| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125 |
- #!/usr/bin/with-contenv bash
- # make our folders
- mkdir -p \
- /config/{nginx/site-confs,keys} \
- /run \
- /var/lib/nginx/tmp/client_body \
- /var/tmp/nginx
- # generate keys (maybe)
- if [[ $DISABLE_HTTPS -ne 1 ]]; then
- if [[ $ENABLE_LETSENCRYPT -eq 1 ]]; then
- if [[ ! -f /etc/letsencrypt/live/$LETSENCRYPT_DOMAIN/fullchain.pem ]]; then
- if ! certbot certonly \
- --noninteractive \
- --standalone \
- --preferred-challenges http \
- -d $LETSENCRYPT_DOMAIN \
- --agree-tos \
- --email $LETSENCRYPT_EMAIL ; then
- echo "Failed to obtain a certificate from the Let's Encrypt CA."
- # this tries to get the user's attention and to spare the
- # authority's rate limit:
- sleep 15
- echo "Exiting."
- exit 1
- fi
- fi
- # remove default certbot renewal
- if [[ -f /etc/cron.d/certbot ]]; then
- rm /etc/cron.d/certbot
- fi
- # setup certbot renewal script
- if [[ ! -f /etc/cron.daily/letencrypt-renew ]]; then
- cp /defaults/letsencrypt-renew /etc/cron.daily/
- fi
- else
- # use self-signed certs
- if [[ -f /config/keys/cert.key && -f /config/keys/cert.crt ]]; then
- echo "using keys found in /config/keys"
- else
- echo "generating self-signed keys in /config/keys, you can replace these with your own keys if required"
- SUBJECT="/C=US/ST=TX/L=Austin/O=jitsi.org/OU=Jitsi Server/CN=*"
- openssl req -new -x509 -days 3650 -nodes -out /config/keys/cert.crt -keyout /config/keys/cert.key -subj "$SUBJECT"
- fi
- fi
- if [[ ! -f /config/nginx/dhparams.pem ]]; then
- openssl dhparam -out /config/nginx/dhparams.pem 2048
- fi
- fi
- # copy config files
- if [[ ! -f /config/nginx/nginx.conf ]]; then
- cp /defaults/nginx.conf /config/nginx/nginx.conf
- fi
- if [[ ! -f /config/nginx/meet.conf ]]; then
- tpl /defaults/meet.conf > /config/nginx/meet.conf
- fi
- if [[ ! -f /config/nginx/ssl.conf ]]; then
- tpl /defaults/ssl.conf > /config/nginx/ssl.conf
- fi
- if [[ ! -f /config/nginx/site-confs/default ]]; then
- tpl /defaults/default > /config/nginx/site-confs/default
- fi
- if [[ ! -f /config/config.js ]]; then
- cp /defaults/config.js /config/config.js
- sed -i \
- -e "s#jitsi-meet.example.com#$XMPP_DOMAIN#g" \
- -e "s#bosh:.*#bosh: '/http-bind',#" \
- -e "s#muc:.*#muc: '${XMPP_MUC_DOMAIN}',#" \
- -e "s#// focusUserJid:.*#focusUserJid: '${JICOFO_AUTH_USER}@${XMPP_AUTH_DOMAIN}',#" \
- /config/config.js
- if [[ $ENABLE_RECORDING -eq 1 || x$ENABLE_RECORDING == xtrue ]]; then
- sed -i \
- -e "/\/\/ Recording.*/a hiddenDomain: '$XMPP_RECORDER_DOMAIN'," \
- -e "s#// fileRecordingsEnabled:.*#fileRecordingsEnabled: true,#" \
- -e "s#// liveStreamingEnabled:.*#liveStreamingEnabled: true,#" \
- /config/config.js
- fi
- if [[ $ENABLE_AUTH -eq 1 ]]; then
- if [[ $ENABLE_GUESTS -eq 1 ]]; then
- sed -i \
- -e "s#// anonymousdomain:.*#anonymousdomain: '${XMPP_GUEST_DOMAIN}',#" \
- /config/config.js
- fi
- sed -i \
- -e "s#// authdomain:.*#authdomain: '${XMPP_DOMAIN}',#" \
- /config/config.js
- fi
- if [[ ! -z "${ETHERPAD_URL_BASE}" && -z "$(grep -om1 'etherpad_base:' /config/config.js)" ]]; then
- sed -i \
- -e "/enableWelcomePage/a\ etherpad_base: '${PUBLIC_URL}/etherpad/p/'," \
- /config/config.js
- fi
- if [[ $ENABLE_TRANSCRIPTIONS -eq 1 || "$ENABLE_TRANSCRIPTIONS" == "true" ]]; then
- sed -i \
- -e "s#// transcribingEnabled:.*#transcribingEnabled: true,#" \
- /config/config.js
- fi
- fi
- if [[ ! -f /config/interface_config.js ]]; then
- cp /defaults/interface_config.js /config/interface_config.js
- # It will remove parameter 'closedcaptions' from TOOLBAR_BUTTONS if ENABLE_TRANSCRIPTIONS is false,
- # because it enabled by default, but not supported out of the box.
- if [[ $ENABLE_TRANSCRIPTIONS -ne 1 || "$ENABLE_TRANSCRIPTIONS" != "true" ]]; then
- sed -i \
- -e "s#'closedcaptions', ##" \
- /config/interface_config.js
- fi
- fi
|
