opendev/system-config
Code Issues Proposed changes
60522f90a2
system-config/docker/jitsi-meet/web/rootfs/etc/cont-init.d/10-config
James E. Blair c79c11c2b7 Build jitsi-meet images 
So that we can run jitsi-meet with local modifications, build our
own container images.  This builds the base, prosody, and web images
from the docker-jitsi-meet project.  That project has distinct
Dockerfiles for each image, but for simplicity, this change combines
them into a single multi-stage Dockerfile.  The minor stylistic
differences between the different sections are a result of that, and
are intentional in order to minimise the delta from the source material.

Again, for simplicity, this change does not publish the base image
since it is not anticipated that we will run this build often.  If we do,
we could split this back out.

The upstream images are based on pre-built debian packages hosted by
the jitsi project.  Since our goal is to modify the software, we will
need to rebuild the debian packages as well.  This adds a new builder
image that is used to build the debian packages initially.

The docker-jitsi-meet project also has Dockerfiles for several more
images, but since the immediate need is only for the "web" image (built
from the "jitsi-meet" project), we only build that image and the "prosody"
image (not strictly necessary, but it is also a product of the "jisti-meet"
repository, so it seems a good practice to build it as well).

Change-Id: Ib3177ebfe2b8732a3522a1fa101fe95586dd1e1b
2020-03-25 15:40:50 -07:00

119 lines
4.0 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/usr/bin/with-contenv bash
# make our folders
mkdir -p \
/config/{nginx/site-confs,keys} \
/run \
/var/lib/nginx/tmp/client_body \
/var/tmp/nginx
# generate keys (maybe)
if [[ $DISABLE_HTTPS -ne 1 ]]; then
if [[ $ENABLE_LETSENCRYPT -eq 1 ]]; then
if [[ ! -f /etc/letsencrypt/live/$LETSENCRYPT_DOMAIN/fullchain.pem ]]; then
certbot certonly \
--noninteractive \
--standalone \
--preferred-challenges http \
-d $LETSENCRYPT_DOMAIN \
--agree-tos \
--email $LETSENCRYPT_EMAIL
fi
# remove default certbot renewal
if [[ -f /etc/cron.d/certbot ]]; then
rm /etc/cron.d/certbot
fi
# setup certbot renewal script
if [[ ! -f /etc/cron.daily/letencrypt-renew ]]; then
cp /defaults/letsencrypt-renew /etc/cron.daily/
fi
else
# use self-signed certs
if [[ -f /config/keys/cert.key && -f /config/keys/cert.crt ]]; then
echo "using keys found in /config/keys"
else
echo "generating self-signed keys in /config/keys, you can replace these with your own keys if required"
SUBJECT="/C=US/ST=TX/L=Austin/O=jitsi.org/OU=Jitsi Server/CN=*"
openssl req -new -x509 -days 3650 -nodes -out /config/keys/cert.crt -keyout /config/keys/cert.key -subj "$SUBJECT"
fi
fi
if [[ ! -f /config/nginx/dhparams.pem ]]; then
openssl dhparam -out /config/nginx/dhparams.pem 2048
fi
fi
# copy config files
if [[ ! -f /config/nginx/nginx.conf ]]; then
cp /defaults/nginx.conf /config/nginx/nginx.conf
fi
if [[ ! -f /config/nginx/meet.conf ]]; then
tpl /defaults/meet.conf > /config/nginx/meet.conf
fi
if [[ ! -f /config/nginx/ssl.conf ]]; then
tpl /defaults/ssl.conf > /config/nginx/ssl.conf
fi
if [[ ! -f /config/nginx/site-confs/default ]]; then
tpl /defaults/default > /config/nginx/site-confs/default
fi
if [[ ! -f /config/config.js ]]; then
cp /defaults/config.js /config/config.js
sed -i \
-e "s#jitsi-meet.example.com#$XMPP_DOMAIN#g" \
-e "s#bosh:.*#bosh: '/http-bind',#" \
-e "s#muc:.*#muc: '${XMPP_MUC_DOMAIN}',#" \
-e "s#// focusUserJid:.*#focusUserJid: '${JICOFO_AUTH_USER}@${XMPP_AUTH_DOMAIN}',#" \
/config/config.js
if [[ $ENABLE_RECORDING -eq 1 || x$ENABLE_RECORDING == xtrue ]]; then
sed -i \
-e "/\/\/ Recording.*/a hiddenDomain: '$XMPP_RECORDER_DOMAIN'," \
-e "s#// fileRecordingsEnabled:.*#fileRecordingsEnabled: true,#" \
-e "s#// liveStreamingEnabled:.*#liveStreamingEnabled: true,#" \
/config/config.js
fi
if [[ $ENABLE_AUTH -eq 1 ]]; then
if [[ $ENABLE_GUESTS -eq 1 ]]; then
sed -i \
-e "s#// anonymousdomain:.*#anonymousdomain: '${XMPP_GUEST_DOMAIN}',#" \
/config/config.js
fi
sed -i \
-e "s#// authdomain:.*#authdomain: '${XMPP_DOMAIN}',#" \
/config/config.js
fi
if [[ ! -z "${ETHERPAD_URL_BASE}" && -z "$(grep -om1 'etherpad_base:' /config/config.js)" ]]; then
sed -i \
-e "/enableWelcomePage/a\ etherpad_base: '/etherpad/p/'," \
/config/config.js
fi
if [[ $ENABLE_TRANSCRIPTIONS -eq 1 || "$ENABLE_TRANSCRIPTIONS" == "true" ]]; then
sed -i \
-e "s#// transcribingEnabled:.*#transcribingEnabled: true,#" \
/config/config.js
fi
fi
if [[ ! -f /config/interface_config.js ]]; then
cp /defaults/interface_config.js /config/interface_config.js
# It will remove parameter 'closedcaptions' from TOOLBAR_BUTTONS if ENABLE_TRANSCRIPTIONS is false,
# because it enabled by default, but not supported out of the box.
if [[ $ENABLE_TRANSCRIPTIONS -ne 1 || "$ENABLE_TRANSCRIPTIONS" != "true" ]]; then
sed -i \
-e "s#'closedcaptions', ##" \
/config/interface_config.js
fi
fi
View Git Blame Copy Permalink