quick_jibri_installer.sh: fix jaas & acme integration #90

Merged
Ark74 merged 42 commits from unstable into master 2022-10-24 04:52:24 +00:00
4 changed files with 89 additions and 29 deletions

View File

@ -20,6 +20,7 @@ fi
Blue='\e[0;34m'
Purple='\e[0;35m'
Red='\e[0;31m'
Green='\e[0;32m'
Yellow='\e[0;33m'
Color_Off='\e[0m'
@ -40,10 +41,14 @@ support="https://switnet.net/support"
apt_repo="/etc/apt/sources.list.d"
ENABLE_BLESSM="TBD"
CHD_LTST="$(curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE)"
CHD_LTST_2D="$(echo "$CHD_LTST"|cut -d "." -f 1,2)"
CHD_LTST_2D="$(cut -d "." -f 1,2 <<< "$CHD_LTST")"
CHDB="$(whereis chromedriver | awk '{print$2}')"
if [ -d /etc/prosody/conf.d/ ]; then
DOMAIN="$(find /etc/prosody/conf.d/ -name \*.lua | \
awk -F'.cfg' '!/localhost/{print $1}' | xargs basename)"
else
echo -e "Seems no prosody is installed...\n > is this a jibri node?"
fi
NC_DOMAIN="TBD"
JITSI_MEET_PROXY="/etc/nginx/modules-enabled/60-jitsi-meet.conf"
if [ -f "$JITSI_MEET_PROXY" ];then
@ -51,12 +56,12 @@ PREAD_PROXY="$(grep -nr "preread_server_name" "$JITSI_MEET_PROXY" | cut -d ":" -
fi
INT_CONF="/usr/share/jitsi-meet/interface_config.js"
INT_CONF_ETC="/etc/jitsi/meet/$DOMAIN-interface_config.js"
read -r -a jibri_packages < <(grep Package /var/lib/apt/lists/download.jitsi.org_*_Packages | \
read -r -a jibri_packages < <(grep ^Package /var/lib/apt/lists/download.jitsi.org_*_Packages | \
sort -u | awk '{print $2}' | sed '/jigasi/d' | \
xargs)
AVATAR="$(grep -r avatar /etc/nginx/sites-*/ 2>/dev/null)"
if [ -f "$apt_repo"/google-chrome.list ]; then
read -r -a google_package < <(grep Package /var/lib/apt/lists/dl.google.com_*_Packages | \
read -r -a google_package < <(grep ^Package /var/lib/apt/lists/dl.google.com_*_Packages | \
sort -u | awk '{print $2}' | xargs)
else
echo "Seems no Google repo installed"
@ -65,13 +70,13 @@ if [ -z "$CHDB" ]; then
echo "Seems no chromedriver installed"
else
CHD_VER_LOCAL="$($CHDB -v | awk '{print $2}')"
CHD_VER_2D="$(echo "$CHD_VER_LOCAL"|awk '{printf "%.1f\n", $NF}')"
CHD_VER_2D="$(awk '{printf "%.1f\n", $NF}' <<< "$CHD_VER_LOCAL")"
fi
# True if $1 is greater than $2
version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
check_jibri() {
restart_jibri() {
if [ "$(dpkg-query -W -f='${Status}' "jibri" 2>/dev/null | grep -c "ok installed")" == "1" ]
then
systemctl restart jibri
@ -86,7 +91,7 @@ fi
restart_services() {
systemctl restart jitsi-videobridge2
systemctl restart jicofo
check_jibri
restart_jibri
systemctl restart prosody
}
@ -105,7 +110,13 @@ update_google_repo() {
echo "No Google repository found"
fi
}
GOOGL_VER_2D="$(/usr/bin/google-chrome --version|awk '{printf "%.1f\n", $NF}')"
printwc "${Purple}" "Checking for Google Chrome\n"
if [ -f /usr/bin/google-chrome ]; then
GOOGL_VER_2D="$(/usr/bin/google-chrome --version|awk '{printf "%.1f\n", $NF}')"
else
printwc "${Yellow}" " -> Seems there is no Google Chrome installed\n"
IS_GLG_CHRM="no"
fi
upgrade_cd() {
if [ -n "$GOOGL_VER_2D" ]; then
if version_gt "$GOOGL_VER_2D" "$CHD_VER_2D" ; then
@ -139,6 +150,7 @@ if [ -f "$CHDB" ]; then
upgrade_cd
else
printwc "${Yellow}" " -> Seems there is no Chromedriver installed\n"
IS_CHDB="no"
fi
}
@ -155,6 +167,21 @@ else
echo "Please check your repositories, something is not right."
exit 1
fi
check_if_installed(){
if [ "$(dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed")" == "1" ]; then
echo "1"
else
echo "0"
fi
}
check_for_jibri_node() {
if [ "$(check_if_installed jibri)" = 1 ] && \
[ "$(check_if_installed jitsi-meet)" = 0 ] && \
[ "$(check_if_installed prosody)" = 0 ]; then
printwc "${Green}" "\n::: This seems to be a jibri node :::\n"
JIBRI_NODE="yes"
fi
}
# Any customization, image, name or link change for any purpose should
# be documented here so new updates won't remove those changes.
# We divide them on UI changes and branding changes, feel free to adapt
@ -165,13 +192,16 @@ fi
########################################################################
# User interface changes #
########################################################################
#Check for jibri node
check_for_jibri_node
[ "$JIBRI_NODE" != yes ] && \
if [ -f "$INT_CONF_ETC" ]; then
echo "Static interface_config.js exists, skipping modification..."
else
echo "This setup doesn't have a static interface_config.js, checking changes..."
printwc "${Purple}" "========== Setting Static Avatar ==========\n"
if [[ -z "$AVATAR" ]]; then
if [ -z "$AVATAR" ]; then
echo "Moving on..."
else
echo "Setting Static Avatar"
@ -179,7 +209,7 @@ else
sed -i "/RANDOM_AVATAR_URL_SUFFIX/ s|false|\'.png\'|" "$INT_CONF"
fi
printwc "${Purple}" "========== Setting Support Link ==========\n"
if [[ -z "$support" ]]; then
if [ -z "$support" ]; then
echo "Moving on..."
else
echo "Setting Support custom link"
@ -189,9 +219,10 @@ else
sed -i "s|'videobackgroundblur', ||" "$INT_CONF"
fi
[ "$JIBRI_NODE" != yes ] && \
if [ "$NC_DOMAIN" != "TBD" ]; then
printwc "${Purple}" "========== Enable $NC_DOMAIN for sync client ==========\n"
if [ -z "$PREAD_PROXY" ]; then
if [ -f "$JITSI_MEET_PROXY" ] && [ -z "$PREAD_PROXY" ]; then
printf "\n Setting up Nextcloud domain on Jitsi Meet turn proxy\n\n"
sed -i "/server {/i \ \ map \$ssl_preread_server_name \$upstream {" "$JITSI_MEET_PROXY"
sed -i "/server {/i \ \ \ \ \ \ $DOMAIN web;" "$JITSI_MEET_PROXY"
@ -201,12 +232,27 @@ printwc "${Purple}" "========== Enable $NC_DOMAIN for sync client ==========\n"
echo "$NC_DOMAIN seems to be on place, skipping..."
fi
fi
restart_services
if [ "$JIBRI_NODE" = "yes" ]; then
restart_jibri
else
restart_services
fi
if [ "$JIBRI_NODE" = "yes" ] && \
[ "$IS_CHDB" = "no" ] && \
[ "$IS_GLG_CHRM" = "no" ];then
printwc "${Red}" "\nBeware: This jibri node seems to be missing important packages.\n"
echo " > Googe Chrome"
echo " > Chromedriver"
fi
########################################################################
# Brandless mode #
########################################################################
if [ "$ENABLE_BLESSM" = "on" ]; then
bash "$PWD"/jm-bm.sh
if [ "$MODE" = "debug" ]; then
bash "$PWD"/jm-bm.sh -m debug
else
bash "$PWD"/jm-bm.sh
fi
fi
printwc "${Blue}" "Script completed \o/!\n"

View File

@ -65,9 +65,9 @@ sed -i "s|watermark.png|watermark2.png|g" "$CSS_FILE"
sed -i "s|favicon.ico|favicon2.ico|g" "$TITLE_FILE"
sed -i "s|jitsilogo.png|watermark2.png|g" "$TITLE_FILE"
sed -i "s|logo-deep-linking.png|watermark2.png|g" "$BUNDLE_JS"
sed -i "s|jitsiLogo_square.png|gnome_record.png|g" "$BUNDLE_JS"
sed -i "s|icon-cloud.png|gnome_record.png|g" "$BUNDLE_JS"
#Disable logo and url
if ! grep -nr ".leftwatermark{display:none" "$CSS_FILE" ; then
if ! grep -q ".leftwatermark{display:none" "$CSS_FILE" ; then
sed -i "s|.leftwatermark{|.leftwatermark{display:none;|" "$CSS_FILE"
fi

View File

@ -54,7 +54,7 @@ apt-get install -y jitsi-meet-tokens
#Setting up
sed -i "s|c2s_require_encryption = true|c2s_require_encryption = false|" "$PROSODY_SYS"
#-
sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"token\"|}" "$PROSODY_FILE"
sed -i "$SRP_STR,$SRP_END{s|authentication = \"jitsi-anonymous\"|authentication = \"token\"|}" "$PROSODY_FILE"
sed -i "s|--app_id=\"example_app_id\"|app_id=\"$APP_ID\"|" "$PROSODY_FILE"
sed -i "s|--app_secret=\"example_app_secret\"|app_secret=\"$SECRET_APP\"|" "$PROSODY_FILE"
sed -i "/app_secret/a \\\\" "$PROSODY_FILE"

View File

@ -172,13 +172,13 @@ if [ "$DIST" = "bionic" ]; then
fi
#Check system resources
echo "Verifying System Resources:"
printf "\n\nVerifying System Resources:"
if [ "$(nproc --all)" -lt 4 ];then
printf "\nWarning!: The system do not meet the minimum CPU requirements for Jibri to run."
printf "\n>> We recommend 4 cores/threads for Jibri!\n\n"
printf "\n>> We recommend 4 cores/threads for Jibri!\n"
CPU_MIN="N"
else
printf "\nCPU Cores/Threads: OK (%s)\n\n" "$(nproc --all)"
printf "\nCPU Cores/Threads: OK (%s)\n" "$(nproc --all)"
CPU_MIN="Y"
fi
sleep .1
@ -189,7 +189,7 @@ if [ "$mem_available" -lt 7700000 ]; then
printf "\n>> We recommend 8GB RAM for Jibri!\n\n"
MEM_MIN="N"
else
printf "\nMemory: OK (%s) MiB)\n\n" "$(mem_available/1024)"
printf "\nMemory: OK (%s) MiB\n\n" "$((mem_available/1024))"
MEM_MIN="Y"
fi
sleep .1
@ -199,6 +199,7 @@ if [ "$CPU_MIN" = "Y" ] && [ "$MEM_MIN" = "Y" ];then
else
printf "CPU (%s)/RAM (%s MiB) does NOT meet minimum recommended requirements!" "$(nproc --all)" "$((mem_available/1024))"
printf "\nEven when you can use the videoconferencing sessions, we advice to increase the resources in order to user Jibri.\n\n"
sleep .1
while [ "$CONTINUE_LOW_RES" != "yes" ] && [ "$CONTINUE_LOW_RES" != "no" ]
do
read -p "> Do you want to continue?: (yes or no)$NL" -r CONTINUE_LOW_RES
@ -206,8 +207,8 @@ else
echo " - See you next time with more resources!..."
exit
elif [ "$CONTINUE_LOW_RES" = "yes" ]; then
printf " - We highly recommend to increase the server resources."
printf " - Otherwise, please think about adding dedicated jibri nodes instead.\n"
printf "\n - We highly recommend to increase the server resources."
printf "\n - Otherwise, please think about adding dedicated jibri nodes instead.\n\n"
fi
done
fi
@ -253,7 +254,7 @@ do
This is an unsupported use, as it will likely BREAK YOUR SYSTEM, so please don't." "$de"
exit
else
printf " > No standard desktop environment for user oriented porpuse detected, continuing...\n\n"
printf " > No standard desktop environment for user oriented porpuse detected, good!, continuing...\n\n"
fi
done
sleep .1
@ -300,7 +301,7 @@ sleep .1
#Sysadmin email
while [ -z "$SYSADMIN_EMAIL" ]
do
read -p " > Set sysadmin email (this is a mandatory field):$NL" -r SYSADMIN_EMAIL
read -p "$NL > Set sysadmin email (this is a mandatory field):$NL" -r SYSADMIN_EMAIL
done
sleep .1
#Simple DNS test
@ -370,7 +371,9 @@ echo "
if [ "$LE_SSL" = "yes" ]; then
echo "set jitsi-meet/cert-choice select Generate a new self-signed certificate (You will later get a chance to obtain a Let's encrypt certificate)" | debconf-set-selections
echo "jitsi-videobridge2 jitsi-videobridge/jvb-hostname string $JITSI_DOMAIN" | debconf-set-selections
echo "jitsi-meet-web-config jitsi-meet/email string $SYSADMIN_EMAIL" | debconf-set-selections
fi
echo "jitsi-meet-web-config jitsi-meet/jaas-choice boolean false" | debconf-set-selections
apt-get -y install \
jitsi-meet \
jibri \
@ -425,7 +428,7 @@ else
unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/
chown root:root /usr/local/bin/chromedriver
chmod 0755 /usr/local/bin/chromedriver
rm -rf /tpm/chromedriver_linux64.zip
rm -rf /tmp/chromedriver_linux64.zip
fi
printf "\nCheck Google Software Working...\n"
@ -805,7 +808,10 @@ BREWERY
# Jibri tweaks for /etc/jitsi/meet/$DOMAIN-config.js
sed -i "s|conference.$DOMAIN|internal.auth.$DOMAIN|" "$MEET_CONF"
sed -i "s|// fileRecordingsEnabled: false,|fileRecordingsEnabled: true,| " "$MEET_CONF"
#New recording implementation.
sed -i "s|// recordingService:|recordingService:|" "$MEET_CONF"
sed -i "/recordingService/,/hideStorageWarning/s|// enabled: false,| enabled: true,|" "$MEET_CONF"
sed -i "/hideStorageWarning: false/,/Local recording configuration/s|// },|},|" "$MEET_CONF"
sed -i "s|// liveStreamingEnabled: false,|liveStreamingEnabled: true,\\
\\
hiddenDomain: \'recorder.$DOMAIN\',|" "$MEET_CONF"
@ -1058,7 +1064,7 @@ if [ "$ENABLE_SA" = "yes" ] && [ -f "$WS_CONF" ]; then
fi
#nginx -tlsv1/1.1
if [ "$DROP_TLS1" = "yes" ];then
printf "\nDropping TLSv1/1.1\\nn"
printf "\nDropping TLSv1/1.1\n\n"
sed -i "s|TLSv1 TLSv1.1||" /etc/nginx/nginx.conf
elif [ "$DROP_TLS1" = "no" ];then
printf "\nNo TLSv1/1.1 dropping was done.\n\n"
@ -1073,7 +1079,7 @@ sleep .1
if [ "$ENABLE_SC" = "yes" ]; then
SRP_STR=$(grep -n "VirtualHost \"$DOMAIN\"" "$PROSODY_FILE" | awk -F ':' 'NR==1{print$1}')
SRP_END=$((SRP_STR + 10))
sed -i "$SRP_STR,$SRP_END{s|authentication = \"anonymous\"|authentication = \"internal_hashed\"|}" "$PROSODY_FILE"
sed -i "$SRP_STR,$SRP_END{s|authentication = \"jitsi-anonymous\"|authentication = \"internal_hashed\"|}" "$PROSODY_FILE"
sed -i "s|// anonymousdomain: 'guest.example.com'|anonymousdomain: \'guest.$DOMAIN\'|" "$MEET_CONF"
#Secure room initial user
@ -1092,7 +1098,11 @@ sleep .1
###JWT
if [ "$ENABLE_JWT" = "yes" ]; then
printf "\nJWT auth is being setup...\n"
bash "$PWD"/mode/jwt.sh
if [ "$MODE" = "debug" ]; then
bash "$PWD"/mode/jwt.sh -m debug
else
bash "$PWD"/mode/jwt.sh
fi
fi
sleep .1
#Guest allow
@ -1201,7 +1211,11 @@ fi
if [ "$ENABLE_BLESSM" = "yes" ]; then
echo "Custom brandless mode will be enabled."
sed -i "s|ENABLE_BLESSM=.*|ENABLE_BLESSM=\"on\"|" jitsi-updater.sh
bash "$PWD"/jm-bm.sh
if [ "$MODE" = "debug" ]; then
bash "$PWD"/jm-bm.sh -m debug
else
bash "$PWD"/jm-bm.sh
fi
fi
# Applying best practives for interface config.js