mirror of
https://github.com/YunoHost-Apps/rainloop_ynh.git
synced 2024-09-03 20:16:18 +02:00
PGPback
Allows user to backup/restore their PGP private keys from the browser storage to the server using https://github.com/chtixof/pgpback_ynh
This commit is contained in:
parent
6d59347886
commit
c17c585a01
6 changed files with 129 additions and 2 deletions
|
@ -16,6 +16,8 @@ Each user can add a remote carddav server from their own parameters interface.
|
||||||
- If you use baikal, the CardDav address is: https://DOMAIN.TLD/baikal/card.php/addressbooks/USER/default/
|
- If you use baikal, the CardDav address is: https://DOMAIN.TLD/baikal/card.php/addressbooks/USER/default/
|
||||||
- If you use NextCloud, the CardDav address is: https://DOMAIN.TLD/nextcloud/remote.php/carddav/addressbooks/USER/contacts
|
- If you use NextCloud, the CardDav address is: https://DOMAIN.TLD/nextcloud/remote.php/carddav/addressbooks/USER/contacts
|
||||||
|
|
||||||
|
Rainloop saves your PGP private keys in the browser storage. This means that you will loose your private keys if you clear your browser storage (e.g., private browsing, different computer...). This packages integrates [PGPback by chtixof](https://github.com/chtixof/pgpback_ynh) so you can store your PGP private keys on the server securely. Go to **http://DOMAIN.TLD/rainloop/pgpback** to backup your PGP keys on the server or restore them.
|
||||||
|
|
||||||
To upgrade the app once a new rainloop version is available, simply run in a local shell via ssh or otherwise :
|
To upgrade the app once a new rainloop version is available, simply run in a local shell via ssh or otherwise :
|
||||||
``sudo yunohost app upgrade -u https://github.com/YunoHost-Apps/rainloop_ynh rainloop``
|
``sudo yunohost app upgrade -u https://github.com/YunoHost-Apps/rainloop_ynh rainloop``
|
||||||
|
|
||||||
|
@ -34,6 +36,7 @@ Chaque utilisateur peut ajouter un carnet d'adresse distant CardDav via leur pro
|
||||||
- Si vous utilisez Baikal, l'adresse à renseigner est du type : https://DOMAIN.TLD/baikal/card.php/addressbooks/UTILISATEUR/default/
|
- Si vous utilisez Baikal, l'adresse à renseigner est du type : https://DOMAIN.TLD/baikal/card.php/addressbooks/UTILISATEUR/default/
|
||||||
- Si vous utilisez NextCloud, l'adresse à renseigner est du type : https://DOMAIN.TLD/nextcloud/remote.php/carddav/addressbooks/USER/contacts
|
- Si vous utilisez NextCloud, l'adresse à renseigner est du type : https://DOMAIN.TLD/nextcloud/remote.php/carddav/addressbooks/USER/contacts
|
||||||
|
|
||||||
|
Rainloop stocke les clés PGP privées dans le stockage de navigateur. Cela implique que vos clés seront perdues quand vous videz le stockage de navigateur (navigation incognito, changement d'ordinateur, ...). Ce paquet intègre [PGPback de chtixof](https://github.com/chtixof/pgpback_ynh) pour que vous puissiez stocker vos clés privées PGP de manière sécurisée sur le serveur. Rendez-vous **http://DOMAIN.TLD/rainloop/pgpback** pour stocker vos clés privées PGP sur le serveur ou les restaurer dans un nouveau navigateur.
|
||||||
|
|
||||||
Pour mettre à jour rainloop lorsqu'une nouvelle version est disponible, lancez en console locale (ssh ou autre) :
|
Pour mettre à jour rainloop lorsqu'une nouvelle version est disponible, lancez en console locale (ssh ou autre) :
|
||||||
``sudo yunohost app upgrade -u https://github.com/YunoHost-Apps/rainloop_ynh rainloop``
|
``sudo yunohost app upgrade -u https://github.com/YunoHost-Apps/rainloop_ynh rainloop``
|
||||||
|
|
|
@ -8,9 +8,13 @@ location PATHTOCHANGE {
|
||||||
location ^~ PATHTOCHANGE/app/data {
|
location ^~ PATHTOCHANGE/app/data {
|
||||||
deny all;
|
deny all;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
location ^~ PATHTOCHANGE/pgpback/keys {
|
||||||
|
deny all;
|
||||||
|
}
|
||||||
|
|
||||||
client_max_body_size 10G;
|
client_max_body_size 10G;
|
||||||
index index.php;
|
index index.php index.html;
|
||||||
try_files $uri $uri/ index.php;
|
try_files $uri $uri/ index.php;
|
||||||
location ~ [^/]\.php(/|$) {
|
location ~ [^/]\.php(/|$) {
|
||||||
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||||
|
|
|
@ -109,10 +109,13 @@
|
||||||
sudo cp ../conf/data/domains/default.ini $rainloop_path/data/_data_/_default_/domains/default.ini
|
sudo cp ../conf/data/domains/default.ini $rainloop_path/data/_data_/_default_/domains/default.ini
|
||||||
|
|
||||||
# install SSO - at the moment the index is the SSO and rainloop is installed in /app
|
# install SSO - at the moment the index is the SSO and rainloop is installed in /app
|
||||||
sudo cp ../sources/sso/sso.php $final_path/index.php
|
sudo cp ../sources/sso/sso.php $final_path/index.php
|
||||||
sudo sed -i "s@domain.tld@$domain@g" $final_path/index.php
|
sudo sed -i "s@domain.tld@$domain@g" $final_path/index.php
|
||||||
sudo sed -i "s@PATHTOCHANGE@$path@g" $final_path/index.php
|
sudo sed -i "s@PATHTOCHANGE@$path@g" $final_path/index.php
|
||||||
|
|
||||||
|
# Install PGPback by chtixof to allow users to backup/restore their PGP private keys on the server
|
||||||
|
sudo cp -rf ../sources/pgpback $final_path/.
|
||||||
|
|
||||||
# Set permissions to rainloop directory
|
# Set permissions to rainloop directory
|
||||||
sudo find $final_path/. -type d -exec chmod 755 {} \;
|
sudo find $final_path/. -type d -exec chmod 755 {} \;
|
||||||
sudo find $final_path/. -type f -exec chmod 644 {} \;
|
sudo find $final_path/. -type f -exec chmod 644 {} \;
|
||||||
|
|
23
sources/pgpback/fav.php
Normal file
23
sources/pgpback/fav.php
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
<?php
|
||||||
|
$text=file_get_contents('php://input');
|
||||||
|
$user=$_SERVER["PHP_AUTH_USER"];
|
||||||
|
$file='keys/pk_'.$user.'.json';
|
||||||
|
if ($user=="") {
|
||||||
|
$out='{"rc":-2,"pk":[]}';
|
||||||
|
|
||||||
|
} else if ($text=="") {
|
||||||
|
$fread=file_get_contents($file);
|
||||||
|
if ($fread==""){
|
||||||
|
$out='{"rc":-3,"pk":[]}';
|
||||||
|
} else {
|
||||||
|
$out='{"rc":-1,"pk":'.file_get_contents($file).'}';
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$fstatus=file_put_contents($file,$text) ;
|
||||||
|
$out='{"rc":'.$fstatus.',"pk":[]}';
|
||||||
|
}
|
||||||
|
header("Cache-Control: no-cache, must-revalidate");
|
||||||
|
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
|
||||||
|
header("Content-Type: application/json; charset=utf-8");
|
||||||
|
echo json_encode($out);
|
||||||
|
?>
|
90
sources/pgpback/index.html
Normal file
90
sources/pgpback/index.html
Normal file
|
@ -0,0 +1,90 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<head>
|
||||||
|
<meta charset="utf-8">
|
||||||
|
<title>PGPBack
|
||||||
|
</title>
|
||||||
|
<style>
|
||||||
|
body {
|
||||||
|
background: #41444f;
|
||||||
|
color: #bbb;
|
||||||
|
}
|
||||||
|
a {
|
||||||
|
color: #fff;
|
||||||
|
text-decoration:none;
|
||||||
|
}
|
||||||
|
a:hover {
|
||||||
|
color: #fff;
|
||||||
|
text-decoration:underline;
|
||||||
|
}
|
||||||
|
</style>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<h1>PGPBack : OpenPGP keys backup for Rainloop</h1>
|
||||||
|
PGPBack has been tested with Chrome. It enables the following:<br><br>
|
||||||
|
<a id="arestorels" href="javascript:void(0)">Set the local OpenPGP keys from the server</a><br/><br/>
|
||||||
|
<a id="asavels" href="javascript:void(0)">Backup the local OpenPGP keys onto the server</a><br/><br/>
|
||||||
|
<a id="aclearls" href="javascript:void(0)">Clear the local OpenPGP keys (for security reasons)</a><br/><br/>
|
||||||
|
<script src="lib/jquery-1.11.2.min.js"></script>
|
||||||
|
<script>
|
||||||
|
$(document).ready(function() {
|
||||||
|
$('#asavels').click(function() {
|
||||||
|
if (confirm('The local OpenPGP keys will be loaded onto the server')) {
|
||||||
|
$.ajax("fav.php", {
|
||||||
|
data : JSON.stringify([localStorage["openpgp-private-keys"],localStorage["openpgp-public-keys"]]),
|
||||||
|
contentType : 'application/json',
|
||||||
|
type : 'POST',
|
||||||
|
dataType: 'json',
|
||||||
|
success: function (data) {
|
||||||
|
parseddata=JSON.parse(data);
|
||||||
|
switch (parseddata.rc){
|
||||||
|
case -2:
|
||||||
|
alert("User not logged in Yunohost. Keys not saved.");
|
||||||
|
break;
|
||||||
|
case -1:
|
||||||
|
case -3:
|
||||||
|
alert("No keys to save.");
|
||||||
|
break;
|
||||||
|
case 0:
|
||||||
|
alert("Problem when writing the data. Keys not saved.");
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
alert("Keys saved ("+parseddata.rc+" bytes).");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
});
|
||||||
|
$('#aclearls').click(function() {
|
||||||
|
if (confirm('The local OpenPGP keys will be deleted')) {
|
||||||
|
delete localStorage["openpgp-private-keys"];
|
||||||
|
delete localStorage["openpgp-public-keys"];
|
||||||
|
}
|
||||||
|
});
|
||||||
|
$('#arestorels').click(function() {
|
||||||
|
if (confirm('The local OpenPGP keys will be replaced by those from the server')) {
|
||||||
|
$.ajax("fav.php", {
|
||||||
|
contentType : 'application/json',
|
||||||
|
type : 'POST',
|
||||||
|
dataType: 'json',
|
||||||
|
success: function (data) {
|
||||||
|
parseddata=JSON.parse(data);
|
||||||
|
switch (parseddata.rc){
|
||||||
|
case -2:
|
||||||
|
alert("User not logged in Yunohost. Keys not set.");
|
||||||
|
break;
|
||||||
|
case -3:
|
||||||
|
alert("No data found. Keys not set.");
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
localStorage["openpgp-private-keys"]=parseddata.pk[0];
|
||||||
|
localStorage["openpgp-public-keys"]=parseddata.pk[1];
|
||||||
|
alert("Keys set from the server.");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
});
|
||||||
|
})
|
||||||
|
</script>
|
||||||
|
</body>
|
||||||
|
</html>
|
4
sources/pgpback/lib/jquery-1.11.2.min.js
vendored
Normal file
4
sources/pgpback/lib/jquery-1.11.2.min.js
vendored
Normal file
File diff suppressed because one or more lines are too long
Loading…
Reference in a new issue