Merge pull request 'README.md: update Jigasi mention now using Vosk.' (#117 ) from Ark74/quick-jibri-installer:upd_readme_jigasi into master

Reviewed-on: #117
README.md: update Jigasi mention now using Vosk.
2024-08-30 01:10:31 +00:00 · 2024-08-29 19:09:35 -06:00 · 2024-08-30 00:51:27 +00:00 · 2024-08-29 23:48:16 +00:00 · 2024-08-29 04:45:19 +00:00 · 2024-08-28 23:05:36 +00:00
32 changed files with 3917 additions and 2030 deletions
--- a/README.md
+++ b/README.md
@ -1,22 +1,29 @@
 # Quick Jibri Installer
-Bash installer for Jibri on **Ubuntu LTS** based systems using **nginx** as default webserver.
+Bash installer for Jitsi Meet standalone along with Jibri on supported **Ubuntu LTS** based systems using **nginx** as default webserver.
 ## Usage
-As for our current latest release, as we have integrated more and more features, we highly recommend to use a purpose specific-newly spawn server to host the jitsi-meet framework, making sure you stick to the requirements and recommendations as much as possible, in order to avoid issues.
+As for our current latest release, as we have integrated more and more features, we highly recommend to use a **purpose specific-newly spawn server** to host the jitsi-meet framework, making sure you stick to the requirements and recommendations as much as possible, in order to avoid issues.
 **WARNING:** Please, avoid using this installer on your everyday GNU/Linux system, as this is an unsupported use and it will likely BREAK YOUR SYSTEM, so please don't.
 ### Main Server
 Login into your clean server, clone git repository and run the installer,
 ```
-git clone https://github.com/switnet-ltd/quick-jibri-installer
+git clone https://forge.switnet.net/switnet/quick-jibri-installer
 cd quick-jibri-installer
 sudo bash quick_jibri_installer.sh
 ```
 ![QJI - Setup](https://raw.githubusercontent.com/wiki/switnet-ltd/quick-jibri-installer/images/qji-diagram-setup.png)
 If your server meet the necessary resources, then at the end on the installer you should have a working Jitsi Meet Server along with a Jibri server ready to record.
 Additional jibris need to be set on separate servers, only necesary on simultaneous recordings for that please use add-jibri-node.sh.
 ### Add Jibri node
-Copy the modified `add-jibri-node.sh` file from your early cloned installation directory once it's completed to the new server meant to be a jibri node using your preferred method, then run it
+Copy the modified `add-jibri-node.sh` file from your early cloned installation directory once the installation is completed, to the new server meant to be a jibri node using your preferred method, then run it
 **WARNING:** This file contains sensitive information from your setup, please handle with care.
@ -24,21 +31,35 @@ Copy the modified `add-jibri-node.sh` file from your early cloned installation d
 bash add-jibri-node.sh
 ```
 Please remember that on newer versions, jibri will record on FHD (1920x1080) so please make sure your server have enough CPU power in orther to handle the encoding load.
 ### Add JVB2 node
 Copy the modified `add-jvb2-node.sh` file from your early cloned installation directory once the installation is completed, to the new server meant to be a jibri node using your preferred method, then run it
 **WARNING:** This file contains sensitive information from your setup, please handle with care.
 ```
 bash add-jvb2-node.sh
 ```
 Check more details on our wiki.
 ## Requirements
-* Clean VM/VPS/Server using Ubuntu LTS
+1. Clean VM/VPS/Server using a supported Ubuntu LTS
-* Valid domain with DNS record, **mandatory** for SSL certs via Let's Encrypt.
+2. Valid domain with DNS record, **mandatory** for SSL certs via Let's Encrypt.
-* Ports open for ACME (SSL) interaction & validation.
+3. open ports for JMS interaction, [see wiki](https://forge.switnet.net/switnet/quick-jibri-installer/wiki/Firewall).
-* Highly recommended: 8 GB RAM / 4 Cores.
+4. Starting at 8 GB RAM / 4 Cores @ ~3.0GHz
-* Webcam
+    *  Adding resources as your audience or features you require, so your experience don't suffer from the lack of resources.
-
+5. Webcam
 ### Jigasi Transcript
 * SIP account
 * Google Cloud Account with Billing setup.
 ### Jibri Recodings Access via Nextcloud
 * Valid domain with DNS record for Nextcloud SSL.
 ### Jigasi Transcript
 * Enough disk space to run Vosk backend via docker container.
 ## Kernel warning
 For AWS users or any cloud service provider that might use their own kernel on their products (servers/vm/vps), might cause Jibri failure to start due not allowing `snd_aloop` module.
@ -48,43 +69,53 @@ Make sure that you update your grub to boot the right one.
 Feel free to use our `test-jibri-env.sh` tool to find some details on your current setup.
 ## Features
-* Enabled Session Recording using Jibri
+* Enabled Session Recording via Jibri
  * Rename Jibri folder with name room + date.
  * Jibri node network.
    * Automatic Jibri nodes network sync ([see more](https://forge.switnet.net/switnet/quick-jibri-installer/wiki/Setup-and-Jibri-Nodes)).
 * JRA (Jibri Recordings Access) via Nextcloud
 * Grafana Dashboard
 * Etherpad via docker install
 * Authentication
  1. Local
  2. JWT ([#87](https://forge.switnet.net/switnet/quick-jibri-installer/issues/87))
  3. None
 * Lobby Rooms
 * Conference Duration
 * Customized brandless mode
  * Setting up custom interface_config.js (to be deprecated by upstream)
 * JVB2 nodes network.
 * Enabled Jitsi Electron app detection server side.
 * Standalone SSL Certbot/LE implementation
 * Jigasi Transcript - Speech to Text powered by Google API
 * JRA (Jibri Recordings Access) via Nextcloud
 * Improved recurring updater
-* Customized brandless mode
+* Jigasi Transcript - vía Vosk speech recognition toolkit.
  * Setting up custom interface_config.js
 * Grafana Dashboard
 * Lobby Rooms - Secure Rooms
 * Conference Duration - Secure Rooms
 * Automatic Jibri nodes network sync ([see more](https://github.com/switnet-ltd/quick-jibri-installer/wiki/Setup-and-Jibri-Nodes)).
 * (New) JVB2 nodes network.
 * (New) JWT auth.
-## Tools (New)
+## Tools
 * Jibri Environment Tester
 * Jibri Conf Upgrader (late 2020).
-* (New) Selenium Grid via Docker
+* Selenium Grid via Docker
 * Start over, installation cleansing tool.
 ## Optional custom changes
 * Optional default language
 * Option to enable Secure Rooms
-* Option to enable Welcome Page
+* Option to enable Welcome page
 * Option to enable Close page
 * Option to set domain as hostname on JMS
 ### Modes
-* (New) Custom High Performance config
+* Custom High Performance config
 ## Custom changes
 * Start with video muted by default
 * Start with audio muted but moderator
-* Set displayname as not required since jibri can't set it up.
+* Set pre-join screen by default.
-* Disabled BETA Blur my background
+
 ## Documentation
-* Please check our [wiki](https://github.com/switnet-ltd/quick-jibri-installer/wiki) for further documentation.
+* Please check our [wiki](https://forge.switnet.net/switnet/quick-jibri-installer/wiki) for further documentation.
 Please note: This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY.
-SwITNet Ltd © - 2020, https://switnet.net/
+SwITNet Ltd © - 2024, https://switnet.net/
--- a/add-jibri-node.sh
+++ b/add-jibri-node.sh
@ -1,25 +1,18 @@
 #!/bin/bash
 # Jibri Node Aggregator
-# SwITNet Ltd © - 2020, https://switnet.net/
+# SwITNet Ltd © - 2024, https://switnet.net/
 # GPLv3 or later.
 ### 0_LAST EDITION TIME STAMP ###
 # LETS: AUTOMATED_EDITION_TIME
 ### 1_LAST EDITION ###
 #Make sure the file name is the required one
 if [ ! "$(basename $0)" = "add-jibri-node.sh" ]; then
 	echo "For most cases naming won't matter, for this one it does."
 	echo "Please use the original name for this script: \`add-jibri-node.sh', and run again."
 	exit
 fi
 while getopts m: option
 do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
-		\?) echo "Usage: sudo ./add_jibri_node.sh [-m debug]" && exit;;
+		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
 	esac
 done
@ -28,6 +21,13 @@ if [ "$MODE" = "debug" ]; then
 set -x
 fi
 #Make sure the file name is the required one
 if [ ! "$(basename "$0")" = "add-jibri-node.sh" ]; then
    echo "For most cases naming won't matter, for this one it does."
    echo "Please use the original name for this script: \`add-jibri-node.sh', and run again."
    exit
 fi
 #Check admin rights
 if ! [ "$(id -u)" = 0 ]; then
   echo "You need to be root or have sudo privileges!"
@ -44,55 +44,98 @@ JB_AUTH_PASS=TBD
 JB_REC_PASS=TBD
 MJS_USER=TBD
 MJS_USER_PASS=TBD
 JIBRI_RES_CONF=TBD
 JIBRI_RES_XORG_CONF=TBD
 THIS_SRV_DIST=$(lsb_release -sc)
-JITSI_REPO=$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f1)
+JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR==1{print$1}')
 START=0
 LAST=TBD
 JIBRI_CONF="/etc/jitsi/jibri/jibri.conf"
 DIR_RECORD="/var/jbrecord"
 REC_DIR="/home/jibri/finalize_recording.sh"
 CHD_VER="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
 GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list"
-GOOGLE_ACTIVE_REPO=$(apt-cache policy | grep http | grep chrome| awk '{print $3}' | head -n 1 | cut -d "/" -f2)
+GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}')
 GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
-PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)"
+#PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)"
 NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
 NJN_USER="jbnode${ADDUP}_${NJN_RAND_TAIL}"
 NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)"
 GITHUB_RAW="https://raw.githubusercontent.com"
 GIT_REPO="switnet-ltd/quick-jibri-installer"
 TEST_JIBRI_ENV="$GITHUB_RAW/$GIT_REPO/unstable/tools/test-jibri-env.sh"
 SHORT_ID="$(awk '{print substr($0,0,7)}' /etc/machine-id)"
 JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf"
 ### 1_VAR_DEF
 # sed limiters for add-jibri-node.sh variables
 var_dlim() {
-	grep -n $1 add-jibri-node.sh|head -n1|cut -d ":" -f1
+    grep -n "$1" add-jibri-node.sh|head -n1|cut -d ":" -f1
 }
 check_var() {
-	if [ -z "$2" ]; then
+    if [ "$2" = "TBD" ]; then
-		echo -e "Check if variable $1 is set: \xE2\x9C\x96 \nExiting..."
+        echo -e "Check if variable $1 is set: \xE2\x9C\x96"
-		exit
+        exit
-	else
+    else
-		echo -e "Check if variable $1 is set: \xE2\x9C\x94"
+        echo -e "Check if variable $1 is set: \xE2\x9C\x94"
-	fi
+    fi
 }
-if [ -z "$LAST" ]; then
+#Change in favor of machine-id identifier
-	echo "There is an error on the LAST definition, please report."
+crontab -l | { cat; echo "@reboot sed -i \"/[[:space:]]control-muc/,/[[:space:]]control-login/{s|nickname = .*|nickname = \\\"$(cat /etc/machine-id)\\\"|}\" /etc/jitsi/jibri/jibri.conf"; } | crontab -
-	exit
+crontab -l
-elif [ "$LAST" = "TBD" ]; then
+
-	ADDUP=$((START + 1))
+echo "
 #-----------------------------------------------------------------------
 # Checking initial necessary variables...
 #-----------------------------------------------------------------------"
 JMS_DATA=("$MAIN_SRV_DIST" \
          "$MAIN_SRV_REPO" \
          "$MAIN_SRV_DOMAIN" \
          "$JibriBrewery" \
          "$JB_NAME" \
          "$JB_AUTH_PASS" \
          "$JB_REC_PASS" \
          "$MJS_USER" \
          "$MJS_USER_PASS" \
          "$JIBRI_RES_CONF" \
          "$JIBRI_RES_XORG_CONF")
 JMS_EVAL="${JMS_DATA[0]}"
 for i in "${JMS_DATA[@]}"; do
    if [[ "$JMS_EVAL" != "$i" ]]; then
        ALL_TBD="no"
        break
    fi
 done
 if [ "$ALL_TBD" = "no" ];then
 echo -e "Good, seems this is not a vanilla copy of add-jibri-node.sh,
 let's check variables ...\n"
 else
-	ADDUP=$((LAST + 1))
+ echo -e "You seem to be using a vanilla copy of the add-jibri-node.sh.
  > Please use the content (or apply the changes) of add-jibri-node.sh from
    the main Jitsi server installation folder, as it contains necessary data.\n"
        exit
 fi
 check_var MAIN_SRV_DIST "$MAIN_SRV_DIST"
 check_var MAIN_SRV_REPO "$MAIN_SRV_REPO"
 check_var MAIN_SRV_DOMAIN "$MAIN_SRV_DOMAIN"
 check_var JibriBrewery "$JibriBrewery"
 check_var JB_NAME "$JB_NAME"
 check_var JB_AUTH_PASS "$JB_AUTH_PASS"
 check_var JB_REC_PASS "$JB_REC_PASS"
 check_var MJS_USER "$MJS_USER"
 check_var MJS_USER_PASS "$MJS_USER_PASS"
 check_var JIBRI_RES_CONF "$JIBRI_RES_CONF"
 check_var JIBRI_RES_XORG_CONF "$JIBRI_RES_XORG_CONF"
 #Check server and node OS
 if [ ! "$THIS_SRV_DIST" = "$MAIN_SRV_DIST" ]; then
-	echo "Please use the same OS for the jibri setup on both servers."
+    echo "Please use the same OS for the jibri setup on both servers."
-	echo "This server is based on: $THIS_SRV_DIST"
+    echo "This server is based on: $THIS_SRV_DIST"
-	echo "The main server record claims is based on: $MAIN_SRV_DIST"
+    echo "The main server record claims is based on: $MAIN_SRV_DIST"
-	exit
+    exit
 fi
 #Check system resources
@ -109,7 +152,7 @@ else
 fi
 ### Test RAM size (8GB min) ###
 mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+')
-if [ ${mem_available} -lt 7700000 ]; then
+if [ "${mem_available}" -lt 7700000 ]; then
  echo "
 Warning!: The system do not meet the minimum RAM requirements for Jibri to run.
 >> We recommend 8GB RAM for Jibri!
@ -132,45 +175,30 @@ else
    do
    read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_LOW_RES
    if [ "$CONTINUE_LOW_RES" = "no" ]; then
-            echo "See you next time with more resources!..."
+        echo "See you next time with more resources!..."
-            exit
+        exit
    elif [ "$CONTINUE_LOW_RES" = "yes" ]; then
-            echo "Please keep in mind that we might not support underpowered nodes."
+        echo "Please keep in mind that we might not support underpowered nodes."
    fi
    done
 fi
 echo "
 #-----------------------------------------------------------------------
 # Checking initial necessary variables...
 #-----------------------------------------------------------------------"
 check_var MAIN_SRV_DIST "$MAIN_SRV_DIST"
 check_var MAIN_SRV_REPO "$MAIN_SRV_REPO"
 check_var MAIN_SRV_DOMAIN "$MAIN_SRV_DOMAIN"
 check_var JibriBrewery "$JibriBrewery"
 check_var JB_NAME "$JB_NAME"
 check_var JB_AUTH_PASS "$JB_AUTH_PASS"
 check_var JB_REC_PASS "$JB_REC_PASS"
 check_var MJS_USER "$MJS_USER"
 check_var MJS_USER_PASS "$MJS_USER_PASS"
 # Rename hostname for each jibri node
-hostnamectl set-hostname "jbnode${ADDUP}.${MAIN_SRV_DOMAIN}"
+hostnamectl set-hostname "jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}"
-sed -i "1i 127.0.0.1 jbnode${ADDUP}.${MAIN_SRV_DOMAIN}" /etc/hosts
+sed -i "1i 127.0.0.1 jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts
 # Jitsi-Meet Repo
 echo "Add Jitsi repo"
 if [ -z "$JITSI_REPO" ]; then
-	echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-$MAIN_SRV_REPO.list
+    echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-"$MAIN_SRV_REPO".list
-	wget -qO -  https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
+    wget -qO -  https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
 elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
-	echo "Main and node servers repository don't match, extiting.."
+    echo "Main and node servers repository don't match, extiting.."
-	exit
+    exit
 elif [ "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
-	echo "Main and node servers repository match, continuing..."
+    echo "Main and node servers repository match, continuing..."
 else
-	echo "Jitsi $JITSI_REPO repository already installed"
+    echo "Jitsi $JITSI_REPO repository already installed"
 fi
 # Requirements
@ -179,35 +207,35 @@ apt-get update -q2
 apt-get dist-upgrade -yq2
 apt-get -y install \
-                apt-show-versions \
+                    apt-show-versions \
-                bmon \
+                    bmon \
-                curl \
+                    curl \
-                ffmpeg \
+                    ffmpeg \
-                git \
+                    git \
-                htop \
+                    htop \
-                inotify-tools \
+                    inotify-tools \
-                jq \
+                    jq \
-                rsync \
+                    rsync \
-                ssh \
+                    ssh \
-                unzip \
+                    unzip \
-                wget
+                    wget
 check_snd_driver() {
 echo -e "\n# Checking ALSA - Loopback module..."
 echo "snd-aloop" | tee -a /etc/modules
 modprobe snd-aloop
 if [ "$(lsmod | grep snd_aloop | head -n 1 | cut -d " " -f1)" = "snd_aloop" ]; then
-	echo "
+    echo "
 #-----------------------------------------------------------------------
 # Audio driver seems - OK.
 #-----------------------------------------------------------------------"
 else
-	echo "
+    echo "
 #-----------------------------------------------------------------------
 # Your audio driver might not be able to load.
 # We'll check the state of this Jibri with our 'test-jibri-env.sh' tool.
 #-----------------------------------------------------------------------"
-curl -s $TEST_JIBRI_ENV > /tmp/test-jibri-env.sh
+curl -s "$TEST_JIBRI_ENV" > /tmp/test-jibri-env.sh
 #Test tool
  if [ "$MODE" = "debug" ]; then
    bash /tmp/test-jibri-env.sh -m debug
@ -220,15 +248,14 @@ fi
 }
 echo "# Check and Install HWE kernel if possible..."
-HWE_VIR_MOD=$(apt-cache madison linux-modules-extra-virtual-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "extra-virtual-hwe")
+HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")"
-if [ "$HWE_VIR_MOD" == "1" ]; then
+if [ "$HWE_VIR_MOD" = "1" ]; then
    apt-get -y install \
-    linux-image-generic-hwe-$(lsb_release -sr) \
+    linux-image-generic-hwe-"$(lsb_release -sr)"
-    linux-modules-extra-virtual-hwe-$(lsb_release -sr)
+else
    else
    apt-get -y install \
    linux-image-generic \
-    linux-modules-extra-$(uname -r)
+    linux-modules-extra-"$(uname -r)"
 fi
 echo "
@ -238,29 +265,29 @@ echo "
 "
 apt-get -y install \
                jibri \
-                openjdk-8-jre-headless
+                openjdk-11-jre-headless
 echo "# Installing Google Chrome / ChromeDriver"
 if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then
-	echo "Google repository already set."
+    echo "Google repository already set."
 else
-	echo "Installing Google Chrome Stable"
+    echo "Installing Google Chrome Stable"
-	wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add -
+    wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add -
-	echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee $GOOGL_REPO
+    echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO"
 fi
 apt-get -q2 update
 apt-get install -y google-chrome-stable
 rm -rf /etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list
 if [ -f /usr/local/bin/chromedriver ]; then
-	echo "Chromedriver already installed."
+    echo "Chromedriver already installed."
 else
-	echo "Installing Chromedriver"
+    echo "Installing Chromedriver"
-	wget -q https://chromedriver.storage.googleapis.com/$CHD_VER/chromedriver_linux64.zip -O /tmp/chromedriver_linux64.zip
+    wget -q https://chromedriver.storage.googleapis.com/"$CHD_VER"/chromedriver_linux64.zip -O /tmp/chromedriver_linux64.zip
-	unzip /tmp/chromedriver_linux64.zip -d /usr/local/bin/
+    unzip /tmp/chromedriver_linux64.zip -d /usr/local/bin/
-	chown root:root /usr/local/bin/chromedriver
+    chown root:root /usr/local/bin/chromedriver
-	chmod 0755 /usr/local/bin/chromedriver
+    chmod 0755 /usr/local/bin/chromedriver
-	rm -rf /tpm/chromedriver_linux64.zip
+    rm -rf /tpm/chromedriver_linux64.zip
 fi
 echo "
@ -278,18 +305,18 @@ echo "
 Remove Chrome warning...
 "
 mkdir -p /etc/opt/chrome/policies/managed
-echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > $GCMP_JSON
+echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON"
 # Recording directory
-if [ ! -d $DIR_RECORD ]; then
+if [ ! -d "$DIR_RECORD" ]; then
-mkdir $DIR_RECORD
+mkdir "$DIR_RECORD"
 fi
-chown -R jibri:jibri $DIR_RECORD
+chown -R jibri:jibri "$DIR_RECORD"
-cat << REC_DIR > $REC_DIR
+cat << REC_DIR > "$REC_DIR"
 #!/bin/bash
-RECORDINGS_DIR=$DIR_RECORD
+RECORDINGS_DIR="$DIR_RECORD"
 echo "This is a dummy finalize script" > /tmp/finalize.out
 echo "The script was invoked with recordings directory $RECORDINGS_DIR." >> /tmp/finalize.out
@ -298,16 +325,73 @@ echo "or storage provider, etc.) in this script" >> /tmp/finalize.out
 chmod -R 770 \$RECORDINGS_DIR
 #Rename folder.
 LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -n -r|awk '{print\$2}'| grep -v "meta\|-" | head -n1)"
 NJF_NAME="\$(find \$LJF_PATH |grep -e "-"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)"
 NJF_PATH="\$RECORDINGS_DIR/\$NJF_NAME"
 ##Prevent empty recording directory failsafe
 if [ "\$LJF_PATH" != "\$RECORDINGS_DIR" ]; then
  mv \$LJF_PATH \$NJF_PATH
  #Workaround for jibri to do cleaning.
  ssh -i /home/jibri/jbsync.pem $MJS_USER@$MAIN_SRV_DOMAIN "rm -r \$LJF_PATH"
 else
  echo "No new folder recorded, not removing anything."
 fi
 exit 0
 REC_DIR
-chown jibri:jibri $REC_DIR
+chown jibri:jibri "$REC_DIR"
-chmod +x $REC_DIR
+chmod +x "$REC_DIR"
 ## New Jibri Config (2020)
-mv $JIBRI_CONF ${JIBRI_CONF}-dpkg-file
+mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file
-cat << NEW_CONF > $JIBRI_CONF
+cat << NEW_CONF > "$JIBRI_CONF"
 // New XMPP environment config.
 jibri {
    streaming {
        // A list of regex patterns for allowed RTMP URLs.  The RTMP URL used
        // when starting a stream must match at least one of the patterns in
        // this list.
        rtmp-allow-list = [
          // By default, all services are allowed
          ".*"
        ]
    }
    ffmpeg {
        resolution = "$JIBRI_RES_CONF"
    }
    chrome {
        // The flags which will be passed to chromium when launching
        flags = [
          "--use-fake-ui-for-media-stream",
          "--start-maximized",
          "--kiosk",
          "--enabled",
          "--disable-infobars",
          "--autoplay-policy=no-user-gesture-required",
          "--ignore-certificate-errors",
          "--disable-dev-shm-usage"
        ]
    }
    stats {
        enable-stats-d = true
    }
    call-status-checks {
        // If all clients have their audio and video muted and if Jibri does not
        // detect any data stream (audio or video) comming in, it will stop
        // recording after NO_MEDIA_TIMEOUT expires.
        no-media-timeout = 30 seconds
        // If all clients have their audio and video muted, Jibri consideres this
        // as an empty call and stops the recording after ALL_MUTED_TIMEOUT expires.
        all-muted-timeout = 10 minutes
        // When detecting if a call is empty, Jibri takes into consideration for how
        // long the call has been empty already. If it has been empty for more than
        // DEFAULT_CALL_EMPTY_TIMEOUT, it will consider it empty and stop the recording.
        default-call-empty-timeout = 30 seconds
    }
    recording {
         recordings-directory = $DIR_RECORD
         finalize-script = $REC_DIR
@ -316,57 +400,57 @@ jibri {
        xmpp {
            environments = [
                {
-				// A user-friendly name for this environment
+                // A user-friendly name for this environment
-				name = "$JB_NAME"
+                name = "$JB_NAME"
-				// A list of XMPP server hosts to which we'll connect
+                // A list of XMPP server hosts to which we'll connect
-				xmpp-server-hosts = [ "$MAIN_SRV_DOMAIN" ]
+                xmpp-server-hosts = [ "$MAIN_SRV_DOMAIN" ]
-				// The base XMPP domain
+                // The base XMPP domain
-				xmpp-domain = "$MAIN_SRV_DOMAIN"
+                xmpp-domain = "$MAIN_SRV_DOMAIN"
-				// The MUC we'll join to announce our presence for
+                // The MUC we'll join to announce our presence for
-				// recording and streaming services
+                // recording and streaming services
-				control-muc {
+                control-muc {
-					domain = "internal.auth.$MAIN_SRV_DOMAIN"
+                    domain = "internal.auth.$MAIN_SRV_DOMAIN"
-					room-name = "$JibriBrewery"
+                    room-name = "$JibriBrewery"
-					nickname = "Live-$ADDUP"
+                    nickname = "machine-id"
-				}
+                }
-				// The login information for the control MUC
+                // The login information for the control MUC
-				control-login {
+                control-login {
-					domain = "auth.$MAIN_SRV_DOMAIN"
+                    domain = "auth.$MAIN_SRV_DOMAIN"
-					username = "jibri"
+                    username = "jibri"
-					password = "$JB_AUTH_PASS"
+                    password = "$JB_AUTH_PASS"
-				}
+                }
-				// An (optional) MUC configuration where we'll
+                // An (optional) MUC configuration where we'll
-				// join to announce SIP gateway services
+                // join to announce SIP gateway services
-			//	sip-control-muc {
+            //    sip-control-muc {
-			//		domain = "domain"
+            //        domain = "domain"
-			//		room-name = "room-name"
+            //        room-name = "room-name"
-			//		nickname = "nickname"
+            //        nickname = "nickname"
-			//	}
+            //    }
-				// The login information the selenium web client will use
+                // The login information the selenium web client will use
-				call-login {
+                call-login {
-					domain = "recorder.$MAIN_SRV_DOMAIN"
+                    domain = "recorder.$MAIN_SRV_DOMAIN"
-					username = "recorder"
+                    username = "recorder"
-					password = "$JB_REC_PASS"
+                    password = "$JB_REC_PASS"
-				}
+                }
-				// The value we'll strip from the room JID domain to derive
+                // The value we'll strip from the room JID domain to derive
-				// the call URL
+                // the call URL
-				strip-from-room-domain = "conference."
+                strip-from-room-domain = "conference."
-				// How long Jibri sessions will be allowed to last before
+                // How long Jibri sessions will be allowed to last before
-				// they are stopped.  A value of 0 allows them to go on
+                // they are stopped.  A value of 0 allows them to go on
-				// indefinitely
+                // indefinitely
-				usage-timeout = 0 hour
+                usage-timeout = 0 hour
-				// Whether or not we'll automatically trust any cert on
+                // Whether or not we'll automatically trust any cert on
-				// this XMPP domain
+                // this XMPP domain
-				trust-all-xmpp-certs = true
+                trust-all-xmpp-certs = true
                }
            ]
        }
@ -374,17 +458,26 @@ jibri {
 }
 NEW_CONF
 #Jibri xorg resolution
 sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" "$JIBRI_XORG_CONF"
 echo -e "\n---- Create random nodesync user ----"
-useradd -m -g jibri $NJN_USER
+useradd -m -g jibri "$NJN_USER"
 echo "$NJN_USER:$NJN_USER_PASS" | chpasswd
 echo -e "\n---- We'll connect to main server ----"
 read -n 1 -s -r -p "Press any key to continue..."$'\n'
-sudo su $NJN_USER -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
+sudo su "$NJN_USER" -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
-echo "Remote pass: $MJS_USER_PASS"
+
-ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> ~/.ssh/known_hosts
+#Workaround for jibri to do cleaning.
-ssh $MJS_USER@$MAIN_SRV_DOMAIN sh -c "'cat >> .ssh/authorized_keys'" < /home/$NJN_USER/.ssh/id_rsa.pub
+install -m 0600 -o jibri /home/"$NJN_USER"/.ssh/id_rsa /home/jibri/jbsync.pem
-sudo su $NJN_USER -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts"
+sudo su jibri -c "install -D /dev/null /home/jibri/.ssh/known_hosts"
 sudo su jibri -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts"
 echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n"
 ssh-keyscan -t rsa "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts
 ssh "$MJS_USER"@"$MAIN_SRV_DOMAIN" sh -c "'cat >> .ssh/authorized_keys'" < /home/"$NJN_USER"/.ssh/id_rsa.pub
 sudo su "$NJN_USER" -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts"
 echo -e "\n---- Setup Log system ----"
 cat << INOT_RSYNC > /etc/jitsi/jibri/remote-jbsync.sh
@ -393,21 +486,21 @@ cat << INOT_RSYNC > /etc/jitsi/jibri/remote-jbsync.sh
 # Log process
 exec 3>&1 4>&2
 trap 'exec 2>&4 1>&3' 0 1 2 3
-exec 1>/var/log/$NJN_USER/remote_jnsync.log 2>&1
+exec 1>/var/log/"$NJN_USER"/remote_jnsync.log 2>&1
 # Run sync
 while true; do
-  inotifywait  -t 60 -r -e modify,attrib,close_write,move,delete $DIR_RECORD
+  inotifywait  -t 60 -r -e modify,attrib,close_write,move,delete "$DIR_RECORD"
-  sudo su $NJN_USER -c "rsync -Aax  --info=progress2 --remove-source-files --exclude '.*/' $DIR_RECORD/ $MJS_USER@$MAIN_SRV_DOMAIN:$DIR_RECORD"
+  sudo su "$NJN_USER" -c "rsync -Aax  --info=progress2 --remove-source-files --exclude '.*/' $DIR_RECORD/ $MJS_USER@$MAIN_SRV_DOMAIN:$DIR_RECORD"
-  find $DIR_RECORD -depth -type d -empty -not -path $DIR_RECORD -delete
+  find "$DIR_RECORD" -depth -type d -empty -not -path "$DIR_RECORD" -delete
 done
 INOT_RSYNC
-mkdir /var/log/$NJN_USER
+mkdir /var/log/"$NJN_USER"
-cat << LOG_ROT > /etc/logrotate.d/$NJN_USER
+cat << LOG_ROT > /etc/logrotate.d/"$NJN_USER"
-/var/log/$NJN_USER/*.log {
+/var/log/"$NJN_USER"/*.log {
    monthly
    missingok
    rotate 12
@ -450,11 +543,6 @@ systemctl daemon-reload
 systemctl enable remote_jnsync.service
 systemctl start remote_jnsync.service
 echo "Writting last node number..."
 sed -i "$(var_dlim 0_VAR),$(var_dlim 1_VAR){s|LAST=.*|LAST=$ADDUP|}" add-jibri-node.sh
 sed -i "$(var_dlim 0_LAST),$(var_dlim 1_LAST){s|LETS: .*|LETS: $(date -R)|}" add-jibri-node.sh
 echo "Last file edition at: $(grep "LETS:" add-jibri-node.sh|head -n1|awk -F'LETS:' '{print$2}')"
 #Enable jibri services
 systemctl enable jibri
 systemctl enable jibri-xorg
@ -462,28 +550,18 @@ systemctl enable jibri-icewm
 check_snd_driver
 echo -e "\nSending updated add-jibri-node.sh file to main server sync user...\n"
 cp $PWD/add-jibri-node.sh /tmp
 sudo -u $NJN_USER scp /tmp/add-jibri-node.sh $MJS_USER@$MAIN_SRV_DOMAIN:/home/$MJS_USER/
 rm $PWD/add-jibri-node.sh /tmp/add-jibri-node.sh
 echo "
 ########################################################################
                        Node addition complete!!
                               IMPORTANT:
   The updated version of this file has been sent to the main server
    at the sync user home directory, please use that one in order to
  install new nodes. For security reason this version has been deleted
                          from this very node.
               For customized support: http://switnet.net
 ########################################################################
 "
-echo "Rebooting in..."
+echo "Make sure to reboot, it's necessary before *any* usage.
 Rebooting in..."
 secs=$((15))
-while [ $secs -gt 0 ]; do
+while [ "$secs" -gt 0 ]; do
   echo -ne "$secs\033[0K\r"
   sleep 1
   : $((secs--))
--- a/add-jvb2-node.sh
+++ b/add-jvb2-node.sh
@ -1,25 +1,18 @@
 #!/bin/bash
 # JVB2 Node Aggregator
-# SwITNet Ltd © - 2020, https://switnet.net/
+# SwITNet Ltd © - 2024, https://switnet.net/
 # GPLv3 or later.
 ### 0_LAST EDITION TIME STAMP ###
 # LETS: AUTOMATED_EDITION_TIME
 ### 1_LAST EDITION ###
 #Make sure the file name is the required one
 if [ ! "$(basename $0)" = "add-jvb2-node.sh" ]; then
 	echo "For most cases naming won't matter, for this one it does."
 	echo "Please use the original name for this script: \`add-jvb2-node.sh', and run again."
 	exit
 fi
 while getopts m: option
 do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
-		\?) echo "Usage: sudo ./add-jvb2-node.sh [-m debug]" && exit;;
+		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
 	esac
 done
@ -28,6 +21,14 @@ if [ "$MODE" = "debug" ]; then
 set -x
 fi
 #Make sure the file name is the required one
 if [ ! "$(basename "$0")" = "add-jvb2-node.sh" ]; then
    echo "For most cases naming won't matter, for this one it does."
    echo "Please use the original name for this script: \`add-jvb2-node.sh', and run again."
    exit
 fi
 #Check admin rights
 if ! [ "$(id -u)" = 0 ]; then
   echo "You need to be root or have sudo privileges!"
@ -53,53 +54,42 @@ SHARD_DOMAIN=TBD
 SHARD_PASS=TBD
 MUC_JID=TBD
-MJS_USER=TBD
+#MJS_USER=TBD
-MJS_USER_PASS=TBD
+#MJS_USER_PASS=TBD
-START=0
+#START=0
-LAST=TBD
+#LAST=TBD
 THIS_SRV_DIST=$(lsb_release -sc)
-JITSI_REPO=$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f1)
+JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR==1{print$1}')
 JVB2_CONF="/etc/jitsi/videobridge/config"
 JVB2_NCONF="/etc/jitsi/videobridge/jvb.conf"
 JVB2_SIP="/etc/jitsi/videobridge/sip-communicator.properties"
 SHORT_ID="$(awk '{print substr($0,0,7)}' /etc/machine-id)"
 #PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)"
 NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
 NJN_USER="jvbnode${ADDUP}_${NJN_RAND_TAIL}"
 NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)"
 #GITHUB_RAW="https://raw.githubusercontent.com"
 #GIT_REPO="switnet-ltd/quick-jibri-installer"
 ### 1_VAR_DEF
 # sed limiters for add-jvb2-node.sh variables
 var_dlim() {
-	grep -n $1 add-jvb2-node.sh|head -n1|cut -d ":" -f1
+    grep -n "$1" add-jvb2-node.sh|head -n1|cut -d ":" -f1
 }
 check_var() {
-	if [ -z "$2" ]; then
+    if [ -z "$2" ]; then
-		echo -e "Check if variable $1 is set: \xE2\x9C\x96 \nExiting..."
+        echo -e "Check if variable $1 is set: \xE2\x9C\x96 \nExiting..."
-		exit
+        exit
-	else
+    else
-		echo -e "Check if variable $1 is set: \xE2\x9C\x94"
+        echo -e "Check if variable $1 is set: \xE2\x9C\x94"
-	fi
+    fi
 }
 if [ -z "$LAST" ]; then
 	echo "There is an error on the LAST definition, please report."
 	exit
 elif [ "$LAST" = "TBD" ]; then
 	ADDUP=$((START + 1))
 else
 	ADDUP=$((LAST + 1))
 fi
 #Check server and node OS
 if [ ! "$THIS_SRV_DIST" = "$MAIN_SRV_DIST" ]; then
-	echo "Please use the same OS for the JVB2 setup on both servers."
+    echo "Please use the same OS for the JVB2 setup on both servers."
-	echo "This server is based on: $THIS_SRV_DIST"
+    echo "This server is based on: $THIS_SRV_DIST"
-	echo "The main server record claims is based on: $MAIN_SRV_DIST"
+    echo "The main server record claims is based on: $MAIN_SRV_DIST"
-	exit
+    exit
 fi
 #Check system resources
@ -107,7 +97,7 @@ echo "Verifying System Resources:"
 if [ "$(nproc --all)" -lt 4 ];then
  echo "
 Warning!: The system do not meet the CPU recomendations for a JVB node for heavy loads.
->> We recommend 4 cores/threads for JVB2!
+>> We recommend 4 cores/threads or above for JVB2!
 "
  CPU_MIN="N"
 else
@ -116,10 +106,10 @@ else
 fi
 ### Test RAM size (8GB min) ###
 mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+')
-if [ ${mem_available} -lt 7700000 ]; then
+if [ "${mem_available}" -lt 7700000 ]; then
  echo "
 Warning!: The system do not meet the CPU recomendations for a JVB node for heavy loads.
->> We recommend 8GB RAM for JVB2!
+>> We recommend 8GB RAM or above for JVB2!
 "
  MEM_MIN="N"
 else
@ -152,7 +142,7 @@ echo "
 #-----------------------------------------------------------------------"
 check_var JVB_HOSTNNAME "$JVB_HOSTNAME"
-if [ -z $JVB_HOST ]; then
+if [ -z "$JVB_HOST" ]; then
  echo "JVB_HOST is empty, but it may be ok for it to be empty, skipping empty test."
 else
  check_var JVB_HOST "$JVB_HOST"
@ -171,21 +161,21 @@ check_var MUC_JID "$MUC_JID"
 check_var MAIN_SRV_DOMAIN "$MAIN_SRV_DOMAIN"
 # Rename hostname for each jvb2 node
-hostnamectl set-hostname "jvb${ADDUP}.${MAIN_SRV_DOMAIN}"
+hostnamectl set-hostname "jvb_${SHORT_ID}.${MAIN_SRV_DOMAIN}"
-sed -i "1i 127.0.0.1 jvb${ADDUP}.${MAIN_SRV_DOMAIN}" /etc/hosts
+sed -i "1i 127.0.0.1 jvb_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts
 # Jitsi-Meet Repo
 echo "Add Jitsi repo"
 if [ -z "$JITSI_REPO" ]; then
-	echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-$MAIN_SRV_REPO.list
+    echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-"$MAIN_SRV_REPO".list
-	wget -qO -  https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
+    wget -qO -  https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
 elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
-	echo "Main and node servers repository don't match, extiting.."
+    echo "Main and node servers repository don't match, extiting.."
-	exit
+    exit
 elif [ "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
-	echo "Main and node servers repository match, continuing..."
+    echo "Main and node servers repository match, continuing..."
 else
-	echo "Jitsi $JITSI_REPO repository already installed"
+    echo "Jitsi $JITSI_REPO repository already installed"
 fi
 # Requirements
@ -194,24 +184,24 @@ apt-get update -q2
 apt-get dist-upgrade -yq2
 apt-get -y install \
-                apt-show-versions \
+                    apt-show-versions \
-                bmon \
+                    bmon \
-                curl \
+                    curl \
-                git \
+                    git \
-                htop \
+                    htop \
-                ssh \
+                    ssh \
-                unzip \
+                    unzip \
-                wget
+                    wget
 echo "# Check and Install HWE kernel if possible..."
-HWE_VIR_MOD=$(apt-cache madison linux-modules-extra-virtual-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "extra-virtual-hwe")
+HWE_VIR_MOD="$(apt-cache madison linux-modules-extra-virtual-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c "extra-virtual-hwe")"
 if [ "$HWE_VIR_MOD" == "1" ]; then
    apt-get -y install \
-    linux-image-generic-hwe-$(lsb_release -sr) \
+    linux-image-generic-hwe-"$(lsb_release -sr)" \
-    linux-modules-extra-virtual-hwe-$(lsb_release -sr)
+    linux-modules-extra-virtual-hwe-"$(lsb_release -sr)"
    else
    apt-get -y install \
-    linux-modules-extra-$(uname -r)
+    linux-modules-extra-"$(uname -r)"
 fi
 echo "
@ -222,8 +212,8 @@ echo "
 echo "jitsi-videobridge jitsi-videobridge/jvb-hostname string $MAIN_SRV_DOMAIN" | debconf-set-selections
 apt-get -y install \
-                jitsi-videobridge2 \
+                    jitsi-videobridge2 \
-                openjdk-8-jre-headless
+                    openjdk-8-jre-headless
 echo '
 ########################################################################
@ -297,42 +287,14 @@ cat << JVB2 >> $JVB2_NCONF
 }
 JVB2
 echo -e "\n---- Create random nodesync user ----"
 useradd -m -g jitsi $NJN_USER
 echo "$NJN_USER:$NJN_USER_PASS" | chpasswd
 echo -e "\n---- We'll connect to main server ----"
 read -n 1 -s -r -p "Press any key to continue..."$'\n'
 sudo su $NJN_USER -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
 echo "Remote pass: $MJS_USER_PASS"
 ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> ~/.ssh/known_hosts
 ssh $MJS_USER@$MAIN_SRV_DOMAIN sh -c "'cat >> .ssh/authorized_keys'" < /home/$NJN_USER/.ssh/id_rsa.pub
 sudo su $NJN_USER -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts"
 echo "Writting last node number..."
 sed -i "$(var_dlim 0_VAR),$(var_dlim 1_VAR){s|LAST=.*|LAST=$ADDUP|}" add-jvb2-node.sh
 sed -i "$(var_dlim 0_LAST),$(var_dlim 1_LAST){s|LETS: .*|LETS: $(date -R)|}" add-jvb2-node.sh
 echo "Last file edition at: $(grep "LETS:" add-jvb2-node.sh|head -n1|awk -F'LETS:' '{print$2}')"
 #Enable jvb2 services
 systemctl enable jitsi-videobridge2.service
 systemctl restart jitsi-videobridge2.service
 echo -e "\nSending updated add-jvb2-node.sh file to main server sync user...\n"
 cp $PWD/add-jvb2-node.sh /tmp
 sudo -u $NJN_USER scp /tmp/add-jvb2-node.sh $MJS_USER@$MAIN_SRV_DOMAIN:/home/$MJS_USER/
 rm $PWD/add-jvb2-node.sh /tmp/add-jvb2-node.sh
 echo "
 ########################################################################
                        Node addition complete!!
                               IMPORTANT:
   The updated version of this file has been sent to the main server
    at the sync user home directory, please use that one in order to
  install new nodes. For security reason this version has been deleted
                          from this very node.
               For customized support: http://switnet.net
 ########################################################################
 "
--- a/136
+++ b/136
@ -0,0 +1,136 @@
 quick-jibri-installer (7.3.0)
    * excalibur: add installer for whiteboard feature.
    * quick_jibri_installer.sh: add excalidraw whiteboard backend
      disable jigasi selector
      add sed check test
      update features list
    * misc: update repository address to new home.
    * misc: update year to late 2023.
 -- Software, IT & Networks <info@switnet.net>  Sat, 11 Nov 2023 21:18:29 -0600
 quick-jibri-installer (7.2.1)
    * changelog: update previous version.
    * quick_jibri_installer.sh: fix deprecated nodejs repo setup,
      add printwc function
 -- Software, IT & Networks <info@switnet.net>  Sun, 22 Oct 2023 17:00:30 -0600
 quick-jibri-installer (7.2.0)
    * changelog: update previous version.
    * quick_jibri_installer.sh: rearrange chromedriver variables.
    * quick_jibri_installer.sh: fix empty varible usage.
    * quick_jibri_installer.sh: update nodejs to a stable release.
    * quick_jibri_installer.sh,jitsi-updater.sh: update chromedriver 115+ version download.
    * jra_nextcloud.sh: organize functions, add apt checks, higher password lenght and small fixes.
    * jitsi-updater.sh: fix check chrome driver version.
 -- Software, IT & Networks <info@switnet.net>  Wed Aug 23 00:51:24 2023 -0600
 quick-jibri-installer (7.1.0)
 * changelog: add changelog
 * quick_jibri_installer.sh: increase support to 22.04
 fix key aggregation and remove deprecated letsencrypt ppa
 * etherpad-docker.sh: fix key aggregation and variable collection.
 * grafana.sh: fix gpg key aggregation
 * jm-bm.sh: tweak sed
 * jra_nextcloud.sh: fix key aggregation and variable collection.
 * jra_nextcloud.sh: fix add gpg key function and add install available version package
 * jra_nextcloud.sh: small fix for install_aval_package function
 -- Software, IT & Networks <info@switnet.net>  Wed Feb 22 05:56:20 2023 -0600
 quick-jibri-installer (7.0.8)
    * jitsi-updater.sh: add checks for openjdk and nodejs supported versions
    * add-jibri-node.sh: set openjdk-jre-headless default version to 11
    * changelog: add changelog
 -- Software, IT & Networks <info@switnet.net>  Tue Nov 15 02:56:26 2022 -0600
 quick-jibri-installer (7.0.7)
    * quick_jibri_installer.sh: fix jaas & acme integration    
 -- Software, IT & Networks <info@switnet.net>  Sun Oct 23 23:52:23 2022 -0500
 quick-jibri-installer (7.0.6)
    * jitsi-updater.sh: fix jitsi repo package update filtering.
 -- Software, IT & Networks <info@switnet.net>  Fri Sep 30 04:04:31 2022 -0500
 quick-jibri-installer (7.0.5)
    * quick_jibri_installer.sh: use new setup to enable local recording feature.
 -- Software, IT & Networks <info@switnet.net>  Fri Aug 19 07:23:41 2022 -0500
 quick-jibri-installer (7.0.4)
    * quick_jibri_installer.sh,jwt.sh: update anonymous string on prosody setup.
      -fix small format issues.
 -- Software, IT & Networks <info@switnet.net>  Fri Aug 19 06:47:21 2022 -0500
 quick-jibri-installer (7.0.3)
    * jitsi-updater: fix condition to set turn config.
    * quick-jibri-installer: fix typo on path.
 -- Software, IT & Networks <info@switnet.net>  Thu Jun 30 09:57:12 2022 -0500
 quick-jibri-installer (7.0.2)
    * Detect jibri node by jitsi-updater.
 -- Software, IT & Networks <info@switnet.net>  Fri Jun 17 16:36:15 2022 -0500
 quick-jibri-installer (7.0.1)
    * Fix debug mode on triggered scripts.
    * Fix grep condition.
 -- Software, IT & Networks <info@switnet.net>  Mon May 23 23:17:39 2022 -0500
 quick-jibri-installer (7.0)
    * Major rework, comply with shellcheck
    ## Add
    * Add experimental tool for AWS grub setup.
    ## Fix
    * Fix grafana configuration
    * Actually apply changes to nginx conf instead of symlink.
    * Actually require to run with admin rights.
    * Improve comments.
    * Rename and fix set_once function.
    * Fix jibri domain.
    ## Improve
    * Comply mode section with shellcheck recommendations.
    * Comply tools section with shellcheck recommendations.
    * Comply main scripts with shellcheck recommendations.
    * Improve shell quality
    * Change JDK version to 11
    * Make warning visible.
    * Change email position, and small fixes
    * Several indenting changes
    * Set warning instead of "note".
    * Yet again more fixes on echo and printf
    * Standarize jra_nextcloud
    * Add comment on debconf state
    * Update SwITNet copyright and standarize debug option for scripts.
    ## Remove
    * Rename deprecated scripts folder
    * Remove old
    * Remove unused code
    * Finally remove jigasi deprecated script.
 -- Software, IT & Networks <info@switnet.net>  Fri May 20 20:07:02 2022 -0500
--- a/deprecated/jigasi.sh
+++ b/deprecated/jigasi.sh
@ -9,7 +9,7 @@
 #######################################################
 #Check if user is root
-if ! [ $(id -u) = 0 ]; then
+if ! [ "$(id -u)" = 0 ]; then
   echo "You need to be root or have sudo privileges!"
   exit 0
 fi
@ -22,30 +22,30 @@ echo '
                    by Software, IT & Networks Ltd
 '
-JIGASI_CONFIG=/etc/jitsi/jigasi/config
+JIGASI_CONFIG="/etc/jitsi/jigasi/config"
-GC_API_JSON=/opt/gc-sdk/GCTranscriptAPI.json
+GC_API_JSON="/opt/gc-sdk/GCTranscriptAPI.json"
-DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
+DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
-MEET_CONF=/etc/jitsi/meet/${DOMAIN}-config.js
+MEET_CONF="/etc/jitsi/meet/${DOMAIN}-config.js"
-JIG_SIP_CONF=/etc/jitsi/jigasi/config
+JIG_SIP_CONF="/etc/jitsi/jigasi/config"
-JIG_SIP_PROP=/etc/jitsi/jigasi/sip-communicator.properties
+JIG_SIP_PROP="/etc/jitsi/jigasi/sip-communicator.properties"
-JIC_SIP_PROP=/etc/jitsi/jicofo/sip-communicator.properties
+JIC_SIP_PROP="/etc/jitsi/jicofo/sip-communicator.properties"
 JIG_TRANSC_PASWD="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 8 | head -n1)"
 JIG_TRANSC_PASWD_B64="$(echo -n "$JIG_TRANSC_PASWD" | base64)"
-DIST=$(lsb_release -sc)
+DIST="$(lsb_release -sc)"
-CHECK_GC_REPO=$(apt-cache policy | grep http | grep cloud-sdk | head -n1 | awk '{print $3}' | awk -F '/' '{print $1}')
+CHECK_GC_REPO="$(apt-cache policy | grep http | grep cloud-sdk | head -n1 | awk '{print $3}' | awk -F '/' '{print $1}')"
 install_gc_repo() {
-	if [ "$CHECK_GC_REPO" = "cloud-sdk-$DIST" ]; then
+if [ "$CHECK_GC_REPO" = "cloud-sdk-$DIST" ]; then
-	echo "
+    echo "
 Google Cloud SDK repository already on the system!
 "
 else
-	echo "
+    echo "
 Adding Google Cloud SDK repository for latest updates
 "
-	export CLOUD_SDK_REPO="cloud-sdk-$DIST"
+    export CLOUD_SDK_REPO="cloud-sdk-$DIST"
-	echo "deb http://packages.cloud.google.com/apt $CLOUD_SDK_REPO main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list
+    echo "deb http://packages.cloud.google.com/apt $CLOUD_SDK_REPO main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list
-	curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
+    curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
 fi
 }
@ -56,17 +56,17 @@ apt-get -y install google-cloud-sdk google-cloud-sdk-app-engine-java
 echo "Please select one of the current options:
 [1] I want to configure a new project, service account, billing and JSON credentials.
 [2] I already have one project configured and already have a JSON key file from Google"
-while [[ $SETUP_TYPE != 1 && $SETUP_TYPE != 2 ]]
+while [[ "$SETUP_TYPE" != "1" && "$SETUP_TYPE" != "2" ]]
 do
-read -p "What option suits your setup?: (1 or 2)"$'\n' -r SETUP_TYPE
+    read -p "What option suits your setup?: (1 or 2)"$'\n' -r SETUP_TYPE
-if [ $SETUP_TYPE = 1 ]; then
+    if [ "$SETUP_TYPE" = "1" ]; then
-	echo "We'll setup a GC Projects from scratch"
+      echo "We'll setup a GC Projects from scratch"
-elif [ $SETUP_TYPE = 2 ]; then
+    elif [ "$SETUP_TYPE" = "2" ]; then
-	echo "We'll setup only the proect and JSON key."
+      echo "We'll setup only the project and JSON key."
-fi
+    fi
 done
-if [ $SETUP_TYPE = 1 ]; then
+if [ "$SETUP_TYPE" = 1 ]; then
 ### Start of new project configuration - Google SDK
 #Setup option 1 - Google Cloud SDK
 echo "Once logged on Google Cloud SDK, please create a new project (last option)."
@ -79,15 +79,15 @@ gcloud auth application-default login
 # Start Google Cloud Configuration - Application Service
 GC_MEMBER=transcript
 echo "Checking if project exist..."
-PROJECT_GC_ID=$(gcloud projects list | grep $GC_PROJECT_NAME | awk '{print$3}')
+PROJECT_GC_ID="$(gcloud projects list | grep "$GC_PROJECT_NAME" | awk '{print$3}')"
-while [ -z $PROJECT_GC_ID ]
+while [ -z "$PROJECT_GC_ID" ]
 do
 read -p "Enter the project name you just created for Jigasi Speech-to-Text"$'\n' -r GC_PROJECT_NAME
-if [ -z PROJECT_GC_ID ]; then
+if [ -z "$PROJECT_GC_ID" ]; then
-	echo "Please check your project name,
+    echo "Please check your project name,"
-	There is no project listed with the provided name: $GC_PROJECT_NAME"
+    echo "There is no project listed with the provided name: $GC_PROJECT_NAME"
-	PROJECT_GC_ID=$(gcloud projects list | grep $GC_PROJECT_NAME | awk '{print$3}')
+        PROJECT_GC_ID="$(gcloud projects list | grep "$GC_PROJECT_NAME" | awk '{print$3}')"
-fi
+    fi
 done
 echo "Your $GC_PROJECT_NAME ID's project is: $PROJECT_GC_ID"
@ -101,19 +101,19 @@ while [[ $? -eq 1 ]]
 do
 CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)"
 if [[ $? -eq 1 ]]; then
-        echo "Seems you haven't enabled billing for this project: $GC_PROJECT_NAME
+        echo "Seems you haven't enabled billing for this project: $GC_PROJECT_NAME"
-    For that go to: https://console.developers.google.com/project/$PROJECT_GC_ID/settings
+        echo "  For that go to: https://console.developers.google.com/project/$PROJECT_GC_ID/settings
    "
-        read -p "Press Enter to continue"
+        read -rp "Press Enter to continue"
        CHECK_BILLING="$(gcloud services enable speech.googleapis.com 2>/dev/null)"
 fi
 done
 echo "Billing account seems setup, continuing..."
-gcloud iam service-accounts create $GC_MEMBER
+gcloud iam service-accounts create "$GC_MEMBER"
-gcloud projects add-iam-policy-binding  $GC_PROJECT_NAME \
+gcloud projects add-iam-policy-binding  "$GC_PROJECT_NAME" \
-    --member serviceAccount:$GC_MEMBER@$GC_PROJECT_NAME.iam.gserviceaccount.com \
+    --member serviceAccount:"$GC_MEMBER"@"$GC_PROJECT_NAME".iam.gserviceaccount.com \
    --role  roles/editor
 echo "Setup credentials:"
@ -122,7 +122,7 @@ https://console.developers.google.com/apis/credentials?folder=&organizationId=&p
 ### End of new project configuration - Google SDK
 fi
-if [ $SETUP_TYPE = 2 ]; then
+if [ "$SETUP_TYPE" = "2" ]; then
 #Setup option 1 - Google Cloud SDK
 echo "Once logged on Google Cloud SDK, please select the project that owns to the JSON key."
 gcloud init
@ -133,7 +133,7 @@ fi
 echo "Setting up JSON key file..."
 sleep 2
 mkdir /opt/gc-sdk/
-cat << KEY_JSON > $GC_API_JSON
+cat << KEY_JSON > "$GC_API_JSON"
 #
 # Paste below this comment your GC JSON key for the service account:
 # $GC_MEMBER@$GC_PROJECT_NAME.iam.gserviceaccount.com
@ -143,11 +143,11 @@ cat << KEY_JSON > $GC_API_JSON
 # These comment lines will be deleted afterwards.
 #
 KEY_JSON
-chmod 644 $GC_API_JSON
+chmod 644 "$GC_API_JSON"
-nano $GC_API_JSON
+nano "$GC_API_JSON"
-sed -i '/^#/d' $GC_API_JSON
+sed -i '/^#/d' "$GC_API_JSON"
-CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)"
+CHECK_JSON_KEY="$(cat "$GC_API_JSON" | python -m json.tool 2>/dev/null)"
 while [[ $? -eq 1 ]]
 do
 CHECK_JSON_KEY="$(cat $GC_API_JSON | python -m json.tool 2>/dev/null)"
@ -169,7 +169,7 @@ echo "Installing Jigasi, your SIP credentials will be asked. (mandatory)"
 apt-get -y install jigasi
 #apt-mark hold jigasi
-cat  << JIGASI_CONF >> $JIGASI_CONFIG
+cat  << JIGASI_CONF >> "$JIGASI_CONFIG"
 GOOGLE_APPLICATION_CREDENTIALS=$GC_API_JSON
@ -179,24 +179,24 @@ echo "Your Google Cloud credentials are at $GC_API_JSON"
 echo "Setting up Jigasi transcript with current platform..."
 #Connect callcontrol
-sed -i "s|// call_control:|call_control:|" $MEET_CONF
+sed -i "s|// call_control:|call_control:|" "$MEET_CONF"
-sed -i "s|// transcribingEnabled|transcribingEnabled|" $MEET_CONF
+sed -i "s|// transcribingEnabled|transcribingEnabled|" "$MEET_CONF"
-sed -i "/transcribingEnabled/ s|false|true|" $MEET_CONF
+sed -i "/transcribingEnabled/ s|false|true|" "$MEET_CONF"
 #siptest2siptest@domain.con
 #changed from conference to internal.auth from jibri
-sed -i "s|siptest|siptest@internal.auth.$DOMAIN|" $JIG_SIP_PROP
+sed -i "s|siptest|siptest@internal.auth.$DOMAIN|" "$JIG_SIP_PROP"
 #Disable component in favor of MUC
-if [ $(grep -c nocomponent $JIG_SIP_CONF) != 0 ]; then
+if [ "$(grep -c nocomponent "$JIG_SIP_CONF")" != 0 ]; then
    echo "Jigasi component is already disabled."
 else
    echo "Disabling jigasi component in favor of MUC"
-    sed -i "s|JIGASI_OPTS=.*|JIGASI_OPTS=\"--nocomponent=true\"|" $JIG_SIP_CONF
+    sed -i "s|JIGASI_OPTS=.*|JIGASI_OPTS=\"--nocomponent=true\"|" "$JIG_SIP_CONF"
 fi
 #Setup XMPP
-cat << ACC1_XMPP >> $JIG_SIP_PROP
+cat << ACC1_XMPP >> "$JIG_SIP_PROP"
 # XMPP account used for control
 net.java.sip.communicator.impl.protocol.jabber.acc1=acc1
@ -265,37 +265,37 @@ org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true
 ACC1_XMPP
 #Enable transcription config
-sed -i "/ENABLE_TRANSCRIPTION/ s|#||" $JIG_SIP_PROP
+sed -i "/ENABLE_TRANSCRIPTION/ s|#||" "$JIG_SIP_PROP"
-sed -i "/ENABLE_TRANSCRIPTION/ s|false|true|" $JIG_SIP_PROP
+sed -i "/ENABLE_TRANSCRIPTION/ s|false|true|" "$JIG_SIP_PROP"
-sed -i "/ENABLE_SIP/ s|#||" $JIG_SIP_PROP
+sed -i "/ENABLE_SIP/ s|#||" "$JIG_SIP_PROP"
-sed -i "/ENABLE_SIP/ s|true|false|" $JIG_SIP_PROP
+sed -i "/ENABLE_SIP/ s|true|false|" "$JIG_SIP_PROP"
 #Transcript format
-sed -i "/SAVE_JSON/ s|# ||" $JIG_SIP_PROP
+sed -i "/SAVE_JSON/ s|# ||" "$JIG_SIP_PROP"
-sed -i "/SEND_JSON/ s|# ||" $JIG_SIP_PROP
+sed -i "/SEND_JSON/ s|# ||" "$JIG_SIP_PROP"
-sed -i "/SAVE_TXT/ s|# ||" $JIG_SIP_PROP
+sed -i "/SAVE_TXT/ s|# ||" "$JIG_SIP_PROP"
-sed -i "/SEND_TXT/ s|# ||" $JIG_SIP_PROP
+sed -i "/SEND_TXT/ s|# ||" "$JIG_SIP_PROP"
 #sed -i "/SEND_TXT/ s|false|true|" $JIG_SIP_PROP
 #Allow to connect other than same server only.
 sed -i \
 "/xmpp.acc.SERVER_ADDRESS/ s|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=.*|org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=$DOMAIN|" \
-$JIG_SIP_PROP
+"$JIG_SIP_PROP"
 #Remember to study how to use LE or what's needed #ToDo
-sed -i "/ALWAYS_TRUST_MODE_ENABLED/ s|# ||" $JIG_SIP_PROP
+sed -i "/ALWAYS_TRUST_MODE_ENABLED/ s|# ||" "$JIG_SIP_PROP"
-prosodyctl register jigasi auth.$DOMAIN $JIG_TRANSC_PASWD
+prosodyctl register jigasi auth."$DOMAIN" "$JIG_TRANSC_PASWD"
 #Set Brewery
-cat << JIG_JIC >> $JIC_SIP_PROP
+cat << JIG_JIC >> "$JIC_SIP_PROP"
 org.jitsi.jicofo.jigasi.BREWERY=JigasiBreweryRoom@internal.auth.$DOMAIN
 JIG_JIC
-systemctl restart 	prosody \
+systemctl restart prosody \
-                    jicofo \
+                  jicofo \
-                    jibri* \
+                  jibri* \
-                    jitsi-videobridge2
+                  jitsi-videobridge2
 echo "
 Full transcript files are available at:
--- a/etherpad-docker.sh
+++ b/etherpad-docker.sh
@ -0,0 +1,157 @@
 #!/bin/bash
 # Etherpad Installer for Jitsi Meet
 # SwITNet Ltd © - 2024, https://switnet.net/
 #
 # GPLv3 or later.
 while getopts m: option
 do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
 	esac
 done
 #DEBUG
 if [ "$MODE" = "debug" ]; then
 set -x
 fi
 if ! [ "$(id -u)" = 0 ]; then
   echo "You need to be root or have sudo privileges!"
   exit 0
 fi
 clear
 echo '
 ########################################################################
                         Etherpad Docker addon
 ########################################################################
                    by Software, IT & Networks Ltd
 '
 FORGE_REPO="https://forge.switnet.net/switnet/quick-jibri-installer"
 check_apt_policy() {
 apt-cache policy 2>/dev/null| awk "/$1/{print \$3}" | awk -F '/' 'NR==1{print$2}'
 }
 install_ifnot() {
 if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
    echo " $1 is installed, skipping..."
    else
        echo -e "\n---- Installing $1 ----"
        apt-get -yq2 install "$1"
 fi
 }
 # Test for matches
 test_match() {
 if grep -q "$1" "$2" ; then
    echo "$(basename "$2") - OK..."
 else
    echo "$(basename "$2"), FAIL..."
    echo "Please report this to $FORGE_REPO"
    exit
 fi
 }
 DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
 MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
 WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
 PSGVER="$(apt-cache madison postgresql|tr -d '[:blank:]'|awk -F'[|+]' 'NR==1{print $2}')"
 ETHERPAD_DB_USER="dockerpad"
 ETHERPAD_DB_NAME="etherpad"
 ETHERPAD_DB_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
 DOCKER_CE_REPO="$(check_apt_policy docker)"
 WS_CONF_MATCH1="# ensure all static content can always be found first"
 echo "Add Docker repo"
 if [ "$DOCKER_CE_REPO" = "stable" ]; then
    echo "Docker repository already installed"
 else
    echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > \
        /etc/apt/sources.list.d/docker-ce.list
    wget -qO - https://download.docker.com/linux/ubuntu/gpg | \
    gpg --dearmor | tee /etc/apt/trusted.gpg.d/docker-gpg-key.gpg  >/dev/null
    apt -q2 update
 fi
 read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS
 # Make sure we can rely on the match strings.
 printf "> Testing match strings on config files.\n"
 test_match "$WS_MATCH1" "$WS_CONF"
 # Install required packages
 install_ifnot docker-ce
 install_ifnot postgresql-"$PSGVER"
 # Create DB
 echo -e "> Creating postgresql database for container...\n"
 sudo -u postgres psql <<DB
 CREATE DATABASE ${ETHERPAD_DB_NAME};
 CREATE USER ${ETHERPAD_DB_USER} WITH ENCRYPTED PASSWORD '${ETHERPAD_DB_PASS}';
 GRANT ALL PRIVILEGES ON DATABASE ${ETHERPAD_DB_NAME} TO ${ETHERPAD_DB_USER};
 DB
 echo "  -- Your etherpad db password is: $ETHERPAD_DB_PASS"
 echo -e "     Please save it somewhere safe.\n"
 # Check fot docker if not running then execute
 if [ ! "$(docker ps -q -f name=etherpad)" ]; then
    if [ "$(docker ps -aq -f status=exited -f name=etherpad)" ]; then
        # cleanup
        docker rm etherpad
    fi
    # run your container
    docker run -d --restart always \
    --network=host \
    --name etherpad \
    -p 127.0.0.1:9001:9001 \
    -e "ADMIN_PASSWORD=$ETHERPAD_ADMIN_PASS" \
    -e "DB_TYPE=postgres"   \
    -e "DB_HOST=localhost"   \
    -e "DB_PORT=5432"   \
    -e "DB_NAME=$ETHERPAD_DB_NAME"   \
    -e "DB_USER=$ETHERPAD_DB_USER" \
    -e "DB_PASS=$ETHERPAD_DB_PASS" \
    -i -t etherpad/etherpad
 fi
 # Tune webserver for Jitsi App control
 if [ "$(grep -c etherpad "$WS_CONF")" != 0 ]; then
    echo "> Webserver seems configured, skipping..."
 elif [ -f "$WS_CONF" ]; then
    echo "> Setting up webserver configuration file..."
    sed -i "/$WS_CONF_MATCH1/i \ \ \ \ #Etherpad block" "$WS_CONF"
    sed -i "/$WS_CONF_MATCH1/i \ \ \ \ location \^\~\ \/etherpad\/ {" "$WS_CONF"
    sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF"
    sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Upgrade \$http_upgrade;" "$WS_CONF"
    sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Connection \$connection_upgrade;" "$WS_CONF"
    sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header X-Forwarded-For \$remote_addr;" "$WS_CONF"
    sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_buffering off;" "$WS_CONF"
    sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_redirect off;" "$WS_CONF"
    sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header       Host \$host;" "$WS_CONF"
    sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:9001\/;" "$WS_CONF"
    sed -i "/$WS_CONF_MATCH1/i \ \ \ \ }" "$WS_CONF"
    sed -i "/$WS_CONF_MATCH1/i \\\n" "$WS_CONF"
 else
    echo "> No etherpad config done to server file, please report to:
    -> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
 fi
 # Configure config.js
 if [ "$(grep -c "etherpad_base" "$WS_CONF")" != 0 ]; then
    echo -e "> $MEET_CONF seems configured, skipping...\n"
 else
    echo -e "> Setting etherpad domain at $MEET_CONF...\n"
    sed -i "s|// etherpad_base: .*|etherpad_base: \'https://$DOMAIN/etherpad/p/\',|" "$MEET_CONF"
 fi
 echo "> Checking nginx configuration..."
 if nginx -t 2>/dev/null ; then
    echo -e "  -- Docker configuration seems fine, enabling it."
 #    systemctl reload nginx
 else
    echo "Please check your configuration, something may be wrong."
    echo "Will not try to enable etherpad nginx configuration, please report to:
    -> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
 fi
--- a/etherpad.sh
+++ b/etherpad.sh
@ -1,195 +0,0 @@
 #!/bin/bash
 # Etherpad Installer for Jitsi Meet
 # SwITNet Ltd © - 2020, https://switnet.net/
 #
 # GPLv3 or later.
 while getopts m: option
 do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
 		\?) echo "Usage: sudo ./etherpad.sh [-m debug]" && exit;;
 	esac
 done
 #DEBUG
 if [ "$MODE" = "debug" ]; then
 set -x
 fi
 if ! [ $(id -u) = 0 ]; then
   echo "You need to be root or have sudo privileges!"
   exit 0
 fi
 clear
 echo '
 ########################################################################
                         Etherpad Docker addon
 ########################################################################
                    by Software, IT & Networks Ltd
 '
 check_apt_policy() {
 apt-cache policy 2>/dev/null| \
 grep http | \
 grep $1 | \
 awk '{print $3}' | \
 head -n 1 | \
 cut -d "/" -f2
 }
 install_ifnot() {
 if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
 	echo " $1 is installed, skipping..."
    else
    	echo -e "\n---- Installing $1 ----"
 		apt-get -yq2 install $1
 fi
 }
 DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
 MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
 WS_CONF="/etc/nginx/sites-enabled/$DOMAIN.conf"
 PSGVER="$(apt-cache madison postgresql | head -n1 | awk '{print $3}' | cut -d "+" -f1)"
 NODE_JS_REPO="$(check_apt_policy node_10)"
 ETHERPAD_USER="etherpad-lite"
 ETHERPAD_HOME="/opt/$ETHERPAD_USER"
 ETHERPAD_DB_USER="meetpad"
 ETHERPAD_DB_NAME="etherpad"
 ETHERPAD_DB_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
 ETHERPAD_SYSTEMD="/etc/systemd/system/etherpad-lite.service"
 # NodeJS
 echo "Addin NodeJS repo..."
 if [ "$NODE_JS_REPO" = "main" ]; then
 	echo "NodeJS repository already installed"
 else
 		curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -
 		apt-get update
 fi
 read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS
 # Install required packages
 install_ifnot jq
 install_ifnot nodejs
 install_ifnot postgresql-$PSGVER
 # Link LE certs on Etherpad directory
 #chmod 755 /etc/letsencrypt/live
 #ln -s /etc/letsencrypt/live/$DOMAIN $ETHERPAD_HOME/
 # Create DB
 echo -e "> Creating postgresql database for etherpad...\n"
 sudo -u postgres psql <<DB
 CREATE DATABASE ${ETHERPAD_DB_NAME};
 CREATE USER ${ETHERPAD_DB_USER} WITH ENCRYPTED PASSWORD '${ETHERPAD_DB_PASS}';
 GRANT ALL PRIVILEGES ON DATABASE ${ETHERPAD_DB_NAME} TO ${ETHERPAD_DB_USER};
 DB
 echo "  -- Your etherpad db password is: $ETHERPAD_DB_PASS"
 echo -e "     Please save it somewhere safe."
 #Set system users
 adduser --system --home=${ETHERPAD_HOME} --group ${ETHERPAD_USER}
 sudo -u $ETHERPAD_USER git clone -b master https://github.com/ether/etherpad-lite.git $ETHERPAD_HOME/
  #Issue: https://github.com/ether/etherpad-lite/issues/3460
  cat <<< "$(jq  'del(.devDependencies)'< $ETHERPAD_HOME/src/package.json)" > $ETHERPAD_HOME/src/package.json
 bash $ETHERPAD_HOME/bin/installDeps.sh
 cp $ETHERPAD_HOME/settings.json $ETHERPAD_HOME/settings.json.backup
 cat << SETTINGS_JSON > $ETHERPAD_HOME/settings.json
 {
 "title": "Conference Etherpad",
  "favicon": "favicon.ico",
  "skinName": "colibris",
  "ip": "0.0.0.0",
  "port": 9001,
  "showSettingsInAdminPage": true,
 //  "ssl" : {
 //            "key"  : "$ETHERPAD_HOME/$DOMAIN/privkey.pem",
 //            "cert" : "$ETHERPAD_HOME/$DOMAIN/fullchain.pem",
 //            "ca"   : "$ETHERPAD_HOME/$DOMAIN/chain.pem"
 //          },
  "dbType" : "postgres",
  "dbSettings" : {
    "user"    : "$ETHERPAD_DB_USER",
    "host"    : "localhost",
    "password": "$ETHERPAD_DB_PASS",
    "database": "$ETHERPAD_DB_NAME",
    "charset" : "utf8mb4"
  },
  "defaultPadText" : "Welcome to Etherpad!\n\nThis pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!\n\nGet involved with Etherpad at https:\/\/etherpad.org\n",
  "users": {
    "admin": {
      // 1) "password" can be replaced with "hash" if you install ep_hash_auth
      // 2) please note that if password is null, the user will not be created
      "password": "$ETHERPAD_ADMIN_PASS",
      "is_admin": true
    }
  }
 }
 SETTINGS_JSON
 cat << SYSTEMD > $ETHERPAD_SYSTEMD
 [Unit]
 Description=Etherpad-lite, the collaborative editor.
 After=syslog.target network.target
 [Service]
 Type=simple
 User=$ETHERPAD_USER
 Group=Group=$ETHERPAD_USER
 WorkingDirectory=$ETHERPAD_HOME
 Environment=NODE_ENV=production
 ExecStart=$ETHERPAD_HOME/bin/run.sh
 Restart=always
 [Install]
 WantedBy=multi-user.target
 SYSTEMD
 #Systemd services
 systemctl enable etherpad-lite
 systemctl restart etherpad-lite
 # Tune webserver for Jitsi App control
 if [ $(grep -c "etherpad" $WS_CONF) != 0 ]; then
    echo "> Webserver seems configured, skipping..."
 elif [ -f $WS_CONF ]; then
    echo "> Setting up webserver configuration file..."
 	sed -i "/Anything that didn't match above/i \ \ \ \ location \^\~\ \/etherpad\/ {" $WS_CONF
 	sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:9001\/;" $WS_CONF
 	sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_set_header X-Forwarded-For \$remote_addr;" $WS_CONF
 	sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_buffering off;" $WS_CONF
    sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_set_header       Host \$host;" $WS_CONF
 	sed -i "/Anything that didn't match above/i \ \ \ \ }" $WS_CONF
 	sed -i "/Anything that didn't match above/i \\\n" $WS_CONF
 else
 	echo "> No etherpad config done to server file, please report to:
    -> https://github.com/switnet-ltd/quick-jibri-installer/issues"
 fi
 # Configure config.js
 if [ $(grep -c "etherpad_base" $WS_CONF) != 0 ]; then
    echo -e "> $MEET_CONF seems configured, skipping...\n"
 else
    echo -e "> Setting etherpad domain at $MEET_CONF...\n"
    sed -i "/ domain: '$DOMAIN'/a\ \ \ \ \ \ \ \ etherpad_base: \'https://$DOMAIN/etherpad/p/\'," $MEET_CONF
 fi
 echo "> Checking nginx configuration..."
 nginx -t 2>/dev/null
 if [ $? = 0 ]; then
 	echo -e "  -- Docker configuration seems fine, enabling it."
 	systemctl reload nginx
 else
 	echo "Please check your configuration, something may be wrong."
 	echo "Will not try to enable etherpad nginx configuration, please report to:
    -> https://github.com/switnet-ltd/quick-jibri-installer/issues"
 fi
--- a/excalidraw-backend.sh
+++ b/excalidraw-backend.sh
@ -0,0 +1,208 @@
 #!/bin/bash
 # Excalidraw Jitsi Backend Installer
 #
 # Based on:
 # - https://community.jitsi.org/t/118883
 #
 # SwITNet Ltd © - 2024, https://switnet.net/
 # GPLv3 or later.
 # Reset
 Color_Off='\e[0m'       # Text Reset
 # Regular Colors
 Black='\e[0;30m'        # Black
 Red='\e[0;31m'          # Red
 Green='\e[0;32m'        # Green
 Yellow='\e[0;33m'       # Yellow
 Blue='\e[0;34m'         # Blue
 Purple='\e[0;35m'       # Purple
 Cyan='\e[0;36m'         # Cyan
 printwc() {
    printf "%b$2%b" "$1" "${Color_Off}"
 }
 print_title() {
 printwc "${Blue}" "\n#--------------------------------------------------"
 printwc "${Blue}" "\n# $1"
 printwc "${Blue}" "\n#--------------------------------------------------\n"
 }
 restart_jibri() {
 if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ]
 then
    systemctl restart jibri
    systemctl restart jibri-icewm
    systemctl restart jibri-xorg
 else
    echo "Jibri service not installed"
 fi
 }
 restart_services() {
    systemctl restart jitsi-videobridge2
    systemctl restart jicofo
    restart_jibri
    systemctl restart prosody
 }
 test_match() {
 if grep -q "$1" "$2" ; then
    echo "$(basename "$2") - OK..."
 else
    echo "$(basename "$2"), FAIL..."
    echo "Please report this to https://forge.switnet.net/switnet/quick-jibri-installer"
    exit
 fi
 }
 while getopts m: option
 do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
 	esac
 done
 #DEBUG
 if [ "$MODE" = "debug" ]; then
 set -x
 fi
 if ! [ "$(id -u)" = 0 ]; then
   echo "You need to be root or have sudo privileges!"
   exit 0
 fi
 clear
 echo -e '\n
 ########################################################################
                  Excalidraw Jitsi Backend Installer
 ########################################################################
                    by Software, IT & Networks Ltd
 \n'
 DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
 WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
 PROSODY_FILE="/etc/prosody/conf.d/$DOMAIN.cfg.lua"
 MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
 WS_MATCH1='# ensure all static content can always be found first'
 PROS_MATCH1='"av_moderation";'
 PROS_MATCH2='breakout_rooms_muc = "breakout.'
 PROS_MATCH3='VirtualHost "recorder.'
 CONFIG_MATCH1='List of undocumented settings used in jitsi-meet'
 EXCALIDRAW_HOME="/opt/excalidraw"
 EXCAL_MATCH1="prometheus.metrics(io"
 EXCAL_NEW_PORT="9091"
 EXCAL_PORT_FILE="$EXCALIDRAW_HOME/backend/src/index.ts"
 # Make sure we can rely on the match strings.
 printf "Testing match strings on config files.\n"
 test_match "$WS_MATCH1" "$WS_CONF"
 test_match "$PROS_MATCH1" "$PROSODY_FILE"
 test_match "$PROS_MATCH2" "$PROSODY_FILE"
 test_match "$PROS_MATCH3" "$PROSODY_FILE"
 test_match "$PROS_MATCH3" "$PROSODY_FILE"
 test_match "$CONFIG_MATCH1" "$MEET_CONF"
 #--------------------------------------------------
 print_title "Setup excalidraw backend."
 #--------------------------------------------------
 adduser --home "$EXCALIDRAW_HOME" --disabled-password --gecos "" excalidraw
 git clone https://github.com/jitsi/excalidraw-backend "$EXCALIDRAW_HOME/backend"
 test_match "$EXCAL_MATCH1" "$EXCAL_PORT_FILE"
 chown -R excalidraw:excalidraw "$EXCALIDRAW_HOME"
 cd "$EXCALIDRAW_HOME/backend"
 sudo -u excalidraw cp .env.development .env.production
 # Use documented port to get some sort of standarization.
 if sed -n "/$EXCAL_MATCH1/,/});/p" "$EXCAL_PORT_FILE" |grep -q port: ; then
    echo -e "> Update predefined port for metrics to $EXCAL_NEW_PORT\n"
    sed -i "/$EXCAL_MATCH1/,/});/s|port:.*,|port: $EXCAL_NEW_PORT,|" "$EXCAL_PORT_FILE"
 else
    echo -e "> Define new port from default to $EXCAL_NEW_PORT\n"
    sed -i  "/$EXCAL_MATCH1/a \ \ \ \ port: $EXCAL_NEW_PORT," "$EXCAL_PORT_FILE"
 fi
 printf "Installing npm backend.\n"
 sudo -u excalidraw npm install
 sudo -u excalidraw npm run build
 #--------------------------------------------------
 print_title "Setup system & jitsi config files."
 #--------------------------------------------------
 # Enable websocket on nginx
 sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF"
 sed -i "/$WS_MATCH1/i \ \ \ \ location = /socket.io/ {" "$WS_CONF"
 sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_pass http://127.0.0.1:3002/socket.io/?\$args;" "$WS_CONF"
 sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF"
 sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Upgrade \$http_upgrade;" "$WS_CONF"
 sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Connection \"upgrade\";" "$WS_CONF"
 sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ proxy_set_header Host \$http_host;" "$WS_CONF"
 sed -i "/$WS_MATCH1/i \ \ \ \ \ \ \ \ tcp_nodelay on;" "$WS_CONF"
 sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF"
 sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF"
 if grep -rq room_metadata /etc/prosody/conf.d/ ;then
    echo "> Prosody seems to be already configured."
 else
    echo "> Setting up prosody for whiteboard..."
    # Modules enabled
    sed -i "/$PROS_MATCH1/a \ \ \ \ \ \ \ \ \"room_metadata\";" "$PROSODY_FILE"
    # Define internal component
    sed -i "/$PROS_MATCH2/a \ \ \ \ room_metadata_component = \"metadata.$DOMAIN\"" "$PROSODY_FILE"
    # Register component
    sed -i "/$PROS_MATCH3/i \\\n" "$PROSODY_FILE"
    sed -i "/$PROS_MATCH3/i Component \"metadata.$DOMAIN\" \"room_metadata_component\"" "$PROSODY_FILE"
    sed -i "/$PROS_MATCH3/i \ \ \ \ muc_component = \"conference.$DOMAIN\"" "$PROSODY_FILE"
    sed -i "/$PROS_MATCH3/i \ \ \ \ breakout_rooms_component = \"breakout.$DOMAIN\"" "$PROSODY_FILE"
    sed -i "/$PROS_MATCH3/i \\\n" "$PROSODY_FILE"
 fi
 printf "\n# Checking for whitebord setup at %s.\n" "$(basename "$MEET_CONF")"
 if [ -z "$(sed -n '/whiteboard: {/,/},/p' "$MEET_CONF")" ]; then
    echo "> No present configuration on current config.js file"
    sed -i "/$CONFIG_MATCH1/i \\\n" "$MEET_CONF"
    sed -i "/$CONFIG_MATCH1/i \ \ \ \ whiteboard: {" "$MEET_CONF"
    sed -i "/$CONFIG_MATCH1/i \ \ \ \ \ \ \ \ enabled: true," "$MEET_CONF"
    sed -i "/$CONFIG_MATCH1/i \ \ \ \ \ \ \ \ collabServerBaseUrl: 'https://$DOMAIN'" "$MEET_CONF"
    sed -i "/$CONFIG_MATCH1/i \ \ \ \ }," "$MEET_CONF"
    sed -i "/$CONFIG_MATCH1/i \\\n" "$MEET_CONF"
 else
    echo "> Enabling configuration on current config.js file"
    sed -i "/whiteboard: {/,/},/s|// ||" "$MEET_CONF"
    sed -i "/collabServerBaseUrl:/s|'https://.*'|'https://$DOMAIN'|" "$MEET_CONF"
 fi
 if  sed -n '/toolbarButtons: \[/,/\],/p' "$MEET_CONF" | \
    grep -v '//'| grep -q whiteboard ; then
    echo "> Whiteboard toolbar already enabled."
 elif sed -n '/toolbarButtons: \[/,/\],/p' "$MEET_CONF" | \
     grep -v '//'|grep -q toolbarButtons: ; then 
    echo "> Enabling whiteboard toolbar."
    sed -i "/toolbarButtons:/a \ \ \ \ \ \ \ 'whiteboard'," "$MEET_CONF"
 else
    echo "> ToolbarButtons not customized, whiteboard should be enabled by default,"
    echo "  otherwise, please report to: https://forge.switnet.net/switnet/quick-jibri-installer/issues"
 fi
 printf "\n# Add systemd service\n"
 cat << EOF > /etc/systemd/system/excalidraw.service
 [Unit]
 Description=Excalidraw backend
 After=network-online.target
 [Service]
 User=excalidraw
 Group=excalidraw
 WorkingDirectory=$EXCALIDRAW_HOME/backend
 ExecStart=npm start
 Restart=always
 RestartSec=5s
 [Install]
 WantedBy=multi-user.target
 EOF
 systemctl enable excalidraw.service
 systemctl start excalidraw.service
 printwc "${Green}" "\nExcalidraw setup complete!\n"
 restart_services
--- a/files/jibri.conf
+++ b/files/jibri.conf
@ -0,0 +1,109 @@
 // XMPP environment config.
 jibri {
    streaming {
        // A list of regex patterns for allowed RTMP URLs.  The RTMP URL used
        // when starting a stream must match at least one of the patterns in
        // this list.
        rtmp-allow-list = [
          // By default, all services are allowed
          ".*"
        ]
    }
    ffmpeg {
        resolution = JIBRI_RES_CONF
    }
    chrome {
        // The flags which will be passed to chromium when launching
        flags = [
          "--use-fake-ui-for-media-stream",
          "--start-maximized",
          "--kiosk",
          "--enabled",
          "--disable-infobars",
          "--autoplay-policy=no-user-gesture-required",
          "--ignore-certificate-errors",
          "--disable-dev-shm-usage"
        ]
    }
    stats {
        enable-stats-d = true
    }
    call-status-checks {
        // If all clients have their audio and video muted and if Jibri does not
        // detect any data stream (audio or video) comming in, it will stop
        // recording after NO_MEDIA_TIMEOUT expires.
        no-media-timeout = 30 seconds
        // If all clients have their audio and video muted, Jibri consideres this
        // as an empty call and stops the recording after ALL_MUTED_TIMEOUT expires.
        all-muted-timeout = 10 minutes
        // When detecting if a call is empty, Jibri takes into consideration for how
        // long the call has been empty already. If it has been empty for more than
        // DEFAULT_CALL_EMPTY_TIMEOUT, it will consider it empty and stop the recording.
        default-call-empty-timeout = 30 seconds
    }
    recording {
         recordings-directory = "DIR_RECORD"
         finalize-script = "REC_DIR"
    }
    api {
        xmpp {
            environments = [
                {
                // A user-friendly name for this environment
                name = "JB_NAME"
                // A list of XMPP server hosts to which we'll connect
                xmpp-server-hosts = [ "DOMAIN" ]
                // The base XMPP domain
                xmpp-domain = "DOMAIN"
                // The MUC we'll join to announce our presence for
                // recording and streaming services
                control-muc {
                    domain = "internal.auth.DOMAIN"
                    room-name = "JibriBrewery"
                    nickname = "Live"
                }
                // The login information for the control MUC
                control-login {
                    domain = "auth.DOMAIN"
                    username = "jibri"
                    password = "JB_AUTH_PASS"
                }
                // An (optional) MUC configuration where we'll
                // join to announce SIP gateway services
            //    sip-control-muc {
            //        domain = "domain"
            //        room-name = "room-name"
            //        nickname = "nickname"
            //    }
                // The login information the selenium web client will use
                call-login {
                    domain = "recorder.DOMAIN"
                    username = "recorder"
                    password = "JB_REC_PASS"
                }
                // The value we'll strip from the room JID domain to derive
                // the call URL
                strip-from-room-domain = "conference."
                // How long Jibri sessions will be allowed to last before
                // they are stopped.  A value of 0 allows them to go on
                // indefinitely
                usage-timeout = 0 hour
                // Whether or not we'll automatically trust any cert on
                // this XMPP domain
                trust-all-xmpp-certs = true
                }
            ]
        }
    }
 }
--- a/files/nextcloud.conf
+++ b/files/nextcloud.conf
@ -0,0 +1,177 @@
 # Nextcloud 28 nginx - configuration
 upstream php-handler {
    #server 127.0.0.1:9000;
    server unix:/run/php/php_PHPVER-fpm.sock;
 }
 # Set the `immutable` cache control options only for assets with a cache busting `v` argument
 map $arg_v $asset_immutable {
    "" "";
    default "immutable";
 }
 server {
    listen 80;
    listen [::]:80;
    server_name _NC_DOMAIN;
    # enforce https
    return 301 https://\$server_name\$request_uri;
 }
 server {
    listen _NC_NGINX_SSL_PORT ssl http2;
    listen [::]:_NC_NGINX_SSL_PORT ssl http2;
    server_name _NC_DOMAIN;
    # Path to the root of your installation
    root _NC_PATH/;
    ssl_certificate /etc/letsencrypt/live/_NC_DOMAIN/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/_NC_DOMAIN/privkey.pem;
    # Prevent nginx HTTP Server Detection
    server_tokens off;
    # HSTS settings
    # WARNING: Only add the preload option once you read about
    # the consequences in https://hstspreload.org/. This option
    # will add the domain to a hardcoded list that is shipped
    # in all major browsers and getting removed from this list
    # could take several months.
    #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" always;
    # set max upload size and increase upload timeout:
    client_max_body_size 512M;
    client_body_timeout 300s;
    fastcgi_buffers 64 4K;
    # Enable gzip but do not remove ETag headers
    gzip on;
    gzip_vary on;
    gzip_comp_level 4;
    gzip_min_length 256;
    gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
    gzip_types application/atom+xml text/javascript application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
    # Pagespeed is not supported by Nextcloud, so if your server is built
    # with the `ngx_pagespeed` module, uncomment this line to disable it.
    #pagespeed off;
    # The settings allows you to optimize the HTTP2 bandwidth.
    # See https://blog.cloudflare.com/delivering-http-2-upload-speed-improvements/
    # for tuning hints
    client_body_buffer_size 512k;
    # HTTP response headers borrowed from Nextcloud `.htaccess`
    add_header Referrer-Policy                   "no-referrer"       always;
    add_header X-Content-Type-Options            "nosniff"           always;
    add_header X-Frame-Options                   "SAMEORIGIN"        always;
    add_header X-Permitted-Cross-Domain-Policies "none"              always;
    add_header X-Robots-Tag                      "noindex, nofollow" always;
    add_header X-XSS-Protection                  "1; mode=block"     always;
    # Remove X-Powered-By, which is an information leak
    fastcgi_hide_header X-Powered-By;
    # Specify how to handle directories -- specifying `/index.php$request_uri`
    # here as the fallback means that Nginx always exhibits the desired behaviour
    # when a client requests a path that corresponds to a directory that exists
    # on the server. In particular, if that directory contains an index.php file,
    # that file is correctly served; if it doesn't, then the request is passed to
    # the front-end controller. This consistent behaviour means that we don't need
    # to specify custom rules for certain paths (e.g. images and other assets,
    # `/updater`, `/ocs-provider`), and thus
    # `try_files $uri $uri/ /index.php$request_uri`
    # always provides the desired behaviour.
    index index.php index.html /index.php$request_uri;
    # Rule borrowed from `.htaccess` to handle Microsoft DAV clients
    location = / {
        if ( $http_user_agent ~ ^DavClnt ) {
            return 302 /remote.php/webdav/$is_args$args;
        }
    }
    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }
    # Make a regex exception for `/.well-known` so that clients can still
    # access it despite the existence of the regex rule
    # `location ~ /(\.|autotest|...)` which would otherwise handle requests
    # for `/.well-known`.
    location ^~ /.well-known {
        # The rules in this block are an adaptation of the rules
        # in `.htaccess` that concern `/.well-known`.
        location = /.well-known/carddav { return 301 /remote.php/dav/; }
        location = /.well-known/caldav  { return 301 /remote.php/dav/; }
        location /.well-known/acme-challenge    { try_files $uri $uri/ =404; }
        location /.well-known/pki-validation    { try_files $uri $uri/ =404; }
        # Let Nextcloud's API for `/.well-known` URIs handle all other
        # requests by passing them to the front-end controller.
        return 301 /index.php$request_uri;
    }
    # Rules borrowed from `.htaccess` to hide certain paths from clients
    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/)  { return 404; }
    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console)                { return 404; }
    # Ensure this block, which passes PHP files to the PHP process, is above the blocks
    # which handle static assets (as seen below). If this block is not declared first,
    # then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
    # to the URI, resulting in a HTTP 500 error response.
    location ~ \.php(?:$|/) {
        # Required for legacy support
        rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri;
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        set $path_info $fastcgi_path_info;
        try_files $fastcgi_script_name =404;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $path_info;
        fastcgi_param HTTPS on;
        fastcgi_param modHeadersAvailable true;         # Avoid sending the security headers twice
        fastcgi_param front_controller_active true;     # Enable pretty urls
        fastcgi_pass php-handler;
        fastcgi_intercept_errors on;
        fastcgi_request_buffering off;
        fastcgi_max_temp_file_size 0;
    }
    # Serve static files
    location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map|ogg|flac)$ {
        try_files $uri /index.php$request_uri;
        add_header Cache-Control "public, max-age=15778463, $asset_immutable";
        access_log off;     # Optional: Don't log access to assets
        location ~ \.wasm$ {
            default_type application/wasm;
        }
    }
    location ~ \.woff2?$ {
        try_files $uri /index.php$request_uri;
        expires 7d;         # Cache-Control policy borrowed from `.htaccess`
        access_log off;     # Optional: Don't log access to assets
    }
    # Rule borrowed from `.htaccess`
    location /remote {
        return 301 /remote.php$request_uri;
    }
    location / {
        try_files $uri $uri/ /index.php$request_uri;
    }
 }
--- a/grafana.sh
+++ b/grafana.sh
@ -7,8 +7,8 @@
 # - https://grafana.com/grafana/dashboards/11969
 # by "mephisto"
 #
-# Igor Kerstges © - 2020
+# Igor Kerstges © - 2021
-# SwITNet Ltd © - 2020, https://switnet.net/
+# SwITNet Ltd © - 2024, https://switnet.net/
 #
 # GPLv3 or later.
@ -17,7 +17,7 @@ do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
-		\?) echo "Usage: sudo ./grafana.sh [-m debug]" && exit;;
+		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
 	esac
 done
@ -26,7 +26,7 @@ if [ "$MODE" = "debug" ]; then
 set -x
 fi
-if ! [ $(id -u) = 0 ]; then
+if ! [ "$(id -u)" = 0 ]; then
   echo "You need to be root or have sudo privileges!"
   exit 0
 fi
@ -39,42 +39,63 @@ echo '
                    by Software, IT & Networks Ltd
 '
 run_service() {
-systemctl enable $1
+systemctl enable "$1"
-systemctl restart $1
+systemctl restart "$1"
-systemctl status $1
+systemctl status "$1"
 }
 test_match() {
    if grep -q "$1" "$2" ; then
        echo "$(basename "$2") - OK..."
    else
        echo "$(basename "$2"), FAIL..."
        echo "Please report this to https://forge.switnet.net/switnet/quick-jibri-installer"
        exit
    fi
 }
 MAIN_TEL="/etc/telegraf/telegraf.conf"
 TEL_JIT="/etc/telegraf/telegraf.d/jitsi.conf"
 GRAFANA_INI="/etc/grafana/grafana.ini"
-DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
+DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
-WS_CONF="/etc/nginx/sites-enabled/$DOMAIN.conf"
+WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
 WS_MATCH1="# ensure all static content can always be found first"
 WS_MATCH2="upstream prosody {"
 GRAFANA_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)"
 # Min requirements
-apt update && apt install -y gnupg2 curl wget jq
+apt-get update && \
 apt-get install -y gnupg2 \
                   curl \
                   wget \
                   jq
 # Make sure we can rely on the match strings.
 printf "> Testing match strings on config files.\n"
 test_match "$WS_MATCH1" "$WS_CONF"
 echo "
 # Setup InfluxDB Packages
 "
-wget -qO- https://repos.influxdata.com/influxdb.key | sudo apt-key add -
+curl -s https://repos.influxdata.com/influxdata-archive.key > \
-echo "deb https://repos.influxdata.com/debian buster stable" | sudo tee /etc/apt/sources.list.d/influxdb.list
+    /etc/apt/trusted.gpg.d/influxdata-archive.key
-apt update && apt install influxdb -y
+echo "deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive.key] https://repos.influxdata.com/debian buster stable" | \
    sudo tee /etc/apt/sources.list.d/influxdb.list
 apt-get update && apt-get install influxdb -y
 run_service influxdb
 echo "
 #  Setup Grafana Packages
 "
-curl -s https://packages.grafana.com/gpg.key | sudo apt-key add -
+curl -s https://apt.grafana.com/gpg-full.key | \
-add-apt-repository "deb https://packages.grafana.com/oss/deb stable main"
+gpg --dearmor | tee /etc/apt/trusted.gpg.d/grafana-full-key.gpg  >/dev/null
-apt update && apt install grafana -y
+echo "deb https://packages.grafana.com/oss/deb stable main" | \
    sudo tee /etc/apt/sources.list.d/grafana_com_oss_deb.list
 apt-get update && apt-get install grafana -y
 run_service grafana-server
 echo "
 # Setup Telegraf Packages
 "
-wget -qO- https://repos.influxdata.com/influxdb.key | sudo apt-key add -
+apt-get update && apt-get install telegraf -y
 echo "deb https://repos.influxdata.com/debian buster stable" | sudo tee /etc/apt/sources.list.d/influxdb.list
 apt update && apt install telegraf -y
 mv /etc/telegraf/telegraf.conf /etc/telegraf/telegraf.conf.original
 echo "
@ -130,18 +151,18 @@ JITSI_TELEGRAF
 run_service telegraf
-echo "
+echo -e "\n# Setup videobridge  options\n"
-# Setup videobridge  options
+echo '
-"
+# extra options to pass to the JVB daemon
-sed -i "s|JVB_OPTS=\"--apis.*|JVB_OPTS=\"--apis=rest,xmpp\"|" /etc/jitsi/videobridge/config
+JVB_OPTS="--apis=rest,xmpp"' >>  /etc/jitsi/videobridge/config
 sed -i "s|TRANSPORT=muc|TRANSPORT=muc,colibri|" /etc/jitsi/videobridge/sip-communicator.properties
 # Enable videobridge REST API
 hocon -f /etc/jitsi/videobridge/jvb.conf set videobridge.apis.rest.enabled true
 systemctl restart jitsi-videobridge2
-echo "
+echo -e "\n# Setup Grafana nginx domain\n"
 # Setup Grafana nginx domain
 "
 sed -i "s|;protocol =.*|protocol = http|" $GRAFANA_INI
-sed -i "s|;http_addr =.*|http_addr = localhost|" $GRAFANA_INI
+sed -i "s|;http_addr =.*|http_addr = 127.0.0.1|" $GRAFANA_INI
 sed -i "s|;http_port =.*|http_port = 3000|" $GRAFANA_INI
 sed -i "s|;domain =.*|domain = $DOMAIN|" $GRAFANA_INI
 sed -i "s|;enforce_domain =.*|enforce_domain = false|" $GRAFANA_INI
@ -158,15 +179,35 @@ while [ $secs -gt 0 ]; do
   : $((secs--))
 done
-if [ -f $WS_CONF ]; then
+if [ -f "$WS_CONF" ]; then
-	sed -i "/Anything that didn't match above/i \ \ \ \ location \~ \^\/(grafana\/|grafana\/login) {" $WS_CONF
+    sed -i "/$WS_MATCH1/i \ \ \ \ # Proxy Grafana." "$WS_CONF"
-	sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:3000;" $WS_CONF
+    sed -i "/$WS_MATCH1/i \ \ \ \ location ~ ^/(grafana/|grafana/login) {" "$WS_CONF"
-	sed -i "/Anything that didn't match above/i \ \ \ \ }" $WS_CONF
+    sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF"
-	sed -i "/Anything that didn't match above/i \\\n" $WS_CONF
+    sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_pass http://grafana;" "$WS_CONF"
-	systemctl restart nginx
+    sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF"
    sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF"
    sed -i "/$WS_MATCH1/i \ \ \ \ # Proxy Grafana Live WebSocket connections." "$WS_CONF"
    sed -i "/$WS_MATCH1/i \ \ \ \ location /grafana/api/live/ {" "$WS_CONF"
    sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF"
    sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Upgrade \$http_upgrade;" "$WS_CONF"
    sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Connection \$connection_upgrade;" "$WS_CONF"
    sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF"
    sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_pass http://grafana;" "$WS_CONF"
    sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF"
    sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections." "$WS_CONF"
    sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF"
    sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF"
    sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF"
    sed -i "/$WS_MATCH2/i }" "$WS_CONF"
    sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF"
    sed -i "/$WS_MATCH2/i upstream grafana {" "$WS_CONF"
    sed -i "/$WS_MATCH2/i \ \ server localhost:3000;" "$WS_CONF"
    sed -i "/$WS_MATCH2/i }" "$WS_CONF"
    systemctl restart nginx
 else
-	echo "No app configuration done to server file, please report to:
+    echo "No app configuration done to server file, please report to:
-    -> https://github.com/switnet-ltd/quick-jibri-installer/issues"
+    -> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
 fi
 echo "
@ -178,7 +219,7 @@ PUT -H "Content-Type: application/json;charset=UTF-8" -d \
  \"oldPassword\": \"admin\",
  \"newPassword\": \"$GRAFANA_PASS\",
  \"confirmNew\": \"$GRAFANA_PASS\"
-}" http://localhost:3000/api/user/password; echo ""
+}" http://127.0.0.1:3000/api/user/password; echo ""
 echo "
 # Create InfluxDB datasource
@ -186,24 +227,24 @@ echo "
 curl -s -k -u "admin:$GRAFANA_PASS" -X \
 POST -H 'Content-Type: application/json;charset=UTF-8' -d \
 '{
-	"name": "InfluxDB",
+    "name": "InfluxDB",
-	"type": "influxdb",
+    "type": "influxdb",
-	"url": "http://localhost:8086",
+    "url": "http://127.0.0.1:8086",
-	"access": "proxy",
+    "access": "proxy",
-	"isDefault": true,
+    "isDefault": true,
-	"database": "jitsi"
+    "database": "jitsi"
-}' http://localhost:3000/api/datasources; echo ""
+}' http://127.0.0.1:3000/api/datasources; echo ""
 echo "
 # Add Grafana Dashboard
 "
-grafana_host="http://localhost:3000"
+grafana_host="http://127.0.0.1:3000"
 grafana_cred="admin:$GRAFANA_PASS"
 grafana_datasource="InfluxDB"
 ds=(11969);
 for d in "${ds[@]}"; do
-  echo -n "Processing $d: "
+  echo "Processing $d: "
-  j=$(curl -s -k -u "$grafana_cred" $grafana_host/api/gnet/dashboards/$d | jq .json)
+  j="$(curl -s -k -u "$grafana_cred" "$grafana_host"/api/gnet/dashboards/"$d" | jq .json)"
  curl -s -k -u "$grafana_cred" -XPOST -H "Accept: application/json" \
    -H "Content-Type: application/json" \
    -d "{
--- a/images/watermark2.svg
+++ b/images/watermark2.svg
@ -0,0 +1 @@
 <?xml version="1.0" encoding="UTF-8"?><svg xmlns="http://www.w3.org/2000/svg" width="1" height="1"/>
--- a/jigasi-vosk-backend.sh
+++ b/jigasi-vosk-backend.sh
@ -0,0 +1,128 @@
 #!/bin/bash
 # Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems.
 # SwITNet Ltd © - 2024, https://switnet.net/
 # GPLv3 or later.
 #Check if user is root
 if ! [ "$(id -u)" = 0 ]; then
   echo "You need to be root or have sudo privileges!"
   exit 0
 fi
 exit_if_not_installed() {
 if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then
    echo " This instance doesn't have $1 installed, exiting..."
    echo " If you think this is an error, please report to:
    -> https://forge.switnet.net/switnet/quick-jibri-installer/issues "
    exit
 fi
 }
 clear
 echo ''
 echo '########################################################################'
 echo '                       Jigasi Transcript addon'
 echo '########################################################################'
 echo '                    by Software, IT & Networks Ltd'
 echo ''
 exit_if_not_installed jitsi-meet
 DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
 JIG_TRANSC_PASWD="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 16 | head -n1)"
 JIG_SIP_PROP="/etc/jitsi/jigasi/sip-communicator.properties"
 export DOMAIN
 export JIG_TRANSC_PASWD
 apt-get -q2 update
 # Disable SIP account prompt by default
 echo "jigasi	jigasi/sip-account	string	''" | debconf-set-selections
 echo "jigasi	jigasi/sip-password	password	''" | debconf-set-selections
 echo "Installing Jigasi, SIP configuration disabled by default."
 apt-get -y install gettext-base jigasi docker.io
 echo "Please select a language for the VOSK transcription model:"
 echo "1) Chinese"
 echo "2) English"
 echo "3) French"
 echo "4) German"
 echo "5) Hindi"
 echo "6) Japanese"
 echo "7) Russian"
 echo "8) Spanish"
 read -p "Enter the number corresponding to your language choice: " -r lang_choice
 case $lang_choice in
    1)
        echo "You selected Chinese."
        VOSK_DOCKER_MODEL="alphacep/kaldi-cn"
        ;;
    2)
        echo "You selected English."
        VOSK_DOCKER_MODEL="alphacep/kaldi-en"
        ;;
    3)
        echo "You selected French."
        VOSK_DOCKER_MODEL="alphacep/kaldi-fr"
        ;;
    4)
        echo "You selected German."
        VOSK_DOCKER_MODEL="alphacep/kaldi-de"
        ;;
    5)
        echo "You selected Hindi."
        VOSK_DOCKER_MODEL="alphacep/kaldi-hi"
        ;;
    6)
        echo "You selected Japanese."
        VOSK_DOCKER_MODEL="alphacep/kaldi-ja"
        ;;
    7)
        echo "You selected Russian."
        VOSK_DOCKER_MODEL="alphacep/kaldi-ru"
        ;;
    8)
        echo "You selected Spanish."
        VOSK_DOCKER_MODEL="alphacep/kaldi-es"
        ;;
    *)
        echo "Invalid selection. Please choose a number between 1 and 8."
        ;;
 esac
 # Running selected VOSK docker model.
 docker run -d --restart always -p 2700:2700 ${VOSK_DOCKER_MODEL}:latest
 echo "Setting up Jigasi transcript with current platform..."
 # Jitsi Meet
 echo "> Patching Jitsi Meet's config.js for Transcription support."
 echo "  Read more at patches/jigasi/001-jigasi-meet-config.patch file"
 envsubst < patches/jigasi/001-jigasi-meet-config.patch | \
  patch --no-backup-if-mismatch -d / -p1
 # Jigasi
 echo "> Patching jigasi's sip-communicator.properties configuration."
 echo "  Read more at patches/jigasi/002-jigasi-sip-properties.patch file"
 cp "$JIG_SIP_PROP" ${JIG_SIP_PROP}-dpkg-file
 envsubst < patches/jigasi/002-jigasi-sip-properties.patch | \
  patch --no-backup-if-mismatch -d / -p1
 # Create transcribe user on hidden domain.
 prosodyctl register transcriber recorder."$DOMAIN" "$JIG_TRANSC_PASWD"
 # Restart services.
 systemctl restart prosody \
                  jicofo \
                  jigasi \
                  jibri* \
                  jitsi-videobridge2
 echo ""
 echo "Full transcript files are available at:"
 echo "--> /var/lib/jigasi/transcripts/"
 echo ""
 echo "Happy transcripting!"
 echo ""
--- a/jitsi-updater.sh
+++ b/jitsi-updater.sh
@ -1,127 +1,214 @@
 #!/bin/bash
 # Jitsi Meet recurring upgrader and customization keeper
 # for Debian/*buntu binaries.
-# 2020 - SwITNet Ltd
+# SwITNet Ltd © - 2024, https://switnet.net/
 # GNU GPLv3 or later.
 while getopts m: option
 do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
 	esac
 done
 #DEBUG
 if [ "$MODE" = "debug" ]; then
 set -x
 fi
 Blue='\e[0;34m'
 Purple='\e[0;35m'
 Red='\e[0;31m'
 Green='\e[0;32m'
 Yellow='\e[0;33m'
 Color_Off='\e[0m'
 printwc() {
    printf "%b$2%b" "$1" "${Color_Off}"
 }
 #Check if user is root
-if ! [ $(id -u) = 0 ]; then
+if ! [ "$(id -u)" = 0 ]; then
   echo "You need to be root or have sudo privileges!"
   exit 0
 fi
 if [ ! -f jm-bm.sh ]; then
-        echo "Please check that you are running the jitsi updater while being on the project folder"
+    echo "Please check that you are running the jitsi updater while being on the project folder"
-        echo "other wise the updater might have errors or be incomplete. Exiting..."
+    echo "other wise the updater might have errors or be incomplete. Exiting..."
-        exit
+    exit
 fi
 support="https://switnet.net/support"
 apt_repo="/etc/apt/sources.list.d"
 LOC_REC="TBD"
 ENABLE_BLESSM="TBD"
-CHD_LST="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
+G_CHROME=$(apt-cache madison google-chrome-stable|awk '{print$3}'|cut -d. -f1-3)
 CHROMELAB_URL="https://googlechromelabs.github.io/chrome-for-testing"
 CHD_LTST_DWNL=$(curl -s $CHROMELAB_URL/known-good-versions-with-downloads.json | \
                jq -r ".versions[].downloads.chromedriver | select(. != null) | .[].url" | \
                grep linux64 | grep "$G_CHROME" | tail -1)
 CHD_LTST=$(awk -F '/' '{print$7}' <<< "$CHD_LTST_DWNL")
 CHD_LTST_2D="$(cut -d "." -f 1,2 <<<  "$CHD_LTST")"
 CHDB="$(whereis chromedriver | awk '{print$2}')"
-DOMAIN="$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')"
+if [ -d /etc/prosody/conf.d/ ]; then
 DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua | \
          awk -F'.cfg' '!/localhost/{print $1}' | xargs basename)"
 else
    echo -e "Seems no prosody is installed...\n  > is this a jibri node?"
 fi
 NC_DOMAIN="TBD"
 JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
-if [ -f $JITSI_MEET_PROXY ];then
+if [ -f "$JITSI_MEET_PROXY" ];then
-PREAD_PROXY=$(grep -nr "preread_server_name" $JITSI_MEET_PROXY | cut -d ":" -f1)
+PREAD_PROXY="$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" -f1)"
 fi
 INT_CONF="/usr/share/jitsi-meet/interface_config.js"
 INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js"
-jibri_packages="$(grep Package /var/lib/apt/lists/download.jitsi.org_*_Packages |sort -u|awk '{print $2}'|sed 's|jigasi||'|paste -s -d ' ')"
+read -r -a jibri_packages < <(grep ^Package /var/lib/apt/lists/download.jitsi.org_*_Packages | \
                              sort -u | awk '{print $2}' | sed '/jigasi/d' | \
                              xargs)
 AVATAR="$(grep -r avatar /etc/nginx/sites-*/ 2>/dev/null)"
-if [ -f $apt_repo/google-chrome.list ]; then
+if [ -f "$apt_repo"/google-chrome.list ]; then
-    google_package=$(grep Package /var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages | sort -u | cut -d ' ' -f2 | paste -s -d ' ')
+read -r -a google_package < <(grep ^Package /var/lib/apt/lists/dl.google.com_*_Packages | \
                              sort -u | awk '{print $2}' | xargs)
 else
    echo "Seems no Google repo installed"
 fi
-if [ -z $CHDB ]; then
+if [ -f "$apt_repo"/nodesource.list ]; then
-	echo "Seems no chromedriver installed"
+read -r -a nodejs_package < <(grep ^Package /var/lib/apt/lists/deb.nodesource.com_node*_Packages | \
                              sort -u | awk '{print $2}' | xargs)
 else
-    CHD_AVB=$(chromedriver -v | awk '{print $2}')
+    echo "Seems no nodejs repo installed"
 fi
-
+# True if $1 is greater than $2
 version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
-check_jibri() {
+restart_jibri() {
 if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ]
 then
-	systemctl restart jibri
+    systemctl restart jibri
-	systemctl restart jibri-icewm
+    systemctl restart jibri-icewm
-	systemctl restart jibri-xorg
+    systemctl restart jibri-xorg
 else
-	echo "Jibri service not installed"
+    echo "Jibri service not installed"
 fi
 }
 # Restarting services
 restart_services() {
-	systemctl restart jitsi-videobridge2
+    systemctl restart jitsi-videobridge2
-	systemctl restart jicofo
+    systemctl restart jicofo
-	check_jibri
+    restart_jibri
-	systemctl restart prosody
+    systemctl restart prosody
 }
 upgrade_cd() {
 if version_gt $CHD_LST $CHD_AVB
 then
 	echo "Upgrading ..."
 	wget https://chromedriver.storage.googleapis.com/$CHD_LST/chromedriver_linux64.zip
 	unzip chromedriver_linux64.zip
 	sudo cp chromedriver $CHDB
 	rm -rf chromedriver chromedriver_linux64.zip
 	chromedriver -v
 else
 	echo "No need to upgrade Chromedriver"
 	printf "Current version: ${Green} $CHD_AVB ${Color_Off}\n"
 fi
 }
 update_jitsi_repo() {
    apt-get update -o Dir::Etc::sourcelist="sources.list.d/jitsi-$1.list" \
        -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"
-    apt-get install -qq --only-upgrade $jibri_packages
+    apt-get install -q2 --only-upgrade <<< printf "${jibri_packages[@]}"
 }
 update_google_repo() {
-	if [ -f $apt_repo/google-chrome.list ]; then
+    if [ -f "$apt_repo"/google-chrome.list ]; then
    apt-get update -o Dir::Etc::sourcelist="sources.list.d/google-chrome.list" \
        -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"
-    apt-get install -qq --only-upgrade $google_package
+    apt-get install -q2 --only-upgrade <<< printf "${google_package[@]}"
    else
-		echo "No Google repository found"
+        echo "No Google repository found"
    fi
 	if [ -z "$CHDB" ]; then
 		echo "Seems no chromedriver installed"
 	else
 		CHD_VER_LOCAL="$($CHDB -v | awk '{print $2}')"
 		CHD_VER_2D="$(awk '{printf "%.1f\n", $NF}' <<< "$CHD_VER_LOCAL")"
 	fi
 }
 update_nodejs_repo() {
    apt-get update -o Dir::Etc::sourcelist="sources.list.d/nodesource.list" \
        -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"
    apt-get install -q2 --only-upgrade <<< printf "${nodejs_package[@]}"
 }
 check_latest_gc() {
 printwc "${Purple}" "Checking for Google Chrome\n"
 if [ -f /usr/bin/google-chrome ]; then
    GOOGL_VER_2D="$(/usr/bin/google-chrome --version|awk '{printf "%.1f\n", $NF}')"
 else
    printwc "${Yellow}" " -> Seems there is no Google Chrome installed\n"
    IS_GLG_CHRM="no"
 fi
 }
 check_latest_gc
 upgrade_cd() {
 if [ -n "$GOOGL_VER_2D" ]; then
    check_latest_gc
    if version_gt "$GOOGL_VER_2D" "$CHD_VER_2D" ; then
        echo "Upgrading Chromedriver to Google Chromes version"
        wget -q "$CHD_LTST_DWNL" \
             -O /tmp/chromedriver_linux64.zip
        unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/
        mv /usr/local/bin/chromedriver-linux64/chromedriver "$CHDB"
        chown root:root "$CHDB"
        chmod 0755 "$CHDB"
        rm -rf /tpm/chromedriver_linux64.zip
        printf "Current version: "
        printwc "$Green" "$($CHDB -v |awk '{print $2}'|awk '{printf "%.1f\n", $NF}')"
        echo -e " (latest available)\n"
    elif [ "$GOOGL_VER_2D" = "$CHD_LTST_2D" ]; then
        echo "No need to upgrade Chromedriver"
        printf "Current version: "
        printwc "$Green" "$CHD_VER_2D\n"
    fi
 else
  printwc "${Yellow}" " -> No Google Chrome versión to match, leaving untouched.\n"
 fi
 }
 check_lst_cd() {
-printf "${Purple}Checking for the latest Chromedriver${Color_Off}\n"
+printwc "${Purple}" "Checking for the latest Chromedriver\n"
-if [ -f $CHDB ]; then
+if [ -f "$CHDB" ]; then
-        printf "Current installed Chromedriver: ${Yellow} $CHD_AVB ${Color_Off}\n"
+    printf "Current installed Chromedriver: "
-        printf "Latest Chromedriver version available: ${Green} $CHD_LST ${Color_Off}\n"
+    printwc "${Yellow}" "$CHD_VER_2D\n"
-        upgrade_cd
+    printf "Current installed Google Chrome: "
    printwc "${Green}" "$GOOGL_VER_2D\n"
    upgrade_cd
 else
-	printf "${Yellow} -> Seems there is no Chromedriver installed${Color_Off}\n"
+    printwc "${Yellow}" " -> Seems there is no Chromedriver installed\n"
    IS_CHDB="no"
 fi
 }
-printf "${Blue}Update & upgrade Jitsi and components - v2.3${Color_Off}\n"
+printwc "${Blue}" "Update & upgrade Jitsi and components\n"
-if [ -f $apt_repo/jitsi-unstable.list ]; then
+if [ -f "$apt_repo"/jitsi-unstable.list ]; then
-	update_jitsi_repo unstable
+    update_jitsi_repo unstable
-	update_google_repo
+    update_google_repo
-	check_lst_cd
+    check_lst_cd
-elif [ -f $apt_repo/jitsi-stable.list ]; then
+elif [ -f "$apt_repo"/jitsi-stable.list ]; then
-	update_jitsi_repo stable
+    update_jitsi_repo stable
-	update_google_repo
+    update_google_repo
-	check_lst_cd
+    check_lst_cd
 else
-	echo "Please check your repositories, something is not right."
+    echo "Please check your repositories, something is not right."
-	exit 1
+    exit 1
 fi
 printwc "${Blue}" "Check for supported nodejs LTS version"
 if version_gt "14" "$(dpkg-query -W -f='${Version}' nodejs)"; then
    curl -sL https://deb.nodesource.com/setup_14.x | sudo -E bash -
    apt-get install -yq2 nodejs
 else
    update_nodejs_repo
 fi
 check_if_installed(){
 if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
    echo "1"
 else
    echo "0"
 fi
 }
 check_for_jibri_node() {
 if [ "$(check_if_installed jibri)" = 1 ] && \
   [ "$(check_if_installed jitsi-meet)" = 0 ] && \
   [ "$(check_if_installed prosody)" = 0 ]; then
    printwc "${Green}" "\n::: This seems to be a jibri node :::\n"
 JIBRI_NODE="yes"
 fi
 }
 # Any customization, image, name or link change for any purpose should
 # be documented here so new updates won't remove those changes.
 # We divide them on UI changes and branding changes, feel free to adapt
@ -132,61 +219,77 @@ fi
 ########################################################################
 #                     User interface changes                           #
 ########################################################################
 #Check for jibri node
 check_for_jibri_node
 [ "$JIBRI_NODE" != yes ] && \
 if [ -f "$INT_CONF_ETC" ]; then
    echo "Static interface_config.js exists, skipping modification..."
 else
    echo "This setup doesn't have a static interface_config.js, checking changes..."
-	printf "${Purple}========== Setting Static Avatar  ==========${Color_Off}\n"
+    printwc "${Purple}" "========== Setting Static Avatar  ==========\n"
-	if [[ -z "$AVATAR" ]]; then
+    if [ -z "$AVATAR" ]; then
-		echo "Moving on..."
+        echo "Moving on..."
-	else
+    else
-		echo "Setting Static Avatar"
+        echo "Setting Static Avatar"
-		sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'http://$DOMAIN/avatar/\'|" $INT_CONF
+        sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'http://$DOMAIN/avatar/\'|" "$INT_CONF"
-		sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" $INT_CONF
+        sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" "$INT_CONF"
-	fi
+    fi
-
+    printwc "${Purple}" "========== Setting Support Link  ==========\n"
-	printf "${Purple}========== Setting Support Link  ==========${Color_Off}\n"
+    if [ -z "$support" ]; then
-	if [[ -z $support ]]; then
+        echo "Moving on..."
-		echo "Moving on..."
+    else
-	else
+        echo "Setting Support custom link"
-		echo "Setting Support custom link"
+        sed -i "s|https://jitsi.org/live|$support|g" "$INT_CONF"
-		sed -i "s|https://jitsi.org/live|$support|g" $INT_CONF
+    fi
-	fi
+    printwc "${Purple}" "========== Disable Blur my background  ==========\n"
-
+    sed -i "s|'videobackgroundblur', ||" "$INT_CONF"
-	printf "${Purple}========== Disable Localrecording  ==========${Color_Off}\n"
+fi
-	if [ "$LOC_REC" != "on" ]; then
+if [ "$(check_if_installed openjdk-8-jre-headless)" = 1 ]; then
-			echo "Removing localrecording..."
+    printwc "${Red}" "\n::: Unsupported OpenJDK JRE version found :::\n"
-			sed -i "s|'localrecording',||" $INT_CONF
+    apt-get install -y openjdk-11-jre-headless
-	fi
+    apt-get purge -y openjdk-8-jre-headless
-
+    printwc "${Green}" "\n::: Updated to supported OpenJDK JRE version 11 :::\n"
 	printf "${Purple}========== Disable Blur my background  ==========${Color_Off}\n"
 	sed -i "s|'videobackgroundblur', ||" $INT_CONF
 fi
 [ "$JIBRI_NODE" != yes ] && \
 if [  "$NC_DOMAIN" != "TBD" ]; then
-printf "${Purple}========== Enable $NC_DOMAIN for sync client ==========${Color_Off}\n"
+printwc "${Purple}" "========== Enable $NC_DOMAIN for sync client ==========\n"
-    if [ -z "$PREAD_PROXY" ]; then
+    if [ -f "$JITSI_MEET_PROXY" ] && [ -z "$PREAD_PROXY" ]; then
-        echo "
+        printf "\n  Setting up Nextcloud domain on Jitsi Meet turn proxy\n\n"
-  Setting up Nextcloud domain on Jitsi Meet turn proxy
+        sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" "$JITSI_MEET_PROXY"
-"
+        sed -i "/server {/i \ \ \ \ \ \ $DOMAIN    web;" "$JITSI_MEET_PROXY"
-        sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" $JITSI_MEET_PROXY
+        sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN    web;" "$JITSI_MEET_PROXY"
-        sed -i "/server {/i \ \ \ \ \ \ $DOMAIN      web;" $JITSI_MEET_PROXY
+        sed -i "/server {/i \ \ }" "$JITSI_MEET_PROXY"
        sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" $JITSI_MEET_PROXY
        sed -i "/server {/i \ \ }" $JITSI_MEET_PROXY
      else
        echo "$NC_DOMAIN seems to be on place, skipping..."
    fi
 fi
-restart_services
+# Final check & upgrade call.
 check_lst_cd
 if [ "$JIBRI_NODE" = "yes" ]; then
    restart_jibri
 else
    restart_services
 fi
 if  [ "$JIBRI_NODE" = "yes" ] && \
    [ "$IS_CHDB" = "no" ] && \
    [ "$IS_GLG_CHRM" = "no" ];then
 printwc "${Red}" "\nBeware: This jibri node seems to be missing important packages.\n"
 echo " > Googe Chrome"
 echo " > Chromedriver"
 fi
 ########################################################################
 #                         Brandless mode                               #
 ########################################################################
-if [ $ENABLE_BLESSM = on ]; then
+if [ "$ENABLE_BLESSM" = "on" ]; then
-	bash $PWD/jm-bm.sh
+    if [ "$MODE" = "debug" ]; then
        bash "$PWD"/jm-bm.sh -m debug
    else
        bash "$PWD"/jm-bm.sh
    fi
 fi
-printf "${Blue}Script completed \o/! ${Color_Off}\n"
+printwc "${Blue}" "Script completed \o/!\n"
--- a/jm-bm.sh
+++ b/jm-bm.sh
@ -1,10 +1,24 @@
 #!/bin/bash
 # Jitsi Meet brandless mode
 # for Debian/*buntu binaries.
-# 2020 - SwITNet Ltd
+# SwITNet Ltd © - 2024, https://switnet.net/
 # GNU GPLv3 or later.
-DOMAIN="$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')"
+while getopts m: option
 do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
 	esac
 done
 #DEBUG
 if [ "$MODE" = "debug" ]; then
 set -x
 fi
 DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
 CSS_FILE="/usr/share/jitsi-meet/css/all.css"
 TITLE_FILE="/usr/share/jitsi-meet/title.html"
 INT_CONF="/usr/share/jitsi-meet/interface_config.js"
@ -13,6 +27,7 @@ BUNDLE_JS="/usr/share/jitsi-meet/libs/app.bundle.min.js"
 #
 JM_IMG_PATH="/usr/share/jitsi-meet/images"
 WTM2_PATH="$JM_IMG_PATH/watermark2.png"
 WTM2_SVG_PATH="$JM_IMG_PATH/watermark2.svg"
 FICON_PATH="$JM_IMG_PATH/favicon2.ico"
 REC_ICON_PATH="$JM_IMG_PATH/gnome_record.png"
 #
@ -21,59 +36,65 @@ MOVILE_APP_NAME="Jitsi Meet"
 PART_USER="Participant"
 LOCAL_USER="me"
 #
-SEC_ROOM="TBD"
+#SEC_ROOM="TBD"
 copy_if_not_there() {
 	if [ ! -f "$1" ]; then
        cp images/"$(echo $1|xargs basename)" "$1"
    else
        echo "$(echo $1|xargs basename) file exists, skipping copying..."
    fi
 }
 echo '
 #--------------------------------------------------
 # Applying Brandless mode
 #--------------------------------------------------
 '
 #Watermark
-if [ ! -f $WTM2_PATH ]; then
+copy_if_not_there "$WTM2_PATH"
-	cp images/watermark2.png $WTM2_PATH
+
-else
+#Watermark svg
-	echo "watermark2 file exists, skipping copying..."
+copy_if_not_there "$WTM2_SVG_PATH"
-fi
+
 #Favicon
-if [ ! -f $FICON_PATH ]; then
+copy_if_not_there "$FICON_PATH"
-	cp images/favicon2.ico $FICON_PATH
+
 else
 	echo "favicon2 file exists, skipping copying..."
 fi
 #Local recording icon
-if [ ! -f $REC_ICON_PATH ];then
+copy_if_not_there "$REC_ICON_PATH"
 	cp images/gnome_record.png $REC_ICON_PATH
 else
        echo "recodring icon exists, skipping copying..."
 fi
 #Custom / Remove icons
-sed -i "s|watermark.png|watermark2.png|g" $CSS_FILE
+sed -i "s|watermark.png|watermark2.png|g" "$CSS_FILE"
-sed -i "s|favicon.ico|favicon2.ico|g" $TITLE_FILE
+sed -i "s|favicon.ico|favicon2.ico|g" "$TITLE_FILE"
-sed -i "s|jitsilogo.png|watermark2.png|g" $TITLE_FILE
+sed -i "s|jitsilogo.png|watermark2.png|g" "$TITLE_FILE"
-sed -i "s|logo-deep-linking.png|watermark2.png|g" $BUNDLE_JS
+sed -i "s|logo-deep-linking.png|watermark2.png|g" "$BUNDLE_JS"
-sed -i "s|jitsiLogo_square.png|gnome_record.png|g" $BUNDLE_JS
+sed -i "s|icon-cloud.png|gnome_record.png|g" "$BUNDLE_JS"
 #Disable logo and url
-if [ -z $(grep -nr ".leftwatermark{display:none" $CSS_FILE) ]; then
+if ! grep -q ".leftwatermark{display:none" "$CSS_FILE" ; then
-sed -i "s|.leftwatermark{|.leftwatermark{display:none;|" $CSS_FILE
+    sed -i "s|.leftwatermark{|.leftwatermark{display:none;|" "$CSS_FILE"
 fi
 #Replace App logo
 sed -i "s|// defaultLogoUrl: .*|    defaultLogoUrl: 'images/watermark2.svg',|" "$MEET_CONF"
 #Overwrite favicon svg
 cp images/watermark2.svg $JM_IMG_PATH/favicon.svg
 #Customize room title
-sed -i "s|Jitsi Meet|$APP_NAME|g" $TITLE_FILE
+sed -i "s|Jitsi Meet|$APP_NAME|g" "$TITLE_FILE"
-sed -i "s| powered by the Jitsi Videobridge||g" $TITLE_FILE
+sed -i "s| powered by the Jitsi Videobridge||g" "$TITLE_FILE"
-sed -i "/appNotInstalled/ s|{{app}}|$MOVILE_APP_NAME|" /usr/share/jitsi-meet/lang/*
+sed -i "/appNotInstalled/ s|{{app}}|$MOVILE_APP_NAME|g" /usr/share/jitsi-meet/lang/*
 #Custom UI changes
 if [ -f "$INT_CONF_ETC" ]; then
    echo "Static interface_config.js exists, skipping modification..."
 else
    echo "This setup doesn't have a static interface_config.js, checking changes..."
-	echo -e "\nPlease note that brandless mode will also overwrite support links.\n"
+    echo -e "\nPlease note that brandless mode will also overwrite support links.\n"
-	sed -i "21,32 s|Jitsi Meet|$APP_NAME|g" $INT_CONF
+    sed -i "21,32 s|Jitsi Meet|$APP_NAME|g" "$INT_CONF"
-	sed -i  "s|\([[:space:]]\)APP_NAME:.*| APP_NAME: \'$APP_NAME\',|" $INT_CONF
+    sed -i  "s|\([[:space:]]\)APP_NAME:.*| APP_NAME: \'$APP_NAME\',|" "$INT_CONF"
-	sed -i "s|Fellow Jitster|$PART_USER|g" $INT_CONF
+    sed -i "s|Fellow Jitster|$PART_USER|g" "$INT_CONF"
-	sed -i "s|'me'|'$LOCAL_USER'|" $INT_CONF
+    sed -i "s|'me'|'$LOCAL_USER'|" "$INT_CONF"
-	sed -i "s|LIVE_STREAMING_HELP_LINK: .*|LIVE_STREAMING_HELP_LINK: '#',|g" $INT_CONF
+    sed -i "s|LIVE_STREAMING_HELP_LINK: .*|LIVE_STREAMING_HELP_LINK: '#',|g" "$INT_CONF"
-	sed -i "s|SUPPORT_URL: .*|SUPPORT_URL: '#',|g" $INT_CONF
+    sed -i "s|SUPPORT_URL: .*|SUPPORT_URL: '#',|g" "$INT_CONF"
-	#Logo 2
+    #Logo 2
-	sed -i "s|watermark.png|watermark2.png|g" $INT_CONF
+    sed -i "s|watermark.png|watermark2.png|g" "$INT_CONF"
    sed -i "s|watermark.svg|watermark2.png|g" "$INT_CONF"
 fi
--- a/jra_nextcloud.sh
+++ b/jra_nextcloud.sh
@ -1,31 +1,32 @@
 #!/bin/bash
 # JRA (Jibri Recordings Access) via Nextcloud
-# SwITNet Ltd © - 2020, https://switnet.net/
+# SwITNet Ltd © - 2024, https://switnet.net/
 # GPLv3 or later.
 while getopts m: option
 do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
-		\?) echo "Usage: sudo ./jra_nextcloud.sh [-m debug]" && exit;;
+		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
 	esac
 done
 #DEBUG
 if [ "$MODE" = "debug" ]; then
-set -x
+    set -x
 fi
-if ! [ $(id -u) = 0 ]; then
+if ! [ "$(id -u)" = 0 ]; then
   echo "You need to be root or have sudo privileges!"
   exit 0
 fi
 exit_if_not_installed() {
-if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" != "1" ]; then
+if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then
-	echo " This instance doesn't have $1 installed, exiting..."
+    echo " This instance doesn't have $1 installed, exiting..."
-	echo " If you think this is an error, please report to:
+    echo " If you think this is an error, please report to:
-    -> https://github.com/switnet-ltd/quick-jibri-installer/issues "
+    -> https://forge.switnet.net/switnet/quick-jibri-installer/issues "
-	exit
+    exit
 fi
 }
 clear
@ -36,16 +37,16 @@ echo -e '\n
                    by Software, IT & Networks Ltd
 \n'
 exit_if_not_installed jitsi-meet
 ## APT checks
 apt-get update -q2
 # Manually add prerequisites.
 apt-get install -y curl letsencrypt nginx
-DISTRO_RELEASE="$(lsb_release -sc)"
+MIN_PHP="8.2"
-DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
+DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
-PHP_REPO=$(apt-cache policy | grep http | grep php | head -n 1 | awk '{print $2}' | cut -d "/" -f5)
+PSGVER="$(apt-cache madison postgresql|tr -d '[:blank:]'|awk -F'[|+]' 'NR==1{print $2}')"
-PHPVER="7.4"
+NC_NGINX_SSL_PORT="$(grep "listen 44" /etc/nginx/sites-available/"$DOMAIN".conf | awk '{print$2}')"
-PSGVER="$(apt-cache madison postgresql | head -n1 | awk '{print $3}' | cut -d "+" -f1)"
+[ -z "$NC_NGINX_SSL_PORT" ] && NC_NGINX_SSL_PORT="443"
 PHP_FPM_DIR="/etc/php/$PHPVER/fpm"
 PHP_INI="$PHP_FPM_DIR/php.ini"
 PHP_CONF="/etc/php/$PHPVER/fpm/pool.d/www.conf"
 NC_NGINX_SSL_PORT="$(grep "listen 44" /etc/nginx/sites-enabled/$DOMAIN.conf | awk '{print$2}')"
 NC_REPO="https://download.nextcloud.com/server/releases"
 NCVERSION="$(curl -s -m 900 $NC_REPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)"
 STABLEVERSION="nextcloud-$NCVERSION"
@ -54,54 +55,111 @@ NC_CONFIG="$NC_PATH/config/config.php"
 NC_DB_USER="nextcloud_user"
 NC_DB="nextcloud_db"
 NC_DB_PASSWD="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)"
-DIR_RECORD="$(grep -nr RECORDING /home/jibri/finalize_recording.sh|head -n1|cut -d "=" -f2)"
+DIR_RECORD="$(awk  -F '"' '/RECORDING/{print$2}'  /home/jibri/finalize_recording.sh|awk 'NR==1{print$1}')"
 REDIS_CONF="/etc/redis/redis.conf"
 JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
-if [ -f $JITSI_MEET_PROXY ];then
+[ -f "$JITSI_MEET_PROXY" ] && PREAD_PROXY=$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" -f1)
-PREAD_PROXY=$(grep -nr "preread_server_name" $JITSI_MEET_PROXY | cut -d ":" -f1)
+PUBLIC_IP="$(dig -4 +short myip.opendns.com @resolver1.opendns.com)"
-fi
+ISO3166_CODE=TBD
 NL="$(printf '\n  ')"
-while [[ -z "$NC_DOMAIN" ]]
+
-do
+exit_ifinstalled() {
-read -p "Please enter the domain to use for Nextcloud: " -r NC_DOMAIN
+if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
-if [ -z "$NC_DOMAIN" ];then
+    echo " This instance already has $1 installed, exiting..."
-	echo "-- This field is mandatory."
+    echo " If you think this is an error, please report to:
-elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then
+    -> https://forge.switnet.net/switnet/quick-jibri-installer/issues "
-	echo "-- You can not use the same domain for both, Jitsi Meet and JRA via Nextcloud."
+    exit
 fi
 }
 install_ifnot() {
 if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
    echo " $1 is installed, skipping..."
 else
    echo -e "\n---- Installing $1 ----"
    apt-get -yq2 install "$1"
 fi
 }
 while [[ "$ANS_NCD" != "yes" ]]
 do
  read -p "> Please set your domain (or subdomain) here for Nextcloud: (e.g.: cloud.domain.com)$NL" -r NC_DOMAIN
  if [ -z "$NC_DOMAIN" ];then
    echo " - This field is mandatory."
  elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then
    echo " - You can not use the same domain for both, Jitsi Meet and JRA via Nextcloud."
  fi
  read -p "  > Did you mean?: $NC_DOMAIN (yes or no)$NL" -r ANS_NCD
  if [ "$ANS_NCD" = "yes" ]; then
    echo "   - Alright, let's use $NC_DOMAIN."
  else
    echo "   - Please try again."
  fi
 done
 sleep .1
  #Simple DNS test
 if [ "$PUBLIC_IP" = "$(dig -4 +short "$NC_DOMAIN"|awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then
  echo -e "Server public IP  & DNS record for $NC_DOMAIN seems to match, continuing...\n\n"
  sleep .1
 else
  echo "Server public IP ($PUBLIC_IP) & DNS record for $NC_DOMAIN don't seem to match."
  echo "  > Please check your dns records are applied and updated, otherwise Nextcloud may fail."
  read -p "  > Do you want to continue?: (yes or no)$NL" -r DNS_CONTINUE
  if [ "$DNS_CONTINUE" = "yes" ]; then
    echo "  - We'll continue anyway..."
  else
    echo "  - Exiting for now..."
  exit
  fi
 fi
 sleep .1
 NC_NGINX_CONF="/etc/nginx/sites-available/$NC_DOMAIN.conf"
-while [[ -z "$NC_USER" ]]
+while [ -z "$NC_USER" ]
 do
-read -p "Nextcloud user: " -r NC_USER
+    read -p "Nextcloud user: " -r NC_USER
-if [ -z "$NC_USER" ]; then
+    if [ -z "$NC_USER" ]; then
-	echo "-- This field is mandatory."
+        echo " - This field is mandatory."
-fi
+    fi
 done
-while [ -z "$NC_PASS" ]  || [ ${#NC_PASS} -lt 6 ]
+sleep .1
 while [ -z "$NC_PASS" ]  || [ ${#NC_PASS} -lt 8 ]
 do
-read -p "Nextcloud user password: " -r NC_PASS
+    read -p "Nextcloud user password: " -r NC_PASS
-
+    if [ -z "$NC_PASS" ] || [ ${#NC_PASS} -lt 8 ]; then
-if [ -z "$NC_PASS" ] || [ ${#NC_PASS} -lt 6 ]; then
+        echo -e " - This field is mandatory. \nPlease make sure it's at least 8 characters.\n"
-	echo -e "-- This field is mandatory. \nPlease make sure it's at least 6 caracters.\n"
+    fi
 fi
 done
 sleep .1
 #Enable HSTS
-while [[ "$ENABLE_HSTS" != "yes" && "$ENABLE_HSTS" != "no" ]]
+while [ "$ENABLE_HSTS" != "yes" ] && [ "$ENABLE_HSTS" != "no" ]
 do
-read -p "> Do you want to enable HSTS for this domain?: (yes or no)
+    read -p "> Do you want to enable HSTS for this domain?: (yes or no)
  Be aware this option apply mid-term effects on the domain, choose \"no\"
-  in case you don't know what you are doing. More at https://hstspreload.org/"$'\n' -r ENABLE_HSTS
+  in case you don't know what you are doing. More at https://hstspreload.org/$NL" -r ENABLE_HSTS
-if [ "$ENABLE_HSTS" = "no" ]; then
+    if [ "$ENABLE_HSTS" = "no" ]; then
-	echo "-- HSTS won't be enabled."
+        echo " - HSTS won't be enabled."
-elif [ "$ENABLE_HSTS" = "yes" ]; then
+    elif [ "$ENABLE_HSTS" = "yes" ]; then
-	echo "-- HSTS will be enabled."
+        echo " - HSTS will be enabled."
-fi
+    fi
 done
-
+sleep .1
 echo -e "#Default country phone code\n
 > Starting at Nextcloud 21.x it's required to set a default country phone ISO 3166-1 alpha-2 code.\n
 >>> https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements  <<<\n"
 sleep .1
 while [ ${#ISO3166_CODE} -gt 2 ];
 do
 echo -e "Some examples might be: Germany > DE | Mexico > MX | Spain > ES | USA > US\n
 Do you want to set such code for your installation?"
 sleep .1
 read -p "Leave empty if you don't want to set any: " -r ISO3166_CODE
  if [ ${#ISO3166_CODE} -gt 2 ]; then
    echo -e "\n-- This code is only 2 characters long, please check your input.\n"
  fi
 done
 sleep .1
 echo -e "\n# Check for jitsi-meet/jibri\n"
 if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ] || \
-   [ -f /etc/prosody/conf.d/$DOMAIN.conf ]; then
+   [ -f /etc/prosody/conf.d/"$DOMAIN".conf ]; then
    echo "jitsi meet/jibri is installed, checking version:"
    apt-show-versions jibri
 else
@ -109,308 +167,84 @@ else
    exit
 fi
 exit_ifinstalled() {
 if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
 	echo " This instance already has $1 installed, exiting..."
 	echo " If you think this is an error, please report to:
    -> https://github.com/switnet-ltd/quick-jibri-installer/issues "
 	exit
 fi
 }
 install_ifnot() {
 if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
 	echo " $1 is installed, skipping..."
    else
    	echo -e "\n---- Installing $1 ----"
 		apt-get -yq2 install $1
 fi
 }
 add_php74() {
 	if [ "$PHP_REPO" = "php" ]; then
 		echo "PHP $PHPVER already installed"
 		apt-get -q2 update
 		apt-get -yq2 dist-upgrade
 	else
 		echo "# Adding Ondrej PHP $PHPVER PPA Repository"
 		apt-key adv --recv-keys --keyserver keyserver.ubuntu.com E5267A6C
 		echo "deb [arch=amd64] http://ppa.launchpad.net/ondrej/php/ubuntu $DISTRO_RELEASE main" > /etc/apt/sources.list.d/php7x.list
 		apt-get update -q2
 	fi
 }
 #Prevent root folder permission issues
-cp $PWD/files/jra-nc-app-ef.json /tmp
+cp "$PWD"/files/jra-nc-app-ef.json /tmp
-exit_ifinstalled postgresql-$PSGVER
+exit_ifinstalled postgresql-"$PSGVER"
 ## Install software requirements
 # PostgresSQL
-install_ifnot postgresql-$PSGVER
+install_ifnot postgresql-"$PSGVER"
 # PHP 7.4
 add_php74
 apt-get install -y \
            php$PHPVER-fpm \
            php$PHPVER-bcmath \
            php$PHPVER-bz2 \
            php$PHPVER-curl \
            php$PHPVER-gd \
            php$PHPVER-gmp \
            php$PHPVER-intl \
            php$PHPVER-json \
            php$PHPVER-ldap \
            php$PHPVER-mbstring \
            php$PHPVER-pgsql \
            php$PHPVER-soap \
            php$PHPVER-xml \
            php$PHPVER-xmlrpc \
            php$PHPVER-zip \
            php-imagick \
            php-redis \
            redis-server \
            unzip
-#System related
+#--------------------------------------------------
-install_ifnot smbclient
+# Prepare PHP
-sed -i "s|.*env\[HOSTNAME\].*|env\[HOSTNAME\] = \$HOSTNAME|" $PHP_CONF
+#--------------------------------------------------
 sed -i "s|.*env\[PATH\].*|env\[PATH\] = /usr/local/bin:/usr/bin:/bin|" $PHP_CONF
 sed -i "s|.*env\[TMP\].*|env\[TMP\] = /tmp|" $PHP_CONF
 sed -i "s|.*env\[TMPDIR\].*|env\[TMPDIR\] = /tmp|" $PHP_CONF
 sed -i "s|.*env\[TEMP\].*|env\[TEMP\] = /tmp|" $PHP_CONF
 sed -i "s|;clear_env = no|clear_env = no|" $PHP_CONF
-echo "
+if [ "$MODE" = "debug" ]; then
-Tunning PHP.ini...
+    bash -x "$PWD"/tools/prepare_php.sh "$MIN_PHP"
-"
+else
-# Change values in php.ini (increase max file size)
+    bash "$PWD"/tools/prepare_php.sh "$MIN_PHP"
-# max_execution_time
+fi
 sed -i "s|max_execution_time =.*|max_execution_time = 3500|g" "$PHP_INI"
 # max_input_time
 sed -i "s|max_input_time =.*|max_input_time = 3600|g" "$PHP_INI"
 # memory_limit
 sed -i "s|memory_limit =.*|memory_limit = 512M|g" "$PHP_INI"
 # post_max
 sed -i "s|post_max_size =.*|post_max_size = 1025M|g" "$PHP_INI"
 # upload_max
 sed -i "s|upload_max_filesize =.*|upload_max_filesize = 1024M|g" "$PHP_INI"
 phpenmod opcache
 {
 echo "# OPcache settings for Nextcloud"
 echo "opcache.enable=1"
 echo "opcache.enable_cli=1"
 echo "opcache.interned_strings_buffer=8"
 echo "opcache.max_accelerated_files=10000"
 echo "opcache.memory_consumption=256"
 echo "opcache.save_comments=1"
 echo "opcache.revalidate_freq=1"
 echo "opcache.validate_timestamps=1"
 } >> "$PHP_INI"
 systemctl restart php$PHPVER-fpm.service
 #--------------------------------------------------
 # Create DB user
 #--------------------------------------------------
 echo -e "\n---- Creating the PgSQL DB & User  ----"
 cd /tmp
 sudo -u postgres psql <<DB
 CREATE DATABASE nextcloud_db;
 CREATE USER ${NC_DB_USER} WITH ENCRYPTED PASSWORD '${NC_DB_PASSWD}';
 GRANT ALL PRIVILEGES ON DATABASE ${NC_DB} TO ${NC_DB_USER};
 DB
-echo "Done!
+echo -e "\nDone!\n"
 "
-#nginx - configuration
+# Add .mjs as a file extension for javascript
-cat << NC_NGINX > $NC_NGINX_CONF
+sed -i "/application\/javascript/s|js.*;|js mjs;|" /etc/nginx/mime.types
 #nextcloud config
 upstream php-handler {
    #server 127.0.0.1:9000;
    server unix:/run/php/php${PHPVER}-fpm.sock;
 }
-server {
+# nginx conf setup.
-    listen 80;
+cp files/nextcloud.conf "$NC_NGINX_CONF"
-    listen [::]:80;
+sed -i "s|_PHPVER|$MIN_PHP|g" "$NC_NGINX_CONF"
-    server_name $NC_DOMAIN;
+sed -i "s|_NC_DOMAIN|$NC_DOMAIN|g" "$NC_NGINX_CONF"
-    # enforce https
+sed -i "s|_NC_NGINX_SSL_PORT|$NC_NGINX_SSL_PORT|g" "$NC_NGINX_CONF"
-    return 301 https://\$server_name\$request_uri;
+sed -i "s|_NC_PATH|$NC_PATH|g" "$NC_NGINX_CONF"
 }
 server {
    listen $NC_NGINX_SSL_PORT ssl http2;
    listen [::]:$NC_NGINX_SSL_PORT ssl http2;
    server_name $NC_DOMAIN;
    ssl_certificate /etc/letsencrypt/live/$NC_DOMAIN/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/$NC_DOMAIN/privkey.pem;
    # Add headers to serve security related headers
    # Before enabling Strict-Transport-Security headers please read into this
    # topic first.
    # add_header Strict-Transport-Security "max-age=15552000; includeSubDomains; preload;";
    #
    # WARNING: Only add the preload option once you read about
    # the consequences in https://hstspreload.org/. This option
    # will add the domain to a hardcoded list that is shipped
    # in all major browsers and getting removed from this list
    # could take several months.
    add_header Referrer-Policy "no-referrer" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-Download-Options "noopen" always;
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-Permitted-Cross-Domain-Policies "none" always;
    add_header X-Robots-Tag "none" always;
    add_header X-XSS-Protection "1; mode=block" always;
    # Path to the root of your installation
    root $NC_PATH/;
    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }
    # The following 2 rules are only needed for the user_webfinger app.
    # Uncomment it if you're planning to use this app.
    #rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
    #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
    # last;
    location = /.well-known/carddav {
      return 301 \$scheme://\$host/remote.php/dav;
    }
    location = /.well-known/caldav {
      return 301 \$scheme://\$host/remote.php/dav;
    }    
    location ~ /.well-known/acme-challenge {
      allow all;
    }
    # set max upload size
    client_max_body_size 1024M;
    fastcgi_buffers 64 4K;
    # Enable gzip but do not remove ETag headers
    gzip on;
    gzip_vary on;
    gzip_comp_level 4;
    gzip_min_length 256;
    gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
    gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
    # Uncomment if your server is built with the ngx_pagespeed module
    # This module is currently not supported.
    #pagespeed off;
    location / {
        rewrite ^ /index.php\$uri;
    }
    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
        deny all;
    }
    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
        deny all;
    }
    location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:\$|/) {
        fastcgi_split_path_info ^(.+\.php)(/.*)\$;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
        fastcgi_param PATH_INFO \$fastcgi_path_info;
        fastcgi_param HTTPS on;
        #Avoid sending the security headers twice
        fastcgi_param modHeadersAvailable true;
        fastcgi_param front_controller_active true;
        fastcgi_pass php-handler;
        fastcgi_intercept_errors on;
        fastcgi_request_buffering off;
        fastcgi_read_timeout 300;
    }
    location ~ ^/(?:updater|ocs-provider)(?:\$|/) {
        try_files \$uri/ =404;
        index index.php;
    }
    # Adding the cache control header for js and css files
    # Make sure it is BELOW the PHP block
    location ~ \.(?:css|js|woff|svg|gif)\$ {
        try_files \$uri /index.php\$uri\$is_args\$args;
        add_header Cache-Control "public, max-age=15778463";
        # Add headers to serve security related headers (It is intended to
        # have those duplicated to the ones above)
        # Before enabling Strict-Transport-Security headers please read into
        # this topic first.
        # add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
        #
        # WARNING: Only add the preload option once you read about
        # the consequences in https://hstspreload.org/. This option
        # will add the domain to a hardcoded list that is shipped
        # in all major browsers and getting removed from this list
        # could take several months.
        add_header Referrer-Policy "no-referrer" always;
        add_header X-Content-Type-Options "nosniff" always;
        add_header X-Download-Options "noopen" always;
        add_header X-Frame-Options "SAMEORIGIN" always;
        add_header X-Permitted-Cross-Domain-Policies "none" always;
        add_header X-Robots-Tag "none" always;
        add_header X-XSS-Protection "1; mode=block" always;
        # Optional: Don't log access to assets
        access_log off;
    }
    location ~ \.(?:png|html|ttf|ico|jpg|jpeg)\$ {
        try_files \$uri /index.php\$uri\$is_args\$args;
        # Optional: Don't log access to other assets
        access_log off;
    }
 }
 NC_NGINX
 systemctl stop nginx
-letsencrypt certonly --standalone --renew-by-default --agree-tos -d $NC_DOMAIN
+letsencrypt certonly --standalone --renew-by-default --agree-tos -d "$NC_DOMAIN"
-if [ -f /etc/letsencrypt/live/$NC_DOMAIN/fullchain.pem ];then
+if [ -f /etc/letsencrypt/live/"$NC_DOMAIN"/fullchain.pem ];then
-	ln -s $NC_NGINX_CONF /etc/nginx/sites-enabled/
+    ln -s "$NC_NGINX_CONF" /etc/nginx/sites-enabled/
 else
-	echo "There are issues on getting the SSL certs..."
+    echo "There are issues on getting the SSL certs..."
-	read -n 1 -s -r -p "Press any key to continue"
+    read -n 1 -s -r -p "Press any key to continue"
 fi
 nginx -t
 systemctl restart nginx
 if [ "$ENABLE_HSTS" = "yes" ]; then
-sed -i "s|# add_header Strict-Transport-Security|add_header Strict-Transport-Security|g" $NC_NGINX_CONF
+    sed -i "s|#add_header Strict-Transport-Security|add_header Strict-Transport-Security|g" "$NC_NGINX_CONF"
 fi
-if [ "$DISTRO_RELEASE" != "xenial" ] && [ -z $PREAD_PROXY ]; then
+if [ -n "$PREAD_PROXY" ]; then
-echo "
+    echo "
  Setting up Nextcloud domain on Jitsi Meet turn proxy
 "
-	sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" $JITSI_MEET_PROXY
+    sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" "$JITSI_MEET_PROXY"
-	sed -i "/server {/i \ \ \ \ \ \ $DOMAIN      web;" $JITSI_MEET_PROXY
+    sed -i "/server {/i \ \ \ \ \ \ $DOMAIN      web;" "$JITSI_MEET_PROXY"
-	sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" $JITSI_MEET_PROXY
+    sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" "$JITSI_MEET_PROXY"
-	sed -i "/server {/i \ \ }" $JITSI_MEET_PROXY
+    sed -i "/server {/i \ \ }" "$JITSI_MEET_PROXY"
 fi
-echo "
+echo -e "\n  Latest version to be installed: $STABLEVERSION
-  Latest version to be installed: $STABLEVERSION
+  (This might take sometime, please be patient...)\n"
-  (This might take sometime, please be patient...)
+curl -s "$NC_REPO"/"$STABLEVERSION".zip > /tmp/"$STABLEVERSION".zip
-"
+unzip -q /tmp/"$STABLEVERSION".zip
-curl -s $NC_REPO/$STABLEVERSION.zip > /tmp/$STABLEVERSION.zip
+mv nextcloud "$NC_PATH"
 unzip -q /tmp/$STABLEVERSION.zip
 mv nextcloud $NC_PATH
-chown -R www-data:www-data $NC_PATH
+chown -R www-data:www-data "$NC_PATH"
-chmod -R 755 $NC_PATH
+chmod -R 755 "$NC_PATH"
-echo "
+echo -e "\nDatabase installation...\n"
-Database installation...
+sudo -u www-data php$MIN_PHP "$NC_PATH"/occ maintenance:install \
 "
 sudo -u www-data php $NC_PATH/occ maintenance:install \
 --database=pgsql \
 --database-name="$NC_DB" \
 --database-user="$NC_DB_USER" \
@ -418,64 +252,57 @@ sudo -u www-data php $NC_PATH/occ maintenance:install \
 --admin-user="$NC_USER" \
 --admin-pass="$NC_PASS"
-echo "
+echo -e "\nApply custom mods...\n"
-Apply custom mods...
+sed -i "/datadirectory/a \ \ \'skeletondirectory\' => \'\'," "$NC_CONFIG"
-"
+sed -i "/skeletondirectory/a \ \ \'simpleSignUpLink.shown\' => false," "$NC_CONFIG"
-sed -i "/datadirectory/a \ \ \'skeletondirectory\' => \'\'," $NC_CONFIG
+sed -i "/simpleSignUpLink.shown/a \ \ \'knowledgebaseenabled\' => false," "$NC_CONFIG"
-sed -i "/skeletondirectory/a \ \ \'simpleSignUpLink.shown\' => false," $NC_CONFIG
+sed -i "s|http://localhost|https://$NC_DOMAIN|" "$NC_CONFIG"
 sed -i "/simpleSignUpLink.shown/a \ \ \'knowledgebaseenabled\' => false," $NC_CONFIG
 sed -i "s|http://localhost|http://$NC_DOMAIN|" $NC_CONFIG
-echo "Add crontab..."
+echo -e "\nAdd crontab...\n"
-crontab -u www-data -l | { cat; echo "*/5  *  *  *  * php -f $NC_PATH/cron.php"; } | crontab -u www-data -
+crontab -u www-data -l | { cat; echo "*/5  *  *  *  * php$MIN_PHP -f $NC_PATH/cron.php"; } | crontab -u www-data -
-echo "
+echo -e "\nAdd memcache support...\n"
-Add memcache support...
+sed -i "s|# unixsocket .*|unixsocket /var/run/redis/redis.sock|g" "$REDIS_CONF"
-"
+sed -i "s|# unixsocketperm .*|unixsocketperm 777|g" "$REDIS_CONF"
-sed -i "s|# unixsocket .*|unixsocket /var/run/redis/redis.sock|g" $REDIS_CONF
+sed -i "s|port 6379|port 0|" "$REDIS_CONF"
 sed -i "s|# unixsocketperm .*|unixsocketperm 777|g" $REDIS_CONF
 sed -i "s|port 6379|port 0|" $REDIS_CONF
 systemctl restart redis-server
-echo "--> Setting config.php..."
+echo -e "\n--> Setting config.php...\n"
-sed -i "/);/i \ \ 'filelocking.enabled' => 'true'," $NC_CONFIG
+if [ -n "$ISO3166_CODE" ]; then
-sed -i "/);/i \ \ 'memcache.locking' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG
+  sed -i "/);/i \ \ 'default_phone_region' => '$ISO3166_CODE'," "$NC_CONFIG"
-sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG
+fi
-sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG
+sed -i "/);/i \ \ 'filelocking.enabled' => 'true'," "$NC_CONFIG"
-sed -i "/);/i \ \ 'memcache.distributed' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG
+sed -i "/);/i \ \ 'memcache.locking' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG"
-sed -i "/);/i \ \ 'redis' =>" $NC_CONFIG
+sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG"
-sed -i "/);/i \ \ \ \ array (" $NC_CONFIG
+sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG"
-sed -i "/);/i \ \ \ \ \ 'host' => '/var/run/redis/redis.sock'," $NC_CONFIG
+sed -i "/);/i \ \ 'memcache.distributed' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG"
-sed -i "/);/i \ \ \ \ \ 'port' => 0," $NC_CONFIG
+sed -i "/);/i \ \ 'redis' =>" "$NC_CONFIG"
-sed -i "/);/i \ \ \ \ \ 'timeout' => 0," $NC_CONFIG
+sed -i "/);/i \ \ \ \ array (" "$NC_CONFIG"
-sed -i "/);/i \ \ )," $NC_CONFIG
+sed -i "/);/i \ \ \ \ \ 'host' => '/var/run/redis/redis.sock'," "$NC_CONFIG"
-echo "Done
+sed -i "/);/i \ \ \ \ \ 'port' => 0," "$NC_CONFIG"
-"
+sed -i "/);/i \ \ \ \ \ 'timeout' => 0," "$NC_CONFIG"
-echo "
+sed -i "/);/i \ \ )," "$NC_CONFIG"
-Addding & Setting up Files External App for Local storage...
+echo -e "Done\n"
-"
+
-sudo -u www-data php $NC_PATH/occ app:install files_external
+echo -e "\nAddding & Setting up Files External App for Local storage...\n"
-sudo -u www-data php $NC_PATH/occ app:enable files_external
+sudo -u www-data php$MIN_PHP "$NC_PATH"/occ app:install files_external
-sudo -u www-data php $NC_PATH/occ files_external:import /tmp/jra-nc-app-ef.json
+sudo -u www-data php$MIN_PHP "$NC_PATH"/occ app:enable files_external
 sudo -u www-data php$MIN_PHP "$NC_PATH"/occ app:disable support
 sudo -u www-data php$MIN_PHP "$NC_PATH"/occ files_external:import /tmp/jra-nc-app-ef.json
 usermod -a -G jibri www-data
-chmod -R 770 $DIR_RECORD
+chmod -R 770 "$DIR_RECORD"
-chmod -R g+s $DIR_RECORD
+chmod -R g+s "$DIR_RECORD"
-echo "
+echo -e "\nFixing possible missing tables...\n\n"
-Fixing possible missing tables...
+echo "y"|sudo -u www-data php$MIN_PHP "$NC_PATH"/occ db:convert-filecache-bigint
-"
+sudo -u www-data php$MIN_PHP "$NC_PATH"/occ db:add-missing-indices
-echo "y"|sudo -u www-data php $NC_PATH/occ db:convert-filecache-bigint
+sudo -u www-data php$MIN_PHP "$NC_PATH"/occ db:add-missing-columns
 sudo -u www-data php $NC_PATH/occ db:add-missing-indices
 sudo -u www-data php $NC_PATH/occ db:add-missing-columns
-echo "
+echo -e "\nAdding trusted domain...\n"
-Adding trusted domain...
+sudo -u www-data php$MIN_PHP "$NC_PATH"/occ config:system:set trusted_domains 0 --value="$NC_DOMAIN"
 "
 sudo -u www-data php $NC_PATH/occ config:system:set trusted_domains 0 --value=$NC_DOMAIN
-echo "Setting JRA domain on jitsi-updater.sh"
+echo -e "\nSetting JRA domain on jitsi-updater.sh\n"
 cd ~/quick-jibri-installer
 sed -i "s|NC_DOMAIN=.*|NC_DOMAIN=\"$NC_DOMAIN\"|" jitsi-updater.sh
-echo "Quick Nextcloud installation complete!"
+echo -e "\nQuick Nextcloud installation complete!\n"
--- a/mode/chp-mode.sh
+++ b/mode/chp-mode.sh
@ -1,20 +1,14 @@
 #!/bin/bash
 # Custom High Performance Jitsi conf
-# SwITNet Ltd © - 2020, https://switnet.net/
+# SwITNet Ltd © - 2024, https://switnet.net/
 # GPLv3 or later.
 #Check if user is root
 if ! [ $(id -u) = 0 ]; then
   echo "You need to be root or have privileges!"
   exit 0
 fi
 while getopts m: option
 do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
-		\?) echo "Usage: sudo ./chp-mode.sh [-m debug]" && exit;;
+		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
 	esac
 done
@ -23,6 +17,12 @@ if [ "$MODE" = "debug" ]; then
 set -x
 fi
 #Check if user is root
 if ! [ "$(id -u)" = 0 ]; then
   echo "You need to be root or have privileges!"
   exit 0
 fi
 wait_seconds() {
 secs=$(($1))
 while [ $secs -gt 0 ]; do
@ -31,9 +31,20 @@ while [ $secs -gt 0 ]; do
   : $((secs--))
 done
 }
 set_once() {
 if ! grep -q "$(awk '!/^ *#/ && NF {print}' "$2"|grep "$(awk -F '=' '{print$1}' <<< "$1")")" ; then
  echo "Setting $1 on $2..."
  echo "$1" | tee -a "$2"
 else
  echo " \"$(echo "$1"|awk -F '=' '{print$1}')\" seems present, skipping setting this variable"
 fi
 }
 # True if $1 is greater than $2
 version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
 LTS_REL="$(lsb_release -d | awk '{print$4}')"
-DOMAIN="$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')"
+DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
 JVB_LOG_POP="/etc/jitsi/videobridge/logging.properties"
 JVB_RC="/usr/share/jitsi-videobridge/lib/videobridge.rc"
 JICOFO_LOG_POP="/etc/jitsi/videobridge/logging.properties"
@ -42,10 +53,17 @@ MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
 MEET_CONF_HP="/etc/jitsi/meet/${DOMAIN}-chp-config.js"
 INT_CONF_JS="/etc/jitsi/meet/${DOMAIN}-interface_config.js"
 INT_CONF_JS_HP="/etc/jitsi/meet/${DOMAIN}-chp-interface_config.js"
-WS_CONF="/etc/nginx/sites-enabled/$DOMAIN.conf"
+WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
-FSTAB="/etc/fstab"
+CHAT_DISABLED="TBD"
-if [ -z $LTS_REL ] || [ -z $DOMAIN ];then
+if [ -f "$MEET_CONF_HP" ] || [ -f "$INT_CONF_JS_HP" ]; then
 echo "
 This script can't be run multiple times on the same system,
 idempotence not guaranteed, exiting..."
 exit
 fi
 if [ -z "$LTS_REL" ] || [ -z "$DOMAIN" ];then
 echo "This system isn't suitable to configure."
 exit
  else
@ -61,8 +79,20 @@ Overview:
   * jicofo logging
   * meet logging
 - Modify UX by changing session configuration & toolbar.
- 
+ - Disable browsers not compatible with CHP,
-Try to avoid running multiple times on the same machine, idempotence not guaranteed."
+   * Safari
   * Firefox*
 "
 echo "# Note: As for January 2021 Firefox can't handle correctly widescreen sizing
 # on lower resolution than HD (nHD & qHD), setting as incompatible for now.
 # (If you know this is no longer the case. Please report it to \
 https://forge.switnet.net/switnet/quick-jibri-installer/issues)
 "
 #Tools to consider
 ##Profiling
 #https://github.com/jvm-profiling-tools/async-profiler
 while [[ "$CONTINUE_HP" != "yes" && "$CONTINUE_HP" != "no" ]]
    do
@ -75,108 +105,225 @@ while [[ "$CONTINUE_HP" != "yes" && "$CONTINUE_HP" != "no" ]]
    fi
 done
-#Tools to consider
+# Video resolution selector
-##Profiling
+echo "
-#https://github.com/jvm-profiling-tools/async-profiler
+#--------------------------------------------------
 # Conference widescreen video resolution.
 #--------------------------------------------------
 "
 echo "If you are using a high volume of users we recommend to use nHD (640x360),
 or at most qHD (960x540) resolution as default, since bandwith increase
 exponentially with the more concurrent users on a meeting.
 Either way, choose your desired video resolution.
 "
-#SYSTEM
+PS3='Select the desired resolution for high performance mode: '
-##Disable swap
+options=("nHD - 640x360" "qHD - 960x540" "HD - 1280x720")
-swapoff -a
+select opt in "${options[@]}"
-sed -ir  '/\sswap\s/s/^#?/#/' $FSTAB
+do
    case "$opt" in
        "nHD - 640x360")
            echo -e "\n  > Setting 640x360 resolution.\n"
            VID_RES="360"
            break
            ;;
        "qHD - 960x540")
            echo -e "\n  > Setting 960x540 resolution.\n"
            VID_RES="540"
            break
            ;;
        "HD - 1280x720")
            echo -e "\n  > Setting 1280x720 resolution.\n"
            VID_RES="720"
            break
            ;;
        *) echo "Invalid option $REPLY, choose 1, 2 or 3";;
    esac
 done
-##Kernel
+echo "
-#https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/5/html/tuning_and_optimizing_red_hat_enterprise_linux_for_oracle_9i_and_10g_databases/sect-oracle_9i_and_10g_tuning_guide-adjusting_network_settings-changing_network_kernel_settings
+# Disable Chat?
-sysctl -w net.core.rmem_default=262144
+> In case you have your own chat solution for the meetings you might
-sysctl -w net.core.wmem_default=262144
+wanna disable Jitsi's chat from the toolbox.
-sysctl -w net.core.rmem_max=262144
+"
-sysctl -w net.core.wmem_max=262144
+while [[ "$CHAT_DISABLED" != "yes" && \
-echo 'net.core.rmem_default=262144' | tee -a /etc/sysctl.conf
+         "$CHAT_DISABLED" != "no" && \
-echo 'net.core.wmem_default=262144' | tee -a /etc/sysctl.conf
+         "$CHAT_DISABLED" != "" ]]
-echo 'net.core.rmem_max=262144' | tee -a /etc/sysctl.conf
+do
-echo 'net.core.wmem_max=262144' | tee -a /etc/sysctl.conf
+echo "> Do you want to disable jitsi's built-in chat?: (yes or no)"
 read -p "(Also you can leave empty to disable)"$'\n' -r CHAT_DISABLED
 if [ "$CHAT_DISABLED" = "no" ]; then
 	echo -e "-- Jitsi's built-in chat will be kept active.\n"
 elif [ "$CHAT_DISABLED" = "yes" ] || [ -z "$CHAT_DISABLED" ]; then
 	echo -e "-- Jitsi's built-in chat will be disabled. \n"
 fi
 done
-#https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_for_real_time/7/html/tuning_guide/reduce_tcp_performance_spikes
+## JMS system tune up
-sysctl -w net.ipv4.tcp_timestamps=0
+if [ "$MODE" = "debug" ]; then
-echo 'net.ipv4.tcp_timestamps=0' | tee -a /etc/sysctl.conf
+    bash "$PWD"/jms-stu.sh -m debug
-
+else
-#https://bugzilla.redhat.com/show_bug.cgi?id=1283676
+    bash "$PWD"/jms-stu.sh
-sysctl -w net.core.netdev_max_backlog=100000
+fi
 echo 'net.core.netdev_max_backlog=100000' | tee -a /etc/sysctl.conf
 ##nginx
 sed -i "s|worker_connections.*|worker_connections 2000;|" /etc/nginx/nginx.conf
 #Missing docs
 #sysctl -w net.ipv4.tcp_low_latency=1
 #JVB2
-##Loose up logging 
+##Loose up logging
 # https://community.jitsi.org/t/23641/13
-sed -i "/java.util.logging.FileHandler.level/s|ALL|WARNING|g" $JVB_LOG_POP
+sed -i "/java.util.logging.FileHandler.level/s|ALL|WARNING|g" "$JVB_LOG_POP"
-sed -i "s|^.level=INFO|.level=WARNING|" $JVB_LOG_POP
+sed -i "s|^.level=INFO|.level=WARNING|" "$JVB_LOG_POP"
-sed -i "/VIDEOBRIDGE_MAX_MEMORY=/i \ VIDEOBRIDGE_MAX_MEMORY=8192m" $JVB_RC
+sed -i "/VIDEOBRIDGE_MAX_MEMORY=/i \ VIDEOBRIDGE_MAX_MEMORY=8192m" "$JVB_RC"
 #JICOFO
-sed -i "/java.util.logging.FileHandler.level/s|ALL|OFF|g" $JICOFO_LOG_POP
+sed -i "/java.util.logging.FileHandler.level/s|ALL|OFF|g" "$JICOFO_LOG_POP"
-sed -i "s|^.level=INFO|.level=WARNING|" $JICOFO_LOG_POP
+sed -i "s|^.level=INFO|.level=WARNING|" "$JICOFO_LOG_POP"
 #MEET
-sed -i "s|defaultLogLevel:.*|defaultLogLevel: 'error',|" $MEET_LOG_CONF
+sed -i "s|defaultLogLevel:.*|defaultLogLevel: 'error',|" "$MEET_LOG_CONF"
-sed -i "/TraceablePeerConnection.js/s|info|error|" $MEET_LOG_CONF
+sed -i "/TraceablePeerConnection.js/s|info|error|" "$MEET_LOG_CONF"
-sed -i "/CallStats.js/s|info|error|" $MEET_LOG_CONF
+sed -i "/CallStats.js/s|info|error|" "$MEET_LOG_CONF"
-sed -i "/strophe.util.js/s|log|error|" $MEET_LOG_CONF
+sed -i "/strophe.util.js/s|log|error|" "$MEET_LOG_CONF"
 #UX - Room settings and interface
 ## config.js
-cp $MEET_CONF $MEET_CONF_HP
+cp "$MEET_CONF" "$MEET_CONF_HP"
-sed -i "s|// disableAudioLevels:.*|disableAudioLevels: true,|" $MEET_CONF_HP
+sed -i "s|// disableAudioLevels:.*|disableAudioLevels: true,|" "$MEET_CONF_HP"
-sed -i "s|enableNoAudioDetection:.*|enableNoAudioDetection: false,|" $MEET_CONF_HP
+sed -i "s|enableNoAudioDetection:.*|enableNoAudioDetection: false,|" "$MEET_CONF_HP"
-sed -i "s|enableNoisyMicDetection:.*|enableNoisyMicDetection: false,|" $MEET_CONF_HP
+sed -i "s|enableNoisyMicDetection:.*|enableNoisyMicDetection: false,|" "$MEET_CONF_HP"
-sed -i "s|startAudioMuted:.*|startAudioMuted: 5,|" $MEET_CONF_HP
+sed -i "s|startAudioMuted:.*|startAudioMuted: 5,|" "$MEET_CONF_HP"
-sed -i "s|// startVideoMuted:.*|startVideoMuted: 5,|" $MEET_CONF_HP
+sed -i "s|// startVideoMuted:.*|startVideoMuted: 5,|" "$MEET_CONF_HP"
-sed -i "s|startWithVideoMuted: true,|startWithVideoMuted: false,|" $MEET_CONF_HP
+sed -i "s|startWithVideoMuted: true,|startWithVideoMuted: false,|" "$MEET_CONF_HP"
-sed -i "s|channelLastN:.*|channelLastN: 10,|" $MEET_CONF_HP
+sed -i "s|channelLastN:.*|channelLastN: 10,|" "$MEET_CONF_HP"
-sed -i "s|// enableLayerSuspension:.*|enableLayerSuspension: true,|" $MEET_CONF_HP
+sed -i "s|// enableLayerSuspension:.*|enableLayerSuspension: true,|" "$MEET_CONF_HP"
-sed -i "s|// resolution:.*|resolution: 480,|" $MEET_CONF_HP
+sed -i "s|// apiLogLevels:.*|apiLogLevels: \['warn', 'error'],|" "$MEET_CONF_HP"
 sed -i "s|// apiLogLevels:.*|apiLogLevels: \['warn', 'error'],|" $MEET_CONF_HP
-sed -i "/w3c spec-compliant/,/disableSimulcast:/s|// constraints: {| constraints: {|" $MEET_CONF_HP
+if [ "$VID_RES" = "360" ]; then
-###Standar 4:3
+sed -i "/Start QJI/,/End QJI/d" "$MEET_CONF_HP"
-#sed -i "/w3c spec-compliant/,/disableSimulcast:/s|//     video: {|     video: {|" $MEET_CONF_HP
+sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" "$MEET_CONF_HP"
-###Widescreen 16:9
+sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 360," "$MEET_CONF_HP"
-sed -i "/w3c spec-compliant/,/disableSimulcast:/s|//     video: {|     video: {\\
+sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" "$MEET_CONF_HP"
-\ \ \ \ \ \ \ \ \ \ \ \ \ aspectRatio: 16 / 9,|" $MEET_CONF_HP
+sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," "$MEET_CONF_HP"
-sed -i "/w3c spec-compliant/,/disableSimulcast:/s|//         height: {|         height: {|" $MEET_CONF_HP
+sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" "$MEET_CONF_HP"
-sed -i "/w3c spec-compliant/,/disableSimulcast:/s|//             ideal:.*|             ideal: 480,|" $MEET_CONF_HP
+sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" "$MEET_CONF_HP"
-sed -i "/w3c spec-compliant/,/disableSimulcast:/s|//             max:.*|             max: 480,|" $MEET_CONF_HP
+sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 360," "$MEET_CONF_HP"
-sed -i "/w3c spec-compliant/,/disableSimulcast:/s|//             min:.*|             min:240|" $MEET_CONF_HP
+sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 360," "$MEET_CONF_HP"
-sed -i "/w3c spec-compliant/,/disableSimulcast:/s|//         }|         }|" $MEET_CONF_HP
+sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" "$MEET_CONF_HP"
-sed -i "/w3c spec-compliant/,/disableSimulcast:/s|//     }|     }|" $MEET_CONF_HP
+sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," "$MEET_CONF_HP"
-sed -i "/w3c spec-compliant/,/disableSimulcast:/s|// },| },|" $MEET_CONF_HP
+sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 640," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 640," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF_HP"
 fi
 if [ "$VID_RES" = "540" ]; then
 sed -i "/Start QJI/,/End QJI/d" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 540," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 540," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 540," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 960," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 960," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF_HP"
 fi
 if [ "$VID_RES" = "720" ]; then
 sed -i "/Start QJI/,/End QJI/d" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 720," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 720," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 720," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 1280," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 1280," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF_HP"
 sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF_HP"
 fi
 ## interface_config.js
-cp $INT_CONF_JS $INT_CONF_JS_HP
+cp "$INT_CONF_JS" "$INT_CONF_JS_HP"
-sed -i "s|CONNECTION_INDICATOR_DISABLED:.*|CONNECTION_INDICATOR_DISABLED: true,|" $INT_CONF_JS_HP
+sed -i "s|CONNECTION_INDICATOR_DISABLED:.*|CONNECTION_INDICATOR_DISABLED: true,|" "$INT_CONF_JS_HP"
-sed -i "s|DISABLE_DOMINANT_SPEAKER_INDICATOR:.*|DISABLE_DOMINANT_SPEAKER_INDICATOR: true,|" $INT_CONF_JS_HP
+sed -i "s|DISABLE_DOMINANT_SPEAKER_INDICATOR:.*|DISABLE_DOMINANT_SPEAKER_INDICATOR: true,|" "$INT_CONF_JS_HP"
-sed -i "s|DISABLE_FOCUS_INDICATOR:.*|DISABLE_FOCUS_INDICATOR: false,|" $INT_CONF_JS_HP
+sed -i "s|DISABLE_FOCUS_INDICATOR:.*|DISABLE_FOCUS_INDICATOR: false,|" "$INT_CONF_JS_HP"
-sed -i "s|DISABLE_JOIN_LEAVE_NOTIFICATIONS:.*|DISABLE_JOIN_LEAVE_NOTIFICATIONS: true,|" $INT_CONF_JS_HP
+sed -i "s|DISABLE_JOIN_LEAVE_NOTIFICATIONS:.*|DISABLE_JOIN_LEAVE_NOTIFICATIONS: true,|" "$INT_CONF_JS_HP"
-sed -i "s|DISABLE_VIDEO_BACKGROUND:.*|DISABLE_VIDEO_BACKGROUND: true,|" $INT_CONF_JS_HP
+sed -i "s|DISABLE_VIDEO_BACKGROUND:.*|DISABLE_VIDEO_BACKGROUND: true,|" "$INT_CONF_JS_HP"
-sed -i "s|OPTIMAL_BROWSERS: \[.*|OPTIMAL_BROWSERS: \[ 'chrome', 'chromium', 'electron' \],|" $INT_CONF_JS_HP
+sed -i "s|OPTIMAL_BROWSERS: \[.*|OPTIMAL_BROWSERS: \[ 'chrome', 'chromium', 'electron' \],|" "$INT_CONF_JS_HP"
-sed -i "s|UNSUPPORTED_BROWSERS: .*|UNSUPPORTED_BROWSERS: \[ 'nwjs', 'safari' \],|" $INT_CONF_JS_HP
+sed -i "s|UNSUPPORTED_BROWSERS: .*|UNSUPPORTED_BROWSERS: \[ 'nwjs', 'safari', 'firefox' \],|" "$INT_CONF_JS_HP"
 ### Toolbars
-sed -i "/^\s*TOOLBAR_BUTTONS*\]$/ s|^|//|; /^\s*TOOLBAR_BUTTONS/, /\],$/ s|^|//|" $INT_CONF_JS_HP
+if version_gt "$(apt-show-versions jitsi-meet|awk '{print$2}')" "2.0.5390-3" ; then
  #New toolbar in config.js
  sed -i "/\/\/ toolbarButtons:/i \ \ \ \ toolbarButtons:: \[" "$MEET_CONF_HP"
  sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," "$MEET_CONF_HP"
  if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then
    sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," "$MEET_CONF_HP"
  else
    sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," "$MEET_CONF_HP"
  fi
  sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," "$MEET_CONF_HP"
  sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," "$MEET_CONF_HP"
  sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'mute-video-everyone', 'security'" "$MEET_CONF_HP"
  sed -i "/\/\/ toolbarButtons:/i \ \ \ \ \]," "$MEET_CONF_HP"
 else
  #Old toolbar in interface.js (soon deprecated on newer versions)
  sed -i "/^\s*TOOLBAR_BUTTONS*\]$/ s|^|//|; /^\s*TOOLBAR_BUTTONS/, /\],$/ s|^|//|" "$INT_CONF_JS_HP"
-sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ TOOLBAR_BUTTONS: \[" $INT_CONF_JS_HP
+  sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ TOOLBAR_BUTTONS: \[" "$INT_CONF_JS_HP"
-sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," $INT_CONF_JS_HP
+  sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'microphone', 'camera', 'desktop', 'fullscreen'," "$INT_CONF_JS_HP"
-sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," $INT_CONF_JS_HP
+  if [ -z "$CHAT_DISABLED" ] || [ "$CHAT_DISABLED" = "yes" ]; then
-sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'etherpad', 'settings', 'raisehand'," $INT_CONF_JS_HP
+    sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'recording'," "$INT_CONF_JS_HP"
-sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," $INT_CONF_JS_HP
+  else
-sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'security'" $INT_CONF_JS_HP
+    sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording'," "$INT_CONF_JS_HP"
-sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \]," $INT_CONF_JS_HP
+  fi
  sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'livestreaming', 'etherpad', 'settings', 'raisehand'," "$INT_CONF_JS_HP"
  sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'videoquality', 'filmstrip', 'feedback'," "$INT_CONF_JS_HP"
  sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \ \ \ \ 'tileview', 'download', 'help', 'mute-everyone', 'mute-video-everyone', 'security'" "$INT_CONF_JS_HP"
  sed -i "/\/\/    TOOLBAR_BUTTONS/i \ \ \ \ \]," "$INT_CONF_JS_HP"
 fi
-sed -i "s|$MEET_CONF|$MEET_CONF_HP|g" $WS_CONF
+#Check config file
-sed -i "s|$INT_CONF_JS|$INT_CONF_JS_HP|" $WS_CONF
+echo -e "\n# Checking $MEET_CONF file for errors\n"
 CHECKJS_MEET_CHP="$(esvalidate "$MEET_CONF_HP"| cut -d ":" -f2)"
 if [ -z "$CHECKJS_MEET_CHP" ]; then
 echo -e "\n# The $MEET_CONF_HP configuration seems correct. =)\n"
 else
 echo -e "\n  Watch out!, there seems to be an issue on $MEET_CONF_HP line:
    $CHECKJS_MEET_CHP
  Most of the times this is due upstream changes, please report to
  https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
 fi
 CHECKJS_INT_CHP="$(esvalidate "$INT_CONF_JS_HP"| cut -d ":" -f2)"
 if [ -z "$CHECKJS_INT_CHP" ]; then
 echo -e "\n# The $INT_CONF_JS_HP configuration seems correct. =)\n"
 else
 echo -e "\n  Watch out!, there seems to be an issue on $INT_CONF_JS_HP line:
    $CHECKJS_INT_CHP
  Most of the times this is due upstream changes, please report to
  https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
 fi
 sed -i "s|$MEET_CONF|$MEET_CONF_HP|g" "$WS_CONF"
 sed -i "s|$INT_CONF_JS|$INT_CONF_JS_HP|" "$WS_CONF"
 nginx -t
 #systemctl restart nginx
--- a/mode/grid/selenium-grid-docker.sh
+++ b/mode/grid/selenium-grid-docker.sh
@ -1,11 +1,25 @@
 #!/bin/bash
 # Custom Selenium Grid-Node fro Jitsi Meet
 # Pandian © - https://community.jitsi.org/u/Pandian
-# SwITNet Ltd © - 2020, https://switnet.net/
+# SwITNet Ltd © - 2024, https://switnet.net/
 # GPLv3 or later.
 while getopts m: option
 do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
 	esac
 done
 #DEBUG
 if [ "$MODE" = "debug" ]; then
 set -x
 fi
 #Check if user is root
-if ! [ $(id -u) = 0 ]; then
+if ! [ "$(id -u)" = 0 ]; then
   echo "You need to be root or have sudo privileges!"
   exit 0
 fi
@ -14,7 +28,7 @@ WAN_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)"
 AV_SPACE="$(df -h .|grep -v File|awk '{print$4}'|sed -e 's|G||')"
 echo -e "\n-- Make sure you have at least 10GB of disk space available.\n"
-if [ $(echo "$AV_SPACE > 9" | bc) -ne 0 ]; then
+if [ "$(echo "$AV_SPACE > 9" | bc)" -ne 0 ]; then
  echo "> Seems we have enough disk space."
 else
  echo "> Please meet the minimum required disk space for this installer, exiting..."
@ -30,7 +44,7 @@ apt-get install -y \
                         wget \
                         unzip \
                         maven \
-                         openjdk-8-jdk
+                         openjdk-11-jdk
 # Docker
 curl -fsSL https://get.docker.com -o get-docker.sh
 sh get-docker.sh
@ -40,17 +54,17 @@ chmod +x /usr/local/bin/docker-compose
 ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
 # Jitsi Meet Torture
-cd /opt
+cd /opt || exit
 git clone https://github.com/jitsi/jitsi-meet-torture
-cd jitsi-meet-torture/resources
+cd jitsi-meet-torture/ || exit
-if [ -f FourPeople_1280x720_30.y4m ] ; then
+if [ -f resources/FourPeople_1280x720_30.y4m ] ; then
-echo "FourPeople_1280x720_30.y4m exists"
+  echo "FourPeople_1280x720_30.y4m exists"
 else
-echo "FourPeople_1280x720_30.y4m doesn't exists, getting a copy..."
+  echo "FourPeople_1280x720_30.y4m doesn't exists, getting a copy..."
-wget -c https://media.xiph.org/video/derf/y4m/FourPeople_1280x720_60.y4m
+  wget -c https://media.xiph.org/video/derf/y4m/FourPeople_1280x720_60.y4m
-cp FourPeople_1280x720_60.y4m FourPeople_1280x720_30.y4m
+  mv FourPeople_1280x720_60.y4m resources/
  cp resources/FourPeople_1280x720_60.y4m resources/FourPeople_1280x720_30.y4m
 fi
 cd ..
 #150 "participants" available
 ## Tested up to 120 with AWS c5.24xlarge
@ -133,7 +147,7 @@ SELENIUM_GRID_DOCKER
 docker-compose -f selenium.yml up -d
 echo -e "\n#=================== End of Seleniun Grid build ========================#\n"
-echo -e "\nChange the values acording to you test requirements using something like;\n"
+echo -e "\nChange the values according to you test requirements using something like;\n"
 echo "cd /opt/jitsi-meet-torture
 sudo bash /opt/jitsi-meet-torture/scripts/malleus.sh \\
                        --conferences=1 \\
@ -145,8 +159,8 @@ sudo bash /opt/jitsi-meet-torture/scripts/malleus.sh \\
                        --hub-url=http://localhost:4444/wd/hub \\
                        --instance-url=https://YOUR.JITSI-MEET-INSTANCE.DOMAIN
 "
-echo -e "\n-- If using 'hamertesting' as prefix name you can join the room 
+echo -e "\n-- If using 'hamertesting' as prefix name you can join the room
-hamertesting0, hamertesting1, hamertestingN 
+hamertesting0, hamertesting1, hamertestingN
 according to the 'N' number of conferences you have set to watch the test.
 *Beware* for 120 \"participants\" to join video-muted it was necessary at least a c5.24xlarge AWS instance.
--- a/mode/jms-stu.sh
+++ b/mode/jms-stu.sh
@ -0,0 +1,86 @@
 #!/bin/bash
 # System-tune-up to remove system software restrictions on a huge load of connections.
 # Be aware that hardware/infrastructure resources are the most common limiters.
 #
 # SwITNet Ltd © - 2024, https://switnet.net/
 # GPLv3 or later.
 while getopts m: option
 do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
 	esac
 done
 #DEBUG
 if [ "$MODE" = "debug" ]; then
 set -x
 fi
 #Check if user is root
 if ! [ "$(id -u)" = 0 ]; then
   echo "You need to be root or have privileges!"
   exit 0
 fi
 echo '
 #--------------------------------------------------
 # Starting system tune up configuration
 # for high performance
 #--------------------------------------------------
 '
 set_once_hash_comment() {
 if ! awk '!/^ *#/ && NF {print}' "$2"|grep -q "$(awk -F '=' '{print$1}' <<< "$1")" ; then
  echo "Setting $1 on $2..."
  echo "$1" | tee -a "$2"
 else
  echo "\"$(awk -F '=' '{print$1}' <<< "$1")\" seems already present, skipping setting this variable"
 fi
 }
 FSTAB=/etc/fstab
 ##Disable swap
 swapoff -a
 sed -r  '/\sswap\s/s/^#?/#/' -i "$FSTAB"
 ##Alternative swap tuning (need more documentation).
 #vm.swappiness=5
 #vm.vfs_cache_pressure=50
 ##Kernel
 #https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/5/html/tuning_and_optimizing_red_hat_enterprise_linux_for_oracle_9i_and_10g_databases/sect-oracle_9i_and_10g_tuning_guide-adjusting_network_settings-changing_network_kernel_settings
 sysctl -w net.core.rmem_default=262144
 sysctl -w net.core.wmem_default=262144
 sysctl -w net.core.rmem_max=262144
 sysctl -w net.core.wmem_max=262144
 set_once_hash_comment "net.core.rmem_default=262144" "/etc/sysctl.conf"
 set_once_hash_comment "net.core.wmem_default=262144" "/etc/sysctl.conf"
 set_once_hash_comment "net.core.rmem_max=262144" "/etc/sysctl.conf"
 set_once_hash_comment "net.core.wmem_max=262144" "/etc/sysctl.conf"
 #system
 #https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart
 set_once_hash_comment "DefaultLimitNOFILE=65000" "/etc/sysctl.conf"
 set_once_hash_comment "DefaultLimitNPROC=65000" "/etc/sysctl.conf"
 set_once_hash_comment "DefaultTasksMax=65000" "/etc/sysctl.conf"
 #https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_for_real_time/7/html/tuning_guide/reduce_tcp_performance_spikes
 sysctl -w net.ipv4.tcp_timestamps=0
 set_once_hash_comment "net.ipv4.tcp_timestamps=0" "/etc/sysctl.conf"
 #https://bugzilla.redhat.com/show_bug.cgi?id=1283676
 sysctl -w net.core.netdev_max_backlog=100000
 set_once_hash_comment "net.core.netdev_max_backlog=100000" "/etc/sysctl.conf"
 ##nginx
 sed -i "s|worker_connections.*|worker_connections 2000;|" /etc/nginx/nginx.conf
 nginx -t
 #Missing docs
 #sysctl -w net.ipv4.tcp_low_latency=1
 echo "System tune up...
  Done!"
--- a/mode/jwt.sh
+++ b/mode/jwt.sh
@ -1,16 +1,31 @@
 #!/bin/bash
 # JWT Mode Setup
-# SwITNet Ltd © - 2020, https://switnet.net/
+# SwITNet Ltd © - 2024, https://switnet.net/
 # GPLv3 or later.
-DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
+
 while getopts m: option
 do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
 	esac
 done
 #DEBUG
 if [ "$MODE" = "debug" ]; then
 set -x
 fi
 DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
 MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
 JICOFO_SIP="/etc/jitsi/jicofo/sip-communicator.properties"
 PROSODY_FILE="/etc/prosody/conf.d/$DOMAIN.cfg.lua"
 PROSODY_SYS="/etc/prosody/prosody.cfg.lua"
 APP_ID="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 16 | head -n1)"
 SECRET_APP="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 64 | head -n1)"
-SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" $PROSODY_FILE | head -n1 | cut -d ":" -f1)
+SRP_STR="$(grep -n "VirtualHost \"$DOMAIN\"" "$PROSODY_FILE" | head -n1 | cut -d ":" -f1)"
-SRP_END=$((SRP_STR + 10))
+SRP_END="$((SRP_STR + 10))"
 ## Required  openssl for Focal 20.04
 if [ "$(lsb_release -sc)" = "focal" ]; then
@ -37,52 +52,55 @@ echo "set jitsi-meet-tokens/appsecret password $SECRET_APP" | debconf-set-select
 apt-get install -y jitsi-meet-tokens
 #Setting up
-sed -i "s|c2s_require_encryption = true|c2s_require_encryption = false|" $PROSODY_SYS
+sed -i "s|c2s_require_encryption = true|c2s_require_encryption = false|" "$PROSODY_SYS"
 #-
-sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"token\"|}" $PROSODY_FILE
+sed -i "$SRP_STR,$SRP_END{s|authentication = \"jitsi-anonymous\"|authentication = \"token\"|}" "$PROSODY_FILE"
-sed -i "s|--app_id=\"example_app_id\"|app_id=\"$APP_ID\"|" $PROSODY_FILE
+sed -i "s|--app_id=\"example_app_id\"|app_id=\"$APP_ID\"|" "$PROSODY_FILE"
-sed -i "s|--app_secret=\"example_app_secret\"|app_secret=\"$SECRET_APP\"|" $PROSODY_FILE
+sed -i "s|--app_secret=\"example_app_secret\"|app_secret=\"$SECRET_APP\"|" "$PROSODY_FILE"
-sed -i "/app_secret/a \ \ \ \ \ \ \ \ asap_accepted_issuers = { \"$APP_ID\" }" $PROSODY_FILE
+sed -i "/app_secret/a \\\\" "$PROSODY_FILE"
-sed -i "/app_secret/a \ \ \ \ \ \ \ \ asap_accepted_audiences = { \"$APP_ID\", \"RocketChat\" }" $PROSODY_FILE
+sed -i "/app_secret/a \ \ \ \ allow_empty_token = false" "$PROSODY_FILE"
-#allow_empty_token = false
+sed -i "/app_secret/a \\\\" "$PROSODY_FILE"
 sed -i "/app_secret/a \ \ \ \ asap_accepted_issuers = { \"$APP_ID\" }" "$PROSODY_FILE"
 sed -i "/app_secret/a \ \ \ \ asap_accepted_audiences = { \"$APP_ID\", \"RocketChat\" }" "$PROSODY_FILE"
 sed -i "/app_secret/a \\\\" "$PROSODY_FILE"
 sed -i "s|--allow_empty_token =.*|allow_empty_token = false|" "$PROSODY_FILE"
 sed -i 's|--"token_verification"|"token_verification"|' "$PROSODY_FILE"
 #Request auth
-sed -i "s|#org.jitsi.jicofo.auth.URL=EXT_JWT:|org.jitsi.jicofo.auth.URL=EXT_JWT:|" $JICOFO_SIP
+sed -i "s|#org.jitsi.jicofo.auth.URL=EXT_JWT:|org.jitsi.jicofo.auth.URL=EXT_JWT:|" "$JICOFO_SIP"
-sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" $MEET_CONF
+sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" "$MEET_CONF"
 #Enable jibri recording
-cat  << REC-JIBRI >> $PROSODY_FILE
+cat  << REC-JIBRI >> "$PROSODY_FILE"
 VirtualHost "recorder.$DOMAIN"
  modules_enabled = {
    "ping";
  }
-  authentication = "internal_plain"
+  authentication = "internal_hashed"
 REC-JIBRI
 #Setup guests and lobby
-cat << P_SR >> $PROSODY_FILE
+cat << P_SR >> "$PROSODY_FILE"
-
+-- #Change back lobby - https://community.jitsi.org/t/64769/136
 VirtualHost "guest.$DOMAIN"
    authentication = "token"
    allow_empty_token = true
    c2s_require_encryption = false
    muc_lobby_whitelist = { "recorder.$DOMAIN", "auth.$DOMAIN" }
    speakerstats_component = "speakerstats.$DOMAIN"
    conference_duration_component = "conferenceduration.$DOMAIN"
    app_id="$APP_ID";
    app_secret="$SECRET_APP";
    modules_enabled = {
      "speakerstats";
-      "conference_duration";
+--      "conference_duration";
    }
 P_SR
 echo -e "\nUse the following for your App (e.g. Rocket.Chat):\n"
-echo -e "\n$APP_ID" && \
+echo -e "\nAPP_ID: $APP_ID" && \
-echo -e "$SECRET_APP\n"
+echo -e "SECRET_APP: $SECRET_APP\n"
 echo -e "You can test JWT authentication with the following token:\n"
 pyjwt3 --key="$SECRET_APP" \
--- a/patches/jigasi/001-jigasi-meet-config.patch
+++ b/patches/jigasi/001-jigasi-meet-config.patch
@ -0,0 +1,40 @@
 # Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems.
 # SwITNet Ltd © - 2024, https://switnet.net/
 # GPLv3 or later.
 Enable transcription on jitsi meet config.js file.
 diff --git a/etc/jitsi/meet/${DOMAIN}-config.js b/etc/jitsi/meet/${DOMAIN}-config.js
 index f412891..f704157 100644
 --- a/etc/jitsi/meet/${DOMAIN}-config.js
 +++ b/etc/jitsi/meet/${DOMAIN}-config.js
@@ -426,9 +426,9 @@ var config = {
     // autoCaptionOnRecord: false,
     // Transcription options.
 -    // transcription: {
 +    transcription: {
     //     // Whether the feature should be enabled or not.
 -    //     enabled: false,
 +        enabled: true,
     //     // Translation languages.
     //     // Available languages can be found in
@@ -443,7 +443,7 @@ var config = {
     //     // detected based on the environment, e.g. if the app is opened in a chrome instance which
     //     // is using french as its default language then transcriptions for that participant will be in french.
     //     // Defaults to true.
 -    //     useAppLanguage: true,
 +        useAppLanguage: true,
     //     // Transcriber language. This settings will only work if "useAppLanguage"
     //     // is explicitly set to false.
@@ -453,7 +453,7 @@ var config = {
     //     // Enables automatic turning on transcribing when recording is started
     //     autoTranscribeOnRecord: false,
 -    // },
 +    },
     // Misc
--- a/patches/jigasi/002-jigasi-sip-properties.patch
+++ b/patches/jigasi/002-jigasi-sip-properties.patch
@ -0,0 +1,80 @@
 # Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems.
 # SwITNet Ltd © - 2024, https://switnet.net/
 # GPLv3 or later.
 Modify sip-communicator.properties to run Jigasi along with VOSK Models.
 diff --git a/etc/jitsi/jigasi/sip-communicator.properties b/etc/jitsi/jigasi/sip-communicator.properties
 index 7a8d0f3..ae5369a 100644
 --- a/etc/jitsi/jigasi/sip-communicator.properties
 +++ b/etc/jitsi/jigasi/sip-communicator.properties
@@ -165,12 +165,12 @@ org.jitsi.jigasi.xmpp.acc.USE_DEFAULT_STUN_SERVER=false
 # If you want jigasi to perform authenticated login instead of anonymous login
 # to the XMPP server, you can set the following properties.
 -# org.jitsi.jigasi.xmpp.acc.USER_ID=SOME_USER@SOME_DOMAIN
 -# org.jitsi.jigasi.xmpp.acc.PASS=SOME_PASS
 -# org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false
 +org.jitsi.jigasi.xmpp.acc.USER_ID=transcriber@recorder.${DOMAIN}
 +org.jitsi.jigasi.xmpp.acc.PASS=${JIG_TRANSC_PASWD}
 +org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false
 # To fix SSL/TLS required by client but not supported by server
 -#org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true
 +org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true
 # Can be used in combination with jitsi-meet module mod_auth_jitsi-shared-secret
 # To have jigasi use a random username on every call
@@ -187,7 +187,7 @@ org.jitsi.jigasi.xmpp.acc.USE_DEFAULT_STUN_SERVER=false
 # Activate this property if you are using self-signed certificates or other
 # type of non-trusted certicates. In this mode your service trust in the
 # remote certificates always.
 -# net.java.sip.communicator.service.gui.ALWAYS_TRUST_MODE_ENABLED=true
 +net.java.sip.communicator.service.gui.ALWAYS_TRUST_MODE_ENABLED=true
 # Enable this property to be able to shutdown gracefully jigasi using
 # a rest command
@@ -196,31 +196,31 @@ org.jitsi.jigasi.xmpp.acc.USE_DEFAULT_STUN_SERVER=false
 # Options regarding Transcription. Read the README for a detailed description
 # about each property
 -#org.jitsi.jigasi.ENABLE_TRANSCRIPTION=false
 -#org.jitsi.jigasi.ENABLE_SIP=true
 +org.jitsi.jigasi.ENABLE_TRANSCRIPTION=true
 +org.jitsi.jigasi.ENABLE_SIP=false
 # whether to use the more expensive, but better performing
 # "video" model when doing transcription
 # org.jitsi.jigasi.transcription.USE_VIDEO_MODEL = false
 # delivering final transcript
 -# org.jitsi.jigasi.transcription.DIRECTORY=/var/lib/jigasi/transcripts
 -# org.jitsi.jigasi.transcription.BASE_URL=http://localhost/
 -# org.jitsi.jigasi.transcription.jetty.port=-1
 -# org.jitsi.jigasi.transcription.ADVERTISE_URL=false
 +org.jitsi.jigasi.transcription.DIRECTORY=/var/lib/jigasi/transcripts
 +org.jitsi.jigasi.transcription.BASE_URL=http://localhost/
 +org.jitsi.jigasi.transcription.jetty.port=-1
 +org.jitsi.jigasi.transcription.ADVERTISE_URL=false
 # save formats
 -# org.jitsi.jigasi.transcription.SAVE_JSON=false
 -# org.jitsi.jigasi.transcription.SAVE_TXT=true
 +org.jitsi.jigasi.transcription.SAVE_JSON=false
 +org.jitsi.jigasi.transcription.SAVE_TXT=true
 # send formats
 -# org.jitsi.jigasi.transcription.SEND_JSON=true
 -# org.jitsi.jigasi.transcription.SEND_TXT=false
 +org.jitsi.jigasi.transcription.SEND_JSON=true
 +org.jitsi.jigasi.transcription.SEND_TXT=false
 # Vosk server
 -# org.jitsi.jigasi.transcription.customService=org.jitsi.jigasi.transcription.VoskTranscriptionService
 +org.jitsi.jigasi.transcription.customService=org.jitsi.jigasi.transcription.VoskTranscriptionService
 # org.jitsi.jigasi.transcription.vosk.websocket_url={"en": "ws://localhost:2700", "fr": "ws://localhost:2710"}
 -# org.jitsi.jigasi.transcription.vosk.websocket_url=ws://localhost:2700
 +org.jitsi.jigasi.transcription.vosk.websocket_url=ws://localhost:2700
 # Whisper live transcription server
 # org.jitsi.jigasi.transcription.customService=org.jitsi.jigasi.transcription.WhisperTranscriptionService
--- a/patches/jitsi-meet/001-jitsi-meet-enable-livestreaming-and-recording.patch
+++ b/patches/jitsi-meet/001-jitsi-meet-enable-livestreaming-and-recording.patch
@ -0,0 +1,66 @@
 # Quick Jibri Installer - *buntu (LTS) based systems.
 # SwITNet Ltd © - 2024, https://switnet.net/
 # GPLv3 or later.
 Patch jitsi-meet config.js to enable recording and livestreaming by default.
 diff --git a/etc/jitsi/meet/${DOMAIN}-config.js b/etc/jitsi/meet/${DOMAIN}-config.js
 index dcb860b..8f64c7c 100644
 --- a/etc/jitsi/meet/${DOMAIN}-config.js
 +++ b/etc/jitsi/meet/${DOMAIN}-config.js
@@ -343,12 +343,12 @@ var config = {
     //    // showPrejoinWarning: true,
     // },
 -    // recordingService: {
 +    recordingService: {
     //     // When integrations like dropbox are enabled only that will be shown,
     //     // by enabling fileRecordingsServiceEnabled, we show both the integrations
     //     // and the generic recording service (its configuration and storage type
     //     // depends on jibri configuration)
 -    //     enabled: false,
 +        enabled: true,
     //     // Whether to show the possibility to share file recording with other people
     //     // (e.g. meeting participants), based on the actual implementation
@@ -357,7 +357,7 @@ var config = {
     //     // Hide the warning that says we only store the recording for 24 hours.
     //     hideStorageWarning: false,
 -    // },
 +    },
     // DEPRECATED. Use recordingService.enabled instead.
     // fileRecordingsServiceEnabled: false,
@@ -368,7 +368,7 @@ var config = {
     // Local recording configuration.
     // localRecording: {
     //     // Whether to disable local recording or not.
 -    //     disable: false,
 +    //     disable: true,
     //     // Whether to notify all participants when a participant is recording locally.
     //     notifyAllParticipants: false,
@@ -378,9 +378,9 @@ var config = {
     // },
     // Customize the Live Streaming dialog. Can be modified for a non-YouTube provider.
 -    // liveStreaming: {
 +    liveStreaming: {
     //    // Whether to enable live streaming or not.
 -    //    enabled: false,
 +       enabled: true,
     //    // Terms link
     //    termsLink: 'https://www.youtube.com/t/terms',
     //    // Data privacy link
@@ -388,8 +388,8 @@ var config = {
     //    // RegExp string that validates the stream key input field
     //    validatorRegExpString: '^(?:[a-zA-Z0-9]{4}(?:-(?!$)|$)){4}',
     //    // Documentation reference for the live streaming feature.
 -    //    helpLink: 'https://jitsi.org/live'
 -    // },
 +       helpLink: 'https://forge.switnet.net/switnet/quick-jibri-installer'
 +    },
     // DEPRECATED. Use liveStreaming.enabled instead.
     // liveStreamingEnabled: false,
--- a/patches/jitsi-meet/002-jitsi-meet-welcome-page-on-off.patch
+++ b/patches/jitsi-meet/002-jitsi-meet-welcome-page-on-off.patch
@ -0,0 +1,31 @@
 # Quick Jibri Installer - *buntu (LTS) based systems.
 # SwITNet Ltd © - 2024, https://switnet.net/
 # GPLv3 or later.
 Patch jitsi-meet config.js to enable/disable welcome page.
 diff --git a/etc/jitsi/meet/${DOMAIN}-config.js b/etc/jitsi/meet/${DOMAIN}-config.js
 index dcb860b..2094287 100644
 --- a/etc/jitsi/meet/${DOMAIN}-config.js
 +++ b/etc/jitsi/meet/${DOMAIN}-config.js
@@ -664,13 +664,13 @@ var config = {
     // enableWelcomePage: true,
     // Configs for welcome page.
 -    // welcomePage: {
 -    //     // Whether to disable welcome page. In case it's disabled a random room
 -    //     // will be joined when no room is specified.
 -    //     disabled: false,
 -    //     // If set, landing page will redirect to this URL.
 -    //     customUrl: ''
 -    // },
 +    welcomePage: {
 +        // Whether to disable welcome page. In case it's disabled a random room
 +        // will be joined when no room is specified.
 +        disabled: ${ENABLE_WELCP_BOL},
 +        // If set, landing page will redirect to this URL.
 +        customUrl: ''
 +    },
     // Configs for the lobby screen.
     // lobby: {
--- a/quick_jibri_installer.sh
+++ b/quick_jibri_installer.sh
--- a/tools/aws-grub-setup.sh
+++ b/tools/aws-grub-setup.sh
@ -0,0 +1,85 @@
 #!/bin/bash
 # Automated AWS generic kernel setup for jibri.
 # SwITNet Ltd © - 2024, https://switnet.net/
 # GPLv3 or later.
 while getopts m: option
 do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
 	esac
 done
 #DEBUG
 if [ "$MODE" = "debug" ]; then
 set -x
 fi
 wait_seconds() {
 secs=$(($1))
 while [ $secs -gt 0 ]; do
   echo -ne "$secs\033[0K\r"
   sleep 1
   : $((secs--))
 done
 }
 echo "####
 # WARNING: Only use this script if you know what you are doing.
 # Under your own risk.
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY.
 ####"
 # Check if user is root
 if [ "$UID" != 0 ]; then
    echo You need to run this script as root or sudo rights!
    exit 1
 fi
 TMP_DIR="$(mktemp -d)"
 KERNEL_LOG="$TMP_DIR/kernel_log"
 GRUB_FILE="/etc/default/grub"
 echo -e "# Check and update HWE kernel if possible...\n"
 apt-get -q2 update
 HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")"
 if [ "$HWE_VIR_MOD" = "1" ]; then
    apt-get -y install \
    linux-image-generic-hwe-"$(lsb_release -sr)" \
    linux-tools-generic-hwe-"$(lsb_release -sr)"
 else
    apt-get -y install \
    linux-image-generic \
    linux-modules-extra-"$(uname -r)"
 fi
 apt-get -y autoremove
 apt-get autoclean
 #Write update-grub output
 update-grub > "$KERNEL_LOG" 2>&1
 #Get clean output
 awk -F'boot/' '{print$2}' < "$KERNEL_LOG"|sed '/^[[:space:]]*$/d' | \
 tee "$KERNEL_LOG".tmp
 mv "$KERNEL_LOG".tmp "$KERNEL_LOG"
 echo -e "Check if AWS kernel is installed.\n"
 [ "$(grep -wc aws "$KERNEL_LOG")" = 0 ] && echo "No AWS kernel found, exiting..." && exit
 #Get kernel number
 RAW_KERNEL_NUM="$(grep -Fn generic "$KERNEL_LOG"|head -n1|cut -d ':' -f1)"
 FIXED_KERNEL_NUM="$(awk "BEGIN{ print $RAW_KERNEL_NUM - 1 }")"
 echo -e "Set up GRUB for custom kernel.\n"
 sed -i "s|GRUB_DEFAULT=.*|GRUB_DEFAULT=\"1\>$FIXED_KERNEL_NUM\"|" "$GRUB_FILE"
 echo -e "Saving changes...\n"
 update-grub
 echo "Time to reboot..."
 echo "Rebooting in..."
 wait_seconds 15
 reboot
--- a/tools/fail2ban_ssh.sh
+++ b/tools/fail2ban_ssh.sh
@ -1,6 +1,6 @@
 #!/bin/bash
 # Simple Fail2ban configuration
-# 2020 - SwITNet Ltd
+# SwITNet Ltd © - 2024, https://switnet.net/
 # GNU GPLv3 or later.
 while getopts m: option
@ -8,7 +8,7 @@ do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
-		\?) echo "Usage: sudo ./fail2ban_ssh.sh [-m debug]" && exit;;
+		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
 	esac
 done
@ -18,7 +18,7 @@ set -x
 fi
 #Check if user is root
-if ! [ $(id -u) = 0 ]; then
+if ! [ "$(id -u)" = 0 ]; then
   echo "You need to be root or have sudo privileges!"
   exit 0
 fi
@ -27,8 +27,8 @@ apt-get -y install fail2ban
 if \
 [ -f /var/log/ssh_f2b.log ] && \
-[ $(grep -c 604800 /etc/fail2ban/jail.local) = "1" ] && \
+[ "$(grep -c 604800 /etc/fail2ban/jail.local)" = "1" ] && \
-[ $(grep -c ssh_f2b.log /etc/fail2ban/jail.local) = "1"]; then
+[ "$(grep -c ssh_f2b.log /etc/fail2ban/jail.local)" = "1" ]; then
    echo -e "\nFail2ban seems to be already configured.\n"
 else
    echo -e "\nConfiguring Fail2ban...\n"
--- a/tools/jibri-conf-upgrade.sh
+++ b/tools/jibri-conf-upgrade.sh
@ -1,6 +1,6 @@
 #!/bin/bash
 # Simple Jibri conf updater
-# 2020 - SwITNet Ltd
+# SwITNet Ltd © - 2024, https://switnet.net/
 # GNU GPLv3 or later.
 while getopts m: option
@ -8,7 +8,7 @@ do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
-		\?) echo "Usage: sudo ./test-jibri-env.sh [-m debug]" && exit;;
+		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
 	esac
 done
@ -25,7 +25,7 @@ echo -e '
 \n'
 #Check if user is root
-if ! [ $(id -u) = 0 ]; then
+if ! [ "$(id -u)" = 0 ]; then
   echo "You need to be root or have sudo privileges!"
   exit 0
 fi
@ -46,19 +46,19 @@ else
 fi
 if [ -d /etc/prosody/ ];then
-DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
+DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
 fi
 CONF_JSON="/etc/jitsi/jibri/config.json"
 JIBRI_CONF="/etc/jitsi/jibri/jibri.conf"
-DIR_RECORD=/var/jbrecord
+DIR_RECORD="/var/jbrecord"
-REC_DIR=/home/jibri/finalize_recording.sh
+REC_DIR="/home/jibri/finalize_recording.sh"
-JibriBrewery=JibriBrewery
+JibriBrewery="JibriBrewery"
 check_read_vars() {
    echo "Checking $1"
    if [ -z "$2" ];then
-    echo "This variable seems wrong, please check before continue"
+        echo "This variable seems wrong, please check before continue"
-    exit 1
+        exit 1
    fi
 }
 restart_services_jibri() {
@ -73,44 +73,44 @@ fi
 }
 #Prevent re-run on completed jibri upgraded instance
-if [ -f $CONF_JSON_disabled ] && \
+if [ -f "$CONF_JSON"_disabled ] && \
-   [ -f $JIBRI_CONF ] && \
+   [ -f "$JIBRI_CONF" ] && \
-   [ -f $JIBRI_CONF-dpkg-file ]; then
+   [ -f "$JIBRI_CONF"-dpkg-file ]; then
    echo -e "\n> This jibri config has been upgraded already, we'll exit...\n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
-https://github.com/switnet-ltd/quick-jibri-installer/issues\n"
+https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
    exit
-elif [ ! -f $CONF_JSON ] && \
+elif [ ! -f "$CONF_JSON" ] && \
-   [ -f $JIBRI_CONF ] && \
+   [ -f "$JIBRI_CONF" ] && \
-   [ -f $JIBRI_CONF-dpkg-file ]; then
+   [ -f "$JIBRI_CONF"-dpkg-file ]; then
-    echo -e "\n> This jibri seems to be running the lastest configuration already, we'll exit...\n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
+    echo -e "\n> This jibri seems to be running the latest configuration already, we'll exit...\n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
-https://github.com/switnet-ltd/quick-jibri-installer/issues\n"
+https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
    exit
-elif [ -f $CONF_JSON ] && \
+elif [ -f "$CONF_JSON" ] && \
-   [ -f $JIBRI_CONF ]; then
+   [ -f "$JIBRI_CONF" ]; then
    echo -e "\n> This jibri config seems to be candidate for upgrading, we'll continue...\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
-https://github.com/switnet-ltd/quick-jibri-installer/issues\n"
+https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
 fi
 #Read missing variables
-if [ -f $CONF_JSON ]; then
+if [ -f "$CONF_JSON" ]; then
    echo "Reading current config.json file..."
-    if [ -z $DOMAIN ]; then
+    if [ -z "$DOMAIN" ]; then
-        DOMAIN=$(jq .xmpp_environments[0].xmpp_domain $CONF_JSON|cut -d '"' -f2)
+        DOMAIN="$(jq .xmpp_environments[0].xmpp_domain $CONF_JSON|cut -d '"' -f2)"
    fi
-    JB_NAME=$(jq .xmpp_environments[0].name $CONF_JSON|cut -d '"' -f2)
+    JB_NAME="$(jq .xmpp_environments[0].name $CONF_JSON|cut -d '"' -f2)"
-    JB_AUTH_PASS=$(jq .xmpp_environments[0].control_login.password $CONF_JSON|cut -d '"' -f2)
+    JB_AUTH_PASS="$(jq .xmpp_environments[0].control_login.password $CONF_JSON|cut -d '"' -f2)"
-    JB_REC_PASS=$(jq .xmpp_environments[0].call_login.password $CONF_JSON|cut -d '"' -f2)
+    JB_REC_PASS="$(jq .xmpp_environments[0].call_login.password $CONF_JSON|cut -d '"' -f2)"
-    JB_NICKN=$(jq .xmpp_environments[0].control_muc.nickname $CONF_JSON|cut -d '"' -f2)
+    JB_NICKN="$(jq .xmpp_environments[0].control_muc.nickname $CONF_JSON|cut -d '"' -f2)"
 else
    echo "Can't find the instance config.json file, exiting..."
    exit
 fi
-check_read_vars "Jibri Name" $JB_NAME
+check_read_vars "Jibri Name" "$JB_NAME"
-check_read_vars "(Main server) Domain" $DOMAIN
+check_read_vars "(Main server) Domain" "$DOMAIN"
-check_read_vars "Control login passwd" $JB_AUTH_PASS
+check_read_vars "Control login passwd" "$JB_AUTH_PASS"
-check_read_vars "Call login passwd" $JB_REC_PASS
+check_read_vars "Call login passwd" "$JB_REC_PASS"
-check_read_vars "Jibri Node nickname" $JB_NICKN
+check_read_vars "Jibri Node nickname" "$JB_NICKN"
 if [ "$MODE" = "debug" ]; then
 echo "$JB_NAME"
@ -121,11 +121,11 @@ echo "$JB_NICKN"
 fi
 #Backup and setup new conf file
-echo -e "Backing up config.json for historical porpuses at:\n ${CONF_JSON}_disabled"
+echo -e "Backing up config.json for historical purposes at:\n ${CONF_JSON}_disabled"
-mv $CONF_JSON ${CONF_JSON}_disabled
+mv "$CONF_JSON" "${CONF_JSON}"_disabled
-mv $JIBRI_CONF ${JIBRI_CONF}-dpkg-file
+mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file
-cat << NEW_CONF > $JIBRI_CONF
+cat << NEW_CONF > "$JIBRI_CONF"
 // New XMPP environment config.
 jibri {
    recording {
@ -195,13 +195,13 @@ jibri {
 NEW_CONF
 echo "Check final jibri.conf file:"
-cat $JIBRI_CONF
+cat "$JIBRI_CONF"
-read -n 1 -s -r -p "Press any key to continue..."$'\n'
+read -n 1 -s -r -p "Press any key to continue..."
 restart_services_jibri
 systemctl status jibri
 if [ -f /var/log/jitsi/jicofo.log ]; then
-echo -e "Checking for jicofo recognizing \"Live\" jibri node..."
+    echo -e "Checking for jicofo recognizing \"Live\" jibri node..."
-tail -n 10 | grep Live
+    tail -n 10 | grep Live
 fi
--- a/tools/jibri-resolution-enhancer.sh
+++ b/tools/jibri-resolution-enhancer.sh
@ -0,0 +1,123 @@
 #!/bin/bash
 # Simple Jibri resolution enhancer
 # SwITNet Ltd © - 2024, https://switnet.net/
 # GNU GPLv3 or later.
 while getopts m: option
 do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
 	esac
 done
 #DEBUG
 if [ "$MODE" = "debug" ]; then
 set -x
 fi
 #Check if user is root
 if ! [ "$(id -u)" = 0 ]; then
   echo "You need to be root or have sudo privileges!"
   exit 0
 fi
 # Make sure jibri is installed
 if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ]; then
  echo "Good Jibri is installed on this server"
 else
  echo "Jibri is not on this system, it is a requirement.
 Exiting..."
  exit
 fi
 apt-get -y install apt-show-versions
 JIBRI_OPT="/opt/jitsi/jibri"
 JIBRI_ENH_PATH="/opt/jibri-res-enhancer"
 INSTALLED_JIBRI_VERSION="$(apt-show-versions jibri|awk '{print$2}')"
 #Check if already run
 if [ -f "$JIBRI_OPT/jibri-res_enh.jar" ] && \
   [ -d "$JIBRI_ENH_PATH" ]; then
  echo "Seems this tools have been run before..."
  exit
 fi
 mkdir /tmp/jibri
 cd /tmp/jibri || exit
 #Get md5sum for current jibri installed.
 apt-get download jibri="$INSTALLED_JIBRI_VERSION"
 ar x jibri_*.deb
 tar xvf data.tar.xz
 UPSTREAM_DEB_JAR_SUM="$(md5sum 2>/dev/null /tmp/jibri/opt/jitsi/jibri/jibri.jar |awk '{print$1}')"
 if [ -z "$UPSTREAM_DEB_JAR_SUM" ]; then
  echo "Not possible to continue, exiting..."
  exit
 fi
 #Compile requisites
 apt-get -y install devscripts \
                   git \
                   maven \
                   openjdk-11-jdk
 #Build repository
 git clone https://github.com/jitsi/jibri "$JIBRI_ENH_PATH"
 cd "$JIBRI_ENH_PATH" || exit
 # Default values
 ## videoEncodePreset - "veryfast" || h264ConstantRateFactor - 25
 # Recomemended values based on: https://trac.ffmpeg.org/wiki/Encode/H.264#crf
 ## videoEncodePreset - "medium" || h264ConstantRateFactor - 17
 sed -i "/videoEncodePreset/s|String =.*|String = \"medium\",|"  src/main/kotlin/org/jitsi/jibri/capture/ffmpeg/FfmpegCapturer.kt
 sed -i "/h264ConstantRateFactor/s|Int =.*|Int = 17,|"  src/main/kotlin/org/jitsi/jibri/capture/ffmpeg/FfmpegCapturer.kt
 mvn package
 JIBRI_JAR="$(find "$JIBRI_ENH_PATH" -name \*.jar|awk '/dependencies/{print}'|awk 'NR==1{print}')"
 cp "$JIBRI_ENH_PATH"/target/"$JIBRI_JAR" "$JIBRI_ENH_PATH"/target/jibri.jar
 # Backing up default binaries
 if [ "$UPSTREAM_DEB_JAR_SUM" = "$(md5sum 2>/dev/null $JIBRI_OPT/jibri.jar|awk '{print$1}')" ]; then
  cp "$JIBRI_OPT"/jibri.jar "$JIBRI_OPT"/jibri-dpkg-package.jar
 fi
 # Migrate original to enhanced jibri
 cp "$JIBRI_ENH_PATH"/target/jibri.jar "$JIBRI_OPT"/jibri-res_enh.jar
 if [ -f "$JIBRI_OPT"/jibri-dpkg-package.jar ];then
 cp "$JIBRI_OPT"/jibri-res_enh.jar "$JIBRI_OPT"/jibri.jar
 fi
 JIBRI_RES_ENH_HASH="$(md5sum 2>/dev/null $JIBRI_OPT/jibri-res_enh.jar|awk '{print$1}')"
 USED_JIBRI_HASH="$(md5sum 2>/dev/null $JIBRI_OPT/jibri.jar|awk '{print$1}')"
 if [ "$JIBRI_RES_ENH_HASH" = "$USED_JIBRI_HASH" ]; then
  echo "Everything seems to have gone well."
 else 
  echo "Something went wrong, restoring default package..."
  if [ "$(md5sum 2>/dev/null $JIBRI_OPT/jibri-dpkg-package.jar|awk '{print$1}')" = "$UPSTREAM_DEB_JAR_SUM" ]; then
    cp "$JIBRI_OPT"/jibri-dpkg-package.jar "$JIBRI_OPT"/jibri.jar
    CLEAN="true"
  else
    if [ -f /tmp/jibri/opt/jitsi/jibri/jibri.jar ]; then
      echo "Restoring from upstream package..."
      cp /tmp/jibri/opt/jitsi/jibri/jibri.jar "$JIBRI_OPT"/jibri.jar
      CLEAN="true"
    else
      echo "Wow, someone took the time to avoid restoration, please manually review your changes."
      echo "Exiting..."
      exit
    fi
  fi
 fi
 if [ "$CLEAN" = "true" ]; then
  rm -r /tmp/jibri
  rm -r "$JIBRI_ENH_PATH"
  rm /opt/jitsi/jibri/jibri-res_enh.jar
 fi
 systemctl restart jibri
 echo "This will be a good time to test the enhanced resolution."
--- a/tools/prepare_php.sh
+++ b/tools/prepare_php.sh
@ -0,0 +1,138 @@
 #!/bin/bash
 # Automated PHP environment build for Nextcloud.
 # SwITNet Ltd © - 2024, https://switnet.net/
 # GPLv3 or later.
 PHPVER=$1
 STABLE_PHP="$(apt-cache madison php|grep -v ppa|awk -F'[:+]' 'NR==1{print $2}')"
 DISTRO_RELEASE="$(lsb_release -sc)"
 PHP_REPO="$(apt-cache policy | awk '/http/&&/php/{print$2}' | awk -F "/" 'NR==1{print$5}')"
 PHP_REPO_URL="http://ppa.launchpad.net/ondrej/php/ubuntu"
 PHP_FPM_DIR="/etc/php/$PHPVER/fpm"
 PHP_INI="$PHP_FPM_DIR/php.ini"
 PHP_CONF="/etc/php/$PHPVER/fpm/pool.d/www.conf"
 TMP_GPG_REPO="$(mktemp -d)"
 if [ $# -ne 1 ]; then
  echo "Usage: $0 8.2"
  exit 1
 fi
 install_ifnot() {
    if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
        echo " $1 is installed, skipping..."
    else
        printf "\n---- Installing %s ----" "$1"
        apt-get -yq2 install "$1"
    fi
 }
 install_aval_package() {
 for i in $1
  do
     if [ -z "$(apt-cache madison "$i" 2>/dev/null)" ]; then
     echo " > Package $i not available on repo."
     else
     echo " > Add package $i to the install list"
     packages="$packages $i"
     fi
 done
 echo "$packages"
 apt-get -y install $packages #< don't quote.
 packages=""
 }
 add_gpg_keyring() {
 apt-key adv --recv-keys --keyserver keyserver.ubuntu.com "$1"
 apt-key export "$1" | gpg --dearmour | tee "$TMP_GPG_REPO"/"$1".gpg >/dev/null
 apt-key del "$1"
 mv "$TMP_GPG_REPO"/"$1".gpg /etc/apt/trusted.gpg.d/
 }
 add_php_repo() {
 if [ "$PHP_REPO" = "php" ]; then
    echo "PHP $PHPVER already installed"
    apt-get -q2 update
    apt-get -yq2 dist-upgrade
 else
    echo "# Adding Ondrej PHP $PHPVER PPA Repository"
    add_gpg_keyring E5267A6C
    echo "deb [arch=amd64] $PHP_REPO_URL $DISTRO_RELEASE main" | \
    tee /etc/apt/sources.list.d/php"$PHPVER".list
    apt-get update -q2
 fi
 }
 add_php_repo
 install_aval_package " \
            imagemagick \
            php$PHPVER-fpm \
            php$PHPVER-bcmath \
            php$PHPVER-bz2 \
            php$PHPVER-cli \
            php$PHPVER-cgi \
            php$PHPVER-curl \
            php$PHPVER-gd \
            php$PHPVER-gmp \
            php$PHPVER-imagick \
            php$PHPVER-intl \
            php$PHPVER-json \
            php$PHPVER-ldap \
            php$PHPVER-mbstring \
            php$PHPVER-pgsql \
            php$PHPVER-redis \
            php$PHPVER-soap \
            php$PHPVER-xml \
            php$PHPVER-xmlrpc \
            php$PHPVER-zip \
            redis-server \
            unzip \
            "
 #System related
 install_ifnot smbclient
 sed -i "s|.*env\[HOSTNAME\].*|env\[HOSTNAME\] = \$HOSTNAME|" "$PHP_CONF"
 sed -i "s|.*env\[PATH\].*|env\[PATH\] = /usr/local/bin:/usr/bin:/bin|" "$PHP_CONF"
 sed -i "s|.*env\[TMP\].*|env\[TMP\] = /tmp|" "$PHP_CONF"
 sed -i "s|.*env\[TMPDIR\].*|env\[TMPDIR\] = /tmp|" "$PHP_CONF"
 sed -i "s|.*env\[TEMP\].*|env\[TEMP\] = /tmp|" "$PHP_CONF"
 sed -i "s|;clear_env = no|clear_env = no|" "$PHP_CONF"
 echo "
 Tunning PHP.ini...
 "
 # Change values in php.ini (increase max file size)
 # max_execution_time
 sed -i "s|max_execution_time =.*|max_execution_time = 3500|g" "$PHP_INI"
 # max_input_time
 sed -i "s|max_input_time =.*|max_input_time = 3600|g" "$PHP_INI"
 # memory_limit
 sed -i "s|memory_limit =.*|memory_limit = 512M|g" "$PHP_INI"
 # post_max
 sed -i "s|post_max_size =.*|post_max_size = 1025M|g" "$PHP_INI"
 # upload_max
 sed -i "s|upload_max_filesize =.*|upload_max_filesize = 1024M|g" "$PHP_INI"
 phpenmod opcache
 {
 echo "# OPcache settings for Nextcloud"
 echo "opcache.enable=1"
 echo "opcache.enable_cli=1"
 echo "opcache.interned_strings_buffer=8"
 echo "opcache.max_accelerated_files=10000"
 echo "opcache.memory_consumption=256"
 echo "opcache.save_comments=1"
 echo "opcache.revalidate_freq=1"
 echo "opcache.validate_timestamps=1"
 } >> "$PHP_INI"
 update-alternatives --set php           /usr/bin/php"$STABLE_PHP"
 update-alternatives --set php-fpm.sock  /run/php/php"$STABLE_PHP"-fpm.sock
 update-alternatives --set php-cgi      	/usr/bin/php-cgi"$STABLE_PHP"
 update-alternatives --set php-cgi-bin   /usr/lib/cgi-bin/php"$STABLE_PHP"
 update-alternatives --set phar          /usr/bin/phar"$STABLE_PHP"
 update-alternatives --set phar.phar     /usr/bin/phar.phar"$STABLE_PHP"
 systemctl restart php"$PHPVER"-fpm.service
--- a/tools/start-over.sh
+++ b/tools/start-over.sh
@ -0,0 +1,144 @@
 #!/bin/bash
 #Start over
 # SwITNet Ltd © - 2024, https://switnet.net/
 # GPLv3 or later.
 while getopts m: option
 do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
 		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
 	esac
 done
 #DEBUG
 if [ "$MODE" = "debug" ]; then
 set -x
 fi
 #Check if user is root
 if ! [ "$(id -u)" = 0 ]; then
   echo "You need to be root or have sudo privileges!"
   exit 0
 fi
 wait_seconds() {
 secs=$(($1))
 while [ $secs -gt 0 ]; do
   echo -ne "$secs\033[0K\r"
   sleep 1
   : $((secs--))
 done
 }
 remove_residuals() {
  if [ -d "$1" ]; then
    rm -r "$1"
  fi
 }
 purge_debconf() {
  echo PURGE | debconf-communicate "$1"
 }
 remove_services() {
  systemctl disable "$1"
  systemctl stop "$1"
 }
 echo -e '
 ########################################################################
                Welcome to the Start Over cleaner script
 ########################################################################
                    by Software, IT & Networks Ltd
 \n'
 SYNC_USER="$(find /home -maxdepth 1 -type d |awk '/jbsync/{print}')"
 DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
 echo "We are about to remove and clean all the jitsi-meet platform bits and pieces...
 Please make sure you have backed up anything you don't want to loose."
 echo "
 # WARGNING #: This is only recommended if you want to start over a failed installation,
 or plain and simple remove jitsi from your system."
 while [[ "$CONTINUE_PURGE1" != "yes" && "$CONTINUE_PURGE1" != "no" ]]
 do
 read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_PURGE1
 if [ "$CONTINUE_PURGE1" = "no" ]; then
    echo "  Good, see you next time..."
    exit
 elif [ "$CONTINUE_PURGE1" = "yes" ]; then
    echo ""
 fi
 done
 echo "Let me ask just one more time..."
 while [[ "$CONTINUE_PURGE2" != "yes" && "$CONTINUE_PURGE2" != "no" ]]
 do
 read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_PURGE2
 if [ "$CONTINUE_PURGE2" = "no" ]; then
    echo "  Good, see you next time..."
    exit
 elif [ "$CONTINUE_PURGE2" = "yes" ]; then
    echo "No going back, let's start..."
    wait_seconds 10
 fi
 done
 #Purging all jitsi meet packages
 apt-get -y purge jibri \
                 jicofo \
                 jigasi \
                 jitsi-meet \
                 jitsi-meet-web \
                 jitsi-meet-web-config \
                 jitsi-meet-prosody \
                 jitsi-meet-turnserver \
                 jitsi-videobridge2 \
                 prosody
 #Chome related packages
 apt-get -y purge google-chrome-stable
 rm /usr/local/bin/chromedriver
 #Services stop
 remove_services jibri
 remove_services jibri-icewm
 remove_services jibri-xorg
 #Cleaning packages
 apt-get -y autoremove
 apt-get clean
 #Removing residual files
 remove_residuals /etc/jitsi
 remove_residuals /opt/jitsi
 remove_residuals /usr/share/jicofo
 remove_residuals /usr/share/jitsi-*
 #Clean /etc/hosts
 sed -i "/$DOMAIN/d" /etc/hosts
 echo "#Purging debconf db"
 purge_debconf jicofo
 purge_debconf jigasi
 purge_debconf jitsi-meet
 purge_debconf jitsi-meet-prosody
 purge_debconf jitsi-meet-turnserver
 purge_debconf jitsi-meet-web-config
 purge_debconf jitsi-videobridge2
 #Remove unused users & groups
 if [ -n "$SYNC_USER" ]; then
  deluser --remove-home "$SYNC_USER"
 fi
 if [ -d /home/jibri ]; then
  deluser --remove-home  jibri
  rm -r /home/jibri
 fi
 groupdel  jibri
 #Remove crontab
 crontab -l | grep -v '@weekly certbot renew --nginx' | crontab -
 crontab -l
 echo "We are done..."
--- a/tools/test-jibri-env.sh
+++ b/tools/test-jibri-env.sh
@ -1,6 +1,6 @@
 #!/bin/bash
 # Simple Jibri Env tester
-# 2020 - SwITNet Ltd
+# SwITNet Ltd © - 2024, https://switnet.net/
 # GNU GPLv3 or later.
 while getopts m: option
@ -8,7 +8,7 @@ do
 	case "${option}"
 	in
 		m) MODE=${OPTARG};;
-		\?) echo "Usage: sudo ./test-jibri-env.sh [-m debug]" && exit;;
+		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
 	esac
 done
@ -25,34 +25,44 @@ echo -e '
 \n'
 #Check if user is root
-if ! [ $(id -u) = 0 ]; then
+if ! [ "$(id -u)" = 0 ]; then
   echo "You need to be root or have sudo privileges!"
   exit 0
 fi
 echo "Checking for updates...."
 apt-get -q2 update
-apt-get -yq2 install apt-show-versions
+apt-get -yq2 install apt-show-versions \
-
+                     curl
 JITSI_REPO=$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f1)
 SND_AL_MODULE=$(lsmod | awk '{print$1}'| grep snd_aloop)
 HWE_VIR_MOD=$(apt-cache madison linux-modules-extra-virtual-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "extra-virtual-hwe")
 CONF_JSON="/etc/jitsi/jibri/config.json"
 JIBRI_CONF="/etc/jitsi/jibri/jibri.conf"
 CHD_VER="$(/usr/local/bin/chromedriver --version 2>/dev/null| awk '{print$1,$2}')"
 GOOGL_VER="$(/usr/bin/google-chrome --version 2>/dev/null)"
 check_google_binaries() {
 if [ -z "$2" ]; then
  echo "Warning: No $1 doesn't seem installed"
 else
-  echo $2
+  echo "$2"
 fi
 }
 # True if $1 is greater than $2
 version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
 JITSI_REPO="$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f1)"
 SND_AL_MODULE=$(lsmod | awk '{print$1}'| grep snd_aloop)
 HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")"
 CONF_JSON="/etc/jitsi/jibri/config.json"
 JIBRI_CONF="/etc/jitsi/jibri/jibri.conf"
 JMS_DOMAIN="$(awk -F '"' '/xmpp-domain/{print$2}' "$JIBRI_CONF")"
 CHDB="$(whereis chromedriver | awk '{print$2}')"
 CHD_VER_LOCAL="$($CHDB --version 2>/dev/null| awk '{print$1,$2}')"
 GOOGL_VER_LOCAL="$(/usr/bin/google-chrome --version 2>/dev/null)"
 CHD_VER_2D="$(echo "$CHD_VER_LOCAL"|awk '{print$2}'|cut -d "." -f 1,2)"
 GOOGL_VER_2D="$(echo "$GOOGL_VER_LOCAL"|awk '{print$3}'|cut -d "." -f 1,2)"
 CHD_LTST="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
 CHD_LTST_2D="$(echo "$CHD_LTST"|cut -d "." -f 1,2)"
 #T1
 echo -e "\n#1 -- Check repository --\n"
-if [ -z $JITSI_REPO ]; then
+if [ -z "$JITSI_REPO" ]; then
    echo "No repository detected, wait whaaaat?..."
    while [[ "$CONT_TEST" != "yes" && "$CONT_TEST" != "no" ]]
    do
@ -62,7 +72,7 @@ if [ -z $JITSI_REPO ]; then
        exit
      elif [ "$CONT_TEST" = "yes" ]; then
        echo "Hmm, seems there won't be anything to test, continuing anyway..."
-        T=0
+        T1=0
      fi
    done
 else
@ -81,52 +91,80 @@ else
 fi
 if [ "$(apt-show-versions jibri | grep -c "uptodate")" = "1" ]; then
-echo -e "Jibri is already up to date: \xE2\x9C\x94"
+    echo -e "Jibri is already up to date: \xE2\x9C\x94"
 else
-echo -e "\nAttempting jibri upgrade!"
+    echo -e "\nAttempting jibri upgrade!"
-apt -y install --only-upgrade jibri
+    apt-get -y install --only-upgrade jibri
 fi
 T2=1
 #T3
 echo -e "\n#3 -- Check Google Chrome/driver software.  --\n"
-check_google_binaries "Chromedriver" "$CHD_VER"
+check_google_binaries "Google Chrome" "$GOOGL_VER_LOCAL"
-check_google_binaries "Google Chrome" "$GOOGL_VER"
+check_google_binaries "Chromedriver" "$CHD_VER_LOCAL"
-if [ ! -z "$CHD_VER" ] && [ ! -z "$GOOGL_VER" ]; then
+
-T3=1
+if [ -n "$CHD_VER_LOCAL" ] && [ -n "$GOOGL_VER_LOCAL" ]; then
-elif [ -z "$CHD_VER" ] || [ -z "$GOOGL_VER" ]; then
+# Chrome upgrade process
-T3=0
+  if [ "$(apt-show-versions google-chrome-stable | grep -c "uptodate")" = "1" ]; then
-else
+    echo -e "Google Chrome is already up to date: \xE2\x9C\x94"
-T3=0
+  else
    echo -e "\nAttempting Google Chrome upgrade!"
    apt-get -yq install --only-upgrade google-chrome-stable
  fi
 # Only upgrade chromedriver if it's on a lower version, not just a different one.
  if [ "$CHD_VER_2D" = "$GOOGL_VER_2D" ]; then
      echo -e "\nChromedriver version seems according to Google Chrome: \xE2\x9C\x94"
      T3=1
      elif version_gt "$GOOGL_VER_2D" "$CHD_VER_2D" && \
      [ "$GOOGL_VER_2D" = "$CHD_LTST_2D" ]; then
          echo -e "\nAttempting  Chromedriver update!"
          wget -q https://chromedriver.storage.googleapis.com/"$CHD_LTST"/chromedriver_linux64.zip \
               -O /tmp/chromedriver_linux64.zip
          unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/
          chown root:root "$CHDB"
          chmod 0755 "$CHDB"
          rm -rf /tpm/chromedriver_linux64.zip
          if [ "$($CHDB -v | awk '{print $2}'|cut -d "." -f 1,2)" = "$GOOGL_VER_2D" ]; then
              echo "Successful update"
              T3=1
          else
              echo "Something might gone wrong on the update process, please report."
              T3=0
          fi
      else
      T3=0
  fi
 else
  T3=0
 fi
 #T4
 echo -e "\n#4 -- Test kernel modules --\n"
-if [ -z $SND_AL_MODULE ]; then
+if [ -z "$SND_AL_MODULE" ]; then
 #First make sure the recommended kernel is installed.
-  if [ "$HWE_VIR_MOD" == "1" ]; then
+  if [ "$HWE_VIR_MOD" = "1" ]; then
      apt-get -y install \
-      linux-image-generic-hwe-$(lsb_release -sr) \
+      linux-image-generic-hwe-"$(lsb_release -sr)"
-      linux-modules-extra-virtual-hwe-$(lsb_release -sr)
+      else
    else
      apt-get -y install \
-      linux-modules-extra-$(uname -r)
+      linux-image-generic \
      linux-modules-extra-"$(uname -r)"
  fi
    echo -e "\nNo module snd_aloop detected. \xE2\x9C\x96 <== IMPORTANT! \nCurrent kernel: $(uname -r)\n"
    echo -e "\nIf you just installed a new kernel, \
 please try rebooting.\nFor now wait 'til the end of the recommended kernel installation."
  echo "# Check and Install HWE kernel if possible..."
  if uname -r | grep -q aws;then
-  KNL_HWE="$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr)|head -n1|awk '{print$3}'|cut -d "." -f1-4)"
+  KNL_HWE="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)"|awk 'NR==1{print$3}'|cut -d "." -f1-4)"
-  KNL_MENU="$(awk -F\' '/menuentry / {print $2}' /boot/grub/grub.cfg | grep generic | grep -v recovery | awk '{print$3,$4}'|grep $KNL_HWE)"
+  KNL_MENU="$(awk -F\' '/menuentry / {print $2}' /boot/grub/grub.cfg|awk '!/recovery/&&/generic/{print$3,$4}'|grep "$KNL_HWE")"
-      if [ ! -z "$KNL_MENU" ];then
+      if [ -n "$KNL_MENU" ];then
      echo -e "\nSeems you are using an AWS kernel \xE2\x9C\x96 <== IMPORTANT! \nYou might consider modify your grub (/etc/default/grub) to use the following:" && \
      echo -e "\n > $KNL_MENU"
      fi
  fi
  T4=0
 else
-    echo -e "Great!\nModule snd-aloop found!"
+    echo -e "Great!, module snd-aloop found. \xE2\x9C\x94"
    T4=1
 fi
@ -134,14 +172,14 @@ fi
 echo -e "\n#5 -- Test .asoundrc file --\n"
 ASRC_MASTER="https://raw.githubusercontent.com/jitsi/jibri/master/resources/debian-package/etc/jitsi/jibri/asoundrc"
 ASRC_INSTALLED="/home/jibri/.asoundrc"
-ASRC_MASTER_MD5SUM=$(curl -sL $ASRC_MASTER | md5sum | cut -d ' ' -f 1)
+ASRC_MASTER_MD5SUM="$(curl -sL "$ASRC_MASTER" | md5sum | cut -d ' ' -f 1)"
-ASRC_INSTALLED_MD5SUM=$(md5sum $ASRC_INSTALLED | cut -d ' ' -f 1)
+ASRC_INSTALLED_MD5SUM="$(md5sum "$ASRC_INSTALLED" | cut -d ' ' -f 1)"
 if [ "$ASRC_MASTER_MD5SUM" == "$ASRC_INSTALLED_MD5SUM" ]; then
-    echo "Seems to be using the latest asoundrc file available!"
+    echo -e "Seems to be using the latest asoundrc file available. \xE2\x9C\x94"
    T5=1
 else
-    echo "asoundrc files differ, if you have errors, you might wanna check this file!"
+    echo -e "asoundrc files differ, if you have errors, you might wanna check this file \xE2\x9C\x96"
    T5=0
 fi
@ -149,30 +187,52 @@ fi
 echo -e "\n#6 -- Old or new config --\n"
 echo -e "What config version is this using?"
-if [ -f ${CONF_JSON}_disabled ] && \
+if [ -f "${CONF_JSON}"_disabled ] && \
-   [ -f $JIBRI_CONF ] && \
+   [ -f "$JIBRI_CONF" ] && \
-   [ -f $JIBRI_CONF-dpkg-file ]; then
+   [ -f "$JIBRI_CONF"-dpkg-file ]; then
-    echo -e "\n> This jibri config has been upgraded already.\n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
+    echo -e "\n> This jibri config has been upgraded already. \xE2\x9C\x94 \n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
-https://github.com/switnet-ltd/quick-jibri-installer/issues\n"
+https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
 T6=1
-elif [ ! -f $CONF_JSON ] && \
+elif [ ! -f "$CONF_JSON" ] && \
-   [ -f $JIBRI_CONF ] && \
+     [ -f "$JIBRI_CONF" ] && \
-   [ -f ${JIBRI_CONF}-dpkg-file ]; then
+     [ -f "${JIBRI_CONF}"-dpkg-file ]; then
-    echo -e "\n> This jibri seems to be running the lastest configuration already.\n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
+    echo -e "\n> This jibri seems to be running the latest configuration already. \xE2\x9C\x94 \n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
-https://github.com/switnet-ltd/quick-jibri-installer/issues\n"
+https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
 T6=1
-elif [ -f ${CONF_JSON} ] && \
+elif [ -f "${CONF_JSON}" ] && \
-   [ -f $JIBRI_CONF ]; then
+     [ -f "$JIBRI_CONF" ]; then
-    echo -e "\n> This jibri config seems to be candidate for upgrading.\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
+    echo -e "\n> This jibri config seems to be candidate for upgrading. \xE2\x9C\x96 \nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
-https://github.com/switnet-ltd/quick-jibri-installer/issues\n"
+https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
 T6=0
 fi
-TEST_TOTAL=$((T1 + T2 + T3 + T4 + T5 + T6))
+#T6.1
 echo -e "\n#6.1 -- Check for specific Chrome flag --\n"
 if [ "$(grep -c "ignore-certificate-errors"  $JIBRI_CONF)" != 0 ]; then
    echo -e "\n> Seems you have the \"--ignore-certificate-errors\" flag required for Chrome v88 and later. \xE2\x9C\x94 \n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
 https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
 T6_1="0.1"
 else
 echo -e "\n> The jibri config may be missing the required chrome flags. \xE2\x9C\x96 \nPlease check:\n https://forge.switnet.net/switnet/quick-jibri-installer/src/branch/master/quick_jibri_installer.sh#L870 \n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
 https://forge.switnet.net/switnet/quick-jibri-installer/issues\n"
 T6_1=0
 fi
 #T7
 echo -e "\n#7 -- Check for open communication port among Jibri and JMS --\n"
 if ! nc -z -v -w5 "$JMS_DOMAIN" 5222 ; then
  echo -e "Connection failed! \xE2\x9C\x96\n > You might want to check both Jibri & JMS firewall rules (TCP 5222)."
  T7=0
 else
  echo -e "Connection succeeded! \xE2\x9C\x94\n"
  T7=1
 fi
 TEST_TOTAL=$(awk "BEGIN{ print $T1 + $T2 + $T3 + $T4 + $T5 + $T6 + $T6_1 + $T7 }")
 echo "
-###########################
+##############################
     \
-Score: $TEST_TOTAL out of 6
+Score: $TEST_TOTAL out of 7.1
-###########################
+##############################
 "
 echo -e "\nJibri Test complete, thanks for testing.\n"
		`@ -0,0 +1 @@`
							`<?xml version="1.0" encoding="UTF-8"?><svg xmlns="http://www.w3.org/2000/svg" width="1" height="1"/>`