jicofo: use a client proxy connection
This commit is contained in:
parent
d27336bece
commit
953a4d2425
|
@ -188,7 +188,6 @@ services:
|
||||||
- ENABLE_CODEC_H264
|
- ENABLE_CODEC_H264
|
||||||
- ENABLE_RECORDING
|
- ENABLE_RECORDING
|
||||||
- ENABLE_SCTP
|
- ENABLE_SCTP
|
||||||
- JICOFO_COMPONENT_SECRET
|
|
||||||
- JICOFO_AUTH_USER
|
- JICOFO_AUTH_USER
|
||||||
- JICOFO_AUTH_PASSWORD
|
- JICOFO_AUTH_PASSWORD
|
||||||
- JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS
|
- JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS
|
||||||
|
|
|
@ -9,9 +9,6 @@
|
||||||
# DO NOT reuse passwords
|
# DO NOT reuse passwords
|
||||||
#
|
#
|
||||||
|
|
||||||
# XMPP component password for Jicofo
|
|
||||||
JICOFO_COMPONENT_SECRET=
|
|
||||||
|
|
||||||
# XMPP password for Jicofo client connections
|
# XMPP password for Jicofo client connections
|
||||||
JICOFO_AUTH_PASSWORD=
|
JICOFO_AUTH_PASSWORD=
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,6 @@ function generatePassword() {
|
||||||
openssl rand -hex 16
|
openssl rand -hex 16
|
||||||
}
|
}
|
||||||
|
|
||||||
JICOFO_COMPONENT_SECRET=$(generatePassword)
|
|
||||||
JICOFO_AUTH_PASSWORD=$(generatePassword)
|
JICOFO_AUTH_PASSWORD=$(generatePassword)
|
||||||
JVB_AUTH_PASSWORD=$(generatePassword)
|
JVB_AUTH_PASSWORD=$(generatePassword)
|
||||||
JIGASI_XMPP_PASSWORD=$(generatePassword)
|
JIGASI_XMPP_PASSWORD=$(generatePassword)
|
||||||
|
@ -12,7 +11,6 @@ JIBRI_RECORDER_PASSWORD=$(generatePassword)
|
||||||
JIBRI_XMPP_PASSWORD=$(generatePassword)
|
JIBRI_XMPP_PASSWORD=$(generatePassword)
|
||||||
|
|
||||||
sed -i.bak \
|
sed -i.bak \
|
||||||
-e "s#JICOFO_COMPONENT_SECRET=.*#JICOFO_COMPONENT_SECRET=${JICOFO_COMPONENT_SECRET}#g" \
|
|
||||||
-e "s#JICOFO_AUTH_PASSWORD=.*#JICOFO_AUTH_PASSWORD=${JICOFO_AUTH_PASSWORD}#g" \
|
-e "s#JICOFO_AUTH_PASSWORD=.*#JICOFO_AUTH_PASSWORD=${JICOFO_AUTH_PASSWORD}#g" \
|
||||||
-e "s#JVB_AUTH_PASSWORD=.*#JVB_AUTH_PASSWORD=${JVB_AUTH_PASSWORD}#g" \
|
-e "s#JVB_AUTH_PASSWORD=.*#JVB_AUTH_PASSWORD=${JVB_AUTH_PASSWORD}#g" \
|
||||||
-e "s#JIGASI_XMPP_PASSWORD=.*#JIGASI_XMPP_PASSWORD=${JIGASI_XMPP_PASSWORD}#g" \
|
-e "s#JIGASI_XMPP_PASSWORD=.*#JIGASI_XMPP_PASSWORD=${JIGASI_XMPP_PASSWORD}#g" \
|
||||||
|
|
|
@ -1,13 +1,7 @@
|
||||||
#!/usr/bin/with-contenv bash
|
#!/usr/bin/with-contenv bash
|
||||||
|
|
||||||
if [[ -z $JICOFO_COMPONENT_SECRET || -z $JICOFO_AUTH_PASSWORD ]]; then
|
if [[ -z $JICOFO_AUTH_PASSWORD ]]; then
|
||||||
echo 'FATAL ERROR: Jicofo component secret and auth password must be set'
|
echo 'FATAL ERROR: Jicofo auth password must be set'
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
OLD_JICOFO_COMPONENT_SECRET=s3cr37
|
|
||||||
if [[ "$JICOFO_COMPONENT_SECRET" == "$OLD_JICOFO_COMPONENT_SECRET" ]]; then
|
|
||||||
echo 'FATAL ERROR: Jicofo component secret must be changed, check the README'
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
|
@ -3,6 +3,6 @@
|
||||||
JAVA_SYS_PROPS="-Djava.util.logging.config.file=/config/logging.properties -Dconfig.file=/config/jicofo.conf"
|
JAVA_SYS_PROPS="-Djava.util.logging.config.file=/config/logging.properties -Dconfig.file=/config/jicofo.conf"
|
||||||
DAEMON=/usr/share/jicofo/jicofo.sh
|
DAEMON=/usr/share/jicofo/jicofo.sh
|
||||||
DAEMON_DIR=/usr/share/jicofo/
|
DAEMON_DIR=/usr/share/jicofo/
|
||||||
DAEMON_OPTS="--domain=$XMPP_DOMAIN --host=$XMPP_SERVER --secret=$JICOFO_COMPONENT_SECRET --user_name=$JICOFO_AUTH_USER --user_domain=$XMPP_AUTH_DOMAIN --user_password=$JICOFO_AUTH_PASSWORD"
|
DAEMON_OPTS="--domain=$XMPP_DOMAIN --host=$XMPP_SERVER --user_name=$JICOFO_AUTH_USER --user_domain=$XMPP_AUTH_DOMAIN --user_password=$JICOFO_AUTH_PASSWORD"
|
||||||
|
|
||||||
exec s6-setuidgid jicofo /bin/bash -c "cd $DAEMON_DIR; JAVA_SYS_PROPS=\"$JAVA_SYS_PROPS\" exec $DAEMON $DAEMON_OPTS"
|
exec s6-setuidgid jicofo /bin/bash -c "cd $DAEMON_DIR; JAVA_SYS_PROPS=\"$JAVA_SYS_PROPS\" exec $DAEMON $DAEMON_OPTS"
|
||||||
|
|
|
@ -166,8 +166,8 @@ Component "{{ .Env.XMPP_MUC_DOMAIN }}" "muc"
|
||||||
muc_room_locking = false
|
muc_room_locking = false
|
||||||
muc_room_default_public_jids = true
|
muc_room_default_public_jids = true
|
||||||
|
|
||||||
Component "focus.{{ .Env.XMPP_DOMAIN }}"
|
Component "focus.{{ .Env.XMPP_DOMAIN }}" "client_proxy"
|
||||||
component_secret = "{{ .Env.JICOFO_COMPONENT_SECRET }}"
|
target_address = "{{ .Env.JICOFO_AUTH_USER }}@{{ .Env.XMPP_AUTH_DOMAIN }}"
|
||||||
|
|
||||||
Component "speakerstats.{{ .Env.XMPP_DOMAIN }}" "speakerstats_component"
|
Component "speakerstats.{{ .Env.XMPP_DOMAIN }}" "speakerstats_component"
|
||||||
muc_component = "{{ .Env.XMPP_MUC_DOMAIN }}"
|
muc_component = "{{ .Env.XMPP_MUC_DOMAIN }}"
|
||||||
|
|
|
@ -29,12 +29,13 @@ cp -r /defaults/* /config
|
||||||
tpl /defaults/prosody.cfg.lua > $PROSODY_CFG
|
tpl /defaults/prosody.cfg.lua > $PROSODY_CFG
|
||||||
tpl /defaults/conf.d/jitsi-meet.cfg.lua > /config/conf.d/jitsi-meet.cfg.lua
|
tpl /defaults/conf.d/jitsi-meet.cfg.lua > /config/conf.d/jitsi-meet.cfg.lua
|
||||||
|
|
||||||
if [[ -z $JICOFO_COMPONENT_SECRET || -z $JICOFO_AUTH_PASSWORD ]]; then
|
if [[ -z $JICOFO_AUTH_PASSWORD ]]; then
|
||||||
echo 'FATAL ERROR: Jicofo component secret and auth password must be set'
|
echo 'FATAL ERROR: Jicofo auth password must be set'
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
prosodyctl --config $PROSODY_CFG register $JICOFO_AUTH_USER $XMPP_AUTH_DOMAIN $JICOFO_AUTH_PASSWORD
|
prosodyctl --config $PROSODY_CFG register $JICOFO_AUTH_USER $XMPP_AUTH_DOMAIN $JICOFO_AUTH_PASSWORD
|
||||||
|
prosodyctl --config $PROSODY_CFG mod_roster_command subscribe focus.$XMPP_DOMAIN $JICOFO_AUTH_USER@$XMPP_AUTH_DOMAIN
|
||||||
|
|
||||||
if [[ -z $JVB_AUTH_PASSWORD ]]; then
|
if [[ -z $JVB_AUTH_PASSWORD ]]; then
|
||||||
echo 'FATAL ERROR: JVB auth password must be set'
|
echo 'FATAL ERROR: JVB auth password must be set'
|
||||||
|
|
Loading…
Reference in New Issue