146 lines
4.7 KiB
Bash
Executable File
146 lines
4.7 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
toolName="jitsi-meet"
|
|
|
|
# Get script working directory
|
|
# (when called from a different directory)
|
|
WDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >>/dev/null 2>&1 && pwd )"
|
|
#CONFIG=0
|
|
#CONFIG_FILE_NAME="${toolName}.cfg"
|
|
#CONFIG_FILE_TEMPLATE="$WDIR/${CONFIG_FILE_NAME}.example"
|
|
|
|
#step_config() {
|
|
#echo "Called once before executing steps."
|
|
## e.g. to source a config file manually:
|
|
#. "$CONFIG_FILE"
|
|
## or to use sequencer api:
|
|
#initSeqConfig "$CONFIG_FILE_NAME" "$CONFIG_FILE_TEMPLATE"
|
|
#if [ $? -eq 0 ] ; then
|
|
# CONFIG=1
|
|
#fi
|
|
#}
|
|
|
|
step_1_info() { echo "Installation of prerequisits"; }
|
|
step_1_alias() { ALIAS="prepare"; }
|
|
step_1() {
|
|
exe apt install gnupg2 git lsb-release ssl-cert ca-certificates apt-transport-https \
|
|
tree locate software-properties-common dirmngr screen htop nano net-tools zip unzip \
|
|
curl ffmpeg ghostscript libfile-fcntllock-perl curl socat
|
|
}
|
|
|
|
step_2_info() { echo "Add universe and official nginx apt repositories"; }
|
|
step_2() {
|
|
apt-add-repository universe
|
|
exep "echo \"deb [arch=amd64] http://nginx.org/packages/mainline/ubuntu $(lsb_release -cs) nginx\" | tee /etc/apt/sources.list.d/nginx.list"
|
|
exep "curl -fsSL https://nginx.org/keys/nginx_signing.key | sudo apt-key add -"
|
|
}
|
|
|
|
step_3_info() { echo "Add official $toolName apt repository"; }
|
|
step_3() {
|
|
exep "echo \"deb https://download.jitsi.org stable/\" | tee /etc/apt/sources.list.d/jitsi.list"
|
|
exep "wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | sudo apt-key add -"
|
|
}
|
|
|
|
step_4_info() { echo "Upgrade system packages"; }
|
|
step_4() {
|
|
exe apt update && apt upgrade
|
|
}
|
|
|
|
step_5_info() { echo "Install nginx webserver"; }
|
|
step_5_alias() { ALIAS="webserver"; }
|
|
step_5() {
|
|
exe apt install nginx
|
|
endReturn -o $? "Installation of webserver nginx failed"
|
|
exe mkdir -p /etc/nginx/sites-available
|
|
exe mkdir -p /etc/nginx/sites-enabled
|
|
exe mkdir -p /etc/nginx/modules-enabled
|
|
exe systemctl enable nginx.service
|
|
}
|
|
|
|
step_6_info() { echo "Install ufw firewall"; }
|
|
step_6_alias() { ALIAS="firewall"; }
|
|
step_6() {
|
|
exe apt install ufw
|
|
endReturn -o $? "Installation of firewall ufw failed"
|
|
}
|
|
|
|
step_7_info() { echo "Setup ufw firewall to run $toolName"; }
|
|
step_7() {
|
|
echo " [I] Configure ufw firewall"
|
|
exe ufw allow 22/tcp
|
|
exe ufw allow 80/tcp
|
|
exe ufw allow 443/tcp
|
|
exe ufw allow 4443/tcp
|
|
exe ufw allow 10000/udp
|
|
exe ufw logging medium && ufw default deny incoming && ufw enable && service ufw restart
|
|
}
|
|
|
|
step_8_info() { echo "Install $toolName"; }
|
|
step_8_alias() { ALIAS="install"; }
|
|
step_8() {
|
|
exe read -p "Make sure SSL certificates are available. Enter to continue"
|
|
exe apt install jitsi-meet -y
|
|
}
|
|
|
|
step_9_info() { echo "Move automatically generated $toolName virutal host to new configuration directory"; }
|
|
step_9() {
|
|
exe mv /etc/nginx/sites-available/*.conf /etc/nginx/conf.d
|
|
exe mv /etc/nginx/conf.d/default.conf /etc/nginx/sites-available
|
|
exe service nginx restart
|
|
echo " [I] Check /etc/nginx/conf.d for unwanted configurations"
|
|
}
|
|
|
|
step_10_info() { echo "WIP post-install tasks"; }
|
|
step_10() {
|
|
echo " [I] Tasks to be automated"
|
|
echo
|
|
echo " * Make jitsi installation password protected"
|
|
echo " (https://github.com/jitsi/jicofo#secure-domain)"
|
|
echo " Creating new rooms will require username and password"
|
|
echo
|
|
echo " ** /etc/prosody/conf.avail/[your-hostname].cfg.lua"
|
|
echo
|
|
echo " a) Enable authentication on your main domain:"
|
|
echo
|
|
echo " VirtualHost \"jitsi-meet.example.com\""
|
|
echo " authentication = \"internal_plain\""
|
|
echo
|
|
echo " b) Add new virtual host with anonymous login method for guests:"
|
|
echo
|
|
echo " VirtualHost \"guest.jitsi-meet.example.com\""
|
|
echo " authentication = \"anonymous\""
|
|
echo " c2s_require_encryption = false"
|
|
echo
|
|
echo " ** /etc/jitsi/meet/[your-hostname]-config.js"
|
|
echo
|
|
echo " var config = {"
|
|
echo " hosts: {"
|
|
echo " domain: 'jitsi-meet.example.com',"
|
|
echo " anonymousdomain: 'guest.jitsi-meet.example.com',"
|
|
echo " ..."
|
|
echo " },"
|
|
echo " ..."
|
|
echo " }"
|
|
echo
|
|
echo " ** /etc/jitsi/jicofo/sip-communicator.properties"
|
|
echo " add new line:"
|
|
echo
|
|
echo " org.jitsi.jicofo.auth.URL=XMPP:jitsi-meet.example.com"
|
|
echo
|
|
echo " ** Create prosody user(s):"
|
|
echo
|
|
echo " prosodyctl register <username> jitsi-meet.example.com <password>"
|
|
echo
|
|
echo " [I] Use step \"restart\" after these changes"
|
|
}
|
|
|
|
step_20_info() { echo "Restart all $toolName components"; }
|
|
step_20_alias() { ALIAS="restart"; }
|
|
step_20() {
|
|
echo " [I] Restart jitsi-meet components"
|
|
exep "service prosody restart&& service jicofo restart && service jitsi-videobridge2 restart"
|
|
}
|
|
|
|
VERSION_SEQREV=10
|
|
. /usr/local/bin/sequencer.sh
|