switnet
/
quick-jibri-installer
2
1
Fork 1
Code Issues 2 Pull Requests Packages Projects Releases 13 Wiki Activity

Testing fix no letsencrypt usage

This commit is contained in:
Luis Guzmán 2021-01-28 10:34:28 -06:00
parent 8c8e6db845
commit 24b7029e57
1 changed files with 38 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
quick_jibri_installer.sh
View File

@ -249,35 +249,39 @@ else
JITSI_REPO="stable" JITSI_REPO="stable"
fi fi
#Default to LE SSL? #Default to LE SSL?
while [[ $LE_SSL != yes && $LE_SSL != no ]] while [[ "$LE_SSL" != "yes" && "$LE_SSL" != "no" ]]
do do
read -p "> Do you plan to use Let's Encrypt SSL certs?: (yes or no)"$'\n' -r LE_SSL read -p "> Do you plan to use Let's Encrypt SSL certs?: (yes or no)"$'\n' -r LE_SSL
if [ $LE_SSL = yes ]; then if [ $LE_SSL = yes ]; then
echo "We'll defaul to Let's Encrypt SSL certs." echo "We'll defaul to Let's Encrypt SSL certs."
else else
echo "We'll let you choose later on for it." echo "We'll let you choose later on for it.
Please be aware that a valid SSL cert is required for some features to work properly."
fi fi
done done
#Set domain #Set domain
while [[ $ANS_JD != yes ]] if [ "$LE_SSL" = "yes" ]; then
do while [[ "$ANS_JD" != "yes" ]]
read -p "> Please set your domain (or subdmain) here: (e.g.: jitsi.domain.com)"$'\n' -r JITSI_DOMAIN do
read -p "> Did you mean?: $JITSI_DOMAIN (yes or no)"$'\n' -r ANS_JD read -p "> Please set your domain (or subdmain) here: (e.g.: jitsi.domain.com)"$'\n' -r JITSI_DOMAIN
if [ "$ANS_JD" = "yes" ]; then read -p "> Did you mean?: $JITSI_DOMAIN (yes or no)"$'\n' -r ANS_JD
if [ "$ANS_JD" = "yes" ]; then
echo "Alright, let's use $JITSI_DOMAIN." echo "Alright, let's use $JITSI_DOMAIN."
else else
echo "Please try again." echo "Please try again."
fi fi
done done
#Simple DNS test
if [ "$PUBLIC_IP" = "$(dig -4 +short $JITSI_DOMAIN)" ]; then #Simple DNS test
echo "Server public IP & DNS record for $JITSI_DOMAIN seems to match, continuing... if [ "$PUBLIC_IP" = "$(dig -4 +short $JITSI_DOMAIN)" ]; then
echo "Server public IP & DNS record for $JITSI_DOMAIN seems to match, continuing...
" "
else else
echo "Server public IP ($PUBLIC_IP) & DNS record for $JITSI_DOMAIN don't seem to match." echo "Server public IP ($PUBLIC_IP) & DNS record for $JITSI_DOMAIN don't seem to match."
echo "Please check your dns records are applied and updated. Exiting for now... echo "Please check your dns records are applied and updated. Exiting for now...
" "
exit exit
fi
fi fi
# Requirements # Requirements
echo "We'll start by installing system requirements this may take a while please be patient..." echo "We'll start by installing system requirements this may take a while please be patient..."
@ -292,13 +296,17 @@ apt-get -y install \
git \ git \
htop \ htop \
jq \ jq \
letsencrypt \
net-tools \ net-tools \
rsync \ rsync \
ssh \ ssh \
unzip \ unzip \
wget wget
if [ "$LE_SSL" = "yes" ]; then
apt-get -y install \
letsencrypt
fi
echo "# Check and Install HWE kernel if possible..." echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD=$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)") HWE_VIR_MOD=$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)")
if [ "$HWE_VIR_MOD" = "1" ]; then if [ "$HWE_VIR_MOD" = "1" ]; then
@ -319,8 +327,8 @@ echo "
" "
if [ "$LE_SSL" = "yes" ]; then if [ "$LE_SSL" = "yes" ]; then
echo "set jitsi-meet/cert-choice select Generate a new self-signed certificate (You will later get a chance to obtain a Let's encrypt certificate)" | debconf-set-selections echo "set jitsi-meet/cert-choice select Generate a new self-signed certificate (You will later get a chance to obtain a Let's encrypt certificate)" | debconf-set-selections
fi
echo "jitsi-videobridge2 jitsi-videobridge/jvb-hostname string $JITSI_DOMAIN" | debconf-set-selections echo "jitsi-videobridge2 jitsi-videobridge/jvb-hostname string $JITSI_DOMAIN" | debconf-set-selections
fi
apt-get -y install \ apt-get -y install \
jitsi-meet \ jitsi-meet \
jibri \ jibri \
@ -459,20 +467,6 @@ elif [ "$DROP_TLS1" = "yes" ]; then
echo "TLSv1.0/1.1 will be dropped" echo "TLSv1.0/1.1 will be dropped"
fi fi
done done
#SSL LE
if [ "$LE_SSL" = "yes" ]; then
ENABLE_SSL=yes
else
while [[ "$ENABLE_SSL" != "yes" && "$ENABLE_SSL" != "no" ]]
do
read -p "> Do you want to setup LetsEncrypt with your domain: (yes or no)"$'\n' -r ENABLE_SSL
if [ "$ENABLE_SSL" = "no" ]; then
echo "Please run letsencrypt.sh manually post-installation."
else
echo "SSL will be enabled."
fi
done
fi
#Dropbox -- no longer requirement for localrecording #Dropbox -- no longer requirement for localrecording
#while [[ $ENABLE_DB != yes && $ENABLE_DB != no ]] #while [[ $ENABLE_DB != yes && $ENABLE_DB != no ]]
#do #do
@ -627,6 +621,7 @@ INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js"
WAN_IP=$(dig +short myip.opendns.com @resolver1.opendns.com) WAN_IP=$(dig +short myip.opendns.com @resolver1.opendns.com)
ssl_wa() { ssl_wa() {
if [ "$LE_SSL" = "yes" ]; then
systemctl stop $1 systemctl stop $1
letsencrypt certonly --standalone --renew-by-default --agree-tos --email $5 -d $6 letsencrypt certonly --standalone --renew-by-default --agree-tos --email $5 -d $6
sed -i "s|/etc/jitsi/meet/$3.crt|/etc/letsencrypt/live/$3/fullchain.pem|" $4 sed -i "s|/etc/jitsi/meet/$3.crt|/etc/letsencrypt/live/$3/fullchain.pem|" $4
@ -635,11 +630,12 @@ systemctl restart $1
#Add cron #Add cron
crontab -l | { cat; echo "@weekly certbot renew --${2} > $LE_RENEW_LOG 2>&1"; } | crontab - crontab -l | { cat; echo "@weekly certbot renew --${2} > $LE_RENEW_LOG 2>&1"; } | crontab -
crontab -l crontab -l
fi
} }
enable_letsencrypt() { enable_letsencrypt() {
if [ "$ENABLE_SSL" = "yes" ]; then if [ "$LE_SSL" = "yes" ]; then
echo ' echo '
#-------------------------------------------------- #--------------------------------------------------
# Starting LetsEncrypt configuration # Starting LetsEncrypt configuration
#-------------------------------------------------- #--------------------------------------------------
@ -647,23 +643,23 @@ echo '
#Disabled 'til fixed upstream #Disabled 'til fixed upstream
#bash /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh #bash /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
echo "#Set and upgrade certbot PPA if posssible..." echo "#Set and upgrade certbot PPA if posssible..."
if [ "$CERTBOT_REPO" = "certbot" ]; then if [ "$CERTBOT_REPO" = "certbot" ]; then
echo -e "\nCerbot repository already on the system!\nChecking for updates...\n" echo -e "\nCerbot repository already on the system!\nChecking for updates...\n"
apt-get -q2 update apt-get -q2 update
apt-get -yq2 dist-upgrade apt-get -yq2 dist-upgrade
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "200" ]; then elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "200" ]; then
echo -e "\nAdding cerbot (formerly letsencrypt) PPA repository for latest updates\n" echo -e "\nAdding cerbot (formerly letsencrypt) PPA repository for latest updates\n"
echo "deb http://ppa.launchpad.net/certbot/certbot/ubuntu $DIST main" > /etc/apt/sources.list.d/certbot.list echo "deb http://ppa.launchpad.net/certbot/certbot/ubuntu $DIST main" > /etc/apt/sources.list.d/certbot.list
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 75BCA694 apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 75BCA694
apt-get -q2 update apt-get -q2 update
apt-get -yq2 dist-upgrade apt-get -yq2 dist-upgrade
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "404" ]; then elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "404" ]; then
echo -e "\nCertbot PPA is not available for $(lsb_release -sc) just yet, it won't be installed...\n" echo -e "\nCertbot PPA is not available for $(lsb_release -sc) just yet, it won't be installed...\n"
fi fi
else else
echo "SSL setup will be skipped." echo "SSL setup will be skipped."
fi fi
} }