#!/usr/bin/env bash script_name="$(basename $(realpath $0))" working_dir="$(dirname $(realpath $0))" #conf_file="${working_dir}/conf/${script_name%%.*}.conf" conf_file="${working_dir}/conf/jitsi.conf" LOCK_DIR="/tmp/$(basename $0).$$.LOCK" log_file="${LOCK_DIR}/${script_name%%.*}.log" # ---------- # Base Function(s) # ---------- clean_up() { # Perform program exit housekeeping rm -rf "$LOCK_DIR" blank_line exit $1 } echononl(){ if $terminal ; then echo X\\c > /tmp/shprompt$$ if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then echo -e -n " $*\\c" 1>&2 else echo -e -n " $*" 1>&2 fi rm /tmp/shprompt$$ fi } fatal(){ echo "" if $terminal ; then echo -e " [ \033[31m\033[1mFatal\033[m ] $*" else echo -e " [ Fatal ] $*" fi echo "" if $terminal ; then echo -e " \033[1mScript terminated\033[m.." else echo -e " Script terminated.." fi echo "" rm -rf $LOCK_DIR exit 1 } error (){ echo "" if $terminal ; then echo -e " [ \033[31m\033[1mError\033[m ] $*" else echo " [ Error ] $*" fi echo "" } warn (){ echo "" if $terminal ; then echo -e " [ \033[33m\033[1mWarning\033[m ] $*" else echo " [ Error ] $*" fi echo "" } info (){ if $terminal ; then echo "" if $terminal ; then echo -e " [ \033[32m\033[1mInfo\033[m ] $*" else echo " [ Info ] $*" fi echo "" fi } echo_ok() { if $terminal ; then echo -e "\033[85G[ \033[32mok\033[m ]" fi } echo_failed(){ if $terminal ; then echo -e "\033[85G[ \033[1;31mfailed\033[m ]" fi } echo_skipped() { if $terminal ; then echo -e "\033[85G[ \033[33m\033[1mskipped\033[m ]" fi } echo_wait(){ if $terminal ; then echo -en "\033[85G[ \033[5m\033[1m..\033[m ]" fi } trim() { local var="$*" var="${var#"${var%%[![:space:]]*}"}" # remove leading whitespace characters var="${var%"${var##*[![:space:]]}"}" # remove trailing whitespace characters echo -n "$var" } blank_line() { if $terminal ; then echo "" fi } detect_os () { if $(which lsb_release > /dev/null 2>&1) ; then DIST="$(lsb_release -i | awk '{print tolower($3)}')" DIST_VERSION="$(lsb_release -r | awk '{print tolower($2)}')" DIST_CODENAME="$(lsb_release -c | awk '{print tolower($2)}')" if [[ "$DIST" = "debian" ]]; then if $(echo "$DIST_VERSION" | grep -q '\.') ; then DIST_VERSION=$(echo "$DIST_VERSION" | cut --delimiter='.' -f1) fi fi elif [[ -e "/etc/os-release" ]]; then . /etc/os-release DIST=$ID DIST_VERSION=${VERSION_ID} fi # remove whitespace from DIST and DIST_VERSION DIST="${DIST// /}" DIST_VERSION="${DIST_VERSION// /}" } # ---------- # - Jobhandling # ---------- # - Run 'clean_up' for signals SIGHUP SIGINT SIGTERM # - trap clean_up SIGHUP SIGINT SIGTERM # - Create lock directory '$LOCK_DIR" # mkdir "$LOCK_DIR" # ---------- # - Some checks .. # ---------- # - Running in a terminal? # - if [[ -t 1 ]] ; then terminal=true else fatal "Script must run in a terminal." fi # ========== # - Begin Main Script # ========== # ---------- # - Headline # ---------- if $terminal ; then echo "" echo -e "\033[1m----------\033[m" echo -e "\033[32m\033[1mRunning script \033[m\033[1m$script_name\033[32m .. \033[m" echo -e "\033[1m----------\033[m" fi # ---------- # Read Configurations from $conf_file # ---------- # - Give your default values here # - DEFAULT_FQHN_HOSTNAME="$(hostname -f)" DEFAULT_JITSI_REPOSITORY_VERSION="stable" if [[ -f "$conf_file" ]]; then source "$conf_file" else warn "No configuration file '$conf_file' present.\n Loading default values.." fi [[ -n "$FQHN_HOSTNAME" ]] && DEFAULT_FQHN_HOSTNAME="$FQHN_HOSTNAME" [[ -n "$JITSI_REPOSITORY_VERSION" ]] && DEFAULT_JITSI_REPOSITORY_VERSION="$JITSI_REPOSITORY_VERSION" if [[ "$DEFAULT_JITSI_REPOSITORY_VERSION" != "stable" ]] \ && [[ "$DEFAULT_JITSI_REPOSITORY_VERSION" != "unstable" ]]; then DEFAULT_JITSI_REPOSITORY_VERSION="" fi blank_line echononl "Detect distribution/release of running OS.." detect_os > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi FQHN_HOSTNAME= echo "" echo -e "\033[32m--\033[m" echo "" echo "Insert full qualified hostname for Jitsi-Meet Service" echo "" if [[ -n "$DEFAULT_FQHN_HOSTNAME" ]]; then while [[ "X${FQHN_HOSTNAME}" = "X" ]]; do echononl "Full qualified hostname [${DEFAULT_FQHN_HOSTNAME}]: " read FQHN_HOSTNAME if [[ "X${FQHN_HOSTNAME}" = "X" ]]; then FQHN_HOSTNAME=$DEFAULT_FQHN_HOSTNAME fi if [[ ! $FQHN_HOSTNAME =~ \. ]]; then echo -e "\n\tGiven Host \033[33m\033[1m$FQHN_HOSTNAME\033[m seems not to be a full qualified hostname.\n" FQHN_HOSTNAME="" fi done else while [[ "X${FQHN_HOSTNAME}" = "X" ]]; do echononl "Full qualified hostname: " read FQHN_HOSTNAME if [[ "X${FQHN_HOSTNAME}" = "X" ]]; then echo -e "\n\t\033[33m\033[1mFull qualified hostname is reqired\033[m\n" fi if [[ ! $FQHN_HOSTNAME =~ \. ]]; then echo -e "\n\tGiven Host \033[33m\033[1m$FQHN_HOSTNAME\033[m seems not to be a full qualified hostname.\n" FQHN_HOSTNAME="" fi done fi HOSTNAME="${FQHN_HOSTNAME%%.*}" JITSI_REPOSITORY_VERSION="" echo "" echo -e "\033[32m--\033[m" echo "" echo "Which Jitsi Repository should be installed?" echo "" if [[ "$DEFAULT_JITSI_REPOSITORY_VERSION" = 'unstable' ]]; then echo "[1] stable" echo -e "[2] \033[1munstable\033[m" elif [[ "$DEFAULT_JITSI_REPOSITORY_VERSION" = 'stable' ]]; then echo -e "[1] \033[1mstable\033[m" echo "[2] unstable" else echo "[1] stable" echo "[2] unstable" fi echo "" echo "Type a number or press to choose highlighted value if available" echo "" echononl "Eingabe: " while [[ "$JITSI_REPOSITORY_VERSION" != "stable" ]] \ && [[ "$JITSI_REPOSITORY_VERSION" != "unstable" ]]; do read OPTION case $OPTION in 1) JITSI_REPOSITORY_VERSION="stable" ;; 2) JITSI_REPOSITORY_VERSION="unstable" ;; '') JITSI_REPOSITORY_VERSION="$DEFAULT_JITSI_REPOSITORY_VERSION" if [[ -z "$JITSI_REPOSITORY_VERSION" ]] ; then echo "" echo -e "\tFalsche Eingabe ! [ 1 = stable ; 2 = unstable ]" echo "" echononl "Eingabe:" fi ;; *) echo "" echo -e "\tFalsche Eingabe ! [ 1 = stable ; 2 = unstable ]" echo "" echononl "Eingabe:" ;; esac done echo "" echo "" echo -e "\t\033[32mStart pre-install script for Jitsi-Meet Service with the following parameters\033[m" echo "" echo -e "\tFull qualified Hostname..: $FQHN_HOSTNAME" echo -e "\tHostname.................: $HOSTNAME" echo "" echo -e "\tJitsi Repository Version.: $JITSI_REPOSITORY_VERSION" echo "" echononl "einverstanden (yes/no): " read OK OK=${OK,,} while [ "X$OK" != "Xyes" -a "X$OK" != "Xno" ]; do echononl "Wrong entry! [yes/no]: " read OK OK=${OK,,} done [ $OK = "yes" ] || fatal Repeat with other settings.. echo "" echo "" echo echo -e "\033[37m\033[1mSome checks....\033[m" echo _failed=false echononl "Check if Nginx Webservice is installed.." if $(dpkg -s nginx-extras > "$log_file" 2>&1) ; then nginx_installed=true elif $(dpkg -s nginx-full > "$log_file" 2>&1) ; then nginx_installed=true else nginx_installed=false fi if $nginx_installed ; then echo -e "\033[85G[ \033[32mYES\033[m ]" else echo -e "\033[85G[ \033[1;31mNOT installed\033[m ]" fi _failed=false echononl "Check if certificate for '$FQHN_HOSTNAME' is present.." if [[ -d "/var/lib/dehydrated/certs/${FQHN_HOSTNAME}" ]] ; then if [[ -h "/var/lib/dehydrated/certs/${FQHN_HOSTNAME}/fullchain.pem" ]]; then cert_present=true else cert_present=false fi else cert_present=false fi if $cert_present ; then echo -e "\033[85G[ \033[32mYES\033[m ]" else echo -e "\033[85G[ \033[1;31mNOT present\033[m ]" fi if ! $cert_present || ! $nginx_installed ; then warn "We recommend you to have Nginx installed and also created the Lets Encrypt Certificate for jitsi host ${FQHN_HOSTNAME}" echononl "\033[1mcontinue anyway\033[m [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" fi echo echo -e "\033[37m\033[1mUpdate file '/etc/systemd/system.conf'....\033[m" echo echononl "Set Parameter 'DefaultLimitNOFILE'.." if ! $(grep -q -E "^\s*DefaultLimitNOFILE=" /etc/systemd/system.conf 2> /dev/null); then perl -i -n -p -e "s/^(\s*#DefaultLimitNOFILE=.*)/\1\nDefaultLimitNOFILE=1048576/" \ /etc/systemd/system.conf > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi elif ! $(grep -q -E "^\s*DefaultLimitNOFILE=1048576" /etc/systemd/system.conf 2> /dev/null); then perl -i -n -p -e "s/^\s*DefaultLimitNOFILE=.*/DefaultLimitNOFILE=1048576/" \ /etc/systemd/system.conf > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi else echo_skipped fi echononl "Set Parameter 'DefaultLimitNPROC'.." if ! $(grep -q -E "^\s*DefaultLimitNPROC=" /etc/systemd/system.conf 2> /dev/null); then perl -i -n -p -e "s/^(\s*#DefaultLimitNPROC=.*)/\1\nDefaultLimitNPROC=1048576/" \ /etc/systemd/system.conf > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi elif ! $(grep -q -E "^\s*DefaultLimitNPROC=1048576" /etc/systemd/system.conf 2> /dev/null); then perl -i -n -p -e "s/^\s*DefaultLimitNPROC=.*/DefaultLimitNPROC=1048576/" \ /etc/systemd/system.conf > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi else echo_skipped fi echononl "Set Parameter 'DefaultTasksMax'.." if ! $(grep -q -E "^\s*DefaultTasksMax=" /etc/systemd/system.conf 2> /dev/null); then perl -i -n -p -e "s/^(\s*#DefaultTasksMax=.*)/\1\nDefaultTasksMax=1048576/" \ /etc/systemd/system.conf > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi elif ! $(grep -q -E "^\s*DefaultTasksMax=1048576" /etc/systemd/system.conf 2> /dev/null); then perl -i -n -p -e "s/^\s*DefaultTasksMax=.*/DefaultTasksMax=1048576/" \ /etc/systemd/system.conf > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi else echo_skipped fi echononl "Set Parameter 'DefaultLimitRTPRIO'.." if ! $(grep -q -E "^\s*DefaultLimitRTPRIO=" /etc/systemd/system.conf 2> /dev/null); then perl -i -n -p -e "s/^(\s*#DefaultLimitRTPRIO=.*)/\1\nDefaultLimitRTPRIO=infinity/" \ /etc/systemd/system.conf > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi elif ! $(grep -q -E "^\s*DefaultLimitRTPRIO=infinity" /etc/systemd/system.conf 2> /dev/null); then perl -i -n -p -e "s/^\s*DefaultLimitRTPRIO=.*/DefaultLimitRTPRIO=infinity/" \ /etc/systemd/system.conf > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi else echo_skipped fi echononl "Set Parameter 'DefaultLimitRTTIME'.." if ! $(grep -q -E "^\s*DefaultLimitRTTIME=" /etc/systemd/system.conf 2> /dev/null); then perl -i -n -p -e "s/^(\s*#DefaultLimitRTTIME=.*)/\1\nDefaultLimitRTTIME=infinity/" \ /etc/systemd/system.conf > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi elif ! $(grep -q -E "^\s*DefaultLimitRTTIME=infinity" /etc/systemd/system.conf 2> /dev/null); then perl -i -n -p -e "s/^\s*DefaultLimitRTTIME=.*/DefaultLimitRTTIME=infinity/" \ /etc/systemd/system.conf > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi else echo_skipped fi _failed=false echononl "Set Parameter 'DefaultLimitCORE'.." if ! $(grep -q -E "^\s*DefaultLimitCORE=" /etc/systemd/system.conf 2> /dev/null); then perl -i -n -p -e "s/^(\s*#DefaultLimitCORE=.*)/\1\nDefaultLimitCORE=infinity/" \ /etc/systemd/system.conf > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi elif ! $(grep -q -E "^\s*DefaultLimitCORE=infinity" /etc/systemd/system.conf 2> /dev/null); then perl -i -n -p -e "s/^\s*DefaultLimitCORE=.*/DefaultLimitCORE=infinity/" \ /etc/systemd/system.conf > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi else echo_skipped fi echononl "Reload Systemd .." systemctl daemon-reload > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi echo echo -e "\033[37m\033[1mSome Certifikation/Key stuff..\033[m" echo cert_copied=false echononl "Copy Snakeoil Cert to file '/etc/ssl/fullchain.pem'.." if [[ ! -f "/etc/ssl/fullchain.pem" ]] && [[ ! -h "/etc/ssl/fullchain.pem" ]]; then cp /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/fullchain.pem > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok cert_copied=true fi else echo_skipped fi perm_cert="644" echononl "Set Permission $perm_cert on file '/etc/ssl/fullchain.pem'.." if $cert_copied ; then chmod 644 /etc/ssl/fullchain.pem > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi else echo_skipped fi if [[ ! -h "/etc/ssl/${FQHN_HOSTNAME}.crt" ]]; then if [[ -f "/etc/ssl/${FQHN_HOSTNAME}.crt" ]] ; then echononl "Remove file '/etc/ssl/${FQHN_HOSTNAME}.crt'.." rm "/etc/ssl/${FQHN_HOSTNAME}.crt" > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi fi echononl "Set Symlink '/etc/ssl/${FQHN_HOSTNAME}.crt --> fullchain.pem'.." ln -s fullchain.pem /etc/ssl/${FQHN_HOSTNAME}.crt > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi else echononl "Set Symlink '/etc/ssl/${FQHN_HOSTNAME}.crt --> fullchain.pem'.." echo_skipped fi blank_line key_copied=false echononl "Copy Snakeoil Key to file '/etc/ssl/privkey.pem'.." if [[ ! -f "/etc/ssl/privkey.pem" ]] && [[ ! -h "/etc/ssl/privkey.pem" ]]; then cp /etc/ssl/private/ssl-cert-snakeoil.key /etc/ssl/privkey.pem > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok key_copied=true fi else echo_skipped fi perm_key="644" echononl "Set Permission $perm_key on file '/etc/ssl/privkey.pem'.." if $key_copied ; then chmod 644 /etc/ssl/privkey.pem > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi else echo_skipped fi if [[ ! -h "/etc/ssl/${FQHN_HOSTNAME}.key" ]]; then if [[ -f "/etc/ssl/${FQHN_HOSTNAME}.key" ]] ; then echononl "Remove file '/etc/ssl/${FQHN_HOSTNAME}.key'.." rm "/etc/ssl/${FQHN_HOSTNAME}.key" > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi fi echononl "Set Symlink '/etc/ssl/${FQHN_HOSTNAME}.key --> privkey.pem'.." ln -s privkey.pem /etc/ssl/${FQHN_HOSTNAME}.key > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi else echononl "Set Symlink '/etc/ssl/${FQHN_HOSTNAME}.key --> privkey.pem'.." echo_skipped fi echo echo -e "\033[37m\033[1mSome naming stuff..\033[m" echo echononl "Change /etc/hostname - set entry to '$FQHN_HOSTNAME'.." if [[ "$(head -1 /etc/hostname)" != "$FQHN_HOSTNAME" ]]; then cat < /etc/hostname $FQHN_HOSTNAME EOF if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi else echo_skipped fi blank_line echo -e " Take care '/etc/hosts' contains line '127.0.1.1 ${FQHN_HOSTNAME} $HOSTNAME'.." echononl " \033[1m127.0.1.1 ${FQHN_HOSTNAME} $HOSTNAME\033[m .." if ! $(grep -q -E "^\s*127.0.1.1 ${FQHN_HOSTNAME} $HOSTNAME" /etc/hosts 2> "$log_file") ; then if $(grep -q -E "^\s*127.0.1.1" /etc/hosts 2> "$log_file") ; then perl -i -n -p -e "s/(^\s*127.0.1.1.*)/#\1\n127.0.1.1 ${FQHN_HOSTNAME} $HOSTNAME/" \ /etc/hosts > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi elif $(grep -q -E "^\s*127.0.0.1" /etc/hosts 2> "$log_file") ; then perl -i -n -p -e "s/(^\s*127.0.0.1.*)/\1\n127.0.1.1 ${FQHN_HOSTNAME} $HOSTNAME/" \ /etc/hosts > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi else cat <> /etc/hosts 2> "$log_file" 127.0.1.1 ${FQHN_HOSTNAME} $HOSTNAME EOF if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi fi else echo_skipped fi echo echo -e "\033[37m\033[1mRepository stuff..\033[m" echo echononl "Add the '$JITSI_REPOSITORY_VERSION' Jitsi package repository.." echo "deb https://download.jitsi.org ${JITSI_REPOSITORY_VERSION}/" > /etc/apt/sources.list.d/jitsi-${JITSI_REPOSITORY_VERSION}.list if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi if [[ "$JITSI_REPOSITORY_VERSION" = "stable" ]]; then if [[ -f "/etc/apt/sources.list.d/jitsi-unstable.list" ]]; then echononl "Remove Repository List for 'unstable' jitsi packages.." rm "/etc/apt/sources.list.d/jitsi-unstable.list" > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi fi else if [[ -f "/etc/apt/sources.list.d/jitsi-stable.list" ]]; then echononl "Remove Repository List for 'stable' jitsi packages.." rm "/etc/apt/sources.list.d/jitsi-stable.list" > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi fi fi echononl "Add the Jitsi Maintainer gpg key.." wget -qO - https://download.jitsi.org/jitsi-key.gpg.key 2> "$log_file" | sudo apt-key add - > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi echononl "Update Repository.." apt-get update > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi # Ensure support is available for apt repositories served via HTTPS # echononl "Install 'apt-transport-https'.." if $(dpkg -s apt-transport-https > "$log_file" 2>&1) ; then echo_skipped else apt-get install -y apt-transport-https > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi fi info "To ensure, your system is fully prepared for installing Jitsi Meet, it is recommend to \033[1mreboot the system before installing Jitsi Meet\033[m." clean_up 0