ripulisti

README.md

@@ -1,13 +1,21 @@
-# infra
-tentativo di mantenere le cose ordinate, ansible Vagrant e altri amenuncoli
+# silicone
 
-## Roles:
+Un angolo ragionato per facilitare la messa in opera di servizi autogestiti di prossimità
+  
 
-### Common
+## Appunti
+Puntando alla semplificazione la maggior parte delle scelte le dobbiamo fare qui.
 
-### nodejs
+Ci sono due setup possibili:
+- si vuole uno e un solo servizio per macchina (vps)
+- una macchina gestisce piu' servizi
 
-### etherpad
+Quello che cambia è che nel primo caso nginx (per i servizi web) e' interno, nell'altro
+caso e' esterno.
 
-### caddy
+## Ansible
+
+
+## Scrivere nuovi ruoli o testare configurazioni diverse
+Usiamo vagrant dentro `/dev`
 

dev/Dockerfile

@@ -0,0 +1,9 @@
+FROM debian:stable-slim
+RUN apt-get update
+
+## install ansible requirements
+RUN apt-get install openssh-server python3 -y
+
+RUN mkdir -p /root/.ssh
+
+CMD ["bash"]

tests/dev/Vagrantfile → dev/Vagrantfile

@@ -6,6 +6,6 @@ Vagrant.configure("2") do |config|
     dev.vm.box = "generic/debian10"
     dev.vm.synced_folder "../..", "/vagrant", disabled: false
     dev.vm.provision "shell", inline: "DEBIAN_FRONTEND=noninteractive apt-get -qq update && apt-get -y autoclean && apt-get -y autoremove"
-    dev.vm.provision "shell", inline: "DEBIAN_FRONTEND=noninteractive apt-get -fqy dist-upgrade && apt-get -qq -y install ansible" 
+    dev.vm.provision "shell", inline: "DEBIAN_FRONTEND=noninteractive apt-get -fqy dist-upgrade && apt-get -qq -y install ansible"
   end
-end	
+end

etherpad-playbook.yml

@@ -1,7 +0,0 @@
----
-
-- name: "Testing etherpad role"
-  hosts: localhost
-  become: true
-  roles:
-    - role: etherpad

goploader.yml

@@ -1,10 +0,0 @@
----
-
-- name: "Testing goploader role"
-  hosts: jolly
-  become: true
-  roles:
-    - role: common
-    - role: goploader
-      vars:
-         hostname: cicles.cisti.org

roles/caddy/tasks/main.yml

@@ -1,5 +1,4 @@
 ---
-- include: preflight.yml
 - include: packages-{{ ansible_pkg_mgr }}.yml
 
 - name: Create Caddy user

roles/caddy/tasks/preflight.yml

@@ -1,17 +0,0 @@
----
-- name: Assert usage of systemd as an init system
-  assert:
-    that: ansible_service_mgr == 'systemd'
-    msg: "This module only works with systemd"
-
-- name: Get systemd version
-  command: systemctl --version
-  changed_when: false
-  check_mode: false
-  register: __systemd_version
-  tags:
-    - skip_ansible_lint
-
-- name: Set systemd version fact
-  set_fact:
-    caddy_systemd_version: "{{ __systemd_version.stdout_lines[0].split(' ')[-1] }}"

roles/etherpad/tasks/abiword.yml

@@ -1,7 +0,0 @@
----
-
-- name: Ensure abiword, soffice, tidy packages are installed
-  apt:
-    pkg:
-      - abiword
-      - tidy

roles/etherpad/templates/settings.json.j2

@@ -1,101 +0,0 @@
-#jinja2: lstrip_blocks: True
-{
-  "title": "{{ title }}",
-  "favicon": "{{ favicon }}",
-  "ip": "127.0.0.1",
-  "port" : "31337",
-  "showSettingsInAdminPage": false,
-  "sessionKey": "oijaoifd",
-  "skinName": "colibris",
-  "dbType": "postgres",
-  "dbSettings" : {
-    "user"    : "etherpad",
-    "host"    : "/var/run/postgresql",
-    "password": "{{ database_password }}",
-    "database": "etherpad",
-    "charset" : "utf8mb4"
-  },
-  "defaultPadText": "{{ pad_default_text | replace("\n", "\\n")}}",
-  "padOptions": {
-    "noColors": false,
-    "showControls": true,
-    "showChat": true,
-    "showLineNumbers": true,
-    "useMonospaceFont": true,
-    "userName": true,
-    "userColor": false,
-    "rtl": false,
-    "alwaysShowChat": false,
-    "chatAndUsers": false,
-    "lang": "{{ pad_options_lang }}"
-  },
-  "padShortcutEnabled" : {
-    "altF9":     true,
-    "altC":      true,
-    "cmdShift2": true,
-    "delete":    true,
-    "return":    true,
-    "esc":       true,
-    "cmdS":      true,
-    "tab":       true,
-    "cmdZ":      true,
-    "cmdY":      true,
-    "cmdI":      true,
-    "cmdB":      true,
-    "cmdU":      true,
-    "cmd5":      true,
-    "cmdShiftL": true,
-    "cmdShiftN": true,
-    "cmdShift1": true,
-    "cmdShiftC": true,
-    "cmdH":      true,
-    "ctrlHome":  true,
-    "pageUp":    true,
-    "pageDown":  true
-  },
-  "suppressErrorsInPadText": false,
-  "requireSession": false,
-  "editOnly": false,
-  "sessionNoPassword": false,
-  "minify": true,
-  "maxAge": 21600,
-  "abiword": "/usr/bin/abiword",
-  "soffice": false,
-  "tidyHtml": "/usr/bin/tidy",
-  "allowUnknownFileEnds": true,
-  "requireAuthentication": false,
-  "requireAuthorization": false,
-  "trustProxy": false,
-  "disableIPlogging": true,
-  "automaticReconnectionTimeout": 5,
-  "scrollWhenFocusLineIsOutOfViewport": {
-    "percentage": {
-      "editionAboveViewport": 0,
-      "editionBelowViewport": 0
-    },
-    "duration": 0,
-    "scrollWhenCaretIsInTheLastLineOfViewport": false,
-    "percentageToScrollWhenUserPressesArrowUp": 0
-  },
-  "socketTransportProtocols": ["xhr-polling", "jsonp-polling", "htmlfile"],
-  "loadTest": false,
-  "indentationOnNewLine": false,
-  "toolbar": {
-    "left": [
-      ["bold", "italic", "underline", "strikethrough"],
-      ["orderedlist", "unorderedlist", "indent", "outdent"],
-      ["undo", "redo"],
-      ["clearauthorship"]
-    ],
-    "right": [
-      ["importexport", "timeslider", "savedrevision"],
-      ["settings", "embed"],
-      ["showusers"]
-    ],
-    "timeslider": [
-       ["timeslider_export", "timeslider_returnToPad"]
-     ]
-  },
-  "exposeVersion": false,
-  "loglevel": "WARN"
-}

roles/goploader/defaults/main.yml

@@ -1,2 +1,2 @@
 ---
-hostname: :8000
+hostname: :8000

roles/nginx/tasks/main.ml

@@ -1,5 +1,32 @@
 ---
-- name: "Install NGINX"
+- name: Install NGINX
+  become: yes
   apt:
     name: nginx
-    update_cache: yes
+
+- name: Disable NGINX Default Virtual Host
+  become: yes
+  file:
+    src: /etc/nginx/sites-enabled/default
+    state: unlink
+
+- name: Configure Reverse Proxies
+  become: yes
+  template:
+    src: reverse_proxy.conf
+    dest: /etc/nginx/sites-available/reverse_proxy_{{item.key}}.conf
+  with_dict: "{{ proxies }}"
+
+- name: Link NGINX Reverse Proxies
+  file:
+    src: "/etc/nginx/sites-available/reverse_proxy_{{item.key}}.conf"
+    dest: "/etc/nginx/sites-enabled/reverse_proxy_{{item.key}}.conf"
+    state: link
+  with_dict: "{{ proxies }}"
+
+- name: Make sure NGINX Service is running
+  become: yes
+  service:
+    name: nginx
+    state: restarted
+    enabled: yes

roles/common/tasks/main.yml → roles/stable/common/tasks/main.yml

@@ -14,7 +14,7 @@
 
 - name: Add Backports Repository
   apt_repository:
-    repo: deb http://deb.debian.org/debian "buster-backports main contrib non-free"
+    repo: deb http://deb.debian.org/debian buster-backports main contrib non-free
     state: present
     update_cache: yes
 

roles/etherpad/defaults/main.yml → roles/stable/etherpad/defaults/main.yml

@@ -1,14 +1,17 @@
 ---
 title: "Etherpad"
 favicon: "favicon.ico"
-hostname: ":80"
+listen_ip: "0.0.0.0"
+listen_port: "8001"
+log_level: "INFO"
 database_password: "{{lookup('password', './.pass/etherpad_db_password')}}"
-pad_options_lang: 'it-it'
 
-plugins: ['ep_comments_page', 'ep_headings2', 'ep_markdown', 'ep_align', 'ep_page_view']
+plugins: ['ep_headings2', 'ep_table_of_contents', 'ep_comments_page', 'ep_align', 'ep_delete_after_delay_lite']
+
+pad_lang: 'it-IT'
 
 pad_default_text: |
   Welcome to Etherpad!
   This pad text is synchronized as you type, so that everyone viewing this page sees the same text. 
   This allows you to collaborate seamlessly on documents!
-  Get involved with Etherpad at
+  Get involved with Etherpad at

roles/stable/etherpad/files/iframe_editor.css

@@ -0,0 +1,142 @@
+/*
+  These CSS rules are included in both the outer and inner ACE iframe (pad editor)
+*/
+
+@import url('./lists_and_indents.css');
+
+html.inner-editor {
+  height: auto !important;
+  background-color: transparent !important;
+  scrollbar-width: thin;
+  scrollbar-color: white transparent;
+}
+#outerdocbody {
+  display: flex;
+  flex-direction: row;
+  justify-content: center;
+  min-height: 100vh; /* take at least full height */
+}
+#outerdocbody iframe {
+  flex: 1 auto;
+  display: flex;
+  width: 100%;
+}
+#outerdocbody #sidediv {
+  order: -1; /* display it on the first row positionning, i.e. on the left */
+}
+
+/* ACE-PAD Container (i.e. where the text is displayed) */
+#innerdocbody {
+  padding: 10px;
+  overflow: hidden;
+  background-color: white;
+
+  /* Be careful editing following rules. Longs words should not overflow, ep_align justify should work,
+     Test on chrome, firefox and safari... Copy / Paste a word inside a sentence should not add line-breaks
+     and preserve the style */
+  display: block; /* for safari and firefox, otherwise the break-word does not work */
+  white-space: normal;
+  word-wrap: break-word;
+  overflow-wrap: break-word;
+}
+#innerdocbody, #sidediv {
+  padding-top: 10px; /* Both must have same top padding, so line number are aligned with the rows */
+  padding-bottom: 10px; /* some space when we scroll to the bottom */
+}
+
+#innerdocbody a {
+  color: #2e96f3;
+}
+#innerdocbody.authorColors [class^='author-'] a {
+  color: inherit;
+}
+
+#innerdocbody span {
+  line-height: 125%;
+  padding: 6px 0 !important;
+}
+
+option {
+  text-transform: capitalize;
+}
+
+#innerdocbody h1,
+#innerdocbody h2,
+#innerdocbody h3,
+#innerdocbody h4 {
+  margin-bottom: .5em;
+}
+
+/* --------------------- */
+/* -- BROWSER SUPPORT -- */
+/* --------------------- */
+
+body.mozilla, body.safari {
+  display: table-cell; /* cause "body" area (e.g. where clicks are heard) to grow horizontally with text */
+}
+.safari div {
+  padding-right: 1px; /* prevents the caret from disappearing on the longest line of the doc */
+}
+
+
+/* ------------------------------------------ */
+/* -- SIDEDIV (line number, text author..) -- */
+/* ------------------------------------------ */
+
+#sidediv {
+  background-color: transparent;
+  border-right: 1px solid #ccc;
+}
+#sidediv .line-number {
+  font-size: 9px;
+  padding: 0 10px;
+  font-family: monospace;
+}
+#sidedivinner {
+  text-align: right;
+  opacity: .9;
+}
+#sidediv:not(.sidedivdelayed) { /* before sidediv get initialized, hide text */
+  color: transparent;
+}
+.line-numbers-hidden #sidediv .line-number {
+  display: none;
+}
+#linemetricsdiv {
+  position: absolute;
+  left: -1000px;
+  top: -1000px;
+  color: white;
+  z-index: -1;
+  font-size: 12px; /* overridden by lineMetricsDiv.style */
+  font-family: monospace; /* overridden by lineMetricsDiv.style */
+}
+@media (max-width: 800px) {
+  #sidediv {
+    /* Do not use display: none to hide the sidediv, otherwise the parent container does not
+       get its height properly calculated by flexboxes */
+    visibility: hidden;
+    width: 0;
+    padding: 0;
+  }
+}
+
+
+
+
+/* ----------- */
+/* -- OTHER -- */
+/* ----------- */
+
+::selection {
+  background: #acf;
+}
+::-moz-selection {
+  background: #acf;
+}
+#innerdocbody a {
+  cursor: pointer !important;
+}
+body.grayedout {
+  background-color: #eee !important
+}

roles/stable/etherpad/files/index.css

@@ -0,0 +1,125 @@
+#button,
+body,
+form {
+  border: none
+}
+
+body {
+  background: url(images/fond.jpg) top center no-repeat fixed #fff;
+  font-family: Cantarell, "Open Sans", "Helvetica Neue", sans-serif;
+  font-size: 16px;
+  line-height: 1.42857143;
+  color: #333;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  background-size: cover;
+}
+
+#wrapper {
+  border-top: none;
+  margin-top: 0;
+  padding: 0;
+  background: 0 0;
+  box-shadow: none
+}
+
+input {
+  color: #4a5d5c;
+}
+
+#inner {
+  background: transparent;
+  padding-top: 0;
+  width: 350px;
+  max-width: 350px;
+  text-align: center;
+  color:#FFF;
+}
+
+#label {
+  text-shadow: none;
+  color: #FFF;
+  font-weight: normal;
+  text-align: center;
+}
+
+#button {
+  margin: 0 auto;
+  text-align: center;
+  width: 100%;
+  text-shadow: none;
+  font-size: 23px;
+  line-height: 1.8;
+  color: #64d29b;
+  background: #586a69;
+  border-radius: 3px;
+  box-shadow: none;
+  height: 53px;
+  border: none;
+  display: block;
+}
+
+
+button[type=submit] {
+  border-top-right-radius: 3px;
+  border-bottom-right-radius: 3px;
+  left: 305px;
+  color: #64d29b;
+  background: #586a69;
+  border: none;
+  top: 0;
+  opacity: 1;
+  transition: .2s background;
+}
+
+#button:hover,
+button[type=submit]:hover {
+  cursor: pointer;
+  background: #64d29b;
+  border: 2px solid #586a69;
+  color: #586a69;
+}
+
+#padname {
+  height: 38px;
+  max-width: 350px;
+  padding: 0 12px;
+  position: relative;
+}
+
+#text {
+  text-align: center;
+  max-width:500px;
+  font-size: 1.2em;
+  padding:20px;
+  margin:0 auto;
+  color:#FFFF;
+}
+
+.logo_pad .icon img.pad {
+  width: 40px;
+  margin-top: 10px;
+  float:left;
+  padding:14px;
+}
+.logo_pad h3 {
+  font-size: 24px;
+  font-weight: 400;
+  color: red;
+  float:left;
+}
+
+#logo_cisti {
+ width:100px;
+ margin: auto;
+ display: block;
+}
+
+#logo_cisti img {
+ max-width: 100%;
+}
+.onion {
+  text-decoration: none;
+  font-size: 15px;
+}

roles/stable/etherpad/files/index.html

@@ -0,0 +1,234 @@
+<%
+  var settings = require("ep_etherpad-lite/node/utils/Settings");
+%>
+<!doctype html>
+<html>
+
+        <title><%=settings.title%></title>
+    <script>
+      /*
+      |@licstart  The following is the entire license notice for the
+      JavaScript code in this page.|
+
+      Copyright 2011 Peter Martischka, Primary Technology.
+
+      Licensed under the Apache License, Version 2.0 (the "License");
+      you may not use this file except in compliance with the License.
+      You may obtain a copy of the License at
+
+         http://www.apache.org/licenses/LICENSE-2.0
+
+      Unless required by applicable law or agreed to in writing, software
+      distributed under the License is distributed on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+      See the License for the specific language governing permissions and
+      limitations under the License.
+
+      |@licend  The above is the entire license notice
+      for the JavaScript code in this page.|
+      */
+    </script>
+
+        <meta charset="utf-8">
+        <meta name="referrer" content="no-referrer">
+        <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0">
+        <link rel="shortcut icon" href="<%=settings.favicon%>">
+
+        <link rel="localizations" type="application/l10n+json" href="locales.json">
+        <script type="text/javascript" src="static/js/html10n.js?v=<%=settings.randomVersionString%>"></script>
+        <script type="text/javascript" src="static/js/l10n.js?v=<%=settings.randomVersionString%>"></script>
+
+        <style>
+            html, body {
+              height: 100%;
+            }
+            body {
+              margin: 0;
+              color: #333;
+              font: 14px helvetica, sans-serif;
+              background: #ddd;
+              background: -webkit-radial-gradient(circle,#aaa,#eee 60%) center fixed;
+              background: -moz-radial-gradient(circle,#aaa,#eee 60%) center fixed;
+              background: -ms-radial-gradient(circle,#aaa,#eee 60%) center fixed;
+              background: -o-radial-gradient(circle,#aaa,#eee 60%) center fixed;
+              border-top: 8px solid rgba(51,51,51,.8);
+            }
+            #wrapper {
+              border-top: 1px solid #999;
+              margin-top: 160px;
+              padding: 15px;
+              background: #eee;
+              background: -webkit-linear-gradient(#fff,#ccc);
+              background: -moz-linear-gradient(#fff,#ccc);
+              background: -ms-linear-gradient(#fff,#ccc);
+              background: -o-linear-gradient(#fff,#ccc);
+              box-shadow: 0px 1px 8px rgba(0,0,0,0.3);
+            }
+            #inner {
+              position:relative;
+              max-width: 300px;
+              margin: 0 auto;
+            }
+            #button {
+              margin: 0 auto;
+              text-align: center;
+              font: 36px verdana,arial,sans-serif;
+              width:300px;
+              border:none;
+              color: white;
+              text-shadow: 0 -1px 0 rgba(0,0,0,.8);
+              height: 70px;
+              line-height: 70px;
+              background: #555;
+              background: -webkit-linear-gradient(#5F5F5F,#565656 50%,#4C4C4C 51%,#373737);
+              background: -moz-linear-gradient(#5F5F5F,#565656 50%,#4C4C4C 51%,#373737);
+              background: -ms-linear-gradient(#5F5F5F,#565656 50%,#4C4C4C 51%,#373737);
+              background: -o-linear-gradient(#5F5F5F,#565656 50%,#4C4C4C 51%,#373737);
+              box-shadow: inset 0 1px 3px rgba(0,0,0,0.9);
+            }
+            #button:hover {
+              cursor: pointer;
+              background: #666;
+              background: -webkit-linear-gradient(#707070,#666666 50%,#5B5B5B 51%,#474747);
+              background: -moz-linear-gradient(#707070,#666666 50%,#5B5B5B 51%,#474747);
+              background: -ms-linear-gradient(#707070,#666666 50%,#5B5B5B 51%,#474747);
+              background: -o-linear-gradient(#707070,#666666 50%,#5B5B5B 51%,#474747);
+            }
+            #button:active {
+              box-shadow: inset 0 1px 12px rgba(0,0,0,0.9);
+              background: #444;
+            }
+            #label {
+              text-align: left;
+              text-shadow: 0 1px 1px #fff;
+              margin: 16px auto 0;
+              display:block;
+            }
+            #padname{
+              height:38px;
+              max-width:280px;
+            }
+            form {
+              height: 38px;
+              background: #fff;
+              border: 1px solid #bbb;
+              border-radius: 3px;
+              position: relative;
+            }
+            button, input {
+              font-weight: bold;
+              font-size: 15px;
+            }
+            input[type="text"] {
+              border-radius: 3px;
+              box-sizing: border-box;
+              -moz-box-sizing: border-box;
+              line-height:36px; /* IE8 hack */
+              padding: 0px 45px 0 10px;
+              *padding: 0; /* IE7 hack */
+              width: 100%;
+              height: 100%;
+              outline: none;
+              border: none;
+              position: absolute;
+            }
+            button[type="submit"] {
+              position: absolute;
+              left:253px;
+              width: 45px;
+              height: 38px;
+            }
+            @media only screen and (min-device-width: 320px) and (max-device-width: 800px) {
+              body {
+                background: #bbb;
+                background: -webkit-linear-gradient(#aaa,#eee 60%) center fixed;
+                background: -moz-linear-gradient(#aaa,#eee 60%) center fixed;
+                background: -ms-linear-gradient(#aaa,#eee 60%) center fixed;
+              }
+              #wrapper {
+                margin-top: 0;
+              }
+              #inner {
+                width: 95%;
+              }
+              #label {
+                text-align: center;
+              }
+            }
+        </style>
+        <link href="static/skins/<%=encodeURI(settings.skinName)%>/index.css?v=<%=settings.randomVersionString%>" rel="stylesheet">
+
+        <div id="wrapper">
+        <% e.begin_block("indexWrapper"); %>
+            <div id="inner">
+                <button id="button" onclick="go2Random()" data-l10n-id="index.newPad"></button>
+                <label id="label" for="padname" data-l10n-id="index.createOpenPad"></label>
+                <form action="#" onsubmit="go2Name();return false;">
+                    <input type="text" id="padname" maxlength="50" autofocus x-webkit-speech>
+                    <button type="submit">OK</button>
+                </form>
+            </div>
+        <% e.end_block(); %>
+	<div id="text">
+          <div cass="text_inner">
+          
+Questo è un servizio etherpad ospitato dal progetto cisti.org.
+Etherpad è un software libero che permette la realizzazione collaborativa di documenti di testo.
+Su cisti non registriamo nessuna informazione su chi lo usa.<br/>
+          </div>
+        </div>
+	
+          <div id="logo_cisti">
+            <a href="https://cisti.org/">
+	      <img src="static/skins/colibris/images/logo.png" alt="Cisti" ></img>
+	    </a>
+          </div>
+
+	<div class="onion">
+	   pad.ukdbebvetkn265rh5sfmmw53ka4dbhkfpqb7ufr3fu6ldlh6khleybid.onion
+	</div>
+
+        <script src="static/skins/<%=encodeURI(settings.skinName)%>/index.js?v=<%=settings.randomVersionString%>"></script>
+        <script>
+            // @license magnet:?xt=urn:btih:8e4f440f4c65981c5bf93c76d35135ba5064d8b7&dn=apache-2.0.txt
+            function go2Name()
+            {
+                var padname = document.getElementById("padname").value;
+                padname.length > 0 ? window.location = "p/" + encodeURIComponent(padname.trim()) : alert("Please enter a name")
+            }
+
+            function go2Random()
+            {
+                window.location = "p/" + randomPadName();
+            }
+
+            function randomPadName()
+            {
+                // the number of distinct chars (64) is chosen to ensure that
+                // the selection will be uniform when using the PRNG below
+                var chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_";
+                // the length of the pad name is chosen to get 120-bit security:
+                // log2(64^20) = 120
+                var string_length = 20;
+                // make room for 8-bit integer values that span from 0 to 255.
+                var randomarray = new Uint8Array(string_length);
+                // use browser's PRNG to generate a "unique" sequence
+                var cryptoObj = window.crypto || window.msCrypto; // for IE 11
+                cryptoObj.getRandomValues(randomarray);
+                var randomstring = '';
+                for (var i = 0; i < string_length; i++)
+                {
+                    // instead of writing "Math.floor(randomarray[i]/256*64)"
+                    // we can save some cycles.
+                    var rnum = Math.floor(randomarray[i]/4);
+                    randomstring += chars.substring(rnum, rnum + 1);
+                }
+                return randomstring;
+            }
+
+            // start the custom js
+            if (typeof customStart == "function") customStart();
+            // @license-end
+        </script>
+        <div style="display:none"><a href="/javascript" data-jslicense="1">JavaScript license information</a></div>
+</html>

roles/stable/etherpad/files/index.js

@@ -0,0 +1,11 @@
+function customStart()
+{
+  //define your javascript here
+  //jquery is available - except index.js
+  //you can load extra scripts with $.getScript http://api.jquery.com/jQuery.getScript/
+  function setRandomName() {
+      document.getElementById("padname").value = randomPadName();
+  }
+  setRandomName();
+
+}

roles/etherpad/meta/main.yml → roles/stable/etherpad/meta/main.yml

@@ -2,20 +2,21 @@
 dependencies:
 
   # install nodejs
-  - role: nodejs
+  - role: stable/nodejs
 
   # install postgres
   # and create an etherpad user and db
-  - role: postgresql
+  - role: stable/postgresql
     vars:
       username: etherpad
       password: "{{ database_password }}"
       database: etherpad
 
   # install caddy and configure it as reverse proxy
-  - role: caddy
-    vars:
-      caddy_config: |
-        {{hostname}}
-        encode gzip
-        reverse_proxy localhost:31337
+  # - role: caddy
+  #   when: with_nginx | bool
+  #   vars:
+  #     caddy_config: |
+  #       {{hostname}}
+  #       encode gzip
+  #       reverse_proxy localhost:31337

roles/etherpad/tasks/main.yml → roles/stable/etherpad/tasks/main.yml

@@ -3,7 +3,9 @@
 - name: install etherpad deps
   apt:
     pkg:
-      git
+      - git
+      - libreoffice-common
+      - tidy
 
 - name: ensure etherpad user is present
   user:
@@ -12,22 +14,23 @@
     shell: "/bin/bash"
     state: present
 
-- name: ensure etherpad is latest
+- name: ensure etherpad is correct version
   git:
     repo: "https://github.com/ether/etherpad-lite"
     dest: "/srv/etherpad/etherpad"
-    version: "master"
+    version: "1.8.6"
+    force: true
   become: true
   become_user: "etherpad"
   register: repository
 
-- name: ensure etherpad systemd unit is latest
+- name: ensure etherpad init.d is latest
   template:
-    src: etherpad.service.j2
-    dest: /etc/systemd/system/etherpad.service
+    src: etherpad.initd.j2
+    dest: /etc/init.d/etherpad
     owner: root
     group: root
-    mode: 0644
+    mode: 0500
 
 - name: copy etherpad settings.json
   template:
@@ -37,18 +40,31 @@
     group: etherpad
     mode: 0644
 
-
 - name: ensure etherpad will start after system is booted
   service:
     name: etherpad
     enabled: yes
 
-- name: install etherpad deps
-  become: true
-  become_user: etherpad
-  shell: /srv/etherpad/etherpad/bin/installDeps.sh
-  args:
-    chdir: /srv/etherpad/etherpad/
+# - name: install etherpad deps
+#   become: true
+#   become_user: etherpad
+#   shell: /srv/etherpad/etherpad/bin/installDeps.sh
+#   args:
+#     chdir: /srv/etherpad/etherpad/
+
+- name: copy custom assets
+  copy: 
+    src: "{{playbook_dir}}/assets/etherpad/{{item.key}}"
+    dest: "{{item.value}}{{item.key}}"
+    owner: etherpad
+    group: etherpad
+  with_dict: "{{ override_files }}"
+
+- name: remove package-lock.json
+  file:
+    state: absent
+    path: "/srv/etherpad/etherpad/package-lock.json"
+
 
 - name: install etherpad plugins
   npm:
@@ -58,5 +74,3 @@
   become_user: etherpad
   with_items: "{{ plugins|d() }}"
   notify: restart etherpad
-
-- include: abiword.yml

roles/stable/etherpad/templates/etherpad.initd.j2

@@ -0,0 +1,77 @@
+#!/bin/sh
+
+### BEGIN INIT INFO
+# Provides:          etherpad-lite
+# Required-Start:    $local_fs $remote_fs $network $syslog
+# Required-Stop:     $local_fs $remote_fs $network $syslog
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: starts etherpad lite
+# Description:       starts etherpad lite using start-stop-daemon
+### END INIT INFO
+
+PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/node/bin"
+LOGFILE="/srv/etherpad/etherpad/etherpad-lite.log"
+EPLITE_DIR="/srv/etherpad/etherpad"
+EPLITE_BIN="bin/safeRun.sh"
+USER="etherpad"
+GROUP="etherpad"
+DESC="Etherpad Lite"
+NAME="etherpad-lite"
+
+set -e
+
+. /lib/lsb/init-functions
+
+start() {
+  echo "Starting $DESC... "
+
+    start-stop-daemon --start --chuid "$USER:$GROUP" --background --make-pidfile --pidfile /var/run/$NAME.pid --exec $EPLITE_DIR/$EPLITE_BIN -- $LOGFILE || true
+  echo "done"
+}
+
+#We need this function to ensure the whole process tree will be killed
+killtree() {
+    local _pid=$1
+    local _sig=${2-TERM}
+    for _child in $(ps -o pid --no-headers --ppid ${_pid}); do
+        killtree ${_child} ${_sig}
+    done
+    kill -${_sig} ${_pid}
+}
+
+stop() {
+  echo "Stopping $DESC... "
+   while test -d /proc/$(cat /var/run/$NAME.pid); do
+    killtree $(cat /var/run/$NAME.pid) 15
+    sleep 0.5
+  done
+  rm /var/run/$NAME.pid
+  echo "done"
+}
+
+status() {
+  status_of_proc -p /var/run/$NAME.pid "" "etherpad-lite" && exit 0 || exit $?
+}
+
+case "$1" in
+  start)
+      start
+      ;;
+  stop)
+    stop
+      ;;
+  restart)
+      stop
+      start
+      ;;
+  status)
+      status
+      ;;
+  *)
+      echo "Usage: $NAME {start|stop|restart|status}" >&2
+      exit 1
+      ;;
+esac
+
+exit 0

roles/stable/etherpad/templates/settings.json.j2

@@ -0,0 +1,559 @@
+/**
+ * THIS IS THE SETTINGS FILE THAT IS COPIED INSIDE THE DOCKER CONTAINER.
+ *
+ * By default, some runtime customizations are supported (see the
+ * documentation).
+ *
+ * If you need more control, edit this file and rebuild the container.
+ */
+
+/*
+ * This file must be valid JSON. But comments are allowed
+ *
+ * Please edit settings.json, not settings.json.template
+ *
+ * Please note that starting from Etherpad 1.6.0 you can store DB credentials in
+ * a separate file (credentials.json).
+ *
+ *
+ * ENVIRONMENT VARIABLE SUBSTITUTION
+ * =================================
+ *
+ * All the configuration values can be read from environment variables using the
+ * syntax "${ENV_VAR}" or "${ENV_VAR:default_value}".
+ *
+ * This is useful, for example, when running in a Docker container.
+ *
+ * EXAMPLE:
+ *    "port":     "${PORT:9001}"
+ *    "minify":   "${MINIFY}"
+ *    "skinName": "${SKIN_NAME:colibris}"
+ *
+ * Would read the configuration values for those items from the environment
+ * variables PORT, MINIFY and SKIN_NAME.
+ *
+ * If PORT and SKIN_NAME variables were not defined, the default values 9001 and
+ * "colibris" would be used.
+ * The configuration value "minify", on the other hand, does not have a
+ * designated default value. Thus, if the environment variable MINIFY were
+ * undefined, "minify" would be null.
+ *
+ * REMARKS:
+ * 1) please note that variable substitution always needs to be quoted.
+ *
+ *    "port":     9001,            <-- Literal values. When not using
+ *    "minify":   false                substitution, only strings must be
+ *    "skinName": "colibris"           quoted. Booleans and numbers must not.
+ *
+ *    "port":     "${PORT:9001}"   <-- CORRECT: if you want to use a variable
+ *    "minify":   "${MINIFY:true}"     substitution, put quotes around its name,
+ *    "skinName": "${SKIN_NAME}"       even if the required value is a number or
+ *                                     a boolean.
+ *                                     Etherpad will take care of rewriting it
+ *                                     to the proper type if necessary.
+ *
+ *    "port":     ${PORT:9001}     <-- ERROR: this is not valid json. Quotes
+ *    "minify":   ${MINIFY}            around variable names are missing.
+ *    "skinName": ${SKIN_NAME}
+ *
+ * 2) Beware of undefined variables and default values: nulls and empty strings
+ *    are different!
+ *
+ *    This is particularly important for user's passwords (see the relevant
+ *    section):
+ *
+ *    "password": "${PASSW}"  // if PASSW is not defined would result in password === null
+ *    "password": "${PASSW:}" // if PASSW is not defined would result in password === ''
+ *
+ *    If you want to use an empty value (null) as default value for a variable,
+ *    simply do not set it, without putting any colons: "${ABIWORD}".
+ *
+ * 3) if you want to use newlines in the default value of a string parameter,
+ *    use "\n" as usual.
+ *
+ *    "defaultPadText" : "${DEFAULT_PAD_TEXT}Line 1\nLine 2"
+ */
+{
+  /*
+   * Name your instance!
+   */
+  "title": "{{title}}",
+
+  /*
+   * favicon default name
+   * alternatively, set up a fully specified Url to your own favicon
+   */
+  "favicon": "{{favicon}}",
+
+  /*
+   * Skin name.
+   *
+   * Its value has to be an existing directory under src/static/skins.
+   * You can write your own, or use one of the included ones:
+   *
+   * - "no-skin":  an empty skin (default). This yields the unmodified,
+   *               traditional Etherpad theme.
+   * - "colibris": the new experimental skin (since Etherpad 1.8), candidate to
+   *               become the default in Etherpad 2.0
+   */
+  "skinName": "colibris",
+
+  /*
+   * Skin Variants
+   *
+   * Use the UI skin variants builder at /p/test#skinvariantsbuilder
+   *
+   * For the colibris skin only, you can choose how to render the three main
+   * containers:
+   * - toolbar (top menu with icons)
+   * - editor (containing the text of the pad)
+   * - background (area outside of editor, mostly visible when using page style)
+   *
+   * For each of the 3 containers you can choose 4 color combinations:
+   * super-light, light, dark, super-dark.
+   *
+   * For example, to make the toolbar dark, you will include "dark-toolbar" into
+   * skinVariants.
+   *
+   * You can provide multiple skin variants separated by spaces. Default
+   * skinVariant is "super-light-toolbar super-light-editor light-background".
+   *
+   * For the editor container, you can also make it full width by adding
+   * "full-width-editor" variant (by default editor is rendered as a page, with
+   * a max-width of 900px).
+   */
+  "skinVariants": "dark-toolbar super-light-editor super-dark-background",
+
+  /*
+   * IP and port which Etherpad should bind at.
+   *
+   * Binding to a Unix socket is also supported: just use an empty string for
+   * the ip, and put the full path to the socket in the port parameter.
+   *
+   * EXAMPLE USING UNIX SOCKET:
+   *    "ip": "",                             // <-- has to be an empty string
+   *    "port" : "/somepath/etherpad.socket", // <-- path to a Unix socket
+   */
+  "ip": "{{listen_ip}}",
+  "port": "{{listen_port}}",
+
+  /*
+   * Option to hide/show the settings.json in admin page.
+   *
+   * Default option is set to true
+   */
+  "showSettingsInAdminPage": true,
+
+  /*
+   * Node native SSL support
+   *
+   * This is disabled by default.
+   * Make sure to have the minimum and correct file access permissions set so
+   * that the Etherpad server can access them
+   */
+
+  /*
+  "ssl" : {
+            "key"  : "/path-to-your/epl-server.key",
+            "cert" : "/path-to-your/epl-server.crt",
+            "ca": ["/path-to-your/epl-intermediate-cert1.crt", "/path-to-your/epl-intermediate-cert2.crt"]
+          },
+  */
+
+  /*
+   * The type of the database.
+   *
+   * You can choose between many DB drivers, for example: dirty, postgres,
+   * sqlite, mysql.
+   *
+   * You shouldn't use "dirty" for for anything else than testing or
+   * development.
+   *
+   *
+   * Database specific settings are dependent on dbType, and go in dbSettings.
+   * Remember that since Etherpad 1.6.0 you can also store these informations in
+   * credentials.json.
+   *
+   * For a complete list of the supported drivers, please refer to:
+   * https://www.npmjs.com/package/ueberdb2
+   */
+
+  "dbType": "postgres",
+  "dbSettings": {
+    "host":     "/var/run/postgresql",
+    "database": "etherpad",
+    "user":     "etherpad",
+    "password": "{{database_password}}",
+    "charset":  "utf8mb4"
+  },
+
+  /**
+   * The default text of a pad
+   */
+  "defaultPadText" : "{{pad_default_text|replace("\n","\\n")}}",
+
+  /*
+   * Default Pad behavior.
+   *
+   * Change them if you want to override.
+   */
+  "padOptions": {
+    "noColors":         false,
+    "showControls":     true,
+    "showChat":         true,
+    "showLineNumbers":  true,
+    "useMonospaceFont": true,
+    "userName":         false,
+    "userColor":        false,
+    "rtl":              false,
+    "alwaysShowChat":   false,
+    "chatAndUsers":     false,
+    "lang":             "{{pad_lang}}"
+  },
+
+  /*
+   * Pad Shortcut Keys
+   */
+  "padShortcutEnabled" : {
+    "altF9":     true,      /* focus on the File Menu and/or editbar */
+    "altC":      true,       /* focus on the Chat window */
+    "cmdShift2": true, /* shows a gritter popup showing a line author */
+    "delete":    true,
+    "return":    true,
+    "esc":       true,         /* in mozilla versions 14-19 avoid reconnecting pad */
+    "cmdS":      true,       /* save a revision */
+    "tab":       true,         /* indent */
+    "cmdZ":      true,       /* undo/redo */
+    "cmdY":      true,       /* redo */
+    "cmdI":      true,       /* italic */
+    "cmdB":      true,       /* bold */
+    "cmdU":      true,       /* underline */
+    "cmd5":      true,       /* strike through */
+    "cmdShiftL": true, /* unordered list */
+    "cmdShiftN": true, /* ordered list */
+    "cmdShift1": true, /* ordered list */
+    "cmdShiftC": true, /* clear authorship */
+    "cmdH":      true,       /* backspace */
+    "ctrlHome":  true,   /* scroll to top of pad */
+    "pageUp":    true,
+    "pageDown":  true
+  },
+
+  /*
+   * Should we suppress errors from being visible in the default Pad Text?
+   */
+  "suppressErrorsInPadText": true,
+
+  /*
+   * If this option is enabled, a user must have a session to access pads.
+   * This effectively allows only group pads to be accessed.
+   */
+  "requireSession": false,
+
+  /*
+   * Users may edit pads but not create new ones.
+   *
+   * Pad creation is only via the API.
+   * This applies both to group pads and regular pads.
+   */
+  "editOnly": false,
+
+  /*
+   * If set to true, those users who have a valid session will automatically be
+   * granted access to password protected pads.
+   */
+  "sessionNoPassword": false,
+
+  /*
+   * If true, all css & js will be minified before sending to the client.
+   *
+   * This will improve the loading performance massively, but makes it difficult
+   * to debug the javascript/css
+   */
+  "minify": true,
+
+  /*
+   * How long may clients use served javascript code (in seconds)?
+   *
+   * Not setting this may cause problems during deployment.
+   * Set to 0 to disable caching.
+   */
+  "maxAge": 21600, // 60 * 60 * 6 = 6 hours
+
+  /*
+   * Absolute path to the Abiword executable.
+   *
+   * Abiword is needed to get advanced import/export features of pads. Setting
+   * it to null disables Abiword and will only allow plain text and HTML
+   * import/exports.
+   */
+  "abiword": null,
+
+  /*
+   * This is the absolute path to the soffice executable.
+   *
+   * LibreOffice can be used in lieu of Abiword to export pads.
+   * Setting it to null disables LibreOffice exporting.
+   */
+  "soffice": "/usr/bin/soffice",
+
+  /*
+   * Path to the Tidy executable.
+   *
+   * Tidy is used to improve the quality of exported pads.
+   * Setting it to null disables Tidy.
+   */
+  "tidyHtml": "/usr/bin/tidy",
+
+  /*
+   * Allow import of file types other than the supported ones:
+   * txt, doc, docx, rtf, odt, html & htm
+   */
+  "allowUnknownFileEnds": true,
+
+  /*
+   * This setting is used if you require authentication of all users.
+   *
+   * Note: "/admin" always requires authentication.
+   */
+  "requireAuthentication": false,
+
+  /*
+   * Require authorization by a module, or a user with is_admin set, see below.
+   */
+  "requireAuthorization": false,
+
+  /*
+   * When you use NGINX or another proxy/load-balancer set this to true.
+   *
+   * This is especially necessary when the reverse proxy performs SSL
+   * termination, otherwise the cookies will not have the "secure" flag.
+   *
+   * The other effect will be that the logs will contain the real client's IP,
+   * instead of the reverse proxy's IP.
+   */
+  "trustProxy": true,
+
+  /*
+   * Privacy: disable IP logging
+   */
+  "disableIPlogging": true,
+
+  /*
+   * Time (in seconds) to automatically reconnect pad when a "Force reconnect"
+   * message is shown to user.
+   *
+   * Set to 0 to disable automatic reconnection.
+   */
+  "automaticReconnectionTimeout": 2,
+
+  /*
+   * By default, when caret is moved out of viewport, it scrolls the minimum
+   * height needed to make this line visible.
+   */
+  "scrollWhenFocusLineIsOutOfViewport": {
+
+    /*
+     * Percentage of viewport height to be additionally scrolled.
+     *
+     * E.g.: use "percentage.editionAboveViewport": 0.5, to place caret line in
+     *       the middle of viewport, when user edits a line above of the
+     *       viewport
+     *
+     * Set to 0 to disable extra scrolling
+     */
+    "percentage": {
+      "editionAboveViewport": 0,
+      "editionBelowViewport": 0
+    },
+
+    /*
+     * Time (in milliseconds) used to animate the scroll transition.
+     * Set to 0 to disable animation
+     */
+    "duration": 0,
+
+    /*
+     * Flag to control if it should scroll when user places the caret in the
+     * last line of the viewport
+     */
+    "scrollWhenCaretIsInTheLastLineOfViewport": false,
+
+    /*
+     * Percentage of viewport height to be additionally scrolled when user
+     * presses arrow up in the line of the top of the viewport.
+     *
+     * Set to 0 to let the scroll to be handled as default by Etherpad
+     */
+    "percentageToScrollWhenUserPressesArrowUp": 0
+  },
+
+  /*
+   * Users for basic authentication.
+   *
+   * is_admin = true gives access to /admin.
+   * If you do not uncomment this, /admin will not be available!
+   *
+   * WARNING: passwords should not be stored in plaintext in this file.
+   *          If you want to mitigate this, please install ep_hash_auth and
+   *          follow the section "secure your installation" in README.md
+   */
+
+  "users": {
+    "admin": {
+      // 1) "password" can be replaced with "hash" if you install ep_hash_auth
+      // 2) please note that if password is null, the user will not be created
+      "password": "fk30f1EmWspoCVQOqgvhuODHw",
+      "is_admin": true
+    },
+  },
+
+  /*
+   * Restrict socket.io transport methods
+   */
+  "socketTransportProtocols" : ["xhr-polling", "jsonp-polling", "htmlfile"],
+
+  /*
+   * Allow Load Testing tools to hit the Etherpad Instance.
+   *
+   * WARNING: this will disable security on the instance.
+   */
+  "loadTest": "${LOAD_TEST:false}",
+
+  /*
+   * Disable indentation on new line when previous line ends with some special
+   * chars (':', '[', '(', '{')
+   */
+
+  /*
+  "indentationOnNewLine": false,
+  */
+
+  /*
+   * From Etherpad 1.8.3 onwards, import and export of pads is always rate
+   * limited.
+   *
+   * The default is to allow at most 10 requests per IP in a 90 seconds window.
+   * After that the import/export request is rejected.
+   *
+   * See https://github.com/nfriedly/express-rate-limit for more options
+   */
+  "importExportRateLimiting": {
+    // duration of the rate limit window (milliseconds)
+    "windowMs": 90000,
+
+    // maximum number of requests per IP to allow during the rate limit window
+    "max": 10
+  },
+
+  /*
+   * From Etherpad 1.8.3 onwards, the maximum allowed size for a single imported
+   * file is always bounded.
+   *
+   * File size is specified in bytes. Default is 50 MB.
+   */
+  "importMaxFileSize": 52428800, // 50 * 1024 * 1024
+
+  /*
+   * Toolbar buttons configuration.
+   *
+   * Uncomment to customize.
+   */
+
+  /*
+  "toolbar": {
+    "left": [
+      ["bold", "italic", "underline", "strikethrough"],
+      ["orderedlist", "unorderedlist", "indent", "outdent"],
+      ["undo", "redo"],
+      ["clearauthorship"]
+    ],
+    "right": [
+      ["importexport", "timeslider", "savedrevision"],
+      ["settings", "embed"],
+      ["showusers"]
+    ],
+    "timeslider": [
+      ["timeslider_export", "timeslider_returnToPad"]
+    ]
+  },
+  */
+
+  /*
+   * Expose Etherpad version in the web interface and in the Server http header.
+   *
+   * Do not enable on production machines.
+   */
+  "exposeVersion": false,
+
+  /*
+   * The log level we are using.
+   *
+   * Valid values: DEBUG, INFO, WARN, ERROR
+   */
+  "loglevel": "{{log_level}}",
+
+  /*
+   * Logging configuration. See log4js documentation for further information:
+   * https://github.com/nomiddlename/log4js-node
+   *
+   * You can add as many appenders as you want here.
+   */
+  "logconfig" :
+    { "appenders": [
+        { "type": "console"
+        //, "category": "access"// only logs pad access
+        }
+
+      /*
+      , { "type": "file"
+      , "filename": "your-log-file-here.log"
+      , "maxLogSize": 1024
+      , "backups": 3 // how many log files there're gonna be at max
+      //, "category": "test" // only log a specific category
+        }
+      */
+
+      /*
+      , { "type": "logLevelFilter"
+        , "level": "warn" // filters out all log messages that have a lower level than "error"
+        , "appender":
+          {  Use whatever appender you want here  }
+        }
+      */
+
+      /*
+      , { "type": "logLevelFilter"
+        , "level": "error" // filters out all log messages that have a lower level than "error"
+        , "appender":
+          { "type": "smtp"
+          , "subject": "An error occurred in your EPL instance!"
+          , "recipients": "bar@blurdybloop.com, baz@blurdybloop.com"
+          , "sendInterval": 300 // 60 * 5 = 5 minutes -- will buffer log messages; set to 0 to send a mail for every message
+          , "transport": "SMTP", "SMTP": { // see https://github.com/andris9/Nodemailer#possible-transport-methods
+              "host": "smtp.example.com", "port": 465,
+              "secureConnection": true,
+              "auth": {
+                  "user": "foo@example.com",
+                  "pass": "bar_foo"
+              }
+            }
+          }
+        }
+      */
+
+      ]
+    },
+
+    "ep_delete_after_delay_lite": {
+      "delay": 86400, // one day, in seconds
+      "loop": true,
+      "loopDelay": 3600, // one hour, in seconds
+      "deleteAtStart": true,
+      "text": "{{pad_default_text|replace("\n","\\n")}}"
+    },
+
+    "ep_toc": {
+      "disable_by_default": true
+    }
+}

roles/postgresql/tasks/main.yml → roles/stable/postgresql/tasks/main.yml

@@ -1,11 +1,18 @@
 ---
 - name: Install postgresql
   apt:
-    pkg: 
+    pkg:
       - acl
       - postgresql
       - python3-psycopg2
 
+- name: Start postgresql service
+  become: true
+  service:
+    name: postgresql
+    enabled: yes
+    state: started
+
 - name: Create postgresql db
   become: true
   become_user: postgres

roles/up1/meta/main.yml

@@ -12,4 +12,4 @@ dependencies:
         encode gzip
         reverse_proxy /api/* 127.0.0.1:31337
         root * /srv/up1/up1/client
-        file_server
+        file_server

roles/wiregard/tasks/main.ml

@@ -0,0 +1,11 @@
+---
+- name: Install Wireguard`
+  become: yes
+  apt: wireguard
+
+- name: Make sure Wireguard Service is running
+  become: yes
+  service:
+    name: wireguard
+    state: start
+    enabled: yes

tests/assets/Dockerfile

@@ -0,0 +1,60 @@
+# Etherpad Lite Dockerfile
+#
+# https://github.com/ether/etherpad-lite
+#
+# Author: muxator
+
+FROM node:10-buster-slim
+LABEL maintainer="Etherpad team, https://github.com/ether/etherpad-lite"
+
+# plugins to install while building the container. By default no plugins are
+# installed.
+# If given a value, it has to be a space-separated, quoted list of plugin names.
+#
+# EXAMPLE:
+#   ETHERPAD_PLUGINS="ep_codepad ep_author_neat"
+ARG ETHERPAD_PLUGINS="ep_adminpads2 ep_align ep_comments_page ep_headings2 ep_markdown ep_table_of_contents ep_delete_after_delay_lite"
+
+# By default, Etherpad container is built and run in "production" mode. This is
+# leaner (development dependencies are not installed) and runs faster (among
+# other things, assets are minified & compressed).
+ENV NODE_ENV=production
+
+# Follow the principle of least privilege: run as unprivileged user.
+#
+# Running as non-root enables running this image in platforms like OpenShift
+# that do not allow images running as root.
+RUN useradd --uid 5001 --create-home etherpad
+
+RUN mkdir /opt/etherpad-lite && chown etherpad:0 /opt/etherpad-lite
+
+USER etherpad
+
+WORKDIR /opt/etherpad-lite
+
+COPY --chown=etherpad:0 ./ ./
+
+# install node dependencies for Etherpad
+RUN bin/installDeps.sh && \
+	rm -rf ~/.npm/_cacache
+
+# Install the plugins, if ETHERPAD_PLUGINS is not empty.
+#
+# Bash trick: in the for loop ${ETHERPAD_PLUGINS} is NOT quoted, in order to be
+# able to split at spaces.
+RUN for PLUGIN_NAME in ${ETHERPAD_PLUGINS}; do npm install "${PLUGIN_NAME}"; done
+
+# Copy the configuration file.
+COPY --chown=etherpad:0 ./settings.json.docker /opt/etherpad-lite/settings.json
+
+# Fix permissions for root group
+RUN chmod -R g=u .
+COPY --chown=etherpad:0 assets/index.css /opt/etherpad-lite/src/static/skins/colibris/
+COPY --chown=etherpad:0 assets/fond.jpg /opt/etherpad-lite/src/static/skins/colibris/images/
+COPY --chown=etherpad:0 assets/logo.png /opt/etherpad-lite/src/static/skins/colibris/images/
+COPY --chown=etherpad:0 assets/index.html /opt/etherpad-lite/src/templates/
+COPY --chown=etherpad:0 assets/index.js /opt/etherpad-lite/src/static/skins/colibris/
+COPY --chown=etherpad:0 assets/iframe_editor.css /opt/etherpad-lite/src/static/css/
+
+EXPOSE 9001
+CMD ["node", "node_modules/ep_etherpad-lite/node/server.js"]

tests/assets/etherpad/iframe_editor.css

@@ -0,0 +1,142 @@
+/*
+  These CSS rules are included in both the outer and inner ACE iframe (pad editor)
+*/
+
+@import url('./lists_and_indents.css');
+
+html.inner-editor {
+  height: auto !important;
+  background-color: transparent !important;
+  scrollbar-width: thin;
+  scrollbar-color: white transparent;
+}
+#outerdocbody {
+  display: flex;
+  flex-direction: row;
+  justify-content: center;
+  min-height: 100vh; /* take at least full height */
+}
+#outerdocbody iframe {
+  flex: 1 auto;
+  display: flex;
+  width: 100%;
+}
+#outerdocbody #sidediv {
+  order: -1; /* display it on the first row positionning, i.e. on the left */
+}
+
+/* ACE-PAD Container (i.e. where the text is displayed) */
+#innerdocbody {
+  padding: 10px;
+  overflow: hidden;
+  background-color: white;
+
+  /* Be careful editing following rules. Longs words should not overflow, ep_align justify should work,
+     Test on chrome, firefox and safari... Copy / Paste a word inside a sentence should not add line-breaks
+     and preserve the style */
+  display: block; /* for safari and firefox, otherwise the break-word does not work */
+  white-space: normal;
+  word-wrap: break-word;
+  overflow-wrap: break-word;
+}
+#innerdocbody, #sidediv {
+  padding-top: 10px; /* Both must have same top padding, so line number are aligned with the rows */
+  padding-bottom: 10px; /* some space when we scroll to the bottom */
+}
+
+#innerdocbody a {
+  color: #2e96f3;
+}
+#innerdocbody.authorColors [class^='author-'] a {
+  color: inherit;
+}
+
+#innerdocbody span {
+  line-height: 125%;
+  padding: 6px 0 !important;
+}
+
+option {
+  text-transform: capitalize;
+}
+
+#innerdocbody h1,
+#innerdocbody h2,
+#innerdocbody h3,
+#innerdocbody h4 {
+  margin-bottom: .5em;
+}
+
+/* --------------------- */
+/* -- BROWSER SUPPORT -- */
+/* --------------------- */
+
+body.mozilla, body.safari {
+  display: table-cell; /* cause "body" area (e.g. where clicks are heard) to grow horizontally with text */
+}
+.safari div {
+  padding-right: 1px; /* prevents the caret from disappearing on the longest line of the doc */
+}
+
+
+/* ------------------------------------------ */
+/* -- SIDEDIV (line number, text author..) -- */
+/* ------------------------------------------ */
+
+#sidediv {
+  background-color: transparent;
+  border-right: 1px solid #ccc;
+}
+#sidediv .line-number {
+  font-size: 9px;
+  padding: 0 10px;
+  font-family: monospace;
+}
+#sidedivinner {
+  text-align: right;
+  opacity: .9;
+}
+#sidediv:not(.sidedivdelayed) { /* before sidediv get initialized, hide text */
+  color: transparent;
+}
+.line-numbers-hidden #sidediv .line-number {
+  display: none;
+}
+#linemetricsdiv {
+  position: absolute;
+  left: -1000px;
+  top: -1000px;
+  color: white;
+  z-index: -1;
+  font-size: 12px; /* overridden by lineMetricsDiv.style */
+  font-family: monospace; /* overridden by lineMetricsDiv.style */
+}
+@media (max-width: 800px) {
+  #sidediv {
+    /* Do not use display: none to hide the sidediv, otherwise the parent container does not
+       get its height properly calculated by flexboxes */
+    visibility: hidden;
+    width: 0;
+    padding: 0;
+  }
+}
+
+
+
+
+/* ----------- */
+/* -- OTHER -- */
+/* ----------- */
+
+::selection {
+  background: #acf;
+}
+::-moz-selection {
+  background: #acf;
+}
+#innerdocbody a {
+  cursor: pointer !important;
+}
+body.grayedout {
+  background-color: #eee !important
+}

tests/assets/etherpad/index.css

@@ -0,0 +1,125 @@
+#button,
+body,
+form {
+  border: none
+}
+
+body {
+  background: url(images/fond.jpg) top center no-repeat fixed #fff;
+  font-family: Cantarell, "Open Sans", "Helvetica Neue", sans-serif;
+  font-size: 16px;
+  line-height: 1.42857143;
+  color: #333;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  background-size: cover;
+}
+
+#wrapper {
+  border-top: none;
+  margin-top: 0;
+  padding: 0;
+  background: 0 0;
+  box-shadow: none
+}
+
+input {
+  color: #4a5d5c;
+}
+
+#inner {
+  background: transparent;
+  padding-top: 0;
+  width: 350px;
+  max-width: 350px;
+  text-align: center;
+  color:#FFF;
+}
+
+#label {
+  text-shadow: none;
+  color: #FFF;
+  font-weight: normal;
+  text-align: center;
+}
+
+#button {
+  margin: 0 auto;
+  text-align: center;
+  width: 100%;
+  text-shadow: none;
+  font-size: 23px;
+  line-height: 1.8;
+  color: #64d29b;
+  background: #586a69;
+  border-radius: 3px;
+  box-shadow: none;
+  height: 53px;
+  border: none;
+  display: block;
+}
+
+
+button[type=submit] {
+  border-top-right-radius: 3px;
+  border-bottom-right-radius: 3px;
+  left: 305px;
+  color: #64d29b;
+  background: #586a69;
+  border: none;
+  top: 0;
+  opacity: 1;
+  transition: .2s background;
+}
+
+#button:hover,
+button[type=submit]:hover {
+  cursor: pointer;
+  background: #64d29b;
+  border: 2px solid #586a69;
+  color: #586a69;
+}
+
+#padname {
+  height: 38px;
+  max-width: 350px;
+  padding: 0 12px;
+  position: relative;
+}
+
+#text {
+  text-align: center;
+  max-width:500px;
+  font-size: 1.2em;
+  padding:20px;
+  margin:0 auto;
+  color:#FFFF;
+}
+
+.logo_pad .icon img.pad {
+  width: 40px;
+  margin-top: 10px;
+  float:left;
+  padding:14px;
+}
+.logo_pad h3 {
+  font-size: 24px;
+  font-weight: 400;
+  color: red;
+  float:left;
+}
+
+#logo_cisti {
+ width:100px;
+ margin: auto;
+ display: block;
+}
+
+#logo_cisti img {
+ max-width: 100%;
+}
+.onion {
+  text-decoration: none;
+  font-size: 15px;
+}

tests/assets/etherpad/index.html

@@ -0,0 +1,234 @@
+<%
+  var settings = require("ep_etherpad-lite/node/utils/Settings");
+%>
+<!doctype html>
+<html>
+
+        <title><%=settings.title%></title>
+    <script>
+      /*
+      |@licstart  The following is the entire license notice for the
+      JavaScript code in this page.|
+
+      Copyright 2011 Peter Martischka, Primary Technology.
+
+      Licensed under the Apache License, Version 2.0 (the "License");
+      you may not use this file except in compliance with the License.
+      You may obtain a copy of the License at
+
+         http://www.apache.org/licenses/LICENSE-2.0
+
+      Unless required by applicable law or agreed to in writing, software
+      distributed under the License is distributed on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+      See the License for the specific language governing permissions and
+      limitations under the License.
+
+      |@licend  The above is the entire license notice
+      for the JavaScript code in this page.|
+      */
+    </script>
+
+        <meta charset="utf-8">
+        <meta name="referrer" content="no-referrer">
+        <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0">
+        <link rel="shortcut icon" href="<%=settings.favicon%>">
+
+        <link rel="localizations" type="application/l10n+json" href="locales.json">
+        <script type="text/javascript" src="static/js/html10n.js?v=<%=settings.randomVersionString%>"></script>
+        <script type="text/javascript" src="static/js/l10n.js?v=<%=settings.randomVersionString%>"></script>
+
+        <style>
+            html, body {
+              height: 100%;
+            }
+            body {
+              margin: 0;
+              color: #333;
+              font: 14px helvetica, sans-serif;
+              background: #ddd;
+              background: -webkit-radial-gradient(circle,#aaa,#eee 60%) center fixed;
+              background: -moz-radial-gradient(circle,#aaa,#eee 60%) center fixed;
+              background: -ms-radial-gradient(circle,#aaa,#eee 60%) center fixed;
+              background: -o-radial-gradient(circle,#aaa,#eee 60%) center fixed;
+              border-top: 8px solid rgba(51,51,51,.8);
+            }
+            #wrapper {
+              border-top: 1px solid #999;
+              margin-top: 160px;
+              padding: 15px;
+              background: #eee;
+              background: -webkit-linear-gradient(#fff,#ccc);
+              background: -moz-linear-gradient(#fff,#ccc);
+              background: -ms-linear-gradient(#fff,#ccc);
+              background: -o-linear-gradient(#fff,#ccc);
+              box-shadow: 0px 1px 8px rgba(0,0,0,0.3);
+            }
+            #inner {
+              position:relative;
+              max-width: 300px;
+              margin: 0 auto;
+            }
+            #button {
+              margin: 0 auto;
+              text-align: center;
+              font: 36px verdana,arial,sans-serif;
+              width:300px;
+              border:none;
+              color: white;
+              text-shadow: 0 -1px 0 rgba(0,0,0,.8);
+              height: 70px;
+              line-height: 70px;
+              background: #555;
+              background: -webkit-linear-gradient(#5F5F5F,#565656 50%,#4C4C4C 51%,#373737);
+              background: -moz-linear-gradient(#5F5F5F,#565656 50%,#4C4C4C 51%,#373737);
+              background: -ms-linear-gradient(#5F5F5F,#565656 50%,#4C4C4C 51%,#373737);
+              background: -o-linear-gradient(#5F5F5F,#565656 50%,#4C4C4C 51%,#373737);
+              box-shadow: inset 0 1px 3px rgba(0,0,0,0.9);
+            }
+            #button:hover {
+              cursor: pointer;
+              background: #666;
+              background: -webkit-linear-gradient(#707070,#666666 50%,#5B5B5B 51%,#474747);
+              background: -moz-linear-gradient(#707070,#666666 50%,#5B5B5B 51%,#474747);
+              background: -ms-linear-gradient(#707070,#666666 50%,#5B5B5B 51%,#474747);
+              background: -o-linear-gradient(#707070,#666666 50%,#5B5B5B 51%,#474747);
+            }
+            #button:active {
+              box-shadow: inset 0 1px 12px rgba(0,0,0,0.9);
+              background: #444;
+            }
+            #label {
+              text-align: left;
+              text-shadow: 0 1px 1px #fff;
+              margin: 16px auto 0;
+              display:block;
+            }
+            #padname{
+              height:38px;
+              max-width:280px;
+            }
+            form {
+              height: 38px;
+              background: #fff;
+              border: 1px solid #bbb;
+              border-radius: 3px;
+              position: relative;
+            }
+            button, input {
+              font-weight: bold;
+              font-size: 15px;
+            }
+            input[type="text"] {
+              border-radius: 3px;
+              box-sizing: border-box;
+              -moz-box-sizing: border-box;
+              line-height:36px; /* IE8 hack */
+              padding: 0px 45px 0 10px;
+              *padding: 0; /* IE7 hack */
+              width: 100%;
+              height: 100%;
+              outline: none;
+              border: none;
+              position: absolute;
+            }
+            button[type="submit"] {
+              position: absolute;
+              left:253px;
+              width: 45px;
+              height: 38px;
+            }
+            @media only screen and (min-device-width: 320px) and (max-device-width: 800px) {
+              body {
+                background: #bbb;
+                background: -webkit-linear-gradient(#aaa,#eee 60%) center fixed;
+                background: -moz-linear-gradient(#aaa,#eee 60%) center fixed;
+                background: -ms-linear-gradient(#aaa,#eee 60%) center fixed;
+              }
+              #wrapper {
+                margin-top: 0;
+              }
+              #inner {
+                width: 95%;
+              }
+              #label {
+                text-align: center;
+              }
+            }
+        </style>
+        <link href="static/skins/<%=encodeURI(settings.skinName)%>/index.css?v=<%=settings.randomVersionString%>" rel="stylesheet">
+
+        <div id="wrapper">
+        <% e.begin_block("indexWrapper"); %>
+            <div id="inner">
+                <button id="button" onclick="go2Random()" data-l10n-id="index.newPad"></button>
+                <label id="label" for="padname" data-l10n-id="index.createOpenPad"></label>
+                <form action="#" onsubmit="go2Name();return false;">
+                    <input type="text" id="padname" maxlength="50" autofocus x-webkit-speech>
+                    <button type="submit">OK</button>
+                </form>
+            </div>
+        <% e.end_block(); %>
+	<div id="text">
+          <div cass="text_inner">
+          
+Questo è un servizio etherpad ospitato dal progetto cisti.org.
+Etherpad è un software libero che permette la realizzazione collaborativa di documenti di testo.
+Su cisti non registriamo nessuna informazione su chi lo usa.<br/>
+          </div>
+        </div>
+	
+          <div id="logo_cisti">
+            <a href="https://cisti.org/">
+	      <img src="static/skins/colibris/images/logo.png" alt="Cisti" ></img>
+	    </a>
+          </div>
+
+	<div class="onion">
+	   pad.ukdbebvetkn265rh5sfmmw53ka4dbhkfpqb7ufr3fu6ldlh6khleybid.onion
+	</div>
+
+        <script src="static/skins/<%=encodeURI(settings.skinName)%>/index.js?v=<%=settings.randomVersionString%>"></script>
+        <script>
+            // @license magnet:?xt=urn:btih:8e4f440f4c65981c5bf93c76d35135ba5064d8b7&dn=apache-2.0.txt
+            function go2Name()
+            {
+                var padname = document.getElementById("padname").value;
+                padname.length > 0 ? window.location = "p/" + encodeURIComponent(padname.trim()) : alert("Please enter a name")
+            }
+
+            function go2Random()
+            {
+                window.location = "p/" + randomPadName();
+            }
+
+            function randomPadName()
+            {
+                // the number of distinct chars (64) is chosen to ensure that
+                // the selection will be uniform when using the PRNG below
+                var chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_";
+                // the length of the pad name is chosen to get 120-bit security:
+                // log2(64^20) = 120
+                var string_length = 20;
+                // make room for 8-bit integer values that span from 0 to 255.
+                var randomarray = new Uint8Array(string_length);
+                // use browser's PRNG to generate a "unique" sequence
+                var cryptoObj = window.crypto || window.msCrypto; // for IE 11
+                cryptoObj.getRandomValues(randomarray);
+                var randomstring = '';
+                for (var i = 0; i < string_length; i++)
+                {
+                    // instead of writing "Math.floor(randomarray[i]/256*64)"
+                    // we can save some cycles.
+                    var rnum = Math.floor(randomarray[i]/4);
+                    randomstring += chars.substring(rnum, rnum + 1);
+                }
+                return randomstring;
+            }
+
+            // start the custom js
+            if (typeof customStart == "function") customStart();
+            // @license-end
+        </script>
+        <div style="display:none"><a href="/javascript" data-jslicense="1">JavaScript license information</a></div>
+</html>

tests/assets/etherpad/index.js

@@ -0,0 +1,11 @@
+function customStart()
+{
+  //define your javascript here
+  //jquery is available - except index.js
+  //you can load extra scripts with $.getScript http://api.jquery.com/jQuery.getScript/
+  function setRandomName() {
+      document.getElementById("padname").value = randomPadName();
+  }
+  setRandomName();
+
+}

tests/caddy/Vagrantfile

@@ -1,8 +0,0 @@
-Vagrant.configure("2") do |config|
-  config.vm.define :node do |node|
-    node.vm.box = "generic/debian10"
-    node.vm.provision "ansible" do |ansible|
-      ansible.playbook = "./nodejs.yml"
-    end
-  end
-end

tests/caddy/caddy.yml

@@ -1,6 +0,0 @@
----
-- name: caddy test
-  hosts: localhost
-  become: yes
-  roles:
-  - caddy

tests/caddy/roles

@@ -1 +0,0 @@
-../../roles/

tests/dev/roles

@@ -1 +0,0 @@
-../../roles

tests/etherpad-playbook.yml

@@ -0,0 +1,32 @@
+---
+
+- name: "Testing etherpad role"
+  hosts: etherpad
+  roles:
+    - role: stable/common
+    - role: stable/etherpad
+  vars:
+    title: "Pad@cisti"
+    pad_lang: "it-IT"
+    pad_default_text: |
+      Sei su pad.cisti.org! Qui potrai usare usare PAD.
+      Un PAD è uno strumento di scrittura collaborativa per scrivere testi, comunicati o quello che vuoi assieme ad altre persone!
+      Questo è uno dei servizi di cisti.org, fuori dalle logiche del profitto e del capitalismo, dietro ci sono un gruppo di persone volontarie che si responsabilizzano a mantenere in piedi tutto questo.
+
+      ALCUNE COSE DA SAPERE:
+      - Per iniziare cancella tutto questo testo e inizia a scrivere!
+      - Ogni pad può essere modificato da CHIUNQUE sia in possesso del sito (URL) o che possa indovinarlo facilmente, quindi scegli bene il nome del pad che vuoi creare!
+      - Questo pad verrà eliminato automaticamente dopo 60 giorni di inattività
+      - Una volta cancellato un pad NON ci sono modi di recuperarlo!
+      - Questo pad ci tiene così tanto alla privacy che non sappiamo neanche chi sei, rispetta l'anonimato e usalo bene.
+
+
+
+                                                          made with ❤ by underscore_to hacklab
+    override_files:
+      - index.css: /srv/etherpad/etherpad/src/static/skins/colibris/
+      - fond.jpg: /srv/etherpad/etherpad/src/static/skins/colibris/images/
+      - logo.png: /srv/etherpad/etherpad/src/static/skins/colibris/images/
+      - index.html: /srv/etherpad/etherpad/src/templates/
+      - index.js: /srv/etherpad/etherpad/src/static/skins/colibris/
+      - iframe_editor.css: /srv/etherpad/etherpad/src/static/css/                                                          

tests/goploader.yml

@@ -0,0 +1,9 @@
+---
+
+- name: "GoPloader Testing Role"
+  hosts: goploader.antifa.tech
+  roles:
+    - role: common
+    - role: goploader
+      vars:
+         hostname: goploader.antifa.tech

tests/infra.yml

@@ -0,0 +1,12 @@
+---
+
+- name: "Frontend"
+  hosts: frontend
+  become: true
+  roles:
+    - role: frontend
+      vars:
+        proxies:
+          cicles.cisti.org: "{{grande_macchina}}:8080"
+          mastodon.cisti.org: "{{grande_macchina}}:9001"
+          gancio.cisti.org: "{{grande_macchina}}:9001"

tests/inventory.yml

@@ -0,0 +1,7 @@
+etherpad:
+  hosts: 172.172.0.2
+  vars:
+    ansible_user: root
+    ansible_ssh_private_key_file: /home/les/.ssh/id_rsa.pub
+    ansible_python_interpreter: /usr/bin/python3
+

tests/nodejs/Vagrantfile

@@ -1,8 +0,0 @@
-Vagrant.configure("2") do |config|
-  config.vm.define :node do |node|
-    node.vm.box = "generic/debian10"
-    node.vm.provision "ansible" do |ansible|
-      ansible.playbook = "./nodejs.yml"
-    end
-  end
-end

tests/nodejs/nodejs.yml

@@ -1,6 +0,0 @@
----
-- name: nodejs test
-  hosts: localhost
-  become: yes
-  roles:
-  - nodejs

tests/nodejs/roles

@@ -1 +0,0 @@
-../../roles

tests/roles

@@ -0,0 +1 @@
+../roles