From 97a98e16c2cb48acb9c95a1fd36658263d3b5456 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sat, 20 Feb 2021 15:31:13 +0100 Subject: [PATCH] Fix --- conf/coturn/turnserver.conf | 6 ++-- conf/ice-servers.json | 14 ++++---- scripts/install | 40 ++++------------------- scripts/restore | 64 +++++++++++++++++-------------------- scripts/upgrade | 52 +++++++++++++++--------------- 5 files changed, 73 insertions(+), 103 deletions(-) diff --git a/conf/coturn/turnserver.conf b/conf/coturn/turnserver.conf index da267fb..6c42720 100644 --- a/conf/coturn/turnserver.conf +++ b/conf/coturn/turnserver.conf @@ -1,10 +1,10 @@ lt-cred-mech use-auth-secret -static-auth-secret=__TURNPWD__ +static-auth-secret=__TURNSERVER_PWD__ realm=__DOMAIN__ -tls-listening-port=__TLS_PORT__ -alt-tls-listening-port=__TLS_ALT_PORT__ +tls-listening-port=__TURNSERVER_TLS_PORT__ +alt-tls-listening-port=__TURNSERVER_ALT_TLS_PORT__ min-port=49153 max-port=49193 cli-port=__CLI_PORT__ diff --git a/conf/ice-servers.json b/conf/ice-servers.json index 320489d..3a65dc9 100644 --- a/conf/ice-servers.json +++ b/conf/ice-servers.json @@ -1,15 +1,15 @@ [ { "urls": [ - "turn:__DOMAIN__:__TLS_PORT__", - "turn:__DOMAIN__:__TLS_ALT_PORT__", - "turn:__DOMAIN__:__TLS_PORT__?transport=tcp", - "turn:__DOMAIN__:__TLS_ALT_PORT__?transport=tcp", - "turn:__DOMAIN__:__TLS_PORT__?transport=udp", - "turn:__DOMAIN__:__TLS_ALT_PORT__?transport=udp" + "turn:__DOMAIN__:__TURNSERVER_TLS_PORT__", + "turn:__DOMAIN__:__TURNSERVER_ALT_TLS_PORT__", + "turn:__DOMAIN__:__TURNSERVER_TLS_PORT__?transport=tcp", + "turn:__DOMAIN__:__TURNSERVER_ALT_TLS_PORT__?transport=tcp", + "turn:__DOMAIN__:__TURNSERVER_TLS_PORT__?transport=udp", + "turn:__DOMAIN__:__TURNSERVER_ALT_TLS_PORT__?transport=udp" ], "username": "__APP__", - "credential": "__TURNPWD__", + "credential": "__TURNSERVER_PWD__", "credentialType": "hmac-sha1" } ] diff --git a/scripts/install b/scripts/install index 4c74dcb..72164c5 100755 --- a/scripts/install +++ b/scripts/install @@ -183,15 +183,7 @@ ynh_print_ON coturn_config_path="/etc/$app/coturn.conf" -cp ../conf/coturn/turnserver.conf "$coturn_config_path" -ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$coturn_config_path" -ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$coturn_config_path" -ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$coturn_config_path" -ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$coturn_config_path" -ynh_replace_string --match_string=__CLI_PORT__ --replace_string=$cli_port --target_file="$coturn_config_path" -ynh_print_OFF -ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path" -ynh_print_ON +ynh_add_config --template="../conf/coturn/turnserver.conf" --destination="$coturn_config_path" # Get public IP and set as external IP for coturn # note: '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6 @@ -218,30 +210,13 @@ mkdir -p "$groups" # MODIFY A CONFIG FILE #================================================= -cp ../conf/passwd $final_path/data/passwd -ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/data/passwd" -ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/data/passwd" - -mv "../conf/groupname.json" "$final_path/groups/$group_name.json" -ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/groups/$group_name.json" -ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/groups/$group_name.json" - -cp ../conf/ice-servers.json $final_path/data/ice-servers.json -ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$final_path/data/ice-servers.json" -ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$final_path/data/ice-servers.json" -ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$final_path/data/ice-servers.json" -ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$final_path/data/ice-servers.json" -ynh_print_OFF -ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$final_path/data/ice-servers.json" -ynh_print_ON - -#================================================= -# STORE THE CONFIG FILE CHECKSUM -#================================================= - -# Calculate and store the config file checksum into the app settings +ynh_add_config --template="../conf/passwd" --destination="$final_path/data/passwd" ynh_store_file_checksum --file="$final_path/data/passwd" + +ynh_add_config --template="../conf/groupname.json" --destination="$final_path/groups/$group_name.json" ynh_store_file_checksum --file="$final_path/groups/$group_name.json" + +ynh_add_config --template="../conf/ice-servers.json" --destination="$final_path/data/ice-servers.json" ynh_store_file_checksum --file="$final_path/data/ice-servers.json" #================================================= @@ -258,8 +233,7 @@ ynh_use_logrotate --logfile "/var/log/$app" # WARNING : theses command are used in INSTALL, UPGRADE # For any update do it in all files -cp ../sources/Coturn_config_rotate.sh $final_path/Coturn_config_rotate.sh -ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$final_path/Coturn_config_rotate.sh" +ynh_add_config --template="../sources/Coturn_config_rotate.sh" --destination="$final_path/Coturn_config_rotate.sh" chmod +x $final_path/Coturn_config_rotate.sh #================================================= diff --git a/scripts/restore b/scripts/restore index 07af19d..4aa9d61 100755 --- a/scripts/restore +++ b/scripts/restore @@ -33,6 +33,10 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) group_name=$(ynh_app_setting_get --app=$app --key=group_name) turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port) turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port) +cli_port=$(ynh_app_setting_get --app=$app --key=cli_port) +ynh_print_OFF +turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd) +ynh_print_ON #================================================= # CHECK IF THE APP CAN BE RESTORED @@ -122,48 +126,40 @@ then chmod 640 /etc/ssl/private/dh2048.pem fi -#================================================= -# RECONFIGURE THE TURNSERVER -#================================================= -ynh_script_progression --message="Reconfiguring Coturn..." --weight=23 +# #================================================= +# # RECONFIGURE THE TURNSERVER +# #================================================= +# ynh_script_progression --message="Reconfiguring Coturn..." --weight=23 -# To be sure that at the restoration the IP address in coturn config is the same as the real address we remake the coturn config +# # To be sure that at the restoration the IP address in coturn config is the same as the real address we remake the coturn config -# Retrieve specific settings -turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port) -turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port) -cli_port=$(ynh_app_setting_get --app=$app --key=cli_port) -ynh_print_OFF -turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd) -ynh_print_ON +# # WARNING : these commands are used in INSTALL, UPGRADE +# # For any update do it in all files -# WARNING : these commands are used in INSTALL, UPGRADE -# For any update do it in all files +# coturn_config_path="/etc/$app/coturn.conf" -coturn_config_path="/etc/$app/coturn.conf" +# cp ../settings/conf/coturn/turnserver.conf "$coturn_config_path" -cp ../settings/conf/coturn/turnserver.conf "$coturn_config_path" +# ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$coturn_config_path" +# ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$coturn_config_path" +# ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$coturn_config_path" +# ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$coturn_config_path" +# ynh_replace_string --match_string=__CLI_PORT__ --replace_string=$cli_port --target_file="$coturn_config_path" +# ynh_print_OFF +# ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path" +# ynh_print_ON -ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$coturn_config_path" -ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$coturn_config_path" -ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$coturn_config_path" -ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$coturn_config_path" -ynh_replace_string --match_string=__CLI_PORT__ --replace_string=$cli_port --target_file="$coturn_config_path" -ynh_print_OFF -ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path" -ynh_print_ON +# # Get public IP and set as external IP for coturn +# # note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6 +# public_ip4="$(curl ip.yunohost.org)" || true +# public_ip6="$(curl ipv6.yunohost.org)" || true -# Get public IP and set as external IP for coturn -# note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6 -public_ip4="$(curl ip.yunohost.org)" || true -public_ip6="$(curl ipv6.yunohost.org)" || true +# if ( [[ -n "$public_ip4" ]] && ynh_validate_ip4 --ip_address="$public_ip4" || [[ -n "$public_ip6" ]] && ynh_validate_ip6 --ip_address="$public_ip6" ) +# then +# echo "external-ip=${public_ip4}/${public_ip6}" >> "$coturn_config_path" +# fi -if ( [[ -n "$public_ip4" ]] && ynh_validate_ip4 --ip_address="$public_ip4" || [[ -n "$public_ip6" ]] && ynh_validate_ip6 --ip_address="$public_ip6" ) -then - echo "external-ip=${public_ip4}/${public_ip6}" >> "$coturn_config_path" -fi - -ynh_store_file_checksum --file="$coturn_config_path" +# ynh_store_file_checksum --file="$coturn_config_path" #================================================= # OPEN THE PORT diff --git a/scripts/upgrade b/scripts/upgrade index a872b6e..5907cf5 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -47,6 +47,20 @@ if [ -z "$final_path" ]; then ynh_app_setting_set --app=$app --key=final_path --value=$final_path fi +if [ -z "$final_path/groups" ]; then + # Define app's groups directory + groups="$final_path/groups" + #Create groups folder + mkdir -p "$groups" +fi + +if [ -z "$final_path/data" ]; then + # Define app's data directory + data="$final_path/data" + # Create data folder + mkdir -p "$data" +fi + #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= @@ -96,10 +110,10 @@ then ynh_secure_remove --file="$tmpdir" # Recreate certificates - pushd "$final_path" - ynh_exec_warn_less openssl req -newkey rsa:2048 -nodes -keyout data/key.pem -x509 -days 365 -out data/cert.pem \ - -subj "/C=/ST=/L=/O=/OU=/CN=/emailAddress=" - chmod 640 data/{key.pem,cert.pem} + pushd "$final_path/data" + ynh_exec_warn_less openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out cert.pem \ + -subj "/C=/ST=/L=/O=/OU=/CN=/emailAddress=" + chmod 640 {key.pem,cert.pem} popd fi @@ -166,15 +180,7 @@ ynh_script_progression --message="Updating Coturn config..." --weight=1 coturn_config_path="/etc/$app/coturn.conf" -cp ../conf/coturn/turnserver.conf $coturn_config_path -ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$coturn_config_path" -ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$coturn_config_path" -ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$coturn_config_path" -ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$coturn_config_path" -ynh_replace_string --match_string=__CLI_PORT__ --replace_string=$cli_port --target_file="$coturn_config_path" -ynh_print_OFF -ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path" -ynh_print_ON +ynh_add_config --template="../conf/coturn/turnserver.conf" --destination="$coturn_config_path" # Get public IP and set as external IP for coturn # note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6 @@ -195,26 +201,20 @@ ynh_store_file_checksum --file="$coturn_config_path" # WARNING : theses command are used in INSTALL, UPGRADE # For any update do it in all files -cp ../sources/Coturn_config_rotate.sh $final_path/Coturn_config_rotate.sh -ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$final_path/Coturn_config_rotate.sh" +ynh_add_config --template="../sources/Coturn_config_rotate.sh" --destination="$final_path/Coturn_config_rotate.sh" chmod +x $final_path/Coturn_config_rotate.sh #================================================= # MODIFY A CONFIG FILE #================================================= -cp ../conf/passwd $final_path/data/passwd -ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/data/passwd" -ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/data/passwd" +ynh_backup_if_checksum_is_different --file="$final_path/data/passwd" +ynh_add_config --template="../conf/passwd" --destination="$final_path/data/passwd" +ynh_store_file_checksum --file="$final_path/data/passwd" -cp ../conf/ice-servers.json $final_path/data/ice-servers.json -ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$final_path/data/ice-servers.json" -ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$final_path/data/ice-servers.json" -ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$final_path/data/ice-servers.json" -ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$final_path/data/ice-servers.json" -ynh_print_OFF -ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$final_path/data/ice-servers.json" -ynh_print_ON +ynh_backup_if_checksum_is_different --file="$final_path/data/ice-servers.json" +ynh_add_config --template="../conf/ice-servers.json" --destination="$final_path/data/ice-servers.json" +ynh_store_file_checksum --file="$final_path/data/ice-servers.json" #================================================= # NGINX CONFIGURATION