From 5024b4480ef18dba265a3311df24abd824531613 Mon Sep 17 00:00:00 2001 From: Christoph Date: Tue, 31 Mar 2026 01:21:14 +0200 Subject: [PATCH] Add support for debian 13 (trixie). --- jitsi-auth-dovecot.sh | 28 +++- jitsi-post-install.sh | 83 ++++++++++-- jitsi-pre-install.sh | 289 +++++++++++++++++++++++++++++++++++------- 3 files changed, 340 insertions(+), 60 deletions(-) diff --git a/jitsi-auth-dovecot.sh b/jitsi-auth-dovecot.sh index 3468dde..32a49a4 100755 --- a/jitsi-auth-dovecot.sh +++ b/jitsi-auth-dovecot.sh @@ -534,9 +534,9 @@ if [[ "$_auth" = "dovecot" ]]; then fi echononl "Set parameter 'dovecot_auth_port'.." - if ! $(grep -q -E "^\s*dovecot_auth_port\s*=\s*\"${DOVECOT_AUTH_PORT}\"" \ + if ! $(grep -q -E "^\s*dovecot_auth_port\s*=\s*${DOVECOT_AUTH_PORT}" \ /etc/prosody/conf.avail/${FQHN_HOSTNAME}.cfg.lua 2> /dev/null); then - perl -i -n -p -e "s/^(\s*dovecot_auth_port).*/\1 = \"${DOVECOT_AUTH_PORT}\"/" \ + perl -i -n -p -e "s/^(\s*dovecot_auth_port).*/\1 = ${DOVECOT_AUTH_PORT}/" \ /etc/prosody/conf.avail/${FQHN_HOSTNAME}.cfg.lua > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed @@ -595,6 +595,12 @@ else if ! $_found && echo "$_line" | grep -i -E "^\s*VirtualHost\s+\"${FQHN_HOSTNAME}\"" > /dev/null 2>&1 ; then _found=true + cat <> ${LOCK_DIR}/${FQHN_HOSTNAME}.cfg.lua +dovecot_auth_host = "${DOVECOT_HOSTNAME}" +dovecot_auth_port = ${DOVECOT_AUTH_PORT} +auth_append_host = true + +EOF fi if $_found && echo "$_line" | grep -i -q -E "^\s*authentication\s+=\s+" 2> /dev/null ; then @@ -602,9 +608,6 @@ else enabled = true allow_registration = false authentication = "dovecot" - dovecot_auth_host = "${DOVECOT_HOSTNAME}" - dovecot_auth_port = "${DOVECOT_AUTH_PORT}" - auth_append_host = true EOF _found=false else @@ -722,6 +725,21 @@ echo echo -e "\033[37m\033[1mConfigure Jeetsi Meet for dovecot authentication..\033[m" echo +echononl "Set enableJaaS = false" +if ! grep -q -E "^\s*var\s+enableJaaS\s*=\s*false" /etc/jitsi/meet/${FQHN_HOSTNAME}-config.js 2> /dev/null ; then + sed -i -E 's/^[[:space:]]*var[[:space:]]+enableJaaS[[:space:]]*=[[:space:]]*true[[:space:]]*;/var enableJaaS = false;/' /etc/jitsi/meet/${FQHN_HOSTNAME}-config.js > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + restart_needed=true + fi +else + echo_skipped +fi + + _key="anonymousdomain" # Note: set single quotes for val here if needed. # diff --git a/jitsi-post-install.sh b/jitsi-post-install.sh index 73cf5a7..e1b1b2e 100755 --- a/jitsi-post-install.sh +++ b/jitsi-post-install.sh @@ -123,7 +123,13 @@ blank_line() { detect_os () { - if $(which lsb_release > /dev/null 2>&1) ; then + if [ -r /etc/os-release ]; then + . /etc/os-release + DIST="${ID:-unknown}" + DIST_VERSION="${VERSION_ID:-unknown}" + DIST_CODENAME="${VERSION_CODENAME:-unknown}" + + elif $(which lsb_release > /dev/null 2>&1) ; then DIST="$(lsb_release -i | awk '{print tolower($3)}')" DIST_VERSION="$(lsb_release -r | awk '{print tolower($2)}')" @@ -135,12 +141,11 @@ detect_os () { fi fi - elif [[ -e "/etc/os-release" ]]; then + else - . /etc/os-release - - DIST=$ID - DIST_VERSION=${VERSION_ID} + DIST="unknown" + DIST_VERSION="unknown" + DIST_CODENAME="unknown" fi @@ -151,7 +156,6 @@ detect_os () { } - # ---------- # - Jobhandling # ---------- @@ -1028,8 +1032,8 @@ server { } server { - listen 443 ssl http2; - listen [::]:443 ssl http2; + listen 443 ssl; + listen [::]:443 ssl; server_name ${FQHN_HOSTNAME}; # Include location directive for Let's Encrypt ACME Challenge @@ -1162,7 +1166,7 @@ server { # xmpp websockets location = /xmpp-websocket { - proxy_pass http://127.0.0.1:5280/xmpp-websocket?prefix=\$prefix&\$args; + proxy_pass http://localhost:5280/xmpp-websocket?prefix=\$prefix&\$args; proxy_http_version 1.1; proxy_set_header Upgrade \$http_upgrade; proxy_set_header Connection "upgrade"; @@ -1172,7 +1176,7 @@ server { # colibri (JVB) websockets for jvb1 location ~ ^/colibri-ws/default-id/(.*) { - proxy_pass http://127.0.0.1:9090/colibri-ws/default-id/\$1\$is_args\$args; + proxy_pass http://localhost:9090/colibri-ws/default-id/\$1\$is_args\$args; proxy_http_version 1.1; proxy_set_header Upgrade \$http_upgrade; proxy_set_header Connection "upgrade"; @@ -1244,6 +1248,61 @@ else echo_skipped fi +if [ "$DIST" = "debian" ] && [[ "$DIST_VERSION" == 13* ]]; then + + echo + echo -e "\033[37m\033[1mTake care inspect.lua is available für Lua 5.4 ..\033[m" + echo + + echononl "Create Folder '/usr/share/lua/5.4'.." + if [[ ! -d "/usr/share/lua/5.4" ]] ; then + mkdir -p /usr/share/lua/5.4 > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + else + echo_skipped + fi + + echononl "Deploy luan.inspect to the '/usr/share/lua/5.4' folder.." + if [[ ! -f /usr/share/lua/5.4/inspect.lua ]]; then + if [[ -f /usr/share/lua/5.3/inspect.lua ]]; then + cp -a /usr/share/lua/5.3/inspect.lua /usr/share/lua/5.4/inspect.lua > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + elif [[ -f /usr/share/lua/5.2/inspect.lua ]]; then + cp -a /usr/share/lua/5.2/inspect.lua /usr/share/lua/5.4/inspect.lua > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + elif [[ -f /usr/share/lua/5.1/inspect.lua ]]; then + ln -s ../5.1/inspect.lua /usr/share/lua/5.4/inspect.lua > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + else + echo_failed + error "No luan.inspect at folder '/usr/share/lua/5.4' present!" + fi + else + echo_skipped + fi + +fi + echo @@ -1260,7 +1319,7 @@ else fi echononl "Restart jicofo service.." -systemctl restart prosody > "$log_file" 2>&1 +systemctl restart jicofo > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" diff --git a/jitsi-pre-install.sh b/jitsi-pre-install.sh index 41f3f49..0a61986 100755 --- a/jitsi-pre-install.sh +++ b/jitsi-pre-install.sh @@ -119,7 +119,13 @@ blank_line() { detect_os () { - if $(which lsb_release > /dev/null 2>&1) ; then + if [ -r /etc/os-release ]; then + . /etc/os-release + DIST="${ID:-unknown}" + DIST_VERSION="${VERSION_ID:-unknown}" + DIST_CODENAME="${VERSION_CODENAME:-unknown}" + + elif $(which lsb_release > /dev/null 2>&1) ; then DIST="$(lsb_release -i | awk '{print tolower($3)}')" DIST_VERSION="$(lsb_release -r | awk '{print tolower($2)}')" @@ -131,12 +137,11 @@ detect_os () { fi fi - elif [[ -e "/etc/os-release" ]]; then + else - . /etc/os-release - - DIST=$ID - DIST_VERSION=${VERSION_ID} + DIST="unknown" + DIST_VERSION="unknown" + DIST_CODENAME="unknown" fi @@ -711,31 +716,22 @@ echo echo -e "\033[37m\033[1mRepository stuff..\033[m" echo +if ! dpkg-query -W -f='${Status}\n' extrepo 2>/dev/null | grep -q "install ok installed"; then + + echononl "Update Repository.." + apt-get update > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi -echononl "Add the '$JITSI_REPOSITORY_VERSION' Jitsi package repository.." -echo "deb https://download.jitsi.org ${JITSI_REPOSITORY_VERSION}/" > /etc/apt/sources.list.d/jitsi-${JITSI_REPOSITORY_VERSION}.list -if [[ $? -ne 0 ]]; then - echo_failed - error "$(cat "$log_file")" -else - echo_ok -fi - -if [[ "$JITSI_REPOSITORY_VERSION" = "stable" ]]; then - if [[ -f "/etc/apt/sources.list.d/jitsi-unstable.list" ]]; then - echononl "Remove Repository List for 'unstable' jitsi packages.." - rm "/etc/apt/sources.list.d/jitsi-unstable.list" > "$log_file" 2>&1 - if [[ $? -ne 0 ]]; then - echo_failed - error "$(cat "$log_file")" - else - echo_ok - fi - fi -else - if [[ -f "/etc/apt/sources.list.d/jitsi-stable.list" ]]; then - echononl "Remove Repository List for 'stable' jitsi packages.." - rm "/etc/apt/sources.list.d/jitsi-stable.list" > "$log_file" 2>&1 + echononl "Install debian package 'extrepo'.." + if $(dpkg -s extrepo > "$log_file" 2>&1) ; then + echo_skipped + else + apt-get install -y extrepo > "$log_file" 2>&1 if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" @@ -743,15 +739,138 @@ else echo_ok fi fi + fi -echononl "Add the Jitsi Maintainer gpg key.." -wget -qO - https://download.jitsi.org/jitsi-key.gpg.key 2> "$log_file" | sudo apt-key add - > "$log_file" 2>&1 -if [[ $? -ne 0 ]]; then - echo_failed - error "$(cat "$log_file")" -else +_found_extrepo_jitsi=false +echononl "Check if extern repositors for jitsi-meet is listed by 'extrepo'.." + +#jitsi_repo_name="$( +# extrepo search jitsi 2>/dev/null \ +# | awk '/^Found / { sub(/^Found /, "", $0); sub(/:$/, "", $0); print; exit }' +#)" + +# or +# +# Search specifically for 'jitsi-stable' +# +jitsi_repo_name="$( + extrepo search '^jitsi-stable$' 2>/dev/null \ + | awk '/^Found / { sub(/^Found /, "", $0); sub(/:$/, "", $0); print; exit }' +)" + +if [ -n "$jitsi_repo_name" ]; then echo_ok + _found_extrepo_jitsi=true +else + echo_failed + + #error "No jitsi repository found by extrepo!" + error "no repository 'jitsi-stable' found by extrepo!" + + echononl "\033[1mcontinue anyway\033[m [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + +fi + + +if $_found_extrepo_jitsi ; then + + echononl "Enable extern repository for 'jitsi-stable'.." + + extrepo enable "$jitsi_repo_name" > "$log_file" 2>&1 + + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + + echononl "\033[1mcontinue anyway\033[m [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + + else + echo_ok + fi + +else + + echononl "Add the Jitsi Maintainer gpg key.." + + curl https://download.jitsi.org/jitsi-key.gpg.key 2> "$log_file" \ + | sh -c 'gpg --dearmor > /usr/share/keyrings/jitsi-keyring.gpg' 2> "$log_file" + + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + + echononl "\033[1mcontinue anyway\033[m [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + + else + echo_ok + fi + + echononl "Add the '$JITSI_REPOSITORY_VERSION' Jitsi package repository.." + + cat < "/etc/apt/sources.list.d/jitsi-${JITSI_REPOSITORY_VERSION}.sources" +Suites: ${JITSI_REPOSITORY_VERSION}/ +Uris: https://download.jitsi.org +Architectures: amd64 i386 +Types: deb deb-src +Signed-By: /usr/share/keyrings/jitsi-keyring.gpg +EOF + +# echo "deb [signed-by=/usr/share/keyrings/jitsi-keyring.gpg] https://download.jitsi.org ${JITSI_REPOSITORY_VERSION}/" > /etc/apt/sources.list.d/jitsi-${JITSI_REPOSITORY_VERSION}.list + + + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + + if [[ "$JITSI_REPOSITORY_VERSION" = "stable" ]]; then + if [[ -f "/etc/apt/sources.list.d/jitsi-unstable.list" ]]; then + echononl "Remove Repository List for 'unstable' jitsi packages.." + rm "/etc/apt/sources.list.d/jitsi-unstable.list" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + fi + else + if [[ -f "/etc/apt/sources.list.d/jitsi-stable.list" ]]; then + echononl "Remove Repository List for 'stable' jitsi packages.." + rm "/etc/apt/sources.list.d/jitsi-stable.list" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + fi + fi + fi echononl "Update Repository.." @@ -763,21 +882,105 @@ else echo_ok fi -# Ensure support is available for apt repositories served via HTTPS -# -echononl "Install 'apt-transport-https'.." -if $(dpkg -s apt-transport-https > "$log_file" 2>&1) ; then - echo_skipped -else - apt-get install -y apt-transport-https > "$log_file" 2>&1 + +if $_found_extrepo_jitsi ; then + + # Ensure support is available for apt repositories served via HTTPS + # + echononl "Install 'apt-transport-https'.." + if $(dpkg -s apt-transport-https > "$log_file" 2>&1) ; then + echo_skipped + else + apt-get install -y apt-transport-https > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + fi + +fi + + +if [ "$DIST" = "debian" ] && [[ "$DIST_VERSION" == 13* ]]; then + + echo + echo -e "\033[37m\033[1mCurrently, jitsi-meet on Debian 13 (trixie) still requires version '17' of 'openjdk'\033[m" + echo + + echononl "Temporarily add the Bookworm repository" + echo "deb http://deb.debian.org/debian bookworm main" > /etc/apt/sources.list.d/bookworm.list 2> "$log_file" if [[ $? -ne 0 ]]; then echo_failed error "$(cat "$log_file")" else echo_ok fi + + echononl "Pinning to prevent everything from being pulled from Bookworm.." + cat > /etc/apt/preferences.d/bookworm-java < "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + + _openjdk_17_installed=ffalse + echononl "Install 'openjdk-17-jre-headless'.." + if $(dpkg -s openjdk-17-jre-headless > "$log_file" 2>&1) ; then + echo_skipped + else + apt-get install -y openjdk-17-jre-headless > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + _openjdk_17_installed=true + fi + fi + + echononl "Remove previosly added Bookworm repository.." + rm -f "/etc/apt/sources.list.d/bookworm.list" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + + echononl "Update Repository.." + apt-get update > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + + fi + info "To ensure, your system is fully prepared for installing Jitsi Meet, it is recommend to \033[1mreboot the system before installing Jitsi Meet\033[m."