podman-jitsi : premier jet

2021-06-04 19:36:50 +02:00 · 2021-06-04 19:36:50 +02:00 · dc31107e18
parent 91f9bf171d
commit dc31107e18
12 changed files with 213 additions and 133 deletions
--- a/functions.sh
+++ b/functions.sh
@ -42,6 +42,17 @@ ensure_systemd_as_user_dir_exists () {
  [[ -d ${HOME}/.config/systemd/user/ ]] || mkdir -p ${HOME}/.config/systemd/user/
 }

+# sed or die trying
+sed_in_place () {
+    grep -q "${1}" "${3}"
+    if [ $? -eq 0 ]; then
+	sed -i -e "s|${1}|${2}|g" ${3}
+    else
+	echo "Pattern ${1} not found in file ${3}, exiting."
+	exit 1
+    fi
+}
+
 # check: systemd unit exists
 check_systemd_unit_exists () {
  systemctl --user cat -- ${1} &> /dev/null
--- a/podman-jitsi/00_status.sh
+++ b/podman-jitsi/00_status.sh
@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+
+ABSDIR="$( dirname "$(readlink -f -- "$0")" )"
+source ${ABSDIR}/../functions.sh
+source ${ABSDIR}/vars.sh
+
+ensure_pwd_is_scriptdir
+ensure_not_root
+
+echo "Podman images status..."
+for image in ${upstream_images} ; do
+    podman images ${image} | grep ${image} || echo Image ${image} not found.
+done
+echo
+echo "Checking pod status..."
+podman pod ps | grep ${pod_name} || echo Pod ${pod_name} not found.
+echo
+echo "Checking systemd unit status..."
+systemctl --user status ${pod_name}
--- a/podman-jitsi/05_freshinstall.sh
+++ b/podman-jitsi/05_freshinstall.sh
@ -0,0 +1,23 @@
+#!/usr/bin/env bash
+
+ABSDIR="$( dirname "$(readlink -f -- "$0")" )"
+source ${ABSDIR}/../functions.sh
+source ${ABSDIR}/vars.sh
+
+ensure_pwd_is_scriptdir
+ensure_not_root
+
+mkdir -p ~/.jitsi-meet-cfg/{web/letsencrypt,transcripts,prosody/config,prosody/prosody-plugins-custom,jicofo,jvb,jigasi,jibri}
+
+${ABSDIR}/10_install.sh
+
+# Patch config.js
+sed_in_place "^        enabled: true," "        enabled: false," ~/.jitsi-meet-cfg/web/config.js
+sed_in_place "^    // enableInsecureRoomNameWarning: false," "    enableInsecureRoomNameWarning: true," ~/.jitsi-meet-cfg/web/config.js
+sed_in_place "^    // disableThirdPartyRequests: false," "    disableThirdPartyRequests: true," ~/.jitsi-meet-cfg/web/config.js
+sed_in_place "^    // remoteVideoMenu: {" "    remoteVideoMenu: {\n        disableKick: false,\n        disableGrantModerator: false,\n    }," ~/.jitsi-meet-cfg/web/config.js
+
+# Patch ~/.jitsi-meet-cfg/web/interface_config.js
+sed_in_place "^    APP_NAME: 'Jitsi Meet'," "    APP_NAME: 'Jitsi Garbaye'," ~/.jitsi-meet-cfg/web/interface_config.js
+sed_in_place "^    DEFAULT_REMOTE_DISPLAY_NAME: 'Fellow Jitster'," "    DEFAULT_REMOTE_DISPLAY_NAME: 'Participant'," ~/.jitsi-meet-cfg/web/interface_config.js
+sed_in_place "^    JITSI_WATERMARK_LINK: 'https://jitsi.org'," "    JITSI_WATERMARK_LINK: 'https://jitsi.garbaye.fr'," ~/.jitsi-meet-cfg/web/interface_config.js
--- a/podman-jitsi/10_install.sh
+++ b/podman-jitsi/10_install.sh
@ -0,0 +1,40 @@
+#!/usr/bin/env bash
+
+ABSDIR="$( dirname "$(readlink -f -- "$0")" )"
+source ${ABSDIR}/../functions.sh
+source ${ABSDIR}/vars.sh
+
+ensure_pwd_is_scriptdir
+ensure_not_root
+
+curl -s -- "https://codeload.github.com/jitsi/docker-jitsi-meet/tar.gz/refs/tags/${version}" | tar xzv --strip-components 1 docker-jitsi-meet-${version}/docker-compose.yml docker-jitsi-meet-${version}/env.example docker-jitsi-meet-${version}/gen-passwords.sh
+cp env.example .env
+./gen-passwords.sh
+
+# Patch docker-compose.yml
+sed_in_place "^        image: jitsi/" "        image: docker.io/jitsi/" docker-compose.yml
+sed_in_place "^        environment:" "        env_file:\n            - .env\n        environment:" docker-compose.yml
+sed_in_place "^            - '\${JVB_TCP_PORT}:\${JVB_TCP_PORT}'" "#            - '\${JVB_TCP_PORT}:\${JVB_TCP_PORT}'" docker-compose.yml
+sed_in_place "^            - '\${HTTPS_PORT}:443'" "#            - '\${HTTPS_PORT}:443'" docker-compose.yml
+
+# Patch env file
+sed_in_place "^HTTP_PORT=8000" "HTTP_PORT=8085" .env
+sed_in_place "^HTTPS_PORT=8443" "#HTTPS_PORT=8443" .env
+sed_in_place "^TZ=UTC" "TZ=Europe/Paris" .env
+sed_in_place "^#PUBLIC_URL=https://meet.example.com" "PUBLIC_URL=https://jitsi.garbaye.fr" .env
+sed_in_place "^#DOCKER_HOST_ADDRESS=192.168.1.1" "DOCKER_HOST_ADDRESS=192.168.128.10" .env
+sed_in_place "^#ENABLE_LETSENCRYPT=1" "ENABLE_LETSENCRYPT=0" .env
+sed_in_place "^#ENABLE_AUTH=1" "ENABLE_AUTH=0" .env
+sed_in_place "^XMPP_SERVER=xmpp.meet.jitsi" "XMPP_SERVER=prosody" .env
+sed_in_place "^XMPP_BOSH_URL_BASE=http://xmpp.meet.jitsi:5280" "XMPP_BOSH_URL_BASE=http://prosody:5280" .env
+sed_in_place "^JVB_PORT=10000" "JVB_PORT=8085" .env
+sed_in_place "^JVB_TCP_HARVESTER_DISABLED=true" "JVB_TCP_HARVESTER_DISABLED=false" .env
+sed_in_place "^#ENABLE_RECORDING=1" "ENABLE_RECORDING=0" .env
+sed_in_place "^#DISABLE_HTTPS=1" "DISABLE_HTTPS=1" .env
+sed_in_place "^#ENABLE_HTTP_REDIRECT=1" "ENABLE_HTTP_REDIRECT=0" .env
+sed_in_place "^#ENABLE_IPV6=1" "ENABLE_IPV6=0" .env
+
+podman-compose up -d && podman pod stop ${pod_name} && echo Pod build and stopped
+
+# cleanup
+shred -u .env.bak env.example gen-passwords.sh
--- a/podman-jitsi/20_enable.sh
+++ b/podman-jitsi/20_enable.sh
@ -8,6 +8,7 @@ ensure_pwd_is_scriptdir
 ensure_not_root

 ensure_pod_exists ${pod_name}
+
 ensure_systemd_as_user_dir_exists

 # pod must be running and not managed by systemd
@ -15,4 +16,4 @@ podman generate systemd --files --name ${pod_name}
 cp *.service ~/.config/systemd/user/

 podman pod stop ${pod_name}
-systemctl --user --now enable ${service_name}
+systemctl --user enable ${service_name}
--- a/podman-jitsi/30_start.sh
+++ b/podman-jitsi/30_start.sh
@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+
+ABSDIR="$( dirname "$(readlink -f -- "$0")" )"
+source ${ABSDIR}/../functions.sh
+source ${ABSDIR}/vars.sh
+
+ensure_pwd_is_scriptdir
+ensure_not_root
+
+# FAIL if pod does not exists.
+ensure_pod_exists ${pod_name}
+
+# FAIL if systemd unit does not exists.
+ensure_systemd_unit_exists ${service_name}
+
+# FAIL if systemd unit is running.
+ensure_systemd_unit_not_running ${service_name}
+
+# FAIL if pod is already running - without systemd control.
+ensure_pod_not_running ${pod_name}
+
+# OK
+echo "Starting pod through systemd"
+systemctl --user start ${service_name}
--- a/podman-jitsi/40_stop.sh
+++ b/podman-jitsi/40_stop.sh
@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+
+ABSDIR="$( dirname "$(readlink -f -- "$0")" )"
+source ${ABSDIR}/../functions.sh
+source ${ABSDIR}/vars.sh
+
+ensure_pwd_is_scriptdir
+ensure_not_root
+
+ensure_pod_exists ${pod_name}
+
+# Check of running through systemd (as it should be)
+if check_systemd_unit_exists ${service_name}; then
+    if check_systemd_unit_running ${service_name}; then
+	systemctl --user stop ${service_name} &&
+	echo Systemd service ${service_name} stopped.
+    fi
+fi
+
+# Check if running through podman (no systemd), stop with podman stop , then exit
+if check_pod_running ${pod_name}; then
+  echo Pod found running without systemd unit, stopping it now.
+  podman pod stop ${pod_name}
+  exit 0
+else
+  echo Pod ${pod_name} is not running.
+  exit 1
+fi
--- a/podman-jitsi/70_disable.sh
+++ b/podman-jitsi/70_disable.sh
@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+
+ABSDIR="$( dirname "$(readlink -f -- "$0")" )"
+source ${ABSDIR}/../functions.sh
+source ${ABSDIR}/vars.sh
+
+ensure_pwd_is_scriptdir
+ensure_not_root
+
+# FAIL if pod does not exists
+ensure_pod_exists ${pod_name}
+
+# FAIL if systemd unit does not exists
+ensure_systemd_unit_exists ${service_name}
+
+# FAIL if systemd unit is running (stop it first)
+ensure_systemd_unit_not_running ${service_name}
+
+systemctl --user disable ${service_name}
--- a/podman-jitsi/80_destroy.sh
+++ b/podman-jitsi/80_destroy.sh
@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+
+ABSDIR="$( dirname "$(readlink -f -- "$0")" )"
+source ${ABSDIR}/../functions.sh
+source ${ABSDIR}/vars.sh
+
+ensure_pwd_is_scriptdir
+ensure_not_root
+
+# FAIL if pod does not exists
+ensure_pod_exists ${pod_name}
+
+# FAIL if pod is running
+ensure_pod_not_running ${pod_name}
+
+${ABSDIR}/70_disable.sh
+
+rm -f ${HOME}/.config/systemd/user/${service_name}
+systemctl --user daemon-reload
+podman pod rm ${pod_name}
--- a/podman-jitsi/90_prune.sh
+++ b/podman-jitsi/90_prune.sh
@ -0,0 +1,25 @@
+#!/usr/bin/env bash
+
+ABSDIR="$( dirname "$(readlink -f -- "$0")" )"
+source ${ABSDIR}/../functions.sh
+source ${ABSDIR}/vars.sh
+
+ensure_pwd_is_scriptdir
+ensure_not_root
+
+# FAIL if pod is running
+ensure_pod_not_running ${pod_name}
+
+# FAIL if pod exists
+ensure_pod_not_exists ${pod_name}
+
+# FAIL if systemd unit exists
+ensure_systemd_unit_not_exists ${service_name}
+
+# remove date
+podman unshare rm -rf ~/.jitsi-meet-cfg/
+
+# remove images
+for image in ${upstream_images} ; do
+    podman rmi "$(podman images -a -q -- ${image})" || echo Image ${image} not found.
+done
--- a/podman-jitsi/README.md
+++ b/podman-jitsi/README.md
@ -1,140 +1,9 @@
 # jitsi
 Créée le Sunday 23 May 2021

-**Installation**
----------------
-
-wget -q -O - <https://github.com/jitsi/docker-jitsi-meet/archive/refs/tags/stable-5870.tar.gz> | tar xzv --strip-components 1 docker-jitsi-meet-stable-5870/docker-compose.yml docker-jitsi-meet-stable-5870/env.example docker-jitsi-meet-stable-5870/gen-passwords.sh
-cp env.example .env
-[./gen-passwords.sh](./jitsi_files/gen-passwords.sh)
-mv .env .ENVFILE_TMPAUTOTRASH
-mkdir -p ~/.jitsi-meet-cfg/{web/letsencrypt,transcripts,prosody/config,prosody/prosody-plugins-custom,jicofo,jvb,jigasi,jibri}
-
-### Appliquer les modifications sur docker-compose.yml
-1) ajouter aux 4 containers :
-env_file:
- .ENVFILE_TMPAUTOTRASH
-2) container jvb : commenter
-   #        - '${JVB_TCP_PORT}:${JVB_TCP_PORT}'
-3) container web : commenter
-   #   - '${HTTPS_PORT}:443'
-
-### Appliquer les modifications sur .ENVFILE_TMPAUTOTRASH
-
---
-> JIBRI_XMPP_PASSWORD=
-36c36
-< HTTP_PORT=8085
---
-> HTTP_PORT=8000
-39c39
-< #HTTPS_PORT=8443
---
-> HTTPS_PORT=8443
-42c42
-< TZ=Europe/Paris
---
-> TZ=UTC
-45c45
-< PUBLIC_URL=<https://jitsi.garbaye.fr>
---
-> #PUBLIC_URL=<https://meet.example.com>
-50c50
-< DOCKER_HOST_ADDRESS=192.168.128.10
---
-> #DOCKER_HOST_ADDRESS=192.168.1.1
-75c75
-< ENABLE_LETSENCRYPT=0
---
-> #ENABLE_LETSENCRYPT=1
-134c134
-< ENABLE_AUTH=0
---
-> #ENABLE_AUTH=1
-212c212
-< XMPP_SERVER=prosody
---
-> XMPP_SERVER=xmpp.meet.jitsi
-215c215
-< XMPP_BOSH_URL_BASE=http://prosody:5280
---
-> XMPP_BOSH_URL_BASE=<http://xmpp.meet.jitsi:5280>
-252c252
-< JVB_PORT=8085
---
-> JVB_PORT=10000
-255c255
-< JVB_TCP_HARVESTER_DISABLED=false
---
-> JVB_TCP_HARVESTER_DISABLED=true
-321c321
-< ENABLE_RECORDING=0
---
-> #ENABLE_RECORDING=1
-358c358
-< DISABLE_HTTPS=1
---
-> #DISABLE_HTTPS=1
-366c366
-< ENABLE_HTTP_REDIRECT=0
---
-> #ENABLE_HTTP_REDIRECT=1
-375c375
-< ENABLE_IPV6=0
---
-> #ENABLE_IPV6=1
-
-### Paramétrer config.js
-[~/.jitsi-meet-cfg/web/config.js](.jitsi-meet-cfg/web/config.js) :
-
-p2p: {
-// Enables peer to peer mode. When enabled the system will try to                                                                                                                        
-// establish a direct connection when there are exactly 2 participants                                                                                                                   
-// in the room. If that succeeds the conference will stop sending data                                                                                                                   
-// through the JVB and use the peer to peer connection instead. When a                                                                                                                   
-// 3rd participant joins the conference will be moved back to the JVB                                                                                                                    
-// connection.                                                                                                                                                                           
-enabled: true,
-
-> changer à false
-
-enableInsecureRoomNameWarning: true,
-disableThirdPartyRequests: true,
-
-// Options related to the remote participant menu.                                                                                                                                           
-remoteVideoMenu: {
-  If set to true the 'Kick out' button will be disabled.                                                                                                                             
- disableKick: false,
-  If set to true the 'Grant moderator' button will be disabled.                                                                                                                      
-disableGrantModerator: false,
-},
-
-### Paramétrer ~/.jitsi-meet-cfg/web/interface-config.js
-
-APP_NAME: 'Jitsi Garbaye',
-DEFAULT_REMOTE_DISPLAY_NAME: 'Participant',
-JITSI_WATERMARK_LINK: '<https://jitsi.garbaye.fr'>,
-
-Autres commandes utiles (pour les scripts)
------------------------------------------
-
 ### **Suivre les releases - flux RSS**
 <https://github.com/jitsi/docker-jitsi-meet/releases.atom>

 ### **Get current version**
 curl -sI <https://github.com/jitsi/docker-jitsi-meet/releases/latest> | grep ^location | awk -F/ '{print $NF}'

-### bash : sed qui échoue si il ne trouve pas
-## function
-sed-in-place () {
-grep -q ${1} ${3}
-if [ $? -eq 0 ]; then
-sed -i -e "s|${1}|${2}|g" ${3}
-else
-echo "Pattern ${1} not found in file ${3}, exiting."
-exit 1
-fi
-}
-## call
-sed-in-place "^HTTPS_PORT=8443" "#HTTPS_PORT=8443" env.example
-
--- a/podman-jitsi/vars.sh
+++ b/podman-jitsi/vars.sh
@ -1,5 +1,6 @@
 #!/usr/bin/env bash

 pod_name='podman-jitsi'
-service_name="pod-${container_name}.service"
+service_name="pod-${pod_name}.service"
+upstream_images="docker.io/jitsi/jvb docker.io/jitsi/jicofo docker.io/jitsi/prosody docker.io/jitsi/web"
 version='stable-5870'