diff options
-rw-r--r-- | .SRCINFO | 10 | ||||
-rw-r--r-- | .gitignore | 2 | ||||
-rw-r--r-- | PKGBUILD | 22 | ||||
-rw-r--r-- | jicofo.service | 17 | ||||
-rw-r--r-- | sysusers.conf | 2 | ||||
-rw-r--r-- | tmpfiles.conf | 2 |
6 files changed, 43 insertions, 12 deletions
@@ -1,7 +1,7 @@ pkgbase = jicofo pkgdesc = JItsi meet COnference FOcus pkgver = 1.0_589 - pkgrel = 3 + pkgrel = 4 url = https://github.com/jitsi/jicofo arch = x86_64 license = Apache @@ -12,13 +12,17 @@ pkgbase = jicofo backup = etc/jitsi/jicofo/jicofo.conf backup = etc/jitsi/jicofo/sip-communicator.properties source = jicofo-1.0_589.tar.gz::https://github.com/jitsi/jicofo/archive/stable/jitsi-meet_4627.tar.gz - source = jicofo.service source = jicofo.conf + source = jicofo.service source = sip-communicator.properties + source = sysusers.conf + source = tmpfiles.conf sha256sums = eaf298ee6c7c8e394ff58075e8f5f3d5791952ed2b6a1cac5596dad34113736d - sha256sums = a28d21abcbb58ac50c974aba04360c3307a37074b420e40abd016e9d9adddd85 sha256sums = 3a558324a17011cf48e033ce265d45cc06a0b53e009984e841496f1cd4d7519d + sha256sums = 82937c73200a38326e4362fcf0cbc27ad710a0c0c5708e5f84815d10dfd86a86 sha256sums = ed3a2c91d3f6c92f3aeae4dd852f04196ed57cc0c8a33da3bae6c1fb26b88294 + sha256sums = 0681e97ca1e06d8ea7bdec0a874c6fc7a6ea84628923005130cd444547a1b440 + sha256sums = b4ed1528f804056b43d47a8214f2ed853b31a8cedbafb96c26fae556df554be8 pkgname = jicofo diff --git a/.gitignore b/.gitignore index a3580d3d9583..5aaf857cbe98 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,5 @@ !jicofo.service !jicofo.conf !sip-communicator.properties +!sysusers.conf +!tmpfiles.conf @@ -2,7 +2,7 @@ pkgname=jicofo # https://github.com/jitsi/jicofo/releases/latest pkgver=1.0_589 _tag="jitsi-meet_4627" -pkgrel=3 +pkgrel=4 pkgdesc="JItsi meet COnference FOcus" arch=("x86_64") url="https://github.com/jitsi/jicofo" @@ -12,13 +12,17 @@ makedepends=("git" "unzip" "maven") backup=("etc/jitsi/jicofo/jicofo.conf" "etc/jitsi/jicofo/sip-communicator.properties") source=($pkgname-$pkgver.tar.gz::https://github.com/jitsi/jicofo/archive/stable/${_tag}.tar.gz - jicofo.service jicofo.conf - sip-communicator.properties) + jicofo.service + sip-communicator.properties + sysusers.conf + tmpfiles.conf) sha256sums=('eaf298ee6c7c8e394ff58075e8f5f3d5791952ed2b6a1cac5596dad34113736d' - 'a28d21abcbb58ac50c974aba04360c3307a37074b420e40abd016e9d9adddd85' '3a558324a17011cf48e033ce265d45cc06a0b53e009984e841496f1cd4d7519d' - 'ed3a2c91d3f6c92f3aeae4dd852f04196ed57cc0c8a33da3bae6c1fb26b88294') + '82937c73200a38326e4362fcf0cbc27ad710a0c0c5708e5f84815d10dfd86a86' + 'ed3a2c91d3f6c92f3aeae4dd852f04196ed57cc0c8a33da3bae6c1fb26b88294' + '0681e97ca1e06d8ea7bdec0a874c6fc7a6ea84628923005130cd444547a1b440' + 'b4ed1528f804056b43d47a8214f2ed853b31a8cedbafb96c26fae556df554be8') build() { cd "${srcdir}/${pkgname}-stable-$_tag" @@ -29,7 +33,9 @@ build() { package() { install -d "${pkgdir}/usr/share" cp -R "${srcdir}/${pkgname}-stable-${_tag}/jicofo-1.1-SNAPSHOT/" "${pkgdir}/usr/share/jicofo" - install -Dm644 jicofo.service "$pkgdir"/usr/lib/systemd/system/jicofo.service - install -Dm644 jicofo.conf "$pkgdir"/etc/jitsi/jicofo/jicofo.conf - install -Dm644 sip-communicator.properties "${pkgdir}"/etc/jitsi/jicofo/sip-communicator.properties + install -Dm644 jicofo.conf "$pkgdir/etc/jitsi/jicofo/jicofo.conf" + install -Dm644 jicofo.service "$pkgdir/usr/lib/systemd/system/jicofo.service" + install -Dm644 sip-communicator.properties "${pkgdir}/etc/jitsi/jicofo/sip-communicator.properties" + install -Dm644 sysusers.conf "${pkgdir}/usr/lib/sysusers.d/jicofo.conf" + install -Dm644 tmpfiles.conf "${pkgdir}/usr/lib/tmpfiles.d/jicofo.conf" } diff --git a/jicofo.service b/jicofo.service index 788f19552fc8..d540b2474944 100644 --- a/jicofo.service +++ b/jicofo.service @@ -1,13 +1,28 @@ [Unit] -Description=Jicofo +Description=JItsi COnference FOcus Wants=network-online.target After=network-online.target [Service] Type=simple EnvironmentFile=/etc/jitsi/jicofo/jicofo.conf +User=jicofo ExecStart=/usr/share/jicofo/jicofo.sh --host=${JICOFO_HOST} --domain=${JICOFO_HOSTNAME} --port=${JICOFO_PORT} --secret=${JICOFO_SECRET} --user_name=${JICOFO_AUTH_USER} --user_domain=${JICOFO_AUTH_DOMAIN} --user_password=${JICOFO_AUTH_PASSWORD} ${JICOFO_OPTS} +WorkingDirectory=~ +StateDirectory=jicofo +StateDirectoryMode=0750 +LogsDirectory=jicofo +LogsDirectoryMode=0750 Restart=on-failure +# Hardening +#NoNewPrivileges=yes +#PrivateTmp=yes +#PrivateDevices=yes +#ProtectHome=yes +#ProtectKernelTunables=yes +#ProtectControlGroups=yes +#ProtectSystem=strict + [Install] WantedBy=multi-user.target diff --git a/sysusers.conf b/sysusers.conf new file mode 100644 index 000000000000..9991955c9e48 --- /dev/null +++ b/sysusers.conf @@ -0,0 +1,2 @@ +g jitsi +u jicofo -:jitsi - /var/lib/jicofo diff --git a/tmpfiles.conf b/tmpfiles.conf new file mode 100644 index 000000000000..e06fe710b8da --- /dev/null +++ b/tmpfiles.conf @@ -0,0 +1,2 @@ +Z /etc/jitsi/jicofo 0640 jicofo jitsi +z /etc/jitsi/jicofo 0750 jicofo jitsi |