Skip to content

Instantly share code, notes, and snippets.

@sloan58
Created April 23, 2019 15:54
Show Gist options
  • Save sloan58/689fd64ee67e2fb51ca78c9a8ded70ee to your computer and use it in GitHub Desktop.
Save sloan58/689fd64ee67e2fb51ca78c9a8ded70ee to your computer and use it in GitHub Desktop.
Jitsi Meet AWS User Data
#!/usr/bin/env bash
DOMAIN="" # Your Route53 TLD (ex: mydomain.com)
SUBDOMAIN="" # The meeting subdomain (ex: meet (for meet.mydomain.com))
CONFIGURE_AUTH=true # Boolean to configure internal_plain auth or not
PROSODY_USER="" # If you're configuring auth, the user account name (will login as ${PROSODY_USER}@${SUBDOMAIN}.${DOMAIN} )
PROSODY_PASS="" # If you're configuring auth, the user password (escape special characters)
AWS_ACCESS_KEY="" # Your AWS Access Key
AWS_SECRET_KEY="" # Your AWS Secret Key
LETS_ENCRYPT_EMAIL="" # Email address to use for Let's Encrypt certificate
# Install AWS CLI and update Route53 DNS record for the Jitsi service
snap install aws-cli --classic
mkdir -p /root/.aws
touch /root/.aws/credentials
echo "[default]
aws_access_key_id = ${AWS_ACCESS_KEY}
aws_secret_access_key = ${AWS_SECRET_KEY}
region = us-east-1" > /root/.aws/credentials
echo '{
"Comment": "Update the A record set",
"Changes": [
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "'${SUBDOMAIN}'.'${DOMAIN}'",
"Type": "A",
"TTL": 60,
"ResourceRecords": [
{
"Value": "127.0.0.1"
}
]
}
}
]
}' > /root/update-route53-A.json
IP=$( curl -s http://169.254.169.254/latest/meta-data/public-ipv4 )
HOSTED_ZONE_ID=$( /snap/bin/aws route53 list-hosted-zones-by-name | grep -B 1 -e "${DOMAIN}" | sed 's/.*hostedzone\/\([A-Za-z0-9]*\)\".*/\1/' | head -n 1 )
sed -i "s/127\.0\.0\.1/$IP/" /root/update-route53-A.json
JSON_FILE=$(</root/update-route53-A.json)
/snap/bin/aws route53 change-resource-record-sets --hosted-zone-id "$HOSTED_ZONE_ID" --cli-input-json "{ \"ChangeBatch\": $JSON_FILE }"
rm /root/.aws/credentials
# Install Jitsi Meet
apt-get update -y
apt install -y nginx
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
sh -c "echo 'deb https://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list"
apt-get -y update
echo "jitsi-videobridge jitsi-videobridge/jvb-hostname string ${SUBDOMAIN}.${DOMAIN}" | debconf-set-selections
echo "jitsi-meet jitsi-meet/cert-choice select Self-signed certificate will be generated" | debconf-set-selections
apt-get -y install jitsi-meet
cd /usr/share/jitsi-meet/scripts/
echo "${LETS_ENCRYPT_EMAIL}" | ./install-letsencrypt-cert.sh
if [[ "$CONFIGURE_AUTH" = true ]] ; then
# Configure Jitsi Meet for internal_plain auth
sed -z -i 's/authentication = "anonymous"/authentication = "internal_plain"/' /etc/prosody/conf.avail/${SUBDOMAIN}.${DOMAIN}.cfg.lua
echo 'VirtualHost "guest.'${SUBDOMAIN}'.'${DOMAIN}'"
authentication = "anonymous"
c2s_require_encryption = false' >> /etc/prosody/conf.avail/${SUBDOMAIN}.${DOMAIN}.cfg.lua
sed -i "s|// anonymousdomain: 'guest.jitsi-meet.example.com' |anonymousdomain: '${SUBDOMAIN}.${DOMAIN}'|" /etc/jitsi/meet/${SUBDOMAIN}.${DOMAIN}-config.js
echo "org.jitsi.jicofo.auth.URL=XMPP:${SUBDOMAIN}.${DOMAIN}" >> /etc/jitsi/jicofo/sip-communicator.properties
prosodyctl register ${PROSODY_USER} ${SUBDOMAIN}.${DOMAIN} ${PROSODY_PASS}
service jicofo restart
service jitsi-videobridge restart
prosodyctl restart
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment