6.3.0

## New, - Add etherpad via docker ## Fix, - Fix manual sysctl set and fstab variable.fi
2021-05-16 16:27:40 -05:00 · 2021-05-16 16:27:40 -05:00 · f9ddabea37
parent 08514bb8af a485c8f6ad
commit f9ddabea37
5 changed files with 187 additions and 235 deletions
--- a/README.md
+++ b/README.md
@ -42,18 +42,21 @@ bash add-jvb2-node.sh
 Check more details on our wiki.

 ## Requirements
-* Clean VM/VPS/Server using a supported Ubuntu LTS
-* Valid domain with DNS record, **mandatory** for SSL certs via Let's Encrypt.
-* Ports open for ACME (SSL) interaction & validation.
-* Highly recommended: Above 8 GB RAM / 4 Cores.
-* Webcam
-
-### Jigasi Transcript
-* SIP account
-* Google Cloud Account with Billing setup.
+1. Clean VM/VPS/Server using a supported Ubuntu LTS
+2. Valid domain with DNS record, **mandatory** for SSL certs via Let's Encrypt.
+3. open ports for JMS interaction, [see wiki](https://github.com/switnet-ltd/quick-jibri-installer/wiki/Firewall).
+4. Starting at 8 GB RAM / 4 Cores @ ~3.0GHz
+    *  Adding resources as your audience or features you require, so your experience don't suffer from the lack of resources.
+5. Webcam

 ### Jibri Recodings Access via Nextcloud
 * Valid domain with DNS record for Nextcloud SSL.
+ 
+### Jigasi Transcript (stalled)
+* SIP account
+* Google Cloud Account with Billing setup.
+
+

 ## Kernel warning
 For AWS users or any cloud service provider that might use their own kernel on their products (servers/vm/vps), might cause Jibri failure to start due not allowing `snd_aloop` module.
@ -63,26 +66,33 @@ Make sure that you update your grub to boot the right one.
 Feel free to use our `test-jibri-env.sh` tool to find some details on your current setup.

 ## Features
-* Enabled Session Recording using Jibri
-* Enabled Jitsi Electron app detection server side.
-* Standalone SSL Certbot/LE implementation
-* Jigasi Transcript - Speech to Text powered by Google API (stalled)
+* Enabled Session Recording via Jibri
+  * Rename Jibri folder with name room + date.
+  * Jibri node network.
+    * Automatic Jibri nodes network sync ([see more](https://github.com/switnet-ltd/quick-jibri-installer/wiki/Setup-and-Jibri-Nodes)).
 * JRA (Jibri Recordings Access) via Nextcloud
-* Improved recurring updater
+* Grafana Dashboard
+* Etherpad via docker install
+* Authentication
+  1. Local
+  2. JWT
+  3. None
+* Lobby Rooms
+* Conference Duration
 * Customized brandless mode
  * Setting up custom interface_config.js (to be deprecated by upstream)
-* Grafana Dashboard
-* Lobby Rooms via
-* Conference Duration via
-* Automatic Jibri nodes network sync ([see more](https://github.com/switnet-ltd/quick-jibri-installer/wiki/Setup-and-Jibri-Nodes)).
 * JVB2 nodes network.
-* JWT auth.
-* Rename Jibri folder with name room + date.
+
+* Enabled Jitsi Electron app detection server side.
+* Standalone SSL Certbot/LE implementation
+* Improved recurring updater
+* Jigasi Transcript - Speech to Text powered by Google API (stalled)

 ## Tools
 * Jibri Environment Tester
 * Jibri Conf Upgrader (late 2020).
 * Selenium Grid via Docker
+* Start over, installation cleansing tool.

 ## Optional custom changes
 * Optional default language
--- a/etherpad-docker.sh
+++ b/etherpad-docker.sh
@ -0,0 +1,138 @@
+#!/bin/bash
+# Etherpad Installer for Jitsi Meet
+# SwITNet Ltd  Â© - 2020, https://switnet.net/
+#
+# GPLv3 or later.
+
+while getopts m: option
+do
+    case "${option}"
+    in
+        m) MODE=${OPTARG};;
+        \?) echo "Usage: sudo ./etherpad.sh [-m debug]" && exit;;
+    esac
+done
+
+#DEBUG
+if [ "$MODE" = "debug" ]; then
+set -x
+fi
+
+if ! [ $(id -u) = 0 ]; then
+   echo "You need to be root or have sudo privileges!"
+   exit 0
+fi
+
+clear
+echo '
+########################################################################
+                         Etherpad Docker addon
+########################################################################
+                    by Software, IT & Networks Ltd
+'
+
+check_apt_policy() {
+apt-cache policy 2>/dev/null| awk "/$1/{print \$3}" | awk -F '/' 'NR==1{print$2}'
+}
+install_ifnot() {
+if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
+    echo " $1 is installed, skipping..."
+    else
+        echo -e "\n---- Installing $1 ----"
+        apt-get -yq2 install $1
+fi
+}
+DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')"
+MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
+WS_CONF="/etc/nginx/sites-enabled/$DOMAIN.conf"
+PSGVER="$(apt-cache madison postgresql|awk -F'[ +]' 'NR==1{print $3}')"
+ETHERPAD_DB_USER="dockerpad"
+ETHERPAD_DB_NAME="etherpad"
+ETHERPAD_DB_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
+DOCKER_CE_REPO="$(check_apt_policy docker)"
+
+echo "Add Docker repo"
+if [ "$DOCKER_CE_REPO" = "stable" ]; then
+    echo "Docker repository already installed"
+else
+    echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker-ce.list
+    wget -qO - https://download.docker.com/linux/ubuntu/gpg | apt-key add -
+    apt -q2 update
+fi
+
+read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS
+
+
+# Install required packages
+install_ifnot docker-ce
+install_ifnot postgresql-$PSGVER
+
+# Create DB
+echo -e "> Creating postgresql database for container...\n"
+sudo -u postgres psql <<DB
+CREATE DATABASE ${ETHERPAD_DB_NAME};
+CREATE USER ${ETHERPAD_DB_USER} WITH ENCRYPTED PASSWORD '${ETHERPAD_DB_PASS}';
+GRANT ALL PRIVILEGES ON DATABASE ${ETHERPAD_DB_NAME} TO ${ETHERPAD_DB_USER};
+DB
+echo "  -- Your etherpad db password is: $ETHERPAD_DB_PASS"
+echo -e "     Please save it somewhere safe.\n"
+
+# Check fot docker if not running then execute
+if [ ! "$(docker ps -q -f name=etherpad)" ]; then
+    if [ "$(docker ps -aq -f status=exited -f name=etherpad)" ]; then
+        # cleanup
+        docker rm etherpad
+    fi
+    # run your container
+    docker run -d --restart always \
+    --network=host \
+    --name etherpad \
+    -p 127.0.0.1:9001:9001 \
+    -e "ADMIN_PASSWORD=$ETHERPAD_ADMIN_PASS" \
+    -e "DB_TYPE=postgres"   \
+    -e "DB_HOST=localhost"   \
+    -e "DB_PORT=5432"   \
+    -e "DB_NAME=$ETHERPAD_DB_NAME"   \
+    -e "DB_USER=$ETHERPAD_DB_USER" \
+    -e "DB_PASS=$ETHERPAD_DB_PASS" \
+    -i -t etherpad/etherpad
+fi
+
+# Tune webserver for Jitsi App control
+
+if [ $(grep -c "etherpad" $WS_CONF) != 0 ]; then
+    echo "> Webserver seems configured, skipping..."
+elif [ -f $WS_CONF ]; then
+    echo "> Setting up webserver configuration file..."
+    sed -i "/Anything that didn't match above/i \ \ \ \ #Etherpad block" $WS_CONF
+    sed -i "/Anything that didn't match above/i \ \ \ \ location \^\~\ \/etherpad\/ {" $WS_CONF
+    sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:9001\/;" $WS_CONF
+    sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_set_header X-Forwarded-For \$remote_addr;" $WS_CONF
+    sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_buffering off;" $WS_CONF
+    sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_set_header       Host \$host;" $WS_CONF
+    sed -i "/Anything that didn't match above/i \ \ \ \ }" $WS_CONF
+    sed -i "/Anything that didn't match above/i \\\n" $WS_CONF
+else
+    echo "> No etherpad config done to server file, please report to:
+    -> https://github.com/switnet-ltd/quick-jibri-installer/issues"
+fi
+
+# Configure config.js
+if [ $(grep -c "etherpad_base" $WS_CONF) != 0 ]; then
+    echo -e "> $MEET_CONF seems configured, skipping...\n"
+else
+    echo -e "> Setting etherpad domain at $MEET_CONF...\n"
+    sed -i "/ openSharedDocumentOnJoin:/a\ \ \ \ etherpad_base: \'https://$DOMAIN/etherpad/p/\'," $MEET_CONF
+fi
+
+echo "> Checking nginx configuration..."
+nginx -t 2>/dev/null
+
+if [ $? = 0 ]; then
+    echo -e "  -- Docker configuration seems fine, enabling it."
+    systemctl reload nginx
+else
+    echo "Please check your configuration, something may be wrong."
+    echo "Will not try to enable etherpad nginx configuration, please report to:
+    -> https://github.com/switnet-ltd/quick-jibri-installer/issues"
+fi
--- a/etherpad.sh
+++ b/etherpad.sh
@ -1,195 +0,0 @@
-#!/bin/bash
-# Etherpad Installer for Jitsi Meet
-# SwITNet Ltd © - 2021, https://switnet.net/
-#
-# GPLv3 or later.
-
-while getopts m: option
-do
-    case "${option}"
-    in
-        m) MODE=${OPTARG};;
-        \?) echo "Usage: sudo ./etherpad.sh [-m debug]" && exit;;
-    esac
-done
-
-#DEBUG
-if [ "$MODE" = "debug" ]; then
-set -x
-fi
-
-if ! [ $(id -u) = 0 ]; then
-    echo "You need to be root or have sudo privileges!"
-    exit 0
-fi
-
-clear
-echo '
-########################################################################
-                         Etherpad Docker addon
-########################################################################
-                    by Software, IT & Networks Ltd
-'
-
-check_apt_policy() {
-apt-cache policy 2>/dev/null| \
-grep http | \
-grep $1 | \
-awk '{print $3}' | \
-head -n 1 | \
-cut -d "/" -f2
-}
-install_ifnot() {
-if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
-    echo " $1 is installed, skipping..."
-else
-    echo -e "\n---- Installing $1 ----"
-    apt-get -yq2 install $1
-fi
-}
-DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
-MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
-WS_CONF="/etc/nginx/sites-enabled/$DOMAIN.conf"
-PSGVER="$(apt-cache madison postgresql | head -n1 | awk '{print $3}' | cut -d "+" -f1)"
-NODE_JS_REPO="$(check_apt_policy node_10)"
-ETHERPAD_USER="etherpad-lite"
-ETHERPAD_HOME="/opt/$ETHERPAD_USER"
-ETHERPAD_DB_USER="meetpad"
-ETHERPAD_DB_NAME="etherpad"
-ETHERPAD_DB_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
-ETHERPAD_SYSTEMD="/etc/systemd/system/etherpad-lite.service"
-
-# NodeJS
-echo "Addin NodeJS repo..."
-
-if [ "$NODE_JS_REPO" = "main" ]; then
-    echo "NodeJS repository already installed"
-else
-    curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -
-    apt-get update
-fi
-
-read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS
-
-# Install required packages
-install_ifnot jq
-install_ifnot nodejs
-install_ifnot postgresql-$PSGVER
-
-# Link LE certs on Etherpad directory
-#chmod 755 /etc/letsencrypt/live
-#ln -s /etc/letsencrypt/live/$DOMAIN $ETHERPAD_HOME/
-
-# Create DB
-echo -e "> Creating postgresql database for etherpad...\n"
-sudo -u postgres psql <<DB
-CREATE DATABASE ${ETHERPAD_DB_NAME};
-CREATE USER ${ETHERPAD_DB_USER} WITH ENCRYPTED PASSWORD '${ETHERPAD_DB_PASS}';
-GRANT ALL PRIVILEGES ON DATABASE ${ETHERPAD_DB_NAME} TO ${ETHERPAD_DB_USER};
-DB
-
-echo "  -- Your etherpad db password is: $ETHERPAD_DB_PASS"
-echo -e "     Please save it somewhere safe."
-
-#Set system users
-adduser --system --home=${ETHERPAD_HOME} --group ${ETHERPAD_USER}
-sudo -u $ETHERPAD_USER git clone -b master https://github.com/ether/etherpad-lite.git $ETHERPAD_HOME/
-
-  #Issue: https://github.com/ether/etherpad-lite/issues/3460
-  cat <<< "$(jq  'del(.devDependencies)'< $ETHERPAD_HOME/src/package.json)" > $ETHERPAD_HOME/src/package.json
-
-bash $ETHERPAD_HOME/bin/installDeps.sh
-
-cp $ETHERPAD_HOME/settings.json $ETHERPAD_HOME/settings.json.backup
-
-cat << SETTINGS_JSON > $ETHERPAD_HOME/settings.json
-{
- "title": "Conference Etherpad",
-  "favicon": "favicon.ico",
-  "skinName": "colibris",
-  "ip": "0.0.0.0",
-  "port": 9001,
-  "showSettingsInAdminPage": true,
-//  "ssl" : {
-//            "key"  : "$ETHERPAD_HOME/$DOMAIN/privkey.pem",
-//            "cert" : "$ETHERPAD_HOME/$DOMAIN/fullchain.pem",
-//            "ca"   : "$ETHERPAD_HOME/$DOMAIN/chain.pem"
-//          },
-  "dbType" : "postgres",
-  "dbSettings" : {
-    "user"    : "$ETHERPAD_DB_USER",
-    "host"    : "localhost",
-    "password": "$ETHERPAD_DB_PASS",
-    "database": "$ETHERPAD_DB_NAME",
-    "charset" : "utf8mb4"
-  },
-  "defaultPadText" : "Welcome to Etherpad!\n\nThis pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!\n\nGet involved with Etherpad at https:\/\/etherpad.org\n",
-  "users": {
-    "admin": {
-      // 1) "password" can be replaced with "hash" if you install ep_hash_auth
-      // 2) please note that if password is null, the user will not be created
-      "password": "$ETHERPAD_ADMIN_PASS",
-      "is_admin": true
-    }
-  }
-}
-SETTINGS_JSON
-
-cat << SYSTEMD > $ETHERPAD_SYSTEMD
-[Unit]
-Description=Etherpad-lite, the collaborative editor.
-After=syslog.target network.target
-
-[Service]
-Type=simple
-User=$ETHERPAD_USER
-Group=Group=$ETHERPAD_USER
-WorkingDirectory=$ETHERPAD_HOME
-Environment=NODE_ENV=production
-ExecStart=$ETHERPAD_HOME/bin/run.sh
-Restart=always
-
-[Install]
-WantedBy=multi-user.target
-SYSTEMD
-
-#Systemd services
-systemctl enable etherpad-lite
-systemctl restart etherpad-lite
-
-# Tune webserver for Jitsi App control
-if [ $(grep -c "etherpad" $WS_CONF) != 0 ]; then
-    echo "> Webserver seems configured, skipping..."
-elif [ -f $WS_CONF ]; then
-    echo "> Setting up webserver configuration file..."
-    sed -i "/Anything that didn't match above/i \ \ \ \ location \^\~\ \/etherpad\/ {" $WS_CONF
-    sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:9001\/;" $WS_CONF
-    sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_set_header X-Forwarded-For \$remote_addr;" $WS_CONF
-    sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_buffering off;" $WS_CONF
-    sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_set_header       Host \$host;" $WS_CONF
-    sed -i "/Anything that didn't match above/i \ \ \ \ }" $WS_CONF
-    sed -i "/Anything that didn't match above/i \\\n" $WS_CONF
-else
-    echo "> No etherpad config done to server file, please report to:
-    -> https://github.com/switnet-ltd/quick-jibri-installer/issues"
-fi
-    
-# Configure config.js
-if [ $(grep -c "etherpad_base" $WS_CONF) != 0 ]; then
-    echo -e "> $MEET_CONF seems configured, skipping...\n"
-else
-    echo -e "> Setting etherpad domain at $MEET_CONF...\n"
-    sed -i "/ domain: '$DOMAIN'/a\ \ \ \ \ \ \ \ etherpad_base: \'https://$DOMAIN/etherpad/p/\'," $MEET_CONF
-fi
-
-echo "> Checking nginx configuration..."
-nginx -t 2>/dev/null
-
-if [ $? = 0 ]; then
-    echo -e "  -- Docker configuration seems fine, enabling it."
-    systemctl reload nginx
-else
-    echo "Please check your configuration, something may be wrong."
-    echo "Will not try to enable etherpad nginx configuration, please report to:
-    -> https://github.com/switnet-ltd/quick-jibri-installer/issues"
-fi
--- a/mode/jms-stu.sh
+++ b/mode/jms-stu.sh
@ -1,5 +1,7 @@
 #!/bin/bash
-# System-tune-up to remove system restrictions on a huge load of connections.
+# System-tune-up to remove system software restrictions on a huge load of connections.
+# Be aware that hardware/infrastructure resources are the most common limiters.
+#
 # SwITNet Ltd © - 2021, https://switnet.net/
 # GPLv3 or later.

@ -38,13 +40,14 @@ else
  echo " \"$(echo $1|awk -F '=' '{print$1}')\" seems present, skipping setting this variable"
 fi
 }
+FSTAB=/etc/fstab

 ##Disable swap
 swapoff -a
 sed -r  '/\sswap\s/s/^#?/#/' -i $FSTAB

 ##Alternative swap tuning (need more documentation).
-#vm.swappiness=10
+#vm.swappiness=5
 #vm.vfs_cache_pressure=50

 ##Kernel
@ -60,9 +63,6 @@ set_once "net.core.wmem_max=262144" "/etc/sysctl.conf"

 #system
 #https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart
-sysctl -w DefaultLimitNOFILE=65000
-sysctl -w DefaultLimitNPROC=65000
-sysctl -w DefaultTasksMax=65000
 set_once "DefaultLimitNOFILE=65000" "/etc/sysctl.conf"
 set_once "DefaultLimitNPROC=65000" "/etc/sysctl.conf"
 set_once "DefaultTasksMax=65000" "/etc/sysctl.conf"
--- a/quick_jibri_installer.sh
+++ b/quick_jibri_installer.sh
@ -457,14 +457,14 @@ FQDN_HOST="fqdn"
 # Rename hostname for jitsi server
 while [[ "$FQDN_HOST" != "yes" && "$FQDN_HOST" != "no" && ! -z "$FQDN_HOST" ]]
 do
-  echo -e "> Do you want to use your internet domain ($DOMAIN) as a fqdn hostname?: (yes or no)" && \
+  echo -e "> Set $DOMAIN as a fqdn hostname?: (yes or no)\n" && \
  read -p "Leave empty to default to your current one ($(hostname -f)): "$'\n' FQDN_HOST
  if [ "$FQDN_HOST" = "yes" ]; then
-    echo "We'll use your domain ($DOMAIN) as a fqdn hostname, changes will show on reboot."
+    echo "$DOMAIN will be used as fqdn hostname, changes will show on reboot."
    hostnamectl set-hostname "${DOMAIN}"
    sed -i "1i ${PUBLIC_IP} ${DOMAIN}" /etc/hosts
  else
-    echo "We'll keep the current one ($(hostname -f)) you're using."
+    echo "$(hostname -f) will be keep."
  fi
 done

@ -624,16 +624,15 @@ elif [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then
 fi
 done
 #Docker Etherpad
-#while [[ "$ENABLE_DOCKERPAD" != "yes" && "$ENABLE_DOCKERPAD" != "no" ]]
-#do
-#read -p "> Do you want to setup Docker Etherpad: (yes or no)
-#( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )"$'\n' -r ENABLE_DOCKERPAD
-#if [ "$ENABLE_DOCKERPAD" = "no" ]; then
-#    echo -e "-- Docker Etherpad won't be enabled.\n"
-#elif [ "$ENABLE_DOCKERPAD" = "yes" ]; then
-#    echo -e "-- Docker Etherpad will be enabled.\n"
-#fi
-#done
+while [[ "$ENABLE_DOCKERPAD" != "yes" && "$ENABLE_DOCKERPAD" != "no" ]]
+do
+read -p "> Do you want to setup Docker Etherpad: (yes or no)"$'\n' -r ENABLE_DOCKERPAD
+if [ "$ENABLE_DOCKERPAD" = "no" ]; then
+    echo -e "-- Docker Etherpad won't be enabled.\n"
+elif [ "$ENABLE_DOCKERPAD" = "yes" ]; then
+    echo -e "-- Docker Etherpad will be enabled.\n"
+fi
+done
 #Start configuration
 echo '
 ########################################################################
@ -1223,9 +1222,9 @@ fi
 if [ "$ENABLE_DOCKERPAD" = "yes" ]; then
    echo -e "\nDocker Etherpad will be enabled."
    if [ "$MODE" = "debug" ]; then
-        bash $PWD/etherpad.sh -m debug
+        bash $PWD/etherpad-docker.sh -m debug
    else
-        bash $PWD/etherpad.sh
+        bash $PWD/etherpad-docker.sh
    fi
 fi
 #Prevent JMS conecction issue