From 265c1151a440de778a7359ca357d4d79c284b537 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Sat, 18 Jan 2025 01:57:59 -0600 Subject: [PATCH 01/20] quick_jibri_installer.sh: update and fix for newer release (2025) --- patches/jigasi/001-jigasi-meet-config.patch | 8 ++++---- quick_jibri_installer.sh | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/patches/jigasi/001-jigasi-meet-config.patch b/patches/jigasi/001-jigasi-meet-config.patch index 41f5b8f..af6f8d0 100644 --- a/patches/jigasi/001-jigasi-meet-config.patch +++ b/patches/jigasi/001-jigasi-meet-config.patch @@ -29,10 +29,10 @@ index f412891..f704157 100644 // // Transcriber language. This settings will only work if "useAppLanguage" // // is explicitly set to false. -@@ -453,7 +453,7 @@ var config = { - - // // Enables automatic turning on transcribing when recording is started - // autoTranscribeOnRecord: false, +@@ -484,7 +484,7 @@ var config = { + // // Enables automatic request of subtitles when transcriber is present in the meeting, uses the default + // // language that is set + // autoCaptionOnTranscribe: false, - // }, + }, diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index a5176ba..f93447e 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -1050,7 +1050,7 @@ sed -i "s|// startAudioMuted: 10,|startAudioMuted: 2,|" "$MEET_CONF" [ "$ENABLE_WELCP" = "yes" ] && ENABLE_WELCP_BOL=true [ "$ENABLE_WELCP" = "no" ] && ENABLE_WELCP_BOL=false export ENABLE_WELCP_BOL -echo "> Patching config.js to modify welcompage behavior..." +echo "> Patching config.js to modify welcome page behavior..." echo " Read more about patches at the patches folder." envsubst < \ patches/jitsi-meet/002-jitsi-meet-welcome-page-on-off.patch | \ -- 2.34.1 From 22957eddf4ce114fd3973cc2c28d1e94ba186c97 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Sat, 18 Jan 2025 02:13:55 -0600 Subject: [PATCH 02/20] quick_jibri_installer.sh: add 24.04 support for Ubuntu and Trisquel. --- quick_jibri_installer.sh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index f93447e..aa5d8bd 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -68,8 +68,9 @@ rename_distro() { fi } #Trisquel distro upstream referencing. -rename_distro nabia focal -rename_distro aramo jammy +rename_distro nabia focal +rename_distro aramo jammy +rename_distro ecne noble install_ifnot() { if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then @@ -189,7 +190,8 @@ fi printf "\nOS: %s" "$(lsb_release -sd)" if [ "$DIST" = "focal" ] || \ - [ "$DIST" = "jammy" ]; then + [ "$DIST" = "jammy" ] || \ + [ "$DIST" = "noble" ]; then printf "\nGood, this is a supported platform!" else printf "\nSorry, this platform is not supported... exiting" -- 2.34.1 From 44c21e174ab3218358a9ca9a8bbe1c00c4230375 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Mon, 20 Jan 2025 01:23:49 -0600 Subject: [PATCH 03/20] fix bad apt call --- etherpad-docker.sh | 2 +- tools/jibri-conf-upgrade.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/etherpad-docker.sh b/etherpad-docker.sh index 81ab2c3..5788d37 100644 --- a/etherpad-docker.sh +++ b/etherpad-docker.sh @@ -70,7 +70,7 @@ else /etc/apt/sources.list.d/docker-ce.list wget -qO - https://download.docker.com/linux/ubuntu/gpg | \ gpg --dearmor | tee /etc/apt/trusted.gpg.d/docker-gpg-key.gpg >/dev/null - apt -q2 update + apt-get -q2 update fi read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS diff --git a/tools/jibri-conf-upgrade.sh b/tools/jibri-conf-upgrade.sh index d899ff3..527876c 100644 --- a/tools/jibri-conf-upgrade.sh +++ b/tools/jibri-conf-upgrade.sh @@ -31,7 +31,7 @@ if ! [ "$(id -u)" = 0 ]; then fi echo "Checking for updates...." -apt -q2 update +apt-get -q2 update apt install -y \ apt-show-versions \ jq -- 2.34.1 From 3ba587fc4fa6c3efed4ef4f5b21e23b155f6db90 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Mon, 20 Jan 2025 01:50:09 -0600 Subject: [PATCH 04/20] standardize on docker.io as distro package. --- etherpad-docker.sh | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/etherpad-docker.sh b/etherpad-docker.sh index 5788d37..b7f6f7c 100644 --- a/etherpad-docker.sh +++ b/etherpad-docker.sh @@ -59,20 +59,8 @@ PSGVER="$(apt-cache madison postgresql|tr -d '[:blank:]'|awk -F'[|+]' 'NR==1{pri ETHERPAD_DB_USER="dockerpad" ETHERPAD_DB_NAME="etherpad" ETHERPAD_DB_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)" -DOCKER_CE_REPO="$(check_apt_policy docker)" WS_CONF_MATCH1="# ensure all static content can always be found first" -echo "Add Docker repo" -if [ "$DOCKER_CE_REPO" = "stable" ]; then - echo "Docker repository already installed" -else - echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > \ - /etc/apt/sources.list.d/docker-ce.list - wget -qO - https://download.docker.com/linux/ubuntu/gpg | \ - gpg --dearmor | tee /etc/apt/trusted.gpg.d/docker-gpg-key.gpg >/dev/null - apt-get -q2 update -fi - read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS # Make sure we can rely on the match strings. @@ -80,7 +68,7 @@ printf "> Testing match strings on config files.\n" test_match "$WS_MATCH1" "$WS_CONF" # Install required packages -install_ifnot docker-ce +install_ifnot docker.io install_ifnot postgresql-"$PSGVER" # Create DB -- 2.34.1 From 60c4641c570ef14de2647dbb6066c9c5e10dc59a Mon Sep 17 00:00:00 2001 From: Ark74 Date: Mon, 20 Jan 2025 02:36:44 -0600 Subject: [PATCH 05/20] remove possible duplication of wasm definition --- quick_jibri_installer.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index aa5d8bd..e823aa4 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -989,6 +989,9 @@ else echo -n "No condition meet, please report to:" echo "https://forge.switnet.net/switnet/quick-jibri-installer/issues" fi +# Remove possible duplication of wasm definition. +grep -q wasm /etc/nginx/mime.types && sed -i '/types {/,/}/ {/wasm/d}' "$WS_CONF" + sleep .1 #================== Setup prosody conf file ================= -- 2.34.1 From 031eb1cac634ccf665f5c0b2baba1d66940c0824 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Mon, 20 Jan 2025 02:54:04 -0600 Subject: [PATCH 06/20] replace htop in favor of btop --- quick_jibri_installer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index e823aa4..17c81fe 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -388,7 +388,7 @@ apt-get -y install \ curl \ ffmpeg \ git \ - htop \ + btop \ jq \ net-tools \ rsync \ -- 2.34.1 From b1e8a058547b60dc1f75eec415720a10bf69d0a9 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Mon, 20 Jan 2025 05:00:48 -0600 Subject: [PATCH 07/20] replace docker container with docker-compose --- etherpad-docker.sh | 58 +++++++++++++++++++++++----------------------- 1 file changed, 29 insertions(+), 29 deletions(-) diff --git a/etherpad-docker.sh b/etherpad-docker.sh index b7f6f7c..4bd1053 100644 --- a/etherpad-docker.sh +++ b/etherpad-docker.sh @@ -13,9 +13,8 @@ do esac done -#DEBUG if [ "$MODE" = "debug" ]; then -set -x + set -x fi if ! [ "$(id -u)" = 0 ]; then @@ -32,7 +31,9 @@ echo ' ' FORGE_REPO="https://forge.switnet.net/switnet/quick-jibri-installer" check_apt_policy() { -apt-cache policy 2>/dev/null| awk "/$1/{print \$3}" | awk -F '/' 'NR==1{print$2}' + apt-cache policy 2>/dev/null| \ + awk "/$1/{print \$3}" | \ + awk -F '/' 'NR==1{print$2}' } install_ifnot() { if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then @@ -69,6 +70,7 @@ test_match "$WS_MATCH1" "$WS_CONF" # Install required packages install_ifnot docker.io +install_ifnot docker-compose install_ifnot postgresql-"$PSGVER" # Create DB @@ -78,29 +80,27 @@ CREATE DATABASE ${ETHERPAD_DB_NAME}; CREATE USER ${ETHERPAD_DB_USER} WITH ENCRYPTED PASSWORD '${ETHERPAD_DB_PASS}'; GRANT ALL PRIVILEGES ON DATABASE ${ETHERPAD_DB_NAME} TO ${ETHERPAD_DB_USER}; DB -echo " -- Your etherpad db password is: $ETHERPAD_DB_PASS" -echo -e " Please save it somewhere safe.\n" -# Check fot docker if not running then execute -if [ ! "$(docker ps -q -f name=etherpad)" ]; then - if [ "$(docker ps -aq -f status=exited -f name=etherpad)" ]; then - # cleanup - docker rm etherpad - fi - # run your container - docker run -d --restart always \ - --network=host \ - --name etherpad \ - -p 127.0.0.1:9001:9001 \ - -e "ADMIN_PASSWORD=$ETHERPAD_ADMIN_PASS" \ - -e "DB_TYPE=postgres" \ - -e "DB_HOST=localhost" \ - -e "DB_PORT=5432" \ - -e "DB_NAME=$ETHERPAD_DB_NAME" \ - -e "DB_USER=$ETHERPAD_DB_USER" \ - -e "DB_PASS=$ETHERPAD_DB_PASS" \ - -i -t etherpad/etherpad -fi +# Set environment varibales for docker +mkdir /opt/etherpat +cat << EOF > /opt/etherpat/.env +DOCKER_COMPOSE_APP_ADMIN_PASSWORD="$ETHERPAD_ADMIN_PASS" +DOCKER_COMPOSE_APP_DB_CHARSET="utf8mb4" +DOCKER_COMPOSE_POSTGRES_HOST="localhost" +DOCKER_COMPOSE_POSTGRES_USER="$ETHERPAD_DB_USER" +DOCKER_COMPOSE_POSTGRES_DATABASE="$ETHERPAD_DB_NAME" +DOCKER_COMPOSE_POSTGRES_PASSWORD="$ETHERPAD_DB_PASS" +DOCKER_COMPOSE_POSTGRES_PORT="5432" +#DOCKER_COMPOSE_APP_DEFAULT_PAD_TEXT= +DOCKER_COMPOSE_APP_DISABLE_IP_LOGGING="false" +DOCKER_COMPOSE_APP_SOFFICE="null" +DOCKER_COMPOSE_APP_TRUST_PROXY="true" +EOF +chmod 600 /opt/etherpat/.env +cp files/etherpad/docker-compose.yml /opt/etherpat/ +chmod 644 /opt/etherpat/docker-compose.yml + +docker-compose -f /opt/etherpat/docker-compose.yml up -d # Tune webserver for Jitsi App control @@ -121,8 +121,8 @@ elif [ -f "$WS_CONF" ]; then sed -i "/$WS_CONF_MATCH1/i \ \ \ \ }" "$WS_CONF" sed -i "/$WS_CONF_MATCH1/i \\\n" "$WS_CONF" else - echo "> No etherpad config done to server file, please report to: - -> https://forge.switnet.net/switnet/quick-jibri-installer/issues" + echo "> No etherpad config done to server file, please report to:" + echo " -> https://forge.switnet.net/switnet/quick-jibri-installer/issues" fi # Configure config.js @@ -140,6 +140,6 @@ if nginx -t 2>/dev/null ; then # systemctl reload nginx else echo "Please check your configuration, something may be wrong." - echo "Will not try to enable etherpad nginx configuration, please report to: - -> https://forge.switnet.net/switnet/quick-jibri-installer/issues" + echo "Will not try to enable etherpad nginx configuration, please report to:" + echo " -> https://forge.switnet.net/switnet/quick-jibri-installer/issues" fi -- 2.34.1 From 09f8f4ccec745a2d391788afb95ef3ef6428d07f Mon Sep 17 00:00:00 2001 From: Ark74 Date: Mon, 20 Jan 2025 05:02:23 -0600 Subject: [PATCH 08/20] add custom docker-compose file --- files/etherpad/docker-compose.yml | 37 +++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 files/etherpad/docker-compose.yml diff --git a/files/etherpad/docker-compose.yml b/files/etherpad/docker-compose.yml new file mode 100644 index 0000000..b7610a8 --- /dev/null +++ b/files/etherpad/docker-compose.yml @@ -0,0 +1,37 @@ +version: '3.8' + +services: + app: + user: "0:0" + image: etherpad/etherpad:latest + tty: true + stdin_open: true + volumes: + - plugins:/opt/etherpad-lite/src/plugin_packages + - etherpad-var:/opt/etherpad-lite/var + env_file: + - .env + environment: + NODE_ENV: production + ADMIN_PASSWORD: ${DOCKER_COMPOSE_APP_ADMIN_PASSWORD:-admin} + DB_CHARSET: ${DOCKER_COMPOSE_APP_DB_CHARSET:-utf8mb4} + DB_HOST: ${DOCKER_COMPOSE_POSTGRES_HOST:-localhost} + DB_NAME: ${DOCKER_COMPOSE_POSTGRES_DATABASE:-etherpad} + DB_PASS: ${DOCKER_COMPOSE_POSTGRES_PASSWORD:-admin} + DB_PORT: ${DOCKER_COMPOSE_POSTGRES_PORT:-5432} + DB_TYPE: "postgres" + DB_USER: ${DOCKER_COMPOSE_POSTGRES_USER:-admin} + DEFAULT_PAD_TEXT: ${DOCKER_COMPOSE_APP_DEFAULT_PAD_TEXT:- } + DISABLE_IP_LOGGING: ${DOCKER_COMPOSE_APP_DISABLE_IP_LOGGING:-false} + SOFFICE: ${DOCKER_COMPOSE_APP_SOFFICE:-null} + TRUST_PROXY: ${DOCKER_COMPOSE_APP_TRUST_PROXY:-true} + restart: always + ports: + - "${DOCKER_COMPOSE_APP_PORT:-9001}:9001" + +volumes: + plugins: + driver: local + etherpad-var: + driver: local + -- 2.34.1 From c4ea620a73077c43701f437db6df511b95922246 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Mon, 20 Jan 2025 05:03:34 -0600 Subject: [PATCH 09/20] add missing debug modes and standardize initial checks. --- add-jibri-node.sh | 14 ++++++-------- add-jvb2-node.sh | 15 ++++++--------- excalidraw-backend.sh | 36 ++++++++++++++++++------------------ grafana.sh | 3 +-- jigasi-vosk-backend.sh | 15 ++++++++++++++- jitsi-updater.sh | 14 +++++++------- jm-bm.sh | 8 ++++++-- jra_nextcloud.sh | 2 +- quick_jibri_installer.sh | 1 - 9 files changed, 59 insertions(+), 49 deletions(-) diff --git a/add-jibri-node.sh b/add-jibri-node.sh index b548bba..86aa17d 100644 --- a/add-jibri-node.sh +++ b/add-jibri-node.sh @@ -16,9 +16,13 @@ do esac done -#DEBUG if [ "$MODE" = "debug" ]; then -set -x + set -x +fi + +if ! [ "$(id -u)" = 0 ]; then + echo "You need to be root or have sudo privileges!" + exit 0 fi #Make sure the file name is the required one @@ -28,12 +32,6 @@ if [ ! "$(basename "$0")" = "add-jibri-node.sh" ]; then exit fi -#Check admin rights -if ! [ "$(id -u)" = 0 ]; then - echo "You need to be root or have sudo privileges!" - exit 0 -fi - ### 0_VAR_DEF MAIN_SRV_DIST=TBD MAIN_SRV_REPO=TBD diff --git a/add-jvb2-node.sh b/add-jvb2-node.sh index 7cf37d0..1afe811 100644 --- a/add-jvb2-node.sh +++ b/add-jvb2-node.sh @@ -16,9 +16,13 @@ do esac done -#DEBUG if [ "$MODE" = "debug" ]; then -set -x + set -x +fi + +if ! [ "$(id -u)" = 0 ]; then + echo "You need to be root or have sudo privileges!" + exit 0 fi #Make sure the file name is the required one @@ -28,13 +32,6 @@ if [ ! "$(basename "$0")" = "add-jvb2-node.sh" ]; then exit fi - -#Check admin rights -if ! [ "$(id -u)" = 0 ]; then - echo "You need to be root or have sudo privileges!" - exit 0 -fi - ### 0_VAR_DEF MAIN_SRV_DIST=TBD MAIN_SRV_REPO=TBD diff --git a/excalidraw-backend.sh b/excalidraw-backend.sh index 0dc4a03..fa29c3b 100644 --- a/excalidraw-backend.sh +++ b/excalidraw-backend.sh @@ -7,6 +7,24 @@ # SwITNet Ltd © - 2024, https://switnet.net/ # GPLv3 or later. +while getopts m: option +do + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; + esac +done + +if [ "$MODE" = "debug" ]; then + set -x +fi + +if ! [ "$(id -u)" = 0 ]; then + echo "You need to be root or have sudo privileges!" + exit 0 +fi + # Reset Color_Off='\e[0m' # Text Reset # Regular Colors @@ -52,24 +70,6 @@ else fi } -while getopts m: option -do - case "${option}" - in - m) MODE=${OPTARG};; - \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; - esac -done - -#DEBUG -if [ "$MODE" = "debug" ]; then -set -x -fi - -if ! [ "$(id -u)" = 0 ]; then - echo "You need to be root or have sudo privileges!" - exit 0 -fi clear echo -e '\n ######################################################################## diff --git a/grafana.sh b/grafana.sh index 4e1e896..54c7954 100644 --- a/grafana.sh +++ b/grafana.sh @@ -21,9 +21,8 @@ do esac done -#DEBUG if [ "$MODE" = "debug" ]; then -set -x + set -x fi if ! [ "$(id -u)" = 0 ]; then diff --git a/jigasi-vosk-backend.sh b/jigasi-vosk-backend.sh index 293bb25..3e3b3c1 100644 --- a/jigasi-vosk-backend.sh +++ b/jigasi-vosk-backend.sh @@ -3,11 +3,24 @@ # SwITNet Ltd © - 2024, https://switnet.net/ # GPLv3 or later. -#Check if user is root +while getopts m: option +do + case "${option}" + in + m) MODE=${OPTARG};; + \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; + esac +done + +if [ "$MODE" = "debug" ]; then + set -x +fi + if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have sudo privileges!" exit 0 fi + exit_if_not_installed() { if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then echo " This instance doesn't have $1 installed, exiting..." diff --git a/jitsi-updater.sh b/jitsi-updater.sh index 0e04af2..92f399b 100644 --- a/jitsi-updater.sh +++ b/jitsi-updater.sh @@ -13,9 +13,13 @@ do esac done -#DEBUG if [ "$MODE" = "debug" ]; then -set -x + set -x +fi + +if ! [ "$(id -u)" = 0 ]; then + echo "You need to be root or have sudo privileges!" + exit 0 fi Blue='\e[0;34m' @@ -27,11 +31,7 @@ Color_Off='\e[0m' printwc() { printf "%b$2%b" "$1" "${Color_Off}" } -#Check if user is root -if ! [ "$(id -u)" = 0 ]; then - echo "You need to be root or have sudo privileges!" - exit 0 -fi + if [ ! -f jm-bm.sh ]; then echo "Please check that you are running the jitsi updater while being on the project folder" echo "other wise the updater might have errors or be incomplete. Exiting..." diff --git a/jm-bm.sh b/jm-bm.sh index 58b5c10..3c81c55 100644 --- a/jm-bm.sh +++ b/jm-bm.sh @@ -13,9 +13,13 @@ do esac done -#DEBUG if [ "$MODE" = "debug" ]; then -set -x + set -x +fi + +if ! [ "$(id -u)" = 0 ]; then + echo "You need to be root or have sudo privileges!" + exit 0 fi DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" diff --git a/jra_nextcloud.sh b/jra_nextcloud.sh index ccedcdd..c6e5b60 100644 --- a/jra_nextcloud.sh +++ b/jra_nextcloud.sh @@ -12,7 +12,6 @@ do esac done -#DEBUG if [ "$MODE" = "debug" ]; then set -x fi @@ -21,6 +20,7 @@ if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have sudo privileges!" exit 0 fi + exit_if_not_installed() { if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then echo " This instance doesn't have $1 installed, exiting..." diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index 17c81fe..54073ae 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -14,7 +14,6 @@ do esac done -#DEBUG if [ "$MODE" = "debug" ]; then set -x fi -- 2.34.1 From 4a432785d64a270430e55fba258882e4a6e5558d Mon Sep 17 00:00:00 2001 From: Ark74 Date: Mon, 20 Jan 2025 14:46:10 -0600 Subject: [PATCH 10/20] fix path and loosen permissions for testing --- etherpad-docker.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/etherpad-docker.sh b/etherpad-docker.sh index 4bd1053..323e48c 100644 --- a/etherpad-docker.sh +++ b/etherpad-docker.sh @@ -82,8 +82,8 @@ GRANT ALL PRIVILEGES ON DATABASE ${ETHERPAD_DB_NAME} TO ${ETHERPAD_DB_USER}; DB # Set environment varibales for docker -mkdir /opt/etherpat -cat << EOF > /opt/etherpat/.env +mkdir /opt/etherpad +cat << EOF > /opt/etherpad/.env DOCKER_COMPOSE_APP_ADMIN_PASSWORD="$ETHERPAD_ADMIN_PASS" DOCKER_COMPOSE_APP_DB_CHARSET="utf8mb4" DOCKER_COMPOSE_POSTGRES_HOST="localhost" @@ -96,11 +96,11 @@ DOCKER_COMPOSE_APP_DISABLE_IP_LOGGING="false" DOCKER_COMPOSE_APP_SOFFICE="null" DOCKER_COMPOSE_APP_TRUST_PROXY="true" EOF -chmod 600 /opt/etherpat/.env -cp files/etherpad/docker-compose.yml /opt/etherpat/ -chmod 644 /opt/etherpat/docker-compose.yml +chmod 644 /opt/etherpad/.env +cp files/etherpad/docker-compose.yml /opt/etherpad/ +chmod 644 /opt/etherpad/docker-compose.yml -docker-compose -f /opt/etherpat/docker-compose.yml up -d +docker-compose -f /opt/etherpad/docker-compose.yml up -d # Tune webserver for Jitsi App control -- 2.34.1 From d3bd56e45ce5f12a0a479fc95195762a208378ff Mon Sep 17 00:00:00 2001 From: Ark74 Date: Mon, 20 Jan 2025 22:13:26 -0600 Subject: [PATCH 11/20] update year --- README.md | 2 +- add-jibri-node.sh | 2 +- add-jvb2-node.sh | 2 +- etherpad-docker.sh | 2 +- excalidraw-backend.sh | 2 +- grafana.sh | 2 +- jigasi-vosk-backend.sh | 2 +- jitsi-updater.sh | 2 +- jm-bm.sh | 2 +- jra_nextcloud.sh | 2 +- mode/chp-mode.sh | 2 +- mode/grid/selenium-grid-docker.sh | 2 +- mode/jms-stu.sh | 2 +- mode/jwt.sh | 2 +- patches/jigasi/001-jigasi-meet-config.patch | 2 +- patches/jigasi/002-jigasi-sip-properties.patch | 2 +- .../001-jitsi-meet-enable-livestreaming-and-recording.patch | 2 +- patches/jitsi-meet/002-jitsi-meet-welcome-page-on-off.patch | 2 +- quick_jibri_installer.sh | 2 +- tools/aws-grub-setup.sh | 2 +- tools/fail2ban_ssh.sh | 2 +- tools/jibri-conf-upgrade.sh | 2 +- tools/jibri-resolution-enhancer.sh | 2 +- tools/prepare_php.sh | 2 +- tools/start-over.sh | 2 +- tools/test-jibri-env.sh | 2 +- 26 files changed, 26 insertions(+), 26 deletions(-) diff --git a/README.md b/README.md index 07104ed..d65c750 100644 --- a/README.md +++ b/README.md @@ -118,4 +118,4 @@ Feel free to use our `test-jibri-env.sh` tool to find some details on your curre Please note: This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY. -SwITNet Ltd © - 2024, https://switnet.net/ +SwITNet Ltd © - 2025, https://switnet.net/ diff --git a/add-jibri-node.sh b/add-jibri-node.sh index 86aa17d..f821a11 100644 --- a/add-jibri-node.sh +++ b/add-jibri-node.sh @@ -1,6 +1,6 @@ #!/bin/bash # Jibri Node Aggregator -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GPLv3 or later. ### 0_LAST EDITION TIME STAMP ### diff --git a/add-jvb2-node.sh b/add-jvb2-node.sh index 1afe811..eb255e4 100644 --- a/add-jvb2-node.sh +++ b/add-jvb2-node.sh @@ -1,6 +1,6 @@ #!/bin/bash # JVB2 Node Aggregator -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GPLv3 or later. ### 0_LAST EDITION TIME STAMP ### diff --git a/etherpad-docker.sh b/etherpad-docker.sh index 323e48c..cc97857 100644 --- a/etherpad-docker.sh +++ b/etherpad-docker.sh @@ -1,6 +1,6 @@ #!/bin/bash # Etherpad Installer for Jitsi Meet -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # # GPLv3 or later. diff --git a/excalidraw-backend.sh b/excalidraw-backend.sh index fa29c3b..42410ec 100644 --- a/excalidraw-backend.sh +++ b/excalidraw-backend.sh @@ -4,7 +4,7 @@ # Based on: # - https://community.jitsi.org/t/118883 # -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GPLv3 or later. while getopts m: option diff --git a/grafana.sh b/grafana.sh index 54c7954..76e9ede 100644 --- a/grafana.sh +++ b/grafana.sh @@ -8,7 +8,7 @@ # by "mephisto" # # Igor Kerstges © - 2021 -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # # GPLv3 or later. diff --git a/jigasi-vosk-backend.sh b/jigasi-vosk-backend.sh index 3e3b3c1..8349c12 100644 --- a/jigasi-vosk-backend.sh +++ b/jigasi-vosk-backend.sh @@ -1,6 +1,6 @@ #!/bin/bash # Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems. -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GPLv3 or later. while getopts m: option diff --git a/jitsi-updater.sh b/jitsi-updater.sh index 92f399b..e72c0df 100644 --- a/jitsi-updater.sh +++ b/jitsi-updater.sh @@ -1,7 +1,7 @@ #!/bin/bash # Jitsi Meet recurring upgrader and customization keeper # for Debian/*buntu binaries. -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GNU GPLv3 or later. while getopts m: option diff --git a/jm-bm.sh b/jm-bm.sh index 3c81c55..01123fa 100644 --- a/jm-bm.sh +++ b/jm-bm.sh @@ -1,7 +1,7 @@ #!/bin/bash # Jitsi Meet brandless mode # for Debian/*buntu binaries. -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GNU GPLv3 or later. while getopts m: option diff --git a/jra_nextcloud.sh b/jra_nextcloud.sh index c6e5b60..f6de6ef 100644 --- a/jra_nextcloud.sh +++ b/jra_nextcloud.sh @@ -1,6 +1,6 @@ #!/bin/bash # JRA (Jibri Recordings Access) via Nextcloud -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GPLv3 or later. while getopts m: option diff --git a/mode/chp-mode.sh b/mode/chp-mode.sh index 80708d9..b0dd37a 100644 --- a/mode/chp-mode.sh +++ b/mode/chp-mode.sh @@ -1,6 +1,6 @@ #!/bin/bash # Custom High Performance Jitsi conf -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GPLv3 or later. while getopts m: option diff --git a/mode/grid/selenium-grid-docker.sh b/mode/grid/selenium-grid-docker.sh index 98f7189..6291450 100644 --- a/mode/grid/selenium-grid-docker.sh +++ b/mode/grid/selenium-grid-docker.sh @@ -1,7 +1,7 @@ #!/bin/bash # Custom Selenium Grid-Node fro Jitsi Meet # Pandian © - https://community.jitsi.org/u/Pandian -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GPLv3 or later. while getopts m: option diff --git a/mode/jms-stu.sh b/mode/jms-stu.sh index 49a06ea..1e753f2 100644 --- a/mode/jms-stu.sh +++ b/mode/jms-stu.sh @@ -2,7 +2,7 @@ # System-tune-up to remove system software restrictions on a huge load of connections. # Be aware that hardware/infrastructure resources are the most common limiters. # -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GPLv3 or later. while getopts m: option diff --git a/mode/jwt.sh b/mode/jwt.sh index b6ffccb..58eb82f 100644 --- a/mode/jwt.sh +++ b/mode/jwt.sh @@ -1,6 +1,6 @@ #!/bin/bash # JWT Mode Setup -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GPLv3 or later. while getopts m: option diff --git a/patches/jigasi/001-jigasi-meet-config.patch b/patches/jigasi/001-jigasi-meet-config.patch index af6f8d0..8a121e8 100644 --- a/patches/jigasi/001-jigasi-meet-config.patch +++ b/patches/jigasi/001-jigasi-meet-config.patch @@ -1,5 +1,5 @@ # Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems. -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GPLv3 or later. Enable transcription on jitsi meet config.js file. diff --git a/patches/jigasi/002-jigasi-sip-properties.patch b/patches/jigasi/002-jigasi-sip-properties.patch index 886cc76..cd1bce7 100644 --- a/patches/jigasi/002-jigasi-sip-properties.patch +++ b/patches/jigasi/002-jigasi-sip-properties.patch @@ -1,5 +1,5 @@ # Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems. -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GPLv3 or later. Modify sip-communicator.properties to run Jigasi along with VOSK Models. diff --git a/patches/jitsi-meet/001-jitsi-meet-enable-livestreaming-and-recording.patch b/patches/jitsi-meet/001-jitsi-meet-enable-livestreaming-and-recording.patch index 51b5f9e..77091a8 100644 --- a/patches/jitsi-meet/001-jitsi-meet-enable-livestreaming-and-recording.patch +++ b/patches/jitsi-meet/001-jitsi-meet-enable-livestreaming-and-recording.patch @@ -1,5 +1,5 @@ # Quick Jibri Installer - *buntu (LTS) based systems. -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GPLv3 or later. Patch jitsi-meet config.js to enable recording and livestreaming by default. diff --git a/patches/jitsi-meet/002-jitsi-meet-welcome-page-on-off.patch b/patches/jitsi-meet/002-jitsi-meet-welcome-page-on-off.patch index fab6e3f..e26073b 100644 --- a/patches/jitsi-meet/002-jitsi-meet-welcome-page-on-off.patch +++ b/patches/jitsi-meet/002-jitsi-meet-welcome-page-on-off.patch @@ -1,5 +1,5 @@ # Quick Jibri Installer - *buntu (LTS) based systems. -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GPLv3 or later. Patch jitsi-meet config.js to enable/disable welcome page. diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index 54073ae..50625ed 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -1,6 +1,6 @@ #!/bin/bash # Quick Jibri Installer - *buntu (LTS) based systems. -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GPLv3 or later. { echo "Started at $(date +'%Y-%m-%d %H:%M:%S')" >> qj-installer.log diff --git a/tools/aws-grub-setup.sh b/tools/aws-grub-setup.sh index d3f1eef..d2fdaa5 100644 --- a/tools/aws-grub-setup.sh +++ b/tools/aws-grub-setup.sh @@ -1,6 +1,6 @@ #!/bin/bash # Automated AWS generic kernel setup for jibri. -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GPLv3 or later. while getopts m: option diff --git a/tools/fail2ban_ssh.sh b/tools/fail2ban_ssh.sh index 35487b8..6e24e7f 100644 --- a/tools/fail2ban_ssh.sh +++ b/tools/fail2ban_ssh.sh @@ -1,6 +1,6 @@ #!/bin/bash # Simple Fail2ban configuration -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GNU GPLv3 or later. while getopts m: option diff --git a/tools/jibri-conf-upgrade.sh b/tools/jibri-conf-upgrade.sh index 527876c..ad74c6d 100644 --- a/tools/jibri-conf-upgrade.sh +++ b/tools/jibri-conf-upgrade.sh @@ -1,6 +1,6 @@ #!/bin/bash # Simple Jibri conf updater -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GNU GPLv3 or later. while getopts m: option diff --git a/tools/jibri-resolution-enhancer.sh b/tools/jibri-resolution-enhancer.sh index d671d12..2e90a9c 100644 --- a/tools/jibri-resolution-enhancer.sh +++ b/tools/jibri-resolution-enhancer.sh @@ -1,6 +1,6 @@ #!/bin/bash # Simple Jibri resolution enhancer -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GNU GPLv3 or later. while getopts m: option diff --git a/tools/prepare_php.sh b/tools/prepare_php.sh index a1f890a..ba73638 100644 --- a/tools/prepare_php.sh +++ b/tools/prepare_php.sh @@ -1,6 +1,6 @@ #!/bin/bash # Automated PHP environment build for Nextcloud. -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GPLv3 or later. PHPVER=$1 diff --git a/tools/start-over.sh b/tools/start-over.sh index 31d04a1..84c754a 100644 --- a/tools/start-over.sh +++ b/tools/start-over.sh @@ -1,6 +1,6 @@ #!/bin/bash #Start over -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GPLv3 or later. while getopts m: option diff --git a/tools/test-jibri-env.sh b/tools/test-jibri-env.sh index 321b446..fe651e1 100644 --- a/tools/test-jibri-env.sh +++ b/tools/test-jibri-env.sh @@ -1,6 +1,6 @@ #!/bin/bash # Simple Jibri Env tester -# SwITNet Ltd © - 2024, https://switnet.net/ +# SwITNet Ltd © - 2025, https://switnet.net/ # GNU GPLv3 or later. while getopts m: option -- 2.34.1 From fab9c4abeb856e7645e34104d3096d6214c69c34 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Mon, 20 Jan 2025 22:50:29 -0600 Subject: [PATCH 12/20] replace RSA in favor of ED25519 and increase strenght --- quick_jibri_installer.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/quick_jibri_installer.sh b/quick_jibri_installer.sh index 50625ed..f108e49 100644 --- a/quick_jibri_installer.sh +++ b/quick_jibri_installer.sh @@ -913,10 +913,11 @@ useradd -m -g jibri "$MJS_USER" echo "$MJS_USER:$MJS_USER_PASS" | chpasswd #Create ssh key and restrict connections -sudo su "$MJS_USER" -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''" +sudo su "$MJS_USER" -c "ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -o -a 200 -q -N ''" #Allow password authentication sed -i "s|PasswordAuthentication .*|PasswordAuthentication yes|" /etc/ssh/sshd_config -systemctl restart sshd +systemctl daemon-reload +systemctl restart ssh.service ssh.socket #Setting varibales for add-jibri-node.sh sed -i "s|MAIN_SRV_DIST=.*|MAIN_SRV_DIST=\"$DIST\"|" add-jibri-node.sh -- 2.34.1 From 39d1890ee896e2dcad56873238e30e4c4bcab2b1 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Tue, 21 Jan 2025 00:44:42 -0600 Subject: [PATCH 13/20] return to user docker container store credentials for later revision --- etherpad-docker.sh | 49 ++++++++++++++++++++++++++-------------------- 1 file changed, 28 insertions(+), 21 deletions(-) diff --git a/etherpad-docker.sh b/etherpad-docker.sh index cc97857..559d9f8 100644 --- a/etherpad-docker.sh +++ b/etherpad-docker.sh @@ -64,13 +64,20 @@ WS_CONF_MATCH1="# ensure all static content can always be found first" read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS +install -m 600 /dev/null /var/opt/etherpad_details.txt +cat << EOF > /var/opt/etherpad_details.txt +ETHERPAD_ADMIN_PASS=$ETHERPAD_ADMIN_PASS +ETHERPAD_DB_USER=$ETHERPAD_DB_USER +ETHERPAD_DB_NAME=$ETHERPAD_DB_NAME +ETHERPAD_DB_PASS=$ETHERPAD_DB_PASS +EOF + # Make sure we can rely on the match strings. printf "> Testing match strings on config files.\n" test_match "$WS_MATCH1" "$WS_CONF" # Install required packages install_ifnot docker.io -install_ifnot docker-compose install_ifnot postgresql-"$PSGVER" # Create DB @@ -81,26 +88,26 @@ CREATE USER ${ETHERPAD_DB_USER} WITH ENCRYPTED PASSWORD '${ETHERPAD_DB_PASS}'; GRANT ALL PRIVILEGES ON DATABASE ${ETHERPAD_DB_NAME} TO ${ETHERPAD_DB_USER}; DB -# Set environment varibales for docker -mkdir /opt/etherpad -cat << EOF > /opt/etherpad/.env -DOCKER_COMPOSE_APP_ADMIN_PASSWORD="$ETHERPAD_ADMIN_PASS" -DOCKER_COMPOSE_APP_DB_CHARSET="utf8mb4" -DOCKER_COMPOSE_POSTGRES_HOST="localhost" -DOCKER_COMPOSE_POSTGRES_USER="$ETHERPAD_DB_USER" -DOCKER_COMPOSE_POSTGRES_DATABASE="$ETHERPAD_DB_NAME" -DOCKER_COMPOSE_POSTGRES_PASSWORD="$ETHERPAD_DB_PASS" -DOCKER_COMPOSE_POSTGRES_PORT="5432" -#DOCKER_COMPOSE_APP_DEFAULT_PAD_TEXT= -DOCKER_COMPOSE_APP_DISABLE_IP_LOGGING="false" -DOCKER_COMPOSE_APP_SOFFICE="null" -DOCKER_COMPOSE_APP_TRUST_PROXY="true" -EOF -chmod 644 /opt/etherpad/.env -cp files/etherpad/docker-compose.yml /opt/etherpad/ -chmod 644 /opt/etherpad/docker-compose.yml - -docker-compose -f /opt/etherpad/docker-compose.yml up -d +# Check fot docker if not running then execute +if [ ! "$(docker ps -q -f name=etherpad)" ]; then + if [ "$(docker ps -aq -f status=exited -f name=etherpad)" ]; then + # cleanup + docker rm etherpad + fi + # run your container + docker run -d --restart always \ + --network=host \ + --name etherpad \ + -p 127.0.0.1:9001:9001 \ + -e "ADMIN_PASSWORD=$ETHERPAD_ADMIN_PASS" \ + -e "DB_TYPE=postgres" \ + -e "DB_HOST=localhost" \ + -e "DB_PORT=5432" \ + -e "DB_NAME=$ETHERPAD_DB_NAME" \ + -e "DB_USER=$ETHERPAD_DB_USER" \ + -e "DB_PASS=$ETHERPAD_DB_PASS" \ + -i -t etherpad/etherpad +fi # Tune webserver for Jitsi App control -- 2.34.1 From 79fc0de403c1764d8705eb8aae88e566f58b414a Mon Sep 17 00:00:00 2001 From: Ark74 Date: Tue, 21 Jan 2025 00:46:18 -0600 Subject: [PATCH 14/20] fix bad usage of interactive shell docker --- etherpad-docker.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etherpad-docker.sh b/etherpad-docker.sh index 559d9f8..fc44530 100644 --- a/etherpad-docker.sh +++ b/etherpad-docker.sh @@ -106,7 +106,7 @@ if [ ! "$(docker ps -q -f name=etherpad)" ]; then -e "DB_NAME=$ETHERPAD_DB_NAME" \ -e "DB_USER=$ETHERPAD_DB_USER" \ -e "DB_PASS=$ETHERPAD_DB_PASS" \ - -i -t etherpad/etherpad + etherpad/etherpad fi # Tune webserver for Jitsi App control -- 2.34.1 From ab5a180fd6377dd47c893400349a9fd04bad64d0 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Tue, 21 Jan 2025 02:31:30 -0600 Subject: [PATCH 15/20] make sure to set all necessary permissions for public table --- etherpad-docker.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/etherpad-docker.sh b/etherpad-docker.sh index fc44530..fe38da3 100644 --- a/etherpad-docker.sh +++ b/etherpad-docker.sh @@ -86,13 +86,19 @@ sudo -u postgres psql < Date: Tue, 21 Jan 2025 03:27:18 -0600 Subject: [PATCH 16/20] set mapping for nginx connection upgrade --- etherpad-docker.sh | 9 +++++++++ grafana.sh | 13 ++++++++----- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/etherpad-docker.sh b/etherpad-docker.sh index fe38da3..186c5b8 100644 --- a/etherpad-docker.sh +++ b/etherpad-docker.sh @@ -61,6 +61,7 @@ ETHERPAD_DB_USER="dockerpad" ETHERPAD_DB_NAME="etherpad" ETHERPAD_DB_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)" WS_CONF_MATCH1="# ensure all static content can always be found first" +WS_MATCH2="upstream prosody {" read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS @@ -75,6 +76,7 @@ EOF # Make sure we can rely on the match strings. printf "> Testing match strings on config files.\n" test_match "$WS_MATCH1" "$WS_CONF" +test_match "$WS_MATCH2" "$WS_CONF" # Install required packages install_ifnot docker.io @@ -120,6 +122,13 @@ fi if [ "$(grep -c etherpad "$WS_CONF")" != 0 ]; then echo "> Webserver seems configured, skipping..." elif [ -f "$WS_CONF" ]; then + if ! grep -q 'map $http_upgrade $connection_upgrade' "$WS_CONF"; then + sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections or Etherpad" "$WS_CONF" + sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF" + sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF" + sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF" + sed -i "/$WS_MATCH2/i }" "$WS_CONF" + fi echo "> Setting up webserver configuration file..." sed -i "/$WS_CONF_MATCH1/i \ \ \ \ #Etherpad block" "$WS_CONF" sed -i "/$WS_CONF_MATCH1/i \ \ \ \ location \^\~\ \/etherpad\/ {" "$WS_CONF" diff --git a/grafana.sh b/grafana.sh index 76e9ede..8e18001 100644 --- a/grafana.sh +++ b/grafana.sh @@ -194,11 +194,14 @@ if [ -f "$WS_CONF" ]; then sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_pass http://grafana;" "$WS_CONF" sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF" - sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections." "$WS_CONF" - sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF" - sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF" - sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF" - sed -i "/$WS_MATCH2/i }" "$WS_CONF" + if ! grep -q 'map $http_upgrade $connection_upgrade' "$WS_CONF"; then + sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections or Etherpad" "$WS_CONF" + sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF" + sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF" + sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF" + sed -i "/$WS_MATCH2/i }" "$WS_CONF" + fi + sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF" sed -i "/$WS_MATCH2/i upstream grafana {" "$WS_CONF" sed -i "/$WS_MATCH2/i \ \ server localhost:3000;" "$WS_CONF" -- 2.34.1 From 7a93ca19055323f5c09911fa289c0a190548df9c Mon Sep 17 00:00:00 2001 From: Ark74 Date: Tue, 21 Jan 2025 17:27:32 -0600 Subject: [PATCH 17/20] fix and minimize required db permissions --- etherpad-docker.sh | 12 +++++------- jra_nextcloud.sh | 1 + 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/etherpad-docker.sh b/etherpad-docker.sh index 186c5b8..994d6c6 100644 --- a/etherpad-docker.sh +++ b/etherpad-docker.sh @@ -88,12 +88,7 @@ sudo -u postgres psql < Webserver seems configured, skipping..." elif [ -f "$WS_CONF" ]; then + echo "> Setting up webserver configuration file..." if ! grep -q 'map $http_upgrade $connection_upgrade' "$WS_CONF"; then + echo " > Setting mapping upgrade connection." sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections or Etherpad" "$WS_CONF" sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF" sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF" sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF" sed -i "/$WS_MATCH2/i }" "$WS_CONF" + else + echo " > Upgrade connection mapping already setup." fi - echo "> Setting up webserver configuration file..." sed -i "/$WS_CONF_MATCH1/i \ \ \ \ #Etherpad block" "$WS_CONF" sed -i "/$WS_CONF_MATCH1/i \ \ \ \ location \^\~\ \/etherpad\/ {" "$WS_CONF" sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF" diff --git a/jra_nextcloud.sh b/jra_nextcloud.sh index f6de6ef..2a4c85b 100644 --- a/jra_nextcloud.sh +++ b/jra_nextcloud.sh @@ -196,6 +196,7 @@ sudo -u postgres psql < Date: Tue, 21 Jan 2025 17:28:42 -0600 Subject: [PATCH 18/20] announce if mapping is being set or applied. --- grafana.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/grafana.sh b/grafana.sh index 8e18001..bab3763 100644 --- a/grafana.sh +++ b/grafana.sh @@ -179,6 +179,7 @@ while [ $secs -gt 0 ]; do done if [ -f "$WS_CONF" ]; then + echo "> Setting up webserver configuration file..." sed -i "/$WS_MATCH1/i \ \ \ \ # Proxy Grafana." "$WS_CONF" sed -i "/$WS_MATCH1/i \ \ \ \ location ~ ^/(grafana/|grafana/login) {" "$WS_CONF" sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF" @@ -193,15 +194,16 @@ if [ -f "$WS_CONF" ]; then sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF" sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_pass http://grafana;" "$WS_CONF" sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF" - if ! grep -q 'map $http_upgrade $connection_upgrade' "$WS_CONF"; then + echo " > Setting mapping upgrade connection." sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections or Etherpad" "$WS_CONF" sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF" sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF" sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF" sed -i "/$WS_MATCH2/i }" "$WS_CONF" + else + echo " > Upgrade connection mapping already setup." fi - sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF" sed -i "/$WS_MATCH2/i upstream grafana {" "$WS_CONF" sed -i "/$WS_MATCH2/i \ \ server localhost:3000;" "$WS_CONF" -- 2.34.1 From 4f8a0884e62ce7e2d0fb44ca90c7aab0e9845f71 Mon Sep 17 00:00:00 2001 From: Ark74 Date: Tue, 21 Jan 2025 20:10:07 -0600 Subject: [PATCH 19/20] yet again more db tweaking --- etherpad-docker.sh | 2 ++ jra_nextcloud.sh | 3 +++ 2 files changed, 5 insertions(+) diff --git a/etherpad-docker.sh b/etherpad-docker.sh index 994d6c6..eac8302 100644 --- a/etherpad-docker.sh +++ b/etherpad-docker.sh @@ -88,6 +88,8 @@ sudo -u postgres psql < Date: Tue, 21 Jan 2025 21:55:01 -0600 Subject: [PATCH 20/20] slim redundant set --- etherpad-docker.sh | 1 - jra_nextcloud.sh | 1 - 2 files changed, 2 deletions(-) diff --git a/etherpad-docker.sh b/etherpad-docker.sh index eac8302..c0b40af 100644 --- a/etherpad-docker.sh +++ b/etherpad-docker.sh @@ -90,7 +90,6 @@ CREATE USER ${ETHERPAD_DB_USER} WITH ENCRYPTED PASSWORD '${ETHERPAD_DB_PASS}'; GRANT ALL PRIVILEGES ON DATABASE ${ETHERPAD_DB_NAME} TO ${ETHERPAD_DB_USER}; \c ${ETHERPAD_DB_NAME} ALTER SCHEMA public OWNER TO ${ETHERPAD_DB_USER}; -GRANT CREATE, USAGE ON SCHEMA public TO ${ETHERPAD_DB_USER}; DB # Check fot docker if not running then execute diff --git a/jra_nextcloud.sh b/jra_nextcloud.sh index 47f986f..b6b56e0 100644 --- a/jra_nextcloud.sh +++ b/jra_nextcloud.sh @@ -198,7 +198,6 @@ CREATE USER ${NC_DB_USER} WITH ENCRYPTED PASSWORD '${NC_DB_PASSWD}'; GRANT ALL PRIVILEGES ON DATABASE ${NC_DB} TO ${NC_DB_USER}; \c nextcloud_db ALTER SCHEMA public OWNER TO ${NC_DB_USER}; -GRANT CREATE, USAGE ON SCHEMA public TO ${NC_DB_USER}; DB echo -e "\nDone!\n" -- 2.34.1