diff --git a/.gitignore b/.gitignore index 013ee1e298e60969c093903f0c2781de95132f84..2908e6f6aa5c17b5c85f4d505f2d7075e8b6bf2c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,4 @@ build-mumble-web -jitsi-auto-config letsencrypt-webserver -novnc \ No newline at end of file +novnc +__pycache__ \ No newline at end of file diff --git a/config.py b/config.py new file mode 100644 index 0000000000000000000000000000000000000000..c5f14cbce99ce156202662c1d50d8595b952f9be --- /dev/null +++ b/config.py @@ -0,0 +1,37 @@ +import os + +# General settings +DOMAIN = 'your-domain.org' +MAIL_ADDRESS = 'your-mail@address.com' + +# Jitsi +use_jitsi = True +jitsi_subdomain = 'jitsi' + +# NoVNC +use_NoVnc = False + +# MumbleWeb +use_MumbleWeb = False + +""" Setting up all envrionment variables """ +BASE_COMPOSE_FILE = '-f docker-compose.base.yml ' +docker_compose_files = BASE_COMPOSE_FILE +subdomains = '' + +# SWAG +SWAG_COMPOSE_FILE = 'swag/docker-compose.yml' +docker_compose_files += ' -f ' + SWAG_COMPOSE_FILE + ' ' + +# Jitsi +if use_jitsi: + JITSI_DIR = 'jitsi-auto-config' + JITSI_COMPOSE_FILE = 'jitsi/docker-compose.yml' + docker_compose_files += ' -f ' + JITSI_COMPOSE_FILE + ' ' + subdomains += jitsi_subdomain + +if __name__ == '__main__': + SOURCE_FILE = 'local_source' + os.system('rm -f ' + SOURCE_FILE) + f = open(SOURCE_FILE, 'w') + f.write('DOCKER_COMPOSE_FILES="' + docker_compose_files + '"\n') \ No newline at end of file diff --git a/config.sh b/config.sh deleted file mode 100755 index 1bda1486af0518b40bcfdc893b8b500cdff7978a..0000000000000000000000000000000000000000 --- a/config.sh +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/bash - -# Get the path to all docker-compose files -# with the "-f" flag. - -## YOUR SETTINGS -## Configure domains and letsencrypt. -# -DOMAIN=armin-co.de -SUB_DOMAINS="" -MAIL=test@armin-co.de - -USE_JITSI="true" -USE_NOVNC="true" -USE_MUMBLE="true" - - -# Git -GIT_URL="https://gitlab.cvh-server.de/aco/" - -# Variable that holds all docker-compose files. -# This is the main compose file. Don not remove! -# Required for unified a unified path layout. -base_compose_file=" -f docker-compose.base.yml " -DOCKER_COMPOSE_FILES="$base_compose_file" - -# Letsencrypt -letsencrypt_compose_file=" -f letsencrypt-webserver/docker-compose.yml " -DOCKER_COMPOSE_FILES+=$"$letsencrypt_compose_file" -LETSENCRYPT_DIR=letsencrypt-webserver -LETSENCRYPT_URL="$GIT_URL""$LETSENCRYPT_DIR".git - -# Jitsi -JITSI_DIR=jitsi-auto-config -JITSI_URL="$GIT_URL$JITSI_DIR".git -if [ "$USE_JITSI" == "true" ]; then -jitsi_compose_file=" -f jitsi/docker-compose.yml " -DOCKER_COMPOSE_FILES+=$"$jitsi_compose_file" -SUB_DOMAINS+="jitsi," -fi - -# noVNC - Screen sharing with VNC -NOVNC_DIR=novnc -NOVNC_URL="$GIT_URL$NOVNC_DIR".git -if [ "$USE_NOVNC" == "true" ]; then -novnc_compose_file=" -f novnc/docker-compose.yml " -DOCKER_COMPOSE_FILES+="$novnc_compose_file" -fi - -# Mumble - Murmur server and mumble web client -MUMBLE_WEB_DIR=build-mumble-web -MUMBLE_WEB_URL=https://gitlab.cvh-server.de/aco/build-mumble-web.git -if [ "$USE_MUMBLE" == "true" ]; then -mumble_compose_file=" -f build-mumble-web/docker-compose.production.yml" -DOCKER_COMPOSE_FILES+="$mumble_compose_file" -SUB_DOMAINS+="mumble-web" -fi diff --git a/tools/install_docker.sh b/install_docker.sh similarity index 100% rename from tools/install_docker.sh rename to install_docker.sh diff --git a/jitsi-auto-config/docker-compose.patch b/jitsi-auto-config/docker-compose.patch new file mode 100644 index 0000000000000000000000000000000000000000..5e2f0e42cfd015614b524682954719929a5d1b6c --- /dev/null +++ b/jitsi-auto-config/docker-compose.patch @@ -0,0 +1,58 @@ +--- docker-compose.yml 2021-04-18 13:08:25.952083119 +0200 ++++ docker-compose.yml.latest 2021-04-18 13:12:21.457996380 +0200 +@@ -5,6 +5,9 @@ + web: + image: jitsi/web:latest + restart: ${RESTART_POLICY} ++ container_name: jitsi_webfrontend ++ env_file: ++ - .env + ports: + - '${HTTP_PORT}:80' + - '${HTTPS_PORT}:443' +@@ -105,6 +108,7 @@ + - XMPP_RECORDER_DOMAIN + - TOKEN_AUTH_URL + networks: ++ reverse_proxy: + meet.jitsi: + aliases: + - ${XMPP_DOMAIN} +@@ -112,6 +116,9 @@ + # XMPP server + prosody: + image: jitsi/prosody:latest ++ container_name: jitsi_xmpp ++ env_file: ++ - .env + restart: ${RESTART_POLICY} + expose: + - '5222' +@@ -174,6 +181,7 @@ + - PUBLIC_URL + - TZ + networks: ++ reverse_proxy: + meet.jitsi: + aliases: + - ${XMPP_SERVER} +@@ -181,6 +189,9 @@ + # Focus component + jicofo: + image: jitsi/jicofo:latest ++ container_name: jitsi_focuscomponent ++ env_file: ++ - .env + restart: ${RESTART_POLICY} + volumes: + - ${CONFIG}/jicofo:/config:Z +@@ -227,6 +238,9 @@ + # Video bridge + jvb: + image: jitsi/jvb:latest ++ container_name: jitsi_videobridge ++ env_file: ++ - .env + restart: ${RESTART_POLICY} + ports: + - '${JVB_PORT}:${JVB_PORT}/udp' diff --git a/jitsi-auto-config/jitsi.subdomain.conf.example b/jitsi-auto-config/jitsi.subdomain.conf.example new file mode 100644 index 0000000000000000000000000000000000000000..4438aef09ab6695ce78d0c2824bbf40caee49c33 --- /dev/null +++ b/jitsi-auto-config/jitsi.subdomain.conf.example @@ -0,0 +1,33 @@ +server { + listen 80; + server_name jitsi_subdomain.*; + return 301 https://jitsi_subdomain.your_domain$request_uri; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name jitsi_subdomain.*; + + + location / { + ssi on; + include /config/nginx/proxy.conf; + proxy_pass http://jitsi_webfrontend; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header Host $http_host; + } + location /http-bind { + proxy_pass http://jitsi_xmpp:5280/http-bind; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header Host $http_host; + } + location /xmpp-websocket { + proxy_pass http://jitsi_xmpp:5280/xmpp-websocket; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host $host; + tcp_nodelay on; + } +} diff --git a/setup.py b/setup.py new file mode 100644 index 0000000000000000000000000000000000000000..53ef79bd3c7b76b2f75ae2b478616703a283fd3c --- /dev/null +++ b/setup.py @@ -0,0 +1,61 @@ +import os +import subprocess +from config import * + +def configure_swag(): + print('Configuring swag') + # Apply configuration + f = open(SWAG_COMPOSE_FILE+'.example', 'rt') + data = f.read() + f.close() + data = data.replace('your-domain', DOMAIN) + data = data.replace('your-subdomains', subdomains) + data = data.replace('your-email', MAIL_ADDRESS) + + f = open(SWAG_COMPOSE_FILE, 'w') + f.write(data) + f.close() + # Initialise containers, files and directories + cmd_str = 'docker-compose ' + BASE_COMPOSE_FILE + ' -f ' + SWAG_COMPOSE_FILE + ' up -d &&' + cmd_str += 'docker-compose ' + BASE_COMPOSE_FILE + ' -f ' + SWAG_COMPOSE_FILE + ' down' + os.system(cmd_str) + +def setup_jitsi(): + try: + os.system('rm -rf jitsi') + except: + pass + os.system('git clone https://github.com/jitsi/docker-jitsi-meet.git') + os.system('mv docker-jitsi-meet jitsi') + os.system('cp jitsi/env.example jitsi/.env') + rc = subprocess.call('./jitsi/gen-passwords.sh .', shell=True) + os.system('rm -f .env') + os.system('sudo rm -rf ~/.jitsi-meet-cfg') + os.system('mkdir -p ~/.jitsi-meet-cfg/{web/letsencrypt,transcripts,prosody,jicofo,jvb,jigasi,jibri}') + + f = open('jitsi/.env', 'rt') + data = f.read() + f.close() + data = data.replace('#PUBLIC_URL=https://meet.example.com:8443', 'PUBLIC_URL=https://' + jitsi_subdomain + '.' + DOMAIN) + + f = open('.env', 'w') + f.write(data) + f.close() + os.system('patch jitsi/docker-compose.yml jitsi-auto-config/docker-compose.patch') + + f = open('jitsi-auto-config/jitsi.subdomain.conf.example', 'rt') + data = f.read() + f.close() + data = data.replace('jitsi_subdomain', jitsi_subdomain) + data = data.replace('your_domain', DOMAIN) + + f = open('jitsi-auto-config/jitsi.subdomain.conf', 'w') + f.write(data) + f.close() + os.system('cp jitsi-auto-config/jitsi.subdomain.conf reverse_proxy/nginx/proxy-confs/'+ jitsi_subdomain + '.subdomain.conf') + +if __name__ == '__main__': + configure_swag() + + if use_jitsi: + setup_jitsi() diff --git a/setup.sh b/setup.sh deleted file mode 100755 index 51309aadeb63bb7b462d183df361389051a5b192..0000000000000000000000000000000000000000 --- a/setup.sh +++ /dev/null @@ -1,81 +0,0 @@ -#!/bin/bash - -source config.sh - -# Remove all existing repositories -# and configurations. -function remove_all_configs() { - echo "Removing all previous configs..." - rm -rf $MUMBLE_DIR $JITSI_DIR $NOVNC_DIR - git pull - echo "Removed all repositories." -} - -# Clone repositories -function clone_repositories() { - git clone $LETSENCRYPT_URL - wait -} - -function configure_letsencrypt() { - echo "" - echo "Setting your letsencrypt domain settings." - echo "" - le_compose=$LETSENCRYPT_DIR/docker-compose.yml - # Adds your domain to docker-compose - sed -i "s/your-domain.com/$DOMAIN/" $le_compose - # Adds the list of subdomains to use to docker-compose - sed -i "s/your_subdomains/$SUB_DOMAINS/" $le_compose - # Add E-Mail address that will be used to notify you - # about for example expiring certificates. - sed -i "s/your_email/$MAIL/" $le_compose - - # For using not only your subdomains uncomment the following line. - # sed -i "s/- ONLY_SUBDOMAINS=true/- ONLY_SUBDOMAINS=false/" $LETSENCRYPT_DIR - - # start once to generate directories and certificates - docker-compose $base_compose_file $letsencrypt_compose_file up -d && docker logs reverse_proxy && docker-compose $base_compose_file $letsencrypt_compose_file down - echo "" - echo "Done configuring LetsEncrypt and generating certificates." -} - - -## Configure Murmur (mumble server) and mumble-web -# -function configure_mumble_web(){ - cd $MUMBLE_WEB_DIR - git clone https://github.com/Johni0702/mumble-web.git - cd .. - mkdir murmur - cp $MUMBLE_WEB_DIR/murmur/mumble-server.ini murmur/mumble-server.ini - touch murmur/mumble-server.log -} - - -## Run configuration -# -echo "" -echo "Starting configuration with cleaning up and pulling again." -echo "" - -remove_all_configs; -clone_repositories; - -configure_letsencrypt; - -if [ "$USE_JITSI" == "true" ]; then -git clone $JITSI_URL -./"$JITSI_DIR"/setup.sh -fi - -if [ "$USE_MUMBLE" == "true" ];then -git clone $MUMBLE_WEB_URL && echo "Build Mumble Web cloned" -configure_mumble_web -fi - -if [ "$USE_NOVNC" == "true" ];then -git clone $NOVNC_URL -fi - - -./tools/update.sh \ No newline at end of file diff --git a/swag/docker-compose.yml.example b/swag/docker-compose.yml.example new file mode 100644 index 0000000000000000000000000000000000000000..e089476bafa1db99a89cb9a6d9349cc616a6ac0d --- /dev/null +++ b/swag/docker-compose.yml.example @@ -0,0 +1,27 @@ +version: '3.4' +services: + reverse_proxy: + container_name: swag + image: linuxserver/swag + cap_add: + - NET_ADMIN # for fail2ban + environment: + - PUID=1000 + - PGID=1000 + - TZ=Europe/Berlin + - URL=your-domain + - SUBDOMAINS=your-subdomains + - VALIDATION=http + - EMAIL=your-email + - ONLY_SUBDOMAINS=true + volumes: + - ./reverse_proxy:/config + ports: + - 443:443 + - 80:80 + networks: + - reverse_proxy + restart: always + +networks: + reverse_proxy: diff --git a/tools/start.sh b/tools/start.sh deleted file mode 100755 index 3b43da1e0b4542ad9e5403a8ed6482125acb5076..0000000000000000000000000000000000000000 --- a/tools/start.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash - -# start/restart all containers -source config.sh -docker-compose $DOCKER_COMPOSE_FILES up -d \ No newline at end of file diff --git a/tools/stop.sh b/tools/stop.sh deleted file mode 100755 index b4672bff7d52613f49ce8b2102d2be8388de301f..0000000000000000000000000000000000000000 --- a/tools/stop.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash - -source config.sh -docker-compose $DOCKER_COMPOSE_FILES down \ No newline at end of file diff --git a/tools/update.sh b/tools/update.sh deleted file mode 100755 index c51f6b8a97f1c183cf06c14bdde3d3bde5f3d377..0000000000000000000000000000000000000000 --- a/tools/update.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash - -# Update and restart containers - -source config.sh - -echo "Pulling images" -echo "" - -# pull updated images -docker-compose $DOCKER_COMPOSE_FILES pull - -echo "Building images" -echo "" - -# Build new images if neccessary -if [ "$USE_MUMBLE" == "true" ]; then - docker-compose $mumble_compose_file build -fi - -if [ "$USE_NOVNC" == "true" ]; then - docker-compose $novnc_compose_file build -fi -