Commit Graph

185 Commits

Author SHA1 Message Date
Дамян Минков 93f4098dc0
feat: Enable bridge websockets by default for new installs (#7781)
* feat: Drops multiplexing support by default.

* fix: Fix purge of jitsi-meet-prosody.

Clean the accounts when there is a - in the domain name.
Removes the certificate so reinstall will not cause problems.

* feat: Enables bridge websockets by default.

* fix: External-ip conflicts with denied-peer-ip.

In cases where the bridge and coturn are on the same machine and the local address is any of the networks from denied-peer-ip, coturn is not using its public address to probe it and communication fails as the other address is deneid.

* squash: Fix a comment.
2020-09-25 13:15:58 -05:00
emrah 0e50f1887e
fix: enable token_verification during installation of jitsi-meet-tokens (#7630) 2020-09-04 10:17:54 -05:00
emrah 476ca54711
fix: keep plugin_paths while removing jitsi-meet-tokens (#7632) 2020-09-04 08:01:40 -05:00
emrah 70aa19e6d9
fix: disable token_verification while removing jitsi-meet-tokens (#7631) 2020-09-04 08:01:14 -05:00
emrah 7778a17b90
fix: added libssl1.0-dev to the dependencies of jitsi-meet-tokens (#7629) 2020-09-04 08:00:54 -05:00
emrah e8c44c10dd jitsi-meet-tokens: added git to the dependency list 2020-09-02 12:23:26 -05:00
emrah e988bf6565
fix: jitsi-meet-tokens - the first installation check (#7618) 2020-09-02 11:46:32 -05:00
Felix C. Stegerman 322618357c jitsi-meet-tokens.postinst: fix tests 2020-09-01 07:51:37 -05:00
Дамян Минков 758b60f92b
fix: Updates coturn config on update. (#7306)
* fix: Updates coturn config on update.

* fix: Updates console message.
2020-07-14 13:16:53 -05:00
Frank de Lange 29c16e42bd
Move STUN/TURN to IANA-assigned ports - 3478 and 5349 (TLS) (#6172)
* Move STUN/TURN to IANA-assigned ports - 3478 and 5349 (TLS)

* Change remaining references to TURNS port from 4445 to 5349

* Change back TURNS to 443
2020-07-07 08:14:28 -05:00
damencho b10a45bf98 fix: Fixes generating self-signed certificate.
The wrong quotes error:
req: Error on line 354 of config file "/dev/fd/63"
Error Loading extension section SAN
140403719438784:error:0E06C069:configuration file routines:NCONF_get_section:no conf:../crypto/conf/conf_lib.c:245:

Having the ip and specifying dns:
Error Loading extension section SAN
140127168778688:error:220A4076:X509 V3 routines:a2i_GENERAL_NAME:bad ip address:../crypto/x509v3/v3_alt.c:457:value=jitsi.example.com
140127168778688:error:22098080:X509 V3 routines:X509V3_EXT_nconf:error in extension:../crypto/x509v3/v3_conf.c:47:name=subjectAltName, value=DNS:localhost,DNS:jitsi.example.com,IP:jitsi.example.com
2020-07-02 10:33:09 -05:00
Saúl Ibarra Corretgé 97fd36a19a debian: fix postinst command 2020-06-23 17:46:44 +02:00
egerardus 76eabf1f29
debian: add SAN when generating self-signed certs
Closes: #5547
2020-06-23 14:47:36 +02:00
lorddavidiii 6ddac3bddf
debian,turn: fix getting an external ip in IPv6 enabled networks 2020-05-26 13:20:34 +02:00
Felix C. Stegerman b25319fd2e add missing build dependency on nodejs 2020-05-21 10:29:36 -05:00
Дамян Минков ffdd4f2eed
debian: updates around coturn package and order of install (#5729)
* debian: Update coturn udp port to non-privileged one.

* debian: Turnserver config requires jitsi-meet-web-config files.

* doc: Updates doc, removing `--no-install-recommends`.

* debian: Moves checks and configs to default to prosody 0.11.

* debian: Disable room locking on internal muc.

* add scripts for deploying coturn with certbot

* turnserver: Removes unused variable showing error.

* debian: updates let's encrypt and coturn scripts.

* debian: Detect failure to retrieve external ip address.

* debian: Always configure turn when the turnserver package is installed.

Co-authored-by: Julien Fastré <julien.fastre@champs-libres.coop>
2020-04-08 13:06:49 -05:00
bgrozev 36113fd54f
debian: clean up password generation, use 16 characters 2020-04-06 10:22:56 +02:00
Дамян Минков b372b2ccf2
Fix turn file link (#5601)
* debian: Does not add a link of turnserver will not be configured. Fixes #5596.

* debian: Partially reverts 990c77bd.

* debian: Skip filename duplication, use variable.
2020-04-02 18:20:41 -05:00
damencho 716c9eb46f debian: Change coturn unit file to start on 443. 2020-04-01 17:11:55 -05:00
damencho 82aa51770a debian: Skip turn config if other sites are available listening on 443. 2020-04-01 15:18:49 -05:00
damencho 990c77bd3d debian: Skip turnserver config if it is already configured. 2020-04-01 15:18:49 -05:00
damencho 45c60717d6 debian: add post remove script for jitsi-meet-turnserver package
Reloads the webserver as the config had changed.
2020-03-31 16:27:25 -05:00
Saúl Ibarra Corretgé 6596e27f69 Prevent meetings from being crawled by Google 2020-03-31 21:45:28 +02:00
damencho cb0cea4ebd Adds a note to re-run Let’s Encrypt script on jetty upgrade. 2020-03-31 09:36:30 +02:00
damencho b894daa9cf Cleans created users on purging. 2020-03-31 09:36:30 +02:00
Saúl Ibarra Corretgé 94f7b570d7 debian: fix creating internal MUC 2020-03-30 17:01:27 -05:00
Дамян Минков 9a5b19babe
Migrates jetty config to nginx one (#5413)
* Completely removes jetty config and defaults to nginx.

* Force configuring nginx or apache.

* Fixes certs when upgrading from jetty.

* Fixes certs and restarts jvb.

* Turnserver config conflicts apache2.

* Multi-domain sed only for nginx.

* Updates docs removing jetty.
2020-03-27 09:07:47 -05:00
Дамян Минков e00036d44a
Merge pull request #5216 from gbonfiglio/master
fix broken nginx ipv6 listeners
2020-03-26 18:22:41 -05:00
damencho 435d11793d Updates debian compat level. 2020-03-23 17:33:10 -05:00
Giorgio Bonfiglio 4e81a7abd3 fix turnserver postinst for ipv6 listener 2020-03-17 22:37:39 +00:00
Дамян Минков c73ba37202
Introduces installing coturn as turn server for jitsi-meet (#4959)
* Adds package that can configure using turnserver for jitsi-meet.

Activates http2 on the nginx host and uses the alpn send with the web requests to multiplex traffic to be served as web of proxied to the turn server.
It needs nginx at least v1.13.10.
Adds turncredentials module from Philipp Hancke, with small modification (all int values for hosts need to be strings/tostring()) in order to be able to use the module with prosody 0.11.

* Moves loading of stream after loading stream module (50-..).

* Leaves DISABLE_TCP_HARVESTER to be handled by jvb.

* Fixes comments.

* Properly detect first time coturn install and configure it.

* Handles upgrading from jetty serving web.

* Does not create jvb user if already exists.

* Fixes let's encrypt and adds turnserver handling.

* Enables use of turn server in config.js if available.

* Adds a check whether prosody config exists.

There are cases where deployments can still have configured prosody in the main prosody config in /etc/prosody.
2020-01-09 16:51:27 +00:00
damencho d9282f873c Migrate to using mucs for jvb. 2020-01-08 11:18:36 +00:00
damencho 9344138303 Fixes reloading on remove to always succeed. 2020-01-08 11:18:36 +00:00
damencho e01d891bba Disables tcp harvester if bridge is installed on same machine. 2019-12-17 12:05:54 +00:00
damencho f904626f5e Removes jetty and makes nginx default webserver. 2019-12-17 12:05:54 +00:00
damencho ebfc5a95ff Activates multidomain by default when installing with nginx. 2019-12-10 10:55:56 +01:00
damencho 4d0cbff5a1 Ignore errors when restarting services.
Sometimes conflicting or wrong configuration can leave the package in broken state and users cannot even uninstall/purge the packages, and it also breaks any other package installation.
2019-12-04 17:21:12 +00:00
damencho c79463aaee Fixes including config.js template. 2019-12-04 17:21:12 +00:00
damencho 339e1c5fab Moves config template files out of doc folder. 2019-12-04 09:50:55 +00:00
damencho db6a2673de Handles unique Id for a meeting. 2019-11-26 10:37:19 +00:00
damencho e11d4d3101 Installs prosody plugins with jitsi-meet-prosody package. 2019-11-26 10:37:19 +00:00
damencho e09ea36055 Maps available locales for countries to the doubled languages.
This maps the tow letter languages as enGB to the country file for en.
Copies countries-en.json as countries-enGB.json.
2019-07-23 10:10:03 +01:00
damencho 4f6a0d7d3a Updates config if prosody 0.10 is used. 2019-04-29 15:24:55 +01:00
damencho 2180d33e3d Adds alias for external_api.js in all default web config. 2019-04-23 20:31:53 +00:00
damencho 69a12395d2 Removes debug log and adds safety check whether config exists. 2019-04-16 21:16:38 +02:00
damencho ea54713f9a Supports prosody 0.11 when configuring.
Doing few changes needed for general config and for tokens.
2019-04-05 17:18:17 +02:00
Дамян Минков ea4d49f2a0
Adds new format of phoneList service and re-design dial in numbers page. (#3903)
* Adds new format of phoneList service and re-design dial in numbers page.

Adds flags and country names (with translations) for the numbers if using the new format.

* Fixes tests and fixes get default number.

* Updates swagger with new format.

* Moves html back yo table.

Fixes displaying on mobile and also the tel: URI generation. The tel: URI is tested on Android and iOS and seems to work (Android was not interpreting 'p', but both seems to like ',').

* Fixes a wrong return statement.

* Small fixes.
2019-02-26 13:32:46 +00:00
damencho 2ac5d136dc Detects nginx-extras package. Fixes #3891. 2019-02-14 14:05:27 +00:00
Дамян Минков 2ee8f1ef58 Updates postinst prosody (#2896)
* Creates conf.d in /etc/prosody if missing.

Fixes a problem installing prosody 0.10 when using prosody repositories.

* Cleanups certificates on purge.

There are various occasions where users purge packages and the new installations after that generate certificate which doesn't end up in the java trust store on the target machine.

* Generate jicofo user and component passwords if missing.

There are situations where if prosody is already installed, the order of configuring the packages is not in the correct order. In those situations jitsi-meet-prosody got configured before jicofo and the user password and the component secret are not available and we ask the user for that and later when jicofo is configured we generate new set of them. Now we will end up always generating them in jitsi-meet-prosody or jicofo and we will reuse them. See https://github.com/jitsi/jicofo/pull/283.
2018-04-30 15:19:30 -07:00
Saúl Ibarra Corretgé ff8386e931 debian: fix setting the auth domain certificates
In 94813bc0fd (diff-6e9552c9bd8e61c8f277c21220160234)
two local variables got removed (AUTH_KEY_FILE and AUTH_CRT_FILE), which are used by the sed command
below to configure the virtualhost for auth.
2018-03-11 16:05:14 -05:00