recipe-maintainers/cryptpad
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2a9f1ed51a33d65dfd8ea29ed94959f3f544a221
cryptpad/README.md
notplants d3b1bb4f29 split sso compose into two compose
2026-03-01 19:47:47 -05:00

70 lines
2.5 KiB
Markdown
Raw Blame History

# cryptpad
[![Build Status](https://build.coopcloud.tech/api/badges/coop-cloud/cryptpad/status.svg)](https://build.coopcloud.tech/coop-cloud/cryptpad)
<!-- metadata -->
* **Category**: Apps
* **Status**: 3
* **Image**: cryptpad/cryptpad
* **Healthcheck**: Yes
* **Backups**: Yes
* **Email**: No
* **Tests**: No
* **SSO**: Yes
<!-- endmetadata -->
## Basic usage
1. Set up Docker Swarm and [`abra`]
2. Deploy [`coop-cloud/traefik`]
3. `abra app new cryptpad --secrets` (optionally with `--pass` if you'd like
to save secrets in `pass`)
4. `abra app config YOURAPPDOMAIN` - be sure to change `$DOMAIN` to something that resolves to
your Docker swarm box
5. `abra app deploy YOURAPPDOMAIN`
6. Open the configured domain in your browser to finish set-up
At this point, anyone with this domain can register new users with this cryptpad instance.
After you have registered a first user, here is how you can make this user into an admin.
After logging in as your user, go to: https://cryptpad.cctest.autonomic.zone/profile/
Click "Copy Public Key". This will copy your public key into your clipboard.
Then run `abra app config YOURAPPDOMAIN` and set the value of CRYPTPAD_ADMIN_KEYS
to include your public key. The example in .env.sample shows the required format.
Then redeploy with `abra app deploy YOURAPPDOMAIN --force`.
Now when you login as your user, and visit https://cryptpad.cctest.autonomic.zone/admin/,
you should be able to access the admin interface for this cryptpad instance.
## SSO
SSO support is provided by `compose.sso.yml`. To enable it, add the SSO compose file and set the SSO variables in your app config:
```
COMPOSE_FILE="compose.yml:compose.sso.yml"
SSO_ENABLED=true
```
On the next deploy, the [CryptPad SSO plugin](https://github.com/cryptpad/sso) will be installed automatically.
You also need to configure the remaining SSO environment variables for your OIDC provider:
- `SSO_PROVIDER_NAME` — display name shown on the login button (e.g. `Keycloak`, `Authentik`)
- `SSO_OIDC_URL` — OIDC discovery URL for your provider
- `SSO_CLIENT_ID` — OAuth2 client ID
- `SSO_JWT_ALG` — JWT signing algorithm (e.g. `RS256`)
The client secret is stored as a Docker secret. Insert it with:
```
abra app secret insert YOURAPPDOMAIN sso_client_s v1 YOUR_CLIENT_SECRET
```
Then deploy (or redeploy) to apply: `abra app deploy YOURAPPDOMAIN --force`.
[`abra`]: https://git.coopcloud.tech/coop-cloud/abra
[`coop-cloud/traefik`]: https://git.coopcloud.tech/coop-cloud/traefik
Reference in New Issue View Git Blame Copy Permalink