#!/bin/bash # postinst script for jitsi-meet-web-config # # see: dh_installdeb(1) set -e # summary of how this script can be called: # * `configure' # * `abort-upgrade' # * `abort-remove' `in-favour' # # * `abort-remove' # * `abort-deconfigure' `in-favour' # `removing' # # for details, see http://www.debian.org/doc/debian-policy/ or # the debian-policy package case "$1" in configure) # loading debconf . /usr/share/debconf/confmodule # try to get host from jitsi-videobridge db_get jitsi-videobridge/jvb-hostname if [ -z "$RET" ] ; then # server hostname db_set jitsi-videobridge/jvb-hostname "localhost" db_input critical jitsi-videobridge/jvb-hostname || true db_go fi JVB_HOSTNAME="$RET" # detect dpkg-reconfigure RECONFIGURING="false" db_get jitsi-meet/jvb-hostname JVB_HOSTNAME_OLD=$RET if [ -n "$RET" ] && [ ! "$JVB_HOSTNAME_OLD" = "$JVB_HOSTNAME" ] ; then RECONFIGURING="true" rm -f /etc/jitsi/meet/$JVB_HOSTNAME_OLD-config.js fi JVB_SERVE="false" # this detect only old installations db_get jitsi-meet/jvb-serve || true if [ -n "$RET" ] && [ "$RET" = "true" ] ; then JVB_SERVE="true" fi echo "------> $JVB_SERVE" # stores the hostname so we will reuse it later, like in purge db_set jitsi-meet/jvb-hostname $JVB_HOSTNAME NGINX_INSTALL_CHECK="$(dpkg-query -f '${Status}' -W 'nginx' 2>/dev/null | awk '{print $3}' || true)" NGINX_EXTRAS_INSTALL_CHECK="$(dpkg-query -f '${Status}' -W 'nginx-extras' 2>/dev/null | awk '{print $3}' || true)" if [ "$NGINX_INSTALL_CHECK" = "installed" ] \ || [ "$NGINX_INSTALL_CHECK" = "unpacked" ] \ || [ "$NGINX_EXTRAS_INSTALL_CHECK" = "installed" ] \ || [ "$NGINX_EXTRAS_INSTALL_CHECK" = "unpacked" ] ; then FORCE_NGINX="true" fi APACHE_INSTALL_CHECK="$(dpkg-query -f '${Status}' -W 'apache2' 2>/dev/null | awk '{print $3}' || true)" if [ "$APACHE_INSTALL_CHECK" = "installed" ] || [ "$APACHE_INSTALL_CHECK" = "unpacked" ] ; then FORCE_APACHE="true" fi # if first time config ask for certs, or if we are reconfiguring if [ -z "$JVB_HOSTNAME_OLD" ] || [ "$RECONFIGURING" = "true" ] ; then # SSL for nginx db_get jitsi-meet/cert-choice CERT_CHOICE="$RET" UPLOADED_CERT_CHOICE="I want to use my own certificate" if [ "$CERT_CHOICE" = "$UPLOADED_CERT_CHOICE" ] ; then db_set jitsi-meet/cert-path-key "/etc/ssl/$JVB_HOSTNAME.key" db_input critical jitsi-meet/cert-path-key || true db_go db_get jitsi-meet/cert-path-key CERT_KEY="$RET" db_set jitsi-meet/cert-path-crt "/etc/ssl/$JVB_HOSTNAME.crt" db_input critical jitsi-meet/cert-path-crt || true db_go db_get jitsi-meet/cert-path-crt CERT_CRT="$RET" else # create self-signed certs CERT_KEY="/etc/jitsi/meet/$JVB_HOSTNAME.key" CERT_CRT="/etc/jitsi/meet/$JVB_HOSTNAME.crt" HOST="$( (hostname -s; echo localhost) | head -n 1)" DOMAIN="$( (hostname -d; echo localdomain) | head -n 1)" openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj \ "/O=$DOMAIN/OU=$HOST/CN=$JVB_HOSTNAME/emailAddress=webmaster@$HOST.$DOMAIN" \ -keyout $CERT_KEY \ -out $CERT_CRT fi fi # jitsi meet JITSI_MEET_CONFIG="/etc/jitsi/meet/$JVB_HOSTNAME-config.js" if [ ! -f $JITSI_MEET_CONFIG ] ; then cp /usr/share/jitsi-meet-web-config/config.js $JITSI_MEET_CONFIG # replaces needed config for multidomain as it works only with nginx sed -i "s/conference.jitsi-meet.example.com/conference.<\!--# echo var=\"subdomain\" default=\"\" -->jitsi-meet.example.com/g" $JITSI_MEET_CONFIG sed -i "s/jitsi-meet.example.com/$JVB_HOSTNAME/g" $JITSI_MEET_CONFIG fi # this is new install let's configure jvb to serve meet # no-nginx, no-apache installed on machine, this is new install or reconfiguring old one which have jvb_serve set if [[ "$JVB_SERVE" = "true" ]] ; then echo "" echo "------------------------------------------------" echo "You are using jetty to serve jitsi-meet, it is recommended to uninstall(purge) and use default installation that comes with nginx!" echo "" echo "When using the following command any custom config will be LOST!!!" echo "" echo "You can purge your installation using the following command:" echo "apt-get purge jitsi-meet jitsi-meet-web-config jitsi-meet-prosody jitsi-meet-web jicofo jitsi-videobridge" echo "------------------------------------------------" echo "" elif [[ "$FORCE_NGINX" = "true" && ( -z "$JVB_HOSTNAME_OLD" || "$RECONFIGURING" = "true" ) ]] ; then # this is a reconfigure, lets just delete old links if [ "$RECONFIGURING" = "true" ] ; then rm -f /etc/nginx/sites-enabled/$JVB_HOSTNAME_OLD.conf rm -f /etc/jitsi/meet/$JVB_HOSTNAME_OLD-config.js fi # nginx conf if [ ! -f /etc/nginx/sites-available/$JVB_HOSTNAME.conf ] ; then cp /usr/share/jitsi-meet-web-config/jitsi-meet.example /etc/nginx/sites-available/$JVB_HOSTNAME.conf if [ ! -f /etc/nginx/sites-enabled/$JVB_HOSTNAME.conf ] ; then ln -s /etc/nginx/sites-available/$JVB_HOSTNAME.conf /etc/nginx/sites-enabled/$JVB_HOSTNAME.conf fi sed -i "s/jitsi-meet.example.com/$JVB_HOSTNAME/g" /etc/nginx/sites-available/$JVB_HOSTNAME.conf fi if [ "$CERT_CHOICE" = "$UPLOADED_CERT_CHOICE" ] ; then # replace self-signed certificate paths with user provided ones CERT_KEY_ESC=$(echo $CERT_KEY | sed 's/\./\\\./g') CERT_KEY_ESC=$(echo $CERT_KEY_ESC | sed 's/\//\\\//g') sed -i "s/ssl_certificate_key\ \/etc\/jitsi\/meet\/.*key/ssl_certificate_key\ $CERT_KEY_ESC/g" \ /etc/nginx/sites-available/$JVB_HOSTNAME.conf CERT_CRT_ESC=$(echo $CERT_CRT | sed 's/\./\\\./g') CERT_CRT_ESC=$(echo $CERT_CRT_ESC | sed 's/\//\\\//g') sed -i "s/ssl_certificate\ \/etc\/jitsi\/meet\/.*crt/ssl_certificate\ $CERT_CRT_ESC/g" \ /etc/nginx/sites-available/$JVB_HOSTNAME.conf fi invoke-rc.d nginx reload || true elif [[ "$FORCE_APACHE" = "true" && ( -z "$JVB_HOSTNAME_OLD" || "$RECONFIGURING" = "true" ) ]] ; then # this is a reconfigure, lets just delete old links if [ "$RECONFIGURING" = "true" ] ; then a2dissite $JVB_HOSTNAME_OLD.conf rm -f /etc/jitsi/meet/$JVB_HOSTNAME_OLD-config.js fi # apache2 config if [ ! -f /etc/apache2/sites-available/$JVB_HOSTNAME.conf ] ; then # when creating new config, make sure all needed modules are enabled a2enmod rewrite ssl headers proxy_http include cp /usr/share/jitsi-meet-web-config/jitsi-meet.example-apache /etc/apache2/sites-available/$JVB_HOSTNAME.conf a2ensite $JVB_HOSTNAME.conf sed -i "s/jitsi-meet.example.com/$JVB_HOSTNAME/g" /etc/apache2/sites-available/$JVB_HOSTNAME.conf fi if [ "$CERT_CHOICE" = "$UPLOADED_CERT_CHOICE" ] ; then # replace self-signed certificate paths with user provided ones CERT_KEY_ESC=$(echo $CERT_KEY | sed 's/\./\\\./g') CERT_KEY_ESC=$(echo $CERT_KEY_ESC | sed 's/\//\\\//g') sed -i "s/SSLCertificateKeyFile\ \/etc\/jitsi\/meet\/.*key/SSLCertificateKeyFile\ $CERT_KEY_ESC/g" \ /etc/apache2/sites-available/$JVB_HOSTNAME.conf CERT_CRT_ESC=$(echo $CERT_CRT | sed 's/\./\\\./g') CERT_CRT_ESC=$(echo $CERT_CRT_ESC | sed 's/\//\\\//g') sed -i "s/SSLCertificateFile\ \/etc\/jitsi\/meet\/.*crt/SSLCertificateFile\ $CERT_CRT_ESC/g" \ /etc/apache2/sites-available/$JVB_HOSTNAME.conf fi invoke-rc.d apache2 reload || true fi echo "----------------" echo "" echo "You can now switch to a Let’s Encrypt certificate. To do so, execute:" echo "/usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh" echo "" echo "----------------" # and we're done with debconf db_stop ;; abort-upgrade|abort-remove|abort-deconfigure) ;; *) echo "postinst called with unknown argument \`$1'" >&2 exit 1 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0