opendev/system-config
Code Issues Proposed changes
Files
65c7959c8b51afe51cefc41556cc63bcd3337f31
system-config/doc/source/etherpad.rst
Clark Boylan f3147b37c8 Update etherpad to v2.3.2 
We're updating through 2.3.1 which claims to be just a dependency update
release and then 2.3.2 fixes a bug.

  https://github.com/ether/etherpad-lite/blob/v2.3.2/CHANGELOG.md

Updates to the node-oidc-provider library seem to necessitate that we
pass a resource identifier in our token generation request. Update the
testing and our documentation to capture this.

Change-Id: Ib850f80772c146883fd245718425c9d3b1796b36
2025-06-26 08:48:56 -07:00

3.2 KiB
Raw Blame History

title

Etherpad

Etherpad

Etherpad (previously known as "etherpad-lite") is installed on etherpad.opendev.org to facilitate real-time collaboration on documents. It is used extensively during OpenStack Developer Summits.

At a Glance

Hosts
Ansible
Projects
Bugs

Overview

Apache is configured as a reverse proxy and there is a MySQL database backend.

Manual Administrative Tasks

The following sections describe tasks that individuals with root access may need to perform on rare occasions.

All interaction with the Etherpad admin API requires retrieving a bearer token for authorization and authentication to the API. The secret used to authenticate when requesting a token is found in the Etherpad settings.json file under the client_secret key:

grep '"client_secret":' /etc/etherpad/settings.json | \
  sed -e 's/\s\+"client_secret": "\(.*\)",/\1/'

With this secret we can make a request to get a token:

curl --data grant_type=client_credentials \
     --data client_id=api_admin \
     --data client_secret="SECRETHERE" \
     --data resource="http://localhost:9001" \
     http://localhost:9001/oidc/token

This will return a Bearer token that is valid for one hour. You will need this token to perform the actions described below.

Deleting a Pad

On occasion it may be necessary to delete a pad, so as to redact sensitive or illegal data posted to it (the revision history it keeps makes this harder than just clearing the current contents through a browser). This is fairly easily accomplished via the HTTP API:

curl -H "Authorization: Bearer TOKENFROMABOVEPROCESS" \
  "http://localhost:9001/api/1/deletePad?padID=XXXXXXXXXX" ; echo

...where XXXXXXXXXX is the pad's name as it appears at the end of its URL (the trailing echo is just because the API response doesn't end with a newline and so your next appended shell prompt makes it harder to read). If all goes well, you should receive a response like:

{"code":0,"message":"ok","data":null}

Browse to the original pad's URL and you should now see the fresh welcome message boilerplate for a new pad. Check the pad's history and note that it has no authors and no prior revisions.

Restoring a Pad

It also happens that the content of a pad gets overwritten with the wrong content, one common example is someone using a translation tool on it, not being aware that this changes the document for everyone instead of just locally. Via the revision slider you can identify the last good version and then restore it via the API:

curl -H "Authorization: Bearer TOKENFROMABOVEPROCESS" \
  "http://localhost:9001/api/1.2.11/restoreRevision?padID=XXXXXXXXXX&rev=NNN" \
  ; echo