From 83631bef99af335d56d3d1eb0c2cf8ca04f5c22f Mon Sep 17 00:00:00 2001
From: meaz <meaz@no-reply@disroot.org>
Date: Tue, 27 Jun 2023 18:46:27 +0000
Subject: [PATCH] v1.9.0 (#10)

Co-authored-by: meaz <meaz@disroot.org>
Reviewed-on: https://git.disroot.org/Disroot-Ansible/etherpad/pulls/10
Reviewed-by: muppeth <muppeth@no-reply@disroot.org>
---
 defaults/main.yml                             |  6 ++-
 tasks/git.yml                                 |  8 +++
 tasks/main.yml                                |  6 +--
 .../var/www/etherpad-lite/settings.json.j2    | 51 +++++++++++++++++--
 4 files changed, 61 insertions(+), 10 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index e961583..3ff443b 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,6 +1,6 @@
 ---
 
-etherpad_version: '1.8.18'
+etherpad_version: '1.9.1'
 etherpad_skin: 'colibris'
 etherpad_skinVariants: 'super-light-toolbar super-light-editor light-background'
 etherpad_username: 'etherpad'
@@ -34,6 +34,8 @@ etherpad_abiword: '/usr/bin/abiword'
 etherpad_auth: 'false'
 etherpad_authorization: 'false'
 etherpad_proxy: 'false'
+etherpad_sessionLifetime: '864000000' #10d
+etherpad_sessionRefreshInterval: '86400000' #1d
 etherpad_ip_logging: 'false'
 etherpad_maxHttpBufferSize: '10000'
 etherpad_enableAdminUITests: 'false'
@@ -48,7 +50,7 @@ etherpad_smtp_host: 'localhost'
 etherpad_smtp_port: '587'
 etherpad_smtp_user: 'support'
 etherpad_smtp_pass: 'changeme'
-etherpad_nodejs_version: '14'
+etherpad_nodejs_version: '16'
 etherpad_apt:
   - curl
   - nodejs
diff --git a/tasks/git.yml b/tasks/git.yml
index c463422..2f06330 100644
--- a/tasks/git.yml
+++ b/tasks/git.yml
@@ -1,5 +1,13 @@
 ---
 
+- name: '[GIT] - Create directory'
+  file:
+    path: "/var/www/"
+    state: directory
+    owner: "{{ etherpad_username }}"
+    group: "{{ etherpad_group }}"
+    mode: 0755
+
 - name: '[GIT] - Deploy source'
   git:
     repo: https://github.com/ether/etherpad-lite.git
diff --git a/tasks/main.yml b/tasks/main.yml
index 210a896..b233486 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -3,12 +3,12 @@
 - name: Install dependencies
   include_tasks: installdeps.yml
 
-- name: Clone / Update GIT
-  include_tasks: git.yml
-
 - name: Add user
   include_tasks: user.yml
 
+- name: Clone / Update GIT
+  include_tasks: git.yml
+
 - name: Deploy configuration
   include_tasks: configure.yml
 
diff --git a/templates/var/www/etherpad-lite/settings.json.j2 b/templates/var/www/etherpad-lite/settings.json.j2
index 3d66218..7847f69 100644
--- a/templates/var/www/etherpad-lite/settings.json.j2
+++ b/templates/var/www/etherpad-lite/settings.json.j2
@@ -234,8 +234,8 @@
     "showChat":         true,
     "showLineNumbers":  true,
     "useMonospaceFont": false,
-    "userName":         false,
-    "userColor":        false,
+    "userName":         null,
+    "userColor":        null,
     "rtl":              false,
     "alwaysShowChat":   false,
     "chatAndUsers":     false,
@@ -374,7 +374,49 @@
      * significant usability drawbacks vs. "Lax". See
      * https://stackoverflow.com/q/41841880 for discussion.
      */
-    "sameSite": "Lax"
+    "sameSite": "Lax",
+
+    /*
+     * How long (in milliseconds) after navigating away from Etherpad before the
+     * user is required to log in again. (The express_sid cookie is set to
+     * expire at time now + sessionLifetime when first created, and its
+     * expiration time is periodically refreshed to a new now + sessionLifetime
+     * value.) If requireAuthentication is false then this value does not really
+     * matter.
+     *
+     * The "best" value depends on your users' usage patterns and the amount of
+     * convenience you desire. A long lifetime is more convenient (users won't
+     * have to log back in as often) but has some drawbacks:
+     *   - It increases the amount of state kept in the database.
+     *   - It might weaken security somewhat: The cookie expiration is refreshed
+     *     indefinitely without consulting authentication or authorization
+     *     hooks, so once a user has accessed a pad, the user can continue to
+     *     use the pad until the user leaves for longer than sessionLifetime.
+     *
+     * Session lifetime can be set to infinity (not recommended) by setting this
+     * to null or 0. Note that if the session does not expire, most browsers
+     * will delete the cookie when the browser exits, but a session record is
+     * kept in the database forever.
+     */
+    "sessionLifetime": {{ etherpad_sessionLifetime }}, // = 10d * 24h/d * 60m/h * 60s/m * 1000ms/s
+
+    /*
+     * How long (in milliseconds) before the expiration time of an active user's
+     * session is refreshed (to now + sessionLifetime). This setting affects the
+     * following:
+     *   - How often a new session expiration time will be written to the
+     *     database.
+     *   - How often each user's browser will ping the Etherpad server to
+     *     refresh the expiration time of the session cookie.
+     *
+     * High values reduce the load on the database and the load from browsers,
+     * but can shorten the effective session lifetime if Etherpad is restarted
+     * or the user navigates away.
+     *
+     * Automatic session refreshes can be disabled (not recommended) by setting
+     * this to null.
+     */
+    "sessionRefreshInterval": {{ etherpad_sessionRefreshInterval }} // = 1d * 24h/d * 60m/h * 60s/m * 1000ms/s
   },
 
   /*
@@ -560,11 +602,10 @@
     // duration of the rate limit window (seconds)
     "duration": {{ etherpad_ratelimit_duration }},
 
-    // maximum number of chanes per IP to allow during the rate limit window
+    // maximum number of changes per IP to allow during the rate limit window
     "points": {{ etherpad_ratelimit_points }}
   },
 
-
   /*
    * Toolbar buttons configuration.
    *