YunoHost-Apps/jitsi_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/jitsi_ynh.git synced 2024-09-03 19:35:57 +02:00
Code Issues Activity Actions

with prosody

Browse source
This commit is contained in:
yalh76 2022-02-03 03:00:20 +01:00
parent 805e8496fe
commit 2b1447410c
38 changed files with 1753 additions and 1219 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

39
issue_template.md → .github/ISSUE_TEMPLATE.md vendored
View file

@ -1,46 +1,55 @@
---
name: Bug report
about: Create a report to help us debug, it would be nice to fill the template as much as you can to help us, help you and help us all.
about: When creating a bug report, please use the following template to provide all the relevant information and help debugging efficiently.
---
**How to post a meaningful bug report**
1. *Read this whole template first.*
2. *Determine if you are on the right place:*
- *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change url...), you are on the right place!*
- *Otherwise, the issue may be due to Jitsi Meet itself. Refer to its documentation or repository for help.*
- *If you have a doubt, post here, we will figure it out together.*
- *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!*
- *Otherwise, the issue may be due to the app itself. Refer to its documentation or repository for help.*
- *When in doubt, post here and we will figure it out together.*
3. *Delete the italic comments as you write over them below, and remove this guide.*
---
**Describe the bug**
### Describe the bug
*A clear and concise description of what the bug is.*
**Versions**
### Context
- Hardware: *VPS bought online / Old laptop or computer / Raspberry Pi at home / Internet Cube with VPN / Other ARM board / ...*
- YunoHost version: x.x.x
- I have access to my server: *Through SSH | through the webadmin | direct access via keyboard / screen | ...*
- Are you in a special context or did you perform some particular tweaking on your YunoHost instance ?: *no / yes*
- Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: *no / yes*
- If yes, please explain:
- Using, or trying to install package version/branch:
- If upgrading, current package version: *can be found in the admin, or with `yunohost app info $app_id`*
**To Reproduce**
*Steps to reproduce the behavior.*
### Steps to reproduce
- *If you performed a command from the CLI, the command itself is enough. For example:*
```sh
sudo yunohost app install jitsi
sudo yunohost app install the_app
```
- *If you used the webadmin, please perform the equivalent command from the CLI first.*
- *If the error occurs in your browser, explain what you did:*
1. *Go to '...'*
2. *Click on '....'*
3. *Scroll down to '....'*
2. *Click on '...'*
3. *Scroll down to '...'*
4. *See error*
**Expected behavior**
### Expected behavior
*A clear and concise description of what you expected to happen. You can remove this section if the command above is enough to understand your intent.*
**Logs**
*After a failed command, YunoHost makes the log available to you, but also to others, thanks to `yunohost log display [log name] --share`. The actual command, with the correct log name, is displayed at the end of the failed attempt in the CLI. Execute it and copy here the share link it outputs.*
### Logs
*When an operation fails, YunoHost provides a simple way to share the logs.*
- *In the webadmin, the error message contains a link to the relevant log page. On that page, you will be able to 'Share with Yunopaste'. If you missed it, the logs of previous operations are also available under Tools > Logs.*
- *In command line, the command to share the logs is displayed at the end of the operation and looks like `yunohost log display [log name] --share`. If you missed it, you can find the log ID of a previous operation using `yunohost log list`.*
*After sharing the log, please copypaste directly the link provided by YunoHost (to help readability, no need to copypaste the entire content of the log here, just the link is enough...)*
*If applicable and useful, add screenshots to help explain your problem.*

16
.github/PULL_REQUEST_TEMPLATE.md vendored Normal file
View file

@ -0,0 +1,16 @@
## Problem
- *Description of why you made this PR*
## Solution
- *And how do you fix that problem*
## PR Status
- [ ] Code finished and ready to be reviewed/tested
- [ ] The fix/enhancement were manually tested (if applicable)
## Automatic tests
Automatic tests can be triggered on https://ci-apps-dev.yunohost.org/ *after creating the PR*, by commenting "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!". (N.B. : for this to work you need to be a member of the Yunohost-Apps organization)

13
check_process
View file

@ -1,11 +1,6 @@
# See here for more information
# https://github.com/YunoHost/package_check#syntax-check_process-file
# Move this file from check_process.default to check_process when you have filled it.
;; Test complet
; Manifest
domain="domain.tld" (DOMAIN)
domain="domain.tld"
; Checks
pkg_linter=1
setup_sub_dir=0
@ -18,13 +13,8 @@
upgrade=1 from_commit=7e81cff25dd5a85a5f9b97299b2dc251f2725d4b
backup_restore=1
multi_instance=0
# This test is no longer necessary since the version 2.7 (PR: https://github.com/YunoHost/yunohost/pull/304), you can still do it if your app could be installed with this version.
# incorrect_path=1
port_already_use=0
change_url=0
;;; Levels
# If the level 5 (Package linter) is forced to 1. Please add justifications here.
Level 5=auto
;;; Options
Email=yalh@yahoo.com
Notification=all
@ -32,4 +22,3 @@ Notification=all
; commit=7e81cff25dd5a85a5f9b97299b2dc251f2725d4b
name=1.0.3729~ynh1
manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666&

595
conf/config.js
View file

@ -1,595 +0,0 @@
/* eslint-disable no-unused-vars, no-var */
var config = {
// Connection
//
hosts: {
// XMPP domain.
domain: '__DOMAIN__',
// When using authentication, domain for guest users.
// anonymousdomain: 'guest.example.com',
// Domain for authenticated users. Defaults to <domain>.
// authdomain: '__DOMAIN__',
// Jirecon recording component domain.
// jirecon: 'jirecon.__DOMAIN__',
// Call control component (Jigasi).
// call_control: 'callcontrol.__DOMAIN__',
// Focus component domain. Defaults to focus.<domain>.
// focus: 'focus.__DOMAIN__',
// XMPP MUC domain. FIXME: use XEP-0030 to discover it.
muc: 'conference.__DOMAIN__'
},
// BOSH URL. FIXME: use XEP-0156 to discover it.
bosh: '//__DOMAIN__/http-bind',
// Websocket URL
// websocket: 'wss://__DOMAIN__/xmpp-websocket',
// The name of client node advertised in XEP-0115 'c' stanza
clientNode: 'http://jitsi.org/jitsimeet',
// The real JID of focus participant - can be overridden here
// focusUserJid: 'focus@auth.__DOMAIN__',
// Testing / experimental features.
//
testing: {
// P2P test mode disables automatic switching to P2P when there are 2
// participants in the conference.
p2pTestMode: false
// Enables the test specific features consumed by jitsi-meet-torture
// testMode: false
// Disables the auto-play behavior of *all* newly created video element.
// This is useful when the client runs on a host with limited resources.
// noAutoPlayVideo: false
// Enable / disable 500 Kbps bitrate cap on desktop tracks. When enabled,
// simulcast is turned off for the desktop share. If presenter is turned
// on while screensharing is in progress, the max bitrate is automatically
// adjusted to 2.5 Mbps. This takes a value between 0 and 1 which determines
// the probability for this to be enabled.
// capScreenshareBitrate: 1 // 0 to disable
},
// Disables ICE/UDP by filtering out local and remote UDP candidates in
// signalling.
// webrtcIceUdpDisable: false,
// Disables ICE/TCP by filtering out local and remote TCP candidates in
// signalling.
// webrtcIceTcpDisable: false,
// Media
//
// Audio
// Disable measuring of audio levels.
// disableAudioLevels: false,
// audioLevelsInterval: 200,
// Enabling this will run the lib-jitsi-meet no audio detection module which
// will notify the user if the current selected microphone has no audio
// input and will suggest another valid device if one is present.
enableNoAudioDetection: true,
// Enabling this will run the lib-jitsi-meet noise detection module which will
// notify the user if there is noise, other than voice, coming from the current
// selected microphone. The purpose it to let the user know that the input could
// be potentially unpleasant for other meeting participants.
enableNoisyMicDetection: true,
// Start the conference in audio only mode (no video is being received nor
// sent).
// startAudioOnly: false,
// Every participant after the Nth will start audio muted.
// startAudioMuted: 10,
// Start calls with audio muted. Unlike the option above, this one is only
// applied locally. FIXME: having these 2 options is confusing.
// startWithAudioMuted: false,
// Enabling it (with #params) will disable local audio output of remote
// participants and to enable it back a reload is needed.
// startSilent: false
// Video
// Sets the preferred resolution (height) for local video. Defaults to 720.
// resolution: 720,
// w3c spec-compliant video constraints to use for video capture. Currently
// used by browsers that return true from lib-jitsi-meet's
// util#browser#usesNewGumFlow. The constraints are independent from
// this config's resolution value. Defaults to requesting an ideal
// resolution of 720p.
// constraints: {
// video: {
// height: {
// ideal: 720,
// max: 720,
// min: 240
// }
// }
// },
// Enable / disable simulcast support.
// disableSimulcast: false,
// Enable / disable layer suspension. If enabled, endpoints whose HD
// layers are not in use will be suspended (no longer sent) until they
// are requested again.
// enableLayerSuspension: false,
// Every participant after the Nth will start video muted.
// startVideoMuted: 10,
// Start calls with video muted. Unlike the option above, this one is only
// applied locally. FIXME: having these 2 options is confusing.
// startWithVideoMuted: false,
// If set to true, prefer to use the H.264 video codec (if supported).
// Note that it's not recommended to do this because simulcast is not
// supported when using H.264. For 1-to-1 calls this setting is enabled by
// default and can be toggled in the p2p section.
// preferH264: true,
// If set to true, disable H.264 video codec by stripping it out of the
// SDP.
// disableH264: false,
// Desktop sharing
// The ID of the jidesha extension for Chrome.
desktopSharingChromeExtId: null,
// Whether desktop sharing should be disabled on Chrome.
// desktopSharingChromeDisabled: false,
// The media sources to use when using screen sharing with the Chrome
// extension.
desktopSharingChromeSources: [ 'screen', 'window', 'tab' ],
// Required version of Chrome extension
desktopSharingChromeMinExtVersion: '0.1',
// Whether desktop sharing should be disabled on Firefox.
// desktopSharingFirefoxDisabled: false,
// Optional desktop sharing frame rate options. Default value: min:5, max:5.
// desktopSharingFrameRate: {
// min: 5,
// max: 5
// },
// Try to start calls with screen-sharing instead of camera video.
// startScreenSharing: false,
// Recording
// Whether to enable file recording or not.
// fileRecordingsEnabled: false,
// Enable the dropbox integration.
// dropbox: {
// appKey: '<APP_KEY>' // Specify your app key here.
// // A URL to redirect the user to, after authenticating
// // by default uses:
// // 'https://jitsi-meet.example.com/static/oauth.html'
// redirectURI:
// 'https://jitsi-meet.example.com/subfolder/static/oauth.html'
// },
// When integrations like dropbox are enabled only that will be shown,
// by enabling fileRecordingsServiceEnabled, we show both the integrations
// and the generic recording service (its configuration and storage type
// depends on jibri configuration)
// fileRecordingsServiceEnabled: false,
// Whether to show the possibility to share file recording with other people
// (e.g. meeting participants), based on the actual implementation
// on the backend.
// fileRecordingsServiceSharingEnabled: false,
// Whether to enable live streaming or not.
// liveStreamingEnabled: false,
// Transcription (in interface_config,
// subtitles and buttons can be configured)
// transcribingEnabled: false,
// Enables automatic turning on captions when recording is started
// autoCaptionOnRecord: false,
// Misc
// Default value for the channel "last N" attribute. -1 for unlimited.
channelLastN: -1,
// // Options for the recording limit notification.
// recordingLimit: {
//
// // The recording limit in minutes. Note: This number appears in the notification text
// // but doesn't enforce the actual recording time limit. This should be configured in
// // jibri!
// limit: 60,
//
// // The name of the app with unlimited recordings.
// appName: 'Unlimited recordings APP',
//
// // The URL of the app with unlimited recordings.
// appURL: 'https://unlimited.recordings.app.com/'
// },
// Disables or enables RTX (RFC 4588) (defaults to false).
// disableRtx: false,
// Disables or enables TCC (the default is in Jicofo and set to true)
// (draft-holmer-rmcat-transport-wide-cc-extensions-01). This setting
// affects congestion control, it practically enables send-side bandwidth
// estimations.
// enableTcc: true,
// Disables or enables REMB (the default is in Jicofo and set to false)
// (draft-alvestrand-rmcat-remb-03). This setting affects congestion
// control, it practically enables recv-side bandwidth estimations. When
// both TCC and REMB are enabled, TCC takes precedence. When both are
// disabled, then bandwidth estimations are disabled.
// enableRemb: false,
// Enables ICE restart logic in LJM and displays the page reload overlay on
// ICE failure. Current disabled by default because it's causing issues with
// signaling when Octo is enabled. Also when we do an "ICE restart"(which is
// not a real ICE restart), the client maintains the TCC sequence number
// counter, but the bridge resets it. The bridge sends media packets with
// TCC sequence numbers starting from 0.
// enableIceRestart: false,
// Defines the minimum number of participants to start a call (the default
// is set in Jicofo and set to 2).
// minParticipants: 2,
// Use the TURN servers discovered via XEP-0215 for the jitsi-videobridge
// connection
// useStunTurn: true,
// Use TURN/UDP servers for the jitsi-videobridge connection (by default
// we filter out TURN/UDP because it is usually not needed since the
// bridge itself is reachable via UDP)
// useTurnUdp: false
// Enables / disables a data communication channel with the Videobridge.
// Values can be 'datachannel', 'websocket', true (treat it as
// 'datachannel'), undefined (treat it as 'datachannel') and false (don't
// open any channel).
// openBridgeChannel: true,
// UI
//
// Require users to always specify a display name.
// requireDisplayName: true,
// Whether to use a welcome page or not. In case it's false a random room
// will be joined when no room is specified.
enableWelcomePage: true,
// Enabling the close page will ignore the welcome page redirection when
// a call is hangup.
// enableClosePage: false,
// Disable hiding of remote thumbnails when in a 1-on-1 conference call.
// disable1On1Mode: false,
// Default language for the user interface.
// defaultLanguage: 'en',
// If true all users without a token will be considered guests and all users
// with token will be considered non-guests. Only guests will be allowed to
// edit their profile.
enableUserRolesBasedOnToken: false,
// Whether or not some features are checked based on token.
// enableFeaturesBasedOnToken: false,
// Enable lock room for all moderators, even when userRolesBasedOnToken is enabled and participants are guests.
// lockRoomGuestEnabled: false,
// When enabled the password used for locking a room is restricted to up to the number of digits specified
// roomPasswordNumberOfDigits: 10,
// default: roomPasswordNumberOfDigits: false,
// Message to show the users. Example: 'The service will be down for
// maintenance at 01:00 AM GMT,
// noticeMessage: '',
// Enables calendar integration, depends on googleApiApplicationClientID
// and microsoftApiApplicationClientID
// enableCalendarIntegration: false,
// When 'true', it shows an intermediate page before joining, where the user can configure its devices.
// prejoinPageEnabled: false,
// If true, shows the unsafe roon name warning label when a room name is
// deemed unsafe (due to the simplicity in the name) and a password is not
// set or the lobby is not enabled.
// enableInsecureRoomNameWarning: false,
// Stats
//
// Whether to enable stats collection or not in the TraceablePeerConnection.
// This can be useful for debugging purposes (post-processing/analysis of
// the webrtc stats) as it is done in the jitsi-meet-torture bandwidth
// estimation tests.
// gatherStats: false,
// The interval at which PeerConnection.getStats() is called. Defaults to 10000
// pcStatsInterval: 10000,
// To enable sending statistics to callstats.io you must provide the
// Application ID and Secret.
// callStatsID: '',
// callStatsSecret: '',
// enables sending participants display name to callstats
// enableDisplayNameInStats: false,
// enables sending participants email if available to callstats and other analytics
// enableEmailInStats: false,
// Privacy
//
// If third party requests are disabled, no other server will be contacted.
// This means avatars will be locally generated and callstats integration
// will not function.
// disableThirdPartyRequests: false,
// Peer-To-Peer mode: used (if enabled) when there are just 2 participants.
//
p2p: {
// Enables peer to peer mode. When enabled the system will try to
// establish a direct connection when there are exactly 2 participants
// in the room. If that succeeds the conference will stop sending data
// through the JVB and use the peer to peer connection instead. When a
// 3rd participant joins the conference will be moved back to the JVB
// connection.
enabled: true,
// Use XEP-0215 to fetch STUN and TURN servers.
// useStunTurn: true,
// The STUN servers that will be used in the peer to peer connections
stunServers: [
// { urls: 'stun:__DOMAIN__:4446' },
{ urls: 'stun:meet-jit-si-turnrelay.jitsi.net:443' }
],
// Sets the ICE transport policy for the p2p connection. At the time
// of this writing the list of possible values are 'all' and 'relay',
// but that is subject to change in the future. The enum is defined in
// the WebRTC standard:
// https://www.w3.org/TR/webrtc/#rtcicetransportpolicy-enum.
// If not set, the effective value is 'all'.
// iceTransportPolicy: 'all',
// If set to true, it will prefer to use H.264 for P2P calls (if H.264
// is supported).
preferH264: true
// If set to true, disable H.264 video codec by stripping it out of the
// SDP.
// disableH264: false,
// How long we're going to wait, before going back to P2P after the 3rd
// participant has left the conference (to filter out page reload).
// backToP2PDelay: 5
},
analytics: {
// The Google Analytics Tracking ID:
// googleAnalyticsTrackingId: 'your-tracking-id-UA-123456-1'
// Matomo configuration:
// matomoEndpoint: 'https://your-matomo-endpoint/',
// matomoSiteID: '42',
// The Amplitude APP Key:
// amplitudeAPPKey: '<APP_KEY>'
// Array of script URLs to load as lib-jitsi-meet "analytics handlers".
// scriptURLs: [
// "libs/analytics-ga.min.js", // google-analytics
// "https://example.com/my-custom-analytics.js"
// ],
},
// Information about the jitsi-meet instance we are connecting to, including
// the user region as seen by the server.
deploymentInfo: {
// shard: "shard1",
// region: "europe",
// userRegion: "asia"
},
// Decides whether the start/stop recording audio notifications should play on record.
// disableRecordAudioNotification: false,
// Information for the chrome extension banner
// chromeExtensionBanner: {
// // The chrome extension to be installed address
// url: 'https://chrome.google.com/webstore/detail/jitsi-meetings/kglhbbefdnlheedjiejgomgmfplipfeb',
// // Extensions info which allows checking if they are installed or not
// chromeExtensionsInfo: [
// {
// id: 'kglhbbefdnlheedjiejgomgmfplipfeb',
// path: 'jitsi-logo-48x48.png'
// }
// ]
// },
// Local Recording
//
// localRecording: {
// Enables local recording.
// Additionally, 'localrecording' (all lowercase) needs to be added to
// TOOLBAR_BUTTONS in interface_config.js for the Local Recording
// button to show up on the toolbar.
//
// enabled: true,
//
// The recording format, can be one of 'ogg', 'flac' or 'wav'.
// format: 'flac'
//
// },
// Options related to end-to-end (participant to participant) ping.
// e2eping: {
// // The interval in milliseconds at which pings will be sent.
// // Defaults to 10000, set to <= 0 to disable.
// pingInterval: 10000,
//
// // The interval in milliseconds at which analytics events
// // with the measured RTT will be sent. Defaults to 60000, set
// // to <= 0 to disable.
// analyticsInterval: 60000,
// },
// If set, will attempt to use the provided video input device label when
// triggering a screenshare, instead of proceeding through the normal flow
// for obtaining a desktop stream.
// NOTE: This option is experimental and is currently intended for internal
// use only.
// _desktopSharingSourceDevice: 'sample-id-or-label',
// If true, any checks to handoff to another application will be prevented
// and instead the app will continue to display in the current browser.
// disableDeepLinking: false,
// A property to disable the right click context menu for localVideo
// the menu has option to flip the locally seen video for local presentations
// disableLocalVideoFlip: false,
// Mainly privacy related settings
// Disables all invite functions from the app (share, invite, dial out...etc)
// disableInviteFunctions: true,
// Disables storing the room name to the recents list
// doNotStoreRoom: true,
// Deployment specific URLs.
// deploymentUrls: {
// // If specified a 'Help' button will be displayed in the overflow menu with a link to the specified URL for
// // user documentation.
// userDocumentationURL: 'https://docs.example.com/video-meetings.html',
// // If specified a 'Download our apps' button will be displayed in the overflow menu with a link
// // to the specified URL for an app download page.
// downloadAppsUrl: 'https://docs.example.com/our-apps.html'
// },
// Options related to the remote participant menu.
// remoteVideoMenu: {
// // If set to true the 'Kick out' button will be disabled.
// disableKick: true
// },
// If set to true all muting operations of remote participants will be disabled.
// disableRemoteMute: true,
/**
External API url used to receive branding specific information.
If there is no url set or there are missing fields, the defaults are applied.
None of the fieds are mandatory and the response must have the shape:
{
// The hex value for the colour used as background
backgroundColor: '#fff',
// The url for the image used as background
backgroundImageUrl: 'https://example.com/background-img.png',
// The anchor url used when clicking the logo image
logoClickUrl: 'https://example-company.org',
// The url used for the image used as logo
logoImageUrl: 'https://example.com/logo-img.png'
}
*/
// brandingDataUrl: '',
// List of undocumented settings used in jitsi-meet
/**
_immediateReloadThreshold
autoRecord
autoRecordToken
debug
debugAudioLevels
deploymentInfo
dialInConfCodeUrl
dialInNumbersUrl
dialOutAuthUrl
dialOutCodesUrl
disableRemoteControl
displayJids
etherpad_base
externalConnectUrl
firefox_fake_device
googleApiApplicationClientID
iAmRecorder
iAmSipGateway
microsoftApiApplicationClientID
peopleSearchQueryTypes
peopleSearchUrl
requireDisplayName
tokenAuthUrl
*/
// List of undocumented settings used in lib-jitsi-meet
/**
_peerConnStatusOutOfLastNTimeout
_peerConnStatusRtcMuteTimeout
abTesting
avgRtpStatsN
callStatsConfIDNamespace
callStatsCustomScriptUrl
desktopSharingSources
disableAEC
disableAGC
disableAP
disableHPF
disableNS
enableLipSync
enableTalkWhileMuted
forceJVB121Ratio
hiddenDomain
ignoreStartMuted
nick
startBitrate
*/
// Allow all above example options to include a trailing comma and
// prevent fear when commenting out the last value.
makeJsonParserHappy: 'even if last key had a trailing comma'
// no configuration value should follow this line.
};
/* eslint-enable no-unused-vars, no-var */

7
conf/jicofo.src
View file

@ -1,7 +0,0 @@
SOURCE_URL=https://download.jitsi.org/stable/jicofo_1.0-644-1_all.deb
SOURCE_SUM=3bb26605f64becbf29a2d9b1ef75ff8ef8536732c5fb93371789ddadae1077a4
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=deb
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=jicofo.deb
SOURCE_EXTRACT=false

12
conf/jitsi-jicofo.config → conf/jitsi-jicofo-config
View file

@ -5,18 +5,12 @@ JICOFO_HOST=127.0.0.1
# sets the XMPP domain (default: none)
JICOFO_HOSTNAME=__DOMAIN__
# sets the port to use for the XMPP component connection
JICOFO_PORT=__PORT_COMPONENT__
# sets the secret used to authenticate as an XMPP component
JICOFO_SECRET=__FOCUS_SECRET__
# sets the XMPP domain name to use for XMPP user logins
JICOFO_AUTH_DOMAIN=auth.__DOMAIN__
# sets the username to use for XMPP user logins
JICOFO_AUTH_USER=__FOCUS_USER__
# sets the XMPP domain name to use for XMPP user logins
JICOFO_AUTH_DOMAIN=auth.__DOMAIN__
# sets the password to use for XMPP user logins
JICOFO_AUTH_PASSWORD=__FOCUS_PASSWORD__
@ -24,4 +18,4 @@ JICOFO_AUTH_PASSWORD=__FOCUS_PASSWORD__
JICOFO_OPTS=""
# adds java system props that are passed to jicofo (default are for home and logging config file)
JAVA_SYS_PROPS="-Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/__APP__ -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=jicofo -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/__APP__ -Djava.util.logging.config.file=/etc/__APP__/jicofo/logging.properties"
JAVA_SYS_PROPS="-Dconfig.file=/etc/__APP__/jicofo/jicofo.conf -Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/__APP__ -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=jicofo -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/__APP__ -Djava.util.logging.config.file=/etc/__APP__/jicofo/logging.properties"

13
conf/jitsi-jicofo-jicofo.conf Normal file
View file

@ -0,0 +1,13 @@
# Jicofo HOCON configuration. See reference.conf in /usr/share/jicofo/jicofo.jar for
#available options, syntax, and default values.
jicofo {
xmpp: {
client: {
client-proxy: focus.__DOMAIN__
}
trusted-domains: [ "recorder.__DOMAIN__" ]
}
bridge: {
brewery-jid: "JvbBrewery@internal.auth.__DOMAIN__"
}
}

25
conf/jitsi-jicofo-logging.properties
View file

@ -6,23 +6,14 @@ handlers= java.util.logging.ConsoleHandler
# Handlers with syslog enabled:
#handlers= java.util.logging.ConsoleHandler, com.agafua.syslog.SyslogHandler
#handlers= java.util.logging.ConsoleHandler, io.sentry.jul.SentryHandler
java.util.logging.ConsoleHandler.level = ALL
java.util.logging.ConsoleHandler.formatter = net.java.sip.communicator.util.ScLogFormatter
java.util.logging.ConsoleHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter
java.util.logging.ConsoleHandler.filter = org.jitsi.impl.protocol.xmpp.log.ExcludeXmppPackets
net.java.sip.communicator.util.ScLogFormatter.programname=Jicofo
org.jitsi.utils.logging2.JitsiLogFormatter.programname=Jicofo
.level=INFO
net.sf.level=SEVERE
net.java.sip.communicator.plugin.reconnectplugin.level=FINE
org.ice4j.level=SEVERE
org.jitsi.impl.neomedia.level=SEVERE
# Do not worry about missing strings
net.java.sip.communicator.service.resources.AbstractResourcesService.level=SEVERE
#net.java.sip.communicator.service.protocol.level=ALL
# To enable XMPP packets logging add XmppPacketsFileHandler to the handlers property
org.jitsi.impl.protocol.xmpp.log.PacketDebugger.level=ALL
@ -31,17 +22,17 @@ org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler.append=true
org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler.limit=200000000
org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler.count=3
# Syslog(uncomment handler to use)
# Syslog (uncomment handler to use)
com.agafua.syslog.SyslogHandler.transport = udp
com.agafua.syslog.SyslogHandler.facility = local0
com.agafua.syslog.SyslogHandler.port = 514
com.agafua.syslog.SyslogHandler.hostname = 127.0.0.1
com.agafua.syslog.SyslogHandler.formatter = net.java.sip.communicator.util.ScLogFormatter
com.agafua.syslog.SyslogHandler.hostname = localhost
com.agafua.syslog.SyslogHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter
com.agafua.syslog.SyslogHandler.escapeNewlines = false
com.agafua.syslog.SyslogHandler.filter = org.jitsi.impl.protocol.xmpp.log.ExcludeXmppPackets
# to disable double timestamps in syslog uncomment next line
#net.java.sip.communicator.util.ScLogFormatter.disableTimestamp=true
# Sentry (uncomment handler to use)
io.sentry.jul.SentryHandler.level=WARNING
# uncomment to see how Jicofo talks to the JVB
#org.jitsi.impl.protocol.xmpp.colibri.level=ALL

2
conf/jitsi-jicofo-sip-communicator.properties
View file

@ -1,2 +0,0 @@
org.jitsi.jicofo.BRIDGE_MUC=JvbBrewery@internal.auth.__DOMAIN__
org.jitsi.jicofo.health.ENABLE_HEALTH_CHECKS=true

4
conf/jitsi-jicofo.service
View file

@ -6,8 +6,8 @@ After=network.target
EnvironmentFile=/etc/__APP__/jicofo/config
Environment=LOGFILE=/var/log/__APP__/jitsi-jicofo.log
User=__APP__
WorkingDirectory=__FINALPATH__/jicofo/
ExecStart=/bin/bash -c "exec __FINALPATH__/jicofo/jicofo.sh --host=${JICOFO_HOST} --domain=${JICOFO_HOSTNAME} --port=${JICOFO_PORT} --secret=${JICOFO_SECRET} --user_name=${JICOFO_AUTH_USER} --user_domain=${JICOFO_AUTH_DOMAIN} --user_password=${JICOFO_AUTH_PASSWORD} ${JICOFO_OPTS} < /dev/null >> ${LOGFILE} 2>&1"
WorkingDirectory=__FINALPATH__/jitsi-jicofo/
ExecStart=/bin/bash -c "exec __FINALPATH__/jitsi-jicofo/jicofo.sh --host=${JICOFO_HOST} --domain=${JICOFO_HOSTNAME} --port=${JICOFO_PORT} --secret=${JICOFO_SECRET} --user_name=${JICOFO_AUTH_USER} --user_domain=${JICOFO_AUTH_DOMAIN} --user_password=${JICOFO_AUTH_PASSWORD} ${JICOFO_OPTS} < /dev/null >> ${LOGFILE} 2>&1"
[Install]
WantedBy=multi-user.target

7
conf/jitsi-jicofo.src Normal file
View file

@ -0,0 +1,7 @@
SOURCE_URL=https://download.jitsi.org/stable/jicofo_1.0-846-1_all.deb
SOURCE_SUM=aac0143b8c83932d6f934a8b6fca54c75f541613aab8beb9e96ce5b0eb9051bf
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=deb
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=jitsi-jicofo.deb
SOURCE_EXTRACT=false

1264
conf/jitsi-meet-config.js Normal file
View file

File diff suppressed because it is too large Load diff

4
conf/jitsi-meet-prosody.src
View file

@ -1,5 +1,5 @@
SOURCE_URL=https://download.jitsi.org/stable/jitsi-meet-prosody_1.0.4466-1_all.deb
SOURCE_SUM=8fd9a721cdeca7f88c825034679514ddb9c75c81dd615966f3fc3bd09812ea05
SOURCE_URL=https://download.jitsi.org/stable/jitsi-meet-prosody_1.0.5818-1_all.deb
SOURCE_SUM=0808e2be09149aec08326a4f49e58d1beaed41e040e5717a1796d5f5c5f000bc
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=deb
SOURCE_IN_SUBDIR=true

4
conf/jitsi-meet-web.src
View file

@ -1,5 +1,5 @@
SOURCE_URL=https://download.jitsi.org/stable/jitsi-meet-web_1.0.4466-1_all.deb
SOURCE_SUM=1129e848b5b1711ca41d160658033f6a427d1eb9f961a168df7bda6ab1180b01
SOURCE_URL=https://download.jitsi.org/stable/jitsi-meet-web_1.0.5818-1_all.deb
SOURCE_SUM=72e260c0d3f046e94c05d4441de57f3012213cffe360794f09f4d2db6125fcc1
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=deb
SOURCE_IN_SUBDIR=true

3
conf/jitsi-videobridge-20-jvb-udp-buffers.conf
View file

@ -1,3 +0,0 @@
# this sets the max, so that we can bump the JVB UDP single port buffer size.
net.core.rmem_max=10485760
net.core.netdev_max_backlog=100000

12
conf/jitsi-videobridge-jvb.conf Normal file
View file

@ -0,0 +1,12 @@
videobridge {
http-servers {
public {
port = 9090
}
}
websockets {
enabled = true
domain = "__DOMAIN__:443"
tls = true
}
}

33
conf/jitsi-videobridge-log4j2.xml
View file

@ -1,33 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<Configuration>
<Properties>
<Property name="log-path">/var/log/__APP__</Property>
</Properties>
<Appenders>
<RollingFile name="RollingFile" fileName="${log-path}/cs.log"
filePattern="${log-path}/$${date:yyyy-MM}/cs-%d{MM-dd-yyyy}-%i.log.gz">
<PatternLayout pattern="%d %-5p (%F:%L) - %m%n"/>
<Policies>
<TimeBasedTriggeringPolicy />
<SizeBasedTriggeringPolicy size="250 MB"/>
</Policies>
</RollingFile>
<!--
<Console name="STDOUT" target="SYSTEM_OUT">
<PatternLayout pattern="%d %-5p (%F:%L) - %m%n"/>
</Console>
-->
</Appenders>
<Loggers>
<!--<Logger name="org.apache.log4j.xml" level="debug"/>-->
<Logger name="org.apache.log4j.xml" level="info"/>
<Root level="info">
<AppenderRef ref="RollingFile"/>
<!-- <AppenderRef ref="STDOUT"/> -->
</Root>
</Loggers>
</Configuration>
<!--
-Dlog4j.configurationFile=config/log4j2.xml has to be used in VM args
-->

31
conf/jitsi-videobridge-logging.properties
View file

@ -1,25 +1,34 @@
handlers= java.util.logging.ConsoleHandler
#handlers= java.util.logging.ConsoleHandler, com.agafua.syslog.SyslogHandler
#handlers= java.util.logging.ConsoleHandler, io.sentry.jul.SentryHandler
java.util.logging.ConsoleHandler.level = ALL
java.util.logging.ConsoleHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter
net.java.sip.communicator.util.ScLogFormatter.programname=JVB
org.jitsi.utils.logging2.JitsiLogFormatter.programname=JVB
.level=INFO
org.jitsi.videobridge.xmpp.ComponentImpl.level=FINE
# All of the INFO level logs from MediaStreamImpl are unnecessary in the context of jitsi-videobridge.
org.jitsi.impl.neomedia.MediaStreamImpl.level=WARNING
# Syslog(uncomment handler to use)
# Syslog (uncomment handler to use)
com.agafua.syslog.SyslogHandler.transport = udp
com.agafua.syslog.SyslogHandler.facility = local0
com.agafua.syslog.SyslogHandler.port = 514
com.agafua.syslog.SyslogHandler.hostname = 127.0.0.1
com.agafua.syslog.SyslogHandler.hostname = localhost
com.agafua.syslog.SyslogHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter
com.agafua.syslog.SyslogHandler.escapeNewlines = false
# to disable double timestamps in syslog uncomment next line
#net.java.sip.communicator.util.ScLogFormatter.disableTimestamp=true
# Sentry (uncomment handler to use)
io.sentry.jul.SentryHandler.level=WARNING
# time series logging
java.util.logging.SimpleFormatter.format= %5$s%n
java.util.logging.FileHandler.level = ALL
java.util.logging.FileHandler.formatter = java.util.logging.SimpleFormatter
java.util.logging.FileHandler.pattern = /tmp/jvb-series.log
java.util.logging.FileHandler.limit = 200000000
java.util.logging.FileHandler.count = 1
java.util.logging.FileHandler.append = false
timeseries.level=OFF
timeseries.useParentHandlers = false
# time series logging is disabled by default. Uncomment the line below to enable it.
#timeseries.handlers = java.util.logging.FileHandler

12
conf/jitsi-videobridge.config
View file

@ -1,20 +1,16 @@
# Jitsi Videobridge settings
# sets the hostname of the XMPP server (default: domain if set, 127.0.0.1 otherwise)
JVB_HOST=127.0.0.1
# sets the XMPP domain (default: none)
JVB_HOSTNAME=__DOMAIN__
# sets the hostname of the XMPP server (default: domain if set, 127.0.0.1 otherwise)
JVB_HOST=127.0.0.1
# sets the port of the XMPP server (default: 5275)
JVB_PORT=__PORT_COMPONENT__
# sets the shared secret used to authenticate to the XMPP server
JVB_SECRET=__VIDEOBRIDGE_SECRET__
# extra options to pass to the JVB daemon
JVB_OPTS="--apis=xmpp,rest"
# adds java system props that are passed to jvb (default are for home and logging config file)
JAVA_SYS_PROPS="-Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/__APP__ -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=videobridge -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/__APP__ -Djava.util.logging.config.file=/etc/__APP__/videobridge/logging.properties"
JAVA_SYS_PROPS="-Dconfig.file=/etc/__APP__/videobridge/jvb.conf -Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/__APP__ -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=videobridge -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/__APP__ -Djava.util.logging.config.file=/etc/__APP__/videobridge/logging.properties"

4
conf/jitsi-videobridge.src
View file

@ -1,5 +1,5 @@
SOURCE_URL=https://download.jitsi.org/stable/jitsi-videobridge2_2.1-376-g9f12bfe2-1_all.deb
SOURCE_SUM=06594db323a76d76a78c6085a9f3042a1f21e641d9abd1c31b20edfd0eaa5a3b
SOURCE_URL=https://download.jitsi.org/stable/jitsi-videobridge2_2.1-617-ga8b39c3f-1_all.deb
SOURCE_SUM=0bb47e1c96736bd5f3fe595223424cefc7d9a4a1db2be4d4cc87c4206d71df5e
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=deb
SOURCE_IN_SUBDIR=true

96
conf/metronome.cfg.lua
View file

@ -1,96 +0,0 @@
component_ports = { __PORT_COMPONENT__ }
-- Make the focus user a global administrator
admins = { "__FOCUS_USER__@auth.__DOMAIN__" }
-- c2s_require_encryption = false --Why would it be needed?
-- s2s_secure_auth = false
plugin_paths = { "__FINAL_PATH__/jitsi-meet-prosody/" }
-- domain mapper options, must at least have domain base set to use the mapper
muc_mapper_domain_base = "__DOMAIN__";
cross_domain_bosh = false;
consider_bosh_secure = true;
VirtualHost "__DOMAIN__"
authentication = "anonymous"
-- Properties below are modified by jitsi-meet-tokens package config
-- and authentication above is switched to "token"
--app_id="example_app_id"
--app_secret="example_app_secret"
-- Assign this host a certificate for TLS, otherwise it would use the one
-- set in the global section (if any).
-- Note that old-style SSL on port 5223 only supports one certificate, and will always
-- use the global one.
ssl = {
key = "/etc/yunohost/certs/__DOMAIN__/key.pem";
certificate = "/etc/yunohost/certs/__DOMAIN__/crt.pem";
}
speakerstats_component = "speakerstats.__DOMAIN__"
conference_duration_component = "conferenceduration.__DOMAIN__"
-- we need bosh
modules_enabled = {
"bosh";
"pubsub";
"ping"; -- Enable mod_ping
"speakerstats";
-- "turncredentials";
"conference_duration";
"extdisco";
}
c2s_require_encryption = false
external_services = {
["__DOMAIN__"] = {
{ type = "stun", port = "4446", trasport = "udp" },
{ type = "stun", port = "4446", trasport = "tcp" },
{ type = "turn", port = "4446", transport = "udp", turn_secret = "__TURN_SECRET__", turn_ttl = "86400" },
{ type = "turns", port = "443", transport = "tcp", turn_secret = "__TURN_SECRET__", turn_ttl = "86400" }
}
}
Component "conference.__DOMAIN__" "muc"
storage = "internal"
modules_enabled = {
"muc_meeting_id";
"muc_domain_mapper";
-- "token_verification";
}
admins = { "__FOCUS_USER__@auth.__DOMAIN__" }
allow_anonymous_creation = true
instant_room_on_creation = true
room_default_config = {
whois = "anyone";
}
-- internal muc component
Component "internal.auth.__DOMAIN__" "muc"
storage = "internal"
modules_enabled = {
"ping";
}
admins = { "__FOCUS_USER__@auth.__DOMAIN__", "__VIDEOBRIDGE_USER__@auth.__DOMAIN__" }
instant_room_on_creation = true
room_default_config = {
whois = "anyone";
}
VirtualHost "auth.__DOMAIN__"
ssl = {
key = "/etc/yunohost/certs/auth.__DOMAIN__/key.pem";
certificate = "/etc/yunohost/certs/auth.__DOMAIN__/crt.pem";
}
authentication = "internal_plain"
Component "focus.__DOMAIN__"
component_secret = "__FOCUS_SECRET__"
Component "jitsi-videobridge.__DOMAIN__"
component_secret = "__VIDEOBRIDGE_SECRET__"
Component "speakerstats.__DOMAIN__" "speakerstats_component"
muc_component = "conference.__DOMAIN__"
Component "conferenceduration.__DOMAIN__" "conference_duration_component"
muc_component = "conference.__DOMAIN__"

29
conf/metronome_regen_conf.hook
View file

@ -1,29 +0,0 @@
#!/bin/bash
force=${2:-0} # 0/1 --force argument
dryrun=${3:-0} # 0/1 --dry-run argument
pending_conf=$4 # Path of the pending conf file
do_pre_regen() {
# Add specific domain metronome conf
cp -af "/usr/share/yunohost/templates/jitsi/." "${pending_conf}/../metronome/etc/metronome/conf.d/"
}
do_post_regen() {
regen_conf_files=$1
}
case "$1" in
pre)
do_pre_regen
;;
post)
do_post_regen
;;
*)
echo "Hook called with unknown argument \`$1'" >&2
exit 1
;;
esac
exit 0

36
conf/nginx.conf
View file

@ -20,20 +20,23 @@ location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.
{
add_header 'Access-Control-Allow-Origin' '*';
alias __FINALPATH__/jitsi-meet-web/$1/$2;
# cache all versioned files
if ($arg_v) {
expires 1y;
}
}
# BOSH
location = /http-bind {
proxy_pass http://127.0.0.1:5290/http-bind;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:5280/http-bind?prefix=$prefix&$args;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_buffering off;
tcp_nodelay on;
proxy_set_header Host $http_host;
}
# xmpp websockets
location = /xmpp-websocket {
proxy_pass http://127.0.0.1:5290/xmpp-websocket?prefix=$prefix&$args;
proxy_pass http://127.0.0.1:5280/xmpp-websocket?prefix=$prefix&$args;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
@ -41,6 +44,15 @@ location = /xmpp-websocket {
tcp_nodelay on;
}
# colibri (JVB) websockets for jvb1
location ~ ^/colibri-ws/default-id/(.*) {
proxy_pass http://127.0.0.1:9090/colibri-ws/default-id/$1$is_args$args;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
tcp_nodelay on;
}
location ~ ^/([^/?&:'"]+)$ {
try_files $uri @root_path;
}
@ -57,13 +69,6 @@ location ~ ^/([^/?&:'"]+)/config.js$
alias /etc/__NAME__/meet/__DOMAIN__-config.js;
}
#Anything that didn't match above, and isn't a real file, assume it's a room name and redirect to /
location ~ ^/([^/?&:'"]+)/(.*)$ {
set $subdomain "$1.";
set $subdir "$1/";
rewrite ^/([^/?&:'"]+)/(.*)$ /$2;
}
# BOSH for subdomains
location ~ ^/([^/?&:'"]+)/http-bind {
set $subdomain "$1.";
@ -81,3 +86,10 @@ location ~ ^/([^/?&:'"]+)/xmpp-websocket {
rewrite ^/(.*)$ /xmpp-websocket;
}
#Anything that didn't match above, and isn't a real file, assume it's a room name and redirect to /
location ~ ^/([^/?&:'"]+)/(.*)$ {
set $subdomain "$1.";
set $subdir "$1/";
rewrite ^/([^/?&:'"]+)/(.*)$ /$2;
}

128
conf/prosody.cfg.lua Normal file
View file

@ -0,0 +1,128 @@
plugin_paths = { "__FINALPATH__/jitsi-meet-prosody/" }
-- domain mapper options, must at least have domain base set to use the mapper
muc_mapper_domain_base = "__DOMAIN__";
external_service_secret = "__TURN_SECRET__";
external_services = {
{ type = "stun", host = "__DOMAIN__", port = 3478 },
{ type = "turn", host = "__DOMAIN__", port = 3478, transport = "udp", secret = true, ttl = 86400, algorithm = "turn" },
{ type = "turns", host = "__DOMAIN__", port = 5349, transport = "tcp", secret = true, ttl = 86400, algorithm = "turn" }
};
cross_domain_bosh = false;
consider_bosh_secure = true;
-- https_ports = { }; -- Remove this line to prevent listening on port 5284
-- https://ssl-config.mozilla.org/#server=haproxy&version=2.1&config=intermediate&openssl=1.1.0g&guideline=5.4
ssl = {
protocol = "tlsv1_2+";
ciphers = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"
}
unlimited_jids = {
"__FOCUS_USER__@auth.__DOMAIN__",
"__VIDEOBRIDGE_USER__@auth.__DOMAIN__"
}
VirtualHost "__DOMAIN__"
-- enabled = false -- Remove this line to enable this host
authentication = "anonymous"
-- Properties below are modified by jitsi-meet-tokens package config
-- and authentication above is switched to "token"
--app_id="example_app_id"
--app_secret="example_app_secret"
-- Assign this host a certificate for TLS, otherwise it would use the one
-- set in the global section (if any).
-- Note that old-style SSL on port 5223 only supports one certificate, and will always
-- use the global one.
ssl = {
key = "/etc/prosody/certs/__DOMAIN__.key";
certificate = "/etc/prosody/certs/__DOMAIN__.crt";
}
av_moderation_component = "avmoderation.__DOMAIN__"
speakerstats_component = "speakerstats.__DOMAIN__"
conference_duration_component = "conferenceduration.__DOMAIN__"
-- we need bosh
modules_enabled = {
"bosh";
"pubsub";
"ping"; -- Enable mod_ping
"speakerstats";
"external_services";
"conference_duration";
"muc_lobby_rooms";
"muc_breakout_rooms";
"av_moderation";
}
c2s_require_encryption = false
lobby_muc = "lobby.__DOMAIN__"
breakout_rooms_muc = "breakout.__DOMAIN__"
main_muc = "conference.__DOMAIN__"
-- muc_lobby_whitelist = { "recorder.__DOMAIN__" } -- Here we can whitelist jibri to enter lobby enabled rooms
Component "conference.__DOMAIN__" "muc"
restrict_room_creation = true
storage = "memory"
modules_enabled = {
"muc_meeting_id";
"muc_domain_mapper";
"polls";
--"token_verification";
"muc_rate_limit";
}
admins = { "__FOCUS_USER__@auth.__DOMAIN__" }
muc_room_locking = false
muc_room_default_public_jids = true
Component "breakout.__DOMAIN__" "muc"
restrict_room_creation = true
storage = "memory"
modules_enabled = {
"muc_meeting_id";
"muc_domain_mapper";
--"token_verification";
"muc_rate_limit";
}
admins = { "__FOCUS_USER__@auth.__DOMAIN__" }
muc_room_locking = false
muc_room_default_public_jids = true
-- internal muc component
Component "internal.auth.__DOMAIN__" "muc"
storage = "memory"
modules_enabled = {
"ping";
}
admins = { "__FOCUS_USER__@auth.__DOMAIN__", "__VIDEOBRIDGE_USER__@auth.__DOMAIN__" }
muc_room_locking = false
muc_room_default_public_jids = true
VirtualHost "auth.__DOMAIN__"
modules_enabled = {
"limits_exception";
}
authentication = "internal_hashed"
-- Proxy to jicofo's user JID, so that it doesn't have to register as a component.
Component "focus.__DOMAIN__" "client_proxy"
target_address = "__FOCUS_USER__@auth.__DOMAIN__"
Component "speakerstats.__DOMAIN__" "speakerstats_component"
muc_component = "conference.__DOMAIN__"
Component "conferenceduration.__DOMAIN__" "conference_duration_component"
muc_component = "conference.__DOMAIN__"
Component "avmoderation.__DOMAIN__" "av_moderation_component"
muc_component = "conference.__DOMAIN__"
Component "lobby.__DOMAIN__" "muc"
storage = "memory"
restrict_room_creation = true
muc_room_locking = false
muc_room_default_public_jids = true
modules_enabled = {
"muc_rate_limit";
"polls";
}

0
doc/.gitkeep Normal file
View file

9
doc/DESCRIPTION.md Normal file
View file

@ -0,0 +1,9 @@
Jitsi Meet is a libre software (Apache) WebRTC JavaScript app that uses Jitsi Videobridge to provide high quality, secure, and scalable video conferences.
## Disclaimer
**Jitsi** for YunoHost for now as some limitations:
* Can only be used using Chrome/Chromium
* Is limited to two participants
Those limitations come from the packaging of the upstream app. Have to be improved.

8
doc/DESCRIPTION_fr.md Normal file
View file

@ -0,0 +1,8 @@
Jitsi Meet est un logiciel libre (Apache) dont Jitsi Videobridge, avec WebRTC Javascript, propose des vidéos-conférences de haute qualité, sécurisées et évolutives.
## Avertissements
**Jitsi-meet** pour YunoHost est limité actuellement :
* Il ne peut être utilisé qu'avec Chrome ou un navigateur basé sur Chromium
* Il est limité à 2 participants par réunion
Ces limitations viennent de la manière dont l'application a été empaquetée pour YunoHost. À améliorer.

9
doc/DISCLAIMER.md Normal file
View file

@ -0,0 +1,9 @@
## Important points before installing
1. **Jitsi** requires a dedicated **root domain**, eg. jitsi.domain.tld
2. **Jitsi** requires you create additionals domains in your DNS and in your YunoHost
* auth.jitsi.domain.tld
* conference.jitsi.domain.tld
* jitsi-videobridge.jitsi.domain.tld
* focus.jitsi.domain.tld
3. **Jitsi** requires the ports TCP/4443 and UDP/10000 to be forwarded to your YunoHost (The same way you forwarded 80 (HTTP), 443 (HTTPS), etc... https://yunohost.org/#/isp_box_config)

9
doc/DISCLAIMER_fr.md Normal file
View file

@ -0,0 +1,9 @@
## Points importants à préparer avant l'installation
1. **Jitsi** a besoin d'un **domaine racine** dédié, par exemple : jitsi.domain.tld
2. **Jitsi** nécessite des domaines supplémentaires au niveau du DNS et de votre YunoHost
* auth.jitsi.domain.tld
* conference.jitsi.domain.tld
* jitsi-videobridge.jitsi.domain.tld
* focus.jitsi.domain.tld
3. **Jitsi** demande que les ports TCP/4443 et UDP/10000 soient routés vers votre YunoHost (De la même manière que le sont les ports 80 (HTTP), 443 (HTTPS), etc... https://yunohost.org/#/isp_box_config)

0
doc/screenshots/.gitkeep Normal file
View file

BIN
doc/screenshots/screenshot.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 126 KiB

16
manifest.json
View file

@ -8,6 +8,13 @@
},
"version": "1.0.4466~ynh1",
"url": "https://jitsi.org/Projects/JitMeet",
"upstream": {
"license": "Apache-2.0",
"website": "https://jitsi.org/",
"demo": "https://meet.jit.si/",
"userdoc": "https://jitsi.org/user-faq/",
"code": "https://github.com/jitsi/jitsi-meet"
},
"license": "Apache-2.0",
"maintainer": {
"name": "yalh76"
@ -17,7 +24,7 @@
"email": "julien.malik@paraiso.me"
},
"requirements": {
"yunohost": ">= 3.8"
"yunohost": ">= 4.3.0"
},
"multi_instance": false,
"services": [
@ -27,12 +34,7 @@
"install" : [
{
"name": "domain",
"type": "domain",
"ask": {
"en": "Choose a domain for Jitsi Meet",
"fr": "Choisissez un domaine pour Jitsi Meet"
},
"example": "domain.org"
"type": "domain"
}
]
}

18
pull_request_template.md
View file

@ -1,18 +0,0 @@
## Problem
- *Description of why you made this PR*
## Solution
- *And how do you fix that problem*
## PR Status
- [ ] Code finished.
- [ ] Tested with Package_check.
- [ ] Fix or enhancement tested.
- [ ] Upgrade from last version tested.
- [ ] Can be reviewed and tested.
## Package_check results
---
*If you have access to [App Continuous Integration for packagers](https://yunohost.org/#/packaging_apps_ci) you can provide a link to the package_check results like below, replacing '-NUM-' in this link by the PR number and USERNAME by your username on the ci-apps-dev. Or you provide a screenshot or a pastebin of the results*
[![Build Status](https://ci-apps-dev.yunohost.org/jenkins/job/jitsi_ynh%20PR-NUM-%20(USERNAME)/badge/icon)](https://ci-apps-dev.yunohost.org/jenkins/job/jitsi_ynh%20PR-NUM-%20(USERNAME)/)

27
scripts/backup
View file

@ -47,25 +47,6 @@ ynh_backup --src_path="$final_path"
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# SPECIFIC BACKUP
#=================================================
# BACKUP METRONOME
#=================================================
# Backup Metronome domain conf template
ynh_backup --src_path="/usr/share/yunohost/templates/jitsi/$domain.cfg.lua"
ynh_backup --src_path="/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua"
# Backup Metronome Hook
ynh_backup --src_path="/usr/share/yunohost/hooks/conf_regen/50-metronome_$app"
#=================================================
# BACKUP THE APP CONFIG
#=================================================
ynh_backup --src_path="/etc/$app"
#=================================================
# SPECIFIC BACKUP
#=================================================
@ -81,6 +62,14 @@ ynh_backup --src_path="/etc/logrotate.d/$app"
ynh_backup --src_path="/etc/systemd/system/$app-videobridge.service"
ynh_backup --src_path="/etc/systemd/system/$app-jicofo.service"
#=================================================
# BACKUP VARIOUS FILES
#=================================================
ynh_backup --src_path="/etc/$app/"
ynh_backup --src_path="/etc/prosody/conf.avail/$domain.cfg.lua"
#=================================================
# END OF SCRIPT
#=================================================

177
scripts/install
View file

@ -72,22 +72,22 @@ ynh_app_setting_set --app=$app --key=videobridge_user --value=$videobridge_user
#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_script_progression --message="Configuring firewall..."
ynh_script_progression --message="Finding an available port..."
# Find an available port
port=$(ynh_find_port --port=4443)
port=4443
# Open this port
ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port
ynh_app_setting_set --app=$app --key=port --value=$port
# Find an available port
port_videobridge=$(ynh_find_port --port=10000)
port_videobridge=10000
# Open this port
ynh_exec_warn_less yunohost firewall allow --no-upnp UDP $port_videobridge
ynh_app_setting_set --app=$app --key=port_videobridge --value=$port_videobridge
# Find an available port
port_component=$(ynh_find_port --port=5347)
port_component=5347
ynh_app_setting_set --app=$app --key=port_component --value=$port_component
#=================================================
@ -97,7 +97,18 @@ ynh_script_progression --message="Installing dependencies..."
ynh_install_app_dependencies $pkg_dependencies
#ynh_install_nodejs --nodejs_version=10
if ! yunohost app list | grep -q "prosody"
then
yunohost app install prosody --args "domain=$domain&admin=$admin&language=$language&password=$password"
fi
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..."
# Create a system user
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
@ -105,10 +116,9 @@ ynh_install_app_dependencies $pkg_dependencies
ynh_script_progression --message="Setting up source files..."
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
declare -A packages
packages[jicofo]="jicofo"
packages[jitsi-jicofo]="jicofo"
packages[jitsi-meet-prosody]="jitsi-meet/prosody-plugins"
packages[jitsi-meet-web]="jitsi-meet"
packages[jitsi-videobridge]="jitsi-videobridge"
@ -125,76 +135,46 @@ do
ynh_secure_remove --file="$final_path/${package}_temp"
done
# Adapt prosody module to metronome
for file in $final_path/jitsi-meet-prosody/*.lua
do
ynh_replace_string --match_string="prosody" --replace_string="metronome" --target_file="$file"
ynh_replace_string --match_string="Prosody" --replace_string="Metronome" --target_file="$file"
done
for directory in $final_path/jitsi-meet-prosody/*/; do
for file in $directory/*.lua
do
ynh_replace_string --match_string="prosody" --replace_string="metronome" --target_file="$file"
ynh_replace_string --match_string="Prosody" --replace_string="Metronome" --target_file="$file"
done
done
# workaround for mod_muc_domain_mapper
ynh_replace_string --match_string="module:log(\"debug\"" --replace_string="-- module:log(\"debug\"" --target_file="$final_path/jitsi-meet-prosody/mod_muc_domain_mapper.lua"
chown -R $app: $final_path
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring nginx web server..."
ynh_script_progression --message="Configuring NGINX web server..."
# Create a dedicated nginx config
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..."
# Create a system user
ynh_system_user_create --username=$app --home_dir=$final_path
#=================================================
# SPECIFIC SETUP
#=================================================
# CONFIGURE METRONOME
# CONFIGURE PROSODY
#=================================================
ynh_script_progression --message="Configuring metronome..."
ynh_script_progression --message="Configuring prosody..."
ynh_add_config --template="../conf/prosody.cfg.lua" --destination="/etc/prosody/conf.avail/$domain.cfg.lua"
chmod 644 "/etc/prosody/conf.avail/$domain.cfg.lua"
ln -s "/etc/prosody/conf.avail/$domain.cfg.lua" "/etc/prosody/conf.d/$domain.cfg.lua"
# Create focus user
yunohost domain add auth.$domain
# yunohost user create $focus_user -f $focus_user -l $focus_user -m ${focus_user}@auth.$domain -p $focus_password -q 0
# yunohost user create $videobridge_user -f $videobridge_user -l $videobridge_user -m ${videobridge_user}@auth.$domain -p $videobridge_secret -q 0
echo | prosodyctl cert generate $domain
ln -sf "/var/lib/prosody/$domain.key" "/etc/prosody/certs/$domain.key"
ln -sf "/var/lib/prosody/$domain.crt" "/etc/prosody/certs/$domain.crt"
ln -sf "/var/lib/prosody/$domain.crt" "/usr/local/share/ca-certificates/$domain.crt"
# Add Metronome domain conf template
metronome_conf="/usr/share/yunohost/templates/jitsi/$domain.cfg.lua"
mkdir -p /usr/share/yunohost/templates/jitsi/
cp ../conf/metronome.cfg.lua $metronome_conf
ynh_replace_string --match_string="__PORT_COMPONENT__" --replace_string="$port_component" --target_file="$metronome_conf"
ynh_replace_string --match_string="__FINAL_PATH__" --replace_string="$final_path" --target_file="$metronome_conf"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$metronome_conf"
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$metronome_conf"
ynh_replace_string --match_string="__TURN_SECRET__" --replace_string="$turn_secret" --target_file="$metronome_conf"
ynh_replace_string --match_string="__FOCUS_SECRET__" --replace_string="$focus_secret" --target_file="$metronome_conf"
ynh_replace_string --match_string="__FOCUS_USER__" --replace_string="$focus_user" --target_file="$metronome_conf"
ynh_replace_string --match_string="__VIDEOBRIDGE_USER__" --replace_string="$videobridge_user" --target_file="$metronome_conf"
ynh_replace_string --match_string="__VIDEOBRIDGE_SECRET__" --replace_string="$videobridge_secret" --target_file="$metronome_conf"
echo | prosodyctl cert generate "auth.$domain"
ln -sf "/var/lib/prosody/auth.$domain.key" "/etc/prosody/certs/auth.$domain.key"
ln -sf "/var/lib/prosody/auth.$domain.crt" "/etc/prosody/certs/auth.$domain.crt"
ln -sf "/var/lib/prosody/auth.$domain.crt" "/usr/local/share/ca-certificates/auth.$domain.crt"
touch "/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua"
update-ca-certificates -f
# Add Metronome hook
cp -R ../conf/metronome_regen_conf.hook /usr/share/yunohost/hooks/conf_regen/50-metronome_$app
ynh_systemd_action --service_name="prosody" --action="restart"
yunohost tools regen-conf metronome --force
prosodyctl register "$focus_user" "auth.$domain" "$focus_password"
metronomectl adduser $focus_user@auth.$domain $focus_password || true
metronomectl adduser $videobridge_user@auth.$domain $videobridge_secret || true
prosodyctl register "$videobridge_user" "auth.$domain" "$videobridge_secret"
prosodyctl mod_roster_command subscribe $focus_user.$domain $focus_user@auth.$domain
#=================================================
# CONFIGURE JITSI-VIDEOBRIDGE
@ -209,36 +189,15 @@ ynh_app_setting_set --app=$app --key=muc_nickname --value=$muc_nickname
mkdir -p "/etc/$app/videobridge"
jitsi_videobridge_sip_communicator_conf="/etc/$app/videobridge/sip-communicator.properties"
cp ../conf/jitsi-videobridge-sip-communicator.properties "$jitsi_videobridge_sip_communicator_conf"
ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$jitsi_videobridge_sip_communicator_conf"
ynh_replace_string --match_string="__PRIVATE_IPV4__" --replace_string="$private_ipv4" --target_file="$jitsi_videobridge_sip_communicator_conf"
ynh_replace_string --match_string="__PUBLIC_IPV4__" --replace_string="$public_ipv4" --target_file="$jitsi_videobridge_sip_communicator_conf"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$jitsi_videobridge_sip_communicator_conf"
ynh_replace_string --match_string="__VIDEOBRIDGE_USER__" --replace_string="$videobridge_user" --target_file="$jitsi_videobridge_sip_communicator_conf"
ynh_replace_string --match_string="__VIDEOBRIDGE_SECRET__" --replace_string="$videobridge_secret" --target_file="$jitsi_videobridge_sip_communicator_conf"
ynh_replace_string --match_string="__MUC_NICKNAME__" --replace_string="$muc_nickname" --target_file="$jitsi_videobridge_sip_communicator_conf"
ynh_add_config --template="../conf/jitsi-videobridge-callstats-java-sdk.properties" --destination="/etc/$app/videobridge/callstats-java-sdk.properties"
jitsi_videobridge_conf="/etc/$app/videobridge/config"
cp ../conf/jitsi-videobridge.config "$jitsi_videobridge_conf"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$jitsi_videobridge_conf"
ynh_replace_string --match_string="__PORT_COMPONENT__" --replace_string="$port_component" --target_file="$jitsi_videobridge_conf"
ynh_replace_string --match_string="__VIDEOBRIDGE_SECRET__" --replace_string="$videobridge_secret" --target_file="$jitsi_videobridge_conf"
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$jitsi_videobridge_conf"
ynh_add_config --template="../conf/jitsi-videobridge-jvb.conf" --destination="/etc/$app/videobridge/jvb.conf"
jitsi_videobridge_logging_conf="/etc/$app/videobridge/logging.properties"
cp ../conf/jitsi-videobridge-logging.properties "$jitsi_videobridge_logging_conf"
ynh_add_config --template="../conf/jitsi-videobridge-logging.properties" --destination="/etc/$app/videobridge/logging.properties"
jitsi_videobridge_callstats_java_sdk_conf="/etc/$app/videobridge/callstats-java-sdk.properties"
cp ../conf/jitsi-videobridge-callstats-java-sdk.properties "$jitsi_videobridge_callstats_java_sdk_conf"
ynh_add_config --template="../conf/jitsi-videobridge-sip-communicator.properties" --destination="/etc/$app/videobridge/sip-communicator.properties"
jitsi_videobridge_log4j2_conf="/etc/$app/videobridge/log4j2.xml"
cp ../conf/jitsi-videobridge-log4j2.xml "$jitsi_videobridge_log4j2_conf"
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$jitsi_videobridge_log4j2_conf"
jitsi_videobridge_20_jvb_udp_buffers_conf="/etc/sysctl.d/20-jvb-udp-buffers.conf"
cp ../conf/jitsi-videobridge-20-jvb-udp-buffers.conf "$jitsi_videobridge_20_jvb_udp_buffers_conf"
sysctl --system || true
ynh_add_config --template="../conf/jitsi-videobridge.config" --destination="/etc/$app/videobridge/config"
#=================================================
# CONFIGURE JITSI-JICOFO
@ -247,21 +206,11 @@ ynh_script_progression --message="Configuring Jitsi-Jicofo..."
mkdir -p "/etc/$app/jicofo"
jitsi_jicofo_sip_communicator_conf="/etc/$app/jicofo/sip-communicator.properties"
cp ../conf/jitsi-jicofo-sip-communicator.properties "$jitsi_jicofo_sip_communicator_conf"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$jitsi_jicofo_sip_communicator_conf"
ynh_add_config --template="../conf/jitsi-jicofo-config" --destination="/etc/$app/jicofo/config"
jitsi_jicofo_conf="/etc/$app/jicofo/config"
cp ../conf/jitsi-jicofo.config "$jitsi_jicofo_conf"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$jitsi_jicofo_conf"
ynh_replace_string --match_string="__PORT_COMPONENT__" --replace_string="$port_component" --target_file="$jitsi_jicofo_conf"
ynh_replace_string --match_string="__FOCUS_SECRET__" --replace_string="$focus_secret" --target_file="$jitsi_jicofo_conf"
ynh_replace_string --match_string="__FOCUS_USER__" --replace_string="$focus_user" --target_file="$jitsi_jicofo_conf"
ynh_replace_string --match_string="__FOCUS_PASSWORD__" --replace_string="$focus_password" --target_file="$jitsi_jicofo_conf"
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$jitsi_jicofo_conf"
ynh_add_config --template="../conf/jitsi-jicofo-jicofo.conf" --destination="/etc/$app/jicofo/jicofo.conf"
jitsi_jicofo_logging_conf="/etc/$app/jicofo/logging.properties"
cp ../conf/jitsi-jicofo-logging.properties "$jitsi_jicofo_logging_conf"
ynh_add_config --template="../conf/jitsi-jicofo-logging.properties" --destination="/etc/$app/jicofo/logging.properties"
#=================================================
# CONFIGURE JITSI-MEET
@ -270,9 +219,8 @@ ynh_script_progression --message="Configuring Jitsi-Meet..."
mkdir -p "/etc/$app/meet"
jitsi_meet_conf="/etc/$app/meet/$domain-config.js"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="../conf/config.js"
cpp -undef -P ../conf/config.js -o "$jitsi_meet_conf"
ynh_add_config --template="../conf/jitsi-meet-config.js" --destination="/etc/$app/meet/$domain-config.js"
chmod 644 "/etc/$app/meet/$domain-config.js"
#=================================================
# CREATE LOG DIR
@ -280,6 +228,8 @@ cpp -undef -P ../conf/config.js -o "$jitsi_meet_conf"
ynh_script_progression --message="Creating log dir..."
mkdir -p "/var/log/$app"
chown -R $app: /var/log/$app
chmod -R 770 /var/log/$app
#=================================================
# SETUP SYSTEMD
@ -290,20 +240,6 @@ ynh_script_progression --message="Configuring a systemd service..."
ynh_add_systemd_config --service=$app-videobridge --template="jitsi-videobridge.service"
ynh_add_systemd_config --service=$app-jicofo --template="jitsi-jicofo.service"
#=================================================
# STORE THE CONFIG FILE CHECKSUM
#=================================================
ynh_script_progression --message="Storing the config file checksum..."
# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum --file="$jitsi_videobridge_sip_communicator_conf"
ynh_store_file_checksum --file="$jitsi_videobridge_conf"
ynh_store_file_checksum --file="$jitsi_videobridge_logging_conf"
ynh_store_file_checksum --file="$jitsi_jicofo_sip_communicator_conf"
ynh_store_file_checksum --file="$jitsi_jicofo_conf"
ynh_store_file_checksum --file="$jitsi_jicofo_logging_conf"
ynh_store_file_checksum --file="$jitsi_meet_conf"
#=================================================
# GENERIC FINALIZATION
#=================================================
@ -312,11 +248,10 @@ ynh_store_file_checksum --file="$jitsi_meet_conf"
ynh_script_progression --message="Securing files and directories..."
# Set permissions to app files
chown -R $app: $final_path
chown -R $app: /etc/$app
chown -R $app: /var/log/$app
chmod -R 770 /var/log/$app
#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP LOGROTATE
#=================================================
@ -345,15 +280,15 @@ ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring SSOwat..."
ynh_script_progression --message="Configuring permissions..."
# Make app public
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
ynh_permission_update --permission="main" --add="visitors"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading nginx web server..."
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload

98
scripts/remove
View file

@ -18,9 +18,9 @@ app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
port=$(ynh_app_setting_get --app=$app --key=port)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
port_videobridge=$(ynh_app_setting_get --app=$app --key=port_videobridge)
port_component=$(ynh_app_setting_get --app=$app --key=port_component)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
focus_user=$(ynh_app_setting_get --app=$app --key=focus_user)
videobridge_user=$(ynh_app_setting_get --app=$app --key=videobridge_user)
@ -30,7 +30,7 @@ videobridge_user=$(ynh_app_setting_get --app=$app --key=videobridge_user)
# REMOVE SERVICE INTEGRATION IN YUNOHOST
#=================================================
# Remove the service from the list of services known by Yunohost (added from `yunohost service add`)
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
if ynh_exec_warn_less yunohost service status $app-videobridge >/dev/null
then
ynh_script_progression --message="Removing $app-videobridge service..."
@ -53,14 +53,39 @@ ynh_remove_systemd_config --service=$app-videobridge
ynh_remove_systemd_config --service=$app-jicofo
#=================================================
# REMOVE DEPENDENCIES
# RECONFIGURE PROSODY
#=================================================
ynh_script_progression --message="Removing dependencies..."
ynh_script_progression --message="Reconfiguring Prosody..."
# Remove metapackage and its dependencies
ynh_remove_app_dependencies
prosodyctl deluser $focus_user@auth.$domain || true
prosodyctl deluser $videobridge_user@auth.$domain || true
#ynh_remove_nodejs
# Remove domain conf template
ynh_secure_remove --file="/etc/prosody/conf.d/$domain.cfg.lua"
ynh_secure_remove --file="/etc/prosody/conf.avail/$domain.cfg.lua"
ynh_secure_remove --file="/etc/prosody/certs/$domain.key"
ynh_secure_remove --file="/etc/prosody/certs/$domain.crt"
ynh_secure_remove --file="/var/lib/prosody/$domain.key"
ynh_secure_remove --file="/var/lib/prosody/$domain.crt"
ynh_secure_remove --file="/var/lib/prosody/$domain.cnf"
ynh_secure_remove --file="/etc/prosody/certs/auth.$domain.key"
ynh_secure_remove --file="/etc/prosody/certs/auth.$domain.crt"
ynh_secure_remove --file="/var/lib/prosody/auth.$domain.key"
ynh_secure_remove --file="/var/lib/prosody/auth.$domain.crt"
ynh_secure_remove --file="/var/lib/prosody/auth.$domain.cnf"
ynh_secure_remove --file="/usr/local/share/ca-certificates/auth.$domain.crt"
update-ca-certificates -f
ynh_systemd_action --service_name=prosody --action=restart
#=================================================
# REMOVE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Removing logrotate configuration..."
# Remove the app-specific logrotate config
ynh_remove_logrotate
#=================================================
# REMOVE APP MAIN DIR
@ -73,18 +98,18 @@ ynh_secure_remove --file="$final_path"
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing nginx web server configuration..."
ynh_script_progression --message="Removing NGINX web server configuration..."
# Remove the dedicated nginx config
# Remove the dedicated NGINX config
ynh_remove_nginx_config
#=================================================
# REMOVE LOGROTATE CONFIGURATION
# REMOVE DEPENDENCIES
#=================================================
ynh_script_progression --message="Removing logrotate configuration..."
ynh_script_progression --message="Removing dependencies..."
# Remove the app-specific logrotate config
ynh_remove_logrotate
# Remove metapackage and its dependencies
ynh_remove_app_dependencies
#=================================================
# CLOSE A PORT
@ -102,57 +127,16 @@ then
ynh_exec_warn_less yunohost firewall disallow UDP $port_videobridge
fi
if yunohost firewall list | grep -q "\- $port_component$"
then
ynh_script_progression --message="Closing port $port_component..."
ynh_exec_warn_less yunohost firewall disallow TCP $port_component
fi
#=================================================
# SPECIFIC REMOVE
#=================================================
# RECONFIGURE METRONOME
# REMOVE VARIOUS FILES
#=================================================
ynh_script_progression --message="Reconfiguring Metronome..."
ynh_script_progression --message="Removing various files..."
metronomectl deluser $focus_user@auth.$domain || true
metronomectl deluser $videobridge_user@auth.$domain || true
# Remove domain conf template
ynh_secure_remove --file="/usr/share/yunohost/templates/jitsi/$domain.cfg.lua"
ynh_secure_remove --file="/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua"
# Remove Jitsi template directory
if [ -z "$(ls -A /usr/share/yunohost/templates/jitsi)" ]; then
ynh_secure_remove --file="/usr/share/yunohost/templates/jitsi"
fi
# Remove Metronome Hook
ynh_secure_remove --file="/usr/share/yunohost/hooks/conf_regen/50-metronome_$app"
yunohost tools regen-conf metronome --force
# Delete focus user
# yunohost user delete $focus_user --purge
# yunohost user delete $videobridge_user --purge
yunohost domain remove auth.$domain
#=================================================
# REMOVE THE CONFIG
#=================================================
ynh_script_progression --message="Removing the config..."
# Remove the log files
# Remove a directory securely
ynh_secure_remove --file="/etc/$app"
ynh_secure_remove --file="/etc/sysctl.d/20-jvb-udp-buffers.conf"
sysctl --system || true
#=================================================
# REMOVE THE LOG FILES
#=================================================
ynh_script_progression --message="Removing the log files..."
# Remove the log files
ynh_secure_remove --file="/var/log/$app"

84
scripts/restore
View file

@ -23,7 +23,7 @@ ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading settings..."
ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
@ -47,8 +47,6 @@ port_component=$(ynh_app_setting_get --app=$app --key=port_component)
#=================================================
ynh_script_progression --message="Validating restoration parameters..."
ynh_webpath_available --domain=$domain --path_url=$path_url \
|| ynh_die --message="Path not available: ${domain}${path_url}"
test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path "
@ -57,10 +55,18 @@ test ! -d $final_path \
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the nginx configuration..."
ynh_script_progression --message="Restoring the NGINX web server configuration..."
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..."
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
@ -68,20 +74,6 @@ ynh_script_progression --message="Restoring the app main directory..."
ynh_restore_file --origin_path="$final_path"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..."
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir=$final_path
#=================================================
# RESTORE USER RIGHTS
#=================================================
ynh_script_progression --message="Restoring user rights..."
# Restore permissions on app files
chown -R root: $final_path
#=================================================
@ -94,7 +86,10 @@ ynh_script_progression --message="Reinstalling dependencies..."
# Define and install dependencies
ynh_install_app_dependencies $pkg_dependencies
#ynh_install_nodejs --nodejs_version=10
if ! yunohost app list | grep -q "prosody"
then
yunohost app install prosody --args "domain=$domain&admin=$admin&language=$language&password=$password"
fi
#=================================================
# CONFIGURE FIREWALL
@ -106,26 +101,29 @@ ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port
ynh_exec_warn_less yunohost firewall allow --no-upnp UDP $port_videobridge
#=================================================
# CONFIGURE METRONOME
# CONFIGURE PROSODY
#=================================================
ynh_script_progression --message="Configuring metronome..."
ynh_script_progression --message="Configuring prosody..."
# Create additional domains
yunohost domain add auth.$domain
ynh_restore_file --origin_path="/etc/prosody/conf.avail/$domain.cfg.lua"
ln -s "/etc/prosody/conf.avail/$domain.cfg.lua" "/etc/prosody/conf.d/$domain.cfg.lua"
# Create focus user
yunohost user create $focus_user -f $focus_user -l $focus_user -m ${focus_user}@auth.$domain -p $focus_password -q 0
yunohost user create $videobridge_user -f $videobridge_user -l $videobridge_user -m ${videobridge_user}@auth.$domain -p $videobridge_secret -q 0
ln -sf /var/lib/prosody/$domain.key /etc/prosody/certs/$domain.key
ln -sf /var/lib/prosody/$domain.crt /etc/prosody/certs/$domain.crt
# Restore Metronome domain conf template
mkdir -p /usr/share/yunohost/templates/jitsi/
ynh_restore_file --origin_path="/usr/share/yunohost/templates/jitsi/$domain.cfg.lua"
ynh_restore_file --origin_path="/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua"
ln -sf "/var/lib/prosody/auth.$domain.key" "/etc/prosody/certs/auth.$domain.key"
ln -sf "/var/lib/prosody/auth.$domain.crt" "/etc/prosody/certs/auth.$domain.crt"
ln -sf "/var/lib/prosody/auth.$domain.crt" "/usr/local/share/ca-certificates/auth.$domain.crt"
# Restore Metronome Hook
ynh_restore_file --origin_path="/usr/share/yunohost/hooks/conf_regen/50-metronome_$app"
update-ca-certificates -f
yunohost tools regen-conf metronome --force
ynh_systemd_action --service_name="prosody" --action="restart"
prosodyctl register "$focus_user" "auth.$domain" "$focus_password"
prosodyctl register "$videobridge_user" "auth.$domain" "$videobridge_secret"
prosodyctl mod_roster_command subscribe $focus_user.$domain $focus_user@auth.$domain
#=================================================
# RESTORE THE APP CONFIG
@ -152,13 +150,20 @@ systemctl enable $app-videobridge.service
ynh_restore_file --origin_path="/etc/systemd/system/$app-jicofo.service"
systemctl enable $app-jicofo.service
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the logrotate configuration..."
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..."
yunohost service add $app-videobridge --log "/var/log/$app/$app-videobridge.log"
yunohost service add $app-jicofo --log "/var/log/$app/$app-jicofo.log"
yunohost service add $app-videobridge --log="/var/log/$app/$app-videobridge.log"
yunohost service add $app-jicofo --log="/var/log/$app/$app-jicofo.log"
#=================================================
# START SYSTEMD SERVICE
@ -168,19 +173,12 @@ ynh_script_progression --message="Starting a systemd service..."
ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log"
ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log"
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the logrotate configuration..."
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
ynh_script_progression --message="Reloading nginx web server and php-fpm..."
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload

128
scripts/upgrade
View file

@ -39,61 +39,6 @@ ynh_script_progression --message="Checking version..."
upgrade_type=$(ynh_check_app_version_changed)
current_version=$(ynh_read_manifest --manifest="/etc/yunohost/apps/$app/manifest.json" --manifest_key="version" || echo 1.0)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..."
# If final_path doesn't exist, create it
if [ -z "$final_path" ]; then
final_path=/var/www/$app
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
fi
if ynh_version_gt "1.0.3387~ynh2" "${current_version}" ; then
# Add Metronome domain conf template
metronome_conf="/usr/share/yunohost/templates/jitsi/$domain.cfg.lua"
mkdir -p /usr/share/yunohost/templates/jitsi/
cp ../conf/metronome.cfg.lua $metronome_conf
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$metronome_conf"
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$metronome_conf"
ynh_replace_string --match_string="__FOCUS_SECRET__" --replace_string="$focus_secret" --target_file="$metronome_conf"
ynh_replace_string --match_string="__PORT_COMPONENT__" --replace_string="$port_component" --target_file="$metronome_conf"
touch "/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua"
touch "/usr/share/yunohost/templates/jitsi/conference.$domain.cfg.lua"
touch "/usr/share/yunohost/templates/jitsi/jitsi-videobridge.$domain.cfg.lua"
touch "/usr/share/yunohost/templates/jitsi/focus.$domain.cfg.lua"
# Add Metronome hook
cp -R ../conf/metronome_regen_conf.hook /usr/share/yunohost/hooks/conf_regen/50-metronome_$app
yunohost tools regen-conf metronome --force
fi
if ynh_version_gt "1.0.3969~ynh1" "${current_version}" ; then
# Remove not needed domains
yunohost domain remove conference.$domain
yunohost domain remove jitsi-videobridge.$domain
yunohost domain remove focus.$domain
# Remove Previously installed Metronome modules
ynh_secure_remove --file="/usr/lib/metronome/modules/mod_carbons.lua"
ynh_secure_remove --file="/usr/lib/metronome/modules/mod_http_altconnect.lua"
ynh_secure_remove --file="/usr/lib/metronome/modules/mod_smacks.lua"
# Remove nodejs
ynh_remove_nodejs
fi
# Closing port_component
if yunohost firewall list | grep -q "\- $port_component$"
then
ynh_script_progression --message="Closing port $port_component..."
ynh_exec_warn_less yunohost firewall disallow TCP $port_component
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
@ -102,9 +47,9 @@ ynh_script_progression --message="Backing up the app before upgrading (may take
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
ynh_clean_check_starting
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
@ -119,6 +64,25 @@ ynh_script_progression --message="Stopping a systemd service..."
ynh_systemd_action --service_name=$app-videobridge --action="stop" --log_path="/var/log/$app/$app-videobridge.log"
ynh_systemd_action --service_name=$app-jicofo --action="stop" --log_path="/var/log/$app/$app-jicofo.log"
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..."
# If final_path doesn't exist, create it
if [ -z "$final_path" ]; then
final_path=/var/www/$app
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
fi
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
@ -129,7 +93,7 @@ then
# Download, check integrity, uncompress and patch the source from app.src
declare -A packages
packages[jicofo]="jicofo"
packages[jitsi-jicofo]="jicofo"
packages[jitsi-meet-prosody]="jitsi-meet/prosody-plugins"
packages[jitsi-meet-web]="jitsi-meet"
packages[jitsi-videobridge]="jitsi-videobridge"
@ -146,29 +110,14 @@ then
mv "$final_path/${package}_temp/usr/share/${packages[$package]}/" "$final_path/${package}/"
ynh_secure_remove --file="$final_path/${package}_temp"
done
# Adapt prosody module to metronome
for file in $final_path/jitsi-meet-prosody/*.lua
do
ynh_replace_string --match_string="prosody" --replace_string="metronome" --target_file="$file"
ynh_replace_string --match_string="Prosody" --replace_string="Metronome" --target_file="$file"
done
for directory in $final_path/jitsi-meet-prosody/*/; do
for file in $directory/*.lua
do
ynh_replace_string --match_string="prosody" --replace_string="metronome" --target_file="$file"
ynh_replace_string --match_string="Prosody" --replace_string="Metronome" --target_file="$file"
done
done
fi
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading nginx web server configuration..."
ynh_script_progression --message="Upgrading NGINX web server configuration..."
# Create a dedicated nginx config
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
@ -178,15 +127,12 @@ ynh_script_progression --message="Upgrading dependencies..."
ynh_install_app_dependencies $pkg_dependencies
#ynh_install_nodejs --nodejs_version=10
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir=$final_path
if ! yunohost app list | grep -q "prosody"
then
yunohost app install prosody --args "domain=$domain&admin=$admin&language=$language&password=$password"
elfi
yunohost app upgrade
fi
#=================================================
# SPECIFIC UPGRADE
@ -232,10 +178,6 @@ then
jitsi_videobridge_log4j2_conf="/etc/$app/videobridge/log4j2.xml"
cp ../conf/jitsi-videobridge-log4j2.xml "$jitsi_videobridge_log4j2_conf"
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$jitsi_videobridge_log4j2_conf"
jitsi_videobridge_20_jvb_udp_buffers_conf="/etc/sysctl.d/videobridge/20-jvb-udp-buffers.conf"
cp ../conf/jitsi-videobridge-20-jvb-udp-buffers.conf "$jitsi_videobridge_20_jvb_udp_buffers_conf"
sysctl --system || true
fi
#=================================================
@ -329,18 +271,10 @@ ynh_script_progression --message="Starting a systemd service..."
ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log"
ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Upgrading SSOwat configuration..."
# Make app public
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading nginx web server..."
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload