switnet
/
quick-jibri-installer
2
1
Fork 1
Code Issues 1 Pull Requests Packages Projects Releases 14 Wiki Activity

mode/jwt.sh: renable jwt setup on QJI #125

Merged
Ark74 merged 7 commits from Ark74/quick-jibri-installer:upd_jwt_25 into master 2025-09-02 11:13:54 +00:00
Conversation 0 Commits 7 Files Changed 4 +20 -28
1 changed files with 20 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit d591495e41 - Show all commits

40
mode/jwt.sh
View File

@ -27,24 +27,18 @@ SECRET_APP="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 64 | head -n1)"
SRP_STR="$(grep -n "VirtualHost \"$DOMAIN\"" "$PROSODY_FILE" | head -n1 | cut -d ":" -f1)"
SRP_END="$((SRP_STR + 10))"
## Required openssl for Focal 20.04
if [ "$(lsb_release -sc)" = "focal" ]; then
echo "deb http://ppa.launchpad.net/rael-gc/rvm/ubuntu focal main" | \
sudo tee /etc/apt/sources.list.d/rvm.list
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys F4E3FBBE
apt-get update
# Prosody 0.12 only
if command -v prosodyctl >/dev/null 2>&1; then
PROSODY_VER="$(prosodyctl about 2>/dev/null | sed -n 's/^Prosody //p' | awk '{print $1}')"
case "$PROSODY_VER" in
0.12.*) : ;;
*) echo "Prosody $PROSODY_VER NO supported for JWT mode (required 0.12.x)"
exit 1 ;;
esac
fi
apt-get -y install \
lua5.2 \
liblua5.2 \
luarocks \
libssl1.0-dev \
python3-jwt
luarocks install basexx
luarocks install luacrypto
luarocks install lua-cjson 2.1.0-1
# Install dependencies
apt-get -y install python3-jwt
echo "set jitsi-meet-tokens/appid string $APP_ID" | debconf-set-selections
echo "set jitsi-meet-tokens/appsecret password $SECRET_APP" | debconf-set-selections
@ -67,7 +61,8 @@ sed -i "s|--allow_empty_token =.*|allow_empty_token = false|" "$PROSODY_FILE"
sed -i 's|--"token_verification"|"token_verification"|' "$PROSODY_FILE"
# Request auth
sed -i "s|#org.jitsi.jicofo.auth.URL=EXT_JWT:|org.jitsi.jicofo.auth.URL=EXT_JWT:|" "$JICOFO_SIP"
## JWT via Prosody: don't touch Jicofo
#sed -i "s|#org.jitsi.jicofo.auth.URL=EXT_JWT:|org.jitsi.jicofo.auth.URL=EXT_JWT:|" "$JICOFO_SIP"
sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" "$MEET_CONF"
# Enable jibri recording
@ -83,14 +78,10 @@ REC-JIBRI
# Setup guests and lobby
cat << P_SR >> "$PROSODY_FILE"
-- #Change back lobby - https://community.jitsi.org/t/64769/136
VirtualHost "guest.$DOMAIN"
authentication = "token"
allow_empty_token = true
authentication = "jitsi-anonymous"
c2s_require_encryption = false
speakerstats_component = "speakerstats.$DOMAIN"
app_id="$APP_ID";
app_secret="$SECRET_APP";
modules_enabled = {
"speakerstats";
@ -102,14 +93,15 @@ echo -e "\nUse the following for your App (e.g. Rocket.Chat):\n"
echo -e "\nAPP_ID: $APP_ID" && \
echo -e "SECRET_APP: $SECRET_APP\n"
echo -e "You can test JWT authentication with the following token:\n"
echo -e "You can test JWT authentication with the following token for the next hour:\n"
pyjwt3 --key="$SECRET_APP" \
encode \
--alg HS256 \
group="Rocket.Chat" \
aud="$APP_ID" \
iss="$APP_ID" \
sub="$DOMAIN" \
room="*" \
algorithm="HS256"
exp="$(($(date +%s)+3600))"
read -n 1 -s -r -p $'\n'"Press any key to continue..."$'\n'