diff --git a/README.md b/README.md index 1fcc752..7795926 100644 --- a/README.md +++ b/README.md @@ -42,18 +42,21 @@ bash add-jvb2-node.sh Check more details on our wiki. ## Requirements -* Clean VM/VPS/Server using a supported Ubuntu LTS -* Valid domain with DNS record, **mandatory** for SSL certs via Let's Encrypt. -* Ports open for ACME (SSL) interaction & validation. -* Highly recommended: Above 8 GB RAM / 4 Cores. -* Webcam - -### Jigasi Transcript -* SIP account -* Google Cloud Account with Billing setup. +1. Clean VM/VPS/Server using a supported Ubuntu LTS +2. Valid domain with DNS record, **mandatory** for SSL certs via Let's Encrypt. +3. open ports for JMS interaction, [see wiki](https://github.com/switnet-ltd/quick-jibri-installer/wiki/Firewall). +4. Starting at 8 GB RAM / 4 Cores @ ~3.0GHz + * Adding resources as your audience or features you require, so your experience don't suffer from the lack of resources. +5. Webcam ### Jibri Recodings Access via Nextcloud * Valid domain with DNS record for Nextcloud SSL. + +### Jigasi Transcript (stalled) +* SIP account +* Google Cloud Account with Billing setup. + + ## Kernel warning For AWS users or any cloud service provider that might use their own kernel on their products (servers/vm/vps), might cause Jibri failure to start due not allowing `snd_aloop` module. @@ -63,26 +66,33 @@ Make sure that you update your grub to boot the right one. Feel free to use our `test-jibri-env.sh` tool to find some details on your current setup. ## Features -* Enabled Session Recording using Jibri -* Enabled Jitsi Electron app detection server side. -* Standalone SSL Certbot/LE implementation -* Jigasi Transcript - Speech to Text powered by Google API (stalled) +* Enabled Session Recording via Jibri + * Rename Jibri folder with name room + date. + * Jibri node network. + * Automatic Jibri nodes network sync ([see more](https://github.com/switnet-ltd/quick-jibri-installer/wiki/Setup-and-Jibri-Nodes)). * JRA (Jibri Recordings Access) via Nextcloud -* Improved recurring updater +* Grafana Dashboard +* Etherpad via docker install +* Authentication + 1. Local + 2. JWT + 3. None +* Lobby Rooms +* Conference Duration * Customized brandless mode * Setting up custom interface_config.js (to be deprecated by upstream) -* Grafana Dashboard -* Lobby Rooms via -* Conference Duration via -* Automatic Jibri nodes network sync ([see more](https://github.com/switnet-ltd/quick-jibri-installer/wiki/Setup-and-Jibri-Nodes)). * JVB2 nodes network. -* JWT auth. -* Rename Jibri folder with name room + date. + +* Enabled Jitsi Electron app detection server side. +* Standalone SSL Certbot/LE implementation +* Improved recurring updater +* Jigasi Transcript - Speech to Text powered by Google API (stalled) ## Tools * Jibri Environment Tester * Jibri Conf Upgrader (late 2020). * Selenium Grid via Docker +* Start over, installation cleansing tool. ## Optional custom changes * Optional default language diff --git a/etherpad-docker.sh b/etherpad-docker.sh new file mode 100644 index 0000000..1e21ccd --- /dev/null +++ b/etherpad-docker.sh @@ -0,0 +1,138 @@ +#!/bin/bash +# Etherpad Installer for Jitsi Meet +# SwITNet Ltd © - 2020, https://switnet.net/ +# +# GPLv3 or later. + +while getopts m: option +do + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo ./etherpad.sh [-m debug]" && exit;; + esac +done + +#DEBUG +if [ "$MODE" = "debug" ]; then +set -x +fi + +if ! [ $(id -u) = 0 ]; then + echo "You need to be root or have sudo privileges!" + exit 0 +fi + +clear +echo ' +######################################################################## + Etherpad Docker addon +######################################################################## + by Software, IT & Networks Ltd +' + +check_apt_policy() { +apt-cache policy 2>/dev/null| awk "/$1/{print \$3}" | awk -F '/' 'NR==1{print$2}' +} +install_ifnot() { +if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then + echo " $1 is installed, skipping..." + else + echo -e "\n---- Installing $1 ----" + apt-get -yq2 install $1 +fi +} +DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')" +MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js" +WS_CONF="/etc/nginx/sites-enabled/$DOMAIN.conf" +PSGVER="$(apt-cache madison postgresql|awk -F'[ +]' 'NR==1{print $3}')" +ETHERPAD_DB_USER="dockerpad" +ETHERPAD_DB_NAME="etherpad" +ETHERPAD_DB_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)" +DOCKER_CE_REPO="$(check_apt_policy docker)" + +echo "Add Docker repo" +if [ "$DOCKER_CE_REPO" = "stable" ]; then + echo "Docker repository already installed" +else + echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker-ce.list + wget -qO - https://download.docker.com/linux/ubuntu/gpg | apt-key add - + apt -q2 update +fi + +read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS + + +# Install required packages +install_ifnot docker-ce +install_ifnot postgresql-$PSGVER + +# Create DB +echo -e "> Creating postgresql database for container...\n" +sudo -u postgres psql < Webserver seems configured, skipping..." +elif [ -f $WS_CONF ]; then + echo "> Setting up webserver configuration file..." + sed -i "/Anything that didn't match above/i \ \ \ \ #Etherpad block" $WS_CONF + sed -i "/Anything that didn't match above/i \ \ \ \ location \^\~\ \/etherpad\/ {" $WS_CONF + sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:9001\/;" $WS_CONF + sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_set_header X-Forwarded-For \$remote_addr;" $WS_CONF + sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_buffering off;" $WS_CONF + sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_set_header Host \$host;" $WS_CONF + sed -i "/Anything that didn't match above/i \ \ \ \ }" $WS_CONF + sed -i "/Anything that didn't match above/i \\\n" $WS_CONF +else + echo "> No etherpad config done to server file, please report to: + -> https://github.com/switnet-ltd/quick-jibri-installer/issues" +fi + +# Configure config.js +if [ $(grep -c "etherpad_base" $WS_CONF) != 0 ]; then + echo -e "> $MEET_CONF seems configured, skipping...\n" +else + echo -e "> Setting etherpad domain at $MEET_CONF...\n" + sed -i "/ openSharedDocumentOnJoin:/a\ \ \ \ etherpad_base: \'https://$DOMAIN/etherpad/p/\'," $MEET_CONF +fi + +echo "> Checking nginx configuration..." +nginx -t 2>/dev/null + +if [ $? = 0 ]; then + echo -e " -- Docker configuration seems fine, enabling it." + systemctl reload nginx +else + echo "Please check your configuration, something may be wrong." + echo "Will not try to enable etherpad nginx configuration, please report to: + -> https://github.com/switnet-ltd/quick-jibri-installer/issues" +fi diff --git a/etherpad.sh b/etherpad.sh deleted file mode 100644 index 508a6c7..0000000 --- a/etherpad.sh +++ /dev/null @@ -1,195 +0,0 @@ -#!/bin/bash -# Etherpad Installer for Jitsi Meet -# SwITNet Ltd © - 2021, https://switnet.net/ -# -# GPLv3 or later. - -while getopts m: option -do - case "${option}" - in - m) MODE=${OPTARG};; - \?) echo "Usage: sudo ./etherpad.sh [-m debug]" && exit;; - esac -done - -#DEBUG -if [ "$MODE" = "debug" ]; then -set -x -fi - -if ! [ $(id -u) = 0 ]; then - echo "You need to be root or have sudo privileges!" - exit 0 -fi - -clear -echo ' -######################################################################## - Etherpad Docker addon -######################################################################## - by Software, IT & Networks Ltd -' - -check_apt_policy() { -apt-cache policy 2>/dev/null| \ -grep http | \ -grep $1 | \ -awk '{print $3}' | \ -head -n 1 | \ -cut -d "/" -f2 -} -install_ifnot() { -if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then - echo " $1 is installed, skipping..." -else - echo -e "\n---- Installing $1 ----" - apt-get -yq2 install $1 -fi -} -DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++') -MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js" -WS_CONF="/etc/nginx/sites-enabled/$DOMAIN.conf" -PSGVER="$(apt-cache madison postgresql | head -n1 | awk '{print $3}' | cut -d "+" -f1)" -NODE_JS_REPO="$(check_apt_policy node_10)" -ETHERPAD_USER="etherpad-lite" -ETHERPAD_HOME="/opt/$ETHERPAD_USER" -ETHERPAD_DB_USER="meetpad" -ETHERPAD_DB_NAME="etherpad" -ETHERPAD_DB_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)" -ETHERPAD_SYSTEMD="/etc/systemd/system/etherpad-lite.service" - -# NodeJS -echo "Addin NodeJS repo..." - -if [ "$NODE_JS_REPO" = "main" ]; then - echo "NodeJS repository already installed" -else - curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash - - apt-get update -fi - -read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS - -# Install required packages -install_ifnot jq -install_ifnot nodejs -install_ifnot postgresql-$PSGVER - -# Link LE certs on Etherpad directory -#chmod 755 /etc/letsencrypt/live -#ln -s /etc/letsencrypt/live/$DOMAIN $ETHERPAD_HOME/ - -# Create DB -echo -e "> Creating postgresql database for etherpad...\n" -sudo -u postgres psql < $ETHERPAD_HOME/src/package.json - -bash $ETHERPAD_HOME/bin/installDeps.sh - -cp $ETHERPAD_HOME/settings.json $ETHERPAD_HOME/settings.json.backup - -cat << SETTINGS_JSON > $ETHERPAD_HOME/settings.json -{ - "title": "Conference Etherpad", - "favicon": "favicon.ico", - "skinName": "colibris", - "ip": "0.0.0.0", - "port": 9001, - "showSettingsInAdminPage": true, -// "ssl" : { -// "key" : "$ETHERPAD_HOME/$DOMAIN/privkey.pem", -// "cert" : "$ETHERPAD_HOME/$DOMAIN/fullchain.pem", -// "ca" : "$ETHERPAD_HOME/$DOMAIN/chain.pem" -// }, - "dbType" : "postgres", - "dbSettings" : { - "user" : "$ETHERPAD_DB_USER", - "host" : "localhost", - "password": "$ETHERPAD_DB_PASS", - "database": "$ETHERPAD_DB_NAME", - "charset" : "utf8mb4" - }, - "defaultPadText" : "Welcome to Etherpad!\n\nThis pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!\n\nGet involved with Etherpad at https:\/\/etherpad.org\n", - "users": { - "admin": { - // 1) "password" can be replaced with "hash" if you install ep_hash_auth - // 2) please note that if password is null, the user will not be created - "password": "$ETHERPAD_ADMIN_PASS", - "is_admin": true - } - } -} -SETTINGS_JSON - -cat << SYSTEMD > $ETHERPAD_SYSTEMD -[Unit] -Description=Etherpad-lite, the collaborative editor. -After=syslog.target network.target - -[Service] -Type=simple -User=$ETHERPAD_USER -Group=Group=$ETHERPAD_USER -WorkingDirectory=$ETHERPAD_HOME -Environment=NODE_ENV=production -ExecStart=$ETHERPAD_HOME/bin/run.sh -Restart=always - -[Install] -WantedBy=multi-user.target -SYSTEMD - -#Systemd services -systemctl enable etherpad-lite -systemctl restart etherpad-lite - -# Tune webserver for Jitsi App control -if [ $(grep -c "etherpad" $WS_CONF) != 0 ]; then - echo "> Webserver seems configured, skipping..." -elif [ -f $WS_CONF ]; then - echo "> Setting up webserver configuration file..." - sed -i "/Anything that didn't match above/i \ \ \ \ location \^\~\ \/etherpad\/ {" $WS_CONF - sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:9001\/;" $WS_CONF - sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_set_header X-Forwarded-For \$remote_addr;" $WS_CONF - sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_buffering off;" $WS_CONF - sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_set_header Host \$host;" $WS_CONF - sed -i "/Anything that didn't match above/i \ \ \ \ }" $WS_CONF - sed -i "/Anything that didn't match above/i \\\n" $WS_CONF -else - echo "> No etherpad config done to server file, please report to: - -> https://github.com/switnet-ltd/quick-jibri-installer/issues" -fi - -# Configure config.js -if [ $(grep -c "etherpad_base" $WS_CONF) != 0 ]; then - echo -e "> $MEET_CONF seems configured, skipping...\n" -else - echo -e "> Setting etherpad domain at $MEET_CONF...\n" - sed -i "/ domain: '$DOMAIN'/a\ \ \ \ \ \ \ \ etherpad_base: \'https://$DOMAIN/etherpad/p/\'," $MEET_CONF -fi - -echo "> Checking nginx configuration..." -nginx -t 2>/dev/null - -if [ $? = 0 ]; then - echo -e " -- Docker configuration seems fine, enabling it." - systemctl reload nginx -else - echo "Please check your configuration, something may be wrong." - echo "Will not try to enable etherpad nginx configuration, please report to: - -> https://github.com/switnet-ltd/quick-jibri-installer/issues" -fi diff --git a/mode/jms-stu.sh b/mode/jms-stu.sh index 9041b15..2fb45ba 100644 --- a/mode/jms-stu.sh +++ b/mode/jms-stu.sh @@ -1,5 +1,7 @@ #!/bin/bash -# System-tune-up to remove system restrictions on a huge load of connections. +# System-tune-up to remove system software restrictions on a huge load of connections. +# Be aware that hardware/infrastructure resources are the most common limiters. +# # SwITNet Ltd © - 2021, https://switnet.net/ # GPLv3 or later. @@ -38,13 +40,14 @@ else echo " \"$(echo $1|awk -F '=' '{print$1}')\" seems present, skipping setting this variable" fi } +FSTAB=/etc/fstab ##Disable swap swapoff -a sed -r '/\sswap\s/s/^#?/#/' -i $FSTAB ##Alternative swap tuning (need more documentation). -#vm.swappiness=10 +#vm.swappiness=5 #vm.vfs_cache_pressure=50 ##Kernel @@ -60,9 +63,6 @@ set_once "net.core.wmem_max=262144" "/etc/sysctl.conf" #system #https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart -sysctl -w DefaultLimitNOFILE=65000 -sysctl -w DefaultLimitNPROC=65000 -sysctl -w DefaultTasksMax=65000 set_once "DefaultLimitNOFILE=65000" "/etc/sysctl.conf" set_once "DefaultLimitNPROC=65000" "/etc/sysctl.conf" set_once "DefaultTasksMax=65000" "/etc/sysctl.conf" diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index 5806551..a2cf015 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -457,14 +457,14 @@ FQDN_HOST="fqdn" # Rename hostname for jitsi server while [[ "$FQDN_HOST" != "yes" && "$FQDN_HOST" != "no" && ! -z "$FQDN_HOST" ]] do - echo -e "> Do you want to use your internet domain ($DOMAIN) as a fqdn hostname?: (yes or no)" && \ + echo -e "> Set $DOMAIN as a fqdn hostname?: (yes or no)\n" && \ read -p "Leave empty to default to your current one ($(hostname -f)): "$'\n' FQDN_HOST if [ "$FQDN_HOST" = "yes" ]; then - echo "We'll use your domain ($DOMAIN) as a fqdn hostname, changes will show on reboot." + echo "$DOMAIN will be used as fqdn hostname, changes will show on reboot." hostnamectl set-hostname "${DOMAIN}" sed -i "1i ${PUBLIC_IP} ${DOMAIN}" /etc/hosts else - echo "We'll keep the current one ($(hostname -f)) you're using." + echo "$(hostname -f) will be keep." fi done @@ -624,16 +624,15 @@ elif [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then fi done #Docker Etherpad -#while [[ "$ENABLE_DOCKERPAD" != "yes" && "$ENABLE_DOCKERPAD" != "no" ]] -#do -#read -p "> Do you want to setup Docker Etherpad: (yes or no) -#( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )"$'\n' -r ENABLE_DOCKERPAD -#if [ "$ENABLE_DOCKERPAD" = "no" ]; then -# echo -e "-- Docker Etherpad won't be enabled.\n" -#elif [ "$ENABLE_DOCKERPAD" = "yes" ]; then -# echo -e "-- Docker Etherpad will be enabled.\n" -#fi -#done +while [[ "$ENABLE_DOCKERPAD" != "yes" && "$ENABLE_DOCKERPAD" != "no" ]] +do +read -p "> Do you want to setup Docker Etherpad: (yes or no)"$'\n' -r ENABLE_DOCKERPAD +if [ "$ENABLE_DOCKERPAD" = "no" ]; then + echo -e "-- Docker Etherpad won't be enabled.\n" +elif [ "$ENABLE_DOCKERPAD" = "yes" ]; then + echo -e "-- Docker Etherpad will be enabled.\n" +fi +done #Start configuration echo ' ######################################################################## @@ -1223,9 +1222,9 @@ fi if [ "$ENABLE_DOCKERPAD" = "yes" ]; then echo -e "\nDocker Etherpad will be enabled." if [ "$MODE" = "debug" ]; then - bash $PWD/etherpad.sh -m debug + bash $PWD/etherpad-docker.sh -m debug else - bash $PWD/etherpad.sh + bash $PWD/etherpad-docker.sh fi fi #Prevent JMS conecction issue