Stable branch #2

Merged
Ark74 merged 34 commits from stable-branch into master 2020-04-11 19:22:27 +00:00
1 changed files with 96 additions and 84 deletions
Showing only changes of commit 132be4ef7a - Show all commits

View File

@ -1,5 +1,5 @@
#!/bin/bash
# Quick Jibri Installer - *buntu 16.04 (LTS) based systems.
# Quick Jibri Installer - *buntu (LTS) based systems.
# SwITNet Ltd © - 2019, https://switnet.net/
# GPLv3 or later.
{
@ -30,7 +30,14 @@ GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list"
if [ $DIST = flidas ]; then
DIST="xenial"
fi
if [ $DIST = etiona ]; then
DIST="bionic"
fi
if [ $DIST="xenial" ]; then
echo "$(lsb_release -sc), even when it's compatible and functional.
We suggest you choose an upgrade to the next (LTS) release."
fi
if
install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " $1 is installed, skipping..."
@ -63,14 +70,15 @@ modprobe snd-aloop
echo "snd-aloop" >> /etc/modules
if [ "$(lsmod | grep snd_aloop | head -n 1 | cut -d " " -f1)" = "snd_aloop" ]; then
echo "
########################################################################
Audio driver seems - OK.
########################################################################"
#--------------------------------------------------
# Audio driver seems - OK.
#--------------------------------------------------"
else
echo "
########################################################################
Seems to be an issue with your audio driver, please review your hw setup.
########################################################################"
#--------------------------------------------------
# Seems to be an issue with your audio driver,
# please review your hw setup.
#--------------------------------------------------"
read -p
fi
}
@ -222,11 +230,12 @@ echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' >> $GCMP_JSON
echo '
########################################################################
Starting Jibri configuration
Please Setup Your Instalation
########################################################################
'
# MEET / JIBRI SETUP
DOMAIN=$(ls /etc/prosody/conf.d/ | grep -v localhost | awk -F'.cfg' '{print $1}' | awk '!NF || !seen[$0]++')
WS_CONF=/etc/nginx/sites-enabled/$DOMAIN.conf
JB_AUTH_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
JB_REC_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
PROSODY_FILE=/etc/prosody/conf.d/$DOMAIN.cfg.lua
@ -238,6 +247,8 @@ DIR_RECORD=/var/jbrecord
REC_DIR=/home/jibri/finalize_recording.sh
JB_NAME="Jibri Sessions"
LE_RENEW_LOG="/var/log/letsencrypt/renew.log"
MOD_LISTU="https://prosody.im/files/mod_listusers.lua"
MOD_LIST_FILE="/usr/lib/prosody/modules/mod_listusers.lua"
echo "## Setting up Jitsi Meet language ##
You can define your language by using a two letter code (ISO 639-1);
English -> en
@ -247,16 +258,19 @@ You can define your language by using a two letter code (ISO 639-1);
Jitsi Meet web interface will be set to use such language (if availabe).
"
read -p "Please set your language:"$'\n' -r LANG
read -p "Set sysadmin email: "$'\n' -r SYSADMIN_EMAIL
#Drop unsecure TLS
while [[ $DROP_TLS1 != yes && $DROP_TLS1 != no ]]
do
read -p "Do you want to drop support for TLSv1.0/1.1 now: (yes or no)"$'\n' -r DROP_TLS1
read -p "Do you want to drop support for unsecure protocols TLSv1.0/1.1 now: (yes or no)"$'\n' -r DROP_TLS1
if [ $DROP_TLS1 = no ]; then
echo "TLSv1.0/1.1 will remain."
elif [ $DROP_TLS1 = yes ]; then
echo "TLSv1.0/1.1 will be dropped"
fi
read -p "Please set your language:"$'\n' -r LANG
read -p "Set sysadmin email: "$'\n' -r SYSADMIN_EMAIL
done
#Dropbox
while [[ $ENABLE_DB != yes && $ENABLE_DB != no ]]
do
read -p "Do you want to setup the Dropbox feature now: (yes or no)"$'\n' -r ENABLE_DB
@ -266,6 +280,7 @@ elif [ $ENABLE_DB = yes ]; then
read -p "Please set your Drobbox App key: "$'\n' -r DB_CID
fi
done
#SSL LE
while [[ $ENABLE_SSL != yes && $ENABLE_SSL != no ]]
do
read -p "Do you want to setup LetsEncrypt with your domain: (yes or no)"$'\n' -r ENABLE_SSL
@ -285,7 +300,44 @@ elif [ $ENABLE_TRANSCRIPT = yes ]; then
echo "Jigasi Transcription will be enabled."
fi
done
#Enable static avatar
while [[ "$ENABLE_SA" != "yes" && "$ENABLE_SA" != "no" ]]
do
read -p "Do you want to enable static avatar?: (yes or no)"$'\n' -r ENABLE_SA
if [ "$ENABLE_SA" = "no" ]; then
echo "Static avatar won't be enable"
elif [ "$ENABLE_SA" = "yes" ]; then
echo "Static avatar will be enable"
fi
done
#Secure room initial user
while [[ "$ENABLE_SC" != "yes" && "$ENABLE_SC" != "no" ]]
do
read -p "Do you want to enable secure rooms?: (yes or no)"$'\n' -r ENABLE_SC
if [ "$ENABLE_SC" = "no" ]; then
echo "-- Secure rooms won't be enabled."
elif [ "$ENABLE_SC" = "yes" ]; then
echo "-- Secure rooms will being enabled."
read -p "Set username for secure room moderator: "$'\n' -r SEC_ROOM_USER
read -p "Secure room moderator password: "$'\n' -sr SEC_ROOM_PASS
fi
done
#Welcome Page
while [[ $ENABLE_WELCP != yes && $ENABLE_WELCP != no ]]
do
read -p "Do you want to disable the Welcome page: (yes or no)"$'\n' -r ENABLE_WELCP
if [ $ENABLE_WELCP = yes ]; then
echo "Welcome page will be disabled."
elif [ $ENABLE_WELCP = no ]; then
echo "Welcome page will be enabled."
fi
done
#Start configuration
echo '
########################################################################
Start Jitsi Framework configuration
########################################################################
'
JibriBrewery=JibriBrewery
INT_CONF=/usr/share/jitsi-meet/interface_config.js
WAN_IP=$(dig +short myip.opendns.com @resolver1.opendns.com)
@ -304,9 +356,9 @@ systemctl restart $1
enable_letsencrypt() {
if [ "$ENABLE_SSL" = "yes" ]; then
echo '
########################################################################
Starting LetsEncrypt configuration
########################################################################
#--------------------------------------------------
# Starting LetsEncrypt configuration
#--------------------------------------------------
'
#Disabled 'til fixed upstream
#bash /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
@ -367,12 +419,11 @@ sed -i "/c2s_require_encryption = false/a \\
\\
consider_bosh_secure = true" $PROSODY_SYS
if [ ! -f /usr/lib/prosody/modules/mod_listusers.lua ]; then
if [ ! -f $MOD_LIST_FILE ]; then
echo "
-> Adding external module to list prosody users...
"
cd /usr/lib/prosody/modules/
curl -s https://prosody.im/files/mod_listusers.lua > mod_listusers.lua
curl -s $MOD_LISTU > $MOD_LIST_FILE
echo "Now you can check registered users with:
prosodyctl mod_listusers
@ -510,68 +561,45 @@ cat << CONF_JSON > $CONF_JSON
CONF_JSON
#Tune webserver for Jitsi App control
if [ -f /etc/nginx/sites-available/$DOMAIN.conf ]; then
WS_CONF=/etc/nginx/sites-enabled/$DOMAIN.conf
WS_STR=$(grep -n "external_api.js" $WS_CONF | cut -d ":" -f1)
WS_END=$((WS_STR + 2))
sed -i "${WS_STR},${WS_END} s|^|#|" $WS_CONF
sed -i '$ d' $WS_CONF
cat << NG_APP >> $WS_CONF
location /external_api.min.js {
alias /usr/share/jitsi-meet/libs/external_api.min.js;
}
location /external_api.js {
alias /usr/share/jitsi-meet/libs/external_api.min.js;
}
}
NG_APP
if [ -f $WS_CONF ]; then
sed -i "/Anything that didn't match above/i \\\n" $WS_CONF
sed -i "/Anything that didn't match above/i \ \ \ \ location = \/external_api.min.js {" $WS_CONF
sed -i "/Anything that didn't match above/i \ \ \ \ \ \ \ \ alias \/usr\/share\/jitsi-meet\/libs\/external_api.min.js;" $WS_CONF
sed -i "/Anything that didn't match above/i \ \ \ \ }" $WS_CONF
sed -i "/Anything that didn't match above/i \\\n" $WS_CONF
systemctl reload nginx
else
echo "No app configuration done to server file, please report to:
-> https://github.com/switnet-ltd/quick-jibri-installer/issues"
fi
#Enable static avatar
while [[ "$ENABLE_SA" != "yes" && "$ENABLE_SA" != "no" ]]
do
read -p "Do you want to enable static avatar?: (yes or no)"$'\n' -r ENABLE_SA
if [ "$ENABLE_SA" = "no" ]; then
echo "Static avatar won't be enable"
elif [ "$ENABLE_SA" = "yes" ] && [ -f /etc/nginx/sites-available/$DOMAIN.conf ]; then
#Static avatar
if [ "$ENABLE_SA" = "yes" ] && [ -f $WS_CONF ]; then
wget https://switnet.net/static/avatar.png -O /usr/share/jitsi-meet/images/avatar2.png
WS_CONF=/etc/nginx/sites-enabled/$DOMAIN.conf
sed -i "/location \/external_api.min.js/i \ \ \ \ location \~ \^\/avatar\/\(.\*\)\\\.png {\\
\
\ \ \ \ \ \ \ \ alias /usr/share/jitsi-meet/images/avatar2.png;\\
\
\ \ \ \ }\\
sed -i "/location \/external_api.min.js/i \ \ \ \ location \~ \^\/avatar\/\(.\*\)\\\.png {" $WS_CONF
sed -i "/location \/external_api.min.js/i \ \ \ \ \ \ \ \ alias /usr/share/jitsi-meet/images/avatar2.png;" $WS_CONF
sed -i "/location \/external_api.min.js/i \ \ \ \ }\\
\ " $WS_CONF
sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'https://$DOMAIN/avatar/\'|" $INT_CONF
sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" $INT_CONF
else
echo "No app configuration done to server file, please report to:
-> https://github.com/switnet-ltd/quick-jibri-installer/issues"
fi
done
if [ $DROP_TLS1 = yes ] && [ $DIST = "bionic" ];then
#nginx -tlsv1/1.1
if [ $DROP_TLS1 = "yes" ] && [ $DIST = "bionic" ];then
echo "Dropping TLSv1/1.1 in favor of v1.3"
if [ -f /etc/nginx/nginx.conf ];
sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" /etc/nginx/nginx.conf
fi
elif [ $DROP_TLS1 = yes ] && [ ! $DIST = "bionic" ];then
#sed -i "s|TLSv1 TLSv1.1|TLSv1.3|" $WS_CONF
elif [ $DROP_TLS1 = "yes" ] && [ ! $DIST = "bionic" ];then
echo "Only dropping TLSv1/1.1"
if [ -f /etc/nginx/nginx.conf ];
sed -i "s|TLSv1 TLSv1.1||" /etc/nginx/nginx.conf
fi
#sed -i "s|TLSv1 TLSv1.1||" $WS_CONF
else
echo "No TLSv1/1.1 dropping was done. Please report to
https://github.com/switnet-ltd/quick-jibri-installer/issues "
fi
# Temporary disable "Blur my background" until is stable
# Disable "Blur my background" until new notice
sed -i "s|'videobackgroundblur', ||" $INT_CONF
#Enable secure rooms?
#Setup secure rooms
cat << P_SR >> $PROSODY_FILE
VirtualHost "$DOMAIN"
authentication = "internal_plain"
@ -580,24 +608,15 @@ VirtualHost "guest.$DOMAIN"
authentication = "anonymous"
c2s_require_encryption = false
P_SR
while [[ "$ENABLE_SC" != "yes" && "$ENABLE_SC" != "no" ]]
do
read -p "Do you want to enable secure rooms?: (yes or no)"$'\n' -r ENABLE_SC
if [ "$ENABLE_SC" = "no" ]; then
echo "-- Secure rooms won't be enable"
elif [ "$ENABLE_SC" = "yes" ]; then
echo "Secure rooms are being enable"
#Secure room initial user
read -p "Set username for secure room moderator: "$'\n' -r SEC_ROOM_USER
read -p "Secure room moderator password: "$'\n' -sr SEC_ROOM_PASS
if [ "$ENABLE_SC" = "yes" ]; then
echo "Secure rooms are being enabled..."
echo "You'll be able to login Secure Room chat with '${SEC_ROOM_USER}' \
or '${SEC_ROOM_USER}@${DOMAIN}' using the password you just entered.
If you have issues with the password refer to your sysadmin."
sed -i "s|#org.jitsi.jicofo.auth.URL=XMPP:|org.jitsi.jicofo.auth.URL=XMPP:|" $JICOFO_SIP
prosodyctl register $SEC_ROOM_USER $DOMAIN $SEC_ROOM_PASS
fi
done
#Start with video muted by default
sed -i "s|// startWithVideoMuted: false,|startWithVideoMuted: true,|" $MEET_CONF
@ -605,18 +624,11 @@ sed -i "s|// startWithVideoMuted: false,|startWithVideoMuted: true,|" $MEET_CONF
sed -i "s|// startAudioMuted: 10,|startAudioMuted: 1,|" $MEET_CONF
#Disable/enable welcome page
while [[ $ENABLE_WELCP != yes && $ENABLE_WELCP != no ]]
do
read -p "Do you want to disable the Welcome page: (yes or no)"$'\n' -r ENABLE_WELCP
if [ $ENABLE_WELCP = yes ]; then
echo "Welcome page will be disabled."
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: false,|" $MEET_CONF
elif [ $ENABLE_WELCP = no ]; then
echo "Welcome page will be enabled."
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: true,|" $MEET_CONF
fi
done
#Set displayname as not required since jibri can't set it up.
sed -i "s|// requireDisplayName: true,|requireDisplayName: false,|" $MEET_CONF