quick_jibri_installer.sh: increase support to 22.04
fix key agregation and remove deprecated letsencrypt ppa
This commit is contained in:
parent
b67dda5efa
commit
18e4b5ca40
|
@ -108,8 +108,8 @@ echo "Add Prosody repo"
|
||||||
if [ "$PROSODY_REPO" = "main" ]; then
|
if [ "$PROSODY_REPO" = "main" ]; then
|
||||||
echo "Prosody repository already installed"
|
echo "Prosody repository already installed"
|
||||||
else
|
else
|
||||||
echo "deb http://packages.prosody.im/debian $(lsb_release -sc) main" > /etc/apt/sources.list.d/prosody.list
|
echo "deb [signed-by=/etc/apt/trusted.gpg.d/prosody-debian-packages.key] http://packages.prosody.im/debian $(lsb_release -sc) main" > /etc/apt/sources.list.d/prosody.list
|
||||||
wget -qO - https://prosody.im/files/prosody-debian-packages.key | apt-key add -
|
curl -s https://prosody.im/files/prosody-debian-packages.key > /etc/apt/trusted.gpg.d/prosody-debian-packages.key
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
dpkg-compare() {
|
dpkg-compare() {
|
||||||
|
@ -150,24 +150,24 @@ if ! [ "$(id -u)" = 0 ]; then
|
||||||
fi
|
fi
|
||||||
|
|
||||||
printf "\nOS: %s" "$(lsb_release -sd)"
|
printf "\nOS: %s" "$(lsb_release -sd)"
|
||||||
if [ "$DIST" = "bionic" ] || \
|
if [ "$DIST" = "focal" ] || \
|
||||||
[ "$DIST" = "focal" ]; then
|
[ "$DIST" = "jammy" ]; then
|
||||||
printf "\nGood, this is a supported platform!"
|
printf "\nGood, this is a supported platform!"
|
||||||
else
|
else
|
||||||
printf "\nSorry, this platform is not supported... exiting"
|
printf "\nSorry, this platform is not supported... exiting"
|
||||||
exit
|
exit
|
||||||
fi
|
fi
|
||||||
#Suggest 20.04 LTS release over 18.04 in April 2022
|
#Suggest 22.04 LTS release over 20.04 in April 2024
|
||||||
TODAY=$(date +%s)
|
TODAY=$(date +%s)
|
||||||
NEXT_LTS_DATE=$(date -d 2022-04-01 +%s)
|
NEXT_LTS_DATE=$(date -d 2024-04-01 +%s)
|
||||||
|
|
||||||
if [ "$DIST" = "bionic" ]; then
|
if [ "$DIST" = "focal" ]; then
|
||||||
if [ "$TODAY" -gt "$NEXT_LTS_DATE" ]; then
|
if [ "$TODAY" -gt "$NEXT_LTS_DATE" ]; then
|
||||||
echo " > $(lsb_release -sc), even when it's compatible and functional.
|
echo " > $(lsb_release -sc), even when it's compatible and functional.
|
||||||
We suggest to use the next (LTS) release, for longer support and security reasons."
|
We suggest to use the next (LTS) release, for longer support and security reasons."
|
||||||
read -n 1 -s -r -p "Press any key to continue..."$'\n'
|
read -n 1 -s -r -p "Press any key to continue..."$'\n'
|
||||||
else
|
else
|
||||||
echo "Bionic is supported."
|
echo "Focal is supported."
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -266,8 +266,8 @@ printf "\nAdd Jitsi repo\n"
|
||||||
if [ "$JITSI_REPO" = "stable" ]; then
|
if [ "$JITSI_REPO" = "stable" ]; then
|
||||||
printf " - Jitsi stable repository already installed\n\n"
|
printf " - Jitsi stable repository already installed\n\n"
|
||||||
else
|
else
|
||||||
echo 'deb http://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list
|
echo 'deb [signed-by=/etc/apt/trusted.gpg.d/jitsi-key.gpg.key] http://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list
|
||||||
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
|
curl -s https://download.jitsi.org/jitsi-key.gpg.key > /etc/apt/trusted.gpg.d/jitsi-key.gpg.key
|
||||||
JITSI_REPO="stable"
|
JITSI_REPO="stable"
|
||||||
fi
|
fi
|
||||||
sleep .1
|
sleep .1
|
||||||
|
@ -279,7 +279,7 @@ if [ "$LE_SSL" = yes ]; then
|
||||||
printf " - We'll setup Let's Encrypt SSL certs.\n\n"
|
printf " - We'll setup Let's Encrypt SSL certs.\n\n"
|
||||||
else
|
else
|
||||||
printf " - We'll let you choose later on for it."
|
printf " - We'll let you choose later on for it."
|
||||||
printf" Please be aware that a valid SSL cert is required for some features to work properly.\n\n"
|
printf " Please be aware that a valid SSL cert is required for some features to work properly.\n\n"
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
sleep .1
|
sleep .1
|
||||||
|
@ -341,7 +341,7 @@ apt-get -y install \
|
||||||
|
|
||||||
if [ "$LE_SSL" = "yes" ]; then
|
if [ "$LE_SSL" = "yes" ]; then
|
||||||
apt-get -y install \
|
apt-get -y install \
|
||||||
letsencrypt
|
certbot
|
||||||
if [ "$(dpkg-query -W -f='${Status}' ufw 2>/dev/null | grep -c "ok installed")" == "1" ]; then
|
if [ "$(dpkg-query -W -f='${Status}' ufw 2>/dev/null | grep -c "ok installed")" == "1" ]; then
|
||||||
echo "# Disable pre-installed ufw, more on firewall see:
|
echo "# Disable pre-installed ufw, more on firewall see:
|
||||||
> https://github.com/switnet-ltd/quick-jibri-installer/wiki/Firewall"
|
> https://github.com/switnet-ltd/quick-jibri-installer/wiki/Firewall"
|
||||||
|
@ -412,7 +412,8 @@ if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then
|
||||||
echo "Google repository already set."
|
echo "Google repository already set."
|
||||||
else
|
else
|
||||||
echo "Installing Google Chrome Stable"
|
echo "Installing Google Chrome Stable"
|
||||||
wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add -
|
curl -s https://dl.google.com/linux/linux_signing_key.pub | \
|
||||||
|
gpg --dearmor | tee /etc/apt/trusted.gpg.d/google-chrome-key.gpg >/dev/null
|
||||||
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO"
|
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO"
|
||||||
fi
|
fi
|
||||||
apt-get -q2 update
|
apt-get -q2 update
|
||||||
|
@ -470,8 +471,6 @@ LE_RENEW_LOG="/var/log/letsencrypt/renew.log"
|
||||||
MOD_LISTU="https://prosody.im/files/mod_listusers.lua"
|
MOD_LISTU="https://prosody.im/files/mod_listusers.lua"
|
||||||
MOD_LIST_FILE="/usr/lib/prosody/modules/mod_listusers.lua"
|
MOD_LIST_FILE="/usr/lib/prosody/modules/mod_listusers.lua"
|
||||||
ENABLE_SA="yes"
|
ENABLE_SA="yes"
|
||||||
CERTBOT_REPO="$(apt-cache policy | awk '/certbot/{print$2}' | awk -F '/' 'NR==1{print$4}')"
|
|
||||||
CERTBOT_REL_FILE="http://ppa.launchpad.net/certbot/certbot/ubuntu/dists/$(lsb_release -sc)/Release"
|
|
||||||
GC_SDK_REL_FILE="http://packages.cloud.google.com/apt/dists/cloud-sdk-$(lsb_release -sc)/Release"
|
GC_SDK_REL_FILE="http://packages.cloud.google.com/apt/dists/cloud-sdk-$(lsb_release -sc)/Release"
|
||||||
MJS_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
|
MJS_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
|
||||||
MJS_USER="jbsync_$MJS_RAND_TAIL"
|
MJS_USER="jbsync_$MJS_RAND_TAIL"
|
||||||
|
@ -686,7 +685,7 @@ INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js"
|
||||||
ssl_wa() {
|
ssl_wa() {
|
||||||
if [ "$LE_SSL" = "yes" ]; then
|
if [ "$LE_SSL" = "yes" ]; then
|
||||||
systemctl stop "$1"
|
systemctl stop "$1"
|
||||||
letsencrypt certonly --standalone --renew-by-default --agree-tos --email "$5" -d "$6"
|
certbot certonly --standalone --renew-by-default --agree-tos --email "$5" -d "$6"
|
||||||
sed -i "s|/etc/jitsi/meet/$3.crt|/etc/letsencrypt/live/$3/fullchain.pem|" "$4"
|
sed -i "s|/etc/jitsi/meet/$3.crt|/etc/letsencrypt/live/$3/fullchain.pem|" "$4"
|
||||||
sed -i "s|/etc/jitsi/meet/$3.key|/etc/letsencrypt/live/$3/privkey.pem|" "$4"
|
sed -i "s|/etc/jitsi/meet/$3.key|/etc/letsencrypt/live/$3/privkey.pem|" "$4"
|
||||||
systemctl restart "$1"
|
systemctl restart "$1"
|
||||||
|
@ -700,35 +699,6 @@ if [ "$LE_SSL" = "yes" ]; then
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
enable_letsencrypt() {
|
|
||||||
if [ "$LE_SSL" = "yes" ]; then
|
|
||||||
echo '
|
|
||||||
#--------------------------------------------------
|
|
||||||
# Starting LetsEncrypt configuration
|
|
||||||
#--------------------------------------------------
|
|
||||||
'
|
|
||||||
#Disabled 'til fixed upstream
|
|
||||||
#bash /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
|
|
||||||
|
|
||||||
echo "#Set and upgrade certbot PPA if posssible..."
|
|
||||||
if [ "$CERTBOT_REPO" = "certbot" ]; then
|
|
||||||
printf "\nCertbot repository already on the system!\nChecking for updates...\n"
|
|
||||||
apt-get -q2 update
|
|
||||||
apt-get -yq2 dist-upgrade
|
|
||||||
elif [ "$(curl -s -o /dev/null -w "%{http_code}" "$CERTBOT_REL_FILE" )" == "200" ]; then
|
|
||||||
printf "\nAdding cerbot (formerly letsencrypt) PPA repository for latest updates\n"
|
|
||||||
echo "deb http://ppa.launchpad.net/certbot/certbot/ubuntu $DIST main" > /etc/apt/sources.list.d/certbot.list
|
|
||||||
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 75BCA694
|
|
||||||
apt-get -q2 update
|
|
||||||
apt-get -yq2 dist-upgrade
|
|
||||||
elif [ "$(curl -s -o /dev/null -w "%{http_code}" "$CERTBOT_REL_FILE" )" == "404" ]; then
|
|
||||||
printf "\nCertbot PPA is not available for %s just yet, it won't be installed...\n" "$(lsb_release -sc)"
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
echo "SSL setup will be skipped."
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
check_jibri() {
|
check_jibri() {
|
||||||
if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ]
|
if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ]
|
||||||
then
|
then
|
||||||
|
@ -1194,8 +1164,6 @@ if [ "$DISABLE_LOCAL_JIBRI" = "yes" ]; then
|
||||||
chmod -R 770 "$DIR_RECORD"
|
chmod -R 770 "$DIR_RECORD"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
enable_letsencrypt
|
|
||||||
|
|
||||||
# Fix prosody not able to read SSL Certs
|
# Fix prosody not able to read SSL Certs
|
||||||
chown -R root:prosody /etc/prosody/certs/
|
chown -R root:prosody /etc/prosody/certs/
|
||||||
chmod -R 650 /etc/prosody/certs/
|
chmod -R 650 /etc/prosody/certs/
|
||||||
|
|
Loading…
Reference in New Issue