From 98e9b85ce01d34c2770d3077ff16cf89c5369cc3 Mon Sep 17 00:00:00 2001
From: eljamm <fedi.jamoussi@protonmail.ch>
Date: Tue, 25 Mar 2025 15:06:14 +0100
Subject: [PATCH 1/4] Cryptpad: add example and test

---
 projects/Cryptpad/default.nix |  8 +++++++-
 projects/Cryptpad/example.nix | 11 +++++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)
 create mode 100644 projects/Cryptpad/example.nix

diff --git a/projects/Cryptpad/default.nix b/projects/Cryptpad/default.nix
index 7b885eb98..964d899c4 100644
--- a/projects/Cryptpad/default.nix
+++ b/projects/Cryptpad/default.nix
@@ -23,7 +23,13 @@
     cryptpad = {
       name = "cryptpad";
       module = "${sources.inputs.nixpkgs}/nixos/modules/services/web-apps/cryptpad.nix";
-      examples.basic = null;
+      examples.basic = {
+        module = ./example.nix;
+        description = "Run a basic Cryptpad instance";
+        # TODO: fixed in nixpkgs, enable after the flake is updated
+        # tests.basic = import "${sources.inputs.nixpkgs}/nixos/tests/cryptpad.nix" args;
+        tests.basic = null;
+      };
       links = {
         admin-guide = {
           text = "Administration guide";
diff --git a/projects/Cryptpad/example.nix b/projects/Cryptpad/example.nix
new file mode 100644
index 000000000..6a3ee07f7
--- /dev/null
+++ b/projects/Cryptpad/example.nix
@@ -0,0 +1,11 @@
+{ ... }:
+{
+  services.cryptpad = {
+    enable = true;
+    settings = rec {
+      httpPort = 9000;
+      httpUnsafeOrigin = "http://localhost:${toString httpPort}";
+      httpSafeOrigin = "https://cryptpad.example.com";
+    };
+  };
+}

From 137ae1c9f9b892d0743b73c9498d55e374d4f810 Mon Sep 17 00:00:00 2001
From: eljamm <fedi.jamoussi@protonmail.ch>
Date: Tue, 25 Mar 2025 15:44:12 +0100
Subject: [PATCH 2/4] Cryptpad: allow ports in firewall

---
 projects/Cryptpad/example.nix | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/projects/Cryptpad/example.nix b/projects/Cryptpad/example.nix
index 6a3ee07f7..a35aab965 100644
--- a/projects/Cryptpad/example.nix
+++ b/projects/Cryptpad/example.nix
@@ -1,11 +1,17 @@
 { ... }:
+let
+  servicePort = 9000;
+in
 {
   services.cryptpad = {
     enable = true;
-    settings = rec {
-      httpPort = 9000;
-      httpUnsafeOrigin = "http://localhost:${toString httpPort}";
-      httpSafeOrigin = "https://cryptpad.example.com";
+    settings = {
+      httpPort = servicePort;
+      httpUnsafeOrigin = "http://localhost:${toString servicePort}";
+      httpSafeOrigin = "http://localhost:${toString servicePort}";
     };
   };
+
+  networking.firewall.allowedTCPPorts = [ servicePort ];
+  networking.firewall.allowedUDPPorts = [ servicePort ];
 }

From 32f070fa27ba5eaa6ae3e49293a985d178f6b7f4 Mon Sep 17 00:00:00 2001
From: eljamm <fedi.jamoussi@protonmail.ch>
Date: Wed, 26 Mar 2025 14:42:35 +0100
Subject: [PATCH 3/4] Cryptpad: refactor domain name

---
 projects/Cryptpad/example.nix | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/projects/Cryptpad/example.nix b/projects/Cryptpad/example.nix
index a35aab965..7067db052 100644
--- a/projects/Cryptpad/example.nix
+++ b/projects/Cryptpad/example.nix
@@ -1,14 +1,15 @@
 { ... }:
 let
   servicePort = 9000;
+  domainName = "localhost:${toString servicePort}";
 in
 {
   services.cryptpad = {
     enable = true;
     settings = {
       httpPort = servicePort;
-      httpUnsafeOrigin = "http://localhost:${toString servicePort}";
-      httpSafeOrigin = "http://localhost:${toString servicePort}";
+      httpUnsafeOrigin = "http://${domainName}";
+      httpSafeOrigin = "http://${domainName}";
     };
   };
 

From 9ffded75e11a9a98d3a6dfd481ca5dddbcb66703 Mon Sep 17 00:00:00 2001
From: eljamm <fedi.jamoussi@protonmail.ch>
Date: Wed, 26 Mar 2025 15:31:21 +0100
Subject: [PATCH 4/4] Cryptpad: rename example to demo

---
 projects/Cryptpad/default.nix               | 4 ++--
 projects/Cryptpad/{example.nix => demo.nix} | 0
 2 files changed, 2 insertions(+), 2 deletions(-)
 rename projects/Cryptpad/{example.nix => demo.nix} (100%)

diff --git a/projects/Cryptpad/default.nix b/projects/Cryptpad/default.nix
index 964d899c4..5d07b24b2 100644
--- a/projects/Cryptpad/default.nix
+++ b/projects/Cryptpad/default.nix
@@ -23,8 +23,8 @@
     cryptpad = {
       name = "cryptpad";
       module = "${sources.inputs.nixpkgs}/nixos/modules/services/web-apps/cryptpad.nix";
-      examples.basic = {
-        module = ./example.nix;
+      examples.demo = {
+        module = ./demo.nix;
         description = "Run a basic Cryptpad instance";
         # TODO: fixed in nixpkgs, enable after the flake is updated
         # tests.basic = import "${sources.inputs.nixpkgs}/nixos/tests/cryptpad.nix" args;
diff --git a/projects/Cryptpad/example.nix b/projects/Cryptpad/demo.nix
similarity index 100%
rename from projects/Cryptpad/example.nix
rename to projects/Cryptpad/demo.nix