feat: Set LE as default choice when installing. (#12232)

* feat: Set LE as default choice when installing.

* squash: Text updates.
pull/12234/head jitsi-meet_7826
Дамян Минков 2 years ago committed by GitHub
parent 90bcbebedb
commit a9bc83db03
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 16
      debian/jitsi-meet-web-config.postinst
  2. 18
      debian/jitsi-meet-web-config.templates

@ -68,13 +68,6 @@ case "$1" in
FORCE_NGINX="false"
fi
db_subst jitsi-meet/jaas-choice domain "${JVB_HOSTNAME}"
db_set jitsi-meet/jaas-choice false
db_input critical jitsi-meet/jaas-choice || true
db_go
db_get jitsi-meet/jaas-choice
JAAS_INPUT="$RET"
UPLOADED_CERT_CHOICE="I want to use my own certificate"
LE_CERT_CHOICE="Let's Encrypt certificates"
# if first time config ask for certs, or if we are reconfiguring
@ -143,6 +136,15 @@ case "$1" in
sed -i "s/jitsi-meet.example.com/$JVB_HOSTNAME/g" $JITSI_MEET_CONFIG
fi
if [ "$CERT_CHOICE" = "$LE_CERT_CHOICE" ] || [ "$CERT_CHOICE" = "$UPLOADED_CERT_CHOICE" ]; then
db_subst jitsi-meet/jaas-choice domain "${JVB_HOSTNAME}"
db_set jitsi-meet/jaas-choice false
db_input critical jitsi-meet/jaas-choice || true
db_go
db_get jitsi-meet/jaas-choice
JAAS_INPUT="$RET"
fi
if [ "${JAAS_INPUT}" = "true" ] && ! grep -q "^var enableJaaS = true;$" $JITSI_MEET_CONFIG; then
if grep -q "^var enableJaaS = false;$" $JITSI_MEET_CONFIG; then
sed -i "s/^var enableJaaS = false;$/var enableJaaS = true;/g" $JITSI_MEET_CONFIG

@ -1,16 +1,13 @@
Template: jitsi-meet/cert-choice
Type: select
__Choices: Generate a new self-signed certificate, Let's Encrypt certificates, I want to use my own certificate
_Description: SSL certificate for the Jitsi Meet instance
__Choices: Let's Encrypt certificates, I want to use my own certificate, Generate a new self-signed certificate
_Description: SSL certificate
.
Jitsi Meet is best to be set up with an SSL certificate.
Jitsi Meet requires an SSL certificate. This installer can generate one automatically for your using "Let’s Encrypt". This is the recommended and simplest option for most installations.
.
Having no certificate, a self-signed one will be generated.
In the case of using a self-signed certificate, only the web app will be available with some warnings, the mobile app will not connect.
Self-signed certificates are not supported by JaaS (Jitsi as a Service).
In the event you need to use a certificate of your own, you can configure its location which defaults to /etc/ssl/--domain.name--.key for the key and /etc/ssl/--domain.name--.crt for the certificate.
.
Having a certificate signed by a recognised CA, it can be uploaded on the server and point its location.
The default filenames will be /etc/ssl/--domain.name--.key for the key and /etc/ssl/--domain.name--.crt for the certificate.
If you are a developer and are only looking for a quick way to test basic Jitsi Meet functionality then this installer can also generate a self-signed certificate.
Template: jitsi-meet/cert-path-key
Type: string
@ -38,7 +35,6 @@ Template: jitsi-meet/jaas-choice
Type: boolean
_Description: Interested in adding telephony to your Jitsi meetings?
You can easily add dialing in support to your meetings. You need to give us the permission to create a free JaaS (Jitsi as a Service) account for you.
Also, you need to have a certificate signed by a recognised CA or Let's Encrypt on your deployment.
Template: jitsi-meet/email
Type: string
@ -48,4 +44,6 @@ _Description: Enter your email:
You need a working DNS record pointing to this machine(for hostname ${domain})"
.
You need to agree to the ACME server's Subscriber Agreement (https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf)
by providing an email address for important account notifications
by providing an email address for important account notifications.
.
We will use the email for creating your JaaS (Jitsi as a Service) account if that option was selected.

Loading…
Cancel
Save