switnet
/
quick-jibri-installer
2
1
Fork 1
Code Issues 2 Pull Requests 1 Packages Projects Releases 13 Wiki Activity

quick_jibri_installer.sh: update and fix for newer release (2025) #118

Open
Ark74 wants to merge 25 commits from Ark74/quick-jibri-installer:fix_jitsi_2025 into master
pull from: Ark74/quick-jibri-installer:fix_jitsi_2025
merge into: switnet:master
Conversation 0 Commits 25 Files Changed 26 +270 -332
26 changed files with 270 additions and 332 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -118,4 +118,4 @@ Feel free to use our `test-jibri-env.sh` tool to find some details on your curre
Please note: This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY. Please note: This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY.
SwITNet Ltd © - 2024, https://switnet.net/ SwITNet Ltd © - 2025, https://switnet.net/

259
add-jibri-node.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# Jibri Node Aggregator # Jibri Node Aggregator
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
### 0_LAST EDITION TIME STAMP ### ### 0_LAST EDITION TIME STAMP ###
@ -16,9 +16,13 @@ do
esac esac
done done
#DEBUG
if [ "$MODE" = "debug" ]; then if [ "$MODE" = "debug" ]; then
set -x set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi fi
#Make sure the file name is the required one #Make sure the file name is the required one
@ -28,12 +32,6 @@ if [ ! "$(basename "$0")" = "add-jibri-node.sh" ]; then
exit exit
fi fi
#Check admin rights
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
### 0_VAR_DEF ### 0_VAR_DEF
MAIN_SRV_DIST=TBD MAIN_SRV_DIST=TBD
MAIN_SRV_REPO=TBD MAIN_SRV_REPO=TBD
@ -51,17 +49,17 @@ JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR=
JIBRI_CONF="/etc/jitsi/jibri/jibri.conf" JIBRI_CONF="/etc/jitsi/jibri/jibri.conf"
DIR_RECORD="/var/jbrecord" DIR_RECORD="/var/jbrecord"
REC_DIR="/home/jibri/finalize_recording.sh" REC_DIR="/home/jibri/finalize_recording.sh"
CHD_VER="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list" GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list"
GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}') GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}')
GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json" GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
#PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)" #PUBLIC_IP="$(wget -qO- https://api.ipify.org)"
JITSI_GPG_KEY="/etc/apt/trusted.gpg.d/jitsi-key.gpg.key"
NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)" NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
NJN_USER="jbnode${ADDUP}_${NJN_RAND_TAIL}" NJN_USER="jbnode${ADDUP}_${NJN_RAND_TAIL}"
NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)" NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)"
GITHUB_RAW="https://raw.githubusercontent.com" GIT_FORGE="https://forge.switnet.net"
GIT_REPO="switnet-ltd/quick-jibri-installer" GIT_REPO="switnet/quick-jibri-installer"
TEST_JIBRI_ENV="$GITHUB_RAW/$GIT_REPO/unstable/tools/test-jibri-env.sh" TEST_JIBRI_ENV="$GIT_FORGE/$GIT_REPO/raw/branch/master/tools/test-jibri-env.sh"
SHORT_ID="$(awk '{print substr($0,0,7)}' /etc/machine-id)" SHORT_ID="$(awk '{print substr($0,0,7)}' /etc/machine-id)"
JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf" JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf"
### 1_VAR_DEF ### 1_VAR_DEF
@ -188,18 +186,19 @@ hostnamectl set-hostname "jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}"
sed -i "1i 127.0.0.1 jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts sed -i "1i 127.0.0.1 jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts
# Jitsi-Meet Repo # Jitsi-Meet Repo
echo "Add Jitsi repo" printf "\nAdd Jitsi repo\n"
if [ -z "$JITSI_REPO" ]; then if [ "$JITSI_REPO" = "stable" ]; then
echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-"$MAIN_SRV_REPO".list printf " - Jitsi stable repository already installed\n\n"
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository don't match, extiting.."
exit
elif [ "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository match, continuing..."
else else
echo "Jitsi $JITSI_REPO repository already installed" echo "deb [signed-by=$JITSI_GPG_KEY] http://download.jitsi.org stable/" \
> /etc/apt/sources.list.d/jitsi-stable.list
curl -s https://download.jitsi.org/jitsi-key.gpg.key \
> "$JITSI_GPG_KEY"
apt-get update -q2
JITSI_REPO="stable"
fi fi
sleep .1
# Requirements # Requirements
echo "We'll start by installing system requirements this may take a while please be patient..." echo "We'll start by installing system requirements this may take a while please be patient..."
@ -212,7 +211,7 @@ apt-get -y install \
curl \ curl \
ffmpeg \ ffmpeg \
git \ git \
htop \ btop \
inotify-tools \ inotify-tools \
jq \ jq \
rsync \ rsync \
@ -221,32 +220,30 @@ apt-get -y install \
wget wget
check_snd_driver() { check_snd_driver() {
echo -e "\n# Checking ALSA - Loopback module..." printf "\n# Checking ALSA - Loopback module..."
echo "snd-aloop" | tee -a /etc/modules echo "snd-aloop" | tee -a /etc/modules
modprobe snd-aloop modprobe snd-aloop
if [ "$(lsmod | grep snd_aloop | head -n 1 | cut -d " " -f1)" = "snd_aloop" ]; then if [ "$(lsmod|awk '/snd_aloop/{print$1}'|awk 'NR==1')" = "snd_aloop" ]; then
echo " echo -e "\n#-----------------------------------------------------------------------"
#----------------------------------------------------------------------- echo "# Audio driver seems - OK."
# Audio driver seems - OK. echo -e "#-----------------------------------------------------------------------\n"
#-----------------------------------------------------------------------" else
else echo -e "\n#-----------------------------------------------------------------------"
echo " echo "# Your audio driver might not be able to load."
#----------------------------------------------------------------------- echo "# We'll check the state of this Jibri with our 'test-jibri-env.sh' tool."
# Your audio driver might not be able to load. echo -e "#-----------------------------------------------------------------------\n"
# We'll check the state of this Jibri with our 'test-jibri-env.sh' tool. curl -s "$TEST_JIBRI_ENV" > /tmp/test-jibri-env.sh
#-----------------------------------------------------------------------" #Test tool
curl -s "$TEST_JIBRI_ENV" > /tmp/test-jibri-env.sh
#Test tool
if [ "$MODE" = "debug" ]; then if [ "$MODE" = "debug" ]; then
bash /tmp/test-jibri-env.sh -m debug bash /tmp/test-jibri-env.sh -m debug
else else
bash /tmp/test-jibri-env.sh bash /tmp/test-jibri-env.sh
fi fi
rm /tmp/test-jibri-env.sh read -n 1 -s -r -p "Press any key to continue..."$'\n'
read -n 1 -s -r -p "Press any key to continue..."$'\n' fi
fi
} }
###FIXME: Trisquel support broken by lsb_release usage###
echo "# Check and Install HWE kernel if possible..." echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")" HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")"
if [ "$HWE_VIR_MOD" = "1" ]; then if [ "$HWE_VIR_MOD" = "1" ]; then
@ -272,27 +269,37 @@ if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then
echo "Google repository already set." echo "Google repository already set."
else else
echo "Installing Google Chrome Stable" echo "Installing Google Chrome Stable"
wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - curl -s https://dl.google.com/linux/linux_signing_key.pub | \
gpg --dearmor | tee /etc/apt/trusted.gpg.d/google-chrome-key.gpg >/dev/null
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO" echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO"
fi fi
apt-get -q2 update apt-get -q2 update
apt-get install -y google-chrome-stable apt-get install -yq2 google-chrome-stable
rm -rf /etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list rm -rf "$GOOGL_REPO"
G_CHROME=$(apt-cache madison google-chrome-stable|awk '{print$3}'|cut -d. -f1-3)
CHROMELAB_URL="https://googlechromelabs.github.io/chrome-for-testing"
CHD_LTST_DWNL=$(curl -s $CHROMELAB_URL/known-good-versions-with-downloads.json | \
jq -r ".versions[].downloads.chromedriver | \
select(. != null) | .[].url" | grep linux64 | \
grep "$G_CHROME" | tail -1)
CHD_LTST=$(awk -F '/' '{print$7}' <<< "$CHD_LTST_DWNL")
GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
if [ -f /usr/local/bin/chromedriver ]; then if [ -f /usr/local/bin/chromedriver ]; then
echo "Chromedriver already installed." echo "Chromedriver already installed."
else else
echo "Installing Chromedriver" echo "Installing Chromedriver"
wget -q https://chromedriver.storage.googleapis.com/"$CHD_VER"/chromedriver_linux64.zip -O /tmp/chromedriver_linux64.zip wget -q "$CHD_LTST_DWNL" \
unzip /tmp/chromedriver_linux64.zip -d /usr/local/bin/ -O /tmp/chromedriver_linux64.zip
unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/
mv /usr/local/bin/chromedriver-linux64/chromedriver /usr/local/bin/chromedriver
chown root:root /usr/local/bin/chromedriver chown root:root /usr/local/bin/chromedriver
chmod 0755 /usr/local/bin/chromedriver chmod 0755 /usr/local/bin/chromedriver
rm -rf /tpm/chromedriver_linux64.zip rm -rf /tmp/chromedriver_linux64.zip
fi fi
echo " printf "\nCheck Google Software Working...\n"
Check Google Software Working...
"
/usr/bin/google-chrome --version /usr/bin/google-chrome --version
/usr/local/bin/chromedriver --version | awk '{print$1,$2}' /usr/local/bin/chromedriver --version | awk '{print$1,$2}'
@ -301,15 +308,13 @@ echo '
Start Jibri configuration Start Jibri configuration
######################################################################## ########################################################################
' '
echo " printf "\nRemove Chrome warning...\n"
Remove Chrome warning...
"
mkdir -p /etc/opt/chrome/policies/managed mkdir -p /etc/opt/chrome/policies/managed
echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON" echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON"
# Recording directory # Recording directory
if [ ! -d "$DIR_RECORD" ]; then if [ ! -d "$DIR_RECORD" ]; then
mkdir "$DIR_RECORD" mkdir "$DIR_RECORD"
fi fi
chown -R jibri:jibri "$DIR_RECORD" chown -R jibri:jibri "$DIR_RECORD"
@ -325,19 +330,10 @@ echo "or storage provider, etc.) in this script" >> /tmp/finalize.out
chmod -R 770 \$RECORDINGS_DIR chmod -R 770 \$RECORDINGS_DIR
#Rename folder. LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -nr|sed 1d|awk '{print\$2}'| grep -v "meta\|_" | head -n1)"
LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -n -r|awk '{print\$2}'| grep -v "meta\|-" | head -n1)" NJF_NAME="\$(find \$LJF_PATH |grep "mp4"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)"
NJF_NAME="\$(find \$LJF_PATH |grep -e "-"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)"
NJF_PATH="\$RECORDINGS_DIR/\$NJF_NAME" NJF_PATH="\$RECORDINGS_DIR/\$NJF_NAME"
mv \$LJF_PATH \$NJF_PATH
##Prevent empty recording directory failsafe
if [ "\$LJF_PATH" != "\$RECORDINGS_DIR" ]; then
mv \$LJF_PATH \$NJF_PATH
#Workaround for jibri to do cleaning.
ssh -i /home/jibri/jbsync.pem $MJS_USER@$MAIN_SRV_DOMAIN "rm -r \$LJF_PATH"
else
echo "No new folder recorded, not removing anything."
fi
exit 0 exit 0
REC_DIR REC_DIR
@ -346,117 +342,15 @@ chmod +x "$REC_DIR"
## New Jibri Config (2020) ## New Jibri Config (2020)
mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file
cat << NEW_CONF > "$JIBRI_CONF" cp files/jibri.conf "$JIBRI_CONF"
// New XMPP environment config. sed -i "s|JIBRI_RES_CONF|$JIBRI_RES_CONF|g" "$JIBRI_CONF"
jibri { sed -i "s|DIR_RECORD|$DIR_RECORD|g" "$JIBRI_CONF"
streaming { sed -i "s|REC_DIR|$REC_DIR|g" "$JIBRI_CONF"
// A list of regex patterns for allowed RTMP URLs. The RTMP URL used sed -i "s|JB_NAME|$JB_NAME|g" "$JIBRI_CONF"
// when starting a stream must match at least one of the patterns in sed -i "s|DOMAIN|$DOMAIN|g" "$JIBRI_CONF"
// this list. sed -i "s|JibriBrewery|$JibriBrewery|g" "$JIBRI_CONF"
rtmp-allow-list = [ sed -i "s|JB_AUTH_PASS|$JB_AUTH_PASS|g" "$JIBRI_CONF"
// By default, all services are allowed sed -i "s|JB_REC_PASS|$JB_REC_PASS|g" "$JIBRI_CONF"
".*"
]
}
ffmpeg {
resolution = "$JIBRI_RES_CONF"
}
chrome {
// The flags which will be passed to chromium when launching
flags = [
"--use-fake-ui-for-media-stream",
"--start-maximized",
"--kiosk",
"--enabled",
"--disable-infobars",
"--autoplay-policy=no-user-gesture-required",
"--ignore-certificate-errors",
"--disable-dev-shm-usage"
]
}
stats {
enable-stats-d = true
}
call-status-checks {
// If all clients have their audio and video muted and if Jibri does not
// detect any data stream (audio or video) comming in, it will stop
// recording after NO_MEDIA_TIMEOUT expires.
no-media-timeout = 30 seconds
// If all clients have their audio and video muted, Jibri consideres this
// as an empty call and stops the recording after ALL_MUTED_TIMEOUT expires.
all-muted-timeout = 10 minutes
// When detecting if a call is empty, Jibri takes into consideration for how
// long the call has been empty already. If it has been empty for more than
// DEFAULT_CALL_EMPTY_TIMEOUT, it will consider it empty and stop the recording.
default-call-empty-timeout = 30 seconds
}
recording {
recordings-directory = $DIR_RECORD
finalize-script = $REC_DIR
}
api {
xmpp {
environments = [
{
// A user-friendly name for this environment
name = "$JB_NAME"
// A list of XMPP server hosts to which we'll connect
xmpp-server-hosts = [ "$MAIN_SRV_DOMAIN" ]
// The base XMPP domain
xmpp-domain = "$MAIN_SRV_DOMAIN"
// The MUC we'll join to announce our presence for
// recording and streaming services
control-muc {
domain = "internal.auth.$MAIN_SRV_DOMAIN"
room-name = "$JibriBrewery"
nickname = "machine-id"
}
// The login information for the control MUC
control-login {
domain = "auth.$MAIN_SRV_DOMAIN"
username = "jibri"
password = "$JB_AUTH_PASS"
}
// An (optional) MUC configuration where we'll
// join to announce SIP gateway services
// sip-control-muc {
// domain = "domain"
// room-name = "room-name"
// nickname = "nickname"
// }
// The login information the selenium web client will use
call-login {
domain = "recorder.$MAIN_SRV_DOMAIN"
username = "recorder"
password = "$JB_REC_PASS"
}
// The value we'll strip from the room JID domain to derive
// the call URL
strip-from-room-domain = "conference."
// How long Jibri sessions will be allowed to last before
// they are stopped. A value of 0 allows them to go on
// indefinitely
usage-timeout = 0 hour
// Whether or not we'll automatically trust any cert on
// this XMPP domain
trust-all-xmpp-certs = true
}
]
}
}
}
NEW_CONF
#Jibri xorg resolution #Jibri xorg resolution
sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" "$JIBRI_XORG_CONF" sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" "$JIBRI_XORG_CONF"
@ -467,15 +361,16 @@ echo "$NJN_USER:$NJN_USER_PASS" | chpasswd
echo -e "\n---- We'll connect to main server ----" echo -e "\n---- We'll connect to main server ----"
read -n 1 -s -r -p "Press any key to continue..."$'\n' read -n 1 -s -r -p "Press any key to continue..."$'\n'
sudo su "$NJN_USER" -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''" sudo su "$NJN_USER" -c "ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -o -a 200 -q -N ''"
#Workaround for jibri to do cleaning.
install -m 0600 -o jibri /home/"$NJN_USER"/.ssh/id_rsa /home/jibri/jbsync.pem install -m 0600 -o jibri /home/"$NJN_USER"/.ssh/id_rsa /home/jibri/jbsync.pem
sudo su jibri -c "install -D /dev/null /home/jibri/.ssh/known_hosts" sudo su jibri -c "install -D /dev/null /home/jibri/.ssh/known_hosts"
sudo su jibri -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts" sudo su jibri -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts"
sudo su jibri -c "ssh-keyscan -t ed25519 $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts"
echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n" echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n"
ssh-keyscan -t rsa "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts ssh-keyscan -t rsa "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts
ssh-keyscan -t ed25519 "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts
ssh "$MJS_USER"@"$MAIN_SRV_DOMAIN" sh -c "'cat >> .ssh/authorized_keys'" < /home/"$NJN_USER"/.ssh/id_rsa.pub ssh "$MJS_USER"@"$MAIN_SRV_DOMAIN" sh -c "'cat >> .ssh/authorized_keys'" < /home/"$NJN_USER"/.ssh/id_rsa.pub
sudo su "$NJN_USER" -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts" sudo su "$NJN_USER" -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts"

17
add-jvb2-node.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# JVB2 Node Aggregator # JVB2 Node Aggregator
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
### 0_LAST EDITION TIME STAMP ### ### 0_LAST EDITION TIME STAMP ###
@ -16,9 +16,13 @@ do
esac esac
done done
#DEBUG
if [ "$MODE" = "debug" ]; then if [ "$MODE" = "debug" ]; then
set -x set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi fi
#Make sure the file name is the required one #Make sure the file name is the required one
@ -28,13 +32,6 @@ if [ ! "$(basename "$0")" = "add-jvb2-node.sh" ]; then
exit exit
fi fi
#Check admin rights
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
### 0_VAR_DEF ### 0_VAR_DEF
MAIN_SRV_DIST=TBD MAIN_SRV_DIST=TBD
MAIN_SRV_REPO=TBD MAIN_SRV_REPO=TBD

59
etherpad-docker.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# Etherpad Installer for Jitsi Meet # Etherpad Installer for Jitsi Meet
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# #
# GPLv3 or later. # GPLv3 or later.
@ -13,9 +13,8 @@ do
esac esac
done done
#DEBUG
if [ "$MODE" = "debug" ]; then if [ "$MODE" = "debug" ]; then
set -x set -x
fi fi
if ! [ "$(id -u)" = 0 ]; then if ! [ "$(id -u)" = 0 ]; then
@ -32,7 +31,9 @@ echo '
' '
FORGE_REPO="https://forge.switnet.net/switnet/quick-jibri-installer" FORGE_REPO="https://forge.switnet.net/switnet/quick-jibri-installer"
check_apt_policy() { check_apt_policy() {
apt-cache policy 2>/dev/null| awk "/$1/{print \$3}" | awk -F '/' 'NR==1{print$2}' apt-cache policy 2>/dev/null| \
awk "/$1/{print \$3}" | \
awk -F '/' 'NR==1{print$2}'
} }
install_ifnot() { install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
@ -59,28 +60,26 @@ PSGVER="$(apt-cache madison postgresql|tr -d '[:blank:]'|awk -F'[|+]' 'NR==1{pri
ETHERPAD_DB_USER="dockerpad" ETHERPAD_DB_USER="dockerpad"
ETHERPAD_DB_NAME="etherpad" ETHERPAD_DB_NAME="etherpad"
ETHERPAD_DB_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)" ETHERPAD_DB_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
DOCKER_CE_REPO="$(check_apt_policy docker)"
WS_CONF_MATCH1="# ensure all static content can always be found first" WS_CONF_MATCH1="# ensure all static content can always be found first"
WS_MATCH2="upstream prosody {"
echo "Add Docker repo"
if [ "$DOCKER_CE_REPO" = "stable" ]; then
echo "Docker repository already installed"
else
echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > \
/etc/apt/sources.list.d/docker-ce.list
wget -qO - https://download.docker.com/linux/ubuntu/gpg | \
gpg --dearmor | tee /etc/apt/trusted.gpg.d/docker-gpg-key.gpg >/dev/null
apt -q2 update
fi
read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS
install -m 600 /dev/null /var/opt/etherpad_details.txt
cat << EOF > /var/opt/etherpad_details.txt
ETHERPAD_ADMIN_PASS=$ETHERPAD_ADMIN_PASS
ETHERPAD_DB_USER=$ETHERPAD_DB_USER
ETHERPAD_DB_NAME=$ETHERPAD_DB_NAME
ETHERPAD_DB_PASS=$ETHERPAD_DB_PASS
EOF
# Make sure we can rely on the match strings. # Make sure we can rely on the match strings.
printf "> Testing match strings on config files.\n" printf "> Testing match strings on config files.\n"
test_match "$WS_MATCH1" "$WS_CONF" test_match "$WS_MATCH1" "$WS_CONF"
test_match "$WS_MATCH2" "$WS_CONF"
# Install required packages # Install required packages
install_ifnot docker-ce install_ifnot docker.io
install_ifnot postgresql-"$PSGVER" install_ifnot postgresql-"$PSGVER"
# Create DB # Create DB
@ -89,15 +88,15 @@ sudo -u postgres psql <<DB
CREATE DATABASE ${ETHERPAD_DB_NAME}; CREATE DATABASE ${ETHERPAD_DB_NAME};
CREATE USER ${ETHERPAD_DB_USER} WITH ENCRYPTED PASSWORD '${ETHERPAD_DB_PASS}'; CREATE USER ${ETHERPAD_DB_USER} WITH ENCRYPTED PASSWORD '${ETHERPAD_DB_PASS}';
GRANT ALL PRIVILEGES ON DATABASE ${ETHERPAD_DB_NAME} TO ${ETHERPAD_DB_USER}; GRANT ALL PRIVILEGES ON DATABASE ${ETHERPAD_DB_NAME} TO ${ETHERPAD_DB_USER};
\c ${ETHERPAD_DB_NAME}
ALTER SCHEMA public OWNER TO ${ETHERPAD_DB_USER};
DB DB
echo " -- Your etherpad db password is: $ETHERPAD_DB_PASS"
echo -e " Please save it somewhere safe.\n"
# Check fot docker if not running then execute # Check fot docker if not running then execute
if [ ! "$(docker ps -q -f name=etherpad)" ]; then if [ ! "$(docker ps -q -f name=etherpad)" ]; then
if [ "$(docker ps -aq -f status=exited -f name=etherpad)" ]; then if [ "$(docker ps -aq -f status=exited -f name=etherpad)" ]; then
# cleanup # cleanup
docker rm etherpad docker rm -f etherpad
fi fi
# run your container # run your container
docker run -d --restart always \ docker run -d --restart always \
@ -111,7 +110,7 @@ if [ ! "$(docker ps -q -f name=etherpad)" ]; then
-e "DB_NAME=$ETHERPAD_DB_NAME" \ -e "DB_NAME=$ETHERPAD_DB_NAME" \
-e "DB_USER=$ETHERPAD_DB_USER" \ -e "DB_USER=$ETHERPAD_DB_USER" \
-e "DB_PASS=$ETHERPAD_DB_PASS" \ -e "DB_PASS=$ETHERPAD_DB_PASS" \
-i -t etherpad/etherpad etherpad/etherpad
fi fi
# Tune webserver for Jitsi App control # Tune webserver for Jitsi App control
@ -120,6 +119,16 @@ if [ "$(grep -c etherpad "$WS_CONF")" != 0 ]; then
echo "> Webserver seems configured, skipping..." echo "> Webserver seems configured, skipping..."
elif [ -f "$WS_CONF" ]; then elif [ -f "$WS_CONF" ]; then
echo "> Setting up webserver configuration file..." echo "> Setting up webserver configuration file..."
if ! grep -q 'map $http_upgrade $connection_upgrade' "$WS_CONF"; then
echo " > Setting mapping upgrade connection."
sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections or Etherpad" "$WS_CONF"
sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF"
sed -i "/$WS_MATCH2/i }" "$WS_CONF"
else
echo " > Upgrade connection mapping already setup."
fi
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ #Etherpad block" "$WS_CONF" sed -i "/$WS_CONF_MATCH1/i \ \ \ \ #Etherpad block" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ location \^\~\ \/etherpad\/ {" "$WS_CONF" sed -i "/$WS_CONF_MATCH1/i \ \ \ \ location \^\~\ \/etherpad\/ {" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF" sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF"
@ -133,8 +142,8 @@ elif [ -f "$WS_CONF" ]; then
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ }" "$WS_CONF" sed -i "/$WS_CONF_MATCH1/i \ \ \ \ }" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \\\n" "$WS_CONF" sed -i "/$WS_CONF_MATCH1/i \\\n" "$WS_CONF"
else else
echo "> No etherpad config done to server file, please report to: echo "> No etherpad config done to server file, please report to:"
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues" echo " -> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
fi fi
# Configure config.js # Configure config.js
@ -152,6 +161,6 @@ if nginx -t 2>/dev/null ; then
# systemctl reload nginx # systemctl reload nginx
else else
echo "Please check your configuration, something may be wrong." echo "Please check your configuration, something may be wrong."
echo "Will not try to enable etherpad nginx configuration, please report to: echo "Will not try to enable etherpad nginx configuration, please report to:"
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues" echo " -> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
fi fi

38
excalidraw-backend.sh
View File

@ -4,9 +4,27 @@
# Based on: # Based on:
# - https://community.jitsi.org/t/118883 # - https://community.jitsi.org/t/118883
# #
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
# Reset # Reset
Color_Off='\e[0m' # Text Reset Color_Off='\e[0m' # Text Reset
# Regular Colors # Regular Colors
@ -52,24 +70,6 @@ else
fi fi
} }
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
clear clear
echo -e '\n echo -e '\n
######################################################################## ########################################################################

14
grafana.sh
View File

@ -8,7 +8,7 @@
# by "mephisto" # by "mephisto"
# #
# Igor Kerstges © - 2021 # Igor Kerstges © - 2021
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# #
# GPLv3 or later. # GPLv3 or later.
@ -21,9 +21,8 @@ do
esac esac
done done
#DEBUG
if [ "$MODE" = "debug" ]; then if [ "$MODE" = "debug" ]; then
set -x set -x
fi fi
if ! [ "$(id -u)" = 0 ]; then if ! [ "$(id -u)" = 0 ]; then
@ -180,6 +179,7 @@ while [ $secs -gt 0 ]; do
done done
if [ -f "$WS_CONF" ]; then if [ -f "$WS_CONF" ]; then
echo "> Setting up webserver configuration file..."
sed -i "/$WS_MATCH1/i \ \ \ \ # Proxy Grafana." "$WS_CONF" sed -i "/$WS_MATCH1/i \ \ \ \ # Proxy Grafana." "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ location ~ ^/(grafana/|grafana/login) {" "$WS_CONF" sed -i "/$WS_MATCH1/i \ \ \ \ location ~ ^/(grafana/|grafana/login) {" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF" sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF"
@ -194,12 +194,16 @@ if [ -f "$WS_CONF" ]; then
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF" sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_pass http://grafana;" "$WS_CONF" sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_pass http://grafana;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF" sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF"
if ! grep -q 'map $http_upgrade $connection_upgrade' "$WS_CONF"; then
sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections." "$WS_CONF" echo " > Setting mapping upgrade connection."
sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections or Etherpad" "$WS_CONF"
sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF" sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF" sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF" sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF"
sed -i "/$WS_MATCH2/i }" "$WS_CONF" sed -i "/$WS_MATCH2/i }" "$WS_CONF"
else
echo " > Upgrade connection mapping already setup."
fi
sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF" sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF"
sed -i "/$WS_MATCH2/i upstream grafana {" "$WS_CONF" sed -i "/$WS_MATCH2/i upstream grafana {" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ server localhost:3000;" "$WS_CONF" sed -i "/$WS_MATCH2/i \ \ server localhost:3000;" "$WS_CONF"

17
jigasi-vosk-backend.sh
View File

@ -1,13 +1,26 @@
#!/bin/bash #!/bin/bash
# Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems. # Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
#Check if user is root while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!" echo "You need to be root or have sudo privileges!"
exit 0 exit 0
fi fi
exit_if_not_installed() { exit_if_not_installed() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then
echo " This instance doesn't have $1 installed, exiting..." echo " This instance doesn't have $1 installed, exiting..."

16
jitsi-updater.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash #!/bin/bash
# Jitsi Meet recurring upgrader and customization keeper # Jitsi Meet recurring upgrader and customization keeper
# for Debian/*buntu binaries. # for Debian/*buntu binaries.
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GNU GPLv3 or later. # GNU GPLv3 or later.
while getopts m: option while getopts m: option
@ -13,9 +13,13 @@ do
esac esac
done done
#DEBUG
if [ "$MODE" = "debug" ]; then if [ "$MODE" = "debug" ]; then
set -x set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi fi
Blue='\e[0;34m' Blue='\e[0;34m'
@ -27,11 +31,7 @@ Color_Off='\e[0m'
printwc() { printwc() {
printf "%b$2%b" "$1" "${Color_Off}" printf "%b$2%b" "$1" "${Color_Off}"
} }
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
if [ ! -f jm-bm.sh ]; then if [ ! -f jm-bm.sh ]; then
echo "Please check that you are running the jitsi updater while being on the project folder" echo "Please check that you are running the jitsi updater while being on the project folder"
echo "other wise the updater might have errors or be incomplete. Exiting..." echo "other wise the updater might have errors or be incomplete. Exiting..."

10
jm-bm.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash #!/bin/bash
# Jitsi Meet brandless mode # Jitsi Meet brandless mode
# for Debian/*buntu binaries. # for Debian/*buntu binaries.
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GNU GPLv3 or later. # GNU GPLv3 or later.
while getopts m: option while getopts m: option
@ -13,9 +13,13 @@ do
esac esac
done done
#DEBUG
if [ "$MODE" = "debug" ]; then if [ "$MODE" = "debug" ]; then
set -x set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi fi
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"

16
jra_nextcloud.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# JRA (Jibri Recordings Access) via Nextcloud # JRA (Jibri Recordings Access) via Nextcloud
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
while getopts m: option while getopts m: option
@ -12,7 +12,6 @@ do
esac esac
done done
#DEBUG
if [ "$MODE" = "debug" ]; then if [ "$MODE" = "debug" ]; then
set -x set -x
fi fi
@ -21,6 +20,7 @@ if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!" echo "You need to be root or have sudo privileges!"
exit 0 exit 0
fi fi
exit_if_not_installed() { exit_if_not_installed() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then
echo " This instance doesn't have $1 installed, exiting..." echo " This instance doesn't have $1 installed, exiting..."
@ -59,7 +59,7 @@ DIR_RECORD="$(awk -F '"' '/RECORDING/{print$2}' /home/jibri/finalize_recording
REDIS_CONF="/etc/redis/redis.conf" REDIS_CONF="/etc/redis/redis.conf"
JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf" JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
[ -f "$JITSI_MEET_PROXY" ] && PREAD_PROXY=$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" -f1) [ -f "$JITSI_MEET_PROXY" ] && PREAD_PROXY=$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" -f1)
PUBLIC_IP="$(dig -4 +short myip.opendns.com @resolver1.opendns.com)" PUBLIC_IP="$(wget -qO- https://api.ipify.org)"
ISO3166_CODE=TBD ISO3166_CODE=TBD
NL="$(printf '\n ')" NL="$(printf '\n ')"
@ -132,9 +132,10 @@ sleep .1
#Enable HSTS #Enable HSTS
while [ "$ENABLE_HSTS" != "yes" ] && [ "$ENABLE_HSTS" != "no" ] while [ "$ENABLE_HSTS" != "yes" ] && [ "$ENABLE_HSTS" != "no" ]
do do
read -p "> Do you want to enable HSTS for this domain?: (yes or no) read -p "> Do you want to enable HSTS for this domain? (yes or no) [default: no]:
Be aware this option apply mid-term effects on the domain, choose \"no\" Be aware this option apply mid-term effects on the domain, choose \"no\" or leave empty
in case you don't know what you are doing. More at https://hstspreload.org/$NL" -r ENABLE_HSTS in case you don't know what you are doing. More at https://hstspreload.org/$NL" -r ENABLE_HSTS
ENABLE_HSTS=${ENABLE_HSTS:-no}
if [ "$ENABLE_HSTS" = "no" ]; then if [ "$ENABLE_HSTS" = "no" ]; then
echo " - HSTS won't be enabled." echo " - HSTS won't be enabled."
elif [ "$ENABLE_HSTS" = "yes" ]; then elif [ "$ENABLE_HSTS" = "yes" ]; then
@ -163,7 +164,7 @@ if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")
echo "jitsi meet/jibri is installed, checking version:" echo "jitsi meet/jibri is installed, checking version:"
apt-show-versions jibri apt-show-versions jibri
else else
echo "Wait!, jitsi-meet/jibri is not installed on this system using apt, exiting..." echo "Wait!, jitsi-meet/jibri is not installed on this system via apt, exiting..."
exit exit
fi fi
@ -196,7 +197,10 @@ sudo -u postgres psql <<DB
CREATE DATABASE nextcloud_db; CREATE DATABASE nextcloud_db;
CREATE USER ${NC_DB_USER} WITH ENCRYPTED PASSWORD '${NC_DB_PASSWD}'; CREATE USER ${NC_DB_USER} WITH ENCRYPTED PASSWORD '${NC_DB_PASSWD}';
GRANT ALL PRIVILEGES ON DATABASE ${NC_DB} TO ${NC_DB_USER}; GRANT ALL PRIVILEGES ON DATABASE ${NC_DB} TO ${NC_DB_USER};
\c nextcloud_db
ALTER SCHEMA public OWNER TO ${NC_DB_USER};
DB DB
echo -e "\nDone!\n" echo -e "\nDone!\n"
# Add .mjs as a file extension for javascript # Add .mjs as a file extension for javascript

2
mode/chp-mode.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# Custom High Performance Jitsi conf # Custom High Performance Jitsi conf
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
while getopts m: option while getopts m: option

2
mode/grid/selenium-grid-docker.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash #!/bin/bash
# Custom Selenium Grid-Node fro Jitsi Meet # Custom Selenium Grid-Node fro Jitsi Meet
# Pandian © - https://community.jitsi.org/u/Pandian # Pandian © - https://community.jitsi.org/u/Pandian
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
while getopts m: option while getopts m: option

2
mode/jms-stu.sh
View File

@ -2,7 +2,7 @@
# System-tune-up to remove system software restrictions on a huge load of connections. # System-tune-up to remove system software restrictions on a huge load of connections.
# Be aware that hardware/infrastructure resources are the most common limiters. # Be aware that hardware/infrastructure resources are the most common limiters.
# #
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
while getopts m: option while getopts m: option

2
mode/jwt.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# JWT Mode Setup # JWT Mode Setup
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
while getopts m: option while getopts m: option

10
patches/jigasi/001-jigasi-meet-config.patch
View File

@ -1,5 +1,5 @@
# Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems. # Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
Enable transcription on jitsi meet config.js file. Enable transcription on jitsi meet config.js file.
@ -29,10 +29,10 @@ index f412891..f704157 100644
// // Transcriber language. This settings will only work if "useAppLanguage" // // Transcriber language. This settings will only work if "useAppLanguage"
// // is explicitly set to false. // // is explicitly set to false.
@@ -453,7 +453,7 @@ var config = { @@ -484,7 +484,7 @@ var config = {
// // Enables automatic request of subtitles when transcriber is present in the meeting, uses the default
// // Enables automatic turning on transcribing when recording is started // // language that is set
// autoTranscribeOnRecord: false, // autoCaptionOnTranscribe: false,
- // }, - // },
+ }, + },

2
patches/jigasi/002-jigasi-sip-properties.patch
View File

@ -1,5 +1,5 @@
# Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems. # Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
Modify sip-communicator.properties to run Jigasi along with VOSK Models. Modify sip-communicator.properties to run Jigasi along with VOSK Models.

2
patches/jitsi-meet/001-jitsi-meet-enable-livestreaming-and-recording.patch
View File

@ -1,5 +1,5 @@
# Quick Jibri Installer - *buntu (LTS) based systems. # Quick Jibri Installer - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
Patch jitsi-meet config.js to enable recording and livestreaming by default. Patch jitsi-meet config.js to enable recording and livestreaming by default.

2
patches/jitsi-meet/002-jitsi-meet-welcome-page-on-off.patch
View File

@ -1,5 +1,5 @@
# Quick Jibri Installer - *buntu (LTS) based systems. # Quick Jibri Installer - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
Patch jitsi-meet config.js to enable/disable welcome page. Patch jitsi-meet config.js to enable/disable welcome page.

64
quick_jibri_installer.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# Quick Jibri Installer - *buntu (LTS) based systems. # Quick Jibri Installer - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
{ {
echo "Started at $(date +'%Y-%m-%d %H:%M:%S')" >> qj-installer.log echo "Started at $(date +'%Y-%m-%d %H:%M:%S')" >> qj-installer.log
@ -14,8 +14,8 @@ do
esac esac
done done
#DEBUG
if [ "$MODE" = "debug" ]; then if [ "$MODE" = "debug" ]; then
export MODE=debug
set -x set -x
fi fi
@ -38,7 +38,7 @@ DIST=$(lsb_release -sc)
GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list" GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list"
GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}') GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}')
PROSODY_REPO="$(apt-cache policy | awk '/prosody/{print$3}' | awk -F "/" 'NR==1{print$2}')" PROSODY_REPO="$(apt-cache policy | awk '/prosody/{print$3}' | awk -F "/" 'NR==1{print$2}')"
PUBLIC_IP="$(dig -4 +short myip.opendns.com @resolver1.opendns.com)" PUBLIC_IP="$(wget -qO- https://api.ipify.org)"
NL="$(printf '\n ')" NL="$(printf '\n ')"
NODEJS_VER="18" NODEJS_VER="18"
JITSI_GPG_KEY="/etc/apt/trusted.gpg.d/jitsi-key.gpg.key" JITSI_GPG_KEY="/etc/apt/trusted.gpg.d/jitsi-key.gpg.key"
@ -70,6 +70,7 @@ rename_distro() {
#Trisquel distro upstream referencing. #Trisquel distro upstream referencing.
rename_distro nabia focal rename_distro nabia focal
rename_distro aramo jammy rename_distro aramo jammy
rename_distro ecne noble
install_ifnot() { install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
@ -116,12 +117,6 @@ check_snd_driver() {
var_dlim() { var_dlim() {
grep -n "$1" add-jibri-node.sh|head -n1|cut -d ":" -f1 grep -n "$1" add-jibri-node.sh|head -n1|cut -d ":" -f1
} }
add_gpg_keyring() {
apt-key adv --recv-keys --keyserver keyserver.ubuntu.com \$1
apt-key export \$1 | gpg --dearmour | tee /tmp/\$1.gpg >/dev/null
apt-key del \$1
mv /tmp/\$1.gpg /etc/apt/trusted.gpg.d/
}
add_prosody_repo() { add_prosody_repo() {
echo "Add Prosody repo" echo "Add Prosody repo"
if [ "$PROSODY_REPO" = "main" ]; then if [ "$PROSODY_REPO" = "main" ]; then
@ -189,7 +184,8 @@ fi
printf "\nOS: %s" "$(lsb_release -sd)" printf "\nOS: %s" "$(lsb_release -sd)"
if [ "$DIST" = "focal" ] || \ if [ "$DIST" = "focal" ] || \
[ "$DIST" = "jammy" ]; then [ "$DIST" = "jammy" ] || \
[ "$DIST" = "noble" ]; then
printf "\nGood, this is a supported platform!" printf "\nGood, this is a supported platform!"
else else
printf "\nSorry, this platform is not supported... exiting" printf "\nSorry, this platform is not supported... exiting"
@ -386,7 +382,7 @@ apt-get -y install \
curl \ curl \
ffmpeg \ ffmpeg \
git \ git \
htop \ btop \
jq \ jq \
net-tools \ net-tools \
rsync \ rsync \
@ -404,6 +400,7 @@ apt-get -y install \
fi fi
fi fi
###FIXME: Trisquel support broken by lsb_release usage###
echo "# Check and Install HWE kernel if possible..." echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" \ HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" \
2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)")" 2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)")"
@ -419,11 +416,9 @@ fi
check_serv check_serv
echo "
#-------------------------------------------------- #--------------------------------------------------
# Install Jitsi Framework print_title "Install Jitsi Framework"
#-------------------------------------------------- #--------------------------------------------------
"
if [ "$LE_SSL" = "yes" ]; then if [ "$LE_SSL" = "yes" ]; then
echo "set jitsi-meet/cert-choice select $CERT_CHOICE_DEBCONF" \ echo "set jitsi-meet/cert-choice select $CERT_CHOICE_DEBCONF" \
| debconf-set-selections | debconf-set-selections
@ -468,7 +463,9 @@ elif [ "$(npm list -g esprima 2>/dev/null | grep -c "esprima")" == "1" ]; then
echo "Good. Esprima package is already installed" echo "Good. Esprima package is already installed"
fi fi
echo "# Installing Google Chrome / ChromeDriver" #--------------------------------------------------
print_title "Installing Google Chrome / ChromeDriver"
#--------------------------------------------------
if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then
echo "Google repository already set." echo "Google repository already set."
else else
@ -483,7 +480,10 @@ rm -rf "$GOOGL_REPO"
G_CHROME=$(apt-cache madison google-chrome-stable|awk '{print$3}'|cut -d. -f1-3) G_CHROME=$(apt-cache madison google-chrome-stable|awk '{print$3}'|cut -d. -f1-3)
CHROMELAB_URL="https://googlechromelabs.github.io/chrome-for-testing" CHROMELAB_URL="https://googlechromelabs.github.io/chrome-for-testing"
CHD_LTST_DWNL=$(curl -s $CHROMELAB_URL/known-good-versions-with-downloads.json | jq -r ".versions[].downloads.chromedriver | select(. != null) | .[].url" | grep linux64 | grep "$G_CHROME" | tail -1) CHD_LTST_DWNL=$(curl -s $CHROMELAB_URL/known-good-versions-with-downloads.json | \
jq -r ".versions[].downloads.chromedriver | \
select(. != null) | .[].url" | grep linux64 | \
grep "$G_CHROME" | tail -1)
CHD_LTST=$(awk -F '/' '{print$7}' <<< "$CHD_LTST_DWNL") CHD_LTST=$(awk -F '/' '{print$7}' <<< "$CHD_LTST_DWNL")
GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json" GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
@ -581,15 +581,17 @@ sleep .1
read -p "Leave empty to use the default one (English):$NL" -r L10N_ME read -p "Leave empty to use the default one (English):$NL" -r L10N_ME
#Drop unsecure TLS #Drop unsecure TLS
while [ "$DROP_TLS1" != "yes" ] && [ "$DROP_TLS1" != "no" ] if grep -qE 'TLSv1(\.1)?' /etc/nginx/nginx.conf; then
do while [ "$DROP_TLS1" != "yes" ] && [ "$DROP_TLS1" != "no" ]
do
read -p "> Do you want to drop support for unsecure protocols TLSv1.0/1.1 now: (yes or no)$NL" -r DROP_TLS1 read -p "> Do you want to drop support for unsecure protocols TLSv1.0/1.1 now: (yes or no)$NL" -r DROP_TLS1
if [ "$DROP_TLS1" = "no" ]; then if [ "$DROP_TLS1" = "no" ]; then
printf " - TLSv1.0/1.1 will remain.\n\n" printf " - TLSv1.0/1.1 will remain.\n\n"
elif [ "$DROP_TLS1" = "yes" ]; then elif [ "$DROP_TLS1" = "yes" ]; then
printf " - TLSv1.0/1.1 will be dropped\n\n" printf " - TLSv1.0/1.1 will be dropped\n\n"
fi fi
done done
fi
sleep .1 sleep .1
#Brandless Mode #Brandless Mode
while [ "$ENABLE_BLESSM" != "yes" ] && [ "$ENABLE_BLESSM" != "no" ] while [ "$ENABLE_BLESSM" != "yes" ] && [ "$ENABLE_BLESSM" != "no" ]
@ -794,7 +796,9 @@ restart_services() {
# Configure Jvb2 # Configure Jvb2
sed -i "/shard.HOSTNAME/s|localhost|$DOMAIN|" "$JVB2_SIP" sed -i "/shard.HOSTNAME/s|localhost|$DOMAIN|" "$JVB2_SIP"
# Configure Jibri #--------------------------------------------------
print_title "Configure Jibri"
#--------------------------------------------------
if [ "$ENABLE_SC" = "yes" ]; then if [ "$ENABLE_SC" = "yes" ]; then
if [ ! -f "$MOD_LIST_FILE" ]; then if [ ! -f "$MOD_LIST_FILE" ]; then
printf "\n-> Adding external module to list prosody users...\n" printf "\n-> Adding external module to list prosody users...\n"
@ -912,10 +916,11 @@ useradd -m -g jibri "$MJS_USER"
echo "$MJS_USER:$MJS_USER_PASS" | chpasswd echo "$MJS_USER:$MJS_USER_PASS" | chpasswd
#Create ssh key and restrict connections #Create ssh key and restrict connections
sudo su "$MJS_USER" -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''" sudo su "$MJS_USER" -c "ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -o -a 200 -q -N ''"
#Allow password authentication #Allow password authentication
sed -i "s|PasswordAuthentication .*|PasswordAuthentication yes|" /etc/ssh/sshd_config sed -i "s|PasswordAuthentication .*|PasswordAuthentication yes|" /etc/ssh/sshd_config
systemctl restart sshd systemctl daemon-reload
systemctl restart ssh.service ssh.socket
#Setting varibales for add-jibri-node.sh #Setting varibales for add-jibri-node.sh
sed -i "s|MAIN_SRV_DIST=.*|MAIN_SRV_DIST=\"$DIST\"|" add-jibri-node.sh sed -i "s|MAIN_SRV_DIST=.*|MAIN_SRV_DIST=\"$DIST\"|" add-jibri-node.sh
@ -987,8 +992,13 @@ else
echo -n "No condition meet, please report to:" echo -n "No condition meet, please report to:"
echo "https://forge.switnet.net/switnet/quick-jibri-installer/issues" echo "https://forge.switnet.net/switnet/quick-jibri-installer/issues"
fi fi
# Remove possible duplication of wasm definition.
grep -q wasm /etc/nginx/mime.types && sed -i '/types {/,/}/ {/wasm/d}' "$WS_CONF"
sleep .1 sleep .1
#================== Setup prosody conf file ================= #--------------------------------------------------
print_title "Setup prosody conf file"
#--------------------------------------------------
###Setup secure rooms ###Setup secure rooms
if [ "$ENABLE_SC" = "yes" ]; then if [ "$ENABLE_SC" = "yes" ]; then
@ -1038,8 +1048,10 @@ VirtualHost "guest.$DOMAIN"
P_SR P_SR
fi fi
#====================== #--------------------------------------------------
# Custom settings print_title "Custom settings"
#--------------------------------------------------
#Start with video muted by default #Start with video muted by default
sed -i "s|// startWithVideoMuted: false,|startWithVideoMuted: true,|" "$MEET_CONF" sed -i "s|// startWithVideoMuted: false,|startWithVideoMuted: true,|" "$MEET_CONF"
@ -1050,7 +1062,7 @@ sed -i "s|// startAudioMuted: 10,|startAudioMuted: 2,|" "$MEET_CONF"
[ "$ENABLE_WELCP" = "yes" ] && ENABLE_WELCP_BOL=true [ "$ENABLE_WELCP" = "yes" ] && ENABLE_WELCP_BOL=true
[ "$ENABLE_WELCP" = "no" ] && ENABLE_WELCP_BOL=false [ "$ENABLE_WELCP" = "no" ] && ENABLE_WELCP_BOL=false
export ENABLE_WELCP_BOL export ENABLE_WELCP_BOL
echo "> Patching config.js to modify welcompage behavior..." echo "> Patching config.js to modify welcome page behavior..."
echo " Read more about patches at the patches folder." echo " Read more about patches at the patches folder."
envsubst < \ envsubst < \
patches/jitsi-meet/002-jitsi-meet-welcome-page-on-off.patch | \ patches/jitsi-meet/002-jitsi-meet-welcome-page-on-off.patch | \

2
tools/aws-grub-setup.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# Automated AWS generic kernel setup for jibri. # Automated AWS generic kernel setup for jibri.
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
while getopts m: option while getopts m: option

2
tools/fail2ban_ssh.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# Simple Fail2ban configuration # Simple Fail2ban configuration
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GNU GPLv3 or later. # GNU GPLv3 or later.
while getopts m: option while getopts m: option

4
tools/jibri-conf-upgrade.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# Simple Jibri conf updater # Simple Jibri conf updater
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GNU GPLv3 or later. # GNU GPLv3 or later.
while getopts m: option while getopts m: option
@ -31,7 +31,7 @@ if ! [ "$(id -u)" = 0 ]; then
fi fi
echo "Checking for updates...." echo "Checking for updates...."
apt -q2 update apt-get -q2 update
apt install -y \ apt install -y \
apt-show-versions \ apt-show-versions \
jq jq

2
tools/jibri-resolution-enhancer.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# Simple Jibri resolution enhancer # Simple Jibri resolution enhancer
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GNU GPLv3 or later. # GNU GPLv3 or later.
while getopts m: option while getopts m: option

2
tools/prepare_php.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# Automated PHP environment build for Nextcloud. # Automated PHP environment build for Nextcloud.
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
PHPVER=$1 PHPVER=$1

2
tools/start-over.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
#Start over #Start over
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
while getopts m: option while getopts m: option

2
tools/test-jibri-env.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# Simple Jibri Env tester # Simple Jibri Env tester
# SwITNet Ltd © - 2024, https://switnet.net/ # SwITNet Ltd © - 2025, https://switnet.net/
# GNU GPLv3 or later. # GNU GPLv3 or later.
while getopts m: option while getopts m: option