Generate cryptpad config

42043adb · Bob Mottram · db0856c3 · 42043adb · 42043adb
Commit 42043adb authored 7 years ago by Bob Mottram
--- a/src/freedombone-app-cryptpad
+++ b/src/freedombone-app-cryptpad
@@ -36,6 +36,7 @@ SHOW_ICANN_ADDRESS_ON_ABOUT=0

 CRYPTPAD_ONION_PORT=8119
 CRYPTPAD_PORT=9003
+CRYPTPAD_PORT2=9005
 CRYPTPAD_REPO="https://github.com/xwiki-labs/cryptpad"
 CRYPTPAD_COMMIT='cfc9ce33d6c7034a13cb0e6d606de6fba38697e0'
 CRYPTPAD_DIR=/etc/cryptpad
@@ -101,6 +102,7 @@ function upgrade_cryptpad {
    set_repo_commit $CRYPTPAD_DIR "cryptpad commit" "$CRYPTPAD_COMMIT" $CRYPTPAD_REPO

    cd $CRYPTPAD_DIR
+    cryptpad_create_config
    npm upgrade
    npm install
    su -c 'echo "2" | bower update' - cryptpad
@@ -229,6 +231,108 @@ function remove_cryptpad {
    userdel -r cryptpad
 }

+function cryptpad_create_config {
+    cryptpad_install_type=$1
+
+    cryptpad_prefix=
+    if [[ "$cryptpad_install_type" == "mesh" ]]; then
+        cryptpad_prefix=$rootdir
+    fi
+
+    echo '/*@flow*/' > $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '/*' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '  globals module' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '*/' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "var domain = ' http://localhost:${CRYPTPAD_PORT}/';" >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo 'module.exports = {' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "        httpAddress: '::'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        httpHeaders: {' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '                "X-XSS-Protection": "1; mode=block",' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '                "X-Content-Type-Options": "nosniff",' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '                "Access-Control-Allow-Origin": "*"' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        },' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        contentSecurity: [' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "                \"default-src 'none'\"," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "                \"style-src 'unsafe-inline' 'self' \" + domain," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "                \"script-src 'self'\" + domain," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "                \"font-src 'self' data:\" + domain," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '                "child-src blob: *",' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '                "frame-src blob: *",' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '                "media-src * blob:",' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "                \"connect-src 'self' ws: wss: blob:\" + domain," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "                \"img-src 'self' data: blob:\" + domain," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '                "frame-ancestors *",' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "        ].join('; ')," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        padContentSecurity: [' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "                \"default-src 'none'\"," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "                \"style-src 'unsafe-inline' 'self'\" + domain," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "                \"script-src 'self' 'unsafe-eval' 'unsafe-inline'\" + domain," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "                \"font-src 'self'\" + domain," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '                "child-src *",' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '                "frame-src *",' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "                \"connect-src 'self' ws: wss:\" + domain," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '                "img-src * blob:",' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "        ].join('; ')," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "        httpPort: ${CRYPTPAD_PORT}," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        // This is for allowing the cross-domain iframe to function when developing' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "        httpSafePort: ${CRYPTPAD_PORT2}," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "        websocketPath: '/cryptpad_websocket'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        logToStdout: false,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        verbose: false,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        mainPages: [' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "                'index'" >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        ],' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        removeDonateButton: true,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        allowSubscriptions: false,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    if [[ "$cryptpad_install_type" == "mesh" ]]; then
+        echo "        myDomain: 'http://P${PEER_ID}.local'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    else
+        CRYPTPAD_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_cryptpad/hostname)
+        echo "        myDomain: 'http://${CRYPTPAD_ONION_HOSTNAME}'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    fi
+    echo '        defaultStorageLimit: 50 * 1024 * 1024,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        customLimits: {' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        },' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        adminEmail: false,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "        storage: './storage/file'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "       filePath: './datastore/'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "        pinPath: './pins'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "        blobPath: './blob'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "        blobStagingPath: './blobstage'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        channelExpirationMs: 30000,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        openFileLimit: 1024,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo "        rpc: './rpc.js'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        suppressRPCErrors: false,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        enableUploads: true,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        //restrictUploads: false,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        maxUploadSize: 20 * 1024 * 1024,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        //logFeedback: true,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '        //logRPC: true,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    echo '};' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
+    chown cryptpad:cryptpad $cryptpad_prefix$CRYPTPAD_DIR/config.js
+}
+
 function mesh_install_cryptpad {
    if [[ $VARIANT != "meshclient" && $VARIANT != "meshusb" ]]; then
        return
@@ -357,10 +461,7 @@ EOF

    rm $rootdir/usr/bin/install_cryptpad

-    sed -i "s|httpPort:.*|httpPort: $CRYPTPAD_PORT,|g" $rootdir$CRYPTPAD_DIR/config.js
-    sed -i "s|// domain:|domain:|g" $rootdir$CRYPTPAD_DIR/config.js
-    sed -i 's|openFileLimit:.*|openFileLimit: 1024,|g' $rootdir$CRYPTPAD_DIR/config.js
-    sed -i "s|domain:.*|domain: 'http://P${PEER_ID}.local',|g" $rootdir$CRYPTPAD_DIR/config.js
+    cryptpad_create_config mesh

    chroot "$rootdir" chown -R cryptpad:cryptpad $CRYPTPAD_DIR

@@ -529,11 +630,7 @@ function install_cryptpad {
        exit 628252
    fi

-    sed -i "s|httpPort:.*|httpPort: $CRYPTPAD_PORT,|g" config.js
-    sed -i "s|// domain:|domain:|g" config.js
-    sed -i 's|openFileLimit:.*|openFileLimit: 1024,|g' config.js
-    sed -i "s|domain:.*|domain: 'http://$CRYPTPAD_ONION_HOSTNAME',|g" config.js
-
+    cryptpad_create_config
    chown -R cryptpad:cryptpad $CRYPTPAD_DIR

    # daemon

--- a/src/freedombone-image-mesh
+++ b/src/freedombone-image-mesh
@@ -155,6 +155,9 @@ function enable_cryptpad {
    if [ ! -d $CRYPTPAD_DIR/customize/api ]; then
        mkdir -p $CRYPTPAD_DIR/customize/api
    fi
+    if [ -f $CRYPTPAD_DIR/config.js ]; then
+        sed -i "s|myDomain:.*|myDomain: 'http://P${PEER_ID}.local',|g" $CRYPTPAD_DIR/config.js
+    fi
    wget 127.0.0.1:$CRYPTPAD_PORT/api/config -O $CRYPTPAD_DIR/customize/api/config
    if [ ! -f $CRYPTPAD_DIR/customize/api/config ]; then
        echo $'Unable to wget api/config'