Compare commits

..

No commits in common. "master" and "v3.0.1" have entirely different histories.

32 changed files with 1589 additions and 5184 deletions

113
README.md
View File

@ -1,121 +1,58 @@
# Quick Jibri Installer # Quick Jibri Installer
Bash installer for Jitsi Meet standalone along with Jibri on supported **Ubuntu LTS** based systems using **nginx** as default webserver. Bash installer for Jibri on **\*buntu LTS** based systems using **nginx** as default webserver.
## Usage ## Usage
As for our current latest release, as we have integrated more and more features, we highly recommend to use a **purpose specific-newly spawn server** to host the jitsi-meet framework, making sure you stick to the requirements and recommendations as much as possible, in order to avoid issues.
**WARNING:** Please, avoid using this installer on your everyday GNU/Linux system, as this is an unsupported use and it will likely BREAK YOUR SYSTEM, so please don't.
### Main Server
Login into your clean server, clone git repository and run the installer,
``` ```
git clone https://forge.switnet.net/switnet/quick-jibri-installer git clone https://github.com/switnet-ltd/quick-jibri-installer
cd quick-jibri-installer cd quick-jibri-installer
sudo bash quick_jibri_installer.sh bash quick-jibri-installer.sh
``` ```
![QJI - Setup](https://raw.githubusercontent.com/wiki/switnet-ltd/quick-jibri-installer/images/qji-diagram-setup.png) Please check more details on our wiki.
If your server meet the necessary resources, then at the end on the installer you should have a working Jitsi Meet Server along with a Jibri server ready to record.
Additional jibris need to be set on separate servers, only necesary on simultaneous recordings for that please use add-jibri-node.sh.
### Add Jibri node
Copy the modified `add-jibri-node.sh` file from your early cloned installation directory once the installation is completed, to the new server meant to be a jibri node using your preferred method, then run it
**WARNING:** This file contains sensitive information from your setup, please handle with care.
```
bash add-jibri-node.sh
```
Please remember that on newer versions, jibri will record on FHD (1920x1080) so please make sure your server have enough CPU power in orther to handle the encoding load.
### Add JVB2 node
Copy the modified `add-jvb2-node.sh` file from your early cloned installation directory once the installation is completed, to the new server meant to be a jibri node using your preferred method, then run it
**WARNING:** This file contains sensitive information from your setup, please handle with care.
```
bash add-jvb2-node.sh
```
Check more details on our wiki.
## Requirements ## Requirements
1. Clean VM/VPS/Server using a supported Ubuntu LTS * Clean VM/VPS/Server using Ubuntu LTS
2. Valid domain with DNS record, **mandatory** for SSL certs via Let's Encrypt. * Valid domain with DNS record, **mandatory** for SSL certs via Let's Encrypt.
3. open ports for JMS interaction, [see wiki](https://forge.switnet.net/switnet/quick-jibri-installer/wiki/Firewall). * Ports open for ACME (SSL) interaction & validation.
4. Starting at 8 GB RAM / 4 Cores @ ~3.0GHz * Minimum recommended for video recording: 8 GB RAM / 2 Cores.
* Adding resources as your audience or features you require, so your experience don't suffer from the lack of resources. * Webcam
5. Webcam
### Jigasi Transcript
* SIP account
* Google Cloud Account with Billing setup.
### Jibri Recodings Access via Nextcloud ### Jibri Recodings Access via Nextcloud
* Valid domain with DNS record for Nextcloud SSL. * Valid domain with DNS record for Nextcloud SSL.
### Jigasi Transcript
* Enough disk space to run Vosk backend via docker container.
## Kernel warning
For AWS users or any cloud service provider that might use their own kernel on their products (servers/vm/vps), might cause Jibri failure to start due not allowing `snd_aloop` module.
Make sure that you update your grub to boot the right one.
Feel free to use our `test-jibri-env.sh` tool to find some details on your current setup.
## Features ## Features
* Enabled Session Recording via Jibri * Enabled Session (video) Recording using Jibri
* Rename Jibri folder with name room + date.
* Jibri node network.
* Automatic Jibri nodes network sync ([see more](https://forge.switnet.net/switnet/quick-jibri-installer/wiki/Setup-and-Jibri-Nodes)).
* JRA (Jibri Recordings Access) via Nextcloud
* Grafana Dashboard
* Etherpad via docker install
* Authentication
1. Local
2. JWT ([#87](https://forge.switnet.net/switnet/quick-jibri-installer/issues/87))
3. None
* Lobby Rooms
* Conference Duration
* Customized brandless mode
* Setting up custom interface_config.js (to be deprecated by upstream)
* JVB2 nodes network.
* Enabled Jitsi Electron app detection server side. * Enabled Jitsi Electron app detection server side.
* Standalone SSL Certbot/LE implementation * Standalone SSL Certbot/LE implementation
* Jigasi Transcript - Speech to Text powered by Google API
* JRA (Jibri Recordings Access) via Nextcloud
* Customized brandless mode
* Improved recurring updater * Improved recurring updater
* Jigasi Transcript - vía Vosk speech recognition toolkit. * (New) Grafana Dashboard
* (New) Lobby Rooms - Secure Rooms
* (New) Conference Duration - Secure Rooms
## Tools
* Jibri Environment Tester
* Jibri Conf Upgrader (late 2020).
* Selenium Grid via Docker
* Start over, installation cleansing tool.
## Optional custom changes ## Optional custom changes
* Optional default language * Optional default language
* Option to enable Secure Rooms * Option to enable Secure Rooms
* Option to enable Welcome page * Option to enable Welcome Page
* Option to enable Close page * Option to enable Local audio recording using flac.
* Option to set domain as hostname on JMS * Option to use Rodentia static avatar (icon credit: sixsixfive) - Legacy
### Modes
* Custom High Performance config
## Custom changes ## Custom changes
* Start with video muted by default * Start with video muted by default
* Start with audio muted but moderator * Start with audio muted but moderator
* Set pre-join screen by default.
* Set displayname as not required since jibri can't set it up.
## Documentation ## Documentation
* Please check our [wiki](https://forge.switnet.net/switnet/quick-jibri-installer/wiki) for further documentation. * Please check our wiki for further documentation.
Please note: This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY. Please note: This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY.
SwITNet Ltd © - 2024, https://switnet.net/ SwITNet Ltd © - 2020, https://switnet.net/

View File

@ -1,18 +1,25 @@
#!/bin/bash #!/bin/bash
# Jibri Node Aggregator # Jibri Node Aggregator
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2020, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
### 0_LAST EDITION TIME STAMP ### ### 0_LAST EDITION TIME STAMP ###
# LETS: AUTOMATED_EDITION_TIME # LETS: AUTOMATED_EDITION_TIME
### 1_LAST EDITION ### ### 1_LAST EDITION ###
#Make sure the file name is the required one
if [ ! "$(basename $0)" = "add-jibri-node.sh" ]; then
echo "For most cases naming won't matter, for this one it does."
echo "Please use the original name for this script: \`add-jibri-node.sh', and run again."
exit
fi
while getopts m: option while getopts m: option
do do
case "${option}" case "${option}"
in in
m) MODE=${OPTARG};; m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; \?) echo "Usage: sudo ./add_jibri_node.sh [-m debug]" && exit;;
esac esac
done done
@ -21,13 +28,6 @@ if [ "$MODE" = "debug" ]; then
set -x set -x
fi fi
#Make sure the file name is the required one
if [ ! "$(basename "$0")" = "add-jibri-node.sh" ]; then
echo "For most cases naming won't matter, for this one it does."
echo "Please use the original name for this script: \`add-jibri-node.sh', and run again."
exit
fi
#Check admin rights #Check admin rights
if ! [ "$(id -u)" = 0 ]; then if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!" echo "You need to be root or have sudo privileges!"
@ -42,94 +42,41 @@ JibriBrewery=TBD
JB_NAME=TBD JB_NAME=TBD
JB_AUTH_PASS=TBD JB_AUTH_PASS=TBD
JB_REC_PASS=TBD JB_REC_PASS=TBD
MJS_USER=TBD
MJS_USER_PASS=TBD
JIBRI_RES_CONF=TBD
JIBRI_RES_XORG_CONF=TBD
THIS_SRV_DIST=$(lsb_release -sc) THIS_SRV_DIST=$(lsb_release -sc)
JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR==1{print$1}') JITSI_REPO=$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f1)
JIBRI_CONF="/etc/jitsi/jibri/jibri.conf" START=0
LAST=TBD
CONF_JSON="/etc/jitsi/jibri/config.json"
DIR_RECORD="/var/jbrecord" DIR_RECORD="/var/jbrecord"
REC_DIR="/home/jibri/finalize_recording.sh" REC_DIR="/home/jibri/finalize_recording.sh"
CHD_VER="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)" CHD_VER="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list" GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list"
GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}')
GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json" GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
#PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)"
NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
NJN_USER="jbnode${ADDUP}_${NJN_RAND_TAIL}"
NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)"
GITHUB_RAW="https://raw.githubusercontent.com"
GIT_REPO="switnet-ltd/quick-jibri-installer"
TEST_JIBRI_ENV="$GITHUB_RAW/$GIT_REPO/unstable/tools/test-jibri-env.sh"
SHORT_ID="$(awk '{print substr($0,0,7)}' /etc/machine-id)"
JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf"
### 1_VAR_DEF ### 1_VAR_DEF
# sed limiters for add-jibri-node.sh variables # sed limiters for add-jibri-node.sh variables
var_dlim() { var_dlim() {
grep -n "$1" add-jibri-node.sh|head -n1|cut -d ":" -f1 grep -n $1 add-jibri-node.sh|head -n1|cut -d ":" -f1
} }
check_var() { check_var() {
if [ "$2" = "TBD" ]; then if [ -z "$2" ]; then
echo -e "Check if variable $1 is set: \xE2\x9C\x96" echo "$1 is not defined, please check. Exiting..."
exit exit
else else
echo -e "Check if variable $1 is set: \xE2\x9C\x94" echo "$1 is set to: $2"
fi fi
} }
#Change in favor of machine-id identifier if [ -z "$LAST" ]; then
crontab -l | { cat; echo "@reboot sed -i \"/[[:space:]]control-muc/,/[[:space:]]control-login/{s|nickname = .*|nickname = \\\"$(cat /etc/machine-id)\\\"|}\" /etc/jitsi/jibri/jibri.conf"; } | crontab - echo "There is an error on the LAST definition, please report."
crontab -l
echo "
#-----------------------------------------------------------------------
# Checking initial necessary variables...
#-----------------------------------------------------------------------"
JMS_DATA=("$MAIN_SRV_DIST" \
"$MAIN_SRV_REPO" \
"$MAIN_SRV_DOMAIN" \
"$JibriBrewery" \
"$JB_NAME" \
"$JB_AUTH_PASS" \
"$JB_REC_PASS" \
"$MJS_USER" \
"$MJS_USER_PASS" \
"$JIBRI_RES_CONF" \
"$JIBRI_RES_XORG_CONF")
JMS_EVAL="${JMS_DATA[0]}"
for i in "${JMS_DATA[@]}"; do
if [[ "$JMS_EVAL" != "$i" ]]; then
ALL_TBD="no"
break
fi
done
if [ "$ALL_TBD" = "no" ];then
echo -e "Good, seems this is not a vanilla copy of add-jibri-node.sh,
let's check variables ...\n"
else
echo -e "You seem to be using a vanilla copy of the add-jibri-node.sh.
> Please use the content (or apply the changes) of add-jibri-node.sh from
the main Jitsi server installation folder, as it contains necessary data.\n"
exit exit
elif [ "$LAST" = "TBD" ]; then
ADDUP=$((START + 1))
else
ADDUP=$((LAST + 1))
fi fi
check_var MAIN_SRV_DIST "$MAIN_SRV_DIST"
check_var MAIN_SRV_REPO "$MAIN_SRV_REPO"
check_var MAIN_SRV_DOMAIN "$MAIN_SRV_DOMAIN"
check_var JibriBrewery "$JibriBrewery"
check_var JB_NAME "$JB_NAME"
check_var JB_AUTH_PASS "$JB_AUTH_PASS"
check_var JB_REC_PASS "$JB_REC_PASS"
check_var MJS_USER "$MJS_USER"
check_var MJS_USER_PASS "$MJS_USER_PASS"
check_var JIBRI_RES_CONF "$JIBRI_RES_CONF"
check_var JIBRI_RES_XORG_CONF "$JIBRI_RES_XORG_CONF"
#Check server and node OS #Check server and node OS
if [ ! "$THIS_SRV_DIST" = "$MAIN_SRV_DIST" ]; then if [ ! "$THIS_SRV_DIST" = "$MAIN_SRV_DIST" ]; then
echo "Please use the same OS for the jibri setup on both servers." echo "Please use the same OS for the jibri setup on both servers."
@ -138,59 +85,23 @@ if [ ! "$THIS_SRV_DIST" = "$MAIN_SRV_DIST" ]; then
exit exit
fi fi
#Check system resources
echo "Verifying System Resources:"
if [ "$(nproc --all)" -lt 4 ];then
echo " echo "
Warning!: The system do not meet the minimum CPU requirements for Jibri to run. #-----------------------------------------------------------------------
>> We recommend 4 cores/threads for Jibri! # Checking initial necessary variables...
" #-----------------------------------------------------------------------"
CPU_MIN="N"
else
echo "CPU Cores/Threads: OK ($(nproc --all))"
CPU_MIN="Y"
fi
### Test RAM size (8GB min) ###
mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+')
if [ "${mem_available}" -lt 7700000 ]; then
echo "
Warning!: The system do not meet the minimum RAM requirements for Jibri to run.
>> We recommend 8GB RAM for Jibri!
"
MEM_MIN="N"
else
echo "Memory: OK ($((mem_available/1024)) MiB)"
MEM_MIN="Y"
fi
if [ "$CPU_MIN" = "Y" ] && [ "$MEM_MIN" = "Y" ];then
echo "All requirements seems meet!"
echo "
- We hope you have a nice recording/streaming session
"
else
echo "CPU ($(nproc --all))/RAM ($((mem_available/1024)) MiB) does NOT meet minimum recommended requirements!"
echo "Since this is a Jibri node installation there is no point on not having the necessary resources."
echo "We highly advice to increase the resources in order to install this Jibri node."
while [[ "$CONTINUE_LOW_RES" != "yes" && "$CONTINUE_LOW_RES" != "no" ]]
do
read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_LOW_RES
if [ "$CONTINUE_LOW_RES" = "no" ]; then
echo "See you next time with more resources!..."
exit
elif [ "$CONTINUE_LOW_RES" = "yes" ]; then
echo "Please keep in mind that we might not support underpowered nodes."
fi
done
fi
# Rename hostname for each jibri node check_var MAIN_SRV_DIST "$MAIN_SRV_DIST"
hostnamectl set-hostname "jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}" check_var MAIN_SRV_REPO "$MAIN_SRV_REPO"
sed -i "1i 127.0.0.1 jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts check_var MAIN_SRV_DOMAIN "$MAIN_SRV_DOMAIN"
check_var JibriBrewery "$JibriBrewery"
check_var JB_NAME "$JB_NAME"
check_var JB_AUTH_PASS "$JB_AUTH_PASS"
check_var JB_REC_PASS "$JB_REC_PASS"
# Jitsi-Meet Repo # Jitsi-Meet Repo
echo "Add Jitsi repo" echo "Add Jitsi repo"
if [ -z "$JITSI_REPO" ]; then if [ -z "$JITSI_REPO" ]; then
echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-"$MAIN_SRV_REPO".list echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-$MAIN_SRV_REPO.list
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add - wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository don't match, extiting.." echo "Main and node servers repository don't match, extiting.."
@ -201,29 +112,9 @@ else
echo "Jitsi $JITSI_REPO repository already installed" echo "Jitsi $JITSI_REPO repository already installed"
fi fi
# Requirements
echo "We'll start by installing system requirements this may take a while please be patient..."
apt-get update -q2
apt-get dist-upgrade -yq2
apt-get -y install \
apt-show-versions \
bmon \
curl \
ffmpeg \
git \
htop \
inotify-tools \
jq \
rsync \
ssh \
unzip \
wget
check_snd_driver() { check_snd_driver() {
echo -e "\n# Checking ALSA - Loopback module..."
echo "snd-aloop" | tee -a /etc/modules
modprobe snd-aloop modprobe snd-aloop
echo "snd-aloop" >> /etc/modules
if [ "$(lsmod | grep snd_aloop | head -n 1 | cut -d " " -f1)" = "snd_aloop" ]; then if [ "$(lsmod | grep snd_aloop | head -n 1 | cut -d " " -f1)" = "snd_aloop" ]; then
echo " echo "
#----------------------------------------------------------------------- #-----------------------------------------------------------------------
@ -232,31 +123,30 @@ if [ "$(lsmod | grep snd_aloop | head -n 1 | cut -d " " -f1)" = "snd_aloop" ]; t
else else
echo " echo "
#----------------------------------------------------------------------- #-----------------------------------------------------------------------
# Your audio driver might not be able to load. # Your audio driver might not be able to load, once the installation
# We'll check the state of this Jibri with our 'test-jibri-env.sh' tool. # is complete and server restarted, please run: \`lsmod | grep snd_aloop'
# to make sure it did. If not, any feedback for your setup is welcome.
#-----------------------------------------------------------------------" #-----------------------------------------------------------------------"
curl -s "$TEST_JIBRI_ENV" > /tmp/test-jibri-env.sh
#Test tool
if [ "$MODE" = "debug" ]; then
bash /tmp/test-jibri-env.sh -m debug
else
bash /tmp/test-jibri-env.sh
fi
rm /tmp/test-jibri-env.sh
read -n 1 -s -r -p "Press any key to continue..."$'\n' read -n 1 -s -r -p "Press any key to continue..."$'\n'
fi fi
} }
echo "# Check and Install HWE kernel if possible..." # Requirements
HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")" echo "We'll start by installing system requirements this may take a while please be patient..."
if [ "$HWE_VIR_MOD" = "1" ]; then apt-get update -q2
apt-get dist-upgrade -yq2
apt-get -y install \ apt-get -y install \
linux-image-generic-hwe-"$(lsb_release -sr)" bmon \
else curl \
apt-get -y install \ ffmpeg \
linux-image-generic \ git \
linux-modules-extra-"$(uname -r)" htop \
fi linux-image-generic-hwe-"$(lsb_release -r|awk '{print$2}')" \
unzip \
wget
check_snd_driver
echo " echo "
#-------------------------------------------------- #--------------------------------------------------
@ -265,15 +155,15 @@ echo "
" "
apt-get -y install \ apt-get -y install \
jibri \ jibri \
openjdk-11-jre-headless openjdk-8-jre-headless
echo "# Installing Google Chrome / ChromeDriver" echo "# Installing Google Chrome / ChromeDriver"
if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then if [ -f $GOOGL_REPO ]; then
echo "Google repository already set." echo "Google repository already set."
else else
echo "Installing Google Chrome Stable" echo "Installing Google Chrome Stable"
wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add -
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO" echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee $GOOGL_REPO
fi fi
apt-get -q2 update apt-get -q2 update
apt-get install -y google-chrome-stable apt-get install -y google-chrome-stable
@ -283,7 +173,7 @@ if [ -f /usr/local/bin/chromedriver ]; then
echo "Chromedriver already installed." echo "Chromedriver already installed."
else else
echo "Installing Chromedriver" echo "Installing Chromedriver"
wget -q https://chromedriver.storage.googleapis.com/"$CHD_VER"/chromedriver_linux64.zip -O /tmp/chromedriver_linux64.zip wget -q https://chromedriver.storage.googleapis.com/$CHD_VER/chromedriver_linux64.zip -O /tmp/chromedriver_linux64.zip
unzip /tmp/chromedriver_linux64.zip -d /usr/local/bin/ unzip /tmp/chromedriver_linux64.zip -d /usr/local/bin/
chown root:root /usr/local/bin/chromedriver chown root:root /usr/local/bin/chromedriver
chmod 0755 /usr/local/bin/chromedriver chmod 0755 /usr/local/bin/chromedriver
@ -305,18 +195,18 @@ echo "
Remove Chrome warning... Remove Chrome warning...
" "
mkdir -p /etc/opt/chrome/policies/managed mkdir -p /etc/opt/chrome/policies/managed
echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON" echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > $GCMP_JSON
# Recording directory # Recording directory
if [ ! -d "$DIR_RECORD" ]; then if [ ! -d $DIR_RECORD ]; then
mkdir "$DIR_RECORD" mkdir $DIR_RECORD
fi fi
chown -R jibri:jibri "$DIR_RECORD" chown -R jibri:jibri $DIR_RECORD
cat << REC_DIR > "$REC_DIR" cat << REC_DIR > $REC_DIR
#!/bin/bash #!/bin/bash
RECORDINGS_DIR="$DIR_RECORD" RECORDINGS_DIR=$DIR_RECORD
echo "This is a dummy finalize script" > /tmp/finalize.out echo "This is a dummy finalize script" > /tmp/finalize.out
echo "The script was invoked with recordings directory $RECORDINGS_DIR." >> /tmp/finalize.out echo "The script was invoked with recordings directory $RECORDINGS_DIR." >> /tmp/finalize.out
@ -325,243 +215,68 @@ echo "or storage provider, etc.) in this script" >> /tmp/finalize.out
chmod -R 770 \$RECORDINGS_DIR chmod -R 770 \$RECORDINGS_DIR
#Rename folder.
LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -n -r|awk '{print\$2}'| grep -v "meta\|-" | head -n1)"
NJF_NAME="\$(find \$LJF_PATH |grep -e "-"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)"
NJF_PATH="\$RECORDINGS_DIR/\$NJF_NAME"
##Prevent empty recording directory failsafe
if [ "\$LJF_PATH" != "\$RECORDINGS_DIR" ]; then
mv \$LJF_PATH \$NJF_PATH
#Workaround for jibri to do cleaning.
ssh -i /home/jibri/jbsync.pem $MJS_USER@$MAIN_SRV_DOMAIN "rm -r \$LJF_PATH"
else
echo "No new folder recorded, not removing anything."
fi
exit 0 exit 0
REC_DIR REC_DIR
chown jibri:jibri "$REC_DIR" chown jibri:jibri $REC_DIR
chmod +x "$REC_DIR" chmod +x $REC_DIR
## New Jibri Config (2020) ## JSON Config
mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file cp $CONF_JSON ${CONF_JSON}.orig
cat << NEW_CONF > "$JIBRI_CONF"
// New XMPP environment config.
jibri {
streaming {
// A list of regex patterns for allowed RTMP URLs. The RTMP URL used
// when starting a stream must match at least one of the patterns in
// this list.
rtmp-allow-list = [
// By default, all services are allowed
".*"
]
}
ffmpeg {
resolution = "$JIBRI_RES_CONF"
}
chrome {
// The flags which will be passed to chromium when launching
flags = [
"--use-fake-ui-for-media-stream",
"--start-maximized",
"--kiosk",
"--enabled",
"--disable-infobars",
"--autoplay-policy=no-user-gesture-required",
"--ignore-certificate-errors",
"--disable-dev-shm-usage"
]
}
stats {
enable-stats-d = true
}
call-status-checks {
// If all clients have their audio and video muted and if Jibri does not
// detect any data stream (audio or video) comming in, it will stop
// recording after NO_MEDIA_TIMEOUT expires.
no-media-timeout = 30 seconds
// If all clients have their audio and video muted, Jibri consideres this cat << CONF_JSON > $CONF_JSON
// as an empty call and stops the recording after ALL_MUTED_TIMEOUT expires.
all-muted-timeout = 10 minutes
// When detecting if a call is empty, Jibri takes into consideration for how
// long the call has been empty already. If it has been empty for more than
// DEFAULT_CALL_EMPTY_TIMEOUT, it will consider it empty and stop the recording.
default-call-empty-timeout = 30 seconds
}
recording {
recordings-directory = $DIR_RECORD
finalize-script = $REC_DIR
}
api {
xmpp {
environments = [
{ {
// A user-friendly name for this environment "recording_directory":"$DIR_RECORD",
name = "$JB_NAME" "finalize_recording_script_path": "$REC_DIR",
"xmpp_environments": [
{
"name": "$JB_NAME",
"xmpp_server_hosts": [
"$MAIN_SRV_DOMAIN"
],
"xmpp_domain": "$MAIN_SRV_DOMAIN",
"control_login": {
"domain": "auth.$MAIN_SRV_DOMAIN",
"username": "jibri",
"password": "$JB_AUTH_PASS"
},
"control_muc": {
"domain": "internal.auth.$MAIN_SRV_DOMAIN",
"room_name": "$JibriBrewery",
"nickname": "Live-$ADDUP"
},
"call_login": {
"domain": "recorder.$MAIN_SRV_DOMAIN",
"username": "recorder",
"password": "$JB_REC_PASS"
},
// A list of XMPP server hosts to which we'll connect "room_jid_domain_string_to_strip_from_start": "conference.",
xmpp-server-hosts = [ "$MAIN_SRV_DOMAIN" ] "usage_timeout": "0"
// The base XMPP domain
xmpp-domain = "$MAIN_SRV_DOMAIN"
// The MUC we'll join to announce our presence for
// recording and streaming services
control-muc {
domain = "internal.auth.$MAIN_SRV_DOMAIN"
room-name = "$JibriBrewery"
nickname = "machine-id"
}
// The login information for the control MUC
control-login {
domain = "auth.$MAIN_SRV_DOMAIN"
username = "jibri"
password = "$JB_AUTH_PASS"
}
// An (optional) MUC configuration where we'll
// join to announce SIP gateway services
// sip-control-muc {
// domain = "domain"
// room-name = "room-name"
// nickname = "nickname"
// }
// The login information the selenium web client will use
call-login {
domain = "recorder.$MAIN_SRV_DOMAIN"
username = "recorder"
password = "$JB_REC_PASS"
}
// The value we'll strip from the room JID domain to derive
// the call URL
strip-from-room-domain = "conference."
// How long Jibri sessions will be allowed to last before
// they are stopped. A value of 0 allows them to go on
// indefinitely
usage-timeout = 0 hour
// Whether or not we'll automatically trust any cert on
// this XMPP domain
trust-all-xmpp-certs = true
} }
] ]
} }
} CONF_JSON
}
NEW_CONF
#Jibri xorg resolution echo "Writting last node number..."
sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" "$JIBRI_XORG_CONF" sed -i "$(var_dlim 0_VAR),$(var_dlim 1_VAR){s|LAST=.*|LAST=$ADDUP|}" add-jibri-node.sh
sed -i "$(var_dlim 0_LAST),$(var_dlim 1_LAST){s|LETS: .*|LETS: $(date -R)|}" add-jibri-node.sh
echo -e "\n---- Create random nodesync user ----" echo "Last file edition at: $(grep "LETS:" add-jibri-node.sh|head -n1|awk -F'LETS:' '{print$2}')"
useradd -m -g jibri "$NJN_USER"
echo "$NJN_USER:$NJN_USER_PASS" | chpasswd
echo -e "\n---- We'll connect to main server ----"
read -n 1 -s -r -p "Press any key to continue..."$'\n'
sudo su "$NJN_USER" -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
#Workaround for jibri to do cleaning.
install -m 0600 -o jibri /home/"$NJN_USER"/.ssh/id_rsa /home/jibri/jbsync.pem
sudo su jibri -c "install -D /dev/null /home/jibri/.ssh/known_hosts"
sudo su jibri -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts"
echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n"
ssh-keyscan -t rsa "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts
ssh "$MJS_USER"@"$MAIN_SRV_DOMAIN" sh -c "'cat >> .ssh/authorized_keys'" < /home/"$NJN_USER"/.ssh/id_rsa.pub
sudo su "$NJN_USER" -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts"
echo -e "\n---- Setup Log system ----"
cat << INOT_RSYNC > /etc/jitsi/jibri/remote-jbsync.sh
#!/bin/bash
# Log process
exec 3>&1 4>&2
trap 'exec 2>&4 1>&3' 0 1 2 3
exec 1>/var/log/"$NJN_USER"/remote_jnsync.log 2>&1
# Run sync
while true; do
inotifywait -t 60 -r -e modify,attrib,close_write,move,delete "$DIR_RECORD"
sudo su "$NJN_USER" -c "rsync -Aax --info=progress2 --remove-source-files --exclude '.*/' $DIR_RECORD/ $MJS_USER@$MAIN_SRV_DOMAIN:$DIR_RECORD"
find "$DIR_RECORD" -depth -type d -empty -not -path "$DIR_RECORD" -delete
done
INOT_RSYNC
mkdir /var/log/"$NJN_USER"
cat << LOG_ROT > /etc/logrotate.d/"$NJN_USER"
/var/log/"$NJN_USER"/*.log {
monthly
missingok
rotate 12
compress
notifempty
create 0640 root root
sharedscripts
postrotate
service remote_jnsync restart
endscript
}
LOG_ROT
echo -e "\n---- Create systemd service file ----"
cat << REMOTE_SYNC_SERVICE > /etc/systemd/system/remote_jnsync.service
[Unit]
Description = Sync Node to Main Jibri Service
After = network.target
[Service]
PIDFile = /run/syncservice/remote_jnsync.pid
User = root
Group = root
WorkingDirectory = /var
ExecStartPre = /bin/mkdir /run/syncservice
ExecStartPre = /bin/chown -R root:root /run/syncservice
ExecStart = /bin/bash /etc/jitsi/jibri/remote-jbsync.sh
ExecReload = /bin/kill -s HUP \$MAINPID
ExecStop = /bin/kill -s TERM \$MAINPID
ExecStopPost = /bin/rm -rf /run/syncservice
PrivateTmp = true
[Install]
WantedBy = multi-user.target
REMOTE_SYNC_SERVICE
chmod 755 /etc/systemd/system/remote_jnsync.service
systemctl daemon-reload
systemctl enable remote_jnsync.service
systemctl start remote_jnsync.service
#Enable jibri services #Enable jibri services
systemctl enable jibri systemctl enable jibri
systemctl enable jibri-xorg systemctl enable jibri-xorg
systemctl enable jibri-icewm systemctl enable jibri-icewm
check_snd_driver
echo " echo "
######################################################################## ########################################################################
Node addition complete!! Node addition complete!!
for customized support: http://switnet.net
For customized support: http://switnet.net
######################################################################## ########################################################################
" "
echo "Make sure to reboot, it's necessary before *any* usage. echo "Rebooting in..."
Rebooting in..."
secs=$((15)) secs=$((15))
while [ "$secs" -gt 0 ]; do while [ $secs -gt 0 ]; do
echo -ne "$secs\033[0K\r" echo -ne "$secs\033[0K\r"
sleep 1 sleep 1
: $((secs--)) : $((secs--))

View File

@ -1,309 +0,0 @@
#!/bin/bash
# JVB2 Node Aggregator
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
### 0_LAST EDITION TIME STAMP ###
# LETS: AUTOMATED_EDITION_TIME
### 1_LAST EDITION ###
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
#Make sure the file name is the required one
if [ ! "$(basename "$0")" = "add-jvb2-node.sh" ]; then
echo "For most cases naming won't matter, for this one it does."
echo "Please use the original name for this script: \`add-jvb2-node.sh', and run again."
exit
fi
#Check admin rights
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
### 0_VAR_DEF
MAIN_SRV_DIST=TBD
MAIN_SRV_REPO=TBD
MAIN_SRV_DOMAIN=TBD
JVB_HOSTNAME=TBD
JVB_HOST=TBD
JVB_PORT=TBD
JVB_SECRET=TBD
JVB_OPTS=TBD
SYS_PROPS=TBD
AWS_HARVEST=TBD
STUN_MAPPING=TBD
ENABLE_STATISTICS=TBD
SHARD_HOSTNAME=TBD
SHARD_DOMAIN=TBD
SHARD_PASS=TBD
MUC_JID=TBD
#MJS_USER=TBD
#MJS_USER_PASS=TBD
#START=0
#LAST=TBD
THIS_SRV_DIST=$(lsb_release -sc)
JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR==1{print$1}')
JVB2_CONF="/etc/jitsi/videobridge/config"
JVB2_NCONF="/etc/jitsi/videobridge/jvb.conf"
JVB2_SIP="/etc/jitsi/videobridge/sip-communicator.properties"
SHORT_ID="$(awk '{print substr($0,0,7)}' /etc/machine-id)"
#PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)"
#GITHUB_RAW="https://raw.githubusercontent.com"
#GIT_REPO="switnet-ltd/quick-jibri-installer"
### 1_VAR_DEF
# sed limiters for add-jvb2-node.sh variables
var_dlim() {
grep -n "$1" add-jvb2-node.sh|head -n1|cut -d ":" -f1
}
check_var() {
if [ -z "$2" ]; then
echo -e "Check if variable $1 is set: \xE2\x9C\x96 \nExiting..."
exit
else
echo -e "Check if variable $1 is set: \xE2\x9C\x94"
fi
}
#Check server and node OS
if [ ! "$THIS_SRV_DIST" = "$MAIN_SRV_DIST" ]; then
echo "Please use the same OS for the JVB2 setup on both servers."
echo "This server is based on: $THIS_SRV_DIST"
echo "The main server record claims is based on: $MAIN_SRV_DIST"
exit
fi
#Check system resources
echo "Verifying System Resources:"
if [ "$(nproc --all)" -lt 4 ];then
echo "
Warning!: The system do not meet the CPU recomendations for a JVB node for heavy loads.
>> We recommend 4 cores/threads or above for JVB2!
"
CPU_MIN="N"
else
echo "CPU Cores/Threads: OK ($(nproc --all))"
CPU_MIN="Y"
fi
### Test RAM size (8GB min) ###
mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+')
if [ "${mem_available}" -lt 7700000 ]; then
echo "
Warning!: The system do not meet the CPU recomendations for a JVB node for heavy loads.
>> We recommend 8GB RAM or above for JVB2!
"
MEM_MIN="N"
else
echo "Memory: OK ($((mem_available/1024)) MiB)"
MEM_MIN="Y"
fi
if [ "$CPU_MIN" = "Y" ] && [ "$MEM_MIN" = "Y" ];then
echo "All requirements seems meet!"
echo "
- We hope you have a nice recording/streaming session
"
else
echo "CPU ($(nproc --all))/RAM ($((mem_available/1024)) MiB) does NOT meet minimum recommended requirements!"
echo "We highly advice to increase the resources in order to install this JVB2 node."
while [[ "$CONTINUE_LOW_RES" != "yes" && "$CONTINUE_LOW_RES" != "no" ]]
do
read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_LOW_RES
if [ "$CONTINUE_LOW_RES" = "no" ]; then
echo "See you next time with more resources!..."
exit
elif [ "$CONTINUE_LOW_RES" = "yes" ]; then
echo "Please keep in mind that we might not support underpowered nodes."
fi
done
fi
echo "
#-----------------------------------------------------------------------
# Checking initial necessary variables...
#-----------------------------------------------------------------------"
check_var JVB_HOSTNNAME "$JVB_HOSTNAME"
if [ -z "$JVB_HOST" ]; then
echo "JVB_HOST is empty, but it may be ok for it to be empty, skipping empty test."
else
check_var JVB_HOST "$JVB_HOST"
fi
check_var JVB_PORT "$JVB_PORT"
check_var JVB_SECRET "$JVB_SECRET"
check_var JVB_OPTS "$JVB_OPTS"
check_var SYS_PROPS "$SYS_PROPS"
check_var AWS_HARVEST "$AWS_HARVEST"
check_var STUN_MAPPING "$STUN_MAPPING"
check_var ENABLE_STATISTICS "$ENABLE_STATISTICS"
check_var SHARD_HOSTNAME "$SHARD_HOSTNAME"
check_var SHARD_DOMAIN "$SHARD_DOMAIN"
check_var SHARD_PASS "$SHARD_PASS"
check_var MUC_JID "$MUC_JID"
check_var MAIN_SRV_DOMAIN "$MAIN_SRV_DOMAIN"
# Rename hostname for each jvb2 node
hostnamectl set-hostname "jvb_${SHORT_ID}.${MAIN_SRV_DOMAIN}"
sed -i "1i 127.0.0.1 jvb_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts
# Jitsi-Meet Repo
echo "Add Jitsi repo"
if [ -z "$JITSI_REPO" ]; then
echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-"$MAIN_SRV_REPO".list
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository don't match, extiting.."
exit
elif [ "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository match, continuing..."
else
echo "Jitsi $JITSI_REPO repository already installed"
fi
# Requirements
echo "We'll start by installing system requirements this may take a while please be patient..."
apt-get update -q2
apt-get dist-upgrade -yq2
apt-get -y install \
apt-show-versions \
bmon \
curl \
git \
htop \
ssh \
unzip \
wget
echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD="$(apt-cache madison linux-modules-extra-virtual-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c "extra-virtual-hwe")"
if [ "$HWE_VIR_MOD" == "1" ]; then
apt-get -y install \
linux-image-generic-hwe-"$(lsb_release -sr)" \
linux-modules-extra-virtual-hwe-"$(lsb_release -sr)"
else
apt-get -y install \
linux-modules-extra-"$(uname -r)"
fi
echo "
#--------------------------------------------------
# Install JVB2
#--------------------------------------------------
"
echo "jitsi-videobridge jitsi-videobridge/jvb-hostname string $MAIN_SRV_DOMAIN" | debconf-set-selections
apt-get -y install \
jitsi-videobridge2 \
openjdk-8-jre-headless
echo '
########################################################################
Start JVB2 configuration
########################################################################
'
mv $JVB2_CONF ${JVB2_CONF}-dpkg-file
## JVB2 - CONFIG
cat << JVB2_CONF > $JVB2_CONF
# Jitsi Videobridge settings
# sets the XMPP domain (default: none)
JVB_HOSTNAME=$JVB_HN
# sets the hostname of the XMPP server (default: domain if set, localhost otherwise)
JVB_HOST=$JVB_HOST
# sets the port of the XMPP server (default: 5275)
JVB_PORT=$JVB_PORT
# sets the shared secret used to authenticate to the XMPP server
JVB_SECRET=$JVB_SECRET
# extra options to pass to the JVB daemon
JVB_OPTS=$JVB_OPTS
# adds java system props that are passed to jvb (default are for home and logging config file)
JAVA_SYS_PROPS=$SYS_PROPS
JVB2_CONF
mv $JVB2_SIP $JVB2_SIP-dpkg-file
## JVB2 - SIP
cat << JVB2_SIP > $JVB2_SIP
# Legacy conf file, new format already at
# /etc/jitsi/videobridge/jvb.conf
# --add-jvb2-node.sh
JVB2_SIP
echo -e "\n---- Setting new config format for jvb2 node. ----"
sed -i '${/\}/d;}' $JVB2_NCONF
cat << JVB2 >> $JVB2_NCONF
stats {
# Enable broadcasting stats/presence in a MUC
enabled = true
transports = [
{ type = "muc" }
]
}
apis {
xmpp-client {
configs {
# Connect to the first XMPP server
xmpp-server-$ADDUP {
hostname="$MAIN_SRV_DOMAIN"
domain = "auth.$MAIN_SRV_DOMAIN"
username = "jvb"
password = "$SHARD_PASS"
muc_jids = "JvbBrewery@internal.auth.$MAIN_SRV_DOMAIN"
# The muc_nickname must be unique across all jitsi-videobridge instances
muc_nickname = "jvb2-$ADDUP"
disable_certificate_verification = true
}
}
}
}
}
JVB2
#Enable jvb2 services
systemctl enable jitsi-videobridge2.service
systemctl restart jitsi-videobridge2.service
echo "
########################################################################
Node addition complete!!
For customized support: http://switnet.net
########################################################################
"
echo "Rebooting in..."
secs=$((15))
while [ $secs -gt 0 ]; do
echo -ne "$secs\033[0K\r"
sleep 1
: $((secs--))
done
reboot

136
changelog
View File

@ -1,136 +0,0 @@
quick-jibri-installer (7.3.0)
* excalibur: add installer for whiteboard feature.
* quick_jibri_installer.sh: add excalidraw whiteboard backend
disable jigasi selector
add sed check test
update features list
* misc: update repository address to new home.
* misc: update year to late 2023.
-- Software, IT & Networks <info@switnet.net> Sat, 11 Nov 2023 21:18:29 -0600
quick-jibri-installer (7.2.1)
* changelog: update previous version.
* quick_jibri_installer.sh: fix deprecated nodejs repo setup,
add printwc function
-- Software, IT & Networks <info@switnet.net> Sun, 22 Oct 2023 17:00:30 -0600
quick-jibri-installer (7.2.0)
* changelog: update previous version.
* quick_jibri_installer.sh: rearrange chromedriver variables.
* quick_jibri_installer.sh: fix empty varible usage.
* quick_jibri_installer.sh: update nodejs to a stable release.
* quick_jibri_installer.sh,jitsi-updater.sh: update chromedriver 115+ version download.
* jra_nextcloud.sh: organize functions, add apt checks, higher password lenght and small fixes.
* jitsi-updater.sh: fix check chrome driver version.
-- Software, IT & Networks <info@switnet.net> Wed Aug 23 00:51:24 2023 -0600
quick-jibri-installer (7.1.0)
* changelog: add changelog
* quick_jibri_installer.sh: increase support to 22.04
fix key aggregation and remove deprecated letsencrypt ppa
* etherpad-docker.sh: fix key aggregation and variable collection.
* grafana.sh: fix gpg key aggregation
* jm-bm.sh: tweak sed
* jra_nextcloud.sh: fix key aggregation and variable collection.
* jra_nextcloud.sh: fix add gpg key function and add install available version package
* jra_nextcloud.sh: small fix for install_aval_package function
-- Software, IT & Networks <info@switnet.net> Wed Feb 22 05:56:20 2023 -0600
quick-jibri-installer (7.0.8)
* jitsi-updater.sh: add checks for openjdk and nodejs supported versions
* add-jibri-node.sh: set openjdk-jre-headless default version to 11
* changelog: add changelog
-- Software, IT & Networks <info@switnet.net> Tue Nov 15 02:56:26 2022 -0600
quick-jibri-installer (7.0.7)
* quick_jibri_installer.sh: fix jaas & acme integration
-- Software, IT & Networks <info@switnet.net> Sun Oct 23 23:52:23 2022 -0500
quick-jibri-installer (7.0.6)
* jitsi-updater.sh: fix jitsi repo package update filtering.
-- Software, IT & Networks <info@switnet.net> Fri Sep 30 04:04:31 2022 -0500
quick-jibri-installer (7.0.5)
* quick_jibri_installer.sh: use new setup to enable local recording feature.
-- Software, IT & Networks <info@switnet.net> Fri Aug 19 07:23:41 2022 -0500
quick-jibri-installer (7.0.4)
* quick_jibri_installer.sh,jwt.sh: update anonymous string on prosody setup.
-fix small format issues.
-- Software, IT & Networks <info@switnet.net> Fri Aug 19 06:47:21 2022 -0500
quick-jibri-installer (7.0.3)
* jitsi-updater: fix condition to set turn config.
* quick-jibri-installer: fix typo on path.
-- Software, IT & Networks <info@switnet.net> Thu Jun 30 09:57:12 2022 -0500
quick-jibri-installer (7.0.2)
* Detect jibri node by jitsi-updater.
-- Software, IT & Networks <info@switnet.net> Fri Jun 17 16:36:15 2022 -0500
quick-jibri-installer (7.0.1)
* Fix debug mode on triggered scripts.
* Fix grep condition.
-- Software, IT & Networks <info@switnet.net> Mon May 23 23:17:39 2022 -0500
quick-jibri-installer (7.0)
* Major rework, comply with shellcheck
## Add
* Add experimental tool for AWS grub setup.
## Fix
* Fix grafana configuration
* Actually apply changes to nginx conf instead of symlink.
* Actually require to run with admin rights.
* Improve comments.
* Rename and fix set_once function.
* Fix jibri domain.
## Improve
* Comply mode section with shellcheck recommendations.
* Comply tools section with shellcheck recommendations.
* Comply main scripts with shellcheck recommendations.
* Improve shell quality
* Change JDK version to 11
* Make warning visible.
* Change email position, and small fixes
* Several indenting changes
* Set warning instead of "note".
* Yet again more fixes on echo and printf
* Standarize jra_nextcloud
* Add comment on debconf state
* Update SwITNet copyright and standarize debug option for scripts.
## Remove
* Rename deprecated scripts folder
* Remove old
* Remove unused code
* Finally remove jigasi deprecated script.
-- Software, IT & Networks <info@switnet.net> Fri May 20 20:07:02 2022 -0500

View File

@ -1,157 +0,0 @@
#!/bin/bash
# Etherpad Installer for Jitsi Meet
# SwITNet Ltd © - 2024, https://switnet.net/
#
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
clear
echo '
########################################################################
Etherpad Docker addon
########################################################################
by Software, IT & Networks Ltd
'
FORGE_REPO="https://forge.switnet.net/switnet/quick-jibri-installer"
check_apt_policy() {
apt-cache policy 2>/dev/null| awk "/$1/{print \$3}" | awk -F '/' 'NR==1{print$2}'
}
install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " $1 is installed, skipping..."
else
echo -e "\n---- Installing $1 ----"
apt-get -yq2 install "$1"
fi
}
# Test for matches
test_match() {
if grep -q "$1" "$2" ; then
echo "$(basename "$2") - OK..."
else
echo "$(basename "$2"), FAIL..."
echo "Please report this to $FORGE_REPO"
exit
fi
}
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
PSGVER="$(apt-cache madison postgresql|tr -d '[:blank:]'|awk -F'[|+]' 'NR==1{print $2}')"
ETHERPAD_DB_USER="dockerpad"
ETHERPAD_DB_NAME="etherpad"
ETHERPAD_DB_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
DOCKER_CE_REPO="$(check_apt_policy docker)"
WS_CONF_MATCH1="# ensure all static content can always be found first"
echo "Add Docker repo"
if [ "$DOCKER_CE_REPO" = "stable" ]; then
echo "Docker repository already installed"
else
echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > \
/etc/apt/sources.list.d/docker-ce.list
wget -qO - https://download.docker.com/linux/ubuntu/gpg | \
gpg --dearmor | tee /etc/apt/trusted.gpg.d/docker-gpg-key.gpg >/dev/null
apt -q2 update
fi
read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS
# Make sure we can rely on the match strings.
printf "> Testing match strings on config files.\n"
test_match "$WS_MATCH1" "$WS_CONF"
# Install required packages
install_ifnot docker-ce
install_ifnot postgresql-"$PSGVER"
# Create DB
echo -e "> Creating postgresql database for container...\n"
sudo -u postgres psql <<DB
CREATE DATABASE ${ETHERPAD_DB_NAME};
CREATE USER ${ETHERPAD_DB_USER} WITH ENCRYPTED PASSWORD '${ETHERPAD_DB_PASS}';
GRANT ALL PRIVILEGES ON DATABASE ${ETHERPAD_DB_NAME} TO ${ETHERPAD_DB_USER};
DB
echo " -- Your etherpad db password is: $ETHERPAD_DB_PASS"
echo -e " Please save it somewhere safe.\n"
# Check fot docker if not running then execute
if [ ! "$(docker ps -q -f name=etherpad)" ]; then
if [ "$(docker ps -aq -f status=exited -f name=etherpad)" ]; then
# cleanup
docker rm etherpad
fi
# run your container
docker run -d --restart always \
--network=host \
--name etherpad \
-p 127.0.0.1:9001:9001 \
-e "ADMIN_PASSWORD=$ETHERPAD_ADMIN_PASS" \
-e "DB_TYPE=postgres" \
-e "DB_HOST=localhost" \
-e "DB_PORT=5432" \
-e "DB_NAME=$ETHERPAD_DB_NAME" \
-e "DB_USER=$ETHERPAD_DB_USER" \
-e "DB_PASS=$ETHERPAD_DB_PASS" \
-i -t etherpad/etherpad
fi
# Tune webserver for Jitsi App control
if [ "$(grep -c etherpad "$WS_CONF")" != 0 ]; then
echo "> Webserver seems configured, skipping..."
elif [ -f "$WS_CONF" ]; then
echo "> Setting up webserver configuration file..."
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ #Etherpad block" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ location \^\~\ \/etherpad\/ {" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Upgrade \$http_upgrade;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Connection \$connection_upgrade;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header X-Forwarded-For \$remote_addr;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_buffering off;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_redirect off;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:9001\/;" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ }" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \\\n" "$WS_CONF"
else
echo "> No etherpad config done to server file, please report to:
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
fi
# Configure config.js
if [ "$(grep -c "etherpad_base" "$WS_CONF")" != 0 ]; then
echo -e "> $MEET_CONF seems configured, skipping...\n"
else
echo -e "> Setting etherpad domain at $MEET_CONF...\n"
sed -i "s|// etherpad_base: .*|etherpad_base: \'https://$DOMAIN/etherpad/p/\',|" "$MEET_CONF"
fi
echo "> Checking nginx configuration..."
if nginx -t 2>/dev/null ; then
echo -e " -- Docker configuration seems fine, enabling it."
# systemctl reload nginx
else
echo "Please check your configuration, something may be wrong."
echo "Will not try to enable etherpad nginx configuration, please report to:
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
fi

195
etherpad.sh Normal file
View File

@ -0,0 +1,195 @@
#!/bin/bash
# Etherpad Installer for Jitsi Meet
# SwITNet Ltd © - 2020, https://switnet.net/
#
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo ./etherpad.sh [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ $(id -u) = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
clear
echo '
########################################################################
Etherpad Docker addon
########################################################################
by Software, IT & Networks Ltd
'
check_apt_policy() {
apt-cache policy 2>/dev/null| \
grep http | \
grep $1 | \
awk '{print $3}' | \
head -n 1 | \
cut -d "/" -f2
}
install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " $1 is installed, skipping..."
else
echo -e "\n---- Installing $1 ----"
apt-get -yq2 install $1
fi
}
DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
WS_CONF="/etc/nginx/sites-enabled/$DOMAIN.conf"
PSGVER="$(apt-cache madison postgresql | head -n1 | awk '{print $3}' | cut -d "+" -f1)"
NODE_JS_REPO="$(check_apt_policy node_10)"
ETHERPAD_USER="etherpad-lite"
ETHERPAD_HOME="/opt/$ETHERPAD_USER"
ETHERPAD_DB_USER="meetpad"
ETHERPAD_DB_NAME="etherpad"
ETHERPAD_DB_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
ETHERPAD_SYSTEMD="/etc/systemd/system/etherpad-lite.service"
# NodeJS
echo "Addin NodeJS repo..."
if [ "$NODE_JS_REPO" = "main" ]; then
echo "NodeJS repository already installed"
else
curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -
apt-get update
fi
read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS
# Install required packages
install_ifnot jq
install_ifnot nodejs
install_ifnot postgresql-$PSGVER
# Link LE certs on Etherpad directory
#chmod 755 /etc/letsencrypt/live
#ln -s /etc/letsencrypt/live/$DOMAIN $ETHERPAD_HOME/
# Create DB
echo -e "> Creating postgresql database for etherpad...\n"
sudo -u postgres psql <<DB
CREATE DATABASE ${ETHERPAD_DB_NAME};
CREATE USER ${ETHERPAD_DB_USER} WITH ENCRYPTED PASSWORD '${ETHERPAD_DB_PASS}';
GRANT ALL PRIVILEGES ON DATABASE ${ETHERPAD_DB_NAME} TO ${ETHERPAD_DB_USER};
DB
echo " -- Your etherpad db password is: $ETHERPAD_DB_PASS"
echo -e " Please save it somewhere safe."
#Set system users
adduser --system --home=${ETHERPAD_HOME} --group ${ETHERPAD_USER}
sudo -u $ETHERPAD_USER git clone -b master https://github.com/ether/etherpad-lite.git $ETHERPAD_HOME/
#Issue: https://github.com/ether/etherpad-lite/issues/3460
cat <<< "$(jq 'del(.devDependencies)'< $ETHERPAD_HOME/src/package.json)" > $ETHERPAD_HOME/src/package.json
bash $ETHERPAD_HOME/bin/installDeps.sh
cp $ETHERPAD_HOME/settings.json $ETHERPAD_HOME/settings.json.backup
cat << SETTINGS_JSON > $ETHERPAD_HOME/settings.json
{
"title": "Conference Etherpad",
"favicon": "favicon.ico",
"skinName": "colibris",
"ip": "0.0.0.0",
"port": 9001,
"showSettingsInAdminPage": true,
// "ssl" : {
// "key" : "$ETHERPAD_HOME/$DOMAIN/privkey.pem",
// "cert" : "$ETHERPAD_HOME/$DOMAIN/fullchain.pem",
// "ca" : "$ETHERPAD_HOME/$DOMAIN/chain.pem"
// },
"dbType" : "postgres",
"dbSettings" : {
"user" : "$ETHERPAD_DB_USER",
"host" : "localhost",
"password": "$ETHERPAD_DB_PASS",
"database": "$ETHERPAD_DB_NAME",
"charset" : "utf8mb4"
},
"defaultPadText" : "Welcome to Etherpad!\n\nThis pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!\n\nGet involved with Etherpad at https:\/\/etherpad.org\n",
"users": {
"admin": {
// 1) "password" can be replaced with "hash" if you install ep_hash_auth
// 2) please note that if password is null, the user will not be created
"password": "$ETHERPAD_ADMIN_PASS",
"is_admin": true
}
}
}
SETTINGS_JSON
cat << SYSTEMD > $ETHERPAD_SYSTEMD
[Unit]
Description=Etherpad-lite, the collaborative editor.
After=syslog.target network.target
[Service]
Type=simple
User=$ETHERPAD_USER
Group=Group=$ETHERPAD_USER
WorkingDirectory=$ETHERPAD_HOME
Environment=NODE_ENV=production
ExecStart=$ETHERPAD_HOME/bin/run.sh
Restart=always
[Install]
WantedBy=multi-user.target
SYSTEMD
#Systemd services
systemctl enable etherpad-lite
systemctl restart etherpad-lite
# Tune webserver for Jitsi App control
if [ $(grep -c "etherpad" $WS_CONF) != 0 ]; then
echo "> Webserver seems configured, skipping..."
elif [ -f $WS_CONF ]; then
echo "> Setting up webserver configuration file..."
sed -i "/Anything that didn't match above/i \ \ \ \ location \^\~\ \/etherpad\/ {" $WS_CONF
sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:9001\/;" $WS_CONF
sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_set_header X-Forwarded-For \$remote_addr;" $WS_CONF
sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_buffering off;" $WS_CONF
sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_set_header Host \$host;" $WS_CONF
sed -i "/Anything that didn't match above/i \ \ \ \ }" $WS_CONF
sed -i "/Anything that didn't match above/i \\\n" $WS_CONF
else
echo "> No etherpad config done to server file, please report to:
-> https://github.com/switnet-ltd/quick-jibri-installer/issues"
fi
# Configure config.js
if [ $(grep -c "etherpad_base" $WS_CONF) != 0 ]; then
echo -e "> $MEET_CONF seems configured, skipping...\n"
else
echo -e "> Setting etherpad domain at $MEET_CONF...\n"
sed -i "/ domain: '$DOMAIN'/a\ \ \ \ \ \ \ \ etherpad_base: \'https://$DOMAIN/etherpad/p/\'," $MEET_CONF
fi
echo "> Checking nginx configuration..."
nginx -t 2>/dev/null
if [ $? = 0 ]; then
echo -e " -- Docker configuration seems fine, enabling it."
systemctl reload nginx
else
echo "Please check your configuration, something may be wrong."
echo "Will not try to enable etherpad nginx configuration, please report to:
-> https://github.com/switnet-ltd/quick-jibri-installer/issues"
fi

View File

@ -1,208 +0,0 @@
#!/bin/bash
# Excalidraw Jitsi Backend Installer
#
# Based on:
# - https://community.jitsi.org/t/118883
#
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
# Reset
Color_Off='\e[0m' # Text Reset
# Regular Colors
Black='\e[0;30m' # Black
Red='\e[0;31m' # Red
Green='\e[0;32m' # Green
Yellow='\e[0;33m' # Yellow
Blue='\e[0;34m' # Blue
Purple='\e[0;35m' # Purple
Cyan='\e[0;36m' # Cyan
printwc() {
printf "%b$2%b" "$1" "${Color_Off}"
}
print_title() {
printwc "${Blue}" "\n#--------------------------------------------------"
printwc "${Blue}" "\n# $1"
printwc "${Blue}" "\n#--------------------------------------------------\n"
}
restart_jibri() {
if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ]
then
systemctl restart jibri
systemctl restart jibri-icewm
systemctl restart jibri-xorg
else
echo "Jibri service not installed"
fi
}
restart_services() {
systemctl restart jitsi-videobridge2
systemctl restart jicofo
restart_jibri
systemctl restart prosody
}
test_match() {
if grep -q "$1" "$2" ; then
echo "$(basename "$2") - OK..."
else
echo "$(basename "$2"), FAIL..."
echo "Please report this to https://forge.switnet.net/switnet/quick-jibri-installer"
exit
fi
}
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
clear
echo -e '\n
########################################################################
Excalidraw Jitsi Backend Installer
########################################################################
by Software, IT & Networks Ltd
\n'
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
PROSODY_FILE="/etc/prosody/conf.d/$DOMAIN.cfg.lua"
MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
WS_MATCH1='# ensure all static content can always be found first'
PROS_MATCH1='"av_moderation";'
PROS_MATCH2='breakout_rooms_muc = "breakout.'
PROS_MATCH3='VirtualHost "recorder.'
CONFIG_MATCH1='List of undocumented settings used in jitsi-meet'
EXCALIDRAW_HOME="/opt/excalidraw"
EXCAL_MATCH1="prometheus.metrics(io"
EXCAL_NEW_PORT="9091"
EXCAL_PORT_FILE="$EXCALIDRAW_HOME/backend/src/index.ts"
# Make sure we can rely on the match strings.
printf "Testing match strings on config files.\n"
test_match "$WS_MATCH1" "$WS_CONF"
test_match "$PROS_MATCH1" "$PROSODY_FILE"
test_match "$PROS_MATCH2" "$PROSODY_FILE"
test_match "$PROS_MATCH3" "$PROSODY_FILE"
test_match "$PROS_MATCH3" "$PROSODY_FILE"
test_match "$CONFIG_MATCH1" "$MEET_CONF"
#--------------------------------------------------
print_title "Setup excalidraw backend."
#--------------------------------------------------
adduser --home "$EXCALIDRAW_HOME" --disabled-password --gecos "" excalidraw
git clone https://github.com/jitsi/excalidraw-backend "$EXCALIDRAW_HOME/backend"
test_match "$EXCAL_MATCH1" "$EXCAL_PORT_FILE"
chown -R excalidraw:excalidraw "$EXCALIDRAW_HOME"
cd "$EXCALIDRAW_HOME/backend"
sudo -u excalidraw cp .env.development .env.production
# Use documented port to get some sort of standarization.
if sed -n "/$EXCAL_MATCH1/,/});/p" "$EXCAL_PORT_FILE" |grep -q port: ; then
echo -e "> Update predefined port for metrics to $EXCAL_NEW_PORT\n"
sed -i "/$EXCAL_MATCH1/,/});/s|port:.*,|port: $EXCAL_NEW_PORT,|" "$EXCAL_PORT_FILE"
else
echo -e "> Define new port from default to $EXCAL_NEW_PORT\n"
sed -i "/$EXCAL_MATCH1/a \ \ \ \ port: $EXCAL_NEW_PORT," "$EXCAL_PORT_FILE"
fi
printf "Installing npm backend.\n"
sudo -u excalidraw npm install
sudo -u excalidraw npm run build
#--------------------------------------------------
print_title "Setup system & jitsi config files."
#--------------------------------------------------
# Enable websocket on nginx
sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ location = /socket.io/ {" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_pass http://127.0.0.1:3002/socket.io/?\$args;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Upgrade \$http_upgrade;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Connection \"upgrade\";" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Host \$http_host;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ tcp_nodelay on;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF"
sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF"
if grep -rq room_metadata /etc/prosody/conf.d/ ;then
echo "> Prosody seems to be already configured."
else
echo "> Setting up prosody for whiteboard..."
# Modules enabled
sed -i "/$PROS_MATCH1/a \ \ \ \ \ \ \ \ \"room_metadata\";" "$PROSODY_FILE"
# Define internal component
sed -i "/$PROS_MATCH2/a \ \ \ \ room_metadata_component = \"metadata.$DOMAIN\"" "$PROSODY_FILE"
# Register component
sed -i "/$PROS_MATCH3/i \\\n" "$PROSODY_FILE"
sed -i "/$PROS_MATCH3/i Component \"metadata.$DOMAIN\" \"room_metadata_component\"" "$PROSODY_FILE"
sed -i "/$PROS_MATCH3/i \ \ \ \ muc_component = \"conference.$DOMAIN\"" "$PROSODY_FILE"
sed -i "/$PROS_MATCH3/i \ \ \ \ breakout_rooms_component = \"breakout.$DOMAIN\"" "$PROSODY_FILE"
sed -i "/$PROS_MATCH3/i \\\n" "$PROSODY_FILE"
fi
printf "\n# Checking for whitebord setup at %s.\n" "$(basename "$MEET_CONF")"
if [ -z "$(sed -n '/whiteboard: {/,/},/p' "$MEET_CONF")" ]; then
echo "> No present configuration on current config.js file"
sed -i "/$CONFIG_MATCH1/i \\\n" "$MEET_CONF"
sed -i "/$CONFIG_MATCH1/i \ \ \ \ whiteboard: {" "$MEET_CONF"
sed -i "/$CONFIG_MATCH1/i \ \ \ \ \ \ \ \ enabled: true," "$MEET_CONF"
sed -i "/$CONFIG_MATCH1/i \ \ \ \ \ \ \ \ collabServerBaseUrl: 'https://$DOMAIN'" "$MEET_CONF"
sed -i "/$CONFIG_MATCH1/i \ \ \ \ }," "$MEET_CONF"
sed -i "/$CONFIG_MATCH1/i \\\n" "$MEET_CONF"
else
echo "> Enabling configuration on current config.js file"
sed -i "/whiteboard: {/,/},/s|// ||" "$MEET_CONF"
sed -i "/collabServerBaseUrl:/s|'https://.*'|'https://$DOMAIN'|" "$MEET_CONF"
fi
if sed -n '/toolbarButtons: \[/,/\],/p' "$MEET_CONF" | \
grep -v '//'| grep -q whiteboard ; then
echo "> Whiteboard toolbar already enabled."
elif sed -n '/toolbarButtons: \[/,/\],/p' "$MEET_CONF" | \
grep -v '//'|grep -q toolbarButtons: ; then
echo "> Enabling whiteboard toolbar."
sed -i "/toolbarButtons:/a \ \ \ \ \ \ \ 'whiteboard'," "$MEET_CONF"
else
echo "> ToolbarButtons not customized, whiteboard should be enabled by default,"
echo " otherwise, please report to: https://forge.switnet.net/switnet/quick-jibri-installer/issues"
fi
printf "\n# Add systemd service\n"
cat << EOF > /etc/systemd/system/excalidraw.service
[Unit]
Description=Excalidraw backend
After=network-online.target
[Service]
User=excalidraw
Group=excalidraw
WorkingDirectory=$EXCALIDRAW_HOME/backend
ExecStart=npm start
Restart=always
RestartSec=5s
[Install]
WantedBy=multi-user.target
EOF
systemctl enable excalidraw.service
systemctl start excalidraw.service
printwc "${Green}" "\nExcalidraw setup complete!\n"
restart_services

View File

@ -1,109 +0,0 @@
// XMPP environment config.
jibri {
streaming {
// A list of regex patterns for allowed RTMP URLs. The RTMP URL used
// when starting a stream must match at least one of the patterns in
// this list.
rtmp-allow-list = [
// By default, all services are allowed
".*"
]
}
ffmpeg {
resolution = JIBRI_RES_CONF
}
chrome {
// The flags which will be passed to chromium when launching
flags = [
"--use-fake-ui-for-media-stream",
"--start-maximized",
"--kiosk",
"--enabled",
"--disable-infobars",
"--autoplay-policy=no-user-gesture-required",
"--ignore-certificate-errors",
"--disable-dev-shm-usage"
]
}
stats {
enable-stats-d = true
}
call-status-checks {
// If all clients have their audio and video muted and if Jibri does not
// detect any data stream (audio or video) comming in, it will stop
// recording after NO_MEDIA_TIMEOUT expires.
no-media-timeout = 30 seconds
// If all clients have their audio and video muted, Jibri consideres this
// as an empty call and stops the recording after ALL_MUTED_TIMEOUT expires.
all-muted-timeout = 10 minutes
// When detecting if a call is empty, Jibri takes into consideration for how
// long the call has been empty already. If it has been empty for more than
// DEFAULT_CALL_EMPTY_TIMEOUT, it will consider it empty and stop the recording.
default-call-empty-timeout = 30 seconds
}
recording {
recordings-directory = "DIR_RECORD"
finalize-script = "REC_DIR"
}
api {
xmpp {
environments = [
{
// A user-friendly name for this environment
name = "JB_NAME"
// A list of XMPP server hosts to which we'll connect
xmpp-server-hosts = [ "DOMAIN" ]
// The base XMPP domain
xmpp-domain = "DOMAIN"
// The MUC we'll join to announce our presence for
// recording and streaming services
control-muc {
domain = "internal.auth.DOMAIN"
room-name = "JibriBrewery"
nickname = "Live"
}
// The login information for the control MUC
control-login {
domain = "auth.DOMAIN"
username = "jibri"
password = "JB_AUTH_PASS"
}
// An (optional) MUC configuration where we'll
// join to announce SIP gateway services
// sip-control-muc {
// domain = "domain"
// room-name = "room-name"
// nickname = "nickname"
// }
// The login information the selenium web client will use
call-login {
domain = "recorder.DOMAIN"
username = "recorder"
password = "JB_REC_PASS"
}
// The value we'll strip from the room JID domain to derive
// the call URL
strip-from-room-domain = "conference."
// How long Jibri sessions will be allowed to last before
// they are stopped. A value of 0 allows them to go on
// indefinitely
usage-timeout = 0 hour
// Whether or not we'll automatically trust any cert on
// this XMPP domain
trust-all-xmpp-certs = true
}
]
}
}
}

View File

@ -1,177 +0,0 @@
# Nextcloud 28 nginx - configuration
upstream php-handler {
#server 127.0.0.1:9000;
server unix:/run/php/php_PHPVER-fpm.sock;
}
# Set the `immutable` cache control options only for assets with a cache busting `v` argument
map $arg_v $asset_immutable {
"" "";
default "immutable";
}
server {
listen 80;
listen [::]:80;
server_name _NC_DOMAIN;
# enforce https
return 301 https://\$server_name\$request_uri;
}
server {
listen _NC_NGINX_SSL_PORT ssl http2;
listen [::]:_NC_NGINX_SSL_PORT ssl http2;
server_name _NC_DOMAIN;
# Path to the root of your installation
root _NC_PATH/;
ssl_certificate /etc/letsencrypt/live/_NC_DOMAIN/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/_NC_DOMAIN/privkey.pem;
# Prevent nginx HTTP Server Detection
server_tokens off;
# HSTS settings
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" always;
# set max upload size and increase upload timeout:
client_max_body_size 512M;
client_body_timeout 300s;
fastcgi_buffers 64 4K;
# Enable gzip but do not remove ETag headers
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml text/javascript application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# Pagespeed is not supported by Nextcloud, so if your server is built
# with the `ngx_pagespeed` module, uncomment this line to disable it.
#pagespeed off;
# The settings allows you to optimize the HTTP2 bandwidth.
# See https://blog.cloudflare.com/delivering-http-2-upload-speed-improvements/
# for tuning hints
client_body_buffer_size 512k;
# HTTP response headers borrowed from Nextcloud `.htaccess`
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "noindex, nofollow" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
# Specify how to handle directories -- specifying `/index.php$request_uri`
# here as the fallback means that Nginx always exhibits the desired behaviour
# when a client requests a path that corresponds to a directory that exists
# on the server. In particular, if that directory contains an index.php file,
# that file is correctly served; if it doesn't, then the request is passed to
# the front-end controller. This consistent behaviour means that we don't need
# to specify custom rules for certain paths (e.g. images and other assets,
# `/updater`, `/ocs-provider`), and thus
# `try_files $uri $uri/ /index.php$request_uri`
# always provides the desired behaviour.
index index.php index.html /index.php$request_uri;
# Rule borrowed from `.htaccess` to handle Microsoft DAV clients
location = / {
if ( $http_user_agent ~ ^DavClnt ) {
return 302 /remote.php/webdav/$is_args$args;
}
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Make a regex exception for `/.well-known` so that clients can still
# access it despite the existence of the regex rule
# `location ~ /(\.|autotest|...)` which would otherwise handle requests
# for `/.well-known`.
location ^~ /.well-known {
# The rules in this block are an adaptation of the rules
# in `.htaccess` that concern `/.well-known`.
location = /.well-known/carddav { return 301 /remote.php/dav/; }
location = /.well-known/caldav { return 301 /remote.php/dav/; }
location /.well-known/acme-challenge { try_files $uri $uri/ =404; }
location /.well-known/pki-validation { try_files $uri $uri/ =404; }
# Let Nextcloud's API for `/.well-known` URIs handle all other
# requests by passing them to the front-end controller.
return 301 /index.php$request_uri;
}
# Rules borrowed from `.htaccess` to hide certain paths from clients
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
# Ensure this block, which passes PHP files to the PHP process, is above the blocks
# which handle static assets (as seen below). If this block is not declared first,
# then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
# to the URI, resulting in a HTTP 500 error response.
location ~ \.php(?:$|/) {
# Required for legacy support
rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri;
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
fastcgi_param front_controller_active true; # Enable pretty urls
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
fastcgi_max_temp_file_size 0;
}
# Serve static files
location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map|ogg|flac)$ {
try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15778463, $asset_immutable";
access_log off; # Optional: Don't log access to assets
location ~ \.wasm$ {
default_type application/wasm;
}
}
location ~ \.woff2?$ {
try_files $uri /index.php$request_uri;
expires 7d; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets
}
# Rule borrowed from `.htaccess`
location /remote {
return 301 /remote.php$request_uri;
}
location / {
try_files $uri $uri/ /index.php$request_uri;
}
}

View File

@ -7,8 +7,8 @@
# - https://grafana.com/grafana/dashboards/11969 # - https://grafana.com/grafana/dashboards/11969
# by "mephisto" # by "mephisto"
# #
# Igor Kerstges © - 2021 # Igor Kerstges © - 2020
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2020, https://switnet.net/
# #
# GPLv3 or later. # GPLv3 or later.
@ -17,7 +17,7 @@ do
case "${option}" case "${option}"
in in
m) MODE=${OPTARG};; m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; \?) echo "Usage: sudo ./grafana.sh [-m debug]" && exit;;
esac esac
done done
@ -26,7 +26,7 @@ if [ "$MODE" = "debug" ]; then
set -x set -x
fi fi
if ! [ "$(id -u)" = 0 ]; then if ! [ $(id -u) = 0 ]; then
echo "You need to be root or have sudo privileges!" echo "You need to be root or have sudo privileges!"
exit 0 exit 0
fi fi
@ -39,63 +39,42 @@ echo '
by Software, IT & Networks Ltd by Software, IT & Networks Ltd
' '
run_service() { run_service() {
systemctl enable "$1" systemctl enable $1
systemctl restart "$1" systemctl restart $1
systemctl status "$1" systemctl status $1
}
test_match() {
if grep -q "$1" "$2" ; then
echo "$(basename "$2") - OK..."
else
echo "$(basename "$2"), FAIL..."
echo "Please report this to https://forge.switnet.net/switnet/quick-jibri-installer"
exit
fi
} }
MAIN_TEL="/etc/telegraf/telegraf.conf" MAIN_TEL="/etc/telegraf/telegraf.conf"
TEL_JIT="/etc/telegraf/telegraf.d/jitsi.conf" TEL_JIT="/etc/telegraf/telegraf.d/jitsi.conf"
GRAFANA_INI="/etc/grafana/grafana.ini" GRAFANA_INI="/etc/grafana/grafana.ini"
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf" WS_CONF="/etc/nginx/sites-enabled/$DOMAIN.conf"
WS_MATCH1="# ensure all static content can always be found first"
WS_MATCH2="upstream prosody {"
GRAFANA_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)" GRAFANA_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)"
# Min requirements # Min requirements
apt-get update && \ apt update && apt install -y gnupg2 curl wget jq
apt-get install -y gnupg2 \
curl \
wget \
jq
# Make sure we can rely on the match strings.
printf "> Testing match strings on config files.\n"
test_match "$WS_MATCH1" "$WS_CONF"
echo " echo "
# Setup InfluxDB Packages # Setup InfluxDB Packages
" "
curl -s https://repos.influxdata.com/influxdata-archive.key > \ wget -qO- https://repos.influxdata.com/influxdb.key | sudo apt-key add -
/etc/apt/trusted.gpg.d/influxdata-archive.key echo "deb https://repos.influxdata.com/debian buster stable" | sudo tee /etc/apt/sources.list.d/influxdb.list
echo "deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive.key] https://repos.influxdata.com/debian buster stable" | \ apt update && apt install influxdb -y
sudo tee /etc/apt/sources.list.d/influxdb.list
apt-get update && apt-get install influxdb -y
run_service influxdb run_service influxdb
echo " echo "
# Setup Grafana Packages # Setup Grafana Packages
" "
curl -s https://apt.grafana.com/gpg-full.key | \ curl -s https://packages.grafana.com/gpg.key | sudo apt-key add -
gpg --dearmor | tee /etc/apt/trusted.gpg.d/grafana-full-key.gpg >/dev/null add-apt-repository "deb https://packages.grafana.com/oss/deb stable main"
echo "deb https://packages.grafana.com/oss/deb stable main" | \ apt update && apt install grafana -y
sudo tee /etc/apt/sources.list.d/grafana_com_oss_deb.list
apt-get update && apt-get install grafana -y
run_service grafana-server run_service grafana-server
echo " echo "
# Setup Telegraf Packages # Setup Telegraf Packages
" "
apt-get update && apt-get install telegraf -y wget -qO- https://repos.influxdata.com/influxdb.key | sudo apt-key add -
echo "deb https://repos.influxdata.com/debian buster stable" | sudo tee /etc/apt/sources.list.d/influxdb.list
apt update && apt install telegraf -y
mv /etc/telegraf/telegraf.conf /etc/telegraf/telegraf.conf.original mv /etc/telegraf/telegraf.conf /etc/telegraf/telegraf.conf.original
echo " echo "
@ -151,18 +130,18 @@ JITSI_TELEGRAF
run_service telegraf run_service telegraf
echo -e "\n# Setup videobridge options\n" echo "
echo ' # Setup videobridge options
# extra options to pass to the JVB daemon "
JVB_OPTS="--apis=rest,xmpp"' >> /etc/jitsi/videobridge/config sed -i "s|JVB_OPTS=\"--apis.*|JVB_OPTS=\"--apis=rest,xmpp\"|" /etc/jitsi/videobridge/config
sed -i "s|TRANSPORT=muc|TRANSPORT=muc,colibri|" /etc/jitsi/videobridge/sip-communicator.properties sed -i "s|TRANSPORT=muc|TRANSPORT=muc,colibri|" /etc/jitsi/videobridge/sip-communicator.properties
# Enable videobridge REST API
hocon -f /etc/jitsi/videobridge/jvb.conf set videobridge.apis.rest.enabled true
systemctl restart jitsi-videobridge2 systemctl restart jitsi-videobridge2
echo -e "\n# Setup Grafana nginx domain\n" echo "
# Setup Grafana nginx domain
"
sed -i "s|;protocol =.*|protocol = http|" $GRAFANA_INI sed -i "s|;protocol =.*|protocol = http|" $GRAFANA_INI
sed -i "s|;http_addr =.*|http_addr = 127.0.0.1|" $GRAFANA_INI sed -i "s|;http_addr =.*|http_addr = localhost|" $GRAFANA_INI
sed -i "s|;http_port =.*|http_port = 3000|" $GRAFANA_INI sed -i "s|;http_port =.*|http_port = 3000|" $GRAFANA_INI
sed -i "s|;domain =.*|domain = $DOMAIN|" $GRAFANA_INI sed -i "s|;domain =.*|domain = $DOMAIN|" $GRAFANA_INI
sed -i "s|;enforce_domain =.*|enforce_domain = false|" $GRAFANA_INI sed -i "s|;enforce_domain =.*|enforce_domain = false|" $GRAFANA_INI
@ -179,35 +158,15 @@ while [ $secs -gt 0 ]; do
: $((secs--)) : $((secs--))
done done
if [ -f "$WS_CONF" ]; then if [ -f $WS_CONF ]; then
sed -i "/$WS_MATCH1/i \ \ \ \ # Proxy Grafana." "$WS_CONF" sed -i "/Anything that didn't match above/i \ \ \ \ location \~ \^\/(grafana\/|grafana\/login) {" $WS_CONF
sed -i "/$WS_MATCH1/i \ \ \ \ location ~ ^/(grafana/|grafana/login) {" "$WS_CONF" sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:3000;" $WS_CONF
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF" sed -i "/Anything that didn't match above/i \ \ \ \ }" $WS_CONF
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_pass http://grafana;" "$WS_CONF" sed -i "/Anything that didn't match above/i \\\n" $WS_CONF
sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF"
sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ # Proxy Grafana Live WebSocket connections." "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ location /grafana/api/live/ {" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Upgrade \$http_upgrade;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Connection \$connection_upgrade;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_pass http://grafana;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF"
sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections." "$WS_CONF"
sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF"
sed -i "/$WS_MATCH2/i }" "$WS_CONF"
sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF"
sed -i "/$WS_MATCH2/i upstream grafana {" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ server localhost:3000;" "$WS_CONF"
sed -i "/$WS_MATCH2/i }" "$WS_CONF"
systemctl restart nginx systemctl restart nginx
else else
echo "No app configuration done to server file, please report to: echo "No app configuration done to server file, please report to:
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues" -> https://github.com/switnet-ltd/quick-jibri-installer/issues"
fi fi
echo " echo "
@ -219,7 +178,7 @@ PUT -H "Content-Type: application/json;charset=UTF-8" -d \
\"oldPassword\": \"admin\", \"oldPassword\": \"admin\",
\"newPassword\": \"$GRAFANA_PASS\", \"newPassword\": \"$GRAFANA_PASS\",
\"confirmNew\": \"$GRAFANA_PASS\" \"confirmNew\": \"$GRAFANA_PASS\"
}" http://127.0.0.1:3000/api/user/password; echo "" }" http://localhost:3000/api/user/password; echo ""
echo " echo "
# Create InfluxDB datasource # Create InfluxDB datasource
@ -229,22 +188,22 @@ POST -H 'Content-Type: application/json;charset=UTF-8' -d \
'{ '{
"name": "InfluxDB", "name": "InfluxDB",
"type": "influxdb", "type": "influxdb",
"url": "http://127.0.0.1:8086", "url": "http://localhost:8086",
"access": "proxy", "access": "proxy",
"isDefault": true, "isDefault": true,
"database": "jitsi" "database": "jitsi"
}' http://127.0.0.1:3000/api/datasources; echo "" }' http://localhost:3000/api/datasources; echo ""
echo " echo "
# Add Grafana Dashboard # Add Grafana Dashboard
" "
grafana_host="http://127.0.0.1:3000" grafana_host="http://localhost:3000"
grafana_cred="admin:$GRAFANA_PASS" grafana_cred="admin:$GRAFANA_PASS"
grafana_datasource="InfluxDB" grafana_datasource="InfluxDB"
ds=(11969); ds=(11969);
for d in "${ds[@]}"; do for d in "${ds[@]}"; do
echo "Processing $d: " echo -n "Processing $d: "
j="$(curl -s -k -u "$grafana_cred" "$grafana_host"/api/gnet/dashboards/"$d" | jq .json)" j=$(curl -s -k -u "$grafana_cred" $grafana_host/api/gnet/dashboards/$d | jq .json)
curl -s -k -u "$grafana_cred" -XPOST -H "Accept: application/json" \ curl -s -k -u "$grafana_cred" -XPOST -H "Accept: application/json" \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
-d "{ -d "{

View File

@ -1 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?><svg xmlns="http://www.w3.org/2000/svg" width="1" height="1"/>

Before

Width:  |  Height:  |  Size: 100 B

View File

@ -1,128 +0,0 @@
#!/bin/bash
# Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
exit_if_not_installed() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then
echo " This instance doesn't have $1 installed, exiting..."
echo " If you think this is an error, please report to:
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues "
exit
fi
}
clear
echo ''
echo '########################################################################'
echo ' Jigasi Transcript addon'
echo '########################################################################'
echo ' by Software, IT & Networks Ltd'
echo ''
exit_if_not_installed jitsi-meet
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
JIG_TRANSC_PASWD="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 16 | head -n1)"
JIG_SIP_PROP="/etc/jitsi/jigasi/sip-communicator.properties"
export DOMAIN
export JIG_TRANSC_PASWD
apt-get -q2 update
# Disable SIP account prompt by default
echo "jigasi jigasi/sip-account string ''" | debconf-set-selections
echo "jigasi jigasi/sip-password password ''" | debconf-set-selections
echo "Installing Jigasi, SIP configuration disabled by default."
apt-get -y install gettext-base jigasi docker.io
echo "Please select a language for the VOSK transcription model:"
echo "1) Chinese"
echo "2) English"
echo "3) French"
echo "4) German"
echo "5) Hindi"
echo "6) Japanese"
echo "7) Russian"
echo "8) Spanish"
read -p "Enter the number corresponding to your language choice: " -r lang_choice
case $lang_choice in
1)
echo "You selected Chinese."
VOSK_DOCKER_MODEL="alphacep/kaldi-cn"
;;
2)
echo "You selected English."
VOSK_DOCKER_MODEL="alphacep/kaldi-en"
;;
3)
echo "You selected French."
VOSK_DOCKER_MODEL="alphacep/kaldi-fr"
;;
4)
echo "You selected German."
VOSK_DOCKER_MODEL="alphacep/kaldi-de"
;;
5)
echo "You selected Hindi."
VOSK_DOCKER_MODEL="alphacep/kaldi-hi"
;;
6)
echo "You selected Japanese."
VOSK_DOCKER_MODEL="alphacep/kaldi-ja"
;;
7)
echo "You selected Russian."
VOSK_DOCKER_MODEL="alphacep/kaldi-ru"
;;
8)
echo "You selected Spanish."
VOSK_DOCKER_MODEL="alphacep/kaldi-es"
;;
*)
echo "Invalid selection. Please choose a number between 1 and 8."
;;
esac
# Running selected VOSK docker model.
docker run -d --restart always -p 2700:2700 ${VOSK_DOCKER_MODEL}:latest
echo "Setting up Jigasi transcript with current platform..."
# Jitsi Meet
echo "> Patching Jitsi Meet's config.js for Transcription support."
echo " Read more at patches/jigasi/001-jigasi-meet-config.patch file"
envsubst < patches/jigasi/001-jigasi-meet-config.patch | \
patch --no-backup-if-mismatch -d / -p1
# Jigasi
echo "> Patching jigasi's sip-communicator.properties configuration."
echo " Read more at patches/jigasi/002-jigasi-sip-properties.patch file"
cp "$JIG_SIP_PROP" ${JIG_SIP_PROP}-dpkg-file
envsubst < patches/jigasi/002-jigasi-sip-properties.patch | \
patch --no-backup-if-mismatch -d / -p1
# Create transcribe user on hidden domain.
prosodyctl register transcriber recorder."$DOMAIN" "$JIG_TRANSC_PASWD"
# Restart services.
systemctl restart prosody \
jicofo \
jigasi \
jibri* \
jitsi-videobridge2
echo ""
echo "Full transcript files are available at:"
echo "--> /var/lib/jigasi/transcripts/"
echo ""
echo "Happy transcripting!"
echo ""

View File

@ -9,7 +9,7 @@
####################################################### #######################################################
#Check if user is root #Check if user is root
if ! [ "$(id -u)" = 0 ]; then if ! [ $(id -u) = 0 ]; then
echo "You need to be root or have sudo privileges!" echo "You need to be root or have sudo privileges!"
exit 0 exit 0
fi fi
@ -22,17 +22,17 @@ echo '
by Software, IT & Networks Ltd by Software, IT & Networks Ltd
' '
JIGASI_CONFIG="/etc/jitsi/jigasi/config" JIGASI_CONFIG=/etc/jitsi/jigasi/config
GC_API_JSON="/opt/gc-sdk/GCTranscriptAPI.json" GC_API_JSON=/opt/gc-sdk/GCTranscriptAPI.json
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
MEET_CONF="/etc/jitsi/meet/${DOMAIN}-config.js" MEET_CONF=/etc/jitsi/meet/${DOMAIN}-config.js
JIG_SIP_CONF="/etc/jitsi/jigasi/config" JIG_SIP_CONF=/etc/jitsi/jigasi/config
JIG_SIP_PROP="/etc/jitsi/jigasi/sip-communicator.properties" JIG_SIP_PROP=/etc/jitsi/jigasi/sip-communicator.properties
JIC_SIP_PROP="/etc/jitsi/jicofo/sip-communicator.properties" JIC_SIP_PROP=/etc/jitsi/jicofo/sip-communicator.properties
JIG_TRANSC_PASWD="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 8 | head -n1)" JIG_TRANSC_PASWD="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 8 | head -n1)"
JIG_TRANSC_PASWD_B64="$(echo -n "$JIG_TRANSC_PASWD" | base64)" JIG_TRANSC_PASWD_B64="$(echo -n "$JIG_TRANSC_PASWD" | base64)"
DIST="$(lsb_release -sc)" DIST=$(lsb_release -sc)
CHECK_GC_REPO="$(apt-cache policy | grep http | grep cloud-sdk | head -n1 | awk '{print $3}' | awk -F '/' '{print $1}')" CHECK_GC_REPO=$(apt-cache policy | grep http | grep cloud-sdk | head -n1 | awk '{print $3}' | awk -F '/' '{print $1}')
install_gc_repo() { install_gc_repo() {
if [ "$CHECK_GC_REPO" = "cloud-sdk-$DIST" ]; then if [ "$CHECK_GC_REPO" = "cloud-sdk-$DIST" ]; then
@ -56,17 +56,17 @@ apt-get -y install google-cloud-sdk google-cloud-sdk-app-engine-java
echo "Please select one of the current options: echo "Please select one of the current options:
[1] I want to configure a new project, service account, billing and JSON credentials. [1] I want to configure a new project, service account, billing and JSON credentials.
[2] I already have one project configured and already have a JSON key file from Google" [2] I already have one project configured and already have a JSON key file from Google"
while [[ "$SETUP_TYPE" != "1" && "$SETUP_TYPE" != "2" ]] while [[ $SETUP_TYPE != 1 && $SETUP_TYPE != 2 ]]
do do
read -p "What option suits your setup?: (1 or 2)"$'\n' -r SETUP_TYPE read -p "What option suits your setup?: (1 or 2)"$'\n' -r SETUP_TYPE
if [ "$SETUP_TYPE" = "1" ]; then if [ $SETUP_TYPE = 1 ]; then
echo "We'll setup a GC Projects from scratch" echo "We'll setup a GC Projects from scratch"
elif [ "$SETUP_TYPE" = "2" ]; then elif [ $SETUP_TYPE = 2 ]; then
echo "We'll setup only the project and JSON key." echo "We'll setup only the proect and JSON key."
fi fi
done done
if [ "$SETUP_TYPE" = 1 ]; then if [ $SETUP_TYPE = 1 ]; then
### Start of new project configuration - Google SDK ### Start of new project configuration - Google SDK
#Setup option 1 - Google Cloud SDK #Setup option 1 - Google Cloud SDK
echo "Once logged on Google Cloud SDK, please create a new project (last option)." echo "Once logged on Google Cloud SDK, please create a new project (last option)."
@ -79,14 +79,14 @@ gcloud auth application-default login
# Start Google Cloud Configuration - Application Service # Start Google Cloud Configuration - Application Service
GC_MEMBER=transcript GC_MEMBER=transcript
echo "Checking if project exist..." echo "Checking if project exist..."
PROJECT_GC_ID="$(gcloud projects list | grep "$GC_PROJECT_NAME" | awk '{print$3}')" PROJECT_GC_ID=$(gcloud projects list | grep $GC_PROJECT_NAME | awk '{print$3}')
while [ -z "$PROJECT_GC_ID" ] while [ -z $PROJECT_GC_ID ]
do do
read -p "Enter the project name you just created for Jigasi Speech-to-Text"$'\n' -r GC_PROJECT_NAME read -p "Enter the project name you just created for Jigasi Speech-to-Text"$'\n' -r GC_PROJECT_NAME
if [ -z "$PROJECT_GC_ID" ]; then if [ -z PROJECT_GC_ID ]; then
echo "Please check your project name," echo "Please check your project name,
echo "There is no project listed with the provided name: $GC_PROJECT_NAME" There is no project listed with the provided name: $GC_PROJECT_NAME"
PROJECT_GC_ID="$(gcloud projects list | grep "$GC_PROJECT_NAME" | awk '{print$3}')" PROJECT_GC_ID=$(gcloud projects list | grep $GC_PROJECT_NAME | awk '{print$3}')
fi fi
done done
echo "Your $GC_PROJECT_NAME ID's project is: $PROJECT_GC_ID" echo "Your $GC_PROJECT_NAME ID's project is: $PROJECT_GC_ID"
@ -101,19 +101,19 @@ while [[ $? -eq 1 ]]
do do
CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)"
if [[ $? -eq 1 ]]; then if [[ $? -eq 1 ]]; then
echo "Seems you haven't enabled billing for this project: $GC_PROJECT_NAME" echo "Seems you haven't enabled billing for this project: $GC_PROJECT_NAME
echo " For that go to: https://console.developers.google.com/project/$PROJECT_GC_ID/settings For that go to: https://console.developers.google.com/project/$PROJECT_GC_ID/settings
" "
read -rp "Press Enter to continue" read -p "Press Enter to continue"
CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)" CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)"
fi fi
done done
echo "Billing account seems setup, continuing..." echo "Billing account seems setup, continuing..."
gcloud iam service-accounts create "$GC_MEMBER" gcloud iam service-accounts create $GC_MEMBER
gcloud projects add-iam-policy-binding "$GC_PROJECT_NAME" \ gcloud projects add-iam-policy-binding $GC_PROJECT_NAME \
--member serviceAccount:"$GC_MEMBER"@"$GC_PROJECT_NAME".iam.gserviceaccount.com \ --member serviceAccount:$GC_MEMBER@$GC_PROJECT_NAME.iam.gserviceaccount.com \
--role roles/editor --role roles/editor
echo "Setup credentials:" echo "Setup credentials:"
@ -122,7 +122,7 @@ https://console.developers.google.com/apis/credentials?folder=&organizationId=&p
### End of new project configuration - Google SDK ### End of new project configuration - Google SDK
fi fi
if [ "$SETUP_TYPE" = "2" ]; then if [ $SETUP_TYPE = 2 ]; then
#Setup option 1 - Google Cloud SDK #Setup option 1 - Google Cloud SDK
echo "Once logged on Google Cloud SDK, please select the project that owns to the JSON key." echo "Once logged on Google Cloud SDK, please select the project that owns to the JSON key."
gcloud init gcloud init
@ -133,7 +133,7 @@ fi
echo "Setting up JSON key file..." echo "Setting up JSON key file..."
sleep 2 sleep 2
mkdir /opt/gc-sdk/ mkdir /opt/gc-sdk/
cat << KEY_JSON > "$GC_API_JSON" cat << KEY_JSON > $GC_API_JSON
# #
# Paste below this comment your GC JSON key for the service account: # Paste below this comment your GC JSON key for the service account:
# $GC_MEMBER@$GC_PROJECT_NAME.iam.gserviceaccount.com # $GC_MEMBER@$GC_PROJECT_NAME.iam.gserviceaccount.com
@ -143,11 +143,11 @@ cat << KEY_JSON > "$GC_API_JSON"
# These comment lines will be deleted afterwards. # These comment lines will be deleted afterwards.
# #
KEY_JSON KEY_JSON
chmod 644 "$GC_API_JSON" chmod 644 $GC_API_JSON
nano "$GC_API_JSON" nano $GC_API_JSON
sed -i '/^#/d' "$GC_API_JSON" sed -i '/^#/d' $GC_API_JSON
CHECK_JSON_KEY="$(cat "$GC_API_JSON" | python -m json.tool 2>/dev/null)" CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)"
while [[ $? -eq 1 ]] while [[ $? -eq 1 ]]
do do
CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)" CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)"
@ -167,9 +167,9 @@ export GOOGLE_APPLICATION_CREDENTIALS=$GC_API_JSON
echo "Installing Jigasi, your SIP credentials will be asked. (mandatory)" echo "Installing Jigasi, your SIP credentials will be asked. (mandatory)"
apt-get -y install jigasi apt-get -y install jigasi
#apt-mark hold jigasi apt-mark hold jigasi
cat << JIGASI_CONF >> "$JIGASI_CONFIG" cat << JIGASI_CONF >> $JIGASI_CONFIG
GOOGLE_APPLICATION_CREDENTIALS=$GC_API_JSON GOOGLE_APPLICATION_CREDENTIALS=$GC_API_JSON
@ -179,24 +179,24 @@ echo "Your Google Cloud credentials are at $GC_API_JSON"
echo "Setting up Jigasi transcript with current platform..." echo "Setting up Jigasi transcript with current platform..."
#Connect callcontrol #Connect callcontrol
sed -i "s|// call_control:|call_control:|" "$MEET_CONF" sed -i "s|// call_control:|call_control:|" $MEET_CONF
sed -i "s|// transcribingEnabled|transcribingEnabled|" "$MEET_CONF" sed -i "s|// transcribingEnabled|transcribingEnabled|" $MEET_CONF
sed -i "/transcribingEnabled/ s|false|true|" "$MEET_CONF" sed -i "/transcribingEnabled/ s|false|true|" $MEET_CONF
#siptest2siptest@domain.con #siptest2siptest@domain.con
#changed from conference to internal.auth from jibri #changed from conference to internal.auth from jibri
sed -i "s|siptest|siptest@internal.auth.$DOMAIN|" "$JIG_SIP_PROP" sed -i "s|siptest|siptest@internal.auth.$DOMAIN|" $JIG_SIP_PROP
#Disable component in favor of MUC #Disable component in favor of MUC
if [ "$(grep -c nocomponent "$JIG_SIP_CONF")" != 0 ]; then if [ $(grep -c nocomponent $JIG_SIP_CONF) != 0 ]; then
echo "Jigasi component is already disabled." echo "Jigasi component is already disabled."
else else
echo "Disabling jigasi component in favor of MUC" echo "Disabling jigasi component in favor of MUC"
sed -i "s|JIGASI_OPTS=.*|JIGASI_OPTS=\"--nocomponent=true\"|" "$JIG_SIP_CONF" sed -i "s|JIGASI_OPTS=.*|JIGASI_OPTS=\"--nocomponent=true\"|" $JIG_SIP_CONF
fi fi
#Setup XMPP #Setup XMPP
cat << ACC1_XMPP >> "$JIG_SIP_PROP" cat << ACC1_XMPP >> $JIG_SIP_PROP
# XMPP account used for control # XMPP account used for control
net.java.sip.communicator.impl.protocol.jabber.acc1=acc1 net.java.sip.communicator.impl.protocol.jabber.acc1=acc1
@ -265,30 +265,30 @@ org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true
ACC1_XMPP ACC1_XMPP
#Enable transcription config #Enable transcription config
sed -i "/ENABLE_TRANSCRIPTION/ s|#||" "$JIG_SIP_PROP" sed -i "/ENABLE_TRANSCRIPTION/ s|#||" $JIG_SIP_PROP
sed -i "/ENABLE_TRANSCRIPTION/ s|false|true|" "$JIG_SIP_PROP" sed -i "/ENABLE_TRANSCRIPTION/ s|false|true|" $JIG_SIP_PROP
sed -i "/ENABLE_SIP/ s|#||" "$JIG_SIP_PROP" sed -i "/ENABLE_SIP/ s|#||" $JIG_SIP_PROP
sed -i "/ENABLE_SIP/ s|true|false|" "$JIG_SIP_PROP" sed -i "/ENABLE_SIP/ s|true|false|" $JIG_SIP_PROP
#Transcript format #Transcript format
sed -i "/SAVE_JSON/ s|# ||" "$JIG_SIP_PROP" sed -i "/SAVE_JSON/ s|# ||" $JIG_SIP_PROP
sed -i "/SEND_JSON/ s|# ||" "$JIG_SIP_PROP" sed -i "/SEND_JSON/ s|# ||" $JIG_SIP_PROP
sed -i "/SAVE_TXT/ s|# ||" "$JIG_SIP_PROP" sed -i "/SAVE_TXT/ s|# ||" $JIG_SIP_PROP
sed -i "/SEND_TXT/ s|# ||" "$JIG_SIP_PROP" sed -i "/SEND_TXT/ s|# ||" $JIG_SIP_PROP
#sed -i "/SEND_TXT/ s|false|true|" $JIG_SIP_PROP #sed -i "/SEND_TXT/ s|false|true|" $JIG_SIP_PROP
#Allow to connect other than same server only. #Allow to connect other than same server only.
sed -i \ sed -i \
"/xmpp.acc.SERVER_ADDRESS/ s|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=.*|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=$DOMAIN|" \ "/xmpp.acc.SERVER_ADDRESS/ s|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=.*|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=$DOMAIN|" \
"$JIG_SIP_PROP" $JIG_SIP_PROP
#Remember to study how to use LE or what's needed #ToDo #Remember to study how to use LE or what's needed #ToDo
sed -i "/ALWAYS_TRUST_MODE_ENABLED/ s|# ||" "$JIG_SIP_PROP" sed -i "/ALWAYS_TRUST_MODE_ENABLED/ s|# ||" $JIG_SIP_PROP
prosodyctl register jigasi auth."$DOMAIN" "$JIG_TRANSC_PASWD" prosodyctl register jigasi auth.$DOMAIN $JIG_TRANSC_PASWD
#Set Brewery #Set Brewery
cat << JIG_JIC >> "$JIC_SIP_PROP" cat << JIG_JIC >> $JIC_SIP_PROP
org.jitsi.jicofo.jigasi.BREWERY=JigasiBreweryRoom@internal.auth.$DOMAIN org.jitsi.jicofo.jigasi.BREWERY=JigasiBreweryRoom@internal.auth.$DOMAIN
JIG_JIC JIG_JIC

View File

@ -1,34 +1,16 @@
#!/bin/bash #!/bin/bash
# Jitsi Meet recurring upgrader and customization keeper # Jitsi Meet recurring upgrader and customization keeper
# for Debian/*buntu binaries. # for Debian/*buntu binaries.
# SwITNet Ltd © - 2024, https://switnet.net/ # 2020 - SwITNet Ltd
# GNU GPLv3 or later. # GNU GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
Blue='\e[0;34m' Blue='\e[0;34m'
Purple='\e[0;35m' Purple='\e[0;35m'
Red='\e[0;31m'
Green='\e[0;32m' Green='\e[0;32m'
Yellow='\e[0;33m' Yellow='\e[0;33m'
Color_Off='\e[0m' Color_Off='\e[0m'
printwc() {
printf "%b$2%b" "$1" "${Color_Off}"
}
#Check if user is root #Check if user is root
if ! [ "$(id -u)" = 0 ]; then if ! [ $(id -u) = 0 ]; then
echo "You need to be root or have sudo privileges!" echo "You need to be root or have sudo privileges!"
exit 0 exit 0
fi fi
@ -39,48 +21,33 @@ if [ ! -f jm-bm.sh ]; then
fi fi
support="https://switnet.net/support" support="https://switnet.net/support"
apt_repo="/etc/apt/sources.list.d" apt_repo="/etc/apt/sources.list.d"
LOC_REC="TBD"
ENABLE_BLESSM="TBD" ENABLE_BLESSM="TBD"
G_CHROME=$(apt-cache madison google-chrome-stable|awk '{print$3}'|cut -d. -f1-3) CHD_LST="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
CHROMELAB_URL="https://googlechromelabs.github.io/chrome-for-testing"
CHD_LTST_DWNL=$(curl -s $CHROMELAB_URL/known-good-versions-with-downloads.json | \
jq -r ".versions[].downloads.chromedriver | select(. != null) | .[].url" | \
grep linux64 | grep "$G_CHROME" | tail -1)
CHD_LTST=$(awk -F '/' '{print$7}' <<< "$CHD_LTST_DWNL")
CHD_LTST_2D="$(cut -d "." -f 1,2 <<< "$CHD_LTST")"
CHDB="$(whereis chromedriver | awk '{print$2}')" CHDB="$(whereis chromedriver | awk '{print$2}')"
if [ -d /etc/prosody/conf.d/ ]; then DOMAIN="$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')"
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua | \
awk -F'.cfg' '!/localhost/{print $1}' | xargs basename)"
else
echo -e "Seems no prosody is installed...\n > is this a jibri node?"
fi
NC_DOMAIN="TBD" NC_DOMAIN="TBD"
JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf" JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
if [ -f "$JITSI_MEET_PROXY" ];then if [ -f $JITSI_MEET_PROXY ];then
PREAD_PROXY="$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" -f1)" PREAD_PROXY=$(grep -nr "preread_server_name" $JITSI_MEET_PROXY | cut -d ":" -f1)
fi fi
INT_CONF="/usr/share/jitsi-meet/interface_config.js" INT_CONF="/usr/share/jitsi-meet/interface_config.js"
INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js" jibri_packages="$(grep Package /var/lib/apt/lists/download.jitsi.org_*_Packages |sort -u|awk '{print $2}'|sed 's|jigasi||'|paste -s -d ' ')"
read -r -a jibri_packages < <(grep ^Package /var/lib/apt/lists/download.jitsi.org_*_Packages | \
sort -u | awk '{print $2}' | sed '/jigasi/d' | \
xargs)
AVATAR="$(grep -r avatar /etc/nginx/sites-*/ 2>/dev/null)" AVATAR="$(grep -r avatar /etc/nginx/sites-*/ 2>/dev/null)"
if [ -f "$apt_repo"/google-chrome.list ]; then if [ -f $apt_repo/google-chrome.list ]; then
read -r -a google_package < <(grep ^Package /var/lib/apt/lists/dl.google.com_*_Packages | \ google_package=$(grep Package /var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages | sort -u | cut -d ' ' -f2 | paste -s -d ' ')
sort -u | awk '{print $2}' | xargs)
else else
echo "Seems no Google repo installed" echo "Seems no Google repo installed"
fi fi
if [ -f "$apt_repo"/nodesource.list ]; then if [ -z $CHDB ]; then
read -r -a nodejs_package < <(grep ^Package /var/lib/apt/lists/deb.nodesource.com_node*_Packages | \ echo "Seems no chromedriver installed"
sort -u | awk '{print $2}' | xargs)
else else
echo "Seems no nodejs repo installed" CHD_AVB=$(chromedriver -v | awk '{print $2}')
fi fi
# True if $1 is greater than $2
version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; } version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
restart_jibri() { check_jibri() {
if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ] if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ]
then then
systemctl restart jibri systemctl restart jibri
@ -95,91 +62,58 @@ fi
restart_services() { restart_services() {
systemctl restart jitsi-videobridge2 systemctl restart jitsi-videobridge2
systemctl restart jicofo systemctl restart jicofo
restart_jibri check_jibri
systemctl restart prosody systemctl restart prosody
} }
upgrade_cd() {
if version_gt $CHD_LST $CHD_AVB
then
echo "Upgrading ..."
wget https://chromedriver.storage.googleapis.com/$CHD_LST/chromedriver_linux64.zip
unzip chromedriver_linux64.zip
sudo cp chromedriver $CHDB
rm -rf chromedriver chromedriver_linux64.zip
chromedriver -v
else
echo "No need to upgrade Chromedriver"
printf "Current version: ${Green} $CHD_AVB ${Color_Off}\n"
fi
}
update_jitsi_repo() { update_jitsi_repo() {
apt-get update -o Dir::Etc::sourcelist="sources.list.d/jitsi-$1.list" \ apt-get update -o Dir::Etc::sourcelist="sources.list.d/jitsi-$1.list" \
-o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"
apt-get install -q2 --only-upgrade <<< printf "${jibri_packages[@]}" apt-get install -qq --only-upgrade $jibri_packages
} }
update_google_repo() { update_google_repo() {
if [ -f "$apt_repo"/google-chrome.list ]; then if [ -f $apt_repo/google-chrome.list ]; then
apt-get update -o Dir::Etc::sourcelist="sources.list.d/google-chrome.list" \ apt-get update -o Dir::Etc::sourcelist="sources.list.d/google-chrome.list" \
-o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"
apt-get install -q2 --only-upgrade <<< printf "${google_package[@]}" apt-get install -qq --only-upgrade $google_package
else else
echo "No Google repository found" echo "No Google repository found"
fi
if [ -z "$CHDB" ]; then
echo "Seems no chromedriver installed"
else
CHD_VER_LOCAL="$($CHDB -v | awk '{print $2}')"
CHD_VER_2D="$(awk '{printf "%.1f\n", $NF}' <<< "$CHD_VER_LOCAL")"
fi
}
update_nodejs_repo() {
apt-get update -o Dir::Etc::sourcelist="sources.list.d/nodesource.list" \
-o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"
apt-get install -q2 --only-upgrade <<< printf "${nodejs_package[@]}"
}
check_latest_gc() {
printwc "${Purple}" "Checking for Google Chrome\n"
if [ -f /usr/bin/google-chrome ]; then
GOOGL_VER_2D="$(/usr/bin/google-chrome --version|awk '{printf "%.1f\n", $NF}')"
else
printwc "${Yellow}" " -> Seems there is no Google Chrome installed\n"
IS_GLG_CHRM="no"
fi
}
check_latest_gc
upgrade_cd() {
if [ -n "$GOOGL_VER_2D" ]; then
check_latest_gc
if version_gt "$GOOGL_VER_2D" "$CHD_VER_2D" ; then
echo "Upgrading Chromedriver to Google Chromes version"
wget -q "$CHD_LTST_DWNL" \
-O /tmp/chromedriver_linux64.zip
unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/
mv /usr/local/bin/chromedriver-linux64/chromedriver "$CHDB"
chown root:root "$CHDB"
chmod 0755 "$CHDB"
rm -rf /tpm/chromedriver_linux64.zip
printf "Current version: "
printwc "$Green" "$($CHDB -v |awk '{print $2}'|awk '{printf "%.1f\n", $NF}')"
echo -e " (latest available)\n"
elif [ "$GOOGL_VER_2D" = "$CHD_LTST_2D" ]; then
echo "No need to upgrade Chromedriver"
printf "Current version: "
printwc "$Green" "$CHD_VER_2D\n"
fi
else
printwc "${Yellow}" " -> No Google Chrome versión to match, leaving untouched.\n"
fi fi
} }
check_lst_cd() { check_lst_cd() {
printwc "${Purple}" "Checking for the latest Chromedriver\n" printf "${Purple}Checking for the latest Chromedriver${Color_Off}\n"
if [ -f "$CHDB" ]; then if [ -f $CHDB ]; then
printf "Current installed Chromedriver: " printf "Current installed Chromedriver: ${Yellow} $CHD_AVB ${Color_Off}\n"
printwc "${Yellow}" "$CHD_VER_2D\n" printf "Latest Chromedriver version available: ${Green} $CHD_LST ${Color_Off}\n"
printf "Current installed Google Chrome: "
printwc "${Green}" "$GOOGL_VER_2D\n"
upgrade_cd upgrade_cd
else else
printwc "${Yellow}" " -> Seems there is no Chromedriver installed\n" printf "${Yellow} -> Seems there is no Chromedriver installed${Color_Off}\n"
IS_CHDB="no"
fi fi
} }
printwc "${Blue}" "Update & upgrade Jitsi and components\n" printf "${Blue}Update & upgrade Jitsi and components - v2.3${Color_Off}\n"
if [ -f "$apt_repo"/jitsi-unstable.list ]; then if [ -f $apt_repo/jitsi-unstable.list ]; then
update_jitsi_repo unstable update_jitsi_repo unstable
update_google_repo update_google_repo
check_lst_cd check_lst_cd
elif [ -f "$apt_repo"/jitsi-stable.list ]; then elif [ -f $apt_repo/jitsi-stable.list ]; then
update_jitsi_repo stable update_jitsi_repo stable
update_google_repo update_google_repo
check_lst_cd check_lst_cd
@ -187,28 +121,6 @@ else
echo "Please check your repositories, something is not right." echo "Please check your repositories, something is not right."
exit 1 exit 1
fi fi
printwc "${Blue}" "Check for supported nodejs LTS version"
if version_gt "14" "$(dpkg-query -W -f='${Version}' nodejs)"; then
curl -sL https://deb.nodesource.com/setup_14.x | sudo -E bash -
apt-get install -yq2 nodejs
else
update_nodejs_repo
fi
check_if_installed(){
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo "1"
else
echo "0"
fi
}
check_for_jibri_node() {
if [ "$(check_if_installed jibri)" = 1 ] && \
[ "$(check_if_installed jitsi-meet)" = 0 ] && \
[ "$(check_if_installed prosody)" = 0 ]; then
printwc "${Green}" "\n::: This seems to be a jibri node :::\n"
JIBRI_NODE="yes"
fi
}
# Any customization, image, name or link change for any purpose should # Any customization, image, name or link change for any purpose should
# be documented here so new updates won't remove those changes. # be documented here so new updates won't remove those changes.
# We divide them on UI changes and branding changes, feel free to adapt # We divide them on UI changes and branding changes, feel free to adapt
@ -219,77 +131,55 @@ fi
######################################################################## ########################################################################
# User interface changes # # User interface changes #
######################################################################## ########################################################################
#Check for jibri node printf "${Purple}========== Setting Static Avatar ==========${Color_Off}\n"
check_for_jibri_node if [[ -z "$AVATAR" ]]; then
[ "$JIBRI_NODE" != yes ] && \
if [ -f "$INT_CONF_ETC" ]; then
echo "Static interface_config.js exists, skipping modification..."
else
echo "This setup doesn't have a static interface_config.js, checking changes..."
printwc "${Purple}" "========== Setting Static Avatar ==========\n"
if [ -z "$AVATAR" ]; then
echo "Moving on..." echo "Moving on..."
else else
echo "Setting Static Avatar" echo "Setting Static Avatar"
sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'http://$DOMAIN/avatar/\'|" "$INT_CONF" sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'http://$DOMAIN/avatar/\'|" $INT_CONF
sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" "$INT_CONF" sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" $INT_CONF
fi fi
printwc "${Purple}" "========== Setting Support Link ==========\n"
if [ -z "$support" ]; then printf "${Purple}========== Setting Support Link ==========${Color_Off}\n"
if [[ -z $support ]]; then
echo "Moving on..." echo "Moving on..."
else else
echo "Setting Support custom link" echo "Setting Support custom link"
sed -i "s|https://jitsi.org/live|$support|g" "$INT_CONF" sed -i "s|https://jitsi.org/live|$support|g" $INT_CONF
fi
printwc "${Purple}" "========== Disable Blur my background ==========\n"
sed -i "s|'videobackgroundblur', ||" "$INT_CONF"
fi
if [ "$(check_if_installed openjdk-8-jre-headless)" = 1 ]; then
printwc "${Red}" "\n::: Unsupported OpenJDK JRE version found :::\n"
apt-get install -y openjdk-11-jre-headless
apt-get purge -y openjdk-8-jre-headless
printwc "${Green}" "\n::: Updated to supported OpenJDK JRE version 11 :::\n"
fi fi
[ "$JIBRI_NODE" != yes ] && \ printf "${Purple}========== Disable Localrecording ==========${Color_Off}\n"
if [ "$LOC_REC" != "on" ]; then
echo "Removing localrecording..."
sed -i "s|'localrecording',||" $INT_CONF
fi
printf "${Purple}========== Disable Blur my background ==========${Color_Off}\n"
sed -i "s|'videobackgroundblur', ||" $INT_CONF
if [ "$NC_DOMAIN" != "TBD" ]; then if [ "$NC_DOMAIN" != "TBD" ]; then
printwc "${Purple}" "========== Enable $NC_DOMAIN for sync client ==========\n" printf "${Purple}========== Enable $NC_DOMAIN for sync client ==========${Color_Off}\n"
if [ -f "$JITSI_MEET_PROXY" ] && [ -z "$PREAD_PROXY" ]; then if [ -z "$PREAD_PROXY" ]; then
printf "\n Setting up Nextcloud domain on Jitsi Meet turn proxy\n\n" echo "
sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" "$JITSI_MEET_PROXY" Setting up Nextcloud domain on Jitsi Meet turn proxy
sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" "$JITSI_MEET_PROXY" "
sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" "$JITSI_MEET_PROXY" sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" $JITSI_MEET_PROXY
sed -i "/server {/i \ \ }" "$JITSI_MEET_PROXY" sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" $JITSI_MEET_PROXY
sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" $JITSI_MEET_PROXY
sed -i "/server {/i \ \ }" $JITSI_MEET_PROXY
else else
echo "$NC_DOMAIN seems to be on place, skipping..." echo "$NC_DOMAIN seems to be on place, skipping..."
fi fi
fi fi
# Final check & upgrade call.
check_lst_cd
if [ "$JIBRI_NODE" = "yes" ]; then
restart_jibri
else
restart_services restart_services
fi
if [ "$JIBRI_NODE" = "yes" ] && \
[ "$IS_CHDB" = "no" ] && \
[ "$IS_GLG_CHRM" = "no" ];then
printwc "${Red}" "\nBeware: This jibri node seems to be missing important packages.\n"
echo " > Googe Chrome"
echo " > Chromedriver"
fi
######################################################################## ########################################################################
# Brandless mode # # Brandless mode #
######################################################################## ########################################################################
if [ "$ENABLE_BLESSM" = "on" ]; then if [ $ENABLE_BLESSM = on ]; then
if [ "$MODE" = "debug" ]; then bash $PWD/jm-bm.sh
bash "$PWD"/jm-bm.sh -m debug
else
bash "$PWD"/jm-bm.sh
fi fi
fi printf "${Blue}Script completed \o/! ${Color_Off}\n"
printwc "${Blue}" "Script completed \o/!\n"

100
jm-bm.sh
View File

@ -1,33 +1,16 @@
#!/bin/bash #!/bin/bash
# Jitsi Meet brandless mode # Jitsi Meet brandless mode
# for Debian/*buntu binaries. # for Debian/*buntu binaries.
# SwITNet Ltd © - 2024, https://switnet.net/ # 2020 - SwITNet Ltd
# GNU GPLv3 or later. # GNU GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
CSS_FILE="/usr/share/jitsi-meet/css/all.css" CSS_FILE="/usr/share/jitsi-meet/css/all.css"
TITLE_FILE="/usr/share/jitsi-meet/title.html" TITLE_FILE="/usr/share/jitsi-meet/title.html"
INT_CONF="/usr/share/jitsi-meet/interface_config.js" INT_CONF="/usr/share/jitsi-meet/interface_config.js"
INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js"
BUNDLE_JS="/usr/share/jitsi-meet/libs/app.bundle.min.js" BUNDLE_JS="/usr/share/jitsi-meet/libs/app.bundle.min.js"
# #
JM_IMG_PATH="/usr/share/jitsi-meet/images" JM_IMG_PATH="/usr/share/jitsi-meet/images"
WTM2_PATH="$JM_IMG_PATH/watermark2.png" WTM2_PATH="$JM_IMG_PATH/watermark2.png"
WTM2_SVG_PATH="$JM_IMG_PATH/watermark2.svg"
FICON_PATH="$JM_IMG_PATH/favicon2.ico" FICON_PATH="$JM_IMG_PATH/favicon2.ico"
REC_ICON_PATH="$JM_IMG_PATH/gnome_record.png" REC_ICON_PATH="$JM_IMG_PATH/gnome_record.png"
# #
@ -36,65 +19,54 @@ MOVILE_APP_NAME="Jitsi Meet"
PART_USER="Participant" PART_USER="Participant"
LOCAL_USER="me" LOCAL_USER="me"
# #
#SEC_ROOM="TBD" SEC_ROOM="TBD"
copy_if_not_there() {
if [ ! -f "$1" ]; then
cp images/"$(echo $1|xargs basename)" "$1"
else
echo "$(echo $1|xargs basename) file exists, skipping copying..."
fi
}
echo ' echo '
#-------------------------------------------------- #--------------------------------------------------
# Applying Brandless mode # Applying Brandless mode
#-------------------------------------------------- #--------------------------------------------------
' '
#Watermark #Watermark
copy_if_not_there "$WTM2_PATH" if [ ! -f $WTM2_PATH ]; then
cp images/watermark2.png $WTM2_PATH
#Watermark svg else
copy_if_not_there "$WTM2_SVG_PATH" echo "watermark2 file exists, skipping copying..."
fi
#Favicon #Favicon
copy_if_not_there "$FICON_PATH" if [ ! -f $FICON_PATH ]; then
cp images/favicon2.ico $FICON_PATH
else
echo "favicon2 file exists, skipping copying..."
fi
#Local recording icon #Local recording icon
copy_if_not_there "$REC_ICON_PATH" if [ ! -f $REC_ICON_PATH ];then
cp images/gnome_record.png $REC_ICON_PATH
else
echo "recodring icon exists, skipping copying..."
fi
#Custom / Remove icons #Custom / Remove icons
sed -i "s|watermark.png|watermark2.png|g" "$CSS_FILE" sed -i "s|watermark.png|watermark2.png|g" $CSS_FILE
sed -i "s|favicon.ico|favicon2.ico|g" "$TITLE_FILE" sed -i "s|favicon.ico|favicon2.ico|g" $TITLE_FILE
sed -i "s|jitsilogo.png|watermark2.png|g" "$TITLE_FILE" sed -i "s|jitsilogo.png|watermark2.png|g" $TITLE_FILE
sed -i "s|logo-deep-linking.png|watermark2.png|g" "$BUNDLE_JS" sed -i "s|logo-deep-linking.png|watermark2.png|g" $BUNDLE_JS
sed -i "s|icon-cloud.png|gnome_record.png|g" "$BUNDLE_JS" sed -i "s|jitsiLogo_square.png|gnome_record.png|g" $BUNDLE_JS
#Disable logo and url #Disable logo and url
if ! grep -q ".leftwatermark{display:none" "$CSS_FILE" ; then if [ -z $(grep -nr ".leftwatermark{display:none" $CSS_FILE) ]; then
sed -i "s|.leftwatermark{|.leftwatermark{display:none;|" "$CSS_FILE" sed -i "s|.leftwatermark{|.leftwatermark{display:none;|" $CSS_FILE
fi fi
#Replace App logo
sed -i "s|// defaultLogoUrl: .*| defaultLogoUrl: 'images/watermark2.svg',|" "$MEET_CONF"
#Overwrite favicon svg
cp images/watermark2.svg $JM_IMG_PATH/favicon.svg
#Customize room title #Customize room title
sed -i "s|Jitsi Meet|$APP_NAME|g" "$TITLE_FILE" sed -i "s|\([[:space:]]\)APP_NAME:.*| APP_NAME: \'$APP_NAME\',|" $INT_CONF
sed -i "s| powered by the Jitsi Videobridge||g" "$TITLE_FILE" sed -i "s|Jitsi Meet|$APP_NAME|g" $TITLE_FILE
sed -i "/appNotInstalled/ s|{{app}}|$MOVILE_APP_NAME|g" /usr/share/jitsi-meet/lang/* sed -i "s| powered by the Jitsi Videobridge||g" $TITLE_FILE
sed -i "21,32 s|Jitsi Meet|$APP_NAME|g" $INT_CONF
sed -i "/appNotInstalled/ s|{{app}}|$MOVILE_APP_NAME|" /usr/share/jitsi-meet/lang/*
#Custom UI changes #Custom UI changes
if [ -f "$INT_CONF_ETC" ]; then echo "
echo "Static interface_config.js exists, skipping modification..." Please note that brandless mode will also overwrite support links.
else "
echo "This setup doesn't have a static interface_config.js, checking changes..." sed -i "s|Fellow Jitster|$PART_USER|g" $INT_CONF
echo -e "\nPlease note that brandless mode will also overwrite support links.\n" sed -i "s|'me'|'$LOCAL_USER'|" $INT_CONF
sed -i "21,32 s|Jitsi Meet|$APP_NAME|g" "$INT_CONF" sed -i "s|LIVE_STREAMING_HELP_LINK: .*|LIVE_STREAMING_HELP_LINK: '#',|g" $INT_CONF
sed -i "s|\([[:space:]]\)APP_NAME:.*| APP_NAME: \'$APP_NAME\',|" "$INT_CONF" sed -i "s|SUPPORT_URL: .*|SUPPORT_URL: '#',|g" $INT_CONF
sed -i "s|Fellow Jitster|$PART_USER|g" "$INT_CONF"
sed -i "s|'me'|'$LOCAL_USER'|" "$INT_CONF"
sed -i "s|LIVE_STREAMING_HELP_LINK: .*|LIVE_STREAMING_HELP_LINK: '#',|g" "$INT_CONF"
sed -i "s|SUPPORT_URL: .*|SUPPORT_URL: '#',|g" "$INT_CONF"
#Logo 2
sed -i "s|watermark.png|watermark2.png|g" "$INT_CONF"
sed -i "s|watermark.svg|watermark2.png|g" "$INT_CONF"
fi

View File

@ -1,52 +1,62 @@
#!/bin/bash #!/bin/bash
# JRA (Jibri Recordings Access) via Nextcloud # JRA (Jibri Recordings Access) via Nextcloud
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2020, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
if ! [ $(id -u) = 0 ]; then
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!" echo "You need to be root or have sudo privileges!"
exit 0 exit 0
fi fi
exit_if_not_installed() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then
echo " This instance doesn't have $1 installed, exiting..."
echo " If you think this is an error, please report to:
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues "
exit
fi
}
clear clear
echo -e '\n echo '
######################################################################## ########################################################################
Jibri Recordings Access via Nextcloud Jibri Recordings Access via Nextcloud
######################################################################## ########################################################################
by Software, IT & Networks Ltd by Software, IT & Networks Ltd
\n' '
exit_if_not_installed jitsi-meet while [[ -z "$NC_DOMAIN" ]]
## APT checks do
apt-get update -q2 read -p "Please enter the domain to use for Nextcloud: " -r NC_DOMAIN
# Manually add prerequisites. if [ -z "$NC_DOMAIN" ]; then
apt-get install -y curl letsencrypt nginx echo "-- This field is mandatory."
fi
MIN_PHP="8.2" done
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" while [[ -z "$NC_USER" ]]
PSGVER="$(apt-cache madison postgresql|tr -d '[:blank:]'|awk -F'[|+]' 'NR==1{print $2}')" do
NC_NGINX_SSL_PORT="$(grep "listen 44" /etc/nginx/sites-available/"$DOMAIN".conf | awk '{print$2}')" read -p "Nextcloud user: " -r NC_USER
[ -z "$NC_NGINX_SSL_PORT" ] && NC_NGINX_SSL_PORT="443" if [ -z "$NC_USER" ]; then
echo "-- This field is mandatory."
fi
done
while [[ -z "$NC_PASS" ]]
do
read -p "Nextcloud user password: " -r NC_PASS
if [ -z "$NC_PASS" ]; then
echo "-- This field is mandatory."
fi
done
#Enable HSTS
while [[ "$ENABLE_HSTS" != "yes" && "$ENABLE_HSTS" != "no" ]]
do
read -p "> Do you want to enable HSTS for this domain?: (yes or no)
Be aware this option apply mid-term effects on the domain, choose \"no\"
in case you don't know what you are doing. More at https://hstspreload.org/"$'\n' -r ENABLE_HSTS
if [ "$ENABLE_HSTS" = "no" ]; then
echo "-- HSTS won't be enabled."
elif [ "$ENABLE_HSTS" = "yes" ]; then
echo "-- HSTS will be enabled."
fi
done
DISTRO_RELEASE="$(lsb_release -sc)"
DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
PHP_REPO=$(apt-cache policy | grep http | grep php | head -n 1 | awk '{print $2}' | cut -d "/" -f5)
PHPVER="7.4"
PSGVER="$(apt-cache madison postgresql | head -n1 | awk '{print $3}' | cut -d "+" -f1)"
PHP_FPM_DIR="/etc/php/$PHPVER/fpm"
PHP_INI="$PHP_FPM_DIR/php.ini"
PHP_CONF="/etc/php/$PHPVER/fpm/pool.d/www.conf"
NC_NGINX_CONF="/etc/nginx/sites-available/$NC_DOMAIN.conf"
NC_NGINX_SSL_PORT="$(grep "listen 44" /etc/nginx/sites-enabled/$DOMAIN.conf | awk '{print$2}')"
NC_REPO="https://download.nextcloud.com/server/releases" NC_REPO="https://download.nextcloud.com/server/releases"
NCVERSION="$(curl -s -m 900 $NC_REPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)" NCVERSION="$(curl -s -m 900 $NC_REPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)"
STABLEVERSION="nextcloud-$NCVERSION" STABLEVERSION="nextcloud-$NCVERSION"
@ -55,137 +65,110 @@ NC_CONFIG="$NC_PATH/config/config.php"
NC_DB_USER="nextcloud_user" NC_DB_USER="nextcloud_user"
NC_DB="nextcloud_db" NC_DB="nextcloud_db"
NC_DB_PASSWD="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)" NC_DB_PASSWD="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)"
DIR_RECORD="$(awk -F '"' '/RECORDING/{print$2}' /home/jibri/finalize_recording.sh|awk 'NR==1{print$1}')" DIR_RECORD="$(grep -nr RECORDING /home/jibri/finalize_recording.sh|head -n1|cut -d "=" -f2)"
REDIS_CONF="/etc/redis/redis.conf" REDIS_CONF="/etc/redis/redis.conf"
JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf" JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
[ -f "$JITSI_MEET_PROXY" ] && PREAD_PROXY=$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" -f1) if [ -f $JITSI_MEET_PROXY ];then
PUBLIC_IP="$(dig -4 +short myip.opendns.com @resolver1.opendns.com)" PREAD_PROXY=$(grep -nr "preread_server_name" $JITSI_MEET_PROXY | cut -d ":" -f1)
ISO3166_CODE=TBD fi
NL="$(printf '\n ')"
exit_ifinstalled() { exit_ifinstalled() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " This instance already has $1 installed, exiting..." echo " This instance already has $1 installed, exiting..."
echo " If you think this is an error, please report to: echo " Please report to:
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues " -> https://github.com/switnet-ltd/quick-jibri-installer/issues "
exit exit
fi fi
} }
install_ifnot() { install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " $1 is installed, skipping..." echo " $1 is installed, skipping..."
else else
echo -e "\n---- Installing $1 ----" echo -e "\n---- Installing $1 ----"
apt-get -yq2 install "$1" apt-get -yq2 install $1
fi fi
} }
while [[ "$ANS_NCD" != "yes" ]] add_php74() {
do if [ "$PHP_REPO" = "php" ]; then
read -p "> Please set your domain (or subdomain) here for Nextcloud: (e.g.: cloud.domain.com)$NL" -r NC_DOMAIN echo "PHP $PHPVER already installed"
if [ -z "$NC_DOMAIN" ];then apt-get -q2 update
echo " - This field is mandatory." apt-get -yq2 dist-upgrade
elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then
echo " - You can not use the same domain for both, Jitsi Meet and JRA via Nextcloud."
fi
read -p " > Did you mean?: $NC_DOMAIN (yes or no)$NL" -r ANS_NCD
if [ "$ANS_NCD" = "yes" ]; then
echo " - Alright, let's use $NC_DOMAIN."
else else
echo " - Please try again." echo "# Adding Ondrej PHP $PHPVER PPA Repository"
apt-key adv --recv-keys --keyserver keyserver.ubuntu.com E5267A6C
echo "deb [arch=amd64] http://ppa.launchpad.net/ondrej/php/ubuntu $DISTRO_RELEASE main" > /etc/apt/sources.list.d/php7x.list
apt-get update -q2
fi fi
done }
sleep .1
#Simple DNS test
if [ "$PUBLIC_IP" = "$(dig -4 +short "$NC_DOMAIN"|awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then
echo -e "Server public IP & DNS record for $NC_DOMAIN seems to match, continuing...\n\n"
sleep .1
else
echo "Server public IP ($PUBLIC_IP) & DNS record for $NC_DOMAIN don't seem to match."
echo " > Please check your dns records are applied and updated, otherwise Nextcloud may fail."
read -p " > Do you want to continue?: (yes or no)$NL" -r DNS_CONTINUE
if [ "$DNS_CONTINUE" = "yes" ]; then
echo " - We'll continue anyway..."
else
echo " - Exiting for now..."
exit
fi
fi
sleep .1
NC_NGINX_CONF="/etc/nginx/sites-available/$NC_DOMAIN.conf"
while [ -z "$NC_USER" ]
do
read -p "Nextcloud user: " -r NC_USER
if [ -z "$NC_USER" ]; then
echo " - This field is mandatory."
fi
done
sleep .1
while [ -z "$NC_PASS" ] || [ ${#NC_PASS} -lt 8 ]
do
read -p "Nextcloud user password: " -r NC_PASS
if [ -z "$NC_PASS" ] || [ ${#NC_PASS} -lt 8 ]; then
echo -e " - This field is mandatory. \nPlease make sure it's at least 8 characters.\n"
fi
done
sleep .1
#Enable HSTS
while [ "$ENABLE_HSTS" != "yes" ] && [ "$ENABLE_HSTS" != "no" ]
do
read -p "> Do you want to enable HSTS for this domain?: (yes or no)
Be aware this option apply mid-term effects on the domain, choose \"no\"
in case you don't know what you are doing. More at https://hstspreload.org/$NL" -r ENABLE_HSTS
if [ "$ENABLE_HSTS" = "no" ]; then
echo " - HSTS won't be enabled."
elif [ "$ENABLE_HSTS" = "yes" ]; then
echo " - HSTS will be enabled."
fi
done
sleep .1
echo -e "#Default country phone code\n
> Starting at Nextcloud 21.x it's required to set a default country phone ISO 3166-1 alpha-2 code.\n
>>> https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements <<<\n"
sleep .1
while [ ${#ISO3166_CODE} -gt 2 ];
do
echo -e "Some examples might be: Germany > DE | Mexico > MX | Spain > ES | USA > US\n
Do you want to set such code for your installation?"
sleep .1
read -p "Leave empty if you don't want to set any: " -r ISO3166_CODE
if [ ${#ISO3166_CODE} -gt 2 ]; then
echo -e "\n-- This code is only 2 characters long, please check your input.\n"
fi
done
sleep .1
echo -e "\n# Check for jitsi-meet/jibri\n"
if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ] || \
[ -f /etc/prosody/conf.d/"$DOMAIN".conf ]; then
echo "jitsi meet/jibri is installed, checking version:"
apt-show-versions jibri
else
echo "Wait!, jitsi-meet/jibri is not installed on this system using apt, exiting..."
exit
fi
#Prevent root folder permission issues #Prevent root folder permission issues
cp "$PWD"/files/jra-nc-app-ef.json /tmp cp $PWD/files/jra-nc-app-ef.json /tmp
exit_ifinstalled postgresql-"$PSGVER" exit_ifinstalled postgresql-$PSGVER
## Install software requirements ## Install software requirements
# PostgresSQL # PostgresSQL
install_ifnot postgresql-"$PSGVER" install_ifnot postgresql-$PSGVER
# PHP 7.4
add_php74
apt-get install -y \
php$PHPVER-fpm \
php$PHPVER-bcmath \
php$PHPVER-bz2 \
php$PHPVER-curl \
php$PHPVER-gd \
php$PHPVER-gmp \
php$PHPVER-intl \
php$PHPVER-json \
php$PHPVER-ldap \
php$PHPVER-mbstring \
php$PHPVER-pgsql \
php$PHPVER-soap \
php$PHPVER-xml \
php$PHPVER-xmlrpc \
php$PHPVER-zip \
php-imagick \
php-redis \
redis-server
#-------------------------------------------------- #System related
# Prepare PHP install_ifnot smbclient
#-------------------------------------------------- sed -i "s|.*env\[HOSTNAME\].*|env\[HOSTNAME\] = \$HOSTNAME|" $PHP_CONF
sed -i "s|.*env\[PATH\].*|env\[PATH\] = /usr/local/bin:/usr/bin:/bin|" $PHP_CONF
sed -i "s|.*env\[TMP\].*|env\[TMP\] = /tmp|" $PHP_CONF
sed -i "s|.*env\[TMPDIR\].*|env\[TMPDIR\] = /tmp|" $PHP_CONF
sed -i "s|.*env\[TEMP\].*|env\[TEMP\] = /tmp|" $PHP_CONF
sed -i "s|;clear_env = no|clear_env = no|" $PHP_CONF
if [ "$MODE" = "debug" ]; then echo "
bash -x "$PWD"/tools/prepare_php.sh "$MIN_PHP" Tunning PHP.ini...
else "
bash "$PWD"/tools/prepare_php.sh "$MIN_PHP" # Change values in php.ini (increase max file size)
fi # max_execution_time
sed -i "s|max_execution_time =.*|max_execution_time = 3500|g" "$PHP_INI"
# max_input_time
sed -i "s|max_input_time =.*|max_input_time = 3600|g" "$PHP_INI"
# memory_limit
sed -i "s|memory_limit =.*|memory_limit = 512M|g" "$PHP_INI"
# post_max
sed -i "s|post_max_size =.*|post_max_size = 1025M|g" "$PHP_INI"
# upload_max
sed -i "s|upload_max_filesize =.*|upload_max_filesize = 1024M|g" "$PHP_INI"
phpenmod opcache
{
echo "# OPcache settings for Nextcloud"
echo "opcache.enable=1"
echo "opcache.enable_cli=1"
echo "opcache.interned_strings_buffer=8"
echo "opcache.max_accelerated_files=10000"
echo "opcache.memory_consumption=256"
echo "opcache.save_comments=1"
echo "opcache.revalidate_freq=1"
echo "opcache.validate_timestamps=1"
} >> "$PHP_INI"
systemctl restart php$PHPVER-fpm.service
#-------------------------------------------------- #--------------------------------------------------
# Create DB user # Create DB user
@ -197,22 +180,161 @@ CREATE DATABASE nextcloud_db;
CREATE USER ${NC_DB_USER} WITH ENCRYPTED PASSWORD '${NC_DB_PASSWD}'; CREATE USER ${NC_DB_USER} WITH ENCRYPTED PASSWORD '${NC_DB_PASSWD}';
GRANT ALL PRIVILEGES ON DATABASE ${NC_DB} TO ${NC_DB_USER}; GRANT ALL PRIVILEGES ON DATABASE ${NC_DB} TO ${NC_DB_USER};
DB DB
echo -e "\nDone!\n" echo "Done!
"
# Add .mjs as a file extension for javascript #nginx - configuration
sed -i "/application\/javascript/s|js.*;|js mjs;|" /etc/nginx/mime.types cat << NC_NGINX > $NC_NGINX_CONF
#nextcloud config
upstream php-handler {
#server 127.0.0.1:9000;
server unix:/run/php/php${PHPVER}-fpm.sock;
}
# nginx conf setup. server {
cp files/nextcloud.conf "$NC_NGINX_CONF" listen 80;
sed -i "s|_PHPVER|$MIN_PHP|g" "$NC_NGINX_CONF" listen [::]:80;
sed -i "s|_NC_DOMAIN|$NC_DOMAIN|g" "$NC_NGINX_CONF" server_name $NC_DOMAIN;
sed -i "s|_NC_NGINX_SSL_PORT|$NC_NGINX_SSL_PORT|g" "$NC_NGINX_CONF" # enforce https
sed -i "s|_NC_PATH|$NC_PATH|g" "$NC_NGINX_CONF" return 301 https://\$server_name\$request_uri;
}
server {
listen $NC_NGINX_SSL_PORT ssl http2;
listen [::]:$NC_NGINX_SSL_PORT ssl http2;
server_name $NC_DOMAIN;
ssl_certificate /etc/letsencrypt/live/$NC_DOMAIN/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/$NC_DOMAIN/privkey.pem;
# Add headers to serve security related headers
# Before enabling Strict-Transport-Security headers please read into this
# topic first.
# add_header Strict-Transport-Security "max-age=15552000; includeSubDomains; preload;";
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Path to the root of your installation
root $NC_PATH/;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
# last;
location = /.well-known/carddav {
return 301 \$scheme://\$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 \$scheme://\$host/remote.php/dav;
}
location ~ /.well-known/acme-challenge {
allow all;
}
# set max upload size
client_max_body_size 1024M;
fastcgi_buffers 64 4K;
# Enable gzip but do not remove ETag headers
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# Uncomment if your server is built with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
location / {
rewrite ^ /index.php\$uri;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:\$|/) {
fastcgi_split_path_info ^(.+\.php)(/.*)\$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
fastcgi_param PATH_INFO \$fastcgi_path_info;
fastcgi_param HTTPS on;
#Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
fastcgi_read_timeout 300;
}
location ~ ^/(?:updater|ocs-provider)(?:\$|/) {
try_files \$uri/ =404;
index index.php;
}
# Adding the cache control header for js and css files
# Make sure it is BELOW the PHP block
location ~ \.(?:css|js|woff|svg|gif)\$ {
try_files \$uri /index.php\$uri\$is_args\$args;
add_header Cache-Control "public, max-age=15778463";
# Add headers to serve security related headers (It is intended to
# have those duplicated to the ones above)
# Before enabling Strict-Transport-Security headers please read into
# this topic first.
# add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Optional: Don't log access to assets
access_log off;
}
location ~ \.(?:png|html|ttf|ico|jpg|jpeg)\$ {
try_files \$uri /index.php\$uri\$is_args\$args;
# Optional: Don't log access to other assets
access_log off;
}
}
NC_NGINX
systemctl stop nginx systemctl stop nginx
letsencrypt certonly --standalone --renew-by-default --agree-tos -d "$NC_DOMAIN" letsencrypt certonly --standalone --renew-by-default --agree-tos -d $NC_DOMAIN
if [ -f /etc/letsencrypt/live/"$NC_DOMAIN"/fullchain.pem ];then if [ -f /etc/letsencrypt/live/$NC_DOMAIN/fullchain.pem ];then
ln -s "$NC_NGINX_CONF" /etc/nginx/sites-enabled/ ln -s /etc/nginx/sites-available/$NC_DOMAIN.conf /etc/nginx/sites-enabled/
else else
echo "There are issues on getting the SSL certs..." echo "There are issues on getting the SSL certs..."
read -n 1 -s -r -p "Press any key to continue" read -n 1 -s -r -p "Press any key to continue"
@ -221,30 +343,34 @@ nginx -t
systemctl restart nginx systemctl restart nginx
if [ "$ENABLE_HSTS" = "yes" ]; then if [ "$ENABLE_HSTS" = "yes" ]; then
sed -i "s|#add_header Strict-Transport-Security|add_header Strict-Transport-Security|g" "$NC_NGINX_CONF" sed -i "s|# add_header Strict-Transport-Security|add_header Strict-Transport-Security|g" $NC_NGINX_CONF
fi fi
if [ -n "$PREAD_PROXY" ]; then if [ "$DISTRO_RELEASE" != "xenial" ] && [ -z $PREAD_PROXY ]; then
echo " echo "
Setting up Nextcloud domain on Jitsi Meet turn proxy Setting up Nextcloud domain on Jitsi Meet turn proxy
" "
sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" "$JITSI_MEET_PROXY" sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" $JITSI_MEET_PROXY
sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" "$JITSI_MEET_PROXY" sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" $JITSI_MEET_PROXY
sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" "$JITSI_MEET_PROXY" sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" $JITSI_MEET_PROXY
sed -i "/server {/i \ \ }" "$JITSI_MEET_PROXY" sed -i "/server {/i \ \ }" $JITSI_MEET_PROXY
fi fi
echo -e "\n Latest version to be installed: $STABLEVERSION echo "
(This might take sometime, please be patient...)\n" Latest version to be installed: $STABLEVERSION
curl -s "$NC_REPO"/"$STABLEVERSION".zip > /tmp/"$STABLEVERSION".zip (This might take sometime, please be patient...)
unzip -q /tmp/"$STABLEVERSION".zip "
mv nextcloud "$NC_PATH" curl -s $NC_REPO/$STABLEVERSION.zip > /tmp/$STABLEVERSION.zip
unzip -q /tmp/$STABLEVERSION.zip
mv nextcloud $NC_PATH
chown -R www-data:www-data "$NC_PATH" chown -R www-data:www-data $NC_PATH
chmod -R 755 "$NC_PATH" chmod -R 755 $NC_PATH
echo -e "\nDatabase installation...\n" echo "
sudo -u www-data php$MIN_PHP "$NC_PATH"/occ maintenance:install \ Database installation...
"
sudo -u www-data php $NC_PATH/occ maintenance:install \
--database=pgsql \ --database=pgsql \
--database-name="$NC_DB" \ --database-name="$NC_DB" \
--database-user="$NC_DB_USER" \ --database-user="$NC_DB_USER" \
@ -252,57 +378,64 @@ sudo -u www-data php$MIN_PHP "$NC_PATH"/occ maintenance:install \
--admin-user="$NC_USER" \ --admin-user="$NC_USER" \
--admin-pass="$NC_PASS" --admin-pass="$NC_PASS"
echo -e "\nApply custom mods...\n" echo "
sed -i "/datadirectory/a \ \ \'skeletondirectory\' => \'\'," "$NC_CONFIG" Apply custom mods...
sed -i "/skeletondirectory/a \ \ \'simpleSignUpLink.shown\' => false," "$NC_CONFIG" "
sed -i "/simpleSignUpLink.shown/a \ \ \'knowledgebaseenabled\' => false," "$NC_CONFIG" sed -i "/datadirectory/a \ \ \'skeletondirectory\' => \'\'," $NC_CONFIG
sed -i "s|http://localhost|https://$NC_DOMAIN|" "$NC_CONFIG" sed -i "/skeletondirectory/a \ \ \'simpleSignUpLink.shown\' => false," $NC_CONFIG
sed -i "/simpleSignUpLink.shown/a \ \ \'knowledgebaseenabled\' => false," $NC_CONFIG
sed -i "s|http://localhost|http://$NC_DOMAIN|" $NC_CONFIG
echo -e "\nAdd crontab...\n" echo "Add crontab..."
crontab -u www-data -l | { cat; echo "*/5 * * * * php$MIN_PHP -f $NC_PATH/cron.php"; } | crontab -u www-data - crontab -u www-data -l | { cat; echo "*/5 * * * * php -f $NC_PATH/cron.php"; } | crontab -u www-data -
echo -e "\nAdd memcache support...\n" echo "
sed -i "s|# unixsocket .*|unixsocket /var/run/redis/redis.sock|g" "$REDIS_CONF" Add memcache support...
sed -i "s|# unixsocketperm .*|unixsocketperm 777|g" "$REDIS_CONF" "
sed -i "s|port 6379|port 0|" "$REDIS_CONF" sed -i "s|# unixsocket .*|unixsocket /var/run/redis/redis.sock|g" $REDIS_CONF
sed -i "s|# unixsocketperm .*|unixsocketperm 777|g" $REDIS_CONF
sed -i "s|port 6379|port 0|" $REDIS_CONF
systemctl restart redis-server systemctl restart redis-server
echo -e "\n--> Setting config.php...\n" echo "--> Setting config.php..."
if [ -n "$ISO3166_CODE" ]; then sed -i "/);/i \ \ 'filelocking.enabled' => 'true'," $NC_CONFIG
sed -i "/);/i \ \ 'default_phone_region' => '$ISO3166_CODE'," "$NC_CONFIG" sed -i "/);/i \ \ 'memcache.locking' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG
fi sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG
sed -i "/);/i \ \ 'filelocking.enabled' => 'true'," "$NC_CONFIG" sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG
sed -i "/);/i \ \ 'memcache.locking' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG" sed -i "/);/i \ \ 'memcache.distributed' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG
sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG" sed -i "/);/i \ \ 'redis' =>" $NC_CONFIG
sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG" sed -i "/);/i \ \ \ \ array (" $NC_CONFIG
sed -i "/);/i \ \ 'memcache.distributed' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG" sed -i "/);/i \ \ \ \ \ 'host' => '/var/run/redis/redis.sock'," $NC_CONFIG
sed -i "/);/i \ \ 'redis' =>" "$NC_CONFIG" sed -i "/);/i \ \ \ \ \ 'port' => 0," $NC_CONFIG
sed -i "/);/i \ \ \ \ array (" "$NC_CONFIG" sed -i "/);/i \ \ \ \ \ 'timeout' => 0," $NC_CONFIG
sed -i "/);/i \ \ \ \ \ 'host' => '/var/run/redis/redis.sock'," "$NC_CONFIG" sed -i "/);/i \ \ )," $NC_CONFIG
sed -i "/);/i \ \ \ \ \ 'port' => 0," "$NC_CONFIG" echo "Done
sed -i "/);/i \ \ \ \ \ 'timeout' => 0," "$NC_CONFIG" "
sed -i "/);/i \ \ )," "$NC_CONFIG" echo "
echo -e "Done\n" Addding & Setting up Files External App for Local storage...
"
echo -e "\nAddding & Setting up Files External App for Local storage...\n" sudo -u www-data php $NC_PATH/occ app:install files_external
sudo -u www-data php$MIN_PHP "$NC_PATH"/occ app:install files_external sudo -u www-data php $NC_PATH/occ app:enable files_external
sudo -u www-data php$MIN_PHP "$NC_PATH"/occ app:enable files_external sudo -u www-data php $NC_PATH/occ files_external:import /tmp/jra-nc-app-ef.json
sudo -u www-data php$MIN_PHP "$NC_PATH"/occ app:disable support
sudo -u www-data php$MIN_PHP "$NC_PATH"/occ files_external:import /tmp/jra-nc-app-ef.json
usermod -a -G jibri www-data usermod -a -G jibri www-data
chmod -R 770 "$DIR_RECORD" chown -R jibri:www-data $DIR_RECORD
chmod -R g+s "$DIR_RECORD" chmod -R 770 $DIR_RECORD
chmod -R g+s $DIR_RECORD
echo -e "\nFixing possible missing tables...\n\n" echo "
echo "y"|sudo -u www-data php$MIN_PHP "$NC_PATH"/occ db:convert-filecache-bigint Fixing possible missing tables...
sudo -u www-data php$MIN_PHP "$NC_PATH"/occ db:add-missing-indices "
sudo -u www-data php$MIN_PHP "$NC_PATH"/occ db:add-missing-columns echo "y"|sudo -u www-data php $NC_PATH/occ db:convert-filecache-bigint
sudo -u www-data php $NC_PATH/occ db:add-missing-indices
sudo -u www-data php $NC_PATH/occ db:add-missing-columns
echo -e "\nAdding trusted domain...\n" echo "
sudo -u www-data php$MIN_PHP "$NC_PATH"/occ config:system:set trusted_domains 0 --value="$NC_DOMAIN" Adding trusted domain...
"
sudo -u www-data php $NC_PATH/occ config:system:set trusted_domains 0 --value=$NC_DOMAIN
echo -e "\nSetting JRA domain on jitsi-updater.sh\n" echo "Setting JRA domain on jitsi-updater.sh"
sed -i "s|NC_DOMAIN=.*|NC_DOMAIN=\"$NC_DOMAIN\"|" jitsi-updater.sh sed -i "s|NC_DOMAIN=.*|NC_DOMAIN=\"$NC_DOMAIN\"|" jitsi-updater.sh
echo -e "\nQuick Nextcloud installation complete!\n" echo "Quick Nextcloud installation complete!"

View File

@ -1,334 +0,0 @@
#!/bin/bash
# Custom High Performance Jitsi conf
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have privileges!"
exit 0
fi
wait_seconds() {
secs=$(($1))
while [ $secs -gt 0 ]; do
echo -ne "$secs\033[0K\r"
sleep 1
: $((secs--))
done
}
set_once() {
if ! grep -q "$(awk '!/^ *#/ && NF {print}' "$2"|grep "$(awk -F '=' '{print$1}' <<< "$1")")" ; then
echo "Setting $1 on $2..."
echo "$1" | tee -a "$2"
else
echo " \"$(echo "$1"|awk -F '=' '{print$1}')\" seems present, skipping setting this variable"
fi
}
# True if $1 is greater than $2
version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
LTS_REL="$(lsb_release -d | awk '{print$4}')"
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
JVB_LOG_POP="/etc/jitsi/videobridge/logging.properties"
JVB_RC="/usr/share/jitsi-videobridge/lib/videobridge.rc"
JICOFO_LOG_POP="/etc/jitsi/videobridge/logging.properties"
MEET_LOG_CONF="/usr/share/jitsi-meet/logging_config.js"
MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
MEET_CONF_HP="/etc/jitsi/meet/${DOMAIN}-chp-config.js"
INT_CONF_JS="/etc/jitsi/meet/${DOMAIN}-interface_config.js"
INT_CONF_JS_HP="/etc/jitsi/meet/${DOMAIN}-chp-interface_config.js"
WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
CHAT_DISABLED="TBD"
if [ -f "$MEET_CONF_HP" ] || [ -f "$INT_CONF_JS_HP" ]; then
echo "
This script can't be run multiple times on the same system,
idempotence not guaranteed, exiting..."
exit
fi
if [ -z "$LTS_REL" ] || [ -z "$DOMAIN" ];then
echo "This system isn't suitable to configure."
exit
else
echo "This system seems suitable to configure..."
fi
echo "What does this script do?
Overview:
- Disables swap partition
- Tunes,
* Some kernel networking settings
* nginx connections number
* jvb2 logging
* jicofo logging
* meet logging
- Modify UX by changing session configuration & toolbar.
- Disable browsers not compatible with CHP,
* Safari
* Firefox*
"
echo "# Note: As for January 2021 Firefox can't handle correctly widescreen sizing
# on lower resolution than HD (nHD & qHD), setting as incompatible for now.
# (If you know this is no longer the case. Please report it to \
https://forge.switnet.net/switnet/quick-jibri-installer/issues)
"
#Tools to consider
##Profiling
#https://github.com/jvm-profiling-tools/async-profiler
while [[ "$CONTINUE_HP" != "yes" && "$CONTINUE_HP" != "no" ]]
do
read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_HP
if [ "$CONTINUE_HP" = "no" ]; then
echo "See you next time!..."
exit
elif [ "$CONTINUE_HP" = "yes" ]; then
echo "Good, then let's get it done..."
fi
done
# Video resolution selector
echo "
#--------------------------------------------------
# Conference widescreen video resolution.
#--------------------------------------------------
"
echo "If you are using a high volume of users we recommend to use nHD (640x360),
or at most qHD (960x540) resolution as default, since bandwith increase
exponentially with the more concurrent users on a meeting.
Either way, choose your desired video resolution.
"
PS3='Select the desired resolution for high performance mode: '
options=("nHD - 640x360" "qHD - 960x540" "HD - 1280x720")
select opt in "${options[@]}"
do
case "$opt" in
"nHD - 640x360")
echo -e "\n > Setting 640x360 resolution.\n"
VID_RES="360"
break
;;
"qHD - 960x540")
echo -e "\n > Setting 960x540 resolution.\n"
VID_RES="540"
break
;;
"HD - 1280x720")
echo -e "\n > Setting 1280x720 resolution.\n"
VID_RES="720"
break
;;
*) echo "Invalid option $REPLY, choose 1, 2 or 3";;
esac
done
echo "
# Disable Chat?
> In case you have your own chat solution for the meetings you might
wanna disable Jitsi's chat from the toolbox.
"
while [[ "$CHAT_DISABLED" != "yes" && \
"$CHAT_DISABLED" != "no" && \
"$CHAT_DISABLED" != "" ]]
do
echo "> Do you want to disable jitsi's built-in chat?: (yes or no)"
read -p "(Also you can leave empty to disable)"$'\n' -r CHAT_DISABLED
if [ "$CHAT_DISABLED" = "no" ]; then
echo -e "-- Jitsi's built-in chat will be kept active.\n"
elif [ "$CHAT_DISABLED" = "yes" ] || [ -z "$CHAT_DISABLED" ]; then
echo -e "-- Jitsi's built-in chat will be disabled. \n"
fi
done
## JMS system tune up
if [ "$MODE" = "debug" ]; then
bash "$PWD"/jms-stu.sh -m debug
else
bash "$PWD"/jms-stu.sh
fi
#JVB2
##Loose up logging
# https://community.jitsi.org/t/23641/13
sed -i "/java.util.logging.FileHandler.level/s|ALL|WARNING|g" "$JVB_LOG_POP"
sed -i "s|^.level=INFO|.level=WARNING|" "$JVB_LOG_POP"
sed -i "/VIDEOBRIDGE_MAX_MEMORY=/i \ VIDEOBRIDGE_MAX_MEMORY=8192m" "$JVB_RC"
#JICOFO
sed -i "/java.util.logging.FileHandler.level/s|ALL|OFF|g" "$JICOFO_LOG_POP"
sed -i "s|^.level=INFO|.level=WARNING|" "$JICOFO_LOG_POP"
#MEET
sed -i "s|defaultLogLevel:.*|defaultLogLevel: 'error',|" "$MEET_LOG_CONF"
sed -i "/TraceablePeerConnection.js/s|info|error|" "$MEET_LOG_CONF"
sed -i "/CallStats.js/s|info|error|" "$MEET_LOG_CONF"
sed -i "/strophe.util.js/s|log|error|" "$MEET_LOG_CONF"
#UX - Room settings and interface
## config.js
cp "$MEET_CONF" "$MEET_CONF_HP"
sed -i "s|// disableAudioLevels:.*|disableAudioLevels: true,|" "$MEET_CONF_HP"
sed -i "s|enableNoAudioDetection:.*|enableNoAudioDetection: false,|" "$MEET_CONF_HP"
sed -i "s|enableNoisyMicDetection:.*|enableNoisyMicDetection: false,|" "$MEET_CONF_HP"
sed -i "s|startAudioMuted:.*|startAudioMuted: 5,|" "$MEET_CONF_HP"
sed -i "s|// startVideoMuted:.*|startVideoMuted: 5,|" "$MEET_CONF_HP"
sed -i "s|startWithVideoMuted: true,|startWithVideoMuted: false,|" "$MEET_CONF_HP"
sed -i "s|channelLastN:.*|channelLastN: 10,|" "$MEET_CONF_HP"
sed -i "s|// enableLayerSuspension:.*|enableLayerSuspension: true,|" "$MEET_CONF_HP"
sed -i "s|// apiLogLevels:.*|apiLogLevels: \['warn', 'error'],|" "$MEET_CONF_HP"
if [ "$VID_RES" = "360" ]; then
sed -i "/Start QJI/,/End QJI/d" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 360," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 360," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 360," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 640," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 640," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF_HP"
fi
if [ "$VID_RES" = "540" ]; then
sed -i "/Start QJI/,/End QJI/d" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 540," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 540," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 540," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 960," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 960," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF_HP"
fi
if [ "$VID_RES" = "720" ]; then
sed -i "/Start QJI/,/End QJI/d" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 720," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 720," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 720," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 1280," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 1280," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF_HP"
sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF_HP"
fi
## interface_config.js
cp "$INT_CONF_JS" "$INT_CONF_JS_HP"
sed -i "s|CONNECTION_INDICATOR_DISABLED:.*|CONNECTION_INDICATOR_DISABLED: true,|" "$INT_CONF_JS_HP"
sed -i "s|DISABLE_DOMINANT_SPEAKER_INDICATOR:.*|DISABLE_DOMINANT_SPEAKER_INDICATOR: true,|" "$INT_CONF_JS_HP"
sed -i "s|DISABLE_FOCUS_INDICATOR:.*|DISABLE_FOCUS_INDICATOR: false,|" "$INT_CONF_JS_HP"
sed -i "s|DISABLE_JOIN_LEAVE_NOTIFICATIONS:.*|DISABLE_JOIN_LEAVE_NOTIFICATIONS: true,|" "$INT_CONF_JS_HP"
sed -i "s|DISABLE_VIDEO_BACKGROUND:.*|DISABLE_VIDEO_BACKGROUND: true,|" "$INT_CONF_JS_HP"
sed -i "s|OPTIMAL_BROWSERS: \[.*|OPTIMAL_BROWSERS: \[ 'chrome', 'chromium', 'electron' \],|" "$INT_CONF_JS_HP"
sed -i "s|UNSUPPORTED_BROWSERS: .*|UNSUPPORTED_BROWSERS: \[ 'nwjs', 'safari', 'firefox' \],|" "$INT_CONF_JS_HP"
### Toolbars
if version_gt "$(apt-show-versions jitsi-meet|awk '{print$2}')" "2.0.5390-3" ; then
#New toolbar in config.js
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ toolbarButtons:: \[" "$MEET_CONF_HP"
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," "$MEET_CONF_HP"
if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," "$MEET_CONF_HP"
else
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," "$MEET_CONF_HP"
fi
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," "$MEET_CONF_HP"
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," "$MEET_CONF_HP"
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'mute-video-everyone', 'security'" "$MEET_CONF_HP"
sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \]," "$MEET_CONF_HP"
else
#Old toolbar in interface.js (soon deprecated on newer versions)
sed -i "/^\s*TOOLBAR_BUTTONS*\]$/ s|^|//|; /^\s*TOOLBAR_BUTTONS/, /\],$/ s|^|//|" "$INT_CONF_JS_HP"
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ TOOLBAR_BUTTONS: \[" "$INT_CONF_JS_HP"
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," "$INT_CONF_JS_HP"
if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," "$INT_CONF_JS_HP"
else
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," "$INT_CONF_JS_HP"
fi
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," "$INT_CONF_JS_HP"
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," "$INT_CONF_JS_HP"
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'mute-video-everyone', 'security'" "$INT_CONF_JS_HP"
sed -i "/\/\/ TOOLBAR_BUTTONS/i \ \ \ \ \]," "$INT_CONF_JS_HP"
fi
#Check config file
echo -e "\n# Checking $MEET_CONF file for errors\n"
CHECKJS_MEET_CHP="$(esvalidate "$MEET_CONF_HP"| cut -d ":" -f2)"
if [ -z "$CHECKJS_MEET_CHP" ]; then
echo -e "\n# The $MEET_CONF_HP configuration seems correct. =)\n"
else
echo -e "\n Watch out!, there seems to be an issue on $MEET_CONF_HP line:
$CHECKJS_MEET_CHP
Most of the times this is due upstream changes, please report to
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
fi
CHECKJS_INT_CHP="$(esvalidate "$INT_CONF_JS_HP"| cut -d ":" -f2)"
if [ -z "$CHECKJS_INT_CHP" ]; then
echo -e "\n# The $INT_CONF_JS_HP configuration seems correct. =)\n"
else
echo -e "\n Watch out!, there seems to be an issue on $INT_CONF_JS_HP line:
$CHECKJS_INT_CHP
Most of the times this is due upstream changes, please report to
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
fi
sed -i "s|$MEET_CONF|$MEET_CONF_HP|g" "$WS_CONF"
sed -i "s|$INT_CONF_JS|$INT_CONF_JS_HP|" "$WS_CONF"
nginx -t
#systemctl restart nginx
echo "Done!, yeah, that quick ;)"
echo "Rebooting in..."
wait_seconds 15
reboot

View File

@ -1,171 +0,0 @@
#!/bin/bash
# Custom Selenium Grid-Node fro Jitsi Meet
# Pandian © - https://community.jitsi.org/u/Pandian
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
WAN_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)"
AV_SPACE="$(df -h .|grep -v File|awk '{print$4}'|sed -e 's|G||')"
echo -e "\n-- Make sure you have at least 10GB of disk space available.\n"
if [ "$(echo "$AV_SPACE > 9" | bc)" -ne 0 ]; then
echo "> Seems we have enough disk space."
else
echo "> Please meet the minimum required disk space for this installer, exiting..."
exit
fi
apt-get update
apt-get dist-upgrade -y
apt-get install -y \
gnupg \
bmon \
curl \
wget \
unzip \
maven \
openjdk-11-jdk
# Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
## Docker Compose
curl -sL "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
# Jitsi Meet Torture
cd /opt || exit
git clone https://github.com/jitsi/jitsi-meet-torture
cd jitsi-meet-torture/ || exit
if [ -f resources/FourPeople_1280x720_30.y4m ] ; then
echo "FourPeople_1280x720_30.y4m exists"
else
echo "FourPeople_1280x720_30.y4m doesn't exists, getting a copy..."
wget -c https://media.xiph.org/video/derf/y4m/FourPeople_1280x720_60.y4m
mv FourPeople_1280x720_60.y4m resources/
cp resources/FourPeople_1280x720_60.y4m resources/FourPeople_1280x720_30.y4m
fi
#150 "participants" available
## Tested up to 120 with AWS c5.24xlarge
cat << SELENIUM_GRID_DOCKER > selenium.yml
version: "3"
services:
selenium-hub:
image: selenium/hub:3.141.59-20200525
container_name: selenium-hub
ports:
- "4444:4444"
restart: always
chrome:
image: selenium/node-chrome:3.141.59-20200525
volumes:
- /dev/shm:/dev/shm
- ./resources:/usr/share/jitsi-meet-torture/resources
depends_on:
- selenium-hub
environment:
- HUB_HOST=selenium-hub
- HUB_PORT=4444
- NODE_MAX_INSTANCES=30
- NODE_MAX_SESSION=30
restart: always
chrome2:
image: selenium/node-chrome:3.141.59-20200525
volumes:
- /dev/shm:/dev/shm
- ./resources:/usr/share/jitsi-meet-torture/resources
depends_on:
- selenium-hub
environment:
- HUB_HOST=selenium-hub
- HUB_PORT=4444
- NODE_MAX_INSTANCES=30
- NODE_MAX_SESSION=30
restart: always
chrome3:
image: selenium/node-chrome:3.141.59-20200525
volumes:
- /dev/shm:/dev/shm
- ./resources:/usr/share/jitsi-meet-torture/resources
depends_on:
- selenium-hub
environment:
- HUB_HOST=selenium-hub
- HUB_PORT=4444
- NODE_MAX_INSTANCES=30
- NODE_MAX_SESSION=30
restart: always
chrome4:
image: selenium/node-chrome:3.141.59-20200525
volumes:
- /dev/shm:/dev/shm
- ./resources:/usr/share/jitsi-meet-torture/resources
depends_on:
- selenium-hub
environment:
- HUB_HOST=selenium-hub
- HUB_PORT=4444
- NODE_MAX_INSTANCES=30
- NODE_MAX_SESSION=30
restart: always
chrome5:
image: selenium/node-chrome:3.141.59-20200525
volumes:
- /dev/shm:/dev/shm
- ./resources:/usr/share/jitsi-meet-torture/resources
depends_on:
- selenium-hub
environment:
- HUB_HOST=selenium-hub
- HUB_PORT=4444
- NODE_MAX_INSTANCES=30
- NODE_MAX_SESSION=30
restart: always
SELENIUM_GRID_DOCKER
docker-compose -f selenium.yml up -d
echo -e "\n#=================== End of Seleniun Grid build ========================#\n"
echo -e "\nChange the values according to you test requirements using something like;\n"
echo "cd /opt/jitsi-meet-torture
sudo bash /opt/jitsi-meet-torture/scripts/malleus.sh \\
--conferences=1 \\
--participants=30 \\
--senders=2 \\
--audio-senders=1 \\
--duration=120 \\
--room-name-prefix=hamertesting \\
--hub-url=http://localhost:4444/wd/hub \\
--instance-url=https://YOUR.JITSI-MEET-INSTANCE.DOMAIN
"
echo -e "\n-- If using 'hamertesting' as prefix name you can join the room
hamertesting0, hamertesting1, hamertestingN
according to the 'N' number of conferences you have set to watch the test.
*Beware* for 120 \"participants\" to join video-muted it was necessary at least a c5.24xlarge AWS instance.
So start low, monitor your server resources and go from there."
echo -e "\n-- You can check the grid status at:
http://$WAN_IP:4444/grid/console
"

View File

@ -1,86 +0,0 @@
#!/bin/bash
# System-tune-up to remove system software restrictions on a huge load of connections.
# Be aware that hardware/infrastructure resources are the most common limiters.
#
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have privileges!"
exit 0
fi
echo '
#--------------------------------------------------
# Starting system tune up configuration
# for high performance
#--------------------------------------------------
'
set_once_hash_comment() {
if ! awk '!/^ *#/ && NF {print}' "$2"|grep -q "$(awk -F '=' '{print$1}' <<< "$1")" ; then
echo "Setting $1 on $2..."
echo "$1" | tee -a "$2"
else
echo "\"$(awk -F '=' '{print$1}' <<< "$1")\" seems already present, skipping setting this variable"
fi
}
FSTAB=/etc/fstab
##Disable swap
swapoff -a
sed -r '/\sswap\s/s/^#?/#/' -i "$FSTAB"
##Alternative swap tuning (need more documentation).
#vm.swappiness=5
#vm.vfs_cache_pressure=50
##Kernel
#https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/5/html/tuning_and_optimizing_red_hat_enterprise_linux_for_oracle_9i_and_10g_databases/sect-oracle_9i_and_10g_tuning_guide-adjusting_network_settings-changing_network_kernel_settings
sysctl -w net.core.rmem_default=262144
sysctl -w net.core.wmem_default=262144
sysctl -w net.core.rmem_max=262144
sysctl -w net.core.wmem_max=262144
set_once_hash_comment "net.core.rmem_default=262144" "/etc/sysctl.conf"
set_once_hash_comment "net.core.wmem_default=262144" "/etc/sysctl.conf"
set_once_hash_comment "net.core.rmem_max=262144" "/etc/sysctl.conf"
set_once_hash_comment "net.core.wmem_max=262144" "/etc/sysctl.conf"
#system
#https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart
set_once_hash_comment "DefaultLimitNOFILE=65000" "/etc/sysctl.conf"
set_once_hash_comment "DefaultLimitNPROC=65000" "/etc/sysctl.conf"
set_once_hash_comment "DefaultTasksMax=65000" "/etc/sysctl.conf"
#https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_for_real_time/7/html/tuning_guide/reduce_tcp_performance_spikes
sysctl -w net.ipv4.tcp_timestamps=0
set_once_hash_comment "net.ipv4.tcp_timestamps=0" "/etc/sysctl.conf"
#https://bugzilla.redhat.com/show_bug.cgi?id=1283676
sysctl -w net.core.netdev_max_backlog=100000
set_once_hash_comment "net.core.netdev_max_backlog=100000" "/etc/sysctl.conf"
##nginx
sed -i "s|worker_connections.*|worker_connections 2000;|" /etc/nginx/nginx.conf
nginx -t
#Missing docs
#sysctl -w net.ipv4.tcp_low_latency=1
echo "System tune up...
Done!"

View File

@ -1,115 +0,0 @@
#!/bin/bash
# JWT Mode Setup
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
JICOFO_SIP="/etc/jitsi/jicofo/sip-communicator.properties"
PROSODY_FILE="/etc/prosody/conf.d/$DOMAIN.cfg.lua"
PROSODY_SYS="/etc/prosody/prosody.cfg.lua"
APP_ID="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 16 | head -n1)"
SECRET_APP="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 64 | head -n1)"
SRP_STR="$(grep -n "VirtualHost \"$DOMAIN\"" "$PROSODY_FILE" | head -n1 | cut -d ":" -f1)"
SRP_END="$((SRP_STR + 10))"
## Required openssl for Focal 20.04
if [ "$(lsb_release -sc)" = "focal" ]; then
echo "deb http://ppa.launchpad.net/rael-gc/rvm/ubuntu focal main" | \
sudo tee /etc/apt/sources.list.d/rvm.list
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys F4E3FBBE
apt-get update
fi
apt-get -y install \
lua5.2 \
liblua5.2 \
luarocks \
libssl1.0-dev \
python3-jwt
luarocks install basexx
luarocks install luacrypto
luarocks install lua-cjson 2.1.0-1
echo "set jitsi-meet-tokens/appid string $APP_ID" | debconf-set-selections
echo "set jitsi-meet-tokens/appsecret password $SECRET_APP" | debconf-set-selections
apt-get install -y jitsi-meet-tokens
#Setting up
sed -i "s|c2s_require_encryption = true|c2s_require_encryption = false|" "$PROSODY_SYS"
#-
sed -i "$SRP_STR,$SRP_END{s|authentication = \"jitsi-anonymous\"|authentication = \"token\"|}" "$PROSODY_FILE"
sed -i "s|--app_id=\"example_app_id\"|app_id=\"$APP_ID\"|" "$PROSODY_FILE"
sed -i "s|--app_secret=\"example_app_secret\"|app_secret=\"$SECRET_APP\"|" "$PROSODY_FILE"
sed -i "/app_secret/a \\\\" "$PROSODY_FILE"
sed -i "/app_secret/a \ \ \ \ allow_empty_token = false" "$PROSODY_FILE"
sed -i "/app_secret/a \\\\" "$PROSODY_FILE"
sed -i "/app_secret/a \ \ \ \ asap_accepted_issuers = { \"$APP_ID\" }" "$PROSODY_FILE"
sed -i "/app_secret/a \ \ \ \ asap_accepted_audiences = { \"$APP_ID\", \"RocketChat\" }" "$PROSODY_FILE"
sed -i "/app_secret/a \\\\" "$PROSODY_FILE"
sed -i "s|--allow_empty_token =.*|allow_empty_token = false|" "$PROSODY_FILE"
sed -i 's|--"token_verification"|"token_verification"|' "$PROSODY_FILE"
#Request auth
sed -i "s|#org.jitsi.jicofo.auth.URL=EXT_JWT:|org.jitsi.jicofo.auth.URL=EXT_JWT:|" "$JICOFO_SIP"
sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" "$MEET_CONF"
#Enable jibri recording
cat << REC-JIBRI >> "$PROSODY_FILE"
VirtualHost "recorder.$DOMAIN"
modules_enabled = {
"ping";
}
authentication = "internal_hashed"
REC-JIBRI
#Setup guests and lobby
cat << P_SR >> "$PROSODY_FILE"
-- #Change back lobby - https://community.jitsi.org/t/64769/136
VirtualHost "guest.$DOMAIN"
authentication = "token"
allow_empty_token = true
c2s_require_encryption = false
speakerstats_component = "speakerstats.$DOMAIN"
app_id="$APP_ID";
app_secret="$SECRET_APP";
modules_enabled = {
"speakerstats";
-- "conference_duration";
}
P_SR
echo -e "\nUse the following for your App (e.g. Rocket.Chat):\n"
echo -e "\nAPP_ID: $APP_ID" && \
echo -e "SECRET_APP: $SECRET_APP\n"
echo -e "You can test JWT authentication with the following token:\n"
pyjwt3 --key="$SECRET_APP" \
encode \
group="Rocket.Chat" \
aud="$APP_ID" \
iss="$APP_ID" \
sub="$DOMAIN" \
room="*" \
algorithm="HS256"
read -n 1 -s -r -p $'\n'"Press any key to continue..."$'\n'

View File

@ -1,40 +0,0 @@
# Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
Enable transcription on jitsi meet config.js file.
diff --git a/etc/jitsi/meet/${DOMAIN}-config.js b/etc/jitsi/meet/${DOMAIN}-config.js
index f412891..f704157 100644
--- a/etc/jitsi/meet/${DOMAIN}-config.js
+++ b/etc/jitsi/meet/${DOMAIN}-config.js
@@ -426,9 +426,9 @@ var config = {
// autoCaptionOnRecord: false,
// Transcription options.
- // transcription: {
+ transcription: {
// // Whether the feature should be enabled or not.
- // enabled: false,
+ enabled: true,
// // Translation languages.
// // Available languages can be found in
@@ -443,7 +443,7 @@ var config = {
// // detected based on the environment, e.g. if the app is opened in a chrome instance which
// // is using french as its default language then transcriptions for that participant will be in french.
// // Defaults to true.
- // useAppLanguage: true,
+ useAppLanguage: true,
// // Transcriber language. This settings will only work if "useAppLanguage"
// // is explicitly set to false.
@@ -453,7 +453,7 @@ var config = {
// // Enables automatic turning on transcribing when recording is started
// autoTranscribeOnRecord: false,
- // },
+ },
// Misc

View File

@ -1,80 +0,0 @@
# Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
Modify sip-communicator.properties to run Jigasi along with VOSK Models.
diff --git a/etc/jitsi/jigasi/sip-communicator.properties b/etc/jitsi/jigasi/sip-communicator.properties
index 7a8d0f3..ae5369a 100644
--- a/etc/jitsi/jigasi/sip-communicator.properties
+++ b/etc/jitsi/jigasi/sip-communicator.properties
@@ -165,12 +165,12 @@ org.jitsi.jigasi.xmpp.acc.USE_DEFAULT_STUN_SERVER=false
# If you want jigasi to perform authenticated login instead of anonymous login
# to the XMPP server, you can set the following properties.
-# org.jitsi.jigasi.xmpp.acc.USER_ID=SOME_USER@SOME_DOMAIN
-# org.jitsi.jigasi.xmpp.acc.PASS=SOME_PASS
-# org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false
+org.jitsi.jigasi.xmpp.acc.USER_ID=transcriber@recorder.${DOMAIN}
+org.jitsi.jigasi.xmpp.acc.PASS=${JIG_TRANSC_PASWD}
+org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false
# To fix SSL/TLS required by client but not supported by server
-#org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true
+org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true
# Can be used in combination with jitsi-meet module mod_auth_jitsi-shared-secret
# To have jigasi use a random username on every call
@@ -187,7 +187,7 @@ org.jitsi.jigasi.xmpp.acc.USE_DEFAULT_STUN_SERVER=false
# Activate this property if you are using self-signed certificates or other
# type of non-trusted certicates. In this mode your service trust in the
# remote certificates always.
-# net.java.sip.communicator.service.gui.ALWAYS_TRUST_MODE_ENABLED=true
+net.java.sip.communicator.service.gui.ALWAYS_TRUST_MODE_ENABLED=true
# Enable this property to be able to shutdown gracefully jigasi using
# a rest command
@@ -196,31 +196,31 @@ org.jitsi.jigasi.xmpp.acc.USE_DEFAULT_STUN_SERVER=false
# Options regarding Transcription. Read the README for a detailed description
# about each property
-#org.jitsi.jigasi.ENABLE_TRANSCRIPTION=false
-#org.jitsi.jigasi.ENABLE_SIP=true
+org.jitsi.jigasi.ENABLE_TRANSCRIPTION=true
+org.jitsi.jigasi.ENABLE_SIP=false
# whether to use the more expensive, but better performing
# "video" model when doing transcription
# org.jitsi.jigasi.transcription.USE_VIDEO_MODEL = false
# delivering final transcript
-# org.jitsi.jigasi.transcription.DIRECTORY=/var/lib/jigasi/transcripts
-# org.jitsi.jigasi.transcription.BASE_URL=http://localhost/
-# org.jitsi.jigasi.transcription.jetty.port=-1
-# org.jitsi.jigasi.transcription.ADVERTISE_URL=false
+org.jitsi.jigasi.transcription.DIRECTORY=/var/lib/jigasi/transcripts
+org.jitsi.jigasi.transcription.BASE_URL=http://localhost/
+org.jitsi.jigasi.transcription.jetty.port=-1
+org.jitsi.jigasi.transcription.ADVERTISE_URL=false
# save formats
-# org.jitsi.jigasi.transcription.SAVE_JSON=false
-# org.jitsi.jigasi.transcription.SAVE_TXT=true
+org.jitsi.jigasi.transcription.SAVE_JSON=false
+org.jitsi.jigasi.transcription.SAVE_TXT=true
# send formats
-# org.jitsi.jigasi.transcription.SEND_JSON=true
-# org.jitsi.jigasi.transcription.SEND_TXT=false
+org.jitsi.jigasi.transcription.SEND_JSON=true
+org.jitsi.jigasi.transcription.SEND_TXT=false
# Vosk server
-# org.jitsi.jigasi.transcription.customService=org.jitsi.jigasi.transcription.VoskTranscriptionService
+org.jitsi.jigasi.transcription.customService=org.jitsi.jigasi.transcription.VoskTranscriptionService
# org.jitsi.jigasi.transcription.vosk.websocket_url={"en": "ws://localhost:2700", "fr": "ws://localhost:2710"}
-# org.jitsi.jigasi.transcription.vosk.websocket_url=ws://localhost:2700
+org.jitsi.jigasi.transcription.vosk.websocket_url=ws://localhost:2700
# Whisper live transcription server
# org.jitsi.jigasi.transcription.customService=org.jitsi.jigasi.transcription.WhisperTranscriptionService

View File

@ -1,66 +0,0 @@
# Quick Jibri Installer - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
Patch jitsi-meet config.js to enable recording and livestreaming by default.
diff --git a/etc/jitsi/meet/${DOMAIN}-config.js b/etc/jitsi/meet/${DOMAIN}-config.js
index dcb860b..8f64c7c 100644
--- a/etc/jitsi/meet/${DOMAIN}-config.js
+++ b/etc/jitsi/meet/${DOMAIN}-config.js
@@ -343,12 +343,12 @@ var config = {
// // showPrejoinWarning: true,
// },
- // recordingService: {
+ recordingService: {
// // When integrations like dropbox are enabled only that will be shown,
// // by enabling fileRecordingsServiceEnabled, we show both the integrations
// // and the generic recording service (its configuration and storage type
// // depends on jibri configuration)
- // enabled: false,
+ enabled: true,
// // Whether to show the possibility to share file recording with other people
// // (e.g. meeting participants), based on the actual implementation
@@ -357,7 +357,7 @@ var config = {
// // Hide the warning that says we only store the recording for 24 hours.
// hideStorageWarning: false,
- // },
+ },
// DEPRECATED. Use recordingService.enabled instead.
// fileRecordingsServiceEnabled: false,
@@ -368,7 +368,7 @@ var config = {
// Local recording configuration.
// localRecording: {
// // Whether to disable local recording or not.
- // disable: false,
+ // disable: true,
// // Whether to notify all participants when a participant is recording locally.
// notifyAllParticipants: false,
@@ -378,9 +378,9 @@ var config = {
// },
// Customize the Live Streaming dialog. Can be modified for a non-YouTube provider.
- // liveStreaming: {
+ liveStreaming: {
// // Whether to enable live streaming or not.
- // enabled: false,
+ enabled: true,
// // Terms link
// termsLink: 'https://www.youtube.com/t/terms',
// // Data privacy link
@@ -388,8 +388,8 @@ var config = {
// // RegExp string that validates the stream key input field
// validatorRegExpString: '^(?:[a-zA-Z0-9]{4}(?:-(?!$)|$)){4}',
// // Documentation reference for the live streaming feature.
- // helpLink: 'https://jitsi.org/live'
- // },
+ helpLink: 'https://forge.switnet.net/switnet/quick-jibri-installer'
+ },
// DEPRECATED. Use liveStreaming.enabled instead.
// liveStreamingEnabled: false,

View File

@ -1,31 +0,0 @@
# Quick Jibri Installer - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
Patch jitsi-meet config.js to enable/disable welcome page.
diff --git a/etc/jitsi/meet/${DOMAIN}-config.js b/etc/jitsi/meet/${DOMAIN}-config.js
index dcb860b..2094287 100644
--- a/etc/jitsi/meet/${DOMAIN}-config.js
+++ b/etc/jitsi/meet/${DOMAIN}-config.js
@@ -664,13 +664,13 @@ var config = {
// enableWelcomePage: true,
// Configs for welcome page.
- // welcomePage: {
- // // Whether to disable welcome page. In case it's disabled a random room
- // // will be joined when no room is specified.
- // disabled: false,
- // // If set, landing page will redirect to this URL.
- // customUrl: ''
- // },
+ welcomePage: {
+ // Whether to disable welcome page. In case it's disabled a random room
+ // will be joined when no room is specified.
+ disabled: ${ENABLE_WELCP_BOL},
+ // If set, landing page will redirect to this URL.
+ customUrl: ''
+ },
// Configs for the lobby screen.
// lobby: {

File diff suppressed because it is too large Load Diff

View File

@ -1,85 +0,0 @@
#!/bin/bash
# Automated AWS generic kernel setup for jibri.
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
wait_seconds() {
secs=$(($1))
while [ $secs -gt 0 ]; do
echo -ne "$secs\033[0K\r"
sleep 1
: $((secs--))
done
}
echo "####
# WARNING: Only use this script if you know what you are doing.
# Under your own risk.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY.
####"
# Check if user is root
if [ "$UID" != 0 ]; then
echo You need to run this script as root or sudo rights!
exit 1
fi
TMP_DIR="$(mktemp -d)"
KERNEL_LOG="$TMP_DIR/kernel_log"
GRUB_FILE="/etc/default/grub"
echo -e "# Check and update HWE kernel if possible...\n"
apt-get -q2 update
HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")"
if [ "$HWE_VIR_MOD" = "1" ]; then
apt-get -y install \
linux-image-generic-hwe-"$(lsb_release -sr)" \
linux-tools-generic-hwe-"$(lsb_release -sr)"
else
apt-get -y install \
linux-image-generic \
linux-modules-extra-"$(uname -r)"
fi
apt-get -y autoremove
apt-get autoclean
#Write update-grub output
update-grub > "$KERNEL_LOG" 2>&1
#Get clean output
awk -F'boot/' '{print$2}' < "$KERNEL_LOG"|sed '/^[[:space:]]*$/d' | \
tee "$KERNEL_LOG".tmp
mv "$KERNEL_LOG".tmp "$KERNEL_LOG"
echo -e "Check if AWS kernel is installed.\n"
[ "$(grep -wc aws "$KERNEL_LOG")" = 0 ] && echo "No AWS kernel found, exiting..." && exit
#Get kernel number
RAW_KERNEL_NUM="$(grep -Fn generic "$KERNEL_LOG"|head -n1|cut -d ':' -f1)"
FIXED_KERNEL_NUM="$(awk "BEGIN{ print $RAW_KERNEL_NUM - 1 }")"
echo -e "Set up GRUB for custom kernel.\n"
sed -i "s|GRUB_DEFAULT=.*|GRUB_DEFAULT=\"1\>$FIXED_KERNEL_NUM\"|" "$GRUB_FILE"
echo -e "Saving changes...\n"
update-grub
echo "Time to reboot..."
echo "Rebooting in..."
wait_seconds 15
reboot

View File

@ -1,45 +0,0 @@
#!/bin/bash
# Simple Fail2ban configuration
# SwITNet Ltd © - 2024, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
apt-get -y install fail2ban
if \
[ -f /var/log/ssh_f2b.log ] && \
[ "$(grep -c 604800 /etc/fail2ban/jail.local)" = "1" ] && \
[ "$(grep -c ssh_f2b.log /etc/fail2ban/jail.local)" = "1" ]; then
echo -e "\nFail2ban seems to be already configured.\n"
else
echo -e "\nConfiguring Fail2ban...\n"
cat << F2BAN >> /etc/fail2ban/jail.local
[sshd]
enabled = true
port = 22
filter = sshd
logpath = /var/log/ssh_f2b.log
maxretry = 3
bantime = 604800
F2BAN
fi
systemctl restart fail2ban

View File

@ -1,207 +0,0 @@
#!/bin/bash
# Simple Jibri conf updater
# SwITNet Ltd © - 2024, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
echo -e '
########################################################################
Welcome to Jibri Config Upgrader
########################################################################
by Software, IT & Networks Ltd
\n'
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
echo "Checking for updates...."
apt -q2 update
apt install -y \
apt-show-versions \
jq
echo -e "\n# Check for jibri\n"
if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo "Jibri is installed, checking version:"
apt-show-versions jibri
else
echo "Wait!, jibri is not installed on this system using apt, exiting..."
exit
fi
if [ -d /etc/prosody/ ];then
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
fi
CONF_JSON="/etc/jitsi/jibri/config.json"
JIBRI_CONF="/etc/jitsi/jibri/jibri.conf"
DIR_RECORD="/var/jbrecord"
REC_DIR="/home/jibri/finalize_recording.sh"
JibriBrewery="JibriBrewery"
check_read_vars() {
echo "Checking $1"
if [ -z "$2" ];then
echo "This variable seems wrong, please check before continue"
exit 1
fi
}
restart_services_jibri() {
if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ]
then
systemctl restart jibri
systemctl restart jibri-icewm
systemctl restart jibri-xorg
else
echo "Jibri service not installed"
fi
}
#Prevent re-run on completed jibri upgraded instance
if [ -f "$CONF_JSON"_disabled ] && \
[ -f "$JIBRI_CONF" ] && \
[ -f "$JIBRI_CONF"-dpkg-file ]; then
echo -e "\n> This jibri config has been upgraded already, we'll exit...\n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
exit
elif [ ! -f "$CONF_JSON" ] && \
[ -f "$JIBRI_CONF" ] && \
[ -f "$JIBRI_CONF"-dpkg-file ]; then
echo -e "\n> This jibri seems to be running the latest configuration already, we'll exit...\n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
exit
elif [ -f "$CONF_JSON" ] && \
[ -f "$JIBRI_CONF" ]; then
echo -e "\n> This jibri config seems to be candidate for upgrading, we'll continue...\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
fi
#Read missing variables
if [ -f "$CONF_JSON" ]; then
echo "Reading current config.json file..."
if [ -z "$DOMAIN" ]; then
DOMAIN="$(jq .xmpp_environments[0].xmpp_domain $CONF_JSON|cut -d '"' -f2)"
fi
JB_NAME="$(jq .xmpp_environments[0].name $CONF_JSON|cut -d '"' -f2)"
JB_AUTH_PASS="$(jq .xmpp_environments[0].control_login.password $CONF_JSON|cut -d '"' -f2)"
JB_REC_PASS="$(jq .xmpp_environments[0].call_login.password $CONF_JSON|cut -d '"' -f2)"
JB_NICKN="$(jq .xmpp_environments[0].control_muc.nickname $CONF_JSON|cut -d '"' -f2)"
else
echo "Can't find the instance config.json file, exiting..."
exit
fi
check_read_vars "Jibri Name" "$JB_NAME"
check_read_vars "(Main server) Domain" "$DOMAIN"
check_read_vars "Control login passwd" "$JB_AUTH_PASS"
check_read_vars "Call login passwd" "$JB_REC_PASS"
check_read_vars "Jibri Node nickname" "$JB_NICKN"
if [ "$MODE" = "debug" ]; then
echo "$JB_NAME"
echo "$DOMAIN"
echo "$JB_AUTH_PASS"
echo "$JB_REC_PASS"
echo "$JB_NICKN"
fi
#Backup and setup new conf file
echo -e "Backing up config.json for historical purposes at:\n ${CONF_JSON}_disabled"
mv "$CONF_JSON" "${CONF_JSON}"_disabled
mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file
cat << NEW_CONF > "$JIBRI_CONF"
// New XMPP environment config.
jibri {
recording {
recordings-directory = $DIR_RECORD
finalize-script = $REC_DIR
}
api {
xmpp {
environments = [
{
// A user-friendly name for this environment
name = "$JB_NAME"
// A list of XMPP server hosts to which we'll connect
xmpp-server-hosts = [ "$DOMAIN" ]
// The base XMPP domain
xmpp-domain = "$DOMAIN"
// The MUC we'll join to announce our presence for
// recording and streaming services
control-muc {
domain = "internal.auth.$DOMAIN"
room-name = "$JibriBrewery"
nickname = "$JB_NICKN"
}
// The login information for the control MUC
control-login {
domain = "auth.$DOMAIN"
username = "jibri"
password = "$JB_AUTH_PASS"
}
// An (optional) MUC configuration where we'll
// join to announce SIP gateway services
// sip-control-muc {
// domain = "domain"
// room-name = "room-name"
// nickname = "nickname"
// }
// The login information the selenium web client will use
call-login {
domain = "recorder.$DOMAIN"
username = "recorder"
password = "$JB_REC_PASS"
}
// The value we'll strip from the room JID domain to derive
// the call URL
strip-from-room-domain = "conference."
// How long Jibri sessions will be allowed to last before
// they are stopped. A value of 0 allows them to go on
// indefinitely
usage-timeout = 0 hour
// Whether or not we'll automatically trust any cert on
// this XMPP domain
trust-all-xmpp-certs = true
}
]
}
}
}
NEW_CONF
echo "Check final jibri.conf file:"
cat "$JIBRI_CONF"
read -n 1 -s -r -p "Press any key to continue..."
restart_services_jibri
systemctl status jibri
if [ -f /var/log/jitsi/jicofo.log ]; then
echo -e "Checking for jicofo recognizing \"Live\" jibri node..."
tail -n 10 | grep Live
fi

View File

@ -1,123 +0,0 @@
#!/bin/bash
# Simple Jibri resolution enhancer
# SwITNet Ltd © - 2024, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
# Make sure jibri is installed
if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo "Good Jibri is installed on this server"
else
echo "Jibri is not on this system, it is a requirement.
Exiting..."
exit
fi
apt-get -y install apt-show-versions
JIBRI_OPT="/opt/jitsi/jibri"
JIBRI_ENH_PATH="/opt/jibri-res-enhancer"
INSTALLED_JIBRI_VERSION="$(apt-show-versions jibri|awk '{print$2}')"
#Check if already run
if [ -f "$JIBRI_OPT/jibri-res_enh.jar" ] && \
[ -d "$JIBRI_ENH_PATH" ]; then
echo "Seems this tools have been run before..."
exit
fi
mkdir /tmp/jibri
cd /tmp/jibri || exit
#Get md5sum for current jibri installed.
apt-get download jibri="$INSTALLED_JIBRI_VERSION"
ar x jibri_*.deb
tar xvf data.tar.xz
UPSTREAM_DEB_JAR_SUM="$(md5sum 2>/dev/null /tmp/jibri/opt/jitsi/jibri/jibri.jar |awk '{print$1}')"
if [ -z "$UPSTREAM_DEB_JAR_SUM" ]; then
echo "Not possible to continue, exiting..."
exit
fi
#Compile requisites
apt-get -y install devscripts \
git \
maven \
openjdk-11-jdk
#Build repository
git clone https://github.com/jitsi/jibri "$JIBRI_ENH_PATH"
cd "$JIBRI_ENH_PATH" || exit
# Default values
## videoEncodePreset - "veryfast" || h264ConstantRateFactor - 25
# Recomemended values based on: https://trac.ffmpeg.org/wiki/Encode/H.264#crf
## videoEncodePreset - "medium" || h264ConstantRateFactor - 17
sed -i "/videoEncodePreset/s|String =.*|String = \"medium\",|" src/main/kotlin/org/jitsi/jibri/capture/ffmpeg/FfmpegCapturer.kt
sed -i "/h264ConstantRateFactor/s|Int =.*|Int = 17,|" src/main/kotlin/org/jitsi/jibri/capture/ffmpeg/FfmpegCapturer.kt
mvn package
JIBRI_JAR="$(find "$JIBRI_ENH_PATH" -name \*.jar|awk '/dependencies/{print}'|awk 'NR==1{print}')"
cp "$JIBRI_ENH_PATH"/target/"$JIBRI_JAR" "$JIBRI_ENH_PATH"/target/jibri.jar
# Backing up default binaries
if [ "$UPSTREAM_DEB_JAR_SUM" = "$(md5sum 2>/dev/null $JIBRI_OPT/jibri.jar|awk '{print$1}')" ]; then
cp "$JIBRI_OPT"/jibri.jar "$JIBRI_OPT"/jibri-dpkg-package.jar
fi
# Migrate original to enhanced jibri
cp "$JIBRI_ENH_PATH"/target/jibri.jar "$JIBRI_OPT"/jibri-res_enh.jar
if [ -f "$JIBRI_OPT"/jibri-dpkg-package.jar ];then
cp "$JIBRI_OPT"/jibri-res_enh.jar "$JIBRI_OPT"/jibri.jar
fi
JIBRI_RES_ENH_HASH="$(md5sum 2>/dev/null $JIBRI_OPT/jibri-res_enh.jar|awk '{print$1}')"
USED_JIBRI_HASH="$(md5sum 2>/dev/null $JIBRI_OPT/jibri.jar|awk '{print$1}')"
if [ "$JIBRI_RES_ENH_HASH" = "$USED_JIBRI_HASH" ]; then
echo "Everything seems to have gone well."
else
echo "Something went wrong, restoring default package..."
if [ "$(md5sum 2>/dev/null $JIBRI_OPT/jibri-dpkg-package.jar|awk '{print$1}')" = "$UPSTREAM_DEB_JAR_SUM" ]; then
cp "$JIBRI_OPT"/jibri-dpkg-package.jar "$JIBRI_OPT"/jibri.jar
CLEAN="true"
else
if [ -f /tmp/jibri/opt/jitsi/jibri/jibri.jar ]; then
echo "Restoring from upstream package..."
cp /tmp/jibri/opt/jitsi/jibri/jibri.jar "$JIBRI_OPT"/jibri.jar
CLEAN="true"
else
echo "Wow, someone took the time to avoid restoration, please manually review your changes."
echo "Exiting..."
exit
fi
fi
fi
if [ "$CLEAN" = "true" ]; then
rm -r /tmp/jibri
rm -r "$JIBRI_ENH_PATH"
rm /opt/jitsi/jibri/jibri-res_enh.jar
fi
systemctl restart jibri
echo "This will be a good time to test the enhanced resolution."

View File

@ -1,138 +0,0 @@
#!/bin/bash
# Automated PHP environment build for Nextcloud.
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
PHPVER=$1
STABLE_PHP="$(apt-cache madison php|grep -v ppa|awk -F'[:+]' 'NR==1{print $2}')"
DISTRO_RELEASE="$(lsb_release -sc)"
PHP_REPO="$(apt-cache policy | awk '/http/&&/php/{print$2}' | awk -F "/" 'NR==1{print$5}')"
PHP_REPO_URL="http://ppa.launchpad.net/ondrej/php/ubuntu"
PHP_FPM_DIR="/etc/php/$PHPVER/fpm"
PHP_INI="$PHP_FPM_DIR/php.ini"
PHP_CONF="/etc/php/$PHPVER/fpm/pool.d/www.conf"
TMP_GPG_REPO="$(mktemp -d)"
if [ $# -ne 1 ]; then
echo "Usage: $0 8.2"
exit 1
fi
install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " $1 is installed, skipping..."
else
printf "\n---- Installing %s ----" "$1"
apt-get -yq2 install "$1"
fi
}
install_aval_package() {
for i in $1
do
if [ -z "$(apt-cache madison "$i" 2>/dev/null)" ]; then
echo " > Package $i not available on repo."
else
echo " > Add package $i to the install list"
packages="$packages $i"
fi
done
echo "$packages"
apt-get -y install $packages #< don't quote.
packages=""
}
add_gpg_keyring() {
apt-key adv --recv-keys --keyserver keyserver.ubuntu.com "$1"
apt-key export "$1" | gpg --dearmour | tee "$TMP_GPG_REPO"/"$1".gpg >/dev/null
apt-key del "$1"
mv "$TMP_GPG_REPO"/"$1".gpg /etc/apt/trusted.gpg.d/
}
add_php_repo() {
if [ "$PHP_REPO" = "php" ]; then
echo "PHP $PHPVER already installed"
apt-get -q2 update
apt-get -yq2 dist-upgrade
else
echo "# Adding Ondrej PHP $PHPVER PPA Repository"
add_gpg_keyring E5267A6C
echo "deb [arch=amd64] $PHP_REPO_URL $DISTRO_RELEASE main" | \
tee /etc/apt/sources.list.d/php"$PHPVER".list
apt-get update -q2
fi
}
add_php_repo
install_aval_package " \
imagemagick \
php$PHPVER-fpm \
php$PHPVER-bcmath \
php$PHPVER-bz2 \
php$PHPVER-cli \
php$PHPVER-cgi \
php$PHPVER-curl \
php$PHPVER-gd \
php$PHPVER-gmp \
php$PHPVER-imagick \
php$PHPVER-intl \
php$PHPVER-json \
php$PHPVER-ldap \
php$PHPVER-mbstring \
php$PHPVER-pgsql \
php$PHPVER-redis \
php$PHPVER-soap \
php$PHPVER-xml \
php$PHPVER-xmlrpc \
php$PHPVER-zip \
redis-server \
unzip \
"
#System related
install_ifnot smbclient
sed -i "s|.*env\[HOSTNAME\].*|env\[HOSTNAME\] = \$HOSTNAME|" "$PHP_CONF"
sed -i "s|.*env\[PATH\].*|env\[PATH\] = /usr/local/bin:/usr/bin:/bin|" "$PHP_CONF"
sed -i "s|.*env\[TMP\].*|env\[TMP\] = /tmp|" "$PHP_CONF"
sed -i "s|.*env\[TMPDIR\].*|env\[TMPDIR\] = /tmp|" "$PHP_CONF"
sed -i "s|.*env\[TEMP\].*|env\[TEMP\] = /tmp|" "$PHP_CONF"
sed -i "s|;clear_env = no|clear_env = no|" "$PHP_CONF"
echo "
Tunning PHP.ini...
"
# Change values in php.ini (increase max file size)
# max_execution_time
sed -i "s|max_execution_time =.*|max_execution_time = 3500|g" "$PHP_INI"
# max_input_time
sed -i "s|max_input_time =.*|max_input_time = 3600|g" "$PHP_INI"
# memory_limit
sed -i "s|memory_limit =.*|memory_limit = 512M|g" "$PHP_INI"
# post_max
sed -i "s|post_max_size =.*|post_max_size = 1025M|g" "$PHP_INI"
# upload_max
sed -i "s|upload_max_filesize =.*|upload_max_filesize = 1024M|g" "$PHP_INI"
phpenmod opcache
{
echo "# OPcache settings for Nextcloud"
echo "opcache.enable=1"
echo "opcache.enable_cli=1"
echo "opcache.interned_strings_buffer=8"
echo "opcache.max_accelerated_files=10000"
echo "opcache.memory_consumption=256"
echo "opcache.save_comments=1"
echo "opcache.revalidate_freq=1"
echo "opcache.validate_timestamps=1"
} >> "$PHP_INI"
update-alternatives --set php /usr/bin/php"$STABLE_PHP"
update-alternatives --set php-fpm.sock /run/php/php"$STABLE_PHP"-fpm.sock
update-alternatives --set php-cgi /usr/bin/php-cgi"$STABLE_PHP"
update-alternatives --set php-cgi-bin /usr/lib/cgi-bin/php"$STABLE_PHP"
update-alternatives --set phar /usr/bin/phar"$STABLE_PHP"
update-alternatives --set phar.phar /usr/bin/phar.phar"$STABLE_PHP"
systemctl restart php"$PHPVER"-fpm.service

View File

@ -1,144 +0,0 @@
#!/bin/bash
#Start over
# SwITNet Ltd © - 2024, https://switnet.net/
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
wait_seconds() {
secs=$(($1))
while [ $secs -gt 0 ]; do
echo -ne "$secs\033[0K\r"
sleep 1
: $((secs--))
done
}
remove_residuals() {
if [ -d "$1" ]; then
rm -r "$1"
fi
}
purge_debconf() {
echo PURGE | debconf-communicate "$1"
}
remove_services() {
systemctl disable "$1"
systemctl stop "$1"
}
echo -e '
########################################################################
Welcome to the Start Over cleaner script
########################################################################
by Software, IT & Networks Ltd
\n'
SYNC_USER="$(find /home -maxdepth 1 -type d |awk '/jbsync/{print}')"
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
echo "We are about to remove and clean all the jitsi-meet platform bits and pieces...
Please make sure you have backed up anything you don't want to loose."
echo "
# WARGNING #: This is only recommended if you want to start over a failed installation,
or plain and simple remove jitsi from your system."
while [[ "$CONTINUE_PURGE1" != "yes" && "$CONTINUE_PURGE1" != "no" ]]
do
read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_PURGE1
if [ "$CONTINUE_PURGE1" = "no" ]; then
echo " Good, see you next time..."
exit
elif [ "$CONTINUE_PURGE1" = "yes" ]; then
echo ""
fi
done
echo "Let me ask just one more time..."
while [[ "$CONTINUE_PURGE2" != "yes" && "$CONTINUE_PURGE2" != "no" ]]
do
read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_PURGE2
if [ "$CONTINUE_PURGE2" = "no" ]; then
echo " Good, see you next time..."
exit
elif [ "$CONTINUE_PURGE2" = "yes" ]; then
echo "No going back, let's start..."
wait_seconds 10
fi
done
#Purging all jitsi meet packages
apt-get -y purge jibri \
jicofo \
jigasi \
jitsi-meet \
jitsi-meet-web \
jitsi-meet-web-config \
jitsi-meet-prosody \
jitsi-meet-turnserver \
jitsi-videobridge2 \
prosody
#Chome related packages
apt-get -y purge google-chrome-stable
rm /usr/local/bin/chromedriver
#Services stop
remove_services jibri
remove_services jibri-icewm
remove_services jibri-xorg
#Cleaning packages
apt-get -y autoremove
apt-get clean
#Removing residual files
remove_residuals /etc/jitsi
remove_residuals /opt/jitsi
remove_residuals /usr/share/jicofo
remove_residuals /usr/share/jitsi-*
#Clean /etc/hosts
sed -i "/$DOMAIN/d" /etc/hosts
echo "#Purging debconf db"
purge_debconf jicofo
purge_debconf jigasi
purge_debconf jitsi-meet
purge_debconf jitsi-meet-prosody
purge_debconf jitsi-meet-turnserver
purge_debconf jitsi-meet-web-config
purge_debconf jitsi-videobridge2
#Remove unused users & groups
if [ -n "$SYNC_USER" ]; then
deluser --remove-home "$SYNC_USER"
fi
if [ -d /home/jibri ]; then
deluser --remove-home jibri
rm -r /home/jibri
fi
groupdel jibri
#Remove crontab
crontab -l | grep -v '@weekly certbot renew --nginx' | crontab -
crontab -l
echo "We are done..."

View File

@ -1,238 +0,0 @@
#!/bin/bash
# Simple Jibri Env tester
# SwITNet Ltd © - 2024, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
echo -e '
########################################################################
Welcome to Jibri Environment Tester
########################################################################
by Software, IT & Networks Ltd
\n'
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
echo "Checking for updates...."
apt-get -q2 update
apt-get -yq2 install apt-show-versions \
curl
check_google_binaries() {
if [ -z "$2" ]; then
echo "Warning: No $1 doesn't seem installed"
else
echo "$2"
fi
}
# True if $1 is greater than $2
version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
JITSI_REPO="$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f1)"
SND_AL_MODULE=$(lsmod | awk '{print$1}'| grep snd_aloop)
HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")"
CONF_JSON="/etc/jitsi/jibri/config.json"
JIBRI_CONF="/etc/jitsi/jibri/jibri.conf"
JMS_DOMAIN="$(awk -F '"' '/xmpp-domain/{print$2}' "$JIBRI_CONF")"
CHDB="$(whereis chromedriver | awk '{print$2}')"
CHD_VER_LOCAL="$($CHDB --version 2>/dev/null| awk '{print$1,$2}')"
GOOGL_VER_LOCAL="$(/usr/bin/google-chrome --version 2>/dev/null)"
CHD_VER_2D="$(echo "$CHD_VER_LOCAL"|awk '{print$2}'|cut -d "." -f 1,2)"
GOOGL_VER_2D="$(echo "$GOOGL_VER_LOCAL"|awk '{print$3}'|cut -d "." -f 1,2)"
CHD_LTST="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
CHD_LTST_2D="$(echo "$CHD_LTST"|cut -d "." -f 1,2)"
#T1
echo -e "\n#1 -- Check repository --\n"
if [ -z "$JITSI_REPO" ]; then
echo "No repository detected, wait whaaaat?..."
while [[ "$CONT_TEST" != "yes" && "$CONT_TEST" != "no" ]]
do
read -p "> Do you still want to continue the test?: (yes or no)"$'\n' -r CONT_TEST
if [ "$CONT_TEST" = "no" ]; then
echo "Exiting..."
exit
elif [ "$CONT_TEST" = "yes" ]; then
echo "Hmm, seems there won't be anything to test, continuing anyway..."
T1=0
fi
done
else
echo "This installation is using the \"$JITSI_REPO\" repository."
T1=1
fi
#T2
echo -e "\n#2 -- Check latest updates for jibri --\n"
if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo "Jibri is installed, checking version:"
apt-show-versions jibri
else
echo "Wait!, jibri is not installed on this system using apt, exiting..."
exit
fi
if [ "$(apt-show-versions jibri | grep -c "uptodate")" = "1" ]; then
echo -e "Jibri is already up to date: \xE2\x9C\x94"
else
echo -e "\nAttempting jibri upgrade!"
apt-get -y install --only-upgrade jibri
fi
T2=1
#T3
echo -e "\n#3 -- Check Google Chrome/driver software. --\n"
check_google_binaries "Google Chrome" "$GOOGL_VER_LOCAL"
check_google_binaries "Chromedriver" "$CHD_VER_LOCAL"
if [ -n "$CHD_VER_LOCAL" ] && [ -n "$GOOGL_VER_LOCAL" ]; then
# Chrome upgrade process
if [ "$(apt-show-versions google-chrome-stable | grep -c "uptodate")" = "1" ]; then
echo -e "Google Chrome is already up to date: \xE2\x9C\x94"
else
echo -e "\nAttempting Google Chrome upgrade!"
apt-get -yq install --only-upgrade google-chrome-stable
fi
# Only upgrade chromedriver if it's on a lower version, not just a different one.
if [ "$CHD_VER_2D" = "$GOOGL_VER_2D" ]; then
echo -e "\nChromedriver version seems according to Google Chrome: \xE2\x9C\x94"
T3=1
elif version_gt "$GOOGL_VER_2D" "$CHD_VER_2D" && \
[ "$GOOGL_VER_2D" = "$CHD_LTST_2D" ]; then
echo -e "\nAttempting Chromedriver update!"
wget -q https://chromedriver.storage.googleapis.com/"$CHD_LTST"/chromedriver_linux64.zip \
-O /tmp/chromedriver_linux64.zip
unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/
chown root:root "$CHDB"
chmod 0755 "$CHDB"
rm -rf /tpm/chromedriver_linux64.zip
if [ "$($CHDB -v | awk '{print $2}'|cut -d "." -f 1,2)" = "$GOOGL_VER_2D" ]; then
echo "Successful update"
T3=1
else
echo "Something might gone wrong on the update process, please report."
T3=0
fi
else
T3=0
fi
else
T3=0
fi
#T4
echo -e "\n#4 -- Test kernel modules --\n"
if [ -z "$SND_AL_MODULE" ]; then
#First make sure the recommended kernel is installed.
if [ "$HWE_VIR_MOD" = "1" ]; then
apt-get -y install \
linux-image-generic-hwe-"$(lsb_release -sr)"
else
apt-get -y install \
linux-image-generic \
linux-modules-extra-"$(uname -r)"
fi
echo -e "\nNo module snd_aloop detected. \xE2\x9C\x96 <== IMPORTANT! \nCurrent kernel: $(uname -r)\n"
echo -e "\nIf you just installed a new kernel, \
please try rebooting.\nFor now wait 'til the end of the recommended kernel installation."
echo "# Check and Install HWE kernel if possible..."
if uname -r | grep -q aws;then
KNL_HWE="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)"|awk 'NR==1{print$3}'|cut -d "." -f1-4)"
KNL_MENU="$(awk -F\' '/menuentry / {print $2}' /boot/grub/grub.cfg|awk '!/recovery/&&/generic/{print$3,$4}'|grep "$KNL_HWE")"
if [ -n "$KNL_MENU" ];then
echo -e "\nSeems you are using an AWS kernel \xE2\x9C\x96 <== IMPORTANT! \nYou might consider modify your grub (/etc/default/grub) to use the following:" && \
echo -e "\n > $KNL_MENU"
fi
fi
T4=0
else
echo -e "Great!, module snd-aloop found. \xE2\x9C\x94"
T4=1
fi
#T5
echo -e "\n#5 -- Test .asoundrc file --\n"
ASRC_MASTER="https://raw.githubusercontent.com/jitsi/jibri/master/resources/debian-package/etc/jitsi/jibri/asoundrc"
ASRC_INSTALLED="/home/jibri/.asoundrc"
ASRC_MASTER_MD5SUM="$(curl -sL "$ASRC_MASTER" | md5sum | cut -d ' ' -f 1)"
ASRC_INSTALLED_MD5SUM="$(md5sum "$ASRC_INSTALLED" | cut -d ' ' -f 1)"
if [ "$ASRC_MASTER_MD5SUM" == "$ASRC_INSTALLED_MD5SUM" ]; then
echo -e "Seems to be using the latest asoundrc file available. \xE2\x9C\x94"
T5=1
else
echo -e "asoundrc files differ, if you have errors, you might wanna check this file \xE2\x9C\x96"
T5=0
fi
#T6
echo -e "\n#6 -- Old or new config --\n"
echo -e "What config version is this using?"
if [ -f "${CONF_JSON}"_disabled ] && \
[ -f "$JIBRI_CONF" ] && \
[ -f "$JIBRI_CONF"-dpkg-file ]; then
echo -e "\n> This jibri config has been upgraded already. \xE2\x9C\x94 \n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
T6=1
elif [ ! -f "$CONF_JSON" ] && \
[ -f "$JIBRI_CONF" ] && \
[ -f "${JIBRI_CONF}"-dpkg-file ]; then
echo -e "\n> This jibri seems to be running the latest configuration already. \xE2\x9C\x94 \n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
T6=1
elif [ -f "${CONF_JSON}" ] && \
[ -f "$JIBRI_CONF" ]; then
echo -e "\n> This jibri config seems to be candidate for upgrading. \xE2\x9C\x96 \nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
T6=0
fi
#T6.1
echo -e "\n#6.1 -- Check for specific Chrome flag --\n"
if [ "$(grep -c "ignore-certificate-errors" $JIBRI_CONF)" != 0 ]; then
echo -e "\n> Seems you have the \"--ignore-certificate-errors\" flag required for Chrome v88 and later. \xE2\x9C\x94 \n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
T6_1="0.1"
else
echo -e "\n> The jibri config may be missing the required chrome flags. \xE2\x9C\x96 \nPlease check:\n https://forge.switnet.net/switnet/quick-jibri-installer/src/branch/master/quick_jibri_installer.sh#L870 \n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
T6_1=0
fi
#T7
echo -e "\n#7 -- Check for open communication port among Jibri and JMS --\n"
if ! nc -z -v -w5 "$JMS_DOMAIN" 5222 ; then
echo -e "Connection failed! \xE2\x9C\x96\n > You might want to check both Jibri & JMS firewall rules (TCP 5222)."
T7=0
else
echo -e "Connection succeeded! \xE2\x9C\x94\n"
T7=1
fi
TEST_TOTAL=$(awk "BEGIN{ print $T1 + $T2 + $T3 + $T4 + $T5 + $T6 + $T6_1 + $T7 }")
echo "
##############################
\
Score: $TEST_TOTAL out of 7.1
##############################
"
echo -e "\nJibri Test complete, thanks for testing.\n"