forked from switnet/quick-jibri-installer
6.0.0
## Changes/fixes, - Drop support for 16.04 - Fix secure rooms - Fix tmp folder from external jibri node sync - Keeping new blur - Remove unused lines from prosody - Apply brandless mode to svg logo - Fix postgres query - Satisfy imagick requirement & disable support app ## New - Add enable show close page - Add FQDN option to set as hostname - Add partial support for CHP mode for 2.0.5765-1 - Add simple DNS test to Nextcloud domain.
This commit is contained in:
commit
3f4710a0b5
|
@ -324,10 +324,19 @@ echo "or storage provider, etc.) in this script" >> /tmp/finalize.out
|
|||
|
||||
chmod -R 770 \$RECORDINGS_DIR
|
||||
|
||||
#Rename folder.
|
||||
LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -n -r|awk '{print\$2}'| grep -v "meta\|-" | head -n1)"
|
||||
NJF_NAME="\$(find \$LJF_PATH |grep -e "-"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)"
|
||||
NJF_PATH="\$RECORDINGS_DIR/\$NJF_NAME"
|
||||
mv \$LJF_PATH \$NJF_PATH
|
||||
|
||||
##Prevent empty recording directory failsafe
|
||||
if [ "\$LJF_PATH" != "\$RECORDINGS_DIR" ]; then
|
||||
mv \$LJF_PATH \$NJF_PATH
|
||||
#Workaround for jibri to do cleaning.
|
||||
ssh -i /home/jibri/jbsync.pem $MJS_USER@$MAIN_SRV_DOMAIN "rm -r \$LJF_PATH"
|
||||
else
|
||||
echo "No new folder recorded, not removing anything."
|
||||
fi
|
||||
|
||||
exit 0
|
||||
REC_DIR
|
||||
|
@ -425,6 +434,12 @@ echo "$NJN_USER:$NJN_USER_PASS" | chpasswd
|
|||
echo -e "\n---- We'll connect to main server ----"
|
||||
read -n 1 -s -r -p "Press any key to continue..."$'\n'
|
||||
sudo su $NJN_USER -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
|
||||
|
||||
#Workaround for jibri to do cleaning.
|
||||
install -m 0600 -o jibri /home/$NJN_USER/.ssh/id_rsa /home/jibri/jbsync.pem
|
||||
sudo su jibri -c "install -D /dev/null /home/jibri/.ssh/known_hosts"
|
||||
sudo su jibri -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts"
|
||||
|
||||
echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n"
|
||||
ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> ~/.ssh/known_hosts
|
||||
ssh $MJS_USER@$MAIN_SRV_DOMAIN sh -c "'cat >> .ssh/authorized_keys'" < /home/$NJN_USER/.ssh/id_rsa.pub
|
||||
|
|
|
@ -59,7 +59,7 @@ START=0
|
|||
LAST=TBD
|
||||
|
||||
THIS_SRV_DIST=$(lsb_release -sc)
|
||||
JITSI_REPO=$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f1)
|
||||
JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR==1{print$1}')
|
||||
JVB2_CONF="/etc/jitsi/videobridge/config"
|
||||
JVB2_NCONF="/etc/jitsi/videobridge/jvb.conf"
|
||||
JVB2_SIP="/etc/jitsi/videobridge/sip-communicator.properties"
|
||||
|
|
|
@ -46,7 +46,7 @@ systemctl status $1
|
|||
MAIN_TEL="/etc/telegraf/telegraf.conf"
|
||||
TEL_JIT="/etc/telegraf/telegraf.d/jitsi.conf"
|
||||
GRAFANA_INI="/etc/grafana/grafana.ini"
|
||||
DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
|
||||
DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')"
|
||||
WS_CONF="/etc/nginx/sites-enabled/$DOMAIN.conf"
|
||||
GRAFANA_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)"
|
||||
|
||||
|
|
1
jm-bm.sh
1
jm-bm.sh
|
@ -76,4 +76,5 @@ else
|
|||
sed -i "s|SUPPORT_URL: .*|SUPPORT_URL: '#',|g" "$INT_CONF"
|
||||
#Logo 2
|
||||
sed -i "s|watermark.png|watermark2.png|g" "$INT_CONF"
|
||||
sed -i "s|watermark.svg|watermark2.png|g" "$INT_CONF"
|
||||
fi
|
||||
|
|
|
@ -41,7 +41,7 @@ DISTRO_RELEASE="$(lsb_release -sc)"
|
|||
DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')"
|
||||
PHP_REPO="$(apt-cache policy | awk '/http/&&/php/{print$2}' | awk -F "/" 'NR==1{print$5}')"
|
||||
PHPVER="7.4"
|
||||
PSGVER="$(apt-cache madison postgresql | awk -F '[|+]' 'NR==1{print $2}')"
|
||||
PSGVER="$(apt-cache madison postgresql|awk -F'[ +]' 'NR==1{print $3}')"
|
||||
PHP_FPM_DIR="/etc/php/$PHPVER/fpm"
|
||||
PHP_INI="$PHP_FPM_DIR/php.ini"
|
||||
PHP_CONF="/etc/php/$PHPVER/fpm/pool.d/www.conf"
|
||||
|
@ -60,16 +60,39 @@ JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
|
|||
if [ -f $JITSI_MEET_PROXY ];then
|
||||
PREAD_PROXY=$(grep -nr "preread_server_name" $JITSI_MEET_PROXY | cut -d ":" -f1)
|
||||
fi
|
||||
PUBLIC_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)"
|
||||
|
||||
while [[ -z "$NC_DOMAIN" ]]
|
||||
while [[ "$ANS_NCD" != "yes" ]]
|
||||
do
|
||||
read -p "Please enter the domain to use for Nextcloud: " -r NC_DOMAIN
|
||||
if [ -z "$NC_DOMAIN" ];then
|
||||
echo "-- This field is mandatory."
|
||||
elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then
|
||||
echo "-- You can not use the same domain for both, Jitsi Meet and JRA via Nextcloud."
|
||||
fi
|
||||
read -p "> Please set your domain (or subdmain) here for Nextcloud: (e.g.: cloud.domain.com)"$'\n' -r NC_DOMAIN
|
||||
if [ -z "$NC_DOMAIN" ];then
|
||||
echo "-- This field is mandatory."
|
||||
elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then
|
||||
echo "-- You can not use the same domain for both, Jitsi Meet and JRA via Nextcloud."
|
||||
fi
|
||||
read -p "> Did you mean?: $NC_DOMAIN (yes or no)"$'\n' -r ANS_NCD
|
||||
if [ "$ANS_NCD" = "yes" ]; then
|
||||
echo "Alright, let's use $NC_DOMAIN."
|
||||
else
|
||||
echo "Please try again."
|
||||
fi
|
||||
done
|
||||
#Simple DNS test
|
||||
if [ "$PUBLIC_IP" = "$(dig -4 +short $NC_DOMAIN)" ]; then
|
||||
echo "Server public IP & DNS record for $NC_DOMAIN seems to match, continuing...
|
||||
"
|
||||
else
|
||||
echo "Server public IP ($PUBLIC_IP) & DNS record for $NC_DOMAIN don't seem to match."
|
||||
echo " > Please check your dns records are applied and updated, otherwise Nextcloud may fail."
|
||||
read -p " > Do you want to continue?: (yes or no)"$'\n' -r DNS_CONTINUE
|
||||
if [ "$DNS_CONTINUE" = "yes" ]; then
|
||||
echo " - We'll continue anyway..."
|
||||
else
|
||||
echo " - Exiting for now..."
|
||||
exit
|
||||
fi
|
||||
fi
|
||||
|
||||
NC_NGINX_CONF="/etc/nginx/sites-available/$NC_DOMAIN.conf"
|
||||
while [[ -z "$NC_USER" ]]
|
||||
do
|
||||
|
@ -148,12 +171,14 @@ install_ifnot postgresql-$PSGVER
|
|||
# PHP 7.4
|
||||
add_php74
|
||||
apt-get install -y \
|
||||
imagemagick \
|
||||
php$PHPVER-fpm \
|
||||
php$PHPVER-bcmath \
|
||||
php$PHPVER-bz2 \
|
||||
php$PHPVER-curl \
|
||||
php$PHPVER-gd \
|
||||
php$PHPVER-gmp \
|
||||
php$PHPVER-imagick \
|
||||
php$PHPVER-intl \
|
||||
php$PHPVER-json \
|
||||
php$PHPVER-ldap \
|
||||
|
@ -164,7 +189,6 @@ apt-get install -y \
|
|||
php$PHPVER-xml \
|
||||
php$PHPVER-xmlrpc \
|
||||
php$PHPVER-zip \
|
||||
php-imagick \
|
||||
redis-server \
|
||||
unzip
|
||||
|
||||
|
@ -455,6 +479,7 @@ Addding & Setting up Files External App for Local storage...
|
|||
"
|
||||
sudo -u www-data php $NC_PATH/occ app:install files_external
|
||||
sudo -u www-data php $NC_PATH/occ app:enable files_external
|
||||
sudo -u www-data php $NC_PATH/occ app:disable support
|
||||
sudo -u www-data php $NC_PATH/occ files_external:import /tmp/jra-nc-app-ef.json
|
||||
|
||||
usermod -a -G jibri www-data
|
||||
|
|
|
@ -31,9 +31,20 @@ while [ $secs -gt 0 ]; do
|
|||
: $((secs--))
|
||||
done
|
||||
}
|
||||
set_once() {
|
||||
if [ -z "$(awk '!/^ *#/ && NF {print}' "$2"|grep $(echo $1|awk -F '=' '{print$1}'))" ]; then
|
||||
echo "Setting "$1" on "$2"..."
|
||||
echo "$1" | tee -a "$2"
|
||||
else
|
||||
echo " \"$(echo $1|awk -F '=' '{print$1}')\" seems present, skipping setting this variable"
|
||||
fi
|
||||
}
|
||||
# True if $1 is greater than $2
|
||||
version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
|
||||
|
||||
|
||||
LTS_REL="$(lsb_release -d | awk '{print$4}')"
|
||||
DOMAIN="$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')"
|
||||
DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')"
|
||||
JVB_LOG_POP="/etc/jitsi/videobridge/logging.properties"
|
||||
JVB_RC="/usr/share/jitsi-videobridge/lib/videobridge.rc"
|
||||
JICOFO_LOG_POP="/etc/jitsi/videobridge/logging.properties"
|
||||
|
@ -102,7 +113,7 @@ echo "
|
|||
#--------------------------------------------------
|
||||
"
|
||||
echo "If you are using a high volume of users we recommend to use nHD (640x360),
|
||||
or at most qHD (960x540) resolution as default, since bandwith increase
|
||||
or at most qHD (960x540) resolution as default, since bandwith increase
|
||||
exponentially with the more concurrent users on a meeting.
|
||||
Either way, choose your desired video resolution.
|
||||
"
|
||||
|
@ -160,18 +171,18 @@ sysctl -w net.core.rmem_default=262144
|
|||
sysctl -w net.core.wmem_default=262144
|
||||
sysctl -w net.core.rmem_max=262144
|
||||
sysctl -w net.core.wmem_max=262144
|
||||
echo 'net.core.rmem_default=262144' | tee -a /etc/sysctl.conf
|
||||
echo 'net.core.wmem_default=262144' | tee -a /etc/sysctl.conf
|
||||
echo 'net.core.rmem_max=262144' | tee -a /etc/sysctl.conf
|
||||
echo 'net.core.wmem_max=262144' | tee -a /etc/sysctl.conf
|
||||
set_once "net.core.rmem_default=262144" "/etc/sysctl.conf"
|
||||
set_once "net.core.wmem_default=262144" "/etc/sysctl.conf"
|
||||
set_once "net.core.rmem_max=262144" "/etc/sysctl.conf"
|
||||
set_once "net.core.wmem_max=262144" "/etc/sysctl.conf"
|
||||
|
||||
#https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_for_real_time/7/html/tuning_guide/reduce_tcp_performance_spikes
|
||||
sysctl -w net.ipv4.tcp_timestamps=0
|
||||
echo 'net.ipv4.tcp_timestamps=0' | tee -a /etc/sysctl.conf
|
||||
set_once "net.ipv4.tcp_timestamps=0" "/etc/sysctl.conf"
|
||||
|
||||
#https://bugzilla.redhat.com/show_bug.cgi?id=1283676
|
||||
sysctl -w net.core.netdev_max_backlog=100000
|
||||
echo 'net.core.netdev_max_backlog=100000' | tee -a /etc/sysctl.conf
|
||||
set_once "net.core.netdev_max_backlog=100000" "/etc/sysctl.conf"
|
||||
|
||||
##nginx
|
||||
sed -i "s|worker_connections.*|worker_connections 2000;|" /etc/nginx/nginx.conf
|
||||
|
@ -180,7 +191,7 @@ sed -i "s|worker_connections.*|worker_connections 2000;|" /etc/nginx/nginx.conf
|
|||
#sysctl -w net.ipv4.tcp_low_latency=1
|
||||
|
||||
#JVB2
|
||||
##Loose up logging
|
||||
##Loose up logging
|
||||
# https://community.jitsi.org/t/23641/13
|
||||
sed -i "/java.util.logging.FileHandler.level/s|ALL|WARNING|g" $JVB_LOG_POP
|
||||
sed -i "s|^.level=INFO|.level=WARNING|" $JVB_LOG_POP
|
||||
|
@ -284,19 +295,35 @@ sed -i "s|OPTIMAL_BROWSERS: \[.*|OPTIMAL_BROWSERS: \[ 'chrome', 'chromium', 'ele
|
|||
sed -i "s|UNSUPPORTED_BROWSERS: .*|UNSUPPORTED_BROWSERS: \[ 'nwjs', 'safari', 'firefox' \],|" $INT_CONF_JS_HP
|
||||
|
||||
### Toolbars
|
||||
sed -i "/^\s*TOOLBAR_BUTTONS*\]$/ s|^|//|; /^\s*TOOLBAR_BUTTONS/, /\],$/ s|^|//|" $INT_CONF_JS_HP
|
||||
|
||||
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ TOOLBAR_BUTTONS: \[" $INT_CONF_JS_HP
|
||||
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," $INT_CONF_JS_HP
|
||||
if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then
|
||||
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," $INT_CONF_JS_HP
|
||||
if version_gt "$(apt-show-versions jitsi-meet|awk '{print$2}')" "2.0.5390-3" ; then
|
||||
#New toolbar in config.js
|
||||
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ toolbarButtons:: \[" $MEET_CONF_HP
|
||||
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," $MEET_CONF_HP
|
||||
if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then
|
||||
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," $MEET_CONF_HP
|
||||
else
|
||||
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," $MEET_CONF_HP
|
||||
fi
|
||||
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," $MEET_CONF_HP
|
||||
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," $MEET_CONF_HP
|
||||
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'mute-video-everyone', 'security'" $MEET_CONF_HP
|
||||
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \]," $MEET_CONF_HP
|
||||
else
|
||||
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," $INT_CONF_JS_HP
|
||||
#Old toolbar in interface.js (soon deprecated on newer versions)
|
||||
sed -i "/^\s*TOOLBAR_BUTTONS*\]$/ s|^|//|; /^\s*TOOLBAR_BUTTONS/, /\],$/ s|^|//|" $INT_CONF_JS_HP
|
||||
|
||||
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ TOOLBAR_BUTTONS: \[" $INT_CONF_JS_HP
|
||||
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," $INT_CONF_JS_HP
|
||||
if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then
|
||||
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," $INT_CONF_JS_HP
|
||||
else
|
||||
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," $INT_CONF_JS_HP
|
||||
fi
|
||||
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," $INT_CONF_JS_HP
|
||||
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," $INT_CONF_JS_HP
|
||||
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'mute-video-everyone', 'security'" $INT_CONF_JS_HP
|
||||
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \]," $INT_CONF_JS_HP
|
||||
fi
|
||||
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," $INT_CONF_JS_HP
|
||||
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," $INT_CONF_JS_HP
|
||||
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'security'" $INT_CONF_JS_HP
|
||||
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \]," $INT_CONF_JS_HP
|
||||
|
||||
#Check config file
|
||||
echo -e "\n# Checking $MEET_CONF file for errors\n"
|
||||
|
@ -304,23 +331,19 @@ CHECKJS_MEET_CHP=$(esvalidate $MEET_CONF_HP| cut -d ":" -f2)
|
|||
if [ -z "$CHECKJS_MEET_CHP" ]; then
|
||||
echo -e "\n# The $MEET_CONF_HP configuration seems correct. =)\n"
|
||||
else
|
||||
echo "
|
||||
Watch out!, there seems to be an issue on $MEET_CONF line:
|
||||
$CHECKJS
|
||||
Most of the times this is due upstream changes, please report to
|
||||
https://github.com/switnet-ltd/quick-jibri-installer/issues
|
||||
"
|
||||
echo -e "\n Watch out!, there seems to be an issue on $MEET_CONF_HP line:
|
||||
$CHECKJS_MEET_CHP
|
||||
Most of the times this is due upstream changes, please report to
|
||||
https://github.com/switnet-ltd/quick-jibri-installer/issues\n"
|
||||
fi
|
||||
CHECKJS_INT_CHP=$(esvalidate $INT_CONF_JS_HP| cut -d ":" -f2)
|
||||
if [ -z "$CHECKJS_INT_CHP" ]; then
|
||||
echo -e "\n# The $INT_CONF_JS_HP configuration seems correct. =)\n"
|
||||
else
|
||||
echo "
|
||||
Watch out!, there seems to be an issue on $MEET_CONF line:
|
||||
$CHECKJS
|
||||
Most of the times this is due upstream changes, please report to
|
||||
https://github.com/switnet-ltd/quick-jibri-installer/issues
|
||||
"
|
||||
echo -e "\n Watch out!, there seems to be an issue on $INT_CONF_JS_HP line:
|
||||
$CHECKJS_INT_CHP
|
||||
Most of the times this is due upstream changes, please report to
|
||||
https://github.com/switnet-ltd/quick-jibri-installer/issues\n"
|
||||
fi
|
||||
|
||||
sed -i "s|$MEET_CONF|$MEET_CONF_HP|g" $WS_CONF
|
||||
|
|
|
@ -148,8 +148,7 @@ if ! [ $(id -u) = 0 ]; then
|
|||
echo "You need to be root or have sudo privileges!"
|
||||
exit 0
|
||||
fi
|
||||
if [ "$DIST" = "xenial" ] || \
|
||||
[ "$DIST" = "bionic" ] || \
|
||||
if [ "$DIST" = "bionic" ] || \
|
||||
[ "$DIST" = "focal" ]; then
|
||||
echo "OS: $(lsb_release -sd)"
|
||||
echo "Good, this is a supported platform!"
|
||||
|
@ -158,12 +157,20 @@ else
|
|||
echo "Sorry, this platform is not supported... exiting"
|
||||
exit
|
||||
fi
|
||||
#Suggest 18.04 LTS release over 16.04
|
||||
if [ "$DIST" = "xenial" ]; then
|
||||
echo " > $(lsb_release -sc), even when it's compatible and functional.
|
||||
#Suggest 20.04 LTS release over 18.04 in April 2022
|
||||
TODAY=$(date +%s)
|
||||
NEXT_LTS_DATE=$(date -d 2022-04-01 +%s)
|
||||
|
||||
if [ "$DIST" = "bionic" ]; then
|
||||
if [ "$TODAY" -gt "$NEXT_LTS_DATE" ]; then
|
||||
echo " > $(lsb_release -sc), even when it's compatible and functional.
|
||||
We suggest to use the next (LTS) release, for longer support and security reasons."
|
||||
read -n 1 -s -r -p "Press any key to continue..."$'\n'
|
||||
read -n 1 -s -r -p "Press any key to continue..."$'\n'
|
||||
else
|
||||
echo "Bionic is supported."
|
||||
fi
|
||||
fi
|
||||
|
||||
#Check system resources
|
||||
echo "Verifying System Resources:"
|
||||
if [ "$(nproc --all)" -lt 4 ];then
|
||||
|
@ -433,10 +440,21 @@ GC_SDK_REL_FILE="http://packages.cloud.google.com/apt/dists/cloud-sdk-$(lsb_rele
|
|||
MJS_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
|
||||
MJS_USER="jbsync_$MJS_RAND_TAIL"
|
||||
MJS_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)"
|
||||
FQDN_HOST="fqdn"
|
||||
|
||||
# Rename hostname for jitsi server
|
||||
#hostnamectl set-hostname "jitsi.${DOMAIN}"
|
||||
#sed -i "1i ${PUBLIC_IP} jitsi.${DOMAIN}" /etc/hosts
|
||||
while [[ "$FQDN_HOST" != "yes" && "$FQDN_HOST" != "no" && ! -z "$FQDN_HOST" ]]
|
||||
do
|
||||
echo -e "> Do you want to use your internet domain ($DOMAIN) as a fqdn hostname?: (yes or no)" && \
|
||||
read -p "Leave empty to default to your current one ($(hostname -f)): "$'\n' FQDN_HOST
|
||||
if [ "$FQDN_HOST" = "yes" ]; then
|
||||
echo "We'll use your domain ($DOMAIN) as a fqdn hostname, changes will show on reboot."
|
||||
hostnamectl set-hostname "${DOMAIN}"
|
||||
sed -i "1i ${PUBLIC_IP} ${DOMAIN}" /etc/hosts
|
||||
else
|
||||
echo "We'll keep the current one ($(hostname -f)) you're using."
|
||||
fi
|
||||
done
|
||||
|
||||
#Sysadmin email
|
||||
if [ "$LE_SSL" = "yes" ]; then
|
||||
|
@ -452,8 +470,7 @@ You can define the language, for a complete list of the supported languages
|
|||
See here:
|
||||
https://github.com/jitsi/jitsi-meet/blob/master/lang/languages.json
|
||||
|
||||
Jitsi Meet web interface will be set to use such language.
|
||||
"
|
||||
Jitsi Meet web interface will be set to use such language."
|
||||
read -p "Please set your language (Press enter to default to 'en'):"$'\n' -r JB_LANG
|
||||
echo -e "\nWe'll take a minute to localize some UI excerpts if you need.\n"
|
||||
#Participant
|
||||
|
@ -505,6 +522,16 @@ do
|
|||
echo "Welcome page will be enabled."
|
||||
fi
|
||||
done
|
||||
#Close page
|
||||
while [[ "$ENABLE_CLOCP" != "yes" && "$ENABLE_CLOCP" != "no" ]]
|
||||
do
|
||||
read -p "> Do you want to enable the close page on room exit: (yes or no)"$'\n' -r ENABLE_CLOCP
|
||||
if [ "$ENABLE_CLOCP" = "yes" ]; then
|
||||
echo "Close page will be enabled."
|
||||
elif [ "$ENABLE_CLOCP" = "no" ]; then
|
||||
echo "Close page will be keept disabled."
|
||||
fi
|
||||
done
|
||||
#Enable static avatar
|
||||
while [[ "$ENABLE_SA" != "yes" && "$ENABLE_SA" != "no" ]]
|
||||
do
|
||||
|
@ -711,12 +738,12 @@ VirtualHost "recorder.$DOMAIN"
|
|||
modules_enabled = {
|
||||
"ping";
|
||||
}
|
||||
authentication = "internal_plain"
|
||||
authentication = "internal_hashed"
|
||||
|
||||
REC-JIBRI
|
||||
|
||||
#Enable Jibri withelist
|
||||
sed -i "s| -- muc_lobby_whitelist| muc_lobby_whitelist|" $PROSODY_FILE
|
||||
sed -i "s|-- muc_lobby_whitelist|muc_lobby_whitelist|" $PROSODY_FILE
|
||||
|
||||
#Fix Jibri conectivity issues
|
||||
sed -i "s|c2s_require_encryption = .*|c2s_require_encryption = false|" $PROSODY_SYS
|
||||
|
@ -977,7 +1004,6 @@ else
|
|||
fi
|
||||
#Static avatar
|
||||
if [ "$ENABLE_SA" = "yes" ] && [ -f $WS_CONF ]; then
|
||||
#wget https://switnet.net/static/avatar.png -O /usr/share/jitsi-meet/images/avatar2.png
|
||||
cp images/avatar2.png /usr/share/jitsi-meet/images/
|
||||
sed -i "/location \/external_api.min.js/i \ \ \ \ location \~ \^\/avatar\/\(.\*\)\\\.png {" $WS_CONF
|
||||
sed -i "/location \/external_api.min.js/i \ \ \ \ \ \ \ \ alias /usr/share/jitsi-meet/images/avatar2.png;" $WS_CONF
|
||||
|
@ -988,30 +1014,27 @@ if [ "$ENABLE_SA" = "yes" ] && [ -f $WS_CONF ]; then
|
|||
fi
|
||||
#nginx -tlsv1/1.1
|
||||
if [ "$DROP_TLS1" = "yes" ] && [ "$DIST" != "xenial" ];then
|
||||
echo -e "\nDropping TLSv1/1.1 in favor of v1.3"
|
||||
echo -e "\nDropping TLSv1/1.1 in favor of v1.3\n"
|
||||
sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" /etc/nginx/nginx.conf
|
||||
#sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" $WS_CONF
|
||||
elif [ "$DROP_TLS1" = "yes" ] && [ "$DIST" = "xenial" ];then
|
||||
echo -e "\nOnly dropping TLSv1/1.1"
|
||||
echo -e "\nOnly dropping TLSv1/1.1\n"
|
||||
sed -i "s|TLSv1 TLSv1.1||" /etc/nginx/nginx.conf
|
||||
sed -i "s| TLSv1.3||" $WS_CONF
|
||||
elif [ "$DROP_TLS1" = "no" ];then
|
||||
echo "No TLSv1/1.1 dropping was done."
|
||||
echo -e "\nNo TLSv1/1.1 dropping was done.\n"
|
||||
else
|
||||
echo "No condition meet, please report to
|
||||
https://github.com/switnet-ltd/quick-jibri-installer/issues "
|
||||
fi
|
||||
|
||||
echo -e "\nDisable \"Blur my background\" until new notice\n"
|
||||
sed -i "s|'videobackgroundblur', ||" $INT_CONF
|
||||
|
||||
#================== Setup prosody conf file =================
|
||||
|
||||
###Setup secure rooms
|
||||
if [ "$ENABLE_SC" = "yes" ]; then
|
||||
SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" $PROSODY_FILE | head -n1 | cut -d ":" -f1)
|
||||
SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" $PROSODY_FILE | awk -F ':' 'NR==1{print$1}')
|
||||
SRP_END=$((SRP_STR + 10))
|
||||
sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"internal_plain\"|}" $PROSODY_FILE
|
||||
sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"internal_hashed\"|}" $PROSODY_FILE
|
||||
sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" $MEET_CONF
|
||||
|
||||
#Secure room initial user
|
||||
|
@ -1042,15 +1065,10 @@ VirtualHost "guest.$DOMAIN"
|
|||
authentication = "anonymous"
|
||||
c2s_require_encryption = false
|
||||
speakerstats_component = "speakerstats.$DOMAIN"
|
||||
-- conference_duration_component = "conferenceduration.$DOMAIN"
|
||||
-- lobby_muc = "lobby.$DOMAIN"
|
||||
main_muc = "conference.$DOMAIN"
|
||||
-- muc_lobby_whitelist = { "recorder.$DOMAIN", "auth.$DOMAIN" }
|
||||
|
||||
modules_enabled = {
|
||||
"speakerstats";
|
||||
-- "conference_duration";
|
||||
-- "muc_lobby_rooms";
|
||||
}
|
||||
|
||||
P_SR
|
||||
|
@ -1070,6 +1088,12 @@ if [ "$ENABLE_WELCP" = "yes" ]; then
|
|||
elif [ "$ENABLE_WELCP" = "no" ]; then
|
||||
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: true,|" $MEET_CONF
|
||||
fi
|
||||
#Enable close page
|
||||
if [ "$ENABLE_CLOCP" = "yes" ]; then
|
||||
sed -i "s|.*enableClosePage:.*| enableClosePage: true,|" $MEET_CONF
|
||||
elif [ "$ENABLE_CLOCP" = "no" ]; then
|
||||
sed -i "s|.*enableClosePage:.*| enableClosePage: false,|" $MEET_CONF
|
||||
fi
|
||||
#Set displayname as not required since jibri can't set it up.
|
||||
sed -i "s|// requireDisplayName: true,|requireDisplayName: false,|" $MEET_CONF
|
||||
|
||||
|
|
|
@ -154,7 +154,7 @@ if [ -z $SND_AL_MODULE ]; then
|
|||
please try rebooting.\nFor now wait 'til the end of the recommended kernel installation."
|
||||
echo "# Check and Install HWE kernel if possible..."
|
||||
if uname -r | grep -q aws;then
|
||||
KNL_HWE="$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr)|awk 'NR__1{print$3}'|cut -d "." -f1-4)"
|
||||
KNL_HWE="$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr)|awk 'NR==1{print$3}'|cut -d "." -f1-4)"
|
||||
KNL_MENU="$(awk -F\' '/menuentry / {print $2}' /boot/grub/grub.cfg|awk '!/recovery/&&/generic/{print$3,$4}'|grep $KNL_HWE)"
|
||||
if [ ! -z "$KNL_MENU" ];then
|
||||
echo -e "\nSeems you are using an AWS kernel \xE2\x9C\x96 <== IMPORTANT! \nYou might consider modify your grub (/etc/default/grub) to use the following:" && \
|
||||
|
|
Loading…
Reference in New Issue