Work_Archive/VPS-scripts_MeetServer
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Inital commit

Browse Source
This commit is contained in:
Bram Prieshof
2020-10-22 16:47:36 +02:00
commit bc77502b0d
16 changed files with 795 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

105
Install-JIB.sh Normal file
View File

@@ -0,0 +1,105 @@
#######################
# JitsiMeet - JIB #
#######################
if [ ! -f "~/jistiMeet.var" ] ; then echo 'Please put "/etc/ICTM/JitsiMeet.var" from main server in "~/jistiMeet.var"' && exit ; fi
source ~/jistiMeet.var
##-----------------##
# Defining Vars #
##-----------------##
OUTPUT='/dev/tty'
#PackageManager-config
dist_ver=$(grep --color=never -Po "^VERSION_ID=\K.*" "/etc/os-release")
dist=$(grep --color=never -Po "^ID=\K.*" "/etc/os-release")
if [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"10"* ]]; then
PKGM="apt"
PKGI="${PKGM} install -y --no-install-recommends"
PKGLIST="apt"
shortdist=deb10
else
echo "This os in not supported"
exit
fi
unset dist_ver dist APTMODE
#Repo Vars
repo=https://git.ictmaatwerk.com/VPS-scripts/MeetServer
branch=main/JIB
branchtype=branch
#SelfBuilding Vars
mtype=""$repo"/raw/"$branchtype"/"$branch""
##---------------##
# Functions #
##---------------##
msg () {
echo "$1"
}
##--------------------------##
# Installer-Requirements #
##--------------------------##
msg " Starting installer" 8 78
$PKGM update > $OUTPUT 2>&1
$PKGI curl > $OUTPUT 2>&1
##----------##
# Menu #
##----------##
read -p 'Instance name (ex: jib1): ' jibinstid
##-------------------------##
# Generating APT list #
##-------------------------##
#General aptList
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$mtype"/generic.pkg.list; then
curl "$mtype"/generic.pkg.list >>/tmp/pkg.list
fi
##--------------------##
# Pre-Requirements #
##--------------------##
msg " Preconfiguring"
curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=init osrel=$shortdist bash > $OUTPUT 2>&1
$PKGM update
$PKGM upgrade -y
##-------------------##
# Pre-configuring #
##-------------------##
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$mtype"/preconf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$mtype"/preconf.sh)
fi
##-------------##
# Installer #
##-------------##
$PKGM update
cat /tmp/pkg.list | xargs $PKGI
##---------------##
# Configuring #
##---------------##
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$mtype"/conf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$mtype"/conf.sh)
fi
##-------##
# end #
##-------##
msg " Done!"

163
Install-JMS.sh Normal file
View File

@@ -0,0 +1,163 @@
#######################
# JitsiMeet - JVB #
#######################
##-----------------##
# Defining Vars #
##-----------------##
OUTPUT='/dev/tty'
#PackageManager-config
dist_ver=$(grep --color=never -Po "^VERSION_ID=\K.*" "/etc/os-release")
dist=$(grep --color=never -Po "^ID=\K.*" "/etc/os-release")
if [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"10"* ]]; then
PKGM="apt"
PKGI="${PKGM} install -y --no-install-recommends"
PKGLIST="apt"
shortdist=deb10
else
echo "This os in not supported"
exit
fi
unset dist_ver dist
#Repo Vars
repo=https://git.ictmaatwerk.com/VPS-scripts/MeetServer
branch=main/JVB
branchtype=branch
#SelfBuilding Vars
mtype=""$repo"/raw/"$branchtype"/"$branch""
jibsec=${cat /dev/urandom | tr -dc 'a-zA-Z0-9' | head -c 16}
jibrsec=${cat /dev/urandom | tr -dc 'a-zA-Z0-9' | head -c 16}
##---------------##
# Functions #
##---------------##
msg () {
echo "$1"
}
##--------------------------##
# Installer-Requirements #
##--------------------------##
msg " Starting installer" 8 78
$PKGM update > $OUTPUT 2>&1
$PKGI curl > $OUTPUT 2>&1
##----------##
# Menu #
##----------##
read -p 'Domain name: ' domain
PS3='Installation type: '
options=("Scalable" "Stand alone" "Full stand alone" "Quit")
select opt in "${options[@]}"
do
case $opt in
"Scalable")
jitsipack=sc
genjvbsec=1
extcon=1
;;
"Stand alone")
jitsipack=sa
extcon=1
;;
"Full stand alone")
jitsipack=sa
extcon=0
;;
"Quit")
break
;;
*) echo "invalid option $REPLY";;
esac
done
while true; do
read -p "Do you wish to install this program?" yn
case $yn in
[Yy]* ) lecert=1; break;;
[Nn]* ) lecert=0; break;;
* ) echo "Please answer yes or no.";;
esac
done
if [ "$extcon" = "1" ] ; then
ip link show
read -p 'Enter full name of internal network interface: ' innetworkif
intip=$(ip -o -4 addr list "$innetworkif" | awk '{print $4}' | cut -d/ -f1)
fi
read -p 'Enter Jitsi username: ' jituser
read -p 'Enter Jitsi password: ' -s jitpasswd
echo ""
##-------------------------##
# Generating APT list #
##-------------------------##
#General aptList
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$mtype"/generic.pkg.list; then
curl "$mtype"/generic.pkg.list >>/tmp/pkg.list
fi
##--------------------##
# Pre-Requirements #
##--------------------##
msg " Preconfiguring"
curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=init osrel=$shortdist bash > $OUTPUT 2>&1
$PKGM update
$PKGM upgrade -y
##-------------------##
# Pre-configuring #
##-------------------##
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$mtype"/preconf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$mtype"/preconf.sh)
fi
##-------------##
# Installer #
##-------------##
$PKGM update
cat /tmp/pkg.list | xargs $PKGI
##---------------##
# Configuring #
##---------------##
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$mtype"/conf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$mtype"/conf.sh)
fi
#storing config
if [ "$jitsipack" = "sa" ] ; then
jvbsec=$(sed -n ' s/org.jitsi.videobridge.xmpp.user.shard.PASSWORD=\(.*\)/\1/p' /etc/jitsi/videobridge/sip-communicator.properties)
fi
mkdir -p /etc/ICTM/
echo "InstDate=$(date "+%d-%B-%Y")" >> /etc/ICTM/JitsiMeet.var
for storeme in domain intip jvbsec jibsec jibrsec; do
declare -p $storeme | cut -d ' ' -f 3- >> /etc/ICTM/mainvar.list
done
##-------##
# end #
##-------##
msg " Done!"

115
Install-JVB.sh Normal file
View File

@@ -0,0 +1,115 @@
#######################
# JitsiMeet - JVB #
#######################
if [ ! -f "~/jistiMeet.var" ] ; then echo 'Please put "/etc/ICTM/JitsiMeet.var" from main server in "~/jistiMeet.var"' && exit ; fi
source ~/jistiMeet.var
##-----------------##
# Defining Vars #
##-----------------##
OUTPUT='/dev/tty'
#PackageManager-config
dist_ver=$(grep --color=never -Po "^VERSION_ID=\K.*" "/etc/os-release")
dist=$(grep --color=never -Po "^ID=\K.*" "/etc/os-release")
if [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"10"* ]]; then
PKGM="apt"
PKGI="${PKGM} install -y --no-install-recommends"
PKGLIST="apt"
shortdist=deb10
else
echo "This os in not supported"
exit
fi
unset dist_ver dist APTMODE
#Repo Vars
repo=https://git.ictmaatwerk.com/VPS-scripts/MeetServer
branch=main/JVB
branchtype=branch
#SelfBuilding Vars
mtype=""$repo"/raw/"$branchtype"/"$branch""
##---------------##
# Functions #
##---------------##
msg () {
echo "$1"
}
##--------------------------##
# Installer-Requirements #
##--------------------------##
msg " Starting installer" 8 78
$PKGM update > $OUTPUT 2>&1
$PKGI curl > $OUTPUT 2>&1
##-------------------------##
# Generating APT list #
##-------------------------##
#General aptList
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$mtype"/generic.pkg.list; then
curl "$mtype"/generic.pkg.list >>/tmp/pkg.list
fi
##--------------------##
# Pre-Requirements #
##--------------------##
msg " Preconfiguring"
curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=init osrel=$shortdist bash > $OUTPUT 2>&1
$PKGM update
$PKGM upgrade -y
##-------------------##
# Pre-configuring #
##-------------------##
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$mtype"/preconf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$mtype"/preconf.sh)
fi
##-------------##
# Installer #
##-------------##
$PKGM update
cat /tmp/pkg.list | xargs $PKGI
##---------------##
# Configuring #
##---------------##
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$mtype"/conf.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$mtype"/conf.sh)
fi
#storing config
if [ "$jitsipack" = "sa" ] ; then
jvbsec=$(sed -n ' s/org.jitsi.videobridge.xmpp.user.shard.PASSWORD=\(.*\)/\1/p' /etc/jitsi/videobridge/sip-communicator.properties)
fi
mkdir -p /etc/ICTM/
echo "InstDate=$(date "+%d-%B-%Y")" >> /etc/ICTM/JitsiMeet.var
for storeme in domain intip jvbsec jibsec jibrsec; do
declare -p $storeme | cut -d ' ' -f 3- >> /etc/ICTM/mainvar.list
done
##-------##
# end #
##-------##
msg " Done!"

38
JIB/conf.sh Normal file
View File

@@ -0,0 +1,38 @@
#module setup
mrepo=https://git.ictmaatwerk.com/VPS-scripts/MeetServer
mbranch=main/JIB
#config ssh
sed -i -e '/Port 22/c\Port 4242' -e 's/PermitRootLogin yes/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
systemctl restart sshd > $OUTPUT 2>&1
##config ufw
ufw limit 4242/tcp > $OUTPUT 2>&1
echo "y" | ufw enable > $OUTPUT 2>&1
#install ChromeDriver
curl --retry 7 --retry-delay 5 -s http://chromedriver.storage.googleapis.com/"$(curl -sS chromedriver.storage.googleapis.com/LATEST_RELEASE)"/chromedriver_linux64.zip -o /tmp/chromedriver.zip
unzip /tmp/chromedriver.zip -d /tmp > $OUTPUT 2>&1
sudo mv -f /tmp/chromedriver /usr/local/bin/chromedriver > $OUTPUT 2>&1
sudo chmod 0755 /usr/local/bin/chromedriver > $OUTPUT 2>&1
#config chrome
mkdir -p /etc/opt/chrome/policies/managed > $OUTPUT 2>&1
echo '{ "CommandLineFlagSecurityWarningsEnabled": false }' >>/etc/opt/chrome/policies/managed/managed_policies.json
#config alsa
echo "snd_aloop" >> /etc/modules > $OUTPUT 2>&1
modprobe snd_aloop > $OUTPUT 2>&1
##config dns
mv /etc/resolve.conf /etc/resolve.conf.bck > $OUTPUT 2>&1
echo "nameserver $intip" > /etc/resolve.conf
#config jibri
curl --retry 7 --retry-delay 5 -s "$mrepo"/raw/branch/"$mbranch"/config/config.json -o /etc/jitsi/jibri/config.json
sed -i -e 's/DOMAINname/'$domain'/g' -e 's/JIBRIname/'$jibinstid'/g' -e 's/RECsecret/'$jibrsec'/g' -e 's/JIBRIsecret/'$jibsec'/g' /etc/jitsi/jibri/config.json
usermod -aG adm,audio,video,plugdev jibri > $OUTPUT 2>&1
mkdir /recordings > $OUTPUT 2>&1
chown jibri:jibri /recordings > $OUTPUT 2>&1
sed -i "s=exec java=exec /usr/lib/jvm/adoptopenjdk-8-hotspot-amd64/bin/java=g" /opt/jitsi/jibri/launch.sh

29
JIB/conf/config.json Normal file
View File

@@ -0,0 +1,29 @@
{
"recording_directory": "/recordings",
"finalize_recording_script_path": "",
"xmpp_environments": [
{
"name": "prod environment",
"xmpp_server_hosts": ["DOMAINname"],
"xmpp_domain": "DOMAINname",
"control_login": {
"domain": "auth.DOMAINname",
"username": "jibri",
"password": "JIBRIsecret"
},
"control_muc": {
"domain": "internal.auth.DOMAINname",
"room_name": "JibriBrewery",
"nickname": "JIBRIname"
},
"call_login": {
"domain": "recorder.DOMAINname",
"username": "recorder",
"password": "RECsecret"
},
"room_jid_domain_string_to_strip_from_start": "conference.",
"usage_timeout": "0"
}
]
}

1
JIB/generic.pkg.list Normal file
View File

@@ -0,0 +1 @@
jibri google-chrome-stable ffmpeg openjdk-11-jre-headless adoptopenjdk-8-hotspot ufw unzip

12
JIB/preconf.sh Normal file
View File

@@ -0,0 +1,12 @@
#module setup
mrepo=https://git.ictmaatwerk.com/VPS-scripts/MeetServer
mbranch=main/JIB
#setup repo
curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=jitsi osrel=$shortdist bash > $OUTPUT 2>&1
curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=GoogleChrome osrel=$shortdist bash > $OUTPUT 2>&1
curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=adoptopenjdk osrel=$shortdist bash > $OUTPUT 2>&1
##preconf jitsi
debconf-set-selections <<< "jitsi-videobridge2 jitsi-videobridge/jvb-hostname string $domain" > $OUTPUT 2>&1
debconf-set-selections <<< "jitsi-meet-prosody jitsi-videobridge/jvbsecret password $jvbsec" > $OUTPUT 2>&1

65
JMS/conf.sh Normal file
View File

@@ -0,0 +1,65 @@
#module setup
mrepo=https://git.ictmaatwerk.com/VPS-scripts/MeetServer
mbranch=main/JMS
#config ssh
sed -i -e '/Port 22/c\Port 4242' -e 's/PermitRootLogin yes/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
systemctl restart sshd > $OUTPUT 2>&1
if [ "$lecert" = "1" ] ; then
bash /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
fi
##config ufw
ufw limit 4242/tcp > $OUTPUT 2>&1
ufw allow 80/tcp > $OUTPUT 2>&1
ufw allow 443/tcp > $OUTPUT 2>&1
ufw allow 4443/tcp > $OUTPUT 2>&1
ufw allow 10000/udp > $OUTPUT 2>&1
#allow other server(s) to connect
if [ "$extcon" = "1" ] ; then
ufw allow in on "$innetworkif" to any port 53
ufw allow in on "$innetworkif" to any port 5222
fi
echo "y" | ufw enable > $OUTPUT 2>&1
#config dnsmasq
if [ "$extcon" = "1" ] ; then
systemctl stop dnsmasq
curl --retry 7 --retry-delay 5 -s "$mrepo"/raw/branch/"$mbranch"/config/dnsmasq.conf -o /etc/dnsmasq.d/main.conf
sed -i -e 's/DOMAINname/'$domain'/g' -e 's/HOSTname/'${domain%%.*}'/g' -e 's/INTif/'$innetworkif'/g' -e 's/INTip/''/g' /etc/dnsmasq.d/main.conf
fi
#config Prosody
systemctl stop prosody jicofo
compsec=$(sed -n 's/component_secret = \(.*\)/\1/p' /etc/prosody/conf.avail/$domain.cfg.lua| head -1| tr -d '"; ')
turnsec=$(sed -n 's/turncredentials_secret = \(.*\)/\1/p' /etc/prosody/conf.avail/$domain.cfg.lua | head -1| tr -d '"; ')
sslcer=$(sed -n ' s/certificate = \(.*\)/\1/p' /etc/prosody/conf.avail/$domain.cfg.lua | head -1| tr -d '"; ')
sslkey=$(sed -n ' s/key = \(.*\)/\1/p' /etc/prosody/conf.avail/$domain.cfg.lua | head -1| tr -d '"; ')
mv /etc/prosody/conf.avail/$domain.cfg.lua /etc/prosody/conf.avail/$domain.cfg.lua.orig
curl --retry 7 --retry-delay 5 -s "$mrepo"/raw/branch/"$mbranch"/config/prosody-Unconfigured -o /etc/prosody/conf.avail/$domain.cfg.lua
sed -i -e 's/DOMAINname/'$domain'/g' -e 's/SSLKEY/'$sslcer'/g' -e 's/SSLKEY/'$sslkey'/g' -e 's/TURNSEC/'$turnsec'/g' -e 's/COMPSEC/'$compsec'/g' /etc/prosody/conf.avail/$domain.cfg.lua
#webappli-config
sed -i -e "/anonymousdomain:/c\anonymousdomain: 'guest.$domain'," -e '/startWithAudioMuted/c\startWithAudioMuted: true,' -e '/startWithVideoMuted/c\startWithVideoMuted: true,' -e '/fileRecordingsEnabled/c\fileRecordingsEnabled: false,' -e '/liveStreamingEnabled/c\liveStreamingEnabled: false,' -e "/^liveStreamingEnabled:.*/a\ hiddenDomain: 'recorder.$domain'," /etc/jitsi/meet/"$domain"-config.js
#Jicofo
echo "org.jitsi.jicofo.auth.URL=XMPP:$domain" >>/etc/jitsi/jicofo/sip-communicator.properties
## jibri prep
echo "org.jitsi.jicofo.jibri.BREWERY=JibriBrewery@internal.auth.$domain" >>/etc/jitsi/jicofo/sip-communicator.properties
echo "org.jitsi.jicofo.jibri.PENDING_TIMEOUT=90" >>/etc/jitsi/jicofo/sip-communicator.properties
if [ "$extcon" = "1" ] ; then
echo 'sed -i -e '/fileRecordingsEnabled/c\fileRecordingsEnabled: true,' /etc/jitsi/meet/"$domain"-config.js' > /opt/EnableJitsiRecordButton.sh
echo 'sed -i -e '/fileRecordingsEnabled/c\fileRecordingsEnabled: false,' /etc/jitsi/meet/"$domain"-config.js' > /opt/DisableJitsiRecordButton.sh
fi
#start services
systemctl enable --now prosody jicofo dnsmasq
#Create users
prosodyctl register jibri auth.$domain $jibsec
prosodyctl register recorder recorder.$domain $jibrsec
prosodyctl register $jituser $domain $jitpasswd

4
JMS/conf/dnsmasq.conf Normal file
View File

@@ -0,0 +1,4 @@
address=/HOSTname/INTip
address=/DOMAINname/INTip
interface=INTif
no-hosts

113
JMS/conf/prosody-Unconfigured Normal file
View File

@@ -0,0 +1,113 @@
plugin_paths = { "/usr/share/jitsi-meet/prosody-plugins/" }
muc_mapper_domain_base = "DOMAINname";
turncredentials_secret = "TURNSEC";
turncredentials = {
{ type = "stun", host = "DOMAINname", port = "3478" },
{ type = "turn", host = "DOMAINname", port = "3478", transport = "udp" },
{ type = "turns", host = "DOMAINname", port = "443", transport = "tcp" }
};
cross_domain_bosh = false;
consider_bosh_secure = true;
ssl = {
protocol = "tlsv1_2+";
ciphers = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"
}
VirtualHost "guest.DOMAINname"
authentication = "anonymous"
c2s_require_encryption = false
modules_enabled = {
"muc_lobby_rooms";
"conference_duration";
}
lobby_muc = "lobby.DOMAINname"
main_muc = "conference.DOMAINname"
muc_lobby_whitelist = { "recorder.DOMAINname" }
VirtualHost "DOMAINname"
ssl = {
key = "SSLKEY";
certificate = "SSLCERT";
}
speakerstats_component = "speakerstats.DOMAINname"
conference_duration_component = "conferenceduration.DOMAINname"
-- we need bosh
modules_enabled = {
"bosh";
"pubsub";
"ping";
"speakerstats";
"turncredentials";
"conference_duration";
}
c2s_require_encryption = false
lobby_muc = "lobby.DOMAINname"
main_muc = "conference.DOMAINname"
muc_lobby_whitelist = { "recorder.DOMAINname" }
Component "conference.DOMAINname" "muc"
storage = "memory"
modules_enabled = {
"muc_meeting_id";
"muc_domain_mapper";
}
admins = { "focus@auth.DOMAINname" }
muc_room_locking = false
muc_room_default_public_jids = true
Component "internal.auth.DOMAINname" "muc"
storage = "memory"
modules_enabled = {
"ping";
}
admins = { "focus@auth.DOMAINname", "jvb@auth.DOMAINname" }
muc_room_locking = false
muc_room_default_public_jids = true
VirtualHost "auth.DOMAINname"
ssl = {
key = "SSLKEY";
certificate = "SSLCERT";
}
authentication = "internal_plain"
Component "focus.DOMAINname"
component_secret = "COMPSEC"
Component "speakerstats.DOMAINname" "speakerstats_component"
muc_component = "conference.DOMAINname"
Component "conferenceduration.DOMAINname" "conference_duration_component"
muc_component = "conference.DOMAINname"
Component "lobby.DOMAINname" "muc"
storage = "memory"
restrict_room_creation = true
muc_room_locking = false
muc_room_default_public_jids = true
Component "internal.auth.DOMAINname" "muc"
modules_enabled = { "muc_mam" }
Component "internal.auth.DOMAINname" "muc"
modules_enabled = {
"ping";
}
storage = "internal"
muc_room_cache_size = 1000
VirtualHost "recorder.DOMAINname"
modules_enabled = {
"ping";
}
authentication = "internal_plain

1
JMS/generic.pkg.list Normal file
View File

@@ -0,0 +1 @@
ufw

27
JMS/preconf.sh Normal file
View File

@@ -0,0 +1,27 @@
#module setup
mrepo=https://git.ictmaatwerk.com/VPS-scripts/MeetServer
mbranch=main/JMS
#setup repo
curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=jitsi osrel=$shortdist bash > $OUTPUT 2>&1
#preconf jitsi
debconf-set-selections <<< "jitsi-videobridge2 jitsi-videobridge/jvb-hostname string $domain"
debconf-set-selections <<< "jitsi-meet-web-config jitsi-meet/cert-choice select Generate a new self-signed certificate (You will later get a chance to obtain a Let's encrypt certificate)"
# Package list for Scalable
if [ "$jitsipack" = "sc" ] ; then
jvbsec=${cat /dev/urandom | tr -dc 'a-zA-Z0-9' | head -c 16}
debconf-set-selections <<< "jitsi-meet-prosody jitsi-videobridge/jvbsecret password $jvbsec"
echo "jitsi-meet-web jitsi-meet-web-config jitsi-meet-prosody jicofo jitsi-meet-turnserver prosody" >> /tmp/pkg.list
fi
# Package list for standalone
if [ "$jitsipack" = "sa" ] ; then
echo "jitsi-meet jitsi-meet-turnserver " >> /tmp/pkg.list
fi
# Packge list to allow for external connections
if [ "$extcon" = "1" ] ; then
echo "dnsmasq" >> /tmp/pkg.list
fi

22
JVB/conf.sh Normal file
View File

@@ -0,0 +1,22 @@
#module setup
mrepo=https://git.ictmaatwerk.com/VPS-scripts/MeetServer
mbranch=main/JVB
#config ssh
sed -i -e '/Port 22/c\Port 4242' -e 's/PermitRootLogin yes/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
systemctl restart sshd > $OUTPUT 2>&1
##config ufw
ufw limit 4242/tcp > $OUTPUT 2>&1
ufw allow 443/tcp > $OUTPUT 2>&1
ufw allow 10000/udp > $OUTPUT 2>&1
echo "y" | ufw enable > $OUTPUT 2>&1
##config dns
mv /etc/resolve.conf /etc/resolve.conf.bck
echo "nameserver $intip" > /etc/resolve.conf
##config jitsi
systemctl stop jitsi-videobridge2 > $OUTPUT 2>&1
sed -i "/org.jitsi.videobridge.xmpp.user.shard.HOSTNAME=/c\org.jitsi.videobridge.xmpp.user.shard.HOSTNAME=$domain" /etc/jitsi/videobridge/sip-communicator.properties
systemctl enable --now jitsi-videobridge2 > $OUTPUT 2>&1

1
JVB/generic.pkg.list Normal file
View File

@@ -0,0 +1 @@
jitsi-videobridge2 ufw

10
JVB/preconf.sh Normal file
View File

@@ -0,0 +1,10 @@
#module setup
mrepo=https://git.ictmaatwerk.com/VPS-scripts/MeetServer
mbranch=main/JVB
#setup repo
curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=jitsi osrel=$shortdist bash > $OUTPUT 2>&1
#preconf jitsi
debconf-set-selections <<< "jitsi-videobridge2 jitsi-videobridge/jvb-hostname string $domain"
debconf-set-selections <<< "jitsi-meet-prosody jitsi-videobridge/jvbsecret password $jvbsec"

89
readme.md Normal file
View File

@@ -0,0 +1,89 @@
# Jitsi Meet server
jitsi is salable and consists of the following components
* JMS (Jitsi Meet Server)
* JVB (Jitsi Video Bridge)
* JIB (Jitsi Recorder)
# Instalation instructions
# Component explenation
## JMS
JMS serves the frond end and handles communication between all components
JMS can be ran in difrent modes
### Scalable
* Requires at least one external JMS to funcion
* supports multiple external JVB/JIB hosts
* Requires internal network for communication between servers
### Stand alone
* JMS with JVB
* supports multiple external JVB/JIB hosts
* Requires internal network for communication between servers
### Full stand alone
* Disable support external JVB/JIB hosts
* Does not requires a internal network
* Running a JIB (even locally) requires config changes
## JVB
* A meeting is server bound
* Acts as load-balancing not fail-over
* One JVB supports multiple meetings
* Multiple JVB host can be connected to JMS (also if one is running on the JMS)
## JIB
* One recording per server
* Handles recording from the web UI (by moderator)
* Multiple JIB host can be connected to JMS
* Does not require open firewall ports
* Needs at least 4CPU 4GB/Ram
# Example layouts
## Minimal JMS Scalable with recording
```
Public IP Public IP
| |
| |
v v
+--------------+ Int network +-------+
| JMS-Scalable |<------------------+| JVB |
+--------------+ | +-------+
|
| +------+
+--------+| JIB |
+------+
```
## Minimal JMS Stand alone with recording
```
Public IP
|
|
v
+-----------------+ Int network +-------+
| JMS-Stand_alone |<------------------+| JIB |
+-----------------+ +-------+
```
## JMS Full Stand alone without recording
```
Public IP
|
|
v
+----------------------+
| JMS-Full_stand_alone |
+----------------------+
```