"Fossies" - the Fresh Open Source Software Archive 
Member "jitsi-meet-4429/debian/jitsi-meet-turnserver.postinst" (23 Sep 2020, 8432 Bytes) of package /linux/misc/jitsi-meet-4429.tar.gz:
As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Bash source code syntax highlighting (style:
standard) with prefixed line numbers.
Alternatively you can here
view or
download the uninterpreted source code file.
1 #!/bin/bash
2 # postinst script for jitsi-meet-turnserver
3 #
4 # see: dh_installdeb(1)
5
6 set -e
7
8 # summary of how this script can be called:
9 # * <postinst> `configure' <most-recently-configured-version>
10 # * <old-postinst> `abort-upgrade' <new version>
11 # * <conflictor's-postinst> `abort-remove' `in-favour' <package>
12 # <new-version>
13 # * <postinst> `abort-remove'
14 # * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
15 # <failed-install-package> <version> `removing'
16 # <conflicting-package> <version>
17 # for details, see http://www.debian.org/doc/debian-policy/ or
18 # the debian-policy package
19
20 case "$1" in
21 configure)
22 # loading debconf
23 . /usr/share/debconf/confmodule
24
25 # try to get host from jitsi-videobridge
26 db_get jitsi-videobridge/jvb-hostname
27 if [ -z "$RET" ] ; then
28 # server hostname
29 db_set jitsi-videobridge/jvb-hostname "localhost"
30 db_input critical jitsi-videobridge/jvb-hostname || true
31 db_go
32 fi
33 JVB_HOSTNAME="$RET"
34
35 TURN_CONFIG="/etc/turnserver.conf"
36 NGINX_CONFIG="/etc/nginx/sites-available/$JVB_HOSTNAME.conf"
37 JITSI_MEET_CONFIG="/etc/jitsi/meet/$JVB_HOSTNAME-config.js"
38
39 NGINX_SITES_ENABLED="/etc/nginx/sites-enabled/"
40 NGINX_CONFIG_ENABLED="${NGINX_SITES_ENABLED}${JVB_HOSTNAME}.conf"
41 NGINX_MULTIPLEXING="true"
42 for site in ${NGINX_SITES_ENABLED}*; do
43 # if it is not a file continue
44 [ -f "${site}" ] || continue
45 # if it is our config skip
46 [ "${site}" != "${NGINX_CONFIG_ENABLED}" ] || continue
47 # check whether other enabled hosts has listen 443
48 if cat ${site} | grep -v "^[[:space:]]*#" | grep listen | grep -q "^.*[[:space:]:]443[;[:space:]].*" ; then
49 # nothing to do
50 echo "------------------------------------------------"
51 echo ""
52 echo "turnserver is listening on tcp 5349 as other nginx sites use port 443"
53 echo ""
54 echo "------------------------------------------------"
55 NGINX_MULTIPLEXING="false"
56 fi
57 done
58
59 # if there was a turn config backup it so we can configure
60 # we cannot recognize at the moment is this a user config or default config when installing coturn
61 if [[ -f $TURN_CONFIG ]] && ! grep -q "jitsi-meet coturn config" "$TURN_CONFIG" ; then
62 mv $TURN_CONFIG $TURN_CONFIG.bak
63 fi
64
65 # detect dpkg-reconfigure, just delete old links
66 db_get jitsi-meet-turnserver/jvb-hostname
67 JVB_HOSTNAME_OLD=$RET
68 if [ -n "$RET" ] && [ ! "$JVB_HOSTNAME_OLD" = "$JVB_HOSTNAME" ] ; then
69 if [[ -f $TURN_CONFIG ]] && grep -q "jitsi-meet coturn config" "$TURN_CONFIG" ; then
70 rm -f $TURN_CONFIG
71 fi
72 fi
73
74 # this detect only old installations with no nginx
75 db_get jitsi-meet/jvb-serve || true
76 if [ ! -f $NGINX_CONFIG -o "$RET" = "true" ] ; then
77 # nothing to do
78 echo "------------------------------------------------"
79 echo ""
80 echo "turnserver not configured"
81 echo ""
82 echo "------------------------------------------------"
83 db_stop
84 exit 0
85 fi
86
87 if [[ -f $TURN_CONFIG ]] ; then
88 echo "------------------------------------------------"
89 echo ""
90 echo "turnserver is already configured on this machine."
91 echo ""
92 echo "------------------------------------------------"
93
94 if grep -q "jitsi-meet coturn config" "$TURN_CONFIG" && ! grep -q "jitsi-meet coturn relay disable config" "$TURN_CONFIG" ; then
95 echo "Updating coturn config"
96 echo "# jitsi-meet coturn relay disable config. Do not modify this line
97 no-multicast-peers
98 no-cli
99 no-loopback-peers
100 no-tcp-relay
101 denied-peer-ip=0.0.0.0-0.255.255.255
102 denied-peer-ip=10.0.0.0-10.255.255.255
103 denied-peer-ip=100.64.0.0-100.127.255.255
104 denied-peer-ip=127.0.0.0-127.255.255.255
105 denied-peer-ip=169.254.0.0-169.254.255.255
106 denied-peer-ip=127.0.0.0-127.255.255.255
107 denied-peer-ip=172.16.0.0-172.31.255.255
108 denied-peer-ip=192.0.0.0-192.0.0.255
109 denied-peer-ip=192.0.2.0-192.0.2.255
110 denied-peer-ip=192.88.99.0-192.88.99.255
111 denied-peer-ip=192.168.0.0-192.168.255.255
112 denied-peer-ip=198.18.0.0-198.19.255.255
113 denied-peer-ip=198.51.100.0-198.51.100.255
114 denied-peer-ip=203.0.113.0-203.0.113.255
115 denied-peer-ip=240.0.0.0-255.255.255.255" >> $TURN_CONFIG
116
117 invoke-rc.d coturn restart || true
118 fi
119
120 db_stop
121 exit 0
122 fi
123
124 # stores the hostname so we will reuse it later, like in purge
125 db_set jitsi-meet-turnserver/jvb-hostname "$JVB_HOSTNAME"
126
127 # try to get turnserver password
128 db_get jitsi-meet-prosody/turn-secret
129 if [ -z "$RET" ] ; then
130 db_input critical jitsi-meet-prosody/turn-secret || true
131 db_go
132 fi
133 TURN_SECRET="$RET"
134
135 # no turn config exists, lt's copy template and fill it in
136 PUBLIC_IP=$(dig -4 +short myip.opendns.com a @resolver1.opendns.com) || true
137 if [ -z "$PUBLIC_IP" ] ; then
138 PUBLIC_IP="127.0.0.1"
139 echo "------------------------------------------------"
140 echo "Warning! Could not resolve your external ip address! Error:^"
141 echo "Your turn server will not work till you edit your $TURN_CONFIG config file."
142 echo "You need to set your external ip address in external-ip and restart coturn service."
143 echo "------------------------------------------------"
144 fi
145 cp /usr/share/jitsi-meet-turnserver/turnserver.conf $TURN_CONFIG
146 sed -i "s/jitsi-meet.example.com/$JVB_HOSTNAME/g" $TURN_CONFIG
147 sed -i "s/__turnSecret__/$TURN_SECRET/g" $TURN_CONFIG
148 sed -i "s/__external_ip_address__/$PUBLIC_IP/g" $TURN_CONFIG
149
150 # SSL for nginx
151 db_get jitsi-meet/cert-choice
152 CERT_CHOICE="$RET"
153
154 if [ "$CERT_CHOICE" = "I want to use my own certificate" ] ; then
155 db_get jitsi-meet/cert-path-key
156 CERT_KEY="$RET"
157 db_get jitsi-meet/cert-path-crt
158 CERT_CRT="$RET"
159
160 # replace self-signed certificate paths with user provided ones
161 CERT_KEY_ESC=$(echo $CERT_KEY | sed 's/\./\\\./g')
162 CERT_KEY_ESC=$(echo $CERT_KEY_ESC | sed 's/\//\\\//g')
163 sed -i "s/pkey=\/etc\/jitsi\/meet\/.*key/pkey=$CERT_KEY_ESC/g" $TURN_CONFIG
164 CERT_CRT_ESC=$(echo $CERT_CRT | sed 's/\./\\\./g')
165 CERT_CRT_ESC=$(echo $CERT_CRT_ESC | sed 's/\//\\\//g')
166 sed -i "s/cert=\/etc\/jitsi\/meet\/.*crt/cert=$CERT_CRT_ESC/g" $TURN_CONFIG
167 fi
168
169 sed -i "s/#TURNSERVER_ENABLED/TURNSERVER_ENABLED/g" /etc/default/coturn
170 invoke-rc.d coturn restart || true
171
172 NGINX_STREAM_CONFIG="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
173 if [ $NGINX_MULTIPLEXING = "true" ] && [ ! -f $NGINX_STREAM_CONFIG ] && [ -f $NGINX_CONFIG ] ; then
174 ln -s /usr/share/jitsi-meet-turnserver/jitsi-meet.conf $NGINX_STREAM_CONFIG
175 sed -i "s/listen 443 ssl/listen 4444 ssl http2/g" $NGINX_CONFIG
176 sed -i "s/listen \[\:\:\]\:443 ssl/listen \[\:\:\]\:4444 ssl http2/g" $NGINX_CONFIG
177 invoke-rc.d nginx reload || true
178 else
179 PROSODY_HOST_CONFIG="/etc/prosody/conf.avail/$JVB_HOSTNAME.cfg.lua"
180 if [ -f $PROSODY_HOST_CONFIG ] ; then
181 # If we are not multiplexing we need to change the port in prosody config
182 sed -i 's/"443"/"5349"/g' $PROSODY_HOST_CONFIG
183 invoke-rc.d prosody restart || true
184 fi
185 fi
186
187 # Enable turn server in config.js
188 if [ -f $JITSI_MEET_CONFIG ] ; then
189 sed -i "s/\/\/ useStunTurn: true/useStunTurn: true/g" $JITSI_MEET_CONFIG
190 fi
191
192 # and we're done with debconf
193 db_stop
194 ;;
195
196 abort-upgrade|abort-remove|abort-deconfigure)
197 ;;
198
199 *)
200 echo "postinst called with unknown argument \`$1'" >&2
201 exit 1
202 ;;
203 esac
204
205 # dh_installdeb will replace this with shell code automatically
206 # generated by other debhelper scripts.
207
208 #DEBHELPER#
209
210 exit 0