From 971b159baa96982e0a25ca82cd9534e842329f29 Mon Sep 17 00:00:00 2001 From: Dele Olajide Date: Mon, 16 Jan 2023 16:38:47 +0000 Subject: [PATCH 1/2] Update README.md --- README.md | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index a2346e8..241e772 100644 --- a/README.md +++ b/README.md @@ -6,13 +6,18 @@ This plugin provides a TURN/STUN Server for Openfire. [![Build Status](https://github.com/igniterealtime/openfire-pionturn-plugin/workflows/Java%20CI/badge.svg)](https://github.com/igniterealtime/openfire-pionturn-plugin/actions) -

Overview

+## Overview -

This plugin uses the Pion Turn Project (https://github.com/pion/turn) to create a TURN/STUN server for Openfire. -

-

Known Issues

+This plugin is only useful when Openfire is in a network location that is **not** behind restrictive constructs like NAT (one of it's main purposes is to *help* clients circumvent NATs in the first place). The STUN service itself needs to see the 'public' IP address of the client (and possibly vice versa). That works best if the server is itself in a public network segment. The TURN service is more elaborate: instead of just being used to report on the observed client IP/port, it will act as a proxy. That means that all data flows over the TURN server (which isn't true for a STUN server). In any case: make your Openfire server have a public IPs, not something behind a NAT. + +When your Openfire is behind a NAT, it probably **makes less sense** to run a STUN/TURN server embedded in Openfire. +When this is the case, a valid alternative might be to position a stand-alone STUN/TURN server somewhere 'public' (not NATted), and tie that to Openfire using the external service discovery plugin for Openfire. + +When you have clients from outside your network wanting to do STUN/TURN, then it's likely that placing your openfire server in a DMZ will make it easier for them to connect to it. Please note that there probably are drawbacks with regards to security policies etc. + +## Known Issues This version has embedded binaries for only Linux 64, MacOS 64, Windows 64 and Windows 32.

From ab9fe33a8bc6fddad5837236e3b470892325dcb1 Mon Sep 17 00:00:00 2001 From: Dan Caseley Date: Wed, 3 May 2023 20:47:00 +0100 Subject: [PATCH 2/2] Update workflow file --- .github/workflows/build.yml | 73 +++---------------------------------- 1 file changed, 5 insertions(+), 68 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ca299bb..6f03709 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,73 +1,10 @@ -# Version 2021-10-27 +# Version 2023-03-05 name: Java CI on: [push, pull_request] jobs: build: - runs-on: ubuntu-latest - strategy: - matrix: - java: [ "1.8", "11" ] - - steps: - # Checkout Repo - - uses: actions/checkout@v2 - - # Create a variable with this plugin's name - - id: get-id - name: Compute needed variables - run: | - set -x - id=$(echo ${{ github.repository }} | cut -d- -f2) - echo "::set-output name=id::$id" - echo "id is '$id'" - tag=$(echo ${{ github.ref }} | cut -d '/' -f3) - echo "::set-output name=tag::$tag" - echo "tag is '$tag'" - version=$(echo ${{ github.ref }} | cut -d '/' -f3 | cut -c 2-) - echo "::set-output name=version::$version" - echo "version is '$version'" - rel_id=$(curl -sL https://api.github.com/repos/${{github.repository}}/releases | jq -r --arg TAG "$tag" '.[] | select(.tag_name==$TAG) | .id') - echo ::set-output name=rel_id::$rel_id - echo "rel_id is '$rel_id'" - - - name: Setup JDK ${{ matrix.java }} - uses: actions/setup-java@v1 - with: - java-version: ${{ matrix.java }} - - - name: Cache Maven repository - uses: actions/cache@v1 - with: - path: ~/.m2/repository - key: ${{ runner.os }}-java${{ matrix.java }}-maven-${{ hashFiles('**/pom.xml') }} - restore-keys: | - ${{ runner.os }}-java${{ matrix.java }}-maven- - ${{ runner.os }}- - - - name: Igniterealtime CI Tooling - run: | - git clone --depth 1 https://github.com/igniterealtime/ci-tooling.git target/ci-tooling - cp target/ci-tooling/maven-settings-for-openfire-plugins.xml $HOME/.m2/settings.xml - - - name: Build with Maven - run: mvn -B package - - - name: Conditionally Deploy to Igniterealtime Archiva - id: deploy - if: ${{ contains(github.repository, 'igniterealtime/') && ( ( github.event_name == 'push' && github.ref == 'refs/heads/main' ) || contains(github.ref, 'refs/tags/') ) && matrix.java == '1.8' }} - run: mvn -B deploy --settings target/ci-tooling/maven-settings-for-openfire-plugins.xml - env: - CI_DEPLOY_USERNAME: ${{ secrets.IGNITE_REALTIME_MAVEN_USERNAME }} - CI_DEPLOY_PASSWORD: ${{ secrets.IGNITE_REALTIME_MAVEN_PASSWORD }} - - - name: Conditionally Push Artifact to Github Release - uses: actions/upload-release-asset@v1 - if: ${{ contains(github.repository, 'igniterealtime/') && github.event_name == 'push' && contains(github.ref, 'refs/tags/') && matrix.java == '1.8' }} - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: https://uploads.github.com/repos/${{ github.repository }}/releases/${{ steps.get-id.outputs.rel_id }}/assets?name=${{ steps.get-id.outputs.id }}.jar - asset_path: target/${{ steps.get-id.outputs.id }}-openfire-plugin-assembly.jar - asset_name: ${{ steps.get-id.outputs.id }}.jar - asset_content_type: application/java-archive + uses: igniterealtime/openfire-plugin-builder-action/.github/workflows/openfire-plugin-build.yml@main + secrets: + IGNITE_REALTIME_MAVEN_USERNAME: ${{ secrets.IGNITE_REALTIME_MAVEN_USERNAME }} + IGNITE_REALTIME_MAVEN_PASSWORD: ${{ secrets.IGNITE_REALTIME_MAVEN_PASSWORD }}