yann/yannstatic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
yannstatic/static/2020/03/21/vps789461-debian-10-Visio-Jitsi-Meet-Matrix-Riot-(wgvpn.space).html

2714 lines
222 KiB
HTML
Raw Permalink Normal View History

first commit
2024-10-31 20:18:37 +01:00
<!DOCTYPE html><html lang="fr">
<head><meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no"><title>Visio-conférence Jitsi Meet + Matrix Riot vps789461 (wgvpn.space) debian buster (INACTIF) - YannStatic</title>
<meta name="description" content="Serveur VPS OVH">
<link rel="canonical" href="https://static.rnmkcy.eu/2020/03/21/vps789461-debian-10-Visio-Jitsi-Meet-Matrix-Riot-(wgvpn.space).html"><link rel="alternate" type="application/rss+xml" title="YannStatic" href="/feed.xml">
<!-- - include head/favicon.html - -->
<link rel="shortcut icon" type="image/png" href="/assets/favicon/favicon.png"><link rel="stylesheet" href="/assets/css/main.css"><link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.0.13/css/all.css" ><!-- start custom head snippets --><link rel="stylesheet" href="/assets/css/expand.css">
<!-- end custom head snippets --><script>(function() {
window.isArray = function(val) {
return Object.prototype.toString.call(val) === '[object Array]';
};
window.isString = function(val) {
return typeof val === 'string';
};
window.hasEvent = function(event) {
return 'on'.concat(event) in window.document;
};
window.isOverallScroller = function(node) {
return node === document.documentElement || node === document.body || node === window;
};
window.isFormElement = function(node) {
var tagName = node.tagName;
return tagName === 'INPUT' || tagName === 'SELECT' || tagName === 'TEXTAREA';
};
window.pageLoad = (function () {
var loaded = false, cbs = [];
window.addEventListener('load', function () {
var i;
loaded = true;
if (cbs.length > 0) {
for (i = 0; i < cbs.length; i++) {
cbs[i]();
}
}
});
return {
then: function(cb) {
cb && (loaded ? cb() : (cbs.push(cb)));
}
};
})();
})();
(function() {
window.throttle = function(func, wait) {
var args, result, thisArg, timeoutId, lastCalled = 0;
function trailingCall() {
lastCalled = new Date;
timeoutId = null;
result = func.apply(thisArg, args);
}
return function() {
var now = new Date,
remaining = wait - (now - lastCalled);
args = arguments;
thisArg = this;
if (remaining <= 0) {
clearTimeout(timeoutId);
timeoutId = null;
lastCalled = now;
result = func.apply(thisArg, args);
} else if (!timeoutId) {
timeoutId = setTimeout(trailingCall, remaining);
}
return result;
};
};
})();
(function() {
var Set = (function() {
var add = function(item) {
var i, data = this._data;
for (i = 0; i < data.length; i++) {
if (data[i] === item) {
return;
}
}
this.size ++;
data.push(item);
return data;
};
var Set = function(data) {
this.size = 0;
this._data = [];
var i;
if (data.length > 0) {
for (i = 0; i < data.length; i++) {
add.call(this, data[i]);
}
}
};
Set.prototype.add = add;
Set.prototype.get = function(index) { return this._data[index]; };
Set.prototype.has = function(item) {
var i, data = this._data;
for (i = 0; i < data.length; i++) {
if (this.get(i) === item) {
return true;
}
}
return false;
};
Set.prototype.is = function(map) {
if (map._data.length !== this._data.length) { return false; }
var i, j, flag, tData = this._data, mData = map._data;
for (i = 0; i < tData.length; i++) {
for (flag = false, j = 0; j < mData.length; j++) {
if (tData[i] === mData[j]) {
flag = true;
break;
}
}
if (!flag) { return false; }
}
return true;
};
Set.prototype.values = function() {
return this._data;
};
return Set;
})();
window.Lazyload = (function(doc) {
var queue = {js: [], css: []}, sources = {js: {}, css: {}}, context = this;
var createNode = function(name, attrs) {
var node = doc.createElement(name), attr;
for (attr in attrs) {
if (attrs.hasOwnProperty(attr)) {
node.setAttribute(attr, attrs[attr]);
}
}
return node;
};
var end = function(type, url) {
var s, q, qi, cbs, i, j, cur, val, flag;
if (type === 'js' || type ==='css') {
s = sources[type], q = queue[type];
s[url] = true;
for (i = 0; i < q.length; i++) {
cur = q[i];
if (cur.urls.has(url)) {
qi = cur, val = qi.urls.values();
qi && (cbs = qi.callbacks);
for (flag = true, j = 0; j < val.length; j++) {
cur = val[j];
if (!s[cur]) {
flag = false;
}
}
if (flag && cbs && cbs.length > 0) {
for (j = 0; j < cbs.length; j++) {
cbs[j].call(context);
}
qi.load = true;
}
}
}
}
};
var load = function(type, urls, callback) {
var s, q, qi, node, i, cur,
_urls = typeof urls === 'string' ? new Set([urls]) : new Set(urls), val, url;
if (type === 'js' || type ==='css') {
s = sources[type], q = queue[type];
for (i = 0; i < q.length; i++) {
cur = q[i];
if (_urls.is(cur.urls)) {
qi = cur;
break;
}
}
val = _urls.values();
if (qi) {
callback && (qi.load || qi.callbacks.push(callback));
callback && (qi.load && callback());
} else {
q.push({
urls: _urls,
callbacks: callback ? [callback] : [],
load: false
});
for (i = 0; i < val.length; i++) {
node = null, url = val[i];
if (s[url] === undefined) {
(type === 'js' ) && (node = createNode('script', { src: url }));
(type === 'css') && (node = createNode('link', { rel: 'stylesheet', href: url }));
if (node) {
node.onload = (function(type, url) {
return function() {
end(type, url);
};
})(type, url);
(doc.head || doc.body).appendChild(node);
s[url] = false;
}
}
}
}
}
};
return {
js: function(url, callback) {
load('js', url, callback);
},
css: function(url, callback) {
load('css', url, callback);
}
};
})(this.document);
})();
</script><script>
(function() {
var TEXT_VARIABLES = {
version: '2.2.6',
sources: {
font_awesome: 'https://use.fontawesome.com/releases/v5.0.13/css/all.css',
jquery: '/assets/js/jquery.min.js',
leancloud_js_sdk: '//cdn.jsdelivr.net/npm/leancloud-storage@3.13.2/dist/av-min.js',
chart: 'https://cdn.bootcss.com/Chart.js/2.7.2/Chart.bundle.min.js',
gitalk: {
js: 'https://cdn.bootcss.com/gitalk/1.2.2/gitalk.min.js',
css: 'https://cdn.bootcss.com/gitalk/1.2.2/gitalk.min.css'
},
valine: 'https://unpkg.com/valine/dist/Valine.min.js'
},
site: {
toc: {
selectors: 'h1,h2,h3'
}
},
paths: {
search_js: '/assets/search.js'
}
};
window.TEXT_VARIABLES = TEXT_VARIABLES;
})();
</script>
</head>
<body>
<div class="root" data-is-touch="false">
<div class="layout--page js-page-root"><!----><div class="page__main js-page-main page__viewport hide-footer has-aside has-aside cell cell--auto">
<div class="page__main-inner"><div class="page__header d-print-none"><header class="header"><div class="main">
<div class="header__title">
<div class="header__brand"><svg id="svg" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="400" height="478.9473684210526" viewBox="0, 0, 400,478.9473684210526"><g id="svgg"><path id="path0" d="M308.400 56.805 C 306.970 56.966,303.280 57.385,300.200 57.738 C 290.906 58.803,278.299 59.676,269.200 59.887 L 260.600 60.085 259.400 61.171 C 258.010 62.428,256.198 63.600,255.645 63.600 C 255.070 63.600,252.887 65.897,252.598 66.806 C 252.460 67.243,252.206 67.600,252.034 67.600 C 251.397 67.600,247.206 71.509,247.202 72.107 C 247.201 72.275,246.390 73.190,245.400 74.138 C 243.961 75.517,243.598 76.137,243.592 77.231 C 243.579 79.293,241.785 83.966,240.470 85.364 C 239.176 86.740,238.522 88.365,237.991 91.521 C 237.631 93.665,236.114 97.200,235.554 97.200 C 234.938 97.200,232.737 102.354,232.450 104.472 C 232.158 106.625,230.879 109.226,229.535 110.400 C 228.933 110.926,228.171 113.162,226.434 119.500 C 226.178 120.435,225.795 121.200,225.584 121.200 C 225.373 121.200,225.200 121.476,225.200 121.813 C 225.200 122.149,224.885 122.541,224.500 122.683 C 223.606 123.013,223.214 123.593,223.204 124.600 C 223.183 126.555,220.763 132.911,219.410 134.562 C 218.443 135.742,217.876 136.956,217.599 138.440 C 217.041 141.424,215.177 146.434,214.532 146.681 C 214.240 146.794,214.000 147.055,214.000 147.261 C 214.000 147.467,213.550 148.086,213.000 148.636 C 212.450 149.186,212.000 149.893,212.000 150.208 C 212.000 151.386,208.441 154.450,207.597 153.998 C 206.319 153.315,204.913 150.379,204.633 147.811 C 204.365 145.357,202.848 142.147,201.759 141.729 C 200.967 141.425,199.200 137.451,199.200 135.974 C 199.200 134.629,198.435 133.224,196.660 131.311 C 195.363 129.913,194.572 128.123,193.870 125.000 C 193.623 123.900,193.236 122.793,193.010 122.540 C 190.863 120.133,190.147 118.880,188.978 115.481 C 188.100 112.928,187.151 111.003,186.254 109.955 C 185.358 108.908,184.518 107.204,183.847 105.073 C 183.280 103.273,182.497 101.329,182.108 100.753 C 181.719 100.177,180.904 98.997,180.298 98.131 C 179.693 97.265,178.939 95.576,178.624 94.378 C 178.041 92.159,177.125 90.326,175.023 87.168 C 174.375 86.196,173.619 84.539,173.342 83.486 C 172.800 81.429,171.529 79.567,170.131 78.785 C 169.654 78.517,168.697 77.511,168.006 76.549 C 167.316 75.587,166.594 74.800,166.402 74.800 C 166.210 74.800,164.869 73.633,163.421 72.206 C 160.103 68.936,161.107 69.109,146.550 69.301 C 133.437 69.474,128.581 70.162,126.618 72.124 C 126.248 72.495,125.462 72.904,124.872 73.033 C 124.282 73.163,123.088 73.536,122.219 73.863 C 121.349 74.191,119.028 74.638,117.061 74.858 C 113.514 75.254,109.970 76.350,108.782 77.419 C 107.652 78.436,100.146 80.400,97.388 80.400 C 95.775 80.400,93.167 81.360,91.200 82.679 C 90.430 83.195,89.113 83.804,88.274 84.031 C 85.875 84.681,78.799 90.910,74.400 96.243 L 73.400 97.456 73.455 106.028 C 73.526 117.055,74.527 121.238,77.820 124.263 C 78.919 125.273,80.400 127.902,80.400 128.842 C 80.400 129.202,81.075 130.256,81.900 131.186 C 83.563 133.059,85.497 136.346,86.039 138.216 C 86.233 138.886,87.203 140.207,88.196 141.153 C 89.188 142.098,90.000 143.104,90.000 143.388 C 90.000 144.337,92.129 148.594,92.869 149.123 C 93.271 149.410,93.600 149.831,93.600 150.059 C 93.600 150.286,93.932 150.771,94.337 151.136 C 94.743 151.501,95.598 153.004,96.237 154.475 C 96.877 155.947,97.760 157.351,98.200 157.596 C 98.640 157.841,99.900 159.943,101.000 162.267 C 102.207 164.817,103.327 166.644,103.825 166.876 C 104.278 167.087,105.065 168.101,105.573 169.130 C 107.658 173.348,108.097 174.093,110.006 176.647 C 111.103 178.114,112.000 179.725,112.000 180.227 C 112.000 181.048,113.425 183.163,114.678 184.200 C 115.295 184.711,117.396 188.733,117.720 190.022 C 117.855 190.562,118.603 191.633,119.381 192.402 C 120.160 193.171,121.496 195.258,122.351 197.039 C 123.206 198.820,124.167 200.378,124.487 200.501 C 124.807 200.624,125.953 202.496,127.034 204.662 C 128.114 206.828,129.676 209.299,130.505 210.153 C 131.333 211.007,132.124 212.177,132.262 212.753 C 132.618 214.239,134.291 217.048,136.288 219.5
" href="/">YannStatic</a></div><!--<button class="button button--secondary button--circle search-button js-search-toggle"><i class="fas fa-search"></i></button>--><!-- <li><button class="button button--secondary button--circle search-button js-search-toggle"><i class="fas fa-search"></i></button></li> -->
<!-- Champ de recherche -->
<div id="searchbox" class="search search--dark" style="visibility: visible">
<div class="main">
<div class="search__header"></div>
<div class="search-bar">
<div class="search-box js-search-box">
<div class="search-box__icon-search"><i class="fas fa-search"></i></div>
<input id="search-input" type="text" />
<!-- <div class="search-box__icon-clear js-icon-clear">
<a><i class="fas fa-times"></i></a>
</div> -->
</div>
</div>
</div>
</div>
<!-- Script pointing to search-script.js -->
<script>/*!
* Simple-Jekyll-Search
* Copyright 2015-2020, Christian Fei
* Licensed under the MIT License.
*/
(function(){
'use strict'
var _$Templater_7 = {
compile: compile,
setOptions: setOptions
}
const options = {}
options.pattern = /\{(.*?)\}/g
options.template = ''
options.middleware = function () {}
function setOptions (_options) {
options.pattern = _options.pattern || options.pattern
options.template = _options.template || options.template
if (typeof _options.middleware === 'function') {
options.middleware = _options.middleware
}
}
function compile (data) {
return options.template.replace(options.pattern, function (match, prop) {
const value = options.middleware(prop, data[prop], options.template)
if (typeof value !== 'undefined') {
return value
}
return data[prop] || match
})
}
'use strict';
function fuzzysearch (needle, haystack) {
var tlen = haystack.length;
var qlen = needle.length;
if (qlen > tlen) {
return false;
}
if (qlen === tlen) {
return needle === haystack;
}
outer: for (var i = 0, j = 0; i < qlen; i++) {
var nch = needle.charCodeAt(i);
while (j < tlen) {
if (haystack.charCodeAt(j++) === nch) {
continue outer;
}
}
return false;
}
return true;
}
var _$fuzzysearch_1 = fuzzysearch;
'use strict'
/* removed: const _$fuzzysearch_1 = require('fuzzysearch') */;
var _$FuzzySearchStrategy_5 = new FuzzySearchStrategy()
function FuzzySearchStrategy () {
this.matches = function (string, crit) {
return _$fuzzysearch_1(crit.toLowerCase(), string.toLowerCase())
}
}
'use strict'
var _$LiteralSearchStrategy_6 = new LiteralSearchStrategy()
function LiteralSearchStrategy () {
this.matches = function (str, crit) {
if (!str) return false
str = str.trim().toLowerCase()
crit = crit.trim().toLowerCase()
return crit.split(' ').filter(function (word) {
return str.indexOf(word) >= 0
}).length === crit.split(' ').length
}
}
'use strict'
var _$Repository_4 = {
put: put,
clear: clear,
search: search,
setOptions: __setOptions_4
}
/* removed: const _$FuzzySearchStrategy_5 = require('./SearchStrategies/FuzzySearchStrategy') */;
/* removed: const _$LiteralSearchStrategy_6 = require('./SearchStrategies/LiteralSearchStrategy') */;
function NoSort () {
return 0
}
const data = []
let opt = {}
opt.fuzzy = false
opt.limit = 10
opt.searchStrategy = opt.fuzzy ? _$FuzzySearchStrategy_5 : _$LiteralSearchStrategy_6
opt.sort = NoSort
opt.exclude = []
function put (data) {
if (isObject(data)) {
return addObject(data)
}
if (isArray(data)) {
return addArray(data)
}
return undefined
}
function clear () {
data.length = 0
return data
}
function isObject (obj) {
return Boolean(obj) && Object.prototype.toString.call(obj) === '[object Object]'
}
function isArray (obj) {
return Boolean(obj) && Object.prototype.toString.call(obj) === '[object Array]'
}
function addObject (_data) {
data.push(_data)
return data
}
function addArray (_data) {
const added = []
clear()
for (let i = 0, len = _data.length; i < len; i++) {
if (isObject(_data[i])) {
added.push(addObject(_data[i]))
}
}
return added
}
function search (crit) {
if (!crit) {
return []
}
return findMatches(data, crit, opt.searchStrategy, opt).sort(opt.sort)
}
function __setOptions_4 (_opt) {
opt = _opt || {}
opt.fuzzy = _opt.fuzzy || false
opt.limit = _opt.limit || 10
opt.searchStrategy = _opt.fuzzy ? _$FuzzySearchStrategy_5 : _$LiteralSearchStrategy_6
opt.sort = _opt.sort || NoSort
opt.exclude = _opt.exclude || []
}
function findMatches (data, crit, strategy, opt) {
const matches = []
for (let i = 0; i < data.length && matches.length < opt.limit; i++) {
const match = findMatchesInObject(data[i], crit, strategy, opt)
if (match) {
matches.push(match)
}
}
return matches
}
function findMatchesInObject (obj, crit, strategy, opt) {
for (const key in obj) {
if (!isExcluded(obj[key], opt.exclude) && strategy.matches(obj[key], crit)) {
return obj
}
}
}
function isExcluded (term, excludedTerms) {
for (let i = 0, len = excludedTerms.length; i < len; i++) {
const excludedTerm = excludedTerms[i]
if (new RegExp(excludedTerm).test(term)) {
return true
}
}
return false
}
/* globals ActiveXObject:false */
'use strict'
var _$JSONLoader_2 = {
load: load
}
function load (location, callback) {
const xhr = getXHR()
xhr.open('GET', location, true)
xhr.onreadystatechange = createStateChangeListener(xhr, callback)
xhr.send()
}
function createStateChangeListener (xhr, callback) {
return function () {
if (xhr.readyState === 4 && xhr.status === 200) {
try {
callback(null, JSON.parse(xhr.responseText))
} catch (err) {
callback(err, null)
}
}
}
}
function getXHR () {
return window.XMLHttpRequest ? new window.XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP')
}
'use strict'
var _$OptionsValidator_3 = function OptionsValidator (params) {
if (!validateParams(params)) {
throw new Error('-- OptionsValidator: required options missing')
}
if (!(this instanceof OptionsValidator)) {
return new OptionsValidator(params)
}
const requiredOptions = params.required
this.getRequiredOptions = function () {
return requiredOptions
}
this.validate = function (parameters) {
const errors = []
requiredOptions.forEach(function (requiredOptionName) {
if (typeof parameters[requiredOptionName] === 'undefined') {
errors.push(requiredOptionName)
}
})
return errors
}
function validateParams (params) {
if (!params) {
return false
}
return typeof params.required !== 'undefined' && params.required instanceof Array
}
}
'use strict'
var _$utils_9 = {
merge: merge,
isJSON: isJSON
}
function merge (defaultParams, mergeParams) {
const mergedOptions = {}
for (const option in defaultParams) {
mergedOptions[option] = defaultParams[option]
if (typeof mergeParams[option] !== 'undefined') {
mergedOptions[option] = mergeParams[option]
}
}
return mergedOptions
}
function isJSON (json) {
try {
if (json instanceof Object && JSON.parse(JSON.stringify(json))) {
return true
}
return false
} catch (err) {
return false
}
}
var _$src_8 = {};
(function (window) {
'use strict'
let options = {
searchInput: null,
resultsContainer: null,
json: [],
success: Function.prototype,
searchResultTemplate: '<li><a href="{url}" title="{desc}">{title}</a></li>',
templateMiddleware: Function.prototype,
sortMiddleware: function () {
return 0
},
noResultsText: 'No results found',
limit: 10,
fuzzy: false,
debounceTime: null,
exclude: []
}
let debounceTimerHandle
const debounce = function (func, delayMillis) {
if (delayMillis) {
clearTimeout(debounceTimerHandle)
debounceTimerHandle = setTimeout(func, delayMillis)
} else {
func.call()
}
}
const requiredOptions = ['searchInput', 'resultsContainer', 'json']
/* removed: const _$Templater_7 = require('./Templater') */;
/* removed: const _$Repository_4 = require('./Repository') */;
/* removed: const _$JSONLoader_2 = require('./JSONLoader') */;
const optionsValidator = _$OptionsValidator_3({
required: requiredOptions
})
/* removed: const _$utils_9 = require('./utils') */;
window.SimpleJekyllSearch = function (_options) {
const errors = optionsValidator.validate(_options)
if (errors.length > 0) {
throwError('You must specify the following required options: ' + requiredOptions)
}
options = _$utils_9.merge(options, _options)
_$Templater_7.setOptions({
template: options.searchResultTemplate,
middleware: options.templateMiddleware
})
_$Repository_4.setOptions({
fuzzy: options.fuzzy,
limit: options.limit,
sort: options.sortMiddleware,
exclude: options.exclude
})
if (_$utils_9.isJSON(options.json)) {
initWithJSON(options.json)
} else {
initWithURL(options.json)
}
const rv = {
search: search
}
typeof options.success === 'function' && options.success.call(rv)
return rv
}
function initWithJSON (json) {
_$Repository_4.put(json)
registerInput()
}
function initWithURL (url) {
_$JSONLoader_2.load(url, function (err, json) {
if (err) {
throwError('failed to get JSON (' + url + ')')
}
initWithJSON(json)
})
}
function emptyResultsContainer () {
options.resultsContainer.innerHTML = ''
}
function appendToResultsContainer (text) {
options.resultsContainer.innerHTML += text
}
function registerInput () {
options.searchInput.addEventListener('input', function (e) {
if (isWhitelistedKey(e.which)) {
emptyResultsContainer()
debounce(function () { search(e.target.value) }, options.debounceTime)
}
})
}
function search (query) {
if (isValidQuery(query)) {
emptyResultsContainer()
render(_$Repository_4.search(query), query)
}
}
function render (results, query) {
const len = results.length
if (len === 0) {
return appendToResultsContainer(options.noResultsText)
}
for (let i = 0; i < len; i++) {
results[i].query = query
appendToResultsContainer(_$Templater_7.compile(results[i]))
}
}
function isValidQuery (query) {
return query && query.length > 0
}
function isWhitelistedKey (key) {
return [13, 16, 20, 37, 38, 39, 40, 91].indexOf(key) === -1
}
function throwError (message) {
throw new Error('SimpleJekyllSearch --- ' + message)
}
})(window)
}());
</script>
<!-- Configuration -->
<script>
SimpleJekyllSearch({
searchInput: document.getElementById('search-input'),
resultsContainer: document.getElementById('results-container'),
json: '/search.json',
//searchResultTemplate: '<li><a href="https://static.rnmkcy.eu{url}">{date}&nbsp;{title}</a></li>'
searchResultTemplate: '<li><a href="{url}">{date}&nbsp;{title}</a></li>'
})
</script>
<!-- Fin déclaration champ de recherche --></div><nav class="navigation">
<ul><li class="navigation__item"><a href="/archive.html">Etiquettes</a></li><li class="navigation__item"><a href="/htmldoc.html">Documents</a></li><li class="navigation__item"><a href="/liens_ttrss.html">Liens</a></li><li class="navigation__item"><a href="/aide-jekyll-text-theme.html">Aide</a></li></ul>
</nav></div>
</header>
</div><div class="page__content"><div class ="main"><div class="grid grid--reverse">
<div class="col-main cell cell--auto"><!-- start custom main top snippet --><div id="results-container" class="search-result js-search-result"></div><!-- end custom main top snippet -->
<article itemscope itemtype="http://schema.org/Article"><div class="article__header"><header><h1 style="color:Tomato;">Visio-conférence Jitsi Meet + Matrix Riot vps789461 (wgvpn.space) debian buster (INACTIF)</h1></header></div><meta itemprop="headline" content="Visio-conférence Jitsi Meet + Matrix Riot vps789461 (wgvpn.space) debian buster (INACTIF)"><div class="article__info clearfix"><ul class="left-col menu"><li>
_includes/article-list.html
2024-11-08 14:10:33 +01:00
<a class="button button--secondary button--pill button--sm" style="color:#00FFFF" href="/archive.html?tag=vps">vps</a>
first commit
2024-10-31 20:18:37 +01:00
</li></ul><ul class="right-col menu"><li>
<i class="far fa-calendar-alt"></i>&nbsp;<span title="Création" style="color:#FF00FF">21&nbsp;mars&nbsp;&nbsp;2020</span></li></ul></div><meta itemprop="datePublished" content="2020-03-21T00:00:00+01:00">
<meta itemprop="keywords" content="vps"><div class="js-article-content">
<div class="layout--article"><!-- start custom article top snippet -->
<style>
#myBtn {
display: none;
position: fixed;
bottom: 10px;
right: 10px;
z-index: 99;
font-size: 12px;
font-weight: bold;
border: none;
outline: none;
background-color: white;
color: black;
cursor: pointer;
padding: 5px;
border-radius: 4px;
}
#myBtn:hover {
background-color: #555;
}
</style>
<button onclick="topFunction()" id="myBtn" title="Haut de page">&#8679;</button>
<script>
//Get the button
var mybutton = document.getElementById("myBtn");
// When the user scrolls down 20px from the top of the document, show the button
window.onscroll = function() {scrollFunction()};
function scrollFunction() {
if (document.body.scrollTop > 20 || document.documentElement.scrollTop > 20) {
mybutton.style.display = "block";
} else {
mybutton.style.display = "none";
}
}
// When the user clicks on the button, scroll to the top of the document
function topFunction() {
document.body.scrollTop = 0;
document.documentElement.scrollTop = 0;
}
</script>
<!-- end custom article top snippet -->
<div class="article__content" itemprop="articleBody"><details>
<summary><b>Afficher/cacher Sommaire</b></summary>
<!-- affichage sommaire -->
<div class="toc-aside js-toc-root"></div>
</details><h1 id="serveur-vps-ovh">Serveur VPS OVH</h1>
<p><img src="/images/OVH-320px-Logo.png" alt="OVH" width="50" /><br />
<em>OVH vps789461 (1 vCore/2GoRam/20GoSSD) Debian Buster</em></p>
<h3 id="debian-10">Debian 10</h3>
<p><img src="/images/debian-buster-logo1.png" alt="OVH" width="150" /><br />
PARAMETRES DACCES:<br />
Ladresse IPv4 du VPS est : 51.77.151.245<br />
Ladresse IPv6 du VPS est : 2001:41d0:0404:0200::01cf</p>
<p>Le nom du VPS est : vps789461.ovh.net<br />
Connexion SSH en “root”</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh root@51.77.151.245
</code></pre></div></div>
<h3 id="réseau">Réseau</h3>
<p><img src="/images/ipv6.png" alt="ipv6" width="70" /></p>
<p>Créer un bash pour désactiver linitialisation réseau par le cloud sur le VPS OVH</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nano initres.sh
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>#!/bin/bash
#
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
#
#Création du fichier **/etc/cloud/cloud.cfg.d/99-disable-network-config.cfg** en mode su
echo "network: {config: disabled}" &gt; /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
#
# Effacerle fichier /etc/network/interfaces
rm /etc/network/interfaces
# Recréer le fichier /etc/network/interfaces
cat &gt; /etc/network/interfaces &lt;&lt; EOF
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
iface eth0 inet6 static
address 2001:41d0:0404:0200::01cf
netmask 128
post-up /sbin/ip -6 route add 2001:41d0:0404:0200::1 dev eth0
post-up /sbin/ip -6 route add default via 2001:41d0:0404:0200::1 dev eth0
pre-down /sbin/ip -6 route del default via 2001:41d0:0404:0200::1 dev eth0
pre-down /sbin/ip -6 route del 2001:41d0:0404:0200::1 dev eth0
EOF
#
# Configuration OVH à modifier /etc/cloud/cloud.cfg
sed -i 's/preserve_hostname: false/preserve_hostname: true/g' /etc/cloud/cloud.cfg
sed -i 's/manage_etc_hosts: true/manage_etc_hosts: false/g' /etc/cloud/cloud.cfg
#
# Redémarrage de la machine
systemctl reboot
</code></pre></div></div>
<p>Droits et exécution</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>chmod +x initres.sh &amp;&amp; ./initres.sh
</code></pre></div></div>
<p>Patienter quelques minutes avant la reconnexion…</p>
<p>Se connecter en root via SSH</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh root@51.77.151.245
</code></pre></div></div>
<p>Vérifier le réseau <code class="language-plaintext highlighter-rouge">ip a</code></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>1: lo: &lt;LOOPBACK,UP,LOWER_UP&gt; mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: &lt;BROADCAST,MULTICAST,UP,LOWER_UP&gt; mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether fa:16:3e:f2:6b:33 brd ff:ff:ff:ff:ff:ff
inet 51.77.151.245/32 brd 51.77.151.245 scope global dynamic eth0
valid_lft 86332sec preferred_lft 86332sec
inet6 2001:41d0:404:200::1cf/128 scope global
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fef2:6b33/64 scope link
valid_lft forever preferred_lft forever
</code></pre></div></div>
<p>Locales <strong>fr UTF8</strong> : <code class="language-plaintext highlighter-rouge">dpkg-reconfigure locales</code> (facultatif)<br />
Fuseau <strong>Europe/Paris</strong> : <code class="language-plaintext highlighter-rouge">dpkg-reconfigure tzdata</code> (facultatif)</p>
<h3 id="domaine-wgvpnspace">domaine wgvpn.space</h3>
<p><img src="/images/dns-logo.png" alt="" /></p>
<p>Zone dns OVH</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>$TTL 3600
@ IN SOA dns20.ovh.net. tech.ovh.net. (2020032100 86400 3600 3600000 300)
IN NS dns20.ovh.net.
IN NS ns20.ovh.net.
IN MX 10 wgvpn.space.
IN A 51.77.151.245
IN AAAA 2001:41d0:404:200::1cf
IN TXT "v=spf1 a mx ip4:51.77.151.245 ip6:2001:41d0:404:200::1cf -all"
jitsi IN CNAME wgvpn.space.
_dmarc IN TXT "v=DMARC1; p=none;"
</code></pre></div></div>
<p>Reverse dns serveur vps789641 sur IPV4 : jitsi.wgvpn.space</p>
<p><strong>hostname</strong></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>hostnamectl set-hostname wgvpn.space
hostnamectl
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> Static hostname: wgvpn.space
Icon name: computer-vm
Chassis: vm
Machine ID: 0ef30511d74646618d92e464efb187ce
Boot ID: 7a925207f91e4e97a2eccca9f970583d
Virtualization: kvm
Operating System: Debian GNU/Linux 10 (buster)
Kernel: Linux 4.19.0-5-cloud-amd64
Architecture: x86-64
</code></pre></div></div>
<h3 id="création-utilisateur">Création utilisateur</h3>
<p>Utilisateur <strong>admini</strong></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>useradd -m -d /home/admini/ -s /bin/bash admini
</code></pre></div></div>
<p>Mot de passe <strong>admini</strong></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>passwd admini
</code></pre></div></div>
<p>Visudo pour les accès root via utilisateur <strong>admini</strong></p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code>apt <span class="nb">install sudo</span> <span class="c"># sudo installé par défaut</span>
<span class="nb">echo</span> <span class="s2">"admini ALL=(ALL) NOPASSWD: ALL"</span> <span class="o">&gt;&gt;</span> /etc/sudoers
</code></pre></div></div>
<p>Changer le mot de passe root</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>passwd root
</code></pre></div></div>
<h3 id="openssh-clé-et-script">OpenSSH, clé et script</h3>
<p><img src="/images/ssh_logo1.png" alt="OpenSSH" width="100" /></p>
<p><strong>connexion avec clé</strong><br />
<u>sur l'ordinateur de bureau</u>
Générer une paire de clé curve25519-sha256 (ECDH avec Curve25519 et SHA2) nommé <strong>kvm-cinay</strong> pour une liaison SSH avec le serveur KVM.</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh-keygen -t ed25519 -o -a 100 -f ~/.ssh/kvm-vps789461
</code></pre></div></div>
<p>Envoyer la clé publique sur le serveur KVM</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>scp ~/.ssh/kvm-vps789461.pub admini@51.77.151.245:/home/admini/
</code></pre></div></div>
<p><u>sur le serveur KVM vps789461</u>
On se connecte</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh admini@51.77.151.245
</code></pre></div></div>
<p>Copier le contenu de la clé publique dans /home/$USER/.ssh/authorized_keys</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>cd ~
</code></pre></div></div>
<p>Sur le KVM vps789461</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nb">mkdir</span> .ssh <span class="c"># création dossier .ssh</span>
<span class="nb">cat</span> <span class="nv">$HOME</span>/kvm-vps789461.pub <span class="o">&gt;&gt;</span> <span class="nv">$HOME</span>/.ssh/authorized_keys <span class="c"># copie clé publique</span>
<span class="nb">chmod </span>600 <span class="nv">$HOME</span>/.ssh/authorized_keys <span class="c"># donner les droits</span>
<span class="nb">rm</span> <span class="nv">$HOME</span>/kvm-vps789461.pub <span class="c"># effacer le fichier de la clé</span>
</code></pre></div></div>
<p>Modifier la configuration serveur SSH</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo nano /etc/ssh/sshd_config
</code></pre></div></div>
<p>Modifier</p>
<div class="language-conf highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="n">Port</span> <span class="m">55039</span>
<span class="n">PermitRootLogin</span> <span class="n">no</span>
<span class="n">PasswordAuthentication</span> <span class="n">no</span>
</code></pre></div></div>
<p><u>session SSH ne se termine pas correctement lors d'un "reboot" à distance</u><br />
Si vous tentez de <strong>redémarrer/éteindre</strong> une machine distance par <strong>ssh</strong>, vous pourriez constater que votre session ne se termine pas correctement, vous laissant avec un terminal inactif jusquà lexpiration dun long délai dinactivité. Il existe un bogue 751636 à ce sujet. Pour linstant, la solution de contournement à ce problème est dinstaller :</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo apt install libpam-systemd # installé par défaut sur debian buster
</code></pre></div></div>
<p>cela terminera la session ssh avant que le réseau ne tombe.<br />
Veuillez noter quil est nécessaire que PAM soit activé dans sshd.</p>
<p>Relancer openSSH</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo systemctl restart sshd
</code></pre></div></div>
<p>Accès depuis le poste distant avec la clé privée</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh -p 55039 -i ~/.ssh/kvm-vps789461 admini@51.77.151.245
</code></pre></div></div>
<h3 id="mise-à-jour-et-installer-utilitaires">Mise à jour et installer utilitaires</h3>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo apt update &amp;&amp; sudo apt -y upgrade
sudo apt install rsync curl tmux jq figlet git dnsutils tree gnupg -y
</code></pre></div></div>
<h3 id="scripts-motd-et-ssh_rc_bash">Scripts motd et ssh_rc_bash</h3>
<p>Motd</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo nano /etc/motd # effacer le contenu avant de copier ce qui suit
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> ____ ___ ___ __ _ _ _
__ __ _ __ ___|__ |( _ )/ _ \ / / | | | / |
\ V /| '_ \(_-&lt; / / / _ \\_, // _ \|_ _|| |
\_/ | .__//__/ /_/ \___/ /_/ \___/ |_| |_|
__ __ __ __ |_|_ __ _ __ _ _ ___ _ __ __ _ __ ___
\ V V // _` |\ V /| '_ \| ' \ _ (_-&lt;| '_ \/ _` |/ _|/ -_)
\_/\_/ \__, | \_/ | .__/|_||_|(_)/__/| .__/\__,_|\__|\___|
|___/ |_| |_|
</code></pre></div></div>
<p>Script <strong>ssh_rc_bash</strong></p>
<blockquote>
<p><em>*ATTENTION!!! Les scripts sur connexion peuvent poser des problèmes pour des appels externes autres que ssh</em></p>
</blockquote>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nano ssh_rc_bash
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>#!/bin/bash
get_infos() {
seconds="$(&lt; /proc/uptime)"
seconds="${seconds/.*}"
days="$((seconds / 60 / 60 / 24)) jour(s)"
hours="$((seconds / 60 / 60 % 24)) heure(s)"
mins="$((seconds / 60 % 60)) minute(s)"
# Remove plural if &lt; 2.
((${days/ *} == 1)) &amp;&amp; days="${days/s}"
((${hours/ *} == 1)) &amp;&amp; hours="${hours/s}"
((${mins/ *} == 1)) &amp;&amp; mins="${mins/s}"
# Hide empty fields.
((${days/ *} == 0)) &amp;&amp; unset days
((${hours/ *} == 0)) &amp;&amp; unset hours
((${mins/ *} == 0)) &amp;&amp; unset mins
uptime="${days:+$days, }${hours:+$hours, }${mins}"
uptime="${uptime%', '}"
uptime="${uptime:-${seconds} seconds}"
if [[ -f "/sys/devices/virtual/dmi/id/board_vendor" ||
-f "/sys/devices/virtual/dmi/id/board_name" ]]; then
model="$(&lt; /sys/devices/virtual/dmi/id/board_vendor)"
model+=" $(&lt; /sys/devices/virtual/dmi/id/board_name)"
fi
if [[ -f "/sys/devices/virtual/dmi/id/bios_vendor" ||
-f "/sys/devices/virtual/dmi/id/bios_version" ]]; then
bios="$(&lt; /sys/devices/virtual/dmi/id/bios_vendor)"
bios+=" $(&lt; /sys/devices/virtual/dmi/id/bios_version)"
bios+=" $(&lt; /sys/devices/virtual/dmi/id/bios_date)"
fi
}
#clear
PROCCOUNT=`ps -Afl | wc -l` # nombre de lignes
PROCCOUNT=`expr $PROCCOUNT - 5` # on ote les non concernées
GROUPZ=`users`
ipinfo=$(curl -s ipinfo.io) # info localisation format json
#ipinfo=$(curl -s iplocality.com) # info localisation format json
publicip=$(echo $ipinfo | jq -r '.ip') # extraction des données , installer préalablement "jq"
ville=$(echo $ipinfo | jq -r '.city')
pays=$(echo $ipinfo | jq -r '.country')
cpuname=`cat /proc/cpuinfo |grep 'model name' | cut -d: -f2 | sed -n 1p`
iplink=`ip link show |grep -m 1 "2:" | awk '{print $2}' | cut -d: -f1`
if [[ $GROUPZ == *irc* ]]; then
ENDSESSION=`cat /etc/security/limits.conf | grep "@irc" | grep maxlogins | awk {'print $4'}`
PRIVLAGED="IRC Account"
else
ENDSESSION="Unlimited"
PRIVLAGED="Regular User"
fi
get_infos
logo=$(figlet "`hostname --fqdn`")
#meteo=$(curl fr.wttr.in/$ville?0)
sdx=$(df -h |grep "/dev/sd") # les montages /dev/sd
distri=$(lsb_release -sd)
distri+=" $(uname -m)"
echo -e "
\e[1;31m$logo
\e[1;35m \e[1;37mHostname \e[1;35m= \e[1;32m`hostname`
\e[1;35m \e[1;37mWired IpV4 \e[1;35m= \e[1;32m`ip addr show $iplink | grep 'inet\b' | awk '{print $2}' | cut -d/ -f1`
\e[1;35m \e[1;37mWired IpV6 \e[1;35m= \e[1;32m`ip addr show $iplink | grep -E 'inet6' |grep -E 'scope link' | awk '{print $2}' | cut -d/ -f1`
\e[1;35m \e[1;37mKernel \e[1;35m= \e[1;32m`uname -r`
\e[1;35m \e[1;37mDistrib \e[1;35m= \e[1;32m$distri
\e[1;35m \e[1;37mUptime \e[1;35m= \e[1;32m`echo $uptime`
\e[1;35m \e[1;37mBios \e[1;35m= \e[1;32m`echo $bios`
\e[1;35m \e[1;37mBoard \e[1;35m= \e[1;32m`echo $model`
\e[1;35m \e[1;37mCPU \e[1;35m= \e[1;32m`echo $cpuname`
\e[1;35m \e[1;37mMemory Use \e[1;35m= \e[1;32m`free -m | awk 'NR==2{printf "%s/%sMB (%.2f%%)\n", $3,$2,$3*100/$2 }'`
\e[1;35m \e[1;37mUsername \e[1;35m= \e[1;32m`whoami`
\e[1;35m \e[1;37mSessions \e[1;35m= \e[1;32m`who | grep $USER | wc -l`
\e[1;35m\e[1;37mPublic IpV4 \e[1;35m= \e[1;32m`echo $publicip`
\e[1;35m\e[1;37mPublic IpV6 \e[1;35m= \e[1;32m`ip addr show $iplink | grep -m 1 'inet6\b' | awk '{print $2}' | cut -d/ -f1`
\e[1;35m\e[1;33m$sdx
\e[1;0m
"
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>chmod +x ssh_rc_bash # rendre le bash exécutable
./ssh_rc_bash # exécution
</code></pre></div></div>
<h3 id="certificats-letsencrypt---domaine-wgvpnspace">Certificats letsencrypt - domaine wgvpn.space</h3>
<p><img src="/images/letsencrypt-logo1.png" alt="letsencrypt" width="100" /><br />
Installation gestionnaire des certificats Lets Encrypt</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>cd ~
sudo apt install socat # prérequis
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>git clone https://github.com/Neilpang/acme.sh.git
cd acme.sh
./acme.sh --install
</code></pre></div></div>
<blockquote>
<p>Se déconnecter puis se reconnecter pour la prise en compte</p>
</blockquote>
<p>Se connecter sur lapi OVH pour les paramètres (clé et secret)</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>export OVH_AK="votre application key"
export OVH_AS="votre application secret"
</code></pre></div></div>
<p>Premier lancement pour la génération des certificats</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>acme.sh --dns dns_ovh --issue --ocsp --keylength ec-384 -d wgvpn.space -d jitsi.wgvpn.space
</code></pre></div></div>
<p>Rechercher le lien qui suit le texte suivant <strong>Please open this link to do authentication:</strong><br />
Se connecter sur le lien , sauthentifier puis sélectionner “unlimited” et valider.Le message suivant saffiche</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>OVH authentication Success !
</code></pre></div></div>
<p>Lancer une seconde fois la génération des certificats et patienter quelques minutes…</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>acme.sh --dns dns_ovh --issue --ocsp --keylength ec-384 -d wgvpn.space -d jitsi.wgvpn.space
</code></pre></div></div>
<p>Les certificats sont disponibles</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>[Sat 21 Mar 2020 02:15:00 PM CET] Your cert is in /home/admini//.acme.sh/wgvpn.space_ecc/wgvpn.space.cer
[Sat 21 Mar 2020 02:15:00 PM CET] Your cert key is in /home/admini//.acme.sh/wgvpn.space_ecc/wgvpn.space.key
[Sat 21 Mar 2020 02:15:00 PM CET] The intermediate CA cert is in /home/admini//.acme.sh/wgvpn.space_ecc/ca.cer
[Sat 21 Mar 2020 02:15:00 PM CET] And the full chain certs is there: /home/admini//.acme.sh/wgvpn.space_ecc/fullchain.cer
</code></pre></div></div>
<p>Créer des liens avec <strong>/etc/ssl/private/</strong></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code># domaine wgvpn.space
sudo ln -s /home/admini//.acme.sh/wgvpn.space_ecc/fullchain.cer /etc/ssl/private/wgvpn.space-fullchain.pem # full chain certs
sudo ln -s /home/admini//.acme.sh/wgvpn.space_ecc/wgvpn.space.key /etc/ssl/private/wgvpn.space-key.pem # cert key
sudo ln -s /home/admini//.acme.sh/wgvpn.space_ecc/wgvpn.space.cer /etc/ssl/private/wgvpn.space-chain.pem # cert domain
sudo ln -s /home/admini//.acme.sh/wgvpn.space_ecc/ca.cer /etc/ssl/private/wgvpn.space-ca.pem # intermediate CA cert
</code></pre></div></div>
<h1 id="jitsi-meet">Jitsi Meet</h1>
<p><em>Jitsi Meet est un logiciel libre distribué sous licence Apache 2 qui a pour objectif de fournir une solution de visio-conférence accessible depuis un navigateur web.<a href="https://framacloud.org/fr/cultiver-son-jardin/jitsi-meet.html">Framasoft : Installation de Jitsi Meet</a></em></p>
<blockquote>
<p>Toutes les commandes se font en mode su (sudo -s)</p>
</blockquote>
<h3 id="prérequis">Prérequis</h3>
<p>Le dépôt fourni par Jitsi utilisant le chiffrement, nous allons devoir installer apt-transport-https :</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>apt install apt-transport-https
</code></pre></div></div>
<p>Afin dinstaller Jitsi nous installerons le Java Runtime Environment<br />
Ajouter ladresse du dépôt jitsi :</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>echo 'deb https://download.jitsi.org stable/' &gt; /etc/apt/sources.list.d/jitsi-stable.list
</code></pre></div></div>
<p>Importer les clés des packageurs de Jitsi dans le trousseau de notre système de paquet :</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
</code></pre></div></div>
<blockquote>
<p>Un petit mot sur les clés : les paquets sont signés avec GPG par ceux qui les créent. La vérification de la signature dun paquet permet de sassurer de son intégrité (de vérifier quil na pas été trafiqué par une personne malveillante). Mais pour vérifier la signature, il faut sassurer quelle a été créée par une clé dont nous connaissons la légitimité (nous vérifions là lauthenticité du paquet).
Doù le <code class="language-plaintext highlighter-rouge">wget… | apt-key add -</code> pour intégrer les clés des packageurs de Jitsi dans le trousseau de clés considérées comme fiables par notre système de paquet</p>
</blockquote>
<p>Mettons à jour notre liste de paquets disponibles :</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>apt update &amp;&amp; apt -y upgrade
</code></pre></div></div>
<p>Installation de Java Runtime Environment</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>apt -y install default-jre-headless ca-certificates-java
</code></pre></div></div>
<h3 id="installer-jitsi">Installer Jitsi</h3>
<p>Installation jitsi-meet</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>apt -y install jitsi-meet
</code></pre></div></div>
<p>Outre des composants propres à Jitsi Meet (jicofo et jitsi-videobridge), ceci installera aussi le serveur XMPP Prosody. En effet, Jitsi Meet utilise le protocole XMPP et nécessite donc un tel serveur.</p>
<p>Linstalleur va vous demander le nom DNS de votre instance , jitsi.wgvpn.space</p>
<p><img src="/images/jitsi001.png" alt="jitsi" width="500" /><br />
jitsi.wgvpn.space</p>
<p><img src="/images/jitsi002.png" alt="jitsi" width="500" /><br />
<img src="/images/jitsi003.png" alt="jitsi" width="500" /><br />
/etc/ssl/private/wgvpn.space-key.pem</p>
<p><img src="/images/jitsi004.png" alt="jitsi" width="500" /><br />
/etc/ssl/private/wgvpn.space-fullchain.pem</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>You can now switch to a Lets Encrypt certificate. To do so, execute:
/usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
</code></pre></div></div>
<blockquote>
<p>La génération dun certificat nétant pas le sujet de ce tutoriel, on choisira le certificat auto-signé. Retenez simplement que si vous souhaitez changer de certificat, il faudra modifier le fichier de configuration /etc/prosody/conf.avail/meet.example.org.cfg.lua et relancer prosody (service prosody restart).<br />
Si vous changez de certificat, vous devrez aussi modifier <strong>/etc/nginx/sites-available/jitsi.wgvpn.space.conf</strong> pour quil utilise votre certificat.</p>
</blockquote>
<p>Pour la configuration, cela se passe dans le fichier <strong>/etc/jitsi/meet/jitsi.wgvpn.space-config.js</strong></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nano /etc/jitsi/meet/jitsi.wgvpn.space-config.js
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>// Pour choisir la langue par défaut
defaultLanguage: "fr",
// Éviter de faire des requêtes à d'autres sites (google analytics, gravatar et callstats.io)
disableThirdPartyRequests: true,
</code></pre></div></div>
<h3 id="configurer">Configurer</h3>
<p>Un fichier <strong>/etc/nginx/sites-available/jitsi.wgvpn.space.conf</strong> et un lien dans <strong>/etc/nginx/sites-enabled</strong> ont été créés à linstallation de jitsi-meet</p>
<h4 id="page-daccueil-facultatif">page daccueil (facultatif)</h4>
<p>Pour pouvoir avoir une page daccueil personnalisée, effectuer une redirection au niveau de Nginx dans <strong>/etc/nginx/sites-available/jitsi.wgvpn.space.conf</strong></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>rewrite ^\/$ https://jitsi.wgvpn.space/accueil/ break;
location ~ /accueil/ {
# La page d'accueil personnalisée dans /var/www/accueil/
alias /var/www/accueil/;
}
</code></pre></div></div>
<blockquote>
<p><strong>Attention !</strong> Notre <code class="language-plaintext highlighter-rouge">location ~ /accueil/ {…}</code> doit impérativement être placé avant le bloc <code class="language-plaintext highlighter-rouge">location ~ ^/([a-zA-Z0-9=\?]+)$ {…}</code> pour être pris en compte !</p>
</blockquote>
<h4 id="configuration-js-et-nginx">Configuration js et nginx</h4>
<p>Nous avons aussi modifié un fichier de configuration caché, la configuration de linterface</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>mkdir /var/www/jitsi-custom
cp /usr/share/jitsi-meet/interface_config.js /var/www/jitsi-custom
</code></pre></div></div>
<p>Ceci nous permet déviter que nos modifications soient écrasées lors dune mise à jour. Editer <strong>/var/www/jitsi-custom/interface_config.js</strong></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> // Un peu de traduction des termes
DEFAULT_REMOTE_DISPLAY_NAME: "Autre participant·e",
DEFAULT_LOCAL_DISPLAY_NAME: "moi",
// Un peu de personnalisation
JITSI_WATERMARK_LINK: 'https://jitsi.wgvpn.space',
APP_NAME: 'Jitsi Yann',
// Ici, vous pouvez modifier ce qu'il y a dans la barre d'outils
TOOLBAR_BUTTONS: ['microphone', 'camera', etc],
</code></pre></div></div>
<p>Pour que ce soit notre fichier modifié qui soit utilisé et non celui de Jitsi, il faut ajouter à la configuration Nginx <strong>/etc/nginx/sites-available/jitsi.wgvpn.space.conf</strong> :</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> location = /interface_config.js {
alias /var/www/jitsi-custom/interface_config.js;
}
</code></pre></div></div>
<p>Notez que vous pouvez faire ça pour dautres fichiers (facultatif)</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>location = /images/watermark.png {
alias /var/www/jitsi-custom/mon_watermark.png;
}
</code></pre></div></div>
<h3 id="configurer-ssltls-et-ocsp">Configurer SSL,TLS et OCSP</h3>
<ul>
<li>ssl (tls1.2 tls1.3) , Headers et OCSP</li>
<li>Diffie-Hellman : <code class="language-plaintext highlighter-rouge">openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -2 2048</code></li>
</ul>
<p>Regroupement dans un fichier <strong>/etc/nginx/ssl_dh_header_ocsp</strong></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> ##
# SSL Settings
##
ssl_certificate /etc/ssl/private/wgvpn.space-fullchain.pem;
ssl_certificate_key /etc/ssl/private/wgvpn.space-key.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
ssl_dhparam /etc/ssl/private/dh2048.pem;
# intermediate configuration
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
add_header Strict-Transport-Security "max-age=31536000";
# OCSP settings
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/ssl/private/wgvpn.space-fullchain.pem;
#ssl_trusted_certificate /etc/ssl/private/ocsp-certs.pem;
# resolver , voir /etc/resolv.conf
resolver 213.186.33.99;
</code></pre></div></div>
<p>le fichier de configuration <strong>/etc/nginx/sites-available/jitsi.wgvpn.space.conf</strong></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nano /etc/nginx/sites-available/jitsi.wgvpn.space.conf
</code></pre></div></div>
<p>SUPPRIMER la zone suivante</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA256:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EDH+aRSA+AESGCM:EDH+aRSA+SHA256:EDH+aRSA:EECDH:!aNULL:!eNULL:!MEDIUM:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED";
add_header Strict-Transport-Security "max-age=31536000";
ssl_certificate /etc/ssl/private/wgvpn.space-fullchain.pem;
ssl_certificate_key /etc/ssl/private/wgvpn.space-key.pem;
</code></pre></div></div>
<p>REMPLACER par</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> include ssl_dh_header_ocsp;
</code></pre></div></div>
<p>Ce qui donne au final le fichier <strong>/etc/nginx/sites-available/jitsi.wgvpn.space.conf</strong></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>server_names_hash_bucket_size 64;
server {
listen 80;
server_name jitsi.wgvpn.space;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name jitsi.wgvpn.space;
include ssl_dh_header_ocsp;
root /usr/share/jitsi-meet;
ssi on;
index index.html index.htm;
error_page 404 /static/404.html;
location = /config.js {
alias /etc/jitsi/meet/jitsi.wgvpn.space-config.js;
}
location = /external_api.js {
alias /usr/share/jitsi-meet/libs/external_api.min.js;
}
location = /interface_config.js {
alias /var/www/jitsi-custom/interface_config.js;
}
#ensure all static content can always be found first
location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)$
{
add_header 'Access-Control-Allow-Origin' '*';
alias /usr/share/jitsi-meet/$1/$2;
}
# BOSH
location = /http-bind {
proxy_pass http://localhost:5280/http-bind;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
}
location ~ ^/([^/?&amp;:'"]+)$ {
try_files $uri @root_path;
}
location @root_path {
rewrite ^/(.*)$ / break;
}
}
</code></pre></div></div>
<p>Après modification configuration Nginx</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nginx -t # (nginx -t permet de vérifier que la configuration de Nginx est valide avant de le relancer)
systemctl reload nginx
</code></pre></div></div>
<h2 id="parefeu---ufw">Parefeu - UFW</h2>
<p><img src="/images/ufw-logo.png" alt="" width="100" /></p>
<ul>
<li><a href="/files/html/UFW%20Parefeu%20(firewall).htm">UFW Parefeu (firewall)-Lien HS</a></li>
</ul>
<p>Installation</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo apt install ufw
</code></pre></div></div>
<p>Status</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo ufw status verbose
Status: inactive
</code></pre></div></div>
<p>Ouvrir les ports suivants :</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo ufw allow 55039/tcp # port SSH , 55039
sudo ufw allow 443/tcp # Serveur Web
sudo ufw allow 4443/tcp # jitsi-meet videostream
sudo ufw allow 10000:20000/tcp # plage TCP/UDP
sudo ufw allow 10000:20000/udp
</code></pre></div></div>
<p>Activer le parefeu</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo ufw enable
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup
</code></pre></div></div>
<p>Status</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> sudo ufw status verbose
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
55039/tcp ALLOW IN Anywhere
443/tcp ALLOW IN Anywhere
4443/tcp ALLOW IN Anywhere
10000:20000/tcp ALLOW IN Anywhere
10000:20000/udp ALLOW IN Anywhere
55039/tcp (v6) ALLOW IN Anywhere (v6)
443/tcp (v6) ALLOW IN Anywhere (v6)
4443/tcp (v6) ALLOW IN Anywhere (v6)
10000:20000/tcp (v6) ALLOW IN Anywhere (v6)
10000:20000/udp (v6) ALLOW IN Anywhere (v6)
</code></pre></div></div>
<h2 id="liens">Liens</h2>
<ul>
<li><a href="https://blog.zwindler.fr/2020/03/17/ta-visio-open-source-comme-un-pro-avec-jitsi/">Ta visio Open Source comme un pro avec Jitsi</a></li>
</ul>
<h1 id="synapsematrix-client-riot">Synapse/Matrix client Riot</h1>
<h2 id="serveur-synapsematrix">Serveur Synapse/Matrix</h2>
<p>Ajout matrix au domaine wgvpn.space<br />
Ajout Certificat ssl Lets Encrypt matrix.wgvpn.space</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>acme.sh --dns dns_ovh --issue --ocsp --keylength ec-384 -d wgvpn.space -d jitsi.wgvpn.space -d matrix.wgvpn.space
</code></pre></div></div>
<p>Matrix.org produit des paquers Debian/Ubuntu de la dernière version stable de Synapse via https://packages.matrix.org/debian/<br />
Pour les utiliser</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo apt install -y lsb-release wget apt-transport-https
sudo wget -O /usr/share/keyrings/matrix-org-archive-keyring.gpg https://packages.matrix.org/debian/matrix-org-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/matrix-org-archive-keyring.gpg] https://packages.matrix.org/debian/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/matrix-org.list
sudo apt update
sudo apt install matrix-synapse-py3
</code></pre></div></div>
<blockquote>
<p><strong>Note</strong>: if you followed a previous version of these instructions which
recommended using <code class="language-plaintext highlighter-rouge">apt-key add</code> to add an old key from
<code class="language-plaintext highlighter-rouge">https://matrix.org/packages/debian/</code>, you should note that this key has been
revoked. You should remove the old key with <code class="language-plaintext highlighter-rouge">sudo apt-key remove
C35EB17E1EAE708E6603A9B3AD0592FE47F0DF61</code>, and follow the above instructions to
update your configuration.<br />
The fingerprint of the repository signing key (as shown by <code class="language-plaintext highlighter-rouge">gpg
/usr/share/keyrings/matrix-org-archive-keyring.gpg</code>) is
<code class="language-plaintext highlighter-rouge">AAF9AE843A7584B5A3E4CD2BCF45A512DE2DA058</code>.</p>
</blockquote>
<p>Service <strong>matrix-synapse.service</strong></p>
<h3 id="mise-en-place-de-synapse">Mise en place de Synapse</h3>
<p>Une fois que vous avez installé synapse comme ci-dessus, vous devez le configurer.</p>
<h4 id="reverse-proxy">Reverse proxy</h4>
<p>La configuration par défaut expose un seul port HTTP sur le réseau local
linterface : <code class="language-plaintext highlighter-rouge">http://localhost:8008</code>. Il convient pour des tests locaux,
mais pour toute utilisation pratique, vous aurez besoin des API de Synapse pour être servi
sur HTTPS.</p>
<p>Le moyen recommandé est de mettre en place un reverse proxy</p>
<ul>
<li>Si vous utilisez votre propre certificat, assurez-vous dutiliser un fichier “.pem” qui
comprend la chaîne complète de certificats, y compris les certificats intermédiaires
(par exemple, si vous utilisez certbot, utilisez <code class="language-plaintext highlighter-rouge">fullchain.pem</code> comme certificat, et non
<code class="language-plaintext highlighter-rouge">cert.pem</code>).</li>
</ul>
<p>Utilisation dun proxy inverse avec Synapse</p>
<p>Il est recommandé de placer un proxy inverse tel que nginx, Apache, Caddy ou HAProxy devant Synapse. Lun des avantages de cette méthode est que vous pouvez exposer le port https par défaut (443) aux clients Matrix sans avoir besoin dexécuter Synapse avec les privilèges de lutilisateur root.</p>
<blockquote>
<p>NOTE : Votre reverse proxy ne doit en aucun cas canoniser ou normaliser lURI demandé (par exemple, en décodant les échappements %xx). Attention, Apache canonisera les URI à moins que vous ne spécifiiez nocanon.</p>
</blockquote>
<p>Lorsque vous configurez un reverse proxy, noubliez pas que les clients et autres serveurs Matrix ne doivent pas nécessairement se connecter à votre serveur via le même nom de serveur ou le même port<br />
En effet, les clients utiliseront le port 443 par défaut, alors que les serveurs utilisent par défaut le port 8448. Lorsque ces ports sont différents, nous parlons de “port client” et de “port de fédération”.<br />
Voir la spécification de la matrice pour plus de détails sur lalgorithme utilisé pour les connexions de fédération, et delegate.md pour des instructions sur la mise en place de la délégation.</p>
<p>Supposons que nous attendons des clients quils se connectent à notre serveur à ladresse https://matrix.wgvpn.space, et des autres serveurs quils se connectent à ladresse https://wgvpn.space:8448. Les sections suivantes détaillent la configuration du reverse proxy et du homeserver.</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo nano /etc/nginx/sites-available/matrix.wgvpn.space.conf
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> server {
listen 443 ssl;
listen [::]:443 ssl;
server_name matrix.wgvpn.space;
# SSL
include ssl_dh_header_ocsp;
location /_matrix {
proxy_pass http://localhost:8008;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
server {
listen 8448 ssl default_server;
listen [::]:8448 ssl default_server;
server_name wgvpn.space;
# SSL
include ssl_dh_header_ocsp;
location / {
proxy_pass http://localhost:8008;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
</code></pre></div></div>
<p>Activer le vhost</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo ln -s /etc/nginx/sites-available/matrix.wgvpn.space.conf /etc/nginx/sites-enabled/matrix.wgvpn.space.conf
nginx -t # vérifier
systemctl reload nginx # recharger
</code></pre></div></div>
<p>Ouvrir le port 8448</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo ufw allow 8448/tcp
</code></pre></div></div>
<h4 id="configuration-du-serveur-daccueil">Configuration du serveur daccueil</h4>
<p>Vous devrez également vérifier <code class="language-plaintext highlighter-rouge">bind_addresses: ['127.0.0.1']</code> et <code class="language-plaintext highlighter-rouge">x_forwarded : true</code> pour le port 8008 dans <strong>/etc/matrix-synapse/homeserver.yaml</strong> afin de sassurer que les adresses IP des clients sont enregistrées correctement.<br />
Cela fait, vous pouvez alors utiliser https://matrix.wgvpn.space (au lieu de https://matrix.wgvpn.space:8448) comme “serveur personnalisé” lorsque vous vous connectez à Synapse à partir dun client.</p>
<h4 id="courriel">Courriel</h4>
<p>Il est souhaitable que Synapse ait la capacité denvoyer des courriels. Cela permet à Synapse denvoyer des courriels de réinitialisation de mot de passe, denvoyer des vérifications lorsquune adresse électronique est ajoutée au compte dun utilisateur, et denvoyer des notifications par courriel aux utilisateurs lorsquils reçoivent de nouveaux messages.</p>
<p>Pour configurer un serveur SMTP pour Synapse, modifiez la section de configuration intitulée “email” et assurez-vous que les champs smtp_host, smtp_port et notif_from sont remplis. Vous devrez peut-être aussi définir smtp_user, smtp_pass et require_transport_security.</p>
<blockquote>
<p>Si le courrier électronique nest pas configuré, la réinitialisation du mot de passe, linscription et les notifications par courrier électronique seront désactivées.</p>
</blockquote>
<h4 id="enregistrement-dun-utilisateur">Enregistrement dun utilisateur</h4>
<p>La façon la plus simple de créer un nouvel utilisateur est de le faire à partir dun client comme <strong>Riot</strong>.</p>
<p>Vous pouvez également le faire à partir de la ligne de commande si vous lavez installé via pip.<br />
Cela peut se faire de la manière suivante :</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>$ source ~/synapse/env/bin/activate
$ synctl start # if not already running
$ register_new_matrix_user -c homeserver.yaml http://localhost:8008
New user localpart: erikj
Password:
Confirm password:
Make admin [no]:
Success!
</code></pre></div></div>
<p>Ce processus utilise un paramètre registration_shared_secret dans homeserver.yaml, qui est partagé entre Synapse lui-même et le script register_new_matrix_user. Peu importe ce que cest (une valeur aléatoire est générée par generate-config), mais cela doit rester secret, car quiconque le connaît peut enregistrer des utilisateurs, y compris des comptes dadministrateur, sur votre serveur même si enable_registration est faux.</p>
<h2 id="riot">Riot</h2>
<p><em>Riot est un client web opensource pour Matrix. Matrix est un protocole de chat libre et décentralisé. Couplé avec Turn il permet de faire chat, appel vidéo et appel audio.</em></p>
<p>Ajout riot au domaine wgvpn.space<br />
Ajout Certificat ssl Lets Encrypt riot.wgvpn.space</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>acme.sh --dns dns_ovh --issue --ocsp --keylength ec-384 -d wgvpn.space -d jitsi.wgvpn.space -d matrix.wgvpn.space -d riot.wgvpn.space
</code></pre></div></div>
<p>Installer riot sur son propre serveur</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo -s
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code># logiciel le plus récent , voir https://github.com/vector-im/riot-web/releases/
cd /tmp/
wget https://github.com/vector-im/riot-web/releases/download/v1.5.13/riot-v1.5.13.tar.gz
# extraction et déplacement
tar -xvf riot-v1.5.13.tar.gz
mv riot-v1.5.13 /var/www/riot
# utilisateur
useradd -g www-data -M riot
# droits
chown -R riot:www-data /var/www/riot
# copiez le `config.sample.json` en `config.json`
cd /var/www/riot
cp config.sample.json config.json
</code></pre></div></div>
<p>Le fichier config.json</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo nano /var/www/riot/config.json
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>[...]
"base_url": "https://matrix.wgvpn.space",
"server_name": "wgvpn.space"
[...]
"defaultCountryCode": "FR",
[...]
</code></pre></div></div>
<p>Le fichier nginx riot</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo nano /etc/nginx/sites-available/riot.wgvpn.space.conf
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>server {
listen 443 ssl;
listen [::]:443 ssl;
server_name riot.wgvpn.space;
root /var/www/riot/;
index index.html index.php index.htm;
access_log /var/log/nginx/riot.domain.tld.access.log;
error_log /var/log/nginx/riot.domain.tld.error.log;
# SSL
include ssl_dh_header_ocsp;
location / {
try_files $uri $uri/ =404;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location /.well-known/acme-challenge {
root /var/www/letsencrypt/riot.domain.tld;
allow all;
}
}
</code></pre></div></div>
<p>Activer le vhost</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo ln -s /etc/nginx/sites-available/riot.wgvpn.space.conf /etc/nginx/sites-enabled/riot.wgvpn.space.conf
nginx -t # vérifier
systemctl reload nginx # recharger
</code></pre></div></div>
</div>
<div class="d-print-none"><footer class="article__footer"><meta itemprop="dateModified" content="2020-03-21T00:00:00+01:00"><!-- start custom article footer snippet -->
<!-- end custom article footer snippet -->
<!--
<div align="right"><a type="application/rss+xml" href="/feed.xml" title="S'abonner"><i class="fa fa-rss fa-2x"></i></a>
&emsp;</div>
-->
</footer>
<div class="article__section-navigator clearfix"><div class="previous"><span>PRÉCÉDENT</span><a href="/2020/03/21/Compilation-Nginx(avec-modules-dynamiques)+TLSv1.3+PHP7.4+MariaDB-sur-DebianBuster.html">Debian Buster, compilation Nginx + PHP7.4 + MariaDB + SSL/TLS1.3</a></div><div class="next"><span>SUIVANT</span><a href="/2020/03/22/OVH4-KVM-vps506197-Yunohost-Debian-Stretch-yanfi.net.html">OVH VPS506197 Debian Stretch Yunohost yanfi.net</a></div></div></div>
</div>
<script>(function() {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
$(function() {
var $this ,$scroll;
var $articleContent = $('.js-article-content');
var hasSidebar = $('.js-page-root').hasClass('layout--page--sidebar');
var scroll = hasSidebar ? '.js-page-main' : 'html, body';
$scroll = $(scroll);
$articleContent.find('.highlight').each(function() {
$this = $(this);
$this.attr('data-lang', $this.find('code').attr('data-lang'));
});
$articleContent.find('h1[id], h2[id], h3[id], h4[id], h5[id], h6[id]').each(function() {
$this = $(this);
$this.append($('<a class="anchor d-print-none" aria-hidden="true"></a>').html('<i class="fas fa-anchor"></i>'));
});
$articleContent.on('click', '.anchor', function() {
$scroll.scrollToAnchor('#' + $(this).parent().attr('id'), 400);
});
});
});
})();
</script>
</div><section class="page__comments d-print-none"></section></article><!-- start custom main bottom snippet -->
<!-- end custom main bottom snippet -->
</div>
</div></div></div></div>
</div><script>(function() {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
var $body = $('body'), $window = $(window);
var $pageRoot = $('.js-page-root'), $pageMain = $('.js-page-main');
var activeCount = 0;
function modal(options) {
var $root = this, visible, onChange, hideWhenWindowScroll = false;
var scrollTop;
function setOptions(options) {
var _options = options || {};
visible = _options.initialVisible === undefined ? false : show;
onChange = _options.onChange;
hideWhenWindowScroll = _options.hideWhenWindowScroll;
}
function init() {
setState(visible);
}
function setState(isShow) {
if (isShow === visible) {
return;
}
visible = isShow;
if (visible) {
activeCount++;
scrollTop = $(window).scrollTop() || $pageMain.scrollTop();
$root.addClass('modal--show');
$pageMain.scrollTop(scrollTop);
activeCount === 1 && ($pageRoot.addClass('show-modal'), $body.addClass('of-hidden'));
hideWhenWindowScroll && window.hasEvent('touchstart') && $window.on('scroll', hide);
$window.on('keyup', handleKeyup);
} else {
activeCount > 0 && activeCount--;
$root.removeClass('modal--show');
$window.scrollTop(scrollTop);
activeCount === 0 && ($pageRoot.removeClass('show-modal'), $body.removeClass('of-hidden'));
hideWhenWindowScroll && window.hasEvent('touchstart') && $window.off('scroll', hide);
$window.off('keyup', handleKeyup);
}
onChange && onChange(visible);
}
function show() {
setState(true);
}
function hide() {
setState(false);
}
function handleKeyup(e) {
// Char Code: 27 ESC
if (e.which === 27) {
hide();
}
}
setOptions(options);
init();
return {
show: show,
hide: hide,
$el: $root
};
}
$.fn.modal = modal;
});
})();
</script><div class="modal modal--overflow page__search-modal d-print-none js-page-search-modal"><script>
(function () {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
// search panel
var search = (window.search || (window.search = {}));
var useDefaultSearchBox = window.useDefaultSearchBox === undefined ?
true : window.useDefaultSearchBox ;
var $searchModal = $('.js-page-search-modal');
var $searchToggle = $('.js-search-toggle');
var searchModal = $searchModal.modal({ onChange: handleModalChange, hideWhenWindowScroll: true });
var modalVisible = false;
search.searchModal = searchModal;
var $searchBox = null;
var $searchInput = null;
var $searchClear = null;
function getModalVisible() {
return modalVisible;
}
search.getModalVisible = getModalVisible;
function handleModalChange(visible) {
modalVisible = visible;
if (visible) {
search.onShow && search.onShow();
useDefaultSearchBox && $searchInput[0] && $searchInput[0].focus();
} else {
search.onShow && search.onHide();
useDefaultSearchBox && $searchInput[0] && $searchInput[0].blur();
setTimeout(function() {
useDefaultSearchBox && ($searchInput.val(''), $searchBox.removeClass('not-empty'));
search.clear && search.clear();
window.pageAsideAffix && window.pageAsideAffix.refresh();
}, 400);
}
}
$searchToggle.on('click', function() {
modalVisible ? searchModal.hide() : searchModal.show();
});
// Char Code: 83 S, 191 /
$(window).on('keyup', function(e) {
if (!modalVisible && !window.isFormElement(e.target || e.srcElement) && (e.which === 83 || e.which === 191)) {
modalVisible || searchModal.show();
}
});
if (useDefaultSearchBox) {
$searchBox = $('.js-search-box');
$searchInput = $searchBox.children('input');
$searchClear = $searchBox.children('.js-icon-clear');
search.getSearchInput = function() {
return $searchInput.get(0);
};
search.getVal = function() {
return $searchInput.val();
};
search.setVal = function(val) {
$searchInput.val(val);
};
$searchInput.on('focus', function() {
$(this).addClass('focus');
});
$searchInput.on('blur', function() {
$(this).removeClass('focus');
});
$searchInput.on('input', window.throttle(function() {
var val = $(this).val();
if (val === '' || typeof val !== 'string') {
search.clear && search.clear();
} else {
$searchBox.addClass('not-empty');
search.onInputNotEmpty && search.onInputNotEmpty(val);
}
}, 400));
$searchClear.on('click', function() {
$searchInput.val(''); $searchBox.removeClass('not-empty');
search.clear && search.clear();
});
}
});
})();
</script><div class="search search--dark">
<div class="main">
<div class="search__header">Recherche</div>
<div class="search-bar">
<div class="search-box js-search-box">
<div class="search-box__icon-search"><i class="fas fa-search"></i></div>
<input id="search-input" type="text" />
<div class="search-box__icon-clear js-icon-clear">
<a><i class="fas fa-times"></i></a>
</div>
</div>
<button class="button button--theme-dark button--pill search__cancel js-search-toggle">
Annuler</button>
</div>
<div id="results-container" class="search-result js-search-result"></div>
</div>
</div>
<!-- Script pointing to search-script.js -->
<script>/*!
* Simple-Jekyll-Search
* Copyright 2015-2020, Christian Fei
* Licensed under the MIT License.
*/
(function(){
'use strict'
var _$Templater_7 = {
compile: compile,
setOptions: setOptions
}
const options = {}
options.pattern = /\{(.*?)\}/g
options.template = ''
options.middleware = function () {}
function setOptions (_options) {
options.pattern = _options.pattern || options.pattern
options.template = _options.template || options.template
if (typeof _options.middleware === 'function') {
options.middleware = _options.middleware
}
}
function compile (data) {
return options.template.replace(options.pattern, function (match, prop) {
const value = options.middleware(prop, data[prop], options.template)
if (typeof value !== 'undefined') {
return value
}
return data[prop] || match
})
}
'use strict';
function fuzzysearch (needle, haystack) {
var tlen = haystack.length;
var qlen = needle.length;
if (qlen > tlen) {
return false;
}
if (qlen === tlen) {
return needle === haystack;
}
outer: for (var i = 0, j = 0; i < qlen; i++) {
var nch = needle.charCodeAt(i);
while (j < tlen) {
if (haystack.charCodeAt(j++) === nch) {
continue outer;
}
}
return false;
}
return true;
}
var _$fuzzysearch_1 = fuzzysearch;
'use strict'
/* removed: const _$fuzzysearch_1 = require('fuzzysearch') */;
var _$FuzzySearchStrategy_5 = new FuzzySearchStrategy()
function FuzzySearchStrategy () {
this.matches = function (string, crit) {
return _$fuzzysearch_1(crit.toLowerCase(), string.toLowerCase())
}
}
'use strict'
var _$LiteralSearchStrategy_6 = new LiteralSearchStrategy()
function LiteralSearchStrategy () {
this.matches = function (str, crit) {
if (!str) return false
str = str.trim().toLowerCase()
crit = crit.trim().toLowerCase()
return crit.split(' ').filter(function (word) {
return str.indexOf(word) >= 0
}).length === crit.split(' ').length
}
}
'use strict'
var _$Repository_4 = {
put: put,
clear: clear,
search: search,
setOptions: __setOptions_4
}
/* removed: const _$FuzzySearchStrategy_5 = require('./SearchStrategies/FuzzySearchStrategy') */;
/* removed: const _$LiteralSearchStrategy_6 = require('./SearchStrategies/LiteralSearchStrategy') */;
function NoSort () {
return 0
}
const data = []
let opt = {}
opt.fuzzy = false
opt.limit = 10
opt.searchStrategy = opt.fuzzy ? _$FuzzySearchStrategy_5 : _$LiteralSearchStrategy_6
opt.sort = NoSort
opt.exclude = []
function put (data) {
if (isObject(data)) {
return addObject(data)
}
if (isArray(data)) {
return addArray(data)
}
return undefined
}
function clear () {
data.length = 0
return data
}
function isObject (obj) {
return Boolean(obj) && Object.prototype.toString.call(obj) === '[object Object]'
}
function isArray (obj) {
return Boolean(obj) && Object.prototype.toString.call(obj) === '[object Array]'
}
function addObject (_data) {
data.push(_data)
return data
}
function addArray (_data) {
const added = []
clear()
for (let i = 0, len = _data.length; i < len; i++) {
if (isObject(_data[i])) {
added.push(addObject(_data[i]))
}
}
return added
}
function search (crit) {
if (!crit) {
return []
}
return findMatches(data, crit, opt.searchStrategy, opt).sort(opt.sort)
}
function __setOptions_4 (_opt) {
opt = _opt || {}
opt.fuzzy = _opt.fuzzy || false
opt.limit = _opt.limit || 10
opt.searchStrategy = _opt.fuzzy ? _$FuzzySearchStrategy_5 : _$LiteralSearchStrategy_6
opt.sort = _opt.sort || NoSort
opt.exclude = _opt.exclude || []
}
function findMatches (data, crit, strategy, opt) {
const matches = []
for (let i = 0; i < data.length && matches.length < opt.limit; i++) {
const match = findMatchesInObject(data[i], crit, strategy, opt)
if (match) {
matches.push(match)
}
}
return matches
}
function findMatchesInObject (obj, crit, strategy, opt) {
for (const key in obj) {
if (!isExcluded(obj[key], opt.exclude) && strategy.matches(obj[key], crit)) {
return obj
}
}
}
function isExcluded (term, excludedTerms) {
for (let i = 0, len = excludedTerms.length; i < len; i++) {
const excludedTerm = excludedTerms[i]
if (new RegExp(excludedTerm).test(term)) {
return true
}
}
return false
}
/* globals ActiveXObject:false */
'use strict'
var _$JSONLoader_2 = {
load: load
}
function load (location, callback) {
const xhr = getXHR()
xhr.open('GET', location, true)
xhr.onreadystatechange = createStateChangeListener(xhr, callback)
xhr.send()
}
function createStateChangeListener (xhr, callback) {
return function () {
if (xhr.readyState === 4 && xhr.status === 200) {
try {
callback(null, JSON.parse(xhr.responseText))
} catch (err) {
callback(err, null)
}
}
}
}
function getXHR () {
return window.XMLHttpRequest ? new window.XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP')
}
'use strict'
var _$OptionsValidator_3 = function OptionsValidator (params) {
if (!validateParams(params)) {
throw new Error('-- OptionsValidator: required options missing')
}
if (!(this instanceof OptionsValidator)) {
return new OptionsValidator(params)
}
const requiredOptions = params.required
this.getRequiredOptions = function () {
return requiredOptions
}
this.validate = function (parameters) {
const errors = []
requiredOptions.forEach(function (requiredOptionName) {
if (typeof parameters[requiredOptionName] === 'undefined') {
errors.push(requiredOptionName)
}
})
return errors
}
function validateParams (params) {
if (!params) {
return false
}
return typeof params.required !== 'undefined' && params.required instanceof Array
}
}
'use strict'
var _$utils_9 = {
merge: merge,
isJSON: isJSON
}
function merge (defaultParams, mergeParams) {
const mergedOptions = {}
for (const option in defaultParams) {
mergedOptions[option] = defaultParams[option]
if (typeof mergeParams[option] !== 'undefined') {
mergedOptions[option] = mergeParams[option]
}
}
return mergedOptions
}
function isJSON (json) {
try {
if (json instanceof Object && JSON.parse(JSON.stringify(json))) {
return true
}
return false
} catch (err) {
return false
}
}
var _$src_8 = {};
(function (window) {
'use strict'
let options = {
searchInput: null,
resultsContainer: null,
json: [],
success: Function.prototype,
searchResultTemplate: '<li><a href="{url}" title="{desc}">{title}</a></li>',
templateMiddleware: Function.prototype,
sortMiddleware: function () {
return 0
},
noResultsText: 'No results found',
limit: 10,
fuzzy: false,
debounceTime: null,
exclude: []
}
let debounceTimerHandle
const debounce = function (func, delayMillis) {
if (delayMillis) {
clearTimeout(debounceTimerHandle)
debounceTimerHandle = setTimeout(func, delayMillis)
} else {
func.call()
}
}
const requiredOptions = ['searchInput', 'resultsContainer', 'json']
/* removed: const _$Templater_7 = require('./Templater') */;
/* removed: const _$Repository_4 = require('./Repository') */;
/* removed: const _$JSONLoader_2 = require('./JSONLoader') */;
const optionsValidator = _$OptionsValidator_3({
required: requiredOptions
})
/* removed: const _$utils_9 = require('./utils') */;
window.SimpleJekyllSearch = function (_options) {
const errors = optionsValidator.validate(_options)
if (errors.length > 0) {
throwError('You must specify the following required options: ' + requiredOptions)
}
options = _$utils_9.merge(options, _options)
_$Templater_7.setOptions({
template: options.searchResultTemplate,
middleware: options.templateMiddleware
})
_$Repository_4.setOptions({
fuzzy: options.fuzzy,
limit: options.limit,
sort: options.sortMiddleware,
exclude: options.exclude
})
if (_$utils_9.isJSON(options.json)) {
initWithJSON(options.json)
} else {
initWithURL(options.json)
}
const rv = {
search: search
}
typeof options.success === 'function' && options.success.call(rv)
return rv
}
function initWithJSON (json) {
_$Repository_4.put(json)
registerInput()
}
function initWithURL (url) {
_$JSONLoader_2.load(url, function (err, json) {
if (err) {
throwError('failed to get JSON (' + url + ')')
}
initWithJSON(json)
})
}
function emptyResultsContainer () {
options.resultsContainer.innerHTML = ''
}
function appendToResultsContainer (text) {
options.resultsContainer.innerHTML += text
}
function registerInput () {
options.searchInput.addEventListener('input', function (e) {
if (isWhitelistedKey(e.which)) {
emptyResultsContainer()
debounce(function () { search(e.target.value) }, options.debounceTime)
}
})
}
function search (query) {
if (isValidQuery(query)) {
emptyResultsContainer()
render(_$Repository_4.search(query), query)
}
}
function render (results, query) {
const len = results.length
if (len === 0) {
return appendToResultsContainer(options.noResultsText)
}
for (let i = 0; i < len; i++) {
results[i].query = query
appendToResultsContainer(_$Templater_7.compile(results[i]))
}
}
function isValidQuery (query) {
return query && query.length > 0
}
function isWhitelistedKey (key) {
return [13, 16, 20, 37, 38, 39, 40, 91].indexOf(key) === -1
}
function throwError (message) {
throw new Error('SimpleJekyllSearch --- ' + message)
}
})(window)
}());
</script>
<!-- Configuration -->
<script>
SimpleJekyllSearch({
searchInput: document.getElementById('search-input'),
resultsContainer: document.getElementById('results-container'),
noResultsText: '<p>Aucun résultat!</p>',
json: '/search.json',
searchResultTemplate: '<li><a href="{url}">{date}&nbsp;{title}</a>&nbsp;(Création {create})</li>'
})
</script>
</div></div>
<script>(function() {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
function scrollToAnchor(anchor, duration, callback) {
var $root = this;
$root.animate({ scrollTop: $(anchor).position().top }, duration, function() {
window.history.replaceState(null, '', window.location.href.split('#')[0] + anchor);
callback && callback();
});
}
$.fn.scrollToAnchor = scrollToAnchor;
});
})();
(function() {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
function affix(options) {
var $root = this, $window = $(window), $scrollTarget, $scroll,
offsetBottom = 0, scrollTarget = window, scroll = window.document, disabled = false, isOverallScroller = true,
rootTop, rootLeft, rootHeight, scrollBottom, rootBottomTop,
hasInit = false, curState;
function setOptions(options) {
var _options = options || {};
_options.offsetBottom && (offsetBottom = _options.offsetBottom);
_options.scrollTarget && (scrollTarget = _options.scrollTarget);
_options.scroll && (scroll = _options.scroll);
_options.disabled !== undefined && (disabled = _options.disabled);
$scrollTarget = $(scrollTarget);
isOverallScroller = window.isOverallScroller($scrollTarget[0]);
$scroll = $(scroll);
}
function preCalc() {
top();
rootHeight = $root.outerHeight();
rootTop = $root.offset().top + (isOverallScroller ? 0 : $scrollTarget.scrollTop());
rootLeft = $root.offset().left;
}
function calc(needPreCalc) {
needPreCalc && preCalc();
scrollBottom = $scroll.outerHeight() - offsetBottom - rootHeight;
rootBottomTop = scrollBottom - rootTop;
}
function top() {
if (curState !== 'top') {
$root.removeClass('fixed').css({
left: 0,
top: 0
});
curState = 'top';
}
}
function fixed() {
if (curState !== 'fixed') {
$root.addClass('fixed').css({
left: rootLeft + 'px',
top: 0
});
curState = 'fixed';
}
}
function bottom() {
if (curState !== 'bottom') {
$root.removeClass('fixed').css({
left: 0,
top: rootBottomTop + 'px'
});
curState = 'bottom';
}
}
function setState() {
var scrollTop = $scrollTarget.scrollTop();
if (scrollTop >= rootTop && scrollTop <= scrollBottom) {
fixed();
} else if (scrollTop < rootTop) {
top();
} else {
bottom();
}
}
function init() {
if(!hasInit) {
var interval, timeout;
calc(true); setState();
// run calc every 100 millisecond
interval = setInterval(function() {
calc();
}, 100);
timeout = setTimeout(function() {
clearInterval(interval);
}, 45000);
window.pageLoad.then(function() {
setTimeout(function() {
clearInterval(interval);
clearTimeout(timeout);
}, 3000);
});
$scrollTarget.on('scroll', function() {
disabled || setState();
});
$window.on('resize', function() {
disabled || (calc(true), setState());
});
hasInit = true;
}
}
setOptions(options);
if (!disabled) {
init();
}
$window.on('resize', window.throttle(function() {
init();
}, 200));
return {
setOptions: setOptions,
refresh: function() {
calc(true, { animation: false }); setState();
}
};
}
$.fn.affix = affix;
});
})();
(function() {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
function toc(options) {
var $root = this, $window = $(window), $scrollTarget, $scroller, $tocUl = $('<ul class="toc toc--ellipsis"></ul>'), $tocLi, $headings, $activeLast, $activeCur,
selectors = 'h1,h2,h3', container = 'body', scrollTarget = window, scroller = 'html, body', disabled = false,
headingsPos, scrolling = false, hasRendered = false, hasInit = false;
function setOptions(options) {
var _options = options || {};
_options.selectors && (selectors = _options.selectors);
_options.container && (container = _options.container);
_options.scrollTarget && (scrollTarget = _options.scrollTarget);
_options.scroller && (scroller = _options.scroller);
_options.disabled !== undefined && (disabled = _options.disabled);
$headings = $(container).find(selectors).filter('[id]');
$scrollTarget = $(scrollTarget);
$scroller = $(scroller);
}
function calc() {
headingsPos = [];
$headings.each(function() {
headingsPos.push(Math.floor($(this).position().top));
});
}
function setState(element, disabled) {
var scrollTop = $scrollTarget.scrollTop(), i;
if (disabled || !headingsPos || headingsPos.length < 1) { return; }
if (element) {
$activeCur = element;
} else {
for (i = 0; i < headingsPos.length; i++) {
if (scrollTop >= headingsPos[i]) {
$activeCur = $tocLi.eq(i);
} else {
$activeCur || ($activeCur = $tocLi.eq(i));
break;
}
}
}
$activeLast && $activeLast.removeClass('active');
($activeLast = $activeCur).addClass('active');
}
function render() {
if(!hasRendered) {
$root.append($tocUl);
$headings.each(function() {
var $this = $(this);
$tocUl.append($('<li></li>').addClass('toc-' + $this.prop('tagName').toLowerCase())
.append($('<a></a>').text($this.text()).attr('href', '#' + $this.prop('id'))));
});
$tocLi = $tocUl.children('li');
$tocUl.on('click', 'a', function(e) {
e.preventDefault();
var $this = $(this);
scrolling = true;
setState($this.parent());
$scroller.scrollToAnchor($this.attr('href'), 400, function() {
scrolling = false;
});
});
}
hasRendered = true;
}
function init() {
var interval, timeout;
if(!hasInit) {
render(); calc(); setState(null, scrolling);
// run calc every 100 millisecond
interval = setInterval(function() {
calc();
}, 100);
timeout = setTimeout(function() {
clearInterval(interval);
}, 45000);
window.pageLoad.then(function() {
setTimeout(function() {
clearInterval(interval);
clearTimeout(timeout);
}, 3000);
});
$scrollTarget.on('scroll', function() {
disabled || setState(null, scrolling);
});
$window.on('resize', window.throttle(function() {
if (!disabled) {
render(); calc(); setState(null, scrolling);
}
}, 100));
}
hasInit = true;
}
setOptions(options);
if (!disabled) {
init();
}
$window.on('resize', window.throttle(function() {
init();
}, 200));
return {
setOptions: setOptions
};
}
$.fn.toc = toc;
});
})();
/*(function () {
})();*/
</script><script>
/* toc must before affix, since affix need to konw toc' height. */(function() {
var SOURCES = window.TEXT_VARIABLES.sources;
var TOC_SELECTOR = window.TEXT_VARIABLES.site.toc.selectors;
window.Lazyload.js(SOURCES.jquery, function() {
var $window = $(window);
var $articleContent = $('.js-article-content');
var $tocRoot = $('.js-toc-root'), $col2 = $('.js-col-aside');
var toc;
var tocDisabled = false;
var hasSidebar = $('.js-page-root').hasClass('layout--page--sidebar');
var hasToc = $articleContent.find(TOC_SELECTOR).length > 0;
function disabled() {
return $col2.css('display') === 'none' || !hasToc;
}
tocDisabled = disabled();
toc = $tocRoot.toc({
selectors: TOC_SELECTOR,
container: $articleContent,
scrollTarget: hasSidebar ? '.js-page-main' : null,
scroller: hasSidebar ? '.js-page-main' : null,
disabled: tocDisabled
});
$window.on('resize', window.throttle(function() {
tocDisabled = disabled();
toc && toc.setOptions({
disabled: tocDisabled
});
}, 100));
});
})();
(function() {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
var $window = $(window), $pageFooter = $('.js-page-footer');
var $pageAside = $('.js-page-aside');
var affix;
var tocDisabled = false;
var hasSidebar = $('.js-page-root').hasClass('layout--page--sidebar');
affix = $pageAside.affix({
offsetBottom: $pageFooter.outerHeight(),
scrollTarget: hasSidebar ? '.js-page-main' : null,
scroller: hasSidebar ? '.js-page-main' : null,
scroll: hasSidebar ? $('.js-page-main').children() : null,
disabled: tocDisabled
});
$window.on('resize', window.throttle(function() {
affix && affix.setOptions({
disabled: tocDisabled
});
}, 100));
window.pageAsideAffix = affix;
});
})();
</script><!---->
</div>
<script>(function () {
var $root = document.getElementsByClassName('root')[0];
if (window.hasEvent('touchstart')) {
$root.dataset.isTouch = true;
document.addEventListener('touchstart', function(){}, false);
}
})();
</script>
</body>
</html>
Reference in New Issue Copy Permalink