Merge pull request 'Shorten config name to fit char limits' (#10) from shorten into main

Reviewed-on: coop-cloud/cryptpad#10

.env.sample

@@ -18,6 +18,10 @@ SANDBOX_DOMAIN=sandbox.cryptpad.example.com
 #EXTRA_DOMAINS=', `www.cryptpad.example.com`'
 LETS_ENCRYPT_ENV=production
 
+## Set to true to block unregistered users from accessing any CryptPad applications
+## See https://docs.cryptpad.org/en/admin_guide/customization.html#restricting-guest-access
+#RESTRICT_GUEST_ACCESS=false
+
 ## SSO / OIDC (optional — uncomment below and add compose.sso.yml to COMPOSE_FILE to enable)
 # COMPOSE_FILE="$COMPOSE_FILE:compose.sso.yml"
 #SSO_ENABLED=true

abra.sh

@@ -3,3 +3,4 @@ export CONFIG_JS_VERSION=v2
 export NGINX_CONF_VERSION=v1
 export SSO_ENTRYPOINT_VERSION=v6
 export SSO_JS_VERSION=v3
+export APP_CONFIG_JS_VERSION=v1

application_config.js.tmpl

@@ -0,0 +1,24 @@
+// CryptPad application customization — generated from environment variables
+// See https://docs.cryptpad.org/en/admin_guide/customization.html
+// For default file, see: https://github.com/cryptpad/cryptpad/blob/main/customize.dist/application_config.js
+
+(() => {
+const factory = (AppConfig) => {
+    {{ if eq (env "RESTRICT_GUEST_ACCESS") "true" }}
+    // Block unregistered users from accessing any applications
+    AppConfig.registeredOnlyTypes = AppConfig.availablePadTypes.slice();
+    {{ end }}
+
+    return AppConfig;
+};
+
+// Do not change code below
+if (typeof(module) !== 'undefined' && module.exports) {
+    module.exports = factory(
+        require('../www/common/application_config_internal.js')
+    );
+} else if ((typeof(define) !== 'undefined' && define !== null) && (define.amd !== null)) {
+    define(['/common/application_config_internal.js'], factory);
+}
+
+})();

compose.yml

@@ -16,6 +16,7 @@ services:
       - "CPAD_HTTP2_DISABLE=true"
       - "CPAD_TRUST_PROXY=1"
       - "CPAD_CONF=/cryptpad/config/config.js"
+      - "RESTRICT_GUEST_ACCESS=${RESTRICT_GUEST_ACCESS:-false}"
     volumes:
       - cryptpad_blob:/cryptpad/blob
       - cryptpad_block:/cryptpad/block
@@ -26,6 +27,8 @@ services:
     configs:
       - source: config_js
         target: /cryptpad/config/config.js
+      - source: app_config_js
+        target: /cryptpad/customize/application_config.js
 
     deploy:
       restart_policy:
@@ -33,7 +36,7 @@ services:
       labels:
         - "traefik.enable=false"
         - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
-        - "coop-cloud.${STACK_NAME}.version=0.5.2+v2026.2.0"
+        - "coop-cloud.${STACK_NAME}.version=0.5.4+v2026.2.0"
         - "backupbot.backup=true"
     healthcheck:
       test: ["CMD", "curl", "-f", "http://localhost:3000"]
@@ -86,3 +89,7 @@ configs:
     name: ${STACK_NAME}_nginx_conf_${NGINX_CONF_VERSION}
     file: nginx.conf.tmpl
     template_driver: golang
+  app_config_js:
+    name: ${STACK_NAME}_app_config_js_${APP_CONFIG_JS_VERSION}
+    file: application_config.js.tmpl
+    template_driver: golang

renovate.json

@@ -1,6 +0,0 @@
-{
-  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "extends": [
-    "config:recommended"
-  ]
-}