mirror of https://github.com/OpenVidu/openvidu.git
openvidu-deployment: azure - single node pro & elastic & ha - add parameters for initial Meet admin user and API key with validation
cruizba
parent
f0a788e44f
commit
522e0338da
|
|
@ -45,6 +45,14 @@ param openviduLicense string
|
||||||
])
|
])
|
||||||
param rtcEngine string = 'pion'
|
param rtcEngine string = 'pion'
|
||||||
|
|
||||||
|
@description('Initial password for the \'admin\' user in OpenVidu Meet. If not provided, a random password will be generated.')
|
||||||
|
@secure()
|
||||||
|
param initialMeetAdminPassword string = ''
|
||||||
|
|
||||||
|
@description('Initial API key for OpenVidu Meet. If not provided, no API key will be set and the user can set it later from Meet Console.')
|
||||||
|
@secure()
|
||||||
|
param initialMeetApiKey string = ''
|
||||||
|
|
||||||
@description('Specifies the EC2 instance type for your OpenVidu Master Node')
|
@description('Specifies the EC2 instance type for your OpenVidu Master Node')
|
||||||
@allowed([
|
@allowed([
|
||||||
'Standard_B1s'
|
'Standard_B1s'
|
||||||
|
|
@ -413,6 +421,8 @@ var stringInterpolationParamsMaster = {
|
||||||
turnOwnPrivateCertificate: turnOwnPrivateCertificate
|
turnOwnPrivateCertificate: turnOwnPrivateCertificate
|
||||||
openviduLicense: openviduLicense
|
openviduLicense: openviduLicense
|
||||||
rtcEngine: rtcEngine
|
rtcEngine: rtcEngine
|
||||||
|
initialMeetAdminPassword: initialMeetAdminPassword
|
||||||
|
initialMeetApiKey: initialMeetApiKey
|
||||||
keyVaultName: keyVaultName
|
keyVaultName: keyVaultName
|
||||||
additionalInstallFlags: additionalInstallFlags
|
additionalInstallFlags: additionalInstallFlags
|
||||||
}
|
}
|
||||||
|
|
@ -479,6 +489,20 @@ PRIVATE_IP=$(curl -H Metadata:true --noproxy "*" "http://169.254.169.254/metadat
|
||||||
|
|
||||||
# Store usernames and generate random passwords
|
# Store usernames and generate random passwords
|
||||||
DOMAIN="$(/usr/local/bin/store_secret.sh save DOMAIN-NAME "$DOMAIN")"
|
DOMAIN="$(/usr/local/bin/store_secret.sh save DOMAIN-NAME "$DOMAIN")"
|
||||||
|
|
||||||
|
# Meet initial admin user and password
|
||||||
|
MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/store_secret.sh save MEET-INITIAL-ADMIN-USER "admin")"
|
||||||
|
if [[ "${initialMeetAdminPassword}" != '' ]]; then
|
||||||
|
MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh save MEET-INITIAL-ADMIN-PASSWORD "${initialMeetAdminPassword}")"
|
||||||
|
else
|
||||||
|
MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate MEET-INITIAL-ADMIN-PASSWORD)"
|
||||||
|
fi
|
||||||
|
if [[ "${initialMeetApiKey}" != '' ]]; then
|
||||||
|
MEET_INITIAL_API_KEY="$(/usr/local/bin/store_secret.sh save MEET-INITIAL-API-KEY "${initialMeetApiKey}")"
|
||||||
|
else
|
||||||
|
MEET_INITIAL_API_KEY="$(/usr/local/bin/store_secret.sh save MEET-INITIAL-API-KEY "")"
|
||||||
|
fi
|
||||||
|
|
||||||
OPENVIDU_PRO_LICENSE="$(/usr/local/bin/store_secret.sh save OPENVIDU-PRO-LICENSE "${openviduLicense}")"
|
OPENVIDU_PRO_LICENSE="$(/usr/local/bin/store_secret.sh save OPENVIDU-PRO-LICENSE "${openviduLicense}")"
|
||||||
OPENVIDU_RTC_ENGINE="$(/usr/local/bin/store_secret.sh save OPENVIDU-RTC-ENGINE "${rtcEngine}")"
|
OPENVIDU_RTC_ENGINE="$(/usr/local/bin/store_secret.sh save OPENVIDU-RTC-ENGINE "${rtcEngine}")"
|
||||||
REDIS_PASSWORD="$(/usr/local/bin/store_secret.sh generate REDIS-PASSWORD)"
|
REDIS_PASSWORD="$(/usr/local/bin/store_secret.sh generate REDIS-PASSWORD)"
|
||||||
|
|
@ -492,8 +516,6 @@ DASHBOARD_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate DASHBOARD-AD
|
||||||
GRAFANA_ADMIN_USERNAME="$(/usr/local/bin/store_secret.sh save GRAFANA-ADMIN-USERNAME "grafanaadmin")"
|
GRAFANA_ADMIN_USERNAME="$(/usr/local/bin/store_secret.sh save GRAFANA-ADMIN-USERNAME "grafanaadmin")"
|
||||||
GRAFANA_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate GRAFANA-ADMIN-PASSWORD)"
|
GRAFANA_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate GRAFANA-ADMIN-PASSWORD)"
|
||||||
MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/store_secret.sh save MEET-INITIAL-ADMIN-USER "admin")"
|
MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/store_secret.sh save MEET-INITIAL-ADMIN-USER "admin")"
|
||||||
MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate MEET-INITIAL-ADMIN-PASSWORD)"
|
|
||||||
MEET_INITIAL_API_KEY="$(/usr/local/bin/store_secret.sh generate MEET-INITIAL-API-KEY)"
|
|
||||||
LIVEKIT_API_KEY="$(/usr/local/bin/store_secret.sh generate LIVEKIT-API-KEY "API" 12)"
|
LIVEKIT_API_KEY="$(/usr/local/bin/store_secret.sh generate LIVEKIT-API-KEY "API" 12)"
|
||||||
LIVEKIT_API_SECRET="$(/usr/local/bin/store_secret.sh generate LIVEKIT-API-SECRET)"
|
LIVEKIT_API_SECRET="$(/usr/local/bin/store_secret.sh generate LIVEKIT-API-SECRET)"
|
||||||
OPENVIDU_VERSION="$(/usr/local/bin/store_secret.sh save OPENVIDU-VERSION "${OPENVIDU_VERSION}")"
|
OPENVIDU_VERSION="$(/usr/local/bin/store_secret.sh save OPENVIDU-VERSION "${OPENVIDU_VERSION}")"
|
||||||
|
|
@ -525,7 +547,6 @@ COMMON_ARGS=(
|
||||||
"--dashboard-admin-password=$DASHBOARD_ADMIN_PASSWORD"
|
"--dashboard-admin-password=$DASHBOARD_ADMIN_PASSWORD"
|
||||||
"--grafana-admin-user=$GRAFANA_ADMIN_USERNAME"
|
"--grafana-admin-user=$GRAFANA_ADMIN_USERNAME"
|
||||||
"--grafana-admin-password=$GRAFANA_ADMIN_PASSWORD"
|
"--grafana-admin-password=$GRAFANA_ADMIN_PASSWORD"
|
||||||
"--meet-initial-admin-user=$MEET_INITIAL_ADMIN_USER"
|
|
||||||
"--meet-initial-admin-password=$MEET_INITIAL_ADMIN_PASSWORD"
|
"--meet-initial-admin-password=$MEET_INITIAL_ADMIN_PASSWORD"
|
||||||
"--meet-initial-api-key=$MEET_INITIAL_API_KEY"
|
"--meet-initial-api-key=$MEET_INITIAL_API_KEY"
|
||||||
"--livekit-api-key=$LIVEKIT_API_KEY"
|
"--livekit-api-key=$LIVEKIT_API_KEY"
|
||||||
|
|
@ -678,7 +699,9 @@ export LIVEKIT_API_KEY=$(az keyvault secret show --vault-name ${keyVaultName} --
|
||||||
export LIVEKIT_API_SECRET=$(az keyvault secret show --vault-name ${keyVaultName} --name LIVEKIT-API-SECRET --query value -o tsv)
|
export LIVEKIT_API_SECRET=$(az keyvault secret show --vault-name ${keyVaultName} --name LIVEKIT-API-SECRET --query value -o tsv)
|
||||||
export MEET_INITIAL_ADMIN_USER=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-USER --query value -o tsv)
|
export MEET_INITIAL_ADMIN_USER=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-USER --query value -o tsv)
|
||||||
export MEET_INITIAL_ADMIN_PASSWORD=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-PASSWORD --query value -o tsv)
|
export MEET_INITIAL_ADMIN_PASSWORD=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-PASSWORD --query value -o tsv)
|
||||||
export MEET_INITIAL_API_KEY=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-API-KEY --query value -o tsv)
|
if [[ "${initialMeetApiKey}" != '' ]]; then
|
||||||
|
export MEET_INITIAL_API_KEY=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-API-KEY --query value -o tsv)
|
||||||
|
fi
|
||||||
export ENABLED_MODULES=$(az keyvault secret show --vault-name ${keyVaultName} --name ENABLED-MODULES --query value -o tsv)
|
export ENABLED_MODULES=$(az keyvault secret show --vault-name ${keyVaultName} --name ENABLED-MODULES --query value -o tsv)
|
||||||
|
|
||||||
# Replace rest of the values
|
# Replace rest of the values
|
||||||
|
|
@ -698,7 +721,9 @@ sed -i "s/LIVEKIT_API_KEY=.*/LIVEKIT_API_KEY=$LIVEKIT_API_KEY/" "${CLUSTER_CONFI
|
||||||
sed -i "s/LIVEKIT_API_SECRET=.*/LIVEKIT_API_SECRET=$LIVEKIT_API_SECRET/" "${CLUSTER_CONFIG_DIR}/openvidu.env"
|
sed -i "s/LIVEKIT_API_SECRET=.*/LIVEKIT_API_SECRET=$LIVEKIT_API_SECRET/" "${CLUSTER_CONFIG_DIR}/openvidu.env"
|
||||||
sed -i "s/MEET_INITIAL_ADMIN_USER=.*/MEET_INITIAL_ADMIN_USER=$MEET_INITIAL_ADMIN_USER/" "${CLUSTER_CONFIG_DIR}/master_node/meet.env"
|
sed -i "s/MEET_INITIAL_ADMIN_USER=.*/MEET_INITIAL_ADMIN_USER=$MEET_INITIAL_ADMIN_USER/" "${CLUSTER_CONFIG_DIR}/master_node/meet.env"
|
||||||
sed -i "s/MEET_INITIAL_ADMIN_PASSWORD=.*/MEET_INITIAL_ADMIN_PASSWORD=$MEET_INITIAL_ADMIN_PASSWORD/" "${CLUSTER_CONFIG_DIR}/master_node/meet.env"
|
sed -i "s/MEET_INITIAL_ADMIN_PASSWORD=.*/MEET_INITIAL_ADMIN_PASSWORD=$MEET_INITIAL_ADMIN_PASSWORD/" "${CLUSTER_CONFIG_DIR}/master_node/meet.env"
|
||||||
sed -i "s/MEET_INITIAL_API_KEY=.*/MEET_INITIAL_API_KEY=$MEET_INITIAL_API_KEY/" "${CLUSTER_CONFIG_DIR}/master_node/meet.env"
|
if [[ "${initialMeetApiKey}" != '' ]]; then
|
||||||
|
sed -i "s/MEET_INITIAL_API_KEY=.*/MEET_INITIAL_API_KEY=$MEET_INITIAL_API_KEY/" "${CLUSTER_CONFIG_DIR}/master_node/meet.env"
|
||||||
|
fi
|
||||||
sed -i "s/ENABLED_MODULES=.*/ENABLED_MODULES=$ENABLED_MODULES/" "${CLUSTER_CONFIG_DIR}/openvidu.env"
|
sed -i "s/ENABLED_MODULES=.*/ENABLED_MODULES=$ENABLED_MODULES/" "${CLUSTER_CONFIG_DIR}/openvidu.env"
|
||||||
|
|
||||||
# Update URLs in secret
|
# Update URLs in secret
|
||||||
|
|
@ -747,7 +772,9 @@ LIVEKIT_API_KEY="$(/usr/local/bin/get_value_from_config.sh LIVEKIT_API_KEY "${CL
|
||||||
LIVEKIT_API_SECRET="$(/usr/local/bin/get_value_from_config.sh LIVEKIT_API_SECRET "${CLUSTER_CONFIG_DIR}/openvidu.env")"
|
LIVEKIT_API_SECRET="$(/usr/local/bin/get_value_from_config.sh LIVEKIT_API_SECRET "${CLUSTER_CONFIG_DIR}/openvidu.env")"
|
||||||
MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/get_value_from_config.sh MEET_INITIAL_ADMIN_USER "${CLUSTER_CONFIG_DIR}/master_node/meet.env")"
|
MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/get_value_from_config.sh MEET_INITIAL_ADMIN_USER "${CLUSTER_CONFIG_DIR}/master_node/meet.env")"
|
||||||
MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/get_value_from_config.sh MEET_INITIAL_ADMIN_PASSWORD "${CLUSTER_CONFIG_DIR}/master_node/meet.env")"
|
MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/get_value_from_config.sh MEET_INITIAL_ADMIN_PASSWORD "${CLUSTER_CONFIG_DIR}/master_node/meet.env")"
|
||||||
MEET_INITIAL_API_KEY="$(/usr/local/bin/get_value_from_config.sh MEET_INITIAL_API_KEY "${CLUSTER_CONFIG_DIR}/master_node/meet.env")"
|
if [[ "${initialMeetApiKey}" != '' ]]; then
|
||||||
|
MEET_INITIAL_API_KEY="$(/usr/local/bin/get_value_from_config.sh MEET_INITIAL_API_KEY "${CLUSTER_CONFIG_DIR}/master_node/meet.env")"
|
||||||
|
fi
|
||||||
ENABLED_MODULES="$(/usr/local/bin/get_value_from_config.sh ENABLED_MODULES "${CLUSTER_CONFIG_DIR}/openvidu.env")"
|
ENABLED_MODULES="$(/usr/local/bin/get_value_from_config.sh ENABLED_MODULES "${CLUSTER_CONFIG_DIR}/openvidu.env")"
|
||||||
|
|
||||||
# Update shared secret
|
# Update shared secret
|
||||||
|
|
@ -769,7 +796,9 @@ az keyvault secret set --vault-name ${keyVaultName} --name LIVEKIT-API-KEY --val
|
||||||
az keyvault secret set --vault-name ${keyVaultName} --name LIVEKIT-API-SECRET --value $LIVEKIT_API_SECRET
|
az keyvault secret set --vault-name ${keyVaultName} --name LIVEKIT-API-SECRET --value $LIVEKIT_API_SECRET
|
||||||
az keyvault secret set --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-USER --value $MEET_INITIAL_ADMIN_USER
|
az keyvault secret set --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-USER --value $MEET_INITIAL_ADMIN_USER
|
||||||
az keyvault secret set --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-PASSWORD --value $MEET_INITIAL_ADMIN_PASSWORD
|
az keyvault secret set --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-PASSWORD --value $MEET_INITIAL_ADMIN_PASSWORD
|
||||||
az keyvault secret set --vault-name ${keyVaultName} --name MEET-INITIAL-API-KEY --value $MEET_INITIAL_API_KEY
|
if [[ "${initialMeetApiKey}" != '' ]]; then
|
||||||
|
az keyvault secret set --vault-name ${keyVaultName} --name MEET-INITIAL-API-KEY --value $MEET_INITIAL_API_KEY
|
||||||
|
fi
|
||||||
az keyvault secret set --vault-name ${keyVaultName} --name ENABLED-MODULES --value $ENABLED_MODULES
|
az keyvault secret set --vault-name ${keyVaultName} --name ENABLED-MODULES --value $ENABLED_MODULES
|
||||||
'''
|
'''
|
||||||
|
|
||||||
|
|
|
||||||
File diff suppressed because one or more lines are too long
|
|
@ -204,6 +204,52 @@
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"name": "parameters MEET",
|
||||||
|
"label": "OpenVidu Meet configuration",
|
||||||
|
"elements": [
|
||||||
|
{
|
||||||
|
"name": "initialMeetAdminPassword",
|
||||||
|
"type": "Microsoft.Common.PasswordBox",
|
||||||
|
"label": {
|
||||||
|
"password": "Initial Meet Admin Password (Generated if empty, can be changed later from the Meet Console)",
|
||||||
|
"confirmPassword": "Confirm Password"
|
||||||
|
},
|
||||||
|
"toolTip": "Initial password for the 'admin' user in OpenVidu Meet. If not provided, a random password will be generated.",
|
||||||
|
"constraints": {
|
||||||
|
"required": false,
|
||||||
|
"regex": "^[A-Za-z0-9_-]*$",
|
||||||
|
"validationMessage": "Password can only contain letters, numbers, underscores and hyphens.",
|
||||||
|
"validations": []
|
||||||
|
},
|
||||||
|
"options": {
|
||||||
|
"hideConfirmation": true
|
||||||
|
},
|
||||||
|
"infoMessages": [],
|
||||||
|
"visible": true
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "initialMeetApiKey",
|
||||||
|
"type": "Microsoft.Common.PasswordBox",
|
||||||
|
"label": {
|
||||||
|
"password": "Initial API Key for OpenVidu Meet (optional, can be set later from the Meet Console)",
|
||||||
|
"confirmPassword": "Confirm API Key"
|
||||||
|
},
|
||||||
|
"toolTip": "Initial API key for OpenVidu Meet. If not provided, no API key will be set and the user can set it later from Meet Console.",
|
||||||
|
"constraints": {
|
||||||
|
"required": false,
|
||||||
|
"regex": "^[A-Za-z0-9_-]*$",
|
||||||
|
"validationMessage": "API key can only contain letters, numbers, underscores and hyphens.",
|
||||||
|
"validations": []
|
||||||
|
},
|
||||||
|
"options": {
|
||||||
|
"hideConfirmation": true
|
||||||
|
},
|
||||||
|
"infoMessages": [],
|
||||||
|
"visible": true
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"name": "parameters INSTANCE",
|
"name": "parameters INSTANCE",
|
||||||
"label": "Master and Media node configuration",
|
"label": "Master and Media node configuration",
|
||||||
|
|
@ -541,6 +587,8 @@
|
||||||
"turnOwnPrivateCertificate": "[steps('parameters TURN').turnOwnPrivateCertificate]",
|
"turnOwnPrivateCertificate": "[steps('parameters TURN').turnOwnPrivateCertificate]",
|
||||||
"openviduLicense": "[steps('parameters OPENVIDU').openviduLicense]",
|
"openviduLicense": "[steps('parameters OPENVIDU').openviduLicense]",
|
||||||
"rtcEngine": "[steps('parameters OPENVIDU').rtcEngine]",
|
"rtcEngine": "[steps('parameters OPENVIDU').rtcEngine]",
|
||||||
|
"initialMeetAdminPassword": "[steps('parameters MEET').initialMeetAdminPassword]",
|
||||||
|
"initialMeetApiKey": "[steps('parameters MEET').initialMeetApiKey]",
|
||||||
"masterNodeInstanceType": "[steps('parameters INSTANCE').masterNodeInstanceType]",
|
"masterNodeInstanceType": "[steps('parameters INSTANCE').masterNodeInstanceType]",
|
||||||
"mediaNodeInstanceType": "[steps('parameters INSTANCE').mediaNodeInstanceType]",
|
"mediaNodeInstanceType": "[steps('parameters INSTANCE').mediaNodeInstanceType]",
|
||||||
"adminUsername": "[steps('parameters INSTANCE').adminUsername]",
|
"adminUsername": "[steps('parameters INSTANCE').adminUsername]",
|
||||||
|
|
|
||||||
|
|
@ -47,6 +47,14 @@ param openviduLicense string
|
||||||
])
|
])
|
||||||
param rtcEngine string = 'pion'
|
param rtcEngine string = 'pion'
|
||||||
|
|
||||||
|
@description('Initial password for the \'admin\' user in OpenVidu Meet. If not provided, a random password will be generated.')
|
||||||
|
@secure()
|
||||||
|
param initialMeetAdminPassword string = ''
|
||||||
|
|
||||||
|
@description('Initial API key for OpenVidu Meet. If not provided, no API key will be set and the user can set it later from Meet Console.')
|
||||||
|
@secure()
|
||||||
|
param initialMeetApiKey string = ''
|
||||||
|
|
||||||
@description('Specifies the EC2 instance type for your OpenVidu Master Node')
|
@description('Specifies the EC2 instance type for your OpenVidu Master Node')
|
||||||
@allowed([
|
@allowed([
|
||||||
'Standard_B1s'
|
'Standard_B1s'
|
||||||
|
|
@ -434,6 +442,8 @@ var stringInterpolationParamsMaster1 = {
|
||||||
turnOwnPrivateCertificate: turnOwnPrivateCertificate
|
turnOwnPrivateCertificate: turnOwnPrivateCertificate
|
||||||
openviduLicense: openviduLicense
|
openviduLicense: openviduLicense
|
||||||
rtcEngine: rtcEngine
|
rtcEngine: rtcEngine
|
||||||
|
initialMeetAdminPassword: initialMeetAdminPassword
|
||||||
|
initialMeetApiKey: initialMeetApiKey
|
||||||
keyVaultName: keyVaultName
|
keyVaultName: keyVaultName
|
||||||
masterNodeNum: '1'
|
masterNodeNum: '1'
|
||||||
additionalInstallFlags: additionalInstallFlags
|
additionalInstallFlags: additionalInstallFlags
|
||||||
|
|
@ -450,6 +460,8 @@ var stringInterpolationParamsMaster2 = {
|
||||||
turnOwnPrivateCertificate: turnOwnPrivateCertificate
|
turnOwnPrivateCertificate: turnOwnPrivateCertificate
|
||||||
openviduLicense: openviduLicense
|
openviduLicense: openviduLicense
|
||||||
rtcEngine: rtcEngine
|
rtcEngine: rtcEngine
|
||||||
|
initialMeetAdminPassword: initialMeetAdminPassword
|
||||||
|
initialMeetApiKey: initialMeetApiKey
|
||||||
keyVaultName: keyVaultName
|
keyVaultName: keyVaultName
|
||||||
masterNodeNum: '2'
|
masterNodeNum: '2'
|
||||||
additionalInstallFlags: additionalInstallFlags
|
additionalInstallFlags: additionalInstallFlags
|
||||||
|
|
@ -466,6 +478,8 @@ var stringInterpolationParamsMaster3 = {
|
||||||
turnOwnPrivateCertificate: turnOwnPrivateCertificate
|
turnOwnPrivateCertificate: turnOwnPrivateCertificate
|
||||||
openviduLicense: openviduLicense
|
openviduLicense: openviduLicense
|
||||||
rtcEngine: rtcEngine
|
rtcEngine: rtcEngine
|
||||||
|
initialMeetAdminPassword: initialMeetAdminPassword
|
||||||
|
initialMeetApiKey: initialMeetApiKey
|
||||||
keyVaultName: keyVaultName
|
keyVaultName: keyVaultName
|
||||||
masterNodeNum: '3'
|
masterNodeNum: '3'
|
||||||
additionalInstallFlags: additionalInstallFlags
|
additionalInstallFlags: additionalInstallFlags
|
||||||
|
|
@ -482,6 +496,8 @@ var stringInterpolationParamsMaster4 = {
|
||||||
turnOwnPrivateCertificate: turnOwnPrivateCertificate
|
turnOwnPrivateCertificate: turnOwnPrivateCertificate
|
||||||
openviduLicense: openviduLicense
|
openviduLicense: openviduLicense
|
||||||
rtcEngine: rtcEngine
|
rtcEngine: rtcEngine
|
||||||
|
initialMeetAdminPassword: initialMeetAdminPassword
|
||||||
|
initialMeetApiKey: initialMeetApiKey
|
||||||
keyVaultName: keyVaultName
|
keyVaultName: keyVaultName
|
||||||
masterNodeNum: '4'
|
masterNodeNum: '4'
|
||||||
additionalInstallFlags: additionalInstallFlags
|
additionalInstallFlags: additionalInstallFlags
|
||||||
|
|
@ -557,6 +573,19 @@ if [[ $MASTER_NODE_NUM -eq 1 ]] && [[ "$ALL_SECRETS_GENERATED" == "" || "$ALL_SE
|
||||||
fi
|
fi
|
||||||
DOMAIN="$(/usr/local/bin/store_secret.sh save DOMAIN-NAME "${DOMAIN}")"
|
DOMAIN="$(/usr/local/bin/store_secret.sh save DOMAIN-NAME "${DOMAIN}")"
|
||||||
|
|
||||||
|
# Meet initial admin user and password
|
||||||
|
MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/store_secret.sh save MEET-INITIAL-ADMIN-USER "admin")"
|
||||||
|
if [[ "${initialMeetAdminPassword}" != '' ]]; then
|
||||||
|
MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh save MEET-INITIAL-ADMIN-PASSWORD "${initialMeetAdminPassword}")"
|
||||||
|
else
|
||||||
|
MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate MEET-INITIAL-ADMIN-PASSWORD)"
|
||||||
|
fi
|
||||||
|
if [[ "${initialMeetApiKey}" != '' ]]; then
|
||||||
|
MEET_INITIAL_API_KEY="$(/usr/local/bin/store_secret.sh save MEET-INITIAL-API-KEY "${initialMeetApiKey}")"
|
||||||
|
else
|
||||||
|
MEET_INITIAL_API_KEY="$(/usr/local/bin/store_secret.sh save MEET-INITIAL-API-KEY "")"
|
||||||
|
fi
|
||||||
|
|
||||||
# Configure TURN server domain name
|
# Configure TURN server domain name
|
||||||
if [[ -n "${turnDomainName}" ]]; then
|
if [[ -n "${turnDomainName}" ]]; then
|
||||||
LIVEKIT_TURN_DOMAIN_NAME="$(/usr/local/bin/store_secret.sh save LIVEKIT-TURN-DOMAIN-NAME "${turnDomainName}")"
|
LIVEKIT_TURN_DOMAIN_NAME="$(/usr/local/bin/store_secret.sh save LIVEKIT-TURN-DOMAIN-NAME "${turnDomainName}")"
|
||||||
|
|
@ -581,8 +610,6 @@ if [[ $MASTER_NODE_NUM -eq 1 ]] && [[ "$ALL_SECRETS_GENERATED" == "" || "$ALL_SE
|
||||||
GRAFANA_ADMIN_USERNAME="$(/usr/local/bin/store_secret.sh save GRAFANA-ADMIN-USERNAME "grafanaadmin")"
|
GRAFANA_ADMIN_USERNAME="$(/usr/local/bin/store_secret.sh save GRAFANA-ADMIN-USERNAME "grafanaadmin")"
|
||||||
GRAFANA_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate GRAFANA-ADMIN-PASSWORD)"
|
GRAFANA_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate GRAFANA-ADMIN-PASSWORD)"
|
||||||
MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/store_secret.sh save MEET-INITIAL-ADMIN-USER "admin")"
|
MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/store_secret.sh save MEET-INITIAL-ADMIN-USER "admin")"
|
||||||
MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate MEET-INITIAL-ADMIN-PASSWORD)"
|
|
||||||
MEET_INITIAL_API_KEY="$(/usr/local/bin/store_secret.sh generate MEET-INITIAL-API-KEY)"
|
|
||||||
LIVEKIT_API_KEY="$(/usr/local/bin/store_secret.sh generate LIVEKIT-API-KEY "API" 12)"
|
LIVEKIT_API_KEY="$(/usr/local/bin/store_secret.sh generate LIVEKIT-API-KEY "API" 12)"
|
||||||
LIVEKIT_API_SECRET="$(/usr/local/bin/store_secret.sh generate LIVEKIT-API-SECRET)"
|
LIVEKIT_API_SECRET="$(/usr/local/bin/store_secret.sh generate LIVEKIT-API-SECRET)"
|
||||||
OPENVIDU_VERSION="$(/usr/local/bin/store_secret.sh save OPENVIDU-VERSION "${OPENVIDU_VERSION}")"
|
OPENVIDU_VERSION="$(/usr/local/bin/store_secret.sh save OPENVIDU-VERSION "${OPENVIDU_VERSION}")"
|
||||||
|
|
@ -633,7 +660,11 @@ LIVEKIT_API_KEY=$(az keyvault secret show --vault-name ${keyVaultName} --name LI
|
||||||
LIVEKIT_API_SECRET=$(az keyvault secret show --vault-name ${keyVaultName} --name LIVEKIT-API-SECRET --query value -o tsv)
|
LIVEKIT_API_SECRET=$(az keyvault secret show --vault-name ${keyVaultName} --name LIVEKIT-API-SECRET --query value -o tsv)
|
||||||
MEET_INITIAL_ADMIN_USER=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-USER --query value -o tsv)
|
MEET_INITIAL_ADMIN_USER=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-USER --query value -o tsv)
|
||||||
MEET_INITIAL_ADMIN_PASSWORD=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-PASSWORD --query value -o tsv)
|
MEET_INITIAL_ADMIN_PASSWORD=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-PASSWORD --query value -o tsv)
|
||||||
MEET_INITIAL_API_KEY=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-API-KEY --query value -o tsv)
|
if [[ "${initialMeetApiKey}" != '' ]]; then
|
||||||
|
MEET_INITIAL_API_KEY=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-API-KEY --query value -o tsv)
|
||||||
|
else
|
||||||
|
MEET_INITIAL_API_KEY=""
|
||||||
|
fi
|
||||||
ENABLED_MODULES=$(az keyvault secret show --vault-name ${keyVaultName} --name ENABLED-MODULES --query value -o tsv)
|
ENABLED_MODULES=$(az keyvault secret show --vault-name ${keyVaultName} --name ENABLED-MODULES --query value -o tsv)
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -664,7 +695,6 @@ COMMON_ARGS=(
|
||||||
"--dashboard-admin-password=$DASHBOARD_ADMIN_PASSWORD"
|
"--dashboard-admin-password=$DASHBOARD_ADMIN_PASSWORD"
|
||||||
"--grafana-admin-user=$GRAFANA_ADMIN_USERNAME"
|
"--grafana-admin-user=$GRAFANA_ADMIN_USERNAME"
|
||||||
"--grafana-admin-password=$GRAFANA_ADMIN_PASSWORD"
|
"--grafana-admin-password=$GRAFANA_ADMIN_PASSWORD"
|
||||||
"--meet-initial-admin-user=$MEET_INITIAL_ADMIN_USER"
|
|
||||||
"--meet-initial-admin-password=$MEET_INITIAL_ADMIN_PASSWORD"
|
"--meet-initial-admin-password=$MEET_INITIAL_ADMIN_PASSWORD"
|
||||||
"--meet-initial-api-key=$MEET_INITIAL_API_KEY"
|
"--meet-initial-api-key=$MEET_INITIAL_API_KEY"
|
||||||
"--livekit-api-key=$LIVEKIT_API_KEY"
|
"--livekit-api-key=$LIVEKIT_API_KEY"
|
||||||
|
|
@ -734,7 +764,7 @@ fi
|
||||||
FINAL_COMMAND="$INSTALL_COMMAND $(printf "%s " "${COMMON_ARGS[@]}") $(printf "%s " "${CERT_ARGS[@]}")"
|
FINAL_COMMAND="$INSTALL_COMMAND $(printf "%s " "${COMMON_ARGS[@]}") $(printf "%s " "${CERT_ARGS[@]}")"
|
||||||
|
|
||||||
# Install OpenVidu
|
# Install OpenVidu
|
||||||
exec bash -c "$FINAL_COMMAND"
|
exec bash -c "$FINAL_COMMAND"
|
||||||
'''
|
'''
|
||||||
|
|
||||||
var after_installScriptTemplateMaster = '''
|
var after_installScriptTemplateMaster = '''
|
||||||
|
|
@ -803,7 +833,9 @@ export LIVEKIT_API_KEY=$(az keyvault secret show --vault-name ${keyVaultName} --
|
||||||
export LIVEKIT_API_SECRET=$(az keyvault secret show --vault-name ${keyVaultName} --name LIVEKIT-API-SECRET --query value -o tsv)
|
export LIVEKIT_API_SECRET=$(az keyvault secret show --vault-name ${keyVaultName} --name LIVEKIT-API-SECRET --query value -o tsv)
|
||||||
export MEET_INITIAL_ADMIN_USER=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-USER --query value -o tsv)
|
export MEET_INITIAL_ADMIN_USER=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-USER --query value -o tsv)
|
||||||
export MEET_INITIAL_ADMIN_PASSWORD=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-PASSWORD --query value -o tsv)
|
export MEET_INITIAL_ADMIN_PASSWORD=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-PASSWORD --query value -o tsv)
|
||||||
export MEET_INITIAL_API_KEY=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-API-KEY --query value -o tsv)
|
if [[ "${initialMeetApiKey}" != '' ]]; then
|
||||||
|
export MEET_INITIAL_API_KEY=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-API-KEY --query value -o tsv)
|
||||||
|
fi
|
||||||
export ENABLED_MODULES=$(az keyvault secret show --vault-name ${keyVaultName} --name ENABLED-MODULES --query value -o tsv)
|
export ENABLED_MODULES=$(az keyvault secret show --vault-name ${keyVaultName} --name ENABLED-MODULES --query value -o tsv)
|
||||||
|
|
||||||
# Replace rest of the values
|
# Replace rest of the values
|
||||||
|
|
@ -823,7 +855,9 @@ sed -i "s/LIVEKIT_API_KEY=.*/LIVEKIT_API_KEY=$LIVEKIT_API_KEY/" "${CLUSTER_CONFI
|
||||||
sed -i "s/LIVEKIT_API_SECRET=.*/LIVEKIT_API_SECRET=$LIVEKIT_API_SECRET/" "${CLUSTER_CONFIG_DIR}/openvidu.env"
|
sed -i "s/LIVEKIT_API_SECRET=.*/LIVEKIT_API_SECRET=$LIVEKIT_API_SECRET/" "${CLUSTER_CONFIG_DIR}/openvidu.env"
|
||||||
sed -i "s/MEET_INITIAL_ADMIN_USER=.*/MEET_INITIAL_ADMIN_USER=$MEET_INITIAL_ADMIN_USER/" "${CLUSTER_CONFIG_DIR}/master_node/meet.env"
|
sed -i "s/MEET_INITIAL_ADMIN_USER=.*/MEET_INITIAL_ADMIN_USER=$MEET_INITIAL_ADMIN_USER/" "${CLUSTER_CONFIG_DIR}/master_node/meet.env"
|
||||||
sed -i "s/MEET_INITIAL_ADMIN_PASSWORD=.*/MEET_INITIAL_ADMIN_PASSWORD=$MEET_INITIAL_ADMIN_PASSWORD/" "${CLUSTER_CONFIG_DIR}/master_node/meet.env"
|
sed -i "s/MEET_INITIAL_ADMIN_PASSWORD=.*/MEET_INITIAL_ADMIN_PASSWORD=$MEET_INITIAL_ADMIN_PASSWORD/" "${CLUSTER_CONFIG_DIR}/master_node/meet.env"
|
||||||
sed -i "s/MEET_INITIAL_API_KEY=.*/MEET_INITIAL_API_KEY=$MEET_INITIAL_API_KEY/" "${CLUSTER_CONFIG_DIR}/master_node/meet.env"
|
if [[ "${initialMeetApiKey}" != '' ]]; then
|
||||||
|
sed -i "s/MEET_INITIAL_API_KEY=.*/MEET_INITIAL_API_KEY=$MEET_INITIAL_API_KEY/" "${CLUSTER_CONFIG_DIR}/master_node/meet.env"
|
||||||
|
fi
|
||||||
sed -i "s/ENABLED_MODULES=.*/ENABLED_MODULES=$ENABLED_MODULES/" "${CLUSTER_CONFIG_DIR}/openvidu.env"
|
sed -i "s/ENABLED_MODULES=.*/ENABLED_MODULES=$ENABLED_MODULES/" "${CLUSTER_CONFIG_DIR}/openvidu.env"
|
||||||
|
|
||||||
# Update URLs in secret
|
# Update URLs in secret
|
||||||
|
|
@ -868,7 +902,9 @@ LIVEKIT_API_KEY="$(/usr/local/bin/get_value_from_config.sh LIVEKIT_API_KEY "${CL
|
||||||
LIVEKIT_API_SECRET="$(/usr/local/bin/get_value_from_config.sh LIVEKIT_API_SECRET "${CLUSTER_CONFIG_DIR}/openvidu.env")"
|
LIVEKIT_API_SECRET="$(/usr/local/bin/get_value_from_config.sh LIVEKIT_API_SECRET "${CLUSTER_CONFIG_DIR}/openvidu.env")"
|
||||||
MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/get_value_from_config.sh MEET_INITIAL_ADMIN_USER "${CLUSTER_CONFIG_DIR}/master_node/meet.env")"
|
MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/get_value_from_config.sh MEET_INITIAL_ADMIN_USER "${CLUSTER_CONFIG_DIR}/master_node/meet.env")"
|
||||||
MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/get_value_from_config.sh MEET_INITIAL_ADMIN_PASSWORD "${CLUSTER_CONFIG_DIR}/master_node/meet.env")"
|
MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/get_value_from_config.sh MEET_INITIAL_ADMIN_PASSWORD "${CLUSTER_CONFIG_DIR}/master_node/meet.env")"
|
||||||
MEET_INITIAL_API_KEY="$(/usr/local/bin/get_value_from_config.sh MEET_INITIAL_API_KEY "${CLUSTER_CONFIG_DIR}/master_node/meet.env")"
|
if [[ "${initialMeetApiKey}" != '' ]]; then
|
||||||
|
MEET_INITIAL_API_KEY="$(/usr/local/bin/get_value_from_config.sh MEET_INITIAL_API_KEY "${CLUSTER_CONFIG_DIR}/master_node/meet.env")"
|
||||||
|
fi
|
||||||
ENABLED_MODULES="$(/usr/local/bin/get_value_from_config.sh ENABLED_MODULES "${CLUSTER_CONFIG_DIR}/openvidu.env")"
|
ENABLED_MODULES="$(/usr/local/bin/get_value_from_config.sh ENABLED_MODULES "${CLUSTER_CONFIG_DIR}/openvidu.env")"
|
||||||
|
|
||||||
# Update shared secret
|
# Update shared secret
|
||||||
|
|
@ -890,7 +926,9 @@ az keyvault secret set --vault-name ${keyVaultName} --name LIVEKIT-API-KEY --val
|
||||||
az keyvault secret set --vault-name ${keyVaultName} --name LIVEKIT-API-SECRET --value $LIVEKIT_API_SECRET
|
az keyvault secret set --vault-name ${keyVaultName} --name LIVEKIT-API-SECRET --value $LIVEKIT_API_SECRET
|
||||||
az keyvault secret set --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-USER --value $MEET_INITIAL_ADMIN_USER
|
az keyvault secret set --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-USER --value $MEET_INITIAL_ADMIN_USER
|
||||||
az keyvault secret set --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-PASSWORD --value $MEET_INITIAL_ADMIN_PASSWORD
|
az keyvault secret set --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-PASSWORD --value $MEET_INITIAL_ADMIN_PASSWORD
|
||||||
az keyvault secret set --vault-name ${keyVaultName} --name MEET-INITIAL-API-KEY --value $MEET_INITIAL_API_KEY
|
if [[ "${initialMeetApiKey}" != '' ]]; then
|
||||||
|
az keyvault secret set --vault-name ${keyVaultName} --name MEET-INITIAL-API-KEY --value $MEET_INITIAL_API_KEY
|
||||||
|
fi
|
||||||
az keyvault secret set --vault-name ${keyVaultName} --name ENABLED-MODULES --value $ENABLED_MODULES
|
az keyvault secret set --vault-name ${keyVaultName} --name ENABLED-MODULES --value $ENABLED_MODULES
|
||||||
'''
|
'''
|
||||||
|
|
||||||
|
|
|
||||||
File diff suppressed because one or more lines are too long
|
|
@ -204,6 +204,52 @@
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"name": "parameters MEET",
|
||||||
|
"label": "OpenVidu Meet configuration",
|
||||||
|
"elements": [
|
||||||
|
{
|
||||||
|
"name": "initialMeetAdminPassword",
|
||||||
|
"type": "Microsoft.Common.PasswordBox",
|
||||||
|
"label": {
|
||||||
|
"password": "Initial Meet Admin Password (Generated if empty, can be changed later from the Meet Console)",
|
||||||
|
"confirmPassword": "Confirm Password"
|
||||||
|
},
|
||||||
|
"toolTip": "Initial password for the 'admin' user in OpenVidu Meet. If not provided, a random password will be generated.",
|
||||||
|
"constraints": {
|
||||||
|
"required": false,
|
||||||
|
"regex": "^[A-Za-z0-9_-]*$",
|
||||||
|
"validationMessage": "Password can only contain letters, numbers, underscores and hyphens.",
|
||||||
|
"validations": []
|
||||||
|
},
|
||||||
|
"options": {
|
||||||
|
"hideConfirmation": true
|
||||||
|
},
|
||||||
|
"infoMessages": [],
|
||||||
|
"visible": true
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "initialMeetApiKey",
|
||||||
|
"type": "Microsoft.Common.PasswordBox",
|
||||||
|
"label": {
|
||||||
|
"password": "Initial API Key for OpenVidu Meet (optional, can be set later from the Meet Console)",
|
||||||
|
"confirmPassword": "Confirm API Key"
|
||||||
|
},
|
||||||
|
"toolTip": "Initial API key for OpenVidu Meet. If not provided, no API key will be set and the user can set it later from Meet Console.",
|
||||||
|
"constraints": {
|
||||||
|
"required": false,
|
||||||
|
"regex": "^[A-Za-z0-9_-]*$",
|
||||||
|
"validationMessage": "API key can only contain letters, numbers, underscores and hyphens.",
|
||||||
|
"validations": []
|
||||||
|
},
|
||||||
|
"options": {
|
||||||
|
"hideConfirmation": true
|
||||||
|
},
|
||||||
|
"infoMessages": [],
|
||||||
|
"visible": true
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"name": "parameters INSTANCE",
|
"name": "parameters INSTANCE",
|
||||||
"label": "Master and Media node configuration",
|
"label": "Master and Media node configuration",
|
||||||
|
|
@ -556,6 +602,8 @@
|
||||||
"turnOwnPrivateCertificate": "[steps('parameters TURN').turnOwnPrivateCertificate]",
|
"turnOwnPrivateCertificate": "[steps('parameters TURN').turnOwnPrivateCertificate]",
|
||||||
"openviduLicense": "[steps('parameters OPENVIDU').openviduLicense]",
|
"openviduLicense": "[steps('parameters OPENVIDU').openviduLicense]",
|
||||||
"rtcEngine": "[steps('parameters OPENVIDU').rtcEngine]",
|
"rtcEngine": "[steps('parameters OPENVIDU').rtcEngine]",
|
||||||
|
"initialMeetAdminPassword": "[steps('parameters MEET').initialMeetAdminPassword]",
|
||||||
|
"initialMeetApiKey": "[steps('parameters MEET').initialMeetApiKey]",
|
||||||
"masterNodeInstanceType": "[steps('parameters INSTANCE').masterNodeInstanceType]",
|
"masterNodeInstanceType": "[steps('parameters INSTANCE').masterNodeInstanceType]",
|
||||||
"masterNodesDiskSize": "[steps('parameters INSTANCE').masterNodesDiskSize]",
|
"masterNodesDiskSize": "[steps('parameters INSTANCE').masterNodesDiskSize]",
|
||||||
"mediaNodeInstanceType": "[steps('parameters INSTANCE').mediaNodeInstanceType]",
|
"mediaNodeInstanceType": "[steps('parameters INSTANCE').mediaNodeInstanceType]",
|
||||||
|
|
|
||||||
|
|
@ -25,6 +25,14 @@ param ownPublicCertificate string = ''
|
||||||
@description('If certificate type is \'owncert\', this parameter will be used to specify the private certificate')
|
@description('If certificate type is \'owncert\', this parameter will be used to specify the private certificate')
|
||||||
param ownPrivateCertificate string = ''
|
param ownPrivateCertificate string = ''
|
||||||
|
|
||||||
|
@description('Initial password for the \'admin\' user in OpenVidu Meet. If not provided, a random password will be generated.')
|
||||||
|
@secure()
|
||||||
|
param initialMeetAdminPassword string = ''
|
||||||
|
|
||||||
|
@description('Initial API key for OpenVidu Meet. If not provided, no API key will be set and the user can set it later from Meet Console.')
|
||||||
|
@secure()
|
||||||
|
param initialMeetApiKey string = ''
|
||||||
|
|
||||||
@description('(Optional) Domain name for the TURN server with TLS. Only needed if your users are behind restrictive firewalls')
|
@description('(Optional) Domain name for the TURN server with TLS. Only needed if your users are behind restrictive firewalls')
|
||||||
param turnDomainName string = ''
|
param turnDomainName string = ''
|
||||||
|
|
||||||
|
|
@ -268,6 +276,8 @@ var stringInterpolationParams = {
|
||||||
ownPrivateCertificate: ownPrivateCertificate
|
ownPrivateCertificate: ownPrivateCertificate
|
||||||
turnOwnPublicCertificate: turnOwnPublicCertificate
|
turnOwnPublicCertificate: turnOwnPublicCertificate
|
||||||
turnOwnPrivateCertificate: turnOwnPrivateCertificate
|
turnOwnPrivateCertificate: turnOwnPrivateCertificate
|
||||||
|
initialMeetAdminPassword: initialMeetAdminPassword
|
||||||
|
initialMeetApiKey: initialMeetApiKey
|
||||||
keyVaultName: keyVaultName
|
keyVaultName: keyVaultName
|
||||||
openviduLicense: openviduLicense
|
openviduLicense: openviduLicense
|
||||||
rtcEngine: rtcEngine
|
rtcEngine: rtcEngine
|
||||||
|
|
@ -302,6 +312,20 @@ else
|
||||||
fi
|
fi
|
||||||
|
|
||||||
DOMAIN="$(/usr/local/bin/store_secret.sh save DOMAIN-NAME "$DOMAIN")"
|
DOMAIN="$(/usr/local/bin/store_secret.sh save DOMAIN-NAME "$DOMAIN")"
|
||||||
|
|
||||||
|
# Meet initial admin user and password
|
||||||
|
MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/store_secret.sh save MEET-INITIAL-ADMIN-USER "admin")"
|
||||||
|
if [[ "${initialMeetAdminPassword}" != '' ]]; then
|
||||||
|
MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh save MEET-INITIAL-ADMIN-PASSWORD "${initialMeetAdminPassword}")"
|
||||||
|
else
|
||||||
|
MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate MEET-INITIAL-ADMIN-PASSWORD)"
|
||||||
|
fi
|
||||||
|
if [[ "${initialMeetApiKey}" != '' ]]; then
|
||||||
|
MEET_INITIAL_API_KEY="$(/usr/local/bin/store_secret.sh save MEET-INITIAL-API-KEY "${initialMeetApiKey}")"
|
||||||
|
else
|
||||||
|
MEET_INITIAL_API_KEY="$(/usr/local/bin/store_secret.sh save MEET-INITIAL-API-KEY "")"
|
||||||
|
fi
|
||||||
|
|
||||||
OPENVIDU_PRO_LICENSE="$(/usr/local/bin/store_secret.sh save OPENVIDU-PRO-LICENSE "${openviduLicense}")"
|
OPENVIDU_PRO_LICENSE="$(/usr/local/bin/store_secret.sh save OPENVIDU-PRO-LICENSE "${openviduLicense}")"
|
||||||
OPENVIDU_RTC_ENGINE="$(/usr/local/bin/store_secret.sh save OPENVIDU-RTC-ENGINE "${rtcEngine}")"
|
OPENVIDU_RTC_ENGINE="$(/usr/local/bin/store_secret.sh save OPENVIDU-RTC-ENGINE "${rtcEngine}")"
|
||||||
REDIS_PASSWORD="$(/usr/local/bin/store_secret.sh generate REDIS-PASSWORD)"
|
REDIS_PASSWORD="$(/usr/local/bin/store_secret.sh generate REDIS-PASSWORD)"
|
||||||
|
|
@ -315,8 +339,6 @@ DASHBOARD_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate DASHBOARD-AD
|
||||||
GRAFANA_ADMIN_USERNAME="$(/usr/local/bin/store_secret.sh save GRAFANA-ADMIN-USERNAME "grafanaadmin")"
|
GRAFANA_ADMIN_USERNAME="$(/usr/local/bin/store_secret.sh save GRAFANA-ADMIN-USERNAME "grafanaadmin")"
|
||||||
GRAFANA_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate GRAFANA-ADMIN-PASSWORD)"
|
GRAFANA_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate GRAFANA-ADMIN-PASSWORD)"
|
||||||
MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/store_secret.sh save MEET-INITIAL-ADMIN-USER "admin")"
|
MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/store_secret.sh save MEET-INITIAL-ADMIN-USER "admin")"
|
||||||
MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/store_secret.sh generate MEET-INITIAL-ADMIN-PASSWORD)"
|
|
||||||
MEET_INITIAL_API_KEY="$(/usr/local/bin/store_secret.sh generate MEET-INITIAL-API-KEY)"
|
|
||||||
LIVEKIT_API_KEY="$(/usr/local/bin/store_secret.sh generate LIVEKIT-API-KEY "API" 12)"
|
LIVEKIT_API_KEY="$(/usr/local/bin/store_secret.sh generate LIVEKIT-API-KEY "API" 12)"
|
||||||
LIVEKIT_API_SECRET="$(/usr/local/bin/store_secret.sh generate LIVEKIT-API-SECRET)"
|
LIVEKIT_API_SECRET="$(/usr/local/bin/store_secret.sh generate LIVEKIT-API-SECRET)"
|
||||||
ENABLED_MODULES="$(/usr/local/bin/store_secret.sh save ENABLED-MODULES "observability,openviduMeet,v2compatibility")"
|
ENABLED_MODULES="$(/usr/local/bin/store_secret.sh save ENABLED-MODULES "observability,openviduMeet,v2compatibility")"
|
||||||
|
|
@ -344,7 +366,6 @@ COMMON_ARGS=(
|
||||||
"--dashboard-admin-password=$DASHBOARD_ADMIN_PASSWORD"
|
"--dashboard-admin-password=$DASHBOARD_ADMIN_PASSWORD"
|
||||||
"--grafana-admin-user=$GRAFANA_ADMIN_USERNAME"
|
"--grafana-admin-user=$GRAFANA_ADMIN_USERNAME"
|
||||||
"--grafana-admin-password=$GRAFANA_ADMIN_PASSWORD"
|
"--grafana-admin-password=$GRAFANA_ADMIN_PASSWORD"
|
||||||
"--meet-initial-admin-user=$MEET_INITIAL_ADMIN_USER"
|
|
||||||
"--meet-initial-admin-password=$MEET_INITIAL_ADMIN_PASSWORD"
|
"--meet-initial-admin-password=$MEET_INITIAL_ADMIN_PASSWORD"
|
||||||
"--meet-initial-api-key=$MEET_INITIAL_API_KEY"
|
"--meet-initial-api-key=$MEET_INITIAL_API_KEY"
|
||||||
"--livekit-api-key=$LIVEKIT_API_KEY"
|
"--livekit-api-key=$LIVEKIT_API_KEY"
|
||||||
|
|
@ -497,7 +518,9 @@ export LIVEKIT_API_KEY=$(az keyvault secret show --vault-name ${keyVaultName} --
|
||||||
export LIVEKIT_API_SECRET=$(az keyvault secret show --vault-name ${keyVaultName} --name LIVEKIT-API-SECRET --query value -o tsv)
|
export LIVEKIT_API_SECRET=$(az keyvault secret show --vault-name ${keyVaultName} --name LIVEKIT-API-SECRET --query value -o tsv)
|
||||||
export MEET_INITIAL_ADMIN_USER=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-USER --query value -o tsv)
|
export MEET_INITIAL_ADMIN_USER=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-USER --query value -o tsv)
|
||||||
export MEET_INITIAL_ADMIN_PASSWORD=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-PASSWORD --query value -o tsv)
|
export MEET_INITIAL_ADMIN_PASSWORD=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-PASSWORD --query value -o tsv)
|
||||||
export MEET_INITIAL_API_KEY=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-API-KEY --query value -o tsv)
|
if [[ "${initialMeetApiKey}" != '' ]]; then
|
||||||
|
export MEET_INITIAL_API_KEY=$(az keyvault secret show --vault-name ${keyVaultName} --name MEET-INITIAL-API-KEY --query value -o tsv)
|
||||||
|
fi
|
||||||
export ENABLED_MODULES=$(az keyvault secret show --vault-name ${keyVaultName} --name ENABLED-MODULES --query value -o tsv)
|
export ENABLED_MODULES=$(az keyvault secret show --vault-name ${keyVaultName} --name ENABLED-MODULES --query value -o tsv)
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -518,7 +541,9 @@ sed -i "s/LIVEKIT_API_KEY=.*/LIVEKIT_API_KEY=$LIVEKIT_API_KEY/" "${CONFIG_DIR}/o
|
||||||
sed -i "s/LIVEKIT_API_SECRET=.*/LIVEKIT_API_SECRET=$LIVEKIT_API_SECRET/" "${CONFIG_DIR}/openvidu.env"
|
sed -i "s/LIVEKIT_API_SECRET=.*/LIVEKIT_API_SECRET=$LIVEKIT_API_SECRET/" "${CONFIG_DIR}/openvidu.env"
|
||||||
sed -i "s/MEET_INITIAL_ADMIN_USER=.*/MEET_INITIAL_ADMIN_USER=$MEET_INITIAL_ADMIN_USER/" "${CONFIG_DIR}/meet.env"
|
sed -i "s/MEET_INITIAL_ADMIN_USER=.*/MEET_INITIAL_ADMIN_USER=$MEET_INITIAL_ADMIN_USER/" "${CONFIG_DIR}/meet.env"
|
||||||
sed -i "s/MEET_INITIAL_ADMIN_PASSWORD=.*/MEET_INITIAL_ADMIN_PASSWORD=$MEET_INITIAL_ADMIN_PASSWORD/" "${CONFIG_DIR}/meet.env"
|
sed -i "s/MEET_INITIAL_ADMIN_PASSWORD=.*/MEET_INITIAL_ADMIN_PASSWORD=$MEET_INITIAL_ADMIN_PASSWORD/" "${CONFIG_DIR}/meet.env"
|
||||||
sed -i "s/MEET_INITIAL_API_KEY=.*/MEET_INITIAL_API_KEY=$MEET_INITIAL_API_KEY/" "${CONFIG_DIR}/meet.env"
|
if [[ "${initialMeetApiKey}" != '' ]]; then
|
||||||
|
sed -i "s/MEET_INITIAL_API_KEY=.*/MEET_INITIAL_API_KEY=$MEET_INITIAL_API_KEY/" "${CONFIG_DIR}/meet.env"
|
||||||
|
fi
|
||||||
sed -i "s/ENABLED_MODULES=.*/ENABLED_MODULES=$ENABLED_MODULES/" "${CONFIG_DIR}/openvidu.env"
|
sed -i "s/ENABLED_MODULES=.*/ENABLED_MODULES=$ENABLED_MODULES/" "${CONFIG_DIR}/openvidu.env"
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -568,7 +593,9 @@ LIVEKIT_API_KEY="$(/usr/local/bin/get_value_from_config.sh LIVEKIT_API_KEY "${CO
|
||||||
LIVEKIT_API_SECRET="$(/usr/local/bin/get_value_from_config.sh LIVEKIT_API_SECRET "${CONFIG_DIR}/openvidu.env")"
|
LIVEKIT_API_SECRET="$(/usr/local/bin/get_value_from_config.sh LIVEKIT_API_SECRET "${CONFIG_DIR}/openvidu.env")"
|
||||||
MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/get_value_from_config.sh MEET_INITIAL_ADMIN_USER "${CONFIG_DIR}/meet.env")"
|
MEET_INITIAL_ADMIN_USER="$(/usr/local/bin/get_value_from_config.sh MEET_INITIAL_ADMIN_USER "${CONFIG_DIR}/meet.env")"
|
||||||
MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/get_value_from_config.sh MEET_INITIAL_ADMIN_PASSWORD "${CONFIG_DIR}/meet.env")"
|
MEET_INITIAL_ADMIN_PASSWORD="$(/usr/local/bin/get_value_from_config.sh MEET_INITIAL_ADMIN_PASSWORD "${CONFIG_DIR}/meet.env")"
|
||||||
MEET_INITIAL_API_KEY="$(/usr/local/bin/get_value_from_config.sh MEET_INITIAL_API_KEY "${CONFIG_DIR}/meet.env")"
|
if [[ "${initialMeetApiKey}" != '' ]]; then
|
||||||
|
MEET_INITIAL_API_KEY="$(/usr/local/bin/get_value_from_config.sh MEET_INITIAL_API_KEY "${CONFIG_DIR}/meet.env")"
|
||||||
|
fi
|
||||||
ENABLED_MODULES="$(/usr/local/bin/get_value_from_config.sh ENABLED_MODULES "${CONFIG_DIR}/openvidu.env")"
|
ENABLED_MODULES="$(/usr/local/bin/get_value_from_config.sh ENABLED_MODULES "${CONFIG_DIR}/openvidu.env")"
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -591,7 +618,9 @@ az keyvault secret set --vault-name ${keyVaultName} --name LIVEKIT-API-KEY --val
|
||||||
az keyvault secret set --vault-name ${keyVaultName} --name LIVEKIT-API-SECRET --value $LIVEKIT_API_SECRET
|
az keyvault secret set --vault-name ${keyVaultName} --name LIVEKIT-API-SECRET --value $LIVEKIT_API_SECRET
|
||||||
az keyvault secret set --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-USER --value $MEET_INITIAL_ADMIN_USER
|
az keyvault secret set --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-USER --value $MEET_INITIAL_ADMIN_USER
|
||||||
az keyvault secret set --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-PASSWORD --value $MEET_INITIAL_ADMIN_PASSWORD
|
az keyvault secret set --vault-name ${keyVaultName} --name MEET-INITIAL-ADMIN-PASSWORD --value $MEET_INITIAL_ADMIN_PASSWORD
|
||||||
az keyvault secret set --vault-name ${keyVaultName} --name MEET-INITIAL-API-KEY --value $MEET_INITIAL_API_KEY
|
if [[ "${initialMeetApiKey}" != '' ]]; then
|
||||||
|
az keyvault secret set --vault-name ${keyVaultName} --name MEET-INITIAL-API-KEY --value $MEET_INITIAL_API_KEY
|
||||||
|
fi
|
||||||
az keyvault secret set --vault-name ${keyVaultName} --name ENABLED-MODULES --value $ENABLED_MODULES
|
az keyvault secret set --vault-name ${keyVaultName} --name ENABLED-MODULES --value $ENABLED_MODULES
|
||||||
'''
|
'''
|
||||||
|
|
||||||
|
|
|
||||||
File diff suppressed because one or more lines are too long
|
|
@ -153,6 +153,52 @@
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"name": "parameters MEET",
|
||||||
|
"label": "OpenVidu Meet configuration",
|
||||||
|
"elements": [
|
||||||
|
{
|
||||||
|
"name": "initialMeetAdminPassword",
|
||||||
|
"type": "Microsoft.Common.PasswordBox",
|
||||||
|
"label": {
|
||||||
|
"password": "Initial Meet Admin Password (Generated if empty, can be changed later from the Meet Console)",
|
||||||
|
"confirmPassword": "Confirm Password"
|
||||||
|
},
|
||||||
|
"toolTip": "Initial password for the 'admin' user in OpenVidu Meet. If not provided, a random password will be generated.",
|
||||||
|
"constraints": {
|
||||||
|
"required": false,
|
||||||
|
"regex": "^[A-Za-z0-9_-]*$",
|
||||||
|
"validationMessage": "Password can only contain letters, numbers, underscores and hyphens.",
|
||||||
|
"validations": []
|
||||||
|
},
|
||||||
|
"options": {
|
||||||
|
"hideConfirmation": true
|
||||||
|
},
|
||||||
|
"infoMessages": [],
|
||||||
|
"visible": true
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "initialMeetApiKey",
|
||||||
|
"type": "Microsoft.Common.PasswordBox",
|
||||||
|
"label": {
|
||||||
|
"password": "Initial API Key for OpenVidu Meet (optional, can be set later from the Meet Console)",
|
||||||
|
"confirmPassword": "Confirm API Key"
|
||||||
|
},
|
||||||
|
"toolTip": "Initial API key for OpenVidu Meet. If not provided, no API key will be set and the user can set it later from Meet Console.",
|
||||||
|
"constraints": {
|
||||||
|
"required": false,
|
||||||
|
"regex": "^[A-Za-z0-9_-]*$",
|
||||||
|
"validationMessage": "API key can only contain letters, numbers, underscores and hyphens.",
|
||||||
|
"validations": []
|
||||||
|
},
|
||||||
|
"options": {
|
||||||
|
"hideConfirmation": true
|
||||||
|
},
|
||||||
|
"infoMessages": [],
|
||||||
|
"visible": true
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"name": "parameters OPENVIDU",
|
"name": "parameters OPENVIDU",
|
||||||
"label": "OpenVidu Single Node PRO configuration",
|
"label": "OpenVidu Single Node PRO configuration",
|
||||||
|
|
@ -418,6 +464,8 @@
|
||||||
"turnDomainName": "[steps('parameters TURN').turnDomainName]",
|
"turnDomainName": "[steps('parameters TURN').turnDomainName]",
|
||||||
"turnOwnPublicCertificate": "[steps('parameters TURN').turnOwnPublicCertificate]",
|
"turnOwnPublicCertificate": "[steps('parameters TURN').turnOwnPublicCertificate]",
|
||||||
"turnOwnPrivateCertificate": "[steps('parameters TURN').turnOwnPrivateCertificate]",
|
"turnOwnPrivateCertificate": "[steps('parameters TURN').turnOwnPrivateCertificate]",
|
||||||
|
"initialMeetAdminPassword": "[steps('parameters MEET').initialMeetAdminPassword]",
|
||||||
|
"initialMeetApiKey": "[steps('parameters MEET').initialMeetApiKey]",
|
||||||
"instanceType": "[steps('parameters INSTANCE').instanceType]",
|
"instanceType": "[steps('parameters INSTANCE').instanceType]",
|
||||||
"adminUsername": "[steps('parameters INSTANCE').adminUsername]",
|
"adminUsername": "[steps('parameters INSTANCE').adminUsername]",
|
||||||
"adminSshKey": "[steps('parameters INSTANCE').adminSshKey]",
|
"adminSshKey": "[steps('parameters INSTANCE').adminSshKey]",
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue