How to run CryptPad on


Here you can find what is needed to run CryptPad on You will see soon that it doesn’t take much at all, and very quickly you will be able to collaborate on slides, sheets, and other types of documents in secure and private manner.

TL;DR Clone CryptPad, cherry pick my commit, push to fresh project, profffit.

Here’s what you can collaborate on with CryptPad:


It’s like Google Docs or Microsoft Office365, but on your own: you own the data, and it is protected at rest. Interested? Let’s go.


You will need:

  • Basic knowledge of how works.
  • You have run at least one project on, so we don’t have to go over git and other primitives here.


Before we go to steps you can pick up this complete Github repo, push it to your project, and you will have fully working CryptPad copy. You can see this repo running in my project.

And now, here are all the steps I took to make it happen.

1. Fork it - Clone it - Branch it

So I forked original XWiki repo to my own Github account and cloned it. I will paste my own command, but please adjust it for your own username and URL:

git clone
cd cryptpad

Ok, origin remote is Github one. Sweet. Next, I wanted to use the latest CryptPad release, which at the time of writing this is 3.12.0, and name that branch platform, you can guess why. Let’s go:

git checkout -b platform tags/3.12.0

Easier to do than to describe.

2. Create project

So go and create new project. It can be trial too. It’s fast, I’ll wait.

3. Hook it up - Basics

As you already probably know, there are only a few things needs to know before it is able to run your application:

  • Your app description: what it runs on, how to build it, how to serve it, etc. It’s that file.
  • Services your app is using. It’s easy here because CryptPad uses no external services and keeps everything on the disk.
  • Your routes, how to access your application. And only here we have one small gotcha that is crucial, we’ll cover it below.

But first, let’s add project remote to our repo:

platform project:set-remote <YOUR PROJECT ID>

4. Hook it up - Describing the app

Here it is, full and fully commented file:

name: cryptpad
# CryptPad needs to run on Node 12.
type: nodejs:12

    # This tells the app how to create encryption key. Refer its documentation for more info.
    FRESH: 1
    # No, don't sweat it, you're behind proxy and we got TLS all figured out :slight_smile:.
    USE_SSL: "false"

    # I love Express framework apps, they're so easy to run!
    start: "node ./server.js"

  # Let me handle it, don't be smart.
  flavor: none

  build: |
    npm install
    # Make our life easier with official helper.
    npm install platformsh-config@2.3.1
    bower install
    # This is the configuration file, more about this one later.
    cp config.platformsh.js config/config.js

    bower: "^1.8.8"

       source: local
       source_path: datastore
       source: local
       source_path: data
       source: local
       source_path: block
       source: local
       source_path: blob

# Starting with half of a gigabyte. It's easy to bump it up, so you choose.
disk: 512

5. Hook it up - Services and routes

Now we need to tell what we need for the application to run, and where one can find it.

As for services, there’s nothing we need, so use this for .platform/services.yaml file:

# No needs

You do need it, even an empty one. Next, here are the routes you need to put in your .platform/routes.yaml file:

  type: upstream
  upstream: "cryptpad:http"

  type: upstream
  upstream: "cryptpad:http"
    enabled: false

And this is the only tricky part of this how-to, the one I figured out the hard way: CryptPad uses WebSockets to talk with browsers and you must have that second entry in routes.yaml to disable caching it, or your app will simply not work. We got you covered but CryptPad people should have this endpoint mentioned on their installation page.

6. Hook it up - Configure app itself

CryptPad looks at config/config.js file by default for configuration instructions. This file is rather long so I will not include it here, you can take it yourself and save it to config.platform.js. It’s well documented so you should have no problems figuring out what to do.

7. Run it

This is it, after defining your application (with, .platform/services.yaml and .platform/routes.yaml in place) and instructing how your CryptPad should behave (file config.platform.js is ready), you can simply commit all this and push it to your project:

git add .platform/services.yaml .platform/routes.yaml config.platform.js
git commit -m 'Platformize'
git push platform -u platform:master

After building and deploying your application, your project will inform you where your CryptPad is and you can start using it right away!

Happy hacking on!

1 Like