-
Bob Mottram authoredBob Mottram authored
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
freedombone-app-cryptpad 22.59 KiB
#!/bin/bash
# _____ _ _
# | __|___ ___ ___ _| |___ _____| |_ ___ ___ ___
# | __| _| -_| -_| . | . | | . | . | | -_|
# |__| |_| |___|___|___|___|_|_|_|___|___|_|_|___|
#
# Freedom in the Cloud
#
# cryptpad application
#
# License
# =======
#
# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
VARIANTS='full full-vim writer'
APP_CATEGORY=publishing
IN_DEFAULT_INSTALL=0
SHOW_ON_ABOUT=1
SHOW_CLEARNET_ADDRESS_ON_ABOUT=0
NOT_ON_HOMEPAGE=1
CRYPTPAD_ONION_PORT=8119
CRYPTPAD_PORT=9003
CRYPTPAD_PORT2=9005
CRYPTPAD_REPO="https://github.com/xwiki-labs/cryptpad"
CRYPTPAD_COMMIT='d49f787bcd2606f4f4d2c3a5de3708808e6c5cf0'
CRYPTPAD_DIR=/etc/cryptpad
CRYPTPAD_DOMAIN_NAME=cryptpad.local
CRYPTPAD_SHORT_DESCRIPTION=$'Secure realtime collaboration'
CRYPTPAD_DESCRIPTION=$'Secure realtime collaboration with docs, presentations, drawing and voting. Documents are ephemeral and unless you save them will be deleted when you close the browser.'
CRYPTPAD_MOBILE_APP_URL=
cryptpad_variables=(ONION_ONLY
CRYPTPAD_DOMAIN_NAME)
function logging_on_cryptpad {
echo -n ''
}
function logging_off_cryptpad {
echo -n ''
}
function remove_user_cryptpad {
remove_username="$1"
}
function add_user_cryptpad {
new_username="$1"
new_user_password="$2"
echo '0'
}
function install_interactive_cryptpad {
echo -n ''
APP_INSTALLED=1
}
function change_password_cryptpad {
curr_username="$1"
new_user_password="$2"
}
function reconfigure_cryptpad {
if [ -d $CRYPTPAD_DIR/datastore ]; then
rm -rf $CRYPTPAD_DIR/datastore
fi
}
function cryptpad_generate_api_config {
if [ ! -d $CRYPTPAD_DIR/customize/api ]; then
mkdir -p $CRYPTPAD_DIR/customize/api
fi
wget 127.0.0.1:$CRYPTPAD_PORT/api/config -O $CRYPTPAD_DIR/customize/api/config
if [ ! -f $CRYPTPAD_DIR/customize/api/config ]; then
echo $'Unable to wget api/config'
exit 89
fi
chown -R cryptpad:cryptpad $CRYPTPAD_DIR
}
function upgrade_cryptpad {
CURR_CRYPTPAD_COMMIT=$(get_completion_param "cryptpad commit")
if [[ "$CURR_CRYPTPAD_COMMIT" == "$CRYPTPAD_COMMIT" ]]; then
return
fi
systemctl stop cryptpad
# update to the next commit
function_check set_repo_commit
set_repo_commit $CRYPTPAD_DIR "cryptpad commit" "$CRYPTPAD_COMMIT" $CRYPTPAD_REPO
cd $CRYPTPAD_DIR || exit 254
cryptpad_create_config
npm upgrade
npm install
rm -rf $CRYPTPAD_DIR/.cache/bower
su -c './node_modules/bower/bin/bower install --config.interactive=false' - cryptpad
su -c './node_modules/bower/bin/bower update --config.interactive=false' - cryptpad
cryptpad_generate_api_config
chown -R cryptpad:cryptpad $CRYPTPAD_DIR
systemctl start cryptpad
if ! grep -q "debug|kanban" /etc/nginx/sites-available/cryptpad; then
sed -i 's@location ~.*@location ~ ^/(register|login|settings|user|pad|drive|poll|slide|code|whiteboard|file|media|profile|contacts|todo|filepicker|debug|kanban)$ {@g' /etc/nginx/sites-available/cryptpad
systemctl restart nginx
fi
if grep -q "location = /cryptpad_websocket {" /etc/nginx/sites-available/cryptpad; then
sed -i 's|location = /cryptpad_websocket {|location ^~ /cryptpad_websocket {|g' /etc/nginx/sites-available/cryptpad
systemctl restart nginx
fi
}
function backup_local_cryptpad {
source_directory=$CRYPTPAD_DIR/datastore
if [ -d $source_directory ]; then
systemctl stop cryptpad
dest_directory=cryptpad
function_check suspend_site
suspend_site cryptpad
function_check backup_directory_to_usb
backup_directory_to_usb $source_directory $dest_directory
function_check restart_site
restart_site
systemctl start cryptpad
fi
}
function restore_local_cryptpad {
if [ -d $CRYPTPAD_DIR ]; then
systemctl stop cryptpad
temp_restore_dir=/root/tempcryptpad
function_check restore_directory_from_usb
restore_directory_from_usb $temp_restore_dir cryptpad
if [ ! -d $temp_restore_dir$CRYPTPAD_DIR/datastore ]; then
if [ -d $temp_restore_dir ]; then
cp -r $temp_restore_dir/* $CRYPTPAD_DIR/datastore/
else
systemctl start cryptpad
echo 'Failed to restore cryptpad'
rm -rf $temp_restore_dir
exit 87
fi
else
cp -r $temp_restore_dir$CRYPTPAD_DIR/datastore/* $CRYPTPAD_DIR/datastore/
fi
rm -rf $temp_restore_dir
systemctl start cryptpad
fi
}
function backup_remote_cryptpad {
echo -n ''
}
function restore_remote_cryptpad {
echo -n ''
}
function remove_cryptpad {
systemctl stop cryptpad
systemctl disable cryptpad
if [ -f /etc/systemd/system/cryptpad.service ]; then
rm /etc/systemd/system/cryptpad.service
fi
systemctl daemon-reload
function_check remove_nodejs
remove_nodejs cryptpad
nginx_dissite cryptpad
if [ -d $CRYPTPAD_DIR ]; then
rm -rf $CRYPTPAD_DIR
fi
if [ -f /etc/nginx/sites-available/cryptpad ]; then
rm /etc/nginx/sites-available/cryptpad
fi
function_check remove_onion_service
remove_onion_service cryptpad ${CRYPTPAD_ONION_PORT}
remove_app cryptpad
remove_completion_param install_cryptpad
sed -i '/cryptpad/d' "$COMPLETION_FILE"
userdel -r cryptpad
}
function cryptpad_create_config {
cryptpad_install_type=$1
cryptpad_prefix=
if [[ "$cryptpad_install_type" == "mesh" ]]; then
# shellcheck disable=SC2154
cryptpad_prefix="$rootdir"
fi
{ echo '/*@flow*/';
echo '/*';
echo ' globals module';
echo '*/';
echo "var domain = ' http://localhost:${CRYPTPAD_PORT}/';";
echo 'module.exports = {';
echo " httpAddress: '::',";
echo ' httpHeaders: {';
echo ' "X-XSS-Protection": "1; mode=block",';
echo ' "X-Content-Type-Options": "nosniff",';
echo ' "Access-Control-Allow-Origin": "*"';
echo ' },';
echo '';
echo ' contentSecurity: [';
echo " \"default-src 'none'\",";
echo " \"style-src 'unsafe-inline' 'self' \" + domain,";
echo " \"script-src 'self'\" + domain,";
echo " \"font-src 'self' data:\" + domain,";
echo '';
echo ' "child-src blob: *",';
echo ' "frame-src blob: *",';
echo ' "media-src * blob:",';
echo '';
echo " \"connect-src 'self' ws: wss: blob:\" + domain,";
echo '';
echo " \"img-src 'self' data: blob:\" + domain,";
echo '';
echo ' "frame-ancestors *",';
echo " ].join('; '),";
echo '';
echo ' padContentSecurity: [';
echo " \"default-src 'none'\",";
echo " \"style-src 'unsafe-inline' 'self'\" + domain,";
echo " \"script-src 'self' 'unsafe-eval' 'unsafe-inline'\" + domain,";
echo " \"font-src 'self'\" + domain,";
echo '';
echo ' "child-src *",';
echo ' "frame-src *",';
echo '';
echo " \"connect-src 'self' ws: wss:\" + domain,";
echo '';
echo ' "img-src * blob:",';
echo " ].join('; '),";
echo '';
echo " httpPort: ${CRYPTPAD_PORT},";
echo '';
echo ' // This is for allowing the cross-domain iframe to function when developing';
echo " httpSafePort: ${CRYPTPAD_PORT2},";
echo '';
echo " websocketPath: '/cryptpad_websocket',";
echo '';
echo ' logToStdout: false,';
echo '';
echo ' verbose: false,';
echo '';
echo ' mainPages: [';
echo " 'index'";
echo ' ],';
echo '';
echo ' removeDonateButton: true,';
echo ' allowSubscriptions: false,'; } > "$cryptpad_prefix$CRYPTPAD_DIR/config.js"
if [[ "$cryptpad_install_type" == "mesh" ]]; then
echo " myDomain: 'http://P${PEER_ID}.local'," >> "$cryptpad_prefix$CRYPTPAD_DIR/config.js"
else
CRYPTPAD_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_cryptpad/hostname)
echo " myDomain: 'http://${CRYPTPAD_ONION_HOSTNAME}'," >> "$cryptpad_prefix$CRYPTPAD_DIR/config.js"
fi
{ echo ' defaultStorageLimit: 50 * 1024 * 1024,';
echo '';
echo ' customLimits: {';
echo ' },';
echo '';
echo ' adminEmail: false,';
echo '';
echo " storage: './storage/file',";
echo '';
echo " filePath: './datastore/',";
echo " pinPath: './pins',";
echo " blobPath: './blob',";
echo " blobStagingPath: './blobstage',";
echo ' channelExpirationMs: 30000,';
echo ' openFileLimit: 1024,';
echo " rpc: './rpc.js',";
echo ' suppressRPCErrors: false,';
echo ' enableUploads: true,';
echo ' //restrictUploads: false,';
echo ' maxUploadSize: 20 * 1024 * 1024,';
echo ' //logFeedback: true,';
echo ' //logRPC: true,';
echo '};'; } >> "$cryptpad_prefix$CRYPTPAD_DIR/config.js"
if [[ "$cryptpad_install_type" != "mesh" ]]; then
chown cryptpad:cryptpad "$cryptpad_prefix$CRYPTPAD_DIR/config.js"
else
chroot "$rootdir" chown cryptpad:cryptpad $CRYPTPAD_DIR/config.js
fi
}
function mesh_install_cryptpad {
# shellcheck disable=SC2153
if [[ "$VARIANT" != "meshclient" && "$VARIANT" != "meshusb" ]]; then
return
fi
if [ ! -d "$rootdir/var/www/cryptpad" ]; then
mkdir "$rootdir/var/www/cryptpad"
fi
if [ -d "$rootdir$CRYPTPAD_DIR" ]; then
rm -rf "$rootdir$CRYPTPAD_DIR"
fi
git_clone "$CRYPTPAD_REPO" "$rootdir$CRYPTPAD_DIR"
if [ ! -d "$rootdir$CRYPTPAD_DIR" ]; then
echo $'Unable to clone cryptpad repo'
exit 78
fi
# an unprivileged user to run as
chroot "$rootdir" useradd -d $CRYPTPAD_DIR/ cryptpad
cd "$rootdir$CRYPTPAD_DIR" || exit 34
git checkout "$CRYPTPAD_COMMIT" -b "$CRYPTPAD_COMMIT"
chroot "$rootdir" chown -R cryptpad:cryptpad $CRYPTPAD_DIR
cryptpad_nginx_site=$rootdir/etc/nginx/sites-available/cryptpad
{ echo 'server {';
echo ' listen [::]:80 default_server;';
echo " server_name P${PEER_ID}.local;";
echo '';
echo ' # Logs';
echo ' access_log /dev/null;';
echo ' error_log /dev/null;';
echo '';
echo ' # Root';
echo " root $CRYPTPAD_DIR;";
echo '';
echo ' index index.html;';
echo '';
echo ' add_header X-XSS-Protection "1; mode=block";';
echo ' add_header X-Content-Type-Options nosniff;';
echo ' add_header X-Frame-Options SAMEORIGIN;';
echo '';
echo " set \$unsafe 0;";
echo " if (\$uri = \"/pad/inner.html\") { set \$unsafe 1; }";
echo " if (\$host != sandbox.cryptpad.info) { set \$unsafe 0; }";
echo " if (\$unsafe) {";
echo " set \$scriptSrc \"'self' 'unsafe-eval' 'unsafe-inline' P${PEER_ID}.local\";";
echo ' }';
echo '';
echo ' location ^~ /cryptpad_websocket {';
echo " proxy_pass http://[::]:$CRYPTPAD_PORT;";
echo " proxy_set_header X-Real-IP \$remote_addr;";
echo " proxy_set_header Host \$host;";
echo " proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;";
echo '';
echo ' # WebSocket support (nginx 1.4)';
echo ' proxy_http_version 1.1;';
echo " proxy_set_header Upgrade \$http_upgrade;";
echo ' proxy_set_header Connection upgrade;';
echo ' }';
echo '';
echo ' location ^~ /customize.dist/ {';
echo ' # This is needed in order to prevent infinite recursion between /customize/ and the root';
echo ' }';
echo ' location ^~ /customize/ {';
echo " rewrite ^/customize/(.*)\$ \$1 break;";
echo " try_files /customize/\$uri /customize.dist/\$uri;";
echo ' }';
echo ' location = /api/config {';
echo " proxy_pass http://localhost:$CRYPTPAD_PORT;";
echo " proxy_set_header X-Real-IP \$remote_addr;";
echo " proxy_set_header Host \$host;";
echo " proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;";
echo ' }';
echo '';
echo ' location ^~ /blob/ {';
echo ' add_header Cache-Control max-age=31536000;';
echo " try_files \$uri =404;";
echo ' }';
echo '';
echo ' location ^~ /datastore/ {';
echo ' add_header Cache-Control max-age=0;';
echo " try_files \$uri =404;";
echo ' }';
echo '';
echo ' location ^~ /register/ {';
echo " try_files \$uri =404;";
echo ' }';
echo '';
echo ' location ^~ /login/ {';
echo " try_files \$uri =404;";
echo ' }';
echo '';
echo ' location ^~ /about.html {';
echo " try_files \$uri =404;";
echo ' }';
echo '';
echo ' location ^~ /contact.html {';
echo " try_files \$uri =404;";
echo ' }';
echo '';
echo ' location ^~ /what-is-cryptpad.html {';
echo " try_files \$uri =404;";
echo ' }';
echo '';
echo ' location ~ ^/(register|login|settings|user|pad|drive|poll|slide|code|whiteboard|file|media|profile|contacts|todo|filepicker|debug|kanban)$ {';
echo " rewrite ^(.*)\$ \$1/ redirect;";
echo ' }';
echo '';
echo " try_files /www/\$uri /www/\$uri/index.html /customize/\$uri;";
echo '}'; } > "$cryptpad_nginx_site"
cd "$rootdir$CRYPTPAD_DIR" || exit 62
get_npm_arch
cat <<EOF > "$rootdir/usr/bin/install_cryptpad"
#!/bin/bash
cd $CRYPTPAD_DIR || exit 35
npm install --arch=$NPM_ARCH --build-from-source
npm install --arch=$NPM_ARCH bower@1.8.4
chown -R cryptpad:cryptpad $CRYPTPAD_DIR
su -c './node_modules/bower/bin/bower install --config.interactive=false' - cryptpad
cp config.example.js config.js
EOF
chmod +x "$rootdir/usr/bin/install_cryptpad"
chroot "$rootdir" /usr/bin/install_cryptpad
if [ ! -f "$rootdir$CRYPTPAD_DIR/config.js" ]; then
echo $'Cryptpad config file not found'
exit 62
fi
rm "$rootdir/usr/bin/install_cryptpad"
cryptpad_create_config mesh
chroot "$rootdir" chown -R cryptpad:cryptpad $CRYPTPAD_DIR
# daemon
{ echo '[Unit]';
echo 'Description=Cryptpad';
echo 'After=syslog.target';
echo 'After=network.target';
echo '';
echo '[Service]';
echo 'User=cryptpad';
echo 'Group=cryptpad';
echo "WorkingDirectory=$CRYPTPAD_DIR";
echo "ExecStart=/usr/local/bin/node $CRYPTPAD_DIR/server.js";
echo 'Environment=PATH=/usr/bin:/usr/local/bin';
echo 'Environment=NODE_ENV=production';
echo 'Restart=on-failure';
echo 'PrivateTmp=true';
echo 'PrivateDevices=false';
echo 'NoNewPrivileges=true';
echo 'CapabilityBoundingSet=~CAP_SYS_ADMIN';
echo '';
echo '[Install]';
echo 'WantedBy=multi-user.target'; } > "$rootdir/etc/systemd/system/cryptpad.service"
chroot "$rootdir" systemctl enable cryptpad.service
}
function install_cryptpad_main {
if [[ $(app_is_installed cryptpad_main) == "1" ]]; then
return
fi
if [ ! -d /var/www/cryptpad ]; then
mkdir /var/www/cryptpad
fi
if [ -d $CRYPTPAD_DIR ]; then
rm -rf $CRYPTPAD_DIR
fi
if [ -d /repos/cryptpad ]; then
mkdir -p $CRYPTPAD_DIR
cp -r -p /repos/cryptpad/. $CRYPTPAD_DIR
cd $CRYPTPAD_DIR || exit 34
git pull
else
function_check git_clone
git_clone $CRYPTPAD_REPO $CRYPTPAD_DIR
fi
if [ ! -d $CRYPTPAD_DIR ]; then
echo $'Unable to clone cryptpad repo'
exit 78
fi
# an unprivileged user to run as
useradd -d $CRYPTPAD_DIR/ cryptpad
cd $CRYPTPAD_DIR || exit 34
git checkout $CRYPTPAD_COMMIT -b $CRYPTPAD_COMMIT
set_completion_param "cryptpad commit" "$CRYPTPAD_COMMIT"
chown -R cryptpad:cryptpad $CRYPTPAD_DIR
CRYPTPAD_ONION_HOSTNAME=$(add_onion_service cryptpad 80 ${CRYPTPAD_ONION_PORT})
cryptpad_nginx_site=/etc/nginx/sites-available/cryptpad
{ echo 'server {';
echo " listen 127.0.0.1:$CRYPTPAD_ONION_PORT default_server;";
echo ' port_in_redirect off;';
echo " server_name $CRYPTPAD_ONION_HOSTNAME;";
echo '';
echo ' # Logs';
echo ' access_log /dev/null;';
echo ' error_log /dev/null;';
echo '';
echo ' # Root';
echo " root $CRYPTPAD_DIR;";
echo '';
echo ' index index.html;';
echo ' error_page 404 /customize.dist/404.html;';
echo '';
echo " if (\$args ~ ver=) {";
echo " set \$cacheControl max-age=31536000;";
echo ' }';
echo " add_header Cache-Control \$cacheControl;";
echo '';
echo ' add_header X-XSS-Protection "1; mode=block";';
echo ' add_header X-Content-Type-Options nosniff;';
echo ' add_header X-Frame-Options SAMEORIGIN;';
echo '';
echo " set \$unsafe 0;";
echo " if (\$uri = \"/pad/inner.html\") { set \$unsafe 1; }";
echo " if (\$host != sandbox.cryptpad.info) { set \$unsafe 0; }";
echo " if (\$unsafe) {";
echo " set \$scriptSrc \"'self' 'unsafe-eval' 'unsafe-inline' $CRYPTPAD_ONION_HOSTNAME\";";
echo ' }';
echo '';
echo ' location ^~ /cryptpad_websocket {';
echo " proxy_pass http://localhost:$CRYPTPAD_PORT;";
echo " proxy_set_header X-Real-IP \$remote_addr;";
echo " proxy_set_header Host \$host;";
echo " proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;";
echo '';
echo ' # WebSocket support (nginx 1.4)';
echo ' proxy_http_version 1.1;';
echo " proxy_set_header Upgrade \$http_upgrade;";
echo ' proxy_set_header Connection upgrade;';
echo ' }';
echo '';
echo ' location ^~ /customize.dist/ {';
echo ' # This is needed in order to prevent infinite recursion between /customize/ and the root';
echo ' }';
echo ' location ^~ /customize/ {';
echo " rewrite ^/customize/(.*)\$ \$1 break;";
echo " try_files /customize/\$uri /customize.dist/\$uri;";
echo ' }';
echo ' location = /api/config {';
echo " proxy_pass http://localhost:$CRYPTPAD_PORT;";
echo " proxy_set_header X-Real-IP \$remote_addr;";
echo " proxy_set_header Host \$host;";
echo " proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;";
echo ' }';
echo '';
echo ' location ^~ /blob/ {';
echo ' add_header Cache-Control max-age=31536000;';
echo " try_files \$uri =404;";
echo ' }';
echo '';
echo ' location ^~ /datastore/ {';
echo ' add_header Cache-Control max-age=0;';
echo " try_files \$uri =404;";
echo ' }';
echo '';
echo ' location ^~ /register/ {';
echo " try_files \$uri =404;";
echo ' }';
echo '';
echo ' location ^~ /login/ {';
echo " try_files \$uri =404;";
echo ' }';
echo '';
echo ' location ^~ /about.html {';
echo " try_files \$uri =404;";
echo ' }';
echo '';
echo ' location ^~ /contact.html {';
echo " try_files \$uri =404;";
echo ' }';
echo '';
echo ' location ^~ /what-is-cryptpad.html {';
echo " try_files \$uri =404;";
echo ' }';
echo '';
echo ' location ~ ^/(register|login|settings|user|pad|drive|poll|slide|code|whiteboard|file|media|profile|contacts|todo|filepicker|debug|kanban)$ {';
echo " rewrite ^(.*)\$ \$1/ redirect;";
echo ' }';
echo '';
echo " try_files /www/\$uri /www/\$uri/index.html /customize/\$uri;";
echo '}'; } > $cryptpad_nginx_site
function_check nginx_ensite
nginx_ensite cryptpad
install_completed cryptpad_main
}
function install_cryptpad {
increment_app_install_progress
function_check install_nodejs
install_nodejs cryptpad
increment_app_install_progress
install_cryptpad_main
increment_app_install_progress
cd $CRYPTPAD_DIR || exit 35
npm install
increment_app_install_progress
npm install bower@1.8.4
increment_app_install_progress
chown -R cryptpad:cryptpad $CRYPTPAD_DIR
su -c './node_modules/bower/bin/bower install --config.interactive=false' - cryptpad
su -c './node_modules/bower/bin/bower update --config.interactive=false' - cryptpad
cp config.example.js config.js
if [ ! -f config.js ]; then
echo $'Cryptpad config file not found'
exit 62
fi
increment_app_install_progress
cryptpad_create_config
chown -R cryptpad:cryptpad $CRYPTPAD_DIR
increment_app_install_progress
# daemon
{ echo '[Unit]';
echo 'Description=Cryptpad';
echo 'After=syslog.target';
echo 'After=network.target';
echo '';
echo '[Service]';
echo 'User=cryptpad';
echo 'Group=cryptpad';
echo "WorkingDirectory=$CRYPTPAD_DIR";
echo "ExecStart=/usr/local/bin/node $CRYPTPAD_DIR/server.js";
echo 'Environment=PATH=/usr/bin:/usr/local/bin';
echo 'Environment=NODE_ENV=production';
echo 'Restart=on-failure';
echo '';
echo '[Install]';
echo 'WantedBy=multi-user.target'; } > /etc/systemd/system/cryptpad.service
systemctl enable cryptpad.service
systemctl daemon-reload
systemctl start cryptpad.service
increment_app_install_progress
sleep 8
cryptpad_generate_api_config
increment_app_install_progress
# install again
cd $CRYPTPAD_DIR || exit 73
su -c './node_modules/bower/bin/bower install --config.interactive=false' - cryptpad
increment_app_install_progress
systemctl restart nginx
APP_INSTALLED=1
}
# NOTE: deliberately there is no "exit 0"