dowerx
/
jitsi-k8s
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
jitsi-k8s/containers/non-root/web/init

89 lines
3.2 KiB
Bash
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
set -e
mkdir -p \
/config/{nginx/site-confs,keys} \
/var/lib/nginx/tmp/client_body \
/var/tmp/nginx
# generate keys (maybe)
if [[ $DISABLE_HTTPS -ne 1 ]]; then
# use self-signed certs
if [[ -f /config/keys/cert.key && -f /config/keys/cert.crt ]]; then
echo "using keys found in /config/keys"
else
echo "generating self-signed keys in /config/keys, you can replace these with your own keys if required"
SUBJECT="/C=US/ST=TX/L=Austin/O=jitsi.org/OU=Jitsi Server/CN=*"
openssl req -new -x509 -days 3650 -nodes -out /config/keys/cert.crt -keyout /config/keys/cert.key -subj "$SUBJECT"
fi
fi
# Detect nameserver for Nginx, if not specified.
if [[ -z "$NGINX_RESOLVER" ]]; then
IP_LIST=""
# Parse IPs in /etc/resolv.conf, taking into account IPv6 addresses need to be
# enclosed in square brackets for the Nginx config file.
while read -r line; do
if [[ $line =~ ^nameserver.* ]]; then
IP=$(echo $line | cut -d" " -f2)
COLONS=$(echo $IP | tr -dc ":" | awk '{ print length '})
if [[ $COLONS -ge 2 ]]; then
IP="[$IP]"
fi
if [[ ! "$IP_LIST" = "" ]]; then
IP_LIST+=" "
fi
IP_LIST+="$IP"
fi
done < <(cat /etc/resolv.conf)
export NGINX_RESOLVER=$IP_LIST
fi
echo "Using Nginx resolver: =$NGINX_RESOLVER="
# colibri-ws settings
COLIBRI_WEBSOCKET_UNSAFE_REGEX="[a-zA-Z0-9-\._]+"
# use custom websocket regex if provided
if [ -z "$COLIBRI_WEBSOCKET_REGEX" ]; then
# default to the previous unsafe behavior only if flag is set
if [[ "$ENABLE_COLIBRI_WEBSOCKET_UNSAFE_REGEX" == "1" ]]; then
export COLIBRI_WEBSOCKET_REGEX="$COLIBRI_WEBSOCKET_UNSAFE_REGEX"
else
# default value to the JVB IP, works in compose and anywhere a dns lookup of the JVB reveals the correct IP for proxying
[ -z "$COLIBRI_WEBSOCKET_JVB_LOOKUP_NAME" ] && export COLIBRI_WEBSOCKET_JVB_LOOKUP_NAME="jvb"
if [[ "$DISABLE_COLIBRI_WEBSOCKET_JVB_LOOKUP" == "1" ]]; then
# otherwise value default to the static value in the template 'jvb'
echo "WARNING: DISABLE_COLIBRI_WEBSOCKET_JVB_LOOKUP is set and no value for COLIBRI_WEBSOCKET_REGEX was provided, using static value 'jvb' for COLIBRI_WEBSOCKET_REGEX"
else
export COLIBRI_WEBSOCKET_REGEX="$(dig +short +search $COLIBRI_WEBSOCKET_JVB_LOOKUP_NAME)"
fi
fi
fi
# copy config files
tpl /defaults/nginx.conf > /config/nginx/nginx.conf
tpl /defaults/meet.conf > /config/nginx/meet.conf
if [[ -f /config/nginx/custom-meet.conf ]]; then
cat /config/nginx/custom-meet.conf >> /config/nginx/meet.conf
fi
tpl /defaults/ssl.conf > /config/nginx/ssl.conf
tpl /defaults/default > /config/nginx/site-confs/default
tpl /defaults/system-config.js > /config/config.js
tpl /defaults/settings-config.js >> /config/config.js
if [[ -f /config/custom-config.js ]]; then
cat /config/custom-config.js >> /config/config.js
fi
cp /defaults/interface_config.js /config/interface_config.js
if [[ -f /config/custom-interface_config.js ]]; then
cat /config/custom-interface_config.js >> /config/interface_config.js
fi
nginx -c /config/nginx/nginx.conf
Reference in New Issue View Git Blame Copy Permalink