348 lines
10 KiB
Bash
348 lines
10 KiB
Bash
#!/bin/bash
|
|
# JVB2 Node Aggregator
|
|
# SwITNet Ltd © - 2020, https://switnet.net/
|
|
# GPLv3 or later.
|
|
|
|
### 0_LAST EDITION TIME STAMP ###
|
|
# LETS: AUTOMATED_EDITION_TIME
|
|
### 1_LAST EDITION ###
|
|
|
|
#Make sure the file name is the required one
|
|
if [ ! "$(basename $0)" = "add-jvb2-node.sh" ]; then
|
|
echo "For most cases naming won't matter, for this one it does."
|
|
echo "Please use the original name for this script: \`add-jvb2-node.sh', and run again."
|
|
exit
|
|
fi
|
|
|
|
while getopts m: option
|
|
do
|
|
case "${option}"
|
|
in
|
|
m) MODE=${OPTARG};;
|
|
\?) echo "Usage: sudo ./add-jvb2-node.sh [-m debug]" && exit;;
|
|
esac
|
|
done
|
|
|
|
#DEBUG
|
|
if [ "$MODE" = "debug" ]; then
|
|
set -x
|
|
fi
|
|
|
|
#Check admin rights
|
|
if ! [ "$(id -u)" = 0 ]; then
|
|
echo "You need to be root or have sudo privileges!"
|
|
exit 0
|
|
fi
|
|
|
|
### 0_VAR_DEF
|
|
MAIN_SRV_DIST=TBD
|
|
MAIN_SRV_REPO=TBD
|
|
MAIN_SRV_DOMAIN=TBD
|
|
|
|
JVB_HOSTNAME=TBD
|
|
JVB_HOST=TBD
|
|
JVB_PORT=TBD
|
|
JVB_SECRET=TBD
|
|
JVB_OPTS=TBD
|
|
SYS_PROPS=TBD
|
|
AWS_HARVEST=TBD
|
|
STUN_MAPPING=TBD
|
|
ENABLE_STATISTICS=TBD
|
|
SHARD_HOSTNAME=TBD
|
|
SHARD_DOMAIN=TBD
|
|
SHARD_PASS=TBD
|
|
MUC_JID=TBD
|
|
|
|
MJS_USER=TBD
|
|
MJS_USER_PASS=TBD
|
|
START=0
|
|
LAST=TBD
|
|
|
|
THIS_SRV_DIST=$(lsb_release -sc)
|
|
JITSI_REPO=$(apt-cache policy | grep http | grep jitsi | grep stable | awk '{print $3}' | head -n 1 | cut -d "/" -f1)
|
|
JVB2_CONF="/etc/jitsi/videobridge/config"
|
|
JVB2_NCONF="/etc/jitsi/videobridge/jvb.conf"
|
|
JVB2_SIP="/etc/jitsi/videobridge/sip-communicator.properties"
|
|
#PUBLIC_IP="$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)"
|
|
NJN_RAND_TAIL="$(tr -dc "a-zA-Z0-9" < /dev/urandom | fold -w 4 | head -n1)"
|
|
NJN_USER="jvbnode${ADDUP}_${NJN_RAND_TAIL}"
|
|
NJN_USER_PASS="$(tr -dc "a-zA-Z0-9#_*=" < /dev/urandom | fold -w 32 | head -n1)"
|
|
#GITHUB_RAW="https://raw.githubusercontent.com"
|
|
#GIT_REPO="switnet-ltd/quick-jibri-installer"
|
|
### 1_VAR_DEF
|
|
|
|
# sed limiters for add-jvb2-node.sh variables
|
|
var_dlim() {
|
|
grep -n $1 add-jvb2-node.sh|head -n1|cut -d ":" -f1
|
|
}
|
|
|
|
check_var() {
|
|
if [ -z "$2" ]; then
|
|
echo -e "Check if variable $1 is set: \xE2\x9C\x96 \nExiting..."
|
|
exit
|
|
else
|
|
echo -e "Check if variable $1 is set: \xE2\x9C\x94"
|
|
fi
|
|
}
|
|
|
|
if [ -z "$LAST" ]; then
|
|
echo "There is an error on the LAST definition, please report."
|
|
exit
|
|
elif [ "$LAST" = "TBD" ]; then
|
|
ADDUP=$((START + 1))
|
|
else
|
|
ADDUP=$((LAST + 1))
|
|
fi
|
|
|
|
#Check server and node OS
|
|
if [ ! "$THIS_SRV_DIST" = "$MAIN_SRV_DIST" ]; then
|
|
echo "Please use the same OS for the JVB2 setup on both servers."
|
|
echo "This server is based on: $THIS_SRV_DIST"
|
|
echo "The main server record claims is based on: $MAIN_SRV_DIST"
|
|
exit
|
|
fi
|
|
|
|
#Check system resources
|
|
echo "Verifying System Resources:"
|
|
if [ "$(nproc --all)" -lt 4 ];then
|
|
echo "
|
|
Warning!: The system do not meet the CPU recomendations for a JVB node for heavy loads.
|
|
>> We recommend 4 cores/threads for JVB2!
|
|
"
|
|
CPU_MIN="N"
|
|
else
|
|
echo "CPU Cores/Threads: OK ($(nproc --all))"
|
|
CPU_MIN="Y"
|
|
fi
|
|
### Test RAM size (8GB min) ###
|
|
mem_available=$(grep MemTotal /proc/meminfo| grep -o '[0-9]\+')
|
|
if [ ${mem_available} -lt 7700000 ]; then
|
|
echo "
|
|
Warning!: The system do not meet the CPU recomendations for a JVB node for heavy loads.
|
|
>> We recommend 8GB RAM for JVB2!
|
|
"
|
|
MEM_MIN="N"
|
|
else
|
|
echo "Memory: OK ($((mem_available/1024)) MiB)"
|
|
MEM_MIN="Y"
|
|
fi
|
|
if [ "$CPU_MIN" = "Y" ] && [ "$MEM_MIN" = "Y" ];then
|
|
echo "All requirements seems meet!"
|
|
echo "
|
|
- We hope you have a nice recording/streaming session
|
|
"
|
|
else
|
|
echo "CPU ($(nproc --all))/RAM ($((mem_available/1024)) MiB) does NOT meet minimum recommended requirements!"
|
|
echo "We highly advice to increase the resources in order to install this JVB2 node."
|
|
while [[ "$CONTINUE_LOW_RES" != "yes" && "$CONTINUE_LOW_RES" != "no" ]]
|
|
do
|
|
read -p "> Do you want to continue?: (yes or no)"$'\n' -r CONTINUE_LOW_RES
|
|
if [ "$CONTINUE_LOW_RES" = "no" ]; then
|
|
echo "See you next time with more resources!..."
|
|
exit
|
|
elif [ "$CONTINUE_LOW_RES" = "yes" ]; then
|
|
echo "Please keep in mind that we might not support underpowered nodes."
|
|
fi
|
|
done
|
|
fi
|
|
|
|
echo "
|
|
#-----------------------------------------------------------------------
|
|
# Checking initial necessary variables...
|
|
#-----------------------------------------------------------------------"
|
|
|
|
check_var JVB_HOSTNNAME "$JVB_HOSTNAME"
|
|
if [ -z $JVB_HOST ]; then
|
|
echo "JVB_HOST is empty, but it may be ok for it to be empty, skipping empty test."
|
|
else
|
|
check_var JVB_HOST "$JVB_HOST"
|
|
fi
|
|
check_var JVB_PORT "$JVB_PORT"
|
|
check_var JVB_SECRET "$JVB_SECRET"
|
|
check_var JVB_OPTS "$JVB_OPTS"
|
|
check_var SYS_PROPS "$SYS_PROPS"
|
|
check_var AWS_HARVEST "$AWS_HARVEST"
|
|
check_var STUN_MAPPING "$STUN_MAPPING"
|
|
check_var ENABLE_STATISTICS "$ENABLE_STATISTICS"
|
|
check_var SHARD_HOSTNAME "$SHARD_HOSTNAME"
|
|
check_var SHARD_DOMAIN "$SHARD_DOMAIN"
|
|
check_var SHARD_PASS "$SHARD_PASS"
|
|
check_var MUC_JID "$MUC_JID"
|
|
check_var MAIN_SRV_DOMAIN "$MAIN_SRV_DOMAIN"
|
|
|
|
# Rename hostname for each jvb2 node
|
|
hostnamectl set-hostname "jvb${ADDUP}.${MAIN_SRV_DOMAIN}"
|
|
sed -i "1i 127.0.0.1 jvb${ADDUP}.${MAIN_SRV_DOMAIN}" /etc/hosts
|
|
|
|
# Jitsi-Meet Repo
|
|
echo "Add Jitsi repo"
|
|
if [ -z "$JITSI_REPO" ]; then
|
|
echo "deb http://download.jitsi.org $MAIN_SRV_REPO/" > /etc/apt/sources.list.d/jitsi-$MAIN_SRV_REPO.list
|
|
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
|
|
elif [ ! "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
|
|
echo "Main and node servers repository don't match, extiting.."
|
|
exit
|
|
elif [ "$JITSI_REPO" = "$MAIN_SRV_REPO" ]; then
|
|
echo "Main and node servers repository match, continuing..."
|
|
else
|
|
echo "Jitsi $JITSI_REPO repository already installed"
|
|
fi
|
|
|
|
# Requirements
|
|
echo "We'll start by installing system requirements this may take a while please be patient..."
|
|
apt-get update -q2
|
|
apt-get dist-upgrade -yq2
|
|
|
|
apt-get -y install \
|
|
apt-show-versions \
|
|
bmon \
|
|
curl \
|
|
git \
|
|
htop \
|
|
ssh \
|
|
unzip \
|
|
wget
|
|
|
|
echo "# Check and Install HWE kernel if possible..."
|
|
HWE_VIR_MOD=$(apt-cache madison linux-modules-extra-virtual-hwe-$(lsb_release -sr) 2>/dev/null|head -n1|grep -c "extra-virtual-hwe")
|
|
if [ "$HWE_VIR_MOD" == "1" ]; then
|
|
apt-get -y install \
|
|
linux-image-generic-hwe-$(lsb_release -sr) \
|
|
linux-modules-extra-virtual-hwe-$(lsb_release -sr)
|
|
else
|
|
apt-get -y install \
|
|
linux-modules-extra-$(uname -r)
|
|
fi
|
|
|
|
echo "
|
|
#--------------------------------------------------
|
|
# Install JVB2
|
|
#--------------------------------------------------
|
|
"
|
|
echo "jitsi-videobridge/jvb-hostname string $MAIN_SRV_DOMAIN" | debconf-set-selections
|
|
|
|
apt-get -y install \
|
|
jitsi-videobridge2 \
|
|
openjdk-8-jre-headless
|
|
|
|
echo '
|
|
########################################################################
|
|
Start JVB2 configuration
|
|
########################################################################
|
|
'
|
|
|
|
mv $JVB2_CONF ${JVB2_CONF}-dpkg-file
|
|
|
|
## JVB2 - CONFIG
|
|
cat << JVB2_CONF > $JVB2_CONF
|
|
# Jitsi Videobridge settings
|
|
|
|
# sets the XMPP domain (default: none)
|
|
JVB_HOSTNAME=$JVB_HN
|
|
|
|
# sets the hostname of the XMPP server (default: domain if set, localhost otherwise)
|
|
JVB_HOST=$JVB_HOST
|
|
|
|
# sets the port of the XMPP server (default: 5275)
|
|
JVB_PORT=$JVB_PORT
|
|
|
|
# sets the shared secret used to authenticate to the XMPP server
|
|
JVB_SECRET=$JVB_SECRET
|
|
|
|
# extra options to pass to the JVB daemon
|
|
JVB_OPTS=$JVB_OPTS
|
|
|
|
# adds java system props that are passed to jvb (default are for home and logging config file)
|
|
JAVA_SYS_PROPS=$SYS_PROPS
|
|
|
|
JVB2_CONF
|
|
|
|
|
|
mv $JVB2_SIP $JVB2_SIP-dpkg-file
|
|
## JVB2 - SIP
|
|
cat << JVB2_SIP > $JVB2_SIP
|
|
# Legacy conf file, new format already at
|
|
# /etc/jitsi/videobridge/jvb.conf
|
|
# --add-jvb2-node.sh
|
|
JVB2_SIP
|
|
|
|
echo -e "\n---- Setting new config format for jvb2 node. ----"
|
|
sed -i '$/}/d' $JVB2_NCONF
|
|
cat << JVB2 >> /etc/jitsi/videobridge/jvb.conf
|
|
stats {
|
|
# Enable broadcasting stats/presence in a MUC
|
|
enabled = true
|
|
transports = [
|
|
{ type = "muc" }
|
|
]
|
|
}
|
|
|
|
apis {
|
|
xmpp-client {
|
|
configs {
|
|
# Connect to the first XMPP server
|
|
xmpp-server-$ADDUP {
|
|
hostname="$MAIN_SRV_DOMAIN"
|
|
domain = "auth.$MAIN_SRV_DOMAIN"
|
|
username = "jvb"
|
|
password = "$SHARD_PASS"
|
|
muc_jids = "JvbBrewery@internal.auth.$MAIN_SRV_DOMAIN"
|
|
# The muc_nickname must be unique across all jitsi-videobridge instances
|
|
muc_nickname = "jvb2-$ADDUP"
|
|
disable_certificate_verification = true
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
JVB2
|
|
|
|
echo -e "\n---- Create random nodesync user ----"
|
|
useradd -m -g jitsi $NJN_USER
|
|
echo "$NJN_USER:$NJN_USER_PASS" | chpasswd
|
|
|
|
echo -e "\n---- We'll connect to main server ----"
|
|
read -n 1 -s -r -p "Press any key to continue..."$'\n'
|
|
sudo su $NJN_USER -c "ssh-keygen -t rsa -f ~/.ssh/id_rsa -b 4096 -o -a 100 -q -N ''"
|
|
echo "Remote pass: $MJS_USER_PASS"
|
|
ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> ~/.ssh/known_hosts
|
|
ssh $MJS_USER@$MAIN_SRV_DOMAIN sh -c "'cat >> .ssh/authorized_keys'" < /home/$NJN_USER/.ssh/id_rsa.pub
|
|
sudo su $NJN_USER -c "ssh-keyscan -t rsa $MAIN_SRV_DOMAIN >> /home/$NJN_USER/.ssh/known_hosts"
|
|
|
|
echo "Writting last node number..."
|
|
sed -i "$(var_dlim 0_VAR),$(var_dlim 1_VAR){s|LAST=.*|LAST=$ADDUP|}" add-jvb2-node.sh
|
|
sed -i "$(var_dlim 0_LAST),$(var_dlim 1_LAST){s|LETS: .*|LETS: $(date -R)|}" add-jvb2-node.sh
|
|
echo "Last file edition at: $(grep "LETS:" add-jvb2-node.sh|head -n1|awk -F'LETS:' '{print$2}')"
|
|
|
|
#Enable jvb2 services
|
|
systemctl enable jitsi-videobridge2.service
|
|
systemctl restart jitsi-videobridge2.service
|
|
|
|
echo -e "\nSending updated add-jvb2-node.sh file to main server sync user...\n"
|
|
cp $PWD/add-jvb2-node.sh /tmp
|
|
sudo -u $NJN_USER scp /tmp/add-jvb2-node.sh $MJS_USER@$MAIN_SRV_DOMAIN:/home/$MJS_USER/
|
|
rm $PWD/add-jvb2-node.sh /tmp/add-jvb2-node.sh
|
|
|
|
echo "
|
|
########################################################################
|
|
Node addition complete!!
|
|
|
|
IMPORTANT:
|
|
The updated version of this file has been sent to the main server
|
|
at the sync user home directory, please use that one in order to
|
|
install new nodes. For security reason this version has been deleted
|
|
from this very node.
|
|
|
|
For customized support: http://switnet.net
|
|
########################################################################
|
|
"
|
|
|
|
echo "Rebooting in..."
|
|
secs=$((15))
|
|
while [ $secs -gt 0 ]; do
|
|
echo -ne "$secs\033[0K\r"
|
|
sleep 1
|
|
: $((secs--))
|
|
done
|
|
reboot
|