feat: Adds automatic jaas account creation. (#12213)

* feat: Adds automatic jaas account creation.

* squash: Prints return data if any.

* squash: Moves jitsi-challenge.txt to /usr/share/jitsi-meet/.well-known.
This commit is contained in:
Дамян Минков 2022-09-21 14:57:30 -04:00 committed by GitHub
parent ae70370a38
commit eba7cfcec5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 93 additions and 2 deletions

View File

@ -221,8 +221,14 @@ case "$1" in
invoke-rc.d apache2 reload || true invoke-rc.d apache2 reload || true
fi fi
if [ "$ISSUE_LE_CERT" = "true" ] ; then # If scripts fail they will print suggestions for next steps, do not fail install
/usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh $EMAIL $JVB_HOSTNAME # those can be re-run later
# run the scripts only on new install or when re-configuring
if [ "$ISSUE_LE_CERT" = "true" && ( -z "$JVB_HOSTNAME_OLD" || "$RECONFIGURING" = "true" ) ] ; then
/usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh $EMAIL $JVB_HOSTNAME || true
fi
if [ "${JAAS_INPUT}" = "true" && ( -z "$JVB_HOSTNAME_OLD" || "$RECONFIGURING" = "true" ) ] ; then
/usr/share/jitsi-meet/scripts/register-jaas-account.sh $EMAIL $JVB_HOSTNAME || true
fi fi
echo "" echo ""

View File

@ -0,0 +1,85 @@
#!/bin/bash
set -e
EMAIL=$1
DOMAIN=$2
if [ -z "${DOMAIN}" ] || [ -z "${EMAIL}" ]; then
echo "You need to provide email and domain as parameters."
exit 1
fi
JAAS_ENDPOINT="https://account-provisioning.cloudflare.jitsi.net/operations"
CHALLENGE_FILE="/usr/share/jitsi-meet/.well-known/jitsi-challenge.txt"
SUPPORT_MSG="Reach out to JaaS support or retry with /usr/share/jitsi-meet/scripts/register-jaas-account.sh"
create_error=0
create_data=$(curl -s -f -X 'POST' "${JAAS_ENDPOINT}" -H 'Content-Type: application/json' -H 'accept: */*' \
-d "{ \"domain\": \"${DOMAIN}\", \"email\": \"${EMAIL}\" }") || create_error=$?
if [ ${create_error} -ne 0 ]; then
echo "Account creation failed. Status: ${create_error}, response: ${create_data}"
exit 2
fi
# Creating the challenge file
echo "${create_data}" | jq -r .challenge > ${CHALLENGE_FILE}
op_id=$(echo "${create_data}" | jq -r .operationId)
ready_error=0
ready_data=$(curl -s -f -X 'PUT' "${JAAS_ENDPOINT}/${op_id}/ready") || ready_error=$?
if [ ${ready_error} -ne 0 ]; then
echo "Validating domain failed. Status: ${ready_error}"
echo "Response: "
echo "${ready_data}" | jq -r
echo "${SUPPORT_MSG}"
echo
exit 3
fi
SLEEP_TIME=0
WAIT_BEFORE_CHECK=10
TIMEOUT=60
echo -n "Creating..."
(while true; do
provisioned_data=$(curl -s -f "${JAAS_ENDPOINT}/${op_id}")
status=$(echo "${provisioned_data}" | jq -r .status)
if [ "${status}" == "PROVISIONED" ]; then
echo ""
echo "=================="
echo ""
echo "JaaS account was created. To finish setup follow the email that was sent."
echo ""
echo "=================="
exit 0;
elif [ "${status}" == "FAILED" ]; then
echo ""
echo "=================="
echo ""
echo "JaaS account creation failed:${provisioned_data}"
echo ""
echo "=================="
exit 4
elif [ "${status}" == "VERIFIED" ] && [ "${verified}" != "true" ]; then
echo -n "Account was successfully verified..."
verified="true"
fi
if [ ${SLEEP_TIME} -ge ${TIMEOUT} ]; then
echo ""
echo "=================="
echo ""
echo "Timeout creating account. ${SUPPORT_MSG}"
echo ""
echo "=================="
exit 5
fi
echo -n "waiting..."
sleep ${WAIT_BEFORE_CHECK}
SLEEP_TIME=$((SLEEP_TIME+WAIT_BEFORE_CHECK))
done)
rm ${CHALLENGE_FILE} || true