* fix: Fixes LE script on existing cert.
Updates jaas shown message.
* squash: Make sure .well-known folder exists.
* squash: Fix LE when running apt commands with sudo.
Forces acme.sh to work when it detects sudo.
* squash: Change jaas message on install.
* squash: Uses issue return code to check for existing cert.
* feat: Adds automatic jaas account creation.
* squash: Prints return data if any.
* squash: Moves jitsi-challenge.txt to /usr/share/jitsi-meet/.well-known.
* feat: Adds LE choice when installing debian package.
* Update debian/jitsi-meet-web-config.templates
Co-authored-by: raluca8x8 <raluca.tocmag@8x8.com>
* squash: Print in the console the JaaS link everytime.
* squash: Note that JaaS does not support self-signed certs.
* squash: Fix message.
* squash: Moves acme.sh stuff into a script, so it is easy to re-run.
Co-authored-by: raluca8x8 <raluca.tocmag@8x8.com>
We used to multiplex the ports in nginx, but we dropped that at some point, so now coturn is on its own listening and nginx dependency is no longer needed. Our turnserver config can be used with nginx | apache2.
Fixes an issue where on clean install we see:
WARNING: [25] [hostname=localhost id=shard] MucClient.lambda$getConnectAndLoginCallable$7#622: [MucClient id=shard hostname=localhost] error connecting
org.jivesoftware.smack.SmackException$SmackWrappedException: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
In case limited those connection will be whitelisted and unlimited. Updates existing configurations to make sure prosody update will not break it by limiting too much.
Uses 28c16c93d79a version of the module: https://modules.prosody.im/mod_limits_exception.html
Will be available in prosody 0.12.
* feat: Add mod_client_proxy and mod_roster_command.
Taken from prosody-modules 4317:456b9f608fcf with the
mod_roster_command patch applied.
* feat: Use mod_client_proxy to proxy to jicofo.
* fix(jitsi-meet-web-config.postinst) allow cert and key pre-selection
* fix(jitsi-meet-web-config.postinst) jvb-hostname gets value from db_go instead of db_get
Co-authored-by: Jakob Pfeiffer <pgp-jkp@pfeiffer.ws>
It must be served from the same origin, so we need to bypass the CDN we use for
meet.jit.si. See the code comments for the rationale on the workaround.
* feat: Drops multiplexing support by default.
* fix: Fix purge of jitsi-meet-prosody.
Clean the accounts when there is a - in the domain name.
Removes the certificate so reinstall will not cause problems.
* feat: Enables bridge websockets by default.
* fix: External-ip conflicts with denied-peer-ip.
In cases where the bridge and coturn are on the same machine and the local address is any of the networks from denied-peer-ip, coturn is not using its public address to probe it and communication fails as the other address is deneid.
* squash: Fix a comment.