"Fossies" - the Fresh Open Source Software Archive

Member "jitsi-meet-4429/debian/jitsi-meet-turnserver.postinst" (23 Sep 2020, 8432 Bytes) of package /linux/misc/jitsi-meet-4429.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Bash source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 #!/bin/bash
    2 # postinst script for jitsi-meet-turnserver
    3 #
    4 # see: dh_installdeb(1)
    5 
    6 set -e
    7 
    8 # summary of how this script can be called:
    9 #        * <postinst> `configure' <most-recently-configured-version>
   10 #        * <old-postinst> `abort-upgrade' <new version>
   11 #        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
   12 #          <new-version>
   13 #        * <postinst> `abort-remove'
   14 #        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
   15 #          <failed-install-package> <version> `removing'
   16 #          <conflicting-package> <version>
   17 # for details, see http://www.debian.org/doc/debian-policy/ or
   18 # the debian-policy package
   19 
   20 case "$1" in
   21     configure)
   22         # loading debconf
   23         . /usr/share/debconf/confmodule
   24 
   25         # try to get host from jitsi-videobridge
   26         db_get jitsi-videobridge/jvb-hostname
   27         if [ -z "$RET" ] ; then
   28             # server hostname
   29             db_set jitsi-videobridge/jvb-hostname "localhost"
   30             db_input critical jitsi-videobridge/jvb-hostname || true
   31             db_go
   32         fi
   33         JVB_HOSTNAME="$RET"
   34 
   35         TURN_CONFIG="/etc/turnserver.conf"
   36         NGINX_CONFIG="/etc/nginx/sites-available/$JVB_HOSTNAME.conf"
   37         JITSI_MEET_CONFIG="/etc/jitsi/meet/$JVB_HOSTNAME-config.js"
   38 
   39         NGINX_SITES_ENABLED="/etc/nginx/sites-enabled/"
   40         NGINX_CONFIG_ENABLED="${NGINX_SITES_ENABLED}${JVB_HOSTNAME}.conf"
   41         NGINX_MULTIPLEXING="true"
   42         for site in ${NGINX_SITES_ENABLED}*; do
   43             # if it is not a file continue
   44             [ -f "${site}" ] || continue
   45             # if it is our config skip
   46             [ "${site}" != "${NGINX_CONFIG_ENABLED}" ] || continue
   47             # check whether other enabled hosts has listen 443
   48             if cat ${site} | grep -v "^[[:space:]]*#" | grep listen | grep -q "^.*[[:space:]:]443[;[:space:]].*" ; then
   49                 # nothing to do
   50                 echo "------------------------------------------------"
   51                 echo ""
   52                 echo "turnserver is listening on tcp 5349 as other nginx sites use port 443"
   53                 echo ""
   54                 echo "------------------------------------------------"
   55                 NGINX_MULTIPLEXING="false"
   56             fi
   57         done
   58 
   59         # if there was a turn config backup it so we can configure
   60         # we cannot recognize at the moment is this a user config or default config when installing coturn
   61         if [[ -f $TURN_CONFIG ]] && ! grep -q "jitsi-meet coturn config" "$TURN_CONFIG" ; then
   62             mv $TURN_CONFIG $TURN_CONFIG.bak
   63         fi
   64 
   65         # detect dpkg-reconfigure, just delete old links
   66         db_get jitsi-meet-turnserver/jvb-hostname
   67         JVB_HOSTNAME_OLD=$RET
   68         if [ -n "$RET" ] && [ ! "$JVB_HOSTNAME_OLD" = "$JVB_HOSTNAME" ] ; then
   69             if [[ -f $TURN_CONFIG ]] && grep -q "jitsi-meet coturn config" "$TURN_CONFIG" ; then
   70                 rm -f $TURN_CONFIG
   71             fi
   72         fi
   73 
   74         # this detect only old installations with no nginx
   75         db_get jitsi-meet/jvb-serve || true
   76         if [ ! -f $NGINX_CONFIG -o "$RET" = "true" ] ; then
   77             # nothing to do
   78             echo "------------------------------------------------"
   79             echo ""
   80             echo "turnserver not configured"
   81             echo ""
   82             echo "------------------------------------------------"
   83             db_stop
   84             exit 0
   85         fi
   86 
   87         if [[ -f $TURN_CONFIG ]] ; then
   88             echo "------------------------------------------------"
   89             echo ""
   90             echo "turnserver is already configured on this machine."
   91             echo ""
   92             echo "------------------------------------------------"
   93 
   94             if grep -q "jitsi-meet coturn config" "$TURN_CONFIG" && ! grep -q "jitsi-meet coturn relay disable config" "$TURN_CONFIG" ; then
   95                 echo "Updating coturn config"
   96                 echo "# jitsi-meet coturn relay disable config. Do not modify this line
   97 no-multicast-peers
   98 no-cli
   99 no-loopback-peers
  100 no-tcp-relay
  101 denied-peer-ip=0.0.0.0-0.255.255.255
  102 denied-peer-ip=10.0.0.0-10.255.255.255
  103 denied-peer-ip=100.64.0.0-100.127.255.255
  104 denied-peer-ip=127.0.0.0-127.255.255.255
  105 denied-peer-ip=169.254.0.0-169.254.255.255
  106 denied-peer-ip=127.0.0.0-127.255.255.255
  107 denied-peer-ip=172.16.0.0-172.31.255.255
  108 denied-peer-ip=192.0.0.0-192.0.0.255
  109 denied-peer-ip=192.0.2.0-192.0.2.255
  110 denied-peer-ip=192.88.99.0-192.88.99.255
  111 denied-peer-ip=192.168.0.0-192.168.255.255
  112 denied-peer-ip=198.18.0.0-198.19.255.255
  113 denied-peer-ip=198.51.100.0-198.51.100.255
  114 denied-peer-ip=203.0.113.0-203.0.113.255
  115 denied-peer-ip=240.0.0.0-255.255.255.255" >> $TURN_CONFIG
  116 
  117                 invoke-rc.d coturn restart || true
  118             fi
  119 
  120             db_stop
  121             exit 0
  122         fi
  123 
  124         # stores the hostname so we will reuse it later, like in purge
  125         db_set jitsi-meet-turnserver/jvb-hostname "$JVB_HOSTNAME"
  126 
  127         # try to get turnserver password
  128         db_get jitsi-meet-prosody/turn-secret
  129         if [ -z "$RET" ] ; then
  130             db_input critical jitsi-meet-prosody/turn-secret || true
  131             db_go
  132         fi
  133         TURN_SECRET="$RET"
  134 
  135         # no turn config exists, lt's copy template and fill it in
  136         PUBLIC_IP=$(dig -4 +short myip.opendns.com a @resolver1.opendns.com) || true
  137         if [ -z "$PUBLIC_IP" ] ; then
  138             PUBLIC_IP="127.0.0.1"
  139             echo "------------------------------------------------"
  140             echo "Warning! Could not resolve your external ip address! Error:^"
  141             echo "Your turn server will not work till you edit your $TURN_CONFIG config file."
  142             echo "You need to set your external ip address in external-ip and restart coturn service."
  143             echo "------------------------------------------------"
  144         fi
  145         cp /usr/share/jitsi-meet-turnserver/turnserver.conf $TURN_CONFIG
  146         sed -i "s/jitsi-meet.example.com/$JVB_HOSTNAME/g" $TURN_CONFIG
  147         sed -i "s/__turnSecret__/$TURN_SECRET/g" $TURN_CONFIG
  148         sed -i "s/__external_ip_address__/$PUBLIC_IP/g" $TURN_CONFIG
  149 
  150         # SSL for nginx
  151         db_get jitsi-meet/cert-choice
  152         CERT_CHOICE="$RET"
  153 
  154         if [ "$CERT_CHOICE" = "I want to use my own certificate" ] ; then
  155             db_get jitsi-meet/cert-path-key
  156             CERT_KEY="$RET"
  157             db_get jitsi-meet/cert-path-crt
  158             CERT_CRT="$RET"
  159 
  160             # replace self-signed certificate paths with user provided ones
  161             CERT_KEY_ESC=$(echo $CERT_KEY | sed 's/\./\\\./g')
  162             CERT_KEY_ESC=$(echo $CERT_KEY_ESC | sed 's/\//\\\//g')
  163             sed -i "s/pkey=\/etc\/jitsi\/meet\/.*key/pkey=$CERT_KEY_ESC/g" $TURN_CONFIG
  164             CERT_CRT_ESC=$(echo $CERT_CRT | sed 's/\./\\\./g')
  165             CERT_CRT_ESC=$(echo $CERT_CRT_ESC | sed 's/\//\\\//g')
  166             sed -i "s/cert=\/etc\/jitsi\/meet\/.*crt/cert=$CERT_CRT_ESC/g" $TURN_CONFIG
  167         fi
  168 
  169         sed -i "s/#TURNSERVER_ENABLED/TURNSERVER_ENABLED/g" /etc/default/coturn
  170         invoke-rc.d coturn restart || true
  171 
  172         NGINX_STREAM_CONFIG="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
  173         if [ $NGINX_MULTIPLEXING = "true" ] && [ ! -f $NGINX_STREAM_CONFIG ] && [ -f $NGINX_CONFIG ] ; then
  174             ln -s /usr/share/jitsi-meet-turnserver/jitsi-meet.conf $NGINX_STREAM_CONFIG
  175             sed -i "s/listen 443 ssl/listen 4444 ssl http2/g" $NGINX_CONFIG
  176             sed -i "s/listen \[\:\:\]\:443 ssl/listen \[\:\:\]\:4444 ssl http2/g" $NGINX_CONFIG
  177             invoke-rc.d nginx reload || true
  178         else
  179             PROSODY_HOST_CONFIG="/etc/prosody/conf.avail/$JVB_HOSTNAME.cfg.lua"
  180             if [ -f $PROSODY_HOST_CONFIG ] ; then
  181                 # If we are not multiplexing we need to change the port in prosody config
  182                 sed -i 's/"443"/"5349"/g' $PROSODY_HOST_CONFIG
  183                 invoke-rc.d prosody restart || true
  184             fi
  185         fi
  186 
  187         # Enable turn server in config.js
  188         if [ -f $JITSI_MEET_CONFIG ] ; then
  189             sed -i "s/\/\/ useStunTurn: true/useStunTurn: true/g" $JITSI_MEET_CONFIG
  190         fi
  191 
  192         # and we're done with debconf
  193         db_stop
  194     ;;
  195 
  196     abort-upgrade|abort-remove|abort-deconfigure)
  197     ;;
  198 
  199     *)
  200         echo "postinst called with unknown argument \`$1'" >&2
  201         exit 1
  202     ;;
  203 esac
  204 
  205 # dh_installdeb will replace this with shell code automatically
  206 # generated by other debhelper scripts.
  207 
  208 #DEBHELPER#
  209 
  210 exit 0