jfinn
/
jitsi_corner8


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207
							#!/bin/bash
# postinst script for jitsi-meet-web-config
#
# see: dh_installdeb(1)

set -e

# summary of how this script can be called:
#        * <postinst> `configure' <most-recently-configured-version>
#        * <old-postinst> `abort-upgrade' <new version>
#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
#          <new-version>
#        * <postinst> `abort-remove'
#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
#          <failed-install-package> <version> `removing'
#          <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package

case "$1" in
    configure)

        # loading debconf
        . /usr/share/debconf/confmodule

        # try to get host from jitsi-videobridge
        db_get jitsi-videobridge/jvb-hostname
        if [ -z "$RET" ] ; then
            # server hostname
            db_set jitsi-videobridge/jvb-hostname "localhost"
            db_input critical jitsi-videobridge/jvb-hostname || true
            db_go
        fi
        JVB_HOSTNAME="$RET"

        # detect dpkg-reconfigure
        RECONFIGURING="false"
        db_get jitsi-meet/jvb-hostname
        JVB_HOSTNAME_OLD=$RET
        if [ -n "$RET" ] && [ ! "$JVB_HOSTNAME_OLD" = "$JVB_HOSTNAME" ] ; then
            RECONFIGURING="true"
            rm -f /etc/jitsi/meet/$JVB_HOSTNAME_OLD-config.js
        fi

        JVB_SERVE="false"
        # this detect only old installations
        db_get jitsi-meet/jvb-serve || true
        if [ -n "$RET" ] && [ "$RET" = "true" ] ; then
            JVB_SERVE="true"
        fi
        echo "------> $JVB_SERVE"

        # stores the hostname so we will reuse it later, like in purge
        db_set jitsi-meet/jvb-hostname $JVB_HOSTNAME

        NGINX_INSTALL_CHECK="$(dpkg-query -f '${Status}' -W 'nginx' 2>/dev/null | awk '{print $3}' || true)"
        NGINX_EXTRAS_INSTALL_CHECK="$(dpkg-query -f '${Status}' -W 'nginx-extras' 2>/dev/null | awk '{print $3}' || true)"
        if [ "$NGINX_INSTALL_CHECK" = "installed" ] \
           || [ "$NGINX_INSTALL_CHECK" = "unpacked" ] \
           || [ "$NGINX_EXTRAS_INSTALL_CHECK" = "installed" ] \
           || [ "$NGINX_EXTRAS_INSTALL_CHECK" = "unpacked" ] ; then
            FORCE_NGINX="true"
        fi
        APACHE_INSTALL_CHECK="$(dpkg-query -f '${Status}' -W 'apache2' 2>/dev/null | awk '{print $3}' || true)"
        if [ "$APACHE_INSTALL_CHECK" = "installed" ] || [ "$APACHE_INSTALL_CHECK" = "unpacked" ] ; then
            FORCE_APACHE="true"
        fi

        # if first time config ask for certs, or if we are reconfiguring
        if [ -z "$JVB_HOSTNAME_OLD" ] || [ "$RECONFIGURING" = "true" ] ; then
            # SSL for nginx
            db_get jitsi-meet/cert-choice
            CERT_CHOICE="$RET"
            UPLOADED_CERT_CHOICE="I want to use my own certificate"

            if [ "$CERT_CHOICE" = "$UPLOADED_CERT_CHOICE" ] ; then
                db_set jitsi-meet/cert-path-key "/etc/ssl/$JVB_HOSTNAME.key"
                db_input critical jitsi-meet/cert-path-key || true
                db_go
                db_get jitsi-meet/cert-path-key
                CERT_KEY="$RET"
                db_set jitsi-meet/cert-path-crt "/etc/ssl/$JVB_HOSTNAME.crt"
                db_input critical jitsi-meet/cert-path-crt || true
                db_go
                db_get jitsi-meet/cert-path-crt
                CERT_CRT="$RET"
            else
                # create self-signed certs
                CERT_KEY="/etc/jitsi/meet/$JVB_HOSTNAME.key"
                CERT_CRT="/etc/jitsi/meet/$JVB_HOSTNAME.crt"
                HOST="$( (hostname -s; echo localhost) | head -n 1)"
                DOMAIN="$( (hostname -d; echo localdomain) | head -n 1)"
                openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj \
                    "/O=$DOMAIN/OU=$HOST/CN=$JVB_HOSTNAME/emailAddress=webmaster@$HOST.$DOMAIN" \
                    -keyout $CERT_KEY \
                    -out $CERT_CRT
            fi
        fi

        # jitsi meet
        JITSI_MEET_CONFIG="/etc/jitsi/meet/$JVB_HOSTNAME-config.js"
        if [ ! -f $JITSI_MEET_CONFIG ] ; then
            cp /usr/share/jitsi-meet-web-config/config.js $JITSI_MEET_CONFIG
            # replaces needed config for multidomain as it works only with nginx
            sed -i "s/conference.jitsi-meet.example.com/conference.<\!--# echo var=\"subdomain\" default=\"\" -->jitsi-meet.example.com/g" $JITSI_MEET_CONFIG
            sed -i "s/jitsi-meet.example.com/$JVB_HOSTNAME/g" $JITSI_MEET_CONFIG
        fi

        # this is new install let's configure jvb to serve meet
        # no-nginx, no-apache installed on machine, this is new install or reconfiguring old one which have jvb_serve set
        if [[ "$JVB_SERVE" = "true" ]] ; then
            echo ""
            echo "------------------------------------------------"
            echo "You are using jetty to serve jitsi-meet, it is recommended to uninstall(purge) and use default installation that comes with nginx!"
            echo ""
            echo "When using the following command any custom config will be LOST!!!"
            echo ""
            echo "You can purge your installation using the following command:"
            echo "apt-get purge jitsi-meet jitsi-meet-web-config jitsi-meet-prosody jitsi-meet-web jicofo jitsi-videobridge"
            echo "------------------------------------------------"
            echo ""
        elif [[ "$FORCE_NGINX" = "true" && ( -z "$JVB_HOSTNAME_OLD" || "$RECONFIGURING" = "true" ) ]] ; then
            # this is a reconfigure, lets just delete old links
            if [ "$RECONFIGURING" = "true" ] ; then
                rm -f /etc/nginx/sites-enabled/$JVB_HOSTNAME_OLD.conf
                rm -f /etc/jitsi/meet/$JVB_HOSTNAME_OLD-config.js
            fi

            # nginx conf
            if [ ! -f /etc/nginx/sites-available/$JVB_HOSTNAME.conf ] ; then
                cp /usr/share/jitsi-meet-web-config/jitsi-meet.example /etc/nginx/sites-available/$JVB_HOSTNAME.conf
                if [ ! -f /etc/nginx/sites-enabled/$JVB_HOSTNAME.conf ] ; then
                    ln -s /etc/nginx/sites-available/$JVB_HOSTNAME.conf /etc/nginx/sites-enabled/$JVB_HOSTNAME.conf
                fi
                sed -i "s/jitsi-meet.example.com/$JVB_HOSTNAME/g" /etc/nginx/sites-available/$JVB_HOSTNAME.conf
            fi

            if [ "$CERT_CHOICE" = "$UPLOADED_CERT_CHOICE" ] ; then
                # replace self-signed certificate paths with user provided ones
                CERT_KEY_ESC=$(echo $CERT_KEY | sed 's/\./\\\./g')
                CERT_KEY_ESC=$(echo $CERT_KEY_ESC | sed 's/\//\\\//g')
                sed -i "s/ssl_certificate_key\ \/etc\/jitsi\/meet\/.*key/ssl_certificate_key\ $CERT_KEY_ESC/g" \
                    /etc/nginx/sites-available/$JVB_HOSTNAME.conf
                CERT_CRT_ESC=$(echo $CERT_CRT | sed 's/\./\\\./g')
                CERT_CRT_ESC=$(echo $CERT_CRT_ESC | sed 's/\//\\\//g')
                sed -i "s/ssl_certificate\ \/etc\/jitsi\/meet\/.*crt/ssl_certificate\ $CERT_CRT_ESC/g" \
                    /etc/nginx/sites-available/$JVB_HOSTNAME.conf
            fi

            invoke-rc.d nginx reload || true
        elif [[ "$FORCE_APACHE" = "true" && ( -z "$JVB_HOSTNAME_OLD" || "$RECONFIGURING" = "true" ) ]] ; then
            # this is a reconfigure, lets just delete old links
            if [ "$RECONFIGURING" = "true" ] ; then
                a2dissite $JVB_HOSTNAME_OLD.conf
                rm -f /etc/jitsi/meet/$JVB_HOSTNAME_OLD-config.js
            fi

            # apache2 config
            if [ ! -f /etc/apache2/sites-available/$JVB_HOSTNAME.conf ] ; then
                # when creating new config, make sure all needed modules are enabled
                a2enmod rewrite ssl headers proxy_http include
                cp /usr/share/jitsi-meet-web-config/jitsi-meet.example-apache /etc/apache2/sites-available/$JVB_HOSTNAME.conf
                a2ensite $JVB_HOSTNAME.conf
                sed -i "s/jitsi-meet.example.com/$JVB_HOSTNAME/g" /etc/apache2/sites-available/$JVB_HOSTNAME.conf
            fi

            if [ "$CERT_CHOICE" = "$UPLOADED_CERT_CHOICE" ] ; then
                # replace self-signed certificate paths with user provided ones
                CERT_KEY_ESC=$(echo $CERT_KEY | sed 's/\./\\\./g')
                CERT_KEY_ESC=$(echo $CERT_KEY_ESC | sed 's/\//\\\//g')
                sed -i "s/SSLCertificateKeyFile\ \/etc\/jitsi\/meet\/.*key/SSLCertificateKeyFile\ $CERT_KEY_ESC/g" \
                    /etc/apache2/sites-available/$JVB_HOSTNAME.conf
                CERT_CRT_ESC=$(echo $CERT_CRT | sed 's/\./\\\./g')
                CERT_CRT_ESC=$(echo $CERT_CRT_ESC | sed 's/\//\\\//g')
                sed -i "s/SSLCertificateFile\ \/etc\/jitsi\/meet\/.*crt/SSLCertificateFile\ $CERT_CRT_ESC/g" \
                    /etc/apache2/sites-available/$JVB_HOSTNAME.conf
            fi

            invoke-rc.d apache2 reload || true
        fi

        echo "----------------"
        echo ""
        echo "You can now switch to a Let’s Encrypt certificate. To do so, execute:"
        echo "/usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh"
        echo ""
        echo "----------------"

        # and we're done with debconf
        db_stop
    ;;

    abort-upgrade|abort-remove|abort-deconfigure)
    ;;

    *)
        echo "postinst called with unknown argument \`$1'" >&2
        exit 1
    ;;
esac

# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.

#DEBHELPER#

exit 0