## Changes/fixes,

- Drop support for 16.04
- Fix secure rooms
- Fix tmp folder from external jibri node sync
- Keeping new blur
- Remove unused lines from prosody
- Apply brandless mode to svg logo
- Fix postgres query
- Satisfy imagick requirement & disable support app

## New

- Add enable show close page
- Add FQDN option to set as hostname
- Add partial support for CHP mode for 2.0.5765-1
-  Add simple DNS test to Nextcloud domain.
This commit is contained in:
Luis Guzman 2021-04-28 09:12:22 -05:00 committed by GitHub
commit 3f4710a0b5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 159 additions and 71 deletions

View File

@ -324,10 +324,19 @@ echo "or storage provider, etc.) in this script" >> /tmp/finalize.out
chmod -R 770 \$RECORDINGS_DIR
#Rename folder.
LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -n -r|awk '{print\$2}'| grep -v "meta\|-" | head -n1)"
NJF_NAME="\$(find \$LJF_PATH |grep -e "-"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)"
NJF_PATH="\$RECORDINGS_DIR/\$NJF_NAME"
mv \$LJF_PATH \$NJF_PATH
##Prevent empty recording directory failsafe
if [ "\$LJF_PATH" != "\$RECORDINGS_DIR" ]; then
mv \$LJF_PATH \$NJF_PATH
#Workaround for jibri to do cleaning.
ssh -i /home/jibri/jbsync.pem $MJS_USER@$MAIN_SRV_DOMAIN "rm -r \$LJF_PATH"
else
echo "No new folder recorded, not removing anything."
fi
exit 0
REC_DIR
@ -425,6 +434,12 @@ echo "$NJN_USER:$NJN_USER_PASS" | chpasswd
echo -e "\n---- We'll connect to main server ----"
read -n 1 -s -r -p "Press any key to continue..."$'\n'
sudo su $NJN_USER -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
#Workaround for jibri to do cleaning.
install -m 0600 -o jibri /home/$NJN_USER/.ssh/id_rsa /home/jibri/jbsync.pem
sudo su jibri -c "install -D /dev/null /home/jibri/.ssh/known_hosts"
sudo su jibri -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts"
echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n"
ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> ~/.ssh/known_hosts
ssh $MJS_USER@$MAIN_SRV_DOMAIN sh -c "'cat >> .ssh/authorized_keys'" < /home/$NJN_USER/.ssh/id_rsa.pub

View File

@ -59,7 +59,7 @@ START=0
LAST=TBD
THIS_SRV_DIST=$(lsb_release -sc)
JITSI_REPO=$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f1)
JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR==1{print$1}')
JVB2_CONF="/etc/jitsi/videobridge/config"
JVB2_NCONF="/etc/jitsi/videobridge/jvb.conf"
JVB2_SIP="/etc/jitsi/videobridge/sip-communicator.properties"

View File

@ -46,7 +46,7 @@ systemctl status $1
MAIN_TEL="/etc/telegraf/telegraf.conf"
TEL_JIT="/etc/telegraf/telegraf.d/jitsi.conf"
GRAFANA_INI="/etc/grafana/grafana.ini"
DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')"
WS_CONF="/etc/nginx/sites-enabled/$DOMAIN.conf"
GRAFANA_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)"

View File

@ -76,4 +76,5 @@ else
sed -i "s|SUPPORT_URL: .*|SUPPORT_URL: '#',|g" "$INT_CONF"
#Logo 2
sed -i "s|watermark.png|watermark2.png|g" "$INT_CONF"
sed -i "s|watermark.svg|watermark2.png|g" "$INT_CONF"
fi

View File

@ -41,7 +41,7 @@ DISTRO_RELEASE="$(lsb_release -sc)"
DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')"
PHP_REPO="$(apt-cache policy | awk '/http/&&/php/{print$2}' | awk -F "/" 'NR==1{print$5}')"
PHPVER="7.4"
PSGVER="$(apt-cache madison postgresql | awk -F '[|+]' 'NR==1{print $2}')"
PSGVER="$(apt-cache madison postgresql|awk -F'[ +]' 'NR==1{print $3}')"
PHP_FPM_DIR="/etc/php/$PHPVER/fpm"
PHP_INI="$PHP_FPM_DIR/php.ini"
PHP_CONF="/etc/php/$PHPVER/fpm/pool.d/www.conf"
@ -60,16 +60,39 @@ JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
if [ -f $JITSI_MEET_PROXY ];then
PREAD_PROXY=$(grep -nr "preread_server_name" $JITSI_MEET_PROXY | cut -d ":" -f1)
fi
PUBLIC_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)"
while [[ -z "$NC_DOMAIN" ]]
while [[ "$ANS_NCD" != "yes" ]]
do
read -p "Please enter the domain to use for Nextcloud: " -r NC_DOMAIN
if [ -z "$NC_DOMAIN" ];then
echo "-- This field is mandatory."
elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then
echo "-- You can not use the same domain for both, Jitsi Meet and JRA via Nextcloud."
fi
read -p "> Please set your domain (or subdmain) here for Nextcloud: (e.g.: cloud.domain.com)"$'\n' -r NC_DOMAIN
if [ -z "$NC_DOMAIN" ];then
echo "-- This field is mandatory."
elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then
echo "-- You can not use the same domain for both, Jitsi Meet and JRA via Nextcloud."
fi
read -p "> Did you mean?: $NC_DOMAIN (yes or no)"$'\n' -r ANS_NCD
if [ "$ANS_NCD" = "yes" ]; then
echo "Alright, let's use $NC_DOMAIN."
else
echo "Please try again."
fi
done
#Simple DNS test
if [ "$PUBLIC_IP" = "$(dig -4 +short $NC_DOMAIN)" ]; then
echo "Server public IP & DNS record for $NC_DOMAIN seems to match, continuing...
"
else
echo "Server public IP ($PUBLIC_IP) & DNS record for $NC_DOMAIN don't seem to match."
echo " > Please check your dns records are applied and updated, otherwise Nextcloud may fail."
read -p " > Do you want to continue?: (yes or no)"$'\n' -r DNS_CONTINUE
if [ "$DNS_CONTINUE" = "yes" ]; then
echo " - We'll continue anyway..."
else
echo " - Exiting for now..."
exit
fi
fi
NC_NGINX_CONF="/etc/nginx/sites-available/$NC_DOMAIN.conf"
while [[ -z "$NC_USER" ]]
do
@ -148,12 +171,14 @@ install_ifnot postgresql-$PSGVER
# PHP 7.4
add_php74
apt-get install -y \
imagemagick \
php$PHPVER-fpm \
php$PHPVER-bcmath \
php$PHPVER-bz2 \
php$PHPVER-curl \
php$PHPVER-gd \
php$PHPVER-gmp \
php$PHPVER-imagick \
php$PHPVER-intl \
php$PHPVER-json \
php$PHPVER-ldap \
@ -164,7 +189,6 @@ apt-get install -y \
php$PHPVER-xml \
php$PHPVER-xmlrpc \
php$PHPVER-zip \
php-imagick \
redis-server \
unzip
@ -455,6 +479,7 @@ Addding & Setting up Files External App for Local storage...
"
sudo -u www-data php $NC_PATH/occ app:install files_external
sudo -u www-data php $NC_PATH/occ app:enable files_external
sudo -u www-data php $NC_PATH/occ app:disable support
sudo -u www-data php $NC_PATH/occ files_external:import /tmp/jra-nc-app-ef.json
usermod -a -G jibri www-data

View File

@ -31,9 +31,20 @@ while [ $secs -gt 0 ]; do
: $((secs--))
done
}
set_once() {
if [ -z "$(awk '!/^ *#/ && NF {print}' "$2"|grep $(echo $1|awk -F '=' '{print$1}'))" ]; then
echo "Setting "$1" on "$2"..."
echo "$1" | tee -a "$2"
else
echo " \"$(echo $1|awk -F '=' '{print$1}')\" seems present, skipping setting this variable"
fi
}
# True if $1 is greater than $2
version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
LTS_REL="$(lsb_release -d | awk '{print$4}')"
DOMAIN="$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')"
DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')"
JVB_LOG_POP="/etc/jitsi/videobridge/logging.properties"
JVB_RC="/usr/share/jitsi-videobridge/lib/videobridge.rc"
JICOFO_LOG_POP="/etc/jitsi/videobridge/logging.properties"
@ -102,7 +113,7 @@ echo "
#--------------------------------------------------
"
echo "If you are using a high volume of users we recommend to use nHD (640x360),
or at most qHD (960x540) resolution as default, since bandwith increase
or at most qHD (960x540) resolution as default, since bandwith increase
exponentially with the more concurrent users on a meeting.
Either way, choose your desired video resolution.
"
@ -160,18 +171,18 @@ sysctl -w net.core.rmem_default=262144
sysctl -w net.core.wmem_default=262144
sysctl -w net.core.rmem_max=262144
sysctl -w net.core.wmem_max=262144
echo 'net.core.rmem_default=262144' | tee -a /etc/sysctl.conf
echo 'net.core.wmem_default=262144' | tee -a /etc/sysctl.conf
echo 'net.core.rmem_max=262144' | tee -a /etc/sysctl.conf
echo 'net.core.wmem_max=262144' | tee -a /etc/sysctl.conf
set_once "net.core.rmem_default=262144" "/etc/sysctl.conf"
set_once "net.core.wmem_default=262144" "/etc/sysctl.conf"
set_once "net.core.rmem_max=262144" "/etc/sysctl.conf"
set_once "net.core.wmem_max=262144" "/etc/sysctl.conf"
#https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_for_real_time/7/html/tuning_guide/reduce_tcp_performance_spikes
sysctl -w net.ipv4.tcp_timestamps=0
echo 'net.ipv4.tcp_timestamps=0' | tee -a /etc/sysctl.conf
set_once "net.ipv4.tcp_timestamps=0" "/etc/sysctl.conf"
#https://bugzilla.redhat.com/show_bug.cgi?id=1283676
sysctl -w net.core.netdev_max_backlog=100000
echo 'net.core.netdev_max_backlog=100000' | tee -a /etc/sysctl.conf
set_once "net.core.netdev_max_backlog=100000" "/etc/sysctl.conf"
##nginx
sed -i "s|worker_connections.*|worker_connections 2000;|" /etc/nginx/nginx.conf
@ -180,7 +191,7 @@ sed -i "s|worker_connections.*|worker_connections 2000;|" /etc/nginx/nginx.conf
#sysctl -w net.ipv4.tcp_low_latency=1
#JVB2
##Loose up logging
##Loose up logging
# https://community.jitsi.org/t/23641/13
sed -i "/java.util.logging.FileHandler.level/s|ALL|WARNING|g" $JVB_LOG_POP
sed -i "s|^.level=INFO|.level=WARNING|" $JVB_LOG_POP
@ -284,19 +295,35 @@ sed -i "s|OPTIMAL_BROWSERS: \[.*|OPTIMAL_BROWSERS: \[ 'chrome', 'chromium', 'ele
sed -i "s|UNSUPPORTED_BROWSERS: .*|UNSUPPORTED_BROWSERS: \[ 'nwjs', 'safari', 'firefox' \],|" $INT_CONF_JS_HP
### Toolbars
sed -i "/^\s*TOOLBAR_BUTTONS*\]$/ s|^|//|; /^\s*TOOLBAR_BUTTONS/, /\],$/ s|^|//|" $INT_CONF_JS_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ TOOLBAR_BUTTONS: \[" $INT_CONF_JS_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," $INT_CONF_JS_HP
if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," $INT_CONF_JS_HP
if version_gt "$(apt-show-versions jitsi-meet|awk '{print$2}')" "2.0.5390-3" ; then
#New toolbar in config.js
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ toolbarButtons:: \[" $MEET_CONF_HP
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," $MEET_CONF_HP
if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," $MEET_CONF_HP
else
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," $MEET_CONF_HP
fi
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," $MEET_CONF_HP
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," $MEET_CONF_HP
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'mute-video-everyone', 'security'" $MEET_CONF_HP
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \]," $MEET_CONF_HP
else
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," $INT_CONF_JS_HP
#Old toolbar in interface.js (soon deprecated on newer versions)
sed -i "/^\s*TOOLBAR_BUTTONS*\]$/ s|^|//|; /^\s*TOOLBAR_BUTTONS/, /\],$/ s|^|//|" $INT_CONF_JS_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ TOOLBAR_BUTTONS: \[" $INT_CONF_JS_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," $INT_CONF_JS_HP
if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," $INT_CONF_JS_HP
else
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," $INT_CONF_JS_HP
fi
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," $INT_CONF_JS_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," $INT_CONF_JS_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'mute-video-everyone', 'security'" $INT_CONF_JS_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \]," $INT_CONF_JS_HP
fi
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," $INT_CONF_JS_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," $INT_CONF_JS_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'security'" $INT_CONF_JS_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \]," $INT_CONF_JS_HP
#Check config file
echo -e "\n# Checking $MEET_CONF file for errors\n"
@ -304,23 +331,19 @@ CHECKJS_MEET_CHP=$(esvalidate $MEET_CONF_HP| cut -d ":" -f2)
if [ -z "$CHECKJS_MEET_CHP" ]; then
echo -e "\n# The $MEET_CONF_HP configuration seems correct. =)\n"
else
echo "
Watch out!, there seems to be an issue on $MEET_CONF line:
$CHECKJS
Most of the times this is due upstream changes, please report to
https://github.com/switnet-ltd/quick-jibri-installer/issues
"
echo -e "\n Watch out!, there seems to be an issue on $MEET_CONF_HP line:
$CHECKJS_MEET_CHP
Most of the times this is due upstream changes, please report to
https://github.com/switnet-ltd/quick-jibri-installer/issues\n"
fi
CHECKJS_INT_CHP=$(esvalidate $INT_CONF_JS_HP| cut -d ":" -f2)
if [ -z "$CHECKJS_INT_CHP" ]; then
echo -e "\n# The $INT_CONF_JS_HP configuration seems correct. =)\n"
else
echo "
Watch out!, there seems to be an issue on $MEET_CONF line:
$CHECKJS
Most of the times this is due upstream changes, please report to
https://github.com/switnet-ltd/quick-jibri-installer/issues
"
echo -e "\n Watch out!, there seems to be an issue on $INT_CONF_JS_HP line:
$CHECKJS_INT_CHP
Most of the times this is due upstream changes, please report to
https://github.com/switnet-ltd/quick-jibri-installer/issues\n"
fi
sed -i "s|$MEET_CONF|$MEET_CONF_HP|g" $WS_CONF

View File

@ -148,8 +148,7 @@ if ! [ $(id -u) = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
if [ "$DIST" = "xenial" ] || \
[ "$DIST" = "bionic" ] || \
if [ "$DIST" = "bionic" ] || \
[ "$DIST" = "focal" ]; then
echo "OS: $(lsb_release -sd)"
echo "Good, this is a supported platform!"
@ -158,12 +157,20 @@ else
echo "Sorry, this platform is not supported... exiting"
exit
fi
#Suggest 18.04 LTS release over 16.04
if [ "$DIST" = "xenial" ]; then
echo " > $(lsb_release -sc), even when it's compatible and functional.
#Suggest 20.04 LTS release over 18.04 in April 2022
TODAY=$(date +%s)
NEXT_LTS_DATE=$(date -d 2022-04-01 +%s)
if [ "$DIST" = "bionic" ]; then
if [ "$TODAY" -gt "$NEXT_LTS_DATE" ]; then
echo " > $(lsb_release -sc), even when it's compatible and functional.
We suggest to use the next (LTS) release, for longer support and security reasons."
read -n 1 -s -r -p "Press any key to continue..."$'\n'
read -n 1 -s -r -p "Press any key to continue..."$'\n'
else
echo "Bionic is supported."
fi
fi
#Check system resources
echo "Verifying System Resources:"
if [ "$(nproc --all)" -lt 4 ];then
@ -433,10 +440,21 @@ GC_SDK_REL_FILE="http://packages.cloud.google.com/apt/dists/cloud-sdk-$(lsb_rele
MJS_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
MJS_USER="jbsync_$MJS_RAND_TAIL"
MJS_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)"
FQDN_HOST="fqdn"
# Rename hostname for jitsi server
#hostnamectl set-hostname "jitsi.${DOMAIN}"
#sed -i "1i ${PUBLIC_IP} jitsi.${DOMAIN}" /etc/hosts
while [[ "$FQDN_HOST" != "yes" && "$FQDN_HOST" != "no" && ! -z "$FQDN_HOST" ]]
do
echo -e "> Do you want to use your internet domain ($DOMAIN) as a fqdn hostname?: (yes or no)" && \
read -p "Leave empty to default to your current one ($(hostname -f)): "$'\n' FQDN_HOST
if [ "$FQDN_HOST" = "yes" ]; then
echo "We'll use your domain ($DOMAIN) as a fqdn hostname, changes will show on reboot."
hostnamectl set-hostname "${DOMAIN}"
sed -i "1i ${PUBLIC_IP} ${DOMAIN}" /etc/hosts
else
echo "We'll keep the current one ($(hostname -f)) you're using."
fi
done
#Sysadmin email
if [ "$LE_SSL" = "yes" ]; then
@ -452,8 +470,7 @@ You can define the language, for a complete list of the supported languages
See here:
https://github.com/jitsi/jitsi-meet/blob/master/lang/languages.json
Jitsi Meet web interface will be set to use such language.
"
Jitsi Meet web interface will be set to use such language."
read -p "Please set your language (Press enter to default to 'en'):"$'\n' -r JB_LANG
echo -e "\nWe'll take a minute to localize some UI excerpts if you need.\n"
#Participant
@ -505,6 +522,16 @@ do
echo "Welcome page will be enabled."
fi
done
#Close page
while [[ "$ENABLE_CLOCP" != "yes" && "$ENABLE_CLOCP" != "no" ]]
do
read -p "> Do you want to enable the close page on room exit: (yes or no)"$'\n' -r ENABLE_CLOCP
if [ "$ENABLE_CLOCP" = "yes" ]; then
echo "Close page will be enabled."
elif [ "$ENABLE_CLOCP" = "no" ]; then
echo "Close page will be keept disabled."
fi
done
#Enable static avatar
while [[ "$ENABLE_SA" != "yes" && "$ENABLE_SA" != "no" ]]
do
@ -711,12 +738,12 @@ VirtualHost "recorder.$DOMAIN"
modules_enabled = {
"ping";
}
authentication = "internal_plain"
authentication = "internal_hashed"
REC-JIBRI
#Enable Jibri withelist
sed -i "s| -- muc_lobby_whitelist| muc_lobby_whitelist|" $PROSODY_FILE
sed -i "s|-- muc_lobby_whitelist|muc_lobby_whitelist|" $PROSODY_FILE
#Fix Jibri conectivity issues
sed -i "s|c2s_require_encryption = .*|c2s_require_encryption = false|" $PROSODY_SYS
@ -977,7 +1004,6 @@ else
fi
#Static avatar
if [ "$ENABLE_SA" = "yes" ] && [ -f $WS_CONF ]; then
#wget https://switnet.net/static/avatar.png -O /usr/share/jitsi-meet/images/avatar2.png
cp images/avatar2.png /usr/share/jitsi-meet/images/
sed -i "/location \/external_api.min.js/i \ \ \ \ location \~ \^\/avatar\/\(.\*\)\\\.png {" $WS_CONF
sed -i "/location \/external_api.min.js/i \ \ \ \ \ \ \ \ alias /usr/share/jitsi-meet/images/avatar2.png;" $WS_CONF
@ -988,30 +1014,27 @@ if [ "$ENABLE_SA" = "yes" ] && [ -f $WS_CONF ]; then
fi
#nginx -tlsv1/1.1
if [ "$DROP_TLS1" = "yes" ] && [ "$DIST" != "xenial" ];then
echo -e "\nDropping TLSv1/1.1 in favor of v1.3"
echo -e "\nDropping TLSv1/1.1 in favor of v1.3\n"
sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" /etc/nginx/nginx.conf
#sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" $WS_CONF
elif [ "$DROP_TLS1" = "yes" ] && [ "$DIST" = "xenial" ];then
echo -e "\nOnly dropping TLSv1/1.1"
echo -e "\nOnly dropping TLSv1/1.1\n"
sed -i "s|TLSv1 TLSv1.1||" /etc/nginx/nginx.conf
sed -i "s| TLSv1.3||" $WS_CONF
elif [ "$DROP_TLS1" = "no" ];then
echo "No TLSv1/1.1 dropping was done."
echo -e "\nNo TLSv1/1.1 dropping was done.\n"
else
echo "No condition meet, please report to
https://github.com/switnet-ltd/quick-jibri-installer/issues "
fi
echo -e "\nDisable \"Blur my background\" until new notice\n"
sed -i "s|'videobackgroundblur', ||" $INT_CONF
#================== Setup prosody conf file =================
###Setup secure rooms
if [ "$ENABLE_SC" = "yes" ]; then
SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" $PROSODY_FILE | head -n1 | cut -d ":" -f1)
SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" $PROSODY_FILE | awk -F ':' 'NR==1{print$1}')
SRP_END=$((SRP_STR + 10))
sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"internal_plain\"|}" $PROSODY_FILE
sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"internal_hashed\"|}" $PROSODY_FILE
sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" $MEET_CONF
#Secure room initial user
@ -1042,15 +1065,10 @@ VirtualHost "guest.$DOMAIN"
authentication = "anonymous"
c2s_require_encryption = false
speakerstats_component = "speakerstats.$DOMAIN"
-- conference_duration_component = "conferenceduration.$DOMAIN"
-- lobby_muc = "lobby.$DOMAIN"
main_muc = "conference.$DOMAIN"
-- muc_lobby_whitelist = { "recorder.$DOMAIN", "auth.$DOMAIN" }
modules_enabled = {
"speakerstats";
-- "conference_duration";
-- "muc_lobby_rooms";
}
P_SR
@ -1070,6 +1088,12 @@ if [ "$ENABLE_WELCP" = "yes" ]; then
elif [ "$ENABLE_WELCP" = "no" ]; then
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: true,|" $MEET_CONF
fi
#Enable close page
if [ "$ENABLE_CLOCP" = "yes" ]; then
sed -i "s|.*enableClosePage:.*| enableClosePage: true,|" $MEET_CONF
elif [ "$ENABLE_CLOCP" = "no" ]; then
sed -i "s|.*enableClosePage:.*| enableClosePage: false,|" $MEET_CONF
fi
#Set displayname as not required since jibri can't set it up.
sed -i "s|// requireDisplayName: true,|requireDisplayName: false,|" $MEET_CONF

View File

@ -154,7 +154,7 @@ if [ -z $SND_AL_MODULE ]; then
please try rebooting.\nFor now wait 'til the end of the recommended kernel installation."
echo "# Check and Install HWE kernel if possible..."
if uname -r | grep -q aws;then
KNL_HWE="$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr)|awk 'NR__1{print$3}'|cut -d "." -f1-4)"
KNL_HWE="$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr)|awk 'NR==1{print$3}'|cut -d "." -f1-4)"
KNL_MENU="$(awk -F\' '/menuentry / {print $2}' /boot/grub/grub.cfg|awk '!/recovery/&&/generic/{print$3,$4}'|grep $KNL_HWE)"
if [ ! -z "$KNL_MENU" ];then
echo -e "\nSeems you are using an AWS kernel \xE2\x9C\x96 <== IMPORTANT! \nYou might consider modify your grub (/etc/default/grub) to use the following:" && \