7.1.0 (#99)
* changelog: add changelog * quick_jibri_installer.sh: increase support to 22.04 fix key aggregation and remove deprecated letsencrypt ppa * etherpad-docker.sh: fix key aggregation and variable collection. * grafana.sh: fix gpg key aggregation * jm-bm.sh: tweak sed * jra_nextcloud.sh: fix key aggregation and variable collection. * jra_nextcloud.sh: fix add gpg key function and add install available version package * jra_nextcloud.sh: small fix for install_aval_package function
This commit is contained in:
parent
1bfa6b90a2
commit
5a143d4c25
|
@ -45,7 +45,7 @@ fi
|
|||
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
|
||||
MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
|
||||
WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
|
||||
PSGVER="$(apt-cache madison postgresql|awk -F'[ +]' 'NR==1{print $3}')"
|
||||
PSGVER="$(apt-cache madison postgresql|tr -d '[:blank:]'|awk -F'[|+]' 'NR==1{print $2}')"
|
||||
ETHERPAD_DB_USER="dockerpad"
|
||||
ETHERPAD_DB_NAME="etherpad"
|
||||
ETHERPAD_DB_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
|
||||
|
@ -56,7 +56,8 @@ if [ "$DOCKER_CE_REPO" = "stable" ]; then
|
|||
echo "Docker repository already installed"
|
||||
else
|
||||
echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker-ce.list
|
||||
wget -qO - https://download.docker.com/linux/ubuntu/gpg | apt-key add -
|
||||
wget -qO - https://download.docker.com/linux/ubuntu/gpg | \
|
||||
gpg --dearmor | tee /etc/apt/trusted.gpg.d/docker-gpg-key.gpg >/dev/null
|
||||
apt -q2 update
|
||||
fi
|
||||
|
||||
|
|
11
grafana.sh
11
grafana.sh
|
@ -60,15 +60,16 @@ apt-get install -y gnupg2 \
|
|||
echo "
|
||||
# Setup InfluxDB Packages
|
||||
"
|
||||
wget -qO- https://repos.influxdata.com/influxdb.key | sudo apt-key add -
|
||||
echo "deb https://repos.influxdata.com/debian buster stable" | sudo tee /etc/apt/sources.list.d/influxdb.list
|
||||
curl -s https://repos.influxdata.com/influxdata-archive.key > /etc/apt/trusted.gpg.d/influxdata-archive.key
|
||||
echo "deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive.key] https://repos.influxdata.com/debian buster stable" | sudo tee /etc/apt/sources.list.d/influxdb.list
|
||||
apt-get update && apt-get install influxdb -y
|
||||
run_service influxdb
|
||||
|
||||
echo "
|
||||
# Setup Grafana Packages
|
||||
"
|
||||
curl -s https://packages.grafana.com/gpg.key | sudo apt-key add -
|
||||
curl -s https://apt.grafana.com/gpg-full.key | \
|
||||
gpg --dearmor | tee /etc/apt/trusted.gpg.d/grafana-full-key.gpg >/dev/null
|
||||
add-apt-repository "deb https://packages.grafana.com/oss/deb stable main"
|
||||
apt-get update && apt-get install grafana -y
|
||||
run_service grafana-server
|
||||
|
@ -76,8 +77,6 @@ run_service grafana-server
|
|||
echo "
|
||||
# Setup Telegraf Packages
|
||||
"
|
||||
wget -qO- https://repos.influxdata.com/influxdb.key | sudo apt-key add -
|
||||
echo "deb https://repos.influxdata.com/debian buster stable" | sudo tee /etc/apt/sources.list.d/influxdb.list
|
||||
apt-get update && apt-get install telegraf -y
|
||||
mv /etc/telegraf/telegraf.conf /etc/telegraf/telegraf.conf.original
|
||||
|
||||
|
@ -134,7 +133,7 @@ JITSI_TELEGRAF
|
|||
|
||||
run_service telegraf
|
||||
|
||||
echo -n "\n# Setup videobridge options\n"
|
||||
echo -e "\n# Setup videobridge options\n"
|
||||
echo '
|
||||
# extra options to pass to the JVB daemon
|
||||
JVB_OPTS="--apis=rest,xmpp"' >> /etc/jitsi/videobridge/config
|
||||
|
|
2
jm-bm.sh
2
jm-bm.sh
|
@ -74,7 +74,7 @@ fi
|
|||
#Customize room title
|
||||
sed -i "s|Jitsi Meet|$APP_NAME|g" "$TITLE_FILE"
|
||||
sed -i "s| powered by the Jitsi Videobridge||g" "$TITLE_FILE"
|
||||
sed -i "/appNotInstalled/ s|{{app}}|$MOVILE_APP_NAME|" /usr/share/jitsi-meet/lang/*
|
||||
sed -i "/appNotInstalled/ s|{{app}}|$MOVILE_APP_NAME|g" /usr/share/jitsi-meet/lang/*
|
||||
|
||||
#Custom UI changes
|
||||
if [ -f "$INT_CONF_ETC" ]; then
|
||||
|
|
|
@ -41,8 +41,8 @@ exit_if_not_installed jitsi-meet
|
|||
DISTRO_RELEASE="$(lsb_release -sc)"
|
||||
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
|
||||
PHP_REPO="$(apt-cache policy | awk '/http/&&/php/{print$2}' | awk -F "/" 'NR==1{print$5}')"
|
||||
PHPVER="7.4"
|
||||
PSGVER="$(apt-cache madison postgresql|awk -F'[ +]' 'NR==1{print $3}')"
|
||||
PHPVER="$(apt-cache madison php|grep -v ppa|awk -F'[:+]' 'NR==1{print $2}')"
|
||||
PSGVER="$(apt-cache madison postgresql|tr -d '[:blank:]'|awk -F'[|+]' 'NR==1{print $2}')"
|
||||
PHP_FPM_DIR="/etc/php/$PHPVER/fpm"
|
||||
PHP_INI="$PHP_FPM_DIR/php.ini"
|
||||
PHP_CONF="/etc/php/$PHPVER/fpm/pool.d/www.conf"
|
||||
|
@ -58,12 +58,33 @@ NC_DB_PASSWD="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)"
|
|||
DIR_RECORD="$(awk -F '"' '/RECORDING/{print$2}' /home/jibri/finalize_recording.sh|awk 'NR==1{print$1}')"
|
||||
REDIS_CONF="/etc/redis/redis.conf"
|
||||
JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
|
||||
if [ -f $JITSI_MEET_PROXY ];then
|
||||
PREAD_PROXY=$(grep -nr "preread_server_name" $JITSI_MEET_PROXY | cut -d ":" -f1)
|
||||
if [ -f "$JITSI_MEET_PROXY" ];then
|
||||
PREAD_PROXY=$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" -f1)
|
||||
fi
|
||||
PUBLIC_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)"
|
||||
ISO3166_CODE=TBD
|
||||
NL="$(printf '\n ')"
|
||||
TMP_GPG_REPO="$(mktemp -d)"
|
||||
add_gpg_keyring() {
|
||||
apt-key adv --recv-keys --keyserver keyserver.ubuntu.com "$1"
|
||||
apt-key export "$1" | gpg --dearmour | tee "$TMP_GPG_REPO"/"$1".gpg >/dev/null
|
||||
apt-key del "$1"
|
||||
mv "$TMP_GPG_REPO"/"$1".gpg /etc/apt/trusted.gpg.d/
|
||||
}
|
||||
install_aval_package() {
|
||||
for i in $1
|
||||
do
|
||||
if [ -z "$(apt-cache madison $i 2>/dev/null)" ]; then
|
||||
echo " > Package $i not available on repo."
|
||||
else
|
||||
echo " > Add package $i to the install list"
|
||||
packages="$packages $i"
|
||||
fi
|
||||
done
|
||||
echo "$packages"
|
||||
apt-get -y install $packages
|
||||
packages=""
|
||||
}
|
||||
|
||||
while [[ "$ANS_NCD" != "yes" ]]
|
||||
do
|
||||
|
@ -164,15 +185,15 @@ else
|
|||
apt-get -yq2 install "$1"
|
||||
fi
|
||||
}
|
||||
add_php74() {
|
||||
add_php() {
|
||||
if [ "$PHP_REPO" = "php" ]; then
|
||||
echo "PHP $PHPVER already installed"
|
||||
apt-get -q2 update
|
||||
apt-get -yq2 dist-upgrade
|
||||
else
|
||||
echo "# Adding Ondrej PHP $PHPVER PPA Repository"
|
||||
apt-key adv --recv-keys --keyserver keyserver.ubuntu.com E5267A6C
|
||||
echo "deb [arch=amd64] http://ppa.launchpad.net/ondrej/php/ubuntu $DISTRO_RELEASE main" > /etc/apt/sources.list.d/php7x.list
|
||||
add_gpg_keyring E5267A6C
|
||||
echo "deb [arch=amd64] http://ppa.launchpad.net/ondrej/php/ubuntu $DISTRO_RELEASE main" > /etc/apt/sources.list.d/php"$PHPVER".list
|
||||
apt-get update -q2
|
||||
fi
|
||||
}
|
||||
|
@ -186,8 +207,8 @@ exit_ifinstalled postgresql-"$PSGVER"
|
|||
install_ifnot postgresql-"$PSGVER"
|
||||
|
||||
# PHP 7.4
|
||||
add_php74
|
||||
apt-get install -y \
|
||||
add_php
|
||||
install_aval_package " \
|
||||
imagemagick \
|
||||
php"$PHPVER"-fpm \
|
||||
php"$PHPVER"-bcmath \
|
||||
|
@ -207,7 +228,8 @@ apt-get install -y \
|
|||
php"$PHPVER"-xmlrpc \
|
||||
php"$PHPVER"-zip \
|
||||
redis-server \
|
||||
unzip
|
||||
unzip \
|
||||
"
|
||||
|
||||
#System related
|
||||
install_ifnot smbclient
|
||||
|
|
|
@ -108,8 +108,8 @@ echo "Add Prosody repo"
|
|||
if [ "$PROSODY_REPO" = "main" ]; then
|
||||
echo "Prosody repository already installed"
|
||||
else
|
||||
echo "deb http://packages.prosody.im/debian $(lsb_release -sc) main" > /etc/apt/sources.list.d/prosody.list
|
||||
wget -qO - https://prosody.im/files/prosody-debian-packages.key | apt-key add -
|
||||
echo "deb [signed-by=/etc/apt/trusted.gpg.d/prosody-debian-packages.key] http://packages.prosody.im/debian $(lsb_release -sc) main" > /etc/apt/sources.list.d/prosody.list
|
||||
curl -s https://prosody.im/files/prosody-debian-packages.key > /etc/apt/trusted.gpg.d/prosody-debian-packages.key
|
||||
fi
|
||||
}
|
||||
dpkg-compare() {
|
||||
|
@ -150,24 +150,24 @@ if ! [ "$(id -u)" = 0 ]; then
|
|||
fi
|
||||
|
||||
printf "\nOS: %s" "$(lsb_release -sd)"
|
||||
if [ "$DIST" = "bionic" ] || \
|
||||
[ "$DIST" = "focal" ]; then
|
||||
if [ "$DIST" = "focal" ] || \
|
||||
[ "$DIST" = "jammy" ]; then
|
||||
printf "\nGood, this is a supported platform!"
|
||||
else
|
||||
printf "\nSorry, this platform is not supported... exiting"
|
||||
exit
|
||||
fi
|
||||
#Suggest 20.04 LTS release over 18.04 in April 2022
|
||||
#Suggest 22.04 LTS release over 20.04 in April 2024
|
||||
TODAY=$(date +%s)
|
||||
NEXT_LTS_DATE=$(date -d 2022-04-01 +%s)
|
||||
NEXT_LTS_DATE=$(date -d 2024-04-01 +%s)
|
||||
|
||||
if [ "$DIST" = "bionic" ]; then
|
||||
if [ "$DIST" = "focal" ]; then
|
||||
if [ "$TODAY" -gt "$NEXT_LTS_DATE" ]; then
|
||||
echo " > $(lsb_release -sc), even when it's compatible and functional.
|
||||
We suggest to use the next (LTS) release, for longer support and security reasons."
|
||||
read -n 1 -s -r -p "Press any key to continue..."$'\n'
|
||||
else
|
||||
echo "Bionic is supported."
|
||||
echo "Focal is supported."
|
||||
fi
|
||||
fi
|
||||
|
||||
|
@ -266,8 +266,8 @@ printf "\nAdd Jitsi repo\n"
|
|||
if [ "$JITSI_REPO" = "stable" ]; then
|
||||
printf " - Jitsi stable repository already installed\n\n"
|
||||
else
|
||||
echo 'deb http://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list
|
||||
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
|
||||
echo 'deb [signed-by=/etc/apt/trusted.gpg.d/jitsi-key.gpg.key] http://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list
|
||||
curl -s https://download.jitsi.org/jitsi-key.gpg.key > /etc/apt/trusted.gpg.d/jitsi-key.gpg.key
|
||||
JITSI_REPO="stable"
|
||||
fi
|
||||
sleep .1
|
||||
|
@ -341,7 +341,7 @@ apt-get -y install \
|
|||
|
||||
if [ "$LE_SSL" = "yes" ]; then
|
||||
apt-get -y install \
|
||||
letsencrypt
|
||||
certbot
|
||||
if [ "$(dpkg-query -W -f='${Status}' ufw 2>/dev/null | grep -c "ok installed")" == "1" ]; then
|
||||
echo "# Disable pre-installed ufw, more on firewall see:
|
||||
> https://github.com/switnet-ltd/quick-jibri-installer/wiki/Firewall"
|
||||
|
@ -412,7 +412,8 @@ if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then
|
|||
echo "Google repository already set."
|
||||
else
|
||||
echo "Installing Google Chrome Stable"
|
||||
wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add -
|
||||
curl -s https://dl.google.com/linux/linux_signing_key.pub | \
|
||||
gpg --dearmor | tee /etc/apt/trusted.gpg.d/google-chrome-key.gpg >/dev/null
|
||||
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO"
|
||||
fi
|
||||
apt-get -q2 update
|
||||
|
@ -470,8 +471,6 @@ LE_RENEW_LOG="/var/log/letsencrypt/renew.log"
|
|||
MOD_LISTU="https://prosody.im/files/mod_listusers.lua"
|
||||
MOD_LIST_FILE="/usr/lib/prosody/modules/mod_listusers.lua"
|
||||
ENABLE_SA="yes"
|
||||
CERTBOT_REPO="$(apt-cache policy | awk '/certbot/{print$2}' | awk -F '/' 'NR==1{print$4}')"
|
||||
CERTBOT_REL_FILE="http://ppa.launchpad.net/certbot/certbot/ubuntu/dists/$(lsb_release -sc)/Release"
|
||||
GC_SDK_REL_FILE="http://packages.cloud.google.com/apt/dists/cloud-sdk-$(lsb_release -sc)/Release"
|
||||
MJS_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
|
||||
MJS_USER="jbsync_$MJS_RAND_TAIL"
|
||||
|
@ -686,7 +685,7 @@ INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js"
|
|||
ssl_wa() {
|
||||
if [ "$LE_SSL" = "yes" ]; then
|
||||
systemctl stop "$1"
|
||||
letsencrypt certonly --standalone --renew-by-default --agree-tos --email "$5" -d "$6"
|
||||
certbot certonly --standalone --renew-by-default --agree-tos --email "$5" -d "$6"
|
||||
sed -i "s|/etc/jitsi/meet/$3.crt|/etc/letsencrypt/live/$3/fullchain.pem|" "$4"
|
||||
sed -i "s|/etc/jitsi/meet/$3.key|/etc/letsencrypt/live/$3/privkey.pem|" "$4"
|
||||
systemctl restart "$1"
|
||||
|
@ -700,35 +699,6 @@ if [ "$LE_SSL" = "yes" ]; then
|
|||
fi
|
||||
}
|
||||
|
||||
enable_letsencrypt() {
|
||||
if [ "$LE_SSL" = "yes" ]; then
|
||||
echo '
|
||||
#--------------------------------------------------
|
||||
# Starting LetsEncrypt configuration
|
||||
#--------------------------------------------------
|
||||
'
|
||||
#Disabled 'til fixed upstream
|
||||
#bash /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
|
||||
|
||||
echo "#Set and upgrade certbot PPA if posssible..."
|
||||
if [ "$CERTBOT_REPO" = "certbot" ]; then
|
||||
printf "\nCertbot repository already on the system!\nChecking for updates...\n"
|
||||
apt-get -q2 update
|
||||
apt-get -yq2 dist-upgrade
|
||||
elif [ "$(curl -s -o /dev/null -w "%{http_code}" "$CERTBOT_REL_FILE" )" == "200" ]; then
|
||||
printf "\nAdding cerbot (formerly letsencrypt) PPA repository for latest updates\n"
|
||||
echo "deb http://ppa.launchpad.net/certbot/certbot/ubuntu $DIST main" > /etc/apt/sources.list.d/certbot.list
|
||||
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 75BCA694
|
||||
apt-get -q2 update
|
||||
apt-get -yq2 dist-upgrade
|
||||
elif [ "$(curl -s -o /dev/null -w "%{http_code}" "$CERTBOT_REL_FILE" )" == "404" ]; then
|
||||
printf "\nCertbot PPA is not available for %s just yet, it won't be installed...\n" "$(lsb_release -sc)"
|
||||
fi
|
||||
else
|
||||
echo "SSL setup will be skipped."
|
||||
fi
|
||||
}
|
||||
|
||||
check_jibri() {
|
||||
if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ]
|
||||
then
|
||||
|
@ -1194,8 +1164,6 @@ if [ "$DISABLE_LOCAL_JIBRI" = "yes" ]; then
|
|||
chmod -R 770 "$DIR_RECORD"
|
||||
fi
|
||||
|
||||
enable_letsencrypt
|
||||
|
||||
# Fix prosody not able to read SSL Certs
|
||||
chown -R root:prosody /etc/prosody/certs/
|
||||
chmod -R 650 /etc/prosody/certs/
|
||||
|
|
Loading…
Reference in New Issue