jitsi_ynh/scripts/install

#!/bin/bash                                                                                                                                                                                      

# Retrieve arguments
domain=$1
path=$2

arch=$(uname -m)
if [[ "$arch" != "i686" ]] && [[ "$arch" != "x86_64" ]] ; then
  echo "Currently supported only on i686 or x86_64."
  echo "ARM platforms are NOT supported right now."
  exit 1
fi

if [[ "$path" != "/" ]] ; then
  echo "Only '/' is supported as path for the moment."
  exit 1
fi 

sudo yunohost app checkurl $domain$path -a jitsi
if [[ ! $? -eq 0 ]]; then 
  exit 1
fi

sudo apt-get update
sudo apt-get install openjdk-7-jdk ant -y

# TODO need lua-sec >= 0.5 otherwise jicofo cannot connect because of "no shared ciphers"

#git clone https://github.com/andyet/otalk-server ../src/otalk-server
# TODO mam,websocket(s) already available in default metronome
#cp -r ../src/otalk-server/mod_{smacks,carbons,mam,websocket,turncredentials} /usr/lib/metronome/modules

YNH_YOURSECRET1=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p')
YNH_YOURSECRET2=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p')
YNH_YOURSECRET3=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p')
YNH_YOURSECRET4=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p')

jitsi_domain="jitsi.${domain}"
# TODO verify $jitsi_domain is not already used somehow...

sudo groupadd jitsi

#--- Install Jitsi videobridge ---
jvb_buildnum=$(cat ../conf/jvb.version)
if [[ "$arch" == "i686" ]] ; then
  jvb_arch="x86"
else
  jvb_arch="x64"
fi
mkdir ../src
wget -O ../src/jitsi-videobridge.zip https://download.jitsi.org/jitsi-videobridge/linux/jitsi-videobridge-linux-$jvb_arch-$jvb_buildnum.zip
unzip ../src/jitsi-videobridge.zip -d ../src/jitsi-videobridge
jvb_root=/opt/yunohost/jitsi-videobridge
sudo mkdir -p $jvb_root
sudo cp -ar ../src/jitsi-videobridge/jitsi-videobridge-linux-$jvb_arch-$jvb_buildnum/* $jvb_root
sudo useradd -r -g jitsi -d $jvb_root --shell /bin/bash jvb
sudo chown -R jvb:jitsi $jvb_root
sudo mkdir -p /var/log/jitsi
sudo chown jvb:jitsi /var/log/jitsi
sudo chmod 770 /var/log/jitsi

cat << EOF > ../src/jvb_options
JVB_HOSTNAME=$jitsi_domain
JVB_PORT=5347
JVB_SECRET=$YNH_YOURSECRET1
JVB_OPTS=""
EOF

sudo mv ../src/jvb_options /etc/default/jitsi-videobridge
sudo cp ../conf/jitsi-videobridge.init /etc/init.d/jitsi-videobridge
sudo chmod +x /etc/init.d/jitsi-videobridge
sudo update-rc.d jitsi-videobridge defaults
sudo yunohost service add jitsi-videobridge -l /var/log/jitsi/jvb.log

# TODO : install java7
# TODO : create .sip-communicator to handle videobridge behind NAT
# TODO : avoid error in logs Failed to load class "org.slf4j.impl.StaticLoggerBinder"
#        See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.
# TODO : logrotate
# TODO : hook to monit
# TODO : enable jitsi stats : what do we do with it ?

#--- Install Jicofo ---
wget -O ../src/jicofo.zip https://github.com/jitsi/jicofo/archive/master.zip
unzip ../src/jicofo.zip -d ../src/jicofo
if [[ "$arch" == "i686" ]] ; then
  jicofo_target="lin"
  jicofo_arch="x86"
else
  jicofo_target="lin64"
  jicofo_arch="x64"
fi
bash -c "cd ../src/jicofo/jicofo-master; PATH=/usr/lib/jvm/java-7-openjdk-amd64/bin:$PATH ant dist.$jicofo_target"
jicofo_dist_zip=$(ls ../src/jicofo/jicofo-master/dist/linux/*.zip)
unzip $jicofo_dist_zip -d ../src/jicofo_dist

jicofo_root=/opt/yunohost/jicofo
sudo mkdir -p $jicofo_root
sudo cp -ar ../src/jicofo_dist/$(basename "$jicofo_dist_zip" .zip)/* $jicofo_root
sudo useradd -r -g jitsi -d $jicofo_root --shell /bin/bash jicofo
sudo chown -R jicofo:jitsi $jicofo_root

cat << EOF > ../src/jicofo_options
# Jitsi Conference Focus settings
JICOFO_HOST=localhost
JICOFO_HOSTNAME=$jitsi_domain
JICOFO_SECRET=$YNH_YOURSECRET2
JICOFO_PORT=5347
JICOFO_AUTH_DOMAIN=auth.$jitsi_domain
JICOFO_AUTH_USER=focus
JICOFO_AUTH_PASSWORD=$YNH_YOURSECRET3
JICOFO_OPTS=""
EOF

sudo mv ../src/jicofo_options /etc/default/jicofo
sudo cp ../conf/jitsi-jicofo.init /etc/init.d/jicofo
sudo chmod +x /etc/init.d/jicofo
sudo update-rc.d jicofo defaults
sudo yunohost service add jicofo -l /var/log/jitsi/jvb.log

# TODO : build with java7, since java6 outputs more warnings
# TODO : logrotate
# TODO : hook to monit

#--- Install Jireco daemon ---
# TODO for later...

#--- Install Jitsi-meet ---
wget -O ../src/jitsi-meet.zip https://github.com/jitsi/jitsi-meet/archive/master.zip
unzip ../src/jitsi-meet.zip -d ../src/jitsi-meet
jitsimeet_path=/var/www/jitsi
sudo mkdir -p $jitsimeet_path
sudo cp -ar ../src/jitsi-meet/jitsi-meet-master/* $jitsimeet_path

sed -i "s@YNH_JITSI_XMPP_HOST@$jitsi_domain@g" ../conf/jitsimeet-config.js
sudo cp ../conf/jitsimeet-config.js $jitsimeet_path/config.js

sudo chown -R root: $jitsimeet_path
sudo find $jitsimeet_path -type f | xargs sudo chmod 644
sudo find $jitsimeet_path -type d | xargs sudo chmod 755

# TODO : remove tracking
# TODO : remove GoogleAnalytics

#--- Configure metronome ---
sed -i "s@YNH_JITSI_XMPP_HOST@$jitsi_domain@g" ../conf/metronome.conf
sed -i "s@YNH_YOURSECRET1@$YNH_YOURSECRET1@g" ../conf/metronome.conf
sed -i "s@YNH_YOURSECRET2@$YNH_YOURSECRET2@g" ../conf/metronome.conf
sed -i "s@YNH_YOURSECRET4@$YNH_YOURSECRET4@g" ../conf/metronome.conf

sudo cp ../conf/metronome.conf /etc/metronome/conf.d/$jitsi_domain.cfg.lua
sudo chown metronome: /etc/metronome/conf.d/$jitsi_domain.cfg.lua

sudo openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj \
    "/O=$domain/OU=$domain/CN=$jitsi_domain/emailAddress=webmaster@$domain" \
    -keyout /var/lib/metronome/$jitsi_domain.key \
    -out /var/lib/metronome/$jitsi_domain.crt

# TODO : adduser headless with python pexpect ?
#sudo metronomectl adduser focus@auth.$jitsi_domain # $YNH_YOURSECRET3

#--- Configure Nginx ---
# remove trailing '/'. this leaves '/something' untouched, but changes '/' to ''
path=${path%/}
sed -i "s@YNH_LOCATION@$path@g" ../conf/nginx.conf
sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/jitsi.conf

# TODO : subdir support

sudo service metronome reload
sudo service jitsi-videobridge restart
sudo service jicofo restart
sudo service nginx reload
[enh] first working version 2015-01-14 10:55:14 +01:00			`#!/bin/bash`

			`# Retrieve arguments`
			`domain=$1`
			`path=$2`

			`arch=$(uname -m)`
			`if [[ "$arch" != "i686" ]] && [[ "$arch" != "x86_64" ]] ; then`
			`echo "Currently supported only on i686 or x86_64."`
			`echo "ARM platforms are NOT supported right now."`
			`exit 1`
			`fi`

			`if [[ "$path" != "/" ]] ; then`
			`echo "Only '/' is supported as path for the moment."`
			`exit 1`
			`fi`

			`sudo yunohost app checkurl $domain$path -a jitsi`
			`if [[ ! $? -eq 0 ]]; then`
			`exit 1`
			`fi`

			`sudo apt-get update`
[enh] compile with java7 2015-01-27 23:24:06 +01:00			`sudo apt-get install openjdk-7-jdk ant -y`
[enh] first working version 2015-01-14 10:55:14 +01:00
[enh] compile with java7 2015-01-27 23:24:06 +01:00			`# TODO need lua-sec >= 0.5 otherwise jicofo cannot connect because of "no shared ciphers"`
[enh] first working version 2015-01-14 10:55:14 +01:00
			`#git clone https://github.com/andyet/otalk-server ../src/otalk-server`
			`# TODO mam,websocket(s) already available in default metronome`
			`#cp -r ../src/otalk-server/mod_{smacks,carbons,mam,websocket,turncredentials} /usr/lib/metronome/modules`

			`YNH_YOURSECRET1=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null \| tr -c -d 'A-Za-z0-9' \| sed -n 's/\(.\{24\}\).*/\1/p')`
			`YNH_YOURSECRET2=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null \| tr -c -d 'A-Za-z0-9' \| sed -n 's/\(.\{24\}\).*/\1/p')`
			`YNH_YOURSECRET3=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null \| tr -c -d 'A-Za-z0-9' \| sed -n 's/\(.\{24\}\).*/\1/p')`
			`YNH_YOURSECRET4=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null \| tr -c -d 'A-Za-z0-9' \| sed -n 's/\(.\{24\}\).*/\1/p')`

			`jitsi_domain="jitsi.${domain}"`
			`# TODO verify $jitsi_domain is not already used somehow...`

			`sudo groupadd jitsi`

			`#--- Install Jitsi videobridge ---`
			`jvb_buildnum=$(cat ../conf/jvb.version)`
			`if [[ "$arch" == "i686" ]] ; then`
			`jvb_arch="x86"`
			`else`
			`jvb_arch="x64"`
			`fi`
			`mkdir ../src`
			`wget -O ../src/jitsi-videobridge.zip https://download.jitsi.org/jitsi-videobridge/linux/jitsi-videobridge-linux-$jvb_arch-$jvb_buildnum.zip`
			`unzip ../src/jitsi-videobridge.zip -d ../src/jitsi-videobridge`
			`jvb_root=/opt/yunohost/jitsi-videobridge`
			`sudo mkdir -p $jvb_root`
			`sudo cp -ar ../src/jitsi-videobridge/jitsi-videobridge-linux-$jvb_arch-$jvb_buildnum/* $jvb_root`
			`sudo useradd -r -g jitsi -d $jvb_root --shell /bin/bash jvb`
			`sudo chown -R jvb:jitsi $jvb_root`
			`sudo mkdir -p /var/log/jitsi`
			`sudo chown jvb:jitsi /var/log/jitsi`
			`sudo chmod 770 /var/log/jitsi`

			`cat << EOF > ../src/jvb_options`
			`JVB_HOSTNAME=$jitsi_domain`
			`JVB_PORT=5347`
			`JVB_SECRET=$YNH_YOURSECRET1`
			`JVB_OPTS=""`
			`EOF`

			`sudo mv ../src/jvb_options /etc/default/jitsi-videobridge`
			`sudo cp ../conf/jitsi-videobridge.init /etc/init.d/jitsi-videobridge`
			`sudo chmod +x /etc/init.d/jitsi-videobridge`
			`sudo update-rc.d jitsi-videobridge defaults`
			`sudo yunohost service add jitsi-videobridge -l /var/log/jitsi/jvb.log`

			`# TODO : install java7`
			`# TODO : create .sip-communicator to handle videobridge behind NAT`
			`# TODO : avoid error in logs Failed to load class "org.slf4j.impl.StaticLoggerBinder"`
			`# See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.`
			`# TODO : logrotate`
			`# TODO : hook to monit`
[enh] compile with java7 2015-01-27 23:24:06 +01:00			`# TODO : enable jitsi stats : what do we do with it ?`
[enh] first working version 2015-01-14 10:55:14 +01:00
			`#--- Install Jicofo ---`
			`wget -O ../src/jicofo.zip https://github.com/jitsi/jicofo/archive/master.zip`
			`unzip ../src/jicofo.zip -d ../src/jicofo`
			`if [[ "$arch" == "i686" ]] ; then`
			`jicofo_target="lin"`
			`jicofo_arch="x86"`
			`else`
			`jicofo_target="lin64"`
			`jicofo_arch="x64"`
			`fi`
[enh] compile with java7 2015-01-27 23:24:06 +01:00			`bash -c "cd ../src/jicofo/jicofo-master; PATH=/usr/lib/jvm/java-7-openjdk-amd64/bin:$PATH ant dist.$jicofo_target"`
[enh] first working version 2015-01-14 10:55:14 +01:00			`jicofo_dist_zip=$(ls ../src/jicofo/jicofo-master/dist/linux/*.zip)`
			`unzip $jicofo_dist_zip -d ../src/jicofo_dist`

			`jicofo_root=/opt/yunohost/jicofo`
			`sudo mkdir -p $jicofo_root`
			`sudo cp -ar ../src/jicofo_dist/$(basename "$jicofo_dist_zip" .zip)/* $jicofo_root`
			`sudo useradd -r -g jitsi -d $jicofo_root --shell /bin/bash jicofo`
			`sudo chown -R jicofo:jitsi $jicofo_root`

			`cat << EOF > ../src/jicofo_options`
			`# Jitsi Conference Focus settings`
			`JICOFO_HOST=localhost`
			`JICOFO_HOSTNAME=$jitsi_domain`
			`JICOFO_SECRET=$YNH_YOURSECRET2`
			`JICOFO_PORT=5347`
			`JICOFO_AUTH_DOMAIN=auth.$jitsi_domain`
			`JICOFO_AUTH_USER=focus`
			`JICOFO_AUTH_PASSWORD=$YNH_YOURSECRET3`
			`JICOFO_OPTS=""`
			`EOF`

			`sudo mv ../src/jicofo_options /etc/default/jicofo`
			`sudo cp ../conf/jitsi-jicofo.init /etc/init.d/jicofo`
			`sudo chmod +x /etc/init.d/jicofo`
			`sudo update-rc.d jicofo defaults`
			`sudo yunohost service add jicofo -l /var/log/jitsi/jvb.log`

			`# TODO : build with java7, since java6 outputs more warnings`
			`# TODO : logrotate`
			`# TODO : hook to monit`

			`#--- Install Jireco daemon ---`
			`# TODO for later...`

			`#--- Install Jitsi-meet ---`
			`wget -O ../src/jitsi-meet.zip https://github.com/jitsi/jitsi-meet/archive/master.zip`
			`unzip ../src/jitsi-meet.zip -d ../src/jitsi-meet`
			`jitsimeet_path=/var/www/jitsi`
			`sudo mkdir -p $jitsimeet_path`
			`sudo cp -ar ../src/jitsi-meet/jitsi-meet-master/* $jitsimeet_path`

			`sed -i "s@YNH_JITSI_XMPP_HOST@$jitsi_domain@g" ../conf/jitsimeet-config.js`
			`sudo cp ../conf/jitsimeet-config.js $jitsimeet_path/config.js`

			`sudo chown -R root: $jitsimeet_path`
			`sudo find $jitsimeet_path -type f \| xargs sudo chmod 644`
			`sudo find $jitsimeet_path -type d \| xargs sudo chmod 755`

			`# TODO : remove tracking`
			`# TODO : remove GoogleAnalytics`

			`#--- Configure metronome ---`
			`sed -i "s@YNH_JITSI_XMPP_HOST@$jitsi_domain@g" ../conf/metronome.conf`
			`sed -i "s@YNH_YOURSECRET1@$YNH_YOURSECRET1@g" ../conf/metronome.conf`
			`sed -i "s@YNH_YOURSECRET2@$YNH_YOURSECRET2@g" ../conf/metronome.conf`
			`sed -i "s@YNH_YOURSECRET4@$YNH_YOURSECRET4@g" ../conf/metronome.conf`

			`sudo cp ../conf/metronome.conf /etc/metronome/conf.d/$jitsi_domain.cfg.lua`
			`sudo chown metronome: /etc/metronome/conf.d/$jitsi_domain.cfg.lua`

			`sudo openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj \`
			`"/O=$domain/OU=$domain/CN=$jitsi_domain/emailAddress=webmaster@$domain" \`
			`-keyout /var/lib/metronome/$jitsi_domain.key \`
			`-out /var/lib/metronome/$jitsi_domain.crt`

[enh] compile with java7 2015-01-27 23:24:06 +01:00			`# TODO : adduser headless with python pexpect ?`
[enh] todo 2015-01-31 12:31:49 +01:00			`#sudo metronomectl adduser focus@auth.$jitsi_domain # $YNH_YOURSECRET3`
[enh] first working version 2015-01-14 10:55:14 +01:00
			`#--- Configure Nginx ---`
			`# remove trailing '/'. this leaves '/something' untouched, but changes '/' to ''`
			`path=${path%/}`
			`sed -i "s@YNH_LOCATION@$path@g" ../conf/nginx.conf`
			`sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/jitsi.conf`

[enh] compile with java7 2015-01-27 23:24:06 +01:00			`# TODO : subdir support`

[enh] first working version 2015-01-14 10:55:14 +01:00			`sudo service metronome reload`
			`sudo service jitsi-videobridge restart`
			`sudo service jicofo restart`
			`sudo service nginx reload`