In 2020, Google and I broke up. DuckDuckGo has long been my search engine of choice, but this year I replaced Gmail with ProtonMail, Google Music died, and I found Cryptpad, a “Zero Knowledge realtime collaborative editor” which provides everything I need from Google Docs (except a backup strategy). With this free, open-source software deployed, I can log current events without fear of surveillance.
Though the project does not officially support Apache, nginx lacks features I require, so I still took the road less traveled. A sample Apache proxy config was simple to find; I was particularly grateful for the hot tip regarding WebSocket traffic:
<VirtualHost *:80> Servername cryptpad.your-domain.tld ServerAlias www.cryptpad.your-domain.tld ProxyPass /cryptpad_websocket ws://127.0.0.1:3000/cryptpad_websocket ProxyPassReverse /cryptpad_websocket ws://127.0.0.1:3000/cryptpad_websocket ProxyPass / http://127.0.0.1:3000/ ProxyPassReverse / http://127.0.0.1:3000/ </VirtualHost>
Though I didn’t explore the alternatives thoroughly, hosting the service in a separate vhost seems much
simpler than hosting in a subdirectory. The modules that service these proxy rules weren’t all enabled by
sudo a2enmod proxy && sudo a2enmod proxy_http && sudo a2enmod
proxy_wstunnel brought up the requisite bits of code.
A systemd service descriptor which launches Cryptpad on boot is available in the source tree.