## Changes/fixes,

- Drop support for 16.04
- Fix secure rooms
- Fix tmp folder from external jibri node sync
- Keeping new blur
- Remove unused lines from prosody
- Apply brandless mode to svg logo
- Fix postgres query
- Satisfy imagick requirement & disable support app

## New

- Add enable show close page
- Add FQDN option to set as hostname
- Add partial support for CHP mode for 2.0.5765-1
-  Add simple DNS test to Nextcloud domain.
This commit is contained in:
Luis Guzman 2021-04-28 09:12:22 -05:00 committed by GitHub
commit 3f4710a0b5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 159 additions and 71 deletions

View File

@ -324,10 +324,19 @@ echo "or storage provider, etc.) in this script" >> /tmp/finalize.out
chmod -R 770 \$RECORDINGS_DIR chmod -R 770 \$RECORDINGS_DIR
#Rename folder.
LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -n -r|awk '{print\$2}'| grep -v "meta\|-" | head -n1)" LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -n -r|awk '{print\$2}'| grep -v "meta\|-" | head -n1)"
NJF_NAME="\$(find \$LJF_PATH |grep -e "-"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)" NJF_NAME="\$(find \$LJF_PATH |grep -e "-"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)"
NJF_PATH="\$RECORDINGS_DIR/\$NJF_NAME" NJF_PATH="\$RECORDINGS_DIR/\$NJF_NAME"
mv \$LJF_PATH \$NJF_PATH
##Prevent empty recording directory failsafe
if [ "\$LJF_PATH" != "\$RECORDINGS_DIR" ]; then
mv \$LJF_PATH \$NJF_PATH
#Workaround for jibri to do cleaning.
ssh -i /home/jibri/jbsync.pem $MJS_USER@$MAIN_SRV_DOMAIN "rm -r \$LJF_PATH"
else
echo "No new folder recorded, not removing anything."
fi
exit 0 exit 0
REC_DIR REC_DIR
@ -425,6 +434,12 @@ echo "$NJN_USER:$NJN_USER_PASS" | chpasswd
echo -e "\n---- We'll connect to main server ----" echo -e "\n---- We'll connect to main server ----"
read -n 1 -s -r -p "Press any key to continue..."$'\n' read -n 1 -s -r -p "Press any key to continue..."$'\n'
sudo su $NJN_USER -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''" sudo su $NJN_USER -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
#Workaround for jibri to do cleaning.
install -m 0600 -o jibri /home/$NJN_USER/.ssh/id_rsa /home/jibri/jbsync.pem
sudo su jibri -c "install -D /dev/null /home/jibri/.ssh/known_hosts"
sudo su jibri -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts"
echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n" echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n"
ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> ~/.ssh/known_hosts ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> ~/.ssh/known_hosts
ssh $MJS_USER@$MAIN_SRV_DOMAIN sh -c "'cat >> .ssh/authorized_keys'" < /home/$NJN_USER/.ssh/id_rsa.pub ssh $MJS_USER@$MAIN_SRV_DOMAIN sh -c "'cat >> .ssh/authorized_keys'" < /home/$NJN_USER/.ssh/id_rsa.pub

View File

@ -59,7 +59,7 @@ START=0
LAST=TBD LAST=TBD
THIS_SRV_DIST=$(lsb_release -sc) THIS_SRV_DIST=$(lsb_release -sc)
JITSI_REPO=$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f1) JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR==1{print$1}')
JVB2_CONF="/etc/jitsi/videobridge/config" JVB2_CONF="/etc/jitsi/videobridge/config"
JVB2_NCONF="/etc/jitsi/videobridge/jvb.conf" JVB2_NCONF="/etc/jitsi/videobridge/jvb.conf"
JVB2_SIP="/etc/jitsi/videobridge/sip-communicator.properties" JVB2_SIP="/etc/jitsi/videobridge/sip-communicator.properties"

View File

@ -46,7 +46,7 @@ systemctl status $1
MAIN_TEL="/etc/telegraf/telegraf.conf" MAIN_TEL="/etc/telegraf/telegraf.conf"
TEL_JIT="/etc/telegraf/telegraf.d/jitsi.conf" TEL_JIT="/etc/telegraf/telegraf.d/jitsi.conf"
GRAFANA_INI="/etc/grafana/grafana.ini" GRAFANA_INI="/etc/grafana/grafana.ini"
DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++') DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')"
WS_CONF="/etc/nginx/sites-enabled/$DOMAIN.conf" WS_CONF="/etc/nginx/sites-enabled/$DOMAIN.conf"
GRAFANA_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)" GRAFANA_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)"

View File

@ -76,4 +76,5 @@ else
sed -i "s|SUPPORT_URL: .*|SUPPORT_URL: '#',|g" "$INT_CONF" sed -i "s|SUPPORT_URL: .*|SUPPORT_URL: '#',|g" "$INT_CONF"
#Logo 2 #Logo 2
sed -i "s|watermark.png|watermark2.png|g" "$INT_CONF" sed -i "s|watermark.png|watermark2.png|g" "$INT_CONF"
sed -i "s|watermark.svg|watermark2.png|g" "$INT_CONF"
fi fi

View File

@ -41,7 +41,7 @@ DISTRO_RELEASE="$(lsb_release -sc)"
DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')" DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')"
PHP_REPO="$(apt-cache policy | awk '/http/&&/php/{print$2}' | awk -F "/" 'NR==1{print$5}')" PHP_REPO="$(apt-cache policy | awk '/http/&&/php/{print$2}' | awk -F "/" 'NR==1{print$5}')"
PHPVER="7.4" PHPVER="7.4"
PSGVER="$(apt-cache madison postgresql | awk -F '[|+]' 'NR==1{print $2}')" PSGVER="$(apt-cache madison postgresql|awk -F'[ +]' 'NR==1{print $3}')"
PHP_FPM_DIR="/etc/php/$PHPVER/fpm" PHP_FPM_DIR="/etc/php/$PHPVER/fpm"
PHP_INI="$PHP_FPM_DIR/php.ini" PHP_INI="$PHP_FPM_DIR/php.ini"
PHP_CONF="/etc/php/$PHPVER/fpm/pool.d/www.conf" PHP_CONF="/etc/php/$PHPVER/fpm/pool.d/www.conf"
@ -60,16 +60,39 @@ JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
if [ -f $JITSI_MEET_PROXY ];then if [ -f $JITSI_MEET_PROXY ];then
PREAD_PROXY=$(grep -nr "preread_server_name" $JITSI_MEET_PROXY | cut -d ":" -f1) PREAD_PROXY=$(grep -nr "preread_server_name" $JITSI_MEET_PROXY | cut -d ":" -f1)
fi fi
PUBLIC_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)"
while [[ -z "$NC_DOMAIN" ]] while [[ "$ANS_NCD" != "yes" ]]
do do
read -p "Please enter the domain to use for Nextcloud: " -r NC_DOMAIN read -p "> Please set your domain (or subdmain) here for Nextcloud: (e.g.: cloud.domain.com)"$'\n' -r NC_DOMAIN
if [ -z "$NC_DOMAIN" ];then if [ -z "$NC_DOMAIN" ];then
echo "-- This field is mandatory." echo "-- This field is mandatory."
elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then
echo "-- You can not use the same domain for both, Jitsi Meet and JRA via Nextcloud." echo "-- You can not use the same domain for both, Jitsi Meet and JRA via Nextcloud."
fi fi
read -p "> Did you mean?: $NC_DOMAIN (yes or no)"$'\n' -r ANS_NCD
if [ "$ANS_NCD" = "yes" ]; then
echo "Alright, let's use $NC_DOMAIN."
else
echo "Please try again."
fi
done done
#Simple DNS test
if [ "$PUBLIC_IP" = "$(dig -4 +short $NC_DOMAIN)" ]; then
echo "Server public IP & DNS record for $NC_DOMAIN seems to match, continuing...
"
else
echo "Server public IP ($PUBLIC_IP) & DNS record for $NC_DOMAIN don't seem to match."
echo " > Please check your dns records are applied and updated, otherwise Nextcloud may fail."
read -p " > Do you want to continue?: (yes or no)"$'\n' -r DNS_CONTINUE
if [ "$DNS_CONTINUE" = "yes" ]; then
echo " - We'll continue anyway..."
else
echo " - Exiting for now..."
exit
fi
fi
NC_NGINX_CONF="/etc/nginx/sites-available/$NC_DOMAIN.conf" NC_NGINX_CONF="/etc/nginx/sites-available/$NC_DOMAIN.conf"
while [[ -z "$NC_USER" ]] while [[ -z "$NC_USER" ]]
do do
@ -148,12 +171,14 @@ install_ifnot postgresql-$PSGVER
# PHP 7.4 # PHP 7.4
add_php74 add_php74
apt-get install -y \ apt-get install -y \
imagemagick \
php$PHPVER-fpm \ php$PHPVER-fpm \
php$PHPVER-bcmath \ php$PHPVER-bcmath \
php$PHPVER-bz2 \ php$PHPVER-bz2 \
php$PHPVER-curl \ php$PHPVER-curl \
php$PHPVER-gd \ php$PHPVER-gd \
php$PHPVER-gmp \ php$PHPVER-gmp \
php$PHPVER-imagick \
php$PHPVER-intl \ php$PHPVER-intl \
php$PHPVER-json \ php$PHPVER-json \
php$PHPVER-ldap \ php$PHPVER-ldap \
@ -164,7 +189,6 @@ apt-get install -y \
php$PHPVER-xml \ php$PHPVER-xml \
php$PHPVER-xmlrpc \ php$PHPVER-xmlrpc \
php$PHPVER-zip \ php$PHPVER-zip \
php-imagick \
redis-server \ redis-server \
unzip unzip
@ -455,6 +479,7 @@ Addding & Setting up Files External App for Local storage...
" "
sudo -u www-data php $NC_PATH/occ app:install files_external sudo -u www-data php $NC_PATH/occ app:install files_external
sudo -u www-data php $NC_PATH/occ app:enable files_external sudo -u www-data php $NC_PATH/occ app:enable files_external
sudo -u www-data php $NC_PATH/occ app:disable support
sudo -u www-data php $NC_PATH/occ files_external:import /tmp/jra-nc-app-ef.json sudo -u www-data php $NC_PATH/occ files_external:import /tmp/jra-nc-app-ef.json
usermod -a -G jibri www-data usermod -a -G jibri www-data

View File

@ -31,9 +31,20 @@ while [ $secs -gt 0 ]; do
: $((secs--)) : $((secs--))
done done
} }
set_once() {
if [ -z "$(awk '!/^ *#/ && NF {print}' "$2"|grep $(echo $1|awk -F '=' '{print$1}'))" ]; then
echo "Setting "$1" on "$2"..."
echo "$1" | tee -a "$2"
else
echo " \"$(echo $1|awk -F '=' '{print$1}')\" seems present, skipping setting this variable"
fi
}
# True if $1 is greater than $2
version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
LTS_REL="$(lsb_release -d | awk '{print$4}')" LTS_REL="$(lsb_release -d | awk '{print$4}')"
DOMAIN="$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')" DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')"
JVB_LOG_POP="/etc/jitsi/videobridge/logging.properties" JVB_LOG_POP="/etc/jitsi/videobridge/logging.properties"
JVB_RC="/usr/share/jitsi-videobridge/lib/videobridge.rc" JVB_RC="/usr/share/jitsi-videobridge/lib/videobridge.rc"
JICOFO_LOG_POP="/etc/jitsi/videobridge/logging.properties" JICOFO_LOG_POP="/etc/jitsi/videobridge/logging.properties"
@ -102,7 +113,7 @@ echo "
#-------------------------------------------------- #--------------------------------------------------
" "
echo "If you are using a high volume of users we recommend to use nHD (640x360), echo "If you are using a high volume of users we recommend to use nHD (640x360),
or at most qHD (960x540) resolution as default, since bandwith increase or at most qHD (960x540) resolution as default, since bandwith increase
exponentially with the more concurrent users on a meeting. exponentially with the more concurrent users on a meeting.
Either way, choose your desired video resolution. Either way, choose your desired video resolution.
" "
@ -160,18 +171,18 @@ sysctl -w net.core.rmem_default=262144
sysctl -w net.core.wmem_default=262144 sysctl -w net.core.wmem_default=262144
sysctl -w net.core.rmem_max=262144 sysctl -w net.core.rmem_max=262144
sysctl -w net.core.wmem_max=262144 sysctl -w net.core.wmem_max=262144
echo 'net.core.rmem_default=262144' | tee -a /etc/sysctl.conf set_once "net.core.rmem_default=262144" "/etc/sysctl.conf"
echo 'net.core.wmem_default=262144' | tee -a /etc/sysctl.conf set_once "net.core.wmem_default=262144" "/etc/sysctl.conf"
echo 'net.core.rmem_max=262144' | tee -a /etc/sysctl.conf set_once "net.core.rmem_max=262144" "/etc/sysctl.conf"
echo 'net.core.wmem_max=262144' | tee -a /etc/sysctl.conf set_once "net.core.wmem_max=262144" "/etc/sysctl.conf"
#https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_for_real_time/7/html/tuning_guide/reduce_tcp_performance_spikes #https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_for_real_time/7/html/tuning_guide/reduce_tcp_performance_spikes
sysctl -w net.ipv4.tcp_timestamps=0 sysctl -w net.ipv4.tcp_timestamps=0
echo 'net.ipv4.tcp_timestamps=0' | tee -a /etc/sysctl.conf set_once "net.ipv4.tcp_timestamps=0" "/etc/sysctl.conf"
#https://bugzilla.redhat.com/show_bug.cgi?id=1283676 #https://bugzilla.redhat.com/show_bug.cgi?id=1283676
sysctl -w net.core.netdev_max_backlog=100000 sysctl -w net.core.netdev_max_backlog=100000
echo 'net.core.netdev_max_backlog=100000' | tee -a /etc/sysctl.conf set_once "net.core.netdev_max_backlog=100000" "/etc/sysctl.conf"
##nginx ##nginx
sed -i "s|worker_connections.*|worker_connections 2000;|" /etc/nginx/nginx.conf sed -i "s|worker_connections.*|worker_connections 2000;|" /etc/nginx/nginx.conf
@ -180,7 +191,7 @@ sed -i "s|worker_connections.*|worker_connections 2000;|" /etc/nginx/nginx.conf
#sysctl -w net.ipv4.tcp_low_latency=1 #sysctl -w net.ipv4.tcp_low_latency=1
#JVB2 #JVB2
##Loose up logging ##Loose up logging
# https://community.jitsi.org/t/23641/13 # https://community.jitsi.org/t/23641/13
sed -i "/java.util.logging.FileHandler.level/s|ALL|WARNING|g" $JVB_LOG_POP sed -i "/java.util.logging.FileHandler.level/s|ALL|WARNING|g" $JVB_LOG_POP
sed -i "s|^.level=INFO|.level=WARNING|" $JVB_LOG_POP sed -i "s|^.level=INFO|.level=WARNING|" $JVB_LOG_POP
@ -284,19 +295,35 @@ sed -i "s|OPTIMAL_BROWSERS: \[.*|OPTIMAL_BROWSERS: \[ 'chrome', 'chromium', 'ele
sed -i "s|UNSUPPORTED_BROWSERS: .*|UNSUPPORTED_BROWSERS: \[ 'nwjs', 'safari', 'firefox' \],|" $INT_CONF_JS_HP sed -i "s|UNSUPPORTED_BROWSERS: .*|UNSUPPORTED_BROWSERS: \[ 'nwjs', 'safari', 'firefox' \],|" $INT_CONF_JS_HP
### Toolbars ### Toolbars
sed -i "/^\s*TOOLBAR_BUTTONS*\]$/ s|^|//|; /^\s*TOOLBAR_BUTTONS/, /\],$/ s|^|//|" $INT_CONF_JS_HP if version_gt "$(apt-show-versions jitsi-meet|awk '{print$2}')" "2.0.5390-3" ; then
#New toolbar in config.js
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ TOOLBAR_BUTTONS: \[" $INT_CONF_JS_HP sed -i "/\/\/ toolbarButtons:/i \ \ \ \ toolbarButtons:: \[" $MEET_CONF_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," $INT_CONF_JS_HP sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," $MEET_CONF_HP
if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," $INT_CONF_JS_HP sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," $MEET_CONF_HP
else
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," $MEET_CONF_HP
fi
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," $MEET_CONF_HP
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," $MEET_CONF_HP
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'mute-video-everyone', 'security'" $MEET_CONF_HP
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \]," $MEET_CONF_HP
else else
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," $INT_CONF_JS_HP #Old toolbar in interface.js (soon deprecated on newer versions)
sed -i "/^\s*TOOLBAR_BUTTONS*\]$/ s|^|//|; /^\s*TOOLBAR_BUTTONS/, /\],$/ s|^|//|" $INT_CONF_JS_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ TOOLBAR_BUTTONS: \[" $INT_CONF_JS_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," $INT_CONF_JS_HP
if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," $INT_CONF_JS_HP
else
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," $INT_CONF_JS_HP
fi
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," $INT_CONF_JS_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," $INT_CONF_JS_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'mute-video-everyone', 'security'" $INT_CONF_JS_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \]," $INT_CONF_JS_HP
fi fi
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," $INT_CONF_JS_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," $INT_CONF_JS_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'security'" $INT_CONF_JS_HP
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \]," $INT_CONF_JS_HP
#Check config file #Check config file
echo -e "\n# Checking $MEET_CONF file for errors\n" echo -e "\n# Checking $MEET_CONF file for errors\n"
@ -304,23 +331,19 @@ CHECKJS_MEET_CHP=$(esvalidate $MEET_CONF_HP| cut -d ":" -f2)
if [ -z "$CHECKJS_MEET_CHP" ]; then if [ -z "$CHECKJS_MEET_CHP" ]; then
echo -e "\n# The $MEET_CONF_HP configuration seems correct. =)\n" echo -e "\n# The $MEET_CONF_HP configuration seems correct. =)\n"
else else
echo " echo -e "\n Watch out!, there seems to be an issue on $MEET_CONF_HP line:
Watch out!, there seems to be an issue on $MEET_CONF line: $CHECKJS_MEET_CHP
$CHECKJS Most of the times this is due upstream changes, please report to
Most of the times this is due upstream changes, please report to https://github.com/switnet-ltd/quick-jibri-installer/issues\n"
https://github.com/switnet-ltd/quick-jibri-installer/issues
"
fi fi
CHECKJS_INT_CHP=$(esvalidate $INT_CONF_JS_HP| cut -d ":" -f2) CHECKJS_INT_CHP=$(esvalidate $INT_CONF_JS_HP| cut -d ":" -f2)
if [ -z "$CHECKJS_INT_CHP" ]; then if [ -z "$CHECKJS_INT_CHP" ]; then
echo -e "\n# The $INT_CONF_JS_HP configuration seems correct. =)\n" echo -e "\n# The $INT_CONF_JS_HP configuration seems correct. =)\n"
else else
echo " echo -e "\n Watch out!, there seems to be an issue on $INT_CONF_JS_HP line:
Watch out!, there seems to be an issue on $MEET_CONF line: $CHECKJS_INT_CHP
$CHECKJS Most of the times this is due upstream changes, please report to
Most of the times this is due upstream changes, please report to https://github.com/switnet-ltd/quick-jibri-installer/issues\n"
https://github.com/switnet-ltd/quick-jibri-installer/issues
"
fi fi
sed -i "s|$MEET_CONF|$MEET_CONF_HP|g" $WS_CONF sed -i "s|$MEET_CONF|$MEET_CONF_HP|g" $WS_CONF

View File

@ -148,8 +148,7 @@ if ! [ $(id -u) = 0 ]; then
echo "You need to be root or have sudo privileges!" echo "You need to be root or have sudo privileges!"
exit 0 exit 0
fi fi
if [ "$DIST" = "xenial" ] || \ if [ "$DIST" = "bionic" ] || \
[ "$DIST" = "bionic" ] || \
[ "$DIST" = "focal" ]; then [ "$DIST" = "focal" ]; then
echo "OS: $(lsb_release -sd)" echo "OS: $(lsb_release -sd)"
echo "Good, this is a supported platform!" echo "Good, this is a supported platform!"
@ -158,12 +157,20 @@ else
echo "Sorry, this platform is not supported... exiting" echo "Sorry, this platform is not supported... exiting"
exit exit
fi fi
#Suggest 18.04 LTS release over 16.04 #Suggest 20.04 LTS release over 18.04 in April 2022
if [ "$DIST" = "xenial" ]; then TODAY=$(date +%s)
echo " > $(lsb_release -sc), even when it's compatible and functional. NEXT_LTS_DATE=$(date -d 2022-04-01 +%s)
if [ "$DIST" = "bionic" ]; then
if [ "$TODAY" -gt "$NEXT_LTS_DATE" ]; then
echo " > $(lsb_release -sc), even when it's compatible and functional.
We suggest to use the next (LTS) release, for longer support and security reasons." We suggest to use the next (LTS) release, for longer support and security reasons."
read -n 1 -s -r -p "Press any key to continue..."$'\n' read -n 1 -s -r -p "Press any key to continue..."$'\n'
else
echo "Bionic is supported."
fi
fi fi
#Check system resources #Check system resources
echo "Verifying System Resources:" echo "Verifying System Resources:"
if [ "$(nproc --all)" -lt 4 ];then if [ "$(nproc --all)" -lt 4 ];then
@ -433,10 +440,21 @@ GC_SDK_REL_FILE="http://packages.cloud.google.com/apt/dists/cloud-sdk-$(lsb_rele
MJS_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)" MJS_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
MJS_USER="jbsync_$MJS_RAND_TAIL" MJS_USER="jbsync_$MJS_RAND_TAIL"
MJS_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)" MJS_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)"
FQDN_HOST="fqdn"
# Rename hostname for jitsi server # Rename hostname for jitsi server
#hostnamectl set-hostname "jitsi.${DOMAIN}" while [[ "$FQDN_HOST" != "yes" && "$FQDN_HOST" != "no" && ! -z "$FQDN_HOST" ]]
#sed -i "1i ${PUBLIC_IP} jitsi.${DOMAIN}" /etc/hosts do
echo -e "> Do you want to use your internet domain ($DOMAIN) as a fqdn hostname?: (yes or no)" && \
read -p "Leave empty to default to your current one ($(hostname -f)): "$'\n' FQDN_HOST
if [ "$FQDN_HOST" = "yes" ]; then
echo "We'll use your domain ($DOMAIN) as a fqdn hostname, changes will show on reboot."
hostnamectl set-hostname "${DOMAIN}"
sed -i "1i ${PUBLIC_IP} ${DOMAIN}" /etc/hosts
else
echo "We'll keep the current one ($(hostname -f)) you're using."
fi
done
#Sysadmin email #Sysadmin email
if [ "$LE_SSL" = "yes" ]; then if [ "$LE_SSL" = "yes" ]; then
@ -452,8 +470,7 @@ You can define the language, for a complete list of the supported languages
See here: See here:
https://github.com/jitsi/jitsi-meet/blob/master/lang/languages.json https://github.com/jitsi/jitsi-meet/blob/master/lang/languages.json
Jitsi Meet web interface will be set to use such language. Jitsi Meet web interface will be set to use such language."
"
read -p "Please set your language (Press enter to default to 'en'):"$'\n' -r JB_LANG read -p "Please set your language (Press enter to default to 'en'):"$'\n' -r JB_LANG
echo -e "\nWe'll take a minute to localize some UI excerpts if you need.\n" echo -e "\nWe'll take a minute to localize some UI excerpts if you need.\n"
#Participant #Participant
@ -505,6 +522,16 @@ do
echo "Welcome page will be enabled." echo "Welcome page will be enabled."
fi fi
done done
#Close page
while [[ "$ENABLE_CLOCP" != "yes" && "$ENABLE_CLOCP" != "no" ]]
do
read -p "> Do you want to enable the close page on room exit: (yes or no)"$'\n' -r ENABLE_CLOCP
if [ "$ENABLE_CLOCP" = "yes" ]; then
echo "Close page will be enabled."
elif [ "$ENABLE_CLOCP" = "no" ]; then
echo "Close page will be keept disabled."
fi
done
#Enable static avatar #Enable static avatar
while [[ "$ENABLE_SA" != "yes" && "$ENABLE_SA" != "no" ]] while [[ "$ENABLE_SA" != "yes" && "$ENABLE_SA" != "no" ]]
do do
@ -711,12 +738,12 @@ VirtualHost "recorder.$DOMAIN"
modules_enabled = { modules_enabled = {
"ping"; "ping";
} }
authentication = "internal_plain" authentication = "internal_hashed"
REC-JIBRI REC-JIBRI
#Enable Jibri withelist #Enable Jibri withelist
sed -i "s| -- muc_lobby_whitelist| muc_lobby_whitelist|" $PROSODY_FILE sed -i "s|-- muc_lobby_whitelist|muc_lobby_whitelist|" $PROSODY_FILE
#Fix Jibri conectivity issues #Fix Jibri conectivity issues
sed -i "s|c2s_require_encryption = .*|c2s_require_encryption = false|" $PROSODY_SYS sed -i "s|c2s_require_encryption = .*|c2s_require_encryption = false|" $PROSODY_SYS
@ -977,7 +1004,6 @@ else
fi fi
#Static avatar #Static avatar
if [ "$ENABLE_SA" = "yes" ] && [ -f $WS_CONF ]; then if [ "$ENABLE_SA" = "yes" ] && [ -f $WS_CONF ]; then
#wget https://switnet.net/static/avatar.png -O /usr/share/jitsi-meet/images/avatar2.png
cp images/avatar2.png /usr/share/jitsi-meet/images/ cp images/avatar2.png /usr/share/jitsi-meet/images/
sed -i "/location \/external_api.min.js/i \ \ \ \ location \~ \^\/avatar\/\(.\*\)\\\.png {" $WS_CONF sed -i "/location \/external_api.min.js/i \ \ \ \ location \~ \^\/avatar\/\(.\*\)\\\.png {" $WS_CONF
sed -i "/location \/external_api.min.js/i \ \ \ \ \ \ \ \ alias /usr/share/jitsi-meet/images/avatar2.png;" $WS_CONF sed -i "/location \/external_api.min.js/i \ \ \ \ \ \ \ \ alias /usr/share/jitsi-meet/images/avatar2.png;" $WS_CONF
@ -988,30 +1014,27 @@ if [ "$ENABLE_SA" = "yes" ] && [ -f $WS_CONF ]; then
fi fi
#nginx -tlsv1/1.1 #nginx -tlsv1/1.1
if [ "$DROP_TLS1" = "yes" ] && [ "$DIST" != "xenial" ];then if [ "$DROP_TLS1" = "yes" ] && [ "$DIST" != "xenial" ];then
echo -e "\nDropping TLSv1/1.1 in favor of v1.3" echo -e "\nDropping TLSv1/1.1 in favor of v1.3\n"
sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" /etc/nginx/nginx.conf sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" /etc/nginx/nginx.conf
#sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" $WS_CONF #sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" $WS_CONF
elif [ "$DROP_TLS1" = "yes" ] && [ "$DIST" = "xenial" ];then elif [ "$DROP_TLS1" = "yes" ] && [ "$DIST" = "xenial" ];then
echo -e "\nOnly dropping TLSv1/1.1" echo -e "\nOnly dropping TLSv1/1.1\n"
sed -i "s|TLSv1 TLSv1.1||" /etc/nginx/nginx.conf sed -i "s|TLSv1 TLSv1.1||" /etc/nginx/nginx.conf
sed -i "s| TLSv1.3||" $WS_CONF sed -i "s| TLSv1.3||" $WS_CONF
elif [ "$DROP_TLS1" = "no" ];then elif [ "$DROP_TLS1" = "no" ];then
echo "No TLSv1/1.1 dropping was done." echo -e "\nNo TLSv1/1.1 dropping was done.\n"
else else
echo "No condition meet, please report to echo "No condition meet, please report to
https://github.com/switnet-ltd/quick-jibri-installer/issues " https://github.com/switnet-ltd/quick-jibri-installer/issues "
fi fi
echo -e "\nDisable \"Blur my background\" until new notice\n"
sed -i "s|'videobackgroundblur', ||" $INT_CONF
#================== Setup prosody conf file ================= #================== Setup prosody conf file =================
###Setup secure rooms ###Setup secure rooms
if [ "$ENABLE_SC" = "yes" ]; then if [ "$ENABLE_SC" = "yes" ]; then
SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" $PROSODY_FILE | head -n1 | cut -d ":" -f1) SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" $PROSODY_FILE | awk -F ':' 'NR==1{print$1}')
SRP_END=$((SRP_STR + 10)) SRP_END=$((SRP_STR + 10))
sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"internal_plain\"|}" $PROSODY_FILE sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"internal_hashed\"|}" $PROSODY_FILE
sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" $MEET_CONF sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" $MEET_CONF
#Secure room initial user #Secure room initial user
@ -1042,15 +1065,10 @@ VirtualHost "guest.$DOMAIN"
authentication = "anonymous" authentication = "anonymous"
c2s_require_encryption = false c2s_require_encryption = false
speakerstats_component = "speakerstats.$DOMAIN" speakerstats_component = "speakerstats.$DOMAIN"
-- conference_duration_component = "conferenceduration.$DOMAIN"
-- lobby_muc = "lobby.$DOMAIN"
main_muc = "conference.$DOMAIN" main_muc = "conference.$DOMAIN"
-- muc_lobby_whitelist = { "recorder.$DOMAIN", "auth.$DOMAIN" }
modules_enabled = { modules_enabled = {
"speakerstats"; "speakerstats";
-- "conference_duration";
-- "muc_lobby_rooms";
} }
P_SR P_SR
@ -1070,6 +1088,12 @@ if [ "$ENABLE_WELCP" = "yes" ]; then
elif [ "$ENABLE_WELCP" = "no" ]; then elif [ "$ENABLE_WELCP" = "no" ]; then
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: true,|" $MEET_CONF sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: true,|" $MEET_CONF
fi fi
#Enable close page
if [ "$ENABLE_CLOCP" = "yes" ]; then
sed -i "s|.*enableClosePage:.*| enableClosePage: true,|" $MEET_CONF
elif [ "$ENABLE_CLOCP" = "no" ]; then
sed -i "s|.*enableClosePage:.*| enableClosePage: false,|" $MEET_CONF
fi
#Set displayname as not required since jibri can't set it up. #Set displayname as not required since jibri can't set it up.
sed -i "s|// requireDisplayName: true,|requireDisplayName: false,|" $MEET_CONF sed -i "s|// requireDisplayName: true,|requireDisplayName: false,|" $MEET_CONF

View File

@ -154,7 +154,7 @@ if [ -z $SND_AL_MODULE ]; then
please try rebooting.\nFor now wait 'til the end of the recommended kernel installation." please try rebooting.\nFor now wait 'til the end of the recommended kernel installation."
echo "# Check and Install HWE kernel if possible..." echo "# Check and Install HWE kernel if possible..."
if uname -r | grep -q aws;then if uname -r | grep -q aws;then
KNL_HWE="$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr)|awk 'NR__1{print$3}'|cut -d "." -f1-4)" KNL_HWE="$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr)|awk 'NR==1{print$3}'|cut -d "." -f1-4)"
KNL_MENU="$(awk -F\' '/menuentry / {print $2}' /boot/grub/grub.cfg|awk '!/recovery/&&/generic/{print$3,$4}'|grep $KNL_HWE)" KNL_MENU="$(awk -F\' '/menuentry / {print $2}' /boot/grub/grub.cfg|awk '!/recovery/&&/generic/{print$3,$4}'|grep $KNL_HWE)"
if [ ! -z "$KNL_MENU" ];then if [ ! -z "$KNL_MENU" ];then
echo -e "\nSeems you are using an AWS kernel \xE2\x9C\x96 <== IMPORTANT! \nYou might consider modify your grub (/etc/default/grub) to use the following:" && \ echo -e "\nSeems you are using an AWS kernel \xE2\x9C\x96 <== IMPORTANT! \nYou might consider modify your grub (/etc/default/grub) to use the following:" && \