diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..783a4ae --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +*~ +*.sw[op] diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..da61429 --- /dev/null +++ b/LICENSE @@ -0,0 +1,219 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + + + +Note: + +This project was originally contributed to the community under the MIT license and with the following notice: + +The MIT License (MIT) + +Copyright (c) 2013 ESTOS GmbH +Copyright (c) 2013 BlueJimp SARL + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/README.md b/README.md index 509bd24..5c4fabf 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,70 @@ -Jitsi Meet for YunoHost -------------------------- +# Jitsi Meet for YunoHost -https://jitsi.org/Projects/JitMeet +[![Integration level](https://dash.yunohost.org/integration/jitsi.svg)](https://dash.yunohost.org/appci/app/jitsi) +[![Install Jitsi Meet with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=jitsi) + +*[Lire ce readme en français.](./README_fr.md)* + +> *This package allow you to install Jitsi Meet quickly and simply on a YunoHost server. +If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.* + +## Overview +Jitsi Meet is an open-source (Apache) WebRTC JavaScript application that uses Jitsi Videobridge to provide high quality, secure and scalable video conferences. + +**Shipped version:** 1.0.3775 + +## Important points to read before installing + +1. **Jitsi** require a dedicated **root domain**, eg. jitsi.domain.tld +1. **Jitsi** require your create additionals dns names in your dns that goes to your YunoHost + 1. auth.jitsi.domain.tld + 1. conference.jitsi.domain.tld + 1. jitsi-videobridge.jitsi.domain.tld + 1. focus.jitsi.domain.tld +1. **Jitsi** require the ports TCP/4443 and UDP/10000 been redirected to your YunoHost + +## Screenshots + +![](https://jitsi.org/wp-content/uploads/2018/08/brady-bunch-stand-up-1024x632.jpg) + +## Demo + +* [Official demo](https://meet.jit.si/) + +## Configuration + +How to configure this app: by an admin panel, a plain file with SSH, or any other way. + +## Documentation + + * Official documentation: https://jitsi.org/user-faq/ + +## YunoHost specific features + +#### Supported architectures + +* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/jitsi%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/jitsi/) +* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/jitsi%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/jitsi/) +* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/jitsi%20%28Apps%29.svg)](https://ci-stretch.nohost.me/ci/apps/jitsi/) + +## Links + + * Report a bug: https://github.com/YunoHost-Apps/jitsi_ynh/issues + * App website: https://jitsi.org/ + * Upstream app repository: https://github.com/jitsi/jitsi-meet + * YunoHost website: https://yunohost.org/ + +--- + +Developers info +---------------- + +**Only if you want to use a testing branch for coding, instead of merging directly into master.** +Please do your pull request to the [testing branch](https://github.com/YunoHost-Apps/jitsi_ynh/tree/testing). + +To try the testing branch, please proceed like that. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/jitsi_ynh/tree/testing --debug +or +sudo yunohost app upgrade jitsi -u https://github.com/YunoHost-Apps/jitsi_ynh/tree/testing --debug +``` diff --git a/TODO b/TODO deleted file mode 100644 index c190e6b..0000000 --- a/TODO +++ /dev/null @@ -1,14 +0,0 @@ -* backport luasec 0.5 from jessie for PFS ciphers -* why tls between jicofo and metronome (luasec >= 0.5 required) -* why tls between jvb and metronome (luasec >= 0.5 required) -* support subdir : which rewrite rule ? -* desktop sharing : chrome extension needs to be reference the host explicitely -* config.js clientNode : what's this ? see XEP-0115 -* metronome conf : bind vhost and components to localhost -* wireshark the thing : is everything encrypted ? -* recording : what can be done ? -* etherpad -* ipv6 : what's the status ? clients/server... -* mod_{smacks,carbons,mam,websocket,turncredentials} not needed actually ? -* jigasi SIP gateway -* is there any web based video-sip client around ? diff --git a/check_process b/check_process new file mode 100644 index 0000000..25ac19b --- /dev/null +++ b/check_process @@ -0,0 +1,44 @@ +# See here for more information +# https://github.com/YunoHost/package_check#syntax-check_process-file + +# Move this file from check_process.default to check_process when you have filled it. + +;; Test complet + ; Manifest + domain="domain.tld" (DOMAIN) + port="4443" (PORT) + ; Checks + pkg_linter=1 + setup_sub_dir=1 + setup_root=1 + setup_nourl=0 + setup_private=1 + setup_public=1 + upgrade=1 + upgrade=1 from_commit=CommitHash + backup_restore=1 + multi_instance=1 + incorrect_path=1 + port_already_use=0 + change_url=1 +;;; Levels + Level 1=auto + Level 2=auto + Level 3=auto +# Level 4: If the app supports LDAP and SSOwat, turn level 4 to '1' and add a link to an issue or a part of your code to show it. +# If the app does not use LDAP nor SSOwat, and can't use them, turn level 4 to 'na' and explain as well. + Level 4=0 + Level 5=auto + Level 6=auto + Level 7=auto + Level 8=0 + Level 9=0 + Level 10=0 +;;; Options +Email= +Notification=none +;;; Upgrade options + ; commit=CommitHash + name=Name and date of the commit. + manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666& + diff --git a/conf/config.js b/conf/config.js new file mode 100644 index 0000000..349a852 --- /dev/null +++ b/conf/config.js @@ -0,0 +1,12 @@ +var config = { + hosts: { + domain: '__DOMAIN__', + muc: 'conference.__DOMAIN__', + bridge: 'jitsi-videobridge.__DOMAIN__', + focus: 'focus.__DOMAIN__' + }, + useNicks: false, + bosh: '//__DOMAIN__/http-bind', // FIXME: use xep-0156 for that + //chromeExtensionId: 'diibjkoicjeejcmhdnailmkgecihlobk', // Id of desktop streamer Chrome extension + //minChromeExtVersion: '0.1' // Required version of Chrome extension +}; \ No newline at end of file diff --git a/conf/jitsi-jicofo.init b/conf/jitsi-jicofo.init deleted file mode 100644 index 5707727..0000000 --- a/conf/jitsi-jicofo.init +++ /dev/null @@ -1,113 +0,0 @@ -#! /bin/sh -# -# INIT script for Jitsi Conference Focus -# Version: 1.0 4-Dec-2014 pawel.domas@jitsi.org -# -### BEGIN INIT INFO -# Provides: jicofo -# Required-Start: $local_fs $remote_fs -# Required-Stop: $local_fs $remote_fs -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: Jitsi conference Focus -# Description: Conference focus for Jitsi Meet application. -### END INIT INFO - -. /lib/lsb/init-functions - -# Include jicofo defaults if available -if [ -f /etc/default/jicofo ]; then - . /etc/default/jicofo -fi - -# Assign default host if not configured -if [ ! $JICOFO_HOST ]; then - JICOFO_HOST=localhost -fi - -PATH=/usr/lib/jvm/java-7-openjdk-amd64/jre/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -DAEMON=/opt/yunohost/jicofo/jicofo.sh -DEAMON_DIR=/opt/yunohost/jicofo/ -NAME=jicofo -USER=jicofo -PIDFILE=/var/run/jicofo.pid -LOGFILE=/var/log/jitsi/jicofo.log -DESC=jicofo -DAEMON_OPTS=" --host=$JICOFO_HOST --domain=$JICOFO_HOSTNAME --port=$JICOFO_PORT --secret=$JICOFO_SECRET --user_domain=$JICOFO_AUTH_DOMAIN --user_password=$JICOFO_AUTH_PASSWORD $JICOFO_OPTS" - -test -x $DAEMON || exit 0 - -set -e - -killParentPid() { - PARENT_PPID=$(ps -o pid --no-headers --ppid $1 || true) - if [ $PARENT_PPID ]; then - kill $PARENT_PPID - fi -} - -stop() { - if [ -f $PIDFILE ]; then - PID=$(cat $PIDFILE) - fi - echo -n "Stopping $DESC: " - if [ $PID ]; then - killParentPid $PID - rm $PIDFILE || true - echo "$NAME stopped." - elif [ $(ps -C jicofo.sh --no-headers -o pid) ]; then - kill $(ps -o pid --no-headers --ppid $(ps -C jicofo.sh --no-headers -o pid)) - rm $PIDFILE || true - echo "$NAME stopped." - else - echo "$NAME doesn't seem to be running." - fi -} - -start() { - if [ -f $PIDFILE ]; then - echo "$DESC seems to be already running, we found pidfile $PIDFILE." - exit 1 - fi - echo -n "Starting $DESC: " - start-stop-daemon --start --quiet --background --chuid $USER --make-pidfile --pidfile $PIDFILE \ - --exec /bin/bash -- -c "cd $DEAMON_DIR; exec $DAEMON $DAEMON_OPTS < /dev/null >> $LOGFILE 2>&1" - echo "$NAME started." -} - -reload() { - echo 'Not yet implemented.' -} - -status() { - echo 'Not yet implemented.' -} - -case "$1" in - start) - start - ;; - stop) - stop - ;; - restart) - stop - start - ;; - reload) - reload - ;; - force-reload) - reload - ;; - status) - status - ;; - *) - N=/etc/init.d/$NAME - echo "Usage: $N {start|stop|restart|reload|status}" >&2 - exit 1 - ;; -esac - -exit 0 diff --git a/conf/jitsi-jicofo.service b/conf/jitsi-jicofo.service new file mode 100644 index 0000000..86bbc03 --- /dev/null +++ b/conf/jitsi-jicofo.service @@ -0,0 +1,13 @@ +[Unit] +Description=jitsi-jicofo +After=network.target + +[Service] +Type=simple +User=__APP__ +Group=__APP__ +WorkingDirectory=__FINALPATH__/jitsi-jicofo/ +ExecStart=__FINALPATH__/jicofo.sh --host=localhost --domain=__DOMAIN__ --secret=__FOCUS_SECRET__ --user_domain=auth.__DOMAIN__ --user_name=__APP__-focus --user_password=__FOCUS_PASSWORD__ & >> /var/log/__APP__/__APP__-jitsi-jicofo.log 2>&1 + +[Install] +WantedBy=multi-user.target diff --git a/conf/jitsi-jicofo.src b/conf/jitsi-jicofo.src new file mode 100644 index 0000000..0842f72 --- /dev/null +++ b/conf/jitsi-jicofo.src @@ -0,0 +1,6 @@ +SOURCE_URL=https://github.com/jitsi/jicofo/archive/472.tar.gz +SOURCE_SUM=5c3c63a15119187bf547400e1fec04c6cc53fd82dec9fdef33b82a27379d6fc1 +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=tar.gz +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= diff --git a/conf/jitsi-meet.src b/conf/jitsi-meet.src new file mode 100644 index 0000000..b40c3af --- /dev/null +++ b/conf/jitsi-meet.src @@ -0,0 +1,6 @@ +SOURCE_URL=https://github.com/jitsi/jitsi-meet/archive/3426.tar.gz +SOURCE_SUM=b37b50b784c76df56c3a3d5b7d403eeaa2829d17f69c3c22fbe6e2e4bd31a8b8 +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=tar.gz +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= diff --git a/conf/jitsi-videobridge.init b/conf/jitsi-videobridge.init deleted file mode 100644 index 405321d..0000000 --- a/conf/jitsi-videobridge.init +++ /dev/null @@ -1,114 +0,0 @@ -#! /bin/sh -# -# INIT script for Jitsi Videobridge -# Version: 1.0 01-May-2014 yasen@bluejimp.com -# -### BEGIN INIT INFO -# Provides: jitsi-videobridge -# Required-Start: $local_fs $remote_fs -# Required-Stop: $local_fs $remote_fs -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: Jitsi Videobridge -# Description: WebRTC compatible Selective Forwarding Unit (SFU) -### END INIT INFO - -. /lib/lsb/init-functions - -# Include videobridge defaults if available -if [ -f /etc/default/jitsi-videobridge ]; then - . /etc/default/jitsi-videobridge -fi - -PATH=/usr/lib/jvm/java-7-openjdk-amd64/jre/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -DAEMON=/opt/yunohost/jitsi-videobridge/jvb.sh -NAME=jvb -USER=jvb -PIDFILE=/var/run/jitsi-videobridge.pid -LOGFILE=/var/log/jitsi/jvb.log -DESC=jitsi-videobridge -if [ ! $JVB_HOST ]; then - JVB_HOST=localhost -fi -DAEMON_OPTS=" --host=$JVB_HOST --domain=$JVB_HOSTNAME --port=$JVB_PORT --secret=$JVB_SECRET $JVB_OPTS" - -test -x $DAEMON || exit 0 - -set -e - -killParentPid() { - PARENT_PID=$(ps -o pid --no-headers --ppid $1 || true) - if [ $PARENT_PID ]; then - kill $PARENT_PID - fi -} - -stop() { - if [ -f $PIDFILE ]; then - PID=$(cat $PIDFILE) - fi - echo -n "Stopping $DESC: " - if [ $PID ]; then - killParentPid $PID - rm $PIDFILE || true - echo "$NAME stopped." - elif [ $(ps -C jvb.sh --no-headers -o pid) ]; then - kill $(ps -o pid --no-headers --ppid $(ps -C jvb.sh --no-headers -o pid)) - rm $PIDFILE || true - echo "$NAME stopped." - else - echo "$NAME doesn't seem to be running." - fi -} - -start() { - if [ -f $PIDFILE ]; then - echo "$DESC seems to be already running, we found pidfile $PIDFILE." - exit 1 - fi - echo -n "Starting $DESC: " - start-stop-daemon --start --quiet --background --chuid $USER --make-pidfile --pidfile $PIDFILE \ - --exec /bin/bash -- -c "exec $DAEMON $DAEMON_OPTS < /dev/null >> $LOGFILE 2>&1" - echo "$NAME started." -} - -reload() { - echo 'Not yet implemented.' -} - -status() { - echo 'Not yet implemented.' -} - -case "$1" in - start) - start - ;; - stop) - stop - ;; - restart) - stop - start - ;; - reload) - #reload - stop - start - ;; - force-reload) - #reload - stop - start - ;; - status) - status - ;; - *) - N=/etc/init.d/$NAME - echo "Usage: $N {start|stop|restart|reload|status}" >&2 - exit 1 - ;; -esac - -exit 0 diff --git a/conf/jitsi-videobridge.service b/conf/jitsi-videobridge.service new file mode 100644 index 0000000..85907ea --- /dev/null +++ b/conf/jitsi-videobridge.service @@ -0,0 +1,13 @@ +[Unit] +Description=jitsi-videobridge +After=network.target + +[Service] +Type=simple +User=__APP__ +Group=__APP__ +WorkingDirectory=__FINALPATH__/jitsi-videobridge/ +ExecStart=__FINALPATH__/jitsi-videobridge/jvb.sh --host=localhost --domain=__DOMAIN__ --port=5347 --secret=__VIDEOBRIDGE_SECRET__ & >> /var/log/__APP__/__APP__-jitsi-videobridge.log 2>&1 + +[Install] +WantedBy=multi-user.target diff --git a/conf/jitsi-videobridge.src b/conf/jitsi-videobridge.src new file mode 100644 index 0000000..ff35741 --- /dev/null +++ b/conf/jitsi-videobridge.src @@ -0,0 +1,6 @@ +SOURCE_URL=https://github.com/jitsi/jitsi-videobridge/archive/1119.tar.gz +SOURCE_SUM=22f1803158fd6e2898b61bbb4d5b53d063ac1cc29c07c7ab502ba93f89d262c1 +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=tar.gz +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= diff --git a/conf/jitsimeet-config.js b/conf/jitsimeet-config.js deleted file mode 100644 index 065b683..0000000 --- a/conf/jitsimeet-config.js +++ /dev/null @@ -1,36 +0,0 @@ -var config = { - hosts: { - domain: 'YNH_JITSI_XMPP_HOST', - //anonymousdomain: 'guest.example.com', - muc: 'conference.YNH_JITSI_XMPP_HOST', // FIXME: use XEP-0030 - bridge: 'jitsi-videobridge.YNH_JITSI_XMPP_HOST', // FIXME: use XEP-0030 - //jirecon: 'jirecon.YNH_JITSI_XMPP_HOST', - //call_control: 'callcontrol.YNH_JITSI_XMPP_HOST', - focus: 'focus.YNH_JITSI_XMPP_HOST' - defaults to 'focus.YNH_JITSI_XMPP_HOST' - }, - //getroomnode: function (path) { return 'someprefixpossiblybasedonpath'; }, - //useStunTurn: true, // use XEP-0215 to fetch STUN and TURN server - //useIPv6: true, // ipv6 support. use at your own risk - useNicks: false, - bosh: '//YNH_JITSI_XMPP_HOST/http-bind', // FIXME: use xep-0156 for that - clientNode: 'http://jitsi.org/jitsimeet', // The name of client node advertised in XEP-0115 'c' stanza - focusUserJid: 'focus@auth.YNH_JITSI_XMPP_HOST', // The real JID of focus participant - can be overridden here - //defaultSipNumber: '', // Default SIP number - desktopSharing: false, // Desktop sharing method. Can be set to 'ext', 'webrtc' or false to disable. - chromeExtensionId: 'diibjkoicjeejcmhdnailmkgecihlobk', // Id of desktop streamer Chrome extension - desktopSharingSources: ['screen', 'window'], - minChromeExtVersion: '0.1', // Required version of Chrome extension - enableRtpStats: true, // Enables RTP stats processing - openSctp: true, // Toggle to enable/disable SCTP channels - channelLastN: -1, // The default value of the channel attribute last-n. - adaptiveLastN: false, - adaptiveSimulcast: false, - useRtcpMux: true, - useBundle: true, - enableRecording: false, - enableWelcomePage: true, - enableSimulcast: false, - enableFirefoxSupport: false, //firefox support is still experimental, only one-to-one conferences with chrome focus - // will work when simulcast, bundle, mux, lastN and SCTP are disabled. - logStats: true // Enable logging of PeerConnection stats via the focus -}; diff --git a/conf/jvb.version b/conf/jvb.version deleted file mode 100644 index e45b99e..0000000 --- a/conf/jvb.version +++ /dev/null @@ -1 +0,0 @@ -384 diff --git a/conf/metronome.cfg.lua b/conf/metronome.cfg.lua new file mode 100644 index 0000000..21298d4 --- /dev/null +++ b/conf/metronome.cfg.lua @@ -0,0 +1,216 @@ +-- Prosody XMPP Server Configuration +-- +-- Information on configuring Prosody can be found on our +-- website at http://prosody.im/doc/configure +-- +-- Tip: You can check that the syntax of this file is correct +-- when you have finished by running: prosodyctl check config +-- If there are any errors, it will let you know what and where +-- they are, otherwise it will keep quiet. +-- +-- Good luck, and happy Jabbering! + + +---------- Server-wide settings ---------- +-- Settings in this section apply to the whole server and are the default settings +-- for any virtual hosts + +-- This is a (by default, empty) list of accounts that are admins +-- for the server. Note that you must create the accounts separately +-- (see http://prosody.im/doc/creating_accounts for info) +-- Example: admins = { "user1@example.com", "user2@example.net" } +admins = { "focus__APP__@auth.__DOMAIN__" } +daemonize = true +-- cross_domain_bosh = true; +component_ports = { 5347 } +--component_interface = "192.168.0.10" + +-- Enable use of libevent for better performance under high load +-- For more information see: http://prosody.im/doc/libevent +--use_libevent = true + +-- This is the list of modules Prosody will load on startup. +-- It looks for mod_modulename.lua in the plugins folder, so make sure that exists too. +-- Documentation on modules can be found at: http://prosody.im/doc/modules +modules_enabled = { + + -- Generally required + "roster"; -- Allow users to have a roster. Recommended ;) + "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in. + "tls"; -- Add support for secure TLS on c2s/s2s connections + "dialback"; -- s2s dialback support + "disco"; -- Service discovery + "posix"; -- POSIX functionality, sends server to background, enables syslog, etc. + + -- Not essential, but recommended + "private"; -- Private XML storage (for room bookmarks, etc.) + "vcard"; -- Allow users to set vCards + + -- These are commented by default as they have a performance impact + --"privacy"; -- Support privacy lists + "compression"; -- Stream compression (requires the lua-zlib package installed) + + -- Nice to have + "version"; -- Replies to server version requests + "uptime"; -- Report how long server has been running + "time"; -- Let others know the time here on this server + "ping"; -- Replies to XMPP pings with pongs + "pep"; -- Enables users to publish their mood, activity, playing music and more + "register"; -- Allow users to register on this server using a client and change passwords + + -- Admin interfaces + "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands + --"admin_telnet"; -- Opens telnet console interface on localhost port 5582 + + -- HTTP modules + "bosh"; -- Enable BOSH clients, aka "Jabber over HTTP" + --"http_files"; -- Serve static files from a directory over HTTP + + -- Other specific functionality + --"groups"; -- Shared roster support + --"announce"; -- Send announcement to all online users + --"welcome"; -- Welcome users who register accounts + --"watchregistrations"; -- Alert admins of registrations + --"motd"; -- Send a message to users when they log in + --"legacyauth"; -- Legacy authentication. Only used by some old clients and bots. + -- jitsi + "smacks"; + "carbons"; + "mam"; + "lastactivity"; + "offline"; + "pubsub"; + "adhoc"; + "websocket"; + "http_altconnect"; +} + +-- These modules are auto-loaded, but should you want +-- to disable them then uncomment them here: +modules_disabled = { + -- "offline"; -- Store offline messages + -- "c2s"; -- Handle client connections + -- "s2s"; -- Handle server-to-server connections +} + +-- Disable account creation by default, for security +-- For more information see http://prosody.im/doc/creating_accounts +allow_registration = false + +-- These are the SSL/TLS-related settings. If you don't want +-- to use SSL/TLS, you may comment or remove this +-- ssl = { +-- key = "/etc/prosody/certs/localhost.key"; +-- certificate = "/etc/prosody/certs/localhost.crt"; +--} + +-- Force clients to use encrypted connections? This option will +-- prevent clients from authenticating unless they are using encryption. + +-- c2s_require_encryption = true + +-- Force certificate authentication for server-to-server connections? +-- This provides ideal security, but requires servers you communicate +-- with to support encryption AND present valid, trusted certificates. +-- NOTE: Your version of LuaSec must support certificate verification! +-- For more information see http://prosody.im/doc/s2s#security + +-- s2s_secure_auth = false + +-- Many servers don't support encryption or have invalid or self-signed +-- certificates. You can list domains here that will not be required to +-- authenticate using certificates. They will be authenticated using DNS. + +--s2s_insecure_domains = { "gmail.com" } + +-- Even if you leave s2s_secure_auth disabled, you can still require valid +-- certificates for some domains by specifying a list here. + +--s2s_secure_domains = { "jabber.org" } + +-- Required for init scripts and prosodyctl +-- pidfile = "/var/run/prosody/prosody.pid" + +-- Select the authentication backend to use. The 'internal' providers +-- use Prosody's configured data storage to store the authentication data. +-- To allow Prosody to offer secure authentication mechanisms to clients, the +-- default provider stores passwords in plaintext. If you do not trust your +-- server please see http://prosody.im/doc/modules/mod_auth_internal_hashed +-- for information about using the hashed backend. + +-- authentication = "internal_plain" +authentication = "internal_hashed" + +-- Select the storage backend to use. By default Prosody uses flat files +-- in its configured data directory, but it also supports more backends +-- through modules. An "sql" backend is included by default, but requires +-- additional dependencies. See http://prosody.im/doc/storage for more info. + +--storage = "sql" -- Default is "internal" + +-- For the "sql" backend, you can uncomment *one* of the below to configure: +--sql = { driver = "SQLite3", database = "prosody.sqlite" } -- Default. 'database' is the filename. +--sql = { driver = "MySQL", database = "prosody", username = "prosody", password = "secret", host = "localhost" } +--sql = { driver = "PostgreSQL", database = "prosody", username = "prosody", password = "secret", host = "localhost" } + +-- Logging configuration +-- For advanced logging see http://prosody.im/doc/logging +-- log = { +-- info = "/var/log/prosody/prosody.log"; -- Change 'info' to 'debug' for verbose logging +-- error = "/var/log/prosody/prosody.err"; +-- "*syslog"; +-- } + +----------- Virtual hosts ----------- +-- You need to add a VirtualHost entry for each domain you wish Prosody to serve. +-- Settings under each VirtualHost entry apply *only* to that host. + +--VirtualHost "localhost" + +VirtualHost "__DOMAIN__" + -- enabled = false -- Remove this line to enable this host + authentication = "anonymous" + -- Assign this host a certificate for TLS, otherwise it would use the one + -- set in the global section (if any). + -- Note that old-style SSL on port 5223 only supports one certificate, and will always + -- use the global one. + ssl = { + key = "/etc/yunohost/certs/__DOMAIN__/key.pem"; + certificate = "/etc/yunohost/certs/__DOMAIN__/crt.pem"; + } + + c2s_require_encryption = false + +VirtualHost "auth.__DOMAIN__" + ssl = { + key = "/etc/yunohost/certs/auth.__DOMAIN__/key.pem"; + certificate = "/etc/yunohost/certs/auth.__DOMAIN__/crt.pem"; + } + authentication = "internal_plain" + +------ Components ------ +-- You can specify components to add hosts that provide special services, +-- like multi-user conferences, and transports. +-- For more information on components, see http://prosody.im/doc/components + +---Set up a MUC (multi-user chat) room server on conference.example.com: +--Component "conference.example.com" "muc" + +-- Set up a SOCKS5 bytestream proxy for server-proxied file transfers: +--Component "proxy.example.com" "proxy65" + +---Set up an external component (default component port is 5347) +-- +-- External components allow adding various services, such as gateways/ +-- transports to other networks like ICQ, MSN and Yahoo. For more info +-- see: http://prosody.im/doc/components#adding_an_external_component +-- +--Component "gateway.example.com" +-- component_secret = "password" + +Component "conference.__DOMAIN__" "muc" + +Component "jitsi-videobridge.__DOMAIN__" + component_secret = "__VIDEOBRIDGE_SECRET__" +Component "focus.__DOMAIN__" + component_secret = "__FOCUS_SECRET__" diff --git a/conf/metronome.conf b/conf/metronome.conf deleted file mode 100644 index f6af44c..0000000 --- a/conf/metronome.conf +++ /dev/null @@ -1,30 +0,0 @@ -VirtualHost "YNH_JITSI_XMPP_HOST" - c2s_require_encryption = false - authentication = "anonymous" - ssl = { - key = "/var/lib/metronome/YNH_JITSI_XMPP_HOST.key"; - certificate = "/var/lib/metronome/YNH_JITSI_XMPP_HOST.crt"; - } - - -- turncredentials_secret = "YNH_SECRET4"; - -- turncredentials = { - -- { type = "turn", host = "turn.host.name", port = 3478, transport = "tcp" } - -- } - -Component "conference.YNH_JITSI_XMPP_HOST" "muc" - -Component "jitsi-videobridge.YNH_JITSI_XMPP_HOST" - component_secret = "YNH_YOURSECRET1" - -VirtualHost "auth.YNH_JITSI_XMPP_HOST" - c2s_require_encryption = false - authentication = "internal_plain" - ssl = { - key = "/var/lib/metronome/YNH_JITSI_XMPP_HOST.key"; - certificate = "/var/lib/metronome/YNH_JITSI_XMPP_HOST.crt"; - } - admins = { "focus@auth.YNH_JITSI_XMPP_HOST" } - -Component "focus.YNH_JITSI_XMPP_HOST" - component_secret = "YNH_YOURSECRET2" - diff --git a/conf/nginx.conf b/conf/nginx.conf index 1cd962f..f19df60 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,14 +1,21 @@ -location YNH_LOCATION/ { - alias /var/www/jitsi/; +#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; +location __PATH__/ { + + # Path to source + alias __FINALPATH__/jitsi-meet/ ; index index.html; ssi on; + + # Force usage of https + if ($scheme = http) { + rewrite ^ https://$server_name$request_uri? permanent; + } + + # Include SSOWAT user panel. + include conf.d/yunohost_panel.conf.inc; } -location ~ ^YNH_LOCATION/([a-zA-Z0-9]+)$ { - rewrite ^YNH_LOCATION/(.*)$ YNH_LOCATION/ break; -} - -location YNH_LOCATION/http-bind { +location __PATH__/http-bind { proxy_pass http://localhost:5290/http-bind; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; diff --git a/manifest.json b/manifest.json index 9f29dce..f7c0d0b 100644 --- a/manifest.json +++ b/manifest.json @@ -1,16 +1,27 @@ { "name": "Jitsi Meet", "id": "jitsi", + "packaging_format": 1, "description": { "en": "Video conferencing web application", "fr": "Application web de conférence vidéo" }, + "version": "1.0.3775~ynh1", "url": "https://jitsi.org/Projects/JitMeet", + "license": "Apache-2.0", "maintainer": { "name": "ju", "email": "julien.malik@paraiso.me" }, + "requirements": { + "yunohost": ">= 3.5" + }, "multi_instance": "false", + "services": [ + "nginx", + "php7.0-fpm", + "mysql" + ], "arguments": { "install": [ { @@ -21,16 +32,6 @@ "fr": "Choisissez un domaine pour Jitsi Meet" }, "example": "domain.org" - }, - { - "name": "path", - "type": "path", - "ask": { - "en": "Choose a path for Jitsi Meet", - "fr": "Choisissez un chemin pour Jitsi Meet" - }, - "example": "/", - "default": "/" } ] } diff --git a/pull_request_template.md b/pull_request_template.md new file mode 100644 index 0000000..b28173e --- /dev/null +++ b/pull_request_template.md @@ -0,0 +1,18 @@ +## Problem +- *Description of why you made this PR* + +## Solution +- *And how do you fix that problem* + +## PR Status +- [ ] Code finished. +- [ ] Tested with Package_check. +- [ ] Fix or enhancement tested. +- [ ] Upgrade from last version tested. +- [ ] Can be reviewed and tested. + +## Package_check results +--- +*If you have access to [App Continuous Integration for packagers](https://yunohost.org/#/packaging_apps_ci) you can provide a link to the package_check results like below, replacing '-NUM-' in this link by the PR number and USERNAME by your username on the ci-apps-dev. Or you provide a screenshot or a pastebin of the results* + +[![Build Status](https://ci-apps-dev.yunohost.org/jenkins/job/APP_ynh%20PR-NUM-%20(USERNAME)/badge/icon)](https://ci-apps-dev.yunohost.org/jenkins/job/APP_ynh%20PR-NUM-%20(USERNAME)/) diff --git a/scripts/_common.sh b/scripts/_common.sh new file mode 100644 index 0000000..9feaf0f --- /dev/null +++ b/scripts/_common.sh @@ -0,0 +1,20 @@ +#!/bin/bash + +#================================================= +# COMMON VARIABLES +#================================================= + +# dependencies used by the app +pkg_dependencies="openjdk-8-jre maven" + +#================================================= +# PERSONAL HELPERS +#================================================= + +#================================================= +# EXPERIMENTAL HELPERS +#================================================= + +#================================================= +# FUTURE OFFICIAL HELPERS +#================================================= diff --git a/scripts/backup b/scripts/backup new file mode 100644 index 0000000..73ef853 --- /dev/null +++ b/scripts/backup @@ -0,0 +1,86 @@ +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +source ../settings/scripts/_common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +ynh_clean_setup () { + true +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." --time --weight=1 + +app=$YNH_APP_INSTANCE_NAME + +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +domain=$(ynh_app_setting_get --app=$app --key=domain) + +#================================================= +# STANDARD BACKUP STEPS +#================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." --time --weight=1 + +ynh_systemd_action --service_name=$app-jitsi-videobridge --action="stop" --log_path="/var/log/$app/$app-jitsi-videobridge.log" +ynh_systemd_action --service_name=$app-jitsi-jicofo --action="stop" --log_path="/var/log/$app/$app-jitsi-jicofo.log" + +#================================================= +# BACKUP THE APP MAIN DIR +#================================================= +ynh_script_progression --message="Backing up the main app directory..." --time --weight=1 + +ynh_backup --src_path="$final_path" + +#================================================= +# BACKUP THE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Backing up nginx web server configuration..." --time --weight=1 + +ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" + +#================================================= +# SPECIFIC BACKUP +#================================================= +# BACKUP LOGROTATE +#================================================= +ynh_script_progression --message="Backing up logrotate configuration..." --time --weight=1 + +ynh_backup --src_path="/etc/logrotate.d/$app" + +#================================================= +# BACKUP SYSTEMD +#================================================= +ynh_script_progression --message="Backing up systemd configuration..." --time --weight=1 + +ynh_backup --src_path="/etc/systemd/system/$app-jitsi-videobridge.service" +ynh_backup --src_path="/etc/systemd/system/$app-jitsi-jicofo.service" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --time --weight=1 + +ynh_systemd_action --service_name=$app-jitsi-videobridge --action="start" --log_path="/var/log/$app/$app-jitsi-videobridge.log" +ynh_systemd_action --service_name=$app-jitsi-jicofo --action="start" --log_path="/var/log/$app/$app-jitsi-jicofo.log" + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --time --last diff --git a/scripts/install b/scripts/install index 260970c..d071608 100644 --- a/scripts/install +++ b/scripts/install @@ -1,173 +1,241 @@ -#!/bin/bash +#!/bin/bash -# Retrieve arguments -domain=$1 -path=$2 +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -arch=$(uname -m) -if [[ "$arch" != "i686" ]] && [[ "$arch" != "x86_64" ]] ; then - echo "Currently supported only on i686 or x86_64." - echo "ARM platforms are NOT supported right now." - exit 1 -fi +source _common.sh +source /usr/share/yunohost/helpers -if [[ "$path" != "/" ]] ; then - echo "Only '/' is supported as path for the moment." - exit 1 -fi +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= -sudo yunohost app checkurl $domain$path -a jitsi -if [[ ! $? -eq 0 ]]; then - exit 1 -fi +ynh_clean_setup () { + read -p "key" + true +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors -sudo apt-get update -sudo apt-get install openjdk-7-jdk ant -y +#================================================= +# RETRIEVE ARGUMENTS FROM THE MANIFEST +#================================================= -# TODO need lua-sec >= 0.5 otherwise jicofo cannot connect because of "no shared ciphers" +domain=$YNH_APP_ARG_DOMAIN +path_url="/" -#git clone https://github.com/andyet/otalk-server ../src/otalk-server -# TODO mam,websocket(s) already available in default metronome -#cp -r ../src/otalk-server/mod_{smacks,carbons,mam,websocket,turncredentials} /usr/lib/metronome/modules +#YOURSECRET3 +focus_password=$(ynh_string_random --length=8) +#YOURSECRET1 +videobridge_secret=$(ynh_string_random --length=8) +#YOURSECRET2 +focus_secret=$(ynh_string_random --length=8) -YNH_YOURSECRET1=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p') -YNH_YOURSECRET2=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p') -YNH_YOURSECRET3=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p') -YNH_YOURSECRET4=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p') +app=$YNH_APP_INSTANCE_NAME -jitsi_domain="jitsi.${domain}" -# TODO verify $jitsi_domain is not already used somehow... +#================================================= +# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS +#================================================= +ynh_script_progression --message="Validating installation parameters..." --time --weight=1 -sudo groupadd jitsi +final_path=/var/www/$app +test ! -e "$final_path" || ynh_die --message="This path already contains a folder" -#--- Install Jitsi videobridge --- -jvb_buildnum=$(cat ../conf/jvb.version) -if [[ "$arch" == "i686" ]] ; then - jvb_arch="x86" -else - jvb_arch="x64" -fi -mkdir ../src -wget -O ../src/jitsi-videobridge.zip https://download.jitsi.org/jitsi-videobridge/linux/jitsi-videobridge-linux-$jvb_arch-$jvb_buildnum.zip -unzip ../src/jitsi-videobridge.zip -d ../src/jitsi-videobridge -jvb_root=/opt/yunohost/jitsi-videobridge -sudo mkdir -p $jvb_root -sudo cp -ar ../src/jitsi-videobridge/jitsi-videobridge-linux-$jvb_arch-$jvb_buildnum/* $jvb_root -sudo useradd -r -g jitsi -d $jvb_root --shell /bin/bash jvb -sudo chown -R jvb:jitsi $jvb_root -sudo mkdir -p /var/log/jitsi -sudo chown jvb:jitsi /var/log/jitsi -sudo chmod 770 /var/log/jitsi +# Register (book) web path +ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url -cat << EOF > ../src/jvb_options -JVB_HOSTNAME=$jitsi_domain -JVB_PORT=5347 -JVB_SECRET=$YNH_YOURSECRET1 -JVB_OPTS="" -EOF +#! ynh_user_exists --username=${app}-focus || ynh_die --message="User ${app}-focus already exist, please remove it first" -sudo mv ../src/jvb_options /etc/default/jitsi-videobridge -sudo cp ../conf/jitsi-videobridge.init /etc/init.d/jitsi-videobridge -sudo chmod +x /etc/init.d/jitsi-videobridge -sudo update-rc.d jitsi-videobridge defaults -sudo yunohost service add jitsi-videobridge -l /var/log/jitsi/jvb.log +#================================================= +# STORE SETTINGS FROM MANIFEST +#================================================= +ynh_script_progression --message="Storing installation settings..." --time --weight=1 -# TODO : install java7 -# TODO : create .sip-communicator to handle videobridge behind NAT -# TODO : avoid error in logs Failed to load class "org.slf4j.impl.StaticLoggerBinder" -# See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details. -# TODO : logrotate -# TODO : hook to monit -# TODO : enable jitsi stats : what do we do with it ? +ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=path --value=$path_url +ynh_app_setting_set --app=$app --key=focus_password --value=$focus_password +ynh_app_setting_set --app=$app --key=videobridge_secret --value=$videobridge_secret +ynh_app_setting_set --app=$app --key=focus_secret --value=$focus_secret -#--- Install Jicofo --- -wget -O ../src/jicofo.zip https://github.com/jitsi/jicofo/archive/master.zip -unzip ../src/jicofo.zip -d ../src/jicofo -if [[ "$arch" == "i686" ]] ; then - jicofo_target="lin" - jicofo_arch="x86" -else - jicofo_target="lin64" - jicofo_arch="x64" -fi -bash -c "cd ../src/jicofo/jicofo-master; PATH=/usr/lib/jvm/java-7-openjdk-amd64/bin:$PATH ant dist.$jicofo_target" -jicofo_dist_zip=$(ls ../src/jicofo/jicofo-master/dist/linux/*.zip) -unzip $jicofo_dist_zip -d ../src/jicofo_dist +#================================================= +# STANDARD MODIFICATIONS +#================================================= +# FIND AND OPEN A PORT +#================================================= +ynh_script_progression --message="Configuring firewall..." --time --weight=1 -jicofo_root=/opt/yunohost/jicofo -sudo mkdir -p $jicofo_root -sudo cp -ar ../src/jicofo_dist/$(basename "$jicofo_dist_zip" .zip)/* $jicofo_root -sudo useradd -r -g jitsi -d $jicofo_root --shell /bin/bash jicofo -sudo chown -R jicofo:jitsi $jicofo_root +# Find a free port +port=$(ynh_find_port --port=4443) +# Open this port +ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port +ynh_app_setting_set --app=$app --key=port --value=$port -cat << EOF > ../src/jicofo_options -# Jitsi Conference Focus settings -JICOFO_HOST=localhost -JICOFO_HOSTNAME=$jitsi_domain -JICOFO_SECRET=$YNH_YOURSECRET2 -JICOFO_PORT=5347 -JICOFO_AUTH_DOMAIN=auth.$jitsi_domain -JICOFO_AUTH_USER=focus -JICOFO_AUTH_PASSWORD=$YNH_YOURSECRET3 -JICOFO_OPTS="" -EOF +#================================================= +# INSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Installing dependencies..." --time --weight=1 -sudo mv ../src/jicofo_options /etc/default/jicofo -sudo cp ../conf/jitsi-jicofo.init /etc/init.d/jicofo -sudo chmod +x /etc/init.d/jicofo -sudo update-rc.d jicofo defaults -sudo yunohost service add jicofo -l /var/log/jitsi/jvb.log +ynh_install_app_dependencies $pkg_dependencies -# TODO : build with java7, since java6 outputs more warnings -# TODO : logrotate -# TODO : hook to monit +ynh_install_nodejs --nodejs_version=10 -#--- Install Jireco daemon --- -# TODO for later... +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= +ynh_script_progression --message="Setting up source files..." --time --weight=1 -#--- Install Jitsi-meet --- -wget -O ../src/jitsi-meet.zip https://github.com/jitsi/jitsi-meet/archive/master.zip -unzip ../src/jitsi-meet.zip -d ../src/jitsi-meet -jitsimeet_path=/var/www/jitsi -sudo mkdir -p $jitsimeet_path -sudo cp -ar ../src/jitsi-meet/jitsi-meet-master/* $jitsimeet_path +ynh_app_setting_set --app=$app --key=final_path --value=$final_path +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source --dest_dir="$final_path/jitsi-videobridge" --source_id=jitsi-videobridge +ynh_setup_source --dest_dir="$final_path/jitsi-jicofo" --source_id=jitsi-jicofo +ynh_setup_source --dest_dir="$final_path/jitsi-meet" --source_id=jitsi-meet -sed -i "s@YNH_JITSI_XMPP_HOST@$jitsi_domain@g" ../conf/jitsimeet-config.js -sudo cp ../conf/jitsimeet-config.js $jitsimeet_path/config.js +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Configuring nginx web server..." --time --weight=1 -sudo chown -R root: $jitsimeet_path -sudo find $jitsimeet_path -type f | xargs sudo chmod 644 -sudo find $jitsimeet_path -type d | xargs sudo chmod 755 +# Create a dedicated nginx config +ynh_add_nginx_config -# TODO : remove tracking -# TODO : remove GoogleAnalytics +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --time --weight=1 -#--- Configure metronome --- -sed -i "s@YNH_JITSI_XMPP_HOST@$jitsi_domain@g" ../conf/metronome.conf -sed -i "s@YNH_YOURSECRET1@$YNH_YOURSECRET1@g" ../conf/metronome.conf -sed -i "s@YNH_YOURSECRET2@$YNH_YOURSECRET2@g" ../conf/metronome.conf -sed -i "s@YNH_YOURSECRET4@$YNH_YOURSECRET4@g" ../conf/metronome.conf +# Create a system user +ynh_system_user_create --username=$app --home_dir=$final_path -sudo cp ../conf/metronome.conf /etc/metronome/conf.d/$jitsi_domain.cfg.lua -sudo chown metronome: /etc/metronome/conf.d/$jitsi_domain.cfg.lua +#================================================= +# SPECIFIC SETUP +#================================================= +# CONFIGURE METRONOME +#================================================= -sudo openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj \ - "/O=$domain/OU=$domain/CN=$jitsi_domain/emailAddress=webmaster@$domain" \ - -keyout /var/lib/metronome/$jitsi_domain.key \ - -out /var/lib/metronome/$jitsi_domain.crt +# Create additional domains +yunohost domain add auth.$domain -# TODO : adduser headless with python pexpect ? -#sudo metronomectl adduser focus@auth.$jitsi_domain # $YNH_YOURSECRET3 +# Create focus user +yunohost user create ${app}-focus -f ${app}-focus -l ${app}-focus -m ${app}-focus@auth.$domain -p $focus_password -q 0 -#--- Configure Nginx --- -# remove trailing '/'. this leaves '/something' untouched, but changes '/' to '' -path=${path%/} -sed -i "s@YNH_LOCATION@$path@g" ../conf/nginx.conf -sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/jitsi.conf +# Configure metronome +mv /etc/metronome/conf.d/$domain.cfg.lua /etc/metronome/conf.d/$domain.cfg.lua.back +mv /etc/metronome/conf.d/auth.$domain.cfg.lua /etc/metronome/conf.d/auth.$domain.cfg.lua.back +metronome="/etc/metronome/conf.d/$domain.cfg.lua" +cp ../conf/metronome.cfg.lua "$metronome" +ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$metronome" +ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$metronome" +ynh_replace_string --match_string="__VIDEOBRIDGE_SECRET__" --replace_string="$videobridge_secret" --target_file="$metronome" +ynh_replace_string --match_string="__FOCUS_SECRET__" --replace_string="$focus_secret" --target_file="$metronome" +ynh_systemd_action --service_name=metronome --action=reload -# TODO : subdir support +#================================================= +# BUILD JITSI-VIDEOBRIDGE +#================================================= -sudo service metronome reload -sudo service jitsi-videobridge restart -sudo service jicofo restart -sudo service nginx reload +pushd "$final_path/jitsi-videobridge" + mvn compile exec:exec -Dexec.executable=java -Dexec.args="-cp %classpath org.jitsi.videobridge.Main --domain=\"$domain\" --host=\"localhost \" --port=\"5347\" --secret=\"$videobridge_secret\" -Djava.library.path=$JVB_HOME/lib/native/linux-64 -Djava.util.logging.config.file=$JVB_HOME/lib/logging.properties -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=.jitsi-videobridge " +popd + +#================================================= +# BUILD JITSI-JICOFO +#================================================= + +pushd "$final_path/jitsi-jicofo" + mvn package -DskipTests -Dassembly.skipAssembly=false +popd + +#================================================= +# BUILD JITSI-MEET +#================================================= + +pushd "$final_path/jitsi-meet" + ynh_use_nodejs + npm install + make +popd + +config="$final_path/jitsi-meet/config.js" +cp ../conf/config.js "$config" +ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$config" + +#================================================= +# SETUP SYSTEMD +#================================================= +ynh_script_progression --message="Configuring a systemd service..." --time --weight=1 + +# Create a dedicated systemd config +ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="../conf/jitsi-videobridge.service" +ynh_replace_string --match_string="__VIDEOBRIDGE_SECRET__" --replace_string="$videobridge_secret" --target_file="../conf/jitsi-videobridge.service" +ynh_add_systemd_config --service=$app-jitsi-videobridge --template=jitsi-videobridge + +ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="../conf/jitsi-jicofo.service" +ynh_replace_string --match_string="__FOCUS_SECRET__" --replace_string="$focus_secret" --target_file="../conf/jitsi-jicofo.service" +ynh_replace_string --match_string="__FOCUS_PASSWORD__" --replace_string="$focus_password" --target_file="../conf/jitsi-jicofo.service" +ynh_add_systemd_config --service=$app-jitsi-jicofo --template=jitsi-jicofo + +#================================================= +# STORE THE CONFIG FILE CHECKSUM +#================================================= + +# Calculate and store the config file checksum into the app settings +ynh_store_file_checksum --file="$config" + +#================================================= +# GENERIC FINALIZATION +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + +# Set permissions to app files +chown -R root: $final_path + +#================================================= +# SETUP LOGROTATE +#================================================= +ynh_script_progression --message="Configuring log rotation..." --time --weight=1 + +# Use logrotate to manage application logfile(s) +ynh_use_logrotate + +#================================================= +# ADVERTISE SERVICE IN ADMIN PANEL +#================================================= + +#yunohost service add $app --log "/var/log/$app/$app.log" +# if using yunohost version 3.2 or more in the 'manifest.json', a description can be added +yunohost service add $app-jitsi-videobridge --description "$app jitsi-videobridge for jitsi" --log "/var/log/$app/$app-jitsi-videobridge.log" +yunohost service add $app-jitsi-jicofo --description "$app jitsi-jicofo for jitsi" --log "/var/log/$app/$app-jitsi-jicofo.log" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --time --weight=1 + +# Start a systemd service +ynh_systemd_action --service_name=$app-jitsi-videobridge --action="start" --log_path="/var/log/$app/$app-jitsi-videobridge.log" +ynh_systemd_action --service_name=$app-jitsi-jicofo --action="start" --log_path="/var/log/$app/$app-jitsi-jicofo.log" + +#================================================= +# SETUP SSOWAT +#================================================= +ynh_script_progression --message="Configuring SSOwat..." --time --weight=1 + +# Make app public +ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading nginx web server..." --time --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Installation of $app completed" --time --last diff --git a/scripts/remove b/scripts/remove index 021551a..73c4921 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,34 +1,133 @@ #!/bin/bash -domain=$(sudo yunohost app setting jitsi domain) +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -sudo service jitsi-videobridge stop -sudo service jicofo stop +source _common.sh +source /usr/share/yunohost/helpers -sudo rm -rf /opt/yunohost/jicofo -sudo rm -rf /opt/yunohost/jitsi-videobridge -sudo rm /etc/default/jitsi-videobridge -sudo rm /etc/default/jicofo +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." --time --weight=1 -sudo update-rc.d jitsi-videobridge remove -sudo rm /etc/init.d/jitsi-videobridge -sudo yunohost service remove jitsi-videobridge +app=$YNH_APP_INSTANCE_NAME -sudo update-rc.d jicofo remove -sudo rm /etc/init.d/jicofo -sudo yunohost service remove jicofo +domain=$(ynh_app_setting_get --app=$app --key=domain) +port=$(ynh_app_setting_get --app=$app --key=port) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) -jitsi_domain=jitsi.$domain -sudo rm /etc/metronome/conf.d/$jitsi_domain.cfg.lua -sudo service metronome restart +#================================================= +# STANDARD REMOVE +#================================================= +# REMOVE SERVICE FROM ADMIN PANEL +#================================================= -sudo rm /etc/nginx/conf.d/$domain.d/jitsi.conf -sudo service nginx reload -sudo yunohost app ssowatconf +# Remove a service from the admin panel, added by `yunohost service add` +if ynh_exec_warn_less yunohost service status $app-jitsi-videobridge >/dev/null +then + ynh_script_progression --message="Removing $app-jitsi-videobridge service..." --time --weight=1 + yunohost service remove $app-jitsi-videobridge +fi +if ynh_exec_warn_less yunohost service status $app-jitsi-jicofo >/dev/null +then + ynh_script_progression --message="Removing $app-jitsi-jicofo service..." --time --weight=1 + yunohost service remove $app-jitsi-jicofo +fi -sudo rm -rf /var/log/jitsi +#================================================= +# STOP AND REMOVE SERVICE +#================================================= +ynh_script_progression --message="Stopping and removing the systemd service..." --time --weight=1 -sudo userdel jvb -sudo userdel jicofo -sudo groupdel jitsi +# Remove the dedicated systemd config +ynh_remove_systemd_config --service=$app-jitsi-videobridge +ynh_remove_systemd_config --service=$app-jitsi-jicofo +#================================================= +# REMOVE DEPENDENCIES +#================================================= +ynh_script_progression --message="Removing dependencies..." --time --weight=1 + +# Remove metapackage and its dependencies +ynh_remove_app_dependencies + +ynh_remove_nodejs + +#================================================= +# REMOVE APP MAIN DIR +#================================================= +ynh_script_progression --message="Removing app main directory..." --time --weight=1 + +# Remove the app directory securely +ynh_secure_remove --file="$final_path" + +#================================================= +# REMOVE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Removing nginx web server configuration..." --time --weight=1 + +# Remove the dedicated nginx config +ynh_remove_nginx_config + +#================================================= +# REMOVE LOGROTATE CONFIGURATION +#================================================= +ynh_script_progression --message="Removing logrotate configuration..." --time --weight=1 + +# Remove the app-specific logrotate config +ynh_remove_logrotate + +#================================================= +# CLOSE A PORT +#================================================= + +if yunohost firewall list | grep -q "\- $port$" +then + ynh_script_progression --message="Closing port $port..." + ynh_exec_warn_less yunohost firewall disallow TCP $port +fi + +#================================================= +# SPECIFIC REMOVE +#================================================= +# REMOVE METRONOME +#================================================= + +# Reconfigure metronome +ynh_secure_remove --file="/etc/metronome/conf.d/$domain.cfg.lua.back" +mv /etc/metronome/conf.d/$domain.cfg.lua.back /etc/metronome/conf.d/$domain.cfg.lua +mv /etc/metronome/conf.d/auth.$domain.cfg.lua.back /etc/metronome/conf.d/auth.$domain.cfg.lua +ynh_systemd_action --service_name=metronome --action=reload + +# Delete focus user +yunohost user delete ${app}-focus --purge + +# Removing additional domains +yunohost domain remove auth.$domain + +#================================================= +# REMOVE THE CRON FILE +#================================================= + +# Remove the log files +ynh_secure_remove --file="/var/log/$app/" + +#================================================= +# GENERIC FINALIZATION +#================================================= +# REMOVE DEDICATED USER +#================================================= +ynh_script_progression --message="Removing the dedicated system user..." --time --weight=1 + +# Delete a system user +ynh_system_user_delete --username=$app + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Removal of $app completed" --time --last diff --git a/scripts/restore b/scripts/restore new file mode 100644 index 0000000..c5528f0 --- /dev/null +++ b/scripts/restore @@ -0,0 +1,130 @@ +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +source ../settings/scripts/_common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +ynh_clean_setup () { + true +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading settings..." --time --weight=1 + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) + +#================================================= +# CHECK IF THE APP CAN BE RESTORED +#================================================= +ynh_script_progression --message="Validating restoration parameters..." --time --weight=1 + +ynh_webpath_available --domain=$domain --path_url=$path_url \ + || ynh_die --message="Path not available: ${domain}${path_url}" +test ! -d $final_path \ + || ynh_die --message="There is already a directory: $final_path " + +#================================================= +# STANDARD RESTORATION STEPS +#================================================= +# RESTORE THE NGINX CONFIGURATION +#================================================= + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + +#================================================= +# RESTORE THE APP MAIN DIR +#================================================= +ynh_script_progression --message="Restoring the app main directory..." --time --weight=1 + +ynh_restore_file --origin_path="$final_path" + +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --time --weight=1 + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir=$final_path + +#================================================= +# RESTORE USER RIGHTS +#================================================= + +# Restore permissions on app files +chown -R root: $final_path + +#================================================= +# SPECIFIC RESTORATION +#================================================= +# REINSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Reinstalling dependencies..." --time --weight=1 + +# Define and install dependencies +ynh_install_app_dependencies $pkg_dependencies + +ynh_install_nodejs --nodejs_version=10 + +#================================================= +# RESTORE SYSTEMD +#================================================= +ynh_script_progression --message="Restoring the systemd configuration..." --time --weight=1 + +ynh_restore_file --origin_path="/etc/systemd/system/$app-jitsi-videobridge.service" +systemctl enable $app-jitsi-videobridge.service +ynh_restore_file --origin_path="/etc/systemd/system/$app-jitsi-jicofo.service" +systemctl enable $app-jitsi-jicofo.service + +#================================================= +# ADVERTISE SERVICE IN ADMIN PANEL +#================================================= + +yunohost service add $app-jitsi-videobridge --log "/var/log/$app/$app-jitsi-videobridge.log" +yunohost service add $app-jitsi-jicofo --log "/var/log/$app/$app-jitsi-jicofo.log" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --time --weight=1 + +ynh_systemd_action --service_name=$app-jitsi-videobridge --action="start" --log_path="/var/log/$app/$app-jitsi-videobridge.log" +ynh_systemd_action --service_name=$app-jitsi-jicofo --action="start" --log_path="/var/log/$app/$app-jitsi-jicofo.log" + +#================================================= +# RESTORE THE LOGROTATE CONFIGURATION +#================================================= + +ynh_restore_file --origin_path="/etc/logrotate.d/$app" + +#================================================= +# GENERIC FINALIZATION +#================================================= +# RELOAD NGINX AND PHP-FPM +#================================================= +ynh_script_progression --message="Reloading nginx web server and php-fpm..." --time --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Restoration completed for $app" --time --last diff --git a/scripts/upgrade b/scripts/upgrade index cc13ede..25a1fc5 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,14 +1,206 @@ -#!/bin/bash +#!/bin/bash -# Retrieve arguments -domain=$(sudo yunohost app setting jitsi domain) -path=$(sudo yunohost app setting jitsi path) +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -# Remove trailing "/" for next commands -path=${path%/} +source _common.sh +source /usr/share/yunohost/helpers -# Configure Nginx and reload -sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf -sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/jitsi.conf -sudo service nginx reload -sudo service jitsi reload +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." --time --weight=1 + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) + +focus_password=$(ynh_app_setting_get --app=$app --key=$focus_password) +videobridge_secret=$(ynh_app_setting_get --app=$app --key=videobridge_secret) +focus_secret=$(ynh_app_setting_get --app=$app --key=focus_secret) + +#================================================= +# CHECK VERSION +#================================================= + +upgrade_type=$(ynh_check_app_version_changed) + +#================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= +ynh_script_progression --message="Ensuring downward compatibility..." --time --weight=1 + +# If final_path doesn't exist, create it +if [ -z "$final_path" ]; then + final_path=/var/www/$app + ynh_app_setting_set --app=$app --key=final_path --value=$final_path +fi + +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --time --weight=1 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# STANDARD UPGRADE STEPS +#================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." --time --weight=1 + +ynh_systemd_action --service_name=$app-jitsi-videobridge --action="stop" --log_path="/var/log/$app/$app-jitsi-videobridge.log" +ynh_systemd_action --service_name=$app-jitsi-jicofo --action="stop" --log_path="/var/log/$app/$app-jitsi-jicofo.log" + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= + +if [ "$upgrade_type" == "UPGRADE_APP" ] +then + ynh_script_progression --message="Upgrading source files..." --time --weight=1 + + # Download, check integrity, uncompress and patch the source from app.src + ynh_setup_source --dest_dir="$final_path/jitsi-videobridge" --source_id=jitsi-videobridge + ynh_setup_source --dest_dir="$final_path/jitsi-jicofo" --source_id=jitsi-jicofo + ynh_setup_source --dest_dir="$final_path/jitsi-meet" --source_id=jitsi-meet +fi + +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Upgrading nginx web server configuration..." --time --weight=1 + +# Create a dedicated nginx config +ynh_add_nginx_config + +#================================================= +# UPGRADE DEPENDENCIES +#================================================= +ynh_script_progression --message="Upgrading dependencies..." --time --weight=1 + +ynh_install_app_dependencies $pkg_dependencies + +ynh_install_nodejs --nodejs_version=10 + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --time --weight=1 + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir=$final_path + +#================================================= +# SPECIFIC UPGRADE +#================================================= +# BUILD JITSI-VIDEOBRIDGE +#================================================= + +pushd "$final_path/jitsi-videobridge" + mvn compile exec:exec -Dexec.executable=java -Dexec.args="-cp %classpath org.jitsi.videobridge.Main --domain=\"$domain\" --host=\"localhost \" --port=\"5347\" --secret=\"$videobridge_secret\" -Djava.library.path=$JVB_HOME/lib/native/linux-64 -Djava.util.logging.config.file=$JVB_HOME/lib/logging.properties -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=.jitsi-videobridge " +popd + +#================================================= +# BUILD JITSI-JICOFO +#================================================= + +pushd "$final_path/jitsi-jicofo" + mvn package -DskipTests -Dassembly.skipAssembly=false +popd + +#================================================= +# BUILD JITSI-MEET +#================================================= + +pushd "$final_path/jitsi-meet" + ynh_use_nodejs + npm install + make +popd + +config="$final_path/jitsi-meet/config.js" +cp ../conf/config.js "$config" +ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$config" + +#================================================= +# STORE THE CONFIG FILE CHECKSUM +#================================================= + +ynh_backup_if_checksum_is_different --file="$final_path/CONFIG_FILE" +# Recalculate and store the checksum of the file for the next upgrade. +ynh_store_file_checksum --file="$config" + +#================================================= +# SETUP LOGROTATE +#================================================= +ynh_script_progression --message="Upgrading logrotate configuration..." --time --weight=1 + +# Use logrotate to manage app-specific logfile(s) +ynh_use_logrotate --non-append + +#================================================= +# SETUP SYSTEMD +#================================================= +ynh_script_progression --message="Upgrading systemd configuration..." --time --weight=1 + +# Create a dedicated systemd config +ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="../conf/jitsi-videobridge.service" +ynh_replace_string --match_string="__VIDEOBRIDGE_SECRET__" --replace_string="$videobridge_secret" --target_file="../conf/jitsi-videobridge.service" +ynh_add_systemd_config --service=$app-jitsi-videobridge --template=jitsi-videobridge + +ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="../conf/jitsi-jicofo.service" +ynh_replace_string --match_string="__FOCUS_SECRET__" --replace_string="$focus_secret" --target_file="../conf/jitsi-jicofo.service" +ynh_replace_string --match_string="__FOCUS_PASSWORD__" --replace_string="$focus_password" --target_file="../conf/jitsi-jicofo.service" +ynh_add_systemd_config --service=$app-jitsi-jicofo --template=jitsi-jicofo + +#================================================= +# GENERIC FINALIZATION +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + +# Set permissions on app files +chown -R root: $final_path + +#================================================= +# SETUP SSOWAT +#================================================= +ynh_script_progression --message="Upgrading SSOwat configuration..." --time --weight=1 + +# Make app public +ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --time --weight=1 + +ynh_systemd_action --service_name=$app-jitsi-videobridge --action="start" --log_path="/var/log/$app/$app-jitsi-videobridge.log" +ynh_systemd_action --service_name=$app-jitsi-jicofo --action="start" --log_path="/var/log/$app/$app-jitsi-jicofo.log" + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading nginx web server..." --time --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Upgrade of $app completed" --time --last