YunoHost-Apps/jitsi_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/jitsi_ynh.git synced 2024-09-03 19:35:57 +02:00
Code Issues Activity Actions

switching to .deb

Browse source
This commit is contained in:
yalh76 2020-04-10 05:21:33 +02:00
parent 1c3cf5f45e
commit 28a9c22b67
20 changed files with 766 additions and 947 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

534
conf/config.js
View file

@ -1,12 +1,532 @@
/* eslint-disable no-unused-vars, no-var */
var config = { var config = {
// Connection
//
hosts: { hosts: {
// XMPP domain.
domain: '__DOMAIN__', domain: '__DOMAIN__',
muc: 'conference.__DOMAIN__',
bridge: 'jitsi-videobridge.__DOMAIN__', // When using authentication, domain for guest users.
focus: 'focus.__DOMAIN__' // anonymousdomain: 'guest.example.com',
// Domain for authenticated users. Defaults to <domain>.
// authdomain: '__DOMAIN__',
// Jirecon recording component domain.
// jirecon: 'jirecon.__DOMAIN__',
// Call control component (Jigasi).
// call_control: 'callcontrol.__DOMAIN__',
// Focus component domain. Defaults to focus.<domain>.
// focus: 'focus.__DOMAIN__',
// XMPP MUC domain. FIXME: use XEP-0030 to discover it.
muc: 'conference.<!--# echo var="subdomain" default="" -->__DOMAIN__'
}, },
useNicks: false,
bosh: '//__DOMAIN__/http-bind', // FIXME: use xep-0156 for that // BOSH URL. FIXME: use XEP-0156 to discover it.
//chromeExtensionId: 'diibjkoicjeejcmhdnailmkgecihlobk', // Id of desktop streamer Chrome extension bosh: '//__DOMAIN__/http-bind',
//minChromeExtVersion: '0.1' // Required version of Chrome extension
// Websocket URL
// websocket: 'wss://__DOMAIN__/xmpp-websocket',
// The name of client node advertised in XEP-0115 'c' stanza
clientNode: 'http://jitsi.org/jitsimeet',
// The real JID of focus participant - can be overridden here
// focusUserJid: 'focus@auth.__DOMAIN__',
// Testing / experimental features.
//
testing: {
// Enables experimental simulcast support on Firefox.
enableFirefoxSimulcast: false,
// P2P test mode disables automatic switching to P2P when there are 2
// participants in the conference.
p2pTestMode: false
// Enables the test specific features consumed by jitsi-meet-torture
// testMode: false
// Disables the auto-play behavior of *all* newly created video element.
// This is useful when the client runs on a host with limited resources.
// noAutoPlayVideo: false
},
// Disables ICE/UDP by filtering out local and remote UDP candidates in
// signalling.
// webrtcIceUdpDisable: false,
// Disables ICE/TCP by filtering out local and remote TCP candidates in
// signalling.
// webrtcIceTcpDisable: false,
// Media
//
// Audio
// Disable measuring of audio levels.
// disableAudioLevels: false,
// audioLevelsInterval: 200,
// Enabling this will run the lib-jitsi-meet no audio detection module which
// will notify the user if the current selected microphone has no audio
// input and will suggest another valid device if one is present.
enableNoAudioDetection: true,
// Enabling this will run the lib-jitsi-meet noise detection module which will
// notify the user if there is noise, other than voice, coming from the current
// selected microphone. The purpose it to let the user know that the input could
// be potentially unpleasant for other meeting participants.
enableNoisyMicDetection: true,
// Start the conference in audio only mode (no video is being received nor
// sent).
// startAudioOnly: false,
// Every participant after the Nth will start audio muted.
// startAudioMuted: 10,
// Start calls with audio muted. Unlike the option above, this one is only
// applied locally. FIXME: having these 2 options is confusing.
// startWithAudioMuted: false,
// Enabling it (with #params) will disable local audio output of remote
// participants and to enable it back a reload is needed.
// startSilent: false
// Video
// Sets the preferred resolution (height) for local video. Defaults to 720.
// resolution: 720,
// w3c spec-compliant video constraints to use for video capture. Currently
// used by browsers that return true from lib-jitsi-meet's
// util#browser#usesNewGumFlow. The constraints are independent from
// this config's resolution value. Defaults to requesting an ideal aspect
// ratio of 16:9 with an ideal resolution of 720.
// constraints: {
// video: {
// aspectRatio: 16 / 9,
// height: {
// ideal: 720,
// max: 720,
// min: 240
// }
// }
// },
// Enable / disable simulcast support.
// disableSimulcast: false,
// Enable / disable layer suspension. If enabled, endpoints whose HD
// layers are not in use will be suspended (no longer sent) until they
// are requested again.
// enableLayerSuspension: false,
// Every participant after the Nth will start video muted.
// startVideoMuted: 10,
// Start calls with video muted. Unlike the option above, this one is only
// applied locally. FIXME: having these 2 options is confusing.
// startWithVideoMuted: false,
// If set to true, prefer to use the H.264 video codec (if supported).
// Note that it's not recommended to do this because simulcast is not
// supported when using H.264. For 1-to-1 calls this setting is enabled by
// default and can be toggled in the p2p section.
// preferH264: true,
// If set to true, disable H.264 video codec by stripping it out of the
// SDP.
// disableH264: false,
// Desktop sharing
// The ID of the jidesha extension for Chrome.
desktopSharingChromeExtId: null,
// Whether desktop sharing should be disabled on Chrome.
// desktopSharingChromeDisabled: false,
// The media sources to use when using screen sharing with the Chrome
// extension.
desktopSharingChromeSources: [ 'screen', 'window', 'tab' ],
// Required version of Chrome extension
desktopSharingChromeMinExtVersion: '0.1',
// Whether desktop sharing should be disabled on Firefox.
// desktopSharingFirefoxDisabled: false,
// Optional desktop sharing frame rate options. Default value: min:5, max:5.
// desktopSharingFrameRate: {
// min: 5,
// max: 5
// },
// Try to start calls with screen-sharing instead of camera video.
// startScreenSharing: false,
// Recording
// Whether to enable file recording or not.
// fileRecordingsEnabled: false,
// Enable the dropbox integration.
// dropbox: {
// appKey: '<APP_KEY>' // Specify your app key here.
// // A URL to redirect the user to, after authenticating
// // by default uses:
// // 'https://__DOMAIN__/static/oauth.html'
// redirectURI:
// 'https://__DOMAIN__/subfolder/static/oauth.html'
// },
// When integrations like dropbox are enabled only that will be shown,
// by enabling fileRecordingsServiceEnabled, we show both the integrations
// and the generic recording service (its configuration and storage type
// depends on jibri configuration)
// fileRecordingsServiceEnabled: false,
// Whether to show the possibility to share file recording with other people
// (e.g. meeting participants), based on the actual implementation
// on the backend.
// fileRecordingsServiceSharingEnabled: false,
// Whether to enable live streaming or not.
// liveStreamingEnabled: false,
// Transcription (in interface_config,
// subtitles and buttons can be configured)
// transcribingEnabled: false,
// Enables automatic turning on captions when recording is started
// autoCaptionOnRecord: false,
// Misc
// Default value for the channel "last N" attribute. -1 for unlimited.
channelLastN: -1,
// Disables or enables RTX (RFC 4588) (defaults to false).
// disableRtx: false,
// Disables or enables TCC (the default is in Jicofo and set to true)
// (draft-holmer-rmcat-transport-wide-cc-extensions-01). This setting
// affects congestion control, it practically enables send-side bandwidth
// estimations.
// enableTcc: true,
// Disables or enables REMB (the default is in Jicofo and set to false)
// (draft-alvestrand-rmcat-remb-03). This setting affects congestion
// control, it practically enables recv-side bandwidth estimations. When
// both TCC and REMB are enabled, TCC takes precedence. When both are
// disabled, then bandwidth estimations are disabled.
// enableRemb: false,
// Defines the minimum number of participants to start a call (the default
// is set in Jicofo and set to 2).
// minParticipants: 2,
// Use XEP-0215 to fetch STUN and TURN servers.
// useStunTurn: true,
// Enable IPv6 support.
// useIPv6: true,
// Enables / disables a data communication channel with the Videobridge.
// Values can be 'datachannel', 'websocket', true (treat it as
// 'datachannel'), undefined (treat it as 'datachannel') and false (don't
// open any channel).
// openBridgeChannel: true,
// UI
//
// Use display name as XMPP nickname.
// useNicks: false,
// Require users to always specify a display name.
// requireDisplayName: true,
// Whether to use a welcome page or not. In case it's false a random room
// will be joined when no room is specified.
enableWelcomePage: true,
// Enabling the close page will ignore the welcome page redirection when
// a call is hangup.
// enableClosePage: false,
// Disable hiding of remote thumbnails when in a 1-on-1 conference call.
// disable1On1Mode: false,
// Default language for the user interface.
// defaultLanguage: 'en',
// If true all users without a token will be considered guests and all users
// with token will be considered non-guests. Only guests will be allowed to
// edit their profile.
enableUserRolesBasedOnToken: false,
// Whether or not some features are checked based on token.
// enableFeaturesBasedOnToken: false,
// Enable lock room for all moderators, even when userRolesBasedOnToken is enabled and participants are guests.
// lockRoomGuestEnabled: false,
// When enabled the password used for locking a room is restricted to up to the number of digits specified
// roomPasswordNumberOfDigits: 10,
// default: roomPasswordNumberOfDigits: false,
// Message to show the users. Example: 'The service will be down for
// maintenance at 01:00 AM GMT,
// noticeMessage: '',
// Enables calendar integration, depends on googleApiApplicationClientID
// and microsoftApiApplicationClientID
// enableCalendarIntegration: false,
// Stats
//
// Whether to enable stats collection or not in the TraceablePeerConnection.
// This can be useful for debugging purposes (post-processing/analysis of
// the webrtc stats) as it is done in the jitsi-meet-torture bandwidth
// estimation tests.
// gatherStats: false,
// The interval at which PeerConnection.getStats() is called. Defaults to 10000
// pcStatsInterval: 10000,
// To enable sending statistics to callstats.io you must provide the
// Application ID and Secret.
// callStatsID: '',
// callStatsSecret: '',
// enables sending participants display name to callstats
// enableDisplayNameInStats: false,
// enables sending participants email if available to callstats and other analytics
// enableEmailInStats: false,
// Privacy
//
// If third party requests are disabled, no other server will be contacted.
// This means avatars will be locally generated and callstats integration
// will not function.
// disableThirdPartyRequests: false,
// Peer-To-Peer mode: used (if enabled) when there are just 2 participants.
//
p2p: {
// Enables peer to peer mode. When enabled the system will try to
// establish a direct connection when there are exactly 2 participants
// in the room. If that succeeds the conference will stop sending data
// through the JVB and use the peer to peer connection instead. When a
// 3rd participant joins the conference will be moved back to the JVB
// connection.
enabled: true,
// Use XEP-0215 to fetch STUN and TURN servers.
// useStunTurn: true,
// The STUN servers that will be used in the peer to peer connections
stunServers: [
// { urls: 'stun:__DOMAIN__:443' },
{ urls: 'stun:meet-jit-si-turnrelay.jitsi.net:443' }
],
// Sets the ICE transport policy for the p2p connection. At the time
// of this writing the list of possible values are 'all' and 'relay',
// but that is subject to change in the future. The enum is defined in
// the WebRTC standard:
// https://www.w3.org/TR/webrtc/#rtcicetransportpolicy-enum.
// If not set, the effective value is 'all'.
// iceTransportPolicy: 'all',
// If set to true, it will prefer to use H.264 for P2P calls (if H.264
// is supported).
preferH264: true
// If set to true, disable H.264 video codec by stripping it out of the
// SDP.
// disableH264: false,
// How long we're going to wait, before going back to P2P after the 3rd
// participant has left the conference (to filter out page reload).
// backToP2PDelay: 5
},
analytics: {
// The Google Analytics Tracking ID:
// googleAnalyticsTrackingId: 'your-tracking-id-UA-123456-1'
// The Amplitude APP Key:
// amplitudeAPPKey: '<APP_KEY>'
// Array of script URLs to load as lib-jitsi-meet "analytics handlers".
// scriptURLs: [
// "libs/analytics-ga.min.js", // google-analytics
// "https://example.com/my-custom-analytics.js"
// ],
},
// Information about the jitsi-meet instance we are connecting to, including
// the user region as seen by the server.
deploymentInfo: {
// shard: "shard1",
// region: "europe",
// userRegion: "asia"
},
// Decides whether the start/stop recording audio notifications should play on record.
// disableRecordAudioNotification: false,
// Information for the chrome extension banner
// chromeExtensionBanner: {
// // The chrome extension to be installed address
// url: 'https://chrome.google.com/webstore/detail/jitsi-meetings/kglhbbefdnlheedjiejgomgmfplipfeb',
// // Extensions info which allows checking if they are installed or not
// chromeExtensionsInfo: [
// {
// id: 'kglhbbefdnlheedjiejgomgmfplipfeb',
// path: 'jitsi-logo-48x48.png'
// }
// ]
// },
// Local Recording
//
// localRecording: {
// Enables local recording.
// Additionally, 'localrecording' (all lowercase) needs to be added to
// TOOLBAR_BUTTONS in interface_config.js for the Local Recording
// button to show up on the toolbar.
//
// enabled: true,
//
// The recording format, can be one of 'ogg', 'flac' or 'wav'.
// format: 'flac'
//
// },
// Options related to end-to-end (participant to participant) ping.
// e2eping: {
// // The interval in milliseconds at which pings will be sent.
// // Defaults to 10000, set to <= 0 to disable.
// pingInterval: 10000,
//
// // The interval in milliseconds at which analytics events
// // with the measured RTT will be sent. Defaults to 60000, set
// // to <= 0 to disable.
// analyticsInterval: 60000,
// },
// If set, will attempt to use the provided video input device label when
// triggering a screenshare, instead of proceeding through the normal flow
// for obtaining a desktop stream.
// NOTE: This option is experimental and is currently intended for internal
// use only.
// _desktopSharingSourceDevice: 'sample-id-or-label',
// If true, any checks to handoff to another application will be prevented
// and instead the app will continue to display in the current browser.
// disableDeepLinking: false,
// A property to disable the right click context menu for localVideo
// the menu has option to flip the locally seen video for local presentations
// disableLocalVideoFlip: false,
// Deployment specific URLs.
// deploymentUrls: {
// // If specified a 'Help' button will be displayed in the overflow menu with a link to the specified URL for
// // user documentation.
// userDocumentationURL: 'https://docs.example.com/video-meetings.html',
// // If specified a 'Download our apps' button will be displayed in the overflow menu with a link
// // to the specified URL for an app download page.
// downloadAppsUrl: 'https://docs.example.com/our-apps.html'
// },
// Options related to the remote participant menu.
// remoteVideoMenu: {
// // If set to true the 'Kick out' button will be disabled.
// disableKick: true
// },
// If set to true all muting operations of remote participants will be disabled.
// disableRemoteMute: true,
// List of undocumented settings used in jitsi-meet
/**
_immediateReloadThreshold
autoRecord
autoRecordToken
debug
debugAudioLevels
deploymentInfo
dialInConfCodeUrl
dialInNumbersUrl
dialOutAuthUrl
dialOutCodesUrl
disableRemoteControl
displayJids
etherpad_base
externalConnectUrl
firefox_fake_device
googleApiApplicationClientID
iAmRecorder
iAmSipGateway
microsoftApiApplicationClientID
peopleSearchQueryTypes
peopleSearchUrl
requireDisplayName
tokenAuthUrl
*/
// List of undocumented settings used in lib-jitsi-meet
/**
_peerConnStatusOutOfLastNTimeout
_peerConnStatusRtcMuteTimeout
abTesting
avgRtpStatsN
callStatsConfIDNamespace
callStatsCustomScriptUrl
desktopSharingSources
disableAEC
disableAGC
disableAP
disableHPF
disableNS
enableLipSync
enableTalkWhileMuted
forceJVB121Ratio
hiddenDomain
ignoreStartMuted
nick
startBitrate
*/
// Allow all above example options to include a trailing comma and
// prevent fear when commenting out the last value.
makeJsonParserHappy: 'even if last key had a trailing comma'
// no configuration value should follow this line.
}; };
/* eslint-enable no-unused-vars, no-var */

7
conf/jicofo.src Normal file
View file

@ -0,0 +1,7 @@
SOURCE_URL=https://download.jitsi.org/stable/jicofo_1.0-541-1_all.deb
SOURCE_SUM=be1fd88c63de46e5a4a1a314934d0b3b11bf1634fd89c62494d30a25b55c8568
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=deb
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=jicofo.deb
SOURCE_EXTRACT=false

4
conf/jitsi-jicofo.service
View file

@ -6,8 +6,8 @@ After=network.target
Type=simple Type=simple
User=__APP__ User=__APP__
Group=__APP__ Group=__APP__
WorkingDirectory=__FINALPATH__/jitsi-jicofo/ WorkingDirectory=__FINALPATH__/jicofo/
ExecStart=__FINALPATH__/jitsi-jicofo/jicofo.sh --host=localhost --domain=__DOMAIN__ --secret=__FOCUS_SECRET__ --user_domain=auth.__DOMAIN__ --user_name=__FOCUS_USER__ --user_password=__FOCUS_PASSWORD__ & >> /var/log/__APP__/__APP__-jitsi-jicofo.log 2>&1 ExecStart=__FINALPATH__/jicofo/jicofo.sh --host=localhost --domain=__DOMAIN__ --port=__PORT_COMPONENT__ --secret=__FOCUS_SECRET__ --user_domain=auth.__DOMAIN__ --user_name=__FOCUS_USER__ --user_password=__FOCUS_PASSWORD__ & >> /var/log/__APP__/__APP__-jitsi-jicofo.log 2>&1
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

6
conf/jitsi-jicofo.src
View file

@ -1,6 +0,0 @@
SOURCE_URL=https://github.com/jitsi/jicofo/archive/517.tar.gz
SOURCE_SUM=5239a8a4c8519a9362cabf151a1bb34138ba5083d652bc2c44a397484d6ffe08
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=

7
conf/jitsi-meet-prosody.src Normal file
View file

@ -0,0 +1,7 @@
SOURCE_URL=https://download.jitsi.org/stable/jitsi-meet-prosody_1.0.3969-1_all.deb
SOURCE_SUM=d5649beb69516f22122e5a40e1b50082559c23751ce982614f09509316bfb999
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=deb
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=jitsi-meet-prosody.deb
SOURCE_EXTRACT=false

4
conf/jitsi-meet.src → conf/jitsi-meet-web.src
View file

@ -1,5 +1,5 @@
SOURCE_URL=https://download.jitsi.org/stable/jitsi-meet-web_1.0.3729-1_all.deb SOURCE_URL=https://download.jitsi.org/stable/jitsi-meet-web_1.0.3969-1_all.deb
SOURCE_SUM=067ff38ef484063db6756a1f06e3e55226a9a01b9ad60f4a2cbe7021423eece4 SOURCE_SUM=f034557b0b30b97544c271a383adb7fdc9f74e1c8ffebe4aac87c0b2460784ae
SOURCE_SUM_PRG=sha256sum SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=deb SOURCE_FORMAT=deb
SOURCE_IN_SUBDIR=true SOURCE_IN_SUBDIR=true

2
conf/jitsi-videobridge.service
View file

@ -7,7 +7,7 @@ Type=simple
User=__APP__ User=__APP__
Group=__APP__ Group=__APP__
WorkingDirectory=__FINALPATH__/jitsi-videobridge/ WorkingDirectory=__FINALPATH__/jitsi-videobridge/
ExecStart=__FINALPATH__/jitsi-videobridge/jvb.sh --host=127.0.0.1 --domain=__DOMAIN__ --port=__PORT_COMPONENT__ --secret=__VIDEOBRIDGE_SECRET__ </dev/null >> /var/log/jvb.log 2>&1 ExecStart=__FINALPATH__/jitsi-videobridge/jvb.sh --host=localhost --domain=__DOMAIN__ --port=__PORT_COMPONENT__ --secret=__VIDEOBRIDGE_SECRET__ </dev/null >> /var/log/jvb.log 2>&1
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

9
conf/jitsi-videobridge.src
View file

@ -1,6 +1,7 @@
SOURCE_URL=https://download.jitsi.org/jitsi-videobridge/linux/jitsi-videobridge-linux-x64-1130.zip SOURCE_URL=https://download.jitsi.org/stable/jitsi-videobridge2_2.1-164-gfdce823f-1_all.deb
SOURCE_SUM=792db05e61e36d8811e7b132581b95b1022a8bf5689189e6206bc05888b54ec4 SOURCE_SUM=6a04a11fec7bffc74124d53d6734e599853311692b541805094af3577e2c8c58
SOURCE_SUM_PRG=sha256sum SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=zip SOURCE_FORMAT=deb
SOURCE_IN_SUBDIR=true SOURCE_IN_SUBDIR=true
SOURCE_FILENAME= SOURCE_FILENAME=jitsi-videobridge.deb
SOURCE_EXTRACT=false

62
conf/metronome.cfg.lua
View file

@ -19,10 +19,19 @@
-- for the server. Note that you must create the accounts separately -- for the server. Note that you must create the accounts separately
-- (see http://prosody.im/doc/creating_accounts for info) -- (see http://prosody.im/doc/creating_accounts for info)
-- Example: admins = { "user1@example.com", "user2@example.net" } -- Example: admins = { "user1@example.com", "user2@example.net" }
admins = { "svc__APP__focus@auth.__DOMAIN__" }
daemonize = true daemonize = true
cross_domain_bosh = true;
component_ports = { __PORT_COMPONENT__ } component_ports = { __PORT_COMPONENT__ }
plugin_paths = { "__FINAL_PATH__/jitsi-meet-prosody/" }
muc_mapper_domain_base = "__DOMAIN__";
turncredentials_secret = "__TURN_SECRET__";
turncredentials = {
{ type = "stun", host = "__DOMAIN__", port = "443" },
{ type = "turn", host = "__DOMAIN__", port = "443", transport = "udp" },
{ type = "turns", host = "__DOMAIN__", port = "443", transport = "tcp" }
};
cross_domain_bosh = false;
consider_bosh_secure = true;
--component_interface = "192.168.0.10" --component_interface = "192.168.0.10"
-- Enable use of libevent for better performance under high load -- Enable use of libevent for better performance under high load
@ -63,26 +72,17 @@ modules_enabled = {
--"admin_telnet"; -- Opens telnet console interface on localhost port 5582 --"admin_telnet"; -- Opens telnet console interface on localhost port 5582
-- HTTP modules -- HTTP modules
"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP" --"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"
--"http_files"; -- Serve static files from a directory over HTTP --"http_files"; -- Serve static files from a directory over HTTP
-- Other specific functionality -- Other specific functionality
"posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
--"groups"; -- Shared roster support --"groups"; -- Shared roster support
--"announce"; -- Send announcement to all online users --"announce"; -- Send announcement to all online users
--"welcome"; -- Welcome users who register accounts --"welcome"; -- Welcome users who register accounts
--"watchregistrations"; -- Alert admins of registrations --"watchregistrations"; -- Alert admins of registrations
--"motd"; -- Send a message to users when they log in --"motd"; -- Send a message to users when they log in
--"legacyauth"; -- Legacy authentication. Only used by some old clients and bots. --"legacyauth"; -- Legacy authentication. Only used by some old clients and bots.
-- jitsi
"stream_management";
"message_carbons";
"mam";
"lastactivity";
"offline";
"pubsub";
"adhoc";
"websocket";
"http_altconnect";
} }
-- These modules are auto-loaded, but should you want -- These modules are auto-loaded, but should you want
@ -139,7 +139,6 @@ allow_registration = false
-- for information about using the hashed backend. -- for information about using the hashed backend.
-- authentication = "internal_plain" -- authentication = "internal_plain"
authentication = "internal_hashed"
-- Select the storage backend to use. By default Prosody uses flat files -- Select the storage backend to use. By default Prosody uses flat files
-- in its configured data directory, but it also supports more backends -- in its configured data directory, but it also supports more backends
@ -178,9 +177,26 @@ VirtualHost "__DOMAIN__"
key = "/etc/yunohost/certs/__DOMAIN__/key.pem"; key = "/etc/yunohost/certs/__DOMAIN__/key.pem";
certificate = "/etc/yunohost/certs/__DOMAIN__/crt.pem"; certificate = "/etc/yunohost/certs/__DOMAIN__/crt.pem";
} }
speakerstats_component = "speakerstats.__DOMAIN__"
conference_duration_component = "conferenceduration.__DOMAIN__"
-- we need bosh
modules_enabled = {
"bosh";
"pubsub";
"ping"; -- Enable mod_ping
"speakerstats";
"turncredentials";
"conference_duration";
}
c2s_require_encryption = false c2s_require_encryption = false
Component "internal.auth.__DOMAIN__" "muc"
storage = "null"
modules_enabled = {
"ping";
}
admins = { "__FOCUS_USER__@auth.__DOMAIN__", "__JVB_USER__@auth.__DOMAIN__" }
VirtualHost "auth.__DOMAIN__" VirtualHost "auth.__DOMAIN__"
ssl = { ssl = {
key = "/etc/yunohost/certs/auth.__DOMAIN__/key.pem"; key = "/etc/yunohost/certs/auth.__DOMAIN__/key.pem";
@ -218,8 +234,24 @@ VirtualHost "auth.__DOMAIN__"
-- component_secret = "password" -- component_secret = "password"
Component "conference.__DOMAIN__" "muc" Component "conference.__DOMAIN__" "muc"
storage = "null"
modules_enabled = {
-- "muc_meeting_id";
-- "muc_domain_mapper";
-- "token_verification";
}
admins = { "__FOCUS_USER__@auth.__DOMAIN__" }
-- muc_room_locking = false
-- muc_room_default_public_jids = true
Component "jitsi-videobridge.__DOMAIN__" Component "jitsi-videobridge.__DOMAIN__"
component_secret = "__VIDEOBRIDGE_SECRET__" component_secret = "__VIDEOBRIDGE_SECRET__"
Component "focus.__DOMAIN__" Component "focus.__DOMAIN__"
component_secret = "__FOCUS_SECRET__" component_secret = "__FOCUS_SECRET__"
Component "speakerstats.__DOMAIN__" "speakerstats_component"
muc_component = "conference.__DOMAIN__"
Component "conferenceduration.__DOMAIN__" "conference_duration_component"
muc_component = "conference.__DOMAIN__"

119
conf/mod_carbons.lua
View file

@ -1,119 +0,0 @@
-- XEP-0280: Message Carbons implementation for Prosody
-- Copyright (C) 2011-2016 Kim Alvefur
--
-- This file is MIT/X11 licensed.
local st = require "util.stanza";
local jid_bare = require "util.jid".bare;
local xmlns_carbons = "urn:xmpp:carbons:2";
local xmlns_forward = "urn:xmpp:forward:0";
local full_sessions, bare_sessions = metronome.full_sessions, metronome.bare_sessions;
local function toggle_carbons(event)
local origin, stanza = event.origin, event.stanza;
local state = stanza.tags[1].name;
module:log("debug", "%s %sd carbons", origin.full_jid, state);
origin.want_carbons = state == "enable" and stanza.tags[1].attr.xmlns;
origin.send(st.reply(stanza));
return true;
end
module:hook("iq-set/self/"..xmlns_carbons..":disable", toggle_carbons);
module:hook("iq-set/self/"..xmlns_carbons..":enable", toggle_carbons);
local function message_handler(event, c2s)
local origin, stanza = event.origin, event.stanza;
local orig_type = stanza.attr.type or "normal";
local orig_from = stanza.attr.from;
local bare_from = jid_bare(orig_from);
local orig_to = stanza.attr.to;
local bare_to = jid_bare(orig_to);
if not(orig_type == "chat" or (orig_type == "normal" and stanza:get_child("body"))) then
return -- Only chat type messages
end
-- Stanza sent by a local client
local bare_jid = bare_from; -- JID of the local user
local target_session = origin;
local top_priority = false;
local user_sessions = bare_sessions[bare_from];
-- Stanza about to be delivered to a local client
if not c2s then
bare_jid = bare_to;
target_session = full_sessions[orig_to];
user_sessions = bare_sessions[bare_jid];
if not target_session and user_sessions then
-- The top resources will already receive this message per normal routing rules,
-- so we are going to skip them in order to avoid sending duplicated messages.
local top_resources = user_sessions.top_resources;
top_priority = top_resources and top_resources[1].priority
end
end
if not user_sessions then
module:log("debug", "Skip carbons for offline user");
return -- No use in sending carbons to an offline user
end
if stanza:get_child("private", xmlns_carbons) then
if not c2s then
stanza:maptags(function(tag)
if not ( tag.attr.xmlns == xmlns_carbons and tag.name == "private" ) then
return tag;
end
end);
end
module:log("debug", "Message tagged private, ignoring");
return
elseif stanza:get_child("no-copy", "urn:xmpp:hints") then
module:log("debug", "Message has no-copy hint, ignoring");
return
elseif not c2s and bare_jid == orig_from and stanza:get_child("x", "http://jabber.org/protocol/muc#user") then
module:log("debug", "MUC PM, ignoring");
return
end
local carbon;
user_sessions = user_sessions and user_sessions.sessions;
for _, session in pairs(user_sessions) do
-- Carbons are sent to resources that have enabled it
if session.want_carbons
-- but not the resource that sent the message, or the one that it's directed to
and session ~= target_session
-- and isn't among the top resources that would receive the message per standard routing rules
and (c2s or session.priority ~= top_priority) then
if not carbon then
-- Create the carbon copy and wrap it as per the Stanza Forwarding XEP
local copy = st.clone(stanza);
if c2s and not orig_to then
stanza.attr.to = bare_from;
end
copy.attr.xmlns = "jabber:client";
carbon = st.message{ from = bare_jid, type = orig_type, }
:tag(c2s and "sent" or "received", { xmlns = xmlns_carbons })
:tag("forwarded", { xmlns = xmlns_forward })
:add_child(copy):reset();
end
carbon.attr.to = session.full_jid;
module:log("debug", "Sending carbon to %s", session.full_jid);
session.send(carbon);
end
end
end
local function c2s_message_handler(event)
return message_handler(event, true)
end
-- Stanzas sent by local clients
module:hook("pre-message/host", c2s_message_handler, -0.5);
module:hook("pre-message/bare", c2s_message_handler, -0.5);
module:hook("pre-message/full", c2s_message_handler, -0.5);
-- Stanzas to local clients
module:hook("message/bare", message_handler, -0.5);
module:hook("message/full", message_handler, -0.5);
module:add_feature(xmlns_carbons);

59
conf/mod_http_altconnect.lua
View file

@ -1,59 +0,0 @@
-- mod_http_altconnect
-- XEP-0156: Discovering Alternative XMPP Connection Methods
module:depends"http";
local mm = require "core.modulemanager";
local json = require"util.json";
local st = require"util.stanza";
local array = require"util.array";
local function get_supported()
local uris = array();
if mm.is_loaded(module.host, "bosh") or mm.is_loaded("*", "bosh") then
uris:push({ rel = "urn:xmpp:alt-connections:xbosh", href = module:http_url("bosh", "/http-bind") });
end
if mm.is_loaded(module.host, "websocket") or mm.is_loaded("*", "websocket") then
uris:push({ rel = "urn:xmpp:alt-connections:websocket", href = module:http_url("websocket", "xmpp-websocket"):gsub("^http", "ws") });
end
return uris;
end
local function GET_xml(event)
local request, response = event.request, event.response;
local xrd = st.stanza("XRD", { xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0' });
local uris = get_supported();
for i, method in ipairs(uris) do
xrd:tag("Link", method):up();
end
response.headers.content_type = "application/xrd+xml"
response.headers.access_control_allow_origin = "*";
return '<?xml version="1.0" encoding="UTF-8"?>' .. tostring(xrd);
end
local function GET_json(event)
local request, response = event.request, event.response;
local jrd = { links = get_supported() };
response.headers.content_type = "application/json"
response.headers.access_control_allow_origin = "*";
return json.encode(jrd);
end;
local function GET_either(event)
local accept_type = event.request.headers.accept or "";
if ( accept_type:find("xml") or #accept_type ) < ( accept_type:find("json") or #accept_type+1 ) then
return GET_xml(event);
else
return GET_json(event);
end
end;
module:provides("http", {
default_path = "/.well-known";
route = {
["GET /host-meta"] = GET_either;
-- ["GET /host-meta.xml"] = GET_xml; -- Hmmm
["GET /host-meta.json"] = GET_json;
};
});

613
conf/mod_smacks.lua
View file

@ -1,613 +0,0 @@
-- XEP-0198: Stream Management for Prosody IM
--
-- Copyright (C) 2010-2015 Matthew Wild
-- Copyright (C) 2010 Waqas Hussain
-- Copyright (C) 2012-2015 Kim Alvefur
-- Copyright (C) 2012 Thijs Alkemade
-- Copyright (C) 2014 Florian Zeitz
-- Copyright (C) 2016-2020 Thilo Molitor
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--
local st = require "util.stanza";
local dep = require "util.dependencies";
local cache = dep.softreq("util.cache"); -- only available in prosody 0.10+
local uuid_generate = require "util.uuid".generate;
local jid = require "util.jid";
local t_insert, t_remove = table.insert, table.remove;
local math_min = math.min;
local math_max = math.max;
local os_time = os.time;
local tonumber, tostring = tonumber, tostring;
local add_filter = require "util.filters".add_filter;
local timer = require "util.timer";
local datetime = require "util.datetime";
local xmlns_sm2 = "urn:xmpp:sm:2";
local xmlns_sm3 = "urn:xmpp:sm:3";
local xmlns_errors = "urn:ietf:params:xml:ns:xmpp-stanzas";
local xmlns_delay = "urn:xmpp:delay";
local sm2_attr = { xmlns = xmlns_sm2 };
local sm3_attr = { xmlns = xmlns_sm3 };
local resume_timeout = module:get_option_number("smacks_hibernation_time", 300);
local s2s_smacks = module:get_option_boolean("smacks_enabled_s2s", false);
local s2s_resend = module:get_option_boolean("smacks_s2s_resend", false);
local max_unacked_stanzas = module:get_option_number("smacks_max_unacked_stanzas", 0);
local delayed_ack_timeout = module:get_option_number("smacks_max_ack_delay", 60);
local max_hibernated_sessions = module:get_option_number("smacks_max_hibernated_sessions", 10);
local max_old_sessions = module:get_option_number("smacks_max_old_sessions", 10);
local core_process_stanza = prosody.core_process_stanza;
local sessionmanager = require"core.sessionmanager";
assert(max_hibernated_sessions > 0, "smacks_max_hibernated_sessions must be greater than 0");
assert(max_old_sessions > 0, "smacks_old_sessions must be greater than 0");
local c2s_sessions = module:shared("/*/c2s/sessions");
local function init_session_cache(max_entries, evict_callback)
-- old prosody version < 0.10 (no limiting at all!)
if not cache then
local store = {};
return {
get = function(user, key)
if not user then return nil; end
if not key then return nil; end
return store[key];
end;
set = function(user, key, value)
if not user then return nil; end
if not key then return nil; end
store[key] = value;
end;
};
end
-- use per user limited cache for prosody >= 0.10
local stores = {};
return {
get = function(user, key)
if not user then return nil; end
if not key then return nil; end
if not stores[user] then
stores[user] = cache.new(max_entries, evict_callback);
end
return stores[user]:get(key);
end;
set = function(user, key, value)
if not user then return nil; end
if not key then return nil; end
if not stores[user] then stores[user] = cache.new(max_entries, evict_callback); end
stores[user]:set(key, value);
-- remove empty caches completely
if not stores[user]:count() then stores[user] = nil; end
end;
};
end
local old_session_registry = init_session_cache(max_old_sessions, nil);
local session_registry = init_session_cache(max_hibernated_sessions, function(resumption_token, session)
if session.destroyed then return true; end -- destroyed session can always be removed from cache
session.log("warn", "User has too much hibernated sessions, removing oldest session (token: %s)", resumption_token);
-- store old session's h values on force delete
-- save only actual h value and username/host (for security)
old_session_registry.set(session.username, resumption_token, {
h = session.handled_stanza_count,
username = session.username,
host = session.host
});
return true; -- allow session to be removed from full cache to make room for new one
end);
local function stoppable_timer(delay, callback)
local stopped = false;
local timer = module:add_timer(delay, function (t)
if stopped then return; end
return callback(t);
end);
if timer and timer.stop then return timer; end -- new prosody api includes stop() function
return {
stop = function () stopped = true end;
timer;
};
end
local function delayed_ack_function(session)
-- fire event only if configured to do so and our session is not already hibernated or destroyed
if delayed_ack_timeout > 0 and session.awaiting_ack
and not session.hibernating and not session.destroyed then
session.log("debug", "Firing event 'smacks-ack-delayed', queue = %d",
session.outgoing_stanza_queue and #session.outgoing_stanza_queue or 0);
module:fire_event("smacks-ack-delayed", {origin = session, queue = session.outgoing_stanza_queue});
end
session.delayed_ack_timer = nil;
end
local function can_do_smacks(session, advertise_only)
if session.smacks then return false, "unexpected-request", "Stream management is already enabled"; end
local session_type = session.type;
if session.username then
if not(advertise_only) and not(session.resource) then -- Fail unless we're only advertising sm
return false, "unexpected-request", "Client must bind a resource before enabling stream management";
end
return true;
elseif s2s_smacks and (session_type == "s2sin" or session_type == "s2sout") then
return true;
end
return false, "service-unavailable", "Stream management is not available for this stream";
end
module:hook("stream-features",
function (event)
if can_do_smacks(event.origin, true) then
event.features:tag("sm", sm2_attr):tag("optional"):up():up();
event.features:tag("sm", sm3_attr):tag("optional"):up():up();
end
end);
module:hook("s2s-stream-features",
function (event)
if can_do_smacks(event.origin, true) then
event.features:tag("sm", sm2_attr):tag("optional"):up():up();
event.features:tag("sm", sm3_attr):tag("optional"):up():up();
end
end);
local function request_ack_if_needed(session, force, reason)
local queue = session.outgoing_stanza_queue;
local expected_h = session.last_acknowledged_stanza + #queue;
-- session.log("debug", "*** SMACKS(1) ***: awaiting_ack=%s, hibernating=%s", tostring(session.awaiting_ack), tostring(session.hibernating));
if session.awaiting_ack == nil and not session.hibernating then
-- this check of last_requested_h prevents ack-loops if missbehaving clients report wrong
-- stanza counts. it is set when an <r> is really sent (e.g. inside timer), preventing any
-- further requests until a higher h-value would be expected.
-- session.log("debug", "*** SMACKS(2) ***: #queue=%s, max_unacked_stanzas=%s, expected_h=%s, last_requested_h=%s", tostring(#queue), tostring(max_unacked_stanzas), tostring(expected_h), tostring(session.last_requested_h));
if (#queue > max_unacked_stanzas and expected_h ~= session.last_requested_h) or force then
session.log("debug", "Queuing <r> (in a moment) from %s - #queue=%d", reason, #queue);
session.awaiting_ack = false;
session.awaiting_ack_timer = stoppable_timer(1e-06, function ()
-- session.log("debug", "*** SMACKS(3) ***: awaiting_ack=%s, hibernating=%s", tostring(session.awaiting_ack), tostring(session.hibernating));
-- only request ack if needed and our session is not already hibernated or destroyed
if not session.awaiting_ack and not session.hibernating and not session.destroyed then
session.log("debug", "Sending <r> (inside timer, before send) from %s - #queue=%d", reason, #queue);
(session.sends2s or session.send)(st.stanza("r", { xmlns = session.smacks }))
session.awaiting_ack = true;
-- expected_h could be lower than this expression e.g. more stanzas added to the queue meanwhile)
session.last_requested_h = session.last_acknowledged_stanza + #queue;
session.log("debug", "Sending <r> (inside timer, after send) from %s - #queue=%d", reason, #queue);
if not session.delayed_ack_timer then
session.delayed_ack_timer = stoppable_timer(delayed_ack_timeout, function()
delayed_ack_function(session);
end);
end
end
end);
end
end
-- Trigger "smacks-ack-delayed"-event if we added new (ackable) stanzas to the outgoing queue
-- and there isn't already a timer for this event running.
-- If we wouldn't do this, stanzas added to the queue after the first "smacks-ack-delayed"-event
-- would not trigger this event (again).
if #queue > max_unacked_stanzas and session.awaiting_ack and session.delayed_ack_timer == nil then
session.log("debug", "Calling delayed_ack_function directly (still waiting for ack)");
delayed_ack_function(session);
end
end
local function outgoing_stanza_filter(stanza, session)
local is_stanza = stanza.attr and not stanza.attr.xmlns and not stanza.name:find":";
if is_stanza and not stanza._cached then -- Stanza in default stream namespace
local queue = session.outgoing_stanza_queue;
local cached_stanza = st.clone(stanza);
cached_stanza._cached = true;
if cached_stanza and cached_stanza.name ~= "iq" and cached_stanza:get_child("delay", xmlns_delay) == nil then
cached_stanza = cached_stanza:tag("delay", {
xmlns = xmlns_delay,
from = jid.bare(session.full_jid or session.host),
stamp = datetime.datetime()
});
end
queue[#queue+1] = cached_stanza;
if session.hibernating then
session.log("debug", "hibernating, stanza queued");
module:fire_event("smacks-hibernation-stanza-queued", {origin = session, queue = queue, stanza = cached_stanza});
return nil;
end
request_ack_if_needed(session, false, "outgoing_stanza_filter");
end
return stanza;
end
local function count_incoming_stanzas(stanza, session)
if not stanza.attr.xmlns then
session.handled_stanza_count = session.handled_stanza_count + 1;
session.log("debug", "Handled %d incoming stanzas", session.handled_stanza_count);
end
return stanza;
end
local function wrap_session_out(session, resume)
if not resume then
session.outgoing_stanza_queue = {};
session.last_acknowledged_stanza = 0;
end
add_filter(session, "stanzas/out", outgoing_stanza_filter, -999);
local session_close = session.close;
function session.close(...)
if session.resumption_token then
session_registry.set(session.username, session.resumption_token, nil);
old_session_registry.set(session.username, session.resumption_token, nil);
session.resumption_token = nil;
end
-- send out last ack as per revision 1.5.2 of XEP-0198
if session.smacks and session.conn then
(session.sends2s or session.send)(st.stanza("a", { xmlns = session.smacks, h = string.format("%d", session.handled_stanza_count) }));
end
return session_close(...);
end
return session;
end
local function wrap_session_in(session, resume)
if not resume then
session.handled_stanza_count = 0;
end
add_filter(session, "stanzas/in", count_incoming_stanzas, 999);
return session;
end
local function wrap_session(session, resume)
wrap_session_out(session, resume);
wrap_session_in(session, resume);
return session;
end
function handle_enable(session, stanza, xmlns_sm)
local ok, err, err_text = can_do_smacks(session);
if not ok then
session.log("warn", "Failed to enable smacks: %s", err_text); -- TODO: XEP doesn't say we can send error text, should it?
(session.sends2s or session.send)(st.stanza("failed", { xmlns = xmlns_sm }):tag(err, { xmlns = xmlns_errors}));
return true;
end
module:log("debug", "Enabling stream management");
session.smacks = xmlns_sm;
wrap_session(session, false);
local resume_token;
local resume = stanza.attr.resume;
if resume == "true" or resume == "1" then
resume_token = uuid_generate();
session_registry.set(session.username, resume_token, session);
session.resumption_token = resume_token;
end
(session.sends2s or session.send)(st.stanza("enabled", { xmlns = xmlns_sm, id = resume_token, resume = resume, max = tostring(resume_timeout) }));
return true;
end
module:hook_stanza(xmlns_sm2, "enable", function (session, stanza) return handle_enable(session, stanza, xmlns_sm2); end, 100);
module:hook_stanza(xmlns_sm3, "enable", function (session, stanza) return handle_enable(session, stanza, xmlns_sm3); end, 100);
module:hook_stanza("http://etherx.jabber.org/streams", "features",
function (session, stanza)
stoppable_timer(1e-6, function ()
if can_do_smacks(session) then
if stanza:get_child("sm", xmlns_sm3) then
session.sends2s(st.stanza("enable", sm3_attr));
session.smacks = xmlns_sm3;
elseif stanza:get_child("sm", xmlns_sm2) then
session.sends2s(st.stanza("enable", sm2_attr));
session.smacks = xmlns_sm2;
else
return;
end
wrap_session_out(session, false);
end
end);
end);
function handle_enabled(session, stanza, xmlns_sm)
module:log("debug", "Enabling stream management");
session.smacks = xmlns_sm;
wrap_session_in(session, false);
-- FIXME Resume?
return true;
end
module:hook_stanza(xmlns_sm2, "enabled", function (session, stanza) return handle_enabled(session, stanza, xmlns_sm2); end, 100);
module:hook_stanza(xmlns_sm3, "enabled", function (session, stanza) return handle_enabled(session, stanza, xmlns_sm3); end, 100);
function handle_r(origin, stanza, xmlns_sm)
if not origin.smacks then
module:log("debug", "Received ack request from non-smack-enabled session");
return;
end
module:log("debug", "Received ack request, acking for %d", origin.handled_stanza_count);
-- Reply with <a>
(origin.sends2s or origin.send)(st.stanza("a", { xmlns = xmlns_sm, h = string.format("%d", origin.handled_stanza_count) }));
-- piggyback our own ack request if needed (see request_ack_if_needed() for explanation of last_requested_h)
local expected_h = origin.last_acknowledged_stanza + #origin.outgoing_stanza_queue;
if #origin.outgoing_stanza_queue > 0 and expected_h ~= origin.last_requested_h then
request_ack_if_needed(origin, true, "piggybacked by handle_r");
end
return true;
end
module:hook_stanza(xmlns_sm2, "r", function (origin, stanza) return handle_r(origin, stanza, xmlns_sm2); end);
module:hook_stanza(xmlns_sm3, "r", function (origin, stanza) return handle_r(origin, stanza, xmlns_sm3); end);
function handle_a(origin, stanza)
if not origin.smacks then return; end
origin.awaiting_ack = nil;
if origin.awaiting_ack_timer then
origin.awaiting_ack_timer:stop();
end
if origin.delayed_ack_timer then
origin.delayed_ack_timer:stop();
origin.delayed_ack_timer = nil;
end
-- Remove handled stanzas from outgoing_stanza_queue
-- origin.log("debug", "ACK: h=%s, last=%s", stanza.attr.h or "", origin.last_acknowledged_stanza or "");
local h = tonumber(stanza.attr.h);
if not h then
origin:close{ condition = "invalid-xml"; text = "Missing or invalid 'h' attribute"; };
return;
end
local handled_stanza_count = h-origin.last_acknowledged_stanza;
local queue = origin.outgoing_stanza_queue;
if handled_stanza_count > #queue then
origin.log("warn", "The client says it handled %d new stanzas, but we only sent %d :)",
handled_stanza_count, #queue);
origin.log("debug", "Client h: %d, our h: %d", tonumber(stanza.attr.h), origin.last_acknowledged_stanza);
for i=1,#queue do
origin.log("debug", "Q item %d: %s", i, tostring(queue[i]));
end
end
for i=1,math_min(handled_stanza_count,#queue) do
local handled_stanza = t_remove(origin.outgoing_stanza_queue, 1);
module:fire_event("delivery/success", { session = origin, stanza = handled_stanza });
end
origin.log("debug", "#queue = %d", #queue);
origin.last_acknowledged_stanza = origin.last_acknowledged_stanza + handled_stanza_count;
request_ack_if_needed(origin, false, "handle_a")
return true;
end
module:hook_stanza(xmlns_sm2, "a", handle_a);
module:hook_stanza(xmlns_sm3, "a", handle_a);
--TODO: Optimise... incoming stanzas should be handled by a per-session
-- function that has a counter as an upvalue (no table indexing for increments,
-- and won't slow non-198 sessions). We can also then remove the .handled flag
-- on stanzas
function handle_unacked_stanzas(session)
local queue = session.outgoing_stanza_queue;
local error_attr = { type = "cancel" };
if #queue > 0 then
session.outgoing_stanza_queue = {};
for i=1,#queue do
if not module:fire_event("delivery/failure", { session = session, stanza = queue[i] }) then
local reply = st.reply(queue[i]);
if reply.attr.to ~= session.full_jid then
reply.attr.type = "error";
reply:tag("error", error_attr)
:tag("recipient-unavailable", {xmlns = "urn:ietf:params:xml:ns:xmpp-stanzas"});
core_process_stanza(session, reply);
end
end
end
end
end
module:hook("pre-resource-unbind", function (event)
local session, err = event.session, event.error;
if session.smacks then
if not session.resumption_token then
local queue = session.outgoing_stanza_queue;
if #queue > 0 then
session.log("debug", "Destroying session with %d unacked stanzas", #queue);
handle_unacked_stanzas(session);
end
else
session.log("debug", "mod_smacks hibernating session for up to %d seconds", resume_timeout);
local hibernate_time = os_time(); -- Track the time we went into hibernation
session.hibernating = hibernate_time;
local resumption_token = session.resumption_token;
module:fire_event("smacks-hibernation-start", {origin = session, queue = session.outgoing_stanza_queue});
timer.add_task(resume_timeout, function ()
session.log("debug", "mod_smacks hibernation timeout reached...");
-- We need to check the current resumption token for this resource
-- matches the smacks session this timer is for in case it changed
-- (for example, the client may have bound a new resource and
-- started a new smacks session, or not be using smacks)
local curr_session = full_sessions[session.full_jid];
if session.destroyed then
session.log("debug", "The session has already been destroyed");
elseif curr_session and curr_session.resumption_token == resumption_token
-- Check the hibernate time still matches what we think it is,
-- otherwise the session resumed and re-hibernated.
and session.hibernating == hibernate_time then
-- wait longer if the timeout isn't reached because push was enabled for this session
-- session.first_hibernated_push is the starting point for hibernation timeouts of those push enabled clients
-- wait for an additional resume_timeout seconds if no push occured since hibernation at all
local current_time = os_time();
local timeout_start = math_max(session.hibernating, session.first_hibernated_push or session.hibernating);
if session.push_identifier ~= nil and not session.first_hibernated_push then
session.log("debug", "No push happened since hibernation started, hibernating session for up to %d extra seconds", resume_timeout);
return resume_timeout;
end
if current_time-timeout_start < resume_timeout and session.push_identifier ~= nil then
session.log("debug", "A push happened since hibernation started, hibernating session for up to %d extra seconds", current_time-timeout_start);
return current_time-timeout_start; -- time left to wait
end
session.log("debug", "Destroying session for hibernating too long");
session_registry.set(session.username, session.resumption_token, nil);
-- save only actual h value and username/host (for security)
old_session_registry.set(session.username, session.resumption_token, {
h = session.handled_stanza_count,
username = session.username,
host = session.host
});
session.resumption_token = nil;
sessionmanager.destroy_session(session);
else
session.log("debug", "Session resumed before hibernation timeout, all is well")
end
end);
return true; -- Postpone destruction for now
end
end
end);
local function handle_s2s_destroyed(event)
local session = event.session;
local queue = session.outgoing_stanza_queue;
if queue and #queue > 0 then
session.log("warn", "Destroying session with %d unacked stanzas", #queue);
if s2s_resend then
for i = 1, #queue do
module:send(queue[i]);
end
session.outgoing_stanza_queue = nil;
else
handle_unacked_stanzas(session);
end
end
end
module:hook("s2sout-destroyed", handle_s2s_destroyed);
module:hook("s2sin-destroyed", handle_s2s_destroyed);
local function get_session_id(session)
return session.id or (tostring(session):match("[a-f0-9]+$"));
end
function handle_resume(session, stanza, xmlns_sm)
if session.full_jid then
session.log("warn", "Tried to resume after resource binding");
session.send(st.stanza("failed", { xmlns = xmlns_sm })
:tag("unexpected-request", { xmlns = xmlns_errors })
);
return true;
end
local id = stanza.attr.previd;
local original_session = session_registry.get(session.username, id);
if not original_session then
session.log("debug", "Tried to resume non-existent session with id %s", id);
local old_session = old_session_registry.get(session.username, id);
if old_session and session.username == old_session.username
and session.host == old_session.host
and old_session.h then
session.send(st.stanza("failed", { xmlns = xmlns_sm, h = string.format("%d", old_session.h) })
:tag("item-not-found", { xmlns = xmlns_errors })
);
else
session.send(st.stanza("failed", { xmlns = xmlns_sm })
:tag("item-not-found", { xmlns = xmlns_errors })
);
end;
elseif session.username == original_session.username
and session.host == original_session.host then
session.log("debug", "mod_smacks resuming existing session %s...", get_session_id(original_session));
original_session.log("debug", "mod_smacks session resumed from %s...", get_session_id(session));
-- TODO: All this should move to sessionmanager (e.g. session:replace(new_session))
if original_session.conn then
original_session.log("debug", "mod_smacks closing an old connection for this session");
local conn = original_session.conn;
c2s_sessions[conn] = nil;
conn:close();
end
original_session.ip = session.ip;
original_session.conn = session.conn;
original_session.send = session.send;
original_session.close = session.close;
original_session.filter = session.filter;
original_session.filter.session = original_session;
original_session.filters = session.filters;
original_session.stream = session.stream;
original_session.secure = session.secure;
original_session.hibernating = nil;
session.log = original_session.log;
session.type = original_session.type;
wrap_session(original_session, true);
-- Inform xmppstream of the new session (passed to its callbacks)
original_session.stream:set_session(original_session);
-- Similar for connlisteners
c2s_sessions[session.conn] = original_session;
original_session.send(st.stanza("resumed", { xmlns = xmlns_sm,
h = string.format("%d", original_session.handled_stanza_count), previd = id }));
-- Fake an <a> with the h of the <resume/> from the client
original_session:dispatch_stanza(st.stanza("a", { xmlns = xmlns_sm,
h = stanza.attr.h }));
-- Ok, we need to re-send any stanzas that the client didn't see
-- ...they are what is now left in the outgoing stanza queue
-- We have to use the send of "session" because we don't want to add our resent stanzas
-- to the outgoing queue again
local queue = original_session.outgoing_stanza_queue;
session.log("debug", "resending all unacked stanzas that are still queued after resume, #queue = %d", #queue);
for i=1,#queue do
session.send(queue[i]);
end
session.log("debug", "all stanzas resent, now disabling send() in this session, #queue = %d", #queue);
function session.send(stanza)
session.log("warn", "Tried to send stanza on old session migrated by smacks resume (maybe there is a bug?): %s", tostring(stanza));
return false;
end
module:fire_event("smacks-hibernation-end", {origin = session, resumed = original_session, queue = queue});
request_ack_if_needed(original_session, true, "handle_resume");
else
module:log("warn", "Client %s@%s[%s] tried to resume stream for %s@%s[%s]",
session.username or "?", session.host or "?", session.type,
original_session.username or "?", original_session.host or "?", original_session.type);
session.send(st.stanza("failed", { xmlns = xmlns_sm })
:tag("not-authorized", { xmlns = xmlns_errors }));
end
return true;
end
module:hook_stanza(xmlns_sm2, "resume", function (session, stanza) return handle_resume(session, stanza, xmlns_sm2); end);
module:hook_stanza(xmlns_sm3, "resume", function (session, stanza) return handle_resume(session, stanza, xmlns_sm3); end);
local function handle_read_timeout(event)
local session = event.session;
if session.smacks then
if session.awaiting_ack then
if session.awaiting_ack_timer then
session.awaiting_ack_timer:stop();
end
if session.delayed_ack_timer then
session.delayed_ack_timer:stop();
session.delayed_ack_timer = nil;
end
return false; -- Kick the session
end
session.log("debug", "Sending <r> (read timeout)");
(session.sends2s or session.send)(st.stanza("r", { xmlns = session.smacks }));
session.awaiting_ack = true;
if not session.delayed_ack_timer then
session.delayed_ack_timer = stoppable_timer(delayed_ack_timeout, function()
delayed_ack_function(session);
end);
end
return true;
end
end
module:hook("s2s-read-timeout", handle_read_timeout);
module:hook("c2s-read-timeout", handle_read_timeout);

83
conf/nginx.conf
View file

@ -1,40 +1,81 @@
#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; root __FINALPATH__/jitsi-meet-web;
location __PATH__/ {
# Path to source # ssi on with javascript for multidomain variables in config.js
alias __FINALPATH__/jitsi-meet/ ;
# Force usage of https
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
index index.html;
ssi on; ssi on;
ssi_types application/x-javascript application/javascript;
# Include SSOWAT user panel. index index.html index.htm;
include conf.d/yunohost_panel.conf.inc; error_page 404 /static/404.html;
location = /config.js {
alias __FINALPATH__/jitsi-meet-web/config.js;
} }
location ~ ^/([a-zA-Z0-9=\?]+)$ { location = /external_api.js {
rewrite ^/(.*)$ / break; alias __FINALPATH__/jitsi-meet-web/libs/external_api.min.js;
}
#ensure all static content can always be found first
location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)$
{
add_header 'Access-Control-Allow-Origin' '*';
alias __FINALPATH__/jitsi-meet-web/$1/$2;
} }
# BOSH # BOSH
location __PATH__/http-bind { location = /http-bind {
proxy_pass http://127.0.0.1:5290/http-bind; proxy_pass http://127.0.0.1:5290/http-bind;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host; proxy_set_header Host $http_host;
proxy_buffering off;
tcp_nodelay on;
access_log off;
} }
# xmpp websockets # xmpp websockets
location __PATH__/xmpp-websocket { location = /xmpp-websocket {
proxy_pass http://127.0.0.1:5290/xmpp-websocket; proxy_pass http://127.0.0.1:5290/xmpp-websocket?prefix=$prefix&$args;
proxy_http_version 1.1; proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade"; proxy_set_header Connection "upgrade";
proxy_set_header Host $host; proxy_set_header Host $http_host;
tcp_nodelay on; tcp_nodelay on;
} }
location ~ ^/([^/?&:'"]+)$ {
try_files $uri @root_path;
}
location @root_path {
rewrite ^/(.*)$ / break;
}
location ~ ^/([^/?&:'"]+)/config.js$
{
set $subdomain "$1.";
set $subdir "$1/";
alias __FINALPATH__/jitsi-meet-web/config.js;
}
#Anything that didn't match above, and isn't a real file, assume it's a room name and redirect to /
location ~ ^/([^/?&:'"]+)/(.*)$ {
set $subdomain "$1.";
set $subdir "$1/";
rewrite ^/([^/?&:'"]+)/(.*)$ /$2;
}
# BOSH for subdomains
location ~ ^/([^/?&:'"]+)/http-bind {
set $subdomain "$1.";
set $subdir "$1/";
set $prefix "$1";
rewrite ^/(.*)$ /http-bind;
}
# websockets for subdomains
location ~ ^/([^/?&:'"]+)/xmpp-websocket {
set $subdomain "$1.";
set $subdir "$1/";
set $prefix "$1";
rewrite ^/(.*)$ /xmpp-websocket;
}

13
conf/sip-communicator.properties
View file

@ -2,3 +2,16 @@ org.jitsi.impl.neomedia.transform.srtp.SRTPCryptoContext.checkReplay=false
org.jitsi.videobridge.TCP_HARVESTER_PORT=__PORT__ org.jitsi.videobridge.TCP_HARVESTER_PORT=__PORT__
org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=__PRIVATE_IPV4__ org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=__PRIVATE_IPV4__
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=__PUBLIC_IPV4__ org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=__PUBLIC_IPV4__
org.ice4j.ice.harvest.DISABLE_AWS_HARVESTER=true
org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES=meet-jit-si-turnrelay.jitsi.net:443
org.jitsi.videobridge.ENABLE_STATISTICS=true
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc
org.jitsi.videobridge.xmpp.user.shard.HOSTNAME=localhost
org.jitsi.videobridge.xmpp.user.shard.DOMAIN=auth.__DOMAIN__
org.jitsi.videobridge.xmpp.user.shard.USERNAME=__JVB_USER__
org.jitsi.videobridge.xmpp.user.shard.PASSWORD=__JVB_PASSWORD__
org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS=JvbBrewery@internal.auth.__DOMAIN__
org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME=__MUC_NICKNAME__

2
manifest.json
View file

@ -6,7 +6,7 @@
"en": "Video conferencing web application", "en": "Video conferencing web application",
"fr": "Application web de conférence vidéo" "fr": "Application web de conférence vidéo"
}, },
"version": "1.0.3729~ynh1", "version": "1.0.3969~ynh1",
"url": "https://jitsi.org/Projects/JitMeet", "url": "https://jitsi.org/Projects/JitMeet",
"license": "Apache-2.0", "license": "Apache-2.0",
"maintainer": { "maintainer": {

8
scripts/backup
View file

@ -65,18 +65,10 @@ ynh_print_info --message="Backing up Metronome..."
# Backup Metronome domain conf template # Backup Metronome domain conf template
ynh_backup --src_path="/usr/share/yunohost/templates/jitsi/$domain.cfg.lua" ynh_backup --src_path="/usr/share/yunohost/templates/jitsi/$domain.cfg.lua"
ynh_backup --src_path="/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua" ynh_backup --src_path="/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua"
ynh_backup --src_path="/usr/share/yunohost/templates/jitsi/conference.$domain.cfg.lua"
ynh_backup --src_path="/usr/share/yunohost/templates/jitsi/jitsi-videobridge.$domain.cfg.lua"
ynh_backup --src_path="/usr/share/yunohost/templates/jitsi/focus.$domain.cfg.lua"
# Backup Metronome Hook # Backup Metronome Hook
ynh_backup --src_path="/usr/share/yunohost/hooks/conf_regen/50-metronome_$app" ynh_backup --src_path="/usr/share/yunohost/hooks/conf_regen/50-metronome_$app"
# Backup Metronome Module
ynh_backup --src_path="/usr/lib/metronome/modules/mod_carbons.lua"
ynh_backup --src_path="/usr/lib/metronome/modules/mod_http_altconnect.lua"
ynh_backup --src_path="/usr/lib/metronome/modules/mod_smacks.lua"
#================================================= #=================================================
# SPECIFIC BACKUP # SPECIFIC BACKUP
#================================================= #=================================================

96
scripts/install
View file

@ -15,6 +15,7 @@ source /usr/share/yunohost/helpers
ynh_print_info --message="Managing script failure..." ynh_print_info --message="Managing script failure..."
ynh_clean_setup () { ynh_clean_setup () {
read -p "key"
ynh_clean_check_starting ynh_clean_check_starting
} }
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
@ -39,6 +40,12 @@ focus_secret=$(ynh_string_random --length=8)
focus_user="svc${app}focus" focus_user="svc${app}focus"
jvb_user="svc${app}jvb"
jvb_password=$(ynh_string_random --length=8)
muc_nickname=$(ynh_string_random --length=32)
#================================================= #=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#================================================= #=================================================
@ -61,6 +68,9 @@ ynh_app_setting_set --app=$app --key=focus_password --value=$focus_password
ynh_app_setting_set --app=$app --key=videobridge_secret --value=$videobridge_secret ynh_app_setting_set --app=$app --key=videobridge_secret --value=$videobridge_secret
ynh_app_setting_set --app=$app --key=focus_secret --value=$focus_secret ynh_app_setting_set --app=$app --key=focus_secret --value=$focus_secret
ynh_app_setting_set --app=$app --key=focus_user --value=$focus_user ynh_app_setting_set --app=$app --key=focus_user --value=$focus_user
ynh_app_setting_set --app=$app --key=jvb_user --value=$jvb_user
ynh_app_setting_set --app=$app --key=jvb_password --value=$jvb_password
ynh_app_setting_set --app=$app --key=muc_nickname --value=$muc_nickname
#================================================= #=================================================
# STANDARD MODIFICATIONS # STANDARD MODIFICATIONS
@ -92,7 +102,7 @@ ynh_print_info --message="Installing dependencies..."
ynh_install_app_dependencies $pkg_dependencies ynh_install_app_dependencies $pkg_dependencies
ynh_install_nodejs --nodejs_version=10 #ynh_install_nodejs --nodejs_version=10
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
@ -100,10 +110,25 @@ ynh_install_nodejs --nodejs_version=10
ynh_print_info --message="Setting up source files..." ynh_print_info --message="Setting up source files..."
ynh_app_setting_set --app=$app --key=final_path --value=$final_path ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src # Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path/jitsi-videobridge" --source_id=jitsi-videobridge declare -A packages
ynh_setup_source --dest_dir="$final_path/jitsi-jicofo-build" --source_id=jitsi-jicofo packages[jicofo]="jicofo"
ynh_setup_source --dest_dir="$final_path/jitsi-meet_temp" --source_id=jitsi-meet packages[jitsi-meet-prosody]="jitsi-meet/prosody-plugins"
packages[jitsi-meet-web]="jitsi-meet"
packages[jitsi-videobridge]="jitsi-videobridge"
for package in "${!packages[@]}"
do
ynh_setup_source --dest_dir="$final_path/${package}_temp" --source_id=$package
pushd "$final_path/${package}_temp"
ar x $package.deb data.tar.xz
tar xf data.tar.xz
popd
mv "$final_path/${package}_temp/usr/share/${packages[$package]}/" "$final_path/${package}/"
ynh_secure_remove --file="$final_path/${package}_temp"
done
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
@ -128,48 +153,39 @@ ynh_system_user_create --username=$app --home_dir=$final_path
#================================================= #=================================================
ynh_print_info --message="Configuring metronome..." ynh_print_info --message="Configuring metronome..."
# Create additional domains # Adapt prosody module to metronome
if [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then ynh_replace_string --match_string="prosody" --replace_string="metronome" --target_file="$final_path/jitsi-meet-prosody/mod_muc_domain_mapper.lua"
ynh_print_info --message="Creating additional domains for package_check..."
yunohost domain add auth.$domain
yunohost domain add conference.$domain
yunohost domain add jitsi-videobridge.$domain
yunohost domain add focus.$domain
fi
# Create focus user # Create focus user
yunohost domain add auth.$domain
yunohost user create $focus_user -f $focus_user -l $focus_user -m ${focus_user}@auth.$domain -p $focus_password -q 0 yunohost user create $focus_user -f $focus_user -l $focus_user -m ${focus_user}@auth.$domain -p $focus_password -q 0
yunohost user create $jvb_user -f $jvb_user -l $jvb_user -m ${jvb_user}@auth.$domain -p $jvb_password -q 0
# Add Metronome domain conf template # Add Metronome domain conf template
metronome_conf="/usr/share/yunohost/templates/jitsi/$domain.cfg.lua" metronome_conf="/usr/share/yunohost/templates/jitsi/$domain.cfg.lua"
mkdir -p /usr/share/yunohost/templates/jitsi/ mkdir -p /usr/share/yunohost/templates/jitsi/
cp ../conf/metronome.cfg.lua $metronome_conf cp ../conf/metronome.cfg.lua $metronome_conf
ynh_replace_string --match_string="__PORT_COMPONENT__" --replace_string="$port_component" --target_file="$metronome_conf"
ynh_replace_string --match_string="__FINAL_PATH__" --replace_string="$final_path" --target_file="$metronome_conf"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$metronome_conf" ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$metronome_conf"
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$metronome_conf" ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$metronome_conf"
ynh_replace_string --match_string="__VIDEOBRIDGE_SECRET__" --replace_string="$videobridge_secret" --target_file="$metronome_conf" ynh_replace_string --match_string="__VIDEOBRIDGE_SECRET__" --replace_string="$videobridge_secret" --target_file="$metronome_conf"
ynh_replace_string --match_string="__FOCUS_SECRET__" --replace_string="$focus_secret" --target_file="$metronome_conf" ynh_replace_string --match_string="__FOCUS_SECRET__" --replace_string="$focus_secret" --target_file="$metronome_conf"
ynh_replace_string --match_string="__PORT_COMPONENT__" --replace_string="$port_component" --target_file="$metronome_conf" ynh_replace_string --match_string="__FOCUS_USER__" --replace_string="$focus_user" --target_file="$metronome_conf"
ynh_replace_string --match_string="__JVB_USER__" --replace_string="$jvb_user" --target_file="$metronome_conf"
touch "/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua" touch "/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua"
touch "/usr/share/yunohost/templates/jitsi/conference.$domain.cfg.lua"
touch "/usr/share/yunohost/templates/jitsi/jitsi-videobridge.$domain.cfg.lua"
touch "/usr/share/yunohost/templates/jitsi/focus.$domain.cfg.lua"
# Add Metronome hook # Add Metronome hook
cp -R ../conf/metronome_regen_conf.hook /usr/share/yunohost/hooks/conf_regen/50-metronome_$app cp -R ../conf/metronome_regen_conf.hook /usr/share/yunohost/hooks/conf_regen/50-metronome_$app
yunohost tools regen-conf metronome yunohost tools regen-conf metronome
# Add Metronome modules
cp ../conf/mod_carbons.lua /usr/lib/metronome/modules/mod_carbons.lua
cp ../conf/mod_http_altconnect.lua /usr/lib/metronome/modules/mod_http_altconnect.lua
cp ../conf/mod_smacks.lua /usr/lib/metronome/modules/mod_smacks.lua
ynh_systemd_action --service_name=metronome --action=restart ynh_systemd_action --service_name=metronome --action=restart
#================================================= #=================================================
# BUILD JITSI-VIDEOBRIDGE # CONFIGURE JITSI-VIDEOBRIDGE
#================================================= #=================================================
ynh_print_info --message="Building Jitsi-Videobridge..." ynh_print_info --message="Configuring Jitsi-Videobridge..."
public_ipv4="$(curl ip.yunohost.org)" || true public_ipv4="$(curl ip.yunohost.org)" || true
private_ipv4="$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')" || true private_ipv4="$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')" || true
@ -179,37 +195,18 @@ cp ../conf/sip-communicator.properties "$final_path/.sip-communicator/sip-commun
ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$final_path/.sip-communicator/sip-communicator.properties" ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$final_path/.sip-communicator/sip-communicator.properties"
ynh_replace_string --match_string="__PRIVATE_IPV4__" --replace_string="$private_ipv4" --target_file="$final_path/.sip-communicator/sip-communicator.properties" ynh_replace_string --match_string="__PRIVATE_IPV4__" --replace_string="$private_ipv4" --target_file="$final_path/.sip-communicator/sip-communicator.properties"
ynh_replace_string --match_string="__PUBLIC_IPV4__" --replace_string="$public_ipv4" --target_file="$final_path/.sip-communicator/sip-communicator.properties" ynh_replace_string --match_string="__PUBLIC_IPV4__" --replace_string="$public_ipv4" --target_file="$final_path/.sip-communicator/sip-communicator.properties"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/.sip-communicator/sip-communicator.properties"
ynh_replace_string --match_string="__JVB_USER__" --replace_string="$jvb_user" --target_file="$final_path/.sip-communicator/sip-communicator.properties"
ynh_replace_string --match_string="__JVB_PASSWORD__" --replace_string="$jvb_password" --target_file="$final_path/.sip-communicator/sip-communicator.properties"
ynh_replace_string --match_string="__MUC_NICKNAME__" --replace_string="$muc_nickname" --target_file="$final_path/.sip-communicator/sip-communicator.properties"
chown -R $app: $final_path chown -R $app: $final_path
#================================================= #=================================================
# BUILD JITSI-JICOFO # CONFIGURE JITSI-MEET
#================================================= #=================================================
ynh_print_info --message="Building Jitsi-Jicofo..." ynh_print_info --message="Configuring Jitsi-Meet..."
pushd "$final_path/jitsi-jicofo-build" config="$final_path/jitsi-meet-web/config.js"
mvn package -DskipTests -Dassembly.skipAssembly=false
popd
unzip $final_path/jitsi-jicofo-build/target/jicofo-linux-x64-1.1-SNAPSHOT.zip -d $final_path
mv $final_path/jicofo-linux-x64-1.1-SNAPSHOT/ $final_path/jitsi-jicofo/
ynh_secure_remove --file="$final_path/jitsi-jicofo-build"
#=================================================
# BUILD JITSI-MEET
#=================================================
ynh_print_info --message="Building Jitsi-Meet..."
pushd "$final_path/jitsi-meet_temp"
ar x jitsi-meet-web.deb data.tar.xz
tar xf data.tar.xz
popd
mv "$final_path/jitsi-meet_temp/usr/share/jitsi-meet/" "$final_path/jitsi-meet/"
ynh_secure_remove --file="$final_path/jitsi-meet_temp"
config="$final_path/jitsi-meet/config.js"
cp ../conf/config.js "$config" cp ../conf/config.js "$config"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$config" ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$config"
@ -225,6 +222,7 @@ ynh_replace_string --match_string="__PORT_COMPONENT__" --replace_string="$port_c
ynh_add_systemd_config --service=$app-videobridge --template="jitsi-videobridge.service" ynh_add_systemd_config --service=$app-videobridge --template="jitsi-videobridge.service"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="../conf/jitsi-jicofo.service" ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="../conf/jitsi-jicofo.service"
ynh_replace_string --match_string="__PORT_COMPONENT__" --replace_string="$port_component" --target_file="../conf/jitsi-jicofo.service"
ynh_replace_string --match_string="__FOCUS_SECRET__" --replace_string="$focus_secret" --target_file="../conf/jitsi-jicofo.service" ynh_replace_string --match_string="__FOCUS_SECRET__" --replace_string="$focus_secret" --target_file="../conf/jitsi-jicofo.service"
ynh_replace_string --match_string="__FOCUS_USER__" --replace_string="$focus_user" --target_file="../conf/jitsi-jicofo.service" ynh_replace_string --match_string="__FOCUS_USER__" --replace_string="$focus_user" --target_file="../conf/jitsi-jicofo.service"
ynh_replace_string --match_string="__FOCUS_PASSWORD__" --replace_string="$focus_password" --target_file="../conf/jitsi-jicofo.service" ynh_replace_string --match_string="__FOCUS_PASSWORD__" --replace_string="$focus_password" --target_file="../conf/jitsi-jicofo.service"

21
scripts/remove
View file

@ -22,6 +22,7 @@ port_videobridge=$(ynh_app_setting_get --app=$app --key=port_videobridge)
port_component=$(ynh_app_setting_get --app=$app --key=port_component) port_component=$(ynh_app_setting_get --app=$app --key=port_component)
final_path=$(ynh_app_setting_get --app=$app --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
focus_user=$(ynh_app_setting_get --app=$app --key=focus_user) focus_user=$(ynh_app_setting_get --app=$app --key=focus_user)
jvb_user=$(ynh_app_setting_get --app=$app --key=jvb_user)
#================================================= #=================================================
# STANDARD REMOVE # STANDARD REMOVE
@ -60,7 +61,7 @@ ynh_print_info --message="Removing dependencies..."
# Remove metapackage and its dependencies # Remove metapackage and its dependencies
ynh_remove_app_dependencies ynh_remove_app_dependencies
ynh_remove_nodejs #ynh_remove_nodejs
#================================================= #=================================================
# REMOVE APP MAIN DIR # REMOVE APP MAIN DIR
@ -116,19 +117,9 @@ fi
#================================================= #=================================================
ynh_print_info --message="Reconfiguring Metronome..." ynh_print_info --message="Reconfiguring Metronome..."
# Remove Metronome modules
ynh_secure_remove --file="/usr/lib/metronome/modules/mod_carbons.lua"
ynh_secure_remove --file="/usr/lib/metronome/modules/mod_http_altconnect.lua"
ynh_secure_remove --file="/usr/lib/metronome/modules/mod_smacks.lua"
ynh_systemd_action --service_name=metronome --action=restart
# Remove domain conf template # Remove domain conf template
ynh_secure_remove --file="/usr/share/yunohost/templates/jitsi/$domain.cfg.lua" ynh_secure_remove --file="/usr/share/yunohost/templates/jitsi/$domain.cfg.lua"
ynh_secure_remove --file="/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua" ynh_secure_remove --file="/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua"
ynh_secure_remove --file="/usr/share/yunohost/templates/jitsi/conference.$domain.cfg.lua"
ynh_secure_remove --file="/usr/share/yunohost/templates/jitsi/jitsi-videobridge.$domain.cfg.lua"
ynh_secure_remove --file="/usr/share/yunohost/templates/jitsi/focus.$domain.cfg.lua"
# Remove Jitsi template directory # Remove Jitsi template directory
if [ -z "$(ls -A /usr/share/yunohost/templates/jitsi)" ]; then if [ -z "$(ls -A /usr/share/yunohost/templates/jitsi)" ]; then
@ -141,14 +132,8 @@ yunohost tools regen-conf metronome
# Delete focus user # Delete focus user
yunohost user delete $focus_user --purge yunohost user delete $focus_user --purge
yunohost user delete $jvb_user --purge
# Removing additional domains
if [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then
yunohost domain remove auth.$domain yunohost domain remove auth.$domain
yunohost domain remove conference.$domain
yunohost domain remove jitsi-videobridge.$domain
yunohost domain remove focus.$domain
fi
#================================================= #=================================================
# REMOVE THE LOG FILES # REMOVE THE LOG FILES

16
scripts/restore
View file

@ -91,7 +91,7 @@ ynh_print_info --message="Reinstalling dependencies..."
# Define and install dependencies # Define and install dependencies
ynh_install_app_dependencies $pkg_dependencies ynh_install_app_dependencies $pkg_dependencies
ynh_install_nodejs --nodejs_version=10 #ynh_install_nodejs --nodejs_version=10
#================================================= #=================================================
# CONFIGURE FIREWALL # CONFIGURE FIREWALL
@ -108,33 +108,21 @@ ynh_exec_warn_less yunohost firewall allow --no-upnp UDP $port_videobridge
ynh_print_info --message="Configuring metronome..." ynh_print_info --message="Configuring metronome..."
# Create additional domains # Create additional domains
if [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then
yunohost domain add auth.$domain yunohost domain add auth.$domain
yunohost domain add conference.$domain
yunohost domain add jitsi-videobridge.$domain
yunohost domain add focus.$domain
fi
# Create focus user # Create focus user
yunohost user create $focus_user -f $focus_user -l $focus_user -m ${focus_user}@auth.$domain -p $focus_password -q 0 yunohost user create $focus_user -f $focus_user -l $focus_user -m ${focus_user}@auth.$domain -p $focus_password -q 0
yunohost user create $jvb_user -f $jvb_user -l $jvb_user -m ${jvb_user}@auth.$domain -p $jvb_password -q 0
# Restore Metronome domain conf template # Restore Metronome domain conf template
mkdir -p /usr/share/yunohost/templates/jitsi/ mkdir -p /usr/share/yunohost/templates/jitsi/
ynh_restore_file --origin_path="/usr/share/yunohost/templates/jitsi/$domain.cfg.lua" ynh_restore_file --origin_path="/usr/share/yunohost/templates/jitsi/$domain.cfg.lua"
ynh_restore_file --origin_path="/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua" ynh_restore_file --origin_path="/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua"
ynh_restore_file --origin_path="/usr/share/yunohost/templates/jitsi/conference.$domain.cfg.lua"
ynh_restore_file --origin_path="/usr/share/yunohost/templates/jitsi/jitsi-videobridge.$domain.cfg.lua"
ynh_restore_file --origin_path="/usr/share/yunohost/templates/jitsi/focus.$domain.cfg.lua"
# Restore Metronome Hook # Restore Metronome Hook
ynh_restore_file --origin_path="/usr/share/yunohost/hooks/conf_regen/50-metronome_$app" ynh_restore_file --origin_path="/usr/share/yunohost/hooks/conf_regen/50-metronome_$app"
yunohost tools regen-conf metronome yunohost tools regen-conf metronome
# Restore Metronome modules
ynh_restore_file --origin_path="/usr/lib/metronome/modules/mod_carbons.lua"
ynh_restore_file --origin_path="/usr/lib/metronome/modules/mod_http_altconnect.lua"
ynh_restore_file --origin_path="/usr/lib/metronome/modules/mod_smacks.lua"
ynh_systemd_action --service_name=metronome --action=restart ynh_systemd_action --service_name=metronome --action=restart
#================================================= #=================================================

40
scripts/upgrade
View file

@ -67,6 +67,21 @@ if ynh_version_gt "1.0.3387~ynh2" "${current_version}" ; then
yunohost tools regen-conf metronome yunohost tools regen-conf metronome
fi fi
if ynh_version_gt "1.0.3969~ynh1" "${current_version}" ; then
# Remove not needed domains
yunohost domain remove conference.$domain
yunohost domain remove jitsi-videobridge.$domain
yunohost domain remove focus.$domain
# Remove Previously installed Metronome modules
ynh_secure_remove --file="/usr/lib/metronome/modules/mod_carbons.lua"
ynh_secure_remove --file="/usr/lib/metronome/modules/mod_http_altconnect.lua"
ynh_secure_remove --file="/usr/lib/metronome/modules/mod_smacks.lua"
# Remove nodejs
ynh_remove_nodejs
fi
# Closing port_component # Closing port_component
if yunohost firewall list | grep -q "\- $port_component$" if yunohost firewall list | grep -q "\- $port_component$"
then then
@ -74,6 +89,7 @@ then
ynh_exec_warn_less yunohost firewall disallow TCP $port_component ynh_exec_warn_less yunohost firewall disallow TCP $port_component
fi fi
#================================================= #=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#================================================= #=================================================
@ -108,9 +124,24 @@ then
ynh_print_info --message="Upgrading source files..." ynh_print_info --message="Upgrading source files..."
# Download, check integrity, uncompress and patch the source from app.src # Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path/jitsi-videobridge" --source_id=jitsi-videobridge declare -A packages
ynh_setup_source --dest_dir="$final_path/jitsi-jicofo-build" --source_id=jitsi-jicofo packages[jicofo]="jicofo"
ynh_setup_source --dest_dir="$final_path/jitsi-meet_temp" --source_id=jitsi-meet packages[jitsi-meet-prosody]="jitsi-meet/prosody-plugins"
packages[jitsi-meet-web]="jitsi-meet"
packages[jitsi-videobridge]="jitsi-videobridge"
for package in "${!packages[@]}"
do
ynh_secure_remove --file="$final_path/${package}"
ynh_setup_source --dest_dir="$final_path/${package}_temp" --source_id=$package
pushd "$final_path/${package}_temp"
ar x $package.deb data.tar.xz
tar xf data.tar.xz
popd
mv "$final_path/${package}_temp/usr/share/${packages[$package]}/" "$final_path/${package}/"
ynh_secure_remove --file="$final_path/${package}_temp"
done
fi fi
#================================================= #=================================================
@ -128,7 +159,7 @@ ynh_print_info --message="Upgrading dependencies..."
ynh_install_app_dependencies $pkg_dependencies ynh_install_app_dependencies $pkg_dependencies
ynh_install_nodejs --nodejs_version=10 #ynh_install_nodejs --nodejs_version=10
#================================================= #=================================================
# CREATE DEDICATED USER # CREATE DEDICATED USER
@ -225,6 +256,7 @@ ynh_replace_string --match_string="__PORT_COMPONENT__" --replace_string="$port_c
ynh_add_systemd_config --service=$app-videobridge --template="jitsi-videobridge.service" ynh_add_systemd_config --service=$app-videobridge --template="jitsi-videobridge.service"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="../conf/jitsi-jicofo.service" ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="../conf/jitsi-jicofo.service"
ynh_replace_string --match_string="__PORT_COMPONENT__" --replace_string="$port_component" --target_file="../conf/jitsi-jicofo.service"
ynh_replace_string --match_string="__FOCUS_SECRET__" --replace_string="$focus_secret" --target_file="../conf/jitsi-jicofo.service" ynh_replace_string --match_string="__FOCUS_SECRET__" --replace_string="$focus_secret" --target_file="../conf/jitsi-jicofo.service"
ynh_replace_string --match_string="__FOCUS_USER__" --replace_string="$focus_user" --target_file="../conf/jitsi-jicofo.service" ynh_replace_string --match_string="__FOCUS_USER__" --replace_string="$focus_user" --target_file="../conf/jitsi-jicofo.service"
ynh_replace_string --match_string="__FOCUS_PASSWORD__" --replace_string="$focus_password" --target_file="../conf/jitsi-jicofo.service" ynh_replace_string --match_string="__FOCUS_PASSWORD__" --replace_string="$focus_password" --target_file="../conf/jitsi-jicofo.service"