Add helper script to launch the recording backend

The script creates a Docker container and installs all the needed
dependencies as well as the recording backend inside it.

Once the container has been created running the script will just launch
the recording backend again in the existing container, without setting
it up.

Note that the configuration (/etc/nextcloud-talk-recording/server.conf)
needs to be customized as needed.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

1 files changed, 210 insertions, 0 deletions

diff --git a/recording/start-container.sh b/recording/start-container.sh
new file mode 100755
index 000000000..7250ae588
--- /dev/null
+++ b/recording/start-container.sh
@@ -0,0 +1,210 @@
+#!/usr/bin/env bash
+
+# @copyright Copyright (c) 2023, Daniel Calviño Sánchez (danxuliu@gmail.com)
+#
+# @license GNU AGPL version 3 or any later version
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+# Helper script to run the recording backend for Nextcloud Talk.
+#
+# The recording backend is implemented in several Python files. This Bash script
+# is provided to set up a Docker container with Selenium, a web browser and all
+# the needed Python dependencies for the recording backend.
+#
+# This script creates an Ubuntu container, installs all the needed dependencies
+# in it and executes the recording backend inside the container. If the
+# container exists already the previous container will be reused and this script
+# will simply execute the recording backend in it.
+#
+# Due to that the Docker container will not be stopped nor removed when the
+# script exits (except when the container was created but it could not be
+# started); that must be explicitly done once the container is no longer needed.
+#
+#
+#
+# DOCKER AND PERMISSIONS
+#
+# To perform its job, this script requires the "docker" command to be available.
+#
+# The Docker Command Line Interface (the "docker" command) requires special
+# permissions to talk to the Docker daemon, and those permissions are typically
+# available only to the root user. Please see the Docker documentation to find
+# out how to give access to a regular user to the Docker daemon:
+# https://docs.docker.com/engine/installation/linux/linux-postinstall/
+#
+# Note, however, that being able to communicate with the Docker daemon is the
+# same as being able to get root privileges for the system. Therefore, you must
+# give access to the Docker daemon (and thus run this script as) ONLY to trusted
+# and secure users:
+# https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface
+
+# Sets the variables that abstract the differences in command names and options
+# between operating systems.
+#
+# Switches between timeout on GNU/Linux and gtimeout on macOS (same for mktemp
+# and gmktemp).
+function setOperatingSystemAbstractionVariables() {
+	case "$OSTYPE" in
+		darwin*)
+			if [ "$(which gtimeout)" == "" ]; then
+				echo "Please install coreutils (brew install coreutils)"
+				exit 1
+			fi
+
+			MKTEMP=gmktemp
+			TIMEOUT=gtimeout
+			DOCKER_OPTIONS="-e no_proxy=localhost "
+			;;
+		linux*)
+			MKTEMP=mktemp
+			TIMEOUT=timeout
+			DOCKER_OPTIONS=" "
+			;;
+		*)
+			echo "Operating system ($OSTYPE) not supported"
+			exit 1
+			;;
+	esac
+}
+
+# Removes Docker container if it was created but failed to start.
+function cleanUp() {
+	# Disable (yes, "+" disables) exiting immediately on errors to ensure that
+	# all the cleanup commands are executed (well, no errors should occur during
+	# the cleanup anyway, but just in case).
+	set +o errexit
+
+	# The name filter must be specified as "^/XXX$" to get an exact match; using
+	# just "XXX" would match every name that contained "XXX".
+	if [ -n "$(docker ps --all --quiet --filter status=created --filter name="^/$CONTAINER$")" ]; then
+		echo "Removing Docker container $CONTAINER"
+		docker rm --volumes --force $CONTAINER
+	fi
+}
+
+# Exit immediately on errors.
+set -o errexit
+
+# Execute cleanUp when the script exits, either normally or due to an error.
+trap cleanUp EXIT
+
+# Ensure working directory is script directory, as some actions (like copying
+# the files to the container) expect that.
+cd "$(dirname $0)"
+
+HELP="Usage: $(basename $0) [OPTION]...
+
+Options (all options can be omitted, but when present they must appear in the
+following order):
+--help prints this help and exits.
+--container CONTAINER_NAME the name to assign to the container. Defaults to
+  talk-recording.
+--time-zone TIME_ZONE the time zone to use inside the container. Defaults to
+  UTC. The recording backend can be started again later with a different time
+  zone (although other commands executed in the container with 'docker exec'
+  will still use the time zone specified during creation).
+--dev-shm-size SIZE the size to assign to /dev/shm in the Docker container.
+  Defaults to 2g"
+if [ "$1" = "--help" ]; then
+	echo "$HELP"
+
+	exit 0
+fi
+
+CONTAINER="talk-recording"
+if [ "$1" = "--container" ]; then
+	CONTAINER="$2"
+
+	shift 2
+fi
+
+if [ "$1" = "--time-zone" ]; then
+	TIME_ZONE="$2"
+
+	shift 2
+fi
+
+CUSTOM_CONTAINER_OPTIONS=false
+
+# 2g is the default value recommended in the documentation of the Docker images
+# for Selenium:
+# https://github.com/SeleniumHQ/docker-selenium#--shm-size2g
+DEV_SHM_SIZE="2g"
+if [ "$1" = "--dev-shm-size" ]; then
+	DEV_SHM_SIZE="$2"
+	CUSTOM_CONTAINER_OPTIONS=true
+
+	shift 2
+fi
+
+if [ -n "$1" ]; then
+	echo "Invalid option (or at invalid position): $1
+
+$HELP"
+
+	exit 1
+fi
+
+ENVIRONMENT_VARIABLES=""
+if [ -n "$TIME_ZONE" ]; then
+	ENVIRONMENT_VARIABLES="--env TZ=$TIME_ZONE"
+fi
+
+setOperatingSystemAbstractionVariables
+
+# If the container is not found a new one is prepared. Otherwise the existing
+# container is used.
+#
+# The name filter must be specified as "^/XXX$" to get an exact match; using
+# just "XXX" would match every name that contained "XXX".
+if [ -z "$(docker ps --all --quiet --filter name="^/$CONTAINER$")" ]; then
+	echo "Creating Talk recording container"
+	# In Ubuntu 22.04 and later Firefox is installed as a snap package, which
+	# does not work out of the box in a container. Therefore, for now Ubuntu
+	# 20.04 is used instead.
+	docker run --detach --tty --name=$CONTAINER --shm-size=$DEV_SHM_SIZE $ENVIRONMENT_VARIABLES $DOCKER_OPTIONS ubuntu:20.04 bash
+
+	echo "Installing required Python modules"
+	# "noninteractive" is used to provide default settings instead of asking for
+	# them (for example, for tzdata).
+	# Additional Python dependencies may be installed by pip if needed.
+	docker exec $CONTAINER bash -c "apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install --assume-yes ffmpeg firefox pulseaudio python3-pip xvfb"
+
+	echo "Adding user to run the recording backend"
+	docker exec $CONTAINER useradd --create-home recording
+
+	echo "Copying recording backend to the container"
+	docker exec $CONTAINER mkdir --parent /tmp/recording/
+	docker cp . $CONTAINER:/tmp/recording/
+
+	echo "Installing recording backend inside container"
+	docker exec $CONTAINER python3 -m pip install /tmp/recording/
+
+	echo "Copying configuration from server.conf.in to /etc/nextcloud-talk-recording/server.conf"
+	docker exec $CONTAINER mkdir --parent /etc/nextcloud-talk-recording/
+	docker cp server.conf.in $CONTAINER:/etc/nextcloud-talk-recording/server.conf
+elif $CUSTOM_CONTAINER_OPTIONS; then
+	# Environment variables are excluded from this warning.
+	echo "WARNING: Using existing container, custom container options ignored"
+fi
+
+# Start existing container if it is stopped.
+if [ -n "$(docker ps --all --quiet --filter status=exited --filter name="^/$CONTAINER$")" ]; then
+	echo "Starting Talk recording container"
+	docker start $CONTAINER
+fi
+
+echo "Starting recording backend"
+docker exec --tty --interactive --user recording $ENVIRONMENT_VARIABLES --workdir /home/recording $CONTAINER python3 -m nextcloud.talk.recording --config /etc/nextcloud-talk-recording/server.conf