switnet
/
quick-jibri-installer
2
1
Fork 1
Code Issues 2 Pull Requests Packages Projects Releases 14 Wiki Activity

Compare commits

base: switnet:master
Branches Tags
switnet:master
Ark74:v7.4.1
Ark74:wip_qji_7.4
Ark74:qji_7.4
Ark74:upd_2024_year
Ark74:add_final_check_lst
Ark74:master
switnet:v8.0
switnet:v7.3.0
switnet:v7.1.0
switnet:v7.0.0
switnet:6.0.1.1
switnet:v5.0.0
switnet:v4.0.0
switnet:v3.0.1
switnet:v2.1.0
switnet:v2.0.2
switnet:v2.0.1
switnet:v2.0
switnet:v1.0.1
switnet:v1.0
Ark74:v7.3.0
Ark74:v7.1.0
Ark74:v7.0.0
Ark74:6.0.1.1
Ark74:v5.0.0
Ark74:v4.0.0
Ark74:v3.0.1
Ark74:v2.1.0
Ark74:v2.0.2
Ark74:v2.0.1
Ark74:v2.0
Ark74:v1.0.1
Ark74:v1.0
..
compare: Ark74:upd_2024_year
Branches Tags
Ark74:v7.4.1
Ark74:wip_qji_7.4
Ark74:qji_7.4
Ark74:upd_2024_year
Ark74:add_final_check_lst
Ark74:master
switnet:master
Ark74:v7.3.0
Ark74:v7.1.0
Ark74:v7.0.0
Ark74:6.0.1.1
Ark74:v5.0.0
Ark74:v4.0.0
Ark74:v3.0.1
Ark74:v2.1.0
Ark74:v2.0.2
Ark74:v2.0.1
Ark74:v2.0
Ark74:v1.0.1
Ark74:v1.0
switnet:v8.0
switnet:v7.3.0
switnet:v7.1.0
switnet:v7.0.0
switnet:6.0.1.1
switnet:v5.0.0
switnet:v4.0.0
switnet:v3.0.1
switnet:v2.1.0
switnet:v2.0.2
switnet:v2.0.1
switnet:v2.0
switnet:v1.0.1
switnet:v1.0

No commits in common. "master" and "upd_2024_year" have entirely different histories.
master ... upd_2024_y

28 changed files with 552 additions and 876 deletions
Show Stats Expand all files Collapse all files

11
README.md
View File

@ -56,8 +56,9 @@ Check more details on our wiki.
### Jibri Recodings Access via Nextcloud
* Valid domain with DNS record for Nextcloud SSL.
### Jigasi Transcript
* Enough disk space to run Vosk backend via docker container.
### Jigasi Transcript (stalled)
* SIP account
* Google Cloud Account with Billing setup.
@ -78,7 +79,7 @@ Feel free to use our `test-jibri-env.sh` tool to find some details on your curre
* Etherpad via docker install
* Authentication
1. Local
2. JWT ([#87](https://forge.switnet.net/switnet/quick-jibri-installer/issues/87))
2. JWT
3. None
* Lobby Rooms
* Conference Duration
@ -89,7 +90,7 @@ Feel free to use our `test-jibri-env.sh` tool to find some details on your curre
* Enabled Jitsi Electron app detection server side.
* Standalone SSL Certbot/LE implementation
* Improved recurring updater
* Jigasi Transcript - vía Vosk speech recognition toolkit.
* Jigasi Transcript - Speech to Text powered by Google API (stalled)
## Tools
* Jibri Environment Tester
@ -118,4 +119,4 @@ Feel free to use our `test-jibri-env.sh` tool to find some details on your curre
Please note: This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY.
SwITNet Ltd © - 2025, https://switnet.net/
SwITNet Ltd © - 2024, https://switnet.net/

279
add-jibri-node.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Jibri Node Aggregator
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
### 0_LAST EDITION TIME STAMP ###
@ -16,13 +16,9 @@ do
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
set -x
fi
#Make sure the file name is the required one
@ -32,6 +28,12 @@ if [ ! "$(basename "$0")" = "add-jibri-node.sh" ]; then
exit
fi
#Check admin rights
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
### 0_VAR_DEF
MAIN_SRV_DIST=TBD
MAIN_SRV_REPO=TBD
@ -49,18 +51,17 @@ JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR=
JIBRI_CONF="/etc/jitsi/jibri/jibri.conf"
DIR_RECORD="/var/jbrecord"
REC_DIR="/home/jibri/finalize_recording.sh"
CHD_VER="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list"
GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}')
GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
#PUBLIC_IP="$(wget -qO- https://api.ipify.org)"
JITSI_GPG_KEY="/etc/apt/trusted.gpg.d/jitsi-key.gpg.key"
#PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)"
NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
NJN_USER="jbnode${ADDUP}_${NJN_RAND_TAIL}"
NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)"
GIT_FORGE="https://forge.switnet.net"
GIT_REPO="switnet/quick-jibri-installer"
JIBRI_CONF_ONLINE="$GIT_FORGE/$GIT_REPO/raw/branch/master/files/jibri.conf"
TEST_JIBRI_ENV="$GIT_FORGE/$GIT_REPO/raw/branch/master/tools/test-jibri-env.sh"
GITHUB_RAW="https://raw.githubusercontent.com"
GIT_REPO="switnet-ltd/quick-jibri-installer"
TEST_JIBRI_ENV="$GITHUB_RAW/$GIT_REPO/unstable/tools/test-jibri-env.sh"
SHORT_ID="$(awk '{print substr($0,0,7)}' /etc/machine-id)"
JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf"
### 1_VAR_DEF
@ -187,19 +188,18 @@ hostnamectl set-hostname "jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}"
sed -i "1i 127.0.0.1 jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts
# Jitsi-Meet Repo
printf "\nAdd Jitsi repo\n"
if [ "$JITSI_REPO" = "stable" ]; then
printf " - Jitsi stable repository already installed\n\n"
echo "Add Jitsi repo"
if [ -z "$JITSI_REPO" ]; then
echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-"$MAIN_SRV_REPO".list
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository don't match, extiting.."
exit
elif [ "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository match, continuing..."
else
echo "deb [signed-by=$JITSI_GPG_KEY] http://download.jitsi.org stable/" \
> /etc/apt/sources.list.d/jitsi-stable.list
curl -s https://download.jitsi.org/jitsi-key.gpg.key \
> "$JITSI_GPG_KEY"
apt-get update -q2
JITSI_REPO="stable"
echo "Jitsi $JITSI_REPO repository already installed"
fi
sleep .1
# Requirements
echo "We'll start by installing system requirements this may take a while please be patient..."
@ -212,7 +212,7 @@ apt-get -y install \
curl \
ffmpeg \
git \
btop \
htop \
inotify-tools \
jq \
rsync \
@ -221,30 +221,32 @@ apt-get -y install \
wget
check_snd_driver() {
printf "\n# Checking ALSA - Loopback module..."
echo "snd-aloop" | tee -a /etc/modules
modprobe snd-aloop
if [ "$(lsmod|awk '/snd_aloop/{print$1}'|awk 'NR==1')" = "snd_aloop" ]; then
echo -e "\n#-----------------------------------------------------------------------"
echo "# Audio driver seems - OK."
echo -e "#-----------------------------------------------------------------------\n"
else
echo -e "\n#-----------------------------------------------------------------------"
echo "# Your audio driver might not be able to load."
echo "# We'll check the state of this Jibri with our 'test-jibri-env.sh' tool."
echo -e "#-----------------------------------------------------------------------\n"
curl -s "$TEST_JIBRI_ENV" > /tmp/test-jibri-env.sh
#Test tool
if [ "$MODE" = "debug" ]; then
bash /tmp/test-jibri-env.sh -m debug
else
bash /tmp/test-jibri-env.sh
fi
read -n 1 -s -r -p "Press any key to continue..."$'\n'
fi
echo -e "\n# Checking ALSA - Loopback module..."
echo "snd-aloop" | tee -a /etc/modules
modprobe snd-aloop
if [ "$(lsmod | grep snd_aloop | head -n 1 | cut -d " " -f1)" = "snd_aloop" ]; then
echo "
#-----------------------------------------------------------------------
# Audio driver seems - OK.
#-----------------------------------------------------------------------"
else
echo "
#-----------------------------------------------------------------------
# Your audio driver might not be able to load.
# We'll check the state of this Jibri with our 'test-jibri-env.sh' tool.
#-----------------------------------------------------------------------"
curl -s "$TEST_JIBRI_ENV" > /tmp/test-jibri-env.sh
#Test tool
if [ "$MODE" = "debug" ]; then
bash /tmp/test-jibri-env.sh -m debug
else
bash /tmp/test-jibri-env.sh
fi
rm /tmp/test-jibri-env.sh
read -n 1 -s -r -p "Press any key to continue..."$'\n'
fi
}
###FIXME: Trisquel support broken by lsb_release usage###
echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")"
if [ "$HWE_VIR_MOD" = "1" ]; then
@ -270,37 +272,27 @@ if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then
echo "Google repository already set."
else
echo "Installing Google Chrome Stable"
curl -s https://dl.google.com/linux/linux_signing_key.pub | \
gpg --dearmor | tee /etc/apt/trusted.gpg.d/google-chrome-key.gpg >/dev/null
wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add -
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO"
fi
apt-get -q2 update
apt-get install -yq2 google-chrome-stable
rm -rf "$GOOGL_REPO"
G_CHROME=$(apt-cache madison google-chrome-stable|awk '{print$3}'|cut -d. -f1-3)
CHROMELAB_URL="https://googlechromelabs.github.io/chrome-for-testing"
CHD_LTST_DWNL=$(curl -s $CHROMELAB_URL/known-good-versions-with-downloads.json | \
jq -r ".versions[].downloads.chromedriver | \
select(. != null) | .[].url" | grep linux64 | \
grep "$G_CHROME" | tail -1)
CHD_LTST=$(awk -F '/' '{print$7}' <<< "$CHD_LTST_DWNL")
GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
apt-get install -y google-chrome-stable
rm -rf /etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list
if [ -f /usr/local/bin/chromedriver ]; then
echo "Chromedriver already installed."
else
echo "Installing Chromedriver"
wget -q "$CHD_LTST_DWNL" \
-O /tmp/chromedriver_linux64.zip
unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/
mv /usr/local/bin/chromedriver-linux64/chromedriver /usr/local/bin/chromedriver
wget -q https://chromedriver.storage.googleapis.com/"$CHD_VER"/chromedriver_linux64.zip -O /tmp/chromedriver_linux64.zip
unzip /tmp/chromedriver_linux64.zip -d /usr/local/bin/
chown root:root /usr/local/bin/chromedriver
chmod 0755 /usr/local/bin/chromedriver
rm -rf /tmp/chromedriver_linux64.zip
rm -rf /tpm/chromedriver_linux64.zip
fi
printf "\nCheck Google Software Working...\n"
echo "
Check Google Software Working...
"
/usr/bin/google-chrome --version
/usr/local/bin/chromedriver --version | awk '{print$1,$2}'
@ -309,13 +301,15 @@ echo '
Start Jibri configuration
########################################################################
'
printf "\nRemove Chrome warning...\n"
echo "
Remove Chrome warning...
"
mkdir -p /etc/opt/chrome/policies/managed
echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON"
# Recording directory
if [ ! -d "$DIR_RECORD" ]; then
mkdir "$DIR_RECORD"
mkdir "$DIR_RECORD"
fi
chown -R jibri:jibri "$DIR_RECORD"
@ -331,10 +325,19 @@ echo "or storage provider, etc.) in this script" >> /tmp/finalize.out
chmod -R 770 \$RECORDINGS_DIR
LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -nr|sed 1d|awk '{print\$2}'| grep -v "meta\|_" | head -n1)"
NJF_NAME="\$(find \$LJF_PATH |grep "mp4"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)"
#Rename folder.
LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -n -r|awk '{print\$2}'| grep -v "meta\|-" | head -n1)"
NJF_NAME="\$(find \$LJF_PATH |grep -e "-"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)"
NJF_PATH="\$RECORDINGS_DIR/\$NJF_NAME"
mv \$LJF_PATH \$NJF_PATH
##Prevent empty recording directory failsafe
if [ "\$LJF_PATH" != "\$RECORDINGS_DIR" ]; then
mv \$LJF_PATH \$NJF_PATH
#Workaround for jibri to do cleaning.
ssh -i /home/jibri/jbsync.pem $MJS_USER@$MAIN_SRV_DOMAIN "rm -r \$LJF_PATH"
else
echo "No new folder recorded, not removing anything."
fi
exit 0
REC_DIR
@ -343,15 +346,117 @@ chmod +x "$REC_DIR"
## New Jibri Config (2020)
mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file
curl -s "$JIBRI_CONF_ONLINE" > "$JIBRI_CONF"
sed -i "s|JIBRI_RES_CONF|$JIBRI_RES_CONF|g" "$JIBRI_CONF"
sed -i "s|DIR_RECORD|$DIR_RECORD|g" "$JIBRI_CONF"
sed -i "s|REC_DIR|$REC_DIR|g" "$JIBRI_CONF"
sed -i "s|JB_NAME|$JB_NAME|g" "$JIBRI_CONF"
sed -i "s|DOMAIN|$MAIN_SRV_DOMAIN|g" "$JIBRI_CONF"
sed -i "s|JibriBrewery|$JibriBrewery|g" "$JIBRI_CONF"
sed -i "s|JB_AUTH_PASS|$JB_AUTH_PASS|g" "$JIBRI_CONF"
sed -i "s|JB_REC_PASS|$JB_REC_PASS|g" "$JIBRI_CONF"
cat << NEW_CONF > "$JIBRI_CONF"
// New XMPP environment config.
jibri {
streaming {
// A list of regex patterns for allowed RTMP URLs. The RTMP URL used
// when starting a stream must match at least one of the patterns in
// this list.
rtmp-allow-list = [
// By default, all services are allowed
".*"
]
}
ffmpeg {
resolution = "$JIBRI_RES_CONF"
}
chrome {
// The flags which will be passed to chromium when launching
flags = [
"--use-fake-ui-for-media-stream",
"--start-maximized",
"--kiosk",
"--enabled",
"--disable-infobars",
"--autoplay-policy=no-user-gesture-required",
"--ignore-certificate-errors",
"--disable-dev-shm-usage"
]
}
stats {
enable-stats-d = true
}
call-status-checks {
// If all clients have their audio and video muted and if Jibri does not
// detect any data stream (audio or video) comming in, it will stop
// recording after NO_MEDIA_TIMEOUT expires.
no-media-timeout = 30 seconds
// If all clients have their audio and video muted, Jibri consideres this
// as an empty call and stops the recording after ALL_MUTED_TIMEOUT expires.
all-muted-timeout = 10 minutes
// When detecting if a call is empty, Jibri takes into consideration for how
// long the call has been empty already. If it has been empty for more than
// DEFAULT_CALL_EMPTY_TIMEOUT, it will consider it empty and stop the recording.
default-call-empty-timeout = 30 seconds
}
recording {
recordings-directory = $DIR_RECORD
finalize-script = $REC_DIR
}
api {
xmpp {
environments = [
{
// A user-friendly name for this environment
name = "$JB_NAME"
// A list of XMPP server hosts to which we'll connect
xmpp-server-hosts = [ "$MAIN_SRV_DOMAIN" ]
// The base XMPP domain
xmpp-domain = "$MAIN_SRV_DOMAIN"
// The MUC we'll join to announce our presence for
// recording and streaming services
control-muc {
domain = "internal.auth.$MAIN_SRV_DOMAIN"
room-name = "$JibriBrewery"
nickname = "machine-id"
}
// The login information for the control MUC
control-login {
domain = "auth.$MAIN_SRV_DOMAIN"
username = "jibri"
password = "$JB_AUTH_PASS"
}
// An (optional) MUC configuration where we'll
// join to announce SIP gateway services
// sip-control-muc {
// domain = "domain"
// room-name = "room-name"
// nickname = "nickname"
// }
// The login information the selenium web client will use
call-login {
domain = "recorder.$MAIN_SRV_DOMAIN"
username = "recorder"
password = "$JB_REC_PASS"
}
// The value we'll strip from the room JID domain to derive
// the call URL
strip-from-room-domain = "conference."
// How long Jibri sessions will be allowed to last before
// they are stopped. A value of 0 allows them to go on
// indefinitely
usage-timeout = 0 hour
// Whether or not we'll automatically trust any cert on
// this XMPP domain
trust-all-xmpp-certs = true
}
]
}
}
}
NEW_CONF
#Jibri xorg resolution
sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" "$JIBRI_XORG_CONF"
@ -362,20 +467,16 @@ echo "$NJN_USER:$NJN_USER_PASS" | chpasswd
echo -e "\n---- We'll connect to main server ----"
read -n 1 -s -r -p "Press any key to continue..."$'\n'
sudo su "$NJN_USER" -c "ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -o -a 200 -q -N ''"
sudo su "$NJN_USER" -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
install -m 0600 -o jibri /home/"$NJN_USER"/.ssh/id_ed25519 /home/jibri/jbsync.pem
#Workaround for jibri to do cleaning.
install -m 0600 -o jibri /home/"$NJN_USER"/.ssh/id_rsa /home/jibri/jbsync.pem
sudo su jibri -c "install -D /dev/null /home/jibri/.ssh/known_hosts"
sudo su jibri -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts"
sudo su jibri -c "ssh-keyscan -t ed25519 $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts"
echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n"
ssh-keyscan -t rsa "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts
ssh-keyscan -t ed25519 "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts
[ -f /home/"$NJN_USER"/.ssh/id_rsa.pub ] && \
ssh "$MJS_USER"@"$MAIN_SRV_DOMAIN" sh -c "'cat >> .ssh/authorized_keys'" < /home/"$NJN_USER"/.ssh/id_rsa.pub
[ -f /home/"$NJN_USER"/.ssh/id_ed25519.pub ] && \
ssh "$MJS_USER"@"$MAIN_SRV_DOMAIN" sh -c "'cat >> .ssh/authorized_keys'" < /home/"$NJN_USER"/.ssh/id_ed25519.pub
ssh "$MJS_USER"@"$MAIN_SRV_DOMAIN" sh -c "'cat >> .ssh/authorized_keys'" < /home/"$NJN_USER"/.ssh/id_rsa.pub
sudo su "$NJN_USER" -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts"
echo -e "\n---- Setup Log system ----"
@ -390,7 +491,7 @@ exec 1>/var/log/"$NJN_USER"/remote_jnsync.log 2>&1
# Run sync
while true; do
inotifywait -t 60 -r -e modify,attrib,close_write,move,delete "$DIR_RECORD"
sudo su "$NJN_USER" -c "rsync -Aax --chmod=Dg+rwx,Fg+rw --info=progress2 --remove-source-files --exclude '.*/' $DIR_RECORD/ $MJS_USER@$MAIN_SRV_DOMAIN:$DIR_RECORD"
sudo su "$NJN_USER" -c "rsync -Aax --info=progress2 --remove-source-files --exclude '.*/' $DIR_RECORD/ $MJS_USER@$MAIN_SRV_DOMAIN:$DIR_RECORD"
find "$DIR_RECORD" -depth -type d -empty -not -path "$DIR_RECORD" -delete
done
INOT_RSYNC

17
add-jvb2-node.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# JVB2 Node Aggregator
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
### 0_LAST EDITION TIME STAMP ###
@ -16,13 +16,9 @@ do
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
set -x
fi
#Make sure the file name is the required one
@ -32,6 +28,13 @@ if [ ! "$(basename "$0")" = "add-jvb2-node.sh" ]; then
exit
fi
#Check admin rights
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
### 0_VAR_DEF
MAIN_SRV_DIST=TBD
MAIN_SRV_REPO=TBD

96
etherpad-docker.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Etherpad Installer for Jitsi Meet
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
#
# GPLv3 or later.
@ -13,8 +13,9 @@ do
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
@ -29,11 +30,9 @@ echo '
########################################################################
by Software, IT & Networks Ltd
'
FORGE_REPO="https://forge.switnet.net/switnet/quick-jibri-installer"
check_apt_policy() {
apt-cache policy 2>/dev/null| \
awk "/$1/{print \$3}" | \
awk -F '/' 'NR==1{print$2}'
apt-cache policy 2>/dev/null| awk "/$1/{print \$3}" | awk -F '/' 'NR==1{print$2}'
}
install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
@ -43,16 +42,6 @@ if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")"
apt-get -yq2 install "$1"
fi
}
# Test for matches
test_match() {
if grep -q "$1" "$2" ; then
echo "$(basename "$2") - OK..."
else
echo "$(basename "$2"), FAIL..."
echo "Please report this to $FORGE_REPO"
exit
fi
}
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
@ -60,26 +49,23 @@ PSGVER="$(apt-cache madison postgresql|tr -d '[:blank:]'|awk -F'[|+]' 'NR==1{pri
ETHERPAD_DB_USER="dockerpad"
ETHERPAD_DB_NAME="etherpad"
ETHERPAD_DB_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
WS_CONF_MATCH1="# ensure all static content can always be found first"
WS_MATCH2="upstream prosody {"
DOCKER_CE_REPO="$(check_apt_policy docker)"
echo "Add Docker repo"
if [ "$DOCKER_CE_REPO" = "stable" ]; then
echo "Docker repository already installed"
else
echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker-ce.list
wget -qO - https://download.docker.com/linux/ubuntu/gpg | \
gpg --dearmor | tee /etc/apt/trusted.gpg.d/docker-gpg-key.gpg >/dev/null
apt -q2 update
fi
read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS
install -m 600 /dev/null /var/opt/etherpad_details.txt
cat << EOF > /var/opt/etherpad_details.txt
ETHERPAD_ADMIN_PASS=$ETHERPAD_ADMIN_PASS
ETHERPAD_DB_USER=$ETHERPAD_DB_USER
ETHERPAD_DB_NAME=$ETHERPAD_DB_NAME
ETHERPAD_DB_PASS=$ETHERPAD_DB_PASS
EOF
# Make sure we can rely on the match strings.
printf "> Testing match strings on config files.\n"
test_match "$WS_MATCH1" "$WS_CONF"
test_match "$WS_MATCH2" "$WS_CONF"
# Install required packages
install_ifnot docker.io
install_ifnot docker-ce
install_ifnot postgresql-"$PSGVER"
# Create DB
@ -88,15 +74,15 @@ sudo -u postgres psql <<DB
CREATE DATABASE ${ETHERPAD_DB_NAME};
CREATE USER ${ETHERPAD_DB_USER} WITH ENCRYPTED PASSWORD '${ETHERPAD_DB_PASS}';
GRANT ALL PRIVILEGES ON DATABASE ${ETHERPAD_DB_NAME} TO ${ETHERPAD_DB_USER};
\c ${ETHERPAD_DB_NAME}
ALTER SCHEMA public OWNER TO ${ETHERPAD_DB_USER};
DB
echo " -- Your etherpad db password is: $ETHERPAD_DB_PASS"
echo -e " Please save it somewhere safe.\n"
# Check fot docker if not running then execute
if [ ! "$(docker ps -q -f name=etherpad)" ]; then
if [ "$(docker ps -aq -f status=exited -f name=etherpad)" ]; then
# cleanup
docker rm -f etherpad
docker rm etherpad
fi
# run your container
docker run -d --restart always \
@ -110,7 +96,7 @@ if [ ! "$(docker ps -q -f name=etherpad)" ]; then
-e "DB_NAME=$ETHERPAD_DB_NAME" \
-e "DB_USER=$ETHERPAD_DB_USER" \
-e "DB_PASS=$ETHERPAD_DB_PASS" \
etherpad/etherpad
-i -t etherpad/etherpad
fi
# Tune webserver for Jitsi App control
@ -119,31 +105,17 @@ if [ "$(grep -c etherpad "$WS_CONF")" != 0 ]; then
echo "> Webserver seems configured, skipping..."
elif [ -f "$WS_CONF" ]; then
echo "> Setting up webserver configuration file..."
if ! grep -q 'map $http_upgrade $connection_upgrade' "$WS_CONF"; then
echo " > Setting mapping upgrade connection."
sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections or Etherpad" "$WS_CONF"
sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF"
sed -i "/$WS_MATCH2/i }" "$WS_CONF"
else
echo " > Upgrade connection mapping already setup."
fi
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ #Etherpad block" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ location \^\~\ \/etherpad\/ {" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Upgrade \$http_upgrade;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Connection \$connection_upgrade;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header X-Forwarded-For \$remote_addr;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_buffering off;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_redirect off;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:9001\/;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ }" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \\\n" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ #Etherpad block" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ location \^\~\ \/etherpad\/ {" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:9001\/;" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_set_header X-Forwarded-For \$remote_addr;" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_buffering off;" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \\\n" "$WS_CONF"
else
echo "> No etherpad config done to server file, please report to:"
echo " -> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
echo "> No etherpad config done to server file, please report to:
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
fi
# Configure config.js
@ -151,7 +123,7 @@ if [ "$(grep -c "etherpad_base" "$WS_CONF")" != 0 ]; then
echo -e "> $MEET_CONF seems configured, skipping...\n"
else
echo -e "> Setting etherpad domain at $MEET_CONF...\n"
sed -i "s|// etherpad_base: .*|etherpad_base: \'https://$DOMAIN/etherpad/p/\',|" "$MEET_CONF"
sed -i "/ openSharedDocumentOnJoin:/a\ \ \ \ etherpad_base: \'https://$DOMAIN/etherpad/p/\'," "$MEET_CONF"
fi
echo "> Checking nginx configuration..."
@ -161,6 +133,6 @@ if nginx -t 2>/dev/null ; then
# systemctl reload nginx
else
echo "Please check your configuration, something may be wrong."
echo "Will not try to enable etherpad nginx configuration, please report to:"
echo " -> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
echo "Will not try to enable etherpad nginx configuration, please report to:
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
fi

38
excalidraw-backend.sh
View File

@ -4,27 +4,9 @@
# Based on:
# - https://community.jitsi.org/t/118883
#
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
# Reset
Color_Off='\e[0m' # Text Reset
# Regular Colors
@ -70,6 +52,24 @@ else
fi
}
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
clear
echo -e '\n
########################################################################

109
files/jibri.conf
View File

@ -1,109 +0,0 @@
// XMPP environment config.
jibri {
streaming {
// A list of regex patterns for allowed RTMP URLs. The RTMP URL used
// when starting a stream must match at least one of the patterns in
// this list.
rtmp-allow-list = [
// By default, all services are allowed
".*"
]
}
ffmpeg {
resolution = JIBRI_RES_CONF
}
chrome {
// The flags which will be passed to chromium when launching
flags = [
"--use-fake-ui-for-media-stream",
"--start-maximized",
"--kiosk",
"--enabled",
"--disable-infobars",
"--autoplay-policy=no-user-gesture-required",
"--ignore-certificate-errors",
"--disable-dev-shm-usage"
]
}
stats {
enable-stats-d = true
}
call-status-checks {
// If all clients have their audio and video muted and if Jibri does not
// detect any data stream (audio or video) comming in, it will stop
// recording after NO_MEDIA_TIMEOUT expires.
no-media-timeout = 30 seconds
// If all clients have their audio and video muted, Jibri consideres this
// as an empty call and stops the recording after ALL_MUTED_TIMEOUT expires.
all-muted-timeout = 10 minutes
// When detecting if a call is empty, Jibri takes into consideration for how
// long the call has been empty already. If it has been empty for more than
// DEFAULT_CALL_EMPTY_TIMEOUT, it will consider it empty and stop the recording.
default-call-empty-timeout = 30 seconds
}
recording {
recordings-directory = "DIR_RECORD"
finalize-script = "REC_DIR"
}
api {
xmpp {
environments = [
{
// A user-friendly name for this environment
name = "JB_NAME"
// A list of XMPP server hosts to which we'll connect
xmpp-server-hosts = [ "DOMAIN" ]
// The base XMPP domain
xmpp-domain = "DOMAIN"
// The MUC we'll join to announce our presence for
// recording and streaming services
control-muc {
domain = "internal.auth.DOMAIN"
room-name = "JibriBrewery"
nickname = "Live"
}
// The login information for the control MUC
control-login {
domain = "auth.DOMAIN"
username = "jibri"
password = "JB_AUTH_PASS"
}
// An (optional) MUC configuration where we'll
// join to announce SIP gateway services
// sip-control-muc {
// domain = "domain"
// room-name = "room-name"
// nickname = "nickname"
// }
// The login information the selenium web client will use
call-login {
domain = "recorder.DOMAIN"
username = "recorder"
password = "JB_REC_PASS"
}
// The value we'll strip from the room JID domain to derive
// the call URL
strip-from-room-domain = "conference."
// How long Jibri sessions will be allowed to last before
// they are stopped. A value of 0 allows them to go on
// indefinitely
usage-timeout = 0 hour
// Whether or not we'll automatically trust any cert on
// this XMPP domain
trust-all-xmpp-certs = true
}
]
}
}
}

74
grafana.sh
View File

@ -8,7 +8,7 @@
# by "mephisto"
#
# Igor Kerstges © - 2021
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
#
# GPLv3 or later.
@ -21,8 +21,9 @@ do
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
@ -42,22 +43,11 @@ systemctl enable "$1"
systemctl restart "$1"
systemctl status "$1"
}
test_match() {
if grep -q "$1" "$2" ; then
echo "$(basename "$2") - OK..."
else
echo "$(basename "$2"), FAIL..."
echo "Please report this to https://forge.switnet.net/switnet/quick-jibri-installer"
exit
fi
}
MAIN_TEL="/etc/telegraf/telegraf.conf"
TEL_JIT="/etc/telegraf/telegraf.d/jitsi.conf"
GRAFANA_INI="/etc/grafana/grafana.ini"
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
WS_MATCH1="# ensure all static content can always be found first"
WS_MATCH2="upstream prosody {"
GRAFANA_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)"
# Min requirements
@ -67,17 +57,11 @@ apt-get install -y gnupg2 \
wget \
jq
# Make sure we can rely on the match strings.
printf "> Testing match strings on config files.\n"
test_match "$WS_MATCH1" "$WS_CONF"
echo "
# Setup InfluxDB Packages
"
curl -s https://repos.influxdata.com/influxdata-archive.key > \
/etc/apt/trusted.gpg.d/influxdata-archive.key
echo "deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive.key] https://repos.influxdata.com/debian buster stable" | \
sudo tee /etc/apt/sources.list.d/influxdb.list
curl -s https://repos.influxdata.com/influxdata-archive.key > /etc/apt/trusted.gpg.d/influxdata-archive.key
echo "deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive.key] https://repos.influxdata.com/debian buster stable" | sudo tee /etc/apt/sources.list.d/influxdb.list
apt-get update && apt-get install influxdb -y
run_service influxdb
@ -86,8 +70,7 @@ echo "
"
curl -s https://apt.grafana.com/gpg-full.key | \
gpg --dearmor | tee /etc/apt/trusted.gpg.d/grafana-full-key.gpg >/dev/null
echo "deb https://packages.grafana.com/oss/deb stable main" | \
sudo tee /etc/apt/sources.list.d/grafana_com_oss_deb.list
add-apt-repository "deb https://packages.grafana.com/oss/deb stable main"
apt-get update && apt-get install grafana -y
run_service grafana-server
@ -155,13 +138,11 @@ echo '
# extra options to pass to the JVB daemon
JVB_OPTS="--apis=rest,xmpp"' >> /etc/jitsi/videobridge/config
sed -i "s|TRANSPORT=muc|TRANSPORT=muc,colibri|" /etc/jitsi/videobridge/sip-communicator.properties
# Enable videobridge REST API
hocon -f /etc/jitsi/videobridge/jvb.conf set videobridge.apis.rest.enabled true
systemctl restart jitsi-videobridge2
echo -e "\n# Setup Grafana nginx domain\n"
sed -i "s|;protocol =.*|protocol = http|" $GRAFANA_INI
sed -i "s|;http_addr =.*|http_addr = 127.0.0.1|" $GRAFANA_INI
sed -i "s|;http_addr =.*|http_addr = localhost|" $GRAFANA_INI
sed -i "s|;http_port =.*|http_port = 3000|" $GRAFANA_INI
sed -i "s|;domain =.*|domain = $DOMAIN|" $GRAFANA_INI
sed -i "s|;enforce_domain =.*|enforce_domain = false|" $GRAFANA_INI
@ -179,35 +160,10 @@ while [ $secs -gt 0 ]; do
done
if [ -f "$WS_CONF" ]; then
echo "> Setting up webserver configuration file..."
sed -i "/$WS_MATCH1/i \ \ \ \ # Proxy Grafana." "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ location ~ ^/(grafana/|grafana/login) {" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_pass http://grafana;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF"
sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ # Proxy Grafana Live WebSocket connections." "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ location /grafana/api/live/ {" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Upgrade \$http_upgrade;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Connection \$connection_upgrade;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_pass http://grafana;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF"
if ! grep -q 'map $http_upgrade $connection_upgrade' "$WS_CONF"; then
echo " > Setting mapping upgrade connection."
sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections or Etherpad" "$WS_CONF"
sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF"
sed -i "/$WS_MATCH2/i }" "$WS_CONF"
else
echo " > Upgrade connection mapping already setup."
fi
sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF"
sed -i "/$WS_MATCH2/i upstream grafana {" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ server localhost:3000;" "$WS_CONF"
sed -i "/$WS_MATCH2/i }" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ location \~ \^\/(grafana\/|grafana\/login) {" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:3000;" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \\\n" "$WS_CONF"
systemctl restart nginx
else
echo "No app configuration done to server file, please report to:
@ -223,7 +179,7 @@ PUT -H "Content-Type: application/json;charset=UTF-8" -d \
\"oldPassword\": \"admin\",
\"newPassword\": \"$GRAFANA_PASS\",
\"confirmNew\": \"$GRAFANA_PASS\"
}" http://127.0.0.1:3000/api/user/password; echo ""
}" http://localhost:3000/api/user/password; echo ""
echo "
# Create InfluxDB datasource
@ -233,16 +189,16 @@ POST -H 'Content-Type: application/json;charset=UTF-8' -d \
'{
"name": "InfluxDB",
"type": "influxdb",
"url": "http://127.0.0.1:8086",
"url": "http://localhost:8086",
"access": "proxy",
"isDefault": true,
"database": "jitsi"
}' http://127.0.0.1:3000/api/datasources; echo ""
}' http://localhost:3000/api/datasources; echo ""
echo "
# Add Grafana Dashboard
"
grafana_host="http://127.0.0.1:3000"
grafana_host="http://localhost:3000"
grafana_cred="admin:$GRAFANA_PASS"
grafana_datasource="InfluxDB"
ds=(11969);

1
images/watermark2.svg
View File

@ -1 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?><svg xmlns="http://www.w3.org/2000/svg" width="1" height="1"/>
Side by Side

Before

Width:  |  Height:  |  Size: 100 B

141
jigasi-vosk-backend.sh
View File

@ -1,141 +0,0 @@
#!/bin/bash
# Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems.
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
exit_if_not_installed() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then
echo " This instance doesn't have $1 installed, exiting..."
echo " If you think this is an error, please report to:
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues "
exit
fi
}
clear
echo ''
echo '########################################################################'
echo ' Jigasi Transcript addon'
echo '########################################################################'
echo ' by Software, IT & Networks Ltd'
echo ''
exit_if_not_installed jitsi-meet
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
JIG_TRANSC_PASWD="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 16 | head -n1)"
JIG_SIP_PROP="/etc/jitsi/jigasi/sip-communicator.properties"
export DOMAIN
export JIG_TRANSC_PASWD
apt-get -q2 update
# Disable SIP account prompt by default
echo "jigasi jigasi/sip-account string ''" | debconf-set-selections
echo "jigasi jigasi/sip-password password ''" | debconf-set-selections
echo "Installing Jigasi, SIP configuration disabled by default."
apt-get -y install gettext-base jigasi docker.io
echo "Please select a language for the VOSK transcription model:"
echo "1) Chinese"
echo "2) English"
echo "3) French"
echo "4) German"
echo "5) Hindi"
echo "6) Japanese"
echo "7) Russian"
echo "8) Spanish"
read -p "Enter the number corresponding to your language choice: " -r lang_choice
case $lang_choice in
1)
echo "You selected Chinese."
VOSK_DOCKER_MODEL="alphacep/kaldi-cn"
;;
2)
echo "You selected English."
VOSK_DOCKER_MODEL="alphacep/kaldi-en"
;;
3)
echo "You selected French."
VOSK_DOCKER_MODEL="alphacep/kaldi-fr"
;;
4)
echo "You selected German."
VOSK_DOCKER_MODEL="alphacep/kaldi-de"
;;
5)
echo "You selected Hindi."
VOSK_DOCKER_MODEL="alphacep/kaldi-hi"
;;
6)
echo "You selected Japanese."
VOSK_DOCKER_MODEL="alphacep/kaldi-ja"
;;
7)
echo "You selected Russian."
VOSK_DOCKER_MODEL="alphacep/kaldi-ru"
;;
8)
echo "You selected Spanish."
VOSK_DOCKER_MODEL="alphacep/kaldi-es"
;;
*)
echo "Invalid selection. Please choose a number between 1 and 8."
;;
esac
# Running selected VOSK docker model.
docker run -d --restart always -p 2700:2700 ${VOSK_DOCKER_MODEL}:latest
echo "Setting up Jigasi transcript with current platform..."
# Jitsi Meet
echo "> Patching Jitsi Meet's config.js for Transcription support."
echo " Read more at patches/jigasi/001-jigasi-meet-config.patch file"
envsubst < patches/jigasi/001-jigasi-meet-config.patch | \
patch --no-backup-if-mismatch -d / -p1
# Jigasi
echo "> Patching jigasi's sip-communicator.properties configuration."
echo " Read more at patches/jigasi/002-jigasi-sip-properties.patch file"
cp "$JIG_SIP_PROP" ${JIG_SIP_PROP}-dpkg-file
envsubst < patches/jigasi/002-jigasi-sip-properties.patch | \
patch --no-backup-if-mismatch -d / -p1
# Create transcribe user on hidden domain.
prosodyctl register transcriber recorder."$DOMAIN" "$JIG_TRANSC_PASWD"
# Restart services.
systemctl restart prosody \
jicofo \
jigasi \
jibri* \
jitsi-videobridge2
echo ""
echo "Full transcript files are available at:"
echo "--> /var/lib/jigasi/transcripts/"
echo ""
echo "Happy transcripting!"
echo ""

16
jitsi-updater.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash
# Jitsi Meet recurring upgrader and customization keeper
# for Debian/*buntu binaries.
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option
@ -13,13 +13,9 @@ do
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
set -x
fi
Blue='\e[0;34m'
@ -31,7 +27,11 @@ Color_Off='\e[0m'
printwc() {
printf "%b$2%b" "$1" "${Color_Off}"
}
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
if [ ! -f jm-bm.sh ]; then
echo "Please check that you are running the jitsi updater while being on the project folder"
echo "other wise the updater might have errors or be incomplete. Exiting..."

46
jm-bm.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash
# Jitsi Meet brandless mode
# for Debian/*buntu binaries.
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option
@ -13,13 +13,9 @@ do
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
set -x
fi
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
@ -31,7 +27,6 @@ BUNDLE_JS="/usr/share/jitsi-meet/libs/app.bundle.min.js"
#
JM_IMG_PATH="/usr/share/jitsi-meet/images"
WTM2_PATH="$JM_IMG_PATH/watermark2.png"
WTM2_SVG_PATH="$JM_IMG_PATH/watermark2.svg"
FICON_PATH="$JM_IMG_PATH/favicon2.ico"
REC_ICON_PATH="$JM_IMG_PATH/gnome_record.png"
#
@ -41,30 +36,29 @@ PART_USER="Participant"
LOCAL_USER="me"
#
#SEC_ROOM="TBD"
copy_if_not_there() {
if [ ! -f "$1" ]; then
cp images/"$(echo $1|xargs basename)" "$1"
else
echo "$(echo $1|xargs basename) file exists, skipping copying..."
fi
}
echo '
#--------------------------------------------------
# Applying Brandless mode
#--------------------------------------------------
'
#Watermark
copy_if_not_there "$WTM2_PATH"
#Watermark svg
copy_if_not_there "$WTM2_SVG_PATH"
if [ ! -f "$WTM2_PATH" ]; then
cp images/watermark2.png "$WTM2_PATH"
else
echo "watermark2 file exists, skipping copying..."
fi
#Favicon
copy_if_not_there "$FICON_PATH"
if [ ! -f "$FICON_PATH" ]; then
cp images/favicon2.ico "$FICON_PATH"
else
echo "favicon2 file exists, skipping copying..."
fi
#Local recording icon
copy_if_not_there "$REC_ICON_PATH"
if [ ! -f "$REC_ICON_PATH" ];then
cp images/gnome_record.png "$REC_ICON_PATH"
else
echo "recording icon exists, skipping copying..."
fi
#Custom / Remove icons
sed -i "s|watermark.png|watermark2.png|g" "$CSS_FILE"
@ -76,10 +70,6 @@ sed -i "s|icon-cloud.png|gnome_record.png|g" "$BUNDLE_JS"
if ! grep -q ".leftwatermark{display:none" "$CSS_FILE" ; then
sed -i "s|.leftwatermark{|.leftwatermark{display:none;|" "$CSS_FILE"
fi
#Replace App logo
sed -i "s|// defaultLogoUrl: .*| defaultLogoUrl: 'images/watermark2.svg',|" "$MEET_CONF"
#Overwrite favicon svg
cp images/watermark2.svg $JM_IMG_PATH/favicon.svg
#Customize room title
sed -i "s|Jitsi Meet|$APP_NAME|g" "$TITLE_FILE"

16
jra_nextcloud.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# JRA (Jibri Recordings Access) via Nextcloud
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option
@ -12,6 +12,7 @@ do
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
@ -20,7 +21,6 @@ if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
exit_if_not_installed() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then
echo " This instance doesn't have $1 installed, exiting..."
@ -59,7 +59,7 @@ DIR_RECORD="$(awk -F '"' '/RECORDING/{print$2}' /home/jibri/finalize_recording
REDIS_CONF="/etc/redis/redis.conf"
JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
[ -f "$JITSI_MEET_PROXY" ] && PREAD_PROXY=$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" -f1)
PUBLIC_IP="$(wget -qO- https://api.ipify.org)"
PUBLIC_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)"
ISO3166_CODE=TBD
NL="$(printf '\n ')"
@ -132,10 +132,9 @@ sleep .1
#Enable HSTS
while [ "$ENABLE_HSTS" != "yes" ] && [ "$ENABLE_HSTS" != "no" ]
do
read -p "> Do you want to enable HSTS for this domain? (yes or no) [default: no]:
Be aware this option apply mid-term effects on the domain, choose \"no\" or leave empty
read -p "> Do you want to enable HSTS for this domain?: (yes or no)
Be aware this option apply mid-term effects on the domain, choose \"no\"
in case you don't know what you are doing. More at https://hstspreload.org/$NL" -r ENABLE_HSTS
ENABLE_HSTS=${ENABLE_HSTS:-no}
if [ "$ENABLE_HSTS" = "no" ]; then
echo " - HSTS won't be enabled."
elif [ "$ENABLE_HSTS" = "yes" ]; then
@ -164,7 +163,7 @@ if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")
echo "jitsi meet/jibri is installed, checking version:"
apt-show-versions jibri
else
echo "Wait!, jitsi-meet/jibri is not installed on this system via apt, exiting..."
echo "Wait!, jitsi-meet/jibri is not installed on this system using apt, exiting..."
exit
fi
@ -197,10 +196,7 @@ sudo -u postgres psql <<DB
CREATE DATABASE nextcloud_db;
CREATE USER ${NC_DB_USER} WITH ENCRYPTED PASSWORD '${NC_DB_PASSWD}';
GRANT ALL PRIVILEGES ON DATABASE ${NC_DB} TO ${NC_DB_USER};
\c nextcloud_db
ALTER SCHEMA public OWNER TO ${NC_DB_USER};
DB
echo -e "\nDone!\n"
# Add .mjs as a file extension for javascript

2
mode/chp-mode.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Custom High Performance Jitsi conf
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option

2
mode/grid/selenium-grid-docker.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash
# Custom Selenium Grid-Node fro Jitsi Meet
# Pandian © - https://community.jitsi.org/u/Pandian
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option

2
mode/jms-stu.sh
View File

@ -2,7 +2,7 @@
# System-tune-up to remove system software restrictions on a huge load of connections.
# Be aware that hardware/infrastructure resources are the most common limiters.
#
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option

2
mode/jwt.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# JWT Mode Setup
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option

40
patches/jigasi/001-jigasi-meet-config.patch
View File

@ -1,40 +0,0 @@
# Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems.
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
Enable transcription on jitsi meet config.js file.
diff --git a/etc/jitsi/meet/${DOMAIN}-config.js b/etc/jitsi/meet/${DOMAIN}-config.js
index f412891..f704157 100644
--- a/etc/jitsi/meet/${DOMAIN}-config.js
+++ b/etc/jitsi/meet/${DOMAIN}-config.js
@@ -426,9 +426,9 @@ var config = {
// autoCaptionOnRecord: false,
// Transcription options.
- // transcription: {
+ transcription: {
// // Whether the feature should be enabled or not.
- // enabled: false,
+ enabled: true,
// // Translation languages.
// // Available languages can be found in
@@ -443,7 +443,7 @@ var config = {
// // detected based on the environment, e.g. if the app is opened in a chrome instance which
// // is using french as its default language then transcriptions for that participant will be in french.
// // Defaults to true.
- // useAppLanguage: true,
+ useAppLanguage: true,
// // Transcriber language. This settings will only work if "useAppLanguage"
// // is explicitly set to false.
@@ -484,7 +484,7 @@ var config = {
// // Enables automatic request of subtitles when transcriber is present in the meeting, uses the default
// // language that is set
// autoCaptionOnTranscribe: false,
- // },
+ },
// Misc

80
patches/jigasi/002-jigasi-sip-properties.patch
View File

@ -1,80 +0,0 @@
# Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems.
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
Modify sip-communicator.properties to run Jigasi along with VOSK Models.
diff --git a/etc/jitsi/jigasi/sip-communicator.properties b/etc/jitsi/jigasi/sip-communicator.properties
index 7a8d0f3..ae5369a 100644
--- a/etc/jitsi/jigasi/sip-communicator.properties
+++ b/etc/jitsi/jigasi/sip-communicator.properties
@@ -165,12 +165,12 @@ org.jitsi.jigasi.xmpp.acc.USE_DEFAULT_STUN_SERVER=false
# If you want jigasi to perform authenticated login instead of anonymous login
# to the XMPP server, you can set the following properties.
-# org.jitsi.jigasi.xmpp.acc.USER_ID=SOME_USER@SOME_DOMAIN
-# org.jitsi.jigasi.xmpp.acc.PASS=SOME_PASS
-# org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false
+org.jitsi.jigasi.xmpp.acc.USER_ID=transcriber@recorder.${DOMAIN}
+org.jitsi.jigasi.xmpp.acc.PASS=${JIG_TRANSC_PASWD}
+org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false
# To fix SSL/TLS required by client but not supported by server
-#org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true
+org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true
# Can be used in combination with jitsi-meet module mod_auth_jitsi-shared-secret
# To have jigasi use a random username on every call
@@ -187,7 +187,7 @@ org.jitsi.jigasi.xmpp.acc.USE_DEFAULT_STUN_SERVER=false
# Activate this property if you are using self-signed certificates or other
# type of non-trusted certicates. In this mode your service trust in the
# remote certificates always.
-# net.java.sip.communicator.service.gui.ALWAYS_TRUST_MODE_ENABLED=true
+net.java.sip.communicator.service.gui.ALWAYS_TRUST_MODE_ENABLED=true
# Enable this property to be able to shutdown gracefully jigasi using
# a rest command
@@ -196,31 +196,31 @@ org.jitsi.jigasi.xmpp.acc.USE_DEFAULT_STUN_SERVER=false
# Options regarding Transcription. Read the README for a detailed description
# about each property
-#org.jitsi.jigasi.ENABLE_TRANSCRIPTION=false
-#org.jitsi.jigasi.ENABLE_SIP=true
+org.jitsi.jigasi.ENABLE_TRANSCRIPTION=true
+org.jitsi.jigasi.ENABLE_SIP=false
# whether to use the more expensive, but better performing
# "video" model when doing transcription
# org.jitsi.jigasi.transcription.USE_VIDEO_MODEL = false
# delivering final transcript
-# org.jitsi.jigasi.transcription.DIRECTORY=/var/lib/jigasi/transcripts
-# org.jitsi.jigasi.transcription.BASE_URL=http://localhost/
-# org.jitsi.jigasi.transcription.jetty.port=-1
-# org.jitsi.jigasi.transcription.ADVERTISE_URL=false
+org.jitsi.jigasi.transcription.DIRECTORY=/var/lib/jigasi/transcripts
+org.jitsi.jigasi.transcription.BASE_URL=http://localhost/
+org.jitsi.jigasi.transcription.jetty.port=-1
+org.jitsi.jigasi.transcription.ADVERTISE_URL=false
# save formats
-# org.jitsi.jigasi.transcription.SAVE_JSON=false
-# org.jitsi.jigasi.transcription.SAVE_TXT=true
+org.jitsi.jigasi.transcription.SAVE_JSON=false
+org.jitsi.jigasi.transcription.SAVE_TXT=true
# send formats
-# org.jitsi.jigasi.transcription.SEND_JSON=true
-# org.jitsi.jigasi.transcription.SEND_TXT=false
+org.jitsi.jigasi.transcription.SEND_JSON=true
+org.jitsi.jigasi.transcription.SEND_TXT=false
# Vosk server
-# org.jitsi.jigasi.transcription.customService=org.jitsi.jigasi.transcription.VoskTranscriptionService
+org.jitsi.jigasi.transcription.customService=org.jitsi.jigasi.transcription.VoskTranscriptionService
# org.jitsi.jigasi.transcription.vosk.websocket_url={"en": "ws://localhost:2700", "fr": "ws://localhost:2710"}
-# org.jitsi.jigasi.transcription.vosk.websocket_url=ws://localhost:2700
+org.jitsi.jigasi.transcription.vosk.websocket_url=ws://localhost:2700
# Whisper live transcription server
# org.jitsi.jigasi.transcription.customService=org.jitsi.jigasi.transcription.WhisperTranscriptionService

66
patches/jitsi-meet/001-jitsi-meet-enable-livestreaming-and-recording.patch
View File

@ -1,66 +0,0 @@
# Quick Jibri Installer - *buntu (LTS) based systems.
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
Patch jitsi-meet config.js to enable recording and livestreaming by default.
diff --git a/etc/jitsi/meet/${DOMAIN}-config.js b/etc/jitsi/meet/${DOMAIN}-config.js
index dcb860b..8f64c7c 100644
--- a/etc/jitsi/meet/${DOMAIN}-config.js
+++ b/etc/jitsi/meet/${DOMAIN}-config.js
@@ -343,12 +343,12 @@ var config = {
// // showPrejoinWarning: true,
// },
- // recordingService: {
+ recordingService: {
// // When integrations like dropbox are enabled only that will be shown,
// // by enabling fileRecordingsServiceEnabled, we show both the integrations
// // and the generic recording service (its configuration and storage type
// // depends on jibri configuration)
- // enabled: false,
+ enabled: true,
// // Whether to show the possibility to share file recording with other people
// // (e.g. meeting participants), based on the actual implementation
@@ -357,7 +357,7 @@ var config = {
// // Hide the warning that says we only store the recording for 24 hours.
// hideStorageWarning: false,
- // },
+ },
// DEPRECATED. Use recordingService.enabled instead.
// fileRecordingsServiceEnabled: false,
@@ -368,7 +368,7 @@ var config = {
// Local recording configuration.
// localRecording: {
// // Whether to disable local recording or not.
- // disable: false,
+ // disable: true,
// // Whether to notify all participants when a participant is recording locally.
// notifyAllParticipants: false,
@@ -378,9 +378,9 @@ var config = {
// },
// Customize the Live Streaming dialog. Can be modified for a non-YouTube provider.
- // liveStreaming: {
+ liveStreaming: {
// // Whether to enable live streaming or not.
- // enabled: false,
+ enabled: true,
// // Terms link
// termsLink: 'https://www.youtube.com/t/terms',
// // Data privacy link
@@ -388,8 +388,8 @@ var config = {
// // RegExp string that validates the stream key input field
// validatorRegExpString: '^(?:[a-zA-Z0-9]{4}(?:-(?!$)|$)){4}',
// // Documentation reference for the live streaming feature.
- // helpLink: 'https://jitsi.org/live'
- // },
+ helpLink: 'https://forge.switnet.net/switnet/quick-jibri-installer'
+ },
// DEPRECATED. Use liveStreaming.enabled instead.
// liveStreamingEnabled: false,

31
patches/jitsi-meet/002-jitsi-meet-welcome-page-on-off.patch
View File

@ -1,31 +0,0 @@
# Quick Jibri Installer - *buntu (LTS) based systems.
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
Patch jitsi-meet config.js to enable/disable welcome page.
diff --git a/etc/jitsi/meet/${DOMAIN}-config.js b/etc/jitsi/meet/${DOMAIN}-config.js
index dcb860b..2094287 100644
--- a/etc/jitsi/meet/${DOMAIN}-config.js
+++ b/etc/jitsi/meet/${DOMAIN}-config.js
@@ -664,13 +664,13 @@ var config = {
// enableWelcomePage: true,
// Configs for welcome page.
- // welcomePage: {
- // // Whether to disable welcome page. In case it's disabled a random room
- // // will be joined when no room is specified.
- // disabled: false,
- // // If set, landing page will redirect to this URL.
- // customUrl: ''
- // },
+ welcomePage: {
+ // Whether to disable welcome page. In case it's disabled a random room
+ // will be joined when no room is specified.
+ disabled: ${ENABLE_WELCP_BOL},
+ // If set, landing page will redirect to this URL.
+ customUrl: ''
+ },
// Configs for the lobby screen.
// lobby: {

343
quick_jibri_installer.sh
View File

@ -1,21 +1,21 @@
#!/bin/bash
# Quick Jibri Installer - *buntu (LTS) based systems.
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
{
echo "Started at $(date +'%Y-%m-%d %H:%M:%S')" >> qj-installer.log
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
export MODE=debug
set -x
fi
@ -38,7 +38,7 @@ DIST=$(lsb_release -sc)
GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list"
GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}')
PROSODY_REPO="$(apt-cache policy | awk '/prosody/{print$3}' | awk -F "/" 'NR==1{print$2}')"
PUBLIC_IP="$(wget -qO- https://api.ipify.org)"
PUBLIC_IP="$(dig -4 +short myip.opendns.com @resolver1.opendns.com)"
NL="$(printf '\n ')"
NODEJS_VER="18"
JITSI_GPG_KEY="/etc/apt/trusted.gpg.d/jitsi-key.gpg.key"
@ -52,13 +52,13 @@ printwc() {
printf "%b$2%b" "$1" "${Color_Off}"
}
exit_ifinstalled() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo -e "\nThis instance already has $1 installed, exiting..."
echo -e "Please try again on a clean system."
echo -e " If you think this is an error, please report to:"
echo -e " -> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
exit
fi
exit
fi
}
exit_ifinstalled jitsi-meet
@ -68,9 +68,8 @@ rename_distro() {
fi
}
#Trisquel distro upstream referencing.
rename_distro nabia focal
rename_distro aramo jammy
rename_distro ecne noble
rename_distro nabia focal
rename_distro aramo jammy
install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
@ -117,6 +116,12 @@ check_snd_driver() {
var_dlim() {
grep -n "$1" add-jibri-node.sh|head -n1|cut -d ":" -f1
}
add_gpg_keyring() {
apt-key adv --recv-keys --keyserver keyserver.ubuntu.com \$1
apt-key export \$1 | gpg --dearmour | tee /tmp/\$1.gpg >/dev/null
apt-key del \$1
mv /tmp/\$1.gpg /etc/apt/trusted.gpg.d/
}
add_prosody_repo() {
echo "Add Prosody repo"
if [ "$PROSODY_REPO" = "main" ]; then
@ -184,8 +189,7 @@ fi
printf "\nOS: %s" "$(lsb_release -sd)"
if [ "$DIST" = "focal" ] || \
[ "$DIST" = "jammy" ] || \
[ "$DIST" = "noble" ]; then
[ "$DIST" = "jammy" ]; then
printf "\nGood, this is a supported platform!"
else
printf "\nSorry, this platform is not supported... exiting"
@ -382,7 +386,7 @@ apt-get -y install \
curl \
ffmpeg \
git \
btop \
htop \
jq \
net-tools \
rsync \
@ -400,7 +404,6 @@ apt-get -y install \
fi
fi
###FIXME: Trisquel support broken by lsb_release usage###
echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" \
2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)")"
@ -416,9 +419,11 @@ fi
check_serv
echo "
#--------------------------------------------------
print_title "Install Jitsi Framework"
# Install Jitsi Framework
#--------------------------------------------------
"
if [ "$LE_SSL" = "yes" ]; then
echo "set jitsi-meet/cert-choice select $CERT_CHOICE_DEBCONF" \
| debconf-set-selections
@ -463,9 +468,7 @@ elif [ "$(npm list -g esprima 2>/dev/null | grep -c "esprima")" == "1" ]; then
echo "Good. Esprima package is already installed"
fi
#--------------------------------------------------
print_title "Installing Google Chrome / ChromeDriver"
#--------------------------------------------------
echo "# Installing Google Chrome / ChromeDriver"
if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then
echo "Google repository already set."
else
@ -480,10 +483,7 @@ rm -rf "$GOOGL_REPO"
G_CHROME=$(apt-cache madison google-chrome-stable|awk '{print$3}'|cut -d. -f1-3)
CHROMELAB_URL="https://googlechromelabs.github.io/chrome-for-testing"
CHD_LTST_DWNL=$(curl -s $CHROMELAB_URL/known-good-versions-with-downloads.json | \
jq -r ".versions[].downloads.chromedriver | \
select(. != null) | .[].url" | grep linux64 | \
grep "$G_CHROME" | tail -1)
CHD_LTST_DWNL=$(curl -s $CHROMELAB_URL/known-good-versions-with-downloads.json | jq -r ".versions[].downloads.chromedriver | select(. != null) | .[].url" | grep linux64 | grep "$G_CHROME" | tail -1)
CHD_LTST=$(awk -F '/' '{print$7}' <<< "$CHD_LTST_DWNL")
GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
@ -538,20 +538,19 @@ JB_NAME="Jibri Sessions"
LE_RENEW_LOG="/var/log/letsencrypt/renew.log"
MOD_LISTU="https://prosody.im/files/mod_listusers.lua"
MOD_LIST_FILE="/usr/lib/prosody/modules/mod_listusers.lua"
ENABLE_SA="yes"
MJS_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
MJS_USER="jbsync_$MJS_RAND_TAIL"
MJS_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)"
FQDN_HOST="fqdn"
JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf"
WS_MATCH1="# ensure all static content can always be found first"
WS_MATCH2="external_api.js"
MEET_MATCH1="disable simulcast support."
export DOMAIN
#GC_SDK_REL_FILE="http://packages.cloud.google.com/apt/dists/cloud-sdk-$(lsb_release -sc)/Release"
# Make sure we can rely on the match strings.
printf "> Testing match strings on config files.\n"
test_match "$WS_MATCH1" "$WS_CONF"
test_match "$WS_MATCH2" "$WS_CONF"
test_match "$MEET_MATCH1" "$MEET_CONF"
# Rename hostname for jitsi server
@ -568,6 +567,18 @@ do
fi
done
sleep .1
#Language
echo "## Setting up Jitsi Meet language ##
You can define the language, for a complete list of the supported languages
See here:
https://github.com/jitsi/jitsi-meet/blob/master/lang/languages.json"
printf "Jitsi Meet web interface will be set to use such language.\n\n"
sleep .1
read -p "Please set your language (Press enter to default to 'en'):$NL" -r JB_LANG
sleep .1
printf "\nWe'll take a minute to localize some UI excerpts if you need.\n\n"
sleep .1
#Participant
printf "> Do you want to translate 'Participant' to your own language?\n"
sleep .1
@ -581,17 +592,15 @@ sleep .1
read -p "Leave empty to use the default one (English):$NL" -r L10N_ME
#Drop unsecure TLS
if grep -qE 'TLSv1(\.1)?' /etc/nginx/nginx.conf; then
while [ "$DROP_TLS1" != "yes" ] && [ "$DROP_TLS1" != "no" ]
do
read -p "> Do you want to drop support for unsecure protocols TLSv1.0/1.1 now: (yes or no)$NL" -r DROP_TLS1
if [ "$DROP_TLS1" = "no" ]; then
printf " - TLSv1.0/1.1 will remain.\n\n"
elif [ "$DROP_TLS1" = "yes" ]; then
printf " - TLSv1.0/1.1 will be dropped\n\n"
fi
done
fi
while [ "$DROP_TLS1" != "yes" ] && [ "$DROP_TLS1" != "no" ]
do
read -p "> Do you want to drop support for unsecure protocols TLSv1.0/1.1 now: (yes or no)$NL" -r DROP_TLS1
if [ "$DROP_TLS1" = "no" ]; then
printf " - TLSv1.0/1.1 will remain.\n\n"
elif [ "$DROP_TLS1" = "yes" ]; then
printf " - TLSv1.0/1.1 will be dropped\n\n"
fi
done
sleep .1
#Brandless Mode
while [ "$ENABLE_BLESSM" != "yes" ] && [ "$ENABLE_BLESSM" != "no" ]
@ -702,16 +711,24 @@ do
done
sleep .1
##Jigasi
while [ "$ENABLE_TRANSCRIPT" != "yes" ] && [ "$ENABLE_TRANSCRIPT" != "no" ]
do
read -p "> Do you want to setup Jigasi Transcription: (yes or no)
#if [ "$(curl -s -o /dev/null -w "%{http_code}" "$GC_SDK_REL_FILE" )" == "404" ]; then
#printf "> Sorry Google SDK doesn't have support yet for %s,
#thus, Jigasi Transcript can't be enable.\n\n" "$(lsb_release -sd)"
#elif [ "$(curl -s -o /dev/null -w "%{http_code}" "$GC_SDK_REL_FILE" )" == "200" ]; then
#while [ "$ENABLE_TRANSCRIPT" != "yes" ] && [ "$ENABLE_TRANSCRIPT" != "no" ]
#do
#read -p "> Do you want to setup Jigasi Transcription: (yes or no)
#( Please check requirements at: https://forge.switnet.net/switnet/quick-jibri-installer )$NL" -r ENABLE_TRANSCRIPT
if [ "$ENABLE_TRANSCRIPT" = "no" ]; then
printf " - Jigasi Transcription won't be enabled.\n\n"
elif [ "$ENABLE_TRANSCRIPT" = "yes" ]; then
printf " - Jigasi Transcription will be enabled.\n\n"
fi
done
#if [ "$ENABLE_TRANSCRIPT" = "no" ]; then
#printf " - Jigasi Transcription won't be enabled.\n\n"
#elif [ "$ENABLE_TRANSCRIPT" = "yes" ]; then
#printf " - Jigasi Transcription will be enabled.\n\n"
#fi
#done
#else
#echo "No valid option for Jigasi. Please report this to
#https://forge.switnet.net/switnet/quick-jibri-installer/issues"
#fi
sleep .1
#Grafana
while [ "$ENABLE_GRAFANA_DSH" != "yes" ] && [ "$ENABLE_GRAFANA_DSH" != "no" ]
@ -796,9 +813,7 @@ restart_services() {
# Configure Jvb2
sed -i "/shard.HOSTNAME/s|localhost|$DOMAIN|" "$JVB2_SIP"
#--------------------------------------------------
print_title "Configure Jibri"
#--------------------------------------------------
# Configure Jibri
if [ "$ENABLE_SC" = "yes" ]; then
if [ ! -f "$MOD_LIST_FILE" ]; then
printf "\n-> Adding external module to list prosody users...\n"
@ -857,17 +872,23 @@ BREWERY
# Jibri tweaks for /etc/jitsi/meet/$DOMAIN-config.js
sed -i "s|conference.$DOMAIN|internal.auth.$DOMAIN|" "$MEET_CONF"
#New recording implementation.
sed -i "s|// recordingService:|recordingService:|" "$MEET_CONF"
sed -i "/recordingService/,/hideStorageWarning/s|// enabled: false,| enabled: true,|" "$MEET_CONF"
sed -i "/hideStorageWarning: false/,/Local recording configuration/s|// },|},|" "$MEET_CONF"
sed -i "s|// liveStreamingEnabled: false,|liveStreamingEnabled: true,\\
\\
hiddenDomain: \'recorder.$DOMAIN\',|" "$MEET_CONF"
#Enable recording & livestreaming by default.
echo -e "\n> Patching config.js to enable recording and livestreaming by default..."
echo -e " Read more about patches at the patches folder.\n"
envsubst < \
patches/jitsi-meet/001-jitsi-meet-enable-livestreaming-and-recording.patch | \
patch --no-backup-if-mismatch -d / -p1
#Setup main language
if [ -z "$JB_LANG" ] || [ "$JB_LANG" = "en" ]; then
echo "Leaving English (en) as default language..."
sed -i "s|// defaultLanguage: 'en',|defaultLanguage: 'en',|" "$MEET_CONF"
else
echo "Changing default language to: $JB_LANG"
sed -i "s|// defaultLanguage: 'en',|defaultLanguage: \'$JB_LANG\',|" "$MEET_CONF"
fi
#Prepare hidden domain for jibri/jigasi silent users.
sed -i "/fileRecordingsServiceEnabled: false,/a \\
hiddenDomain: \'recorder.$DOMAIN\'," "$MEET_CONF"
# Recording directory
if [ ! -d "$DIR_RECORD" ]; then
mkdir "$DIR_RECORD"
@ -886,8 +907,8 @@ echo "or storage provider, etc.) in this script" >> /tmp/finalize.out
chmod -R 770 \$RECORDINGS_DIR
LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -nr|sed 1d|awk '{print\$2}'| grep -v "meta\|_" | head -n1)"
NJF_NAME="\$(find \$LJF_PATH |grep "mp4"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)"
LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -n -r|awk '{print\$2}'| grep -v "meta\|-" | head -n1)"
NJF_NAME="\$(find \$LJF_PATH |grep -e "-"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)"
NJF_PATH="\$RECORDINGS_DIR/\$NJF_NAME"
mv \$LJF_PATH \$NJF_PATH
@ -898,15 +919,117 @@ chmod +x "$REC_DIR"
## New Jibri Config (2020)
mv "$JIBRI_CONF" ${JIBRI_CONF}-dpkg-file
cp files/jibri.conf "$JIBRI_CONF"
sed -i "s|JIBRI_RES_CONF|$JIBRI_RES_CONF|g" "$JIBRI_CONF"
sed -i "s|DIR_RECORD|$DIR_RECORD|g" "$JIBRI_CONF"
sed -i "s|REC_DIR|$REC_DIR|g" "$JIBRI_CONF"
sed -i "s|JB_NAME|$JB_NAME|g" "$JIBRI_CONF"
sed -i "s|DOMAIN|$DOMAIN|g" "$JIBRI_CONF"
sed -i "s|JibriBrewery|$JibriBrewery|g" "$JIBRI_CONF"
sed -i "s|JB_AUTH_PASS|$JB_AUTH_PASS|g" "$JIBRI_CONF"
sed -i "s|JB_REC_PASS|$JB_REC_PASS|g" "$JIBRI_CONF"
cat << NEW_CONF > "$JIBRI_CONF"
// New XMPP environment config.
jibri {
streaming {
// A list of regex patterns for allowed RTMP URLs. The RTMP URL used
// when starting a stream must match at least one of the patterns in
// this list.
rtmp-allow-list = [
// By default, all services are allowed
".*"
]
}
ffmpeg {
resolution = $JIBRI_RES_CONF
}
chrome {
// The flags which will be passed to chromium when launching
flags = [
"--use-fake-ui-for-media-stream",
"--start-maximized",
"--kiosk",
"--enabled",
"--disable-infobars",
"--autoplay-policy=no-user-gesture-required",
"--ignore-certificate-errors",
"--disable-dev-shm-usage"
]
}
stats {
enable-stats-d = true
}
call-status-checks {
// If all clients have their audio and video muted and if Jibri does not
// detect any data stream (audio or video) comming in, it will stop
// recording after NO_MEDIA_TIMEOUT expires.
no-media-timeout = 30 seconds
// If all clients have their audio and video muted, Jibri consideres this
// as an empty call and stops the recording after ALL_MUTED_TIMEOUT expires.
all-muted-timeout = 10 minutes
// When detecting if a call is empty, Jibri takes into consideration for how
// long the call has been empty already. If it has been empty for more than
// DEFAULT_CALL_EMPTY_TIMEOUT, it will consider it empty and stop the recording.
default-call-empty-timeout = 30 seconds
}
recording {
recordings-directory = "$DIR_RECORD"
finalize-script = "$REC_DIR"
}
api {
xmpp {
environments = [
{
// A user-friendly name for this environment
name = "$JB_NAME"
// A list of XMPP server hosts to which we'll connect
xmpp-server-hosts = [ "$DOMAIN" ]
// The base XMPP domain
xmpp-domain = "$DOMAIN"
// The MUC we'll join to announce our presence for
// recording and streaming services
control-muc {
domain = "internal.auth.$DOMAIN"
room-name = "$JibriBrewery"
nickname = "Live"
}
// The login information for the control MUC
control-login {
domain = "auth.$DOMAIN"
username = "jibri"
password = "$JB_AUTH_PASS"
}
// An (optional) MUC configuration where we'll
// join to announce SIP gateway services
// sip-control-muc {
// domain = "domain"
// room-name = "room-name"
// nickname = "nickname"
// }
// The login information the selenium web client will use
call-login {
domain = "recorder.$DOMAIN"
username = "recorder"
password = "$JB_REC_PASS"
}
// The value we'll strip from the room JID domain to derive
// the call URL
strip-from-room-domain = "conference."
// How long Jibri sessions will be allowed to last before
// they are stopped. A value of 0 allows them to go on
// indefinitely
usage-timeout = 0 hour
// Whether or not we'll automatically trust any cert on
// this XMPP domain
trust-all-xmpp-certs = true
}
]
}
}
}
NEW_CONF
#Jibri xorg resolution
sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" "$JIBRI_XORG_CONF"
@ -916,11 +1039,10 @@ useradd -m -g jibri "$MJS_USER"
echo "$MJS_USER:$MJS_USER_PASS" | chpasswd
#Create ssh key and restrict connections
sudo su "$MJS_USER" -c "ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -o -a 200 -q -N ''"
sudo su "$MJS_USER" -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
#Allow password authentication
sed -i "s|PasswordAuthentication .*|PasswordAuthentication yes|" /etc/ssh/sshd_config
systemctl daemon-reload
systemctl restart ssh.service ssh.socket
systemctl restart sshd
#Setting varibales for add-jibri-node.sh
sed -i "s|MAIN_SRV_DIST=.*|MAIN_SRV_DIST=\"$DIST\"|" add-jibri-node.sh
@ -982,6 +1104,28 @@ sed -i "s|MJS_USER=.*|MJS_USER=\"$MJS_USER\"|" add-jvb2-node.sh
sed -i "s|MJS_USER_PASS=.*|MJS_USER_PASS=\"$MJS_USER_PASS\"|" add-jvb2-node.sh
##--
#Tune webserver for Jitsi App control
if [ -f "$WS_CONF" ]; then
sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ location = \/external_api.min.js {" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ alias \/usr\/share\/jitsi-meet\/libs\/external_api.min.js;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF"
sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF"
systemctl reload nginx
else
echo "No app configuration done to server file, please report to:"
echo " -> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
fi
#Static avatar
if [ "$ENABLE_SA" = "yes" ] && [ -f "$WS_CONF" ]; then
cp images/avatar2.png /usr/share/jitsi-meet/images/
sed -i "/location \/external_api.min.js/i \ \ \ \ location \~ \^\/avatar\/\(.\*\)\\\.png {" "$WS_CONF"
sed -i "/location \/external_api.min.js/i \ \ \ \ \ \ \ \ alias /usr/share/jitsi-meet/images/avatar2.png;" "$WS_CONF"
sed -i "/location \/external_api.min.js/i \ \ \ \ }\\
\ " "$WS_CONF"
sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'https://$DOMAIN/avatar/\'|" "$INT_CONF"
sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" "$INT_CONF"
fi
#nginx -tlsv1/1.1
if [ "$DROP_TLS1" = "yes" ];then
printf "\nDropping TLSv1/1.1\n\n"
@ -992,13 +1136,8 @@ else
echo -n "No condition meet, please report to:"
echo "https://forge.switnet.net/switnet/quick-jibri-installer/issues"
fi
# Remove possible duplication of wasm definition.
grep -q wasm /etc/nginx/mime.types && sed -i '/types {/,/}/ {/wasm/d}' "$WS_CONF"
sleep .1
#--------------------------------------------------
print_title "Setup prosody conf file"
#--------------------------------------------------
#================== Setup prosody conf file =================
###Setup secure rooms
if [ "$ENABLE_SC" = "yes" ]; then
@ -1048,31 +1187,26 @@ VirtualHost "guest.$DOMAIN"
P_SR
fi
#--------------------------------------------------
print_title "Custom settings"
#--------------------------------------------------
#======================
# Custom settings
#Start with video muted by default
sed -i "s|// startWithVideoMuted: false,|startWithVideoMuted: true,|" "$MEET_CONF"
#Start with audio muted but admin
sed -i "s|// startAudioMuted: 10,|startAudioMuted: 2,|" "$MEET_CONF"
sed -i "s|// startAudioMuted: 10,|startAudioMuted: 1,|" "$MEET_CONF"
#Disable/enable welcome page
[ "$ENABLE_WELCP" = "yes" ] && ENABLE_WELCP_BOL=true
[ "$ENABLE_WELCP" = "no" ] && ENABLE_WELCP_BOL=false
export ENABLE_WELCP_BOL
echo "> Patching config.js to modify welcome page behavior..."
echo " Read more about patches at the patches folder."
envsubst < \
patches/jitsi-meet/002-jitsi-meet-welcome-page-on-off.patch | \
patch --no-backup-if-mismatch -d / -p1
if [ "$ENABLE_WELCP" = "yes" ]; then
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: false,|" "$MEET_CONF"
elif [ "$ENABLE_WELCP" = "no" ]; then
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: true,|" "$MEET_CONF"
fi
#Enable close page
[ "$ENABLE_CLOCP" = "yes" ] && \
sed -i "s|// enableClosePage:.*|enableClosePage: true,|" "$MEET_CONF"
[ "$ENABLE_CLOCP" = "no" ] && \
sed -i "s|// enableClosePage:.*|enableClosePage: false,|" "$MEET_CONF"
if [ "$ENABLE_CLOCP" = "yes" ]; then
sed -i "s|.*enableClosePage:.*| enableClosePage: true,|" "$MEET_CONF"
elif [ "$ENABLE_CLOCP" = "no" ]; then
sed -i "s|.*enableClosePage:.*| enableClosePage: false,|" "$MEET_CONF"
fi
#Add pre-join screen by default, since it improves YouTube autoplay capabilities
#pre-join screen by itself don't require autorization by moderator, don't confuse with lobby which does.
@ -1174,16 +1308,7 @@ if [ "$ENABLE_NC_ACCESS" = "yes" ]; then
fi
fi
sleep .1
#Jigasi w/VOSK backend.
if [ "$ENABLE_TRANSCRIPT" = "yes" ]; then
printf "\nJigasi with VOSK backend will be enabled."
if [ "$MODE" = "debug" ]; then
bash "$PWD"/jigasi-vosk-backend.sh -m debug
else
bash "$PWD"/jigasi-vosk-backend.sh
fi
fi
sleep .1
#Grafana Dashboard
if [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then
printf "\nGrafana Dashboard will be enabled."

2
tools/aws-grub-setup.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Automated AWS generic kernel setup for jibri.
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option

2
tools/fail2ban_ssh.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Simple Fail2ban configuration
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option

4
tools/jibri-conf-upgrade.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Simple Jibri conf updater
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option
@ -31,7 +31,7 @@ if ! [ "$(id -u)" = 0 ]; then
fi
echo "Checking for updates...."
apt-get -q2 update
apt -q2 update
apt install -y \
apt-show-versions \
jq

2
tools/jibri-resolution-enhancer.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Simple Jibri resolution enhancer
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option

2
tools/prepare_php.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Automated PHP environment build for Nextcloud.
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
PHPVER=$1

2
tools/start-over.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
#Start over
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option

2
tools/test-jibri-env.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Simple Jibri Env tester
# SwITNet Ltd © - 2025, https://switnet.net/
# SwITNet Ltd © - 2024, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option