Cryptpad
Collaborative office suite that is end-to-end encrypted and open-source.
Declared in: projects/Cryptpad/default.nix
Try the service in a VM
-
Install Nix
- Bash
-
$ apt install --yes curl git jq nix
- Bash
-
$ apt install --yes curl git jq nix
- Bash
-
$ pacman --sync --refresh --noconfirm curl git jq nix
-
Download a configuration file
# default.nix { ngipkgs ? import (fetchTarball "https://github.com/ngi-nix/ngipkgs/tarball/main") { }, }: ngipkgs.demo-vm ( { config, ... }: { services.cryptpad = { enable = true; openPorts = true; settings = { httpPort = 9000; httpAddress = "0.0.0.0"; httpUnsafeOrigin = "http://localhost:${toString config.services.cryptpad.settings.httpPort}"; httpSafeOrigin = "http://localhost:${toString config.services.cryptpad.settings.httpPort}"; }; }; } )
-
Enable binary substituters
- Bash
-
$ export NIX_CONFIG='substituters = https://cache.nixos.org/ https://ngi.cachix.org/ trusted-public-keys = cache.nixos.org-1:6nchdd59x431o0gwypbmraurkbj16zpmqfgspcdshjy= ngi.cachix.org-1:n+cal72roc3qqulxihpv+tw5t42whxmmhpragkrsrow='
-
Build and run a virtual machine
- Bash
-
$ nix-build ./default.nix && ./result
- Bash
-
$ nix-build ./default.nix && ./result
- Bash
-
$ rev=$(nix-instantiate --eval --attr sources.nixpkgs.rev https://github.com/ngi-nix/ngipkgs/archive/master.tar.gz | jq --raw-output)$ nix-shell -I nixpkgs=https://github.com/NixOS/nixpkgs/archive/$rev.tar.gz --packages nix --run "nix-build ./default.nix && ./result"
- Bash
-
$ nix-build ./default.nix && ./result
- Missing Contribute usage instructions.
Options
services.cryptpad
-
Configure Nginx as a reverse proxy for Cryptpad. Note that this makes some assumptions on your setup, and sets settings that will affect other virtualHosts running on your Nginx instance, if any. Alternatively you can configure a reverse-proxy of your choice.
- Type:
boolean- Default:
false- Declared in:
- nixos/modules/services/web-apps/cryptpad.nix
-
Whether to enable cryptpad.
- Type:
boolean- Default:
false- Declared in:
- nixos/modules/services/web-apps/cryptpad.nix
-
Whether to open the port specified in
settings.httpPortin the firewall.- Type:
boolean- Default:
false- Declared in:
- projects/Cryptpad/module.nix
-
The cryptpad package to use.
- Type:
package- Default:
pkgs.cryptpad- Declared in:
- nixos/modules/services/web-apps/cryptpad.nix
- Notes:
- Missing update script An update script is required for automatically tracking the latest release.
-
Cryptpad configuration settings. See https://github.com/cryptpad/cryptpad/blob/main/config/config.example.js for a more extensive reference documentation. Test your deployed instance through
https://<domain>/checkup/.- Type:
open submodule of (JSON value)- Declared in:
- nixos/modules/services/web-apps/cryptpad.nix
-
List of public signing keys of users that can access the admin panel
- Type:
list of string- Default:
[ ]- Declared in:
- nixos/modules/services/web-apps/cryptpad.nix
-
Disable telemetry. This setting is only effective if the 'Disable server telemetry' setting in the admin menu has been untouched, and will be ignored by cryptpad once that option is set either way. Note that due to the service confinement, just enabling the option in the admin menu will not be able to resolve DNS and fail; this setting must be set as well.
- Type:
boolean- Default:
true- Declared in:
- nixos/modules/services/web-apps/cryptpad.nix
-
Address on which the Node.js server should listen
- Type:
string- Default:
"127.0.0.1"- Declared in:
- nixos/modules/services/web-apps/cryptpad.nix
-
Port on which the Node.js server should listen
- Type:
16 bit unsigned integer; between 0 and 65535 (both inclusive)- Default:
3000- Declared in:
- nixos/modules/services/web-apps/cryptpad.nix
-
Cryptpad sandbox URL
- Type:
null or string- Declared in:
- nixos/modules/services/web-apps/cryptpad.nix
-
This is the URL that users will enter to load your instance
- Type:
string- Default:
""- Declared in:
- nixos/modules/services/web-apps/cryptpad.nix
-
Install method is listed in telemetry if you agree to it through the consentToContact setting in the admin panel.
- Type:
string- Default:
"nixos"- Declared in:
- nixos/modules/services/web-apps/cryptpad.nix
-
Controls log level
- Type:
string- Default:
"info"- Declared in:
- nixos/modules/services/web-apps/cryptpad.nix
-
Controls whether log output should go to stdout of the systemd service
- Type:
boolean- Default:
true- Declared in:
- nixos/modules/services/web-apps/cryptpad.nix
-
Number of child processes, defaults to number of cores available
- Type:
null or signed integer- Default:
null- Declared in:
- nixos/modules/services/web-apps/cryptpad.nix
-
Port for the websocket that needs to be separate
- Type:
16 bit unsigned integer; between 0 and 65535 (both inclusive)- Default:
3003- Declared in:
- nixos/modules/services/web-apps/cryptpad.nix
services.cryptpad.configureNginx
services.cryptpad.enable
services.cryptpad.openPorts
services.cryptpad.package
services.cryptpad.settings
services.cryptpad.settings.adminKeys
services.cryptpad.settings.blockDailyCheck
services.cryptpad.settings.httpAddress
services.cryptpad.settings.httpPort
services.cryptpad.settings.httpSafeOrigin
services.cryptpad.settings.httpUnsafeOrigin
services.cryptpad.settings.installMethod
services.cryptpad.settings.logLevel
services.cryptpad.settings.logToStdout
services.cryptpad.settings.maxWorkers
services.cryptpad.settings.websocketPort
Examples
Enable Cryptpad
{ config, ... }: { services.cryptpad = { enable = true; openPorts = true; settings = { httpPort = 9000; httpAddress = "0.0.0.0"; httpUnsafeOrigin = "http://localhost:${toString config.services.cryptpad.settings.httpPort}"; httpSafeOrigin = "http://localhost:${toString config.services.cryptpad.settings.httpPort}"; }; }; }
Declared in: projects/Cryptpad/demo.nix
This project is funded by NLnet through these subgrants:
- Entrust
- CryptPad-Blueprints
- Review
- Cryptpad
- CryptPad-Auth
- Cryptpad-Directory
- Cryptpad-Communities
- CryptPad-QA
- CryptPad-WCAG
- CryptPadForms