From dc31107e18977287a122030c90d03513a7fd0a51 Mon Sep 17 00:00:00 2001 From: Gitouche <26656-gitouche@users.noreply.framagit.org> Date: Fri, 4 Jun 2021 19:36:50 +0200 Subject: [PATCH] podman-jitsi : premier jet --- functions.sh | 11 +++ podman-jitsi/00_status.sh | 19 +++++ podman-jitsi/05_freshinstall.sh | 23 ++++++ podman-jitsi/10_install.sh | 40 ++++++++++ podman-jitsi/20_enable.sh | 3 +- podman-jitsi/30_start.sh | 24 ++++++ podman-jitsi/40_stop.sh | 28 +++++++ podman-jitsi/70_disable.sh | 19 +++++ podman-jitsi/80_destroy.sh | 20 +++++ podman-jitsi/90_prune.sh | 25 ++++++ podman-jitsi/README.md | 131 -------------------------------- podman-jitsi/vars.sh | 3 +- 12 files changed, 213 insertions(+), 133 deletions(-) create mode 100755 podman-jitsi/00_status.sh create mode 100755 podman-jitsi/05_freshinstall.sh create mode 100755 podman-jitsi/10_install.sh create mode 100755 podman-jitsi/30_start.sh create mode 100755 podman-jitsi/40_stop.sh create mode 100755 podman-jitsi/70_disable.sh create mode 100755 podman-jitsi/80_destroy.sh create mode 100755 podman-jitsi/90_prune.sh diff --git a/functions.sh b/functions.sh index 4766614..85be573 100644 --- a/functions.sh +++ b/functions.sh @@ -42,6 +42,17 @@ ensure_systemd_as_user_dir_exists () { [[ -d ${HOME}/.config/systemd/user/ ]] || mkdir -p ${HOME}/.config/systemd/user/ } +# sed or die trying +sed_in_place () { + grep -q "${1}" "${3}" + if [ $? -eq 0 ]; then + sed -i -e "s|${1}|${2}|g" ${3} + else + echo "Pattern ${1} not found in file ${3}, exiting." + exit 1 + fi +} + # check: systemd unit exists check_systemd_unit_exists () { systemctl --user cat -- ${1} &> /dev/null diff --git a/podman-jitsi/00_status.sh b/podman-jitsi/00_status.sh new file mode 100755 index 0000000..2948cf1 --- /dev/null +++ b/podman-jitsi/00_status.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash + +ABSDIR="$( dirname "$(readlink -f -- "$0")" )" +source ${ABSDIR}/../functions.sh +source ${ABSDIR}/vars.sh + +ensure_pwd_is_scriptdir +ensure_not_root + +echo "Podman images status..." +for image in ${upstream_images} ; do + podman images ${image} | grep ${image} || echo Image ${image} not found. +done +echo +echo "Checking pod status..." +podman pod ps | grep ${pod_name} || echo Pod ${pod_name} not found. +echo +echo "Checking systemd unit status..." +systemctl --user status ${pod_name} diff --git a/podman-jitsi/05_freshinstall.sh b/podman-jitsi/05_freshinstall.sh new file mode 100755 index 0000000..d05a8e4 --- /dev/null +++ b/podman-jitsi/05_freshinstall.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash + +ABSDIR="$( dirname "$(readlink -f -- "$0")" )" +source ${ABSDIR}/../functions.sh +source ${ABSDIR}/vars.sh + +ensure_pwd_is_scriptdir +ensure_not_root + +mkdir -p ~/.jitsi-meet-cfg/{web/letsencrypt,transcripts,prosody/config,prosody/prosody-plugins-custom,jicofo,jvb,jigasi,jibri} + +${ABSDIR}/10_install.sh + +# Patch config.js +sed_in_place "^ enabled: true," " enabled: false," ~/.jitsi-meet-cfg/web/config.js +sed_in_place "^ // enableInsecureRoomNameWarning: false," " enableInsecureRoomNameWarning: true," ~/.jitsi-meet-cfg/web/config.js +sed_in_place "^ // disableThirdPartyRequests: false," " disableThirdPartyRequests: true," ~/.jitsi-meet-cfg/web/config.js +sed_in_place "^ // remoteVideoMenu: {" " remoteVideoMenu: {\n disableKick: false,\n disableGrantModerator: false,\n }," ~/.jitsi-meet-cfg/web/config.js + +# Patch ~/.jitsi-meet-cfg/web/interface_config.js +sed_in_place "^ APP_NAME: 'Jitsi Meet'," " APP_NAME: 'Jitsi Garbaye'," ~/.jitsi-meet-cfg/web/interface_config.js +sed_in_place "^ DEFAULT_REMOTE_DISPLAY_NAME: 'Fellow Jitster'," " DEFAULT_REMOTE_DISPLAY_NAME: 'Participant'," ~/.jitsi-meet-cfg/web/interface_config.js +sed_in_place "^ JITSI_WATERMARK_LINK: 'https://jitsi.org'," " JITSI_WATERMARK_LINK: 'https://jitsi.garbaye.fr'," ~/.jitsi-meet-cfg/web/interface_config.js diff --git a/podman-jitsi/10_install.sh b/podman-jitsi/10_install.sh new file mode 100755 index 0000000..8e8a560 --- /dev/null +++ b/podman-jitsi/10_install.sh @@ -0,0 +1,40 @@ +#!/usr/bin/env bash + +ABSDIR="$( dirname "$(readlink -f -- "$0")" )" +source ${ABSDIR}/../functions.sh +source ${ABSDIR}/vars.sh + +ensure_pwd_is_scriptdir +ensure_not_root + +curl -s -- "https://codeload.github.com/jitsi/docker-jitsi-meet/tar.gz/refs/tags/${version}" | tar xzv --strip-components 1 docker-jitsi-meet-${version}/docker-compose.yml docker-jitsi-meet-${version}/env.example docker-jitsi-meet-${version}/gen-passwords.sh +cp env.example .env +./gen-passwords.sh + +# Patch docker-compose.yml +sed_in_place "^ image: jitsi/" " image: docker.io/jitsi/" docker-compose.yml +sed_in_place "^ environment:" " env_file:\n - .env\n environment:" docker-compose.yml +sed_in_place "^ - '\${JVB_TCP_PORT}:\${JVB_TCP_PORT}'" "# - '\${JVB_TCP_PORT}:\${JVB_TCP_PORT}'" docker-compose.yml +sed_in_place "^ - '\${HTTPS_PORT}:443'" "# - '\${HTTPS_PORT}:443'" docker-compose.yml + +# Patch env file +sed_in_place "^HTTP_PORT=8000" "HTTP_PORT=8085" .env +sed_in_place "^HTTPS_PORT=8443" "#HTTPS_PORT=8443" .env +sed_in_place "^TZ=UTC" "TZ=Europe/Paris" .env +sed_in_place "^#PUBLIC_URL=https://meet.example.com" "PUBLIC_URL=https://jitsi.garbaye.fr" .env +sed_in_place "^#DOCKER_HOST_ADDRESS=192.168.1.1" "DOCKER_HOST_ADDRESS=192.168.128.10" .env +sed_in_place "^#ENABLE_LETSENCRYPT=1" "ENABLE_LETSENCRYPT=0" .env +sed_in_place "^#ENABLE_AUTH=1" "ENABLE_AUTH=0" .env +sed_in_place "^XMPP_SERVER=xmpp.meet.jitsi" "XMPP_SERVER=prosody" .env +sed_in_place "^XMPP_BOSH_URL_BASE=http://xmpp.meet.jitsi:5280" "XMPP_BOSH_URL_BASE=http://prosody:5280" .env +sed_in_place "^JVB_PORT=10000" "JVB_PORT=8085" .env +sed_in_place "^JVB_TCP_HARVESTER_DISABLED=true" "JVB_TCP_HARVESTER_DISABLED=false" .env +sed_in_place "^#ENABLE_RECORDING=1" "ENABLE_RECORDING=0" .env +sed_in_place "^#DISABLE_HTTPS=1" "DISABLE_HTTPS=1" .env +sed_in_place "^#ENABLE_HTTP_REDIRECT=1" "ENABLE_HTTP_REDIRECT=0" .env +sed_in_place "^#ENABLE_IPV6=1" "ENABLE_IPV6=0" .env + +podman-compose up -d && podman pod stop ${pod_name} && echo Pod build and stopped + +# cleanup +shred -u .env.bak env.example gen-passwords.sh diff --git a/podman-jitsi/20_enable.sh b/podman-jitsi/20_enable.sh index ee3f331..5e6d22b 100644 --- a/podman-jitsi/20_enable.sh +++ b/podman-jitsi/20_enable.sh @@ -8,6 +8,7 @@ ensure_pwd_is_scriptdir ensure_not_root ensure_pod_exists ${pod_name} + ensure_systemd_as_user_dir_exists # pod must be running and not managed by systemd @@ -15,4 +16,4 @@ podman generate systemd --files --name ${pod_name} cp *.service ~/.config/systemd/user/ podman pod stop ${pod_name} -systemctl --user --now enable ${service_name} +systemctl --user enable ${service_name} diff --git a/podman-jitsi/30_start.sh b/podman-jitsi/30_start.sh new file mode 100755 index 0000000..d2c0a2e --- /dev/null +++ b/podman-jitsi/30_start.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash + +ABSDIR="$( dirname "$(readlink -f -- "$0")" )" +source ${ABSDIR}/../functions.sh +source ${ABSDIR}/vars.sh + +ensure_pwd_is_scriptdir +ensure_not_root + +# FAIL if pod does not exists. +ensure_pod_exists ${pod_name} + +# FAIL if systemd unit does not exists. +ensure_systemd_unit_exists ${service_name} + +# FAIL if systemd unit is running. +ensure_systemd_unit_not_running ${service_name} + +# FAIL if pod is already running - without systemd control. +ensure_pod_not_running ${pod_name} + +# OK +echo "Starting pod through systemd" +systemctl --user start ${service_name} diff --git a/podman-jitsi/40_stop.sh b/podman-jitsi/40_stop.sh new file mode 100755 index 0000000..5c29c2a --- /dev/null +++ b/podman-jitsi/40_stop.sh @@ -0,0 +1,28 @@ +#!/usr/bin/env bash + +ABSDIR="$( dirname "$(readlink -f -- "$0")" )" +source ${ABSDIR}/../functions.sh +source ${ABSDIR}/vars.sh + +ensure_pwd_is_scriptdir +ensure_not_root + +ensure_pod_exists ${pod_name} + +# Check of running through systemd (as it should be) +if check_systemd_unit_exists ${service_name}; then + if check_systemd_unit_running ${service_name}; then + systemctl --user stop ${service_name} && + echo Systemd service ${service_name} stopped. + fi +fi + +# Check if running through podman (no systemd), stop with podman stop , then exit +if check_pod_running ${pod_name}; then + echo Pod found running without systemd unit, stopping it now. + podman pod stop ${pod_name} + exit 0 +else + echo Pod ${pod_name} is not running. + exit 1 +fi diff --git a/podman-jitsi/70_disable.sh b/podman-jitsi/70_disable.sh new file mode 100755 index 0000000..874ef25 --- /dev/null +++ b/podman-jitsi/70_disable.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash + +ABSDIR="$( dirname "$(readlink -f -- "$0")" )" +source ${ABSDIR}/../functions.sh +source ${ABSDIR}/vars.sh + +ensure_pwd_is_scriptdir +ensure_not_root + +# FAIL if pod does not exists +ensure_pod_exists ${pod_name} + +# FAIL if systemd unit does not exists +ensure_systemd_unit_exists ${service_name} + +# FAIL if systemd unit is running (stop it first) +ensure_systemd_unit_not_running ${service_name} + +systemctl --user disable ${service_name} diff --git a/podman-jitsi/80_destroy.sh b/podman-jitsi/80_destroy.sh new file mode 100755 index 0000000..f4bea63 --- /dev/null +++ b/podman-jitsi/80_destroy.sh @@ -0,0 +1,20 @@ +#!/usr/bin/env bash + +ABSDIR="$( dirname "$(readlink -f -- "$0")" )" +source ${ABSDIR}/../functions.sh +source ${ABSDIR}/vars.sh + +ensure_pwd_is_scriptdir +ensure_not_root + +# FAIL if pod does not exists +ensure_pod_exists ${pod_name} + +# FAIL if pod is running +ensure_pod_not_running ${pod_name} + +${ABSDIR}/70_disable.sh + +rm -f ${HOME}/.config/systemd/user/${service_name} +systemctl --user daemon-reload +podman pod rm ${pod_name} diff --git a/podman-jitsi/90_prune.sh b/podman-jitsi/90_prune.sh new file mode 100755 index 0000000..46f1637 --- /dev/null +++ b/podman-jitsi/90_prune.sh @@ -0,0 +1,25 @@ +#!/usr/bin/env bash + +ABSDIR="$( dirname "$(readlink -f -- "$0")" )" +source ${ABSDIR}/../functions.sh +source ${ABSDIR}/vars.sh + +ensure_pwd_is_scriptdir +ensure_not_root + +# FAIL if pod is running +ensure_pod_not_running ${pod_name} + +# FAIL if pod exists +ensure_pod_not_exists ${pod_name} + +# FAIL if systemd unit exists +ensure_systemd_unit_not_exists ${service_name} + +# remove date +podman unshare rm -rf ~/.jitsi-meet-cfg/ + +# remove images +for image in ${upstream_images} ; do + podman rmi "$(podman images -a -q -- ${image})" || echo Image ${image} not found. +done diff --git a/podman-jitsi/README.md b/podman-jitsi/README.md index 6d55d58..90e5b0a 100644 --- a/podman-jitsi/README.md +++ b/podman-jitsi/README.md @@ -1,140 +1,9 @@ # jitsi Créée le Sunday 23 May 2021 -**Installation** ----------------- - -wget -q -O - | tar xzv --strip-components 1 docker-jitsi-meet-stable-5870/docker-compose.yml docker-jitsi-meet-stable-5870/env.example docker-jitsi-meet-stable-5870/gen-passwords.sh -cp env.example .env -[./gen-passwords.sh](./jitsi_files/gen-passwords.sh) -mv .env .ENVFILE_TMPAUTOTRASH -mkdir -p ~/.jitsi-meet-cfg/{web/letsencrypt,transcripts,prosody/config,prosody/prosody-plugins-custom,jicofo,jvb,jigasi,jibri} - -### Appliquer les modifications sur docker-compose.yml -1) ajouter aux 4 containers : -env_file: -- .ENVFILE_TMPAUTOTRASH -2) container jvb : commenter - # - '${JVB_TCP_PORT}:${JVB_TCP_PORT}' -3) container web : commenter - # - '${HTTPS_PORT}:443' - -### Appliquer les modifications sur .ENVFILE_TMPAUTOTRASH - ---- -> JIBRI_XMPP_PASSWORD= -36c36 -< HTTP_PORT=8085 ---- -> HTTP_PORT=8000 -39c39 -< #HTTPS_PORT=8443 ---- -> HTTPS_PORT=8443 -42c42 -< TZ=Europe/Paris ---- -> TZ=UTC -45c45 -< PUBLIC_URL= ---- -> #PUBLIC_URL= -50c50 -< DOCKER_HOST_ADDRESS=192.168.128.10 ---- -> #DOCKER_HOST_ADDRESS=192.168.1.1 -75c75 -< ENABLE_LETSENCRYPT=0 ---- -> #ENABLE_LETSENCRYPT=1 -134c134 -< ENABLE_AUTH=0 ---- -> #ENABLE_AUTH=1 -212c212 -< XMPP_SERVER=prosody ---- -> XMPP_SERVER=xmpp.meet.jitsi -215c215 -< XMPP_BOSH_URL_BASE=http://prosody:5280 ---- -> XMPP_BOSH_URL_BASE= -252c252 -< JVB_PORT=8085 ---- -> JVB_PORT=10000 -255c255 -< JVB_TCP_HARVESTER_DISABLED=false ---- -> JVB_TCP_HARVESTER_DISABLED=true -321c321 -< ENABLE_RECORDING=0 ---- -> #ENABLE_RECORDING=1 -358c358 -< DISABLE_HTTPS=1 ---- -> #DISABLE_HTTPS=1 -366c366 -< ENABLE_HTTP_REDIRECT=0 ---- -> #ENABLE_HTTP_REDIRECT=1 -375c375 -< ENABLE_IPV6=0 ---- -> #ENABLE_IPV6=1 - -### Paramétrer config.js -[~/.jitsi-meet-cfg/web/config.js](.jitsi-meet-cfg/web/config.js) : - -p2p: { -// Enables peer to peer mode. When enabled the system will try to -// establish a direct connection when there are exactly 2 participants -// in the room. If that succeeds the conference will stop sending data -// through the JVB and use the peer to peer connection instead. When a -// 3rd participant joins the conference will be moved back to the JVB -// connection. -enabled: true, - --> changer à false - -enableInsecureRoomNameWarning: true, -disableThirdPartyRequests: true, - -// Options related to the remote participant menu. -remoteVideoMenu: { - If set to true the 'Kick out' button will be disabled. - disableKick: false, - If set to true the 'Grant moderator' button will be disabled. -disableGrantModerator: false, -}, - -### Paramétrer ~/.jitsi-meet-cfg/web/interface-config.js - -APP_NAME: 'Jitsi Garbaye', -DEFAULT_REMOTE_DISPLAY_NAME: 'Participant', -JITSI_WATERMARK_LINK: ', - -Autres commandes utiles (pour les scripts) ------------------------------------------- - ### **Suivre les releases - flux RSS** ### **Get current version** curl -sI | grep ^location | awk -F/ '{print $NF}' -### bash : sed qui échoue si il ne trouve pas -## function -sed-in-place () { -grep -q ${1} ${3} -if [ $? -eq 0 ]; then -sed -i -e "s|${1}|${2}|g" ${3} -else -echo "Pattern ${1} not found in file ${3}, exiting." -exit 1 -fi -} -## call -sed-in-place "^HTTPS_PORT=8443" "#HTTPS_PORT=8443" env.example - diff --git a/podman-jitsi/vars.sh b/podman-jitsi/vars.sh index 6d85e65..7f2dfe4 100644 --- a/podman-jitsi/vars.sh +++ b/podman-jitsi/vars.sh @@ -1,5 +1,6 @@ #!/usr/bin/env bash pod_name='podman-jitsi' -service_name="pod-${container_name}.service" +service_name="pod-${pod_name}.service" +upstream_images="docker.io/jitsi/jvb docker.io/jitsi/jicofo docker.io/jitsi/prosody docker.io/jitsi/web" version='stable-5870'