mirror of
https://github.com/YunoHost-Apps/coturn_ynh.git
synced 2024-09-03 18:16:32 +02:00
131 lines
4.6 KiB
Bash
131 lines
4.6 KiB
Bash
#!/bin/bash
|
|
|
|
#=================================================
|
|
# GENERIC START
|
|
#=================================================
|
|
# IMPORT GENERIC HELPERS
|
|
#=================================================
|
|
|
|
source _common.sh
|
|
source /usr/share/yunohost/helpers
|
|
|
|
#=================================================
|
|
# STORE SETTINGS FROM MANIFEST
|
|
#=================================================
|
|
|
|
ynh_app_setting_set --app=$app --key=no_sso --value=true
|
|
|
|
#=================================================
|
|
# CREATE A DH FILE
|
|
#=================================================
|
|
ynh_script_progression --message="Creating a dhparam file..." --weight=3
|
|
|
|
# Make dhparam cert for Coturn if it doesn't exist
|
|
if [ ! -e /etc/ssl/private/dh2048.pem ]
|
|
then
|
|
ynh_exec_warn_less openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -dsaparam 2048
|
|
chown root:ssl-cert /etc/ssl/private/dh2048.pem
|
|
chmod 640 /etc/ssl/private/dh2048.pem
|
|
fi
|
|
|
|
#=================================================
|
|
# CREATE DEDICATED USER
|
|
#=================================================
|
|
ynh_script_progression --message="Configuring system user..." --weight=3
|
|
|
|
# Create a system user
|
|
adduser turnserver ssl-cert
|
|
|
|
#=================================================
|
|
# SETUP SYSTEMD
|
|
#=================================================
|
|
ynh_script_progression --message="Configuring a systemd service..." --weight=1
|
|
|
|
mkdir -p /var/log/$app
|
|
|
|
# Create systemd service for turnserver
|
|
ynh_add_config --template="default.coturn" --destination="/etc/default/coturn"
|
|
|
|
# Create a dedicated systemd config
|
|
ynh_add_systemd_config
|
|
|
|
#=================================================
|
|
# SET COTURN CONFIG
|
|
#=================================================
|
|
ynh_script_progression --message="Configuring Coturn..." --weight=1
|
|
|
|
# Find password for turnserver
|
|
turnserver_pwd=$(ynh_string_random --length=30)
|
|
ynh_app_setting_set --app=$app --key=turnserver_pwd --value=$turnserver_pwd
|
|
|
|
coturn_config_path="/etc/turnserver.conf"
|
|
|
|
ynh_add_config --template="turnserver.conf" --destination="$coturn_config_path"
|
|
|
|
# Get public IP and set as external IP for coturn
|
|
# note: '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6
|
|
public_ip4="$(curl -s ip.yunohost.org)" || true
|
|
public_ip6="$(curl -s ipv6.yunohost.org)" || true
|
|
|
|
if ( [[ -n "$public_ip4" ]] && ynh_validate_ip4 --ip_address="$public_ip4" || [[ -n "$public_ip6" ]] && ynh_validate_ip6 --ip_address="$public_ip6" )
|
|
then
|
|
echo "external-ip=${public_ip4}/${public_ip6}" >> "$coturn_config_path"
|
|
fi
|
|
|
|
ynh_store_file_checksum --file="$coturn_config_path"
|
|
|
|
#=================================================
|
|
# ADD SCRIPT FOR COTURN CRON
|
|
#=================================================
|
|
|
|
# For any update do it in all files
|
|
cp -f ../sources/Coturn_config_rotate.sh $data_dir/
|
|
ynh_replace_string --match_string="__APP__" --replace_string=$app --target_file=$data_dir/Coturn_config_rotate.sh
|
|
|
|
chmod +x $data_dir/Coturn_config_rotate.sh
|
|
|
|
#=================================================
|
|
# SET COTURN CRON
|
|
#=================================================
|
|
|
|
ynh_add_config --template="cron_coturn" --destination="/etc/cron.d/$app"
|
|
|
|
#=================================================
|
|
# SETUP LOGROTATE
|
|
#=================================================
|
|
ynh_script_progression --message="Configuring log rotation..." --weight=1
|
|
|
|
ynh_use_logrotate --logfile "/var/log/$app"
|
|
|
|
#=================================================
|
|
# GENERIC FINALIZATION
|
|
#=================================================
|
|
# SECURE FILES AND DIRECTORIES
|
|
#=================================================
|
|
|
|
# Set permissions to app files
|
|
chown root: -R $data_dir
|
|
chown -R turnserver:root /var/log/$app
|
|
chown turnserver:root /etc/turnserver.conf
|
|
setfacl -R -m user:turnserver:rwX /var/log/$app
|
|
|
|
#=================================================
|
|
# INTEGRATE SERVICE IN YUNOHOST
|
|
#=================================================
|
|
ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
|
|
|
|
yunohost service add $app --description="Coturn TURN server" --log="/var/log/$app/$app.log" --needs_exposed_ports="$port_turnserver_tls"
|
|
|
|
#=================================================
|
|
# START SYSTEMD SERVICE
|
|
#=================================================
|
|
ynh_script_progression --message="Starting a systemd service..." --weight=1
|
|
|
|
# Start a systemd service
|
|
ynh_systemd_action --service_name=$app --action=restart --log_path="/var/log/$app/$app.log"
|
|
|
|
#=================================================
|
|
# END OF SCRIPT
|
|
#=================================================
|
|
|
|
ynh_script_progression --message="Installation of Coturn completed" --last
|