diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..90c63c5 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +.DS_Store +._.DS_Store \ No newline at end of file diff --git a/France_in_XXI_Century._School.jpg b/France_in_XXI_Century._School.jpg deleted file mode 100644 index fa6a037..0000000 Binary files a/France_in_XXI_Century._School.jpg and /dev/null differ diff --git a/README.md b/README.md index d15aed7..d3fee4f 100644 --- a/README.md +++ b/README.md @@ -11,11 +11,11 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in ## Overview Galène is a videoconferencing server that is easy to deploy (just copy a few files and run the binary) and that requires moderate server resources. It was originally designed for lectures and conferences (where a single speaker streams audio and video to hundreds or thousands of users), but later evolved to be useful for student practicals (where users are divided into many small groups), and meetings (where a few dozen users interact with each other). -**Shipped version:** 0.2 +**Shipped version:** 0.3 ## Screenshots -![](France_in_XXI_Century._School.jpg) +![](screenshot.png) ## Demo @@ -23,6 +23,10 @@ Galène is a videoconferencing server that is easy to deploy (just copy a few fi ## Configuration +### How to creat groups + +Groups are defined by files in the `/opt/yunohost/galene/groups` directory. Various options are available (see https://github.com/YunoHost-Apps/galene_ynh/wiki/Configuration-file) + ### TURN server For VoIP and video conferencing a TURN server is also installed and configured. The TURN server listens on two UDP and TCP ports. You can get them with these commands: diff --git a/README_fr.md b/README_fr.md index cb74052..32c4f17 100644 --- a/README_fr.md +++ b/README_fr.md @@ -11,11 +11,11 @@ Si vous n'avez pas YunoHost, consultez [le guide](https://yunohost.org/#/install ## Vue d'ensemble Galène est un serveur de visioconférence facile à déployer (il suffit de copier quelques fichiers et d'exécuter le binaire) et qui nécessite des ressources serveur modérées. Il a été conçu à l'origine pour les conférences (où un seul orateur diffuse l'audio et la vidéo à des centaines ou des milliers d'utilisateurs), mais a ensuite évolué pour être utile pour les travaux pratiques des étudiants (où les utilisateurs sont divisés en plusieurs petits groupes) et les réunions (où un quelques dizaines d'utilisateurs interagissent les uns avec les autres). -**Version incluse :** 0.2 +**Version incluse :** 0.3 ## Captures d'écran -![](France_in_XXI_Century._School.jpg) +![](screenshot.png) ## Démo @@ -23,6 +23,10 @@ Galène est un serveur de visioconférence facile à déployer (il suffit de cop ## Configuration +### Comment créer des groupes + +Les groupes sont définis par des fichiers dans le répertoire `/opt/yunohost/galene/groups`. Différentes options sont disponibles (voir https://github.com/YunoHost-Apps/galene_ynh/wiki/Configuration-file) + ### Serveur TURN Pour la VoIP et la visioconférence, un serveur TURN est également installé et configuré. Le serveur TURN écoute sur deux ports UDP et TCP. Vous pouvez les obtenir avec ces commandes : diff --git a/check_process b/check_process index f2ce840..a650c76 100644 --- a/check_process +++ b/check_process @@ -19,6 +19,7 @@ setup_private=1 setup_public=1 upgrade=1 + upgrade=1 from_commit=c06f6235a93587e16524fa5b124e4d9e138a8109 backup_restore=1 multi_instance=0 port_already_use=1 @@ -27,7 +28,7 @@ Email= Notification=none ;;; Upgrade options - ; commit=CommitHash - name=Name and date of the commit. + ; commit=c06f6235a93587e16524fa5b124e4d9e138a8109 + name=Allow naming groups with spaces (#21) manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666& diff --git a/conf/386.src b/conf/386.src new file mode 100644 index 0000000..4b9876f --- /dev/null +++ b/conf/386.src @@ -0,0 +1,7 @@ +SOURCE_URL=https://github.com/YunoHost-Apps/galene_ynh/releases/download/v0.3/galene_0.3_Linux_386.tar.gz +SOURCE_SUM=7264f573bc82185c88def851a70b1fe2b6f22c338ccf1e9c8fd9a80050c4be7e +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=tar.gz +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +SOURCE_EXTRACT=true \ No newline at end of file diff --git a/conf/x86-64.src b/conf/amd64.src similarity index 58% rename from conf/x86-64.src rename to conf/amd64.src index 1ae76ef..f42530c 100644 --- a/conf/x86-64.src +++ b/conf/amd64.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/YunoHost-Apps/galene_ynh/releases/download/v0.2/galene_0.2_Linux_x86_64.tar.gz -SOURCE_SUM=6676942015ada1ddf5e136dfa7cd0af883ac988f117c88df64b2cb0db75b1d7d +SOURCE_URL=https://github.com/YunoHost-Apps/galene_ynh/releases/download/v0.3/galene_0.3_Linux_amd64.tar.gz +SOURCE_SUM=0044483c52c392059463147df3762dd832350a5de6791e1fb4cb067cc39f880b SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/conf/arm.src b/conf/arm6.src similarity index 58% rename from conf/arm.src rename to conf/arm6.src index 6fd73a2..4024108 100644 --- a/conf/arm.src +++ b/conf/arm6.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/YunoHost-Apps/galene_ynh/releases/download/v0.2/galene_0.2_Linux_arm.tar.gz -SOURCE_SUM=f1c498b1897e548a69e56392a63e5a20c72a2115a8c6112725a9005ee55c0fae +SOURCE_URL=https://github.com/YunoHost-Apps/galene_ynh/releases/download/v0.3/galene_0.3_Linux_arm6.tar.gz +SOURCE_SUM=230bb8c9649138171f44fa299cbaccac07ecc47e800e61194528e6dd044f37fa SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/conf/arm64.src b/conf/arm64.src index cfe42c2..fef4309 100644 --- a/conf/arm64.src +++ b/conf/arm64.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/YunoHost-Apps/galene_ynh/releases/download/v0.2/galene_0.2_Linux_arm64.tar.gz -SOURCE_SUM=b7d045f3df8268dab52b307152cb88be79e50b5363c1a98ca20def9021d16541 +SOURCE_URL=https://github.com/YunoHost-Apps/galene_ynh/releases/download/v0.3/galene_0.3_Linux_arm64.tar.gz +SOURCE_SUM=7739c2e507e8a7deb8ea9f4a8de8a945d8ca8630a67c5c29851680a2cb208cc0 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/conf/arm7.src b/conf/arm7.src new file mode 100644 index 0000000..37b8792 --- /dev/null +++ b/conf/arm7.src @@ -0,0 +1,7 @@ +SOURCE_URL=https://github.com/YunoHost-Apps/galene_ynh/releases/download/v0.3/galene_0.3_Linux_arm7.tar.gz +SOURCE_SUM=5f81a71faf9450067eab29e57509258a23540374e3c2eb7ee71e616d87e3a10a +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=tar.gz +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +SOURCE_EXTRACT=true diff --git a/conf/coturn/turnserver.conf b/conf/coturn/turnserver.conf index da267fb..6c42720 100644 --- a/conf/coturn/turnserver.conf +++ b/conf/coturn/turnserver.conf @@ -1,10 +1,10 @@ lt-cred-mech use-auth-secret -static-auth-secret=__TURNPWD__ +static-auth-secret=__TURNSERVER_PWD__ realm=__DOMAIN__ -tls-listening-port=__TLS_PORT__ -alt-tls-listening-port=__TLS_ALT_PORT__ +tls-listening-port=__TURNSERVER_TLS_PORT__ +alt-tls-listening-port=__TURNSERVER_ALT_TLS_PORT__ min-port=49153 max-port=49193 cli-port=__CLI_PORT__ diff --git a/conf/groupname.json b/conf/groupname.json index 3582c55..d9a2a69 100644 --- a/conf/groupname.json +++ b/conf/groupname.json @@ -1,19 +1,7 @@ { "op": [{"username": "__ADMIN__", "password": "__PASSWORD__"}], - "presenter": [ - {"username": "", "password": ""}, - {"username": "", "password": ""} - ], - "contact": "username@domain.com", - "comment": "Public Conference", + "presenter": [{}], "description": "a human-readable description of the group; this is displayed on the landing page for public groups.", - "autolock": true, "public": true, - "max-clients": 20, - "max-history-age": 14400, - "allow-recording": true, - "allow-anonymous": true, - "allow-subgroups": true, - "redirect": "", - "codecs": ["vp8", "opus"] -} + "allow-anonymous": true +} \ No newline at end of file diff --git a/conf/ice-servers.json b/conf/ice-servers.json index 320489d..3a65dc9 100644 --- a/conf/ice-servers.json +++ b/conf/ice-servers.json @@ -1,15 +1,15 @@ [ { "urls": [ - "turn:__DOMAIN__:__TLS_PORT__", - "turn:__DOMAIN__:__TLS_ALT_PORT__", - "turn:__DOMAIN__:__TLS_PORT__?transport=tcp", - "turn:__DOMAIN__:__TLS_ALT_PORT__?transport=tcp", - "turn:__DOMAIN__:__TLS_PORT__?transport=udp", - "turn:__DOMAIN__:__TLS_ALT_PORT__?transport=udp" + "turn:__DOMAIN__:__TURNSERVER_TLS_PORT__", + "turn:__DOMAIN__:__TURNSERVER_ALT_TLS_PORT__", + "turn:__DOMAIN__:__TURNSERVER_TLS_PORT__?transport=tcp", + "turn:__DOMAIN__:__TURNSERVER_ALT_TLS_PORT__?transport=tcp", + "turn:__DOMAIN__:__TURNSERVER_TLS_PORT__?transport=udp", + "turn:__DOMAIN__:__TURNSERVER_ALT_TLS_PORT__?transport=udp" ], "username": "__APP__", - "credential": "__TURNPWD__", + "credential": "__TURNSERVER_PWD__", "credentialType": "hmac-sha1" } ] diff --git a/manifest.json b/manifest.json index 811b527..8df1672 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Videoconferencing server that is easy to deploy", "fr": "Serveur de visioconférence facile à déployer" }, - "version": "0.2~ynh6", + "version": "0.3~ynh1", "url": "https://galene.org/", "license": "MIT", "maintainer": { diff --git a/screenshot.png b/screenshot.png new file mode 100644 index 0000000..2a55dfa Binary files /dev/null and b/screenshot.png differ diff --git a/scripts/_common.sh b/scripts/_common.sh index fb6b70c..7718614 100755 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -171,13 +171,13 @@ ynh_detect_arch(){ if [ -n "$(uname -m | grep arm64)" ] || [ -n "$(uname -m | grep aarch64)" ]; then architecture="arm64" elif [ -n "$(uname -m | grep 64)" ]; then - architecture="x86-64" + architecture="amd64" + elif [ -n "$(uname -m | grep 86)" ]; then + architecture="386" elif [ -n "$(uname -m | grep armv7)" ]; then - architecture="arm" + architecture="arm7" elif [ -n "$(uname -m | grep armv6)" ]; then - architecture="arm" - elif [ -n "$(uname -m | grep armv5)" ]; then - architecture="arm" + architecture="arm6" else architecture="unknown" fi diff --git a/scripts/install b/scripts/install index 0b25fb3..fc40a1f 100755 --- a/scripts/install +++ b/scripts/install @@ -27,6 +27,7 @@ domain=$YNH_APP_ARG_DOMAIN path_url="/" admin=$YNH_APP_ARG_ADMIN is_public=$YNH_APP_ARG_IS_PUBLIC +email=$(ynh_user_get_info --username=$admin --key=mail) ynh_print_OFF password=$YNH_APP_ARG_PASSWORD ynh_print_ON @@ -115,14 +116,23 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" --source_id="$architecture" +#================================================= +# CREATE DATA FOLDER +#================================================= + +# Define app's data directory +data="$final_path/data" +# Create data folder +mkdir -p "$data" + #================================================= # CREATE A SERVER CERTIFICATE #================================================= -pushd "$final_path" - ynh_exec_warn_less openssl req -newkey rsa:2048 -nodes -keyout data/key.pem -x509 -days 365 -out data/cert.pem \ +pushd "$final_path/data" + ynh_exec_warn_less openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out cert.pem \ -subj "/C=/ST=/L=/O=/OU=/CN=/emailAddress=" - chmod 640 data/{key.pem,cert.pem} + chmod 640 {key.pem,cert.pem} popd #================================================= @@ -173,15 +183,7 @@ ynh_print_ON coturn_config_path="/etc/$app/coturn.conf" -cp ../conf/coturn/turnserver.conf "$coturn_config_path" -ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$coturn_config_path" -ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$coturn_config_path" -ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$coturn_config_path" -ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$coturn_config_path" -ynh_replace_string --match_string=__CLI_PORT__ --replace_string=$cli_port --target_file="$coturn_config_path" -ynh_print_OFF -ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path" -ynh_print_ON +ynh_add_config --template="../conf/coturn/turnserver.conf" --destination="$coturn_config_path" # Get public IP and set as external IP for coturn # note: '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6 @@ -195,34 +197,26 @@ fi ynh_store_file_checksum --file="$coturn_config_path" +#================================================= +# CREATE GROUPS FOLDER +#================================================= + +# Define app's groups directory +groups="$final_path/groups" +# Create groups folder +mkdir -p "$groups" + #================================================= # MODIFY A CONFIG FILE #================================================= -cp ../conf/passwd $final_path/data/passwd -ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/data/passwd" -ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/data/passwd" - -mv "../conf/groupname.json" "$final_path/groups/$group_name.json" -ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/groups/$group_name.json" -ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/groups/$group_name.json" - -cp ../conf/ice-servers.json $final_path/data/ice-servers.json -ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$final_path/data/ice-servers.json" -ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$final_path/data/ice-servers.json" -ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$final_path/data/ice-servers.json" -ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$final_path/data/ice-servers.json" -ynh_print_OFF -ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$final_path/data/ice-servers.json" -ynh_print_ON - -#================================================= -# STORE THE CONFIG FILE CHECKSUM -#================================================= - -# Calculate and store the config file checksum into the app settings +ynh_add_config --template="../conf/passwd" --destination="$final_path/data/passwd" ynh_store_file_checksum --file="$final_path/data/passwd" + +ynh_add_config --template="../conf/groupname.json" --destination="$final_path/groups/$group_name.json" ynh_store_file_checksum --file="$final_path/groups/$group_name.json" + +ynh_add_config --template="../conf/ice-servers.json" --destination="$final_path/data/ice-servers.json" ynh_store_file_checksum --file="$final_path/data/ice-servers.json" #================================================= @@ -250,7 +244,7 @@ chmod +x $final_path/Coturn_config_rotate.sh #================================================= # Set permissions to app files -chown -R $app:root $final_path +chown -R $app:$app $final_path chmod -R 755 $final_path chown -R $app:root /var/log/$app chown -R $app:root /etc/$app diff --git a/scripts/restore b/scripts/restore index 11138fe..10741bf 100755 --- a/scripts/restore +++ b/scripts/restore @@ -33,6 +33,10 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) group_name=$(ynh_app_setting_get --app=$app --key=group_name) turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port) turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port) +cli_port=$(ynh_app_setting_get --app=$app --key=cli_port) +ynh_print_OFF +turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd) +ynh_print_ON #================================================= # CHECK IF THE APP CAN BE RESTORED @@ -122,48 +126,40 @@ then chmod 640 /etc/ssl/private/dh2048.pem fi -#================================================= -# RECONFIGURE THE TURNSERVER -#================================================= -ynh_script_progression --message="Reconfiguring Coturn..." --weight=23 +# #================================================= +# # RECONFIGURE THE TURNSERVER +# #================================================= +# ynh_script_progression --message="Reconfiguring Coturn..." --weight=23 -# To be sure that at the restoration the IP address in coturn config is the same as the real address we remake the coturn config +# # To be sure that at the restoration the IP address in coturn config is the same as the real address we remake the coturn config -# Retrieve specific settings -turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port) -turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port) -cli_port=$(ynh_app_setting_get --app=$app --key=cli_port) -ynh_print_OFF -turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd) -ynh_print_ON +# # WARNING : these commands are used in INSTALL, UPGRADE +# # For any update do it in all files -# WARNING : these commands are used in INSTALL, UPGRADE -# For any update do it in all files +# coturn_config_path="/etc/$app/coturn.conf" -coturn_config_path="/etc/$app/coturn.conf" +# cp ../settings/conf/coturn/turnserver.conf "$coturn_config_path" -cp ../settings/conf/coturn/turnserver.conf "$coturn_config_path" +# ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$coturn_config_path" +# ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$coturn_config_path" +# ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$coturn_config_path" +# ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$coturn_config_path" +# ynh_replace_string --match_string=__CLI_PORT__ --replace_string=$cli_port --target_file="$coturn_config_path" +# ynh_print_OFF +# ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path" +# ynh_print_ON -ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$coturn_config_path" -ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$coturn_config_path" -ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$coturn_config_path" -ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$coturn_config_path" -ynh_replace_string --match_string=__CLI_PORT__ --replace_string=$cli_port --target_file="$coturn_config_path" -ynh_print_OFF -ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path" -ynh_print_ON +# # Get public IP and set as external IP for coturn +# # note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6 +# public_ip4="$(curl ip.yunohost.org)" || true +# public_ip6="$(curl ipv6.yunohost.org)" || true -# Get public IP and set as external IP for coturn -# note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6 -public_ip4="$(curl ip.yunohost.org)" || true -public_ip6="$(curl ipv6.yunohost.org)" || true +# if ( [[ -n "$public_ip4" ]] && ynh_validate_ip4 --ip_address="$public_ip4" || [[ -n "$public_ip6" ]] && ynh_validate_ip6 --ip_address="$public_ip6" ) +# then +# echo "external-ip=${public_ip4}/${public_ip6}" >> "$coturn_config_path" +# fi -if ( [[ -n "$public_ip4" ]] && ynh_validate_ip4 --ip_address="$public_ip4" || [[ -n "$public_ip6" ]] && ynh_validate_ip6 --ip_address="$public_ip6" ) -then - echo "external-ip=${public_ip4}/${public_ip6}" >> "$coturn_config_path" -fi - -ynh_store_file_checksum --file="$coturn_config_path" +# ynh_store_file_checksum --file="$coturn_config_path" #================================================= # OPEN THE PORT @@ -180,11 +176,11 @@ ynh_script_progression --message="Restoring permissions..." --weight=1 # Restore permissions on app files # Set permissions on app files -chown -R $app:root $final_path +chown -R $app:$app $final_path chmod -R 755 $final_path chown -R $app:root /var/log/$app chown -R $app:root /etc/$app -chown turnserver:root $coturn_config_path +chown turnserver:root /etc/$app/coturn.conf chmod -R u=rwX,g=rX,o= /etc/$app chmod 770 $final_path/Coturn_config_rotate.sh setfacl -R -m user:turnserver:rX /etc/$app diff --git a/scripts/upgrade b/scripts/upgrade index 4ce33f6..556795a 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -89,17 +89,31 @@ then ynh_setup_source --dest_dir="$final_path" --source_id="$architecture" + groups="$final_path/groups" + data="$final_path/data" + + mkdir -p "$groups" + mkdir -p "$data" + # Copy the admin saved settings from tmp directory to final path - cp -ar "$tmpdir/groups" "$final_path/groups" + cp -ar "$tmpdir/groups" "$final_path" # Remove the tmp directory securely ynh_secure_remove --file="$tmpdir" + ynh_backup_if_checksum_is_different --file="$final_path/data/passwd" + ynh_add_config --template="../conf/passwd" --destination="$final_path/data/passwd" + ynh_store_file_checksum --file="$final_path/data/passwd" + + ynh_backup_if_checksum_is_different --file="$final_path/data/ice-servers.json" + ynh_add_config --template="../conf/ice-servers.json" --destination="$final_path/data/ice-servers.json" + ynh_store_file_checksum --file="$final_path/data/ice-servers.json" + # Recreate certificates - pushd "$final_path" - ynh_exec_warn_less openssl req -newkey rsa:2048 -nodes -keyout data/key.pem -x509 -days 365 -out data/cert.pem \ - -subj "/C=/ST=/L=/O=/OU=/CN=/emailAddress=" - chmod 640 data/{key.pem,cert.pem} + pushd "$final_path/data" + ynh_exec_warn_less openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out cert.pem \ + -subj "/C=/ST=/L=/O=/OU=/CN=/emailAddress=" + chmod 640 {key.pem,cert.pem} popd fi @@ -166,15 +180,7 @@ ynh_script_progression --message="Updating Coturn config..." --weight=1 coturn_config_path="/etc/$app/coturn.conf" -cp ../conf/coturn/turnserver.conf $coturn_config_path -ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$coturn_config_path" -ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$coturn_config_path" -ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$coturn_config_path" -ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$coturn_config_path" -ynh_replace_string --match_string=__CLI_PORT__ --replace_string=$cli_port --target_file="$coturn_config_path" -ynh_print_OFF -ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path" -ynh_print_ON +ynh_add_config --template="../conf/coturn/turnserver.conf" --destination="$coturn_config_path" # Get public IP and set as external IP for coturn # note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6 @@ -199,23 +205,6 @@ cp ../sources/Coturn_config_rotate.sh $final_path/Coturn_config_rotate.sh ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$final_path/Coturn_config_rotate.sh" chmod +x $final_path/Coturn_config_rotate.sh -#================================================= -# MODIFY A CONFIG FILE -#================================================= - -cp ../conf/passwd $final_path/data/passwd -ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/data/passwd" -ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/data/passwd" - -cp ../conf/ice-servers.json $final_path/data/ice-servers.json -ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$final_path/data/ice-servers.json" -ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$final_path/data/ice-servers.json" -ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$final_path/data/ice-servers.json" -ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$final_path/data/ice-servers.json" -ynh_print_OFF -ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$final_path/data/ice-servers.json" -ynh_print_ON - #================================================= # NGINX CONFIGURATION #================================================= @@ -255,7 +244,7 @@ ynh_add_systemd_config #================================================= # Set permissions on app files -chown -R $app:root $final_path +chown -R $app:$app $final_path chmod -R 755 $final_path chown -R $app:root /var/log/$app chown -R $app:root /etc/$app diff --git a/sources/Coturn_config_rotate.sh b/sources/Coturn_config_rotate.sh index b0c554a..da3fcbe 100644 --- a/sources/Coturn_config_rotate.sh +++ b/sources/Coturn_config_rotate.sh @@ -25,7 +25,7 @@ old_config_line=$(egrep "^external-ip=.*\$" "/etc/$app/coturn.conf") ynh_replace_string "^external-ip=.*\$" "$external_IP_line" "/etc/$app/coturn.conf" new_config_line=$(egrep "^external-ip=.*\$" "/etc/$app/coturn.conf") -setfacl -R -m user:turnserver:rX /etc/$app +setfacl -R -m user:turnserver:rX /etc/__APP__ if [ "$old_config_line" != "$new_config_line" ] then