From 7ae718300f9e57da7857446065418db0db81f535 Mon Sep 17 00:00:00 2001 From: szaimen Date: Tue, 7 Jun 2022 00:43:48 +0200 Subject: [PATCH] allow to adjust the talk port Signed-off-by: szaimen --- Containers/mastercontainer/start.sh | 16 ++++++++++++++++ Containers/nextcloud/entrypoint.sh | 4 ++-- Containers/talk/Dockerfile | 2 -- Containers/talk/start.sh | 8 ++++---- docker-compose.yml | 1 + manual-install/update-yaml.sh | 1 + php/containers.json | 12 +++++++----- php/public/index.php | 1 + php/src/ContainerDefinitionFetcher.php | 6 ++++++ php/src/Data/ConfigurationManager.php | 7 +++++++ php/src/Docker/DockerActionManager.php | 2 ++ php/templates/containers.twig | 4 ++-- tests/QA/060-environmental-variables.md | 1 + 13 files changed, 50 insertions(+), 15 deletions(-) diff --git a/Containers/mastercontainer/start.sh b/Containers/mastercontainer/start.sh index 5f052ee5..ba725e55 100755 --- a/Containers/mastercontainer/start.sh +++ b/Containers/mastercontainer/start.sh @@ -114,6 +114,22 @@ It is set to '$APACHE_PORT'." exit 1 fi fi +if [ -n "$TALK_PORT" ]; then + if ! check_if_number "$TALK_PORT"; then + echo "You provided an Talk port but did not only use numbers. +It is set to '$TALK_PORT'." + exit 1 + elif ! [ "$TALK_PORT" -le 65535 ] || ! [ "$TALK_PORT" -ge 1 ]; then + echo "The provided Talk port is invalid. It must be between 1 and 65535" + exit 1 + fi +fi +if [ -n "$APACHE_PORT" ] && [ -n "$TALK_PORT" ]; then + if [ "$APACHE_PORT" = "$TALK_PORT" ]; then + echo "APACHE_PORT and TALK_PORT are not allowed to be equal." + exit 1 + fi +fi if [ -n "$DOCKER_SOCKET_PATH" ]; then if ! echo "$DOCKER_SOCKET_PATH" | grep -q "^/" || echo "$DOCKER_SOCKET_PATH" | grep -q "/$"; then echo "You've set DOCKER_SOCKET_PATH but not to an allowed value. diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh index 972b949f..7abf439a 100644 --- a/Containers/nextcloud/entrypoint.sh +++ b/Containers/nextcloud/entrypoint.sh @@ -360,8 +360,8 @@ if [ "$TALK_ENABLED" = 'yes' ]; then else php /var/www/html/occ app:update spreed fi - STUN_SERVERS="[\"$NC_DOMAIN:3478\"]" - TURN_SERVERS="[{\"server\":\"$NC_DOMAIN:3478\",\"secret\":\"$TURN_SECRET\",\"protocols\":\"udp,tcp\"}]" + STUN_SERVERS="[\"$NC_DOMAIN:$TALK_PORT\"]" + TURN_SERVERS="[{\"server\":\"$NC_DOMAIN:$TALK_PORT\",\"secret\":\"$TURN_SECRET\",\"protocols\":\"udp,tcp\"}]" SIGNALING_SERVERS="{\"servers\":[{\"server\":\"https://$NC_DOMAIN/standalone-signaling/\",\"verify\":true}],\"secret\":\"$SIGNALING_SECRET\"}" php /var/www/html/occ config:app:set spreed stun_servers --value="$STUN_SERVERS" --output json php /var/www/html/occ config:app:set spreed turn_servers --value="$TURN_SERVERS" --output json diff --git a/Containers/talk/Dockerfile b/Containers/talk/Dockerfile index 9ce9ab4d..212e3c54 100644 --- a/Containers/talk/Dockerfile +++ b/Containers/talk/Dockerfile @@ -1,7 +1,5 @@ FROM ubuntu:focal-20220531 -EXPOSE 3478 - RUN set -ex; \ \ apt-get update; \ diff --git a/Containers/talk/start.sh b/Containers/talk/start.sh index c1a363e8..8385c4fc 100644 --- a/Containers/talk/start.sh +++ b/Containers/talk/start.sh @@ -17,7 +17,7 @@ fi # Turn cat << TURN_CONF > "/etc/turnserver.conf" -listening-port=3478 +listening-port=$TALK_PORT fingerprint lt-cred-mech use-auth-secret @@ -36,8 +36,8 @@ set -x sed -i "s|#turn_rest_api_key.*|turn_rest_api_key = \"$JANUS_API_KEY\"|" /etc/janus/janus.jcfg sed -i "s|#full_trickle.*|full_trickle = true|g" /etc/janus/janus.jcfg sed -i 's|#stun_server.*|stun_server = "127.0.0.1"|g' /etc/janus/janus.jcfg -sed -i "s|#stun_port.*|stun_port = 3478|g" /etc/janus/janus.jcfg -sed -i "s|#turn_port.*|turn_port = 3478|g" /etc/janus/janus.jcfg +sed -i "s|#stun_port.*|stun_port = $TALK_PORT|g" /etc/janus/janus.jcfg +sed -i "s|#turn_port.*|turn_port = $TALK_PORT|g" /etc/janus/janus.jcfg sed -i 's|#turn_server.*|turn_server = "127.0.0.1"|g'/etc/janus/janus.jcfg sed -i 's|#turn_type .*|turn_type = "udp"|g' /etc/janus/janus.jcfg sed -i 's|#ice_ignore_list .*|ice_ignore_list = "udp"|g' /etc/janus/janus.jcfg @@ -80,7 +80,7 @@ url = ws://127.0.0.1:8188 [turn] apikey = ${JANUS_API_KEY} secret = ${TURN_SECRET} -servers = turn:$NC_DOMAIN:3478?transport=tcp,turn:$NC_DOMAIN:3478?transport=udp +servers = turn:$NC_DOMAIN:$TALK_PORT?transport=tcp,turn:$NC_DOMAIN:$TALK_PORT?transport=udp SIGNALING_CONF exec "$@" diff --git a/docker-compose.yml b/docker-compose.yml index b14ecabd..e2d82ef5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -18,6 +18,7 @@ services: - 8443:8443 # Can be removed when running behind a reverse proxy. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md # environment: # Is needed when using any of the options below # - APACHE_PORT=11000 # Is needed when running behind a reverse proxy. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md + # - TALK_PORT=3478 # This allows to adjust the port that the talk container is using. # - NEXTCLOUD_DATADIR=/mnt/ncdata # Allows to set the host directory for Nextcloud's datadir. See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir # - NEXTCLOUD_MOUNT=/mnt/ # Allows the Nextcloud container to access the chosen directory on the host. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host # - DOCKER_SOCKET_PATH=/var/run/docker.sock # Needs to be specified if the docker socket on the host is not located in the default '/var/run/docker.sock'. Otherwise mastercontainer updates will fail. diff --git a/manual-install/update-yaml.sh b/manual-install/update-yaml.sh index cfa82761..1de5f038 100644 --- a/manual-install/update-yaml.sh +++ b/manual-install/update-yaml.sh @@ -63,6 +63,7 @@ sed -i 's|NEXTCLOUD_DATADIR=|NEXTCLOUD_DATADIR=nextcloud_aio_nextcloud_data sed -i 's|NEXTCLOUD_MOUNT=|NEXTCLOUD_MOUNT=/mnt/ # This allows the Nextcloud container to access directories on the host. It must never be equal to the value of NEXTCLOUD_DATADIR!|' sample.conf sed -i 's|DAILY_BACKUP_RUNNING=|DAILY_BACKUP_RUNNING=no # When setting to yes, it will automatically update all installed Nextcloud apps upon container startup.|' sample.conf sed -i 's|APACHE_PORT=|APACHE_PORT=443 # Changing this to a different value than 443 will allow you to run it behind a reverse proxy.|' sample.conf +sed -i 's|TALK_PORT=|TALK_PORT=3478 # This allows to adjust the port that the talk container is using.|' sample.conf sed -i 's|AIO_TOKEN=|AIO_TOKEN=123456 # Has no function but needs to be set!|' sample.conf sed -i 's|AIO_URL=|AIO_URL=localhost # Has no function but needs to be set!|' sample.conf sed -i 's|NC_DOMAIN=|NC_DOMAIN=yourdomain.com # TODO! Needs to be changed to the domain that you want to use for Nextcloud.|' sample.conf diff --git a/php/containers.json b/php/containers.json index 0b8387e4..4b842bc4 100644 --- a/php/containers.json +++ b/php/containers.json @@ -139,7 +139,8 @@ "TALK_ENABLED=%TALK_ENABLED%", "ONLYOFFICE_HOST=nextcloud-aio-onlyoffice", "DAILY_BACKUP_RUNNING=%DAILY_BACKUP_RUNNING%", - "TZ=%TIMEZONE%" + "TZ=%TIMEZONE%", + "TALK_PORT=%TALK_PORT%" ], "maxShutdownTime": 10, "restartPolicy": "unless-stopped" @@ -190,18 +191,19 @@ "displayName": "Talk", "containerName": "nextcloud/aio-talk", "ports": [ - "3478/tcp", - "3478/udp" + "%TALK_PORT%/tcp", + "%TALK_PORT%/udp" ], "internalPorts": [ - "3478" + "%TALK_PORT%" ], "environmentVariables": [ "NC_DOMAIN=%NC_DOMAIN%", "TURN_SECRET=%TURN_SECRET%", "SIGNALING_SECRET=%SIGNALING_SECRET%", "JANUS_API_KEY=%JANUS_API_KEY%", - "TZ=%TIMEZONE%" + "TZ=%TIMEZONE%", + "TALK_PORT=%TALK_PORT%" ], "volumes": [], "secrets": [ diff --git a/php/public/index.php b/php/public/index.php index f975263b..e553e256 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -98,6 +98,7 @@ $app->get('/containers', function ($request, $response, $args) use ($container) 'is_daily_backup_running' => $configurationManager->isDailyBackupRunning(), 'timezone' => $configurationManager->GetTimezone(), 'skip_domain_validation' => $configurationManager->shouldDomainValidationBeSkipped(), + 'talk_port' => $configurationManager->GetTalkPort(), ]); })->setName('profile'); $app->get('/login', function ($request, $response, $args) use ($container) { diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index 37d20e81..db6dae22 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -71,6 +71,10 @@ class ContainerDefinitionFetcher foreach ($entry['ports'] as $port) { if($port === '%APACHE_PORT%/tcp') { $port = $this->configurationManager->GetApachePort() . '/tcp'; + } elseif($port === '%TALK_PORT%/tcp') { + $port = $this->configurationManager->GetTalkPort() . '/tcp'; + } elseif($port === '%TALK_PORT%/udp') { + $port = $this->configurationManager->GetTalkPort() . '/udp'; } $ports->AddPort($port); } @@ -79,6 +83,8 @@ class ContainerDefinitionFetcher foreach ($entry['internalPorts'] as $internalPort) { if($internalPort === '%APACHE_PORT%') { $internalPort = $this->configurationManager->GetApachePort(); + } elseif($internalPort === '%TALK_PORT%') { + $internalPort = $this->configurationManager->GetTalkPort(); } $internalPorts->AddInternalPort($internalPort); } diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 584f9e46..ad4e4060 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -395,6 +395,13 @@ class ConfigurationManager return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); } + public function GetTalkPort() : string { + $envVariableName = 'TALK_PORT'; + $configName = 'talk_port'; + $defaultValue = '3478'; + return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); + } + /** * @throws InvalidSettingConfigurationException */ diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 6df3e635..ac4231ea 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -250,6 +250,8 @@ class DockerActionManager $replacements[1] = $this->configurationManager->GetSelectedRestoreTime(); } elseif ($out[1] === 'APACHE_PORT') { $replacements[1] = $this->configurationManager->GetApachePort(); + } elseif ($out[1] === 'TALK_PORT') { + $replacements[1] = $this->configurationManager->GetTalkPort(); } elseif ($out[1] === 'NEXTCLOUD_MOUNT') { $replacements[1] = $this->configurationManager->GetNextcloudMount(); } elseif ($out[1] === 'BACKUP_RESTORE_PASSWORD') { diff --git a/php/templates/containers.twig b/php/templates/containers.twig index 30700de3..02cc854c 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -438,9 +438,9 @@
{% endif %} {% if is_talk_enabled == true %} -

+

{% else %} -

+

{% endif %} {% if is_onlyoffice_enabled == true %}
diff --git a/tests/QA/060-environmental-variables.md b/tests/QA/060-environmental-variables.md index 08ddd6cd..550e7f24 100644 --- a/tests/QA/060-environmental-variables.md +++ b/tests/QA/060-environmental-variables.md @@ -1,6 +1,7 @@ # Environmental variables - [ ] When starting the mastercontainer with `-e APACHE_PORT=11000` on a clean instance, the domaincheck container should be started with that same port published. That makes sure that also the Apache container will use that port later on. Using a value here that is not a port will not allow the mastercontainer to start correctly. +- [ ] When starting the mastercontainer with `-e TALK_PORT=3479` on a clean instance, the talk container should use this port later on. Using a value here that is not a port will not allow the mastercontainer to start correctly. Also it should stop if apache_port and talk_port are set to the same value. - [ ] Make also sure that reverse proxies work by following https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md#reverse-proxy-documentation and following [001-initial-setup.md](./001-initial-setup.md) and [002-new-instance.md](./002-new-instance.md) - [ ] When starting the mastercontainer with `-e SKIP_DOMAIN_VALIDATION=true` on a clean instance, it should skip the domain verification. So it should accept any domain that you type in then. - [ ] When starting the mastercontainer with `-e NEXTCLOUD_DATADIR="/mnt/testdata"` it should map that location from `/mnt/testdata` to `/mnt/ncdata` inside the Nextcloud container. Not having adjusted the permissions correctly before starting the Nextcloud container the first time will not allow the Nextcloud container to start correctly. See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir for allowed values.