jaas: register JaaS account automatically

pull/1398/merge
Oana Emilia Ianc 2 years ago committed by GitHub
parent c44c59e6cb
commit 046bb79271
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 2
      web/Dockerfile
  2. 121
      web/rootfs/etc/services.d/jaas-account/run

@ -12,7 +12,7 @@ ADD https://raw.githubusercontent.com/acmesh-official/acme.sh/2.8.8/acme.sh /opt
COPY rootfs/ / COPY rootfs/ /
RUN apt-dpkg-wrap apt-get update && \ RUN apt-dpkg-wrap apt-get update && \
apt-dpkg-wrap apt-get install -y cron nginx-extras jitsi-meet-web socat && \ apt-dpkg-wrap apt-get install -y cron nginx-extras jitsi-meet-web socat curl jq && \
apt-dpkg-wrap apt-get -d install -y jitsi-meet-web-config && \ apt-dpkg-wrap apt-get -d install -y jitsi-meet-web-config && \
dpkg -x /var/cache/apt/archives/jitsi-meet-web-config*.deb /tmp/pkg && \ dpkg -x /var/cache/apt/archives/jitsi-meet-web-config*.deb /tmp/pkg && \
mv /tmp/pkg/usr/share/jitsi-meet-web-config/config.js /defaults && \ mv /tmp/pkg/usr/share/jitsi-meet-web-config/config.js /defaults && \

@ -0,0 +1,121 @@
#!/usr/bin/with-contenv bash
set -e
EMAIL=$LETSENCRYPT_EMAIL
DOMAIN=$LETSENCRYPT_DOMAIN
JAAS_ENDPOINT="https://account-provisioning.cloudflare.jitsi.net/operations"
CHALLENGE_DIR="/usr/share/jitsi-meet/.well-known"
CHALLENGE_FILE="$CHALLENGE_DIR/jitsi-challenge.txt"
SUPPORT_MSG="Reach out to JaaS support at https://jaas.8x8.vc/#components"
JAAS_ACCOUNT_FILE="/config/jaas-account-created.txt"
function stop_service() {
s6-svc -O /var/run/s6/services/jaas-account
exit 0
}
if [[ $DISABLE_HTTPS -ne 1 ]] && [[ $ENABLE_LETSENCRYPT -eq 1 ]] && [[ $ENABLE_JAAS_COMPONENTS -eq 1 ]] && [[ ! -z $EMAIL ]] && [[ ! -z $DOMAIN ]]; then
if [ -f $JAAS_ACCOUNT_FILE ]; then
echo "JaaS account already exists"
stop_service
fi
KEEP_WAITING=true
RETRIES=0
MAX_TRIES=5
SLEEP_INTERVAL=10
# Waiting for nginx to start before creating the JaaS account
while $KEEP_WAITING; do
s6-svwait -u /var/run/s6/services/nginx
NGINX_RESPONSE=$?
if [ $NGINX_RESPONSE -eq 0 ]; then
echo "Nginx started"
KEEP_WAITING=false
else
RETRIES=$((RETRIES + 1))
if [ $RETRIES -ge $MAX_TRIES ]; then
echo "Nginx did not start, exiting..."
KEEP_WAITING=false
else
echo "Waiting for nginx to start, retrying in $SLEEP_INTERVAL seconds... $RETRIES/$MAX_TRIES"
sleep $SLEEP_INTERVAL
fi
fi
done
create_error=0
create_data=$(curl -s -f -X 'POST' "${JAAS_ENDPOINT}" -H 'Content-Type: application/json' -H 'accept: */*' -d "{ \"domain\": \"${DOMAIN}\", \"email\": \"${EMAIL}\" }") || create_error=$?
if [ ${create_error} -ne 0 ]; then
echo "JaaS account creation failed. Status: ${create_error}, response: ${create_data}"
stop_service
fi
echo "${create_data}"
# Creating the challenge dir
mkdir -p ${CHALLENGE_DIR}
# Creating the challenge file
echo "${create_data}" | jq -r .challenge > ${CHALLENGE_FILE}
op_id=$(echo "${create_data}" | jq -r .operationId)
ready_error=0
ready_data=$(curl -s -f -X 'PUT' "${JAAS_ENDPOINT}/${op_id}/ready") || ready_error=$?
if [ ${ready_error} -ne 0 ]; then
echo "Jitsi domain validation failed. Status: ${ready_error}"
echo "Response: "
echo "${ready_data}" | jq -r
echo "${SUPPORT_MSG}"
echo
stop_service
fi
SLEEP_TIME=0
WAIT_BEFORE_CHECK=5
TIMEOUT=60
echo -n "Creating the JaaS account..."
(while true; do
provisioned_data=$(curl -s -f "${JAAS_ENDPOINT}/${op_id}")
status=$(echo "${provisioned_data}" | jq -r .status)
if [ "${status}" == "PROVISIONED" ]; then
echo ""
echo "=================="
echo ""
echo "A JaaS account was created. Please check your email for more details."
echo ""
echo "=================="
# Creating the jaas-account file
touch ${JAAS_ACCOUNT_FILE}
stop_service
elif [ "${status}" == "FAILED" ]; then
echo ""
echo "=================="
echo ""
echo "JaaS account creation failed:${provisioned_data}"
echo ""
echo "=================="
stop_service
fi
if [ ${SLEEP_TIME} -ge ${TIMEOUT} ]; then
echo ""
echo "=================="
echo ""
echo "Timeout creating the JaaS account. ${SUPPORT_MSG}"
echo ""
echo "=================="
stop_service
fi
echo -n "Waiting for the JaaS account to be created..."
sleep ${WAIT_BEFORE_CHECK}
SLEEP_TIME=$((SLEEP_TIME+WAIT_BEFORE_CHECK))
done)
rm ${CHALLENGE_FILE} || true
fi
stop_service
Loading…
Cancel
Save