Etherpad

From YobiWiki
Jump to navigation Jump to search

etherpad-lite with sqlite and https

Installation

Steps as root

apt-get install gzip git-core curl python libssl-dev pkg-config build-essential
apt-get install nodejs npm
ln -s nodejs /usr/bin/node
adduser --disabled-password etherpad
# Provide /home/etherpad/epl-server.crt
# Provide /home/etherpad/epl-server.crt
chmod 400 /home/etherpad/epl-server.*
chown etherpad.etherpad /home/etherpad/epl-server.*
cat > /etc/init.d/etherpad-lite << EOF
#!/bin/sh

### BEGIN INIT INFO
# Provides:          etherpad-lite
# Required-Start:    $local_fs $remote_fs $network $syslog
# Required-Stop:     $local_fs $remote_fs $network $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: starts etherpad lite
# Description:       starts etherpad lite using start-stop-daemon
### END INIT INFO

PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/node/bin"
LOGFILE="/var/log/etherpad-lite/etherpad-lite.log"
EPLITE_DIR="/home/etherpad/etherpad-lite"
EPLITE_BIN="bin/safeRun.sh"
USER="etherpad"
GROUP="etherpad"
DESC="Etherpad Lite"
NAME="etherpad-lite"

set -e

. /lib/lsb/init-functions

start() {
  echo "Starting $DESC... "

    start-stop-daemon --start --chuid "$USER:$GROUP" --background --make-pidfile --pidfile /var/run/$NAME.pid --exec $EPLITE_DIR/$EPLITE_BIN -- $LOGFILE || true
  echo "done"
}

#We need this function to ensure the whole process tree will be killed
killtree() {
    local _pid=$1
    local _sig=${2-TERM}
    for _child in $(ps -o pid --no-headers --ppid ${_pid}); do
        killtree ${_child} ${_sig}
    done
    kill -${_sig} ${_pid}
}

stop() {
  echo "Stopping $DESC... "
  if test -f /var/run/$NAME.pid; then
    while test -d /proc/$(cat /var/run/$NAME.pid); do
      killtree $(cat /var/run/$NAME.pid) 15
      sleep 0.5
    done
    rm /var/run/$NAME.pid
  fi
  echo "done"
}

status() {
  status_of_proc -p /var/run/$NAME.pid "" "etherpad-lite" && exit 0 || exit $?
}

case "$1" in
  start)
      start
      ;;
  stop)
    stop
      ;;
  restart)
      stop
      start
      ;;
  status)
      status
      ;;
  *)
      echo "Usage: $NAME {start|stop|restart|status}" >&2
      exit 1
      ;;
esac

exit 0
EOF

chmod 755 /etc/init.d/etherpad-lite
mkdir -p /var/log/etherpad-lite
chown etherpad.etherpad /var/log/etherpad-lite
update-rc.d etherpad-lite defaults
su etherpad -

Steps as etherpad user

cd
git clone git://github.com/ether/etherpad-lite.git
cd etherpad-lite
npm install sqlite3
cp settings.json.template settings.json
# please tune secure values to your needs...
patch << EOF
--- settings.json.template	2014-05-17 10:52:19.000000000 +0200
+++ settings.json	2014-05-17 11:18:07.000000000 +0200
@@ -17,9 +17,8 @@
 
   // Session Key, used for reconnecting user sessions
   // Set this to a secure string at least 10 characters long.  Do not share this value.
-  "sessionKey" : "",
+  "sessionKey" : "blablablablablablabla",
 
-  /*  
   // Node native SSL support
   // this is disabled by default
   //
@@ -27,18 +26,17 @@
   // so that the Etherpad server can access them
 
   "ssl" : {
-            "key"  : "/path-to-your/epl-server.key",
-            "cert" : "/path-to-your/epl-server.crt"
+            "key"  : "/home/etherpad/epl-server.key",
+            "cert" : "/home/etherpad/epl-server.crt"
           },
 
-  */
 
   //The Type of the database. You can choose between dirty, postgres, sqlite and mysql
   //You shouldn't use "dirty" for for anything else than testing or development
-  "dbType" : "dirty",
+  "dbType" : "sqlite",
   //the database specific settings
   "dbSettings" : {
-                   "filename" : "var/dirty.db"
+                   "filename" : "var/sqlite.db"
                  },
                  
   /* An Example of MySQL Configuration
@@ -74,7 +72,7 @@
  
   /* This setting is used if you require authentication of all users.
      Note: /admin always requires authentication. */
-  "requireAuthentication": false,
+  "requireAuthentication": true,
 
   /* Require authorization by a module, or a user with is_admin set, see below. */
   "requireAuthorization": false,
@@ -87,18 +85,18 @@
   
   /* Users for basic authentication. is_admin = true gives access to /admin.
      If you do not uncomment this, /admin will not be available! */
-  /*
+  
   "users": {
-    "admin": {
-      "password": "changeme1",
+    "myadmin": {
+      "password": "mypass1",
       "is_admin": true
     },
-    "user": {
-      "password": "changeme1",
+    "myuser": {
+      "password": "mypass2",
       "is_admin": false
     }
   },
-  */
+  
 
   // restrict socket.io transport methods
   "socketTransportProtocols" : ["xhr-polling", "jsonp-polling", "htmlfile"],
EOF

Usage

Steps as root

service etherpad-lite start

Steps as client

Go to https://yourserver:9001
As admin: https://yourserver:9001/admin