Cryptpad is an amazing opensource software suite. You can share real-time spreadsheets, text documents and other stuff. Sometimes you want to do a quick brainstorming, or other times you just want to build a simple database in a familiar ‘excel’ like format. This does all of that, plus, it’s encrypted and completely anonymous. This would be an amazing quick tool for most SMBs yet most probably don’t know about it or pay too much for other tools that are more complex than they need. This is open source, very functional, and runs on your own server which is better than, say, running on all the other etherpads out there. You never know, for example, when they’ll shut down their server. This gives you all the benefits of ‘pads’ but on your own server.
It is a ‘one-click install’ on Yunohost… However… it wasn’t quite ‘one click’ because it requires it’s own subdomain and won’t work directly on the base URL of your YH installation. Thankfully, it’s pretty easy to do a subdomain in conjunction with Digital Ocean and YH. Here are the steps I performed to get it rolling:
Set up DNS Records In Digital Ocean
- Go to networking
- Go to your YH domain
- add in these records like this (but you can customize the subdomain to what you’d like of course):
In the DNS section of this new domain it will give you some recommended DNS records to make it legit.
hostname | will direct to | TTL
pad | your server | 300 (change back to 3600 later)
*.pad | your server | 300 (change back)
Hostname | Authority | Tag | Flags | TTL
pad | letsencrypt.org | issue | 128 | 300 (change back to 3600 later)
Now let that start to propagate through the internet and let’s do the second step
Setup Subdomain in Yunohost
From your home dashboard:
- + Add Domain button
- “I already have a domain” radio dial
- Enter ‘pad.domain.com’ using your domain for domain.com
- “Add” button
- Wait while it processes a while
Now your sub-domain is setup in YH, the records on your server are pointing to it, but it doesn’t have encryption yet (SSL Cert). The domain must be fully propagated for that to work.
Setup Lets Encrypt Certificate for Sub-domain
From your home dashboard in YH:
- select your new pad.domain.com subdomain
- SSL Certificate (white button with lock)
- If the green “Install a Let’s Encrypt certificate” is clickable click it, if not:
- in a terminal, try
ping pad.domain.comand see if it gets a bounce back. If not, you probably have to wait longer
- in a terminal try
dig pad.domain.comto see if your domain shows up paired with an IP address, SSL cert installation ‘should’ work
- Also check ports 80 and 443 are open for sign.domain.com in this tool
With all the above checking as ‘ok’, and after waiting 5 or 10 minutes and it still isn’t clickable, I found once that logging out of the YH admin or doing a control f5 refresh helped. For me, one time it took only 10 minutes to propogate and another time it took about 1 hour…. another time even 2 hours. Hard to predict how long this wait will be.
After clicking it will ask “Are you sure you want to install a Let’s Encrypt certificate for this domain?” which you will obviously approve. If all goes well it will say ‘Great! You’re using a valid Let’s Encrypt certificate”.
No point continuing to the next steps until you have your SSL installed and working on the sub-domain, so get coffee and a lunch and proceed to app installation after that.
Install Cryptpad App in Yunohost
Now that your sub-domain and SSL certificates are set up, you are readying to install SignaturePDF. From your YH home dashboard:
- + Install
- Search “crypt” – you should see ‘CryptPad – Zero Knowledge realtime collaborative editor’ show up
- Click the green + Install button
- Select your newly-created subdomain from the dropdown in the ‘Choose the domain where this app should be installed’ field.
- For CryptPad, probably you’ll want to expose this to the outside world since you might want non-users to be able to use it? It’s a personal choice and may require re-thinking later, but for now I’m installing with ‘yes’ selected here.
- At bottom of summary page, if all looks good ‘install’ button
If all goes well you should see a success message. Test your new CryptPad app by going to pad.yourdomain.com.
Bonus – How to Set up the Admin Account for Cryptpad on Yunohost
If you haven’t done a lot of command line work it might be a bit daunting to simply read the instructions that get automatically sent in the admin email. I guess they assume an admin will be super comfortable with these kind of simple instructions but I wanted to make it more accessible to more people.
As mentioned, after installing Cryptpad on Yunohost, you will get an admin email sent to the admin account for the installation. Here is what you need to do:
- Create an admin user account like you would as a non-admin user on the now-functioning instance of Cryptpad at pad.yourdomain.com. That’s as easy as registering as a user.
- Keep this username and password safe as this is not just a user account
- Stay logged in. If you logged out, log back in since we’ll need some data from the settings in a minute.
- Once admin account is created and you’re logged in, you have to SSH into your Yunohost server with the
ssh admin@yourdomaincommand. If you can’t do this skill, you’ll have to learn that one yourself first, I’m afraid. 🙂
- Once you’ve SSH’d in, you need to input a chunk of data, into a file called “config.js” located at /var/www/cryptpad/config/config.js. You do that by:
sudo nano /var/www/cryptpad/config/config.js
- scroll down until you find this secton: /* =====================
- ===================== */
- CryptPad contains an administration panel. Its access is restricted to specific
- users using the following list.
- To give access to the admin panel to a user account, just add their public signing
- key, which can be found on the settings page for registered users.
- Entries should be strings separated by a comma.
- In the line of text right above the ‘adminKeys’ part (don’t accidentally delete a different one), you will see
/*— delete this. It should light up now as available in your terminal
- In the line of text right below the admin keys part you will see
*/– delete this. It’s paired with the first one you deleted above and shouldn’t be there alone…
- We will change this part now:
"[firstname.lastname@example.org/YZgXQxKR0Rcb6r6CmxHPdAGLVludrAF2lEnkbx1vVOo=]"inside the quotes to the data found in a part of your user settings. Get this special string by doing these steps:
- user menu at the top right
- settings cogwheel
- at the very top you should see ‘public signing key’. Copy this fancy stuff to your computer clipboard as we will now paste it into your config.js file back in your terminal
- Paste your copied public signing key between the quotes of the example one in your file. TIP: I find it easier by going to the last quote and putting my cursor on it, and then backspace/delete until everything except the first and last quote are there. Paste with mouse right click ‘paste’
- Control X to save changes, y to agree, and enter key to execute
- Restart the Cryptpad service (this will likely disconnect you briefly from your login session) with this command in your terminal:
sudo yunohost service restart cryptpad
It should now be working but I always like to do these last steps to be sure:
- Log out of your Cryptpad account (to test)
- Log back in to your admin account
- If everything is working you should now be able to go to your User menu (top right) and find and adminstration icon with three cogwheels.
Now you can do a whole bunch of powerful admin things with Cryptpad on Yunohost!