Commit b0c050fb authored by sreg's avatar sreg

Creation

parent 6b32a708
FROM ubuntu:xenial
ENV LANG=fr_FR.UTF-8
RUN apt-get update && \
apt-get -y install rsyslog logrotate cron bzip2 telnet vim language-pack-fr wget curl sudo openssl apt-transport-https software-properties-common net-tools && \
echo "LANG=\"fr_FR.UTF-8\"\nLANGUAGE=\"fr_FR:fr\"\nLC_NUMERIC=\"fr_FR.UTF-8\"\nLC_TIME=\"fr_FR.UTF-8\"\nLC_MONETARY=\"fr_FR.UTF-8\"\nLC_PAPER=\"fr_FR.UTF-8\"\nLC_IDENTIFICATION=\"fr_FR.UTF-8\"\nLC_NAME=\"fr_FR.UTF-8\"\nLC_ADDRESS=\"fr_FR.UTF-8\"\nLC_TELEPHONE=\"fr_FR.UTF-8\"\nLC_MEASUREMENT=\"fr_FR.UTF-8\"" >>/etc/default/locale
ARG JITSI_LETSENCRYPT=${JITSI_LETSENCRYPT:-true}
ARG JITSI_DOMAIN
ARG JITSI_PORT=$JITSI_PORT
ARG COTURN_INSTALLSERVER=${COTURN_INSTALLSERVER:-false}
ARG COTURN_LETSENCRYPT=${COTURN_LETSENCRYPT:-true}
ARG COTURN_DOMAIN=$COTURN_DOMAIN
ARG COTURN_PORT=${COTURN_PORT:-443}
ARG COTURN_SECRET=${COTURN_SECRET:-secret}
ARG CERTBOT_MAIL=${CERTBOT_MAIL:-certbot@domain.tld}
ARG DHPARAM=/etc/letsencrypt/dhparam.pem
ENV JITSI_DOMAIN=$JITSI_DOMAIN
ENV JITSI_LETSENCRYPT=$JITSI_LETSENCRYPT
ENV COTURN_DOMAIN=$COTURN_DOMAIN
ENV COTURN_LETSENCRYPT=$COTURN_LETSENCRYPT
ENV COTURN_INSTALLSERVER=$COTURN_INSTALLSERVER
ENV CERTBOT_MAIL=$CERTBOT_MAIL
ENV DHPARAM=$DHPARAM
RUN apt-get update && \
add-apt-repository -y ppa:certbot/certbot; \
apt-get update; \
apt-get -y install gnupg apt-utils cron;
RUN echo "*$JITSI_DOMAIN*"; \
if [ "$JITSI_DOMAIN" != "" ]; then \
apt-get update && \
bash -c "wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -"; \
echo 'deb https://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi.list; \
apt-get update && \
apt-get -y install nginx openjdk-9-jre-headless ca-certificates-java authbind certbot python-certbot-nginx; \
echo "$JITSI_DOMAIN" | apt-get -y install jitsi-videobridge; \
echo "1" | apt-get -y install jitsi-meet-web-config; \
SIP_PASS=`echo $RANDOM$RANDOM | md5sum | awk '{ print $1 }'`; \
echo "sipuser #?!a9dklkldsjk" | apt-get -y install jitsi-meet jigasi prosody-modules; \
wget https://raw.githubusercontent.com/otalk/mod_turncredentials/master/mod_turncredentials.lua -O /usr/lib/prosody/modules/mod_turncredentials.lua; \
#
GETIP=`curl ifconfig.me/ip`; \
echo "***$GETIP***"; \
echo "org.jitsi.videobridge.TCP_HARVESTER_PORT=4443" >>/etc/jitsi/videobridge/sip-communicator.properties; \
echo "org.jitsi.videobridge.TCP_HARVESTER_MAPPED_PORT=$JITSI_PORT" >>/etc/jitsi/videobridge/sip-communicator.properties; \
echo "org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=" >>/etc/jitsi/videobridge/sip-communicator.properties; \
echo "org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=${PUBLIC_IP:=$GETIP}" >>/etc/jitsi/videobridge/sip-communicator.properties; \
echo "org.jitsi.videobridge.DISABLE_TCP_HARVESTER=true" >>/etc/jitsi/videobridge/sip-communicator.properties; \
echo "org.jitsi.videobridge.ENABLE_REST_COLIBRI=false" >>/etc/jitsi/videobridge/sip-communicator.properties; \
#sed -i 's/^JVB_OPTS=.*$/JVB_OPTS="--apis=rest,xmpp"/' /etc/jitsi/videobridge/config; \
#
sed -i "s/\/\/ openBridgeChannel.*/openBridgeChannel: 'websocket',\nuseRtcpMux: true,/" /etc/jitsi/meet/$JITSI_DOMAIN-config.js; \
sed -i "s/enableWelcomePage: .*$/enableWelcomePage: false,/" /etc/jitsi/meet/$JITSI_DOMAIN-config.js; \
sed -i "s/\/\/ defaultLanguage.*/defaultLanguage: 'fr',/" /etc/jitsi/meet/$JITSI_DOMAIN-config.js; \
sed -i "s/\/\/ disableThirdPartyRequests.*/disableThirdPartyRequests: true,/" /etc/jitsi/meet/$JITSI_DOMAIN-config.js; \
#sed -i "s/\/\/ startWithVideoMuted:.*/startWithVideoMuted: true,/" /etc/jitsi/meet/$JITSI_DOMAIN-config.js; \
#
sed -i '/location = \/http-bind {/a \\tproxy_set_header Upgrade $http_upgrade;\n\tproxy_set_header Connection "Upgrade";' /etc/nginx/sites-enabled/$JITSI_DOMAIN.conf; \
fi
RUN if [ "$JITSI_DOMAIN" != "" ] && [ "$COTURN_DOMAIN" != "" ]; then \
sed -i '/ modules_enabled/a "turncredentials";' /etc/prosody/conf.d/$JITSI_DOMAIN.cfg.lua; \
sed -i '/ p2p:/i \\tuseStunTurn: true,' /etc/jitsi/meet/$JITSI_DOMAIN-config.js; \
sed -i '/ p2p:/a \\tuseStunTurn: true,' /etc/jitsi/meet/$JITSI_DOMAIN-config.js; \
echo "turncredentials_secret = \"$COTURN_SECRET\";" >>/etc/prosody/conf.d/prosody.cfg.lua; \
echo "turncredentials_host = \"$COTURN_DOMAIN\";" >>/etc/prosody/conf.d/prosody.cfg.lua; \
echo "turncredentials_port = 443;" >>/etc/prosody/conf.d/prosody.cfg.lua; \
echo "turncredentials_ttl = 86400;" >>/etc/prosody/conf.d/prosody.cfg.lua; \
echo "turncredentials = {" >>/etc/prosody/conf.d/prosody.cfg.lua; \
echo " { type = \"stun\", host = \"$COTURN_DOMAIN\" }," >>/etc/prosody/conf.d/prosody.cfg.lua; \
echo " { type = \"turn\", host = \"$COTURN_DOMAIN\", port = 443}," >>/etc/prosody/conf.d/prosody.cfg.lua; \
echo " { type = \"turns\", host = \"$COTURN_DOMAIN\", port = $COTURN_PORT, transport = \"tcp\" }" >>/etc/prosody/conf.d/prosody.cfg.lua; \
echo "}" >>/etc/prosody/conf.d/prosody.cfg.lua; \
fi
RUN if [ "$COTURN_INSTALLSERVER" != "false" ]; then \
GETIP=`curl ifconfig.me/ip`; \
apt-get update && \
apt-get -y install coturn certbot; \
sed -i 's/#TURNSERVER/TURNSERVER/' /etc/default/coturn; \
GETIP=`curl ifconfig.me/ip`; \
echo "realm=$GETIP\n" \
"server-name=$GETIP\n" \
"cert=/etc/letsencrypt/live/$COTURN_DOMAIN/cert.pem\n" \
"pkey=/etc/letsencrypt/live/$COTURN_DOMAIN/privkey.pem\n" \
"dh-file=$DHPARAM\n" \
"fingerprint\n" \
"listening-ip=LOCAL_IP\n" \
"external-ip=$GETIP/LOCAL_IP\n" \
"listening-port=$COTURN_PORT\n" \
#"min-port=10000\n" \
#"max-port=20000\n" \
"log-file=/var/log/turnserver.log\n" \
"verbose\n" \
"static-auth-secret=$COTURN_SECRET\n" \
"use-auth-secret\n" \
"lt-cred-mech\n" \