all-in-one/Containers/talk/start.sh

90 lines
2 KiB
Bash
Raw Normal View History

2021-11-30 18:20:42 +08:00
#!/bin/bash
# Variables
if [ -z "$NC_DOMAIN" ]; then
echo "You need to provide the NC_DOMAIN."
exit 1
elif [ -z "$TALK_PORT" ]; then
echo "You need to provide the TALK_PORT."
exit 1
2021-11-30 18:20:42 +08:00
elif [ -z "$TURN_SECRET" ]; then
echo "You need to provide the TURN_SECRET."
exit 1
elif [ -z "$SIGNALING_SECRET" ]; then
echo "You need to provide the SIGNALING_SECRET."
2021-11-30 18:20:42 +08:00
exit 1
elif [ -z "$INTERNAL_SECRET" ]; then
echo "You need to provide the INTERNAL_SECRET."
exit 1
2021-11-30 18:20:42 +08:00
fi
set -x
IPv4_ADDRESS_TALK="$(dig nextcloud-aio-talk IN A +short | grep '^[0-9.]\+$' | sort | head -n1)"
IPv6_ADDRESS_TALK="$(dig nextcloud-aio-talk AAAA +short | grep '^[0-9a-f:]\+$' | sort | head -n1)"
IPv4_ADDRESS_NC="$(dig "$NC_DOMAIN" IN A +short +https +tls-ca=/etc/ssl/certs/ca-certificates.crt @1.1.1.1 | grep '^[0-9.]\+$' | sort | head -n1)"
IPv6_ADDRESS_NC="$(dig "$NC_DOMAIN" IN AAAA +short +https +tls-ca=/etc/ssl/certs/ca-certificates.crt @1.1.1.1 | grep '^[0-9a-f:]\+$' | sort | head -n1)"
set +x
# Turn
cat << TURN_CONF > "/conf/eturnal.yml"
eturnal:
listen:
- ip: "::"
port: $TALK_PORT
transport: udp
- ip: "::"
port: $TALK_PORT
transport: tcp
log_dir: stdout
log_level: warning
secret: "$TURN_SECRET"
relay_ipv4_addr: "$IPv4_ADDRESS_NC"
relay_ipv6_addr: "$IPv6_ADDRESS_NC"
blacklist:
- recommended
whitelist:
- 127.0.0.1
- ::1
- "$IPv4_ADDRESS_TALK"
- "$IPv6_ADDRESS_TALK"
2021-11-30 18:20:42 +08:00
TURN_CONF
# Remove empty lines so that the config is not invalid
sed -i '/""/d' /conf/eturnal.yml
2021-11-30 18:20:42 +08:00
# Signling
cat << SIGNALING_CONF > "/conf/signaling.conf"
2021-11-30 18:20:42 +08:00
[http]
listen = 0.0.0.0:8081
2021-11-30 18:20:42 +08:00
[app]
debug = false
2021-11-30 18:20:42 +08:00
[sessions]
hashkey = $(openssl rand -hex 16)
blockkey = $(openssl rand -hex 16)
2021-11-30 18:20:42 +08:00
[clients]
internalsecret = ${INTERNAL_SECRET}
2021-11-30 18:20:42 +08:00
[backend]
backends = backend-1
2021-11-30 18:20:42 +08:00
allowall = false
timeout = 10
connectionsperhost = 8
[backend-1]
url = https://${NC_DOMAIN}
secret = ${SIGNALING_SECRET}
2021-11-30 18:20:42 +08:00
[nats]
url = nats://127.0.0.1:4222
2021-11-30 18:20:42 +08:00
[mcu]
type = janus
url = ws://127.0.0.1:8188
SIGNALING_CONF
exec "$@"