add support for Jibri Streamin/Recording.

conf/default_ports.conf

@@ -59,6 +59,10 @@ standard_jitsi_tcp_ports="$standard_http_ports"
 standard_jitsi_udp_port_range="10000:20000"
 default_jitsi_dovecout_auth_port="$dovecot_external_auth_port"
 
+# - Jibri Service
+# -
+default_jibri_out_port=5222
+
 
 # - TURN Server (Stun Server) (for Nextcloud 'talk' app)
 # -

conf/main_ipv4.conf.sample

@@ -403,6 +403,28 @@ jitsi_dovecot_auth=false
 jitsi_dovecot_host=""
 jitsi_dovecot_port="$default_jitsi_dovecout_auth_port"
 
+# - Jibri extern Client Recording / Streamin
+# -
+jitsi_jibri_remote_auth=false
+# - Remote Jibri servers
+# -
+# - blank separated list of ipv4 addresses
+# -
+jitsi_jibri_remote_ips=""
+jitsi_jibri_remote_auth_port="$default_jibri_out_port"
+
+
+# - Jibri Recording / Streaming Service
+# -
+# - blank separated list of ipv4 addresse
+# -
+jibri_server_ips=""
+# - blank separated list of ipv4 addresse
+# -
+forward_jibri_server_ips=""
+jibri_remote_jitsi_server=""
+jibri_remote_auth_port="$default_jibri_out_port"
+
 
 # - TURN Server (Stun Server) (for Nextcloud 'talk' app)
 # -

conf/main_ipv6.conf.sample

@@ -422,6 +422,28 @@ jitsi_dovecot_auth=false
 jitsi_dovecot_host=""
 jitsi_dovecot_port="$default_jitsi_dovecout_auth_port"
 
+# - Jibri extern Client Recording / Streamin
+# -
+jitsi_jibri_remote_auth=false
+# - Remote Jibri servers
+# -
+# - colon separated list of ipv6 addresses
+# -
+jitsi_jibri_remote_ips=""
+jitsi_jibri_remote_auth_port="$default_jibri_out_port"
+
+
+# - Jibri Recording / Streaming Service
+# -
+# - colon separated list of ipv6 addresses
+# -
+jibri_server_ips=""
+# - colon separated list of ipv6 addresses
+# -
+forward_jibri_server_ips=""
+jibri_remote_jitsi_server=""
+jibri_remote_auth_port="$default_jibri_out_port"
+
 
 # - TURN Server (Stun Server) (for Nextcloud 'talk' app)
 # -

conf/post_decalrations.conf

@@ -315,6 +315,27 @@ for _ip in $forward_jitsi_server_ips ; do
    forward_jitsi_server_ip_arr+=("$_ip")
 done
 
+# ---
+# - IP Addresses Remote Jibri Server
+# ---
+declare -a jitsi_jibri_remote_ip_arr
+for _ip in $jitsi_jibri_remote_ips ; do
+   jitsi_jibri_remote_ip_arr+=("$_ip")
+done
+
+# ---
+# - IP Addresses Jibri Recording / Streaming Server
+# ---
+declare -a jibri_server_ip_arr
+for _ip in $jibri_server_ips ; do
+   jibri_server_ip_arr+=("$_ip")
+done
+# DMZ
+declare -a forward_jibri_server_ip_arr
+for _ip in $forward_jibri_server_ips ; do
+   forward_jibri_server_ip_arr+=("$_ip")
+done
+
 # ---
 # - IP Addresses TURN Server (Stun Server) (for Nextcloud 'talk' app)
 # ---

ip6t-firewall-server

@@ -1756,7 +1756,7 @@ if [[ ${#mumble_server_ip_arr[@]} -gt 0 ]] || [[ ${#forward_mumble_server_ip_arr
       done
    fi
 
-   if [[ ${#forward_mumble_server_ip_arr[@]} ]] && $kernel_forward_between_interfaces ; then
+   if [[ ${#forward_mumble_server_ip_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then
       for _ip in ${forward_mumble_server_ip_arr[@]} ; do
          $ip6t -A FORWARD -p tcp -d $_ip -m multiport --dports $mumble_ports -m state --state NEW -j ACCEPT
          $ip6t -A FORWARD -p udp -d $_ip -m multiport --dports $mumble_ports -m state --state NEW -j ACCEPT
@@ -1786,7 +1786,7 @@ if [[ ${#jitsi_server_ip_arr[@]} -gt 0 ]] || [[ ${#forward_jitsi_server_ip_arr[@
       done
    fi
 
-   if [[ ${#forward_jitsi_server_ip_arr[@]} ]] && $kernel_forward_between_interfaces ; then
+   if [[ ${#forward_jitsi_server_ip_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then
       for _ip in ${forward_jitsi_server_ip_arr[@]} ; do
          if ! containsElement "$_ip" "${http_server_ip_arr[@]}" || [[ "$jitsi_tcp_ports" != "$standard_http_ports" ]] ; then
             $ip6t -A FORWARD -p tcp -d $_ip -m multiport --dports $jitsi_tcp_ports -m state --state NEW -j ACCEPT
@@ -1809,7 +1809,7 @@ if [[ ${#jitsi_server_ip_arr[@]} -gt 0 ]] || [[ ${#forward_jitsi_server_ip_arr[@
       done
    fi
 
-   if [[ ${#forward_jitsi_server_ip_arr[@]} ]] && $kernel_forward_between_interfaces ; then
+   if [[ ${#forward_jitsi_server_ip_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then
       for _ip in ${forward_jitsi_server_ip_arr[@]} ; do
          $ip6t -A FORWARD -p tcp -s $_ip -m multiport --dports $jitsi_tcp_ports_out -m state --state NEW -j ACCEPT
          $ip6t -A FORWARD -p udp -s $_ip -m multiport --dports $jitsi_udp_ports_out -m state --state NEW -j ACCEPT
@@ -1827,7 +1827,7 @@ if [[ ${#jitsi_server_ip_arr[@]} -gt 0 ]] || [[ ${#forward_jitsi_server_ip_arr[@
          $ip6t -A OUTPUT -p tcp -d $jitsi_dovecot_host --dport $jitsi_dovecot_port -m state --state NEW -j ACCEPT
       fi
 
-      if [[ ${#forward_jitsi_server_ip_arr[@]} ]] && $kernel_forward_between_interfaces ; then
+      if [[ ${#forward_jitsi_server_ip_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then
          $ip6t -A FORWARD -p tcp -d $jitsi_dovecot_host --dport $jitsi_dovecot_port -m state --state NEW -j ACCEPT
       fi
       echo_done
@@ -1838,6 +1838,48 @@ else
    echo_skipped
 fi
 
+echononl "\t\tJitsi Remote Jibri Client"
+if [[ ${#jitsi_server_ip_arr[@]} -gt 0 ]] \
+      && $jitsi_jibri_remote_auth \
+      && [[ ${#jitsi_jibri_remote_ip_arr[@]} -gt 0 ]] ; then
+   for _ip in ${jitsi_jibri_remote_ip_arr[@]} ; do
+      $ip6t -A INPUT -p tcp -s  $_ip --dport $jitsi_jibri_remote_auth_port -m state --state NEW -j ACCEPT
+   done
+
+   echo_done
+else
+   echo_skipped
+fi
+
+
+# ---
+# - Jibri Recording / Streaming Service
+# ---
+
+echononl "\t\tJibri Recording / Streaming Service"
+if [[ ${#jibri_server_ip_arr[@]} -gt 0 ]] || [[ ${#forward_jibri_server_ip_arr[@]} -gt 0 ]]; then
+
+   if [[ -z "$jibri_remote_jitsi_server" ]]; then
+      echo_skipped
+   else
+      if [[ ${#jibri_server_ip_arr[@]} -gt 0 ]] ; then
+         for _ip in ${jibri_server_ip_arr[@]} ; do
+            $ip6t -A OUTPUT -p tcp -d $jibri_remote_jitsi_server --dport $jibri_remote_auth_port -m state --state NEW -j ACCEPT
+         done
+      fi
+
+      if [[ ${#forward_jibri_server_ip_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then
+         for _ip in ${forward_jibri_server_ip_arr[@]} ; do
+            $ip6t -A FORWARD -p tcp -d $jibri_remote_jitsi_server --dport $jibri_remote_auth_port -m state --state NEW -j ACCEPT
+         done
+      fi
+
+      echo_done
+   fi
+else
+   echo_skipped
+fi
+
 
 # ---
 # - TURN Service (for NC Talk App)

ipt-firewall-server

@@ -2002,7 +2002,7 @@ if [[ ${#mumble_server_ip_arr[@]} -gt 0 ]] || [[ ${#forward_mumble_server_ip_arr
       done
    fi
 
-   if [[ ${#forward_mumble_server_ip_arr[@]} ]] && $kernel_activate_forwarding ; then
+   if [[ ${#forward_mumble_server_ip_arr[@]} -gt 0 ]] && $kernel_activate_forwarding ; then
       for _ip in ${forward_mumble_server_ip_arr[@]} ; do
          $ipt -A FORWARD -p tcp -d $_ip -m multiport --dports $mumble_ports -m state --state NEW -j ACCEPT
          $ipt -A FORWARD -p udp -d $_ip -m multiport --dports $mumble_ports -m state --state NEW -j ACCEPT
@@ -2032,7 +2032,7 @@ if [[ ${#jitsi_server_ip_arr[@]} -gt 0 ]] || [[ ${#forward_jitsi_server_ip_arr[@
       done
    fi
 
-   if [[ ${#forward_jitsi_server_ip_arr[@]} ]] && $kernel_activate_forwarding ; then
+   if [[ ${#forward_jitsi_server_ip_arr[@]} -gt 0 ]] && $kernel_activate_forwarding ; then
       for _ip in ${forward_jitsi_server_ip_arr[@]} ; do
          if ! containsElement "$_ip" "${http_server_ip_arr[@]}" || [[ "$jitsi_tcp_ports" != "$standard_http_ports" ]] ; then
             $ipt -A FORWARD -p tcp -d $_ip -m multiport --dports $jitsi_tcp_ports -m state --state NEW -j ACCEPT
@@ -2055,7 +2055,7 @@ if [[ ${#jitsi_server_ip_arr[@]} -gt 0 ]] || [[ ${#forward_jitsi_server_ip_arr[@
       done
    fi
 
-   if [[ ${#forward_jitsi_server_ip_arr[@]} ]] && $kernel_activate_forwarding ; then
+   if [[ ${#forward_jitsi_server_ip_arr[@]} -gt 0 ]] && $kernel_activate_forwarding ; then
       for _ip in ${forward_jitsi_server_ip_arr[@]} ; do
          $ipt -A FORWARD -p tcp -s $_ip -m multiport --dports $jitsi_tcp_ports_out -m state --state NEW -j ACCEPT
          $ipt -A FORWARD -p udp -s $_ip -m multiport --dports $jitsi_udp_ports_out -m state --state NEW -j ACCEPT
@@ -2073,7 +2073,7 @@ if [[ ${#jitsi_server_ip_arr[@]} -gt 0 ]] || [[ ${#forward_jitsi_server_ip_arr[@
          $ipt -A OUTPUT -p tcp -d $jitsi_dovecot_host --dport $jitsi_dovecot_port -m state --state NEW -j ACCEPT
       fi
 
-      if [[ ${#forward_jitsi_server_ip_arr[@]} ]] && $kernel_activate_forwarding ; then
+      if [[ ${#forward_jitsi_server_ip_arr[@]} -gt 0 ]] && $kernel_activate_forwarding ; then
          $ipt -A FORWARD -p tcp -d $jitsi_dovecot_host --dport $jitsi_dovecot_port -m state --state NEW -j ACCEPT
       fi
       echo_done
@@ -2084,6 +2084,49 @@ else
    echo_skipped
 fi
 
+echononl "\t\tJitsi Remote Jibri Client"
+if [[ ${#jitsi_server_ip_arr[@]} -gt 0 ]] \
+      && $jitsi_jibri_remote_auth \
+      && [[ ${#jitsi_jibri_remote_ip_arr[@]} -gt 0 ]] ; then
+   for _ip in ${jitsi_jibri_remote_ip_arr[@]} ; do
+      $ipt -A INPUT -p tcp -s  $_ip --dport $jitsi_jibri_remote_auth_port -m state --state NEW -j ACCEPT
+   done
+
+   echo_done
+else
+   echo_skipped
+fi
+
+
+# ---
+# - Jibri Recording / Streaming Service
+# ---
+
+echononl "\t\tJibri Recording / Streaming Service"
+if [[ ${#jibri_server_ip_arr[@]} -gt 0 ]] || [[ ${#forward_jibri_server_ip_arr[@]} -gt 0 ]]; then
+
+   if [[ -z "$jibri_remote_jitsi_server" ]]; then
+      echo_skipped
+   else
+      if [[ ${#jibri_server_ip_arr[@]} -gt 0 ]] ; then
+         for _ip in ${jibri_server_ip_arr[@]} ; do
+            $ipt -A OUTPUT -p tcp -d $jibri_remote_jitsi_server --dport $jibri_remote_auth_port -m state --state NEW -j ACCEPT
+         done
+      fi
+
+      if [[ ${#forward_jibri_server_ip_arr[@]} -gt 0 ]] && $kernel_activate_forwarding ; then
+         for _ip in ${forward_jibri_server_ip_arr[@]} ; do
+            $ipt -A FORWARD -p tcp -d $jibri_remote_jitsi_server --dport $jibri_remote_auth_port -m state --state NEW -j ACCEPT
+         done
+      fi
+
+      echo_done
+   fi
+else
+   echo_skipped
+fi
+
+
 # ---
 # - TURN Service (for NC Talk App)
 # ---