switnet
/
quick-jibri-installer
2
1
Fork 1
Code Issues 2 Pull Requests Packages Projects Releases 13 Wiki Activity

Stable branch #2

Merged
Ark74 merged 34 commits from stable-branch into master 2020-04-11 19:22:27 +00:00
Conversation 0 Commits 34 Files Changed 11 +96 -84
1 changed files with 96 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 132be4ef7a - Show all commits

180
quick_jibri_installer.sh
View File

@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# Quick Jibri Installer - *buntu 16.04 (LTS) based systems. # Quick Jibri Installer - *buntu (LTS) based systems.
# SwITNet Ltd © - 2019, https://switnet.net/ # SwITNet Ltd © - 2019, https://switnet.net/
# GPLv3 or later. # GPLv3 or later.
{ {
@ -30,7 +30,14 @@ GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list"
if [ $DIST = flidas ]; then if [ $DIST = flidas ]; then
DIST="xenial" DIST="xenial"
fi fi
if [ $DIST = etiona ]; then
DIST="bionic"
fi
if [ $DIST="xenial" ]; then
echo "$(lsb_release -sc), even when it's compatible and functional.
We suggest you choose an upgrade to the next (LTS) release."
fi
if
install_ifnot() { install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " $1 is installed, skipping..." echo " $1 is installed, skipping..."
@ -63,14 +70,15 @@ modprobe snd-aloop
echo "snd-aloop" >> /etc/modules echo "snd-aloop" >> /etc/modules
if [ "$(lsmod | grep snd_aloop | head -n 1 | cut -d " " -f1)" = "snd_aloop" ]; then if [ "$(lsmod | grep snd_aloop | head -n 1 | cut -d " " -f1)" = "snd_aloop" ]; then
echo " echo "
######################################################################## #--------------------------------------------------
Audio driver seems - OK. # Audio driver seems - OK.
########################################################################" #--------------------------------------------------"
else else
echo " echo "
######################################################################## #--------------------------------------------------
Seems to be an issue with your audio driver, please review your hw setup. # Seems to be an issue with your audio driver,
########################################################################" # please review your hw setup.
#--------------------------------------------------"
read -p read -p
fi fi
} }
@ -222,11 +230,12 @@ echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' >> $GCMP_JSON
echo ' echo '
######################################################################## ########################################################################
Starting Jibri configuration Please Setup Your Instalation
######################################################################## ########################################################################
' '
# MEET / JIBRI SETUP # MEET / JIBRI SETUP
DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++') DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
WS_CONF=/etc/nginx/sites-enabled/$DOMAIN.conf
JB_AUTH_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)" JB_AUTH_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
JB_REC_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)" JB_REC_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
PROSODY_FILE=/etc/prosody/conf.d/$DOMAIN.cfg.lua PROSODY_FILE=/etc/prosody/conf.d/$DOMAIN.cfg.lua
@ -238,6 +247,8 @@ DIR_RECORD=/var/jbrecord
REC_DIR=/home/jibri/finalize_recording.sh REC_DIR=/home/jibri/finalize_recording.sh
JB_NAME="Jibri Sessions" JB_NAME="Jibri Sessions"
LE_RENEW_LOG="/var/log/letsencrypt/renew.log" LE_RENEW_LOG="/var/log/letsencrypt/renew.log"
MOD_LISTU="https://prosody.im/files/mod_listusers.lua"
MOD_LIST_FILE="/usr/lib/prosody/modules/mod_listusers.lua"
echo "## Setting up Jitsi Meet language ## echo "## Setting up Jitsi Meet language ##
You can define your language by using a two letter code (ISO 639-1); You can define your language by using a two letter code (ISO 639-1);
English -> en English -> en
@ -247,16 +258,19 @@ You can define your language by using a two letter code (ISO 639-1);
Jitsi Meet web interface will be set to use such language (if availabe). Jitsi Meet web interface will be set to use such language (if availabe).
" "
read -p "Please set your language:"$'\n' -r LANG
read -p "Set sysadmin email: "$'\n' -r SYSADMIN_EMAIL
#Drop unsecure TLS
while [[ $DROP_TLS1 != yes && $DROP_TLS1 != no ]] while [[ $DROP_TLS1 != yes && $DROP_TLS1 != no ]]
do do
read -p "Do you want to drop support for TLSv1.0/1.1 now: (yes or no)"$'\n' -r DROP_TLS1 read -p "Do you want to drop support for unsecure protocols TLSv1.0/1.1 now: (yes or no)"$'\n' -r DROP_TLS1
if [ $DROP_TLS1 = no ]; then if [ $DROP_TLS1 = no ]; then
echo "TLSv1.0/1.1 will remain." echo "TLSv1.0/1.1 will remain."
elif [ $DROP_TLS1 = yes ]; then elif [ $DROP_TLS1 = yes ]; then
echo "TLSv1.0/1.1 will be dropped" echo "TLSv1.0/1.1 will be dropped"
fi fi
read -p "Please set your language:"$'\n' -r LANG done
read -p "Set sysadmin email: "$'\n' -r SYSADMIN_EMAIL #Dropbox
while [[ $ENABLE_DB != yes && $ENABLE_DB != no ]] while [[ $ENABLE_DB != yes && $ENABLE_DB != no ]]
do do
read -p "Do you want to setup the Dropbox feature now: (yes or no)"$'\n' -r ENABLE_DB read -p "Do you want to setup the Dropbox feature now: (yes or no)"$'\n' -r ENABLE_DB
@ -266,6 +280,7 @@ elif [ $ENABLE_DB = yes ]; then
read -p "Please set your Drobbox App key: "$'\n' -r DB_CID read -p "Please set your Drobbox App key: "$'\n' -r DB_CID
fi fi
done done
#SSL LE
while [[ $ENABLE_SSL != yes && $ENABLE_SSL != no ]] while [[ $ENABLE_SSL != yes && $ENABLE_SSL != no ]]
do do
read -p "Do you want to setup LetsEncrypt with your domain: (yes or no)"$'\n' -r ENABLE_SSL read -p "Do you want to setup LetsEncrypt with your domain: (yes or no)"$'\n' -r ENABLE_SSL
@ -285,7 +300,44 @@ elif [ $ENABLE_TRANSCRIPT = yes ]; then
echo "Jigasi Transcription will be enabled." echo "Jigasi Transcription will be enabled."
fi fi
done done
#Enable static avatar
while [[ "$ENABLE_SA" != "yes" && "$ENABLE_SA" != "no" ]]
do
read -p "Do you want to enable static avatar?: (yes or no)"$'\n' -r ENABLE_SA
if [ "$ENABLE_SA" = "no" ]; then
echo "Static avatar won't be enable"
elif [ "$ENABLE_SA" = "yes" ]; then
echo "Static avatar will be enable"
fi
done
#Secure room initial user
while [[ "$ENABLE_SC" != "yes" && "$ENABLE_SC" != "no" ]]
do
read -p "Do you want to enable secure rooms?: (yes or no)"$'\n' -r ENABLE_SC
if [ "$ENABLE_SC" = "no" ]; then
echo "-- Secure rooms won't be enabled."
elif [ "$ENABLE_SC" = "yes" ]; then
echo "-- Secure rooms will being enabled."
read -p "Set username for secure room moderator: "$'\n' -r SEC_ROOM_USER
read -p "Secure room moderator password: "$'\n' -sr SEC_ROOM_PASS
fi
done
#Welcome Page
while [[ $ENABLE_WELCP != yes && $ENABLE_WELCP != no ]]
do
read -p "Do you want to disable the Welcome page: (yes or no)"$'\n' -r ENABLE_WELCP
if [ $ENABLE_WELCP = yes ]; then
echo "Welcome page will be disabled."
elif [ $ENABLE_WELCP = no ]; then
echo "Welcome page will be enabled."
fi
done
#Start configuration
echo '
########################################################################
Start Jitsi Framework configuration
########################################################################
'
JibriBrewery=JibriBrewery JibriBrewery=JibriBrewery
INT_CONF=/usr/share/jitsi-meet/interface_config.js INT_CONF=/usr/share/jitsi-meet/interface_config.js
WAN_IP=$(dig +short myip.opendns.com @resolver1.opendns.com) WAN_IP=$(dig +short myip.opendns.com @resolver1.opendns.com)
@ -304,9 +356,9 @@ systemctl restart $1
enable_letsencrypt() { enable_letsencrypt() {
if [ "$ENABLE_SSL" = "yes" ]; then if [ "$ENABLE_SSL" = "yes" ]; then
echo ' echo '
######################################################################## #--------------------------------------------------
Starting LetsEncrypt configuration # Starting LetsEncrypt configuration
######################################################################## #--------------------------------------------------
' '
#Disabled 'til fixed upstream #Disabled 'til fixed upstream
#bash /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh #bash /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
@ -367,12 +419,11 @@ sed -i "/c2s_require_encryption = false/a \\
\\ \\
consider_bosh_secure = true" $PROSODY_SYS consider_bosh_secure = true" $PROSODY_SYS
if [ ! -f /usr/lib/prosody/modules/mod_listusers.lua ]; then if [ ! -f $MOD_LIST_FILE ]; then
echo " echo "
-> Adding external module to list prosody users... -> Adding external module to list prosody users...
" "
cd /usr/lib/prosody/modules/ curl -s $MOD_LISTU > $MOD_LIST_FILE
curl -s https://prosody.im/files/mod_listusers.lua > mod_listusers.lua
echo "Now you can check registered users with: echo "Now you can check registered users with:
prosodyctl mod_listusers prosodyctl mod_listusers
@ -510,68 +561,45 @@ cat << CONF_JSON > $CONF_JSON
CONF_JSON CONF_JSON
#Tune webserver for Jitsi App control #Tune webserver for Jitsi App control
if [ -f /etc/nginx/sites-available/$DOMAIN.conf ]; then if [ -f $WS_CONF ]; then
WS_CONF=/etc/nginx/sites-enabled/$DOMAIN.conf sed -i "/Anything that didn't match above/i \\\n" $WS_CONF
WS_STR=$(grep -n "external_api.js" $WS_CONF | cut -d ":" -f1) sed -i "/Anything that didn't match above/i \ \ \ \ location = \/external_api.min.js {" $WS_CONF
WS_END=$((WS_STR + 2)) sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ alias \/usr\/share\/jitsi-meet\/libs\/external_api.min.js;" $WS_CONF
sed -i "${WS_STR},${WS_END} s|^|#|" $WS_CONF sed -i "/Anything that didn't match above/i \ \ \ \ }" $WS_CONF
sed -i '$ d' $WS_CONF sed -i "/Anything that didn't match above/i \\\n" $WS_CONF
cat << NG_APP >> $WS_CONF systemctl reload nginx
location /external_api.min.js {
alias /usr/share/jitsi-meet/libs/external_api.min.js;
}
location /external_api.js {
alias /usr/share/jitsi-meet/libs/external_api.min.js;
}
}
NG_APP
systemctl reload nginx
else else
echo "No app configuration done to server file, please report to: echo "No app configuration done to server file, please report to:
-> https://github.com/switnet-ltd/quick-jibri-installer/issues" -> https://github.com/switnet-ltd/quick-jibri-installer/issues"
fi fi
#Static avatar
#Enable static avatar if [ "$ENABLE_SA" = "yes" ] && [ -f $WS_CONF ]; then
while [[ "$ENABLE_SA" != "yes" && "$ENABLE_SA" != "no" ]]
do
read -p "Do you want to enable static avatar?: (yes or no)"$'\n' -r ENABLE_SA
if [ "$ENABLE_SA" = "no" ]; then
echo "Static avatar won't be enable"
elif [ "$ENABLE_SA" = "yes" ] && [ -f /etc/nginx/sites-available/$DOMAIN.conf ]; then
wget https://switnet.net/static/avatar.png -O /usr/share/jitsi-meet/images/avatar2.png wget https://switnet.net/static/avatar.png -O /usr/share/jitsi-meet/images/avatar2.png
WS_CONF=/etc/nginx/sites-enabled/$DOMAIN.conf sed -i "/location \/external_api.min.js/i \ \ \ \ location \~ \^\/avatar\/\(.\*\)\\\.png {" $WS_CONF
sed -i "/location \/external_api.min.js/i \ \ \ \ location \~ \^\/avatar\/\(.\*\)\\\.png {\\ sed -i "/location \/external_api.min.js/i \ \ \ \ \ \ \ \ alias /usr/share/jitsi-meet/images/avatar2.png;" $WS_CONF
\ sed -i "/location \/external_api.min.js/i \ \ \ \ }\\
\ \ \ \ \ \ \ \ alias /usr/share/jitsi-meet/images/avatar2.png;\\
\
\ \ \ \ }\\
\ " $WS_CONF \ " $WS_CONF
sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'https://$DOMAIN/avatar/\'|" $INT_CONF sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'https://$DOMAIN/avatar/\'|" $INT_CONF
sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" $INT_CONF sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" $INT_CONF
else
echo "No app configuration done to server file, please report to:
-> https://github.com/switnet-ltd/quick-jibri-installer/issues"
fi fi
done #nginx -tlsv1/1.1
if [ $DROP_TLS1 = "yes" ] && [ $DIST = "bionic" ];then
if [ $DROP_TLS1 = yes ] && [ $DIST = "bionic" ];then
echo "Dropping TLSv1/1.1 in favor of v1.3" echo "Dropping TLSv1/1.1 in favor of v1.3"
if [ -f /etc/nginx/nginx.conf ]; sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" /etc/nginx/nginx.conf
sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" /etc/nginx/nginx.conf #sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" $WS_CONF
fi elif [ $DROP_TLS1 = "yes" ] && [ ! $DIST = "bionic" ];then
elif [ $DROP_TLS1 = yes ] && [ ! $DIST = "bionic" ];then
echo "Only dropping TLSv1/1.1" echo "Only dropping TLSv1/1.1"
if [ -f /etc/nginx/nginx.conf ]; sed -i "s|TLSv1 TLSv1.1||" /etc/nginx/nginx.conf
sed -i "s|TLSv1 TLSv1.1||" /etc/nginx/nginx.conf #sed -i "s|TLSv1 TLSv1.1||" $WS_CONF
fi else
echo "No TLSv1/1.1 dropping was done. Please report to
https://github.com/switnet-ltd/quick-jibri-installer/issues "
fi fi
# Temporary disable "Blur my background" until is stable # Disable "Blur my background" until new notice
sed -i "s|'videobackgroundblur', ||" $INT_CONF sed -i "s|'videobackgroundblur', ||" $INT_CONF
#Enable secure rooms? #Setup secure rooms
cat << P_SR >> $PROSODY_FILE cat << P_SR >> $PROSODY_FILE
VirtualHost "$DOMAIN" VirtualHost "$DOMAIN"
authentication = "internal_plain" authentication = "internal_plain"
@ -580,24 +608,15 @@ VirtualHost "guest.$DOMAIN"
authentication = "anonymous" authentication = "anonymous"
c2s_require_encryption = false c2s_require_encryption = false
P_SR P_SR
while [[ "$ENABLE_SC" != "yes" && "$ENABLE_SC" != "no" ]]
do
read -p "Do you want to enable secure rooms?: (yes or no)"$'\n' -r ENABLE_SC
if [ "$ENABLE_SC" = "no" ]; then
echo "-- Secure rooms won't be enable"
elif [ "$ENABLE_SC" = "yes" ]; then
echo "Secure rooms are being enable"
#Secure room initial user #Secure room initial user
read -p "Set username for secure room moderator: "$'\n' -r SEC_ROOM_USER if [ "$ENABLE_SC" = "yes" ]; then
read -p "Secure room moderator password: "$'\n' -sr SEC_ROOM_PASS echo "Secure rooms are being enabled..."
echo "You'll be able to login Secure Room chat with '${SEC_ROOM_USER}' \ echo "You'll be able to login Secure Room chat with '${SEC_ROOM_USER}' \
or '${SEC_ROOM_USER}@${DOMAIN}' using the password you just entered. or '${SEC_ROOM_USER}@${DOMAIN}' using the password you just entered.
If you have issues with the password refer to your sysadmin." If you have issues with the password refer to your sysadmin."
sed -i "s|#org.jitsi.jicofo.auth.URL=XMPP:|org.jitsi.jicofo.auth.URL=XMPP:|" $JICOFO_SIP sed -i "s|#org.jitsi.jicofo.auth.URL=XMPP:|org.jitsi.jicofo.auth.URL=XMPP:|" $JICOFO_SIP
prosodyctl register $SEC_ROOM_USER $DOMAIN $SEC_ROOM_PASS prosodyctl register $SEC_ROOM_USER $DOMAIN $SEC_ROOM_PASS
fi fi
done
#Start with video muted by default #Start with video muted by default
sed -i "s|// startWithVideoMuted: false,|startWithVideoMuted: true,|" $MEET_CONF sed -i "s|// startWithVideoMuted: false,|startWithVideoMuted: true,|" $MEET_CONF
@ -605,18 +624,11 @@ sed -i "s|// startWithVideoMuted: false,|startWithVideoMuted: true,|" $MEET_CONF
sed -i "s|// startAudioMuted: 10,|startAudioMuted: 1,|" $MEET_CONF sed -i "s|// startAudioMuted: 10,|startAudioMuted: 1,|" $MEET_CONF
#Disable/enable welcome page #Disable/enable welcome page
while [[ $ENABLE_WELCP != yes && $ENABLE_WELCP != no ]]
do
read -p "Do you want to disable the Welcome page: (yes or no)"$'\n' -r ENABLE_WELCP
if [ $ENABLE_WELCP = yes ]; then if [ $ENABLE_WELCP = yes ]; then
echo "Welcome page will be disabled."
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: false,|" $MEET_CONF sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: false,|" $MEET_CONF
elif [ $ENABLE_WELCP = no ]; then elif [ $ENABLE_WELCP = no ]; then
echo "Welcome page will be enabled."
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: true,|" $MEET_CONF sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: true,|" $MEET_CONF
fi fi
done
#Set displayname as not required since jibri can't set it up. #Set displayname as not required since jibri can't set it up.
sed -i "s|// requireDisplayName: true,|requireDisplayName: false,|" $MEET_CONF sed -i "s|// requireDisplayName: true,|requireDisplayName: false,|" $MEET_CONF