jfinn
/
jitsi_corner7
Tarkkaile 1
Äänestä 0
Fork 0
Koodi Ongelmat 0 Pull-pyynnöt 0 Julkaisut 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2998 Commitit
2 Branchit
Puu: 8da0d3a1f1
Branchit Tagit
${ item.name }
Create branch ${ searchTerm }
from '8da0d3a1f1'
${ noResults }
jitsi_corner7/debian/jitsi-meet-web-config.postinst

jitsi-meet-web-config.postinst 10KB
Historia Raaka

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217 
  1. #!/bin/bash

  2. # postinst script for jitsi-meet-web-config

  3. #

  4. # see: dh_installdeb(1)

  5. 

  6. set -e

  7. 

  8. # summary of how this script can be called:

  9. #        * <postinst> `configure' <most-recently-configured-version>

  10. #        * <old-postinst> `abort-upgrade' <new version>

  11. #        * <conflictor's-postinst> `abort-remove' `in-favour' <package>

  12. #          <new-version>

  13. #        * <postinst> `abort-remove'

  14. #        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'

  15. #          <failed-install-package> <version> `removing'

  16. #          <conflicting-package> <version>

  17. # for details, see http://www.debian.org/doc/debian-policy/ or

  18. # the debian-policy package

  19. 

  20. case "$1" in

  21.     configure)

  22. 

  23.         # loading debconf

  24.         . /usr/share/debconf/confmodule

  25. 

  26.         # try to get host from jitsi-videobridge

  27.         db_get jitsi-videobridge/jvb-hostname

  28.         if [ -z "$RET" ] ; then

  29.             # server hostname

  30.             db_set jitsi-videobridge/jvb-hostname "localhost"

  31.             db_input critical jitsi-videobridge/jvb-hostname || true

  32.             db_go

  33.         fi

  34.         JVB_HOSTNAME="$RET"

  35. 

  36.         # detect dpkg-reconfigure

  37.         RECONFIGURING="false"

  38.         db_get jitsi-meet/jvb-hostname

  39.         JVB_HOSTNAME_OLD=$RET

  40.         if [ -n "$RET" ] && [ ! "$JVB_HOSTNAME_OLD" = "$JVB_HOSTNAME" ] ; then

  41.             RECONFIGURING="true"

  42.             rm -f /etc/jitsi/meet/$JVB_HOSTNAME_OLD-config.js

  43.         fi

  44. 

  45.         JVB_SERVE="false"

  46.         db_get jitsi-meet/jvb-serve

  47.         if [ -n "$RET" ] && [ "$RET" = "true" ] ; then

  48.             JVB_SERVE="true"

  49.         fi

  50. 

  51.         # stores the hostname so we will reuse it later, like in purge

  52.         db_set jitsi-meet/jvb-hostname $JVB_HOSTNAME

  53. 

  54.         NGINX_INSTALL_CHECK="$(dpkg-query -f '${Status}' -W 'nginx' 2>/dev/null | awk '{print $3}' || true)"

  55.         if [ "$NGINX_INSTALL_CHECK" = "installed" ] || [ "$NGINX_INSTALL_CHECK" = "unpacked" ] ; then

  56.             FORCE_NGINX="true"

  57.         fi

  58.         APACHE_INSTALL_CHECK="$(dpkg-query -f '${Status}' -W 'apache2' 2>/dev/null | awk '{print $3}' || true)"

  59.         if [ "$APACHE_INSTALL_CHECK" = "installed" ] || [ "$APACHE_INSTALL_CHECK" = "unpacked" ] ; then

  60.             FORCE_APACHE="true"

  61.         fi

  62. 

  63.         # if first time config ask for certs, or if we are reconfiguring

  64.         if [ -z "$JVB_HOSTNAME_OLD" ] || [ "$RECONFIGURING" = "true" ] ; then

  65.             # SSL for nginx

  66.             db_get jitsi-meet/cert-choice

  67.             CERT_CHOICE="$RET"

  68.             UPLOADED_CERT_CHOICE="A certificate is available and the files are uploaded on the server"

  69. 

  70.             if [ "$CERT_CHOICE" = "$UPLOADED_CERT_CHOICE" ] ; then

  71.                 db_set jitsi-meet/cert-path-key "/etc/ssl/$JVB_HOSTNAME.key"

  72.                 db_input critical jitsi-meet/cert-path-key || true

  73.                 db_go

  74.                 db_get jitsi-meet/cert-path-key

  75.                 CERT_KEY="$RET"

  76.                 db_set jitsi-meet/cert-path-crt "/etc/ssl/$JVB_HOSTNAME.crt"

  77.                 db_input critical jitsi-meet/cert-path-crt || true

  78.                 db_go

  79.                 db_get jitsi-meet/cert-path-crt

  80.                 CERT_CRT="$RET"

  81.             else

  82.                 # create self-signed certs

  83.                 CERT_KEY="/etc/jitsi/meet/$JVB_HOSTNAME.key"

  84.                 CERT_CRT="/etc/jitsi/meet/$JVB_HOSTNAME.crt"

  85.                 HOST="$( (hostname -s; echo localhost) | head -n 1)"

  86.                 DOMAIN="$( (hostname -d; echo localdomain) | head -n 1)"

  87.                 openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj \

  88.                     "/O=$DOMAIN/OU=$HOST/CN=$JVB_HOSTNAME/emailAddress=webmaster@$HOST.$DOMAIN" \

  89.                     -keyout $CERT_KEY \

  90.                     -out $CERT_CRT

  91.             fi

  92.         fi

  93. 

  94.         # jitsi meet

  95.         JITSI_MEET_CONFIG="/etc/jitsi/meet/$JVB_HOSTNAME-config.js"

  96.         if [ ! -f $JITSI_MEET_CONFIG ] ; then

  97.             cp /usr/share/doc/jitsi-meet-web/config.js $JITSI_MEET_CONFIG

  98.             sed -i "s/jitsi-meet.example.com/$JVB_HOSTNAME/g" $JITSI_MEET_CONFIG

  99.         fi

  100. 

  101.         # this is new install let's configure jvb to serve meet

  102.         # no-nginx, no-apache installed on machine, this is new install or reconfiguring old one which have jvb_serve set

  103.         if [[ -z "$FORCE_NGINX" && -z "$FORCE_APACHE" && ( -z "$JVB_HOSTNAME_OLD" || ( "$JVB_SERVE" = "true" && "$RECONFIGURING" = "true" )) ]] ; then

  104. 

  105.             JVB_ETC_CONFIG="/etc/jitsi/videobridge/config"

  106.             JVB_CONFIG="/etc/jitsi/videobridge/sip-communicator.properties"

  107. 

  108.             # this is a reconfigure, lets just delete old links

  109.             if [ "$RECONFIGURING" = "true" ] ; then

  110.                 rm -f $JVB_CONFIG

  111.             fi

  112. 

  113.             # we will write to the file if missing create it

  114.             if [ ! -f $JVB_CONFIG ] ; then

  115.                 touch $JVB_CONFIG

  116.             fi

  117. 

  118.             # configure jvb

  119.             echo "AUTHBIND=yes" >> $JVB_ETC_CONFIG

  120.             sed -i "s/JVB_OPTS=.*/JVB_OPTS=--apis=rest,xmpp/g" $JVB_ETC_CONFIG

  121. 

  122.             echo "org.jitsi.videobridge.rest.jetty.host=::" >> $JVB_CONFIG

  123.             echo "org.jitsi.videobridge.rest.jetty.port=443" >> $JVB_CONFIG

  124.             echo "org.jitsi.videobridge.rest.jetty.ProxyServlet.hostHeader=$JVB_HOSTNAME" >> $JVB_CONFIG

  125.             echo "org.jitsi.videobridge.rest.jetty.ProxyServlet.pathSpec=/http-bind" >> $JVB_CONFIG

  126.             echo "org.jitsi.videobridge.rest.jetty.ProxyServlet.proxyTo=http://localhost:5280/http-bind" >> $JVB_CONFIG

  127.             echo "org.jitsi.videobridge.rest.jetty.ResourceHandler.resourceBase=/usr/share/jitsi-meet" >> $JVB_CONFIG

  128.             echo "org.jitsi.videobridge.rest.jetty.ResourceHandler.alias./config.js=/etc/jitsi/meet/$JVB_HOSTNAME-config.js" >> $JVB_CONFIG

  129.             echo "org.jitsi.videobridge.rest.jetty.ResourceHandler.alias./interface_config.js=/usr/share/jitsi-meet/interface_config.js" >> $JVB_CONFIG

  130.             echo "org.jitsi.videobridge.rest.jetty.RewriteHandler.regex=^/([a-zA-Z0-9]+)$" >> $JVB_CONFIG

  131.             echo "org.jitsi.videobridge.rest.jetty.RewriteHandler.replacement=/" >> $JVB_CONFIG

  132.             echo "org.jitsi.videobridge.rest.jetty.SSIResourceHandler.paths=/" >> $JVB_CONFIG

  133.             echo "org.jitsi.videobridge.rest.jetty.tls.port=443" >> $JVB_CONFIG

  134.             echo "org.jitsi.videobridge.TCP_HARVESTER_PORT=443" >> $JVB_CONFIG

  135.             echo "org.jitsi.videobridge.rest.jetty.sslContextFactory.keyStorePath=/etc/jitsi/videobridge/$JVB_HOSTNAME.jks" >> $JVB_CONFIG

  136.             echo "org.jitsi.videobridge.rest.jetty.sslContextFactory.keyStorePassword=changeit" >> $JVB_CONFIG

  137. 

  138.             # configure authbind to allow jvb to bind to privileged ports

  139.             OWNER=$(stat -c '%U' /usr/share/jitsi-videobridge)

  140.             GROUP=$(stat -c '%G' /usr/share/jitsi-videobridge)

  141.             JVB_UID="`id -u $OWNER`"

  142.             if [ ! -f "/etc/authbind/byport/443" ] ; then

  143.                 if [ ! -d "/etc/authbind/byport" ] ; then

  144.                         mkdir -p /etc/authbind/byport

  145.                         chmod 755 /etc/authbind

  146.                         chmod 755 /etc/authbind/byport

  147.                 fi

  148.                 touch /etc/authbind/byport/443

  149.                 chown $OWNER /etc/authbind/byport/443

  150.                 chmod 755 /etc/authbind/byport/443

  151.             fi

  152. 

  153.             CERT_P12="/etc/jitsi/videobridge/$JVB_HOSTNAME.p12"

  154.             CERT_JKS="/etc/jitsi/videobridge/$JVB_HOSTNAME.jks"

  155.             # create jks from  certs

  156.             openssl pkcs12 -export \

  157.                 -in $CERT_CRT -inkey $CERT_KEY -passout pass:changeit > $CERT_P12

  158.             keytool -importkeystore -destkeystore $CERT_JKS \

  159.                 -srckeystore $CERT_P12 -srcstoretype pkcs12 \

  160.                 -noprompt -storepass changeit -srcstorepass changeit

  161. 

  162.             db_set jitsi-meet/jvb-serve "true"

  163. 

  164.             invoke-rc.d jitsi-videobridge restart

  165.         elif [[ "$FORCE_NGINX" = "true" && ( -z "$JVB_HOSTNAME_OLD" || "$RECONFIGURING" = "true" ) ]] ; then

  166.             # this is a reconfigure, lets just delete old links

  167.             if [ "$RECONFIGURING" = "true" ] ; then

  168.                 rm -f /etc/nginx/sites-enabled/$JVB_HOSTNAME_OLD.conf

  169.                 rm -f /etc/jitsi/meet/$JVB_HOSTNAME_OLD-config.js

  170.             fi

  171. 

  172.             # nginx conf

  173.             if [ ! -f /etc/nginx/sites-available/$JVB_HOSTNAME.conf ] ; then

  174.                 cp /usr/share/doc/jitsi-meet-web/jitsi-meet.example /etc/nginx/sites-available/$JVB_HOSTNAME.conf

  175.                 if [ ! -f /etc/nginx/sites-enabled/$JVB_HOSTNAME.conf ] ; then

  176.                     ln -s /etc/nginx/sites-available/$JVB_HOSTNAME.conf /etc/nginx/sites-enabled/$JVB_HOSTNAME.conf

  177.                 fi

  178.                 sed -i "s/jitsi-meet.example.com/$JVB_HOSTNAME/g" /etc/nginx/sites-available/$JVB_HOSTNAME.conf

  179.             fi

  180. 

  181.             if [ "$CERT_CHOICE" = "$UPLOADED_CERT_CHOICE" ] ; then

  182.                 # replace self-signed certificate paths with user provided ones

  183.                 CERT_KEY_ESC=$(echo $CERT_KEY | sed 's/\./\\\./g')

  184.                 CERT_KEY_ESC=$(echo $CERT_KEY_ESC | sed 's/\//\\\//g')

  185.                 sed -i "s/ssl_certificate_key\ \/etc\/jitsi\/meet\/.*key/ssl_certificate_key\ $CERT_KEY_ESC/g" \

  186.                     /etc/nginx/sites-available/$JVB_HOSTNAME.conf

  187.                 CERT_CRT_ESC=$(echo $CERT_CRT | sed 's/\./\\\./g')

  188.                 CERT_CRT_ESC=$(echo $CERT_CRT_ESC | sed 's/\//\\\//g')

  189.                 sed -i "s/ssl_certificate\ \/etc\/jitsi\/meet\/.*crt/ssl_certificate\ $CERT_CRT_ESC/g" \

  190.                     /etc/nginx/sites-available/$JVB_HOSTNAME.conf

  191.             fi

  192. 

  193.             invoke-rc.d nginx reload

  194.         elif [[ "$FORCE_APACHE" = "true" && ( -z "$JVB_HOSTNAME_OLD" || "$RECONFIGURING" = "true" ) ]] ; then

  195.             echo "Apache2 server is installed, automatic configuration is not supported at this time."

  196.             echo "You need to configure yourselve the virtual host for your domain."

  197.         fi

  198. 

  199.         # and we're done with debconf

  200.         db_stop

  201.     ;;

  202. 

  203.     abort-upgrade|abort-remove|abort-deconfigure)

  204.     ;;

  205. 

  206.     *)

  207.         echo "postinst called with unknown argument \`$1'" >&2

  208.         exit 1

  209.     ;;

  210. esac

  211. 

  212. # dh_installdeb will replace this with shell code automatically

  213. # generated by other debhelper scripts.

  214. 

  215. #DEBHELPER#

  216. 

  217. exit 0