From d8c18d0937a27caf15bb2db1cdc3e80a5b5abd97 Mon Sep 17 00:00:00 2001
From: felixboehm <felix@owncloud.com>
Date: Thu, 29 Dec 2016 22:02:03 +0100
Subject: [PATCH 1/2] adding docker and docker-compose

---
 .dockerignore      |  5 ++++
 .env               |  4 +++
 .gitignore         |  1 +
 Dockerfile         | 43 +++++++++++++++++++++++++++++
 container-start.sh | 23 ++++++++++++++++
 cryptpad-docker.md | 69 ++++++++++++++++++++++++++++++++++++++++++++++
 docker-compose.yml | 23 ++++++++++++++++
 readme.md          |  4 +++
 8 files changed, 172 insertions(+)
 create mode 100644 .dockerignore
 create mode 100644 .env
 create mode 100644 Dockerfile
 create mode 100644 container-start.sh
 create mode 100644 cryptpad-docker.md
 create mode 100644 docker-compose.yml

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 000000000..880c21fe3
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,5 @@
+data
+Dockerfile
+docker-compose.yml
+.git
+.gitignore
\ No newline at end of file
diff --git a/.env b/.env
new file mode 100644
index 000000000..95961b566
--- /dev/null
+++ b/.env
@@ -0,0 +1,4 @@
+VERSION=latest
+USE_SSL=true
+STORAGE='./storage/file'
+LOG_TO_STDOUT=true
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
index 354096b87..a251b70b3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,3 +8,4 @@ customization
 /customize/
 messages.log
 .DS_Store
+data
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 000000000..99b915055
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,43 @@
+FROM ubuntu:16.04
+
+RUN apt-get update && apt-get install -y \
+  vim \
+  wget \
+  git \
+  curl \
+  npm \
+  nodejs-legacy
+
+ARG VERSION=0.3.0
+
+# Download stable version
+# RUN wget https://github.com/xwiki-labs/cryptpad/archive /${VERSION}.tar.gz -O /cryptpad.tar.gz \
+#   && mkdir -p /cryptpad \
+#   && tar -xzf /cryptpad.tar.gz -C /cryptpad --strip-components=1 \
+#   && rm /cryptpad.tar.gz
+
+# Download from github
+# RUN git clone https://github.com/xwiki-labs/cryptpad.git
+
+# Add code directly
+ADD . /cryptpad
+
+WORKDIR /cryptpad
+
+RUN npm install \
+   && npm install -g bower \
+   && bower install --allow-root
+
+ADD container-start.sh /container-start.sh
+RUN chmod u+x /container-start.sh
+
+EXPOSE 3000
+
+VOLUME /cryptpad/datastore
+VOLUME /cryptpad/customize
+
+ENV USE_SSL=false
+ENV STORAGE='./storage/file'
+ENV LOG_TO_STDOUT=true
+
+CMD /container-start.sh
\ No newline at end of file
diff --git a/container-start.sh b/container-start.sh
new file mode 100644
index 000000000..db0bb924a
--- /dev/null
+++ b/container-start.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+
+# Creating customize folder
+mkdir -p customize
+[[ ! "$(ls -A customize)" ]] && echo "Creating customize folder" \
+  && cp -R customize.dist/* customize/ \
+  && cp config.js.dist customize/config.js
+
+# Linking config.js 
+[[ ! -h config.js ]] && echo "Linking config.js" && ln -s customize/config.js config.js
+
+# Configure 
+[[ -n "$USE_SSL" ]] && echo "Using secure websockets: $USE_SSL" \
+  && sed -i "s/useSecureWebsockets: .*/useSecureWebsockets: ${USE_SSL},/g" customize/config.js
+
+[[ -n "$USE_SSL" ]] && echo "Using storage adapter: $STORAGE" \
+  && sed -i "s/storage: .*/storage: ${STORAGE},/g" customize/config.js
+
+[[ -n "$LOG_TO_STDOUT" ]] && echo "Logging to stdout: $LOG_TO_STDOUT" \
+  && sed -i "s/logToStdout: .*/logToStdout: ${LOG_TO_STDOUT},/g" customize/config.js
+
+
+exec node ./server.js
\ No newline at end of file
diff --git a/cryptpad-docker.md b/cryptpad-docker.md
new file mode 100644
index 000000000..1beb2412d
--- /dev/null
+++ b/cryptpad-docker.md
@@ -0,0 +1,69 @@
+# Cryptpad Docker Image
+
+- Configuration via .env file
+- Ready for use with traffic
+- Using github master for now, release 0.3.0 too old
+- Creating customize folder
+- Adding config.js to customize folder
+- Persistance for datastore and customize folder
+
+## TODO
+
+```
+cryptpad_1  | Linking config.js
+cryptpad_1  | Using secure websockets: true
+cryptpad_1  | Using storage adapter: './storage/file'
+cryptpad_1  | sed: -e expression #1, char 27: unknown option to `s'
+```
+
+## Configuration
+
+Set configurations Dockerfile or in .env (using docker-compose) file.
+
+- VERSION=latest
+- USE_SSL=false
+- STORAGE='./storage/file'
+- LOG_TO_STDOUT=true
+
+The .env variables are read by docker-compose and forwarded to docker container.
+On runtime, in `bin/container-start.sh` the settings are written to the `config.js` file.
+
+## Run
+
+With docker
+
+```
+docker build -t xwiki/cryptpad .
+docker -d --name cryptpad -p 3000:3000 -v ${PWD}/data:/cryptpad/datastore xwiki/cryptpad
+```
+
+With docker-compose
+
+```
+docker-compose up -d
+```
+
+
+## Persistance
+
+The docker-compose file is preconfigured to persist folders
+
+- cryptpad/datastore --> ./data/customize
+- cryptpad/customize --> ./data/customize
+
+In customize included find your configuration in `config.js`.
+
+The data folder is ignored by git, so if you want to add your customizations to git versioning change the volume:
+
+```
+./customize:/cryptpad/customize:rw
+```
+
+## SSL Proxy
+
+The [traefik](https://traefik.io/) proxy has builtin Let'sEncrypt for easy SSL setup.
+In the docker-compose file you can find preset lables for usage with traefik.
+
+[Traefik Docker Image](https://hub.docker.com/_/traefik/)
+
+Alternativly just use plain old nginx.
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 000000000..22cc3d59e
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,23 @@
+version: '2'
+services:
+
+  cryptpad:
+    build:
+      context: .
+      args:
+        - VERSION=${VERSION}
+    image: "xwiki/cryptpad:${VERSION}"
+    hostname: cryptpad
+
+    labels:
+      - traefik.port=3000
+      - traefik.frontend.passHostHeader=true
+    environment:
+      - USE_SSL=${USE_SSL}
+      - STORAGE=${STORAGE}
+      - LOG_TO_STDOUT=${LOG_TO_STDOUT}
+
+    restart: always
+    volumes:
+      - ./data/files:/cryptpad/datastore:rw
+      - ./data/customize:/cryptpad/customize:rw
diff --git a/readme.md b/readme.md
index e2dab9d9c..083d44431 100644
--- a/readme.md
+++ b/readme.md
@@ -82,6 +82,10 @@ To test CryptPad, go to http://your.server:3000/assert/
 You can use WebDriver to run this test automatically by running TestSelenium.js but you will need chromedriver installed.
 If you use Mac, you can `brew install chromedriver`.
 
+# Setup using Docker
+
+See [Cryptpad-Docker](cryptpad-docker.md)
+
 ## Security
 
 CryptPad is *private*, not *anonymous*. Privacy protects your data, anonymity protects you.

From 7c0df5aed9ad8b92bd5d093e9194681cfa7f6b21 Mon Sep 17 00:00:00 2001
From: felixboehm <felix@webhippie.de>
Date: Mon, 2 Jan 2017 11:54:50 +0100
Subject: [PATCH 2/2] use wss if useSecureWebsockets is true

There are no certs / httpOtps set if proxy doing ssl offloading.
Better use useSecureWebsockets from config file.
---
 server.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/server.js b/server.js
index f24117bd1..31d536de8 100644
--- a/server.js
+++ b/server.js
@@ -11,6 +11,7 @@ var WebRTCSrv = require('./WebRTCSrv');
 
 var config = require('./config');
 var websocketPort = config.websocketPort || config.httpPort;
+var useSecureWebsockets = config.useSecureWebsockets || false;
 
 // support multiple storage back ends
 var Storage = require(config.storage||'./storage/file');
@@ -80,7 +81,7 @@ app.get('/api/config', function(req, res){
     res.setHeader('Content-Type', 'text/javascript');
     res.send('define(' + JSON.stringify({
         websocketPath: config.websocketPath,
-        websocketURL:'ws' + ((httpsOpts) ? 's' : '') + '://' + host + ':' +
+        websocketURL:'ws' + ((useSecureWebsockets) ? 's' : '') + '://' + host + ':' +
             websocketPort + '/cryptpad_websocket',
     }) + ');');
 });