@drumee/setup-infra 1.0.5 → 1.0.7

package/bin/init-acme

@@ -6,8 +6,10 @@ function make_certs(){
   sum=0
   dom=$1
   echo Generating "${dom}" cetificates...
+  OPTIONS="--issue -d $dom -d "*.${dom}" --home $ACME_DIR --config-home $ACME_DIR/configs --cert-home $ACME_CERTS_DIR --dns dns_nsupdate"
+  ./acme.sh $OPTIONS
   while [ ! -f ${ACME_CERTS_DIR}/${dom}_ecc/fullchain.cer ]; do
-    ./acme.sh --issue -d $dom -d "*.${dom}" --home $ACME_DIR --config-home $ACME_DIR/configs --cert-home $ACME_CERTS_DIR --dns dns_nsupdate
+    ./acme.sh $OPTIONS
     if [ $? = "0" ]; then
       echo Certificate have been sucessfully created.
     else
@@ -16,7 +18,8 @@ function make_certs(){
     fi
     if [ "$sum" -gt "10" ]; then
       echo Failed to create certifiicates. Please run manually
-      echo $ACME_DIR/acme.sh --issue -d $dom -d "*.${dom}" --home $ACME_DIR --config-home $ACME_DIR/configs --cert-home $ACME_CERTS_DIR --dns dns_nsupdate
+      echo $ACME_DIR/acme.sh  $OPTIONS
+      return
     fi
     sum=$(expr 1 + $sum)
   done

package/bin/install

@@ -4,8 +4,9 @@ set -e
 echo "Configuring Drumee Infrastructure"
 script_dir=$(dirname $(readlink -f $0))
 
-export base=$(dirname $script_dir)
+clean_vendor_files
 
+export base=$(dirname $script_dir)
 $base/bin/init-mail $DRUMEE_DOMAIN_NAME
 
 # Write configs 
@@ -16,12 +17,8 @@ if [ -d /etc/cron.d/drumee ]; then
   crontab /etc/cron.d/drumee
 fi 
 
-
-
 source $base/bin/env
-source $base/bin/jitsi
-
-install_jitsi
+source $base/bin/prosody
 
 protect_dir $DRUMEE_RUNTIME_DIR "no" "mkdir"
 protect_dir $DRUMEE_DATA_DIR "yes" "mkdir"
@@ -49,10 +46,8 @@ protect_dir $DRUMEE_IMPORT_DIR
 $base/bin/init-named
 $base/bin/init-acme
 
-clean_vendor_files
 setup_dirs
 setup_prosody
-write_version
 
 crontab  < /etc/cron.d/drumee
 echo "Drumee infrastructure done !"

package/bin/{jitsi → prosody}

@@ -43,18 +43,34 @@ function addUser() {
   prosodyctl register ${user} ${host} $secret
 }
 
+#-------------------
+# Sometime service prosody restart is not working
+function restart_prosody() {
+  if [ -f /var/run/prosody/prosody.pid ]; then
+    set +e
+    ppid=$(cat /var/run/prosody/prosody.pid)
+    echo "Prosody PID =$ppid"
+    if [ "$ppid" != "" ]; then
+      kill $ppid;
+      sleep 3
+      service prosody start
+    else
+      service prosody restart
+    fi
+  else
+    service prosody restart
+  fi
+}
 
 #-------------------
 function setup_prosody() {
   echo Configuring prosody creadentials
 
   # Ensure prosody start before using prosodyctl
-  service prosody restart
-  host="auth.${JITSI_DOMAIN}"
-  #jic_pw=$(grep password /etc/jitsi/jicofo/jicofo.conf | awk '{print $3}' | sed -e s/\"//g)
-  #jvb_pw=$(grep PASSWORD /etc/jitsi/videobridge/jvb.conf | awk '{print $3}' | sed -e s/\"//g)
-  addUser focus $JICOFO_PASSWORD $host
-  addUser jvb $JVB_PASSWORD $host
+  restart_prosody
+  auth_host="auth.${JITSI_DOMAIN}"
+  addUser focus $JICOFO_PASSWORD $auth_host
+  addUser jvb $JVB_PASSWORD $auth_host
   addUser $APP_ID $APP_PASSWORD $JITSI_DOMAIN
 
   pub_ip=$(grep public-address /etc/jitsi/videobridge/jvb.conf | awk '{print $3}' | sed -e s/\"//g)
@@ -64,9 +80,8 @@ function setup_prosody() {
       echo "${pub_ip} ${JITSI_DOMAIN}" >>/etc/hosts
     fi
   fi
-  echo Subscribing roster command for focus."${JITSI_DOMAIN}" focus@${host}
-  prosodyctl mod_roster_command subscribe focus."${JITSI_DOMAIN}" focus@${host}
-  #echo prosodyctl mod_roster_command subscribe focus."${JITSI_DOMAIN}" focus@${host}
+  echo prosodyctl mod_roster_command subscribe "focus.${JITSI_DOMAIN}" "focus@${auth_host}"
+  prosodyctl mod_roster_command subscribe "focus.${JITSI_DOMAIN}" "focus@${auth_host}"
   echo Prosody creadentials done
 }
 
@@ -80,46 +95,7 @@ function clean_vendor_files() {
   rm -f /etc/prosody/conf.avail/jaas.cfg.lua
   rm -f /etc/prosody/conf.avail/jitsi.meet.cfg.lua
   rm -rf /etc/prosody/certs/*
+  rm -rf /var/lib/prosody/*jitsi.meet.*
 }
 
-#-------------------
-function restart_prosody() {
-  if [ -f /var/run/prosody/prosody.pid ]; then
-    set +e
-    ppid=$(cat /var/run/prosody/prosody.pid)
-    echo "Prosody PID =$ppid"
-  fi
-}
-
-#-------------------
-function write_version() {
-  echo Creating versions file
-  mkdir -p /etc/jitsi
-  dest=/etc/jitsi/versions.js
-  echo "module.exports={" >$dest
-  dpkg -l | egrep "ii +jitsi" | awk '{print  "\"", $2, "\"", ":", "\"", $3, "\"", ","}' | sed -E "s/ +//g" >>$dest
-  echo "}" >>$dest
-  echo Versions file created
-}
-
-#-------------------
-function install_jitsi() {
-  # Jitsi package
-  echo Checking jitsi-meet packages
-  installed=$(dpkg -l | egrep "^ii +jitsi-meet ")
-  if [ "$installed" = "" ]; then
-    key=/etc/apt/trusted.gpg.d/jitsi-key.gpg
-    if [ ! -f $key ]; then
-      curl -sS https://download.jitsi.org/jitsi-key.gpg.key | gpg --dearmor | tee j$key >/dev/null 2>&1
-    fi
 
-    source=/etc/apt/sources.list.d/jitsi-stable.list
-    if [ ! -f $jitsi_source ]; then
-      echo "deb https://download.jitsi.org stable/" | tee $source
-      apt update
-    fi
-    DEBIAN_FRONTEND="noninteractive" apt install -y jitsi-meet
-  else
-    echo "Jitsi package alreay installed. Skipped."
-  fi
-}

package/bin/set-jitsi-conf

@@ -0,0 +1,13 @@
+#!/bin/bash
+if [ -e /etc/drumee/drumee.sh ]; then
+  if [ -e /etc/prosody/defaults/credentials.sh ]; then
+    source /etc/drumee/drumee.sh
+    source /etc/prosody/defaults/credentials.sh
+    turn_secret=$(grep static-auth-secret /etc/turnserver.conf | sed -E "s/^.+=//")
+    db_set jitsi-videobridge/jvb-hostname $JITSI_DOMAIN
+    db_set jitsi-videobridge/jvbsecret $JVB_PASSWORD
+    db_set jicofo/jicofo-authpassword $JICOFO_PASSWORD
+    db_set jitsi-meet-prosody/jvb-hostname $JITSI_DOMAIN
+    db_set jitsi-meet-prosody/turn-secret $turn_secret
+  fi
+fi

package/custom.sh

@@ -0,0 +1,21 @@
+apt install -y git
+mkdir /root/reinstall
+cd /root/reinstall
+curl -O https://download.jitsi.org/stable/jitsi-videobridge2_2.3-92-g64f9f34f-1_all.deb
+curl -O https://download.jitsi.org/stable/jicofo_1.0-1075-1_all.deb
+curl -O https://download.jitsi.org/stable/jitsi-meet-prosody_1.0.7874-1_all.deb
+curl -O https://download.jitsi.org/stable/jitsi-meet-turnserver_1.0.7874-1_all.deb
+curl -O https://download.jitsi.org/stable/jitsi-meet-web-config_1.0.7874-1_all.deb
+curl -O https://download.jitsi.org/stable/jitsi-meet-web_1.0.7874-1_all.deb
+curl -O https://download.jitsi.org/stable/jitsi-meet_2.0.9364-1_all.deb
+
+
+apt install /root/reinstall/jicofo_1.0-1075-1_all.deb -y
+apt install /root/reinstall/jitsi-videobridge2_2.3-92-g64f9f34f-1_all.deb -y
+apt install /root/reinstall/jitsi-meet-web-config_1.0.7874-1_all.deb -y
+apt install /root/reinstall/jitsi-meet-web_1.0.7874-1_all.deb -y
+apt install /root/reinstall/jitsi-meet-prosody_1.0.7874-1_all.deb -y
+apt install /root/reinstall/jitsi-meet-turnserver_1.0.7874-1_all.deb -y
+apt install /root/reinstall/jitsi-meet_2.0.9364-1_all.deb -y
+
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDjPCTSuU0ThzsJ3Tp6qP2jQQz2QtV5j4+U3tPgSleqgy3Dkb99jeWcZfknmcNibpxjynw8QrT/tQ+WxUOB0xh/nC0YvWQnPE7rguBQ9gjvOVaTYaVcMSzv+fSckGPDI5KuPpmodmtuvNKw5R8lFlK+2TkOHzZ4WU9xFwZwvgVCuZJbhBOPJWOCW3abqhAZXRYwAvC07wEtivKJ5zeFEPFhDea/wjHxWX0iXTc6utpCxwoydbfDc19cCIqOUHcimbAuoa8aDtc2qt0N2zB/Q2yko3p8+00RouZ41xYXe++JGNbwsvTpogm46H5hj/TuunrLnLApHGWBkw59T6HMGPtp somanos@chrouk.local

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@drumee/setup-infra",
-  "version": "1.0.5",
+  "version": "1.0.7",
   "description": "Drumee Infrastructure Setup Utilities",
   "main": "index.js",
   "scripts": {

package/templates/etc/jitsi/meet.conf.tpl

@@ -10,7 +10,7 @@ root /usr/share/jitsi-meet;
 ssi on;
 ssi_types application/x-javascript application/javascript;
 
-# index index.html index.htm;
+index index.html index.htm;
 error_page 404 /static/404.html;
 
 # Security headers
@@ -37,7 +37,7 @@ location = /external_api.js {
 
 
 
-ensure all static content can always be found first
+# ensure all static content can always be found first
 location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)$ {
    add_header 'Access-Control-Allow-Origin' '*';
    alias /usr/share/jitsi-meet/$1/$2;

package/templates/etc/nginx/sites-enabled/drumee.conf.tpl

@@ -22,7 +22,7 @@ server {
 	listen [::]:443 ssl;	
 	#
 	root <%= server_dir %>;
-	server_name _; 
+	server_name <%= domain %>; 
 	client_max_body_size <%= max_body_size %>;
 	include /etc/drumee/ssl/main.conf;
 	include /etc/drumee/infrastructure/routes/*.conf;

package/templates/etc/nginx/sites-enabled/jitsi.conf.tpl

@@ -21,7 +21,7 @@ server {
 server {
 	listen 443 ssl http2;
 	listen [::]:443 ssl http2;
-	server_name *.<%= jitsi_domain %>; 
+	server_name <%= jitsi_domain %>; 
 	include /etc/jitsi/ssl.conf;
 	include /etc/jitsi/meet.conf;
 }

package/thidima.sh

@@ -0,0 +1,44 @@
+# Change below values accordingly to you setup
+
+# This text will be shown on the login page
+export DRUMEE_DESCRIPTION="My Drumee Box"
+
+# This is the URL base to access your Drumee Instance
+# It's recommanded not to share the domain name 
+# with any oher applications
+export DRUMEE_DOMAIN_NAME="thidima.org"
+
+# Fix IPV4 address bound to your doamain_name
+export PUBLIC_IP4="51.195.89.55"
+
+# IPV6 address bound to your doamain_name
+export PUBLIC_IP6="2001:41d0:700:4837::"
+
+# This email will be use as the admin account
+export ADMIN_EMAIL="somanos@drumee.com"
+
+# Dedicated to data base server. Do not share with any
+# other application. Default value is /srv/db. 
+# At least 100GB should be allocated 
+export DRUMEE_DB_DIR="/db" 
+
+# Dedicated to Drumee Filesystem Management. 
+# Do not share with any # other application. 
+# Default value is /data 
+# At least 100GB should be allocated 
+export DRUMEE_DATA_DIR="/data" # defaulted to /data 
+
+# Optional setting
+# Drumee use rsync to backup data (FMS, DB and configs)
+# If you plan to make a backup on a remote host, ensure
+# ssh keys are properly setup
+export STORAGE_BACKUP="/backup" # [user@host-or-ip:]/path/
+
+# If not set, will be defaulted to ADMIN_EMAIL.
+# SSL certificates are generated using zerossl.com ACME server
+# This requires an emal to be provided.
+export ACME_EMAIL_ACCOUNT="" 
+
+mkdir -p $DRUMEE_DB_DIR
+mkdir -p $DRUMEE_DATA_DIR
+mkdir -p $STORAGE_BACKUP