sparrowhawk/cdist-contrib
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Compare commits

base: sparrowhawk:422b97bc1b310c8f3515f3911794d2d674eb964a
Branches Tags
sparrowhawk:master
sparrowhawk:php
sparrowhawk:newtype/dirbackup
sparrowhawk:__matrix_synapse
sparrowhawk:netbox
sparrowhawk:root-mail-dma
...
compare: sparrowhawk:a6f6a7fba8f1b1192833196ca4f3e26bf8986498
Branches Tags
sparrowhawk:master
sparrowhawk:php
sparrowhawk:newtype/dirbackup
sparrowhawk:__matrix_synapse
sparrowhawk:netbox
sparrowhawk:root-mail-dma

5 commits
422b97bc1b ... a6f6a7fba8

Author SHA1 Message Date
Joachim Desroches
a6f6a7fba8
[__jitsi_meet]: Fix deprecated usage of __debconf_set_selections. 
Replace the --file parameter with the --line parameter, as recommended
since cdist 6.9.6.
 2022-03-14 15:30:11 +01:00
Evilham
a1b3a034c7
[__jitsi_meet_domain] Support the --state parameter 
This enables removing domains in a simple fashion.

Closes #3.
 2022-03-10 21:28:28 +01:00
Evilham
ac99cd8d84
[__jitsi_meet_domain] Update to 2.0.7001-1 
Obsoletes #13
 2022-03-10 21:23:45 +01:00
Evilham
ac03f05766 [__jitsi_meet] Fix bug with secured domains 
This is a leftover from when we were using __line instead of __block.

Closes #15

Reported by:  @pedro
 2022-03-10 21:20:52 +01:00
Evilham
ecd10de2d3
[__opendkim*] FreeBSD support and minor fixes 
While adding FreeBSD support to the type I noticed various issues:

- We were making sure that the KeyTable and SigningTable were created in
  __opendkim_genkey, but that was being done with the default cdist permissions
  (0400) which could result in issues when reloading the service after privilege
  drop.
  This is addressed by checking that it exists/creating it in __opendkim (just
  once, not once per __opendkim_genkey call) with laxer permissions (0444).
- In __opendkim, the service was being started after the config file was
  installed. This is insufficient as OpenDKIM will refuse to start with the
  generated config if either SigningTable or KeyTable do not exist yet.
- __opendkim_genkey had the implicit assumption that the --directory parameter
  always ended in a slash. This was not documented and error-prone; we are now
  a bit laxer and add the trailing slash if it is missing.
- __opendkim_genkey was not changing permissions for the resulting .txt file.
  This was not critical for it to function, but it was inconsistent.
- As documented in #17, __opendkim allows for a --userid parameter that might
  cause issues with keys generated by __opendkim_genkey.
  This issue has not been addressed yet, but I recommend deprecating the
  --userid parameter.
 2022-03-10 20:08:51 +01:00
17 changed files with 372 additions and 119 deletions
Show stats Expand all files Collapse all files

6
type/__jitsi_meet/manifest
View file

@ -51,9 +51,7 @@ export require="${require} __apt_source/jitsi_meet __apt_update_index"
# Pre-feed debconf settings, so Jitsi's installation has a good config
# shellcheck source=type/__jitsi_meet/files/debconf_settings.sh
. "${__type}/files/debconf_settings.sh" # This defines DEBCONF_SETTINGS
__debconf_set_selections jitsi_meet --file - <<EOF
${DEBCONF_SETTINGS}
EOF
__debconf_set_selections jitsi_meet --line "${DEBCONF_SETTINGS}"
export require="${require} __debconf_set_selections/jitsi_meet"
# Install and upgrade packages as needed
@ -153,7 +151,7 @@ EOF
if [ -f "${__object}/parameter/secured-domains" ]; then
SECURED_DOMAINS_STATE='present'
SECURED_DOMAINS_STATE_JICOFO='replace'
SECURED_DOMAINS_STATE_JICOFO='present'
else
SECURED_DOMAINS_STATE='absent'
SECURED_DOMAINS_STATE_JICOFO='absent'

2
type/__jitsi_meet/parameter/default/jitsi-version
View file

@ -1 +1 @@
2.0.5765-1
2.0.7001-1

2
type/__jitsi_meet_domain/files/_update_jitsi_configurations.sh
View file

@ -7,7 +7,7 @@
# We could automate this, but are using it as an indicator for the
# latest branch with which we conciliated changes.
BRANCH="jitsi-meet_6726"
BRANCH="jitsi-meet_7001"
REPO="https://github.com/jitsi/jitsi-meet"
get_url() {

166
type/__jitsi_meet_domain/files/config.js.sh
View file

@ -86,18 +86,41 @@ fi
// callStatsThreshold: 5 // enable callstats for 5% of the users.
},
// Feature Flags.
flags: {
// Enables source names in the signaling.
// sourceNameSignaling: false,
},
// Disables moderator indicators.
// disableModeratorIndicator: false,
// Disables the reactions feature.
// disableReactions: true,
// Disables the reactions moderation feature.
// disableReactionsModeration: false,
// Disables polls feature.
// disablePolls: false,
// Disables self-view tile. (hides it from tile view and from filmstrip)
// disableSelfView: false,
// Disables self-view settings in UI
// disableSelfViewSettings: false,
// screenshotCapture : {
// Enables the screensharing capture feature.
// enabled: false,
//
// The mode for the screenshot capture feature.
// Can be either 'recording' - screensharing screenshots are taken
// only when the recording is also on,
// or 'always' - screensharing screenshots are always taken.
// mode: 'recording'
// }
// Disables ICE/UDP by filtering out local and remote UDP candidates in
// signalling.
// webrtcIceUdpDisable: false,
@ -237,7 +260,11 @@ $(if [ -n "${VIDEO_CONSTRAINTS}" ]; then echo "${VIDEO_CONSTRAINTS},"; fi)
// max: 5
// },
// Try to start calls with screen-sharing instead of camera video.
// This option has been deprecated since it is no longer supported as per the w3c spec.
// https://w3c.github.io/mediacapture-screen-share/#dom-mediadevices-getdisplaymedia. If the user has not
// interacted with the webpage before the getDisplayMedia call, the promise will be rejected by the browser. This
// has already been implemented in Firefox and Safari and will be implemented in Chrome soon.
// https://bugs.chromium.org/p/chromium/issues/detail?id=1198918
// startScreenSharing: false,
// Recording
@ -459,6 +486,7 @@ $(if [ -n "${VIDEO_CONSTRAINTS}" ]; then echo "${VIDEO_CONSTRAINTS},"; fi)
// If Lobby is enabled starts knocking automatically.
// autoKnockLobby: false,
// DEPRECATED! Use \`breakoutRooms.hideAddRoomButton\` instead.
// Hides add breakout room button
// hideAddRoomButton: false,
@ -491,12 +519,21 @@ $(if [ -n "${VIDEO_CONSTRAINTS}" ]; then echo "${VIDEO_CONSTRAINTS},"; fi)
// Default remote name to be displayed
// defaultRemoteDisplayName: 'Fellow Jitster',
// Hides the display name from the participant thumbnail
// hideDisplayName: false,
// Hides the dominant speaker name badge that hovers above the toolbox
// hideDominantSpeakerBadge: false,
// Default language for the user interface.
defaultLanguage: '${DEFAULT_LANGUAGE}',
// Disables profile and the edit of all fields from the profile settings (display name and email)
// disableProfile: false,
// Hides the email section under profile settings.
// hideEmailInSettings: false,
// Whether or not some features are checked based on token.
// enableFeaturesBasedOnToken: false,
@ -541,6 +578,9 @@ $(if [ -n "${VIDEO_CONSTRAINTS}" ]; then echo "${VIDEO_CONSTRAINTS},"; fi)
// Document should be focused for this option to work
// enableAutomaticUrlCopy: false,
// Array with avatar URL prefixes that need to use CORS.
// corsAvatarURLs: [ 'https://www.gravatar.com/avatar/' ],
// Base URL for a Gravatar-compatible service. Defaults to libravatar.
// gravatarBaseURL: 'https://seccdn.libravatar.org/avatar/',
@ -607,41 +647,61 @@ $(if [ -n "${VIDEO_CONSTRAINTS}" ]; then echo "${VIDEO_CONSTRAINTS},"; fi)
// alwaysVisible: false
// },
// Toolbar buttons which have their click event exposed through the API on
// \`toolbarButtonClicked\` event instead of executing the normal click routine.
// Toolbar buttons which have their click/tap event exposed through the API on
// \`toolbarButtonClicked\`. Passing a string for the button key will
// prevent execution of the click/tap routine; passing an object with \`key\` and
// \`preventExecution\` flag on false will not prevent execution of the click/tap
// routine. Below array with mixed mode for passing the buttons.
// buttonsWithNotifyClick: [
// 'camera',
// 'chat',
// 'closedcaptions',
// 'desktop',
// 'download',
// 'embedmeeting',
// 'etherpad',
// 'feedback',
// 'filmstrip',
// 'fullscreen',
// 'hangup',
// 'help',
// 'invite',
// 'livestreaming',
// 'microphone',
// 'mute-everyone',
// 'mute-video-everyone',
// 'participants-pane',
// 'profile',
// 'raisehand',
// 'recording',
// 'security',
// 'select-background',
// 'settings',
// 'shareaudio',
// 'sharedvideo',
// 'shortcuts',
// 'stats',
// 'tileview',
// 'toggle-camera',
// 'videoquality',
// '__end'
// 'camera',
// {
// key: 'chat',
// preventExecution: false
// },
// {
// key: 'closedcaptions',
// preventExecution: true
// },
// 'desktop',
// 'download',
// 'embedmeeting',
// 'etherpad',
// 'feedback',
// 'filmstrip',
// 'fullscreen',
// 'hangup',
// 'help',
// {
// key: 'invite',
// preventExecution: false
// },
// 'livestreaming',
// 'microphone',
// 'mute-everyone',
// 'mute-video-everyone',
// 'participants-pane',
// 'profile',
// {
// key: 'raisehand',
// preventExecution: true
// },
// 'recording',
// 'security',
// 'select-background',
// 'settings',
// 'shareaudio',
// 'sharedvideo',
// 'shortcuts',
// 'stats',
// 'tileview',
// 'toggle-camera',
// 'videoquality',
// // The add passcode button from the security dialog.
// {
// key: 'add-passcode',
// preventExecution: false
// }
// '__end'
// ],
// List of pre meeting screens buttons to hide. The values must be one or more of the 5 allowed buttons:
@ -696,6 +756,9 @@ $(if [ -n "${VIDEO_CONSTRAINTS}" ]; then echo "${VIDEO_CONSTRAINTS},"; fi)
// Enables detecting faces of participants and get their expression and send it to other participants
// enableFacialRecognition: true,
// Enables displaying facial expressions in speaker stats
// enableDisplayFacialExpressions: true,
// Controls the percentage of automatic feedback shown to participants when callstats is enabled.
// The default value is 100%. If set to 0, no automatic feedback will be requested
// feedbackPercentage: 100,
@ -999,6 +1062,14 @@ $(if [ -n "${VIDEO_CONSTRAINTS}" ]; then echo "${VIDEO_CONSTRAINTS},"; fi)
*/
dynamicBrandingUrl: "${DYNAMIC_BRANDING_URL}",
// Options related to the breakout rooms feature.
// breakoutRooms: {
// // Hides the add breakout room button. This replaces \`hideAddRoomButton\`.
// hideAddRoomButton: false,
// // Hides the join breakout room button.
// hideJoinRoomButton: false
// },
// When true the user cannot add more images to be used as virtual background.
// Only the default ones from will be available.
// disableAddingBackgroundImages: false,
@ -1017,14 +1088,15 @@ $(if [ -n "${VIDEO_CONSTRAINTS}" ]; then echo "${VIDEO_CONSTRAINTS},"; fi)
// If true, tile view will not be enabled automatically when the participants count threshold is reached.
// disableTileView: true,
// If true, the tiles will be displayed contained within the available space rather than enlarged to cover it.
// If true, the tiles will be displayed contained within the available space rather than enlarged to cover it,
// with a 16:9 aspect ratio (old behaviour).
// disableTileEnlargement: true,
// Controls the visibility and behavior of the top header conference info labels.
// If a label's id is not in any of the 2 arrays, it will not be visible at all on the header.
// conferenceInfo: {
// // those labels will not be hidden in tandem with the toolbox.
// alwaysVisible: ['recording', 'local-recording'],
// alwaysVisible: ['recording', 'local-recording', 'raised-hands-count'],
// // those labels will be auto-hidden in tandem with the toolbox buttons.
// autoHide: [
// 'subject',
@ -1038,10 +1110,10 @@ $(if [ -n "${VIDEO_CONSTRAINTS}" ]; then echo "${VIDEO_CONSTRAINTS},"; fi)
// },
// Hides the conference subject
// hideConferenceSubject: true,
// hideConferenceSubject: false,
// Hides the conference timer.
// hideConferenceTimer: true,
// hideConferenceTimer: false,
// Hides the recording label
// hideRecordingLabel: false,
@ -1052,6 +1124,9 @@ $(if [ -n "${VIDEO_CONSTRAINTS}" ]; then echo "${VIDEO_CONSTRAINTS},"; fi)
// Sets the conference subject
// subject: 'Conference Subject',
// Sets the conference local subject
// localSubject: 'Conference Local Subject',
// This property is related to the use case when jitsi-meet is used via the IFrame API. When the property is true
// jitsi-meet will use the local storage of the host page instead of its own. This option is useful if the browser
// is not persisting the local storage inside the iframe.
@ -1114,6 +1189,7 @@ $(if [ -n "${VIDEO_CONSTRAINTS}" ]; then echo "${VIDEO_CONSTRAINTS},"; fi)
forceJVB121Ratio
forceTurnRelay
hiddenDomain
hiddenFromRecorderFeatureEnabled
ignoreStartMuted
websocketKeepAlive
websocketKeepAliveUrl
@ -1156,10 +1232,14 @@ $(if [ -n "${VIDEO_CONSTRAINTS}" ]; then echo "${VIDEO_CONSTRAINTS},"; fi)
// 'lobby.joinRejectedMessage', // shown when while in a lobby, user's request to join is rejected
// 'lobby.notificationTitle', // shown when lobby is toggled and when join requests are allowed / denied
// 'localRecording.localRecording', // shown when a local recording is started
// 'notify.chatMessages', // shown when receiving chat messages while the chat window is closed
// 'notify.disconnected', // shown when a participant has left
// 'notify.connectedOneMember', // show when a participant joined
// 'notify.connectedTwoMembers', // show when two participants joined simultaneously
// 'notify.connectedThreePlusMembers', // show when more than 2 participants joined simultaneously
// 'notify.leftOneMember', // show when a participant left
// 'notify.leftTwoMembers', // show when two participants left simultaneously
// 'notify.leftThreePlusMembers', // show when more than 2 participants left simultaneously
// 'notify.grantedTo', // shown when moderator rights were granted to a participant
// 'notify.invitedOneMember', // shown when 1 participant has been invited
// 'notify.invitedThreePlusMembers', // shown when 3+ participants have been invited
@ -1174,6 +1254,7 @@ $(if [ -n "${VIDEO_CONSTRAINTS}" ]; then echo "${VIDEO_CONSTRAINTS},"; fi)
// 'notify.mutedTitle', // shown when user has been muted upon joining,
// 'notify.newDeviceAudioTitle', // prompts the user to use a newly detected audio device
// 'notify.newDeviceCameraTitle', // prompts the user to use a newly detected camera
// 'notify.participantWantsToJoin', // shown when lobby is enabled and participant requests to join meeting
// 'notify.passwordRemovedRemotely', // shown when a password has been removed remotely
// 'notify.passwordSetRemotely', // shown when a password has been set remotely
// 'notify.raisedHand', // shown when a partcipant used raise hand,
@ -1197,6 +1278,13 @@ $(if [ -n "${VIDEO_CONSTRAINTS}" ]; then echo "${VIDEO_CONSTRAINTS},"; fi)
// Prevent the filmstrip from autohiding when screen width is under a certain threshold
// disableFilmstripAutohiding: false,
// filmstrip: {
// // Disables user resizable filmstrip. Also, allows configuration of the filmstrip
// // (width, tiles aspect ratios) through the interfaceConfig options.
// disableResizable: false,
// }
// Specifies whether the chat emoticons are disabled or not
// disableChatSmileys: false,

166
type/__jitsi_meet_domain/files/config.js.sh.orig
View file

@ -74,18 +74,41 @@ var config = {
// callStatsThreshold: 5 // enable callstats for 5% of the users.
},
// Feature Flags.
flags: {
// Enables source names in the signaling.
// sourceNameSignaling: false,
},
// Disables moderator indicators.
// disableModeratorIndicator: false,
// Disables the reactions feature.
// disableReactions: true,
// Disables the reactions moderation feature.
// disableReactionsModeration: false,
// Disables polls feature.
// disablePolls: false,
// Disables self-view tile. (hides it from tile view and from filmstrip)
// disableSelfView: false,
// Disables self-view settings in UI
// disableSelfViewSettings: false,
// screenshotCapture : {
// Enables the screensharing capture feature.
// enabled: false,
//
// The mode for the screenshot capture feature.
// Can be either 'recording' - screensharing screenshots are taken
// only when the recording is also on,
// or 'always' - screensharing screenshots are always taken.
// mode: 'recording'
// }
// Disables ICE/UDP by filtering out local and remote UDP candidates in
// signalling.
// webrtcIceUdpDisable: false,
@ -224,7 +247,11 @@ var config = {
// max: 5
// },
// Try to start calls with screen-sharing instead of camera video.
// This option has been deprecated since it is no longer supported as per the w3c spec.
// https://w3c.github.io/mediacapture-screen-share/#dom-mediadevices-getdisplaymedia. If the user has not
// interacted with the webpage before the getDisplayMedia call, the promise will be rejected by the browser. This
// has already been implemented in Firefox and Safari and will be implemented in Chrome soon.
// https://bugs.chromium.org/p/chromium/issues/detail?id=1198918
// startScreenSharing: false,
// Recording
@ -446,6 +473,7 @@ var config = {
// If Lobby is enabled starts knocking automatically.
// autoKnockLobby: false,
// DEPRECATED! Use `breakoutRooms.hideAddRoomButton` instead.
// Hides add breakout room button
// hideAddRoomButton: false,
@ -478,12 +506,21 @@ var config = {
// Default remote name to be displayed
// defaultRemoteDisplayName: 'Fellow Jitster',
// Hides the display name from the participant thumbnail
// hideDisplayName: false,
// Hides the dominant speaker name badge that hovers above the toolbox
// hideDominantSpeakerBadge: false,
// Default language for the user interface.
// defaultLanguage: 'en',
// Disables profile and the edit of all fields from the profile settings (display name and email)
// disableProfile: false,
// Hides the email section under profile settings.
// hideEmailInSettings: false,
// Whether or not some features are checked based on token.
// enableFeaturesBasedOnToken: false,
@ -528,6 +565,9 @@ var config = {
// Document should be focused for this option to work
// enableAutomaticUrlCopy: false,
// Array with avatar URL prefixes that need to use CORS.
// corsAvatarURLs: [ 'https://www.gravatar.com/avatar/' ],
// Base URL for a Gravatar-compatible service. Defaults to libravatar.
// gravatarBaseURL: 'https://seccdn.libravatar.org/avatar/',
@ -594,41 +634,61 @@ var config = {
// alwaysVisible: false
// },
// Toolbar buttons which have their click event exposed through the API on
// `toolbarButtonClicked` event instead of executing the normal click routine.
// Toolbar buttons which have their click/tap event exposed through the API on
// `toolbarButtonClicked`. Passing a string for the button key will
// prevent execution of the click/tap routine; passing an object with `key` and
// `preventExecution` flag on false will not prevent execution of the click/tap
// routine. Below array with mixed mode for passing the buttons.
// buttonsWithNotifyClick: [
// 'camera',
// 'chat',
// 'closedcaptions',
// 'desktop',
// 'download',
// 'embedmeeting',
// 'etherpad',
// 'feedback',
// 'filmstrip',
// 'fullscreen',
// 'hangup',
// 'help',
// 'invite',
// 'livestreaming',
// 'microphone',
// 'mute-everyone',
// 'mute-video-everyone',
// 'participants-pane',
// 'profile',
// 'raisehand',
// 'recording',
// 'security',
// 'select-background',
// 'settings',
// 'shareaudio',
// 'sharedvideo',
// 'shortcuts',
// 'stats',
// 'tileview',
// 'toggle-camera',
// 'videoquality',
// '__end'
// 'camera',
// {
// key: 'chat',
// preventExecution: false
// },
// {
// key: 'closedcaptions',
// preventExecution: true
// },
// 'desktop',
// 'download',
// 'embedmeeting',
// 'etherpad',
// 'feedback',
// 'filmstrip',
// 'fullscreen',
// 'hangup',
// 'help',
// {
// key: 'invite',
// preventExecution: false
// },
// 'livestreaming',
// 'microphone',
// 'mute-everyone',
// 'mute-video-everyone',
// 'participants-pane',
// 'profile',
// {
// key: 'raisehand',
// preventExecution: true
// },
// 'recording',
// 'security',
// 'select-background',
// 'settings',
// 'shareaudio',
// 'sharedvideo',
// 'shortcuts',
// 'stats',
// 'tileview',
// 'toggle-camera',
// 'videoquality',
// // The add passcode button from the security dialog.
// {
// key: 'add-passcode',
// preventExecution: false
// }
// '__end'
// ],
// List of pre meeting screens buttons to hide. The values must be one or more of the 5 allowed buttons:
@ -683,6 +743,9 @@ var config = {
// Enables detecting faces of participants and get their expression and send it to other participants
// enableFacialRecognition: true,
// Enables displaying facial expressions in speaker stats
// enableDisplayFacialExpressions: true,
// Controls the percentage of automatic feedback shown to participants when callstats is enabled.
// The default value is 100%. If set to 0, no automatic feedback will be requested
// feedbackPercentage: 100,
@ -986,6 +1049,14 @@ var config = {
*/
// dynamicBrandingUrl: '',
// Options related to the breakout rooms feature.
// breakoutRooms: {
// // Hides the add breakout room button. This replaces `hideAddRoomButton`.
// hideAddRoomButton: false,
// // Hides the join breakout room button.
// hideJoinRoomButton: false
// },
// When true the user cannot add more images to be used as virtual background.
// Only the default ones from will be available.
// disableAddingBackgroundImages: false,
@ -1004,14 +1075,15 @@ var config = {
// If true, tile view will not be enabled automatically when the participants count threshold is reached.
// disableTileView: true,
// If true, the tiles will be displayed contained within the available space rather than enlarged to cover it.
// If true, the tiles will be displayed contained within the available space rather than enlarged to cover it,
// with a 16:9 aspect ratio (old behaviour).
// disableTileEnlargement: true,
// Controls the visibility and behavior of the top header conference info labels.
// If a label's id is not in any of the 2 arrays, it will not be visible at all on the header.
// conferenceInfo: {
// // those labels will not be hidden in tandem with the toolbox.
// alwaysVisible: ['recording', 'local-recording'],
// alwaysVisible: ['recording', 'local-recording', 'raised-hands-count'],
// // those labels will be auto-hidden in tandem with the toolbox buttons.
// autoHide: [
// 'subject',
@ -1025,10 +1097,10 @@ var config = {
// },
// Hides the conference subject
// hideConferenceSubject: true,
// hideConferenceSubject: false,
// Hides the conference timer.
// hideConferenceTimer: true,
// hideConferenceTimer: false,
// Hides the recording label
// hideRecordingLabel: false,
@ -1039,6 +1111,9 @@ var config = {
// Sets the conference subject
// subject: 'Conference Subject',
// Sets the conference local subject
// localSubject: 'Conference Local Subject',
// This property is related to the use case when jitsi-meet is used via the IFrame API. When the property is true
// jitsi-meet will use the local storage of the host page instead of its own. This option is useful if the browser
// is not persisting the local storage inside the iframe.
@ -1101,6 +1176,7 @@ var config = {
forceJVB121Ratio
forceTurnRelay
hiddenDomain
hiddenFromRecorderFeatureEnabled
ignoreStartMuted
websocketKeepAlive
websocketKeepAliveUrl
@ -1143,10 +1219,14 @@ var config = {
// 'lobby.joinRejectedMessage', // shown when while in a lobby, user's request to join is rejected
// 'lobby.notificationTitle', // shown when lobby is toggled and when join requests are allowed / denied
// 'localRecording.localRecording', // shown when a local recording is started
// 'notify.chatMessages', // shown when receiving chat messages while the chat window is closed
// 'notify.disconnected', // shown when a participant has left
// 'notify.connectedOneMember', // show when a participant joined
// 'notify.connectedTwoMembers', // show when two participants joined simultaneously
// 'notify.connectedThreePlusMembers', // show when more than 2 participants joined simultaneously
// 'notify.leftOneMember', // show when a participant left
// 'notify.leftTwoMembers', // show when two participants left simultaneously
// 'notify.leftThreePlusMembers', // show when more than 2 participants left simultaneously
// 'notify.grantedTo', // shown when moderator rights were granted to a participant
// 'notify.invitedOneMember', // shown when 1 participant has been invited
// 'notify.invitedThreePlusMembers', // shown when 3+ participants have been invited
@ -1161,6 +1241,7 @@ var config = {
// 'notify.mutedTitle', // shown when user has been muted upon joining,
// 'notify.newDeviceAudioTitle', // prompts the user to use a newly detected audio device
// 'notify.newDeviceCameraTitle', // prompts the user to use a newly detected camera
// 'notify.participantWantsToJoin', // shown when lobby is enabled and participant requests to join meeting
// 'notify.passwordRemovedRemotely', // shown when a password has been removed remotely
// 'notify.passwordSetRemotely', // shown when a password has been set remotely
// 'notify.raisedHand', // shown when a partcipant used raise hand,
@ -1184,6 +1265,13 @@ var config = {
// Prevent the filmstrip from autohiding when screen width is under a certain threshold
// disableFilmstripAutohiding: false,
// filmstrip: {
// // Disables user resizable filmstrip. Also, allows configuration of the filmstrip
// // (width, tiles aspect ratios) through the interfaceConfig options.
// disableResizable: false,
// }
// Specifies whether the chat emoticons are disabled or not
// disableChatSmileys: false,

2
type/__jitsi_meet_domain/files/interface_config.js.sh
View file

@ -37,7 +37,7 @@ var interfaceConfig = {
CLOSE_PAGE_GUEST_HINT: false, // A html text to be shown to guests on the close page, false disables it
DEFAULT_BACKGROUND: '#474747',
DEFAULT_BACKGROUND: '#040404',
DEFAULT_LOGO_URL: '${BRANDING_WATERMARK_PATH}',
DEFAULT_WELCOME_PAGE_LOGO_URL: '${BRANDING_WATERMARK_PATH}',

2
type/__jitsi_meet_domain/files/interface_config.js.sh.orig
View file

@ -26,7 +26,7 @@ var interfaceConfig = {
CLOSE_PAGE_GUEST_HINT: false, // A html text to be shown to guests on the close page, false disables it
DEFAULT_BACKGROUND: '#474747',
DEFAULT_BACKGROUND: '#040404',
DEFAULT_LOGO_URL: 'images/watermark.svg',
DEFAULT_WELCOME_PAGE_LOGO_URL: 'images/watermark.svg',

4
type/__jitsi_meet_domain/man.rst
View file

@ -60,6 +60,10 @@ start-video-muted
Defaults to 10.
state
Whether the domain is 'present' or 'absent', defaults to 'present'.
turn-server
The TURN server to be used.
Defaults to `__target_host`.

30
type/__jitsi_meet_domain/manifest
View file

@ -21,6 +21,7 @@ VIDEO_CONSTRAINTS="$(cat "${__object}/parameter/video-constraints")"
BRANDING_INDEX="$(cat "${__object}/parameter/branding-index")"
BRANDING_JSON="$(cat "${__object}/parameter/branding-json")"
BRANDING_WATERMARK="$(cat "${__object}/parameter/branding-watermark")"
STATE="$(cat "${__object}/parameter/state")"
if [ "${BRANDING_INDEX}" = "-" ]; then
BRANDING_INDEX="${__object}/stdin"
@ -47,11 +48,31 @@ if [ -n "${BRANDING_JSON}" ]; then
DYNAMIC_BRANDING_URL="/branding.json"
fi
case "${STATE}" in
present)
# When adding the domain, Let's Encrypt must come before nginx
le_require=""
nginx_require="__letsencrypt_cert/${DOMAIN}"
;;
absent)
# When removing, nginx must come before Let's Encrypt
le_require="__file/etc/nginx/sites-enabled/${DOMAIN}.conf"
nginx_require=""
;;
*)
cat >> /dev/stderr <<-EOM
Unsupported state '${STATE}', must be 'present' or 'absent'.
EOM
exit 1
;;
esac
#
# Deal with certbot
#
# use object id as domain
__letsencrypt_cert "${DOMAIN}" \
require="${le_require}" __letsencrypt_cert "${DOMAIN}" \
--state "${STATE}" \
--admin-email "${ADMIN_EMAIL}" \
--deploy-hook "service nginx reload" \
--webroot /usr/share/jitsi-meet
@ -59,8 +80,9 @@ __letsencrypt_cert "${DOMAIN}" \
# Create virtualhost for nginx
# shellcheck source=type/__jitsi_meet_domain/files/nginx.sh
. "${__type}/files/nginx.sh" # This defines JITSI_NGINX_CONFIG
require="__letsencrypt_cert/${DOMAIN}" __file \
require="${nginx_require}" __file \
"/etc/nginx/sites-enabled/${DOMAIN}.conf" \
--state "${STATE}" \
--mode 0644 --source "-" <<EOF
${JITSI_NGINX_CONFIG}
EOF
@ -69,6 +91,7 @@ EOF
# shellcheck source=type/__jitsi_meet_domain/files/config.js.sh
. "${__type}/files/config.js.sh" # This defines JITSI_CONFIG_JS
__file "/etc/jitsi/meet/${DOMAIN}-config.js" \
--state "${STATE}" \
--mode 0644 --source "-" <<EOF
${JITSI_CONFIG_JS}
EOF
@ -77,6 +100,7 @@ EOF
# shellcheck source=type/__jitsi_meet_domain/files/interface_config.js.sh
. "${__type}/files/interface_config.js.sh" # This defines JITSI_CONFIG_JS
__file "/etc/jitsi/meet/${DOMAIN}-interface_config.js" \
--state "${STATE}" \
--mode 0644 --source "-" <<EOF
${JITSI_INTERFACE_CONFIG_JS}
EOF
@ -87,7 +111,7 @@ EOF
#
# Helper function to manage the state of the target branding file
_var_state() {
if [ -n "${1}" ]; then
if [ "${STATE}" = "present" ] && [ -n "${1}" ]; then
echo "present"
else
echo "absent"

1
type/__jitsi_meet_domain/parameter/default/state Normal file
View file

@ -0,0 +1 @@
present

1
type/__jitsi_meet_domain/parameter/optional
View file

@ -7,3 +7,4 @@ video-constraints
branding-json
branding-index
branding-watermark
state

5
type/__opendkim/files/opendkim.conf.sh
View file

@ -1,6 +1,7 @@
#!/bin/sh -e
# Generate an opendkim.conf(5) file for opendkim(8).
echo "# Managed remotely, manual changes will be lost."
# Optional chdir(2)
if [ "$BASEDIR" ];
@ -33,8 +34,8 @@ then
fi
# Key and Domain tables
echo 'KeyTable /etc/opendkim/KeyTable'
echo 'SigningTable /etc/opendkim/SigningTable'
echo "KeyTable ${CFG_DIR}/KeyTable"
echo "SigningTable ${CFG_DIR}/SigningTable"
# Required socket to listen on
printf "Socket %s\n" "${SOCKET:?}"

12
type/__opendkim/man.rst
View file

@ -14,8 +14,8 @@ installation and basic configuration of an instance of OpenDKIM.
Note that this type does not generate or ensure that a key is present: use
`cdist-type__opendkim-genkey(7)` for that.
Note that this type is currently only implemented for Alpine Linux. Please
contribute an implementation if you can.
Note that this type is currently only implemented for Alpine Linux and FreeBSD.
Please contribute an implementation if you can.
REQUIRED PARAMETERS
@ -42,8 +42,9 @@ umask
Set the umask for the socket and PID file.
userid
Change the user the opendkim program is to run as. By default, Alpine Linux's
OpenRC service will set this to `opendkim` on the command-line.
Change the user the opendkim program is to run as.
By default, Alpine Linux's OpenRC service will set this to `opendkim` on the
command-line and FreeBSD's rc will set it to `mailnull`.
custom-config
The string following this parameter is appended as-is in the configuration, to
@ -86,11 +87,12 @@ SEE ALSO
AUTHORS
-------
Joachim Desroches <joachim.desroches@epfl.ch>
Evilham <contact@evilham.com>
COPYING
-------
Copyright \(C) 2021 Joachim Desroches. You can redistribute it
Copyright \(C) 2022 Joachim Desroches, Evilham. You can redistribute it
and/or modify it under the terms of the GNU General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.

28
type/__opendkim/manifest
View file

@ -20,16 +20,23 @@
os=$(cat "${__global:?}/explorer/os")
CFG_DIR="/etc/opendkim"
service="opendkim"
case "$os" in
'alpine')
:
;;
'freebsd')
CFG_DIR="/usr/local/etc/mail"
service="milter-opendkim"
;;
*)
printf "__opendkim does not yet support %s.\n" "$os" >&2
printf "Please contribute an implementation if you can.\n" >&2
exit 1
;;
esac
export CFG_DIR
__package opendkim
@ -68,7 +75,7 @@ fi
# Generate and deploy configuration file.
source_file="${__object:?}/files/opendkim.conf"
target_file="/etc/opendkim/opendkim.conf"
target_file="${CFG_DIR}/opendkim.conf"
mkdir -p "${__object:?}/files"
@ -83,9 +90,22 @@ fi
require="__package/opendkim" __file "$target_file" \
--source "$source_file" --mode 0644
require="__package/opendkim" __start_on_boot opendkim
require="__package/opendkim" __start_on_boot "${service}"
require="__file${target_file}" \
# Ensure Key and Signing tables exist and have proper permissions
key_table="${CFG_DIR}/KeyTable"
signing_table="${CFG_DIR}/SigningTable"
require="__package/opendkim" \
__file "${key_table}" \
--mode 444
require="__package/opendkim" \
__file "${signing_table}" \
--mode 444
require="__file${target_file} __file${key_table}
__file${signing_table} __start_on_boot/${service}" \
__check_messages opendkim \
--pattern "^__file${target_file}" \
--execute "service opendkim restart"
--execute "service ${service} restart"

10
type/__opendkim_genkey/gencode-remote
View file

@ -30,7 +30,8 @@ fi
DIRECTORY="/var/db/dkim/"
if [ -f "${__object:?}/parameter/directory" ]; then
DIRECTORY="$(cat "${__object:?}/parameter/directory")"
# Be forgiving about a lack of trailing slash
DIRECTORY="$(sed -E 's!([^/])$!\1/!' < "${__object:?}/parameter/directory")"
fi
# Boolean parameters
@ -44,7 +45,12 @@ if [ -f "${__object:?}/parameters/unrestricted" ]; then
RESTRICTED=
fi
user="$(cat "${__object:?}/user")"
group="$(cat "${__object:?}/group")"
if ! [ -f "${DIRECTORY}${SELECTOR}.private" ]; then
echo "opendkim-genkey $BITS --domain=$DOMAIN --directory=$DIRECTORY $RESTRICTED --selector=$SELECTOR $SUBDOMAINS"
echo "chown opendkim:opendkim ${DIRECTORY}${SELECTOR}.private"
echo "chown ${user}:${group} ${DIRECTORY}${SELECTOR}.private"
# This is usually generated, if it weren't we do not want to fail
echo "chown ${user}:${group} ${DIRECTORY}${SELECTOR}.txt || true"
fi

7
type/__opendkim_genkey/man.rst
View file

@ -17,8 +17,8 @@ will be added to the OpenDKIM signing table, using either the domain or the
provided key for the `domain:selector:keyfile` value in the table. An existing
key will not be overwritten.
Currently, this type is only implemented for Alpine Linux. Please contribute an
implementation if you can.
Currently, this type is only implemented for Alpine Linux and FreeBSD.
Please contribute an implementation if you can.
REQUIRED PARAMETERS
-------------------
@ -85,11 +85,12 @@ SEE ALSO
AUTHORS
-------
Joachim Desroches <joachim.desroches@epfl.ch>
Evilham <contact@evilham.com>
COPYING
-------
Copyright \(C) 2021 Joachim Desroches. You can redistribute it
Copyright \(C) 2022 Joachim Desroches, Evilham. You can redistribute it
and/or modify it under the terms of the GNU General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.

47
type/__opendkim_genkey/manifest
View file

@ -21,10 +21,18 @@
os=$(cat "${__global:?}/explorer/os")
CFG_DIR="/etc/opendkim"
user="opendkim"
group="opendkim"
case "$os" in
'alpine')
:
;;
'freebsd')
CFG_DIR="/usr/local/etc/mail"
user="mailnull"
group="mailnull"
;;
*)
cat <<- EOF >&2
__opendkim_genkey currently only supports Alpine Linux. Please
@ -32,6 +40,9 @@ case "$os" in
EOF
;;
esac
# Persist user and group for gencode-remote
printf '%s' "${user}" > "${__object:?}/user"
printf '%s' "${group}" > "${__object:?}/group"
SELECTOR="$(cat "${__object:?}/parameter/selector")"
DOMAIN="$(cat "${__object:?}/parameter/domain")"
@ -39,7 +50,8 @@ DOMAIN="$(cat "${__object:?}/parameter/domain")"
DIRECTORY="/var/db/dkim/"
if [ -f "${__object:?}/parameter/directory" ];
then
DIRECTORY="$(cat "${__object:?}/parameter/directory")"
# Be forgiving about a lack of trailing slash
DIRECTORY="$(sed -E 's!([^/])$!\1/!' < "${__object:?}/parameter/directory")"
fi
SIGKEY="${DOMAIN:?}"
@ -48,19 +60,26 @@ then
SIGKEY="$(cat "${__object:?}/parameter/sigkey")"
fi
__package opendkim-utils
# Ensure the key-container directory exists with the proper permissions
__directory "${DIRECTORY}" \
--mode 0750 \
--owner "${user}" --group "${group}"
require='__package/opendkim-utils' \
__file /etc/opendkim/KeyTable
require='__package/opendkim-utils' \
__file /etc/opendkim/SigningTable
# OS-specific code
case "$os" in
'alpine')
# This is needed for opendkim-genkey
__package opendkim-utils
;;
esac
require='__file/etc/opendkim/KeyTable' \
__line "line-key-${__object_id:?}" \
--file /etc/opendkim/KeyTable \
--line "${SELECTOR:?}._domainkey.${DOMAIN:?} ${DOMAIN:?}:${SELECTOR:?}:${DIRECTORY:?}${SELECTOR:?}.private"
key_table="${CFG_DIR}/KeyTable"
signing_table="${CFG_DIR}/SigningTable"
require='__file/etc/opendkim/SigningTable' \
__line "line-sig-${__object_id:?}" \
--file /etc/opendkim/SigningTable \
--line "${SIGKEY:?} ${SELECTOR:?}._domainkey.${DOMAIN:?}"
__line "line-key-${__object_id:?}" \
--file "${key_table}" \
--line "${SELECTOR:?}._domainkey.${DOMAIN:?} ${DOMAIN:?}:${SELECTOR:?}:${DIRECTORY:?}${SELECTOR:?}.private"
__line "line-sig-${__object_id:?}" \
--file "${signing_table}" \
--line "${SIGKEY:?} ${SELECTOR:?}._domainkey.${DOMAIN:?}"