https://www.maketecheasier.

com/create-self-
hosted-office365-with-cryptpad/

How to Create Your Own Self-Hosted Office

365 with Cryptpad
Feb 7, 2023

Cryptpad is an open-source office suite program that you can self host on your server. It is
similar to Office 365 that allows you to access an office suite right from the browser. The main
difference is that Cryptpad focuses on user privacy and allows you to create and share documents
without the risk of leaking any personal information.

This tutorial shows how to install Cryptpad on your server, how Cryptpad works and how you
can create your first user account.
Content

• What Is Cryptpad and Why Should You Use It?

• Requirements
• Installing Cryptpad
• Running Cryptpad
• Frequently Asked Questions

What Is Cryptpad and Why Should You Use It?

Cryptpad is an online office suite that provides you with a privacy-oriented alternative for
collaborative document editing. Similar to online suites, such as Office 365 and Google Docs, it
allows you to create and share documents with other people over the Internet.

One of the biggest advantages of Cryptpad over Office 365 is that it is fully end-to-end
encrypted. Only you and your collaborators can access the document that you are editing, which
could be useful when sharing documents that contain sensitive information with other people.

Cryptpad also excels over Office 365 in that you can fully self-host it on your own hardware.
This is especially helpful if you are concerned about storing your information on a third-party
provider.

Do you know: uou can easily share a Google Docs document over email.

Requirements
Before you can install Cryptpad, you need to make sure that you have the following resources
ready:

• Machine that is accessible from an outside network

• At least 2GB of RAM and 20GB of storage
• Domain name (and a sub-domain name) pointing to your server’s IP address
Note: this tutorial was created on an Ubuntu VPS from Digitalocean.

Tip: while Cryptpad will work from a stock VPS, its developers highly recommend that you also
secure your Linux server before installing the program.

Installing Cryptpad
1. Install the dependencies of Cryptpad:

sudo gpasswd -a www-data ramces

sudo apt install git nodejs npm nginx certbot python3-certbot-nginx

2. Clone the program’s source code from its repository:

git clone https://github.com/xwiki-labs/cryptpad.git cryptpad

3. Go inside the repository and switch to the latest branch:

cd cryptpad
git checkout -b 5.2.1
 4. Use npm to install Bower, a package manager that helps install some of the libraries that
Cryptpad needs.

sudo npm install -g bower

5. Install the Cryptpad binary by running both npm and bower inside the repository.

npm install
bower install
Good to know: you don’t need Microsoft Office to open and view a docx file. learn about other
ways to open the docx file you have.

Configuring the SSL Certificate

Once Cryptpad is in your machine, you can run Certbot to create the certificate for your instance:

sudo certbot certonly --standalone

This will bring up a prompt that asks for your email address.
The Certbot utility will ask for the domains that you want to link to your certificate. Enter both
the root and subdomain.

Create a Diffie-Hellman parameter file for your instance. This is a security measure that the
developers require to ensure that your instance is secure.

sudo openssl dhparam -out /etc/nginx/dhparam.pem 4096

Good to know: you can learn more about OpenSSL and TLS by creating your own self-signed
certificate.

Configuring Nginx

To configure Nginx to serve Cryptpad to your domain, you can make use of the example config
file provided by the developers.

sudo cp /home/$USER/cryptpad/docs/example.nginx.conf
/etc/nginx/conf.d/cryptpad.conf
Modify your new configuration file with a text editor.

sudo nano /etc/nginx/conf.d/cryptpad.conf

Change some variables to make this file work. First, comment the include letsencrypt-
webroot; line.

Next, modify both the $main_domain and $sandbox_domain variables. The former should
contain your root domain, while the latter should contain your subdomain.
Also modify $api_domain and $files_domain. Unlike the ones above, you only need to change
them to your machine’s root domain.

Change the server_name variable to both your root and subdomain.

Change ssl_certificate and ssl_certificate_key to the location of your SSL certificate.

Lastly, replace the value of the root variable with the location of your Cryptpad repository.

Configuring Cryptpad

Use the example config file provided by the developers by running:

cp /home/$USER/cryptpad/config/config.example.js
/home/$USER/cryptpad/config/config.js

Open it with a text editor and change the httpUnsafeOrigin: variable to your root domain.
Change the httpSafeOrigin: variable to your subdomain.

Add the following line of code immediately after the httpSafeOrigin: variable.

adminEmail: 'working_email@address.here',

Creating the SystemD Service

It is also possible to link Cryptpad to a SystemD service to allow you to launch it during the
system startup by running the following:

nano /home/$USER/cryptpad/docs/cryptpad.service
The code block below is a version that I have modified to work with my machine.

[Unit]
Description=Cryptpad Service

# Replace the username values with your own username.

[Service]
ExecStart=/bin/node /home/ramces/cryptpad/server.js
WorkingDirectory=/home/ramces/cryptpad

Restart=always
RestartSec=2

StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=ramces
User=ramces
Group=ramces
Environment='PWD="/home/ramces/cryptpad"'
LimitNOFILE=1000000

[Install]
WantedBy=multi-user.target

Save and exit this file, then copy it to the SystemD service folder:

sudo cp /home/$USER/cryptpad/docs/cryptpad.service
/etc/systemd/system/cryptpad.service
Reload SystemD to enable your service file:

sudo systemctl daemon-reload

sudo systemctl enable cryptpad
sudo systemctl start cryptpad
sudo systemctl reload nginx

Running Cryptpad
If everything is done correctly, you should be able to access Cryptpad through your root domain.

Creating Your Admin Account in Cryptpad

While you can use Cryptpad without an account, it is good practice to create an Admin user to
allow you to manage your instance through its web interface.

1. Press “Sign Up” on Cryptpad’s home page.

2. Enter your username and password to create a new account.

3. Once you are logged in, click the “User Menu” button on the page’s upper-right corner.
4. Click “Settings.”
5. Copy the contents of the “Public Signing Key” text box.
 6. Go back to your repository folder and open your configuration file:

nano /home/$USER/cryptpad/config/config.js

Look for the adminKeys: variable and paste your signing key in between the square brackets:

7. Reload your Cryptpad instance through SystemD:

sudo systemctl restart cryptpad

Frequently Asked Questions
Why am I getting a blank page when I try to connect to Cryptpad?

This issue is most likely due to your machine’s DNS record still not propagating across major
DNS servers. You can fix this by reducing the TTL value in your domain’s DNS record page to
3600.

How do I update Cryptpad after I have installed it?

You can update Cryptpad by going to your repository and running git pull. This will
download all the latest source files for Cryptpad. After that, you also need to run npm update &&
bower update to update your binary files.