Mise à jour de 'services/viso.libre-service.eu.md'
This commit is contained in:
parent
12bc313164
commit
ff6fd4cd05
1 changed files with 84 additions and 2 deletions
|
@ -68,7 +68,16 @@ PING visio.libre-service.eu (145.239.49.4) 56(84) bytes of data.
|
||||||
64 bytes from visio.libre-service.eu (145.239.49.4): icmp_seq=1 ttl=64 time=0.034 ms
|
64 bytes from visio.libre-service.eu (145.239.49.4): icmp_seq=1 ttl=64 time=0.034 ms
|
||||||
```
|
```
|
||||||
|
|
||||||
## Paquets
|
## Paquets Jitsi
|
||||||
|
Pour que le paquet Jitsi configure Apache, il faut neutraliser certains points :
|
||||||
|
```
|
||||||
|
a2dissite visio.libre-service.eu.conf
|
||||||
|
a2dismod ssl
|
||||||
|
systemctl reload apache2.service
|
||||||
|
cd /etc/apache2/sites-available/
|
||||||
|
mv visio.libre-service.eu.conf visio.libre-service.eu.conf.aco
|
||||||
|
```
|
||||||
|
|
||||||
Déclarer le dépôt Jitsi :
|
Déclarer le dépôt Jitsi :
|
||||||
```
|
```
|
||||||
curl https://download.jitsi.org/jitsi-key.gpg.key | sh -c 'gpg --dearmor > /usr/share/keyrings/jitsi-keyring.gpg'
|
curl https://download.jitsi.org/jitsi-key.gpg.key | sh -c 'gpg --dearmor > /usr/share/keyrings/jitsi-keyring.gpg'
|
||||||
|
@ -99,3 +108,76 @@ Répondre aux questions :
|
||||||
|
|
||||||
Full local server path to the SSL certificate file: /var/lib/dehydrated/certs/visio.libre-service.eu/fullchain.pem
|
Full local server path to the SSL certificate file: /var/lib/dehydrated/certs/visio.libre-service.eu/fullchain.pem
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Compléter le nouveau fichier de conf généré /etc/apache2/site-available/visio.libre-service.eu.conf` :
|
||||||
|
```
|
||||||
|
<VirtualHost *:80>
|
||||||
|
ServerName visio.libre-service.eu
|
||||||
|
ServerAdmin admins@libre-service.eu
|
||||||
|
|
||||||
|
CustomLog ${APACHE_LOG_DIR}/visio.libre-service.eu-nossl-access.log combined
|
||||||
|
ErrorLog ${APACHE_LOG_DIR}/visio.libre-service.eu-nossl-error.log
|
||||||
|
LogLevel warn
|
||||||
|
|
||||||
|
Redirect 302 / https://visio.libre-service.eu/
|
||||||
|
</VirtualHost>
|
||||||
|
|
||||||
|
<VirtualHost *:443>
|
||||||
|
ServerName visio.libre-service.eu
|
||||||
|
ServerAdmin admins@libre-service.eu
|
||||||
|
|
||||||
|
CustomLog ${APACHE_LOG_DIR}/visio.libre-service.eu-access.log combined
|
||||||
|
ErrorLog ${APACHE_LOG_DIR}/visio.libre-service.eu-error.log
|
||||||
|
LogLevel warn
|
||||||
|
|
||||||
|
# enable HTTP/2, if available
|
||||||
|
Protocols h2 http/1.1
|
||||||
|
|
||||||
|
SSLEngine on
|
||||||
|
SSLProxyEngine on
|
||||||
|
SSLCertificateFile /var/lib/dehydrated/certs/visio.libre-service.eu/fullchain.pem
|
||||||
|
SSLCertificateKeyFile /var/lib/dehydrated/certs/visio.libre-service.eu/privkey.pem
|
||||||
|
|
||||||
|
Header always set Strict-Transport-Security "max-age=63072000"
|
||||||
|
|
||||||
|
DocumentRoot "/usr/share/jitsi-meet"
|
||||||
|
<Directory "/usr/share/jitsi-meet">
|
||||||
|
Options Indexes MultiViews Includes FollowSymLinks
|
||||||
|
AddOutputFilter Includes html
|
||||||
|
AllowOverride All
|
||||||
|
Order allow,deny
|
||||||
|
Allow from all
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
ErrorDocument 404 /static/404.html
|
||||||
|
|
||||||
|
Alias "/config.js" "/etc/jitsi/meet/visio.libre-service.eu-config.js"
|
||||||
|
<Location /config.js>
|
||||||
|
Require all granted
|
||||||
|
</Location>
|
||||||
|
|
||||||
|
Alias "/external_api.js" "/usr/share/jitsi-meet/libs/external_api.min.js"
|
||||||
|
<Location /external_api.js>
|
||||||
|
Require all granted
|
||||||
|
</Location>
|
||||||
|
|
||||||
|
ProxyPreserveHost on
|
||||||
|
ProxyPass /http-bind http://localhost:5280/http-bind
|
||||||
|
ProxyPassReverse /http-bind http://localhost:5280/http-bind
|
||||||
|
ProxyPass /xmpp-websocket ws://localhost:5280/xmpp-websocket
|
||||||
|
ProxyPassReverse /xmpp-websocket ws://localhost:5280/xmpp-websocket
|
||||||
|
ProxyPass /colibri-ws/default-id ws://localhost:9090/colibri-ws/default-id
|
||||||
|
ProxyPassReverse /colibri-ws/default-id ws://localhost:9090/colibri-ws/default-id
|
||||||
|
|
||||||
|
RewriteEngine on
|
||||||
|
RewriteRule ^/([a-zA-Z0-9]+)$ /index.html
|
||||||
|
</VirtualHost>
|
||||||
|
|
||||||
|
# Mozilla Guideline v5.4, Apache 2.4.41, OpenSSL 1.1.1d, intermediate configuration, no OCSP
|
||||||
|
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
|
||||||
|
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
|
||||||
|
SSLHonorCipherOrder off
|
||||||
|
SSLSessionTickets off
|
||||||
|
```
|
||||||
|
|
||||||
|
Tester l'installation.
|
Loading…
Reference in a new issue