diff --git a/debian/jitsi-meet-web-config.postinst b/debian/jitsi-meet-web-config.postinst index 439622fa32..b53df1d423 100644 --- a/debian/jitsi-meet-web-config.postinst +++ b/debian/jitsi-meet-web-config.postinst @@ -68,13 +68,6 @@ case "$1" in FORCE_NGINX="false" fi - db_subst jitsi-meet/jaas-choice domain "${JVB_HOSTNAME}" - db_set jitsi-meet/jaas-choice false - db_input critical jitsi-meet/jaas-choice || true - db_go - db_get jitsi-meet/jaas-choice - JAAS_INPUT="$RET" - UPLOADED_CERT_CHOICE="I want to use my own certificate" LE_CERT_CHOICE="Let's Encrypt certificates" # if first time config ask for certs, or if we are reconfiguring @@ -143,6 +136,15 @@ case "$1" in sed -i "s/jitsi-meet.example.com/$JVB_HOSTNAME/g" $JITSI_MEET_CONFIG fi + if [ "$CERT_CHOICE" = "$LE_CERT_CHOICE" ] || [ "$CERT_CHOICE" = "$UPLOADED_CERT_CHOICE" ]; then + db_subst jitsi-meet/jaas-choice domain "${JVB_HOSTNAME}" + db_set jitsi-meet/jaas-choice false + db_input critical jitsi-meet/jaas-choice || true + db_go + db_get jitsi-meet/jaas-choice + JAAS_INPUT="$RET" + fi + if [ "${JAAS_INPUT}" = "true" ] && ! grep -q "^var enableJaaS = true;$" $JITSI_MEET_CONFIG; then if grep -q "^var enableJaaS = false;$" $JITSI_MEET_CONFIG; then sed -i "s/^var enableJaaS = false;$/var enableJaaS = true;/g" $JITSI_MEET_CONFIG diff --git a/debian/jitsi-meet-web-config.templates b/debian/jitsi-meet-web-config.templates index 9c41485894..aab19c3e0c 100644 --- a/debian/jitsi-meet-web-config.templates +++ b/debian/jitsi-meet-web-config.templates @@ -1,16 +1,13 @@ Template: jitsi-meet/cert-choice Type: select -__Choices: Generate a new self-signed certificate, Let's Encrypt certificates, I want to use my own certificate -_Description: SSL certificate for the Jitsi Meet instance +__Choices: Let's Encrypt certificates, I want to use my own certificate, Generate a new self-signed certificate +_Description: SSL certificate . - Jitsi Meet is best to be set up with an SSL certificate. + Jitsi Meet requires an SSL certificate. This installer can generate one automatically for your using "Let’s Encrypt". This is the recommended and simplest option for most installations. . - Having no certificate, a self-signed one will be generated. - In the case of using a self-signed certificate, only the web app will be available with some warnings, the mobile app will not connect. - Self-signed certificates are not supported by JaaS (Jitsi as a Service). + In the event you need to use a certificate of your own, you can configure its location which defaults to /etc/ssl/--domain.name--.key for the key and /etc/ssl/--domain.name--.crt for the certificate. . - Having a certificate signed by a recognised CA, it can be uploaded on the server and point its location. - The default filenames will be /etc/ssl/--domain.name--.key for the key and /etc/ssl/--domain.name--.crt for the certificate. + If you are a developer and are only looking for a quick way to test basic Jitsi Meet functionality then this installer can also generate a self-signed certificate. Template: jitsi-meet/cert-path-key Type: string @@ -38,7 +35,6 @@ Template: jitsi-meet/jaas-choice Type: boolean _Description: Interested in adding telephony to your Jitsi meetings? You can easily add dialing in support to your meetings. You need to give us the permission to create a free JaaS (Jitsi as a Service) account for you. - Also, you need to have a certificate signed by a recognised CA or Let's Encrypt on your deployment. Template: jitsi-meet/email Type: string @@ -48,4 +44,6 @@ _Description: Enter your email: You need a working DNS record pointing to this machine(for hostname ${domain})" . You need to agree to the ACME server's Subscriber Agreement (https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf) - by providing an email address for important account notifications + by providing an email address for important account notifications. + . + We will use the email for creating your JaaS (Jitsi as a Service) account if that option was selected.