From c4a796851d6f680a5a262543335e58252b4f894e Mon Sep 17 00:00:00 2001
From: Martin Winkler <efelon@winklerfamilie.eu>
Date: Thu, 16 Apr 2020 14:25:09 +0200
Subject: [PATCH] Adding post installation tasks as information until they will
 be implemented automatically

---
 seqs/jitsi.sh | 67 ++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 66 insertions(+), 1 deletion(-)

diff --git a/seqs/jitsi.sh b/seqs/jitsi.sh
index 622eae7..ab19277 100755
--- a/seqs/jitsi.sh
+++ b/seqs/jitsi.sh
@@ -23,7 +23,6 @@ WDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >>/dev/null 2>&1 && pwd )"
 step_1_info() { echo "Installation prerequisits"; }
 step_1_alias() { ALIAS="prepare"; }
 step_1() {
-  exe read -p "Make sure SSL certificates are available. Enter to continue"
   exe apt install gnupg2 git lsb-release ssl-cert ca-certificates apt-transport-https \
     tree locate software-properties-common dirmngr screen htop nano net-tools zip unzip \
     curl ffmpeg ghostscript libfile-fcntllock-perl curl socat
@@ -61,6 +60,7 @@ step_6() {
 }
 
 step_7() {
+  echo " [I] Configure ufw firewall"
   exe ufw allow 22/tcp
   exe ufw allow 80/tcp
   exe ufw allow 443/tcp
@@ -69,5 +69,70 @@ step_7() {
   exe ufw logging medium && ufw default deny incoming && ufw enable && service ufw restart
 }
 
+step_8_alias() { ALIAS="install"; }
+step_8() {
+  exe read -p "Make sure SSL certificates are available. Enter to continue"
+  exe apt install jitsi-meet -y
+}
+
+step_9() {
+  exe mv /etc/nginx/conf.d/default /etc/nginx/sites-available
+  exe mv /etc/nginx/sites-available/*.conf /etc/nginx/conf.d
+  exe service nginx restart
+}
+
+step_10_info() { echo "WIP post install tasks"; }
+step_10() {
+  echo " [I] Tasks to be automated"
+  echo
+  echo "  *  Move nginx jitsi config to /etc/nginx/conf.d"
+  echo "     New nginx version doesn't support sites-available / sites-enabled."
+  echo
+  echo "  *  Make jitsi installation password protected"
+  echo "     (https://github.com/jitsi/jicofo#secure-domain)"
+  echo "     Creating new rooms will require username and password"
+  echo
+  echo "  ** /etc/prosody/conf.avail/[your-hostname].cfg.lua"
+  echo 
+  echo "     a) Enable authentication on your main domain:"
+  echo
+  echo "        VirtualHost \"jitsi-meet.example.com\""
+  echo "            authentication = \"internal_plain\""
+  echo
+  echo "     b) Add new virtual host with anonymous login method for guests:"
+  echo
+  echo "        VirtualHost \"guest.jitsi-meet.example.com\""
+  echo "            authentication = \"anonymous\""
+  echo "            c2s_require_encryption = false"
+  echo
+  echo "  ** /etc/jitsi/meet/[your-hostname]-config.js"
+  echo
+  echo "        var config = {"
+  echo "            hosts: {"
+  echo "                    domain: 'jitsi-meet.example.com',"
+  echo "                    anonymousdomain: 'guest.jitsi-meet.example.com',"
+  echo "                    ..."
+  echo "                   },"
+  echo "                   ..."
+  echo "        }"
+  echo
+  echo "  ** /etc/jitsi/jicofo/sip-communicator.properties"
+  echo "     add new line:"
+  echo
+  echo "        org.jitsi.jicofo.auth.URL=XMPP:jitsi-meet.example.com"
+  echo
+  echo "  ** Create prosody user(s):"
+  echo
+  echo "        prosodyctl register <username> jitsi-meet.example.com <password>"
+  echo
+  echo " [I] Use step \"restart\" after these changes"
+}
+
+step_20_alias() { ALIAS="restart"; }
+step_20() {
+  echo " [I] Restart jitsi-meet components"
+  exe service prosody restart && service jicofo restart && service jitsi-videobridge2 restart
+}
+  
 VERSION_SEQREV=10
 . /usr/local/bin/sequencer.sh