Make generate-jitsi-passwords.sh less magical

development
Slavi Pantaleev 5 years ago
parent e36fe54974
commit 1b27e0f812

@ -23,18 +23,16 @@ Add this to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration:
```yaml ```yaml
matrix_jitsi_enabled: true matrix_jitsi_enabled: true
```
## Securing your Jitsi instance with strong passwords
Please use the bash script provided in this repo to generate strong passwords for your Jitsi instance. # Run `bash inventory/scripts/generate-jitsi-passwords.sh` to generate these passwords,
Execute the following commands in your terminal from the root of this repo: # or define your own strong passwords manually.
```bash matrix_jitsi_jicofo_component_secret: ""
cd inventory/scripts matrix_jitsi_jicofo_auth_password: ""
bash generate-jitsi-passwords.sh matrix_jitsi_jvb_auth_password: ""
matrix_jitsi_jibri_recorder_password: ""
matrix_jitsi_jibri_xmpp_password: ""
``` ```
The script will add the corresponding ansible variables and passwords generated with `openssl rand -hex 16` to the bottom of your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration.
## (Optional) configure internal Jitsi authentication and guests mode ## (Optional) configure internal Jitsi authentication and guests mode

@ -2,38 +2,14 @@
# This is a bash script for generating strong passwords for the Jitsi role in this ansible project: # This is a bash script for generating strong passwords for the Jitsi role in this ansible project:
# https://github.com/spantaleev/matrix-docker-ansible-deploy # https://github.com/spantaleev/matrix-docker-ansible-deploy
# This script assumes that you followed the documentation at https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-playbook.md and created a folder in the source code's directory like this: 'mkdir inventory/host_vars/matrix.<your-domain>'
# it will put the generated passwords for Jitsi at the end of the vars.yml file in that directory
function generatePassword() { function generatePassword() {
openssl rand -hex 16 openssl rand -hex 16
} }
# helper function to get the matrix domain in the host_vars directory echo "# If this script fails, it's likely because you don't have the openssl tool installed."
function get_domain_dir() { echo "# Install it before using this script, or simply create your own passwords manually."
counter=0
for f in *; do
counter=$(( counter + 1 ))
if [ ! -d "$f" ]; then
echo "Error: could not find directory 'matrix.your.domain'"
echo "Did you create it already? Please first setup your matrix homeserver before running this script."
echo "You should start here: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/prerequisites.md"
exit 1
elif [[ "$counter" -gt 1 ]]; then
echo "Error: multiple directories found in ../host_vars/. Only one directory like 'matrix.your.domain' expected."
echo "Please make sure there is only one directory holding your vars.yml for this ansible playbook."
echo "Cannot continue script, exiting."
exit 1
fi
# Will not set domain if zero or multiple directories are detected
domain=$f
done
}
cd ../host_vars echo ""
get_domain_dir
JICOFO_COMPONENT_SECRET=$(generatePassword) JICOFO_COMPONENT_SECRET=$(generatePassword)
JICOFO_AUTH_PASSWORD=$(generatePassword) JICOFO_AUTH_PASSWORD=$(generatePassword)
@ -41,10 +17,10 @@ JVB_AUTH_PASSWORD=$(generatePassword)
JIBRI_RECORDER_PASSWORD=$(generatePassword) JIBRI_RECORDER_PASSWORD=$(generatePassword)
JIBRI_XMPP_PASSWORD=$(generatePassword) JIBRI_XMPP_PASSWORD=$(generatePassword)
echo "" >> ../host_vars/${domain}/vars.yml echo "# Paste these variables into your inventory/host_vars/matrix.DOMAIN/vars.yml file:"
echo "Jitsi passwords generated by inventory/scripts/gen-passwords.sh" >> ../host_vars/${domain}/vars.yml echo ""
echo "matrix_jitsi_jicofo_component_secret: $JICOFO_COMPONENT_SECRET" >> ../host_vars/${domain}/vars.yml echo "matrix_jitsi_jicofo_component_secret: "$JICOFO_COMPONENT_SECRET
echo "matrix_jitsi_jicofo_auth_password: $JICOFO_AUTH_PASSWORD" >> ../host_vars/${domain}/vars.yml echo "matrix_jitsi_jicofo_auth_password: "$JICOFO_AUTH_PASSWORD
echo "matrix_jitsi_jvb_auth_password: $JVB_AUTH_PASSWORD" >> ../host_vars/${domain}/vars.yml echo "matrix_jitsi_jvb_auth_password: "$JVB_AUTH_PASSWORD
echo "matrix_jitsi_jibri_recorder_password: $JIBRI_RECORDER_PASSWORD" >> ../host_vars/${domain}/vars.yml echo "matrix_jitsi_jibri_recorder_password: "$JIBRI_RECORDER_PASSWORD
echo "matrix_jitsi_jibri_xmpp_password: $JIBRI_XMPP_PASSWORD" >> ../host_vars/${domain}/vars.yml echo "matrix_jitsi_jibri_xmpp_password: "$JIBRI_XMPP_PASSWORD

Loading…
Cancel
Save