diff --git a/conf/nginx.conf b/conf/nginx.conf new file mode 100644 index 0000000..03bc88a --- /dev/null +++ b/conf/nginx.conf @@ -0,0 +1,14 @@ +location / { + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + + client_max_body_size 1M; # default is 1M + + proxy_connect_timeout 10m; + proxy_send_timeout 10m; + proxy_read_timeout 10m; + send_timeout 10m; + + proxy_pass http://127.0.0.1:__PORT__; +} \ No newline at end of file diff --git a/manifest.toml b/manifest.toml index a8ee888..1f66f96 100644 --- a/manifest.toml +++ b/manifest.toml @@ -6,7 +6,6 @@ description.en = "Chat that is simple, secure, and private" # TODO: post_cert_update hook to steal certs # TODO: Deal with /var/www/snikket # TODO: Remove cert check (and import certs) -# TODO: Paths are all wrong version = "2024.02.21~ynh1" @@ -58,14 +57,18 @@ ram.runtime = "50M" [resources.data_dir] - [resources.ports] # TODO + [resources.ports] # TODO: TURN server ports file.default=5000 + file.exposed="TCP" + file.fixed=true client.default=5222 + client.exposed="TCP" + client.fixed=true server.default=5269 - xmpp.default=5280 - https.default=5281 - component.default=5347 - telnet.default=5582 + server.exposed="TCP" + server.fixed=true + main.default=5280 + # TODO: Need to remove/disable Metronome *before* installation starts because of the port allocation here [resources.permissions] diff --git a/scripts/_common.sh b/scripts/_common.sh index 3ab6af6..2559035 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -14,6 +14,16 @@ fi # PERSONAL HELPERS #================================================= +install_certificates() { + domains=("$domain" "groups.$domain" "share.$domain") + for d in "${domains[@]}" + do + cp "/etc/yunohost/certs/$d/crt.pem" "/etc/snikket/certs/${d}.crt" + cp "/etc/yunohost/certs/$d/key.pem" "/etc/snikket/certs/${d}.key" + done + chown $app /etc/snikket/certs/* +} + #================================================= # EXPERIMENTAL HELPERS #================================================= diff --git a/scripts/install b/scripts/install index 086292b..c15d10e 100755 --- a/scripts/install +++ b/scripts/install @@ -65,7 +65,10 @@ ynh_app_setting_set --app=$app --key=config_path --value=$config_path mkdir -p $config_path mkdir -p $config_path/{certs,conf.avail,conf.d} mkdir -p $config_path/firewall +# TODO: ynh_replace_string sed -i -e 's#/snikket/prosody#/var/lib/snikket#g' "$snikketdir/ansible/files/prosody.cfg.lua" +sed -i -e 's#/var/run/prosody/prosody.pid#/var/run/snikket/prosody.pid#g' "$snikketdir/ansible/files/prosody.cfg.lua" +sed -i -e 's#/etc/prosody/#/etc/snikket/#g' "$snikketdir/ansible/files/prosody.cfg.lua" ynh_add_config --template="$snikketdir/ansible/files/prosody.cfg.lua" --destination="$config_path/prosody.cfg.lua" ynh_add_config --template="$snikketdir/ansible/files/restricted_users.pfw" --destination="$config_path/restricted_users.pfw" @@ -108,15 +111,27 @@ cat >/etc/snikket/environment <