From 4289a7fa4c7e05fb5d80a465669e00deba029c2b Mon Sep 17 00:00:00 2001 From: mattslaney Date: Thu, 11 Jul 2024 19:02:31 +0100 Subject: [PATCH] improve deploy --- .env.example | 2 +- coturn/setup.sh | 6 ++++-- nginx/setup.sh | 47 +++++++++++++++++++++++++++-------------------- setup.sh | 13 ++++++++++--- 4 files changed, 42 insertions(+), 26 deletions(-) diff --git a/.env.example b/.env.example index 0f967d3..b4f2270 100644 --- a/.env.example +++ b/.env.example @@ -1,2 +1,2 @@ -TURN_SECRET=COTURN_SECRET_STRING +TURN_SECRET=COTURN_AUTH_SECRET TURN_TTL=3600 \ No newline at end of file diff --git a/coturn/setup.sh b/coturn/setup.sh index 7d956b7..9c57812 100755 --- a/coturn/setup.sh +++ b/coturn/setup.sh @@ -1,6 +1,8 @@ # Install coturn -sudo apt-get update -y -sudo apt-get install coturn +if ! command -v nginx &> /dev/null; then + sudo apt-get update -y + sudo apt-get install coturn +fi # Configure coturn sudo mv /etc/turnserver.conf /etc/turnserver.conf.backup diff --git a/nginx/setup.sh b/nginx/setup.sh index ca5e1f3..0493288 100755 --- a/nginx/setup.sh +++ b/nginx/setup.sh @@ -1,27 +1,34 @@ -# Setup reverse proxy -sudo apt-get update -sudo apt-get install nginx +if ! command -v nginx &> /dev/null; then + # Setup reverse proxy + sudo apt-get update + sudo apt-get install nginx +fi -# Generate a self signed certificate -openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650 -nodes -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=CommonNameOrHostname" -sudo cp *.pem /etc/ssl +if [ ! -e /etc/ssl/cert.pem -o ! -e /etc/ssl/key.pem ]; then + echo "Generating a certificate" + # Obtain a certificate + ## Self Signed + # openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365 + # sudo cp *.pem /etc/ssl + ## Self Signed - One Command + # sudo openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650 -nodes -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=CommonNameOrHostname" + # sudo cp *.pem /etc/ssl + ## Real Certificate + if [ -z "$1" ]; then + read -p "Enter the domain for the certificate: " domainname + else + domainname=$1 + fi + sudo certbot certonly --standalone -d $domainname + sudo ln -s "/etc/letsencrypt/live/$domainname/fullchain.pem" /etc/ssl/cert.pem + sudo ln -s "/etc/letsencrypt/live/$domainname/privkey.pem" /etc/ssl/key.pem +else + echo "Using existing certificate" +fi # Set up the reverse proxy to the node app sudo cp webrtc /etc/nginx/sites-available/ -sudo ln -s /etc/nginx/sites-available/webrtc /etc/nginx/sites-enabled - -# Obtain a certificate -## Self Signed -# openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365 -## Self Signed - One Command -# sudo openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650 -nodes -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=CommonNameOrHostname" -## Real Certificate -if [ -z "$1" ]; then - read -p "Enter the domain for the certificate: " domainname -else - domainname=$1 -fi -sudo certbot certonly --standalone -d $domainname +sudo ln -sf /etc/nginx/sites-available/webrtc /etc/nginx/sites-enabled # Open HTTP & HTTPS on firewall sudo iptables -I INPUT -p tcp -m tcp --dport 80 -j ACCEPT diff --git a/setup.sh b/setup.sh index 01f016f..6be22d6 100755 --- a/setup.sh +++ b/setup.sh @@ -3,10 +3,17 @@ cd coturn source ./setup.sh cd .. cd nginx -source ./nginx/setup.sh +source ./setup.sh cd .. -# Run app -sudo apt-get install nodejs npm +# Setup app +if [ ! `command -v node` ] && [ ! `command -v npm` ]; then + sudo apt-get install nodejs npm +fi + +# Update .envs +COTURN_AUTH_SECRET=$(sudo grep "static-auth-secret" /etc/turnserver.conf | cut -d'=' -f2) +sed -i "s/TURN_SECRET=.*/TURN_SECRET=$COTURN_AUTH_SECRET/g" .env + npm install node index.js \ No newline at end of file