diff --git a/openvidu-deployment/pro/elastic/aws/cf-openvidu-elastic.yaml b/openvidu-deployment/pro/elastic/aws/cf-openvidu-elastic.yaml index f5fe51ec..50794d2e 100644 --- a/openvidu-deployment/pro/elastic/aws/cf-openvidu-elastic.yaml +++ b/openvidu-deployment/pro/elastic/aws/cf-openvidu-elastic.yaml @@ -35,6 +35,22 @@ Parameters: Description: "If certificate type is 'owncert', this parameter will be used to specify the private certificate" Type: String + InitialMeetAdminPassword: + Description: 'Initial password for the "admin" user in OpenVidu Meet. If not provided, a random password will be generated.' + Type: String + Default: '' + # Only allow alphanumeric characters + AllowedPattern: '^[A-Za-z0-9]*$' + ConstraintDescription: 'Must contain only alphanumeric characters (A-Z, a-z, 0-9). Leave empty to generate a random password.' + + InitialMeetApiKey: + Description: 'Initial API key for OpenVidu Meet. If not provided, no API key will be set and the user can set it later from Meet Console.' + Type: String + Default: '' + # Only allow alphanumeric characters + AllowedPattern: '^[A-Za-z0-9]*$' + ConstraintDescription: 'Must contain only alphanumeric characters (A-Z, a-z, 0-9). Leave empty to not set an initial API key.' + AdditionalInstallFlags: Description: Additional optional flags to pass to the OpenVidu installer (comma-separated, e.g., "--flag1=value, --flag2"). Type: String @@ -393,6 +409,11 @@ Metadata: Parameters: - OpenViduLicense - RTCEngine + - Label: + default: OpenVidu Meet configuration + Parameters: + - InitialMeetAdminPassword + - InitialMeetApiKey - Label: default: EC2 Instance configuration Parameters: @@ -722,6 +743,19 @@ Resources: sleep 6 done + # Meet initial admin user and password + MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/store_secret.sh save MEET_INITIAL_ADMIN_USER "admin")" + if [[ "${InitialMeetAdminPassword}" != '' ]]; then + MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh save MEET_INITIAL_ADMIN_PASSWORD "${InitialMeetAdminPassword}")" + else + MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate MEET_INITIAL_ADMIN_PASSWORD)" + fi + if [[ "${InitialMeetApiKey}" != '' ]]; then + MEET_INITIAL_API_KEY="$(/usr/local/bin/store_secret.sh save MEET_INITIAL_API_KEY "${InitialMeetApiKey}")" + else + MEET_INITIAL_API_KEY="$(/usr/local/bin/store_secret.sh save MEET_INITIAL_API_KEY "")" + fi + # Store usernames and generate random passwords OPENVIDU_PRO_LICENSE="$(/usr/local/bin/store_secret.sh save OPENVIDU_PRO_LICENSE "${OpenViduLicense}")" OPENVIDU_RTC_ENGINE="$(/usr/local/bin/store_secret.sh save OPENVIDU_RTC_ENGINE "${RTCEngine}")" @@ -735,9 +769,6 @@ Resources: DASHBOARD_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate DASHBOARD_ADMIN_PASSWORD)" GRAFANA_ADMIN_USERNAME="$(/usr/local/bin/store_secret.sh save GRAFANA_ADMIN_USERNAME "grafanaadmin")" GRAFANA_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate GRAFANA_ADMIN_PASSWORD)" - MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/store_secret.sh save MEET_INITIAL_ADMIN_USER "admin")" - MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate MEET_INITIAL_ADMIN_PASSWORD)" - MEET_INITIAL_API_KEY="$(/usr/local/bin/store_secret.sh generate MEET_INITIAL_API_KEY)" LIVEKIT_API_KEY="$(/usr/local/bin/store_secret.sh generate LIVEKIT_API_KEY "API" 12)" LIVEKIT_API_SECRET="$(/usr/local/bin/store_secret.sh generate LIVEKIT_API_SECRET)" ENABLED_MODULES="$(/usr/local/bin/store_secret.sh save ENABLED_MODULES "observability,v2compatibility,openviduMeet")" @@ -768,7 +799,6 @@ Resources: "--dashboard-admin-password=$DASHBOARD_ADMIN_PASSWORD" "--grafana-admin-user=$GRAFANA_ADMIN_USERNAME" "--grafana-admin-password=$GRAFANA_ADMIN_PASSWORD" - "--meet-initial-admin-user=$MEET_INITIAL_ADMIN_USER" "--meet-initial-admin-password=$MEET_INITIAL_ADMIN_PASSWORD" "--meet-initial-api-key=$MEET_INITIAL_API_KEY" "--livekit-api-key=$LIVEKIT_API_KEY" diff --git a/openvidu-deployment/pro/ha/aws/cf-openvidu-ha.yaml b/openvidu-deployment/pro/ha/aws/cf-openvidu-ha.yaml index 5f2a6a88..9c49708f 100644 --- a/openvidu-deployment/pro/ha/aws/cf-openvidu-ha.yaml +++ b/openvidu-deployment/pro/ha/aws/cf-openvidu-ha.yaml @@ -291,6 +291,22 @@ Parameters: - r5n.24xlarge ConstraintDescription: "Must be a valid EC2 instance type" + InitialMeetAdminPassword: + Description: 'Initial password for the "admin" user in OpenVidu Meet. If not provided, a random password will be generated.' + Type: String + Default: '' + # Only allow alphanumeric characters + AllowedPattern: '^[A-Za-z0-9]*$' + ConstraintDescription: 'Must contain only alphanumeric characters (A-Z, a-z, 0-9). Leave empty to generate a random password.' + + InitialMeetApiKey: + Description: 'Initial API key for OpenVidu Meet. If not provided, no API key will be set and the user can set it later from Meet Console.' + Type: String + Default: '' + # Only allow alphanumeric characters + AllowedPattern: '^[A-Za-z0-9]*$' + ConstraintDescription: 'Must contain only alphanumeric characters (A-Z, a-z, 0-9). Leave empty to not set an initial API key.' + KeyName: Type: AWS::EC2::KeyPair::KeyName Description: Name of an existing EC2 KeyPair to enable SSH access to the instances @@ -375,6 +391,11 @@ Metadata: Parameters: - OpenViduLicense - RTCEngine + - Label: + default: OpenVidu Meet configuration + Parameters: + - InitialMeetAdminPassword + - InitialMeetApiKey - Label: default: EC2 Instance configuration Parameters: @@ -855,6 +876,19 @@ Resources: # Store version so media nodes can use it to install the same version /usr/local/bin/store_secret.sh save OPENVIDU_VERSION "${!OPENVIDU_VERSION}" + # Meet initial admin user and password + MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/store_secret.sh save MEET_INITIAL_ADMIN_USER "admin")" + if [[ "${InitialMeetAdminPassword}" != '' ]]; then + MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh save MEET_INITIAL_ADMIN_PASSWORD "${InitialMeetAdminPassword}")" + else + MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate MEET_INITIAL_ADMIN_PASSWORD)" + fi + if [[ "${InitialMeetApiKey}" != '' ]]; then + MEET_INITIAL_API_KEY="$(/usr/local/bin/store_secret.sh save MEET_INITIAL_API_KEY "${InitialMeetApiKey}")" + else + MEET_INITIAL_API_KEY="$(/usr/local/bin/store_secret.sh save MEET_INITIAL_API_KEY "")" + fi + # Store usernames and generate random passwords REDIS_PASSWORD="$(/usr/local/bin/store_secret.sh generate REDIS_PASSWORD)" MONGO_ADMIN_USERNAME="$(/usr/local/bin/store_secret.sh save MONGO_ADMIN_USERNAME "mongoadmin")" @@ -866,9 +900,6 @@ Resources: DASHBOARD_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate DASHBOARD_ADMIN_PASSWORD)" GRAFANA_ADMIN_USERNAME="$(/usr/local/bin/store_secret.sh save GRAFANA_ADMIN_USERNAME "grafanaadmin")" GRAFANA_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate GRAFANA_ADMIN_PASSWORD)" - MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/store_secret.sh save MEET_INITIAL_ADMIN_USER "admin")" - MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate MEET_INITIAL_ADMIN_PASSWORD)" - MEET_INITIAL_API_KEY="$(/usr/local/bin/store_secret.sh generate MEET_INITIAL_API_KEY)" LIVEKIT_API_KEY="$(/usr/local/bin/store_secret.sh generate LIVEKIT_API_KEY "API" 12)" LIVEKIT_API_SECRET="$(/usr/local/bin/store_secret.sh generate LIVEKIT_API_SECRET)" ENABLED_MODULES="$(/usr/local/bin/store_secret.sh save ENABLED_MODULES "observability,v2compatibility,openviduMeet")" @@ -970,7 +1001,6 @@ Resources: "--dashboard-admin-password=$DASHBOARD_ADMIN_PASSWORD" "--grafana-admin-user=$GRAFANA_ADMIN_USERNAME" "--grafana-admin-password=$GRAFANA_ADMIN_PASSWORD" - "--meet-initial-admin-user=$MEET_INITIAL_ADMIN_USER" "--meet-initial-admin-password=$MEET_INITIAL_ADMIN_PASSWORD" "--meet-initial-api-key=$MEET_INITIAL_API_KEY" "--livekit-api-key=$LIVEKIT_API_KEY" diff --git a/openvidu-deployment/pro/singlenode/aws/cf-openvidu-singlenode.yaml b/openvidu-deployment/pro/singlenode/aws/cf-openvidu-singlenode.yaml index c90487a3..6335cd66 100644 --- a/openvidu-deployment/pro/singlenode/aws/cf-openvidu-singlenode.yaml +++ b/openvidu-deployment/pro/singlenode/aws/cf-openvidu-singlenode.yaml @@ -35,6 +35,22 @@ Parameters: Description: "If certificate type is 'owncert', this parameter will be used to specify the private certificate" Type: String + InitialMeetAdminPassword: + Description: 'Initial password for the "admin" user in OpenVidu Meet. If not provided, a random password will be generated.' + Type: String + Default: '' + # Only allow alphanumeric characters + AllowedPattern: '^[A-Za-z0-9]*$' + ConstraintDescription: 'Must contain only alphanumeric characters (A-Z, a-z, 0-9). Leave empty to generate a random password.' + + InitialMeetApiKey: + Description: 'Initial API key for OpenVidu Meet. If not provided, no API key will be set and the user can set it later from Meet Console.' + Type: String + Default: '' + # Only allow alphanumeric characters + AllowedPattern: '^[A-Za-z0-9]*$' + ConstraintDescription: 'Must contain only alphanumeric characters (A-Z, a-z, 0-9). Leave empty to not set an initial API key.' + AdditionalInstallFlags: Description: Additional optional flags to pass to the OpenVidu installer (comma-separated, e.g., "--flag1=value, --flag2"). Type: String @@ -230,6 +246,11 @@ Metadata: Parameters: - OpenViduLicense - RTCEngine + - Label: + default: OpenVidu Meet configuration + Parameters: + - InitialMeetAdminPassword + - InitialMeetApiKey - Label: default: EC2 Instance configuration Parameters: @@ -414,6 +435,20 @@ Resources: DOMAIN=${DomainName} fi DOMAIN="$(/usr/local/bin/store_secret.sh save DOMAIN_NAME "$DOMAIN")" + + # Meet initial admin user and password + MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/store_secret.sh save MEET_INITIAL_ADMIN_USER "admin")" + if [[ "${InitialMeetAdminPassword}" != '' ]]; then + MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh save MEET_INITIAL_ADMIN_PASSWORD "${InitialMeetAdminPassword}")" + else + MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate MEET_INITIAL_ADMIN_PASSWORD)" + fi + if [[ "${InitialMeetApiKey}" != '' ]]; then + MEET_INITIAL_API_KEY="$(/usr/local/bin/store_secret.sh save MEET_INITIAL_API_KEY "${InitialMeetApiKey}")" + else + MEET_INITIAL_API_KEY="$(/usr/local/bin/store_secret.sh save MEET_INITIAL_API_KEY "")" + fi + OPENVIDU_PRO_LICENSE="$(/usr/local/bin/store_secret.sh save OPENVIDU_PRO_LICENSE "${OpenViduLicense}")" OPENVIDU_RTC_ENGINE="$(/usr/local/bin/store_secret.sh save OPENVIDU_RTC_ENGINE "${RTCEngine}")" @@ -428,9 +463,6 @@ Resources: DASHBOARD_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate DASHBOARD_ADMIN_PASSWORD)" GRAFANA_ADMIN_USERNAME="$(/usr/local/bin/store_secret.sh save GRAFANA_ADMIN_USERNAME "grafanaadmin")" GRAFANA_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate GRAFANA_ADMIN_PASSWORD)" - MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/store_secret.sh save MEET_INITIAL_ADMIN_USER "admin")" - MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate MEET_INITIAL_ADMIN_PASSWORD)" - MEET_INITIAL_API_KEY="$(/usr/local/bin/store_secret.sh generate MEET_INITIAL_API_KEY)" ENABLED_MODULES="$(/usr/local/bin/store_secret.sh save ENABLED_MODULES "observability,openviduMeet,v2compatibility")" LIVEKIT_API_KEY="$(/usr/local/bin/store_secret.sh generate LIVEKIT_API_KEY "API" 12)" LIVEKIT_API_SECRET="$(/usr/local/bin/store_secret.sh generate LIVEKIT_API_SECRET)" @@ -458,7 +490,6 @@ Resources: "--dashboard-admin-password=$DASHBOARD_ADMIN_PASSWORD" "--grafana-admin-user=$GRAFANA_ADMIN_USERNAME" "--grafana-admin-password=$GRAFANA_ADMIN_PASSWORD" - "--meet-initial-admin-user=$MEET_INITIAL_ADMIN_USER" "--meet-initial-admin-password=$MEET_INITIAL_ADMIN_PASSWORD" "--meet-initial-api-key=$MEET_INITIAL_API_KEY" "--livekit-api-key=$LIVEKIT_API_KEY"