In this tutorial, we will show you how to install Etherpad on Debian 11. For those of you who didn’t know, Etherpad is written in Node.js and supports thousands of simultaneous real-time users. Etherpad is a highly customizable editor with the support of various plugins. And also supports modern document formats such as doc, pdf, and many more.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Etherpad on a Debian 11 (Bullseye).
Prerequisites
- A server running one of the following operating systems: Debian 10 or Debian 11.
- It’s recommended that you use a fresh OS install to prevent any potential issues
- A
non-root sudo useror access to theroot user. We recommend acting as anon-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Install Etherpad on Debian 11 Bullseye
Step 1. Before we install any software, it’s important to make sure your system is up to date by running the following apt commands in the terminal:
sudo apt update sudo apt upgrade sudo apt install gzip git curl python libssl-dev pkg-config gcc g++ make build-essential
Step 2. Installing Node.js.
Etherpad is written in Node.js, so it must be installed on your server:
curl -sL https://deb.nodesource.com/setup_16.x | sudo -E bash -
Next, install Node.js 16.x from the Nodesource repository by running the command below:
sudo apt install nodejs
Verify the Node.js version:
node --version
Step 3. Installing MariaDB.
Run the following command to install MariaDB on your server:
sudo apt install mariadb-server
By default, MariaDB is not hardened. You can secure MariaDB using the mysql_secure_installation script. You should read and below each step carefully which will set the root password, remove anonymous users, disallow remote root login, and remove the test database and access to secure MariaDB:
mysql_secure_installation
Configure it like this:
- Set root password? [Y/n] y - Remove anonymous users? [Y/n] y - Disallow root login remotely? [Y/n] y - Remove test database and access to it? [Y/n] y - Reload privilege tables now? [Y/n] y
Next, we will need to log in to the MariaDB console and create a database for Etherpad. Run the following command:
mysql -u root -p
This will prompt you for a password, so enter your MariaDB root password and hit Enter. Once you are logged in to your database server, you need to create a database for Etherpad installation:
MariaDB [(none)]> CREATE DATABASE etherpad_db; MariaDB [(none)]> CREATE USER 'etherpad_user'@'localhost' IDENTIFIED BY 'your-strong-password'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON etherpad_db.* to etherpad_user@'localhost'; MariaDB [(none)]> FLUSH PRIVILEGES; MariaDB [(none)]> exit
Step 4. Installing Etherpad on Debian 11.
By default, Etherpad is not available on Debian 11 base repository. So, now we download the latest stable version of Etherpad from the official page:
sudo adduser --system --no-create-home --home=/opt/etherpad-lite --group etherpad git clone --branch master https://github.com/ether/etherpad-lite.git
We will need to change some folders permissions:
sudo chown -R etherpad:etherpad etherpad-lite
Next, navigate to the directory ‘etherpad-lite/‘ and install all Node.js dependencies using the installer script ‘installDeps.sh‘:
cd /opt/etherpad-lite sudo su -s /bin/bash -c "./bin/installDeps.sh" etherpad
Step 5. Configure Etherpad.
Now we edit the settings.json file and define your database settings:
nano settings.json
Comment out the following lines:
/*
*"dbType": "dirty",
*"dbSettings": {
* "filename": "var/dirty.db"
*},
*/
Change the following lines:
"dbType" : "mysql",
"dbSettings" : {
"user": "etherpad_user",
"host": "localhost",
"port": 3306,
"password": "your-strong-password",
"database": "etherpad_db",
"charset": "utf8mb4"
},
Step 6. Create Systemd Service File for Etherpad.
Now create a systemd service file to manage the Etherpad service:
sudo nano /etc/systemd/system/etherpad.service
Add the following file:
[Unit] Description=Etherpad-lite, the collaborative editor. After=syslog.target network.target [Service] Type=simple User=etherpad Group=etherpad WorkingDirectory=/opt/etherpad-lite Environment=NODE_ENV=production ExecStart=/usr/bin/node --experimental-worker /opt/etherpad-lite/node_modules/ep_etherpad-lite/node/server.js # use mysql plus a complete settings.json to avoid Service hold-off time over, scheduling restart. Restart=always [Install] WantedBy=multi-user.target
Save and close the file, then reload the systemd manager to apply a new service file:
sudo systemctl daemon-reload sudo systemctl enable --now etherpad sudo systemctl status etherpad
Step 7. Configure Nginx Reverse Proxy for Etherpad.
First, install Nginx with the following command below:
sudo apt install nginx
Once Nginx is installed, start and enable the Nginx service using the command below:
sudo systemctl start nginx sudo systemctl enable nginx
Next, create an Nginx virtual host configuration file:
sudo nano /etc/nginx/sites-available/etherpad
Add the following file:
# enforce HTTPS
server {
listen 80;
listen [::]:80;
server_name etherpad.example.io;
return 301 https://$host$request_uri;
}
# we're in the http context here
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name etherpad.your-domain.com;
access_log /var/log/nginx/eplite.access.log;
error_log /var/log/nginx/eplite.error.log;
ssl_certificate /etc/letsencrypt/live/etherpad.example.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/etherpad.example.io/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 \
EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 \
EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";
location / {
proxy_pass http://127.0.0.1:9001;
proxy_buffering off; # be careful, this line doesn't override any proxy_buffering on set in a conf.d/file.conf
proxy_set_header Host $host;
proxy_pass_header Server;
# Note you might want to pass these headers etc too.
proxy_set_header X-Real-IP $remote_addr; # https://nginx.org/en/docs/http/ngx_http_proxy_module.html
proxy_set_header X-Forwarded-For $remote_addr; # EP logs to show the actual remote IP
proxy_set_header X-Forwarded-Proto $scheme; # for EP to set secure cookie flag when https is used
proxy_http_version 1.1; # recommended with keepalive connections
# WebSocket proxying - from https://nginx.org/en/docs/http/websocket.html
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
Save and close the file, then activate the virtual host configuration:
sudo ln -s /etc/nginx/sites-available/etherpad /etc/nginx/sites-enabled/ nginx -t sudo systemctl restart nginx
Step 8. Configure Firewall.
By default, the UFW firewall is enabled on Debian. Depending on your Apache virtual host configuration file, open ports 80 and 443 to allow HTTP and HTTPS traffic:
sudo ufw allow 80/tcp sudo ufw allow 443/tcp sudo ufw reload
Step 9. Accessing Etherpad Web Interface.
Once successfully installed, open your web browser and access the Matomo using the URL https://etherpad.your-domain.com. You will be redirected to the Matomo interface page:
Congratulations! You have successfully installed Etherpad. Thanks for using this tutorial for installing the latest version of the Etherpad on Debian 11 Bullseye. For additional help or useful information, we recommend you check the official Etherpad website.
