Import evilham's jitsi types as-it
This commit is contained in:
parent
f01f73f33d
commit
f055527735
29 changed files with 2310 additions and 0 deletions
|
@ -0,0 +1,7 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
|
||||||
|
EXPORTER_VERSION_FILE="/usr/local/bin/.prometheus-jitsi-meet-exporter.cdist.version"
|
||||||
|
|
||||||
|
if [ -f "${EXPORTER_VERSION_FILE}" ]; then
|
||||||
|
cat "${EXPORTER_VERSION_FILE}"
|
||||||
|
fi
|
56
type/__evilham_jitsi_meet/files/debconf_settings.sh
Normal file
56
type/__evilham_jitsi_meet/files/debconf_settings.sh
Normal file
|
@ -0,0 +1,56 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
|
||||||
|
# This can be obtained with debconf-get-selections on a host with jitsi
|
||||||
|
# (and also analysing the deb-src)
|
||||||
|
if false; then
|
||||||
|
# We are currently not using these, just here as documentation
|
||||||
|
DEBCONF_SETTINGS="$(cat <<EOF
|
||||||
|
# Jicofo user password:
|
||||||
|
jicofo jicofo/jicofo-authpassword password STH
|
||||||
|
jitsi-meet-prosody jicofo/jicofo-authpassword password STH
|
||||||
|
# The secret used to connect to xmpp server as component
|
||||||
|
jitsi-meet-prosody jitsi-videobridge/jvbsecret password STH
|
||||||
|
jitsi-videobridge jitsi-videobridge/jvbsecret password STH
|
||||||
|
jitsi-videobridge2 jitsi-videobridge/jvbsecret password STH
|
||||||
|
# Jicofo Component secret:
|
||||||
|
jicofo jicofo/jicofosecret password STH
|
||||||
|
jitsi-meet-prosody jicofo/jicofosecret password STH
|
||||||
|
# Jicofo username:
|
||||||
|
jicofo jicofo/jicofo-authuser string focus
|
||||||
|
jitsi-meet-prosody jicofo/jicofo-authuser string focus
|
||||||
|
# The hostname of the current installation:
|
||||||
|
jitsi-meet-turnserver jitsi-meet-turnserver/jvb-hostname string ${JITSI_HOST}
|
||||||
|
# Full local server path to the SSL certificate file:
|
||||||
|
jitsi-meet-web-config jitsi-meet/cert-path-crt string
|
||||||
|
# Full local server path to the SSL key file:
|
||||||
|
jitsi-meet-web-config jitsi-meet/cert-path-key string
|
||||||
|
EOF
|
||||||
|
)"
|
||||||
|
fi
|
||||||
|
|
||||||
|
DEBCONF_SETTINGS="$(cat <<EOF
|
||||||
|
# The hostname of the current installation:
|
||||||
|
jitsi-meet-web-config jitsi-meet/jvb-hostname string ${JITSI_HOST}
|
||||||
|
# Hostname:
|
||||||
|
jicofo jitsi-videobridge/jvb-hostname string ${JITSI_HOST}
|
||||||
|
jitsi-meet-prosody jitsi-videobridge/jvb-hostname string ${JITSI_HOST}
|
||||||
|
jitsi-meet-turnserver jitsi-videobridge/jvb-hostname string ${TURN_SERVER}
|
||||||
|
jitsi-meet-web-config jitsi-videobridge/jvb-hostname string ${JITSI_HOST}
|
||||||
|
jitsi-videobridge jitsi-videobridge/jvb-hostname string ${JITSI_HOST}
|
||||||
|
jitsi-videobridge2 jitsi-videobridge/jvb-hostname string ${JITSI_HOST}
|
||||||
|
# The hostname of the current installation:
|
||||||
|
jitsi-meet-prosody jitsi-meet-prosody/jvb-hostname string ${JITSI_HOST}
|
||||||
|
# SSL certificate for the Jitsi Meet instance
|
||||||
|
# Choices: Generate a new self-signed certificate (You will later get a chance to obtain a Let's encrypt certificate), I want to use my own certificate
|
||||||
|
jitsi-meet-web-config jitsi-meet/cert-choice select Generate a new self-signed certificate (You will later get a chance to obtain a Let's encrypt certificate)
|
||||||
|
EOF
|
||||||
|
)"
|
||||||
|
|
||||||
|
if [ -n "${TURN_SECRET}" ]; then
|
||||||
|
DEBCONF_SETTINGS="$(cat <<EOF
|
||||||
|
${DEBCONF_SETTINGS}
|
||||||
|
# The turn server secret
|
||||||
|
jitsi-meet-prosody jitsi-meet-prosody/turn-secret string ${TURN_SECRET}
|
||||||
|
EOF
|
||||||
|
)"
|
||||||
|
fi
|
10
type/__evilham_jitsi_meet/files/ufw
Normal file
10
type/__evilham_jitsi_meet/files/ufw
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
|
||||||
|
# Setup firewall
|
||||||
|
__ufw
|
||||||
|
# Allow jitsi ports
|
||||||
|
require="__ufw" __ufw_rule http --rule 'allow 80/tcp'
|
||||||
|
require="__ufw" __ufw_rule https --rule 'allow 443/tcp'
|
||||||
|
require="__ufw" __ufw_rule jitsi_prom --rule 'allow 9888/tcp'
|
||||||
|
require="__ufw" __ufw_rule avfallback --rule 'allow 4443/tcp'
|
||||||
|
require="__ufw" __ufw_rule avdefault --rule 'allow 10000/udp'
|
5
type/__evilham_jitsi_meet/gencode-remote
Executable file
5
type/__evilham_jitsi_meet/gencode-remote
Executable file
|
@ -0,0 +1,5 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
|
||||||
|
if grep -qE "^__file/etc/nginx" "${__messages_in}"; then
|
||||||
|
echo "service nginx reload"
|
||||||
|
fi
|
84
type/__evilham_jitsi_meet/man.rst
Normal file
84
type/__evilham_jitsi_meet/man.rst
Normal file
|
@ -0,0 +1,84 @@
|
||||||
|
cdist-type__evilham_jitsi_meet(7)
|
||||||
|
=================================
|
||||||
|
|
||||||
|
|
||||||
|
NAME
|
||||||
|
----
|
||||||
|
cdist-type__evilham_jitsi_meet - Setup the server-side of Jitsi-Meet.
|
||||||
|
|
||||||
|
|
||||||
|
DESCRIPTION
|
||||||
|
-----------
|
||||||
|
This (singleton) type installs and configures jitsi-meet automatically.
|
||||||
|
|
||||||
|
It does so by following loosely the official quick-install instructions and
|
||||||
|
eXO's notes for installing and managing Jitsi Meet instances.
|
||||||
|
|
||||||
|
This type also sets up nginx in a way that is compatible with
|
||||||
|
`__letsencrypt_cert` and assumes that it will only serve Jitsi instances.
|
||||||
|
|
||||||
|
You will also need the `__evilham_jitsi_meet_domain` type in order to finish
|
||||||
|
setting up the web frontend (including TLS certificates) and its settings.
|
||||||
|
|
||||||
|
You may want to use the `files/ufw` example manifest for a `__ufw`-based
|
||||||
|
firewall compatible with this type.
|
||||||
|
This file does not include rules for TCP port 9888, which exposes the
|
||||||
|
prometheus exporter if not disabled.
|
||||||
|
You should apply your own rules here.
|
||||||
|
|
||||||
|
This type only works on De{bi,vu}an systems.
|
||||||
|
|
||||||
|
NOTE: This type currently does not deal with setting up coturn.
|
||||||
|
For that, you might want to check `__coturn` in
|
||||||
|
https://code.ungleich.ch/ungleich-public/cdist-contrib
|
||||||
|
In that case, this type should run *after* `__coturn`.
|
||||||
|
|
||||||
|
|
||||||
|
OPTIONAL PARAMETERS
|
||||||
|
-------------------
|
||||||
|
turn-secret
|
||||||
|
The shared secret for the TURN server.
|
||||||
|
|
||||||
|
|
||||||
|
turn-server
|
||||||
|
The hostname of the TURN server.
|
||||||
|
This will assume that it is listening with TLS on port 443.
|
||||||
|
|
||||||
|
|
||||||
|
BOOLEAN PARAMETERS
|
||||||
|
------------------
|
||||||
|
disable-prometheus-exporter
|
||||||
|
This type enables a prometheus exporter for jitsi by default, if you would
|
||||||
|
rather not have that, pass this parameter.
|
||||||
|
The explorer is based on:
|
||||||
|
https://github.com/systemli/prometheus-jitsi-meet-exporter
|
||||||
|
|
||||||
|
|
||||||
|
EXAMPLES
|
||||||
|
--------
|
||||||
|
|
||||||
|
.. code-block:: sh
|
||||||
|
|
||||||
|
# Setup the firewall
|
||||||
|
. "${__global}/type/__evilham_jitsi_meet/files/ufw"
|
||||||
|
export require="__ufw"
|
||||||
|
# Setup Jitsi on this host
|
||||||
|
__evilham_jitsi_meet \
|
||||||
|
--turn-server "turn.exo.cat" \
|
||||||
|
--turn-secret "WeNeedGoodSecurity"
|
||||||
|
|
||||||
|
|
||||||
|
SEE ALSO
|
||||||
|
--------
|
||||||
|
- `__evilham_jitsi_meet_domain`
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
AUTHORS
|
||||||
|
-------
|
||||||
|
Evilham <contact@evilham.com>
|
||||||
|
|
||||||
|
|
||||||
|
COPYING
|
||||||
|
-------
|
||||||
|
Copyright \(C) 2020 Evilham.
|
197
type/__evilham_jitsi_meet/manifest
Executable file
197
type/__evilham_jitsi_meet/manifest
Executable file
|
@ -0,0 +1,197 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
|
||||||
|
os="$(cat "${__global}/explorer/os")"
|
||||||
|
init="$(cat "${__global}/explorer/init")"
|
||||||
|
case "${os}" in
|
||||||
|
devuan|debian)
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "Your OS '${os}' is currently not supported." > /dev/stderr
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
|
||||||
|
JITSI_HOST="${__target_host}"
|
||||||
|
TURN_SERVER="$(cat "${__object}/parameter/turn-server")"
|
||||||
|
TURN_SECRET="$(cat "${__object}/parameter/turn-secret")"
|
||||||
|
|
||||||
|
if [ -z "${TURN_SERVER}" ]; then
|
||||||
|
TURN_SERVER="${JITSI_HOST}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
PROMETHEUS_JITSI_EXPORTER_IS_VERSION="$(cat "${__object}/explorer/prometheus-jitsi-meet-explorer-version")"
|
||||||
|
|
||||||
|
# The rest is loosely based on Jitsi's documentation
|
||||||
|
# https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart
|
||||||
|
|
||||||
|
# Setup repositories
|
||||||
|
## First the signing keys
|
||||||
|
__package gnupg2
|
||||||
|
require="__package/gnupg2" __apt_key_uri jitsi_meet \
|
||||||
|
--name 'Jitsi <dev@jitsi.org>' \
|
||||||
|
--uri https://download.jitsi.org/jitsi-key.gpg.key \
|
||||||
|
--state present
|
||||||
|
## Now the repositories (they are a tad weird, so distribution is 'stable/')
|
||||||
|
require="__ufw __apt_key_uri/jitsi_meet" __apt_source jitsi_meet \
|
||||||
|
--uri 'https://download.jitsi.org' \
|
||||||
|
--distribution 'stable/' \
|
||||||
|
--state present
|
||||||
|
## Ensure apt cache is up-to-date
|
||||||
|
require="__apt_source/jitsi_meet" __apt_update_index
|
||||||
|
|
||||||
|
export require="${require} __apt_source/jitsi_meet __apt_update_index"
|
||||||
|
|
||||||
|
# Pre-feed debconf settings, so Jitsi's installation has a good config
|
||||||
|
. "${__type}/files/debconf_settings.sh" # This defines DEBCONF_SETTINGS
|
||||||
|
__debconf_set_selections jitsi_meet --file - <<EOF
|
||||||
|
${DEBCONF_SETTINGS}
|
||||||
|
EOF
|
||||||
|
export require="${require} __debconf_set_selections/jitsi_meet"
|
||||||
|
|
||||||
|
# Install and upgrade packages as needed
|
||||||
|
for pkg in jitsi-meet; do
|
||||||
|
__package "${pkg}"
|
||||||
|
done
|
||||||
|
|
||||||
|
# Proceed only after installation/upgrade has finished
|
||||||
|
export require="__package/jitsi-meet"
|
||||||
|
|
||||||
|
# TODO: generalise and move out
|
||||||
|
# Prep nginx for acme settings
|
||||||
|
|
||||||
|
NGINX_ETC="/etc/nginx"
|
||||||
|
|
||||||
|
#
|
||||||
|
# Setup the acme-challenge snippet
|
||||||
|
#
|
||||||
|
__directory "${NGINX_ETC}/snippets" --state present
|
||||||
|
require="__directory${NGINX_ETC}/snippets" __file "${NGINX_ETC}/snippets/acme-challenge.conf" \
|
||||||
|
--mode 644 \
|
||||||
|
--source - << EOF
|
||||||
|
# This file is managed remotely, all changes will be lost
|
||||||
|
|
||||||
|
# This was heavily inspired by debops.org.
|
||||||
|
|
||||||
|
# Automatic Certificate Management Environment (ACME) support.
|
||||||
|
# https://tools.ietf.org/html/draft-ietf-acme-acme-01
|
||||||
|
# https://en.wikipedia.org/wiki/Automated_Certificate_Management_Environment
|
||||||
|
|
||||||
|
|
||||||
|
# Return the ACME challenge present in the server public root.
|
||||||
|
# If not found, switch to global web server root.
|
||||||
|
location ^~ /.well-known/acme-challenge/ {
|
||||||
|
default_type "text/plain";
|
||||||
|
try_files \$uri @well-known-acme-challenge;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Return the ACME challenge present in the global server public root.
|
||||||
|
# If not present, redirect request to a specified domain.
|
||||||
|
location @well-known-acme-challenge {
|
||||||
|
root /usr/share/jitsi-meet;
|
||||||
|
default_type "text/plain";
|
||||||
|
try_files \$uri @redirect-acme-challenge;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Redirect the ACME challenge to a different host. If a redirect loop is
|
||||||
|
# detected, return 404.
|
||||||
|
location @redirect-acme-challenge {
|
||||||
|
if (\$arg_redirect) {
|
||||||
|
return 404;
|
||||||
|
}
|
||||||
|
return 307 \$scheme://${ACME_DOMAIN}\$request_uri?redirect=yes;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Return 404 if ACME challenge well known path is accessed directly.
|
||||||
|
location = /.well-known/acme-challenge/ {
|
||||||
|
return 404;
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
|
||||||
|
__directory "${NGINX_ETC}/sites-available" --state present
|
||||||
|
require="__directory${NGINX_ETC}/sites-available" __file "${NGINX_ETC}/sites-available/default" \
|
||||||
|
--mode 644 \
|
||||||
|
--source - << EOF
|
||||||
|
# This file is managed remotely, all changes will be lost
|
||||||
|
|
||||||
|
# nginx server configuration for:
|
||||||
|
|
||||||
|
server {
|
||||||
|
|
||||||
|
# Listen on IPv4
|
||||||
|
listen 80;
|
||||||
|
# Note: there is an ipv6only=off flag, but it is Linux-only
|
||||||
|
# incidentally, that defaults to "on", which is what causes
|
||||||
|
# not having the double listen to listen on IPv6-only
|
||||||
|
listen [::]:80;
|
||||||
|
|
||||||
|
server_name welcome;
|
||||||
|
|
||||||
|
root /srv/www/sites/welcome/public;
|
||||||
|
|
||||||
|
include snippets/acme-challenge.conf;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
return 301 https://\$host\$request_uri;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# These two should be changed on new release
|
||||||
|
PROMETHEUS_JITSI_EXPORTER_SHOULD_VERSION="1.1.2"
|
||||||
|
PROMETHEUS_JITSI_EXPORTER_CHECKSUM="sha256:c64852b1cf63efd1632ec07ac9fcead09baccc1bd8c7b21ca830a0d82d00fb3d"
|
||||||
|
PROMETHEUS_JITSI_EXPORTER_URL="https://github.com/systemli/prometheus-jitsi-meet-exporter/releases/download/${PROMETHEUS_JITSI_EXPORTER_VERSION}/prometheus-jitsi-meet-exporter-linux-amd64"
|
||||||
|
PROMETHEUS_JITSI_EXPORTER_VERSION_FILE="/usr/local/bin/.prometheus-jitsi-meet-exporter.cdist.version"
|
||||||
|
if [ ! -f "${__object}/parameter/disable-prometheus-exporter" ]; then
|
||||||
|
case "${init}" in
|
||||||
|
init|sysvinit)
|
||||||
|
__evilham_runit
|
||||||
|
require="__evilham_runit" __evilham_runit_service \
|
||||||
|
prometheus-jitsi-meet-exporter --log --source - <<EOF
|
||||||
|
#!/bin/sh -e
|
||||||
|
cd /tmp
|
||||||
|
exec chpst -u "nobody:nogroup" env HOME="/tmp" \\
|
||||||
|
prometheus-jitsi-meet-exporter \\
|
||||||
|
-videobridge-url 'http://localhost:8888/stats' \\
|
||||||
|
-web.listen-address ':9888' 2>&1
|
||||||
|
EOF
|
||||||
|
|
||||||
|
export require="__evilham_runit_service/prometheus-jitsi-meet-exporter"
|
||||||
|
JITSI_MEET_EXPORTER_SERVICE="sv %s prometheus-jitsi-meet-exporter"
|
||||||
|
;;
|
||||||
|
systemd)
|
||||||
|
__systemd_unit prometheus-jitsi-meet-exporter.service \
|
||||||
|
--source "-" \
|
||||||
|
--enablement-state "enabled" <<EOF
|
||||||
|
[Unit]
|
||||||
|
Description=Metrics Exporter for Jitsi Meet
|
||||||
|
After=network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=simple
|
||||||
|
DynamicUser=yes
|
||||||
|
ExecStart=/usr/local/bin/prometheus-jitsi-meet-exporter -videobridge-url 'http://localhost:8888/stats' -web.listen-address ':9888'
|
||||||
|
Restart=always
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
EOF
|
||||||
|
export require="__systemd_unit/prometheus-jitsi-meet-exporter.service"
|
||||||
|
JITSI_MEET_EXPORTER_SERVICE="service prometheus-jitsi-meet-exporter %s"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
if [ "${PROMETHEUS_JITSI_EXPORTER_SHOULD_VERSION}" != \
|
||||||
|
"${PROMETHEUS_JITSI_EXPORTER_IS_VERSION}" ]; then
|
||||||
|
__download \
|
||||||
|
/tmp/prometheus-jitsi-meet-exporter \
|
||||||
|
--url "${PROMETHEUS_JITSI_EXPORTER_URL}" \
|
||||||
|
--download remote \
|
||||||
|
--sum "${PROMETHEUS_JITSI_EXPORTER_CHECKSUM}" \
|
||||||
|
--onchange "$(printf "${JITSI_MEET_EXPORTER_SERVICE}" "stop") || true; chmod 555 /tmp/prometheus-jitsi-meet-exporter && mv /tmp/prometheus-jitsi-meet-exporter /usr/local/bin/prometheus-jitsi-meet-exporter && $(printf "${JITSI_MEET_EXPORTER_SERVICE}" "restart")"
|
||||||
|
printf "%s" "${PROMETHEUS_JITSI_EXPORTER_SHOULD_VERSION}" | \
|
||||||
|
require="${require} __download/tmp/prometheus-jitsi-meet-exporter" __file \
|
||||||
|
"${PROMETHEUS_JITSI_EXPORTER_VERSION_FILE}" \
|
||||||
|
--source "-"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
# TODO: disable the exporter if it is deployed and then admin changes their mind
|
1
type/__evilham_jitsi_meet/parameter/boolean
Normal file
1
type/__evilham_jitsi_meet/parameter/boolean
Normal file
|
@ -0,0 +1 @@
|
||||||
|
disable-prometheus-exporter
|
0
type/__evilham_jitsi_meet/parameter/default/turn-server
Normal file
0
type/__evilham_jitsi_meet/parameter/default/turn-server
Normal file
2
type/__evilham_jitsi_meet/parameter/optional
Normal file
2
type/__evilham_jitsi_meet/parameter/optional
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
turn-secret
|
||||||
|
turn-server
|
0
type/__evilham_jitsi_meet/singleton
Normal file
0
type/__evilham_jitsi_meet/singleton
Normal file
700
type/__evilham_jitsi_meet_domain/files/config.js.sh
Normal file
700
type/__evilham_jitsi_meet_domain/files/config.js.sh
Normal file
|
@ -0,0 +1,700 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
|
||||||
|
# shellcheck disable=SC2034 # This is intended to be included
|
||||||
|
JITSI_CONFIG_JS="$(cat <<EOF
|
||||||
|
/* eslint-disable no-unused-vars, no-var */
|
||||||
|
|
||||||
|
var config = {
|
||||||
|
// Connection
|
||||||
|
//
|
||||||
|
|
||||||
|
hosts: {
|
||||||
|
// XMPP domain.
|
||||||
|
domain: '${JITSI_HOST}',
|
||||||
|
|
||||||
|
// When using authentication, domain for guest users.
|
||||||
|
// anonymousdomain: 'guest.example.com',
|
||||||
|
|
||||||
|
// Domain for authenticated users. Defaults to <domain>.
|
||||||
|
// authdomain: '${JITSI_HOST}',
|
||||||
|
|
||||||
|
// Call control component (Jigasi).
|
||||||
|
// call_control: 'callcontrol.${JITSI_HOST}',
|
||||||
|
|
||||||
|
// Focus component domain. Defaults to focus.<domain>.
|
||||||
|
// focus: 'focus.${JITSI_HOST}',
|
||||||
|
|
||||||
|
// XMPP MUC domain. FIXME: use XEP-0030 to discover it.
|
||||||
|
muc: 'conference.<!--# echo var="subdomain" default="" -->${JITSI_HOST}'
|
||||||
|
},
|
||||||
|
|
||||||
|
// BOSH URL. FIXME: use XEP-0156 to discover it.
|
||||||
|
bosh: '//${JITSI_HOST}/http-bind',
|
||||||
|
|
||||||
|
// Websocket URL
|
||||||
|
// websocket: 'wss://${JITSI_HOST}/xmpp-websocket',
|
||||||
|
|
||||||
|
// The name of client node advertised in XEP-0115 'c' stanza
|
||||||
|
clientNode: 'http://jitsi.org/jitsimeet',
|
||||||
|
|
||||||
|
// The real JID of focus participant - can be overridden here
|
||||||
|
// Do not change username - FIXME: Make focus username configurable
|
||||||
|
// https://github.com/jitsi/jitsi-meet/issues/7376
|
||||||
|
// focusUserJid: 'focus@auth.${JITSI_HOST}',
|
||||||
|
|
||||||
|
|
||||||
|
// Testing / experimental features.
|
||||||
|
//
|
||||||
|
|
||||||
|
testing: {
|
||||||
|
// Disables the End to End Encryption feature. Useful for debugging
|
||||||
|
// issues related to insertable streams.
|
||||||
|
// disableE2EE: false,
|
||||||
|
|
||||||
|
// P2P test mode disables automatic switching to P2P when there are 2
|
||||||
|
// participants in the conference.
|
||||||
|
p2pTestMode: false
|
||||||
|
|
||||||
|
// Enables the test specific features consumed by jitsi-meet-torture
|
||||||
|
// testMode: false
|
||||||
|
|
||||||
|
// Disables the auto-play behavior of *all* newly created video element.
|
||||||
|
// This is useful when the client runs on a host with limited resources.
|
||||||
|
// noAutoPlayVideo: false
|
||||||
|
|
||||||
|
// Enable / disable 500 Kbps bitrate cap on desktop tracks. When enabled,
|
||||||
|
// simulcast is turned off for the desktop share. If presenter is turned
|
||||||
|
// on while screensharing is in progress, the max bitrate is automatically
|
||||||
|
// adjusted to 2.5 Mbps. This takes a value between 0 and 1 which determines
|
||||||
|
// the probability for this to be enabled.
|
||||||
|
// capScreenshareBitrate: 1 // 0 to disable
|
||||||
|
|
||||||
|
// Enable callstats only for a percentage of users.
|
||||||
|
// This takes a value between 0 and 100 which determines the probability for
|
||||||
|
// the callstats to be enabled.
|
||||||
|
// callStatsThreshold: 5 // enable callstats for 5% of the users.
|
||||||
|
},
|
||||||
|
|
||||||
|
// Disables ICE/UDP by filtering out local and remote UDP candidates in
|
||||||
|
// signalling.
|
||||||
|
// webrtcIceUdpDisable: false,
|
||||||
|
|
||||||
|
// Disables ICE/TCP by filtering out local and remote TCP candidates in
|
||||||
|
// signalling.
|
||||||
|
// webrtcIceTcpDisable: false,
|
||||||
|
|
||||||
|
|
||||||
|
// Media
|
||||||
|
//
|
||||||
|
|
||||||
|
// Audio
|
||||||
|
|
||||||
|
// Disable measuring of audio levels.
|
||||||
|
disableAudioLevels: $(if [ -n "${DISABLE_AUDIO_LEVELS}" ]; then printf "true"; else printf "false"; fi),
|
||||||
|
// audioLevelsInterval: 200,
|
||||||
|
|
||||||
|
// Enabling this will run the lib-jitsi-meet no audio detection module which
|
||||||
|
// will notify the user if the current selected microphone has no audio
|
||||||
|
// input and will suggest another valid device if one is present.
|
||||||
|
enableNoAudioDetection: true,
|
||||||
|
|
||||||
|
// Enabling this will run the lib-jitsi-meet noise detection module which will
|
||||||
|
// notify the user if there is noise, other than voice, coming from the current
|
||||||
|
// selected microphone. The purpose it to let the user know that the input could
|
||||||
|
// be potentially unpleasant for other meeting participants.
|
||||||
|
enableNoisyMicDetection: true,
|
||||||
|
|
||||||
|
// Start the conference in audio only mode (no video is being received nor
|
||||||
|
// sent).
|
||||||
|
// startAudioOnly: false,
|
||||||
|
|
||||||
|
// Every participant after the Nth will start audio muted.
|
||||||
|
// startAudioMuted: 10,
|
||||||
|
|
||||||
|
// Start calls with audio muted. Unlike the option above, this one is only
|
||||||
|
// applied locally. FIXME: having these 2 options is confusing.
|
||||||
|
// startWithAudioMuted: false,
|
||||||
|
|
||||||
|
// Enabling it (with #params) will disable local audio output of remote
|
||||||
|
// participants and to enable it back a reload is needed.
|
||||||
|
// startSilent: false
|
||||||
|
|
||||||
|
// Sets the preferred target bitrate for the Opus audio codec by setting its
|
||||||
|
// 'maxaveragebitrate' parameter. Currently not available in p2p mode.
|
||||||
|
// Valid values are in the range 6000 to 510000
|
||||||
|
// opusMaxAverageBitrate: 20000,
|
||||||
|
|
||||||
|
// Enables redundancy for Opus
|
||||||
|
// enableOpusRed: false
|
||||||
|
|
||||||
|
// Video
|
||||||
|
|
||||||
|
// Sets the preferred resolution (height) for local video. Defaults to 720.
|
||||||
|
// resolution: 720,
|
||||||
|
|
||||||
|
// How many participants while in the tile view mode, before the receiving video quality is reduced from HD to SD.
|
||||||
|
// Use -1 to disable.
|
||||||
|
// maxFullResolutionParticipants: 2,
|
||||||
|
|
||||||
|
// w3c spec-compliant video constraints to use for video capture. Currently
|
||||||
|
// used by browsers that return true from lib-jitsi-meet's
|
||||||
|
// util#browser#usesNewGumFlow. The constraints are independent from
|
||||||
|
// this config's resolution value. Defaults to requesting an ideal
|
||||||
|
// resolution of 720p.
|
||||||
|
// constraints: {
|
||||||
|
// video: {
|
||||||
|
// height: {
|
||||||
|
// ideal: 720,
|
||||||
|
// max: 720,
|
||||||
|
// min: 240
|
||||||
|
// }
|
||||||
|
// }
|
||||||
|
// },
|
||||||
|
$(if [ -n "${VIDEO_CONSTRAINTS}" ]; then echo "${VIDEO_CONSTRAINTS},"; fi)
|
||||||
|
|
||||||
|
// Enable / disable simulcast support.
|
||||||
|
// disableSimulcast: false,
|
||||||
|
|
||||||
|
// Enable / disable layer suspension. If enabled, endpoints whose HD
|
||||||
|
// layers are not in use will be suspended (no longer sent) until they
|
||||||
|
// are requested again.
|
||||||
|
// enableLayerSuspension: false,
|
||||||
|
|
||||||
|
// Every participant after the Nth will start video muted.
|
||||||
|
startVideoMuted: ${START_VIDEO_MUTED},
|
||||||
|
|
||||||
|
// Start calls with video muted. Unlike the option above, this one is only
|
||||||
|
// applied locally. FIXME: having these 2 options is confusing.
|
||||||
|
// startWithVideoMuted: false,
|
||||||
|
|
||||||
|
// If set to true, prefer to use the H.264 video codec (if supported).
|
||||||
|
// Note that it's not recommended to do this because simulcast is not
|
||||||
|
// supported when using H.264. For 1-to-1 calls this setting is enabled by
|
||||||
|
// default and can be toggled in the p2p section.
|
||||||
|
// This option has been deprecated, use preferredCodec under videoQuality section instead.
|
||||||
|
// preferH264: true,
|
||||||
|
|
||||||
|
// If set to true, disable H.264 video codec by stripping it out of the
|
||||||
|
// SDP.
|
||||||
|
// disableH264: false,
|
||||||
|
|
||||||
|
// Desktop sharing
|
||||||
|
|
||||||
|
// Optional desktop sharing frame rate options. Default value: min:5, max:5.
|
||||||
|
// desktopSharingFrameRate: {
|
||||||
|
// min: 5,
|
||||||
|
// max: 5
|
||||||
|
// },
|
||||||
|
|
||||||
|
// Try to start calls with screen-sharing instead of camera video.
|
||||||
|
// startScreenSharing: false,
|
||||||
|
|
||||||
|
// Recording
|
||||||
|
|
||||||
|
// Whether to enable file recording or not.
|
||||||
|
// fileRecordingsEnabled: false,
|
||||||
|
// Enable the dropbox integration.
|
||||||
|
// dropbox: {
|
||||||
|
// appKey: '<APP_KEY>' // Specify your app key here.
|
||||||
|
// // A URL to redirect the user to, after authenticating
|
||||||
|
// // by default uses:
|
||||||
|
// // 'https://${JITSI_HOST}/static/oauth.html'
|
||||||
|
// redirectURI:
|
||||||
|
// 'https://${JITSI_HOST}/subfolder/static/oauth.html'
|
||||||
|
// },
|
||||||
|
// When integrations like dropbox are enabled only that will be shown,
|
||||||
|
// by enabling fileRecordingsServiceEnabled, we show both the integrations
|
||||||
|
// and the generic recording service (its configuration and storage type
|
||||||
|
// depends on jibri configuration)
|
||||||
|
// fileRecordingsServiceEnabled: false,
|
||||||
|
// Whether to show the possibility to share file recording with other people
|
||||||
|
// (e.g. meeting participants), based on the actual implementation
|
||||||
|
// on the backend.
|
||||||
|
// fileRecordingsServiceSharingEnabled: false,
|
||||||
|
|
||||||
|
// Whether to enable live streaming or not.
|
||||||
|
// liveStreamingEnabled: false,
|
||||||
|
|
||||||
|
// Transcription (in interface_config,
|
||||||
|
// subtitles and buttons can be configured)
|
||||||
|
// transcribingEnabled: false,
|
||||||
|
|
||||||
|
// Enables automatic turning on captions when recording is started
|
||||||
|
// autoCaptionOnRecord: false,
|
||||||
|
|
||||||
|
// Misc
|
||||||
|
|
||||||
|
// Default value for the channel "last N" attribute. -1 for unlimited.
|
||||||
|
channelLastN: ${CHANNEL_LAST_N},
|
||||||
|
|
||||||
|
// Provides a way to use different "last N" values based on the number of participants in the conference.
|
||||||
|
// The keys in an Object represent number of participants and the values are "last N" to be used when number of
|
||||||
|
// participants gets to or above the number.
|
||||||
|
//
|
||||||
|
// For the given example mapping, "last N" will be set to 20 as long as there are at least 5, but less than
|
||||||
|
// 29 participants in the call and it will be lowered to 15 when the 30th participant joins. The 'channelLastN'
|
||||||
|
// will be used as default until the first threshold is reached.
|
||||||
|
//
|
||||||
|
// lastNLimits: {
|
||||||
|
// 5: 20,
|
||||||
|
// 30: 15,
|
||||||
|
// 50: 10,
|
||||||
|
// 70: 5,
|
||||||
|
// 90: 2
|
||||||
|
// },
|
||||||
|
|
||||||
|
// Specify the settings for video quality optimizations on the client.
|
||||||
|
// videoQuality: {
|
||||||
|
// // Provides a way to prevent a video codec from being negotiated on the JVB connection. The codec specified
|
||||||
|
// // here will be removed from the list of codecs present in the SDP answer generated by the client. If the
|
||||||
|
// // same codec is specified for both the disabled and preferred option, the disable settings will prevail.
|
||||||
|
// // Note that 'VP8' cannot be disabled since it's a mandatory codec, the setting will be ignored in this case.
|
||||||
|
// disabledCodec: 'H264',
|
||||||
|
//
|
||||||
|
// // Provides a way to set a preferred video codec for the JVB connection. If 'H264' is specified here,
|
||||||
|
// // simulcast will be automatically disabled since JVB doesn't support H264 simulcast yet. This will only
|
||||||
|
// // rearrange the the preference order of the codecs in the SDP answer generated by the browser only if the
|
||||||
|
// // preferred codec specified here is present. Please ensure that the JVB offers the specified codec for this
|
||||||
|
// // to take effect.
|
||||||
|
// preferredCodec: 'VP8',
|
||||||
|
//
|
||||||
|
// // Provides a way to configure the maximum bitrates that will be enforced on the simulcast streams for
|
||||||
|
// // video tracks. The keys in the object represent the type of the stream (LD, SD or HD) and the values
|
||||||
|
// // are the max.bitrates to be set on that particular type of stream. The actual send may vary based on
|
||||||
|
// // the available bandwidth calculated by the browser, but it will be capped by the values specified here.
|
||||||
|
// // This is currently not implemented on app based clients on mobile.
|
||||||
|
// maxBitratesVideo: {
|
||||||
|
// low: 200000,
|
||||||
|
// standard: 500000,
|
||||||
|
// high: 1500000
|
||||||
|
// },
|
||||||
|
//
|
||||||
|
// // The options can be used to override default thresholds of video thumbnail heights corresponding to
|
||||||
|
// // the video quality levels used in the application. At the time of this writing the allowed levels are:
|
||||||
|
// // 'low' - for the low quality level (180p at the time of this writing)
|
||||||
|
// // 'standard' - for the medium quality level (360p)
|
||||||
|
// // 'high' - for the high quality level (720p)
|
||||||
|
// // The keys should be positive numbers which represent the minimal thumbnail height for the quality level.
|
||||||
|
// //
|
||||||
|
// // With the default config value below the application will use 'low' quality until the thumbnails are
|
||||||
|
// // at least 360 pixels tall. If the thumbnail height reaches 720 pixels then the application will switch to
|
||||||
|
// // the high quality.
|
||||||
|
// minHeightForQualityLvl: {
|
||||||
|
// 360: 'standard,
|
||||||
|
// 720: 'high'
|
||||||
|
// }
|
||||||
|
// },
|
||||||
|
|
||||||
|
// // Options for the recording limit notification.
|
||||||
|
// recordingLimit: {
|
||||||
|
//
|
||||||
|
// // The recording limit in minutes. Note: This number appears in the notification text
|
||||||
|
// // but doesn't enforce the actual recording time limit. This should be configured in
|
||||||
|
// // jibri!
|
||||||
|
// limit: 60,
|
||||||
|
//
|
||||||
|
// // The name of the app with unlimited recordings.
|
||||||
|
// appName: 'Unlimited recordings APP',
|
||||||
|
//
|
||||||
|
// // The URL of the app with unlimited recordings.
|
||||||
|
// appURL: 'https://unlimited.recordings.app.com/'
|
||||||
|
// },
|
||||||
|
|
||||||
|
// Disables or enables RTX (RFC 4588) (defaults to false).
|
||||||
|
// disableRtx: false,
|
||||||
|
|
||||||
|
// Disables or enables TCC (the default is in Jicofo and set to true)
|
||||||
|
// (draft-holmer-rmcat-transport-wide-cc-extensions-01). This setting
|
||||||
|
// affects congestion control, it practically enables send-side bandwidth
|
||||||
|
// estimations.
|
||||||
|
// enableTcc: true,
|
||||||
|
|
||||||
|
// Disables or enables REMB (the default is in Jicofo and set to false)
|
||||||
|
// (draft-alvestrand-rmcat-remb-03). This setting affects congestion
|
||||||
|
// control, it practically enables recv-side bandwidth estimations. When
|
||||||
|
// both TCC and REMB are enabled, TCC takes precedence. When both are
|
||||||
|
// disabled, then bandwidth estimations are disabled.
|
||||||
|
// enableRemb: false,
|
||||||
|
|
||||||
|
// Enables ICE restart logic in LJM and displays the page reload overlay on
|
||||||
|
// ICE failure. Current disabled by default because it's causing issues with
|
||||||
|
// signaling when Octo is enabled. Also when we do an "ICE restart"(which is
|
||||||
|
// not a real ICE restart), the client maintains the TCC sequence number
|
||||||
|
// counter, but the bridge resets it. The bridge sends media packets with
|
||||||
|
// TCC sequence numbers starting from 0.
|
||||||
|
// enableIceRestart: false,
|
||||||
|
|
||||||
|
// Defines the minimum number of participants to start a call (the default
|
||||||
|
// is set in Jicofo and set to 2).
|
||||||
|
// minParticipants: 2,
|
||||||
|
|
||||||
|
// Use TURN/UDP servers for the jitsi-videobridge connection (by default
|
||||||
|
// we filter out TURN/UDP because it is usually not needed since the
|
||||||
|
// bridge itself is reachable via UDP)
|
||||||
|
// useTurnUdp: false
|
||||||
|
|
||||||
|
// Enables / disables a data communication channel with the Videobridge.
|
||||||
|
// Values can be 'datachannel', 'websocket', true (treat it as
|
||||||
|
// 'datachannel'), undefined (treat it as 'datachannel') and false (don't
|
||||||
|
// open any channel).
|
||||||
|
// openBridgeChannel: true,
|
||||||
|
openBridgeChannel: 'websocket',
|
||||||
|
|
||||||
|
|
||||||
|
// UI
|
||||||
|
//
|
||||||
|
|
||||||
|
// Hides lobby button
|
||||||
|
// hideLobbyButton: false,
|
||||||
|
|
||||||
|
// Require users to always specify a display name.
|
||||||
|
// requireDisplayName: true,
|
||||||
|
|
||||||
|
// Whether to use a welcome page or not. In case it's false a random room
|
||||||
|
// will be joined when no room is specified.
|
||||||
|
enableWelcomePage: true,
|
||||||
|
|
||||||
|
// Enabling the close page will ignore the welcome page redirection when
|
||||||
|
// a call is hangup.
|
||||||
|
// enableClosePage: false,
|
||||||
|
|
||||||
|
// Disable hiding of remote thumbnails when in a 1-on-1 conference call.
|
||||||
|
// disable1On1Mode: false,
|
||||||
|
|
||||||
|
// Default language for the user interface.
|
||||||
|
defaultLanguage: '${DEFAULT_LANGUAGE}',
|
||||||
|
|
||||||
|
// If true all users without a token will be considered guests and all users
|
||||||
|
// with token will be considered non-guests. Only guests will be allowed to
|
||||||
|
// edit their profile.
|
||||||
|
enableUserRolesBasedOnToken: false,
|
||||||
|
|
||||||
|
// Whether or not some features are checked based on token.
|
||||||
|
// enableFeaturesBasedOnToken: false,
|
||||||
|
|
||||||
|
// Enable lock room for all moderators, even when userRolesBasedOnToken is enabled and participants are guests.
|
||||||
|
// lockRoomGuestEnabled: false,
|
||||||
|
|
||||||
|
// When enabled the password used for locking a room is restricted to up to the number of digits specified
|
||||||
|
// roomPasswordNumberOfDigits: 10,
|
||||||
|
// default: roomPasswordNumberOfDigits: false,
|
||||||
|
|
||||||
|
// Message to show the users. Example: 'The service will be down for
|
||||||
|
// maintenance at 01:00 AM GMT,
|
||||||
|
noticeMessage: '${NOTICE_MESSAGE}',
|
||||||
|
|
||||||
|
// Enables calendar integration, depends on googleApiApplicationClientID
|
||||||
|
// and microsoftApiApplicationClientID
|
||||||
|
// enableCalendarIntegration: false,
|
||||||
|
|
||||||
|
// When 'true', it shows an intermediate page before joining, where the user can configure their devices.
|
||||||
|
// prejoinPageEnabled: false,
|
||||||
|
|
||||||
|
// If true, shows the unsafe room name warning label when a room name is
|
||||||
|
// deemed unsafe (due to the simplicity in the name) and a password is not
|
||||||
|
// set or the lobby is not enabled.
|
||||||
|
// enableInsecureRoomNameWarning: false,
|
||||||
|
|
||||||
|
// Whether to automatically copy invitation URL after creating a room.
|
||||||
|
// Document should be focused for this option to work
|
||||||
|
// enableAutomaticUrlCopy: false,
|
||||||
|
|
||||||
|
// Stats
|
||||||
|
//
|
||||||
|
|
||||||
|
// Whether to enable stats collection or not in the TraceablePeerConnection.
|
||||||
|
// This can be useful for debugging purposes (post-processing/analysis of
|
||||||
|
// the webrtc stats) as it is done in the jitsi-meet-torture bandwidth
|
||||||
|
// estimation tests.
|
||||||
|
// gatherStats: false,
|
||||||
|
|
||||||
|
// The interval at which PeerConnection.getStats() is called. Defaults to 10000
|
||||||
|
// pcStatsInterval: 10000,
|
||||||
|
|
||||||
|
// To enable sending statistics to callstats.io you must provide the
|
||||||
|
// Application ID and Secret.
|
||||||
|
// callStatsID: '',
|
||||||
|
// callStatsSecret: '',
|
||||||
|
|
||||||
|
// Enables sending participants' display names to callstats
|
||||||
|
// enableDisplayNameInStats: false,
|
||||||
|
|
||||||
|
// Enables sending participants' emails (if available) to callstats and other analytics
|
||||||
|
// enableEmailInStats: false,
|
||||||
|
|
||||||
|
// Privacy
|
||||||
|
//
|
||||||
|
|
||||||
|
// If third party requests are disabled, no other server will be contacted.
|
||||||
|
// This means avatars will be locally generated and callstats integration
|
||||||
|
// will not function.
|
||||||
|
disableThirdPartyRequests: $(if [ -z "${ENABLE_THIRD_PARTY_REQUESTS}" ]; then printf "true"; else printf "false"; fi),
|
||||||
|
|
||||||
|
|
||||||
|
// Peer-To-Peer mode: used (if enabled) when there are just 2 participants.
|
||||||
|
//
|
||||||
|
|
||||||
|
p2p: {
|
||||||
|
// Enables peer to peer mode. When enabled the system will try to
|
||||||
|
// establish a direct connection when there are exactly 2 participants
|
||||||
|
// in the room. If that succeeds the conference will stop sending data
|
||||||
|
// through the JVB and use the peer to peer connection instead. When a
|
||||||
|
// 3rd participant joins the conference will be moved back to the JVB
|
||||||
|
// connection.
|
||||||
|
enabled: true,
|
||||||
|
|
||||||
|
// The STUN servers that will be used in the peer to peer connections
|
||||||
|
stunServers: [
|
||||||
|
|
||||||
|
{ urls: 'stun:${TURN_SERVER}:443' }
|
||||||
|
]
|
||||||
|
|
||||||
|
// Sets the ICE transport policy for the p2p connection. At the time
|
||||||
|
// of this writing the list of possible values are 'all' and 'relay',
|
||||||
|
// but that is subject to change in the future. The enum is defined in
|
||||||
|
// the WebRTC standard:
|
||||||
|
// https://www.w3.org/TR/webrtc/#rtcicetransportpolicy-enum.
|
||||||
|
// If not set, the effective value is 'all'.
|
||||||
|
// iceTransportPolicy: 'all',
|
||||||
|
|
||||||
|
// If set to true, it will prefer to use H.264 for P2P calls (if H.264
|
||||||
|
// is supported). This setting is deprecated, use preferredCodec instead.
|
||||||
|
// preferH264: true
|
||||||
|
|
||||||
|
// Provides a way to set the video codec preference on the p2p connection. Acceptable
|
||||||
|
// codec values are 'VP8', 'VP9' and 'H264'.
|
||||||
|
// preferredCodec: 'H264',
|
||||||
|
|
||||||
|
// If set to true, disable H.264 video codec by stripping it out of the
|
||||||
|
// SDP. This setting is deprecated, use disabledCodec instead.
|
||||||
|
// disableH264: false,
|
||||||
|
|
||||||
|
// Provides a way to prevent a video codec from being negotiated on the p2p connection.
|
||||||
|
// disabledCodec: '',
|
||||||
|
|
||||||
|
// How long we're going to wait, before going back to P2P after the 3rd
|
||||||
|
// participant has left the conference (to filter out page reload).
|
||||||
|
// backToP2PDelay: 5
|
||||||
|
},
|
||||||
|
|
||||||
|
analytics: {
|
||||||
|
// The Google Analytics Tracking ID:
|
||||||
|
// googleAnalyticsTrackingId: 'your-tracking-id-UA-123456-1'
|
||||||
|
|
||||||
|
// Matomo configuration:
|
||||||
|
// matomoEndpoint: 'https://your-matomo-endpoint/',
|
||||||
|
// matomoSiteID: '42',
|
||||||
|
|
||||||
|
// The Amplitude APP Key:
|
||||||
|
// amplitudeAPPKey: '<APP_KEY>'
|
||||||
|
|
||||||
|
// Configuration for the rtcstats server:
|
||||||
|
// By enabling rtcstats server every time a conference is joined the rtcstats
|
||||||
|
// module connects to the provided rtcstatsEndpoint and sends statistics regarding
|
||||||
|
// PeerConnection states along with getStats metrics polled at the specified
|
||||||
|
// interval.
|
||||||
|
// rtcstatsEnabled: true,
|
||||||
|
|
||||||
|
// In order to enable rtcstats one needs to provide a endpoint url.
|
||||||
|
// rtcstatsEndpoint: wss://rtcstats-server-pilot.jitsi.net/,
|
||||||
|
|
||||||
|
// The interval at which rtcstats will poll getStats, defaults to 1000ms.
|
||||||
|
// If the value is set to 0 getStats won't be polled and the rtcstats client
|
||||||
|
// will only send data related to RTCPeerConnection events.
|
||||||
|
// rtcstatsPolIInterval: 1000
|
||||||
|
|
||||||
|
// Array of script URLs to load as lib-jitsi-meet "analytics handlers".
|
||||||
|
// scriptURLs: [
|
||||||
|
// "libs/analytics-ga.min.js", // google-analytics
|
||||||
|
// "https://example.com/my-custom-analytics.js"
|
||||||
|
// ],
|
||||||
|
},
|
||||||
|
|
||||||
|
// Logs that should go be passed through the 'log' event if a handler is defined for it
|
||||||
|
// apiLogLevels: ['warn', 'log', 'error', 'info', 'debug'],
|
||||||
|
|
||||||
|
// Information about the jitsi-meet instance we are connecting to, including
|
||||||
|
// the user region as seen by the server.
|
||||||
|
deploymentInfo: {
|
||||||
|
// shard: "shard1",
|
||||||
|
// region: "europe",
|
||||||
|
// userRegion: "asia"
|
||||||
|
},
|
||||||
|
|
||||||
|
// Decides whether the start/stop recording audio notifications should play on record.
|
||||||
|
// disableRecordAudioNotification: false,
|
||||||
|
|
||||||
|
// Information for the chrome extension banner
|
||||||
|
// chromeExtensionBanner: {
|
||||||
|
// // The chrome extension to be installed address
|
||||||
|
// url: 'https://chrome.google.com/webstore/detail/jitsi-meetings/kglhbbefdnlheedjiejgomgmfplipfeb',
|
||||||
|
|
||||||
|
// // Extensions info which allows checking if they are installed or not
|
||||||
|
// chromeExtensionsInfo: [
|
||||||
|
// {
|
||||||
|
// id: 'kglhbbefdnlheedjiejgomgmfplipfeb',
|
||||||
|
// path: 'jitsi-logo-48x48.png'
|
||||||
|
// }
|
||||||
|
// ]
|
||||||
|
// },
|
||||||
|
|
||||||
|
// Local Recording
|
||||||
|
//
|
||||||
|
|
||||||
|
// localRecording: {
|
||||||
|
// Enables local recording.
|
||||||
|
// Additionally, 'localrecording' (all lowercase) needs to be added to
|
||||||
|
// TOOLBAR_BUTTONS in interface_config.js for the Local Recording
|
||||||
|
// button to show up on the toolbar.
|
||||||
|
//
|
||||||
|
// enabled: true,
|
||||||
|
//
|
||||||
|
|
||||||
|
// The recording format, can be one of 'ogg', 'flac' or 'wav'.
|
||||||
|
// format: 'flac'
|
||||||
|
//
|
||||||
|
|
||||||
|
// },
|
||||||
|
|
||||||
|
// Options related to end-to-end (participant to participant) ping.
|
||||||
|
// e2eping: {
|
||||||
|
// // The interval in milliseconds at which pings will be sent.
|
||||||
|
// // Defaults to 10000, set to <= 0 to disable.
|
||||||
|
// pingInterval: 10000,
|
||||||
|
//
|
||||||
|
// // The interval in milliseconds at which analytics events
|
||||||
|
// // with the measured RTT will be sent. Defaults to 60000, set
|
||||||
|
// // to <= 0 to disable.
|
||||||
|
// analyticsInterval: 60000,
|
||||||
|
// },
|
||||||
|
|
||||||
|
// If set, will attempt to use the provided video input device label when
|
||||||
|
// triggering a screenshare, instead of proceeding through the normal flow
|
||||||
|
// for obtaining a desktop stream.
|
||||||
|
// NOTE: This option is experimental and is currently intended for internal
|
||||||
|
// use only.
|
||||||
|
// _desktopSharingSourceDevice: 'sample-id-or-label',
|
||||||
|
|
||||||
|
// If true, any checks to handoff to another application will be prevented
|
||||||
|
// and instead the app will continue to display in the current browser.
|
||||||
|
// disableDeepLinking: false,
|
||||||
|
|
||||||
|
// A property to disable the right click context menu for localVideo
|
||||||
|
// the menu has option to flip the locally seen video for local presentations
|
||||||
|
// disableLocalVideoFlip: false,
|
||||||
|
|
||||||
|
// Mainly privacy related settings
|
||||||
|
|
||||||
|
// Disables all invite functions from the app (share, invite, dial out...etc)
|
||||||
|
// disableInviteFunctions: true,
|
||||||
|
|
||||||
|
// Disables storing the room name to the recents list
|
||||||
|
// doNotStoreRoom: true,
|
||||||
|
|
||||||
|
// Deployment specific URLs.
|
||||||
|
// deploymentUrls: {
|
||||||
|
// // If specified a 'Help' button will be displayed in the overflow menu with a link to the specified URL for
|
||||||
|
// // user documentation.
|
||||||
|
// userDocumentationURL: 'https://docs.example.com/video-meetings.html',
|
||||||
|
// // If specified a 'Download our apps' button will be displayed in the overflow menu with a link
|
||||||
|
// // to the specified URL for an app download page.
|
||||||
|
// downloadAppsUrl: 'https://docs.example.com/our-apps.html'
|
||||||
|
// },
|
||||||
|
|
||||||
|
// Options related to the remote participant menu.
|
||||||
|
// remoteVideoMenu: {
|
||||||
|
// // If set to true the 'Kick out' button will be disabled.
|
||||||
|
// disableKick: true
|
||||||
|
// },
|
||||||
|
|
||||||
|
// If set to true all muting operations of remote participants will be disabled.
|
||||||
|
// disableRemoteMute: true,
|
||||||
|
|
||||||
|
/**
|
||||||
|
External API url used to receive branding specific information.
|
||||||
|
If there is no url set or there are missing fields, the defaults are applied.
|
||||||
|
None of the fields are mandatory and the response must have the shape:
|
||||||
|
{
|
||||||
|
// The hex value for the colour used as background
|
||||||
|
backgroundColor: '#fff',
|
||||||
|
// The url for the image used as background
|
||||||
|
backgroundImageUrl: 'https://example.com/background-img.png',
|
||||||
|
// The anchor url used when clicking the logo image
|
||||||
|
logoClickUrl: 'https://example-company.org',
|
||||||
|
// The url used for the image used as logo
|
||||||
|
logoImageUrl: 'https://example.com/logo-img.png'
|
||||||
|
}
|
||||||
|
*/
|
||||||
|
brandingDataUrl: "$(if [ -n "${BRANDING_JSON}" ]; then printf "/branding.json"; fi)",
|
||||||
|
|
||||||
|
// The URL of the moderated rooms microservice, if available. If it
|
||||||
|
// is present, a link to the service will be rendered on the welcome page,
|
||||||
|
// otherwise the app doesn't render it.
|
||||||
|
// moderatedRoomServiceUrl: 'https://moderated.${JITSI_HOST}',
|
||||||
|
|
||||||
|
// List of undocumented settings used in jitsi-meet
|
||||||
|
/**
|
||||||
|
_immediateReloadThreshold
|
||||||
|
debug
|
||||||
|
debugAudioLevels
|
||||||
|
deploymentInfo
|
||||||
|
dialInConfCodeUrl
|
||||||
|
dialInNumbersUrl
|
||||||
|
dialOutAuthUrl
|
||||||
|
dialOutCodesUrl
|
||||||
|
disableRemoteControl
|
||||||
|
displayJids
|
||||||
|
etherpad_base
|
||||||
|
externalConnectUrl
|
||||||
|
firefox_fake_device
|
||||||
|
googleApiApplicationClientID
|
||||||
|
iAmRecorder
|
||||||
|
iAmSipGateway
|
||||||
|
microsoftApiApplicationClientID
|
||||||
|
peopleSearchQueryTypes
|
||||||
|
peopleSearchUrl
|
||||||
|
requireDisplayName
|
||||||
|
tokenAuthUrl
|
||||||
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This property can be used to alter the generated meeting invite links (in combination with a branding domain
|
||||||
|
* which is retrieved internally by jitsi meet) (e.g. https://meet.jit.si/someMeeting
|
||||||
|
* can become https://brandedDomain/roomAlias)
|
||||||
|
*/
|
||||||
|
// brandingRoomAlias: null,
|
||||||
|
|
||||||
|
// List of undocumented settings used in lib-jitsi-meet
|
||||||
|
/**
|
||||||
|
_peerConnStatusOutOfLastNTimeout
|
||||||
|
_peerConnStatusRtcMuteTimeout
|
||||||
|
abTesting
|
||||||
|
avgRtpStatsN
|
||||||
|
callStatsConfIDNamespace
|
||||||
|
callStatsCustomScriptUrl
|
||||||
|
desktopSharingSources
|
||||||
|
disableAEC
|
||||||
|
disableAGC
|
||||||
|
disableAP
|
||||||
|
disableHPF
|
||||||
|
disableNS
|
||||||
|
enableLipSync
|
||||||
|
enableTalkWhileMuted
|
||||||
|
forceJVB121Ratio
|
||||||
|
hiddenDomain
|
||||||
|
ignoreStartMuted
|
||||||
|
nick
|
||||||
|
startBitrate
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
// Allow all above example options to include a trailing comma and
|
||||||
|
// prevent fear when commenting out the last value.
|
||||||
|
makeJsonParserHappy: 'even if last key had a trailing comma'
|
||||||
|
|
||||||
|
// no configuration value should follow this line.
|
||||||
|
};
|
||||||
|
|
||||||
|
/* eslint-enable no-unused-vars, no-var */
|
||||||
|
EOF
|
||||||
|
)"
|
694
type/__evilham_jitsi_meet_domain/files/config.js.sh.orig
Normal file
694
type/__evilham_jitsi_meet_domain/files/config.js.sh.orig
Normal file
|
@ -0,0 +1,694 @@
|
||||||
|
/* eslint-disable no-unused-vars, no-var */
|
||||||
|
|
||||||
|
var config = {
|
||||||
|
// Connection
|
||||||
|
//
|
||||||
|
|
||||||
|
hosts: {
|
||||||
|
// XMPP domain.
|
||||||
|
domain: 'jitsi-meet.example.org',
|
||||||
|
|
||||||
|
// When using authentication, domain for guest users.
|
||||||
|
// anonymousdomain: 'guest.example.com',
|
||||||
|
|
||||||
|
// Domain for authenticated users. Defaults to <domain>.
|
||||||
|
// authdomain: 'jitsi-meet.example.org',
|
||||||
|
|
||||||
|
// Call control component (Jigasi).
|
||||||
|
// call_control: 'callcontrol.jitsi-meet.example.org',
|
||||||
|
|
||||||
|
// Focus component domain. Defaults to focus.<domain>.
|
||||||
|
// focus: 'focus.jitsi-meet.example.org',
|
||||||
|
|
||||||
|
// XMPP MUC domain. FIXME: use XEP-0030 to discover it.
|
||||||
|
muc: 'conference.<!--# echo var="subdomain" default="" -->jitsi-meet.example.org'
|
||||||
|
},
|
||||||
|
|
||||||
|
// BOSH URL. FIXME: use XEP-0156 to discover it.
|
||||||
|
bosh: '//jitsi-meet.example.org/http-bind',
|
||||||
|
|
||||||
|
// Websocket URL
|
||||||
|
// websocket: 'wss://jitsi-meet.example.org/xmpp-websocket',
|
||||||
|
|
||||||
|
// The name of client node advertised in XEP-0115 'c' stanza
|
||||||
|
clientNode: 'http://jitsi.org/jitsimeet',
|
||||||
|
|
||||||
|
// The real JID of focus participant - can be overridden here
|
||||||
|
// Do not change username - FIXME: Make focus username configurable
|
||||||
|
// https://github.com/jitsi/jitsi-meet/issues/7376
|
||||||
|
// focusUserJid: 'focus@auth.jitsi-meet.example.org',
|
||||||
|
|
||||||
|
|
||||||
|
// Testing / experimental features.
|
||||||
|
//
|
||||||
|
|
||||||
|
testing: {
|
||||||
|
// Disables the End to End Encryption feature. Useful for debugging
|
||||||
|
// issues related to insertable streams.
|
||||||
|
// disableE2EE: false,
|
||||||
|
|
||||||
|
// P2P test mode disables automatic switching to P2P when there are 2
|
||||||
|
// participants in the conference.
|
||||||
|
p2pTestMode: false
|
||||||
|
|
||||||
|
// Enables the test specific features consumed by jitsi-meet-torture
|
||||||
|
// testMode: false
|
||||||
|
|
||||||
|
// Disables the auto-play behavior of *all* newly created video element.
|
||||||
|
// This is useful when the client runs on a host with limited resources.
|
||||||
|
// noAutoPlayVideo: false
|
||||||
|
|
||||||
|
// Enable / disable 500 Kbps bitrate cap on desktop tracks. When enabled,
|
||||||
|
// simulcast is turned off for the desktop share. If presenter is turned
|
||||||
|
// on while screensharing is in progress, the max bitrate is automatically
|
||||||
|
// adjusted to 2.5 Mbps. This takes a value between 0 and 1 which determines
|
||||||
|
// the probability for this to be enabled.
|
||||||
|
// capScreenshareBitrate: 1 // 0 to disable
|
||||||
|
|
||||||
|
// Enable callstats only for a percentage of users.
|
||||||
|
// This takes a value between 0 and 100 which determines the probability for
|
||||||
|
// the callstats to be enabled.
|
||||||
|
// callStatsThreshold: 5 // enable callstats for 5% of the users.
|
||||||
|
},
|
||||||
|
|
||||||
|
// Disables ICE/UDP by filtering out local and remote UDP candidates in
|
||||||
|
// signalling.
|
||||||
|
// webrtcIceUdpDisable: false,
|
||||||
|
|
||||||
|
// Disables ICE/TCP by filtering out local and remote TCP candidates in
|
||||||
|
// signalling.
|
||||||
|
// webrtcIceTcpDisable: false,
|
||||||
|
|
||||||
|
|
||||||
|
// Media
|
||||||
|
//
|
||||||
|
|
||||||
|
// Audio
|
||||||
|
|
||||||
|
// Disable measuring of audio levels.
|
||||||
|
// disableAudioLevels: false,
|
||||||
|
// audioLevelsInterval: 200,
|
||||||
|
|
||||||
|
// Enabling this will run the lib-jitsi-meet no audio detection module which
|
||||||
|
// will notify the user if the current selected microphone has no audio
|
||||||
|
// input and will suggest another valid device if one is present.
|
||||||
|
enableNoAudioDetection: true,
|
||||||
|
|
||||||
|
// Enabling this will run the lib-jitsi-meet noise detection module which will
|
||||||
|
// notify the user if there is noise, other than voice, coming from the current
|
||||||
|
// selected microphone. The purpose it to let the user know that the input could
|
||||||
|
// be potentially unpleasant for other meeting participants.
|
||||||
|
enableNoisyMicDetection: true,
|
||||||
|
|
||||||
|
// Start the conference in audio only mode (no video is being received nor
|
||||||
|
// sent).
|
||||||
|
// startAudioOnly: false,
|
||||||
|
|
||||||
|
// Every participant after the Nth will start audio muted.
|
||||||
|
// startAudioMuted: 10,
|
||||||
|
|
||||||
|
// Start calls with audio muted. Unlike the option above, this one is only
|
||||||
|
// applied locally. FIXME: having these 2 options is confusing.
|
||||||
|
// startWithAudioMuted: false,
|
||||||
|
|
||||||
|
// Enabling it (with #params) will disable local audio output of remote
|
||||||
|
// participants and to enable it back a reload is needed.
|
||||||
|
// startSilent: false
|
||||||
|
|
||||||
|
// Sets the preferred target bitrate for the Opus audio codec by setting its
|
||||||
|
// 'maxaveragebitrate' parameter. Currently not available in p2p mode.
|
||||||
|
// Valid values are in the range 6000 to 510000
|
||||||
|
// opusMaxAverageBitrate: 20000,
|
||||||
|
|
||||||
|
// Enables redundancy for Opus
|
||||||
|
// enableOpusRed: false
|
||||||
|
|
||||||
|
// Video
|
||||||
|
|
||||||
|
// Sets the preferred resolution (height) for local video. Defaults to 720.
|
||||||
|
// resolution: 720,
|
||||||
|
|
||||||
|
// How many participants while in the tile view mode, before the receiving video quality is reduced from HD to SD.
|
||||||
|
// Use -1 to disable.
|
||||||
|
// maxFullResolutionParticipants: 2,
|
||||||
|
|
||||||
|
// w3c spec-compliant video constraints to use for video capture. Currently
|
||||||
|
// used by browsers that return true from lib-jitsi-meet's
|
||||||
|
// util#browser#usesNewGumFlow. The constraints are independent from
|
||||||
|
// this config's resolution value. Defaults to requesting an ideal
|
||||||
|
// resolution of 720p.
|
||||||
|
// constraints: {
|
||||||
|
// video: {
|
||||||
|
// height: {
|
||||||
|
// ideal: 720,
|
||||||
|
// max: 720,
|
||||||
|
// min: 240
|
||||||
|
// }
|
||||||
|
// }
|
||||||
|
// },
|
||||||
|
|
||||||
|
// Enable / disable simulcast support.
|
||||||
|
// disableSimulcast: false,
|
||||||
|
|
||||||
|
// Enable / disable layer suspension. If enabled, endpoints whose HD
|
||||||
|
// layers are not in use will be suspended (no longer sent) until they
|
||||||
|
// are requested again.
|
||||||
|
// enableLayerSuspension: false,
|
||||||
|
|
||||||
|
// Every participant after the Nth will start video muted.
|
||||||
|
// startVideoMuted: 10,
|
||||||
|
|
||||||
|
// Start calls with video muted. Unlike the option above, this one is only
|
||||||
|
// applied locally. FIXME: having these 2 options is confusing.
|
||||||
|
// startWithVideoMuted: false,
|
||||||
|
|
||||||
|
// If set to true, prefer to use the H.264 video codec (if supported).
|
||||||
|
// Note that it's not recommended to do this because simulcast is not
|
||||||
|
// supported when using H.264. For 1-to-1 calls this setting is enabled by
|
||||||
|
// default and can be toggled in the p2p section.
|
||||||
|
// This option has been deprecated, use preferredCodec under videoQuality section instead.
|
||||||
|
// preferH264: true,
|
||||||
|
|
||||||
|
// If set to true, disable H.264 video codec by stripping it out of the
|
||||||
|
// SDP.
|
||||||
|
// disableH264: false,
|
||||||
|
|
||||||
|
// Desktop sharing
|
||||||
|
|
||||||
|
// Optional desktop sharing frame rate options. Default value: min:5, max:5.
|
||||||
|
// desktopSharingFrameRate: {
|
||||||
|
// min: 5,
|
||||||
|
// max: 5
|
||||||
|
// },
|
||||||
|
|
||||||
|
// Try to start calls with screen-sharing instead of camera video.
|
||||||
|
// startScreenSharing: false,
|
||||||
|
|
||||||
|
// Recording
|
||||||
|
|
||||||
|
// Whether to enable file recording or not.
|
||||||
|
// fileRecordingsEnabled: false,
|
||||||
|
// Enable the dropbox integration.
|
||||||
|
// dropbox: {
|
||||||
|
// appKey: '<APP_KEY>' // Specify your app key here.
|
||||||
|
// // A URL to redirect the user to, after authenticating
|
||||||
|
// // by default uses:
|
||||||
|
// // 'https://jitsi-meet.example.org/static/oauth.html'
|
||||||
|
// redirectURI:
|
||||||
|
// 'https://jitsi-meet.example.org/subfolder/static/oauth.html'
|
||||||
|
// },
|
||||||
|
// When integrations like dropbox are enabled only that will be shown,
|
||||||
|
// by enabling fileRecordingsServiceEnabled, we show both the integrations
|
||||||
|
// and the generic recording service (its configuration and storage type
|
||||||
|
// depends on jibri configuration)
|
||||||
|
// fileRecordingsServiceEnabled: false,
|
||||||
|
// Whether to show the possibility to share file recording with other people
|
||||||
|
// (e.g. meeting participants), based on the actual implementation
|
||||||
|
// on the backend.
|
||||||
|
// fileRecordingsServiceSharingEnabled: false,
|
||||||
|
|
||||||
|
// Whether to enable live streaming or not.
|
||||||
|
// liveStreamingEnabled: false,
|
||||||
|
|
||||||
|
// Transcription (in interface_config,
|
||||||
|
// subtitles and buttons can be configured)
|
||||||
|
// transcribingEnabled: false,
|
||||||
|
|
||||||
|
// Enables automatic turning on captions when recording is started
|
||||||
|
// autoCaptionOnRecord: false,
|
||||||
|
|
||||||
|
// Misc
|
||||||
|
|
||||||
|
// Default value for the channel "last N" attribute. -1 for unlimited.
|
||||||
|
channelLastN: -1,
|
||||||
|
|
||||||
|
// Provides a way to use different "last N" values based on the number of participants in the conference.
|
||||||
|
// The keys in an Object represent number of participants and the values are "last N" to be used when number of
|
||||||
|
// participants gets to or above the number.
|
||||||
|
//
|
||||||
|
// For the given example mapping, "last N" will be set to 20 as long as there are at least 5, but less than
|
||||||
|
// 29 participants in the call and it will be lowered to 15 when the 30th participant joins. The 'channelLastN'
|
||||||
|
// will be used as default until the first threshold is reached.
|
||||||
|
//
|
||||||
|
// lastNLimits: {
|
||||||
|
// 5: 20,
|
||||||
|
// 30: 15,
|
||||||
|
// 50: 10,
|
||||||
|
// 70: 5,
|
||||||
|
// 90: 2
|
||||||
|
// },
|
||||||
|
|
||||||
|
// Specify the settings for video quality optimizations on the client.
|
||||||
|
// videoQuality: {
|
||||||
|
// // Provides a way to prevent a video codec from being negotiated on the JVB connection. The codec specified
|
||||||
|
// // here will be removed from the list of codecs present in the SDP answer generated by the client. If the
|
||||||
|
// // same codec is specified for both the disabled and preferred option, the disable settings will prevail.
|
||||||
|
// // Note that 'VP8' cannot be disabled since it's a mandatory codec, the setting will be ignored in this case.
|
||||||
|
// disabledCodec: 'H264',
|
||||||
|
//
|
||||||
|
// // Provides a way to set a preferred video codec for the JVB connection. If 'H264' is specified here,
|
||||||
|
// // simulcast will be automatically disabled since JVB doesn't support H264 simulcast yet. This will only
|
||||||
|
// // rearrange the the preference order of the codecs in the SDP answer generated by the browser only if the
|
||||||
|
// // preferred codec specified here is present. Please ensure that the JVB offers the specified codec for this
|
||||||
|
// // to take effect.
|
||||||
|
// preferredCodec: 'VP8',
|
||||||
|
//
|
||||||
|
// // Provides a way to configure the maximum bitrates that will be enforced on the simulcast streams for
|
||||||
|
// // video tracks. The keys in the object represent the type of the stream (LD, SD or HD) and the values
|
||||||
|
// // are the max.bitrates to be set on that particular type of stream. The actual send may vary based on
|
||||||
|
// // the available bandwidth calculated by the browser, but it will be capped by the values specified here.
|
||||||
|
// // This is currently not implemented on app based clients on mobile.
|
||||||
|
// maxBitratesVideo: {
|
||||||
|
// low: 200000,
|
||||||
|
// standard: 500000,
|
||||||
|
// high: 1500000
|
||||||
|
// },
|
||||||
|
//
|
||||||
|
// // The options can be used to override default thresholds of video thumbnail heights corresponding to
|
||||||
|
// // the video quality levels used in the application. At the time of this writing the allowed levels are:
|
||||||
|
// // 'low' - for the low quality level (180p at the time of this writing)
|
||||||
|
// // 'standard' - for the medium quality level (360p)
|
||||||
|
// // 'high' - for the high quality level (720p)
|
||||||
|
// // The keys should be positive numbers which represent the minimal thumbnail height for the quality level.
|
||||||
|
// //
|
||||||
|
// // With the default config value below the application will use 'low' quality until the thumbnails are
|
||||||
|
// // at least 360 pixels tall. If the thumbnail height reaches 720 pixels then the application will switch to
|
||||||
|
// // the high quality.
|
||||||
|
// minHeightForQualityLvl: {
|
||||||
|
// 360: 'standard,
|
||||||
|
// 720: 'high'
|
||||||
|
// }
|
||||||
|
// },
|
||||||
|
|
||||||
|
// // Options for the recording limit notification.
|
||||||
|
// recordingLimit: {
|
||||||
|
//
|
||||||
|
// // The recording limit in minutes. Note: This number appears in the notification text
|
||||||
|
// // but doesn't enforce the actual recording time limit. This should be configured in
|
||||||
|
// // jibri!
|
||||||
|
// limit: 60,
|
||||||
|
//
|
||||||
|
// // The name of the app with unlimited recordings.
|
||||||
|
// appName: 'Unlimited recordings APP',
|
||||||
|
//
|
||||||
|
// // The URL of the app with unlimited recordings.
|
||||||
|
// appURL: 'https://unlimited.recordings.app.com/'
|
||||||
|
// },
|
||||||
|
|
||||||
|
// Disables or enables RTX (RFC 4588) (defaults to false).
|
||||||
|
// disableRtx: false,
|
||||||
|
|
||||||
|
// Disables or enables TCC (the default is in Jicofo and set to true)
|
||||||
|
// (draft-holmer-rmcat-transport-wide-cc-extensions-01). This setting
|
||||||
|
// affects congestion control, it practically enables send-side bandwidth
|
||||||
|
// estimations.
|
||||||
|
// enableTcc: true,
|
||||||
|
|
||||||
|
// Disables or enables REMB (the default is in Jicofo and set to false)
|
||||||
|
// (draft-alvestrand-rmcat-remb-03). This setting affects congestion
|
||||||
|
// control, it practically enables recv-side bandwidth estimations. When
|
||||||
|
// both TCC and REMB are enabled, TCC takes precedence. When both are
|
||||||
|
// disabled, then bandwidth estimations are disabled.
|
||||||
|
// enableRemb: false,
|
||||||
|
|
||||||
|
// Enables ICE restart logic in LJM and displays the page reload overlay on
|
||||||
|
// ICE failure. Current disabled by default because it's causing issues with
|
||||||
|
// signaling when Octo is enabled. Also when we do an "ICE restart"(which is
|
||||||
|
// not a real ICE restart), the client maintains the TCC sequence number
|
||||||
|
// counter, but the bridge resets it. The bridge sends media packets with
|
||||||
|
// TCC sequence numbers starting from 0.
|
||||||
|
// enableIceRestart: false,
|
||||||
|
|
||||||
|
// Defines the minimum number of participants to start a call (the default
|
||||||
|
// is set in Jicofo and set to 2).
|
||||||
|
// minParticipants: 2,
|
||||||
|
|
||||||
|
// Use TURN/UDP servers for the jitsi-videobridge connection (by default
|
||||||
|
// we filter out TURN/UDP because it is usually not needed since the
|
||||||
|
// bridge itself is reachable via UDP)
|
||||||
|
// useTurnUdp: false
|
||||||
|
|
||||||
|
// Enables / disables a data communication channel with the Videobridge.
|
||||||
|
// Values can be 'datachannel', 'websocket', true (treat it as
|
||||||
|
// 'datachannel'), undefined (treat it as 'datachannel') and false (don't
|
||||||
|
// open any channel).
|
||||||
|
// openBridgeChannel: true,
|
||||||
|
openBridgeChannel: 'websocket',
|
||||||
|
|
||||||
|
|
||||||
|
// UI
|
||||||
|
//
|
||||||
|
|
||||||
|
// Hides lobby button
|
||||||
|
// hideLobbyButton: false,
|
||||||
|
|
||||||
|
// Require users to always specify a display name.
|
||||||
|
// requireDisplayName: true,
|
||||||
|
|
||||||
|
// Whether to use a welcome page or not. In case it's false a random room
|
||||||
|
// will be joined when no room is specified.
|
||||||
|
enableWelcomePage: true,
|
||||||
|
|
||||||
|
// Enabling the close page will ignore the welcome page redirection when
|
||||||
|
// a call is hangup.
|
||||||
|
// enableClosePage: false,
|
||||||
|
|
||||||
|
// Disable hiding of remote thumbnails when in a 1-on-1 conference call.
|
||||||
|
// disable1On1Mode: false,
|
||||||
|
|
||||||
|
// Default language for the user interface.
|
||||||
|
// defaultLanguage: 'en',
|
||||||
|
|
||||||
|
// If true all users without a token will be considered guests and all users
|
||||||
|
// with token will be considered non-guests. Only guests will be allowed to
|
||||||
|
// edit their profile.
|
||||||
|
enableUserRolesBasedOnToken: false,
|
||||||
|
|
||||||
|
// Whether or not some features are checked based on token.
|
||||||
|
// enableFeaturesBasedOnToken: false,
|
||||||
|
|
||||||
|
// Enable lock room for all moderators, even when userRolesBasedOnToken is enabled and participants are guests.
|
||||||
|
// lockRoomGuestEnabled: false,
|
||||||
|
|
||||||
|
// When enabled the password used for locking a room is restricted to up to the number of digits specified
|
||||||
|
// roomPasswordNumberOfDigits: 10,
|
||||||
|
// default: roomPasswordNumberOfDigits: false,
|
||||||
|
|
||||||
|
// Message to show the users. Example: 'The service will be down for
|
||||||
|
// maintenance at 01:00 AM GMT,
|
||||||
|
// noticeMessage: '',
|
||||||
|
|
||||||
|
// Enables calendar integration, depends on googleApiApplicationClientID
|
||||||
|
// and microsoftApiApplicationClientID
|
||||||
|
// enableCalendarIntegration: false,
|
||||||
|
|
||||||
|
// When 'true', it shows an intermediate page before joining, where the user can configure their devices.
|
||||||
|
// prejoinPageEnabled: false,
|
||||||
|
|
||||||
|
// If true, shows the unsafe room name warning label when a room name is
|
||||||
|
// deemed unsafe (due to the simplicity in the name) and a password is not
|
||||||
|
// set or the lobby is not enabled.
|
||||||
|
// enableInsecureRoomNameWarning: false,
|
||||||
|
|
||||||
|
// Whether to automatically copy invitation URL after creating a room.
|
||||||
|
// Document should be focused for this option to work
|
||||||
|
// enableAutomaticUrlCopy: false,
|
||||||
|
|
||||||
|
// Stats
|
||||||
|
//
|
||||||
|
|
||||||
|
// Whether to enable stats collection or not in the TraceablePeerConnection.
|
||||||
|
// This can be useful for debugging purposes (post-processing/analysis of
|
||||||
|
// the webrtc stats) as it is done in the jitsi-meet-torture bandwidth
|
||||||
|
// estimation tests.
|
||||||
|
// gatherStats: false,
|
||||||
|
|
||||||
|
// The interval at which PeerConnection.getStats() is called. Defaults to 10000
|
||||||
|
// pcStatsInterval: 10000,
|
||||||
|
|
||||||
|
// To enable sending statistics to callstats.io you must provide the
|
||||||
|
// Application ID and Secret.
|
||||||
|
// callStatsID: '',
|
||||||
|
// callStatsSecret: '',
|
||||||
|
|
||||||
|
// Enables sending participants' display names to callstats
|
||||||
|
// enableDisplayNameInStats: false,
|
||||||
|
|
||||||
|
// Enables sending participants' emails (if available) to callstats and other analytics
|
||||||
|
// enableEmailInStats: false,
|
||||||
|
|
||||||
|
// Privacy
|
||||||
|
//
|
||||||
|
|
||||||
|
// If third party requests are disabled, no other server will be contacted.
|
||||||
|
// This means avatars will be locally generated and callstats integration
|
||||||
|
// will not function.
|
||||||
|
// disableThirdPartyRequests: false,
|
||||||
|
|
||||||
|
|
||||||
|
// Peer-To-Peer mode: used (if enabled) when there are just 2 participants.
|
||||||
|
//
|
||||||
|
|
||||||
|
p2p: {
|
||||||
|
// Enables peer to peer mode. When enabled the system will try to
|
||||||
|
// establish a direct connection when there are exactly 2 participants
|
||||||
|
// in the room. If that succeeds the conference will stop sending data
|
||||||
|
// through the JVB and use the peer to peer connection instead. When a
|
||||||
|
// 3rd participant joins the conference will be moved back to the JVB
|
||||||
|
// connection.
|
||||||
|
enabled: true,
|
||||||
|
|
||||||
|
// The STUN servers that will be used in the peer to peer connections
|
||||||
|
stunServers: [
|
||||||
|
|
||||||
|
// { urls: 'stun:jitsi-meet.example.org:3478' },
|
||||||
|
{ urls: 'stun:meet-jit-si-turnrelay.jitsi.net:443' }
|
||||||
|
]
|
||||||
|
|
||||||
|
// Sets the ICE transport policy for the p2p connection. At the time
|
||||||
|
// of this writing the list of possible values are 'all' and 'relay',
|
||||||
|
// but that is subject to change in the future. The enum is defined in
|
||||||
|
// the WebRTC standard:
|
||||||
|
// https://www.w3.org/TR/webrtc/#rtcicetransportpolicy-enum.
|
||||||
|
// If not set, the effective value is 'all'.
|
||||||
|
// iceTransportPolicy: 'all',
|
||||||
|
|
||||||
|
// If set to true, it will prefer to use H.264 for P2P calls (if H.264
|
||||||
|
// is supported). This setting is deprecated, use preferredCodec instead.
|
||||||
|
// preferH264: true
|
||||||
|
|
||||||
|
// Provides a way to set the video codec preference on the p2p connection. Acceptable
|
||||||
|
// codec values are 'VP8', 'VP9' and 'H264'.
|
||||||
|
// preferredCodec: 'H264',
|
||||||
|
|
||||||
|
// If set to true, disable H.264 video codec by stripping it out of the
|
||||||
|
// SDP. This setting is deprecated, use disabledCodec instead.
|
||||||
|
// disableH264: false,
|
||||||
|
|
||||||
|
// Provides a way to prevent a video codec from being negotiated on the p2p connection.
|
||||||
|
// disabledCodec: '',
|
||||||
|
|
||||||
|
// How long we're going to wait, before going back to P2P after the 3rd
|
||||||
|
// participant has left the conference (to filter out page reload).
|
||||||
|
// backToP2PDelay: 5
|
||||||
|
},
|
||||||
|
|
||||||
|
analytics: {
|
||||||
|
// The Google Analytics Tracking ID:
|
||||||
|
// googleAnalyticsTrackingId: 'your-tracking-id-UA-123456-1'
|
||||||
|
|
||||||
|
// Matomo configuration:
|
||||||
|
// matomoEndpoint: 'https://your-matomo-endpoint/',
|
||||||
|
// matomoSiteID: '42',
|
||||||
|
|
||||||
|
// The Amplitude APP Key:
|
||||||
|
// amplitudeAPPKey: '<APP_KEY>'
|
||||||
|
|
||||||
|
// Configuration for the rtcstats server:
|
||||||
|
// By enabling rtcstats server every time a conference is joined the rtcstats
|
||||||
|
// module connects to the provided rtcstatsEndpoint and sends statistics regarding
|
||||||
|
// PeerConnection states along with getStats metrics polled at the specified
|
||||||
|
// interval.
|
||||||
|
// rtcstatsEnabled: true,
|
||||||
|
|
||||||
|
// In order to enable rtcstats one needs to provide a endpoint url.
|
||||||
|
// rtcstatsEndpoint: wss://rtcstats-server-pilot.jitsi.net/,
|
||||||
|
|
||||||
|
// The interval at which rtcstats will poll getStats, defaults to 1000ms.
|
||||||
|
// If the value is set to 0 getStats won't be polled and the rtcstats client
|
||||||
|
// will only send data related to RTCPeerConnection events.
|
||||||
|
// rtcstatsPolIInterval: 1000
|
||||||
|
|
||||||
|
// Array of script URLs to load as lib-jitsi-meet "analytics handlers".
|
||||||
|
// scriptURLs: [
|
||||||
|
// "libs/analytics-ga.min.js", // google-analytics
|
||||||
|
// "https://example.com/my-custom-analytics.js"
|
||||||
|
// ],
|
||||||
|
},
|
||||||
|
|
||||||
|
// Logs that should go be passed through the 'log' event if a handler is defined for it
|
||||||
|
// apiLogLevels: ['warn', 'log', 'error', 'info', 'debug'],
|
||||||
|
|
||||||
|
// Information about the jitsi-meet instance we are connecting to, including
|
||||||
|
// the user region as seen by the server.
|
||||||
|
deploymentInfo: {
|
||||||
|
// shard: "shard1",
|
||||||
|
// region: "europe",
|
||||||
|
// userRegion: "asia"
|
||||||
|
},
|
||||||
|
|
||||||
|
// Decides whether the start/stop recording audio notifications should play on record.
|
||||||
|
// disableRecordAudioNotification: false,
|
||||||
|
|
||||||
|
// Information for the chrome extension banner
|
||||||
|
// chromeExtensionBanner: {
|
||||||
|
// // The chrome extension to be installed address
|
||||||
|
// url: 'https://chrome.google.com/webstore/detail/jitsi-meetings/kglhbbefdnlheedjiejgomgmfplipfeb',
|
||||||
|
|
||||||
|
// // Extensions info which allows checking if they are installed or not
|
||||||
|
// chromeExtensionsInfo: [
|
||||||
|
// {
|
||||||
|
// id: 'kglhbbefdnlheedjiejgomgmfplipfeb',
|
||||||
|
// path: 'jitsi-logo-48x48.png'
|
||||||
|
// }
|
||||||
|
// ]
|
||||||
|
// },
|
||||||
|
|
||||||
|
// Local Recording
|
||||||
|
//
|
||||||
|
|
||||||
|
// localRecording: {
|
||||||
|
// Enables local recording.
|
||||||
|
// Additionally, 'localrecording' (all lowercase) needs to be added to
|
||||||
|
// TOOLBAR_BUTTONS in interface_config.js for the Local Recording
|
||||||
|
// button to show up on the toolbar.
|
||||||
|
//
|
||||||
|
// enabled: true,
|
||||||
|
//
|
||||||
|
|
||||||
|
// The recording format, can be one of 'ogg', 'flac' or 'wav'.
|
||||||
|
// format: 'flac'
|
||||||
|
//
|
||||||
|
|
||||||
|
// },
|
||||||
|
|
||||||
|
// Options related to end-to-end (participant to participant) ping.
|
||||||
|
// e2eping: {
|
||||||
|
// // The interval in milliseconds at which pings will be sent.
|
||||||
|
// // Defaults to 10000, set to <= 0 to disable.
|
||||||
|
// pingInterval: 10000,
|
||||||
|
//
|
||||||
|
// // The interval in milliseconds at which analytics events
|
||||||
|
// // with the measured RTT will be sent. Defaults to 60000, set
|
||||||
|
// // to <= 0 to disable.
|
||||||
|
// analyticsInterval: 60000,
|
||||||
|
// },
|
||||||
|
|
||||||
|
// If set, will attempt to use the provided video input device label when
|
||||||
|
// triggering a screenshare, instead of proceeding through the normal flow
|
||||||
|
// for obtaining a desktop stream.
|
||||||
|
// NOTE: This option is experimental and is currently intended for internal
|
||||||
|
// use only.
|
||||||
|
// _desktopSharingSourceDevice: 'sample-id-or-label',
|
||||||
|
|
||||||
|
// If true, any checks to handoff to another application will be prevented
|
||||||
|
// and instead the app will continue to display in the current browser.
|
||||||
|
// disableDeepLinking: false,
|
||||||
|
|
||||||
|
// A property to disable the right click context menu for localVideo
|
||||||
|
// the menu has option to flip the locally seen video for local presentations
|
||||||
|
// disableLocalVideoFlip: false,
|
||||||
|
|
||||||
|
// Mainly privacy related settings
|
||||||
|
|
||||||
|
// Disables all invite functions from the app (share, invite, dial out...etc)
|
||||||
|
// disableInviteFunctions: true,
|
||||||
|
|
||||||
|
// Disables storing the room name to the recents list
|
||||||
|
// doNotStoreRoom: true,
|
||||||
|
|
||||||
|
// Deployment specific URLs.
|
||||||
|
// deploymentUrls: {
|
||||||
|
// // If specified a 'Help' button will be displayed in the overflow menu with a link to the specified URL for
|
||||||
|
// // user documentation.
|
||||||
|
// userDocumentationURL: 'https://docs.example.com/video-meetings.html',
|
||||||
|
// // If specified a 'Download our apps' button will be displayed in the overflow menu with a link
|
||||||
|
// // to the specified URL for an app download page.
|
||||||
|
// downloadAppsUrl: 'https://docs.example.com/our-apps.html'
|
||||||
|
// },
|
||||||
|
|
||||||
|
// Options related to the remote participant menu.
|
||||||
|
// remoteVideoMenu: {
|
||||||
|
// // If set to true the 'Kick out' button will be disabled.
|
||||||
|
// disableKick: true
|
||||||
|
// },
|
||||||
|
|
||||||
|
// If set to true all muting operations of remote participants will be disabled.
|
||||||
|
// disableRemoteMute: true,
|
||||||
|
|
||||||
|
/**
|
||||||
|
External API url used to receive branding specific information.
|
||||||
|
If there is no url set or there are missing fields, the defaults are applied.
|
||||||
|
None of the fields are mandatory and the response must have the shape:
|
||||||
|
{
|
||||||
|
// The hex value for the colour used as background
|
||||||
|
backgroundColor: '#fff',
|
||||||
|
// The url for the image used as background
|
||||||
|
backgroundImageUrl: 'https://example.com/background-img.png',
|
||||||
|
// The anchor url used when clicking the logo image
|
||||||
|
logoClickUrl: 'https://example-company.org',
|
||||||
|
// The url used for the image used as logo
|
||||||
|
logoImageUrl: 'https://example.com/logo-img.png'
|
||||||
|
}
|
||||||
|
*/
|
||||||
|
// brandingDataUrl: '',
|
||||||
|
|
||||||
|
// The URL of the moderated rooms microservice, if available. If it
|
||||||
|
// is present, a link to the service will be rendered on the welcome page,
|
||||||
|
// otherwise the app doesn't render it.
|
||||||
|
// moderatedRoomServiceUrl: 'https://moderated.jitsi-meet.example.org',
|
||||||
|
|
||||||
|
// List of undocumented settings used in jitsi-meet
|
||||||
|
/**
|
||||||
|
_immediateReloadThreshold
|
||||||
|
debug
|
||||||
|
debugAudioLevels
|
||||||
|
deploymentInfo
|
||||||
|
dialInConfCodeUrl
|
||||||
|
dialInNumbersUrl
|
||||||
|
dialOutAuthUrl
|
||||||
|
dialOutCodesUrl
|
||||||
|
disableRemoteControl
|
||||||
|
displayJids
|
||||||
|
etherpad_base
|
||||||
|
externalConnectUrl
|
||||||
|
firefox_fake_device
|
||||||
|
googleApiApplicationClientID
|
||||||
|
iAmRecorder
|
||||||
|
iAmSipGateway
|
||||||
|
microsoftApiApplicationClientID
|
||||||
|
peopleSearchQueryTypes
|
||||||
|
peopleSearchUrl
|
||||||
|
requireDisplayName
|
||||||
|
tokenAuthUrl
|
||||||
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This property can be used to alter the generated meeting invite links (in combination with a branding domain
|
||||||
|
* which is retrieved internally by jitsi meet) (e.g. https://meet.jit.si/someMeeting
|
||||||
|
* can become https://brandedDomain/roomAlias)
|
||||||
|
*/
|
||||||
|
// brandingRoomAlias: null,
|
||||||
|
|
||||||
|
// List of undocumented settings used in lib-jitsi-meet
|
||||||
|
/**
|
||||||
|
_peerConnStatusOutOfLastNTimeout
|
||||||
|
_peerConnStatusRtcMuteTimeout
|
||||||
|
abTesting
|
||||||
|
avgRtpStatsN
|
||||||
|
callStatsConfIDNamespace
|
||||||
|
callStatsCustomScriptUrl
|
||||||
|
desktopSharingSources
|
||||||
|
disableAEC
|
||||||
|
disableAGC
|
||||||
|
disableAP
|
||||||
|
disableHPF
|
||||||
|
disableNS
|
||||||
|
enableLipSync
|
||||||
|
enableTalkWhileMuted
|
||||||
|
forceJVB121Ratio
|
||||||
|
hiddenDomain
|
||||||
|
ignoreStartMuted
|
||||||
|
nick
|
||||||
|
startBitrate
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
// Allow all above example options to include a trailing comma and
|
||||||
|
// prevent fear when commenting out the last value.
|
||||||
|
makeJsonParserHappy: 'even if last key had a trailing comma'
|
||||||
|
|
||||||
|
// no configuration value should follow this line.
|
||||||
|
};
|
||||||
|
|
||||||
|
/* eslint-enable no-unused-vars, no-var */
|
156
type/__evilham_jitsi_meet_domain/files/nginx.sh
Normal file
156
type/__evilham_jitsi_meet_domain/files/nginx.sh
Normal file
|
@ -0,0 +1,156 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
|
||||||
|
# shellcheck disable=SC2034 # This is intended to be included
|
||||||
|
JITSI_NGINX_CONFIG="$(cat <<EOF
|
||||||
|
server_names_hash_bucket_size 64;
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
server_name ${DOMAIN};
|
||||||
|
|
||||||
|
include snippets/acme-challenge.conf;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
return 301 https://\$host\$request_uri;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
server {
|
||||||
|
listen 443 ssl;
|
||||||
|
listen [::]:443 ssl;
|
||||||
|
server_name ${DOMAIN};
|
||||||
|
|
||||||
|
include snippets/acme-challenge.conf;
|
||||||
|
|
||||||
|
# Mozilla Guideline v5.4, nginx 1.17.7, OpenSSL 1.1.1d, intermediate configuration
|
||||||
|
ssl_protocols TLSv1.2 TLSv1.3;
|
||||||
|
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
|
||||||
|
ssl_prefer_server_ciphers off;
|
||||||
|
|
||||||
|
ssl_session_timeout 1d;
|
||||||
|
ssl_session_cache shared:SSL:10m; # about 40000 sessions
|
||||||
|
ssl_session_tickets off;
|
||||||
|
|
||||||
|
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||||
|
|
||||||
|
ssl_certificate /etc/letsencrypt/live/${DOMAIN}/fullchain.pem;
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/${DOMAIN}/privkey.pem;
|
||||||
|
|
||||||
|
root /usr/share/jitsi-meet;
|
||||||
|
|
||||||
|
# ssi on with javascript for multidomain variables in config.js
|
||||||
|
ssi on;
|
||||||
|
ssi_types application/x-javascript application/javascript;
|
||||||
|
|
||||||
|
# Try the custom page for this domain, fallback to default page
|
||||||
|
index index-${DOMAIN}.html index.html index.htm;
|
||||||
|
error_page 404 /static/404.html;
|
||||||
|
|
||||||
|
gzip on;
|
||||||
|
gzip_types text/plain text/css application/javascript application/json image/x-icon application/octet-stream application/wasm;
|
||||||
|
gzip_vary on;
|
||||||
|
gzip_proxied no-cache no-store private expired auth;
|
||||||
|
gzip_min_length 512;
|
||||||
|
|
||||||
|
# We expect this domain to be properly configured, the file should exist
|
||||||
|
location = /config.js {
|
||||||
|
alias /etc/jitsi/meet/${DOMAIN}-config.js;
|
||||||
|
}
|
||||||
|
# This may or may not exist; it will be set up in config.js if needed
|
||||||
|
location = /branding.json {
|
||||||
|
alias /etc/jitsi/meet/${DOMAIN}-branding.json;
|
||||||
|
}
|
||||||
|
# Try custom image and fallback to default
|
||||||
|
location = /images/watermark.png {
|
||||||
|
try_files /images/watermark-${DOMAIN}.png \$uri;
|
||||||
|
}
|
||||||
|
|
||||||
|
location = /external_api.js {
|
||||||
|
alias /usr/share/jitsi-meet/libs/external_api.min.js;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ensure all static content can always be found first
|
||||||
|
location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)\$
|
||||||
|
{
|
||||||
|
add_header 'Access-Control-Allow-Origin' '*';
|
||||||
|
alias /usr/share/jitsi-meet/\$1/\$2;
|
||||||
|
|
||||||
|
# cache all versioned files
|
||||||
|
if (\$arg_v) {
|
||||||
|
expires 1y;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# BOSH
|
||||||
|
location = /http-bind {
|
||||||
|
proxy_pass http://localhost:5280/http-bind;
|
||||||
|
proxy_set_header X-Forwarded-For \$remote_addr;
|
||||||
|
# Prevision for 'multi-domain' jitsi instances
|
||||||
|
# https://community.jitsi.org/t/same-jitsi-meet-instance-with-multiple-domain-names/17391
|
||||||
|
proxy_set_header Host ${JITSI_HOST};
|
||||||
|
}
|
||||||
|
|
||||||
|
# xmpp websockets
|
||||||
|
location = /xmpp-websocket {
|
||||||
|
proxy_pass http://127.0.0.1:5280/xmpp-websocket?prefix=\$prefix&\$args;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Upgrade \$http_upgrade;
|
||||||
|
proxy_set_header Connection "upgrade";
|
||||||
|
# Prevision for 'multi-domain' jitsi instances
|
||||||
|
# https://community.jitsi.org/t/same-jitsi-meet-instance-with-multiple-domain-names/17391
|
||||||
|
proxy_set_header Host ${JITSI_HOST};
|
||||||
|
tcp_nodelay on;
|
||||||
|
}
|
||||||
|
|
||||||
|
# colibri (JVB) websockets for jvb1
|
||||||
|
location ~ ^/colibri-ws/default-id/(.*) {
|
||||||
|
proxy_pass http://127.0.0.1:9090/colibri-ws/default-id/\$1\$is_args\$args;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Upgrade \$http_upgrade;
|
||||||
|
proxy_set_header Connection "upgrade";
|
||||||
|
tcp_nodelay on;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/([^/?&:'"]+)\$ {
|
||||||
|
try_files \$uri @root_path;
|
||||||
|
}
|
||||||
|
|
||||||
|
location @root_path {
|
||||||
|
rewrite ^/(.*)\$ / break;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/([^/?&:'"]+)/config.js\$
|
||||||
|
{
|
||||||
|
set \$subdomain "\$1.";
|
||||||
|
set \$subdir "\$1/";
|
||||||
|
|
||||||
|
alias /etc/jitsi/meet/jitsi-meet.example.com-config.js;
|
||||||
|
}
|
||||||
|
|
||||||
|
#Anything that didn't match above, and isn't a real file, assume it's a room name and redirect to /
|
||||||
|
location ~ ^/([^/?&:'"]+)/(.*)\$ {
|
||||||
|
set \$subdomain "\$1.";
|
||||||
|
set \$subdir "\$1/";
|
||||||
|
rewrite ^/([^/?&:'"]+)/(.*)\$ /\$2;
|
||||||
|
}
|
||||||
|
|
||||||
|
# BOSH for subdomains
|
||||||
|
location ~ ^/([^/?&:'"]+)/http-bind {
|
||||||
|
set \$subdomain "\$1.";
|
||||||
|
set \$subdir "\$1/";
|
||||||
|
set \$prefix "\$1";
|
||||||
|
|
||||||
|
rewrite ^/(.*)\$ /http-bind;
|
||||||
|
}
|
||||||
|
|
||||||
|
# websockets for subdomains
|
||||||
|
location ~ ^/([^/?&:'"]+)/xmpp-websocket {
|
||||||
|
set \$subdomain "\$1.";
|
||||||
|
set \$subdir "\$1/";
|
||||||
|
set \$prefix "\$1";
|
||||||
|
|
||||||
|
rewrite ^/(.*)\$ /xmpp-websocket;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
)"
|
139
type/__evilham_jitsi_meet_domain/files/nginx.sh.orig
Normal file
139
type/__evilham_jitsi_meet_domain/files/nginx.sh.orig
Normal file
|
@ -0,0 +1,139 @@
|
||||||
|
server_names_hash_bucket_size 64;
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
server_name jitsi-meet.example.com;
|
||||||
|
|
||||||
|
location ^~ /.well-known/acme-challenge/ {
|
||||||
|
default_type "text/plain";
|
||||||
|
root /usr/share/jitsi-meet;
|
||||||
|
}
|
||||||
|
location = /.well-known/acme-challenge/ {
|
||||||
|
return 404;
|
||||||
|
}
|
||||||
|
location / {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
server {
|
||||||
|
listen 443 ssl;
|
||||||
|
listen [::]:443 ssl;
|
||||||
|
server_name jitsi-meet.example.com;
|
||||||
|
|
||||||
|
# Mozilla Guideline v5.4, nginx 1.17.7, OpenSSL 1.1.1d, intermediate configuration
|
||||||
|
ssl_protocols TLSv1.2 TLSv1.3;
|
||||||
|
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
|
||||||
|
ssl_prefer_server_ciphers off;
|
||||||
|
|
||||||
|
ssl_session_timeout 1d;
|
||||||
|
ssl_session_cache shared:SSL:10m; # about 40000 sessions
|
||||||
|
ssl_session_tickets off;
|
||||||
|
|
||||||
|
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||||
|
|
||||||
|
ssl_certificate /etc/jitsi/meet/jitsi-meet.example.com.crt;
|
||||||
|
ssl_certificate_key /etc/jitsi/meet/jitsi-meet.example.com.key;
|
||||||
|
|
||||||
|
root /usr/share/jitsi-meet;
|
||||||
|
|
||||||
|
# ssi on with javascript for multidomain variables in config.js
|
||||||
|
ssi on;
|
||||||
|
ssi_types application/x-javascript application/javascript;
|
||||||
|
|
||||||
|
index index.html index.htm;
|
||||||
|
error_page 404 /static/404.html;
|
||||||
|
|
||||||
|
gzip on;
|
||||||
|
gzip_types text/plain text/css application/javascript application/json image/x-icon application/octet-stream application/wasm;
|
||||||
|
gzip_vary on;
|
||||||
|
gzip_proxied no-cache no-store private expired auth;
|
||||||
|
gzip_min_length 512;
|
||||||
|
|
||||||
|
location = /config.js {
|
||||||
|
alias /etc/jitsi/meet/jitsi-meet.example.com-config.js;
|
||||||
|
}
|
||||||
|
|
||||||
|
location = /external_api.js {
|
||||||
|
alias /usr/share/jitsi-meet/libs/external_api.min.js;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ensure all static content can always be found first
|
||||||
|
location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)$
|
||||||
|
{
|
||||||
|
add_header 'Access-Control-Allow-Origin' '*';
|
||||||
|
alias /usr/share/jitsi-meet/$1/$2;
|
||||||
|
|
||||||
|
# cache all versioned files
|
||||||
|
if ($arg_v) {
|
||||||
|
expires 1y;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# BOSH
|
||||||
|
location = /http-bind {
|
||||||
|
proxy_pass http://localhost:5280/http-bind;
|
||||||
|
proxy_set_header X-Forwarded-For $remote_addr;
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
}
|
||||||
|
|
||||||
|
# xmpp websockets
|
||||||
|
location = /xmpp-websocket {
|
||||||
|
proxy_pass http://127.0.0.1:5280/xmpp-websocket?prefix=$prefix&$args;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
|
proxy_set_header Connection "upgrade";
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
tcp_nodelay on;
|
||||||
|
}
|
||||||
|
|
||||||
|
# colibri (JVB) websockets for jvb1
|
||||||
|
location ~ ^/colibri-ws/default-id/(.*) {
|
||||||
|
proxy_pass http://127.0.0.1:9090/colibri-ws/default-id/$1$is_args$args;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
|
proxy_set_header Connection "upgrade";
|
||||||
|
tcp_nodelay on;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/([^/?&:'"]+)$ {
|
||||||
|
try_files $uri @root_path;
|
||||||
|
}
|
||||||
|
|
||||||
|
location @root_path {
|
||||||
|
rewrite ^/(.*)$ / break;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/([^/?&:'"]+)/config.js$
|
||||||
|
{
|
||||||
|
set $subdomain "$1.";
|
||||||
|
set $subdir "$1/";
|
||||||
|
|
||||||
|
alias /etc/jitsi/meet/jitsi-meet.example.com-config.js;
|
||||||
|
}
|
||||||
|
|
||||||
|
#Anything that didn't match above, and isn't a real file, assume it's a room name and redirect to /
|
||||||
|
location ~ ^/([^/?&:'"]+)/(.*)$ {
|
||||||
|
set $subdomain "$1.";
|
||||||
|
set $subdir "$1/";
|
||||||
|
rewrite ^/([^/?&:'"]+)/(.*)$ /$2;
|
||||||
|
}
|
||||||
|
|
||||||
|
# BOSH for subdomains
|
||||||
|
location ~ ^/([^/?&:'"]+)/http-bind {
|
||||||
|
set $subdomain "$1.";
|
||||||
|
set $subdir "$1/";
|
||||||
|
set $prefix "$1";
|
||||||
|
|
||||||
|
rewrite ^/(.*)$ /http-bind;
|
||||||
|
}
|
||||||
|
|
||||||
|
# websockets for subdomains
|
||||||
|
location ~ ^/([^/?&:'"]+)/xmpp-websocket {
|
||||||
|
set $subdomain "$1.";
|
||||||
|
set $subdir "$1/";
|
||||||
|
set $prefix "$1";
|
||||||
|
|
||||||
|
rewrite ^/(.*)$ /xmpp-websocket;
|
||||||
|
}
|
||||||
|
}
|
5
type/__evilham_jitsi_meet_domain/gencode-remote
Executable file
5
type/__evilham_jitsi_meet_domain/gencode-remote
Executable file
|
@ -0,0 +1,5 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
|
||||||
|
if grep -qE "^__file/etc/nginx" "${__messages_in}"; then
|
||||||
|
echo "service nginx reload"
|
||||||
|
fi
|
151
type/__evilham_jitsi_meet_domain/man.rst
Normal file
151
type/__evilham_jitsi_meet_domain/man.rst
Normal file
|
@ -0,0 +1,151 @@
|
||||||
|
cdist-type__evilham_jitsi_meet_domain(7)
|
||||||
|
========================================
|
||||||
|
|
||||||
|
|
||||||
|
NAME
|
||||||
|
----
|
||||||
|
cdist-type__evilham_jitsi_meet_domain - Setup a frontend for Jitsi-Meet.
|
||||||
|
|
||||||
|
|
||||||
|
DESCRIPTION
|
||||||
|
-----------
|
||||||
|
This type installs and configures the frontend for Jitsi-Meet.
|
||||||
|
|
||||||
|
This supports "multi-domain" installations, notice that in such a setup, all
|
||||||
|
rooms are shared across the different URLs, e.g.
|
||||||
|
https://jitsi1.example.org/room1 and https://jitsi2.example.org/room1 are
|
||||||
|
equivalent.
|
||||||
|
|
||||||
|
This is due to the underlying XMPP and signaling rooms being common.
|
||||||
|
There might be a way to perform tricks on the Nginx-side to avoid this, but
|
||||||
|
time is lacking :-).
|
||||||
|
|
||||||
|
This assumes `__evilham_jitsi_meet` has already been ran on the target host,
|
||||||
|
and, amongst others, that Jitsi was set up with `__target_host` as the Jitsi
|
||||||
|
domain.
|
||||||
|
|
||||||
|
This type will take care of TLS settings, branding and client-side
|
||||||
|
configuration for Jitsi.
|
||||||
|
|
||||||
|
This type only works on De{bi,vu}an systems.
|
||||||
|
|
||||||
|
|
||||||
|
REQUIRED PARAMETERS
|
||||||
|
-------------------
|
||||||
|
object id
|
||||||
|
The domain that will be configured as a Jitsi-Meet instance.
|
||||||
|
|
||||||
|
|
||||||
|
admin-email
|
||||||
|
Where to send Let's Encrypt emails like "certificate needs renewal".
|
||||||
|
|
||||||
|
|
||||||
|
OPTIONAL PARAMETERS
|
||||||
|
-------------------
|
||||||
|
channel-last-n
|
||||||
|
Default value for the "last N" attribute.
|
||||||
|
Defaults to 20. Set to -1 for unlimited.
|
||||||
|
|
||||||
|
|
||||||
|
default-language
|
||||||
|
Default language for the user interface.
|
||||||
|
Defaults to 'en'.
|
||||||
|
|
||||||
|
|
||||||
|
notice-message
|
||||||
|
Message to show the users when they join a room.
|
||||||
|
|
||||||
|
|
||||||
|
start-video-muted
|
||||||
|
Every participant after the Nth will start video muted.
|
||||||
|
Defaults to 10.
|
||||||
|
|
||||||
|
|
||||||
|
turn-server
|
||||||
|
The TURN server to be used.
|
||||||
|
Defaults to `__target_host`.
|
||||||
|
|
||||||
|
|
||||||
|
video-constraints
|
||||||
|
w3c spec-compliant video constraints to use for video capture. Currently
|
||||||
|
used by browsers that return true from lib-jitsi-meet's
|
||||||
|
util#browser#usesNewGumFlow. The constraints are independent from
|
||||||
|
this config's resolution value. Defaults to requesting an ideal
|
||||||
|
resolution of 720p.
|
||||||
|
It must not have a trailing comma, see `constraints` in
|
||||||
|
`__evilham_jitsi_meet_domain/files/config.js.sh`.
|
||||||
|
|
||||||
|
|
||||||
|
branding-json
|
||||||
|
Path to a JSON file that will be served as the `brandingDataUrl`.
|
||||||
|
For information on the format see `brandingDataUrl` in
|
||||||
|
`__evilham_jitsi_meet_domain/files/config.js.sh`.
|
||||||
|
If not set, no branding will be set up.
|
||||||
|
|
||||||
|
|
||||||
|
branding-index
|
||||||
|
Path to an HTML file that will be served instead of Jitsi-Meet's default
|
||||||
|
one.
|
||||||
|
If not set, the default index file will be used.
|
||||||
|
|
||||||
|
|
||||||
|
branding-watermark
|
||||||
|
Path to a png file that will be served instead of Jitsi-Meet's default
|
||||||
|
one.
|
||||||
|
If not set, the default watermark will be used.
|
||||||
|
|
||||||
|
|
||||||
|
BOOLEAN PARAMETERS
|
||||||
|
------------------
|
||||||
|
disable-audio-levels
|
||||||
|
Disable measuring of audio levels.
|
||||||
|
This has been reported to improve performance on clients.
|
||||||
|
|
||||||
|
|
||||||
|
enable-third-party-requests
|
||||||
|
This type disables third-party requests by default, this flag re-enables
|
||||||
|
them, restoring Jitsi-Meet's defaults.
|
||||||
|
This affects things like avatars, callstats, ...
|
||||||
|
|
||||||
|
|
||||||
|
EXAMPLES
|
||||||
|
--------
|
||||||
|
|
||||||
|
.. code-block:: sh
|
||||||
|
|
||||||
|
# Setup a Jitsi frontend for jitsi.exo.cat
|
||||||
|
__evilham_jitsi_meet_domain "jitsi.exo.cat" \
|
||||||
|
--admin-email "info@exo.cat" \
|
||||||
|
--turn-server "turn.exo.cat" \
|
||||||
|
--notice-message "Hola!" \
|
||||||
|
--disable-audio-levels \
|
||||||
|
--turn-secret "WeNeedGoodSecurity" \
|
||||||
|
--video-constraints "$(cat <<EOF
|
||||||
|
constraints: {
|
||||||
|
video: {
|
||||||
|
height: {
|
||||||
|
ideal: 320,
|
||||||
|
max: 320,
|
||||||
|
min: 180
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
)"
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
SEE ALSO
|
||||||
|
--------
|
||||||
|
- `__evilham_jitsi_meet`
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
AUTHORS
|
||||||
|
-------
|
||||||
|
Evilham <contact@evilham.com>
|
||||||
|
|
||||||
|
|
||||||
|
COPYING
|
||||||
|
-------
|
||||||
|
Copyright \(C) 2020 Evilham.
|
88
type/__evilham_jitsi_meet_domain/manifest
Executable file
88
type/__evilham_jitsi_meet_domain/manifest
Executable file
|
@ -0,0 +1,88 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
|
||||||
|
os="$(cat "${__global}/explorer/os")"
|
||||||
|
case "${os}" in
|
||||||
|
devuan|debian)
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "Your OS '${os}' is currently not supported." > /dev/stderr
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
DOMAIN="${__object_id}"
|
||||||
|
ADMIN_EMAIL="$(cat "${__object}/parameter/admin-email")"
|
||||||
|
CHANNEL_LAST_N="$(cat "${__object}/parameter/channel-last-n")"
|
||||||
|
DEFAULT_LANGUAGE="$(cat "${__object}/parameter/default-language")"
|
||||||
|
NOTICE_MESSAGE="$(cat "${__object}/parameter/notice-message")"
|
||||||
|
START_VIDEO_MUTED="$(cat "${__object}/parameter/start-video-muted")"
|
||||||
|
TURN_SERVER="$(cat "${__object}/parameter/turn-server")"
|
||||||
|
VIDEO_CONSTRAINTS="$(cat "${__object}/parameter/video-constraints")"
|
||||||
|
BRANDING_INDEX="$(cat "${__object}/parameter/branding-index")"
|
||||||
|
BRANDING_JSON="$(cat "${__object}/parameter/branding-json")"
|
||||||
|
BRANDING_WATERMARK="$(cat "${__object}/parameter/branding-watermark")"
|
||||||
|
|
||||||
|
if [ -f "${__object}/parameter/enable-third-party-requests" ]; then
|
||||||
|
ENABLE_THIRD_PARTY_REQUESTS="YES"
|
||||||
|
fi
|
||||||
|
if [ -f "${__object}/parameter/disable-audio-levels" ]; then
|
||||||
|
DISABLE_AUDIO_LEVELS="YES"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "${TURN_SERVER}" ]; then
|
||||||
|
TURN_SERVER="${__target_host}"
|
||||||
|
fi
|
||||||
|
if [ -z "${JITSI_HOST}" ]; then
|
||||||
|
JITSI_HOST="${__target_host}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
#
|
||||||
|
# Deal with certbot
|
||||||
|
#
|
||||||
|
# use object id as domain
|
||||||
|
__letsencrypt_cert "${DOMAIN}" \
|
||||||
|
--admin-email "${ADMIN_EMAIL}" \
|
||||||
|
--automatic-renewal \
|
||||||
|
--renew-hook "service nginx reload" \
|
||||||
|
--webroot /usr/share/jitsi-meet
|
||||||
|
|
||||||
|
# Create virtualhost for nginx
|
||||||
|
. "${__type}/files/nginx.sh" # This defines JITSI_NGINX_CONFIG
|
||||||
|
require="__letsencrypt_cert/${DOMAIN}" __file \
|
||||||
|
"/etc/nginx/sites-enabled/${DOMAIN}.conf" \
|
||||||
|
--mode 0644 --source "-" <<EOF
|
||||||
|
${JITSI_NGINX_CONFIG}
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# Setup jitsi config
|
||||||
|
. "${__type}/files/config.js.sh" # This defines JITSI_CONFIG_JS
|
||||||
|
__file "/etc/jitsi/meet/${DOMAIN}-config.js" \
|
||||||
|
--mode 0644 --source "-" <<EOF
|
||||||
|
${JITSI_CONFIG_JS}
|
||||||
|
EOF
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# Deal with branding as requested
|
||||||
|
#
|
||||||
|
# Helper function to manage the state of the target branding file
|
||||||
|
_var_state() {
|
||||||
|
if [ -n "${1}" ]; then
|
||||||
|
echo "present"
|
||||||
|
else
|
||||||
|
echo "absent"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
__file "/usr/share/jitsi-meet/index-${DOMAIN}.html" \
|
||||||
|
--mode 0644 \
|
||||||
|
--state "$(_var_state "${BRANDING_INDEX}")" \
|
||||||
|
--source "${BRANDING_INDEX}"
|
||||||
|
__file "/etc/jitsi/meet/${DOMAIN}-branding.json" \
|
||||||
|
--mode 0644 \
|
||||||
|
--state "$(_var_state "${BRANDING_JSON}")" \
|
||||||
|
--source "${BRANDING_JSON}"
|
||||||
|
__file "/usr/share/jitsi-meet/images/watermark-${DOMAIN}.png" \
|
||||||
|
--mode 0644 \
|
||||||
|
--state "$(_var_state "${BRANDING_WATERMARK}")" \
|
||||||
|
--source "${BRANDING_WATERMARK}"
|
2
type/__evilham_jitsi_meet_domain/parameter/boolean
Normal file
2
type/__evilham_jitsi_meet_domain/parameter/boolean
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
disable-audio-levels
|
||||||
|
enable-third-party-requests
|
|
@ -0,0 +1 @@
|
||||||
|
20
|
|
@ -0,0 +1 @@
|
||||||
|
en
|
|
@ -0,0 +1 @@
|
||||||
|
10
|
9
type/__evilham_jitsi_meet_domain/parameter/optional
Normal file
9
type/__evilham_jitsi_meet_domain/parameter/optional
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
channel-last-n
|
||||||
|
default-language
|
||||||
|
notice-message
|
||||||
|
start-video-muted
|
||||||
|
turn-server
|
||||||
|
video-constraints
|
||||||
|
branding-json
|
||||||
|
branding-index
|
||||||
|
branding-watermark
|
1
type/__evilham_jitsi_meet_domain/parameter/required
Normal file
1
type/__evilham_jitsi_meet_domain/parameter/required
Normal file
|
@ -0,0 +1 @@
|
||||||
|
admin-email
|
Loading…
Reference in a new issue