From 10c3a7660ab11de3c5fc7d2e91597ec93f2878f3 Mon Sep 17 00:00:00 2001
From: muppeth <muppeth@disroot.org>
Date: Tue, 9 Jul 2024 20:17:33 +0200
Subject: [PATCH] added npm to apt list and Update to 2024.3.1 (#25)

Co-authored-by: meaz <meaz@disroot.org>
Reviewed-on: https://git.disroot.org/Disroot-Ansible/cryptpad/pulls/25
Reviewed-by: meaz <meaz@no-reply@disroot.org>
Co-authored-by: muppeth <muppeth@disroot.org>
Co-committed-by: muppeth <muppeth@disroot.org>
---
 Playbooks/cryptpad.yml        |  1 +
 README.md                     |  2 +-
 defaults/main.yml             | 11 +++++++----
 tasks/config.yml              |  2 +-
 tasks/install.yml             | 16 +++++++++++++---
 tasks/installdeps.yml         | 10 ----------
 tasks/update.yml              |  9 +++++++++
 templates/config/config.js.j2 | 25 ++++++++++++++++++++++---
 8 files changed, 54 insertions(+), 22 deletions(-)

diff --git a/Playbooks/cryptpad.yml b/Playbooks/cryptpad.yml
index e953ace..b6423a7 100644
--- a/Playbooks/cryptpad.yml
+++ b/Playbooks/cryptpad.yml
@@ -3,6 +3,7 @@
 - hosts: cryptpad
   roles:
     - nginx
+    - node
     - cryptpad
 
   vars_files:
diff --git a/README.md b/README.md
index 063ad2c..99e0cf2 100644
--- a/README.md
+++ b/README.md
@@ -16,7 +16,7 @@ You can also add/edit files in the `customize` folder as explained on https://do
 
 
 ## Playbook
-The playbook includes nginx role and deploys entire stack needed to run Cryptpad. Additional role is also available in the Ansible roles repos in git.
+The playbook includes nginx and node roles and deploys entire stack needed to run Cryptpad. Additional roles are also available in the Ansible roles repos in git.
 
 
 ## CHANGELOG
diff --git a/defaults/main.yml b/defaults/main.yml
index 68a530a..d162aa2 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -6,11 +6,13 @@ cryptpad_user: 'cryptpad'
 cryptpad_group: 'cryptpad'
 cryptpad_pkg:
    - git
-   - nodejs
-cryptpad_node_version: '16'
+   - rdfind # needed by install-onlyoffice.sh to save ~650MB of disk space
+
+# Nodejs
+node_version: '16'
 
 cryptpad_path: '/var/www/cryptpad'
-cryptpad_version: "5.7.0"
+cryptpad_version: "2024.3.1"
 
 # Config.js
 cryptpad_httpUnsafeOrigin: "https://cryptpad.example.org"
@@ -20,6 +22,7 @@ cryptpad_httpPort: "3000"
 cryptpad_httpSafePort: "3001"
 cryptpad_websocketPort: "3003"
 cryptpad_maxWorkers: "4"
+cryptpad_logIP: "false"
 cryptpad_adminKeys: 
    - "[cryptpad-user1@my.awesome.website/eglegkejfizu#otoUFng55s64Are856URjvAHGGv-89=]"
    - "[cryptpad-user2@my.awesome.website/jA-9c5iNuG7SyxzGCjwJXVnk5NPfAOO8fQuQ0dC83RE=]"
@@ -82,4 +85,4 @@ nginx_vhosts:
   letsencrypt: 'false'
   selfsigned: 'true'
   ssl_name: 'cryptpad.example.org'
-  proxy_pass: 'localhost'
\ No newline at end of file
+  proxy_pass: 'localhost'
diff --git a/tasks/config.yml b/tasks/config.yml
index ce59706..f4763c6 100644
--- a/tasks/config.yml
+++ b/tasks/config.yml
@@ -62,4 +62,4 @@
     owner: "{{ cryptpad_user }}"
     group: "{{ cryptpad_group }}"
   become: yes
-  become_user: "{{ cryptpad_user }}"
\ No newline at end of file
+  become_user: "{{ cryptpad_user }}"
diff --git a/tasks/install.yml b/tasks/install.yml
index 9bb0e04..4da9fe7 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -1,6 +1,6 @@
 ---
 
-- name: "[Update] - Download all dependencies"
+- name: "[Install] - Download all dependencies"
   shell:
     cmd: "npm install"
   args:
@@ -9,11 +9,21 @@
   become_user: "{{ cryptpad_user }}"
   notify: restart cryptpad
 
-- name: "[Update] - Copy client-side dependencies"
+- name: "[Install] - Copy client-side dependencies"
   shell:
     cmd: "npm run install:components"
   args:
     chdir: "{{ cryptpad_path }}"
   become: yes
   become_user: "{{ cryptpad_user }}"
-  notify: restart cryptpad
\ No newline at end of file
+  notify: restart cryptpad
+
+- name: "[Install] - Install onlyoffice"
+  shell:
+    cmd: "./install-onlyoffice.sh --accept-license"
+  args:
+    chdir: "{{ cryptpad_path }}"
+  become: yes
+  become_user: "{{ cryptpad_user }}"
+  notify: restart cryptpad
+          
\ No newline at end of file
diff --git a/tasks/installdeps.yml b/tasks/installdeps.yml
index 9d683b4..d5d95a9 100644
--- a/tasks/installdeps.yml
+++ b/tasks/installdeps.yml
@@ -1,15 +1,5 @@
 ---
 
-- name: "[Dependencies] -  Add nodejs apt key"
-  apt_key:
-    url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
-    state: present
-
-- name: "[Dependencies] - Add nodejs source"
-  apt_repository:
-    repo: "deb https://deb.nodesource.com/node_{{ cryptpad_node_version }}.x {{ ansible_distribution_release }} main"
-    update_cache: yes
-
 - name: "[Dependencies] - Install Dependencies"
   apt:
     name: "{{ cryptpad_pkg }}"
diff --git a/tasks/update.yml b/tasks/update.yml
index 0fadd23..e925a3e 100644
--- a/tasks/update.yml
+++ b/tasks/update.yml
@@ -23,6 +23,15 @@
   become_user: "{{ cryptpad_user }}"
   notify: restart cryptpad
 
+- name: "[Update] - Install onlyoffice"
+  shell:
+    cmd: "./install-onlyoffice.sh --accept-license"
+  args:
+    chdir: "{{ cryptpad_path }}"
+  become: yes
+  become_user: "{{ cryptpad_user }}"
+  notify: restart cryptpad
+
 - name: "[Update] - Generate static pages"
   shell:
     cmd: "npm run build"
diff --git a/templates/config/config.js.j2 b/templates/config/config.js.j2
index b63cd0c..a10a675 100644
--- a/templates/config/config.js.j2
+++ b/templates/config/config.js.j2
@@ -1,3 +1,7 @@
+// SPDX-FileCopyrightText: 2023 XWiki CryptPad Team <contact@cryptpad.org> and contributors
+//
+// SPDX-License-Identifier: AGPL-3.0-or-later
+
 /* globals module */
 
 /*  DISCLAIMER:
@@ -70,9 +74,9 @@ module.exports = {
     httpSafeOrigin: "{{ cryptpad_httpSafeOrigin }}",
 
 /*  httpAddress specifies the address on which the nodejs server
- *  should be accessible. By default it will listen on 127.0.0.1
- *  (IPv4 localhost on most systems). If you want it to listen on
- *  all addresses, including IPv6, set this to '::'.
+ *  should be accessible. By default it will listen on localhost
+ *  (IPv4 & IPv6 if enabled). If you want it to listen on
+ *  a specific address, specify it here. e.g '192.168.0.1'
  *
  */
     httpAddress: '{{ cryptpad_httpAddress }}',
@@ -135,6 +139,21 @@ module.exports = {
      */
     enforceMFA: {{ cryptpad_enforceMFA }},
 
+    /* =====================
+     *       Privacy
+     * ===================== */
+
+    /*  Depending on where your instance is hosted, you may be required to log IP
+     *  addresses of the users who make a change to a document. This setting allows you
+     *  to do so. You can configure the logging system below in this config file.
+     *  Setting this value to true will include a log for each websocket connection
+     *  including this connection's unique ID, the user public key and the IP.
+     *  NOTE: this option requires a log level of "info" or below.
+     *
+     *  defaults to false
+     */
+    //logIP: {{ cryptpad_logIP }},
+
     /* =====================
      *         Admin
      * ===================== */