Commit Graph

237 Commits

Author SHA1 Message Date
Saúl Ibarra Corretgé 1d9daa8da7 fix(config) drop useStunTurn
Always attempt to discover the configured STUN/TURN servers.
2020-10-07 16:31:47 +02:00
Дамян Минков 91f636a813
debian: Don't break those still using ALPN multiplex (Fixes #7794) (#7796)
* fix: Don't break those still using ALPN multiplex (Fixes #7794)

* squash: Update doc/debian/jitsi-meet/jitsi-meet.conf

Co-authored-by: Saúl Ibarra Corretgé <saghul@jitsi.org>

Co-authored-by: Saúl Ibarra Corretgé <saghul@jitsi.org>
2020-09-29 06:17:42 -05:00
Дамян Минков 93f4098dc0
feat: Enable bridge websockets by default for new installs (#7781)
* feat: Drops multiplexing support by default.

* fix: Fix purge of jitsi-meet-prosody.

Clean the accounts when there is a - in the domain name.
Removes the certificate so reinstall will not cause problems.

* feat: Enables bridge websockets by default.

* fix: External-ip conflicts with denied-peer-ip.

In cases where the bridge and coturn are on the same machine and the local address is any of the networks from denied-peer-ip, coturn is not using its public address to probe it and communication fails as the other address is deneid.

* squash: Fix a comment.
2020-09-25 13:15:58 -05:00
emrah 0e50f1887e
fix: enable token_verification during installation of jitsi-meet-tokens (#7630) 2020-09-04 10:17:54 -05:00
emrah 476ca54711
fix: keep plugin_paths while removing jitsi-meet-tokens (#7632) 2020-09-04 08:01:40 -05:00
emrah 70aa19e6d9
fix: disable token_verification while removing jitsi-meet-tokens (#7631) 2020-09-04 08:01:14 -05:00
emrah 7778a17b90
fix: added libssl1.0-dev to the dependencies of jitsi-meet-tokens (#7629) 2020-09-04 08:00:54 -05:00
emrah e8c44c10dd jitsi-meet-tokens: added git to the dependency list 2020-09-02 12:23:26 -05:00
emrah e988bf6565
fix: jitsi-meet-tokens - the first installation check (#7618) 2020-09-02 11:46:32 -05:00
Felix C. Stegerman 322618357c jitsi-meet-tokens.postinst: fix tests 2020-09-01 07:51:37 -05:00
Дамян Минков 758b60f92b
fix: Updates coturn config on update. (#7306)
* fix: Updates coturn config on update.

* fix: Updates console message.
2020-07-14 13:16:53 -05:00
Frank de Lange 29c16e42bd
Move STUN/TURN to IANA-assigned ports - 3478 and 5349 (TLS) (#6172)
* Move STUN/TURN to IANA-assigned ports - 3478 and 5349 (TLS)

* Change remaining references to TURNS port from 4445 to 5349

* Change back TURNS to 443
2020-07-07 08:14:28 -05:00
damencho b10a45bf98 fix: Fixes generating self-signed certificate.
The wrong quotes error:
req: Error on line 354 of config file "/dev/fd/63"
Error Loading extension section SAN
140403719438784:error:0E06C069:configuration file routines:NCONF_get_section:no conf:../crypto/conf/conf_lib.c:245:

Having the ip and specifying dns:
Error Loading extension section SAN
140127168778688:error:220A4076:X509 V3 routines:a2i_GENERAL_NAME:bad ip address:../crypto/x509v3/v3_alt.c:457:value=jitsi.example.com
140127168778688:error:22098080:X509 V3 routines:X509V3_EXT_nconf:error in extension:../crypto/x509v3/v3_conf.c:47:name=subjectAltName, value=DNS:localhost,DNS:jitsi.example.com,IP:jitsi.example.com
2020-07-02 10:33:09 -05:00
Saúl Ibarra Corretgé 97fd36a19a debian: fix postinst command 2020-06-23 17:46:44 +02:00
egerardus 76eabf1f29
debian: add SAN when generating self-signed certs
Closes: #5547
2020-06-23 14:47:36 +02:00
lorddavidiii 6ddac3bddf
debian,turn: fix getting an external ip in IPv6 enabled networks 2020-05-26 13:20:34 +02:00
Felix C. Stegerman b25319fd2e add missing build dependency on nodejs 2020-05-21 10:29:36 -05:00
Дамян Минков ffdd4f2eed
debian: updates around coturn package and order of install (#5729)
* debian: Update coturn udp port to non-privileged one.

* debian: Turnserver config requires jitsi-meet-web-config files.

* doc: Updates doc, removing `--no-install-recommends`.

* debian: Moves checks and configs to default to prosody 0.11.

* debian: Disable room locking on internal muc.

* add scripts for deploying coturn with certbot

* turnserver: Removes unused variable showing error.

* debian: updates let's encrypt and coturn scripts.

* debian: Detect failure to retrieve external ip address.

* debian: Always configure turn when the turnserver package is installed.

Co-authored-by: Julien Fastré <julien.fastre@champs-libres.coop>
2020-04-08 13:06:49 -05:00
bgrozev 36113fd54f
debian: clean up password generation, use 16 characters 2020-04-06 10:22:56 +02:00
Дамян Минков b372b2ccf2
Fix turn file link (#5601)
* debian: Does not add a link of turnserver will not be configured. Fixes #5596.

* debian: Partially reverts 990c77bd.

* debian: Skip filename duplication, use variable.
2020-04-02 18:20:41 -05:00
damencho 716c9eb46f debian: Change coturn unit file to start on 443. 2020-04-01 17:11:55 -05:00
damencho 82aa51770a debian: Skip turn config if other sites are available listening on 443. 2020-04-01 15:18:49 -05:00
damencho 990c77bd3d debian: Skip turnserver config if it is already configured. 2020-04-01 15:18:49 -05:00
damencho 45c60717d6 debian: add post remove script for jitsi-meet-turnserver package
Reloads the webserver as the config had changed.
2020-03-31 16:27:25 -05:00
Saúl Ibarra Corretgé 6596e27f69 Prevent meetings from being crawled by Google 2020-03-31 21:45:28 +02:00
damencho cb0cea4ebd Adds a note to re-run Let’s Encrypt script on jetty upgrade. 2020-03-31 09:36:30 +02:00
damencho b894daa9cf Cleans created users on purging. 2020-03-31 09:36:30 +02:00
Saúl Ibarra Corretgé 94f7b570d7 debian: fix creating internal MUC 2020-03-30 17:01:27 -05:00
Дамян Минков 9a5b19babe
Migrates jetty config to nginx one (#5413)
* Completely removes jetty config and defaults to nginx.

* Force configuring nginx or apache.

* Fixes certs when upgrading from jetty.

* Fixes certs and restarts jvb.

* Turnserver config conflicts apache2.

* Multi-domain sed only for nginx.

* Updates docs removing jetty.
2020-03-27 09:07:47 -05:00
Дамян Минков e00036d44a
Merge pull request #5216 from gbonfiglio/master
fix broken nginx ipv6 listeners
2020-03-26 18:22:41 -05:00
damencho 435d11793d Updates debian compat level. 2020-03-23 17:33:10 -05:00
Giorgio Bonfiglio 4e81a7abd3 fix turnserver postinst for ipv6 listener 2020-03-17 22:37:39 +00:00
Дамян Минков c73ba37202
Introduces installing coturn as turn server for jitsi-meet (#4959)
* Adds package that can configure using turnserver for jitsi-meet.

Activates http2 on the nginx host and uses the alpn send with the web requests to multiplex traffic to be served as web of proxied to the turn server.
It needs nginx at least v1.13.10.
Adds turncredentials module from Philipp Hancke, with small modification (all int values for hosts need to be strings/tostring()) in order to be able to use the module with prosody 0.11.

* Moves loading of stream after loading stream module (50-..).

* Leaves DISABLE_TCP_HARVESTER to be handled by jvb.

* Fixes comments.

* Properly detect first time coturn install and configure it.

* Handles upgrading from jetty serving web.

* Does not create jvb user if already exists.

* Fixes let's encrypt and adds turnserver handling.

* Enables use of turn server in config.js if available.

* Adds a check whether prosody config exists.

There are cases where deployments can still have configured prosody in the main prosody config in /etc/prosody.
2020-01-09 16:51:27 +00:00
damencho d9282f873c Migrate to using mucs for jvb. 2020-01-08 11:18:36 +00:00
damencho 9344138303 Fixes reloading on remove to always succeed. 2020-01-08 11:18:36 +00:00
damencho e01d891bba Disables tcp harvester if bridge is installed on same machine. 2019-12-17 12:05:54 +00:00
damencho f904626f5e Removes jetty and makes nginx default webserver. 2019-12-17 12:05:54 +00:00
damencho ebfc5a95ff Activates multidomain by default when installing with nginx. 2019-12-10 10:55:56 +01:00
damencho 4d0cbff5a1 Ignore errors when restarting services.
Sometimes conflicting or wrong configuration can leave the package in broken state and users cannot even uninstall/purge the packages, and it also breaks any other package installation.
2019-12-04 17:21:12 +00:00
damencho c79463aaee Fixes including config.js template. 2019-12-04 17:21:12 +00:00
damencho 339e1c5fab Moves config template files out of doc folder. 2019-12-04 09:50:55 +00:00
damencho db6a2673de Handles unique Id for a meeting. 2019-11-26 10:37:19 +00:00
damencho e11d4d3101 Installs prosody plugins with jitsi-meet-prosody package. 2019-11-26 10:37:19 +00:00
damencho e09ea36055 Maps available locales for countries to the doubled languages.
This maps the tow letter languages as enGB to the country file for en.
Copies countries-en.json as countries-enGB.json.
2019-07-23 10:10:03 +01:00
damencho 4f6a0d7d3a Updates config if prosody 0.10 is used. 2019-04-29 15:24:55 +01:00
damencho 2180d33e3d Adds alias for external_api.js in all default web config. 2019-04-23 20:31:53 +00:00
damencho 69a12395d2 Removes debug log and adds safety check whether config exists. 2019-04-16 21:16:38 +02:00
damencho ea54713f9a Supports prosody 0.11 when configuring.
Doing few changes needed for general config and for tokens.
2019-04-05 17:18:17 +02:00
Дамян Минков ea4d49f2a0
Adds new format of phoneList service and re-design dial in numbers page. (#3903)
* Adds new format of phoneList service and re-design dial in numbers page.

Adds flags and country names (with translations) for the numbers if using the new format.

* Fixes tests and fixes get default number.

* Updates swagger with new format.

* Moves html back yo table.

Fixes displaying on mobile and also the tel: URI generation. The tel: URI is tested on Android and iOS and seems to work (Android was not interpreting 'p', but both seems to like ',').

* Fixes a wrong return statement.

* Small fixes.
2019-02-26 13:32:46 +00:00
damencho 2ac5d136dc Detects nginx-extras package. Fixes #3891. 2019-02-14 14:05:27 +00:00
Дамян Минков 2ee8f1ef58 Updates postinst prosody (#2896)
* Creates conf.d in /etc/prosody if missing.

Fixes a problem installing prosody 0.10 when using prosody repositories.

* Cleanups certificates on purge.

There are various occasions where users purge packages and the new installations after that generate certificate which doesn't end up in the java trust store on the target machine.

* Generate jicofo user and component passwords if missing.

There are situations where if prosody is already installed, the order of configuring the packages is not in the correct order. In those situations jitsi-meet-prosody got configured before jicofo and the user password and the component secret are not available and we ask the user for that and later when jicofo is configured we generate new set of them. Now we will end up always generating them in jitsi-meet-prosody or jicofo and we will reuse them. See https://github.com/jitsi/jicofo/pull/283.
2018-04-30 15:19:30 -07:00
Saúl Ibarra Corretgé ff8386e931 debian: fix setting the auth domain certificates
In 94813bc0fd (diff-6e9552c9bd8e61c8f277c21220160234)
two local variables got removed (AUTH_KEY_FILE and AUTH_CRT_FILE), which are used by the sed command
below to configure the virtualhost for auth.
2018-03-11 16:05:14 -05:00
damencho b49e600267 Cleanup, removes unused obsolete files. 2017-12-07 11:14:21 -06:00
damencho 5a3f952a2f Uses prosodyctl default inputs. 2017-12-07 11:14:21 -06:00
damencho 94813bc0fd Changes owner to prosody of newly created certificates. Fixes #2244. 2017-12-07 11:14:21 -06:00
damencho 64b11b571f Fixes error in case prosody host config is missing in conf.d folder. 2017-10-13 08:43:00 -05:00
damencho 3e1cd6151d Updates prosody config to have certificates for the auth. domain.
The certificates are generated on new install or upgrade and added to the current configuration and also to the trusted certificates on the local machine.
2017-10-06 16:51:30 -05:00
damencho c1fb1a7def Installs required basexx when token package is installed. Fixes #1870.
Adds some debug messages when token verification fails for some reason.
2017-08-08 23:13:25 +03:00
virtuacoplenny da1c760abf feat(notifications): implement a react/redux notification system (#1786)
* feat(notifications): implement a react/redux notification system

* squash into impl explicit timeout, style

* ref(notifications): convert toastr notifications to use react

* ref(toastr): remove library

* squash into conversion: pass timeout

* squash into clean remove from debian patch
2017-07-28 12:56:49 -05:00
damencho 9e728e4b25 Fixes crashing jwt util for anonymous domains.
Room name verification crashes when we have a configured anonymousdomain as it doesn't have any token extracted data. It is safe to skip this check as room creation is verified by jicofo and we have the option restrict_room_creation to admin users.
Removes obsolete print when updating jitsi-meet-tokens.
2017-05-16 08:21:46 -05:00
damencho ede5be119f Skips changing prosody config on upgrading jitsi-meet-tokens package. 2017-05-12 16:12:15 -05:00
Aaron van Meerten afc96808e8 added support of static directory in debian install and Makefile for source package 2017-03-20 19:22:06 -05:00
damencho 1d7da21e48 Moves all static content/files in a new folder.
Also clears debian package from including *.js files from source roote folder, files which were not used.
2017-03-20 16:05:11 -05:00
damencho 8591fe00b6 Adds a script which install certificates from let's encrypt.
The script looks for nginx, apache2 or jetty configuration and edits the first one found. Nginx and apache2 will be reloaded, while jvb will be stopped, configured and started again.
2017-03-17 14:49:10 -05:00
Saúl Ibarra Corretgé b01ad360da Move miscellaneous files to resources 2017-02-23 10:01:19 +01:00
Lyubomir Marinov 0051b3b79c Clean up obsolete file references 2017-01-26 07:58:56 -06:00
damencho 3c369a4c67 Fixes missing ssi for logging_config.js when meet served from jetty. 2016-12-29 11:18:39 -06:00
damencho 7d81ec4d86 Simplifies dependencies, removes possible circular dependency. 2016-12-07 11:14:20 -06:00
damencho 685d117a91 Fixes custom cert and key files for apache config. 2016-11-29 23:54:19 -06:00
damencho e51f791ab0 Configures to use apache when this is the available web server. 2016-11-29 23:11:15 -06:00
damencho 4d0701cfda Fixes build. Wrong changelog file. 2016-11-28 14:18:23 -06:00
damencho 8da0d3a1f1 Removes dependencies to other components.
Now the web app can be installed separately from jicofo and jitsi-videobridge, or can be installed on machine running nginx or apache. Currently only nginx will be configured and apache config is left to user. Later we can add and the apache config. Renames jitsi-meet to jitsi-meet-web (just the web content) and jitsi-meet-web-config (configuring jetty, nginx or apache). A new jitsi-meet package will be introduced, a meta package depending on jicofo, jvb and the current packages.
2016-11-28 13:13:08 -06:00
Boris Grozev 65300b34df refactor: removes unused code. 2016-08-15 22:57:36 -05:00
damencho ec98e6fdff Revert "Skips the analytics file from main folder when creating deb." Excluding file, excludes it and from subfolders.
This reverts commit 157bb1931d.
2016-08-11 12:53:37 -05:00
damencho 157bb1931d Skips the analytics file from main folder when creating deb. 2016-08-10 15:47:54 -05:00
damencho 1454a28a69 Fixes serving interface_config when using jetty. 2016-08-03 11:53:21 -05:00
paweldomas 9f3c209096 Switch back to 'luajwt' in order to fix broken JWT
Temporarily reference 'luajwtjitsi' luarock for immediate
deployment until our changes with RS256 support
eventually get merged with the master
2016-08-02 12:35:48 -05:00
damencho 64475143cf Removes keyring dependency to switch to new build machine. 2016-06-30 15:31:35 -05:00
damencho c1122eae3a Adds dependency to new keyring and new repo update. 2016-06-30 15:22:22 -05:00
damencho 6715d41f92 Removes unused dependency.
Used to minimize strophe-plugins which were inside the source tree and now npm handles them.
2016-06-21 10:38:31 -05:00
hristoterezov 8deb003ef6 JWT client support 2016-06-13 16:11:44 -05:00
damencho ed9fd6c8fd Adds property for initial jetty ssi configuration. 2016-06-02 12:27:47 -05:00
hristoterezov 4a1175d44f Fixes comments after review 2016-03-28 17:42:20 -05:00
paweldomas 2dba1d9d17 Requires prosody-trunk at least 607 for jitsi-meet-tokens 2016-01-19 12:59:22 -06:00
paweldomas 428fa3f16a New JWT token impl that does not require token verification in Jicofo and uses anonymous authentication method(token goes as BOSH query param). Adds 'allow_empty_token" config option. 2016-01-19 12:59:06 -06:00
paweldomas ac8e1ce388 Configures Jicofo when jitsi-meet-tokens package is installed 2016-01-19 12:58:59 -06:00
damencho 1bb5188ac8 Simplifies the check for installed nginx, fixes purge when nginx was not used. 2015-11-09 16:26:13 -06:00
damencho f005606428 Reverts messing with css files. 2015-11-09 12:36:01 -06:00
paweldomas 7ff7545570 Reload Prosody after successful tokens install. 2015-11-03 11:14:01 -06:00
paweldomas ca89b59638 Fixes for jitsi-meet-tokens Debian package. 2015-11-03 11:11:54 -06:00
paweldomas 9406669aae Fix for jitsi-meet-tokens 2015-11-02 15:28:19 -06:00
paweldomas 531b81cce3 Adds Prosody plugin for token authentication. 2015-11-02 15:28:18 -06:00
damencho a755f4dd56 Removes unused dependencies. 2015-10-07 13:36:48 -05:00
damencho a6f8c53947 Removes unused files from deb package. 2015-10-07 12:00:08 -05:00
Boris Grozev 3a66283f46 Fixes the css file path included in the debian package. 2015-10-06 15:21:44 -05:00
Boris Grozev d0b254ca15 Merges css files. 2015-10-06 15:19:01 -05:00
damencho cc7d8b8a0d Removes unused minification. 2015-10-06 11:22:42 -05:00
damencho df0563d8d5 Updates the license put in debian package. 2015-10-01 15:12:34 -05:00
damencho 5a254ba949 Uses jvb config file from the new location. Fixes a problem where reconfiguring can break package installation due to missing jvb config file. 2015-09-09 15:15:23 -05:00
damencho 74c531aed6 Uses port definition rather then wild card address when configuring authbind. 2015-09-01 14:25:11 -05:00