Comply main scripts with shellcheck recommendations.

This commit is contained in:
Luis Guzmán 2022-05-11 23:53:51 -05:00
parent 1875cf5db5
commit ae55dfb873
8 changed files with 396 additions and 392 deletions

View File

@ -8,7 +8,7 @@
### 1_LAST EDITION ###
#Make sure the file name is the required one
if [ ! "$(basename $0)" = "add-jibri-node.sh" ]; then
if [ ! "$(basename "$0")" = "add-jibri-node.sh" ]; then
echo "For most cases naming won't matter, for this one it does."
echo "Please use the original name for this script: \`add-jibri-node.sh', and run again."
exit
@ -55,7 +55,7 @@ CHD_VER="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list"
GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}')
GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)"
#PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)"
NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
NJN_USER="jbnode${ADDUP}_${NJN_RAND_TAIL}"
NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)"
@ -68,7 +68,7 @@ JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf"
# sed limiters for add-jibri-node.sh variables
var_dlim() {
grep -n $1 add-jibri-node.sh|head -n1|cut -d ":" -f1
grep -n "$1" add-jibri-node.sh|head -n1|cut -d ":" -f1
}
check_var() {
@ -89,19 +89,19 @@ echo "
# Checking initial necessary variables...
#-----------------------------------------------------------------------"
JMS_DATA=($MAIN_SRV_DIST \
$MAIN_SRV_REPO \
$MAIN_SRV_DOMAIN \
$JibriBrewery \
$JB_NAME \
$JB_AUTH_PASS \
$JB_REC_PASS \
$MJS_USER \
$MJS_USER_PASS \
$JIBRI_RES_CONF \
$JIBRI_RES_XORG_CONF)
JMS_DATA=("$MAIN_SRV_DIST" \
"$MAIN_SRV_REPO" \
"$MAIN_SRV_DOMAIN" \
"$JibriBrewery" \
"$JB_NAME" \
"$JB_AUTH_PASS" \
"$JB_REC_PASS" \
"$MJS_USER" \
"$MJS_USER_PASS" \
"$JIBRI_RES_CONF" \
"$JIBRI_RES_XORG_CONF")
JMS_EVAL=${JMS_DATA[0]}
JMS_EVAL="${JMS_DATA[0]}"
for i in "${JMS_DATA[@]}"; do
if [[ "$JMS_EVAL" != "$i" ]]; then
ALL_TBD="no"
@ -152,7 +152,7 @@ else
fi
### Test RAM size (8GB min) ###
mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+')
if [ ${mem_available} -lt 7700000 ]; then
if [ "${mem_available}" -lt 7700000 ]; then
echo "
Warning!: The system do not meet the minimum RAM requirements for Jibri to run.
>> We recommend 8GB RAM for Jibri!
@ -190,7 +190,7 @@ sed -i "1i 127.0.0.1 jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts
# Jitsi-Meet Repo
echo "Add Jitsi repo"
if [ -z "$JITSI_REPO" ]; then
echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-$MAIN_SRV_REPO.list
echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-"$MAIN_SRV_REPO".list
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository don't match, extiting.."
@ -235,7 +235,7 @@ else
# Your audio driver might not be able to load.
# We'll check the state of this Jibri with our 'test-jibri-env.sh' tool.
#-----------------------------------------------------------------------"
curl -s $TEST_JIBRI_ENV > /tmp/test-jibri-env.sh
curl -s "$TEST_JIBRI_ENV" > /tmp/test-jibri-env.sh
#Test tool
if [ "$MODE" = "debug" ]; then
bash /tmp/test-jibri-env.sh -m debug
@ -248,14 +248,14 @@ fi
}
echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD=$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)")
HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")"
if [ "$HWE_VIR_MOD" = "1" ]; then
apt-get -y install \
linux-image-generic-hwe-$(lsb_release -sr)
linux-image-generic-hwe-"$(lsb_release -sr)"
else
apt-get -y install \
linux-image-generic \
linux-modules-extra-$(uname -r)
linux-modules-extra-"$(uname -r)"
fi
echo "
@ -273,7 +273,7 @@ if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then
else
echo "Installing Google Chrome Stable"
wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add -
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee $GOOGL_REPO
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO"
fi
apt-get -q2 update
apt-get install -y google-chrome-stable
@ -283,7 +283,7 @@ if [ -f /usr/local/bin/chromedriver ]; then
echo "Chromedriver already installed."
else
echo "Installing Chromedriver"
wget -q https://chromedriver.storage.googleapis.com/$CHD_VER/chromedriver_linux64.zip -O /tmp/chromedriver_linux64.zip
wget -q https://chromedriver.storage.googleapis.com/"$CHD_VER"/chromedriver_linux64.zip -O /tmp/chromedriver_linux64.zip
unzip /tmp/chromedriver_linux64.zip -d /usr/local/bin/
chown root:root /usr/local/bin/chromedriver
chmod 0755 /usr/local/bin/chromedriver
@ -305,18 +305,18 @@ echo "
Remove Chrome warning...
"
mkdir -p /etc/opt/chrome/policies/managed
echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > $GCMP_JSON
echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON"
# Recording directory
if [ ! -d $DIR_RECORD ]; then
mkdir $DIR_RECORD
if [ ! -d "$DIR_RECORD" ]; then
mkdir "$DIR_RECORD"
fi
chown -R jibri:jibri $DIR_RECORD
chown -R jibri:jibri "$DIR_RECORD"
cat << REC_DIR > $REC_DIR
cat << REC_DIR > "$REC_DIR"
#!/bin/bash
RECORDINGS_DIR=$DIR_RECORD
RECORDINGS_DIR="$DIR_RECORD"
echo "This is a dummy finalize script" > /tmp/finalize.out
echo "The script was invoked with recordings directory $RECORDINGS_DIR." >> /tmp/finalize.out
@ -341,12 +341,12 @@ fi
exit 0
REC_DIR
chown jibri:jibri $REC_DIR
chmod +x $REC_DIR
chown jibri:jibri "$REC_DIR"
chmod +x "$REC_DIR"
## New Jibri Config (2020)
mv $JIBRI_CONF ${JIBRI_CONF}-dpkg-file
cat << NEW_CONF > $JIBRI_CONF
mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file
cat << NEW_CONF > "$JIBRI_CONF"
// New XMPP environment config.
jibri {
streaming {
@ -459,25 +459,25 @@ jibri {
NEW_CONF
#Jibri xorg resolution
sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" $JIBRI_XORG_CONF
sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" "$JIBRI_XORG_CONF"
echo -e "\n---- Create random nodesync user ----"
useradd -m -g jibri $NJN_USER
useradd -m -g jibri "$NJN_USER"
echo "$NJN_USER:$NJN_USER_PASS" | chpasswd
echo -e "\n---- We'll connect to main server ----"
read -n 1 -s -r -p "Press any key to continue..."$'\n'
sudo su $NJN_USER -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
sudo su "$NJN_USER" -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
#Workaround for jibri to do cleaning.
install -m 0600 -o jibri /home/$NJN_USER/.ssh/id_rsa /home/jibri/jbsync.pem
install -m 0600 -o jibri /home/"$NJN_USER"/.ssh/id_rsa /home/jibri/jbsync.pem
sudo su jibri -c "install -D /dev/null /home/jibri/.ssh/known_hosts"
sudo su jibri -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts"
echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n"
ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> ~/.ssh/known_hosts
ssh $MJS_USER@$MAIN_SRV_DOMAIN sh -c "'cat >> .ssh/authorized_keys'" < /home/$NJN_USER/.ssh/id_rsa.pub
sudo su $NJN_USER -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts"
ssh-keyscan -t rsa "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts
ssh "$MJS_USER"@"$MAIN_SRV_DOMAIN" sh -c "'cat >> .ssh/authorized_keys'" < /home/"$NJN_USER"/.ssh/id_rsa.pub
sudo su "$NJN_USER" -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts"
echo -e "\n---- Setup Log system ----"
cat << INOT_RSYNC > /etc/jitsi/jibri/remote-jbsync.sh
@ -486,21 +486,21 @@ cat << INOT_RSYNC > /etc/jitsi/jibri/remote-jbsync.sh
# Log process
exec 3>&1 4>&2
trap 'exec 2>&4 1>&3' 0 1 2 3
exec 1>/var/log/$NJN_USER/remote_jnsync.log 2>&1
exec 1>/var/log/"$NJN_USER"/remote_jnsync.log 2>&1
# Run sync
while true; do
inotifywait -t 60 -r -e modify,attrib,close_write,move,delete $DIR_RECORD
sudo su $NJN_USER -c "rsync -Aax --info=progress2 --remove-source-files --exclude '.*/' $DIR_RECORD/ $MJS_USER@$MAIN_SRV_DOMAIN:$DIR_RECORD"
find $DIR_RECORD -depth -type d -empty -not -path $DIR_RECORD -delete
inotifywait -t 60 -r -e modify,attrib,close_write,move,delete "$DIR_RECORD"
sudo su "$NJN_USER" -c "rsync -Aax --info=progress2 --remove-source-files --exclude '.*/' $DIR_RECORD/ $MJS_USER@$MAIN_SRV_DOMAIN:$DIR_RECORD"
find "$DIR_RECORD" -depth -type d -empty -not -path "$DIR_RECORD" -delete
done
INOT_RSYNC
mkdir /var/log/$NJN_USER
mkdir /var/log/"$NJN_USER"
cat << LOG_ROT > /etc/logrotate.d/$NJN_USER
/var/log/$NJN_USER/*.log {
cat << LOG_ROT > /etc/logrotate.d/"$NJN_USER"
/var/log/"$NJN_USER"/*.log {
monthly
missingok
rotate 12
@ -561,7 +561,7 @@ echo "
echo "Make sure to reboot, it's necessary before *any* usage.
Rebooting in..."
secs=$((15))
while [ $secs -gt 0 ]; do
while [ "$secs" -gt 0 ]; do
echo -ne "$secs\033[0K\r"
sleep 1
: $((secs--))

View File

@ -8,7 +8,7 @@
### 1_LAST EDITION ###
#Make sure the file name is the required one
if [ ! "$(basename $0)" = "add-jvb2-node.sh" ]; then
if [ ! "$(basename "$0")" = "add-jvb2-node.sh" ]; then
echo "For most cases naming won't matter, for this one it does."
echo "Please use the original name for this script: \`add-jvb2-node.sh', and run again."
exit
@ -53,10 +53,10 @@ SHARD_DOMAIN=TBD
SHARD_PASS=TBD
MUC_JID=TBD
MJS_USER=TBD
MJS_USER_PASS=TBD
START=0
LAST=TBD
#MJS_USER=TBD
#MJS_USER_PASS=TBD
#START=0
#LAST=TBD
THIS_SRV_DIST=$(lsb_release -sc)
JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR==1{print$1}')
@ -71,7 +71,7 @@ SHORT_ID="$(awk '{print substr($0,0,7)}' /etc/machine-id)"
# sed limiters for add-jvb2-node.sh variables
var_dlim() {
grep -n $1 add-jvb2-node.sh|head -n1|cut -d ":" -f1
grep -n "$1" add-jvb2-node.sh|head -n1|cut -d ":" -f1
}
check_var() {
@ -105,7 +105,7 @@ else
fi
### Test RAM size (8GB min) ###
mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+')
if [ ${mem_available} -lt 7700000 ]; then
if [ "${mem_available}" -lt 7700000 ]; then
echo "
Warning!: The system do not meet the CPU recomendations for a JVB node for heavy loads.
>> We recommend 8GB RAM or above for JVB2!
@ -141,7 +141,7 @@ echo "
#-----------------------------------------------------------------------"
check_var JVB_HOSTNNAME "$JVB_HOSTNAME"
if [ -z $JVB_HOST ]; then
if [ -z "$JVB_HOST" ]; then
echo "JVB_HOST is empty, but it may be ok for it to be empty, skipping empty test."
else
check_var JVB_HOST "$JVB_HOST"
@ -166,7 +166,7 @@ sed -i "1i 127.0.0.1 jvb_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts
# Jitsi-Meet Repo
echo "Add Jitsi repo"
if [ -z "$JITSI_REPO" ]; then
echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-$MAIN_SRV_REPO.list
echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-"$MAIN_SRV_REPO".list
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository don't match, extiting.."
@ -193,14 +193,14 @@ apt-get -y install \
wget
echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD=$(apt-cache madison linux-modules-extra-virtual-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "extra-virtual-hwe")
HWE_VIR_MOD="$(apt-cache madison linux-modules-extra-virtual-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c "extra-virtual-hwe")"
if [ "$HWE_VIR_MOD" == "1" ]; then
apt-get -y install \
linux-image-generic-hwe-$(lsb_release -sr) \
linux-modules-extra-virtual-hwe-$(lsb_release -sr)
linux-image-generic-hwe-"$(lsb_release -sr)" \
linux-modules-extra-virtual-hwe-"$(lsb_release -sr)"
else
apt-get -y install \
linux-modules-extra-$(uname -r)
linux-modules-extra-"$(uname -r)"
fi
echo "

View File

@ -18,7 +18,7 @@ if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ $(id -u) = 0 ]; then
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
@ -35,14 +35,14 @@ check_apt_policy() {
apt-cache policy 2>/dev/null| awk "/$1/{print \$3}" | awk -F '/' 'NR==1{print$2}'
}
install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " $1 is installed, skipping..."
else
echo -e "\n---- Installing $1 ----"
apt-get -yq2 install $1
apt-get -yq2 install "$1"
fi
}
DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')"
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
PSGVER="$(apt-cache madison postgresql|awk -F'[ +]' 'NR==1{print $3}')"
@ -65,7 +65,7 @@ read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS
# Install required packages
install_ifnot docker-ce
install_ifnot postgresql-$PSGVER
install_ifnot postgresql-"$PSGVER"
# Create DB
echo -e "> Creating postgresql database for container...\n"
@ -100,37 +100,36 @@ fi
# Tune webserver for Jitsi App control
if [ $(grep -c "etherpad" $WS_CONF) != 0 ]; then
if [ "$(grep -c etherpad "$WS_CONF")" != 0 ]; then
echo "> Webserver seems configured, skipping..."
elif [ -f $WS_CONF ]; then
elif [ -f "$WS_CONF" ]; then
echo "> Setting up webserver configuration file..."
sed -i "/# ensure all static content can always be found first/i \ \ \ \ #Etherpad block" $WS_CONF
sed -i "/# ensure all static content can always be found first/i \ \ \ \ location \^\~\ \/etherpad\/ {" $WS_CONF
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:9001\/;" $WS_CONF
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_set_header X-Forwarded-For \$remote_addr;" $WS_CONF
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_buffering off;" $WS_CONF
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_set_header Host \$host;" $WS_CONF
sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" $WS_CONF
sed -i "/# ensure all static content can always be found first/i \\\n" $WS_CONF
sed -i "/# ensure all static content can always be found first/i \ \ \ \ #Etherpad block" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ location \^\~\ \/etherpad\/ {" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:9001\/;" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_set_header X-Forwarded-For \$remote_addr;" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_buffering off;" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \\\n" "$WS_CONF"
else
echo "> No etherpad config done to server file, please report to:
-> https://github.com/switnet-ltd/quick-jibri-installer/issues"
fi
# Configure config.js
if [ $(grep -c "etherpad_base" $WS_CONF) != 0 ]; then
if [ "$(grep -c "etherpad_base" "$WS_CONF")" != 0 ]; then
echo -e "> $MEET_CONF seems configured, skipping...\n"
else
echo -e "> Setting etherpad domain at $MEET_CONF...\n"
sed -i "/ openSharedDocumentOnJoin:/a\ \ \ \ etherpad_base: \'https://$DOMAIN/etherpad/p/\'," $MEET_CONF
sed -i "/ openSharedDocumentOnJoin:/a\ \ \ \ etherpad_base: \'https://$DOMAIN/etherpad/p/\'," "$MEET_CONF"
fi
echo "> Checking nginx configuration..."
nginx -t 2>/dev/null
if [ $? = 0 ]; then
if nginx -t 2>/dev/null ; then
echo -e " -- Docker configuration seems fine, enabling it."
systemctl reload nginx
# systemctl reload nginx
else
echo "Please check your configuration, something may be wrong."
echo "Will not try to enable etherpad nginx configuration, please report to:

View File

@ -26,7 +26,7 @@ if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ $(id -u) = 0 ]; then
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
@ -39,14 +39,14 @@ echo '
by Software, IT & Networks Ltd
'
run_service() {
systemctl enable $1
systemctl restart $1
systemctl status $1
systemctl enable "$1"
systemctl restart "$1"
systemctl status "$1"
}
MAIN_TEL="/etc/telegraf/telegraf.conf"
TEL_JIT="/etc/telegraf/telegraf.d/jitsi.conf"
GRAFANA_INI="/etc/grafana/grafana.ini"
DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')"
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
GRAFANA_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)"
@ -162,11 +162,11 @@ while [ $secs -gt 0 ]; do
: $((secs--))
done
if [ -f $WS_CONF ]; then
sed -i "/# ensure all static content can always be found first/i \ \ \ \ location \~ \^\/(grafana\/|grafana\/login) {" $WS_CONF
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:3000;" $WS_CONF
sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" $WS_CONF
sed -i "/# ensure all static content can always be found first/i \\\n" $WS_CONF
if [ -f "$WS_CONF" ]; then
sed -i "/# ensure all static content can always be found first/i \ \ \ \ location \~ \^\/(grafana\/|grafana\/login) {" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:3000;" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \\\n" "$WS_CONF"
systemctl restart nginx
else
echo "No app configuration done to server file, please report to:
@ -206,8 +206,8 @@ grafana_cred="admin:$GRAFANA_PASS"
grafana_datasource="InfluxDB"
ds=(11969);
for d in "${ds[@]}"; do
echo -n "Processing $d: "
j=$(curl -s -k -u "$grafana_cred" $grafana_host/api/gnet/dashboards/$d | jq .json)
echo "Processing $d: "
j="$(curl -s -k -u "$grafana_cred" "$grafana_host"/api/gnet/dashboards/"$d" | jq .json)"
curl -s -k -u "$grafana_cred" -XPOST -H "Accept: application/json" \
-H "Content-Type: application/json" \
-d "{

View File

@ -9,8 +9,11 @@ Purple='\e[0;35m'
Green='\e[0;32m'
Yellow='\e[0;33m'
Color_Off='\e[0m'
printwc() {
printf "%b$2%b" "$1" "${Color_Off}"
}
#Check if user is root
if ! [ $(id -u) = 0 ]; then
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
@ -23,28 +26,28 @@ support="https://switnet.net/support"
apt_repo="/etc/apt/sources.list.d"
ENABLE_BLESSM="TBD"
CHD_LTST="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
CHD_LTST_2D="$(echo $CHD_LTST|cut -d "." -f 1,2)"
CHD_LTST_2D="$(echo "$CHD_LTST"|cut -d "." -f 1,2)"
CHDB="$(whereis chromedriver | awk '{print$2}')"
DOMAIN="$(ls /etc/prosody/conf.d|awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')"
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
NC_DOMAIN="TBD"
JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
if [ -f $JITSI_MEET_PROXY ];then
PREAD_PROXY=$(grep -nr "preread_server_name" $JITSI_MEET_PROXY | cut -d ":" -f1)
if [ -f "$JITSI_MEET_PROXY" ];then
PREAD_PROXY=$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" -f1)
fi
INT_CONF="/usr/share/jitsi-meet/interface_config.js"
INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js"
jibri_packages="$(grep Package /var/lib/apt/lists/download.jitsi.org_*_Packages |sort -u|awk '{print $2}'|sed 's|jigasi||')"
AVATAR="$(grep -r avatar /etc/nginx/sites-*/ 2>/dev/null)"
if [ -f $apt_repo/google-chrome.list ]; then
if [ -f "$apt_repo"/google-chrome.list ]; then
google_package=$(grep Package /var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages | sort -u | cut -d ' ' -f2)
else
echo "Seems no Google repo installed"
fi
if [ -z $CHDB ]; then
if [ -z "$CHDB" ]; then
echo "Seems no chromedriver installed"
else
CHD_VER_LOCAL="$($CHDB -v | awk '{print $2}')"
CHD_VER_2D="$(echo $CHD_VER_LOCAL|awk '{printf "%.1f\n", $NF}')"
CHD_VER_2D="$(echo "$CHD_VER_LOCAL"|awk '{printf "%.1f\n", $NF}')"
fi
# True if $1 is greater than $2
@ -72,21 +75,21 @@ restart_services() {
update_jitsi_repo() {
apt-get update -o Dir::Etc::sourcelist="sources.list.d/jitsi-$1.list" \
-o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"
apt-get install -qq --only-upgrade $jibri_packages
apt-get install -qq --only-upgrade "$jibri_packages"
}
update_google_repo() {
if [ -f $apt_repo/google-chrome.list ]; then
if [ -f "$apt_repo"/google-chrome.list ]; then
apt-get update -o Dir::Etc::sourcelist="sources.list.d/google-chrome.list" \
-o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"
apt-get install -qq --only-upgrade $google_package
apt-get install -qq --only-upgrade "$google_package"
else
echo "No Google repository found"
fi
}
GOOGL_VER_2D="$(/usr/bin/google-chrome --version|awk '{printf "%.1f\n", $NF}')"
upgrade_cd() {
if [ ! -z "$GOOGL_VER_2D" ]; then
if [ -n "$GOOGL_VER_2D" ]; then
if version_gt "$GOOGL_VER_2D" "$CHD_VER_2D" ; then
echo "Upgrading Chromedriver to Google Chromes version"
wget -q https://chromedriver.storage.googleapis.com/"$CHD_LTST"/chromedriver_linux64.zip \
@ -95,33 +98,38 @@ if [ ! -z "$GOOGL_VER_2D" ]; then
chown root:root "$CHDB"
chmod 0755 "$CHDB"
rm -rf /tpm/chromedriver_linux64.zip
printf "Current version: ${Green} "$($CHDB -v |awk '{print $2}'|awk '{printf "%.1f\n", $NF}')" ${Color_Off} (latest available)\n"
printf "Current version: "
printwc "$Green" "$($CHDB -v |awk '{print $2}'|awk '{printf "%.1f\n", $NF}')"
echo -e " (latest available)\n"
elif [ "$GOOGL_VER_2D" = "$CHD_LTST_2D" ]; then
echo "No need to upgrade Chromedriver"
printf "Current version: ${Green} $CHD_VER_2D ${Color_Off}\n"
printf "Current version: "
printwc "$Green" "$CHD_VER_2D\n"
fi
else
printf "${Yellow} -> No Google Chrome versión to match, leaving untouched.${Color_Off}\n"
printwc "${Yellow}" " -> No Google Chrome versión to match, leaving untouched.\n"
fi
}
check_lst_cd() {
printf "${Purple}Checking for the latest Chromedriver${Color_Off}\n"
if [ -f $CHDB ]; then
printf "Current installed Chromedriver: ${Yellow} $CHD_VER_2D ${Color_Off}\n"
printf "Current installed Google Chrome: ${Green} $GOOGL_VER_2D ${Color_Off}\n"
printwc "${Purple}" "Checking for the latest Chromedriver\n"
if [ -f "$CHDB" ]; then
printf "Current installed Chromedriver: "
printwc "${Yellow}" "$CHD_VER_2D\n"
printf "Current installed Google Chrome: "
printwc "${Green}" "$GOOGL_VER_2D\n"
upgrade_cd
else
printf "${Yellow} -> Seems there is no Chromedriver installed${Color_Off}\n"
printwc "${Yellow}" " -> Seems there is no Chromedriver installed\n"
fi
}
printf "${Blue}Update & upgrade Jitsi and components${Color_Off}\n"
if [ -f $apt_repo/jitsi-unstable.list ]; then
printwc "${Blue}" "Update & upgrade Jitsi and components\n"
if [ -f "$apt_repo"/jitsi-unstable.list ]; then
update_jitsi_repo unstable
update_google_repo
check_lst_cd
elif [ -f $apt_repo/jitsi-stable.list ]; then
elif [ -f "$apt_repo"/jitsi-stable.list ]; then
update_jitsi_repo stable
update_google_repo
check_lst_cd
@ -144,35 +152,33 @@ if [ -f "$INT_CONF_ETC" ]; then
echo "Static interface_config.js exists, skipping modification..."
else
echo "This setup doesn't have a static interface_config.js, checking changes..."
printf "${Purple}========== Setting Static Avatar ==========${Color_Off}\n"
printwc "${Purple}" "========== Setting Static Avatar ==========\n"
if [[ -z "$AVATAR" ]]; then
echo "Moving on..."
else
echo "Setting Static Avatar"
sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'http://$DOMAIN/avatar/\'|" $INT_CONF
sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" $INT_CONF
sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'http://$DOMAIN/avatar/\'|" "$INT_CONF"
sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" "$INT_CONF"
fi
printf "${Purple}========== Setting Support Link ==========${Color_Off}\n"
if [[ -z $support ]]; then
printwc "${Purple}" "========== Setting Support Link ==========\n"
if [[ -z "$support" ]]; then
echo "Moving on..."
else
echo "Setting Support custom link"
sed -i "s|https://jitsi.org/live|$support|g" $INT_CONF
sed -i "s|https://jitsi.org/live|$support|g" "$INT_CONF"
fi
printf "${Purple}========== Disable Blur my background ==========${Color_Off}\n"
sed -i "s|'videobackgroundblur', ||" $INT_CONF
printwc "${Purple}" "========== Disable Blur my background ==========\n"
sed -i "s|'videobackgroundblur', ||" "$INT_CONF"
fi
if [ "$NC_DOMAIN" != "TBD" ]; then
printf "${Purple}========== Enable $NC_DOMAIN for sync client ==========${Color_Off}\n"
printwc "${Purple}" "========== Enable $NC_DOMAIN for sync client ==========\n"
if [ -z "$PREAD_PROXY" ]; then
echo "
Setting up Nextcloud domain on Jitsi Meet turn proxy
"
sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" $JITSI_MEET_PROXY
sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" $JITSI_MEET_PROXY
sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" $JITSI_MEET_PROXY
sed -i "/server {/i \ \ }" $JITSI_MEET_PROXY
printf "\n Setting up Nextcloud domain on Jitsi Meet turn proxy\n\n"
sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ }" "$JITSI_MEET_PROXY"
else
echo "$NC_DOMAIN seems to be on place, skipping..."
fi
@ -183,6 +189,6 @@ restart_services
# Brandless mode #
########################################################################
if [ "$ENABLE_BLESSM" = "on" ]; then
bash $PWD/jm-bm.sh
bash "$PWD"/jm-bm.sh
fi
printf "${Blue}Script completed \o/! ${Color_Off}\n"
printwc "${Blue}" "Script completed \o/!\n"

View File

@ -4,7 +4,7 @@
# SwITNet Ltd © - 2021, https://switnet.net/
# GNU GPLv3 or later.
DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')"
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
CSS_FILE="/usr/share/jitsi-meet/css/all.css"
TITLE_FILE="/usr/share/jitsi-meet/title.html"
INT_CONF="/usr/share/jitsi-meet/interface_config.js"
@ -21,7 +21,7 @@ MOVILE_APP_NAME="Jitsi Meet"
PART_USER="Participant"
LOCAL_USER="me"
#
SEC_ROOM="TBD"
#SEC_ROOM="TBD"
echo '
#--------------------------------------------------
# Applying Brandless mode
@ -43,7 +43,7 @@ fi
if [ ! -f "$REC_ICON_PATH" ];then
cp images/gnome_record.png "$REC_ICON_PATH"
else
echo "recording icon exists, skipping copying..."
echo "recording icon exists, skipping copying..."
fi
#Custom / Remove icons
@ -53,8 +53,8 @@ sed -i "s|jitsilogo.png|watermark2.png|g" "$TITLE_FILE"
sed -i "s|logo-deep-linking.png|watermark2.png|g" "$BUNDLE_JS"
sed -i "s|jitsiLogo_square.png|gnome_record.png|g" "$BUNDLE_JS"
#Disable logo and url
if [ -z "$(grep -nr ".leftwatermark{display:none" "$CSS_FILE")" ]; then
sed -i "s|.leftwatermark{|.leftwatermark{display:none;|" "$CSS_FILE"
if ! grep -nr ".leftwatermark{display:none" "$CSS_FILE" ; then
sed -i "s|.leftwatermark{|.leftwatermark{display:none;|" "$CSS_FILE"
fi
#Customize room title

View File

@ -16,12 +16,12 @@ if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ $(id -u) = 0 ]; then
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
exit_if_not_installed() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" != "1" ]; then
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then
echo " This instance doesn't have $1 installed, exiting..."
echo " If you think this is an error, please report to:
-> https://github.com/switnet-ltd/quick-jibri-installer/issues "
@ -38,14 +38,14 @@ echo -e '\n
exit_if_not_installed jitsi-meet
DISTRO_RELEASE="$(lsb_release -sc)"
DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')"
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
PHP_REPO="$(apt-cache policy | awk '/http/&&/php/{print$2}' | awk -F "/" 'NR==1{print$5}')"
PHPVER="7.4"
PSGVER="$(apt-cache madison postgresql|awk -F'[ +]' 'NR==1{print $3}')"
PHP_FPM_DIR="/etc/php/$PHPVER/fpm"
PHP_INI="$PHP_FPM_DIR/php.ini"
PHP_CONF="/etc/php/$PHPVER/fpm/pool.d/www.conf"
NC_NGINX_SSL_PORT="$(grep "listen 44" /etc/nginx/sites-available/$DOMAIN.conf | awk '{print$2}')"
NC_NGINX_SSL_PORT="$(grep "listen 44" /etc/nginx/sites-available/"$DOMAIN".conf | awk '{print$2}')"
NC_REPO="https://download.nextcloud.com/server/releases"
NCVERSION="$(curl -s -m 900 $NC_REPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)"
STABLEVERSION="nextcloud-$NCVERSION"
@ -62,10 +62,11 @@ PREAD_PROXY=$(grep -nr "preread_server_name" $JITSI_MEET_PROXY | cut -d ":" -f1)
fi
PUBLIC_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)"
ISO3166_CODE=TBD
NL="$(echo -e '\n> ')"
while [[ "$ANS_NCD" != "yes" ]]
do
read -p "> Please set your domain (or subdomain) here for Nextcloud: (e.g.: cloud.domain.com)"$'\n' -r NC_DOMAIN
read -p "> Please set your domain (or subdomain) here for Nextcloud: (e.g.: cloud.domain.com)$NL" -r NC_DOMAIN
if [ -z "$NC_DOMAIN" ];then
echo "-- This field is mandatory."
elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then
@ -79,13 +80,12 @@ do
fi
done
#Simple DNS test
if [ "$PUBLIC_IP" = "$(dig -4 +short $NC_DOMAIN|awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then
echo "Server public IP & DNS record for $NC_DOMAIN seems to match, continuing...
"
if [ "$PUBLIC_IP" = "$(dig -4 +short "$NC_DOMAIN"|awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then
echo -e "Server public IP & DNS record for $NC_DOMAIN seems to match, continuing...\n\n"
else
echo "Server public IP ($PUBLIC_IP) & DNS record for $NC_DOMAIN don't seem to match."
echo " > Please check your dns records are applied and updated, otherwise Nextcloud may fail."
read -p " > Do you want to continue?: (yes or no)"$'\n' -r DNS_CONTINUE
read -p " > Do you want to continue?: (yes or no)$NL" -r DNS_CONTINUE
if [ "$DNS_CONTINUE" = "yes" ]; then
echo " - We'll continue anyway..."
else
@ -114,7 +114,7 @@ while [[ "$ENABLE_HSTS" != "yes" && "$ENABLE_HSTS" != "no" ]]
do
read -p "> Do you want to enable HSTS for this domain?: (yes or no)
Be aware this option apply mid-term effects on the domain, choose \"no\"
in case you don't know what you are doing. More at https://hstspreload.org/"$'\n' -r ENABLE_HSTS
in case you don't know what you are doing. More at https://hstspreload.org/$NL" -r ENABLE_HSTS
if [ "$ENABLE_HSTS" = "no" ]; then
echo "-- HSTS won't be enabled."
elif [ "$ENABLE_HSTS" = "yes" ]; then
@ -129,7 +129,7 @@ while [ ${#ISO3166_CODE} -gt 2 ];
do
echo -e "Some examples might be: Germany > DE | Mexico > MX | Spain > ES | USA > US\n
Do you want to set such code for your installation?" && \
read -p "Leave empty if you don't want to set any: "$'\n' ISO3166_CODE
read -p "Leave empty if you don't want to set any: " -r ISO3166_CODE
if [ ${#ISO3166_CODE} -gt 2 ]; then
echo -e "\n-- This code is only 2 characters long, please check your input.\n"
fi
@ -137,7 +137,7 @@ done
echo -e "\n# Check for jitsi-meet/jibri\n"
if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ] || \
[ -f /etc/prosody/conf.d/$DOMAIN.conf ]; then
[ -f /etc/prosody/conf.d/"$DOMAIN".conf ]; then
echo "jitsi meet/jibri is installed, checking version:"
apt-show-versions jibri
else
@ -146,7 +146,7 @@ else
fi
exit_ifinstalled() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " This instance already has $1 installed, exiting..."
echo " If you think this is an error, please report to:
-> https://github.com/switnet-ltd/quick-jibri-installer/issues "
@ -154,11 +154,11 @@ if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" =
fi
}
install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " $1 is installed, skipping..."
else
echo -e "\n---- Installing $1 ----"
apt-get -yq2 install $1
apt-get -yq2 install "$1"
fi
}
add_php74() {
@ -174,46 +174,46 @@ else
fi
}
#Prevent root folder permission issues
cp $PWD/files/jra-nc-app-ef.json /tmp
cp "$PWD"/files/jra-nc-app-ef.json /tmp
exit_ifinstalled postgresql-$PSGVER
exit_ifinstalled postgresql-"$PSGVER"
## Install software requirements
# PostgresSQL
install_ifnot postgresql-$PSGVER
install_ifnot postgresql-"$PSGVER"
# PHP 7.4
add_php74
apt-get install -y \
imagemagick \
php$PHPVER-fpm \
php$PHPVER-bcmath \
php$PHPVER-bz2 \
php$PHPVER-curl \
php$PHPVER-gd \
php$PHPVER-gmp \
php$PHPVER-imagick \
php$PHPVER-intl \
php$PHPVER-json \
php$PHPVER-ldap \
php$PHPVER-mbstring \
php$PHPVER-pgsql \
php$PHPVER-redis \
php$PHPVER-soap \
php$PHPVER-xml \
php$PHPVER-xmlrpc \
php$PHPVER-zip \
php"$PHPVER"-fpm \
php"$PHPVER"-bcmath \
php"$PHPVER"-bz2 \
php"$PHPVER"-curl \
php"$PHPVER"-gd \
php"$PHPVER"-gmp \
php"$PHPVER"-imagick \
php"$PHPVER"-intl \
php"$PHPVER"-json \
php"$PHPVER"-ldap \
php"$PHPVER"-mbstring \
php"$PHPVER"-pgsql \
php"$PHPVER"-redis \
php"$PHPVER"-soap \
php"$PHPVER"-xml \
php"$PHPVER"-xmlrpc \
php"$PHPVER"-zip \
redis-server \
unzip
#System related
install_ifnot smbclient
sed -i "s|.*env\[HOSTNAME\].*|env\[HOSTNAME\] = \$HOSTNAME|" $PHP_CONF
sed -i "s|.*env\[PATH\].*|env\[PATH\] = /usr/local/bin:/usr/bin:/bin|" $PHP_CONF
sed -i "s|.*env\[TMP\].*|env\[TMP\] = /tmp|" $PHP_CONF
sed -i "s|.*env\[TMPDIR\].*|env\[TMPDIR\] = /tmp|" $PHP_CONF
sed -i "s|.*env\[TEMP\].*|env\[TEMP\] = /tmp|" $PHP_CONF
sed -i "s|;clear_env = no|clear_env = no|" $PHP_CONF
sed -i "s|.*env\[HOSTNAME\].*|env\[HOSTNAME\] = \$HOSTNAME|" "$PHP_CONF"
sed -i "s|.*env\[PATH\].*|env\[PATH\] = /usr/local/bin:/usr/bin:/bin|" "$PHP_CONF"
sed -i "s|.*env\[TMP\].*|env\[TMP\] = /tmp|" "$PHP_CONF"
sed -i "s|.*env\[TMPDIR\].*|env\[TMPDIR\] = /tmp|" "$PHP_CONF"
sed -i "s|.*env\[TEMP\].*|env\[TEMP\] = /tmp|" "$PHP_CONF"
sed -i "s|;clear_env = no|clear_env = no|" "$PHP_CONF"
echo "
Tunning PHP.ini...
@ -244,14 +244,14 @@ echo "opcache.revalidate_freq=1"
echo "opcache.validate_timestamps=1"
} >> "$PHP_INI"
systemctl restart php$PHPVER-fpm.service
systemctl restart php"$PHPVER"-fpm.service
#--------------------------------------------------
# Create DB user
#--------------------------------------------------
echo -e "\n---- Creating the PgSQL DB & User ----"
cd /tmp
cd /tmp || exit
sudo -u postgres psql <<DB
CREATE DATABASE nextcloud_db;
CREATE USER ${NC_DB_USER} WITH ENCRYPTED PASSWORD '${NC_DB_PASSWD}';
@ -261,7 +261,7 @@ echo "Done!
"
#nginx - configuration
cat << NC_NGINX > $NC_NGINX_CONF
cat << NC_NGINX > "$NC_NGINX_CONF"
#nextcloud config
upstream php-handler {
#server 127.0.0.1:9000;
@ -417,9 +417,9 @@ server {
}
NC_NGINX
systemctl stop nginx
letsencrypt certonly --standalone --renew-by-default --agree-tos -d $NC_DOMAIN
if [ -f /etc/letsencrypt/live/$NC_DOMAIN/fullchain.pem ];then
ln -s $NC_NGINX_CONF /etc/nginx/sites-available/
letsencrypt certonly --standalone --renew-by-default --agree-tos -d "$NC_DOMAIN"
if [ -f /etc/letsencrypt/live/"$NC_DOMAIN"/fullchain.pem ];then
ln -s "$NC_NGINX_CONF" /etc/nginx/sites-available/
else
echo "There are issues on getting the SSL certs..."
read -n 1 -s -r -p "Press any key to continue"
@ -428,34 +428,34 @@ nginx -t
systemctl restart nginx
if [ "$ENABLE_HSTS" = "yes" ]; then
sed -i "s|#add_header Strict-Transport-Security|add_header Strict-Transport-Security|g" $NC_NGINX_CONF
sed -i "s|#add_header Strict-Transport-Security|add_header Strict-Transport-Security|g" "$NC_NGINX_CONF"
fi
if [ ! -z "$PREAD_PROXY" ]; then
if [ -n "$PREAD_PROXY" ]; then
echo "
Setting up Nextcloud domain on Jitsi Meet turn proxy
"
sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" $JITSI_MEET_PROXY
sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" $JITSI_MEET_PROXY
sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" $JITSI_MEET_PROXY
sed -i "/server {/i \ \ }" $JITSI_MEET_PROXY
sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ }" "$JITSI_MEET_PROXY"
fi
echo "
Latest version to be installed: $STABLEVERSION
(This might take sometime, please be patient...)
"
curl -s $NC_REPO/$STABLEVERSION.zip > /tmp/$STABLEVERSION.zip
unzip -q /tmp/$STABLEVERSION.zip
mv nextcloud $NC_PATH
curl -s "$NC_REPO"/"$STABLEVERSION".zip > /tmp/"$STABLEVERSION".zip
unzip -q /tmp/"$STABLEVERSION".zip
mv nextcloud "$NC_PATH"
chown -R www-data:www-data $NC_PATH
chmod -R 755 $NC_PATH
chown -R www-data:www-data "$NC_PATH"
chmod -R 755 "$NC_PATH"
echo "
Database installation...
"
sudo -u www-data php $NC_PATH/occ maintenance:install \
sudo -u www-data php "$NC_PATH"/occ maintenance:install \
--database=pgsql \
--database-name="$NC_DB" \
--database-user="$NC_DB_USER" \
@ -466,10 +466,10 @@ sudo -u www-data php $NC_PATH/occ maintenance:install \
echo "
Apply custom mods...
"
sed -i "/datadirectory/a \ \ \'skeletondirectory\' => \'\'," $NC_CONFIG
sed -i "/skeletondirectory/a \ \ \'simpleSignUpLink.shown\' => false," $NC_CONFIG
sed -i "/simpleSignUpLink.shown/a \ \ \'knowledgebaseenabled\' => false," $NC_CONFIG
sed -i "s|http://localhost|http://$NC_DOMAIN|" $NC_CONFIG
sed -i "/datadirectory/a \ \ \'skeletondirectory\' => \'\'," "$NC_CONFIG"
sed -i "/skeletondirectory/a \ \ \'simpleSignUpLink.shown\' => false," "$NC_CONFIG"
sed -i "/simpleSignUpLink.shown/a \ \ \'knowledgebaseenabled\' => false," "$NC_CONFIG"
sed -i "s|http://localhost|http://$NC_DOMAIN|" "$NC_CONFIG"
echo "Add crontab..."
crontab -u www-data -l | { cat; echo "*/5 * * * * php -f $NC_PATH/cron.php"; } | crontab -u www-data -
@ -477,54 +477,54 @@ crontab -u www-data -l | { cat; echo "*/5 * * * * php -f $NC_PATH/cron.php";
echo "
Add memcache support...
"
sed -i "s|# unixsocket .*|unixsocket /var/run/redis/redis.sock|g" $REDIS_CONF
sed -i "s|# unixsocketperm .*|unixsocketperm 777|g" $REDIS_CONF
sed -i "s|port 6379|port 0|" $REDIS_CONF
sed -i "s|# unixsocket .*|unixsocket /var/run/redis/redis.sock|g" "$REDIS_CONF"
sed -i "s|# unixsocketperm .*|unixsocketperm 777|g" "$REDIS_CONF"
sed -i "s|port 6379|port 0|" "$REDIS_CONF"
systemctl restart redis-server
echo "--> Setting config.php..."
if [ ! -z "$ISO3166_CODE" ]; then
sed -i "/);/i \ \ 'default_phone_region' => '$ISO3166_CODE'," $NC_CONFIG
if [ -n "$ISO3166_CODE" ]; then
sed -i "/);/i \ \ 'default_phone_region' => '$ISO3166_CODE'," "$NC_CONFIG"
fi
sed -i "/);/i \ \ 'filelocking.enabled' => 'true'," $NC_CONFIG
sed -i "/);/i \ \ 'memcache.locking' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG
sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG
sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG
sed -i "/);/i \ \ 'memcache.distributed' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG
sed -i "/);/i \ \ 'redis' =>" $NC_CONFIG
sed -i "/);/i \ \ \ \ array (" $NC_CONFIG
sed -i "/);/i \ \ \ \ \ 'host' => '/var/run/redis/redis.sock'," $NC_CONFIG
sed -i "/);/i \ \ \ \ \ 'port' => 0," $NC_CONFIG
sed -i "/);/i \ \ \ \ \ 'timeout' => 0," $NC_CONFIG
sed -i "/);/i \ \ )," $NC_CONFIG
sed -i "/);/i \ \ 'filelocking.enabled' => 'true'," "$NC_CONFIG"
sed -i "/);/i \ \ 'memcache.locking' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG"
sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG"
sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG"
sed -i "/);/i \ \ 'memcache.distributed' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG"
sed -i "/);/i \ \ 'redis' =>" "$NC_CONFIG"
sed -i "/);/i \ \ \ \ array (" "$NC_CONFIG"
sed -i "/);/i \ \ \ \ \ 'host' => '/var/run/redis/redis.sock'," "$NC_CONFIG"
sed -i "/);/i \ \ \ \ \ 'port' => 0," "$NC_CONFIG"
sed -i "/);/i \ \ \ \ \ 'timeout' => 0," "$NC_CONFIG"
sed -i "/);/i \ \ )," "$NC_CONFIG"
echo "Done
"
echo "
Addding & Setting up Files External App for Local storage...
"
sudo -u www-data php $NC_PATH/occ app:install files_external
sudo -u www-data php $NC_PATH/occ app:enable files_external
sudo -u www-data php $NC_PATH/occ app:disable support
sudo -u www-data php $NC_PATH/occ files_external:import /tmp/jra-nc-app-ef.json
sudo -u www-data php "$NC_PATH"/occ app:install files_external
sudo -u www-data php "$NC_PATH"/occ app:enable files_external
sudo -u www-data php "$NC_PATH"/occ app:disable support
sudo -u www-data php "$NC_PATH"/occ files_external:import /tmp/jra-nc-app-ef.json
usermod -a -G jibri www-data
chmod -R 770 $DIR_RECORD
chmod -R g+s $DIR_RECORD
chmod -R 770 "$DIR_RECORD"
chmod -R g+s "$DIR_RECORD"
echo "
Fixing possible missing tables...
"
echo "y"|sudo -u www-data php $NC_PATH/occ db:convert-filecache-bigint
sudo -u www-data php $NC_PATH/occ db:add-missing-indices
sudo -u www-data php $NC_PATH/occ db:add-missing-columns
echo "y"|sudo -u www-data php "$NC_PATH"/occ db:convert-filecache-bigint
sudo -u www-data php "$NC_PATH"/occ db:add-missing-indices
sudo -u www-data php "$NC_PATH"/occ db:add-missing-columns
echo "
Adding trusted domain...
"
sudo -u www-data php $NC_PATH/occ config:system:set trusted_domains 0 --value=$NC_DOMAIN
sudo -u www-data php "$NC_PATH"/occ config:system:set trusted_domains 0 --value="$NC_DOMAIN"
echo "Setting JRA domain on jitsi-updater.sh"
cd ~/quick-jibri-installer
cd ~/quick-jibri-installer || exit
sed -i "s|NC_DOMAIN=.*|NC_DOMAIN=\"$NC_DOMAIN\"|" jitsi-updater.sh
echo "Quick Nextcloud installation complete!"

View File

@ -26,12 +26,12 @@ NGINX=$(dpkg-query -W -f='${Status}' nginx 2>/dev/null | grep -c "ok installed")
DIST=$(lsb_release -sc)
GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list"
GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}')
PROSODY_REPO=$(apt-cache policy | awk '/prosody/{print$3}' | awk -F "/" 'NR==1{print$2}')
PROSODY_REPO="$(apt-cache policy | awk '/prosody/{print$3}' | awk -F "/" 'NR==1{print$2}')"
PUBLIC_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)"
CR=`echo $'\n> '`
NL="$(echo -e '\n> ')"
exit_ifinstalled() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo "
This instance already has $1 installed, exiting...
Please try again on a clean system.
@ -53,11 +53,11 @@ rename_distro etiona bionic
rename_distro nabia focal
install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " $1 is installed, skipping..."
else
echo -e "\n---- Installing $1 ----"
apt-get -yq2 install $1
apt-get -yq2 install "$1"
fi
}
check_serv() {
@ -96,16 +96,16 @@ else
#-----------------------------------------------------------------------"
#Test tool
if [ "$MODE" = "debug" ]; then
bash $PWD/tools/test-jibri-env.sh -m debug
bash "$PWD"/tools/test-jibri-env.sh -m debug
else
bash $PWD/tools/test-jibri-env.sh
bash "$PWD"/tools/test-jibri-env.sh
fi
read -n 1 -s -r -p "Press any key to continue..."$'\n'
fi
}
# sed limiters for add-jibri-node.sh variables
var_dlim() {
grep -n $1 add-jibri-node.sh|head -n1|cut -d ":" -f1
grep -n "$1" add-jibri-node.sh|head -n1|cut -d ":" -f1
}
add_prosody_repo() {
echo "Add Prosody repo"
@ -117,7 +117,7 @@ else
fi
}
dpkg-compare() {
dpkg --compare-versions $(dpkg-query -f='${Version}' --show $1) $2 $3
dpkg --compare-versions "$(dpkg-query -f='${Version}' --show "$1")" "$2" "$3"
}
wait_seconds() {
secs=$(($1))
@ -148,7 +148,7 @@ Wiki and documentation: https://github.com/switnet-ltd/quick-jibri-installer/wik
read -n 1 -s -r -p "Press any key to continue..."$'\n'
#Check if user is root
if ! [ $(id -u) = 0 ]; then
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
@ -188,8 +188,8 @@ else
CPU_MIN="Y"
fi
### Test RAM size (8GB min) ###
mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+')
if [ ${mem_available} -lt 7700000 ]; then
mem_available="$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+')"
if [ "$mem_available" -lt 7700000 ]; then
echo "
Warning!: The system do not meet the minimum RAM requirements for Jibri to run.
>> We recommend 8GB RAM for Jibri!
@ -209,7 +209,7 @@ else
echo "Even when you can use the videoconferencing sessions, we advice to increase the resources in order to user Jibri."
while [[ "$CONTINUE_LOW_RES" != "yes" && "$CONTINUE_LOW_RES" != "no" ]]
do
read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_LOW_RES
read -p "> Do you want to continue?: (yes or no)$NL" -r CONTINUE_LOW_RES
if [ "$CONTINUE_LOW_RES" = "no" ]; then
echo "See you next time with more resources!..."
exit
@ -240,7 +240,7 @@ So you can add a Jibri server on a instance with enough resources.\n"
while [[ "$DISABLE_LOCAL_JIBRI" != "yes" && "$DISABLE_LOCAL_JIBRI" != "no" ]]
do
read -p "> Do you want to disable local jibri service?: (yes or no)"$'\n' -r DISABLE_LOCAL_JIBRI
read -p "> Do you want to disable local jibri service?: (yes or no)$NL" -r DISABLE_LOCAL_JIBRI
if [ "$DISABLE_LOCAL_JIBRI" = "no" ]; then
echo -e "Please keep in mind that we might not support underpowered servers.\n"
elif [ "$DISABLE_LOCAL_JIBRI" = "yes" ]; then
@ -254,10 +254,10 @@ echo "Checking system oriented purpose....
"
apt-get -yq2 update
SYSTEM_DE="$(apt-cache search "ubuntu-(desktop|mate-desktop)"|awk '{print$1}'|xargs|sed 's|$| trisquel triskel trisquel-mini|')"
SYSTEM_DE_ARRAY=( $SYSTEM_DE )
SYSTEM_DE_ARRAY=( "$SYSTEM_DE" )
for de in "${SYSTEM_DE_ARRAY[@]}"
do
if [ "$(dpkg-query -W -f='${Status}' $de 2>/dev/null | grep -c "ok installed")" == "1" ]; then
if [ "$(dpkg-query -W -f='${Status}' "$de" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo -e "\n > This instance has $de installed, exiting...
\nPlease avoid using this installer on a desktop-user oriented GNU/Linux system.
This is an unsupported use, as it will likely BREAK YOUR SYSTEM, so please don't."
@ -282,8 +282,8 @@ fi
#Default to LE SSL?
while [[ "$LE_SSL" != "yes" && "$LE_SSL" != "no" ]]
do
read -p "> Do you plan to use Let's Encrypt SSL certs?: (yes or no)"$'\n' -r LE_SSL
if [ $LE_SSL = yes ]; then
read -p "> Do you plan to use Let's Encrypt SSL certs?: (yes or no)$NL" -r LE_SSL
if [ "$LE_SSL" = yes ]; then
echo "We'll default to Let's Encrypt SSL certs."
else
echo "We'll let you choose later on for it.
@ -294,8 +294,8 @@ done
if [ "$LE_SSL" = "yes" ]; then
while [[ "$ANS_JD" != "yes" ]]
do
read -p "> Please set your domain (or subdomain) here: (e.g.: jitsi.domain.com)"$'\n' -r JITSI_DOMAIN
read -p "> Did you mean?: $JITSI_DOMAIN (yes or no)"$'\n' -r ANS_JD
read -p "> Please set your domain (or subdomain) here: (e.g.: jitsi.domain.com)$NL" -r JITSI_DOMAIN
read -p "> Did you mean?: $JITSI_DOMAIN (yes or no)$NL" -r ANS_JD
if [ "$ANS_JD" = "yes" ]; then
echo "Alright, let's use $JITSI_DOMAIN."
else
@ -303,13 +303,13 @@ if [ "$LE_SSL" = "yes" ]; then
fi
done
#Simple DNS test
if [ "$PUBLIC_IP" = "$(dig -4 +short $JITSI_DOMAIN||awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then
if [ "$PUBLIC_IP" = "$(dig -4 +short "$JITSI_DOMAIN"||awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then
echo "Server public IP & DNS record for $JITSI_DOMAIN seems to match, continuing...
"
else
echo "Server public IP ($PUBLIC_IP) & DNS record for $JITSI_DOMAIN don't seem to match."
echo " > Please check your dns records are applied and updated, otherwise components may fail."
read -p " > Do you want to continue?: (yes or no)"$'\n' -r DNS_CONTINUE
read -p " > Do you want to continue?: (yes or no)$NL" -r DNS_CONTINUE
if [ "$DNS_CONTINUE" = "yes" ]; then
echo " - We'll continue anyway..."
else
@ -348,15 +348,15 @@ apt-get -y install \
fi
echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD=$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)")
HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)")"
if [ "$HWE_VIR_MOD" = "1" ]; then
apt-get -y install \
linux-image-generic-hwe-$(lsb_release -sr) \
linux-tools-generic-hwe-$(lsb_release -sr)
linux-image-generic-hwe-"$(lsb_release -sr)" \
linux-tools-generic-hwe-"$(lsb_release -sr)"
else
apt-get -y install \
linux-image-generic \
linux-modules-extra-$(uname -r)
linux-modules-extra-"$(uname -r)"
fi
check_serv
@ -373,7 +373,7 @@ fi
apt-get -y install \
jitsi-meet \
jibri \
openjdk-8-jre-headless
openjdk-11-jre-headless
# Fix RAND_load_file error
#https://github.com/openssl/openssl/issues/7754#issuecomment-444063355
@ -409,7 +409,7 @@ if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then
else
echo "Installing Google Chrome Stable"
wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add -
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee $GOOGL_REPO
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO"
fi
apt-get -q2 update
apt-get install -yq2 google-chrome-stable
@ -419,7 +419,7 @@ if [ -f /usr/local/bin/chromedriver ]; then
echo "Chromedriver already installed."
else
echo "Installing Chromedriver"
wget -q https://chromedriver.storage.googleapis.com/$CHD_LTST/chromedriver_linux64.zip \
wget -q https://chromedriver.storage.googleapis.com/"$CHD_LTST"/chromedriver_linux64.zip \
-O /tmp/chromedriver_linux64.zip
unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/
chown root:root /usr/local/bin/chromedriver
@ -437,13 +437,13 @@ echo "
Remove Chrome warning...
"
mkdir -p /etc/opt/chrome/policies/managed
echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > $GCMP_JSON
echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON"
## JMS system tune up
if [ "$MODE" = "debug" ]; then
bash $PWD/mode/jms-stu.sh -m debug
bash "$PWD"/mode/jms-stu.sh -m debug
else
bash $PWD/mode/jms-stu.sh
bash "$PWD"/mode/jms-stu.sh
fi
echo '
@ -452,7 +452,7 @@ echo '
########################################################################
'
# MEET / JIBRI SETUP
DOMAIN="$(find /etc/prosody/conf.d/ -name *.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
JB_AUTH_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
JB_REC_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
@ -463,7 +463,7 @@ MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
JIBRI_CONF="/etc/jitsi/jibri/jibri.conf"
JVB2_CONF="/etc/jitsi/videobridge/config"
JVB2_SIP="/etc/jitsi/videobridge/sip-communicator.properties"
DIR_RECORD=/var/jbrecord
DIR_RECORD="/var/jbrecord"
REC_DIR="/home/jibri/finalize_recording.sh"
JB_NAME="Jibri Sessions"
LE_RENEW_LOG="/var/log/letsencrypt/renew.log"
@ -480,10 +480,10 @@ FQDN_HOST="fqdn"
JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf"
# Rename hostname for jitsi server
while [[ "$FQDN_HOST" != "yes" && "$FQDN_HOST" != "no" && ! -z "$FQDN_HOST" ]]
while [[ "$FQDN_HOST" != "yes" && "$FQDN_HOST" != "no" && -n "$FQDN_HOST" ]]
do
echo -e "> Set $DOMAIN as a fqdn hostname?: (yes or no)\n" && \
read -p "Leave empty to default to your current one ($(hostname -f)): "$'\n' FQDN_HOST
read -p "Leave empty to default to your current one ($(hostname -f)):$NL" -r FQDN_HOST
if [ "$FQDN_HOST" = "yes" ]; then
echo "$DOMAIN will be used as fqdn hostname, changes will show on reboot."
hostnamectl set-hostname "${DOMAIN}"
@ -497,7 +497,7 @@ done
if [ "$LE_SSL" = "yes" ]; then
while [[ -z $SYSADMIN_EMAIL ]]
do
read -p "Set sysadmin email (this is a mandatory field):"$'\n' -r SYSADMIN_EMAIL
read -p "Set sysadmin email (this is a mandatory field):$NL" -r SYSADMIN_EMAIL
done
fi
#Language
@ -508,21 +508,21 @@ See here:
https://github.com/jitsi/jitsi-meet/blob/master/lang/languages.json
Jitsi Meet web interface will be set to use such language."
read -p "Please set your language (Press enter to default to 'en'):"$'\n' -r JB_LANG
read -p "Please set your language (Press enter to default to 'en'):$NL" -r JB_LANG
echo -e "\nWe'll take a minute to localize some UI excerpts if you need.\n"
#Participant
echo -e "> Do you want to translate 'Participant' to your own language?" && \
read -p "Leave empty to use the default one (English): "$'\n' L10N_PARTICIPANT
read -p "Leave empty to use the default one (English):$NL" -r L10N_PARTICIPANT
#Me
echo -e "\n> Do you want to translate 'me' to your own language?
This must be a really small word to present one self.
Some suggestions might be: yo (Spanish) | je (French) | ich (German)\n" && \
read -p "Leave empty to use the default one (English): "$'\n' L10N_ME
read -p "Leave empty to use the default one (English):$NL" -r L10N_ME
#Drop unsecure TLS
while [[ "$DROP_TLS1" != "yes" && "$DROP_TLS1" != "no" ]]
do
read -p "> Do you want to drop support for unsecure protocols TLSv1.0/1.1 now: (yes or no)"$'\n' -r DROP_TLS1
read -p "> Do you want to drop support for unsecure protocols TLSv1.0/1.1 now: (yes or no)$NL" -r DROP_TLS1
if [ "$DROP_TLS1" = "no" ]; then
echo "TLSv1.0/1.1 will remain."
elif [ "$DROP_TLS1" = "yes" ]; then
@ -542,7 +542,7 @@ done
#Brandless Mode
while [[ "$ENABLE_BLESSM" != "yes" && "$ENABLE_BLESSM" != "no" ]]
do
read -p "> Do you want to install customized \"brandless mode\"?: (yes or no)"$'\n' -r ENABLE_BLESSM
read -p "> Do you want to install customized \"brandless mode\"?: (yes or no)$NL" -r ENABLE_BLESSM
if [ "$ENABLE_BLESSM" = "no" ]; then
echo "Brandless mode won't be set."
elif [ "$ENABLE_BLESSM" = "yes" ]; then
@ -552,7 +552,7 @@ done
#Welcome Page
while [[ "$ENABLE_WELCP" != "yes" && "$ENABLE_WELCP" != "no" ]]
do
read -p "> Do you want to disable the Welcome page: (yes or no)"$'\n' -r ENABLE_WELCP
read -p "> Do you want to disable the Welcome page: (yes or no)$NL" -r ENABLE_WELCP
if [ "$ENABLE_WELCP" = "yes" ]; then
echo "Welcome page will be disabled."
elif [ "$ENABLE_WELCP" = "no" ]; then
@ -562,7 +562,7 @@ done
#Close page
while [[ "$ENABLE_CLOCP" != "yes" && "$ENABLE_CLOCP" != "no" ]]
do
read -p "> Do you want to enable the close page on room exit: (yes or no)"$'\n' -r ENABLE_CLOCP
read -p "> Do you want to enable the close page on room exit: (yes or no)$NL" -r ENABLE_CLOCP
if [ "$ENABLE_CLOCP" = "yes" ]; then
echo "Close page will be enabled."
elif [ "$ENABLE_CLOCP" = "no" ]; then
@ -572,7 +572,7 @@ done
#Enable static avatar
while [[ "$ENABLE_SA" != "yes" && "$ENABLE_SA" != "no" ]]
do
read -p "> (Legacy) Do you want to enable static avatar?: (yes or no)"$'\n' -r ENABLE_SA
read -p "> (Legacy) Do you want to enable static avatar?: (yes or no)$NL" -r ENABLE_SA
if [ "$ENABLE_SA" = "no" ]; then
echo "Static avatar won't be enabled"
elif [ "$ENABLE_SA" = "yes" ]; then
@ -644,7 +644,7 @@ fi
while [[ "$ENABLE_NC_ACCESS" != "yes" && "$ENABLE_NC_ACCESS" != "no" ]]
do
read -p "> Do you want to setup Jibri Records Access via Nextcloud: (yes or no)
( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )"$'\n' -r ENABLE_NC_ACCESS
( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )$NL" -r ENABLE_NC_ACCESS
if [ "$ENABLE_NC_ACCESS" = "no" ]; then
echo -e "-- JRA via Nextcloud won't be enabled.\n"
elif [ "$ENABLE_NC_ACCESS" = "yes" ]; then
@ -652,15 +652,15 @@ do
fi
done
#Jigasi
if [ "$(curl -s -o /dev/null -w "%{http_code}" $GC_SDK_REL_FILE )" == "404" ]; then
if [ "$(curl -s -o /dev/null -w "%{http_code}" "$GC_SDK_REL_FILE" )" == "404" ]; then
echo "> Sorry Google SDK doesn't have support yet for $(lsb_release -sd),
thus, Jigasi Transcript can't be enable.
"
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $GC_SDK_REL_FILE )" == "200" ]; then
elif [ "$(curl -s -o /dev/null -w "%{http_code}" "$GC_SDK_REL_FILE" )" == "200" ]; then
while [[ "$ENABLE_TRANSCRIPT" != "yes" && "$ENABLE_TRANSCRIPT" != "no" ]]
do
read -p "> Do you want to setup Jigasi Transcription: (yes or no)
( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )"$'\n' -r ENABLE_TRANSCRIPT
( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )$NL" -r ENABLE_TRANSCRIPT
if [ "$ENABLE_TRANSCRIPT" = "no" ]; then
echo -e "-- Jigasi Transcription won't be enabled.\n"
elif [ "$ENABLE_TRANSCRIPT" = "yes" ]; then
@ -675,7 +675,7 @@ fi
while [[ "$ENABLE_GRAFANA_DSH" != "yes" && "$ENABLE_GRAFANA_DSH" != "no" ]]
do
read -p "> Do you want to setup Grafana Dashboard: (yes or no)
( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )"$'\n' -r ENABLE_GRAFANA_DSH
( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )$NL" -r ENABLE_GRAFANA_DSH
if [ "$ENABLE_GRAFANA_DSH" = "no" ]; then
echo -e "-- Grafana Dashboard won't be enabled.\n"
elif [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then
@ -685,7 +685,7 @@ done
#Docker Etherpad
while [[ "$ENABLE_DOCKERPAD" != "yes" && "$ENABLE_DOCKERPAD" != "no" ]]
do
read -p "> Do you want to setup Docker Etherpad: (yes or no)"$'\n' -r ENABLE_DOCKERPAD
read -p "> Do you want to setup Docker Etherpad: (yes or no)$NL" -r ENABLE_DOCKERPAD
if [ "$ENABLE_DOCKERPAD" = "no" ]; then
echo -e "-- Docker Etherpad won't be enabled.\n"
elif [ "$ENABLE_DOCKERPAD" = "yes" ]; then
@ -701,17 +701,16 @@ echo '
JibriBrewery=JibriBrewery
INT_CONF="/usr/share/jitsi-meet/interface_config.js"
INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js"
WAN_IP=$(dig +short myip.opendns.com @resolver1.opendns.com)
ssl_wa() {
if [ "$LE_SSL" = "yes" ]; then
systemctl stop $1
letsencrypt certonly --standalone --renew-by-default --agree-tos --email $5 -d $6
sed -i "s|/etc/jitsi/meet/$3.crt|/etc/letsencrypt/live/$3/fullchain.pem|" $4
sed -i "s|/etc/jitsi/meet/$3.key|/etc/letsencrypt/live/$3/privkey.pem|" $4
systemctl restart $1
systemctl stop "$1"
letsencrypt certonly --standalone --renew-by-default --agree-tos --email "$5" -d "$6"
sed -i "s|/etc/jitsi/meet/$3.crt|/etc/letsencrypt/live/$3/fullchain.pem|" "$4"
sed -i "s|/etc/jitsi/meet/$3.key|/etc/letsencrypt/live/$3/privkey.pem|" "$4"
systemctl restart "$1"
#Add cron
if [ $(crontab -l|sed 's|#.*$||g'|grep -c 'weekly certbot renew') = 0 ];then
if [ "$(crontab -l|sed 's|#.*$||g'|grep -c 'weekly certbot renew')" = 0 ];then
crontab -l | { cat; echo "@weekly certbot renew --${2} > $LE_RENEW_LOG 2>&1"; } | crontab -
else
echo "Crontab seems to be already in place, skipping."
@ -735,13 +734,13 @@ if [ "$LE_SSL" = "yes" ]; then
echo -e "\nCertbot repository already on the system!\nChecking for updates...\n"
apt-get -q2 update
apt-get -yq2 dist-upgrade
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "200" ]; then
elif [ "$(curl -s -o /dev/null -w "%{http_code}" "$CERTBOT_REL_FILE" )" == "200" ]; then
echo -e "\nAdding cerbot (formerly letsencrypt) PPA repository for latest updates\n"
echo "deb http://ppa.launchpad.net/certbot/certbot/ubuntu $DIST main" > /etc/apt/sources.list.d/certbot.list
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 75BCA694
apt-get -q2 update
apt-get -yq2 dist-upgrade
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "404" ]; then
elif [ "$(curl -s -o /dev/null -w "%{http_code}" "$CERTBOT_REL_FILE" )" == "404" ]; then
echo -e "\nCertbot PPA is not available for $(lsb_release -sc) just yet, it won't be installed...\n"
fi
else
@ -773,9 +772,9 @@ sed -i "/shard.HOSTNAME/s|localhost|$DOMAIN|" /etc/jitsi/videobridge/sip-communi
# Configure Jibri
if [ "$ENABLE_SC" = "yes" ]; then
if [ ! -f $MOD_LIST_FILE ]; then
if [ ! -f "$MOD_LIST_FILE" ]; then
echo -e "\n-> Adding external module to list prosody users...\n"
curl -s $MOD_LISTU > $MOD_LIST_FILE
curl -s "$MOD_LISTU" > "$MOD_LIST_FILE"
echo -e "Now you can check registered users with:\nprosodyctl mod_listusers\n"
else
@ -784,7 +783,7 @@ if [ "$ENABLE_SC" = "yes" ]; then
fi
#Enable jibri recording
cat << REC-JIBRI >> $PROSODY_FILE
cat << REC-JIBRI >> "$PROSODY_FILE"
VirtualHost "recorder.$DOMAIN"
modules_enabled = {
@ -795,71 +794,71 @@ VirtualHost "recorder.$DOMAIN"
REC-JIBRI
#Enable Jibri withelist
sed -i "s|-- muc_lobby_whitelist|muc_lobby_whitelist|" $PROSODY_FILE
sed -i "s|-- muc_lobby_whitelist|muc_lobby_whitelist|" "$PROSODY_FILE"
#Fix Jibri conectivity issues
sed -i "s|c2s_require_encryption = .*|c2s_require_encryption = false|" $PROSODY_SYS
sed -i "s|c2s_require_encryption = .*|c2s_require_encryption = false|" "$PROSODY_SYS"
sed -i "/c2s_require_encryption = false/a \\
\\
consider_bosh_secure = true" $PROSODY_SYS
consider_bosh_secure = true" "$PROSODY_SYS"
if [ ! -z $L10N_PARTICIPANT ]; then
if [ -n "$L10N_PARTICIPANT" ]; then
sed -i "s|PART_USER=.*|PART_USER=\"$L10N_PARTICIPANT\"|" jm-bm.sh
fi
if [ ! -z $L10N_ME ]; then
if [ -n "$L10N_ME" ]; then
sed -i "s|LOCAL_USER=.*|LOCAL_USER=\"$L10N_ME\"|" jm-bm.sh
fi
### Prosody users
prosodyctl register jibri auth.$DOMAIN $JB_AUTH_PASS
prosodyctl register recorder recorder.$DOMAIN $JB_REC_PASS
prosodyctl register jibri auth."$DOMAIN" "$JB_AUTH_PASS"
prosodyctl register recorder recorder."$DOMAIN" "$JB_REC_PASS"
## JICOFO
# /etc/jitsi/jicofo/sip-communicator.properties
cat << BREWERY >> $JICOFO_SIP
cat << BREWERY >> "$JICOFO_SIP"
#org.jitsi.jicofo.auth.URL=XMPP:$DOMAIN
#org.jitsi.jicofo.auth.URL=EXT_JWT:$DOMAIN
org.jitsi.jicofo.jibri.BREWERY=$JibriBrewery@internal.auth.$DOMAIN
org.jitsi.jicofo.jibri.BREWERY="$JibriBrewery"@internal.auth."$DOMAIN"
org.jitsi.jicofo.jibri.PENDING_TIMEOUT=90
#org.jitsi.jicofo.auth.DISABLE_AUTOLOGIN=true
BREWERY
# Jibri tweaks for /etc/jitsi/meet/$DOMAIN-config.js
sed -i "s|conference.$DOMAIN|internal.auth.$DOMAIN|" $MEET_CONF
sed -i "s|// fileRecordingsEnabled: false,|fileRecordingsEnabled: true,| " $MEET_CONF
sed -i "s|conference.$DOMAIN|internal.auth.$DOMAIN|" "$MEET_CONF"
sed -i "s|// fileRecordingsEnabled: false,|fileRecordingsEnabled: true,| " "$MEET_CONF"
sed -i "s|// liveStreamingEnabled: false,|liveStreamingEnabled: true,\\
\\
hiddenDomain: \'recorder.$DOMAIN\',|" $MEET_CONF
hiddenDomain: \'recorder.$DOMAIN\',|" "$MEET_CONF"
#Dropbox feature
#if [ "$ENABLE_DB" = "yes" ]; then
#DB_STR=$(grep -n "dropbox:" $MEET_CONF | cut -d ":" -f1)
#DB_STR=$(grep -n "dropbox:" "$MEET_CONF" | cut -d ":" -f1)
#DB_END=$((DB_STR + 10))
#sed -i "$DB_STR,$DB_END{s|// dropbox: {|dropbox: {|}" $MEET_CONF
#sed -i "$DB_STR,$DB_END{s|// appKey: '<APP_KEY>'|appKey: \'$DB_CID\'|}" $MEET_CONF
#sed -i "$DB_STR,$DB_END{s|// },|},|}" $MEET_CONF
#sed -i "$DB_STR,$DB_END{s|// dropbox: {|dropbox: {|}" "$MEET_CONF"
#sed -i "$DB_STR,$DB_END{s|// appKey: '<APP_KEY>'|appKey: \'$DB_CID\'|}" "$MEET_CONF"
#sed -i "$DB_STR,$DB_END{s|// },|},|}" "$MEET_CONF"
#fi
#Setup main language
if [ -z $JB_LANG ] || [ "$JB_LANG" = "en" ]; then
if [ -z "$JB_LANG" ] || [ "$JB_LANG" = "en" ]; then
echo "Leaving English (en) as default language..."
sed -i "s|// defaultLanguage: 'en',|defaultLanguage: 'en',|" $MEET_CONF
sed -i "s|// defaultLanguage: 'en',|defaultLanguage: 'en',|" "$MEET_CONF"
else
echo "Changing default language to: $JB_LANG"
sed -i "s|// defaultLanguage: 'en',|defaultLanguage: \'$JB_LANG\',|" $MEET_CONF
sed -i "s|// defaultLanguage: 'en',|defaultLanguage: \'$JB_LANG\',|" "$MEET_CONF"
fi
# Recording directory
if [ ! -d $DIR_RECORD ]; then
mkdir $DIR_RECORD
if [ ! -d "$DIR_RECORD" ]; then
mkdir "$DIR_RECORD"
fi
chown -R jibri:jibri $DIR_RECORD
chown -R jibri:jibri "$DIR_RECORD"
cat << REC_DIR > $REC_DIR
cat << REC_DIR > "$REC_DIR"
#!/bin/bash
RECORDINGS_DIR=$DIR_RECORD
RECORDINGS_DIR="$DIR_RECORD"
echo "This is a dummy finalize script" > /tmp/finalize.out
echo "The script was invoked with recordings directory $RECORDINGS_DIR." >> /tmp/finalize.out
@ -875,12 +874,12 @@ mv \$LJF_PATH \$NJF_PATH
exit 0
REC_DIR
chown jibri:jibri $REC_DIR
chmod +x $REC_DIR
chown jibri:jibri "$REC_DIR"
chmod +x "$REC_DIR"
## New Jibri Config (2020)
mv $JIBRI_CONF ${JIBRI_CONF}-dpkg-file
cat << NEW_CONF > $JIBRI_CONF
mv "$JIBRI_CONF" ${JIBRI_CONF}-dpkg-file
cat << NEW_CONF > "$JIBRI_CONF"
// New XMPP environment config.
jibri {
streaming {
@ -927,8 +926,8 @@ jibri {
default-call-empty-timeout = 30 seconds
}
recording {
recordings-directory = $DIR_RECORD
finalize-script = $REC_DIR
recordings-directory = "$DIR_RECORD"
finalize-script = "$REC_DIR"
}
api {
xmpp {
@ -993,14 +992,14 @@ jibri {
NEW_CONF
#Jibri xorg resolution
sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" $JIBRI_XORG_CONF
sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" "$JIBRI_XORG_CONF"
#Create receiver user
useradd -m -g jibri $MJS_USER
useradd -m -g jibri "$MJS_USER"
echo "$MJS_USER:$MJS_USER_PASS" | chpasswd
#Create ssh key and restrict connections
sudo su $MJS_USER -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
sudo su "$MJS_USER" -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
#Allow password authentication
sed -i "s|PasswordAuthentication .*|PasswordAuthentication yes|" /etc/ssh/sshd_config
systemctl restart sshd
@ -1022,7 +1021,7 @@ echo "Last file edition at: $(grep "LETS:" add-jibri-node.sh|head -n1|awk -F'LET
#-- Setting variables for add-jvb2-node.sh
g_conf_value() {
grep "$1" $JVB2_CONF|sed "s|$1||"
grep "$1" "$JVB2_CONF"|sed "s|$1||"
}
JVB_HOSTNAME=$(g_conf_value JVB_HOSTNAME=)
JVB_HOST=$(g_conf_value JVB_HOST=)
@ -1032,7 +1031,7 @@ JVB_OPTS=$(g_conf_value JVB_OPTS=)
JAVA_SYS_PROPS=$(g_conf_value JAVA_SYS_PROPS=)
g_sip_value() {
grep "$1" $JVB2_SIP |cut -d "=" -f2
grep "$1" "$JVB2_SIP" |cut -d "=" -f2
}
DISABLE_AWS_HARVESTER=$(g_sip_value DISABLE_AWS_HARVESTER=)
STUN_MAPPING_HARVESTER_ADDRESSES=$(g_sip_value STUN_MAPPING_HARVESTER_ADDRESSES=)
@ -1066,26 +1065,26 @@ sed -i "s|MJS_USER_PASS=.*|MJS_USER_PASS=\"$MJS_USER_PASS\"|" add-jvb2-node.sh
##--
#Tune webserver for Jitsi App control
if [ -f $WS_CONF ]; then
sed -i "/# ensure all static content can always be found first/i \\\n" $WS_CONF
sed -i "/# ensure all static content can always be found first/i \ \ \ \ location = \/external_api.min.js {" $WS_CONF
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ alias \/usr\/share\/jitsi-meet\/libs\/external_api.min.js;" $WS_CONF
sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" $WS_CONF
sed -i "/# ensure all static content can always be found first/i \\\n" $WS_CONF
if [ -f "$WS_CONF" ]; then
sed -i "/# ensure all static content can always be found first/i \\\n" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ location = \/external_api.min.js {" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ alias \/usr\/share\/jitsi-meet\/libs\/external_api.min.js;" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \\\n" "$WS_CONF"
systemctl reload nginx
else
echo "No app configuration done to server file, please report to:
-> https://github.com/switnet-ltd/quick-jibri-installer/issues"
fi
#Static avatar
if [ "$ENABLE_SA" = "yes" ] && [ -f $WS_CONF ]; then
if [ "$ENABLE_SA" = "yes" ] && [ -f "$WS_CONF" ]; then
cp images/avatar2.png /usr/share/jitsi-meet/images/
sed -i "/location \/external_api.min.js/i \ \ \ \ location \~ \^\/avatar\/\(.\*\)\\\.png {" $WS_CONF
sed -i "/location \/external_api.min.js/i \ \ \ \ \ \ \ \ alias /usr/share/jitsi-meet/images/avatar2.png;" $WS_CONF
sed -i "/location \/external_api.min.js/i \ \ \ \ location \~ \^\/avatar\/\(.\*\)\\\.png {" "$WS_CONF"
sed -i "/location \/external_api.min.js/i \ \ \ \ \ \ \ \ alias /usr/share/jitsi-meet/images/avatar2.png;" "$WS_CONF"
sed -i "/location \/external_api.min.js/i \ \ \ \ }\\
\ " $WS_CONF
sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'https://$DOMAIN/avatar/\'|" $INT_CONF
sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" $INT_CONF
\ " "$WS_CONF"
sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'https://$DOMAIN/avatar/\'|" "$INT_CONF"
sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" "$INT_CONF"
fi
#nginx -tlsv1/1.1
if [ "$DROP_TLS1" = "yes" ];then
@ -1102,34 +1101,34 @@ fi
###Setup secure rooms
if [ "$ENABLE_SC" = "yes" ]; then
SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" $PROSODY_FILE | awk -F ':' 'NR==1{print$1}')
SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" "$PROSODY_FILE" | awk -F ':' 'NR==1{print$1}')
SRP_END=$((SRP_STR + 10))
sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"internal_hashed\"|}" $PROSODY_FILE
sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" $MEET_CONF
sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"internal_hashed\"|}" "$PROSODY_FILE"
sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" "$MEET_CONF"
#Secure room initial user
read -p "Set username for secure room moderator: "$'\n' -r SEC_ROOM_USER
read -p "Secure room moderator password: "$'\n' -r SEC_ROOM_PASS
prosodyctl register $SEC_ROOM_USER $DOMAIN $SEC_ROOM_PASS
read -p "Set username for secure room moderator:$NL" -r SEC_ROOM_USER
read -p "Secure room moderator password:$NL" -r SEC_ROOM_PASS
prosodyctl register "$SEC_ROOM_USER" "$DOMAIN" "$SEC_ROOM_PASS"
echo -e "\nSecure rooms are being enabled..."
echo "You'll be able to login Secure Room chat with '${SEC_ROOM_USER}' \
or '${SEC_ROOM_USER}@${DOMAIN}' using the password you just entered.
If you have issues with the password refer to your sysadmin."
sed -i "s|#org.jitsi.jicofo.auth.URL=XMPP:|org.jitsi.jicofo.auth.URL=XMPP:|" $JICOFO_SIP
sed -i "s|#org.jitsi.jicofo.auth.URL=XMPP:|org.jitsi.jicofo.auth.URL=XMPP:|" "$JICOFO_SIP"
sed -i "s|SEC_ROOM=.*|SEC_ROOM=\"on\"|" jm-bm.sh
fi
###JWT
if [ "$ENABLE_JWT" = "yes" ]; then
echo -e "\nJWT auth is being setup..."
bash $PWD/mode/jwt.sh
bash "$PWD"/mode/jwt.sh
fi
#Guest allow
#Change back lobby - https://community.jitsi.org/t/64769/136
if [ "$ENABLE_SC" = "yes" ];then
cat << P_SR >> $PROSODY_FILE
cat << P_SR >> "$PROSODY_FILE"
-- #Change back lobby - https://community.jitsi.org/t/64769/136
VirtualHost "guest.$DOMAIN"
authentication = "anonymous"
@ -1147,51 +1146,51 @@ fi
#======================
# Custom settings
#Start with video muted by default
sed -i "s|// startWithVideoMuted: false,|startWithVideoMuted: true,|" $MEET_CONF
sed -i "s|// startWithVideoMuted: false,|startWithVideoMuted: true,|" "$MEET_CONF"
#Start with audio muted but admin
sed -i "s|// startAudioMuted: 10,|startAudioMuted: 1,|" $MEET_CONF
sed -i "s|// startAudioMuted: 10,|startAudioMuted: 1,|" "$MEET_CONF"
#Disable/enable welcome page
if [ "$ENABLE_WELCP" = "yes" ]; then
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: false,|" $MEET_CONF
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: false,|" "$MEET_CONF"
elif [ "$ENABLE_WELCP" = "no" ]; then
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: true,|" $MEET_CONF
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: true,|" "$MEET_CONF"
fi
#Enable close page
if [ "$ENABLE_CLOCP" = "yes" ]; then
sed -i "s|.*enableClosePage:.*| enableClosePage: true,|" $MEET_CONF
sed -i "s|.*enableClosePage:.*| enableClosePage: true,|" "$MEET_CONF"
elif [ "$ENABLE_CLOCP" = "no" ]; then
sed -i "s|.*enableClosePage:.*| enableClosePage: false,|" $MEET_CONF
sed -i "s|.*enableClosePage:.*| enableClosePage: false,|" "$MEET_CONF"
fi
#Add pre-join screen by default, since it improves YouTube autoplay capabilities
#pre-join screen by itself don't require autorization by moderator, don't confuse with lobby which does.
sed -i "s|// prejoinPageEnabled:.*|prejoinPageEnabled: true,|" $MEET_CONF
sed -i "s|// prejoinPageEnabled:.*|prejoinPageEnabled: true,|" "$MEET_CONF"
#Set HD resolution and widescreen format
sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" $MEET_CONF
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 720," $MEET_CONF
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" $MEET_CONF
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," $MEET_CONF
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" $MEET_CONF
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" $MEET_CONF
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 720," $MEET_CONF
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 720," $MEET_CONF
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" $MEET_CONF
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," $MEET_CONF
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" $MEET_CONF
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 1280," $MEET_CONF
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 1280," $MEET_CONF
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" $MEET_CONF
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" $MEET_CONF
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" $MEET_CONF
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," $MEET_CONF
sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" $MEET_CONF
sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 720," "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 720," "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 720," "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 1280," "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 1280," "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF"
#Check config file
echo -e "\n# Checking $MEET_CONF file for errors\n"
CHECKJS=$(esvalidate $MEET_CONF| cut -d ":" -f2)
CHECKJS=$(esvalidate "$MEET_CONF"| cut -d ":" -f2)
if [[ -z "$CHECKJS" ]]; then
echo -e "\n# The $MEET_CONF configuration seems correct. =)\n"
else
@ -1214,7 +1213,7 @@ if [ "$DISABLE_LOCAL_JIBRI" = "yes" ]; then
systemctl disable jibri-xorg
systemctl disable jibri-icewm
# Manually apply permissions since finalize_recording.sh won't be triggered under this server options.
chmod -R 770 $DIR_RECORD
chmod -R 770 "$DIR_RECORD"
fi
enable_letsencrypt
@ -1225,7 +1224,7 @@ chmod -R 650 /etc/prosody/certs/
#SSL workaround
if [ "$(dpkg-query -W -f='${Status}' nginx 2>/dev/null | grep -c "ok installed")" -eq 1 ]; then
ssl_wa nginx nginx $DOMAIN $WS_CONF $SYSADMIN_EMAIL $DOMAIN
ssl_wa nginx nginx "$DOMAIN" "$WS_CONF" "$SYSADMIN_EMAIL" "$DOMAIN"
install_ifnot python3-certbot-nginx
else
echo "No webserver found please report."
@ -1234,19 +1233,19 @@ fi
if [ "$ENABLE_BLESSM" = "yes" ]; then
echo "Custom brandless mode will be enabled."
sed -i "s|ENABLE_BLESSM=.*|ENABLE_BLESSM=\"on\"|" jitsi-updater.sh
bash $PWD/jm-bm.sh
bash "$PWD"/jm-bm.sh
fi
# Applying best practives for interface config.js
echo -e "\n> Setting up custom interface_config.js according to best practices."
cp "$INT_CONF" "$INT_CONF_ETC"
#Tune webserver for interface_config.js
if [ -f $WS_CONF ]; then
sed -i "/external_api.js/i \\\n" $WS_CONF
sed -i "/external_api.js/i \ \ \ \ location = \/interface_config.js {" $WS_CONF
sed -i "/external_api.js/i \ \ \ \ \ \ \ \ alias \/etc\/jitsi\/meet\/$DOMAIN-interface_config.js;" $WS_CONF
sed -i "/external_api.js/i \ \ \ \ }" $WS_CONF
sed -i "/external_api.js/i \\\n" $WS_CONF
if [ -f "$WS_CONF" ]; then
sed -i "/external_api.js/i \\\n" "$WS_CONF"
sed -i "/external_api.js/i \ \ \ \ location = \/interface_config.js {" "$WS_CONF"
sed -i "/external_api.js/i \ \ \ \ \ \ \ \ alias \/etc\/jitsi\/meet\/$DOMAIN-interface_config.js;" "$WS_CONF"
sed -i "/external_api.js/i \ \ \ \ }" "$WS_CONF"
sed -i "/external_api.js/i \\\n" "$WS_CONF"
systemctl reload nginx
else
echo "No interface_config.js configuration done to server file, please report to:
@ -1254,11 +1253,11 @@ else
fi
#JRA via Nextcloud
if [ "$ENABLE_NC_ACCESS" = "yes" ]; then
echo -n "\nJRA via Nextcloud will be enabled."
echo -e "\nJRA via Nextcloud will be enabled."
if [ "$MODE" = "debug" ]; then
bash $PWD/jra_nextcloud.sh -m debug
bash "$PWD"/jra_nextcloud.sh -m debug
else
bash $PWD/jra_nextcloud.sh
bash "$PWD"/jra_nextcloud.sh
fi
fi
} > >(tee -a qj-installer.log) 2> >(tee -a qj-installer.log >&2)
@ -1267,9 +1266,9 @@ if [ "$ENABLE_TRANSCRIPT" = "yes" ]; then
echo -e "\nJigasi Transcription will be enabled."
# ToDo: Analyze behavior on debug
#if [ "$MODE" = "debug" ]; then
# bash $PWD/jigasi.sh -m debug
# bash "$PWD"/jigasi.sh -m debug
#else
bash $PWD/jigasi.sh
bash "$PWD"/jigasi.sh
#fi
fi
{
@ -1277,18 +1276,18 @@ fi
if [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then
echo -e "\nGrafana Dashboard will be enabled."
if [ "$MODE" = "debug" ]; then
bash $PWD/grafana.sh -m debug
bash "$PWD"/grafana.sh -m debug
else
bash $PWD/grafana.sh
bash "$PWD"/grafana.sh
fi
fi
#Docker Etherpad
if [ "$ENABLE_DOCKERPAD" = "yes" ]; then
echo -e "\nDocker Etherpad will be enabled."
if [ "$MODE" = "debug" ]; then
bash $PWD/etherpad-docker.sh -m debug
bash "$PWD"/etherpad-docker.sh -m debug
else
bash $PWD/etherpad-docker.sh
bash "$PWD"/etherpad-docker.sh
fi
fi
#Prevent JMS conecction issue