From 55b97aae906d086ddbc18cbbae16009883d5d591 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cyryl=20P=C5=82otnicki?= Date: Sat, 23 Jul 2022 08:37:53 +0100 Subject: [PATCH] cryptpad persistence --- nixos/boxes/vpsfree1/cryptpad.config.js | 303 ++++++++++++------------ nixos/boxes/vpsfree1/cryptpad.nix | 10 +- 2 files changed, 154 insertions(+), 159 deletions(-) diff --git a/nixos/boxes/vpsfree1/cryptpad.config.js b/nixos/boxes/vpsfree1/cryptpad.config.js index 988e0d38..bdbe832d 100644 --- a/nixos/boxes/vpsfree1/cryptpad.config.js +++ b/nixos/boxes/vpsfree1/cryptpad.config.js @@ -7,185 +7,172 @@ module.exports = { httpPort: 3000, httpSafePort: 3001, + adminKeys: [ + "[cyplo@notes.purrfect.estate/Ii+Y2Z5ZDAN2fFpAEQu93SDjQcWkSfY7eaSvhCJedX8=]", + ], + /* ===================== - * Admin + * STORAGE + * ===================== */ + + /* Pads that are not 'pinned' by any registered user can be set to expire + * after a configurable number of days of inactivity (default 90 days). + * The value can be changed or set to false to remove expiration. + * Expired pads can then be removed using a cron job calling the + * `evict-inactive.js` script with node + * + * defaults to 90 days if nothing is provided + */ + //inactiveTime: 90, // days + + /* CryptPad archives some data instead of deleting it outright. + * This archived data still takes up space and so you'll probably still want to + * remove these files after a brief period. + * + * cryptpad/scripts/evict-inactive.js is intended to be run daily + * from a crontab or similar scheduling service. + * + * The intent with this feature is to provide a safety net in case of accidental + * deletion. Set this value to the number of days you'd like to retain + * archived data before it's removed permanently. + * + * defaults to 15 days if nothing is provided + */ + //archiveRetentionTime: 15, + + /* It's possible to configure your instance to remove data + * stored on behalf of inactive accounts. Set 'accountRetentionTime' + * to the number of days an account can remain idle before its + * documents and other account data is removed. + * + * Leave this value commented out to preserve all data stored + * by user accounts regardless of inactivity. + */ + //accountRetentionTime: 365, + + /* Starting with CryptPad 3.23.0, the server automatically runs + * the script responsible for removing inactive data according to + * your configured definition of inactivity. Set this value to `true` + * if you prefer not to remove inactive data, or if you prefer to + * do so manually using `scripts/evict-inactive.js`. + */ + //disableIntegratedEviction: true, + + + /* Max Upload Size (bytes) + * this sets the maximum size of any one file uploaded to the server. + * anything larger than this size will be rejected + * defaults to 20MB if no value is provided + */ + //maxUploadSize: 20 * 1024 * 1024, + + /* Users with premium accounts (those with a plan included in their customLimit) + * can benefit from an increased upload size limit. By default they are restricted to the same + * upload size as any other registered user. + * + */ + //premiumUploadSize: 100 * 1024 * 1024, + + /* ===================== + * DATABASE VOLUMES * ===================== */ /* - * CryptPad contains an administration panel. Its access is restricted to specific - * users using the following list. - * To give access to the admin panel to a user account, just add their public signing - * key, which can be found on the settings page for registered users. - * Entries should be strings separated by a comma. + * CryptPad stores each document in an individual file on your hard drive. + * Specify a directory where files should be stored. + * It will be created automatically if it does not already exist. */ - /* - adminKeys: [ - //"[cryptpad-user1@my.awesome.website/YZgXQxKR0Rcb6r6CmxHPdAGLVludrAF2lEnkbx1vVOo=]", - ], - */ + filePath: './datastore/', - /* ===================== - * STORAGE - * ===================== */ + /* CryptPad offers the ability to archive data for a configurable period + * before deleting it, allowing a means of recovering data in the event + * that it was deleted accidentally. + * + * To set the location of this archive directory to a custom value, change + * the path below: + */ + archivePath: './data/archive', - /* Pads that are not 'pinned' by any registered user can be set to expire - * after a configurable number of days of inactivity (default 90 days). - * The value can be changed or set to false to remove expiration. - * Expired pads can then be removed using a cron job calling the - * `evict-inactive.js` script with node - * - * defaults to 90 days if nothing is provided - */ - //inactiveTime: 90, // days + /* CryptPad allows logged in users to request that particular documents be + * stored by the server indefinitely. This is called 'pinning'. + * Pin requests are stored in a pin-store. The location of this store is + * defined here. + */ + pinPath: './data/pins', - /* CryptPad archives some data instead of deleting it outright. - * This archived data still takes up space and so you'll probably still want to - * remove these files after a brief period. - * - * cryptpad/scripts/evict-inactive.js is intended to be run daily - * from a crontab or similar scheduling service. - * - * The intent with this feature is to provide a safety net in case of accidental - * deletion. Set this value to the number of days you'd like to retain - * archived data before it's removed permanently. - * - * defaults to 15 days if nothing is provided - */ - //archiveRetentionTime: 15, - - /* It's possible to configure your instance to remove data - * stored on behalf of inactive accounts. Set 'accountRetentionTime' - * to the number of days an account can remain idle before its - * documents and other account data is removed. - * - * Leave this value commented out to preserve all data stored - * by user accounts regardless of inactivity. - */ - //accountRetentionTime: 365, - - /* Starting with CryptPad 3.23.0, the server automatically runs - * the script responsible for removing inactive data according to - * your configured definition of inactivity. Set this value to `true` - * if you prefer not to remove inactive data, or if you prefer to - * do so manually using `scripts/evict-inactive.js`. - */ - //disableIntegratedEviction: true, - - - /* Max Upload Size (bytes) - * this sets the maximum size of any one file uploaded to the server. - * anything larger than this size will be rejected - * defaults to 20MB if no value is provided - */ - //maxUploadSize: 20 * 1024 * 1024, - - /* Users with premium accounts (those with a plan included in their customLimit) - * can benefit from an increased upload size limit. By default they are restricted to the same - * upload size as any other registered user. - * - */ - //premiumUploadSize: 100 * 1024 * 1024, - - /* ===================== - * DATABASE VOLUMES - * ===================== */ - - /* - * CryptPad stores each document in an individual file on your hard drive. - * Specify a directory where files should be stored. - * It will be created automatically if it does not already exist. - */ - filePath: './datastore/', - - /* CryptPad offers the ability to archive data for a configurable period - * before deleting it, allowing a means of recovering data in the event - * that it was deleted accidentally. - * - * To set the location of this archive directory to a custom value, change - * the path below: - */ - archivePath: './data/archive', - - /* CryptPad allows logged in users to request that particular documents be - * stored by the server indefinitely. This is called 'pinning'. - * Pin requests are stored in a pin-store. The location of this store is - * defined here. - */ - pinPath: './data/pins', - - /* if you would like the list of scheduled tasks to be stored in + /* if you would like the list of scheduled tasks to be stored in a custom location, change the path below: */ - taskPath: './data/tasks', + taskPath: './data/tasks', - /* if you would like users' authenticated blocks to be stored in + /* if you would like users' authenticated blocks to be stored in a custom location, change the path below: */ - blockPath: './block', + blockPath: './block', - /* CryptPad allows logged in users to upload encrypted files. Files/blobs - * are stored in a 'blob-store'. Set its location here. - */ - blobPath: './blob', + /* CryptPad allows logged in users to upload encrypted files. Files/blobs + * are stored in a 'blob-store'. Set its location here. + */ + blobPath: './blob', - /* CryptPad stores incomplete blobs in a 'staging' area until they are - * fully uploaded. Set its location here. - */ - blobStagingPath: './data/blobstage', + /* CryptPad stores incomplete blobs in a 'staging' area until they are + * fully uploaded. Set its location here. + */ + blobStagingPath: './data/blobstage', - decreePath: './data/decrees', + decreePath: './data/decrees', - /* CryptPad supports logging events directly to the disk in a 'logs' directory - * Set its location here, or set it to false (or nothing) if you'd rather not log - */ - logPath: './data/logs', + /* CryptPad supports logging events directly to the disk in a 'logs' directory + * Set its location here, or set it to false (or nothing) if you'd rather not log + */ + logPath: './data/logs', - /* ===================== - * Debugging - * ===================== */ + /* ===================== + * Debugging + * ===================== */ - /* CryptPad can log activity to stdout - * This may be useful for debugging - */ - logToStdout: false, + /* CryptPad can log activity to stdout + * This may be useful for debugging + */ + logToStdout: false, - /* CryptPad can be configured to log more or less - * the various settings are listed below by order of importance - * - * silly, verbose, debug, feedback, info, warn, error - * - * Choose the least important level of logging you wish to see. - * For example, a 'silly' logLevel will display everything, - * while 'info' will display 'info', 'warn', and 'error' logs - * - * This will affect both logging to the console and the disk. - */ - logLevel: 'debug', + /* CryptPad can be configured to log more or less + * the various settings are listed below by order of importance + * + * silly, verbose, debug, feedback, info, warn, error + * + * Choose the least important level of logging you wish to see. + * For example, a 'silly' logLevel will display everything, + * while 'info' will display 'info', 'warn', and 'error' logs + * + * This will affect both logging to the console and the disk. + */ + logLevel: 'debug', - /* clients can use the /settings/ app to opt out of usage feedback - * which informs the server of things like how much each app is being - * used, and whether certain clientside features are supported by - * the client's browser. The intent is to provide feedback to the admin - * such that the service can be improved. Enable this with `true` - * and ignore feedback with `false` or by commenting the attribute - * - * You will need to set your logLevel to include 'feedback'. Set this - * to false if you'd like to exclude feedback from your logs. - */ - logFeedback: false, + /* clients can use the /settings/ app to opt out of usage feedback + * which informs the server of things like how much each app is being + * used, and whether certain clientside features are supported by + * the client's browser. The intent is to provide feedback to the admin + * such that the service can be improved. Enable this with `true` + * and ignore feedback with `false` or by commenting the attribute + * + * You will need to set your logLevel to include 'feedback'. Set this + * to false if you'd like to exclude feedback from your logs. + */ + logFeedback: false, - /* CryptPad supports verbose logging - * (false by default) - */ - verbose: false, + /* CryptPad supports verbose logging + * (false by default) + */ + verbose: false, - /* Surplus information: - * - * 'installMethod' is included in server telemetry to voluntarily - * indicate how many instances are using unofficial installation methods - * such as Docker. - * - */ - installMethod: 'unspecified', - }; + /* Surplus information: + * + * 'installMethod' is included in server telemetry to voluntarily + * indicate how many instances are using unofficial installation methods + * such as Docker. + * + */ + installMethod: 'unspecified', +}; diff --git a/nixos/boxes/vpsfree1/cryptpad.nix b/nixos/boxes/vpsfree1/cryptpad.nix index 0e08cd5b..f5b1c019 100644 --- a/nixos/boxes/vpsfree1/cryptpad.nix +++ b/nixos/boxes/vpsfree1/cryptpad.nix @@ -19,7 +19,15 @@ }; virtualisation.oci-containers.containers.cryptpad = { image = "promasu/cryptpad:nginx"; - volumes = [ "${./cryptpad.config.js}:/cryptpad/config/config.js" ]; + volumes = [ + "${./cryptpad.config.js}:/cryptpad/config/config.js" + + "cryptpad_blob:/cryptpad/blob" + "cryptpad_block:/cryptpad/block" + "cryptpad_customize:/cryptpad/customize" + "cryptpad_data:/cryptpad/data" + "cryptpad_data_files:/cryptpad/datastore" + ]; environment = { CPAD_MAIN_DOMAIN = "notes.purrfect.estate"; CPAD_SANDBOX_DOMAIN = "notes-sandbox.purrfect.estate";