Work_Archive/VPS-scripts_MeetServer
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
df2191aae57988b89fe53ad29f62af65d4810e45
VPS-scripts_MeetServer/JMS/conf.sh

66 lines
3.2 KiB
Bash
Raw Blame History

#module setup
mrepo=https://git.ictmaatwerk.com/VPS-scripts/MeetServer
mbranch=main/JMS
#config ssh
sed -i -e '/Port 22/c\Port 4242' -e 's/PermitRootLogin yes/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
systemctl restart sshd > $OUTPUT 2>&1
if [ "$lecert" = "1" ] ; then
bash /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
fi
##config ufw
ufw limit 4242/tcp > $OUTPUT 2>&1
ufw allow 80/tcp > $OUTPUT 2>&1
ufw allow 443/tcp > $OUTPUT 2>&1
ufw allow 4443/tcp > $OUTPUT 2>&1
ufw allow 10000/udp > $OUTPUT 2>&1
#allow other server(s) to connect
if [ "$extcon" = "1" ] ; then
ufw allow in on "$innetworkif" to any port 53
ufw allow in on "$innetworkif" to any port 5222
fi
echo "y" | ufw enable > $OUTPUT 2>&1
#config dnsmasq
if [ "$extcon" = "1" ] ; then
systemctl stop dnsmasq
curl --retry 7 --retry-delay 5 -s "$mrepo"/raw/branch/"$mbranch"/conf/dnsmasq.conf -o /etc/dnsmasq.d/main.conf
sed -i -e 's/DOMAINname/'$domain'/g' -e 's/HOSTname/'${domain%%.*}'/g' -e 's/INTif/'$innetworkif'/g' -e 's/INTip/''/g' /etc/dnsmasq.d/main.conf
fi
#config Prosody
systemctl stop prosody jicofo
compsec=$(sed -n 's/component_secret = \(.*\)/\1/p' /etc/prosody/conf.avail/$domain.cfg.lua| head -1| tr -d '"; ')
turnsec=$(sed -n 's/turncredentials_secret = \(.*\)/\1/p' /etc/prosody/conf.avail/$domain.cfg.lua | head -1| tr -d '"; ')
sslcer=$(sed -n ' s/certificate = \(.*\)/\1/p' /etc/prosody/conf.avail/$domain.cfg.lua | head -1| tr -d '"; ')
sslkey=$(sed -n ' s/key = \(.*\)/\1/p' /etc/prosody/conf.avail/$domain.cfg.lua | head -1| tr -d '"; ')
mv /etc/prosody/conf.avail/$domain.cfg.lua /etc/prosody/conf.avail/$domain.cfg.lua.orig
curl --retry 7 --retry-delay 5 -s "$mrepo"/raw/branch/"$mbranch"/conf/prosody-Unconfigured -o /etc/prosody/conf.avail/$domain.cfg.lua
sed -i -e 's/DOMAINname/'$domain'/g' -e 's#SSLCERT#'$sslcer'#g' -e 's#SSLKEY#'$sslkey'#g' -e 's/TURNSEC/'$turnsec'/g' -e 's/COMPSEC/'$compsec'/g' /etc/prosody/conf.avail/"$domain".cfg.lua
#webappli-config
sed -i -e "/anonymousdomain:/c\anonymousdomain: 'guest.$domain'," -e '/startWithAudioMuted/c\startWithAudioMuted: true,' -e '/startWithVideoMuted/c\startWithVideoMuted: true,' -e '/fileRecordingsEnabled/c\fileRecordingsEnabled: false,' -e '/liveStreamingEnabled/c\liveStreamingEnabled: false,' -e "/^liveStreamingEnabled:.*/a\ hiddenDomain: 'recorder.$domain'," /etc/jitsi/meet/"$domain"-config.js
#Jicofo
echo "org.jitsi.jicofo.auth.URL=XMPP:$domain" >>/etc/jitsi/jicofo/sip-communicator.properties
## jibri prep
echo "org.jitsi.jicofo.jibri.BREWERY=JibriBrewery@internal.auth.$domain" >>/etc/jitsi/jicofo/sip-communicator.properties
echo "org.jitsi.jicofo.jibri.PENDING_TIMEOUT=90" >>/etc/jitsi/jicofo/sip-communicator.properties
if [ "$extcon" = "1" ] ; then
echo 'sed -i -e '/fileRecordingsEnabled/c\fileRecordingsEnabled: true,' /etc/jitsi/meet/"$domain"-config.js' > /opt/EnableJitsiRecordButton.sh
echo 'sed -i -e '/fileRecordingsEnabled/c\fileRecordingsEnabled: false,' /etc/jitsi/meet/"$domain"-config.js' > /opt/DisableJitsiRecordButton.sh
fi
#start services
systemctl enable --now prosody jicofo dnsmasq
#Create users
prosodyctl register jibri auth.$domain $jibsec
prosodyctl register recorder recorder.$domain $jibrsec
prosodyctl register $jituser $domain $jitpasswd
Reference in New Issue View Git Blame Copy Permalink