Fixes an issue where on clean install we see:
WARNING: [25] [hostname=localhost id=shard] MucClient.lambda$getConnectAndLoginCallable$7#622: [MucClient id=shard hostname=localhost] error connecting
org.jivesoftware.smack.SmackException$SmackWrappedException: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
In case limited those connection will be whitelisted and unlimited. Updates existing configurations to make sure prosody update will not break it by limiting too much.
Uses 28c16c93d79a version of the module: https://modules.prosody.im/mod_limits_exception.html
Will be available in prosody 0.12.
* feat: Add mod_client_proxy and mod_roster_command.
Taken from prosody-modules 4317:456b9f608fcf with the
mod_roster_command patch applied.
* feat: Use mod_client_proxy to proxy to jicofo.
* Adds package that can configure using turnserver for jitsi-meet.
Activates http2 on the nginx host and uses the alpn send with the web requests to multiplex traffic to be served as web of proxied to the turn server.
It needs nginx at least v1.13.10.
Adds turncredentials module from Philipp Hancke, with small modification (all int values for hosts need to be strings/tostring()) in order to be able to use the module with prosody 0.11.
* Moves loading of stream after loading stream module (50-..).
* Leaves DISABLE_TCP_HARVESTER to be handled by jvb.
* Fixes comments.
* Properly detect first time coturn install and configure it.
* Handles upgrading from jetty serving web.
* Does not create jvb user if already exists.
* Fixes let's encrypt and adds turnserver handling.
* Enables use of turn server in config.js if available.
* Adds a check whether prosody config exists.
There are cases where deployments can still have configured prosody in the main prosody config in /etc/prosody.
Sometimes conflicting or wrong configuration can leave the package in broken state and users cannot even uninstall/purge the packages, and it also breaks any other package installation.
* Creates conf.d in /etc/prosody if missing.
Fixes a problem installing prosody 0.10 when using prosody repositories.
* Cleanups certificates on purge.
There are various occasions where users purge packages and the new installations after that generate certificate which doesn't end up in the java trust store on the target machine.
* Generate jicofo user and component passwords if missing.
There are situations where if prosody is already installed, the order of configuring the packages is not in the correct order. In those situations jitsi-meet-prosody got configured before jicofo and the user password and the component secret are not available and we ask the user for that and later when jicofo is configured we generate new set of them. Now we will end up always generating them in jitsi-meet-prosody or jicofo and we will reuse them. See https://github.com/jitsi/jicofo/pull/283.
The certificates are generated on new install or upgrade and added to the current configuration and also to the trusted certificates on the local machine.
Now the web app can be installed separately from jicofo and jitsi-videobridge, or can be installed on machine running nginx or apache. Currently only nginx will be configured and apache config is left to user. Later we can add and the apache config. Renames jitsi-meet to jitsi-meet-web (just the web content) and jitsi-meet-web-config (configuring jetty, nginx or apache). A new jitsi-meet package will be introduced, a meta package depending on jicofo, jvb and the current packages.
damencho
gpatel-fr
bgrozev
Saúl Ibarra Corretgé
Saúl Ibarra Corretgé
paweldomas