7.0.1 #81

Merged
Ark74 merged 30 commits from unstable into master 2022-05-24 04:17:40 +00:00
8 changed files with 396 additions and 392 deletions
Showing only changes of commit ae55dfb873 - Show all commits

View File

@ -8,7 +8,7 @@
### 1_LAST EDITION ### ### 1_LAST EDITION ###
#Make sure the file name is the required one #Make sure the file name is the required one
if [ ! "$(basename $0)" = "add-jibri-node.sh" ]; then if [ ! "$(basename "$0")" = "add-jibri-node.sh" ]; then
echo "For most cases naming won't matter, for this one it does." echo "For most cases naming won't matter, for this one it does."
echo "Please use the original name for this script: \`add-jibri-node.sh', and run again." echo "Please use the original name for this script: \`add-jibri-node.sh', and run again."
exit exit
@ -55,7 +55,7 @@ CHD_VER="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list" GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list"
GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}') GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}')
GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json" GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json"
PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)" #PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)"
NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)" NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
NJN_USER="jbnode${ADDUP}_${NJN_RAND_TAIL}" NJN_USER="jbnode${ADDUP}_${NJN_RAND_TAIL}"
NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)" NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)"
@ -68,7 +68,7 @@ JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf"
# sed limiters for add-jibri-node.sh variables # sed limiters for add-jibri-node.sh variables
var_dlim() { var_dlim() {
grep -n $1 add-jibri-node.sh|head -n1|cut -d ":" -f1 grep -n "$1" add-jibri-node.sh|head -n1|cut -d ":" -f1
} }
check_var() { check_var() {
@ -89,19 +89,19 @@ echo "
# Checking initial necessary variables... # Checking initial necessary variables...
#-----------------------------------------------------------------------" #-----------------------------------------------------------------------"
JMS_DATA=($MAIN_SRV_DIST \ JMS_DATA=("$MAIN_SRV_DIST" \
$MAIN_SRV_REPO \ "$MAIN_SRV_REPO" \
$MAIN_SRV_DOMAIN \ "$MAIN_SRV_DOMAIN" \
$JibriBrewery \ "$JibriBrewery" \
$JB_NAME \ "$JB_NAME" \
$JB_AUTH_PASS \ "$JB_AUTH_PASS" \
$JB_REC_PASS \ "$JB_REC_PASS" \
$MJS_USER \ "$MJS_USER" \
$MJS_USER_PASS \ "$MJS_USER_PASS" \
$JIBRI_RES_CONF \ "$JIBRI_RES_CONF" \
$JIBRI_RES_XORG_CONF) "$JIBRI_RES_XORG_CONF")
JMS_EVAL=${JMS_DATA[0]} JMS_EVAL="${JMS_DATA[0]}"
for i in "${JMS_DATA[@]}"; do for i in "${JMS_DATA[@]}"; do
if [[ "$JMS_EVAL" != "$i" ]]; then if [[ "$JMS_EVAL" != "$i" ]]; then
ALL_TBD="no" ALL_TBD="no"
@ -152,7 +152,7 @@ else
fi fi
### Test RAM size (8GB min) ### ### Test RAM size (8GB min) ###
mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+') mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+')
if [ ${mem_available} -lt 7700000 ]; then if [ "${mem_available}" -lt 7700000 ]; then
echo " echo "
Warning!: The system do not meet the minimum RAM requirements for Jibri to run. Warning!: The system do not meet the minimum RAM requirements for Jibri to run.
>> We recommend 8GB RAM for Jibri! >> We recommend 8GB RAM for Jibri!
@ -190,7 +190,7 @@ sed -i "1i 127.0.0.1 jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts
# Jitsi-Meet Repo # Jitsi-Meet Repo
echo "Add Jitsi repo" echo "Add Jitsi repo"
if [ -z "$JITSI_REPO" ]; then if [ -z "$JITSI_REPO" ]; then
echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-$MAIN_SRV_REPO.list echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-"$MAIN_SRV_REPO".list
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add - wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository don't match, extiting.." echo "Main and node servers repository don't match, extiting.."
@ -235,7 +235,7 @@ else
# Your audio driver might not be able to load. # Your audio driver might not be able to load.
# We'll check the state of this Jibri with our 'test-jibri-env.sh' tool. # We'll check the state of this Jibri with our 'test-jibri-env.sh' tool.
#-----------------------------------------------------------------------" #-----------------------------------------------------------------------"
curl -s $TEST_JIBRI_ENV > /tmp/test-jibri-env.sh curl -s "$TEST_JIBRI_ENV" > /tmp/test-jibri-env.sh
#Test tool #Test tool
if [ "$MODE" = "debug" ]; then if [ "$MODE" = "debug" ]; then
bash /tmp/test-jibri-env.sh -m debug bash /tmp/test-jibri-env.sh -m debug
@ -248,14 +248,14 @@ fi
} }
echo "# Check and Install HWE kernel if possible..." echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD=$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)") HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")"
if [ "$HWE_VIR_MOD" = "1" ]; then if [ "$HWE_VIR_MOD" = "1" ]; then
apt-get -y install \ apt-get -y install \
linux-image-generic-hwe-$(lsb_release -sr) linux-image-generic-hwe-"$(lsb_release -sr)"
else else
apt-get -y install \ apt-get -y install \
linux-image-generic \ linux-image-generic \
linux-modules-extra-$(uname -r) linux-modules-extra-"$(uname -r)"
fi fi
echo " echo "
@ -273,7 +273,7 @@ if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then
else else
echo "Installing Google Chrome Stable" echo "Installing Google Chrome Stable"
wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add -
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee $GOOGL_REPO echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO"
fi fi
apt-get -q2 update apt-get -q2 update
apt-get install -y google-chrome-stable apt-get install -y google-chrome-stable
@ -283,7 +283,7 @@ if [ -f /usr/local/bin/chromedriver ]; then
echo "Chromedriver already installed." echo "Chromedriver already installed."
else else
echo "Installing Chromedriver" echo "Installing Chromedriver"
wget -q https://chromedriver.storage.googleapis.com/$CHD_VER/chromedriver_linux64.zip -O /tmp/chromedriver_linux64.zip wget -q https://chromedriver.storage.googleapis.com/"$CHD_VER"/chromedriver_linux64.zip -O /tmp/chromedriver_linux64.zip
unzip /tmp/chromedriver_linux64.zip -d /usr/local/bin/ unzip /tmp/chromedriver_linux64.zip -d /usr/local/bin/
chown root:root /usr/local/bin/chromedriver chown root:root /usr/local/bin/chromedriver
chmod 0755 /usr/local/bin/chromedriver chmod 0755 /usr/local/bin/chromedriver
@ -305,18 +305,18 @@ echo "
Remove Chrome warning... Remove Chrome warning...
" "
mkdir -p /etc/opt/chrome/policies/managed mkdir -p /etc/opt/chrome/policies/managed
echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > $GCMP_JSON echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON"
# Recording directory # Recording directory
if [ ! -d $DIR_RECORD ]; then if [ ! -d "$DIR_RECORD" ]; then
mkdir $DIR_RECORD mkdir "$DIR_RECORD"
fi fi
chown -R jibri:jibri $DIR_RECORD chown -R jibri:jibri "$DIR_RECORD"
cat << REC_DIR > $REC_DIR cat << REC_DIR > "$REC_DIR"
#!/bin/bash #!/bin/bash
RECORDINGS_DIR=$DIR_RECORD RECORDINGS_DIR="$DIR_RECORD"
echo "This is a dummy finalize script" > /tmp/finalize.out echo "This is a dummy finalize script" > /tmp/finalize.out
echo "The script was invoked with recordings directory $RECORDINGS_DIR." >> /tmp/finalize.out echo "The script was invoked with recordings directory $RECORDINGS_DIR." >> /tmp/finalize.out
@ -341,12 +341,12 @@ fi
exit 0 exit 0
REC_DIR REC_DIR
chown jibri:jibri $REC_DIR chown jibri:jibri "$REC_DIR"
chmod +x $REC_DIR chmod +x "$REC_DIR"
## New Jibri Config (2020) ## New Jibri Config (2020)
mv $JIBRI_CONF ${JIBRI_CONF}-dpkg-file mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file
cat << NEW_CONF > $JIBRI_CONF cat << NEW_CONF > "$JIBRI_CONF"
// New XMPP environment config. // New XMPP environment config.
jibri { jibri {
streaming { streaming {
@ -459,25 +459,25 @@ jibri {
NEW_CONF NEW_CONF
#Jibri xorg resolution #Jibri xorg resolution
sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" $JIBRI_XORG_CONF sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" "$JIBRI_XORG_CONF"
echo -e "\n---- Create random nodesync user ----" echo -e "\n---- Create random nodesync user ----"
useradd -m -g jibri $NJN_USER useradd -m -g jibri "$NJN_USER"
echo "$NJN_USER:$NJN_USER_PASS" | chpasswd echo "$NJN_USER:$NJN_USER_PASS" | chpasswd
echo -e "\n---- We'll connect to main server ----" echo -e "\n---- We'll connect to main server ----"
read -n 1 -s -r -p "Press any key to continue..."$'\n' read -n 1 -s -r -p "Press any key to continue..."$'\n'
sudo su $NJN_USER -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''" sudo su "$NJN_USER" -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
#Workaround for jibri to do cleaning. #Workaround for jibri to do cleaning.
install -m 0600 -o jibri /home/$NJN_USER/.ssh/id_rsa /home/jibri/jbsync.pem install -m 0600 -o jibri /home/"$NJN_USER"/.ssh/id_rsa /home/jibri/jbsync.pem
sudo su jibri -c "install -D /dev/null /home/jibri/.ssh/known_hosts" sudo su jibri -c "install -D /dev/null /home/jibri/.ssh/known_hosts"
sudo su jibri -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts" sudo su jibri -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts"
echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n" echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n"
ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> ~/.ssh/known_hosts ssh-keyscan -t rsa "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts
ssh $MJS_USER@$MAIN_SRV_DOMAIN sh -c "'cat >> .ssh/authorized_keys'" < /home/$NJN_USER/.ssh/id_rsa.pub ssh "$MJS_USER"@"$MAIN_SRV_DOMAIN" sh -c "'cat >> .ssh/authorized_keys'" < /home/"$NJN_USER"/.ssh/id_rsa.pub
sudo su $NJN_USER -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts" sudo su "$NJN_USER" -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts"
echo -e "\n---- Setup Log system ----" echo -e "\n---- Setup Log system ----"
cat << INOT_RSYNC > /etc/jitsi/jibri/remote-jbsync.sh cat << INOT_RSYNC > /etc/jitsi/jibri/remote-jbsync.sh
@ -486,21 +486,21 @@ cat << INOT_RSYNC > /etc/jitsi/jibri/remote-jbsync.sh
# Log process # Log process
exec 3>&1 4>&2 exec 3>&1 4>&2
trap 'exec 2>&4 1>&3' 0 1 2 3 trap 'exec 2>&4 1>&3' 0 1 2 3
exec 1>/var/log/$NJN_USER/remote_jnsync.log 2>&1 exec 1>/var/log/"$NJN_USER"/remote_jnsync.log 2>&1
# Run sync # Run sync
while true; do while true; do
inotifywait -t 60 -r -e modify,attrib,close_write,move,delete $DIR_RECORD inotifywait -t 60 -r -e modify,attrib,close_write,move,delete "$DIR_RECORD"
sudo su $NJN_USER -c "rsync -Aax --info=progress2 --remove-source-files --exclude '.*/' $DIR_RECORD/ $MJS_USER@$MAIN_SRV_DOMAIN:$DIR_RECORD" sudo su "$NJN_USER" -c "rsync -Aax --info=progress2 --remove-source-files --exclude '.*/' $DIR_RECORD/ $MJS_USER@$MAIN_SRV_DOMAIN:$DIR_RECORD"
find $DIR_RECORD -depth -type d -empty -not -path $DIR_RECORD -delete find "$DIR_RECORD" -depth -type d -empty -not -path "$DIR_RECORD" -delete
done done
INOT_RSYNC INOT_RSYNC
mkdir /var/log/$NJN_USER mkdir /var/log/"$NJN_USER"
cat << LOG_ROT > /etc/logrotate.d/$NJN_USER cat << LOG_ROT > /etc/logrotate.d/"$NJN_USER"
/var/log/$NJN_USER/*.log { /var/log/"$NJN_USER"/*.log {
monthly monthly
missingok missingok
rotate 12 rotate 12
@ -561,7 +561,7 @@ echo "
echo "Make sure to reboot, it's necessary before *any* usage. echo "Make sure to reboot, it's necessary before *any* usage.
Rebooting in..." Rebooting in..."
secs=$((15)) secs=$((15))
while [ $secs -gt 0 ]; do while [ "$secs" -gt 0 ]; do
echo -ne "$secs\033[0K\r" echo -ne "$secs\033[0K\r"
sleep 1 sleep 1
: $((secs--)) : $((secs--))

View File

@ -8,7 +8,7 @@
### 1_LAST EDITION ### ### 1_LAST EDITION ###
#Make sure the file name is the required one #Make sure the file name is the required one
if [ ! "$(basename $0)" = "add-jvb2-node.sh" ]; then if [ ! "$(basename "$0")" = "add-jvb2-node.sh" ]; then
echo "For most cases naming won't matter, for this one it does." echo "For most cases naming won't matter, for this one it does."
echo "Please use the original name for this script: \`add-jvb2-node.sh', and run again." echo "Please use the original name for this script: \`add-jvb2-node.sh', and run again."
exit exit
@ -53,10 +53,10 @@ SHARD_DOMAIN=TBD
SHARD_PASS=TBD SHARD_PASS=TBD
MUC_JID=TBD MUC_JID=TBD
MJS_USER=TBD #MJS_USER=TBD
MJS_USER_PASS=TBD #MJS_USER_PASS=TBD
START=0 #START=0
LAST=TBD #LAST=TBD
THIS_SRV_DIST=$(lsb_release -sc) THIS_SRV_DIST=$(lsb_release -sc)
JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR==1{print$1}') JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR==1{print$1}')
@ -71,7 +71,7 @@ SHORT_ID="$(awk '{print substr($0,0,7)}' /etc/machine-id)"
# sed limiters for add-jvb2-node.sh variables # sed limiters for add-jvb2-node.sh variables
var_dlim() { var_dlim() {
grep -n $1 add-jvb2-node.sh|head -n1|cut -d ":" -f1 grep -n "$1" add-jvb2-node.sh|head -n1|cut -d ":" -f1
} }
check_var() { check_var() {
@ -105,7 +105,7 @@ else
fi fi
### Test RAM size (8GB min) ### ### Test RAM size (8GB min) ###
mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+') mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+')
if [ ${mem_available} -lt 7700000 ]; then if [ "${mem_available}" -lt 7700000 ]; then
echo " echo "
Warning!: The system do not meet the CPU recomendations for a JVB node for heavy loads. Warning!: The system do not meet the CPU recomendations for a JVB node for heavy loads.
>> We recommend 8GB RAM or above for JVB2! >> We recommend 8GB RAM or above for JVB2!
@ -141,7 +141,7 @@ echo "
#-----------------------------------------------------------------------" #-----------------------------------------------------------------------"
check_var JVB_HOSTNNAME "$JVB_HOSTNAME" check_var JVB_HOSTNNAME "$JVB_HOSTNAME"
if [ -z $JVB_HOST ]; then if [ -z "$JVB_HOST" ]; then
echo "JVB_HOST is empty, but it may be ok for it to be empty, skipping empty test." echo "JVB_HOST is empty, but it may be ok for it to be empty, skipping empty test."
else else
check_var JVB_HOST "$JVB_HOST" check_var JVB_HOST "$JVB_HOST"
@ -166,7 +166,7 @@ sed -i "1i 127.0.0.1 jvb_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts
# Jitsi-Meet Repo # Jitsi-Meet Repo
echo "Add Jitsi repo" echo "Add Jitsi repo"
if [ -z "$JITSI_REPO" ]; then if [ -z "$JITSI_REPO" ]; then
echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-$MAIN_SRV_REPO.list echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-"$MAIN_SRV_REPO".list
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add - wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository don't match, extiting.." echo "Main and node servers repository don't match, extiting.."
@ -193,14 +193,14 @@ apt-get -y install \
wget wget
echo "# Check and Install HWE kernel if possible..." echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD=$(apt-cache madison linux-modules-extra-virtual-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "extra-virtual-hwe") HWE_VIR_MOD="$(apt-cache madison linux-modules-extra-virtual-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c "extra-virtual-hwe")"
if [ "$HWE_VIR_MOD" == "1" ]; then if [ "$HWE_VIR_MOD" == "1" ]; then
apt-get -y install \ apt-get -y install \
linux-image-generic-hwe-$(lsb_release -sr) \ linux-image-generic-hwe-"$(lsb_release -sr)" \
linux-modules-extra-virtual-hwe-$(lsb_release -sr) linux-modules-extra-virtual-hwe-"$(lsb_release -sr)"
else else
apt-get -y install \ apt-get -y install \
linux-modules-extra-$(uname -r) linux-modules-extra-"$(uname -r)"
fi fi
echo " echo "

View File

@ -18,7 +18,7 @@ if [ "$MODE" = "debug" ]; then
set -x set -x
fi fi
if ! [ $(id -u) = 0 ]; then if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!" echo "You need to be root or have sudo privileges!"
exit 0 exit 0
fi fi
@ -35,14 +35,14 @@ check_apt_policy() {
apt-cache policy 2>/dev/null| awk "/$1/{print \$3}" | awk -F '/' 'NR==1{print$2}' apt-cache policy 2>/dev/null| awk "/$1/{print \$3}" | awk -F '/' 'NR==1{print$2}'
} }
install_ifnot() { install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " $1 is installed, skipping..." echo " $1 is installed, skipping..."
else else
echo -e "\n---- Installing $1 ----" echo -e "\n---- Installing $1 ----"
apt-get -yq2 install $1 apt-get -yq2 install "$1"
fi fi
} }
DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')" DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js" MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf" WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
PSGVER="$(apt-cache madison postgresql|awk -F'[ +]' 'NR==1{print $3}')" PSGVER="$(apt-cache madison postgresql|awk -F'[ +]' 'NR==1{print $3}')"
@ -65,7 +65,7 @@ read -p "Set your etherpad docker admin password: " -r ETHERPAD_ADMIN_PASS
# Install required packages # Install required packages
install_ifnot docker-ce install_ifnot docker-ce
install_ifnot postgresql-$PSGVER install_ifnot postgresql-"$PSGVER"
# Create DB # Create DB
echo -e "> Creating postgresql database for container...\n" echo -e "> Creating postgresql database for container...\n"
@ -100,37 +100,36 @@ fi
# Tune webserver for Jitsi App control # Tune webserver for Jitsi App control
if [ $(grep -c "etherpad" $WS_CONF) != 0 ]; then if [ "$(grep -c etherpad "$WS_CONF")" != 0 ]; then
echo "> Webserver seems configured, skipping..." echo "> Webserver seems configured, skipping..."
elif [ -f $WS_CONF ]; then elif [ -f "$WS_CONF" ]; then
echo "> Setting up webserver configuration file..." echo "> Setting up webserver configuration file..."
sed -i "/# ensure all static content can always be found first/i \ \ \ \ #Etherpad block" $WS_CONF sed -i "/# ensure all static content can always be found first/i \ \ \ \ #Etherpad block" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ location \^\~\ \/etherpad\/ {" $WS_CONF sed -i "/# ensure all static content can always be found first/i \ \ \ \ location \^\~\ \/etherpad\/ {" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:9001\/;" $WS_CONF sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:9001\/;" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_set_header X-Forwarded-For \$remote_addr;" $WS_CONF sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_set_header X-Forwarded-For \$remote_addr;" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_buffering off;" $WS_CONF sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_buffering off;" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_set_header Host \$host;" $WS_CONF sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_set_header Host \$host;" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" $WS_CONF sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \\\n" $WS_CONF sed -i "/# ensure all static content can always be found first/i \\\n" "$WS_CONF"
else else
echo "> No etherpad config done to server file, please report to: echo "> No etherpad config done to server file, please report to:
-> https://github.com/switnet-ltd/quick-jibri-installer/issues" -> https://github.com/switnet-ltd/quick-jibri-installer/issues"
fi fi
# Configure config.js # Configure config.js
if [ $(grep -c "etherpad_base" $WS_CONF) != 0 ]; then if [ "$(grep -c "etherpad_base" "$WS_CONF")" != 0 ]; then
echo -e "> $MEET_CONF seems configured, skipping...\n" echo -e "> $MEET_CONF seems configured, skipping...\n"
else else
echo -e "> Setting etherpad domain at $MEET_CONF...\n" echo -e "> Setting etherpad domain at $MEET_CONF...\n"
sed -i "/ openSharedDocumentOnJoin:/a\ \ \ \ etherpad_base: \'https://$DOMAIN/etherpad/p/\'," $MEET_CONF sed -i "/ openSharedDocumentOnJoin:/a\ \ \ \ etherpad_base: \'https://$DOMAIN/etherpad/p/\'," "$MEET_CONF"
fi fi
echo "> Checking nginx configuration..." echo "> Checking nginx configuration..."
nginx -t 2>/dev/null
if [ $? = 0 ]; then if nginx -t 2>/dev/null ; then
echo -e " -- Docker configuration seems fine, enabling it." echo -e " -- Docker configuration seems fine, enabling it."
systemctl reload nginx # systemctl reload nginx
else else
echo "Please check your configuration, something may be wrong." echo "Please check your configuration, something may be wrong."
echo "Will not try to enable etherpad nginx configuration, please report to: echo "Will not try to enable etherpad nginx configuration, please report to:

View File

@ -26,7 +26,7 @@ if [ "$MODE" = "debug" ]; then
set -x set -x
fi fi
if ! [ $(id -u) = 0 ]; then if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!" echo "You need to be root or have sudo privileges!"
exit 0 exit 0
fi fi
@ -39,14 +39,14 @@ echo '
by Software, IT & Networks Ltd by Software, IT & Networks Ltd
' '
run_service() { run_service() {
systemctl enable $1 systemctl enable "$1"
systemctl restart $1 systemctl restart "$1"
systemctl status $1 systemctl status "$1"
} }
MAIN_TEL="/etc/telegraf/telegraf.conf" MAIN_TEL="/etc/telegraf/telegraf.conf"
TEL_JIT="/etc/telegraf/telegraf.d/jitsi.conf" TEL_JIT="/etc/telegraf/telegraf.d/jitsi.conf"
GRAFANA_INI="/etc/grafana/grafana.ini" GRAFANA_INI="/etc/grafana/grafana.ini"
DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')" DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf" WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
GRAFANA_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)" GRAFANA_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 14 | head -n1)"
@ -162,11 +162,11 @@ while [ $secs -gt 0 ]; do
: $((secs--)) : $((secs--))
done done
if [ -f $WS_CONF ]; then if [ -f "$WS_CONF" ]; then
sed -i "/# ensure all static content can always be found first/i \ \ \ \ location \~ \^\/(grafana\/|grafana\/login) {" $WS_CONF sed -i "/# ensure all static content can always be found first/i \ \ \ \ location \~ \^\/(grafana\/|grafana\/login) {" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:3000;" $WS_CONF sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:3000;" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" $WS_CONF sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \\\n" $WS_CONF sed -i "/# ensure all static content can always be found first/i \\\n" "$WS_CONF"
systemctl restart nginx systemctl restart nginx
else else
echo "No app configuration done to server file, please report to: echo "No app configuration done to server file, please report to:
@ -206,8 +206,8 @@ grafana_cred="admin:$GRAFANA_PASS"
grafana_datasource="InfluxDB" grafana_datasource="InfluxDB"
ds=(11969); ds=(11969);
for d in "${ds[@]}"; do for d in "${ds[@]}"; do
echo -n "Processing $d: " echo "Processing $d: "
j=$(curl -s -k -u "$grafana_cred" $grafana_host/api/gnet/dashboards/$d | jq .json) j="$(curl -s -k -u "$grafana_cred" "$grafana_host"/api/gnet/dashboards/"$d" | jq .json)"
curl -s -k -u "$grafana_cred" -XPOST -H "Accept: application/json" \ curl -s -k -u "$grafana_cred" -XPOST -H "Accept: application/json" \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
-d "{ -d "{

View File

@ -9,8 +9,11 @@ Purple='\e[0;35m'
Green='\e[0;32m' Green='\e[0;32m'
Yellow='\e[0;33m' Yellow='\e[0;33m'
Color_Off='\e[0m' Color_Off='\e[0m'
printwc() {
printf "%b$2%b" "$1" "${Color_Off}"
}
#Check if user is root #Check if user is root
if ! [ $(id -u) = 0 ]; then if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!" echo "You need to be root or have sudo privileges!"
exit 0 exit 0
fi fi
@ -23,28 +26,28 @@ support="https://switnet.net/support"
apt_repo="/etc/apt/sources.list.d" apt_repo="/etc/apt/sources.list.d"
ENABLE_BLESSM="TBD" ENABLE_BLESSM="TBD"
CHD_LTST="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)" CHD_LTST="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
CHD_LTST_2D="$(echo $CHD_LTST|cut -d "." -f 1,2)" CHD_LTST_2D="$(echo "$CHD_LTST"|cut -d "." -f 1,2)"
CHDB="$(whereis chromedriver | awk '{print$2}')" CHDB="$(whereis chromedriver | awk '{print$2}')"
DOMAIN="$(ls /etc/prosody/conf.d|awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')" DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
NC_DOMAIN="TBD" NC_DOMAIN="TBD"
JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf" JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
if [ -f $JITSI_MEET_PROXY ];then if [ -f "$JITSI_MEET_PROXY" ];then
PREAD_PROXY=$(grep -nr "preread_server_name" $JITSI_MEET_PROXY | cut -d ":" -f1) PREAD_PROXY=$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" -f1)
fi fi
INT_CONF="/usr/share/jitsi-meet/interface_config.js" INT_CONF="/usr/share/jitsi-meet/interface_config.js"
INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js" INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js"
jibri_packages="$(grep Package /var/lib/apt/lists/download.jitsi.org_*_Packages |sort -u|awk '{print $2}'|sed 's|jigasi||')" jibri_packages="$(grep Package /var/lib/apt/lists/download.jitsi.org_*_Packages |sort -u|awk '{print $2}'|sed 's|jigasi||')"
AVATAR="$(grep -r avatar /etc/nginx/sites-*/ 2>/dev/null)" AVATAR="$(grep -r avatar /etc/nginx/sites-*/ 2>/dev/null)"
if [ -f $apt_repo/google-chrome.list ]; then if [ -f "$apt_repo"/google-chrome.list ]; then
google_package=$(grep Package /var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages | sort -u | cut -d ' ' -f2) google_package=$(grep Package /var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages | sort -u | cut -d ' ' -f2)
else else
echo "Seems no Google repo installed" echo "Seems no Google repo installed"
fi fi
if [ -z $CHDB ]; then if [ -z "$CHDB" ]; then
echo "Seems no chromedriver installed" echo "Seems no chromedriver installed"
else else
CHD_VER_LOCAL="$($CHDB -v | awk '{print $2}')" CHD_VER_LOCAL="$($CHDB -v | awk '{print $2}')"
CHD_VER_2D="$(echo $CHD_VER_LOCAL|awk '{printf "%.1f\n", $NF}')" CHD_VER_2D="$(echo "$CHD_VER_LOCAL"|awk '{printf "%.1f\n", $NF}')"
fi fi
# True if $1 is greater than $2 # True if $1 is greater than $2
@ -72,21 +75,21 @@ restart_services() {
update_jitsi_repo() { update_jitsi_repo() {
apt-get update -o Dir::Etc::sourcelist="sources.list.d/jitsi-$1.list" \ apt-get update -o Dir::Etc::sourcelist="sources.list.d/jitsi-$1.list" \
-o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"
apt-get install -qq --only-upgrade $jibri_packages apt-get install -qq --only-upgrade "$jibri_packages"
} }
update_google_repo() { update_google_repo() {
if [ -f $apt_repo/google-chrome.list ]; then if [ -f "$apt_repo"/google-chrome.list ]; then
apt-get update -o Dir::Etc::sourcelist="sources.list.d/google-chrome.list" \ apt-get update -o Dir::Etc::sourcelist="sources.list.d/google-chrome.list" \
-o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"
apt-get install -qq --only-upgrade $google_package apt-get install -qq --only-upgrade "$google_package"
else else
echo "No Google repository found" echo "No Google repository found"
fi fi
} }
GOOGL_VER_2D="$(/usr/bin/google-chrome --version|awk '{printf "%.1f\n", $NF}')" GOOGL_VER_2D="$(/usr/bin/google-chrome --version|awk '{printf "%.1f\n", $NF}')"
upgrade_cd() { upgrade_cd() {
if [ ! -z "$GOOGL_VER_2D" ]; then if [ -n "$GOOGL_VER_2D" ]; then
if version_gt "$GOOGL_VER_2D" "$CHD_VER_2D" ; then if version_gt "$GOOGL_VER_2D" "$CHD_VER_2D" ; then
echo "Upgrading Chromedriver to Google Chromes version" echo "Upgrading Chromedriver to Google Chromes version"
wget -q https://chromedriver.storage.googleapis.com/"$CHD_LTST"/chromedriver_linux64.zip \ wget -q https://chromedriver.storage.googleapis.com/"$CHD_LTST"/chromedriver_linux64.zip \
@ -95,33 +98,38 @@ if [ ! -z "$GOOGL_VER_2D" ]; then
chown root:root "$CHDB" chown root:root "$CHDB"
chmod 0755 "$CHDB" chmod 0755 "$CHDB"
rm -rf /tpm/chromedriver_linux64.zip rm -rf /tpm/chromedriver_linux64.zip
printf "Current version: ${Green} "$($CHDB -v |awk '{print $2}'|awk '{printf "%.1f\n", $NF}')" ${Color_Off} (latest available)\n" printf "Current version: "
printwc "$Green" "$($CHDB -v |awk '{print $2}'|awk '{printf "%.1f\n", $NF}')"
echo -e " (latest available)\n"
elif [ "$GOOGL_VER_2D" = "$CHD_LTST_2D" ]; then elif [ "$GOOGL_VER_2D" = "$CHD_LTST_2D" ]; then
echo "No need to upgrade Chromedriver" echo "No need to upgrade Chromedriver"
printf "Current version: ${Green} $CHD_VER_2D ${Color_Off}\n" printf "Current version: "
printwc "$Green" "$CHD_VER_2D\n"
fi fi
else else
printf "${Yellow} -> No Google Chrome versión to match, leaving untouched.${Color_Off}\n" printwc "${Yellow}" " -> No Google Chrome versión to match, leaving untouched.\n"
fi fi
} }
check_lst_cd() { check_lst_cd() {
printf "${Purple}Checking for the latest Chromedriver${Color_Off}\n" printwc "${Purple}" "Checking for the latest Chromedriver\n"
if [ -f $CHDB ]; then if [ -f "$CHDB" ]; then
printf "Current installed Chromedriver: ${Yellow} $CHD_VER_2D ${Color_Off}\n" printf "Current installed Chromedriver: "
printf "Current installed Google Chrome: ${Green} $GOOGL_VER_2D ${Color_Off}\n" printwc "${Yellow}" "$CHD_VER_2D\n"
printf "Current installed Google Chrome: "
printwc "${Green}" "$GOOGL_VER_2D\n"
upgrade_cd upgrade_cd
else else
printf "${Yellow} -> Seems there is no Chromedriver installed${Color_Off}\n" printwc "${Yellow}" " -> Seems there is no Chromedriver installed\n"
fi fi
} }
printf "${Blue}Update & upgrade Jitsi and components${Color_Off}\n" printwc "${Blue}" "Update & upgrade Jitsi and components\n"
if [ -f $apt_repo/jitsi-unstable.list ]; then if [ -f "$apt_repo"/jitsi-unstable.list ]; then
update_jitsi_repo unstable update_jitsi_repo unstable
update_google_repo update_google_repo
check_lst_cd check_lst_cd
elif [ -f $apt_repo/jitsi-stable.list ]; then elif [ -f "$apt_repo"/jitsi-stable.list ]; then
update_jitsi_repo stable update_jitsi_repo stable
update_google_repo update_google_repo
check_lst_cd check_lst_cd
@ -144,35 +152,33 @@ if [ -f "$INT_CONF_ETC" ]; then
echo "Static interface_config.js exists, skipping modification..." echo "Static interface_config.js exists, skipping modification..."
else else
echo "This setup doesn't have a static interface_config.js, checking changes..." echo "This setup doesn't have a static interface_config.js, checking changes..."
printf "${Purple}========== Setting Static Avatar ==========${Color_Off}\n" printwc "${Purple}" "========== Setting Static Avatar ==========\n"
if [[ -z "$AVATAR" ]]; then if [[ -z "$AVATAR" ]]; then
echo "Moving on..." echo "Moving on..."
else else
echo "Setting Static Avatar" echo "Setting Static Avatar"
sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'http://$DOMAIN/avatar/\'|" $INT_CONF sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'http://$DOMAIN/avatar/\'|" "$INT_CONF"
sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" $INT_CONF sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" "$INT_CONF"
fi fi
printf "${Purple}========== Setting Support Link ==========${Color_Off}\n" printwc "${Purple}" "========== Setting Support Link ==========\n"
if [[ -z $support ]]; then if [[ -z "$support" ]]; then
echo "Moving on..." echo "Moving on..."
else else
echo "Setting Support custom link" echo "Setting Support custom link"
sed -i "s|https://jitsi.org/live|$support|g" $INT_CONF sed -i "s|https://jitsi.org/live|$support|g" "$INT_CONF"
fi fi
printf "${Purple}========== Disable Blur my background ==========${Color_Off}\n" printwc "${Purple}" "========== Disable Blur my background ==========\n"
sed -i "s|'videobackgroundblur', ||" $INT_CONF sed -i "s|'videobackgroundblur', ||" "$INT_CONF"
fi fi
if [ "$NC_DOMAIN" != "TBD" ]; then if [ "$NC_DOMAIN" != "TBD" ]; then
printf "${Purple}========== Enable $NC_DOMAIN for sync client ==========${Color_Off}\n" printwc "${Purple}" "========== Enable $NC_DOMAIN for sync client ==========\n"
if [ -z "$PREAD_PROXY" ]; then if [ -z "$PREAD_PROXY" ]; then
echo " printf "\n Setting up Nextcloud domain on Jitsi Meet turn proxy\n\n"
Setting up Nextcloud domain on Jitsi Meet turn proxy sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" "$JITSI_MEET_PROXY"
" sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" $JITSI_MEET_PROXY sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" $JITSI_MEET_PROXY sed -i "/server {/i \ \ }" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" $JITSI_MEET_PROXY
sed -i "/server {/i \ \ }" $JITSI_MEET_PROXY
else else
echo "$NC_DOMAIN seems to be on place, skipping..." echo "$NC_DOMAIN seems to be on place, skipping..."
fi fi
@ -183,6 +189,6 @@ restart_services
# Brandless mode # # Brandless mode #
######################################################################## ########################################################################
if [ "$ENABLE_BLESSM" = "on" ]; then if [ "$ENABLE_BLESSM" = "on" ]; then
bash $PWD/jm-bm.sh bash "$PWD"/jm-bm.sh
fi fi
printf "${Blue}Script completed \o/! ${Color_Off}\n" printwc "${Blue}" "Script completed \o/!\n"

View File

@ -4,7 +4,7 @@
# SwITNet Ltd © - 2021, https://switnet.net/ # SwITNet Ltd © - 2021, https://switnet.net/
# GNU GPLv3 or later. # GNU GPLv3 or later.
DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')" DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
CSS_FILE="/usr/share/jitsi-meet/css/all.css" CSS_FILE="/usr/share/jitsi-meet/css/all.css"
TITLE_FILE="/usr/share/jitsi-meet/title.html" TITLE_FILE="/usr/share/jitsi-meet/title.html"
INT_CONF="/usr/share/jitsi-meet/interface_config.js" INT_CONF="/usr/share/jitsi-meet/interface_config.js"
@ -21,7 +21,7 @@ MOVILE_APP_NAME="Jitsi Meet"
PART_USER="Participant" PART_USER="Participant"
LOCAL_USER="me" LOCAL_USER="me"
# #
SEC_ROOM="TBD" #SEC_ROOM="TBD"
echo ' echo '
#-------------------------------------------------- #--------------------------------------------------
# Applying Brandless mode # Applying Brandless mode
@ -53,7 +53,7 @@ sed -i "s|jitsilogo.png|watermark2.png|g" "$TITLE_FILE"
sed -i "s|logo-deep-linking.png|watermark2.png|g" "$BUNDLE_JS" sed -i "s|logo-deep-linking.png|watermark2.png|g" "$BUNDLE_JS"
sed -i "s|jitsiLogo_square.png|gnome_record.png|g" "$BUNDLE_JS" sed -i "s|jitsiLogo_square.png|gnome_record.png|g" "$BUNDLE_JS"
#Disable logo and url #Disable logo and url
if [ -z "$(grep -nr ".leftwatermark{display:none" "$CSS_FILE")" ]; then if ! grep -nr ".leftwatermark{display:none" "$CSS_FILE" ; then
sed -i "s|.leftwatermark{|.leftwatermark{display:none;|" "$CSS_FILE" sed -i "s|.leftwatermark{|.leftwatermark{display:none;|" "$CSS_FILE"
fi fi

View File

@ -16,12 +16,12 @@ if [ "$MODE" = "debug" ]; then
set -x set -x
fi fi
if ! [ $(id -u) = 0 ]; then if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!" echo "You need to be root or have sudo privileges!"
exit 0 exit 0
fi fi
exit_if_not_installed() { exit_if_not_installed() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" != "1" ]; then if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" != "1" ]; then
echo " This instance doesn't have $1 installed, exiting..." echo " This instance doesn't have $1 installed, exiting..."
echo " If you think this is an error, please report to: echo " If you think this is an error, please report to:
-> https://github.com/switnet-ltd/quick-jibri-installer/issues " -> https://github.com/switnet-ltd/quick-jibri-installer/issues "
@ -38,14 +38,14 @@ echo -e '\n
exit_if_not_installed jitsi-meet exit_if_not_installed jitsi-meet
DISTRO_RELEASE="$(lsb_release -sc)" DISTRO_RELEASE="$(lsb_release -sc)"
DOMAIN="$(ls /etc/prosody/conf.d/ | awk -F'.cfg' '!/localhost/{print $1}' | awk '!NF || !seen[$0]++')" DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
PHP_REPO="$(apt-cache policy | awk '/http/&&/php/{print$2}' | awk -F "/" 'NR==1{print$5}')" PHP_REPO="$(apt-cache policy | awk '/http/&&/php/{print$2}' | awk -F "/" 'NR==1{print$5}')"
PHPVER="7.4" PHPVER="7.4"
PSGVER="$(apt-cache madison postgresql|awk -F'[ +]' 'NR==1{print $3}')" PSGVER="$(apt-cache madison postgresql|awk -F'[ +]' 'NR==1{print $3}')"
PHP_FPM_DIR="/etc/php/$PHPVER/fpm" PHP_FPM_DIR="/etc/php/$PHPVER/fpm"
PHP_INI="$PHP_FPM_DIR/php.ini" PHP_INI="$PHP_FPM_DIR/php.ini"
PHP_CONF="/etc/php/$PHPVER/fpm/pool.d/www.conf" PHP_CONF="/etc/php/$PHPVER/fpm/pool.d/www.conf"
NC_NGINX_SSL_PORT="$(grep "listen 44" /etc/nginx/sites-available/$DOMAIN.conf | awk '{print$2}')" NC_NGINX_SSL_PORT="$(grep "listen 44" /etc/nginx/sites-available/"$DOMAIN".conf | awk '{print$2}')"
NC_REPO="https://download.nextcloud.com/server/releases" NC_REPO="https://download.nextcloud.com/server/releases"
NCVERSION="$(curl -s -m 900 $NC_REPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)" NCVERSION="$(curl -s -m 900 $NC_REPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)"
STABLEVERSION="nextcloud-$NCVERSION" STABLEVERSION="nextcloud-$NCVERSION"
@ -62,10 +62,11 @@ PREAD_PROXY=$(grep -nr "preread_server_name" $JITSI_MEET_PROXY | cut -d ":" -f1)
fi fi
PUBLIC_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)" PUBLIC_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)"
ISO3166_CODE=TBD ISO3166_CODE=TBD
NL="$(echo -e '\n> ')"
while [[ "$ANS_NCD" != "yes" ]] while [[ "$ANS_NCD" != "yes" ]]
do do
read -p "> Please set your domain (or subdomain) here for Nextcloud: (e.g.: cloud.domain.com)"$'\n' -r NC_DOMAIN read -p "> Please set your domain (or subdomain) here for Nextcloud: (e.g.: cloud.domain.com)$NL" -r NC_DOMAIN
if [ -z "$NC_DOMAIN" ];then if [ -z "$NC_DOMAIN" ];then
echo "-- This field is mandatory." echo "-- This field is mandatory."
elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then elif [ "$NC_DOMAIN" = "$DOMAIN" ]; then
@ -79,13 +80,12 @@ do
fi fi
done done
#Simple DNS test #Simple DNS test
if [ "$PUBLIC_IP" = "$(dig -4 +short $NC_DOMAIN|awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then if [ "$PUBLIC_IP" = "$(dig -4 +short "$NC_DOMAIN"|awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then
echo "Server public IP & DNS record for $NC_DOMAIN seems to match, continuing... echo -e "Server public IP & DNS record for $NC_DOMAIN seems to match, continuing...\n\n"
"
else else
echo "Server public IP ($PUBLIC_IP) & DNS record for $NC_DOMAIN don't seem to match." echo "Server public IP ($PUBLIC_IP) & DNS record for $NC_DOMAIN don't seem to match."
echo " > Please check your dns records are applied and updated, otherwise Nextcloud may fail." echo " > Please check your dns records are applied and updated, otherwise Nextcloud may fail."
read -p " > Do you want to continue?: (yes or no)"$'\n' -r DNS_CONTINUE read -p " > Do you want to continue?: (yes or no)$NL" -r DNS_CONTINUE
if [ "$DNS_CONTINUE" = "yes" ]; then if [ "$DNS_CONTINUE" = "yes" ]; then
echo " - We'll continue anyway..." echo " - We'll continue anyway..."
else else
@ -114,7 +114,7 @@ while [[ "$ENABLE_HSTS" != "yes" && "$ENABLE_HSTS" != "no" ]]
do do
read -p "> Do you want to enable HSTS for this domain?: (yes or no) read -p "> Do you want to enable HSTS for this domain?: (yes or no)
Be aware this option apply mid-term effects on the domain, choose \"no\" Be aware this option apply mid-term effects on the domain, choose \"no\"
in case you don't know what you are doing. More at https://hstspreload.org/"$'\n' -r ENABLE_HSTS in case you don't know what you are doing. More at https://hstspreload.org/$NL" -r ENABLE_HSTS
if [ "$ENABLE_HSTS" = "no" ]; then if [ "$ENABLE_HSTS" = "no" ]; then
echo "-- HSTS won't be enabled." echo "-- HSTS won't be enabled."
elif [ "$ENABLE_HSTS" = "yes" ]; then elif [ "$ENABLE_HSTS" = "yes" ]; then
@ -129,7 +129,7 @@ while [ ${#ISO3166_CODE} -gt 2 ];
do do
echo -e "Some examples might be: Germany > DE | Mexico > MX | Spain > ES | USA > US\n echo -e "Some examples might be: Germany > DE | Mexico > MX | Spain > ES | USA > US\n
Do you want to set such code for your installation?" && \ Do you want to set such code for your installation?" && \
read -p "Leave empty if you don't want to set any: "$'\n' ISO3166_CODE read -p "Leave empty if you don't want to set any: " -r ISO3166_CODE
if [ ${#ISO3166_CODE} -gt 2 ]; then if [ ${#ISO3166_CODE} -gt 2 ]; then
echo -e "\n-- This code is only 2 characters long, please check your input.\n" echo -e "\n-- This code is only 2 characters long, please check your input.\n"
fi fi
@ -137,7 +137,7 @@ done
echo -e "\n# Check for jitsi-meet/jibri\n" echo -e "\n# Check for jitsi-meet/jibri\n"
if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ] || \ if [ "$(dpkg-query -W -f='${Status}' jibri 2>/dev/null | grep -c "ok installed")" == "1" ] || \
[ -f /etc/prosody/conf.d/$DOMAIN.conf ]; then [ -f /etc/prosody/conf.d/"$DOMAIN".conf ]; then
echo "jitsi meet/jibri is installed, checking version:" echo "jitsi meet/jibri is installed, checking version:"
apt-show-versions jibri apt-show-versions jibri
else else
@ -146,7 +146,7 @@ else
fi fi
exit_ifinstalled() { exit_ifinstalled() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " This instance already has $1 installed, exiting..." echo " This instance already has $1 installed, exiting..."
echo " If you think this is an error, please report to: echo " If you think this is an error, please report to:
-> https://github.com/switnet-ltd/quick-jibri-installer/issues " -> https://github.com/switnet-ltd/quick-jibri-installer/issues "
@ -154,11 +154,11 @@ if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" =
fi fi
} }
install_ifnot() { install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " $1 is installed, skipping..." echo " $1 is installed, skipping..."
else else
echo -e "\n---- Installing $1 ----" echo -e "\n---- Installing $1 ----"
apt-get -yq2 install $1 apt-get -yq2 install "$1"
fi fi
} }
add_php74() { add_php74() {
@ -174,46 +174,46 @@ else
fi fi
} }
#Prevent root folder permission issues #Prevent root folder permission issues
cp $PWD/files/jra-nc-app-ef.json /tmp cp "$PWD"/files/jra-nc-app-ef.json /tmp
exit_ifinstalled postgresql-$PSGVER exit_ifinstalled postgresql-"$PSGVER"
## Install software requirements ## Install software requirements
# PostgresSQL # PostgresSQL
install_ifnot postgresql-$PSGVER install_ifnot postgresql-"$PSGVER"
# PHP 7.4 # PHP 7.4
add_php74 add_php74
apt-get install -y \ apt-get install -y \
imagemagick \ imagemagick \
php$PHPVER-fpm \ php"$PHPVER"-fpm \
php$PHPVER-bcmath \ php"$PHPVER"-bcmath \
php$PHPVER-bz2 \ php"$PHPVER"-bz2 \
php$PHPVER-curl \ php"$PHPVER"-curl \
php$PHPVER-gd \ php"$PHPVER"-gd \
php$PHPVER-gmp \ php"$PHPVER"-gmp \
php$PHPVER-imagick \ php"$PHPVER"-imagick \
php$PHPVER-intl \ php"$PHPVER"-intl \
php$PHPVER-json \ php"$PHPVER"-json \
php$PHPVER-ldap \ php"$PHPVER"-ldap \
php$PHPVER-mbstring \ php"$PHPVER"-mbstring \
php$PHPVER-pgsql \ php"$PHPVER"-pgsql \
php$PHPVER-redis \ php"$PHPVER"-redis \
php$PHPVER-soap \ php"$PHPVER"-soap \
php$PHPVER-xml \ php"$PHPVER"-xml \
php$PHPVER-xmlrpc \ php"$PHPVER"-xmlrpc \
php$PHPVER-zip \ php"$PHPVER"-zip \
redis-server \ redis-server \
unzip unzip
#System related #System related
install_ifnot smbclient install_ifnot smbclient
sed -i "s|.*env\[HOSTNAME\].*|env\[HOSTNAME\] = \$HOSTNAME|" $PHP_CONF sed -i "s|.*env\[HOSTNAME\].*|env\[HOSTNAME\] = \$HOSTNAME|" "$PHP_CONF"
sed -i "s|.*env\[PATH\].*|env\[PATH\] = /usr/local/bin:/usr/bin:/bin|" $PHP_CONF sed -i "s|.*env\[PATH\].*|env\[PATH\] = /usr/local/bin:/usr/bin:/bin|" "$PHP_CONF"
sed -i "s|.*env\[TMP\].*|env\[TMP\] = /tmp|" $PHP_CONF sed -i "s|.*env\[TMP\].*|env\[TMP\] = /tmp|" "$PHP_CONF"
sed -i "s|.*env\[TMPDIR\].*|env\[TMPDIR\] = /tmp|" $PHP_CONF sed -i "s|.*env\[TMPDIR\].*|env\[TMPDIR\] = /tmp|" "$PHP_CONF"
sed -i "s|.*env\[TEMP\].*|env\[TEMP\] = /tmp|" $PHP_CONF sed -i "s|.*env\[TEMP\].*|env\[TEMP\] = /tmp|" "$PHP_CONF"
sed -i "s|;clear_env = no|clear_env = no|" $PHP_CONF sed -i "s|;clear_env = no|clear_env = no|" "$PHP_CONF"
echo " echo "
Tunning PHP.ini... Tunning PHP.ini...
@ -244,14 +244,14 @@ echo "opcache.revalidate_freq=1"
echo "opcache.validate_timestamps=1" echo "opcache.validate_timestamps=1"
} >> "$PHP_INI" } >> "$PHP_INI"
systemctl restart php$PHPVER-fpm.service systemctl restart php"$PHPVER"-fpm.service
#-------------------------------------------------- #--------------------------------------------------
# Create DB user # Create DB user
#-------------------------------------------------- #--------------------------------------------------
echo -e "\n---- Creating the PgSQL DB & User ----" echo -e "\n---- Creating the PgSQL DB & User ----"
cd /tmp cd /tmp || exit
sudo -u postgres psql <<DB sudo -u postgres psql <<DB
CREATE DATABASE nextcloud_db; CREATE DATABASE nextcloud_db;
CREATE USER ${NC_DB_USER} WITH ENCRYPTED PASSWORD '${NC_DB_PASSWD}'; CREATE USER ${NC_DB_USER} WITH ENCRYPTED PASSWORD '${NC_DB_PASSWD}';
@ -261,7 +261,7 @@ echo "Done!
" "
#nginx - configuration #nginx - configuration
cat << NC_NGINX > $NC_NGINX_CONF cat << NC_NGINX > "$NC_NGINX_CONF"
#nextcloud config #nextcloud config
upstream php-handler { upstream php-handler {
#server 127.0.0.1:9000; #server 127.0.0.1:9000;
@ -417,9 +417,9 @@ server {
} }
NC_NGINX NC_NGINX
systemctl stop nginx systemctl stop nginx
letsencrypt certonly --standalone --renew-by-default --agree-tos -d $NC_DOMAIN letsencrypt certonly --standalone --renew-by-default --agree-tos -d "$NC_DOMAIN"
if [ -f /etc/letsencrypt/live/$NC_DOMAIN/fullchain.pem ];then if [ -f /etc/letsencrypt/live/"$NC_DOMAIN"/fullchain.pem ];then
ln -s $NC_NGINX_CONF /etc/nginx/sites-available/ ln -s "$NC_NGINX_CONF" /etc/nginx/sites-available/
else else
echo "There are issues on getting the SSL certs..." echo "There are issues on getting the SSL certs..."
read -n 1 -s -r -p "Press any key to continue" read -n 1 -s -r -p "Press any key to continue"
@ -428,34 +428,34 @@ nginx -t
systemctl restart nginx systemctl restart nginx
if [ "$ENABLE_HSTS" = "yes" ]; then if [ "$ENABLE_HSTS" = "yes" ]; then
sed -i "s|#add_header Strict-Transport-Security|add_header Strict-Transport-Security|g" $NC_NGINX_CONF sed -i "s|#add_header Strict-Transport-Security|add_header Strict-Transport-Security|g" "$NC_NGINX_CONF"
fi fi
if [ ! -z "$PREAD_PROXY" ]; then if [ -n "$PREAD_PROXY" ]; then
echo " echo "
Setting up Nextcloud domain on Jitsi Meet turn proxy Setting up Nextcloud domain on Jitsi Meet turn proxy
" "
sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" $JITSI_MEET_PROXY sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" $JITSI_MEET_PROXY sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" $JITSI_MEET_PROXY sed -i "/server {/i \ \ \ \ \ \ $NC_DOMAIN web;" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ }" $JITSI_MEET_PROXY sed -i "/server {/i \ \ }" "$JITSI_MEET_PROXY"
fi fi
echo " echo "
Latest version to be installed: $STABLEVERSION Latest version to be installed: $STABLEVERSION
(This might take sometime, please be patient...) (This might take sometime, please be patient...)
" "
curl -s $NC_REPO/$STABLEVERSION.zip > /tmp/$STABLEVERSION.zip curl -s "$NC_REPO"/"$STABLEVERSION".zip > /tmp/"$STABLEVERSION".zip
unzip -q /tmp/$STABLEVERSION.zip unzip -q /tmp/"$STABLEVERSION".zip
mv nextcloud $NC_PATH mv nextcloud "$NC_PATH"
chown -R www-data:www-data $NC_PATH chown -R www-data:www-data "$NC_PATH"
chmod -R 755 $NC_PATH chmod -R 755 "$NC_PATH"
echo " echo "
Database installation... Database installation...
" "
sudo -u www-data php $NC_PATH/occ maintenance:install \ sudo -u www-data php "$NC_PATH"/occ maintenance:install \
--database=pgsql \ --database=pgsql \
--database-name="$NC_DB" \ --database-name="$NC_DB" \
--database-user="$NC_DB_USER" \ --database-user="$NC_DB_USER" \
@ -466,10 +466,10 @@ sudo -u www-data php $NC_PATH/occ maintenance:install \
echo " echo "
Apply custom mods... Apply custom mods...
" "
sed -i "/datadirectory/a \ \ \'skeletondirectory\' => \'\'," $NC_CONFIG sed -i "/datadirectory/a \ \ \'skeletondirectory\' => \'\'," "$NC_CONFIG"
sed -i "/skeletondirectory/a \ \ \'simpleSignUpLink.shown\' => false," $NC_CONFIG sed -i "/skeletondirectory/a \ \ \'simpleSignUpLink.shown\' => false," "$NC_CONFIG"
sed -i "/simpleSignUpLink.shown/a \ \ \'knowledgebaseenabled\' => false," $NC_CONFIG sed -i "/simpleSignUpLink.shown/a \ \ \'knowledgebaseenabled\' => false," "$NC_CONFIG"
sed -i "s|http://localhost|http://$NC_DOMAIN|" $NC_CONFIG sed -i "s|http://localhost|http://$NC_DOMAIN|" "$NC_CONFIG"
echo "Add crontab..." echo "Add crontab..."
crontab -u www-data -l | { cat; echo "*/5 * * * * php -f $NC_PATH/cron.php"; } | crontab -u www-data - crontab -u www-data -l | { cat; echo "*/5 * * * * php -f $NC_PATH/cron.php"; } | crontab -u www-data -
@ -477,54 +477,54 @@ crontab -u www-data -l | { cat; echo "*/5 * * * * php -f $NC_PATH/cron.php";
echo " echo "
Add memcache support... Add memcache support...
" "
sed -i "s|# unixsocket .*|unixsocket /var/run/redis/redis.sock|g" $REDIS_CONF sed -i "s|# unixsocket .*|unixsocket /var/run/redis/redis.sock|g" "$REDIS_CONF"
sed -i "s|# unixsocketperm .*|unixsocketperm 777|g" $REDIS_CONF sed -i "s|# unixsocketperm .*|unixsocketperm 777|g" "$REDIS_CONF"
sed -i "s|port 6379|port 0|" $REDIS_CONF sed -i "s|port 6379|port 0|" "$REDIS_CONF"
systemctl restart redis-server systemctl restart redis-server
echo "--> Setting config.php..." echo "--> Setting config.php..."
if [ ! -z "$ISO3166_CODE" ]; then if [ -n "$ISO3166_CODE" ]; then
sed -i "/);/i \ \ 'default_phone_region' => '$ISO3166_CODE'," $NC_CONFIG sed -i "/);/i \ \ 'default_phone_region' => '$ISO3166_CODE'," "$NC_CONFIG"
fi fi
sed -i "/);/i \ \ 'filelocking.enabled' => 'true'," $NC_CONFIG sed -i "/);/i \ \ 'filelocking.enabled' => 'true'," "$NC_CONFIG"
sed -i "/);/i \ \ 'memcache.locking' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG sed -i "/);/i \ \ 'memcache.locking' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG"
sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG"
sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG sed -i "/);/i \ \ 'memcache.local' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG"
sed -i "/);/i \ \ 'memcache.distributed' => '\\\OC\\\Memcache\\\Redis'," $NC_CONFIG sed -i "/);/i \ \ 'memcache.distributed' => '\\\OC\\\Memcache\\\Redis'," "$NC_CONFIG"
sed -i "/);/i \ \ 'redis' =>" $NC_CONFIG sed -i "/);/i \ \ 'redis' =>" "$NC_CONFIG"
sed -i "/);/i \ \ \ \ array (" $NC_CONFIG sed -i "/);/i \ \ \ \ array (" "$NC_CONFIG"
sed -i "/);/i \ \ \ \ \ 'host' => '/var/run/redis/redis.sock'," $NC_CONFIG sed -i "/);/i \ \ \ \ \ 'host' => '/var/run/redis/redis.sock'," "$NC_CONFIG"
sed -i "/);/i \ \ \ \ \ 'port' => 0," $NC_CONFIG sed -i "/);/i \ \ \ \ \ 'port' => 0," "$NC_CONFIG"
sed -i "/);/i \ \ \ \ \ 'timeout' => 0," $NC_CONFIG sed -i "/);/i \ \ \ \ \ 'timeout' => 0," "$NC_CONFIG"
sed -i "/);/i \ \ )," $NC_CONFIG sed -i "/);/i \ \ )," "$NC_CONFIG"
echo "Done echo "Done
" "
echo " echo "
Addding & Setting up Files External App for Local storage... Addding & Setting up Files External App for Local storage...
" "
sudo -u www-data php $NC_PATH/occ app:install files_external sudo -u www-data php "$NC_PATH"/occ app:install files_external
sudo -u www-data php $NC_PATH/occ app:enable files_external sudo -u www-data php "$NC_PATH"/occ app:enable files_external
sudo -u www-data php $NC_PATH/occ app:disable support sudo -u www-data php "$NC_PATH"/occ app:disable support
sudo -u www-data php $NC_PATH/occ files_external:import /tmp/jra-nc-app-ef.json sudo -u www-data php "$NC_PATH"/occ files_external:import /tmp/jra-nc-app-ef.json
usermod -a -G jibri www-data usermod -a -G jibri www-data
chmod -R 770 $DIR_RECORD chmod -R 770 "$DIR_RECORD"
chmod -R g+s $DIR_RECORD chmod -R g+s "$DIR_RECORD"
echo " echo "
Fixing possible missing tables... Fixing possible missing tables...
" "
echo "y"|sudo -u www-data php $NC_PATH/occ db:convert-filecache-bigint echo "y"|sudo -u www-data php "$NC_PATH"/occ db:convert-filecache-bigint
sudo -u www-data php $NC_PATH/occ db:add-missing-indices sudo -u www-data php "$NC_PATH"/occ db:add-missing-indices
sudo -u www-data php $NC_PATH/occ db:add-missing-columns sudo -u www-data php "$NC_PATH"/occ db:add-missing-columns
echo " echo "
Adding trusted domain... Adding trusted domain...
" "
sudo -u www-data php $NC_PATH/occ config:system:set trusted_domains 0 --value=$NC_DOMAIN sudo -u www-data php "$NC_PATH"/occ config:system:set trusted_domains 0 --value="$NC_DOMAIN"
echo "Setting JRA domain on jitsi-updater.sh" echo "Setting JRA domain on jitsi-updater.sh"
cd ~/quick-jibri-installer cd ~/quick-jibri-installer || exit
sed -i "s|NC_DOMAIN=.*|NC_DOMAIN=\"$NC_DOMAIN\"|" jitsi-updater.sh sed -i "s|NC_DOMAIN=.*|NC_DOMAIN=\"$NC_DOMAIN\"|" jitsi-updater.sh
echo "Quick Nextcloud installation complete!" echo "Quick Nextcloud installation complete!"

View File

@ -26,12 +26,12 @@ NGINX=$(dpkg-query -W -f='${Status}' nginx 2>/dev/null | grep -c "ok installed")
DIST=$(lsb_release -sc) DIST=$(lsb_release -sc)
GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list" GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list"
GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}') GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}')
PROSODY_REPO=$(apt-cache policy | awk '/prosody/{print$3}' | awk -F "/" 'NR==1{print$2}') PROSODY_REPO="$(apt-cache policy | awk '/prosody/{print$3}' | awk -F "/" 'NR==1{print$2}')"
PUBLIC_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)" PUBLIC_IP="$(dig +short myip.opendns.com @resolver1.opendns.com)"
CR=`echo $'\n> '` NL="$(echo -e '\n> ')"
exit_ifinstalled() { exit_ifinstalled() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " echo "
This instance already has $1 installed, exiting... This instance already has $1 installed, exiting...
Please try again on a clean system. Please try again on a clean system.
@ -53,11 +53,11 @@ rename_distro etiona bionic
rename_distro nabia focal rename_distro nabia focal
install_ifnot() { install_ifnot() {
if [ "$(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed")" == "1" ]; then if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo " $1 is installed, skipping..." echo " $1 is installed, skipping..."
else else
echo -e "\n---- Installing $1 ----" echo -e "\n---- Installing $1 ----"
apt-get -yq2 install $1 apt-get -yq2 install "$1"
fi fi
} }
check_serv() { check_serv() {
@ -96,16 +96,16 @@ else
#-----------------------------------------------------------------------" #-----------------------------------------------------------------------"
#Test tool #Test tool
if [ "$MODE" = "debug" ]; then if [ "$MODE" = "debug" ]; then
bash $PWD/tools/test-jibri-env.sh -m debug bash "$PWD"/tools/test-jibri-env.sh -m debug
else else
bash $PWD/tools/test-jibri-env.sh bash "$PWD"/tools/test-jibri-env.sh
fi fi
read -n 1 -s -r -p "Press any key to continue..."$'\n' read -n 1 -s -r -p "Press any key to continue..."$'\n'
fi fi
} }
# sed limiters for add-jibri-node.sh variables # sed limiters for add-jibri-node.sh variables
var_dlim() { var_dlim() {
grep -n $1 add-jibri-node.sh|head -n1|cut -d ":" -f1 grep -n "$1" add-jibri-node.sh|head -n1|cut -d ":" -f1
} }
add_prosody_repo() { add_prosody_repo() {
echo "Add Prosody repo" echo "Add Prosody repo"
@ -117,7 +117,7 @@ else
fi fi
} }
dpkg-compare() { dpkg-compare() {
dpkg --compare-versions $(dpkg-query -f='${Version}' --show $1) $2 $3 dpkg --compare-versions "$(dpkg-query -f='${Version}' --show "$1")" "$2" "$3"
} }
wait_seconds() { wait_seconds() {
secs=$(($1)) secs=$(($1))
@ -148,7 +148,7 @@ Wiki and documentation: https://github.com/switnet-ltd/quick-jibri-installer/wik
read -n 1 -s -r -p "Press any key to continue..."$'\n' read -n 1 -s -r -p "Press any key to continue..."$'\n'
#Check if user is root #Check if user is root
if ! [ $(id -u) = 0 ]; then if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!" echo "You need to be root or have sudo privileges!"
exit 0 exit 0
fi fi
@ -188,8 +188,8 @@ else
CPU_MIN="Y" CPU_MIN="Y"
fi fi
### Test RAM size (8GB min) ### ### Test RAM size (8GB min) ###
mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+') mem_available="$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+')"
if [ ${mem_available} -lt 7700000 ]; then if [ "$mem_available" -lt 7700000 ]; then
echo " echo "
Warning!: The system do not meet the minimum RAM requirements for Jibri to run. Warning!: The system do not meet the minimum RAM requirements for Jibri to run.
>> We recommend 8GB RAM for Jibri! >> We recommend 8GB RAM for Jibri!
@ -209,7 +209,7 @@ else
echo "Even when you can use the videoconferencing sessions, we advice to increase the resources in order to user Jibri." echo "Even when you can use the videoconferencing sessions, we advice to increase the resources in order to user Jibri."
while [[ "$CONTINUE_LOW_RES" != "yes" && "$CONTINUE_LOW_RES" != "no" ]] while [[ "$CONTINUE_LOW_RES" != "yes" && "$CONTINUE_LOW_RES" != "no" ]]
do do
read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_LOW_RES read -p "> Do you want to continue?: (yes or no)$NL" -r CONTINUE_LOW_RES
if [ "$CONTINUE_LOW_RES" = "no" ]; then if [ "$CONTINUE_LOW_RES" = "no" ]; then
echo "See you next time with more resources!..." echo "See you next time with more resources!..."
exit exit
@ -240,7 +240,7 @@ So you can add a Jibri server on a instance with enough resources.\n"
while [[ "$DISABLE_LOCAL_JIBRI" != "yes" && "$DISABLE_LOCAL_JIBRI" != "no" ]] while [[ "$DISABLE_LOCAL_JIBRI" != "yes" && "$DISABLE_LOCAL_JIBRI" != "no" ]]
do do
read -p "> Do you want to disable local jibri service?: (yes or no)"$'\n' -r DISABLE_LOCAL_JIBRI read -p "> Do you want to disable local jibri service?: (yes or no)$NL" -r DISABLE_LOCAL_JIBRI
if [ "$DISABLE_LOCAL_JIBRI" = "no" ]; then if [ "$DISABLE_LOCAL_JIBRI" = "no" ]; then
echo -e "Please keep in mind that we might not support underpowered servers.\n" echo -e "Please keep in mind that we might not support underpowered servers.\n"
elif [ "$DISABLE_LOCAL_JIBRI" = "yes" ]; then elif [ "$DISABLE_LOCAL_JIBRI" = "yes" ]; then
@ -254,10 +254,10 @@ echo "Checking system oriented purpose....
" "
apt-get -yq2 update apt-get -yq2 update
SYSTEM_DE="$(apt-cache search "ubuntu-(desktop|mate-desktop)"|awk '{print$1}'|xargs|sed 's|$| trisquel triskel trisquel-mini|')" SYSTEM_DE="$(apt-cache search "ubuntu-(desktop|mate-desktop)"|awk '{print$1}'|xargs|sed 's|$| trisquel triskel trisquel-mini|')"
SYSTEM_DE_ARRAY=( $SYSTEM_DE ) SYSTEM_DE_ARRAY=( "$SYSTEM_DE" )
for de in "${SYSTEM_DE_ARRAY[@]}" for de in "${SYSTEM_DE_ARRAY[@]}"
do do
if [ "$(dpkg-query -W -f='${Status}' $de 2>/dev/null | grep -c "ok installed")" == "1" ]; then if [ "$(dpkg-query -W -f='${Status}' "$de" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo -e "\n > This instance has $de installed, exiting... echo -e "\n > This instance has $de installed, exiting...
\nPlease avoid using this installer on a desktop-user oriented GNU/Linux system. \nPlease avoid using this installer on a desktop-user oriented GNU/Linux system.
This is an unsupported use, as it will likely BREAK YOUR SYSTEM, so please don't." This is an unsupported use, as it will likely BREAK YOUR SYSTEM, so please don't."
@ -282,8 +282,8 @@ fi
#Default to LE SSL? #Default to LE SSL?
while [[ "$LE_SSL" != "yes" && "$LE_SSL" != "no" ]] while [[ "$LE_SSL" != "yes" && "$LE_SSL" != "no" ]]
do do
read -p "> Do you plan to use Let's Encrypt SSL certs?: (yes or no)"$'\n' -r LE_SSL read -p "> Do you plan to use Let's Encrypt SSL certs?: (yes or no)$NL" -r LE_SSL
if [ $LE_SSL = yes ]; then if [ "$LE_SSL" = yes ]; then
echo "We'll default to Let's Encrypt SSL certs." echo "We'll default to Let's Encrypt SSL certs."
else else
echo "We'll let you choose later on for it. echo "We'll let you choose later on for it.
@ -294,8 +294,8 @@ done
if [ "$LE_SSL" = "yes" ]; then if [ "$LE_SSL" = "yes" ]; then
while [[ "$ANS_JD" != "yes" ]] while [[ "$ANS_JD" != "yes" ]]
do do
read -p "> Please set your domain (or subdomain) here: (e.g.: jitsi.domain.com)"$'\n' -r JITSI_DOMAIN read -p "> Please set your domain (or subdomain) here: (e.g.: jitsi.domain.com)$NL" -r JITSI_DOMAIN
read -p "> Did you mean?: $JITSI_DOMAIN (yes or no)"$'\n' -r ANS_JD read -p "> Did you mean?: $JITSI_DOMAIN (yes or no)$NL" -r ANS_JD
if [ "$ANS_JD" = "yes" ]; then if [ "$ANS_JD" = "yes" ]; then
echo "Alright, let's use $JITSI_DOMAIN." echo "Alright, let's use $JITSI_DOMAIN."
else else
@ -303,13 +303,13 @@ if [ "$LE_SSL" = "yes" ]; then
fi fi
done done
#Simple DNS test #Simple DNS test
if [ "$PUBLIC_IP" = "$(dig -4 +short $JITSI_DOMAIN||awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then if [ "$PUBLIC_IP" = "$(dig -4 +short "$JITSI_DOMAIN"||awk -v RS='([0-9]+\\.){3}[0-9]+' 'RT{print RT}')" ]; then
echo "Server public IP & DNS record for $JITSI_DOMAIN seems to match, continuing... echo "Server public IP & DNS record for $JITSI_DOMAIN seems to match, continuing...
" "
else else
echo "Server public IP ($PUBLIC_IP) & DNS record for $JITSI_DOMAIN don't seem to match." echo "Server public IP ($PUBLIC_IP) & DNS record for $JITSI_DOMAIN don't seem to match."
echo " > Please check your dns records are applied and updated, otherwise components may fail." echo " > Please check your dns records are applied and updated, otherwise components may fail."
read -p " > Do you want to continue?: (yes or no)"$'\n' -r DNS_CONTINUE read -p " > Do you want to continue?: (yes or no)$NL" -r DNS_CONTINUE
if [ "$DNS_CONTINUE" = "yes" ]; then if [ "$DNS_CONTINUE" = "yes" ]; then
echo " - We'll continue anyway..." echo " - We'll continue anyway..."
else else
@ -348,15 +348,15 @@ apt-get -y install \
fi fi
echo "# Check and Install HWE kernel if possible..." echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD=$(apt-cache madison linux-image-generic-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)") HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c "hwe-$(lsb_release -sr)")"
if [ "$HWE_VIR_MOD" = "1" ]; then if [ "$HWE_VIR_MOD" = "1" ]; then
apt-get -y install \ apt-get -y install \
linux-image-generic-hwe-$(lsb_release -sr) \ linux-image-generic-hwe-"$(lsb_release -sr)" \
linux-tools-generic-hwe-$(lsb_release -sr) linux-tools-generic-hwe-"$(lsb_release -sr)"
else else
apt-get -y install \ apt-get -y install \
linux-image-generic \ linux-image-generic \
linux-modules-extra-$(uname -r) linux-modules-extra-"$(uname -r)"
fi fi
check_serv check_serv
@ -373,7 +373,7 @@ fi
apt-get -y install \ apt-get -y install \
jitsi-meet \ jitsi-meet \
jibri \ jibri \
openjdk-8-jre-headless openjdk-11-jre-headless
# Fix RAND_load_file error # Fix RAND_load_file error
#https://github.com/openssl/openssl/issues/7754#issuecomment-444063355 #https://github.com/openssl/openssl/issues/7754#issuecomment-444063355
@ -409,7 +409,7 @@ if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then
else else
echo "Installing Google Chrome Stable" echo "Installing Google Chrome Stable"
wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add -
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee $GOOGL_REPO echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO"
fi fi
apt-get -q2 update apt-get -q2 update
apt-get install -yq2 google-chrome-stable apt-get install -yq2 google-chrome-stable
@ -419,7 +419,7 @@ if [ -f /usr/local/bin/chromedriver ]; then
echo "Chromedriver already installed." echo "Chromedriver already installed."
else else
echo "Installing Chromedriver" echo "Installing Chromedriver"
wget -q https://chromedriver.storage.googleapis.com/$CHD_LTST/chromedriver_linux64.zip \ wget -q https://chromedriver.storage.googleapis.com/"$CHD_LTST"/chromedriver_linux64.zip \
-O /tmp/chromedriver_linux64.zip -O /tmp/chromedriver_linux64.zip
unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/ unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/
chown root:root /usr/local/bin/chromedriver chown root:root /usr/local/bin/chromedriver
@ -437,13 +437,13 @@ echo "
Remove Chrome warning... Remove Chrome warning...
" "
mkdir -p /etc/opt/chrome/policies/managed mkdir -p /etc/opt/chrome/policies/managed
echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > $GCMP_JSON echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON"
## JMS system tune up ## JMS system tune up
if [ "$MODE" = "debug" ]; then if [ "$MODE" = "debug" ]; then
bash $PWD/mode/jms-stu.sh -m debug bash "$PWD"/mode/jms-stu.sh -m debug
else else
bash $PWD/mode/jms-stu.sh bash "$PWD"/mode/jms-stu.sh
fi fi
echo ' echo '
@ -452,7 +452,7 @@ echo '
######################################################################## ########################################################################
' '
# MEET / JIBRI SETUP # MEET / JIBRI SETUP
DOMAIN="$(find /etc/prosody/conf.d/ -name *.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)" DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua|awk -F'.cfg' '!/localhost/{print $1}'|xargs basename)"
WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf" WS_CONF="/etc/nginx/sites-available/$DOMAIN.conf"
JB_AUTH_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)" JB_AUTH_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
JB_REC_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)" JB_REC_PASS="$(tr -dc "a-zA-Z0-9#*=" < /dev/urandom | fold -w 10 | head -n1)"
@ -463,7 +463,7 @@ MEET_CONF="/etc/jitsi/meet/$DOMAIN-config.js"
JIBRI_CONF="/etc/jitsi/jibri/jibri.conf" JIBRI_CONF="/etc/jitsi/jibri/jibri.conf"
JVB2_CONF="/etc/jitsi/videobridge/config" JVB2_CONF="/etc/jitsi/videobridge/config"
JVB2_SIP="/etc/jitsi/videobridge/sip-communicator.properties" JVB2_SIP="/etc/jitsi/videobridge/sip-communicator.properties"
DIR_RECORD=/var/jbrecord DIR_RECORD="/var/jbrecord"
REC_DIR="/home/jibri/finalize_recording.sh" REC_DIR="/home/jibri/finalize_recording.sh"
JB_NAME="Jibri Sessions" JB_NAME="Jibri Sessions"
LE_RENEW_LOG="/var/log/letsencrypt/renew.log" LE_RENEW_LOG="/var/log/letsencrypt/renew.log"
@ -480,10 +480,10 @@ FQDN_HOST="fqdn"
JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf" JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf"
# Rename hostname for jitsi server # Rename hostname for jitsi server
while [[ "$FQDN_HOST" != "yes" && "$FQDN_HOST" != "no" && ! -z "$FQDN_HOST" ]] while [[ "$FQDN_HOST" != "yes" && "$FQDN_HOST" != "no" && -n "$FQDN_HOST" ]]
do do
echo -e "> Set $DOMAIN as a fqdn hostname?: (yes or no)\n" && \ echo -e "> Set $DOMAIN as a fqdn hostname?: (yes or no)\n" && \
read -p "Leave empty to default to your current one ($(hostname -f)): "$'\n' FQDN_HOST read -p "Leave empty to default to your current one ($(hostname -f)):$NL" -r FQDN_HOST
if [ "$FQDN_HOST" = "yes" ]; then if [ "$FQDN_HOST" = "yes" ]; then
echo "$DOMAIN will be used as fqdn hostname, changes will show on reboot." echo "$DOMAIN will be used as fqdn hostname, changes will show on reboot."
hostnamectl set-hostname "${DOMAIN}" hostnamectl set-hostname "${DOMAIN}"
@ -497,7 +497,7 @@ done
if [ "$LE_SSL" = "yes" ]; then if [ "$LE_SSL" = "yes" ]; then
while [[ -z $SYSADMIN_EMAIL ]] while [[ -z $SYSADMIN_EMAIL ]]
do do
read -p "Set sysadmin email (this is a mandatory field):"$'\n' -r SYSADMIN_EMAIL read -p "Set sysadmin email (this is a mandatory field):$NL" -r SYSADMIN_EMAIL
done done
fi fi
#Language #Language
@ -508,21 +508,21 @@ See here:
https://github.com/jitsi/jitsi-meet/blob/master/lang/languages.json https://github.com/jitsi/jitsi-meet/blob/master/lang/languages.json
Jitsi Meet web interface will be set to use such language." Jitsi Meet web interface will be set to use such language."
read -p "Please set your language (Press enter to default to 'en'):"$'\n' -r JB_LANG read -p "Please set your language (Press enter to default to 'en'):$NL" -r JB_LANG
echo -e "\nWe'll take a minute to localize some UI excerpts if you need.\n" echo -e "\nWe'll take a minute to localize some UI excerpts if you need.\n"
#Participant #Participant
echo -e "> Do you want to translate 'Participant' to your own language?" && \ echo -e "> Do you want to translate 'Participant' to your own language?" && \
read -p "Leave empty to use the default one (English): "$'\n' L10N_PARTICIPANT read -p "Leave empty to use the default one (English):$NL" -r L10N_PARTICIPANT
#Me #Me
echo -e "\n> Do you want to translate 'me' to your own language? echo -e "\n> Do you want to translate 'me' to your own language?
This must be a really small word to present one self. This must be a really small word to present one self.
Some suggestions might be: yo (Spanish) | je (French) | ich (German)\n" && \ Some suggestions might be: yo (Spanish) | je (French) | ich (German)\n" && \
read -p "Leave empty to use the default one (English): "$'\n' L10N_ME read -p "Leave empty to use the default one (English):$NL" -r L10N_ME
#Drop unsecure TLS #Drop unsecure TLS
while [[ "$DROP_TLS1" != "yes" && "$DROP_TLS1" != "no" ]] while [[ "$DROP_TLS1" != "yes" && "$DROP_TLS1" != "no" ]]
do do
read -p "> Do you want to drop support for unsecure protocols TLSv1.0/1.1 now: (yes or no)"$'\n' -r DROP_TLS1 read -p "> Do you want to drop support for unsecure protocols TLSv1.0/1.1 now: (yes or no)$NL" -r DROP_TLS1
if [ "$DROP_TLS1" = "no" ]; then if [ "$DROP_TLS1" = "no" ]; then
echo "TLSv1.0/1.1 will remain." echo "TLSv1.0/1.1 will remain."
elif [ "$DROP_TLS1" = "yes" ]; then elif [ "$DROP_TLS1" = "yes" ]; then
@ -542,7 +542,7 @@ done
#Brandless Mode #Brandless Mode
while [[ "$ENABLE_BLESSM" != "yes" && "$ENABLE_BLESSM" != "no" ]] while [[ "$ENABLE_BLESSM" != "yes" && "$ENABLE_BLESSM" != "no" ]]
do do
read -p "> Do you want to install customized \"brandless mode\"?: (yes or no)"$'\n' -r ENABLE_BLESSM read -p "> Do you want to install customized \"brandless mode\"?: (yes or no)$NL" -r ENABLE_BLESSM
if [ "$ENABLE_BLESSM" = "no" ]; then if [ "$ENABLE_BLESSM" = "no" ]; then
echo "Brandless mode won't be set." echo "Brandless mode won't be set."
elif [ "$ENABLE_BLESSM" = "yes" ]; then elif [ "$ENABLE_BLESSM" = "yes" ]; then
@ -552,7 +552,7 @@ done
#Welcome Page #Welcome Page
while [[ "$ENABLE_WELCP" != "yes" && "$ENABLE_WELCP" != "no" ]] while [[ "$ENABLE_WELCP" != "yes" && "$ENABLE_WELCP" != "no" ]]
do do
read -p "> Do you want to disable the Welcome page: (yes or no)"$'\n' -r ENABLE_WELCP read -p "> Do you want to disable the Welcome page: (yes or no)$NL" -r ENABLE_WELCP
if [ "$ENABLE_WELCP" = "yes" ]; then if [ "$ENABLE_WELCP" = "yes" ]; then
echo "Welcome page will be disabled." echo "Welcome page will be disabled."
elif [ "$ENABLE_WELCP" = "no" ]; then elif [ "$ENABLE_WELCP" = "no" ]; then
@ -562,7 +562,7 @@ done
#Close page #Close page
while [[ "$ENABLE_CLOCP" != "yes" && "$ENABLE_CLOCP" != "no" ]] while [[ "$ENABLE_CLOCP" != "yes" && "$ENABLE_CLOCP" != "no" ]]
do do
read -p "> Do you want to enable the close page on room exit: (yes or no)"$'\n' -r ENABLE_CLOCP read -p "> Do you want to enable the close page on room exit: (yes or no)$NL" -r ENABLE_CLOCP
if [ "$ENABLE_CLOCP" = "yes" ]; then if [ "$ENABLE_CLOCP" = "yes" ]; then
echo "Close page will be enabled." echo "Close page will be enabled."
elif [ "$ENABLE_CLOCP" = "no" ]; then elif [ "$ENABLE_CLOCP" = "no" ]; then
@ -572,7 +572,7 @@ done
#Enable static avatar #Enable static avatar
while [[ "$ENABLE_SA" != "yes" && "$ENABLE_SA" != "no" ]] while [[ "$ENABLE_SA" != "yes" && "$ENABLE_SA" != "no" ]]
do do
read -p "> (Legacy) Do you want to enable static avatar?: (yes or no)"$'\n' -r ENABLE_SA read -p "> (Legacy) Do you want to enable static avatar?: (yes or no)$NL" -r ENABLE_SA
if [ "$ENABLE_SA" = "no" ]; then if [ "$ENABLE_SA" = "no" ]; then
echo "Static avatar won't be enabled" echo "Static avatar won't be enabled"
elif [ "$ENABLE_SA" = "yes" ]; then elif [ "$ENABLE_SA" = "yes" ]; then
@ -644,7 +644,7 @@ fi
while [[ "$ENABLE_NC_ACCESS" != "yes" && "$ENABLE_NC_ACCESS" != "no" ]] while [[ "$ENABLE_NC_ACCESS" != "yes" && "$ENABLE_NC_ACCESS" != "no" ]]
do do
read -p "> Do you want to setup Jibri Records Access via Nextcloud: (yes or no) read -p "> Do you want to setup Jibri Records Access via Nextcloud: (yes or no)
( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )"$'\n' -r ENABLE_NC_ACCESS ( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )$NL" -r ENABLE_NC_ACCESS
if [ "$ENABLE_NC_ACCESS" = "no" ]; then if [ "$ENABLE_NC_ACCESS" = "no" ]; then
echo -e "-- JRA via Nextcloud won't be enabled.\n" echo -e "-- JRA via Nextcloud won't be enabled.\n"
elif [ "$ENABLE_NC_ACCESS" = "yes" ]; then elif [ "$ENABLE_NC_ACCESS" = "yes" ]; then
@ -652,15 +652,15 @@ do
fi fi
done done
#Jigasi #Jigasi
if [ "$(curl -s -o /dev/null -w "%{http_code}" $GC_SDK_REL_FILE )" == "404" ]; then if [ "$(curl -s -o /dev/null -w "%{http_code}" "$GC_SDK_REL_FILE" )" == "404" ]; then
echo "> Sorry Google SDK doesn't have support yet for $(lsb_release -sd), echo "> Sorry Google SDK doesn't have support yet for $(lsb_release -sd),
thus, Jigasi Transcript can't be enable. thus, Jigasi Transcript can't be enable.
" "
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $GC_SDK_REL_FILE )" == "200" ]; then elif [ "$(curl -s -o /dev/null -w "%{http_code}" "$GC_SDK_REL_FILE" )" == "200" ]; then
while [[ "$ENABLE_TRANSCRIPT" != "yes" && "$ENABLE_TRANSCRIPT" != "no" ]] while [[ "$ENABLE_TRANSCRIPT" != "yes" && "$ENABLE_TRANSCRIPT" != "no" ]]
do do
read -p "> Do you want to setup Jigasi Transcription: (yes or no) read -p "> Do you want to setup Jigasi Transcription: (yes or no)
( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )"$'\n' -r ENABLE_TRANSCRIPT ( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )$NL" -r ENABLE_TRANSCRIPT
if [ "$ENABLE_TRANSCRIPT" = "no" ]; then if [ "$ENABLE_TRANSCRIPT" = "no" ]; then
echo -e "-- Jigasi Transcription won't be enabled.\n" echo -e "-- Jigasi Transcription won't be enabled.\n"
elif [ "$ENABLE_TRANSCRIPT" = "yes" ]; then elif [ "$ENABLE_TRANSCRIPT" = "yes" ]; then
@ -675,7 +675,7 @@ fi
while [[ "$ENABLE_GRAFANA_DSH" != "yes" && "$ENABLE_GRAFANA_DSH" != "no" ]] while [[ "$ENABLE_GRAFANA_DSH" != "yes" && "$ENABLE_GRAFANA_DSH" != "no" ]]
do do
read -p "> Do you want to setup Grafana Dashboard: (yes or no) read -p "> Do you want to setup Grafana Dashboard: (yes or no)
( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )"$'\n' -r ENABLE_GRAFANA_DSH ( Please check requirements at: https://github.com/switnet-ltd/quick-jibri-installer )$NL" -r ENABLE_GRAFANA_DSH
if [ "$ENABLE_GRAFANA_DSH" = "no" ]; then if [ "$ENABLE_GRAFANA_DSH" = "no" ]; then
echo -e "-- Grafana Dashboard won't be enabled.\n" echo -e "-- Grafana Dashboard won't be enabled.\n"
elif [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then elif [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then
@ -685,7 +685,7 @@ done
#Docker Etherpad #Docker Etherpad
while [[ "$ENABLE_DOCKERPAD" != "yes" && "$ENABLE_DOCKERPAD" != "no" ]] while [[ "$ENABLE_DOCKERPAD" != "yes" && "$ENABLE_DOCKERPAD" != "no" ]]
do do
read -p "> Do you want to setup Docker Etherpad: (yes or no)"$'\n' -r ENABLE_DOCKERPAD read -p "> Do you want to setup Docker Etherpad: (yes or no)$NL" -r ENABLE_DOCKERPAD
if [ "$ENABLE_DOCKERPAD" = "no" ]; then if [ "$ENABLE_DOCKERPAD" = "no" ]; then
echo -e "-- Docker Etherpad won't be enabled.\n" echo -e "-- Docker Etherpad won't be enabled.\n"
elif [ "$ENABLE_DOCKERPAD" = "yes" ]; then elif [ "$ENABLE_DOCKERPAD" = "yes" ]; then
@ -701,17 +701,16 @@ echo '
JibriBrewery=JibriBrewery JibriBrewery=JibriBrewery
INT_CONF="/usr/share/jitsi-meet/interface_config.js" INT_CONF="/usr/share/jitsi-meet/interface_config.js"
INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js" INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js"
WAN_IP=$(dig +short myip.opendns.com @resolver1.opendns.com)
ssl_wa() { ssl_wa() {
if [ "$LE_SSL" = "yes" ]; then if [ "$LE_SSL" = "yes" ]; then
systemctl stop $1 systemctl stop "$1"
letsencrypt certonly --standalone --renew-by-default --agree-tos --email $5 -d $6 letsencrypt certonly --standalone --renew-by-default --agree-tos --email "$5" -d "$6"
sed -i "s|/etc/jitsi/meet/$3.crt|/etc/letsencrypt/live/$3/fullchain.pem|" $4 sed -i "s|/etc/jitsi/meet/$3.crt|/etc/letsencrypt/live/$3/fullchain.pem|" "$4"
sed -i "s|/etc/jitsi/meet/$3.key|/etc/letsencrypt/live/$3/privkey.pem|" $4 sed -i "s|/etc/jitsi/meet/$3.key|/etc/letsencrypt/live/$3/privkey.pem|" "$4"
systemctl restart $1 systemctl restart "$1"
#Add cron #Add cron
if [ $(crontab -l|sed 's|#.*$||g'|grep -c 'weekly certbot renew') = 0 ];then if [ "$(crontab -l|sed 's|#.*$||g'|grep -c 'weekly certbot renew')" = 0 ];then
crontab -l | { cat; echo "@weekly certbot renew --${2} > $LE_RENEW_LOG 2>&1"; } | crontab - crontab -l | { cat; echo "@weekly certbot renew --${2} > $LE_RENEW_LOG 2>&1"; } | crontab -
else else
echo "Crontab seems to be already in place, skipping." echo "Crontab seems to be already in place, skipping."
@ -735,13 +734,13 @@ if [ "$LE_SSL" = "yes" ]; then
echo -e "\nCertbot repository already on the system!\nChecking for updates...\n" echo -e "\nCertbot repository already on the system!\nChecking for updates...\n"
apt-get -q2 update apt-get -q2 update
apt-get -yq2 dist-upgrade apt-get -yq2 dist-upgrade
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "200" ]; then elif [ "$(curl -s -o /dev/null -w "%{http_code}" "$CERTBOT_REL_FILE" )" == "200" ]; then
echo -e "\nAdding cerbot (formerly letsencrypt) PPA repository for latest updates\n" echo -e "\nAdding cerbot (formerly letsencrypt) PPA repository for latest updates\n"
echo "deb http://ppa.launchpad.net/certbot/certbot/ubuntu $DIST main" > /etc/apt/sources.list.d/certbot.list echo "deb http://ppa.launchpad.net/certbot/certbot/ubuntu $DIST main" > /etc/apt/sources.list.d/certbot.list
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 75BCA694 apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 75BCA694
apt-get -q2 update apt-get -q2 update
apt-get -yq2 dist-upgrade apt-get -yq2 dist-upgrade
elif [ "$(curl -s -o /dev/null -w "%{http_code}" $CERTBOT_REL_FILE )" == "404" ]; then elif [ "$(curl -s -o /dev/null -w "%{http_code}" "$CERTBOT_REL_FILE" )" == "404" ]; then
echo -e "\nCertbot PPA is not available for $(lsb_release -sc) just yet, it won't be installed...\n" echo -e "\nCertbot PPA is not available for $(lsb_release -sc) just yet, it won't be installed...\n"
fi fi
else else
@ -773,9 +772,9 @@ sed -i "/shard.HOSTNAME/s|localhost|$DOMAIN|" /etc/jitsi/videobridge/sip-communi
# Configure Jibri # Configure Jibri
if [ "$ENABLE_SC" = "yes" ]; then if [ "$ENABLE_SC" = "yes" ]; then
if [ ! -f $MOD_LIST_FILE ]; then if [ ! -f "$MOD_LIST_FILE" ]; then
echo -e "\n-> Adding external module to list prosody users...\n" echo -e "\n-> Adding external module to list prosody users...\n"
curl -s $MOD_LISTU > $MOD_LIST_FILE curl -s "$MOD_LISTU" > "$MOD_LIST_FILE"
echo -e "Now you can check registered users with:\nprosodyctl mod_listusers\n" echo -e "Now you can check registered users with:\nprosodyctl mod_listusers\n"
else else
@ -784,7 +783,7 @@ if [ "$ENABLE_SC" = "yes" ]; then
fi fi
#Enable jibri recording #Enable jibri recording
cat << REC-JIBRI >> $PROSODY_FILE cat << REC-JIBRI >> "$PROSODY_FILE"
VirtualHost "recorder.$DOMAIN" VirtualHost "recorder.$DOMAIN"
modules_enabled = { modules_enabled = {
@ -795,71 +794,71 @@ VirtualHost "recorder.$DOMAIN"
REC-JIBRI REC-JIBRI
#Enable Jibri withelist #Enable Jibri withelist
sed -i "s|-- muc_lobby_whitelist|muc_lobby_whitelist|" $PROSODY_FILE sed -i "s|-- muc_lobby_whitelist|muc_lobby_whitelist|" "$PROSODY_FILE"
#Fix Jibri conectivity issues #Fix Jibri conectivity issues
sed -i "s|c2s_require_encryption = .*|c2s_require_encryption = false|" $PROSODY_SYS sed -i "s|c2s_require_encryption = .*|c2s_require_encryption = false|" "$PROSODY_SYS"
sed -i "/c2s_require_encryption = false/a \\ sed -i "/c2s_require_encryption = false/a \\
\\ \\
consider_bosh_secure = true" $PROSODY_SYS consider_bosh_secure = true" "$PROSODY_SYS"
if [ ! -z $L10N_PARTICIPANT ]; then if [ -n "$L10N_PARTICIPANT" ]; then
sed -i "s|PART_USER=.*|PART_USER=\"$L10N_PARTICIPANT\"|" jm-bm.sh sed -i "s|PART_USER=.*|PART_USER=\"$L10N_PARTICIPANT\"|" jm-bm.sh
fi fi
if [ ! -z $L10N_ME ]; then if [ -n "$L10N_ME" ]; then
sed -i "s|LOCAL_USER=.*|LOCAL_USER=\"$L10N_ME\"|" jm-bm.sh sed -i "s|LOCAL_USER=.*|LOCAL_USER=\"$L10N_ME\"|" jm-bm.sh
fi fi
### Prosody users ### Prosody users
prosodyctl register jibri auth.$DOMAIN $JB_AUTH_PASS prosodyctl register jibri auth."$DOMAIN" "$JB_AUTH_PASS"
prosodyctl register recorder recorder.$DOMAIN $JB_REC_PASS prosodyctl register recorder recorder."$DOMAIN" "$JB_REC_PASS"
## JICOFO ## JICOFO
# /etc/jitsi/jicofo/sip-communicator.properties # /etc/jitsi/jicofo/sip-communicator.properties
cat << BREWERY >> $JICOFO_SIP cat << BREWERY >> "$JICOFO_SIP"
#org.jitsi.jicofo.auth.URL=XMPP:$DOMAIN #org.jitsi.jicofo.auth.URL=XMPP:$DOMAIN
#org.jitsi.jicofo.auth.URL=EXT_JWT:$DOMAIN #org.jitsi.jicofo.auth.URL=EXT_JWT:$DOMAIN
org.jitsi.jicofo.jibri.BREWERY=$JibriBrewery@internal.auth.$DOMAIN org.jitsi.jicofo.jibri.BREWERY="$JibriBrewery"@internal.auth."$DOMAIN"
org.jitsi.jicofo.jibri.PENDING_TIMEOUT=90 org.jitsi.jicofo.jibri.PENDING_TIMEOUT=90
#org.jitsi.jicofo.auth.DISABLE_AUTOLOGIN=true #org.jitsi.jicofo.auth.DISABLE_AUTOLOGIN=true
BREWERY BREWERY
# Jibri tweaks for /etc/jitsi/meet/$DOMAIN-config.js # Jibri tweaks for /etc/jitsi/meet/$DOMAIN-config.js
sed -i "s|conference.$DOMAIN|internal.auth.$DOMAIN|" $MEET_CONF sed -i "s|conference.$DOMAIN|internal.auth.$DOMAIN|" "$MEET_CONF"
sed -i "s|// fileRecordingsEnabled: false,|fileRecordingsEnabled: true,| " $MEET_CONF sed -i "s|// fileRecordingsEnabled: false,|fileRecordingsEnabled: true,| " "$MEET_CONF"
sed -i "s|// liveStreamingEnabled: false,|liveStreamingEnabled: true,\\ sed -i "s|// liveStreamingEnabled: false,|liveStreamingEnabled: true,\\
\\ \\
hiddenDomain: \'recorder.$DOMAIN\',|" $MEET_CONF hiddenDomain: \'recorder.$DOMAIN\',|" "$MEET_CONF"
#Dropbox feature #Dropbox feature
#if [ "$ENABLE_DB" = "yes" ]; then #if [ "$ENABLE_DB" = "yes" ]; then
#DB_STR=$(grep -n "dropbox:" $MEET_CONF | cut -d ":" -f1) #DB_STR=$(grep -n "dropbox:" "$MEET_CONF" | cut -d ":" -f1)
#DB_END=$((DB_STR + 10)) #DB_END=$((DB_STR + 10))
#sed -i "$DB_STR,$DB_END{s|// dropbox: {|dropbox: {|}" $MEET_CONF #sed -i "$DB_STR,$DB_END{s|// dropbox: {|dropbox: {|}" "$MEET_CONF"
#sed -i "$DB_STR,$DB_END{s|// appKey: '<APP_KEY>'|appKey: \'$DB_CID\'|}" $MEET_CONF #sed -i "$DB_STR,$DB_END{s|// appKey: '<APP_KEY>'|appKey: \'$DB_CID\'|}" "$MEET_CONF"
#sed -i "$DB_STR,$DB_END{s|// },|},|}" $MEET_CONF #sed -i "$DB_STR,$DB_END{s|// },|},|}" "$MEET_CONF"
#fi #fi
#Setup main language #Setup main language
if [ -z $JB_LANG ] || [ "$JB_LANG" = "en" ]; then if [ -z "$JB_LANG" ] || [ "$JB_LANG" = "en" ]; then
echo "Leaving English (en) as default language..." echo "Leaving English (en) as default language..."
sed -i "s|// defaultLanguage: 'en',|defaultLanguage: 'en',|" $MEET_CONF sed -i "s|// defaultLanguage: 'en',|defaultLanguage: 'en',|" "$MEET_CONF"
else else
echo "Changing default language to: $JB_LANG" echo "Changing default language to: $JB_LANG"
sed -i "s|// defaultLanguage: 'en',|defaultLanguage: \'$JB_LANG\',|" $MEET_CONF sed -i "s|// defaultLanguage: 'en',|defaultLanguage: \'$JB_LANG\',|" "$MEET_CONF"
fi fi
# Recording directory # Recording directory
if [ ! -d $DIR_RECORD ]; then if [ ! -d "$DIR_RECORD" ]; then
mkdir $DIR_RECORD mkdir "$DIR_RECORD"
fi fi
chown -R jibri:jibri $DIR_RECORD chown -R jibri:jibri "$DIR_RECORD"
cat << REC_DIR > $REC_DIR cat << REC_DIR > "$REC_DIR"
#!/bin/bash #!/bin/bash
RECORDINGS_DIR=$DIR_RECORD RECORDINGS_DIR="$DIR_RECORD"
echo "This is a dummy finalize script" > /tmp/finalize.out echo "This is a dummy finalize script" > /tmp/finalize.out
echo "The script was invoked with recordings directory $RECORDINGS_DIR." >> /tmp/finalize.out echo "The script was invoked with recordings directory $RECORDINGS_DIR." >> /tmp/finalize.out
@ -875,12 +874,12 @@ mv \$LJF_PATH \$NJF_PATH
exit 0 exit 0
REC_DIR REC_DIR
chown jibri:jibri $REC_DIR chown jibri:jibri "$REC_DIR"
chmod +x $REC_DIR chmod +x "$REC_DIR"
## New Jibri Config (2020) ## New Jibri Config (2020)
mv $JIBRI_CONF ${JIBRI_CONF}-dpkg-file mv "$JIBRI_CONF" ${JIBRI_CONF}-dpkg-file
cat << NEW_CONF > $JIBRI_CONF cat << NEW_CONF > "$JIBRI_CONF"
// New XMPP environment config. // New XMPP environment config.
jibri { jibri {
streaming { streaming {
@ -927,8 +926,8 @@ jibri {
default-call-empty-timeout = 30 seconds default-call-empty-timeout = 30 seconds
} }
recording { recording {
recordings-directory = $DIR_RECORD recordings-directory = "$DIR_RECORD"
finalize-script = $REC_DIR finalize-script = "$REC_DIR"
} }
api { api {
xmpp { xmpp {
@ -993,14 +992,14 @@ jibri {
NEW_CONF NEW_CONF
#Jibri xorg resolution #Jibri xorg resolution
sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" $JIBRI_XORG_CONF sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" "$JIBRI_XORG_CONF"
#Create receiver user #Create receiver user
useradd -m -g jibri $MJS_USER useradd -m -g jibri "$MJS_USER"
echo "$MJS_USER:$MJS_USER_PASS" | chpasswd echo "$MJS_USER:$MJS_USER_PASS" | chpasswd
#Create ssh key and restrict connections #Create ssh key and restrict connections
sudo su $MJS_USER -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''" sudo su "$MJS_USER" -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
#Allow password authentication #Allow password authentication
sed -i "s|PasswordAuthentication .*|PasswordAuthentication yes|" /etc/ssh/sshd_config sed -i "s|PasswordAuthentication .*|PasswordAuthentication yes|" /etc/ssh/sshd_config
systemctl restart sshd systemctl restart sshd
@ -1022,7 +1021,7 @@ echo "Last file edition at: $(grep "LETS:" add-jibri-node.sh|head -n1|awk -F'LET
#-- Setting variables for add-jvb2-node.sh #-- Setting variables for add-jvb2-node.sh
g_conf_value() { g_conf_value() {
grep "$1" $JVB2_CONF|sed "s|$1||" grep "$1" "$JVB2_CONF"|sed "s|$1||"
} }
JVB_HOSTNAME=$(g_conf_value JVB_HOSTNAME=) JVB_HOSTNAME=$(g_conf_value JVB_HOSTNAME=)
JVB_HOST=$(g_conf_value JVB_HOST=) JVB_HOST=$(g_conf_value JVB_HOST=)
@ -1032,7 +1031,7 @@ JVB_OPTS=$(g_conf_value JVB_OPTS=)
JAVA_SYS_PROPS=$(g_conf_value JAVA_SYS_PROPS=) JAVA_SYS_PROPS=$(g_conf_value JAVA_SYS_PROPS=)
g_sip_value() { g_sip_value() {
grep "$1" $JVB2_SIP |cut -d "=" -f2 grep "$1" "$JVB2_SIP" |cut -d "=" -f2
} }
DISABLE_AWS_HARVESTER=$(g_sip_value DISABLE_AWS_HARVESTER=) DISABLE_AWS_HARVESTER=$(g_sip_value DISABLE_AWS_HARVESTER=)
STUN_MAPPING_HARVESTER_ADDRESSES=$(g_sip_value STUN_MAPPING_HARVESTER_ADDRESSES=) STUN_MAPPING_HARVESTER_ADDRESSES=$(g_sip_value STUN_MAPPING_HARVESTER_ADDRESSES=)
@ -1066,26 +1065,26 @@ sed -i "s|MJS_USER_PASS=.*|MJS_USER_PASS=\"$MJS_USER_PASS\"|" add-jvb2-node.sh
##-- ##--
#Tune webserver for Jitsi App control #Tune webserver for Jitsi App control
if [ -f $WS_CONF ]; then if [ -f "$WS_CONF" ]; then
sed -i "/# ensure all static content can always be found first/i \\\n" $WS_CONF sed -i "/# ensure all static content can always be found first/i \\\n" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ location = \/external_api.min.js {" $WS_CONF sed -i "/# ensure all static content can always be found first/i \ \ \ \ location = \/external_api.min.js {" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ alias \/usr\/share\/jitsi-meet\/libs\/external_api.min.js;" $WS_CONF sed -i "/# ensure all static content can always be found first/i \ \ \ \ \ \ \ \ alias \/usr\/share\/jitsi-meet\/libs\/external_api.min.js;" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" $WS_CONF sed -i "/# ensure all static content can always be found first/i \ \ \ \ }" "$WS_CONF"
sed -i "/# ensure all static content can always be found first/i \\\n" $WS_CONF sed -i "/# ensure all static content can always be found first/i \\\n" "$WS_CONF"
systemctl reload nginx systemctl reload nginx
else else
echo "No app configuration done to server file, please report to: echo "No app configuration done to server file, please report to:
-> https://github.com/switnet-ltd/quick-jibri-installer/issues" -> https://github.com/switnet-ltd/quick-jibri-installer/issues"
fi fi
#Static avatar #Static avatar
if [ "$ENABLE_SA" = "yes" ] && [ -f $WS_CONF ]; then if [ "$ENABLE_SA" = "yes" ] && [ -f "$WS_CONF" ]; then
cp images/avatar2.png /usr/share/jitsi-meet/images/ cp images/avatar2.png /usr/share/jitsi-meet/images/
sed -i "/location \/external_api.min.js/i \ \ \ \ location \~ \^\/avatar\/\(.\*\)\\\.png {" $WS_CONF sed -i "/location \/external_api.min.js/i \ \ \ \ location \~ \^\/avatar\/\(.\*\)\\\.png {" "$WS_CONF"
sed -i "/location \/external_api.min.js/i \ \ \ \ \ \ \ \ alias /usr/share/jitsi-meet/images/avatar2.png;" $WS_CONF sed -i "/location \/external_api.min.js/i \ \ \ \ \ \ \ \ alias /usr/share/jitsi-meet/images/avatar2.png;" "$WS_CONF"
sed -i "/location \/external_api.min.js/i \ \ \ \ }\\ sed -i "/location \/external_api.min.js/i \ \ \ \ }\\
\ " $WS_CONF \ " "$WS_CONF"
sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'https://$DOMAIN/avatar/\'|" $INT_CONF sed -i "/RANDOM_AVATAR_URL_PREFIX/ s|false|\'https://$DOMAIN/avatar/\'|" "$INT_CONF"
sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" $INT_CONF sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" "$INT_CONF"
fi fi
#nginx -tlsv1/1.1 #nginx -tlsv1/1.1
if [ "$DROP_TLS1" = "yes" ];then if [ "$DROP_TLS1" = "yes" ];then
@ -1102,34 +1101,34 @@ fi
###Setup secure rooms ###Setup secure rooms
if [ "$ENABLE_SC" = "yes" ]; then if [ "$ENABLE_SC" = "yes" ]; then
SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" $PROSODY_FILE | awk -F ':' 'NR==1{print$1}') SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" "$PROSODY_FILE" | awk -F ':' 'NR==1{print$1}')
SRP_END=$((SRP_STR + 10)) SRP_END=$((SRP_STR + 10))
sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"internal_hashed\"|}" $PROSODY_FILE sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"internal_hashed\"|}" "$PROSODY_FILE"
sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" $MEET_CONF sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" "$MEET_CONF"
#Secure room initial user #Secure room initial user
read -p "Set username for secure room moderator: "$'\n' -r SEC_ROOM_USER read -p "Set username for secure room moderator:$NL" -r SEC_ROOM_USER
read -p "Secure room moderator password: "$'\n' -r SEC_ROOM_PASS read -p "Secure room moderator password:$NL" -r SEC_ROOM_PASS
prosodyctl register $SEC_ROOM_USER $DOMAIN $SEC_ROOM_PASS prosodyctl register "$SEC_ROOM_USER" "$DOMAIN" "$SEC_ROOM_PASS"
echo -e "\nSecure rooms are being enabled..." echo -e "\nSecure rooms are being enabled..."
echo "You'll be able to login Secure Room chat with '${SEC_ROOM_USER}' \ echo "You'll be able to login Secure Room chat with '${SEC_ROOM_USER}' \
or '${SEC_ROOM_USER}@${DOMAIN}' using the password you just entered. or '${SEC_ROOM_USER}@${DOMAIN}' using the password you just entered.
If you have issues with the password refer to your sysadmin." If you have issues with the password refer to your sysadmin."
sed -i "s|#org.jitsi.jicofo.auth.URL=XMPP:|org.jitsi.jicofo.auth.URL=XMPP:|" $JICOFO_SIP sed -i "s|#org.jitsi.jicofo.auth.URL=XMPP:|org.jitsi.jicofo.auth.URL=XMPP:|" "$JICOFO_SIP"
sed -i "s|SEC_ROOM=.*|SEC_ROOM=\"on\"|" jm-bm.sh sed -i "s|SEC_ROOM=.*|SEC_ROOM=\"on\"|" jm-bm.sh
fi fi
###JWT ###JWT
if [ "$ENABLE_JWT" = "yes" ]; then if [ "$ENABLE_JWT" = "yes" ]; then
echo -e "\nJWT auth is being setup..." echo -e "\nJWT auth is being setup..."
bash $PWD/mode/jwt.sh bash "$PWD"/mode/jwt.sh
fi fi
#Guest allow #Guest allow
#Change back lobby - https://community.jitsi.org/t/64769/136 #Change back lobby - https://community.jitsi.org/t/64769/136
if [ "$ENABLE_SC" = "yes" ];then if [ "$ENABLE_SC" = "yes" ];then
cat << P_SR >> $PROSODY_FILE cat << P_SR >> "$PROSODY_FILE"
-- #Change back lobby - https://community.jitsi.org/t/64769/136 -- #Change back lobby - https://community.jitsi.org/t/64769/136
VirtualHost "guest.$DOMAIN" VirtualHost "guest.$DOMAIN"
authentication = "anonymous" authentication = "anonymous"
@ -1147,51 +1146,51 @@ fi
#====================== #======================
# Custom settings # Custom settings
#Start with video muted by default #Start with video muted by default
sed -i "s|// startWithVideoMuted: false,|startWithVideoMuted: true,|" $MEET_CONF sed -i "s|// startWithVideoMuted: false,|startWithVideoMuted: true,|" "$MEET_CONF"
#Start with audio muted but admin #Start with audio muted but admin
sed -i "s|// startAudioMuted: 10,|startAudioMuted: 1,|" $MEET_CONF sed -i "s|// startAudioMuted: 10,|startAudioMuted: 1,|" "$MEET_CONF"
#Disable/enable welcome page #Disable/enable welcome page
if [ "$ENABLE_WELCP" = "yes" ]; then if [ "$ENABLE_WELCP" = "yes" ]; then
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: false,|" $MEET_CONF sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: false,|" "$MEET_CONF"
elif [ "$ENABLE_WELCP" = "no" ]; then elif [ "$ENABLE_WELCP" = "no" ]; then
sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: true,|" $MEET_CONF sed -i "s|.*enableWelcomePage:.*| enableWelcomePage: true,|" "$MEET_CONF"
fi fi
#Enable close page #Enable close page
if [ "$ENABLE_CLOCP" = "yes" ]; then if [ "$ENABLE_CLOCP" = "yes" ]; then
sed -i "s|.*enableClosePage:.*| enableClosePage: true,|" $MEET_CONF sed -i "s|.*enableClosePage:.*| enableClosePage: true,|" "$MEET_CONF"
elif [ "$ENABLE_CLOCP" = "no" ]; then elif [ "$ENABLE_CLOCP" = "no" ]; then
sed -i "s|.*enableClosePage:.*| enableClosePage: false,|" $MEET_CONF sed -i "s|.*enableClosePage:.*| enableClosePage: false,|" "$MEET_CONF"
fi fi
#Add pre-join screen by default, since it improves YouTube autoplay capabilities #Add pre-join screen by default, since it improves YouTube autoplay capabilities
#pre-join screen by itself don't require autorization by moderator, don't confuse with lobby which does. #pre-join screen by itself don't require autorization by moderator, don't confuse with lobby which does.
sed -i "s|// prejoinPageEnabled:.*|prejoinPageEnabled: true,|" $MEET_CONF sed -i "s|// prejoinPageEnabled:.*|prejoinPageEnabled: true,|" "$MEET_CONF"
#Set HD resolution and widescreen format #Set HD resolution and widescreen format
sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" $MEET_CONF sed -i "/Enable \/ disable simulcast support/i \/\/ Start QJI - Set resolution and widescreen format" "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 720," $MEET_CONF sed -i "/Enable \/ disable simulcast support/i \ \ \ \ resolution: 720," "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" $MEET_CONF sed -i "/Enable \/ disable simulcast support/i \ \ \ \ constraints: {" "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," $MEET_CONF sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ aspectRatio: 16 \/ 9," "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" $MEET_CONF sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ video: {" "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" $MEET_CONF sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ height: {" "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 720," $MEET_CONF sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 720," "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 720," $MEET_CONF sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 720," "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" $MEET_CONF sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 180" "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," $MEET_CONF sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }," "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" $MEET_CONF sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ width: {" "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 1280," $MEET_CONF sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ideal: 1280," "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 1280," $MEET_CONF sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ max: 1280," "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" $MEET_CONF sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ min: 320" "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" $MEET_CONF sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ \ \ \ \ }" "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" $MEET_CONF sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ \ \ \ \ }" "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," $MEET_CONF sed -i "/Enable \/ disable simulcast support/i \ \ \ \ \ }," "$MEET_CONF"
sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" $MEET_CONF sed -i "/Enable \/ disable simulcast support/i \/\/ End QJI" "$MEET_CONF"
#Check config file #Check config file
echo -e "\n# Checking $MEET_CONF file for errors\n" echo -e "\n# Checking $MEET_CONF file for errors\n"
CHECKJS=$(esvalidate $MEET_CONF| cut -d ":" -f2) CHECKJS=$(esvalidate "$MEET_CONF"| cut -d ":" -f2)
if [[ -z "$CHECKJS" ]]; then if [[ -z "$CHECKJS" ]]; then
echo -e "\n# The $MEET_CONF configuration seems correct. =)\n" echo -e "\n# The $MEET_CONF configuration seems correct. =)\n"
else else
@ -1214,7 +1213,7 @@ if [ "$DISABLE_LOCAL_JIBRI" = "yes" ]; then
systemctl disable jibri-xorg systemctl disable jibri-xorg
systemctl disable jibri-icewm systemctl disable jibri-icewm
# Manually apply permissions since finalize_recording.sh won't be triggered under this server options. # Manually apply permissions since finalize_recording.sh won't be triggered under this server options.
chmod -R 770 $DIR_RECORD chmod -R 770 "$DIR_RECORD"
fi fi
enable_letsencrypt enable_letsencrypt
@ -1225,7 +1224,7 @@ chmod -R 650 /etc/prosody/certs/
#SSL workaround #SSL workaround
if [ "$(dpkg-query -W -f='${Status}' nginx 2>/dev/null | grep -c "ok installed")" -eq 1 ]; then if [ "$(dpkg-query -W -f='${Status}' nginx 2>/dev/null | grep -c "ok installed")" -eq 1 ]; then
ssl_wa nginx nginx $DOMAIN $WS_CONF $SYSADMIN_EMAIL $DOMAIN ssl_wa nginx nginx "$DOMAIN" "$WS_CONF" "$SYSADMIN_EMAIL" "$DOMAIN"
install_ifnot python3-certbot-nginx install_ifnot python3-certbot-nginx
else else
echo "No webserver found please report." echo "No webserver found please report."
@ -1234,19 +1233,19 @@ fi
if [ "$ENABLE_BLESSM" = "yes" ]; then if [ "$ENABLE_BLESSM" = "yes" ]; then
echo "Custom brandless mode will be enabled." echo "Custom brandless mode will be enabled."
sed -i "s|ENABLE_BLESSM=.*|ENABLE_BLESSM=\"on\"|" jitsi-updater.sh sed -i "s|ENABLE_BLESSM=.*|ENABLE_BLESSM=\"on\"|" jitsi-updater.sh
bash $PWD/jm-bm.sh bash "$PWD"/jm-bm.sh
fi fi
# Applying best practives for interface config.js # Applying best practives for interface config.js
echo -e "\n> Setting up custom interface_config.js according to best practices." echo -e "\n> Setting up custom interface_config.js according to best practices."
cp "$INT_CONF" "$INT_CONF_ETC" cp "$INT_CONF" "$INT_CONF_ETC"
#Tune webserver for interface_config.js #Tune webserver for interface_config.js
if [ -f $WS_CONF ]; then if [ -f "$WS_CONF" ]; then
sed -i "/external_api.js/i \\\n" $WS_CONF sed -i "/external_api.js/i \\\n" "$WS_CONF"
sed -i "/external_api.js/i \ \ \ \ location = \/interface_config.js {" $WS_CONF sed -i "/external_api.js/i \ \ \ \ location = \/interface_config.js {" "$WS_CONF"
sed -i "/external_api.js/i \ \ \ \ \ \ \ \ alias \/etc\/jitsi\/meet\/$DOMAIN-interface_config.js;" $WS_CONF sed -i "/external_api.js/i \ \ \ \ \ \ \ \ alias \/etc\/jitsi\/meet\/$DOMAIN-interface_config.js;" "$WS_CONF"
sed -i "/external_api.js/i \ \ \ \ }" $WS_CONF sed -i "/external_api.js/i \ \ \ \ }" "$WS_CONF"
sed -i "/external_api.js/i \\\n" $WS_CONF sed -i "/external_api.js/i \\\n" "$WS_CONF"
systemctl reload nginx systemctl reload nginx
else else
echo "No interface_config.js configuration done to server file, please report to: echo "No interface_config.js configuration done to server file, please report to:
@ -1254,11 +1253,11 @@ else
fi fi
#JRA via Nextcloud #JRA via Nextcloud
if [ "$ENABLE_NC_ACCESS" = "yes" ]; then if [ "$ENABLE_NC_ACCESS" = "yes" ]; then
echo -n "\nJRA via Nextcloud will be enabled." echo -e "\nJRA via Nextcloud will be enabled."
if [ "$MODE" = "debug" ]; then if [ "$MODE" = "debug" ]; then
bash $PWD/jra_nextcloud.sh -m debug bash "$PWD"/jra_nextcloud.sh -m debug
else else
bash $PWD/jra_nextcloud.sh bash "$PWD"/jra_nextcloud.sh
fi fi
fi fi
} > >(tee -a qj-installer.log) 2> >(tee -a qj-installer.log >&2) } > >(tee -a qj-installer.log) 2> >(tee -a qj-installer.log >&2)
@ -1267,9 +1266,9 @@ if [ "$ENABLE_TRANSCRIPT" = "yes" ]; then
echo -e "\nJigasi Transcription will be enabled." echo -e "\nJigasi Transcription will be enabled."
# ToDo: Analyze behavior on debug # ToDo: Analyze behavior on debug
#if [ "$MODE" = "debug" ]; then #if [ "$MODE" = "debug" ]; then
# bash $PWD/jigasi.sh -m debug # bash "$PWD"/jigasi.sh -m debug
#else #else
bash $PWD/jigasi.sh bash "$PWD"/jigasi.sh
#fi #fi
fi fi
{ {
@ -1277,18 +1276,18 @@ fi
if [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then if [ "$ENABLE_GRAFANA_DSH" = "yes" ]; then
echo -e "\nGrafana Dashboard will be enabled." echo -e "\nGrafana Dashboard will be enabled."
if [ "$MODE" = "debug" ]; then if [ "$MODE" = "debug" ]; then
bash $PWD/grafana.sh -m debug bash "$PWD"/grafana.sh -m debug
else else
bash $PWD/grafana.sh bash "$PWD"/grafana.sh
fi fi
fi fi
#Docker Etherpad #Docker Etherpad
if [ "$ENABLE_DOCKERPAD" = "yes" ]; then if [ "$ENABLE_DOCKERPAD" = "yes" ]; then
echo -e "\nDocker Etherpad will be enabled." echo -e "\nDocker Etherpad will be enabled."
if [ "$MODE" = "debug" ]; then if [ "$MODE" = "debug" ]; then
bash $PWD/etherpad-docker.sh -m debug bash "$PWD"/etherpad-docker.sh -m debug
else else
bash $PWD/etherpad-docker.sh bash "$PWD"/etherpad-docker.sh
fi fi
fi fi
#Prevent JMS conecction issue #Prevent JMS conecction issue