Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

make apps availble on deSEC #2422

Open
wants to merge 26 commits into
base: main
Choose a base branch
from
Open
Changes from 1 commit
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
694e063
make apps availble on deSEC
enoch85 Dec 28, 2022
3461bb4
Rename apps/collabora_docker_desec.sh to addons/deSEC/collabora_docke…
enoch85 Dec 28, 2022
1ef7641
add new function
enoch85 Dec 28, 2022
aa3111a
update menu
enoch85 Dec 28, 2022
0305773
talk
enoch85 Dec 28, 2022
af3c677
add onlyoffice
enoch85 Dec 28, 2022
febe625
Rename onlyoffice_docker._desec.sh to onlyoffice_docker_desec.sh
enoch85 Dec 28, 2022
298dbeb
Create onlyoffice_docker.sh
enoch85 Dec 28, 2022
6955314
Update collabora_docker_desec.sh
enoch85 Dec 28, 2022
9098598
Create talk_desec.sh
enoch85 Dec 28, 2022
fb5331f
Update onlyoffice_docker_desec.sh
enoch85 Dec 28, 2022
c7c73ca
typo
enoch85 Dec 28, 2022
d243cdf
typo
enoch85 Dec 28, 2022
282b6b6
Merge branch 'master' into desec-apps
enoch85 Dec 28, 2022
27c6035
fix comment
enoch85 Dec 28, 2022
0293172
change order
enoch85 Dec 29, 2022
617cb8e
collabora now generates as it should
enoch85 Dec 29, 2022
b72446d
onlyffice same as collabora
enoch85 Dec 29, 2022
1ce5053
stop at first occurance
enoch85 Dec 29, 2022
589f0e3
same changes as collabora and onlyoffice
enoch85 Dec 29, 2022
2669632
Merge branch 'master' into desec-apps
enoch85 Jan 5, 2023
cc92db9
Merge branch 'master' into desec-apps
enoch85 Jan 20, 2023
839d9e0
Merge branch 'master' into desec-apps
enoch85 Feb 6, 2023
22551e6
Merge branch 'master' into desec-apps
enoch85 Mar 17, 2023
1d61047
Merge branch 'master' into desec-apps
enoch85 Apr 2, 2023
3792d1d
Merge branch 'master' into desec-apps
enoch85 Apr 8, 2023
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
same changes as collabora and onlyoffice
Signed-off-by: Daniel Hansson <mailto@danielhansson.nu>
  • Loading branch information
enoch85 authored Dec 29, 2022
commit 589f0e3bdb77ac664117919158dccb3bf99e7484
169 changes: 86 additions & 83 deletions addons/deSEC/talk_desec.sh
Original file line number Diff line number Diff line change
Expand Up @@ -240,99 +240,23 @@ install_certbot
export SUBDOMAIN=talk
if run_script DESEC desec_subdomain
then
SUBDOMAIN="$(grep talk -m1 $SCRIPTS/deSEC/.subdomain | cut -d '=' -f2)"
SUBDOMAIN="$(grep talk -m 1 $SCRIPTS/deSEC/.subdomain | cut -d '=' -f2)"
# Curl the library another time to get the correct DHPARAMS
# shellcheck source=lib.sh
source /var/scripts/fetch_lib.sh || source <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
# Generate DHparams cipher
if [ ! -f "$DHPARAMS_SUB" ]
then
openssl dhparam -out "$DHPARAMS_SUB" 2048
fi
print_text_in_color "$IGreen" "Certs are generated!"
a2ensite "$SUBDOMAIN.conf"
restart_webserver
# Install Collabora App
install_and_enable_app richdocuments
else
last_fail_tls "$SCRIPTS"/apps/collabora.sh
# remove settings to be able to start over again
rm -f "$HTTPS_CONF"
last_fail_tls "$SCRIPTS"/apps/talk_signaling.sh
exit 1
fi

# NATS
## Pre-Configuration
mkdir -p /etc/nats
echo "listen: 127.0.0.1:4222" > /etc/nats/nats.conf
## Installation
curl -sL -o "/etc/apt/trusted.gpg.d/morph027-nats-server.asc" "https://packaging.gitlab.io/nats-server/gpg.key"
echo "deb https://packaging.gitlab.io/nats-server nats main" > /etc/apt/sources.list.d/morph027-nats-server.list
apt-get update -q4 & spinner_loading
install_if_not nats-server
chown nats:nats /etc/nats/nats.conf
start_if_stopped nats-server
check_command systemctl enable nats-server

# Janus WebRTC Server
## Installation
case "${CODENAME}" in
"bionic"|"focal")
add_trusted_key_and_repo "gpg.key" \
"https://packaging.gitlab.io/janus" \
"https://packaging.gitlab.io/janus/$CODENAME" \
"$CODENAME main" \
"morph027-janus.list"
;;
*)
:
;;
esac
install_if_not janus
## Configuration
sed -i "s|#turn_rest_api_key.*|turn_rest_api_key = $JANUS_API_KEY|" /etc/janus/janus.jcfg
sed -i "s|#full_trickle|full_trickle|g" /etc/janus/janus.jcfg
sed -i 's|#interface.*|interface = "lo"|g' /etc/janus/janus.transport.websockets.jcfg
sed -i 's|#ws_interface.*|ws_interface = "lo"|g' /etc/janus/janus.transport.websockets.jcfg
start_if_stopped janus
check_command systemctl enable janus

# HPB
## Installation
add_trusted_key_and_repo "gpg.key" \
"https://packaging.gitlab.io/nextcloud-spreed-signaling" \
"https://packaging.gitlab.io/nextcloud-spreed-signaling" \
"signaling main" \
"morph027-nextcloud-spreed-signaling.list"
install_if_not nextcloud-spreed-signaling
## Configuration
if [ ! -f "$SIGNALING_SERVER_CONF" ];
then
cat << SIGNALING_CONF_CREATE > "$SIGNALING_SERVER_CONF"
[http]
listen = 127.0.0.1:8081
[app]
debug = false
[sessions]
hashkey = $(openssl rand -hex 16)
blockkey = $(openssl rand -hex 16)
[clients]
internalsecret = $(openssl rand -hex 16)
[backend]
allowed = ${TURN_DOMAIN}
allowall = false
secret = ${NC_SECRET}
timeout = 10
connectionsperhost = 8
[nats]
url = nats://localhost:4222
[mcu]
type = janus
url = ws://127.0.0.1:8188
[turn]
apikey = ${JANUS_API_KEY}
secret = ${TURN_SECRET}
servers = turn:$TURN_DOMAIN:$TURN_PORT?transport=tcp,turn:$TURN_DOMAIN:$TURN_PORT?transport=udp
SIGNALING_CONF_CREATE
fi
start_if_stopped signaling
check_command systemctl enable signaling

# Apache Proxy
# https://github.com/strukturag/nextcloud-spreed-signaling#apache

Expand Down Expand Up @@ -424,6 +348,8 @@ HTTPS_CREATE
if [ -f "$HTTPS_CONF" ];
then
print_text_in_color "$IGreen" "$HTTPS_CONF was successfully created."
a2ensite "$SUBDOMAIN.conf"
restart_webserver
sleep 1
else
print_text_in_color "$IRed" "Unable to create vhost, exiting..."
Expand All @@ -432,6 +358,83 @@ HTTPS_CREATE
fi
fi

# NATS
## Pre-Configuration
mkdir -p /etc/nats
echo "listen: 127.0.0.1:4222" > /etc/nats/nats.conf
## Installation
curl -sL -o "/etc/apt/trusted.gpg.d/morph027-nats-server.asc" "https://packaging.gitlab.io/nats-server/gpg.key"
echo "deb https://packaging.gitlab.io/nats-server nats main" > /etc/apt/sources.list.d/morph027-nats-server.list
apt-get update -q4 & spinner_loading
install_if_not nats-server
chown nats:nats /etc/nats/nats.conf
start_if_stopped nats-server
check_command systemctl enable nats-server

# Janus WebRTC Server
## Installation
case "${CODENAME}" in
"bionic"|"focal")
add_trusted_key_and_repo "gpg.key" \
"https://packaging.gitlab.io/janus" \
"https://packaging.gitlab.io/janus/$CODENAME" \
"$CODENAME main" \
"morph027-janus.list"
;;
*)
:
;;
esac
install_if_not janus
## Configuration
sed -i "s|#turn_rest_api_key.*|turn_rest_api_key = $JANUS_API_KEY|" /etc/janus/janus.jcfg
sed -i "s|#full_trickle|full_trickle|g" /etc/janus/janus.jcfg
sed -i 's|#interface.*|interface = "lo"|g' /etc/janus/janus.transport.websockets.jcfg
sed -i 's|#ws_interface.*|ws_interface = "lo"|g' /etc/janus/janus.transport.websockets.jcfg
start_if_stopped janus
check_command systemctl enable janus

# HPB
## Installation
add_trusted_key_and_repo "gpg.key" \
"https://packaging.gitlab.io/nextcloud-spreed-signaling" \
"https://packaging.gitlab.io/nextcloud-spreed-signaling" \
"signaling main" \
"morph027-nextcloud-spreed-signaling.list"
install_if_not nextcloud-spreed-signaling
## Configuration
if [ ! -f "$SIGNALING_SERVER_CONF" ];
then
cat << SIGNALING_CONF_CREATE > "$SIGNALING_SERVER_CONF"
[http]
listen = 127.0.0.1:8081
[app]
debug = false
[sessions]
hashkey = $(openssl rand -hex 16)
blockkey = $(openssl rand -hex 16)
[clients]
internalsecret = $(openssl rand -hex 16)
[backend]
allowed = ${TURN_DOMAIN}
allowall = false
secret = ${NC_SECRET}
timeout = 10
connectionsperhost = 8
[nats]
url = nats://localhost:4222
[mcu]
type = janus
url = ws://127.0.0.1:8188
[turn]
apikey = ${JANUS_API_KEY}
secret = ${TURN_SECRET}
servers = turn:$TURN_DOMAIN:$TURN_PORT?transport=tcp,turn:$TURN_DOMAIN:$TURN_PORT?transport=udp
SIGNALING_CONF_CREATE
fi
start_if_stopped signaling
check_command systemctl enable signaling

# Set signaling server strings
SIGNALING_SERVERS_STRING="{\"servers\":[{\"server\":\"https://$SUBDOMAIN/\",\"verify\":true}],\"secret\":\"$NC_SECRET\"}"
nextcloud_occ config:app:set spreed signaling_servers --value="$SIGNALING_SERVERS_STRING" --output json
Expand Down