One minute
Cryptpad
In 2020, Google and I broke up. DuckDuckGo has long been my search engine of choice, but this year I replaced Gmail with ProtonMail, Google Music died, and I found Cryptpad, a “Zero Knowledge realtime collaborative editor” which provides everything I need from Google Docs (except a backup strategy). With this free, open-source software deployed, I can log current events without fear of surveillance.
Though the project does not officially support Apache, nginx lacks features I require, so I still took the road less traveled. A sample Apache proxy config was simple to find; I was particularly grateful for the hot tip regarding WebSocket traffic:
<VirtualHost *:80>
Servername cryptpad.your-domain.tld
ServerAlias www.cryptpad.your-domain.tld
ProxyPass /cryptpad_websocket ws://127.0.0.1:3000/cryptpad_websocket
ProxyPassReverse /cryptpad_websocket ws://127.0.0.1:3000/cryptpad_websocket
ProxyPass / http://127.0.0.1:3000/
ProxyPassReverse / http://127.0.0.1:3000/
</VirtualHost>
Though I didn’t explore the alternatives thoroughly, hosting the service in a separate vhost seems much
simpler than hosting in a subdirectory. The modules that service these proxy rules weren’t all enabled by
default; running sudo a2enmod proxy && sudo a2enmod proxy_http && sudo a2enmod
proxy_wstunnel
brought up the requisite bits of code.
A systemd service descriptor which launches Cryptpad on boot is available in the source tree.