install spreed webrtc server on ubuntu and configure own/nextcloud

install_spreedme_webrtc.sh

#!/bin/sh
#
# Tech and Me, 2016 - www.techandme.se
#
# Secrets
ENCRYPTIONSECRET=$(openssl rand -hex 32)
SESSIONSECRET=$(openssl rand -hex 32)
SERVERTOKEN=$(openssl rand -hex 32)
SHAREDSECRET=$(openssl rand -hex 32)

# Change nextcloud root's dir accordingly
OCDIR="/var/www/nextcloud"

# Change webserver to your needs, apache2, nginx etc
WEB="apache2"
# Make sure this is the right directory for your vhost files and change xxx to your vhost file name
VHOST443="/etc/$WEB/sites-available/xxx"
VHOST80="/etc/$WEB/sites-available/xxx"

# Leave blank for autodiscover
SPREEDDOMAIN=""
SPREEDPORT=""

# Never got 127.0.0.1 to work so LAN IP it is...
lISTENADDRESS="$IP"
lISTENPORT="8080"
IP=$(hostname -I | cut -d ' ' -f 1)

# Check if root
        if [ "$(whoami)" != "root" ]; then
        echo
        echo -e "\e[31mSorry, you are not root.\n\e[0mYou must type: \e[36msudo \e[0mbash install_spreedme_webrtc.sh"
        echo
        exit 1
fi

# Clean and update
apt-get autoclean
apt-get autoremove
apt-get -f install -y
apt-get update
apt-get upgrade -y

# Install spreed (Unstable is used as there are some systemd errors in ubuntu 16.04)
apt-add-repository ppa:strukturag/spreed-webrtc-unstable
apt-get update
#apt-get install spreed-webrtc -y

# Aptitude workaround for repo bug
aptitude install spreed-webrtc << EOF
n
y
y
EOF

# Change server conf.
sed -i "s|listen = 127.0.0.1:8080|listen = $LISTENADDRESS:$LISTENPORT|g" /etc/spreed/webrtc.conf
sed -i "s|;basePath = /some/sub/path/|basePath = /webrtc/|g" /etc/spreed/webrtc.conf
sed -i "s|;authorizeRoomJoin = false|authorizeRoomJoin = true|g" /etc/spreed/webrtc.conf
sed -i "s|;stunURIs = stun:stun.spreed.me:443|stunURIs = stun:stun.spreed.me:443|g" /etc/spreed/webrtc.conf
sed -i "s|encryptionSecret = .*|encryptionSecret = $ENCRYPTIONSECRET|g" /etc/spreed/webrtc.conf
sed -i "s|sessionSecret = .*|sessionSecret = $SESSIONSECRET|g" /etc/spreed/webrtc.conf
sed -i "s|serverToken = .*|serverToken = $SERVERTOKEN|g" /etc/spreed/webrtc.conf
sed -i "s|;extra = /usr/share/spreed-webrtc-server/extra|extra = $OCDIR/apps/spreedme/extra|g" /etc/spreed/webrtc.conf
sed -i "s|;plugin = extra/static/myplugin.js|plugin = $OCDIR/apps/spreedme/extra/static/owncloud.js|g" /etc/spreed/webrtc.conf
sed -i "s|enabled = false|enabled = true|g" /etc/spreed/webrtc.conf
sed -i "s|;mode = sharedsecret|mode = sharedsecret|g" /etc/spreed/webrtc.conf
sed -i "s|;sharedsecret_secret = .*|sharedsecret_secret = $SHAREDSECRET|g" /etc/spreed/webrtc.conf

# Change spreed.me config.php
cp $OCDIR/apps/spreedme/config/config.php.in $OCDIR/apps/spreedme/config/config.php
sed -i "s|const SPREED_WEBRTC_ORIGIN = '';|const SPREED_WEBRTC_ORIGIN = '$SPREEDDOMAIN';|g" $OCDIR/apps/spreedme/config/config.php
sed -i "s|const SPREED_WEBRTC_SHAREDSECRET = 'bb04fb058e2d7fd19c5bdaa129e7883195f73a9c49414a7eXXXXXXXXXXXXXXXX';|const SPREED_WEBRTC_SHAREDSECRET = '$SHAREDSECRET';|g" $OCDIR/apps/spreedme/config/config.php

# Change OwnCloudConfig.js
cp $OCDIR/apps/spreedme/extra/static/config/OwnCloudConfig.js.in $OCDIR/apps/spreedme/extra/static/config/OwnCloudConfig.js
sed -i "s|OWNCLOUD_ORIGIN: '',|OWNCLOUD_ORIGIN: 'SPREEDDOMAIN',|g" $OCDIR/apps/spreedme/extra/static/config/OwnCloudConfig.js

# Restart spreed server
service spreedwebrtc restart

# Vhost configuration 443
sed -i 's|</VirtualHost>||g' "$VHOST443"
CAT <<-VHOST > "$VHOST443"
<Location /webrtc>
      ProxyPass http://"$LISTENADDRESS":"$LISTENPORT"/webrtc
      ProxyPassReverse /webrtc
  </Location>

  <Location /webrtc/ws>
      ProxyPass ws://"$LISTENADDRESS":"$LISTENPORT"/webrtc/ws
  </Location>

  ProxyVia On
  ProxyPreserveHost On
  RequestHeader set X-Forwarded-Proto 'https' env=HTTPS
</VirtualHost>
VHOST

# Enable apache2 mods if needed
      	if [ -d /etc/apache2/ ]; then
      	        a2enmod proxy proxy_http proxy_wstunnel headers
      	fi

# Restart webserver
service $WEB reload

# Almost done
echo "Please enable the app in Nextcloud/ownCloud..."
echo
echo "If there are any errors make sure to append /?debug to the url when visiting the spreedme app in the cloud"
echo "This will help us troubleshoot the issues, you could also visit: mydomain.com/index.php/apps/spreedme/admin/debug"

exit 0

I think https://gist.github.com/ezraholm50/cecf009f5576428507cbdd92a050c9b7#file-install_spreedme_webrtc-sh-L78 path is wrong, should be /webrtc

Also the configuration for the non secure vhost does not make much sense as that will only work in a very specific development only case.

The script should test for xdd and use /dev/urandom. If either is not available, fall back to openssl

You can use wildchars within sed, e.g.

sed -i "s|serverToken =.*|serverToken = $SERVERTOKEN|g" /etc/spreed/webrtc.conf

@longsleep @leonklingele How about now? Could you tell me more about xdd and urandom?

Can I also use sed like this:
sed -i "s|const SPREED_WEBRTC_SHAREDSECRET = '.*';|const SPREED_WEBRTC_SHAREDSECRET = '$SHAREDSECRET';|g" $OCDIR/apps/spreedme/config/config.php

Line 78 works, on my production server, I will try to change it to /webrtc and see what it does.
Also indeed the http vhost was just a quick copy paste and I havent thought that through, thanks!

If I am testing with the Tech and Me Nextcloud_Community_10-0-1.ova would I use /etc/$WEB/sites-available/nextcloud_http_domain_self_signed.conf and /etc/$WEB/sites-available/nextcloud_ssl_domain_self_signed.conf on lines 17 & 18?