(WIP)update add-jibri-node for latest changes.

This commit is contained in:
Luis Guzmán 2025-01-22 01:56:49 -06:00
parent a6ac1bfd4d
commit 682e3e9044
1 changed files with 75 additions and 178 deletions

View File

@ -49,17 +49,17 @@ JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR=
JIBRI_CONF="/etc/jitsi/jibri/jibri.conf" JIBRI_CONF="/etc/jitsi/jibri/jibri.conf"
DIR_RECORD="/var/jbrecord" DIR_RECORD="/var/jbrecord"
REC_DIR="/home/jibri/finalize_recording.sh" REC_DIR="/home/jibri/finalize_recording.sh"
CHD_VER="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list" GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list"
GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}') GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}')
GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json" GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
#PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)" #PUBLIC_IP="$(dig -4 +short myip.opendns.com @resolver1.opendns.com)"
JITSI_GPG_KEY="/etc/apt/trusted.gpg.d/jitsi-key.gpg.key"
NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)" NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
NJN_USER="jbnode${ADDUP}_${NJN_RAND_TAIL}" NJN_USER="jbnode${ADDUP}_${NJN_RAND_TAIL}"
NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)" NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)"
GITHUB_RAW="https://raw.githubusercontent.com" GIT_FORGE="https://forge.switnet.net"
GIT_REPO="switnet-ltd/quick-jibri-installer" GIT_REPO="switnet/quick-jibri-installer"
TEST_JIBRI_ENV="$GITHUB_RAW/$GIT_REPO/unstable/tools/test-jibri-env.sh" TEST_JIBRI_ENV="$GIT_FORGE/$GIT_REPO/raw/branch/master/tools/test-jibri-env.sh"
SHORT_ID="$(awk '{print substr($0,0,7)}' /etc/machine-id)" SHORT_ID="$(awk '{print substr($0,0,7)}' /etc/machine-id)"
JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf" JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf"
### 1_VAR_DEF ### 1_VAR_DEF
@ -186,18 +186,19 @@ hostnamectl set-hostname "jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}"
sed -i "1i 127.0.0.1 jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts sed -i "1i 127.0.0.1 jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts
# Jitsi-Meet Repo # Jitsi-Meet Repo
echo "Add Jitsi repo" printf "\nAdd Jitsi repo\n"
if [ -z "$JITSI_REPO" ]; then if [ "$JITSI_REPO" = "stable" ]; then
echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-"$MAIN_SRV_REPO".list printf " - Jitsi stable repository already installed\n\n"
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository don't match, extiting.."
exit
elif [ "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository match, continuing..."
else else
echo "Jitsi $JITSI_REPO repository already installed" echo "deb [signed-by=$JITSI_GPG_KEY] http://download.jitsi.org stable/" \
> /etc/apt/sources.list.d/jitsi-stable.list
curl -s https://download.jitsi.org/jitsi-key.gpg.key \
> "$JITSI_GPG_KEY"
apt-get update -q2
JITSI_REPO="stable"
fi fi
sleep .1
# Requirements # Requirements
echo "We'll start by installing system requirements this may take a while please be patient..." echo "We'll start by installing system requirements this may take a while please be patient..."
@ -210,7 +211,7 @@ apt-get -y install \
curl \ curl \
ffmpeg \ ffmpeg \
git \ git \
htop \ btop \
inotify-tools \ inotify-tools \
jq \ jq \
rsync \ rsync \
@ -219,32 +220,30 @@ apt-get -y install \
wget wget
check_snd_driver() { check_snd_driver() {
echo -e "\n# Checking ALSA - Loopback module..." printf "\n# Checking ALSA - Loopback module..."
echo "snd-aloop" | tee -a /etc/modules echo "snd-aloop" | tee -a /etc/modules
modprobe snd-aloop modprobe snd-aloop
if [ "$(lsmod | grep snd_aloop | head -n 1 | cut -d " " -f1)" = "snd_aloop" ]; then if [ "$(lsmod|awk '/snd_aloop/{print$1}'|awk 'NR==1')" = "snd_aloop" ]; then
echo " echo -e "\n#-----------------------------------------------------------------------"
#----------------------------------------------------------------------- echo "# Audio driver seems - OK."
# Audio driver seems - OK. echo -e "#-----------------------------------------------------------------------\n"
#-----------------------------------------------------------------------" else
else echo -e "\n#-----------------------------------------------------------------------"
echo " echo "# Your audio driver might not be able to load."
#----------------------------------------------------------------------- echo "# We'll check the state of this Jibri with our 'test-jibri-env.sh' tool."
# Your audio driver might not be able to load. echo -e "#-----------------------------------------------------------------------\n"
# We'll check the state of this Jibri with our 'test-jibri-env.sh' tool. curl -s "$TEST_JIBRI_ENV" > /tmp/test-jibri-env.sh
#-----------------------------------------------------------------------" #Test tool
curl -s "$TEST_JIBRI_ENV" > /tmp/test-jibri-env.sh if [ "$MODE" = "debug" ]; then
#Test tool bash /tmp/test-jibri-env.sh -m debug
if [ "$MODE" = "debug" ]; then else
bash /tmp/test-jibri-env.sh -m debug bash /tmp/test-jibri-env.sh
else fi
bash /tmp/test-jibri-env.sh read -n 1 -s -r -p "Press any key to continue..."$'\n'
fi fi
rm /tmp/test-jibri-env.sh
read -n 1 -s -r -p "Press any key to continue..."$'\n'
fi
} }
###FIXME: Trisquel support broken by lsb_release usage###
echo "# Check and Install HWE kernel if possible..." echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")" HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")"
if [ "$HWE_VIR_MOD" = "1" ]; then if [ "$HWE_VIR_MOD" = "1" ]; then
@ -270,27 +269,37 @@ if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then
echo "Google repository already set." echo "Google repository already set."
else else
echo "Installing Google Chrome Stable" echo "Installing Google Chrome Stable"
wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - curl -s https://dl.google.com/linux/linux_signing_key.pub | \
gpg --dearmor | tee /etc/apt/trusted.gpg.d/google-chrome-key.gpg >/dev/null
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO" echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO"
fi fi
apt-get -q2 update apt-get -q2 update
apt-get install -y google-chrome-stable apt-get install -yq2 google-chrome-stable
rm -rf /etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list rm -rf "$GOOGL_REPO"
G_CHROME=$(apt-cache madison google-chrome-stable|awk '{print$3}'|cut -d. -f1-3)
CHROMELAB_URL="https://googlechromelabs.github.io/chrome-for-testing"
CHD_LTST_DWNL=$(curl -s $CHROMELAB_URL/known-good-versions-with-downloads.json | \
jq -r ".versions[].downloads.chromedriver | \
select(. != null) | .[].url" | grep linux64 | \
grep "$G_CHROME" | tail -1)
CHD_LTST=$(awk -F '/' '{print$7}' <<< "$CHD_LTST_DWNL")
GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
if [ -f /usr/local/bin/chromedriver ]; then if [ -f /usr/local/bin/chromedriver ]; then
echo "Chromedriver already installed." echo "Chromedriver already installed."
else else
echo "Installing Chromedriver" echo "Installing Chromedriver"
wget -q https://chromedriver.storage.googleapis.com/"$CHD_VER"/chromedriver_linux64.zip -O /tmp/chromedriver_linux64.zip wget -q "$CHD_LTST_DWNL" \
unzip /tmp/chromedriver_linux64.zip -d /usr/local/bin/ -O /tmp/chromedriver_linux64.zip
unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/
mv /usr/local/bin/chromedriver-linux64/chromedriver /usr/local/bin/chromedriver
chown root:root /usr/local/bin/chromedriver chown root:root /usr/local/bin/chromedriver
chmod 0755 /usr/local/bin/chromedriver chmod 0755 /usr/local/bin/chromedriver
rm -rf /tpm/chromedriver_linux64.zip rm -rf /tmp/chromedriver_linux64.zip
fi fi
echo " printf "\nCheck Google Software Working...\n"
Check Google Software Working...
"
/usr/bin/google-chrome --version /usr/bin/google-chrome --version
/usr/local/bin/chromedriver --version | awk '{print$1,$2}' /usr/local/bin/chromedriver --version | awk '{print$1,$2}'
@ -299,15 +308,13 @@ echo '
Start Jibri configuration Start Jibri configuration
######################################################################## ########################################################################
' '
echo " printf "\nRemove Chrome warning...\n"
Remove Chrome warning...
"
mkdir -p /etc/opt/chrome/policies/managed mkdir -p /etc/opt/chrome/policies/managed
echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON" echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON"
# Recording directory # Recording directory
if [ ! -d "$DIR_RECORD" ]; then if [ ! -d "$DIR_RECORD" ]; then
mkdir "$DIR_RECORD" mkdir "$DIR_RECORD"
fi fi
chown -R jibri:jibri "$DIR_RECORD" chown -R jibri:jibri "$DIR_RECORD"
@ -323,19 +330,10 @@ echo "or storage provider, etc.) in this script" >> /tmp/finalize.out
chmod -R 770 \$RECORDINGS_DIR chmod -R 770 \$RECORDINGS_DIR
#Rename folder. LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -nr|sed 1d|awk '{print\$2}'| grep -v "meta\|_" | head -n1)"
LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -n -r|awk '{print\$2}'| grep -v "meta\|-" | head -n1)" NJF_NAME="\$(find \$LJF_PATH |grep "mp4"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)"
NJF_NAME="\$(find \$LJF_PATH |grep -e "-"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)"
NJF_PATH="\$RECORDINGS_DIR/\$NJF_NAME" NJF_PATH="\$RECORDINGS_DIR/\$NJF_NAME"
mv \$LJF_PATH \$NJF_PATH
##Prevent empty recording directory failsafe
if [ "\$LJF_PATH" != "\$RECORDINGS_DIR" ]; then
mv \$LJF_PATH \$NJF_PATH
#Workaround for jibri to do cleaning.
ssh -i /home/jibri/jbsync.pem $MJS_USER@$MAIN_SRV_DOMAIN "rm -r \$LJF_PATH"
else
echo "No new folder recorded, not removing anything."
fi
exit 0 exit 0
REC_DIR REC_DIR
@ -344,117 +342,15 @@ chmod +x "$REC_DIR"
## New Jibri Config (2020) ## New Jibri Config (2020)
mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file
cat << NEW_CONF > "$JIBRI_CONF" cp files/jibri.conf "$JIBRI_CONF"
// New XMPP environment config. sed -i "s|JIBRI_RES_CONF|$JIBRI_RES_CONF|g" "$JIBRI_CONF"
jibri { sed -i "s|DIR_RECORD|$DIR_RECORD|g" "$JIBRI_CONF"
streaming { sed -i "s|REC_DIR|$REC_DIR|g" "$JIBRI_CONF"
// A list of regex patterns for allowed RTMP URLs. The RTMP URL used sed -i "s|JB_NAME|$JB_NAME|g" "$JIBRI_CONF"
// when starting a stream must match at least one of the patterns in sed -i "s|DOMAIN|$DOMAIN|g" "$JIBRI_CONF"
// this list. sed -i "s|JibriBrewery|$JibriBrewery|g" "$JIBRI_CONF"
rtmp-allow-list = [ sed -i "s|JB_AUTH_PASS|$JB_AUTH_PASS|g" "$JIBRI_CONF"
// By default, all services are allowed sed -i "s|JB_REC_PASS|$JB_REC_PASS|g" "$JIBRI_CONF"
".*"
]
}
ffmpeg {
resolution = "$JIBRI_RES_CONF"
}
chrome {
// The flags which will be passed to chromium when launching
flags = [
"--use-fake-ui-for-media-stream",
"--start-maximized",
"--kiosk",
"--enabled",
"--disable-infobars",
"--autoplay-policy=no-user-gesture-required",
"--ignore-certificate-errors",
"--disable-dev-shm-usage"
]
}
stats {
enable-stats-d = true
}
call-status-checks {
// If all clients have their audio and video muted and if Jibri does not
// detect any data stream (audio or video) comming in, it will stop
// recording after NO_MEDIA_TIMEOUT expires.
no-media-timeout = 30 seconds
// If all clients have their audio and video muted, Jibri consideres this
// as an empty call and stops the recording after ALL_MUTED_TIMEOUT expires.
all-muted-timeout = 10 minutes
// When detecting if a call is empty, Jibri takes into consideration for how
// long the call has been empty already. If it has been empty for more than
// DEFAULT_CALL_EMPTY_TIMEOUT, it will consider it empty and stop the recording.
default-call-empty-timeout = 30 seconds
}
recording {
recordings-directory = $DIR_RECORD
finalize-script = $REC_DIR
}
api {
xmpp {
environments = [
{
// A user-friendly name for this environment
name = "$JB_NAME"
// A list of XMPP server hosts to which we'll connect
xmpp-server-hosts = [ "$MAIN_SRV_DOMAIN" ]
// The base XMPP domain
xmpp-domain = "$MAIN_SRV_DOMAIN"
// The MUC we'll join to announce our presence for
// recording and streaming services
control-muc {
domain = "internal.auth.$MAIN_SRV_DOMAIN"
room-name = "$JibriBrewery"
nickname = "machine-id"
}
// The login information for the control MUC
control-login {
domain = "auth.$MAIN_SRV_DOMAIN"
username = "jibri"
password = "$JB_AUTH_PASS"
}
// An (optional) MUC configuration where we'll
// join to announce SIP gateway services
// sip-control-muc {
// domain = "domain"
// room-name = "room-name"
// nickname = "nickname"
// }
// The login information the selenium web client will use
call-login {
domain = "recorder.$MAIN_SRV_DOMAIN"
username = "recorder"
password = "$JB_REC_PASS"
}
// The value we'll strip from the room JID domain to derive
// the call URL
strip-from-room-domain = "conference."
// How long Jibri sessions will be allowed to last before
// they are stopped. A value of 0 allows them to go on
// indefinitely
usage-timeout = 0 hour
// Whether or not we'll automatically trust any cert on
// this XMPP domain
trust-all-xmpp-certs = true
}
]
}
}
}
NEW_CONF
#Jibri xorg resolution #Jibri xorg resolution
sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" "$JIBRI_XORG_CONF" sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" "$JIBRI_XORG_CONF"
@ -465,15 +361,16 @@ echo "$NJN_USER:$NJN_USER_PASS" | chpasswd
echo -e "\n---- We'll connect to main server ----" echo -e "\n---- We'll connect to main server ----"
read -n 1 -s -r -p "Press any key to continue..."$'\n' read -n 1 -s -r -p "Press any key to continue..."$'\n'
sudo su "$NJN_USER" -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''" sudo su "$NJN_USER" -c "ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -o -a 200 -q -N ''"
#Workaround for jibri to do cleaning.
install -m 0600 -o jibri /home/"$NJN_USER"/.ssh/id_rsa /home/jibri/jbsync.pem install -m 0600 -o jibri /home/"$NJN_USER"/.ssh/id_rsa /home/jibri/jbsync.pem
sudo su jibri -c "install -D /dev/null /home/jibri/.ssh/known_hosts" sudo su jibri -c "install -D /dev/null /home/jibri/.ssh/known_hosts"
sudo su jibri -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts" sudo su jibri -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts"
sudo su jibri -c "ssh-keyscan -t ed25519 $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts"
echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n" echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n"
ssh-keyscan -t rsa "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts ssh-keyscan -t rsa "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts
ssh-keyscan -t ed25519 "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts
ssh "$MJS_USER"@"$MAIN_SRV_DOMAIN" sh -c "'cat >> .ssh/authorized_keys'" < /home/"$NJN_USER"/.ssh/id_rsa.pub ssh "$MJS_USER"@"$MAIN_SRV_DOMAIN" sh -c "'cat >> .ssh/authorized_keys'" < /home/"$NJN_USER"/.ssh/id_rsa.pub
sudo su "$NJN_USER" -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts" sudo su "$NJN_USER" -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts"