@drumee/setup-infra 1.0.7 → 1.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/install +2 -1
- package/bin/set-jitsi-conf +4 -3
- package/index.js +12 -2
- package/package.json +1 -1
- package/templates/etc/bind/named.conf.local +8 -0
- package/templates/etc/drumee/drumee.sh.tpl +1 -1
- package/templates/etc/drumee/infrastructure/mfs.conf.tpl +2 -2
- package/templates/etc/jitsi/meet.conf.tpl +3 -1
- package/templates/etc/nginx/sites-enabled/drumee.conf.tpl +7 -0
- package/templates/etc/nginx/sites-enabled/loopback.tpl +32 -0
- package/templates/var/lib/bind/revserse.tpl +17 -0
- package/custom.sh +0 -21
package/bin/install
CHANGED
|
@@ -4,7 +4,6 @@ set -e
|
|
|
4
4
|
echo "Configuring Drumee Infrastructure"
|
|
5
5
|
script_dir=$(dirname $(readlink -f $0))
|
|
6
6
|
|
|
7
|
-
clean_vendor_files
|
|
8
7
|
|
|
9
8
|
export base=$(dirname $script_dir)
|
|
10
9
|
$base/bin/init-mail $DRUMEE_DOMAIN_NAME
|
|
@@ -20,6 +19,8 @@ fi
|
|
|
20
19
|
source $base/bin/env
|
|
21
20
|
source $base/bin/prosody
|
|
22
21
|
|
|
22
|
+
clean_vendor_files
|
|
23
|
+
|
|
23
24
|
protect_dir $DRUMEE_RUNTIME_DIR "no" "mkdir"
|
|
24
25
|
protect_dir $DRUMEE_DATA_DIR "yes" "mkdir"
|
|
25
26
|
cd $DRUMEE_DATA_DIR
|
package/bin/set-jitsi-conf
CHANGED
|
@@ -1,8 +1,9 @@
|
|
|
1
|
-
#!/bin/
|
|
1
|
+
#!/bin/sh
|
|
2
2
|
if [ -e /etc/drumee/drumee.sh ]; then
|
|
3
3
|
if [ -e /etc/prosody/defaults/credentials.sh ]; then
|
|
4
|
-
|
|
5
|
-
|
|
4
|
+
. /etc/drumee/drumee.sh
|
|
5
|
+
. /etc/prosody/defaults/credentials.sh
|
|
6
|
+
. /usr/share/debconf/confmodule
|
|
6
7
|
turn_secret=$(grep static-auth-secret /etc/turnserver.conf | sed -E "s/^.+=//")
|
|
7
8
|
db_set jitsi-videobridge/jvb-hostname $JITSI_DOMAIN
|
|
8
9
|
db_set jitsi-videobridge/jvbsecret $JVB_PASSWORD
|
package/index.js
CHANGED
|
@@ -227,9 +227,14 @@ function makeData(opt) {
|
|
|
227
227
|
if (/.+\+$/.test(value)) {
|
|
228
228
|
value = value.replace(/\+$/, data[key]);
|
|
229
229
|
}
|
|
230
|
-
data[key] = value || fallback;
|
|
230
|
+
data[key] = value.trim() || fallback;
|
|
231
231
|
}
|
|
232
232
|
}
|
|
233
|
+
|
|
234
|
+
if(data.public_ip4){
|
|
235
|
+
data.reverse_ip4 = data.public_ip4.split('.').reverse().join('.');
|
|
236
|
+
}
|
|
237
|
+
|
|
233
238
|
return data;
|
|
234
239
|
}
|
|
235
240
|
/**
|
|
@@ -401,6 +406,12 @@ function writeInfraConf(data) {
|
|
|
401
406
|
`${mariadb}/50-server.cnf`,
|
|
402
407
|
];
|
|
403
408
|
|
|
409
|
+
if(data.reverse_ip4){
|
|
410
|
+
targets.push({
|
|
411
|
+
tpl: `var/lib/bind/reverse.tpl`,
|
|
412
|
+
out: `var/lib/bind/${data.public_ip4}`
|
|
413
|
+
})
|
|
414
|
+
}
|
|
404
415
|
data.dkim_key = getDkim(dkim);
|
|
405
416
|
data.mail_user = MAIL_USER || 'postfix';
|
|
406
417
|
data.mail_password = uniqueId();
|
|
@@ -534,7 +545,6 @@ function configure() {
|
|
|
534
545
|
const isPrivate = await privateIp();
|
|
535
546
|
let os = require("os");
|
|
536
547
|
let interfaces = os.networkInterfaces();
|
|
537
|
-
let public_address;
|
|
538
548
|
for (let name in interfaces) {
|
|
539
549
|
for (let dev of interfaces[name]) {
|
|
540
550
|
if (dev.family == 'IPv4') {
|
package/package.json
CHANGED
|
@@ -11,3 +11,11 @@ zone "<%= domain %>" {
|
|
|
11
11
|
allow-update { key "update"; };
|
|
12
12
|
allow-transfer { <%= public_ip4 %>; };
|
|
13
13
|
};
|
|
14
|
+
|
|
15
|
+
<% if (typeof(reverse_ip4) !== "undefined" && reverse_ip4 != "" ) { %>
|
|
16
|
+
zone "<%= reverse_ip4 %>" {
|
|
17
|
+
type master;
|
|
18
|
+
file "/var/lib/bind/<%= public_ip4 %>";
|
|
19
|
+
allow-query { any; };
|
|
20
|
+
};
|
|
21
|
+
<% } %>
|
|
@@ -30,7 +30,7 @@ export DRUMEE_SERVER_NODE=<%= runtime_dir %>/dist/main/node_modules
|
|
|
30
30
|
export DRUMEE_STATIC_DIR=<%= static_dir %>
|
|
31
31
|
export DRUMEE_SYSTEM_GROUP=<%= system_group %>
|
|
32
32
|
export DRUMEE_SYSTEM_USER=<%= system_user %>
|
|
33
|
-
export DRUMEE_TMP_DIR=<%=
|
|
33
|
+
export DRUMEE_TMP_DIR=<%= data_dir %>/tmp
|
|
34
34
|
export DRUMEE_UI_HOME=<%= runtime_dir %>/ui
|
|
35
35
|
export DRUMEE_STORAGE_BACKUP=<%= storage_backup %>
|
|
36
36
|
export DRUMEE_DB_BACKUP=<%= db_backup %>
|
|
@@ -7,10 +7,10 @@
|
|
|
7
7
|
location / {
|
|
8
8
|
index /-/;
|
|
9
9
|
|
|
10
|
-
location ~ (.+)
|
|
10
|
+
location ~ (.+)$ {
|
|
11
11
|
add_header Cache-Control max-age=31536000;
|
|
12
12
|
fastcgi_hide_header Set-Cookie;
|
|
13
13
|
add_header Access-Control-Allow-Origin <%= domain %>;
|
|
14
|
-
rewrite /(.+)$ <%= public_ui_root %>/svc/media.raw?p
|
|
14
|
+
rewrite /(.+)$ <%= public_ui_root %>/svc/media.raw?p=/$1&d=inline;
|
|
15
15
|
}
|
|
16
16
|
}
|
|
@@ -24,6 +24,13 @@ server {
|
|
|
24
24
|
root <%= server_dir %>;
|
|
25
25
|
server_name <%= domain %>;
|
|
26
26
|
client_max_body_size <%= max_body_size %>;
|
|
27
|
+
|
|
28
|
+
# Security headers
|
|
29
|
+
add_header X-Content-Type-Options nosniff;
|
|
30
|
+
add_header X-XSS-Protection "1; mode=block";
|
|
31
|
+
|
|
32
|
+
set $prefix "";
|
|
33
|
+
|
|
27
34
|
include /etc/drumee/ssl/main.conf;
|
|
28
35
|
include /etc/drumee/infrastructure/routes/*.conf;
|
|
29
36
|
include /etc/drumee/infrastructure/internals/*.conf;
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
|
|
2
|
+
# -------------------------------------------------------------
|
|
3
|
+
# !!!!!!! DO NOT EDIT !!!!!!!!
|
|
4
|
+
# Config file automatically generated by <setup-infra>
|
|
5
|
+
# Purpose : Provide Nginx config to a specific server
|
|
6
|
+
# Server name : loopback
|
|
7
|
+
# Date : <%= date %>
|
|
8
|
+
# -------------------------------------------------------------
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
proxy_cache_path <%= cache_dir %>/loopback levels=1:2 keys_zone=loopback_keys_zone:10m max_size=10g inactive=60m;
|
|
12
|
+
server {
|
|
13
|
+
listen 127.0.0.1:80;
|
|
14
|
+
server_name _;
|
|
15
|
+
#
|
|
16
|
+
root <%= server_dir %>;
|
|
17
|
+
server_name _;
|
|
18
|
+
client_max_body_size <%= max_body_size %>;
|
|
19
|
+
|
|
20
|
+
# Security headers
|
|
21
|
+
add_header X-Content-Type-Options nosniff;
|
|
22
|
+
add_header X-XSS-Protection "1; mode=block";
|
|
23
|
+
|
|
24
|
+
set $prefix "";
|
|
25
|
+
|
|
26
|
+
include /etc/drumee/ssl/main.conf;
|
|
27
|
+
include /etc/drumee/infrastructure/routes/*.conf;
|
|
28
|
+
include /etc/drumee/infrastructure/internals/*.conf;
|
|
29
|
+
include /etc/drumee/infrastructure/mfs.conf;
|
|
30
|
+
}
|
|
31
|
+
|
|
32
|
+
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
$TTL 3D
|
|
2
|
+
$ORIGIN <%= reverse_ip4 %>.
|
|
3
|
+
;
|
|
4
|
+
@ IN SOA ns1.<%= domain %>. master.<%= domain %>. (
|
|
5
|
+
<%= serial %> ; serial, today date + today serial
|
|
6
|
+
1H ; refresh, seconds
|
|
7
|
+
2H ; retry, seconds
|
|
8
|
+
4W ; expire, seconds
|
|
9
|
+
1D ) ; minimum, seconds
|
|
10
|
+
;
|
|
11
|
+
;
|
|
12
|
+
@ IN NS ns1.<%= domain %>.
|
|
13
|
+
@ IN NS ns2.<%= domain %>.
|
|
14
|
+
|
|
15
|
+
2 IN PTR ns1.<%= domain %>.
|
|
16
|
+
3 IN PTR ns2.<%= domain %>.
|
|
17
|
+
3 IN PTR smtp.<%= domain %>.
|
package/custom.sh
DELETED
|
@@ -1,21 +0,0 @@
|
|
|
1
|
-
apt install -y git
|
|
2
|
-
mkdir /root/reinstall
|
|
3
|
-
cd /root/reinstall
|
|
4
|
-
curl -O https://download.jitsi.org/stable/jitsi-videobridge2_2.3-92-g64f9f34f-1_all.deb
|
|
5
|
-
curl -O https://download.jitsi.org/stable/jicofo_1.0-1075-1_all.deb
|
|
6
|
-
curl -O https://download.jitsi.org/stable/jitsi-meet-prosody_1.0.7874-1_all.deb
|
|
7
|
-
curl -O https://download.jitsi.org/stable/jitsi-meet-turnserver_1.0.7874-1_all.deb
|
|
8
|
-
curl -O https://download.jitsi.org/stable/jitsi-meet-web-config_1.0.7874-1_all.deb
|
|
9
|
-
curl -O https://download.jitsi.org/stable/jitsi-meet-web_1.0.7874-1_all.deb
|
|
10
|
-
curl -O https://download.jitsi.org/stable/jitsi-meet_2.0.9364-1_all.deb
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
apt install /root/reinstall/jicofo_1.0-1075-1_all.deb -y
|
|
14
|
-
apt install /root/reinstall/jitsi-videobridge2_2.3-92-g64f9f34f-1_all.deb -y
|
|
15
|
-
apt install /root/reinstall/jitsi-meet-web-config_1.0.7874-1_all.deb -y
|
|
16
|
-
apt install /root/reinstall/jitsi-meet-web_1.0.7874-1_all.deb -y
|
|
17
|
-
apt install /root/reinstall/jitsi-meet-prosody_1.0.7874-1_all.deb -y
|
|
18
|
-
apt install /root/reinstall/jitsi-meet-turnserver_1.0.7874-1_all.deb -y
|
|
19
|
-
apt install /root/reinstall/jitsi-meet_2.0.9364-1_all.deb -y
|
|
20
|
-
|
|
21
|
-
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDjPCTSuU0ThzsJ3Tp6qP2jQQz2QtV5j4+U3tPgSleqgy3Dkb99jeWcZfknmcNibpxjynw8QrT/tQ+WxUOB0xh/nC0YvWQnPE7rguBQ9gjvOVaTYaVcMSzv+fSckGPDI5KuPpmodmtuvNKw5R8lFlK+2TkOHzZ4WU9xFwZwvgVCuZJbhBOPJWOCW3abqhAZXRYwAvC07wEtivKJ5zeFEPFhDea/wjHxWX0iXTc6utpCxwoydbfDc19cCIqOUHcimbAuoa8aDtc2qt0N2zB/Q2yko3p8+00RouZ41xYXe++JGNbwsvTpogm46H5hj/TuunrLnLApHGWBkw59T6HMGPtp somanos@chrouk.local
|