NameVirtualHost 181.193.87.6:80
<VirtualHost 181.193.87.6:80>
#************************************************************************
#******************* DATOS DEL SITIO WEB ********************************
#************************************************************************
ServerName chat.siua.ac.cr
ServerAlias www.chat.siua.ac.cr
ErrorLog /var/log/apache2/chat_80.siua.ac.cr-error.log
CustomLog /var/log/apache2/chat_80.siua.ac.cr-access.log common
#************************************************************************
#********************** DATOS DEL WEBMASTER *****************************
#************************************************************************
ServerAdmin interuniversitariadealajuela@gmail.com
Header add Author "Unidad de Gestion e Innovacion Tecnologica"
#************************************************************************
#************************** DATOS DEL REDIRECCIONAMIENTO ****************
#************************************************************************
</VirtualHost>
NameVirtualHost 181.193.87.6:80
<VirtualHost 181.193.87.6:80>
#************************************************************************
#******************* DATOS DEL SITIO WEB ********************************
#************************************************************************
ServerName riot.siua.ac.cr
ServerAlias www.riot.siua.ac.cr
ErrorLog /var/log/apache2/riot_80.siua.ac.cr-error.log
CustomLog /var/log/apache2/riot_80.siua.ac.cr-access.log common
#************************************************************************
#********************** DATOS DEL WEBMASTER *****************************
#************************************************************************
ServerAdmin interuniversitariadealajuela@gmail.com
Header add Author "Unidad de Gestion e Innovacion Tecnologica"
#************************************************************************
#************************** DATOS DEL REDIRECCIONAMIENTO ****************
#************************************************************************
</VirtualHost>
NameVirtualHost 181.193.87.6:80
<VirtualHost 181.193.87.6:80>
#************************************************************************
#******************* DATOS DEL SITIO WEB ********************************
#************************************************************************
ServerName matrix.siua.ac.cr
ServerAlias www.matrix.siua.ac.cr
ErrorLog /var/log/apache2/matrix_80.siua.ac.cr-error.log
CustomLog /var/log/apache2/matrix_80.siua.ac.cr-access.log common
#************************************************************************
#********************** DATOS DEL WEBMASTER *****************************
#************************************************************************
ServerAdmin interuniversitariadealajuela@gmail.com
Header add Author "Unidad de Gestion e Innovacion Tecnologica"
#************************************************************************
#************************** DATOS DEL REDIRECCIONAMIENTO ****************
#************************************************************************
</VirtualHost>
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 24 25 71 72 106 107
Ahora modificamos los archivos para crear proxy pass
<IfModule mod_ssl.c>
<VirtualHost 181.193.87.6:443>
#************************************************************************
#******************* DATOS DEL SITIO WEB ********************************
#************************************************************************
ServerName chat.siua.ac.cr
ServerAlias www.chat.siua.ac.cr
ErrorLog /var/log/apache2/chat_443.siua.ac.cr-error.log
CustomLog /var/log/apache2/chat_443.siua.ac.cr-access.log common
#************************************************************************
#********************** DATOS DEL WEBMASTER *****************************
#************************************************************************
ServerAdmin interuniversitariadealajuela@gmail.com
Header add Author "Unidad de Gestion e Innovacion Tecnologica"
#************************************************************************
#********************* DATOS DEL REDIRECCIONAMIENTO *********************
#************************************************************************
ProxyPreserveHost On
ProxyRequests off
SSLProxyEngine on
ProxyPass / https://10.20.200.77/
ProxyPassReverse / https://10.20.200.77/
#************************************************************************
#********************** DATOS DEL CERTIFICADO ***************************
#************************************************************************
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/matrix.siua.ac.cr/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/matrix.siua.ac.cr/privkey.pem
</VirtualHost>
</IfModule>
<IfModule mod_ssl.c>
<VirtualHost 181.193.87.6:443>
#************************************************************************
#******************* DATOS DEL SITIO WEB ********************************
#************************************************************************
ServerName riot.siua.ac.cr
ServerAlias www.riot.siua.ac.cr
ErrorLog /var/log/apache2/riot_443.siua.ac.cr-error.log
CustomLog /var/log/apache2/riot_443.siua.ac.cr-access.log common
#************************************************************************
#********************** DATOS DEL WEBMASTER *****************************
#************************************************************************
ServerAdmin interuniversitariadealajuela@gmail.com
Header add Author "Unidad de Gestion e Innovacion Tecnologica"
#************************************************************************
#********************* DATOS DEL REDIRECCIONAMIENTO *********************
#************************************************************************
ProxyPreserveHost On
ProxyRequests off
SSLProxyEngine on
ProxyPass / https://10.20.200.77/
ProxyPassReverse / https://10.20.200.77/
#************************************************************************
#********************** DATOS DEL CERTIFICADO ***************************
#************************************************************************
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/matrix.siua.ac.cr/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/matrix.siua.ac.cr/privkey.pem
</VirtualHost>
</IfModule>
<IfModule mod_ssl.c>
<VirtualHost 181.193.87.6:443>
#************************************************************************
#******************* DATOS DEL SITIO WEB ********************************
#************************************************************************
ServerName matrix.siua.ac.cr
ServerAlias www.matrix.siua.ac.cr
ErrorLog /var/log/apache2/matrix_443.siua.ac.cr-error.log
CustomLog /var/log/apache2/matrix_443.siua.ac.cr-access.log common
#************************************************************************
#********************** DATOS DEL WEBMASTER *****************************
#************************************************************************
ServerAdmin interuniversitariadealajuela@gmail.com
Header add Author "Unidad de Gestion e Innovacion Tecnologica"
#************************************************************************
#********************* DATOS DEL REDIRECCIONAMIENTO *********************
#************************************************************************
ProxyPreserveHost On
ProxyRequests off
SSLProxyEngine on
ProxyPass / https://10.20.200.77/
ProxyPassReverse / https://10.20.200.77/
#************************************************************************
#********************** DATOS DEL CERTIFICADO ***************************
#************************************************************************
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/matrix.siua.ac.cr/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/matrix.siua.ac.cr/privkey.pem
</VirtualHost>
</IfModule>
Recargamos el servicio
systemctl reload apache2
Servidor Riot
Creamos una carpeta para guardar los certificados y le damos permisos
gpg: keybox '/root/.gnupg/pubring.kbx' created
gpg: assuming signed data in 'riot-v1.6.0.tar.gz'
gpg: Signature made Tue May 5 10:37:32 2020 UTC
gpg: using RSA key 5EA7E0F70461A3BCBEBE4D5EF6151806032026F9
gpg: issuer "releases@riot.im"
gpg: Can't check signature: No public key
Por lo tanto ejecutamos
# grab the signing key for the riot releases repository, ideally from a keyserver...
gpg --keyserver keyserver.ubuntu.com --search-keys releases@riot.im
Resultado
gpg: data source: http://162.213.33.8:11371
(1) Riot Releases <releases@riot.im>
4096 bit RSA key 74692659BDA3D940, created: 2019-04-15
Keys 1-1 of 1 for "releases@riot.im". Enter number(s), N)ext, or Q)uit > 1
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 74692659BDA3D940: public key "Riot Releases <releases@riot.im>" imported
gpg: Total number processed: 1
gpg: imported: 1
Ahora obtenemos la llave
# ...and/or you can grab or cross-check the signing key from packages.riot.im
wget https://packages.riot.im/riot-release-key.asc
gpg --import riot-release-key.asc
Ahora si volvemos a verificar
gpg --verify riot-v1.6.0.tar.gz.asc
Resultado
gpg: assuming signed data in 'riot-v1.6.0.tar.gz'
gpg: Signature made Tue May 5 10:37:32 2020 UTC
gpg: using RSA key 5EA7E0F70461A3BCBEBE4D5EF6151806032026F9
gpg: issuer "releases@riot.im"
gpg: Good signature from "Riot Releases <releases@riot.im>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: A878 CDF6 6CF4 A9B4 807C EBE5 7469 2659 BDA3 D940
Subkey fingerprint: 5EA7 E0F7 0461 A3BC BEBE 4D5E F615 1806 0320 26F9
"Welcome to Riot.im": "Bienvenido a Riot.im",
X
"Welcome to Riot.im": "Bienvenido a RIOT-SIUA",
"Decentralised, encrypted chat & collaboration powered by [matrix]": "Conversaciones cifradas y descentralizadas y colaboración con el poder de [matrix]",
X
"Decentralised, encrypted chat & collaboration powered by [matrix]": "Servicio de chat cifrado ofrecido por la Sede Interuniversitaria de Alajuela y mantenido por la UGIT (Unidad de Gestión e Innovación Tecnológica)",
Integración con jitsi
Abrimos
nano /var/www/riot.siua.ac.cr/riot/config.json
modificamos
"preferredDomain": "jitsi.riot.im"
X
"preferredDomain": "conferencias.siua.ac.cr"
COTURN
Para configurar el cotrun de la siua, abrimos
nano /etc/matrix-synapse/homeserver.yaml
Configuramos
turn_uris: ["turn:coturn.siua.ac.cr:5349?transport=udp","turn:coturn.siua.ac.cr:5349?transport=tcp"]
# The shared secret used to compute passwords for the TURN server
#
turn_shared_secret: "8015f59d3f538060abcfef564d6dabfe379a6d12be76723df3b5b87ac4b4569e"
# The Username and password if the TURN server needs them and
# does not use a token
#
#turn_username: "TURNSERVER_USERNAME"
#turn_password: "TURNSERVER_PASSWORD"
# How long generated TURN credentials last
#
turn_user_lifetime: 86400000
# Whether guests should be allowed to use the TURN server.
# This defaults to True, otherwise VoIP will be unreliable for guests.
# However, it does introduce a slight security risk as it allows users to
# connect to arbitrary endpoints without having first signed up for a
# valid account (e.g. by passing a CAPTCHA).
#
turn_allow_guests: true