commit
4fcaa2a5ee
13
README.md
13
README.md
|
@ -2,23 +2,28 @@
|
||||||
Bash installer for Jibri on *buntu LTS based systems
|
Bash installer for Jibri on *buntu LTS based systems
|
||||||
|
|
||||||
## Features
|
## Features
|
||||||
* Enabled Local (audio) recording using flac
|
|
||||||
* Enabled Session (video) Recording using Jibri
|
* Enabled Session (video) Recording using Jibri
|
||||||
* Enabled Jitsi Electron app detection server side.
|
* Enabled Jitsi Electron app detection server side.
|
||||||
* Standalone SSL Certbot/LE implementation
|
* Standalone SSL Certbot/LE implementation
|
||||||
|
* Option to enable Local audio recording using flac.
|
||||||
* Option to enable Secure Rooms
|
* Option to enable Secure Rooms
|
||||||
* Option to enable Welcome Page
|
* Option to enable Welcome Page
|
||||||
* Option to setup UI language
|
* Option to setup UI language
|
||||||
* (New) Jigasi Transcript - Speech to Text powered by Google API
|
* Jigasi Transcript - Speech to Text powered by Google API
|
||||||
|
* (New) JRA (Jibri Recordings Access) via Nextcloud
|
||||||
|
* (New) Customized brandless mode
|
||||||
|
* (New) Improved recurring updater
|
||||||
|
|
||||||
## Requirements
|
## Requirements
|
||||||
* Valid domain with DNS already set (preferably).
|
* Valid domain with DNS record.
|
||||||
* Minimum recommended for video recording: 4 GB RAM / 4 Cores.
|
* Minimum recommended for video recording: 4 GB RAM / 4 Cores.
|
||||||
* Dropbox developer App key & redirect url configured (if you choose to enable Dropbox upload).
|
* Dropbox developer App key & redirect url configured (if you choose to enable Dropbox upload).
|
||||||
* Webcam
|
* Webcam
|
||||||
### Jigasi Transcript
|
### Jigasi Transcript
|
||||||
* SIP account
|
* SIP account
|
||||||
* Google Cloud Account with Billing setup.
|
* Google Cloud Account with Billing setup.
|
||||||
|
### Jibri Recodings Access via Nextcloud
|
||||||
|
* Valid domain with DNS record for Nextcloud SSL.
|
||||||
|
|
||||||
## Custom changes
|
## Custom changes
|
||||||
* Start with video muted by default
|
* Start with video muted by default
|
||||||
|
@ -28,4 +33,4 @@ Bash installer for Jibri on *buntu LTS based systems
|
||||||
|
|
||||||
Please note: This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY.
|
Please note: This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY.
|
||||||
|
|
||||||
SwITNet Ltd © - 2019, https://switnet.net/
|
SwITNet Ltd © - 2020, https://switnet.net/
|
||||||
|
|
|
@ -0,0 +1,23 @@
|
||||||
|
[
|
||||||
|
{
|
||||||
|
"mount_id": 1,
|
||||||
|
"mount_point": "\/Jitsi Record",
|
||||||
|
"storage": "\\OC\\Files\\Storage\\Local",
|
||||||
|
"authentication_type": "null::null",
|
||||||
|
"configuration": {
|
||||||
|
"datadir": "\/var\/jbrecord"
|
||||||
|
},
|
||||||
|
"options": {
|
||||||
|
"encrypt": true,
|
||||||
|
"previews": true,
|
||||||
|
"enable_sharing": false,
|
||||||
|
"filesystem_check_changes": 1,
|
||||||
|
"encoding_compatibility": false,
|
||||||
|
"readonly": false
|
||||||
|
},
|
||||||
|
"applicable_users": [],
|
||||||
|
"applicable_groups": [
|
||||||
|
"admin"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
|
@ -0,0 +1,24 @@
|
||||||
|
--- Compiler.php 2020-03-11 08:52:46.000000000 -0600
|
||||||
|
+++ Compiler-fixed.php 2020-04-04 06:56:43.175786008 -0600
|
||||||
|
@@ -5211,10 +5211,10 @@
|
||||||
|
return new Node\Number(strlen($stringContent), '');
|
||||||
|
}
|
||||||
|
|
||||||
|
- protected static $libStrSlice = ['string', 'start-at', 'end-at'];
|
||||||
|
+ protected static $libStrSlice = ['string', 'start-at', 'end-at:-1'];
|
||||||
|
protected function libStrSlice($args)
|
||||||
|
{
|
||||||
|
- if (isset($args[2]) && $args[2][1] == 0) {
|
||||||
|
+ if (isset($args[2]) && ! $args[2][1]) {
|
||||||
|
return static::$nullString;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -5227,7 +5227,7 @@
|
||||||
|
$start--;
|
||||||
|
}
|
||||||
|
|
||||||
|
- $end = (int) $args[2][1];
|
||||||
|
+ $end = isset($args[2]) ? (int) $args[2][1] : -1;
|
||||||
|
$length = $end < 0 ? $end + 1 : ($end > 0 ? $end - $start : $end);
|
||||||
|
|
||||||
|
$string[2] = $length
|
Binary file not shown.
After Width: | Height: | Size: 16 KiB |
Binary file not shown.
After Width: | Height: | Size: 326 B |
Binary file not shown.
After Width: | Height: | Size: 169 B |
10
jigasi.sh
10
jigasi.sh
|
@ -1,6 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
# Quick Jigasi Installer - *buntu 16.04 (LTS) based systems.
|
# Quick Jigasi Installer - *buntu (LTS) based systems.
|
||||||
# SwITNet Ltd © - 2019, https://switnet.net/
|
# SwITNet Ltd © - 2020, https://switnet.net/
|
||||||
# GPLv3 or later.
|
# GPLv3 or later.
|
||||||
|
|
||||||
##################### Whistlist #######################
|
##################### Whistlist #######################
|
||||||
|
@ -208,8 +208,10 @@ sed -i "/xmpp.acc.ANONYMOUS_AUTH/ s|# ||" $JIG_SIP_PROP
|
||||||
|
|
||||||
prosodyctl register transcript auth.$DOMAIN jigasi
|
prosodyctl register transcript auth.$DOMAIN jigasi
|
||||||
|
|
||||||
systemctl restart prosody ji*
|
systemctl restart prosody \
|
||||||
|
jicofo \
|
||||||
|
jibri* \
|
||||||
|
jitsi-videobridge*
|
||||||
echo "
|
echo "
|
||||||
To test, you need to enable subtitles beforehand then invite \
|
To test, you need to enable subtitles beforehand then invite \
|
||||||
\"jitsi_meet_transcribe\" to the meeting (no quotes).
|
\"jitsi_meet_transcribe\" to the meeting (no quotes).
|
||||||
|
|
|
@ -1,19 +1,24 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
# Jitsi Meet upgrade and custom keeper for Debian/*buntu binaries.
|
# Jitsi Meet recurring upgrader and customization keeper
|
||||||
# 2019 - SwITNet Ltd
|
# for Debian/*buntu binaries.
|
||||||
|
# 2020 - SwITNet Ltd
|
||||||
# GNU GPLv3 or later.
|
# GNU GPLv3 or later.
|
||||||
|
|
||||||
Blue='\e[0;34m'
|
Blue='\e[0;34m'
|
||||||
Purple='\e[0;35m'
|
Purple='\e[0;35m'
|
||||||
|
Green='\e[0;32m'
|
||||||
|
Yellow='\e[0;33m'
|
||||||
Color_Off='\e[0m'
|
Color_Off='\e[0m'
|
||||||
support="https://switnet.net/support"
|
support="https://switnet.net/support"
|
||||||
apt_repo="/etc/apt/sources.list.d"
|
apt_repo="/etc/apt/sources.list.d"
|
||||||
jibri_packages=$(grep Package /var/lib/apt/lists/download.jitsi.org_*_Packages | sort -u | awk '{print $2}' | paste -s -d ' ')
|
jibri_packages=$(grep Package /var/lib/apt/lists/download.jitsi.org_*_Packages | sort -u | awk '{print $2}' | paste -s -d ' ')
|
||||||
LocRec="on"
|
LOC_REC="TBD"
|
||||||
|
ENABLE_BLESSM="TBD"
|
||||||
CHD_LST=$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)
|
CHD_LST=$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)
|
||||||
CHDB=$(whereis chromedriver | awk '{print$2}')
|
CHDB=$(whereis chromedriver | awk '{print$2}')
|
||||||
DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
|
DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
|
||||||
INT_CONF=/usr/share/jitsi-meet/interface_config.js
|
INT_CONF=/usr/share/jitsi-meet/interface_config.js
|
||||||
|
AVATAR="$(grep -r avatar /etc/nginx/sites-*/ 2>/dev/null)"
|
||||||
if [ -f $apt_repo/google-chrome.list ]; then
|
if [ -f $apt_repo/google-chrome.list ]; then
|
||||||
google_package=$(grep Package /var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages | sort -u | cut -d ' ' -f2 | paste -s -d ' ')
|
google_package=$(grep Package /var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages | sort -u | cut -d ' ' -f2 | paste -s -d ' ')
|
||||||
else
|
else
|
||||||
|
@ -102,12 +107,18 @@ else
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Any customization, image, name or link change for any purpose should
|
||||||
|
# be documented here so new updates won't remove those changes.
|
||||||
|
# We divide them on UI changes and branding changes, feel free to adapt
|
||||||
|
# to your needs.
|
||||||
|
#
|
||||||
|
# Please keep in mind that fees to support for customization changes
|
||||||
|
# may apply.
|
||||||
########################################################################
|
########################################################################
|
||||||
# Keeping changes #
|
# User interface changes #
|
||||||
########################################################################
|
########################################################################
|
||||||
printf "${Purple}========== Setting Static Avatar ==========${Color_Off}\n"
|
printf "${Purple}========== Setting Static Avatar ==========${Color_Off}\n"
|
||||||
avatar="$(grep -r avatar /etc/*/sites-*/ 2>/dev/null)"
|
if [[ -z $AVATAR ]]; then
|
||||||
if [[ -z $avatar ]]; then
|
|
||||||
echo "Moving on..."
|
echo "Moving on..."
|
||||||
else
|
else
|
||||||
echo "Setting Static Avatar"
|
echo "Setting Static Avatar"
|
||||||
|
@ -124,7 +135,7 @@ else
|
||||||
fi
|
fi
|
||||||
|
|
||||||
printf "${Purple}========== Re-enable Localrecording ==========${Color_Off}\n"
|
printf "${Purple}========== Re-enable Localrecording ==========${Color_Off}\n"
|
||||||
if [ $LocRec = on ]; then
|
if [ $LOC_REC = on ]; then
|
||||||
echo "Setting LocalRecording..."
|
echo "Setting LocalRecording..."
|
||||||
sed -i "s|'tileview'|'tileview', 'localrecording'|" $INT_CONF
|
sed -i "s|'tileview'|'tileview', 'localrecording'|" $INT_CONF
|
||||||
else
|
else
|
||||||
|
@ -135,4 +146,12 @@ printf "${Purple}========== Disable Blur my background ==========${Color_Off}\n
|
||||||
sed -i "s|'videobackgroundblur', ||" $INT_CONF
|
sed -i "s|'videobackgroundblur', ||" $INT_CONF
|
||||||
|
|
||||||
restart_services
|
restart_services
|
||||||
|
|
||||||
|
|
||||||
|
########################################################################
|
||||||
|
# Brandless mode #
|
||||||
|
########################################################################
|
||||||
|
if [ $ENABLE_BLESSM = on ]; then
|
||||||
|
bash $PWD/jm-bm.sh
|
||||||
|
fi
|
||||||
printf "${Blue}Script completed \o/! ${Color_Off}\n"
|
printf "${Blue}Script completed \o/! ${Color_Off}\n"
|
||||||
|
|
|
@ -0,0 +1,54 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# Jitsi Meet brandless mode
|
||||||
|
# for Debian/*buntu binaries.
|
||||||
|
# 2020 - SwITNet Ltd
|
||||||
|
# GNU GPLv3 or later.
|
||||||
|
|
||||||
|
CSS_FILE="/usr/share/jitsi-meet/css/all.css"
|
||||||
|
TITLE_FILE="/usr/share/jitsi-meet/title.html"
|
||||||
|
INT_CONF="/usr/share/jitsi-meet/interface_config.js"
|
||||||
|
#
|
||||||
|
JM_IMG_PATH="/usr/share/jitsi-meet/images/"
|
||||||
|
WTM2_PATH="$JM_IMG_PATH/watermark2.png"
|
||||||
|
FICON_PATH="$JM_IMG_PATH/favicon2.ico"
|
||||||
|
#
|
||||||
|
APP_NAME="Conferences"
|
||||||
|
PART_USER="Participant"
|
||||||
|
echo '
|
||||||
|
#--------------------------------------------------
|
||||||
|
# Applying Brandless mode
|
||||||
|
#--------------------------------------------------
|
||||||
|
'
|
||||||
|
#Watermark
|
||||||
|
if [ ! -f $WTM2_PATH ]; then
|
||||||
|
cp images/watermark2.png $WTM2_PATH
|
||||||
|
else
|
||||||
|
echo "watermark2 file exists, skipping copying..."
|
||||||
|
fi
|
||||||
|
#Favicon
|
||||||
|
if [ ! -f $FICON_PATH ]; then
|
||||||
|
cp images/favicon2.ico $FICON_PATH
|
||||||
|
else
|
||||||
|
echo "favicon2 file exists, skipping copying..."
|
||||||
|
fi
|
||||||
|
|
||||||
|
#Custom / Remove icons
|
||||||
|
sed -i "s|watermark.png|watermark2.png|g" $CSS_FILE
|
||||||
|
sed -i "s|favicon.ico|favicon2.ico|g" $TITLE_FILE
|
||||||
|
sed -i "s|jitsilogo.png|watermark2.png|g" $TITLE_FILE
|
||||||
|
|
||||||
|
#Disable logo and url
|
||||||
|
sed -i "s|.leftwatermark{|.leftwatermark{display:none;|" $CSS_FILE
|
||||||
|
|
||||||
|
#Customize room title
|
||||||
|
sed -i "s|Jitsi Meet|$APP_NAME|g" $TITLE_FILE
|
||||||
|
sed -i "s| powered by the Jitsi Videobridge||g" $TITLE_FILE
|
||||||
|
sed -i "21,32 s|Jitsi Meet|$APP_NAME|g" $INT_CONF
|
||||||
|
|
||||||
|
#Custom UI changes
|
||||||
|
echo "
|
||||||
|
Please note that brandless mode will also overwrite support links.
|
||||||
|
"
|
||||||
|
sed -i "s|Fellow Jitster|$PART_USER|g" $INT_CONF
|
||||||
|
sed -i "s|LIVE_STREAMING_HELP_LINK: .*|LIVE_STREAMING_HELP_LINK: '#',|g" $INT_CONF
|
||||||
|
sed -i "s|SUPPORT_URL: .*|SUPPORT_URL: '#',|g" $INT_CONF
|
|
@ -0,0 +1,372 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# JRA (Jibri Recordings Access) via Nextcloud
|
||||||
|
# SwITNet Ltd © - 2020, https://switnet.net/
|
||||||
|
# GPLv3 or later.
|
||||||
|
if ! [ $(id -u) = 0 ]; then
|
||||||
|
echo "You need to be root or have sudo privileges!"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
clear
|
||||||
|
echo '
|
||||||
|
########################################################################
|
||||||
|
Jibri Recordings Access via Nextcloud
|
||||||
|
########################################################################
|
||||||
|
by Software, IT & Networks Ltd
|
||||||
|
'
|
||||||
|
read -p "Please enter the domain to use for Nextcloud: " -r NC_DOMAIN
|
||||||
|
read -p "Nextcloud user: " -r NC_USER
|
||||||
|
read -p "Nextcloud user password: " -r NC_PASS
|
||||||
|
|
||||||
|
DISTRO_RELEASE=$(lsb_release -sc)
|
||||||
|
PHPVER=7.4
|
||||||
|
MDBVER=10.4
|
||||||
|
PHP_FPM_DIR=/etc/php/$PHPVER/fpm
|
||||||
|
PHP_INI=$PHP_FPM_DIR/php.ini
|
||||||
|
NC_REPO="https://download.nextcloud.com/server/releases"
|
||||||
|
NCVERSION=$(curl -s -m 900 $NC_REPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)
|
||||||
|
STABLEVERSION="nextcloud-$NCVERSION"
|
||||||
|
NC_PATH="/var/www/nextcloud"
|
||||||
|
NC_CONFIG="$NC_PATH/config/config.php"
|
||||||
|
NC_DB_USER="nextcloud_user"
|
||||||
|
NC_DB="nextcloud_db"
|
||||||
|
NC_DB_PASSWD="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)"
|
||||||
|
DIR_RECORD="$(grep -nr RECORDING /home/jibri/finalize_recording.sh|head -n1|cut -d "=" -f2)"
|
||||||
|
|
||||||
|
exit_ifinstalled() {
|
||||||
|
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
|
||||||
|
echo " This instance already has $1 installed, exiting..."
|
||||||
|
echo " Please report to:
|
||||||
|
-> https://github.com/switnet-ltd/quick-jibri-installer/issues "
|
||||||
|
exit
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
install_ifnot() {
|
||||||
|
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
|
||||||
|
echo " $1 is installed, skipping..."
|
||||||
|
else
|
||||||
|
echo -e "\n---- Installing $1 ----"
|
||||||
|
apt -yqq install $1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
add_mariadb() {
|
||||||
|
if [ "$(dpkg-query -W -f='${Status}' "mariadb-server" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
|
||||||
|
echo "MariaDB already installed"
|
||||||
|
else
|
||||||
|
echo "# Adding MariaDB $MDBVER repository"
|
||||||
|
apt-key adv --recv-keys --keyserver keyserver.ubuntu.com C74CD1D8
|
||||||
|
echo "deb [arch=amd64] http://ftp.ddg.lth.se/mariadb/repo/$MDBVER/ubuntu $DISTRO_RELEASE main" > /etc/apt/sources.list.d/mariadb.list
|
||||||
|
apt update -qq
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
add_php74() {
|
||||||
|
if [ "$(dpkg-query -W -f='${Status}' "php$PHPVER-fpm" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
|
||||||
|
echo "PHP $PHPVER already installed"
|
||||||
|
else
|
||||||
|
echo "# Adding PHP $PHPVER Repository"
|
||||||
|
apt-key adv --recv-keys --keyserver keyserver.ubuntu.com E5267A6C
|
||||||
|
echo "deb [arch=amd64] http://ppa.launchpad.net/ondrej/php/ubuntu $DISTRO_RELEASE main" > /etc/apt/sources.list.d/php7x.list
|
||||||
|
apt update -qq
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
exit_ifinstalled mariadb-server
|
||||||
|
|
||||||
|
## Install software requirements
|
||||||
|
# MariaDB
|
||||||
|
add_mariadb
|
||||||
|
install_ifnot mariadb-server-$MDBVER
|
||||||
|
|
||||||
|
# PHP 7.4
|
||||||
|
add_php74
|
||||||
|
apt install -y \
|
||||||
|
php$PHPVER-fpm \
|
||||||
|
php$PHPVER-bz2 \
|
||||||
|
php$PHPVER-curl \
|
||||||
|
php$PHPVER-gd \
|
||||||
|
php$PHPVER-gmp \
|
||||||
|
php$PHPVER-intl \
|
||||||
|
php$PHPVER-json \
|
||||||
|
php$PHPVER-ldap \
|
||||||
|
php$PHPVER-mbstring \
|
||||||
|
php$PHPVER-mysql \
|
||||||
|
php$PHPVER-soap \
|
||||||
|
php$PHPVER-xml \
|
||||||
|
php$PHPVER-xmlrpc \
|
||||||
|
php$PHPVER-zip \
|
||||||
|
php-imagick
|
||||||
|
|
||||||
|
#System related
|
||||||
|
install_ifnot smbclient
|
||||||
|
sed -i "s|.*env\[HOSTNAME\].*|env\[HOSTNAME\] = \$HOSTNAME|" /etc/php/$PHPVER/fpm/pool.d/www.conf
|
||||||
|
sed -i "s|.*env\[PATH\].*|env\[PATH\] = /usr/local/bin:/usr/bin:/bin|" /etc/php/$PHPVER/fpm/pool.d/www.conf
|
||||||
|
sed -i "s|.*env\[TMP\].*|env\[TMP\] = /tmp|" /etc/php/$PHPVER/fpm/pool.d/www.conf
|
||||||
|
sed -i "s|.*env\[TMPDIR\].*|env\[TMPDIR\] = /tmp|" /etc/php/$PHPVER/fpm/pool.d/www.conf
|
||||||
|
sed -i "s|.*env\[TEMP\].*|env\[TEMP\] = /tmp|" /etc/php/$PHPVER/fpm/pool.d/www.conf
|
||||||
|
sed -i "s|;clear_env = no|clear_env = no|" /etc/php/$PHPVER/fpm/pool.d/www.conf
|
||||||
|
|
||||||
|
echo "
|
||||||
|
Tunning PHP.ini...
|
||||||
|
"
|
||||||
|
# Change values in php.ini (increase max file size)
|
||||||
|
# max_execution_time
|
||||||
|
sed -i "s|max_execution_time =.*|max_execution_time = 3500|g" "$PHP_INI"
|
||||||
|
# max_input_time
|
||||||
|
sed -i "s|max_input_time =.*|max_input_time = 3600|g" "$PHP_INI"
|
||||||
|
# memory_limit
|
||||||
|
sed -i "s|memory_limit =.*|memory_limit = 512M|g" "$PHP_INI"
|
||||||
|
# post_max
|
||||||
|
sed -i "s|post_max_size =.*|post_max_size = 1025M|g" "$PHP_INI"
|
||||||
|
# upload_max
|
||||||
|
sed -i "s|upload_max_filesize =.*|upload_max_filesize = 1024M|g" "$PHP_INI"
|
||||||
|
|
||||||
|
phpenmod opcache
|
||||||
|
{
|
||||||
|
|
||||||
|
echo "# OPcache settings for Nextcloud"
|
||||||
|
echo "opcache.enable=1"
|
||||||
|
echo "opcache.enable_cli=1"
|
||||||
|
echo "opcache.interned_strings_buffer=8"
|
||||||
|
echo "opcache.max_accelerated_files=10000"
|
||||||
|
echo "opcache.memory_consumption=256"
|
||||||
|
echo "opcache.save_comments=1"
|
||||||
|
echo "opcache.revalidate_freq=1"
|
||||||
|
echo "opcache.validate_timestamps=1"
|
||||||
|
} >> "$PHP_INI"
|
||||||
|
|
||||||
|
systemctl restart php$PHPVER-fpm.service
|
||||||
|
|
||||||
|
#--------------------------------------------------
|
||||||
|
# Create MySQL user
|
||||||
|
#--------------------------------------------------
|
||||||
|
|
||||||
|
echo -e "\n---- Creating the MariaDB User ----"
|
||||||
|
|
||||||
|
mysql -u root <<DB
|
||||||
|
CREATE DATABASE nextcloud_db;
|
||||||
|
CREATE USER ${NC_DB_USER}@localhost IDENTIFIED BY '${NC_DB_PASSWD}';
|
||||||
|
GRANT ALL PRIVILEGES ON ${NC_DB}.* TO '${NC_DB_USER}'@'localhost';
|
||||||
|
FLUSH PRIVILEGES;
|
||||||
|
DB
|
||||||
|
echo "Done!
|
||||||
|
"
|
||||||
|
#Tune MariaDB
|
||||||
|
#mysql_secure_installation
|
||||||
|
|
||||||
|
#nginx - configuration
|
||||||
|
cat << NC_NGINX > /etc/nginx/sites-available/$NC_DOMAIN.conf
|
||||||
|
upstream php-handler {
|
||||||
|
#server 127.0.0.1:9000;
|
||||||
|
server unix:/run/php/php${PHPVER}-fpm.sock;
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
server_name $NC_DOMAIN;
|
||||||
|
# enforce https
|
||||||
|
return 301 https://\$server_name\$request_uri;
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 4444 ssl http2;
|
||||||
|
listen [::]:4444 ssl http2;
|
||||||
|
server_name $NC_DOMAIN;
|
||||||
|
|
||||||
|
ssl_certificate /etc/letsencrypt/live/$NC_DOMAIN/fullchain.pem;
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/$NC_DOMAIN/privkey.pem;
|
||||||
|
|
||||||
|
# Add headers to serve security related headers
|
||||||
|
# Before enabling Strict-Transport-Security headers please read into this
|
||||||
|
# topic first.
|
||||||
|
# add_header Strict-Transport-Security "max-age=15552000;
|
||||||
|
# includeSubDomains; preload;";
|
||||||
|
#
|
||||||
|
# WARNING: Only add the preload option once you read about
|
||||||
|
# the consequences in https://hstspreload.org/. This option
|
||||||
|
# will add the domain to a hardcoded list that is shipped
|
||||||
|
# in all major browsers and getting removed from this list
|
||||||
|
# could take several months.
|
||||||
|
add_header Referrer-Policy "no-referrer" always;
|
||||||
|
add_header X-Content-Type-Options "nosniff" always;
|
||||||
|
add_header X-Download-Options "noopen" always;
|
||||||
|
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||||
|
add_header X-Permitted-Cross-Domain-Policies "none" always;
|
||||||
|
add_header X-Robots-Tag "none" always;
|
||||||
|
add_header X-XSS-Protection "1; mode=block" always;
|
||||||
|
|
||||||
|
# Path to the root of your installation
|
||||||
|
root $NC_PATH/;
|
||||||
|
|
||||||
|
location = /robots.txt {
|
||||||
|
allow all;
|
||||||
|
log_not_found off;
|
||||||
|
access_log off;
|
||||||
|
}
|
||||||
|
|
||||||
|
# The following 2 rules are only needed for the user_webfinger app.
|
||||||
|
# Uncomment it if you're planning to use this app.
|
||||||
|
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
|
||||||
|
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
|
||||||
|
# last;
|
||||||
|
|
||||||
|
location = /.well-known/carddav {
|
||||||
|
return 301 \$scheme://\$host/remote.php/dav;
|
||||||
|
}
|
||||||
|
location = /.well-known/caldav {
|
||||||
|
return 301 \$scheme://\$host/remote.php/dav;
|
||||||
|
}
|
||||||
|
location ~ /.well-known/acme-challenge {
|
||||||
|
allow all;
|
||||||
|
}
|
||||||
|
|
||||||
|
# set max upload size
|
||||||
|
client_max_body_size 1024M;
|
||||||
|
fastcgi_buffers 64 4K;
|
||||||
|
|
||||||
|
# Enable gzip but do not remove ETag headers
|
||||||
|
gzip on;
|
||||||
|
gzip_vary on;
|
||||||
|
gzip_comp_level 4;
|
||||||
|
gzip_min_length 256;
|
||||||
|
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
|
||||||
|
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
|
||||||
|
|
||||||
|
# Uncomment if your server is built with the ngx_pagespeed module
|
||||||
|
# This module is currently not supported.
|
||||||
|
#pagespeed off;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
rewrite ^ /index.php\$uri;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
|
||||||
|
deny all;
|
||||||
|
}
|
||||||
|
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
|
||||||
|
deny all;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:\$|/) {
|
||||||
|
fastcgi_split_path_info ^(.+\.php)(/.*)\$;
|
||||||
|
include fastcgi_params;
|
||||||
|
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
|
||||||
|
fastcgi_param PATH_INFO \$fastcgi_path_info;
|
||||||
|
fastcgi_param HTTPS on;
|
||||||
|
#Avoid sending the security headers twice
|
||||||
|
fastcgi_param modHeadersAvailable true;
|
||||||
|
fastcgi_param front_controller_active true;
|
||||||
|
fastcgi_pass php-handler;
|
||||||
|
fastcgi_intercept_errors on;
|
||||||
|
fastcgi_request_buffering off;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/(?:updater|ocs-provider)(?:\$|/) {
|
||||||
|
try_files \$uri/ =404;
|
||||||
|
index index.php;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Adding the cache control header for js and css files
|
||||||
|
# Make sure it is BELOW the PHP block
|
||||||
|
location ~ \.(?:css|js|woff|svg|gif)\$ {
|
||||||
|
try_files \$uri /index.php\$uri\$is_args\$args;
|
||||||
|
add_header Cache-Control "public, max-age=15778463";
|
||||||
|
# Add headers to serve security related headers (It is intended to
|
||||||
|
# have those duplicated to the ones above)
|
||||||
|
# Before enabling Strict-Transport-Security headers please read into
|
||||||
|
# this topic first.
|
||||||
|
# add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
|
||||||
|
#
|
||||||
|
# WARNING: Only add the preload option once you read about
|
||||||
|
# the consequences in https://hstspreload.org/. This option
|
||||||
|
# will add the domain to a hardcoded list that is shipped
|
||||||
|
# in all major browsers and getting removed from this list
|
||||||
|
# could take several months.
|
||||||
|
add_header Referrer-Policy "no-referrer" always;
|
||||||
|
add_header X-Content-Type-Options "nosniff" always;
|
||||||
|
add_header X-Download-Options "noopen" always;
|
||||||
|
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||||
|
add_header X-Permitted-Cross-Domain-Policies "none" always;
|
||||||
|
add_header X-Robots-Tag "none" always;
|
||||||
|
add_header X-XSS-Protection "1; mode=block" always;
|
||||||
|
# Optional: Don't log access to assets
|
||||||
|
access_log off;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ \.(?:png|html|ttf|ico|jpg|jpeg)\$ {
|
||||||
|
try_files \$uri /index.php\$uri\$is_args\$args;
|
||||||
|
# Optional: Don't log access to other assets
|
||||||
|
access_log off;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
NC_NGINX
|
||||||
|
systemctl stop nginx
|
||||||
|
letsencrypt certonly --standalone --renew-by-default --agree-tos -d $NC_DOMAIN
|
||||||
|
if [ -f /etc/letsencrypt/live/$NC_DOMAIN/fullchain.pem ];then
|
||||||
|
ln -s /etc/nginx/sites-available/$NC_DOMAIN.conf /etc/nginx/sites-enabled/
|
||||||
|
else
|
||||||
|
echo "There are issues on getting the SSL certs..."
|
||||||
|
read -n 1 -s -r -p "Press any key to continue"
|
||||||
|
fi
|
||||||
|
nginx -t
|
||||||
|
systemctl restart nginx
|
||||||
|
|
||||||
|
echo "
|
||||||
|
Latest version to be installed: $STABLEVERSION
|
||||||
|
"
|
||||||
|
curl -s $NC_REPO/$STABLEVERSION.zip > /tmp/$STABLEVERSION.zip
|
||||||
|
unzip -q /tmp/$STABLEVERSION.zip
|
||||||
|
mv nextcloud $NC_PATH
|
||||||
|
|
||||||
|
chown -R www-data:www-data $NC_PATH
|
||||||
|
chmod -R 755 $NC_PATH
|
||||||
|
|
||||||
|
if $(dpkg --compare-versions "$NCVERSION" "le" "18.0.3"); then
|
||||||
|
echo "
|
||||||
|
-> Patching #425 (scssphp/src/Compiler.php)..."
|
||||||
|
sudo -u www-data patch -d "$NC_PATH/3rdparty/leafo/scssphp/src/" -p0 < $PWD/files/patch_425_3dty.patch
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "
|
||||||
|
Database installation...
|
||||||
|
"
|
||||||
|
sudo -u www-data php $NC_PATH/occ maintenance:install \
|
||||||
|
--database=mysql \
|
||||||
|
--database-name="$NC_DB" \
|
||||||
|
--database-user="$NC_DB_USER" \
|
||||||
|
--database-pass="$NC_DB_PASSWD" \
|
||||||
|
--admin-user="$NC_USER" \
|
||||||
|
--admin-pass="$NC_PASS"
|
||||||
|
|
||||||
|
echo "
|
||||||
|
Prevent demo data on accounts and custom mods...
|
||||||
|
"
|
||||||
|
sed -i "/datadirectory/a \ \ \'skeletondirectory\' => \'\'," $NC_CONFIG
|
||||||
|
sed -i "/skeletondirectory/a \ \ \'simpleSignUpLink.shown\' => false," $NC_CONFIG
|
||||||
|
sed -i "/simpleSignUpLink.shown/a \ \ \'knowledgebaseenabled\' => false," $NC_CONFIG
|
||||||
|
sed -i "s|http://localhost|http://$NC_DOMAIN|" $NC_CONFIG
|
||||||
|
|
||||||
|
echo "
|
||||||
|
Addding & Setting up Files External App for Local storage...
|
||||||
|
"
|
||||||
|
sudo -u www-data php $NC_PATH/occ app:install files_external
|
||||||
|
sudo -u www-data php $NC_PATH/occ app:enable files_external
|
||||||
|
sudo -u www-data php $NC_PATH/occ files_external:import $PWD/files/jra-nc-app-ef.json
|
||||||
|
|
||||||
|
usermod -a -G jibri www-data
|
||||||
|
chown -R jibri:www-data $DIR_RECORD
|
||||||
|
chmod -R 770 $DIR_RECORD
|
||||||
|
chmod -R g+s $DIR_RECORD
|
||||||
|
|
||||||
|
echo "
|
||||||
|
Fixing possible missing tables...
|
||||||
|
"
|
||||||
|
echo "y"|sudo -u www-data php $NC_PATH/occ db:convert-filecache-bigint
|
||||||
|
sudo -u www-data php $NC_PATH/occ db:add-missing-indices
|
||||||
|
|
||||||
|
echo "
|
||||||
|
Adding trusted domain...
|
||||||
|
"
|
||||||
|
sudo -u www-data php $NC_PATH/occ config:system:set trusted_domains 0 --value=$NC_DOMAIN
|
||||||
|
|
||||||
|
echo "Quick Nextcloud installation complete!"
|
|
@ -1,6 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
# Quick Jibri Installer - *buntu 16.04 (LTS) based systems.
|
# Quick Jibri Installer - *buntu (LTS) based systems.
|
||||||
# SwITNet Ltd © - 2019, https://switnet.net/
|
# SwITNet Ltd © - 2020, https://switnet.net/
|
||||||
# GPLv3 or later.
|
# GPLv3 or later.
|
||||||
{
|
{
|
||||||
echo "Started at $(date +'%Y-%m-%d %H:%M:%S')" >> qj-installer.log
|
echo "Started at $(date +'%Y-%m-%d %H:%M:%S')" >> qj-installer.log
|
||||||
|
@ -20,7 +20,7 @@ set -x
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# SYSTEM SETUP
|
# SYSTEM SETUP
|
||||||
JITSI_UNS_REPO=$(apt-cache policy | grep http | grep jitsi | grep unstable | awk '{print $3}' | head -n 1 | cut -d "/" -f 1)
|
JITSI_STBL_REPO=$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f 1)
|
||||||
CERTBOT_REPO=$(apt-cache policy | grep http | grep certbot | head -n 1 | awk '{print $2}' | cut -d "/" -f 4)
|
CERTBOT_REPO=$(apt-cache policy | grep http | grep certbot | head -n 1 | awk '{print $2}' | cut -d "/" -f 4)
|
||||||
APACHE_2=$(dpkg-query -W -f='${Status}' apache2 2>/dev/null | grep -c "ok installed")
|
APACHE_2=$(dpkg-query -W -f='${Status}' apache2 2>/dev/null | grep -c "ok installed")
|
||||||
NGINX=$(dpkg-query -W -f='${Status}' nginx 2>/dev/null | grep -c "ok installed")
|
NGINX=$(dpkg-query -W -f='${Status}' nginx 2>/dev/null | grep -c "ok installed")
|
||||||
|
@ -30,6 +30,9 @@ GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list"
|
||||||
if [ $DIST = flidas ]; then
|
if [ $DIST = flidas ]; then
|
||||||
DIST="xenial"
|
DIST="xenial"
|
||||||
fi
|
fi
|
||||||
|
if [ $DIST = etiona ]; then
|
||||||
|
DIST="bionic"
|
||||||
|
fi
|
||||||
install_ifnot() {
|
install_ifnot() {
|
||||||
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
|
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
|
||||||
echo " $1 is installed, skipping..."
|
echo " $1 is installed, skipping..."
|
||||||
|
@ -39,14 +42,15 @@ if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" =
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
check_serv() {
|
check_serv() {
|
||||||
if [ "$APACHE_2" -eq 1 ] || [ "$NGINX" -eq 1 ]; then
|
if [ "$APACHE_2" -eq 1 ]; then
|
||||||
echo "
|
echo "
|
||||||
Webserver already installed!
|
The recommended setup is using NGINX, exiting...
|
||||||
"
|
"
|
||||||
elif [ "$APACHE_2" -eq 1 ] && [ "$NGINX" -eq 0 ]; then
|
exit
|
||||||
|
elif [ "$NGINX" -eq 1 ]; then
|
||||||
|
|
||||||
echo "
|
echo "
|
||||||
Apache webserver already installed!
|
Webserver already installed!
|
||||||
"
|
"
|
||||||
|
|
||||||
else
|
else
|
||||||
|
@ -60,10 +64,18 @@ check_snd_driver() {
|
||||||
modprobe snd-aloop
|
modprobe snd-aloop
|
||||||
echo "snd-aloop" >> /etc/modules
|
echo "snd-aloop" >> /etc/modules
|
||||||
if [ "$(lsmod | grep snd_aloop | head -n 1 | cut -d " " -f1)" = "snd_aloop" ]; then
|
if [ "$(lsmod | grep snd_aloop | head -n 1 | cut -d " " -f1)" = "snd_aloop" ]; then
|
||||||
echo "Audio driver seems ok."
|
echo "
|
||||||
|
#--------------------------------------------------
|
||||||
|
# Audio driver seems - OK.
|
||||||
|
#--------------------------------------------------"
|
||||||
else
|
else
|
||||||
echo "Seems to be an issue with your audio driver, please fix this before continue."
|
echo "
|
||||||
#exit
|
#--------------------------------------------------
|
||||||
|
# Seems to be an issue with your audio driver,
|
||||||
|
# please review your hw setup.
|
||||||
|
#--------------------------------------------------"
|
||||||
|
read -n 1 -s -r -p "Press any key to continue...
|
||||||
|
"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
update_certbot() {
|
update_certbot() {
|
||||||
|
@ -72,8 +84,8 @@ update_certbot() {
|
||||||
Cerbot repository already on the system!
|
Cerbot repository already on the system!
|
||||||
Checking for updates...
|
Checking for updates...
|
||||||
"
|
"
|
||||||
apt -qq update
|
apt -q2 update
|
||||||
apt -yqq dist-upgrade
|
apt -yq2 dist-upgrade
|
||||||
else
|
else
|
||||||
echo "
|
echo "
|
||||||
Adding cerbot (formerly letsencrypt) PPA repository for latest updates
|
Adding cerbot (formerly letsencrypt) PPA repository for latest updates
|
||||||
|
@ -91,20 +103,43 @@ echo '
|
||||||
Welcome to Jitsi/Jibri Installer
|
Welcome to Jitsi/Jibri Installer
|
||||||
########################################################################
|
########################################################################
|
||||||
by Software, IT & Networks Ltd
|
by Software, IT & Networks Ltd
|
||||||
|
|
||||||
|
Featuring:
|
||||||
|
- Jibri Recording and YouTube Streaming
|
||||||
|
- Jibri Recordings Access via Nextcloud
|
||||||
|
- Jigasi Transcription
|
||||||
|
- Customized brandless mode
|
||||||
|
- Recurring changes updater
|
||||||
|
|
||||||
|
See more at: https://github.com/switnet-ltd/quick-jibri-installer/
|
||||||
'
|
'
|
||||||
|
read -n 1 -s -r -p "Press any key to continue..."
|
||||||
|
|
||||||
#Check if user is root
|
#Check if user is root
|
||||||
if ! [ $(id -u) = 0 ]; then
|
if ! [ $(id -u) = 0 ]; then
|
||||||
echo "You need to be root or have sudo privileges!"
|
echo "You need to be root or have sudo privileges!"
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
if [ "$DIST" = "xenial" ] || [ "$DIST" = "bionic" ]; then
|
||||||
|
echo "OS: $(lsb_release -sd)
|
||||||
|
Good, this is a supported platform!"
|
||||||
|
else
|
||||||
|
echo "OS: $(lsb_release -sd)
|
||||||
|
Sorry, this platform is not supported... exiting"
|
||||||
|
exit
|
||||||
|
fi
|
||||||
|
#Suggest 18.04 LTS release over 16.04
|
||||||
|
if [ "$DIST" = "xenial" ]; then
|
||||||
|
echo "$(lsb_release -sc), even when it's compatible and functional.
|
||||||
|
We suggest to use the next (LTS) release, for longer support and security reasons."
|
||||||
|
read -n 1 -s -r -p "Press any key to continue..."
|
||||||
|
fi
|
||||||
# Jitsi-Meet Repo
|
# Jitsi-Meet Repo
|
||||||
echo "Add Jitsi key"
|
echo "Add Jitsi key"
|
||||||
if [ "$JITSI_UNS_REPO" = "unstable" ]; then
|
if [ "$JITSI_STBL_REPO" = "stable" ]; then
|
||||||
echo "Jitsi unstable repository already installed"
|
echo "Jitsi stable repository already installed"
|
||||||
else
|
else
|
||||||
echo 'deb https://download.jitsi.org unstable/' > /etc/apt/sources.list.d/jitsi-unstable.list
|
echo 'deb https://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list
|
||||||
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
|
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -112,16 +147,18 @@ fi
|
||||||
echo "We'll start by installing system requirements this may take a while please be patient..."
|
echo "We'll start by installing system requirements this may take a while please be patient..."
|
||||||
apt update -yq2
|
apt update -yq2
|
||||||
apt dist-upgrade -yq2
|
apt dist-upgrade -yq2
|
||||||
apt -yqq install \
|
|
||||||
|
apt -y install \
|
||||||
bmon \
|
bmon \
|
||||||
curl \
|
curl \
|
||||||
ffmpeg \
|
ffmpeg \
|
||||||
git \
|
git \
|
||||||
htop \
|
htop \
|
||||||
letsencrypt \
|
letsencrypt \
|
||||||
linux-image-extra-virtual \
|
linux-image-generic-hwe-$(lsb_release -r|awk '{print$2}') \
|
||||||
unzip \
|
unzip \
|
||||||
wget
|
wget
|
||||||
|
|
||||||
check_serv
|
check_serv
|
||||||
|
|
||||||
echo "
|
echo "
|
||||||
|
@ -129,7 +166,7 @@ echo "
|
||||||
# Install Jitsi Framework
|
# Install Jitsi Framework
|
||||||
#--------------------------------------------------
|
#--------------------------------------------------
|
||||||
"
|
"
|
||||||
apt -yqq install \
|
apt -y install \
|
||||||
jitsi-meet \
|
jitsi-meet \
|
||||||
jibri \
|
jibri \
|
||||||
openjdk-8-jre-headless
|
openjdk-8-jre-headless
|
||||||
|
@ -147,7 +184,7 @@ if [ "$(dpkg-query -W -f='${Status}' nodejs 2>/dev/null | grep -c "ok")" == "1"
|
||||||
echo "Nodejs is installed, skipping..."
|
echo "Nodejs is installed, skipping..."
|
||||||
else
|
else
|
||||||
curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -
|
curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -
|
||||||
apt install -yqq nodejs
|
apt install -yq2 nodejs
|
||||||
echo "Installing nodejs esprima package..."
|
echo "Installing nodejs esprima package..."
|
||||||
npm install -g esprima
|
npm install -g esprima
|
||||||
fi
|
fi
|
||||||
|
@ -163,6 +200,8 @@ fi
|
||||||
echo "snd-aloop" | tee -a /etc/modules
|
echo "snd-aloop" | tee -a /etc/modules
|
||||||
check_snd_driver
|
check_snd_driver
|
||||||
CHD_VER=$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)
|
CHD_VER=$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)
|
||||||
|
GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
|
||||||
|
|
||||||
echo "# Installing Google Chrome / ChromeDriver"
|
echo "# Installing Google Chrome / ChromeDriver"
|
||||||
if [ -f $GOOGL_REPO ]; then
|
if [ -f $GOOGL_REPO ]; then
|
||||||
echo "Google repository already set."
|
echo "Google repository already set."
|
||||||
|
@ -172,14 +211,14 @@ echo "Installing Google Chrome Stable"
|
||||||
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee $GOOGL_REPO
|
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee $GOOGL_REPO
|
||||||
fi
|
fi
|
||||||
apt -qq update
|
apt -qq update
|
||||||
apt install -yqq google-chrome-stable
|
apt install -yq2 google-chrome-stable
|
||||||
rm -rf /etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list
|
rm -rf /etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list
|
||||||
|
|
||||||
if [ -f /usr/local/bin/chromedriver ]; then
|
if [ -f /usr/local/bin/chromedriver ]; then
|
||||||
echo "Chromedriver already installed."
|
echo "Chromedriver already installed."
|
||||||
else
|
else
|
||||||
echo "Installing Chromedriver"
|
echo "Installing Chromedriver"
|
||||||
wget https://chromedriver.storage.googleapis.com/$CHD_VER/chromedriver_linux64.zip -O /tmp/chromedriver_linux64.zip
|
wget -q https://chromedriver.storage.googleapis.com/$CHD_VER/chromedriver_linux64.zip -O /tmp/chromedriver_linux64.zip
|
||||||
unzip /tmp/chromedriver_linux64.zip -d /usr/local/bin/
|
unzip /tmp/chromedriver_linux64.zip -d /usr/local/bin/
|
||||||
chown root:root /usr/local/bin/chromedriver
|
chown root:root /usr/local/bin/chromedriver
|
||||||
chmod 0755 /usr/local/bin/chromedriver
|
chmod 0755 /usr/local/bin/chromedriver
|
||||||
|
@ -192,23 +231,33 @@ Check Google Software Working...
|
||||||
/usr/bin/google-chrome --version
|
/usr/bin/google-chrome --version
|
||||||
/usr/local/bin/chromedriver --version | awk '{print$1,$2}'
|
/usr/local/bin/chromedriver --version | awk '{print$1,$2}'
|
||||||
|
|
||||||
|
echo "
|
||||||
|
Remove Chrome warning...
|
||||||
|
"
|
||||||
|
mkdir -p /etc/opt/chrome/policies/managed
|
||||||
|
echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' >> $GCMP_JSON
|
||||||
|
|
||||||
echo '
|
echo '
|
||||||
########################################################################
|
########################################################################
|
||||||
Starting Jibri configuration
|
Please Setup Your Instalation
|
||||||
########################################################################
|
########################################################################
|
||||||
'
|
'
|
||||||
# MEET / JIBRI SETUP
|
# MEET / JIBRI SETUP
|
||||||
DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
|
DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
|
||||||
JB_AUTH_PASS_FILE=/var/JB_AUTH_PASS.txt
|
WS_CONF=/etc/nginx/sites-enabled/$DOMAIN.conf
|
||||||
JB_REC_PASS_FILE=/var/JB_REC_PASS.txt
|
JB_AUTH_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
|
||||||
|
JB_REC_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
|
||||||
PROSODY_FILE=/etc/prosody/conf.d/$DOMAIN.cfg.lua
|
PROSODY_FILE=/etc/prosody/conf.d/$DOMAIN.cfg.lua
|
||||||
|
PROSODY_SYS=/etc/prosody/prosody.cfg.lua
|
||||||
JICOFO_SIP=/etc/jitsi/jicofo/sip-communicator.properties
|
JICOFO_SIP=/etc/jitsi/jicofo/sip-communicator.properties
|
||||||
MEET_CONF=/etc/jitsi/meet/$DOMAIN-config.js
|
MEET_CONF=/etc/jitsi/meet/$DOMAIN-config.js
|
||||||
CONF_JSON=/etc/jitsi/jibri/config.json
|
CONF_JSON=/etc/jitsi/jibri/config.json
|
||||||
DIR_RECORD=/tmp/recordings
|
DIR_RECORD=/var/jbrecord
|
||||||
REC_DIR=/home/jibri/finalize_recording.sh
|
REC_DIR=/home/jibri/finalize_recording.sh
|
||||||
JB_NAME="Jibri Sessions"
|
JB_NAME="Jibri Sessions"
|
||||||
LE_RENEW_LOG="/var/log/letsencrypt/renew.log"
|
LE_RENEW_LOG="/var/log/letsencrypt/renew.log"
|
||||||
|
MOD_LISTU="https://prosody.im/files/mod_listusers.lua"
|
||||||
|
MOD_LIST_FILE="/usr/lib/prosody/modules/mod_listusers.lua"
|
||||||
echo "## Setting up Jitsi Meet language ##
|
echo "## Setting up Jitsi Meet language ##
|
||||||
You can define your language by using a two letter code (ISO 639-1);
|
You can define your language by using a two letter code (ISO 639-1);
|
||||||
English -> en
|
English -> en
|
||||||
|
@ -219,52 +268,125 @@ You can define your language by using a two letter code (ISO 639-1);
|
||||||
Jitsi Meet web interface will be set to use such language (if availabe).
|
Jitsi Meet web interface will be set to use such language (if availabe).
|
||||||
"
|
"
|
||||||
read -p "Please set your language:"$'\n' -r LANG
|
read -p "Please set your language:"$'\n' -r LANG
|
||||||
read -p "Jibri internal.auth.$DOMAIN password: "$'\n' -sr JB_AUTH_PASS
|
|
||||||
read -p "Jibri recorder.$DOMAIN password: "$'\n' -sr JB_REC_PASS
|
|
||||||
read -p "Set sysadmin email: "$'\n' -r SYSADMIN_EMAIL
|
read -p "Set sysadmin email: "$'\n' -r SYSADMIN_EMAIL
|
||||||
|
#Drop unsecure TLS
|
||||||
|
while [[ $DROP_TLS1 != yes && $DROP_TLS1 != no ]]
|
||||||
|
do
|
||||||
|
read -p "> Do you want to drop support for unsecure protocols TLSv1.0/1.1 now: (yes or no)"$'\n' -r DROP_TLS1
|
||||||
|
if [ $DROP_TLS1 = no ]; then
|
||||||
|
echo "TLSv1.0/1.1 will remain."
|
||||||
|
elif [ $DROP_TLS1 = yes ]; then
|
||||||
|
echo "TLSv1.0/1.1 will be dropped"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
#Dropbox
|
||||||
while [[ $ENABLE_DB != yes && $ENABLE_DB != no ]]
|
while [[ $ENABLE_DB != yes && $ENABLE_DB != no ]]
|
||||||
do
|
do
|
||||||
read -p "Do you want to setup the Dropbox feature now: (yes or no)"$'\n' -r ENABLE_DB
|
read -p "> Do you want to setup the Dropbox feature now: (yes or no)"$'\n' -r ENABLE_DB
|
||||||
if [ $ENABLE_DB = no ]; then
|
if [ $ENABLE_DB = no ]; then
|
||||||
echo "Dropbox won't be enable"
|
echo "Dropbox won't be enable"
|
||||||
elif [ $ENABLE_DB = yes ]; then
|
elif [ $ENABLE_DB = yes ]; then
|
||||||
read -p "Please set your Drobbox App key: "$'\n' -r DB_CID
|
read -p "Please set your Drobbox App key: "$'\n' -r DB_CID
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
#SSL LE
|
||||||
while [[ $ENABLE_SSL != yes && $ENABLE_SSL != no ]]
|
while [[ $ENABLE_SSL != yes && $ENABLE_SSL != no ]]
|
||||||
do
|
do
|
||||||
read -p "Do you want to setup LetsEncrypt with your domain: (yes or no)"$'\n' -r ENABLE_SSL
|
read -p "> Do you want to setup LetsEncrypt with your domain: (yes or no)"$'\n' -r ENABLE_SSL
|
||||||
if [ $ENABLE_SSL = no ]; then
|
if [ $ENABLE_SSL = no ]; then
|
||||||
echo "Please run letsencrypt.sh manually post-installation."
|
echo "Please run letsencrypt.sh manually post-installation."
|
||||||
elif [ $ENABLE_SSL = yes ]; then
|
elif [ $ENABLE_SSL = yes ]; then
|
||||||
echo "SSL will be enabled."
|
echo "SSL will be enabled."
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
#Brandless Mode
|
||||||
|
while [[ $ENABLE_BLESSM != yes && $ENABLE_BLESSM != no ]]
|
||||||
|
do
|
||||||
|
read -p "> Do you want to install customized \"brandless mode\"?: (yes or no)"$'\n' -r ENABLE_BLESSM
|
||||||
|
if [ $ENABLE_BLESSM = no ]; then
|
||||||
|
echo "Brandless mode won't be set."
|
||||||
|
elif [ $ENABLE_BLESSM = yes ]; then
|
||||||
|
echo "Brandless mode will be set."
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
#Jibri Records Access (JRA) via Nextcloud
|
||||||
|
while [[ $ENABLE_NC_ACCESS != yes && $ENABLE_NC_ACCESS != no ]]
|
||||||
|
do
|
||||||
|
read -p "> Do you want to setup Jibri Records Access via Nextcloud: (yes or no)"$'\n' -r ENABLE_NC_ACCESS
|
||||||
|
if [ $ENABLE_NC_ACCESS = no ]; then
|
||||||
|
echo "JRA via Nextcloud won't be enabled."
|
||||||
|
elif [ $ENABLE_NC_ACCESS = yes ]; then
|
||||||
|
echo "JRA via Nextcloud will be enabled."
|
||||||
|
fi
|
||||||
|
done
|
||||||
#Jigasi
|
#Jigasi
|
||||||
while [[ $ENABLE_TRANSCRIPT != yes && $ENABLE_TRANSCRIPT != no ]]
|
while [[ $ENABLE_TRANSCRIPT != yes && $ENABLE_TRANSCRIPT != no ]]
|
||||||
do
|
do
|
||||||
read -p "Do you want to setup Jigasi Transcription: (yes or no)"$'\n' -r ENABLE_TRANSCRIPT
|
read -p "> Do you want to setup Jigasi Transcription: (yes or no)"$'\n' -r ENABLE_TRANSCRIPT
|
||||||
if [ $ENABLE_TRANSCRIPT = no ]; then
|
if [ $ENABLE_TRANSCRIPT = no ]; then
|
||||||
echo "Jigasi Transcription won't be enabled."
|
echo "Jigasi Transcription won't be enabled."
|
||||||
elif [ $ENABLE_TRANSCRIPT = yes ]; then
|
elif [ $ENABLE_TRANSCRIPT = yes ]; then
|
||||||
echo "Jigasi Transcription will be enabled."
|
echo "Jigasi Transcription will be enabled."
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
#Enable static avatar
|
||||||
echo "$JB_AUTH_PASS" > $JB_AUTH_PASS_FILE
|
while [[ "$ENABLE_SA" != "yes" && "$ENABLE_SA" != "no" ]]
|
||||||
chmod 600 $JB_AUTH_PASS_FILE
|
do
|
||||||
echo "$JB_REC_PASS" > $JB_REC_PASS_FILE
|
read -p "> Do you want to enable static avatar?: (yes or no)"$'\n' -r ENABLE_SA
|
||||||
chmod 600 $JB_REC_PASS_FILE
|
if [ "$ENABLE_SA" = "no" ]; then
|
||||||
|
echo "Static avatar won't be enabled"
|
||||||
|
elif [ "$ENABLE_SA" = "yes" ]; then
|
||||||
|
echo "Static avatar will be enabled"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
#Enable local audio recording
|
||||||
|
while [[ "$ENABLE_LAR" != "yes" && "$ENABLE_LAR" != "no" ]]
|
||||||
|
do
|
||||||
|
read -p "> Do you want to enable local audio recording option?: (yes or no)"$'\n' -r ENABLE_LAR
|
||||||
|
if [ "$ENABLE_LAR" = "no" ]; then
|
||||||
|
echo "Local audio recording option won't be enabled"
|
||||||
|
elif [ "$ENABLE_LAR" = "yes" ]; then
|
||||||
|
echo "Local audio recording option will be enabled"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
#Secure room initial user
|
||||||
|
while [[ "$ENABLE_SC" != "yes" && "$ENABLE_SC" != "no" ]]
|
||||||
|
do
|
||||||
|
read -p "> Do you want to enable secure rooms?: (yes or no)"$'\n' -r ENABLE_SC
|
||||||
|
if [ "$ENABLE_SC" = "no" ]; then
|
||||||
|
echo "-- Secure rooms won't be enabled."
|
||||||
|
elif [ "$ENABLE_SC" = "yes" ]; then
|
||||||
|
echo "-- Secure rooms will being enabled."
|
||||||
|
read -p "Set username for secure room moderator: "$'\n' -r SEC_ROOM_USER
|
||||||
|
read -p "Secure room moderator password: "$'\n' -r SEC_ROOM_PASS
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
#Welcome Page
|
||||||
|
while [[ $ENABLE_WELCP != yes && $ENABLE_WELCP != no ]]
|
||||||
|
do
|
||||||
|
read -p "> Do you want to disable the Welcome page: (yes or no)"$'\n' -r ENABLE_WELCP
|
||||||
|
if [ $ENABLE_WELCP = yes ]; then
|
||||||
|
echo "Welcome page will be disabled."
|
||||||
|
elif [ $ENABLE_WELCP = no ]; then
|
||||||
|
echo "Welcome page will be enabled."
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
#Start configuration
|
||||||
|
echo '
|
||||||
|
########################################################################
|
||||||
|
Start Jitsi Framework configuration
|
||||||
|
########################################################################
|
||||||
|
'
|
||||||
JibriBrewery=JibriBrewery
|
JibriBrewery=JibriBrewery
|
||||||
INT_CONF=/usr/share/jitsi-meet/interface_config.js
|
INT_CONF="/usr/share/jitsi-meet/interface_config.js"
|
||||||
WAN_IP=$(dig +short myip.opendns.com @resolver1.opendns.com)
|
WAN_IP=$(dig +short myip.opendns.com @resolver1.opendns.com)
|
||||||
|
|
||||||
ssl_wa() {
|
ssl_wa() {
|
||||||
service $1 stop
|
systemctl stop $1
|
||||||
letsencrypt certonly --standalone --renew-by-default --agree-tos --email $5 -d $6
|
letsencrypt certonly --standalone --renew-by-default --agree-tos --email $5 -d $6
|
||||||
sed -i "s|/etc/jitsi/meet/$3.crt|/etc/letsencrypt/live/$3/fullchain.pem|" $4
|
sed -i "s|/etc/jitsi/meet/$3.crt|/etc/letsencrypt/live/$3/fullchain.pem|" $4
|
||||||
sed -i "s|/etc/jitsi/meet/$3.key|/etc/letsencrypt/live/$3/privkey.pem|" $4
|
sed -i "s|/etc/jitsi/meet/$3.key|/etc/letsencrypt/live/$3/privkey.pem|" $4
|
||||||
service $1 restart
|
systemctl restart $1
|
||||||
#Add cron
|
#Add cron
|
||||||
crontab -l | { cat; echo "@weekly certbot renew --${2} > $LE_RENEW_LOG 2>&1 || mail -s 'LE SSL Errors' $SYSADMIN_EMAIL < $LE_RENEW_LOG"; } | crontab -
|
crontab -l | { cat; echo "@weekly certbot renew --${2} > $LE_RENEW_LOG 2>&1 || mail -s 'LE SSL Errors' $SYSADMIN_EMAIL < $LE_RENEW_LOG"; } | crontab -
|
||||||
crontab -l
|
crontab -l
|
||||||
|
@ -273,9 +395,9 @@ service $1 restart
|
||||||
enable_letsencrypt() {
|
enable_letsencrypt() {
|
||||||
if [ "$ENABLE_SSL" = "yes" ]; then
|
if [ "$ENABLE_SSL" = "yes" ]; then
|
||||||
echo '
|
echo '
|
||||||
########################################################################
|
#--------------------------------------------------
|
||||||
Starting LetsEncrypt configuration
|
# Starting LetsEncrypt configuration
|
||||||
########################################################################
|
#--------------------------------------------------
|
||||||
'
|
'
|
||||||
#Disabled 'til fixed upstream
|
#Disabled 'til fixed upstream
|
||||||
#bash /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
|
#bash /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
|
||||||
|
@ -290,9 +412,9 @@ fi
|
||||||
check_jibri() {
|
check_jibri() {
|
||||||
if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ]
|
if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ]
|
||||||
then
|
then
|
||||||
service jibri restart
|
systemctl restart jibri
|
||||||
service jibri-icewm restart
|
systemctl restart jibri-icewm
|
||||||
service jibri-xorg restart
|
systemctl restart jibri-xorg
|
||||||
else
|
else
|
||||||
echo "Jibri service not installed"
|
echo "Jibri service not installed"
|
||||||
fi
|
fi
|
||||||
|
@ -300,9 +422,9 @@ fi
|
||||||
|
|
||||||
# Restarting services
|
# Restarting services
|
||||||
restart_services() {
|
restart_services() {
|
||||||
service jitsi-videobridge restart
|
systemctl restart jitsi-videobridge*
|
||||||
service jicofo restart
|
systemctl restart jicofo
|
||||||
service prosody restart
|
systemctl restart prosody
|
||||||
check_jibri
|
check_jibri
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -330,6 +452,27 @@ VirtualHost "recorder.$DOMAIN"
|
||||||
|
|
||||||
REC-JIBRI
|
REC-JIBRI
|
||||||
|
|
||||||
|
#Fix Jibri conectivity issues
|
||||||
|
sed -i "s|c2s_require_encryption = .*|c2s_require_encryption = false|" $PROSODY_SYS
|
||||||
|
sed -i "/c2s_require_encryption = false/a \\
|
||||||
|
\\
|
||||||
|
consider_bosh_secure = true" $PROSODY_SYS
|
||||||
|
|
||||||
|
if [ ! -f $MOD_LIST_FILE ]; then
|
||||||
|
echo "
|
||||||
|
-> Adding external module to list prosody users...
|
||||||
|
"
|
||||||
|
curl -s $MOD_LISTU > $MOD_LIST_FILE
|
||||||
|
|
||||||
|
echo "Now you can check registered users with:
|
||||||
|
prosodyctl mod_listusers
|
||||||
|
"
|
||||||
|
else
|
||||||
|
echo "Prosody support for listing users seems to be enabled.
|
||||||
|
check with: prosodyctl mod_listusers
|
||||||
|
"
|
||||||
|
fi
|
||||||
|
|
||||||
### Prosody users
|
### Prosody users
|
||||||
prosodyctl register jibri auth.$DOMAIN $JB_AUTH_PASS
|
prosodyctl register jibri auth.$DOMAIN $JB_AUTH_PASS
|
||||||
prosodyctl register recorder recorder.$DOMAIN $JB_REC_PASS
|
prosodyctl register recorder recorder.$DOMAIN $JB_REC_PASS
|
||||||
|
@ -361,11 +504,8 @@ sed -i "$DB_STR,$DB_END{s|// },|},|}" $MEET_CONF
|
||||||
fi
|
fi
|
||||||
|
|
||||||
#LocalRecording
|
#LocalRecording
|
||||||
#No longer necessary thanks to: makeJsonParserHappy
|
if [ $ENABLE_LAR = "yes" ]; then
|
||||||
echo "# Enabling local recording (audio only)."
|
echo "# Enabling local recording (audio only)."
|
||||||
#DI_STR=$(grep -n "deploymentInfo:" $MEET_CONF | cut -d ":" -f1)
|
|
||||||
#DI_END=$((DI_STR + 6))
|
|
||||||
#sed -i "$DI_STR,$DI_END{s|}|},|}" $MEET_CONF
|
|
||||||
LR_STR=$(grep -n "// Local Recording" $MEET_CONF | cut -d ":" -f1)
|
LR_STR=$(grep -n "// Local Recording" $MEET_CONF | cut -d ":" -f1)
|
||||||
LR_END=$((LR_STR + 18))
|
LR_END=$((LR_STR + 18))
|
||||||
sed -i "$LR_STR,$LR_END{s|// localRecording: {|localRecording: {|}" $MEET_CONF
|
sed -i "$LR_STR,$LR_END{s|// localRecording: {|localRecording: {|}" $MEET_CONF
|
||||||
|
@ -374,7 +514,8 @@ sed -i "$LR_STR,$LR_END{s|// format: 'flac'|format: 'flac'|}" $MEET_CONF
|
||||||
sed -i "$LR_STR,$LR_END{s|// }|}|}" $MEET_CONF
|
sed -i "$LR_STR,$LR_END{s|// }|}|}" $MEET_CONF
|
||||||
|
|
||||||
sed -i "s|'tileview'|'tileview', 'localrecording'|" $INT_CONF
|
sed -i "s|'tileview'|'tileview', 'localrecording'|" $INT_CONF
|
||||||
#EOLR
|
sed -i "s|LOC_REC=.*|LOC_REC=\"on\"|" jitsi-updater.sh
|
||||||
|
fi
|
||||||
|
|
||||||
#Setup main language
|
#Setup main language
|
||||||
if [ -z $LANG ] || [ "$LANG" = "en" ]; then
|
if [ -z $LANG ] || [ "$LANG" = "en" ]; then
|
||||||
|
@ -404,18 +545,25 @@ https://github.com/switnet-ltd/quick-jibri-installer/issues
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Recording directory
|
# Recording directory
|
||||||
|
mkdir $DIR_RECORD
|
||||||
|
chown -R jibri:jibri $DIR_RECORD
|
||||||
|
|
||||||
cat << REC_DIR > $REC_DIR
|
cat << REC_DIR > $REC_DIR
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
RECORDINGS_DIR=$1
|
RECORDINGS_DIR=$DIR_RECORD
|
||||||
|
|
||||||
echo "This is a dummy finalize script" > /tmp/finalize.out
|
echo "This is a dummy finalize script" > /tmp/finalize.out
|
||||||
echo "The script was invoked with recordings directory $RECORDINGS_DIR." >> /tmp/finalize.out
|
echo "The script was invoked with recordings directory $RECORDINGS_DIR." >> /tmp/finalize.out
|
||||||
echo "You should put any finalize logic (renaming, uploading to a service" >> /tmp/finalize.out
|
echo "You should put any finalize logic (renaming, uploading to a service" >> /tmp/finalize.out
|
||||||
echo "or storage provider, etc.) in this script" >> /tmp/finalize.out
|
echo "or storage provider, etc.) in this script" >> /tmp/finalize.out
|
||||||
|
|
||||||
|
chmod -R 770 \$RECORDINGS_DIR
|
||||||
|
|
||||||
exit 0
|
exit 0
|
||||||
REC_DIR
|
REC_DIR
|
||||||
|
chown jibri:jibri $REC_DIR
|
||||||
|
chmod +x $REC_DIR
|
||||||
|
|
||||||
## JSON Config
|
## JSON Config
|
||||||
cp $CONF_JSON $CONF_JSON.orig
|
cp $CONF_JSON $CONF_JSON.orig
|
||||||
|
@ -427,7 +575,7 @@ cat << CONF_JSON > $CONF_JSON
|
||||||
{
|
{
|
||||||
"name": "$JB_NAME",
|
"name": "$JB_NAME",
|
||||||
"xmpp_server_hosts": [
|
"xmpp_server_hosts": [
|
||||||
"$WAN_IP"
|
"$DOMAIN"
|
||||||
],
|
],
|
||||||
"xmpp_domain": "$DOMAIN",
|
"xmpp_domain": "$DOMAIN",
|
||||||
"control_login": {
|
"control_login": {
|
||||||
|
@ -446,7 +594,7 @@ cat << CONF_JSON > $CONF_JSON
|
||||||
"password": "$JB_REC_PASS"
|
"password": "$JB_REC_PASS"
|
||||||
},
|
},
|
||||||
|
|
||||||
"room_jid_domain_string_to_strip_from_start": "internal.auth",
|
"room_jid_domain_string_to_strip_from_start": "conference.",
|
||||||
"usage_timeout": "0"
|
"usage_timeout": "0"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
@ -454,74 +602,46 @@ cat << CONF_JSON > $CONF_JSON
|
||||||
CONF_JSON
|
CONF_JSON
|
||||||
|
|
||||||
#Tune webserver for Jitsi App control
|
#Tune webserver for Jitsi App control
|
||||||
if [ -f /etc/apache2/sites-available/$DOMAIN.conf ]; then
|
if [ -f $WS_CONF ]; then
|
||||||
WS_CONF=/etc/apache2/sites-available/$DOMAIN.conf
|
sed -i "/Anything that didn't match above/i \\\n" $WS_CONF
|
||||||
sed -i '$ d' $WS_CONF
|
sed -i "/Anything that didn't match above/i \ \ \ \ location = \/external_api.min.js {" $WS_CONF
|
||||||
cat << NG_APP >> $WS_CONF
|
sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ alias \/usr\/share\/jitsi-meet\/libs\/external_api.min.js;" $WS_CONF
|
||||||
|
sed -i "/Anything that didn't match above/i \ \ \ \ }" $WS_CONF
|
||||||
Alias "/external_api.js" "/usr/share/jitsi-meet/libs/external_api.min.js"
|
sed -i "/Anything that didn't match above/i \\\n" $WS_CONF
|
||||||
Alias "/external_api.min.js" "/usr/share/jitsi-meet/libs/external_api.min.js"
|
systemctl reload nginx
|
||||||
|
|
||||||
</VirtualHost>
|
|
||||||
NG_APP
|
|
||||||
service apache2 reload
|
|
||||||
elif [ -f /etc/nginx/sites-available/$DOMAIN.conf ]; then
|
|
||||||
WS_CONF=/etc/nginx/sites-enabled/$DOMAIN.conf
|
|
||||||
WS_STR=$(grep -n "external_api.js" $WS_CONF | cut -d ":" -f1)
|
|
||||||
WS_END=$((WS_STR + 2))
|
|
||||||
sed -i "${WS_STR},${WS_END} s|^|#|" $WS_CONF
|
|
||||||
sed -i '$ d' $WS_CONF
|
|
||||||
cat << NG_APP >> $WS_CONF
|
|
||||||
|
|
||||||
location /external_api.min.js {
|
|
||||||
alias /usr/share/jitsi-meet/libs/external_api.min.js;
|
|
||||||
}
|
|
||||||
|
|
||||||
location /external_api.js {
|
|
||||||
alias /usr/share/jitsi-meet/libs/external_api.min.js;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
NG_APP
|
|
||||||
service nginx reload
|
|
||||||
else
|
else
|
||||||
echo "No app configuration done to server file, please report to:
|
echo "No app configuration done to server file, please report to:
|
||||||
-> https://github.com/switnet-ltd/quick-jibri-installer/issues"
|
-> https://github.com/switnet-ltd/quick-jibri-installer/issues"
|
||||||
fi
|
fi
|
||||||
|
#Static avatar
|
||||||
#Enable static avatar
|
if [ "$ENABLE_SA" = "yes" ] && [ -f $WS_CONF ]; then
|
||||||
while [[ "$ENABLE_SA" != "yes" && "$ENABLE_SA" != "no" ]]
|
#wget https://switnet.net/static/avatar.png -O /usr/share/jitsi-meet/images/avatar2.png
|
||||||
do
|
cp images/avatar2.png /usr/share/jitsi-meet/images/
|
||||||
read -p "Do you want to enable static avatar?: (yes or no)"$'\n' -r ENABLE_SA
|
sed -i "/location \/external_api.min.js/i \ \ \ \ location \~ \^\/avatar\/\(.\*\)\\\.png {" $WS_CONF
|
||||||
if [ "$ENABLE_SA" = "no" ]; then
|
sed -i "/location \/external_api.min.js/i \ \ \ \ \ \ \ \ alias /usr/share/jitsi-meet/images/avatar2.png;" $WS_CONF
|
||||||
echo "Static avatar won't be enable"
|
sed -i "/location \/external_api.min.js/i \ \ \ \ }\\
|
||||||
elif [ "$ENABLE_SA" = "yes" ] && [ -f /etc/apache2/sites-available/$DOMAIN.conf ]; then
|
|
||||||
echo "Static avatar are being enable"
|
|
||||||
wget https://switnet.net/static/avatar.png -O /usr/share/jitsi-meet/images/avatar2.png
|
|
||||||
WS_CONF=/etc/apache2/sites-available/$DOMAIN.conf
|
|
||||||
sed -i "/Alias \"\/external_api.js\"/i \ \ AliasMatch \^\/avatar\/\(.\*\)\\\.png /usr/share/jitsi-meet/images/avatar2.png" $WS_CONF
|
|
||||||
sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'https://$DOMAIN/avatar/\'|" $INT_CONF
|
|
||||||
sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" $INT_CONF
|
|
||||||
elif [ "$ENABLE_SA" = "yes" ] && [ -f /etc/nginx/sites-available/$DOMAIN.conf ]; then
|
|
||||||
wget https://switnet.net/static/avatar.png -O /usr/share/jitsi-meet/images/avatar2.png
|
|
||||||
WS_CONF=/etc/nginx/sites-enabled/$DOMAIN.conf
|
|
||||||
sed -i "/location \/external_api.min.js/i \ \ \ \ location \~ \^\/avatar\/\(.\*\)\\\.png {\\
|
|
||||||
\
|
|
||||||
\ \ \ \ \ \ \ \ alias /usr/share/jitsi-meet/images/avatar2.png;\\
|
|
||||||
\
|
|
||||||
\ \ \ \ }\\
|
|
||||||
\ " $WS_CONF
|
\ " $WS_CONF
|
||||||
sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'https://$DOMAIN/avatar/\'|" $INT_CONF
|
sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'https://$DOMAIN/avatar/\'|" $INT_CONF
|
||||||
sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" $INT_CONF
|
sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" $INT_CONF
|
||||||
else
|
|
||||||
echo "No app configuration done to server file, please report to:
|
|
||||||
-> https://github.com/switnet-ltd/quick-jibri-installer/issues"
|
|
||||||
fi
|
fi
|
||||||
done
|
#nginx -tlsv1/1.1
|
||||||
|
if [ $DROP_TLS1 = "yes" ] && [ $DIST = "bionic" ];then
|
||||||
|
echo "Dropping TLSv1/1.1 in favor of v1.3"
|
||||||
|
sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" /etc/nginx/nginx.conf
|
||||||
|
#sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" $WS_CONF
|
||||||
|
elif [ $DROP_TLS1 = "yes" ] && [ ! $DIST = "bionic" ];then
|
||||||
|
echo "Only dropping TLSv1/1.1"
|
||||||
|
sed -i "s|TLSv1 TLSv1.1||" /etc/nginx/nginx.conf
|
||||||
|
#sed -i "s|TLSv1 TLSv1.1||" $WS_CONF
|
||||||
|
else
|
||||||
|
echo "No TLSv1/1.1 dropping was done. Please report to
|
||||||
|
https://github.com/switnet-ltd/quick-jibri-installer/issues "
|
||||||
|
fi
|
||||||
|
|
||||||
# Temporary disable "Blur my background" until is stable
|
# Disable "Blur my background" until new notice
|
||||||
sed -i "s|'videobackgroundblur', ||" $INT_CONF
|
sed -i "s|'videobackgroundblur', ||" $INT_CONF
|
||||||
|
|
||||||
#Enable secure rooms?
|
#Setup secure rooms
|
||||||
cat << P_SR >> $PROSODY_FILE
|
cat << P_SR >> $PROSODY_FILE
|
||||||
VirtualHost "$DOMAIN"
|
VirtualHost "$DOMAIN"
|
||||||
authentication = "internal_plain"
|
authentication = "internal_plain"
|
||||||
|
@ -530,24 +650,15 @@ VirtualHost "guest.$DOMAIN"
|
||||||
authentication = "anonymous"
|
authentication = "anonymous"
|
||||||
c2s_require_encryption = false
|
c2s_require_encryption = false
|
||||||
P_SR
|
P_SR
|
||||||
while [[ "$ENABLE_SC" != "yes" && "$ENABLE_SC" != "no" ]]
|
|
||||||
do
|
|
||||||
read -p "Do you want to enable secure rooms?: (yes or no)"$'\n' -r ENABLE_SC
|
|
||||||
if [ "$ENABLE_SC" = "no" ]; then
|
|
||||||
echo "Secure rooms won't be enable"
|
|
||||||
elif [ "$ENABLE_SC" = "yes" ]; then
|
|
||||||
echo "Secure rooms are being enable"
|
|
||||||
#Secure room initial user
|
#Secure room initial user
|
||||||
read -p "Set username for secure room moderator: "$'\n' -r SEC_ROOM_USER
|
if [ "$ENABLE_SC" = "yes" ]; then
|
||||||
read -p "Secure room moderator password: "$'\n' -sr SEC_ROOM_PASS
|
echo "Secure rooms are being enabled..."
|
||||||
echo "You'll be able to login Secure Room chat with '${SEC_ROOM_USER}' \
|
echo "You'll be able to login Secure Room chat with '${SEC_ROOM_USER}' \
|
||||||
or '${SEC_ROOM_USER}@${DOMAIN}' using the password you just entered.
|
or '${SEC_ROOM_USER}@${DOMAIN}' using the password you just entered.
|
||||||
If you have issues with the password refer to your sysadmin."
|
If you have issues with the password refer to your sysadmin."
|
||||||
sed -i "s|#org.jitsi.jicofo.auth.URL=XMPP:|org.jitsi.jicofo.auth.URL=XMPP:|" $JICOFO_SIP
|
sed -i "s|#org.jitsi.jicofo.auth.URL=XMPP:|org.jitsi.jicofo.auth.URL=XMPP:|" $JICOFO_SIP
|
||||||
prosodyctl register $SEC_ROOM_USER $DOMAIN $SEC_ROOM_PASS
|
prosodyctl register $SEC_ROOM_USER $DOMAIN $SEC_ROOM_PASS
|
||||||
fi
|
fi
|
||||||
done
|
|
||||||
|
|
||||||
#Start with video muted by default
|
#Start with video muted by default
|
||||||
sed -i "s|// startWithVideoMuted: false,|startWithVideoMuted: true,|" $MEET_CONF
|
sed -i "s|// startWithVideoMuted: false,|startWithVideoMuted: true,|" $MEET_CONF
|
||||||
|
|
||||||
|
@ -555,18 +666,11 @@ sed -i "s|// startWithVideoMuted: false,|startWithVideoMuted: true,|" $MEET_CONF
|
||||||
sed -i "s|// startAudioMuted: 10,|startAudioMuted: 1,|" $MEET_CONF
|
sed -i "s|// startAudioMuted: 10,|startAudioMuted: 1,|" $MEET_CONF
|
||||||
|
|
||||||
#Disable/enable welcome page
|
#Disable/enable welcome page
|
||||||
while [[ $ENABLE_WELCP != yes && $ENABLE_WELCP != no ]]
|
|
||||||
do
|
|
||||||
read -p "Do you want to disable the Welcome page: (yes or no)"$'\n' -r ENABLE_WELCP
|
|
||||||
if [ $ENABLE_WELCP = yes ]; then
|
if [ $ENABLE_WELCP = yes ]; then
|
||||||
echo "Welcome page will be disabled."
|
|
||||||
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: false,|" $MEET_CONF
|
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: false,|" $MEET_CONF
|
||||||
elif [ $ENABLE_WELCP = no ]; then
|
elif [ $ENABLE_WELCP = no ]; then
|
||||||
echo "Welcome page will be enabled."
|
|
||||||
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: true,|" $MEET_CONF
|
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: true,|" $MEET_CONF
|
||||||
fi
|
fi
|
||||||
done
|
|
||||||
|
|
||||||
#Set displayname as not required since jibri can't set it up.
|
#Set displayname as not required since jibri can't set it up.
|
||||||
sed -i "s|// requireDisplayName: true,|requireDisplayName: false,|" $MEET_CONF
|
sed -i "s|// requireDisplayName: true,|requireDisplayName: false,|" $MEET_CONF
|
||||||
|
|
||||||
|
@ -579,21 +683,33 @@ restart_services
|
||||||
enable_letsencrypt
|
enable_letsencrypt
|
||||||
|
|
||||||
#SSL workaround
|
#SSL workaround
|
||||||
if [ "$(dpkg-query -W -f='${Status}' apache2 2>/dev/null | grep -c "ok installed")" -eq 1 ]; then
|
if [ "$(dpkg-query -W -f='${Status}' nginx 2>/dev/null | grep -c "ok installed")" -eq 1 ]; then
|
||||||
ssl_wa apache2 apache $DOMAIN $WS_CONF $SYSADMIN_EMAIL $DOMAIN
|
|
||||||
install_ifnot python3-certbot-apache
|
|
||||||
elif [ "$(dpkg-query -W -f='${Status}' nginx 2>/dev/null | grep -c "ok installed")" -eq 1 ]; then
|
|
||||||
ssl_wa nginx nginx $DOMAIN $WS_CONF $SYSADMIN_EMAIL $DOMAIN
|
ssl_wa nginx nginx $DOMAIN $WS_CONF $SYSADMIN_EMAIL $DOMAIN
|
||||||
install_ifnot python3-certbot-nginx
|
install_ifnot python3-certbot-nginx
|
||||||
else
|
else
|
||||||
echo "No webserver found please report."
|
echo "No webserver found please report."
|
||||||
fi
|
fi
|
||||||
|
#Brandless Mode
|
||||||
|
if [ $ENABLE_BLESSM = yes ]; then
|
||||||
|
echo "Custom brandless mode will be enabled."
|
||||||
|
sed -i "s|ENABLE_BLESSM=.*|ENABLE_BLESSM=\"on\"|" jitsi-updater.sh
|
||||||
|
bash $PWD/jm-bm.sh
|
||||||
|
fi
|
||||||
|
#JRA via Nextcloud
|
||||||
|
if [ $ENABLE_NC_ACCESS = yes ]; then
|
||||||
|
echo "Jigasi Transcription will be enabled."
|
||||||
|
bash $PWD/jra_nextcloud.sh
|
||||||
|
fi
|
||||||
|
#Jigasi Transcript
|
||||||
if [ $ENABLE_TRANSCRIPT = yes ]; then
|
if [ $ENABLE_TRANSCRIPT = yes ]; then
|
||||||
echo "Jigasi Transcription will be enabled."
|
echo "Jigasi Transcription will be enabled."
|
||||||
bash $PWD/jigasi.sh
|
bash $PWD/jigasi.sh
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
#Prevent Jibri conecction issue
|
||||||
|
sed -i "/127.0.0.1/a \\
|
||||||
|
127.0.0.1 $DOMAIN" /etc/hosts
|
||||||
|
|
||||||
echo "
|
echo "
|
||||||
########################################################################
|
########################################################################
|
||||||
Installation complete!!
|
Installation complete!!
|
||||||
|
|
Loading…
Reference in New Issue