switnet
/
quick-jibri-installer
2
1
Fork 1
Code Issues 2 Pull Requests Packages Projects Releases 13 Wiki Activity

5.4.3 #35

Merged
Ark74 merged 7 commits from unstable into master 2021-04-12 15:55:14 +00:00
Conversation 0 Commits 7 Files Changed 10 +233 -237
6 changed files with 233 additions and 237 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 457623b601 - Show all commits

2
add-jibri-node.sh
View File

@ -251,7 +251,7 @@ HWE_VIR_MOD=$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr) 2>/de
if [ "$HWE_VIR_MOD" = "1" ]; then
apt-get -y install \
linux-image-generic-hwe-$(lsb_release -sr)
else
else
apt-get -y install \
linux-image-generic \
linux-modules-extra-$(uname -r)

2
etherpad.sh
View File

@ -42,7 +42,7 @@ cut -d "/" -f2
install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " $1 is installed, skipping..."
else
else
echo -e "\n---- Installing $1 ----"
apt-get -yq2 install $1
fi

43
jra_nextcloud.sh
View File

@ -63,40 +63,39 @@ fi
while [[ -z "$NC_DOMAIN" ]]
do
read -p "Please enter the domain to use for Nextcloud: " -r NC_DOMAIN
if [ -z "$NC_DOMAIN" ];then
read -p "Please enter the domain to use for Nextcloud: " -r NC_DOMAIN
if [ -z "$NC_DOMAIN" ];then
echo "-- This field is mandatory."
elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then
elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then
echo "-- You can not use the same domain for both, Jitsi Meet and JRA via Nextcloud."
fi
fi
done
NC_NGINX_CONF="/etc/nginx/sites-available/$NC_DOMAIN.conf"
while [[ -z "$NC_USER" ]]
do
read -p "Nextcloud user: " -r NC_USER
if [ -z "$NC_USER" ]; then
read -p "Nextcloud user: " -r NC_USER
if [ -z "$NC_USER" ]; then
echo "-- This field is mandatory."
fi
fi
done
while [ -z "$NC_PASS" ] || [ ${#NC_PASS} -lt 6 ]
do
read -p "Nextcloud user password: " -r NC_PASS
if [ -z "$NC_PASS" ] || [ ${#NC_PASS} -lt 6 ]; then
read -p "Nextcloud user password: " -r NC_PASS
if [ -z "$NC_PASS" ] || [ ${#NC_PASS} -lt 6 ]; then
echo -e "-- This field is mandatory. \nPlease make sure it's at least 6 caracters.\n"
fi
fi
done
#Enable HSTS
while [[ "$ENABLE_HSTS" != "yes" && "$ENABLE_HSTS" != "no" ]]
do
read -p "> Do you want to enable HSTS for this domain?: (yes or no)
read -p "> Do you want to enable HSTS for this domain?: (yes or no)
Be aware this option apply mid-term effects on the domain, choose \"no\"
in case you don't know what you are doing. More at https://hstspreload.org/"$'\n' -r ENABLE_HSTS
if [ "$ENABLE_HSTS" = "no" ]; then
if [ "$ENABLE_HSTS" = "no" ]; then
echo "-- HSTS won't be enabled."
elif [ "$ENABLE_HSTS" = "yes" ]; then
elif [ "$ENABLE_HSTS" = "yes" ]; then
echo "-- HSTS will be enabled."
fi
fi
done
echo -e "\n# Check for jitsi-meet/jibri\n"
@ -120,22 +119,22 @@ fi
install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " $1 is installed, skipping..."
else
else
echo -e "\n---- Installing $1 ----"
apt-get -yq2 install $1
fi
}
add_php74() {
if [ "$PHP_REPO" = "php" ]; then
if [ "$PHP_REPO" = "php" ]; then
echo "PHP $PHPVER already installed"
apt-get -q2 update
apt-get -yq2 dist-upgrade
else
else
echo "# Adding Ondrej PHP $PHPVER PPA Repository"
apt-key adv --recv-keys --keyserver keyserver.ubuntu.com E5267A6C
echo "deb [arch=amd64] http://ppa.launchpad.net/ondrej/php/ubuntu $DISTRO_RELEASE main" > /etc/apt/sources.list.d/php7x.list
apt-get update -q2
fi
fi
}
#Prevent root folder permission issues
cp $PWD/files/jra-nc-app-ef.json /tmp
@ -383,11 +382,11 @@ nginx -t
systemctl restart nginx
if [ "$ENABLE_HSTS" = "yes" ]; then
sed -i "s|# add_header Strict-Transport-Security|add_header Strict-Transport-Security|g" $NC_NGINX_CONF
sed -i "s|# add_header Strict-Transport-Security|add_header Strict-Transport-Security|g" $NC_NGINX_CONF
fi
if [ "$DISTRO_RELEASE" != "xenial" ] && [ ! -z $PREAD_PROXY ]; then
echo "
if [ "$DISTRO_RELEASE" != "xenial" ] && [ ! -z "$PREAD_PROXY" ]; then
echo "
Setting up Nextcloud domain on Jitsi Meet turn proxy
"
sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" $JITSI_MEET_PROXY

109
quick_jibri_installer.sh
View File

@ -272,7 +272,6 @@ if [ "$LE_SSL" = "yes" ]; then
echo "Please try again."
fi
done
#Simple DNS test
if [ "$PUBLIC_IP" = "$(dig -4 +short $JITSI_DOMAIN)" ]; then
echo "Server public IP & DNS record for $JITSI_DOMAIN seems to match, continuing...
@ -318,7 +317,7 @@ HWE_VIR_MOD=$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr) 2>/de
if [ "$HWE_VIR_MOD" = "1" ]; then
apt-get -y install \
linux-image-generic-hwe-$(lsb_release -sr)
else
else
apt-get -y install \
linux-image-generic \
linux-modules-extra-$(uname -r)
@ -351,7 +350,7 @@ echo "
"
if [ "$(dpkg-query -W -f='${Status}' nodejs 2>/dev/null | grep -c "ok")" == "1" ]; then
echo "Nodejs is installed, skipping..."
else
else
curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -
apt-get install -yq2 nodejs
echo "Installing nodejs esprima package..."
@ -469,12 +468,12 @@ read -p "Leave empty to use the default one (English): "$'\n' L10N_ME
#Drop unsecure TLS
while [[ "$DROP_TLS1" != "yes" && "$DROP_TLS1" != "no" ]]
do
read -p "> Do you want to drop support for unsecure protocols TLSv1.0/1.1 now: (yes or no)"$'\n' -r DROP_TLS1
if [ "$DROP_TLS1" = "no" ]; then
read -p "> Do you want to drop support for unsecure protocols TLSv1.0/1.1 now: (yes or no)"$'\n' -r DROP_TLS1
if [ "$DROP_TLS1" = "no" ]; then
echo "TLSv1.0/1.1 will remain."
elif [ "$DROP_TLS1" = "yes" ]; then
elif [ "$DROP_TLS1" = "yes" ]; then
echo "TLSv1.0/1.1 will be dropped"
fi
fi
done
#Dropbox -- no longer requirement for localrecording
#while [[ $ENABLE_DB != yes && $ENABLE_DB != no ]]
@ -489,32 +488,32 @@ done
#Brandless Mode
while [[ "$ENABLE_BLESSM" != "yes" && "$ENABLE_BLESSM" != "no" ]]
do
read -p "> Do you want to install customized \"brandless mode\"?: (yes or no)"$'\n' -r ENABLE_BLESSM
if [ "$ENABLE_BLESSM" = "no" ]; then
read -p "> Do you want to install customized \"brandless mode\"?: (yes or no)"$'\n' -r ENABLE_BLESSM
if [ "$ENABLE_BLESSM" = "no" ]; then
echo "Brandless mode won't be set."
elif [ "$ENABLE_BLESSM" = "yes" ]; then
elif [ "$ENABLE_BLESSM" = "yes" ]; then
echo "Brandless mode will be set."
fi
fi
done
#Welcome Page
while [[ "$ENABLE_WELCP" != "yes" && "$ENABLE_WELCP" != "no" ]]
do
read -p "> Do you want to disable the Welcome page: (yes or no)"$'\n' -r ENABLE_WELCP
if [ "$ENABLE_WELCP" = "yes" ]; then
read -p "> Do you want to disable the Welcome page: (yes or no)"$'\n' -r ENABLE_WELCP
if [ "$ENABLE_WELCP" = "yes" ]; then
echo "Welcome page will be disabled."
elif [ "$ENABLE_WELCP" = "no" ]; then
elif [ "$ENABLE_WELCP" = "no" ]; then
echo "Welcome page will be enabled."
fi
fi
done
#Enable static avatar
while [[ "$ENABLE_SA" != "yes" && "$ENABLE_SA" != "no" ]]
do
read -p "> (Legacy) Do you want to enable static avatar?: (yes or no)"$'\n' -r ENABLE_SA
if [ "$ENABLE_SA" = "no" ]; then
read -p "> (Legacy) Do you want to enable static avatar?: (yes or no)"$'\n' -r ENABLE_SA
if [ "$ENABLE_SA" = "no" ]; then
echo "Static avatar won't be enabled"
elif [ "$ENABLE_SA" = "yes" ]; then
elif [ "$ENABLE_SA" = "yes" ]; then
echo "Static avatar will be enabled"
fi
fi
done
# #Enable local audio recording - disabling
#while [[ "$ENABLE_LAR" != "yes" && "$ENABLE_LAR" != "no" ]]
@ -568,13 +567,13 @@ done
#Jibri Records Access (JRA) via Nextcloud
while [[ "$ENABLE_NC_ACCESS" != "yes" && "$ENABLE_NC_ACCESS" != "no" ]]
do
read -p "> Do you want to setup Jibri Records Access via Nextcloud: (yes or no)
read -p "> Do you want to setup Jibri Records Access via Nextcloud: (yes or no)
( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )"$'\n' -r ENABLE_NC_ACCESS
if [ "$ENABLE_NC_ACCESS" = "no" ]; then
if [ "$ENABLE_NC_ACCESS" = "no" ]; then
echo -e "-- JRA via Nextcloud won't be enabled.\n"
elif [ "$ENABLE_NC_ACCESS" = "yes" ]; then
elif [ "$ENABLE_NC_ACCESS" = "yes" ]; then
echo -e "-- JRA via Nextcloud will be enabled.\n"
fi
fi
done
#Jigasi
if [ "$(curl -s -o /dev/null -w "%{http_code}" $GC_SDK_REL_FILE )" == "404" ]; then
@ -584,7 +583,7 @@ if [ "$(curl -s -o /dev/null -w "%{http_code}" $GC_SDK_REL_FILE )" == "404" ]; t
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $GC_SDK_REL_FILE )" == "200" ]; then
while [[ "$ENABLE_TRANSCRIPT" != "yes" && "$ENABLE_TRANSCRIPT" != "no" ]]
do
read -p "> Do you want to setup Jigasi Transcription: (yes or no)
read -p "> Do you want to setup Jigasi Transcription: (yes or no)
( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )"$'\n' -r ENABLE_TRANSCRIPT
if [ "$ENABLE_TRANSCRIPT" = "no" ]; then
echo -e "-- Jigasi Transcription won't be enabled.\n"
@ -666,7 +665,6 @@ if [ "$LE_SSL" = "yes" ]; then
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "404" ]; then
echo -e "\nCertbot PPA is not available for $(lsb_release -sc) just yet, it won't be installed...\n"
fi
else
echo "SSL setup will be skipped."
fi
@ -766,16 +764,15 @@ sed -i "s|// liveStreamingEnabled: false,|liveStreamingEnabled: true,\\
#LocalAudioRecording
if [ "$ENABLE_LAR" = "yes" ]; then
echo "# Enabling local recording (audio only)."
LR_STR=$(grep -n "// Local Recording" $MEET_CONF | cut -d ":" -f1)
LR_END=$((LR_STR + 18))
sed -i "$LR_STR,$LR_END{s|// localRecording: {|localRecording: {|}" $MEET_CONF
sed -i "$LR_STR,$LR_END{s|// enabled: true,|enabled: true,|}" $MEET_CONF
sed -i "$LR_STR,$LR_END{s|// format: 'flac'|format: 'flac'|}" $MEET_CONF
sed -i "$LR_STR,$LR_END{s|// }|}|}" $MEET_CONF
sed -i "s|'tileview'|'tileview', 'localrecording'|" $INT_CONF
sed -i "s|LOC_REC=.*|LOC_REC=\"on\"|" jitsi-updater.sh
echo "# Enabling local recording (audio only)."
LR_STR=$(grep -n "// Local Recording" $MEET_CONF | cut -d ":" -f1)
LR_END=$((LR_STR + 18))
sed -i "$LR_STR,$LR_END{s|// localRecording: {|localRecording: {|}" $MEET_CONF
sed -i "$LR_STR,$LR_END{s|// enabled: true,|enabled: true,|}" $MEET_CONF
sed -i "$LR_STR,$LR_END{s|// format: 'flac'|format: 'flac'|}" $MEET_CONF
sed -i "$LR_STR,$LR_END{s|// }|}|}" $MEET_CONF
sed -i "s|'tileview'|'tileview', 'localrecording'|" $INT_CONF
sed -i "s|LOC_REC=.*|LOC_REC=\"on\"|" jitsi-updater.sh
fi
#Setup main language
@ -789,7 +786,7 @@ fi
# Recording directory
if [ ! -d $DIR_RECORD ]; then
mkdir $DIR_RECORD
mkdir $DIR_RECORD
fi
chown -R jibri:jibri $DIR_RECORD
@ -1001,7 +998,7 @@ elif [ "$DROP_TLS1" = "yes" ] && [ "$DIST" = "xenial" ];then
elif [ "$DROP_TLS1" = "no" ];then
echo "No TLSv1/1.1 dropping was done."
else
echo "No condition meet, please report to
echo "No condition meet, please report to
https://github.com/switnet-ltd/quick-jibri-installer/issues "
fi
@ -1012,28 +1009,28 @@ sed -i "s|'videobackgroundblur', ||" $INT_CONF
###Setup secure rooms
if [ "$ENABLE_SC" = "yes" ]; then
SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" $PROSODY_FILE | head -n1 | cut -d ":" -f1)
SRP_END=$((SRP_STR + 10))
sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"internal_plain\"|}" $PROSODY_FILE
sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" $MEET_CONF
SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" $PROSODY_FILE | head -n1 | cut -d ":" -f1)
SRP_END=$((SRP_STR + 10))
sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"internal_plain\"|}" $PROSODY_FILE
sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" $MEET_CONF
#Secure room initial user
read -p "Set username for secure room moderator: "$'\n' -r SEC_ROOM_USER
read -p "Secure room moderator password: "$'\n' -r SEC_ROOM_PASS
prosodyctl register $SEC_ROOM_USER $DOMAIN $SEC_ROOM_PASS
#Secure room initial user
read -p "Set username for secure room moderator: "$'\n' -r SEC_ROOM_USER
read -p "Secure room moderator password: "$'\n' -r SEC_ROOM_PASS
prosodyctl register $SEC_ROOM_USER $DOMAIN $SEC_ROOM_PASS
echo -e "\nSecure rooms are being enabled..."
echo "You'll be able to login Secure Room chat with '${SEC_ROOM_USER}' \
echo -e "\nSecure rooms are being enabled..."
echo "You'll be able to login Secure Room chat with '${SEC_ROOM_USER}' \
or '${SEC_ROOM_USER}@${DOMAIN}' using the password you just entered.
If you have issues with the password refer to your sysadmin."
sed -i "s|#org.jitsi.jicofo.auth.URL=XMPP:|org.jitsi.jicofo.auth.URL=XMPP:|" $JICOFO_SIP
sed -i "s|SEC_ROOM=.*|SEC_ROOM=\"on\"|" jm-bm.sh
sed -i "s|#org.jitsi.jicofo.auth.URL=XMPP:|org.jitsi.jicofo.auth.URL=XMPP:|" $JICOFO_SIP
sed -i "s|SEC_ROOM=.*|SEC_ROOM=\"on\"|" jm-bm.sh
fi
###JWT
if [ "$ENABLE_JWT" = "yes" ]; then
echo -e "\nJWT auth is being setup..."
bash $PWD/mode/jwt.sh
echo -e "\nJWT auth is being setup..."
bash $PWD/mode/jwt.sh
fi
#Guest allow
@ -1104,9 +1101,9 @@ sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" $MEET_CONF
echo -e "\n# Checking $MEET_CONF file for errors\n"
CHECKJS=$(esvalidate $MEET_CONF| cut -d ":" -f2)
if [[ -z "$CHECKJS" ]]; then
echo -e "\n# The $MEET_CONF configuration seems correct. =)\n"
echo -e "\n# The $MEET_CONF configuration seems correct. =)\n"
else
echo "
echo "
Watch out!, there seems to be an issue on $MEET_CONF line:
$CHECKJS
Most of the times this is due upstream changes, please report to
@ -1131,13 +1128,13 @@ fi
enable_letsencrypt
if [ "$ENABLE_SC" = "yes" ];then
echo "Waiting prosody restart to continue configuration, 15s..."
wait_seconds 15
echo "Waiting prosody restart to continue configuration, 15s..."
wait_seconds 15
#Move mucs when using secure rooms - https://community.jitsi.org/t/27752/112
#Change back - https://community.jitsi.org/t/64769/136
#sed -i "s| lobby_muc = \"lobby.|-- lobby_muc = \"lobby.|" $PROSODY_FILE
#sed -i "s| main_muc = \"conference.|-- main_muc = \"conference.|" $PROSODY_FILE
sed -i "s| muc_lobby_whitelist = { \"recorder.*| muc_lobby_whitelist = { \"recorder.$DOMAIN\", \"auth.$DOMAIN\" }|" $PROSODY_FILE
sed -i "s| muc_lobby_whitelist = { \"recorder.*| muc_lobby_whitelist = { \"recorder.$DOMAIN\", \"auth.$DOMAIN\" }|" $PROSODY_FILE
#EO_TF
fi

4
tools/test-jibri-env.sh
View File

@ -154,8 +154,8 @@ if [ -z $SND_AL_MODULE ]; then
please try rebooting.\nFor now wait 'til the end of the recommended kernel installation."
echo "# Check and Install HWE kernel if possible..."
if uname -r | grep -q aws;then
KNL_HWE="$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr)|head -n1|awk '{print$3}'|cut -d "." -f1-4)"
KNL_MENU="$(awk -F\' '/menuentry / {print $2}' /boot/grub/grub.cfg | grep generic | grep -v recovery | awk '{print$3,$4}'|grep $KNL_HWE)"
KNL_HWE="$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr)|awk 'NR__1{print$3}'|cut -d "." -f1-4)"
KNL_MENU="$(awk -F\' '/menuentry / {print $2}' /boot/grub/grub.cfg|awk '!/recovery/&&/generic/{print$3,$4}'|grep $KNL_HWE)"
if [ ! -z "$KNL_MENU" ];then
echo -e "\nSeems you are using an AWS kernel \xE2\x9C\x96 <== IMPORTANT! \nYou might consider modify your grub (/etc/default/grub) to use the following:" && \
echo -e "\n > $KNL_MENU"