From 6719c0ee7073d15f8966fcb4003acf74335a1ad0 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Thu, 7 Apr 2022 00:26:36 -0500 Subject: [PATCH 01/39] Use the original file, instead of overwrite the symlink. --- quick_jibri_installer.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index 0b9548b..dd077f7 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -341,7 +341,8 @@ if [ "$LE_SSL" = "yes" ]; then apt-get -y install \ letsencrypt if [ "$(dpkg-query -W -f='${Status}' ufw 2>/dev/null | grep -c "ok installed")" == "1" ]; then - echo "# Disable pre-installed ufw to allow ssl challenges validation." + echo "# Disable pre-installed ufw, more on firewall see: + > https://github.com/switnet-ltd/quick-jibri-installer/wiki/Firewall" ufw disable fi fi @@ -451,8 +452,8 @@ echo ' ######################################################################## ' # MEET / JIBRI SETUP -DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')" -WS_CONF="/etc/nginx/sites-enabled/$DOMAIN.conf" +DOMAIN="$(find /etc/prosody/conf.d/ -name *.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" +WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf" JB_AUTH_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)" JB_REC_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)" PROSODY_FILE="/etc/prosody/conf.d/$DOMAIN.cfg.lua" From 44e9a98b76c65a0c861eae2d857a2d6cf9a6e78e Mon Sep 17 00:00:00 2001 From: Ark74 Date: Thu, 7 Apr 2022 00:29:06 -0500 Subject: [PATCH 02/39] Fix typo and increase countdown. --- tools/start-over.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/start-over.sh b/tools/start-over.sh index 0cdc991..4db729f 100644 --- a/tools/start-over.sh +++ b/tools/start-over.sh @@ -79,8 +79,8 @@ if [ "$CONTINUE_PURGE2" = "no" ]; then echo " Good, see you next time..." exit elif [ "$CONTINUE_PURGE2" = "yes" ]; then - echo "No going back, lets start..." - wait_seconds 5 + echo "No going back, let's start..." + wait_seconds 10 fi done From 14fceeec6b1246041f7b5d3d268cf0c498665aa4 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Thu, 7 Apr 2022 02:50:22 -0500 Subject: [PATCH 03/39] Add tool for grub setup. --- tools/aws-grub-setup.sh | 63 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 tools/aws-grub-setup.sh diff --git a/tools/aws-grub-setup.sh b/tools/aws-grub-setup.sh new file mode 100644 index 0000000..712423f --- /dev/null +++ b/tools/aws-grub-setup.sh @@ -0,0 +1,63 @@ +#!/bin/bash +# Automated AWS generic kernel setup for jibri. +# SwITNet Ltd © - 2022, https://switnet.net/ +# GPLv3 or later. + +#### +# NOTE: Only use this script if you know what you are doing. +# Under your own risk. +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY. +#### +wait_seconds() { +secs=$(($1)) +while [ $secs -gt 0 ]; do + echo -ne "$secs\033[0K\r" + sleep 1 + : $((secs--)) +done +} + +TMP_DIR="$(mktemp -d)" +KERNEL_LOG="$TMP_DIR/kernel_log" +GRUB_FILE="/etc/default/grub" + +echo "# Check and update HWE kernel if possible..." +apt-get -q2 update +HWE_VIR_MOD=$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)") +if [ "$HWE_VIR_MOD" = "1" ]; then + apt-get -y install \ + linux-image-generic-hwe-$(lsb_release -sr) \ + linux-tools-generic-hwe-$(lsb_release -sr) +else + apt-get -y install \ + linux-image-generic \ + linux-modules-extra-$(uname -r) +fi +apt-get -y autoremove +apt-get autoclean + +#Write update-grub output +update-grub > $KERNEL_LOG 2>&1 + +#Get clean output +cat $KERNEL_LOG | awk -F'boot/' '{print$2}'|sed '/^[[:space:]]*$/d' | \ +tee ${KERNEL_LOG}.tmp +mv ${KERNEL_LOG}.tmp $KERNEL_LOG + +echo "Check if AWS kernel is installed." +[ $(grep -wc aws $KERNEL_LOG) = 0 ] && echo "No AWS kernel found, exiting..." && exit + +#Get kernel number +RAW_KERNEL_NUM="$(grep -Fn generic $KERNEL_LOG|head -n1|cut -d ':' -f1)" +FIXED_KERNEL_NUM="$(awk "BEGIN{ print $RAW_KERNEL_NUM - 1 }")" + +#Set up grub kernel number. +sed -i "s|GRUB_DEFAULT=.*|GRUB_DEFAULT=\"1\>$FIXED_KERNEL_NUM\"|" $GRUB_FILE + +update-grub + +echo "Time to reboot..." +echo "Rebooting in..." +wait_seconds 15 +reboot From 7d162f8ade2d7ff22c196f03b1788ce0296a2196 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Thu, 7 Apr 2022 02:52:08 -0500 Subject: [PATCH 04/39] Require to run with sudo. --- tools/aws-grub-setup.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tools/aws-grub-setup.sh b/tools/aws-grub-setup.sh index 712423f..36e4291 100644 --- a/tools/aws-grub-setup.sh +++ b/tools/aws-grub-setup.sh @@ -18,6 +18,13 @@ while [ $secs -gt 0 ]; do done } +# Check if user is root +if [ $(id -u) = 0 ]; then + echo "Please don't run with root or sudo privileges! + > We'll request them when necessary." + exit 1 +fi + TMP_DIR="$(mktemp -d)" KERNEL_LOG="$TMP_DIR/kernel_log" GRUB_FILE="/etc/default/grub" From 3acc41dc7f9ab6982666c5e045c2ae64af4ad959 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Thu, 7 Apr 2022 02:55:00 -0500 Subject: [PATCH 05/39] Actually require to run with admin rights. --- tools/aws-grub-setup.sh | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/tools/aws-grub-setup.sh b/tools/aws-grub-setup.sh index 36e4291..ae83045 100644 --- a/tools/aws-grub-setup.sh +++ b/tools/aws-grub-setup.sh @@ -19,10 +19,9 @@ done } # Check if user is root -if [ $(id -u) = 0 ]; then - echo "Please don't run with root or sudo privileges! - > We'll request them when necessary." - exit 1 +if [ $UID != 0 ]; then + echo You need to run this script as root or sudo rights! + exit 1 fi TMP_DIR="$(mktemp -d)" From 6c071098d56ed9b384e3c2639ebe6b09a0c135bb Mon Sep 17 00:00:00 2001 From: Ark74 Date: Thu, 7 Apr 2022 03:01:08 -0500 Subject: [PATCH 06/39] Improve comments. --- tools/aws-grub-setup.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tools/aws-grub-setup.sh b/tools/aws-grub-setup.sh index ae83045..409bb4a 100644 --- a/tools/aws-grub-setup.sh +++ b/tools/aws-grub-setup.sh @@ -28,7 +28,7 @@ TMP_DIR="$(mktemp -d)" KERNEL_LOG="$TMP_DIR/kernel_log" GRUB_FILE="/etc/default/grub" -echo "# Check and update HWE kernel if possible..." +echo -e "# Check and update HWE kernel if possible...\n" apt-get -q2 update HWE_VIR_MOD=$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)") if [ "$HWE_VIR_MOD" = "1" ]; then @@ -51,16 +51,17 @@ cat $KERNEL_LOG | awk -F'boot/' '{print$2}'|sed '/^[[:space:]]*$/d' | \ tee ${KERNEL_LOG}.tmp mv ${KERNEL_LOG}.tmp $KERNEL_LOG -echo "Check if AWS kernel is installed." +echo -e "Check if AWS kernel is installed.\n" [ $(grep -wc aws $KERNEL_LOG) = 0 ] && echo "No AWS kernel found, exiting..." && exit #Get kernel number RAW_KERNEL_NUM="$(grep -Fn generic $KERNEL_LOG|head -n1|cut -d ':' -f1)" FIXED_KERNEL_NUM="$(awk "BEGIN{ print $RAW_KERNEL_NUM - 1 }")" -#Set up grub kernel number. +echo -e "Set up GRUB for custom kernel.\n" sed -i "s|GRUB_DEFAULT=.*|GRUB_DEFAULT=\"1\>$FIXED_KERNEL_NUM\"|" $GRUB_FILE +echo -e "Saving changes...\n" update-grub echo "Time to reboot..." From ef5374f68c42e6cf7f6ed141e072469e4f0a384e Mon Sep 17 00:00:00 2001 From: Ark74 Date: Tue, 12 Apr 2022 23:11:59 -0500 Subject: [PATCH 07/39] Actually apply changes to nginx conf instead of symlink. --- etherpad-docker.sh | 2 +- grafana.sh | 2 +- jra_nextcloud.sh | 4 ++-- mode/chp-mode.sh | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/etherpad-docker.sh b/etherpad-docker.sh index 5fabaac..c9568ff 100644 --- a/etherpad-docker.sh +++ b/etherpad-docker.sh @@ -44,7 +44,7 @@ fi } DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')" MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js" -WS_CONF="/etc/nginx/sites-enabled/$DOMAIN.conf" +WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf" PSGVER="$(apt-cache madison postgresql|awk -F'[ +]' 'NR==1{print $3}')" ETHERPAD_DB_USER="dockerpad" ETHERPAD_DB_NAME="etherpad" diff --git a/grafana.sh b/grafana.sh index 852d6fb..093b4db 100644 --- a/grafana.sh +++ b/grafana.sh @@ -47,7 +47,7 @@ MAIN_TEL="/etc/telegraf/telegraf.conf" TEL_JIT="/etc/telegraf/telegraf.d/jitsi.conf" GRAFANA_INI="/etc/grafana/grafana.ini" DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')" -WS_CONF="/etc/nginx/sites-enabled/$DOMAIN.conf" +WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf" GRAFANA_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)" # Min requirements diff --git a/jra_nextcloud.sh b/jra_nextcloud.sh index d7c8ce5..a366440 100644 --- a/jra_nextcloud.sh +++ b/jra_nextcloud.sh @@ -45,7 +45,7 @@ PSGVER="$(apt-cache madison postgresql|awk -F'[ +]' 'NR==1{print $3}')" PHP_FPM_DIR="/etc/php/$PHPVER/fpm" PHP_INI="$PHP_FPM_DIR/php.ini" PHP_CONF="/etc/php/$PHPVER/fpm/pool.d/www.conf" -NC_NGINX_SSL_PORT="$(grep "listen 44" /etc/nginx/sites-enabled/$DOMAIN.conf | awk '{print$2}')" +NC_NGINX_SSL_PORT="$(grep "listen 44" /etc/nginx/sites-available/$DOMAIN.conf | awk '{print$2}')" NC_REPO="https://download.nextcloud.com/server/releases" NCVERSION="$(curl -s -m 900 $NC_REPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)" STABLEVERSION="nextcloud-$NCVERSION" @@ -419,7 +419,7 @@ NC_NGINX systemctl stop nginx letsencrypt certonly --standalone --renew-by-default --agree-tos -d $NC_DOMAIN if [ -f /etc/letsencrypt/live/$NC_DOMAIN/fullchain.pem ];then - ln -s $NC_NGINX_CONF /etc/nginx/sites-enabled/ + ln -s $NC_NGINX_CONF /etc/nginx/sites-available/ else echo "There are issues on getting the SSL certs..." read -n 1 -s -r -p "Press any key to continue" diff --git a/mode/chp-mode.sh b/mode/chp-mode.sh index 7c4b760..d2e6dde 100644 --- a/mode/chp-mode.sh +++ b/mode/chp-mode.sh @@ -53,7 +53,7 @@ MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js" MEET_CONF_HP="/etc/jitsi/meet/${DOMAIN}-chp-config.js" INT_CONF_JS="/etc/jitsi/meet/${DOMAIN}-interface_config.js" INT_CONF_JS_HP="/etc/jitsi/meet/${DOMAIN}-chp-interface_config.js" -WS_CONF="/etc/nginx/sites-enabled/$DOMAIN.conf" +WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf" FSTAB="/etc/fstab" CHAT_DISABLED="TBD" From ced6574cfad02981a344d4fcba232f47c2a2b58a Mon Sep 17 00:00:00 2001 From: Ark74 Date: Wed, 11 May 2022 23:52:18 -0500 Subject: [PATCH 08/39] Comply mode section with shellcheck recommendations. --- mode/chp-mode.sh | 234 +++++++++++++++--------------- mode/grid/selenium-grid-docker.sh | 18 +-- mode/jms-stu.sh | 12 +- mode/jwt.sh | 38 ++--- 4 files changed, 151 insertions(+), 151 deletions(-) diff --git a/mode/chp-mode.sh b/mode/chp-mode.sh index d2e6dde..3f39275 100644 --- a/mode/chp-mode.sh +++ b/mode/chp-mode.sh @@ -4,7 +4,7 @@ # GPLv3 or later. #Check if user is root -if ! [ $(id -u) = 0 ]; then +if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have privileges!" exit 0 fi @@ -32,11 +32,11 @@ while [ $secs -gt 0 ]; do done } set_once() { -if [ -z "$(awk '!/^ *#/ && NF {print}' "$2"|grep $(echo $1|awk -F '=' '{print$1}'))" ]; then - echo "Setting "$1" on "$2"..." +if ! grep -q "$(awk '!/^ *#/ && NF {print}' "$2"|grep "$(awk -F '=' '{print$1}' <<< "$1")")" ; then + echo "Setting $1 on $2..." echo "$1" | tee -a "$2" else - echo " \"$(echo $1|awk -F '=' '{print$1}')\" seems present, skipping setting this variable" + echo " \"$(echo "$1"|awk -F '=' '{print$1}')\" seems present, skipping setting this variable" fi } # True if $1 is greater than $2 @@ -44,7 +44,7 @@ version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; } LTS_REL="$(lsb_release -d | awk '{print$4}')" -DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')" +DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" JVB_LOG_POP="/etc/jitsi/videobridge/logging.properties" JVB_RC="/usr/share/jitsi-videobridge/lib/videobridge.rc" JICOFO_LOG_POP="/etc/jitsi/videobridge/logging.properties" @@ -54,17 +54,17 @@ MEET_CONF_HP="/etc/jitsi/meet/${DOMAIN}-chp-config.js" INT_CONF_JS="/etc/jitsi/meet/${DOMAIN}-interface_config.js" INT_CONF_JS_HP="/etc/jitsi/meet/${DOMAIN}-chp-interface_config.js" WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf" -FSTAB="/etc/fstab" +#FSTAB="/etc/fstab" CHAT_DISABLED="TBD" -if [ -f $MEET_CONF_HP ] || [ -f $INT_CONF_JS_HP ]; then +if [ -f "$MEET_CONF_HP" ] || [ -f "$INT_CONF_JS_HP" ]; then echo " This script can't be run multiple times on the same system, idempotence not guaranteed, exiting..." exit fi -if [ -z $LTS_REL ] || [ -z $DOMAIN ];then +if [ -z "$LTS_REL" ] || [ -z "$DOMAIN" ];then echo "This system isn't suitable to configure." exit else @@ -122,7 +122,7 @@ PS3='Select the desired resolution for high performance mode: ' options=("nHD - 640x360" "qHD - 960x540" "HD - 1280x720") select opt in "${options[@]}" do - case $opt in + case "$opt" in "nHD - 640x360") echo -e "\n > Setting 640x360 resolution.\n" VID_RES="360" @@ -152,7 +152,7 @@ while [[ "$CHAT_DISABLED" != "yes" && \ "$CHAT_DISABLED" != "" ]] do echo "> Do you want to disable jitsi's built-in chat?: (yes or no)" -read -p "(Also you can leave empty to disable)"$'\n' CHAT_DISABLED +read -p "(Also you can leave empty to disable)"$'\n' -r CHAT_DISABLED if [ "$CHAT_DISABLED" = "no" ]; then echo -e "-- Jitsi's built-in chat will be kept active.\n" elif [ "$CHAT_DISABLED" = "yes" ] || [ -z "$CHAT_DISABLED" ]; then @@ -162,149 +162,149 @@ done ## JMS system tune up if [ "$MODE" = "debug" ]; then - bash $PWD/jms-stu.sh -m debug + bash "$PWD"/jms-stu.sh -m debug else - bash $PWD/jms-stu.sh + bash "$PWD"/jms-stu.sh fi #JVB2 ##Loose up logging # https://community.jitsi.org/t/23641/13 -sed -i "/java.util.logging.FileHandler.level/s|ALL|WARNING|g" $JVB_LOG_POP -sed -i "s|^.level=INFO|.level=WARNING|" $JVB_LOG_POP -sed -i "/VIDEOBRIDGE_MAX_MEMORY=/i \ VIDEOBRIDGE_MAX_MEMORY=8192m" $JVB_RC +sed -i "/java.util.logging.FileHandler.level/s|ALL|WARNING|g" "$JVB_LOG_POP" +sed -i "s|^.level=INFO|.level=WARNING|" "$JVB_LOG_POP" +sed -i "/VIDEOBRIDGE_MAX_MEMORY=/i \ VIDEOBRIDGE_MAX_MEMORY=8192m" "$JVB_RC" #JICOFO -sed -i "/java.util.logging.FileHandler.level/s|ALL|OFF|g" $JICOFO_LOG_POP -sed -i "s|^.level=INFO|.level=WARNING|" $JICOFO_LOG_POP +sed -i "/java.util.logging.FileHandler.level/s|ALL|OFF|g" "$JICOFO_LOG_POP" +sed -i "s|^.level=INFO|.level=WARNING|" "$JICOFO_LOG_POP" #MEET -sed -i "s|defaultLogLevel:.*|defaultLogLevel: 'error',|" $MEET_LOG_CONF -sed -i "/TraceablePeerConnection.js/s|info|error|" $MEET_LOG_CONF -sed -i "/CallStats.js/s|info|error|" $MEET_LOG_CONF -sed -i "/strophe.util.js/s|log|error|" $MEET_LOG_CONF +sed -i "s|defaultLogLevel:.*|defaultLogLevel: 'error',|" "$MEET_LOG_CONF" +sed -i "/TraceablePeerConnection.js/s|info|error|" "$MEET_LOG_CONF" +sed -i "/CallStats.js/s|info|error|" "$MEET_LOG_CONF" +sed -i "/strophe.util.js/s|log|error|" "$MEET_LOG_CONF" #UX - Room settings and interface ## config.js -cp $MEET_CONF $MEET_CONF_HP -sed -i "s|// disableAudioLevels:.*|disableAudioLevels: true,|" $MEET_CONF_HP -sed -i "s|enableNoAudioDetection:.*|enableNoAudioDetection: false,|" $MEET_CONF_HP -sed -i "s|enableNoisyMicDetection:.*|enableNoisyMicDetection: false,|" $MEET_CONF_HP -sed -i "s|startAudioMuted:.*|startAudioMuted: 5,|" $MEET_CONF_HP -sed -i "s|// startVideoMuted:.*|startVideoMuted: 5,|" $MEET_CONF_HP -sed -i "s|startWithVideoMuted: true,|startWithVideoMuted: false,|" $MEET_CONF_HP -sed -i "s|channelLastN:.*|channelLastN: 10,|" $MEET_CONF_HP -sed -i "s|// enableLayerSuspension:.*|enableLayerSuspension: true,|" $MEET_CONF_HP -sed -i "s|// apiLogLevels:.*|apiLogLevels: \['warn', 'error'],|" $MEET_CONF_HP +cp "$MEET_CONF" "$MEET_CONF_HP" +sed -i "s|// disableAudioLevels:.*|disableAudioLevels: true,|" "$MEET_CONF_HP" +sed -i "s|enableNoAudioDetection:.*|enableNoAudioDetection: false,|" "$MEET_CONF_HP" +sed -i "s|enableNoisyMicDetection:.*|enableNoisyMicDetection: false,|" "$MEET_CONF_HP" +sed -i "s|startAudioMuted:.*|startAudioMuted: 5,|" "$MEET_CONF_HP" +sed -i "s|// startVideoMuted:.*|startVideoMuted: 5,|" "$MEET_CONF_HP" +sed -i "s|startWithVideoMuted: true,|startWithVideoMuted: false,|" "$MEET_CONF_HP" +sed -i "s|channelLastN:.*|channelLastN: 10,|" "$MEET_CONF_HP" +sed -i "s|// enableLayerSuspension:.*|enableLayerSuspension: true,|" "$MEET_CONF_HP" +sed -i "s|// apiLogLevels:.*|apiLogLevels: \['warn', 'error'],|" "$MEET_CONF_HP" if [ "$VID_RES" = "360" ]; then -sed -i "/Start QJI/,/End QJI/d" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 360," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 360," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 360," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 640," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 640," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" $MEET_CONF_HP +sed -i "/Start QJI/,/End QJI/d" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 360," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 360," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 360," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 640," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 640," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF_HP" fi if [ "$VID_RES" = "540" ]; then -sed -i "/Start QJI/,/End QJI/d" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 540," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 540," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 540," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 960," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 960," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" $MEET_CONF_HP +sed -i "/Start QJI/,/End QJI/d" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 540," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 540," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 540," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 960," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 960," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF_HP" fi if [ "$VID_RES" = "720" ]; then -sed -i "/Start QJI/,/End QJI/d" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 720," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 720," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 720," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 1280," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 1280," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," $MEET_CONF_HP -sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" $MEET_CONF_HP +sed -i "/Start QJI/,/End QJI/d" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 720," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 720," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 720," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 1280," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 1280," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF_HP" +sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF_HP" fi ## interface_config.js -cp $INT_CONF_JS $INT_CONF_JS_HP -sed -i "s|CONNECTION_INDICATOR_DISABLED:.*|CONNECTION_INDICATOR_DISABLED: true,|" $INT_CONF_JS_HP -sed -i "s|DISABLE_DOMINANT_SPEAKER_INDICATOR:.*|DISABLE_DOMINANT_SPEAKER_INDICATOR: true,|" $INT_CONF_JS_HP -sed -i "s|DISABLE_FOCUS_INDICATOR:.*|DISABLE_FOCUS_INDICATOR: false,|" $INT_CONF_JS_HP -sed -i "s|DISABLE_JOIN_LEAVE_NOTIFICATIONS:.*|DISABLE_JOIN_LEAVE_NOTIFICATIONS: true,|" $INT_CONF_JS_HP -sed -i "s|DISABLE_VIDEO_BACKGROUND:.*|DISABLE_VIDEO_BACKGROUND: true,|" $INT_CONF_JS_HP -sed -i "s|OPTIMAL_BROWSERS: \[.*|OPTIMAL_BROWSERS: \[ 'chrome', 'chromium', 'electron' \],|" $INT_CONF_JS_HP -sed -i "s|UNSUPPORTED_BROWSERS: .*|UNSUPPORTED_BROWSERS: \[ 'nwjs', 'safari', 'firefox' \],|" $INT_CONF_JS_HP +cp "$INT_CONF_JS" "$INT_CONF_JS_HP" +sed -i "s|CONNECTION_INDICATOR_DISABLED:.*|CONNECTION_INDICATOR_DISABLED: true,|" "$INT_CONF_JS_HP" +sed -i "s|DISABLE_DOMINANT_SPEAKER_INDICATOR:.*|DISABLE_DOMINANT_SPEAKER_INDICATOR: true,|" "$INT_CONF_JS_HP" +sed -i "s|DISABLE_FOCUS_INDICATOR:.*|DISABLE_FOCUS_INDICATOR: false,|" "$INT_CONF_JS_HP" +sed -i "s|DISABLE_JOIN_LEAVE_NOTIFICATIONS:.*|DISABLE_JOIN_LEAVE_NOTIFICATIONS: true,|" "$INT_CONF_JS_HP" +sed -i "s|DISABLE_VIDEO_BACKGROUND:.*|DISABLE_VIDEO_BACKGROUND: true,|" "$INT_CONF_JS_HP" +sed -i "s|OPTIMAL_BROWSERS: \[.*|OPTIMAL_BROWSERS: \[ 'chrome', 'chromium', 'electron' \],|" "$INT_CONF_JS_HP" +sed -i "s|UNSUPPORTED_BROWSERS: .*|UNSUPPORTED_BROWSERS: \[ 'nwjs', 'safari', 'firefox' \],|" "$INT_CONF_JS_HP" ### Toolbars if version_gt "$(apt-show-versions jitsi-meet|awk '{print$2}')" "2.0.5390-3" ; then #New toolbar in config.js - sed -i "/\/\/ toolbarButtons:/i \ \ \ \ toolbarButtons:: \[" $MEET_CONF_HP - sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," $MEET_CONF_HP + sed -i "/\/\/ toolbarButtons:/i \ \ \ \ toolbarButtons:: \[" "$MEET_CONF_HP" + sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," "$MEET_CONF_HP" if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then - sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," $MEET_CONF_HP + sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," "$MEET_CONF_HP" else - sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," $MEET_CONF_HP + sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," "$MEET_CONF_HP" fi - sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," $MEET_CONF_HP - sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," $MEET_CONF_HP - sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'mute-video-everyone', 'security'" $MEET_CONF_HP - sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \]," $MEET_CONF_HP + sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," "$MEET_CONF_HP" + sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," "$MEET_CONF_HP" + sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'mute-video-everyone', 'security'" "$MEET_CONF_HP" + sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \]," "$MEET_CONF_HP" else #Old toolbar in interface.js (soon deprecated on newer versions) - sed -i "/^\s*TOOLBAR_BUTTONS*\]$/ s|^|//|; /^\s*TOOLBAR_BUTTONS/, /\],$/ s|^|//|" $INT_CONF_JS_HP + sed -i "/^\s*TOOLBAR_BUTTONS*\]$/ s|^|//|; /^\s*TOOLBAR_BUTTONS/, /\],$/ s|^|//|" "$INT_CONF_JS_HP" - sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ TOOLBAR_BUTTONS: \[" $INT_CONF_JS_HP - sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," $INT_CONF_JS_HP + sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ TOOLBAR_BUTTONS: \[" "$INT_CONF_JS_HP" + sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," "$INT_CONF_JS_HP" if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then - sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," $INT_CONF_JS_HP + sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," "$INT_CONF_JS_HP" else - sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," $INT_CONF_JS_HP + sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," "$INT_CONF_JS_HP" fi - sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," $INT_CONF_JS_HP - sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," $INT_CONF_JS_HP - sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'mute-video-everyone', 'security'" $INT_CONF_JS_HP - sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \]," $INT_CONF_JS_HP + sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," "$INT_CONF_JS_HP" + sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," "$INT_CONF_JS_HP" + sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'mute-video-everyone', 'security'" "$INT_CONF_JS_HP" + sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \]," "$INT_CONF_JS_HP" fi #Check config file echo -e "\n# Checking $MEET_CONF file for errors\n" -CHECKJS_MEET_CHP=$(esvalidate $MEET_CONF_HP| cut -d ":" -f2) +CHECKJS_MEET_CHP="$(esvalidate "$MEET_CONF_HP"| cut -d ":" -f2)" if [ -z "$CHECKJS_MEET_CHP" ]; then echo -e "\n# The $MEET_CONF_HP configuration seems correct. =)\n" else @@ -313,7 +313,7 @@ echo -e "\n Watch out!, there seems to be an issue on $MEET_CONF_HP line: Most of the times this is due upstream changes, please report to https://github.com/switnet-ltd/quick-jibri-installer/issues\n" fi -CHECKJS_INT_CHP=$(esvalidate $INT_CONF_JS_HP| cut -d ":" -f2) +CHECKJS_INT_CHP="$(esvalidate "$INT_CONF_JS_HP"| cut -d ":" -f2)" if [ -z "$CHECKJS_INT_CHP" ]; then echo -e "\n# The $INT_CONF_JS_HP configuration seems correct. =)\n" else @@ -323,8 +323,8 @@ echo -e "\n Watch out!, there seems to be an issue on $INT_CONF_JS_HP line: https://github.com/switnet-ltd/quick-jibri-installer/issues\n" fi -sed -i "s|$MEET_CONF|$MEET_CONF_HP|g" $WS_CONF -sed -i "s|$INT_CONF_JS|$INT_CONF_JS_HP|" $WS_CONF +sed -i "s|$MEET_CONF|$MEET_CONF_HP|g" "$WS_CONF" +sed -i "s|$INT_CONF_JS|$INT_CONF_JS_HP|" "$WS_CONF" nginx -t #systemctl restart nginx diff --git a/mode/grid/selenium-grid-docker.sh b/mode/grid/selenium-grid-docker.sh index 6acb471..b73cb84 100644 --- a/mode/grid/selenium-grid-docker.sh +++ b/mode/grid/selenium-grid-docker.sh @@ -5,7 +5,7 @@ # GPLv3 or later. #Check if user is root -if ! [ $(id -u) = 0 ]; then +if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have sudo privileges!" exit 0 fi @@ -14,7 +14,7 @@ WAN_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)" AV_SPACE="$(df -h .|grep -v File|awk '{print$4}'|sed -e 's|G||')" echo -e "\n-- Make sure you have at least 10GB of disk space available.\n" -if [ $(echo "$AV_SPACE > 9" | bc) -ne 0 ]; then +if [ "$(echo "$AV_SPACE > 9" | bc)" -ne 0 ]; then echo "> Seems we have enough disk space." else echo "> Please meet the minimum required disk space for this installer, exiting..." @@ -40,17 +40,17 @@ chmod +x /usr/local/bin/docker-compose ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose # Jitsi Meet Torture -cd /opt +cd /opt || exit git clone https://github.com/jitsi/jitsi-meet-torture -cd jitsi-meet-torture/resources -if [ -f FourPeople_1280x720_30.y4m ] ; then +cd jitsi-meet-torture/ || exit +if [ -f resources/FourPeople_1280x720_30.y4m ] ; then echo "FourPeople_1280x720_30.y4m exists" else echo "FourPeople_1280x720_30.y4m doesn't exists, getting a copy..." wget -c https://media.xiph.org/video/derf/y4m/FourPeople_1280x720_60.y4m - cp FourPeople_1280x720_60.y4m FourPeople_1280x720_30.y4m + mv FourPeople_1280x720_60.y4m resources/ + cp resources/FourPeople_1280x720_60.y4m resources/FourPeople_1280x720_30.y4m fi -cd .. #150 "participants" available ## Tested up to 120 with AWS c5.24xlarge @@ -145,8 +145,8 @@ sudo bash /opt/jitsi-meet-torture/scripts/malleus.sh \\ --hub-url=http://localhost:4444/wd/hub \\ --instance-url=https://YOUR.JITSI-MEET-INSTANCE.DOMAIN " -echo -e "\n-- If using 'hamertesting' as prefix name you can join the room -hamertesting0, hamertesting1, hamertestingN +echo -e "\n-- If using 'hamertesting' as prefix name you can join the room +hamertesting0, hamertesting1, hamertestingN according to the 'N' number of conferences you have set to watch the test. *Beware* for 120 \"participants\" to join video-muted it was necessary at least a c5.24xlarge AWS instance. diff --git a/mode/jms-stu.sh b/mode/jms-stu.sh index 2fb45ba..045e40d 100644 --- a/mode/jms-stu.sh +++ b/mode/jms-stu.sh @@ -6,7 +6,7 @@ # GPLv3 or later. #Check if user is root -if ! [ $(id -u) = 0 ]; then +if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have privileges!" exit 0 fi @@ -22,7 +22,7 @@ done echo ' #-------------------------------------------------- -# Starting system tune up configuration +# Starting system tune up configuration # for high performance #-------------------------------------------------- ' @@ -33,18 +33,18 @@ set -x fi set_once() { -if [ -z "$(awk '!/^ *#/ && NF {print}' "$2"|grep $(echo $1|awk -F '=' '{print$1}'))" ]; then - echo "Setting "$1" on "$2"..." +if ! grep -q "$(awk '!/^ *#/ && NF {print}' "$2"|grep "$(awk -F '=' '{print$1}' <<< "$1")")" ; then + echo "Setting $1 on $2..." echo "$1" | tee -a "$2" else - echo " \"$(echo $1|awk -F '=' '{print$1}')\" seems present, skipping setting this variable" + echo " \"$(echo "$1"|awk -F '=' '{print$1}')\" seems present, skipping setting this variable" fi } FSTAB=/etc/fstab ##Disable swap swapoff -a -sed -r '/\sswap\s/s/^#?/#/' -i $FSTAB +sed -r '/\sswap\s/s/^#?/#/' -i "$FSTAB" ##Alternative swap tuning (need more documentation). #vm.swappiness=5 diff --git a/mode/jwt.sh b/mode/jwt.sh index a19aa41..92c6bbb 100644 --- a/mode/jwt.sh +++ b/mode/jwt.sh @@ -2,15 +2,15 @@ # JWT Mode Setup # SwITNet Ltd © - 2021, https://switnet.net/ # GPLv3 or later. -DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++') +DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js" JICOFO_SIP="/etc/jitsi/jicofo/sip-communicator.properties" PROSODY_FILE="/etc/prosody/conf.d/$DOMAIN.cfg.lua" PROSODY_SYS="/etc/prosody/prosody.cfg.lua" APP_ID="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 16 | head -n1)" SECRET_APP="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 64 | head -n1)" -SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" $PROSODY_FILE | head -n1 | cut -d ":" -f1) -SRP_END=$((SRP_STR + 10)) +SRP_STR="$(grep -n "VirtualHost \"$DOMAIN\"" "$PROSODY_FILE" | head -n1 | cut -d ":" -f1)" +SRP_END="$((SRP_STR + 10))" ## Required openssl for Focal 20.04 if [ "$(lsb_release -sc)" = "focal" ]; then @@ -37,26 +37,26 @@ echo "set jitsi-meet-tokens/appsecret password $SECRET_APP" | debconf-set-select apt-get install -y jitsi-meet-tokens #Setting up -sed -i "s|c2s_require_encryption = true|c2s_require_encryption = false|" $PROSODY_SYS +sed -i "s|c2s_require_encryption = true|c2s_require_encryption = false|" "$PROSODY_SYS" #- -sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"token\"|}" $PROSODY_FILE -sed -i "s|--app_id=\"example_app_id\"|app_id=\"$APP_ID\"|" $PROSODY_FILE -sed -i "s|--app_secret=\"example_app_secret\"|app_secret=\"$SECRET_APP\"|" $PROSODY_FILE -sed -i "/app_secret/a \\\\" $PROSODY_FILE -sed -i "/app_secret/a \ \ \ \ allow_empty_token = false" $PROSODY_FILE -sed -i "/app_secret/a \\\\" $PROSODY_FILE -sed -i "/app_secret/a \ \ \ \ asap_accepted_issuers = { \"$APP_ID\" }" $PROSODY_FILE -sed -i "/app_secret/a \ \ \ \ asap_accepted_audiences = { \"$APP_ID\", \"RocketChat\" }" $PROSODY_FILE -sed -i "/app_secret/a \\\\" $PROSODY_FILE -sed -i "s|--allow_empty_token =.*|allow_empty_token = false|" $PROSODY_FILE -sed -i 's|--"token_verification"|"token_verification"|' $PROSODY_FILE +sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"token\"|}" "$PROSODY_FILE" +sed -i "s|--app_id=\"example_app_id\"|app_id=\"$APP_ID\"|" "$PROSODY_FILE" +sed -i "s|--app_secret=\"example_app_secret\"|app_secret=\"$SECRET_APP\"|" "$PROSODY_FILE" +sed -i "/app_secret/a \\\\" "$PROSODY_FILE" +sed -i "/app_secret/a \ \ \ \ allow_empty_token = false" "$PROSODY_FILE" +sed -i "/app_secret/a \\\\" "$PROSODY_FILE" +sed -i "/app_secret/a \ \ \ \ asap_accepted_issuers = { \"$APP_ID\" }" "$PROSODY_FILE" +sed -i "/app_secret/a \ \ \ \ asap_accepted_audiences = { \"$APP_ID\", \"RocketChat\" }" "$PROSODY_FILE" +sed -i "/app_secret/a \\\\" "$PROSODY_FILE" +sed -i "s|--allow_empty_token =.*|allow_empty_token = false|" "$PROSODY_FILE" +sed -i 's|--"token_verification"|"token_verification"|' "$PROSODY_FILE" #Request auth -sed -i "s|#org.jitsi.jicofo.auth.URL=EXT_JWT:|org.jitsi.jicofo.auth.URL=EXT_JWT:|" $JICOFO_SIP -sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" $MEET_CONF +sed -i "s|#org.jitsi.jicofo.auth.URL=EXT_JWT:|org.jitsi.jicofo.auth.URL=EXT_JWT:|" "$JICOFO_SIP" +sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" "$MEET_CONF" #Enable jibri recording -cat << REC-JIBRI >> $PROSODY_FILE +cat << REC-JIBRI >> "$PROSODY_FILE" VirtualHost "recorder.$DOMAIN" modules_enabled = { @@ -67,7 +67,7 @@ VirtualHost "recorder.$DOMAIN" REC-JIBRI #Setup guests and lobby -cat << P_SR >> $PROSODY_FILE +cat << P_SR >> "$PROSODY_FILE" -- #Change back lobby - https://community.jitsi.org/t/64769/136 VirtualHost "guest.$DOMAIN" authentication = "token" From 1875cf5db5cbf4bd9260e615116c8a8be709d002 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Wed, 11 May 2022 23:52:44 -0500 Subject: [PATCH 09/39] Comply tools section with shellcheck recommendations. --- tools/aws-grub-setup.sh | 24 +++++------ tools/fail2ban_ssh.sh | 6 +-- tools/jibri-conf-upgrade.sh | 68 +++++++++++++++--------------- tools/jibri-resolution-enhancer.sh | 30 ++++++------- tools/start-over.sh | 20 ++++----- tools/test-jibri-env.sh | 63 ++++++++++++++------------- 6 files changed, 105 insertions(+), 106 deletions(-) diff --git a/tools/aws-grub-setup.sh b/tools/aws-grub-setup.sh index 409bb4a..14c2c24 100644 --- a/tools/aws-grub-setup.sh +++ b/tools/aws-grub-setup.sh @@ -19,7 +19,7 @@ done } # Check if user is root -if [ $UID != 0 ]; then +if [ "$UID" != 0 ]; then echo You need to run this script as root or sudo rights! exit 1 fi @@ -30,36 +30,36 @@ GRUB_FILE="/etc/default/grub" echo -e "# Check and update HWE kernel if possible...\n" apt-get -q2 update -HWE_VIR_MOD=$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)") +HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")" if [ "$HWE_VIR_MOD" = "1" ]; then apt-get -y install \ - linux-image-generic-hwe-$(lsb_release -sr) \ - linux-tools-generic-hwe-$(lsb_release -sr) + linux-image-generic-hwe-"$(lsb_release -sr)" \ + linux-tools-generic-hwe-"$(lsb_release -sr)" else apt-get -y install \ linux-image-generic \ - linux-modules-extra-$(uname -r) + linux-modules-extra-"$(uname -r)" fi apt-get -y autoremove apt-get autoclean #Write update-grub output -update-grub > $KERNEL_LOG 2>&1 +update-grub > "$KERNEL_LOG" 2>&1 #Get clean output -cat $KERNEL_LOG | awk -F'boot/' '{print$2}'|sed '/^[[:space:]]*$/d' | \ -tee ${KERNEL_LOG}.tmp -mv ${KERNEL_LOG}.tmp $KERNEL_LOG +awk -F'boot/' '{print$2}' < "$KERNEL_LOG"|sed '/^[[:space:]]*$/d' | \ +tee "$KERNEL_LOG".tmp +mv "$KERNEL_LOG".tmp "$KERNEL_LOG" echo -e "Check if AWS kernel is installed.\n" -[ $(grep -wc aws $KERNEL_LOG) = 0 ] && echo "No AWS kernel found, exiting..." && exit +[ "$(grep -wc aws "$KERNEL_LOG")" = 0 ] && echo "No AWS kernel found, exiting..." && exit #Get kernel number -RAW_KERNEL_NUM="$(grep -Fn generic $KERNEL_LOG|head -n1|cut -d ':' -f1)" +RAW_KERNEL_NUM="$(grep -Fn generic "$KERNEL_LOG"|head -n1|cut -d ':' -f1)" FIXED_KERNEL_NUM="$(awk "BEGIN{ print $RAW_KERNEL_NUM - 1 }")" echo -e "Set up GRUB for custom kernel.\n" -sed -i "s|GRUB_DEFAULT=.*|GRUB_DEFAULT=\"1\>$FIXED_KERNEL_NUM\"|" $GRUB_FILE +sed -i "s|GRUB_DEFAULT=.*|GRUB_DEFAULT=\"1\>$FIXED_KERNEL_NUM\"|" "$GRUB_FILE" echo -e "Saving changes...\n" update-grub diff --git a/tools/fail2ban_ssh.sh b/tools/fail2ban_ssh.sh index 84257a0..35d2186 100644 --- a/tools/fail2ban_ssh.sh +++ b/tools/fail2ban_ssh.sh @@ -18,7 +18,7 @@ set -x fi #Check if user is root -if ! [ $(id -u) = 0 ]; then +if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have sudo privileges!" exit 0 fi @@ -27,8 +27,8 @@ apt-get -y install fail2ban if \ [ -f /var/log/ssh_f2b.log ] && \ -[ $(grep -c 604800 /etc/fail2ban/jail.local) = "1" ] && \ -[ $(grep -c ssh_f2b.log /etc/fail2ban/jail.local) = "1"]; then +[ "$(grep -c 604800 /etc/fail2ban/jail.local)" = "1" ] && \ +[ "$(grep -c ssh_f2b.log /etc/fail2ban/jail.local)" = "1" ]; then echo -e "\nFail2ban seems to be already configured.\n" else echo -e "\nConfiguring Fail2ban...\n" diff --git a/tools/jibri-conf-upgrade.sh b/tools/jibri-conf-upgrade.sh index 177f676..654fa63 100644 --- a/tools/jibri-conf-upgrade.sh +++ b/tools/jibri-conf-upgrade.sh @@ -25,7 +25,7 @@ echo -e ' \n' #Check if user is root -if ! [ $(id -u) = 0 ]; then +if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have sudo privileges!" exit 0 fi @@ -46,19 +46,19 @@ else fi if [ -d /etc/prosody/ ];then -DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++') +DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" fi CONF_JSON="/etc/jitsi/jibri/config.json" JIBRI_CONF="/etc/jitsi/jibri/jibri.conf" -DIR_RECORD=/var/jbrecord -REC_DIR=/home/jibri/finalize_recording.sh -JibriBrewery=JibriBrewery +DIR_RECORD="/var/jbrecord" +REC_DIR="/home/jibri/finalize_recording.sh" +JibriBrewery="JibriBrewery" check_read_vars() { echo "Checking $1" if [ -z "$2" ];then - echo "This variable seems wrong, please check before continue" - exit 1 + echo "This variable seems wrong, please check before continue" + exit 1 fi } restart_services_jibri() { @@ -73,44 +73,44 @@ fi } #Prevent re-run on completed jibri upgraded instance -if [ -f $CONF_JSON_disabled ] && \ - [ -f $JIBRI_CONF ] && \ - [ -f $JIBRI_CONF-dpkg-file ]; then +if [ -f "$CONF_JSON"_disabled ] && \ + [ -f "$JIBRI_CONF" ] && \ + [ -f "$JIBRI_CONF"-dpkg-file ]; then echo -e "\n> This jibri config has been upgraded already, we'll exit...\n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \ https://github.com/switnet-ltd/quick-jibri-installer/issues\n" exit -elif [ ! -f $CONF_JSON ] && \ - [ -f $JIBRI_CONF ] && \ - [ -f $JIBRI_CONF-dpkg-file ]; then +elif [ ! -f "$CONF_JSON" ] && \ + [ -f "$JIBRI_CONF" ] && \ + [ -f "$JIBRI_CONF"-dpkg-file ]; then echo -e "\n> This jibri seems to be running the latest configuration already, we'll exit...\n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \ https://github.com/switnet-ltd/quick-jibri-installer/issues\n" exit -elif [ -f $CONF_JSON ] && \ - [ -f $JIBRI_CONF ]; then +elif [ -f "$CONF_JSON" ] && \ + [ -f "$JIBRI_CONF" ]; then echo -e "\n> This jibri config seems to be candidate for upgrading, we'll continue...\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \ https://github.com/switnet-ltd/quick-jibri-installer/issues\n" fi #Read missing variables -if [ -f $CONF_JSON ]; then +if [ -f "$CONF_JSON" ]; then echo "Reading current config.json file..." - if [ -z $DOMAIN ]; then - DOMAIN=$(jq .xmpp_environments[0].xmpp_domain $CONF_JSON|cut -d '"' -f2) + if [ -z "$DOMAIN" ]; then + DOMAIN="$(jq .xmpp_environments[0].xmpp_domain $CONF_JSON|cut -d '"' -f2)" fi - JB_NAME=$(jq .xmpp_environments[0].name $CONF_JSON|cut -d '"' -f2) - JB_AUTH_PASS=$(jq .xmpp_environments[0].control_login.password $CONF_JSON|cut -d '"' -f2) - JB_REC_PASS=$(jq .xmpp_environments[0].call_login.password $CONF_JSON|cut -d '"' -f2) - JB_NICKN=$(jq .xmpp_environments[0].control_muc.nickname $CONF_JSON|cut -d '"' -f2) + JB_NAME="$(jq .xmpp_environments[0].name $CONF_JSON|cut -d '"' -f2)" + JB_AUTH_PASS="$(jq .xmpp_environments[0].control_login.password $CONF_JSON|cut -d '"' -f2)" + JB_REC_PASS="$(jq .xmpp_environments[0].call_login.password $CONF_JSON|cut -d '"' -f2)" + JB_NICKN="$(jq .xmpp_environments[0].control_muc.nickname $CONF_JSON|cut -d '"' -f2)" else echo "Can't find the instance config.json file, exiting..." exit fi -check_read_vars "Jibri Name" $JB_NAME -check_read_vars "(Main server) Domain" $DOMAIN -check_read_vars "Control login passwd" $JB_AUTH_PASS -check_read_vars "Call login passwd" $JB_REC_PASS -check_read_vars "Jibri Node nickname" $JB_NICKN +check_read_vars "Jibri Name" "$JB_NAME" +check_read_vars "(Main server) Domain" "$DOMAIN" +check_read_vars "Control login passwd" "$JB_AUTH_PASS" +check_read_vars "Call login passwd" "$JB_REC_PASS" +check_read_vars "Jibri Node nickname" "$JB_NICKN" if [ "$MODE" = "debug" ]; then echo "$JB_NAME" @@ -122,10 +122,10 @@ fi #Backup and setup new conf file echo -e "Backing up config.json for historical purposes at:\n ${CONF_JSON}_disabled" -mv $CONF_JSON ${CONF_JSON}_disabled +mv "$CONF_JSON" "${CONF_JSON}"_disabled -mv $JIBRI_CONF ${JIBRI_CONF}-dpkg-file -cat << NEW_CONF > $JIBRI_CONF +mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file +cat << NEW_CONF > "$JIBRI_CONF" // New XMPP environment config. jibri { recording { @@ -195,13 +195,13 @@ jibri { NEW_CONF echo "Check final jibri.conf file:" -cat $JIBRI_CONF -read -n 1 -s -r -p "Press any key to continue..."$'\n' +cat "$JIBRI_CONF" +read -n 1 -s -r -p "Press any key to continue..." restart_services_jibri systemctl status jibri if [ -f /var/log/jitsi/jicofo.log ]; then -echo -e "Checking for jicofo recognizing \"Live\" jibri node..." -tail -n 10 | grep Live + echo -e "Checking for jicofo recognizing \"Live\" jibri node..." + tail -n 10 | grep Live fi diff --git a/tools/jibri-resolution-enhancer.sh b/tools/jibri-resolution-enhancer.sh index c18e879..f7e27bd 100644 --- a/tools/jibri-resolution-enhancer.sh +++ b/tools/jibri-resolution-enhancer.sh @@ -18,7 +18,7 @@ if [ "$MODE" = "debug" ]; then fi #Check if user is root -if ! [ $(id -u) = 0 ]; then +if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have sudo privileges!" exit 0 fi @@ -46,15 +46,15 @@ if [ -f "$JIBRI_OPT/jibri-res_enh.jar" ] && \ fi mkdir /tmp/jibri -cd /tmp/jibri +cd /tmp/jibri || exit #Get md5sum for current jibri installed. -apt-get download jibri=$INSTALLED_JIBRI_VERSION +apt-get download jibri="$INSTALLED_JIBRI_VERSION" ar x jibri_*.deb tar xvf data.tar.xz UPSTREAM_DEB_JAR_SUM="$(md5sum 2>/dev/null /tmp/jibri/opt/jitsi/jibri/jibri.jar |awk '{print$1}')" -if [ -z $UPSTREAM_DEB_JAR_SUM ]; then +if [ -z "$UPSTREAM_DEB_JAR_SUM" ]; then echo "Not possible to continue, exiting..." exit fi @@ -66,8 +66,8 @@ apt-get -y install devscripts \ openjdk-8-jdk #Build repository -git clone https://github.com/jitsi/jibri $JIBRI_ENH_PATH -cd $JIBRI_ENH_PATH +git clone https://github.com/jitsi/jibri "$JIBRI_ENH_PATH" +cd "$JIBRI_ENH_PATH" || exit # Default values ## videoEncodePreset - "veryfast" || h264ConstantRateFactor - 25 @@ -77,18 +77,18 @@ sed -i "/videoEncodePreset/s|String =.*|String = \"medium\",|" src/main/kotlin/ sed -i "/h264ConstantRateFactor/s|Int =.*|Int = 17,|" src/main/kotlin/org/jitsi/jibri/capture/ffmpeg/FfmpegCapturer.kt mvn package -JIBRI_JAR="$(ls -Sh $JIBRI_ENH_PATH/target|awk '/dependencies/&&/.jar/{print}'|awk 'NR==1{print}')" -cp $JIBRI_ENH_PATH/target/$JIBRI_JAR $JIBRI_ENH_PATH/target/jibri.jar +JIBRI_JAR="$(find "$JIBRI_ENH_PATH" -name \*.jar|awk '/dependencies/{print}'|awk 'NR==1{print}')" +cp "$JIBRI_ENH_PATH"/target/"$JIBRI_JAR" "$JIBRI_ENH_PATH"/target/jibri.jar # Backing up default binaries if [ "$UPSTREAM_DEB_JAR_SUM" = "$(md5sum 2>/dev/null $JIBRI_OPT/jibri.jar|awk '{print$1}')" ]; then - cp $JIBRI_OPT/jibri.jar $JIBRI_OPT/jibri-dpkg-package.jar + cp "$JIBRI_OPT"/jibri.jar "$JIBRI_OPT"/jibri-dpkg-package.jar fi # Migrate original to enhanced jibri -cp $JIBRI_ENH_PATH/target/jibri.jar $JIBRI_OPT/jibri-res_enh.jar -if [ -f $JIBRI_OPT/jibri-dpkg-package.jar ];then - cp $JIBRI_OPT/jibri-res_enh.jar $JIBRI_OPT/jibri.jar +cp "$JIBRI_ENH_PATH"/target/jibri.jar "$JIBRI_OPT"/jibri-res_enh.jar +if [ -f "$JIBRI_OPT"/jibri-dpkg-package.jar ];then + cp "$JIBRI_OPT"/jibri-res_enh.jar "$JIBRI_OPT"/jibri.jar fi JIBRI_RES_ENH_HASH="$(md5sum 2>/dev/null $JIBRI_OPT/jibri-res_enh.jar|awk '{print$1}')" @@ -99,12 +99,12 @@ if [ "$JIBRI_RES_ENH_HASH" = "$USED_JIBRI_HASH" ]; then else echo "Something went wrong, restoring default package..." if [ "$(md5sum 2>/dev/null $JIBRI_OPT/jibri-dpkg-package.jar|awk '{print$1}')" = "$UPSTREAM_DEB_JAR_SUM" ]; then - cp $JIBRI_OPT/jibri-dpkg-package.jar $JIBRI_OPT/jibri.jar + cp "$JIBRI_OPT"/jibri-dpkg-package.jar "$JIBRI_OPT"/jibri.jar CLEAN="true" else if [ -f /tmp/jibri/opt/jitsi/jibri/jibri.jar ]; then echo "Restoring from upstream package..." - cp /tmp/jibri/opt/jitsi/jibri/jibri.jar $JIBRI_OPT/jibri.jar + cp /tmp/jibri/opt/jitsi/jibri/jibri.jar "$JIBRI_OPT"/jibri.jar CLEAN="true" else echo "Wow, someone took the time to avoid restoration, please manually review your changes." @@ -115,7 +115,7 @@ else fi if [ "$CLEAN" = "true" ]; then rm -r /tmp/jibri - rm -r $JIBRI_ENH_PATH + rm -r "$JIBRI_ENH_PATH" rm /opt/jitsi/jibri/jibri-res_enh.jar fi diff --git a/tools/start-over.sh b/tools/start-over.sh index 4db729f..3b7441a 100644 --- a/tools/start-over.sh +++ b/tools/start-over.sh @@ -18,7 +18,7 @@ if [ "$MODE" = "debug" ]; then fi #Check if user is root -if ! [ $(id -u) = 0 ]; then +if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have sudo privileges!" exit 0 fi @@ -32,16 +32,16 @@ while [ $secs -gt 0 ]; do done } remove_residuals() { - if [ -d $1 ]; then - rm -r $1 + if [ -d "$1" ]; then + rm -r "$1" fi } purge_debconf() { - echo PURGE | debconf-communicate $1 + echo PURGE | debconf-communicate "$1" } remove_services() { - systemctl disable $1 - systemctl stop $1 + systemctl disable "$1" + systemctl stop "$1" } echo -e ' ######################################################################## @@ -50,8 +50,8 @@ echo -e ' by Software, IT & Networks Ltd \n' -SYNC_USER="$(ls /home|awk '/jbsync/{print}')" -DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')" +SYNC_USER="$(find /home -maxdepth 1 -type d |awk '/jbsync/{print}')" +DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" echo "We are about to remove and clean all the jitsi-meet platform bits and pieces... Please make sure you have backed up anything you don't want to loose." @@ -128,8 +128,8 @@ purge_debconf jitsi-meet-web-config purge_debconf jitsi-videobridge2 #Remove unused users & groups -if [ ! -z $SYNC_USER ]; then - deluser --remove-home $SYNC_USER +if [ -n "$SYNC_USER" ]; then + deluser --remove-home "$SYNC_USER" fi if [ -d /home/jibri ]; then deluser --remove-home jibri diff --git a/tools/test-jibri-env.sh b/tools/test-jibri-env.sh index ae87a22..39e1a0a 100644 --- a/tools/test-jibri-env.sh +++ b/tools/test-jibri-env.sh @@ -25,7 +25,7 @@ echo -e ' \n' #Check if user is root -if ! [ $(id -u) = 0 ]; then +if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have sudo privileges!" exit 0 fi @@ -39,30 +39,30 @@ check_google_binaries() { if [ -z "$2" ]; then echo "Warning: No $1 doesn't seem installed" else - echo $2 + echo "$2" fi } # True if $1 is greater than $2 version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; } -JITSI_REPO=$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f1) +JITSI_REPO="$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f1)" SND_AL_MODULE=$(lsmod | awk '{print$1}'| grep snd_aloop) -HWE_VIR_MOD=$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)") +HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")" CONF_JSON="/etc/jitsi/jibri/config.json" JIBRI_CONF="/etc/jitsi/jibri/jibri.conf" -JMS_DOMAIN="$(awk -F '"' '/xmpp-domain/{print$2}' $JIBRI_CONF)" +JMS_DOMAIN="$(awk -F '"' '/xmpp-domain/{print$2}' "$JIBRI_CONF")" CHDB="$(whereis chromedriver | awk '{print$2}')" CHD_VER_LOCAL="$($CHDB --version 2>/dev/null| awk '{print$1,$2}')" GOOGL_VER_LOCAL="$(/usr/bin/google-chrome --version 2>/dev/null)" -CHD_VER_2D="$(echo $CHD_VER_LOCAL|awk '{print$2}'|cut -d "." -f 1,2)" -GOOGL_VER_2D="$(echo $GOOGL_VER_LOCAL|awk '{print$3}'|cut -d "." -f 1,2)" +CHD_VER_2D="$(echo "$CHD_VER_LOCAL"|awk '{print$2}'|cut -d "." -f 1,2)" +GOOGL_VER_2D="$(echo "$GOOGL_VER_LOCAL"|awk '{print$3}'|cut -d "." -f 1,2)" CHD_LTST="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)" -CHD_LTST_2D="$(echo $CHD_LTST|cut -d "." -f 1,2)" +CHD_LTST_2D="$(echo "$CHD_LTST"|cut -d "." -f 1,2)" #T1 echo -e "\n#1 -- Check repository --\n" -if [ -z $JITSI_REPO ]; then +if [ -z "$JITSI_REPO" ]; then echo "No repository detected, wait whaaaat?..." while [[ "$CONT_TEST" != "yes" && "$CONT_TEST" != "no" ]] do @@ -103,7 +103,7 @@ echo -e "\n#3 -- Check Google Chrome/driver software. --\n" check_google_binaries "Google Chrome" "$GOOGL_VER_LOCAL" check_google_binaries "Chromedriver" "$CHD_VER_LOCAL" -if [ ! -z "$CHD_VER_LOCAL" ] && [ ! -z "$GOOGL_VER_LOCAL" ]; then +if [ -n "$CHD_VER_LOCAL" ] && [ -n "$GOOGL_VER_LOCAL" ]; then # Chrome upgrade process if [ "$(apt-show-versions google-chrome-stable | grep -c "uptodate")" = "1" ]; then echo -e "Google Chrome is already up to date: \xE2\x9C\x94" @@ -112,17 +112,17 @@ if [ ! -z "$CHD_VER_LOCAL" ] && [ ! -z "$GOOGL_VER_LOCAL" ]; then apt-get -yq install --only-upgrade google-chrome-stable fi # Only upgrade chromedriver if it's on a lower version, not just a different one. - if [ $CHD_VER_2D = $GOOGL_VER_2D ]; then + if [ "$CHD_VER_2D" = "$GOOGL_VER_2D" ]; then echo -e "\nChromedriver version seems according to Google Chrome: \xE2\x9C\x94" T3=1 elif version_gt "$GOOGL_VER_2D" "$CHD_VER_2D" && \ [ "$GOOGL_VER_2D" = "$CHD_LTST_2D" ]; then echo -e "\nAttempting Chromedriver update!" - wget -q https://chromedriver.storage.googleapis.com/$CHD_LTST/chromedriver_linux64.zip \ + wget -q https://chromedriver.storage.googleapis.com/"$CHD_LTST"/chromedriver_linux64.zip \ -O /tmp/chromedriver_linux64.zip unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/ - chown root:root $CHDB - chmod 0755 $CHDB + chown root:root "$CHDB" + chmod 0755 "$CHDB" rm -rf /tpm/chromedriver_linux64.zip if [ "$($CHDB -v | awk '{print $2}'|cut -d "." -f 1,2)" = "$GOOGL_VER_2D" ]; then echo "Successful update" @@ -140,24 +140,24 @@ fi #T4 echo -e "\n#4 -- Test kernel modules --\n" -if [ -z $SND_AL_MODULE ]; then +if [ -z "$SND_AL_MODULE" ]; then #First make sure the recommended kernel is installed. if [ "$HWE_VIR_MOD" = "1" ]; then apt-get -y install \ - linux-image-generic-hwe-$(lsb_release -sr) + linux-image-generic-hwe-"$(lsb_release -sr)" else apt-get -y install \ linux-image-generic \ - linux-modules-extra-$(uname -r) + linux-modules-extra-"$(uname -r)" fi echo -e "\nNo module snd_aloop detected. \xE2\x9C\x96 <== IMPORTANT! \nCurrent kernel: $(uname -r)\n" echo -e "\nIf you just installed a new kernel, \ please try rebooting.\nFor now wait 'til the end of the recommended kernel installation." echo "# Check and Install HWE kernel if possible..." if uname -r | grep -q aws;then - KNL_HWE="$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr)|awk 'NR==1{print$3}'|cut -d "." -f1-4)" - KNL_MENU="$(awk -F\' '/menuentry / {print $2}' /boot/grub/grub.cfg|awk '!/recovery/&&/generic/{print$3,$4}'|grep $KNL_HWE)" - if [ ! -z "$KNL_MENU" ];then + KNL_HWE="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)"|awk 'NR==1{print$3}'|cut -d "." -f1-4)" + KNL_MENU="$(awk -F\' '/menuentry / {print $2}' /boot/grub/grub.cfg|awk '!/recovery/&&/generic/{print$3,$4}'|grep "$KNL_HWE")" + if [ -n "$KNL_MENU" ];then echo -e "\nSeems you are using an AWS kernel \xE2\x9C\x96 <== IMPORTANT! \nYou might consider modify your grub (/etc/default/grub) to use the following:" && \ echo -e "\n > $KNL_MENU" fi @@ -172,8 +172,8 @@ fi echo -e "\n#5 -- Test .asoundrc file --\n" ASRC_MASTER="https://raw.githubusercontent.com/jitsi/jibri/master/resources/debian-package/etc/jitsi/jibri/asoundrc" ASRC_INSTALLED="/home/jibri/.asoundrc" -ASRC_MASTER_MD5SUM=$(curl -sL $ASRC_MASTER | md5sum | cut -d ' ' -f 1) -ASRC_INSTALLED_MD5SUM=$(md5sum $ASRC_INSTALLED | cut -d ' ' -f 1) +ASRC_MASTER_MD5SUM="$(curl -sL "$ASRC_MASTER" | md5sum | cut -d ' ' -f 1)" +ASRC_INSTALLED_MD5SUM="$(md5sum "$ASRC_INSTALLED" | cut -d ' ' -f 1)" if [ "$ASRC_MASTER_MD5SUM" == "$ASRC_INSTALLED_MD5SUM" ]; then echo -e "Seems to be using the latest asoundrc file available. \xE2\x9C\x94" @@ -187,20 +187,20 @@ fi echo -e "\n#6 -- Old or new config --\n" echo -e "What config version is this using?" -if [ -f ${CONF_JSON}_disabled ] && \ - [ -f $JIBRI_CONF ] && \ - [ -f $JIBRI_CONF-dpkg-file ]; then +if [ -f "${CONF_JSON}"_disabled ] && \ + [ -f "$JIBRI_CONF" ] && \ + [ -f "$JIBRI_CONF"-dpkg-file ]; then echo -e "\n> This jibri config has been upgraded already. \xE2\x9C\x94 \n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \ https://github.com/switnet-ltd/quick-jibri-installer/issues\n" T6=1 -elif [ ! -f $CONF_JSON ] && \ - [ -f $JIBRI_CONF ] && \ - [ -f ${JIBRI_CONF}-dpkg-file ]; then +elif [ ! -f "$CONF_JSON" ] && \ + [ -f "$JIBRI_CONF" ] && \ + [ -f "${JIBRI_CONF}"-dpkg-file ]; then echo -e "\n> This jibri seems to be running the latest configuration already. \xE2\x9C\x94 \n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \ https://github.com/switnet-ltd/quick-jibri-installer/issues\n" T6=1 -elif [ -f ${CONF_JSON} ] && \ - [ -f $JIBRI_CONF ]; then +elif [ -f "${CONF_JSON}" ] && \ + [ -f "$JIBRI_CONF" ]; then echo -e "\n> This jibri config seems to be candidate for upgrading. \xE2\x9C\x96 \nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \ https://github.com/switnet-ltd/quick-jibri-installer/issues\n" T6=0 @@ -220,8 +220,7 @@ fi #T7 echo -e "\n#7 -- Check for open communication port among Jibri and JMS --\n" -nc -z -v -w5 $JMS_DOMAIN 5222 -if [ "$?" -ne 0 ]; then +if ! nc -z -v -w5 "$JMS_DOMAIN" 5222 ; then echo -e "Connection failed! \xE2\x9C\x96\n > You might want to check both Jibri & JMS firewall rules (TCP 5222)." T7=0 else From ae55dfb873e9df3c0032bdf3c3461913173d3d86 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Wed, 11 May 2022 23:53:51 -0500 Subject: [PATCH 10/39] Comply main scripts with shellcheck recommendations. --- add-jibri-node.sh | 96 ++++++------ add-jvb2-node.sh | 26 ++-- etherpad-docker.sh | 39 +++-- grafana.sh | 24 +-- jitsi-updater.sh | 88 ++++++----- jm-bm.sh | 10 +- jra_nextcloud.sh | 180 +++++++++++----------- quick_jibri_installer.sh | 325 +++++++++++++++++++-------------------- 8 files changed, 396 insertions(+), 392 deletions(-) diff --git a/add-jibri-node.sh b/add-jibri-node.sh index 6d72e56..6738bbd 100644 --- a/add-jibri-node.sh +++ b/add-jibri-node.sh @@ -8,7 +8,7 @@ ### 1_LAST EDITION ### #Make sure the file name is the required one -if [ ! "$(basename $0)" = "add-jibri-node.sh" ]; then +if [ ! "$(basename "$0")" = "add-jibri-node.sh" ]; then echo "For most cases naming won't matter, for this one it does." echo "Please use the original name for this script: \`add-jibri-node.sh', and run again." exit @@ -55,7 +55,7 @@ CHD_VER="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)" GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list" GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}') GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json" -PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)" +#PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)" NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)" NJN_USER="jbnode${ADDUP}_${NJN_RAND_TAIL}" NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)" @@ -68,7 +68,7 @@ JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf" # sed limiters for add-jibri-node.sh variables var_dlim() { - grep -n $1 add-jibri-node.sh|head -n1|cut -d ":" -f1 + grep -n "$1" add-jibri-node.sh|head -n1|cut -d ":" -f1 } check_var() { @@ -89,19 +89,19 @@ echo " # Checking initial necessary variables... #-----------------------------------------------------------------------" -JMS_DATA=($MAIN_SRV_DIST \ - $MAIN_SRV_REPO \ - $MAIN_SRV_DOMAIN \ - $JibriBrewery \ - $JB_NAME \ - $JB_AUTH_PASS \ - $JB_REC_PASS \ - $MJS_USER \ - $MJS_USER_PASS \ - $JIBRI_RES_CONF \ - $JIBRI_RES_XORG_CONF) +JMS_DATA=("$MAIN_SRV_DIST" \ + "$MAIN_SRV_REPO" \ + "$MAIN_SRV_DOMAIN" \ + "$JibriBrewery" \ + "$JB_NAME" \ + "$JB_AUTH_PASS" \ + "$JB_REC_PASS" \ + "$MJS_USER" \ + "$MJS_USER_PASS" \ + "$JIBRI_RES_CONF" \ + "$JIBRI_RES_XORG_CONF") -JMS_EVAL=${JMS_DATA[0]} +JMS_EVAL="${JMS_DATA[0]}" for i in "${JMS_DATA[@]}"; do if [[ "$JMS_EVAL" != "$i" ]]; then ALL_TBD="no" @@ -152,7 +152,7 @@ else fi ### Test RAM size (8GB min) ### mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+') -if [ ${mem_available} -lt 7700000 ]; then +if [ "${mem_available}" -lt 7700000 ]; then echo " Warning!: The system do not meet the minimum RAM requirements for Jibri to run. >> We recommend 8GB RAM for Jibri! @@ -190,7 +190,7 @@ sed -i "1i 127.0.0.1 jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts # Jitsi-Meet Repo echo "Add Jitsi repo" if [ -z "$JITSI_REPO" ]; then - echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-$MAIN_SRV_REPO.list + echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-"$MAIN_SRV_REPO".list wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add - elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then echo "Main and node servers repository don't match, extiting.." @@ -235,7 +235,7 @@ else # Your audio driver might not be able to load. # We'll check the state of this Jibri with our 'test-jibri-env.sh' tool. #-----------------------------------------------------------------------" -curl -s $TEST_JIBRI_ENV > /tmp/test-jibri-env.sh +curl -s "$TEST_JIBRI_ENV" > /tmp/test-jibri-env.sh #Test tool if [ "$MODE" = "debug" ]; then bash /tmp/test-jibri-env.sh -m debug @@ -248,14 +248,14 @@ fi } echo "# Check and Install HWE kernel if possible..." -HWE_VIR_MOD=$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)") +HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")" if [ "$HWE_VIR_MOD" = "1" ]; then apt-get -y install \ - linux-image-generic-hwe-$(lsb_release -sr) + linux-image-generic-hwe-"$(lsb_release -sr)" else apt-get -y install \ linux-image-generic \ - linux-modules-extra-$(uname -r) + linux-modules-extra-"$(uname -r)" fi echo " @@ -273,7 +273,7 @@ if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then else echo "Installing Google Chrome Stable" wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - - echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee $GOOGL_REPO + echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO" fi apt-get -q2 update apt-get install -y google-chrome-stable @@ -283,7 +283,7 @@ if [ -f /usr/local/bin/chromedriver ]; then echo "Chromedriver already installed." else echo "Installing Chromedriver" - wget -q https://chromedriver.storage.googleapis.com/$CHD_VER/chromedriver_linux64.zip -O /tmp/chromedriver_linux64.zip + wget -q https://chromedriver.storage.googleapis.com/"$CHD_VER"/chromedriver_linux64.zip -O /tmp/chromedriver_linux64.zip unzip /tmp/chromedriver_linux64.zip -d /usr/local/bin/ chown root:root /usr/local/bin/chromedriver chmod 0755 /usr/local/bin/chromedriver @@ -305,18 +305,18 @@ echo " Remove Chrome warning... " mkdir -p /etc/opt/chrome/policies/managed -echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > $GCMP_JSON +echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON" # Recording directory -if [ ! -d $DIR_RECORD ]; then -mkdir $DIR_RECORD +if [ ! -d "$DIR_RECORD" ]; then +mkdir "$DIR_RECORD" fi -chown -R jibri:jibri $DIR_RECORD +chown -R jibri:jibri "$DIR_RECORD" -cat << REC_DIR > $REC_DIR +cat << REC_DIR > "$REC_DIR" #!/bin/bash -RECORDINGS_DIR=$DIR_RECORD +RECORDINGS_DIR="$DIR_RECORD" echo "This is a dummy finalize script" > /tmp/finalize.out echo "The script was invoked with recordings directory $RECORDINGS_DIR." >> /tmp/finalize.out @@ -341,12 +341,12 @@ fi exit 0 REC_DIR -chown jibri:jibri $REC_DIR -chmod +x $REC_DIR +chown jibri:jibri "$REC_DIR" +chmod +x "$REC_DIR" ## New Jibri Config (2020) -mv $JIBRI_CONF ${JIBRI_CONF}-dpkg-file -cat << NEW_CONF > $JIBRI_CONF +mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file +cat << NEW_CONF > "$JIBRI_CONF" // New XMPP environment config. jibri { streaming { @@ -459,25 +459,25 @@ jibri { NEW_CONF #Jibri xorg resolution -sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" $JIBRI_XORG_CONF +sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" "$JIBRI_XORG_CONF" echo -e "\n---- Create random nodesync user ----" -useradd -m -g jibri $NJN_USER +useradd -m -g jibri "$NJN_USER" echo "$NJN_USER:$NJN_USER_PASS" | chpasswd echo -e "\n---- We'll connect to main server ----" read -n 1 -s -r -p "Press any key to continue..."$'\n' -sudo su $NJN_USER -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''" +sudo su "$NJN_USER" -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''" #Workaround for jibri to do cleaning. -install -m 0600 -o jibri /home/$NJN_USER/.ssh/id_rsa /home/jibri/jbsync.pem +install -m 0600 -o jibri /home/"$NJN_USER"/.ssh/id_rsa /home/jibri/jbsync.pem sudo su jibri -c "install -D /dev/null /home/jibri/.ssh/known_hosts" sudo su jibri -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts" echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n" -ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> ~/.ssh/known_hosts -ssh $MJS_USER@$MAIN_SRV_DOMAIN sh -c "'cat >> .ssh/authorized_keys'" < /home/$NJN_USER/.ssh/id_rsa.pub -sudo su $NJN_USER -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts" +ssh-keyscan -t rsa "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts +ssh "$MJS_USER"@"$MAIN_SRV_DOMAIN" sh -c "'cat >> .ssh/authorized_keys'" < /home/"$NJN_USER"/.ssh/id_rsa.pub +sudo su "$NJN_USER" -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts" echo -e "\n---- Setup Log system ----" cat << INOT_RSYNC > /etc/jitsi/jibri/remote-jbsync.sh @@ -486,21 +486,21 @@ cat << INOT_RSYNC > /etc/jitsi/jibri/remote-jbsync.sh # Log process exec 3>&1 4>&2 trap 'exec 2>&4 1>&3' 0 1 2 3 -exec 1>/var/log/$NJN_USER/remote_jnsync.log 2>&1 +exec 1>/var/log/"$NJN_USER"/remote_jnsync.log 2>&1 # Run sync while true; do - inotifywait -t 60 -r -e modify,attrib,close_write,move,delete $DIR_RECORD - sudo su $NJN_USER -c "rsync -Aax --info=progress2 --remove-source-files --exclude '.*/' $DIR_RECORD/ $MJS_USER@$MAIN_SRV_DOMAIN:$DIR_RECORD" - find $DIR_RECORD -depth -type d -empty -not -path $DIR_RECORD -delete + inotifywait -t 60 -r -e modify,attrib,close_write,move,delete "$DIR_RECORD" + sudo su "$NJN_USER" -c "rsync -Aax --info=progress2 --remove-source-files --exclude '.*/' $DIR_RECORD/ $MJS_USER@$MAIN_SRV_DOMAIN:$DIR_RECORD" + find "$DIR_RECORD" -depth -type d -empty -not -path "$DIR_RECORD" -delete done INOT_RSYNC -mkdir /var/log/$NJN_USER +mkdir /var/log/"$NJN_USER" -cat << LOG_ROT > /etc/logrotate.d/$NJN_USER -/var/log/$NJN_USER/*.log { +cat << LOG_ROT > /etc/logrotate.d/"$NJN_USER" +/var/log/"$NJN_USER"/*.log { monthly missingok rotate 12 @@ -561,7 +561,7 @@ echo " echo "Make sure to reboot, it's necessary before *any* usage. Rebooting in..." secs=$((15)) -while [ $secs -gt 0 ]; do +while [ "$secs" -gt 0 ]; do echo -ne "$secs\033[0K\r" sleep 1 : $((secs--)) diff --git a/add-jvb2-node.sh b/add-jvb2-node.sh index 34fdb46..d85a120 100644 --- a/add-jvb2-node.sh +++ b/add-jvb2-node.sh @@ -8,7 +8,7 @@ ### 1_LAST EDITION ### #Make sure the file name is the required one -if [ ! "$(basename $0)" = "add-jvb2-node.sh" ]; then +if [ ! "$(basename "$0")" = "add-jvb2-node.sh" ]; then echo "For most cases naming won't matter, for this one it does." echo "Please use the original name for this script: \`add-jvb2-node.sh', and run again." exit @@ -53,10 +53,10 @@ SHARD_DOMAIN=TBD SHARD_PASS=TBD MUC_JID=TBD -MJS_USER=TBD -MJS_USER_PASS=TBD -START=0 -LAST=TBD +#MJS_USER=TBD +#MJS_USER_PASS=TBD +#START=0 +#LAST=TBD THIS_SRV_DIST=$(lsb_release -sc) JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR==1{print$1}') @@ -71,7 +71,7 @@ SHORT_ID="$(awk '{print substr($0,0,7)}' /etc/machine-id)" # sed limiters for add-jvb2-node.sh variables var_dlim() { - grep -n $1 add-jvb2-node.sh|head -n1|cut -d ":" -f1 + grep -n "$1" add-jvb2-node.sh|head -n1|cut -d ":" -f1 } check_var() { @@ -105,7 +105,7 @@ else fi ### Test RAM size (8GB min) ### mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+') -if [ ${mem_available} -lt 7700000 ]; then +if [ "${mem_available}" -lt 7700000 ]; then echo " Warning!: The system do not meet the CPU recomendations for a JVB node for heavy loads. >> We recommend 8GB RAM or above for JVB2! @@ -141,7 +141,7 @@ echo " #-----------------------------------------------------------------------" check_var JVB_HOSTNNAME "$JVB_HOSTNAME" -if [ -z $JVB_HOST ]; then +if [ -z "$JVB_HOST" ]; then echo "JVB_HOST is empty, but it may be ok for it to be empty, skipping empty test." else check_var JVB_HOST "$JVB_HOST" @@ -166,7 +166,7 @@ sed -i "1i 127.0.0.1 jvb_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts # Jitsi-Meet Repo echo "Add Jitsi repo" if [ -z "$JITSI_REPO" ]; then - echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-$MAIN_SRV_REPO.list + echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-"$MAIN_SRV_REPO".list wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add - elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then echo "Main and node servers repository don't match, extiting.." @@ -193,14 +193,14 @@ apt-get -y install \ wget echo "# Check and Install HWE kernel if possible..." -HWE_VIR_MOD=$(apt-cache madison linux-modules-extra-virtual-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "extra-virtual-hwe") +HWE_VIR_MOD="$(apt-cache madison linux-modules-extra-virtual-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c "extra-virtual-hwe")" if [ "$HWE_VIR_MOD" == "1" ]; then apt-get -y install \ - linux-image-generic-hwe-$(lsb_release -sr) \ - linux-modules-extra-virtual-hwe-$(lsb_release -sr) + linux-image-generic-hwe-"$(lsb_release -sr)" \ + linux-modules-extra-virtual-hwe-"$(lsb_release -sr)" else apt-get -y install \ - linux-modules-extra-$(uname -r) + linux-modules-extra-"$(uname -r)" fi echo " diff --git a/etherpad-docker.sh b/etherpad-docker.sh index c9568ff..cde6471 100644 --- a/etherpad-docker.sh +++ b/etherpad-docker.sh @@ -18,7 +18,7 @@ if [ "$MODE" = "debug" ]; then set -x fi -if ! [ $(id -u) = 0 ]; then +if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have sudo privileges!" exit 0 fi @@ -35,14 +35,14 @@ check_apt_policy() { apt-cache policy 2>/dev/null| awk "/$1/{print \$3}" | awk -F '/' 'NR==1{print$2}' } install_ifnot() { -if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then +if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then echo " $1 is installed, skipping..." else echo -e "\n---- Installing $1 ----" - apt-get -yq2 install $1 + apt-get -yq2 install "$1" fi } -DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')" +DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js" WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf" PSGVER="$(apt-cache madison postgresql|awk -F'[ +]' 'NR==1{print $3}')" @@ -65,7 +65,7 @@ read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS # Install required packages install_ifnot docker-ce -install_ifnot postgresql-$PSGVER +install_ifnot postgresql-"$PSGVER" # Create DB echo -e "> Creating postgresql database for container...\n" @@ -100,37 +100,36 @@ fi # Tune webserver for Jitsi App control -if [ $(grep -c "etherpad" $WS_CONF) != 0 ]; then +if [ "$(grep -c etherpad "$WS_CONF")" != 0 ]; then echo "> Webserver seems configured, skipping..." -elif [ -f $WS_CONF ]; then +elif [ -f "$WS_CONF" ]; then echo "> Setting up webserver configuration file..." - sed -i "/# ensure all static content can always be found first/i \ \ \ \ #Etherpad block" $WS_CONF - sed -i "/# ensure all static content can always be found first/i \ \ \ \ location \^\~\ \/etherpad\/ {" $WS_CONF - sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:9001\/;" $WS_CONF - sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_set_header X-Forwarded-For \$remote_addr;" $WS_CONF - sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_buffering off;" $WS_CONF - sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_set_header Host \$host;" $WS_CONF - sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" $WS_CONF - sed -i "/# ensure all static content can always be found first/i \\\n" $WS_CONF + sed -i "/# ensure all static content can always be found first/i \ \ \ \ #Etherpad block" "$WS_CONF" + sed -i "/# ensure all static content can always be found first/i \ \ \ \ location \^\~\ \/etherpad\/ {" "$WS_CONF" + sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:9001\/;" "$WS_CONF" + sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_set_header X-Forwarded-For \$remote_addr;" "$WS_CONF" + sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_buffering off;" "$WS_CONF" + sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF" + sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" "$WS_CONF" + sed -i "/# ensure all static content can always be found first/i \\\n" "$WS_CONF" else echo "> No etherpad config done to server file, please report to: -> https://github.com/switnet-ltd/quick-jibri-installer/issues" fi # Configure config.js -if [ $(grep -c "etherpad_base" $WS_CONF) != 0 ]; then +if [ "$(grep -c "etherpad_base" "$WS_CONF")" != 0 ]; then echo -e "> $MEET_CONF seems configured, skipping...\n" else echo -e "> Setting etherpad domain at $MEET_CONF...\n" - sed -i "/ openSharedDocumentOnJoin:/a\ \ \ \ etherpad_base: \'https://$DOMAIN/etherpad/p/\'," $MEET_CONF + sed -i "/ openSharedDocumentOnJoin:/a\ \ \ \ etherpad_base: \'https://$DOMAIN/etherpad/p/\'," "$MEET_CONF" fi echo "> Checking nginx configuration..." -nginx -t 2>/dev/null -if [ $? = 0 ]; then +if nginx -t 2>/dev/null ; then echo -e " -- Docker configuration seems fine, enabling it." - systemctl reload nginx +# systemctl reload nginx else echo "Please check your configuration, something may be wrong." echo "Will not try to enable etherpad nginx configuration, please report to: diff --git a/grafana.sh b/grafana.sh index 093b4db..b914e5e 100644 --- a/grafana.sh +++ b/grafana.sh @@ -26,7 +26,7 @@ if [ "$MODE" = "debug" ]; then set -x fi -if ! [ $(id -u) = 0 ]; then +if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have sudo privileges!" exit 0 fi @@ -39,14 +39,14 @@ echo ' by Software, IT & Networks Ltd ' run_service() { -systemctl enable $1 -systemctl restart $1 -systemctl status $1 +systemctl enable "$1" +systemctl restart "$1" +systemctl status "$1" } MAIN_TEL="/etc/telegraf/telegraf.conf" TEL_JIT="/etc/telegraf/telegraf.d/jitsi.conf" GRAFANA_INI="/etc/grafana/grafana.ini" -DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')" +DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf" GRAFANA_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)" @@ -162,11 +162,11 @@ while [ $secs -gt 0 ]; do : $((secs--)) done -if [ -f $WS_CONF ]; then - sed -i "/# ensure all static content can always be found first/i \ \ \ \ location \~ \^\/(grafana\/|grafana\/login) {" $WS_CONF - sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:3000;" $WS_CONF - sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" $WS_CONF - sed -i "/# ensure all static content can always be found first/i \\\n" $WS_CONF +if [ -f "$WS_CONF" ]; then + sed -i "/# ensure all static content can always be found first/i \ \ \ \ location \~ \^\/(grafana\/|grafana\/login) {" "$WS_CONF" + sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:3000;" "$WS_CONF" + sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" "$WS_CONF" + sed -i "/# ensure all static content can always be found first/i \\\n" "$WS_CONF" systemctl restart nginx else echo "No app configuration done to server file, please report to: @@ -206,8 +206,8 @@ grafana_cred="admin:$GRAFANA_PASS" grafana_datasource="InfluxDB" ds=(11969); for d in "${ds[@]}"; do - echo -n "Processing $d: " - j=$(curl -s -k -u "$grafana_cred" $grafana_host/api/gnet/dashboards/$d | jq .json) + echo "Processing $d: " + j="$(curl -s -k -u "$grafana_cred" "$grafana_host"/api/gnet/dashboards/"$d" | jq .json)" curl -s -k -u "$grafana_cred" -XPOST -H "Accept: application/json" \ -H "Content-Type: application/json" \ -d "{ diff --git a/jitsi-updater.sh b/jitsi-updater.sh index 241ad31..ea115f4 100644 --- a/jitsi-updater.sh +++ b/jitsi-updater.sh @@ -9,8 +9,11 @@ Purple='\e[0;35m' Green='\e[0;32m' Yellow='\e[0;33m' Color_Off='\e[0m' +printwc() { + printf "%b$2%b" "$1" "${Color_Off}" +} #Check if user is root -if ! [ $(id -u) = 0 ]; then +if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have sudo privileges!" exit 0 fi @@ -23,28 +26,28 @@ support="https://switnet.net/support" apt_repo="/etc/apt/sources.list.d" ENABLE_BLESSM="TBD" CHD_LTST="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)" -CHD_LTST_2D="$(echo $CHD_LTST|cut -d "." -f 1,2)" +CHD_LTST_2D="$(echo "$CHD_LTST"|cut -d "." -f 1,2)" CHDB="$(whereis chromedriver | awk '{print$2}')" -DOMAIN="$(ls /etc/prosody/conf.d|awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')" +DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" NC_DOMAIN="TBD" JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf" -if [ -f $JITSI_MEET_PROXY ];then -PREAD_PROXY=$(grep -nr "preread_server_name" $JITSI_MEET_PROXY | cut -d ":" -f1) +if [ -f "$JITSI_MEET_PROXY" ];then +PREAD_PROXY=$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" -f1) fi INT_CONF="/usr/share/jitsi-meet/interface_config.js" INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js" jibri_packages="$(grep Package /var/lib/apt/lists/download.jitsi.org_*_Packages |sort -u|awk '{print $2}'|sed 's|jigasi||')" AVATAR="$(grep -r avatar /etc/nginx/sites-*/ 2>/dev/null)" -if [ -f $apt_repo/google-chrome.list ]; then +if [ -f "$apt_repo"/google-chrome.list ]; then google_package=$(grep Package /var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages | sort -u | cut -d ' ' -f2) else echo "Seems no Google repo installed" fi -if [ -z $CHDB ]; then +if [ -z "$CHDB" ]; then echo "Seems no chromedriver installed" else CHD_VER_LOCAL="$($CHDB -v | awk '{print $2}')" - CHD_VER_2D="$(echo $CHD_VER_LOCAL|awk '{printf "%.1f\n", $NF}')" + CHD_VER_2D="$(echo "$CHD_VER_LOCAL"|awk '{printf "%.1f\n", $NF}')" fi # True if $1 is greater than $2 @@ -72,21 +75,21 @@ restart_services() { update_jitsi_repo() { apt-get update -o Dir::Etc::sourcelist="sources.list.d/jitsi-$1.list" \ -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" - apt-get install -qq --only-upgrade $jibri_packages + apt-get install -qq --only-upgrade "$jibri_packages" } update_google_repo() { - if [ -f $apt_repo/google-chrome.list ]; then + if [ -f "$apt_repo"/google-chrome.list ]; then apt-get update -o Dir::Etc::sourcelist="sources.list.d/google-chrome.list" \ -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" - apt-get install -qq --only-upgrade $google_package + apt-get install -qq --only-upgrade "$google_package" else echo "No Google repository found" fi } GOOGL_VER_2D="$(/usr/bin/google-chrome --version|awk '{printf "%.1f\n", $NF}')" upgrade_cd() { -if [ ! -z "$GOOGL_VER_2D" ]; then +if [ -n "$GOOGL_VER_2D" ]; then if version_gt "$GOOGL_VER_2D" "$CHD_VER_2D" ; then echo "Upgrading Chromedriver to Google Chromes version" wget -q https://chromedriver.storage.googleapis.com/"$CHD_LTST"/chromedriver_linux64.zip \ @@ -95,33 +98,38 @@ if [ ! -z "$GOOGL_VER_2D" ]; then chown root:root "$CHDB" chmod 0755 "$CHDB" rm -rf /tpm/chromedriver_linux64.zip - printf "Current version: ${Green} "$($CHDB -v |awk '{print $2}'|awk '{printf "%.1f\n", $NF}')" ${Color_Off} (latest available)\n" + printf "Current version: " + printwc "$Green" "$($CHDB -v |awk '{print $2}'|awk '{printf "%.1f\n", $NF}')" + echo -e " (latest available)\n" elif [ "$GOOGL_VER_2D" = "$CHD_LTST_2D" ]; then echo "No need to upgrade Chromedriver" - printf "Current version: ${Green} $CHD_VER_2D ${Color_Off}\n" + printf "Current version: " + printwc "$Green" "$CHD_VER_2D\n" fi else - printf "${Yellow} -> No Google Chrome versión to match, leaving untouched.${Color_Off}\n" + printwc "${Yellow}" " -> No Google Chrome versión to match, leaving untouched.\n" fi } check_lst_cd() { -printf "${Purple}Checking for the latest Chromedriver${Color_Off}\n" -if [ -f $CHDB ]; then - printf "Current installed Chromedriver: ${Yellow} $CHD_VER_2D ${Color_Off}\n" - printf "Current installed Google Chrome: ${Green} $GOOGL_VER_2D ${Color_Off}\n" +printwc "${Purple}" "Checking for the latest Chromedriver\n" +if [ -f "$CHDB" ]; then + printf "Current installed Chromedriver: " + printwc "${Yellow}" "$CHD_VER_2D\n" + printf "Current installed Google Chrome: " + printwc "${Green}" "$GOOGL_VER_2D\n" upgrade_cd else - printf "${Yellow} -> Seems there is no Chromedriver installed${Color_Off}\n" + printwc "${Yellow}" " -> Seems there is no Chromedriver installed\n" fi } -printf "${Blue}Update & upgrade Jitsi and components${Color_Off}\n" -if [ -f $apt_repo/jitsi-unstable.list ]; then +printwc "${Blue}" "Update & upgrade Jitsi and components\n" +if [ -f "$apt_repo"/jitsi-unstable.list ]; then update_jitsi_repo unstable update_google_repo check_lst_cd -elif [ -f $apt_repo/jitsi-stable.list ]; then +elif [ -f "$apt_repo"/jitsi-stable.list ]; then update_jitsi_repo stable update_google_repo check_lst_cd @@ -144,35 +152,33 @@ if [ -f "$INT_CONF_ETC" ]; then echo "Static interface_config.js exists, skipping modification..." else echo "This setup doesn't have a static interface_config.js, checking changes..." - printf "${Purple}========== Setting Static Avatar ==========${Color_Off}\n" + printwc "${Purple}" "========== Setting Static Avatar ==========\n" if [[ -z "$AVATAR" ]]; then echo "Moving on..." else echo "Setting Static Avatar" - sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'http://$DOMAIN/avatar/\'|" $INT_CONF - sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" $INT_CONF + sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'http://$DOMAIN/avatar/\'|" "$INT_CONF" + sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" "$INT_CONF" fi - printf "${Purple}========== Setting Support Link ==========${Color_Off}\n" - if [[ -z $support ]]; then + printwc "${Purple}" "========== Setting Support Link ==========\n" + if [[ -z "$support" ]]; then echo "Moving on..." else echo "Setting Support custom link" - sed -i "s|https://jitsi.org/live|$support|g" $INT_CONF + sed -i "s|https://jitsi.org/live|$support|g" "$INT_CONF" fi - printf "${Purple}========== Disable Blur my background ==========${Color_Off}\n" - sed -i "s|'videobackgroundblur', ||" $INT_CONF + printwc "${Purple}" "========== Disable Blur my background ==========\n" + sed -i "s|'videobackgroundblur', ||" "$INT_CONF" fi if [ "$NC_DOMAIN" != "TBD" ]; then -printf "${Purple}========== Enable $NC_DOMAIN for sync client ==========${Color_Off}\n" +printwc "${Purple}" "========== Enable $NC_DOMAIN for sync client ==========\n" if [ -z "$PREAD_PROXY" ]; then - echo " - Setting up Nextcloud domain on Jitsi Meet turn proxy -" - sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" $JITSI_MEET_PROXY - sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" $JITSI_MEET_PROXY - sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" $JITSI_MEET_PROXY - sed -i "/server {/i \ \ }" $JITSI_MEET_PROXY + printf "\n Setting up Nextcloud domain on Jitsi Meet turn proxy\n\n" + sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" "$JITSI_MEET_PROXY" + sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" "$JITSI_MEET_PROXY" + sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" "$JITSI_MEET_PROXY" + sed -i "/server {/i \ \ }" "$JITSI_MEET_PROXY" else echo "$NC_DOMAIN seems to be on place, skipping..." fi @@ -183,6 +189,6 @@ restart_services # Brandless mode # ######################################################################## if [ "$ENABLE_BLESSM" = "on" ]; then - bash $PWD/jm-bm.sh + bash "$PWD"/jm-bm.sh fi -printf "${Blue}Script completed \o/! ${Color_Off}\n" +printwc "${Blue}" "Script completed \o/!\n" diff --git a/jm-bm.sh b/jm-bm.sh index 6a0d68c..156259a 100644 --- a/jm-bm.sh +++ b/jm-bm.sh @@ -4,7 +4,7 @@ # SwITNet Ltd © - 2021, https://switnet.net/ # GNU GPLv3 or later. -DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')" +DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" CSS_FILE="/usr/share/jitsi-meet/css/all.css" TITLE_FILE="/usr/share/jitsi-meet/title.html" INT_CONF="/usr/share/jitsi-meet/interface_config.js" @@ -21,7 +21,7 @@ MOVILE_APP_NAME="Jitsi Meet" PART_USER="Participant" LOCAL_USER="me" # -SEC_ROOM="TBD" +#SEC_ROOM="TBD" echo ' #-------------------------------------------------- # Applying Brandless mode @@ -43,7 +43,7 @@ fi if [ ! -f "$REC_ICON_PATH" ];then cp images/gnome_record.png "$REC_ICON_PATH" else - echo "recording icon exists, skipping copying..." + echo "recording icon exists, skipping copying..." fi #Custom / Remove icons @@ -53,8 +53,8 @@ sed -i "s|jitsilogo.png|watermark2.png|g" "$TITLE_FILE" sed -i "s|logo-deep-linking.png|watermark2.png|g" "$BUNDLE_JS" sed -i "s|jitsiLogo_square.png|gnome_record.png|g" "$BUNDLE_JS" #Disable logo and url -if [ -z "$(grep -nr ".leftwatermark{display:none" "$CSS_FILE")" ]; then -sed -i "s|.leftwatermark{|.leftwatermark{display:none;|" "$CSS_FILE" +if ! grep -nr ".leftwatermark{display:none" "$CSS_FILE" ; then + sed -i "s|.leftwatermark{|.leftwatermark{display:none;|" "$CSS_FILE" fi #Customize room title diff --git a/jra_nextcloud.sh b/jra_nextcloud.sh index a366440..b14f98d 100644 --- a/jra_nextcloud.sh +++ b/jra_nextcloud.sh @@ -16,12 +16,12 @@ if [ "$MODE" = "debug" ]; then set -x fi -if ! [ $(id -u) = 0 ]; then +if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have sudo privileges!" exit 0 fi exit_if_not_installed() { -if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" != "1" ]; then +if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then echo " This instance doesn't have $1 installed, exiting..." echo " If you think this is an error, please report to: -> https://github.com/switnet-ltd/quick-jibri-installer/issues " @@ -38,14 +38,14 @@ echo -e '\n exit_if_not_installed jitsi-meet DISTRO_RELEASE="$(lsb_release -sc)" -DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')" +DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" PHP_REPO="$(apt-cache policy | awk '/http/&&/php/{print$2}' | awk -F "/" 'NR==1{print$5}')" PHPVER="7.4" PSGVER="$(apt-cache madison postgresql|awk -F'[ +]' 'NR==1{print $3}')" PHP_FPM_DIR="/etc/php/$PHPVER/fpm" PHP_INI="$PHP_FPM_DIR/php.ini" PHP_CONF="/etc/php/$PHPVER/fpm/pool.d/www.conf" -NC_NGINX_SSL_PORT="$(grep "listen 44" /etc/nginx/sites-available/$DOMAIN.conf | awk '{print$2}')" +NC_NGINX_SSL_PORT="$(grep "listen 44" /etc/nginx/sites-available/"$DOMAIN".conf | awk '{print$2}')" NC_REPO="https://download.nextcloud.com/server/releases" NCVERSION="$(curl -s -m 900 $NC_REPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)" STABLEVERSION="nextcloud-$NCVERSION" @@ -62,10 +62,11 @@ PREAD_PROXY=$(grep -nr "preread_server_name" $JITSI_MEET_PROXY | cut -d ":" -f1) fi PUBLIC_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)" ISO3166_CODE=TBD +NL="$(echo -e '\n> ')" while [[ "$ANS_NCD" != "yes" ]] do - read -p "> Please set your domain (or subdomain) here for Nextcloud: (e.g.: cloud.domain.com)"$'\n' -r NC_DOMAIN + read -p "> Please set your domain (or subdomain) here for Nextcloud: (e.g.: cloud.domain.com)$NL" -r NC_DOMAIN if [ -z "$NC_DOMAIN" ];then echo "-- This field is mandatory." elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then @@ -79,13 +80,12 @@ do fi done #Simple DNS test -if [ "$PUBLIC_IP" = "$(dig -4 +short $NC_DOMAIN|awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then - echo "Server public IP & DNS record for $NC_DOMAIN seems to match, continuing... -" +if [ "$PUBLIC_IP" = "$(dig -4 +short "$NC_DOMAIN"|awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then + echo -e "Server public IP & DNS record for $NC_DOMAIN seems to match, continuing...\n\n" else echo "Server public IP ($PUBLIC_IP) & DNS record for $NC_DOMAIN don't seem to match." echo " > Please check your dns records are applied and updated, otherwise Nextcloud may fail." - read -p " > Do you want to continue?: (yes or no)"$'\n' -r DNS_CONTINUE + read -p " > Do you want to continue?: (yes or no)$NL" -r DNS_CONTINUE if [ "$DNS_CONTINUE" = "yes" ]; then echo " - We'll continue anyway..." else @@ -114,7 +114,7 @@ while [[ "$ENABLE_HSTS" != "yes" && "$ENABLE_HSTS" != "no" ]] do read -p "> Do you want to enable HSTS for this domain?: (yes or no) Be aware this option apply mid-term effects on the domain, choose \"no\" - in case you don't know what you are doing. More at https://hstspreload.org/"$'\n' -r ENABLE_HSTS + in case you don't know what you are doing. More at https://hstspreload.org/$NL" -r ENABLE_HSTS if [ "$ENABLE_HSTS" = "no" ]; then echo "-- HSTS won't be enabled." elif [ "$ENABLE_HSTS" = "yes" ]; then @@ -129,7 +129,7 @@ while [ ${#ISO3166_CODE} -gt 2 ]; do echo -e "Some examples might be: Germany > DE | Mexico > MX | Spain > ES | USA > US\n Do you want to set such code for your installation?" && \ -read -p "Leave empty if you don't want to set any: "$'\n' ISO3166_CODE +read -p "Leave empty if you don't want to set any: " -r ISO3166_CODE if [ ${#ISO3166_CODE} -gt 2 ]; then echo -e "\n-- This code is only 2 characters long, please check your input.\n" fi @@ -137,7 +137,7 @@ done echo -e "\n# Check for jitsi-meet/jibri\n" if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ] || \ - [ -f /etc/prosody/conf.d/$DOMAIN.conf ]; then + [ -f /etc/prosody/conf.d/"$DOMAIN".conf ]; then echo "jitsi meet/jibri is installed, checking version:" apt-show-versions jibri else @@ -146,7 +146,7 @@ else fi exit_ifinstalled() { -if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then +if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then echo " This instance already has $1 installed, exiting..." echo " If you think this is an error, please report to: -> https://github.com/switnet-ltd/quick-jibri-installer/issues " @@ -154,11 +154,11 @@ if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" = fi } install_ifnot() { -if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then +if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then echo " $1 is installed, skipping..." else echo -e "\n---- Installing $1 ----" - apt-get -yq2 install $1 + apt-get -yq2 install "$1" fi } add_php74() { @@ -174,46 +174,46 @@ else fi } #Prevent root folder permission issues -cp $PWD/files/jra-nc-app-ef.json /tmp +cp "$PWD"/files/jra-nc-app-ef.json /tmp -exit_ifinstalled postgresql-$PSGVER +exit_ifinstalled postgresql-"$PSGVER" ## Install software requirements # PostgresSQL -install_ifnot postgresql-$PSGVER +install_ifnot postgresql-"$PSGVER" # PHP 7.4 add_php74 apt-get install -y \ imagemagick \ - php$PHPVER-fpm \ - php$PHPVER-bcmath \ - php$PHPVER-bz2 \ - php$PHPVER-curl \ - php$PHPVER-gd \ - php$PHPVER-gmp \ - php$PHPVER-imagick \ - php$PHPVER-intl \ - php$PHPVER-json \ - php$PHPVER-ldap \ - php$PHPVER-mbstring \ - php$PHPVER-pgsql \ - php$PHPVER-redis \ - php$PHPVER-soap \ - php$PHPVER-xml \ - php$PHPVER-xmlrpc \ - php$PHPVER-zip \ + php"$PHPVER"-fpm \ + php"$PHPVER"-bcmath \ + php"$PHPVER"-bz2 \ + php"$PHPVER"-curl \ + php"$PHPVER"-gd \ + php"$PHPVER"-gmp \ + php"$PHPVER"-imagick \ + php"$PHPVER"-intl \ + php"$PHPVER"-json \ + php"$PHPVER"-ldap \ + php"$PHPVER"-mbstring \ + php"$PHPVER"-pgsql \ + php"$PHPVER"-redis \ + php"$PHPVER"-soap \ + php"$PHPVER"-xml \ + php"$PHPVER"-xmlrpc \ + php"$PHPVER"-zip \ redis-server \ unzip #System related install_ifnot smbclient -sed -i "s|.*env\[HOSTNAME\].*|env\[HOSTNAME\] = \$HOSTNAME|" $PHP_CONF -sed -i "s|.*env\[PATH\].*|env\[PATH\] = /usr/local/bin:/usr/bin:/bin|" $PHP_CONF -sed -i "s|.*env\[TMP\].*|env\[TMP\] = /tmp|" $PHP_CONF -sed -i "s|.*env\[TMPDIR\].*|env\[TMPDIR\] = /tmp|" $PHP_CONF -sed -i "s|.*env\[TEMP\].*|env\[TEMP\] = /tmp|" $PHP_CONF -sed -i "s|;clear_env = no|clear_env = no|" $PHP_CONF +sed -i "s|.*env\[HOSTNAME\].*|env\[HOSTNAME\] = \$HOSTNAME|" "$PHP_CONF" +sed -i "s|.*env\[PATH\].*|env\[PATH\] = /usr/local/bin:/usr/bin:/bin|" "$PHP_CONF" +sed -i "s|.*env\[TMP\].*|env\[TMP\] = /tmp|" "$PHP_CONF" +sed -i "s|.*env\[TMPDIR\].*|env\[TMPDIR\] = /tmp|" "$PHP_CONF" +sed -i "s|.*env\[TEMP\].*|env\[TEMP\] = /tmp|" "$PHP_CONF" +sed -i "s|;clear_env = no|clear_env = no|" "$PHP_CONF" echo " Tunning PHP.ini... @@ -244,14 +244,14 @@ echo "opcache.revalidate_freq=1" echo "opcache.validate_timestamps=1" } >> "$PHP_INI" -systemctl restart php$PHPVER-fpm.service +systemctl restart php"$PHPVER"-fpm.service #-------------------------------------------------- # Create DB user #-------------------------------------------------- echo -e "\n---- Creating the PgSQL DB & User ----" -cd /tmp +cd /tmp || exit sudo -u postgres psql < $NC_NGINX_CONF +cat << NC_NGINX > "$NC_NGINX_CONF" #nextcloud config upstream php-handler { #server 127.0.0.1:9000; @@ -417,9 +417,9 @@ server { } NC_NGINX systemctl stop nginx -letsencrypt certonly --standalone --renew-by-default --agree-tos -d $NC_DOMAIN -if [ -f /etc/letsencrypt/live/$NC_DOMAIN/fullchain.pem ];then - ln -s $NC_NGINX_CONF /etc/nginx/sites-available/ +letsencrypt certonly --standalone --renew-by-default --agree-tos -d "$NC_DOMAIN" +if [ -f /etc/letsencrypt/live/"$NC_DOMAIN"/fullchain.pem ];then + ln -s "$NC_NGINX_CONF" /etc/nginx/sites-available/ else echo "There are issues on getting the SSL certs..." read -n 1 -s -r -p "Press any key to continue" @@ -428,34 +428,34 @@ nginx -t systemctl restart nginx if [ "$ENABLE_HSTS" = "yes" ]; then - sed -i "s|#add_header Strict-Transport-Security|add_header Strict-Transport-Security|g" $NC_NGINX_CONF + sed -i "s|#add_header Strict-Transport-Security|add_header Strict-Transport-Security|g" "$NC_NGINX_CONF" fi -if [ ! -z "$PREAD_PROXY" ]; then +if [ -n "$PREAD_PROXY" ]; then echo " Setting up Nextcloud domain on Jitsi Meet turn proxy " - sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" $JITSI_MEET_PROXY - sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" $JITSI_MEET_PROXY - sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" $JITSI_MEET_PROXY - sed -i "/server {/i \ \ }" $JITSI_MEET_PROXY + sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" "$JITSI_MEET_PROXY" + sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" "$JITSI_MEET_PROXY" + sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" "$JITSI_MEET_PROXY" + sed -i "/server {/i \ \ }" "$JITSI_MEET_PROXY" fi echo " Latest version to be installed: $STABLEVERSION (This might take sometime, please be patient...) " -curl -s $NC_REPO/$STABLEVERSION.zip > /tmp/$STABLEVERSION.zip -unzip -q /tmp/$STABLEVERSION.zip -mv nextcloud $NC_PATH +curl -s "$NC_REPO"/"$STABLEVERSION".zip > /tmp/"$STABLEVERSION".zip +unzip -q /tmp/"$STABLEVERSION".zip +mv nextcloud "$NC_PATH" -chown -R www-data:www-data $NC_PATH -chmod -R 755 $NC_PATH +chown -R www-data:www-data "$NC_PATH" +chmod -R 755 "$NC_PATH" echo " Database installation... " -sudo -u www-data php $NC_PATH/occ maintenance:install \ +sudo -u www-data php "$NC_PATH"/occ maintenance:install \ --database=pgsql \ --database-name="$NC_DB" \ --database-user="$NC_DB_USER" \ @@ -466,10 +466,10 @@ sudo -u www-data php $NC_PATH/occ maintenance:install \ echo " Apply custom mods... " -sed -i "/datadirectory/a \ \ \'skeletondirectory\' => \'\'," $NC_CONFIG -sed -i "/skeletondirectory/a \ \ \'simpleSignUpLink.shown\' => false," $NC_CONFIG -sed -i "/simpleSignUpLink.shown/a \ \ \'knowledgebaseenabled\' => false," $NC_CONFIG -sed -i "s|http://localhost|http://$NC_DOMAIN|" $NC_CONFIG +sed -i "/datadirectory/a \ \ \'skeletondirectory\' => \'\'," "$NC_CONFIG" +sed -i "/skeletondirectory/a \ \ \'simpleSignUpLink.shown\' => false," "$NC_CONFIG" +sed -i "/simpleSignUpLink.shown/a \ \ \'knowledgebaseenabled\' => false," "$NC_CONFIG" +sed -i "s|http://localhost|http://$NC_DOMAIN|" "$NC_CONFIG" echo "Add crontab..." crontab -u www-data -l | { cat; echo "*/5 * * * * php -f $NC_PATH/cron.php"; } | crontab -u www-data - @@ -477,54 +477,54 @@ crontab -u www-data -l | { cat; echo "*/5 * * * * php -f $NC_PATH/cron.php"; echo " Add memcache support... " -sed -i "s|# unixsocket .*|unixsocket /var/run/redis/redis.sock|g" $REDIS_CONF -sed -i "s|# unixsocketperm .*|unixsocketperm 777|g" $REDIS_CONF -sed -i "s|port 6379|port 0|" $REDIS_CONF +sed -i "s|# unixsocket .*|unixsocket /var/run/redis/redis.sock|g" "$REDIS_CONF" +sed -i "s|# unixsocketperm .*|unixsocketperm 777|g" "$REDIS_CONF" +sed -i "s|port 6379|port 0|" "$REDIS_CONF" systemctl restart redis-server echo "--> Setting config.php..." -if [ ! -z "$ISO3166_CODE" ]; then - sed -i "/);/i \ \ 'default_phone_region' => '$ISO3166_CODE'," $NC_CONFIG +if [ -n "$ISO3166_CODE" ]; then + sed -i "/);/i \ \ 'default_phone_region' => '$ISO3166_CODE'," "$NC_CONFIG" fi -sed -i "/);/i \ \ 'filelocking.enabled' => 'true'," $NC_CONFIG -sed -i "/);/i \ \ 'memcache.locking' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG -sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG -sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG -sed -i "/);/i \ \ 'memcache.distributed' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG -sed -i "/);/i \ \ 'redis' =>" $NC_CONFIG -sed -i "/);/i \ \ \ \ array (" $NC_CONFIG -sed -i "/);/i \ \ \ \ \ 'host' => '/var/run/redis/redis.sock'," $NC_CONFIG -sed -i "/);/i \ \ \ \ \ 'port' => 0," $NC_CONFIG -sed -i "/);/i \ \ \ \ \ 'timeout' => 0," $NC_CONFIG -sed -i "/);/i \ \ )," $NC_CONFIG +sed -i "/);/i \ \ 'filelocking.enabled' => 'true'," "$NC_CONFIG" +sed -i "/);/i \ \ 'memcache.locking' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG" +sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG" +sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG" +sed -i "/);/i \ \ 'memcache.distributed' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG" +sed -i "/);/i \ \ 'redis' =>" "$NC_CONFIG" +sed -i "/);/i \ \ \ \ array (" "$NC_CONFIG" +sed -i "/);/i \ \ \ \ \ 'host' => '/var/run/redis/redis.sock'," "$NC_CONFIG" +sed -i "/);/i \ \ \ \ \ 'port' => 0," "$NC_CONFIG" +sed -i "/);/i \ \ \ \ \ 'timeout' => 0," "$NC_CONFIG" +sed -i "/);/i \ \ )," "$NC_CONFIG" echo "Done " echo " Addding & Setting up Files External App for Local storage... " -sudo -u www-data php $NC_PATH/occ app:install files_external -sudo -u www-data php $NC_PATH/occ app:enable files_external -sudo -u www-data php $NC_PATH/occ app:disable support -sudo -u www-data php $NC_PATH/occ files_external:import /tmp/jra-nc-app-ef.json +sudo -u www-data php "$NC_PATH"/occ app:install files_external +sudo -u www-data php "$NC_PATH"/occ app:enable files_external +sudo -u www-data php "$NC_PATH"/occ app:disable support +sudo -u www-data php "$NC_PATH"/occ files_external:import /tmp/jra-nc-app-ef.json usermod -a -G jibri www-data -chmod -R 770 $DIR_RECORD -chmod -R g+s $DIR_RECORD +chmod -R 770 "$DIR_RECORD" +chmod -R g+s "$DIR_RECORD" echo " Fixing possible missing tables... " -echo "y"|sudo -u www-data php $NC_PATH/occ db:convert-filecache-bigint -sudo -u www-data php $NC_PATH/occ db:add-missing-indices -sudo -u www-data php $NC_PATH/occ db:add-missing-columns +echo "y"|sudo -u www-data php "$NC_PATH"/occ db:convert-filecache-bigint +sudo -u www-data php "$NC_PATH"/occ db:add-missing-indices +sudo -u www-data php "$NC_PATH"/occ db:add-missing-columns echo " Adding trusted domain... " -sudo -u www-data php $NC_PATH/occ config:system:set trusted_domains 0 --value=$NC_DOMAIN +sudo -u www-data php "$NC_PATH"/occ config:system:set trusted_domains 0 --value="$NC_DOMAIN" echo "Setting JRA domain on jitsi-updater.sh" -cd ~/quick-jibri-installer +cd ~/quick-jibri-installer || exit sed -i "s|NC_DOMAIN=.*|NC_DOMAIN=\"$NC_DOMAIN\"|" jitsi-updater.sh echo "Quick Nextcloud installation complete!" diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index dd077f7..f4b4c48 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -26,12 +26,12 @@ NGINX=$(dpkg-query -W -f='${Status}' nginx 2>/dev/null | grep -c "ok installed") DIST=$(lsb_release -sc) GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list" GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}') -PROSODY_REPO=$(apt-cache policy | awk '/prosody/{print$3}' | awk -F "/" 'NR==1{print$2}') +PROSODY_REPO="$(apt-cache policy | awk '/prosody/{print$3}' | awk -F "/" 'NR==1{print$2}')" PUBLIC_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)" -CR=`echo $'\n> '` +NL="$(echo -e '\n> ')" exit_ifinstalled() { -if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then +if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then echo " This instance already has $1 installed, exiting... Please try again on a clean system. @@ -53,11 +53,11 @@ rename_distro etiona bionic rename_distro nabia focal install_ifnot() { -if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then +if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then echo " $1 is installed, skipping..." else echo -e "\n---- Installing $1 ----" - apt-get -yq2 install $1 + apt-get -yq2 install "$1" fi } check_serv() { @@ -96,16 +96,16 @@ else #-----------------------------------------------------------------------" #Test tool if [ "$MODE" = "debug" ]; then - bash $PWD/tools/test-jibri-env.sh -m debug + bash "$PWD"/tools/test-jibri-env.sh -m debug else - bash $PWD/tools/test-jibri-env.sh + bash "$PWD"/tools/test-jibri-env.sh fi read -n 1 -s -r -p "Press any key to continue..."$'\n' fi } # sed limiters for add-jibri-node.sh variables var_dlim() { - grep -n $1 add-jibri-node.sh|head -n1|cut -d ":" -f1 + grep -n "$1" add-jibri-node.sh|head -n1|cut -d ":" -f1 } add_prosody_repo() { echo "Add Prosody repo" @@ -117,7 +117,7 @@ else fi } dpkg-compare() { -dpkg --compare-versions $(dpkg-query -f='${Version}' --show $1) $2 $3 +dpkg --compare-versions "$(dpkg-query -f='${Version}' --show "$1")" "$2" "$3" } wait_seconds() { secs=$(($1)) @@ -148,7 +148,7 @@ Wiki and documentation: https://github.com/switnet-ltd/quick-jibri-installer/wik read -n 1 -s -r -p "Press any key to continue..."$'\n' #Check if user is root -if ! [ $(id -u) = 0 ]; then +if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have sudo privileges!" exit 0 fi @@ -188,8 +188,8 @@ else CPU_MIN="Y" fi ### Test RAM size (8GB min) ### -mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+') -if [ ${mem_available} -lt 7700000 ]; then +mem_available="$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+')" +if [ "$mem_available" -lt 7700000 ]; then echo " Warning!: The system do not meet the minimum RAM requirements for Jibri to run. >> We recommend 8GB RAM for Jibri! @@ -209,7 +209,7 @@ else echo "Even when you can use the videoconferencing sessions, we advice to increase the resources in order to user Jibri." while [[ "$CONTINUE_LOW_RES" != "yes" && "$CONTINUE_LOW_RES" != "no" ]] do - read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_LOW_RES + read -p "> Do you want to continue?: (yes or no)$NL" -r CONTINUE_LOW_RES if [ "$CONTINUE_LOW_RES" = "no" ]; then echo "See you next time with more resources!..." exit @@ -240,7 +240,7 @@ So you can add a Jibri server on a instance with enough resources.\n" while [[ "$DISABLE_LOCAL_JIBRI" != "yes" && "$DISABLE_LOCAL_JIBRI" != "no" ]] do - read -p "> Do you want to disable local jibri service?: (yes or no)"$'\n' -r DISABLE_LOCAL_JIBRI + read -p "> Do you want to disable local jibri service?: (yes or no)$NL" -r DISABLE_LOCAL_JIBRI if [ "$DISABLE_LOCAL_JIBRI" = "no" ]; then echo -e "Please keep in mind that we might not support underpowered servers.\n" elif [ "$DISABLE_LOCAL_JIBRI" = "yes" ]; then @@ -254,10 +254,10 @@ echo "Checking system oriented purpose.... " apt-get -yq2 update SYSTEM_DE="$(apt-cache search "ubuntu-(desktop|mate-desktop)"|awk '{print$1}'|xargs|sed 's|$| trisquel triskel trisquel-mini|')" -SYSTEM_DE_ARRAY=( $SYSTEM_DE ) +SYSTEM_DE_ARRAY=( "$SYSTEM_DE" ) for de in "${SYSTEM_DE_ARRAY[@]}" do - if [ "$(dpkg-query -W -f='${Status}' $de 2>/dev/null | grep -c "ok installed")" == "1" ]; then + if [ "$(dpkg-query -W -f='${Status}' "$de" 2>/dev/null | grep -c "ok installed")" == "1" ]; then echo -e "\n > This instance has $de installed, exiting... \nPlease avoid using this installer on a desktop-user oriented GNU/Linux system. This is an unsupported use, as it will likely BREAK YOUR SYSTEM, so please don't." @@ -282,8 +282,8 @@ fi #Default to LE SSL? while [[ "$LE_SSL" != "yes" && "$LE_SSL" != "no" ]] do -read -p "> Do you plan to use Let's Encrypt SSL certs?: (yes or no)"$'\n' -r LE_SSL -if [ $LE_SSL = yes ]; then +read -p "> Do you plan to use Let's Encrypt SSL certs?: (yes or no)$NL" -r LE_SSL +if [ "$LE_SSL" = yes ]; then echo "We'll default to Let's Encrypt SSL certs." else echo "We'll let you choose later on for it. @@ -294,8 +294,8 @@ done if [ "$LE_SSL" = "yes" ]; then while [[ "$ANS_JD" != "yes" ]] do - read -p "> Please set your domain (or subdomain) here: (e.g.: jitsi.domain.com)"$'\n' -r JITSI_DOMAIN - read -p "> Did you mean?: $JITSI_DOMAIN (yes or no)"$'\n' -r ANS_JD + read -p "> Please set your domain (or subdomain) here: (e.g.: jitsi.domain.com)$NL" -r JITSI_DOMAIN + read -p "> Did you mean?: $JITSI_DOMAIN (yes or no)$NL" -r ANS_JD if [ "$ANS_JD" = "yes" ]; then echo "Alright, let's use $JITSI_DOMAIN." else @@ -303,13 +303,13 @@ if [ "$LE_SSL" = "yes" ]; then fi done #Simple DNS test - if [ "$PUBLIC_IP" = "$(dig -4 +short $JITSI_DOMAIN||awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then + if [ "$PUBLIC_IP" = "$(dig -4 +short "$JITSI_DOMAIN"||awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then echo "Server public IP & DNS record for $JITSI_DOMAIN seems to match, continuing... " else echo "Server public IP ($PUBLIC_IP) & DNS record for $JITSI_DOMAIN don't seem to match." echo " > Please check your dns records are applied and updated, otherwise components may fail." - read -p " > Do you want to continue?: (yes or no)"$'\n' -r DNS_CONTINUE + read -p " > Do you want to continue?: (yes or no)$NL" -r DNS_CONTINUE if [ "$DNS_CONTINUE" = "yes" ]; then echo " - We'll continue anyway..." else @@ -348,15 +348,15 @@ apt-get -y install \ fi echo "# Check and Install HWE kernel if possible..." -HWE_VIR_MOD=$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)") +HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)")" if [ "$HWE_VIR_MOD" = "1" ]; then apt-get -y install \ - linux-image-generic-hwe-$(lsb_release -sr) \ - linux-tools-generic-hwe-$(lsb_release -sr) + linux-image-generic-hwe-"$(lsb_release -sr)" \ + linux-tools-generic-hwe-"$(lsb_release -sr)" else apt-get -y install \ linux-image-generic \ - linux-modules-extra-$(uname -r) + linux-modules-extra-"$(uname -r)" fi check_serv @@ -373,7 +373,7 @@ fi apt-get -y install \ jitsi-meet \ jibri \ - openjdk-8-jre-headless + openjdk-11-jre-headless # Fix RAND_load_file error #https://github.com/openssl/openssl/issues/7754#issuecomment-444063355 @@ -409,7 +409,7 @@ if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then else echo "Installing Google Chrome Stable" wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - - echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee $GOOGL_REPO + echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO" fi apt-get -q2 update apt-get install -yq2 google-chrome-stable @@ -419,7 +419,7 @@ if [ -f /usr/local/bin/chromedriver ]; then echo "Chromedriver already installed." else echo "Installing Chromedriver" - wget -q https://chromedriver.storage.googleapis.com/$CHD_LTST/chromedriver_linux64.zip \ + wget -q https://chromedriver.storage.googleapis.com/"$CHD_LTST"/chromedriver_linux64.zip \ -O /tmp/chromedriver_linux64.zip unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/ chown root:root /usr/local/bin/chromedriver @@ -437,13 +437,13 @@ echo " Remove Chrome warning... " mkdir -p /etc/opt/chrome/policies/managed -echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > $GCMP_JSON +echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON" ## JMS system tune up if [ "$MODE" = "debug" ]; then - bash $PWD/mode/jms-stu.sh -m debug + bash "$PWD"/mode/jms-stu.sh -m debug else - bash $PWD/mode/jms-stu.sh + bash "$PWD"/mode/jms-stu.sh fi echo ' @@ -452,7 +452,7 @@ echo ' ######################################################################## ' # MEET / JIBRI SETUP -DOMAIN="$(find /etc/prosody/conf.d/ -name *.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" +DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf" JB_AUTH_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)" JB_REC_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)" @@ -463,7 +463,7 @@ MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js" JIBRI_CONF="/etc/jitsi/jibri/jibri.conf" JVB2_CONF="/etc/jitsi/videobridge/config" JVB2_SIP="/etc/jitsi/videobridge/sip-communicator.properties" -DIR_RECORD=/var/jbrecord +DIR_RECORD="/var/jbrecord" REC_DIR="/home/jibri/finalize_recording.sh" JB_NAME="Jibri Sessions" LE_RENEW_LOG="/var/log/letsencrypt/renew.log" @@ -480,10 +480,10 @@ FQDN_HOST="fqdn" JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf" # Rename hostname for jitsi server -while [[ "$FQDN_HOST" != "yes" && "$FQDN_HOST" != "no" && ! -z "$FQDN_HOST" ]] +while [[ "$FQDN_HOST" != "yes" && "$FQDN_HOST" != "no" && -n "$FQDN_HOST" ]] do echo -e "> Set $DOMAIN as a fqdn hostname?: (yes or no)\n" && \ - read -p "Leave empty to default to your current one ($(hostname -f)): "$'\n' FQDN_HOST + read -p "Leave empty to default to your current one ($(hostname -f)):$NL" -r FQDN_HOST if [ "$FQDN_HOST" = "yes" ]; then echo "$DOMAIN will be used as fqdn hostname, changes will show on reboot." hostnamectl set-hostname "${DOMAIN}" @@ -497,7 +497,7 @@ done if [ "$LE_SSL" = "yes" ]; then while [[ -z $SYSADMIN_EMAIL ]] do - read -p "Set sysadmin email (this is a mandatory field):"$'\n' -r SYSADMIN_EMAIL + read -p "Set sysadmin email (this is a mandatory field):$NL" -r SYSADMIN_EMAIL done fi #Language @@ -508,21 +508,21 @@ See here: https://github.com/jitsi/jitsi-meet/blob/master/lang/languages.json Jitsi Meet web interface will be set to use such language." -read -p "Please set your language (Press enter to default to 'en'):"$'\n' -r JB_LANG +read -p "Please set your language (Press enter to default to 'en'):$NL" -r JB_LANG echo -e "\nWe'll take a minute to localize some UI excerpts if you need.\n" #Participant echo -e "> Do you want to translate 'Participant' to your own language?" && \ -read -p "Leave empty to use the default one (English): "$'\n' L10N_PARTICIPANT +read -p "Leave empty to use the default one (English):$NL" -r L10N_PARTICIPANT #Me echo -e "\n> Do you want to translate 'me' to your own language? This must be a really small word to present one self. Some suggestions might be: yo (Spanish) | je (French) | ich (German)\n" && \ -read -p "Leave empty to use the default one (English): "$'\n' L10N_ME +read -p "Leave empty to use the default one (English):$NL" -r L10N_ME #Drop unsecure TLS while [[ "$DROP_TLS1" != "yes" && "$DROP_TLS1" != "no" ]] do - read -p "> Do you want to drop support for unsecure protocols TLSv1.0/1.1 now: (yes or no)"$'\n' -r DROP_TLS1 + read -p "> Do you want to drop support for unsecure protocols TLSv1.0/1.1 now: (yes or no)$NL" -r DROP_TLS1 if [ "$DROP_TLS1" = "no" ]; then echo "TLSv1.0/1.1 will remain." elif [ "$DROP_TLS1" = "yes" ]; then @@ -542,7 +542,7 @@ done #Brandless Mode while [[ "$ENABLE_BLESSM" != "yes" && "$ENABLE_BLESSM" != "no" ]] do - read -p "> Do you want to install customized \"brandless mode\"?: (yes or no)"$'\n' -r ENABLE_BLESSM + read -p "> Do you want to install customized \"brandless mode\"?: (yes or no)$NL" -r ENABLE_BLESSM if [ "$ENABLE_BLESSM" = "no" ]; then echo "Brandless mode won't be set." elif [ "$ENABLE_BLESSM" = "yes" ]; then @@ -552,7 +552,7 @@ done #Welcome Page while [[ "$ENABLE_WELCP" != "yes" && "$ENABLE_WELCP" != "no" ]] do - read -p "> Do you want to disable the Welcome page: (yes or no)"$'\n' -r ENABLE_WELCP + read -p "> Do you want to disable the Welcome page: (yes or no)$NL" -r ENABLE_WELCP if [ "$ENABLE_WELCP" = "yes" ]; then echo "Welcome page will be disabled." elif [ "$ENABLE_WELCP" = "no" ]; then @@ -562,7 +562,7 @@ done #Close page while [[ "$ENABLE_CLOCP" != "yes" && "$ENABLE_CLOCP" != "no" ]] do - read -p "> Do you want to enable the close page on room exit: (yes or no)"$'\n' -r ENABLE_CLOCP + read -p "> Do you want to enable the close page on room exit: (yes or no)$NL" -r ENABLE_CLOCP if [ "$ENABLE_CLOCP" = "yes" ]; then echo "Close page will be enabled." elif [ "$ENABLE_CLOCP" = "no" ]; then @@ -572,7 +572,7 @@ done #Enable static avatar while [[ "$ENABLE_SA" != "yes" && "$ENABLE_SA" != "no" ]] do - read -p "> (Legacy) Do you want to enable static avatar?: (yes or no)"$'\n' -r ENABLE_SA + read -p "> (Legacy) Do you want to enable static avatar?: (yes or no)$NL" -r ENABLE_SA if [ "$ENABLE_SA" = "no" ]; then echo "Static avatar won't be enabled" elif [ "$ENABLE_SA" = "yes" ]; then @@ -644,7 +644,7 @@ fi while [[ "$ENABLE_NC_ACCESS" != "yes" && "$ENABLE_NC_ACCESS" != "no" ]] do read -p "> Do you want to setup Jibri Records Access via Nextcloud: (yes or no) -( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )"$'\n' -r ENABLE_NC_ACCESS +( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )$NL" -r ENABLE_NC_ACCESS if [ "$ENABLE_NC_ACCESS" = "no" ]; then echo -e "-- JRA via Nextcloud won't be enabled.\n" elif [ "$ENABLE_NC_ACCESS" = "yes" ]; then @@ -652,15 +652,15 @@ do fi done #Jigasi -if [ "$(curl -s -o /dev/null -w "%{http_code}" $GC_SDK_REL_FILE )" == "404" ]; then +if [ "$(curl -s -o /dev/null -w "%{http_code}" "$GC_SDK_REL_FILE" )" == "404" ]; then echo "> Sorry Google SDK doesn't have support yet for $(lsb_release -sd), thus, Jigasi Transcript can't be enable. " -elif [ "$(curl -s -o /dev/null -w "%{http_code}" $GC_SDK_REL_FILE )" == "200" ]; then +elif [ "$(curl -s -o /dev/null -w "%{http_code}" "$GC_SDK_REL_FILE" )" == "200" ]; then while [[ "$ENABLE_TRANSCRIPT" != "yes" && "$ENABLE_TRANSCRIPT" != "no" ]] do read -p "> Do you want to setup Jigasi Transcription: (yes or no) -( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )"$'\n' -r ENABLE_TRANSCRIPT +( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )$NL" -r ENABLE_TRANSCRIPT if [ "$ENABLE_TRANSCRIPT" = "no" ]; then echo -e "-- Jigasi Transcription won't be enabled.\n" elif [ "$ENABLE_TRANSCRIPT" = "yes" ]; then @@ -675,7 +675,7 @@ fi while [[ "$ENABLE_GRAFANA_DSH" != "yes" && "$ENABLE_GRAFANA_DSH" != "no" ]] do read -p "> Do you want to setup Grafana Dashboard: (yes or no) -( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )"$'\n' -r ENABLE_GRAFANA_DSH +( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )$NL" -r ENABLE_GRAFANA_DSH if [ "$ENABLE_GRAFANA_DSH" = "no" ]; then echo -e "-- Grafana Dashboard won't be enabled.\n" elif [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then @@ -685,7 +685,7 @@ done #Docker Etherpad while [[ "$ENABLE_DOCKERPAD" != "yes" && "$ENABLE_DOCKERPAD" != "no" ]] do -read -p "> Do you want to setup Docker Etherpad: (yes or no)"$'\n' -r ENABLE_DOCKERPAD +read -p "> Do you want to setup Docker Etherpad: (yes or no)$NL" -r ENABLE_DOCKERPAD if [ "$ENABLE_DOCKERPAD" = "no" ]; then echo -e "-- Docker Etherpad won't be enabled.\n" elif [ "$ENABLE_DOCKERPAD" = "yes" ]; then @@ -701,17 +701,16 @@ echo ' JibriBrewery=JibriBrewery INT_CONF="/usr/share/jitsi-meet/interface_config.js" INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js" -WAN_IP=$(dig +short myip.opendns.com @resolver1.opendns.com) ssl_wa() { if [ "$LE_SSL" = "yes" ]; then - systemctl stop $1 - letsencrypt certonly --standalone --renew-by-default --agree-tos --email $5 -d $6 - sed -i "s|/etc/jitsi/meet/$3.crt|/etc/letsencrypt/live/$3/fullchain.pem|" $4 - sed -i "s|/etc/jitsi/meet/$3.key|/etc/letsencrypt/live/$3/privkey.pem|" $4 - systemctl restart $1 + systemctl stop "$1" + letsencrypt certonly --standalone --renew-by-default --agree-tos --email "$5" -d "$6" + sed -i "s|/etc/jitsi/meet/$3.crt|/etc/letsencrypt/live/$3/fullchain.pem|" "$4" + sed -i "s|/etc/jitsi/meet/$3.key|/etc/letsencrypt/live/$3/privkey.pem|" "$4" + systemctl restart "$1" #Add cron - if [ $(crontab -l|sed 's|#.*$||g'|grep -c 'weekly certbot renew') = 0 ];then + if [ "$(crontab -l|sed 's|#.*$||g'|grep -c 'weekly certbot renew')" = 0 ];then crontab -l | { cat; echo "@weekly certbot renew --${2} > $LE_RENEW_LOG 2>&1"; } | crontab - else echo "Crontab seems to be already in place, skipping." @@ -735,13 +734,13 @@ if [ "$LE_SSL" = "yes" ]; then echo -e "\nCertbot repository already on the system!\nChecking for updates...\n" apt-get -q2 update apt-get -yq2 dist-upgrade - elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "200" ]; then + elif [ "$(curl -s -o /dev/null -w "%{http_code}" "$CERTBOT_REL_FILE" )" == "200" ]; then echo -e "\nAdding cerbot (formerly letsencrypt) PPA repository for latest updates\n" echo "deb http://ppa.launchpad.net/certbot/certbot/ubuntu $DIST main" > /etc/apt/sources.list.d/certbot.list apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 75BCA694 apt-get -q2 update apt-get -yq2 dist-upgrade - elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "404" ]; then + elif [ "$(curl -s -o /dev/null -w "%{http_code}" "$CERTBOT_REL_FILE" )" == "404" ]; then echo -e "\nCertbot PPA is not available for $(lsb_release -sc) just yet, it won't be installed...\n" fi else @@ -773,9 +772,9 @@ sed -i "/shard.HOSTNAME/s|localhost|$DOMAIN|" /etc/jitsi/videobridge/sip-communi # Configure Jibri if [ "$ENABLE_SC" = "yes" ]; then - if [ ! -f $MOD_LIST_FILE ]; then + if [ ! -f "$MOD_LIST_FILE" ]; then echo -e "\n-> Adding external module to list prosody users...\n" - curl -s $MOD_LISTU > $MOD_LIST_FILE + curl -s "$MOD_LISTU" > "$MOD_LIST_FILE" echo -e "Now you can check registered users with:\nprosodyctl mod_listusers\n" else @@ -784,7 +783,7 @@ if [ "$ENABLE_SC" = "yes" ]; then fi #Enable jibri recording -cat << REC-JIBRI >> $PROSODY_FILE +cat << REC-JIBRI >> "$PROSODY_FILE" VirtualHost "recorder.$DOMAIN" modules_enabled = { @@ -795,71 +794,71 @@ VirtualHost "recorder.$DOMAIN" REC-JIBRI #Enable Jibri withelist -sed -i "s|-- muc_lobby_whitelist|muc_lobby_whitelist|" $PROSODY_FILE +sed -i "s|-- muc_lobby_whitelist|muc_lobby_whitelist|" "$PROSODY_FILE" #Fix Jibri conectivity issues -sed -i "s|c2s_require_encryption = .*|c2s_require_encryption = false|" $PROSODY_SYS +sed -i "s|c2s_require_encryption = .*|c2s_require_encryption = false|" "$PROSODY_SYS" sed -i "/c2s_require_encryption = false/a \\ \\ -consider_bosh_secure = true" $PROSODY_SYS +consider_bosh_secure = true" "$PROSODY_SYS" -if [ ! -z $L10N_PARTICIPANT ]; then +if [ -n "$L10N_PARTICIPANT" ]; then sed -i "s|PART_USER=.*|PART_USER=\"$L10N_PARTICIPANT\"|" jm-bm.sh fi -if [ ! -z $L10N_ME ]; then +if [ -n "$L10N_ME" ]; then sed -i "s|LOCAL_USER=.*|LOCAL_USER=\"$L10N_ME\"|" jm-bm.sh fi ### Prosody users -prosodyctl register jibri auth.$DOMAIN $JB_AUTH_PASS -prosodyctl register recorder recorder.$DOMAIN $JB_REC_PASS +prosodyctl register jibri auth."$DOMAIN" "$JB_AUTH_PASS" +prosodyctl register recorder recorder."$DOMAIN" "$JB_REC_PASS" ## JICOFO # /etc/jitsi/jicofo/sip-communicator.properties -cat << BREWERY >> $JICOFO_SIP +cat << BREWERY >> "$JICOFO_SIP" #org.jitsi.jicofo.auth.URL=XMPP:$DOMAIN #org.jitsi.jicofo.auth.URL=EXT_JWT:$DOMAIN -org.jitsi.jicofo.jibri.BREWERY=$JibriBrewery@internal.auth.$DOMAIN +org.jitsi.jicofo.jibri.BREWERY="$JibriBrewery"@internal.auth."$DOMAIN" org.jitsi.jicofo.jibri.PENDING_TIMEOUT=90 #org.jitsi.jicofo.auth.DISABLE_AUTOLOGIN=true BREWERY # Jibri tweaks for /etc/jitsi/meet/$DOMAIN-config.js -sed -i "s|conference.$DOMAIN|internal.auth.$DOMAIN|" $MEET_CONF -sed -i "s|// fileRecordingsEnabled: false,|fileRecordingsEnabled: true,| " $MEET_CONF +sed -i "s|conference.$DOMAIN|internal.auth.$DOMAIN|" "$MEET_CONF" +sed -i "s|// fileRecordingsEnabled: false,|fileRecordingsEnabled: true,| " "$MEET_CONF" sed -i "s|// liveStreamingEnabled: false,|liveStreamingEnabled: true,\\ \\ - hiddenDomain: \'recorder.$DOMAIN\',|" $MEET_CONF + hiddenDomain: \'recorder.$DOMAIN\',|" "$MEET_CONF" #Dropbox feature #if [ "$ENABLE_DB" = "yes" ]; then -#DB_STR=$(grep -n "dropbox:" $MEET_CONF | cut -d ":" -f1) +#DB_STR=$(grep -n "dropbox:" "$MEET_CONF" | cut -d ":" -f1) #DB_END=$((DB_STR + 10)) -#sed -i "$DB_STR,$DB_END{s|// dropbox: {|dropbox: {|}" $MEET_CONF -#sed -i "$DB_STR,$DB_END{s|// appKey: ''|appKey: \'$DB_CID\'|}" $MEET_CONF -#sed -i "$DB_STR,$DB_END{s|// },|},|}" $MEET_CONF +#sed -i "$DB_STR,$DB_END{s|// dropbox: {|dropbox: {|}" "$MEET_CONF" +#sed -i "$DB_STR,$DB_END{s|// appKey: ''|appKey: \'$DB_CID\'|}" "$MEET_CONF" +#sed -i "$DB_STR,$DB_END{s|// },|},|}" "$MEET_CONF" #fi #Setup main language -if [ -z $JB_LANG ] || [ "$JB_LANG" = "en" ]; then +if [ -z "$JB_LANG" ] || [ "$JB_LANG" = "en" ]; then echo "Leaving English (en) as default language..." - sed -i "s|// defaultLanguage: 'en',|defaultLanguage: 'en',|" $MEET_CONF + sed -i "s|// defaultLanguage: 'en',|defaultLanguage: 'en',|" "$MEET_CONF" else echo "Changing default language to: $JB_LANG" - sed -i "s|// defaultLanguage: 'en',|defaultLanguage: \'$JB_LANG\',|" $MEET_CONF + sed -i "s|// defaultLanguage: 'en',|defaultLanguage: \'$JB_LANG\',|" "$MEET_CONF" fi # Recording directory -if [ ! -d $DIR_RECORD ]; then - mkdir $DIR_RECORD +if [ ! -d "$DIR_RECORD" ]; then + mkdir "$DIR_RECORD" fi -chown -R jibri:jibri $DIR_RECORD +chown -R jibri:jibri "$DIR_RECORD" -cat << REC_DIR > $REC_DIR +cat << REC_DIR > "$REC_DIR" #!/bin/bash -RECORDINGS_DIR=$DIR_RECORD +RECORDINGS_DIR="$DIR_RECORD" echo "This is a dummy finalize script" > /tmp/finalize.out echo "The script was invoked with recordings directory $RECORDINGS_DIR." >> /tmp/finalize.out @@ -875,12 +874,12 @@ mv \$LJF_PATH \$NJF_PATH exit 0 REC_DIR -chown jibri:jibri $REC_DIR -chmod +x $REC_DIR +chown jibri:jibri "$REC_DIR" +chmod +x "$REC_DIR" ## New Jibri Config (2020) -mv $JIBRI_CONF ${JIBRI_CONF}-dpkg-file -cat << NEW_CONF > $JIBRI_CONF +mv "$JIBRI_CONF" ${JIBRI_CONF}-dpkg-file +cat << NEW_CONF > "$JIBRI_CONF" // New XMPP environment config. jibri { streaming { @@ -927,8 +926,8 @@ jibri { default-call-empty-timeout = 30 seconds } recording { - recordings-directory = $DIR_RECORD - finalize-script = $REC_DIR + recordings-directory = "$DIR_RECORD" + finalize-script = "$REC_DIR" } api { xmpp { @@ -993,14 +992,14 @@ jibri { NEW_CONF #Jibri xorg resolution -sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" $JIBRI_XORG_CONF +sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" "$JIBRI_XORG_CONF" #Create receiver user -useradd -m -g jibri $MJS_USER +useradd -m -g jibri "$MJS_USER" echo "$MJS_USER:$MJS_USER_PASS" | chpasswd #Create ssh key and restrict connections -sudo su $MJS_USER -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''" +sudo su "$MJS_USER" -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''" #Allow password authentication sed -i "s|PasswordAuthentication .*|PasswordAuthentication yes|" /etc/ssh/sshd_config systemctl restart sshd @@ -1022,7 +1021,7 @@ echo "Last file edition at: $(grep "LETS:" add-jibri-node.sh|head -n1|awk -F'LET #-- Setting variables for add-jvb2-node.sh g_conf_value() { - grep "$1" $JVB2_CONF|sed "s|$1||" + grep "$1" "$JVB2_CONF"|sed "s|$1||" } JVB_HOSTNAME=$(g_conf_value JVB_HOSTNAME=) JVB_HOST=$(g_conf_value JVB_HOST=) @@ -1032,7 +1031,7 @@ JVB_OPTS=$(g_conf_value JVB_OPTS=) JAVA_SYS_PROPS=$(g_conf_value JAVA_SYS_PROPS=) g_sip_value() { - grep "$1" $JVB2_SIP |cut -d "=" -f2 + grep "$1" "$JVB2_SIP" |cut -d "=" -f2 } DISABLE_AWS_HARVESTER=$(g_sip_value DISABLE_AWS_HARVESTER=) STUN_MAPPING_HARVESTER_ADDRESSES=$(g_sip_value STUN_MAPPING_HARVESTER_ADDRESSES=) @@ -1066,26 +1065,26 @@ sed -i "s|MJS_USER_PASS=.*|MJS_USER_PASS=\"$MJS_USER_PASS\"|" add-jvb2-node.sh ##-- #Tune webserver for Jitsi App control -if [ -f $WS_CONF ]; then - sed -i "/# ensure all static content can always be found first/i \\\n" $WS_CONF - sed -i "/# ensure all static content can always be found first/i \ \ \ \ location = \/external_api.min.js {" $WS_CONF - sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ alias \/usr\/share\/jitsi-meet\/libs\/external_api.min.js;" $WS_CONF - sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" $WS_CONF - sed -i "/# ensure all static content can always be found first/i \\\n" $WS_CONF +if [ -f "$WS_CONF" ]; then + sed -i "/# ensure all static content can always be found first/i \\\n" "$WS_CONF" + sed -i "/# ensure all static content can always be found first/i \ \ \ \ location = \/external_api.min.js {" "$WS_CONF" + sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ alias \/usr\/share\/jitsi-meet\/libs\/external_api.min.js;" "$WS_CONF" + sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" "$WS_CONF" + sed -i "/# ensure all static content can always be found first/i \\\n" "$WS_CONF" systemctl reload nginx else echo "No app configuration done to server file, please report to: -> https://github.com/switnet-ltd/quick-jibri-installer/issues" fi #Static avatar -if [ "$ENABLE_SA" = "yes" ] && [ -f $WS_CONF ]; then +if [ "$ENABLE_SA" = "yes" ] && [ -f "$WS_CONF" ]; then cp images/avatar2.png /usr/share/jitsi-meet/images/ - sed -i "/location \/external_api.min.js/i \ \ \ \ location \~ \^\/avatar\/\(.\*\)\\\.png {" $WS_CONF - sed -i "/location \/external_api.min.js/i \ \ \ \ \ \ \ \ alias /usr/share/jitsi-meet/images/avatar2.png;" $WS_CONF + sed -i "/location \/external_api.min.js/i \ \ \ \ location \~ \^\/avatar\/\(.\*\)\\\.png {" "$WS_CONF" + sed -i "/location \/external_api.min.js/i \ \ \ \ \ \ \ \ alias /usr/share/jitsi-meet/images/avatar2.png;" "$WS_CONF" sed -i "/location \/external_api.min.js/i \ \ \ \ }\\ -\ " $WS_CONF - sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'https://$DOMAIN/avatar/\'|" $INT_CONF - sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" $INT_CONF +\ " "$WS_CONF" + sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'https://$DOMAIN/avatar/\'|" "$INT_CONF" + sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" "$INT_CONF" fi #nginx -tlsv1/1.1 if [ "$DROP_TLS1" = "yes" ];then @@ -1102,34 +1101,34 @@ fi ###Setup secure rooms if [ "$ENABLE_SC" = "yes" ]; then - SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" $PROSODY_FILE | awk -F ':' 'NR==1{print$1}') + SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" "$PROSODY_FILE" | awk -F ':' 'NR==1{print$1}') SRP_END=$((SRP_STR + 10)) - sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"internal_hashed\"|}" $PROSODY_FILE - sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" $MEET_CONF + sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"internal_hashed\"|}" "$PROSODY_FILE" + sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" "$MEET_CONF" #Secure room initial user - read -p "Set username for secure room moderator: "$'\n' -r SEC_ROOM_USER - read -p "Secure room moderator password: "$'\n' -r SEC_ROOM_PASS - prosodyctl register $SEC_ROOM_USER $DOMAIN $SEC_ROOM_PASS + read -p "Set username for secure room moderator:$NL" -r SEC_ROOM_USER + read -p "Secure room moderator password:$NL" -r SEC_ROOM_PASS + prosodyctl register "$SEC_ROOM_USER" "$DOMAIN" "$SEC_ROOM_PASS" echo -e "\nSecure rooms are being enabled..." echo "You'll be able to login Secure Room chat with '${SEC_ROOM_USER}' \ or '${SEC_ROOM_USER}@${DOMAIN}' using the password you just entered. If you have issues with the password refer to your sysadmin." - sed -i "s|#org.jitsi.jicofo.auth.URL=XMPP:|org.jitsi.jicofo.auth.URL=XMPP:|" $JICOFO_SIP + sed -i "s|#org.jitsi.jicofo.auth.URL=XMPP:|org.jitsi.jicofo.auth.URL=XMPP:|" "$JICOFO_SIP" sed -i "s|SEC_ROOM=.*|SEC_ROOM=\"on\"|" jm-bm.sh fi ###JWT if [ "$ENABLE_JWT" = "yes" ]; then echo -e "\nJWT auth is being setup..." - bash $PWD/mode/jwt.sh + bash "$PWD"/mode/jwt.sh fi #Guest allow #Change back lobby - https://community.jitsi.org/t/64769/136 if [ "$ENABLE_SC" = "yes" ];then - cat << P_SR >> $PROSODY_FILE + cat << P_SR >> "$PROSODY_FILE" -- #Change back lobby - https://community.jitsi.org/t/64769/136 VirtualHost "guest.$DOMAIN" authentication = "anonymous" @@ -1147,51 +1146,51 @@ fi #====================== # Custom settings #Start with video muted by default -sed -i "s|// startWithVideoMuted: false,|startWithVideoMuted: true,|" $MEET_CONF +sed -i "s|// startWithVideoMuted: false,|startWithVideoMuted: true,|" "$MEET_CONF" #Start with audio muted but admin -sed -i "s|// startAudioMuted: 10,|startAudioMuted: 1,|" $MEET_CONF +sed -i "s|// startAudioMuted: 10,|startAudioMuted: 1,|" "$MEET_CONF" #Disable/enable welcome page if [ "$ENABLE_WELCP" = "yes" ]; then - sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: false,|" $MEET_CONF + sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: false,|" "$MEET_CONF" elif [ "$ENABLE_WELCP" = "no" ]; then - sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: true,|" $MEET_CONF + sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: true,|" "$MEET_CONF" fi #Enable close page if [ "$ENABLE_CLOCP" = "yes" ]; then - sed -i "s|.*enableClosePage:.*| enableClosePage: true,|" $MEET_CONF + sed -i "s|.*enableClosePage:.*| enableClosePage: true,|" "$MEET_CONF" elif [ "$ENABLE_CLOCP" = "no" ]; then - sed -i "s|.*enableClosePage:.*| enableClosePage: false,|" $MEET_CONF + sed -i "s|.*enableClosePage:.*| enableClosePage: false,|" "$MEET_CONF" fi #Add pre-join screen by default, since it improves YouTube autoplay capabilities #pre-join screen by itself don't require autorization by moderator, don't confuse with lobby which does. -sed -i "s|// prejoinPageEnabled:.*|prejoinPageEnabled: true,|" $MEET_CONF +sed -i "s|// prejoinPageEnabled:.*|prejoinPageEnabled: true,|" "$MEET_CONF" #Set HD resolution and widescreen format -sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" $MEET_CONF -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 720," $MEET_CONF -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" $MEET_CONF -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," $MEET_CONF -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" $MEET_CONF -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" $MEET_CONF -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 720," $MEET_CONF -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 720," $MEET_CONF -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" $MEET_CONF -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," $MEET_CONF -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" $MEET_CONF -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 1280," $MEET_CONF -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 1280," $MEET_CONF -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" $MEET_CONF -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" $MEET_CONF -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" $MEET_CONF -sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," $MEET_CONF -sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" $MEET_CONF +sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" "$MEET_CONF" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 720," "$MEET_CONF" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" "$MEET_CONF" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," "$MEET_CONF" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" "$MEET_CONF" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" "$MEET_CONF" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 720," "$MEET_CONF" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 720," "$MEET_CONF" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" "$MEET_CONF" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," "$MEET_CONF" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" "$MEET_CONF" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 1280," "$MEET_CONF" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 1280," "$MEET_CONF" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" "$MEET_CONF" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" "$MEET_CONF" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" "$MEET_CONF" +sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF" +sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF" #Check config file echo -e "\n# Checking $MEET_CONF file for errors\n" -CHECKJS=$(esvalidate $MEET_CONF| cut -d ":" -f2) +CHECKJS=$(esvalidate "$MEET_CONF"| cut -d ":" -f2) if [[ -z "$CHECKJS" ]]; then echo -e "\n# The $MEET_CONF configuration seems correct. =)\n" else @@ -1214,7 +1213,7 @@ if [ "$DISABLE_LOCAL_JIBRI" = "yes" ]; then systemctl disable jibri-xorg systemctl disable jibri-icewm # Manually apply permissions since finalize_recording.sh won't be triggered under this server options. - chmod -R 770 $DIR_RECORD + chmod -R 770 "$DIR_RECORD" fi enable_letsencrypt @@ -1225,7 +1224,7 @@ chmod -R 650 /etc/prosody/certs/ #SSL workaround if [ "$(dpkg-query -W -f='${Status}' nginx 2>/dev/null | grep -c "ok installed")" -eq 1 ]; then - ssl_wa nginx nginx $DOMAIN $WS_CONF $SYSADMIN_EMAIL $DOMAIN + ssl_wa nginx nginx "$DOMAIN" "$WS_CONF" "$SYSADMIN_EMAIL" "$DOMAIN" install_ifnot python3-certbot-nginx else echo "No webserver found please report." @@ -1234,19 +1233,19 @@ fi if [ "$ENABLE_BLESSM" = "yes" ]; then echo "Custom brandless mode will be enabled." sed -i "s|ENABLE_BLESSM=.*|ENABLE_BLESSM=\"on\"|" jitsi-updater.sh - bash $PWD/jm-bm.sh + bash "$PWD"/jm-bm.sh fi # Applying best practives for interface config.js echo -e "\n> Setting up custom interface_config.js according to best practices." cp "$INT_CONF" "$INT_CONF_ETC" #Tune webserver for interface_config.js -if [ -f $WS_CONF ]; then - sed -i "/external_api.js/i \\\n" $WS_CONF - sed -i "/external_api.js/i \ \ \ \ location = \/interface_config.js {" $WS_CONF - sed -i "/external_api.js/i \ \ \ \ \ \ \ \ alias \/etc\/jitsi\/meet\/$DOMAIN-interface_config.js;" $WS_CONF - sed -i "/external_api.js/i \ \ \ \ }" $WS_CONF - sed -i "/external_api.js/i \\\n" $WS_CONF +if [ -f "$WS_CONF" ]; then + sed -i "/external_api.js/i \\\n" "$WS_CONF" + sed -i "/external_api.js/i \ \ \ \ location = \/interface_config.js {" "$WS_CONF" + sed -i "/external_api.js/i \ \ \ \ \ \ \ \ alias \/etc\/jitsi\/meet\/$DOMAIN-interface_config.js;" "$WS_CONF" + sed -i "/external_api.js/i \ \ \ \ }" "$WS_CONF" + sed -i "/external_api.js/i \\\n" "$WS_CONF" systemctl reload nginx else echo "No interface_config.js configuration done to server file, please report to: @@ -1254,11 +1253,11 @@ else fi #JRA via Nextcloud if [ "$ENABLE_NC_ACCESS" = "yes" ]; then - echo -n "\nJRA via Nextcloud will be enabled." + echo -e "\nJRA via Nextcloud will be enabled." if [ "$MODE" = "debug" ]; then - bash $PWD/jra_nextcloud.sh -m debug + bash "$PWD"/jra_nextcloud.sh -m debug else - bash $PWD/jra_nextcloud.sh + bash "$PWD"/jra_nextcloud.sh fi fi } > >(tee -a qj-installer.log) 2> >(tee -a qj-installer.log >&2) @@ -1267,9 +1266,9 @@ if [ "$ENABLE_TRANSCRIPT" = "yes" ]; then echo -e "\nJigasi Transcription will be enabled." # ToDo: Analyze behavior on debug #if [ "$MODE" = "debug" ]; then - # bash $PWD/jigasi.sh -m debug + # bash "$PWD"/jigasi.sh -m debug #else - bash $PWD/jigasi.sh + bash "$PWD"/jigasi.sh #fi fi { @@ -1277,18 +1276,18 @@ fi if [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then echo -e "\nGrafana Dashboard will be enabled." if [ "$MODE" = "debug" ]; then - bash $PWD/grafana.sh -m debug + bash "$PWD"/grafana.sh -m debug else - bash $PWD/grafana.sh + bash "$PWD"/grafana.sh fi fi #Docker Etherpad if [ "$ENABLE_DOCKERPAD" = "yes" ]; then echo -e "\nDocker Etherpad will be enabled." if [ "$MODE" = "debug" ]; then - bash $PWD/etherpad-docker.sh -m debug + bash "$PWD"/etherpad-docker.sh -m debug else - bash $PWD/etherpad-docker.sh + bash "$PWD"/etherpad-docker.sh fi fi #Prevent JMS conecction issue From c00d8a9efdab602e42249ad4b9b0ce5bec5fa030 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Wed, 11 May 2022 23:56:14 -0500 Subject: [PATCH 11/39] Rename deprecated scripts folder --- deprecated/jigasi.sh | 307 +++++++++++++++++++++++++++++++++++++++++++ old/jigasi.sh | 90 ++++++------- 2 files changed, 352 insertions(+), 45 deletions(-) create mode 100644 deprecated/jigasi.sh diff --git a/deprecated/jigasi.sh b/deprecated/jigasi.sh new file mode 100644 index 0000000..ed5d7b1 --- /dev/null +++ b/deprecated/jigasi.sh @@ -0,0 +1,307 @@ +#!/bin/bash +# Quick Jigasi Installer - *buntu (LTS) based systems. +# SwITNet Ltd © - 2020, https://switnet.net/ +# GPLv3 or later. + +##################### Whistlist ####################### +# Saves final transcript in translated languages #130 - +# https://github.com/jitsi/jigasi/pull/130 +####################################################### + +#Check if user is root +if ! [ "$(id -u)" = 0 ]; then + echo "You need to be root or have sudo privileges!" + exit 0 +fi + +clear +echo ' +######################################################################## + Jigasi Transcript addon +######################################################################## + by Software, IT & Networks Ltd +' + +JIGASI_CONFIG="/etc/jitsi/jigasi/config" +GC_API_JSON="/opt/gc-sdk/GCTranscriptAPI.json" +DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" +MEET_CONF="/etc/jitsi/meet/${DOMAIN}-config.js" +JIG_SIP_CONF="/etc/jitsi/jigasi/config" +JIG_SIP_PROP="/etc/jitsi/jigasi/sip-communicator.properties" +JIC_SIP_PROP="/etc/jitsi/jicofo/sip-communicator.properties" +JIG_TRANSC_PASWD="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 8 | head -n1)" +JIG_TRANSC_PASWD_B64="$(echo -n "$JIG_TRANSC_PASWD" | base64)" +DIST="$(lsb_release -sc)" +CHECK_GC_REPO="$(apt-cache policy | grep http | grep cloud-sdk | head -n1 | awk '{print $3}' | awk -F '/' '{print $1}')" + +install_gc_repo() { +if [ "$CHECK_GC_REPO" = "cloud-sdk-$DIST" ]; then + echo " +Google Cloud SDK repository already on the system! +" +else + echo " +Adding Google Cloud SDK repository for latest updates +" + export CLOUD_SDK_REPO="cloud-sdk-$DIST" + echo "deb http://packages.cloud.google.com/apt $CLOUD_SDK_REPO main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list + curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - + +fi +} +install_gc_repo +apt-get -q2 update +apt-get -y install google-cloud-sdk google-cloud-sdk-app-engine-java + +echo "Please select one of the current options: +[1] I want to configure a new project, service account, billing and JSON credentials. +[2] I already have one project configured and already have a JSON key file from Google" +while [[ "$SETUP_TYPE" != "1" && "$SETUP_TYPE" != "2" ]] +do + read -p "What option suits your setup?: (1 or 2)"$'\n' -r SETUP_TYPE + if [ "$SETUP_TYPE" = "1" ]; then + echo "We'll setup a GC Projects from scratch" + elif [ "$SETUP_TYPE" = "2" ]; then + echo "We'll setup only the project and JSON key." + fi +done + +if [ "$SETUP_TYPE" = 1 ]; then +### Start of new project configuration - Google SDK +#Setup option 1 - Google Cloud SDK +echo "Once logged on Google Cloud SDK, please create a new project (last option)." +gcloud init +read -p "Enter the project name you just created for Jigasi Speech-to-Text"$'\n' -r GC_PROJECT_NAME +#Second login - Google Auth Library +echo "Login to Google Auth Library" +gcloud auth application-default login + +# Start Google Cloud Configuration - Application Service +GC_MEMBER=transcript +echo "Checking if project exist..." +PROJECT_GC_ID="$(gcloud projects list | grep "$GC_PROJECT_NAME" | awk '{print$3}')" +while [ -z "$PROJECT_GC_ID" ] +do +read -p "Enter the project name you just created for Jigasi Speech-to-Text"$'\n' -r GC_PROJECT_NAME +if [ -z "$PROJECT_GC_ID" ]; then + echo "Please check your project name," + echo "There is no project listed with the provided name: $GC_PROJECT_NAME" + PROJECT_GC_ID="$(gcloud projects list | grep "$GC_PROJECT_NAME" | awk '{print$3}')" + fi +done +echo "Your $GC_PROJECT_NAME ID's project is: $PROJECT_GC_ID" + +# Enable Speech2Text +echo "Important: Please enable billing on your project using the following URL: +https://console.developers.google.com/project/$PROJECT_GC_ID/settings" + +echo "Checking billing..." +CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" +while [[ $? -eq 1 ]] +do +CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" +if [[ $? -eq 1 ]]; then + echo "Seems you haven't enabled billing for this project: $GC_PROJECT_NAME" + echo " For that go to: https://console.developers.google.com/project/$PROJECT_GC_ID/settings + " + read -rp "Press Enter to continue" + CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" +fi +done +echo "Billing account seems setup, continuing..." + +gcloud iam service-accounts create "$GC_MEMBER" + +gcloud projects add-iam-policy-binding "$GC_PROJECT_NAME" \ + --member serviceAccount:"$GC_MEMBER"@"$GC_PROJECT_NAME".iam.gserviceaccount.com \ + --role roles/editor + +echo "Setup credentials:" +echo "Please go and download your valid json key at: +https://console.developers.google.com/apis/credentials?folder=&organizationId=&project=$GC_PROJECT_NAME" +### End of new project configuration - Google SDK +fi + +if [ "$SETUP_TYPE" = "2" ]; then +#Setup option 1 - Google Cloud SDK +echo "Once logged on Google Cloud SDK, please select the project that owns to the JSON key." +gcloud init +echo "Login to Google Auth Library" +gcloud auth application-default login +fi + +echo "Setting up JSON key file..." +sleep 2 +mkdir /opt/gc-sdk/ +cat << KEY_JSON > "$GC_API_JSON" +# +# Paste below this comment your GC JSON key for the service account: +# $GC_MEMBER@$GC_PROJECT_NAME.iam.gserviceaccount.com +# +# Visit the following URL and create a *Service Account Key*: +# https://console.developers.google.com/apis/credentials?folder=&organizationId=&project=$GC_PROJECT_NAME +# These comment lines will be deleted afterwards. +# +KEY_JSON +chmod 644 "$GC_API_JSON" +nano "$GC_API_JSON" +sed -i '/^#/d' "$GC_API_JSON" + +CHECK_JSON_KEY="$(cat "$GC_API_JSON" | python -m json.tool 2>/dev/null)" +while [[ $? -eq 1 ]] +do +CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)" +if [[ $? -eq 1 ]]; then + echo "Check again your JSON file, syntax doesn't seem right" + sleep 2 + nano $GC_API_JSON + CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)" +fi +done +echo " +Great, seems your JSON key syntax is fine. +" +sleep 2 + +export GOOGLE_APPLICATION_CREDENTIALS=$GC_API_JSON + +echo "Installing Jigasi, your SIP credentials will be asked. (mandatory)" +apt-get -y install jigasi +#apt-mark hold jigasi + +cat << JIGASI_CONF >> "$JIGASI_CONFIG" + +GOOGLE_APPLICATION_CREDENTIALS=$GC_API_JSON + +JIGASI_CONF + +echo "Your Google Cloud credentials are at $GC_API_JSON" + +echo "Setting up Jigasi transcript with current platform..." +#Connect callcontrol +sed -i "s|// call_control:|call_control:|" "$MEET_CONF" +sed -i "s|// transcribingEnabled|transcribingEnabled|" "$MEET_CONF" +sed -i "/transcribingEnabled/ s|false|true|" "$MEET_CONF" + +#siptest2siptest@domain.con +#changed from conference to internal.auth from jibri +sed -i "s|siptest|siptest@internal.auth.$DOMAIN|" "$JIG_SIP_PROP" + +#Disable component in favor of MUC +if [ "$(grep -c nocomponent "$JIG_SIP_CONF")" != 0 ]; then + echo "Jigasi component is already disabled." +else + echo "Disabling jigasi component in favor of MUC" + sed -i "s|JIGASI_OPTS=.*|JIGASI_OPTS=\"--nocomponent=true\"|" "$JIG_SIP_CONF" +fi + +#Setup XMPP +cat << ACC1_XMPP >> "$JIG_SIP_PROP" + +# XMPP account used for control +net.java.sip.communicator.impl.protocol.jabber.acc1=acc1 +net.java.sip.communicator.impl.protocol.jabber.acc1.ACCOUNT_UID=Jabber:jigasi@auth.$DOMAIN@$DOMAIN +net.java.sip.communicator.impl.protocol.jabber.acc1.USER_ID=jigasi@auth.$DOMAIN +net.java.sip.communicator.impl.protocol.jabber.acc1.IS_SERVER_OVERRIDDEN=true +net.java.sip.communicator.impl.protocol.jabber.acc1.SERVER_ADDRESS=$DOMAIN +net.java.sip.communicator.impl.protocol.jabber.acc1.SERVER_PORT=5222 +net.java.sip.communicator.impl.protocol.jabber.acc1.PASSWORD=$JIG_TRANSC_PASWD_B64 +net.java.sip.communicator.impl.protocol.jabber.acc1.AUTO_GENERATE_RESOURCE=true +net.java.sip.communicator.impl.protocol.jabber.acc1.RESOURCE_PRIORITY=30 +net.java.sip.communicator.impl.protocol.jabber.acc1.IS_CARBON_DISABLED=true +net.java.sip.communicator.impl.protocol.jabber.acc1.DEFAULT_ENCRYPTION=true +net.java.sip.communicator.impl.protocol.jabber.acc1.IS_USE_ICE=true +net.java.sip.communicator.impl.protocol.jabber.acc1.IS_ACCOUNT_DISABLED=false +net.java.sip.communicator.impl.protocol.jabber.acc1.IS_PREFERRED_PROTOCOL=false +net.java.sip.communicator.impl.protocol.jabber.acc1.AUTO_DISCOVER_JINGLE_NODES=false +net.java.sip.communicator.impl.protocol.jabber.acc1.PROTOCOL=Jabber +net.java.sip.communicator.impl.protocol.jabber.acc1.IS_USE_UPNP=false +net.java.sip.communicator.impl.protocol.jabber.acc1.USE_DEFAULT_STUN_SERVER=true +net.java.sip.communicator.impl.protocol.jabber.acc1.ENCRYPTION_PROTOCOL.DTLS-SRTP=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.ENCRYPTION_PROTOCOL_STATUS.DTLS-SRTP=true +net.java.sip.communicator.impl.protocol.jabber.acc1.VIDEO_CALLING_DISABLED=true +net.java.sip.communicator.impl.protocol.jabber.acc1.OVERRIDE_ENCODINGS=true +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.G722/8000=705 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.GSM/8000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.H263-1998/90000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.H264/90000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.PCMA/8000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.PCMU/8000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/12000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/16000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/24000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/8000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.VP8/90000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.iLBC/8000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.opus/48000=750 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.speex/16000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.speex/32000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.speex/8000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.telephone-event/8000=0 +net.java.sip.communicator.impl.protocol.jabber.acc1.BREWERY=JigasiBreweryRoom@internal.auth.$DOMAIN +net.java.sip.communicator.impl.protocol.jabber.acc1.DOMAIN_BASE=$DOMAIN + +org.jitsi.jigasi.MUC_SERVICE_ADDRESS=conference.$DOMAIN +org.jitsi.jigasi.BREWERY_ENABLED=true + +org.jitsi.jigasi.HEALTH_CHECK_SIP_URI="" +org.jitsi.jigasi.HEALTH_CHECK_INTERVAL=300000 +org.jitsi.jigasi.HEALTH_CHECK_TIMEOUT=600000 + +org.jitsi.jigasi.xmpp.acc.IS_SERVER_OVERRIDDEN=true +#org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=$DOMAIN + +org.jitsi.jigasi.xmpp.acc.VIDEO_CALLING_DISABLED=true +org.jitsi.jigasi.xmpp.acc.JINGLE_NODES_ENABLED=false +org.jitsi.jigasi.xmpp.acc.AUTO_DISCOVER_STUN=false +org.jitsi.jigasi.xmpp.acc.IM_DISABLED=true +org.jitsi.jigasi.xmpp.acc.SERVER_STORED_INFO_DISABLED=true +org.jitsi.jigasi.xmpp.acc.IS_FILE_TRANSFER_DISABLED=true + +org.jitsi.jigasi.xmpp.acc.USER_ID=jigasi@auth.$DOMAIN +org.jitsi.jigasi.xmpp.acc.PASS=$JIG_TRANSC_PASWD +org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false +org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true +ACC1_XMPP + +#Enable transcription config +sed -i "/ENABLE_TRANSCRIPTION/ s|#||" "$JIG_SIP_PROP" +sed -i "/ENABLE_TRANSCRIPTION/ s|false|true|" "$JIG_SIP_PROP" +sed -i "/ENABLE_SIP/ s|#||" "$JIG_SIP_PROP" +sed -i "/ENABLE_SIP/ s|true|false|" "$JIG_SIP_PROP" + +#Transcript format +sed -i "/SAVE_JSON/ s|# ||" "$JIG_SIP_PROP" +sed -i "/SEND_JSON/ s|# ||" "$JIG_SIP_PROP" +sed -i "/SAVE_TXT/ s|# ||" "$JIG_SIP_PROP" +sed -i "/SEND_TXT/ s|# ||" "$JIG_SIP_PROP" +#sed -i "/SEND_TXT/ s|false|true|" $JIG_SIP_PROP + +#Allow to connect other than same server only. +sed -i \ +"/xmpp.acc.SERVER_ADDRESS/ s|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=.*|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=$DOMAIN|" \ +"$JIG_SIP_PROP" + +#Remember to study how to use LE or what's needed #ToDo +sed -i "/ALWAYS_TRUST_MODE_ENABLED/ s|# ||" "$JIG_SIP_PROP" + +prosodyctl register jigasi auth."$DOMAIN" "$JIG_TRANSC_PASWD" + +#Set Brewery +cat << JIG_JIC >> "$JIC_SIP_PROP" +org.jitsi.jicofo.jigasi.BREWERY=JigasiBreweryRoom@internal.auth.$DOMAIN +JIG_JIC + +systemctl restart prosody \ + jicofo \ + jibri* \ + jitsi-videobridge2 + +echo " +Full transcript files are available at: +--> /var/lib/jigasi/transcripts/ +" + +echo " +Happy transcripting! +" diff --git a/old/jigasi.sh b/old/jigasi.sh index ee43517..ed5d7b1 100644 --- a/old/jigasi.sh +++ b/old/jigasi.sh @@ -9,7 +9,7 @@ ####################################################### #Check if user is root -if ! [ $(id -u) = 0 ]; then +if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have sudo privileges!" exit 0 fi @@ -22,17 +22,17 @@ echo ' by Software, IT & Networks Ltd ' -JIGASI_CONFIG=/etc/jitsi/jigasi/config -GC_API_JSON=/opt/gc-sdk/GCTranscriptAPI.json -DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++') -MEET_CONF=/etc/jitsi/meet/${DOMAIN}-config.js -JIG_SIP_CONF=/etc/jitsi/jigasi/config -JIG_SIP_PROP=/etc/jitsi/jigasi/sip-communicator.properties -JIC_SIP_PROP=/etc/jitsi/jicofo/sip-communicator.properties +JIGASI_CONFIG="/etc/jitsi/jigasi/config" +GC_API_JSON="/opt/gc-sdk/GCTranscriptAPI.json" +DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" +MEET_CONF="/etc/jitsi/meet/${DOMAIN}-config.js" +JIG_SIP_CONF="/etc/jitsi/jigasi/config" +JIG_SIP_PROP="/etc/jitsi/jigasi/sip-communicator.properties" +JIC_SIP_PROP="/etc/jitsi/jicofo/sip-communicator.properties" JIG_TRANSC_PASWD="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 8 | head -n1)" JIG_TRANSC_PASWD_B64="$(echo -n "$JIG_TRANSC_PASWD" | base64)" -DIST=$(lsb_release -sc) -CHECK_GC_REPO=$(apt-cache policy | grep http | grep cloud-sdk | head -n1 | awk '{print $3}' | awk -F '/' '{print $1}') +DIST="$(lsb_release -sc)" +CHECK_GC_REPO="$(apt-cache policy | grep http | grep cloud-sdk | head -n1 | awk '{print $3}' | awk -F '/' '{print $1}')" install_gc_repo() { if [ "$CHECK_GC_REPO" = "cloud-sdk-$DIST" ]; then @@ -66,7 +66,7 @@ do fi done -if [ $SETUP_TYPE = 1 ]; then +if [ "$SETUP_TYPE" = 1 ]; then ### Start of new project configuration - Google SDK #Setup option 1 - Google Cloud SDK echo "Once logged on Google Cloud SDK, please create a new project (last option)." @@ -79,14 +79,14 @@ gcloud auth application-default login # Start Google Cloud Configuration - Application Service GC_MEMBER=transcript echo "Checking if project exist..." -PROJECT_GC_ID=$(gcloud projects list | grep $GC_PROJECT_NAME | awk '{print$3}') -while [ -z $PROJECT_GC_ID ] +PROJECT_GC_ID="$(gcloud projects list | grep "$GC_PROJECT_NAME" | awk '{print$3}')" +while [ -z "$PROJECT_GC_ID" ] do read -p "Enter the project name you just created for Jigasi Speech-to-Text"$'\n' -r GC_PROJECT_NAME -if [ -z PROJECT_GC_ID ]; then +if [ -z "$PROJECT_GC_ID" ]; then echo "Please check your project name," echo "There is no project listed with the provided name: $GC_PROJECT_NAME" - PROJECT_GC_ID=$(gcloud projects list | grep $GC_PROJECT_NAME | awk '{print$3}') + PROJECT_GC_ID="$(gcloud projects list | grep "$GC_PROJECT_NAME" | awk '{print$3}')" fi done echo "Your $GC_PROJECT_NAME ID's project is: $PROJECT_GC_ID" @@ -102,18 +102,18 @@ do CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" if [[ $? -eq 1 ]]; then echo "Seems you haven't enabled billing for this project: $GC_PROJECT_NAME" - exho " For that go to: https://console.developers.google.com/project/$PROJECT_GC_ID/settings + echo " For that go to: https://console.developers.google.com/project/$PROJECT_GC_ID/settings " - read -p "Press Enter to continue" + read -rp "Press Enter to continue" CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" fi done echo "Billing account seems setup, continuing..." -gcloud iam service-accounts create $GC_MEMBER +gcloud iam service-accounts create "$GC_MEMBER" -gcloud projects add-iam-policy-binding $GC_PROJECT_NAME \ - --member serviceAccount:$GC_MEMBER@$GC_PROJECT_NAME.iam.gserviceaccount.com \ +gcloud projects add-iam-policy-binding "$GC_PROJECT_NAME" \ + --member serviceAccount:"$GC_MEMBER"@"$GC_PROJECT_NAME".iam.gserviceaccount.com \ --role roles/editor echo "Setup credentials:" @@ -133,7 +133,7 @@ fi echo "Setting up JSON key file..." sleep 2 mkdir /opt/gc-sdk/ -cat << KEY_JSON > $GC_API_JSON +cat << KEY_JSON > "$GC_API_JSON" # # Paste below this comment your GC JSON key for the service account: # $GC_MEMBER@$GC_PROJECT_NAME.iam.gserviceaccount.com @@ -143,11 +143,11 @@ cat << KEY_JSON > $GC_API_JSON # These comment lines will be deleted afterwards. # KEY_JSON -chmod 644 $GC_API_JSON -nano $GC_API_JSON -sed -i '/^#/d' $GC_API_JSON +chmod 644 "$GC_API_JSON" +nano "$GC_API_JSON" +sed -i '/^#/d' "$GC_API_JSON" -CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)" +CHECK_JSON_KEY="$(cat "$GC_API_JSON" | python -m json.tool 2>/dev/null)" while [[ $? -eq 1 ]] do CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)" @@ -169,7 +169,7 @@ echo "Installing Jigasi, your SIP credentials will be asked. (mandatory)" apt-get -y install jigasi #apt-mark hold jigasi -cat << JIGASI_CONF >> $JIGASI_CONFIG +cat << JIGASI_CONF >> "$JIGASI_CONFIG" GOOGLE_APPLICATION_CREDENTIALS=$GC_API_JSON @@ -179,24 +179,24 @@ echo "Your Google Cloud credentials are at $GC_API_JSON" echo "Setting up Jigasi transcript with current platform..." #Connect callcontrol -sed -i "s|// call_control:|call_control:|" $MEET_CONF -sed -i "s|// transcribingEnabled|transcribingEnabled|" $MEET_CONF -sed -i "/transcribingEnabled/ s|false|true|" $MEET_CONF +sed -i "s|// call_control:|call_control:|" "$MEET_CONF" +sed -i "s|// transcribingEnabled|transcribingEnabled|" "$MEET_CONF" +sed -i "/transcribingEnabled/ s|false|true|" "$MEET_CONF" #siptest2siptest@domain.con #changed from conference to internal.auth from jibri -sed -i "s|siptest|siptest@internal.auth.$DOMAIN|" $JIG_SIP_PROP +sed -i "s|siptest|siptest@internal.auth.$DOMAIN|" "$JIG_SIP_PROP" #Disable component in favor of MUC -if [ $(grep -c nocomponent $JIG_SIP_CONF) != 0 ]; then +if [ "$(grep -c nocomponent "$JIG_SIP_CONF")" != 0 ]; then echo "Jigasi component is already disabled." else echo "Disabling jigasi component in favor of MUC" - sed -i "s|JIGASI_OPTS=.*|JIGASI_OPTS=\"--nocomponent=true\"|" $JIG_SIP_CONF + sed -i "s|JIGASI_OPTS=.*|JIGASI_OPTS=\"--nocomponent=true\"|" "$JIG_SIP_CONF" fi #Setup XMPP -cat << ACC1_XMPP >> $JIG_SIP_PROP +cat << ACC1_XMPP >> "$JIG_SIP_PROP" # XMPP account used for control net.java.sip.communicator.impl.protocol.jabber.acc1=acc1 @@ -265,30 +265,30 @@ org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true ACC1_XMPP #Enable transcription config -sed -i "/ENABLE_TRANSCRIPTION/ s|#||" $JIG_SIP_PROP -sed -i "/ENABLE_TRANSCRIPTION/ s|false|true|" $JIG_SIP_PROP -sed -i "/ENABLE_SIP/ s|#||" $JIG_SIP_PROP -sed -i "/ENABLE_SIP/ s|true|false|" $JIG_SIP_PROP +sed -i "/ENABLE_TRANSCRIPTION/ s|#||" "$JIG_SIP_PROP" +sed -i "/ENABLE_TRANSCRIPTION/ s|false|true|" "$JIG_SIP_PROP" +sed -i "/ENABLE_SIP/ s|#||" "$JIG_SIP_PROP" +sed -i "/ENABLE_SIP/ s|true|false|" "$JIG_SIP_PROP" #Transcript format -sed -i "/SAVE_JSON/ s|# ||" $JIG_SIP_PROP -sed -i "/SEND_JSON/ s|# ||" $JIG_SIP_PROP -sed -i "/SAVE_TXT/ s|# ||" $JIG_SIP_PROP -sed -i "/SEND_TXT/ s|# ||" $JIG_SIP_PROP +sed -i "/SAVE_JSON/ s|# ||" "$JIG_SIP_PROP" +sed -i "/SEND_JSON/ s|# ||" "$JIG_SIP_PROP" +sed -i "/SAVE_TXT/ s|# ||" "$JIG_SIP_PROP" +sed -i "/SEND_TXT/ s|# ||" "$JIG_SIP_PROP" #sed -i "/SEND_TXT/ s|false|true|" $JIG_SIP_PROP #Allow to connect other than same server only. sed -i \ "/xmpp.acc.SERVER_ADDRESS/ s|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=.*|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=$DOMAIN|" \ -$JIG_SIP_PROP +"$JIG_SIP_PROP" #Remember to study how to use LE or what's needed #ToDo -sed -i "/ALWAYS_TRUST_MODE_ENABLED/ s|# ||" $JIG_SIP_PROP +sed -i "/ALWAYS_TRUST_MODE_ENABLED/ s|# ||" "$JIG_SIP_PROP" -prosodyctl register jigasi auth.$DOMAIN $JIG_TRANSC_PASWD +prosodyctl register jigasi auth."$DOMAIN" "$JIG_TRANSC_PASWD" #Set Brewery -cat << JIG_JIC >> $JIC_SIP_PROP +cat << JIG_JIC >> "$JIC_SIP_PROP" org.jitsi.jicofo.jigasi.BREWERY=JigasiBreweryRoom@internal.auth.$DOMAIN JIG_JIC From 7123e5d2181f2f407faed22052ca2990113d0e53 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Wed, 11 May 2022 23:57:35 -0500 Subject: [PATCH 12/39] Remove old --- old/jigasi.sh | 307 -------------------------------------------------- 1 file changed, 307 deletions(-) delete mode 100644 old/jigasi.sh diff --git a/old/jigasi.sh b/old/jigasi.sh deleted file mode 100644 index ed5d7b1..0000000 --- a/old/jigasi.sh +++ /dev/null @@ -1,307 +0,0 @@ -#!/bin/bash -# Quick Jigasi Installer - *buntu (LTS) based systems. -# SwITNet Ltd © - 2020, https://switnet.net/ -# GPLv3 or later. - -##################### Whistlist ####################### -# Saves final transcript in translated languages #130 - -# https://github.com/jitsi/jigasi/pull/130 -####################################################### - -#Check if user is root -if ! [ "$(id -u)" = 0 ]; then - echo "You need to be root or have sudo privileges!" - exit 0 -fi - -clear -echo ' -######################################################################## - Jigasi Transcript addon -######################################################################## - by Software, IT & Networks Ltd -' - -JIGASI_CONFIG="/etc/jitsi/jigasi/config" -GC_API_JSON="/opt/gc-sdk/GCTranscriptAPI.json" -DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" -MEET_CONF="/etc/jitsi/meet/${DOMAIN}-config.js" -JIG_SIP_CONF="/etc/jitsi/jigasi/config" -JIG_SIP_PROP="/etc/jitsi/jigasi/sip-communicator.properties" -JIC_SIP_PROP="/etc/jitsi/jicofo/sip-communicator.properties" -JIG_TRANSC_PASWD="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 8 | head -n1)" -JIG_TRANSC_PASWD_B64="$(echo -n "$JIG_TRANSC_PASWD" | base64)" -DIST="$(lsb_release -sc)" -CHECK_GC_REPO="$(apt-cache policy | grep http | grep cloud-sdk | head -n1 | awk '{print $3}' | awk -F '/' '{print $1}')" - -install_gc_repo() { -if [ "$CHECK_GC_REPO" = "cloud-sdk-$DIST" ]; then - echo " -Google Cloud SDK repository already on the system! -" -else - echo " -Adding Google Cloud SDK repository for latest updates -" - export CLOUD_SDK_REPO="cloud-sdk-$DIST" - echo "deb http://packages.cloud.google.com/apt $CLOUD_SDK_REPO main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list - curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - - -fi -} -install_gc_repo -apt-get -q2 update -apt-get -y install google-cloud-sdk google-cloud-sdk-app-engine-java - -echo "Please select one of the current options: -[1] I want to configure a new project, service account, billing and JSON credentials. -[2] I already have one project configured and already have a JSON key file from Google" -while [[ "$SETUP_TYPE" != "1" && "$SETUP_TYPE" != "2" ]] -do - read -p "What option suits your setup?: (1 or 2)"$'\n' -r SETUP_TYPE - if [ "$SETUP_TYPE" = "1" ]; then - echo "We'll setup a GC Projects from scratch" - elif [ "$SETUP_TYPE" = "2" ]; then - echo "We'll setup only the project and JSON key." - fi -done - -if [ "$SETUP_TYPE" = 1 ]; then -### Start of new project configuration - Google SDK -#Setup option 1 - Google Cloud SDK -echo "Once logged on Google Cloud SDK, please create a new project (last option)." -gcloud init -read -p "Enter the project name you just created for Jigasi Speech-to-Text"$'\n' -r GC_PROJECT_NAME -#Second login - Google Auth Library -echo "Login to Google Auth Library" -gcloud auth application-default login - -# Start Google Cloud Configuration - Application Service -GC_MEMBER=transcript -echo "Checking if project exist..." -PROJECT_GC_ID="$(gcloud projects list | grep "$GC_PROJECT_NAME" | awk '{print$3}')" -while [ -z "$PROJECT_GC_ID" ] -do -read -p "Enter the project name you just created for Jigasi Speech-to-Text"$'\n' -r GC_PROJECT_NAME -if [ -z "$PROJECT_GC_ID" ]; then - echo "Please check your project name," - echo "There is no project listed with the provided name: $GC_PROJECT_NAME" - PROJECT_GC_ID="$(gcloud projects list | grep "$GC_PROJECT_NAME" | awk '{print$3}')" - fi -done -echo "Your $GC_PROJECT_NAME ID's project is: $PROJECT_GC_ID" - -# Enable Speech2Text -echo "Important: Please enable billing on your project using the following URL: -https://console.developers.google.com/project/$PROJECT_GC_ID/settings" - -echo "Checking billing..." -CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" -while [[ $? -eq 1 ]] -do -CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" -if [[ $? -eq 1 ]]; then - echo "Seems you haven't enabled billing for this project: $GC_PROJECT_NAME" - echo " For that go to: https://console.developers.google.com/project/$PROJECT_GC_ID/settings - " - read -rp "Press Enter to continue" - CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" -fi -done -echo "Billing account seems setup, continuing..." - -gcloud iam service-accounts create "$GC_MEMBER" - -gcloud projects add-iam-policy-binding "$GC_PROJECT_NAME" \ - --member serviceAccount:"$GC_MEMBER"@"$GC_PROJECT_NAME".iam.gserviceaccount.com \ - --role roles/editor - -echo "Setup credentials:" -echo "Please go and download your valid json key at: -https://console.developers.google.com/apis/credentials?folder=&organizationId=&project=$GC_PROJECT_NAME" -### End of new project configuration - Google SDK -fi - -if [ "$SETUP_TYPE" = "2" ]; then -#Setup option 1 - Google Cloud SDK -echo "Once logged on Google Cloud SDK, please select the project that owns to the JSON key." -gcloud init -echo "Login to Google Auth Library" -gcloud auth application-default login -fi - -echo "Setting up JSON key file..." -sleep 2 -mkdir /opt/gc-sdk/ -cat << KEY_JSON > "$GC_API_JSON" -# -# Paste below this comment your GC JSON key for the service account: -# $GC_MEMBER@$GC_PROJECT_NAME.iam.gserviceaccount.com -# -# Visit the following URL and create a *Service Account Key*: -# https://console.developers.google.com/apis/credentials?folder=&organizationId=&project=$GC_PROJECT_NAME -# These comment lines will be deleted afterwards. -# -KEY_JSON -chmod 644 "$GC_API_JSON" -nano "$GC_API_JSON" -sed -i '/^#/d' "$GC_API_JSON" - -CHECK_JSON_KEY="$(cat "$GC_API_JSON" | python -m json.tool 2>/dev/null)" -while [[ $? -eq 1 ]] -do -CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)" -if [[ $? -eq 1 ]]; then - echo "Check again your JSON file, syntax doesn't seem right" - sleep 2 - nano $GC_API_JSON - CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)" -fi -done -echo " -Great, seems your JSON key syntax is fine. -" -sleep 2 - -export GOOGLE_APPLICATION_CREDENTIALS=$GC_API_JSON - -echo "Installing Jigasi, your SIP credentials will be asked. (mandatory)" -apt-get -y install jigasi -#apt-mark hold jigasi - -cat << JIGASI_CONF >> "$JIGASI_CONFIG" - -GOOGLE_APPLICATION_CREDENTIALS=$GC_API_JSON - -JIGASI_CONF - -echo "Your Google Cloud credentials are at $GC_API_JSON" - -echo "Setting up Jigasi transcript with current platform..." -#Connect callcontrol -sed -i "s|// call_control:|call_control:|" "$MEET_CONF" -sed -i "s|// transcribingEnabled|transcribingEnabled|" "$MEET_CONF" -sed -i "/transcribingEnabled/ s|false|true|" "$MEET_CONF" - -#siptest2siptest@domain.con -#changed from conference to internal.auth from jibri -sed -i "s|siptest|siptest@internal.auth.$DOMAIN|" "$JIG_SIP_PROP" - -#Disable component in favor of MUC -if [ "$(grep -c nocomponent "$JIG_SIP_CONF")" != 0 ]; then - echo "Jigasi component is already disabled." -else - echo "Disabling jigasi component in favor of MUC" - sed -i "s|JIGASI_OPTS=.*|JIGASI_OPTS=\"--nocomponent=true\"|" "$JIG_SIP_CONF" -fi - -#Setup XMPP -cat << ACC1_XMPP >> "$JIG_SIP_PROP" - -# XMPP account used for control -net.java.sip.communicator.impl.protocol.jabber.acc1=acc1 -net.java.sip.communicator.impl.protocol.jabber.acc1.ACCOUNT_UID=Jabber:jigasi@auth.$DOMAIN@$DOMAIN -net.java.sip.communicator.impl.protocol.jabber.acc1.USER_ID=jigasi@auth.$DOMAIN -net.java.sip.communicator.impl.protocol.jabber.acc1.IS_SERVER_OVERRIDDEN=true -net.java.sip.communicator.impl.protocol.jabber.acc1.SERVER_ADDRESS=$DOMAIN -net.java.sip.communicator.impl.protocol.jabber.acc1.SERVER_PORT=5222 -net.java.sip.communicator.impl.protocol.jabber.acc1.PASSWORD=$JIG_TRANSC_PASWD_B64 -net.java.sip.communicator.impl.protocol.jabber.acc1.AUTO_GENERATE_RESOURCE=true -net.java.sip.communicator.impl.protocol.jabber.acc1.RESOURCE_PRIORITY=30 -net.java.sip.communicator.impl.protocol.jabber.acc1.IS_CARBON_DISABLED=true -net.java.sip.communicator.impl.protocol.jabber.acc1.DEFAULT_ENCRYPTION=true -net.java.sip.communicator.impl.protocol.jabber.acc1.IS_USE_ICE=true -net.java.sip.communicator.impl.protocol.jabber.acc1.IS_ACCOUNT_DISABLED=false -net.java.sip.communicator.impl.protocol.jabber.acc1.IS_PREFERRED_PROTOCOL=false -net.java.sip.communicator.impl.protocol.jabber.acc1.AUTO_DISCOVER_JINGLE_NODES=false -net.java.sip.communicator.impl.protocol.jabber.acc1.PROTOCOL=Jabber -net.java.sip.communicator.impl.protocol.jabber.acc1.IS_USE_UPNP=false -net.java.sip.communicator.impl.protocol.jabber.acc1.USE_DEFAULT_STUN_SERVER=true -net.java.sip.communicator.impl.protocol.jabber.acc1.ENCRYPTION_PROTOCOL.DTLS-SRTP=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.ENCRYPTION_PROTOCOL_STATUS.DTLS-SRTP=true -net.java.sip.communicator.impl.protocol.jabber.acc1.VIDEO_CALLING_DISABLED=true -net.java.sip.communicator.impl.protocol.jabber.acc1.OVERRIDE_ENCODINGS=true -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.G722/8000=705 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.GSM/8000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.H263-1998/90000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.H264/90000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.PCMA/8000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.PCMU/8000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/12000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/16000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/24000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/8000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.VP8/90000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.iLBC/8000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.opus/48000=750 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.speex/16000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.speex/32000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.speex/8000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.telephone-event/8000=0 -net.java.sip.communicator.impl.protocol.jabber.acc1.BREWERY=JigasiBreweryRoom@internal.auth.$DOMAIN -net.java.sip.communicator.impl.protocol.jabber.acc1.DOMAIN_BASE=$DOMAIN - -org.jitsi.jigasi.MUC_SERVICE_ADDRESS=conference.$DOMAIN -org.jitsi.jigasi.BREWERY_ENABLED=true - -org.jitsi.jigasi.HEALTH_CHECK_SIP_URI="" -org.jitsi.jigasi.HEALTH_CHECK_INTERVAL=300000 -org.jitsi.jigasi.HEALTH_CHECK_TIMEOUT=600000 - -org.jitsi.jigasi.xmpp.acc.IS_SERVER_OVERRIDDEN=true -#org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=$DOMAIN - -org.jitsi.jigasi.xmpp.acc.VIDEO_CALLING_DISABLED=true -org.jitsi.jigasi.xmpp.acc.JINGLE_NODES_ENABLED=false -org.jitsi.jigasi.xmpp.acc.AUTO_DISCOVER_STUN=false -org.jitsi.jigasi.xmpp.acc.IM_DISABLED=true -org.jitsi.jigasi.xmpp.acc.SERVER_STORED_INFO_DISABLED=true -org.jitsi.jigasi.xmpp.acc.IS_FILE_TRANSFER_DISABLED=true - -org.jitsi.jigasi.xmpp.acc.USER_ID=jigasi@auth.$DOMAIN -org.jitsi.jigasi.xmpp.acc.PASS=$JIG_TRANSC_PASWD -org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false -org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true -ACC1_XMPP - -#Enable transcription config -sed -i "/ENABLE_TRANSCRIPTION/ s|#||" "$JIG_SIP_PROP" -sed -i "/ENABLE_TRANSCRIPTION/ s|false|true|" "$JIG_SIP_PROP" -sed -i "/ENABLE_SIP/ s|#||" "$JIG_SIP_PROP" -sed -i "/ENABLE_SIP/ s|true|false|" "$JIG_SIP_PROP" - -#Transcript format -sed -i "/SAVE_JSON/ s|# ||" "$JIG_SIP_PROP" -sed -i "/SEND_JSON/ s|# ||" "$JIG_SIP_PROP" -sed -i "/SAVE_TXT/ s|# ||" "$JIG_SIP_PROP" -sed -i "/SEND_TXT/ s|# ||" "$JIG_SIP_PROP" -#sed -i "/SEND_TXT/ s|false|true|" $JIG_SIP_PROP - -#Allow to connect other than same server only. -sed -i \ -"/xmpp.acc.SERVER_ADDRESS/ s|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=.*|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=$DOMAIN|" \ -"$JIG_SIP_PROP" - -#Remember to study how to use LE or what's needed #ToDo -sed -i "/ALWAYS_TRUST_MODE_ENABLED/ s|# ||" "$JIG_SIP_PROP" - -prosodyctl register jigasi auth."$DOMAIN" "$JIG_TRANSC_PASWD" - -#Set Brewery -cat << JIG_JIC >> "$JIC_SIP_PROP" -org.jitsi.jicofo.jigasi.BREWERY=JigasiBreweryRoom@internal.auth.$DOMAIN -JIG_JIC - -systemctl restart prosody \ - jicofo \ - jibri* \ - jitsi-videobridge2 - -echo " -Full transcript files are available at: ---> /var/lib/jigasi/transcripts/ -" - -echo " -Happy transcripting! -" From 6eab2c63fd98e5d479be242f165c5642b5fac481 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Thu, 12 May 2022 04:12:13 -0500 Subject: [PATCH 13/39] Change jdk version to 11 --- mode/grid/selenium-grid-docker.sh | 2 +- tools/jibri-resolution-enhancer.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/mode/grid/selenium-grid-docker.sh b/mode/grid/selenium-grid-docker.sh index b73cb84..70fe75f 100644 --- a/mode/grid/selenium-grid-docker.sh +++ b/mode/grid/selenium-grid-docker.sh @@ -30,7 +30,7 @@ apt-get install -y \ wget \ unzip \ maven \ - openjdk-8-jdk + openjdk-11-jdk # Docker curl -fsSL https://get.docker.com -o get-docker.sh sh get-docker.sh diff --git a/tools/jibri-resolution-enhancer.sh b/tools/jibri-resolution-enhancer.sh index f7e27bd..24eb78c 100644 --- a/tools/jibri-resolution-enhancer.sh +++ b/tools/jibri-resolution-enhancer.sh @@ -63,7 +63,7 @@ fi apt-get -y install devscripts \ git \ maven \ - openjdk-8-jdk + openjdk-11-jdk #Build repository git clone https://github.com/jitsi/jibri "$JIBRI_ENH_PATH" From bb27ee3b6587b43936262ffc4a88579b71a5ad65 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 20 May 2022 05:48:03 -0500 Subject: [PATCH 14/39] Make warning visible. --- tools/aws-grub-setup.sh | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/tools/aws-grub-setup.sh b/tools/aws-grub-setup.sh index 14c2c24..c5bf73b 100644 --- a/tools/aws-grub-setup.sh +++ b/tools/aws-grub-setup.sh @@ -3,12 +3,6 @@ # SwITNet Ltd © - 2022, https://switnet.net/ # GPLv3 or later. -#### -# NOTE: Only use this script if you know what you are doing. -# Under your own risk. -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY. -#### wait_seconds() { secs=$(($1)) while [ $secs -gt 0 ]; do @@ -18,6 +12,13 @@ while [ $secs -gt 0 ]; do done } +echo "#### +# NOTE: Only use this script if you know what you are doing. +# Under your own risk. +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY. +####" + # Check if user is root if [ "$UID" != 0 ]; then echo You need to run this script as root or sudo rights! From 7ae9820889d6ccb5d95ecfdd6853f72599356ecb Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 20 May 2022 05:52:39 -0500 Subject: [PATCH 15/39] Rename and fix set_once function. --- mode/jms-stu.sh | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/mode/jms-stu.sh b/mode/jms-stu.sh index 045e40d..eface47 100644 --- a/mode/jms-stu.sh +++ b/mode/jms-stu.sh @@ -32,12 +32,12 @@ if [ "$MODE" = "debug" ]; then set -x fi -set_once() { -if ! grep -q "$(awk '!/^ *#/ && NF {print}' "$2"|grep "$(awk -F '=' '{print$1}' <<< "$1")")" ; then +set_once_hash_comment() { +if ! awk '!/^ *#/ && NF {print}' "$2"|grep -q "$(awk -F '=' '{print$1}' <<< "$1")" ; then echo "Setting $1 on $2..." echo "$1" | tee -a "$2" else - echo " \"$(echo "$1"|awk -F '=' '{print$1}')\" seems present, skipping setting this variable" + echo "\"$(awk -F '=' '{print$1}' <<< "$1")\" seems already present, skipping setting this variable" fi } FSTAB=/etc/fstab @@ -56,24 +56,24 @@ sysctl -w net.core.rmem_default=262144 sysctl -w net.core.wmem_default=262144 sysctl -w net.core.rmem_max=262144 sysctl -w net.core.wmem_max=262144 -set_once "net.core.rmem_default=262144" "/etc/sysctl.conf" -set_once "net.core.wmem_default=262144" "/etc/sysctl.conf" -set_once "net.core.rmem_max=262144" "/etc/sysctl.conf" -set_once "net.core.wmem_max=262144" "/etc/sysctl.conf" +set_once_hash_comment "net.core.rmem_default=262144" "/etc/sysctl.conf" +set_once_hash_comment "net.core.wmem_default=262144" "/etc/sysctl.conf" +set_once_hash_comment "net.core.rmem_max=262144" "/etc/sysctl.conf" +set_once_hash_comment "net.core.wmem_max=262144" "/etc/sysctl.conf" #system #https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart -set_once "DefaultLimitNOFILE=65000" "/etc/sysctl.conf" -set_once "DefaultLimitNPROC=65000" "/etc/sysctl.conf" -set_once "DefaultTasksMax=65000" "/etc/sysctl.conf" +set_once_hash_comment "DefaultLimitNOFILE=65000" "/etc/sysctl.conf" +set_once_hash_comment "DefaultLimitNPROC=65000" "/etc/sysctl.conf" +set_once_hash_comment "DefaultTasksMax=65000" "/etc/sysctl.conf" #https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_for_real_time/7/html/tuning_guide/reduce_tcp_performance_spikes sysctl -w net.ipv4.tcp_timestamps=0 -set_once "net.ipv4.tcp_timestamps=0" "/etc/sysctl.conf" +set_once_hash_comment "net.ipv4.tcp_timestamps=0" "/etc/sysctl.conf" #https://bugzilla.redhat.com/show_bug.cgi?id=1283676 sysctl -w net.core.netdev_max_backlog=100000 -set_once "net.core.netdev_max_backlog=100000" "/etc/sysctl.conf" +set_once_hash_comment "net.core.netdev_max_backlog=100000" "/etc/sysctl.conf" ##nginx sed -i "s|worker_connections.*|worker_connections 2000;|" /etc/nginx/nginx.conf From cb801eafd13a5ca347c3b6c1433b5aaeec159815 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 20 May 2022 06:07:18 -0500 Subject: [PATCH 16/39] Change email possition, and small fixes --- quick_jibri_installer.sh | 39 +++++++++++++++++---------------------- 1 file changed, 17 insertions(+), 22 deletions(-) diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index f4b4c48..7a755b1 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -28,7 +28,7 @@ GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list" GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}') PROSODY_REPO="$(apt-cache policy | awk '/prosody/{print$3}' | awk -F "/" 'NR==1{print$2}')" PUBLIC_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)" -NL="$(echo -e '\n> ')" +NL="$(echo -e '\n ')" exit_ifinstalled() { if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then @@ -284,7 +284,7 @@ while [[ "$LE_SSL" != "yes" && "$LE_SSL" != "no" ]] do read -p "> Do you plan to use Let's Encrypt SSL certs?: (yes or no)$NL" -r LE_SSL if [ "$LE_SSL" = yes ]; then - echo "We'll default to Let's Encrypt SSL certs." + echo -e "We'll default to Let's Encrypt SSL certs.\n" else echo "We'll let you choose later on for it. Please be aware that a valid SSL cert is required for some features to work properly." @@ -295,17 +295,23 @@ if [ "$LE_SSL" = "yes" ]; then while [[ "$ANS_JD" != "yes" ]] do read -p "> Please set your domain (or subdomain) here: (e.g.: jitsi.domain.com)$NL" -r JITSI_DOMAIN - read -p "> Did you mean?: $JITSI_DOMAIN (yes or no)$NL" -r ANS_JD + read -p "\n> Did you mean?: $JITSI_DOMAIN (yes or no)$NL" -r ANS_JD if [ "$ANS_JD" = "yes" ]; then echo "Alright, let's use $JITSI_DOMAIN." else echo "Please try again." fi done + + #Sysadmin email + while [[ -z $SYSADMIN_EMAIL ]] + do + read -p "> Set sysadmin email (this is a mandatory field):$NL" -r SYSADMIN_EMAIL + done + #Simple DNS test if [ "$PUBLIC_IP" = "$(dig -4 +short "$JITSI_DOMAIN"||awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then - echo "Server public IP & DNS record for $JITSI_DOMAIN seems to match, continuing... -" + echo -e "Server public IP & DNS record for $JITSI_DOMAIN seems to match, continuing...\n" else echo "Server public IP ($PUBLIC_IP) & DNS record for $JITSI_DOMAIN don't seem to match." echo " > Please check your dns records are applied and updated, otherwise components may fail." @@ -316,7 +322,7 @@ if [ "$LE_SSL" = "yes" ]; then echo " - Exiting for now..." exit fi - fi + fi fi # Requirements echo -e "\nWe'll start by installing system requirements this may take a while please be patient...\n" @@ -427,15 +433,11 @@ else rm -rf /tpm/chromedriver_linux64.zip fi -echo " -Check Google Software Working... -" +echo -e "\nCheck Google Software Working...\n" /usr/bin/google-chrome --version /usr/local/bin/chromedriver --version | awk '{print$1,$2}' -echo " -Remove Chrome warning... -" +echo -e "\nRemove Chrome warning...\n" mkdir -p /etc/opt/chrome/policies/managed echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON" @@ -482,7 +484,7 @@ JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf" # Rename hostname for jitsi server while [[ "$FQDN_HOST" != "yes" && "$FQDN_HOST" != "no" && -n "$FQDN_HOST" ]] do - echo -e "> Set $DOMAIN as a fqdn hostname?: (yes or no)\n" && \ + echo -e "> Set $DOMAIN as a fqdn hostname?: (yes or no)" && \ read -p "Leave empty to default to your current one ($(hostname -f)):$NL" -r FQDN_HOST if [ "$FQDN_HOST" = "yes" ]; then echo "$DOMAIN will be used as fqdn hostname, changes will show on reboot." @@ -493,13 +495,6 @@ do fi done -#Sysadmin email -if [ "$LE_SSL" = "yes" ]; then - while [[ -z $SYSADMIN_EMAIL ]] - do - read -p "Set sysadmin email (this is a mandatory field):$NL" -r SYSADMIN_EMAIL - done -fi #Language echo "## Setting up Jitsi Meet language ## You can define the language, for a complete list of the supported languages @@ -677,9 +672,9 @@ do read -p "> Do you want to setup Grafana Dashboard: (yes or no) ( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )$NL" -r ENABLE_GRAFANA_DSH if [ "$ENABLE_GRAFANA_DSH" = "no" ]; then - echo -e "-- Grafana Dashboard won't be enabled.\n" + echo "-- Grafana Dashboard won't be enabled." elif [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then - echo -e "-- Grafana Dashboard will be enabled. \n" + echo "-- Grafana Dashboard will be enabled." fi done #Docker Etherpad From 4f9bbdf748a755f82175909d7a25afc3c84b9c76 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 20 May 2022 07:00:57 -0500 Subject: [PATCH 17/39] Several indenting changes --- quick_jibri_installer.sh | 99 ++++++++++++++++++---------------------- 1 file changed, 45 insertions(+), 54 deletions(-) diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index 7a755b1..e17a61a 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -68,14 +68,10 @@ The recommended setup is using NGINX, exiting... exit elif [ "$NGINX" -eq 1 ]; then -echo " -Webserver already installed! -" +echo -e "\nWebserver already installed!\n" else - echo " -Installing nginx webserver! -" + echo -e "\nInstalling nginx webserver!\n" install_ifnot nginx fi } @@ -201,9 +197,7 @@ else fi if [ "$CPU_MIN" = "Y" ] && [ "$MEM_MIN" = "Y" ];then echo "All requirements seems meet!" - echo " - - We hope you have a nice recording/streaming session - " + echo "\n - We hope you have a nice recording/streaming session\n " else echo "CPU ($(nproc --all))/RAM ($((mem_available/1024)) MiB) does NOT meet minimum recommended requirements!" echo "Even when you can use the videoconferencing sessions, we advice to increase the resources in order to user Jibri." @@ -211,17 +205,17 @@ else do read -p "> Do you want to continue?: (yes or no)$NL" -r CONTINUE_LOW_RES if [ "$CONTINUE_LOW_RES" = "no" ]; then - echo "See you next time with more resources!..." + echo " - See you next time with more resources!..." exit elif [ "$CONTINUE_LOW_RES" = "yes" ]; then - echo "We highly recommend to increase the server resources." - echo "Otherwise, please think about adding dedicated jibri nodes instead." + echo " - We highly recommend to increase the server resources." + echo " - Otherwise, please think about adding dedicated jibri nodes instead." fi done fi if [ "$CONTINUE_LOW_RES" = "yes" ]; then -echo -e "\nThis server will likely have issues due the lack of resources. +echo 'This server will likely have issues due the lack of resources. If you plan to enable other components such as, - JRA via Nextcloud @@ -236,25 +230,24 @@ Jibri node once this installation has finished, using our script: >> add-jibri-node.sh -So you can add a Jibri server on a instance with enough resources.\n" +So you can add a Jibri server on a instance with enough resources.' while [[ "$DISABLE_LOCAL_JIBRI" != "yes" && "$DISABLE_LOCAL_JIBRI" != "no" ]] do read -p "> Do you want to disable local jibri service?: (yes or no)$NL" -r DISABLE_LOCAL_JIBRI - if [ "$DISABLE_LOCAL_JIBRI" = "no" ]; then - echo -e "Please keep in mind that we might not support underpowered servers.\n" - elif [ "$DISABLE_LOCAL_JIBRI" = "yes" ]; then - echo -e "You can add dedicated jibri nodes later, see more at the wiki.\n" - fi + if [ "$DISABLE_LOCAL_JIBRI" = "no" ]; then + echo -e " - Please keep in mind that we might not support underpowered servers.\n" + elif [ "$DISABLE_LOCAL_JIBRI" = "yes" ]; then + echo -e " - You can add dedicated jibri nodes later, see more at the wiki.\n" + fi done fi #Check system oriented porpuse -echo "Checking system oriented purpose.... -" apt-get -yq2 update SYSTEM_DE="$(apt-cache search "ubuntu-(desktop|mate-desktop)"|awk '{print$1}'|xargs|sed 's|$| trisquel triskel trisquel-mini|')" SYSTEM_DE_ARRAY=( "$SYSTEM_DE" ) +echo -e "Checking for common desktop system oriented purpose....\n $de" for de in "${SYSTEM_DE_ARRAY[@]}" do if [ "$(dpkg-query -W -f='${Status}' "$de" 2>/dev/null | grep -c "ok installed")" == "1" ]; then @@ -263,7 +256,7 @@ do This is an unsupported use, as it will likely BREAK YOUR SYSTEM, so please don't." exit else - echo -e " > No standard desktop environment '$de' for user oriented porpuse detected, continuing..." + echo -e " > No standard desktop environment for user oriented porpuse detected, continuing..." fi done @@ -271,9 +264,9 @@ done add_prosody_repo # Jitsi-Meet Repo -echo -e "\nAdd Jitsi repo\n" +echo -e "\nAdd Jitsi repo" if [ "$JITSI_REPO" = "stable" ]; then - echo "Jitsi stable repository already installed" + echo "- Jitsi stable repository already installed" else echo 'deb http://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add - @@ -284,10 +277,10 @@ while [[ "$LE_SSL" != "yes" && "$LE_SSL" != "no" ]] do read -p "> Do you plan to use Let's Encrypt SSL certs?: (yes or no)$NL" -r LE_SSL if [ "$LE_SSL" = yes ]; then - echo -e "We'll default to Let's Encrypt SSL certs.\n" + echo -e " - We'll setup Let's Encrypt SSL certs.\n" else - echo "We'll let you choose later on for it. - Please be aware that a valid SSL cert is required for some features to work properly." + echo " - We'll let you choose later on for it. + Please be aware that a valid SSL cert is required for some features to work properly." fi done #Set domain @@ -295,11 +288,11 @@ if [ "$LE_SSL" = "yes" ]; then while [[ "$ANS_JD" != "yes" ]] do read -p "> Please set your domain (or subdomain) here: (e.g.: jitsi.domain.com)$NL" -r JITSI_DOMAIN - read -p "\n> Did you mean?: $JITSI_DOMAIN (yes or no)$NL" -r ANS_JD + read -p "> Did you mean?: $JITSI_DOMAIN (yes or no)$NL" -r ANS_JD if [ "$ANS_JD" = "yes" ]; then - echo "Alright, let's use $JITSI_DOMAIN." + echo " - Alright, let's use $JITSI_DOMAIN." else - echo "Please try again." + echo " - Please try again." fi done @@ -311,7 +304,7 @@ if [ "$LE_SSL" = "yes" ]; then #Simple DNS test if [ "$PUBLIC_IP" = "$(dig -4 +short "$JITSI_DOMAIN"||awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then - echo -e "Server public IP & DNS record for $JITSI_DOMAIN seems to match, continuing...\n" + echo -e "\nServer public IP & DNS record for $JITSI_DOMAIN seems to match, continuing..." else echo "Server public IP ($PUBLIC_IP) & DNS record for $JITSI_DOMAIN don't seem to match." echo " > Please check your dns records are applied and updated, otherwise components may fail." @@ -487,11 +480,11 @@ do echo -e "> Set $DOMAIN as a fqdn hostname?: (yes or no)" && \ read -p "Leave empty to default to your current one ($(hostname -f)):$NL" -r FQDN_HOST if [ "$FQDN_HOST" = "yes" ]; then - echo "$DOMAIN will be used as fqdn hostname, changes will show on reboot." + echo " - $DOMAIN will be used as fqdn hostname, changes will show on reboot." hostnamectl set-hostname "${DOMAIN}" sed -i "1i ${PUBLIC_IP} ${DOMAIN}" /etc/hosts else - echo "$(hostname -f) will be keep." + echo " - $(hostname -f) will be keep." fi done @@ -519,9 +512,9 @@ while [[ "$DROP_TLS1" != "yes" && "$DROP_TLS1" != "no" ]] do read -p "> Do you want to drop support for unsecure protocols TLSv1.0/1.1 now: (yes or no)$NL" -r DROP_TLS1 if [ "$DROP_TLS1" = "no" ]; then - echo "TLSv1.0/1.1 will remain." + echo " - TLSv1.0/1.1 will remain." elif [ "$DROP_TLS1" = "yes" ]; then - echo "TLSv1.0/1.1 will be dropped" + echo " - TLSv1.0/1.1 will be dropped" fi done #Dropbox -- no longer requirement for localrecording @@ -539,9 +532,9 @@ while [[ "$ENABLE_BLESSM" != "yes" && "$ENABLE_BLESSM" != "no" ]] do read -p "> Do you want to install customized \"brandless mode\"?: (yes or no)$NL" -r ENABLE_BLESSM if [ "$ENABLE_BLESSM" = "no" ]; then - echo "Brandless mode won't be set." + echo " - Brandless mode won't be set." elif [ "$ENABLE_BLESSM" = "yes" ]; then - echo "Brandless mode will be set." + echo " - Brandless mode will be set." fi done #Welcome Page @@ -549,9 +542,9 @@ while [[ "$ENABLE_WELCP" != "yes" && "$ENABLE_WELCP" != "no" ]] do read -p "> Do you want to disable the Welcome page: (yes or no)$NL" -r ENABLE_WELCP if [ "$ENABLE_WELCP" = "yes" ]; then - echo "Welcome page will be disabled." + echo " - Welcome page will be disabled." elif [ "$ENABLE_WELCP" = "no" ]; then - echo "Welcome page will be enabled." + echo " - Welcome page will be enabled." fi done #Close page @@ -559,9 +552,9 @@ while [[ "$ENABLE_CLOCP" != "yes" && "$ENABLE_CLOCP" != "no" ]] do read -p "> Do you want to enable the close page on room exit: (yes or no)$NL" -r ENABLE_CLOCP if [ "$ENABLE_CLOCP" = "yes" ]; then - echo "Close page will be enabled." + echo " - Close page will be enabled." elif [ "$ENABLE_CLOCP" = "no" ]; then - echo "Close page will be kept disabled." + echo " - Close page will be kept disabled." fi done #Enable static avatar @@ -569,9 +562,9 @@ while [[ "$ENABLE_SA" != "yes" && "$ENABLE_SA" != "no" ]] do read -p "> (Legacy) Do you want to enable static avatar?: (yes or no)$NL" -r ENABLE_SA if [ "$ENABLE_SA" = "no" ]; then - echo "Static avatar won't be enabled" + echo " - Static avatar won't be enabled" elif [ "$ENABLE_SA" = "yes" ]; then - echo "Static avatar will be enabled" + echo " - Static avatar will be enabled" fi done @@ -603,9 +596,7 @@ do done # Set jibris default resolution -echo " -> What jibri resolution should be the default for this and all the following jibri nodes? -" +echo -e "\n> What jibri resolution should be the default for this and all the following jibri nodes?\n" PS3='The more resolution the more resources jibri will require to record properly: ' jib_res=("HD 720" "FHD 1080") select res in "${jib_res[@]}" @@ -641,9 +632,9 @@ do read -p "> Do you want to setup Jibri Records Access via Nextcloud: (yes or no) ( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )$NL" -r ENABLE_NC_ACCESS if [ "$ENABLE_NC_ACCESS" = "no" ]; then - echo -e "-- JRA via Nextcloud won't be enabled.\n" + echo -e " - JRA via Nextcloud won't be enabled.\n" elif [ "$ENABLE_NC_ACCESS" = "yes" ]; then - echo -e "-- JRA via Nextcloud will be enabled.\n" + echo -e " - JRA via Nextcloud will be enabled.\n" fi done #Jigasi @@ -657,9 +648,9 @@ elif [ "$(curl -s -o /dev/null -w "%{http_code}" "$GC_SDK_REL_FILE" )" == "200" read -p "> Do you want to setup Jigasi Transcription: (yes or no) ( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )$NL" -r ENABLE_TRANSCRIPT if [ "$ENABLE_TRANSCRIPT" = "no" ]; then - echo -e "-- Jigasi Transcription won't be enabled.\n" + echo -e " - Jigasi Transcription won't be enabled.\n" elif [ "$ENABLE_TRANSCRIPT" = "yes" ]; then - echo -e "-- Jigasi Transcription will be enabled.\n" + echo -e " - Jigasi Transcription will be enabled.\n" fi done else @@ -672,9 +663,9 @@ do read -p "> Do you want to setup Grafana Dashboard: (yes or no) ( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )$NL" -r ENABLE_GRAFANA_DSH if [ "$ENABLE_GRAFANA_DSH" = "no" ]; then - echo "-- Grafana Dashboard won't be enabled." + echo -e " - Grafana Dashboard won't be enabled.\n" elif [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then - echo "-- Grafana Dashboard will be enabled." + echo -e " - Grafana Dashboard will be enabled.\n" fi done #Docker Etherpad @@ -682,9 +673,9 @@ while [[ "$ENABLE_DOCKERPAD" != "yes" && "$ENABLE_DOCKERPAD" != "no" ]] do read -p "> Do you want to setup Docker Etherpad: (yes or no)$NL" -r ENABLE_DOCKERPAD if [ "$ENABLE_DOCKERPAD" = "no" ]; then - echo -e "-- Docker Etherpad won't be enabled.\n" + echo -e " - Docker Etherpad won't be enabled.\n" elif [ "$ENABLE_DOCKERPAD" = "yes" ]; then - echo -e "-- Docker Etherpad will be enabled.\n" + echo -e " - Docker Etherpad will be enabled.\n" fi done #Start configuration From 6cf2ca8f929ebba914585ee4b7d9b3e556ca6aa9 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 20 May 2022 08:03:13 -0500 Subject: [PATCH 18/39] Remove unused code --- quick_jibri_installer.sh | 32 +++++--------------------------- 1 file changed, 5 insertions(+), 27 deletions(-) diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index e17a61a..7a9433d 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -209,7 +209,7 @@ else exit elif [ "$CONTINUE_LOW_RES" = "yes" ]; then echo " - We highly recommend to increase the server resources." - echo " - Otherwise, please think about adding dedicated jibri nodes instead." + echo -e " - Otherwise, please think about adding dedicated jibri nodes instead.\n" fi done fi @@ -223,7 +223,7 @@ If you plan to enable other components such as, - Additional Jibri Nodes - others. -We higly recommend to increase resources of this server. +>>> We higly recommend to increase resources of this server. <<< For now we advice to disable the Jibri service locally and add an external Jibri node once this installation has finished, using our script: @@ -256,7 +256,7 @@ do This is an unsupported use, as it will likely BREAK YOUR SYSTEM, so please don't." exit else - echo -e " > No standard desktop environment for user oriented porpuse detected, continuing..." + echo -e " > No standard desktop environment for user oriented porpuse detected, continuing...\n" fi done @@ -517,16 +517,7 @@ do echo " - TLSv1.0/1.1 will be dropped" fi done -#Dropbox -- no longer requirement for localrecording -#while [[ $ENABLE_DB != yes && $ENABLE_DB != no ]] -#do -#read -p "> Do you want to setup the Dropbox feature now: (yes or no)"$'\n' -r ENABLE_DB -#if [ $ENABLE_DB = no ]; then -# echo "Dropbox won't be enable" -#elif [ $ENABLE_DB = yes ]; then -# read -p "Please set your Dropbox App key: "$'\n' -r DB_CID -#fi -#done + #Brandless Mode while [[ "$ENABLE_BLESSM" != "yes" && "$ENABLE_BLESSM" != "no" ]] do @@ -557,21 +548,8 @@ do echo " - Close page will be kept disabled." fi done -#Enable static avatar -while [[ "$ENABLE_SA" != "yes" && "$ENABLE_SA" != "no" ]] -do - read -p "> (Legacy) Do you want to enable static avatar?: (yes or no)$NL" -r ENABLE_SA - if [ "$ENABLE_SA" = "no" ]; then - echo " - Static avatar won't be enabled" - elif [ "$ENABLE_SA" = "yes" ]; then - echo " - Static avatar will be enabled" - fi -done - # Set authentication method -echo " -> Jitsi Meet Auth Method selection. -" +echo -e "\n> Jitsi Meet Auth Method selection.\n" PS3='Select the authentication method for your Jitsi Meet instance: ' options=("Local" "JWT" "None") select opt in "${options[@]}" From 0fd5e8b8cc14c555805b0924c31e6d580ae9779a Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 20 May 2022 08:03:48 -0500 Subject: [PATCH 19/39] Set warning instead of "note". --- tools/aws-grub-setup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/aws-grub-setup.sh b/tools/aws-grub-setup.sh index c5bf73b..20eda57 100644 --- a/tools/aws-grub-setup.sh +++ b/tools/aws-grub-setup.sh @@ -13,7 +13,7 @@ done } echo "#### -# NOTE: Only use this script if you know what you are doing. +# WARNING: Only use this script if you know what you are doing. # Under your own risk. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY. From 16458ee32a9820177ec3ad1938ba50b1266a1a46 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 20 May 2022 10:43:34 -0500 Subject: [PATCH 20/39] Yet again more fixes on echo and printf --- quick_jibri_installer.sh | 302 +++++++++++++++++++++------------------ 1 file changed, 160 insertions(+), 142 deletions(-) diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index 7a9433d..b88d370 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -28,7 +28,7 @@ GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list" GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}') PROSODY_REPO="$(apt-cache policy | awk '/prosody/{print$3}' | awk -F "/" 'NR==1{print$2}')" PUBLIC_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)" -NL="$(echo -e '\n ')" +NL="$(printf '\n ')" exit_ifinstalled() { if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then @@ -56,7 +56,7 @@ install_ifnot() { if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then echo " $1 is installed, skipping..." else - echo -e "\n---- Installing $1 ----" + printf "\n---- Installing %s ----" "$1" apt-get -yq2 install "$1" fi } @@ -68,15 +68,15 @@ The recommended setup is using NGINX, exiting... exit elif [ "$NGINX" -eq 1 ]; then -echo -e "\nWebserver already installed!\n" +printf "\nWebserver already installed!\n" else - echo -e "\nInstalling nginx webserver!\n" + printf "\nInstalling nginx webserver!\n" install_ifnot nginx fi } check_snd_driver() { -echo -e "\n# Checking ALSA - Loopback module..." +printf "\n# Checking ALSA - Loopback module..." echo "snd-aloop" | tee -a /etc/modules modprobe snd-aloop if [ "$(lsmod|awk '/snd_aloop/{print$1}'|awk 'NR==1')" = "snd_aloop" ]; then @@ -124,7 +124,7 @@ while [ $secs -gt 0 ]; do done } clear -echo -e ' +printf ' ######################################################################## Welcome to Jitsi/Jibri Installer ######################################################################## @@ -148,13 +148,13 @@ if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have sudo privileges!" exit 0 fi + + printf "\nOS: %s" "$(lsb_release -sd)" if [ "$DIST" = "bionic" ] || \ [ "$DIST" = "focal" ]; then - echo "OS: $(lsb_release -sd)" - echo "Good, this is a supported platform!" + printf "\nGood, this is a supported platform!" else - echo "OS: $(lsb_release -sd)" - echo "Sorry, this platform is not supported... exiting" + printf "\nSorry, this platform is not supported... exiting" exit fi #Suggest 20.04 LTS release over 18.04 in April 2022 @@ -174,46 +174,44 @@ fi #Check system resources echo "Verifying System Resources:" if [ "$(nproc --all)" -lt 4 ];then - echo " -Warning!: The system do not meet the minimum CPU requirements for Jibri to run. ->> We recommend 4 cores/threads for Jibri! -" - CPU_MIN="N" + printf "\nWarning!: The system do not meet the minimum CPU requirements for Jibri to run." + printf "\n>> We recommend 4 cores/threads for Jibri!\n\n" + CPU_MIN="N" else - echo "CPU Cores/Threads: OK ($(nproc --all))" - CPU_MIN="Y" + printf "\nCPU Cores/Threads: OK (%s)\n\n" "$(nproc --all)" + CPU_MIN="Y" fi +sleep .1 ### Test RAM size (8GB min) ### mem_available="$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+')" if [ "$mem_available" -lt 7700000 ]; then - echo " -Warning!: The system do not meet the minimum RAM requirements for Jibri to run. ->> We recommend 8GB RAM for Jibri! -" - MEM_MIN="N" + printf "\nWarning!: The system do not meet the minimum RAM requirements for Jibri to run." + printf "\n>> We recommend 8GB RAM for Jibri!\n\n" + MEM_MIN="N" else - echo "Memory: OK ($((mem_available/1024)) MiB)" - MEM_MIN="Y" + printf "\nMemory: OK (%s) MiB)\n\n" "$(mem_available/1024)" + MEM_MIN="Y" fi +sleep .1 if [ "$CPU_MIN" = "Y" ] && [ "$MEM_MIN" = "Y" ];then echo "All requirements seems meet!" - echo "\n - We hope you have a nice recording/streaming session\n " + printf "\n - We hope you have a nice recording/streaming session\n" else - echo "CPU ($(nproc --all))/RAM ($((mem_available/1024)) MiB) does NOT meet minimum recommended requirements!" - echo "Even when you can use the videoconferencing sessions, we advice to increase the resources in order to user Jibri." - while [[ "$CONTINUE_LOW_RES" != "yes" && "$CONTINUE_LOW_RES" != "no" ]] + printf "CPU (%s)/RAM (%s MiB) does NOT meet minimum recommended requirements!" "$(nproc --all)" "$((mem_available/1024))" + printf "\nEven when you can use the videoconferencing sessions, we advice to increase the resources in order to user Jibri.\n\n" + while [ "$CONTINUE_LOW_RES" != "yes" ] && [ "$CONTINUE_LOW_RES" != "no" ] do read -p "> Do you want to continue?: (yes or no)$NL" -r CONTINUE_LOW_RES if [ "$CONTINUE_LOW_RES" = "no" ]; then echo " - See you next time with more resources!..." exit elif [ "$CONTINUE_LOW_RES" = "yes" ]; then - echo " - We highly recommend to increase the server resources." - echo -e " - Otherwise, please think about adding dedicated jibri nodes instead.\n" + printf " - We highly recommend to increase the server resources." + printf " - Otherwise, please think about adding dedicated jibri nodes instead.\n" fi done fi - +sleep .1 if [ "$CONTINUE_LOW_RES" = "yes" ]; then echo 'This server will likely have issues due the lack of resources. If you plan to enable other components such as, @@ -228,83 +226,86 @@ If you plan to enable other components such as, For now we advice to disable the Jibri service locally and add an external Jibri node once this installation has finished, using our script: - >> add-jibri-node.sh - -So you can add a Jibri server on a instance with enough resources.' - - while [[ "$DISABLE_LOCAL_JIBRI" != "yes" && "$DISABLE_LOCAL_JIBRI" != "no" ]] + >> add-jibri-node.sh' +printf "\nSo you can add a Jibri server on a instance with enough resources.\n\n" +sleep .1 + while [ "$DISABLE_LOCAL_JIBRI" != "yes" ] && [ "$DISABLE_LOCAL_JIBRI" != "no" ] do read -p "> Do you want to disable local jibri service?: (yes or no)$NL" -r DISABLE_LOCAL_JIBRI if [ "$DISABLE_LOCAL_JIBRI" = "no" ]; then - echo -e " - Please keep in mind that we might not support underpowered servers.\n" + printf " - Please keep in mind that we might not support underpowered servers.\n" elif [ "$DISABLE_LOCAL_JIBRI" = "yes" ]; then - echo -e " - You can add dedicated jibri nodes later, see more at the wiki.\n" + printf " - You can add dedicated jibri nodes later, see more at the wiki.\n" fi done fi - +sleep .1 #Check system oriented porpuse apt-get -yq2 update SYSTEM_DE="$(apt-cache search "ubuntu-(desktop|mate-desktop)"|awk '{print$1}'|xargs|sed 's|$| trisquel triskel trisquel-mini|')" SYSTEM_DE_ARRAY=( "$SYSTEM_DE" ) -echo -e "Checking for common desktop system oriented purpose....\n $de" +printf "\nChecking for common desktop system oriented purpose....\n" for de in "${SYSTEM_DE_ARRAY[@]}" do if [ "$(dpkg-query -W -f='${Status}' "$de" 2>/dev/null | grep -c "ok installed")" == "1" ]; then - echo -e "\n > This instance has $de installed, exiting... + printf "\n > This instance has %s installed, exiting... \nPlease avoid using this installer on a desktop-user oriented GNU/Linux system. - This is an unsupported use, as it will likely BREAK YOUR SYSTEM, so please don't." + This is an unsupported use, as it will likely BREAK YOUR SYSTEM, so please don't." "$de" exit else - echo -e " > No standard desktop environment for user oriented porpuse detected, continuing...\n" + printf " > No standard desktop environment for user oriented porpuse detected, continuing...\n\n" fi done - +sleep .1 #Prosody repository add_prosody_repo - +sleep .1 # Jitsi-Meet Repo -echo -e "\nAdd Jitsi repo" +printf "\nAdd Jitsi repo\n" if [ "$JITSI_REPO" = "stable" ]; then - echo "- Jitsi stable repository already installed" + printf " - Jitsi stable repository already installed\n\n" else echo 'deb http://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add - JITSI_REPO="stable" fi +sleep .1 #Default to LE SSL? -while [[ "$LE_SSL" != "yes" && "$LE_SSL" != "no" ]] +while [ "$LE_SSL" != "yes" ] && [ "$LE_SSL" != "no" ] do read -p "> Do you plan to use Let's Encrypt SSL certs?: (yes or no)$NL" -r LE_SSL if [ "$LE_SSL" = yes ]; then - echo -e " - We'll setup Let's Encrypt SSL certs.\n" + printf " - We'll setup Let's Encrypt SSL certs.\n\n" else - echo " - We'll let you choose later on for it. - Please be aware that a valid SSL cert is required for some features to work properly." + printf " - We'll let you choose later on for it." + printf" Please be aware that a valid SSL cert is required for some features to work properly.\n\n" fi done +sleep .1 #Set domain -if [ "$LE_SSL" = "yes" ]; then - while [[ "$ANS_JD" != "yes" ]] +if [ "$LE_SSL" = "yes" ] +then + while [ "$ANS_JD" != "yes" ] do read -p "> Please set your domain (or subdomain) here: (e.g.: jitsi.domain.com)$NL" -r JITSI_DOMAIN - read -p "> Did you mean?: $JITSI_DOMAIN (yes or no)$NL" -r ANS_JD - if [ "$ANS_JD" = "yes" ]; then - echo " - Alright, let's use $JITSI_DOMAIN." + read -p " > Did you mean?: $JITSI_DOMAIN (yes or no)$NL" -r ANS_JD + if [ "$ANS_JD" = "yes" ] + then + echo " - Alright, let's use $JITSI_DOMAIN." else - echo " - Please try again." + echo " - Please try again." fi done - +sleep .1 #Sysadmin email - while [[ -z $SYSADMIN_EMAIL ]] + while [ -z "$SYSADMIN_EMAIL" ] do - read -p "> Set sysadmin email (this is a mandatory field):$NL" -r SYSADMIN_EMAIL + read -p " > Set sysadmin email (this is a mandatory field):$NL" -r SYSADMIN_EMAIL done - +sleep .1 #Simple DNS test if [ "$PUBLIC_IP" = "$(dig -4 +short "$JITSI_DOMAIN"||awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then - echo -e "\nServer public IP & DNS record for $JITSI_DOMAIN seems to match, continuing..." + printf "\nServer public IP & DNS record for %s seems to match, continuing..." "$JITSI_DOMAIN" else echo "Server public IP ($PUBLIC_IP) & DNS record for $JITSI_DOMAIN don't seem to match." echo " > Please check your dns records are applied and updated, otherwise components may fail." @@ -317,8 +318,9 @@ if [ "$LE_SSL" = "yes" ]; then fi fi fi +sleep .1 # Requirements -echo -e "\nWe'll start by installing system requirements this may take a while please be patient...\n" +printf "\nWe'll start by installing system requirements this may take a while please be patient...\n" apt-get update -q2 apt-get dist-upgrade -yq2 @@ -426,11 +428,11 @@ else rm -rf /tpm/chromedriver_linux64.zip fi -echo -e "\nCheck Google Software Working...\n" +printf "\nCheck Google Software Working...\n" /usr/bin/google-chrome --version /usr/local/bin/chromedriver --version | awk '{print$1,$2}' -echo -e "\nRemove Chrome warning...\n" +printf "\nRemove Chrome warning...\n" mkdir -p /etc/opt/chrome/policies/managed echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON" @@ -475,125 +477,134 @@ FQDN_HOST="fqdn" JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf" # Rename hostname for jitsi server -while [[ "$FQDN_HOST" != "yes" && "$FQDN_HOST" != "no" && -n "$FQDN_HOST" ]] +while [ "$FQDN_HOST" != "yes" ] && [ "$FQDN_HOST" != "no" ] && [ -n "$FQDN_HOST" ] do - echo -e "> Set $DOMAIN as a fqdn hostname?: (yes or no)" && \ + printf "> Set %s as a fqdn hostname?: (yes or no)\n" "$DOMAIN" && \ read -p "Leave empty to default to your current one ($(hostname -f)):$NL" -r FQDN_HOST if [ "$FQDN_HOST" = "yes" ]; then - echo " - $DOMAIN will be used as fqdn hostname, changes will show on reboot." + printf " - $DOMAIN will be used as fqdn hostname, changes will show on reboot.\n\n" hostnamectl set-hostname "${DOMAIN}" sed -i "1i ${PUBLIC_IP} ${DOMAIN}" /etc/hosts else - echo " - $(hostname -f) will be keep." + printf " - $(hostname -f) will be keep.\n\n" fi done - +sleep .1 #Language echo "## Setting up Jitsi Meet language ## You can define the language, for a complete list of the supported languages See here: -https://github.com/jitsi/jitsi-meet/blob/master/lang/languages.json - -Jitsi Meet web interface will be set to use such language." +https://github.com/jitsi/jitsi-meet/blob/master/lang/languages.json" +printf "Jitsi Meet web interface will be set to use such language.\n\n" +sleep .1 read -p "Please set your language (Press enter to default to 'en'):$NL" -r JB_LANG -echo -e "\nWe'll take a minute to localize some UI excerpts if you need.\n" +sleep .1 +printf "\nWe'll take a minute to localize some UI excerpts if you need.\n\n" +sleep .1 #Participant -echo -e "> Do you want to translate 'Participant' to your own language?" && \ +printf "> Do you want to translate 'Participant' to your own language?\n" +sleep .1 read -p "Leave empty to use the default one (English):$NL" -r L10N_PARTICIPANT +sleep .1 #Me -echo -e "\n> Do you want to translate 'me' to your own language? +printf "\n> Do you want to translate 'me' to your own language? This must be a really small word to present one self. -Some suggestions might be: yo (Spanish) | je (French) | ich (German)\n" && \ +Some suggestions might be: yo (Spanish) | je (French) | ich (German)\n" +sleep .1 read -p "Leave empty to use the default one (English):$NL" -r L10N_ME #Drop unsecure TLS -while [[ "$DROP_TLS1" != "yes" && "$DROP_TLS1" != "no" ]] +while [ "$DROP_TLS1" != "yes" ] && [ "$DROP_TLS1" != "no" ] do read -p "> Do you want to drop support for unsecure protocols TLSv1.0/1.1 now: (yes or no)$NL" -r DROP_TLS1 if [ "$DROP_TLS1" = "no" ]; then - echo " - TLSv1.0/1.1 will remain." + printf " - TLSv1.0/1.1 will remain.\n\n" elif [ "$DROP_TLS1" = "yes" ]; then - echo " - TLSv1.0/1.1 will be dropped" + printf " - TLSv1.0/1.1 will be dropped\n\n" fi done - +sleep .1 #Brandless Mode -while [[ "$ENABLE_BLESSM" != "yes" && "$ENABLE_BLESSM" != "no" ]] +while [ "$ENABLE_BLESSM" != "yes" ] && [ "$ENABLE_BLESSM" != "no" ] do read -p "> Do you want to install customized \"brandless mode\"?: (yes or no)$NL" -r ENABLE_BLESSM if [ "$ENABLE_BLESSM" = "no" ]; then - echo " - Brandless mode won't be set." + printf " - Brandless mode won't be set.\n\n" elif [ "$ENABLE_BLESSM" = "yes" ]; then - echo " - Brandless mode will be set." + printf " - Brandless mode will be set.\n\n" fi done +sleep .1 #Welcome Page -while [[ "$ENABLE_WELCP" != "yes" && "$ENABLE_WELCP" != "no" ]] +while [ "$ENABLE_WELCP" != "yes" ] && [ "$ENABLE_WELCP" != "no" ] do read -p "> Do you want to disable the Welcome page: (yes or no)$NL" -r ENABLE_WELCP if [ "$ENABLE_WELCP" = "yes" ]; then - echo " - Welcome page will be disabled." + printf " - Welcome page will be disabled.\n\n" elif [ "$ENABLE_WELCP" = "no" ]; then - echo " - Welcome page will be enabled." + printf " - Welcome page will be enabled.\n\n" fi done +sleep .1 #Close page -while [[ "$ENABLE_CLOCP" != "yes" && "$ENABLE_CLOCP" != "no" ]] +while [ "$ENABLE_CLOCP" != "yes" ] && [ "$ENABLE_CLOCP" != "no" ] do read -p "> Do you want to enable the close page on room exit: (yes or no)$NL" -r ENABLE_CLOCP if [ "$ENABLE_CLOCP" = "yes" ]; then - echo " - Close page will be enabled." + printf " - Close page will be enabled.\n\n" elif [ "$ENABLE_CLOCP" = "no" ]; then - echo " - Close page will be kept disabled." + printf " - Close page will be kept disabled.\n\n" fi done +sleep .1 # Set authentication method -echo -e "\n> Jitsi Meet Auth Method selection.\n" +printf "\n> Jitsi Meet Auth Method selection.\n" PS3='Select the authentication method for your Jitsi Meet instance: ' options=("Local" "JWT" "None") select opt in "${options[@]}" do case $opt in "Local") - echo -e "\n > Users are created manually using prosodyctl, only moderators can open a room or launch recording.\n" + printf "\n > Users are created manually using prosodyctl, only moderators can open a room or launch recording.\n" ENABLE_SC="yes" break ;; "JWT") - echo -e "\n > A external app manage the token usage/creation, like RocketChat does.\n" + printf "\n > A external app manage the token usage/creation, like RocketChat does.\n" ENABLE_JWT="yes" break ;; "None") - echo -e "\n > Everyone can access the room as moderators as there is no auth mechanism.\n" + printf "\n > Everyone can access the room as moderators as there is no auth mechanism.\n" break ;; *) echo "Invalid option $REPLY, choose 1, 2 or 3";; esac done - +sleep .1 # Set jibris default resolution -echo -e "\n> What jibri resolution should be the default for this and all the following jibri nodes?\n" +printf "\n> What jibri resolution should be the default for this and all the following jibri nodes?\n" PS3='The more resolution the more resources jibri will require to record properly: ' jib_res=("HD 720" "FHD 1080") select res in "${jib_res[@]}" do case $res in "HD 720") - echo -e "\n > HD (1280x720) is good enough for most cases, and requires a moderate high hw requirements.\n" + printf "\n > HD (1280x720) is good enough for most cases, and requires a moderate high hw requirements.\n\n" JIBRI_RES="720" break ;; "FHD 1080") - echo -e "\n > Full HD (1920x1080) is the best resolution available, it also requires high hw requirements.\n" + printf "\n > Full HD (1920x1080) is the best resolution available, it also requires high hw requirements.\n\n" JIBRI_RES="1080" break ;; - *) echo "Invalid option «$REPLY», choose 1 or 2";; + *) printf "\nInvalid option «$REPLY», choose 1 or 2\n\n" + ;; esac done - +sleep .1 if [ "$JIBRI_RES" = "720" ]; then JIBRI_RES_CONF="\"1280x720\"" JIBRI_RES_XORG_CONF="1280 720" @@ -605,57 +616,60 @@ if [ "$JIBRI_RES" = "1080" ]; then fi #Jibri Records Access (JRA) via Nextcloud -while [[ "$ENABLE_NC_ACCESS" != "yes" && "$ENABLE_NC_ACCESS" != "no" ]] +while [ "$ENABLE_NC_ACCESS" != "yes" ] && [ "$ENABLE_NC_ACCESS" != "no" ] do read -p "> Do you want to setup Jibri Records Access via Nextcloud: (yes or no) ( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )$NL" -r ENABLE_NC_ACCESS if [ "$ENABLE_NC_ACCESS" = "no" ]; then - echo -e " - JRA via Nextcloud won't be enabled.\n" + printf " - JRA via Nextcloud won't be enabled.\n\n" elif [ "$ENABLE_NC_ACCESS" = "yes" ]; then - echo -e " - JRA via Nextcloud will be enabled.\n" + printf " - JRA via Nextcloud will be enabled.\n\n" fi done +sleep .1 #Jigasi if [ "$(curl -s -o /dev/null -w "%{http_code}" "$GC_SDK_REL_FILE" )" == "404" ]; then - echo "> Sorry Google SDK doesn't have support yet for $(lsb_release -sd), - thus, Jigasi Transcript can't be enable. -" + printf "> Sorry Google SDK doesn't have support yet for %s, + thus, Jigasi Transcript can't be enable.\n\n" "$(lsb_release -sd)" elif [ "$(curl -s -o /dev/null -w "%{http_code}" "$GC_SDK_REL_FILE" )" == "200" ]; then - while [[ "$ENABLE_TRANSCRIPT" != "yes" && "$ENABLE_TRANSCRIPT" != "no" ]] + while [ "$ENABLE_TRANSCRIPT" != "yes" ] && [ "$ENABLE_TRANSCRIPT" != "no" ] do read -p "> Do you want to setup Jigasi Transcription: (yes or no) ( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )$NL" -r ENABLE_TRANSCRIPT if [ "$ENABLE_TRANSCRIPT" = "no" ]; then - echo -e " - Jigasi Transcription won't be enabled.\n" + printf " - Jigasi Transcription won't be enabled.\n\n" elif [ "$ENABLE_TRANSCRIPT" = "yes" ]; then - echo -e " - Jigasi Transcription will be enabled.\n" + printf " - Jigasi Transcription will be enabled.\n\n" fi done else echo "No valid option for Jigasi. Please report this to -https://github.com/switnet-ltd/quick-jibri-installer/issues " +https://github.com/switnet-ltd/quick-jibri-installer/issues" fi +sleep .1 #Grafana -while [[ "$ENABLE_GRAFANA_DSH" != "yes" && "$ENABLE_GRAFANA_DSH" != "no" ]] +while [ "$ENABLE_GRAFANA_DSH" != "yes" ] && [ "$ENABLE_GRAFANA_DSH" != "no" ] do read -p "> Do you want to setup Grafana Dashboard: (yes or no) ( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )$NL" -r ENABLE_GRAFANA_DSH if [ "$ENABLE_GRAFANA_DSH" = "no" ]; then - echo -e " - Grafana Dashboard won't be enabled.\n" + printf " - Grafana Dashboard won't be enabled.\n\n" elif [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then - echo -e " - Grafana Dashboard will be enabled.\n" + printf " - Grafana Dashboard will be enabled.\n\n" fi done +sleep .1 #Docker Etherpad -while [[ "$ENABLE_DOCKERPAD" != "yes" && "$ENABLE_DOCKERPAD" != "no" ]] +while [ "$ENABLE_DOCKERPAD" != "yes" ] && [ "$ENABLE_DOCKERPAD" != "no" ] do read -p "> Do you want to setup Docker Etherpad: (yes or no)$NL" -r ENABLE_DOCKERPAD if [ "$ENABLE_DOCKERPAD" = "no" ]; then - echo -e " - Docker Etherpad won't be enabled.\n" + printf " - Docker Etherpad won't be enabled.\n" elif [ "$ENABLE_DOCKERPAD" = "yes" ]; then - echo -e " - Docker Etherpad will be enabled.\n" + printf " - Docker Etherpad will be enabled.\n" fi done +sleep .1 #Start configuration echo ' ######################################################################## @@ -695,17 +709,17 @@ if [ "$LE_SSL" = "yes" ]; then echo "#Set and upgrade certbot PPA if posssible..." if [ "$CERTBOT_REPO" = "certbot" ]; then - echo -e "\nCertbot repository already on the system!\nChecking for updates...\n" + printf "\nCertbot repository already on the system!\nChecking for updates...\n" apt-get -q2 update apt-get -yq2 dist-upgrade elif [ "$(curl -s -o /dev/null -w "%{http_code}" "$CERTBOT_REL_FILE" )" == "200" ]; then - echo -e "\nAdding cerbot (formerly letsencrypt) PPA repository for latest updates\n" + printf "\nAdding cerbot (formerly letsencrypt) PPA repository for latest updates\n" echo "deb http://ppa.launchpad.net/certbot/certbot/ubuntu $DIST main" > /etc/apt/sources.list.d/certbot.list apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 75BCA694 apt-get -q2 update apt-get -yq2 dist-upgrade elif [ "$(curl -s -o /dev/null -w "%{http_code}" "$CERTBOT_REL_FILE" )" == "404" ]; then - echo -e "\nCertbot PPA is not available for $(lsb_release -sc) just yet, it won't be installed...\n" + printf "\nCertbot PPA is not available for %s just yet, it won't be installed...\n" "$(lsb_release -sc)" fi else echo "SSL setup will be skipped." @@ -737,15 +751,16 @@ sed -i "/shard.HOSTNAME/s|localhost|$DOMAIN|" /etc/jitsi/videobridge/sip-communi # Configure Jibri if [ "$ENABLE_SC" = "yes" ]; then if [ ! -f "$MOD_LIST_FILE" ]; then - echo -e "\n-> Adding external module to list prosody users...\n" + printf "\n-> Adding external module to list prosody users...\n" curl -s "$MOD_LISTU" > "$MOD_LIST_FILE" - echo -e "Now you can check registered users with:\nprosodyctl mod_listusers\n" + printf "Now you can check registered users with:\nprosodyctl mod_listusers\n" else - echo -e "Prosody support for listing users seems to be enabled. \ncheck with: prosodyctl mod_listusers\n" + printf "Prosody support for listing users seems to be enabled. \ncheck with: prosodyctl mod_listusers\n" fi fi +sleep .1 #Enable jibri recording cat << REC-JIBRI >> "$PROSODY_FILE" @@ -1052,15 +1067,15 @@ if [ "$ENABLE_SA" = "yes" ] && [ -f "$WS_CONF" ]; then fi #nginx -tlsv1/1.1 if [ "$DROP_TLS1" = "yes" ];then - echo -e "\nDropping TLSv1/1.1\n" + printf "\nDropping TLSv1/1.1\\nn" sed -i "s|TLSv1 TLSv1.1||" /etc/nginx/nginx.conf elif [ "$DROP_TLS1" = "no" ];then - echo -e "\nNo TLSv1/1.1 dropping was done.\n" + printf "\nNo TLSv1/1.1 dropping was done.\n\n" else echo "No condition meet, please report to https://github.com/switnet-ltd/quick-jibri-installer/issues " fi - +sleep .1 #================== Setup prosody conf file ================= ###Setup secure rooms @@ -1074,21 +1089,21 @@ if [ "$ENABLE_SC" = "yes" ]; then read -p "Set username for secure room moderator:$NL" -r SEC_ROOM_USER read -p "Secure room moderator password:$NL" -r SEC_ROOM_PASS prosodyctl register "$SEC_ROOM_USER" "$DOMAIN" "$SEC_ROOM_PASS" - - echo -e "\nSecure rooms are being enabled..." +sleep .1 + printf "\nSecure rooms are being enabled...\n" echo "You'll be able to login Secure Room chat with '${SEC_ROOM_USER}' \ or '${SEC_ROOM_USER}@${DOMAIN}' using the password you just entered. If you have issues with the password refer to your sysadmin." sed -i "s|#org.jitsi.jicofo.auth.URL=XMPP:|org.jitsi.jicofo.auth.URL=XMPP:|" "$JICOFO_SIP" sed -i "s|SEC_ROOM=.*|SEC_ROOM=\"on\"|" jm-bm.sh fi - +sleep .1 ###JWT if [ "$ENABLE_JWT" = "yes" ]; then - echo -e "\nJWT auth is being setup..." + printf "\nJWT auth is being setup...\n" bash "$PWD"/mode/jwt.sh fi - +sleep .1 #Guest allow #Change back lobby - https://community.jitsi.org/t/64769/136 if [ "$ENABLE_SC" = "yes" ];then @@ -1153,17 +1168,15 @@ sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF" sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF" #Check config file -echo -e "\n# Checking $MEET_CONF file for errors\n" +printf "\n# Checking %s file for errors\n" "$MEET_CONF" CHECKJS=$(esvalidate "$MEET_CONF"| cut -d ":" -f2) -if [[ -z "$CHECKJS" ]]; then - echo -e "\n# The $MEET_CONF configuration seems correct. =)\n" +if [ -z "$CHECKJS" ]; then + printf "\n# The %s configuration seems correct. =)\n" "$MEET_CONF" else - echo " -Watch out!, there seems to be an issue on $MEET_CONF line: + echo -e "\nWatch out!, there seems to be an issue on $MEET_CONF line: $CHECKJS Most of the times this is due upstream changes, please report to -https://github.com/switnet-ltd/quick-jibri-installer/issues -" +https://github.com/switnet-ltd/quick-jibri-installer/issues\n" fi #Enable jibri services @@ -1199,8 +1212,9 @@ if [ "$ENABLE_BLESSM" = "yes" ]; then sed -i "s|ENABLE_BLESSM=.*|ENABLE_BLESSM=\"on\"|" jitsi-updater.sh bash "$PWD"/jm-bm.sh fi + # Applying best practives for interface config.js -echo -e "\n> Setting up custom interface_config.js according to best practices." +printf "\n> Setting up custom interface_config.js according to best practices." cp "$INT_CONF" "$INT_CONF_ETC" #Tune webserver for interface_config.js @@ -1217,17 +1231,18 @@ else fi #JRA via Nextcloud if [ "$ENABLE_NC_ACCESS" = "yes" ]; then - echo -e "\nJRA via Nextcloud will be enabled." + printf "\nJRA via Nextcloud will be enabled." if [ "$MODE" = "debug" ]; then bash "$PWD"/jra_nextcloud.sh -m debug else bash "$PWD"/jra_nextcloud.sh fi fi +sleep .1 } > >(tee -a qj-installer.log) 2> >(tee -a qj-installer.log >&2) #Jigasi Transcript if [ "$ENABLE_TRANSCRIPT" = "yes" ]; then - echo -e "\nJigasi Transcription will be enabled." + printf "\nJigasi Transcription will be enabled." # ToDo: Analyze behavior on debug #if [ "$MODE" = "debug" ]; then # bash "$PWD"/jigasi.sh -m debug @@ -1235,25 +1250,28 @@ if [ "$ENABLE_TRANSCRIPT" = "yes" ]; then bash "$PWD"/jigasi.sh #fi fi +sleep .1 { #Grafana Dashboard if [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then - echo -e "\nGrafana Dashboard will be enabled." + printf "\nGrafana Dashboard will be enabled." if [ "$MODE" = "debug" ]; then bash "$PWD"/grafana.sh -m debug else bash "$PWD"/grafana.sh fi fi +sleep .1 #Docker Etherpad if [ "$ENABLE_DOCKERPAD" = "yes" ]; then - echo -e "\nDocker Etherpad will be enabled." + printf "\nDocker Etherpad will be enabled." if [ "$MODE" = "debug" ]; then bash "$PWD"/etherpad-docker.sh -m debug else bash "$PWD"/etherpad-docker.sh fi fi +sleep .1 #Prevent JMS conecction issue if [ -z "$(awk "/127.0.0.1/&&/$DOMAIN/{print\$1}" /etc/hosts)" ];then sed -i "/127.0.0.1/a \\ From e801fdd6ba8bea18faf9416fe13d6ac7a0531beb Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 20 May 2022 12:25:56 -0500 Subject: [PATCH 21/39] Fix jibri domain. --- quick_jibri_installer.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index b88d370..5c93fe9 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -482,11 +482,11 @@ do printf "> Set %s as a fqdn hostname?: (yes or no)\n" "$DOMAIN" && \ read -p "Leave empty to default to your current one ($(hostname -f)):$NL" -r FQDN_HOST if [ "$FQDN_HOST" = "yes" ]; then - printf " - $DOMAIN will be used as fqdn hostname, changes will show on reboot.\n\n" + printf " - %s will be used as fqdn hostname, changes will show on reboot.\n\n" "$DOMAIN" hostnamectl set-hostname "${DOMAIN}" sed -i "1i ${PUBLIC_IP} ${DOMAIN}" /etc/hosts else - printf " - $(hostname -f) will be keep.\n\n" + printf " - %s will be keep.\n\n" "$(hostname -f)" fi done sleep .1 @@ -600,7 +600,7 @@ do JIBRI_RES="1080" break ;; - *) printf "\nInvalid option «$REPLY», choose 1 or 2\n\n" + *) printf "\nInvalid option «%s», choose 1 or 2\n\n" "$REPLY" ;; esac done @@ -798,7 +798,7 @@ prosodyctl register recorder recorder."$DOMAIN" "$JB_REC_PASS" cat << BREWERY >> "$JICOFO_SIP" #org.jitsi.jicofo.auth.URL=XMPP:$DOMAIN #org.jitsi.jicofo.auth.URL=EXT_JWT:$DOMAIN -org.jitsi.jicofo.jibri.BREWERY="$JibriBrewery"@internal.auth."$DOMAIN" +org.jitsi.jicofo.jibri.BREWERY=$JibriBrewery@internal.auth.$DOMAIN org.jitsi.jicofo.jibri.PENDING_TIMEOUT=90 #org.jitsi.jicofo.auth.DISABLE_AUTOLOGIN=true BREWERY From 78bc49e5c99ce5a6e818640c3424f011aeb0a578 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 20 May 2022 18:14:00 -0500 Subject: [PATCH 22/39] Fix grafana configuration --- grafana.sh | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/grafana.sh b/grafana.sh index b914e5e..173146f 100644 --- a/grafana.sh +++ b/grafana.sh @@ -134,16 +134,14 @@ JITSI_TELEGRAF run_service telegraf -echo " -# Setup videobridge options -" -sed -i "s|JVB_OPTS=\"--apis.*|JVB_OPTS=\"--apis=rest,xmpp\"|" /etc/jitsi/videobridge/config +echo -n "\n# Setup videobridge options\n" +echo ' +# extra options to pass to the JVB daemon +JVB_OPTS="--apis=rest,xmpp"' >> /etc/jitsi/videobridge/config sed -i "s|TRANSPORT=muc|TRANSPORT=muc,colibri|" /etc/jitsi/videobridge/sip-communicator.properties systemctl restart jitsi-videobridge2 -echo " -# Setup Grafana nginx domain -" +echo -e "\n# Setup Grafana nginx domain\n" sed -i "s|;protocol =.*|protocol = http|" $GRAFANA_INI sed -i "s|;http_addr =.*|http_addr = localhost|" $GRAFANA_INI sed -i "s|;http_port =.*|http_port = 3000|" $GRAFANA_INI From 3a9e9d18f445b473aaaf8dd836800fc01a3aecde Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 20 May 2022 18:20:22 -0500 Subject: [PATCH 23/39] Standarize jra_nextcloud --- jra_nextcloud.sh | 78 ++++++++++++++++++++---------------------------- 1 file changed, 33 insertions(+), 45 deletions(-) diff --git a/jra_nextcloud.sh b/jra_nextcloud.sh index 24f2653..9b548c0 100644 --- a/jra_nextcloud.sh +++ b/jra_nextcloud.sh @@ -54,7 +54,7 @@ NC_CONFIG="$NC_PATH/config/config.php" NC_DB_USER="nextcloud_user" NC_DB="nextcloud_db" NC_DB_PASSWD="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)" -DIR_RECORD="$(grep -nr RECORDING /home/jibri/finalize_recording.sh|head -n1|cut -d "=" -f2)" +DIR_RECORD="$(awk -F '"' '/RECORDING/{print$2}' /home/jibri/finalize_recording.sh|awk 'NR==1{print$1}')" REDIS_CONF="/etc/redis/redis.conf" JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf" if [ -f $JITSI_MEET_PROXY ];then @@ -62,21 +62,21 @@ PREAD_PROXY=$(grep -nr "preread_server_name" $JITSI_MEET_PROXY | cut -d ":" -f1) fi PUBLIC_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)" ISO3166_CODE=TBD -NL="$(echo -e '\n> ')" +NL="$(printf '\n ')" while [[ "$ANS_NCD" != "yes" ]] do read -p "> Please set your domain (or subdomain) here for Nextcloud: (e.g.: cloud.domain.com)$NL" -r NC_DOMAIN if [ -z "$NC_DOMAIN" ];then - echo "-- This field is mandatory." + echo " - This field is mandatory." elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then - echo "-- You can not use the same domain for both, Jitsi Meet and JRA via Nextcloud." + echo " - You can not use the same domain for both, Jitsi Meet and JRA via Nextcloud." fi - read -p "> Did you mean?: $NC_DOMAIN (yes or no)"$'\n' -r ANS_NCD + read -p " > Did you mean?: $NC_DOMAIN (yes or no)$NL" -r ANS_NCD if [ "$ANS_NCD" = "yes" ]; then - echo "Alright, let's use $NC_DOMAIN." + echo " - Alright, let's use $NC_DOMAIN." else - echo "Please try again." + echo " - Please try again." fi done #Simple DNS test @@ -95,46 +95,48 @@ else fi NC_NGINX_CONF="/etc/nginx/sites-available/$NC_DOMAIN.conf" -while [[ -z "$NC_USER" ]] +while [ -z "$NC_USER" ] do read -p "Nextcloud user: " -r NC_USER if [ -z "$NC_USER" ]; then - echo "-- This field is mandatory." + echo " - This field is mandatory." fi done while [ -z "$NC_PASS" ] || [ ${#NC_PASS} -lt 6 ] do read -p "Nextcloud user password: " -r NC_PASS if [ -z "$NC_PASS" ] || [ ${#NC_PASS} -lt 6 ]; then - echo -e "-- This field is mandatory. \nPlease make sure it's at least 6 characters.\n" + echo -e " - This field is mandatory. \nPlease make sure it's at least 6 characters.\n" fi done #Enable HSTS -while [[ "$ENABLE_HSTS" != "yes" && "$ENABLE_HSTS" != "no" ]] +while [ "$ENABLE_HSTS" != "yes" ] && [ "$ENABLE_HSTS" != "no" ] do read -p "> Do you want to enable HSTS for this domain?: (yes or no) Be aware this option apply mid-term effects on the domain, choose \"no\" in case you don't know what you are doing. More at https://hstspreload.org/$NL" -r ENABLE_HSTS if [ "$ENABLE_HSTS" = "no" ]; then - echo "-- HSTS won't be enabled." + echo " - HSTS won't be enabled." elif [ "$ENABLE_HSTS" = "yes" ]; then - echo "-- HSTS will be enabled." + echo " - HSTS will be enabled." fi done echo -e "#Default country phone code\n > Starting at Nextcloud 21.x it's required to set a default country phone ISO 3166-1 alpha-2 code.\n >>> https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements <<<\n" +sleep .1 while [ ${#ISO3166_CODE} -gt 2 ]; do echo -e "Some examples might be: Germany > DE | Mexico > MX | Spain > ES | USA > US\n -Do you want to set such code for your installation?" && \ +Do you want to set such code for your installation?" +sleep .1 read -p "Leave empty if you don't want to set any: " -r ISO3166_CODE if [ ${#ISO3166_CODE} -gt 2 ]; then echo -e "\n-- This code is only 2 characters long, please check your input.\n" fi done - +sleep .1 echo -e "\n# Check for jitsi-meet/jibri\n" if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ] || \ [ -f /etc/prosody/conf.d/"$DOMAIN".conf ]; then @@ -251,7 +253,7 @@ systemctl restart php"$PHPVER"-fpm.service #-------------------------------------------------- echo -e "\n---- Creating the PgSQL DB & User ----" -cd /tmp || exit +cd /tmp || return sudo -u postgres psql < /tmp/"$STABLEVERSION".zip unzip -q /tmp/"$STABLEVERSION".zip mv nextcloud "$NC_PATH" @@ -452,9 +452,7 @@ mv nextcloud "$NC_PATH" chown -R www-data:www-data "$NC_PATH" chmod -R 755 "$NC_PATH" -echo " -Database installation... -" +echo -e "\nDatabase installation...\n" sudo -u www-data php "$NC_PATH"/occ maintenance:install \ --database=pgsql \ --database-name="$NC_DB" \ @@ -463,26 +461,22 @@ sudo -u www-data php "$NC_PATH"/occ maintenance:install \ --admin-user="$NC_USER" \ --admin-pass="$NC_PASS" -echo " -Apply custom mods... -" +echo -e "\nApply custom mods...\n" sed -i "/datadirectory/a \ \ \'skeletondirectory\' => \'\'," "$NC_CONFIG" sed -i "/skeletondirectory/a \ \ \'simpleSignUpLink.shown\' => false," "$NC_CONFIG" sed -i "/simpleSignUpLink.shown/a \ \ \'knowledgebaseenabled\' => false," "$NC_CONFIG" sed -i "s|http://localhost|http://$NC_DOMAIN|" "$NC_CONFIG" -echo "Add crontab..." +echo -e "\nAdd crontab...\n" crontab -u www-data -l | { cat; echo "*/5 * * * * php -f $NC_PATH/cron.php"; } | crontab -u www-data - -echo " -Add memcache support... -" +echo -e "\nAdd memcache support...\n" sed -i "s|# unixsocket .*|unixsocket /var/run/redis/redis.sock|g" "$REDIS_CONF" sed -i "s|# unixsocketperm .*|unixsocketperm 777|g" "$REDIS_CONF" sed -i "s|port 6379|port 0|" "$REDIS_CONF" systemctl restart redis-server -echo "--> Setting config.php..." +echo -e "\n--> Setting config.php...\n" if [ -n "$ISO3166_CODE" ]; then sed -i "/);/i \ \ 'default_phone_region' => '$ISO3166_CODE'," "$NC_CONFIG" fi @@ -497,11 +491,9 @@ sed -i "/);/i \ \ \ \ \ 'host' => '/var/run/redis/redis.sock'," "$NC_CONFIG" sed -i "/);/i \ \ \ \ \ 'port' => 0," "$NC_CONFIG" sed -i "/);/i \ \ \ \ \ 'timeout' => 0," "$NC_CONFIG" sed -i "/);/i \ \ )," "$NC_CONFIG" -echo "Done -" -echo " -Addding & Setting up Files External App for Local storage... -" +echo -e "Done\n" + +echo -e "\nAddding & Setting up Files External App for Local storage...\n" sudo -u www-data php "$NC_PATH"/occ app:install files_external sudo -u www-data php "$NC_PATH"/occ app:enable files_external sudo -u www-data php "$NC_PATH"/occ app:disable support @@ -511,20 +503,16 @@ usermod -a -G jibri www-data chmod -R 770 "$DIR_RECORD" chmod -R g+s "$DIR_RECORD" -echo " -Fixing possible missing tables... -" +echo -e "\nFixing possible missing tables...\n\n" echo "y"|sudo -u www-data php "$NC_PATH"/occ db:convert-filecache-bigint sudo -u www-data php "$NC_PATH"/occ db:add-missing-indices sudo -u www-data php "$NC_PATH"/occ db:add-missing-columns -echo " -Adding trusted domain... -" +echo -e "\nAdding trusted domain...\n" sudo -u www-data php "$NC_PATH"/occ config:system:set trusted_domains 0 --value="$NC_DOMAIN" -echo "Setting JRA domain on jitsi-updater.sh" -cd ~/quick-jibri-installer || exit +echo -e "\nSetting JRA domain on jitsi-updater.sh\n" +cd ~/quick-jibri-installer || return sed -i "s|NC_DOMAIN=.*|NC_DOMAIN=\"$NC_DOMAIN\"|" jitsi-updater.sh -echo "Quick Nextcloud installation complete!" +echo -e "\nQuick Nextcloud installation complete!\n" From f31bcbf57dd765272c629090666667a466925ce1 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 20 May 2022 18:21:28 -0500 Subject: [PATCH 24/39] Finally remove jigasi deprecated script. --- quick_jibri_installer.sh | 23 +---------------------- 1 file changed, 1 insertion(+), 22 deletions(-) diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index 5c93fe9..9e3f66c 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -810,15 +810,6 @@ sed -i "s|// liveStreamingEnabled: false,|liveStreamingEnabled: true,\\ \\ hiddenDomain: \'recorder.$DOMAIN\',|" "$MEET_CONF" -#Dropbox feature -#if [ "$ENABLE_DB" = "yes" ]; then -#DB_STR=$(grep -n "dropbox:" "$MEET_CONF" | cut -d ":" -f1) -#DB_END=$((DB_STR + 10)) -#sed -i "$DB_STR,$DB_END{s|// dropbox: {|dropbox: {|}" "$MEET_CONF" -#sed -i "$DB_STR,$DB_END{s|// appKey: ''|appKey: \'$DB_CID\'|}" "$MEET_CONF" -#sed -i "$DB_STR,$DB_END{s|// },|},|}" "$MEET_CONF" -#fi - #Setup main language if [ -z "$JB_LANG" ] || [ "$JB_LANG" = "en" ]; then echo "Leaving English (en) as default language..." @@ -1239,19 +1230,7 @@ if [ "$ENABLE_NC_ACCESS" = "yes" ]; then fi fi sleep .1 -} > >(tee -a qj-installer.log) 2> >(tee -a qj-installer.log >&2) -#Jigasi Transcript -if [ "$ENABLE_TRANSCRIPT" = "yes" ]; then - printf "\nJigasi Transcription will be enabled." - # ToDo: Analyze behavior on debug - #if [ "$MODE" = "debug" ]; then - # bash "$PWD"/jigasi.sh -m debug - #else - bash "$PWD"/jigasi.sh - #fi -fi -sleep .1 -{ + #Grafana Dashboard if [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then printf "\nGrafana Dashboard will be enabled." From fb24f69ec76c824d3fe6243f30baa83bad5cedfb Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 20 May 2022 18:22:46 -0500 Subject: [PATCH 25/39] Add comment on debconf state --- tools/start-over.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/start-over.sh b/tools/start-over.sh index 3b7441a..9c3f871 100644 --- a/tools/start-over.sh +++ b/tools/start-over.sh @@ -118,7 +118,7 @@ remove_residuals /usr/share/jitsi-* #Clean /etc/hosts sed -i "/$DOMAIN/d" /etc/hosts -#Purging debconf db +echo "#Purging debconf db" purge_debconf jicofo purge_debconf jigasi purge_debconf jitsi-meet From 58a663925f01d16653bc83443b8a3bff89e685d8 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 20 May 2022 19:29:04 -0500 Subject: [PATCH 26/39] Improve shell quality --- jitsi-updater.sh | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/jitsi-updater.sh b/jitsi-updater.sh index ea115f4..00747ae 100644 --- a/jitsi-updater.sh +++ b/jitsi-updater.sh @@ -28,18 +28,22 @@ ENABLE_BLESSM="TBD" CHD_LTST="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)" CHD_LTST_2D="$(echo "$CHD_LTST"|cut -d "." -f 1,2)" CHDB="$(whereis chromedriver | awk '{print$2}')" -DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" +DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua | \ + awk -F'.cfg' '!/localhost/{print $1}' | xargs basename)" NC_DOMAIN="TBD" JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf" if [ -f "$JITSI_MEET_PROXY" ];then -PREAD_PROXY=$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" -f1) +PREAD_PROXY="$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" -f1)" fi INT_CONF="/usr/share/jitsi-meet/interface_config.js" INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js" -jibri_packages="$(grep Package /var/lib/apt/lists/download.jitsi.org_*_Packages |sort -u|awk '{print $2}'|sed 's|jigasi||')" +read -r -a jibri_packages < <(grep Package /var/lib/apt/lists/download.jitsi.org_*_Packages | \ + sort -u | awk '{print $2}' | sed '/jigasi/d' | \ + xargs) AVATAR="$(grep -r avatar /etc/nginx/sites-*/ 2>/dev/null)" if [ -f "$apt_repo"/google-chrome.list ]; then - google_package=$(grep Package /var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages | sort -u | cut -d ' ' -f2) +read -r -a google_package < <(grep Package /var/lib/apt/lists/dl.google.com_*_Packages | \ + sort -u | awk '{print $2}' | xargs) else echo "Seems no Google repo installed" fi @@ -75,14 +79,14 @@ restart_services() { update_jitsi_repo() { apt-get update -o Dir::Etc::sourcelist="sources.list.d/jitsi-$1.list" \ -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" - apt-get install -qq --only-upgrade "$jibri_packages" + apt-get install -q2 --only-upgrade <<< printf "${jibri_packages[@]}" } update_google_repo() { if [ -f "$apt_repo"/google-chrome.list ]; then apt-get update -o Dir::Etc::sourcelist="sources.list.d/google-chrome.list" \ -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" - apt-get install -qq --only-upgrade "$google_package" + apt-get install -q2 --only-upgrade <<< printf "${google_package[@]}" else echo "No Google repository found" fi From 546fe2587fa07697747da4e4c324c3f6c8be7a68 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 20 May 2022 19:54:27 -0500 Subject: [PATCH 27/39] Update SwITNet copyright. Standarize debug option for scripts. --- README.md | 2 +- add-jibri-node.sh | 26 +++++++++++++------------- add-jvb2-node.sh | 29 +++++++++++++++-------------- etherpad-docker.sh | 10 +++++----- grafana.sh | 12 ++++++------ jitsi-updater.sh | 16 +++++++++++++++- jm-bm.sh | 16 +++++++++++++++- jra_nextcloud.sh | 13 +++++++------ mode/chp-mode.sh | 16 ++++++++-------- mode/grid/selenium-grid-docker.sh | 16 +++++++++++++++- mode/jms-stu.sh | 30 +++++++++++++++--------------- mode/jwt.sh | 17 ++++++++++++++++- quick_jibri_installer.sh | 12 ++++++------ tools/aws-grub-setup.sh | 14 ++++++++++++++ tools/fail2ban_ssh.sh | 4 ++-- tools/jibri-conf-upgrade.sh | 4 ++-- tools/jibri-resolution-enhancer.sh | 14 +++++++------- tools/start-over.sh | 14 +++++++------- tools/test-jibri-env.sh | 4 ++-- 19 files changed, 171 insertions(+), 98 deletions(-) diff --git a/README.md b/README.md index 5a041c3..41af906 100644 --- a/README.md +++ b/README.md @@ -119,4 +119,4 @@ Feel free to use our `test-jibri-env.sh` tool to find some details on your curre Please note: This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY. -SwITNet Ltd © - 2021, https://switnet.net/ +SwITNet Ltd © - 2022, https://switnet.net/ diff --git a/add-jibri-node.sh b/add-jibri-node.sh index 6738bbd..6ae2fc5 100644 --- a/add-jibri-node.sh +++ b/add-jibri-node.sh @@ -1,26 +1,19 @@ #!/bin/bash # Jibri Node Aggregator -# SwITNet Ltd © - 2021, https://switnet.net/ +# SwITNet Ltd © - 2022, https://switnet.net/ # GPLv3 or later. ### 0_LAST EDITION TIME STAMP ### # LETS: AUTOMATED_EDITION_TIME ### 1_LAST EDITION ### -#Make sure the file name is the required one -if [ ! "$(basename "$0")" = "add-jibri-node.sh" ]; then - echo "For most cases naming won't matter, for this one it does." - echo "Please use the original name for this script: \`add-jibri-node.sh', and run again." - exit -fi - while getopts m: option do - case "${option}" - in - m) MODE=${OPTARG};; - \?) echo "Usage: sudo ./add_jibri_node.sh [-m debug]" && exit;; - esac + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; + esac done #DEBUG @@ -28,6 +21,13 @@ if [ "$MODE" = "debug" ]; then set -x fi +#Make sure the file name is the required one +if [ ! "$(basename "$0")" = "add-jibri-node.sh" ]; then + echo "For most cases naming won't matter, for this one it does." + echo "Please use the original name for this script: \`add-jibri-node.sh', and run again." + exit +fi + #Check admin rights if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have sudo privileges!" diff --git a/add-jvb2-node.sh b/add-jvb2-node.sh index d85a120..d94ab67 100644 --- a/add-jvb2-node.sh +++ b/add-jvb2-node.sh @@ -1,12 +1,26 @@ #!/bin/bash # JVB2 Node Aggregator -# SwITNet Ltd © - 2021, https://switnet.net/ +# SwITNet Ltd © - 2022, https://switnet.net/ # GPLv3 or later. ### 0_LAST EDITION TIME STAMP ### # LETS: AUTOMATED_EDITION_TIME ### 1_LAST EDITION ### +while getopts m: option +do + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; + esac +done + +#DEBUG +if [ "$MODE" = "debug" ]; then +set -x +fi + #Make sure the file name is the required one if [ ! "$(basename "$0")" = "add-jvb2-node.sh" ]; then echo "For most cases naming won't matter, for this one it does." @@ -14,19 +28,6 @@ if [ ! "$(basename "$0")" = "add-jvb2-node.sh" ]; then exit fi -while getopts m: option -do - case "${option}" - in - m) MODE=${OPTARG};; - \?) echo "Usage: sudo ./add-jvb2-node.sh [-m debug]" && exit;; - esac -done - -#DEBUG -if [ "$MODE" = "debug" ]; then -set -x -fi #Check admin rights if ! [ "$(id -u)" = 0 ]; then diff --git a/etherpad-docker.sh b/etherpad-docker.sh index cde6471..e78be9c 100644 --- a/etherpad-docker.sh +++ b/etherpad-docker.sh @@ -6,11 +6,11 @@ while getopts m: option do - case "${option}" - in - m) MODE=${OPTARG};; - \?) echo "Usage: sudo ./etherpad-docker.sh [-m debug]" && exit;; - esac + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; + esac done #DEBUG diff --git a/grafana.sh b/grafana.sh index 173146f..029a9a8 100644 --- a/grafana.sh +++ b/grafana.sh @@ -8,17 +8,17 @@ # by "mephisto" # # Igor Kerstges © - 2021 -# SwITNet Ltd © - 2021, https://switnet.net/ +# SwITNet Ltd © - 2022, https://switnet.net/ # # GPLv3 or later. while getopts m: option do - case "${option}" - in - m) MODE=${OPTARG};; - \?) echo "Usage: sudo ./grafana.sh [-m debug]" && exit;; - esac + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; + esac done #DEBUG diff --git a/jitsi-updater.sh b/jitsi-updater.sh index 00747ae..faefc4a 100644 --- a/jitsi-updater.sh +++ b/jitsi-updater.sh @@ -1,9 +1,23 @@ #!/bin/bash # Jitsi Meet recurring upgrader and customization keeper # for Debian/*buntu binaries. -# SwITNet Ltd © - 2021, https://switnet.net/ +# SwITNet Ltd © - 2022, https://switnet.net/ # GNU GPLv3 or later. +while getopts m: option +do + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; + esac +done + +#DEBUG +if [ "$MODE" = "debug" ]; then +set -x +fi + Blue='\e[0;34m' Purple='\e[0;35m' Green='\e[0;32m' diff --git a/jm-bm.sh b/jm-bm.sh index 156259a..d5bc4dc 100644 --- a/jm-bm.sh +++ b/jm-bm.sh @@ -1,9 +1,23 @@ #!/bin/bash # Jitsi Meet brandless mode # for Debian/*buntu binaries. -# SwITNet Ltd © - 2021, https://switnet.net/ +# SwITNet Ltd © - 2022, https://switnet.net/ # GNU GPLv3 or later. +while getopts m: option +do + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; + esac +done + +#DEBUG +if [ "$MODE" = "debug" ]; then +set -x +fi + DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" CSS_FILE="/usr/share/jitsi-meet/css/all.css" TITLE_FILE="/usr/share/jitsi-meet/title.html" diff --git a/jra_nextcloud.sh b/jra_nextcloud.sh index 9b548c0..e21e8a8 100644 --- a/jra_nextcloud.sh +++ b/jra_nextcloud.sh @@ -1,14 +1,15 @@ #!/bin/bash # JRA (Jibri Recordings Access) via Nextcloud -# SwITNet Ltd © - 2021, https://switnet.net/ +# SwITNet Ltd © - 2022, https://switnet.net/ # GPLv3 or later. + while getopts m: option do - case "${option}" - in - m) MODE=${OPTARG};; - \?) echo "Usage: sudo ./jra_nextcloud.sh [-m debug]" && exit;; - esac + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; + esac done #DEBUG diff --git a/mode/chp-mode.sh b/mode/chp-mode.sh index dc6e85c..8c7f829 100644 --- a/mode/chp-mode.sh +++ b/mode/chp-mode.sh @@ -1,20 +1,14 @@ #!/bin/bash # Custom High Performance Jitsi conf -# SwITNet Ltd © - 2021, https://switnet.net/ +# SwITNet Ltd © - 2022, https://switnet.net/ # GPLv3 or later. -#Check if user is root -if ! [ "$(id -u)" = 0 ]; then - echo "You need to be root or have privileges!" - exit 0 -fi - while getopts m: option do case "${option}" in m) MODE=${OPTARG};; - \?) echo "Usage: sudo ./chp-mode.sh [-m debug]" && exit;; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; esac done @@ -23,6 +17,12 @@ if [ "$MODE" = "debug" ]; then set -x fi +#Check if user is root +if ! [ "$(id -u)" = 0 ]; then + echo "You need to be root or have privileges!" + exit 0 +fi + wait_seconds() { secs=$(($1)) while [ $secs -gt 0 ]; do diff --git a/mode/grid/selenium-grid-docker.sh b/mode/grid/selenium-grid-docker.sh index 70fe75f..868efd4 100644 --- a/mode/grid/selenium-grid-docker.sh +++ b/mode/grid/selenium-grid-docker.sh @@ -1,9 +1,23 @@ #!/bin/bash # Custom Selenium Grid-Node fro Jitsi Meet # Pandian © - https://community.jitsi.org/u/Pandian -# SwITNet Ltd © - 2021, https://switnet.net/ +# SwITNet Ltd © - 2022, https://switnet.net/ # GPLv3 or later. +while getopts m: option +do + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; + esac +done + +#DEBUG +if [ "$MODE" = "debug" ]; then +set -x +fi + #Check if user is root if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have sudo privileges!" diff --git a/mode/jms-stu.sh b/mode/jms-stu.sh index eface47..2eb4e2d 100644 --- a/mode/jms-stu.sh +++ b/mode/jms-stu.sh @@ -2,24 +2,29 @@ # System-tune-up to remove system software restrictions on a huge load of connections. # Be aware that hardware/infrastructure resources are the most common limiters. # -# SwITNet Ltd © - 2021, https://switnet.net/ +# SwITNet Ltd © - 2022, https://switnet.net/ # GPLv3 or later. +while getopts m: option +do + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; + esac +done + +#DEBUG +if [ "$MODE" = "debug" ]; then +set -x +fi + #Check if user is root if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have privileges!" exit 0 fi -while getopts m: option -do - case "${option}" - in - m) MODE=${OPTARG};; - \?) echo "Usage: sudo ./jms-stu.sh [-m debug]" && exit;; - esac -done - echo ' #-------------------------------------------------- # Starting system tune up configuration @@ -27,11 +32,6 @@ echo ' #-------------------------------------------------- ' -#DEBUG -if [ "$MODE" = "debug" ]; then -set -x -fi - set_once_hash_comment() { if ! awk '!/^ *#/ && NF {print}' "$2"|grep -q "$(awk -F '=' '{print$1}' <<< "$1")" ; then echo "Setting $1 on $2..." diff --git a/mode/jwt.sh b/mode/jwt.sh index 92c6bbb..73dc381 100644 --- a/mode/jwt.sh +++ b/mode/jwt.sh @@ -1,7 +1,22 @@ #!/bin/bash # JWT Mode Setup -# SwITNet Ltd © - 2021, https://switnet.net/ +# SwITNet Ltd © - 2022, https://switnet.net/ # GPLv3 or later. + +while getopts m: option +do + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; + esac +done + +#DEBUG +if [ "$MODE" = "debug" ]; then +set -x +fi + DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js" JICOFO_SIP="/etc/jitsi/jicofo/sip-communicator.properties" diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index 9e3f66c..0aff27c 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -1,17 +1,17 @@ #!/bin/bash # Quick Jibri Installer - *buntu (LTS) based systems. -# SwITNet Ltd © - 2021, https://switnet.net/ +# SwITNet Ltd © - 2022, https://switnet.net/ # GPLv3 or later. { echo "Started at $(date +'%Y-%m-%d %H:%M:%S')" >> qj-installer.log while getopts m: option do - case "${option}" - in - m) MODE=${OPTARG};; - \?) echo "Usage: sudo ./quick_jibri_installer.sh [-m debug]" && exit;; - esac + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; + esac done #DEBUG diff --git a/tools/aws-grub-setup.sh b/tools/aws-grub-setup.sh index 20eda57..f485fdb 100644 --- a/tools/aws-grub-setup.sh +++ b/tools/aws-grub-setup.sh @@ -3,6 +3,20 @@ # SwITNet Ltd © - 2022, https://switnet.net/ # GPLv3 or later. +while getopts m: option +do + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; + esac +done + +#DEBUG +if [ "$MODE" = "debug" ]; then +set -x +fi + wait_seconds() { secs=$(($1)) while [ $secs -gt 0 ]; do diff --git a/tools/fail2ban_ssh.sh b/tools/fail2ban_ssh.sh index 35d2186..6e03f03 100644 --- a/tools/fail2ban_ssh.sh +++ b/tools/fail2ban_ssh.sh @@ -1,6 +1,6 @@ #!/bin/bash # Simple Fail2ban configuration -# SwITNet Ltd © - 2021, https://switnet.net/ +# SwITNet Ltd © - 2022, https://switnet.net/ # GNU GPLv3 or later. while getopts m: option @@ -8,7 +8,7 @@ do case "${option}" in m) MODE=${OPTARG};; - \?) echo "Usage: sudo ./fail2ban_ssh.sh [-m debug]" && exit;; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; esac done diff --git a/tools/jibri-conf-upgrade.sh b/tools/jibri-conf-upgrade.sh index 654fa63..efebb74 100644 --- a/tools/jibri-conf-upgrade.sh +++ b/tools/jibri-conf-upgrade.sh @@ -1,6 +1,6 @@ #!/bin/bash # Simple Jibri conf updater -# SwITNet Ltd © - 2021, https://switnet.net/ +# SwITNet Ltd © - 2022, https://switnet.net/ # GNU GPLv3 or later. while getopts m: option @@ -8,7 +8,7 @@ do case "${option}" in m) MODE=${OPTARG};; - \?) echo "Usage: sudo ./test-jibri-env.sh [-m debug]" && exit;; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; esac done diff --git a/tools/jibri-resolution-enhancer.sh b/tools/jibri-resolution-enhancer.sh index 24eb78c..4503ecb 100644 --- a/tools/jibri-resolution-enhancer.sh +++ b/tools/jibri-resolution-enhancer.sh @@ -1,20 +1,20 @@ #!/bin/bash # Simple Jibri resolution enhancer -# SwITNet Ltd © - 2021, https://switnet.net/ +# SwITNet Ltd © - 2022, https://switnet.net/ # GNU GPLv3 or later. while getopts m: option do - case "${option}" - in - m) MODE=${OPTARG};; - \?) echo "Usage: sudo ./jibri-resolution-enhancer.sh [-m debug]" && exit;; - esac + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; + esac done #DEBUG if [ "$MODE" = "debug" ]; then - set -x +set -x fi #Check if user is root diff --git a/tools/start-over.sh b/tools/start-over.sh index 9c3f871..256bb54 100644 --- a/tools/start-over.sh +++ b/tools/start-over.sh @@ -1,20 +1,20 @@ #!/bin/bash #Start over -# SwITNet Ltd © - 2021, https://switnet.net/ +# SwITNet Ltd © - 2022, https://switnet.net/ # GPLv3 or later. while getopts m: option do - case "${option}" - in - m) MODE=${OPTARG};; - \?) echo "Usage: sudo ./start-over.sh [-m debug]" && exit;; - esac + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; + esac done #DEBUG if [ "$MODE" = "debug" ]; then - set -x +set -x fi #Check if user is root diff --git a/tools/test-jibri-env.sh b/tools/test-jibri-env.sh index 39e1a0a..9feffee 100644 --- a/tools/test-jibri-env.sh +++ b/tools/test-jibri-env.sh @@ -1,6 +1,6 @@ #!/bin/bash # Simple Jibri Env tester -# SwITNet Ltd © - 2021, https://switnet.net/ +# SwITNet Ltd © - 2022, https://switnet.net/ # GNU GPLv3 or later. while getopts m: option @@ -8,7 +8,7 @@ do case "${option}" in m) MODE=${OPTARG};; - \?) echo "Usage: sudo ./test-jibri-env.sh [-m debug]" && exit;; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; esac done From b63021a76d7168415ed033209d745b49cc4b3596 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Mon, 23 May 2022 23:06:58 -0500 Subject: [PATCH 28/39] Fix debug mode on triggered scripts. Fix grep condition. --- jitsi-updater.sh | 6 +++++- jm-bm.sh | 2 +- quick_jibri_installer.sh | 12 ++++++++++-- 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/jitsi-updater.sh b/jitsi-updater.sh index faefc4a..7b4196f 100644 --- a/jitsi-updater.sh +++ b/jitsi-updater.sh @@ -207,6 +207,10 @@ restart_services # Brandless mode # ######################################################################## if [ "$ENABLE_BLESSM" = "on" ]; then - bash "$PWD"/jm-bm.sh + if [ "$MODE" = "debug" ]; then + bash "$PWD"/jm-bm.sh -m debug + else + bash "$PWD"/jm-bm.sh + fi fi printwc "${Blue}" "Script completed \o/!\n" diff --git a/jm-bm.sh b/jm-bm.sh index d5bc4dc..39a6dca 100644 --- a/jm-bm.sh +++ b/jm-bm.sh @@ -67,7 +67,7 @@ sed -i "s|jitsilogo.png|watermark2.png|g" "$TITLE_FILE" sed -i "s|logo-deep-linking.png|watermark2.png|g" "$BUNDLE_JS" sed -i "s|jitsiLogo_square.png|gnome_record.png|g" "$BUNDLE_JS" #Disable logo and url -if ! grep -nr ".leftwatermark{display:none" "$CSS_FILE" ; then +if ! grep -q ".leftwatermark{display:none" "$CSS_FILE" ; then sed -i "s|.leftwatermark{|.leftwatermark{display:none;|" "$CSS_FILE" fi diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index 0aff27c..da32c76 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -1092,7 +1092,11 @@ sleep .1 ###JWT if [ "$ENABLE_JWT" = "yes" ]; then printf "\nJWT auth is being setup...\n" - bash "$PWD"/mode/jwt.sh + if [ "$MODE" = "debug" ]; then + bash "$PWD"/mode/jwt.sh -m debug + else + bash "$PWD"/mode/jwt.sh + fi fi sleep .1 #Guest allow @@ -1201,7 +1205,11 @@ fi if [ "$ENABLE_BLESSM" = "yes" ]; then echo "Custom brandless mode will be enabled." sed -i "s|ENABLE_BLESSM=.*|ENABLE_BLESSM=\"on\"|" jitsi-updater.sh - bash "$PWD"/jm-bm.sh + if [ "$MODE" = "debug" ]; then + bash "$PWD"/jm-bm.sh -m debug + else + bash "$PWD"/jm-bm.sh + fi fi # Applying best practives for interface config.js From 48e798d0b1a5ba5e54dcd28157678c970a87af93 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 17 Jun 2022 16:30:30 -0500 Subject: [PATCH 29/39] Detect jibri node by jitsi-updater. --- jitsi-updater.sh | 58 +++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 50 insertions(+), 8 deletions(-) diff --git a/jitsi-updater.sh b/jitsi-updater.sh index 7b4196f..3bee66a 100644 --- a/jitsi-updater.sh +++ b/jitsi-updater.sh @@ -20,6 +20,7 @@ fi Blue='\e[0;34m' Purple='\e[0;35m' +Red='\e[0;31m' Green='\e[0;32m' Yellow='\e[0;33m' Color_Off='\e[0m' @@ -40,10 +41,14 @@ support="https://switnet.net/support" apt_repo="/etc/apt/sources.list.d" ENABLE_BLESSM="TBD" CHD_LTST="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)" -CHD_LTST_2D="$(echo "$CHD_LTST"|cut -d "." -f 1,2)" +CHD_LTST_2D="$(cut -d "." -f 1,2 <<< "$CHD_LTST")" CHDB="$(whereis chromedriver | awk '{print$2}')" +if [ -d /etc/prosody/conf.d/ ]; then DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua | \ awk -F'.cfg' '!/localhost/{print $1}' | xargs basename)" +else + echo -e "Seems no prosody is installed...\n > is this a jibri node?" +fi NC_DOMAIN="TBD" JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf" if [ -f "$JITSI_MEET_PROXY" ];then @@ -65,13 +70,13 @@ if [ -z "$CHDB" ]; then echo "Seems no chromedriver installed" else CHD_VER_LOCAL="$($CHDB -v | awk '{print $2}')" - CHD_VER_2D="$(echo "$CHD_VER_LOCAL"|awk '{printf "%.1f\n", $NF}')" + CHD_VER_2D="$(awk '{printf "%.1f\n", $NF}' <<< "$CHD_VER_LOCAL")" fi # True if $1 is greater than $2 version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; } -check_jibri() { +restart_jibri() { if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ] then systemctl restart jibri @@ -86,7 +91,7 @@ fi restart_services() { systemctl restart jitsi-videobridge2 systemctl restart jicofo - check_jibri + restart_jibri systemctl restart prosody } @@ -105,7 +110,13 @@ update_google_repo() { echo "No Google repository found" fi } -GOOGL_VER_2D="$(/usr/bin/google-chrome --version|awk '{printf "%.1f\n", $NF}')" +printwc "${Purple}" "Checking for Google Chrome\n" +if [ -f /usr/bin/google-chrome ]; then + GOOGL_VER_2D="$(/usr/bin/google-chrome --version|awk '{printf "%.1f\n", $NF}')" +else + printwc "${Yellow}" " -> Seems there is no Google Chrome installed\n" + IS_GLG_CHRM="no" +fi upgrade_cd() { if [ -n "$GOOGL_VER_2D" ]; then if version_gt "$GOOGL_VER_2D" "$CHD_VER_2D" ; then @@ -139,6 +150,7 @@ if [ -f "$CHDB" ]; then upgrade_cd else printwc "${Yellow}" " -> Seems there is no Chromedriver installed\n" + IS_CHDB="no" fi } @@ -155,6 +167,21 @@ else echo "Please check your repositories, something is not right." exit 1 fi +check_if_installed(){ +if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then + echo "1" +else + echo "0" +fi +} +check_for_jibri_node() { +if [ "$(check_if_installed jibri)" = 1 ] && \ + [ "$(check_if_installed jitsi-meet)" = 0 ] && \ + [ "$(check_if_installed prosody)" = 0 ]; then + printwc "${Green}" "\n::: This seems to be a jibri node :::\n" +JIBRI_NODE="yes" +fi +} # Any customization, image, name or link change for any purpose should # be documented here so new updates won't remove those changes. # We divide them on UI changes and branding changes, feel free to adapt @@ -165,13 +192,16 @@ fi ######################################################################## # User interface changes # ######################################################################## +#Check for jibri node +check_for_jibri_node +[ "$JIBRI_NODE" != yes ] && \ if [ -f "$INT_CONF_ETC" ]; then echo "Static interface_config.js exists, skipping modification..." else echo "This setup doesn't have a static interface_config.js, checking changes..." printwc "${Purple}" "========== Setting Static Avatar ==========\n" - if [[ -z "$AVATAR" ]]; then + if [ -z "$AVATAR" ]; then echo "Moving on..." else echo "Setting Static Avatar" @@ -179,7 +209,7 @@ else sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" "$INT_CONF" fi printwc "${Purple}" "========== Setting Support Link ==========\n" - if [[ -z "$support" ]]; then + if [ -z "$support" ]; then echo "Moving on..." else echo "Setting Support custom link" @@ -189,6 +219,7 @@ else sed -i "s|'videobackgroundblur', ||" "$INT_CONF" fi +[ "$JIBRI_NODE" != yes ] && \ if [ "$NC_DOMAIN" != "TBD" ]; then printwc "${Purple}" "========== Enable $NC_DOMAIN for sync client ==========\n" if [ -z "$PREAD_PROXY" ]; then @@ -201,8 +232,19 @@ printwc "${Purple}" "========== Enable $NC_DOMAIN for sync client ==========\n" echo "$NC_DOMAIN seems to be on place, skipping..." fi fi -restart_services +if [ "$JIBRI_NODE" = "yes" ]; then + restart_jibri +else + restart_services +fi +if [ "$JIBRI_NODE" = "yes" ] && \ + [ "$IS_CHDB" = "no" ] && \ + [ "$IS_GLG_CHRM" = "no" ];then +printwc "${Red}" "\nBeware: This jibri node seems to be missing important packages.\n" +echo " > Googe Chrome" +echo " > Chromedriver" +fi ######################################################################## # Brandless mode # ######################################################################## From 7e37382c4d13f0f1e521df8c8879899210488461 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Thu, 23 Jun 2022 12:44:26 -0500 Subject: [PATCH 30/39] jitsi-updater: fix condition to set turn config. --- jitsi-updater.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jitsi-updater.sh b/jitsi-updater.sh index 3bee66a..b1af3f4 100644 --- a/jitsi-updater.sh +++ b/jitsi-updater.sh @@ -222,7 +222,7 @@ fi [ "$JIBRI_NODE" != yes ] && \ if [ "$NC_DOMAIN" != "TBD" ]; then printwc "${Purple}" "========== Enable $NC_DOMAIN for sync client ==========\n" - if [ -z "$PREAD_PROXY" ]; then + if [ -f "$JITSI_MEET_PROXY" ] && [ -z "$PREAD_PROXY" ]; then printf "\n Setting up Nextcloud domain on Jitsi Meet turn proxy\n\n" sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" "$JITSI_MEET_PROXY" sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" "$JITSI_MEET_PROXY" From d2519be97754a4c12909f2fa6dd21c7952788fde Mon Sep 17 00:00:00 2001 From: Ark74 Date: Thu, 23 Jun 2022 12:45:38 -0500 Subject: [PATCH 31/39] quick-jibri-installer: fix typo on path. --- quick_jibri_installer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index da32c76..061f4d9 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -425,7 +425,7 @@ else unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/ chown root:root /usr/local/bin/chromedriver chmod 0755 /usr/local/bin/chromedriver - rm -rf /tpm/chromedriver_linux64.zip + rm -rf /tmp/chromedriver_linux64.zip fi printf "\nCheck Google Software Working...\n" From 84af61598f2b1c0b3b7004f802067c87b10f7aad Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 19 Aug 2022 06:35:49 -0500 Subject: [PATCH 32/39] quick_jibri_installer.sh,jwt.sh: update anonymous string on prosody setup. fix small format issues. --- mode/jwt.sh | 2 +- quick_jibri_installer.sh | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/mode/jwt.sh b/mode/jwt.sh index 73dc381..9c3ae62 100644 --- a/mode/jwt.sh +++ b/mode/jwt.sh @@ -54,7 +54,7 @@ apt-get install -y jitsi-meet-tokens #Setting up sed -i "s|c2s_require_encryption = true|c2s_require_encryption = false|" "$PROSODY_SYS" #- -sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"token\"|}" "$PROSODY_FILE" +sed -i "$SRP_STR,$SRP_END{s|authentication = \"jitsi-anonymous\"|authentication = \"token\"|}" "$PROSODY_FILE" sed -i "s|--app_id=\"example_app_id\"|app_id=\"$APP_ID\"|" "$PROSODY_FILE" sed -i "s|--app_secret=\"example_app_secret\"|app_secret=\"$SECRET_APP\"|" "$PROSODY_FILE" sed -i "/app_secret/a \\\\" "$PROSODY_FILE" diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index 061f4d9..87f2c1a 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -172,13 +172,13 @@ if [ "$DIST" = "bionic" ]; then fi #Check system resources -echo "Verifying System Resources:" +printf "\n\nVerifying System Resources:" if [ "$(nproc --all)" -lt 4 ];then printf "\nWarning!: The system do not meet the minimum CPU requirements for Jibri to run." - printf "\n>> We recommend 4 cores/threads for Jibri!\n\n" + printf "\n>> We recommend 4 cores/threads for Jibri!\n" CPU_MIN="N" else - printf "\nCPU Cores/Threads: OK (%s)\n\n" "$(nproc --all)" + printf "\nCPU Cores/Threads: OK (%s)\n" "$(nproc --all)" CPU_MIN="Y" fi sleep .1 @@ -189,7 +189,7 @@ if [ "$mem_available" -lt 7700000 ]; then printf "\n>> We recommend 8GB RAM for Jibri!\n\n" MEM_MIN="N" else - printf "\nMemory: OK (%s) MiB)\n\n" "$(mem_available/1024)" + printf "\nMemory: OK (%s) MiB\n\n" "$((mem_available/1024))" MEM_MIN="Y" fi sleep .1 @@ -1058,7 +1058,7 @@ if [ "$ENABLE_SA" = "yes" ] && [ -f "$WS_CONF" ]; then fi #nginx -tlsv1/1.1 if [ "$DROP_TLS1" = "yes" ];then - printf "\nDropping TLSv1/1.1\\nn" + printf "\nDropping TLSv1/1.1\n\n" sed -i "s|TLSv1 TLSv1.1||" /etc/nginx/nginx.conf elif [ "$DROP_TLS1" = "no" ];then printf "\nNo TLSv1/1.1 dropping was done.\n\n" @@ -1073,7 +1073,7 @@ sleep .1 if [ "$ENABLE_SC" = "yes" ]; then SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" "$PROSODY_FILE" | awk -F ':' 'NR==1{print$1}') SRP_END=$((SRP_STR + 10)) - sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"internal_hashed\"|}" "$PROSODY_FILE" + sed -i "$SRP_STR,$SRP_END{s|authentication = \"jitsi-anonymous\"|authentication = \"internal_hashed\"|}" "$PROSODY_FILE" sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" "$MEET_CONF" #Secure room initial user From 813083692c23a845cdf4fc25374d0dd822e3413a Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 19 Aug 2022 07:20:44 -0500 Subject: [PATCH 33/39] quick_jibri_installer.sh: use new setup to enable localrecording feature. --- quick_jibri_installer.sh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index 87f2c1a..24c7b2b 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -300,7 +300,7 @@ sleep .1 #Sysadmin email while [ -z "$SYSADMIN_EMAIL" ] do - read -p " > Set sysadmin email (this is a mandatory field):$NL" -r SYSADMIN_EMAIL + read -p "$NL > Set sysadmin email (this is a mandatory field):$NL" -r SYSADMIN_EMAIL done sleep .1 #Simple DNS test @@ -805,7 +805,10 @@ BREWERY # Jibri tweaks for /etc/jitsi/meet/$DOMAIN-config.js sed -i "s|conference.$DOMAIN|internal.auth.$DOMAIN|" "$MEET_CONF" -sed -i "s|// fileRecordingsEnabled: false,|fileRecordingsEnabled: true,| " "$MEET_CONF" +#New recording implementation. +sed -i "s|// recordingService:|recordingService:|" "$MEET_CONF" +sed -i "/recordingService/,/hideStorageWarning/s|// enabled: false,| enabled: true,|" "$MEET_CONF" +sed -i "/hideStorageWarning: false/,/Local recording configuration/s|// },|},|" "$MEET_CONF" sed -i "s|// liveStreamingEnabled: false,|liveStreamingEnabled: true,\\ \\ hiddenDomain: \'recorder.$DOMAIN\',|" "$MEET_CONF" From a61b60ff1675185b2e152ed1117a290e38ef0f24 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 19 Aug 2022 07:45:59 -0500 Subject: [PATCH 34/39] jm-bm.sh: update recordd icon --- jm-bm.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jm-bm.sh b/jm-bm.sh index 39a6dca..9fb3a9e 100644 --- a/jm-bm.sh +++ b/jm-bm.sh @@ -65,7 +65,7 @@ sed -i "s|watermark.png|watermark2.png|g" "$CSS_FILE" sed -i "s|favicon.ico|favicon2.ico|g" "$TITLE_FILE" sed -i "s|jitsilogo.png|watermark2.png|g" "$TITLE_FILE" sed -i "s|logo-deep-linking.png|watermark2.png|g" "$BUNDLE_JS" -sed -i "s|jitsiLogo_square.png|gnome_record.png|g" "$BUNDLE_JS" +sed -i "s|icon-cloud.png|gnome_record.png|g" "$BUNDLE_JS" #Disable logo and url if ! grep -q ".leftwatermark{display:none" "$CSS_FILE" ; then sed -i "s|.leftwatermark{|.leftwatermark{display:none;|" "$CSS_FILE" From 1e8c128c9d7354ac9a3c279e1c316198326c8cad Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 30 Sep 2022 03:57:55 -0500 Subject: [PATCH 35/39] jitsi-updater.sh: fix jitsi repo package update filtering. --- jitsi-updater.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jitsi-updater.sh b/jitsi-updater.sh index b1af3f4..29af11d 100644 --- a/jitsi-updater.sh +++ b/jitsi-updater.sh @@ -56,7 +56,7 @@ PREAD_PROXY="$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" - fi INT_CONF="/usr/share/jitsi-meet/interface_config.js" INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js" -read -r -a jibri_packages < <(grep Package /var/lib/apt/lists/download.jitsi.org_*_Packages | \ +read -r -a jibri_packages < <(grep ^Package /var/lib/apt/lists/download.jitsi.org_*_Packages | \ sort -u | awk '{print $2}' | sed '/jigasi/d' | \ xargs) AVATAR="$(grep -r avatar /etc/nginx/sites-*/ 2>/dev/null)" From f5ebfd0e8e42904355127a7fc4ee552ac9ee3818 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Fri, 30 Sep 2022 04:00:42 -0500 Subject: [PATCH 36/39] jitsi-updater.sh: fix jitsi repo package update filtering. --- jitsi-updater.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jitsi-updater.sh b/jitsi-updater.sh index 29af11d..cbac459 100644 --- a/jitsi-updater.sh +++ b/jitsi-updater.sh @@ -61,7 +61,7 @@ read -r -a jibri_packages < <(grep ^Package /var/lib/apt/lists/download.jitsi.or xargs) AVATAR="$(grep -r avatar /etc/nginx/sites-*/ 2>/dev/null)" if [ -f "$apt_repo"/google-chrome.list ]; then -read -r -a google_package < <(grep Package /var/lib/apt/lists/dl.google.com_*_Packages | \ +read -r -a google_package < <(grep ^Package /var/lib/apt/lists/dl.google.com_*_Packages | \ sort -u | awk '{print $2}' | xargs) else echo "Seems no Google repo installed" From c14bca2b3f13b94a0722026374379680c29403e8 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Sun, 23 Oct 2022 22:43:33 -0500 Subject: [PATCH 37/39] quick_jibri_installer.sh: Decline JaaS ofering by default. --- quick_jibri_installer.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index 24c7b2b..93f8aef 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -371,6 +371,7 @@ if [ "$LE_SSL" = "yes" ]; then echo "set jitsi-meet/cert-choice select Generate a new self-signed certificate (You will later get a chance to obtain a Let's encrypt certificate)" | debconf-set-selections echo "jitsi-videobridge2 jitsi-videobridge/jvb-hostname string $JITSI_DOMAIN" | debconf-set-selections fi +echo "jitsi-meet-web-config jitsi-meet/jaas-choice boolean false" | debconf-set-selections apt-get -y install \ jitsi-meet \ jibri \ From 62f0aef13ac3a2e94a6646b5732b6bb352e7ab2e Mon Sep 17 00:00:00 2001 From: Ark74 Date: Sun, 23 Oct 2022 23:44:48 -0500 Subject: [PATCH 38/39] quick_jibri_installer.sh: fix some readability issues. --- quick_jibri_installer.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index 93f8aef..b4c6238 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -199,6 +199,7 @@ if [ "$CPU_MIN" = "Y" ] && [ "$MEM_MIN" = "Y" ];then else printf "CPU (%s)/RAM (%s MiB) does NOT meet minimum recommended requirements!" "$(nproc --all)" "$((mem_available/1024))" printf "\nEven when you can use the videoconferencing sessions, we advice to increase the resources in order to user Jibri.\n\n" +sleep .1 while [ "$CONTINUE_LOW_RES" != "yes" ] && [ "$CONTINUE_LOW_RES" != "no" ] do read -p "> Do you want to continue?: (yes or no)$NL" -r CONTINUE_LOW_RES @@ -206,8 +207,8 @@ else echo " - See you next time with more resources!..." exit elif [ "$CONTINUE_LOW_RES" = "yes" ]; then - printf " - We highly recommend to increase the server resources." - printf " - Otherwise, please think about adding dedicated jibri nodes instead.\n" + printf "\n - We highly recommend to increase the server resources." + printf "\n - Otherwise, please think about adding dedicated jibri nodes instead.\n\n" fi done fi @@ -253,7 +254,7 @@ do This is an unsupported use, as it will likely BREAK YOUR SYSTEM, so please don't." "$de" exit else - printf " > No standard desktop environment for user oriented porpuse detected, continuing...\n\n" + printf " > No standard desktop environment for user oriented porpuse detected, good!, continuing...\n\n" fi done sleep .1 From 87092a8f0d116734fb795cd58363f970ed005b7b Mon Sep 17 00:00:00 2001 From: Ark74 Date: Sun, 23 Oct 2022 23:47:43 -0500 Subject: [PATCH 39/39] quick_jibri_installer.sh: fix acme integration --- quick_jibri_installer.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index b4c6238..ba8ad49 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -371,6 +371,7 @@ echo " if [ "$LE_SSL" = "yes" ]; then echo "set jitsi-meet/cert-choice select Generate a new self-signed certificate (You will later get a chance to obtain a Let's encrypt certificate)" | debconf-set-selections echo "jitsi-videobridge2 jitsi-videobridge/jvb-hostname string $JITSI_DOMAIN" | debconf-set-selections +echo "jitsi-meet-web-config jitsi-meet/email string $SYSADMIN_EMAIL" | debconf-set-selections fi echo "jitsi-meet-web-config jitsi-meet/jaas-choice boolean false" | debconf-set-selections apt-get -y install \