From fb7355cab308e659147e2c2b020847699398f4ed Mon Sep 17 00:00:00 2001 From: Ark74 Date: Mon, 3 May 2021 13:17:00 -0500 Subject: [PATCH 01/16] Clarify installer goal --- README.md | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 652aa66..523bf29 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ # Quick Jibri Installer -Bash installer for Jibri on supported **Ubuntu LTS** based systems using **nginx** as default webserver. +Bash installer for Jitsi Meet standalone along with Jibri on supported**Ubuntu LTS** based systems using **nginx** as default webserver. ## Usage As for our current latest release, as we have integrated more and more features, we highly recommend to use a purpose specific-newly spawn server to host the jitsi-meet framework, making sure you stick to the requirements and recommendations as much as possible, in order to avoid issues. @@ -13,6 +13,9 @@ git clone https://github.com/switnet-ltd/quick-jibri-installer cd quick-jibri-installer bash quick-jibri-installer.sh ``` +If your server meet the necessary resources, then at the end on the installer you should have a working Jitsi Meet Server along with a Jibri server ready to record. + +Additional jibris need to be set on separate servers, only necesary on simultaneous recordings for that please use add-jibri-node.sh. ### Add Jibri node @@ -24,6 +27,8 @@ Copy the modified `add-jibri-node.sh` file from your early cloned installation d bash add-jibri-node.sh ``` +Please remember that on newer versions, jibri will record on FHD (1920x1080) so please make sure your server have enough CPU power in orther to handle the encoding load. + ### Add JVB2 node Copy the modified `add-jvb2-node.sh` file from your early cloned installation directory once the installation is completed, to the new server meant to be a jibri node using your preferred method, then run it @@ -40,7 +45,7 @@ Check more details on our wiki. * Clean VM/VPS/Server using a supported Ubuntu LTS * Valid domain with DNS record, **mandatory** for SSL certs via Let's Encrypt. * Ports open for ACME (SSL) interaction & validation. -* Highly recommended: 8 GB RAM / 4 Cores. +* Highly recommended: Above 8 GB RAM / 4 Cores. * Webcam ### Jigasi Transcript From fa2c1987b9eeccd48236b390c05499f57080394a Mon Sep 17 00:00:00 2001 From: Ark74 Date: Mon, 3 May 2021 13:18:37 -0500 Subject: [PATCH 02/16] Fix typo --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 523bf29..ad737e9 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ # Quick Jibri Installer -Bash installer for Jitsi Meet standalone along with Jibri on supported**Ubuntu LTS** based systems using **nginx** as default webserver. +Bash installer for Jitsi Meet standalone along with Jibri on supported **Ubuntu LTS** based systems using **nginx** as default webserver. ## Usage As for our current latest release, as we have integrated more and more features, we highly recommend to use a purpose specific-newly spawn server to host the jitsi-meet framework, making sure you stick to the requirements and recommendations as much as possible, in order to avoid issues. From 640c7142b15c1d735e885c017d916714f75296ab Mon Sep 17 00:00:00 2001 From: Ark74 Date: Mon, 3 May 2021 17:53:33 -0500 Subject: [PATCH 03/16] Moving jigasi into old scripts folder, most likely unsupported. --- old/jigasi.sh | 307 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 307 insertions(+) create mode 100644 old/jigasi.sh diff --git a/old/jigasi.sh b/old/jigasi.sh new file mode 100644 index 0000000..d5149cc --- /dev/null +++ b/old/jigasi.sh @@ -0,0 +1,307 @@ +#!/bin/bash +# Quick Jigasi Installer - *buntu (LTS) based systems. +# SwITNet Ltd © - 2020, https://switnet.net/ +# GPLv3 or later. + +##################### Whistlist ####################### +# Saves final transcript in translated languages #130 - +# https://github.com/jitsi/jigasi/pull/130 +####################################################### + +#Check if user is root +if ! [ $(id -u) = 0 ]; then + echo "You need to be root or have sudo privileges!" + exit 0 +fi + +clear +echo ' +######################################################################## + Jigasi Transcript addon +######################################################################## + by Software, IT & Networks Ltd +' + +JIGASI_CONFIG=/etc/jitsi/jigasi/config +GC_API_JSON=/opt/gc-sdk/GCTranscriptAPI.json +DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++') +MEET_CONF=/etc/jitsi/meet/${DOMAIN}-config.js +JIG_SIP_CONF=/etc/jitsi/jigasi/config +JIG_SIP_PROP=/etc/jitsi/jigasi/sip-communicator.properties +JIC_SIP_PROP=/etc/jitsi/jicofo/sip-communicator.properties +JIG_TRANSC_PASWD="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 8 | head -n1)" +JIG_TRANSC_PASWD_B64="$(echo -n "$JIG_TRANSC_PASWD" | base64)" +DIST=$(lsb_release -sc) +CHECK_GC_REPO=$(apt-cache policy | grep http | grep cloud-sdk | head -n1 | awk '{print $3}' | awk -F '/' '{print $1}') + +install_gc_repo() { +if [ "$CHECK_GC_REPO" = "cloud-sdk-$DIST" ]; then + echo " +Google Cloud SDK repository already on the system! +" +else + echo " +Adding Google Cloud SDK repository for latest updates +" + export CLOUD_SDK_REPO="cloud-sdk-$DIST" + echo "deb http://packages.cloud.google.com/apt $CLOUD_SDK_REPO main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list + curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - + +fi +} +install_gc_repo +apt-get -q2 update +apt-get -y install google-cloud-sdk google-cloud-sdk-app-engine-java + +echo "Please select one of the current options: +[1] I want to configure a new project, service account, billing and JSON credentials. +[2] I already have one project configured and already have a JSON key file from Google" +while [[ "$SETUP_TYPE" != "1" && "$SETUP_TYPE" != "2" ]] +do + read -p "What option suits your setup?: (1 or 2)"$'\n' -r SETUP_TYPE + if [ "$SETUP_TYPE" = "1" ]; then + echo "We'll setup a GC Projects from scratch" + elif [ "$SETUP_TYPE" = "2" ]; then + echo "We'll setup only the proect and JSON key." + fi +done + +if [ $SETUP_TYPE = 1 ]; then +### Start of new project configuration - Google SDK +#Setup option 1 - Google Cloud SDK +echo "Once logged on Google Cloud SDK, please create a new project (last option)." +gcloud init +read -p "Enter the project name you just created for Jigasi Speech-to-Text"$'\n' -r GC_PROJECT_NAME +#Second login - Google Auth Library +echo "Login to Google Auth Library" +gcloud auth application-default login + +# Start Google Cloud Configuration - Application Service +GC_MEMBER=transcript +echo "Checking if project exist..." +PROJECT_GC_ID=$(gcloud projects list | grep $GC_PROJECT_NAME | awk '{print$3}') +while [ -z $PROJECT_GC_ID ] +do +read -p "Enter the project name you just created for Jigasi Speech-to-Text"$'\n' -r GC_PROJECT_NAME +if [ -z PROJECT_GC_ID ]; then + echo "Please check your project name," + echo "There is no project listed with the provided name: $GC_PROJECT_NAME" + PROJECT_GC_ID=$(gcloud projects list | grep $GC_PROJECT_NAME | awk '{print$3}') + fi +done +echo "Your $GC_PROJECT_NAME ID's project is: $PROJECT_GC_ID" + +# Enable Speech2Text +echo "Important: Please enable billing on your project using the following URL: +https://console.developers.google.com/project/$PROJECT_GC_ID/settings" + +echo "Checking billing..." +CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" +while [[ $? -eq 1 ]] +do +CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" +if [[ $? -eq 1 ]]; then + echo "Seems you haven't enabled billing for this project: $GC_PROJECT_NAME" + exho " For that go to: https://console.developers.google.com/project/$PROJECT_GC_ID/settings + " + read -p "Press Enter to continue" + CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" +fi +done +echo "Billing account seems setup, continuing..." + +gcloud iam service-accounts create $GC_MEMBER + +gcloud projects add-iam-policy-binding $GC_PROJECT_NAME \ + --member serviceAccount:$GC_MEMBER@$GC_PROJECT_NAME.iam.gserviceaccount.com \ + --role roles/editor + +echo "Setup credentials:" +echo "Please go and download your valid json key at: +https://console.developers.google.com/apis/credentials?folder=&organizationId=&project=$GC_PROJECT_NAME" +### End of new project configuration - Google SDK +fi + +if [ "$SETUP_TYPE" = "2" ]; then +#Setup option 1 - Google Cloud SDK +echo "Once logged on Google Cloud SDK, please select the project that owns to the JSON key." +gcloud init +echo "Login to Google Auth Library" +gcloud auth application-default login +fi + +echo "Setting up JSON key file..." +sleep 2 +mkdir /opt/gc-sdk/ +cat << KEY_JSON > $GC_API_JSON +# +# Paste below this comment your GC JSON key for the service account: +# $GC_MEMBER@$GC_PROJECT_NAME.iam.gserviceaccount.com +# +# Visit the following URL and create a *Service Account Key*: +# https://console.developers.google.com/apis/credentials?folder=&organizationId=&project=$GC_PROJECT_NAME +# These comment lines will be deleted afterwards. +# +KEY_JSON +chmod 644 $GC_API_JSON +nano $GC_API_JSON +sed -i '/^#/d' $GC_API_JSON + +CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)" +while [[ $? -eq 1 ]] +do +CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)" +if [[ $? -eq 1 ]]; then + echo "Check again your JSON file, syntax doesn't seem right" + sleep 2 + nano $GC_API_JSON + CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)" +fi +done +echo " +Great, seems your JSON key syntax is fine. +" +sleep 2 + +export GOOGLE_APPLICATION_CREDENTIALS=$GC_API_JSON + +echo "Installing Jigasi, your SIP credentials will be asked. (mandatory)" +apt-get -y install jigasi +#apt-mark hold jigasi + +cat << JIGASI_CONF >> $JIGASI_CONFIG + +GOOGLE_APPLICATION_CREDENTIALS=$GC_API_JSON + +JIGASI_CONF + +echo "Your Google Cloud credentials are at $GC_API_JSON" + +echo "Setting up Jigasi transcript with current platform..." +#Connect callcontrol +sed -i "s|// call_control:|call_control:|" $MEET_CONF +sed -i "s|// transcribingEnabled|transcribingEnabled|" $MEET_CONF +sed -i "/transcribingEnabled/ s|false|true|" $MEET_CONF + +#siptest2siptest@domain.con +#changed from conference to internal.auth from jibri +sed -i "s|siptest|siptest@internal.auth.$DOMAIN|" $JIG_SIP_PROP + +#Disable component in favor of MUC +if [ $(grep -c nocomponent $JIG_SIP_CONF) != 0 ]; then + echo "Jigasi component is already disabled." +else + echo "Disabling jigasi component in favor of MUC" + sed -i "s|JIGASI_OPTS=.*|JIGASI_OPTS=\"--nocomponent=true\"|" $JIG_SIP_CONF +fi + +#Setup XMPP +cat << ACC1_XMPP >> $JIG_SIP_PROP + +# XMPP account used for control +net.java.sip.communicator.impl.protocol.jabber.acc1=acc1 +net.java.sip.communicator.impl.protocol.jabber.acc1.ACCOUNT_UID=Jabber:jigasi@auth.$DOMAIN@$DOMAIN +net.java.sip.communicator.impl.protocol.jabber.acc1.USER_ID=jigasi@auth.$DOMAIN +net.java.sip.communicator.impl.protocol.jabber.acc1.IS_SERVER_OVERRIDDEN=true +net.java.sip.communicator.impl.protocol.jabber.acc1.SERVER_ADDRESS=$DOMAIN +net.java.sip.communicator.impl.protocol.jabber.acc1.SERVER_PORT=5222 +net.java.sip.communicator.impl.protocol.jabber.acc1.PASSWORD=$JIG_TRANSC_PASWD_B64 +net.java.sip.communicator.impl.protocol.jabber.acc1.AUTO_GENERATE_RESOURCE=true +net.java.sip.communicator.impl.protocol.jabber.acc1.RESOURCE_PRIORITY=30 +net.java.sip.communicator.impl.protocol.jabber.acc1.IS_CARBON_DISABLED=true +net.java.sip.communicator.impl.protocol.jabber.acc1.DEFAULT_ENCRYPTION=true +net.java.sip.communicator.impl.protocol.jabber.acc1.IS_USE_ICE=true +net.java.sip.communicator.impl.protocol.jabber.acc1.IS_ACCOUNT_DISABLED=false +net.java.sip.communicator.impl.protocol.jabber.acc1.IS_PREFERRED_PROTOCOL=false +net.java.sip.communicator.impl.protocol.jabber.acc1.AUTO_DISCOVER_JINGLE_NODES=false +net.java.sip.communicator.impl.protocol.jabber.acc1.PROTOCOL=Jabber +net.java.sip.communicator.impl.protocol.jabber.acc1.IS_USE_UPNP=false +net.java.sip.communicator.impl.protocol.jabber.acc1.USE_DEFAULT_STUN_SERVER=true +net.java.sip.communicator.impl.protocol.jabber.acc1.ENCRYPTION_PROTOCOL.DTLS-SRTP=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.ENCRYPTION_PROTOCOL_STATUS.DTLS-SRTP=true +net.java.sip.communicator.impl.protocol.jabber.acc1.VIDEO_CALLING_DISABLED=true +net.java.sip.communicator.impl.protocol.jabber.acc1.OVERRIDE_ENCODINGS=true +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.G722/8000=705 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.GSM/8000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.H263-1998/90000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.H264/90000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.PCMA/8000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.PCMU/8000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/12000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/16000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/24000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/8000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.VP8/90000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.iLBC/8000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.opus/48000=750 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.speex/16000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.speex/32000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.speex/8000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.telephone-event/8000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.BREWERY=JigasiBreweryRoom@internal.auth.$DOMAIN +net.java.sip.communicator.impl.protocol.jabber.acc1.DOMAIN_BASE=$DOMAIN + +org.jitsi.jigasi.MUC_SERVICE_ADDRESS=conference.$DOMAIN +org.jitsi.jigasi.BREWERY_ENABLED=true + +org.jitsi.jigasi.HEALTH_CHECK_SIP_URI="" +org.jitsi.jigasi.HEALTH_CHECK_INTERVAL=300000 +org.jitsi.jigasi.HEALTH_CHECK_TIMEOUT=600000 + +org.jitsi.jigasi.xmpp.acc.IS_SERVER_OVERRIDDEN=true +#org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=$DOMAIN + +org.jitsi.jigasi.xmpp.acc.VIDEO_CALLING_DISABLED=true +org.jitsi.jigasi.xmpp.acc.JINGLE_NODES_ENABLED=false +org.jitsi.jigasi.xmpp.acc.AUTO_DISCOVER_STUN=false +org.jitsi.jigasi.xmpp.acc.IM_DISABLED=true +org.jitsi.jigasi.xmpp.acc.SERVER_STORED_INFO_DISABLED=true +org.jitsi.jigasi.xmpp.acc.IS_FILE_TRANSFER_DISABLED=true + +org.jitsi.jigasi.xmpp.acc.USER_ID=jigasi@auth.$DOMAIN +org.jitsi.jigasi.xmpp.acc.PASS=$JIG_TRANSC_PASWD +org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false +org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true +ACC1_XMPP + +#Enable transcription config +sed -i "/ENABLE_TRANSCRIPTION/ s|#||" $JIG_SIP_PROP +sed -i "/ENABLE_TRANSCRIPTION/ s|false|true|" $JIG_SIP_PROP +sed -i "/ENABLE_SIP/ s|#||" $JIG_SIP_PROP +sed -i "/ENABLE_SIP/ s|true|false|" $JIG_SIP_PROP + +#Transcript format +sed -i "/SAVE_JSON/ s|# ||" $JIG_SIP_PROP +sed -i "/SEND_JSON/ s|# ||" $JIG_SIP_PROP +sed -i "/SAVE_TXT/ s|# ||" $JIG_SIP_PROP +sed -i "/SEND_TXT/ s|# ||" $JIG_SIP_PROP +#sed -i "/SEND_TXT/ s|false|true|" $JIG_SIP_PROP + +#Allow to connect other than same server only. +sed -i \ +"/xmpp.acc.SERVER_ADDRESS/ s|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=.*|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=$DOMAIN|" \ +$JIG_SIP_PROP + +#Remember to study how to use LE or what's needed #ToDo +sed -i "/ALWAYS_TRUST_MODE_ENABLED/ s|# ||" $JIG_SIP_PROP + +prosodyctl register jigasi auth.$DOMAIN $JIG_TRANSC_PASWD + +#Set Brewery +cat << JIG_JIC >> $JIC_SIP_PROP +org.jitsi.jicofo.jigasi.BREWERY=JigasiBreweryRoom@internal.auth.$DOMAIN +JIG_JIC + +systemctl restart prosody \ + jicofo \ + jibri* \ + jitsi-videobridge2 + +echo " +Full transcript files are available at: +--> /var/lib/jigasi/transcripts/ +" + +echo " +Happy transcripting! +" From 34a5938d78fac44a0caa7527910560ebb1f163f0 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Mon, 3 May 2021 17:55:04 -0500 Subject: [PATCH 04/16] Moving jigasi into old scripts folder, most likely unsupported. --- jigasi.sh | 307 ------------------------------------------------------ 1 file changed, 307 deletions(-) delete mode 100644 jigasi.sh diff --git a/jigasi.sh b/jigasi.sh deleted file mode 100644 index d5149cc..0000000 --- a/jigasi.sh +++ /dev/null @@ -1,307 +0,0 @@ -#!/bin/bash -# Quick Jigasi Installer - *buntu (LTS) based systems. -# SwITNet Ltd © - 2020, https://switnet.net/ -# GPLv3 or later. - -##################### Whistlist ####################### -# Saves final transcript in translated languages #130 - -# https://github.com/jitsi/jigasi/pull/130 -####################################################### - -#Check if user is root -if ! [ $(id -u) = 0 ]; then - echo "You need to be root or have sudo privileges!" - exit 0 -fi - -clear -echo ' -######################################################################## - Jigasi Transcript addon -######################################################################## - by Software, IT & Networks Ltd -' - -JIGASI_CONFIG=/etc/jitsi/jigasi/config -GC_API_JSON=/opt/gc-sdk/GCTranscriptAPI.json -DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++') -MEET_CONF=/etc/jitsi/meet/${DOMAIN}-config.js -JIG_SIP_CONF=/etc/jitsi/jigasi/config -JIG_SIP_PROP=/etc/jitsi/jigasi/sip-communicator.properties -JIC_SIP_PROP=/etc/jitsi/jicofo/sip-communicator.properties -JIG_TRANSC_PASWD="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 8 | head -n1)" -JIG_TRANSC_PASWD_B64="$(echo -n "$JIG_TRANSC_PASWD" | base64)" -DIST=$(lsb_release -sc) -CHECK_GC_REPO=$(apt-cache policy | grep http | grep cloud-sdk | head -n1 | awk '{print $3}' | awk -F '/' '{print $1}') - -install_gc_repo() { -if [ "$CHECK_GC_REPO" = "cloud-sdk-$DIST" ]; then - echo " -Google Cloud SDK repository already on the system! -" -else - echo " -Adding Google Cloud SDK repository for latest updates -" - export CLOUD_SDK_REPO="cloud-sdk-$DIST" - echo "deb http://packages.cloud.google.com/apt $CLOUD_SDK_REPO main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list - curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - - -fi -} -install_gc_repo -apt-get -q2 update -apt-get -y install google-cloud-sdk google-cloud-sdk-app-engine-java - -echo "Please select one of the current options: -[1] I want to configure a new project, service account, billing and JSON credentials. -[2] I already have one project configured and already have a JSON key file from Google" -while [[ "$SETUP_TYPE" != "1" && "$SETUP_TYPE" != "2" ]] -do - read -p "What option suits your setup?: (1 or 2)"$'\n' -r SETUP_TYPE - if [ "$SETUP_TYPE" = "1" ]; then - echo "We'll setup a GC Projects from scratch" - elif [ "$SETUP_TYPE" = "2" ]; then - echo "We'll setup only the proect and JSON key." - fi -done - -if [ $SETUP_TYPE = 1 ]; then -### Start of new project configuration - Google SDK -#Setup option 1 - Google Cloud SDK -echo "Once logged on Google Cloud SDK, please create a new project (last option)." -gcloud init -read -p "Enter the project name you just created for Jigasi Speech-to-Text"$'\n' -r GC_PROJECT_NAME -#Second login - Google Auth Library -echo "Login to Google Auth Library" -gcloud auth application-default login - -# Start Google Cloud Configuration - Application Service -GC_MEMBER=transcript -echo "Checking if project exist..." -PROJECT_GC_ID=$(gcloud projects list | grep $GC_PROJECT_NAME | awk '{print$3}') -while [ -z $PROJECT_GC_ID ] -do -read -p "Enter the project name you just created for Jigasi Speech-to-Text"$'\n' -r GC_PROJECT_NAME -if [ -z PROJECT_GC_ID ]; then - echo "Please check your project name," - echo "There is no project listed with the provided name: $GC_PROJECT_NAME" - PROJECT_GC_ID=$(gcloud projects list | grep $GC_PROJECT_NAME | awk '{print$3}') - fi -done -echo "Your $GC_PROJECT_NAME ID's project is: $PROJECT_GC_ID" - -# Enable Speech2Text -echo "Important: Please enable billing on your project using the following URL: -https://console.developers.google.com/project/$PROJECT_GC_ID/settings" - -echo "Checking billing..." -CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" -while [[ $? -eq 1 ]] -do -CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" -if [[ $? -eq 1 ]]; then - echo "Seems you haven't enabled billing for this project: $GC_PROJECT_NAME" - exho " For that go to: https://console.developers.google.com/project/$PROJECT_GC_ID/settings - " - read -p "Press Enter to continue" - CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" -fi -done -echo "Billing account seems setup, continuing..." - -gcloud iam service-accounts create $GC_MEMBER - -gcloud projects add-iam-policy-binding $GC_PROJECT_NAME \ - --member serviceAccount:$GC_MEMBER@$GC_PROJECT_NAME.iam.gserviceaccount.com \ - --role roles/editor - -echo "Setup credentials:" -echo "Please go and download your valid json key at: -https://console.developers.google.com/apis/credentials?folder=&organizationId=&project=$GC_PROJECT_NAME" -### End of new project configuration - Google SDK -fi - -if [ "$SETUP_TYPE" = "2" ]; then -#Setup option 1 - Google Cloud SDK -echo "Once logged on Google Cloud SDK, please select the project that owns to the JSON key." -gcloud init -echo "Login to Google Auth Library" -gcloud auth application-default login -fi - -echo "Setting up JSON key file..." -sleep 2 -mkdir /opt/gc-sdk/ -cat << KEY_JSON > $GC_API_JSON -# -# Paste below this comment your GC JSON key for the service account: -# $GC_MEMBER@$GC_PROJECT_NAME.iam.gserviceaccount.com -# -# Visit the following URL and create a *Service Account Key*: -# https://console.developers.google.com/apis/credentials?folder=&organizationId=&project=$GC_PROJECT_NAME -# These comment lines will be deleted afterwards. -# -KEY_JSON -chmod 644 $GC_API_JSON -nano $GC_API_JSON -sed -i '/^#/d' $GC_API_JSON - -CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)" -while [[ $? -eq 1 ]] -do -CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)" -if [[ $? -eq 1 ]]; then - echo "Check again your JSON file, syntax doesn't seem right" - sleep 2 - nano $GC_API_JSON - CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)" -fi -done -echo " -Great, seems your JSON key syntax is fine. -" -sleep 2 - -export GOOGLE_APPLICATION_CREDENTIALS=$GC_API_JSON - -echo "Installing Jigasi, your SIP credentials will be asked. (mandatory)" -apt-get -y install jigasi -#apt-mark hold jigasi - -cat << JIGASI_CONF >> $JIGASI_CONFIG - -GOOGLE_APPLICATION_CREDENTIALS=$GC_API_JSON - -JIGASI_CONF - -echo "Your Google Cloud credentials are at $GC_API_JSON" - -echo "Setting up Jigasi transcript with current platform..." -#Connect callcontrol -sed -i "s|// call_control:|call_control:|" $MEET_CONF -sed -i "s|// transcribingEnabled|transcribingEnabled|" $MEET_CONF -sed -i "/transcribingEnabled/ s|false|true|" $MEET_CONF - -#siptest2siptest@domain.con -#changed from conference to internal.auth from jibri -sed -i "s|siptest|siptest@internal.auth.$DOMAIN|" $JIG_SIP_PROP - -#Disable component in favor of MUC -if [ $(grep -c nocomponent $JIG_SIP_CONF) != 0 ]; then - echo "Jigasi component is already disabled." -else - echo "Disabling jigasi component in favor of MUC" - sed -i "s|JIGASI_OPTS=.*|JIGASI_OPTS=\"--nocomponent=true\"|" $JIG_SIP_CONF -fi - -#Setup XMPP -cat << ACC1_XMPP >> $JIG_SIP_PROP - -# XMPP account used for control -net.java.sip.communicator.impl.protocol.jabber.acc1=acc1 -net.java.sip.communicator.impl.protocol.jabber.acc1.ACCOUNT_UID=Jabber:jigasi@auth.$DOMAIN@$DOMAIN -net.java.sip.communicator.impl.protocol.jabber.acc1.USER_ID=jigasi@auth.$DOMAIN -net.java.sip.communicator.impl.protocol.jabber.acc1.IS_SERVER_OVERRIDDEN=true -net.java.sip.communicator.impl.protocol.jabber.acc1.SERVER_ADDRESS=$DOMAIN -net.java.sip.communicator.impl.protocol.jabber.acc1.SERVER_PORT=5222 -net.java.sip.communicator.impl.protocol.jabber.acc1.PASSWORD=$JIG_TRANSC_PASWD_B64 -net.java.sip.communicator.impl.protocol.jabber.acc1.AUTO_GENERATE_RESOURCE=true -net.java.sip.communicator.impl.protocol.jabber.acc1.RESOURCE_PRIORITY=30 -net.java.sip.communicator.impl.protocol.jabber.acc1.IS_CARBON_DISABLED=true -net.java.sip.communicator.impl.protocol.jabber.acc1.DEFAULT_ENCRYPTION=true -net.java.sip.communicator.impl.protocol.jabber.acc1.IS_USE_ICE=true -net.java.sip.communicator.impl.protocol.jabber.acc1.IS_ACCOUNT_DISABLED=false -net.java.sip.communicator.impl.protocol.jabber.acc1.IS_PREFERRED_PROTOCOL=false -net.java.sip.communicator.impl.protocol.jabber.acc1.AUTO_DISCOVER_JINGLE_NODES=false -net.java.sip.communicator.impl.protocol.jabber.acc1.PROTOCOL=Jabber -net.java.sip.communicator.impl.protocol.jabber.acc1.IS_USE_UPNP=false -net.java.sip.communicator.impl.protocol.jabber.acc1.USE_DEFAULT_STUN_SERVER=true -net.java.sip.communicator.impl.protocol.jabber.acc1.ENCRYPTION_PROTOCOL.DTLS-SRTP=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.ENCRYPTION_PROTOCOL_STATUS.DTLS-SRTP=true -net.java.sip.communicator.impl.protocol.jabber.acc1.VIDEO_CALLING_DISABLED=true -net.java.sip.communicator.impl.protocol.jabber.acc1.OVERRIDE_ENCODINGS=true -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.G722/8000=705 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.GSM/8000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.H263-1998/90000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.H264/90000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.PCMA/8000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.PCMU/8000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/12000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/16000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/24000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/8000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.VP8/90000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.iLBC/8000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.opus/48000=750 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.speex/16000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.speex/32000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.speex/8000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.telephone-event/8000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.BREWERY=JigasiBreweryRoom@internal.auth.$DOMAIN -net.java.sip.communicator.impl.protocol.jabber.acc1.DOMAIN_BASE=$DOMAIN - -org.jitsi.jigasi.MUC_SERVICE_ADDRESS=conference.$DOMAIN -org.jitsi.jigasi.BREWERY_ENABLED=true - -org.jitsi.jigasi.HEALTH_CHECK_SIP_URI="" -org.jitsi.jigasi.HEALTH_CHECK_INTERVAL=300000 -org.jitsi.jigasi.HEALTH_CHECK_TIMEOUT=600000 - -org.jitsi.jigasi.xmpp.acc.IS_SERVER_OVERRIDDEN=true -#org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=$DOMAIN - -org.jitsi.jigasi.xmpp.acc.VIDEO_CALLING_DISABLED=true -org.jitsi.jigasi.xmpp.acc.JINGLE_NODES_ENABLED=false -org.jitsi.jigasi.xmpp.acc.AUTO_DISCOVER_STUN=false -org.jitsi.jigasi.xmpp.acc.IM_DISABLED=true -org.jitsi.jigasi.xmpp.acc.SERVER_STORED_INFO_DISABLED=true -org.jitsi.jigasi.xmpp.acc.IS_FILE_TRANSFER_DISABLED=true - -org.jitsi.jigasi.xmpp.acc.USER_ID=jigasi@auth.$DOMAIN -org.jitsi.jigasi.xmpp.acc.PASS=$JIG_TRANSC_PASWD -org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false -org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true -ACC1_XMPP - -#Enable transcription config -sed -i "/ENABLE_TRANSCRIPTION/ s|#||" $JIG_SIP_PROP -sed -i "/ENABLE_TRANSCRIPTION/ s|false|true|" $JIG_SIP_PROP -sed -i "/ENABLE_SIP/ s|#||" $JIG_SIP_PROP -sed -i "/ENABLE_SIP/ s|true|false|" $JIG_SIP_PROP - -#Transcript format -sed -i "/SAVE_JSON/ s|# ||" $JIG_SIP_PROP -sed -i "/SEND_JSON/ s|# ||" $JIG_SIP_PROP -sed -i "/SAVE_TXT/ s|# ||" $JIG_SIP_PROP -sed -i "/SEND_TXT/ s|# ||" $JIG_SIP_PROP -#sed -i "/SEND_TXT/ s|false|true|" $JIG_SIP_PROP - -#Allow to connect other than same server only. -sed -i \ -"/xmpp.acc.SERVER_ADDRESS/ s|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=.*|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=$DOMAIN|" \ -$JIG_SIP_PROP - -#Remember to study how to use LE or what's needed #ToDo -sed -i "/ALWAYS_TRUST_MODE_ENABLED/ s|# ||" $JIG_SIP_PROP - -prosodyctl register jigasi auth.$DOMAIN $JIG_TRANSC_PASWD - -#Set Brewery -cat << JIG_JIC >> $JIC_SIP_PROP -org.jitsi.jicofo.jigasi.BREWERY=JigasiBreweryRoom@internal.auth.$DOMAIN -JIG_JIC - -systemctl restart prosody \ - jicofo \ - jibri* \ - jitsi-videobridge2 - -echo " -Full transcript files are available at: ---> /var/lib/jigasi/transcripts/ -" - -echo " -Happy transcripting! -" From 70fb46c2daaebee91e56035538f9c5b12ea66d6d Mon Sep 17 00:00:00 2001 From: Ark74 Date: Mon, 3 May 2021 17:56:12 -0500 Subject: [PATCH 05/16] Add jibri resolution enhancer. --- tools/jibri-resolution-enhancer.sh | 115 +++++++++++++++++++++++++++++ 1 file changed, 115 insertions(+) create mode 100644 tools/jibri-resolution-enhancer.sh diff --git a/tools/jibri-resolution-enhancer.sh b/tools/jibri-resolution-enhancer.sh new file mode 100644 index 0000000..13aa27a --- /dev/null +++ b/tools/jibri-resolution-enhancer.sh @@ -0,0 +1,115 @@ +#!/bin/bash +# Simple Jibri resolution enhancer +# 2021 - SwITNet Ltd +# GNU GPLv3 or later. + +while getopts m: option +do + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo ./jibri-resolution-enhancer.sh [-m debug]" && exit;; + esac +done + +#DEBUG +if [ "$MODE" = "debug" ]; then + set -x +fi + +#Check if user is root +if ! [ $(id -u) = 0 ]; then + echo "You need to be root or have sudo privileges!" + exit 0 +fi + +# Make sure jibri is installed +if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ]; then + echo "Good Jibri is installed on this server" +else + echo "Jibri is not on this system, it is a requirement. +Exiting..." + exit +fi + +apt-get -y install apt-show-version + +JIBRI_OPT="/opt/jitsi/jibri" +JIBRI_ENH_PATH="/opt/jibri-res-enhancer" +INSTALLED_JIBRI_VERSION="$(apt-show-versions jibri|awk '{print$2}')" + +#Check if already run +if [ -f "$JIBRI_OPT/jibri-res_enh.jar" ] && \ + [ -d "$JIBRI_ENH_PATH" ]; then + echo "Seems this tools have been run before..." + exit +fi + +mkdir /tmp/jibri +cd /tmp/jibri + +#Get md5sum for current jibri installed. +apt-get download jibri=$INSTALLED_JIBRI_VERSION +ar x jibri_*.deb +tar xvf data.tar.xz +UPSTREAM_DEB_JAR_SUM="$(md5sum opt/jitsi/jibri/jibri.jar |awk '{print$1}')" + +if [ -z $UPSTREAM_DEB_JAR_SUM ]; then + echo "Not possible to continue, exiting..." + exit +fi + +#Compile requisites +apt-get -y install devscripts \ + git \ + maven \ + openjdk-8-jdk + +#Build repository +git clone https://github.com/jitsi/jibri $JIBRI_ENH_PATH +cd $JIBRI_ENH_PATH + +# Default values +## videoEncodePreset - "veryfast" || h264ConstantRateFactor - 25 +# Recomemended values based on: https://trac.ffmpeg.org/wiki/Encode/H.264#crf +## videoEncodePreset - "medium" || h264ConstantRateFactor - 15 +sed -i "/videoEncodePreset/s|String =.*|String = \"medium\",|" src/main/kotlin/org/jitsi/jibri/capture/ffmpeg/FfmpegCapturer.kt +sed -i "/h264ConstantRateFactor/s|Int =.*|Int = 15,|" src/main/kotlin/org/jitsi/jibri/capture/ffmpeg/FfmpegCapturer.kt +mvn package + +JIBRI_JAR="$(ls -Sh $JIBRI_ENH_PATH/target|awk '/dependencies/&&/.jar/{print}'|awk 'NR==1{print}')" +cp $JIBRI_ENH_PATH/target/$JIBRI_JAR $JIBRI_ENH_PATH/target/jibri.jar + +# Backing up default binaries +if [ "$UPSTREAM_DEB_JAR_SUM" = "$(md5sum $JIBRI_OPT/jibri.jar)" ]; then + cp $JIBRI_OPT/jibri.jar $JIBRI_OPT/jibri-dpkg-package.jar +fi + +# Migrate original to enhanced jibri +cp $JIBRI_ENH_PATH/target/jibri.jar $JIBRI_OPT/jibri-res_enh.jar +if [ -f $JIBRI_OPT/jibri-dpkg-package.jar ];then + cp $JIBRI_OPT/jibri-res_enh.jar $JIBRI_OPT/jibri.jar +fi + +JIBRI_RES_ENH_HASH="$(md5sum $JIBRI_OPT/jibri-res_enh.jar)" +USED_JIBRI_HASH="$(md5sum $JIBRI_OPT/jibri.jar)" + +if [ "$JIBRI_RES_ENH_HASH" = "$USED_JIBRI_HASH" ]; then + echo "Everything seems to have gone well." +else + echo "Something went wrong, restoring default package..." + if [ "$(md5sum $JIBRI_OPT/jibri-dpkg-package.jar)" = "$UPSTREAM_DEB_JAR_SUM" ]; then + cp $JIBRI_OPT/jibri-dpkg-package.jar $JIBRI_OPT/jibri.jar + else + if [ -f /tmp/jibri/opt/jitsi/jibri/jibri.jar ]; then + echo "Restoring from upstream package..." + cp /tmp/jibri/opt/jitsi/jibri/jibri.jar $JIBRI_OPT/jibri.jar + else + echo "Wow, someone took the time to avoid restauration, please manually review your changes." + echo "Exiting..." + exit + fi + fi +fi +systemctl restart jibri* + From f52f15dba53632d75d16af6ec8047f1e9b96aeb9 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Mon, 3 May 2021 18:23:03 -0500 Subject: [PATCH 06/16] Fisrt draft for jitsi-meet start-over script --- tools/start-over.sh | 99 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 99 insertions(+) create mode 100644 tools/start-over.sh diff --git a/tools/start-over.sh b/tools/start-over.sh new file mode 100644 index 0000000..dc0cbb2 --- /dev/null +++ b/tools/start-over.sh @@ -0,0 +1,99 @@ +#!/bin/bash +#Start over + + +while getopts m: option +do + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo ./start-over.sh [-m debug]" && exit;; + esac +done + +#DEBUG +if [ "$MODE" = "debug" ]; then + set -x +fi + +#Check if user is root +if ! [ $(id -u) = 0 ]; then + echo "You need to be root or have sudo privileges!" + exit 0 +fi + +wait_seconds() { +secs=$(($1)) +while [ $secs -gt 0 ]; do + echo -ne "$secs\033[0K\r" + sleep 1 + : $((secs--)) +done +} +purge_debconf() { + echo PURGE | debconf-communicate $1 +} + +echo "We are about to remove and clean all the jitsi-meet plaform bits and pieces... +Please make sure you have backed up anything you don't want to loose." + +echo " +# WARGNING #: This is only recommended if you want to start over a failed installation, +or plain and simple remove jitsi from your system." + +while [[ "$CONTINUE_PURGE1" != "yes" && "$CONTINUE_PURGE1" != "no" ]] +do +read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_PURGE1 +if [ "$CONTINUE_PURGE1" = "no" ]; then + echo " Good, see you next time..." + exit +elif [ "$CONTINUE_PURGE1" = "yes" ]; then + echo "" +fi +done + +echo "Let me ask just one more time..." +while [[ "$CONTINUE_PURGE2" != "yes" && "$CONTINUE_PURGE2" != "no" ]] +do +read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_PURGE2 +if [ "$CONTINUE_PURGE2" = "no" ]; then + echo " Good, see you next time..." + exit +elif [ "$CONTINUE_PURGE2" = "yes" ]; then + echo "No going back, lets start..." + wait_seconds 3 +fi +done + +#Purging all jitsi meet packages +apt-get -y purge jibri \ + jicofo \ + jigasi \ + jitsi-meet \ + jitsi-meet-web \ + jitsi-meet-web-config \ + jitsi-meet-prosody \ + jitsi-meet-turnserver \ + jitsi-videobridge2 \ + prosody + +#Cleaning packages +apt-get -y autoremove +apt-get clean + +#Removing residual files +rm -r /etc/jitsi +rm -r /opt/jitsi +rm -r /usr/share/jicofo +rm -r /usr/share/jitsi-* + +#Purging debconf db +purge_debconf jicofo +purge_debconf jigasi +purge_debconf jitsi-meet +purge_debconf jitsi-meet-prosody +purge_debconf jitsi-meet-turnserver +purge_debconf jitsi-meet-web-config +purge_debconf jitsi-videobridge2 + +echo "We are done..." From e529f22bb35bab442613408e147ba6fdbb0ed62e Mon Sep 17 00:00:00 2001 From: Ark74 Date: Tue, 4 May 2021 00:37:08 -0500 Subject: [PATCH 07/16] Update copyright --- add-jibri-node.sh | 2 +- add-jvb2-node.sh | 2 +- etherpad.sh | 2 +- grafana.sh | 4 ++-- jitsi-updater.sh | 2 +- jm-bm.sh | 2 +- jra_nextcloud.sh | 2 +- mode/chp-mode.sh | 2 +- mode/grid/selenium-grid-docker.sh | 2 +- mode/jwt.sh | 2 +- quick_jibri_installer.sh | 2 +- tools/fail2ban_ssh.sh | 2 +- tools/jibri-conf-upgrade.sh | 2 +- tools/jibri-resolution-enhancer.sh | 2 +- tools/start-over.sh | 3 ++- tools/test-jibri-env.sh | 2 +- 16 files changed, 18 insertions(+), 17 deletions(-) diff --git a/add-jibri-node.sh b/add-jibri-node.sh index 00966d7..43d9c4f 100644 --- a/add-jibri-node.sh +++ b/add-jibri-node.sh @@ -1,6 +1,6 @@ #!/bin/bash # Jibri Node Aggregator -# SwITNet Ltd © - 2020, https://switnet.net/ +# SwITNet Ltd © - 2021, https://switnet.net/ # GPLv3 or later. ### 0_LAST EDITION TIME STAMP ### diff --git a/add-jvb2-node.sh b/add-jvb2-node.sh index a651b07..61478d4 100644 --- a/add-jvb2-node.sh +++ b/add-jvb2-node.sh @@ -1,6 +1,6 @@ #!/bin/bash # JVB2 Node Aggregator -# SwITNet Ltd © - 2020, https://switnet.net/ +# SwITNet Ltd © - 2021, https://switnet.net/ # GPLv3 or later. ### 0_LAST EDITION TIME STAMP ### diff --git a/etherpad.sh b/etherpad.sh index 29736b4..508a6c7 100644 --- a/etherpad.sh +++ b/etherpad.sh @@ -1,6 +1,6 @@ #!/bin/bash # Etherpad Installer for Jitsi Meet -# SwITNet Ltd © - 2020, https://switnet.net/ +# SwITNet Ltd © - 2021, https://switnet.net/ # # GPLv3 or later. diff --git a/grafana.sh b/grafana.sh index f5aba5b..2fb7419 100644 --- a/grafana.sh +++ b/grafana.sh @@ -7,8 +7,8 @@ # - https://grafana.com/grafana/dashboards/11969 # by "mephisto" # -# Igor Kerstges © - 2020 -# SwITNet Ltd © - 2020, https://switnet.net/ +# Igor Kerstges © - 2021 +# SwITNet Ltd © - 2021, https://switnet.net/ # # GPLv3 or later. diff --git a/jitsi-updater.sh b/jitsi-updater.sh index 52c537d..df2be6c 100644 --- a/jitsi-updater.sh +++ b/jitsi-updater.sh @@ -1,7 +1,7 @@ #!/bin/bash # Jitsi Meet recurring upgrader and customization keeper # for Debian/*buntu binaries. -# 2020 - SwITNet Ltd +# SwITNet Ltd © - 2021, https://switnet.net/ # GNU GPLv3 or later. Blue='\e[0;34m' diff --git a/jm-bm.sh b/jm-bm.sh index a500639..c4ace6b 100644 --- a/jm-bm.sh +++ b/jm-bm.sh @@ -1,7 +1,7 @@ #!/bin/bash # Jitsi Meet brandless mode # for Debian/*buntu binaries. -# 2020 - SwITNet Ltd +# SwITNet Ltd © - 2021, https://switnet.net/ # GNU GPLv3 or later. DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')" diff --git a/jra_nextcloud.sh b/jra_nextcloud.sh index d5d9479..0fa958f 100644 --- a/jra_nextcloud.sh +++ b/jra_nextcloud.sh @@ -1,6 +1,6 @@ #!/bin/bash # JRA (Jibri Recordings Access) via Nextcloud -# SwITNet Ltd © - 2020, https://switnet.net/ +# SwITNet Ltd © - 2021, https://switnet.net/ # GPLv3 or later. while getopts m: option do diff --git a/mode/chp-mode.sh b/mode/chp-mode.sh index 2e8d63b..8e0f7e9 100644 --- a/mode/chp-mode.sh +++ b/mode/chp-mode.sh @@ -1,6 +1,6 @@ #!/bin/bash # Custom High Performance Jitsi conf -# SwITNet Ltd © - 2020, https://switnet.net/ +# SwITNet Ltd © - 2021, https://switnet.net/ # GPLv3 or later. #Check if user is root diff --git a/mode/grid/selenium-grid-docker.sh b/mode/grid/selenium-grid-docker.sh index 6b5870b..9b5a268 100644 --- a/mode/grid/selenium-grid-docker.sh +++ b/mode/grid/selenium-grid-docker.sh @@ -1,7 +1,7 @@ #!/bin/bash # Custom Selenium Grid-Node fro Jitsi Meet # Pandian © - https://community.jitsi.org/u/Pandian -# SwITNet Ltd © - 2020, https://switnet.net/ +# SwITNet Ltd © - 2021, https://switnet.net/ # GPLv3 or later. #Check if user is root diff --git a/mode/jwt.sh b/mode/jwt.sh index 430c0aa..b92953a 100644 --- a/mode/jwt.sh +++ b/mode/jwt.sh @@ -1,6 +1,6 @@ #!/bin/bash # JWT Mode Setup -# SwITNet Ltd © - 2020, https://switnet.net/ +# SwITNet Ltd © - 2021, https://switnet.net/ # GPLv3 or later. DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++') MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js" diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index 8132bcf..a526887 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -1,6 +1,6 @@ #!/bin/bash # Quick Jibri Installer - *buntu (LTS) based systems. -# SwITNet Ltd © - 2020, https://switnet.net/ +# SwITNet Ltd © - 2021, https://switnet.net/ # GPLv3 or later. { echo "Started at $(date +'%Y-%m-%d %H:%M:%S')" >> qj-installer.log diff --git a/tools/fail2ban_ssh.sh b/tools/fail2ban_ssh.sh index d61fb71..84257a0 100644 --- a/tools/fail2ban_ssh.sh +++ b/tools/fail2ban_ssh.sh @@ -1,6 +1,6 @@ #!/bin/bash # Simple Fail2ban configuration -# 2020 - SwITNet Ltd +# SwITNet Ltd © - 2021, https://switnet.net/ # GNU GPLv3 or later. while getopts m: option diff --git a/tools/jibri-conf-upgrade.sh b/tools/jibri-conf-upgrade.sh index c559782..d244189 100644 --- a/tools/jibri-conf-upgrade.sh +++ b/tools/jibri-conf-upgrade.sh @@ -1,6 +1,6 @@ #!/bin/bash # Simple Jibri conf updater -# 2020 - SwITNet Ltd +# SwITNet Ltd © - 2021, https://switnet.net/ # GNU GPLv3 or later. while getopts m: option diff --git a/tools/jibri-resolution-enhancer.sh b/tools/jibri-resolution-enhancer.sh index 13aa27a..1adb9dd 100644 --- a/tools/jibri-resolution-enhancer.sh +++ b/tools/jibri-resolution-enhancer.sh @@ -1,6 +1,6 @@ #!/bin/bash # Simple Jibri resolution enhancer -# 2021 - SwITNet Ltd +# SwITNet Ltd © - 2021, https://switnet.net/ # GNU GPLv3 or later. while getopts m: option diff --git a/tools/start-over.sh b/tools/start-over.sh index dc0cbb2..58c23e0 100644 --- a/tools/start-over.sh +++ b/tools/start-over.sh @@ -1,6 +1,7 @@ #!/bin/bash #Start over - +# SwITNet Ltd © - 2021, https://switnet.net/ +# GPLv3 or later. while getopts m: option do diff --git a/tools/test-jibri-env.sh b/tools/test-jibri-env.sh index 6ade25b..4f8e9ee 100644 --- a/tools/test-jibri-env.sh +++ b/tools/test-jibri-env.sh @@ -1,6 +1,6 @@ #!/bin/bash # Simple Jibri Env tester -# 2020 - SwITNet Ltd +# SwITNet Ltd © - 2021, https://switnet.net/ # GNU GPLv3 or later. while getopts m: option From 70c809f222c2fdc9c6ffcf9d2493287c85ea2d32 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Tue, 4 May 2021 19:43:12 -0500 Subject: [PATCH 08/16] Improve distro renaming for trisquel --- quick_jibri_installer.sh | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index a526887..182f0e7 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -42,12 +42,16 @@ fi } exit_ifinstalled jitsi-meet -if [ $DIST = flidas ]; then -DIST="xenial" -fi -if [ $DIST = etiona ]; then -DIST="bionic" +rename_distro() { +if [ "$DIST" = "$1" ]; then + DIST="$2" fi +} +#Trisquel distro renaming +rename_distro flidas xenial +rename_distro etiona bionic +rename_distro nabia focal + install_ifnot() { if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then echo " $1 is installed, skipping..." From 0e3922c89ea964d56fbed52999671a65d84967a4 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Thu, 6 May 2021 01:08:25 -0500 Subject: [PATCH 09/16] Improve cleaning on star-over --- quick_jibri_installer.sh | 16 ++++++++-------- tools/start-over.sh | 38 +++++++++++++++++++++++++++++++++----- 2 files changed, 41 insertions(+), 13 deletions(-) diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index 182f0e7..28b27e0 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -661,14 +661,14 @@ WAN_IP=$(dig +short myip.opendns.com @resolver1.opendns.com) ssl_wa() { if [ "$LE_SSL" = "yes" ]; then -systemctl stop $1 - letsencrypt certonly --standalone --renew-by-default --agree-tos --email $5 -d $6 - sed -i "s|/etc/jitsi/meet/$3.crt|/etc/letsencrypt/live/$3/fullchain.pem|" $4 - sed -i "s|/etc/jitsi/meet/$3.key|/etc/letsencrypt/live/$3/privkey.pem|" $4 -systemctl restart $1 - #Add cron - crontab -l | { cat; echo "@weekly certbot renew --${2} > $LE_RENEW_LOG 2>&1"; } | crontab - - crontab -l + systemctl stop $1 + letsencrypt certonly --standalone --renew-by-default --agree-tos --email $5 -d $6 + sed -i "s|/etc/jitsi/meet/$3.crt|/etc/letsencrypt/live/$3/fullchain.pem|" $4 + sed -i "s|/etc/jitsi/meet/$3.key|/etc/letsencrypt/live/$3/privkey.pem|" $4 + systemctl restart $1 + #Add cron + crontab -l | { cat; echo "@weekly certbot renew --${2} > $LE_RENEW_LOG 2>&1"; } | crontab - + crontab -l fi } diff --git a/tools/start-over.sh b/tools/start-over.sh index 58c23e0..d784006 100644 --- a/tools/start-over.sh +++ b/tools/start-over.sh @@ -31,9 +31,26 @@ while [ $secs -gt 0 ]; do : $((secs--)) done } +remove_residuals() { + if [ -d $1 ]; then + rm -r $1 + fi +} purge_debconf() { echo PURGE | debconf-communicate $1 } +remove_services() { + systemctl disable $1 + systemctl stop $1 +} +echo -e ' +######################################################################## + Welcome to the Start Over cleaner script +######################################################################## + by Software, IT & Networks Ltd +\n' + +SYNC_USER="$(ls /home|awk '/jbsync/{print}')" echo "We are about to remove and clean all the jitsi-meet plaform bits and pieces... Please make sure you have backed up anything you don't want to loose." @@ -62,7 +79,7 @@ if [ "$CONTINUE_PURGE2" = "no" ]; then exit elif [ "$CONTINUE_PURGE2" = "yes" ]; then echo "No going back, lets start..." - wait_seconds 3 + wait_seconds 5 fi done @@ -78,15 +95,18 @@ apt-get -y purge jibri \ jitsi-videobridge2 \ prosody +#Services stop +remove_services jibri* + #Cleaning packages apt-get -y autoremove apt-get clean #Removing residual files -rm -r /etc/jitsi -rm -r /opt/jitsi -rm -r /usr/share/jicofo -rm -r /usr/share/jitsi-* +remove_residuals /etc/jitsi +remove_residuals /opt/jitsi +remove_residuals /usr/share/jicofo +remove_residuals /usr/share/jitsi-* #Purging debconf db purge_debconf jicofo @@ -97,4 +117,12 @@ purge_debconf jitsi-meet-turnserver purge_debconf jitsi-meet-web-config purge_debconf jitsi-videobridge2 +#Remove unused users +if [ ! -z $SYNC_USER ]; then + deluser --remove-home $SYNC_USER +fi +if [ -d /home/jibri ]; then + deluser --remove-home jibri +fi + echo "We are done..." From 38528958e5a12cba301929f464807d1e1a07e6c1 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Thu, 6 May 2021 01:10:21 -0500 Subject: [PATCH 10/16] Testing jwt script update --- mode/jwt.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/mode/jwt.sh b/mode/jwt.sh index b92953a..30ba712 100644 --- a/mode/jwt.sh +++ b/mode/jwt.sh @@ -42,9 +42,11 @@ sed -i "s|c2s_require_encryption = true|c2s_require_encryption = false|" $PROSOD sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"token\"|}" $PROSODY_FILE sed -i "s|--app_id=\"example_app_id\"|app_id=\"$APP_ID\"|" $PROSODY_FILE sed -i "s|--app_secret=\"example_app_secret\"|app_secret=\"$SECRET_APP\"|" $PROSODY_FILE -sed -i "/app_secret/a \ \ \ \ \ \ \ \ asap_accepted_issuers = { \"$APP_ID\" }" $PROSODY_FILE -sed -i "/app_secret/a \ \ \ \ \ \ \ \ asap_accepted_audiences = { \"$APP_ID\", \"RocketChat\" }" $PROSODY_FILE -#allow_empty_token = false +sed -i "/app_secret/a \ \ \ \ asap_accepted_issuers = { \"$APP_ID\" }" $PROSODY_FILE +sed -i "/app_secret/a \ \ \ \ asap_accepted_audiences = { \"$APP_ID\", \"RocketChat\" }" $PROSODY_FILE +sed -i "/app_secret/a \\\\" $PROSODY_FILE +sed -i "s|--allow_empty_token =.*|allow_empty_token = false|" $PROSODY_FILE +sed -i 's|--"token_verification"|"token_verification"|' $PROSODY_FILE #Request auth sed -i "s|#org.jitsi.jicofo.auth.URL=EXT_JWT:|org.jitsi.jicofo.auth.URL=EXT_JWT:|" $JICOFO_SIP @@ -57,7 +59,7 @@ VirtualHost "recorder.$DOMAIN" modules_enabled = { "ping"; } - authentication = "internal_plain" + authentication = "internal_hashed" REC-JIBRI @@ -68,9 +70,7 @@ VirtualHost "guest.$DOMAIN" authentication = "token" allow_empty_token = true c2s_require_encryption = false --- muc_lobby_whitelist = { "recorder.$DOMAIN", "auth.$DOMAIN" } speakerstats_component = "speakerstats.$DOMAIN" --- conference_duration_component = "conferenceduration.$DOMAIN" app_id="$APP_ID"; app_secret="$SECRET_APP"; @@ -81,8 +81,8 @@ VirtualHost "guest.$DOMAIN" P_SR echo -e "\nUse the following for your App (e.g. Rocket.Chat):\n" -echo -e "\n$APP_ID" && \ -echo -e "$SECRET_APP\n" +echo -e "\nAPP_ID: $APP_ID" && \ +echo -e "SECRET_APP: $SECRET_APP\n" echo -e "You can test JWT authentication with the following token:\n" pyjwt3 --key="$SECRET_APP" \ From 702b761fa338fe4fa716132d94c4e8bfb74341f4 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Thu, 6 May 2021 01:58:58 -0500 Subject: [PATCH 11/16] Last tweaks on JWT --- mode/jwt.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/mode/jwt.sh b/mode/jwt.sh index 30ba712..a19aa41 100644 --- a/mode/jwt.sh +++ b/mode/jwt.sh @@ -42,6 +42,9 @@ sed -i "s|c2s_require_encryption = true|c2s_require_encryption = false|" $PROSOD sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"token\"|}" $PROSODY_FILE sed -i "s|--app_id=\"example_app_id\"|app_id=\"$APP_ID\"|" $PROSODY_FILE sed -i "s|--app_secret=\"example_app_secret\"|app_secret=\"$SECRET_APP\"|" $PROSODY_FILE +sed -i "/app_secret/a \\\\" $PROSODY_FILE +sed -i "/app_secret/a \ \ \ \ allow_empty_token = false" $PROSODY_FILE +sed -i "/app_secret/a \\\\" $PROSODY_FILE sed -i "/app_secret/a \ \ \ \ asap_accepted_issuers = { \"$APP_ID\" }" $PROSODY_FILE sed -i "/app_secret/a \ \ \ \ asap_accepted_audiences = { \"$APP_ID\", \"RocketChat\" }" $PROSODY_FILE sed -i "/app_secret/a \\\\" $PROSODY_FILE From 449a7124ac3a02f4a22a893d8ff50e0edee0393a Mon Sep 17 00:00:00 2001 From: Ark74 Date: Thu, 6 May 2021 02:00:05 -0500 Subject: [PATCH 12/16] Fix package name --- tools/jibri-resolution-enhancer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/jibri-resolution-enhancer.sh b/tools/jibri-resolution-enhancer.sh index 1adb9dd..95342dd 100644 --- a/tools/jibri-resolution-enhancer.sh +++ b/tools/jibri-resolution-enhancer.sh @@ -32,7 +32,7 @@ Exiting..." exit fi -apt-get -y install apt-show-version +apt-get -y install apt-show-versions JIBRI_OPT="/opt/jitsi/jibri" JIBRI_ENH_PATH="/opt/jibri-res-enhancer" From d638825a59c7c10e2596676b9fe2d3e63af8d247 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Thu, 6 May 2021 02:16:52 -0500 Subject: [PATCH 13/16] Fix path && add clean 'procedure' --- tools/jibri-resolution-enhancer.sh | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/tools/jibri-resolution-enhancer.sh b/tools/jibri-resolution-enhancer.sh index 95342dd..a08771b 100644 --- a/tools/jibri-resolution-enhancer.sh +++ b/tools/jibri-resolution-enhancer.sh @@ -52,7 +52,7 @@ cd /tmp/jibri apt-get download jibri=$INSTALLED_JIBRI_VERSION ar x jibri_*.deb tar xvf data.tar.xz -UPSTREAM_DEB_JAR_SUM="$(md5sum opt/jitsi/jibri/jibri.jar |awk '{print$1}')" +UPSTREAM_DEB_JAR_SUM="$(md5sum 2>/dev/null /tmp/jibri/opt/jitsi/jibri/jibri.jar |awk '{print$1}')" if [ -z $UPSTREAM_DEB_JAR_SUM ]; then echo "Not possible to continue, exiting..." @@ -99,11 +99,13 @@ if [ "$JIBRI_RES_ENH_HASH" = "$USED_JIBRI_HASH" ]; then else echo "Something went wrong, restoring default package..." if [ "$(md5sum $JIBRI_OPT/jibri-dpkg-package.jar)" = "$UPSTREAM_DEB_JAR_SUM" ]; then - cp $JIBRI_OPT/jibri-dpkg-package.jar $JIBRI_OPT/jibri.jar + cp $JIBRI_OPT/jibri-dpkg-package.jar $JIBRI_OPT/jibri.jar + CLEAN="true" else if [ -f /tmp/jibri/opt/jitsi/jibri/jibri.jar ]; then echo "Restoring from upstream package..." cp /tmp/jibri/opt/jitsi/jibri/jibri.jar $JIBRI_OPT/jibri.jar + CLEAN="true" else echo "Wow, someone took the time to avoid restauration, please manually review your changes." echo "Exiting..." @@ -113,3 +115,8 @@ else fi systemctl restart jibri* +if [ "$CLEAN" = "true" ]; then + rm -r /tmp/jibri + rm -r $JIBRI_ENH_PATH + rm /opt/jitsi/jibri/jibri-res_enh.jar +fi From a5ee5c58a5f48b5d22d71a72d70aa08653918319 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Thu, 6 May 2021 02:25:02 -0500 Subject: [PATCH 14/16] Fix md5sum value --- tools/jibri-resolution-enhancer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/jibri-resolution-enhancer.sh b/tools/jibri-resolution-enhancer.sh index a08771b..88d7adb 100644 --- a/tools/jibri-resolution-enhancer.sh +++ b/tools/jibri-resolution-enhancer.sh @@ -81,7 +81,7 @@ JIBRI_JAR="$(ls -Sh $JIBRI_ENH_PATH/target|awk '/dependencies/&&/.jar/{print}'|a cp $JIBRI_ENH_PATH/target/$JIBRI_JAR $JIBRI_ENH_PATH/target/jibri.jar # Backing up default binaries -if [ "$UPSTREAM_DEB_JAR_SUM" = "$(md5sum $JIBRI_OPT/jibri.jar)" ]; then +if [ "$UPSTREAM_DEB_JAR_SUM" = "$(md5sum 2>/dev/null $JIBRI_OPT/jibri.jar|awk '{print$1}')" ]; then cp $JIBRI_OPT/jibri.jar $JIBRI_OPT/jibri-dpkg-package.jar fi From 0139090e7c7166580e305ac57bbe166a01be668e Mon Sep 17 00:00:00 2001 From: Ark74 Date: Thu, 6 May 2021 02:48:22 -0500 Subject: [PATCH 15/16] Fix md5sum once again --- tools/jibri-resolution-enhancer.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/jibri-resolution-enhancer.sh b/tools/jibri-resolution-enhancer.sh index 88d7adb..60c23fc 100644 --- a/tools/jibri-resolution-enhancer.sh +++ b/tools/jibri-resolution-enhancer.sh @@ -91,14 +91,14 @@ if [ -f $JIBRI_OPT/jibri-dpkg-package.jar ];then cp $JIBRI_OPT/jibri-res_enh.jar $JIBRI_OPT/jibri.jar fi -JIBRI_RES_ENH_HASH="$(md5sum $JIBRI_OPT/jibri-res_enh.jar)" -USED_JIBRI_HASH="$(md5sum $JIBRI_OPT/jibri.jar)" +JIBRI_RES_ENH_HASH="$(md5sum 2>/dev/null $JIBRI_OPT/jibri-res_enh.jar|awk '{print$1}')" +USED_JIBRI_HASH="$(md5sum 2>/dev/null $JIBRI_OPT/jibri.jar|awk '{print$1}')" if [ "$JIBRI_RES_ENH_HASH" = "$USED_JIBRI_HASH" ]; then echo "Everything seems to have gone well." else echo "Something went wrong, restoring default package..." - if [ "$(md5sum $JIBRI_OPT/jibri-dpkg-package.jar)" = "$UPSTREAM_DEB_JAR_SUM" ]; then + if [ "$(md5sum 2>/dev/null $JIBRI_OPT/jibri-dpkg-package.jar|awk '{print$1}')" = "$UPSTREAM_DEB_JAR_SUM" ]; then cp $JIBRI_OPT/jibri-dpkg-package.jar $JIBRI_OPT/jibri.jar CLEAN="true" else From ccfe9724411715d940742bde72f9afa48a85ca2c Mon Sep 17 00:00:00 2001 From: Ark74 Date: Thu, 6 May 2021 02:55:22 -0500 Subject: [PATCH 16/16] Closing recommendation. --- tools/jibri-resolution-enhancer.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tools/jibri-resolution-enhancer.sh b/tools/jibri-resolution-enhancer.sh index 60c23fc..0211749 100644 --- a/tools/jibri-resolution-enhancer.sh +++ b/tools/jibri-resolution-enhancer.sh @@ -113,10 +113,11 @@ else fi fi fi -systemctl restart jibri* - if [ "$CLEAN" = "true" ]; then rm -r /tmp/jibri rm -r $JIBRI_ENH_PATH rm /opt/jitsi/jibri/jibri-res_enh.jar fi + +systemctl restart jibri +echo "This will be a good time to test the enhanced resolution."