#!/bin/bash # Jibri Node Aggregator # SwITNet Ltd © - 2025, https://switnet.net/ # GPLv3 or later. ### 0_LAST EDITION TIME STAMP ### # LETS: AUTOMATED_EDITION_TIME ### 1_LAST EDITION ### while getopts m: option do case "${option}" in m) MODE=${OPTARG};; \?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;; esac done if [ "$MODE" = "debug" ]; then set -x fi if ! [ "$(id -u)" = 0 ]; then echo "You need to be root or have sudo privileges!" exit 0 fi #Make sure the file name is the required one if [ ! "$(basename "$0")" = "add-jibri-node.sh" ]; then echo "For most cases naming won't matter, for this one it does." echo "Please use the original name for this script: \`add-jibri-node.sh', and run again." exit fi ### 0_VAR_DEF MAIN_SRV_DIST=TBD MAIN_SRV_REPO=TBD MAIN_SRV_DOMAIN=TBD JibriBrewery=TBD JB_NAME=TBD JB_AUTH_PASS=TBD JB_REC_PASS=TBD MJS_USER=TBD MJS_USER_PASS=TBD JIBRI_RES_CONF=TBD JIBRI_RES_XORG_CONF=TBD THIS_SRV_DIST=$(lsb_release -sc) JITSI_REPO=$(apt-cache policy | awk '/jitsi/&&/stable/{print$3}' | awk -F / 'NR==1{print$1}') JIBRI_CONF="/etc/jitsi/jibri/jibri.conf" DIR_RECORD="/var/jbrecord" REC_DIR="/home/jibri/finalize_recording.sh" GOOGL_REPO="/etc/apt/sources.list.d/dl_google_com_linux_chrome_deb.list" GOOGLE_ACTIVE_REPO=$(apt-cache policy | awk '/chrome/{print$3}' | awk -F "/" 'NR==1{print$2}') GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json" #PUBLIC_IP="$(wget -qO- https://api.ipify.org)" JITSI_GPG_KEY="/etc/apt/trusted.gpg.d/jitsi-key.gpg.key" NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)" NJN_USER="jbnode${ADDUP}_${NJN_RAND_TAIL}" NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)" GIT_FORGE="https://forge.switnet.net" GIT_REPO="switnet/quick-jibri-installer" TEST_JIBRI_ENV="$GIT_FORGE/$GIT_REPO/raw/branch/master/tools/test-jibri-env.sh" SHORT_ID="$(awk '{print substr($0,0,7)}' /etc/machine-id)" JIBRI_XORG_CONF="/etc/jitsi/jibri/xorg-video-dummy.conf" ### 1_VAR_DEF # sed limiters for add-jibri-node.sh variables var_dlim() { grep -n "$1" add-jibri-node.sh|head -n1|cut -d ":" -f1 } check_var() { if [ "$2" = "TBD" ]; then echo -e "Check if variable $1 is set: \xE2\x9C\x96" exit else echo -e "Check if variable $1 is set: \xE2\x9C\x94" fi } #Change in favor of machine-id identifier crontab -l | { cat; echo "@reboot sed -i \"/[[:space:]]control-muc/,/[[:space:]]control-login/{s|nickname = .*|nickname = \\\"$(cat /etc/machine-id)\\\"|}\" /etc/jitsi/jibri/jibri.conf"; } | crontab - crontab -l echo " #----------------------------------------------------------------------- # Checking initial necessary variables... #-----------------------------------------------------------------------" JMS_DATA=("$MAIN_SRV_DIST" \ "$MAIN_SRV_REPO" \ "$MAIN_SRV_DOMAIN" \ "$JibriBrewery" \ "$JB_NAME" \ "$JB_AUTH_PASS" \ "$JB_REC_PASS" \ "$MJS_USER" \ "$MJS_USER_PASS" \ "$JIBRI_RES_CONF" \ "$JIBRI_RES_XORG_CONF") JMS_EVAL="${JMS_DATA[0]}" for i in "${JMS_DATA[@]}"; do if [[ "$JMS_EVAL" != "$i" ]]; then ALL_TBD="no" break fi done if [ "$ALL_TBD" = "no" ];then echo -e "Good, seems this is not a vanilla copy of add-jibri-node.sh, let's check variables ...\n" else echo -e "You seem to be using a vanilla copy of the add-jibri-node.sh. > Please use the content (or apply the changes) of add-jibri-node.sh from the main Jitsi server installation folder, as it contains necessary data.\n" exit fi check_var MAIN_SRV_DIST "$MAIN_SRV_DIST" check_var MAIN_SRV_REPO "$MAIN_SRV_REPO" check_var MAIN_SRV_DOMAIN "$MAIN_SRV_DOMAIN" check_var JibriBrewery "$JibriBrewery" check_var JB_NAME "$JB_NAME" check_var JB_AUTH_PASS "$JB_AUTH_PASS" check_var JB_REC_PASS "$JB_REC_PASS" check_var MJS_USER "$MJS_USER" check_var MJS_USER_PASS "$MJS_USER_PASS" check_var JIBRI_RES_CONF "$JIBRI_RES_CONF" check_var JIBRI_RES_XORG_CONF "$JIBRI_RES_XORG_CONF" #Check server and node OS if [ ! "$THIS_SRV_DIST" = "$MAIN_SRV_DIST" ]; then echo "Please use the same OS for the jibri setup on both servers." echo "This server is based on: $THIS_SRV_DIST" echo "The main server record claims is based on: $MAIN_SRV_DIST" exit fi #Check system resources echo "Verifying System Resources:" if [ "$(nproc --all)" -lt 4 ];then echo " Warning!: The system do not meet the minimum CPU requirements for Jibri to run. >> We recommend 4 cores/threads for Jibri! " CPU_MIN="N" else echo "CPU Cores/Threads: OK ($(nproc --all))" CPU_MIN="Y" fi ### Test RAM size (8GB min) ### mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+') if [ "${mem_available}" -lt 7700000 ]; then echo " Warning!: The system do not meet the minimum RAM requirements for Jibri to run. >> We recommend 8GB RAM for Jibri! " MEM_MIN="N" else echo "Memory: OK ($((mem_available/1024)) MiB)" MEM_MIN="Y" fi if [ "$CPU_MIN" = "Y" ] && [ "$MEM_MIN" = "Y" ];then echo "All requirements seems meet!" echo " - We hope you have a nice recording/streaming session " else echo "CPU ($(nproc --all))/RAM ($((mem_available/1024)) MiB) does NOT meet minimum recommended requirements!" echo "Since this is a Jibri node installation there is no point on not having the necessary resources." echo "We highly advice to increase the resources in order to install this Jibri node." while [[ "$CONTINUE_LOW_RES" != "yes" && "$CONTINUE_LOW_RES" != "no" ]] do read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_LOW_RES if [ "$CONTINUE_LOW_RES" = "no" ]; then echo "See you next time with more resources!..." exit elif [ "$CONTINUE_LOW_RES" = "yes" ]; then echo "Please keep in mind that we might not support underpowered nodes." fi done fi # Rename hostname for each jibri node hostnamectl set-hostname "jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}" sed -i "1i 127.0.0.1 jbnode_${SHORT_ID}.${MAIN_SRV_DOMAIN}" /etc/hosts # Jitsi-Meet Repo printf "\nAdd Jitsi repo\n" if [ "$JITSI_REPO" = "stable" ]; then printf " - Jitsi stable repository already installed\n\n" else echo "deb [signed-by=$JITSI_GPG_KEY] http://download.jitsi.org stable/" \ > /etc/apt/sources.list.d/jitsi-stable.list curl -s https://download.jitsi.org/jitsi-key.gpg.key \ > "$JITSI_GPG_KEY" apt-get update -q2 JITSI_REPO="stable" fi sleep .1 # Requirements echo "We'll start by installing system requirements this may take a while please be patient..." apt-get update -q2 apt-get dist-upgrade -yq2 apt-get -y install \ apt-show-versions \ bmon \ curl \ ffmpeg \ git \ btop \ inotify-tools \ jq \ rsync \ ssh \ unzip \ wget check_snd_driver() { printf "\n# Checking ALSA - Loopback module..." echo "snd-aloop" | tee -a /etc/modules modprobe snd-aloop if [ "$(lsmod|awk '/snd_aloop/{print$1}'|awk 'NR==1')" = "snd_aloop" ]; then echo -e "\n#-----------------------------------------------------------------------" echo "# Audio driver seems - OK." echo -e "#-----------------------------------------------------------------------\n" else echo -e "\n#-----------------------------------------------------------------------" echo "# Your audio driver might not be able to load." echo "# We'll check the state of this Jibri with our 'test-jibri-env.sh' tool." echo -e "#-----------------------------------------------------------------------\n" curl -s "$TEST_JIBRI_ENV" > /tmp/test-jibri-env.sh #Test tool if [ "$MODE" = "debug" ]; then bash /tmp/test-jibri-env.sh -m debug else bash /tmp/test-jibri-env.sh fi read -n 1 -s -r -p "Press any key to continue..."$'\n' fi } ###FIXME: Trisquel support broken by lsb_release usage### echo "# Check and Install HWE kernel if possible..." HWE_VIR_MOD="$(apt-cache madison linux-image-generic-hwe-"$(lsb_release -sr)" 2>/dev/null|head -n1|grep -c hwe-"$(lsb_release -sr)")" if [ "$HWE_VIR_MOD" = "1" ]; then apt-get -y install \ linux-image-generic-hwe-"$(lsb_release -sr)" else apt-get -y install \ linux-image-generic \ linux-modules-extra-"$(uname -r)" fi echo " #-------------------------------------------------- # Install Jibri #-------------------------------------------------- " apt-get -y install \ jibri \ openjdk-11-jre-headless echo "# Installing Google Chrome / ChromeDriver" if [ "$GOOGLE_ACTIVE_REPO" = "main" ]; then echo "Google repository already set." else echo "Installing Google Chrome Stable" curl -s https://dl.google.com/linux/linux_signing_key.pub | \ gpg --dearmor | tee /etc/apt/trusted.gpg.d/google-chrome-key.gpg >/dev/null echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | tee "$GOOGL_REPO" fi apt-get -q2 update apt-get install -yq2 google-chrome-stable rm -rf "$GOOGL_REPO" G_CHROME=$(apt-cache madison google-chrome-stable|awk '{print$3}'|cut -d. -f1-3) CHROMELAB_URL="https://googlechromelabs.github.io/chrome-for-testing" CHD_LTST_DWNL=$(curl -s $CHROMELAB_URL/known-good-versions-with-downloads.json | \ jq -r ".versions[].downloads.chromedriver | \ select(. != null) | .[].url" | grep linux64 | \ grep "$G_CHROME" | tail -1) CHD_LTST=$(awk -F '/' '{print$7}' <<< "$CHD_LTST_DWNL") GCMP_JSON="/etc/opt/chrome/policies/managed/managed_policies.json" if [ -f /usr/local/bin/chromedriver ]; then echo "Chromedriver already installed." else echo "Installing Chromedriver" wget -q "$CHD_LTST_DWNL" \ -O /tmp/chromedriver_linux64.zip unzip -o /tmp/chromedriver_linux64.zip -d /usr/local/bin/ mv /usr/local/bin/chromedriver-linux64/chromedriver /usr/local/bin/chromedriver chown root:root /usr/local/bin/chromedriver chmod 0755 /usr/local/bin/chromedriver rm -rf /tmp/chromedriver_linux64.zip fi printf "\nCheck Google Software Working...\n" /usr/bin/google-chrome --version /usr/local/bin/chromedriver --version | awk '{print$1,$2}' echo ' ######################################################################## Start Jibri configuration ######################################################################## ' printf "\nRemove Chrome warning...\n" mkdir -p /etc/opt/chrome/policies/managed echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' > "$GCMP_JSON" # Recording directory if [ ! -d "$DIR_RECORD" ]; then mkdir "$DIR_RECORD" fi chown -R jibri:jibri "$DIR_RECORD" cat << REC_DIR > "$REC_DIR" #!/bin/bash RECORDINGS_DIR="$DIR_RECORD" echo "This is a dummy finalize script" > /tmp/finalize.out echo "The script was invoked with recordings directory $RECORDINGS_DIR." >> /tmp/finalize.out echo "You should put any finalize logic (renaming, uploading to a service" >> /tmp/finalize.out echo "or storage provider, etc.) in this script" >> /tmp/finalize.out chmod -R 770 \$RECORDINGS_DIR LJF_PATH="\$(find \$RECORDINGS_DIR -exec stat --printf="%Y\t%n\n" {} \; | sort -nr|sed 1d|awk '{print\$2}'| grep -v "meta\|_" | head -n1)" NJF_NAME="\$(find \$LJF_PATH |grep "mp4"|sed "s|\$LJF_PATH/||"|cut -d "." -f1)" NJF_PATH="\$RECORDINGS_DIR/\$NJF_NAME" mv \$LJF_PATH \$NJF_PATH exit 0 REC_DIR chown jibri:jibri "$REC_DIR" chmod +x "$REC_DIR" ## New Jibri Config (2020) mv "$JIBRI_CONF" "${JIBRI_CONF}"-dpkg-file cp files/jibri.conf "$JIBRI_CONF" sed -i "s|JIBRI_RES_CONF|$JIBRI_RES_CONF|g" "$JIBRI_CONF" sed -i "s|DIR_RECORD|$DIR_RECORD|g" "$JIBRI_CONF" sed -i "s|REC_DIR|$REC_DIR|g" "$JIBRI_CONF" sed -i "s|JB_NAME|$JB_NAME|g" "$JIBRI_CONF" sed -i "s|DOMAIN|$DOMAIN|g" "$JIBRI_CONF" sed -i "s|JibriBrewery|$JibriBrewery|g" "$JIBRI_CONF" sed -i "s|JB_AUTH_PASS|$JB_AUTH_PASS|g" "$JIBRI_CONF" sed -i "s|JB_REC_PASS|$JB_REC_PASS|g" "$JIBRI_CONF" #Jibri xorg resolution sed -i "s|[[:space:]]Virtual .*|Virtual $JIBRI_RES_XORG_CONF|" "$JIBRI_XORG_CONF" echo -e "\n---- Create random nodesync user ----" useradd -m -g jibri "$NJN_USER" echo "$NJN_USER:$NJN_USER_PASS" | chpasswd echo -e "\n---- We'll connect to main server ----" read -n 1 -s -r -p "Press any key to continue..."$'\n' sudo su "$NJN_USER" -c "ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -o -a 200 -q -N ''" install -m 0600 -o jibri /home/"$NJN_USER"/.ssh/id_rsa /home/jibri/jbsync.pem sudo su jibri -c "install -D /dev/null /home/jibri/.ssh/known_hosts" sudo su jibri -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts" sudo su jibri -c "ssh-keyscan -t ed25519 $MAIN_SRV_DOMAIN >> /home/jibri/.ssh/known_hosts" echo -e "\n\n##################\nRemote pass: $MJS_USER_PASS\n################## \n\n" ssh-keyscan -t rsa "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts ssh-keyscan -t ed25519 "$MAIN_SRV_DOMAIN" >> ~/.ssh/known_hosts ssh "$MJS_USER"@"$MAIN_SRV_DOMAIN" sh -c "'cat >> .ssh/authorized_keys'" < /home/"$NJN_USER"/.ssh/id_rsa.pub sudo su "$NJN_USER" -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts" echo -e "\n---- Setup Log system ----" cat << INOT_RSYNC > /etc/jitsi/jibri/remote-jbsync.sh #!/bin/bash # Log process exec 3>&1 4>&2 trap 'exec 2>&4 1>&3' 0 1 2 3 exec 1>/var/log/"$NJN_USER"/remote_jnsync.log 2>&1 # Run sync while true; do inotifywait -t 60 -r -e modify,attrib,close_write,move,delete "$DIR_RECORD" sudo su "$NJN_USER" -c "rsync -Aax --info=progress2 --remove-source-files --exclude '.*/' $DIR_RECORD/ $MJS_USER@$MAIN_SRV_DOMAIN:$DIR_RECORD" find "$DIR_RECORD" -depth -type d -empty -not -path "$DIR_RECORD" -delete done INOT_RSYNC mkdir /var/log/"$NJN_USER" cat << LOG_ROT > /etc/logrotate.d/"$NJN_USER" /var/log/"$NJN_USER"/*.log { monthly missingok rotate 12 compress notifempty create 0640 root root sharedscripts postrotate service remote_jnsync restart endscript } LOG_ROT echo -e "\n---- Create systemd service file ----" cat << REMOTE_SYNC_SERVICE > /etc/systemd/system/remote_jnsync.service [Unit] Description = Sync Node to Main Jibri Service After = network.target [Service] PIDFile = /run/syncservice/remote_jnsync.pid User = root Group = root WorkingDirectory = /var ExecStartPre = /bin/mkdir /run/syncservice ExecStartPre = /bin/chown -R root:root /run/syncservice ExecStart = /bin/bash /etc/jitsi/jibri/remote-jbsync.sh ExecReload = /bin/kill -s HUP \$MAINPID ExecStop = /bin/kill -s TERM \$MAINPID ExecStopPost = /bin/rm -rf /run/syncservice PrivateTmp = true [Install] WantedBy = multi-user.target REMOTE_SYNC_SERVICE chmod 755 /etc/systemd/system/remote_jnsync.service systemctl daemon-reload systemctl enable remote_jnsync.service systemctl start remote_jnsync.service #Enable jibri services systemctl enable jibri systemctl enable jibri-xorg systemctl enable jibri-icewm check_snd_driver echo " ######################################################################## Node addition complete!! For customized support: http://switnet.net ######################################################################## " echo "Make sure to reboot, it's necessary before *any* usage. Rebooting in..." secs=$((15)) while [ "$secs" -gt 0 ]; do echo -ne "$secs\033[0K\r" sleep 1 : $((secs--)) done reboot