5.3.2 #29
|
@ -249,35 +249,39 @@ else
|
|||
JITSI_REPO="stable"
|
||||
fi
|
||||
#Default to LE SSL?
|
||||
while [[ $LE_SSL != yes && $LE_SSL != no ]]
|
||||
while [[ "$LE_SSL" != "yes" && "$LE_SSL" != "no" ]]
|
||||
do
|
||||
read -p "> Do you plan to use Let's Encrypt SSL certs?: (yes or no)"$'\n' -r LE_SSL
|
||||
if [ $LE_SSL = yes ]; then
|
||||
echo "We'll defaul to Let's Encrypt SSL certs."
|
||||
echo "We'll defaul to Let's Encrypt SSL certs."
|
||||
else
|
||||
echo "We'll let you choose later on for it."
|
||||
echo "We'll let you choose later on for it.
|
||||
Please be aware that a valid SSL cert is required for some features to work properly."
|
||||
fi
|
||||
done
|
||||
#Set domain
|
||||
while [[ $ANS_JD != yes ]]
|
||||
do
|
||||
read -p "> Please set your domain (or subdmain) here: (e.g.: jitsi.domain.com)"$'\n' -r JITSI_DOMAIN
|
||||
read -p "> Did you mean?: $JITSI_DOMAIN (yes or no)"$'\n' -r ANS_JD
|
||||
if [ "$ANS_JD" = "yes" ]; then
|
||||
if [ "$LE_SSL" = "yes" ]; then
|
||||
while [[ "$ANS_JD" != "yes" ]]
|
||||
do
|
||||
read -p "> Please set your domain (or subdmain) here: (e.g.: jitsi.domain.com)"$'\n' -r JITSI_DOMAIN
|
||||
read -p "> Did you mean?: $JITSI_DOMAIN (yes or no)"$'\n' -r ANS_JD
|
||||
if [ "$ANS_JD" = "yes" ]; then
|
||||
echo "Alright, let's use $JITSI_DOMAIN."
|
||||
else
|
||||
else
|
||||
echo "Please try again."
|
||||
fi
|
||||
done
|
||||
#Simple DNS test
|
||||
if [ "$PUBLIC_IP" = "$(dig -4 +short $JITSI_DOMAIN)" ]; then
|
||||
echo "Server public IP & DNS record for $JITSI_DOMAIN seems to match, continuing...
|
||||
fi
|
||||
done
|
||||
|
||||
#Simple DNS test
|
||||
if [ "$PUBLIC_IP" = "$(dig -4 +short $JITSI_DOMAIN)" ]; then
|
||||
echo "Server public IP & DNS record for $JITSI_DOMAIN seems to match, continuing...
|
||||
"
|
||||
else
|
||||
echo "Server public IP ($PUBLIC_IP) & DNS record for $JITSI_DOMAIN don't seem to match."
|
||||
echo "Please check your dns records are applied and updated. Exiting for now...
|
||||
else
|
||||
echo "Server public IP ($PUBLIC_IP) & DNS record for $JITSI_DOMAIN don't seem to match."
|
||||
echo "Please check your dns records are applied and updated. Exiting for now...
|
||||
"
|
||||
exit
|
||||
exit
|
||||
fi
|
||||
fi
|
||||
# Requirements
|
||||
echo "We'll start by installing system requirements this may take a while please be patient..."
|
||||
|
@ -292,13 +296,17 @@ apt-get -y install \
|
|||
git \
|
||||
htop \
|
||||
jq \
|
||||
letsencrypt \
|
||||
net-tools \
|
||||
rsync \
|
||||
ssh \
|
||||
unzip \
|
||||
wget
|
||||
|
||||
if [ "$LE_SSL" = "yes" ]; then
|
||||
apt-get -y install \
|
||||
letsencrypt
|
||||
fi
|
||||
|
||||
echo "# Check and Install HWE kernel if possible..."
|
||||
HWE_VIR_MOD=$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)")
|
||||
if [ "$HWE_VIR_MOD" = "1" ]; then
|
||||
|
@ -319,8 +327,8 @@ echo "
|
|||
"
|
||||
if [ "$LE_SSL" = "yes" ]; then
|
||||
echo "set jitsi-meet/cert-choice select Generate a new self-signed certificate (You will later get a chance to obtain a Let's encrypt certificate)" | debconf-set-selections
|
||||
fi
|
||||
echo "jitsi-videobridge2 jitsi-videobridge/jvb-hostname string $JITSI_DOMAIN" | debconf-set-selections
|
||||
fi
|
||||
apt-get -y install \
|
||||
jitsi-meet \
|
||||
jibri \
|
||||
|
@ -459,20 +467,6 @@ elif [ "$DROP_TLS1" = "yes" ]; then
|
|||
echo "TLSv1.0/1.1 will be dropped"
|
||||
fi
|
||||
done
|
||||
#SSL LE
|
||||
if [ "$LE_SSL" = "yes" ]; then
|
||||
ENABLE_SSL=yes
|
||||
else
|
||||
while [[ "$ENABLE_SSL" != "yes" && "$ENABLE_SSL" != "no" ]]
|
||||
do
|
||||
read -p "> Do you want to setup LetsEncrypt with your domain: (yes or no)"$'\n' -r ENABLE_SSL
|
||||
if [ "$ENABLE_SSL" = "no" ]; then
|
||||
echo "Please run letsencrypt.sh manually post-installation."
|
||||
else
|
||||
echo "SSL will be enabled."
|
||||
fi
|
||||
done
|
||||
fi
|
||||
#Dropbox -- no longer requirement for localrecording
|
||||
#while [[ $ENABLE_DB != yes && $ENABLE_DB != no ]]
|
||||
#do
|
||||
|
@ -627,6 +621,7 @@ INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js"
|
|||
WAN_IP=$(dig +short myip.opendns.com @resolver1.opendns.com)
|
||||
|
||||
ssl_wa() {
|
||||
if [ "$LE_SSL" = "yes" ]; then
|
||||
systemctl stop $1
|
||||
letsencrypt certonly --standalone --renew-by-default --agree-tos --email $5 -d $6
|
||||
sed -i "s|/etc/jitsi/meet/$3.crt|/etc/letsencrypt/live/$3/fullchain.pem|" $4
|
||||
|
@ -635,11 +630,12 @@ systemctl restart $1
|
|||
#Add cron
|
||||
crontab -l | { cat; echo "@weekly certbot renew --${2} > $LE_RENEW_LOG 2>&1"; } | crontab -
|
||||
crontab -l
|
||||
fi
|
||||
}
|
||||
|
||||
enable_letsencrypt() {
|
||||
if [ "$ENABLE_SSL" = "yes" ]; then
|
||||
echo '
|
||||
if [ "$LE_SSL" = "yes" ]; then
|
||||
echo '
|
||||
#--------------------------------------------------
|
||||
# Starting LetsEncrypt configuration
|
||||
#--------------------------------------------------
|
||||
|
@ -647,23 +643,23 @@ echo '
|
|||
#Disabled 'til fixed upstream
|
||||
#bash /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
|
||||
|
||||
echo "#Set and upgrade certbot PPA if posssible..."
|
||||
if [ "$CERTBOT_REPO" = "certbot" ]; then
|
||||
echo "#Set and upgrade certbot PPA if posssible..."
|
||||
if [ "$CERTBOT_REPO" = "certbot" ]; then
|
||||
echo -e "\nCerbot repository already on the system!\nChecking for updates...\n"
|
||||
apt-get -q2 update
|
||||
apt-get -yq2 dist-upgrade
|
||||
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "200" ]; then
|
||||
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "200" ]; then
|
||||
echo -e "\nAdding cerbot (formerly letsencrypt) PPA repository for latest updates\n"
|
||||
echo "deb http://ppa.launchpad.net/certbot/certbot/ubuntu $DIST main" > /etc/apt/sources.list.d/certbot.list
|
||||
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 75BCA694
|
||||
apt-get -q2 update
|
||||
apt-get -yq2 dist-upgrade
|
||||
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "404" ]; then
|
||||
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "404" ]; then
|
||||
echo -e "\nCertbot PPA is not available for $(lsb_release -sc) just yet, it won't be installed...\n"
|
||||
fi
|
||||
fi
|
||||
|
||||
else
|
||||
echo "SSL setup will be skipped."
|
||||
echo "SSL setup will be skipped."
|
||||
fi
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue