1
0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2024-12-12 08:43:55 +02:00

Make generate-jitsi-passwords.sh less magical

This commit is contained in:
Slavi Pantaleev 2020-04-08 10:05:10 +03:00
parent e36fe54974
commit 1b27e0f812
2 changed files with 18 additions and 44 deletions

View File

@ -23,18 +23,16 @@ Add this to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration:
```yaml
matrix_jitsi_enabled: true
# Run `bash inventory/scripts/generate-jitsi-passwords.sh` to generate these passwords,
# or define your own strong passwords manually.
matrix_jitsi_jicofo_component_secret: ""
matrix_jitsi_jicofo_auth_password: ""
matrix_jitsi_jvb_auth_password: ""
matrix_jitsi_jibri_recorder_password: ""
matrix_jitsi_jibri_xmpp_password: ""
```
## Securing your Jitsi instance with strong passwords
Please use the bash script provided in this repo to generate strong passwords for your Jitsi instance.
Execute the following commands in your terminal from the root of this repo:
```bash
cd inventory/scripts
bash generate-jitsi-passwords.sh
```
The script will add the corresponding ansible variables and passwords generated with `openssl rand -hex 16` to the bottom of your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration.
## (Optional) configure internal Jitsi authentication and guests mode

View File

@ -2,38 +2,14 @@
# This is a bash script for generating strong passwords for the Jitsi role in this ansible project:
# https://github.com/spantaleev/matrix-docker-ansible-deploy
# This script assumes that you followed the documentation at https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-playbook.md and created a folder in the source code's directory like this: 'mkdir inventory/host_vars/matrix.<your-domain>'
# it will put the generated passwords for Jitsi at the end of the vars.yml file in that directory
function generatePassword() {
openssl rand -hex 16
}
# helper function to get the matrix domain in the host_vars directory
function get_domain_dir() {
counter=0
echo "# If this script fails, it's likely because you don't have the openssl tool installed."
echo "# Install it before using this script, or simply create your own passwords manually."
for f in *; do
counter=$(( counter + 1 ))
if [ ! -d "$f" ]; then
echo "Error: could not find directory 'matrix.your.domain'"
echo "Did you create it already? Please first setup your matrix homeserver before running this script."
echo "You should start here: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/prerequisites.md"
exit 1
elif [[ "$counter" -gt 1 ]]; then
echo "Error: multiple directories found in ../host_vars/. Only one directory like 'matrix.your.domain' expected."
echo "Please make sure there is only one directory holding your vars.yml for this ansible playbook."
echo "Cannot continue script, exiting."
exit 1
fi
# Will not set domain if zero or multiple directories are detected
domain=$f
done
}
cd ../host_vars
get_domain_dir
echo ""
JICOFO_COMPONENT_SECRET=$(generatePassword)
JICOFO_AUTH_PASSWORD=$(generatePassword)
@ -41,10 +17,10 @@ JVB_AUTH_PASSWORD=$(generatePassword)
JIBRI_RECORDER_PASSWORD=$(generatePassword)
JIBRI_XMPP_PASSWORD=$(generatePassword)
echo "" >> ../host_vars/${domain}/vars.yml
echo "Jitsi passwords generated by inventory/scripts/gen-passwords.sh" >> ../host_vars/${domain}/vars.yml
echo "matrix_jitsi_jicofo_component_secret: $JICOFO_COMPONENT_SECRET" >> ../host_vars/${domain}/vars.yml
echo "matrix_jitsi_jicofo_auth_password: $JICOFO_AUTH_PASSWORD" >> ../host_vars/${domain}/vars.yml
echo "matrix_jitsi_jvb_auth_password: $JVB_AUTH_PASSWORD" >> ../host_vars/${domain}/vars.yml
echo "matrix_jitsi_jibri_recorder_password: $JIBRI_RECORDER_PASSWORD" >> ../host_vars/${domain}/vars.yml
echo "matrix_jitsi_jibri_xmpp_password: $JIBRI_XMPP_PASSWORD" >> ../host_vars/${domain}/vars.yml
echo "# Paste these variables into your inventory/host_vars/matrix.DOMAIN/vars.yml file:"
echo ""
echo "matrix_jitsi_jicofo_component_secret: "$JICOFO_COMPONENT_SECRET
echo "matrix_jitsi_jicofo_auth_password: "$JICOFO_AUTH_PASSWORD
echo "matrix_jitsi_jvb_auth_password: "$JVB_AUTH_PASSWORD
echo "matrix_jitsi_jibri_recorder_password: "$JIBRI_RECORDER_PASSWORD
echo "matrix_jitsi_jibri_xmpp_password: "$JIBRI_XMPP_PASSWORD