quick-jibri-installer/add-jvb2-node.sh

348 lines
10 KiB
Bash

#!/bin/bash
# JVB2 Node Aggregator
# SwITNet Ltd © - 2020, https://switnet.net/
# GPLv3 or later.
### 0_LAST EDITION TIME STAMP ###
# LETS: AUTOMATED_EDITION_TIME
### 1_LAST EDITION ###
#Make sure the file name is the required one
if [ ! "$(basename $0)" = "add-jvb2-node.sh" ]; then
echo "For most cases naming won't matter, for this one it does."
echo "Please use the original name for this script: \`add-jvb2-node.sh', and run again."
exit
fi
while getopts m: option
do
case "${option}"
in
m) MODE=${OPTARG};;
\?) echo "Usage: sudo ./add-jvb2-node.sh [-m debug]" && exit;;
esac
done
#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi
#Check admin rights
if ! [ "$(id -u)" = 0 ]; then
echo "You need to be root or have sudo privileges!"
exit 0
fi
### 0_VAR_DEF
MAIN_SRV_DIST=TBD
MAIN_SRV_REPO=TBD
MAIN_SRV_DOMAIN=TBD
JVB_HOSTNAME=TBD
JVB_HOST=TBD
JVB_PORT=TBD
JVB_SECRET=TBD
JVB_OPTS=TBD
SYS_PROPS=TBD
AWS_HARVEST=TBD
STUN_MAPPING=TBD
ENABLE_STATISTICS=TBD
SHARD_HOSTNAME=TBD
SHARD_DOMAIN=TBD
SHARD_PASS=TBD
MUC_JID=TBD
MJS_USER=TBD
MJS_USER_PASS=TBD
START=0
LAST=TBD
THIS_SRV_DIST=$(lsb_release -sc)
JITSI_REPO=$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f1)
JVB2_CONF="/etc/jitsi/videobridge/config"
JVB2_NCONF="/etc/jitsi/videobridge/jvb.conf"
JVB2_SIP="/etc/jitsi/videobridge/sip-communicator.properties"
#PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)"
NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
NJN_USER="jvbnode${ADDUP}_${NJN_RAND_TAIL}"
NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)"
#GITHUB_RAW="https://raw.githubusercontent.com"
#GIT_REPO="switnet-ltd/quick-jibri-installer"
### 1_VAR_DEF
# sed limiters for add-jvb2-node.sh variables
var_dlim() {
grep -n $1 add-jvb2-node.sh|head -n1|cut -d ":" -f1
}
check_var() {
if [ -z "$2" ]; then
echo -e "Check if variable $1 is set: \xE2\x9C\x96 \nExiting..."
exit
else
echo -e "Check if variable $1 is set: \xE2\x9C\x94"
fi
}
if [ -z "$LAST" ]; then
echo "There is an error on the LAST definition, please report."
exit
elif [ "$LAST" = "TBD" ]; then
ADDUP=$((START + 1))
else
ADDUP=$((LAST + 1))
fi
#Check server and node OS
if [ ! "$THIS_SRV_DIST" = "$MAIN_SRV_DIST" ]; then
echo "Please use the same OS for the JVB2 setup on both servers."
echo "This server is based on: $THIS_SRV_DIST"
echo "The main server record claims is based on: $MAIN_SRV_DIST"
exit
fi
#Check system resources
echo "Verifying System Resources:"
if [ "$(nproc --all)" -lt 4 ];then
echo "
Warning!: The system do not meet the CPU recomendations for a JVB node for heavy loads.
>> We recommend 4 cores/threads for JVB2!
"
CPU_MIN="N"
else
echo "CPU Cores/Threads: OK ($(nproc --all))"
CPU_MIN="Y"
fi
### Test RAM size (8GB min) ###
mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+')
if [ ${mem_available} -lt 7700000 ]; then
echo "
Warning!: The system do not meet the CPU recomendations for a JVB node for heavy loads.
>> We recommend 8GB RAM for JVB2!
"
MEM_MIN="N"
else
echo "Memory: OK ($((mem_available/1024)) MiB)"
MEM_MIN="Y"
fi
if [ "$CPU_MIN" = "Y" ] && [ "$MEM_MIN" = "Y" ];then
echo "All requirements seems meet!"
echo "
- We hope you have a nice recording/streaming session
"
else
echo "CPU ($(nproc --all))/RAM ($((mem_available/1024)) MiB) does NOT meet minimum recommended requirements!"
echo "We highly advice to increase the resources in order to install this JVB2 node."
while [[ "$CONTINUE_LOW_RES" != "yes" && "$CONTINUE_LOW_RES" != "no" ]]
do
read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_LOW_RES
if [ "$CONTINUE_LOW_RES" = "no" ]; then
echo "See you next time with more resources!..."
exit
elif [ "$CONTINUE_LOW_RES" = "yes" ]; then
echo "Please keep in mind that we might not support underpowered nodes."
fi
done
fi
echo "
#-----------------------------------------------------------------------
# Checking initial necessary variables...
#-----------------------------------------------------------------------"
check_var JVB_HOSTNNAME "$JVB_HOSTNAME"
if [ -z $JVB_HOST ]; then
echo "JVB_HOST is empty, but it may be ok for it to be empty, skipping empty test."
else
check_var JVB_HOST "$JVB_HOST"
fi
check_var JVB_PORT "$JVB_PORT"
check_var JVB_SECRET "$JVB_SECRET"
check_var JVB_OPTS "$JVB_OPTS"
check_var SYS_PROPS "$SYS_PROPS"
check_var AWS_HARVEST "$AWS_HARVEST"
check_var STUN_MAPPING "$STUN_MAPPING"
check_var ENABLE_STATISTICS "$ENABLE_STATISTICS"
check_var SHARD_HOSTNAME "$SHARD_HOSTNAME"
check_var SHARD_DOMAIN "$SHARD_DOMAIN"
check_var SHARD_PASS "$SHARD_PASS"
check_var MUC_JID "$MUC_JID"
check_var MAIN_SRV_DOMAIN "$MAIN_SRV_DOMAIN"
# Rename hostname for each jvb2 node
hostnamectl set-hostname "jvb${ADDUP}.${MAIN_SRV_DOMAIN}"
sed -i "1i 127.0.0.1 jvb${ADDUP}.${MAIN_SRV_DOMAIN}" /etc/hosts
# Jitsi-Meet Repo
echo "Add Jitsi repo"
if [ -z "$JITSI_REPO" ]; then
echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-$MAIN_SRV_REPO.list
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository don't match, extiting.."
exit
elif [ "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
echo "Main and node servers repository match, continuing..."
else
echo "Jitsi $JITSI_REPO repository already installed"
fi
# Requirements
echo "We'll start by installing system requirements this may take a while please be patient..."
apt-get update -q2
apt-get dist-upgrade -yq2
apt-get -y install \
apt-show-versions \
bmon \
curl \
git \
htop \
ssh \
unzip \
wget
echo "# Check and Install HWE kernel if possible..."
HWE_VIR_MOD=$(apt-cache madison linux-modules-extra-virtual-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "extra-virtual-hwe")
if [ "$HWE_VIR_MOD" == "1" ]; then
apt-get -y install \
linux-image-generic-hwe-$(lsb_release -sr) \
linux-modules-extra-virtual-hwe-$(lsb_release -sr)
else
apt-get -y install \
linux-modules-extra-$(uname -r)
fi
echo "
#--------------------------------------------------
# Install JVB2
#--------------------------------------------------
"
echo "jitsi-videobridge/jvb-hostname string $MAIN_SRV_DOMAIN" | debconf-set-selections
apt-get -y install \
jitsi-videobridge2 \
openjdk-8-jre-headless
echo '
########################################################################
Start JVB2 configuration
########################################################################
'
mv $JVB2_CONF ${JVB2_CONF}-dpkg-file
## JVB2 - CONFIG
cat << JVB2_CONF > $JVB2_CONF
# Jitsi Videobridge settings
# sets the XMPP domain (default: none)
JVB_HOSTNAME=$JVB_HN
# sets the hostname of the XMPP server (default: domain if set, localhost otherwise)
JVB_HOST=$JVB_HOST
# sets the port of the XMPP server (default: 5275)
JVB_PORT=$JVB_PORT
# sets the shared secret used to authenticate to the XMPP server
JVB_SECRET=$JVB_SECRET
# extra options to pass to the JVB daemon
JVB_OPTS=$JVB_OPTS
# adds java system props that are passed to jvb (default are for home and logging config file)
JAVA_SYS_PROPS=$SYS_PROPS
JVB2_CONF
mv $JVB2_SIP $JVB2_SIP-dpkg-file
## JVB2 - SIP
cat << JVB2_SIP > $JVB2_SIP
# Legacy conf file, new format already at
# /etc/jitsi/videobridge/jvb.conf
# --add-jvb2-node.sh
JVB2_SIP
echo -e "\n---- Setting new config format for jvb2 node. ----"
sed -i '$/}/d' $JVB2_NCONF
cat << JVB2 >> /etc/jitsi/videobridge/jvb.conf
stats {
# Enable broadcasting stats/presence in a MUC
enabled = true
transports = [
{ type = "muc" }
]
}
apis {
xmpp-client {
configs {
# Connect to the first XMPP server
xmpp-server-$ADDUP {
hostname="$MAIN_SRV_DOMAIN"
domain = "auth.$MAIN_SRV_DOMAIN"
username = "jvb"
password = "$SHARD_PASS"
muc_jids = "JvbBrewery@internal.auth.$MAIN_SRV_DOMAIN"
# The muc_nickname must be unique across all jitsi-videobridge instances
muc_nickname = "jvb2-$ADDUP"
disable_certificate_verification = true
}
}
}
}
}
JVB2
echo -e "\n---- Create random nodesync user ----"
useradd -m -g jitsi $NJN_USER
echo "$NJN_USER:$NJN_USER_PASS" | chpasswd
echo -e "\n---- We'll connect to main server ----"
read -n 1 -s -r -p "Press any key to continue..."$'\n'
sudo su $NJN_USER -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
echo "Remote pass: $MJS_USER_PASS"
ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> ~/.ssh/known_hosts
ssh $MJS_USER@$MAIN_SRV_DOMAIN sh -c "'cat >> .ssh/authorized_keys'" < /home/$NJN_USER/.ssh/id_rsa.pub
sudo su $NJN_USER -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts"
echo "Writting last node number..."
sed -i "$(var_dlim 0_VAR),$(var_dlim 1_VAR){s|LAST=.*|LAST=$ADDUP|}" add-jvb2-node.sh
sed -i "$(var_dlim 0_LAST),$(var_dlim 1_LAST){s|LETS: .*|LETS: $(date -R)|}" add-jvb2-node.sh
echo "Last file edition at: $(grep "LETS:" add-jvb2-node.sh|head -n1|awk -F'LETS:' '{print$2}')"
#Enable jvb2 services
systemctl enable jitsi-videobridge2.service
systemctl restart jitsi-videobridge2.service
echo -e "\nSending updated add-jvb2-node.sh file to main server sync user...\n"
cp $PWD/add-jvb2-node.sh /tmp
sudo -u $NJN_USER scp /tmp/add-jvb2-node.sh $MJS_USER@$MAIN_SRV_DOMAIN:/home/$MJS_USER/
rm $PWD/add-jvb2-node.sh /tmp/add-jvb2-node.sh
echo "
########################################################################
Node addition complete!!
IMPORTANT:
The updated version of this file has been sent to the main server
at the sync user home directory, please use that one in order to
install new nodes. For security reason this version has been deleted
from this very node.
For customized support: http://switnet.net
########################################################################
"
echo "Rebooting in..."
secs=$((15))
while [ $secs -gt 0 ]; do
echo -ne "$secs\033[0K\r"
sleep 1
: $((secs--))
done
reboot