4.0 release merge #16

Merged
Ark74 merged 54 commits from unstable into master 2020-10-11 07:30:47 +00:00
7 changed files with 871 additions and 212 deletions

View File

@ -1,49 +1,75 @@
# Quick Jibri Installer
Bash installer for Jibri on **\*buntu LTS** based systems using **nginx** as default webserver.
Bash installer for Jibri on **Ubuntu LTS** based systems using **nginx** as default webserver.
## Usage
As for our current latest release, as we have integrated more and more features, we highly recommend to use a purpose specific-newly spawn server to host the jitsi-meet framework, making sure you stick to the requirements and recommendations as much as possible, in order to avoid issues.
### Main Server
Login into your clean server, clone git repository and run the installer,
```
git clone https://github.com/switnet-ltd/quick-jibri-installer
cd quick-jibri-installer
bash quick-jibri-installer.sh
```
Please check more details on our wiki.
### Add Jibri node
Copy the modified `add-jibri-node.sh` file from your early cloned installation directory once it's completed to the new server meant to be a jibri node using your preferred method, then run it
**WARNING:** This file contains sensitive information from your setup, please handle with care.
```
bash add-jibri-node.sh
```
Check more details on our wiki.
## Requirements
* Clean VM/VPS/Server using Ubuntu LTS
* Valid domain with DNS record, **mandatory** for SSL certs via Let's Encrypt.
* Ports open for ACME (SSL) interaction & validation.
* Minimum recommended for video recording: 8 GB RAM / 4 Cores.
* Highly recommended: 8 GB RAM / 4 Cores.
* Webcam
### Jigasi Transcript
* SIP account
* Google Cloud Account with Billing setup.
### Jibri Recodings Access via Nextcloud
* Valid domain with DNS record for Nextcloud SSL.
## Kernel warning
For AWS users or any cloud service provider that might use their own kernel on their products (servers/vm/vps), might cause Jibri failure to start due not allowing `snd_aloop` module.
Make sure that you update your grub to boot the right one.
Feel free to use our (new) `test-jibri-env.sh` tool to find some details on your current setup.
## Features
* Enabled Session (video) Recording using Jibri
* Enabled Session Recording using Jibri
* Enabled Jitsi Electron app detection server side.
* Standalone SSL Certbot/LE implementation
* Jigasi Transcript - Speech to Text powered by Google API
* JRA (Jibri Recordings Access) via Nextcloud
* Improved recurring updater
* Customized brandless mode
* (New) Setting up custom interface_config.js
* (New) Grafana Dashboard
* (New) Lobby Rooms - Secure Rooms
* (New) Conference Duration - Secure Rooms
* Setting up custom interface_config.js
* Grafana Dashboard
* Lobby Rooms - Secure Rooms
* Conference Duration - Secure Rooms
* (New) Automatic Jibri nodes network sync ([see more](https://github.com/switnet-ltd/quick-jibri-installer/wiki/Jibri-Nodes)).
## Tools (New)
* (New) Jibri Environment Tester
* (New) Jibri Conf Upgrader (late 2020).
## Optional custom changes
* Optional default language
* Option to enable Secure Rooms
* Option to enable Welcome Page
* Option to enable Local audio recording using flac.
* Option to use Rodentia static avatar (icon credit: sixsixfive) - Legacy
## Custom changes
* Start with video muted by default

View File

@ -42,16 +42,25 @@ JibriBrewery=TBD
JB_NAME=TBD
JB_AUTH_PASS=TBD
JB_REC_PASS=TBD
MJS_USER=TBD
MJS_USER_PASS=TBD
THIS_SRV_DIST=$(lsb_release -sc)
JITSI_REPO=$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f1)
START=0
LAST=TBD
CONF_JSON="/etc/jitsi/jibri/config.json"
JIBRI_CONF="/etc/jitsi/jibri/jibri.conf"
DIR_RECORD="/var/jbrecord"
REC_DIR="/home/jibri/finalize_recording.sh"
CHD_VER="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list"
GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)"
NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
NJN_USER="jbnode${ADDUP}_${NJN_RAND_TAIL}"
NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)"
GITHUB_RAW="https://raw.githubusercontent.com"
GIT_REPO="switnet-ltd/quick-jibri-installer"
TEST_JIBRI_ENV="$GITHUB_RAW/$GIT_REPO/unstable/tools/test-jibri-env.sh"
### 1_VAR_DEF
# sed limiters for add-jibri-node.sh variables
@ -61,12 +70,12 @@ var_dlim() {
check_var() {
if [ -z "$2" ]; then
echo "$1 is not defined, please check. Exiting..."
echo -e "Check if variable $1 is set: \xE2\x9C\x96 \nExiting..."
exit
else
echo "$1 is set to: $2"
echo -e "Check if variable $1 is set: \xE2\x9C\x94"
fi
}
}
if [ -z "$LAST" ]; then
echo "There is an error on the LAST definition, please report."
@ -85,6 +94,51 @@ if [ ! "$THIS_SRV_DIST" = "$MAIN_SRV_DIST" ]; then
exit
fi
#Check system resources
echo "Verifying System Resources:"
if [ "$(nproc --all)" -lt 4 ];then
echo "
Warning!: The system do not meet the minimum CPU requirements for Jibri to run.
>> We recommend 4 cores/threads for Jibri!
"
CPU_MIN="N"
else
echo "CPU Cores/Threads: OK ($(nproc --all))"
CPU_MIN="Y"
fi
### Test RAM size (8GB min) ###
mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+')
if [ ${mem_available} -lt 7700000 ]; then
echo "
Warning!: The system do not meet the minimum RAM requirements for Jibri to run.
>> We recommend 8GB RAM for Jibri!
"
MEM_MIN="N"
else
echo "Memory: OK ($((mem_available/1024)) MiB)"
MEM_MIN="Y"
fi
if [ "$CPU_MIN" = "Y" ] && [ "$MEM_MIN" = "Y" ];then
echo "All requirements seems meet!"
echo "
- We hope you have a nice recording/streaming session
"
else
echo "CPU ($(nproc --all))/RAM ($((mem_available/1024)) MiB) does NOT meet minimum recommended requirements!"
echo "Since this is a Jibri node installation there is no point on not having the necessary resources."
echo "We highly advice to increase the resources in order to install this Jibri node."
while [[ "$CONTINUE_LOW_RES" != "yes" && "$CONTINUE_LOW_RES" != "no" ]]
do
read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_LOW_RES
if [ "$CONTINUE_LOW_RES" = "no" ]; then
echo "See you next time with more resources!..."
exit
elif [ "$CONTINUE_LOW_RES" = "yes" ]; then
echo "Please keep in mind that we might not support underpowered nodes."
fi
done
fi
echo "
#-----------------------------------------------------------------------
# Checking initial necessary variables...
@ -97,6 +151,12 @@ check_var JibriBrewery "$JibriBrewery"
check_var JB_NAME "$JB_NAME"
check_var JB_AUTH_PASS "$JB_AUTH_PASS"
check_var JB_REC_PASS "$JB_REC_PASS"
check_var MJS_USER "$MJS_USER"
check_var MJS_USER_PASS "$MJS_USER_PASS"
# Rename hostname for each jibri node
hostnamectl set-hostname "jbnode${ADDUP}.${MAIN_SRV_DOMAIN}"
sed -i "1i 127.0.0.1 jbnode${ADDUP}.${MAIN_SRV_DOMAIN}" /etc/hosts
# Jitsi-Meet Repo
echo "Add Jitsi repo"
@ -112,9 +172,29 @@ else
echo "Jitsi $JITSI_REPO repository already installed"
fi
# Requirements
echo "We'll start by installing system requirements this may take a while please be patient..."
apt-get update -q2
apt-get dist-upgrade -yq2
apt-get -y install \
apt-show-versions \
bmon \
curl \
ffmpeg \
git \
htop \
inotify-tools \
jq \
rsync \
ssh \
unzip \
wget
check_snd_driver() {
echo -e "\n# Checking ALSA - Loopback module..."
echo "snd-aloop" | tee -a /etc/modules
modprobe snd-aloop
echo "snd-aloop" >> /etc/modules
if [ "$(lsmod | grep snd_aloop | head -n 1 | cut -d " " -f1)" = "snd_aloop" ]; then
echo "
#-----------------------------------------------------------------------
@ -123,30 +203,31 @@ if [ "$(lsmod | grep snd_aloop | head -n 1 | cut -d " " -f1)" = "snd_aloop" ]; t
else
echo "
#-----------------------------------------------------------------------
# Your audio driver might not be able to load, once the installation
# is complete and server restarted, please run: \`lsmod | grep snd_aloop'
# to make sure it did. If not, any feedback for your setup is welcome.
# Your audio driver might not be able to load.
# We'll check the state of this Jibri with our 'test-jibri-env.sh' tool.
#-----------------------------------------------------------------------"
curl -s $TEST_JIBRI_ENV > /tmp/test-jibri-env.sh
#Test tool
if [ "$MODE" = "debug" ]; then
bash /tmp/test-jibri-env.sh -m debug
else
bash /tmp/test-jibri-env.sh
fi
rm /tmp/test-jibri-env.sh
read -n 1 -s -r -p "Press any key to continue..."$'\n'
fi
}
# Requirements
echo "We'll start by installing system requirements this may take a while please be patient..."
apt-get update -q2
apt-get dist-upgrade -yq2
apt-get -y install \
bmon \
curl \
ffmpeg \
git \
htop \
linux-image-generic-hwe-"$(lsb_release -r|awk '{print$2}')" \
unzip \
wget
check_snd_driver
echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD=$(apt-cache madison linux-modules-extra-virtual-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "extra-virtual-hwe")
if [ "$HWE_VIR_MOD" == "1" ]; then
apt-get -y install \
linux-image-generic-hwe-$(lsb_release -sr) \
linux-modules-extra-virtual-hwe-$(lsb_release -sr)
else
apt-get -y install \
linux-modules-extra-$(uname -r)
fi
echo "
#--------------------------------------------------
@ -220,42 +301,152 @@ REC_DIR
chown jibri:jibri $REC_DIR
chmod +x $REC_DIR
## JSON Config
cp $CONF_JSON ${CONF_JSON}.orig
cat << CONF_JSON > $CONF_JSON
{
"recording_directory":"$DIR_RECORD",
"finalize_recording_script_path": "$REC_DIR",
"xmpp_environments": [
## New Jibri Config (2020)
mv $JIBRI_CONF ${JIBRI_CONF}-dpkg-file
cat << NEW_CONF > $JIBRI_CONF
// New XMPP environment config.
jibri {
recording {
recordings-directory = $DIR_RECORD
finalize-script = $REC_DIR
}
api {
xmpp {
environments = [
{
"name": "$JB_NAME",
"xmpp_server_hosts": [
"$MAIN_SRV_DOMAIN"
],
"xmpp_domain": "$MAIN_SRV_DOMAIN",
"control_login": {
"domain": "auth.$MAIN_SRV_DOMAIN",
"username": "jibri",
"password": "$JB_AUTH_PASS"
},
"control_muc": {
"domain": "internal.auth.$MAIN_SRV_DOMAIN",
"room_name": "$JibriBrewery",
"nickname": "Live-$ADDUP"
},
"call_login": {
"domain": "recorder.$MAIN_SRV_DOMAIN",
"username": "recorder",
"password": "$JB_REC_PASS"
},
// A user-friendly name for this environment
name = "$JB_NAME"
"room_jid_domain_string_to_strip_from_start": "conference.",
"usage_timeout": "0"
// A list of XMPP server hosts to which we'll connect
xmpp-server-hosts = [ "$MAIN_SRV_DOMAIN" ]
// The base XMPP domain
xmpp-domain = "$MAIN_SRV_DOMAIN"
// The MUC we'll join to announce our presence for
// recording and streaming services
control-muc {
domain = "internal.auth.$MAIN_SRV_DOMAIN"
room-name = "$JibriBrewery"
nickname = "Live-$ADDUP"
}
// The login information for the control MUC
control-login {
domain = "auth.$MAIN_SRV_DOMAIN"
username = "jibri"
password = "$JB_AUTH_PASS"
}
// An (optional) MUC configuration where we'll
// join to announce SIP gateway services
// sip-control-muc {
// domain = "domain"
// room-name = "room-name"
// nickname = "nickname"
// }
// The login information the selenium web client will use
call-login {
domain = "recorder.$MAIN_SRV_DOMAIN"
username = "recorder"
password = "$JB_REC_PASS"
}
// The value we'll strip from the room JID domain to derive
// the call URL
strip-from-room-domain = "conference."
// How long Jibri sessions will be allowed to last before
// they are stopped. A value of 0 allows them to go on
// indefinitely
usage-timeout = 0 hour
// Whether or not we'll automatically trust any cert on
// this XMPP domain
trust-all-xmpp-certs = true
}
]
}
}
}
CONF_JSON
NEW_CONF
echo -e "\n---- Create random nodesync user ----"
useradd -m -g jibri $NJN_USER
echo "$NJN_USER:$NJN_USER_PASS" | chpasswd
echo -e "\n---- We'll connect to main server ----"
read -n 1 -s -r -p "Press any key to continue..."$'\n'
sudo su $NJN_USER -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
echo "Remote pass: $MJS_USER_PASS"
ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> ~/.ssh/known_hosts
ssh $MJS_USER@$MAIN_SRV_DOMAIN sh -c "'cat >> .ssh/authorized_keys'" < /home/$NJN_USER/.ssh/id_rsa.pub
sudo su $NJN_USER -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts"
echo -e "\n---- Setup Log system ----"
cat << INOT_RSYNC > /etc/jitsi/jibri/remote-jbsync.sh
#!/bin/bash
# Log process
exec 3>&1 4>&2
trap 'exec 2>&4 1>&3' 0 1 2 3
exec 1>/var/log/$NJN_USER/remote_jnsync.log 2>&1
# Run sync
while true; do
inotifywait -t 60 -r -e modify,attrib,close_write,move,delete $DIR_RECORD
sudo su $NJN_USER -c "rsync -Aax --info=progress2 --remove-source-files --exclude '.*/' $DIR_RECORD/ $MJS_USER@$MAIN_SRV_DOMAIN:$DIR_RECORD"
find $DIR_RECORD -depth -type d -empty -not -path $DIR_RECORD -delete
done
INOT_RSYNC
mkdir /var/log/$NJN_USER
cat << LOG_ROT >> /etc/logrotate.d/$NJN_USER
/var/log/$NJN_USER/*.log {
monthly
missingok
rotate 12
compress
notifempty
create 0640 root root
sharedscripts
postrotate
service remote_jnsync restart
endscript
}
LOG_ROT
echo -e "\n---- Create systemd service file ----"
cat << REMOTE_SYNC_SERVICE > /etc/systemd/system/remote_jnsync.service
[Unit]
Description = Sync Node to Main Jibri Service
After = network.target
[Service]
PIDFile = /run/syncservice/remote_jnsync.pid
User = root
Group = root
WorkingDirectory = /var
ExecStartPre = /bin/mkdir /run/syncservice
ExecStartPre = /bin/chown -R root:root /run/syncservice
ExecStart = /bin/bash /etc/jitsi/jibri/remote-jbsync.sh
ExecReload = /bin/kill -s HUP \$MAINPID
ExecStop = /bin/kill -s TERM \$MAINPID
ExecStopPost = /bin/rm -rf /run/syncservice
PrivateTmp = true
[Install]
WantedBy = multi-user.target
REMOTE_SYNC_SERVICE
chmod 755 /etc/systemd/system/remote_jnsync.service
systemctl daemon-reload
systemctl enable remote_jnsync.service
systemctl start remote_jnsync.service
echo "Writting last node number..."
sed -i "$(var_dlim 0_VAR),$(var_dlim 1_VAR){s|LAST=.*|LAST=$ADDUP|}" add-jibri-node.sh
@ -267,10 +458,24 @@ systemctl enable jibri
systemctl enable jibri-xorg
systemctl enable jibri-icewm
check_snd_driver
echo -e "\nSending updated add-jibri-node.sh file to main server sync user...\n"
cp $PWD/add-jibri-node.sh /tmp
sudo -u $NJN_USER scp /tmp/add-jibri-node.sh $MJS_USER@$MAIN_SRV_DOMAIN:/home/$MJS_USER/
rm $PWD/add-jibri-node.sh /tmp/add-jibri-node.sh
echo "
########################################################################
Node addition complete!!
for customized support: http://switnet.net
IMPORTANT:
The updated version of this file has been sent to the main server
at the sync user home directory, please use that one in order to
install new nodes. For security reason this version has been deleted
from this very node.
For customized support: http://switnet.net
########################################################################
"

View File

@ -74,4 +74,6 @@ else
sed -i "s|'me'|'$LOCAL_USER'|" $INT_CONF
sed -i "s|LIVE_STREAMING_HELP_LINK: .*|LIVE_STREAMING_HELP_LINK: '#',|g" $INT_CONF
sed -i "s|SUPPORT_URL: .*|SUPPORT_URL: '#',|g" $INT_CONF
#Logo 2
sed -i "s|watermark.png|watermark2.png|g" $INT_CONF
fi

View File

@ -2,51 +2,41 @@
# JRA (Jibri Recordings Access) via Nextcloud
# SwITNet Ltd © - 2020, https://switnet.net/
# GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo ./jra_nextcloud.sh [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
if ! [ $(id -u) = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
exit_if_not_installed() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" != "1" ]; then
echo " This instance doesn't have $1 installed, exiting..."
echo " If you think this is an error, please report to:
-> https://github.com/switnet-ltd/quick-jibri-installer/issues "
exit
fi
}
clear
echo '
echo -e '\n
########################################################################
Jibri Recordings Access via Nextcloud
########################################################################
by Software, IT & Networks Ltd
'
while [[ -z "$NC_DOMAIN" ]]
do
read -p "Please enter the domain to use for Nextcloud: " -r NC_DOMAIN
if [ -z "$NC_DOMAIN" ]; then
echo "-- This field is mandatory."
fi
done
while [[ -z "$NC_USER" ]]
do
read -p "Nextcloud user: " -r NC_USER
if [ -z "$NC_USER" ]; then
echo "-- This field is mandatory."
fi
done
while [[ -z "$NC_PASS" ]]
do
read -p "Nextcloud user password: " -r NC_PASS
if [ -z "$NC_PASS" ]; then
echo "-- This field is mandatory."
fi
done
#Enable HSTS
while [[ "$ENABLE_HSTS" != "yes" && "$ENABLE_HSTS" != "no" ]]
do
read -p "> Do you want to enable HSTS for this domain?: (yes or no)
Be aware this option apply mid-term effects on the domain, choose \"no\"
in case you don't know what you are doing. More at https://hstspreload.org/"$'\n' -r ENABLE_HSTS
if [ "$ENABLE_HSTS" = "no" ]; then
echo "-- HSTS won't be enabled."
elif [ "$ENABLE_HSTS" = "yes" ]; then
echo "-- HSTS will be enabled."
fi
done
\n'
exit_if_not_installed jitsi-meet
DISTRO_RELEASE="$(lsb_release -sc)"
DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
PHP_REPO=$(apt-cache policy | grep http | grep php | head -n 1 | awk '{print $2}' | cut -d "/" -f5)
@ -55,7 +45,6 @@ PSGVER="$(apt-cache madison postgresql | head -n1 | awk '{print $3}' | cut -d "+
PHP_FPM_DIR="/etc/php/$PHPVER/fpm"
PHP_INI="$PHP_FPM_DIR/php.ini"
PHP_CONF="/etc/php/$PHPVER/fpm/pool.d/www.conf"
NC_NGINX_CONF="/etc/nginx/sites-available/$NC_DOMAIN.conf"
NC_NGINX_SSL_PORT="$(grep "listen 44" /etc/nginx/sites-enabled/$DOMAIN.conf | awk '{print$2}')"
NC_REPO="https://download.nextcloud.com/server/releases"
NCVERSION="$(curl -s -m 900 $NC_REPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)"
@ -71,10 +60,59 @@ JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
if [ -f $JITSI_MEET_PROXY ];then
PREAD_PROXY=$(grep -nr "preread_server_name" $JITSI_MEET_PROXY | cut -d ":" -f1)
fi
while [[ -z "$NC_DOMAIN" ]]
do
read -p "Please enter the domain to use for Nextcloud: " -r NC_DOMAIN
if [ -z "$NC_DOMAIN" ];then
echo "-- This field is mandatory."
elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then
echo "-- You can not use the same domain for both, Jitsi Meet and JRA via Nextcloud."
fi
done
NC_NGINX_CONF="/etc/nginx/sites-available/$NC_DOMAIN.conf"
while [[ -z "$NC_USER" ]]
do
read -p "Nextcloud user: " -r NC_USER
if [ -z "$NC_USER" ]; then
echo "-- This field is mandatory."
fi
done
while [ -z "$NC_PASS" ] || [ ${#NC_PASS} -lt 6 ]
do
read -p "Nextcloud user password: " -r NC_PASS
if [ -z "$NC_PASS" ] || [ ${#NC_PASS} -lt 6 ]; then
echo -e "-- This field is mandatory. \nPlease make sure it's at least 6 caracters.\n"
fi
done
#Enable HSTS
while [[ "$ENABLE_HSTS" != "yes" && "$ENABLE_HSTS" != "no" ]]
do
read -p "> Do you want to enable HSTS for this domain?: (yes or no)
Be aware this option apply mid-term effects on the domain, choose \"no\"
in case you don't know what you are doing. More at https://hstspreload.org/"$'\n' -r ENABLE_HSTS
if [ "$ENABLE_HSTS" = "no" ]; then
echo "-- HSTS won't be enabled."
elif [ "$ENABLE_HSTS" = "yes" ]; then
echo "-- HSTS will be enabled."
fi
done
echo -e "\n# Check for jitsi-meet/jibri\n"
if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ] || \
[ -f /etc/prosody/conf.d/$DOMAIN.conf ]; then
echo "jitsi meet/jibri is installed, checking version:"
apt-show-versions jibri
else
echo "Wait!, jitsi-meet/jibri is not installed on this system using apt, exiting..."
exit
fi
exit_ifinstalled() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " This instance already has $1 installed, exiting..."
echo " Please report to:
echo " If you think this is an error, please report to:
-> https://github.com/switnet-ltd/quick-jibri-installer/issues "
exit
fi
@ -128,7 +166,8 @@ apt-get install -y \
php$PHPVER-zip \
php-imagick \
php-redis \
redis-server
redis-server \
unzip
#System related
install_ifnot smbclient
@ -175,6 +214,7 @@ systemctl restart php$PHPVER-fpm.service
#--------------------------------------------------
echo -e "\n---- Creating the PgSQL DB & User ----"
cd /tmp
sudo -u postgres psql <<DB
CREATE DATABASE nextcloud_db;
CREATE USER ${NC_DB_USER} WITH ENCRYPTED PASSWORD '${NC_DB_PASSWD}';
@ -334,7 +374,7 @@ NC_NGINX
systemctl stop nginx
letsencrypt certonly --standalone --renew-by-default --agree-tos -d $NC_DOMAIN
if [ -f /etc/letsencrypt/live/$NC_DOMAIN/fullchain.pem ];then
ln -s /etc/nginx/sites-available/$NC_DOMAIN.conf /etc/nginx/sites-enabled/
ln -s $NC_NGINX_CONF /etc/nginx/sites-enabled/
else
echo "There are issues on getting the SSL certs..."
read -n 1 -s -r -p "Press any key to continue"
@ -419,7 +459,6 @@ sudo -u www-data php $NC_PATH/occ app:enable files_external
sudo -u www-data php $NC_PATH/occ files_external:import /tmp/jra-nc-app-ef.json
usermod -a -G jibri www-data
chown -R jibri:www-data $DIR_RECORD
chmod -R 770 $DIR_RECORD
chmod -R g+s $DIR_RECORD
@ -436,6 +475,7 @@ Adding trusted domain...
sudo -u www-data php $NC_PATH/occ config:system:set trusted_domains 0 --value=$NC_DOMAIN
echo "Setting JRA domain on jitsi-updater.sh"
cd ~/quick-jibri-installer
sed -i "s|NC_DOMAIN=.*|NC_DOMAIN=\"$NC_DOMAIN\"|" jitsi-updater.sh
echo "Quick Nextcloud installation complete!"

View File

@ -26,7 +26,6 @@ NGINX=$(dpkg-query -W -f='${Status}' nginx 2>/dev/null | grep -c "ok installed")
DIST=$(lsb_release -sc)
GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list"
PROSODY_REPO=$(apt-cache policy | grep http | grep prosody| awk '{print $3}' | head -n 1 | cut -d "/" -f2)
HWE_VIR_MOD=$(apt-cache madison linux-modules-extra-virtual-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "extra-virtual-hwe")
CR=`echo $'\n> '`
if [ $DIST = flidas ]; then
@ -63,8 +62,9 @@ Installing nginx webserver!
fi
}
check_snd_driver() {
echo -e "\n# Checking ALSA - Loopback module..."
echo "snd-aloop" | tee -a /etc/modules
modprobe snd-aloop
echo "snd-aloop" >> /etc/modules
if [ "$(lsmod | grep snd_aloop | head -n 1 | cut -d " " -f1)" = "snd_aloop" ]; then
echo "
#-----------------------------------------------------------------------
@ -73,10 +73,15 @@ if [ "$(lsmod | grep snd_aloop | head -n 1 | cut -d " " -f1)" = "snd_aloop" ]; t
else
echo "
#-----------------------------------------------------------------------
# Your audio driver might not be able to load, once the installation
# is complete and server restarted, please run: \`lsmod | grep snd_aloop'
# to make sure it did. If not, any feedback for your setup is welcome.
# Your audio driver might not be able to load.
# We'll check the state of this Jibri with our 'test-jibri-env.sh' tool.
#-----------------------------------------------------------------------"
#Test tool
if [ "$MODE" = "debug" ]; then
bash $PWD/tools/test-jibri-env.sh -m debug
else
bash $PWD/tools/test-jibri-env.sh
fi
read -n 1 -s -r -p "Press any key to continue..."$'\n'
fi
}
@ -120,8 +125,8 @@ Featuring:
Learn more about these at,
Main repository: https://github.com/switnet-ltd/quick-jibri-installer
Wiki and documentation: https://github.com/switnet-ltd/quick-jibri-installer/wiki\n' \
&& \
Wiki and documentation: https://github.com/switnet-ltd/quick-jibri-installer/wiki\n'
read -n 1 -s -r -p "Press any key to continue..."$'\n'
#Check if user is root
@ -145,7 +150,7 @@ echo " > $(lsb_release -sc), even when it's compatible and functional.
We suggest to use the next (LTS) release, for longer support and security reasons."
read -n 1 -s -r -p "Press any key to continue..."$'\n'
fi
#Check resources
#Check system resources
echo "Verifying System Resources:"
if [ "$(nproc --all)" -lt 4 ];then
echo "
@ -184,7 +189,37 @@ else
echo "See you next time with more resources!..."
exit
elif [ "$CONTINUE_LOW_RES" = "yes" ]; then
echo "Please keep in mind that trying to use Jibri with low resources might fail."
echo "We highly recommend to increase the server resources."
echo "Otherwise, please think about adding dedicated jibri nodes instead."
fi
done
fi
if [ "$CONTINUE_LOW_RES" = "yes" ]; then
echo -e "\nThis server will likely have issues due the lack of resources.
If you plan to enable other components such as,
- JRA via Nextcloud
- Jigasi Transcriber
- Additional Jibri Nodes
- others.
We higly recommend to increase resources of this server.
For now we advice to disable the Jibri service locally and add an external
Jibri node once this installation has finished, using our script:
>> add-jibri-node.sh
So you can add a Jibri server on a instance with enough resources.\n"
while [[ "$DISABLE_LOCAL_JIBRI" != "yes" && "$DISABLE_LOCAL_JIBRI" != "no" ]]
do
read -p "> Do you want to disable local jibri service?: (yes or no)"$'\n' -r DISABLE_LOCAL_JIBRI
if [ "$DISABLE_LOCAL_JIBRI" = "no" ]; then
echo -e "Please keep in mind that we might not support underpowered servers.\n"
elif [ "$DISABLE_LOCAL_JIBRI" = "yes" ]; then
echo -e "You can add dedicated jibri nodes later, see more at the wiki.\n"
fi
done
fi
@ -192,14 +227,13 @@ fi
add_prosody_repo
# Jitsi-Meet Repo
echo "
Add Jitsi repo
"
echo -e "\nAdd Jitsi repo\n"
if [ "$JITSI_REPO" = "stable" ]; then
echo "Jitsi stable repository already installed"
else
echo 'deb http://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
JITSI_REPO="stable"
fi
#Default to LE SSL?
while [[ $LE_SSL != yes && $LE_SSL != no ]]
@ -218,17 +252,22 @@ apt-get update -q2
apt-get dist-upgrade -yq2
apt-get -y install \
apt-show-versions \
bmon \
curl \
ffmpeg \
git \
htop \
jq \
letsencrypt \
net-tools \
rsync \
ssh \
unzip \
wget
echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD=$(apt-cache madison linux-modules-extra-virtual-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "extra-virtual-hwe")
if [ "$HWE_VIR_MOD" == "1" ]; then
apt-get -y install \
linux-image-generic-hwe-$(lsb_release -sr) \
@ -278,9 +317,6 @@ elif [ "$(npm list -g esprima 2>/dev/null | grep -c "esprima")" == "1" ]; then
echo "Good. Esprima package is already installed"
fi
# ALSA - Loopback
echo "snd-aloop" | tee -a /etc/modules
check_snd_driver
CHD_VER=$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)
GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
@ -333,7 +369,7 @@ PROSODY_FILE=/etc/prosody/conf.d/$DOMAIN.cfg.lua
PROSODY_SYS=/etc/prosody/prosody.cfg.lua
JICOFO_SIP=/etc/jitsi/jicofo/sip-communicator.properties
MEET_CONF=/etc/jitsi/meet/$DOMAIN-config.js
CONF_JSON=/etc/jitsi/jibri/config.json
JIBRI_CONF=/etc/jitsi/jibri/jibri.conf
DIR_RECORD=/var/jbrecord
REC_DIR=/home/jibri/finalize_recording.sh
JB_NAME="Jibri Sessions"
@ -344,6 +380,13 @@ ENABLE_SA="yes"
CERTBOT_REPO=$(apt-cache policy | grep http | grep certbot | head -n 1 | awk '{print $2}' | cut -d "/" -f4)
CERTBOT_REL_FILE="http://ppa.launchpad.net/certbot/certbot/ubuntu/dists/$(lsb_release -sc)/Release"
GC_SDK_REL_FILE="http://packages.cloud.google.com/apt/dists/cloud-sdk-$(lsb_release -sc)/Release"
MJS_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
MJS_USER="jbsync_$MJS_RAND_TAIL"
MJS_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)"
# Rename hostname for jitsi server
#hostnamectl set-hostname "jibri.${DOMAIN}"
#sed -i "1i ${PUBLIC_IP} jibri.${DOMAIN}" /etc/hosts
#Sysadmin email
while [[ -z $SYSADMIN_EMAIL ]]
@ -359,7 +402,7 @@ https://github.com/jitsi/jitsi-meet/blob/master/lang/languages.json
Jitsi Meet web interface will be set to use such language.
"
read -p "Please set your language (Press enter to default to 'en'):"$'\n' -r LANG
read -p "Please set your language (Press enter to default to 'en'):"$'\n' -r JB_LANG
#Drop unsecure TLS
while [[ "$DROP_TLS1" != "yes" && "$DROP_TLS1" != "no" ]]
do
@ -482,7 +525,7 @@ read -p "> Do you want to setup Jigasi Transcription: (yes or no)
fi
done
else
echo "No valid option for Jigasi.Please report this to
echo "No valid option for Jigasi. Please report this to
https://github.com/switnet-ltd/quick-jibri-installer/issues "
fi
#Grafana
@ -541,24 +584,17 @@ echo '
echo "#Set and upgrade certbot PPA if posssible..."
if [ "$CERTBOT_REPO" = "certbot" ]; then
echo "
Cerbot repository already on the system!
Checking for updates...
"
echo -e "\nCerbot repository already on the system!\nChecking for updates...\n"
apt-get -q2 update
apt-get -yq2 dist-upgrade
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "200" ]; then
echo "
Adding cerbot (formerly letsencrypt) PPA repository for latest updates
"
echo -e "\nAdding cerbot (formerly letsencrypt) PPA repository for latest updates\n"
echo "deb http://ppa.launchpad.net/certbot/certbot/ubuntu $DIST main" > /etc/apt/sources.list.d/certbot.list
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 75BCA694
apt-get -q2 update
apt-get -yq2 dist-upgrade
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "404" ]; then
echo "
Certbot PPA is not available for $(lsb_release -sc) just yet, it won't be installed...
"
echo -e "\nCertbot PPA is not available for $(lsb_release -sc) just yet, it won't be installed...\n"
fi
else
@ -627,18 +663,13 @@ if [ ! -z $L10N_ME ]; then
sed -i "s|LOCAL_USER=.*|LOCAL_USER=\"$L10N_ME\"|" jm-bm.sh
fi
if [ ! -f $MOD_LIST_FILE ]; then
echo "
-> Adding external module to list prosody users...
"
echo -e "\n-> Adding external module to list prosody users...\n"
curl -s $MOD_LISTU > $MOD_LIST_FILE
echo "Now you can check registered users with:
prosodyctl mod_listusers
"
echo -e "Now you can check registered users with:\nprosodyctl mod_listusers\n"
else
echo "Prosody support for listing users seems to be enabled.
check with: prosodyctl mod_listusers
"
echo -e "Prosody support for listing users seems to be enabled.
check with: prosodyctl mod_listusers\n"
fi
### Prosody users
@ -686,23 +717,19 @@ sed -i "s|LOC_REC=.*|LOC_REC=\"on\"|" jitsi-updater.sh
fi
#Setup main language
if [ -z $LANG ] || [ "$LANG" = "en" ]; then
if [ -z $JB_LANG ] || [ "$JB_LANG" = "en" ]; then
echo "Leaving English (en) as default language..."
sed -i "s|// defaultLanguage: 'en',|defaultLanguage: 'en',|" $MEET_CONF
else
echo "Changing default language to: $LANG"
sed -i "s|// defaultLanguage: 'en',|defaultLanguage: \'$LANG\',|" $MEET_CONF
echo "Changing default language to: $JB_LANG"
sed -i "s|// defaultLanguage: 'en',|defaultLanguage: \'$JB_LANG\',|" $MEET_CONF
fi
#Check config file
echo "
# Checking $MEET_CONF file for errors
"
echo -e "\n# Checking $MEET_CONF file for errors\n"
CHECKJS=$(esvalidate $MEET_CONF| cut -d ":" -f2)
if [[ -z "$CHECKJS" ]]; then
echo "
# The $MEET_CONF configuration seems correct. =)
"
echo -e "\n# The $MEET_CONF configuration seems correct. =)\n"
else
echo "
Watch out!, there seems to be an issue on $MEET_CONF line:
@ -735,41 +762,86 @@ REC_DIR
chown jibri:jibri $REC_DIR
chmod +x $REC_DIR
## JSON Config
cp $CONF_JSON ${CONF_JSON}.orig
cat << CONF_JSON > $CONF_JSON
{
"recording_directory":"$DIR_RECORD",
"finalize_recording_script_path": "$REC_DIR",
"xmpp_environments": [
## New Jibri Config (2020)
mv $JIBRI_CONF ${JIBRI_CONF}-dpkg-file
cat << NEW_CONF > $JIBRI_CONF
// New XMPP environment config.
jibri {
recording {
recordings-directory = $DIR_RECORD
finalize-script = $REC_DIR
}
api {
xmpp {
environments = [
{
"name": "$JB_NAME",
"xmpp_server_hosts": [
"$DOMAIN"
],
"xmpp_domain": "$DOMAIN",
"control_login": {
"domain": "auth.$DOMAIN",
"username": "jibri",
"password": "$JB_AUTH_PASS"
},
"control_muc": {
"domain": "internal.auth.$DOMAIN",
"room_name": "$JibriBrewery",
"nickname": "Live"
},
"call_login": {
"domain": "recorder.$DOMAIN",
"username": "recorder",
"password": "$JB_REC_PASS"
},
// A user-friendly name for this environment
name = "$JB_NAME"
"room_jid_domain_string_to_strip_from_start": "conference.",
"usage_timeout": "0"
// A list of XMPP server hosts to which we'll connect
xmpp-server-hosts = [ "$DOMAIN" ]
// The base XMPP domain
xmpp-domain = "$DOMAIN"
// The MUC we'll join to announce our presence for
// recording and streaming services
control-muc {
domain = "internal.auth.$DOMAIN"
room-name = "$JibriBrewery"
nickname = "Live"
}
// The login information for the control MUC
control-login {
domain = "auth.$DOMAIN"
username = "jibri"
password = "$JB_AUTH_PASS"
}
// An (optional) MUC configuration where we'll
// join to announce SIP gateway services
// sip-control-muc {
// domain = "domain"
// room-name = "room-name"
// nickname = "nickname"
// }
// The login information the selenium web client will use
call-login {
domain = "recorder.$DOMAIN"
username = "recorder"
password = "$JB_REC_PASS"
}
// The value we'll strip from the room JID domain to derive
// the call URL
strip-from-room-domain = "conference."
// How long Jibri sessions will be allowed to last before
// they are stopped. A value of 0 allows them to go on
// indefinitely
usage-timeout = 0 hour
// Whether or not we'll automatically trust any cert on
// this XMPP domain
trust-all-xmpp-certs = true
}
]
}
}
}
CONF_JSON
NEW_CONF
#Create receiver user
useradd -m -g jibri $MJS_USER
echo "$MJS_USER:$MJS_USER_PASS" | chpasswd
#Create ssh key and restrict connections
sudo su $MJS_USER -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
#Allow password authentication
sed -i "s|PasswordAuthentication .*|PasswordAuthentication yes|" /etc/ssh/sshd_config
systemctl restart sshd
#Setting varibales for add-jibri-node.sh
sed -i "s|MAIN_SRV_DIST=.*|MAIN_SRV_DIST=\"$DIST\"|" add-jibri-node.sh
@ -779,6 +851,8 @@ sed -i "s|JB_NAME=.*|JB_NAME=\"$JB_NAME\"|" add-jibri-node.sh
sed -i "s|JibriBrewery=.*|JibriBrewery=\"$JibriBrewery\"|" add-jibri-node.sh
sed -i "s|JB_AUTH_PASS=.*|JB_AUTH_PASS=\"$JB_AUTH_PASS\"|" add-jibri-node.sh
sed -i "s|JB_REC_PASS=.*|JB_REC_PASS=\"$JB_REC_PASS\"|" add-jibri-node.sh
sed -i "s|MJS_USER=.*|MJS_USER=\"$MJS_USER\"|" add-jibri-node.sh
sed -i "s|MJS_USER_PASS=.*|MJS_USER_PASS=\"$MJS_USER_PASS\"|" add-jibri-node.sh
sed -i "$(var_dlim 0_LAST),$(var_dlim 1_LAST){s|LETS: .*|LETS: $(date -R)|}" add-jibri-node.sh
echo "Last file edition at: $(grep "LETS:" add-jibri-node.sh|head -n1|awk -F'LETS:' '{print$2}')"
@ -807,11 +881,11 @@ if [ "$ENABLE_SA" = "yes" ] && [ -f $WS_CONF ]; then
fi
#nginx -tlsv1/1.1
if [ "$DROP_TLS1" = "yes" ] && [ "$DIST" != "xenial" ];then
echo "Dropping TLSv1/1.1 in favor of v1.3"
echo -e "\nDropping TLSv1/1.1 in favor of v1.3"
sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" /etc/nginx/nginx.conf
#sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" $WS_CONF
elif [ "$DROP_TLS1" = "yes" ] && [ "$DIST" = "xenial" ];then
echo "Only dropping TLSv1/1.1"
echo -e "\nOnly dropping TLSv1/1.1"
sed -i "s|TLSv1 TLSv1.1||" /etc/nginx/nginx.conf
sed -i "s| TLSv1.3||" $WS_CONF
elif [ "$DROP_TLS1" = "no" ];then
@ -821,7 +895,7 @@ echo "No contidion meet, please report to
https://github.com/switnet-ltd/quick-jibri-installer/issues "
fi
echo "Disable \"Blur my background\" until new notice"
echo -e "\nDisable \"Blur my background\" until new notice\n"
sed -i "s|'videobackgroundblur', ||" $INT_CONF
#================== Setup prosody conf file =================
@ -862,7 +936,7 @@ fi
#======================
#Secure room initial user
if [ "$ENABLE_SC" = "yes" ]; then
echo "Secure rooms are being enabled..."
echo -e "\nSecure rooms are being enabled..."
echo "You'll be able to login Secure Room chat with '${SEC_ROOM_USER}' \
or '${SEC_ROOM_USER}@${DOMAIN}' using the password you just entered.
If you have issues with the password refer to your sysadmin."
@ -890,11 +964,17 @@ systemctl enable jibri
systemctl enable jibri-xorg
systemctl enable jibri-icewm
restart_services
if [ "$DISABLE_LOCAL_JIBRI" = "yes" ]; then
systemctl stop jibri*
systemctl disable jibri
systemctl disable jibri-xorg
systemctl disable jibri-icewm
fi
enable_letsencrypt
if dpkg-compare prosody gt 0.11.0 && [ "$ENABLE_SC" = "yes" ]; then
echo "Waiting prosody restart, wait 15s..."
echo "Waiting prosody restart to continue configuration, 15s..."
wait_seconds 15
#Move mucs when using secure rooms - https://community.jitsi.org/t/27752/112
sed -i "s| lobby_muc = \"lobby.|-- lobby_muc = \"lobby.|" $PROSODY_FILE
@ -938,25 +1018,42 @@ else
fi
#JRA via Nextcloud
if [ "$ENABLE_NC_ACCESS" = "yes" ]; then
echo "JRA via Nextcloud will be enabled."
echo -n "\nJRA via Nextcloud will be enabled."
if [ "$MODE" = "debug" ]; then
bash $PWD/jra_nextcloud.sh -m debug
else
bash $PWD/jra_nextcloud.sh
fi
fi
} > >(tee -a qj-installer.log) 2> >(tee -a qj-installer.log >&2)
#Jigasi Transcript
if [ "$ENABLE_TRANSCRIPT" = "yes" ]; then
echo "Jigasi Transcription will be enabled."
echo -e "\nJigasi Transcription will be enabled."
# ToDo: Analyze behavior on debug
#if [ "$MODE" = "debug" ]; then
# bash $PWD/jigasi.sh -m debug
#else
bash $PWD/jigasi.sh
#fi
fi
{
#Grafana Dashboard
if [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then
echo "Grafana Dashboard will be enabled."
echo -e "\nGrafana Dashboard will be enabled."
if [ "$MODE" = "debug" ]; then
bash $PWD/grafana.sh -m debug
else
bash $PWD/grafana.sh
fi
fi
#Docker Etherpad
if [ "$ENABLE_DOCKERPAD" = "yes" ]; then
echo "Docker Etherpad will be enabled."
echo -e "\nDocker Etherpad will be enabled."
if [ "$MODE" = "debug" ]; then
bash $PWD/etherpad.sh -m debug
else
bash $PWD/etherpad.sh
fi
fi
#Prevent Jibri conecction issue
if [ -z "$(grep -n $DOMAIN /etc/hosts)" ];then
@ -966,6 +1063,8 @@ else
echo "Local host already in place..."
fi
check_snd_driver
echo "
########################################################################
Installation complete!!

202
tools/jibri-conf-upgrade.sh Normal file
View File

@ -0,0 +1,202 @@
#!/bin/bash
# Simple Jibri conf updater
# 2020 - SwITNet Ltd
# GNU GPLv3 or later.
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo ./test-jibri-env.sh [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
echo -e '
########################################################################
Welcome to Jibri Config Upgrader
########################################################################
by Software, IT & Networks Ltd
\n'
#Check if user is root
if ! [ $(id -u) = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
echo "Checking for updates...."
apt -q2 update
apt install -y \
apt-show-versions \
jq
echo -e "\n# Check for jibri\n"
if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo "Jibri is installed, checking version:"
apt-show-versions jibri
else
echo "Wait!, jibri is not installed on this system using apt, exiting..."
exit
fi
if [ -d /etc/prosody/ ];then
DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
fi
CONF_JSON="/etc/jitsi/jibri/config.json"
JIBRI_CONF="/etc/jitsi/jibri/jibri.conf"
DIR_RECORD=/var/jbrecord
REC_DIR=/home/jibri/finalize_recording.sh
JibriBrewery=JibriBrewery
check_read_vars() {
echo "Checking $1"
if [ -z "$2" ];then
echo "This variable seems wrong, please check before continue"
exit 1
fi
}
restart_services_jibri() {
if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ]
then
systemctl restart jibri
systemctl restart jibri-icewm
systemctl restart jibri-xorg
else
echo "Jibri service not installed"
fi
}
#Prevent re-run on completed jibri upgraded instance
if [ -f $CONF_JSON_disabled ] && \
[ -f $JIBRI_CONF ] && \
[ -f $JIBRI_CONF-dpkg-file ]; then
echo -e "\n> This jibri config has been upgraded already, we'll exit...\n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://github.com/switnet-ltd/quick-jibri-installer/issues\n"
exit
elif [ ! -f $CONF_JSON ] && \
[ -f $JIBRI_CONF ] && \
[ -f $JIBRI_CONF-dpkg-file ]; then
echo -e "\n> This jibri seems to be running the lastest configuration already, we'll exit...\n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://github.com/switnet-ltd/quick-jibri-installer/issues\n"
exit
elif [ -f $CONF_JSON ] && \
[ -f $JIBRI_CONF ]; then
echo -e "\n> This jibri config seems to be candidate for upgrading, we'll continue...\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://github.com/switnet-ltd/quick-jibri-installer/issues\n"
fi
#Read missing variables
if [ -f $CONF_JSON ]; then
echo "Reading current config.json file..."
if [ -z $DOMAIN ]; then
DOMAIN=$(jq .xmpp_environments[0].xmpp_domain $CONF_JSON|cut -d '"' -f2)
fi
JB_NAME=$(jq .xmpp_environments[0].name $CONF_JSON|cut -d '"' -f2)
JB_AUTH_PASS=$(jq .xmpp_environments[0].control_login.password $CONF_JSON|cut -d '"' -f2)
JB_REC_PASS=$(jq .xmpp_environments[0].call_login.password $CONF_JSON|cut -d '"' -f2)
JB_NICKN=$(jq .xmpp_environments[0].control_muc.nickname $CONF_JSON|cut -d '"' -f2)
else
echo "Can't find the instance config.json file, exiting..."
exit
fi
check_read_vars "Jibri Name" $JB_NAME
check_read_vars "(Main server) Domain" $DOMAIN
check_read_vars "Control login passwd" $JB_AUTH_PASS
check_read_vars "Call login passwd" $JB_REC_PASS
check_read_vars "Jibri Node nickname" $JB_NICKN
if [ "$MODE" = "debug" ]; then
echo "$JB_NAME"
echo "$DOMAIN"
echo "$JB_AUTH_PASS"
echo "$JB_REC_PASS"
echo "$JB_NICKN"
fi
#Backup and setup new conf file
echo -e "Backing up config.json for historical porpuses at:\n ${CONF_JSON}_disabled"
mv $CONF_JSON ${CONF_JSON}_disabled
mv $JIBRI_CONF ${JIBRI_CONF}-dpkg-file
cat << NEW_CONF > $JIBRI_CONF
// New XMPP environment config.
jibri {
recording {
recordings-directory = $DIR_RECORD
finalize-script = $REC_DIR
}
api {
xmpp {
environments = [
{
// A user-friendly name for this environment
name = "$JB_NAME"
// A list of XMPP server hosts to which we'll connect
xmpp-server-hosts = [ "$DOMAIN" ]
// The base XMPP domain
xmpp-domain = "$DOMAIN"
// The MUC we'll join to announce our presence for
// recording and streaming services
control-muc {
domain = "internal.auth.$DOMAIN"
room-name = "$JibriBrewery"
nickname = "$JB_NICKN"
}
// The login information for the control MUC
control-login {
domain = "auth.$DOMAIN"
username = "jibri"
password = "$JB_AUTH_PASS"
}
// An (optional) MUC configuration where we'll
// join to announce SIP gateway services
// sip-control-muc {
// domain = "domain"
// room-name = "room-name"
// nickname = "nickname"
// }
// The login information the selenium web client will use
call-login {
domain = "recorder.$DOMAIN"
username = "recorder"
password = "$JB_REC_PASS"
}
// The value we'll strip from the room JID domain to derive
// the call URL
strip-from-room-domain = "conference."
// How long Jibri sessions will be allowed to last before
// they are stopped. A value of 0 allows them to go on
// indefinitely
usage-timeout = 0 hour
// Whether or not we'll automatically trust any cert on
// this XMPP domain
trust-all-xmpp-certs = true
}
]
}
}
}
NEW_CONF
echo "Check final jibri.conf file:"
cat $JIBRI_CONF
read -n 1 -s -r -p "Press any key to continue..."$'\n'
restart_services_jibri
systemctl status jibri

View File

@ -30,22 +30,48 @@ if ! [ $(id -u) = 0 ]; then
exit 0
fi
echo "Checking for updates...."
apt-get -q2 update
apt-get -yq2 install apt-show-versions
JITSI_REPO=$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f1)
SND_AL_MODULE=$(lsmod | awk '{print$1}'| grep snd_aloop)
HWE_VIR_MOD=$(apt-cache madison linux-modules-extra-virtual-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "extra-virtual-hwe")
CONF_JSON="/etc/jitsi/jibri/config.json"
JIBRI_CONF="/etc/jitsi/jibri/jibri.conf"
CHD_VER="$(/usr/local/bin/chromedriver --version 2>/dev/null| awk '{print$1,$2}')"
GOOGL_VER="$(/usr/bin/google-chrome --version 2>/dev/null)"
echo "Checking for updates...."
apt -q2 update
apt -yq2 install apt-show-versions
check_google_binaries() {
if [ -z "$2" ]; then
echo "Warning: No $1 doesn't seem installed"
else
echo $2
fi
}
echo -e "\n# Check repository\n"
#T1
echo -e "\n#1 -- Check repository --\n"
if [ -z $JITSI_REPO ]; then
echo "No repository detected, wait whaaaat?..."
while [[ "$CONT_TEST" != "yes" && "$CONT_TEST" != "no" ]]
do
read -p "> Do you still want to continue the test?: (yes or no)"$'\n' -r CONT_TEST
if [ "$CONT_TEST" = "no" ]; then
echo "Exiting..."
exit
elif [ "$CONT_TEST" = "yes" ]; then
echo "Hmm, seems there won't be anything to test, continuing anyway..."
T=0
fi
done
else
echo "This installation is using the \"$JITSI_REPO\" repository."
T1=1
fi
echo -e "\n# Check latest updates for jibri\n"
#T2
echo -e "\n#2 -- Check latest updates for jibri --\n"
if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo "Jibri is installed, checking version:"
apt-show-versions jibri
@ -54,14 +80,30 @@ else
exit
fi
echo -e "\nAttempting (any possible) jibri upgrade!"
if [ "$(apt-show-versions jibri | grep -c "uptodate")" = "1" ]; then
echo -e "Jibri is already up to date: \xE2\x9C\x94"
else
echo -e "\nAttempting jibri upgrade!"
apt -y install --only-upgrade jibri
fi
T2=1
echo -e "\n# Test kernel modules\n"
#T3
echo -e "\n#3 -- Check Google Chrome/driver software. --\n"
check_google_binaries "Chromedriver" "$CHD_VER"
check_google_binaries "Google Chrome" "$GOOGL_VER"
if [ ! -z "$CHD_VER" ] && [ ! -z "$GOOGL_VER" ]; then
T3=1
elif [ -z "$CHD_VER" ] || [ -z "$GOOGL_VER" ]; then
T3=0
else
T3=0
fi
#T4
echo -e "\n#4 -- Test kernel modules --\n"
if [ -z $SND_AL_MODULE ]; then
echo -e "No module snd_aloop detected.\nIf you just installed a new kernel, \
please try rebooting.\nFor now wait 'til the end of the recommended kernel installation."
echo "# Check and Install HWE kernel if possible..."
#First make sure the recommended kernel is installed.
if [ "$HWE_VIR_MOD" == "1" ]; then
apt-get -y install \
linux-image-generic-hwe-$(lsb_release -sr) \
@ -70,10 +112,26 @@ please try rebooting.\nFor now wait 'til the end of the recommended kernel insta
apt-get -y install \
linux-modules-extra-$(uname -r)
fi
echo -e "\nNo module snd_aloop detected. \xE2\x9C\x96 <== IMPORTANT! \nCurrent kernel: $(uname -r)\n"
echo -e "\nIf you just installed a new kernel, \
please try rebooting.\nFor now wait 'til the end of the recommended kernel installation."
echo "# Check and Install HWE kernel if possible..."
if uname -r | grep -q aws;then
KNL_HWE="$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr)|head -n1|awk '{print$3}'|cut -d "." -f1-4)"
KNL_MENU="$(awk -F\' '/menuentry / {print $2}' /boot/grub/grub.cfg | grep generic | grep -v recovery | awk '{print$3,$4}'|grep $KNL_HWE)"
if [ ! -z "$KNL_MENU" ];then
echo -e "\nSeems you are using an AWS kernel \xE2\x9C\x96 <== IMPORTANT! \nYou might consider modify your grub (/etc/default/grub) to use the following:" && \
echo -e "\n > $KNL_MENU"
fi
fi
T4=0
else
echo -e "Great!\nModule snd-aloop found!"
T4=1
fi
echo -e "\n# Test .asoundrc file\n"
#T5
echo -e "\n#5 -- Test .asoundrc file --\n"
ASRC_MASTER="https://raw.githubusercontent.com/jitsi/jibri/master/resources/debian-package/etc/jitsi/jibri/asoundrc"
ASRC_INSTALLED="/home/jibri/.asoundrc"
ASRC_MASTER_MD5SUM=$(curl -sL $ASRC_MASTER | md5sum | cut -d ' ' -f 1)
@ -81,13 +139,40 @@ ASRC_INSTALLED_MD5SUM=$(md5sum $ASRC_INSTALLED | cut -d ' ' -f 1)
if [ "$ASRC_MASTER_MD5SUM" == "$ASRC_INSTALLED_MD5SUM" ]; then
echo "Seems to be using the latest asoundrc file available!"
T5=1
else
echo "asoundrc files differ, if you have errors, you might wanna check this file!"
T5=0
fi
echo -e "\n# Old or new config (ToDo)\n"
#T6
echo -e "\n#6 -- Old or new config --\n"
echo -e "What config version is this using?"
echo -e "(Not implemented yet)"
if [ -f ${CONF_JSON}_disabled ] && \
[ -f $JIBRI_CONF ] && \
[ -f $JIBRI_CONF-dpkg-file ]; then
echo -e "\n> This jibri config has been upgraded already.\n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://github.com/switnet-ltd/quick-jibri-installer/issues\n"
T6=1
elif [ ! -f $CONF_JSON ] && \
[ -f $JIBRI_CONF ] && \
[ -f ${JIBRI_CONF}-dpkg-file ]; then
echo -e "\n> This jibri seems to be running the lastest configuration already.\n\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://github.com/switnet-ltd/quick-jibri-installer/issues\n"
T6=1
elif [ -f ${CONF_JSON} ] && \
[ -f $JIBRI_CONF ]; then
echo -e "\n> This jibri config seems to be candidate for upgrading.\nIf you think there maybe an error on checking you current jibri configuration.\nPlease report this to \
https://github.com/switnet-ltd/quick-jibri-installer/issues\n"
T6=0
fi
TEST_TOTAL=$((T1 + T2 + T3 + T4 + T5 + T6))
echo "
###########################
\
Score: $TEST_TOTAL out of 6
###########################
"
echo -e "\nJibri Test complete, thanks for testing.\n"