libresign
libresign copied to clipboard
LibreSign
✍️ Nextcloud app to sign PDF documents
Nextcloud app to sign PDF documents.
Table of contents
- Releases compatibility
- Setup
- Java and JSignPDF
- Standalone
- Using Docker
- CFSSL
- CFSS server handmade install
- With docker-compose
- Admin settings
- Validation page
- Java and JSignPDF
- Integrations
- Full documentation
- Contributing
Releases compatibility
| LibreSign | Nextcloud | JSignPDF |
|---|---|---|
| 6.x | 25 | 2.1.0 |
| 5.x | 24 | 2.1.0 |
| 4.x | 23 | 2.1.0 |
| 3.x | 22 | 2.1.0 |
| 2 | 22 | 1.6.5 |
Setup
Java and JSignPDF
Standalone
Run commands:
occ libresign:install --all
occ libresign:configure:cfssl --cn=<yourCN> --ou=<yourOU> --o=<yourO> --c=<yourCountry>
Using Docker
Add the follow to Nextcloud PHP container Dockerfile
# Install Java and JsignPDF
RUN apt-get update # Only include this line if necessary
RUN mkdir -p /usr/share/man/man1
RUN apt-get install -y default-jre unzip
RUN curl -OL https://sourceforge.net/projects/jsignpdf/files/stable/JSignPdf%202.1.0/jsignpdf-2.1.0.zip \
&& unzip jsignpdf-2.1.0.zip -d /opt \
&& rm jsignpdf-2.1.0.zip
CFSSL
CFSS server handmade install
Don't is necessary if you use a docker setup or if you did the standalone setup
Up a cfssl server using this code:
https://github.com/cloudflare/cfssl
The URL of server you will use in Admin settings
PS: Use latest version, on many cases the version of package manage of linux distro is outdated and incompatible with LibreSign
With docker-compose
- Create a folder named cfssl in the same folder as your
docker-compose.ymlfile. This folder will be used on one volume of the cfssl service. - put the file
/cfssl/entrypoint.shincfsslfolder - Add the volume
./cfssl:/cfsslin Nextcloud php service - Create a new server using the following code in your
docker-compose.ymlfile:
cfssl:
image: cfssl/cfssl
volumes:
- ./cfssl:/cfssl
working_dir: /cfssl
entrypoint: /bin/bash
command:
- /cfssl/entrypoint.sh
Admin settings
Don't is necessary if you did the standalone setup
Go to Settings > LibreSign and fill the necessary values for root certificate:
CN: CommonName
OU: OrganizationalUnit
O: Organization
C: CountryName
API: http://cfssl:8888/api/v1/cfssl/
Config path: /cfssl/
Go to Settings > Basic Settings and configure email settings. Is mandatory.
Validation page
The validation can be done on a page without access restriction informing the file UUID or the file to be validated.
| Route | Description |
|---|---|
| /apps/libresign/validation | Document validation home page. On this page it is possible to send a binary or enter a file UUID for validation. |
| /apps/libresign/validation/ |
Enter the UUID of the file in the URL and go straight to the page informing the signature data. |
To have a short URL at the bottom of the document, you can add these directives to your Nginx. Replace domains with those for your application.
server {
listen 80;
server_name validate.yourdomain.coop;
location ~ "\/(?<uuid>[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12})" {
rewrite ^ $scheme://cloud.yourdomain.coop/apps/libresign/validation/$uuid;
}
location ~ / {
return 301 $scheme://cloud.yourdomain.coop/apps/libresign/validation;
}
}
With this configuration when accessing validate.yourdomain.coop/b9809a7e-ab6e-11eb-bcbc-0242ac130002 you will be redirected to cloud.yourdomain.coop/apps/libresign/validation/b9809a7e-ab6e-11eb-bcbc-0242ac130002
Integrations
- GLPI: Plugin to sign GLPI tickets
- Approval: Approve/reject files based on workflows defined by admins
Full documentation
Contributing
here
LibreSign