From f8b7d048b0316c5355c83faffc04d1d8b9020c88 Mon Sep 17 00:00:00 2001 From: damencho Date: Mon, 27 Jul 2015 16:07:22 -0500 Subject: [PATCH] Updates meet default installation. Removes nginx dependency and adds openjdk-8 in order to activate multiplexing inside jvb and use its jetty to serve meet. Updates will not touch current configuration which will continue using nginx. --- debian/control | 10 +- debian/jitsi-meet-prosody.templates | 1 - debian/jitsi-meet.postinst | 161 +++++++++++++++++++++------- debian/jitsi-meet.templates | 9 +- debian/patches/jquery-package | 10 +- debian/po/templates.pot | 19 +++- 6 files changed, 156 insertions(+), 54 deletions(-) diff --git a/debian/control b/debian/control index 6a7ea982a..14ad6696d 100644 --- a/debian/control +++ b/debian/control @@ -10,14 +10,15 @@ Homepage: https://jitsi.org/meet Package: jitsi-meet Architecture: all -Depends: ${misc:Depends}, jitsi-videobridge, nginx, jitsi-meet-prosody, libjs-strophe (>= 1.1.3), - libjs-jquery, libjs-jquery-ui +Depends: ${misc:Depends}, jitsi-videobridge, jitsi-meet-prosody, libjs-strophe (>= 1.1.3), + libjs-jquery, libjs-jquery-ui, openjdk-8-jre-headless Description: WebRTC JavaScript video conferences Jitsi Meet is a WebRTC JavaScript application that uses Jitsi Videobridge to provide high quality, scalable video conferences. . It is a web interface to Jitsi Videobridge for audio and video - forwarding and relaying, configured to work with nginx + forwarding and relaying, configured to work with jetty instance + running embedded into Jitsi Videobridge Package: jitsi-meet-prosody Architecture: all @@ -27,7 +28,8 @@ Description: Prosody configuration for Jitsi Meet Videobridge to provide high quality, scalable video conferences. . It is a web interface to Jitsi Videobridge for audio and video - forwarding and relaying, configured to work with nginx + forwarding and relaying, configured to work with jetty instance + running embedded into Jitsi Videobridge . This package contains configuration for Prosody to be used with Jitsi Meet. diff --git a/debian/jitsi-meet-prosody.templates b/debian/jitsi-meet-prosody.templates index aa46dab73..970ebd2c9 100644 --- a/debian/jitsi-meet-prosody.templates +++ b/debian/jitsi-meet-prosody.templates @@ -1,5 +1,4 @@ Template: jitsi-meet-prosody/jvb-hostname Type: string -Default: ${default-key} _Description: The hostname of the current installation: The value for the hostname that is set in Jitsi Videobridge installation. diff --git a/debian/jitsi-meet.postinst b/debian/jitsi-meet.postinst index 93f31ab58..5b621de44 100644 --- a/debian/jitsi-meet.postinst +++ b/debian/jitsi-meet.postinst @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash # postinst script for jitsi-meet # # see: dh_installdeb(1) @@ -20,67 +20,154 @@ set -e case "$1" in configure) - . /etc/jitsi/videobridge/config + JVB_ETC_CONFIG="/etc/jitsi/videobridge/config" + JVB_CONFIG="/usr/share/jitsi-videobridge/.sip-communicator/sip-communicator.properties" + + . $JVB_ETC_CONFIG # loading debconf . /usr/share/debconf/confmodule - # detect dpkg-reconfigure, just delete old links + # detect dpkg-reconfigure + RECONFIGURING="false" db_get jitsi-meet/jvb-hostname JVB_HOSTNAME_OLD=$RET if [ -n "$RET" ] && [ ! "$JVB_HOSTNAME_OLD" = "$JVB_HOSTNAME" ] ; then - rm -f /etc/nginx/sites-enabled/$JVB_HOSTNAME_OLD.conf + RECONFIGURING="true" rm -f /etc/jitsi/meet/$JVB_HOSTNAME_OLD-config.js fi + JVB_SERVE="false" + db_get jitsi-meet/jvb-serve + if [ -n "$RET" ] && [ "$RET" = "true" ] ; then + JVB_SERVE="true" + fi + # stores the hostname so we will reuse it later, like in purge db_set jitsi-meet/jvb-hostname $JVB_HOSTNAME - # nginx conf - if [ ! -f /etc/nginx/sites-available/$JVB_HOSTNAME.conf ]; then - cp /usr/share/doc/jitsi-meet/jitsi-meet.example /etc/nginx/sites-available/$JVB_HOSTNAME.conf - if [ ! -f /etc/nginx/sites-enabled/$JVB_HOSTNAME.conf ]; then - ln -s /etc/nginx/sites-available/$JVB_HOSTNAME.conf /etc/nginx/sites-enabled/$JVB_HOSTNAME.conf - fi - sed -i "s/jitsi-meet.example.com/$JVB_HOSTNAME/g" /etc/nginx/sites-available/$JVB_HOSTNAME.conf - fi - # SSL for nginx db_get jitsi-meet/cert-choice CERT_CHOICE="$RET" - if [ "$CERT_CHOICE" = 'A certificate is available and the files are uploaded on the server' ]; then - db_set jitsi-meet/cert-path-key "/etc/ssl/$JVB_HOSTNAME.key" - db_input critical jitsi-meet/cert-path-key || true - db_go - db_get jitsi-meet/cert-path-key - CERT_KEY="$RET" - db_set jitsi-meet/cert-path-crt "/etc/ssl/$JVB_HOSTNAME.crt" - db_input critical jitsi-meet/cert-path-crt || true - db_go - db_get jitsi-meet/cert-path-crt - CERT_CRT="$RET" - # replace self-signed certificate paths with user provided ones - CERT_KEY_ESC=$(echo $CERT_KEY | sed 's/\./\\\./g') - CERT_KEY_ESC=$(echo $CERT_KEY_ESC | sed 's/\//\\\//g') - sed -i "s/ssl_certificate_key\ \/var\/lib\/prosody\/.*key/ssl_certificate_key\ $CERT_KEY_ESC/g" \ - /etc/nginx/sites-available/$JVB_HOSTNAME.conf - CERT_CRT_ESC=$(echo $CERT_CRT | sed 's/\./\\\./g') - CERT_CRT_ESC=$(echo $CERT_CRT_ESC | sed 's/\//\\\//g') - sed -i "s/ssl_certificate\ \/var\/lib\/prosody\/.*crt/ssl_certificate\ $CERT_CRT_ESC/g" \ - /etc/nginx/sites-available/$JVB_HOSTNAME.conf - fi + UPLOADED_CERT_CHOICE="A certificate is available and the files are uploaded on the server" # jitsi meet JITSI_MEET_CONFIG="/etc/jitsi/meet/$JVB_HOSTNAME-config.js" - if [ ! -f $JITSI_MEET_CONFIG ]; then + if [ ! -f $JITSI_MEET_CONFIG ] ; then cp /usr/share/doc/jitsi-meet/config.js $JITSI_MEET_CONFIG sed -i "s/jitsi-meet.example.com/$JVB_HOSTNAME/g" $JITSI_MEET_CONFIG fi + # this is new install let's configure jvb to serve meet + if [[ -z $FORCE_NGINX && ( -z $JVB_HOSTNAME_OLD || "$JVB_SERVE" = "true" ) ]] ; then + # this is a reconfigure, lets just delete old links + if [ "$RECONFIGURING" = "true" ] ; then + rm -f $JVB_CONFIG + fi + + # configure jvb + echo "AUTHBIND=yes" >> $JVB_ETC_CONFIG + sed -i "s/JVB_OPTS=.*/JVB_OPTS=--apis=rest,xmpp/g" $JVB_ETC_CONFIG + + echo "org.jitsi.videobridge.rest.jetty.host=::" >> $JVB_CONFIG + echo "org.jitsi.videobridge.rest.jetty.port=443" >> $JVB_CONFIG + echo "org.jitsi.videobridge.rest.jetty.ProxyServlet.hostHeader=$JVB_HOSTNAME" >> $JVB_CONFIG + echo "org.jitsi.videobridge.rest.jetty.ProxyServlet.pathSpec=/http-bind" >> $JVB_CONFIG + echo "org.jitsi.videobridge.rest.jetty.ProxyServlet.proxyTo=http://localhost:5280/http-bind" >> $JVB_CONFIG + echo "org.jitsi.videobridge.rest.jetty.ResourceHandler.resourceBase=/usr/share/jitsi-meet" >> $JVB_CONFIG + echo "org.jitsi.videobridge.rest.jetty.ResourceHandler.alias./config.js=/etc/jitsi/meet/$JVB_HOSTNAME-config.js" >> $JVB_CONFIG + echo "org.jitsi.videobridge.rest.jetty.RewriteHandler.regex=^/([a-zA-Z0-9]+)$" >> $JVB_CONFIG + echo "org.jitsi.videobridge.rest.jetty.RewriteHandler.replacement=/" >> $JVB_CONFIG + echo "org.jitsi.videobridge.rest.jetty.tls.port=443" >> $JVB_CONFIG + echo "org.jitsi.videobridge.TCP_HARVESTER_PORT=443" >> $JVB_CONFIG + echo "org.jitsi.videobridge.rest.jetty.sslContextFactory.keyStorePath=/etc/jitsi/videobridge/$JVB_HOSTNAME.jks" >> $JVB_CONFIG + echo "org.jitsi.videobridge.rest.jetty.sslContextFactory.keyStorePassword=changeit" >> $JVB_CONFIG + + # configure authbind to allow jvb to bind to privileged ports + OWNER=$(stat -c '%U' /usr/share/jitsi-videobridge) + GROUP=$(stat -c '%G' /usr/share/jitsi-videobridge) + JVB_UID="`id -u $OWNER`" + if [ ! -f "/etc/authbind/byuid/$JVB_UID" ] ; then + if [ ! -d "/etc/authbind/byuid" ] ; then + mkdir -p /etc/authbind/byuid + chmod 755 /etc/authbind + chmod 755 /etc/authbind/byuid + fi + echo '::,443' >/etc/authbind/byuid/$JVB_UID + chown $OWNER:$GROUP /etc/authbind/byuid/$JVB_UID + chmod 700 /etc/authbind/byuid/$JVB_UID + fi + + if [ "$CERT_CHOICE" = "$UPLOADED_CERT_CHOICE" ] ; then + # create jks from uploaded certs + openssl pkcs12 -export \ + -in /etc/ssl/$JVB_HOSTNAME.crt \ + -inkey /etc/ssl/$JVB_HOSTNAME.key \ + -passout pass:changeit > /etc/jitsi/videobridge/$JVB_HOSTNAME.p12 + keytool -importkeystore \ + -srckeystore /etc/jitsi/videobridge/$JVB_HOSTNAME.p12 \ + -destkeystore /etc/jitsi/videobridge/$JVB_HOSTNAME.jks \ + -srcstoretype pkcs12 \ + -noprompt -storepass changeit -srcstorepass changeit + else + # create jks from self-signed certs + openssl pkcs12 -export \ + -in /var/lib/prosody/$JVB_HOSTNAME.crt \ + -inkey /var/lib/prosody/$JVB_HOSTNAME.key \ + -passout pass:changeit > /etc/jitsi/videobridge/$JVB_HOSTNAME.p12 + keytool -importkeystore \ + -srckeystore /etc/jitsi/videobridge/$JVB_HOSTNAME.p12 \ + -destkeystore /etc/jitsi/videobridge/$JVB_HOSTNAME.jks \ + -srcstoretype pkcs12 \ + -noprompt -storepass changeit -srcstorepass changeit + fi + + db_set jitsi-meet/jvb-serve "true" + + invoke-rc.d jitsi-videobridge restart + elif [[ "$FORCE_NGINX" = "true" || ( -n $JVB_HOSTNAME_OLD && "$JVB_SERVE" = "false" ) ]] ; then + # this is a reconfigure, lets just delete old links + if [ "$RECONFIGURING" = "true" ] ; then + rm -f /etc/nginx/sites-enabled/$JVB_HOSTNAME_OLD.conf + rm -f /etc/jitsi/meet/$JVB_HOSTNAME_OLD-config.js + fi + + # nginx conf + if [ ! -f /etc/nginx/sites-available/$JVB_HOSTNAME.conf ] ; then + cp /usr/share/doc/jitsi-meet/jitsi-meet.example /etc/nginx/sites-available/$JVB_HOSTNAME.conf + if [ ! -f /etc/nginx/sites-enabled/$JVB_HOSTNAME.conf ] ; then + ln -s /etc/nginx/sites-available/$JVB_HOSTNAME.conf /etc/nginx/sites-enabled/$JVB_HOSTNAME.conf + fi + sed -i "s/jitsi-meet.example.com/$JVB_HOSTNAME/g" /etc/nginx/sites-available/$JVB_HOSTNAME.conf + fi + + if [ "$CERT_CHOICE" = "$UPLOADED_CERT_CHOICE" ] ; then + db_set jitsi-meet/cert-path-key "/etc/ssl/$JVB_HOSTNAME.key" + db_input critical jitsi-meet/cert-path-key || true + db_go + db_get jitsi-meet/cert-path-key + CERT_KEY="$RET" + db_set jitsi-meet/cert-path-crt "/etc/ssl/$JVB_HOSTNAME.crt" + db_input critical jitsi-meet/cert-path-crt || true + db_go + db_get jitsi-meet/cert-path-crt + CERT_CRT="$RET" + # replace self-signed certificate paths with user provided ones + CERT_KEY_ESC=$(echo $CERT_KEY | sed 's/\./\\\./g') + CERT_KEY_ESC=$(echo $CERT_KEY_ESC | sed 's/\//\\\//g') + sed -i "s/ssl_certificate_key\ \/var\/lib\/prosody\/.*key/ssl_certificate_key\ $CERT_KEY_ESC/g" \ + /etc/nginx/sites-available/$JVB_HOSTNAME.conf + CERT_CRT_ESC=$(echo $CERT_CRT | sed 's/\./\\\./g') + CERT_CRT_ESC=$(echo $CERT_CRT_ESC | sed 's/\//\\\//g') + sed -i "s/ssl_certificate\ \/var\/lib\/prosody\/.*crt/ssl_certificate\ $CERT_CRT_ESC/g" \ + /etc/nginx/sites-available/$JVB_HOSTNAME.conf + fi + + invoke-rc.d nginx reload + fi + # and we're done with debconf db_stop - - invoke-rc.d nginx reload ;; abort-upgrade|abort-remove|abort-deconfigure) diff --git a/debian/jitsi-meet.templates b/debian/jitsi-meet.templates index 59f502ba8..32050feef 100644 --- a/debian/jitsi-meet.templates +++ b/debian/jitsi-meet.templates @@ -10,20 +10,23 @@ _Description: SSL certificate for the Jitsi Meet instance Template: jitsi-meet/cert-path-key Type: string -Default: ${default-key} _Description: Full local server path to the SSL key file: The full path to the SSL key file on the server. If it has not been uploaded, now is a good time to do so. Template: jitsi-meet/cert-path-crt Type: string -Default: ${default-crt} _Description: Full local server path to the SSL certificate file: The full path to the SSL certificate file on the server. If you haven't uploaded it, now is a good time to upload it in another console. Template: jitsi-meet/jvb-hostname Type: string -Default: ${default-key} _Description: The hostname of the current installation: The value for the hostname that is set in Jitsi Videobridge installation. + +Template: jitsi-meet/jvb-serve +Type: boolean +Default: false +_Description: for internal use + for internal use. diff --git a/debian/patches/jquery-package b/debian/patches/jquery-package index c8ccb6350..ef0750c72 100644 --- a/debian/patches/jquery-package +++ b/debian/patches/jquery-package @@ -3,14 +3,16 @@ Index: jitsi-meet/index.html =================================================================== --- jitsi-meet.orig/index.html +++ jitsi-meet/index.html -@@ -9,12 +9,12 @@ - +@@ -10,14 +10,14 @@ + - + - - + + + + - diff --git a/debian/po/templates.pot b/debian/po/templates.pot index ad43bd335..d3933e730 100644 --- a/debian/po/templates.pot +++ b/debian/po/templates.pot @@ -1,7 +1,3 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# FIRST AUTHOR , YEAR. # #, fuzzy msgid "" @@ -74,7 +70,6 @@ msgid "" "uploaded it, now is a good time to upload it in another console." msgstr "" - #. Type: string #. Description #: ../jitsi-meet.templates:4001 @@ -87,3 +82,17 @@ msgstr "" msgid "" "The value for the hostname that is set in Jitsi Videobridge installation." msgstr "" + + +#. Type: string +#. Description +#: ../jitsi-meet.templates:5001 +msgid "for internal use" +msgstr "" + +#. Type: string +#. Description +#: ../jitsi-meet.templates:5001 +msgid "" +"Jitsi Videobridge installation can use its internal jetty to serve static meet pages." +msgstr ""