feat: Set LE as default choice when installing. (#12232)

* feat: Set LE as default choice when installing.

* squash: Text updates.

debian/jitsi-meet-web-config.postinst

@@ -68,13 +68,6 @@ case "$1" in
             FORCE_NGINX="false"
         fi
 
-        db_subst jitsi-meet/jaas-choice domain "${JVB_HOSTNAME}"
-        db_set jitsi-meet/jaas-choice false
-        db_input critical jitsi-meet/jaas-choice || true
-        db_go
-        db_get jitsi-meet/jaas-choice
-        JAAS_INPUT="$RET"
-
         UPLOADED_CERT_CHOICE="I want to use my own certificate"
         LE_CERT_CHOICE="Let's Encrypt certificates"
         # if first time config ask for certs, or if we are reconfiguring
@@ -143,6 +136,15 @@ case "$1" in
             sed -i "s/jitsi-meet.example.com/$JVB_HOSTNAME/g" $JITSI_MEET_CONFIG
         fi
 
+        if [ "$CERT_CHOICE" = "$LE_CERT_CHOICE" ] || [ "$CERT_CHOICE" = "$UPLOADED_CERT_CHOICE" ]; then
+            db_subst jitsi-meet/jaas-choice domain "${JVB_HOSTNAME}"
+            db_set jitsi-meet/jaas-choice false
+            db_input critical jitsi-meet/jaas-choice || true
+            db_go
+            db_get jitsi-meet/jaas-choice
+            JAAS_INPUT="$RET"
+        fi
+
         if [ "${JAAS_INPUT}" = "true" ] && ! grep -q "^var enableJaaS = true;$" $JITSI_MEET_CONFIG;  then
             if grep -q "^var enableJaaS = false;$" $JITSI_MEET_CONFIG; then
                 sed -i "s/^var enableJaaS = false;$/var enableJaaS = true;/g" $JITSI_MEET_CONFIG

debian/jitsi-meet-web-config.templates

@@ -1,16 +1,13 @@
 Template: jitsi-meet/cert-choice
 Type: select
-__Choices: Generate a new self-signed certificate, Let's Encrypt certificates, I want to use my own certificate
-_Description: SSL certificate for the Jitsi Meet instance
+__Choices: Let's Encrypt certificates, I want to use my own certificate, Generate a new self-signed certificate
+_Description: SSL certificate
  .
- Jitsi Meet is best to be set up with an SSL certificate.
+ Jitsi Meet requires an SSL certificate. This installer can generate one automatically for your using "Let’s Encrypt". This is the recommended and simplest option for most installations.
  .
- Having no certificate, a self-signed one will be generated.
- In the case of using a self-signed certificate, only the web app will be available with some warnings, the mobile app will not connect.
- Self-signed certificates are not supported by JaaS (Jitsi as a Service).
+ In the event you need to use a certificate of your own, you can configure its location which defaults to /etc/ssl/--domain.name--.key for the key and /etc/ssl/--domain.name--.crt for the certificate.
  .
- Having a certificate signed by a recognised CA, it can be uploaded on the server and point its location.
- The default filenames will be /etc/ssl/--domain.name--.key for the key and /etc/ssl/--domain.name--.crt for the certificate.
+ If you are a developer and are only looking for a quick way to test basic Jitsi Meet functionality then this installer can also generate a self-signed certificate.
 
 Template: jitsi-meet/cert-path-key
 Type: string
@@ -38,7 +35,6 @@ Template: jitsi-meet/jaas-choice
 Type: boolean
 _Description: Interested in adding telephony to your Jitsi meetings?
  You can easily add dialing in support to your meetings. You need to give us the permission to create a free JaaS (Jitsi as a Service) account for you.
- Also, you need to have a certificate signed by a recognised CA or Let's Encrypt on your deployment.
 
 Template: jitsi-meet/email
 Type: string
@@ -48,4 +44,6 @@ _Description: Enter your email:
  You need a working DNS record pointing to this machine(for hostname ${domain})"
  .
  You need to agree to the ACME server's Subscriber Agreement (https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf)
- by providing an email address for important account notifications
+ by providing an email address for important account notifications.
+ .
+ We will use the email for creating your JaaS (Jitsi as a Service) account if that option was selected.