ambiser
/
openvidu
mirror of https://github.com/OpenVidu/openvidu.git
9
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

openvidu-deployment: AWS - Use base64 for owned certificates instead of http URLs

master
cruizba 2025-12-23 19:35:00 +01:00
parent 28da654141
commit cb266952b7
3 changed files with 30 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
openvidu-deployment/community/singlenode/aws/cf-openvidu-singlenode.yaml
View File

@ -28,11 +28,11 @@ Parameters:
ConstraintDescription: The domain name does not have a valid domain name format ConstraintDescription: The domain name does not have a valid domain name format
OwnPublicCertificate: OwnPublicCertificate:
Description: "If certificate type is 'owncert', this parameter will be used to specify the public certificate" Description: "If certificate type is 'owncert', this parameter will be used to specify the public certificate in base64 format"
Type: String Type: String
OwnPrivateCertificate: OwnPrivateCertificate:
Description: "If certificate type is 'owncert', this parameter will be used to specify the private certificate" Description: "If certificate type is 'owncert', this parameter will be used to specify the private certificate in base64 format"
Type: String Type: String
InitialMeetAdminPassword: InitialMeetAdminPassword:
@ -66,12 +66,12 @@ Parameters:
Default: '' Default: ''
TurnOwnPublicCertificate: TurnOwnPublicCertificate:
Description: "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified." Description: "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format."
Type: String Type: String
Default: '' Default: ''
TurnOwnPrivateCertificate: TurnOwnPrivateCertificate:
Description: "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified." Description: "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format."
Type: String Type: String
Default: '' Default: ''
@ -739,14 +739,9 @@ Resources:
"--certificate-type=letsencrypt" "--certificate-type=letsencrypt"
) )
else else
# Download owncert files # Use base64 encoded certificates directly
mkdir -p /tmp/owncert OWN_CERT_CRT=${OwnPublicCertificate}
wget -O /tmp/owncert/fullchain.pem ${OwnPublicCertificate} OWN_CERT_KEY=${OwnPrivateCertificate}
wget -O /tmp/owncert/privkey.pem ${OwnPrivateCertificate}
# Convert to base64
OWN_CERT_CRT=$(base64 -w 0 /tmp/owncert/fullchain.pem)
OWN_CERT_KEY=$(base64 -w 0 /tmp/owncert/privkey.pem)
CERT_ARGS=( CERT_ARGS=(
"--certificate-type=owncert" "--certificate-type=owncert"
@ -756,14 +751,9 @@ Resources:
# Turn with TLS and own certificate # Turn with TLS and own certificate
if [[ "${TurnDomainName}" != '' ]]; then if [[ "${TurnDomainName}" != '' ]]; then
# Download owncert files # Use base64 encoded certificates directly
mkdir -p /tmp/owncert-turn OWN_CERT_CRT_TURN=${TurnOwnPublicCertificate}
wget -O /tmp/owncert-turn/fullchain.pem ${TurnOwnPublicCertificate} OWN_CERT_KEY_TURN=${TurnOwnPrivateCertificate}
wget -O /tmp/owncert-turn/privkey.pem ${TurnOwnPrivateCertificate}
# Convert to base64
OWN_CERT_CRT_TURN=$(base64 -w 0 /tmp/owncert-turn/fullchain.pem)
OWN_CERT_KEY_TURN=$(base64 -w 0 /tmp/owncert-turn/privkey.pem)
CERT_ARGS+=( CERT_ARGS+=(
"--turn-owncert-private-key=$OWN_CERT_KEY_TURN" "--turn-owncert-private-key=$OWN_CERT_KEY_TURN"

30
openvidu-deployment/pro/elastic/aws/cf-openvidu-elastic.yaml
View File

@ -28,11 +28,11 @@ Parameters:
ConstraintDescription: The domain name does not have a valid domain name format ConstraintDescription: The domain name does not have a valid domain name format
OwnPublicCertificate: OwnPublicCertificate:
Description: "If certificate type is 'owncert', this parameter will be used to specify the public certificate" Description: "If certificate type is 'owncert', this parameter will be used to specify the public certificate in base64 format"
Type: String Type: String
OwnPrivateCertificate: OwnPrivateCertificate:
Description: "If certificate type is 'owncert', this parameter will be used to specify the private certificate" Description: "If certificate type is 'owncert', this parameter will be used to specify the private certificate in base64 format"
Type: String Type: String
InitialMeetAdminPassword: InitialMeetAdminPassword:
@ -66,12 +66,12 @@ Parameters:
Default: '' Default: ''
TurnOwnPublicCertificate: TurnOwnPublicCertificate:
Description: "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified." Description: "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format."
Type: String Type: String
Default: '' Default: ''
TurnOwnPrivateCertificate: TurnOwnPrivateCertificate:
Description: "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified." Description: "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format."
Type: String Type: String
Default: '' Default: ''
@ -1294,14 +1294,9 @@ Resources:
"--certificate-type=letsencrypt" "--certificate-type=letsencrypt"
) )
else else
# Download owncert files # Use base64 encoded certificates directly
mkdir -p /tmp/owncert OWN_CERT_CRT=${OwnPublicCertificate}
wget -O /tmp/owncert/fullchain.pem ${OwnPublicCertificate} OWN_CERT_KEY=${OwnPrivateCertificate}
wget -O /tmp/owncert/privkey.pem ${OwnPrivateCertificate}
# Convert to base64
OWN_CERT_CRT=$(base64 -w 0 /tmp/owncert/fullchain.pem)
OWN_CERT_KEY=$(base64 -w 0 /tmp/owncert/privkey.pem)
CERT_ARGS=( CERT_ARGS=(
"--certificate-type=owncert" "--certificate-type=owncert"
@ -1311,14 +1306,9 @@ Resources:
# Turn with TLS and own certificate # Turn with TLS and own certificate
if [[ "${TurnDomainName}" != '' ]]; then if [[ "${TurnDomainName}" != '' ]]; then
# Download owncert files # Use base64 encoded certificates directly
mkdir -p /tmp/owncert-turn OWN_CERT_CRT_TURN=${TurnOwnPublicCertificate}
wget -O /tmp/owncert-turn/fullchain.pem ${TurnOwnPublicCertificate} OWN_CERT_KEY_TURN=${TurnOwnPrivateCertificate}
wget -O /tmp/owncert-turn/privkey.pem ${TurnOwnPrivateCertificate}
# Convert to base64
OWN_CERT_CRT_TURN=$(base64 -w 0 /tmp/owncert-turn/fullchain.pem)
OWN_CERT_KEY_TURN=$(base64 -w 0 /tmp/owncert-turn/privkey.pem)
CERT_ARGS+=( CERT_ARGS+=(
"--turn-owncert-private-key=$OWN_CERT_KEY_TURN" "--turn-owncert-private-key=$OWN_CERT_KEY_TURN"

30
openvidu-deployment/pro/singlenode/aws/cf-openvidu-singlenode.yaml
View File

@ -28,11 +28,11 @@ Parameters:
ConstraintDescription: The domain name does not have a valid domain name format ConstraintDescription: The domain name does not have a valid domain name format
OwnPublicCertificate: OwnPublicCertificate:
Description: "If certificate type is 'owncert', this parameter will be used to specify the public certificate" Description: "If certificate type is 'owncert', this parameter will be used to specify the public certificate in base64 format"
Type: String Type: String
OwnPrivateCertificate: OwnPrivateCertificate:
Description: "If certificate type is 'owncert', this parameter will be used to specify the private certificate" Description: "If certificate type is 'owncert', this parameter will be used to specify the private certificate in base64 format"
Type: String Type: String
InitialMeetAdminPassword: InitialMeetAdminPassword:
@ -66,12 +66,12 @@ Parameters:
Default: '' Default: ''
TurnOwnPublicCertificate: TurnOwnPublicCertificate:
Description: "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified." Description: "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format."
Type: String Type: String
Default: '' Default: ''
TurnOwnPrivateCertificate: TurnOwnPrivateCertificate:
Description: "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified." Description: "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format."
Type: String Type: String
Default: '' Default: ''
@ -765,14 +765,9 @@ Resources:
"--certificate-type=letsencrypt" "--certificate-type=letsencrypt"
) )
else else
# Download owncert files # Use base64 encoded certificates directly
mkdir -p /tmp/owncert OWN_CERT_CRT=${OwnPublicCertificate}
wget -O /tmp/owncert/fullchain.pem ${OwnPublicCertificate} OWN_CERT_KEY=${OwnPrivateCertificate}
wget -O /tmp/owncert/privkey.pem ${OwnPrivateCertificate}
# Convert to base64
OWN_CERT_CRT=$(base64 -w 0 /tmp/owncert/fullchain.pem)
OWN_CERT_KEY=$(base64 -w 0 /tmp/owncert/privkey.pem)
CERT_ARGS=( CERT_ARGS=(
"--certificate-type=owncert" "--certificate-type=owncert"
@ -782,14 +777,9 @@ Resources:
# Turn with TLS and own certificate # Turn with TLS and own certificate
if [[ "${TurnDomainName}" != '' ]]; then if [[ "${TurnDomainName}" != '' ]]; then
# Download owncert files # Use base64 encoded certificates directly
mkdir -p /tmp/owncert-turn OWN_CERT_CRT_TURN=${TurnOwnPublicCertificate}
wget -O /tmp/owncert-turn/fullchain.pem ${TurnOwnPublicCertificate} OWN_CERT_KEY_TURN=${TurnOwnPrivateCertificate}
wget -O /tmp/owncert-turn/privkey.pem ${TurnOwnPrivateCertificate}
# Convert to base64
OWN_CERT_CRT_TURN=$(base64 -w 0 /tmp/owncert-turn/fullchain.pem)
OWN_CERT_KEY_TURN=$(base64 -w 0 /tmp/owncert-turn/privkey.pem)
CERT_ARGS+=( CERT_ARGS+=(
"--turn-owncert-private-key=$OWN_CERT_KEY_TURN" "--turn-owncert-private-key=$OWN_CERT_KEY_TURN"