this post was submitted on 01 Mar 2026
21 points (100.0% liked)

Selfhosted

60281 readers
595 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
 

Hey hey, I am thinking of implementing a lself-hosted office suite and on my radar are OnlyOffice and CryptPad. I just demoed cryptpad.fr as a trial, and noticed it uses OnlyOffice client side. So next I wondered, what does CryptPad add to OO?

On the web site FAQs , CP says:

The CryptPad Document, Presentation & Spreadsheet applications are an OnlyOffice Docs integration. However, this only concerns the client-side code, CryptPad does not make use of the OnlyOffice Document Server. CryptPad's encrypted collaboration, used for document, presentantion & spreadsheets and other applications, is completely different from the encryption system used in parts of upstream OnlyOffice. Some of CryptPad's file format conversion tools are based on OnlyOffice code, but substantial work has been done to make it run in the browser rather than on the server, therefore avoiding the need to reveal the contents of users' documents when converting.

That might help developers but I'm still not clear.

On the OO web site, they say the suite includes:

Three levels of encryption: at rest, in transit, end-to-end

Sounds good on the surface. NB - this is just for my family's simple docs; I'm not trying to protect government whistleblowers here.

So I am still not clear. Why do I need to add CryptPad to the mix if OO already is the basis for the office suite?

Another NB - a big part of my self hosting is I want as few people I have to trust as possible. So if I don't need CP to host docs on my VPS, I'd rather not add them to my server.

Thanks for any clues.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] normis@infosec.pub 6 points 4 months ago (1 children)

There have been some controversy that OO has russian involvement, just so you know. I would not use it.

[โ€“] perishthethought@piefed.social 3 points 4 months ago* (last edited 4 months ago)

Yah, I just read the History section of the OO wikipedia page, and it mentions that from the start. I'm not someone with a knee jerk reaction to "Russian" but it's worth considering. Thanks.

The question then is: Does CP replacing the server-side code with their own resolve this concern, or is there still a risk there? Man, nothing is simple.