====== Etherpad ======
Présentation d'installation d'un serveur EtherPad sur //debian// 9.\\
Dans cette présentation, nous allons configurer un site https://pad.sleto.net.\\
Nous utiliserons les variables //DBNAME//, //DBUSER// et //DBPASSWD// respectivement pour le nom, l'utilisateur et le mot de passe de base de données.\\
===== Dépendances =====
Utilise un [[Serveur web sécurisé (Nginx / Let's Encrypt)]].\\
Nécessite également les outils :
sudo apt-get install -y postgresql postgresql-contrib supervisor git
Vous devrez également ajouter le domaine __pad.sleto.net__ dans le [[Serveur DNS (bind9)]]
===== Base de données =====
Nous allons créé une base de donnée PostgreSQL:
sudo -u postgres psql -c "CREATE USER $DBUSER;"
sudo -u postgres psql -c "ALTER USER $DBUSER PASSWORD '$DBPASSWD';"
sudo -u postgres psql -c "CREATE DATABASE $DBNAME OWNER $DBUSER;"
===== Pré-configuration =====
Création d'un utilisateur __etherpad__:
adduser --system --home /opt/etherpad --shell /bin/bash --disabled-password --quiet etherpad
install -d -m 755 -o $DBUSER /opt/etherpad
===== Installation =====
Ecrire le fichier ///tmp/settings.json// (attention de bien remplacer //$DBNAME//, //$DBUSER// et //$DBPASSWD//):
{
"title": "Éditeur text",
"favicon": "favicon.ico",
"ip": "0.0.0.0",
"port" : 9001,
"showSettingsInAdminPage" : true,
"dbType" : "postgres",
"dbSettings" : {
"user" : "$DBUSER",
"host" : "localhost",
"port" : 5432,
"password": "$DBPASSWD",
"database": "$DBNAME",
"charset" : "utf8mb4"
},
"defaultPadText" : "Bienvenu dans l'éditeur de text.",
"padOptions": {
"noColors": false,
"showControls": true,
"showChat": true,
"showLineNumbers": true,
"useMonospaceFont": false,
"userName": false,
"userColor": false,
"rtl": false,
"alwaysShowChat": false,
"chatAndUsers": false,
"lang": "fr-FR"
},
"padShortcutEnabled" : {
"altF9" : true, /* focus on the File Menu and/or editbar */
"altC" : true, /* focus on the Chat window */
"cmdShift2" : true, /* shows a gritter popup showing a line author */
"delete" : true,
"return" : true,
"esc" : true, /* in mozilla versions 14-19 avoid reconnecting pad */
"cmdS" : true, /* save a revision */
"tab" : true, /* indent */
"cmdZ" : true, /* undo/redo */
"cmdY" : true, /* redo */
"cmdI" : true, /* italic */
"cmdB" : true, /* bold */
"cmdU" : true, /* underline */
"cmd5" : true, /* strike through */
"cmdShiftL" : true, /* unordered list */
"cmdShiftN" : true, /* ordered list */
"cmdShift1" : true, /* ordered list */
"cmdShiftC" : true, /* clear authorship */
"cmdH" : true, /* backspace */
"ctrlHome" : true, /* scroll to top of pad */
"pageUp" : true,
"pageDown" : true
},
"suppressErrorsInPadText" : false,
"requireSession" : false,
"editOnly" : true,
"sessionNoPassword" : false,
"minify" : true,
"maxAge" : 21600, // 60 * 60 * 6 = 6 hours
"abiword" : null,
"soffice" : null,
"tidyHtml" : null,
"allowUnknownFileEnds" : true,
"requireAuthentication" : false,
"requireAuthorization" : false,
"trustProxy" : true,
"disableIPlogging" : false,
"automaticReconnectionTimeout" : 0,
"scrollWhenFocusLineIsOutOfViewport": {
"percentage": {
"editionAboveViewport": 0,
"editionBelowViewport": 0
},
"duration": 0,
"scrollWhenCaretIsInTheLastLineOfViewport": false,
"percentageToScrollWhenUserPressesArrowUp": 0
},
"users": {
"admin": {
// "password" can be replaced with "hash" if you install ep_hash_auth
"password": "$DBPASSWD",
"is_admin": true
},
},
"socketTransportProtocols" : ["xhr-polling", "jsonp-polling", "htmlfile"],
"loadTest": false,
"loglevel": "INFO",
"logconfig" :
{ "appenders": [
{ "type": "console"
//, "category": "access"// only logs pad access
},
{ "type": "file"
, "filename": "/var/log/etherpad-lite/etherpad.log"
, "maxLogSize": 1024
, "backups": 3 // how many log files there're gonna be at max
//, "category": "test" // only log a specific category
}
]
} // logconfig
}
Installation de l'outil:
date | base64 > /tmp/APIKEY.txt
su - etherpad <
===== Configuration =====
Créer le fichier de gestion de service ///etc/systemd/system/etherpad.service//:
[Unit]
Description=Etherpad-lite, the collaborative editor.
After=syslog.target
[Service]
Type=simple
User=etherpad
Group=nogroup
WorkingDirectory=/opt/etherpad/etherpad-lite
Environment=NODE_ENV=production
ExecStart=/usr/bin/node /opt/etherpad/etherpad-lite/src/node/server.js
Restart=always
[Install]
WantedBy=multi-user.target
Et l'instruction:
systemctl daemon-reload
systemctl start etherpad.service
systemctl enable etherpad.service
===== Configuration web =====
Créer un fichier ///opt/etherpad/nginx-pad//:
server {
listen 80;
server_name pad.sleto.net;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name pad.sleto.net;
access_log /var/log/nginx/pad.sleto.net.access.log;
error_log /var/log/nginx/pad.sleto.net.error.log;
include /opt/ssl/pad.sleto.net.conf;
location / {
proxy_pass http://localhost:9001;
rewrite /pad(/.*)$ $1 break;
proxy_redirect off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_http_version 1.1;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffers 32 4k;
proxy_intercept_errors on;
}
}
Notons que ///opt/ssl/pad.sleto.net.conf// contiendra les informations relatives aux clefs privé et public HTTPS/SSL (voir [[Serveur web sécurisé (Nginx / Let's Encrypt)]]).
Activer la configuration web par:
ln -sf /opt/$DBUSER/nginx-pad /etc/nginx/sites-enabled
===== Rechargement =====
Pour rafraîchir les services nginx
service nginx restart