YunoHost-Apps/jitsi_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/jitsi_ynh.git synced 2024-09-03 19:35:57 +02:00
Code Issues Activity Actions

Merge branch 'coturn' into testing

Browse source
This commit is contained in:
yalh76 2020-04-07 20:24:09 +02:00 committed by GitHub
commit c96210c30e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
19 changed files with 861 additions and 46 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
README.md
View file

@ -24,9 +24,10 @@ Jitsi Meet is a libre software (Apache) WebRTC JavaScript app that uses Jitsi Vi
2. **Jitsi** requires you create additionals domains in your DNS and in your YunoHost
* auth.jitsi.domain.tld
* conference.jitsi.domain.tld
* jitsi-videobridge.jitsi.domain.tld
* coturn.jitsi.domain.tld
* focus.jitsi.domain.tld
3. **Jitsi** requires the ports TCP/4443 and UDP/10000 to be forwarded to your YunoHost (The same way you forwarded 80 (HTTP), 443 (HTTPS), etc... https://yunohost.org/#/isp_box_config)
* jitsi-videobridge.jitsi.domain.tld
3. **Jitsi** requires the ports TCP/5349 UDP/5349 TCP/5350 UDP/5350 TCP/4443 and UDP/10000 to be forwarded to your YunoHost (The same way you forwarded 80 (HTTP), 443 (HTTPS), etc... https://yunohost.org/#/isp_box_config)
## Screenshots

528
conf/config.js
View file

@ -1,12 +1,530 @@
/* eslint-disable no-unused-vars, no-var */
var config = {
// Connection
//
hosts: {
// XMPP domain.
domain: '__DOMAIN__',
// When using authentication, domain for guest users.
// anonymousdomain: 'guest.example.com',
// Domain for authenticated users. Defaults to <domain>.
// authdomain: 'jitsi-meet.example.com',
// Jirecon recording component domain.
// jirecon: 'jirecon.jitsi-meet.example.com',
// Call control component (Jigasi).
// call_control: 'callcontrol.jitsi-meet.example.com',
// Focus component domain. Defaults to focus.<domain>.
focus: 'focus.__DOMAIN__',
// XMPP MUC domain. FIXME: use XEP-0030 to discover it.
muc: 'conference.__DOMAIN__',
bridge: 'jitsi-videobridge.__DOMAIN__',
focus: 'focus.__DOMAIN__'
bridge: 'jitsi-videobridge.__DOMAIN__'
},
// BOSH URL. FIXME: use XEP-0156 to discover it.
bosh: '//__DOMAIN__/http-bind',
// Websocket URL
websocket: 'wss://__DOMAIN__/xmpp-websocket',
// The name of client node advertised in XEP-0115 'c' stanza
clientNode: 'http://jitsi.org/jitsimeet',
// The real JID of focus participant - can be overridden here
// focusUserJid: 'focus@auth.jitsi-meet.example.com',
// Testing / experimental features.
//
testing: {
// Enables experimental simulcast support on Firefox.
enableFirefoxSimulcast: false,
// P2P test mode disables automatic switching to P2P when there are 2
// participants in the conference.
p2pTestMode: false
// Enables the test specific features consumed by jitsi-meet-torture
// testMode: false
// Disables the auto-play behavior of *all* newly created video element.
// This is useful when the client runs on a host with limited resources.
// noAutoPlayVideo: false
},
// Disables ICE/UDP by filtering out local and remote UDP candidates in
// signalling.
// webrtcIceUdpDisable: false,
// Disables ICE/TCP by filtering out local and remote TCP candidates in
// signalling.
// webrtcIceTcpDisable: false,
// Media
//
// Audio
// Disable measuring of audio levels.
// disableAudioLevels: false,
// audioLevelsInterval: 200,
// Enabling this will run the lib-jitsi-meet no audio detection module which
// will notify the user if the current selected microphone has no audio
// input and will suggest another valid device if one is present.
enableNoAudioDetection: true,
// Enabling this will run the lib-jitsi-meet noise detection module which will
// notify the user if there is noise, other than voice, coming from the current
// selected microphone. The purpose it to let the user know that the input could
// be potentially unpleasant for other meeting participants.
enableNoisyMicDetection: true,
// Start the conference in audio only mode (no video is being received nor
// sent).
// startAudioOnly: false,
// Every participant after the Nth will start audio muted.
// startAudioMuted: 10,
// Start calls with audio muted. Unlike the option above, this one is only
// applied locally. FIXME: having these 2 options is confusing.
// startWithAudioMuted: false,
// Enabling it (with #params) will disable local audio output of remote
// participants and to enable it back a reload is needed.
// startSilent: false
// Video
// Sets the preferred resolution (height) for local video. Defaults to 720.
// resolution: 720,
// w3c spec-compliant video constraints to use for video capture. Currently
// used by browsers that return true from lib-jitsi-meet's
// util#browser#usesNewGumFlow. The constraints are independency from
// this config's resolution value. Defaults to requesting an ideal aspect
// ratio of 16:9 with an ideal resolution of 720.
// constraints: {
// video: {
// aspectRatio: 16 / 9,
// height: {
// ideal: 720,
// max: 720,
// min: 240
// }
// }
// },
// Enable / disable simulcast support.
// disableSimulcast: false,
// Enable / disable layer suspension. If enabled, endpoints whose HD
// layers are not in use will be suspended (no longer sent) until they
// are requested again.
// enableLayerSuspension: false,
// Every participant after the Nth will start video muted.
// startVideoMuted: 10,
// Start calls with video muted. Unlike the option above, this one is only
// applied locally. FIXME: having these 2 options is confusing.
// startWithVideoMuted: false,
// If set to true, prefer to use the H.264 video codec (if supported).
// Note that it's not recommended to do this because simulcast is not
// supported when using H.264. For 1-to-1 calls this setting is enabled by
// default and can be toggled in the p2p section.
// preferH264: true,
// If set to true, disable H.264 video codec by stripping it out of the
// SDP.
// disableH264: false,
// Desktop sharing
// The ID of the jidesha extension for Chrome.
desktopSharingChromeExtId: null,
// Whether desktop sharing should be disabled on Chrome.
// desktopSharingChromeDisabled: false,
// The media sources to use when using screen sharing with the Chrome
// extension.
desktopSharingChromeSources: [ 'screen', 'window', 'tab' ],
// Required version of Chrome extension
desktopSharingChromeMinExtVersion: '0.1',
// Whether desktop sharing should be disabled on Firefox.
// desktopSharingFirefoxDisabled: false,
// Optional desktop sharing frame rate options. Default value: min:5, max:5.
// desktopSharingFrameRate: {
// min: 5,
// max: 5
// },
// Try to start calls with screen-sharing instead of camera video.
// startScreenSharing: false,
// Recording
// Whether to enable file recording or not.
// fileRecordingsEnabled: false,
// Enable the dropbox integration.
// dropbox: {
// appKey: '<APP_KEY>' // Specify your app key here.
// // A URL to redirect the user to, after authenticating
// // by default uses:
// // 'https://jitsi-meet.example.com/static/oauth.html'
// redirectURI:
// 'https://jitsi-meet.example.com/subfolder/static/oauth.html'
// },
// When integrations like dropbox are enabled only that will be shown,
// by enabling fileRecordingsServiceEnabled, we show both the integrations
// and the generic recording service (its configuration and storage type
// depends on jibri configuration)
// fileRecordingsServiceEnabled: false,
// Whether to show the possibility to share file recording with other people
// (e.g. meeting participants), based on the actual implementation
// on the backend.
// fileRecordingsServiceSharingEnabled: false,
// Whether to enable live streaming or not.
// liveStreamingEnabled: false,
// Transcription (in interface_config,
// subtitles and buttons can be configured)
// transcribingEnabled: false,
// Enables automatic turning on captions when recording is started
// autoCaptionOnRecord: false,
// Misc
// Default value for the channel "last N" attribute. -1 for unlimited.
channelLastN: -1,
// Disables or enables RTX (RFC 4588) (defaults to false).
// disableRtx: false,
// Disables or enables TCC (the default is in Jicofo and set to true)
// (draft-holmer-rmcat-transport-wide-cc-extensions-01). This setting
// affects congestion control, it practically enables send-side bandwidth
// estimations.
// enableTcc: true,
// Disables or enables REMB (the default is in Jicofo and set to false)
// (draft-alvestrand-rmcat-remb-03). This setting affects congestion
// control, it practically enables recv-side bandwidth estimations. When
// both TCC and REMB are enabled, TCC takes precedence. When both are
// disabled, then bandwidth estimations are disabled.
// enableRemb: false,
// Defines the minimum number of participants to start a call (the default
// is set in Jicofo and set to 2).
// minParticipants: 2,
// Use XEP-0215 to fetch STUN and TURN servers.
useStunTurn: true,
// Enable IPv6 support.
useIPv6: true,
// Enables / disables a data communication channel with the Videobridge.
// Values can be 'datachannel', 'websocket', true (treat it as
// 'datachannel'), undefined (treat it as 'datachannel') and false (don't
// open any channel).
// openBridgeChannel: true,
// UI
//
// Use display name as XMPP nickname.
useNicks: false,
bosh: '//__DOMAIN__/http-bind', // FIXME: use xep-0156 for that
//chromeExtensionId: 'diibjkoicjeejcmhdnailmkgecihlobk', // Id of desktop streamer Chrome extension
//minChromeExtVersion: '0.1' // Required version of Chrome extension
// Require users to always specify a display name.
// requireDisplayName: true,
// Whether to use a welcome page or not. In case it's false a random room
// will be joined when no room is specified.
enableWelcomePage: true,
// Enabling the close page will ignore the welcome page redirection when
// a call is hangup.
// enableClosePage: false,
// Enabling pre join page will add an additional step before starting the meeting,
// where the user can configure its devices and choose the way he
// joins audio (by phone/or web).
// prejoinPageEnabled: false,
// Disable hiding of remote thumbnails when in a 1-on-1 conference call.
// disable1On1Mode: false,
// Default language for the user interface.
// defaultLanguage: 'en',
// If true all users without a token will be considered guests and all users
// with token will be considered non-guests. Only guests will be allowed to
// edit their profile.
enableUserRolesBasedOnToken: false,
// Whether or not some features are checked based on token.
// enableFeaturesBasedOnToken: false,
// Enable lock room for all moderators, even when userRolesBasedOnToken is enabled and participants are guests.
// lockRoomGuestEnabled: false,
// When enabled the password used for locking a room is restricted to up to the number of digits specified
// roomPasswordNumberOfDigits: 10,
// default: roomPasswordNumberOfDigits: false,
// Message to show the users. Example: 'The service will be down for
// maintenance at 01:00 AM GMT,
// noticeMessage: '',
// Enables calendar integration, depends on googleApiApplicationClientID
// and microsoftApiApplicationClientID
// enableCalendarIntegration: false,
// Stats
//
// Whether to enable stats collection or not in the TraceablePeerConnection.
// This can be useful for debugging purposes (post-processing/analysis of
// the webrtc stats) as it is done in the jitsi-meet-torture bandwidth
// estimation tests.
// gatherStats: false,
// The interval at which PeerConnection.getStats() is called. Defaults to 10000
// pcStatsInterval: 10000,
// To enable sending statistics to callstats.io you must provide the
// Application ID and Secret.
// callStatsID: '',
// callStatsSecret: '',
// enables sending participants display name to callstats
// enableDisplayNameInStats: false,
// enables sending participants email if available to callstats and other analytics
// enableEmailInStats: false,
// Privacy
//
// If third party requests are disabled, no other server will be contacted.
// This means avatars will be locally generated and callstats integration
// will not function.
// disableThirdPartyRequests: false,
// Peer-To-Peer mode: used (if enabled) when there are just 2 participants.
//
p2p: {
// Enables peer to peer mode. When enabled the system will try to
// establish a direct connection when there are exactly 2 participants
// in the room. If that succeeds the conference will stop sending data
// through the JVB and use the peer to peer connection instead. When a
// 3rd participant joins the conference will be moved back to the JVB
// connection.
enabled: true,
// Use XEP-0215 to fetch STUN and TURN servers.
useStunTurn: true,
// The STUN servers that will be used in the peer to peer connections
stunServers: [
{ urls: 'stun:coturn.__DOMAIN__:__PORT_COTURN_TLS__' },
{ urls: 'stun:coturn.__DOMAIN__:__PORT_COTURN_ALT_TLS__' }
// { urls: 'stun:stun.l.google.com:19302' },
// { urls: 'stun:stun1.l.google.com:19302' },
// { urls: 'stun:stun2.l.google.com:19302' }
],
// Sets the ICE transport policy for the p2p connection. At the time
// of this writing the list of possible values are 'all' and 'relay',
// but that is subject to change in the future. The enum is defined in
// the WebRTC standard:
// https://www.w3.org/TR/webrtc/#rtcicetransportpolicy-enum.
// If not set, the effective value is 'all'.
// iceTransportPolicy: 'all',
// If set to true, it will prefer to use H.264 for P2P calls (if H.264
// is supported).
preferH264: true
// If set to true, disable H.264 video codec by stripping it out of the
// SDP.
// disableH264: false,
// How long we're going to wait, before going back to P2P after the 3rd
// participant has left the conference (to filter out page reload).
// backToP2PDelay: 5
},
analytics: {
// The Google Analytics Tracking ID:
// googleAnalyticsTrackingId: 'your-tracking-id-UA-123456-1'
// The Amplitude APP Key:
// amplitudeAPPKey: '<APP_KEY>'
// Array of script URLs to load as lib-jitsi-meet "analytics handlers".
// scriptURLs: [
// "libs/analytics-ga.min.js", // google-analytics
// "https://example.com/my-custom-analytics.js"
// ],
},
// Information about the jitsi-meet instance we are connecting to, including
// the user region as seen by the server.
deploymentInfo: {
// shard: "shard1",
// region: "europe",
// userRegion: "asia"
},
// Information for the chrome extension banner
// chromeExtensionBanner: {
// // The chrome extension to be installed address
// url: 'https://chrome.google.com/webstore/detail/jitsi-meetings/kglhbbefdnlheedjiejgomgmfplipfeb',
// // Extensions info which allows checking if they are installed or not
// chromeExtensionsInfo: [
// {
// id: 'kglhbbefdnlheedjiejgomgmfplipfeb',
// path: 'jitsi-logo-48x48.png'
// }
// ]
// },
// Local Recording
//
// localRecording: {
// Enables local recording.
// Additionally, 'localrecording' (all lowercase) needs to be added to
// TOOLBAR_BUTTONS in interface_config.js for the Local Recording
// button to show up on the toolbar.
//
// enabled: true,
//
// The recording format, can be one of 'ogg', 'flac' or 'wav'.
// format: 'flac'
//
// },
// Options related to end-to-end (participant to participant) ping.
// e2eping: {
// // The interval in milliseconds at which pings will be sent.
// // Defaults to 10000, set to <= 0 to disable.
// pingInterval: 10000,
//
// // The interval in milliseconds at which analytics events
// // with the measured RTT will be sent. Defaults to 60000, set
// // to <= 0 to disable.
// analyticsInterval: 60000,
// },
// If set, will attempt to use the provided video input device label when
// triggering a screenshare, instead of proceeding through the normal flow
// for obtaining a desktop stream.
// NOTE: This option is experimental and is currently intended for internal
// use only.
// _desktopSharingSourceDevice: 'sample-id-or-label',
// If true, any checks to handoff to another application will be prevented
// and instead the app will continue to display in the current browser.
// disableDeepLinking: false,
// A property to disable the right click context menu for localVideo
// the menu has option to flip the locally seen video for local presentations
// disableLocalVideoFlip: false,
// Deployment specific URLs.
// deploymentUrls: {
// // If specified a 'Help' button will be displayed in the overflow menu with a link to the specified URL for
// // user documentation.
// userDocumentationURL: 'https://docs.example.com/video-meetings.html',
// // If specified a 'Download our apps' button will be displayed in the overflow menu with a link
// // to the specified URL for an app download page.
// downloadAppsUrl: 'https://docs.example.com/our-apps.html'
// },
// List of undocumented settings used in jitsi-meet
/**
_immediateReloadThreshold
autoRecord
autoRecordToken
debug
debugAudioLevels
deploymentInfo
dialInConfCodeUrl
dialInNumbersUrl
dialOutAuthUrl
dialOutCodesUrl
disableRemoteControl
displayJids
etherpad_base
externalConnectUrl
firefox_fake_device
googleApiApplicationClientID
iAmRecorder
iAmSipGateway
microsoftApiApplicationClientID
peopleSearchQueryTypes
peopleSearchUrl
requireDisplayName
tokenAuthUrl
*/
// List of undocumented settings used in lib-jitsi-meet
/**
_peerConnStatusOutOfLastNTimeout
_peerConnStatusRtcMuteTimeout
abTesting
avgRtpStatsN
callStatsConfIDNamespace
callStatsCustomScriptUrl
desktopSharingSources
disableAEC
disableAGC
disableAP
disableHPF
disableNS
enableLipSync
enableTalkWhileMuted
forceJVB121Ratio
hiddenDomain
ignoreStartMuted
nick
startBitrate
*/
// Allow all above example options to include a trailing comma and
// prevent fear when commenting out the last value.
makeJsonParserHappy: 'even if last key had a trailing comma'
// no configuration value should follow this line.
};
/* eslint-enable no-unused-vars, no-var */

13
conf/coturn.conf Normal file
View file

@ -0,0 +1,13 @@
# jitsi-meet coturn config. Do not modify this line
lt-cred-mech
use-auth-secret
static-auth-secret=__COTURN_PWD__
realm=__DOMAIN__
cert=/etc/yunohost/certs/__DOMAIN__/crt.pem
pkey=/etc/yunohost/certs/__DOMAIN__/key.pem
no-tcp
tls-listening-port=__PORT_COTURN_TLS__
alt-tls-listening-port=__PORT_COTURN_ALT_TLS__
external-ip=__PUBLIC_IPV4____PRIVATE_IPV4__
external-ip=__PUBLIC_IPV6__

5
conf/default_coturn Normal file
View file

@ -0,0 +1,5 @@
#
# Uncomment it if you want to have the turnserver running as
# an automatic system service daemon
#
TURNSERVER_ENABLED=1

17
conf/jitsi-coturn.service Normal file
View file

@ -0,0 +1,17 @@
[Unit]
Description=coturn
Documentation=man:coturn(1) man:turnadmin(1) man:turnserver(1)
After=syslog.target network.target
[Service]
User=turnserver
Group=turnserver
Type=forking
RuntimeDirectory=__APP__-coturn
ExecStart=/usr/bin/turnserver -o -c __FINALPATH__/coturn.conf
ExecStartPost=/bin/sleep 2
Restart=on-failure
PrivateTmp=yes
[Install]
WantedBy=multi-user.target

2
conf/jitsi-jicofo.service
View file

@ -7,7 +7,7 @@ Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=__FINALPATH__/jitsi-jicofo/
ExecStart=__FINALPATH__/jitsi-jicofo/jicofo.sh --host=localhost --domain=__DOMAIN__ --secret=__FOCUS_SECRET__ --user_domain=auth.__DOMAIN__ --user_name=__FOCUS_USER__ --user_password=__FOCUS_PASSWORD__ & >> /var/log/__APP__/__APP__-jitsi-jicofo.log 2>&1
ExecStart=__FINALPATH__/jitsi-jicofo/jicofo.sh --host=localhost --domain=__DOMAIN__ --secret=__FOCUS_SECRET__ --user_domain=auth.__DOMAIN__ --user_name=__FOCUS_USER__ --user_password=__FOCUS_PASSWORD__
[Install]
WantedBy=multi-user.target

4
conf/jitsi-jicofo.src
View file

@ -1,5 +1,5 @@
SOURCE_URL=https://github.com/jitsi/jicofo/archive/517.tar.gz
SOURCE_SUM=5239a8a4c8519a9362cabf151a1bb34138ba5083d652bc2c44a397484d6ffe08
SOURCE_URL=https://github.com/jitsi/jicofo/archive/539.tar.gz
SOURCE_SUM=117b15b871118186512a15c1ca3f42615db680d7155a1876f2ef3a7028cb4616
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true

2
conf/jitsi-videobridge.service
View file

@ -7,7 +7,7 @@ Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=__FINALPATH__/jitsi-videobridge/
ExecStart=__FINALPATH__/jitsi-videobridge/jvb.sh --host=127.0.0.1 --domain=__DOMAIN__ --port=__PORT_COMPONENT__ --secret=__VIDEOBRIDGE_SECRET__ </dev/null >> /var/log/jvb.log 2>&1
ExecStart=__FINALPATH__/jitsi-videobridge/jvb.sh --host=127.0.0.1 --domain=__DOMAIN__ --port=__PORT_COMPONENT__ --secret=__VIDEOBRIDGE_SECRET__
[Install]
WantedBy=multi-user.target

4
conf/jitsi-videobridge.src
View file

@ -1,5 +1,5 @@
SOURCE_URL=https://download.jitsi.org/jitsi-videobridge/linux/jitsi-videobridge-linux-x64-1130.zip
SOURCE_SUM=792db05e61e36d8811e7b132581b95b1022a8bf5689189e6206bc05888b54ec4
SOURCE_URL=https://download.jitsi.org/jitsi-videobridge/linux/jitsi-videobridge-linux-x64-1132.zip
SOURCE_SUM=2157d3872747ddae2360f47588327dbd4ed48e93a5b7f21cfccdd67341516077
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=zip
SOURCE_IN_SUBDIR=true

14
conf/metronome.cfg.lua
View file

@ -83,6 +83,7 @@ modules_enabled = {
"adhoc";
"websocket";
"http_altconnect";
"turncredentials";
}
-- These modules are auto-loaded, but should you want
@ -178,7 +179,10 @@ VirtualHost "__DOMAIN__"
key = "/etc/yunohost/certs/__DOMAIN__/key.pem";
certificate = "/etc/yunohost/certs/__DOMAIN__/crt.pem";
}
modules_enabled = {
"bosh";
"pubsub";
}
c2s_require_encryption = false
VirtualHost "auth.__DOMAIN__"
@ -223,3 +227,11 @@ Component "jitsi-videobridge.__DOMAIN__"
component_secret = "__VIDEOBRIDGE_SECRET__"
Component "focus.__DOMAIN__"
component_secret = "__FOCUS_SECRET__"
------ COTURN configuration ------
turncredentials_secret = "__CORTURN_PWD__";
turncredentials = {
{ type = "turns", host = "coturn.__DOMAIN__", port = "__PORT_COTURN_TLS__", transport = "tcp" },
{ type = "turns", host = "coturn.__DOMAIN__", port = "__PORT_COTURN_ALT_TLS__", transport = "tcp" }
};

76
conf/mod_turncredentials.lua Normal file
View file

@ -0,0 +1,76 @@
-- XEP-0215 implementation for time-limited turn credentials
-- Copyright (C) 2012-2014 Philipp Hancke
-- This file is MIT/X11 licensed.
--turncredentials_secret = "keepthissecret";
--turncredentials = {
-- { type = "stun", host = "8.8.8.8" },
-- { type = "turn", host = "8.8.8.8", port = 3478 },
-- { type = "turn", host = "8.8.8.8", port = 80, transport = "tcp" }
--}
-- for stun servers, host is required, port defaults to 3478
-- for turn servers, host is required, port defaults to tcp,
-- transport defaults to udp
-- hosts can be a list of server names / ips for random
-- choice loadbalancing
local st = require "util.stanza";
local hmac_sha1 = require "util.hashes".hmac_sha1;
local base64 = require "util.encodings".base64;
local os_time = os.time;
local secret = module:get_option_string("turncredentials_secret");
local ttl = module:get_option_number("turncredentials_ttl", 86400);
local hosts = module:get_option("turncredentials") or {};
if not (secret) then
module:log("error", "turncredentials not configured");
return;
end
function random(arr)
local index = math.random(1, #arr);
return arr[index];
end
module:hook_global("config-reloaded", function()
module:log("debug", "config-reloaded")
secret = module:get_option_string("turncredentials_secret");
ttl = module:get_option_number("turncredentials_ttl", 86400);
hosts = module:get_option("turncredentials") or {};
end);
module:hook("iq-get/host/urn:xmpp:extdisco:1:services", function(event)
local origin, stanza = event.origin, event.stanza;
if origin.type ~= "c2s" then
return;
end
local now = os_time() + ttl;
local userpart = tostring(now);
local nonce = base64.encode(hmac_sha1(secret, tostring(userpart), false));
local reply = st.reply(stanza):tag("services", {xmlns = "urn:xmpp:extdisco:1"})
for idx, item in pairs(hosts) do
if item.type == "stun" or item.type == "stuns" then
-- stun items need host and port (defaults to 3478)
reply:tag("service", item):up();
elseif item.type == "turn" or item.type == "turns" then
local turn = {}
-- turn items need host, port (defaults to 3478),
-- transport (defaults to udp)
-- username, password, ttl
turn.type = item.type;
turn.port = item.port;
turn.transport = item.transport;
turn.username = userpart;
turn.password = nonce;
turn.ttl = ttl;
if item.hosts then
turn.host = random(item.hosts)
else
turn.host = item.host
end
reply:tag("service", turn):up();
end
end
origin.send(reply);
return true;
end);

7
conf/nginx.conf
View file

@ -38,3 +38,10 @@ location __PATH__/xmpp-websocket {
proxy_set_header Host $host;
tcp_nodelay on;
}
# external_api.js must be accessible from the root of the
# installation for the electron version of Jitsi Meet to work
# https://github.com/jitsi/jitsi-meet-electron
location /external_api.js {
alias __FINALPATH__/jitsi-meet/libs/external_api.min.js;
}

5
conf/sip-communicator.properties
View file

@ -1,2 +1,7 @@
org.jitsi.impl.neomedia.transform.srtp.SRTPCryptoContext.checkReplay=false
# The videobridge uses 443 by default with 4443 as a fallback, but since we're already
# running nginx on 443 in this example doc, we specify 4443 manually to avoid a race condition
org.jitsi.videobridge.TCP_HARVESTER_PORT=__PORT__
org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=__PRIVATE_IPV4__
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=__PUBLIC_IPV4__

2
scripts/_common.sh
View file

@ -5,7 +5,7 @@
#=================================================
# dependencies used by the app
pkg_dependencies="openjdk-8-jdk|openjdk-11-jdk openjdk-8-jre|openjdk-11-jre maven"
pkg_dependencies="openjdk-8-jdk|openjdk-11-jdk openjdk-8-jre|openjdk-11-jre maven coturn"
#=================================================
# PERSONAL HELPERS

21
scripts/backup
View file

@ -38,8 +38,9 @@ domain=$(ynh_app_setting_get --app=$app --key=domain)
#=================================================
ynh_print_info --message="Stopping a systemd service..."
ynh_systemd_action --service_name=$app-videobridge --action="stop" --log_path="/var/log/$app/$app-videobridge.log"
ynh_systemd_action --service_name=$app-jicofo --action="stop" --log_path="/var/log/$app/$app-jicofo.log"
ynh_systemd_action --service_name=$app-videobridge --action="stop" --log_path="systemd" --line_match="Stopped $app-videobridge"
ynh_systemd_action --service_name=$app-jicofo --action="stop" --log_path="systemd" --line_match="Stopped $app-jicofo"
ynh_systemd_action --service_name=$app-coturn --action="stop" --log_path="systemd" --line_match="Stopped coturn"
#=================================================
# BACKUP THE APP MAIN DIR
@ -57,6 +58,13 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# SPECIFIC BACKUP
#=================================================
# BACKUP COTURN
#=================================================
ynh_print_info --message="Backing up coturn..."
ynh_backup --src_path="/etc/default/$app-coturn"
#=================================================
# BACKUP METRONOME
#=================================================
@ -68,6 +76,8 @@ ynh_backup --src_path="/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua"
ynh_backup --src_path="/usr/share/yunohost/templates/jitsi/conference.$domain.cfg.lua"
ynh_backup --src_path="/usr/share/yunohost/templates/jitsi/jitsi-videobridge.$domain.cfg.lua"
ynh_backup --src_path="/usr/share/yunohost/templates/jitsi/focus.$domain.cfg.lua"
ynh_backup --src_path="/usr/share/yunohost/templates/jitsi/coturn.$domain.cfg.lua"
# Backup Metronome Hook
ynh_backup --src_path="/usr/share/yunohost/hooks/conf_regen/50-metronome_$app"
@ -76,6 +86,7 @@ ynh_backup --src_path="/usr/share/yunohost/hooks/conf_regen/50-metronome_$app"
ynh_backup --src_path="/usr/lib/metronome/modules/mod_carbons.lua"
ynh_backup --src_path="/usr/lib/metronome/modules/mod_http_altconnect.lua"
ynh_backup --src_path="/usr/lib/metronome/modules/mod_smacks.lua"
ynh_backup --src_path="/usr/lib/metronome/modules/mod_turncredentials.lua"
#=================================================
# SPECIFIC BACKUP
@ -93,14 +104,16 @@ ynh_print_info --message="Backing up systemd configuration..."
ynh_backup --src_path="/etc/systemd/system/$app-videobridge.service"
ynh_backup --src_path="/etc/systemd/system/$app-jicofo.service"
ynh_backup --src_path="/etc/systemd/system/$app-coturn.service"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_print_info --message="Starting a systemd service..."
ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log"
ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log"
ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="systemd" --line_match="Started $app-videobridge"
ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="systemd" --line_match="Started $app-jicofo"
ynh_systemd_action --service_name=$app-coturn --action="start" --log_path="systemd" --line_match="Started coturn"
#=================================================
# END OF SCRIPT

89
scripts/install
View file

@ -39,6 +39,8 @@ focus_secret=$(ynh_string_random --length=8)
focus_user="svc${app}focus"
coturn_pwd=$(ynh_string_random --length=30)
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
@ -61,6 +63,7 @@ ynh_app_setting_set --app=$app --key=focus_password --value=$focus_password
ynh_app_setting_set --app=$app --key=videobridge_secret --value=$videobridge_secret
ynh_app_setting_set --app=$app --key=focus_secret --value=$focus_secret
ynh_app_setting_set --app=$app --key=focus_user --value=$focus_user
ynh_app_setting_set --app=$app --key=coturn_pwd --value=$coturn_pwd
#=================================================
# STANDARD MODIFICATIONS
@ -83,10 +86,20 @@ ynh_app_setting_set --app=$app --key=port_videobridge --value=$port_videobridge
# Find an available port
port_component=$(ynh_find_port --port=5347)
# Open this port
ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port_component
ynh_app_setting_set --app=$app --key=port_component --value=$port_component
# Find an available port
port_coturn_tls=$(ynh_find_port --port=5349)
# Open this port
ynh_exec_warn_less yunohost firewall allow TCP $port_coturn_tls
ynh_app_setting_set --app=$app --key=port_coturn_tls --value=$port_coturn_tls
# Find an available port
port_coturn_alt_tls=$(ynh_find_port --port=$((port_coturn_tls+1)))
# Open this port
ynh_exec_warn_less yunohost firewall allow TCP $port_coturn_alt_tls
ynh_app_setting_set --app=$app --key=port_coturn_alt_tls --value=$port_coturn_alt_tls
#=================================================
# INSTALL DEPENDENCIES
#=================================================
@ -125,6 +138,52 @@ ynh_system_user_create --username=$app --home_dir=$final_path
#=================================================
# SPECIFIC SETUP
#=================================================
# CONFIGURE COTURN
#=================================================
ynh_print_info --message="Configuring coturn..."
cp ../conf/default_coturn /etc/default/$app-coturn
coturn_config="$final_path/coturn.conf"
cp ../conf/coturn.conf "$coturn_config"
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$coturn_config"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$coturn_config"
ynh_replace_string --match_string="__PORT_COTURN_TLS__" --replace_string="$port_coturn_tls" --target_file="$coturn_config"
ynh_replace_string --match_string="__PORT_COTURN_ALT_TLS__" --replace_string="$port_coturn_alt_tls" --target_file="$coturn_config"
ynh_replace_string --match_string="__COTURN_PWD__" --replace_string="$coturn_pwd" --target_file="$coturn_config"
# Get public and private IP and set as external IP for coturn
# note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6
public_ipv4="$(curl ip.yunohost.org)" || true
public_ip6="$(curl ipv6.yunohost.org)" || true
private_ipv4="$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')" || true
if [ -n "$public_ipv4" ] && ynh_validate_ip4 --ip_address="$public_ipv4"
then
ynh_replace_string --match_string='__PUBLIC_IPV4__' --replace_string="$public_ipv4" --target_file="$coturn_config"
else
ynh_replace_string --match_string='__PUBLIC_IPV4__,' --replace_string="" --target_file="$coturn_config"
fi
if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6"
then
ynh_replace_string --match_string='__PUBLIC_IPV6__' --replace_string="$public_ip6" --target_file="$coturn_config"
else
ynh_replace_string --match_string=',__PUBLIC_IPV6__' --replace_string="" --target_file="$coturn_config"
fi
if [ -n "$private_ipv4" ] && ynh_validate_ip4 --ip_address="$private_ipv4"
then
ynh_replace_string --match_string='__PRIVATE_IPV4__' --replace_string="/$private_ipv4" --target_file="$coturn_config"
else
ynh_replace_string --match_string='__PRIVATE_IPV4__,' --replace_string="" --target_file="$coturn_config"
fi
ynh_store_file_checksum --file="$coturn_config"
#=================================================
# CONFIGURE METRONOME
#=================================================
@ -137,6 +196,7 @@ if [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then
yunohost domain add conference.$domain
yunohost domain add jitsi-videobridge.$domain
yunohost domain add focus.$domain
yunohost domain add coturn.$domain
fi
# Create focus user
@ -151,11 +211,15 @@ ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_fil
ynh_replace_string --match_string="__VIDEOBRIDGE_SECRET__" --replace_string="$videobridge_secret" --target_file="$metronome_conf"
ynh_replace_string --match_string="__FOCUS_SECRET__" --replace_string="$focus_secret" --target_file="$metronome_conf"
ynh_replace_string --match_string="__PORT_COMPONENT__" --replace_string="$port_component" --target_file="$metronome_conf"
ynh_replace_string --match_string="__CORTURN_PWD__" --replace_string="$coturn_pwd" --target_file="$metronome_conf"
ynh_replace_string --match_string="__PORT_COTURN_TLS__" --replace_string="$port_coturn_tls" --target_file="$metronome_conf"
ynh_replace_string --match_string="__PORT_COTURN_ALT_TLS__" --replace_string="$port_coturn_alt_tls" --target_file="$metronome_conf"
touch "/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua"
touch "/usr/share/yunohost/templates/jitsi/conference.$domain.cfg.lua"
touch "/usr/share/yunohost/templates/jitsi/jitsi-videobridge.$domain.cfg.lua"
touch "/usr/share/yunohost/templates/jitsi/focus.$domain.cfg.lua"
touch "/usr/share/yunohost/templates/jitsi/coturn.$domain.cfg.lua"
# Add Metronome hook
cp -R ../conf/metronome_regen_conf.hook /usr/share/yunohost/hooks/conf_regen/50-metronome_$app
@ -165,6 +229,7 @@ yunohost tools regen-conf metronome
cp ../conf/mod_carbons.lua /usr/lib/metronome/modules/mod_carbons.lua
cp ../conf/mod_http_altconnect.lua /usr/lib/metronome/modules/mod_http_altconnect.lua
cp ../conf/mod_smacks.lua /usr/lib/metronome/modules/mod_smacks.lua
cp ../conf/mod_turncredentials.lua /usr/lib/metronome/modules/mod_turncredentials.lua
ynh_systemd_action --service_name=metronome --action=restart
@ -176,6 +241,8 @@ ynh_print_info --message="Building Jitsi-Videobridge..."
mkdir -p "$final_path/.sip-communicator"
cp ../conf/sip-communicator.properties "$final_path/.sip-communicator/sip-communicator.properties"
ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$final_path/.sip-communicator/sip-communicator.properties"
ynh_replace_string --match_string="__PUBLIC_IPV4__" --replace_string="$public_ipv4" --target_file="$final_path/.sip-communicator/sip-communicator.properties"
ynh_replace_string --match_string="__PRIVATE_IPV4__" --replace_string="$private_ipv4" --target_file="$final_path/.sip-communicator/sip-communicator.properties"
chown -R $app: $final_path
#=================================================
@ -187,9 +254,9 @@ pushd "$final_path/jitsi-jicofo-build"
mvn package -DskipTests -Dassembly.skipAssembly=false
popd
unzip $final_path/jitsi-jicofo-build/target/jicofo-linux-x64-1.1-SNAPSHOT.zip -d $final_path
unzip $final_path/jitsi-jicofo-build/target/jicofo-1.1-SNAPSHOT-archive.zip -d $final_path
mv $final_path/jicofo-linux-x64-1.1-SNAPSHOT/ $final_path/jitsi-jicofo/
mv $final_path/jicofo-1.1-SNAPSHOT/ $final_path/jitsi-jicofo/
ynh_secure_remove --file="$final_path/jitsi-jicofo-build"
@ -209,6 +276,8 @@ ynh_secure_remove --file="$final_path/jitsi-meet_temp"
config="$final_path/jitsi-meet/config.js"
cp ../conf/config.js "$config"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$config"
ynh_replace_string --match_string="__PORT_COTURN_TLS__" --replace_string="$port_coturn_tls" --target_file="$config"
ynh_replace_string --match_string="__PORT_COTURN_ALT_TLS__" --replace_string="$port_coturn_alt_tls" --target_file="$config"
#=================================================
# SETUP SYSTEMD
@ -227,6 +296,8 @@ ynh_replace_string --match_string="__FOCUS_USER__" --replace_string="$focus_user
ynh_replace_string --match_string="__FOCUS_PASSWORD__" --replace_string="$focus_password" --target_file="../conf/jitsi-jicofo.service"
ynh_add_systemd_config --service=$app-jicofo --template="jitsi-jicofo.service"
ynh_add_systemd_config --service=$app-coturn --template="jitsi-coturn.service"
#=================================================
# STORE THE CONFIG FILE CHECKSUM
#=================================================
@ -258,8 +329,9 @@ ynh_use_logrotate
#=================================================
ynh_print_info --message="Integrating service in YunoHost..."
yunohost service add $app-videobridge --description "$app jitsi-videobridge for jitsi" --log "/var/log/$app/$app-videobridge.log"
yunohost service add $app-jicofo --description "$app jitsi-jicofo for jitsi" --log "/var/log/$app/$app-jicofo.log"
yunohost service add $app-videobridge --description "$app jitsi-videobridge for jitsi" --log_type "systemd"
yunohost service add $app-jicofo --description "$app jitsi-jicofo for jitsi" --log_type "systemd"
yunohost service add $app-coturn --description "$app jitsi-coturn for jitsi" --log_type "systemd"
#=================================================
# START SYSTEMD SERVICE
@ -267,8 +339,9 @@ yunohost service add $app-jicofo --description "$app jitsi-jicofo for jitsi" --l
ynh_print_info --message="Starting a systemd service..."
# Start a systemd service
ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log"
ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log"
ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="systemd" --line_match="Started $app-videobridge"
ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="systemd" --line_match="Started $app-jicofo"
ynh_systemd_action --service_name=$app-coturn --action="start" --log_path="systemd" --line_match="Started coturn"
#=================================================
# SETUP SSOWAT

23
scripts/remove
View file

@ -43,6 +43,12 @@ then
yunohost service remove $app-jicofo
fi
if ynh_exec_warn_less yunohost service status $app-coturn >/dev/null
then
ynh_print_info --message="Removing $app-coturn service..."
yunohost service remove $app-coturn
fi
#=================================================
# STOP AND REMOVE SERVICE
#=================================================
@ -51,6 +57,7 @@ ynh_print_info --message="Stopping and removing the systemd service..."
# Remove the dedicated systemd config
ynh_remove_systemd_config --service=$app-videobridge
ynh_remove_systemd_config --service=$app-jicofo
ynh_remove_systemd_config --service=$app-coturn
#=================================================
# REMOVE DEPENDENCIES
@ -111,6 +118,13 @@ fi
#=================================================
# SPECIFIC REMOVE
#=================================================
# REMOVE COTURN CONFIGURATION
#=================================================
ynh_print_info --message="Removing courn configuration..."
ynh_secure_remove --file="/etc/default/$app-coturn"
#=================================================
# RECONFIGURE METRONOME
#=================================================
@ -120,6 +134,7 @@ ynh_print_info --message="Reconfiguring Metronome..."
ynh_secure_remove --file="/usr/lib/metronome/modules/mod_carbons.lua"
ynh_secure_remove --file="/usr/lib/metronome/modules/mod_http_altconnect.lua"
ynh_secure_remove --file="/usr/lib/metronome/modules/mod_smacks.lua"
ynh_secure_remove --file="/usr/lib/metronome/modules/mod_turncredentials.lua"
ynh_systemd_action --service_name=metronome --action=restart
@ -148,15 +163,9 @@ if [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then
yunohost domain remove conference.$domain
yunohost domain remove jitsi-videobridge.$domain
yunohost domain remove focus.$domain
yunohost domain remove coturn.$domain
fi
#=================================================
# REMOVE THE LOG FILES
#=================================================
# Remove the log files
ynh_secure_remove --file="/var/log/$app"
#=================================================
# GENERIC FINALIZATION
#=================================================

27
scripts/restore
View file

@ -38,6 +38,8 @@ focus_password=$(ynh_app_setting_get --app=$app --key=focus_password)
port=$(ynh_app_setting_get --app=$app --key=port)
port_videobridge=$(ynh_app_setting_get --app=$app --key=port_videobridge)
port_component=$(ynh_app_setting_get --app=$app --key=port_component)
port_coturn_tls=$(ynh_app_setting_get --app=$app --key=port_coturn_tls)
port_coturn_alt_tls=$(ynh_app_setting_get --app=$app --key=port_coturn_alt_tls)
#=================================================
# CHECK IF THE APP CAN BE RESTORED
@ -101,7 +103,15 @@ ynh_print_info --message="Configuring firewall..."
# Open this port
ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port
ynh_exec_warn_less yunohost firewall allow --no-upnp UDP $port_videobridge
ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port_component
ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port_coturn_tls
ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port_coturn_alt_tls
#=================================================
# CONFIGURE COTURN
#=================================================
ynh_print_info --message="Configuring coturn..."
ynh_restore_file --origin_path="/etc/default/$app-coturn"
#=================================================
# CONFIGURE METRONOME
@ -126,6 +136,7 @@ ynh_restore_file --origin_path="/usr/share/yunohost/templates/jitsi/auth.$domain
ynh_restore_file --origin_path="/usr/share/yunohost/templates/jitsi/conference.$domain.cfg.lua"
ynh_restore_file --origin_path="/usr/share/yunohost/templates/jitsi/jitsi-videobridge.$domain.cfg.lua"
ynh_restore_file --origin_path="/usr/share/yunohost/templates/jitsi/focus.$domain.cfg.lua"
ynh_restore_file --origin_path="/usr/share/yunohost/templates/jitsi/coturn.$domain.cfg.lua"
# Restore Metronome Hook
ynh_restore_file --origin_path="/usr/share/yunohost/hooks/conf_regen/50-metronome_$app"
@ -135,6 +146,7 @@ yunohost tools regen-conf metronome
ynh_restore_file --origin_path="/usr/lib/metronome/modules/mod_carbons.lua"
ynh_restore_file --origin_path="/usr/lib/metronome/modules/mod_http_altconnect.lua"
ynh_restore_file --origin_path="/usr/lib/metronome/modules/mod_smacks.lua"
ynh_restore_file --origin_path="/usr/lib/metronome/modules/mod_turncredentials.lua"
ynh_systemd_action --service_name=metronome --action=restart
@ -147,22 +159,27 @@ ynh_restore_file --origin_path="/etc/systemd/system/$app-videobridge.service"
systemctl enable $app-videobridge.service
ynh_restore_file --origin_path="/etc/systemd/system/$app-jicofo.service"
systemctl enable $app-jicofo.service
ynh_restore_file --origin_path="/etc/systemd/system/$app-coturn.service"
systemctl enable $app-coturn.service
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_print_info --message="Integrating service in YunoHost..."
yunohost service add $app-videobridge --log "/var/log/$app/$app-videobridge.log"
yunohost service add $app-jicofo --log "/var/log/$app/$app-jicofo.log"
yunohost service add $app-videobridge --log_type "systemd"
yunohost service add $app-jicofo --log_type "systemd"
yunohost service add $app-coturn --log_type "systemd"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_print_info --message="Starting a systemd service..."
ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log"
ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log"
ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="systemd" --line_match="Started $app-videobridge"
ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="systemd" --line_match="Started $app-jicofo"
ynh_systemd_action --service_name=$app-coturn --action="start" --log_path="systemd" --line_match="Started coturn"
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION

61
scripts/upgrade
View file

@ -24,6 +24,9 @@ videobridge_secret=$(ynh_app_setting_get --app=$app --key=videobridge_secret)
focus_secret=$(ynh_app_setting_get --app=$app --key=focus_secret)
port=$(ynh_app_setting_get --app=$app --key=port)
port_component=$(ynh_app_setting_get --app=$app --key=port_component)
port_coturn_tls=$(ynh_app_setting_get --app=$app --key=port_coturn_tls)
port_coturn_alt_tls=$(ynh_app_setting_get --app=$app --key=port_coturn_alt_tls)
coturn_pwd=$(ynh_app_setting_get --app=$app --key=coturn_pwd)
focus_user=$(ynh_app_setting_get --app=$app --key=focus_user)
focus_password=$(ynh_app_setting_get --app=$app --key=focus_password)
@ -56,11 +59,15 @@ if ynh_version_gt "1.0.3387~ynh2" "${current_version}" ; then
ynh_replace_string --match_string="__VIDEOBRIDGE_SECRET__" --replace_string="$videobridge_secret" --target_file="$metronome_conf"
ynh_replace_string --match_string="__FOCUS_SECRET__" --replace_string="$focus_secret" --target_file="$metronome_conf"
ynh_replace_string --match_string="__PORT_COMPONENT__" --replace_string="$port_component" --target_file="$metronome_conf"
ynh_replace_string --match_string="__CORTURN_PWD__" --replace_string="$coturn_pwd" --target_file="$metronome_conf"
ynh_replace_string --match_string="__PORT_COTURN_TLS__" --replace_string="$port_coturn_tls" --target_file="$metronome_conf"
ynh_replace_string --match_string="__PORT_COTURN_ALT_TLS__" --replace_string="$port_coturn_alt_tls" --target_file="$metronome_conf"
touch "/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua"
touch "/usr/share/yunohost/templates/jitsi/conference.$domain.cfg.lua"
touch "/usr/share/yunohost/templates/jitsi/jitsi-videobridge.$domain.cfg.lua"
touch "/usr/share/yunohost/templates/jitsi/focus.$domain.cfg.lua"
touch "/usr/share/yunohost/templates/jitsi/coturn.$domain.cfg.lua"
# Add Metronome hook
cp -R ../conf/metronome_regen_conf.hook /usr/share/yunohost/hooks/conf_regen/50-metronome_$app
@ -89,8 +96,9 @@ ynh_abort_if_errors
#=================================================
ynh_print_info --message="Stopping a systemd service..."
ynh_systemd_action --service_name=$app-videobridge --action="stop" --log_path="/var/log/$app/$app-videobridge.log"
ynh_systemd_action --service_name=$app-jicofo --action="stop" --log_path="/var/log/$app/$app-jicofo.log"
ynh_systemd_action --service_name=$app-videobridge --action="stop" --log_path="systemd" --line_match="Stopped $app-videobridge"
ynh_systemd_action --service_name=$app-jicofo --action="stop" --log_path="systemd" --line_match="Stopped $app-jicofo"
ynh_systemd_action --service_name=$app-coturn --action="stop" --log_path="systemd" --line_match="Stopped coturn"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
@ -133,6 +141,44 @@ ynh_system_user_create --username=$app --home_dir=$final_path
#=================================================
# SPECIFIC UPGRADE
#=================================================
# CONFIGURE COTURN
#=================================================
ynh_print_info --message="Configuring coturn..."
cp -f ../conf/default_coturn /etc/default/$app-coturn
coturn_config="$final_path/coturn.conf"
cp -f ../conf/coturn.conf "$coturn_config"
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$coturn_config"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$coturn_config"
ynh_replace_string --match_string="__PORT_COTURN_TLS__" --replace_string="$port_coturn_tls" --target_file="$coturn_config"
ynh_replace_string --match_string="__PORT_COTURN_ALT_TLS__" --replace_string="$port_coturn_alt_tls" --target_file="$coturn_config"
ynh_replace_string --match_string="__COTURN_PWD__" --replace_string="$coturn_pwd" --target_file="$coturn_config"
# Get public IP and set as external IP for coturn
# note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6
public_ipv4="$(curl ip.yunohost.org)" || true
public_ip6="$(curl ipv6.yunohost.org)" || true
if [ -n "$public_ipv4" ] && ynh_validate_ip4 --ip_address="$public_ipv4"
then
ynh_replace_string --match_string='__IPV4__' --replace_string="$public_ipv4" --target_file="$coturn_config"
else
ynh_replace_string --match_string='__IPV4__,' --replace_string="" --target_file="$coturn_config"
fi
if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6"
then
ynh_replace_string --match_string='__IPV6__' --replace_string="$public_ip6" --target_file="$coturn_config"
else
ynh_replace_string --match_string=',__IPV6__' --replace_string="" --target_file="$coturn_config"
fi
ynh_store_file_checksum --file="$coturn_config"
#=================================================
# BUILD JITSI-VIDEOBRIDGE
#=================================================
@ -157,11 +203,11 @@ then
mvn package -DskipTests -Dassembly.skipAssembly=false
popd
unzip $final_path/jitsi-jicofo-build/target/jicofo-linux-x64-1.1-SNAPSHOT.zip -d $final_path
unzip $final_path/jitsi-jicofo-build/target/jicofo-1.1-SNAPSHOT-archive.zip -d $final_path
ynh_secure_remove --file="$final_path/jitsi-jicofo"
mv $final_path/jicofo-linux-x64-1.1-SNAPSHOT/ $final_path/jitsi-jicofo/
mv $final_path/jicofo-1.1-SNAPSHOT/ $final_path/jitsi-jicofo/
ynh_secure_remove --file="$final_path/jitsi-jicofo-build"
fi
@ -218,6 +264,8 @@ ynh_replace_string --match_string="__FOCUS_USER__" --replace_string="$focus_user
ynh_replace_string --match_string="__FOCUS_PASSWORD__" --replace_string="$focus_password" --target_file="../conf/jitsi-jicofo.service"
ynh_add_systemd_config --service=$app-jicofo --template="jitsi-jicofo.service"
ynh_add_systemd_config --service=$app-coturn --template="jitsi-coturn.service"
#=================================================
# GENERIC FINALIZATION
#=================================================
@ -241,8 +289,9 @@ ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
#=================================================
ynh_print_info --message="Starting a systemd service..."
ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log"
ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log"
ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="systemd" --line_match="Started $app-videobridge"
ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="systemd" --line_match="Started $app-jicofo"
ynh_systemd_action --service_name=$app-coturn --action="start" --log_path="systemd" --line_match="Started coturn"
#=================================================
# RELOAD NGINX