Compare commits

..

No commits in common. "master" and "v1.0" have entirely different histories.
master ... v1.0

37 changed files with 227 additions and 6222 deletions

1
.gitignore vendored
View File

@ -1 +0,0 @@
qj-installer.log

123
README.md
View File

@ -1,121 +1,16 @@
# Quick Jibri Installer # Quick Jibri Installer
Bash installer for Jitsi Meet standalone along with Jibri on supported **Ubuntu LTS** based systems using **nginx** as default webserver. Bash installer for Jibri on *buntu 16.04 LTS based systems
## Usage
As for our current latest release, as we have integrated more and more features, we highly recommend to use a **purpose specific-newly spawn server** to host the jitsi-meet framework, making sure you stick to the requirements and recommendations as much as possible, in order to avoid issues.
**WARNING:** Please, avoid using this installer on your everyday GNU/Linux system, as this is an unsupported use and it will likely BREAK YOUR SYSTEM, so please don't.
### Main Server
Login into your clean server, clone git repository and run the installer,
```
git clone https://forge.switnet.net/switnet/quick-jibri-installer
cd quick-jibri-installer
sudo bash quick_jibri_installer.sh
```
![QJI - Setup](https://raw.githubusercontent.com/wiki/switnet-ltd/quick-jibri-installer/images/qji-diagram-setup.png)
If your server meet the necessary resources, then at the end on the installer you should have a working Jitsi Meet Server along with a Jibri server ready to record.
Additional jibris need to be set on separate servers, only necesary on simultaneous recordings for that please use add-jibri-node.sh.
### Add Jibri node
Copy the modified `add-jibri-node.sh` file from your early cloned installation directory once the installation is completed, to the new server meant to be a jibri node using your preferred method, then run it
**WARNING:** This file contains sensitive information from your setup, please handle with care.
```
bash add-jibri-node.sh
```
Please remember that on newer versions, jibri will record on FHD (1920x1080) so please make sure your server have enough CPU power in orther to handle the encoding load.
### Add JVB2 node
Copy the modified `add-jvb2-node.sh` file from your early cloned installation directory once the installation is completed, to the new server meant to be a jibri node using your preferred method, then run it
**WARNING:** This file contains sensitive information from your setup, please handle with care.
```
bash add-jvb2-node.sh
```
Check more details on our wiki.
## Requirements
1. Clean VM/VPS/Server using a supported Ubuntu LTS
2. Valid domain with DNS record, **mandatory** for SSL certs via Let's Encrypt.
3. open ports for JMS interaction, [see wiki](https://forge.switnet.net/switnet/quick-jibri-installer/wiki/Firewall).
4. Starting at 8 GB RAM / 4 Cores @ ~3.0GHz
* Adding resources as your audience or features you require, so your experience don't suffer from the lack of resources.
5. Webcam
### Jibri Recodings Access via Nextcloud
* Valid domain with DNS record for Nextcloud SSL.
### Jigasi Transcript
* Enough disk space to run Vosk backend via docker container.
## Kernel warning
For AWS users or any cloud service provider that might use their own kernel on their products (servers/vm/vps), might cause Jibri failure to start due not allowing `snd_aloop` module.
Make sure that you update your grub to boot the right one.
Feel free to use our `test-jibri-env.sh` tool to find some details on your current setup.
## Features ## Features
* Enabled Session Recording via Jibri * Enabled Local (audio) recording using flac
* Rename Jibri folder with name room + date. * Enabled Session (video) Recording using Jibri
* Jibri node network.
* Automatic Jibri nodes network sync ([see more](https://forge.switnet.net/switnet/quick-jibri-installer/wiki/Setup-and-Jibri-Nodes)).
* JRA (Jibri Recordings Access) via Nextcloud
* Grafana Dashboard
* Etherpad via docker install
* Authentication
1. Local
2. JWT ([#87](https://forge.switnet.net/switnet/quick-jibri-installer/issues/87))
3. None
* Lobby Rooms
* Conference Duration
* Customized brandless mode
* Setting up custom interface_config.js (to be deprecated by upstream)
* JVB2 nodes network.
* Enabled Jitsi Electron app detection server side. ## Requirements
* Standalone SSL Certbot/LE implementation * Dropbox developer App key & redirect url configured.
* Improved recurring updater * Valid domain with DNS already set (preferebly).
* Jigasi Transcript - vía Vosk speech recognition toolkit. * Recommended 4 GB RAM / 4 Cores for video recording.
* Webcam
## Tools
* Jibri Environment Tester
* Jibri Conf Upgrader (late 2020).
* Selenium Grid via Docker
* Start over, installation cleansing tool.
## Optional custom changes
* Optional default language
* Option to enable Secure Rooms
* Option to enable Welcome page
* Option to enable Close page
* Option to set domain as hostname on JMS
### Modes
* Custom High Performance config
## Custom changes
* Start with video muted by default
* Start with audio muted but moderator
* Set pre-join screen by default.
## Documentation
* Please check our [wiki](https://forge.switnet.net/switnet/quick-jibri-installer/wiki) for further documentation.
Please note: This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY. SwITNet Ltd © - 2018, https://switnet.net/
SwITNet Ltd © - 2024, https://switnet.net/

View File

@ -1,569 +0,0 @@
#!/bin/bash
# Jibri Node Aggregator
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
### 0_LAST EDITION TIME STAMP ###
# LETS: AUTOMATED_EDITION_TIME
### 1_LAST EDITION ###
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
#Make sure the file name is the required one
if [ ! "$(basename "$0")" = "add-jibri-node.sh" ]; then
echo "For most cases naming won't matter, for this one it does."
echo "Please use the original name for this script: \`add-jibri-node.sh', and run again."
exit
fi
#Check admin rights
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
### 0_VAR_DEF
MAIN_SRV_DIST=TBD
MAIN_SRV_REPO=TBD
MAIN_SRV_DOMAIN=TBD
JibriBrewery=TBD
JB_NAME=TBD
JB_AUTH_PASS=TBD
JB_REC_PASS=TBD
MJS_USER=TBD
MJS_USER_PASS=TBD
JIBRI_RES_CONF=TBD
JIBRI_RES_XORG_CONF=TBD
THIS_SRV_DIST=$(lsb_release -sc)
JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR==1{print$1}')
JIBRI_CONF="/etc/jitsi/jibri/jibri.conf"
DIR_RECORD="/var/jbrecord"
REC_DIR="/home/jibri/finalize_recording.sh"
CHD_VER="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list"
GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}')
GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
#PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)"
NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
NJN_USER="jbnode${ADDUP}_${NJN_RAND_TAIL}"
NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)"
GITHUB_RAW="https://raw.githubusercontent.com"
GIT_REPO="switnet-ltd/quick-jibri-installer"
TEST_JIBRI_ENV="$GITHUB_RAW/$GIT_REPO/unstable/tools/test-jibri-env.sh"
SHORT_ID="$(awk '{print substr($0,0,7)}' /etc/machine-id)"
JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf"
### 1_VAR_DEF
# sed limiters for add-jibri-node.sh variables
var_dlim() {
grep -n "$1" add-jibri-node.sh|head -n1|cut -d ":" -f1
}
check_var() {
if [ "$2" = "TBD" ]; then
echo -e "Check if variable $1 is set: \xE2\x9C\x96"
exit
else
echo -e "Check if variable $1 is set: \xE2\x9C\x94"
fi
}
#Change in favor of machine-id identifier
crontab -l | { cat; echo "@reboot sed -i \"/[[:space:]]control-muc/,/[[:space:]]control-login/{s|nickname = .*|nickname = \\\"$(cat /etc/machine-id)\\\"|}\" /etc/jitsi/jibri/jibri.conf"; } | crontab -
crontab -l
echo "
#-----------------------------------------------------------------------
# Checking initial necessary variables...
#-----------------------------------------------------------------------"
JMS_DATA=("$MAIN_SRV_DIST" \
"$MAIN_SRV_REPO" \
"$MAIN_SRV_DOMAIN" \
"$JibriBrewery" \
"$JB_NAME" \
"$JB_AUTH_PASS" \
"$JB_REC_PASS" \
"$MJS_USER" \
"$MJS_USER_PASS" \
"$JIBRI_RES_CONF" \
"$JIBRI_RES_XORG_CONF")
JMS_EVAL="${JMS_DATA[0]}"
for i in "${JMS_DATA[@]}"; do
if [[ "$JMS_EVAL" != "$i" ]]; then
ALL_TBD="no"
break
fi
done
if [ "$ALL_TBD" = "no" ];then
echo -e "Good, seems this is not a vanilla copy of add-jibri-node.sh,
let's check variables ...\n"
else
echo -e "You seem to be using a vanilla copy of the add-jibri-node.sh.
> Please use the content (or apply the changes) of add-jibri-node.sh from
the main Jitsi server installation folder, as it contains necessary data.\n"
exit
fi
check_var MAIN_SRV_DIST "$MAIN_SRV_DIST"
check_var MAIN_SRV_REPO "$MAIN_SRV_REPO"
check_var MAIN_SRV_DOMAIN "$MAIN_SRV_DOMAIN"
check_var JibriBrewery "$JibriBrewery"
check_var JB_NAME "$JB_NAME"
check_var JB_AUTH_PASS "$JB_AUTH_PASS"
check_var JB_REC_PASS "$JB_REC_PASS"
check_var MJS_USER "$MJS_USER"
check_var MJS_USER_PASS "$MJS_USER_PASS"
check_var JIBRI_RES_CONF "$JIBRI_RES_CONF"
check_var JIBRI_RES_XORG_CONF "$JIBRI_RES_XORG_CONF"
#Check server and node OS
if [ ! "$THIS_SRV_DIST" = "$MAIN_SRV_DIST" ]; then
echo "Please use the same OS for the jibri setup on both servers."
echo "This server is based on: $THIS_SRV_DIST"
echo "The main server record claims is based on: $MAIN_SRV_DIST"
exit
fi
#Check system resources
echo "Verifying System Resources:"
if [ "$(nproc --all)" -lt 4 ];then
echo "
Warning!: The system do not meet the minimum CPU requirements for Jibri to run.
>> We recommend 4 cores/threads for Jibri!
"
CPU_MIN="N"
else
echo "CPU Cores/Threads: OK ($(nproc --all))"
CPU_MIN="Y"
fi
### Test RAM size (8GB min) ###
mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+')
if [ "${mem_available}" -lt 7700000 ]; then
echo "
Warning!: The system do not meet the minimum RAM requirements for Jibri to run.
>> We recommend 8GB RAM for Jibri!
"
MEM_MIN="N"
else
echo "Memory: OK ($((mem_available/1024)) MiB)"
MEM_MIN="Y"
fi
if [ "$CPU_MIN" = "Y" ] && [ "$MEM_MIN" = "Y" ];then
echo "All requirements seems meet!"
echo "
- We hope you have a nice recording/streaming session
"
else
echo "CPU ($(nproc --all))/RAM ($((mem_available/1024)) MiB) does NOT meet minimum recommended requirements!"
echo "Since this is a Jibri node installation there is no point on not having the necessary resources."
echo "We highly advice to increase the resources in order to install this Jibri node."
while [[ "$CONTINUE_LOW_RES" != "yes" && "$CONTINUE_LOW_RES" != "no" ]]
do
read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_LOW_RES
if [ "$CONTINUE_LOW_RES" = "no" ]; then
echo "See you next time with more resources!..."
exit
elif [ "$CONTINUE_LOW_RES" = "yes" ]; then
echo "Please keep in mind that we might not support underpowered nodes."
fi
done
fi
# Rename hostname for each jibri node
hostnamectl set-hostname "jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}"
sed -i "1i 127.0.0.1 jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts
# Jitsi-Meet Repo
echo "Add Jitsi repo"
if [ -z "$JITSI_REPO" ]; then
echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-"$MAIN_SRV_REPO".list
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository don't match, extiting.."
exit
elif [ "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository match, continuing..."
else
echo "Jitsi $JITSI_REPO repository already installed"
fi
# Requirements
echo "We'll start by installing system requirements this may take a while please be patient..."
apt-get update -q2
apt-get dist-upgrade -yq2
apt-get -y install \
apt-show-versions \
bmon \
curl \
ffmpeg \
git \
htop \
inotify-tools \
jq \
rsync \
ssh \
unzip \
wget
check_snd_driver() {
echo -e "\n# Checking ALSA - Loopback module..."
echo "snd-aloop" | tee -a /etc/modules
modprobe snd-aloop
if [ "$(lsmod | grep snd_aloop | head -n 1 | cut -d " " -f1)" = "snd_aloop" ]; then
echo "
#-----------------------------------------------------------------------
# Audio driver seems - OK.
#-----------------------------------------------------------------------"
else
echo "
#-----------------------------------------------------------------------
# Your audio driver might not be able to load.
# We'll check the state of this Jibri with our 'test-jibri-env.sh' tool.
#-----------------------------------------------------------------------"
curl -s "$TEST_JIBRI_ENV" > /tmp/test-jibri-env.sh
#Test tool
if [ "$MODE" = "debug" ]; then
bash /tmp/test-jibri-env.sh -m debug
else
bash /tmp/test-jibri-env.sh
fi
rm /tmp/test-jibri-env.sh
read -n 1 -s -r -p "Press any key to continue..."$'\n'
fi
}
echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")"
if [ "$HWE_VIR_MOD" = "1" ]; then
apt-get -y install \
linux-image-generic-hwe-"$(lsb_release -sr)"
else
apt-get -y install \
linux-image-generic \
linux-modules-extra-"$(uname -r)"
fi
echo "
#--------------------------------------------------
# Install Jibri
#--------------------------------------------------
"
apt-get -y install \
jibri \
openjdk-11-jre-headless
echo "# Installing Google Chrome / ChromeDriver"
if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then
echo "Google repository already set."
else
echo "Installing Google Chrome Stable"
wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add -
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO"
fi
apt-get -q2 update
apt-get install -y google-chrome-stable
rm -rf /etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list
if [ -f /usr/local/bin/chromedriver ]; then
echo "Chromedriver already installed."
else
echo "Installing Chromedriver"
wget -q https://chromedriver.storage.googleapis.com/"$CHD_VER"/chromedriver_linux64.zip -O /tmp/chromedriver_linux64.zip
unzip /tmp/chromedriver_linux64.zip -d /usr/local/bin/
chown root:root /usr/local/bin/chromedriver
chmod 0755 /usr/local/bin/chromedriver
rm -rf /tpm/chromedriver_linux64.zip
fi
echo "
Check Google Software Working...
"
/usr/bin/google-chrome --version
/usr/local/bin/chromedriver --version | awk '{print$1,$2}'
echo '
########################################################################
Start Jibri configuration
########################################################################
'
echo "
Remove Chrome warning...
"
mkdir -p /etc/opt/chrome/policies/managed
echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON"
# Recording directory
if [ ! -d "$DIR_RECORD" ]; then
mkdir "$DIR_RECORD"
fi
chown -R jibri:jibri "$DIR_RECORD"
cat << REC_DIR > "$REC_DIR"
#!/bin/bash
RECORDINGS_DIR="$DIR_RECORD"
echo "This is a dummy finalize script" > /tmp/finalize.out
echo "The script was invoked with recordings directory $RECORDINGS_DIR." >> /tmp/finalize.out
echo "You should put any finalize logic (renaming, uploading to a service" >> /tmp/finalize.out
echo "or storage provider, etc.) in this script" >> /tmp/finalize.out
chmod -R 770 \$RECORDINGS_DIR
#Rename folder.
LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -n -r|awk '{print\$2}'| grep -v "meta\|-" | head -n1)"
NJF_NAME="\$(find \$LJF_PATH |grep -e "-"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)"
NJF_PATH="\$RECORDINGS_DIR/\$NJF_NAME"
##Prevent empty recording directory failsafe
if [ "\$LJF_PATH" != "\$RECORDINGS_DIR" ]; then
mv \$LJF_PATH \$NJF_PATH
#Workaround for jibri to do cleaning.
ssh -i /home/jibri/jbsync.pem $MJS_USER@$MAIN_SRV_DOMAIN "rm -r \$LJF_PATH"
else
echo "No new folder recorded, not removing anything."
fi
exit 0
REC_DIR
chown jibri:jibri "$REC_DIR"
chmod +x "$REC_DIR"
## New Jibri Config (2020)
mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file
cat << NEW_CONF > "$JIBRI_CONF"
// New XMPP environment config.
jibri {
streaming {
// A list of regex patterns for allowed RTMP URLs. The RTMP URL used
// when starting a stream must match at least one of the patterns in
// this list.
rtmp-allow-list = [
// By default, all services are allowed
".*"
]
}
ffmpeg {
resolution = "$JIBRI_RES_CONF"
}
chrome {
// The flags which will be passed to chromium when launching
flags = [
"--use-fake-ui-for-media-stream",
"--start-maximized",
"--kiosk",
"--enabled",
"--disable-infobars",
"--autoplay-policy=no-user-gesture-required",
"--ignore-certificate-errors",
"--disable-dev-shm-usage"
]
}
stats {
enable-stats-d = true
}
call-status-checks {
// If all clients have their audio and video muted and if Jibri does not
// detect any data stream (audio or video) comming in, it will stop
// recording after NO_MEDIA_TIMEOUT expires.
no-media-timeout = 30 seconds
// If all clients have their audio and video muted, Jibri consideres this
// as an empty call and stops the recording after ALL_MUTED_TIMEOUT expires.
all-muted-timeout = 10 minutes
// When detecting if a call is empty, Jibri takes into consideration for how
// long the call has been empty already. If it has been empty for more than
// DEFAULT_CALL_EMPTY_TIMEOUT, it will consider it empty and stop the recording.
default-call-empty-timeout = 30 seconds
}
recording {
recordings-directory = $DIR_RECORD
finalize-script = $REC_DIR
}
api {
xmpp {
environments = [
{
// A user-friendly name for this environment
name = "$JB_NAME"
// A list of XMPP server hosts to which we'll connect
xmpp-server-hosts = [ "$MAIN_SRV_DOMAIN" ]
// The base XMPP domain
xmpp-domain = "$MAIN_SRV_DOMAIN"
// The MUC we'll join to announce our presence for
// recording and streaming services
control-muc {
domain = "internal.auth.$MAIN_SRV_DOMAIN"
room-name = "$JibriBrewery"
nickname = "machine-id"
}
// The login information for the control MUC
control-login {
domain = "auth.$MAIN_SRV_DOMAIN"
username = "jibri"
password = "$JB_AUTH_PASS"
}
// An (optional) MUC configuration where we'll
// join to announce SIP gateway services
// sip-control-muc {
// domain = "domain"
// room-name = "room-name"
// nickname = "nickname"
// }
// The login information the selenium web client will use
call-login {
domain = "recorder.$MAIN_SRV_DOMAIN"
username = "recorder"
password = "$JB_REC_PASS"
}
// The value we'll strip from the room JID domain to derive
// the call URL
strip-from-room-domain = "conference."
// How long Jibri sessions will be allowed to last before
// they are stopped. A value of 0 allows them to go on
// indefinitely
usage-timeout = 0 hour
// Whether or not we'll automatically trust any cert on
// this XMPP domain
trust-all-xmpp-certs = true
}
]
}
}
}
NEW_CONF
#Jibri xorg resolution
sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" "$JIBRI_XORG_CONF"
echo -e "\n---- Create random nodesync user ----"
useradd -m -g jibri "$NJN_USER"
echo "$NJN_USER:$NJN_USER_PASS" | chpasswd
echo -e "\n---- We'll connect to main server ----"
read -n 1 -s -r -p "Press any key to continue..."$'\n'
sudo su "$NJN_USER" -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
#Workaround for jibri to do cleaning.
install -m 0600 -o jibri /home/"$NJN_USER"/.ssh/id_rsa /home/jibri/jbsync.pem
sudo su jibri -c "install -D /dev/null /home/jibri/.ssh/known_hosts"
sudo su jibri -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts"
echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n"
ssh-keyscan -t rsa "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts
ssh "$MJS_USER"@"$MAIN_SRV_DOMAIN" sh -c "'cat >> .ssh/authorized_keys'" < /home/"$NJN_USER"/.ssh/id_rsa.pub
sudo su "$NJN_USER" -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts"
echo -e "\n---- Setup Log system ----"
cat << INOT_RSYNC > /etc/jitsi/jibri/remote-jbsync.sh
#!/bin/bash
# Log process
exec 3>&1 4>&2
trap 'exec 2>&4 1>&3' 0 1 2 3
exec 1>/var/log/"$NJN_USER"/remote_jnsync.log 2>&1
# Run sync
while true; do
inotifywait -t 60 -r -e modify,attrib,close_write,move,delete "$DIR_RECORD"
sudo su "$NJN_USER" -c "rsync -Aax --info=progress2 --remove-source-files --exclude '.*/' $DIR_RECORD/ $MJS_USER@$MAIN_SRV_DOMAIN:$DIR_RECORD"
find "$DIR_RECORD" -depth -type d -empty -not -path "$DIR_RECORD" -delete
done
INOT_RSYNC
mkdir /var/log/"$NJN_USER"
cat << LOG_ROT > /etc/logrotate.d/"$NJN_USER"
/var/log/"$NJN_USER"/*.log {
monthly
missingok
rotate 12
compress
notifempty
create 0640 root root
sharedscripts
postrotate
service remote_jnsync restart
endscript
}
LOG_ROT
echo -e "\n---- Create systemd service file ----"
cat << REMOTE_SYNC_SERVICE > /etc/systemd/system/remote_jnsync.service
[Unit]
Description = Sync Node to Main Jibri Service
After = network.target
[Service]
PIDFile = /run/syncservice/remote_jnsync.pid
User = root
Group = root
WorkingDirectory = /var
ExecStartPre = /bin/mkdir /run/syncservice
ExecStartPre = /bin/chown -R root:root /run/syncservice
ExecStart = /bin/bash /etc/jitsi/jibri/remote-jbsync.sh
ExecReload = /bin/kill -s HUP \$MAINPID
ExecStop = /bin/kill -s TERM \$MAINPID
ExecStopPost = /bin/rm -rf /run/syncservice
PrivateTmp = true
[Install]
WantedBy = multi-user.target
REMOTE_SYNC_SERVICE
chmod 755 /etc/systemd/system/remote_jnsync.service
systemctl daemon-reload
systemctl enable remote_jnsync.service
systemctl start remote_jnsync.service
#Enable jibri services
systemctl enable jibri
systemctl enable jibri-xorg
systemctl enable jibri-icewm
check_snd_driver
echo "
########################################################################
Node addition complete!!
For customized support: http://switnet.net
########################################################################
"
echo "Make sure to reboot, it's necessary before *any* usage.
Rebooting in..."
secs=$((15))
while [ "$secs" -gt 0 ]; do
echo -ne "$secs\033[0K\r"
sleep 1
: $((secs--))
done
reboot

View File

@ -1,309 +0,0 @@
#!/bin/bash
# JVB2 Node Aggregator
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
### 0_LAST EDITION TIME STAMP ###
# LETS: AUTOMATED_EDITION_TIME
### 1_LAST EDITION ###
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
#Make sure the file name is the required one
if [ ! "$(basename "$0")" = "add-jvb2-node.sh" ]; then
echo "For most cases naming won't matter, for this one it does."
echo "Please use the original name for this script: \`add-jvb2-node.sh', and run again."
exit
fi
#Check admin rights
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
### 0_VAR_DEF
MAIN_SRV_DIST=TBD
MAIN_SRV_REPO=TBD
MAIN_SRV_DOMAIN=TBD
JVB_HOSTNAME=TBD
JVB_HOST=TBD
JVB_PORT=TBD
JVB_SECRET=TBD
JVB_OPTS=TBD
SYS_PROPS=TBD
AWS_HARVEST=TBD
STUN_MAPPING=TBD
ENABLE_STATISTICS=TBD
SHARD_HOSTNAME=TBD
SHARD_DOMAIN=TBD
SHARD_PASS=TBD
MUC_JID=TBD
#MJS_USER=TBD
#MJS_USER_PASS=TBD
#START=0
#LAST=TBD
THIS_SRV_DIST=$(lsb_release -sc)
JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR==1{print$1}')
JVB2_CONF="/etc/jitsi/videobridge/config"
JVB2_NCONF="/etc/jitsi/videobridge/jvb.conf"
JVB2_SIP="/etc/jitsi/videobridge/sip-communicator.properties"
SHORT_ID="$(awk '{print substr($0,0,7)}' /etc/machine-id)"
#PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)"
#GITHUB_RAW="https://raw.githubusercontent.com"
#GIT_REPO="switnet-ltd/quick-jibri-installer"
### 1_VAR_DEF
# sed limiters for add-jvb2-node.sh variables
var_dlim() {
grep -n "$1" add-jvb2-node.sh|head -n1|cut -d ":" -f1
}
check_var() {
if [ -z "$2" ]; then
echo -e "Check if variable $1 is set: \xE2\x9C\x96 \nExiting..."
exit
else
echo -e "Check if variable $1 is set: \xE2\x9C\x94"
fi
}
#Check server and node OS
if [ ! "$THIS_SRV_DIST" = "$MAIN_SRV_DIST" ]; then
echo "Please use the same OS for the JVB2 setup on both servers."
echo "This server is based on: $THIS_SRV_DIST"
echo "The main server record claims is based on: $MAIN_SRV_DIST"
exit
fi
#Check system resources
echo "Verifying System Resources:"
if [ "$(nproc --all)" -lt 4 ];then
echo "
Warning!: The system do not meet the CPU recomendations for a JVB node for heavy loads.
>> We recommend 4 cores/threads or above for JVB2!
"
CPU_MIN="N"
else
echo "CPU Cores/Threads: OK ($(nproc --all))"
CPU_MIN="Y"
fi
### Test RAM size (8GB min) ###
mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+')
if [ "${mem_available}" -lt 7700000 ]; then
echo "
Warning!: The system do not meet the CPU recomendations for a JVB node for heavy loads.
>> We recommend 8GB RAM or above for JVB2!
"
MEM_MIN="N"
else
echo "Memory: OK ($((mem_available/1024)) MiB)"
MEM_MIN="Y"
fi
if [ "$CPU_MIN" = "Y" ] && [ "$MEM_MIN" = "Y" ];then
echo "All requirements seems meet!"
echo "
- We hope you have a nice recording/streaming session
"
else
echo "CPU ($(nproc --all))/RAM ($((mem_available/1024)) MiB) does NOT meet minimum recommended requirements!"
echo "We highly advice to increase the resources in order to install this JVB2 node."
while [[ "$CONTINUE_LOW_RES" != "yes" && "$CONTINUE_LOW_RES" != "no" ]]
do
read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_LOW_RES
if [ "$CONTINUE_LOW_RES" = "no" ]; then
echo "See you next time with more resources!..."
exit
elif [ "$CONTINUE_LOW_RES" = "yes" ]; then
echo "Please keep in mind that we might not support underpowered nodes."
fi
done
fi
echo "
#-----------------------------------------------------------------------
# Checking initial necessary variables...
#-----------------------------------------------------------------------"
check_var JVB_HOSTNNAME "$JVB_HOSTNAME"
if [ -z "$JVB_HOST" ]; then
echo "JVB_HOST is empty, but it may be ok for it to be empty, skipping empty test."
else
check_var JVB_HOST "$JVB_HOST"
fi
check_var JVB_PORT "$JVB_PORT"
check_var JVB_SECRET "$JVB_SECRET"
check_var JVB_OPTS "$JVB_OPTS"
check_var SYS_PROPS "$SYS_PROPS"
check_var AWS_HARVEST "$AWS_HARVEST"
check_var STUN_MAPPING "$STUN_MAPPING"
check_var ENABLE_STATISTICS "$ENABLE_STATISTICS"
check_var SHARD_HOSTNAME "$SHARD_HOSTNAME"
check_var SHARD_DOMAIN "$SHARD_DOMAIN"
check_var SHARD_PASS "$SHARD_PASS"
check_var MUC_JID "$MUC_JID"
check_var MAIN_SRV_DOMAIN "$MAIN_SRV_DOMAIN"
# Rename hostname for each jvb2 node
hostnamectl set-hostname "jvb_${SHORT_ID}.${MAIN_SRV_DOMAIN}"
sed -i "1i 127.0.0.1 jvb_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts
# Jitsi-Meet Repo
echo "Add Jitsi repo"
if [ -z "$JITSI_REPO" ]; then
echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-"$MAIN_SRV_REPO".list
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository don't match, extiting.."
exit
elif [ "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository match, continuing..."
else
echo "Jitsi $JITSI_REPO repository already installed"
fi
# Requirements
echo "We'll start by installing system requirements this may take a while please be patient..."
apt-get update -q2
apt-get dist-upgrade -yq2
apt-get -y install \
apt-show-versions \
bmon \
curl \
git \
htop \
ssh \
unzip \
wget
echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD="$(apt-cache madison linux-modules-extra-virtual-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c "extra-virtual-hwe")"
if [ "$HWE_VIR_MOD" == "1" ]; then
apt-get -y install \
linux-image-generic-hwe-"$(lsb_release -sr)" \
linux-modules-extra-virtual-hwe-"$(lsb_release -sr)"
else
apt-get -y install \
linux-modules-extra-"$(uname -r)"
fi
echo "
#--------------------------------------------------
# Install JVB2
#--------------------------------------------------
"
echo "jitsi-videobridge jitsi-videobridge/jvb-hostname string $MAIN_SRV_DOMAIN" | debconf-set-selections
apt-get -y install \
jitsi-videobridge2 \
openjdk-8-jre-headless
echo '
########################################################################
Start JVB2 configuration
########################################################################
'
mv $JVB2_CONF ${JVB2_CONF}-dpkg-file
## JVB2 - CONFIG
cat << JVB2_CONF > $JVB2_CONF
# Jitsi Videobridge settings
# sets the XMPP domain (default: none)
JVB_HOSTNAME=$JVB_HN
# sets the hostname of the XMPP server (default: domain if set, localhost otherwise)
JVB_HOST=$JVB_HOST
# sets the port of the XMPP server (default: 5275)
JVB_PORT=$JVB_PORT
# sets the shared secret used to authenticate to the XMPP server
JVB_SECRET=$JVB_SECRET
# extra options to pass to the JVB daemon
JVB_OPTS=$JVB_OPTS
# adds java system props that are passed to jvb (default are for home and logging config file)
JAVA_SYS_PROPS=$SYS_PROPS
JVB2_CONF
mv $JVB2_SIP $JVB2_SIP-dpkg-file
## JVB2 - SIP
cat << JVB2_SIP > $JVB2_SIP
# Legacy conf file, new format already at
# /etc/jitsi/videobridge/jvb.conf
# --add-jvb2-node.sh
JVB2_SIP
echo -e "\n---- Setting new config format for jvb2 node. ----"
sed -i '${/\}/d;}' $JVB2_NCONF
cat << JVB2 >> $JVB2_NCONF
stats {
# Enable broadcasting stats/presence in a MUC
enabled = true
transports = [
{ type = "muc" }
]
}
apis {
xmpp-client {
configs {
# Connect to the first XMPP server
xmpp-server-$ADDUP {
hostname="$MAIN_SRV_DOMAIN"
domain = "auth.$MAIN_SRV_DOMAIN"
username = "jvb"
password = "$SHARD_PASS"
muc_jids = "JvbBrewery@internal.auth.$MAIN_SRV_DOMAIN"
# The muc_nickname must be unique across all jitsi-videobridge instances
muc_nickname = "jvb2-$ADDUP"
disable_certificate_verification = true
}
}
}
}
}
JVB2
#Enable jvb2 services
systemctl enable jitsi-videobridge2.service
systemctl restart jitsi-videobridge2.service
echo "
########################################################################
Node addition complete!!
For customized support: http://switnet.net
########################################################################
"
echo "Rebooting in..."
secs=$((15))
while [ $secs -gt 0 ]; do
echo -ne "$secs\033[0K\r"
sleep 1
: $((secs--))
done
reboot

136
changelog
View File

@ -1,136 +0,0 @@
quick-jibri-installer (7.3.0)
* excalibur: add installer for whiteboard feature.
* quick_jibri_installer.sh: add excalidraw whiteboard backend
disable jigasi selector
add sed check test
update features list
* misc: update repository address to new home.
* misc: update year to late 2023.
-- Software, IT & Networks <info@switnet.net> Sat, 11 Nov 2023 21:18:29 -0600
quick-jibri-installer (7.2.1)
* changelog: update previous version.
* quick_jibri_installer.sh: fix deprecated nodejs repo setup,
add printwc function
-- Software, IT & Networks <info@switnet.net> Sun, 22 Oct 2023 17:00:30 -0600
quick-jibri-installer (7.2.0)
* changelog: update previous version.
* quick_jibri_installer.sh: rearrange chromedriver variables.
* quick_jibri_installer.sh: fix empty varible usage.
* quick_jibri_installer.sh: update nodejs to a stable release.
* quick_jibri_installer.sh,jitsi-updater.sh: update chromedriver 115+ version download.
* jra_nextcloud.sh: organize functions, add apt checks, higher password lenght and small fixes.
* jitsi-updater.sh: fix check chrome driver version.
-- Software, IT & Networks <info@switnet.net> Wed Aug 23 00:51:24 2023 -0600
quick-jibri-installer (7.1.0)
* changelog: add changelog
* quick_jibri_installer.sh: increase support to 22.04
fix key aggregation and remove deprecated letsencrypt ppa
* etherpad-docker.sh: fix key aggregation and variable collection.
* grafana.sh: fix gpg key aggregation
* jm-bm.sh: tweak sed
* jra_nextcloud.sh: fix key aggregation and variable collection.
* jra_nextcloud.sh: fix add gpg key function and add install available version package
* jra_nextcloud.sh: small fix for install_aval_package function
-- Software, IT & Networks <info@switnet.net> Wed Feb 22 05:56:20 2023 -0600
quick-jibri-installer (7.0.8)
* jitsi-updater.sh: add checks for openjdk and nodejs supported versions
* add-jibri-node.sh: set openjdk-jre-headless default version to 11
* changelog: add changelog
-- Software, IT & Networks <info@switnet.net> Tue Nov 15 02:56:26 2022 -0600
quick-jibri-installer (7.0.7)
* quick_jibri_installer.sh: fix jaas & acme integration
-- Software, IT & Networks <info@switnet.net> Sun Oct 23 23:52:23 2022 -0500
quick-jibri-installer (7.0.6)
* jitsi-updater.sh: fix jitsi repo package update filtering.
-- Software, IT & Networks <info@switnet.net> Fri Sep 30 04:04:31 2022 -0500
quick-jibri-installer (7.0.5)
* quick_jibri_installer.sh: use new setup to enable local recording feature.
-- Software, IT & Networks <info@switnet.net> Fri Aug 19 07:23:41 2022 -0500
quick-jibri-installer (7.0.4)
* quick_jibri_installer.sh,jwt.sh: update anonymous string on prosody setup.
-fix small format issues.
-- Software, IT & Networks <info@switnet.net> Fri Aug 19 06:47:21 2022 -0500
quick-jibri-installer (7.0.3)
* jitsi-updater: fix condition to set turn config.
* quick-jibri-installer: fix typo on path.
-- Software, IT & Networks <info@switnet.net> Thu Jun 30 09:57:12 2022 -0500
quick-jibri-installer (7.0.2)
* Detect jibri node by jitsi-updater.
-- Software, IT & Networks <info@switnet.net> Fri Jun 17 16:36:15 2022 -0500
quick-jibri-installer (7.0.1)
* Fix debug mode on triggered scripts.
* Fix grep condition.
-- Software, IT & Networks <info@switnet.net> Mon May 23 23:17:39 2022 -0500
quick-jibri-installer (7.0)
* Major rework, comply with shellcheck
## Add
* Add experimental tool for AWS grub setup.
## Fix
* Fix grafana configuration
* Actually apply changes to nginx conf instead of symlink.
* Actually require to run with admin rights.
* Improve comments.
* Rename and fix set_once function.
* Fix jibri domain.
## Improve
* Comply mode section with shellcheck recommendations.
* Comply tools section with shellcheck recommendations.
* Comply main scripts with shellcheck recommendations.
* Improve shell quality
* Change JDK version to 11
* Make warning visible.
* Change email position, and small fixes
* Several indenting changes
* Set warning instead of "note".
* Yet again more fixes on echo and printf
* Standarize jra_nextcloud
* Add comment on debconf state
* Update SwITNet copyright and standarize debug option for scripts.
## Remove
* Rename deprecated scripts folder
* Remove old
* Remove unused code
* Finally remove jigasi deprecated script.
-- Software, IT & Networks <info@switnet.net> Fri May 20 20:07:02 2022 -0500

View File

@ -1,307 +0,0 @@
#!/bin/bash
# Quick Jigasi Installer - *buntu (LTS) based systems.
# SwITNet Ltd © - 2020, https://switnet.net/
# GPLv3 or later.
##################### Whistlist #######################
# Saves final transcript in translated languages #130 -
# https://github.com/jitsi/jigasi/pull/130
#######################################################
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
clear
echo '
########################################################################
Jigasi Transcript addon
########################################################################
by Software, IT & Networks Ltd
'
JIGASI_CONFIG="/etc/jitsi/jigasi/config"
GC_API_JSON="/opt/gc-sdk/GCTranscriptAPI.json"
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
MEET_CONF="/etc/jitsi/meet/${DOMAIN}-config.js"
JIG_SIP_CONF="/etc/jitsi/jigasi/config"
JIG_SIP_PROP="/etc/jitsi/jigasi/sip-communicator.properties"
JIC_SIP_PROP="/etc/jitsi/jicofo/sip-communicator.properties"
JIG_TRANSC_PASWD="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 8 | head -n1)"
JIG_TRANSC_PASWD_B64="$(echo -n "$JIG_TRANSC_PASWD" | base64)"
DIST="$(lsb_release -sc)"
CHECK_GC_REPO="$(apt-cache policy | grep http | grep cloud-sdk | head -n1 | awk '{print $3}' | awk -F '/' '{print $1}')"
install_gc_repo() {
if [ "$CHECK_GC_REPO" = "cloud-sdk-$DIST" ]; then
echo "
Google Cloud SDK repository already on the system!
"
else
echo "
Adding Google Cloud SDK repository for latest updates
"
export CLOUD_SDK_REPO="cloud-sdk-$DIST"
echo "deb http://packages.cloud.google.com/apt $CLOUD_SDK_REPO main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
fi
}
install_gc_repo
apt-get -q2 update
apt-get -y install google-cloud-sdk google-cloud-sdk-app-engine-java
echo "Please select one of the current options:
[1] I want to configure a new project, service account, billing and JSON credentials.
[2] I already have one project configured and already have a JSON key file from Google"
while [[ "$SETUP_TYPE" != "1" && "$SETUP_TYPE" != "2" ]]
do
read -p "What option suits your setup?: (1 or 2)"$'\n' -r SETUP_TYPE
if [ "$SETUP_TYPE" = "1" ]; then
echo "We'll setup a GC Projects from scratch"
elif [ "$SETUP_TYPE" = "2" ]; then
echo "We'll setup only the project and JSON key."
fi
done
if [ "$SETUP_TYPE" = 1 ]; then
### Start of new project configuration - Google SDK
#Setup option 1 - Google Cloud SDK
echo "Once logged on Google Cloud SDK, please create a new project (last option)."
gcloud init
read -p "Enter the project name you just created for Jigasi Speech-to-Text"$'\n' -r GC_PROJECT_NAME
#Second login - Google Auth Library
echo "Login to Google Auth Library"
gcloud auth application-default login
# Start Google Cloud Configuration - Application Service
GC_MEMBER=transcript
echo "Checking if project exist..."
PROJECT_GC_ID="$(gcloud projects list | grep "$GC_PROJECT_NAME" | awk '{print$3}')"
while [ -z "$PROJECT_GC_ID" ]
do
read -p "Enter the project name you just created for Jigasi Speech-to-Text"$'\n' -r GC_PROJECT_NAME
if [ -z "$PROJECT_GC_ID" ]; then
echo "Please check your project name,"
echo "There is no project listed with the provided name: $GC_PROJECT_NAME"
PROJECT_GC_ID="$(gcloud projects list | grep "$GC_PROJECT_NAME" | awk '{print$3}')"
fi
done
echo "Your $GC_PROJECT_NAME ID's project is: $PROJECT_GC_ID"
# Enable Speech2Text
echo "Important: Please enable billing on your project using the following URL:
https://console.developers.google.com/project/$PROJECT_GC_ID/settings"
echo "Checking billing..."
CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)"
while [[ $? -eq 1 ]]
do
CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)"
if [[ $? -eq 1 ]]; then
echo "Seems you haven't enabled billing for this project: $GC_PROJECT_NAME"
echo " For that go to: https://console.developers.google.com/project/$PROJECT_GC_ID/settings
"
read -rp "Press Enter to continue"
CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)"
fi
done
echo "Billing account seems setup, continuing..."
gcloud iam service-accounts create "$GC_MEMBER"
gcloud projects add-iam-policy-binding "$GC_PROJECT_NAME" \
--member serviceAccount:"$GC_MEMBER"@"$GC_PROJECT_NAME".iam.gserviceaccount.com \
--role roles/editor
echo "Setup credentials:"
echo "Please go and download your valid json key at:
https://console.developers.google.com/apis/credentials?folder=&organizationId=&project=$GC_PROJECT_NAME"
### End of new project configuration - Google SDK
fi
if [ "$SETUP_TYPE" = "2" ]; then
#Setup option 1 - Google Cloud SDK
echo "Once logged on Google Cloud SDK, please select the project that owns to the JSON key."
gcloud init
echo "Login to Google Auth Library"
gcloud auth application-default login
fi
echo "Setting up JSON key file..."
sleep 2
mkdir /opt/gc-sdk/
cat << KEY_JSON > "$GC_API_JSON"
#
# Paste below this comment your GC JSON key for the service account:
# $GC_MEMBER@$GC_PROJECT_NAME.iam.gserviceaccount.com
#
# Visit the following URL and create a *Service Account Key*:
# https://console.developers.google.com/apis/credentials?folder=&organizationId=&project=$GC_PROJECT_NAME
# These comment lines will be deleted afterwards.
#
KEY_JSON
chmod 644 "$GC_API_JSON"
nano "$GC_API_JSON"
sed -i '/^#/d' "$GC_API_JSON"
CHECK_JSON_KEY="$(cat "$GC_API_JSON" | python -m json.tool 2>/dev/null)"
while [[ $? -eq 1 ]]
do
CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)"
if [[ $? -eq 1 ]]; then
echo "Check again your JSON file, syntax doesn't seem right"
sleep 2
nano $GC_API_JSON
CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)"
fi
done
echo "
Great, seems your JSON key syntax is fine.
"
sleep 2
export GOOGLE_APPLICATION_CREDENTIALS=$GC_API_JSON
echo "Installing Jigasi, your SIP credentials will be asked. (mandatory)"
apt-get -y install jigasi
#apt-mark hold jigasi
cat << JIGASI_CONF >> "$JIGASI_CONFIG"
GOOGLE_APPLICATION_CREDENTIALS=$GC_API_JSON
JIGASI_CONF
echo "Your Google Cloud credentials are at $GC_API_JSON"
echo "Setting up Jigasi transcript with current platform..."
#Connect callcontrol
sed -i "s|// call_control:|call_control:|" "$MEET_CONF"
sed -i "s|// transcribingEnabled|transcribingEnabled|" "$MEET_CONF"
sed -i "/transcribingEnabled/ s|false|true|" "$MEET_CONF"
#siptest2siptest@domain.con
#changed from conference to internal.auth from jibri
sed -i "s|siptest|siptest@internal.auth.$DOMAIN|" "$JIG_SIP_PROP"
#Disable component in favor of MUC
if [ "$(grep -c nocomponent "$JIG_SIP_CONF")" != 0 ]; then
echo "Jigasi component is already disabled."
else
echo "Disabling jigasi component in favor of MUC"
sed -i "s|JIGASI_OPTS=.*|JIGASI_OPTS=\"--nocomponent=true\"|" "$JIG_SIP_CONF"
fi
#Setup XMPP
cat << ACC1_XMPP >> "$JIG_SIP_PROP"
# XMPP account used for control
net.java.sip.communicator.impl.protocol.jabber.acc1=acc1
net.java.sip.communicator.impl.protocol.jabber.acc1.ACCOUNT_UID=Jabber:jigasi@auth.$DOMAIN@$DOMAIN
net.java.sip.communicator.impl.protocol.jabber.acc1.USER_ID=jigasi@auth.$DOMAIN
net.java.sip.communicator.impl.protocol.jabber.acc1.IS_SERVER_OVERRIDDEN=true
net.java.sip.communicator.impl.protocol.jabber.acc1.SERVER_ADDRESS=$DOMAIN
net.java.sip.communicator.impl.protocol.jabber.acc1.SERVER_PORT=5222
net.java.sip.communicator.impl.protocol.jabber.acc1.PASSWORD=$JIG_TRANSC_PASWD_B64
net.java.sip.communicator.impl.protocol.jabber.acc1.AUTO_GENERATE_RESOURCE=true
net.java.sip.communicator.impl.protocol.jabber.acc1.RESOURCE_PRIORITY=30
net.java.sip.communicator.impl.protocol.jabber.acc1.IS_CARBON_DISABLED=true
net.java.sip.communicator.impl.protocol.jabber.acc1.DEFAULT_ENCRYPTION=true
net.java.sip.communicator.impl.protocol.jabber.acc1.IS_USE_ICE=true
net.java.sip.communicator.impl.protocol.jabber.acc1.IS_ACCOUNT_DISABLED=false
net.java.sip.communicator.impl.protocol.jabber.acc1.IS_PREFERRED_PROTOCOL=false
net.java.sip.communicator.impl.protocol.jabber.acc1.AUTO_DISCOVER_JINGLE_NODES=false
net.java.sip.communicator.impl.protocol.jabber.acc1.PROTOCOL=Jabber
net.java.sip.communicator.impl.protocol.jabber.acc1.IS_USE_UPNP=false
net.java.sip.communicator.impl.protocol.jabber.acc1.USE_DEFAULT_STUN_SERVER=true
net.java.sip.communicator.impl.protocol.jabber.acc1.ENCRYPTION_PROTOCOL.DTLS-SRTP=0
net.java.sip.communicator.impl.protocol.jabber.acc1.ENCRYPTION_PROTOCOL_STATUS.DTLS-SRTP=true
net.java.sip.communicator.impl.protocol.jabber.acc1.VIDEO_CALLING_DISABLED=true
net.java.sip.communicator.impl.protocol.jabber.acc1.OVERRIDE_ENCODINGS=true
net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.G722/8000=705
net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.GSM/8000=0
net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.H263-1998/90000=0
net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.H264/90000=0
net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.PCMA/8000=0
net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.PCMU/8000=0
net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/12000=0
net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/16000=0
net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/24000=0
net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.SILK/8000=0
net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.VP8/90000=0
net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.iLBC/8000=0
net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.opus/48000=750
net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.speex/16000=0
net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.speex/32000=0
net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.speex/8000=0
net.java.sip.communicator.impl.protocol.jabber.acc1.Encodings.telephone-event/8000=0
net.java.sip.communicator.impl.protocol.jabber.acc1.BREWERY=JigasiBreweryRoom@internal.auth.$DOMAIN
net.java.sip.communicator.impl.protocol.jabber.acc1.DOMAIN_BASE=$DOMAIN
org.jitsi.jigasi.MUC_SERVICE_ADDRESS=conference.$DOMAIN
org.jitsi.jigasi.BREWERY_ENABLED=true
org.jitsi.jigasi.HEALTH_CHECK_SIP_URI=""
org.jitsi.jigasi.HEALTH_CHECK_INTERVAL=300000
org.jitsi.jigasi.HEALTH_CHECK_TIMEOUT=600000
org.jitsi.jigasi.xmpp.acc.IS_SERVER_OVERRIDDEN=true
#org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=$DOMAIN
org.jitsi.jigasi.xmpp.acc.VIDEO_CALLING_DISABLED=true
org.jitsi.jigasi.xmpp.acc.JINGLE_NODES_ENABLED=false
org.jitsi.jigasi.xmpp.acc.AUTO_DISCOVER_STUN=false
org.jitsi.jigasi.xmpp.acc.IM_DISABLED=true
org.jitsi.jigasi.xmpp.acc.SERVER_STORED_INFO_DISABLED=true
org.jitsi.jigasi.xmpp.acc.IS_FILE_TRANSFER_DISABLED=true
org.jitsi.jigasi.xmpp.acc.USER_ID=jigasi@auth.$DOMAIN
org.jitsi.jigasi.xmpp.acc.PASS=$JIG_TRANSC_PASWD
org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false
org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true
ACC1_XMPP
#Enable transcription config
sed -i "/ENABLE_TRANSCRIPTION/ s|#||" "$JIG_SIP_PROP"
sed -i "/ENABLE_TRANSCRIPTION/ s|false|true|" "$JIG_SIP_PROP"
sed -i "/ENABLE_SIP/ s|#||" "$JIG_SIP_PROP"
sed -i "/ENABLE_SIP/ s|true|false|" "$JIG_SIP_PROP"
#Transcript format
sed -i "/SAVE_JSON/ s|# ||" "$JIG_SIP_PROP"
sed -i "/SEND_JSON/ s|# ||" "$JIG_SIP_PROP"
sed -i "/SAVE_TXT/ s|# ||" "$JIG_SIP_PROP"
sed -i "/SEND_TXT/ s|# ||" "$JIG_SIP_PROP"
#sed -i "/SEND_TXT/ s|false|true|" $JIG_SIP_PROP
#Allow to connect other than same server only.
sed -i \
"/xmpp.acc.SERVER_ADDRESS/ s|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=.*|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=$DOMAIN|" \
"$JIG_SIP_PROP"
#Remember to study how to use LE or what's needed #ToDo
sed -i "/ALWAYS_TRUST_MODE_ENABLED/ s|# ||" "$JIG_SIP_PROP"
prosodyctl register jigasi auth."$DOMAIN" "$JIG_TRANSC_PASWD"
#Set Brewery
cat << JIG_JIC >> "$JIC_SIP_PROP"
org.jitsi.jicofo.jigasi.BREWERY=JigasiBreweryRoom@internal.auth.$DOMAIN
JIG_JIC
systemctl restart prosody \
jicofo \
jibri* \
jitsi-videobridge2
echo "
Full transcript files are available at:
--> /var/lib/jigasi/transcripts/
"
echo "
Happy transcripting!
"

View File

@ -1,157 +0,0 @@
#!/bin/bash
# Etherpad Installer for Jitsi Meet
# SwITNet Ltd © - 2024, https://switnet.net/
#
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
clear
echo '
########################################################################
Etherpad Docker addon
########################################################################
by Software, IT & Networks Ltd
'
FORGE_REPO="https://forge.switnet.net/switnet/quick-jibri-installer"
check_apt_policy() {
apt-cache policy 2>/dev/null| awk "/$1/{print \$3}" | awk -F '/' 'NR==1{print$2}'
}
install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " $1 is installed, skipping..."
else
echo -e "\n---- Installing $1 ----"
apt-get -yq2 install "$1"
fi
}
# Test for matches
test_match() {
if grep -q "$1" "$2" ; then
echo "$(basename "$2") - OK..."
else
echo "$(basename "$2"), FAIL..."
echo "Please report this to $FORGE_REPO"
exit
fi
}
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
PSGVER="$(apt-cache madison postgresql|tr -d '[:blank:]'|awk -F'[|+]' 'NR==1{print $2}')"
ETHERPAD_DB_USER="dockerpad"
ETHERPAD_DB_NAME="etherpad"
ETHERPAD_DB_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
DOCKER_CE_REPO="$(check_apt_policy docker)"
WS_CONF_MATCH1="# ensure all static content can always be found first"
echo "Add Docker repo"
if [ "$DOCKER_CE_REPO" = "stable" ]; then
echo "Docker repository already installed"
else
echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > \
/etc/apt/sources.list.d/docker-ce.list
wget -qO - https://download.docker.com/linux/ubuntu/gpg | \
gpg --dearmor | tee /etc/apt/trusted.gpg.d/docker-gpg-key.gpg >/dev/null
apt -q2 update
fi
read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS
# Make sure we can rely on the match strings.
printf "> Testing match strings on config files.\n"
test_match "$WS_MATCH1" "$WS_CONF"
# Install required packages
install_ifnot docker-ce
install_ifnot postgresql-"$PSGVER"
# Create DB
echo -e "> Creating postgresql database for container...\n"
sudo -u postgres psql <<DB
CREATE DATABASE ${ETHERPAD_DB_NAME};
CREATE USER ${ETHERPAD_DB_USER} WITH ENCRYPTED PASSWORD '${ETHERPAD_DB_PASS}';
GRANT ALL PRIVILEGES ON DATABASE ${ETHERPAD_DB_NAME} TO ${ETHERPAD_DB_USER};
DB
echo " -- Your etherpad db password is: $ETHERPAD_DB_PASS"
echo -e " Please save it somewhere safe.\n"
# Check fot docker if not running then execute
if [ ! "$(docker ps -q -f name=etherpad)" ]; then
if [ "$(docker ps -aq -f status=exited -f name=etherpad)" ]; then
# cleanup
docker rm etherpad
fi
# run your container
docker run -d --restart always \
--network=host \
--name etherpad \
-p 127.0.0.1:9001:9001 \
-e "ADMIN_PASSWORD=$ETHERPAD_ADMIN_PASS" \
-e "DB_TYPE=postgres" \
-e "DB_HOST=localhost" \
-e "DB_PORT=5432" \
-e "DB_NAME=$ETHERPAD_DB_NAME" \
-e "DB_USER=$ETHERPAD_DB_USER" \
-e "DB_PASS=$ETHERPAD_DB_PASS" \
-i -t etherpad/etherpad
fi
# Tune webserver for Jitsi App control
if [ "$(grep -c etherpad "$WS_CONF")" != 0 ]; then
echo "> Webserver seems configured, skipping..."
elif [ -f "$WS_CONF" ]; then
echo "> Setting up webserver configuration file..."
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ #Etherpad block" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ location \^\~\ \/etherpad\/ {" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Upgrade \$http_upgrade;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Connection \$connection_upgrade;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header X-Forwarded-For \$remote_addr;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_buffering off;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_redirect off;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:9001\/;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ }" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \\\n" "$WS_CONF"
else
echo "> No etherpad config done to server file, please report to:
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
fi
# Configure config.js
if [ "$(grep -c "etherpad_base" "$WS_CONF")" != 0 ]; then
echo -e "> $MEET_CONF seems configured, skipping...\n"
else
echo -e "> Setting etherpad domain at $MEET_CONF...\n"
sed -i "s|// etherpad_base: .*|etherpad_base: \'https://$DOMAIN/etherpad/p/\',|" "$MEET_CONF"
fi
echo "> Checking nginx configuration..."
if nginx -t 2>/dev/null ; then
echo -e " -- Docker configuration seems fine, enabling it."
# systemctl reload nginx
else
echo "Please check your configuration, something may be wrong."
echo "Will not try to enable etherpad nginx configuration, please report to:
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
fi

View File

@ -1,208 +0,0 @@
#!/bin/bash
# Excalidraw Jitsi Backend Installer
#
# Based on:
# - https://community.jitsi.org/t/118883
#
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
# Reset
Color_Off='\e[0m' # Text Reset
# Regular Colors
Black='\e[0;30m' # Black
Red='\e[0;31m' # Red
Green='\e[0;32m' # Green
Yellow='\e[0;33m' # Yellow
Blue='\e[0;34m' # Blue
Purple='\e[0;35m' # Purple
Cyan='\e[0;36m' # Cyan
printwc() {
printf "%b$2%b" "$1" "${Color_Off}"
}
print_title() {
printwc "${Blue}" "\n#--------------------------------------------------"
printwc "${Blue}" "\n# $1"
printwc "${Blue}" "\n#--------------------------------------------------\n"
}
restart_jibri() {
if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ]
then
systemctl restart jibri
systemctl restart jibri-icewm
systemctl restart jibri-xorg
else
echo "Jibri service not installed"
fi
}
restart_services() {
systemctl restart jitsi-videobridge2
systemctl restart jicofo
restart_jibri
systemctl restart prosody
}
test_match() {
if grep -q "$1" "$2" ; then
echo "$(basename "$2") - OK..."
else
echo "$(basename "$2"), FAIL..."
echo "Please report this to https://forge.switnet.net/switnet/quick-jibri-installer"
exit
fi
}
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
clear
echo -e '\n
########################################################################
Excalidraw Jitsi Backend Installer
########################################################################
by Software, IT & Networks Ltd
\n'
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
PROSODY_FILE="/etc/prosody/conf.d/$DOMAIN.cfg.lua"
MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
WS_MATCH1='# ensure all static content can always be found first'
PROS_MATCH1='"av_moderation";'
PROS_MATCH2='breakout_rooms_muc = "breakout.'
PROS_MATCH3='VirtualHost "recorder.'
CONFIG_MATCH1='List of undocumented settings used in jitsi-meet'
EXCALIDRAW_HOME="/opt/excalidraw"
EXCAL_MATCH1="prometheus.metrics(io"
EXCAL_NEW_PORT="9091"
EXCAL_PORT_FILE="$EXCALIDRAW_HOME/backend/src/index.ts"
# Make sure we can rely on the match strings.
printf "Testing match strings on config files.\n"
test_match "$WS_MATCH1" "$WS_CONF"
test_match "$PROS_MATCH1" "$PROSODY_FILE"
test_match "$PROS_MATCH2" "$PROSODY_FILE"
test_match "$PROS_MATCH3" "$PROSODY_FILE"
test_match "$PROS_MATCH3" "$PROSODY_FILE"
test_match "$CONFIG_MATCH1" "$MEET_CONF"
#--------------------------------------------------
print_title "Setup excalidraw backend."
#--------------------------------------------------
adduser --home "$EXCALIDRAW_HOME" --disabled-password --gecos "" excalidraw
git clone https://github.com/jitsi/excalidraw-backend "$EXCALIDRAW_HOME/backend"
test_match "$EXCAL_MATCH1" "$EXCAL_PORT_FILE"
chown -R excalidraw:excalidraw "$EXCALIDRAW_HOME"
cd "$EXCALIDRAW_HOME/backend"
sudo -u excalidraw cp .env.development .env.production
# Use documented port to get some sort of standarization.
if sed -n "/$EXCAL_MATCH1/,/});/p" "$EXCAL_PORT_FILE" |grep -q port: ; then
echo -e "> Update predefined port for metrics to $EXCAL_NEW_PORT\n"
sed -i "/$EXCAL_MATCH1/,/});/s|port:.*,|port: $EXCAL_NEW_PORT,|" "$EXCAL_PORT_FILE"
else
echo -e "> Define new port from default to $EXCAL_NEW_PORT\n"
sed -i "/$EXCAL_MATCH1/a \ \ \ \ port: $EXCAL_NEW_PORT," "$EXCAL_PORT_FILE"
fi
printf "Installing npm backend.\n"
sudo -u excalidraw npm install
sudo -u excalidraw npm run build
#--------------------------------------------------
print_title "Setup system & jitsi config files."
#--------------------------------------------------
# Enable websocket on nginx
sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ location = /socket.io/ {" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_pass http://127.0.0.1:3002/socket.io/?\$args;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Upgrade \$http_upgrade;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Connection \"upgrade\";" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Host \$http_host;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ tcp_nodelay on;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF"
sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF"
if grep -rq room_metadata /etc/prosody/conf.d/ ;then
echo "> Prosody seems to be already configured."
else
echo "> Setting up prosody for whiteboard..."
# Modules enabled
sed -i "/$PROS_MATCH1/a \ \ \ \ \ \ \ \ \"room_metadata\";" "$PROSODY_FILE"
# Define internal component
sed -i "/$PROS_MATCH2/a \ \ \ \ room_metadata_component = \"metadata.$DOMAIN\"" "$PROSODY_FILE"
# Register component
sed -i "/$PROS_MATCH3/i \\\n" "$PROSODY_FILE"
sed -i "/$PROS_MATCH3/i Component \"metadata.$DOMAIN\" \"room_metadata_component\"" "$PROSODY_FILE"
sed -i "/$PROS_MATCH3/i \ \ \ \ muc_component = \"conference.$DOMAIN\"" "$PROSODY_FILE"
sed -i "/$PROS_MATCH3/i \ \ \ \ breakout_rooms_component = \"breakout.$DOMAIN\"" "$PROSODY_FILE"
sed -i "/$PROS_MATCH3/i \\\n" "$PROSODY_FILE"
fi
printf "\n# Checking for whitebord setup at %s.\n" "$(basename "$MEET_CONF")"
if [ -z "$(sed -n '/whiteboard: {/,/},/p' "$MEET_CONF")" ]; then
echo "> No present configuration on current config.js file"
sed -i "/$CONFIG_MATCH1/i \\\n" "$MEET_CONF"
sed -i "/$CONFIG_MATCH1/i \ \ \ \ whiteboard: {" "$MEET_CONF"
sed -i "/$CONFIG_MATCH1/i \ \ \ \ \ \ \ \ enabled: true," "$MEET_CONF"
sed -i "/$CONFIG_MATCH1/i \ \ \ \ \ \ \ \ collabServerBaseUrl: 'https://$DOMAIN'" "$MEET_CONF"
sed -i "/$CONFIG_MATCH1/i \ \ \ \ }," "$MEET_CONF"
sed -i "/$CONFIG_MATCH1/i \\\n" "$MEET_CONF"
else
echo "> Enabling configuration on current config.js file"
sed -i "/whiteboard: {/,/},/s|// ||" "$MEET_CONF"
sed -i "/collabServerBaseUrl:/s|'https://.*'|'https://$DOMAIN'|" "$MEET_CONF"
fi
if sed -n '/toolbarButtons: \[/,/\],/p' "$MEET_CONF" | \
grep -v '//'| grep -q whiteboard ; then
echo "> Whiteboard toolbar already enabled."
elif sed -n '/toolbarButtons: \[/,/\],/p' "$MEET_CONF" | \
grep -v '//'|grep -q toolbarButtons: ; then
echo "> Enabling whiteboard toolbar."
sed -i "/toolbarButtons:/a \ \ \ \ \ \ \ 'whiteboard'," "$MEET_CONF"
else
echo "> ToolbarButtons not customized, whiteboard should be enabled by default,"
echo " otherwise, please report to: https://forge.switnet.net/switnet/quick-jibri-installer/issues"
fi
printf "\n# Add systemd service\n"
cat << EOF > /etc/systemd/system/excalidraw.service
[Unit]
Description=Excalidraw backend
After=network-online.target
[Service]
User=excalidraw
Group=excalidraw
WorkingDirectory=$EXCALIDRAW_HOME/backend
ExecStart=npm start
Restart=always
RestartSec=5s
[Install]
WantedBy=multi-user.target
EOF
systemctl enable excalidraw.service
systemctl start excalidraw.service
printwc "${Green}" "\nExcalidraw setup complete!\n"
restart_services

View File

@ -1,109 +0,0 @@
// XMPP environment config.
jibri {
streaming {
// A list of regex patterns for allowed RTMP URLs. The RTMP URL used
// when starting a stream must match at least one of the patterns in
// this list.
rtmp-allow-list = [
// By default, all services are allowed
".*"
]
}
ffmpeg {
resolution = JIBRI_RES_CONF
}
chrome {
// The flags which will be passed to chromium when launching
flags = [
"--use-fake-ui-for-media-stream",
"--start-maximized",
"--kiosk",
"--enabled",
"--disable-infobars",
"--autoplay-policy=no-user-gesture-required",
"--ignore-certificate-errors",
"--disable-dev-shm-usage"
]
}
stats {
enable-stats-d = true
}
call-status-checks {
// If all clients have their audio and video muted and if Jibri does not
// detect any data stream (audio or video) comming in, it will stop
// recording after NO_MEDIA_TIMEOUT expires.
no-media-timeout = 30 seconds
// If all clients have their audio and video muted, Jibri consideres this
// as an empty call and stops the recording after ALL_MUTED_TIMEOUT expires.
all-muted-timeout = 10 minutes
// When detecting if a call is empty, Jibri takes into consideration for how
// long the call has been empty already. If it has been empty for more than
// DEFAULT_CALL_EMPTY_TIMEOUT, it will consider it empty and stop the recording.
default-call-empty-timeout = 30 seconds
}
recording {
recordings-directory = "DIR_RECORD"
finalize-script = "REC_DIR"
}
api {
xmpp {
environments = [
{
// A user-friendly name for this environment
name = "JB_NAME"
// A list of XMPP server hosts to which we'll connect
xmpp-server-hosts = [ "DOMAIN" ]
// The base XMPP domain
xmpp-domain = "DOMAIN"
// The MUC we'll join to announce our presence for
// recording and streaming services
control-muc {
domain = "internal.auth.DOMAIN"
room-name = "JibriBrewery"
nickname = "Live"
}
// The login information for the control MUC
control-login {
domain = "auth.DOMAIN"
username = "jibri"
password = "JB_AUTH_PASS"
}
// An (optional) MUC configuration where we'll
// join to announce SIP gateway services
// sip-control-muc {
// domain = "domain"
// room-name = "room-name"
// nickname = "nickname"
// }
// The login information the selenium web client will use
call-login {
domain = "recorder.DOMAIN"
username = "recorder"
password = "JB_REC_PASS"
}
// The value we'll strip from the room JID domain to derive
// the call URL
strip-from-room-domain = "conference."
// How long Jibri sessions will be allowed to last before
// they are stopped. A value of 0 allows them to go on
// indefinitely
usage-timeout = 0 hour
// Whether or not we'll automatically trust any cert on
// this XMPP domain
trust-all-xmpp-certs = true
}
]
}
}
}

View File

@ -1,24 +0,0 @@
[
{
"mount_id": 1,
"mount_point": "\/Jitsi Record",
"storage": "\\OC\\Files\\Storage\\Local",
"authentication_type": "null::null",
"configuration": {
"datadir": "\/var\/jbrecord"
},
"options": {
"encrypt": true,
"previews": true,
"enable_sharing": false,
"filesystem_check_changes": 1,
"encoding_compatibility": false,
"readonly": false,
"enable_sharing": true
},
"applicable_users": [],
"applicable_groups": [
"admin"
]
}
]

View File

@ -1,177 +0,0 @@
# Nextcloud 28 nginx - configuration
upstream php-handler {
#server 127.0.0.1:9000;
server unix:/run/php/php_PHPVER-fpm.sock;
}
# Set the `immutable` cache control options only for assets with a cache busting `v` argument
map $arg_v $asset_immutable {
"" "";
default "immutable";
}
server {
listen 80;
listen [::]:80;
server_name _NC_DOMAIN;
# enforce https
return 301 https://\$server_name\$request_uri;
}
server {
listen _NC_NGINX_SSL_PORT ssl http2;
listen [::]:_NC_NGINX_SSL_PORT ssl http2;
server_name _NC_DOMAIN;
# Path to the root of your installation
root _NC_PATH/;
ssl_certificate /etc/letsencrypt/live/_NC_DOMAIN/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/_NC_DOMAIN/privkey.pem;
# Prevent nginx HTTP Server Detection
server_tokens off;
# HSTS settings
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" always;
# set max upload size and increase upload timeout:
client_max_body_size 512M;
client_body_timeout 300s;
fastcgi_buffers 64 4K;
# Enable gzip but do not remove ETag headers
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml text/javascript application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# Pagespeed is not supported by Nextcloud, so if your server is built
# with the `ngx_pagespeed` module, uncomment this line to disable it.
#pagespeed off;
# The settings allows you to optimize the HTTP2 bandwidth.
# See https://blog.cloudflare.com/delivering-http-2-upload-speed-improvements/
# for tuning hints
client_body_buffer_size 512k;
# HTTP response headers borrowed from Nextcloud `.htaccess`
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "noindex, nofollow" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
# Specify how to handle directories -- specifying `/index.php$request_uri`
# here as the fallback means that Nginx always exhibits the desired behaviour
# when a client requests a path that corresponds to a directory that exists
# on the server. In particular, if that directory contains an index.php file,
# that file is correctly served; if it doesn't, then the request is passed to
# the front-end controller. This consistent behaviour means that we don't need
# to specify custom rules for certain paths (e.g. images and other assets,
# `/updater`, `/ocs-provider`), and thus
# `try_files $uri $uri/ /index.php$request_uri`
# always provides the desired behaviour.
index index.php index.html /index.php$request_uri;
# Rule borrowed from `.htaccess` to handle Microsoft DAV clients
location = / {
if ( $http_user_agent ~ ^DavClnt ) {
return 302 /remote.php/webdav/$is_args$args;
}
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Make a regex exception for `/.well-known` so that clients can still
# access it despite the existence of the regex rule
# `location ~ /(\.|autotest|...)` which would otherwise handle requests
# for `/.well-known`.
location ^~ /.well-known {
# The rules in this block are an adaptation of the rules
# in `.htaccess` that concern `/.well-known`.
location = /.well-known/carddav { return 301 /remote.php/dav/; }
location = /.well-known/caldav { return 301 /remote.php/dav/; }
location /.well-known/acme-challenge { try_files $uri $uri/ =404; }
location /.well-known/pki-validation { try_files $uri $uri/ =404; }
# Let Nextcloud's API for `/.well-known` URIs handle all other
# requests by passing them to the front-end controller.
return 301 /index.php$request_uri;
}
# Rules borrowed from `.htaccess` to hide certain paths from clients
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
# Ensure this block, which passes PHP files to the PHP process, is above the blocks
# which handle static assets (as seen below). If this block is not declared first,
# then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
# to the URI, resulting in a HTTP 500 error response.
location ~ \.php(?:$|/) {
# Required for legacy support
rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri;
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
fastcgi_param front_controller_active true; # Enable pretty urls
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
fastcgi_max_temp_file_size 0;
}
# Serve static files
location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map|ogg|flac)$ {
try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15778463, $asset_immutable";
access_log off; # Optional: Don't log access to assets
location ~ \.wasm$ {
default_type application/wasm;
}
}
location ~ \.woff2?$ {
try_files $uri /index.php$request_uri;
expires 7d; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets
}
# Rule borrowed from `.htaccess`
location /remote {
return 301 /remote.php$request_uri;
}
location / {
try_files $uri $uri/ /index.php$request_uri;
}
}

View File

@ -1,274 +0,0 @@
#!/bin/bash
# Grafana Installer for Jitsi Meet
#
# Based on:
# - https://community.jitsi.org/t/38696
# by Igor Kerstges
# - https://grafana.com/grafana/dashboards/11969
# by "mephisto"
#
# Igor Kerstges © - 2021
# SwITNet Ltd © - 2024, https://switnet.net/
#
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
clear
echo '
########################################################################
Grafana Dashboard addon
########################################################################
by Software, IT & Networks Ltd
'
run_service() {
systemctl enable "$1"
systemctl restart "$1"
systemctl status "$1"
}
test_match() {
if grep -q "$1" "$2" ; then
echo "$(basename "$2") - OK..."
else
echo "$(basename "$2"), FAIL..."
echo "Please report this to https://forge.switnet.net/switnet/quick-jibri-installer"
exit
fi
}
MAIN_TEL="/etc/telegraf/telegraf.conf"
TEL_JIT="/etc/telegraf/telegraf.d/jitsi.conf"
GRAFANA_INI="/etc/grafana/grafana.ini"
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
WS_MATCH1="# ensure all static content can always be found first"
WS_MATCH2="upstream prosody {"
GRAFANA_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)"
# Min requirements
apt-get update && \
apt-get install -y gnupg2 \
curl \
wget \
jq
# Make sure we can rely on the match strings.
printf "> Testing match strings on config files.\n"
test_match "$WS_MATCH1" "$WS_CONF"
echo "
# Setup InfluxDB Packages
"
curl -s https://repos.influxdata.com/influxdata-archive.key > \
/etc/apt/trusted.gpg.d/influxdata-archive.key
echo "deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive.key] https://repos.influxdata.com/debian buster stable" | \
sudo tee /etc/apt/sources.list.d/influxdb.list
apt-get update && apt-get install influxdb -y
run_service influxdb
echo "
# Setup Grafana Packages
"
curl -s https://apt.grafana.com/gpg-full.key | \
gpg --dearmor | tee /etc/apt/trusted.gpg.d/grafana-full-key.gpg >/dev/null
echo "deb https://packages.grafana.com/oss/deb stable main" | \
sudo tee /etc/apt/sources.list.d/grafana_com_oss_deb.list
apt-get update && apt-get install grafana -y
run_service grafana-server
echo "
# Setup Telegraf Packages
"
apt-get update && apt-get install telegraf -y
mv /etc/telegraf/telegraf.conf /etc/telegraf/telegraf.conf.original
echo "
# Setup Telegraf config files
"
cat << TELEGRAF > $MAIN_TEL
[global_tags]
###############################################################################
# GLOBAL #
###############################################################################
[agent]
interval = "10s"
debug = false
hostname = "localhost"
round_interval = true
flush_interval = "10s"
flush_jitter = "0s"
collection_jitter = "0s"
metric_batch_size = 1000
metric_buffer_limit = 10000
quiet = false
logfile = ""
omit_hostname = false
TELEGRAF
cat << JITSI_TELEGRAF > $TEL_JIT
###############################################################################
# INPUTS #
###############################################################################
[[inputs.http]]
name_override = "jitsi_stats"
urls = [
"http://localhost:8080/colibri/stats"
]
data_format = "json"
###############################################################################
# OUTPUTS #
###############################################################################
[[outputs.influxdb]]
urls = ["http://localhost:8086"]
database = "jitsi"
timeout = "0s"
retention_policy = ""
JITSI_TELEGRAF
run_service telegraf
echo -e "\n# Setup videobridge options\n"
echo '
# extra options to pass to the JVB daemon
JVB_OPTS="--apis=rest,xmpp"' >> /etc/jitsi/videobridge/config
sed -i "s|TRANSPORT=muc|TRANSPORT=muc,colibri|" /etc/jitsi/videobridge/sip-communicator.properties
# Enable videobridge REST API
hocon -f /etc/jitsi/videobridge/jvb.conf set videobridge.apis.rest.enabled true
systemctl restart jitsi-videobridge2
echo -e "\n# Setup Grafana nginx domain\n"
sed -i "s|;protocol =.*|protocol = http|" $GRAFANA_INI
sed -i "s|;http_addr =.*|http_addr = 127.0.0.1|" $GRAFANA_INI
sed -i "s|;http_port =.*|http_port = 3000|" $GRAFANA_INI
sed -i "s|;domain =.*|domain = $DOMAIN|" $GRAFANA_INI
sed -i "s|;enforce_domain =.*|enforce_domain = false|" $GRAFANA_INI
sed -i "s|;root_url =.*|root_url = http://$DOMAIN:3000/grafana/|" $GRAFANA_INI
sed -i "s|;serve_from_sub_path =.*|serve_from_sub_path = true|" $GRAFANA_INI
sed -i "s|;allow_sign_up =.*|allow_sign_up = false|" $GRAFANA_INI
systemctl restart grafana-server
echo "Waiting for Grafana to load..."
secs=$((10))
while [ $secs -gt 0 ]; do
echo -ne "$secs\033[0K\r"
sleep 1
: $((secs--))
done
if [ -f "$WS_CONF" ]; then
sed -i "/$WS_MATCH1/i \ \ \ \ # Proxy Grafana." "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ location ~ ^/(grafana/|grafana/login) {" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_pass http://grafana;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF"
sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ # Proxy Grafana Live WebSocket connections." "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ location /grafana/api/live/ {" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Upgrade \$http_upgrade;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Connection \$connection_upgrade;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_pass http://grafana;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF"
sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections." "$WS_CONF"
sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF"
sed -i "/$WS_MATCH2/i }" "$WS_CONF"
sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF"
sed -i "/$WS_MATCH2/i upstream grafana {" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ server localhost:3000;" "$WS_CONF"
sed -i "/$WS_MATCH2/i }" "$WS_CONF"
systemctl restart nginx
else
echo "No app configuration done to server file, please report to:
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
fi
echo "
# Setup Grafana credentials.
"
curl -s -k -u "admin:admin" -X \
PUT -H "Content-Type: application/json;charset=UTF-8" -d \
"{
\"oldPassword\": \"admin\",
\"newPassword\": \"$GRAFANA_PASS\",
\"confirmNew\": \"$GRAFANA_PASS\"
}" http://127.0.0.1:3000/api/user/password; echo ""
echo "
# Create InfluxDB datasource
"
curl -s -k -u "admin:$GRAFANA_PASS" -X \
POST -H 'Content-Type: application/json;charset=UTF-8' -d \
'{
"name": "InfluxDB",
"type": "influxdb",
"url": "http://127.0.0.1:8086",
"access": "proxy",
"isDefault": true,
"database": "jitsi"
}' http://127.0.0.1:3000/api/datasources; echo ""
echo "
# Add Grafana Dashboard
"
grafana_host="http://127.0.0.1:3000"
grafana_cred="admin:$GRAFANA_PASS"
grafana_datasource="InfluxDB"
ds=(11969);
for d in "${ds[@]}"; do
echo "Processing $d: "
j="$(curl -s -k -u "$grafana_cred" "$grafana_host"/api/gnet/dashboards/"$d" | jq .json)"
curl -s -k -u "$grafana_cred" -XPOST -H "Accept: application/json" \
-H "Content-Type: application/json" \
-d "{
\"dashboard\": $j,
\"overwrite\": true,
\"inputs\": [{
\"name\": \"DS_INFLUXDB\",
\"type\": \"datasource\",
\"pluginId\": \"influxdb\",
\"value\": \"$grafana_datasource\"
}]
}" $grafana_host/api/dashboards/import; echo ""
done
echo "
Go check:
>> http://$DOMAIN/grafana/
(emphasis on the trailing \"/\") to review configuration and dashboards.
User: admin
Password: $GRAFANA_PASS
Please save it somewhere safe.
"
read -n 1 -s -r -p "Press any key to continue..."$'\n'

Binary file not shown.

Before

Width:  |  Height:  |  Size: 16 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 326 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 2.0 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 169 B

View File

@ -1 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?><svg xmlns="http://www.w3.org/2000/svg" width="1" height="1"/>

Before

Width:  |  Height:  |  Size: 100 B

View File

@ -1,128 +0,0 @@
#!/bin/bash
# Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
exit_if_not_installed() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then
echo " This instance doesn't have $1 installed, exiting..."
echo " If you think this is an error, please report to:
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues "
exit
fi
}
clear
echo ''
echo '########################################################################'
echo ' Jigasi Transcript addon'
echo '########################################################################'
echo ' by Software, IT & Networks Ltd'
echo ''
exit_if_not_installed jitsi-meet
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
JIG_TRANSC_PASWD="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 16 | head -n1)"
JIG_SIP_PROP="/etc/jitsi/jigasi/sip-communicator.properties"
export DOMAIN
export JIG_TRANSC_PASWD
apt-get -q2 update
# Disable SIP account prompt by default
echo "jigasi jigasi/sip-account string ''" | debconf-set-selections
echo "jigasi jigasi/sip-password password ''" | debconf-set-selections
echo "Installing Jigasi, SIP configuration disabled by default."
apt-get -y install gettext-base jigasi docker.io
echo "Please select a language for the VOSK transcription model:"
echo "1) Chinese"
echo "2) English"
echo "3) French"
echo "4) German"
echo "5) Hindi"
echo "6) Japanese"
echo "7) Russian"
echo "8) Spanish"
read -p "Enter the number corresponding to your language choice: " -r lang_choice
case $lang_choice in
1)
echo "You selected Chinese."
VOSK_DOCKER_MODEL="alphacep/kaldi-cn"
;;
2)
echo "You selected English."
VOSK_DOCKER_MODEL="alphacep/kaldi-en"
;;
3)
echo "You selected French."
VOSK_DOCKER_MODEL="alphacep/kaldi-fr"
;;
4)
echo "You selected German."
VOSK_DOCKER_MODEL="alphacep/kaldi-de"
;;
5)
echo "You selected Hindi."
VOSK_DOCKER_MODEL="alphacep/kaldi-hi"
;;
6)
echo "You selected Japanese."
VOSK_DOCKER_MODEL="alphacep/kaldi-ja"
;;
7)
echo "You selected Russian."
VOSK_DOCKER_MODEL="alphacep/kaldi-ru"
;;
8)
echo "You selected Spanish."
VOSK_DOCKER_MODEL="alphacep/kaldi-es"
;;
*)
echo "Invalid selection. Please choose a number between 1 and 8."
;;
esac
# Running selected VOSK docker model.
docker run -d --restart always -p 2700:2700 ${VOSK_DOCKER_MODEL}:latest
echo "Setting up Jigasi transcript with current platform..."
# Jitsi Meet
echo "> Patching Jitsi Meet's config.js for Transcription support."
echo " Read more at patches/jigasi/001-jigasi-meet-config.patch file"
envsubst < patches/jigasi/001-jigasi-meet-config.patch | \
patch --no-backup-if-mismatch -d / -p1
# Jigasi
echo "> Patching jigasi's sip-communicator.properties configuration."
echo " Read more at patches/jigasi/002-jigasi-sip-properties.patch file"
cp "$JIG_SIP_PROP" ${JIG_SIP_PROP}-dpkg-file
envsubst < patches/jigasi/002-jigasi-sip-properties.patch | \
patch --no-backup-if-mismatch -d / -p1
# Create transcribe user on hidden domain.
prosodyctl register transcriber recorder."$DOMAIN" "$JIG_TRANSC_PASWD"
# Restart services.
systemctl restart prosody \
jicofo \
jigasi \
jibri* \
jitsi-videobridge2
echo ""
echo "Full transcript files are available at:"
echo "--> /var/lib/jigasi/transcripts/"
echo ""
echo "Happy transcripting!"
echo ""

View File

@ -1,295 +0,0 @@
#!/bin/bash
# Jitsi Meet recurring upgrader and customization keeper
# for Debian/*buntu binaries.
# SwITNet Ltd © - 2024, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
Blue='\e[0;34m'
Purple='\e[0;35m'
Red='\e[0;31m'
Green='\e[0;32m'
Yellow='\e[0;33m'
Color_Off='\e[0m'
printwc() {
printf "%b$2%b" "$1" "${Color_Off}"
}
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
if [ ! -f jm-bm.sh ]; then
echo "Please check that you are running the jitsi updater while being on the project folder"
echo "other wise the updater might have errors or be incomplete. Exiting..."
exit
fi
support="https://switnet.net/support"
apt_repo="/etc/apt/sources.list.d"
ENABLE_BLESSM="TBD"
G_CHROME=$(apt-cache madison google-chrome-stable|awk '{print$3}'|cut -d. -f1-3)
CHROMELAB_URL="https://googlechromelabs.github.io/chrome-for-testing"
CHD_LTST_DWNL=$(curl -s $CHROMELAB_URL/known-good-versions-with-downloads.json | \
jq -r ".versions[].downloads.chromedriver | select(. != null) | .[].url" | \
grep linux64 | grep "$G_CHROME" | tail -1)
CHD_LTST=$(awk -F '/' '{print$7}' <<< "$CHD_LTST_DWNL")
CHD_LTST_2D="$(cut -d "." -f 1,2 <<< "$CHD_LTST")"
CHDB="$(whereis chromedriver | awk '{print$2}')"
if [ -d /etc/prosody/conf.d/ ]; then
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua | \
awk -F'.cfg' '!/localhost/{print $1}' | xargs basename)"
else
echo -e "Seems no prosody is installed...\n > is this a jibri node?"
fi
NC_DOMAIN="TBD"
JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
if [ -f "$JITSI_MEET_PROXY" ];then
PREAD_PROXY="$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" -f1)"
fi
INT_CONF="/usr/share/jitsi-meet/interface_config.js"
INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js"
read -r -a jibri_packages < <(grep ^Package /var/lib/apt/lists/download.jitsi.org_*_Packages | \
sort -u | awk '{print $2}' | sed '/jigasi/d' | \
xargs)
AVATAR="$(grep -r avatar /etc/nginx/sites-*/ 2>/dev/null)"
if [ -f "$apt_repo"/google-chrome.list ]; then
read -r -a google_package < <(grep ^Package /var/lib/apt/lists/dl.google.com_*_Packages | \
sort -u | awk '{print $2}' | xargs)
else
echo "Seems no Google repo installed"
fi
if [ -f "$apt_repo"/nodesource.list ]; then
read -r -a nodejs_package < <(grep ^Package /var/lib/apt/lists/deb.nodesource.com_node*_Packages | \
sort -u | awk '{print $2}' | xargs)
else
echo "Seems no nodejs repo installed"
fi
# True if $1 is greater than $2
version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
restart_jibri() {
if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ]
then
systemctl restart jibri
systemctl restart jibri-icewm
systemctl restart jibri-xorg
else
echo "Jibri service not installed"
fi
}
# Restarting services
restart_services() {
systemctl restart jitsi-videobridge2
systemctl restart jicofo
restart_jibri
systemctl restart prosody
}
update_jitsi_repo() {
apt-get update -o Dir::Etc::sourcelist="sources.list.d/jitsi-$1.list" \
-o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"
apt-get install -q2 --only-upgrade <<< printf "${jibri_packages[@]}"
}
update_google_repo() {
if [ -f "$apt_repo"/google-chrome.list ]; then
apt-get update -o Dir::Etc::sourcelist="sources.list.d/google-chrome.list" \
-o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"
apt-get install -q2 --only-upgrade <<< printf "${google_package[@]}"
else
echo "No Google repository found"
fi
if [ -z "$CHDB" ]; then
echo "Seems no chromedriver installed"
else
CHD_VER_LOCAL="$($CHDB -v | awk '{print $2}')"
CHD_VER_2D="$(awk '{printf "%.1f\n", $NF}' <<< "$CHD_VER_LOCAL")"
fi
}
update_nodejs_repo() {
apt-get update -o Dir::Etc::sourcelist="sources.list.d/nodesource.list" \
-o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"
apt-get install -q2 --only-upgrade <<< printf "${nodejs_package[@]}"
}
check_latest_gc() {
printwc "${Purple}" "Checking for Google Chrome\n"
if [ -f /usr/bin/google-chrome ]; then
GOOGL_VER_2D="$(/usr/bin/google-chrome --version|awk '{printf "%.1f\n", $NF}')"
else
printwc "${Yellow}" " -> Seems there is no Google Chrome installed\n"
IS_GLG_CHRM="no"
fi
}
check_latest_gc
upgrade_cd() {
if [ -n "$GOOGL_VER_2D" ]; then
check_latest_gc
if version_gt "$GOOGL_VER_2D" "$CHD_VER_2D" ; then
echo "Upgrading Chromedriver to Google Chromes version"
wget -q "$CHD_LTST_DWNL" \
-O /tmp/chromedriver_linux64.zip
unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/
mv /usr/local/bin/chromedriver-linux64/chromedriver "$CHDB"
chown root:root "$CHDB"
chmod 0755 "$CHDB"
rm -rf /tpm/chromedriver_linux64.zip
printf "Current version: "
printwc "$Green" "$($CHDB -v |awk '{print $2}'|awk '{printf "%.1f\n", $NF}')"
echo -e " (latest available)\n"
elif [ "$GOOGL_VER_2D" = "$CHD_LTST_2D" ]; then
echo "No need to upgrade Chromedriver"
printf "Current version: "
printwc "$Green" "$CHD_VER_2D\n"
fi
else
printwc "${Yellow}" " -> No Google Chrome versión to match, leaving untouched.\n"
fi
}
check_lst_cd() {
printwc "${Purple}" "Checking for the latest Chromedriver\n"
if [ -f "$CHDB" ]; then
printf "Current installed Chromedriver: "
printwc "${Yellow}" "$CHD_VER_2D\n"
printf "Current installed Google Chrome: "
printwc "${Green}" "$GOOGL_VER_2D\n"
upgrade_cd
else
printwc "${Yellow}" " -> Seems there is no Chromedriver installed\n"
IS_CHDB="no"
fi
}
printwc "${Blue}" "Update & upgrade Jitsi and components\n"
if [ -f "$apt_repo"/jitsi-unstable.list ]; then
update_jitsi_repo unstable
update_google_repo
check_lst_cd
elif [ -f "$apt_repo"/jitsi-stable.list ]; then
update_jitsi_repo stable
update_google_repo
check_lst_cd
else
echo "Please check your repositories, something is not right."
exit 1
fi
printwc "${Blue}" "Check for supported nodejs LTS version"
if version_gt "14" "$(dpkg-query -W -f='${Version}' nodejs)"; then
curl -sL https://deb.nodesource.com/setup_14.x | sudo -E bash -
apt-get install -yq2 nodejs
else
update_nodejs_repo
fi
check_if_installed(){
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo "1"
else
echo "0"
fi
}
check_for_jibri_node() {
if [ "$(check_if_installed jibri)" = 1 ] && \
[ "$(check_if_installed jitsi-meet)" = 0 ] && \
[ "$(check_if_installed prosody)" = 0 ]; then
printwc "${Green}" "\n::: This seems to be a jibri node :::\n"
JIBRI_NODE="yes"
fi
}
# Any customization, image, name or link change for any purpose should
# be documented here so new updates won't remove those changes.
# We divide them on UI changes and branding changes, feel free to adapt
# to your needs.
#
# Please keep in mind that fees for support customization changes may
# apply.
########################################################################
# User interface changes #
########################################################################
#Check for jibri node
check_for_jibri_node
[ "$JIBRI_NODE" != yes ] && \
if [ -f "$INT_CONF_ETC" ]; then
echo "Static interface_config.js exists, skipping modification..."
else
echo "This setup doesn't have a static interface_config.js, checking changes..."
printwc "${Purple}" "========== Setting Static Avatar ==========\n"
if [ -z "$AVATAR" ]; then
echo "Moving on..."
else
echo "Setting Static Avatar"
sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'http://$DOMAIN/avatar/\'|" "$INT_CONF"
sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" "$INT_CONF"
fi
printwc "${Purple}" "========== Setting Support Link ==========\n"
if [ -z "$support" ]; then
echo "Moving on..."
else
echo "Setting Support custom link"
sed -i "s|https://jitsi.org/live|$support|g" "$INT_CONF"
fi
printwc "${Purple}" "========== Disable Blur my background ==========\n"
sed -i "s|'videobackgroundblur', ||" "$INT_CONF"
fi
if [ "$(check_if_installed openjdk-8-jre-headless)" = 1 ]; then
printwc "${Red}" "\n::: Unsupported OpenJDK JRE version found :::\n"
apt-get install -y openjdk-11-jre-headless
apt-get purge -y openjdk-8-jre-headless
printwc "${Green}" "\n::: Updated to supported OpenJDK JRE version 11 :::\n"
fi
[ "$JIBRI_NODE" != yes ] && \
if [ "$NC_DOMAIN" != "TBD" ]; then
printwc "${Purple}" "========== Enable $NC_DOMAIN for sync client ==========\n"
if [ -f "$JITSI_MEET_PROXY" ] && [ -z "$PREAD_PROXY" ]; then
printf "\n Setting up Nextcloud domain on Jitsi Meet turn proxy\n\n"
sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ }" "$JITSI_MEET_PROXY"
else
echo "$NC_DOMAIN seems to be on place, skipping..."
fi
fi
# Final check & upgrade call.
check_lst_cd
if [ "$JIBRI_NODE" = "yes" ]; then
restart_jibri
else
restart_services
fi
if [ "$JIBRI_NODE" = "yes" ] && \
[ "$IS_CHDB" = "no" ] && \
[ "$IS_GLG_CHRM" = "no" ];then
printwc "${Red}" "\nBeware: This jibri node seems to be missing important packages.\n"
echo " > Googe Chrome"
echo " > Chromedriver"
fi
########################################################################
# Brandless mode #
########################################################################
if [ "$ENABLE_BLESSM" = "on" ]; then
if [ "$MODE" = "debug" ]; then
bash "$PWD"/jm-bm.sh -m debug
else
bash "$PWD"/jm-bm.sh
fi
fi
printwc "${Blue}" "Script completed \o/!\n"

100
jm-bm.sh
View File

@ -1,100 +0,0 @@
#!/bin/bash
# Jitsi Meet brandless mode
# for Debian/*buntu binaries.
# SwITNet Ltd © - 2024, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
CSS_FILE="/usr/share/jitsi-meet/css/all.css"
TITLE_FILE="/usr/share/jitsi-meet/title.html"
INT_CONF="/usr/share/jitsi-meet/interface_config.js"
INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js"
BUNDLE_JS="/usr/share/jitsi-meet/libs/app.bundle.min.js"
#
JM_IMG_PATH="/usr/share/jitsi-meet/images"
WTM2_PATH="$JM_IMG_PATH/watermark2.png"
WTM2_SVG_PATH="$JM_IMG_PATH/watermark2.svg"
FICON_PATH="$JM_IMG_PATH/favicon2.ico"
REC_ICON_PATH="$JM_IMG_PATH/gnome_record.png"
#
APP_NAME="Conferences"
MOVILE_APP_NAME="Jitsi Meet"
PART_USER="Participant"
LOCAL_USER="me"
#
#SEC_ROOM="TBD"
copy_if_not_there() {
if [ ! -f "$1" ]; then
cp images/"$(echo $1|xargs basename)" "$1"
else
echo "$(echo $1|xargs basename) file exists, skipping copying..."
fi
}
echo '
#--------------------------------------------------
# Applying Brandless mode
#--------------------------------------------------
'
#Watermark
copy_if_not_there "$WTM2_PATH"
#Watermark svg
copy_if_not_there "$WTM2_SVG_PATH"
#Favicon
copy_if_not_there "$FICON_PATH"
#Local recording icon
copy_if_not_there "$REC_ICON_PATH"
#Custom / Remove icons
sed -i "s|watermark.png|watermark2.png|g" "$CSS_FILE"
sed -i "s|favicon.ico|favicon2.ico|g" "$TITLE_FILE"
sed -i "s|jitsilogo.png|watermark2.png|g" "$TITLE_FILE"
sed -i "s|logo-deep-linking.png|watermark2.png|g" "$BUNDLE_JS"
sed -i "s|icon-cloud.png|gnome_record.png|g" "$BUNDLE_JS"
#Disable logo and url
if ! grep -q ".leftwatermark{display:none" "$CSS_FILE" ; then
sed -i "s|.leftwatermark{|.leftwatermark{display:none;|" "$CSS_FILE"
fi
#Replace App logo
sed -i "s|// defaultLogoUrl: .*| defaultLogoUrl: 'images/watermark2.svg',|" "$MEET_CONF"
#Overwrite favicon svg
cp images/watermark2.svg $JM_IMG_PATH/favicon.svg
#Customize room title
sed -i "s|Jitsi Meet|$APP_NAME|g" "$TITLE_FILE"
sed -i "s| powered by the Jitsi Videobridge||g" "$TITLE_FILE"
sed -i "/appNotInstalled/ s|{{app}}|$MOVILE_APP_NAME|g" /usr/share/jitsi-meet/lang/*
#Custom UI changes
if [ -f "$INT_CONF_ETC" ]; then
echo "Static interface_config.js exists, skipping modification..."
else
echo "This setup doesn't have a static interface_config.js, checking changes..."
echo -e "\nPlease note that brandless mode will also overwrite support links.\n"
sed -i "21,32 s|Jitsi Meet|$APP_NAME|g" "$INT_CONF"
sed -i "s|\([[:space:]]\)APP_NAME:.*| APP_NAME: \'$APP_NAME\',|" "$INT_CONF"
sed -i "s|Fellow Jitster|$PART_USER|g" "$INT_CONF"
sed -i "s|'me'|'$LOCAL_USER'|" "$INT_CONF"
sed -i "s|LIVE_STREAMING_HELP_LINK: .*|LIVE_STREAMING_HELP_LINK: '#',|g" "$INT_CONF"
sed -i "s|SUPPORT_URL: .*|SUPPORT_URL: '#',|g" "$INT_CONF"
#Logo 2
sed -i "s|watermark.png|watermark2.png|g" "$INT_CONF"
sed -i "s|watermark.svg|watermark2.png|g" "$INT_CONF"
fi

View File

@ -1,308 +0,0 @@
#!/bin/bash
# JRA (Jibri Recordings Access) via Nextcloud
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
exit_if_not_installed() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then
echo " This instance doesn't have $1 installed, exiting..."
echo " If you think this is an error, please report to:
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues "
exit
fi
}
clear
echo -e '\n
########################################################################
Jibri Recordings Access via Nextcloud
########################################################################
by Software, IT & Networks Ltd
\n'
exit_if_not_installed jitsi-meet
## APT checks
apt-get update -q2
# Manually add prerequisites.
apt-get install -y curl letsencrypt nginx
MIN_PHP="8.2"
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
PSGVER="$(apt-cache madison postgresql|tr -d '[:blank:]'|awk -F'[|+]' 'NR==1{print $2}')"
NC_NGINX_SSL_PORT="$(grep "listen 44" /etc/nginx/sites-available/"$DOMAIN".conf | awk '{print$2}')"
[ -z "$NC_NGINX_SSL_PORT" ] && NC_NGINX_SSL_PORT="443"
NC_REPO="https://download.nextcloud.com/server/releases"
NCVERSION="$(curl -s -m 900 $NC_REPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)"
STABLEVERSION="nextcloud-$NCVERSION"
NC_PATH="/var/www/nextcloud"
NC_CONFIG="$NC_PATH/config/config.php"
NC_DB_USER="nextcloud_user"
NC_DB="nextcloud_db"
NC_DB_PASSWD="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)"
DIR_RECORD="$(awk -F '"' '/RECORDING/{print$2}' /home/jibri/finalize_recording.sh|awk 'NR==1{print$1}')"
REDIS_CONF="/etc/redis/redis.conf"
JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
[ -f "$JITSI_MEET_PROXY" ] && PREAD_PROXY=$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" -f1)
PUBLIC_IP="$(dig -4 +short myip.opendns.com @resolver1.opendns.com)"
ISO3166_CODE=TBD
NL="$(printf '\n ')"
exit_ifinstalled() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " This instance already has $1 installed, exiting..."
echo " If you think this is an error, please report to:
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues "
exit
fi
}
install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " $1 is installed, skipping..."
else
echo -e "\n---- Installing $1 ----"
apt-get -yq2 install "$1"
fi
}
while [[ "$ANS_NCD" != "yes" ]]
do
read -p "> Please set your domain (or subdomain) here for Nextcloud: (e.g.: cloud.domain.com)$NL" -r NC_DOMAIN
if [ -z "$NC_DOMAIN" ];then
echo " - This field is mandatory."
elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then
echo " - You can not use the same domain for both, Jitsi Meet and JRA via Nextcloud."
fi
read -p " > Did you mean?: $NC_DOMAIN (yes or no)$NL" -r ANS_NCD
if [ "$ANS_NCD" = "yes" ]; then
echo " - Alright, let's use $NC_DOMAIN."
else
echo " - Please try again."
fi
done
sleep .1
#Simple DNS test
if [ "$PUBLIC_IP" = "$(dig -4 +short "$NC_DOMAIN"|awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then
echo -e "Server public IP & DNS record for $NC_DOMAIN seems to match, continuing...\n\n"
sleep .1
else
echo "Server public IP ($PUBLIC_IP) & DNS record for $NC_DOMAIN don't seem to match."
echo " > Please check your dns records are applied and updated, otherwise Nextcloud may fail."
read -p " > Do you want to continue?: (yes or no)$NL" -r DNS_CONTINUE
if [ "$DNS_CONTINUE" = "yes" ]; then
echo " - We'll continue anyway..."
else
echo " - Exiting for now..."
exit
fi
fi
sleep .1
NC_NGINX_CONF="/etc/nginx/sites-available/$NC_DOMAIN.conf"
while [ -z "$NC_USER" ]
do
read -p "Nextcloud user: " -r NC_USER
if [ -z "$NC_USER" ]; then
echo " - This field is mandatory."
fi
done
sleep .1
while [ -z "$NC_PASS" ] || [ ${#NC_PASS} -lt 8 ]
do
read -p "Nextcloud user password: " -r NC_PASS
if [ -z "$NC_PASS" ] || [ ${#NC_PASS} -lt 8 ]; then
echo -e " - This field is mandatory. \nPlease make sure it's at least 8 characters.\n"
fi
done
sleep .1
#Enable HSTS
while [ "$ENABLE_HSTS" != "yes" ] && [ "$ENABLE_HSTS" != "no" ]
do
read -p "> Do you want to enable HSTS for this domain?: (yes or no)
Be aware this option apply mid-term effects on the domain, choose \"no\"
in case you don't know what you are doing. More at https://hstspreload.org/$NL" -r ENABLE_HSTS
if [ "$ENABLE_HSTS" = "no" ]; then
echo " - HSTS won't be enabled."
elif [ "$ENABLE_HSTS" = "yes" ]; then
echo " - HSTS will be enabled."
fi
done
sleep .1
echo -e "#Default country phone code\n
> Starting at Nextcloud 21.x it's required to set a default country phone ISO 3166-1 alpha-2 code.\n
>>> https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements <<<\n"
sleep .1
while [ ${#ISO3166_CODE} -gt 2 ];
do
echo -e "Some examples might be: Germany > DE | Mexico > MX | Spain > ES | USA > US\n
Do you want to set such code for your installation?"
sleep .1
read -p "Leave empty if you don't want to set any: " -r ISO3166_CODE
if [ ${#ISO3166_CODE} -gt 2 ]; then
echo -e "\n-- This code is only 2 characters long, please check your input.\n"
fi
done
sleep .1
echo -e "\n# Check for jitsi-meet/jibri\n"
if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ] || \
[ -f /etc/prosody/conf.d/"$DOMAIN".conf ]; then
echo "jitsi meet/jibri is installed, checking version:"
apt-show-versions jibri
else
echo "Wait!, jitsi-meet/jibri is not installed on this system using apt, exiting..."
exit
fi
#Prevent root folder permission issues
cp "$PWD"/files/jra-nc-app-ef.json /tmp
exit_ifinstalled postgresql-"$PSGVER"
## Install software requirements
# PostgresSQL
install_ifnot postgresql-"$PSGVER"
#--------------------------------------------------
# Prepare PHP
#--------------------------------------------------
if [ "$MODE" = "debug" ]; then
bash -x "$PWD"/tools/prepare_php.sh "$MIN_PHP"
else
bash "$PWD"/tools/prepare_php.sh "$MIN_PHP"
fi
#--------------------------------------------------
# Create DB user
#--------------------------------------------------
echo -e "\n---- Creating the PgSQL DB & User ----"
sudo -u postgres psql <<DB
CREATE DATABASE nextcloud_db;
CREATE USER ${NC_DB_USER} WITH ENCRYPTED PASSWORD '${NC_DB_PASSWD}';
GRANT ALL PRIVILEGES ON DATABASE ${NC_DB} TO ${NC_DB_USER};
DB
echo -e "\nDone!\n"
# Add .mjs as a file extension for javascript
sed -i "/application\/javascript/s|js.*;|js mjs;|" /etc/nginx/mime.types
# nginx conf setup.
cp files/nextcloud.conf "$NC_NGINX_CONF"
sed -i "s|_PHPVER|$MIN_PHP|g" "$NC_NGINX_CONF"
sed -i "s|_NC_DOMAIN|$NC_DOMAIN|g" "$NC_NGINX_CONF"
sed -i "s|_NC_NGINX_SSL_PORT|$NC_NGINX_SSL_PORT|g" "$NC_NGINX_CONF"
sed -i "s|_NC_PATH|$NC_PATH|g" "$NC_NGINX_CONF"
systemctl stop nginx
letsencrypt certonly --standalone --renew-by-default --agree-tos -d "$NC_DOMAIN"
if [ -f /etc/letsencrypt/live/"$NC_DOMAIN"/fullchain.pem ];then
ln -s "$NC_NGINX_CONF" /etc/nginx/sites-enabled/
else
echo "There are issues on getting the SSL certs..."
read -n 1 -s -r -p "Press any key to continue"
fi
nginx -t
systemctl restart nginx
if [ "$ENABLE_HSTS" = "yes" ]; then
sed -i "s|#add_header Strict-Transport-Security|add_header Strict-Transport-Security|g" "$NC_NGINX_CONF"
fi
if [ -n "$PREAD_PROXY" ]; then
echo "
Setting up Nextcloud domain on Jitsi Meet turn proxy
"
sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ }" "$JITSI_MEET_PROXY"
fi
echo -e "\n Latest version to be installed: $STABLEVERSION
(This might take sometime, please be patient...)\n"
curl -s "$NC_REPO"/"$STABLEVERSION".zip > /tmp/"$STABLEVERSION".zip
unzip -q /tmp/"$STABLEVERSION".zip
mv nextcloud "$NC_PATH"
chown -R www-data:www-data "$NC_PATH"
chmod -R 755 "$NC_PATH"
echo -e "\nDatabase installation...\n"
sudo -u www-data php$MIN_PHP "$NC_PATH"/occ maintenance:install \
--database=pgsql \
--database-name="$NC_DB" \
--database-user="$NC_DB_USER" \
--database-pass="$NC_DB_PASSWD" \
--admin-user="$NC_USER" \
--admin-pass="$NC_PASS"
echo -e "\nApply custom mods...\n"
sed -i "/datadirectory/a \ \ \'skeletondirectory\' => \'\'," "$NC_CONFIG"
sed -i "/skeletondirectory/a \ \ \'simpleSignUpLink.shown\' => false," "$NC_CONFIG"
sed -i "/simpleSignUpLink.shown/a \ \ \'knowledgebaseenabled\' => false," "$NC_CONFIG"
sed -i "s|http://localhost|https://$NC_DOMAIN|" "$NC_CONFIG"
echo -e "\nAdd crontab...\n"
crontab -u www-data -l | { cat; echo "*/5 * * * * php$MIN_PHP -f $NC_PATH/cron.php"; } | crontab -u www-data -
echo -e "\nAdd memcache support...\n"
sed -i "s|# unixsocket .*|unixsocket /var/run/redis/redis.sock|g" "$REDIS_CONF"
sed -i "s|# unixsocketperm .*|unixsocketperm 777|g" "$REDIS_CONF"
sed -i "s|port 6379|port 0|" "$REDIS_CONF"
systemctl restart redis-server
echo -e "\n--> Setting config.php...\n"
if [ -n "$ISO3166_CODE" ]; then
sed -i "/);/i \ \ 'default_phone_region' => '$ISO3166_CODE'," "$NC_CONFIG"
fi
sed -i "/);/i \ \ 'filelocking.enabled' => 'true'," "$NC_CONFIG"
sed -i "/);/i \ \ 'memcache.locking' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG"
sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG"
sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG"
sed -i "/);/i \ \ 'memcache.distributed' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG"
sed -i "/);/i \ \ 'redis' =>" "$NC_CONFIG"
sed -i "/);/i \ \ \ \ array (" "$NC_CONFIG"
sed -i "/);/i \ \ \ \ \ 'host' => '/var/run/redis/redis.sock'," "$NC_CONFIG"
sed -i "/);/i \ \ \ \ \ 'port' => 0," "$NC_CONFIG"
sed -i "/);/i \ \ \ \ \ 'timeout' => 0," "$NC_CONFIG"
sed -i "/);/i \ \ )," "$NC_CONFIG"
echo -e "Done\n"
echo -e "\nAddding & Setting up Files External App for Local storage...\n"
sudo -u www-data php$MIN_PHP "$NC_PATH"/occ app:install files_external
sudo -u www-data php$MIN_PHP "$NC_PATH"/occ app:enable files_external
sudo -u www-data php$MIN_PHP "$NC_PATH"/occ app:disable support
sudo -u www-data php$MIN_PHP "$NC_PATH"/occ files_external:import /tmp/jra-nc-app-ef.json
usermod -a -G jibri www-data
chmod -R 770 "$DIR_RECORD"
chmod -R g+s "$DIR_RECORD"
echo -e "\nFixing possible missing tables...\n\n"
echo "y"|sudo -u www-data php$MIN_PHP "$NC_PATH"/occ db:convert-filecache-bigint
sudo -u www-data php$MIN_PHP "$NC_PATH"/occ db:add-missing-indices
sudo -u www-data php$MIN_PHP "$NC_PATH"/occ db:add-missing-columns
echo -e "\nAdding trusted domain...\n"
sudo -u www-data php$MIN_PHP "$NC_PATH"/occ config:system:set trusted_domains 0 --value="$NC_DOMAIN"
echo -e "\nSetting JRA domain on jitsi-updater.sh\n"
sed -i "s|NC_DOMAIN=.*|NC_DOMAIN=\"$NC_DOMAIN\"|" jitsi-updater.sh
echo -e "\nQuick Nextcloud installation complete!\n"

View File

@ -1,334 +0,0 @@
#!/bin/bash
# Custom High Performance Jitsi conf
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have privileges!"
exit 0
fi
wait_seconds() {
secs=$(($1))
while [ $secs -gt 0 ]; do
echo -ne "$secs\033[0K\r"
sleep 1
: $((secs--))
done
}
set_once() {
if ! grep -q "$(awk '!/^ *#/ && NF {print}' "$2"|grep "$(awk -F '=' '{print$1}' <<< "$1")")" ; then
echo "Setting $1 on $2..."
echo "$1" | tee -a "$2"
else
echo " \"$(echo "$1"|awk -F '=' '{print$1}')\" seems present, skipping setting this variable"
fi
}
# True if $1 is greater than $2
version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
LTS_REL="$(lsb_release -d | awk '{print$4}')"
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
JVB_LOG_POP="/etc/jitsi/videobridge/logging.properties"
JVB_RC="/usr/share/jitsi-videobridge/lib/videobridge.rc"
JICOFO_LOG_POP="/etc/jitsi/videobridge/logging.properties"
MEET_LOG_CONF="/usr/share/jitsi-meet/logging_config.js"
MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
MEET_CONF_HP="/etc/jitsi/meet/${DOMAIN}-chp-config.js"
INT_CONF_JS="/etc/jitsi/meet/${DOMAIN}-interface_config.js"
INT_CONF_JS_HP="/etc/jitsi/meet/${DOMAIN}-chp-interface_config.js"
WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
CHAT_DISABLED="TBD"
if [ -f "$MEET_CONF_HP" ] || [ -f "$INT_CONF_JS_HP" ]; then
echo "
This script can't be run multiple times on the same system,
idempotence not guaranteed, exiting..."
exit
fi
if [ -z "$LTS_REL" ] || [ -z "$DOMAIN" ];then
echo "This system isn't suitable to configure."
exit
else
echo "This system seems suitable to configure..."
fi
echo "What does this script do?
Overview:
- Disables swap partition
- Tunes,
* Some kernel networking settings
* nginx connections number
* jvb2 logging
* jicofo logging
* meet logging
- Modify UX by changing session configuration & toolbar.
- Disable browsers not compatible with CHP,
* Safari
* Firefox*
"
echo "# Note: As for January 2021 Firefox can't handle correctly widescreen sizing
# on lower resolution than HD (nHD & qHD), setting as incompatible for now.
# (If you know this is no longer the case. Please report it to \
https://forge.switnet.net/switnet/quick-jibri-installer/issues)
"
#Tools to consider
##Profiling
#https://github.com/jvm-profiling-tools/async-profiler
while [[ "$CONTINUE_HP" != "yes" && "$CONTINUE_HP" != "no" ]]
do
read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_HP
if [ "$CONTINUE_HP" = "no" ]; then
echo "See you next time!..."
exit
elif [ "$CONTINUE_HP" = "yes" ]; then
echo "Good, then let's get it done..."
fi
done
# Video resolution selector
echo "
#--------------------------------------------------
# Conference widescreen video resolution.
#--------------------------------------------------
"
echo "If you are using a high volume of users we recommend to use nHD (640x360),
or at most qHD (960x540) resolution as default, since bandwith increase
exponentially with the more concurrent users on a meeting.
Either way, choose your desired video resolution.
"
PS3='Select the desired resolution for high performance mode: '
options=("nHD - 640x360" "qHD - 960x540" "HD - 1280x720")
select opt in "${options[@]}"
do
case "$opt" in
"nHD - 640x360")
echo -e "\n > Setting 640x360 resolution.\n"
VID_RES="360"
break
;;
"qHD - 960x540")
echo -e "\n > Setting 960x540 resolution.\n"
VID_RES="540"
break
;;
"HD - 1280x720")
echo -e "\n > Setting 1280x720 resolution.\n"
VID_RES="720"
break
;;
*) echo "Invalid option $REPLY, choose 1, 2 or 3";;
esac
done
echo "
# Disable Chat?
> In case you have your own chat solution for the meetings you might
wanna disable Jitsi's chat from the toolbox.
"
while [[ "$CHAT_DISABLED" != "yes" && \
"$CHAT_DISABLED" != "no" && \
"$CHAT_DISABLED" != "" ]]
do
echo "> Do you want to disable jitsi's built-in chat?: (yes or no)"
read -p "(Also you can leave empty to disable)"$'\n' -r CHAT_DISABLED
if [ "$CHAT_DISABLED" = "no" ]; then
echo -e "-- Jitsi's built-in chat will be kept active.\n"
elif [ "$CHAT_DISABLED" = "yes" ] || [ -z "$CHAT_DISABLED" ]; then
echo -e "-- Jitsi's built-in chat will be disabled. \n"
fi
done
## JMS system tune up
if [ "$MODE" = "debug" ]; then
bash "$PWD"/jms-stu.sh -m debug
else
bash "$PWD"/jms-stu.sh
fi
#JVB2
##Loose up logging
# https://community.jitsi.org/t/23641/13
sed -i "/java.util.logging.FileHandler.level/s|ALL|WARNING|g" "$JVB_LOG_POP"
sed -i "s|^.level=INFO|.level=WARNING|" "$JVB_LOG_POP"
sed -i "/VIDEOBRIDGE_MAX_MEMORY=/i \ VIDEOBRIDGE_MAX_MEMORY=8192m" "$JVB_RC"
#JICOFO
sed -i "/java.util.logging.FileHandler.level/s|ALL|OFF|g" "$JICOFO_LOG_POP"
sed -i "s|^.level=INFO|.level=WARNING|" "$JICOFO_LOG_POP"
#MEET
sed -i "s|defaultLogLevel:.*|defaultLogLevel: 'error',|" "$MEET_LOG_CONF"
sed -i "/TraceablePeerConnection.js/s|info|error|" "$MEET_LOG_CONF"
sed -i "/CallStats.js/s|info|error|" "$MEET_LOG_CONF"
sed -i "/strophe.util.js/s|log|error|" "$MEET_LOG_CONF"
#UX - Room settings and interface
## config.js
cp "$MEET_CONF" "$MEET_CONF_HP"
sed -i "s|// disableAudioLevels:.*|disableAudioLevels: true,|" "$MEET_CONF_HP"
sed -i "s|enableNoAudioDetection:.*|enableNoAudioDetection: false,|" "$MEET_CONF_HP"
sed -i "s|enableNoisyMicDetection:.*|enableNoisyMicDetection: false,|" "$MEET_CONF_HP"
sed -i "s|startAudioMuted:.*|startAudioMuted: 5,|" "$MEET_CONF_HP"
sed -i "s|// startVideoMuted:.*|startVideoMuted: 5,|" "$MEET_CONF_HP"
sed -i "s|startWithVideoMuted: true,|startWithVideoMuted: false,|" "$MEET_CONF_HP"
sed -i "s|channelLastN:.*|channelLastN: 10,|" "$MEET_CONF_HP"
sed -i "s|// enableLayerSuspension:.*|enableLayerSuspension: true,|" "$MEET_CONF_HP"
sed -i "s|// apiLogLevels:.*|apiLogLevels: \['warn', 'error'],|" "$MEET_CONF_HP"
if [ "$VID_RES" = "360" ]; then
sed -i "/Start QJI/,/End QJI/d" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 360," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 360," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 360," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 640," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 640," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF_HP"
fi
if [ "$VID_RES" = "540" ]; then
sed -i "/Start QJI/,/End QJI/d" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 540," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 540," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 540," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 960," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 960," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF_HP"
fi
if [ "$VID_RES" = "720" ]; then
sed -i "/Start QJI/,/End QJI/d" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 720," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 720," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 720," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 1280," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 1280," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF_HP"
fi
## interface_config.js
cp "$INT_CONF_JS" "$INT_CONF_JS_HP"
sed -i "s|CONNECTION_INDICATOR_DISABLED:.*|CONNECTION_INDICATOR_DISABLED: true,|" "$INT_CONF_JS_HP"
sed -i "s|DISABLE_DOMINANT_SPEAKER_INDICATOR:.*|DISABLE_DOMINANT_SPEAKER_INDICATOR: true,|" "$INT_CONF_JS_HP"
sed -i "s|DISABLE_FOCUS_INDICATOR:.*|DISABLE_FOCUS_INDICATOR: false,|" "$INT_CONF_JS_HP"
sed -i "s|DISABLE_JOIN_LEAVE_NOTIFICATIONS:.*|DISABLE_JOIN_LEAVE_NOTIFICATIONS: true,|" "$INT_CONF_JS_HP"
sed -i "s|DISABLE_VIDEO_BACKGROUND:.*|DISABLE_VIDEO_BACKGROUND: true,|" "$INT_CONF_JS_HP"
sed -i "s|OPTIMAL_BROWSERS: \[.*|OPTIMAL_BROWSERS: \[ 'chrome', 'chromium', 'electron' \],|" "$INT_CONF_JS_HP"
sed -i "s|UNSUPPORTED_BROWSERS: .*|UNSUPPORTED_BROWSERS: \[ 'nwjs', 'safari', 'firefox' \],|" "$INT_CONF_JS_HP"
### Toolbars
if version_gt "$(apt-show-versions jitsi-meet|awk '{print$2}')" "2.0.5390-3" ; then
#New toolbar in config.js
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ toolbarButtons:: \[" "$MEET_CONF_HP"
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," "$MEET_CONF_HP"
if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," "$MEET_CONF_HP"
else
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," "$MEET_CONF_HP"
fi
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," "$MEET_CONF_HP"
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," "$MEET_CONF_HP"
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'mute-video-everyone', 'security'" "$MEET_CONF_HP"
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \]," "$MEET_CONF_HP"
else
#Old toolbar in interface.js (soon deprecated on newer versions)
sed -i "/^\s*TOOLBAR_BUTTONS*\]$/ s|^|//|; /^\s*TOOLBAR_BUTTONS/, /\],$/ s|^|//|" "$INT_CONF_JS_HP"
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ TOOLBAR_BUTTONS: \[" "$INT_CONF_JS_HP"
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," "$INT_CONF_JS_HP"
if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," "$INT_CONF_JS_HP"
else
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," "$INT_CONF_JS_HP"
fi
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," "$INT_CONF_JS_HP"
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," "$INT_CONF_JS_HP"
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'mute-video-everyone', 'security'" "$INT_CONF_JS_HP"
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \]," "$INT_CONF_JS_HP"
fi
#Check config file
echo -e "\n# Checking $MEET_CONF file for errors\n"
CHECKJS_MEET_CHP="$(esvalidate "$MEET_CONF_HP"| cut -d ":" -f2)"
if [ -z "$CHECKJS_MEET_CHP" ]; then
echo -e "\n# The $MEET_CONF_HP configuration seems correct. =)\n"
else
echo -e "\n Watch out!, there seems to be an issue on $MEET_CONF_HP line:
$CHECKJS_MEET_CHP
Most of the times this is due upstream changes, please report to
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
fi
CHECKJS_INT_CHP="$(esvalidate "$INT_CONF_JS_HP"| cut -d ":" -f2)"
if [ -z "$CHECKJS_INT_CHP" ]; then
echo -e "\n# The $INT_CONF_JS_HP configuration seems correct. =)\n"
else
echo -e "\n Watch out!, there seems to be an issue on $INT_CONF_JS_HP line:
$CHECKJS_INT_CHP
Most of the times this is due upstream changes, please report to
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
fi
sed -i "s|$MEET_CONF|$MEET_CONF_HP|g" "$WS_CONF"
sed -i "s|$INT_CONF_JS|$INT_CONF_JS_HP|" "$WS_CONF"
nginx -t
#systemctl restart nginx
echo "Done!, yeah, that quick ;)"
echo "Rebooting in..."
wait_seconds 15
reboot

View File

@ -1,171 +0,0 @@
#!/bin/bash
# Custom Selenium Grid-Node fro Jitsi Meet
# Pandian © - https://community.jitsi.org/u/Pandian
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
WAN_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)"
AV_SPACE="$(df -h .|grep -v File|awk '{print$4}'|sed -e 's|G||')"
echo -e "\n-- Make sure you have at least 10GB of disk space available.\n"
if [ "$(echo "$AV_SPACE > 9" | bc)" -ne 0 ]; then
echo "> Seems we have enough disk space."
else
echo "> Please meet the minimum required disk space for this installer, exiting..."
exit
fi
apt-get update
apt-get dist-upgrade -y
apt-get install -y \
gnupg \
bmon \
curl \
wget \
unzip \
maven \
openjdk-11-jdk
# Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
## Docker Compose
curl -sL "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
# Jitsi Meet Torture
cd /opt || exit
git clone https://github.com/jitsi/jitsi-meet-torture
cd jitsi-meet-torture/ || exit
if [ -f resources/FourPeople_1280x720_30.y4m ] ; then
echo "FourPeople_1280x720_30.y4m exists"
else
echo "FourPeople_1280x720_30.y4m doesn't exists, getting a copy..."
wget -c https://media.xiph.org/video/derf/y4m/FourPeople_1280x720_60.y4m
mv FourPeople_1280x720_60.y4m resources/
cp resources/FourPeople_1280x720_60.y4m resources/FourPeople_1280x720_30.y4m
fi
#150 "participants" available
## Tested up to 120 with AWS c5.24xlarge
cat << SELENIUM_GRID_DOCKER > selenium.yml
version: "3"
services:
selenium-hub:
image: selenium/hub:3.141.59-20200525
container_name: selenium-hub
ports:
- "4444:4444"
restart: always
chrome:
image: selenium/node-chrome:3.141.59-20200525
volumes:
- /dev/shm:/dev/shm
- ./resources:/usr/share/jitsi-meet-torture/resources
depends_on:
- selenium-hub
environment:
- HUB_HOST=selenium-hub
- HUB_PORT=4444
- NODE_MAX_INSTANCES=30
- NODE_MAX_SESSION=30
restart: always
chrome2:
image: selenium/node-chrome:3.141.59-20200525
volumes:
- /dev/shm:/dev/shm
- ./resources:/usr/share/jitsi-meet-torture/resources
depends_on:
- selenium-hub
environment:
- HUB_HOST=selenium-hub
- HUB_PORT=4444
- NODE_MAX_INSTANCES=30
- NODE_MAX_SESSION=30
restart: always
chrome3:
image: selenium/node-chrome:3.141.59-20200525
volumes:
- /dev/shm:/dev/shm
- ./resources:/usr/share/jitsi-meet-torture/resources
depends_on:
- selenium-hub
environment:
- HUB_HOST=selenium-hub
- HUB_PORT=4444
- NODE_MAX_INSTANCES=30
- NODE_MAX_SESSION=30
restart: always
chrome4:
image: selenium/node-chrome:3.141.59-20200525
volumes:
- /dev/shm:/dev/shm
- ./resources:/usr/share/jitsi-meet-torture/resources
depends_on:
- selenium-hub
environment:
- HUB_HOST=selenium-hub
- HUB_PORT=4444
- NODE_MAX_INSTANCES=30
- NODE_MAX_SESSION=30
restart: always
chrome5:
image: selenium/node-chrome:3.141.59-20200525
volumes:
- /dev/shm:/dev/shm
- ./resources:/usr/share/jitsi-meet-torture/resources
depends_on:
- selenium-hub
environment:
- HUB_HOST=selenium-hub
- HUB_PORT=4444
- NODE_MAX_INSTANCES=30
- NODE_MAX_SESSION=30
restart: always
SELENIUM_GRID_DOCKER
docker-compose -f selenium.yml up -d
echo -e "\n#=================== End of Seleniun Grid build ========================#\n"
echo -e "\nChange the values according to you test requirements using something like;\n"
echo "cd /opt/jitsi-meet-torture
sudo bash /opt/jitsi-meet-torture/scripts/malleus.sh \\
--conferences=1 \\
--participants=30 \\
--senders=2 \\
--audio-senders=1 \\
--duration=120 \\
--room-name-prefix=hamertesting \\
--hub-url=http://localhost:4444/wd/hub \\
--instance-url=https://YOUR.JITSI-MEET-INSTANCE.DOMAIN
"
echo -e "\n-- If using 'hamertesting' as prefix name you can join the room
hamertesting0, hamertesting1, hamertestingN
according to the 'N' number of conferences you have set to watch the test.
*Beware* for 120 \"participants\" to join video-muted it was necessary at least a c5.24xlarge AWS instance.
So start low, monitor your server resources and go from there."
echo -e "\n-- You can check the grid status at:
http://$WAN_IP:4444/grid/console
"

View File

@ -1,86 +0,0 @@
#!/bin/bash
# System-tune-up to remove system software restrictions on a huge load of connections.
# Be aware that hardware/infrastructure resources are the most common limiters.
#
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have privileges!"
exit 0
fi
echo '
#--------------------------------------------------
# Starting system tune up configuration
# for high performance
#--------------------------------------------------
'
set_once_hash_comment() {
if ! awk '!/^ *#/ && NF {print}' "$2"|grep -q "$(awk -F '=' '{print$1}' <<< "$1")" ; then
echo "Setting $1 on $2..."
echo "$1" | tee -a "$2"
else
echo "\"$(awk -F '=' '{print$1}' <<< "$1")\" seems already present, skipping setting this variable"
fi
}
FSTAB=/etc/fstab
##Disable swap
swapoff -a
sed -r '/\sswap\s/s/^#?/#/' -i "$FSTAB"
##Alternative swap tuning (need more documentation).
#vm.swappiness=5
#vm.vfs_cache_pressure=50
##Kernel
#https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/5/html/tuning_and_optimizing_red_hat_enterprise_linux_for_oracle_9i_and_10g_databases/sect-oracle_9i_and_10g_tuning_guide-adjusting_network_settings-changing_network_kernel_settings
sysctl -w net.core.rmem_default=262144
sysctl -w net.core.wmem_default=262144
sysctl -w net.core.rmem_max=262144
sysctl -w net.core.wmem_max=262144
set_once_hash_comment "net.core.rmem_default=262144" "/etc/sysctl.conf"
set_once_hash_comment "net.core.wmem_default=262144" "/etc/sysctl.conf"
set_once_hash_comment "net.core.rmem_max=262144" "/etc/sysctl.conf"
set_once_hash_comment "net.core.wmem_max=262144" "/etc/sysctl.conf"
#system
#https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart
set_once_hash_comment "DefaultLimitNOFILE=65000" "/etc/sysctl.conf"
set_once_hash_comment "DefaultLimitNPROC=65000" "/etc/sysctl.conf"
set_once_hash_comment "DefaultTasksMax=65000" "/etc/sysctl.conf"
#https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_for_real_time/7/html/tuning_guide/reduce_tcp_performance_spikes
sysctl -w net.ipv4.tcp_timestamps=0
set_once_hash_comment "net.ipv4.tcp_timestamps=0" "/etc/sysctl.conf"
#https://bugzilla.redhat.com/show_bug.cgi?id=1283676
sysctl -w net.core.netdev_max_backlog=100000
set_once_hash_comment "net.core.netdev_max_backlog=100000" "/etc/sysctl.conf"
##nginx
sed -i "s|worker_connections.*|worker_connections 2000;|" /etc/nginx/nginx.conf
nginx -t
#Missing docs
#sysctl -w net.ipv4.tcp_low_latency=1
echo "System tune up...
Done!"

View File

@ -1,115 +0,0 @@
#!/bin/bash
# JWT Mode Setup
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
JICOFO_SIP="/etc/jitsi/jicofo/sip-communicator.properties"
PROSODY_FILE="/etc/prosody/conf.d/$DOMAIN.cfg.lua"
PROSODY_SYS="/etc/prosody/prosody.cfg.lua"
APP_ID="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 16 | head -n1)"
SECRET_APP="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 64 | head -n1)"
SRP_STR="$(grep -n "VirtualHost \"$DOMAIN\"" "$PROSODY_FILE" | head -n1 | cut -d ":" -f1)"
SRP_END="$((SRP_STR + 10))"
## Required openssl for Focal 20.04
if [ "$(lsb_release -sc)" = "focal" ]; then
echo "deb http://ppa.launchpad.net/rael-gc/rvm/ubuntu focal main" | \
sudo tee /etc/apt/sources.list.d/rvm.list
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys F4E3FBBE
apt-get update
fi
apt-get -y install \
lua5.2 \
liblua5.2 \
luarocks \
libssl1.0-dev \
python3-jwt
luarocks install basexx
luarocks install luacrypto
luarocks install lua-cjson 2.1.0-1
echo "set jitsi-meet-tokens/appid string $APP_ID" | debconf-set-selections
echo "set jitsi-meet-tokens/appsecret password $SECRET_APP" | debconf-set-selections
apt-get install -y jitsi-meet-tokens
#Setting up
sed -i "s|c2s_require_encryption = true|c2s_require_encryption = false|" "$PROSODY_SYS"
#-
sed -i "$SRP_STR,$SRP_END{s|authentication = \"jitsi-anonymous\"|authentication = \"token\"|}" "$PROSODY_FILE"
sed -i "s|--app_id=\"example_app_id\"|app_id=\"$APP_ID\"|" "$PROSODY_FILE"
sed -i "s|--app_secret=\"example_app_secret\"|app_secret=\"$SECRET_APP\"|" "$PROSODY_FILE"
sed -i "/app_secret/a \\\\" "$PROSODY_FILE"
sed -i "/app_secret/a \ \ \ \ allow_empty_token = false" "$PROSODY_FILE"
sed -i "/app_secret/a \\\\" "$PROSODY_FILE"
sed -i "/app_secret/a \ \ \ \ asap_accepted_issuers = { \"$APP_ID\" }" "$PROSODY_FILE"
sed -i "/app_secret/a \ \ \ \ asap_accepted_audiences = { \"$APP_ID\", \"RocketChat\" }" "$PROSODY_FILE"
sed -i "/app_secret/a \\\\" "$PROSODY_FILE"
sed -i "s|--allow_empty_token =.*|allow_empty_token = false|" "$PROSODY_FILE"
sed -i 's|--"token_verification"|"token_verification"|' "$PROSODY_FILE"
#Request auth
sed -i "s|#org.jitsi.jicofo.auth.URL=EXT_JWT:|org.jitsi.jicofo.auth.URL=EXT_JWT:|" "$JICOFO_SIP"
sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" "$MEET_CONF"
#Enable jibri recording
cat << REC-JIBRI >> "$PROSODY_FILE"
VirtualHost "recorder.$DOMAIN"
modules_enabled = {
"ping";
}
authentication = "internal_hashed"
REC-JIBRI
#Setup guests and lobby
cat << P_SR >> "$PROSODY_FILE"
-- #Change back lobby - https://community.jitsi.org/t/64769/136
VirtualHost "guest.$DOMAIN"
authentication = "token"
allow_empty_token = true
c2s_require_encryption = false
speakerstats_component = "speakerstats.$DOMAIN"
app_id="$APP_ID";
app_secret="$SECRET_APP";
modules_enabled = {
"speakerstats";
-- "conference_duration";
}
P_SR
echo -e "\nUse the following for your App (e.g. Rocket.Chat):\n"
echo -e "\nAPP_ID: $APP_ID" && \
echo -e "SECRET_APP: $SECRET_APP\n"
echo -e "You can test JWT authentication with the following token:\n"
pyjwt3 --key="$SECRET_APP" \
encode \
group="Rocket.Chat" \
aud="$APP_ID" \
iss="$APP_ID" \
sub="$DOMAIN" \
room="*" \
algorithm="HS256"
read -n 1 -s -r -p $'\n'"Press any key to continue..."$'\n'

View File

@ -1,40 +0,0 @@
# Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
Enable transcription on jitsi meet config.js file.
diff --git a/etc/jitsi/meet/${DOMAIN}-config.js b/etc/jitsi/meet/${DOMAIN}-config.js
index f412891..f704157 100644
--- a/etc/jitsi/meet/${DOMAIN}-config.js
+++ b/etc/jitsi/meet/${DOMAIN}-config.js
@@ -426,9 +426,9 @@ var config = {
// autoCaptionOnRecord: false,
// Transcription options.
- // transcription: {
+ transcription: {
// // Whether the feature should be enabled or not.
- // enabled: false,
+ enabled: true,
// // Translation languages.
// // Available languages can be found in
@@ -443,7 +443,7 @@ var config = {
// // detected based on the environment, e.g. if the app is opened in a chrome instance which
// // is using french as its default language then transcriptions for that participant will be in french.
// // Defaults to true.
- // useAppLanguage: true,
+ useAppLanguage: true,
// // Transcriber language. This settings will only work if "useAppLanguage"
// // is explicitly set to false.
@@ -453,7 +453,7 @@ var config = {
// // Enables automatic turning on transcribing when recording is started
// autoTranscribeOnRecord: false,
- // },
+ },
// Misc

View File

@ -1,80 +0,0 @@
# Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
Modify sip-communicator.properties to run Jigasi along with VOSK Models.
diff --git a/etc/jitsi/jigasi/sip-communicator.properties b/etc/jitsi/jigasi/sip-communicator.properties
index 7a8d0f3..ae5369a 100644
--- a/etc/jitsi/jigasi/sip-communicator.properties
+++ b/etc/jitsi/jigasi/sip-communicator.properties
@@ -165,12 +165,12 @@ org.jitsi.jigasi.xmpp.acc.USE_DEFAULT_STUN_SERVER=false
# If you want jigasi to perform authenticated login instead of anonymous login
# to the XMPP server, you can set the following properties.
-# org.jitsi.jigasi.xmpp.acc.USER_ID=SOME_USER@SOME_DOMAIN
-# org.jitsi.jigasi.xmpp.acc.PASS=SOME_PASS
-# org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false
+org.jitsi.jigasi.xmpp.acc.USER_ID=transcriber@recorder.${DOMAIN}
+org.jitsi.jigasi.xmpp.acc.PASS=${JIG_TRANSC_PASWD}
+org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false
# To fix SSL/TLS required by client but not supported by server
-#org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true
+org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true
# Can be used in combination with jitsi-meet module mod_auth_jitsi-shared-secret
# To have jigasi use a random username on every call
@@ -187,7 +187,7 @@ org.jitsi.jigasi.xmpp.acc.USE_DEFAULT_STUN_SERVER=false
# Activate this property if you are using self-signed certificates or other
# type of non-trusted certicates. In this mode your service trust in the
# remote certificates always.
-# net.java.sip.communicator.service.gui.ALWAYS_TRUST_MODE_ENABLED=true
+net.java.sip.communicator.service.gui.ALWAYS_TRUST_MODE_ENABLED=true
# Enable this property to be able to shutdown gracefully jigasi using
# a rest command
@@ -196,31 +196,31 @@ org.jitsi.jigasi.xmpp.acc.USE_DEFAULT_STUN_SERVER=false
# Options regarding Transcription. Read the README for a detailed description
# about each property
-#org.jitsi.jigasi.ENABLE_TRANSCRIPTION=false
-#org.jitsi.jigasi.ENABLE_SIP=true
+org.jitsi.jigasi.ENABLE_TRANSCRIPTION=true
+org.jitsi.jigasi.ENABLE_SIP=false
# whether to use the more expensive, but better performing
# "video" model when doing transcription
# org.jitsi.jigasi.transcription.USE_VIDEO_MODEL = false
# delivering final transcript
-# org.jitsi.jigasi.transcription.DIRECTORY=/var/lib/jigasi/transcripts
-# org.jitsi.jigasi.transcription.BASE_URL=http://localhost/
-# org.jitsi.jigasi.transcription.jetty.port=-1
-# org.jitsi.jigasi.transcription.ADVERTISE_URL=false
+org.jitsi.jigasi.transcription.DIRECTORY=/var/lib/jigasi/transcripts
+org.jitsi.jigasi.transcription.BASE_URL=http://localhost/
+org.jitsi.jigasi.transcription.jetty.port=-1
+org.jitsi.jigasi.transcription.ADVERTISE_URL=false
# save formats
-# org.jitsi.jigasi.transcription.SAVE_JSON=false
-# org.jitsi.jigasi.transcription.SAVE_TXT=true
+org.jitsi.jigasi.transcription.SAVE_JSON=false
+org.jitsi.jigasi.transcription.SAVE_TXT=true
# send formats
-# org.jitsi.jigasi.transcription.SEND_JSON=true
-# org.jitsi.jigasi.transcription.SEND_TXT=false
+org.jitsi.jigasi.transcription.SEND_JSON=true
+org.jitsi.jigasi.transcription.SEND_TXT=false
# Vosk server
-# org.jitsi.jigasi.transcription.customService=org.jitsi.jigasi.transcription.VoskTranscriptionService
+org.jitsi.jigasi.transcription.customService=org.jitsi.jigasi.transcription.VoskTranscriptionService
# org.jitsi.jigasi.transcription.vosk.websocket_url={"en": "ws://localhost:2700", "fr": "ws://localhost:2710"}
-# org.jitsi.jigasi.transcription.vosk.websocket_url=ws://localhost:2700
+org.jitsi.jigasi.transcription.vosk.websocket_url=ws://localhost:2700
# Whisper live transcription server
# org.jitsi.jigasi.transcription.customService=org.jitsi.jigasi.transcription.WhisperTranscriptionService

View File

@ -1,66 +0,0 @@
# Quick Jibri Installer - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
Patch jitsi-meet config.js to enable recording and livestreaming by default.
diff --git a/etc/jitsi/meet/${DOMAIN}-config.js b/etc/jitsi/meet/${DOMAIN}-config.js
index dcb860b..8f64c7c 100644
--- a/etc/jitsi/meet/${DOMAIN}-config.js
+++ b/etc/jitsi/meet/${DOMAIN}-config.js
@@ -343,12 +343,12 @@ var config = {
// // showPrejoinWarning: true,
// },
- // recordingService: {
+ recordingService: {
// // When integrations like dropbox are enabled only that will be shown,
// // by enabling fileRecordingsServiceEnabled, we show both the integrations
// // and the generic recording service (its configuration and storage type
// // depends on jibri configuration)
- // enabled: false,
+ enabled: true,
// // Whether to show the possibility to share file recording with other people
// // (e.g. meeting participants), based on the actual implementation
@@ -357,7 +357,7 @@ var config = {
// // Hide the warning that says we only store the recording for 24 hours.
// hideStorageWarning: false,
- // },
+ },
// DEPRECATED. Use recordingService.enabled instead.
// fileRecordingsServiceEnabled: false,
@@ -368,7 +368,7 @@ var config = {
// Local recording configuration.
// localRecording: {
// // Whether to disable local recording or not.
- // disable: false,
+ // disable: true,
// // Whether to notify all participants when a participant is recording locally.
// notifyAllParticipants: false,
@@ -378,9 +378,9 @@ var config = {
// },
// Customize the Live Streaming dialog. Can be modified for a non-YouTube provider.
- // liveStreaming: {
+ liveStreaming: {
// // Whether to enable live streaming or not.
- // enabled: false,
+ enabled: true,
// // Terms link
// termsLink: 'https://www.youtube.com/t/terms',
// // Data privacy link
@@ -388,8 +388,8 @@ var config = {
// // RegExp string that validates the stream key input field
// validatorRegExpString: '^(?:[a-zA-Z0-9]{4}(?:-(?!$)|$)){4}',
// // Documentation reference for the live streaming feature.
- // helpLink: 'https://jitsi.org/live'
- // },
+ helpLink: 'https://forge.switnet.net/switnet/quick-jibri-installer'
+ },
// DEPRECATED. Use liveStreaming.enabled instead.
// liveStreamingEnabled: false,

View File

@ -1,31 +0,0 @@
# Quick Jibri Installer - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
Patch jitsi-meet config.js to enable/disable welcome page.
diff --git a/etc/jitsi/meet/${DOMAIN}-config.js b/etc/jitsi/meet/${DOMAIN}-config.js
index dcb860b..2094287 100644
--- a/etc/jitsi/meet/${DOMAIN}-config.js
+++ b/etc/jitsi/meet/${DOMAIN}-config.js
@@ -664,13 +664,13 @@ var config = {
// enableWelcomePage: true,
// Configs for welcome page.
- // welcomePage: {
- // // Whether to disable welcome page. In case it's disabled a random room
- // // will be joined when no room is specified.
- // disabled: false,
- // // If set, landing page will redirect to this URL.
- // customUrl: ''
- // },
+ welcomePage: {
+ // Whether to disable welcome page. In case it's disabled a random room
+ // will be joined when no room is specified.
+ disabled: ${ENABLE_WELCP_BOL},
+ // If set, landing page will redirect to this URL.
+ customUrl: ''
+ },
// Configs for the lobby screen.
// lobby: {

File diff suppressed because it is too large Load Diff

View File

@ -1,85 +0,0 @@
#!/bin/bash
# Automated AWS generic kernel setup for jibri.
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
wait_seconds() {
secs=$(($1))
while [ $secs -gt 0 ]; do
echo -ne "$secs\033[0K\r"
sleep 1
: $((secs--))
done
}
echo "####
# WARNING: Only use this script if you know what you are doing.
# Under your own risk.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY.
####"
# Check if user is root
if [ "$UID" != 0 ]; then
echo You need to run this script as root or sudo rights!
exit 1
fi
TMP_DIR="$(mktemp -d)"
KERNEL_LOG="$TMP_DIR/kernel_log"
GRUB_FILE="/etc/default/grub"
echo -e "# Check and update HWE kernel if possible...\n"
apt-get -q2 update
HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")"
if [ "$HWE_VIR_MOD" = "1" ]; then
apt-get -y install \
linux-image-generic-hwe-"$(lsb_release -sr)" \
linux-tools-generic-hwe-"$(lsb_release -sr)"
else
apt-get -y install \
linux-image-generic \
linux-modules-extra-"$(uname -r)"
fi
apt-get -y autoremove
apt-get autoclean
#Write update-grub output
update-grub > "$KERNEL_LOG" 2>&1
#Get clean output
awk -F'boot/' '{print$2}' < "$KERNEL_LOG"|sed '/^[[:space:]]*$/d' | \
tee "$KERNEL_LOG".tmp
mv "$KERNEL_LOG".tmp "$KERNEL_LOG"
echo -e "Check if AWS kernel is installed.\n"
[ "$(grep -wc aws "$KERNEL_LOG")" = 0 ] && echo "No AWS kernel found, exiting..." && exit
#Get kernel number
RAW_KERNEL_NUM="$(grep -Fn generic "$KERNEL_LOG"|head -n1|cut -d ':' -f1)"
FIXED_KERNEL_NUM="$(awk "BEGIN{ print $RAW_KERNEL_NUM - 1 }")"
echo -e "Set up GRUB for custom kernel.\n"
sed -i "s|GRUB_DEFAULT=.*|GRUB_DEFAULT=\"1\>$FIXED_KERNEL_NUM\"|" "$GRUB_FILE"
echo -e "Saving changes...\n"
update-grub
echo "Time to reboot..."
echo "Rebooting in..."
wait_seconds 15
reboot

View File

@ -1,45 +0,0 @@
#!/bin/bash
# Simple Fail2ban configuration
# SwITNet Ltd © - 2024, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
apt-get -y install fail2ban
if \
[ -f /var/log/ssh_f2b.log ] && \
[ "$(grep -c 604800 /etc/fail2ban/jail.local)" = "1" ] && \
[ "$(grep -c ssh_f2b.log /etc/fail2ban/jail.local)" = "1" ]; then
echo -e "\nFail2ban seems to be already configured.\n"
else
echo -e "\nConfiguring Fail2ban...\n"
cat << F2BAN >> /etc/fail2ban/jail.local
[sshd]
enabled = true
port = 22
filter = sshd
logpath = /var/log/ssh_f2b.log
maxretry = 3
bantime = 604800
F2BAN
fi
systemctl restart fail2ban

View File

@ -1,207 +0,0 @@
#!/bin/bash
# Simple Jibri conf updater
# SwITNet Ltd © - 2024, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
echo -e '
########################################################################
Welcome to Jibri Config Upgrader
########################################################################
by Software, IT & Networks Ltd
\n'
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
echo "Checking for updates...."
apt -q2 update
apt install -y \
apt-show-versions \
jq
echo -e "\n# Check for jibri\n"
if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo "Jibri is installed, checking version:"
apt-show-versions jibri
else
echo "Wait!, jibri is not installed on this system using apt, exiting..."
exit
fi
if [ -d /etc/prosody/ ];then
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
fi
CONF_JSON="/etc/jitsi/jibri/config.json"
JIBRI_CONF="/etc/jitsi/jibri/jibri.conf"
DIR_RECORD="/var/jbrecord"
REC_DIR="/home/jibri/finalize_recording.sh"
JibriBrewery="JibriBrewery"
check_read_vars() {
echo "Checking $1"
if [ -z "$2" ];then
echo "This variable seems wrong, please check before continue"
exit 1
fi
}
restart_services_jibri() {
if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ]
then
systemctl restart jibri
systemctl restart jibri-icewm
systemctl restart jibri-xorg
else
echo "Jibri service not installed"
fi
}
#Prevent re-run on completed jibri upgraded instance
if [ -f "$CONF_JSON"_disabled ] && \
[ -f "$JIBRI_CONF" ] && \
[ -f "$JIBRI_CONF"-dpkg-file ]; then
echo -e "\n> This jibri config has been upgraded already, we'll exit...\n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
exit
elif [ ! -f "$CONF_JSON" ] && \
[ -f "$JIBRI_CONF" ] && \
[ -f "$JIBRI_CONF"-dpkg-file ]; then
echo -e "\n> This jibri seems to be running the latest configuration already, we'll exit...\n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
exit
elif [ -f "$CONF_JSON" ] && \
[ -f "$JIBRI_CONF" ]; then
echo -e "\n> This jibri config seems to be candidate for upgrading, we'll continue...\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
fi
#Read missing variables
if [ -f "$CONF_JSON" ]; then
echo "Reading current config.json file..."
if [ -z "$DOMAIN" ]; then
DOMAIN="$(jq .xmpp_environments[0].xmpp_domain $CONF_JSON|cut -d '"' -f2)"
fi
JB_NAME="$(jq .xmpp_environments[0].name $CONF_JSON|cut -d '"' -f2)"
JB_AUTH_PASS="$(jq .xmpp_environments[0].control_login.password $CONF_JSON|cut -d '"' -f2)"
JB_REC_PASS="$(jq .xmpp_environments[0].call_login.password $CONF_JSON|cut -d '"' -f2)"
JB_NICKN="$(jq .xmpp_environments[0].control_muc.nickname $CONF_JSON|cut -d '"' -f2)"
else
echo "Can't find the instance config.json file, exiting..."
exit
fi
check_read_vars "Jibri Name" "$JB_NAME"
check_read_vars "(Main server) Domain" "$DOMAIN"
check_read_vars "Control login passwd" "$JB_AUTH_PASS"
check_read_vars "Call login passwd" "$JB_REC_PASS"
check_read_vars "Jibri Node nickname" "$JB_NICKN"
if [ "$MODE" = "debug" ]; then
echo "$JB_NAME"
echo "$DOMAIN"
echo "$JB_AUTH_PASS"
echo "$JB_REC_PASS"
echo "$JB_NICKN"
fi
#Backup and setup new conf file
echo -e "Backing up config.json for historical purposes at:\n ${CONF_JSON}_disabled"
mv "$CONF_JSON" "${CONF_JSON}"_disabled
mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file
cat << NEW_CONF > "$JIBRI_CONF"
// New XMPP environment config.
jibri {
recording {
recordings-directory = $DIR_RECORD
finalize-script = $REC_DIR
}
api {
xmpp {
environments = [
{
// A user-friendly name for this environment
name = "$JB_NAME"
// A list of XMPP server hosts to which we'll connect
xmpp-server-hosts = [ "$DOMAIN" ]
// The base XMPP domain
xmpp-domain = "$DOMAIN"
// The MUC we'll join to announce our presence for
// recording and streaming services
control-muc {
domain = "internal.auth.$DOMAIN"
room-name = "$JibriBrewery"
nickname = "$JB_NICKN"
}
// The login information for the control MUC
control-login {
domain = "auth.$DOMAIN"
username = "jibri"
password = "$JB_AUTH_PASS"
}
// An (optional) MUC configuration where we'll
// join to announce SIP gateway services
// sip-control-muc {
// domain = "domain"
// room-name = "room-name"
// nickname = "nickname"
// }
// The login information the selenium web client will use
call-login {
domain = "recorder.$DOMAIN"
username = "recorder"
password = "$JB_REC_PASS"
}
// The value we'll strip from the room JID domain to derive
// the call URL
strip-from-room-domain = "conference."
// How long Jibri sessions will be allowed to last before
// they are stopped. A value of 0 allows them to go on
// indefinitely
usage-timeout = 0 hour
// Whether or not we'll automatically trust any cert on
// this XMPP domain
trust-all-xmpp-certs = true
}
]
}
}
}
NEW_CONF
echo "Check final jibri.conf file:"
cat "$JIBRI_CONF"
read -n 1 -s -r -p "Press any key to continue..."
restart_services_jibri
systemctl status jibri
if [ -f /var/log/jitsi/jicofo.log ]; then
echo -e "Checking for jicofo recognizing \"Live\" jibri node..."
tail -n 10 | grep Live
fi

View File

@ -1,123 +0,0 @@
#!/bin/bash
# Simple Jibri resolution enhancer
# SwITNet Ltd © - 2024, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
# Make sure jibri is installed
if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo "Good Jibri is installed on this server"
else
echo "Jibri is not on this system, it is a requirement.
Exiting..."
exit
fi
apt-get -y install apt-show-versions
JIBRI_OPT="/opt/jitsi/jibri"
JIBRI_ENH_PATH="/opt/jibri-res-enhancer"
INSTALLED_JIBRI_VERSION="$(apt-show-versions jibri|awk '{print$2}')"
#Check if already run
if [ -f "$JIBRI_OPT/jibri-res_enh.jar" ] && \
[ -d "$JIBRI_ENH_PATH" ]; then
echo "Seems this tools have been run before..."
exit
fi
mkdir /tmp/jibri
cd /tmp/jibri || exit
#Get md5sum for current jibri installed.
apt-get download jibri="$INSTALLED_JIBRI_VERSION"
ar x jibri_*.deb
tar xvf data.tar.xz
UPSTREAM_DEB_JAR_SUM="$(md5sum 2>/dev/null /tmp/jibri/opt/jitsi/jibri/jibri.jar |awk '{print$1}')"
if [ -z "$UPSTREAM_DEB_JAR_SUM" ]; then
echo "Not possible to continue, exiting..."
exit
fi
#Compile requisites
apt-get -y install devscripts \
git \
maven \
openjdk-11-jdk
#Build repository
git clone https://github.com/jitsi/jibri "$JIBRI_ENH_PATH"
cd "$JIBRI_ENH_PATH" || exit
# Default values
## videoEncodePreset - "veryfast" || h264ConstantRateFactor - 25
# Recomemended values based on: https://trac.ffmpeg.org/wiki/Encode/H.264#crf
## videoEncodePreset - "medium" || h264ConstantRateFactor - 17
sed -i "/videoEncodePreset/s|String =.*|String = \"medium\",|" src/main/kotlin/org/jitsi/jibri/capture/ffmpeg/FfmpegCapturer.kt
sed -i "/h264ConstantRateFactor/s|Int =.*|Int = 17,|" src/main/kotlin/org/jitsi/jibri/capture/ffmpeg/FfmpegCapturer.kt
mvn package
JIBRI_JAR="$(find "$JIBRI_ENH_PATH" -name \*.jar|awk '/dependencies/{print}'|awk 'NR==1{print}')"
cp "$JIBRI_ENH_PATH"/target/"$JIBRI_JAR" "$JIBRI_ENH_PATH"/target/jibri.jar
# Backing up default binaries
if [ "$UPSTREAM_DEB_JAR_SUM" = "$(md5sum 2>/dev/null $JIBRI_OPT/jibri.jar|awk '{print$1}')" ]; then
cp "$JIBRI_OPT"/jibri.jar "$JIBRI_OPT"/jibri-dpkg-package.jar
fi
# Migrate original to enhanced jibri
cp "$JIBRI_ENH_PATH"/target/jibri.jar "$JIBRI_OPT"/jibri-res_enh.jar
if [ -f "$JIBRI_OPT"/jibri-dpkg-package.jar ];then
cp "$JIBRI_OPT"/jibri-res_enh.jar "$JIBRI_OPT"/jibri.jar
fi
JIBRI_RES_ENH_HASH="$(md5sum 2>/dev/null $JIBRI_OPT/jibri-res_enh.jar|awk '{print$1}')"
USED_JIBRI_HASH="$(md5sum 2>/dev/null $JIBRI_OPT/jibri.jar|awk '{print$1}')"
if [ "$JIBRI_RES_ENH_HASH" = "$USED_JIBRI_HASH" ]; then
echo "Everything seems to have gone well."
else
echo "Something went wrong, restoring default package..."
if [ "$(md5sum 2>/dev/null $JIBRI_OPT/jibri-dpkg-package.jar|awk '{print$1}')" = "$UPSTREAM_DEB_JAR_SUM" ]; then
cp "$JIBRI_OPT"/jibri-dpkg-package.jar "$JIBRI_OPT"/jibri.jar
CLEAN="true"
else
if [ -f /tmp/jibri/opt/jitsi/jibri/jibri.jar ]; then
echo "Restoring from upstream package..."
cp /tmp/jibri/opt/jitsi/jibri/jibri.jar "$JIBRI_OPT"/jibri.jar
CLEAN="true"
else
echo "Wow, someone took the time to avoid restoration, please manually review your changes."
echo "Exiting..."
exit
fi
fi
fi
if [ "$CLEAN" = "true" ]; then
rm -r /tmp/jibri
rm -r "$JIBRI_ENH_PATH"
rm /opt/jitsi/jibri/jibri-res_enh.jar
fi
systemctl restart jibri
echo "This will be a good time to test the enhanced resolution."

View File

@ -1,138 +0,0 @@
#!/bin/bash
# Automated PHP environment build for Nextcloud.
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
PHPVER=$1
STABLE_PHP="$(apt-cache madison php|grep -v ppa|awk -F'[:+]' 'NR==1{print $2}')"
DISTRO_RELEASE="$(lsb_release -sc)"
PHP_REPO="$(apt-cache policy | awk '/http/&&/php/{print$2}' | awk -F "/" 'NR==1{print$5}')"
PHP_REPO_URL="http://ppa.launchpad.net/ondrej/php/ubuntu"
PHP_FPM_DIR="/etc/php/$PHPVER/fpm"
PHP_INI="$PHP_FPM_DIR/php.ini"
PHP_CONF="/etc/php/$PHPVER/fpm/pool.d/www.conf"
TMP_GPG_REPO="$(mktemp -d)"
if [ $# -ne 1 ]; then
echo "Usage: $0 8.2"
exit 1
fi
install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " $1 is installed, skipping..."
else
printf "\n---- Installing %s ----" "$1"
apt-get -yq2 install "$1"
fi
}
install_aval_package() {
for i in $1
do
if [ -z "$(apt-cache madison "$i" 2>/dev/null)" ]; then
echo " > Package $i not available on repo."
else
echo " > Add package $i to the install list"
packages="$packages $i"
fi
done
echo "$packages"
apt-get -y install $packages #< don't quote.
packages=""
}
add_gpg_keyring() {
apt-key adv --recv-keys --keyserver keyserver.ubuntu.com "$1"
apt-key export "$1" | gpg --dearmour | tee "$TMP_GPG_REPO"/"$1".gpg >/dev/null
apt-key del "$1"
mv "$TMP_GPG_REPO"/"$1".gpg /etc/apt/trusted.gpg.d/
}
add_php_repo() {
if [ "$PHP_REPO" = "php" ]; then
echo "PHP $PHPVER already installed"
apt-get -q2 update
apt-get -yq2 dist-upgrade
else
echo "# Adding Ondrej PHP $PHPVER PPA Repository"
add_gpg_keyring E5267A6C
echo "deb [arch=amd64] $PHP_REPO_URL $DISTRO_RELEASE main" | \
tee /etc/apt/sources.list.d/php"$PHPVER".list
apt-get update -q2
fi
}
add_php_repo
install_aval_package " \
imagemagick \
php$PHPVER-fpm \
php$PHPVER-bcmath \
php$PHPVER-bz2 \
php$PHPVER-cli \
php$PHPVER-cgi \
php$PHPVER-curl \
php$PHPVER-gd \
php$PHPVER-gmp \
php$PHPVER-imagick \
php$PHPVER-intl \
php$PHPVER-json \
php$PHPVER-ldap \
php$PHPVER-mbstring \
php$PHPVER-pgsql \
php$PHPVER-redis \
php$PHPVER-soap \
php$PHPVER-xml \
php$PHPVER-xmlrpc \
php$PHPVER-zip \
redis-server \
unzip \
"
#System related
install_ifnot smbclient
sed -i "s|.*env\[HOSTNAME\].*|env\[HOSTNAME\] = \$HOSTNAME|" "$PHP_CONF"
sed -i "s|.*env\[PATH\].*|env\[PATH\] = /usr/local/bin:/usr/bin:/bin|" "$PHP_CONF"
sed -i "s|.*env\[TMP\].*|env\[TMP\] = /tmp|" "$PHP_CONF"
sed -i "s|.*env\[TMPDIR\].*|env\[TMPDIR\] = /tmp|" "$PHP_CONF"
sed -i "s|.*env\[TEMP\].*|env\[TEMP\] = /tmp|" "$PHP_CONF"
sed -i "s|;clear_env = no|clear_env = no|" "$PHP_CONF"
echo "
Tunning PHP.ini...
"
# Change values in php.ini (increase max file size)
# max_execution_time
sed -i "s|max_execution_time =.*|max_execution_time = 3500|g" "$PHP_INI"
# max_input_time
sed -i "s|max_input_time =.*|max_input_time = 3600|g" "$PHP_INI"
# memory_limit
sed -i "s|memory_limit =.*|memory_limit = 512M|g" "$PHP_INI"
# post_max
sed -i "s|post_max_size =.*|post_max_size = 1025M|g" "$PHP_INI"
# upload_max
sed -i "s|upload_max_filesize =.*|upload_max_filesize = 1024M|g" "$PHP_INI"
phpenmod opcache
{
echo "# OPcache settings for Nextcloud"
echo "opcache.enable=1"
echo "opcache.enable_cli=1"
echo "opcache.interned_strings_buffer=8"
echo "opcache.max_accelerated_files=10000"
echo "opcache.memory_consumption=256"
echo "opcache.save_comments=1"
echo "opcache.revalidate_freq=1"
echo "opcache.validate_timestamps=1"
} >> "$PHP_INI"
update-alternatives --set php /usr/bin/php"$STABLE_PHP"
update-alternatives --set php-fpm.sock /run/php/php"$STABLE_PHP"-fpm.sock
update-alternatives --set php-cgi /usr/bin/php-cgi"$STABLE_PHP"
update-alternatives --set php-cgi-bin /usr/lib/cgi-bin/php"$STABLE_PHP"
update-alternatives --set phar /usr/bin/phar"$STABLE_PHP"
update-alternatives --set phar.phar /usr/bin/phar.phar"$STABLE_PHP"
systemctl restart php"$PHPVER"-fpm.service

View File

@ -1,144 +0,0 @@
#!/bin/bash
#Start over
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
wait_seconds() {
secs=$(($1))
while [ $secs -gt 0 ]; do
echo -ne "$secs\033[0K\r"
sleep 1
: $((secs--))
done
}
remove_residuals() {
if [ -d "$1" ]; then
rm -r "$1"
fi
}
purge_debconf() {
echo PURGE | debconf-communicate "$1"
}
remove_services() {
systemctl disable "$1"
systemctl stop "$1"
}
echo -e '
########################################################################
Welcome to the Start Over cleaner script
########################################################################
by Software, IT & Networks Ltd
\n'
SYNC_USER="$(find /home -maxdepth 1 -type d |awk '/jbsync/{print}')"
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
echo "We are about to remove and clean all the jitsi-meet platform bits and pieces...
Please make sure you have backed up anything you don't want to loose."
echo "
# WARGNING #: This is only recommended if you want to start over a failed installation,
or plain and simple remove jitsi from your system."
while [[ "$CONTINUE_PURGE1" != "yes" && "$CONTINUE_PURGE1" != "no" ]]
do
read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_PURGE1
if [ "$CONTINUE_PURGE1" = "no" ]; then
echo " Good, see you next time..."
exit
elif [ "$CONTINUE_PURGE1" = "yes" ]; then
echo ""
fi
done
echo "Let me ask just one more time..."
while [[ "$CONTINUE_PURGE2" != "yes" && "$CONTINUE_PURGE2" != "no" ]]
do
read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_PURGE2
if [ "$CONTINUE_PURGE2" = "no" ]; then
echo " Good, see you next time..."
exit
elif [ "$CONTINUE_PURGE2" = "yes" ]; then
echo "No going back, let's start..."
wait_seconds 10
fi
done
#Purging all jitsi meet packages
apt-get -y purge jibri \
jicofo \
jigasi \
jitsi-meet \
jitsi-meet-web \
jitsi-meet-web-config \
jitsi-meet-prosody \
jitsi-meet-turnserver \
jitsi-videobridge2 \
prosody
#Chome related packages
apt-get -y purge google-chrome-stable
rm /usr/local/bin/chromedriver
#Services stop
remove_services jibri
remove_services jibri-icewm
remove_services jibri-xorg
#Cleaning packages
apt-get -y autoremove
apt-get clean
#Removing residual files
remove_residuals /etc/jitsi
remove_residuals /opt/jitsi
remove_residuals /usr/share/jicofo
remove_residuals /usr/share/jitsi-*
#Clean /etc/hosts
sed -i "/$DOMAIN/d" /etc/hosts
echo "#Purging debconf db"
purge_debconf jicofo
purge_debconf jigasi
purge_debconf jitsi-meet
purge_debconf jitsi-meet-prosody
purge_debconf jitsi-meet-turnserver
purge_debconf jitsi-meet-web-config
purge_debconf jitsi-videobridge2
#Remove unused users & groups
if [ -n "$SYNC_USER" ]; then
deluser --remove-home "$SYNC_USER"
fi
if [ -d /home/jibri ]; then
deluser --remove-home jibri
rm -r /home/jibri
fi
groupdel jibri
#Remove crontab
crontab -l | grep -v '@weekly certbot renew --nginx' | crontab -
crontab -l
echo "We are done..."

View File

@ -1,238 +0,0 @@
#!/bin/bash
# Simple Jibri Env tester
# SwITNet Ltd © - 2024, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
echo -e '
########################################################################
Welcome to Jibri Environment Tester
########################################################################
by Software, IT & Networks Ltd
\n'
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
echo "Checking for updates...."
apt-get -q2 update
apt-get -yq2 install apt-show-versions \
curl
check_google_binaries() {
if [ -z "$2" ]; then
echo "Warning: No $1 doesn't seem installed"
else
echo "$2"
fi
}
# True if $1 is greater than $2
version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
JITSI_REPO="$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f1)"
SND_AL_MODULE=$(lsmod | awk '{print$1}'| grep snd_aloop)
HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")"
CONF_JSON="/etc/jitsi/jibri/config.json"
JIBRI_CONF="/etc/jitsi/jibri/jibri.conf"
JMS_DOMAIN="$(awk -F '"' '/xmpp-domain/{print$2}' "$JIBRI_CONF")"
CHDB="$(whereis chromedriver | awk '{print$2}')"
CHD_VER_LOCAL="$($CHDB --version 2>/dev/null| awk '{print$1,$2}')"
GOOGL_VER_LOCAL="$(/usr/bin/google-chrome --version 2>/dev/null)"
CHD_VER_2D="$(echo "$CHD_VER_LOCAL"|awk '{print$2}'|cut -d "." -f 1,2)"
GOOGL_VER_2D="$(echo "$GOOGL_VER_LOCAL"|awk '{print$3}'|cut -d "." -f 1,2)"
CHD_LTST="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
CHD_LTST_2D="$(echo "$CHD_LTST"|cut -d "." -f 1,2)"
#T1
echo -e "\n#1 -- Check repository --\n"
if [ -z "$JITSI_REPO" ]; then
echo "No repository detected, wait whaaaat?..."
while [[ "$CONT_TEST" != "yes" && "$CONT_TEST" != "no" ]]
do
read -p "> Do you still want to continue the test?: (yes or no)"$'\n' -r CONT_TEST
if [ "$CONT_TEST" = "no" ]; then
echo "Exiting..."
exit
elif [ "$CONT_TEST" = "yes" ]; then
echo "Hmm, seems there won't be anything to test, continuing anyway..."
T1=0
fi
done
else
echo "This installation is using the \"$JITSI_REPO\" repository."
T1=1
fi
#T2
echo -e "\n#2 -- Check latest updates for jibri --\n"
if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo "Jibri is installed, checking version:"
apt-show-versions jibri
else
echo "Wait!, jibri is not installed on this system using apt, exiting..."
exit
fi
if [ "$(apt-show-versions jibri | grep -c "uptodate")" = "1" ]; then
echo -e "Jibri is already up to date: \xE2\x9C\x94"
else
echo -e "\nAttempting jibri upgrade!"
apt-get -y install --only-upgrade jibri
fi
T2=1
#T3
echo -e "\n#3 -- Check Google Chrome/driver software. --\n"
check_google_binaries "Google Chrome" "$GOOGL_VER_LOCAL"
check_google_binaries "Chromedriver" "$CHD_VER_LOCAL"
if [ -n "$CHD_VER_LOCAL" ] && [ -n "$GOOGL_VER_LOCAL" ]; then
# Chrome upgrade process
if [ "$(apt-show-versions google-chrome-stable | grep -c "uptodate")" = "1" ]; then
echo -e "Google Chrome is already up to date: \xE2\x9C\x94"
else
echo -e "\nAttempting Google Chrome upgrade!"
apt-get -yq install --only-upgrade google-chrome-stable
fi
# Only upgrade chromedriver if it's on a lower version, not just a different one.
if [ "$CHD_VER_2D" = "$GOOGL_VER_2D" ]; then
echo -e "\nChromedriver version seems according to Google Chrome: \xE2\x9C\x94"
T3=1
elif version_gt "$GOOGL_VER_2D" "$CHD_VER_2D" && \
[ "$GOOGL_VER_2D" = "$CHD_LTST_2D" ]; then
echo -e "\nAttempting Chromedriver update!"
wget -q https://chromedriver.storage.googleapis.com/"$CHD_LTST"/chromedriver_linux64.zip \
-O /tmp/chromedriver_linux64.zip
unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/
chown root:root "$CHDB"
chmod 0755 "$CHDB"
rm -rf /tpm/chromedriver_linux64.zip
if [ "$($CHDB -v | awk '{print $2}'|cut -d "." -f 1,2)" = "$GOOGL_VER_2D" ]; then
echo "Successful update"
T3=1
else
echo "Something might gone wrong on the update process, please report."
T3=0
fi
else
T3=0
fi
else
T3=0
fi
#T4
echo -e "\n#4 -- Test kernel modules --\n"
if [ -z "$SND_AL_MODULE" ]; then
#First make sure the recommended kernel is installed.
if [ "$HWE_VIR_MOD" = "1" ]; then
apt-get -y install \
linux-image-generic-hwe-"$(lsb_release -sr)"
else
apt-get -y install \
linux-image-generic \
linux-modules-extra-"$(uname -r)"
fi
echo -e "\nNo module snd_aloop detected. \xE2\x9C\x96 <== IMPORTANT! \nCurrent kernel: $(uname -r)\n"
echo -e "\nIf you just installed a new kernel, \
please try rebooting.\nFor now wait 'til the end of the recommended kernel installation."
echo "# Check and Install HWE kernel if possible..."
if uname -r | grep -q aws;then
KNL_HWE="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)"|awk 'NR==1{print$3}'|cut -d "." -f1-4)"
KNL_MENU="$(awk -F\' '/menuentry / {print $2}' /boot/grub/grub.cfg|awk '!/recovery/&&/generic/{print$3,$4}'|grep "$KNL_HWE")"
if [ -n "$KNL_MENU" ];then
echo -e "\nSeems you are using an AWS kernel \xE2\x9C\x96 <== IMPORTANT! \nYou might consider modify your grub (/etc/default/grub) to use the following:" && \
echo -e "\n > $KNL_MENU"
fi
fi
T4=0
else
echo -e "Great!, module snd-aloop found. \xE2\x9C\x94"
T4=1
fi
#T5
echo -e "\n#5 -- Test .asoundrc file --\n"
ASRC_MASTER="https://raw.githubusercontent.com/jitsi/jibri/master/resources/debian-package/etc/jitsi/jibri/asoundrc"
ASRC_INSTALLED="/home/jibri/.asoundrc"
ASRC_MASTER_MD5SUM="$(curl -sL "$ASRC_MASTER" | md5sum | cut -d ' ' -f 1)"
ASRC_INSTALLED_MD5SUM="$(md5sum "$ASRC_INSTALLED" | cut -d ' ' -f 1)"
if [ "$ASRC_MASTER_MD5SUM" == "$ASRC_INSTALLED_MD5SUM" ]; then
echo -e "Seems to be using the latest asoundrc file available. \xE2\x9C\x94"
T5=1
else
echo -e "asoundrc files differ, if you have errors, you might wanna check this file \xE2\x9C\x96"
T5=0
fi
#T6
echo -e "\n#6 -- Old or new config --\n"
echo -e "What config version is this using?"
if [ -f "${CONF_JSON}"_disabled ] && \
[ -f "$JIBRI_CONF" ] && \
[ -f "$JIBRI_CONF"-dpkg-file ]; then
echo -e "\n> This jibri config has been upgraded already. \xE2\x9C\x94 \n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
T6=1
elif [ ! -f "$CONF_JSON" ] && \
[ -f "$JIBRI_CONF" ] && \
[ -f "${JIBRI_CONF}"-dpkg-file ]; then
echo -e "\n> This jibri seems to be running the latest configuration already. \xE2\x9C\x94 \n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
T6=1
elif [ -f "${CONF_JSON}" ] && \
[ -f "$JIBRI_CONF" ]; then
echo -e "\n> This jibri config seems to be candidate for upgrading. \xE2\x9C\x96 \nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
T6=0
fi
#T6.1
echo -e "\n#6.1 -- Check for specific Chrome flag --\n"
if [ "$(grep -c "ignore-certificate-errors" $JIBRI_CONF)" != 0 ]; then
echo -e "\n> Seems you have the \"--ignore-certificate-errors\" flag required for Chrome v88 and later. \xE2\x9C\x94 \n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
T6_1="0.1"
else
echo -e "\n> The jibri config may be missing the required chrome flags. \xE2\x9C\x96 \nPlease check:\n https://forge.switnet.net/switnet/quick-jibri-installer/src/branch/master/quick_jibri_installer.sh#L870 \n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
T6_1=0
fi
#T7
echo -e "\n#7 -- Check for open communication port among Jibri and JMS --\n"
if ! nc -z -v -w5 "$JMS_DOMAIN" 5222 ; then
echo -e "Connection failed! \xE2\x9C\x96\n > You might want to check both Jibri & JMS firewall rules (TCP 5222)."
T7=0
else
echo -e "Connection succeeded! \xE2\x9C\x94\n"
T7=1
fi
TEST_TOTAL=$(awk "BEGIN{ print $T1 + $T2 + $T3 + $T4 + $T5 + $T6 + $T6_1 + $T7 }")
echo "
##############################
\
Score: $TEST_TOTAL out of 7.1
##############################
"
echo -e "\nJibri Test complete, thanks for testing.\n"