Compare commits
	
		
			No commits in common. "master" and "v1.0.1" have entirely different histories.
		
	
	
		|  | @ -1 +0,0 @@ | ||||||
| qj-installer.log |  | ||||||
							
								
								
									
										123
									
								
								README.md
								
								
								
								
							
							
						
						
									
										123
									
								
								README.md
								
								
								
								
							|  | @ -1,121 +1,16 @@ | ||||||
| # Quick Jibri Installer | # Quick Jibri Installer | ||||||
| Bash installer for Jitsi Meet standalone along with Jibri on supported **Ubuntu LTS** based systems using **nginx** as default webserver. | Bash installer for Jibri on *buntu 16.04 LTS based systems | ||||||
| 
 |  | ||||||
| ## Usage |  | ||||||
| As for our current latest release, as we have integrated more and more features, we highly recommend to use a **purpose specific-newly spawn server** to host the jitsi-meet framework, making sure you stick to the requirements and recommendations as much as possible, in order to avoid issues. |  | ||||||
| 
 |  | ||||||
| **WARNING:** Please, avoid using this installer on your everyday GNU/Linux system, as this is an unsupported use and it will likely BREAK YOUR SYSTEM, so please don't. |  | ||||||
| 
 |  | ||||||
| 
 |  | ||||||
| ### Main Server |  | ||||||
| Login into your clean server, clone git repository and run the installer, |  | ||||||
| 
 |  | ||||||
| ``` |  | ||||||
| git clone https://forge.switnet.net/switnet/quick-jibri-installer |  | ||||||
| cd quick-jibri-installer |  | ||||||
| sudo bash quick_jibri_installer.sh |  | ||||||
| ``` |  | ||||||
|  |  | ||||||
| 
 |  | ||||||
| If your server meet the necessary resources, then at the end on the installer you should have a working Jitsi Meet Server along with a Jibri server ready to record. |  | ||||||
| 
 |  | ||||||
| Additional jibris need to be set on separate servers, only necesary on simultaneous recordings for that please use add-jibri-node.sh. |  | ||||||
| 
 |  | ||||||
| ### Add Jibri node |  | ||||||
| 
 |  | ||||||
| Copy the modified `add-jibri-node.sh` file from your early cloned installation directory once the installation is completed, to the new server meant to be a jibri node using your preferred method, then run it |  | ||||||
| 
 |  | ||||||
| **WARNING:** This file contains sensitive information from your setup, please handle with care. |  | ||||||
| 
 |  | ||||||
| ``` |  | ||||||
| bash add-jibri-node.sh |  | ||||||
| ``` |  | ||||||
| 
 |  | ||||||
| Please remember that on newer versions, jibri will record on FHD (1920x1080) so please make sure your server have enough CPU power in orther to handle the encoding load. |  | ||||||
| 
 |  | ||||||
| ### Add JVB2 node |  | ||||||
| 
 |  | ||||||
| Copy the modified `add-jvb2-node.sh` file from your early cloned installation directory once the installation is completed, to the new server meant to be a jibri node using your preferred method, then run it |  | ||||||
| 
 |  | ||||||
| **WARNING:** This file contains sensitive information from your setup, please handle with care. |  | ||||||
| 
 |  | ||||||
| ``` |  | ||||||
| bash add-jvb2-node.sh |  | ||||||
| ``` |  | ||||||
| 
 |  | ||||||
| Check more details on our wiki. |  | ||||||
| 
 |  | ||||||
| ## Requirements |  | ||||||
| 1. Clean VM/VPS/Server using a supported Ubuntu LTS |  | ||||||
| 2. Valid domain with DNS record, **mandatory** for SSL certs via Let's Encrypt. |  | ||||||
| 3. open ports for JMS interaction, [see wiki](https://forge.switnet.net/switnet/quick-jibri-installer/wiki/Firewall). |  | ||||||
| 4. Starting at 8 GB RAM / 4 Cores @ ~3.0GHz |  | ||||||
|     *  Adding resources as your audience or features you require, so your experience don't suffer from the lack of resources. |  | ||||||
| 5. Webcam |  | ||||||
| 
 |  | ||||||
| ### Jibri Recodings Access via Nextcloud |  | ||||||
| * Valid domain with DNS record for Nextcloud SSL. |  | ||||||
|   |  | ||||||
| ### Jigasi Transcript |  | ||||||
| * Enough disk space to run Vosk backend via docker container. |  | ||||||
| 
 |  | ||||||
| 
 |  | ||||||
| 
 |  | ||||||
| ## Kernel warning |  | ||||||
| For AWS users or any cloud service provider that might use their own kernel on their products (servers/vm/vps), might cause Jibri failure to start due not allowing `snd_aloop` module. |  | ||||||
| 
 |  | ||||||
| Make sure that you update your grub to boot the right one. |  | ||||||
| 
 |  | ||||||
| Feel free to use our `test-jibri-env.sh` tool to find some details on your current setup. |  | ||||||
| 
 | 
 | ||||||
| ## Features | ## Features | ||||||
| * Enabled Session Recording via Jibri | * Enabled Local (audio) recording using flac | ||||||
|   * Rename Jibri folder with name room + date. | * Enabled Session (video) Recording using Jibri | ||||||
|   * Jibri node network. |  | ||||||
|     * Automatic Jibri nodes network sync ([see more](https://forge.switnet.net/switnet/quick-jibri-installer/wiki/Setup-and-Jibri-Nodes)). |  | ||||||
| * JRA (Jibri Recordings Access) via Nextcloud |  | ||||||
| * Grafana Dashboard |  | ||||||
| * Etherpad via docker install |  | ||||||
| * Authentication |  | ||||||
|   1. Local |  | ||||||
|   2. JWT ([#87](https://forge.switnet.net/switnet/quick-jibri-installer/issues/87)) |  | ||||||
|   3. None |  | ||||||
| * Lobby Rooms |  | ||||||
| * Conference Duration |  | ||||||
| * Customized brandless mode |  | ||||||
|   * Setting up custom interface_config.js (to be deprecated by upstream) |  | ||||||
| * JVB2 nodes network. |  | ||||||
| 
 | 
 | ||||||
| * Enabled Jitsi Electron app detection server side. | ## Requirements | ||||||
| * Standalone SSL Certbot/LE implementation | * Dropbox developer App key & redirect url configured. | ||||||
| * Improved recurring updater | * Valid domain with DNS already set (preferably). | ||||||
| * Jigasi Transcript - vía Vosk speech recognition toolkit. | * Recommended 4 GB RAM / 4 Cores for video recording. | ||||||
| 
 | * Webcam | ||||||
| ## Tools |  | ||||||
| * Jibri Environment Tester |  | ||||||
|  * Jibri Conf Upgrader (late 2020). |  | ||||||
| * Selenium Grid via Docker |  | ||||||
| * Start over, installation cleansing tool. |  | ||||||
| 
 |  | ||||||
| ## Optional custom changes |  | ||||||
| * Optional default language |  | ||||||
| * Option to enable Secure Rooms |  | ||||||
| * Option to enable Welcome page |  | ||||||
| * Option to enable Close page |  | ||||||
| * Option to set domain as hostname on JMS |  | ||||||
| 
 |  | ||||||
| ### Modes |  | ||||||
| * Custom High Performance config |  | ||||||
| 
 |  | ||||||
| ## Custom changes |  | ||||||
| * Start with video muted by default |  | ||||||
| * Start with audio muted but moderator |  | ||||||
| * Set pre-join screen by default. |  | ||||||
| 
 | 
 | ||||||
| 
 | 
 | ||||||
| ## Documentation |  | ||||||
| * Please check our [wiki](https://forge.switnet.net/switnet/quick-jibri-installer/wiki) for further documentation. |  | ||||||
| 
 | 
 | ||||||
| Please note: This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY. | SwITNet Ltd © - 2018, https://switnet.net/ | ||||||
| 
 |  | ||||||
| SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
|  |  | ||||||
|  | @ -1,468 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # Jibri Node Aggregator |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| ### 0_LAST EDITION TIME STAMP ### |  | ||||||
| # LETS: AUTOMATED_EDITION_TIME |  | ||||||
| ### 1_LAST EDITION ### |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
|     set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| if ! [ "$(id -u)" = 0 ]; then |  | ||||||
|    echo "You need to be root or have sudo privileges!" |  | ||||||
|    exit 0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #Make sure the file name is the required one |  | ||||||
| if [ ! "$(basename "$0")" = "add-jibri-node.sh" ]; then |  | ||||||
|     echo "For most cases naming won't matter, for this one it does." |  | ||||||
|     echo "Please use the original name for this script: \`add-jibri-node.sh', and run again." |  | ||||||
|     exit |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| ### 0_VAR_DEF |  | ||||||
| MAIN_SRV_DIST=TBD |  | ||||||
| MAIN_SRV_REPO=TBD |  | ||||||
| MAIN_SRV_DOMAIN=TBD |  | ||||||
| JibriBrewery=TBD |  | ||||||
| JB_NAME=TBD |  | ||||||
| JB_AUTH_PASS=TBD |  | ||||||
| JB_REC_PASS=TBD |  | ||||||
| MJS_USER=TBD |  | ||||||
| MJS_USER_PASS=TBD |  | ||||||
| JIBRI_RES_CONF=TBD |  | ||||||
| JIBRI_RES_XORG_CONF=TBD |  | ||||||
| THIS_SRV_DIST=$(lsb_release -sc) |  | ||||||
| JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR==1{print$1}') |  | ||||||
| JIBRI_CONF="/etc/jitsi/jibri/jibri.conf" |  | ||||||
| DIR_RECORD="/var/jbrecord" |  | ||||||
| REC_DIR="/home/jibri/finalize_recording.sh" |  | ||||||
| GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list" |  | ||||||
| GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}') |  | ||||||
| GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json" |  | ||||||
| #PUBLIC_IP="$(wget -qO- https://api.ipify.org)" |  | ||||||
| JITSI_GPG_KEY="/etc/apt/trusted.gpg.d/jitsi-key.gpg.key" |  | ||||||
| NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)" |  | ||||||
| NJN_USER="jbnode${ADDUP}_${NJN_RAND_TAIL}" |  | ||||||
| NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)" |  | ||||||
| GIT_FORGE="https://forge.switnet.net" |  | ||||||
| GIT_REPO="switnet/quick-jibri-installer" |  | ||||||
| JIBRI_CONF_ONLINE="$GIT_FORGE/$GIT_REPO/raw/branch/master/files/jibri.conf" |  | ||||||
| TEST_JIBRI_ENV="$GIT_FORGE/$GIT_REPO/raw/branch/master/tools/test-jibri-env.sh" |  | ||||||
| SHORT_ID="$(awk '{print substr($0,0,7)}' /etc/machine-id)" |  | ||||||
| JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf" |  | ||||||
| ### 1_VAR_DEF |  | ||||||
| 
 |  | ||||||
| # sed limiters for add-jibri-node.sh variables |  | ||||||
| var_dlim() { |  | ||||||
|     grep -n "$1" add-jibri-node.sh|head -n1|cut -d ":" -f1 |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| check_var() { |  | ||||||
|     if [ "$2" = "TBD" ]; then |  | ||||||
|         echo -e "Check if variable $1 is set: \xE2\x9C\x96" |  | ||||||
|         exit |  | ||||||
|     else |  | ||||||
|         echo -e "Check if variable $1 is set: \xE2\x9C\x94" |  | ||||||
|     fi |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| #Change in favor of machine-id identifier |  | ||||||
| crontab -l | { cat; echo "@reboot sed -i \"/[[:space:]]control-muc/,/[[:space:]]control-login/{s|nickname = .*|nickname = \\\"$(cat /etc/machine-id)\\\"|}\" /etc/jitsi/jibri/jibri.conf"; } | crontab - |  | ||||||
| crontab -l |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| #----------------------------------------------------------------------- |  | ||||||
| # Checking initial necessary variables... |  | ||||||
| #-----------------------------------------------------------------------" |  | ||||||
| 
 |  | ||||||
| JMS_DATA=("$MAIN_SRV_DIST" \ |  | ||||||
|           "$MAIN_SRV_REPO" \ |  | ||||||
|           "$MAIN_SRV_DOMAIN" \ |  | ||||||
|           "$JibriBrewery" \ |  | ||||||
|           "$JB_NAME" \ |  | ||||||
|           "$JB_AUTH_PASS" \ |  | ||||||
|           "$JB_REC_PASS" \ |  | ||||||
|           "$MJS_USER" \ |  | ||||||
|           "$MJS_USER_PASS" \ |  | ||||||
|           "$JIBRI_RES_CONF" \ |  | ||||||
|           "$JIBRI_RES_XORG_CONF") |  | ||||||
| 
 |  | ||||||
| JMS_EVAL="${JMS_DATA[0]}" |  | ||||||
| for i in "${JMS_DATA[@]}"; do |  | ||||||
|     if [[ "$JMS_EVAL" != "$i" ]]; then |  | ||||||
|         ALL_TBD="no" |  | ||||||
|         break |  | ||||||
|     fi |  | ||||||
| done |  | ||||||
| if [ "$ALL_TBD" = "no" ];then |  | ||||||
|  echo -e "Good, seems this is not a vanilla copy of add-jibri-node.sh, |  | ||||||
| let's check variables ...\n" |  | ||||||
| else |  | ||||||
|  echo -e "You seem to be using a vanilla copy of the add-jibri-node.sh. |  | ||||||
|   > Please use the content (or apply the changes) of add-jibri-node.sh from |  | ||||||
|     the main Jitsi server installation folder, as it contains necessary data.\n" |  | ||||||
|         exit |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| check_var MAIN_SRV_DIST "$MAIN_SRV_DIST" |  | ||||||
| check_var MAIN_SRV_REPO "$MAIN_SRV_REPO" |  | ||||||
| check_var MAIN_SRV_DOMAIN "$MAIN_SRV_DOMAIN" |  | ||||||
| check_var JibriBrewery "$JibriBrewery" |  | ||||||
| check_var JB_NAME "$JB_NAME" |  | ||||||
| check_var JB_AUTH_PASS "$JB_AUTH_PASS" |  | ||||||
| check_var JB_REC_PASS "$JB_REC_PASS" |  | ||||||
| check_var MJS_USER "$MJS_USER" |  | ||||||
| check_var MJS_USER_PASS "$MJS_USER_PASS" |  | ||||||
| check_var JIBRI_RES_CONF "$JIBRI_RES_CONF" |  | ||||||
| check_var JIBRI_RES_XORG_CONF "$JIBRI_RES_XORG_CONF" |  | ||||||
| 
 |  | ||||||
| #Check server and node OS |  | ||||||
| if [ ! "$THIS_SRV_DIST" = "$MAIN_SRV_DIST" ]; then |  | ||||||
|     echo "Please use the same OS for the jibri setup on both servers." |  | ||||||
|     echo "This server is based on: $THIS_SRV_DIST" |  | ||||||
|     echo "The main server record claims is based on: $MAIN_SRV_DIST" |  | ||||||
|     exit |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #Check system resources |  | ||||||
| echo "Verifying System Resources:" |  | ||||||
| if [ "$(nproc --all)" -lt 4 ];then |  | ||||||
|   echo " |  | ||||||
| Warning!: The system do not meet the minimum CPU requirements for Jibri to run. |  | ||||||
| >> We recommend 4 cores/threads for Jibri! |  | ||||||
| " |  | ||||||
|   CPU_MIN="N" |  | ||||||
| else |  | ||||||
|   echo "CPU Cores/Threads: OK ($(nproc --all))" |  | ||||||
|   CPU_MIN="Y" |  | ||||||
| fi |  | ||||||
| ### Test RAM size (8GB min) ### |  | ||||||
| mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+') |  | ||||||
| if [ "${mem_available}" -lt 7700000 ]; then |  | ||||||
|   echo " |  | ||||||
| Warning!: The system do not meet the minimum RAM requirements for Jibri to run. |  | ||||||
| >> We recommend 8GB RAM for Jibri! |  | ||||||
| " |  | ||||||
|   MEM_MIN="N" |  | ||||||
| else |  | ||||||
|   echo "Memory: OK ($((mem_available/1024)) MiB)" |  | ||||||
|   MEM_MIN="Y" |  | ||||||
| fi |  | ||||||
| if [ "$CPU_MIN" = "Y" ] && [ "$MEM_MIN" = "Y" ];then |  | ||||||
|     echo "All requirements seems meet!" |  | ||||||
|     echo " |  | ||||||
|     - We hope you have a nice recording/streaming session |  | ||||||
|     " |  | ||||||
| else |  | ||||||
|     echo "CPU ($(nproc --all))/RAM ($((mem_available/1024)) MiB) does NOT meet minimum recommended requirements!" |  | ||||||
|     echo "Since this is a Jibri node installation there is no point on not having the necessary resources." |  | ||||||
|     echo "We highly advice to increase the resources in order to install this Jibri node." |  | ||||||
|     while [[ "$CONTINUE_LOW_RES" != "yes" && "$CONTINUE_LOW_RES" != "no" ]] |  | ||||||
|     do |  | ||||||
|     read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_LOW_RES |  | ||||||
|     if [ "$CONTINUE_LOW_RES" = "no" ]; then |  | ||||||
|         echo "See you next time with more resources!..." |  | ||||||
|         exit |  | ||||||
|     elif [ "$CONTINUE_LOW_RES" = "yes" ]; then |  | ||||||
|         echo "Please keep in mind that we might not support underpowered nodes." |  | ||||||
|     fi |  | ||||||
|     done |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| # Rename hostname for each jibri node |  | ||||||
| hostnamectl set-hostname "jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}" |  | ||||||
| sed -i "1i 127.0.0.1 jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts |  | ||||||
| 
 |  | ||||||
| # Jitsi-Meet Repo |  | ||||||
| printf "\nAdd Jitsi repo\n" |  | ||||||
| if [ "$JITSI_REPO" = "stable" ]; then |  | ||||||
|     printf " - Jitsi stable repository already installed\n\n" |  | ||||||
| else |  | ||||||
|     echo "deb [signed-by=$JITSI_GPG_KEY] http://download.jitsi.org stable/" \ |  | ||||||
|         > /etc/apt/sources.list.d/jitsi-stable.list |  | ||||||
|     curl -s https://download.jitsi.org/jitsi-key.gpg.key \ |  | ||||||
|         > "$JITSI_GPG_KEY" |  | ||||||
|     apt-get update -q2 |  | ||||||
|     JITSI_REPO="stable" |  | ||||||
| fi |  | ||||||
| sleep .1 |  | ||||||
| 
 |  | ||||||
| 
 |  | ||||||
| # Requirements |  | ||||||
| echo "We'll start by installing system requirements this may take a while please be patient..." |  | ||||||
| apt-get update -q2 |  | ||||||
| apt-get dist-upgrade -yq2 |  | ||||||
| 
 |  | ||||||
| apt-get -y install \ |  | ||||||
|                     apt-show-versions \ |  | ||||||
|                     bmon \ |  | ||||||
|                     curl \ |  | ||||||
|                     ffmpeg \ |  | ||||||
|                     git \ |  | ||||||
|                     btop \ |  | ||||||
|                     inotify-tools \ |  | ||||||
|                     jq \ |  | ||||||
|                     rsync \ |  | ||||||
|                     ssh \ |  | ||||||
|                     unzip \ |  | ||||||
|                     wget |  | ||||||
| 
 |  | ||||||
| check_snd_driver() { |  | ||||||
|     printf "\n# Checking ALSA - Loopback module..." |  | ||||||
|     echo "snd-aloop" | tee -a /etc/modules |  | ||||||
|     modprobe snd-aloop |  | ||||||
|     if [ "$(lsmod|awk '/snd_aloop/{print$1}'|awk 'NR==1')" = "snd_aloop" ]; then |  | ||||||
|         echo -e "\n#-----------------------------------------------------------------------" |  | ||||||
|         echo "# Audio driver seems - OK." |  | ||||||
|         echo -e "#-----------------------------------------------------------------------\n" |  | ||||||
|     else |  | ||||||
|         echo -e "\n#-----------------------------------------------------------------------" |  | ||||||
|         echo "# Your audio driver might not be able to load." |  | ||||||
|         echo "# We'll check the state of this Jibri with our 'test-jibri-env.sh' tool." |  | ||||||
|         echo -e "#-----------------------------------------------------------------------\n" |  | ||||||
|         curl -s "$TEST_JIBRI_ENV" > /tmp/test-jibri-env.sh |  | ||||||
|         #Test tool |  | ||||||
|         if [ "$MODE" = "debug" ]; then |  | ||||||
|             bash /tmp/test-jibri-env.sh -m debug |  | ||||||
|         else |  | ||||||
|             bash /tmp/test-jibri-env.sh |  | ||||||
|         fi |  | ||||||
|         read -n 1 -s -r -p "Press any key to continue..."$'\n' |  | ||||||
|     fi |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| ###FIXME: Trisquel support broken by lsb_release usage### |  | ||||||
| echo "# Check and Install HWE kernel if possible..." |  | ||||||
| HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")" |  | ||||||
| if [ "$HWE_VIR_MOD" = "1" ]; then |  | ||||||
|     apt-get -y install \ |  | ||||||
|     linux-image-generic-hwe-"$(lsb_release -sr)" |  | ||||||
| else |  | ||||||
|     apt-get -y install \ |  | ||||||
|     linux-image-generic \ |  | ||||||
|     linux-modules-extra-"$(uname -r)" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| #-------------------------------------------------- |  | ||||||
| # Install Jibri |  | ||||||
| #-------------------------------------------------- |  | ||||||
| " |  | ||||||
| apt-get -y install \ |  | ||||||
|                 jibri \ |  | ||||||
|                 openjdk-11-jre-headless |  | ||||||
| 
 |  | ||||||
| echo "# Installing Google Chrome / ChromeDriver" |  | ||||||
| if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then |  | ||||||
|     echo "Google repository already set." |  | ||||||
| else |  | ||||||
|     echo "Installing Google Chrome Stable" |  | ||||||
|     curl -s https://dl.google.com/linux/linux_signing_key.pub | \ |  | ||||||
|     gpg --dearmor | tee /etc/apt/trusted.gpg.d/google-chrome-key.gpg  >/dev/null |  | ||||||
|     echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO" |  | ||||||
| fi |  | ||||||
| apt-get -q2 update |  | ||||||
| apt-get install -yq2 google-chrome-stable |  | ||||||
| rm -rf "$GOOGL_REPO" |  | ||||||
| 
 |  | ||||||
| G_CHROME=$(apt-cache madison google-chrome-stable|awk '{print$3}'|cut -d. -f1-3) |  | ||||||
| CHROMELAB_URL="https://googlechromelabs.github.io/chrome-for-testing" |  | ||||||
| CHD_LTST_DWNL=$(curl -s $CHROMELAB_URL/known-good-versions-with-downloads.json | \ |  | ||||||
|                 jq -r ".versions[].downloads.chromedriver | \ |  | ||||||
|                 select(. != null) | .[].url" | grep linux64 | \ |  | ||||||
|                 grep "$G_CHROME" | tail -1) |  | ||||||
| CHD_LTST=$(awk -F '/' '{print$7}' <<< "$CHD_LTST_DWNL") |  | ||||||
| GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json" |  | ||||||
| 
 |  | ||||||
| if [ -f /usr/local/bin/chromedriver ]; then |  | ||||||
|     echo "Chromedriver already installed." |  | ||||||
| else |  | ||||||
|     echo "Installing Chromedriver" |  | ||||||
|     wget -q "$CHD_LTST_DWNL" \ |  | ||||||
|          -O /tmp/chromedriver_linux64.zip |  | ||||||
|     unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/ |  | ||||||
|     mv /usr/local/bin/chromedriver-linux64/chromedriver /usr/local/bin/chromedriver |  | ||||||
|     chown root:root /usr/local/bin/chromedriver |  | ||||||
|     chmod 0755 /usr/local/bin/chromedriver |  | ||||||
|     rm -rf /tmp/chromedriver_linux64.zip |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| printf "\nCheck Google Software Working...\n" |  | ||||||
| /usr/bin/google-chrome --version |  | ||||||
| /usr/local/bin/chromedriver --version | awk '{print$1,$2}' |  | ||||||
| 
 |  | ||||||
| echo ' |  | ||||||
| ######################################################################## |  | ||||||
|                         Start Jibri configuration |  | ||||||
| ######################################################################## |  | ||||||
| ' |  | ||||||
| printf "\nRemove Chrome warning...\n" |  | ||||||
| mkdir -p /etc/opt/chrome/policies/managed |  | ||||||
| echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON" |  | ||||||
| 
 |  | ||||||
| # Recording directory |  | ||||||
| if [ ! -d "$DIR_RECORD" ]; then |  | ||||||
|     mkdir "$DIR_RECORD" |  | ||||||
| fi |  | ||||||
| chown -R jibri:jibri "$DIR_RECORD" |  | ||||||
| 
 |  | ||||||
| cat << REC_DIR > "$REC_DIR" |  | ||||||
| #!/bin/bash |  | ||||||
| 
 |  | ||||||
| RECORDINGS_DIR="$DIR_RECORD" |  | ||||||
| 
 |  | ||||||
| echo "This is a dummy finalize script" > /tmp/finalize.out |  | ||||||
| echo "The script was invoked with recordings directory $RECORDINGS_DIR." >> /tmp/finalize.out |  | ||||||
| echo "You should put any finalize logic (renaming, uploading to a service" >> /tmp/finalize.out |  | ||||||
| echo "or storage provider, etc.) in this script" >> /tmp/finalize.out |  | ||||||
| 
 |  | ||||||
| chmod -R 770 \$RECORDINGS_DIR |  | ||||||
| 
 |  | ||||||
| LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -nr|sed 1d|awk '{print\$2}'| grep -v "meta\|_" | head -n1)" |  | ||||||
| NJF_NAME="\$(find \$LJF_PATH |grep "mp4"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)" |  | ||||||
| NJF_PATH="\$RECORDINGS_DIR/\$NJF_NAME" |  | ||||||
| mv \$LJF_PATH \$NJF_PATH |  | ||||||
| 
 |  | ||||||
| exit 0 |  | ||||||
| REC_DIR |  | ||||||
| chown jibri:jibri "$REC_DIR" |  | ||||||
| chmod +x "$REC_DIR" |  | ||||||
| 
 |  | ||||||
| ## New Jibri Config (2020) |  | ||||||
| mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file |  | ||||||
| curl -s "$JIBRI_CONF_ONLINE" >  "$JIBRI_CONF" |  | ||||||
| sed -i "s|JIBRI_RES_CONF|$JIBRI_RES_CONF|g" "$JIBRI_CONF" |  | ||||||
| sed -i "s|DIR_RECORD|$DIR_RECORD|g" "$JIBRI_CONF" |  | ||||||
| sed -i "s|REC_DIR|$REC_DIR|g" "$JIBRI_CONF" |  | ||||||
| sed -i "s|JB_NAME|$JB_NAME|g" "$JIBRI_CONF" |  | ||||||
| sed -i "s|DOMAIN|$MAIN_SRV_DOMAIN|g" "$JIBRI_CONF" |  | ||||||
| sed -i "s|JibriBrewery|$JibriBrewery|g" "$JIBRI_CONF" |  | ||||||
| sed -i "s|JB_AUTH_PASS|$JB_AUTH_PASS|g" "$JIBRI_CONF" |  | ||||||
| sed -i "s|JB_REC_PASS|$JB_REC_PASS|g" "$JIBRI_CONF" |  | ||||||
| 
 |  | ||||||
| #Jibri xorg resolution |  | ||||||
| sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" "$JIBRI_XORG_CONF" |  | ||||||
| 
 |  | ||||||
| echo -e "\n---- Create random nodesync user ----" |  | ||||||
| useradd -m -g jibri "$NJN_USER" |  | ||||||
| echo "$NJN_USER:$NJN_USER_PASS" | chpasswd |  | ||||||
| 
 |  | ||||||
| echo -e "\n---- We'll connect to main server ----" |  | ||||||
| read -n 1 -s -r -p "Press any key to continue..."$'\n' |  | ||||||
| sudo su "$NJN_USER" -c "ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -o -a 200 -q -N ''" |  | ||||||
| 
 |  | ||||||
| install -m 0600 -o jibri /home/"$NJN_USER"/.ssh/id_ed25519 /home/jibri/jbsync.pem |  | ||||||
| sudo su jibri -c "install -D /dev/null /home/jibri/.ssh/known_hosts" |  | ||||||
| sudo su jibri -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts" |  | ||||||
| sudo su jibri -c "ssh-keyscan -t ed25519 $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts" |  | ||||||
| 
 |  | ||||||
| echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n" |  | ||||||
| ssh-keyscan -t rsa "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts |  | ||||||
| ssh-keyscan -t ed25519 "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts |  | ||||||
| [ -f /home/"$NJN_USER"/.ssh/id_rsa.pub ] && \ |  | ||||||
|     ssh "$MJS_USER"@"$MAIN_SRV_DOMAIN" sh -c "'cat >> .ssh/authorized_keys'" < /home/"$NJN_USER"/.ssh/id_rsa.pub |  | ||||||
| [ -f /home/"$NJN_USER"/.ssh/id_ed25519.pub ] && \ |  | ||||||
|     ssh "$MJS_USER"@"$MAIN_SRV_DOMAIN" sh -c "'cat >> .ssh/authorized_keys'" < /home/"$NJN_USER"/.ssh/id_ed25519.pub |  | ||||||
| sudo su "$NJN_USER" -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts" |  | ||||||
| 
 |  | ||||||
| echo -e "\n---- Setup Log system ----" |  | ||||||
| cat << INOT_RSYNC > /etc/jitsi/jibri/remote-jbsync.sh |  | ||||||
| #!/bin/bash |  | ||||||
| 
 |  | ||||||
| # Log process |  | ||||||
| exec 3>&1 4>&2 |  | ||||||
| trap 'exec 2>&4 1>&3' 0 1 2 3 |  | ||||||
| exec 1>/var/log/"$NJN_USER"/remote_jnsync.log 2>&1 |  | ||||||
| 
 |  | ||||||
| # Run sync |  | ||||||
| while true; do |  | ||||||
|   inotifywait  -t 60 -r -e modify,attrib,close_write,move,delete "$DIR_RECORD" |  | ||||||
|   sudo su "$NJN_USER" -c "rsync -Aax --chmod=Dg+rwx,Fg+rw --info=progress2 --remove-source-files --exclude '.*/' $DIR_RECORD/ $MJS_USER@$MAIN_SRV_DOMAIN:$DIR_RECORD" |  | ||||||
|   find "$DIR_RECORD" -depth -type d -empty -not -path "$DIR_RECORD" -delete |  | ||||||
| done |  | ||||||
| INOT_RSYNC |  | ||||||
| 
 |  | ||||||
| 
 |  | ||||||
| mkdir /var/log/"$NJN_USER" |  | ||||||
| 
 |  | ||||||
| cat << LOG_ROT > /etc/logrotate.d/"$NJN_USER" |  | ||||||
| /var/log/"$NJN_USER"/*.log { |  | ||||||
|     monthly |  | ||||||
|     missingok |  | ||||||
|     rotate 12 |  | ||||||
|     compress |  | ||||||
|     notifempty |  | ||||||
|     create 0640 root root |  | ||||||
|     sharedscripts |  | ||||||
|     postrotate |  | ||||||
|         service remote_jnsync restart |  | ||||||
|     endscript |  | ||||||
| } |  | ||||||
| LOG_ROT |  | ||||||
| 
 |  | ||||||
| echo -e "\n---- Create systemd service file ----" |  | ||||||
| cat << REMOTE_SYNC_SERVICE > /etc/systemd/system/remote_jnsync.service |  | ||||||
| [Unit] |  | ||||||
| Description = Sync Node to Main Jibri Service |  | ||||||
| After = network.target |  | ||||||
| 
 |  | ||||||
| [Service] |  | ||||||
| PIDFile = /run/syncservice/remote_jnsync.pid |  | ||||||
| User = root |  | ||||||
| Group = root |  | ||||||
| WorkingDirectory = /var |  | ||||||
| ExecStartPre = /bin/mkdir /run/syncservice |  | ||||||
| ExecStartPre = /bin/chown -R root:root /run/syncservice |  | ||||||
| ExecStart = /bin/bash /etc/jitsi/jibri/remote-jbsync.sh |  | ||||||
| ExecReload = /bin/kill -s HUP \$MAINPID |  | ||||||
| ExecStop = /bin/kill -s TERM \$MAINPID |  | ||||||
| ExecStopPost = /bin/rm -rf /run/syncservice |  | ||||||
| PrivateTmp = true |  | ||||||
| 
 |  | ||||||
| [Install] |  | ||||||
| WantedBy = multi-user.target |  | ||||||
| REMOTE_SYNC_SERVICE |  | ||||||
| 
 |  | ||||||
| chmod 755 /etc/systemd/system/remote_jnsync.service |  | ||||||
| systemctl daemon-reload |  | ||||||
| 
 |  | ||||||
| systemctl enable remote_jnsync.service |  | ||||||
| systemctl start remote_jnsync.service |  | ||||||
| 
 |  | ||||||
| #Enable jibri services |  | ||||||
| systemctl enable jibri |  | ||||||
| systemctl enable jibri-xorg |  | ||||||
| systemctl enable jibri-icewm |  | ||||||
| 
 |  | ||||||
| check_snd_driver |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| ######################################################################## |  | ||||||
|                         Node addition complete!! |  | ||||||
| 
 |  | ||||||
|                For customized support: http://switnet.net |  | ||||||
| ######################################################################## |  | ||||||
| " |  | ||||||
| 
 |  | ||||||
| echo "Make sure to reboot, it's necessary before *any* usage. |  | ||||||
| Rebooting in..." |  | ||||||
| secs=$((15)) |  | ||||||
| while [ "$secs" -gt 0 ]; do |  | ||||||
|    echo -ne "$secs\033[0K\r" |  | ||||||
|    sleep 1 |  | ||||||
|    : $((secs--)) |  | ||||||
| done |  | ||||||
| reboot |  | ||||||
							
								
								
									
										306
									
								
								add-jvb2-node.sh
								
								
								
								
							
							
						
						
									
										306
									
								
								add-jvb2-node.sh
								
								
								
								
							|  | @ -1,306 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # JVB2 Node Aggregator |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| ### 0_LAST EDITION TIME STAMP ### |  | ||||||
| # LETS: AUTOMATED_EDITION_TIME |  | ||||||
| ### 1_LAST EDITION ### |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
|     set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| if ! [ "$(id -u)" = 0 ]; then |  | ||||||
|    echo "You need to be root or have sudo privileges!" |  | ||||||
|    exit 0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #Make sure the file name is the required one |  | ||||||
| if [ ! "$(basename "$0")" = "add-jvb2-node.sh" ]; then |  | ||||||
|     echo "For most cases naming won't matter, for this one it does." |  | ||||||
|     echo "Please use the original name for this script: \`add-jvb2-node.sh', and run again." |  | ||||||
|     exit |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| ### 0_VAR_DEF |  | ||||||
| MAIN_SRV_DIST=TBD |  | ||||||
| MAIN_SRV_REPO=TBD |  | ||||||
| MAIN_SRV_DOMAIN=TBD |  | ||||||
| 
 |  | ||||||
| JVB_HOSTNAME=TBD |  | ||||||
| JVB_HOST=TBD |  | ||||||
| JVB_PORT=TBD |  | ||||||
| JVB_SECRET=TBD |  | ||||||
| JVB_OPTS=TBD |  | ||||||
| SYS_PROPS=TBD |  | ||||||
| AWS_HARVEST=TBD |  | ||||||
| STUN_MAPPING=TBD |  | ||||||
| ENABLE_STATISTICS=TBD |  | ||||||
| SHARD_HOSTNAME=TBD |  | ||||||
| SHARD_DOMAIN=TBD |  | ||||||
| SHARD_PASS=TBD |  | ||||||
| MUC_JID=TBD |  | ||||||
| 
 |  | ||||||
| #MJS_USER=TBD |  | ||||||
| #MJS_USER_PASS=TBD |  | ||||||
| #START=0 |  | ||||||
| #LAST=TBD |  | ||||||
| 
 |  | ||||||
| THIS_SRV_DIST=$(lsb_release -sc) |  | ||||||
| JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR==1{print$1}') |  | ||||||
| JVB2_CONF="/etc/jitsi/videobridge/config" |  | ||||||
| JVB2_NCONF="/etc/jitsi/videobridge/jvb.conf" |  | ||||||
| JVB2_SIP="/etc/jitsi/videobridge/sip-communicator.properties" |  | ||||||
| SHORT_ID="$(awk '{print substr($0,0,7)}' /etc/machine-id)" |  | ||||||
| #PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)" |  | ||||||
| #GITHUB_RAW="https://raw.githubusercontent.com" |  | ||||||
| #GIT_REPO="switnet-ltd/quick-jibri-installer" |  | ||||||
| ### 1_VAR_DEF |  | ||||||
| 
 |  | ||||||
| # sed limiters for add-jvb2-node.sh variables |  | ||||||
| var_dlim() { |  | ||||||
|     grep -n "$1" add-jvb2-node.sh|head -n1|cut -d ":" -f1 |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| check_var() { |  | ||||||
|     if [ -z "$2" ]; then |  | ||||||
|         echo -e "Check if variable $1 is set: \xE2\x9C\x96 \nExiting..." |  | ||||||
|         exit |  | ||||||
|     else |  | ||||||
|         echo -e "Check if variable $1 is set: \xE2\x9C\x94" |  | ||||||
|     fi |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| #Check server and node OS |  | ||||||
| if [ ! "$THIS_SRV_DIST" = "$MAIN_SRV_DIST" ]; then |  | ||||||
|     echo "Please use the same OS for the JVB2 setup on both servers." |  | ||||||
|     echo "This server is based on: $THIS_SRV_DIST" |  | ||||||
|     echo "The main server record claims is based on: $MAIN_SRV_DIST" |  | ||||||
|     exit |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #Check system resources |  | ||||||
| echo "Verifying System Resources:" |  | ||||||
| if [ "$(nproc --all)" -lt 4 ];then |  | ||||||
|   echo " |  | ||||||
| Warning!: The system do not meet the CPU recomendations for a JVB node for heavy loads. |  | ||||||
| >> We recommend 4 cores/threads or above for JVB2! |  | ||||||
| " |  | ||||||
|   CPU_MIN="N" |  | ||||||
| else |  | ||||||
|   echo "CPU Cores/Threads: OK ($(nproc --all))" |  | ||||||
|   CPU_MIN="Y" |  | ||||||
| fi |  | ||||||
| ### Test RAM size (8GB min) ### |  | ||||||
| mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+') |  | ||||||
| if [ "${mem_available}" -lt 7700000 ]; then |  | ||||||
|   echo " |  | ||||||
| Warning!: The system do not meet the CPU recomendations for a JVB node for heavy loads. |  | ||||||
| >> We recommend 8GB RAM or above for JVB2! |  | ||||||
| " |  | ||||||
|   MEM_MIN="N" |  | ||||||
| else |  | ||||||
|   echo "Memory: OK ($((mem_available/1024)) MiB)" |  | ||||||
|   MEM_MIN="Y" |  | ||||||
| fi |  | ||||||
| if [ "$CPU_MIN" = "Y" ] && [ "$MEM_MIN" = "Y" ];then |  | ||||||
|     echo "All requirements seems meet!" |  | ||||||
|     echo " |  | ||||||
|     - We hope you have a nice recording/streaming session |  | ||||||
|     " |  | ||||||
| else |  | ||||||
|     echo "CPU ($(nproc --all))/RAM ($((mem_available/1024)) MiB) does NOT meet minimum recommended requirements!" |  | ||||||
|     echo "We highly advice to increase the resources in order to install this JVB2 node." |  | ||||||
|     while [[ "$CONTINUE_LOW_RES" != "yes" && "$CONTINUE_LOW_RES" != "no" ]] |  | ||||||
|     do |  | ||||||
|     read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_LOW_RES |  | ||||||
|     if [ "$CONTINUE_LOW_RES" = "no" ]; then |  | ||||||
|             echo "See you next time with more resources!..." |  | ||||||
|             exit |  | ||||||
|     elif [ "$CONTINUE_LOW_RES" = "yes" ]; then |  | ||||||
|             echo "Please keep in mind that we might not support underpowered nodes." |  | ||||||
|     fi |  | ||||||
|     done |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| #----------------------------------------------------------------------- |  | ||||||
| # Checking initial necessary variables... |  | ||||||
| #-----------------------------------------------------------------------" |  | ||||||
| 
 |  | ||||||
| check_var JVB_HOSTNNAME "$JVB_HOSTNAME" |  | ||||||
| if [ -z "$JVB_HOST" ]; then |  | ||||||
|   echo "JVB_HOST is empty, but it may be ok for it to be empty, skipping empty test." |  | ||||||
| else |  | ||||||
|   check_var JVB_HOST "$JVB_HOST" |  | ||||||
| fi |  | ||||||
| check_var JVB_PORT "$JVB_PORT" |  | ||||||
| check_var JVB_SECRET "$JVB_SECRET" |  | ||||||
| check_var JVB_OPTS "$JVB_OPTS" |  | ||||||
| check_var SYS_PROPS "$SYS_PROPS" |  | ||||||
| check_var AWS_HARVEST "$AWS_HARVEST" |  | ||||||
| check_var STUN_MAPPING "$STUN_MAPPING" |  | ||||||
| check_var ENABLE_STATISTICS "$ENABLE_STATISTICS" |  | ||||||
| check_var SHARD_HOSTNAME "$SHARD_HOSTNAME" |  | ||||||
| check_var SHARD_DOMAIN "$SHARD_DOMAIN" |  | ||||||
| check_var SHARD_PASS "$SHARD_PASS" |  | ||||||
| check_var MUC_JID "$MUC_JID" |  | ||||||
| check_var MAIN_SRV_DOMAIN "$MAIN_SRV_DOMAIN" |  | ||||||
| 
 |  | ||||||
| # Rename hostname for each jvb2 node |  | ||||||
| hostnamectl set-hostname "jvb_${SHORT_ID}.${MAIN_SRV_DOMAIN}" |  | ||||||
| sed -i "1i 127.0.0.1 jvb_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts |  | ||||||
| 
 |  | ||||||
| # Jitsi-Meet Repo |  | ||||||
| echo "Add Jitsi repo" |  | ||||||
| if [ -z "$JITSI_REPO" ]; then |  | ||||||
|     echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-"$MAIN_SRV_REPO".list |  | ||||||
|     wget -qO -  https://download.jitsi.org/jitsi-key.gpg.key | apt-key add - |  | ||||||
| elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then |  | ||||||
|     echo "Main and node servers repository don't match, extiting.." |  | ||||||
|     exit |  | ||||||
| elif [ "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then |  | ||||||
|     echo "Main and node servers repository match, continuing..." |  | ||||||
| else |  | ||||||
|     echo "Jitsi $JITSI_REPO repository already installed" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| # Requirements |  | ||||||
| echo "We'll start by installing system requirements this may take a while please be patient..." |  | ||||||
| apt-get update -q2 |  | ||||||
| apt-get dist-upgrade -yq2 |  | ||||||
| 
 |  | ||||||
| apt-get -y install \ |  | ||||||
|                     apt-show-versions \ |  | ||||||
|                     bmon \ |  | ||||||
|                     curl \ |  | ||||||
|                     git \ |  | ||||||
|                     htop \ |  | ||||||
|                     ssh \ |  | ||||||
|                     unzip \ |  | ||||||
|                     wget |  | ||||||
| 
 |  | ||||||
| echo "# Check and Install HWE kernel if possible..." |  | ||||||
| HWE_VIR_MOD="$(apt-cache madison linux-modules-extra-virtual-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c "extra-virtual-hwe")" |  | ||||||
| if [ "$HWE_VIR_MOD" == "1" ]; then |  | ||||||
|     apt-get -y install \ |  | ||||||
|     linux-image-generic-hwe-"$(lsb_release -sr)" \ |  | ||||||
|     linux-modules-extra-virtual-hwe-"$(lsb_release -sr)" |  | ||||||
|     else |  | ||||||
|     apt-get -y install \ |  | ||||||
|     linux-modules-extra-"$(uname -r)" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| #-------------------------------------------------- |  | ||||||
| # Install JVB2 |  | ||||||
| #-------------------------------------------------- |  | ||||||
| " |  | ||||||
| echo "jitsi-videobridge jitsi-videobridge/jvb-hostname string $MAIN_SRV_DOMAIN" | debconf-set-selections |  | ||||||
| 
 |  | ||||||
| apt-get -y install \ |  | ||||||
|                     jitsi-videobridge2 \ |  | ||||||
|                     openjdk-8-jre-headless |  | ||||||
| 
 |  | ||||||
| echo ' |  | ||||||
| ######################################################################## |  | ||||||
|                         Start JVB2 configuration |  | ||||||
| ######################################################################## |  | ||||||
| ' |  | ||||||
| 
 |  | ||||||
| mv $JVB2_CONF ${JVB2_CONF}-dpkg-file |  | ||||||
| 
 |  | ||||||
| ## JVB2 - CONFIG |  | ||||||
| cat << JVB2_CONF > $JVB2_CONF |  | ||||||
| # Jitsi Videobridge settings |  | ||||||
| 
 |  | ||||||
| # sets the XMPP domain (default: none) |  | ||||||
| JVB_HOSTNAME=$JVB_HN |  | ||||||
| 
 |  | ||||||
| # sets the hostname of the XMPP server (default: domain if set, localhost otherwise) |  | ||||||
| JVB_HOST=$JVB_HOST |  | ||||||
| 
 |  | ||||||
| # sets the port of the XMPP server (default: 5275) |  | ||||||
| JVB_PORT=$JVB_PORT |  | ||||||
| 
 |  | ||||||
| # sets the shared secret used to authenticate to the XMPP server |  | ||||||
| JVB_SECRET=$JVB_SECRET |  | ||||||
| 
 |  | ||||||
| # extra options to pass to the JVB daemon |  | ||||||
| JVB_OPTS=$JVB_OPTS |  | ||||||
| 
 |  | ||||||
| # adds java system props that are passed to jvb (default are for home and logging config file) |  | ||||||
| JAVA_SYS_PROPS=$SYS_PROPS |  | ||||||
| 
 |  | ||||||
| JVB2_CONF |  | ||||||
| 
 |  | ||||||
| 
 |  | ||||||
| mv $JVB2_SIP $JVB2_SIP-dpkg-file |  | ||||||
| ## JVB2 - SIP |  | ||||||
| cat << JVB2_SIP > $JVB2_SIP |  | ||||||
| # Legacy conf file, new format already at |  | ||||||
| # /etc/jitsi/videobridge/jvb.conf |  | ||||||
| # --add-jvb2-node.sh |  | ||||||
| JVB2_SIP |  | ||||||
| 
 |  | ||||||
| echo -e "\n---- Setting new config format for jvb2 node. ----" |  | ||||||
| sed -i '${/\}/d;}' $JVB2_NCONF |  | ||||||
| cat << JVB2 >> $JVB2_NCONF |  | ||||||
|     stats { |  | ||||||
|       # Enable broadcasting stats/presence in a MUC |  | ||||||
|       enabled = true |  | ||||||
|       transports = [ |  | ||||||
|         { type = "muc" } |  | ||||||
|       ] |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     apis { |  | ||||||
|       xmpp-client { |  | ||||||
|         configs { |  | ||||||
|           # Connect to the first XMPP server |  | ||||||
|           xmpp-server-$ADDUP { |  | ||||||
|             hostname="$MAIN_SRV_DOMAIN" |  | ||||||
|             domain = "auth.$MAIN_SRV_DOMAIN" |  | ||||||
|             username = "jvb" |  | ||||||
|             password = "$SHARD_PASS" |  | ||||||
|             muc_jids = "JvbBrewery@internal.auth.$MAIN_SRV_DOMAIN" |  | ||||||
|             # The muc_nickname must be unique across all jitsi-videobridge instances |  | ||||||
|             muc_nickname = "jvb2-$ADDUP" |  | ||||||
|             disable_certificate_verification = true |  | ||||||
|         } |  | ||||||
|       } |  | ||||||
|     } |  | ||||||
|   } |  | ||||||
| } |  | ||||||
| JVB2 |  | ||||||
| 
 |  | ||||||
| #Enable jvb2 services |  | ||||||
| systemctl enable jitsi-videobridge2.service |  | ||||||
| systemctl restart jitsi-videobridge2.service |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| ######################################################################## |  | ||||||
|                         Node addition complete!! |  | ||||||
| 
 |  | ||||||
|                For customized support: http://switnet.net |  | ||||||
| ######################################################################## |  | ||||||
| " |  | ||||||
| 
 |  | ||||||
| echo "Rebooting in..." |  | ||||||
| secs=$((15)) |  | ||||||
| while [ $secs -gt 0 ]; do |  | ||||||
|    echo -ne "$secs\033[0K\r" |  | ||||||
|    sleep 1 |  | ||||||
|    : $((secs--)) |  | ||||||
| done |  | ||||||
| reboot |  | ||||||
							
								
								
									
										136
									
								
								changelog
								
								
								
								
							
							
						
						
									
										136
									
								
								changelog
								
								
								
								
							|  | @ -1,136 +0,0 @@ | ||||||
| quick-jibri-installer (7.3.0) |  | ||||||
| 
 |  | ||||||
|     * excalibur: add installer for whiteboard feature. |  | ||||||
|     * quick_jibri_installer.sh: add excalidraw whiteboard backend |  | ||||||
|       disable jigasi selector |  | ||||||
|       add sed check test |  | ||||||
|       update features list |  | ||||||
|     * misc: update repository address to new home. |  | ||||||
|     * misc: update year to late 2023. |  | ||||||
|      |  | ||||||
| -- Software, IT & Networks <info@switnet.net>  Sat, 11 Nov 2023 21:18:29 -0600 |  | ||||||
| 
 |  | ||||||
| quick-jibri-installer (7.2.1) |  | ||||||
| 
 |  | ||||||
|     * changelog: update previous version. |  | ||||||
|     * quick_jibri_installer.sh: fix deprecated nodejs repo setup, |  | ||||||
|       add printwc function |  | ||||||
| 
 |  | ||||||
| -- Software, IT & Networks <info@switnet.net>  Sun, 22 Oct 2023 17:00:30 -0600 |  | ||||||
| 
 |  | ||||||
| quick-jibri-installer (7.2.0) |  | ||||||
| 
 |  | ||||||
|     * changelog: update previous version. |  | ||||||
|     * quick_jibri_installer.sh: rearrange chromedriver variables. |  | ||||||
|     * quick_jibri_installer.sh: fix empty varible usage. |  | ||||||
|     * quick_jibri_installer.sh: update nodejs to a stable release. |  | ||||||
|     * quick_jibri_installer.sh,jitsi-updater.sh: update chromedriver 115+ version download. |  | ||||||
|     * jra_nextcloud.sh: organize functions, add apt checks, higher password lenght and small fixes. |  | ||||||
|     * jitsi-updater.sh: fix check chrome driver version. |  | ||||||
| 
 |  | ||||||
| -- Software, IT & Networks <info@switnet.net>  Wed Aug 23 00:51:24 2023 -0600 |  | ||||||
| 
 |  | ||||||
| quick-jibri-installer (7.1.0) |  | ||||||
| 
 |  | ||||||
| * changelog: add changelog |  | ||||||
| * quick_jibri_installer.sh: increase support to 22.04 |  | ||||||
| fix key aggregation and remove deprecated letsencrypt ppa |  | ||||||
| * etherpad-docker.sh: fix key aggregation and variable collection. |  | ||||||
| * grafana.sh: fix gpg key aggregation |  | ||||||
| * jm-bm.sh: tweak sed |  | ||||||
| * jra_nextcloud.sh: fix key aggregation and variable collection. |  | ||||||
| * jra_nextcloud.sh: fix add gpg key function and add install available version package |  | ||||||
| * jra_nextcloud.sh: small fix for install_aval_package function |  | ||||||
| 
 |  | ||||||
| -- Software, IT & Networks <info@switnet.net>  Wed Feb 22 05:56:20 2023 -0600 |  | ||||||
| 
 |  | ||||||
| quick-jibri-installer (7.0.8) |  | ||||||
| 
 |  | ||||||
|     * jitsi-updater.sh: add checks for openjdk and nodejs supported versions |  | ||||||
|     * add-jibri-node.sh: set openjdk-jre-headless default version to 11 |  | ||||||
|     * changelog: add changelog |  | ||||||
| 
 |  | ||||||
| -- Software, IT & Networks <info@switnet.net>  Tue Nov 15 02:56:26 2022 -0600 |  | ||||||
| 
 |  | ||||||
| quick-jibri-installer (7.0.7) |  | ||||||
| 
 |  | ||||||
|     * quick_jibri_installer.sh: fix jaas & acme integration     |  | ||||||
| 
 |  | ||||||
| -- Software, IT & Networks <info@switnet.net>  Sun Oct 23 23:52:23 2022 -0500 |  | ||||||
| 
 |  | ||||||
| quick-jibri-installer (7.0.6) |  | ||||||
| 
 |  | ||||||
|     * jitsi-updater.sh: fix jitsi repo package update filtering. |  | ||||||
| 
 |  | ||||||
| -- Software, IT & Networks <info@switnet.net>  Fri Sep 30 04:04:31 2022 -0500 |  | ||||||
| 
 |  | ||||||
| quick-jibri-installer (7.0.5) |  | ||||||
| 
 |  | ||||||
|     * quick_jibri_installer.sh: use new setup to enable local recording feature. |  | ||||||
| 
 |  | ||||||
| -- Software, IT & Networks <info@switnet.net>  Fri Aug 19 07:23:41 2022 -0500 |  | ||||||
| 
 |  | ||||||
| quick-jibri-installer (7.0.4) |  | ||||||
| 
 |  | ||||||
|     * quick_jibri_installer.sh,jwt.sh: update anonymous string on prosody setup. |  | ||||||
|       -fix small format issues. |  | ||||||
| 
 |  | ||||||
| -- Software, IT & Networks <info@switnet.net>  Fri Aug 19 06:47:21 2022 -0500 |  | ||||||
| 
 |  | ||||||
| quick-jibri-installer (7.0.3) |  | ||||||
| 
 |  | ||||||
|     * jitsi-updater: fix condition to set turn config. |  | ||||||
|     * quick-jibri-installer: fix typo on path. |  | ||||||
| 
 |  | ||||||
| -- Software, IT & Networks <info@switnet.net>  Thu Jun 30 09:57:12 2022 -0500 |  | ||||||
| 
 |  | ||||||
| quick-jibri-installer (7.0.2) |  | ||||||
| 
 |  | ||||||
|     * Detect jibri node by jitsi-updater. |  | ||||||
| 
 |  | ||||||
| -- Software, IT & Networks <info@switnet.net>  Fri Jun 17 16:36:15 2022 -0500 |  | ||||||
| 
 |  | ||||||
| quick-jibri-installer (7.0.1) |  | ||||||
| 
 |  | ||||||
|     * Fix debug mode on triggered scripts. |  | ||||||
|     * Fix grep condition. |  | ||||||
| 
 |  | ||||||
| -- Software, IT & Networks <info@switnet.net>  Mon May 23 23:17:39 2022 -0500 |  | ||||||
| 
 |  | ||||||
| quick-jibri-installer (7.0) |  | ||||||
| 
 |  | ||||||
|     * Major rework, comply with shellcheck |  | ||||||
|      |  | ||||||
|     ## Add |  | ||||||
|     * Add experimental tool for AWS grub setup. |  | ||||||
|      |  | ||||||
|     ## Fix |  | ||||||
|     * Fix grafana configuration |  | ||||||
|     * Actually apply changes to nginx conf instead of symlink. |  | ||||||
|     * Actually require to run with admin rights. |  | ||||||
|     * Improve comments. |  | ||||||
|     * Rename and fix set_once function. |  | ||||||
|     * Fix jibri domain. |  | ||||||
|      |  | ||||||
|     ## Improve |  | ||||||
|     * Comply mode section with shellcheck recommendations. |  | ||||||
|     * Comply tools section with shellcheck recommendations. |  | ||||||
|     * Comply main scripts with shellcheck recommendations. |  | ||||||
|     * Improve shell quality |  | ||||||
|     * Change JDK version to 11 |  | ||||||
|     * Make warning visible. |  | ||||||
|     * Change email position, and small fixes |  | ||||||
|     * Several indenting changes |  | ||||||
|     * Set warning instead of "note". |  | ||||||
|     * Yet again more fixes on echo and printf |  | ||||||
|     * Standarize jra_nextcloud |  | ||||||
|     * Add comment on debconf state |  | ||||||
|     * Update SwITNet copyright and standarize debug option for scripts. |  | ||||||
|      |  | ||||||
|     ## Remove |  | ||||||
|     * Rename deprecated scripts folder |  | ||||||
|     * Remove old |  | ||||||
|     * Remove unused code |  | ||||||
|     * Finally remove jigasi deprecated script. |  | ||||||
| 
 |  | ||||||
| -- Software, IT & Networks <info@switnet.net>  Fri May 20 20:07:02 2022 -0500 |  | ||||||
|  | @ -1,307 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # Quick Jigasi Installer - *buntu (LTS) based systems. |  | ||||||
| # SwITNet Ltd © - 2020, https://switnet.net/ |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| ##################### Whistlist ####################### |  | ||||||
| # Saves final transcript in translated languages #130 -  |  | ||||||
| # https://github.com/jitsi/jigasi/pull/130 |  | ||||||
| ####################################################### |  | ||||||
| 
 |  | ||||||
| #Check if user is root |  | ||||||
| if ! [ "$(id -u)" = 0 ]; then |  | ||||||
|    echo "You need to be root or have sudo privileges!" |  | ||||||
|    exit 0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| clear |  | ||||||
| echo ' |  | ||||||
| ######################################################################## |  | ||||||
|                        Jigasi Transcript addon |  | ||||||
| ######################################################################## |  | ||||||
|                     by Software, IT & Networks Ltd |  | ||||||
| ' |  | ||||||
| 
 |  | ||||||
| JIGASI_CONFIG="/etc/jitsi/jigasi/config" |  | ||||||
| GC_API_JSON="/opt/gc-sdk/GCTranscriptAPI.json" |  | ||||||
| DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" |  | ||||||
| MEET_CONF="/etc/jitsi/meet/${DOMAIN}-config.js" |  | ||||||
| JIG_SIP_CONF="/etc/jitsi/jigasi/config" |  | ||||||
| JIG_SIP_PROP="/etc/jitsi/jigasi/sip-communicator.properties" |  | ||||||
| JIC_SIP_PROP="/etc/jitsi/jicofo/sip-communicator.properties" |  | ||||||
| JIG_TRANSC_PASWD="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 8 | head -n1)" |  | ||||||
| JIG_TRANSC_PASWD_B64="$(echo -n "$JIG_TRANSC_PASWD" | base64)" |  | ||||||
| DIST="$(lsb_release -sc)" |  | ||||||
| CHECK_GC_REPO="$(apt-cache policy | grep http | grep cloud-sdk | head -n1 | awk '{print $3}' | awk -F '/' '{print $1}')" |  | ||||||
| 
 |  | ||||||
| install_gc_repo() { |  | ||||||
| if [ "$CHECK_GC_REPO" = "cloud-sdk-$DIST" ]; then |  | ||||||
|     echo " |  | ||||||
| Google Cloud SDK repository already on the system! |  | ||||||
| " |  | ||||||
| else |  | ||||||
|     echo " |  | ||||||
| Adding Google Cloud SDK repository for latest updates |  | ||||||
| " |  | ||||||
|     export CLOUD_SDK_REPO="cloud-sdk-$DIST" |  | ||||||
|     echo "deb http://packages.cloud.google.com/apt $CLOUD_SDK_REPO main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list |  | ||||||
|     curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - |  | ||||||
| 
 |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| install_gc_repo |  | ||||||
| apt-get -q2 update |  | ||||||
| apt-get -y install google-cloud-sdk google-cloud-sdk-app-engine-java |  | ||||||
| 
 |  | ||||||
| echo "Please select one of the current options: |  | ||||||
| [1] I want to configure a new project, service account, billing and JSON credentials. |  | ||||||
| [2] I already have one project configured and already have a JSON key file from Google" |  | ||||||
| while [[ "$SETUP_TYPE" != "1" && "$SETUP_TYPE" != "2" ]] |  | ||||||
| do |  | ||||||
|     read -p "What option suits your setup?: (1 or 2)"$'\n' -r SETUP_TYPE |  | ||||||
|     if [ "$SETUP_TYPE" = "1" ]; then |  | ||||||
|       echo "We'll setup a GC Projects from scratch" |  | ||||||
|     elif [ "$SETUP_TYPE" = "2" ]; then |  | ||||||
|       echo "We'll setup only the project and JSON key." |  | ||||||
|     fi |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| if [ "$SETUP_TYPE" = 1 ]; then |  | ||||||
| ### Start of new project configuration - Google SDK |  | ||||||
| #Setup option 1 - Google Cloud SDK |  | ||||||
| echo "Once logged on Google Cloud SDK, please create a new project (last option)." |  | ||||||
| gcloud init |  | ||||||
| read -p "Enter the project name you just created for Jigasi Speech-to-Text"$'\n' -r GC_PROJECT_NAME |  | ||||||
| #Second login - Google Auth Library |  | ||||||
| echo "Login to Google Auth Library" |  | ||||||
| gcloud auth application-default login |  | ||||||
| 
 |  | ||||||
| # Start Google Cloud Configuration - Application Service |  | ||||||
| GC_MEMBER=transcript |  | ||||||
| echo "Checking if project exist..." |  | ||||||
| PROJECT_GC_ID="$(gcloud projects list | grep "$GC_PROJECT_NAME" | awk '{print$3}')" |  | ||||||
| while [ -z "$PROJECT_GC_ID" ] |  | ||||||
| do |  | ||||||
| read -p "Enter the project name you just created for Jigasi Speech-to-Text"$'\n' -r GC_PROJECT_NAME |  | ||||||
| if [ -z "$PROJECT_GC_ID" ]; then |  | ||||||
|     echo "Please check your project name," |  | ||||||
|     echo "There is no project listed with the provided name: $GC_PROJECT_NAME" |  | ||||||
|         PROJECT_GC_ID="$(gcloud projects list | grep "$GC_PROJECT_NAME" | awk '{print$3}')" |  | ||||||
|     fi |  | ||||||
| done |  | ||||||
| echo "Your $GC_PROJECT_NAME ID's project is: $PROJECT_GC_ID" |  | ||||||
| 
 |  | ||||||
| # Enable Speech2Text |  | ||||||
| echo "Important: Please enable billing on your project using the following URL: |  | ||||||
| https://console.developers.google.com/project/$PROJECT_GC_ID/settings" |  | ||||||
| 
 |  | ||||||
| echo "Checking billing..." |  | ||||||
| CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" |  | ||||||
| while [[ $? -eq 1 ]] |  | ||||||
| do |  | ||||||
| CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" |  | ||||||
| if [[ $? -eq 1 ]]; then |  | ||||||
|         echo "Seems you haven't enabled billing for this project: $GC_PROJECT_NAME" |  | ||||||
|         echo "  For that go to: https://console.developers.google.com/project/$PROJECT_GC_ID/settings |  | ||||||
|     " |  | ||||||
|         read -rp "Press Enter to continue" |  | ||||||
|         CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" |  | ||||||
| fi |  | ||||||
| done |  | ||||||
| echo "Billing account seems setup, continuing..." |  | ||||||
| 
 |  | ||||||
| gcloud iam service-accounts create "$GC_MEMBER" |  | ||||||
| 
 |  | ||||||
| gcloud projects add-iam-policy-binding  "$GC_PROJECT_NAME" \ |  | ||||||
|     --member serviceAccount:"$GC_MEMBER"@"$GC_PROJECT_NAME".iam.gserviceaccount.com \ |  | ||||||
|     --role  roles/editor |  | ||||||
| 
 |  | ||||||
| echo "Setup credentials:" |  | ||||||
| echo "Please go and download your valid json key at: |  | ||||||
| https://console.developers.google.com/apis/credentials?folder=&organizationId=&project=$GC_PROJECT_NAME" |  | ||||||
| ### End of new project configuration - Google SDK |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| if [ "$SETUP_TYPE" = "2" ]; then |  | ||||||
| #Setup option 1 - Google Cloud SDK |  | ||||||
| echo "Once logged on Google Cloud SDK, please select the project that owns to the JSON key." |  | ||||||
| gcloud init |  | ||||||
| echo "Login to Google Auth Library" |  | ||||||
| gcloud auth application-default login |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| echo "Setting up JSON key file..." |  | ||||||
| sleep 2 |  | ||||||
| mkdir /opt/gc-sdk/ |  | ||||||
| cat << KEY_JSON > "$GC_API_JSON" |  | ||||||
| # |  | ||||||
| # Paste below this comment your GC JSON key for the service account: |  | ||||||
| # $GC_MEMBER@$GC_PROJECT_NAME.iam.gserviceaccount.com |  | ||||||
| # |  | ||||||
| # Visit the following URL and create a *Service Account Key*: |  | ||||||
| # https://console.developers.google.com/apis/credentials?folder=&organizationId=&project=$GC_PROJECT_NAME |  | ||||||
| # These comment lines will be deleted afterwards. |  | ||||||
| # |  | ||||||
| KEY_JSON |  | ||||||
| chmod 644 "$GC_API_JSON" |  | ||||||
| nano "$GC_API_JSON" |  | ||||||
| sed -i '/^#/d' "$GC_API_JSON" |  | ||||||
| 
 |  | ||||||
| CHECK_JSON_KEY="$(cat "$GC_API_JSON" | python -m json.tool 2>/dev/null)" |  | ||||||
| while [[ $? -eq 1 ]] |  | ||||||
| do |  | ||||||
| CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)" |  | ||||||
| if [[ $? -eq 1 ]]; then |  | ||||||
|         echo "Check again your JSON file, syntax doesn't seem right" |  | ||||||
|         sleep 2 |  | ||||||
|         nano $GC_API_JSON |  | ||||||
|         CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)" |  | ||||||
| fi |  | ||||||
| done |  | ||||||
| echo " |  | ||||||
| Great, seems your JSON key syntax is fine. |  | ||||||
| " |  | ||||||
| sleep 2 |  | ||||||
| 
 |  | ||||||
| export GOOGLE_APPLICATION_CREDENTIALS=$GC_API_JSON |  | ||||||
| 
 |  | ||||||
| echo "Installing Jigasi, your SIP credentials will be asked. (mandatory)" |  | ||||||
| apt-get -y install jigasi |  | ||||||
| #apt-mark hold jigasi |  | ||||||
| 
 |  | ||||||
| cat  << JIGASI_CONF >> "$JIGASI_CONFIG" |  | ||||||
| 
 |  | ||||||
| GOOGLE_APPLICATION_CREDENTIALS=$GC_API_JSON |  | ||||||
| 
 |  | ||||||
| JIGASI_CONF |  | ||||||
| 
 |  | ||||||
| echo "Your Google Cloud credentials are at $GC_API_JSON" |  | ||||||
| 
 |  | ||||||
| echo "Setting up Jigasi transcript with current platform..." |  | ||||||
| #Connect callcontrol |  | ||||||
| sed -i "s|// call_control:|call_control:|" "$MEET_CONF" |  | ||||||
| sed -i "s|// transcribingEnabled|transcribingEnabled|" "$MEET_CONF" |  | ||||||
| sed -i "/transcribingEnabled/ s|false|true|" "$MEET_CONF" |  | ||||||
| 
 |  | ||||||
| #siptest2siptest@domain.con |  | ||||||
| #changed from conference to internal.auth from jibri |  | ||||||
| sed -i "s|siptest|siptest@internal.auth.$DOMAIN|" "$JIG_SIP_PROP" |  | ||||||
| 
 |  | ||||||
| #Disable component in favor of MUC |  | ||||||
| if [ "$(grep -c nocomponent "$JIG_SIP_CONF")" != 0 ]; then |  | ||||||
|     echo "Jigasi component is already disabled." |  | ||||||
| else |  | ||||||
|     echo "Disabling jigasi component in favor of MUC" |  | ||||||
|     sed -i "s|JIGASI_OPTS=.*|JIGASI_OPTS=\"--nocomponent=true\"|" "$JIG_SIP_CONF" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #Setup XMPP |  | ||||||
| cat << ACC1_XMPP >> "$JIG_SIP_PROP" |  | ||||||
| 
 |  | ||||||
| # XMPP account used for control |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1=acc1 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.ACCOUNT_UID=Jabber:jigasi@auth.$DOMAIN@$DOMAIN |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.USER_ID=jigasi@auth.$DOMAIN |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.IS_SERVER_OVERRIDDEN=true |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.SERVER_ADDRESS=$DOMAIN |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.SERVER_PORT=5222 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.PASSWORD=$JIG_TRANSC_PASWD_B64 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.AUTO_GENERATE_RESOURCE=true |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.RESOURCE_PRIORITY=30 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.IS_CARBON_DISABLED=true |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.DEFAULT_ENCRYPTION=true |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.IS_USE_ICE=true |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.IS_ACCOUNT_DISABLED=false |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.IS_PREFERRED_PROTOCOL=false |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.AUTO_DISCOVER_JINGLE_NODES=false |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.PROTOCOL=Jabber |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.IS_USE_UPNP=false |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.USE_DEFAULT_STUN_SERVER=true |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.ENCRYPTION_PROTOCOL.DTLS-SRTP=0 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.ENCRYPTION_PROTOCOL_STATUS.DTLS-SRTP=true |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.VIDEO_CALLING_DISABLED=true |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.OVERRIDE_ENCODINGS=true |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.G722/8000=705 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.GSM/8000=0 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.H263-1998/90000=0 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.H264/90000=0 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.PCMA/8000=0 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.PCMU/8000=0 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/12000=0 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/16000=0 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/24000=0 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/8000=0 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.VP8/90000=0 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.iLBC/8000=0 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.opus/48000=750 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.speex/16000=0 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.speex/32000=0 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.speex/8000=0 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.telephone-event/8000=0 |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.BREWERY=JigasiBreweryRoom@internal.auth.$DOMAIN |  | ||||||
| net.java.sip.communicator.impl.protocol.jabber.acc1.DOMAIN_BASE=$DOMAIN |  | ||||||
| 
 |  | ||||||
| org.jitsi.jigasi.MUC_SERVICE_ADDRESS=conference.$DOMAIN |  | ||||||
| org.jitsi.jigasi.BREWERY_ENABLED=true |  | ||||||
| 
 |  | ||||||
| org.jitsi.jigasi.HEALTH_CHECK_SIP_URI="" |  | ||||||
| org.jitsi.jigasi.HEALTH_CHECK_INTERVAL=300000 |  | ||||||
| org.jitsi.jigasi.HEALTH_CHECK_TIMEOUT=600000 |  | ||||||
| 
 |  | ||||||
| org.jitsi.jigasi.xmpp.acc.IS_SERVER_OVERRIDDEN=true |  | ||||||
| #org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=$DOMAIN |  | ||||||
| 
 |  | ||||||
| org.jitsi.jigasi.xmpp.acc.VIDEO_CALLING_DISABLED=true |  | ||||||
| org.jitsi.jigasi.xmpp.acc.JINGLE_NODES_ENABLED=false |  | ||||||
| org.jitsi.jigasi.xmpp.acc.AUTO_DISCOVER_STUN=false |  | ||||||
| org.jitsi.jigasi.xmpp.acc.IM_DISABLED=true |  | ||||||
| org.jitsi.jigasi.xmpp.acc.SERVER_STORED_INFO_DISABLED=true |  | ||||||
| org.jitsi.jigasi.xmpp.acc.IS_FILE_TRANSFER_DISABLED=true |  | ||||||
| 
 |  | ||||||
| org.jitsi.jigasi.xmpp.acc.USER_ID=jigasi@auth.$DOMAIN |  | ||||||
| org.jitsi.jigasi.xmpp.acc.PASS=$JIG_TRANSC_PASWD |  | ||||||
| org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false |  | ||||||
| org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true |  | ||||||
| ACC1_XMPP |  | ||||||
| 
 |  | ||||||
| #Enable transcription config |  | ||||||
| sed -i "/ENABLE_TRANSCRIPTION/ s|#||" "$JIG_SIP_PROP" |  | ||||||
| sed -i "/ENABLE_TRANSCRIPTION/ s|false|true|" "$JIG_SIP_PROP" |  | ||||||
| sed -i "/ENABLE_SIP/ s|#||" "$JIG_SIP_PROP" |  | ||||||
| sed -i "/ENABLE_SIP/ s|true|false|" "$JIG_SIP_PROP" |  | ||||||
| 
 |  | ||||||
| #Transcript format |  | ||||||
| sed -i "/SAVE_JSON/ s|# ||" "$JIG_SIP_PROP" |  | ||||||
| sed -i "/SEND_JSON/ s|# ||" "$JIG_SIP_PROP" |  | ||||||
| sed -i "/SAVE_TXT/ s|# ||" "$JIG_SIP_PROP" |  | ||||||
| sed -i "/SEND_TXT/ s|# ||" "$JIG_SIP_PROP" |  | ||||||
| #sed -i "/SEND_TXT/ s|false|true|" $JIG_SIP_PROP |  | ||||||
| 
 |  | ||||||
| #Allow to connect other than same server only. |  | ||||||
| sed -i \ |  | ||||||
| "/xmpp.acc.SERVER_ADDRESS/ s|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=.*|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=$DOMAIN|" \ |  | ||||||
| "$JIG_SIP_PROP" |  | ||||||
| 
 |  | ||||||
| #Remember to study how to use LE or what's needed #ToDo |  | ||||||
| sed -i "/ALWAYS_TRUST_MODE_ENABLED/ s|# ||" "$JIG_SIP_PROP" |  | ||||||
| 
 |  | ||||||
| prosodyctl register jigasi auth."$DOMAIN" "$JIG_TRANSC_PASWD" |  | ||||||
| 
 |  | ||||||
| #Set Brewery |  | ||||||
| cat << JIG_JIC >> "$JIC_SIP_PROP" |  | ||||||
| org.jitsi.jicofo.jigasi.BREWERY=JigasiBreweryRoom@internal.auth.$DOMAIN |  | ||||||
| JIG_JIC |  | ||||||
| 
 |  | ||||||
| systemctl restart prosody \ |  | ||||||
|                   jicofo \ |  | ||||||
|                   jibri* \ |  | ||||||
|                   jitsi-videobridge2 |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| Full transcript files are available at: |  | ||||||
| --> /var/lib/jigasi/transcripts/ |  | ||||||
| " |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| Happy transcripting! |  | ||||||
| " |  | ||||||
|  | @ -1,166 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # Etherpad Installer for Jitsi Meet |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
|     set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| if ! [ "$(id -u)" = 0 ]; then |  | ||||||
|    echo "You need to be root or have sudo privileges!" |  | ||||||
|    exit 0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| clear |  | ||||||
| echo ' |  | ||||||
| ######################################################################## |  | ||||||
|                          Etherpad Docker addon |  | ||||||
| ######################################################################## |  | ||||||
|                     by Software, IT & Networks Ltd |  | ||||||
| ' |  | ||||||
| FORGE_REPO="https://forge.switnet.net/switnet/quick-jibri-installer" |  | ||||||
| check_apt_policy() { |  | ||||||
|     apt-cache policy 2>/dev/null| \ |  | ||||||
|     awk "/$1/{print \$3}" | \ |  | ||||||
|     awk -F '/' 'NR==1{print$2}' |  | ||||||
| } |  | ||||||
| install_ifnot() { |  | ||||||
| if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then |  | ||||||
|     echo " $1 is installed, skipping..." |  | ||||||
|     else |  | ||||||
|         echo -e "\n---- Installing $1 ----" |  | ||||||
|         apt-get -yq2 install "$1" |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| # Test for matches |  | ||||||
| test_match() { |  | ||||||
| if grep -q "$1" "$2" ; then |  | ||||||
|     echo "$(basename "$2") - OK..." |  | ||||||
| else |  | ||||||
|     echo "$(basename "$2"), FAIL..." |  | ||||||
|     echo "Please report this to $FORGE_REPO" |  | ||||||
|     exit |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" |  | ||||||
| MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js" |  | ||||||
| WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf" |  | ||||||
| PSGVER="$(apt-cache madison postgresql|tr -d '[:blank:]'|awk -F'[|+]' 'NR==1{print $2}')" |  | ||||||
| ETHERPAD_DB_USER="dockerpad" |  | ||||||
| ETHERPAD_DB_NAME="etherpad" |  | ||||||
| ETHERPAD_DB_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)" |  | ||||||
| WS_CONF_MATCH1="# ensure all static content can always be found first" |  | ||||||
| WS_MATCH2="upstream prosody {" |  | ||||||
| 
 |  | ||||||
| read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS |  | ||||||
| 
 |  | ||||||
| install -m 600 /dev/null /var/opt/etherpad_details.txt |  | ||||||
| cat << EOF > /var/opt/etherpad_details.txt |  | ||||||
| ETHERPAD_ADMIN_PASS=$ETHERPAD_ADMIN_PASS |  | ||||||
| ETHERPAD_DB_USER=$ETHERPAD_DB_USER |  | ||||||
| ETHERPAD_DB_NAME=$ETHERPAD_DB_NAME |  | ||||||
| ETHERPAD_DB_PASS=$ETHERPAD_DB_PASS |  | ||||||
| EOF |  | ||||||
| 
 |  | ||||||
| # Make sure we can rely on the match strings. |  | ||||||
| printf "> Testing match strings on config files.\n" |  | ||||||
| test_match "$WS_MATCH1" "$WS_CONF" |  | ||||||
| test_match "$WS_MATCH2" "$WS_CONF" |  | ||||||
| 
 |  | ||||||
| # Install required packages |  | ||||||
| install_ifnot docker.io |  | ||||||
| install_ifnot postgresql-"$PSGVER" |  | ||||||
| 
 |  | ||||||
| # Create DB |  | ||||||
| echo -e "> Creating postgresql database for container...\n" |  | ||||||
| sudo -u postgres psql <<DB |  | ||||||
| CREATE DATABASE ${ETHERPAD_DB_NAME}; |  | ||||||
| CREATE USER ${ETHERPAD_DB_USER} WITH ENCRYPTED PASSWORD '${ETHERPAD_DB_PASS}'; |  | ||||||
| GRANT ALL PRIVILEGES ON DATABASE ${ETHERPAD_DB_NAME} TO ${ETHERPAD_DB_USER}; |  | ||||||
| \c ${ETHERPAD_DB_NAME} |  | ||||||
| ALTER SCHEMA public OWNER TO ${ETHERPAD_DB_USER}; |  | ||||||
| DB |  | ||||||
| 
 |  | ||||||
| # Check fot docker if not running then execute |  | ||||||
| if [ ! "$(docker ps -q -f name=etherpad)" ]; then |  | ||||||
|     if [ "$(docker ps -aq -f status=exited -f name=etherpad)" ]; then |  | ||||||
|         # cleanup |  | ||||||
|         docker rm -f etherpad |  | ||||||
|     fi |  | ||||||
|     # run your container |  | ||||||
|     docker run -d --restart always \ |  | ||||||
|     --network=host \ |  | ||||||
|     --name etherpad \ |  | ||||||
|     -p 127.0.0.1:9001:9001 \ |  | ||||||
|     -e "ADMIN_PASSWORD=$ETHERPAD_ADMIN_PASS" \ |  | ||||||
|     -e "DB_TYPE=postgres"   \ |  | ||||||
|     -e "DB_HOST=localhost"   \ |  | ||||||
|     -e "DB_PORT=5432"   \ |  | ||||||
|     -e "DB_NAME=$ETHERPAD_DB_NAME"   \ |  | ||||||
|     -e "DB_USER=$ETHERPAD_DB_USER" \ |  | ||||||
|     -e "DB_PASS=$ETHERPAD_DB_PASS" \ |  | ||||||
|     etherpad/etherpad |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| # Tune webserver for Jitsi App control |  | ||||||
| 
 |  | ||||||
| if [ "$(grep -c etherpad "$WS_CONF")" != 0 ]; then |  | ||||||
|     echo "> Webserver seems configured, skipping..." |  | ||||||
| elif [ -f "$WS_CONF" ]; then |  | ||||||
|     echo "> Setting up webserver configuration file..." |  | ||||||
|     if ! grep -q 'map $http_upgrade $connection_upgrade' "$WS_CONF"; then |  | ||||||
|         echo "  > Setting mapping upgrade connection." |  | ||||||
|         sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections or Etherpad" "$WS_CONF" |  | ||||||
|         sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF" |  | ||||||
|         sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF" |  | ||||||
|         sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF" |  | ||||||
|         sed -i "/$WS_MATCH2/i }" "$WS_CONF" |  | ||||||
|     else |  | ||||||
|         echo "  > Upgrade connection mapping already setup." |  | ||||||
|     fi |  | ||||||
|     sed -i "/$WS_CONF_MATCH1/i \ \ \ \ #Etherpad block" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_CONF_MATCH1/i \ \ \ \ location \^\~\ \/etherpad\/ {" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Upgrade \$http_upgrade;" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Connection \$connection_upgrade;" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header X-Forwarded-For \$remote_addr;" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_buffering off;" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_redirect off;" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header       Host \$host;" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:9001\/;" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_CONF_MATCH1/i \ \ \ \ }" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_CONF_MATCH1/i \\\n" "$WS_CONF" |  | ||||||
| else |  | ||||||
|     echo "> No etherpad config done to server file, please report to:" |  | ||||||
|     echo "    -> https://forge.switnet.net/switnet/quick-jibri-installer/issues" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| # Configure config.js |  | ||||||
| if [ "$(grep -c "etherpad_base" "$WS_CONF")" != 0 ]; then |  | ||||||
|     echo -e "> $MEET_CONF seems configured, skipping...\n" |  | ||||||
| else |  | ||||||
|     echo -e "> Setting etherpad domain at $MEET_CONF...\n" |  | ||||||
|     sed -i "s|// etherpad_base: .*|etherpad_base: \'https://$DOMAIN/etherpad/p/\',|" "$MEET_CONF" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| echo "> Checking nginx configuration..." |  | ||||||
| 
 |  | ||||||
| if nginx -t 2>/dev/null ; then |  | ||||||
|     echo -e "  -- Docker configuration seems fine, enabling it." |  | ||||||
| #    systemctl reload nginx |  | ||||||
| else |  | ||||||
|     echo "Please check your configuration, something may be wrong." |  | ||||||
|     echo "Will not try to enable etherpad nginx configuration, please report to:" |  | ||||||
|     echo "    -> https://forge.switnet.net/switnet/quick-jibri-installer/issues" |  | ||||||
| fi |  | ||||||
|  | @ -1,208 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # Excalidraw Jitsi Backend Installer |  | ||||||
| # |  | ||||||
| # Based on: |  | ||||||
| # - https://community.jitsi.org/t/118883 |  | ||||||
| # |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
|     set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| if ! [ "$(id -u)" = 0 ]; then |  | ||||||
|    echo "You need to be root or have sudo privileges!" |  | ||||||
|    exit 0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| # Reset |  | ||||||
| Color_Off='\e[0m'       # Text Reset |  | ||||||
| # Regular Colors |  | ||||||
| Black='\e[0;30m'        # Black |  | ||||||
| Red='\e[0;31m'          # Red |  | ||||||
| Green='\e[0;32m'        # Green |  | ||||||
| Yellow='\e[0;33m'       # Yellow |  | ||||||
| Blue='\e[0;34m'         # Blue |  | ||||||
| Purple='\e[0;35m'       # Purple |  | ||||||
| Cyan='\e[0;36m'         # Cyan |  | ||||||
| 
 |  | ||||||
| printwc() { |  | ||||||
|     printf "%b$2%b" "$1" "${Color_Off}" |  | ||||||
| } |  | ||||||
| print_title() { |  | ||||||
| printwc "${Blue}" "\n#--------------------------------------------------" |  | ||||||
| printwc "${Blue}" "\n# $1" |  | ||||||
| printwc "${Blue}" "\n#--------------------------------------------------\n" |  | ||||||
| } |  | ||||||
| restart_jibri() { |  | ||||||
| if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ] |  | ||||||
| then |  | ||||||
|     systemctl restart jibri |  | ||||||
|     systemctl restart jibri-icewm |  | ||||||
|     systemctl restart jibri-xorg |  | ||||||
| else |  | ||||||
|     echo "Jibri service not installed" |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| restart_services() { |  | ||||||
|     systemctl restart jitsi-videobridge2 |  | ||||||
|     systemctl restart jicofo |  | ||||||
|     restart_jibri |  | ||||||
|     systemctl restart prosody |  | ||||||
| } |  | ||||||
| test_match() { |  | ||||||
| if grep -q "$1" "$2" ; then |  | ||||||
|     echo "$(basename "$2") - OK..." |  | ||||||
| else |  | ||||||
|     echo "$(basename "$2"), FAIL..." |  | ||||||
|     echo "Please report this to https://forge.switnet.net/switnet/quick-jibri-installer" |  | ||||||
|     exit |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| clear |  | ||||||
| echo -e '\n |  | ||||||
| ######################################################################## |  | ||||||
|                   Excalidraw Jitsi Backend Installer |  | ||||||
| ######################################################################## |  | ||||||
|                     by Software, IT & Networks Ltd |  | ||||||
| \n' |  | ||||||
| 
 |  | ||||||
| DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" |  | ||||||
| WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf" |  | ||||||
| PROSODY_FILE="/etc/prosody/conf.d/$DOMAIN.cfg.lua" |  | ||||||
| MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js" |  | ||||||
| WS_MATCH1='# ensure all static content can always be found first' |  | ||||||
| PROS_MATCH1='"av_moderation";' |  | ||||||
| PROS_MATCH2='breakout_rooms_muc = "breakout.' |  | ||||||
| PROS_MATCH3='VirtualHost "recorder.' |  | ||||||
| CONFIG_MATCH1='List of undocumented settings used in jitsi-meet' |  | ||||||
| EXCALIDRAW_HOME="/opt/excalidraw" |  | ||||||
| EXCAL_MATCH1="prometheus.metrics(io" |  | ||||||
| EXCAL_NEW_PORT="9091" |  | ||||||
| EXCAL_PORT_FILE="$EXCALIDRAW_HOME/backend/src/index.ts" |  | ||||||
| 
 |  | ||||||
| # Make sure we can rely on the match strings. |  | ||||||
| printf "Testing match strings on config files.\n" |  | ||||||
| test_match "$WS_MATCH1" "$WS_CONF" |  | ||||||
| test_match "$PROS_MATCH1" "$PROSODY_FILE" |  | ||||||
| test_match "$PROS_MATCH2" "$PROSODY_FILE" |  | ||||||
| test_match "$PROS_MATCH3" "$PROSODY_FILE" |  | ||||||
| test_match "$PROS_MATCH3" "$PROSODY_FILE" |  | ||||||
| test_match "$CONFIG_MATCH1" "$MEET_CONF" |  | ||||||
| 
 |  | ||||||
| #-------------------------------------------------- |  | ||||||
| print_title "Setup excalidraw backend." |  | ||||||
| #-------------------------------------------------- |  | ||||||
| adduser --home "$EXCALIDRAW_HOME" --disabled-password --gecos "" excalidraw |  | ||||||
| git clone https://github.com/jitsi/excalidraw-backend "$EXCALIDRAW_HOME/backend" |  | ||||||
| test_match "$EXCAL_MATCH1" "$EXCAL_PORT_FILE" |  | ||||||
| 
 |  | ||||||
| chown -R excalidraw:excalidraw "$EXCALIDRAW_HOME" |  | ||||||
| cd "$EXCALIDRAW_HOME/backend" |  | ||||||
| sudo -u excalidraw cp .env.development .env.production |  | ||||||
| 
 |  | ||||||
| # Use documented port to get some sort of standarization. |  | ||||||
| if sed -n "/$EXCAL_MATCH1/,/});/p" "$EXCAL_PORT_FILE" |grep -q port: ; then |  | ||||||
|     echo -e "> Update predefined port for metrics to $EXCAL_NEW_PORT\n" |  | ||||||
|     sed -i "/$EXCAL_MATCH1/,/});/s|port:.*,|port: $EXCAL_NEW_PORT,|" "$EXCAL_PORT_FILE" |  | ||||||
| else |  | ||||||
|     echo -e "> Define new port from default to $EXCAL_NEW_PORT\n" |  | ||||||
|     sed -i  "/$EXCAL_MATCH1/a \ \ \ \ port: $EXCAL_NEW_PORT," "$EXCAL_PORT_FILE" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| printf "Installing npm backend.\n" |  | ||||||
| sudo -u excalidraw npm install |  | ||||||
| sudo -u excalidraw npm run build |  | ||||||
| 
 |  | ||||||
| #-------------------------------------------------- |  | ||||||
| print_title "Setup system & jitsi config files." |  | ||||||
| #-------------------------------------------------- |  | ||||||
| # Enable websocket on nginx |  | ||||||
| sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF" |  | ||||||
| sed -i "/$WS_MATCH1/i \ \ \ \ location = /socket.io/ {" "$WS_CONF" |  | ||||||
| sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_pass http://127.0.0.1:3002/socket.io/?\$args;" "$WS_CONF" |  | ||||||
| sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF" |  | ||||||
| sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Upgrade \$http_upgrade;" "$WS_CONF" |  | ||||||
| sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Connection \"upgrade\";" "$WS_CONF" |  | ||||||
| sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Host \$http_host;" "$WS_CONF" |  | ||||||
| sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ tcp_nodelay on;" "$WS_CONF" |  | ||||||
| sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF" |  | ||||||
| sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF" |  | ||||||
| 
 |  | ||||||
| if grep -rq room_metadata /etc/prosody/conf.d/ ;then |  | ||||||
|     echo "> Prosody seems to be already configured." |  | ||||||
| else |  | ||||||
|     echo "> Setting up prosody for whiteboard..." |  | ||||||
|     # Modules enabled |  | ||||||
|     sed -i "/$PROS_MATCH1/a \ \ \ \ \ \ \ \ \"room_metadata\";" "$PROSODY_FILE" |  | ||||||
|     # Define internal component |  | ||||||
|     sed -i "/$PROS_MATCH2/a \ \ \ \ room_metadata_component = \"metadata.$DOMAIN\"" "$PROSODY_FILE" |  | ||||||
|     # Register component |  | ||||||
|     sed -i "/$PROS_MATCH3/i \\\n" "$PROSODY_FILE" |  | ||||||
|     sed -i "/$PROS_MATCH3/i Component \"metadata.$DOMAIN\" \"room_metadata_component\"" "$PROSODY_FILE" |  | ||||||
|     sed -i "/$PROS_MATCH3/i \ \ \ \ muc_component = \"conference.$DOMAIN\"" "$PROSODY_FILE" |  | ||||||
|     sed -i "/$PROS_MATCH3/i \ \ \ \ breakout_rooms_component = \"breakout.$DOMAIN\"" "$PROSODY_FILE" |  | ||||||
|     sed -i "/$PROS_MATCH3/i \\\n" "$PROSODY_FILE" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| printf "\n# Checking for whitebord setup at %s.\n" "$(basename "$MEET_CONF")" |  | ||||||
| if [ -z "$(sed -n '/whiteboard: {/,/},/p' "$MEET_CONF")" ]; then |  | ||||||
|     echo "> No present configuration on current config.js file" |  | ||||||
|     sed -i "/$CONFIG_MATCH1/i \\\n" "$MEET_CONF" |  | ||||||
|     sed -i "/$CONFIG_MATCH1/i \ \ \ \ whiteboard: {" "$MEET_CONF" |  | ||||||
|     sed -i "/$CONFIG_MATCH1/i \ \ \ \ \ \ \ \ enabled: true," "$MEET_CONF" |  | ||||||
|     sed -i "/$CONFIG_MATCH1/i \ \ \ \ \ \ \ \ collabServerBaseUrl: 'https://$DOMAIN'" "$MEET_CONF" |  | ||||||
|     sed -i "/$CONFIG_MATCH1/i \ \ \ \ }," "$MEET_CONF" |  | ||||||
|     sed -i "/$CONFIG_MATCH1/i \\\n" "$MEET_CONF" |  | ||||||
| else |  | ||||||
|     echo "> Enabling configuration on current config.js file" |  | ||||||
|     sed -i "/whiteboard: {/,/},/s|// ||" "$MEET_CONF" |  | ||||||
|     sed -i "/collabServerBaseUrl:/s|'https://.*'|'https://$DOMAIN'|" "$MEET_CONF" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| if  sed -n '/toolbarButtons: \[/,/\],/p' "$MEET_CONF" | \ |  | ||||||
|     grep -v '//'| grep -q whiteboard ; then |  | ||||||
|     echo "> Whiteboard toolbar already enabled." |  | ||||||
| elif sed -n '/toolbarButtons: \[/,/\],/p' "$MEET_CONF" | \ |  | ||||||
|      grep -v '//'|grep -q toolbarButtons: ; then  |  | ||||||
|     echo "> Enabling whiteboard toolbar." |  | ||||||
|     sed -i "/toolbarButtons:/a \ \ \ \ \ \ \ 'whiteboard'," "$MEET_CONF" |  | ||||||
| else |  | ||||||
|     echo "> ToolbarButtons not customized, whiteboard should be enabled by default," |  | ||||||
|     echo "  otherwise, please report to: https://forge.switnet.net/switnet/quick-jibri-installer/issues" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| printf "\n# Add systemd service\n" |  | ||||||
| cat << EOF > /etc/systemd/system/excalidraw.service |  | ||||||
| [Unit] |  | ||||||
| Description=Excalidraw backend |  | ||||||
| After=network-online.target |  | ||||||
| 
 |  | ||||||
| [Service] |  | ||||||
| User=excalidraw |  | ||||||
| Group=excalidraw |  | ||||||
| WorkingDirectory=$EXCALIDRAW_HOME/backend |  | ||||||
| ExecStart=npm start |  | ||||||
| Restart=always |  | ||||||
| RestartSec=5s |  | ||||||
| 
 |  | ||||||
| [Install] |  | ||||||
| WantedBy=multi-user.target |  | ||||||
| EOF |  | ||||||
| 
 |  | ||||||
| systemctl enable excalidraw.service |  | ||||||
| systemctl start excalidraw.service |  | ||||||
| 
 |  | ||||||
| printwc "${Green}" "\nExcalidraw setup complete!\n" |  | ||||||
| restart_services |  | ||||||
							
								
								
									
										109
									
								
								files/jibri.conf
								
								
								
								
							
							
						
						
									
										109
									
								
								files/jibri.conf
								
								
								
								
							|  | @ -1,109 +0,0 @@ | ||||||
| // XMPP environment config. |  | ||||||
| jibri { |  | ||||||
|     streaming { |  | ||||||
|         // A list of regex patterns for allowed RTMP URLs.  The RTMP URL used |  | ||||||
|         // when starting a stream must match at least one of the patterns in |  | ||||||
|         // this list. |  | ||||||
|         rtmp-allow-list = [ |  | ||||||
|           // By default, all services are allowed |  | ||||||
|           ".*" |  | ||||||
|         ] |  | ||||||
|     } |  | ||||||
|     ffmpeg { |  | ||||||
|         resolution = JIBRI_RES_CONF |  | ||||||
|     } |  | ||||||
|     chrome { |  | ||||||
|         // The flags which will be passed to chromium when launching |  | ||||||
|         flags = [ |  | ||||||
|           "--use-fake-ui-for-media-stream", |  | ||||||
|           "--start-maximized", |  | ||||||
|           "--kiosk", |  | ||||||
|           "--enabled", |  | ||||||
|           "--disable-infobars", |  | ||||||
|           "--autoplay-policy=no-user-gesture-required", |  | ||||||
|           "--ignore-certificate-errors", |  | ||||||
|           "--disable-dev-shm-usage" |  | ||||||
|         ] |  | ||||||
|     } |  | ||||||
|     stats { |  | ||||||
|         enable-stats-d = true |  | ||||||
|     } |  | ||||||
|     call-status-checks { |  | ||||||
|         // If all clients have their audio and video muted and if Jibri does not |  | ||||||
|         // detect any data stream (audio or video) comming in, it will stop |  | ||||||
|         // recording after NO_MEDIA_TIMEOUT expires. |  | ||||||
|         no-media-timeout = 30 seconds |  | ||||||
| 
 |  | ||||||
|         // If all clients have their audio and video muted, Jibri consideres this |  | ||||||
|         // as an empty call and stops the recording after ALL_MUTED_TIMEOUT expires. |  | ||||||
|         all-muted-timeout = 10 minutes |  | ||||||
| 
 |  | ||||||
|         // When detecting if a call is empty, Jibri takes into consideration for how |  | ||||||
|         // long the call has been empty already. If it has been empty for more than |  | ||||||
|         // DEFAULT_CALL_EMPTY_TIMEOUT, it will consider it empty and stop the recording. |  | ||||||
|         default-call-empty-timeout = 30 seconds |  | ||||||
|     } |  | ||||||
|     recording { |  | ||||||
|          recordings-directory = "DIR_RECORD" |  | ||||||
|          finalize-script = "REC_DIR" |  | ||||||
|     } |  | ||||||
|     api { |  | ||||||
|         xmpp { |  | ||||||
|             environments = [ |  | ||||||
|                 { |  | ||||||
|                 // A user-friendly name for this environment |  | ||||||
|                 name = "JB_NAME" |  | ||||||
| 
 |  | ||||||
|                 // A list of XMPP server hosts to which we'll connect |  | ||||||
|                 xmpp-server-hosts = [ "DOMAIN" ] |  | ||||||
| 
 |  | ||||||
|                 // The base XMPP domain |  | ||||||
|                 xmpp-domain = "DOMAIN" |  | ||||||
| 
 |  | ||||||
|                 // The MUC we'll join to announce our presence for |  | ||||||
|                 // recording and streaming services |  | ||||||
|                 control-muc { |  | ||||||
|                     domain = "internal.auth.DOMAIN" |  | ||||||
|                     room-name = "JibriBrewery" |  | ||||||
|                     nickname = "Live" |  | ||||||
|                 } |  | ||||||
| 
 |  | ||||||
|                 // The login information for the control MUC |  | ||||||
|                 control-login { |  | ||||||
|                     domain = "auth.DOMAIN" |  | ||||||
|                     username = "jibri" |  | ||||||
|                     password = "JB_AUTH_PASS" |  | ||||||
|                 } |  | ||||||
| 
 |  | ||||||
|                 // An (optional) MUC configuration where we'll |  | ||||||
|                 // join to announce SIP gateway services |  | ||||||
|             //    sip-control-muc { |  | ||||||
|             //        domain = "domain" |  | ||||||
|             //        room-name = "room-name" |  | ||||||
|             //        nickname = "nickname" |  | ||||||
|             //    } |  | ||||||
| 
 |  | ||||||
|                 // The login information the selenium web client will use |  | ||||||
|                 call-login { |  | ||||||
|                     domain = "recorder.DOMAIN" |  | ||||||
|                     username = "recorder" |  | ||||||
|                     password = "JB_REC_PASS" |  | ||||||
|                 } |  | ||||||
| 
 |  | ||||||
|                 // The value we'll strip from the room JID domain to derive |  | ||||||
|                 // the call URL |  | ||||||
|                 strip-from-room-domain = "conference." |  | ||||||
| 
 |  | ||||||
|                 // How long Jibri sessions will be allowed to last before |  | ||||||
|                 // they are stopped.  A value of 0 allows them to go on |  | ||||||
|                 // indefinitely |  | ||||||
|                 usage-timeout = 0 hour |  | ||||||
| 
 |  | ||||||
|                 // Whether or not we'll automatically trust any cert on |  | ||||||
|                 // this XMPP domain |  | ||||||
|                 trust-all-xmpp-certs = true |  | ||||||
|                 } |  | ||||||
|             ] |  | ||||||
|         } |  | ||||||
|     } |  | ||||||
| } |  | ||||||
|  | @ -1,24 +0,0 @@ | ||||||
| [ |  | ||||||
|     { |  | ||||||
|         "mount_id": 1, |  | ||||||
|         "mount_point": "\/Jitsi Record", |  | ||||||
|         "storage": "\\OC\\Files\\Storage\\Local", |  | ||||||
|         "authentication_type": "null::null", |  | ||||||
|         "configuration": { |  | ||||||
|             "datadir": "\/var\/jbrecord" |  | ||||||
|         }, |  | ||||||
|         "options": { |  | ||||||
|             "encrypt": true, |  | ||||||
|             "previews": true, |  | ||||||
|             "enable_sharing": false, |  | ||||||
|             "filesystem_check_changes": 1, |  | ||||||
|             "encoding_compatibility": false, |  | ||||||
|             "readonly": false, |  | ||||||
|             "enable_sharing": true |  | ||||||
|         }, |  | ||||||
|         "applicable_users": [], |  | ||||||
|         "applicable_groups": [ |  | ||||||
|             "admin" |  | ||||||
|         ] |  | ||||||
|     } |  | ||||||
| ] |  | ||||||
|  | @ -1,24 +0,0 @@ | ||||||
| -- Promotes to owner (real moderator) if the JWT has context.user.moderator = true |  | ||||||
| local util = module:require "util" |  | ||||||
| local is_admin = util.is_admin |  | ||||||
| local is_healthcheck_room = util.is_healthcheck_room |  | ||||||
| 
 |  | ||||||
| -- When a participant enters the room: |  | ||||||
| module:hook('muc-occupant-joined', function (event) |  | ||||||
|     local room, occupant, session = event.room, event.occupant, event.origin |  | ||||||
| 
 |  | ||||||
|     -- Ignores focus/healthcheck/etc. |  | ||||||
|     if is_healthcheck_room(room.jid) or is_admin(occupant.bare_jid) then |  | ||||||
|         return |  | ||||||
|     end |  | ||||||
| 
 |  | ||||||
|     -- Requires moderator token and claim (accepts boolean or string "true") |  | ||||||
|     local user = session and session.jitsi_meet_context_user |  | ||||||
|     local has_token = session and session.auth_token |  | ||||||
|     local wants_mod = user and (user.moderator == true or user.moderator == "true") |  | ||||||
| 
 |  | ||||||
|     if has_token and wants_mod then |  | ||||||
|         -- Assign owner affiliation -> Jicofo will see you as moderator |  | ||||||
|         room:set_affiliation(true, occupant.bare_jid, 'owner') |  | ||||||
|     end |  | ||||||
| end, 1) |  | ||||||
|  | @ -1,177 +0,0 @@ | ||||||
| # Nextcloud 28 nginx - configuration |  | ||||||
| upstream php-handler { |  | ||||||
|     #server 127.0.0.1:9000; |  | ||||||
|     server unix:/run/php/php_PHPVER-fpm.sock; |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| # Set the `immutable` cache control options only for assets with a cache busting `v` argument |  | ||||||
| map $arg_v $asset_immutable { |  | ||||||
|     "" ""; |  | ||||||
|     default "immutable"; |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| server { |  | ||||||
|     listen 80; |  | ||||||
|     listen [::]:80; |  | ||||||
|     server_name _NC_DOMAIN; |  | ||||||
|     # enforce https |  | ||||||
|     return 301 https://\$server_name\$request_uri; |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| server { |  | ||||||
|     listen _NC_NGINX_SSL_PORT ssl http2; |  | ||||||
|     listen [::]:_NC_NGINX_SSL_PORT ssl http2; |  | ||||||
|     server_name _NC_DOMAIN; |  | ||||||
| 
 |  | ||||||
|     # Path to the root of your installation |  | ||||||
|     root _NC_PATH/; |  | ||||||
| 
 |  | ||||||
|     ssl_certificate /etc/letsencrypt/live/_NC_DOMAIN/fullchain.pem; |  | ||||||
|     ssl_certificate_key /etc/letsencrypt/live/_NC_DOMAIN/privkey.pem; |  | ||||||
| 
 |  | ||||||
|     # Prevent nginx HTTP Server Detection |  | ||||||
|     server_tokens off; |  | ||||||
| 
 |  | ||||||
|     # HSTS settings |  | ||||||
|     # WARNING: Only add the preload option once you read about |  | ||||||
|     # the consequences in https://hstspreload.org/. This option |  | ||||||
|     # will add the domain to a hardcoded list that is shipped |  | ||||||
|     # in all major browsers and getting removed from this list |  | ||||||
|     # could take several months. |  | ||||||
|     #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" always; |  | ||||||
| 
 |  | ||||||
|     # set max upload size and increase upload timeout: |  | ||||||
|     client_max_body_size 512M; |  | ||||||
|     client_body_timeout 300s; |  | ||||||
|     fastcgi_buffers 64 4K; |  | ||||||
| 
 |  | ||||||
|     # Enable gzip but do not remove ETag headers |  | ||||||
|     gzip on; |  | ||||||
|     gzip_vary on; |  | ||||||
|     gzip_comp_level 4; |  | ||||||
|     gzip_min_length 256; |  | ||||||
|     gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; |  | ||||||
|     gzip_types application/atom+xml text/javascript application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; |  | ||||||
| 
 |  | ||||||
|     # Pagespeed is not supported by Nextcloud, so if your server is built |  | ||||||
|     # with the `ngx_pagespeed` module, uncomment this line to disable it. |  | ||||||
|     #pagespeed off; |  | ||||||
| 
 |  | ||||||
|     # The settings allows you to optimize the HTTP2 bandwidth. |  | ||||||
|     # See https://blog.cloudflare.com/delivering-http-2-upload-speed-improvements/ |  | ||||||
|     # for tuning hints |  | ||||||
|     client_body_buffer_size 512k; |  | ||||||
| 
 |  | ||||||
|     # HTTP response headers borrowed from Nextcloud `.htaccess` |  | ||||||
|     add_header Referrer-Policy                   "no-referrer"       always; |  | ||||||
|     add_header X-Content-Type-Options            "nosniff"           always; |  | ||||||
|     add_header X-Frame-Options                   "SAMEORIGIN"        always; |  | ||||||
|     add_header X-Permitted-Cross-Domain-Policies "none"              always; |  | ||||||
|     add_header X-Robots-Tag                      "noindex, nofollow" always; |  | ||||||
|     add_header X-XSS-Protection                  "1; mode=block"     always; |  | ||||||
| 
 |  | ||||||
|     # Remove X-Powered-By, which is an information leak |  | ||||||
|     fastcgi_hide_header X-Powered-By; |  | ||||||
| 
 |  | ||||||
|     # Specify how to handle directories -- specifying `/index.php$request_uri` |  | ||||||
|     # here as the fallback means that Nginx always exhibits the desired behaviour |  | ||||||
|     # when a client requests a path that corresponds to a directory that exists |  | ||||||
|     # on the server. In particular, if that directory contains an index.php file, |  | ||||||
|     # that file is correctly served; if it doesn't, then the request is passed to |  | ||||||
|     # the front-end controller. This consistent behaviour means that we don't need |  | ||||||
|     # to specify custom rules for certain paths (e.g. images and other assets, |  | ||||||
|     # `/updater`, `/ocs-provider`), and thus |  | ||||||
|     # `try_files $uri $uri/ /index.php$request_uri` |  | ||||||
|     # always provides the desired behaviour. |  | ||||||
|     index index.php index.html /index.php$request_uri; |  | ||||||
| 
 |  | ||||||
|     # Rule borrowed from `.htaccess` to handle Microsoft DAV clients |  | ||||||
|     location = / { |  | ||||||
|         if ( $http_user_agent ~ ^DavClnt ) { |  | ||||||
|             return 302 /remote.php/webdav/$is_args$args; |  | ||||||
|         } |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     location = /robots.txt { |  | ||||||
|         allow all; |  | ||||||
|         log_not_found off; |  | ||||||
|         access_log off; |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     # Make a regex exception for `/.well-known` so that clients can still |  | ||||||
|     # access it despite the existence of the regex rule |  | ||||||
|     # `location ~ /(\.|autotest|...)` which would otherwise handle requests |  | ||||||
|     # for `/.well-known`. |  | ||||||
|     location ^~ /.well-known { |  | ||||||
|         # The rules in this block are an adaptation of the rules |  | ||||||
|         # in `.htaccess` that concern `/.well-known`. |  | ||||||
| 
 |  | ||||||
|         location = /.well-known/carddav { return 301 /remote.php/dav/; } |  | ||||||
|         location = /.well-known/caldav  { return 301 /remote.php/dav/; } |  | ||||||
| 
 |  | ||||||
|         location /.well-known/acme-challenge    { try_files $uri $uri/ =404; } |  | ||||||
|         location /.well-known/pki-validation    { try_files $uri $uri/ =404; } |  | ||||||
| 
 |  | ||||||
|         # Let Nextcloud's API for `/.well-known` URIs handle all other |  | ||||||
|         # requests by passing them to the front-end controller. |  | ||||||
|         return 301 /index.php$request_uri; |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     # Rules borrowed from `.htaccess` to hide certain paths from clients |  | ||||||
|     location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/)  { return 404; } |  | ||||||
|     location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console)                { return 404; } |  | ||||||
| 
 |  | ||||||
|     # Ensure this block, which passes PHP files to the PHP process, is above the blocks |  | ||||||
|     # which handle static assets (as seen below). If this block is not declared first, |  | ||||||
|     # then Nginx will encounter an infinite rewriting loop when it prepends `/index.php` |  | ||||||
|     # to the URI, resulting in a HTTP 500 error response. |  | ||||||
|     location ~ \.php(?:$|/) { |  | ||||||
|         # Required for legacy support |  | ||||||
|         rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri; |  | ||||||
| 
 |  | ||||||
|         fastcgi_split_path_info ^(.+?\.php)(/.*)$; |  | ||||||
|         set $path_info $fastcgi_path_info; |  | ||||||
| 
 |  | ||||||
|         try_files $fastcgi_script_name =404; |  | ||||||
| 
 |  | ||||||
|         include fastcgi_params; |  | ||||||
|         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; |  | ||||||
|         fastcgi_param PATH_INFO $path_info; |  | ||||||
|         fastcgi_param HTTPS on; |  | ||||||
| 
 |  | ||||||
|         fastcgi_param modHeadersAvailable true;         # Avoid sending the security headers twice |  | ||||||
|         fastcgi_param front_controller_active true;     # Enable pretty urls |  | ||||||
|         fastcgi_pass php-handler; |  | ||||||
| 
 |  | ||||||
|         fastcgi_intercept_errors on; |  | ||||||
|         fastcgi_request_buffering off; |  | ||||||
| 
 |  | ||||||
|         fastcgi_max_temp_file_size 0; |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     # Serve static files |  | ||||||
|     location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map|ogg|flac)$ { |  | ||||||
|         try_files $uri /index.php$request_uri; |  | ||||||
|         add_header Cache-Control "public, max-age=15778463, $asset_immutable"; |  | ||||||
|         access_log off;     # Optional: Don't log access to assets |  | ||||||
| 
 |  | ||||||
|         location ~ \.wasm$ { |  | ||||||
|             default_type application/wasm; |  | ||||||
|         } |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     location ~ \.woff2?$ { |  | ||||||
|         try_files $uri /index.php$request_uri; |  | ||||||
|         expires 7d;         # Cache-Control policy borrowed from `.htaccess` |  | ||||||
|         access_log off;     # Optional: Don't log access to assets |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     # Rule borrowed from `.htaccess` |  | ||||||
|     location /remote { |  | ||||||
|         return 301 /remote.php$request_uri; |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     location / { |  | ||||||
|         try_files $uri $uri/ /index.php$request_uri; |  | ||||||
|     } |  | ||||||
| } |  | ||||||
							
								
								
									
										278
									
								
								grafana.sh
								
								
								
								
							
							
						
						
									
										278
									
								
								grafana.sh
								
								
								
								
							|  | @ -1,278 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # Grafana Installer for Jitsi Meet |  | ||||||
| # |  | ||||||
| # Based on: |  | ||||||
| # - https://community.jitsi.org/t/38696 |  | ||||||
| # by Igor Kerstges |  | ||||||
| # - https://grafana.com/grafana/dashboards/11969 |  | ||||||
| # by "mephisto" |  | ||||||
| # |  | ||||||
| # Igor Kerstges © - 2021 |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
|     set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| if ! [ "$(id -u)" = 0 ]; then |  | ||||||
|    echo "You need to be root or have sudo privileges!" |  | ||||||
|    exit 0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| clear |  | ||||||
| echo ' |  | ||||||
| ######################################################################## |  | ||||||
|                       Grafana Dashboard addon |  | ||||||
| ######################################################################## |  | ||||||
|                     by Software, IT & Networks Ltd |  | ||||||
| ' |  | ||||||
| run_service() { |  | ||||||
| systemctl enable "$1" |  | ||||||
| systemctl restart "$1" |  | ||||||
| systemctl status "$1" |  | ||||||
| } |  | ||||||
| test_match() { |  | ||||||
|     if grep -q "$1" "$2" ; then |  | ||||||
|         echo "$(basename "$2") - OK..." |  | ||||||
|     else |  | ||||||
|         echo "$(basename "$2"), FAIL..." |  | ||||||
|         echo "Please report this to https://forge.switnet.net/switnet/quick-jibri-installer" |  | ||||||
|         exit |  | ||||||
|     fi |  | ||||||
| } |  | ||||||
| MAIN_TEL="/etc/telegraf/telegraf.conf" |  | ||||||
| TEL_JIT="/etc/telegraf/telegraf.d/jitsi.conf" |  | ||||||
| GRAFANA_INI="/etc/grafana/grafana.ini" |  | ||||||
| DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" |  | ||||||
| WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf" |  | ||||||
| WS_MATCH1="# ensure all static content can always be found first" |  | ||||||
| WS_MATCH2="upstream prosody {" |  | ||||||
| GRAFANA_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)" |  | ||||||
| 
 |  | ||||||
| # Min requirements |  | ||||||
| apt-get update && \ |  | ||||||
| apt-get install -y gnupg2 \ |  | ||||||
|                    curl \ |  | ||||||
|                    wget \ |  | ||||||
|                    jq |  | ||||||
| 
 |  | ||||||
| # Make sure we can rely on the match strings. |  | ||||||
| printf "> Testing match strings on config files.\n" |  | ||||||
| test_match "$WS_MATCH1" "$WS_CONF" |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| # Setup InfluxDB Packages |  | ||||||
| " |  | ||||||
| curl -s https://repos.influxdata.com/influxdata-archive.key > \ |  | ||||||
|     /etc/apt/trusted.gpg.d/influxdata-archive.key |  | ||||||
| echo "deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive.key] https://repos.influxdata.com/debian buster stable" | \ |  | ||||||
|     sudo tee /etc/apt/sources.list.d/influxdb.list |  | ||||||
| apt-get update && apt-get install influxdb -y |  | ||||||
| run_service influxdb |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| #  Setup Grafana Packages |  | ||||||
| " |  | ||||||
| curl -s https://apt.grafana.com/gpg-full.key | \ |  | ||||||
| gpg --dearmor | tee /etc/apt/trusted.gpg.d/grafana-full-key.gpg  >/dev/null |  | ||||||
| echo "deb https://packages.grafana.com/oss/deb stable main" | \ |  | ||||||
|     sudo tee /etc/apt/sources.list.d/grafana_com_oss_deb.list |  | ||||||
| apt-get update && apt-get install grafana -y |  | ||||||
| run_service grafana-server |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| # Setup Telegraf Packages |  | ||||||
| " |  | ||||||
| apt-get update && apt-get install telegraf -y |  | ||||||
| mv /etc/telegraf/telegraf.conf /etc/telegraf/telegraf.conf.original |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| # Setup Telegraf config files |  | ||||||
| " |  | ||||||
| cat << TELEGRAF > $MAIN_TEL |  | ||||||
| [global_tags] |  | ||||||
| 
 |  | ||||||
| ############################################################################### |  | ||||||
| #                                  GLOBAL                                     # |  | ||||||
| ############################################################################### |  | ||||||
| 
 |  | ||||||
| [agent] |  | ||||||
|     interval = "10s" |  | ||||||
|     debug = false |  | ||||||
|     hostname = "localhost" |  | ||||||
|     round_interval = true |  | ||||||
|     flush_interval = "10s" |  | ||||||
|     flush_jitter = "0s" |  | ||||||
|     collection_jitter = "0s" |  | ||||||
|     metric_batch_size = 1000 |  | ||||||
|     metric_buffer_limit = 10000 |  | ||||||
|     quiet = false |  | ||||||
|     logfile = "" |  | ||||||
|     omit_hostname = false |  | ||||||
| 
 |  | ||||||
| TELEGRAF |  | ||||||
| 
 |  | ||||||
| cat << JITSI_TELEGRAF > $TEL_JIT |  | ||||||
| ############################################################################### |  | ||||||
| #                                  INPUTS                                     # |  | ||||||
| ############################################################################### |  | ||||||
| 
 |  | ||||||
| [[inputs.http]] |  | ||||||
|     name_override = "jitsi_stats" |  | ||||||
|     urls = [ |  | ||||||
|       "http://localhost:8080/colibri/stats" |  | ||||||
|     ] |  | ||||||
| 
 |  | ||||||
|     data_format = "json" |  | ||||||
| 
 |  | ||||||
| ############################################################################### |  | ||||||
| #                                  OUTPUTS                                    # |  | ||||||
| ############################################################################### |  | ||||||
| 
 |  | ||||||
| [[outputs.influxdb]] |  | ||||||
|     urls = ["http://localhost:8086"] |  | ||||||
|     database = "jitsi" |  | ||||||
|     timeout = "0s" |  | ||||||
|     retention_policy = "" |  | ||||||
| 
 |  | ||||||
| JITSI_TELEGRAF |  | ||||||
| 
 |  | ||||||
| run_service telegraf |  | ||||||
| 
 |  | ||||||
| echo -e "\n# Setup videobridge  options\n" |  | ||||||
| echo ' |  | ||||||
| # extra options to pass to the JVB daemon |  | ||||||
| JVB_OPTS="--apis=rest,xmpp"' >>  /etc/jitsi/videobridge/config |  | ||||||
| sed -i "s|TRANSPORT=muc|TRANSPORT=muc,colibri|" /etc/jitsi/videobridge/sip-communicator.properties |  | ||||||
| # Enable videobridge REST API |  | ||||||
| hocon -f /etc/jitsi/videobridge/jvb.conf set videobridge.apis.rest.enabled true |  | ||||||
| systemctl restart jitsi-videobridge2 |  | ||||||
| 
 |  | ||||||
| echo -e "\n# Setup Grafana nginx domain\n" |  | ||||||
| sed -i "s|;protocol =.*|protocol = http|" $GRAFANA_INI |  | ||||||
| sed -i "s|;http_addr =.*|http_addr = 127.0.0.1|" $GRAFANA_INI |  | ||||||
| sed -i "s|;http_port =.*|http_port = 3000|" $GRAFANA_INI |  | ||||||
| sed -i "s|;domain =.*|domain = $DOMAIN|" $GRAFANA_INI |  | ||||||
| sed -i "s|;enforce_domain =.*|enforce_domain = false|" $GRAFANA_INI |  | ||||||
| sed -i "s|;root_url =.*|root_url = http://$DOMAIN:3000/grafana/|" $GRAFANA_INI |  | ||||||
| sed -i "s|;serve_from_sub_path =.*|serve_from_sub_path = true|" $GRAFANA_INI |  | ||||||
| sed -i "s|;allow_sign_up =.*|allow_sign_up = false|" $GRAFANA_INI |  | ||||||
| 
 |  | ||||||
| systemctl restart grafana-server |  | ||||||
| echo "Waiting for Grafana to load..." |  | ||||||
| secs=$((10)) |  | ||||||
| while [ $secs -gt 0 ]; do |  | ||||||
|    echo -ne "$secs\033[0K\r" |  | ||||||
|    sleep 1 |  | ||||||
|    : $((secs--)) |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| if [ -f "$WS_CONF" ]; then |  | ||||||
|     echo "> Setting up webserver configuration file..." |  | ||||||
|     sed -i "/$WS_MATCH1/i \ \ \ \ # Proxy Grafana." "$WS_CONF" |  | ||||||
|     sed -i "/$WS_MATCH1/i \ \ \ \ location ~ ^/(grafana/|grafana/login) {" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_pass http://grafana;" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_MATCH1/i \ \ \ \ # Proxy Grafana Live WebSocket connections." "$WS_CONF" |  | ||||||
|     sed -i "/$WS_MATCH1/i \ \ \ \ location /grafana/api/live/ {" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Upgrade \$http_upgrade;" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Connection \$connection_upgrade;" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_pass http://grafana;" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF" |  | ||||||
|     if ! grep -q 'map $http_upgrade $connection_upgrade' "$WS_CONF"; then |  | ||||||
|         echo "  > Setting mapping upgrade connection." |  | ||||||
|         sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections or Etherpad" "$WS_CONF" |  | ||||||
|         sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF" |  | ||||||
|         sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF" |  | ||||||
|         sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF" |  | ||||||
|         sed -i "/$WS_MATCH2/i }" "$WS_CONF" |  | ||||||
|     else |  | ||||||
|         echo "  > Upgrade connection mapping already setup." |  | ||||||
|     fi |  | ||||||
|     sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_MATCH2/i upstream grafana {" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_MATCH2/i \ \ server localhost:3000;" "$WS_CONF" |  | ||||||
|     sed -i "/$WS_MATCH2/i }" "$WS_CONF" |  | ||||||
|     systemctl restart nginx |  | ||||||
| else |  | ||||||
|     echo "No app configuration done to server file, please report to: |  | ||||||
|     -> https://forge.switnet.net/switnet/quick-jibri-installer/issues" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| # Setup Grafana credentials. |  | ||||||
| " |  | ||||||
| curl -s -k -u "admin:admin" -X \ |  | ||||||
| PUT -H "Content-Type: application/json;charset=UTF-8" -d \ |  | ||||||
| "{ |  | ||||||
|   \"oldPassword\": \"admin\", |  | ||||||
|   \"newPassword\": \"$GRAFANA_PASS\", |  | ||||||
|   \"confirmNew\": \"$GRAFANA_PASS\" |  | ||||||
| }" http://127.0.0.1:3000/api/user/password; echo "" |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| # Create InfluxDB datasource |  | ||||||
| " |  | ||||||
| curl -s -k -u "admin:$GRAFANA_PASS" -X \ |  | ||||||
| POST -H 'Content-Type: application/json;charset=UTF-8' -d \ |  | ||||||
| '{ |  | ||||||
|     "name": "InfluxDB", |  | ||||||
|     "type": "influxdb", |  | ||||||
|     "url": "http://127.0.0.1:8086", |  | ||||||
|     "access": "proxy", |  | ||||||
|     "isDefault": true, |  | ||||||
|     "database": "jitsi" |  | ||||||
| }' http://127.0.0.1:3000/api/datasources; echo "" |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| # Add Grafana Dashboard |  | ||||||
| " |  | ||||||
| grafana_host="http://127.0.0.1:3000" |  | ||||||
| grafana_cred="admin:$GRAFANA_PASS" |  | ||||||
| grafana_datasource="InfluxDB" |  | ||||||
| ds=(11969); |  | ||||||
| for d in "${ds[@]}"; do |  | ||||||
|   echo "Processing $d: " |  | ||||||
|   j="$(curl -s -k -u "$grafana_cred" "$grafana_host"/api/gnet/dashboards/"$d" | jq .json)" |  | ||||||
|   curl -s -k -u "$grafana_cred" -XPOST -H "Accept: application/json" \ |  | ||||||
|     -H "Content-Type: application/json" \ |  | ||||||
|     -d "{ |  | ||||||
|     \"dashboard\": $j, |  | ||||||
|     \"overwrite\": true, |  | ||||||
|     \"inputs\": [{ |  | ||||||
|         \"name\": \"DS_INFLUXDB\", |  | ||||||
|         \"type\": \"datasource\", |  | ||||||
|         \"pluginId\": \"influxdb\", |  | ||||||
|         \"value\": \"$grafana_datasource\" |  | ||||||
|         }] |  | ||||||
|     }" $grafana_host/api/dashboards/import; echo "" |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| Go check: |  | ||||||
| 
 |  | ||||||
| >>    http://$DOMAIN/grafana/ |  | ||||||
| 
 |  | ||||||
| (emphasis on the trailing \"/\") to review configuration and dashboards. |  | ||||||
| 
 |  | ||||||
| User: admin |  | ||||||
| Password: $GRAFANA_PASS |  | ||||||
| 
 |  | ||||||
| Please save it somewhere safe. |  | ||||||
| " |  | ||||||
| read -n 1 -s -r -p "Press any key to continue..."$'\n' |  | ||||||
										
											Binary file not shown.
										
									
								
							| Before Width: | Height: | Size: 16 KiB | 
										
											Binary file not shown.
										
									
								
							| Before Width: | Height: | Size: 326 B | 
										
											Binary file not shown.
										
									
								
							| Before Width: | Height: | Size: 2.0 KiB | 
										
											Binary file not shown.
										
									
								
							| Before Width: | Height: | Size: 169 B | 
|  | @ -1 +0,0 @@ | ||||||
| <?xml version="1.0" encoding="UTF-8"?><svg xmlns="http://www.w3.org/2000/svg" width="1" height="1"/> |  | ||||||
| Before Width: | Height: | Size: 100 B | 
|  | @ -1,141 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems. |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
|     set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| if ! [ "$(id -u)" = 0 ]; then |  | ||||||
|    echo "You need to be root or have sudo privileges!" |  | ||||||
|    exit 0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| exit_if_not_installed() { |  | ||||||
| if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then |  | ||||||
|     echo " This instance doesn't have $1 installed, exiting..." |  | ||||||
|     echo " If you think this is an error, please report to: |  | ||||||
|     -> https://forge.switnet.net/switnet/quick-jibri-installer/issues " |  | ||||||
|     exit |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| clear |  | ||||||
| echo '' |  | ||||||
| echo '########################################################################' |  | ||||||
| echo '                       Jigasi Transcript addon' |  | ||||||
| echo '########################################################################' |  | ||||||
| echo '                    by Software, IT & Networks Ltd' |  | ||||||
| echo '' |  | ||||||
| 
 |  | ||||||
| exit_if_not_installed jitsi-meet |  | ||||||
| 
 |  | ||||||
| DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" |  | ||||||
| JIG_TRANSC_PASWD="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 16 | head -n1)" |  | ||||||
| JIG_SIP_PROP="/etc/jitsi/jigasi/sip-communicator.properties" |  | ||||||
| export DOMAIN |  | ||||||
| export JIG_TRANSC_PASWD |  | ||||||
| 
 |  | ||||||
| apt-get -q2 update |  | ||||||
| 
 |  | ||||||
| # Disable SIP account prompt by default |  | ||||||
| echo "jigasi	jigasi/sip-account	string	''" | debconf-set-selections |  | ||||||
| echo "jigasi	jigasi/sip-password	password	''" | debconf-set-selections |  | ||||||
| 
 |  | ||||||
| echo "Installing Jigasi, SIP configuration disabled by default." |  | ||||||
| apt-get -y install gettext-base jigasi docker.io |  | ||||||
| 
 |  | ||||||
| echo "Please select a language for the VOSK transcription model:" |  | ||||||
| echo "1) Chinese" |  | ||||||
| echo "2) English" |  | ||||||
| echo "3) French" |  | ||||||
| echo "4) German" |  | ||||||
| echo "5) Hindi" |  | ||||||
| echo "6) Japanese" |  | ||||||
| echo "7) Russian" |  | ||||||
| echo "8) Spanish" |  | ||||||
| 
 |  | ||||||
| read -p "Enter the number corresponding to your language choice: " -r lang_choice |  | ||||||
| 
 |  | ||||||
| case $lang_choice in |  | ||||||
|     1) |  | ||||||
|         echo "You selected Chinese." |  | ||||||
|         VOSK_DOCKER_MODEL="alphacep/kaldi-cn" |  | ||||||
|         ;; |  | ||||||
|     2) |  | ||||||
|         echo "You selected English." |  | ||||||
|         VOSK_DOCKER_MODEL="alphacep/kaldi-en" |  | ||||||
|         ;; |  | ||||||
|     3) |  | ||||||
|         echo "You selected French." |  | ||||||
|         VOSK_DOCKER_MODEL="alphacep/kaldi-fr" |  | ||||||
|         ;; |  | ||||||
|     4) |  | ||||||
|         echo "You selected German." |  | ||||||
|         VOSK_DOCKER_MODEL="alphacep/kaldi-de" |  | ||||||
|         ;; |  | ||||||
|     5) |  | ||||||
|         echo "You selected Hindi." |  | ||||||
|         VOSK_DOCKER_MODEL="alphacep/kaldi-hi" |  | ||||||
|         ;; |  | ||||||
|     6) |  | ||||||
|         echo "You selected Japanese." |  | ||||||
|         VOSK_DOCKER_MODEL="alphacep/kaldi-ja" |  | ||||||
|         ;; |  | ||||||
|     7) |  | ||||||
|         echo "You selected Russian." |  | ||||||
|         VOSK_DOCKER_MODEL="alphacep/kaldi-ru" |  | ||||||
|         ;; |  | ||||||
|     8) |  | ||||||
|         echo "You selected Spanish." |  | ||||||
|         VOSK_DOCKER_MODEL="alphacep/kaldi-es" |  | ||||||
|         ;; |  | ||||||
|     *) |  | ||||||
|         echo "Invalid selection. Please choose a number between 1 and 8." |  | ||||||
|         ;; |  | ||||||
| esac |  | ||||||
| 
 |  | ||||||
| # Running selected VOSK docker model. |  | ||||||
| docker run -d --restart always -p 2700:2700 ${VOSK_DOCKER_MODEL}:latest |  | ||||||
| 
 |  | ||||||
| echo "Setting up Jigasi transcript with current platform..." |  | ||||||
| 
 |  | ||||||
| # Jitsi Meet |  | ||||||
| echo "> Patching Jitsi Meet's config.js for Transcription support." |  | ||||||
| echo "  Read more at patches/jigasi/001-jigasi-meet-config.patch file" |  | ||||||
| envsubst < patches/jigasi/001-jigasi-meet-config.patch | \ |  | ||||||
|   patch --no-backup-if-mismatch -d / -p1 |  | ||||||
| 
 |  | ||||||
| # Jigasi |  | ||||||
| echo "> Patching jigasi's sip-communicator.properties configuration." |  | ||||||
| echo "  Read more at patches/jigasi/002-jigasi-sip-properties.patch file" |  | ||||||
| cp "$JIG_SIP_PROP" ${JIG_SIP_PROP}-dpkg-file |  | ||||||
| envsubst < patches/jigasi/002-jigasi-sip-properties.patch | \ |  | ||||||
|   patch --no-backup-if-mismatch -d / -p1 |  | ||||||
| 
 |  | ||||||
| # Create transcribe user on hidden domain. |  | ||||||
| prosodyctl register transcriber recorder."$DOMAIN" "$JIG_TRANSC_PASWD" |  | ||||||
| 
 |  | ||||||
| # Restart services. |  | ||||||
| systemctl restart prosody \ |  | ||||||
|                   jicofo \ |  | ||||||
|                   jigasi \ |  | ||||||
|                   jibri* \ |  | ||||||
|                   jitsi-videobridge2 |  | ||||||
| 
 |  | ||||||
| echo "" |  | ||||||
| echo "Full transcript files are available at:" |  | ||||||
| echo "--> /var/lib/jigasi/transcripts/" |  | ||||||
| echo "" |  | ||||||
| echo "Happy transcripting!" |  | ||||||
| echo "" |  | ||||||
							
								
								
									
										302
									
								
								jitsi-updater.sh
								
								
								
								
							
							
						
						
									
										302
									
								
								jitsi-updater.sh
								
								
								
								
							|  | @ -1,302 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # Jitsi Meet recurring upgrader and customization keeper |  | ||||||
| # for Debian/*buntu binaries. |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GNU GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
|     set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| if ! [ "$(id -u)" = 0 ]; then |  | ||||||
|    echo "You need to be root or have sudo privileges!" |  | ||||||
|    exit 0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| Blue='\e[0;34m' |  | ||||||
| Purple='\e[0;35m' |  | ||||||
| Red='\e[0;31m' |  | ||||||
| Green='\e[0;32m' |  | ||||||
| Yellow='\e[0;33m' |  | ||||||
| Color_Off='\e[0m' |  | ||||||
| printwc() { |  | ||||||
|     printf "%b$2%b" "$1" "${Color_Off}" |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| if [ ! -f jm-bm.sh ]; then |  | ||||||
|     echo "Please check that you are running the jitsi updater while being on the project folder" |  | ||||||
|     echo "other wise the updater might have errors or be incomplete. Exiting..." |  | ||||||
|     exit |  | ||||||
| fi |  | ||||||
| support="https://switnet.net/support" |  | ||||||
| apt_repo="/etc/apt/sources.list.d" |  | ||||||
| ENABLE_BLESSM="TBD" |  | ||||||
| G_CHROME=$(apt-cache madison google-chrome-stable|awk '{print$3}'|cut -d. -f1-3) |  | ||||||
| CHROMELAB_URL="https://googlechromelabs.github.io/chrome-for-testing" |  | ||||||
| CHD_LTST_DWNL=$(curl -s $CHROMELAB_URL/known-good-versions-with-downloads.json | \ |  | ||||||
|                 jq -r ".versions[].downloads.chromedriver | select(. != null) | .[].url" | \ |  | ||||||
|                 grep linux64 | grep "$G_CHROME" | tail -1) |  | ||||||
| CHD_LTST=$(awk -F '/' '{print$7}' <<< "$CHD_LTST_DWNL") |  | ||||||
| CHD_LTST_2D="$(cut -d "." -f 1,2 <<<  "$CHD_LTST")" |  | ||||||
| CHDB="$(whereis chromedriver | awk '{print$2}')" |  | ||||||
| if [ -d /etc/prosody/conf.d/ ]; then |  | ||||||
| DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua | \ |  | ||||||
|           awk -F'.cfg' '!/localhost/{print $1}' | xargs basename)" |  | ||||||
| else |  | ||||||
|     echo -e "Seems no prosody is installed...\n  > is this a jibri node?" |  | ||||||
| fi |  | ||||||
| NC_DOMAIN="TBD" |  | ||||||
| JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf" |  | ||||||
| if [ -f "$JITSI_MEET_PROXY" ];then |  | ||||||
| PREAD_PROXY="$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" -f1)" |  | ||||||
| fi |  | ||||||
| INT_CONF="/usr/share/jitsi-meet/interface_config.js" |  | ||||||
| INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js" |  | ||||||
| read -r -a jibri_packages < <(grep ^Package /var/lib/apt/lists/download.jitsi.org_*_Packages | \ |  | ||||||
|                               sort -u | awk '{print $2}' | xargs) |  | ||||||
| AVATAR="$(grep -r avatar /etc/nginx/sites-*/ 2>/dev/null)" |  | ||||||
| if [ -f "$apt_repo"/google-chrome.list ]; then |  | ||||||
| read -r -a google_package < <(grep ^Package /var/lib/apt/lists/dl.google.com_*_Packages | \ |  | ||||||
|                               sort -u | awk '{print $2}' | xargs) |  | ||||||
| else |  | ||||||
|     echo "Seems no Google repo installed" |  | ||||||
| fi |  | ||||||
| if [ -f "$apt_repo"/nodesource.list ]; then |  | ||||||
| read -r -a nodejs_package < <(grep ^Package /var/lib/apt/lists/deb.nodesource.com_node*_Packages | \ |  | ||||||
|                               sort -u | awk '{print $2}' | xargs) |  | ||||||
| else |  | ||||||
|     echo "Seems no nodejs repo installed" |  | ||||||
| fi |  | ||||||
| # True if $1 is greater than $2 |  | ||||||
| version_gt() { dpkg --compare-versions "$1" gt "$2"; } |  | ||||||
| 
 |  | ||||||
| restart_jibri() { |  | ||||||
| if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ] |  | ||||||
| then |  | ||||||
|     systemctl restart jibri |  | ||||||
|     systemctl restart jibri-icewm |  | ||||||
|     systemctl restart jibri-xorg |  | ||||||
| else |  | ||||||
|     echo "Jibri service not installed" |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| # Restarting services |  | ||||||
| restart_services() { |  | ||||||
|     systemctl restart jitsi-videobridge2 |  | ||||||
|     systemctl restart jicofo |  | ||||||
|     restart_jibri |  | ||||||
|     systemctl restart prosody |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| update_jitsi_repo() { |  | ||||||
|     apt-get update -o Dir::Etc::sourcelist="sources.list.d/jitsi-$1.list" \ |  | ||||||
|         -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" |  | ||||||
|     apt-get install -q2 --only-upgrade <<< printf "${jibri_packages[@]}" |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| update_google_repo() { |  | ||||||
|     if [ -f "$apt_repo"/google-chrome.list ]; then |  | ||||||
|     apt-get update -o Dir::Etc::sourcelist="sources.list.d/google-chrome.list" \ |  | ||||||
|         -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" |  | ||||||
|     apt-get install -q2 --only-upgrade <<< printf "${google_package[@]}" |  | ||||||
|     else |  | ||||||
|         echo "No Google repository found" |  | ||||||
|     fi |  | ||||||
| 	if [ -z "$CHDB" ]; then |  | ||||||
| 		echo "Seems no chromedriver installed" |  | ||||||
| 	else |  | ||||||
| 		CHD_VER_LOCAL="$($CHDB -v | awk '{print $2}')" |  | ||||||
| 		CHD_VER_2D="$(cut -d. -f1,2 <<< "$CHD_VER_LOCAL")" |  | ||||||
| 	fi |  | ||||||
| } |  | ||||||
| update_nodejs_repo() { |  | ||||||
|     apt-get update -o Dir::Etc::sourcelist="sources.list.d/nodesource.list" \ |  | ||||||
|         -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" |  | ||||||
|     apt-get install -q2 --only-upgrade <<< printf "${nodejs_package[@]}" |  | ||||||
| } |  | ||||||
| check_latest_gc() { |  | ||||||
| printwc "${Purple}" "Checking for Google Chrome\n" |  | ||||||
| if [ -f /usr/bin/google-chrome ]; then |  | ||||||
|     GOOGL_VER_2D="$(/usr/bin/google-chrome --product-version 2>/dev/null | cut -d. -f1,2)" |  | ||||||
| else |  | ||||||
|     printwc "${Yellow}" " -> Seems there is no Google Chrome installed\n" |  | ||||||
|     IS_GLG_CHRM="no" |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| check_latest_gc |  | ||||||
| upgrade_cd() { |  | ||||||
| if [ -n "$GOOGL_VER_2D" ]; then |  | ||||||
|     check_latest_gc |  | ||||||
|     if version_gt "$GOOGL_VER_2D" "$CHD_VER_2D" ; then |  | ||||||
|         echo "Upgrading Chromedriver to Google Chromes version" |  | ||||||
|         if [ -x /usr/bin/google-chrome ]; then |  | ||||||
|             G_CHROME="$(/usr/bin/google-chrome --product-version 2>/dev/null | cut -d. -f1-3)" |  | ||||||
|         fi |  | ||||||
|         CHD_LTST_DWNL=$(curl -s $CHROMELAB_URL/known-good-versions-with-downloads.json | \ |  | ||||||
|                         jq -r ".versions[].downloads.chromedriver | select(. != null) | .[].url" | \ |  | ||||||
|                         grep linux64 | grep "$G_CHROME" | tail -1) |  | ||||||
|         CHD_LTST=$(awk -F '/' '{print$7}' <<< "$CHD_LTST_DWNL") |  | ||||||
|         CHD_LTST_2D="$(cut -d. -f1,2 <<< "$CHD_LTST")" |  | ||||||
|         wget -q "$CHD_LTST_DWNL" \ |  | ||||||
|              -O /tmp/chromedriver_linux64.zip |  | ||||||
|         unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/ |  | ||||||
|         mv /usr/local/bin/chromedriver-linux64/chromedriver "$CHDB" |  | ||||||
|         chown root:root "$CHDB" |  | ||||||
|         chmod 0755 "$CHDB" |  | ||||||
|         rm -rf /tpm/chromedriver_linux64.zip |  | ||||||
|         printf "Current version: " |  | ||||||
|         printwc "$Green" "$($CHDB -v | awk '{print $2}' | cut -d. -f1,2)" |  | ||||||
|         echo -e " (latest available)\n" |  | ||||||
|     elif [ "$GOOGL_VER_2D" = "$CHD_LTST_2D" ]; then |  | ||||||
|         echo "No need to upgrade Chromedriver" |  | ||||||
|         printf "Current version: " |  | ||||||
|         printwc "$Green" "$CHD_VER_2D\n" |  | ||||||
|     fi |  | ||||||
| else |  | ||||||
|   printwc "${Yellow}" " -> No Google Chrome versión to match, leaving untouched.\n" |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| check_lst_cd() { |  | ||||||
| printwc "${Purple}" "Checking for the latest Chromedriver\n" |  | ||||||
| if [ -f "$CHDB" ]; then |  | ||||||
|     printf "Current installed Chromedriver: " |  | ||||||
|     printwc "${Yellow}" "$CHD_VER_2D\n" |  | ||||||
|     printf "Current installed Google Chrome: " |  | ||||||
|     printwc "${Green}" "$GOOGL_VER_2D\n" |  | ||||||
|     upgrade_cd |  | ||||||
| else |  | ||||||
|     printwc "${Yellow}" " -> Seems there is no Chromedriver installed\n" |  | ||||||
|     IS_CHDB="no" |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| printwc "${Blue}" "Update & upgrade Jitsi and components\n" |  | ||||||
| if [ -f "$apt_repo"/jitsi-unstable.list ]; then |  | ||||||
|     update_jitsi_repo unstable |  | ||||||
|     update_google_repo |  | ||||||
|     check_lst_cd |  | ||||||
| elif [ -f "$apt_repo"/jitsi-stable.list ]; then |  | ||||||
|     update_jitsi_repo stable |  | ||||||
|     update_google_repo |  | ||||||
|     check_lst_cd |  | ||||||
| else |  | ||||||
|     echo "Please check your repositories, something is not right." |  | ||||||
|     exit 1 |  | ||||||
| fi |  | ||||||
| printwc "${Blue}" "Check for supported nodejs LTS version" |  | ||||||
| if version_gt "14" "$(dpkg-query -W -f='${Version}' nodejs)"; then |  | ||||||
|     curl -sL https://deb.nodesource.com/setup_14.x | sudo -E bash - |  | ||||||
|     apt-get install -yq2 nodejs |  | ||||||
| else |  | ||||||
|     update_nodejs_repo |  | ||||||
| fi |  | ||||||
| check_if_installed(){ |  | ||||||
| if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then |  | ||||||
|     echo "1" |  | ||||||
| else |  | ||||||
|     echo "0" |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| check_for_jibri_node() { |  | ||||||
| if [ "$(check_if_installed jibri)" = 1 ] && \ |  | ||||||
|    [ "$(check_if_installed jitsi-meet)" = 0 ] && \ |  | ||||||
|    [ "$(check_if_installed prosody)" = 0 ]; then |  | ||||||
|     printwc "${Green}" "\n::: This seems to be a jibri node :::\n" |  | ||||||
| JIBRI_NODE="yes" |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| # Any customization, image, name or link change for any purpose should |  | ||||||
| # be documented here so new updates won't remove those changes. |  | ||||||
| # We divide them on UI changes and branding changes, feel free to adapt |  | ||||||
| # to your needs. |  | ||||||
| # |  | ||||||
| # Please keep in mind that fees for support customization changes may |  | ||||||
| # apply. |  | ||||||
| ######################################################################## |  | ||||||
| #                     User interface changes                           # |  | ||||||
| ######################################################################## |  | ||||||
| #Check for jibri node |  | ||||||
| check_for_jibri_node |  | ||||||
| 
 |  | ||||||
| [ "$JIBRI_NODE" != yes ] && \ |  | ||||||
| if [ -f "$INT_CONF_ETC" ]; then |  | ||||||
|     echo "Static interface_config.js exists, skipping modification..." |  | ||||||
| else |  | ||||||
|     echo "This setup doesn't have a static interface_config.js, checking changes..." |  | ||||||
|     printwc "${Purple}" "========== Setting Static Avatar  ==========\n" |  | ||||||
|     if [ -z "$AVATAR" ]; then |  | ||||||
|         echo "Moving on..." |  | ||||||
|     else |  | ||||||
|         echo "Setting Static Avatar" |  | ||||||
|         sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'http://$DOMAIN/avatar/\'|" "$INT_CONF" |  | ||||||
|         sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" "$INT_CONF" |  | ||||||
|     fi |  | ||||||
|     printwc "${Purple}" "========== Setting Support Link  ==========\n" |  | ||||||
|     if [ -z "$support" ]; then |  | ||||||
|         echo "Moving on..." |  | ||||||
|     else |  | ||||||
|         echo "Setting Support custom link" |  | ||||||
|         sed -i "s|https://jitsi.org/live|$support|g" "$INT_CONF" |  | ||||||
|     fi |  | ||||||
|     printwc "${Purple}" "========== Disable Blur my background  ==========\n" |  | ||||||
|     sed -i "s|'videobackgroundblur', ||" "$INT_CONF" |  | ||||||
| fi |  | ||||||
| if [ "$(check_if_installed openjdk-8-jre-headless)" = 1 ]; then |  | ||||||
|     printwc "${Red}" "\n::: Unsupported OpenJDK JRE version found :::\n" |  | ||||||
|     apt-get install -y openjdk-11-jre-headless |  | ||||||
|     apt-get purge -y openjdk-8-jre-headless |  | ||||||
|     printwc "${Green}" "\n::: Updated to supported OpenJDK JRE version 11 :::\n" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| [ "$JIBRI_NODE" != yes ] && \ |  | ||||||
| if [  "$NC_DOMAIN" != "TBD" ]; then |  | ||||||
| printwc "${Purple}" "========== Enable $NC_DOMAIN for sync client ==========\n" |  | ||||||
|     if [ -f "$JITSI_MEET_PROXY" ] && [ -z "$PREAD_PROXY" ]; then |  | ||||||
|         printf "\n  Setting up Nextcloud domain on Jitsi Meet turn proxy\n\n" |  | ||||||
|         sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" "$JITSI_MEET_PROXY" |  | ||||||
|         sed -i "/server {/i \ \ \ \ \ \ $DOMAIN    web;" "$JITSI_MEET_PROXY" |  | ||||||
|         sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN    web;" "$JITSI_MEET_PROXY" |  | ||||||
|         sed -i "/server {/i \ \ }" "$JITSI_MEET_PROXY" |  | ||||||
|       else |  | ||||||
|         echo "$NC_DOMAIN seems to be on place, skipping..." |  | ||||||
|     fi |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| # Final check & upgrade call. |  | ||||||
| check_lst_cd |  | ||||||
| 
 |  | ||||||
| if [ "$JIBRI_NODE" = "yes" ]; then |  | ||||||
|     restart_jibri |  | ||||||
| else |  | ||||||
|     restart_services |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| if  [ "$JIBRI_NODE" = "yes" ] && \ |  | ||||||
|     [ "$IS_CHDB" = "no" ] && \ |  | ||||||
|     [ "$IS_GLG_CHRM" = "no" ];then |  | ||||||
| printwc "${Red}" "\nBeware: This jibri node seems to be missing important packages.\n" |  | ||||||
| echo " > Googe Chrome" |  | ||||||
| echo " > Chromedriver" |  | ||||||
| fi |  | ||||||
| ######################################################################## |  | ||||||
| #                         Brandless mode                               # |  | ||||||
| ######################################################################## |  | ||||||
| if [ "$ENABLE_BLESSM" = "on" ]; then |  | ||||||
|     if [ "$MODE" = "debug" ]; then |  | ||||||
|         bash "$PWD"/jm-bm.sh -m debug |  | ||||||
|     else |  | ||||||
|         bash "$PWD"/jm-bm.sh |  | ||||||
|     fi |  | ||||||
| fi |  | ||||||
| printwc "${Blue}" "Script completed \o/!\n" |  | ||||||
							
								
								
									
										105
									
								
								jm-bm.sh
								
								
								
								
							
							
						
						
									
										105
									
								
								jm-bm.sh
								
								
								
								
							|  | @ -1,105 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # Jitsi Meet brandless mode |  | ||||||
| # for Debian/*buntu binaries. |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GNU GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
|     set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| if ! [ "$(id -u)" = 0 ]; then |  | ||||||
|    echo "You need to be root or have sudo privileges!" |  | ||||||
|    exit 0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" |  | ||||||
| MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js" |  | ||||||
| CSS_FILE="/usr/share/jitsi-meet/css/all.css" |  | ||||||
| TITLE_FILE="/usr/share/jitsi-meet/title.html" |  | ||||||
| INT_CONF="/usr/share/jitsi-meet/interface_config.js" |  | ||||||
| INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js" |  | ||||||
| BUNDLE_JS="/usr/share/jitsi-meet/libs/app.bundle.min.js" |  | ||||||
| # |  | ||||||
| JM_IMG_PATH="/usr/share/jitsi-meet/images" |  | ||||||
| WTM2_PATH="$JM_IMG_PATH/watermark2.png" |  | ||||||
| WTM2_SVG_PATH="$JM_IMG_PATH/watermark2.svg" |  | ||||||
| FICON_PATH="$JM_IMG_PATH/favicon2.ico" |  | ||||||
| REC_ICON_PATH="$JM_IMG_PATH/gnome_record.png" |  | ||||||
| # |  | ||||||
| APP_NAME="Conferences" |  | ||||||
| MOVILE_APP_NAME="Jitsi Meet" |  | ||||||
| PART_USER="Participant" |  | ||||||
| LOCAL_USER="me" |  | ||||||
| # |  | ||||||
| #SEC_ROOM="TBD" |  | ||||||
| copy_if_not_there() { |  | ||||||
| 	if [ ! -f "$1" ]; then |  | ||||||
|         cp images/"$(echo $1|xargs basename)" "$1" |  | ||||||
|     else |  | ||||||
|         echo "$(echo $1|xargs basename) file exists, skipping copying..." |  | ||||||
|     fi |  | ||||||
| } |  | ||||||
| echo ' |  | ||||||
| #-------------------------------------------------- |  | ||||||
| # Applying Brandless mode |  | ||||||
| #-------------------------------------------------- |  | ||||||
| ' |  | ||||||
| 
 |  | ||||||
| #Watermark |  | ||||||
| copy_if_not_there "$WTM2_PATH" |  | ||||||
| 
 |  | ||||||
| #Watermark svg |  | ||||||
| copy_if_not_there "$WTM2_SVG_PATH" |  | ||||||
| 
 |  | ||||||
| #Favicon |  | ||||||
| copy_if_not_there "$FICON_PATH" |  | ||||||
| 
 |  | ||||||
| #Local recording icon |  | ||||||
| copy_if_not_there "$REC_ICON_PATH" |  | ||||||
| 
 |  | ||||||
| #Custom / Remove icons |  | ||||||
| sed -i "s|watermark.png|watermark2.png|g" "$CSS_FILE" |  | ||||||
| sed -i "s|favicon.ico|favicon2.ico|g" "$TITLE_FILE" |  | ||||||
| sed -i "s|jitsilogo.png|watermark2.png|g" "$TITLE_FILE" |  | ||||||
| sed -i "s|logo-deep-linking.png|watermark2.png|g" "$BUNDLE_JS" |  | ||||||
| sed -i "s|icon-cloud.png|gnome_record.png|g" "$BUNDLE_JS" |  | ||||||
| #Disable logo and url |  | ||||||
| if ! grep -q ".leftwatermark{display:none" "$CSS_FILE" ; then |  | ||||||
|     sed -i "s|.leftwatermark{|.leftwatermark{display:none;|" "$CSS_FILE" |  | ||||||
| fi |  | ||||||
| #Replace App logo |  | ||||||
| sed -i "s|// defaultLogoUrl: .*|    defaultLogoUrl: 'images/watermark2.svg',|" "$MEET_CONF" |  | ||||||
| #Overwrite favicon svg |  | ||||||
| cp images/watermark2.svg $JM_IMG_PATH/favicon.svg |  | ||||||
| 
 |  | ||||||
| #Customize room title |  | ||||||
| sed -i "s|Jitsi Meet|$APP_NAME|g" "$TITLE_FILE" |  | ||||||
| sed -i "s| powered by the Jitsi Videobridge||g" "$TITLE_FILE" |  | ||||||
| sed -i "/appNotInstalled/ s|{{app}}|$MOVILE_APP_NAME|g" /usr/share/jitsi-meet/lang/* |  | ||||||
| 
 |  | ||||||
| #Custom UI changes |  | ||||||
| if [ -f "$INT_CONF" ] && [ -f "$INT_CONF_ETC" ]; then |  | ||||||
|     echo "Static interface_config.js exists, skipping modification..." |  | ||||||
| else |  | ||||||
|     echo "This setup doesn't have a static interface_config.js, seting it up and applying changes..." |  | ||||||
|     echo -e "\nPlease note that brandless mode will also overwrite support links.\n" |  | ||||||
|     sed -i "21,32 s|Jitsi Meet|$APP_NAME|g" "$INT_CONF" |  | ||||||
|     sed -i  "s|\([[:space:]]\)APP_NAME:.*| APP_NAME: \'$APP_NAME\',|" "$INT_CONF" |  | ||||||
|     sed -i "s|Fellow Jitster|$PART_USER|g" "$INT_CONF" |  | ||||||
|     sed -i "s|'me'|'$LOCAL_USER'|" "$INT_CONF" |  | ||||||
|     sed -i "s|LIVE_STREAMING_HELP_LINK: .*|LIVE_STREAMING_HELP_LINK: '#',|g" "$INT_CONF" |  | ||||||
|     sed -i "s|SUPPORT_URL: .*|SUPPORT_URL: '#',|g" "$INT_CONF" |  | ||||||
|     #Logo 2 |  | ||||||
|     sed -i "s|watermark.png|watermark2.png|g" "$INT_CONF" |  | ||||||
|     sed -i "s|watermark.svg|watermark2.png|g" "$INT_CONF" |  | ||||||
| fi |  | ||||||
							
								
								
									
										312
									
								
								jra_nextcloud.sh
								
								
								
								
							
							
						
						
									
										312
									
								
								jra_nextcloud.sh
								
								
								
								
							|  | @ -1,312 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # JRA (Jibri Recordings Access) via Nextcloud |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
|     set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| if ! [ "$(id -u)" = 0 ]; then |  | ||||||
|    echo "You need to be root or have sudo privileges!" |  | ||||||
|    exit 0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| exit_if_not_installed() { |  | ||||||
| if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then |  | ||||||
|     echo " This instance doesn't have $1 installed, exiting..." |  | ||||||
|     echo " If you think this is an error, please report to: |  | ||||||
|     -> https://forge.switnet.net/switnet/quick-jibri-installer/issues " |  | ||||||
|     exit |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| clear |  | ||||||
| echo -e '\n |  | ||||||
| ######################################################################## |  | ||||||
|                  Jibri Recordings Access via Nextcloud |  | ||||||
| ######################################################################## |  | ||||||
|                     by Software, IT & Networks Ltd |  | ||||||
| \n' |  | ||||||
| exit_if_not_installed jitsi-meet |  | ||||||
| ## APT checks |  | ||||||
| apt-get update -q2 |  | ||||||
| # Manually add prerequisites. |  | ||||||
| apt-get install -y curl letsencrypt nginx |  | ||||||
| 
 |  | ||||||
| MIN_PHP="8.3" |  | ||||||
| DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" |  | ||||||
| PSGVER="$(apt-cache madison postgresql|tr -d '[:blank:]'|awk -F'[|+]' 'NR==1{print $2}')" |  | ||||||
| NC_NGINX_SSL_PORT="$(grep "listen 44" /etc/nginx/sites-available/"$DOMAIN".conf | awk '{print$2}')" |  | ||||||
| [ -z "$NC_NGINX_SSL_PORT" ] && NC_NGINX_SSL_PORT="443" |  | ||||||
| NC_REPO="https://download.nextcloud.com/server/releases" |  | ||||||
| NCVERSION="$(curl -s -m 900 $NC_REPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)" |  | ||||||
| STABLEVERSION="nextcloud-$NCVERSION" |  | ||||||
| NC_PATH="/var/www/nextcloud" |  | ||||||
| NC_CONFIG="$NC_PATH/config/config.php" |  | ||||||
| NC_DB_USER="nextcloud_user" |  | ||||||
| NC_DB="nextcloud_db" |  | ||||||
| NC_DB_PASSWD="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)" |  | ||||||
| DIR_RECORD="$(awk  -F '"' '/RECORDING/{print$2}'  /home/jibri/finalize_recording.sh|awk 'NR==1{print$1}')" |  | ||||||
| REDIS_CONF="/etc/redis/redis.conf" |  | ||||||
| JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf" |  | ||||||
| [ -f "$JITSI_MEET_PROXY" ] && PREAD_PROXY=$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" -f1) |  | ||||||
| PUBLIC_IP="$(wget -qO- https://api.ipify.org)" |  | ||||||
| ISO3166_CODE=TBD |  | ||||||
| NL="$(printf '\n  ')" |  | ||||||
| 
 |  | ||||||
| 
 |  | ||||||
| exit_ifinstalled() { |  | ||||||
| if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then |  | ||||||
|     echo " This instance already has $1 installed, exiting..." |  | ||||||
|     echo " If you think this is an error, please report to: |  | ||||||
|     -> https://forge.switnet.net/switnet/quick-jibri-installer/issues " |  | ||||||
|     exit |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| install_ifnot() { |  | ||||||
| if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then |  | ||||||
|     echo " $1 is installed, skipping..." |  | ||||||
| else |  | ||||||
|     echo -e "\n---- Installing $1 ----" |  | ||||||
|     apt-get -yq2 install "$1" |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| while [[ "$ANS_NCD" != "yes" ]] |  | ||||||
| do |  | ||||||
|   read -p "> Please set your domain (or subdomain) here for Nextcloud: (e.g.: cloud.domain.com)$NL" -r NC_DOMAIN |  | ||||||
|   if [ -z "$NC_DOMAIN" ];then |  | ||||||
|     echo " - This field is mandatory." |  | ||||||
|   elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then |  | ||||||
|     echo " - You can not use the same domain for both, Jitsi Meet and JRA via Nextcloud." |  | ||||||
|   fi |  | ||||||
|   read -p "  > Did you mean?: $NC_DOMAIN (yes or no)$NL" -r ANS_NCD |  | ||||||
|   if [ "$ANS_NCD" = "yes" ]; then |  | ||||||
|     echo "   - Alright, let's use $NC_DOMAIN." |  | ||||||
|   else |  | ||||||
|     echo "   - Please try again." |  | ||||||
|   fi |  | ||||||
| done |  | ||||||
| sleep .1 |  | ||||||
|   #Simple DNS test |  | ||||||
| if [ "$PUBLIC_IP" = "$(dig -4 +short "$NC_DOMAIN"|awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then |  | ||||||
|   echo -e "Server public IP  & DNS record for $NC_DOMAIN seems to match, continuing...\n\n" |  | ||||||
|   sleep .1 |  | ||||||
| else |  | ||||||
|   echo "Server public IP ($PUBLIC_IP) & DNS record for $NC_DOMAIN don't seem to match." |  | ||||||
|   echo "  > Please check your dns records are applied and updated, otherwise Nextcloud may fail." |  | ||||||
|   read -p "  > Do you want to continue?: (yes or no)$NL" -r DNS_CONTINUE |  | ||||||
|   if [ "$DNS_CONTINUE" = "yes" ]; then |  | ||||||
|     echo "  - We'll continue anyway..." |  | ||||||
|   else |  | ||||||
|     echo "  - Exiting for now..." |  | ||||||
|   exit |  | ||||||
|   fi |  | ||||||
| fi |  | ||||||
| sleep .1 |  | ||||||
| NC_NGINX_CONF="/etc/nginx/sites-available/$NC_DOMAIN.conf" |  | ||||||
| while [ -z "$NC_USER" ] |  | ||||||
| do |  | ||||||
|     read -p "Nextcloud user: " -r NC_USER |  | ||||||
|     if [ -z "$NC_USER" ]; then |  | ||||||
|         echo " - This field is mandatory." |  | ||||||
|     fi |  | ||||||
| done |  | ||||||
| sleep .1 |  | ||||||
| while [ -z "$NC_PASS" ]  || [ ${#NC_PASS} -lt 8 ] |  | ||||||
| do |  | ||||||
|     read -p "Nextcloud user password: " -r NC_PASS |  | ||||||
|     if [ -z "$NC_PASS" ] || [ ${#NC_PASS} -lt 8 ]; then |  | ||||||
|         echo -e " - This field is mandatory. \nPlease make sure it's at least 8 characters.\n" |  | ||||||
|     fi |  | ||||||
| done |  | ||||||
| sleep .1 |  | ||||||
| #Enable HSTS |  | ||||||
| while [ "$ENABLE_HSTS" != "yes" ] && [ "$ENABLE_HSTS" != "no" ] |  | ||||||
| do |  | ||||||
|     read -p "> Do you want to enable HSTS for this domain? (yes or no) [default: no]: |  | ||||||
|   Be aware this option apply mid-term effects on the domain, choose \"no\" or leave empty |  | ||||||
|   in case you don't know what you are doing. More at https://hstspreload.org/$NL" -r ENABLE_HSTS |  | ||||||
|     ENABLE_HSTS=${ENABLE_HSTS:-no} |  | ||||||
|     if [ "$ENABLE_HSTS" = "no" ]; then |  | ||||||
|         echo " - HSTS won't be enabled." |  | ||||||
|     elif [ "$ENABLE_HSTS" = "yes" ]; then |  | ||||||
|         echo " - HSTS will be enabled." |  | ||||||
|     fi |  | ||||||
| done |  | ||||||
| sleep .1 |  | ||||||
| echo -e "#Default country phone code\n |  | ||||||
| > Starting at Nextcloud 21.x it's required to set a default country phone ISO 3166-1 alpha-2 code.\n |  | ||||||
| >>> https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements  <<<\n" |  | ||||||
| sleep .1 |  | ||||||
| while [ ${#ISO3166_CODE} -gt 2 ]; |  | ||||||
| do |  | ||||||
| echo -e "Some examples might be: Germany > DE | Mexico > MX | Spain > ES | USA > US\n |  | ||||||
| Do you want to set such code for your installation?" |  | ||||||
| sleep .1 |  | ||||||
| read -p "Leave empty if you don't want to set any: " -r ISO3166_CODE |  | ||||||
|   if [ ${#ISO3166_CODE} -gt 2 ]; then |  | ||||||
|     echo -e "\n-- This code is only 2 characters long, please check your input.\n" |  | ||||||
|   fi |  | ||||||
| done |  | ||||||
| sleep .1 |  | ||||||
| echo -e "\n# Check for jitsi-meet/jibri\n" |  | ||||||
| if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ] || \ |  | ||||||
|    [ -f /etc/prosody/conf.d/"$DOMAIN".conf ]; then |  | ||||||
|     echo "jitsi meet/jibri is installed, checking version:" |  | ||||||
|     apt-show-versions jibri |  | ||||||
| else |  | ||||||
|     echo "Wait!, jitsi-meet/jibri is not installed on this system via apt, exiting..." |  | ||||||
|     exit |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #Prevent root folder permission issues |  | ||||||
| cp "$PWD"/files/jra-nc-app-ef.json /tmp |  | ||||||
| 
 |  | ||||||
| exit_ifinstalled postgresql-"$PSGVER" |  | ||||||
| 
 |  | ||||||
| ## Install software requirements |  | ||||||
| # PostgresSQL |  | ||||||
| install_ifnot postgresql-"$PSGVER" |  | ||||||
| 
 |  | ||||||
| 
 |  | ||||||
| #-------------------------------------------------- |  | ||||||
| # Prepare PHP |  | ||||||
| #-------------------------------------------------- |  | ||||||
| 
 |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
|     bash -x "$PWD"/tools/prepare_php.sh "$MIN_PHP" |  | ||||||
| else |  | ||||||
|     bash "$PWD"/tools/prepare_php.sh "$MIN_PHP" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #-------------------------------------------------- |  | ||||||
| # Create DB user |  | ||||||
| #-------------------------------------------------- |  | ||||||
| 
 |  | ||||||
| echo -e "\n---- Creating the PgSQL DB & User  ----" |  | ||||||
| sudo -u postgres psql <<DB |  | ||||||
| CREATE DATABASE nextcloud_db; |  | ||||||
| CREATE USER ${NC_DB_USER} WITH ENCRYPTED PASSWORD '${NC_DB_PASSWD}'; |  | ||||||
| GRANT ALL PRIVILEGES ON DATABASE ${NC_DB} TO ${NC_DB_USER}; |  | ||||||
| \c nextcloud_db |  | ||||||
| ALTER SCHEMA public OWNER TO ${NC_DB_USER}; |  | ||||||
| DB |  | ||||||
| 
 |  | ||||||
| echo -e "\nDone!\n" |  | ||||||
| 
 |  | ||||||
| # Add .mjs as a file extension for javascript |  | ||||||
| sed -i "/application\/javascript/s|js.*;|js mjs;|" /etc/nginx/mime.types |  | ||||||
| 
 |  | ||||||
| # nginx conf setup. |  | ||||||
| cp files/nextcloud.conf "$NC_NGINX_CONF" |  | ||||||
| sed -i "s|_PHPVER|$MIN_PHP|g" "$NC_NGINX_CONF" |  | ||||||
| sed -i "s|_NC_DOMAIN|$NC_DOMAIN|g" "$NC_NGINX_CONF" |  | ||||||
| sed -i "s|_NC_NGINX_SSL_PORT|$NC_NGINX_SSL_PORT|g" "$NC_NGINX_CONF" |  | ||||||
| sed -i "s|_NC_PATH|$NC_PATH|g" "$NC_NGINX_CONF" |  | ||||||
| 
 |  | ||||||
| systemctl stop nginx |  | ||||||
| letsencrypt certonly --standalone --renew-by-default --agree-tos -d "$NC_DOMAIN" |  | ||||||
| if [ -f /etc/letsencrypt/live/"$NC_DOMAIN"/fullchain.pem ];then |  | ||||||
|     ln -s "$NC_NGINX_CONF" /etc/nginx/sites-enabled/ |  | ||||||
| else |  | ||||||
|     echo "There are issues on getting the SSL certs..." |  | ||||||
|     read -n 1 -s -r -p "Press any key to continue" |  | ||||||
| fi |  | ||||||
| nginx -t |  | ||||||
| systemctl restart nginx |  | ||||||
| 
 |  | ||||||
| if [ "$ENABLE_HSTS" = "yes" ]; then |  | ||||||
|     sed -i "s|#add_header Strict-Transport-Security|add_header Strict-Transport-Security|g" "$NC_NGINX_CONF" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| if [ -n "$PREAD_PROXY" ]; then |  | ||||||
|     echo " |  | ||||||
|   Setting up Nextcloud domain on Jitsi Meet turn proxy |  | ||||||
| " |  | ||||||
|     sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" "$JITSI_MEET_PROXY" |  | ||||||
|     sed -i "/server {/i \ \ \ \ \ \ $DOMAIN      web;" "$JITSI_MEET_PROXY" |  | ||||||
|     sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" "$JITSI_MEET_PROXY" |  | ||||||
|     sed -i "/server {/i \ \ }" "$JITSI_MEET_PROXY" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| echo -e "\n  Latest version to be installed: $STABLEVERSION |  | ||||||
|   (This might take sometime, please be patient...)\n" |  | ||||||
| curl -s "$NC_REPO"/"$STABLEVERSION".zip > /tmp/"$STABLEVERSION".zip |  | ||||||
| unzip -q /tmp/"$STABLEVERSION".zip |  | ||||||
| mv nextcloud "$NC_PATH" |  | ||||||
| 
 |  | ||||||
| chown -R www-data:www-data "$NC_PATH" |  | ||||||
| chmod -R 755 "$NC_PATH" |  | ||||||
| 
 |  | ||||||
| echo -e "\nDatabase installation...\n" |  | ||||||
| sudo -u www-data php$MIN_PHP "$NC_PATH"/occ maintenance:install \ |  | ||||||
| --database=pgsql \ |  | ||||||
| --database-name="$NC_DB" \ |  | ||||||
| --database-user="$NC_DB_USER" \ |  | ||||||
| --database-pass="$NC_DB_PASSWD" \ |  | ||||||
| --admin-user="$NC_USER" \ |  | ||||||
| --admin-pass="$NC_PASS" |  | ||||||
| 
 |  | ||||||
| echo -e "\nApply custom mods...\n" |  | ||||||
| sed -i "/datadirectory/a \ \ \'skeletondirectory\' => \'\'," "$NC_CONFIG" |  | ||||||
| sed -i "/skeletondirectory/a \ \ \'simpleSignUpLink.shown\' => false," "$NC_CONFIG" |  | ||||||
| sed -i "/simpleSignUpLink.shown/a \ \ \'knowledgebaseenabled\' => false," "$NC_CONFIG" |  | ||||||
| sed -i "s|http://localhost|https://$NC_DOMAIN|" "$NC_CONFIG" |  | ||||||
| 
 |  | ||||||
| echo -e "\nAdd crontab...\n" |  | ||||||
| crontab -u www-data -l | { cat; echo "*/5  *  *  *  * php$MIN_PHP -f $NC_PATH/cron.php"; } | crontab -u www-data - |  | ||||||
| 
 |  | ||||||
| echo -e "\nAdd memcache support...\n" |  | ||||||
| sed -i "s|# unixsocket .*|unixsocket /var/run/redis/redis.sock|g" "$REDIS_CONF" |  | ||||||
| sed -i "s|# unixsocketperm .*|unixsocketperm 777|g" "$REDIS_CONF" |  | ||||||
| sed -i "s|port 6379|port 0|" "$REDIS_CONF" |  | ||||||
| systemctl restart redis-server |  | ||||||
| 
 |  | ||||||
| echo -e "\n--> Setting config.php...\n" |  | ||||||
| if [ -n "$ISO3166_CODE" ]; then |  | ||||||
|   sed -i "/);/i \ \ 'default_phone_region' => '$ISO3166_CODE'," "$NC_CONFIG" |  | ||||||
| fi |  | ||||||
| sed -i "/);/i \ \ 'filelocking.enabled' => 'true'," "$NC_CONFIG" |  | ||||||
| sed -i "/);/i \ \ 'memcache.locking' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG" |  | ||||||
| sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG" |  | ||||||
| sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG" |  | ||||||
| sed -i "/);/i \ \ 'memcache.distributed' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG" |  | ||||||
| sed -i "/);/i \ \ 'redis' =>" "$NC_CONFIG" |  | ||||||
| sed -i "/);/i \ \ \ \ array (" "$NC_CONFIG" |  | ||||||
| sed -i "/);/i \ \ \ \ \ 'host' => '/var/run/redis/redis.sock'," "$NC_CONFIG" |  | ||||||
| sed -i "/);/i \ \ \ \ \ 'port' => 0," "$NC_CONFIG" |  | ||||||
| sed -i "/);/i \ \ \ \ \ 'timeout' => 0," "$NC_CONFIG" |  | ||||||
| sed -i "/);/i \ \ )," "$NC_CONFIG" |  | ||||||
| echo -e "Done\n" |  | ||||||
| 
 |  | ||||||
| echo -e "\nAddding & Setting up Files External App for Local storage...\n" |  | ||||||
| sudo -u www-data php$MIN_PHP "$NC_PATH"/occ app:install files_external |  | ||||||
| sudo -u www-data php$MIN_PHP "$NC_PATH"/occ app:enable files_external |  | ||||||
| sudo -u www-data php$MIN_PHP "$NC_PATH"/occ app:disable support |  | ||||||
| sudo -u www-data php$MIN_PHP "$NC_PATH"/occ files_external:import /tmp/jra-nc-app-ef.json |  | ||||||
| 
 |  | ||||||
| usermod -a -G jibri www-data |  | ||||||
| chmod -R 770 "$DIR_RECORD" |  | ||||||
| chmod -R g+s "$DIR_RECORD" |  | ||||||
| 
 |  | ||||||
| echo -e "\nFixing possible missing tables...\n\n" |  | ||||||
| echo "y"|sudo -u www-data php$MIN_PHP "$NC_PATH"/occ db:convert-filecache-bigint |  | ||||||
| sudo -u www-data php$MIN_PHP "$NC_PATH"/occ db:add-missing-indices |  | ||||||
| sudo -u www-data php$MIN_PHP "$NC_PATH"/occ db:add-missing-columns |  | ||||||
| 
 |  | ||||||
| echo -e "\nAdding trusted domain...\n" |  | ||||||
| sudo -u www-data php$MIN_PHP "$NC_PATH"/occ config:system:set trusted_domains 0 --value="$NC_DOMAIN" |  | ||||||
| 
 |  | ||||||
| echo -e "\nSetting JRA domain on jitsi-updater.sh\n" |  | ||||||
| sed -i "s|NC_DOMAIN=.*|NC_DOMAIN=\"$NC_DOMAIN\"|" jitsi-updater.sh |  | ||||||
| 
 |  | ||||||
| echo -e "\nQuick Nextcloud installation complete!\n" |  | ||||||
							
								
								
									
										334
									
								
								mode/chp-mode.sh
								
								
								
								
							
							
						
						
									
										334
									
								
								mode/chp-mode.sh
								
								
								
								
							|  | @ -1,334 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # Custom High Performance Jitsi conf |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| #DEBUG |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
| set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #Check if user is root |  | ||||||
| if ! [ "$(id -u)" = 0 ]; then |  | ||||||
|    echo "You need to be root or have privileges!" |  | ||||||
|    exit 0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| wait_seconds() { |  | ||||||
| secs=$(($1)) |  | ||||||
| while [ $secs -gt 0 ]; do |  | ||||||
|    echo -ne "$secs\033[0K\r" |  | ||||||
|    sleep 1 |  | ||||||
|    : $((secs--)) |  | ||||||
| done |  | ||||||
| } |  | ||||||
| set_once() { |  | ||||||
| if ! grep -q "$(awk '!/^ *#/ && NF {print}' "$2"|grep "$(awk -F '=' '{print$1}' <<< "$1")")" ; then |  | ||||||
|   echo "Setting $1 on $2..." |  | ||||||
|   echo "$1" | tee -a "$2" |  | ||||||
| else |  | ||||||
|   echo " \"$(echo "$1"|awk -F '=' '{print$1}')\" seems present, skipping setting this variable" |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| # True if $1 is greater than $2 |  | ||||||
| version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; } |  | ||||||
| 
 |  | ||||||
| 
 |  | ||||||
| LTS_REL="$(lsb_release -d | awk '{print$4}')" |  | ||||||
| DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" |  | ||||||
| JVB_LOG_POP="/etc/jitsi/videobridge/logging.properties" |  | ||||||
| JVB_RC="/usr/share/jitsi-videobridge/lib/videobridge.rc" |  | ||||||
| JICOFO_LOG_POP="/etc/jitsi/videobridge/logging.properties" |  | ||||||
| MEET_LOG_CONF="/usr/share/jitsi-meet/logging_config.js" |  | ||||||
| MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js" |  | ||||||
| MEET_CONF_HP="/etc/jitsi/meet/${DOMAIN}-chp-config.js" |  | ||||||
| INT_CONF_JS="/etc/jitsi/meet/${DOMAIN}-interface_config.js" |  | ||||||
| INT_CONF_JS_HP="/etc/jitsi/meet/${DOMAIN}-chp-interface_config.js" |  | ||||||
| WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf" |  | ||||||
| CHAT_DISABLED="TBD" |  | ||||||
| 
 |  | ||||||
| if [ -f "$MEET_CONF_HP" ] || [ -f "$INT_CONF_JS_HP" ]; then |  | ||||||
| echo " |  | ||||||
| This script can't be run multiple times on the same system, |  | ||||||
| idempotence not guaranteed, exiting..." |  | ||||||
| exit |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| if [ -z "$LTS_REL" ] || [ -z "$DOMAIN" ];then |  | ||||||
| echo "This system isn't suitable to configure." |  | ||||||
| exit |  | ||||||
|   else |  | ||||||
| echo "This system seems suitable to configure..." |  | ||||||
| fi |  | ||||||
| echo "What does this script do? |  | ||||||
| Overview: |  | ||||||
|  - Disables swap partition |  | ||||||
|  - Tunes, |  | ||||||
|    * Some kernel networking settings |  | ||||||
|    * nginx connections number |  | ||||||
|    * jvb2 logging |  | ||||||
|    * jicofo logging |  | ||||||
|    * meet logging |  | ||||||
|  - Modify UX by changing session configuration & toolbar. |  | ||||||
|  - Disable browsers not compatible with CHP, |  | ||||||
|    * Safari |  | ||||||
|    * Firefox* |  | ||||||
| " |  | ||||||
| 
 |  | ||||||
| echo "# Note: As for January 2021 Firefox can't handle correctly widescreen sizing |  | ||||||
| # on lower resolution than HD (nHD & qHD), setting as incompatible for now. |  | ||||||
| # (If you know this is no longer the case. Please report it to \ |  | ||||||
| https://forge.switnet.net/switnet/quick-jibri-installer/issues) |  | ||||||
| " |  | ||||||
| 
 |  | ||||||
| #Tools to consider |  | ||||||
| ##Profiling |  | ||||||
| #https://github.com/jvm-profiling-tools/async-profiler |  | ||||||
| 
 |  | ||||||
| while [[ "$CONTINUE_HP" != "yes" && "$CONTINUE_HP" != "no" ]] |  | ||||||
|     do |  | ||||||
|     read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_HP |  | ||||||
|     if [ "$CONTINUE_HP" = "no" ]; then |  | ||||||
|             echo "See you next time!..." |  | ||||||
|             exit |  | ||||||
|     elif [ "$CONTINUE_HP" = "yes" ]; then |  | ||||||
|             echo "Good, then let's get it done..." |  | ||||||
|     fi |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| # Video resolution selector |  | ||||||
| echo " |  | ||||||
| #-------------------------------------------------- |  | ||||||
| # Conference widescreen video resolution. |  | ||||||
| #-------------------------------------------------- |  | ||||||
| " |  | ||||||
| echo "If you are using a high volume of users we recommend to use nHD (640x360), |  | ||||||
| or at most qHD (960x540) resolution as default, since bandwith increase |  | ||||||
| exponentially with the more concurrent users on a meeting. |  | ||||||
| Either way, choose your desired video resolution. |  | ||||||
| " |  | ||||||
| 
 |  | ||||||
| PS3='Select the desired resolution for high performance mode: ' |  | ||||||
| options=("nHD - 640x360" "qHD - 960x540" "HD - 1280x720") |  | ||||||
| select opt in "${options[@]}" |  | ||||||
| do |  | ||||||
|     case "$opt" in |  | ||||||
|         "nHD - 640x360") |  | ||||||
|             echo -e "\n  > Setting 640x360 resolution.\n" |  | ||||||
|             VID_RES="360" |  | ||||||
|             break |  | ||||||
|             ;; |  | ||||||
|         "qHD - 960x540") |  | ||||||
|             echo -e "\n  > Setting 960x540 resolution.\n" |  | ||||||
|             VID_RES="540" |  | ||||||
|             break |  | ||||||
|             ;; |  | ||||||
|         "HD - 1280x720") |  | ||||||
|             echo -e "\n  > Setting 1280x720 resolution.\n" |  | ||||||
|             VID_RES="720" |  | ||||||
|             break |  | ||||||
|             ;; |  | ||||||
|         *) echo "Invalid option $REPLY, choose 1, 2 or 3";; |  | ||||||
|     esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| # Disable Chat? |  | ||||||
| > In case you have your own chat solution for the meetings you might |  | ||||||
| wanna disable Jitsi's chat from the toolbox. |  | ||||||
| " |  | ||||||
| while [[ "$CHAT_DISABLED" != "yes" && \ |  | ||||||
|          "$CHAT_DISABLED" != "no" && \ |  | ||||||
|          "$CHAT_DISABLED" != "" ]] |  | ||||||
| do |  | ||||||
| echo "> Do you want to disable jitsi's built-in chat?: (yes or no)" |  | ||||||
| read -p "(Also you can leave empty to disable)"$'\n' -r CHAT_DISABLED |  | ||||||
| if [ "$CHAT_DISABLED" = "no" ]; then |  | ||||||
| 	echo -e "-- Jitsi's built-in chat will be kept active.\n" |  | ||||||
| elif [ "$CHAT_DISABLED" = "yes" ] || [ -z "$CHAT_DISABLED" ]; then |  | ||||||
| 	echo -e "-- Jitsi's built-in chat will be disabled. \n" |  | ||||||
| fi |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| ## JMS system tune up |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
|     bash "$PWD"/jms-stu.sh -m debug |  | ||||||
| else |  | ||||||
|     bash "$PWD"/jms-stu.sh |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #JVB2 |  | ||||||
| ##Loose up logging |  | ||||||
| # https://community.jitsi.org/t/23641/13 |  | ||||||
| sed -i "/java.util.logging.FileHandler.level/s|ALL|WARNING|g" "$JVB_LOG_POP" |  | ||||||
| sed -i "s|^.level=INFO|.level=WARNING|" "$JVB_LOG_POP" |  | ||||||
| sed -i "/VIDEOBRIDGE_MAX_MEMORY=/i \ VIDEOBRIDGE_MAX_MEMORY=8192m" "$JVB_RC" |  | ||||||
| 
 |  | ||||||
| #JICOFO |  | ||||||
| sed -i "/java.util.logging.FileHandler.level/s|ALL|OFF|g" "$JICOFO_LOG_POP" |  | ||||||
| sed -i "s|^.level=INFO|.level=WARNING|" "$JICOFO_LOG_POP" |  | ||||||
| 
 |  | ||||||
| #MEET |  | ||||||
| sed -i "s|defaultLogLevel:.*|defaultLogLevel: 'error',|" "$MEET_LOG_CONF" |  | ||||||
| sed -i "/TraceablePeerConnection.js/s|info|error|" "$MEET_LOG_CONF" |  | ||||||
| sed -i "/CallStats.js/s|info|error|" "$MEET_LOG_CONF" |  | ||||||
| sed -i "/strophe.util.js/s|log|error|" "$MEET_LOG_CONF" |  | ||||||
| 
 |  | ||||||
| #UX - Room settings and interface |  | ||||||
| ## config.js |  | ||||||
| cp "$MEET_CONF" "$MEET_CONF_HP" |  | ||||||
| sed -i "s|// disableAudioLevels:.*|disableAudioLevels: true,|" "$MEET_CONF_HP" |  | ||||||
| sed -i "s|enableNoAudioDetection:.*|enableNoAudioDetection: false,|" "$MEET_CONF_HP" |  | ||||||
| sed -i "s|enableNoisyMicDetection:.*|enableNoisyMicDetection: false,|" "$MEET_CONF_HP" |  | ||||||
| sed -i "s|startAudioMuted:.*|startAudioMuted: 5,|" "$MEET_CONF_HP" |  | ||||||
| sed -i "s|// startVideoMuted:.*|startVideoMuted: 5,|" "$MEET_CONF_HP" |  | ||||||
| sed -i "s|startWithVideoMuted: true,|startWithVideoMuted: false,|" "$MEET_CONF_HP" |  | ||||||
| sed -i "s|channelLastN:.*|channelLastN: 10,|" "$MEET_CONF_HP" |  | ||||||
| sed -i "s|// enableLayerSuspension:.*|enableLayerSuspension: true,|" "$MEET_CONF_HP" |  | ||||||
| sed -i "s|// apiLogLevels:.*|apiLogLevels: \['warn', 'error'],|" "$MEET_CONF_HP" |  | ||||||
| 
 |  | ||||||
| if [ "$VID_RES" = "360" ]; then |  | ||||||
| sed -i "/Start QJI/,/End QJI/d" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 360," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 360," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 360," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 640," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 640," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF_HP" |  | ||||||
| fi |  | ||||||
| if [ "$VID_RES" = "540" ]; then |  | ||||||
| sed -i "/Start QJI/,/End QJI/d" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 540," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 540," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 540," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 960," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 960," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF_HP" |  | ||||||
| fi |  | ||||||
| if [ "$VID_RES" = "720" ]; then |  | ||||||
| sed -i "/Start QJI/,/End QJI/d" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 720," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 720," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 720," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 1280," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 1280," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF_HP" |  | ||||||
| sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF_HP" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| ## interface_config.js |  | ||||||
| cp "$INT_CONF_JS" "$INT_CONF_JS_HP" |  | ||||||
| sed -i "s|CONNECTION_INDICATOR_DISABLED:.*|CONNECTION_INDICATOR_DISABLED: true,|" "$INT_CONF_JS_HP" |  | ||||||
| sed -i "s|DISABLE_DOMINANT_SPEAKER_INDICATOR:.*|DISABLE_DOMINANT_SPEAKER_INDICATOR: true,|" "$INT_CONF_JS_HP" |  | ||||||
| sed -i "s|DISABLE_FOCUS_INDICATOR:.*|DISABLE_FOCUS_INDICATOR: false,|" "$INT_CONF_JS_HP" |  | ||||||
| sed -i "s|DISABLE_JOIN_LEAVE_NOTIFICATIONS:.*|DISABLE_JOIN_LEAVE_NOTIFICATIONS: true,|" "$INT_CONF_JS_HP" |  | ||||||
| sed -i "s|DISABLE_VIDEO_BACKGROUND:.*|DISABLE_VIDEO_BACKGROUND: true,|" "$INT_CONF_JS_HP" |  | ||||||
| sed -i "s|OPTIMAL_BROWSERS: \[.*|OPTIMAL_BROWSERS: \[ 'chrome', 'chromium', 'electron' \],|" "$INT_CONF_JS_HP" |  | ||||||
| sed -i "s|UNSUPPORTED_BROWSERS: .*|UNSUPPORTED_BROWSERS: \[ 'nwjs', 'safari', 'firefox' \],|" "$INT_CONF_JS_HP" |  | ||||||
| 
 |  | ||||||
| ### Toolbars |  | ||||||
| if version_gt "$(apt-show-versions jitsi-meet|awk '{print$2}')" "2.0.5390-3" ; then |  | ||||||
|   #New toolbar in config.js |  | ||||||
|   sed -i "/\/\/ toolbarButtons:/i \ \ \ \ toolbarButtons:: \[" "$MEET_CONF_HP" |  | ||||||
|   sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," "$MEET_CONF_HP" |  | ||||||
|   if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then |  | ||||||
|     sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," "$MEET_CONF_HP" |  | ||||||
|   else |  | ||||||
|     sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," "$MEET_CONF_HP" |  | ||||||
|   fi |  | ||||||
|   sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," "$MEET_CONF_HP" |  | ||||||
|   sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," "$MEET_CONF_HP" |  | ||||||
|   sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'mute-video-everyone', 'security'" "$MEET_CONF_HP" |  | ||||||
|   sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \]," "$MEET_CONF_HP" |  | ||||||
| else |  | ||||||
|   #Old toolbar in interface.js (soon deprecated on newer versions) |  | ||||||
|   sed -i "/^\s*TOOLBAR_BUTTONS*\]$/ s|^|//|; /^\s*TOOLBAR_BUTTONS/, /\],$/ s|^|//|" "$INT_CONF_JS_HP" |  | ||||||
| 
 |  | ||||||
|   sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ TOOLBAR_BUTTONS: \[" "$INT_CONF_JS_HP" |  | ||||||
|   sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," "$INT_CONF_JS_HP" |  | ||||||
|   if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then |  | ||||||
|     sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," "$INT_CONF_JS_HP" |  | ||||||
|   else |  | ||||||
|     sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," "$INT_CONF_JS_HP" |  | ||||||
|   fi |  | ||||||
|   sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," "$INT_CONF_JS_HP" |  | ||||||
|   sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," "$INT_CONF_JS_HP" |  | ||||||
|   sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'mute-video-everyone', 'security'" "$INT_CONF_JS_HP" |  | ||||||
|   sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \]," "$INT_CONF_JS_HP" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #Check config file |  | ||||||
| echo -e "\n# Checking $MEET_CONF file for errors\n" |  | ||||||
| CHECKJS_MEET_CHP="$(esvalidate "$MEET_CONF_HP"| cut -d ":" -f2)" |  | ||||||
| if [ -z "$CHECKJS_MEET_CHP" ]; then |  | ||||||
| echo -e "\n# The $MEET_CONF_HP configuration seems correct. =)\n" |  | ||||||
| else |  | ||||||
| echo -e "\n  Watch out!, there seems to be an issue on $MEET_CONF_HP line: |  | ||||||
|     $CHECKJS_MEET_CHP |  | ||||||
|   Most of the times this is due upstream changes, please report to |  | ||||||
|   https://forge.switnet.net/switnet/quick-jibri-installer/issues\n" |  | ||||||
| fi |  | ||||||
| CHECKJS_INT_CHP="$(esvalidate "$INT_CONF_JS_HP"| cut -d ":" -f2)" |  | ||||||
| if [ -z "$CHECKJS_INT_CHP" ]; then |  | ||||||
| echo -e "\n# The $INT_CONF_JS_HP configuration seems correct. =)\n" |  | ||||||
| else |  | ||||||
| echo -e "\n  Watch out!, there seems to be an issue on $INT_CONF_JS_HP line: |  | ||||||
|     $CHECKJS_INT_CHP |  | ||||||
|   Most of the times this is due upstream changes, please report to |  | ||||||
|   https://forge.switnet.net/switnet/quick-jibri-installer/issues\n" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| sed -i "s|$MEET_CONF|$MEET_CONF_HP|g" "$WS_CONF" |  | ||||||
| sed -i "s|$INT_CONF_JS|$INT_CONF_JS_HP|" "$WS_CONF" |  | ||||||
| nginx -t |  | ||||||
| #systemctl restart nginx |  | ||||||
| 
 |  | ||||||
| echo "Done!, yeah, that quick ;)" |  | ||||||
| 
 |  | ||||||
| echo "Rebooting in..." |  | ||||||
| wait_seconds 15 |  | ||||||
| reboot |  | ||||||
|  | @ -1,171 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # Custom Selenium Grid-Node fro Jitsi Meet |  | ||||||
| # Pandian © - https://community.jitsi.org/u/Pandian |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| #DEBUG |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
| set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #Check if user is root |  | ||||||
| if ! [ "$(id -u)" = 0 ]; then |  | ||||||
|    echo "You need to be root or have sudo privileges!" |  | ||||||
|    exit 0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| WAN_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)" |  | ||||||
| AV_SPACE="$(df -h .|grep -v File|awk '{print$4}'|sed -e 's|G||')" |  | ||||||
| 
 |  | ||||||
| echo -e "\n-- Make sure you have at least 10GB of disk space available.\n" |  | ||||||
| if [ "$(echo "$AV_SPACE > 9" | bc)" -ne 0 ]; then |  | ||||||
|   echo "> Seems we have enough disk space." |  | ||||||
| else |  | ||||||
|   echo "> Please meet the minimum required disk space for this installer, exiting..." |  | ||||||
|   exit |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| apt-get update |  | ||||||
| apt-get dist-upgrade -y |  | ||||||
| apt-get install -y \ |  | ||||||
|                          gnupg \ |  | ||||||
|                          bmon \ |  | ||||||
|                          curl \ |  | ||||||
|                          wget \ |  | ||||||
|                          unzip \ |  | ||||||
|                          maven \ |  | ||||||
|                          openjdk-11-jdk |  | ||||||
| # Docker |  | ||||||
| curl -fsSL https://get.docker.com -o get-docker.sh |  | ||||||
| sh get-docker.sh |  | ||||||
| ## Docker Compose |  | ||||||
| curl -sL "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose |  | ||||||
| chmod +x /usr/local/bin/docker-compose |  | ||||||
| ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose |  | ||||||
| 
 |  | ||||||
| # Jitsi Meet Torture |  | ||||||
| cd /opt || exit |  | ||||||
| git clone https://github.com/jitsi/jitsi-meet-torture |  | ||||||
| cd jitsi-meet-torture/ || exit |  | ||||||
| if [ -f resources/FourPeople_1280x720_30.y4m ] ; then |  | ||||||
|   echo "FourPeople_1280x720_30.y4m exists" |  | ||||||
| else |  | ||||||
|   echo "FourPeople_1280x720_30.y4m doesn't exists, getting a copy..." |  | ||||||
|   wget -c https://media.xiph.org/video/derf/y4m/FourPeople_1280x720_60.y4m |  | ||||||
|   mv FourPeople_1280x720_60.y4m resources/ |  | ||||||
|   cp resources/FourPeople_1280x720_60.y4m resources/FourPeople_1280x720_30.y4m |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #150 "participants" available |  | ||||||
| ## Tested up to 120 with AWS c5.24xlarge |  | ||||||
| cat << SELENIUM_GRID_DOCKER > selenium.yml |  | ||||||
| version: "3" |  | ||||||
| services: |  | ||||||
|   selenium-hub: |  | ||||||
|     image: selenium/hub:3.141.59-20200525 |  | ||||||
|     container_name: selenium-hub |  | ||||||
|     ports: |  | ||||||
|       - "4444:4444" |  | ||||||
|     restart: always |  | ||||||
|   chrome: |  | ||||||
|     image: selenium/node-chrome:3.141.59-20200525 |  | ||||||
|     volumes: |  | ||||||
|       - /dev/shm:/dev/shm |  | ||||||
|       - ./resources:/usr/share/jitsi-meet-torture/resources |  | ||||||
|     depends_on: |  | ||||||
|       - selenium-hub |  | ||||||
|     environment: |  | ||||||
|       - HUB_HOST=selenium-hub |  | ||||||
|       - HUB_PORT=4444 |  | ||||||
|       - NODE_MAX_INSTANCES=30 |  | ||||||
|       - NODE_MAX_SESSION=30 |  | ||||||
|     restart: always |  | ||||||
|   chrome2: |  | ||||||
|     image: selenium/node-chrome:3.141.59-20200525 |  | ||||||
|     volumes: |  | ||||||
|       - /dev/shm:/dev/shm |  | ||||||
|       - ./resources:/usr/share/jitsi-meet-torture/resources |  | ||||||
|     depends_on: |  | ||||||
|       - selenium-hub |  | ||||||
|     environment: |  | ||||||
|       - HUB_HOST=selenium-hub |  | ||||||
|       - HUB_PORT=4444 |  | ||||||
|       - NODE_MAX_INSTANCES=30 |  | ||||||
|       - NODE_MAX_SESSION=30 |  | ||||||
|     restart: always |  | ||||||
|   chrome3: |  | ||||||
|     image: selenium/node-chrome:3.141.59-20200525 |  | ||||||
|     volumes: |  | ||||||
|       - /dev/shm:/dev/shm |  | ||||||
|       - ./resources:/usr/share/jitsi-meet-torture/resources |  | ||||||
|     depends_on: |  | ||||||
|       - selenium-hub |  | ||||||
|     environment: |  | ||||||
|       - HUB_HOST=selenium-hub |  | ||||||
|       - HUB_PORT=4444 |  | ||||||
|       - NODE_MAX_INSTANCES=30 |  | ||||||
|       - NODE_MAX_SESSION=30 |  | ||||||
|     restart: always |  | ||||||
|   chrome4: |  | ||||||
|     image: selenium/node-chrome:3.141.59-20200525 |  | ||||||
|     volumes: |  | ||||||
|       - /dev/shm:/dev/shm |  | ||||||
|       - ./resources:/usr/share/jitsi-meet-torture/resources |  | ||||||
|     depends_on: |  | ||||||
|       - selenium-hub |  | ||||||
|     environment: |  | ||||||
|       - HUB_HOST=selenium-hub |  | ||||||
|       - HUB_PORT=4444 |  | ||||||
|       - NODE_MAX_INSTANCES=30 |  | ||||||
|       - NODE_MAX_SESSION=30 |  | ||||||
|     restart: always |  | ||||||
|   chrome5: |  | ||||||
|     image: selenium/node-chrome:3.141.59-20200525 |  | ||||||
|     volumes: |  | ||||||
|       - /dev/shm:/dev/shm |  | ||||||
|       - ./resources:/usr/share/jitsi-meet-torture/resources |  | ||||||
|     depends_on: |  | ||||||
|       - selenium-hub |  | ||||||
|     environment: |  | ||||||
|       - HUB_HOST=selenium-hub |  | ||||||
|       - HUB_PORT=4444 |  | ||||||
|       - NODE_MAX_INSTANCES=30 |  | ||||||
|       - NODE_MAX_SESSION=30 |  | ||||||
|     restart: always |  | ||||||
| SELENIUM_GRID_DOCKER |  | ||||||
| 
 |  | ||||||
| docker-compose -f selenium.yml up -d |  | ||||||
| 
 |  | ||||||
| echo -e "\n#=================== End of Seleniun Grid build ========================#\n" |  | ||||||
| echo -e "\nChange the values according to you test requirements using something like;\n" |  | ||||||
| echo "cd /opt/jitsi-meet-torture |  | ||||||
| sudo bash /opt/jitsi-meet-torture/scripts/malleus.sh \\ |  | ||||||
|                         --conferences=1 \\ |  | ||||||
|                         --participants=30 \\ |  | ||||||
|                         --senders=2 \\ |  | ||||||
|                         --audio-senders=1 \\ |  | ||||||
|                         --duration=120 \\ |  | ||||||
|                         --room-name-prefix=hamertesting \\ |  | ||||||
|                         --hub-url=http://localhost:4444/wd/hub \\ |  | ||||||
|                         --instance-url=https://YOUR.JITSI-MEET-INSTANCE.DOMAIN |  | ||||||
| " |  | ||||||
| echo -e "\n-- If using 'hamertesting' as prefix name you can join the room |  | ||||||
| hamertesting0, hamertesting1, hamertestingN |  | ||||||
| according to the 'N' number of conferences you have set to watch the test. |  | ||||||
| 
 |  | ||||||
| *Beware* for 120 \"participants\" to join video-muted it was necessary at least a c5.24xlarge AWS instance. |  | ||||||
| So start low, monitor your server resources and go from there." |  | ||||||
| 
 |  | ||||||
| echo -e "\n-- You can check the grid status at: |  | ||||||
| http://$WAN_IP:4444/grid/console |  | ||||||
| " |  | ||||||
|  | @ -1,86 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # System-tune-up to remove system software restrictions on a huge load of connections. |  | ||||||
| # Be aware that hardware/infrastructure resources are the most common limiters. |  | ||||||
| # |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| #DEBUG |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
| set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #Check if user is root |  | ||||||
| if ! [ "$(id -u)" = 0 ]; then |  | ||||||
|    echo "You need to be root or have privileges!" |  | ||||||
|    exit 0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| echo ' |  | ||||||
| #-------------------------------------------------- |  | ||||||
| # Starting system tune up configuration |  | ||||||
| # for high performance |  | ||||||
| #-------------------------------------------------- |  | ||||||
| ' |  | ||||||
| 
 |  | ||||||
| set_once_hash_comment() { |  | ||||||
| if ! awk '!/^ *#/ && NF {print}' "$2"|grep -q "$(awk -F '=' '{print$1}' <<< "$1")" ; then |  | ||||||
|   echo "Setting $1 on $2..." |  | ||||||
|   echo "$1" | tee -a "$2" |  | ||||||
| else |  | ||||||
|   echo "\"$(awk -F '=' '{print$1}' <<< "$1")\" seems already present, skipping setting this variable" |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| FSTAB=/etc/fstab |  | ||||||
| 
 |  | ||||||
| ##Disable swap |  | ||||||
| swapoff -a |  | ||||||
| sed -r  '/\sswap\s/s/^#?/#/' -i "$FSTAB" |  | ||||||
| 
 |  | ||||||
| ##Alternative swap tuning (need more documentation). |  | ||||||
| #vm.swappiness=5 |  | ||||||
| #vm.vfs_cache_pressure=50 |  | ||||||
| 
 |  | ||||||
| ##Kernel |  | ||||||
| #https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/5/html/tuning_and_optimizing_red_hat_enterprise_linux_for_oracle_9i_and_10g_databases/sect-oracle_9i_and_10g_tuning_guide-adjusting_network_settings-changing_network_kernel_settings |  | ||||||
| sysctl -w net.core.rmem_default=262144 |  | ||||||
| sysctl -w net.core.wmem_default=262144 |  | ||||||
| sysctl -w net.core.rmem_max=262144 |  | ||||||
| sysctl -w net.core.wmem_max=262144 |  | ||||||
| set_once_hash_comment "net.core.rmem_default=262144" "/etc/sysctl.conf" |  | ||||||
| set_once_hash_comment "net.core.wmem_default=262144" "/etc/sysctl.conf" |  | ||||||
| set_once_hash_comment "net.core.rmem_max=262144" "/etc/sysctl.conf" |  | ||||||
| set_once_hash_comment "net.core.wmem_max=262144" "/etc/sysctl.conf" |  | ||||||
| 
 |  | ||||||
| #system |  | ||||||
| #https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart |  | ||||||
| set_once_hash_comment "DefaultLimitNOFILE=65000" "/etc/sysctl.conf" |  | ||||||
| set_once_hash_comment "DefaultLimitNPROC=65000" "/etc/sysctl.conf" |  | ||||||
| set_once_hash_comment "DefaultTasksMax=65000" "/etc/sysctl.conf" |  | ||||||
| 
 |  | ||||||
| #https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_for_real_time/7/html/tuning_guide/reduce_tcp_performance_spikes |  | ||||||
| sysctl -w net.ipv4.tcp_timestamps=0 |  | ||||||
| set_once_hash_comment "net.ipv4.tcp_timestamps=0" "/etc/sysctl.conf" |  | ||||||
| 
 |  | ||||||
| #https://bugzilla.redhat.com/show_bug.cgi?id=1283676 |  | ||||||
| sysctl -w net.core.netdev_max_backlog=100000 |  | ||||||
| set_once_hash_comment "net.core.netdev_max_backlog=100000" "/etc/sysctl.conf" |  | ||||||
| 
 |  | ||||||
| ##nginx |  | ||||||
| sed -i "s|worker_connections.*|worker_connections 2000;|" /etc/nginx/nginx.conf |  | ||||||
| nginx -t |  | ||||||
| 
 |  | ||||||
| #Missing docs |  | ||||||
| #sysctl -w net.ipv4.tcp_low_latency=1 |  | ||||||
| 
 |  | ||||||
| echo "System tune up... |  | ||||||
|   Done!" |  | ||||||
							
								
								
									
										133
									
								
								mode/jwt.sh
								
								
								
								
							
							
						
						
									
										133
									
								
								mode/jwt.sh
								
								
								
								
							|  | @ -1,133 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # JWT Mode Setup |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| #DEBUG |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
|     set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" |  | ||||||
| MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js" |  | ||||||
| JICOFO_SIP="/etc/jitsi/jicofo/sip-communicator.properties" |  | ||||||
| JICOFO_CONF="/etc/jitsi/jicofo/jicofo.conf" |  | ||||||
| PROSODY_FILE="/etc/prosody/conf.d/$DOMAIN.cfg.lua" |  | ||||||
| PROSODY_SYS="/etc/prosody/prosody.cfg.lua" |  | ||||||
| APP_ID="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 16 | head -n1)" |  | ||||||
| SECRET_APP="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 64 | head -n1)" |  | ||||||
| ROOM="Two-Hour-Test-Room" |  | ||||||
| SRP_STR="$(grep -n "VirtualHost \"$DOMAIN\"" "$PROSODY_FILE" | head -n1 | cut -d ":" -f1)" |  | ||||||
| SRP_END="$((SRP_STR + 10))" |  | ||||||
| 
 |  | ||||||
| # Prosody 0.12{,.*} only |  | ||||||
| if command -v prosodyctl >/dev/null 2>&1; then |  | ||||||
|   PROSODY_VER="$(prosodyctl about 2>/dev/null | sed -n 's/^Prosody //p' | awk '{print $1}')" |  | ||||||
|   case "$PROSODY_VER" in |  | ||||||
|     0.12) : ;; # 22.04 |  | ||||||
|     0.12.*) : ;; # 24.04 |  | ||||||
|     *) echo "Prosody $PROSODY_VER NO supported for JWT mode (required 0.12.x)" |  | ||||||
|        exit 1 ;; |  | ||||||
|   esac |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| # Custom 5.4 lua workaround for prosody 0.12 |  | ||||||
| echo "Warning: Ubuntu 22.04/24.04 don't ship the required lua inspect module 5.4," |  | ||||||
| echo "         so, we work arround it, be careful on further upgrades or changes." |  | ||||||
| install -d -m 755 /usr/share/lua/5.4 |  | ||||||
| ln -sf /usr/share/lua/5.3/inspect.lua /usr/share/lua/5.4/inspect.lua |  | ||||||
| systemctl restart prosody jicofo jitsi-videobridge2 |  | ||||||
| 
 |  | ||||||
| sleep .1 |  | ||||||
| 
 |  | ||||||
| # Install dependencies |  | ||||||
| apt-get -y install python3-jwt |  | ||||||
| 
 |  | ||||||
| echo "set jitsi-meet-tokens/appid string $APP_ID" | debconf-set-selections |  | ||||||
| echo "set jitsi-meet-tokens/appsecret password $SECRET_APP" | debconf-set-selections |  | ||||||
| 
 |  | ||||||
| apt-get install -y jitsi-meet-tokens |  | ||||||
| 
 |  | ||||||
| # Setting up prosody |  | ||||||
| sed -i "s|c2s_require_encryption = true|c2s_require_encryption = false|" "$PROSODY_SYS" |  | ||||||
| #- |  | ||||||
| sed -i "$SRP_STR,$SRP_END{s|authentication = \"jitsi-anonymous\"|authentication = \"token\"|}" "$PROSODY_FILE" |  | ||||||
| sed -i "s|--app_id=\"example_app_id\"|app_id=\"$APP_ID\"|" "$PROSODY_FILE" |  | ||||||
| sed -i "s|--app_secret=\"example_app_secret\"|app_secret=\"$SECRET_APP\"|" "$PROSODY_FILE" |  | ||||||
| sed -i "/app_secret/a \\\\" "$PROSODY_FILE" |  | ||||||
| ## Only token owners can create, open the room and become moderators, |  | ||||||
| ## but require jibri: `allow_empty_token = true` |  | ||||||
| ## other participants are redirected authentication to guest. |  | ||||||
| sed -i "/app_secret/a \ \ \ \ allow_empty_token = true" "$PROSODY_FILE" |  | ||||||
| sed -i "/app_secret/a \\\\" "$PROSODY_FILE" |  | ||||||
| sed -i "/app_secret/a \ \ \ \ asap_accepted_issuers = { \"$APP_ID\" }" "$PROSODY_FILE" |  | ||||||
| sed -i "/app_secret/a \ \ \ \ asap_accepted_audiences = { \"$APP_ID\" }" "$PROSODY_FILE" |  | ||||||
| sed -i "/app_secret/a \\\\" "$PROSODY_FILE" |  | ||||||
| sed -i "s|--allow_empty_token =.*|allow_empty_token = true|" "$PROSODY_FILE" |  | ||||||
| sed -i 's|--"token_verification"|"token_verification"|' "$PROSODY_FILE" |  | ||||||
| sed -i "/muc_lobby_rooms/a \ \ \ \ \ \ \ \ \"persistent_lobby\";" "$PROSODY_FILE" |  | ||||||
| sed -i "/token_verification/a \ \ \ \ \ \ \ \ \"muc_wait_for_host\";" "$PROSODY_FILE" |  | ||||||
| 
 |  | ||||||
| # Set JWT and Guest settings |  | ||||||
| ## Harden JWT auth, preventing "free" moderator by racing into room, |  | ||||||
| ## only participants with token with moderator:true. |  | ||||||
| # Custom 'token_moderator_owner' module for passing JWT claim |  | ||||||
| cp files/mod_token_moderator_owner.lua /usr/share/jitsi-meet/prosody-plugins/ |  | ||||||
| sed -i '/"muc_password_whitelist"/a \ \ \ \ \ \ \ \ \"token_moderator_owner";' "$PROSODY_FILE" |  | ||||||
| envsubst < \ |  | ||||||
|   patches/prosody/001-enable_wait_for_host_disable_auto_owners.patch | \ |  | ||||||
|   patch --no-backup-if-mismatch -d / -p1 |  | ||||||
| hocon set jicofo.conference.enable-auto-owner false -f "$JICOFO_CONF" |  | ||||||
| 
 |  | ||||||
| ## config.js |  | ||||||
| sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" "$MEET_CONF" |  | ||||||
| awk ' |  | ||||||
|   BEGIN{done=0} |  | ||||||
|   /^[[:space:]]*var[[:space:]]+config[[:space:]]*=[[:space:]]*{\s*$/ && !done{ |  | ||||||
|     print |  | ||||||
|     print "    enableFeaturesBasedOnToken: true," |  | ||||||
|     print "    enableUserRolesBasedOnToken: true," |  | ||||||
|     done=1 |  | ||||||
|     next |  | ||||||
|   } |  | ||||||
|   {print} |  | ||||||
| ' "$MEET_CONF" > "${MEET_CONF}.new" && mv "${MEET_CONF}.new" "$MEET_CONF" |  | ||||||
| 
 |  | ||||||
| # Setup guests and lobby |  | ||||||
| cat << P_SR >> "$PROSODY_FILE" |  | ||||||
| 
 |  | ||||||
| -- jwt setup -QJI |  | ||||||
| VirtualHost "guest.$DOMAIN" |  | ||||||
|     authentication = "anonymous" |  | ||||||
|     c2s_require_encryption = false |  | ||||||
|     speakerstats_component = "speakerstats.$DOMAIN" |  | ||||||
| 
 |  | ||||||
|     modules_enabled = { |  | ||||||
|       "speakerstats"; |  | ||||||
| --      "conference_duration"; |  | ||||||
|     } |  | ||||||
| P_SR |  | ||||||
| 
 |  | ||||||
| echo -e "\nUse the following for your App (e.g. Rocket.Chat):\n" |  | ||||||
| echo -e "\nAPP_ID: $APP_ID" && \ |  | ||||||
| echo -e "SECRET_APP: $SECRET_APP\n" |  | ||||||
| 
 |  | ||||||
| echo -e "You can test JWT authentication with the following token for the next 2 hours:\n" |  | ||||||
| python3 tools/jwt/jitsi_token_maker_features.py \ |  | ||||||
|   --app-id "$APP_ID" --secret "$SECRET_APP" \ |  | ||||||
|   --domain "$DOMAIN" --room "$ROOM" \ |  | ||||||
|   --user-name "Moderator Token Test User" \ |  | ||||||
|   --moderator --features-all \ |  | ||||||
|   --minutes 120 --nbf-offset 300 --include-iat \ |  | ||||||
|   --url "https://$DOMAIN/" |  | ||||||
| 
 |  | ||||||
| read -n 1 -s -r -p $'\n'"Press any key to continue..."$'\n' |  | ||||||
|  | @ -1,40 +0,0 @@ | ||||||
| # Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems. |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| Enable transcription on jitsi meet config.js file. |  | ||||||
| 
 |  | ||||||
| diff --git a/etc/jitsi/meet/${DOMAIN}-config.js b/etc/jitsi/meet/${DOMAIN}-config.js
 |  | ||||||
| index f412891..f704157 100644
 |  | ||||||
| --- a/etc/jitsi/meet/${DOMAIN}-config.js
 |  | ||||||
| +++ b/etc/jitsi/meet/${DOMAIN}-config.js
 |  | ||||||
| @@ -426,9 +426,9 @@ var config = {
 |  | ||||||
|      // autoCaptionOnRecord: false, |  | ||||||
|   |  | ||||||
|      // Transcription options. |  | ||||||
| -    // transcription: {
 |  | ||||||
| +    transcription: {
 |  | ||||||
|      //     // Whether the feature should be enabled or not. |  | ||||||
| -    //     enabled: false,
 |  | ||||||
| +        enabled: true,
 |  | ||||||
|   |  | ||||||
|      //     // Translation languages. |  | ||||||
|      //     // Available languages can be found in |  | ||||||
| @@ -443,7 +443,7 @@ var config = {
 |  | ||||||
|      //     // detected based on the environment, e.g. if the app is opened in a chrome instance which |  | ||||||
|      //     // is using french as its default language then transcriptions for that participant will be in french. |  | ||||||
|      //     // Defaults to true. |  | ||||||
| -    //     useAppLanguage: true,
 |  | ||||||
| +        useAppLanguage: true,
 |  | ||||||
|   |  | ||||||
|      //     // Transcriber language. This settings will only work if "useAppLanguage" |  | ||||||
|      //     // is explicitly set to false. |  | ||||||
| @@ -484,7 +484,7 @@ var config = {
 |  | ||||||
|      //     // Enables automatic request of subtitles when transcriber is present in the meeting, uses the default |  | ||||||
|      //     // language that is set |  | ||||||
|      //     autoCaptionOnTranscribe: false, |  | ||||||
| -    // },
 |  | ||||||
| +    },
 |  | ||||||
|   |  | ||||||
|      // Misc |  | ||||||
|   |  | ||||||
|  | @ -1,80 +0,0 @@ | ||||||
| # Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems. |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| Modify sip-communicator.properties to run Jigasi along with VOSK Models. |  | ||||||
| 
 |  | ||||||
| diff --git a/etc/jitsi/jigasi/sip-communicator.properties b/etc/jitsi/jigasi/sip-communicator.properties
 |  | ||||||
| index 7a8d0f3..ae5369a 100644
 |  | ||||||
| --- a/etc/jitsi/jigasi/sip-communicator.properties
 |  | ||||||
| +++ b/etc/jitsi/jigasi/sip-communicator.properties
 |  | ||||||
| @@ -165,12 +165,12 @@ org.jitsi.jigasi.xmpp.acc.USE_DEFAULT_STUN_SERVER=false
 |  | ||||||
|   |  | ||||||
|  # If you want jigasi to perform authenticated login instead of anonymous login |  | ||||||
|  # to the XMPP server, you can set the following properties. |  | ||||||
| -# org.jitsi.jigasi.xmpp.acc.USER_ID=SOME_USER@SOME_DOMAIN
 |  | ||||||
| -# org.jitsi.jigasi.xmpp.acc.PASS=SOME_PASS
 |  | ||||||
| -# org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false
 |  | ||||||
| +org.jitsi.jigasi.xmpp.acc.USER_ID=transcriber@recorder.${DOMAIN}
 |  | ||||||
| +org.jitsi.jigasi.xmpp.acc.PASS=${JIG_TRANSC_PASWD}
 |  | ||||||
| +org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false
 |  | ||||||
|   |  | ||||||
|  # To fix SSL/TLS required by client but not supported by server |  | ||||||
| -#org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true
 |  | ||||||
| +org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true
 |  | ||||||
|   |  | ||||||
|  # Can be used in combination with jitsi-meet module mod_auth_jitsi-shared-secret |  | ||||||
|  # To have jigasi use a random username on every call |  | ||||||
| @@ -187,7 +187,7 @@ org.jitsi.jigasi.xmpp.acc.USE_DEFAULT_STUN_SERVER=false
 |  | ||||||
|  # Activate this property if you are using self-signed certificates or other |  | ||||||
|  # type of non-trusted certicates. In this mode your service trust in the |  | ||||||
|  # remote certificates always. |  | ||||||
| -# net.java.sip.communicator.service.gui.ALWAYS_TRUST_MODE_ENABLED=true
 |  | ||||||
| +net.java.sip.communicator.service.gui.ALWAYS_TRUST_MODE_ENABLED=true
 |  | ||||||
|   |  | ||||||
|  # Enable this property to be able to shutdown gracefully jigasi using |  | ||||||
|  # a rest command |  | ||||||
| @@ -196,31 +196,31 @@ org.jitsi.jigasi.xmpp.acc.USE_DEFAULT_STUN_SERVER=false
 |  | ||||||
|  # Options regarding Transcription. Read the README for a detailed description |  | ||||||
|  # about each property |  | ||||||
|   |  | ||||||
| -#org.jitsi.jigasi.ENABLE_TRANSCRIPTION=false
 |  | ||||||
| -#org.jitsi.jigasi.ENABLE_SIP=true
 |  | ||||||
| +org.jitsi.jigasi.ENABLE_TRANSCRIPTION=true
 |  | ||||||
| +org.jitsi.jigasi.ENABLE_SIP=false
 |  | ||||||
|   |  | ||||||
|  # whether to use the more expensive, but better performing |  | ||||||
|  # "video" model when doing transcription |  | ||||||
|  # org.jitsi.jigasi.transcription.USE_VIDEO_MODEL = false |  | ||||||
|   |  | ||||||
|  # delivering final transcript |  | ||||||
| -# org.jitsi.jigasi.transcription.DIRECTORY=/var/lib/jigasi/transcripts
 |  | ||||||
| -# org.jitsi.jigasi.transcription.BASE_URL=http://localhost/
 |  | ||||||
| -# org.jitsi.jigasi.transcription.jetty.port=-1
 |  | ||||||
| -# org.jitsi.jigasi.transcription.ADVERTISE_URL=false
 |  | ||||||
| +org.jitsi.jigasi.transcription.DIRECTORY=/var/lib/jigasi/transcripts
 |  | ||||||
| +org.jitsi.jigasi.transcription.BASE_URL=http://localhost/
 |  | ||||||
| +org.jitsi.jigasi.transcription.jetty.port=-1
 |  | ||||||
| +org.jitsi.jigasi.transcription.ADVERTISE_URL=false
 |  | ||||||
|   |  | ||||||
|  # save formats |  | ||||||
| -# org.jitsi.jigasi.transcription.SAVE_JSON=false
 |  | ||||||
| -# org.jitsi.jigasi.transcription.SAVE_TXT=true
 |  | ||||||
| +org.jitsi.jigasi.transcription.SAVE_JSON=false
 |  | ||||||
| +org.jitsi.jigasi.transcription.SAVE_TXT=true
 |  | ||||||
|   |  | ||||||
|  # send formats |  | ||||||
| -# org.jitsi.jigasi.transcription.SEND_JSON=true
 |  | ||||||
| -# org.jitsi.jigasi.transcription.SEND_TXT=false
 |  | ||||||
| +org.jitsi.jigasi.transcription.SEND_JSON=true
 |  | ||||||
| +org.jitsi.jigasi.transcription.SEND_TXT=false
 |  | ||||||
|   |  | ||||||
|  # Vosk server |  | ||||||
| -# org.jitsi.jigasi.transcription.customService=org.jitsi.jigasi.transcription.VoskTranscriptionService
 |  | ||||||
| +org.jitsi.jigasi.transcription.customService=org.jitsi.jigasi.transcription.VoskTranscriptionService
 |  | ||||||
|  # org.jitsi.jigasi.transcription.vosk.websocket_url={"en": "ws://localhost:2700", "fr": "ws://localhost:2710"} |  | ||||||
| -# org.jitsi.jigasi.transcription.vosk.websocket_url=ws://localhost:2700
 |  | ||||||
| +org.jitsi.jigasi.transcription.vosk.websocket_url=ws://localhost:2700
 |  | ||||||
|   |  | ||||||
|  # Whisper live transcription server |  | ||||||
|  # org.jitsi.jigasi.transcription.customService=org.jitsi.jigasi.transcription.WhisperTranscriptionService |  | ||||||
|  | @ -1,66 +0,0 @@ | ||||||
| # Quick Jibri Installer - *buntu (LTS) based systems. |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| Patch jitsi-meet config.js to enable recording and livestreaming by default. |  | ||||||
| 
 |  | ||||||
| diff --git a/etc/jitsi/meet/${DOMAIN}-config.js b/etc/jitsi/meet/${DOMAIN}-config.js
 |  | ||||||
| index dcb860b..8f64c7c 100644
 |  | ||||||
| --- a/etc/jitsi/meet/${DOMAIN}-config.js
 |  | ||||||
| +++ b/etc/jitsi/meet/${DOMAIN}-config.js
 |  | ||||||
| @@ -343,12 +343,12 @@ var config = {
 |  | ||||||
|      //    // showPrejoinWarning: true, |  | ||||||
|      // }, |  | ||||||
|   |  | ||||||
| -    // recordingService: {
 |  | ||||||
| +    recordingService: {
 |  | ||||||
|      //     // When integrations like dropbox are enabled only that will be shown, |  | ||||||
|      //     // by enabling fileRecordingsServiceEnabled, we show both the integrations |  | ||||||
|      //     // and the generic recording service (its configuration and storage type |  | ||||||
|      //     // depends on jibri configuration) |  | ||||||
| -    //     enabled: false,
 |  | ||||||
| +        enabled: true,
 |  | ||||||
|   |  | ||||||
|      //     // Whether to show the possibility to share file recording with other people |  | ||||||
|      //     // (e.g. meeting participants), based on the actual implementation |  | ||||||
| @@ -357,7 +357,7 @@ var config = {
 |  | ||||||
|   |  | ||||||
|      //     // Hide the warning that says we only store the recording for 24 hours. |  | ||||||
|      //     hideStorageWarning: false, |  | ||||||
| -    // },
 |  | ||||||
| +    },
 |  | ||||||
|   |  | ||||||
|      // DEPRECATED. Use recordingService.enabled instead. |  | ||||||
|      // fileRecordingsServiceEnabled: false, |  | ||||||
| @@ -368,7 +368,7 @@ var config = {
 |  | ||||||
|      // Local recording configuration. |  | ||||||
|      // localRecording: { |  | ||||||
|      //     // Whether to disable local recording or not. |  | ||||||
| -    //     disable: false,
 |  | ||||||
| +    //     disable: true,
 |  | ||||||
|   |  | ||||||
|      //     // Whether to notify all participants when a participant is recording locally. |  | ||||||
|      //     notifyAllParticipants: false, |  | ||||||
| @@ -378,9 +378,9 @@ var config = {
 |  | ||||||
|      // }, |  | ||||||
|   |  | ||||||
|      // Customize the Live Streaming dialog. Can be modified for a non-YouTube provider. |  | ||||||
| -    // liveStreaming: {
 |  | ||||||
| +    liveStreaming: {
 |  | ||||||
|      //    // Whether to enable live streaming or not. |  | ||||||
| -    //    enabled: false,
 |  | ||||||
| +       enabled: true,
 |  | ||||||
|      //    // Terms link |  | ||||||
|      //    termsLink: 'https://www.youtube.com/t/terms', |  | ||||||
|      //    // Data privacy link |  | ||||||
| @@ -388,8 +388,8 @@ var config = {
 |  | ||||||
|      //    // RegExp string that validates the stream key input field |  | ||||||
|      //    validatorRegExpString: '^(?:[a-zA-Z0-9]{4}(?:-(?!$)|$)){4}', |  | ||||||
|      //    // Documentation reference for the live streaming feature. |  | ||||||
| -    //    helpLink: 'https://jitsi.org/live'
 |  | ||||||
| -    // },
 |  | ||||||
| +       helpLink: 'https://forge.switnet.net/switnet/quick-jibri-installer'
 |  | ||||||
| +    },
 |  | ||||||
|   |  | ||||||
|      // DEPRECATED. Use liveStreaming.enabled instead. |  | ||||||
|      // liveStreamingEnabled: false, |  | ||||||
|  | @ -1,31 +0,0 @@ | ||||||
| # Quick Jibri Installer - *buntu (LTS) based systems. |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| Patch jitsi-meet config.js to enable/disable welcome page. |  | ||||||
| 
 |  | ||||||
| diff --git a/etc/jitsi/meet/${DOMAIN}-config.js b/etc/jitsi/meet/${DOMAIN}-config.js
 |  | ||||||
| index dcb860b..2094287 100644
 |  | ||||||
| --- a/etc/jitsi/meet/${DOMAIN}-config.js
 |  | ||||||
| +++ b/etc/jitsi/meet/${DOMAIN}-config.js
 |  | ||||||
| @@ -664,13 +664,13 @@ var config = {
 |  | ||||||
|      // enableWelcomePage: true, |  | ||||||
|   |  | ||||||
|      // Configs for welcome page. |  | ||||||
| -    // welcomePage: {
 |  | ||||||
| -    //     // Whether to disable welcome page. In case it's disabled a random room
 |  | ||||||
| -    //     // will be joined when no room is specified.
 |  | ||||||
| -    //     disabled: false,
 |  | ||||||
| -    //     // If set, landing page will redirect to this URL.
 |  | ||||||
| -    //     customUrl: ''
 |  | ||||||
| -    // },
 |  | ||||||
| +    welcomePage: {
 |  | ||||||
| +        // Whether to disable welcome page. In case it's disabled a random room
 |  | ||||||
| +        // will be joined when no room is specified.
 |  | ||||||
| +        disabled: ${ENABLE_WELCP_BOL},
 |  | ||||||
| +        // If set, landing page will redirect to this URL.
 |  | ||||||
| +        customUrl: ''
 |  | ||||||
| +    },
 |  | ||||||
|   |  | ||||||
|      // Configs for the lobby screen. |  | ||||||
|      // lobby: { |  | ||||||
|  | @ -1,18 +0,0 @@ | ||||||
| # Quick Jibri Installer - *buntu (LTS) based systems. |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| Patch prosody (0.12) $DOMAIN.cfg.lua to enable wait_for_host_disable_auto_owners. |  | ||||||
| 
 |  | ||||||
| diff --git a/etc/prosody/conf.d/${DOMAIN}.cfg.lua b/etc/prosody/conf.d/${DOMAIN}.cfg.lua
 |  | ||||||
| index f2b647e..031a064 100644
 |  | ||||||
| --- a/etc/prosody/conf.d/${DOMAIN}.cfg.lua
 |  | ||||||
| +++ b/etc/prosody/conf.d/${DOMAIN}.cfg.lua
 |  | ||||||
| @@ -103,6 +103,7 @@ Component "conference.${DOMAIN}" "muc"
 |  | ||||||
|      } |  | ||||||
|      muc_room_locking = false |  | ||||||
|      muc_room_default_public_jids = true |  | ||||||
| +    wait_for_host_disable_auto_owners = true
 |  | ||||||
|   |  | ||||||
|  Component "breakout.${DOMAIN}" "muc" |  | ||||||
|      restrict_room_creation = true |  | ||||||
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							|  | @ -1,85 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # Automated AWS generic kernel setup for jibri. |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| #DEBUG |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
| set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| wait_seconds() { |  | ||||||
| secs=$(($1)) |  | ||||||
| while [ $secs -gt 0 ]; do |  | ||||||
|    echo -ne "$secs\033[0K\r" |  | ||||||
|    sleep 1 |  | ||||||
|    : $((secs--)) |  | ||||||
| done |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| echo "#### |  | ||||||
| # WARNING: Only use this script if you know what you are doing. |  | ||||||
| # Under your own risk. |  | ||||||
| # This program is distributed in the hope that it will be useful, |  | ||||||
| # but WITHOUT ANY WARRANTY. |  | ||||||
| ####" |  | ||||||
| 
 |  | ||||||
| # Check if user is root |  | ||||||
| if [ "$UID" != 0 ]; then |  | ||||||
|     echo You need to run this script as root or sudo rights! |  | ||||||
|     exit 1 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| TMP_DIR="$(mktemp -d)" |  | ||||||
| KERNEL_LOG="$TMP_DIR/kernel_log" |  | ||||||
| GRUB_FILE="/etc/default/grub" |  | ||||||
| 
 |  | ||||||
| echo -e "# Check and update HWE kernel if possible...\n" |  | ||||||
| apt-get -q2 update |  | ||||||
| HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")" |  | ||||||
| if [ "$HWE_VIR_MOD" = "1" ]; then |  | ||||||
|     apt-get -y install \ |  | ||||||
|     linux-image-generic-hwe-"$(lsb_release -sr)" \ |  | ||||||
|     linux-tools-generic-hwe-"$(lsb_release -sr)" |  | ||||||
| else |  | ||||||
|     apt-get -y install \ |  | ||||||
|     linux-image-generic \ |  | ||||||
|     linux-modules-extra-"$(uname -r)" |  | ||||||
| fi |  | ||||||
| apt-get -y autoremove |  | ||||||
| apt-get autoclean |  | ||||||
| 
 |  | ||||||
| #Write update-grub output |  | ||||||
| update-grub > "$KERNEL_LOG" 2>&1 |  | ||||||
| 
 |  | ||||||
| #Get clean output |  | ||||||
| awk -F'boot/' '{print$2}' < "$KERNEL_LOG"|sed '/^[[:space:]]*$/d' | \ |  | ||||||
| tee "$KERNEL_LOG".tmp |  | ||||||
| mv "$KERNEL_LOG".tmp "$KERNEL_LOG" |  | ||||||
| 
 |  | ||||||
| echo -e "Check if AWS kernel is installed.\n" |  | ||||||
| [ "$(grep -wc aws "$KERNEL_LOG")" = 0 ] && echo "No AWS kernel found, exiting..." && exit |  | ||||||
| 
 |  | ||||||
| #Get kernel number |  | ||||||
| RAW_KERNEL_NUM="$(grep -Fn generic "$KERNEL_LOG"|head -n1|cut -d ':' -f1)" |  | ||||||
| FIXED_KERNEL_NUM="$(awk "BEGIN{ print $RAW_KERNEL_NUM - 1 }")" |  | ||||||
| 
 |  | ||||||
| echo -e "Set up GRUB for custom kernel.\n" |  | ||||||
| sed -i "s|GRUB_DEFAULT=.*|GRUB_DEFAULT=\"1\>$FIXED_KERNEL_NUM\"|" "$GRUB_FILE" |  | ||||||
| 
 |  | ||||||
| echo -e "Saving changes...\n" |  | ||||||
| update-grub |  | ||||||
| 
 |  | ||||||
| echo "Time to reboot..." |  | ||||||
| echo "Rebooting in..." |  | ||||||
| wait_seconds 15 |  | ||||||
| reboot |  | ||||||
|  | @ -1,45 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # Simple Fail2ban configuration |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GNU GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| #DEBUG |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
| set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #Check if user is root |  | ||||||
| if ! [ "$(id -u)" = 0 ]; then |  | ||||||
|    echo "You need to be root or have sudo privileges!" |  | ||||||
|    exit 0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| apt-get -y install fail2ban |  | ||||||
| 
 |  | ||||||
| if \ |  | ||||||
| [ -f /var/log/ssh_f2b.log ] && \ |  | ||||||
| [ "$(grep -c 604800 /etc/fail2ban/jail.local)" = "1" ] && \ |  | ||||||
| [ "$(grep -c ssh_f2b.log /etc/fail2ban/jail.local)" = "1" ]; then |  | ||||||
|     echo -e "\nFail2ban seems to be already configured.\n" |  | ||||||
| else |  | ||||||
|     echo -e "\nConfiguring Fail2ban...\n" |  | ||||||
| cat << F2BAN >> /etc/fail2ban/jail.local |  | ||||||
| [sshd] |  | ||||||
| enabled = true |  | ||||||
| port = 22 |  | ||||||
| filter = sshd |  | ||||||
| logpath = /var/log/ssh_f2b.log |  | ||||||
| maxretry = 3 |  | ||||||
| bantime = 604800 |  | ||||||
| F2BAN |  | ||||||
| fi |  | ||||||
| systemctl restart fail2ban |  | ||||||
|  | @ -1,207 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # Simple Jibri conf updater |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GNU GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| #DEBUG |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
| set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| echo -e ' |  | ||||||
| ######################################################################## |  | ||||||
|                   Welcome to Jibri Config Upgrader |  | ||||||
| ######################################################################## |  | ||||||
|                     by Software, IT & Networks Ltd |  | ||||||
| \n' |  | ||||||
| 
 |  | ||||||
| #Check if user is root |  | ||||||
| if ! [ "$(id -u)" = 0 ]; then |  | ||||||
|    echo "You need to be root or have sudo privileges!" |  | ||||||
|    exit 0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| echo "Checking for updates...." |  | ||||||
| apt-get -q2 update |  | ||||||
| apt install -y \ |  | ||||||
|                 apt-show-versions \ |  | ||||||
|                 jq |  | ||||||
| 
 |  | ||||||
| echo -e "\n# Check for jibri\n" |  | ||||||
| if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ]; then |  | ||||||
|     echo "Jibri is installed, checking version:" |  | ||||||
|     apt-show-versions jibri |  | ||||||
| else |  | ||||||
|     echo "Wait!, jibri is not installed on this system using apt, exiting..." |  | ||||||
|     exit |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| if [ -d /etc/prosody/ ];then |  | ||||||
| DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" |  | ||||||
| fi |  | ||||||
| CONF_JSON="/etc/jitsi/jibri/config.json" |  | ||||||
| JIBRI_CONF="/etc/jitsi/jibri/jibri.conf" |  | ||||||
| DIR_RECORD="/var/jbrecord" |  | ||||||
| REC_DIR="/home/jibri/finalize_recording.sh" |  | ||||||
| JibriBrewery="JibriBrewery" |  | ||||||
| 
 |  | ||||||
| check_read_vars() { |  | ||||||
|     echo "Checking $1" |  | ||||||
|     if [ -z "$2" ];then |  | ||||||
|         echo "This variable seems wrong, please check before continue" |  | ||||||
|         exit 1 |  | ||||||
|     fi |  | ||||||
| } |  | ||||||
| restart_services_jibri() { |  | ||||||
| if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ] |  | ||||||
| then |  | ||||||
| 	systemctl restart jibri |  | ||||||
| 	systemctl restart jibri-icewm |  | ||||||
| 	systemctl restart jibri-xorg |  | ||||||
| else |  | ||||||
| 	echo "Jibri service not installed" |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| #Prevent re-run on completed jibri upgraded instance |  | ||||||
| if [ -f "$CONF_JSON"_disabled ] && \ |  | ||||||
|    [ -f "$JIBRI_CONF" ] && \ |  | ||||||
|    [ -f "$JIBRI_CONF"-dpkg-file ]; then |  | ||||||
|     echo -e "\n> This jibri config has been upgraded already, we'll exit...\n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \ |  | ||||||
| https://forge.switnet.net/switnet/quick-jibri-installer/issues\n" |  | ||||||
|     exit |  | ||||||
| elif [ ! -f "$CONF_JSON" ] && \ |  | ||||||
|    [ -f "$JIBRI_CONF" ] && \ |  | ||||||
|    [ -f "$JIBRI_CONF"-dpkg-file ]; then |  | ||||||
|     echo -e "\n> This jibri seems to be running the latest configuration already, we'll exit...\n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \ |  | ||||||
| https://forge.switnet.net/switnet/quick-jibri-installer/issues\n" |  | ||||||
|     exit |  | ||||||
| elif [ -f "$CONF_JSON" ] && \ |  | ||||||
|    [ -f "$JIBRI_CONF" ]; then |  | ||||||
|     echo -e "\n> This jibri config seems to be candidate for upgrading, we'll continue...\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \ |  | ||||||
| https://forge.switnet.net/switnet/quick-jibri-installer/issues\n" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #Read missing variables |  | ||||||
| if [ -f "$CONF_JSON" ]; then |  | ||||||
|     echo "Reading current config.json file..." |  | ||||||
|     if [ -z "$DOMAIN" ]; then |  | ||||||
|         DOMAIN="$(jq .xmpp_environments[0].xmpp_domain $CONF_JSON|cut -d '"' -f2)" |  | ||||||
|     fi |  | ||||||
|     JB_NAME="$(jq .xmpp_environments[0].name $CONF_JSON|cut -d '"' -f2)" |  | ||||||
|     JB_AUTH_PASS="$(jq .xmpp_environments[0].control_login.password $CONF_JSON|cut -d '"' -f2)" |  | ||||||
|     JB_REC_PASS="$(jq .xmpp_environments[0].call_login.password $CONF_JSON|cut -d '"' -f2)" |  | ||||||
|     JB_NICKN="$(jq .xmpp_environments[0].control_muc.nickname $CONF_JSON|cut -d '"' -f2)" |  | ||||||
| else |  | ||||||
|     echo "Can't find the instance config.json file, exiting..." |  | ||||||
|     exit |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| check_read_vars "Jibri Name" "$JB_NAME" |  | ||||||
| check_read_vars "(Main server) Domain" "$DOMAIN" |  | ||||||
| check_read_vars "Control login passwd" "$JB_AUTH_PASS" |  | ||||||
| check_read_vars "Call login passwd" "$JB_REC_PASS" |  | ||||||
| check_read_vars "Jibri Node nickname" "$JB_NICKN" |  | ||||||
| 
 |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
| echo "$JB_NAME" |  | ||||||
| echo "$DOMAIN" |  | ||||||
| echo "$JB_AUTH_PASS" |  | ||||||
| echo "$JB_REC_PASS" |  | ||||||
| echo "$JB_NICKN" |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #Backup and setup new conf file |  | ||||||
| echo -e "Backing up config.json for historical purposes at:\n ${CONF_JSON}_disabled" |  | ||||||
| mv "$CONF_JSON" "${CONF_JSON}"_disabled |  | ||||||
| 
 |  | ||||||
| mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file |  | ||||||
| cat << NEW_CONF > "$JIBRI_CONF" |  | ||||||
| // New XMPP environment config. |  | ||||||
| jibri { |  | ||||||
|     recording { |  | ||||||
|          recordings-directory = $DIR_RECORD |  | ||||||
|          finalize-script = $REC_DIR |  | ||||||
|     } |  | ||||||
|     api { |  | ||||||
|         xmpp { |  | ||||||
|             environments = [ |  | ||||||
|                 { |  | ||||||
| 				// A user-friendly name for this environment |  | ||||||
| 				name = "$JB_NAME" |  | ||||||
| 
 |  | ||||||
| 				// A list of XMPP server hosts to which we'll connect |  | ||||||
| 				xmpp-server-hosts = [ "$DOMAIN" ] |  | ||||||
| 
 |  | ||||||
| 				// The base XMPP domain |  | ||||||
| 				xmpp-domain = "$DOMAIN" |  | ||||||
| 
 |  | ||||||
| 				// The MUC we'll join to announce our presence for |  | ||||||
| 				// recording and streaming services |  | ||||||
| 				control-muc { |  | ||||||
| 					domain = "internal.auth.$DOMAIN" |  | ||||||
| 					room-name = "$JibriBrewery" |  | ||||||
| 					nickname = "$JB_NICKN" |  | ||||||
| 				} |  | ||||||
| 
 |  | ||||||
| 				// The login information for the control MUC |  | ||||||
| 				control-login { |  | ||||||
| 					domain = "auth.$DOMAIN" |  | ||||||
| 					username = "jibri" |  | ||||||
| 					password = "$JB_AUTH_PASS" |  | ||||||
| 				} |  | ||||||
| 
 |  | ||||||
| 				// An (optional) MUC configuration where we'll |  | ||||||
| 				// join to announce SIP gateway services |  | ||||||
| 			//	sip-control-muc { |  | ||||||
| 			//		domain = "domain" |  | ||||||
| 			//		room-name = "room-name" |  | ||||||
| 			//		nickname = "nickname" |  | ||||||
| 			//	} |  | ||||||
| 
 |  | ||||||
| 				// The login information the selenium web client will use |  | ||||||
| 				call-login { |  | ||||||
| 					domain = "recorder.$DOMAIN" |  | ||||||
| 					username = "recorder" |  | ||||||
| 					password = "$JB_REC_PASS" |  | ||||||
| 				} |  | ||||||
| 
 |  | ||||||
| 				// The value we'll strip from the room JID domain to derive |  | ||||||
| 				// the call URL |  | ||||||
| 				strip-from-room-domain = "conference." |  | ||||||
| 
 |  | ||||||
| 				// How long Jibri sessions will be allowed to last before |  | ||||||
| 				// they are stopped.  A value of 0 allows them to go on |  | ||||||
| 				// indefinitely |  | ||||||
| 				usage-timeout = 0 hour |  | ||||||
| 
 |  | ||||||
| 				// Whether or not we'll automatically trust any cert on |  | ||||||
| 				// this XMPP domain |  | ||||||
| 				trust-all-xmpp-certs = true |  | ||||||
|                 } |  | ||||||
|             ] |  | ||||||
|         } |  | ||||||
|     } |  | ||||||
| } |  | ||||||
| NEW_CONF |  | ||||||
| 
 |  | ||||||
| echo "Check final jibri.conf file:" |  | ||||||
| cat "$JIBRI_CONF" |  | ||||||
| read -n 1 -s -r -p "Press any key to continue..." |  | ||||||
| 
 |  | ||||||
| restart_services_jibri |  | ||||||
| systemctl status jibri |  | ||||||
| 
 |  | ||||||
| if [ -f /var/log/jitsi/jicofo.log ]; then |  | ||||||
|     echo -e "Checking for jicofo recognizing \"Live\" jibri node..." |  | ||||||
|     tail -n 10 | grep Live |  | ||||||
| fi |  | ||||||
|  | @ -1,123 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # Simple Jibri resolution enhancer |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GNU GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| #DEBUG |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
| set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #Check if user is root |  | ||||||
| if ! [ "$(id -u)" = 0 ]; then |  | ||||||
|    echo "You need to be root or have sudo privileges!" |  | ||||||
|    exit 0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| # Make sure jibri is installed |  | ||||||
| if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ]; then |  | ||||||
|   echo "Good Jibri is installed on this server" |  | ||||||
| else |  | ||||||
|   echo "Jibri is not on this system, it is a requirement. |  | ||||||
| Exiting..." |  | ||||||
|   exit |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| apt-get -y install apt-show-versions |  | ||||||
| 
 |  | ||||||
| JIBRI_OPT="/opt/jitsi/jibri" |  | ||||||
| JIBRI_ENH_PATH="/opt/jibri-res-enhancer" |  | ||||||
| INSTALLED_JIBRI_VERSION="$(apt-show-versions jibri|awk '{print$2}')" |  | ||||||
| 
 |  | ||||||
| #Check if already run |  | ||||||
| if [ -f "$JIBRI_OPT/jibri-res_enh.jar" ] && \ |  | ||||||
|    [ -d "$JIBRI_ENH_PATH" ]; then |  | ||||||
|   echo "Seems this tools have been run before..." |  | ||||||
|   exit |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| mkdir /tmp/jibri |  | ||||||
| cd /tmp/jibri || exit |  | ||||||
| 
 |  | ||||||
| #Get md5sum for current jibri installed. |  | ||||||
| apt-get download jibri="$INSTALLED_JIBRI_VERSION" |  | ||||||
| ar x jibri_*.deb |  | ||||||
| tar xvf data.tar.xz |  | ||||||
| UPSTREAM_DEB_JAR_SUM="$(md5sum 2>/dev/null /tmp/jibri/opt/jitsi/jibri/jibri.jar |awk '{print$1}')" |  | ||||||
| 
 |  | ||||||
| if [ -z "$UPSTREAM_DEB_JAR_SUM" ]; then |  | ||||||
|   echo "Not possible to continue, exiting..." |  | ||||||
|   exit |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #Compile requisites |  | ||||||
| apt-get -y install devscripts \ |  | ||||||
|                    git \ |  | ||||||
|                    maven \ |  | ||||||
|                    openjdk-11-jdk |  | ||||||
| 
 |  | ||||||
| #Build repository |  | ||||||
| git clone https://github.com/jitsi/jibri "$JIBRI_ENH_PATH" |  | ||||||
| cd "$JIBRI_ENH_PATH" || exit |  | ||||||
| 
 |  | ||||||
| # Default values |  | ||||||
| ## videoEncodePreset - "veryfast" || h264ConstantRateFactor - 25 |  | ||||||
| # Recomemended values based on: https://trac.ffmpeg.org/wiki/Encode/H.264#crf |  | ||||||
| ## videoEncodePreset - "medium" || h264ConstantRateFactor - 17 |  | ||||||
| sed -i "/videoEncodePreset/s|String =.*|String = \"medium\",|"  src/main/kotlin/org/jitsi/jibri/capture/ffmpeg/FfmpegCapturer.kt |  | ||||||
| sed -i "/h264ConstantRateFactor/s|Int =.*|Int = 17,|"  src/main/kotlin/org/jitsi/jibri/capture/ffmpeg/FfmpegCapturer.kt |  | ||||||
| mvn package |  | ||||||
| 
 |  | ||||||
| JIBRI_JAR="$(find "$JIBRI_ENH_PATH" -name \*.jar|awk '/dependencies/{print}'|awk 'NR==1{print}')" |  | ||||||
| cp "$JIBRI_ENH_PATH"/target/"$JIBRI_JAR" "$JIBRI_ENH_PATH"/target/jibri.jar |  | ||||||
| 
 |  | ||||||
| # Backing up default binaries |  | ||||||
| if [ "$UPSTREAM_DEB_JAR_SUM" = "$(md5sum 2>/dev/null $JIBRI_OPT/jibri.jar|awk '{print$1}')" ]; then |  | ||||||
|   cp "$JIBRI_OPT"/jibri.jar "$JIBRI_OPT"/jibri-dpkg-package.jar |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| # Migrate original to enhanced jibri |  | ||||||
| cp "$JIBRI_ENH_PATH"/target/jibri.jar "$JIBRI_OPT"/jibri-res_enh.jar |  | ||||||
| if [ -f "$JIBRI_OPT"/jibri-dpkg-package.jar ];then |  | ||||||
|  cp "$JIBRI_OPT"/jibri-res_enh.jar "$JIBRI_OPT"/jibri.jar |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| JIBRI_RES_ENH_HASH="$(md5sum 2>/dev/null $JIBRI_OPT/jibri-res_enh.jar|awk '{print$1}')" |  | ||||||
| USED_JIBRI_HASH="$(md5sum 2>/dev/null $JIBRI_OPT/jibri.jar|awk '{print$1}')" |  | ||||||
| 
 |  | ||||||
| if [ "$JIBRI_RES_ENH_HASH" = "$USED_JIBRI_HASH" ]; then |  | ||||||
|   echo "Everything seems to have gone well." |  | ||||||
| else  |  | ||||||
|   echo "Something went wrong, restoring default package..." |  | ||||||
|   if [ "$(md5sum 2>/dev/null $JIBRI_OPT/jibri-dpkg-package.jar|awk '{print$1}')" = "$UPSTREAM_DEB_JAR_SUM" ]; then |  | ||||||
|     cp "$JIBRI_OPT"/jibri-dpkg-package.jar "$JIBRI_OPT"/jibri.jar |  | ||||||
|     CLEAN="true" |  | ||||||
|   else |  | ||||||
|     if [ -f /tmp/jibri/opt/jitsi/jibri/jibri.jar ]; then |  | ||||||
|       echo "Restoring from upstream package..." |  | ||||||
|       cp /tmp/jibri/opt/jitsi/jibri/jibri.jar "$JIBRI_OPT"/jibri.jar |  | ||||||
|       CLEAN="true" |  | ||||||
|     else |  | ||||||
|       echo "Wow, someone took the time to avoid restoration, please manually review your changes." |  | ||||||
|       echo "Exiting..." |  | ||||||
|       exit |  | ||||||
|     fi |  | ||||||
|   fi |  | ||||||
| fi |  | ||||||
| if [ "$CLEAN" = "true" ]; then |  | ||||||
|   rm -r /tmp/jibri |  | ||||||
|   rm -r "$JIBRI_ENH_PATH" |  | ||||||
|   rm /opt/jitsi/jibri/jibri-res_enh.jar |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| systemctl restart jibri |  | ||||||
| echo "This will be a good time to test the enhanced resolution." |  | ||||||
|  | @ -1,158 +0,0 @@ | ||||||
| #!/usr/bin/env python3 |  | ||||||
| # -*- coding: utf-8 -*- |  | ||||||
| """ |  | ||||||
| JWT generator for self‑hosted Jitsi (also compatible with JAAS if desired) |  | ||||||
| - HS256 (HMAC) signing using only Python standard library (no external deps). |  | ||||||
| - Flags to omit exp/nbf (test tokens), include iat, and read secret from file/STDIN. |  | ||||||
| - Flags to populate context.features: recording, livestreaming, transcription, sip-in/out. |  | ||||||
| - Robust URL construction (escapes the room name). |  | ||||||
| """ |  | ||||||
| import argparse, base64, hashlib, hmac, json, time, sys |  | ||||||
| from urllib.parse import quote |  | ||||||
| 
 |  | ||||||
| def b64url(data: bytes) -> str: |  | ||||||
|     return base64.urlsafe_b64encode(data).rstrip(b"=").decode("ascii") |  | ||||||
| 
 |  | ||||||
| def sign_hs256(secret: str, signing_input: str) -> str: |  | ||||||
|     sig = hmac.new(secret.encode("utf-8"), signing_input.encode("ascii"), hashlib.sha256).digest() |  | ||||||
|     return b64url(sig) |  | ||||||
| 
 |  | ||||||
| def main(): |  | ||||||
|     p = argparse.ArgumentParser(description="JWT generator for Jitsi (HS256)") |  | ||||||
|     # Identity / target |  | ||||||
|     p.add_argument("--app-id", required=True, help="app_id configured in Prosody/JAAS") |  | ||||||
|     p.add_argument("--secret", required=False, help="app_secret (HMAC/HS256)") |  | ||||||
|     p.add_argument("--secret-file", help="Read secret from file or '-' for STDIN") |  | ||||||
|     p.add_argument("--domain", help="Jitsi domain (e.g. meet.example.com) used as 'sub' in self-hosted") |  | ||||||
|     p.add_argument("--room", default="*", help="Target room (or '*' for all)") |  | ||||||
|     # Time |  | ||||||
|     p.add_argument("--minutes", type=int, default=60, help="Validity (minutes). Ignored if --no-exp") |  | ||||||
|     p.add_argument("--no-exp", action="store_true", help="Do not include 'exp' (tests only)") |  | ||||||
|     p.add_argument("--nbf-offset", type=int, default=10, help="Backdating seconds for 'nbf' (default: 10)") |  | ||||||
|     p.add_argument("--no-nbf", action="store_true", help="Do not include 'nbf' (tests only)") |  | ||||||
|     p.add_argument("--include-iat", action="store_true", help="Include 'iat'=now") |  | ||||||
|     # User |  | ||||||
|     p.add_argument("--user-name", default=None, help="User display name") |  | ||||||
|     p.add_argument("--user-email", default=None, help="User email") |  | ||||||
|     p.add_argument("--user-id", default=None, help="User unique ID") |  | ||||||
|     p.add_argument("--avatar", default=None, help="Avatar URL") |  | ||||||
|     p.add_argument("--moderator", action="store_true", help="Grant moderator role via token") |  | ||||||
|     p.add_argument("--moderator-as-string", action="store_true", |  | ||||||
|                    help="Use 'moderator': 'true'/'false' (string) instead of boolean") |  | ||||||
|     # Features (self-hosted with enableFeaturesBasedOnToken) |  | ||||||
|     p.add_argument("--feature-recording", action="store_true", help="Enable 'recording' in context.features") |  | ||||||
|     p.add_argument("--feature-livestreaming", action="store_true", help="Enable 'livestreaming' in context.features") |  | ||||||
|     p.add_argument("--feature-transcription", action="store_true", help="Enable 'transcription' in context.features") |  | ||||||
|     p.add_argument("--feature-sip-in", action="store_true", help="Enable 'sip-inbound-call' in context.features") |  | ||||||
|     p.add_argument("--feature-sip-out", action="store_true", help="Enable 'sip-outbound-call' in context.features") |  | ||||||
|     p.add_argument("--features-all", action="store_true", help="Enable all the features above") |  | ||||||
|     # Overrides / modes |  | ||||||
|     p.add_argument("--aud", default=None, help="Override 'aud' (default: app_id in self-hosted)") |  | ||||||
|     p.add_argument("--iss", default=None, help="Override 'iss' (default: app_id in self-hosted)") |  | ||||||
|     p.add_argument("--jaas", action="store_true", |  | ||||||
|                    help="JAAS mode: aud='jitsi', iss='chat', sub=app_id (ignores --domain for 'sub')") |  | ||||||
|     # Output |  | ||||||
|     p.add_argument("--url", default=None, |  | ||||||
|                    help="If provided (e.g. 'https://meet.example.com/'), prints full join URL with ?jwt=") |  | ||||||
|     p.add_argument("--print-json", action="store_true", help="Print payload JSON to STDERR (debug)") |  | ||||||
| 
 |  | ||||||
|     args = p.parse_args() |  | ||||||
| 
 |  | ||||||
|     # Secret: --secret-file takes precedence |  | ||||||
|     secret = args.secret |  | ||||||
|     if args.secret_file: |  | ||||||
|         if args.secret_file == "-": |  | ||||||
|             secret = sys.stdin.read().strip() |  | ||||||
|         else: |  | ||||||
|             with open(args.secret_file, "r", encoding="utf-8") as fh: |  | ||||||
|                 secret = fh.read().strip() |  | ||||||
|     if not secret: |  | ||||||
|         p.error("You must provide --secret or --secret-file (or --secret-file - for STDIN).") |  | ||||||
| 
 |  | ||||||
|     now = int(time.time()) |  | ||||||
|     exp = None if args.no_exp else (now + args.minutes * 60) |  | ||||||
|     nbf = None if args.no_nbf else (now - max(args.nbf_offset, 0)) |  | ||||||
| 
 |  | ||||||
|     # Header |  | ||||||
|     header = {"typ": "JWT", "alg": "HS256"} |  | ||||||
| 
 |  | ||||||
|     # Base claims by mode |  | ||||||
|     if args.jaas: |  | ||||||
|         aud = "jitsi" |  | ||||||
|         iss = "chat" |  | ||||||
|         sub = args.app_id |  | ||||||
|     else: |  | ||||||
|         if not args.domain: |  | ||||||
|             p.error("--domain is required in self-hosted mode (without --jaas).") |  | ||||||
|         aud = args.aud or args.app_id |  | ||||||
|         iss = args.iss or args.app_id |  | ||||||
|         sub = args.domain |  | ||||||
| 
 |  | ||||||
|     # User / contexto |  | ||||||
|     user = {} |  | ||||||
|     if args.user_id: user["id"] = args.user_id |  | ||||||
|     if args.user_name: user["name"] = args.user_name |  | ||||||
|     if args.user_email: user["email"] = args.user_email |  | ||||||
|     if args.avatar: user["avatar"] = args.avatar |  | ||||||
|     if args.moderator: |  | ||||||
|         if args.moderator_as_string: |  | ||||||
|             user["moderator"] = "true" |  | ||||||
|         else: |  | ||||||
|             user["moderator"] = True |  | ||||||
| 
 |  | ||||||
|     # Features |  | ||||||
|     features = {} |  | ||||||
|     if args.features_all: |  | ||||||
|         features = { |  | ||||||
|             "recording": True, |  | ||||||
|             "livestreaming": True, |  | ||||||
|             "transcription": True, |  | ||||||
|             "sip-inbound-call": True, |  | ||||||
|             "sip-outbound-call": True |  | ||||||
|         } |  | ||||||
|     else: |  | ||||||
|         if args.feature_recording:     features["recording"] = True |  | ||||||
|         if args.feature_livestreaming: features["livestreaming"] = True |  | ||||||
|         if args.feature_transcription: features["transcription"] = True |  | ||||||
|         if args.feature_sip_in:        features["sip-inbound-call"] = True |  | ||||||
|         if args.feature_sip_out:       features["sip-outbound-call"] = True |  | ||||||
| 
 |  | ||||||
|     context = {} |  | ||||||
|     if user: context["user"] = user |  | ||||||
|     if features: context["features"] = features |  | ||||||
| 
 |  | ||||||
|     payload = { |  | ||||||
|         "aud": aud, |  | ||||||
|         "iss": iss, |  | ||||||
|         "sub": sub, |  | ||||||
|         "room": args.room, |  | ||||||
|     } |  | ||||||
|     if context: |  | ||||||
|         payload["context"] = context |  | ||||||
|     if exp is not None: |  | ||||||
|         payload["exp"] = exp |  | ||||||
|     if nbf is not None: |  | ||||||
|         payload["nbf"] = nbf |  | ||||||
|     if args.include_iat: |  | ||||||
|         payload["iat"] = now |  | ||||||
| 
 |  | ||||||
|     # Build JWT manually |  | ||||||
|     signing_input = f"{b64url(json.dumps(header, separators=(',', ':'), ensure_ascii=False).encode())}." \ |  | ||||||
|                     f"{b64url(json.dumps(payload, separators=(',', ':'), ensure_ascii=False).encode())}" |  | ||||||
|     signature = sign_hs256(secret, signing_input) |  | ||||||
|     token = f"{signing_input}.{signature}" |  | ||||||
| 
 |  | ||||||
|     if args.print_json: |  | ||||||
|         print(json.dumps(payload, indent=2, ensure_ascii=False), file=sys.stderr) |  | ||||||
| 
 |  | ||||||
|     if args.url: |  | ||||||
|         base = args.url if args.url.endswith("/") else args.url + "/" |  | ||||||
|         room_path = "" if args.room == "*" else quote(args.room, safe="") |  | ||||||
|         join_url = base + room_path |  | ||||||
|         sep = "&" if "?" in join_url else "?" |  | ||||||
|         print(f"{join_url}{sep}jwt={token}") |  | ||||||
|     else: |  | ||||||
|         print(token) |  | ||||||
| 
 |  | ||||||
| if __name__ == "__main__": |  | ||||||
|     main() |  | ||||||
|  | @ -1,139 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # Automated PHP environment build for Nextcloud. |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| PHPVER=$1 |  | ||||||
| STABLE_PHP="$(apt-cache madison php|grep -v ppa|awk -F'[:+]' 'NR==1{print $2}')" |  | ||||||
| DISTRO_RELEASE="$(lsb_release -sc)" |  | ||||||
| PHP_REPO="$(apt-cache policy | awk '/http/&&/php/{print$2}' | awk -F "/" 'NR==1{print$5}')" |  | ||||||
| PHP_REPO_URL="http://ppa.launchpad.net/ondrej/php/ubuntu" |  | ||||||
| PHP_FPM_DIR="/etc/php/$PHPVER/fpm" |  | ||||||
| PHP_INI="$PHP_FPM_DIR/php.ini" |  | ||||||
| PHP_CONF="/etc/php/$PHPVER/fpm/pool.d/www.conf" |  | ||||||
| TMP_GPG_REPO="$(mktemp -d)" |  | ||||||
| 
 |  | ||||||
| if [ $# -ne 1 ]; then |  | ||||||
|   echo "Usage: $0 8.2" |  | ||||||
|   exit 1 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| install_ifnot() { |  | ||||||
|     if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then |  | ||||||
|         echo " $1 is installed, skipping..." |  | ||||||
|     else |  | ||||||
|         printf "\n---- Installing %s ----" "$1" |  | ||||||
|         apt-get -yq2 install "$1" |  | ||||||
|     fi |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| install_aval_package() { |  | ||||||
| for i in $1 |  | ||||||
|   do |  | ||||||
|      if [ -z "$(apt-cache madison "$i" 2>/dev/null)" ]; then |  | ||||||
|      echo " > Package $i not available on repo." |  | ||||||
|      else |  | ||||||
|      echo " > Add package $i to the install list" |  | ||||||
|      packages="$packages $i" |  | ||||||
|      fi |  | ||||||
|  done |  | ||||||
|  echo "$packages" |  | ||||||
|  apt-get -y install $packages #< don't quote. |  | ||||||
|  packages="" |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| add_gpg_keyring() { |  | ||||||
| apt-key adv --recv-keys --keyserver keyserver.ubuntu.com "$1" |  | ||||||
| apt-key export "$1" | gpg --dearmour | tee "$TMP_GPG_REPO"/"$1".gpg >/dev/null |  | ||||||
| apt-key del "$1" |  | ||||||
| mv "$TMP_GPG_REPO"/"$1".gpg /etc/apt/trusted.gpg.d/ |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| add_php_repo() { |  | ||||||
| if [ "$PHP_REPO" = "php" ]; then |  | ||||||
|     echo "PHP $PHPVER already installed" |  | ||||||
|     apt-get -q2 update |  | ||||||
|     apt-get -yq2 dist-upgrade |  | ||||||
| else |  | ||||||
|     echo "# Adding Ondrej PHP $PHPVER PPA Repository" |  | ||||||
|     add_gpg_keyring E5267A6C |  | ||||||
|     echo "deb [arch=amd64] $PHP_REPO_URL $DISTRO_RELEASE main" | \ |  | ||||||
|     tee /etc/apt/sources.list.d/php"$PHPVER".list |  | ||||||
|     apt-get update -q2 |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| add_php_repo |  | ||||||
| 
 |  | ||||||
| install_aval_package " \ |  | ||||||
|             imagemagick \ |  | ||||||
|             php$PHPVER-fpm \ |  | ||||||
|             php$PHPVER-bcmath \ |  | ||||||
|             php$PHPVER-bz2 \ |  | ||||||
|             php$PHPVER-cli \ |  | ||||||
|             php$PHPVER-cgi \ |  | ||||||
|             php$PHPVER-curl \ |  | ||||||
|             php$PHPVER-gd \ |  | ||||||
|             php$PHPVER-gmp \ |  | ||||||
|             php$PHPVER-imagick \ |  | ||||||
|             php$PHPVER-intl \ |  | ||||||
|             php$PHPVER-json \ |  | ||||||
|             php$PHPVER-ldap \ |  | ||||||
|             php$PHPVER-mbstring \ |  | ||||||
|             php$PHPVER-pgsql \ |  | ||||||
|             php$PHPVER-redis \ |  | ||||||
|             php$PHPVER-soap \ |  | ||||||
|             php$PHPVER-xml \ |  | ||||||
|             php$PHPVER-xmlrpc \ |  | ||||||
|             php$PHPVER-zip \ |  | ||||||
|             redis-server \ |  | ||||||
|             unzip \ |  | ||||||
|             " |  | ||||||
| 
 |  | ||||||
| #System related |  | ||||||
| install_ifnot smbclient |  | ||||||
| sed -i "s|.*env\[HOSTNAME\].*|env\[HOSTNAME\] = \$HOSTNAME|" "$PHP_CONF" |  | ||||||
| sed -i "s|.*env\[PATH\].*|env\[PATH\] = /usr/local/bin:/usr/bin:/bin|" "$PHP_CONF" |  | ||||||
| sed -i "s|.*env\[TMP\].*|env\[TMP\] = /tmp|" "$PHP_CONF" |  | ||||||
| sed -i "s|.*env\[TMPDIR\].*|env\[TMPDIR\] = /tmp|" "$PHP_CONF" |  | ||||||
| sed -i "s|.*env\[TEMP\].*|env\[TEMP\] = /tmp|" "$PHP_CONF" |  | ||||||
| sed -i "s|;clear_env = no|clear_env = no|" "$PHP_CONF" |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| Tunning PHP.ini... |  | ||||||
| " |  | ||||||
| # Change values in php.ini (increase max file size) |  | ||||||
| # max_execution_time |  | ||||||
| sed -i "s|max_execution_time =.*|max_execution_time = 3500|g" "$PHP_INI" |  | ||||||
| # max_input_time |  | ||||||
| sed -i "s|max_input_time =.*|max_input_time = 3600|g" "$PHP_INI" |  | ||||||
| # memory_limit |  | ||||||
| sed -i "s|memory_limit =.*|memory_limit = 512M|g" "$PHP_INI" |  | ||||||
| # post_max |  | ||||||
| sed -i "s|post_max_size =.*|post_max_size = 1025M|g" "$PHP_INI" |  | ||||||
| # upload_max |  | ||||||
| sed -i "s|upload_max_filesize =.*|upload_max_filesize = 1024M|g" "$PHP_INI" |  | ||||||
| 
 |  | ||||||
| phpenmod opcache |  | ||||||
| { |  | ||||||
| 
 |  | ||||||
| echo "# OPcache settings for Nextcloud" |  | ||||||
| echo "opcache.enable=1" |  | ||||||
| echo "opcache.enable_cli=1" |  | ||||||
| echo "opcache.interned_strings_buffer=8" |  | ||||||
| echo "opcache.max_accelerated_files=10000" |  | ||||||
| echo "opcache.memory_consumption=256" |  | ||||||
| echo "opcache.save_comments=1" |  | ||||||
| echo "opcache.revalidate_freq=1" |  | ||||||
| echo "opcache.validate_timestamps=1" |  | ||||||
| } >> "$PHP_INI" |  | ||||||
| 
 |  | ||||||
| echo "# Stick to default system php version to avoid breaking any other system application" |  | ||||||
| update-alternatives --set php           /usr/bin/php"$STABLE_PHP" |  | ||||||
| update-alternatives --set php-fpm.sock  /run/php/php"$STABLE_PHP"-fpm.sock |  | ||||||
| update-alternatives --set php-cgi      	/usr/bin/php-cgi"$STABLE_PHP" |  | ||||||
| update-alternatives --set php-cgi-bin   /usr/lib/cgi-bin/php"$STABLE_PHP" |  | ||||||
| update-alternatives --set phar          /usr/bin/phar"$STABLE_PHP" |  | ||||||
| update-alternatives --set phar.phar     /usr/bin/phar.phar"$STABLE_PHP" |  | ||||||
| 
 |  | ||||||
| systemctl restart php"$PHPVER"-fpm.service |  | ||||||
|  | @ -1,144 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| #Start over |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| #DEBUG |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
| set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #Check if user is root |  | ||||||
| if ! [ "$(id -u)" = 0 ]; then |  | ||||||
|    echo "You need to be root or have sudo privileges!" |  | ||||||
|    exit 0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| wait_seconds() { |  | ||||||
| secs=$(($1)) |  | ||||||
| while [ $secs -gt 0 ]; do |  | ||||||
|    echo -ne "$secs\033[0K\r" |  | ||||||
|    sleep 1 |  | ||||||
|    : $((secs--)) |  | ||||||
| done |  | ||||||
| } |  | ||||||
| remove_residuals() { |  | ||||||
|   if [ -d "$1" ]; then |  | ||||||
|     rm -r "$1" |  | ||||||
|   fi |  | ||||||
| } |  | ||||||
| purge_debconf() { |  | ||||||
|   echo PURGE | debconf-communicate "$1" |  | ||||||
| } |  | ||||||
| remove_services() { |  | ||||||
|   systemctl disable "$1" |  | ||||||
|   systemctl stop "$1" |  | ||||||
| } |  | ||||||
| echo -e ' |  | ||||||
| ######################################################################## |  | ||||||
|                 Welcome to the Start Over cleaner script |  | ||||||
| ######################################################################## |  | ||||||
|                     by Software, IT & Networks Ltd |  | ||||||
| \n' |  | ||||||
| 
 |  | ||||||
| SYNC_USER="$(find /home -maxdepth 1 -type d |awk '/jbsync/{print}')" |  | ||||||
| DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" |  | ||||||
| 
 |  | ||||||
| echo "We are about to remove and clean all the jitsi-meet platform bits and pieces... |  | ||||||
| Please make sure you have backed up anything you don't want to loose." |  | ||||||
| 
 |  | ||||||
| echo " |  | ||||||
| # WARGNING #: This is only recommended if you want to start over a failed installation, |  | ||||||
| or plain and simple remove jitsi from your system." |  | ||||||
| 
 |  | ||||||
| while [[ "$CONTINUE_PURGE1" != "yes" && "$CONTINUE_PURGE1" != "no" ]] |  | ||||||
| do |  | ||||||
| read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_PURGE1 |  | ||||||
| if [ "$CONTINUE_PURGE1" = "no" ]; then |  | ||||||
|     echo "  Good, see you next time..." |  | ||||||
|     exit |  | ||||||
| elif [ "$CONTINUE_PURGE1" = "yes" ]; then |  | ||||||
|     echo "" |  | ||||||
| fi |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| echo "Let me ask just one more time..." |  | ||||||
| while [[ "$CONTINUE_PURGE2" != "yes" && "$CONTINUE_PURGE2" != "no" ]] |  | ||||||
| do |  | ||||||
| read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_PURGE2 |  | ||||||
| if [ "$CONTINUE_PURGE2" = "no" ]; then |  | ||||||
|     echo "  Good, see you next time..." |  | ||||||
|     exit |  | ||||||
| elif [ "$CONTINUE_PURGE2" = "yes" ]; then |  | ||||||
|     echo "No going back, let's start..." |  | ||||||
|     wait_seconds 10 |  | ||||||
| fi |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| #Purging all jitsi meet packages |  | ||||||
| apt-get -y purge jibri \ |  | ||||||
|                  jicofo \ |  | ||||||
|                  jigasi \ |  | ||||||
|                  jitsi-meet \ |  | ||||||
|                  jitsi-meet-web \ |  | ||||||
|                  jitsi-meet-web-config \ |  | ||||||
|                  jitsi-meet-prosody \ |  | ||||||
|                  jitsi-meet-turnserver \ |  | ||||||
|                  jitsi-videobridge2 \ |  | ||||||
|                  prosody |  | ||||||
| 
 |  | ||||||
| #Chome related packages |  | ||||||
| apt-get -y purge google-chrome-stable |  | ||||||
| rm /usr/local/bin/chromedriver |  | ||||||
| 
 |  | ||||||
| #Services stop |  | ||||||
| remove_services jibri |  | ||||||
| remove_services jibri-icewm |  | ||||||
| remove_services jibri-xorg |  | ||||||
| 
 |  | ||||||
| #Cleaning packages |  | ||||||
| apt-get -y autoremove |  | ||||||
| apt-get clean |  | ||||||
| 
 |  | ||||||
| #Removing residual files |  | ||||||
| remove_residuals /etc/jitsi |  | ||||||
| remove_residuals /opt/jitsi |  | ||||||
| remove_residuals /usr/share/jicofo |  | ||||||
| remove_residuals /usr/share/jitsi-* |  | ||||||
| 
 |  | ||||||
| #Clean /etc/hosts |  | ||||||
| sed -i "/$DOMAIN/d" /etc/hosts |  | ||||||
| 
 |  | ||||||
| echo "#Purging debconf db" |  | ||||||
| purge_debconf jicofo |  | ||||||
| purge_debconf jigasi |  | ||||||
| purge_debconf jitsi-meet |  | ||||||
| purge_debconf jitsi-meet-prosody |  | ||||||
| purge_debconf jitsi-meet-turnserver |  | ||||||
| purge_debconf jitsi-meet-web-config |  | ||||||
| purge_debconf jitsi-videobridge2 |  | ||||||
| 
 |  | ||||||
| #Remove unused users & groups |  | ||||||
| if [ -n "$SYNC_USER" ]; then |  | ||||||
|   deluser --remove-home "$SYNC_USER" |  | ||||||
| fi |  | ||||||
| if [ -d /home/jibri ]; then |  | ||||||
|   deluser --remove-home  jibri |  | ||||||
|   rm -r /home/jibri |  | ||||||
| fi |  | ||||||
| groupdel  jibri |  | ||||||
| 
 |  | ||||||
| #Remove crontab |  | ||||||
| crontab -l | grep -v '@weekly certbot renew --nginx' | crontab - |  | ||||||
| crontab -l |  | ||||||
| 
 |  | ||||||
| echo "We are done..." |  | ||||||
|  | @ -1,238 +0,0 @@ | ||||||
| #!/bin/bash |  | ||||||
| # Simple Jibri Env tester |  | ||||||
| # SwITNet Ltd © - 2025, https://switnet.net/ |  | ||||||
| # GNU GPLv3 or later. |  | ||||||
| 
 |  | ||||||
| while getopts m: option |  | ||||||
| do |  | ||||||
| 	case "${option}" |  | ||||||
| 	in |  | ||||||
| 		m) MODE=${OPTARG};; |  | ||||||
| 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; |  | ||||||
| 	esac |  | ||||||
| done |  | ||||||
| 
 |  | ||||||
| #DEBUG |  | ||||||
| if [ "$MODE" = "debug" ]; then |  | ||||||
| set -x |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| echo -e ' |  | ||||||
| ######################################################################## |  | ||||||
|                   Welcome to Jibri Environment Tester |  | ||||||
| ######################################################################## |  | ||||||
|                     by Software, IT & Networks Ltd |  | ||||||
| \n' |  | ||||||
| 
 |  | ||||||
| #Check if user is root |  | ||||||
| if ! [ "$(id -u)" = 0 ]; then |  | ||||||
|    echo "You need to be root or have sudo privileges!" |  | ||||||
|    exit 0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| echo "Checking for updates...." |  | ||||||
| apt-get -q2 update |  | ||||||
| apt-get -yq2 install apt-show-versions \ |  | ||||||
|                      curl |  | ||||||
| 
 |  | ||||||
| check_google_binaries() { |  | ||||||
| if [ -z "$2" ]; then |  | ||||||
|   echo "Warning: No $1 doesn't seem installed" |  | ||||||
| else |  | ||||||
|   echo "$2" |  | ||||||
| fi |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| # True if $1 is greater than $2 |  | ||||||
| version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; } |  | ||||||
| 
 |  | ||||||
| JITSI_REPO="$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f1)" |  | ||||||
| SND_AL_MODULE=$(lsmod | awk '{print$1}'| grep snd_aloop) |  | ||||||
| HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")" |  | ||||||
| CONF_JSON="/etc/jitsi/jibri/config.json" |  | ||||||
| JIBRI_CONF="/etc/jitsi/jibri/jibri.conf" |  | ||||||
| JMS_DOMAIN="$(awk -F '"' '/xmpp-domain/{print$2}' "$JIBRI_CONF")" |  | ||||||
| CHDB="$(whereis chromedriver | awk '{print$2}')" |  | ||||||
| CHD_VER_LOCAL="$($CHDB --version 2>/dev/null| awk '{print$1,$2}')" |  | ||||||
| GOOGL_VER_LOCAL="$(/usr/bin/google-chrome --version 2>/dev/null)" |  | ||||||
| CHD_VER_2D="$(echo "$CHD_VER_LOCAL"|awk '{print$2}'|cut -d "." -f 1,2)" |  | ||||||
| GOOGL_VER_2D="$(echo "$GOOGL_VER_LOCAL"|awk '{print$3}'|cut -d "." -f 1,2)" |  | ||||||
| CHD_LTST="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)" |  | ||||||
| CHD_LTST_2D="$(echo "$CHD_LTST"|cut -d "." -f 1,2)" |  | ||||||
| 
 |  | ||||||
| #T1 |  | ||||||
| echo -e "\n#1 -- Check repository --\n" |  | ||||||
| if [ -z "$JITSI_REPO" ]; then |  | ||||||
|     echo "No repository detected, wait whaaaat?..." |  | ||||||
|     while [[ "$CONT_TEST" != "yes" && "$CONT_TEST" != "no" ]] |  | ||||||
|     do |  | ||||||
|       read -p "> Do you still want to continue the test?: (yes or no)"$'\n' -r CONT_TEST |  | ||||||
|       if [ "$CONT_TEST" = "no" ]; then |  | ||||||
|         echo "Exiting..." |  | ||||||
|         exit |  | ||||||
|       elif [ "$CONT_TEST" = "yes" ]; then |  | ||||||
|         echo "Hmm, seems there won't be anything to test, continuing anyway..." |  | ||||||
|         T1=0 |  | ||||||
|       fi |  | ||||||
|     done |  | ||||||
| else |  | ||||||
|     echo "This installation is using the \"$JITSI_REPO\" repository." |  | ||||||
|     T1=1 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #T2 |  | ||||||
| echo -e "\n#2 -- Check latest updates for jibri --\n" |  | ||||||
| if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ]; then |  | ||||||
|     echo "Jibri is installed, checking version:" |  | ||||||
|     apt-show-versions jibri |  | ||||||
| else |  | ||||||
|     echo "Wait!, jibri is not installed on this system using apt, exiting..." |  | ||||||
|     exit |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| if [ "$(apt-show-versions jibri | grep -c "uptodate")" = "1" ]; then |  | ||||||
|     echo -e "Jibri is already up to date: \xE2\x9C\x94" |  | ||||||
| else |  | ||||||
|     echo -e "\nAttempting jibri upgrade!" |  | ||||||
|     apt-get -y install --only-upgrade jibri |  | ||||||
| fi |  | ||||||
| T2=1 |  | ||||||
| 
 |  | ||||||
| #T3 |  | ||||||
| echo -e "\n#3 -- Check Google Chrome/driver software.  --\n" |  | ||||||
| check_google_binaries "Google Chrome" "$GOOGL_VER_LOCAL" |  | ||||||
| check_google_binaries "Chromedriver" "$CHD_VER_LOCAL" |  | ||||||
| 
 |  | ||||||
| if [ -n "$CHD_VER_LOCAL" ] && [ -n "$GOOGL_VER_LOCAL" ]; then |  | ||||||
| # Chrome upgrade process |  | ||||||
|   if [ "$(apt-show-versions google-chrome-stable | grep -c "uptodate")" = "1" ]; then |  | ||||||
|     echo -e "Google Chrome is already up to date: \xE2\x9C\x94" |  | ||||||
|   else |  | ||||||
|     echo -e "\nAttempting Google Chrome upgrade!" |  | ||||||
|     apt-get -yq install --only-upgrade google-chrome-stable |  | ||||||
|   fi |  | ||||||
| # Only upgrade chromedriver if it's on a lower version, not just a different one. |  | ||||||
|   if [ "$CHD_VER_2D" = "$GOOGL_VER_2D" ]; then |  | ||||||
|       echo -e "\nChromedriver version seems according to Google Chrome: \xE2\x9C\x94" |  | ||||||
|       T3=1 |  | ||||||
|       elif version_gt "$GOOGL_VER_2D" "$CHD_VER_2D" && \ |  | ||||||
|       [ "$GOOGL_VER_2D" = "$CHD_LTST_2D" ]; then |  | ||||||
|           echo -e "\nAttempting  Chromedriver update!" |  | ||||||
|           wget -q https://chromedriver.storage.googleapis.com/"$CHD_LTST"/chromedriver_linux64.zip \ |  | ||||||
|                -O /tmp/chromedriver_linux64.zip |  | ||||||
|           unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/ |  | ||||||
|           chown root:root "$CHDB" |  | ||||||
|           chmod 0755 "$CHDB" |  | ||||||
|           rm -rf /tpm/chromedriver_linux64.zip |  | ||||||
|           if [ "$($CHDB -v | awk '{print $2}'|cut -d "." -f 1,2)" = "$GOOGL_VER_2D" ]; then |  | ||||||
|               echo "Successful update" |  | ||||||
|               T3=1 |  | ||||||
|           else |  | ||||||
|               echo "Something might gone wrong on the update process, please report." |  | ||||||
|               T3=0 |  | ||||||
|           fi |  | ||||||
|       else |  | ||||||
|       T3=0 |  | ||||||
|   fi |  | ||||||
|  else |  | ||||||
|   T3=0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #T4 |  | ||||||
| echo -e "\n#4 -- Test kernel modules --\n" |  | ||||||
| if [ -z "$SND_AL_MODULE" ]; then |  | ||||||
| #First make sure the recommended kernel is installed. |  | ||||||
|   if [ "$HWE_VIR_MOD" = "1" ]; then |  | ||||||
|       apt-get -y install \ |  | ||||||
|       linux-image-generic-hwe-"$(lsb_release -sr)" |  | ||||||
|       else |  | ||||||
|       apt-get -y install \ |  | ||||||
|       linux-image-generic \ |  | ||||||
|       linux-modules-extra-"$(uname -r)" |  | ||||||
|   fi |  | ||||||
|     echo -e "\nNo module snd_aloop detected. \xE2\x9C\x96 <== IMPORTANT! \nCurrent kernel: $(uname -r)\n" |  | ||||||
|     echo -e "\nIf you just installed a new kernel, \ |  | ||||||
| please try rebooting.\nFor now wait 'til the end of the recommended kernel installation." |  | ||||||
|   echo "# Check and Install HWE kernel if possible..." |  | ||||||
|   if uname -r | grep -q aws;then |  | ||||||
|   KNL_HWE="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)"|awk 'NR==1{print$3}'|cut -d "." -f1-4)" |  | ||||||
|   KNL_MENU="$(awk -F\' '/menuentry / {print $2}' /boot/grub/grub.cfg|awk '!/recovery/&&/generic/{print$3,$4}'|grep "$KNL_HWE")" |  | ||||||
|       if [ -n "$KNL_MENU" ];then |  | ||||||
|       echo -e "\nSeems you are using an AWS kernel \xE2\x9C\x96 <== IMPORTANT! \nYou might consider modify your grub (/etc/default/grub) to use the following:" && \ |  | ||||||
|       echo -e "\n > $KNL_MENU" |  | ||||||
|       fi |  | ||||||
|   fi |  | ||||||
|   T4=0 |  | ||||||
| else |  | ||||||
|     echo -e "Great!, module snd-aloop found. \xE2\x9C\x94" |  | ||||||
|     T4=1 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #T5 |  | ||||||
| echo -e "\n#5 -- Test .asoundrc file --\n" |  | ||||||
| ASRC_MASTER="https://raw.githubusercontent.com/jitsi/jibri/master/resources/debian-package/etc/jitsi/jibri/asoundrc" |  | ||||||
| ASRC_INSTALLED="/home/jibri/.asoundrc" |  | ||||||
| ASRC_MASTER_MD5SUM="$(curl -sL "$ASRC_MASTER" | md5sum | cut -d ' ' -f 1)" |  | ||||||
| ASRC_INSTALLED_MD5SUM="$(md5sum "$ASRC_INSTALLED" | cut -d ' ' -f 1)" |  | ||||||
| 
 |  | ||||||
| if [ "$ASRC_MASTER_MD5SUM" == "$ASRC_INSTALLED_MD5SUM" ]; then |  | ||||||
|     echo -e "Seems to be using the latest asoundrc file available. \xE2\x9C\x94" |  | ||||||
|     T5=1 |  | ||||||
| else |  | ||||||
|     echo -e "asoundrc files differ, if you have errors, you might wanna check this file \xE2\x9C\x96" |  | ||||||
|     T5=0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #T6 |  | ||||||
| echo -e "\n#6 -- Old or new config --\n" |  | ||||||
| 
 |  | ||||||
| echo -e "What config version is this using?" |  | ||||||
| if [ -f "${CONF_JSON}"_disabled ] && \ |  | ||||||
|    [ -f "$JIBRI_CONF" ] && \ |  | ||||||
|    [ -f "$JIBRI_CONF"-dpkg-file ]; then |  | ||||||
|     echo -e "\n> This jibri config has been upgraded already. \xE2\x9C\x94 \n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \ |  | ||||||
| https://forge.switnet.net/switnet/quick-jibri-installer/issues\n" |  | ||||||
| T6=1 |  | ||||||
| elif [ ! -f "$CONF_JSON" ] && \ |  | ||||||
|      [ -f "$JIBRI_CONF" ] && \ |  | ||||||
|      [ -f "${JIBRI_CONF}"-dpkg-file ]; then |  | ||||||
|     echo -e "\n> This jibri seems to be running the latest configuration already. \xE2\x9C\x94 \n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \ |  | ||||||
| https://forge.switnet.net/switnet/quick-jibri-installer/issues\n" |  | ||||||
| T6=1 |  | ||||||
| elif [ -f "${CONF_JSON}" ] && \ |  | ||||||
|      [ -f "$JIBRI_CONF" ]; then |  | ||||||
|     echo -e "\n> This jibri config seems to be candidate for upgrading. \xE2\x9C\x96 \nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \ |  | ||||||
| https://forge.switnet.net/switnet/quick-jibri-installer/issues\n" |  | ||||||
| T6=0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #T6.1 |  | ||||||
| echo -e "\n#6.1 -- Check for specific Chrome flag --\n" |  | ||||||
| if [ "$(grep -c "ignore-certificate-errors"  $JIBRI_CONF)" != 0 ]; then |  | ||||||
|     echo -e "\n> Seems you have the \"--ignore-certificate-errors\" flag required for Chrome v88 and later. \xE2\x9C\x94 \n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \ |  | ||||||
| https://forge.switnet.net/switnet/quick-jibri-installer/issues\n" |  | ||||||
| T6_1="0.1" |  | ||||||
| else |  | ||||||
| echo -e "\n> The jibri config may be missing the required chrome flags. \xE2\x9C\x96 \nPlease check:\n https://forge.switnet.net/switnet/quick-jibri-installer/src/branch/master/quick_jibri_installer.sh#L870 \n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \ |  | ||||||
| https://forge.switnet.net/switnet/quick-jibri-installer/issues\n" |  | ||||||
| T6_1=0 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| #T7 |  | ||||||
| echo -e "\n#7 -- Check for open communication port among Jibri and JMS --\n" |  | ||||||
| if ! nc -z -v -w5 "$JMS_DOMAIN" 5222 ; then |  | ||||||
|   echo -e "Connection failed! \xE2\x9C\x96\n > You might want to check both Jibri & JMS firewall rules (TCP 5222)." |  | ||||||
|   T7=0 |  | ||||||
| else |  | ||||||
|   echo -e "Connection succeeded! \xE2\x9C\x94\n" |  | ||||||
|   T7=1 |  | ||||||
| fi |  | ||||||
| 
 |  | ||||||
| TEST_TOTAL=$(awk "BEGIN{ print $T1 + $T2 + $T3 + $T4 + $T5 + $T6 + $T6_1 + $T7 }") |  | ||||||
| echo " |  | ||||||
| ############################## |  | ||||||
|      \ |  | ||||||
| Score: $TEST_TOTAL out of 7.1 |  | ||||||
| ############################## |  | ||||||
| " |  | ||||||
| echo -e "\nJibri Test complete, thanks for testing.\n" |  | ||||||
		Loading…
	
		Reference in New Issue