admin.show_tile = false
 
     [resources.apt]
-    packages = "mariadb-server"
+    packages = ""
     
     packages_from_raw_bash = """
           if [[ "$export" == "libreoffice" ]]