switnet
/
quick-jibri-installer
2
1
Fork 1
Code Issues 2 Pull Requests 1 Packages Projects Releases 13 Wiki Activity

quick_jibri_installer.sh: update and fix for newer release (2025) #118

Open
Ark74 wants to merge 24 commits from Ark74/quick-jibri-installer:fix_jitsi_2025 into master
pull from: Ark74/quick-jibri-installer:fix_jitsi_2025
merge into: switnet:master
Conversation 0 Commits 24 Files Changed 26 +269 -324
26 changed files with 269 additions and 324 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -118,4 +118,4 @@ Feel free to use our `test-jibri-env.sh` tool to find some details on your curre
Please note: This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY.
SwITNet Ltd © - 2024, https://switnet.net/
SwITNet Ltd © - 2025, https://switnet.net/

259
add-jibri-node.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Jibri Node Aggregator
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
### 0_LAST EDITION TIME STAMP ###
@ -16,9 +16,13 @@ do
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
#Make sure the file name is the required one
@ -28,12 +32,6 @@ if [ ! "$(basename "$0")" = "add-jibri-node.sh" ]; then
exit
fi
#Check admin rights
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
### 0_VAR_DEF
MAIN_SRV_DIST=TBD
MAIN_SRV_REPO=TBD
@ -51,17 +49,17 @@ JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR=
JIBRI_CONF="/etc/jitsi/jibri/jibri.conf"
DIR_RECORD="/var/jbrecord"
REC_DIR="/home/jibri/finalize_recording.sh"
CHD_VER="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list"
GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}')
GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
#PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)"
#PUBLIC_IP="$(dig -4 +short myip.opendns.com @resolver1.opendns.com)"
JITSI_GPG_KEY="/etc/apt/trusted.gpg.d/jitsi-key.gpg.key"
NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
NJN_USER="jbnode${ADDUP}_${NJN_RAND_TAIL}"
NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)"
GITHUB_RAW="https://raw.githubusercontent.com"
GIT_REPO="switnet-ltd/quick-jibri-installer"
TEST_JIBRI_ENV="$GITHUB_RAW/$GIT_REPO/unstable/tools/test-jibri-env.sh"
GIT_FORGE="https://forge.switnet.net"
GIT_REPO="switnet/quick-jibri-installer"
TEST_JIBRI_ENV="$GIT_FORGE/$GIT_REPO/raw/branch/master/tools/test-jibri-env.sh"
SHORT_ID="$(awk '{print substr($0,0,7)}' /etc/machine-id)"
JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf"
### 1_VAR_DEF
@ -188,18 +186,19 @@ hostnamectl set-hostname "jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}"
sed -i "1i 127.0.0.1 jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts
# Jitsi-Meet Repo
echo "Add Jitsi repo"
if [ -z "$JITSI_REPO" ]; then
echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-"$MAIN_SRV_REPO".list
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository don't match, extiting.."
exit
elif [ "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository match, continuing..."
printf "\nAdd Jitsi repo\n"
if [ "$JITSI_REPO" = "stable" ]; then
printf " - Jitsi stable repository already installed\n\n"
else
echo "Jitsi $JITSI_REPO repository already installed"
echo "deb [signed-by=$JITSI_GPG_KEY] http://download.jitsi.org stable/" \
> /etc/apt/sources.list.d/jitsi-stable.list
curl -s https://download.jitsi.org/jitsi-key.gpg.key \
> "$JITSI_GPG_KEY"
apt-get update -q2
JITSI_REPO="stable"
fi
sleep .1
# Requirements
echo "We'll start by installing system requirements this may take a while please be patient..."
@ -212,7 +211,7 @@ apt-get -y install \
curl \
ffmpeg \
git \
htop \
btop \
inotify-tools \
jq \
rsync \
@ -221,32 +220,30 @@ apt-get -y install \
wget
check_snd_driver() {
echo -e "\n# Checking ALSA - Loopback module..."
echo "snd-aloop" | tee -a /etc/modules
modprobe snd-aloop
if [ "$(lsmod | grep snd_aloop | head -n 1 | cut -d " " -f1)" = "snd_aloop" ]; then
echo "
#-----------------------------------------------------------------------
# Audio driver seems - OK.
#-----------------------------------------------------------------------"
else
echo "
#-----------------------------------------------------------------------
# Your audio driver might not be able to load.
# We'll check the state of this Jibri with our 'test-jibri-env.sh' tool.
#-----------------------------------------------------------------------"
curl -s "$TEST_JIBRI_ENV" > /tmp/test-jibri-env.sh
#Test tool
printf "\n# Checking ALSA - Loopback module..."
echo "snd-aloop" | tee -a /etc/modules
modprobe snd-aloop
if [ "$(lsmod|awk '/snd_aloop/{print$1}'|awk 'NR==1')" = "snd_aloop" ]; then
echo -e "\n#-----------------------------------------------------------------------"
echo "# Audio driver seems - OK."
echo -e "#-----------------------------------------------------------------------\n"
else
echo -e "\n#-----------------------------------------------------------------------"
echo "# Your audio driver might not be able to load."
echo "# We'll check the state of this Jibri with our 'test-jibri-env.sh' tool."
echo -e "#-----------------------------------------------------------------------\n"
curl -s "$TEST_JIBRI_ENV" > /tmp/test-jibri-env.sh
#Test tool
if [ "$MODE" = "debug" ]; then
bash /tmp/test-jibri-env.sh -m debug
else
bash /tmp/test-jibri-env.sh
fi
rm /tmp/test-jibri-env.sh
read -n 1 -s -r -p "Press any key to continue..."$'\n'
fi
read -n 1 -s -r -p "Press any key to continue..."$'\n'
fi
}
###FIXME: Trisquel support broken by lsb_release usage###
echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")"
if [ "$HWE_VIR_MOD" = "1" ]; then
@ -272,27 +269,37 @@ if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then
echo "Google repository already set."
else
echo "Installing Google Chrome Stable"
wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add -
curl -s https://dl.google.com/linux/linux_signing_key.pub | \
gpg --dearmor | tee /etc/apt/trusted.gpg.d/google-chrome-key.gpg >/dev/null
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO"
fi
apt-get -q2 update
apt-get install -y google-chrome-stable
rm -rf /etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list
apt-get install -yq2 google-chrome-stable
rm -rf "$GOOGL_REPO"
G_CHROME=$(apt-cache madison google-chrome-stable|awk '{print$3}'|cut -d. -f1-3)
CHROMELAB_URL="https://googlechromelabs.github.io/chrome-for-testing"
CHD_LTST_DWNL=$(curl -s $CHROMELAB_URL/known-good-versions-with-downloads.json | \
jq -r ".versions[].downloads.chromedriver | \
select(. != null) | .[].url" | grep linux64 | \
grep "$G_CHROME" | tail -1)
CHD_LTST=$(awk -F '/' '{print$7}' <<< "$CHD_LTST_DWNL")
GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
if [ -f /usr/local/bin/chromedriver ]; then
echo "Chromedriver already installed."
else
echo "Installing Chromedriver"
wget -q https://chromedriver.storage.googleapis.com/"$CHD_VER"/chromedriver_linux64.zip -O /tmp/chromedriver_linux64.zip
unzip /tmp/chromedriver_linux64.zip -d /usr/local/bin/
wget -q "$CHD_LTST_DWNL" \
-O /tmp/chromedriver_linux64.zip
unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/
mv /usr/local/bin/chromedriver-linux64/chromedriver /usr/local/bin/chromedriver
chown root:root /usr/local/bin/chromedriver
chmod 0755 /usr/local/bin/chromedriver
rm -rf /tpm/chromedriver_linux64.zip
rm -rf /tmp/chromedriver_linux64.zip
fi
echo "
Check Google Software Working...
"
printf "\nCheck Google Software Working...\n"
/usr/bin/google-chrome --version
/usr/local/bin/chromedriver --version | awk '{print$1,$2}'
@ -301,15 +308,13 @@ echo '
Start Jibri configuration
########################################################################
'
echo "
Remove Chrome warning...
"
printf "\nRemove Chrome warning...\n"
mkdir -p /etc/opt/chrome/policies/managed
echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON"
# Recording directory
if [ ! -d "$DIR_RECORD" ]; then
mkdir "$DIR_RECORD"
mkdir "$DIR_RECORD"
fi
chown -R jibri:jibri "$DIR_RECORD"
@ -325,19 +330,10 @@ echo "or storage provider, etc.) in this script" >> /tmp/finalize.out
chmod -R 770 \$RECORDINGS_DIR
#Rename folder.
LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -n -r|awk '{print\$2}'| grep -v "meta\|-" | head -n1)"
NJF_NAME="\$(find \$LJF_PATH |grep -e "-"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)"
LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -nr|sed 1d|awk '{print\$2}'| grep -v "meta\|_" | head -n1)"
NJF_NAME="\$(find \$LJF_PATH |grep "mp4"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)"
NJF_PATH="\$RECORDINGS_DIR/\$NJF_NAME"
##Prevent empty recording directory failsafe
if [ "\$LJF_PATH" != "\$RECORDINGS_DIR" ]; then
mv \$LJF_PATH \$NJF_PATH
#Workaround for jibri to do cleaning.
ssh -i /home/jibri/jbsync.pem $MJS_USER@$MAIN_SRV_DOMAIN "rm -r \$LJF_PATH"
else
echo "No new folder recorded, not removing anything."
fi
mv \$LJF_PATH \$NJF_PATH
exit 0
REC_DIR
@ -346,117 +342,15 @@ chmod +x "$REC_DIR"
## New Jibri Config (2020)
mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file
cat << NEW_CONF > "$JIBRI_CONF"
// New XMPP environment config.
jibri {
streaming {
// A list of regex patterns for allowed RTMP URLs. The RTMP URL used
// when starting a stream must match at least one of the patterns in
// this list.
rtmp-allow-list = [
// By default, all services are allowed
".*"
]
}
ffmpeg {
resolution = "$JIBRI_RES_CONF"
}
chrome {
// The flags which will be passed to chromium when launching
flags = [
"--use-fake-ui-for-media-stream",
"--start-maximized",
"--kiosk",
"--enabled",
"--disable-infobars",
"--autoplay-policy=no-user-gesture-required",
"--ignore-certificate-errors",
"--disable-dev-shm-usage"
]
}
stats {
enable-stats-d = true
}
call-status-checks {
// If all clients have their audio and video muted and if Jibri does not
// detect any data stream (audio or video) comming in, it will stop
// recording after NO_MEDIA_TIMEOUT expires.
no-media-timeout = 30 seconds
// If all clients have their audio and video muted, Jibri consideres this
// as an empty call and stops the recording after ALL_MUTED_TIMEOUT expires.
all-muted-timeout = 10 minutes
// When detecting if a call is empty, Jibri takes into consideration for how
// long the call has been empty already. If it has been empty for more than
// DEFAULT_CALL_EMPTY_TIMEOUT, it will consider it empty and stop the recording.
default-call-empty-timeout = 30 seconds
}
recording {
recordings-directory = $DIR_RECORD
finalize-script = $REC_DIR
}
api {
xmpp {
environments = [
{
// A user-friendly name for this environment
name = "$JB_NAME"
// A list of XMPP server hosts to which we'll connect
xmpp-server-hosts = [ "$MAIN_SRV_DOMAIN" ]
// The base XMPP domain
xmpp-domain = "$MAIN_SRV_DOMAIN"
// The MUC we'll join to announce our presence for
// recording and streaming services
control-muc {
domain = "internal.auth.$MAIN_SRV_DOMAIN"
room-name = "$JibriBrewery"
nickname = "machine-id"
}
// The login information for the control MUC
control-login {
domain = "auth.$MAIN_SRV_DOMAIN"
username = "jibri"
password = "$JB_AUTH_PASS"
}
// An (optional) MUC configuration where we'll
// join to announce SIP gateway services
// sip-control-muc {
// domain = "domain"
// room-name = "room-name"
// nickname = "nickname"
// }
// The login information the selenium web client will use
call-login {
domain = "recorder.$MAIN_SRV_DOMAIN"
username = "recorder"
password = "$JB_REC_PASS"
}
// The value we'll strip from the room JID domain to derive
// the call URL
strip-from-room-domain = "conference."
// How long Jibri sessions will be allowed to last before
// they are stopped. A value of 0 allows them to go on
// indefinitely
usage-timeout = 0 hour
// Whether or not we'll automatically trust any cert on
// this XMPP domain
trust-all-xmpp-certs = true
}
]
}
}
}
NEW_CONF
cp files/jibri.conf "$JIBRI_CONF"
sed -i "s|JIBRI_RES_CONF|$JIBRI_RES_CONF|g" "$JIBRI_CONF"
sed -i "s|DIR_RECORD|$DIR_RECORD|g" "$JIBRI_CONF"
sed -i "s|REC_DIR|$REC_DIR|g" "$JIBRI_CONF"
sed -i "s|JB_NAME|$JB_NAME|g" "$JIBRI_CONF"
sed -i "s|DOMAIN|$DOMAIN|g" "$JIBRI_CONF"
sed -i "s|JibriBrewery|$JibriBrewery|g" "$JIBRI_CONF"
sed -i "s|JB_AUTH_PASS|$JB_AUTH_PASS|g" "$JIBRI_CONF"
sed -i "s|JB_REC_PASS|$JB_REC_PASS|g" "$JIBRI_CONF"
#Jibri xorg resolution
sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" "$JIBRI_XORG_CONF"
@ -467,15 +361,16 @@ echo "$NJN_USER:$NJN_USER_PASS" | chpasswd
echo -e "\n---- We'll connect to main server ----"
read -n 1 -s -r -p "Press any key to continue..."$'\n'
sudo su "$NJN_USER" -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
sudo su "$NJN_USER" -c "ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -o -a 200 -q -N ''"
#Workaround for jibri to do cleaning.
install -m 0600 -o jibri /home/"$NJN_USER"/.ssh/id_rsa /home/jibri/jbsync.pem
sudo su jibri -c "install -D /dev/null /home/jibri/.ssh/known_hosts"
sudo su jibri -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts"
sudo su jibri -c "ssh-keyscan -t ed25519 $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts"
echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n"
ssh-keyscan -t rsa "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts
ssh-keyscan -t ed25519 "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts
ssh "$MJS_USER"@"$MAIN_SRV_DOMAIN" sh -c "'cat >> .ssh/authorized_keys'" < /home/"$NJN_USER"/.ssh/id_rsa.pub
sudo su "$NJN_USER" -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts"

17
add-jvb2-node.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# JVB2 Node Aggregator
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
### 0_LAST EDITION TIME STAMP ###
@ -16,9 +16,13 @@ do
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
#Make sure the file name is the required one
@ -28,13 +32,6 @@ if [ ! "$(basename "$0")" = "add-jvb2-node.sh" ]; then
exit
fi
#Check admin rights
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
### 0_VAR_DEF
MAIN_SRV_DIST=TBD
MAIN_SRV_REPO=TBD

59
etherpad-docker.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Etherpad Installer for Jitsi Meet
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
#
# GPLv3 or later.
@ -13,9 +13,8 @@ do
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
@ -32,7 +31,9 @@ echo '
'
FORGE_REPO="https://forge.switnet.net/switnet/quick-jibri-installer"
check_apt_policy() {
apt-cache policy 2>/dev/null| awk "/$1/{print \$3}" | awk -F '/' 'NR==1{print$2}'
apt-cache policy 2>/dev/null| \
awk "/$1/{print \$3}" | \
awk -F '/' 'NR==1{print$2}'
}
install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
@ -59,28 +60,26 @@ PSGVER="$(apt-cache madison postgresql|tr -d '[:blank:]'|awk -F'[|+]' 'NR==1{pri
ETHERPAD_DB_USER="dockerpad"
ETHERPAD_DB_NAME="etherpad"
ETHERPAD_DB_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
DOCKER_CE_REPO="$(check_apt_policy docker)"
WS_CONF_MATCH1="# ensure all static content can always be found first"
echo "Add Docker repo"
if [ "$DOCKER_CE_REPO" = "stable" ]; then
echo "Docker repository already installed"
else
echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > \
/etc/apt/sources.list.d/docker-ce.list
wget -qO - https://download.docker.com/linux/ubuntu/gpg | \
gpg --dearmor | tee /etc/apt/trusted.gpg.d/docker-gpg-key.gpg >/dev/null
apt -q2 update
fi
WS_MATCH2="upstream prosody {"
read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS
install -m 600 /dev/null /var/opt/etherpad_details.txt
cat << EOF > /var/opt/etherpad_details.txt
ETHERPAD_ADMIN_PASS=$ETHERPAD_ADMIN_PASS
ETHERPAD_DB_USER=$ETHERPAD_DB_USER
ETHERPAD_DB_NAME=$ETHERPAD_DB_NAME
ETHERPAD_DB_PASS=$ETHERPAD_DB_PASS
EOF
# Make sure we can rely on the match strings.
printf "> Testing match strings on config files.\n"
test_match "$WS_MATCH1" "$WS_CONF"
test_match "$WS_MATCH2" "$WS_CONF"
# Install required packages
install_ifnot docker-ce
install_ifnot docker.io
install_ifnot postgresql-"$PSGVER"
# Create DB
@ -89,15 +88,15 @@ sudo -u postgres psql <<DB
CREATE DATABASE ${ETHERPAD_DB_NAME};
CREATE USER ${ETHERPAD_DB_USER} WITH ENCRYPTED PASSWORD '${ETHERPAD_DB_PASS}';
GRANT ALL PRIVILEGES ON DATABASE ${ETHERPAD_DB_NAME} TO ${ETHERPAD_DB_USER};
\c ${ETHERPAD_DB_NAME}
ALTER SCHEMA public OWNER TO ${ETHERPAD_DB_USER};
DB
echo " -- Your etherpad db password is: $ETHERPAD_DB_PASS"
echo -e " Please save it somewhere safe.\n"
# Check fot docker if not running then execute
if [ ! "$(docker ps -q -f name=etherpad)" ]; then
if [ "$(docker ps -aq -f status=exited -f name=etherpad)" ]; then
# cleanup
docker rm etherpad
docker rm -f etherpad
fi
# run your container
docker run -d --restart always \
@ -111,7 +110,7 @@ if [ ! "$(docker ps -q -f name=etherpad)" ]; then
-e "DB_NAME=$ETHERPAD_DB_NAME" \
-e "DB_USER=$ETHERPAD_DB_USER" \
-e "DB_PASS=$ETHERPAD_DB_PASS" \
-i -t etherpad/etherpad
etherpad/etherpad
fi
# Tune webserver for Jitsi App control
@ -120,6 +119,16 @@ if [ "$(grep -c etherpad "$WS_CONF")" != 0 ]; then
echo "> Webserver seems configured, skipping..."
elif [ -f "$WS_CONF" ]; then
echo "> Setting up webserver configuration file..."
if ! grep -q 'map $http_upgrade $connection_upgrade' "$WS_CONF"; then
echo " > Setting mapping upgrade connection."
sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections or Etherpad" "$WS_CONF"
sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF"
sed -i "/$WS_MATCH2/i }" "$WS_CONF"
else
echo " > Upgrade connection mapping already setup."
fi
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ #Etherpad block" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ location \^\~\ \/etherpad\/ {" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ \ \ \ \ proxy_http_version 1.1;" "$WS_CONF"
@ -133,8 +142,8 @@ elif [ -f "$WS_CONF" ]; then
sed -i "/$WS_CONF_MATCH1/i \ \ \ \ }" "$WS_CONF"
sed -i "/$WS_CONF_MATCH1/i \\\n" "$WS_CONF"
else
echo "> No etherpad config done to server file, please report to:
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
echo "> No etherpad config done to server file, please report to:"
echo " -> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
fi
# Configure config.js
@ -152,6 +161,6 @@ if nginx -t 2>/dev/null ; then
# systemctl reload nginx
else
echo "Please check your configuration, something may be wrong."
echo "Will not try to enable etherpad nginx configuration, please report to:
-> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
echo "Will not try to enable etherpad nginx configuration, please report to:"
echo " -> https://forge.switnet.net/switnet/quick-jibri-installer/issues"
fi

38
excalidraw-backend.sh
View File

@ -4,9 +4,27 @@
# Based on:
# - https://community.jitsi.org/t/118883
#
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
# Reset
Color_Off='\e[0m' # Text Reset
# Regular Colors
@ -52,24 +70,6 @@ else
fi
}
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
clear
echo -e '\n
########################################################################

14
grafana.sh
View File

@ -8,7 +8,7 @@
# by "mephisto"
#
# Igor Kerstges © - 2021
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
#
# GPLv3 or later.
@ -21,9 +21,8 @@ do
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
@ -180,6 +179,7 @@ while [ $secs -gt 0 ]; do
done
if [ -f "$WS_CONF" ]; then
echo "> Setting up webserver configuration file..."
sed -i "/$WS_MATCH1/i \ \ \ \ # Proxy Grafana." "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ location ~ ^/(grafana/|grafana/login) {" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF"
@ -194,12 +194,16 @@ if [ -f "$WS_CONF" ]; then
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ \ \ proxy_pass http://grafana;" "$WS_CONF"
sed -i "/$WS_MATCH1/i \ \ \ \ }" "$WS_CONF"
sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections." "$WS_CONF"
if ! grep -q 'map $http_upgrade $connection_upgrade' "$WS_CONF"; then
echo " > Setting mapping upgrade connection."
sed -i "/$WS_MATCH2/i # This is required to proxy Grafana Live WebSocket connections or Etherpad" "$WS_CONF"
sed -i "/$WS_MATCH2/i map \$http_upgrade \$connection_upgrade {" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ default upgrade;" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ '' close;" "$WS_CONF"
sed -i "/$WS_MATCH2/i }" "$WS_CONF"
else
echo " > Upgrade connection mapping already setup."
fi
sed -i "/$WS_MATCH1/i \\\n" "$WS_CONF"
sed -i "/$WS_MATCH2/i upstream grafana {" "$WS_CONF"
sed -i "/$WS_MATCH2/i \ \ server localhost:3000;" "$WS_CONF"

17
jigasi-vosk-backend.sh
View File

@ -1,13 +1,26 @@
#!/bin/bash
# Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
#Check if user is root
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
esac
done
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
exit_if_not_installed() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then
echo " This instance doesn't have $1 installed, exiting..."

16
jitsi-updater.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash
# Jitsi Meet recurring upgrader and customization keeper
# for Debian/*buntu binaries.
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option
@ -13,9 +13,13 @@ do
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
Blue='\e[0;34m'
@ -27,11 +31,7 @@ Color_Off='\e[0m'
printwc() {
printf "%b$2%b" "$1" "${Color_Off}"
}
#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
if [ ! -f jm-bm.sh ]; then
echo "Please check that you are running the jitsi updater while being on the project folder"
echo "other wise the updater might have errors or be incomplete. Exiting..."

10
jm-bm.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash
# Jitsi Meet brandless mode
# for Debian/*buntu binaries.
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option
@ -13,9 +13,13 @@ do
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
set -x
fi
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"

14
jra_nextcloud.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# JRA (Jibri Recordings Access) via Nextcloud
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
while getopts m: option
@ -12,7 +12,6 @@ do
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
@ -21,6 +20,7 @@ if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
exit_if_not_installed() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then
echo " This instance doesn't have $1 installed, exiting..."
@ -132,9 +132,10 @@ sleep .1
#Enable HSTS
while [ "$ENABLE_HSTS" != "yes" ] && [ "$ENABLE_HSTS" != "no" ]
do
read -p "> Do you want to enable HSTS for this domain?: (yes or no)
Be aware this option apply mid-term effects on the domain, choose \"no\"
read -p "> Do you want to enable HSTS for this domain? (yes or no) [default: no]:
Be aware this option apply mid-term effects on the domain, choose \"no\" or leave empty
in case you don't know what you are doing. More at https://hstspreload.org/$NL" -r ENABLE_HSTS
ENABLE_HSTS=${ENABLE_HSTS:-no}
if [ "$ENABLE_HSTS" = "no" ]; then
echo " - HSTS won't be enabled."
elif [ "$ENABLE_HSTS" = "yes" ]; then
@ -163,7 +164,7 @@ if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")
echo "jitsi meet/jibri is installed, checking version:"
apt-show-versions jibri
else
echo "Wait!, jitsi-meet/jibri is not installed on this system using apt, exiting..."
echo "Wait!, jitsi-meet/jibri is not installed on this system via apt, exiting..."
exit
fi
@ -196,7 +197,10 @@ sudo -u postgres psql <<DB
CREATE DATABASE nextcloud_db;
CREATE USER ${NC_DB_USER} WITH ENCRYPTED PASSWORD '${NC_DB_PASSWD}';
GRANT ALL PRIVILEGES ON DATABASE ${NC_DB} TO ${NC_DB_USER};
\c nextcloud_db
ALTER SCHEMA public OWNER TO ${NC_DB_USER};
DB
echo -e "\nDone!\n"
# Add .mjs as a file extension for javascript

2
mode/chp-mode.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Custom High Performance Jitsi conf
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
while getopts m: option

2
mode/grid/selenium-grid-docker.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash
# Custom Selenium Grid-Node fro Jitsi Meet
# Pandian © - https://community.jitsi.org/u/Pandian
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
while getopts m: option

2
mode/jms-stu.sh
View File

@ -2,7 +2,7 @@
# System-tune-up to remove system software restrictions on a huge load of connections.
# Be aware that hardware/infrastructure resources are the most common limiters.
#
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
while getopts m: option

2
mode/jwt.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# JWT Mode Setup
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
while getopts m: option

10
patches/jigasi/001-jigasi-meet-config.patch
View File

@ -1,5 +1,5 @@
# Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
Enable transcription on jitsi meet config.js file.
@ -29,10 +29,10 @@ index f412891..f704157 100644
// // Transcriber language. This settings will only work if "useAppLanguage"
// // is explicitly set to false.
@@ -453,7 +453,7 @@ var config = {
// // Enables automatic turning on transcribing when recording is started
// autoTranscribeOnRecord: false,
@@ -484,7 +484,7 @@ var config = {
// // Enables automatic request of subtitles when transcriber is present in the meeting, uses the default
// // language that is set
// autoCaptionOnTranscribe: false,
- // },
+ },

2
patches/jigasi/002-jigasi-sip-properties.patch
View File

@ -1,5 +1,5 @@
# Quick Jigasi Installer with VOSK backend - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
Modify sip-communicator.properties to run Jigasi along with VOSK Models.

2
patches/jitsi-meet/001-jitsi-meet-enable-livestreaming-and-recording.patch
View File

@ -1,5 +1,5 @@
# Quick Jibri Installer - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
Patch jitsi-meet config.js to enable recording and livestreaming by default.

2
patches/jitsi-meet/002-jitsi-meet-welcome-page-on-off.patch
View File

@ -1,5 +1,5 @@
# Quick Jibri Installer - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
Patch jitsi-meet config.js to enable/disable welcome page.

57
quick_jibri_installer.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Quick Jibri Installer - *buntu (LTS) based systems.
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
{
echo "Started at $(date +'%Y-%m-%d %H:%M:%S')" >> qj-installer.log
@ -14,8 +14,8 @@ do
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
export MODE=debug
set -x
fi
@ -70,6 +70,7 @@ rename_distro() {
#Trisquel distro upstream referencing.
rename_distro nabia focal
rename_distro aramo jammy
rename_distro ecne noble
install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
@ -189,7 +190,8 @@ fi
printf "\nOS: %s" "$(lsb_release -sd)"
if [ "$DIST" = "focal" ] || \
[ "$DIST" = "jammy" ]; then
[ "$DIST" = "jammy" ] || \
[ "$DIST" = "noble" ]; then
printf "\nGood, this is a supported platform!"
else
printf "\nSorry, this platform is not supported... exiting"
@ -386,7 +388,7 @@ apt-get -y install \
curl \
ffmpeg \
git \
htop \
btop \
jq \
net-tools \
rsync \
@ -404,6 +406,7 @@ apt-get -y install \
fi
fi
###FIXME: Trisquel support broken by lsb_release usage###
echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" \
2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)")"
@ -419,11 +422,9 @@ fi
check_serv
echo "
#--------------------------------------------------
# Install Jitsi Framework
print_title "Install Jitsi Framework"
#--------------------------------------------------
"
if [ "$LE_SSL" = "yes" ]; then
echo "set jitsi-meet/cert-choice select $CERT_CHOICE_DEBCONF" \
| debconf-set-selections
@ -468,7 +469,9 @@ elif [ "$(npm list -g esprima 2>/dev/null | grep -c "esprima")" == "1" ]; then
echo "Good. Esprima package is already installed"
fi
echo "# Installing Google Chrome / ChromeDriver"
#--------------------------------------------------
print_title "Installing Google Chrome / ChromeDriver"
#--------------------------------------------------
if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then
echo "Google repository already set."
else
@ -483,7 +486,10 @@ rm -rf "$GOOGL_REPO"
G_CHROME=$(apt-cache madison google-chrome-stable|awk '{print$3}'|cut -d. -f1-3)
CHROMELAB_URL="https://googlechromelabs.github.io/chrome-for-testing"
CHD_LTST_DWNL=$(curl -s $CHROMELAB_URL/known-good-versions-with-downloads.json | jq -r ".versions[].downloads.chromedriver | select(. != null) | .[].url" | grep linux64 | grep "$G_CHROME" | tail -1)
CHD_LTST_DWNL=$(curl -s $CHROMELAB_URL/known-good-versions-with-downloads.json | \
jq -r ".versions[].downloads.chromedriver | \
select(. != null) | .[].url" | grep linux64 | \
grep "$G_CHROME" | tail -1)
CHD_LTST=$(awk -F '/' '{print$7}' <<< "$CHD_LTST_DWNL")
GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
@ -581,15 +587,17 @@ sleep .1
read -p "Leave empty to use the default one (English):$NL" -r L10N_ME
#Drop unsecure TLS
while [ "$DROP_TLS1" != "yes" ] && [ "$DROP_TLS1" != "no" ]
do
if grep -qE 'TLSv1(\.1)?' /etc/nginx/nginx.conf; then
while [ "$DROP_TLS1" != "yes" ] && [ "$DROP_TLS1" != "no" ]
do
read -p "> Do you want to drop support for unsecure protocols TLSv1.0/1.1 now: (yes or no)$NL" -r DROP_TLS1
if [ "$DROP_TLS1" = "no" ]; then
printf " - TLSv1.0/1.1 will remain.\n\n"
elif [ "$DROP_TLS1" = "yes" ]; then
printf " - TLSv1.0/1.1 will be dropped\n\n"
fi
done
done
fi
sleep .1
#Brandless Mode
while [ "$ENABLE_BLESSM" != "yes" ] && [ "$ENABLE_BLESSM" != "no" ]
@ -794,7 +802,9 @@ restart_services() {
# Configure Jvb2
sed -i "/shard.HOSTNAME/s|localhost|$DOMAIN|" "$JVB2_SIP"
# Configure Jibri
#--------------------------------------------------
print_title "Configure Jibri"
#--------------------------------------------------
if [ "$ENABLE_SC" = "yes" ]; then
if [ ! -f "$MOD_LIST_FILE" ]; then
printf "\n-> Adding external module to list prosody users...\n"
@ -912,10 +922,11 @@ useradd -m -g jibri "$MJS_USER"
echo "$MJS_USER:$MJS_USER_PASS" | chpasswd
#Create ssh key and restrict connections
sudo su "$MJS_USER" -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
sudo su "$MJS_USER" -c "ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -o -a 200 -q -N ''"
#Allow password authentication
sed -i "s|PasswordAuthentication .*|PasswordAuthentication yes|" /etc/ssh/sshd_config
systemctl restart sshd
systemctl daemon-reload
systemctl restart ssh.service ssh.socket
#Setting varibales for add-jibri-node.sh
sed -i "s|MAIN_SRV_DIST=.*|MAIN_SRV_DIST=\"$DIST\"|" add-jibri-node.sh
@ -987,8 +998,13 @@ else
echo -n "No condition meet, please report to:"
echo "https://forge.switnet.net/switnet/quick-jibri-installer/issues"
fi
# Remove possible duplication of wasm definition.
grep -q wasm /etc/nginx/mime.types && sed -i '/types {/,/}/ {/wasm/d}' "$WS_CONF"
sleep .1
#================== Setup prosody conf file =================
#--------------------------------------------------
print_title "Setup prosody conf file"
#--------------------------------------------------
###Setup secure rooms
if [ "$ENABLE_SC" = "yes" ]; then
@ -1038,8 +1054,11 @@ VirtualHost "guest.$DOMAIN"
P_SR
fi
#======================
# Custom settings
#--------------------------------------------------
print_title "Custom settings"
#--------------------------------------------------
#Start with video muted by default
sed -i "s|// startWithVideoMuted: false,|startWithVideoMuted: true,|" "$MEET_CONF"
@ -1050,7 +1069,7 @@ sed -i "s|// startAudioMuted: 10,|startAudioMuted: 2,|" "$MEET_CONF"
[ "$ENABLE_WELCP" = "yes" ] && ENABLE_WELCP_BOL=true
[ "$ENABLE_WELCP" = "no" ] && ENABLE_WELCP_BOL=false
export ENABLE_WELCP_BOL
echo "> Patching config.js to modify welcompage behavior..."
echo "> Patching config.js to modify welcome page behavior..."
echo " Read more about patches at the patches folder."
envsubst < \
patches/jitsi-meet/002-jitsi-meet-welcome-page-on-off.patch | \

2
tools/aws-grub-setup.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Automated AWS generic kernel setup for jibri.
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
while getopts m: option

2
tools/fail2ban_ssh.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Simple Fail2ban configuration
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option

4
tools/jibri-conf-upgrade.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Simple Jibri conf updater
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option
@ -31,7 +31,7 @@ if ! [ "$(id -u)" = 0 ]; then
fi
echo "Checking for updates...."
apt -q2 update
apt-get -q2 update
apt install -y \
apt-show-versions \
jq

2
tools/jibri-resolution-enhancer.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Simple Jibri resolution enhancer
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option

2
tools/prepare_php.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Automated PHP environment build for Nextcloud.
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
PHPVER=$1

2
tools/start-over.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
#Start over
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GPLv3 or later.
while getopts m: option

2
tools/test-jibri-env.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
# Simple Jibri Env tester
# SwITNet Ltd © - 2024, https://switnet.net/
# SwITNet Ltd © - 2025, https://switnet.net/
# GNU GPLv3 or later.
while getopts m: option