more updates march

jitsi/jigasi/rootfs/etc/cont-init.d/10-config

@@ -0,0 +1,107 @@
+#!/usr/bin/with-contenv bash
+
+export SENTRY_RELEASE="${SENTRY_RELEASE:-$(apt-cache policy jigasi | sed -n '/Installed/p' | sed -e 's/[^:]*: //')}"
+
+if [[ -z $JIGASI_XMPP_PASSWORD ]]; then
+    echo 'FATAL ERROR: Jigasi auth password must be set'
+    exit 1
+fi
+
+OLD_JIGASI_XMPP_PASSWORD=passw0rd
+if [[ "$JIGASI_XMPP_PASSWORD" == "$OLD_JIGASI_XMPP_PASSWORD" ]]; then
+    echo 'FATAL ERROR: Jigasi auth password must be changed, check the README'
+    exit 1
+fi
+
+[ -z "$JIGASI_MODE" ] && JIGASI_MODE="sip"
+JIGASI_MODE="$(echo $JIGASI_MODE | tr '[:upper:]' '[:lower:]')"
+
+if [[ "$JIGASI_MODE" == "transcriber" ]]; then
+    # set random jigasi nickname for the instance if is not set
+    [ -z "${JIGASI_INSTANCE_ID}" ] && export JIGASI_INSTANCE_ID="transcriber-$(date +%N)"
+fi
+
+# set random jigasi nickname for the instance if is not set
+[ -z "${JIGASI_INSTANCE_ID}" ] && export JIGASI_INSTANCE_ID="jigasi-$(date +%N)"
+
+# set stats id for the instance
+[ -z "${JIGASI_STATS_ID}" ] && export JIGASI_STATS_ID="$JIGASI_INSTANCE_ID"
+
+# check for AUTOSCALER_URL, AUTOSCALER_SIDECAR_KEY_FILE and AUTOSCALER_SIDECAR_KEY_ID as indicator that sidecar should be enabled
+if [ -n "$AUTOSCALER_URL" ]; then
+    if [ -z "$AUTOSCALER_SIDECAR_KEY_FILE" ]; then
+        export AUTOSCALER_SIDECAR_KEY_FILE="/etc/jitsi/autoscaler-sidecar/asap.pem"
+    fi
+    if [ -z "$AUTOSCALER_SIDECAR_KEY_ID" ]; then
+        # assume key id is equal to the base real path of the key file minus .pem
+        export AUTOSCALER_SIDECAR_KEY_ID="$(basename "$(realpath "$AUTOSCALER_SIDECAR_KEY_FILE")" | tr -d '.pem')"
+    fi
+
+    if [ -f "$AUTOSCALER_SIDECAR_KEY_FILE" ]; then
+        echo "AUTOSCALER_URL found, enabling autoscaler sidecar"
+
+        export JIGASI_VERSION="$(dpkg -s jigasi | grep Version | awk '{print $2}' | sed 's/..$//')"
+
+        [ -z "$AUTOSCALER_SIDECAR_PORT" ] && export AUTOSCALER_SIDECAR_PORT="6000"
+        [ -z "$AUTOSCALER_SIDECAR_INSTANCE_ID" ] && export AUTOSCALER_SIDECAR_INSTANCE_ID="$JIGASI_INSTANCE_ID"
+        [ -z "$AUTOSCALER_SIDECAR_REGION" ] && export AUTOSCALER_SIDECAR_REGION="docker"
+        [ -z "$AUTOSCALER_SIDECAR_GROUP_NAME" ] && export AUTOSCALER_SIDECAR_GROUP_NAME="docker-jigasi"
+
+        mkdir -p /etc/jitsi/autoscaler-sidecar
+        tpl /defaults/autoscaler-sidecar.config > /etc/jitsi/autoscaler-sidecar/config
+    else
+        echo "No key file at $AUTOSCALER_SIDECAR_KEY_FILE, leaving autoscaler sidecar disabled"
+    fi
+else
+    echo "No AUTOSCALER_URL defined, leaving autoscaler sidecar disabled"
+fi
+
+# maintain backward compatibility with older variable
+[ -z "${XMPP_HIDDEN_DOMAIN}" ] && export XMPP_HIDDEN_DOMAIN="$XMPP_RECORDER_DOMAIN"
+
+tpl /defaults/logging.properties > /config/logging.properties
+tpl /defaults/sip-communicator.properties > /config/sip-communicator.properties
+tpl /defaults/xmpp-sip-communicator.properties >> /config/sip-communicator.properties
+
+if [[ "$JIGASI_MODE" == "sip" ]]; then
+    tpl /defaults/sipserver-sip-communicator.properties >> /config/sip-communicator.properties
+elif [[ "$JIGASI_MODE" == "transcriber" ]]; then
+    tpl /defaults/transcriber-sip-communicator.properties >> /config/sip-communicator.properties
+    mkdir -pm777 /tmp/transcripts
+    chown jigasi:jitsi /tmp/transcripts
+
+    # Create Google Cloud Credentials
+    if [[ -z $GC_PROJECT_ID || -z $GC_PRIVATE_KEY_ID || -z $GC_PRIVATE_KEY || -z $GC_CLIENT_EMAIL || -z $GC_CLIENT_ID || -z $GC_CLIENT_CERT_URL ]]; then
+        echo 'Transcriptions: One or more gcloud environment variables are undefined, skipping gcloud credentials file /config/key.json'
+    else
+        jq -n \
+            --arg GC_PROJECT_ID "$GC_PROJECT_ID" \
+            --arg GC_PRIVATE_KEY_ID "$GC_PRIVATE_KEY_ID" \
+            --arg GC_PRIVATE_KEY "$GC_PRIVATE_KEY" \
+            --arg GC_CLIENT_EMAIL "$GC_CLIENT_EMAIL" \
+            --arg GC_CLIENT_ID "$GC_CLIENT_ID" \
+            --arg GC_CLIENT_CERT_URL "$GC_CLIENT_CERT_URL" \
+            '{
+                type: "service_account",
+                project_id: $GC_PROJECT_ID,
+                private_key_id: $GC_PRIVATE_KEY_ID,
+                private_key: $GC_PRIVATE_KEY,
+                client_email: $GC_CLIENT_EMAIL,
+                client_id: $GC_CLIENT_ID,
+                auth_uri: "https://accounts.google.com/o/oauth2/auth",
+                token_uri: "https://oauth2.googleapis.com/token",
+                auth_provider_x509_cert_url: "https://www.googleapis.com/oauth2/v1/certs",
+                client_x509_cert_url: $GC_CLIENT_CERT_URL
+            }' \
+            > /config/key.json
+    fi
+fi
+
+if [[ -f /config/custom-sip-communicator.properties ]]; then
+    cat /config/custom-sip-communicator.properties >> /config/sip-communicator.properties
+fi
+if [[ -f /config/custom-logging.properties ]]; then
+    cat /config/custom-logging.properties >> /config/logging.properties
+fi
+
+chown jigasi /config -R

jitsi/jigasi/rootfs/etc/services.d/50-autoscaler-sidecar/run

@@ -0,0 +1,10 @@
+#!/usr/bin/with-contenv bash
+
+if [[ -n "$AUTOSCALER_URL" ]] && [[ -f "/etc/jitsi/autoscaler-sidecar/config" ]]; then
+    DAEMON="/usr/bin/node /usr/share/jitsi-autoscaler-sidecar/app.js"
+    exec s6-setuidgid autoscaler-sidecar /bin/bash -c ". /etc/jitsi/autoscaler-sidecar/config && exec $DAEMON"
+else
+    # if autoscaler-sidecar should not be started,
+    # prevent s6 from restarting this script again and again
+    s6-svc -O /var/run/s6/services/50-autoscaler-sidecar
+fi

jitsi/jigasi/rootfs/etc/services.d/jigasi/finish

@@ -0,0 +1,9 @@
+#!/usr/bin/with-contenv bash
+
+# When the jigasi is shutdown (or gracefully shutdown), it exits with code 0.
+# In this case, we don't want S6 to restart the service. We want to stop all
+# services and shutdown the container.
+
+if [[ $1 -eq 0 ]]; then
+  /opt/jitsi/shutdown.sh
+fi

jitsi/jigasi/rootfs/etc/services.d/jigasi/run

@@ -0,0 +1,11 @@
+#!/usr/bin/with-contenv bash
+
+JAVA_SYS_PROPS="-Djava.util.logging.config.file=/config/logging.properties"
+
+DAEMON=/usr/share/jigasi/jigasi.sh
+DAEMON_OPTS="--nocomponent=true --configdir=/ --configdirname=config --min-port=${JIGASI_PORT_MIN:-20000} --max-port=${JIGASI_PORT_MAX:-20050}"
+
+JIGASI_CMD="JAVA_SYS_PROPS=\"$JAVA_SYS_PROPS\" exec $DAEMON $DAEMON_OPTS"
+[ -n "$JIGASI_LOG_FILE" ] && JIGASI_CMD="$JIGASI_CMD 2>&1 | tee $JIGASI_LOG_FILE"
+
+exec s6-setuidgid jigasi /bin/bash -c "$JIGASI_CMD"