diff options
| -rw-r--r-- | .SRCINFO | 8 | ||||
| -rw-r--r-- | .gitignore | 3 | ||||
| -rw-r--r-- | PKGBUILD | 21 | ||||
| -rw-r--r-- | jitsi-videobridge.service | 15 | ||||
| -rw-r--r-- | sysusers.conf | 2 | ||||
| -rw-r--r-- | tmpfiles.conf | 2 |
6 files changed, 41 insertions, 10 deletions
@@ -1,7 +1,7 @@ pkgbase = jitsi-videobridge-git pkgdesc = Videobridge for Jitsi Meet pkgver = r3063.a4bfc7f2 - pkgrel = 1 + pkgrel = 2 url = https://github.com/jitsi/jitsi-videobridge arch = x86_64 license = Apache @@ -16,10 +16,14 @@ pkgbase = jitsi-videobridge-git source = jitsi-videobridge.conf source = jitsi-videobridge.service source = sip-communicator.properties + source = sysusers.conf + source = tmpfiles.conf sha256sums = SKIP sha256sums = d2746be91f361557343398b9544233f1482d60c6117db4ecaa7c7851cd347b50 - sha256sums = cad8d0dd61350201627ac209a1bfdec907e5ddc98b171a39c8e454f7fe9290dd + sha256sums = 0b3a992ae295d1c691313a10731330cc38ae9e03989fe2afc1e12fcfc7dc4539 sha256sums = 2b7679218752c0435a1496306b447d72aafaf5b671b6eef63e58c83a67638ced + sha256sums = 998cbc64def56ab98080ff7150dd0913a5e10325cd2b038cf3db14baf8cb19fc + sha256sums = 36548f4980dcdbb27e0738c3fd928005d49a7b5c2c65d7a583ebb445626074dd pkgname = jitsi-videobridge-git diff --git a/.gitignore b/.gitignore index bfb234979660..f02c6d8b3fd9 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,6 @@ !jitsi-videobridge.service !jitsi-videobridge.conf !sip-communicator.properties +!sysusers.conf +!tmpfiles.conf +!sysctl @@ -1,6 +1,6 @@ pkgname=jitsi-videobridge-git pkgver=r3063.a4bfc7f2 -pkgrel=1 +pkgrel=2 pkgdesc="Videobridge for Jitsi Meet" arch=("x86_64") url="https://github.com/jitsi/jitsi-videobridge" @@ -14,12 +14,15 @@ backup=("etc/jitsi/videobridge/jitsi-videobridge.conf" source=("jitsi-videobridge::git+https://github.com/jitsi/jitsi-videobridge.git" jitsi-videobridge.conf jitsi-videobridge.service - sip-communicator.properties) + sip-communicator.properties + sysusers.conf + tmpfiles.conf) sha256sums=('SKIP' 'd2746be91f361557343398b9544233f1482d60c6117db4ecaa7c7851cd347b50' - 'cad8d0dd61350201627ac209a1bfdec907e5ddc98b171a39c8e454f7fe9290dd' - '2b7679218752c0435a1496306b447d72aafaf5b671b6eef63e58c83a67638ced') - + '0b3a992ae295d1c691313a10731330cc38ae9e03989fe2afc1e12fcfc7dc4539' + '2b7679218752c0435a1496306b447d72aafaf5b671b6eef63e58c83a67638ced' + '998cbc64def56ab98080ff7150dd0913a5e10325cd2b038cf3db14baf8cb19fc' + '36548f4980dcdbb27e0738c3fd928005d49a7b5c2c65d7a583ebb445626074dd') pkgver() { cd "jitsi-videobridge" printf "r%s.%s" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)" @@ -34,7 +37,9 @@ build() { package() { install -d "${pkgdir}/usr/share" cp -R "${srcdir}/jitsi-videobridge/jitsi-videobridge-2.1-SNAPSHOT/" "${pkgdir}/usr/share/jitsi-videobridge" - install -Dm644 jitsi-videobridge.service "$pkgdir"/usr/lib/systemd/system/jitsi-videobridge.service - install -Dm644 jitsi-videobridge.conf "$pkgdir"/etc/jitsi/videobridge/jitsi-videobridge.conf - install -Dm644 sip-communicator.properties "${pkgdir}"/etc/jitsi/videobridge/sip-communicator.properties + install -Dm644 jitsi-videobridge.service "$pkgdir/usr/lib/systemd/system/jitsi-videobridge.service" + install -Dm644 jitsi-videobridge.conf "$pkgdir/etc/jitsi/videobridge/jitsi-videobridge.conf" + install -Dm644 sip-communicator.properties "${pkgdir}/etc/jitsi/videobridge/sip-communicator.properties" + install -Dm644 sysusers.conf "${pkgdir}/usr/lib/sysusers.d/jitsi-videobridge.conf" + install -Dm644 tmpfiles.conf "${pkgdir}/usr/lib/tmpfiles.d/jitsi-videobridge.conf" } diff --git a/jitsi-videobridge.service b/jitsi-videobridge.service index 6e97d534a635..ae82918c0322 100644 --- a/jitsi-videobridge.service +++ b/jitsi-videobridge.service @@ -6,8 +6,23 @@ After=network-online.target [Service] Type=simple EnvironmentFile=/etc/jitsi/videobridge/jitsi-videobridge.conf +User=jvb ExecStart=/usr/share/jitsi-videobridge/jvb.sh --host=${JVB_HOST} --domain=${JVB_HOSTNAME} --port=${JVB_PORT} --secret=${JVB_SECRET} ${JVB_OPTS} +WorkingDirectory=~ +StateDirectory=jitsi-videobridge +StateDirectoryMode=0750 +LogsDirectory=jitsi-videobridge +LogsDirectoryMode=0750 Restart=on-failure +# Hardening +#NoNewPrivileges=yes +#PrivateTmp=yes +#PrivateDevices=yes +#ProtectHome=yes +#ProtectKernelTunables=yes +#ProtectControlGroups=yes +#ProtectSystem=strict + [Install] WantedBy=multi-user.target diff --git a/sysusers.conf b/sysusers.conf new file mode 100644 index 000000000000..a9677d4caad5 --- /dev/null +++ b/sysusers.conf @@ -0,0 +1,2 @@ +g jitsi +u jvb -:jitsi - /var/lib/jitsi-videobridge diff --git a/tmpfiles.conf b/tmpfiles.conf new file mode 100644 index 000000000000..c2af73e295bd --- /dev/null +++ b/tmpfiles.conf @@ -0,0 +1,2 @@ +Z /etc/jitsi/videobridge 0640 jvb jitsi +z /etc/jitsi/videobridge 0750 jvb jitsi |