This commit is contained in:
pedro 2022-05-05 00:25:27 +02:00
parent 1791d35f84
commit 81ffe69e57
7 changed files with 194 additions and 1 deletions

View file

@ -0,0 +1,14 @@
#!/bin/sh -eu
# Source:
# https://github.com/jitsi/jibri#prosody
# shellcheck disable=SC2034 # This is intended to be included
JIBRI_CONFIG="$(cat <<END
VirtualHost "recorder.${JITSI_DOMAIN:?}"
modules_enabled = {
"ping";
}
authentication = "internal_plain"
END
)"

View file

@ -0,0 +1,134 @@
#!/bin/sh -eu
# Start
cat <<EOF
# Managed remotely, changes will be lost
# thanks
# https://community.jitsi.org/t/jibri-service-fails/85272/4
# https://github.com/emrahcom/emrah-buster-templates/blob/master/machines/eb-jibri-template/etc/jitsi/jibri/jibri.conf
jibri {
// A unique identifier for this Jibri
// TODO: eventually this will be required with no default
id = ""
// Whether or not Jibri should return to idle state after handling
// (successfully or unsuccessfully) a request. A value of 'true'
// here means that a Jibri will NOT return back to the IDLE state
// and will need to be restarted in order to be used again.
single-use-mode = false
api {
http {
external-api-port = 2222
internal-api-port = 3333
}
xmpp {
// See example_xmpp_envs.conf for an example of what is expected here
environments = [{
name = "jibri-env"
xmpp-server-hosts = ["${JIBRI_HOST:?}"]
xmpp-domain = "${JIBRI_HOST:?}"
control-muc {
domain = "internal.auth.${JIBRI_HOST:?}"
room-name = "JibriBrewery"
nickname = "jibri-nickname"
}
control-login {
domain = "auth.${JIBRI_HOST:?}"
username = "jibri"
password = "${JIBRI_AUTH_PASS:?}"
}
call-login {
domain = "recorder.${JIBRI_HOST:?}"
username = "recorder"
password = "${JIBRI_RECORDER_PASS:?}"
}
strip-from-room-domain = "conference."
usage-timeout = 0
trust-all-xmpp-certs = true
}]
}
}
recording {
recordings-directory = "/tmp/recordings"
# TODO: make this an optional param and remove the default
finalize-script = "/opt/finalize_recording.sh"
}
streaming {
// A list of regex patterns for allowed RTMP URLs. The RTMP URL used
// when starting a stream must match at least one of the patterns in
// this list.
rtmp-allow-list = [
// By default, all services are allowed
".*"
]
}
sip {
// The routing rule for the outbound scenario in VoxImplant is based on this prefix
outbound-prefix = "out_"
}
ffmpeg {
resolution = "1920x1080"
// The audio source that will be used to capture audio on Linux
audio-source = "alsa"
// The audio device that will be used to capture audio on Linux
audio-device = "plug:bsnoop"
}
chrome {
// The flags which will be passed to chromium when launching
flags = [
"--use-fake-ui-for-media-stream",
"--start-maximized",
"--kiosk",
"--enabled",
"--autoplay-policy=no-user-gesture-required"
]
}
stats {
enable-stats-d = true
}
webhook {
// A list of subscribers interested in receiving webhook events
subscribers = []
}
jwt-info {
// The path to a .pem file which will be used to sign JWT tokens used in webhook
// requests. If not set, no JWT will be added to webhook requests.
# signing-key-path = "/path/to/key.pem"
// The kid to use as part of the JWT
# kid = "key-id"
// The issuer of the JWT
# issuer = "issuer"
// The audience of the JWT
# audience = "audience"
// The TTL of each generated JWT. Can't be less than 10 minutes.
# ttl = 1 hour
}
call-status-checks {
// If not all clients have their audio and video muted, but Jibri does not
// detect any data stream (audio or video) comming in, it will stop
// recording after NO_MEDIA_TIMEOUT expires.
no-media-timeout = 3 minutes
// If all clients have their audio and video muted, Jibri consideres this
// as an empty call and stops the recording after ALL_MUTED_TIMEOUT expires.
all-muted-timeout = 10 minutes
// When detecting if a call is empty, Jibri takes into consideration for how
// long the call has been empty already. If it has been empty for more than
// DEFAULT_CALL_EMPTY_TIMEOUT, it will consider it empty and stop the recording.
default-call-empty-timeout = 30 seconds
// If ICE hasn't completed, or stays in a state other than "connected" for this amount of time, Jibri will stop.
ice-connection-timeout = 30 seconds
}
}
EOF

View file

@ -28,6 +28,18 @@ cat <<EOF
login-url: ${JITSI_HOST:?}
}
EOF
# Jibri if needed
if [ "${JIBRI_STATE:?}" = "present" ]; then
cat <<EOF
jibri: {
// The JID of the MUC to be used as a brewery for jibri instances for streaming.
brewery-jid: "JibriBrewery@internal.auth.${JITSI_HOST:?}",
// How long to wait for Jibri to start recording from the time it accepts a START request.
pending-timeout: 90
}
EOF
fi
# End

View file

@ -179,6 +179,15 @@ else
SECURED_DOMAINS_STATE='absent'
fi
if [ -f "${__object}/parameter/jibri" ]; then
JIBRI_STATE='present'
else
JIBRI_STATE='absent'
fi
export JIBRI_STATE
. manifest_jibri
# This is the main host config
PROSODY_MAIN_CONFIG="YES"
# Prosody settings for common components (jvb, focus, ...)

View file

@ -0,0 +1,19 @@
#!/bin/sh -e
# shellcheck source=type/__jitsi_meet/files/prosody.cfg.lua.sh
. "${__type}/files/jibri.cfg.lua.sh" # This defines JIBRI_CONFIG
__file "/etc/prosody/conf.d/01_jibri.cfg.lua" \
--group prosody \
--mode 0440 \
--source - <<EOF
${JIBRI_CONFIG}
EOF
# TODO/WARNING cleartext passwords
JIBRI_AUTH_PASS='jibriauthpass'
JIBRI_RECORDER_PASS='jibrirecorderpass'
__jitsi_meet_user "jibri" --password "${JIBRI_AUTH_PASS}" --domain "auth.${JITSI_HOST}" --state "present"
__jitsi_meet_user "recorder" --password "${JIBRI_RECORDER_PASS}" --domain "recorder.${JITSI_HOST}" --state "present"
"${__type}/files/jibri.conf.sh" | \
__file /etc/jitsi/jibri/jibri.conf --mode 0444 --source '-'

View file

@ -1,2 +1,3 @@
disable-prometheus-exporter
secured-domains
jibri

View file

@ -5,6 +5,7 @@ basic_urlencode() {
}
PASSWD="$(cat "${__object}/parameter/password" 2>/dev/null || true)"
DOMAIN="$(cat "${__object}/parameter/domain" 2>/dev/null || true)"
STATE="$(cat "${__object}/parameter/state")"
if [ -z "${PASSWD}" ] && [ "${STATE}" != "absent" ]; then
@ -23,7 +24,10 @@ EOF
fi
JITSI_USER="$(basic_urlencode "${JITSI_USER_RAW}")"
FQDN="$(basic_urlencode "${__target_host}")"
if [ -z "${DOMAIN}" ]; then
DOMAIN="${__target_host}"
fi
FQDN="$(basic_urlencode "${DOMAIN}")"
FQDN_PATH="/var/lib/prosody/${FQDN}/accounts"
FILENAME="${FQDN_PATH}/${JITSI_USER}.dat"