forked from switnet/quick-jibri-installer
Compare commits
No commits in common. "d591495e41a9f281d919503a7f0c5217ef190a81" and "a158aa570523775afb6522a48c399de13bb4eef2" have entirely different histories.
d591495e41
...
a158aa5705
|
|
@ -77,7 +77,7 @@ else
|
|||
echo "Seems no nodejs repo installed"
|
||||
fi
|
||||
# True if $1 is greater than $2
|
||||
version_gt() { dpkg --compare-versions "$1" gt "$2"; }
|
||||
version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
|
||||
|
||||
restart_jibri() {
|
||||
if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ]
|
||||
|
|
@ -116,7 +116,7 @@ update_google_repo() {
|
|||
echo "Seems no chromedriver installed"
|
||||
else
|
||||
CHD_VER_LOCAL="$($CHDB -v | awk '{print $2}')"
|
||||
CHD_VER_2D="$(cut -d. -f1,2 <<< "$CHD_VER_LOCAL")"
|
||||
CHD_VER_2D="$(awk '{printf "%.1f\n", $NF}' <<< "$CHD_VER_LOCAL")"
|
||||
fi
|
||||
}
|
||||
update_nodejs_repo() {
|
||||
|
|
@ -127,7 +127,7 @@ update_nodejs_repo() {
|
|||
check_latest_gc() {
|
||||
printwc "${Purple}" "Checking for Google Chrome\n"
|
||||
if [ -f /usr/bin/google-chrome ]; then
|
||||
GOOGL_VER_2D="$(/usr/bin/google-chrome --product-version 2>/dev/null | cut -d. -f1,2)"
|
||||
GOOGL_VER_2D="$(/usr/bin/google-chrome --version|awk '{printf "%.1f\n", $NF}')"
|
||||
else
|
||||
printwc "${Yellow}" " -> Seems there is no Google Chrome installed\n"
|
||||
IS_GLG_CHRM="no"
|
||||
|
|
@ -139,14 +139,6 @@ if [ -n "$GOOGL_VER_2D" ]; then
|
|||
check_latest_gc
|
||||
if version_gt "$GOOGL_VER_2D" "$CHD_VER_2D" ; then
|
||||
echo "Upgrading Chromedriver to Google Chromes version"
|
||||
if [ -x /usr/bin/google-chrome ]; then
|
||||
G_CHROME="$(/usr/bin/google-chrome --product-version 2>/dev/null | cut -d. -f1-3)"
|
||||
fi
|
||||
CHD_LTST_DWNL=$(curl -s $CHROMELAB_URL/known-good-versions-with-downloads.json | \
|
||||
jq -r ".versions[].downloads.chromedriver | select(. != null) | .[].url" | \
|
||||
grep linux64 | grep "$G_CHROME" | tail -1)
|
||||
CHD_LTST=$(awk -F '/' '{print$7}' <<< "$CHD_LTST_DWNL")
|
||||
CHD_LTST_2D="$(cut -d. -f1,2 <<< "$CHD_LTST")"
|
||||
wget -q "$CHD_LTST_DWNL" \
|
||||
-O /tmp/chromedriver_linux64.zip
|
||||
unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/
|
||||
|
|
@ -155,7 +147,7 @@ if [ -n "$GOOGL_VER_2D" ]; then
|
|||
chmod 0755 "$CHDB"
|
||||
rm -rf /tpm/chromedriver_linux64.zip
|
||||
printf "Current version: "
|
||||
printwc "$Green" "$($CHDB -v | awk '{print $2}' | cut -d. -f1,2)"
|
||||
printwc "$Green" "$($CHDB -v |awk '{print $2}'|awk '{printf "%.1f\n", $NF}')"
|
||||
echo -e " (latest available)\n"
|
||||
elif [ "$GOOGL_VER_2D" = "$CHD_LTST_2D" ]; then
|
||||
echo "No need to upgrade Chromedriver"
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ apt-get update -q2
|
|||
# Manually add prerequisites.
|
||||
apt-get install -y curl letsencrypt nginx
|
||||
|
||||
MIN_PHP="8.3"
|
||||
MIN_PHP="8.2"
|
||||
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
|
||||
PSGVER="$(apt-cache madison postgresql|tr -d '[:blank:]'|awk -F'[|+]' 'NR==1{print $2}')"
|
||||
NC_NGINX_SSL_PORT="$(grep "listen 44" /etc/nginx/sites-available/"$DOMAIN".conf | awk '{print$2}')"
|
||||
|
|
|
|||
40
mode/jwt.sh
40
mode/jwt.sh
|
|
@ -27,18 +27,24 @@ SECRET_APP="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 64 | head -n1)"
|
|||
SRP_STR="$(grep -n "VirtualHost \"$DOMAIN\"" "$PROSODY_FILE" | head -n1 | cut -d ":" -f1)"
|
||||
SRP_END="$((SRP_STR + 10))"
|
||||
|
||||
# Prosody 0.12 only
|
||||
if command -v prosodyctl >/dev/null 2>&1; then
|
||||
PROSODY_VER="$(prosodyctl about 2>/dev/null | sed -n 's/^Prosody //p' | awk '{print $1}')"
|
||||
case "$PROSODY_VER" in
|
||||
0.12.*) : ;;
|
||||
*) echo "Prosody $PROSODY_VER NO supported for JWT mode (required 0.12.x)"
|
||||
exit 1 ;;
|
||||
esac
|
||||
## Required openssl for Focal 20.04
|
||||
if [ "$(lsb_release -sc)" = "focal" ]; then
|
||||
echo "deb http://ppa.launchpad.net/rael-gc/rvm/ubuntu focal main" | \
|
||||
sudo tee /etc/apt/sources.list.d/rvm.list
|
||||
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys F4E3FBBE
|
||||
apt-get update
|
||||
fi
|
||||
|
||||
# Install dependencies
|
||||
apt-get -y install python3-jwt
|
||||
apt-get -y install \
|
||||
lua5.2 \
|
||||
liblua5.2 \
|
||||
luarocks \
|
||||
libssl1.0-dev \
|
||||
python3-jwt
|
||||
|
||||
luarocks install basexx
|
||||
luarocks install luacrypto
|
||||
luarocks install lua-cjson 2.1.0-1
|
||||
|
||||
echo "set jitsi-meet-tokens/appid string $APP_ID" | debconf-set-selections
|
||||
echo "set jitsi-meet-tokens/appsecret password $SECRET_APP" | debconf-set-selections
|
||||
|
|
@ -61,8 +67,7 @@ sed -i "s|--allow_empty_token =.*|allow_empty_token = false|" "$PROSODY_FILE"
|
|||
sed -i 's|--"token_verification"|"token_verification"|' "$PROSODY_FILE"
|
||||
|
||||
#Request auth
|
||||
## JWT via Prosody: don't touch Jicofo
|
||||
#sed -i "s|#org.jitsi.jicofo.auth.URL=EXT_JWT:|org.jitsi.jicofo.auth.URL=EXT_JWT:|" "$JICOFO_SIP"
|
||||
sed -i "s|#org.jitsi.jicofo.auth.URL=EXT_JWT:|org.jitsi.jicofo.auth.URL=EXT_JWT:|" "$JICOFO_SIP"
|
||||
sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" "$MEET_CONF"
|
||||
|
||||
#Enable jibri recording
|
||||
|
|
@ -78,10 +83,14 @@ REC-JIBRI
|
|||
|
||||
#Setup guests and lobby
|
||||
cat << P_SR >> "$PROSODY_FILE"
|
||||
-- #Change back lobby - https://community.jitsi.org/t/64769/136
|
||||
VirtualHost "guest.$DOMAIN"
|
||||
authentication = "jitsi-anonymous"
|
||||
authentication = "token"
|
||||
allow_empty_token = true
|
||||
c2s_require_encryption = false
|
||||
speakerstats_component = "speakerstats.$DOMAIN"
|
||||
app_id="$APP_ID";
|
||||
app_secret="$SECRET_APP";
|
||||
|
||||
modules_enabled = {
|
||||
"speakerstats";
|
||||
|
|
@ -93,15 +102,14 @@ echo -e "\nUse the following for your App (e.g. Rocket.Chat):\n"
|
|||
echo -e "\nAPP_ID: $APP_ID" && \
|
||||
echo -e "SECRET_APP: $SECRET_APP\n"
|
||||
|
||||
echo -e "You can test JWT authentication with the following token for the next hour:\n"
|
||||
echo -e "You can test JWT authentication with the following token:\n"
|
||||
pyjwt3 --key="$SECRET_APP" \
|
||||
encode \
|
||||
--alg HS256 \
|
||||
group="Rocket.Chat" \
|
||||
aud="$APP_ID" \
|
||||
iss="$APP_ID" \
|
||||
sub="$DOMAIN" \
|
||||
room="*" \
|
||||
exp="$(($(date +%s)+3600))"
|
||||
algorithm="HS256"
|
||||
|
||||
read -n 1 -s -r -p $'\n'"Press any key to continue..."$'\n'
|
||||
|
|
|
|||
|
|
@ -303,12 +303,7 @@ do
|
|||
done
|
||||
sleep .1
|
||||
#Prosody repository
|
||||
if [ "$DIST" = "jammy" ]; then
|
||||
add_prosody_repo
|
||||
prosody="prosody-0.12"
|
||||
else
|
||||
prosody='prosody'
|
||||
fi
|
||||
#add_prosody_repo
|
||||
sleep .1
|
||||
# Jitsi-Meet Repo
|
||||
printf "\nAdd Jitsi repo\n"
|
||||
|
|
@ -437,7 +432,6 @@ echo "jitsi-meet-web-config jitsi-meet/jaas-choice boolean false" \
|
|||
apt-get -y install \
|
||||
jitsi-meet \
|
||||
jibri \
|
||||
$prosody \
|
||||
openjdk-11-jre-headless
|
||||
|
||||
# Fix RAND_load_file error
|
||||
|
|
@ -766,27 +760,7 @@ INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js"
|
|||
ssl_wa() {
|
||||
if [ "$LE_SSL" = "yes" ]; then
|
||||
systemctl stop "$1"
|
||||
if certbot certonly --standalone --renew-by-default \
|
||||
--agree-tos --email "$5" -d "$6" \
|
||||
--non-interactive
|
||||
then
|
||||
echo "> SSL cert issued correctly!"
|
||||
else
|
||||
echo "> SSL cert issued failed!"
|
||||
sleep .1
|
||||
while [ "$SSL_FAILED" != "yes" ] && [ "$SSL_FAILED" != "no" ]
|
||||
do
|
||||
read -p "> Do you want to continue regardless? This might make the installer to fail later on: (yes or no)$NL" -r SSL_FAILED
|
||||
if [ "$SSL_FAILED" = "yes" ]; then
|
||||
printf " - Continuing installation regardless failure to retrieve SSL certs.\n\n"
|
||||
elif [ "$SSL_FAILED" = "no" ]; then
|
||||
printf " - Stoping the installer.You might want to take a look at:\n"
|
||||
printf " - /var/log/letsencrypt/letsencrypt.log and / or\n"
|
||||
printf " - https://letsencrypt.status.io/\n\n"
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
fi
|
||||
certbot certonly --standalone --renew-by-default --agree-tos --email "$5" -d "$6" --non-interactive
|
||||
sed -i "s|/etc/jitsi/meet/$3.crt|/etc/letsencrypt/live/$3/fullchain.pem|" "$4"
|
||||
sed -i "s|/etc/jitsi/meet/$3.key|/etc/letsencrypt/live/$3/privkey.pem|" "$4"
|
||||
systemctl restart "$1"
|
||||
|
|
@ -974,17 +948,16 @@ JVB_SECRET=$(g_conf_value JVB_SECRET=)
|
|||
JVB_OPTS=$(g_conf_value JVB_OPTS=)
|
||||
JAVA_SYS_PROPS=$(g_conf_value JAVA_SYS_PROPS=)
|
||||
|
||||
#FIXME: - sip-communicator.properties - no longer exist
|
||||
#g_sip_value() {
|
||||
# grep "$1" "$JVB2_SIP" |cut -d "=" -f2
|
||||
#}
|
||||
#DISABLE_AWS_HARVESTER=$(g_sip_value DISABLE_AWS_HARVESTER=)
|
||||
#STUN_MAPPING_HARVESTER_ADDRESSES=$(g_sip_value STUN_MAPPING_HARVESTER_ADDRESSES=)
|
||||
#ENABLE_STATISTICS=$(g_sip_value ENABLE_STATISTICS=)
|
||||
#SHARD_HOSTNAME=$(g_sip_value shard.HOSTNAME=)
|
||||
#SHARD_DOMAIN=$(g_sip_value shard.DOMAIN=)
|
||||
#SHARD_PASSWORD=$(g_sip_value shard.PASSWORD=)
|
||||
#MUC_JID=$(g_sip_value MUC_JIDS=)
|
||||
g_sip_value() {
|
||||
grep "$1" "$JVB2_SIP" |cut -d "=" -f2
|
||||
}
|
||||
DISABLE_AWS_HARVESTER=$(g_sip_value DISABLE_AWS_HARVESTER=)
|
||||
STUN_MAPPING_HARVESTER_ADDRESSES=$(g_sip_value STUN_MAPPING_HARVESTER_ADDRESSES=)
|
||||
ENABLE_STATISTICS=$(g_sip_value ENABLE_STATISTICS=)
|
||||
SHARD_HOSTNAME=$(g_sip_value shard.HOSTNAME=)
|
||||
SHARD_DOMAIN=$(g_sip_value shard.DOMAIN=)
|
||||
SHARD_PASSWORD=$(g_sip_value shard.PASSWORD=)
|
||||
MUC_JID=$(g_sip_value MUC_JIDS=)
|
||||
|
||||
##-- Replacing on add-jvb2-node.sh
|
||||
sed -i "s|JVB_HOSTNAME=.*|JVB_HOSTNAME=$JVB_HOSTNAME|" add-jvb2-node.sh
|
||||
|
|
@ -993,14 +966,14 @@ sed -i "s|JVB_PORT=.*|JVB_PORT=$JVB_PORT|" add-jvb2-node.sh
|
|||
sed -i "s|JVB_SECRET=.*|JVB_SECRET=$JVB_SECRET|" add-jvb2-node.sh
|
||||
sed -i "s|JVB_OPTS=.*|JVB_OPTS=$JVB_OPTS|" add-jvb2-node.sh
|
||||
sed -i "s|SYS_PROPS=.*|SYS_PROPS=$JAVA_SYS_PROPS|" add-jvb2-node.sh
|
||||
#FIXME: - sip-communicator.properties - no longer exist
|
||||
#sed -i "s|AWS_HARVEST=.*|AWS_HARVEST=$DISABLE_AWS_HARVESTER|" add-jvb2-node.sh
|
||||
#sed -i "s|STUN_MAPPING=.*|STUN_MAPPING=$STUN_MAPPING_HARVESTER_ADDRESSES|" add-jvb2-node.sh
|
||||
#sed -i "s|ENABLE_STATISTICS=.*|ENABLE_STATISTICS=$ENABLE_STATISTICS|" add-jvb2-node.sh
|
||||
#sed -i "s|SHARD_HOSTNAME=.*|SHARD_HOSTNAME=$SHARD_HOSTNAME|" add-jvb2-node.sh
|
||||
#sed -i "s|SHARD_DOMAIN=.*|SHARD_DOMAIN=$SHARD_DOMAIN|" add-jvb2-node.sh
|
||||
#sed -i "s|SHARD_PASS=.*|SHARD_PASS=$SHARD_PASSWORD|" add-jvb2-node.sh
|
||||
#sed -i "s|MUC_JID=.*|MUC_JID=$MUC_JID|" add-jvb2-node.sh
|
||||
#-
|
||||
sed -i "s|AWS_HARVEST=.*|AWS_HARVEST=$DISABLE_AWS_HARVESTER|" add-jvb2-node.sh
|
||||
sed -i "s|STUN_MAPPING=.*|STUN_MAPPING=$STUN_MAPPING_HARVESTER_ADDRESSES|" add-jvb2-node.sh
|
||||
sed -i "s|ENABLE_STATISTICS=.*|ENABLE_STATISTICS=$ENABLE_STATISTICS|" add-jvb2-node.sh
|
||||
sed -i "s|SHARD_HOSTNAME=.*|SHARD_HOSTNAME=$SHARD_HOSTNAME|" add-jvb2-node.sh
|
||||
sed -i "s|SHARD_DOMAIN=.*|SHARD_DOMAIN=$SHARD_DOMAIN|" add-jvb2-node.sh
|
||||
sed -i "s|SHARD_PASS=.*|SHARD_PASS=$SHARD_PASSWORD|" add-jvb2-node.sh
|
||||
sed -i "s|MUC_JID=.*|MUC_JID=$MUC_JID|" add-jvb2-node.sh
|
||||
|
||||
sed -i "s|MAIN_SRV_DIST=.*|MAIN_SRV_DIST=\"$DIST\"|" add-jvb2-node.sh
|
||||
sed -i "s|MAIN_SRV_REPO=.*|MAIN_SRV_REPO=\"$JITSI_REPO\"|" add-jvb2-node.sh
|
||||
|
|
|
|||
|
|
@ -128,7 +128,6 @@ echo "opcache.revalidate_freq=1"
|
|||
echo "opcache.validate_timestamps=1"
|
||||
} >> "$PHP_INI"
|
||||
|
||||
echo "# Stick to default system php version to avoid breaking any other system application"
|
||||
update-alternatives --set php /usr/bin/php"$STABLE_PHP"
|
||||
update-alternatives --set php-fpm.sock /run/php/php"$STABLE_PHP"-fpm.sock
|
||||
update-alternatives --set php-cgi /usr/bin/php-cgi"$STABLE_PHP"
|
||||
|
|
|
|||
Loading…
Reference in New Issue