forked from switnet/quick-jibri-installer
Merge pull request #6 from switnet-ltd/unstable
Merge and track latest features on stable
This commit is contained in:
commit
929c1df83c
|
@ -26,6 +26,11 @@ ENABLE_BLESSM="TBD"
|
|||
CHD_LST="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
|
||||
CHDB="$(whereis chromedriver | awk '{print$2}')"
|
||||
DOMAIN="$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')"
|
||||
NC_DOMAIN="TBD"
|
||||
JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
|
||||
if [ -f $JITSI_MEET_PROXY ];then
|
||||
PREAD_PROXY=$(grep -nr "preread_server_name" $JITSI_MEET_PROXY | cut -d ":" -f1)
|
||||
fi
|
||||
INT_CONF="/usr/share/jitsi-meet/interface_config.js"
|
||||
jibri_packages="$(grep Package /var/lib/apt/lists/download.jitsi.org_*_Packages |sort -u|awk '{print $2}'|sed 's|jigasi||'|paste -s -d ' ')"
|
||||
AVATAR="$(grep -r avatar /etc/nginx/sites-*/ 2>/dev/null)"
|
||||
|
@ -154,6 +159,22 @@ fi
|
|||
printf "${Purple}========== Disable Blur my background ==========${Color_Off}\n"
|
||||
sed -i "s|'videobackgroundblur', ||" $INT_CONF
|
||||
|
||||
|
||||
if [ ! "$NC_DOMAIN" = "TBD" ];
|
||||
printf "${Purple}========== Enable $NC_DOMAIN for sync client ==========${Color_Off}\n"
|
||||
if [ -z $PREAD_PROXY ]; then
|
||||
echo "
|
||||
Setting up Nextcloud domain on Jitsi Meet turn proxy
|
||||
"
|
||||
sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" $JITSI_MEET_PROXY
|
||||
sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" $JITSI_MEET_PROXY
|
||||
sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" $JITSI_MEET_PROXY
|
||||
sed -i "/server {/i \ \ }" $JITSI_MEET_PROXY
|
||||
else
|
||||
echo "$NC_DOMAIN seems to be on place, skipping..."
|
||||
fi
|
||||
fi
|
||||
|
||||
restart_services
|
||||
|
||||
|
||||
|
|
|
@ -171,7 +171,7 @@ echo "opcache.validate_timestamps=1"
|
|||
systemctl restart php$PHPVER-fpm.service
|
||||
|
||||
#--------------------------------------------------
|
||||
# Create MySQL user
|
||||
# Create DB user
|
||||
#--------------------------------------------------
|
||||
|
||||
echo -e "\n---- Creating the PgSQL DB & User ----"
|
||||
|
@ -186,6 +186,7 @@ echo "Done!
|
|||
|
||||
#nginx - configuration
|
||||
cat << NC_NGINX > $NC_NGINX_CONF
|
||||
#nextcloud config
|
||||
upstream php-handler {
|
||||
#server 127.0.0.1:9000;
|
||||
server unix:/run/php/php${PHPVER}-fpm.sock;
|
||||
|
@ -346,7 +347,7 @@ if [ "$ENABLE_HSTS" = "yes" ]; then
|
|||
sed -i "s|# add_header Strict-Transport-Security|add_header Strict-Transport-Security|g" $NC_NGINX_CONF
|
||||
fi
|
||||
|
||||
if [ "$DISTRO_RELEASE" = "bionic" ] && [ -z $PREAD_PROXY ]; then
|
||||
if [ ! "$DISTRO_RELEASE" = "xenial" ] && [ -z $PREAD_PROXY ]; then
|
||||
echo "
|
||||
Setting up Nextcloud domain on Jitsi Meet turn proxy
|
||||
"
|
||||
|
|
|
@ -21,8 +21,6 @@ fi
|
|||
|
||||
# SYSTEM SETUP
|
||||
JITSI_REPO=$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f1)
|
||||
CERTBOT_REPO=$(apt-cache policy | grep http | grep certbot | head -n 1 | awk '{print $2}' | cut -d "/" -f4)
|
||||
CERTBOT_REL_FILE="http://ppa.launchpad.net/certbcertbot/ubuntu/dists/$(lsb_release -sc)/Release"
|
||||
APACHE_2=$(dpkg-query -W -f='${Status}' apache2 2>/dev/null | grep -c "ok installed")
|
||||
NGINX=$(dpkg-query -W -f='${Status}' nginx 2>/dev/null | grep -c "ok installed")
|
||||
DIST=$(lsb_release -sc)
|
||||
|
@ -94,6 +92,17 @@ else
|
|||
wget -qO - https://prosody.im/files/prosody-debian-packages.key | apt-key add -
|
||||
fi
|
||||
}
|
||||
dpkg-compare() {
|
||||
dpkg --compare-versions $(dpkg-query -f='${Version}' --show $1) $2 $3
|
||||
}
|
||||
wait_seconds() {
|
||||
secs=$(($1))
|
||||
while [ $secs -gt 0 ]; do
|
||||
echo -ne "$secs\033[0K\r"
|
||||
sleep 1
|
||||
: $((secs--))
|
||||
done
|
||||
}
|
||||
clear
|
||||
echo '
|
||||
########################################################################
|
||||
|
@ -161,7 +170,9 @@ else
|
|||
fi
|
||||
if [ "$CPU_MIN" = "Y" ] && [ "$MEM_MIN" = "Y" ];then
|
||||
echo "All requirements seems meet!"
|
||||
echo "We hope you have a nice recording/streaming session"
|
||||
echo "
|
||||
- We hope you have a nice recording/streaming session
|
||||
"
|
||||
else
|
||||
echo "CPU ($(nproc --all))/RAM ($((mem_available/1024)) MiB) does NOT meet minimum recommended requirements!"
|
||||
echo "Even when you can use the videconference sessions, we advice to increase the resoruces in order to user Jibri."
|
||||
|
@ -177,9 +188,12 @@ else
|
|||
done
|
||||
fi
|
||||
#Prosody repository
|
||||
#add_prosody_repo
|
||||
add_prosody_repo
|
||||
|
||||
# Jitsi-Meet Repo
|
||||
echo "Add Jitsi key"
|
||||
echo "
|
||||
Add Jitsi repo
|
||||
"
|
||||
if [ "$JITSI_REPO" = "stable" ]; then
|
||||
echo "Jitsi stable repository already installed"
|
||||
else
|
||||
|
@ -192,7 +206,7 @@ do
|
|||
read -p "> Do you plan to use Let's Encrypt SSL certs?: (yes or no)"$'\n' -r LE_SSL
|
||||
if [ $LE_SSL = yes ]; then
|
||||
echo "We'll defaul to Let's Encrypt SSL certs."
|
||||
elif [ $LE_SSL = no ]; then
|
||||
else
|
||||
echo "We'll let you choose later on for it."
|
||||
fi
|
||||
done
|
||||
|
@ -305,7 +319,7 @@ echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > $GCMP_JSON
|
|||
|
||||
echo '
|
||||
########################################################################
|
||||
Please Setup Your Instalation
|
||||
Please Setup Your Installation
|
||||
########################################################################
|
||||
'
|
||||
# MEET / JIBRI SETUP
|
||||
|
@ -325,6 +339,10 @@ LE_RENEW_LOG="/var/log/letsencrypt/renew.log"
|
|||
MOD_LISTU="https://prosody.im/files/mod_listusers.lua"
|
||||
MOD_LIST_FILE="/usr/lib/prosody/modules/mod_listusers.lua"
|
||||
ENABLE_SA="yes"
|
||||
CERTBOT_REPO=$(apt-cache policy | grep http | grep certbot | head -n 1 | awk '{print $2}' | cut -d "/" -f4)
|
||||
CERTBOT_REL_FILE="http://ppa.launchpad.net/certbot/certbot/ubuntu/dists/$(lsb_release -sc)/Release"
|
||||
GC_SDK_REL_FILE="http://packages.cloud.google.com/apt/dists/cloud-sdk-$(lsb_release -sc)/Release"
|
||||
|
||||
#Sysadmin email
|
||||
while [[ -z $SYSADMIN_EMAIL ]]
|
||||
do
|
||||
|
@ -359,7 +377,7 @@ else
|
|||
read -p "> Do you want to setup LetsEncrypt with your domain: (yes or no)"$'\n' -r ENABLE_SSL
|
||||
if [ "$ENABLE_SSL" = "no" ]; then
|
||||
echo "Please run letsencrypt.sh manually post-installation."
|
||||
elif [ "$ENABLE_SSL" = "yes" ]; then
|
||||
else
|
||||
echo "SSL will be enabled."
|
||||
fi
|
||||
done
|
||||
|
@ -406,7 +424,7 @@ done
|
|||
#Enable static avatar
|
||||
while [[ "$ENABLE_SA" != "yes" && "$ENABLE_SA" != "no" ]]
|
||||
do
|
||||
read -p "> Do you want to enable static avatar?: (yes or no)"$'\n' -r ENABLE_SA
|
||||
read -p "> (Legacy) Do you want to enable static avatar?: (yes or no)"$'\n' -r ENABLE_SA
|
||||
if [ "$ENABLE_SA" = "no" ]; then
|
||||
echo "Static avatar won't be enabled"
|
||||
elif [ "$ENABLE_SA" = "yes" ]; then
|
||||
|
@ -441,20 +459,39 @@ do
|
|||
read -p "> Do you want to setup Jibri Records Access via Nextcloud: (yes or no)
|
||||
( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )"$'\n' -r ENABLE_NC_ACCESS
|
||||
if [ "$ENABLE_NC_ACCESS" = "no" ]; then
|
||||
echo "JRA via Nextcloud won't be enabled."
|
||||
echo "-- JRA via Nextcloud won't be enabled."
|
||||
elif [ "$ENABLE_NC_ACCESS" = "yes" ]; then
|
||||
echo "JRA via Nextcloud will be enabled."
|
||||
echo "-- JRA via Nextcloud will be enabled."
|
||||
fi
|
||||
done
|
||||
#Jigasi
|
||||
while [[ "$ENABLE_TRANSCRIPT" != "yes" && "$ENABLE_TRANSCRIPT" != "no" ]]
|
||||
do
|
||||
if [ "$(curl -s -o /dev/null -w "%{http_code}" $GC_SDK_REL_FILE )" == "404" ]; then
|
||||
echo "> Sorry Google SDK doesn't have support yet for $(lsb_release -sd),"
|
||||
echo "thus, Jigasi Transcript can't be enable."
|
||||
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $GC_SDK_REL_FILE )" == "200" ]; then
|
||||
while [[ "$ENABLE_TRANSCRIPT" != "yes" && "$ENABLE_TRANSCRIPT" != "no" ]]
|
||||
do
|
||||
read -p "> Do you want to setup Jigasi Transcription: (yes or no)
|
||||
( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )"$'\n' -r ENABLE_TRANSCRIPT
|
||||
if [ "$ENABLE_TRANSCRIPT" = "no" ]; then
|
||||
echo "Jigasi Transcription won't be enabled."
|
||||
elif [ "$ENABLE_TRANSCRIPT" = "yes" ]; then
|
||||
echo "Jigasi Transcription will be enabled."
|
||||
if [ "$ENABLE_TRANSCRIPT" = "no" ]; then
|
||||
echo "-- Jigasi Transcription won't be enabled."
|
||||
elif [ "$ENABLE_TRANSCRIPT" = "yes" ]; then
|
||||
echo "-- Jigasi Transcription will be enabled."
|
||||
fi
|
||||
done
|
||||
else
|
||||
echo "No valid option for Jigasi.Please report this to
|
||||
https://github.com/switnet-ltd/quick-jibri-installer/issues "
|
||||
fi
|
||||
#Grafana
|
||||
while [[ "$ENABLE_GRAFANA_DSH" != "yes" && "$ENABLE_GRAFANA_DSH" != "no" ]]
|
||||
do
|
||||
read -p "> Do you want to setup Grafana Dashboard: (yes or no)
|
||||
( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )"$'\n' -r ENABLE_GRAFANA_DSH
|
||||
if [ "$ENABLE_GRAFANA_DSH" = "no" ]; then
|
||||
echo "-- Grafana Dashboard won't be enabled."
|
||||
elif [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then
|
||||
echo "-- Grafana Dashboard will be enabled."
|
||||
fi
|
||||
done
|
||||
#Grafana
|
||||
|
@ -507,8 +544,7 @@ Checking for updates...
|
|||
"
|
||||
apt-get -q2 update
|
||||
apt-get -yq2 dist-upgrade
|
||||
else
|
||||
if [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "200" ]; then
|
||||
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "200" ]; then
|
||||
echo "
|
||||
Adding cerbot (formerly letsencrypt) PPA repository for latest updates
|
||||
"
|
||||
|
@ -516,12 +552,10 @@ Adding cerbot (formerly letsencrypt) PPA repository for latest updates
|
|||
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 75BCA694
|
||||
apt-get -q2 update
|
||||
apt-get -yq2 dist-upgrade
|
||||
fi
|
||||
if [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "404" ]; then
|
||||
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "404" ]; then
|
||||
echo "
|
||||
Certbot PPA is not available for $(lsb_release -sc) just yet, it won't be installed...
|
||||
"
|
||||
fi
|
||||
fi
|
||||
|
||||
else
|
||||
|
@ -550,6 +584,7 @@ restart_services() {
|
|||
|
||||
# Configure Jibri
|
||||
## PROSODY
|
||||
if dpkg-compare prosody lt 0.11.0 ; then
|
||||
cat << MUC-JIBRI >> $PROSODY_FILE
|
||||
|
||||
-- internal muc component, meant to enable pools of jibri and jigasi clients
|
||||
|
@ -561,7 +596,7 @@ Component "internal.auth.$DOMAIN" "muc"
|
|||
muc_room_cache_size = 1000
|
||||
|
||||
MUC-JIBRI
|
||||
|
||||
fi
|
||||
cat << REC-JIBRI >> $PROSODY_FILE
|
||||
|
||||
VirtualHost "recorder.$DOMAIN"
|
||||
|
@ -571,12 +606,17 @@ VirtualHost "recorder.$DOMAIN"
|
|||
authentication = "internal_plain"
|
||||
|
||||
REC-JIBRI
|
||||
#Enable Jibri withelist
|
||||
sed -i "s| -- muc_lobby_whitelist| muc_lobby_whitelist|" $PROSODY_FILE
|
||||
|
||||
#Fix Jibri conectivity issues
|
||||
#if dpkg-compare prosody lt 0.11.0 ; then
|
||||
sed -i "s|c2s_require_encryption = .*|c2s_require_encryption = false|" $PROSODY_SYS
|
||||
sed -i "/c2s_require_encryption = false/a \\
|
||||
\\
|
||||
consider_bosh_secure = true" $PROSODY_SYS
|
||||
#fi
|
||||
|
||||
if [ ! -z $L10N_PARTICIPANT ]; then
|
||||
sed -i "s|PART_USER=.*|PART_USER=\"$L10N_PARTICIPANT\"|" jm-bm.sh
|
||||
fi
|
||||
|
@ -763,11 +803,11 @@ if [ "$ENABLE_SA" = "yes" ] && [ -f $WS_CONF ]; then
|
|||
sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" $INT_CONF
|
||||
fi
|
||||
#nginx -tlsv1/1.1
|
||||
if [ "$DROP_TLS1" = "yes" ] && [ "$DIST" = "bionic" ];then
|
||||
if [ "$DROP_TLS1" = "yes" ] && [ ! "$DIST" = "xenial" ];then
|
||||
echo "Dropping TLSv1/1.1 in favor of v1.3"
|
||||
sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" /etc/nginx/nginx.conf
|
||||
#sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" $WS_CONF
|
||||
elif [ "$DROP_TLS1" = "yes" ] && [ ! "$DIST" = "bionic" ];then
|
||||
elif [ "$DROP_TLS1" = "yes" ] && [ "$DIST" = "xenial" ];then
|
||||
echo "Only dropping TLSv1/1.1"
|
||||
sed -i "s|TLSv1 TLSv1.1||" /etc/nginx/nginx.conf
|
||||
#sed -i "s|TLSv1 TLSv1.1||" $WS_CONF
|
||||
|
@ -778,16 +818,41 @@ fi
|
|||
|
||||
# Disable "Blur my background" until new notice
|
||||
sed -i "s|'videobackgroundblur', ||" $INT_CONF
|
||||
#Setup prosody conf file==================================
|
||||
|
||||
#Setup secure rooms
|
||||
cat << P_SR >> $PROSODY_FILE
|
||||
VirtualHost "$DOMAIN"
|
||||
authentication = "internal_plain"
|
||||
SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" $PROSODY_FILE | head -n1 | cut -d ":" -f1)
|
||||
SRP_END=$((SRP_STR + 10))
|
||||
sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"internal_plain\"|}" $PROSODY_FILE
|
||||
|
||||
if dpkg-compare prosody gt 0.11.0 ; then
|
||||
cat << P_SR >> $PROSODY_FILE
|
||||
|
||||
VirtualHost "guest.$DOMAIN"
|
||||
authentication = "anonymous"
|
||||
c2s_require_encryption = false
|
||||
speakerstats_component = "speakerstats.$DOMAIN"
|
||||
conference_duration_component = "conferenceduration.$DOMAIN"
|
||||
lobby_muc = "lobby.$DOMAIN"
|
||||
main_muc = "conference.$DOMAIN"
|
||||
|
||||
modules_enabled = {
|
||||
"speakerstats";
|
||||
"conference_duration";
|
||||
"muc_lobby_rooms";
|
||||
}
|
||||
|
||||
P_SR
|
||||
else
|
||||
cat << P_SR >> $PROSODY_FILE
|
||||
|
||||
VirtualHost "guest.$DOMAIN"
|
||||
authentication = "anonymous"
|
||||
c2s_require_encryption = false
|
||||
P_SR
|
||||
|
||||
fi
|
||||
#======================
|
||||
#Secure room initial user
|
||||
if [ "$ENABLE_SC" = "yes" ]; then
|
||||
echo "Secure rooms are being enabled..."
|
||||
|
@ -821,6 +886,15 @@ restart_services
|
|||
|
||||
enable_letsencrypt
|
||||
|
||||
if dpkg-compare prosody gt 0.11.0 && [ "$ENABLE_SC" = "yes" ]; then
|
||||
echo "Let's try wait 15s"
|
||||
wait_seconds 15
|
||||
#Temporary fix? - https://community.jitsi.org/t/27752/112
|
||||
sed -i "s| lobby_muc = \"lobby.|-- lobby_muc = \"lobby.|" $PROSODY_FILE
|
||||
sed -i "s| main_muc = \"conference.|-- main_muc = \"conference.|" $PROSODY_FILE
|
||||
#EO_TF
|
||||
fi
|
||||
|
||||
#SSL workaround
|
||||
if [ "$(dpkg-query -W -f='${Status}' nginx 2>/dev/null | grep -c "ok installed")" -eq 1 ]; then
|
||||
ssl_wa nginx nginx $DOMAIN $WS_CONF $SYSADMIN_EMAIL $DOMAIN
|
||||
|
@ -836,7 +910,8 @@ if [ "$ENABLE_BLESSM" = "yes" ]; then
|
|||
fi
|
||||
#JRA via Nextcloud
|
||||
if [ "$ENABLE_NC_ACCESS" = "yes" ]; then
|
||||
echo "Jigasi Transcription will be enabled."
|
||||
echo "JRA via Nextcloud will be enabled."
|
||||
sed -i "s|NC_DOMAIN=.*|NC_DOMAIN=\"$NC_DOMAIN\"|" jitsi-updater.sh
|
||||
bash $PWD/jra_nextcloud.sh
|
||||
fi
|
||||
} > >(tee -a qj-installer.log) 2> >(tee -a qj-installer.log >&2)
|
||||
|
@ -852,8 +927,12 @@ if [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then
|
|||
bash $PWD/grafana.sh
|
||||
fi
|
||||
#Prevent Jibri conecction issue
|
||||
if [ -z "$(grep -n $DOMAIN /etc/hosts)" ];then
|
||||
sed -i "/127.0.0.1/a \\
|
||||
127.0.0.1 $DOMAIN" /etc/hosts
|
||||
else
|
||||
echo "Local host already in place..."
|
||||
fi
|
||||
|
||||
echo "
|
||||
########################################################################
|
||||
|
@ -865,11 +944,6 @@ apt-get -y autoremove
|
|||
apt-get autoclean
|
||||
|
||||
echo "Rebooting in..."
|
||||
secs=$((15))
|
||||
while [ $secs -gt 0 ]; do
|
||||
echo -ne "$secs\033[0K\r"
|
||||
sleep 1
|
||||
: $((secs--))
|
||||
done
|
||||
wait_seconds 15
|
||||
} > >(tee -a qj-installer.log) 2> >(tee -a qj-installer.log >&2)
|
||||
reboot
|
||||
|
|
Loading…
Reference in New Issue