lab icon indicating copy to clipboard operation
lab copied to clipboard
verified publisher icon Uberspace

[cryptpad] improve the guide security

Open noave opened this issue 3 years ago • 1 comments

Cryptpad serves a checkup page that returns some errors with installing at isabell.uber.space/checkup

  • at first we should follow the "two-domains" directive and advise to setup a domain unsafe.isabell.uber.space as UnsafeOrigin
  • most errors refer to missing headers, there is an example nginx config which should be used to set up headers like stated in the manual https://manual.uberspace.de/web-headers/
  • it looks like in newest version 4.14 there is no longer an email configuration within the config file, check if this should still be added

review: https://docs.cryptpad.fr/en/admin_guide/installation.html#domains

noave avatar Apr 06 '22 09:04 noave

looks like we need to set

  • //httpSafeOrigin: to something like safe.isabell.uber.space
  • //httpUnsafeSafeOrigin: to isabell.uber.space

and we need to tell how to create an admin account

noave avatar Jul 19 '22 11:07 noave