diff --git a/issue_template.md b/.github/ISSUE_TEMPLATE.md similarity index 51% rename from issue_template.md rename to .github/ISSUE_TEMPLATE.md index e0a5b5b..2729a6b 100644 --- a/issue_template.md +++ b/.github/ISSUE_TEMPLATE.md @@ -1,46 +1,55 @@ --- name: Bug report -about: Create a report to help us debug, it would be nice to fill the template as much as you can to help us, help you and help us all. +about: When creating a bug report, please use the following template to provide all the relevant information and help debugging efficiently. --- **How to post a meaningful bug report** 1. *Read this whole template first.* 2. *Determine if you are on the right place:* - - *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change url...), you are on the right place!* - - *Otherwise, the issue may be due to Jitsi Meet itself. Refer to its documentation or repository for help.* - - *If you have a doubt, post here, we will figure it out together.* + - *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!* + - *Otherwise, the issue may be due to the app itself. Refer to its documentation or repository for help.* + - *When in doubt, post here and we will figure it out together.* 3. *Delete the italic comments as you write over them below, and remove this guide.* --- -**Describe the bug** +### Describe the bug + *A clear and concise description of what the bug is.* -**Versions** +### Context + - Hardware: *VPS bought online / Old laptop or computer / Raspberry Pi at home / Internet Cube with VPN / Other ARM board / ...* - YunoHost version: x.x.x - I have access to my server: *Through SSH | through the webadmin | direct access via keyboard / screen | ...* -- Are you in a special context or did you perform some particular tweaking on your YunoHost instance ?: *no / yes* +- Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: *no / yes* - If yes, please explain: - Using, or trying to install package version/branch: - If upgrading, current package version: *can be found in the admin, or with `yunohost app info $app_id`* -**To Reproduce** -*Steps to reproduce the behavior.* +### Steps to reproduce + - *If you performed a command from the CLI, the command itself is enough. For example:* ```sh - sudo yunohost app install jitsi + sudo yunohost app install the_app ``` - *If you used the webadmin, please perform the equivalent command from the CLI first.* - *If the error occurs in your browser, explain what you did:* 1. *Go to '...'* - 2. *Click on '....'* - 3. *Scroll down to '....'* + 2. *Click on '...'* + 3. *Scroll down to '...'* 4. *See error* -**Expected behavior** +### Expected behavior + *A clear and concise description of what you expected to happen. You can remove this section if the command above is enough to understand your intent.* -**Logs** -*After a failed command, YunoHost makes the log available to you, but also to others, thanks to `yunohost log display [log name] --share`. The actual command, with the correct log name, is displayed at the end of the failed attempt in the CLI. Execute it and copy here the share link it outputs.* +### Logs + +*When an operation fails, YunoHost provides a simple way to share the logs.* +- *In the webadmin, the error message contains a link to the relevant log page. On that page, you will be able to 'Share with Yunopaste'. If you missed it, the logs of previous operations are also available under Tools > Logs.* +- *In command line, the command to share the logs is displayed at the end of the operation and looks like `yunohost log display [log name] --share`. If you missed it, you can find the log ID of a previous operation using `yunohost log list`.* + +*After sharing the log, please copypaste directly the link provided by YunoHost (to help readability, no need to copypaste the entire content of the log here, just the link is enough...)* + *If applicable and useful, add screenshots to help explain your problem.* diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..ef70e18 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,16 @@ +## Problem + +- *Description of why you made this PR* + +## Solution + +- *And how do you fix that problem* + +## PR Status + +- [ ] Code finished and ready to be reviewed/tested +- [ ] The fix/enhancement were manually tested (if applicable) + +## Automatic tests + +Automatic tests can be triggered on https://ci-apps-dev.yunohost.org/ *after creating the PR*, by commenting "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!". (N.B. : for this to work you need to be a member of the Yunohost-Apps organization) diff --git a/check_process b/check_process index b6e7fdf..6f1ce97 100644 --- a/check_process +++ b/check_process @@ -1,11 +1,6 @@ -# See here for more information -# https://github.com/YunoHost/package_check#syntax-check_process-file - -# Move this file from check_process.default to check_process when you have filled it. - ;; Test complet ; Manifest - domain="domain.tld" (DOMAIN) + domain="domain.tld" ; Checks pkg_linter=1 setup_sub_dir=0 @@ -18,13 +13,8 @@ upgrade=1 from_commit=7e81cff25dd5a85a5f9b97299b2dc251f2725d4b backup_restore=1 multi_instance=0 - # This test is no longer necessary since the version 2.7 (PR: https://github.com/YunoHost/yunohost/pull/304), you can still do it if your app could be installed with this version. - # incorrect_path=1 port_already_use=0 change_url=0 -;;; Levels - # If the level 5 (Package linter) is forced to 1. Please add justifications here. - Level 5=auto ;;; Options Email=yalh@yahoo.com Notification=all @@ -32,4 +22,3 @@ Notification=all ; commit=7e81cff25dd5a85a5f9b97299b2dc251f2725d4b name=1.0.3729~ynh1 manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666& - diff --git a/conf/config.js b/conf/config.js deleted file mode 100644 index 11acce7..0000000 --- a/conf/config.js +++ /dev/null @@ -1,595 +0,0 @@ -/* eslint-disable no-unused-vars, no-var */ - -var config = { - // Connection - // - - hosts: { - // XMPP domain. - domain: '__DOMAIN__', - - // When using authentication, domain for guest users. - // anonymousdomain: 'guest.example.com', - - // Domain for authenticated users. Defaults to . - // authdomain: '__DOMAIN__', - - // Jirecon recording component domain. - // jirecon: 'jirecon.__DOMAIN__', - - // Call control component (Jigasi). - // call_control: 'callcontrol.__DOMAIN__', - - // Focus component domain. Defaults to focus.. - // focus: 'focus.__DOMAIN__', - - // XMPP MUC domain. FIXME: use XEP-0030 to discover it. - muc: 'conference.__DOMAIN__' - }, - - // BOSH URL. FIXME: use XEP-0156 to discover it. - bosh: '//__DOMAIN__/http-bind', - - // Websocket URL - // websocket: 'wss://__DOMAIN__/xmpp-websocket', - - // The name of client node advertised in XEP-0115 'c' stanza - clientNode: 'http://jitsi.org/jitsimeet', - - // The real JID of focus participant - can be overridden here - // focusUserJid: 'focus@auth.__DOMAIN__', - - - // Testing / experimental features. - // - - testing: { - // P2P test mode disables automatic switching to P2P when there are 2 - // participants in the conference. - p2pTestMode: false - - // Enables the test specific features consumed by jitsi-meet-torture - // testMode: false - - // Disables the auto-play behavior of *all* newly created video element. - // This is useful when the client runs on a host with limited resources. - // noAutoPlayVideo: false - - // Enable / disable 500 Kbps bitrate cap on desktop tracks. When enabled, - // simulcast is turned off for the desktop share. If presenter is turned - // on while screensharing is in progress, the max bitrate is automatically - // adjusted to 2.5 Mbps. This takes a value between 0 and 1 which determines - // the probability for this to be enabled. - // capScreenshareBitrate: 1 // 0 to disable - }, - - // Disables ICE/UDP by filtering out local and remote UDP candidates in - // signalling. - // webrtcIceUdpDisable: false, - - // Disables ICE/TCP by filtering out local and remote TCP candidates in - // signalling. - // webrtcIceTcpDisable: false, - - - // Media - // - - // Audio - - // Disable measuring of audio levels. - // disableAudioLevels: false, - // audioLevelsInterval: 200, - - // Enabling this will run the lib-jitsi-meet no audio detection module which - // will notify the user if the current selected microphone has no audio - // input and will suggest another valid device if one is present. - enableNoAudioDetection: true, - - // Enabling this will run the lib-jitsi-meet noise detection module which will - // notify the user if there is noise, other than voice, coming from the current - // selected microphone. The purpose it to let the user know that the input could - // be potentially unpleasant for other meeting participants. - enableNoisyMicDetection: true, - - // Start the conference in audio only mode (no video is being received nor - // sent). - // startAudioOnly: false, - - // Every participant after the Nth will start audio muted. - // startAudioMuted: 10, - - // Start calls with audio muted. Unlike the option above, this one is only - // applied locally. FIXME: having these 2 options is confusing. - // startWithAudioMuted: false, - - // Enabling it (with #params) will disable local audio output of remote - // participants and to enable it back a reload is needed. - // startSilent: false - - // Video - - // Sets the preferred resolution (height) for local video. Defaults to 720. - // resolution: 720, - - // w3c spec-compliant video constraints to use for video capture. Currently - // used by browsers that return true from lib-jitsi-meet's - // util#browser#usesNewGumFlow. The constraints are independent from - // this config's resolution value. Defaults to requesting an ideal - // resolution of 720p. - // constraints: { - // video: { - // height: { - // ideal: 720, - // max: 720, - // min: 240 - // } - // } - // }, - - // Enable / disable simulcast support. - // disableSimulcast: false, - - // Enable / disable layer suspension. If enabled, endpoints whose HD - // layers are not in use will be suspended (no longer sent) until they - // are requested again. - // enableLayerSuspension: false, - - // Every participant after the Nth will start video muted. - // startVideoMuted: 10, - - // Start calls with video muted. Unlike the option above, this one is only - // applied locally. FIXME: having these 2 options is confusing. - // startWithVideoMuted: false, - - // If set to true, prefer to use the H.264 video codec (if supported). - // Note that it's not recommended to do this because simulcast is not - // supported when using H.264. For 1-to-1 calls this setting is enabled by - // default and can be toggled in the p2p section. - // preferH264: true, - - // If set to true, disable H.264 video codec by stripping it out of the - // SDP. - // disableH264: false, - - // Desktop sharing - - // The ID of the jidesha extension for Chrome. - desktopSharingChromeExtId: null, - - // Whether desktop sharing should be disabled on Chrome. - // desktopSharingChromeDisabled: false, - - // The media sources to use when using screen sharing with the Chrome - // extension. - desktopSharingChromeSources: [ 'screen', 'window', 'tab' ], - - // Required version of Chrome extension - desktopSharingChromeMinExtVersion: '0.1', - - // Whether desktop sharing should be disabled on Firefox. - // desktopSharingFirefoxDisabled: false, - - // Optional desktop sharing frame rate options. Default value: min:5, max:5. - // desktopSharingFrameRate: { - // min: 5, - // max: 5 - // }, - - // Try to start calls with screen-sharing instead of camera video. - // startScreenSharing: false, - - // Recording - - // Whether to enable file recording or not. - // fileRecordingsEnabled: false, - // Enable the dropbox integration. - // dropbox: { - // appKey: '' // Specify your app key here. - // // A URL to redirect the user to, after authenticating - // // by default uses: - // // 'https://jitsi-meet.example.com/static/oauth.html' - // redirectURI: - // 'https://jitsi-meet.example.com/subfolder/static/oauth.html' - // }, - // When integrations like dropbox are enabled only that will be shown, - // by enabling fileRecordingsServiceEnabled, we show both the integrations - // and the generic recording service (its configuration and storage type - // depends on jibri configuration) - // fileRecordingsServiceEnabled: false, - // Whether to show the possibility to share file recording with other people - // (e.g. meeting participants), based on the actual implementation - // on the backend. - // fileRecordingsServiceSharingEnabled: false, - - // Whether to enable live streaming or not. - // liveStreamingEnabled: false, - - // Transcription (in interface_config, - // subtitles and buttons can be configured) - // transcribingEnabled: false, - - // Enables automatic turning on captions when recording is started - // autoCaptionOnRecord: false, - - // Misc - - // Default value for the channel "last N" attribute. -1 for unlimited. - channelLastN: -1, - - // // Options for the recording limit notification. - // recordingLimit: { - // - // // The recording limit in minutes. Note: This number appears in the notification text - // // but doesn't enforce the actual recording time limit. This should be configured in - // // jibri! - // limit: 60, - // - // // The name of the app with unlimited recordings. - // appName: 'Unlimited recordings APP', - // - // // The URL of the app with unlimited recordings. - // appURL: 'https://unlimited.recordings.app.com/' - // }, - - // Disables or enables RTX (RFC 4588) (defaults to false). - // disableRtx: false, - - // Disables or enables TCC (the default is in Jicofo and set to true) - // (draft-holmer-rmcat-transport-wide-cc-extensions-01). This setting - // affects congestion control, it practically enables send-side bandwidth - // estimations. - // enableTcc: true, - - // Disables or enables REMB (the default is in Jicofo and set to false) - // (draft-alvestrand-rmcat-remb-03). This setting affects congestion - // control, it practically enables recv-side bandwidth estimations. When - // both TCC and REMB are enabled, TCC takes precedence. When both are - // disabled, then bandwidth estimations are disabled. - // enableRemb: false, - - // Enables ICE restart logic in LJM and displays the page reload overlay on - // ICE failure. Current disabled by default because it's causing issues with - // signaling when Octo is enabled. Also when we do an "ICE restart"(which is - // not a real ICE restart), the client maintains the TCC sequence number - // counter, but the bridge resets it. The bridge sends media packets with - // TCC sequence numbers starting from 0. - // enableIceRestart: false, - - // Defines the minimum number of participants to start a call (the default - // is set in Jicofo and set to 2). - // minParticipants: 2, - - // Use the TURN servers discovered via XEP-0215 for the jitsi-videobridge - // connection - // useStunTurn: true, - - // Use TURN/UDP servers for the jitsi-videobridge connection (by default - // we filter out TURN/UDP because it is usually not needed since the - // bridge itself is reachable via UDP) - // useTurnUdp: false - - // Enables / disables a data communication channel with the Videobridge. - // Values can be 'datachannel', 'websocket', true (treat it as - // 'datachannel'), undefined (treat it as 'datachannel') and false (don't - // open any channel). - // openBridgeChannel: true, - - - // UI - // - - // Require users to always specify a display name. - // requireDisplayName: true, - - // Whether to use a welcome page or not. In case it's false a random room - // will be joined when no room is specified. - enableWelcomePage: true, - - // Enabling the close page will ignore the welcome page redirection when - // a call is hangup. - // enableClosePage: false, - - // Disable hiding of remote thumbnails when in a 1-on-1 conference call. - // disable1On1Mode: false, - - // Default language for the user interface. - // defaultLanguage: 'en', - - // If true all users without a token will be considered guests and all users - // with token will be considered non-guests. Only guests will be allowed to - // edit their profile. - enableUserRolesBasedOnToken: false, - - // Whether or not some features are checked based on token. - // enableFeaturesBasedOnToken: false, - - // Enable lock room for all moderators, even when userRolesBasedOnToken is enabled and participants are guests. - // lockRoomGuestEnabled: false, - - // When enabled the password used for locking a room is restricted to up to the number of digits specified - // roomPasswordNumberOfDigits: 10, - // default: roomPasswordNumberOfDigits: false, - - // Message to show the users. Example: 'The service will be down for - // maintenance at 01:00 AM GMT, - // noticeMessage: '', - - // Enables calendar integration, depends on googleApiApplicationClientID - // and microsoftApiApplicationClientID - // enableCalendarIntegration: false, - - // When 'true', it shows an intermediate page before joining, where the user can configure its devices. - // prejoinPageEnabled: false, - - // If true, shows the unsafe roon name warning label when a room name is - // deemed unsafe (due to the simplicity in the name) and a password is not - // set or the lobby is not enabled. - // enableInsecureRoomNameWarning: false, - - // Stats - // - - // Whether to enable stats collection or not in the TraceablePeerConnection. - // This can be useful for debugging purposes (post-processing/analysis of - // the webrtc stats) as it is done in the jitsi-meet-torture bandwidth - // estimation tests. - // gatherStats: false, - - // The interval at which PeerConnection.getStats() is called. Defaults to 10000 - // pcStatsInterval: 10000, - - // To enable sending statistics to callstats.io you must provide the - // Application ID and Secret. - // callStatsID: '', - // callStatsSecret: '', - - // enables sending participants display name to callstats - // enableDisplayNameInStats: false, - - // enables sending participants email if available to callstats and other analytics - // enableEmailInStats: false, - - // Privacy - // - - // If third party requests are disabled, no other server will be contacted. - // This means avatars will be locally generated and callstats integration - // will not function. - // disableThirdPartyRequests: false, - - - // Peer-To-Peer mode: used (if enabled) when there are just 2 participants. - // - - p2p: { - // Enables peer to peer mode. When enabled the system will try to - // establish a direct connection when there are exactly 2 participants - // in the room. If that succeeds the conference will stop sending data - // through the JVB and use the peer to peer connection instead. When a - // 3rd participant joins the conference will be moved back to the JVB - // connection. - enabled: true, - - // Use XEP-0215 to fetch STUN and TURN servers. - // useStunTurn: true, - - // The STUN servers that will be used in the peer to peer connections - stunServers: [ - - // { urls: 'stun:__DOMAIN__:4446' }, - { urls: 'stun:meet-jit-si-turnrelay.jitsi.net:443' } - ], - - // Sets the ICE transport policy for the p2p connection. At the time - // of this writing the list of possible values are 'all' and 'relay', - // but that is subject to change in the future. The enum is defined in - // the WebRTC standard: - // https://www.w3.org/TR/webrtc/#rtcicetransportpolicy-enum. - // If not set, the effective value is 'all'. - // iceTransportPolicy: 'all', - - // If set to true, it will prefer to use H.264 for P2P calls (if H.264 - // is supported). - preferH264: true - - // If set to true, disable H.264 video codec by stripping it out of the - // SDP. - // disableH264: false, - - // How long we're going to wait, before going back to P2P after the 3rd - // participant has left the conference (to filter out page reload). - // backToP2PDelay: 5 - }, - - analytics: { - // The Google Analytics Tracking ID: - // googleAnalyticsTrackingId: 'your-tracking-id-UA-123456-1' - - // Matomo configuration: - // matomoEndpoint: 'https://your-matomo-endpoint/', - // matomoSiteID: '42', - - // The Amplitude APP Key: - // amplitudeAPPKey: '' - - // Array of script URLs to load as lib-jitsi-meet "analytics handlers". - // scriptURLs: [ - // "libs/analytics-ga.min.js", // google-analytics - // "https://example.com/my-custom-analytics.js" - // ], - }, - - // Information about the jitsi-meet instance we are connecting to, including - // the user region as seen by the server. - deploymentInfo: { - // shard: "shard1", - // region: "europe", - // userRegion: "asia" - }, - - // Decides whether the start/stop recording audio notifications should play on record. - // disableRecordAudioNotification: false, - - // Information for the chrome extension banner - // chromeExtensionBanner: { - // // The chrome extension to be installed address - // url: 'https://chrome.google.com/webstore/detail/jitsi-meetings/kglhbbefdnlheedjiejgomgmfplipfeb', - - // // Extensions info which allows checking if they are installed or not - // chromeExtensionsInfo: [ - // { - // id: 'kglhbbefdnlheedjiejgomgmfplipfeb', - // path: 'jitsi-logo-48x48.png' - // } - // ] - // }, - - // Local Recording - // - - // localRecording: { - // Enables local recording. - // Additionally, 'localrecording' (all lowercase) needs to be added to - // TOOLBAR_BUTTONS in interface_config.js for the Local Recording - // button to show up on the toolbar. - // - // enabled: true, - // - - // The recording format, can be one of 'ogg', 'flac' or 'wav'. - // format: 'flac' - // - - // }, - - // Options related to end-to-end (participant to participant) ping. - // e2eping: { - // // The interval in milliseconds at which pings will be sent. - // // Defaults to 10000, set to <= 0 to disable. - // pingInterval: 10000, - // - // // The interval in milliseconds at which analytics events - // // with the measured RTT will be sent. Defaults to 60000, set - // // to <= 0 to disable. - // analyticsInterval: 60000, - // }, - - // If set, will attempt to use the provided video input device label when - // triggering a screenshare, instead of proceeding through the normal flow - // for obtaining a desktop stream. - // NOTE: This option is experimental and is currently intended for internal - // use only. - // _desktopSharingSourceDevice: 'sample-id-or-label', - - // If true, any checks to handoff to another application will be prevented - // and instead the app will continue to display in the current browser. - // disableDeepLinking: false, - - // A property to disable the right click context menu for localVideo - // the menu has option to flip the locally seen video for local presentations - // disableLocalVideoFlip: false, - - // Mainly privacy related settings - - // Disables all invite functions from the app (share, invite, dial out...etc) - // disableInviteFunctions: true, - - // Disables storing the room name to the recents list - // doNotStoreRoom: true, - - // Deployment specific URLs. - // deploymentUrls: { - // // If specified a 'Help' button will be displayed in the overflow menu with a link to the specified URL for - // // user documentation. - // userDocumentationURL: 'https://docs.example.com/video-meetings.html', - // // If specified a 'Download our apps' button will be displayed in the overflow menu with a link - // // to the specified URL for an app download page. - // downloadAppsUrl: 'https://docs.example.com/our-apps.html' - // }, - - // Options related to the remote participant menu. - // remoteVideoMenu: { - // // If set to true the 'Kick out' button will be disabled. - // disableKick: true - // }, - - // If set to true all muting operations of remote participants will be disabled. - // disableRemoteMute: true, - - /** - External API url used to receive branding specific information. - If there is no url set or there are missing fields, the defaults are applied. - None of the fieds are mandatory and the response must have the shape: - { - // The hex value for the colour used as background - backgroundColor: '#fff', - // The url for the image used as background - backgroundImageUrl: 'https://example.com/background-img.png', - // The anchor url used when clicking the logo image - logoClickUrl: 'https://example-company.org', - // The url used for the image used as logo - logoImageUrl: 'https://example.com/logo-img.png' - } - */ - // brandingDataUrl: '', - - // List of undocumented settings used in jitsi-meet - /** - _immediateReloadThreshold - autoRecord - autoRecordToken - debug - debugAudioLevels - deploymentInfo - dialInConfCodeUrl - dialInNumbersUrl - dialOutAuthUrl - dialOutCodesUrl - disableRemoteControl - displayJids - etherpad_base - externalConnectUrl - firefox_fake_device - googleApiApplicationClientID - iAmRecorder - iAmSipGateway - microsoftApiApplicationClientID - peopleSearchQueryTypes - peopleSearchUrl - requireDisplayName - tokenAuthUrl - */ - - // List of undocumented settings used in lib-jitsi-meet - /** - _peerConnStatusOutOfLastNTimeout - _peerConnStatusRtcMuteTimeout - abTesting - avgRtpStatsN - callStatsConfIDNamespace - callStatsCustomScriptUrl - desktopSharingSources - disableAEC - disableAGC - disableAP - disableHPF - disableNS - enableLipSync - enableTalkWhileMuted - forceJVB121Ratio - hiddenDomain - ignoreStartMuted - nick - startBitrate - */ - - - // Allow all above example options to include a trailing comma and - // prevent fear when commenting out the last value. - makeJsonParserHappy: 'even if last key had a trailing comma' - - // no configuration value should follow this line. -}; - -/* eslint-enable no-unused-vars, no-var */ diff --git a/conf/jicofo.src b/conf/jicofo.src deleted file mode 100644 index 162ef71..0000000 --- a/conf/jicofo.src +++ /dev/null @@ -1,7 +0,0 @@ -SOURCE_URL=https://download.jitsi.org/stable/jicofo_1.0-644-1_all.deb -SOURCE_SUM=3bb26605f64becbf29a2d9b1ef75ff8ef8536732c5fb93371789ddadae1077a4 -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=deb -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME=jicofo.deb -SOURCE_EXTRACT=false \ No newline at end of file diff --git a/conf/jitsi-jicofo.config b/conf/jitsi-jicofo-config similarity index 56% rename from conf/jitsi-jicofo.config rename to conf/jitsi-jicofo-config index 326a32d..15ee558 100644 --- a/conf/jitsi-jicofo.config +++ b/conf/jitsi-jicofo-config @@ -5,18 +5,12 @@ JICOFO_HOST=127.0.0.1 # sets the XMPP domain (default: none) JICOFO_HOSTNAME=__DOMAIN__ -# sets the port to use for the XMPP component connection -JICOFO_PORT=__PORT_COMPONENT__ - -# sets the secret used to authenticate as an XMPP component -JICOFO_SECRET=__FOCUS_SECRET__ +# sets the XMPP domain name to use for XMPP user logins +JICOFO_AUTH_DOMAIN=auth.__DOMAIN__ # sets the username to use for XMPP user logins JICOFO_AUTH_USER=__FOCUS_USER__ -# sets the XMPP domain name to use for XMPP user logins -JICOFO_AUTH_DOMAIN=auth.__DOMAIN__ - # sets the password to use for XMPP user logins JICOFO_AUTH_PASSWORD=__FOCUS_PASSWORD__ @@ -24,4 +18,4 @@ JICOFO_AUTH_PASSWORD=__FOCUS_PASSWORD__ JICOFO_OPTS="" # adds java system props that are passed to jicofo (default are for home and logging config file) -JAVA_SYS_PROPS="-Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/__APP__ -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=jicofo -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/__APP__ -Djava.util.logging.config.file=/etc/__APP__/jicofo/logging.properties" +JAVA_SYS_PROPS="-Dconfig.file=/etc/__APP__/jicofo/jicofo.conf -Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/__APP__ -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=jicofo -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/__APP__ -Djava.util.logging.config.file=/etc/__APP__/jicofo/logging.properties" diff --git a/conf/jitsi-jicofo-jicofo.conf b/conf/jitsi-jicofo-jicofo.conf new file mode 100644 index 0000000..c1b7c15 --- /dev/null +++ b/conf/jitsi-jicofo-jicofo.conf @@ -0,0 +1,13 @@ +# Jicofo HOCON configuration. See reference.conf in /usr/share/jicofo/jicofo.jar for +#available options, syntax, and default values. +jicofo { + xmpp: { + client: { + client-proxy: focus.__DOMAIN__ + } + trusted-domains: [ "recorder.__DOMAIN__" ] + } + bridge: { + brewery-jid: "JvbBrewery@internal.auth.__DOMAIN__" + } +} diff --git a/conf/jitsi-jicofo-logging.properties b/conf/jitsi-jicofo-logging.properties index 078e3e1..7181e26 100644 --- a/conf/jitsi-jicofo-logging.properties +++ b/conf/jitsi-jicofo-logging.properties @@ -6,23 +6,14 @@ handlers= java.util.logging.ConsoleHandler # Handlers with syslog enabled: #handlers= java.util.logging.ConsoleHandler, com.agafua.syslog.SyslogHandler +#handlers= java.util.logging.ConsoleHandler, io.sentry.jul.SentryHandler java.util.logging.ConsoleHandler.level = ALL -java.util.logging.ConsoleHandler.formatter = net.java.sip.communicator.util.ScLogFormatter +java.util.logging.ConsoleHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter java.util.logging.ConsoleHandler.filter = org.jitsi.impl.protocol.xmpp.log.ExcludeXmppPackets -net.java.sip.communicator.util.ScLogFormatter.programname=Jicofo - +org.jitsi.utils.logging2.JitsiLogFormatter.programname=Jicofo .level=INFO -net.sf.level=SEVERE -net.java.sip.communicator.plugin.reconnectplugin.level=FINE -org.ice4j.level=SEVERE -org.jitsi.impl.neomedia.level=SEVERE - -# Do not worry about missing strings -net.java.sip.communicator.service.resources.AbstractResourcesService.level=SEVERE - -#net.java.sip.communicator.service.protocol.level=ALL # To enable XMPP packets logging add XmppPacketsFileHandler to the handlers property org.jitsi.impl.protocol.xmpp.log.PacketDebugger.level=ALL @@ -31,17 +22,17 @@ org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler.append=true org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler.limit=200000000 org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler.count=3 -# Syslog(uncomment handler to use) +# Syslog (uncomment handler to use) com.agafua.syslog.SyslogHandler.transport = udp com.agafua.syslog.SyslogHandler.facility = local0 com.agafua.syslog.SyslogHandler.port = 514 -com.agafua.syslog.SyslogHandler.hostname = 127.0.0.1 -com.agafua.syslog.SyslogHandler.formatter = net.java.sip.communicator.util.ScLogFormatter +com.agafua.syslog.SyslogHandler.hostname = localhost +com.agafua.syslog.SyslogHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter com.agafua.syslog.SyslogHandler.escapeNewlines = false com.agafua.syslog.SyslogHandler.filter = org.jitsi.impl.protocol.xmpp.log.ExcludeXmppPackets -# to disable double timestamps in syslog uncomment next line -#net.java.sip.communicator.util.ScLogFormatter.disableTimestamp=true +# Sentry (uncomment handler to use) +io.sentry.jul.SentryHandler.level=WARNING # uncomment to see how Jicofo talks to the JVB #org.jitsi.impl.protocol.xmpp.colibri.level=ALL diff --git a/conf/jitsi-jicofo-sip-communicator.properties b/conf/jitsi-jicofo-sip-communicator.properties deleted file mode 100644 index a30f768..0000000 --- a/conf/jitsi-jicofo-sip-communicator.properties +++ /dev/null @@ -1,2 +0,0 @@ -org.jitsi.jicofo.BRIDGE_MUC=JvbBrewery@internal.auth.__DOMAIN__ -org.jitsi.jicofo.health.ENABLE_HEALTH_CHECKS=true diff --git a/conf/jitsi-jicofo.service b/conf/jitsi-jicofo.service index 339d861..a813643 100644 --- a/conf/jitsi-jicofo.service +++ b/conf/jitsi-jicofo.service @@ -6,8 +6,8 @@ After=network.target EnvironmentFile=/etc/__APP__/jicofo/config Environment=LOGFILE=/var/log/__APP__/jitsi-jicofo.log User=__APP__ -WorkingDirectory=__FINALPATH__/jicofo/ -ExecStart=/bin/bash -c "exec __FINALPATH__/jicofo/jicofo.sh --host=${JICOFO_HOST} --domain=${JICOFO_HOSTNAME} --port=${JICOFO_PORT} --secret=${JICOFO_SECRET} --user_name=${JICOFO_AUTH_USER} --user_domain=${JICOFO_AUTH_DOMAIN} --user_password=${JICOFO_AUTH_PASSWORD} ${JICOFO_OPTS} < /dev/null >> ${LOGFILE} 2>&1" +WorkingDirectory=__FINALPATH__/jitsi-jicofo/ +ExecStart=/bin/bash -c "exec __FINALPATH__/jitsi-jicofo/jicofo.sh --host=${JICOFO_HOST} --domain=${JICOFO_HOSTNAME} --port=${JICOFO_PORT} --secret=${JICOFO_SECRET} --user_name=${JICOFO_AUTH_USER} --user_domain=${JICOFO_AUTH_DOMAIN} --user_password=${JICOFO_AUTH_PASSWORD} ${JICOFO_OPTS} < /dev/null >> ${LOGFILE} 2>&1" [Install] WantedBy=multi-user.target diff --git a/conf/jitsi-jicofo.src b/conf/jitsi-jicofo.src new file mode 100644 index 0000000..569560d --- /dev/null +++ b/conf/jitsi-jicofo.src @@ -0,0 +1,7 @@ +SOURCE_URL=https://download.jitsi.org/stable/jicofo_1.0-846-1_all.deb +SOURCE_SUM=aac0143b8c83932d6f934a8b6fca54c75f541613aab8beb9e96ce5b0eb9051bf +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=deb +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME=jitsi-jicofo.deb +SOURCE_EXTRACT=false \ No newline at end of file diff --git a/conf/jitsi-meet-config.js b/conf/jitsi-meet-config.js new file mode 100644 index 0000000..011c458 --- /dev/null +++ b/conf/jitsi-meet-config.js @@ -0,0 +1,1264 @@ +/* eslint-disable no-unused-vars, no-var */ + +var config = { + // Connection + // + + hosts: { + // XMPP domain. + domain: '__DOMAIN__', + + // When using authentication, domain for guest users. + // anonymousdomain: 'guest.example.com', + + // Domain for authenticated users. Defaults to . + // authdomain: '__DOMAIN__', + + // Focus component domain. Defaults to focus.. + // focus: 'focus.__DOMAIN__', + + // XMPP MUC domain. FIXME: use XEP-0030 to discover it. + muc: 'conference.__DOMAIN__' + }, + + // BOSH URL. FIXME: use XEP-0156 to discover it. + bosh: '//__DOMAIN__/http-bind', + + // Websocket URL + // websocket: 'wss://__DOMAIN__/xmpp-websocket', + + // The real JID of focus participant - can be overridden here + // Do not change username - FIXME: Make focus username configurable + // https://github.com/jitsi/jitsi-meet/issues/7376 + // focusUserJid: 'focus@auth.__DOMAIN__', + + + // Testing / experimental features. + // + + testing: { + // Disables the End to End Encryption feature. Useful for debugging + // issues related to insertable streams. + // disableE2EE: false, + + // Enables/disables thumbnail reordering in the filmstrip. It is enabled by default unless explicitly + // disabled by the below option. + // enableThumbnailReordering: true, + + // Enables XMPP WebSocket (as opposed to BOSH) for the given amount of users. + // mobileXmppWsThreshold: 10 // enable XMPP WebSockets on mobile for 10% of the users + + // P2P test mode disables automatic switching to P2P when there are 2 + // participants in the conference. + // p2pTestMode: false, + + // Enables the test specific features consumed by jitsi-meet-torture + // testMode: false + + // Disables the auto-play behavior of *all* newly created video element. + // This is useful when the client runs on a host with limited resources. + // noAutoPlayVideo: false + + // Enable / disable 500 Kbps bitrate cap on desktop tracks. When enabled, + // simulcast is turned off for the desktop share. If presenter is turned + // on while screensharing is in progress, the max bitrate is automatically + // adjusted to 2.5 Mbps. This takes a value between 0 and 1 which determines + // the probability for this to be enabled. This setting has been deprecated. + // desktopSharingFrameRate.max now determines whether simulcast will be enabled + // or disabled for the screenshare. + // capScreenshareBitrate: 1 // 0 to disable - deprecated. + + // Enable callstats only for a percentage of users. + // This takes a value between 0 and 100 which determines the probability for + // the callstats to be enabled. + // callStatsThreshold: 5 // enable callstats for 5% of the users. + }, + + // Feature Flags. + flags: { + // Enables source names in the signaling. + // sourceNameSignaling: false, + }, + + // Disables moderator indicators. + // disableModeratorIndicator: false, + + // Disables the reactions feature. + // disableReactions: true, + + // Disables the reactions moderation feature. + // disableReactionsModeration: false, + + // Disables polls feature. + // disablePolls: false, + + // Disables self-view tile. (hides it from tile view and from filmstrip) + // disableSelfView: false, + + // Disables self-view settings in UI + // disableSelfViewSettings: false, + + // screenshotCapture : { + // Enables the screensharing capture feature. + // enabled: false, + // + // The mode for the screenshot capture feature. + // Can be either 'recording' - screensharing screenshots are taken + // only when the recording is also on, + // or 'always' - screensharing screenshots are always taken. + // mode: 'recording' + // } + + // Disables ICE/UDP by filtering out local and remote UDP candidates in + // signalling. + // webrtcIceUdpDisable: false, + + // Disables ICE/TCP by filtering out local and remote TCP candidates in + // signalling. + // webrtcIceTcpDisable: false, + + + // Media + // + + // Enable unified plan implementation support on Chromium based browsers. + // enableUnifiedOnChrome: false, + + // Audio + + // Disable measuring of audio levels. + // disableAudioLevels: false, + // audioLevelsInterval: 200, + + // Enabling this will run the lib-jitsi-meet no audio detection module which + // will notify the user if the current selected microphone has no audio + // input and will suggest another valid device if one is present. + enableNoAudioDetection: true, + + // Enabling this will show a "Save Logs" link in the GSM popover that can be + // used to collect debug information (XMPP IQs, SDP offer/answer cycles) + // about the call. + // enableSaveLogs: false, + + // Enabling this will hide the "Show More" link in the GSM popover that can be + // used to display more statistics about the connection (IP, Port, protocol, etc). + // disableShowMoreStats: true, + + // Enabling this will run the lib-jitsi-meet noise detection module which will + // notify the user if there is noise, other than voice, coming from the current + // selected microphone. The purpose it to let the user know that the input could + // be potentially unpleasant for other meeting participants. + enableNoisyMicDetection: true, + + // Start the conference in audio only mode (no video is being received nor + // sent). + // startAudioOnly: false, + + // Every participant after the Nth will start audio muted. + // startAudioMuted: 10, + + // Start calls with audio muted. Unlike the option above, this one is only + // applied locally. FIXME: having these 2 options is confusing. + // startWithAudioMuted: false, + + // Enabling it (with #params) will disable local audio output of remote + // participants and to enable it back a reload is needed. + // startSilent: false + + // Enables support for opus-red (redundancy for Opus). + // enableOpusRed: false, + + // Specify audio quality stereo and opusMaxAverageBitrate values in order to enable HD audio. + // Beware, by doing so, you are disabling echo cancellation, noise suppression and AGC. + // audioQuality: { + // stereo: false, + // opusMaxAverageBitrate: null // Value to fit the 6000 to 510000 range. + // }, + + // Video + + // Sets the preferred resolution (height) for local video. Defaults to 720. + // resolution: 720, + + // Specifies whether the raised hand will hide when someone becomes a dominant speaker or not + // disableRemoveRaisedHandOnFocus: false, + + // Specifies whether there will be a search field in speaker stats or not + // disableSpeakerStatsSearch: false, + + // Specifies whether participants in speaker stats should be ordered or not, and with what priority + // speakerStatsOrder: [ + // 'role', <- Moderators on top + // 'name', <- Alphabetically by name + // 'hasLeft', <- The ones that have left in the bottom + // ] <- the order of the array elements determines priority + + // How many participants while in the tile view mode, before the receiving video quality is reduced from HD to SD. + // Use -1 to disable. + // maxFullResolutionParticipants: 2, + + // w3c spec-compliant video constraints to use for video capture. Currently + // used by browsers that return true from lib-jitsi-meet's + // util#browser#usesNewGumFlow. The constraints are independent from + // this config's resolution value. Defaults to requesting an ideal + // resolution of 720p. + // constraints: { + // video: { + // height: { + // ideal: 720, + // max: 720, + // min: 240 + // } + // } + // }, + + // Enable / disable simulcast support. + // disableSimulcast: false, + + // Enable / disable layer suspension. If enabled, endpoints whose HD layers are not in use will be suspended + // (no longer sent) until they are requested again. This is enabled by default. This must be enabled for screen + // sharing to work as expected on Chrome. Disabling this might result in low resolution screenshare being sent + // by the client. + // enableLayerSuspension: false, + + // Every participant after the Nth will start video muted. + // startVideoMuted: 10, + + // Start calls with video muted. Unlike the option above, this one is only + // applied locally. FIXME: having these 2 options is confusing. + // startWithVideoMuted: false, + + // If set to true, prefer to use the H.264 video codec (if supported). + // Note that it's not recommended to do this because simulcast is not + // supported when using H.264. For 1-to-1 calls this setting is enabled by + // default and can be toggled in the p2p section. + // This option has been deprecated, use preferredCodec under videoQuality section instead. + // preferH264: true, + + // If set to true, disable H.264 video codec by stripping it out of the + // SDP. + // disableH264: false, + + // Desktop sharing + + // Optional desktop sharing frame rate options. Default value: min:5, max:5. + // desktopSharingFrameRate: { + // min: 5, + // max: 5 + // }, + + // This option has been deprecated since it is no longer supported as per the w3c spec. + // https://w3c.github.io/mediacapture-screen-share/#dom-mediadevices-getdisplaymedia. If the user has not + // interacted with the webpage before the getDisplayMedia call, the promise will be rejected by the browser. This + // has already been implemented in Firefox and Safari and will be implemented in Chrome soon. + // https://bugs.chromium.org/p/chromium/issues/detail?id=1198918 + // startScreenSharing: false, + + // Recording + + // Whether to enable file recording or not. + // fileRecordingsEnabled: false, + // Enable the dropbox integration. + // dropbox: { + // appKey: '' // Specify your app key here. + // // A URL to redirect the user to, after authenticating + // // by default uses: + // // 'https://__DOMAIN__/static/oauth.html' + // redirectURI: + // 'https://__DOMAIN__/subfolder/static/oauth.html' + // }, + // When integrations like dropbox are enabled only that will be shown, + // by enabling fileRecordingsServiceEnabled, we show both the integrations + // and the generic recording service (its configuration and storage type + // depends on jibri configuration) + // fileRecordingsServiceEnabled: false, + // Whether to show the possibility to share file recording with other people + // (e.g. meeting participants), based on the actual implementation + // on the backend. + // fileRecordingsServiceSharingEnabled: false, + + // Whether to enable live streaming or not. + // liveStreamingEnabled: false, + + // Transcription (in interface_config, + // subtitles and buttons can be configured) + // transcribingEnabled: false, + + // If true transcriber will use the application language. + // The application language is either explicitly set by participants in their settings or automatically + // detected based on the environment, e.g. if the app is opened in a chrome instance which is using french as its + // default language then transcriptions for that participant will be in french. + // Defaults to true. + // transcribeWithAppLanguage: true, + + // Transcriber language. This settings will only work if "transcribeWithAppLanguage" is explicitly set to false. + // Available languages can be found in + // ./src/react/features/transcribing/transcriber-langs.json. + // preferredTranscribeLanguage: 'en-US', + + // Enables automatic turning on captions when recording is started + // autoCaptionOnRecord: false, + + // Misc + + // Default value for the channel "last N" attribute. -1 for unlimited. + channelLastN: -1, + + // Connection indicators + // connectionIndicators: { + // autoHide: true, + // autoHideTimeout: 5000, + // disabled: false, + // disableDetails: false, + // inactiveDisabled: false + // }, + + // Provides a way for the lastN value to be controlled through the UI. + // When startLastN is present, conference starts with a last-n value of startLastN and channelLastN + // value will be used when the quality level is selected using "Manage Video Quality" slider. + // startLastN: 1, + + // Provides a way to use different "last N" values based on the number of participants in the conference. + // The keys in an Object represent number of participants and the values are "last N" to be used when number of + // participants gets to or above the number. + // + // For the given example mapping, "last N" will be set to 20 as long as there are at least 5, but less than + // 29 participants in the call and it will be lowered to 15 when the 30th participant joins. The 'channelLastN' + // will be used as default until the first threshold is reached. + // + // lastNLimits: { + // 5: 20, + // 30: 15, + // 50: 10, + // 70: 5, + // 90: 2 + // }, + + // Provides a way to translate the legacy bridge signaling messages, 'LastNChangedEvent', + // 'SelectedEndpointsChangedEvent' and 'ReceiverVideoConstraint' into the new 'ReceiverVideoConstraints' message + // that invokes the new bandwidth allocation algorithm in the bridge which is described here + // - https://github.com/jitsi/jitsi-videobridge/blob/master/doc/allocation.md. + // useNewBandwidthAllocationStrategy: false, + + // Specify the settings for video quality optimizations on the client. + // videoQuality: { + // // Provides a way to prevent a video codec from being negotiated on the JVB connection. The codec specified + // // here will be removed from the list of codecs present in the SDP answer generated by the client. If the + // // same codec is specified for both the disabled and preferred option, the disable settings will prevail. + // // Note that 'VP8' cannot be disabled since it's a mandatory codec, the setting will be ignored in this case. + // disabledCodec: 'H264', + // + // // Provides a way to set a preferred video codec for the JVB connection. If 'H264' is specified here, + // // simulcast will be automatically disabled since JVB doesn't support H264 simulcast yet. This will only + // // rearrange the the preference order of the codecs in the SDP answer generated by the browser only if the + // // preferred codec specified here is present. Please ensure that the JVB offers the specified codec for this + // // to take effect. + // preferredCodec: 'VP8', + // + // // Provides a way to enforce the preferred codec for the conference even when the conference has endpoints + // // that do not support the preferred codec. For example, older versions of Safari do not support VP9 yet. + // // This will result in Safari not being able to decode video from endpoints sending VP9 video. + // // When set to false, the conference falls back to VP8 whenever there is an endpoint that doesn't support the + // // preferred codec and goes back to the preferred codec when that endpoint leaves. + // // enforcePreferredCodec: false, + // + // // Provides a way to configure the maximum bitrates that will be enforced on the simulcast streams for + // // video tracks. The keys in the object represent the type of the stream (LD, SD or HD) and the values + // // are the max.bitrates to be set on that particular type of stream. The actual send may vary based on + // // the available bandwidth calculated by the browser, but it will be capped by the values specified here. + // // This is currently not implemented on app based clients on mobile. + // maxBitratesVideo: { + // H264: { + // low: 200000, + // standard: 500000, + // high: 1500000 + // }, + // VP8 : { + // low: 200000, + // standard: 500000, + // high: 1500000 + // }, + // VP9: { + // low: 100000, + // standard: 300000, + // high: 1200000 + // } + // }, + // + // // The options can be used to override default thresholds of video thumbnail heights corresponding to + // // the video quality levels used in the application. At the time of this writing the allowed levels are: + // // 'low' - for the low quality level (180p at the time of this writing) + // // 'standard' - for the medium quality level (360p) + // // 'high' - for the high quality level (720p) + // // The keys should be positive numbers which represent the minimal thumbnail height for the quality level. + // // + // // With the default config value below the application will use 'low' quality until the thumbnails are + // // at least 360 pixels tall. If the thumbnail height reaches 720 pixels then the application will switch to + // // the high quality. + // minHeightForQualityLvl: { + // 360: 'standard', + // 720: 'high' + // }, + // + // // Provides a way to resize the desktop track to 720p (if it is greater than 720p) before creating a canvas + // // for the presenter mode (camera picture-in-picture mode with screenshare). + // resizeDesktopForPresenter: false + // }, + + // Notification timeouts + // notificationTimeouts: { + // short: 2500, + // medium: 5000, + // long: 10000 + // }, + + // // Options for the recording limit notification. + // recordingLimit: { + // + // // The recording limit in minutes. Note: This number appears in the notification text + // // but doesn't enforce the actual recording time limit. This should be configured in + // // jibri! + // limit: 60, + // + // // The name of the app with unlimited recordings. + // appName: 'Unlimited recordings APP', + // + // // The URL of the app with unlimited recordings. + // appURL: 'https://unlimited.recordings.app.com/' + // }, + + // Disables or enables RTX (RFC 4588) (defaults to false). + // disableRtx: false, + + // Moves all Jitsi Meet 'beforeunload' logic (cleanup, leaving, disconnecting, etc) to the 'unload' event. + // disableBeforeUnloadHandlers: true, + + // Disables or enables TCC support in this client (default: enabled). + // enableTcc: true, + + // Disables or enables REMB support in this client (default: enabled). + // enableRemb: true, + + // Enables ICE restart logic in LJM and displays the page reload overlay on + // ICE failure. Current disabled by default because it's causing issues with + // signaling when Octo is enabled. Also when we do an "ICE restart"(which is + // not a real ICE restart), the client maintains the TCC sequence number + // counter, but the bridge resets it. The bridge sends media packets with + // TCC sequence numbers starting from 0. + // enableIceRestart: false, + + // Enables forced reload of the client when the call is migrated as a result of + // the bridge going down. + // enableForcedReload: true, + + // Use TURN/UDP servers for the jitsi-videobridge connection (by default + // we filter out TURN/UDP because it is usually not needed since the + // bridge itself is reachable via UDP) + // useTurnUdp: false + + // Enable support for encoded transform in supported browsers. This allows + // E2EE to work in Safari if the corresponding flag is enabled in the browser. + // Experimental. + // enableEncodedTransformSupport: false, + + // UI + // + + // Disables responsive tiles. + // disableResponsiveTiles: false, + + // Hides lobby button + // hideLobbyButton: false, + + // If Lobby is enabled starts knocking automatically. + // autoKnockLobby: false, + + // Hides add breakout room button + // hideAddRoomButton: false, + + // Require users to always specify a display name. + // requireDisplayName: true, + + // Whether to use a welcome page or not. In case it's false a random room + // will be joined when no room is specified. + enableWelcomePage: true, + + // Disable app shortcuts that are registered upon joining a conference + // disableShortcuts: false, + + // Disable initial browser getUserMedia requests. + // This is useful for scenarios where users might want to start a conference for screensharing only + // disableInitialGUM: false, + + // Enabling the close page will ignore the welcome page redirection when + // a call is hangup. + // enableClosePage: false, + + // Disable hiding of remote thumbnails when in a 1-on-1 conference call. + // Setting this to null, will also disable showing the remote videos + // when the toolbar is shown on mouse movements + // disable1On1Mode: null | false | true, + + // Default local name to be displayed + // defaultLocalDisplayName: 'me', + + // Default remote name to be displayed + // defaultRemoteDisplayName: 'Fellow Jitster', + + // Hides the display name from the participant thumbnail + // hideDisplayName: false, + + // Hides the dominant speaker name badge that hovers above the toolbox + // hideDominantSpeakerBadge: false, + + // Default language for the user interface. + // defaultLanguage: 'en', + + // Disables profile and the edit of all fields from the profile settings (display name and email) + // disableProfile: false, + + // Hides the email section under profile settings. + // hideEmailInSettings: false, + + // Whether or not some features are checked based on token. + // enableFeaturesBasedOnToken: false, + + // When enabled the password used for locking a room is restricted to up to the number of digits specified + // roomPasswordNumberOfDigits: 10, + // default: roomPasswordNumberOfDigits: false, + + // Message to show the users. Example: 'The service will be down for + // maintenance at 01:00 AM GMT, + // noticeMessage: '', + + // Enables calendar integration, depends on googleApiApplicationClientID + // and microsoftApiApplicationClientID + // enableCalendarIntegration: false, + + // Configs for prejoin page. + // prejoinConfig: { + // // When 'true', it shows an intermediate page before joining, where the user can configure their devices. + // // This replaces `prejoinPageEnabled`. + // enabled: true, + // // List of buttons to hide from the extra join options dropdown. + // hideExtraJoinButtons: ['no-audio', 'by-phone'] + // }, + + // When 'true', the user cannot edit the display name. + // (Mainly useful when used in conjuction with the JWT so the JWT name becomes read only.) + // readOnlyName: false, + + // If etherpad integration is enabled, setting this to true will + // automatically open the etherpad when a participant joins. This + // does not affect the mobile app since opening an etherpad + // obscures the conference controls -- it's better to let users + // choose to open the pad on their own in that case. + // openSharedDocumentOnJoin: false, + + // If true, shows the unsafe room name warning label when a room name is + // deemed unsafe (due to the simplicity in the name) and a password is not + // set or the lobby is not enabled. + // enableInsecureRoomNameWarning: false, + + // Whether to automatically copy invitation URL after creating a room. + // Document should be focused for this option to work + // enableAutomaticUrlCopy: false, + + // Array with avatar URL prefixes that need to use CORS. + // corsAvatarURLs: [ 'https://www.gravatar.com/avatar/' ], + + // Base URL for a Gravatar-compatible service. Defaults to libravatar. + // gravatarBaseURL: 'https://seccdn.libravatar.org/avatar/', + + // App name to be displayed in the invitation email subject, as an alternative to + // interfaceConfig.APP_NAME. + // inviteAppName: null, + + // Moved from interfaceConfig(TOOLBAR_BUTTONS). + // The name of the toolbar buttons to display in the toolbar, including the + // "More actions" menu. If present, the button will display. Exceptions are + // "livestreaming" and "recording" which also require being a moderator and + // some other values in config.js to be enabled. Also, the "profile" button will + // not display for users with a JWT. + // Notes: + // - it's impossible to choose which buttons go in the "More actions" menu + // - it's impossible to control the placement of buttons + // - 'desktop' controls the "Share your screen" button + // - if `toolbarButtons` is undefined, we fallback to enabling all buttons on the UI + // toolbarButtons: [ + // 'camera', + // 'chat', + // 'closedcaptions', + // 'desktop', + // 'download', + // 'embedmeeting', + // 'etherpad', + // 'feedback', + // 'filmstrip', + // 'fullscreen', + // 'hangup', + // 'help', + // 'invite', + // 'livestreaming', + // 'microphone', + // 'mute-everyone', + // 'mute-video-everyone', + // 'participants-pane', + // 'profile', + // 'raisehand', + // 'recording', + // 'security', + // 'select-background', + // 'settings', + // 'shareaudio', + // 'sharedvideo', + // 'shortcuts', + // 'stats', + // 'tileview', + // 'toggle-camera', + // 'videoquality', + // '__end' + // ], + + // Holds values related to toolbar visibility control. + // toolbarConfig: { + // // Moved from interfaceConfig.INITIAL_TOOLBAR_TIMEOUT + // // The initial numer of miliseconds for the toolbar buttons to be visible on screen. + // initialTimeout: 20000, + // // Moved from interfaceConfig.TOOLBAR_TIMEOUT + // // Number of miliseconds for the toolbar buttons to be visible on screen. + // timeout: 4000, + // // Moved from interfaceConfig.TOOLBAR_ALWAYS_VISIBLE + // // Whether toolbar should be always visible or should hide after x miliseconds. + // alwaysVisible: false + // }, + + // Toolbar buttons which have their click/tap event exposed through the API on + // `toolbarButtonClicked`. Passing a string for the button key will + // prevent execution of the click/tap routine; passing an object with `key` and + // `preventExecution` flag on false will not prevent execution of the click/tap + // routine. Below array with mixed mode for passing the buttons. + // buttonsWithNotifyClick: [ + // 'camera', + // { + // key: 'chat', + // preventExecution: false + // }, + // { + // key: 'closedcaptions', + // preventExecution: true + // }, + // 'desktop', + // 'download', + // 'embedmeeting', + // 'etherpad', + // 'feedback', + // 'filmstrip', + // 'fullscreen', + // 'hangup', + // 'help', + // { + // key: 'invite', + // preventExecution: false + // }, + // 'livestreaming', + // 'microphone', + // 'mute-everyone', + // 'mute-video-everyone', + // 'participants-pane', + // 'profile', + // { + // key: 'raisehand', + // preventExecution: true + // }, + // 'recording', + // 'security', + // 'select-background', + // 'settings', + // 'shareaudio', + // 'sharedvideo', + // 'shortcuts', + // 'stats', + // 'tileview', + // 'toggle-camera', + // 'videoquality', + // // The add passcode button from the security dialog. + // { + // key: 'add-passcode', + // preventExecution: false + // } + // '__end' + // ], + + // List of pre meeting screens buttons to hide. The values must be one or more of the 5 allowed buttons: + // 'microphone', 'camera', 'select-background', 'invite', 'settings' + // hiddenPremeetingButtons: [], + + // Stats + // + + // Whether to enable stats collection or not in the TraceablePeerConnection. + // This can be useful for debugging purposes (post-processing/analysis of + // the webrtc stats) as it is done in the jitsi-meet-torture bandwidth + // estimation tests. + // gatherStats: false, + + // The interval at which PeerConnection.getStats() is called. Defaults to 10000 + // pcStatsInterval: 10000, + + // To enable sending statistics to callstats.io you must provide the + // Application ID and Secret. + // callStatsID: '', + // callStatsSecret: '', + + // The callstats initialize config params as described in the API: + // https://docs.callstats.io/docs/javascript#callstatsinitialize-with-app-secret + // callStatsConfigParams: { + // disableBeforeUnloadHandler: true, // disables callstats.js's window.onbeforeunload parameter. + // applicationVersion: "app_version", // Application version specified by the developer. + // disablePrecalltest: true, // disables the pre-call test, it is enabled by default. + // siteID: "siteID", // The name/ID of the site/campus from where the call/pre-call test is made. + // additionalIDs: { // additionalIDs object, contains application related IDs. + // customerID: "Customer Identifier. Example, walmart.", + // tenantID: "Tenant Identifier. Example, monster.", + // productName: "Product Name. Example, Jitsi.", + // meetingsName: "Meeting Name. Example, Jitsi loves callstats.", + // serverName: "Server/MiddleBox Name. Example, jvb-prod-us-east-mlkncws12.", + // pbxID: "PBX Identifier. Example, walmart.", + // pbxExtensionID: "PBX Extension Identifier. Example, 5625.", + // fqExtensionID: "Fully qualified Extension Identifier. Example, +71 (US) +5625.", + // sessionID: "Session Identifier. Example, session-12-34" + // }, + // collectLegacyStats: true, //enables the collection of legacy stats in chrome browser + // collectIP: true //enables the collection localIP address + // }, + + // Enables sending participants' display names to callstats + // enableDisplayNameInStats: false, + + // Enables sending participants' emails (if available) to callstats and other analytics + // enableEmailInStats: false, + + // Enables detecting faces of participants and get their expression and send it to other participants + // enableFacialRecognition: true, + + // Controls the percentage of automatic feedback shown to participants when callstats is enabled. + // The default value is 100%. If set to 0, no automatic feedback will be requested + // feedbackPercentage: 100, + + // Privacy + // + + // If third party requests are disabled, no other server will be contacted. + // This means avatars will be locally generated and callstats integration + // will not function. + // disableThirdPartyRequests: false, + + + // Peer-To-Peer mode: used (if enabled) when there are just 2 participants. + // + + p2p: { + // Enables peer to peer mode. When enabled the system will try to + // establish a direct connection when there are exactly 2 participants + // in the room. If that succeeds the conference will stop sending data + // through the JVB and use the peer to peer connection instead. When a + // 3rd participant joins the conference will be moved back to the JVB + // connection. + enabled: true, + + // Enable unified plan implementation support on Chromium for p2p connection. + // enableUnifiedOnChrome: false, + + // Sets the ICE transport policy for the p2p connection. At the time + // of this writing the list of possible values are 'all' and 'relay', + // but that is subject to change in the future. The enum is defined in + // the WebRTC standard: + // https://www.w3.org/TR/webrtc/#rtcicetransportpolicy-enum. + // If not set, the effective value is 'all'. + // iceTransportPolicy: 'all', + + // If set to true, it will prefer to use H.264 for P2P calls (if H.264 + // is supported). This setting is deprecated, use preferredCodec instead. + // preferH264: true, + + // Provides a way to set the video codec preference on the p2p connection. Acceptable + // codec values are 'VP8', 'VP9' and 'H264'. + // preferredCodec: 'H264', + + // If set to true, disable H.264 video codec by stripping it out of the + // SDP. This setting is deprecated, use disabledCodec instead. + // disableH264: false, + + // Provides a way to prevent a video codec from being negotiated on the p2p connection. + // disabledCodec: '', + + // How long we're going to wait, before going back to P2P after the 3rd + // participant has left the conference (to filter out page reload). + // backToP2PDelay: 5, + + // The STUN servers that will be used in the peer to peer connections + stunServers: [ + + // { urls: 'stun:__DOMAIN__:3478' }, + { urls: 'stun:meet-jit-si-turnrelay.jitsi.net:443' } + ] + }, + + analytics: { + // True if the analytics should be disabled + // disabled: false, + + // The Google Analytics Tracking ID: + // googleAnalyticsTrackingId: 'your-tracking-id-UA-123456-1' + + // Matomo configuration: + // matomoEndpoint: 'https://your-matomo-endpoint/', + // matomoSiteID: '42', + + // The Amplitude APP Key: + // amplitudeAPPKey: '' + + // Configuration for the rtcstats server: + // By enabling rtcstats server every time a conference is joined the rtcstats + // module connects to the provided rtcstatsEndpoint and sends statistics regarding + // PeerConnection states along with getStats metrics polled at the specified + // interval. + // rtcstatsEnabled: false, + + // In order to enable rtcstats one needs to provide a endpoint url. + // rtcstatsEndpoint: wss://rtcstats-server-pilot.jitsi.net/, + + // The interval at which rtcstats will poll getStats, defaults to 1000ms. + // If the value is set to 0 getStats won't be polled and the rtcstats client + // will only send data related to RTCPeerConnection events. + // rtcstatsPolIInterval: 1000, + + // Array of script URLs to load as lib-jitsi-meet "analytics handlers". + // scriptURLs: [ + // "libs/analytics-ga.min.js", // google-analytics + // "https://example.com/my-custom-analytics.js" + // ], + }, + + // Logs that should go be passed through the 'log' event if a handler is defined for it + // apiLogLevels: ['warn', 'log', 'error', 'info', 'debug'], + + // Information about the jitsi-meet instance we are connecting to, including + // the user region as seen by the server. + deploymentInfo: { + // shard: "shard1", + // region: "europe", + // userRegion: "asia" + }, + + // Array of disabled sounds. + // Possible values: + // - 'ASKED_TO_UNMUTE_SOUND' + // - 'E2EE_OFF_SOUND' + // - 'E2EE_ON_SOUND' + // - 'INCOMING_MSG_SOUND' + // - 'KNOCKING_PARTICIPANT_SOUND' + // - 'LIVE_STREAMING_OFF_SOUND' + // - 'LIVE_STREAMING_ON_SOUND' + // - 'NO_AUDIO_SIGNAL_SOUND' + // - 'NOISY_AUDIO_INPUT_SOUND' + // - 'OUTGOING_CALL_EXPIRED_SOUND' + // - 'OUTGOING_CALL_REJECTED_SOUND' + // - 'OUTGOING_CALL_RINGING_SOUND' + // - 'OUTGOING_CALL_START_SOUND' + // - 'PARTICIPANT_JOINED_SOUND' + // - 'PARTICIPANT_LEFT_SOUND' + // - 'RAISE_HAND_SOUND' + // - 'REACTION_SOUND' + // - 'RECORDING_OFF_SOUND' + // - 'RECORDING_ON_SOUND' + // - 'TALK_WHILE_MUTED_SOUND' + // disabledSounds: [], + + // DEPRECATED! Use `disabledSounds` instead. + // Decides whether the start/stop recording audio notifications should play on record. + // disableRecordAudioNotification: false, + + // DEPRECATED! Use `disabledSounds` instead. + // Disables the sounds that play when other participants join or leave the + // conference (if set to true, these sounds will not be played). + // disableJoinLeaveSounds: false, + + // DEPRECATED! Use `disabledSounds` instead. + // Disables the sounds that play when a chat message is received. + // disableIncomingMessageSound: false, + + // Information for the chrome extension banner + // chromeExtensionBanner: { + // // The chrome extension to be installed address + // url: 'https://chrome.google.com/webstore/detail/jitsi-meetings/kglhbbefdnlheedjiejgomgmfplipfeb', + + // // Extensions info which allows checking if they are installed or not + // chromeExtensionsInfo: [ + // { + // id: 'kglhbbefdnlheedjiejgomgmfplipfeb', + // path: 'jitsi-logo-48x48.png' + // } + // ] + // }, + + // Local Recording + // + + // localRecording: { + // Enables local recording. + // Additionally, 'localrecording' (all lowercase) needs to be added to + // the `toolbarButtons`-array for the Local Recording button to show up + // on the toolbar. + // + // enabled: true, + // + + // The recording format, can be one of 'ogg', 'flac' or 'wav'. + // format: 'flac' + // + + // }, + // e2ee: { + // labels, + // externallyManagedKey: false + // }, + + // Options related to end-to-end (participant to participant) ping. + // e2eping: { + // // The interval in milliseconds at which pings will be sent. + // // Defaults to 10000, set to <= 0 to disable. + // pingInterval: 10000, + // + // // The interval in milliseconds at which analytics events + // // with the measured RTT will be sent. Defaults to 60000, set + // // to <= 0 to disable. + // analyticsInterval: 60000, + // }, + + // If set, will attempt to use the provided video input device label when + // triggering a screenshare, instead of proceeding through the normal flow + // for obtaining a desktop stream. + // NOTE: This option is experimental and is currently intended for internal + // use only. + // _desktopSharingSourceDevice: 'sample-id-or-label', + + // If true, any checks to handoff to another application will be prevented + // and instead the app will continue to display in the current browser. + // disableDeepLinking: false, + + // A property to disable the right click context menu for localVideo + // the menu has option to flip the locally seen video for local presentations + // disableLocalVideoFlip: false, + + // A property used to unset the default flip state of the local video. + // When it is set to 'true', the local(self) video will not be mirrored anymore. + // doNotFlipLocalVideo: false, + + // Mainly privacy related settings + + // Disables all invite functions from the app (share, invite, dial out...etc) + // disableInviteFunctions: true, + + // Disables storing the room name to the recents list + // doNotStoreRoom: true, + + // Deployment specific URLs. + // deploymentUrls: { + // // If specified a 'Help' button will be displayed in the overflow menu with a link to the specified URL for + // // user documentation. + // userDocumentationURL: 'https://docs.example.com/video-meetings.html', + // // If specified a 'Download our apps' button will be displayed in the overflow menu with a link + // // to the specified URL for an app download page. + // downloadAppsUrl: 'https://docs.example.com/our-apps.html' + // }, + + // Options related to the remote participant menu. + // remoteVideoMenu: { + // // If set to true the 'Kick out' button will be disabled. + // disableKick: true, + // // If set to true the 'Grant moderator' button will be disabled. + // disableGrantModerator: true + // }, + + // If set to true all muting operations of remote participants will be disabled. + // disableRemoteMute: true, + + // Enables support for lip-sync for this client (if the browser supports it). + // enableLipSync: false + + /** + External API url used to receive branding specific information. + If there is no url set or there are missing fields, the defaults are applied. + The config file should be in JSON. + None of the fields are mandatory and the response must have the shape: + { + // The domain url to apply (will replace the domain in the sharing conference link/embed section) + inviteDomain: 'example-company.org, + // The hex value for the colour used as background + backgroundColor: '#fff', + // The url for the image used as background + backgroundImageUrl: 'https://example.com/background-img.png', + // The anchor url used when clicking the logo image + logoClickUrl: 'https://example-company.org', + // The url used for the image used as logo + logoImageUrl: 'https://example.com/logo-img.png', + // Overwrite for pool of background images for avatars + avatarBackgrounds: ['url(https://example.com/avatar-background-1.png)', '#FFF'], + // The lobby/prejoin screen background + premeetingBackground: 'url(https://example.com/premeeting-background.png)', + // A list of images that can be used as video backgrounds. + // When this field is present, the default images will be replaced with those provided. + virtualBackgrounds: ['https://example.com/img.jpg'], + // Object containing a theme's properties. It also supports partial overwrites of the main theme. + // For a list of all possible theme tokens and their current defaults, please check: + // https://github.com/jitsi/jitsi-meet/tree/master/resources/custom-theme/custom-theme.json + // For a short explanations on each of the tokens, please check: + // https://github.com/jitsi/jitsi-meet/blob/master/react/features/base/ui/Tokens.js + // IMPORTANT!: This is work in progress so many of the various tokens are not yet applied in code + // or they are partially applied. + customTheme: { + palette: { + ui01: "orange !important", + ui02: "maroon", + surface02: 'darkgreen', + ui03: "violet", + ui04: "magenta", + ui05: "blueviolet", + field02Hover: 'red', + action01: 'green', + action01Hover: 'lightgreen', + action02Disabled: 'beige', + success02: 'cadetblue', + action02Hover: 'aliceblue' + }, + typography: { + labelRegular: { + fontSize: 25, + lineHeight: 30, + fontWeight: 500 + } + } + } + } + */ + // dynamicBrandingUrl: '', + + // When true the user cannot add more images to be used as virtual background. + // Only the default ones from will be available. + // disableAddingBackgroundImages: false, + + // Disables using screensharing as virtual background. + // disableScreensharingVirtualBackground: false, + + // Sets the background transparency level. '0' is fully transparent, '1' is opaque. + // backgroundAlpha: 1, + + // The URL of the moderated rooms microservice, if available. If it + // is present, a link to the service will be rendered on the welcome page, + // otherwise the app doesn't render it. + // moderatedRoomServiceUrl: 'https://moderated.__DOMAIN__', + + // If true, tile view will not be enabled automatically when the participants count threshold is reached. + // disableTileView: true, + + // If true, the tiles will be displayed contained within the available space rather than enlarged to cover it, + // with a 16:9 aspect ratio (old behaviour). + // disableTileEnlargement: true, + + // Controls the visibility and behavior of the top header conference info labels. + // If a label's id is not in any of the 2 arrays, it will not be visible at all on the header. + // conferenceInfo: { + // // those labels will not be hidden in tandem with the toolbox. + // alwaysVisible: ['recording', 'local-recording', 'raised-hands-count'], + // // those labels will be auto-hidden in tandem with the toolbox buttons. + // autoHide: [ + // 'subject', + // 'conference-timer', + // 'participants-count', + // 'e2ee', + // 'transcribing', + // 'video-quality', + // 'insecure-room' + // ] + // }, + + // Hides the conference subject + // hideConferenceSubject: false, + + // Hides the conference timer. + // hideConferenceTimer: false, + + // Hides the recording label + // hideRecordingLabel: false, + + // Hides the participants stats + // hideParticipantsStats: true, + + // Sets the conference subject + // subject: 'Conference Subject', + + // Sets the conference local subject + // localSubject: 'Conference Local Subject', + + // This property is related to the use case when jitsi-meet is used via the IFrame API. When the property is true + // jitsi-meet will use the local storage of the host page instead of its own. This option is useful if the browser + // is not persisting the local storage inside the iframe. + // useHostPageLocalStorage: true, + + // etherpad ("shared document") integration. + // + + // If set, add a "Open shared document" link to the bottom right menu that + // will open an etherpad document. + // etherpad_base: 'https://your-etherpad-installati.on/p/', + + // List of undocumented settings used in jitsi-meet + /** + _immediateReloadThreshold + debug + debugAudioLevels + deploymentInfo + dialInConfCodeUrl + dialInNumbersUrl + dialOutAuthUrl + dialOutCodesUrl + disableRemoteControl + displayJids + externalConnectUrl + e2eeLabels + firefox_fake_device + googleApiApplicationClientID + iAmRecorder + iAmSipGateway + microsoftApiApplicationClientID + peopleSearchQueryTypes + peopleSearchUrl + requireDisplayName + tokenAuthUrl + */ + + /** + * This property can be used to alter the generated meeting invite links (in combination with a branding domain + * which is retrieved internally by jitsi meet) (e.g. https://meet.jit.si/someMeeting + * can become https://brandedDomain/roomAlias) + */ + // brandingRoomAlias: null, + + // List of undocumented settings used in lib-jitsi-meet + /** + _peerConnStatusOutOfLastNTimeout + _peerConnStatusRtcMuteTimeout + abTesting + avgRtpStatsN + callStatsConfIDNamespace + callStatsCustomScriptUrl + desktopSharingSources + disableAEC + disableAGC + disableAP + disableHPF + disableNS + enableTalkWhileMuted + forceJVB121Ratio + forceTurnRelay + hiddenDomain + ignoreStartMuted + websocketKeepAlive + websocketKeepAliveUrl + */ + + /** + * Default interval (milliseconds) for triggering mouseMoved iframe API event + */ + mouseMoveCallbackInterval: 1000, + + /** + Use this array to configure which notifications will be shown to the user + The items correspond to the title or description key of that notification + Some of these notifications also depend on some other internal logic to be displayed or not, + so adding them here will not ensure they will always be displayed + + A falsy value for this prop will result in having all notifications enabled (e.g null, undefined, false) + */ + // notifications: [ + // 'connection.CONNFAIL', // shown when the connection fails, + // 'dialog.cameraNotSendingData', // shown when there's no feed from user's camera + // 'dialog.kickTitle', // shown when user has been kicked + // 'dialog.liveStreaming', // livestreaming notifications (pending, on, off, limits) + // 'dialog.lockTitle', // shown when setting conference password fails + // 'dialog.maxUsersLimitReached', // shown when maximmum users limit has been reached + // 'dialog.micNotSendingData', // shown when user's mic is not sending any audio + // 'dialog.passwordNotSupportedTitle', // shown when setting conference password fails due to password format + // 'dialog.recording', // recording notifications (pending, on, off, limits) + // 'dialog.remoteControlTitle', // remote control notifications (allowed, denied, start, stop, error) + // 'dialog.reservationError', + // 'dialog.serviceUnavailable', // shown when server is not reachable + // 'dialog.sessTerminated', // shown when there is a failed conference session + // 'dialog.sessionRestarted', // show when a client reload is initiated because of bridge migration + // 'dialog.tokenAuthFailed', // show when an invalid jwt is used + // 'dialog.transcribing', // transcribing notifications (pending, off) + // 'dialOut.statusMessage', // shown when dial out status is updated. + // 'liveStreaming.busy', // shown when livestreaming service is busy + // 'liveStreaming.failedToStart', // shown when livestreaming fails to start + // 'liveStreaming.unavailableTitle', // shown when livestreaming service is not reachable + // 'lobby.joinRejectedMessage', // shown when while in a lobby, user's request to join is rejected + // 'lobby.notificationTitle', // shown when lobby is toggled and when join requests are allowed / denied + // 'localRecording.localRecording', // shown when a local recording is started + // 'notify.chatMessages', // shown when receiving chat messages while the chat window is closed + // 'notify.disconnected', // shown when a participant has left + // 'notify.connectedOneMember', // show when a participant joined + // 'notify.connectedTwoMembers', // show when two participants joined simultaneously + // 'notify.connectedThreePlusMembers', // show when more than 2 participants joined simultaneously + // 'notify.leftOneMember', // show when a participant left + // 'notify.leftTwoMembers', // show when two participants left simultaneously + // 'notify.leftThreePlusMembers', // show when more than 2 participants left simultaneously + // 'notify.grantedTo', // shown when moderator rights were granted to a participant + // 'notify.invitedOneMember', // shown when 1 participant has been invited + // 'notify.invitedThreePlusMembers', // shown when 3+ participants have been invited + // 'notify.invitedTwoMembers', // shown when 2 participants have been invited + // 'notify.kickParticipant', // shown when a participant is kicked + // 'notify.moderationStartedTitle', // shown when AV moderation is activated + // 'notify.moderationStoppedTitle', // shown when AV moderation is deactivated + // 'notify.moderationInEffectTitle', // shown when user attempts to unmute audio during AV moderation + // 'notify.moderationInEffectVideoTitle', // shown when user attempts to enable video during AV moderation + // 'notify.moderationInEffectCSTitle', // shown when user attempts to share content during AV moderation + // 'notify.mutedRemotelyTitle', // shown when user is muted by a remote party + // 'notify.mutedTitle', // shown when user has been muted upon joining, + // 'notify.newDeviceAudioTitle', // prompts the user to use a newly detected audio device + // 'notify.newDeviceCameraTitle', // prompts the user to use a newly detected camera + // 'notify.passwordRemovedRemotely', // shown when a password has been removed remotely + // 'notify.passwordSetRemotely', // shown when a password has been set remotely + // 'notify.raisedHand', // shown when a partcipant used raise hand, + // 'notify.startSilentTitle', // shown when user joined with no audio + // 'notify.unmute', // shown to moderator when user raises hand during AV moderation + // 'prejoin.errorDialOut', + // 'prejoin.errorDialOutDisconnected', + // 'prejoin.errorDialOutFailed', + // 'prejoin.errorDialOutStatus', + // 'prejoin.errorStatusCode', + // 'prejoin.errorValidation', + // 'recording.busy', // shown when recording service is busy + // 'recording.failedToStart', // shown when recording fails to start + // 'recording.unavailableTitle', // shown when recording service is not reachable + // 'toolbar.noAudioSignalTitle', // shown when a broken mic is detected + // 'toolbar.noisyAudioInputTitle', // shown when noise is detected for the current microphone + // 'toolbar.talkWhileMutedPopup', // shown when user tries to speak while muted + // 'transcribing.failedToStart' // shown when transcribing fails to start + // ], + + // Prevent the filmstrip from autohiding when screen width is under a certain threshold + // disableFilmstripAutohiding: false, + + // Specifies whether the chat emoticons are disabled or not + // disableChatSmileys: false, + + // Allow all above example options to include a trailing comma and + // prevent fear when commenting out the last value. + makeJsonParserHappy: 'even if last key had a trailing comma' + + // no configuration value should follow this line. +}; + +/* eslint-enable no-unused-vars, no-var */ diff --git a/conf/jitsi-meet-prosody.src b/conf/jitsi-meet-prosody.src index a579490..f310f7a 100644 --- a/conf/jitsi-meet-prosody.src +++ b/conf/jitsi-meet-prosody.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://download.jitsi.org/stable/jitsi-meet-prosody_1.0.4466-1_all.deb -SOURCE_SUM=8fd9a721cdeca7f88c825034679514ddb9c75c81dd615966f3fc3bd09812ea05 +SOURCE_URL=https://download.jitsi.org/stable/jitsi-meet-prosody_1.0.5818-1_all.deb +SOURCE_SUM=0808e2be09149aec08326a4f49e58d1beaed41e040e5717a1796d5f5c5f000bc SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=deb SOURCE_IN_SUBDIR=true diff --git a/conf/jitsi-meet-web.src b/conf/jitsi-meet-web.src index 777fecb..2e919ff 100644 --- a/conf/jitsi-meet-web.src +++ b/conf/jitsi-meet-web.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://download.jitsi.org/stable/jitsi-meet-web_1.0.4466-1_all.deb -SOURCE_SUM=1129e848b5b1711ca41d160658033f6a427d1eb9f961a168df7bda6ab1180b01 +SOURCE_URL=https://download.jitsi.org/stable/jitsi-meet-web_1.0.5818-1_all.deb +SOURCE_SUM=72e260c0d3f046e94c05d4441de57f3012213cffe360794f09f4d2db6125fcc1 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=deb SOURCE_IN_SUBDIR=true diff --git a/conf/jitsi-videobridge-20-jvb-udp-buffers.conf b/conf/jitsi-videobridge-20-jvb-udp-buffers.conf deleted file mode 100644 index 4d8b81f..0000000 --- a/conf/jitsi-videobridge-20-jvb-udp-buffers.conf +++ /dev/null @@ -1,3 +0,0 @@ -# this sets the max, so that we can bump the JVB UDP single port buffer size. -net.core.rmem_max=10485760 -net.core.netdev_max_backlog=100000 diff --git a/conf/jitsi-videobridge-jvb.conf b/conf/jitsi-videobridge-jvb.conf new file mode 100644 index 0000000..3fa117a --- /dev/null +++ b/conf/jitsi-videobridge-jvb.conf @@ -0,0 +1,12 @@ +videobridge { + http-servers { + public { + port = 9090 + } + } + websockets { + enabled = true + domain = "__DOMAIN__:443" + tls = true + } +} diff --git a/conf/jitsi-videobridge-log4j2.xml b/conf/jitsi-videobridge-log4j2.xml deleted file mode 100644 index 38f6202..0000000 --- a/conf/jitsi-videobridge-log4j2.xml +++ /dev/null @@ -1,33 +0,0 @@ - - - - /var/log/__APP__ - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/conf/jitsi-videobridge-logging.properties b/conf/jitsi-videobridge-logging.properties index ba2009b..3c364a4 100644 --- a/conf/jitsi-videobridge-logging.properties +++ b/conf/jitsi-videobridge-logging.properties @@ -1,25 +1,34 @@ handlers= java.util.logging.ConsoleHandler #handlers= java.util.logging.ConsoleHandler, com.agafua.syslog.SyslogHandler +#handlers= java.util.logging.ConsoleHandler, io.sentry.jul.SentryHandler java.util.logging.ConsoleHandler.level = ALL java.util.logging.ConsoleHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter -net.java.sip.communicator.util.ScLogFormatter.programname=JVB - +org.jitsi.utils.logging2.JitsiLogFormatter.programname=JVB .level=INFO -org.jitsi.videobridge.xmpp.ComponentImpl.level=FINE - -# All of the INFO level logs from MediaStreamImpl are unnecessary in the context of jitsi-videobridge. -org.jitsi.impl.neomedia.MediaStreamImpl.level=WARNING - -# Syslog(uncomment handler to use) +# Syslog (uncomment handler to use) com.agafua.syslog.SyslogHandler.transport = udp com.agafua.syslog.SyslogHandler.facility = local0 com.agafua.syslog.SyslogHandler.port = 514 -com.agafua.syslog.SyslogHandler.hostname = 127.0.0.1 +com.agafua.syslog.SyslogHandler.hostname = localhost com.agafua.syslog.SyslogHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter com.agafua.syslog.SyslogHandler.escapeNewlines = false -# to disable double timestamps in syslog uncomment next line -#net.java.sip.communicator.util.ScLogFormatter.disableTimestamp=true +# Sentry (uncomment handler to use) +io.sentry.jul.SentryHandler.level=WARNING + +# time series logging +java.util.logging.SimpleFormatter.format= %5$s%n +java.util.logging.FileHandler.level = ALL +java.util.logging.FileHandler.formatter = java.util.logging.SimpleFormatter +java.util.logging.FileHandler.pattern = /tmp/jvb-series.log +java.util.logging.FileHandler.limit = 200000000 +java.util.logging.FileHandler.count = 1 +java.util.logging.FileHandler.append = false + +timeseries.level=OFF +timeseries.useParentHandlers = false +# time series logging is disabled by default. Uncomment the line below to enable it. +#timeseries.handlers = java.util.logging.FileHandler diff --git a/conf/jitsi-videobridge.config b/conf/jitsi-videobridge.config index 5280acf..7b356a0 100644 --- a/conf/jitsi-videobridge.config +++ b/conf/jitsi-videobridge.config @@ -1,20 +1,16 @@ # Jitsi Videobridge settings -# sets the hostname of the XMPP server (default: domain if set, 127.0.0.1 otherwise) -JVB_HOST=127.0.0.1 - # sets the XMPP domain (default: none) JVB_HOSTNAME=__DOMAIN__ +# sets the hostname of the XMPP server (default: domain if set, 127.0.0.1 otherwise) +JVB_HOST=127.0.0.1 + # sets the port of the XMPP server (default: 5275) JVB_PORT=__PORT_COMPONENT__ # sets the shared secret used to authenticate to the XMPP server JVB_SECRET=__VIDEOBRIDGE_SECRET__ -# extra options to pass to the JVB daemon -JVB_OPTS="--apis=xmpp,rest" - - # adds java system props that are passed to jvb (default are for home and logging config file) -JAVA_SYS_PROPS="-Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/__APP__ -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=videobridge -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/__APP__ -Djava.util.logging.config.file=/etc/__APP__/videobridge/logging.properties" +JAVA_SYS_PROPS="-Dconfig.file=/etc/__APP__/videobridge/jvb.conf -Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/__APP__ -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=videobridge -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/__APP__ -Djava.util.logging.config.file=/etc/__APP__/videobridge/logging.properties" diff --git a/conf/jitsi-videobridge.src b/conf/jitsi-videobridge.src index 8554e9c..3d38e20 100644 --- a/conf/jitsi-videobridge.src +++ b/conf/jitsi-videobridge.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://download.jitsi.org/stable/jitsi-videobridge2_2.1-376-g9f12bfe2-1_all.deb -SOURCE_SUM=06594db323a76d76a78c6085a9f3042a1f21e641d9abd1c31b20edfd0eaa5a3b +SOURCE_URL=https://download.jitsi.org/stable/jitsi-videobridge2_2.1-617-ga8b39c3f-1_all.deb +SOURCE_SUM=0bb47e1c96736bd5f3fe595223424cefc7d9a4a1db2be4d4cc87c4206d71df5e SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=deb SOURCE_IN_SUBDIR=true diff --git a/conf/metronome.cfg.lua b/conf/metronome.cfg.lua deleted file mode 100644 index 824a977..0000000 --- a/conf/metronome.cfg.lua +++ /dev/null @@ -1,96 +0,0 @@ -component_ports = { __PORT_COMPONENT__ } - --- Make the focus user a global administrator -admins = { "__FOCUS_USER__@auth.__DOMAIN__" } - --- c2s_require_encryption = false --Why would it be needed? --- s2s_secure_auth = false - -plugin_paths = { "__FINAL_PATH__/jitsi-meet-prosody/" } - --- domain mapper options, must at least have domain base set to use the mapper -muc_mapper_domain_base = "__DOMAIN__"; - -cross_domain_bosh = false; -consider_bosh_secure = true; - -VirtualHost "__DOMAIN__" - authentication = "anonymous" - -- Properties below are modified by jitsi-meet-tokens package config - -- and authentication above is switched to "token" - --app_id="example_app_id" - --app_secret="example_app_secret" - -- Assign this host a certificate for TLS, otherwise it would use the one - -- set in the global section (if any). - -- Note that old-style SSL on port 5223 only supports one certificate, and will always - -- use the global one. - ssl = { - key = "/etc/yunohost/certs/__DOMAIN__/key.pem"; - certificate = "/etc/yunohost/certs/__DOMAIN__/crt.pem"; - } - speakerstats_component = "speakerstats.__DOMAIN__" - conference_duration_component = "conferenceduration.__DOMAIN__" - -- we need bosh - modules_enabled = { - "bosh"; - "pubsub"; - "ping"; -- Enable mod_ping - "speakerstats"; - -- "turncredentials"; - "conference_duration"; - "extdisco"; - } - c2s_require_encryption = false - external_services = { - ["__DOMAIN__"] = { - { type = "stun", port = "4446", trasport = "udp" }, - { type = "stun", port = "4446", trasport = "tcp" }, - { type = "turn", port = "4446", transport = "udp", turn_secret = "__TURN_SECRET__", turn_ttl = "86400" }, - { type = "turns", port = "443", transport = "tcp", turn_secret = "__TURN_SECRET__", turn_ttl = "86400" } - } - } - -Component "conference.__DOMAIN__" "muc" - storage = "internal" - modules_enabled = { - "muc_meeting_id"; - "muc_domain_mapper"; - -- "token_verification"; - } - admins = { "__FOCUS_USER__@auth.__DOMAIN__" } - allow_anonymous_creation = true - instant_room_on_creation = true - room_default_config = { - whois = "anyone"; - } - --- internal muc component -Component "internal.auth.__DOMAIN__" "muc" - storage = "internal" - modules_enabled = { - "ping"; - } - admins = { "__FOCUS_USER__@auth.__DOMAIN__", "__VIDEOBRIDGE_USER__@auth.__DOMAIN__" } - instant_room_on_creation = true - room_default_config = { - whois = "anyone"; - } - -VirtualHost "auth.__DOMAIN__" - ssl = { - key = "/etc/yunohost/certs/auth.__DOMAIN__/key.pem"; - certificate = "/etc/yunohost/certs/auth.__DOMAIN__/crt.pem"; - } - authentication = "internal_plain" - -Component "focus.__DOMAIN__" - component_secret = "__FOCUS_SECRET__" - -Component "jitsi-videobridge.__DOMAIN__" - component_secret = "__VIDEOBRIDGE_SECRET__" - -Component "speakerstats.__DOMAIN__" "speakerstats_component" - muc_component = "conference.__DOMAIN__" - -Component "conferenceduration.__DOMAIN__" "conference_duration_component" - muc_component = "conference.__DOMAIN__" diff --git a/conf/metronome_regen_conf.hook b/conf/metronome_regen_conf.hook deleted file mode 100644 index 014db5b..0000000 --- a/conf/metronome_regen_conf.hook +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash - -force=${2:-0} # 0/1 --force argument -dryrun=${3:-0} # 0/1 --dry-run argument -pending_conf=$4 # Path of the pending conf file - -do_pre_regen() { - # Add specific domain metronome conf - cp -af "/usr/share/yunohost/templates/jitsi/." "${pending_conf}/../metronome/etc/metronome/conf.d/" -} - -do_post_regen() { - regen_conf_files=$1 -} - -case "$1" in - pre) - do_pre_regen - ;; - post) - do_post_regen - ;; - *) - echo "Hook called with unknown argument \`$1'" >&2 - exit 1 - ;; -esac - -exit 0 \ No newline at end of file diff --git a/conf/nginx.conf b/conf/nginx.conf index 586a961..737626d 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -20,20 +20,23 @@ location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|. { add_header 'Access-Control-Allow-Origin' '*'; alias __FINALPATH__/jitsi-meet-web/$1/$2; + + # cache all versioned files + if ($arg_v) { + expires 1y; + } } # BOSH location = /http-bind { - proxy_pass http://127.0.0.1:5290/http-bind; - proxy_set_header Host $host; + proxy_pass http://127.0.0.1:5280/http-bind?prefix=$prefix&$args; proxy_set_header X-Forwarded-For $remote_addr; - proxy_buffering off; - tcp_nodelay on; + proxy_set_header Host $http_host; } # xmpp websockets location = /xmpp-websocket { - proxy_pass http://127.0.0.1:5290/xmpp-websocket?prefix=$prefix&$args; + proxy_pass http://127.0.0.1:5280/xmpp-websocket?prefix=$prefix&$args; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; @@ -41,6 +44,15 @@ location = /xmpp-websocket { tcp_nodelay on; } +# colibri (JVB) websockets for jvb1 +location ~ ^/colibri-ws/default-id/(.*) { + proxy_pass http://127.0.0.1:9090/colibri-ws/default-id/$1$is_args$args; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + tcp_nodelay on; +} + location ~ ^/([^/?&:'"]+)$ { try_files $uri @root_path; } @@ -57,13 +69,6 @@ location ~ ^/([^/?&:'"]+)/config.js$ alias /etc/__NAME__/meet/__DOMAIN__-config.js; } -#Anything that didn't match above, and isn't a real file, assume it's a room name and redirect to / -location ~ ^/([^/?&:'"]+)/(.*)$ { - set $subdomain "$1."; - set $subdir "$1/"; - rewrite ^/([^/?&:'"]+)/(.*)$ /$2; -} - # BOSH for subdomains location ~ ^/([^/?&:'"]+)/http-bind { set $subdomain "$1."; @@ -81,3 +86,10 @@ location ~ ^/([^/?&:'"]+)/xmpp-websocket { rewrite ^/(.*)$ /xmpp-websocket; } + +#Anything that didn't match above, and isn't a real file, assume it's a room name and redirect to / +location ~ ^/([^/?&:'"]+)/(.*)$ { + set $subdomain "$1."; + set $subdir "$1/"; + rewrite ^/([^/?&:'"]+)/(.*)$ /$2; +} diff --git a/conf/prosody.cfg.lua b/conf/prosody.cfg.lua new file mode 100644 index 0000000..0fb3f69 --- /dev/null +++ b/conf/prosody.cfg.lua @@ -0,0 +1,128 @@ +plugin_paths = { "__FINALPATH__/jitsi-meet-prosody/" } + +-- domain mapper options, must at least have domain base set to use the mapper +muc_mapper_domain_base = "__DOMAIN__"; + +external_service_secret = "__TURN_SECRET__"; +external_services = { + { type = "stun", host = "__DOMAIN__", port = 3478 }, + { type = "turn", host = "__DOMAIN__", port = 3478, transport = "udp", secret = true, ttl = 86400, algorithm = "turn" }, + { type = "turns", host = "__DOMAIN__", port = 5349, transport = "tcp", secret = true, ttl = 86400, algorithm = "turn" } +}; + +cross_domain_bosh = false; +consider_bosh_secure = true; +-- https_ports = { }; -- Remove this line to prevent listening on port 5284 + +-- https://ssl-config.mozilla.org/#server=haproxy&version=2.1&config=intermediate&openssl=1.1.0g&guideline=5.4 +ssl = { + protocol = "tlsv1_2+"; + ciphers = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384" +} + +unlimited_jids = { + "__FOCUS_USER__@auth.__DOMAIN__", + "__VIDEOBRIDGE_USER__@auth.__DOMAIN__" +} + +VirtualHost "__DOMAIN__" + -- enabled = false -- Remove this line to enable this host + authentication = "anonymous" + -- Properties below are modified by jitsi-meet-tokens package config + -- and authentication above is switched to "token" + --app_id="example_app_id" + --app_secret="example_app_secret" + -- Assign this host a certificate for TLS, otherwise it would use the one + -- set in the global section (if any). + -- Note that old-style SSL on port 5223 only supports one certificate, and will always + -- use the global one. + ssl = { + key = "/etc/prosody/certs/__DOMAIN__.key"; + certificate = "/etc/prosody/certs/__DOMAIN__.crt"; + } + av_moderation_component = "avmoderation.__DOMAIN__" + speakerstats_component = "speakerstats.__DOMAIN__" + conference_duration_component = "conferenceduration.__DOMAIN__" + -- we need bosh + modules_enabled = { + "bosh"; + "pubsub"; + "ping"; -- Enable mod_ping + "speakerstats"; + "external_services"; + "conference_duration"; + "muc_lobby_rooms"; + "muc_breakout_rooms"; + "av_moderation"; + } + c2s_require_encryption = false + lobby_muc = "lobby.__DOMAIN__" + breakout_rooms_muc = "breakout.__DOMAIN__" + main_muc = "conference.__DOMAIN__" + -- muc_lobby_whitelist = { "recorder.__DOMAIN__" } -- Here we can whitelist jibri to enter lobby enabled rooms + +Component "conference.__DOMAIN__" "muc" + restrict_room_creation = true + storage = "memory" + modules_enabled = { + "muc_meeting_id"; + "muc_domain_mapper"; + "polls"; + --"token_verification"; + "muc_rate_limit"; + } + admins = { "__FOCUS_USER__@auth.__DOMAIN__" } + muc_room_locking = false + muc_room_default_public_jids = true + +Component "breakout.__DOMAIN__" "muc" + restrict_room_creation = true + storage = "memory" + modules_enabled = { + "muc_meeting_id"; + "muc_domain_mapper"; + --"token_verification"; + "muc_rate_limit"; + } + admins = { "__FOCUS_USER__@auth.__DOMAIN__" } + muc_room_locking = false + muc_room_default_public_jids = true + +-- internal muc component +Component "internal.auth.__DOMAIN__" "muc" + storage = "memory" + modules_enabled = { + "ping"; + } + admins = { "__FOCUS_USER__@auth.__DOMAIN__", "__VIDEOBRIDGE_USER__@auth.__DOMAIN__" } + muc_room_locking = false + muc_room_default_public_jids = true + +VirtualHost "auth.__DOMAIN__" + modules_enabled = { + "limits_exception"; + } + authentication = "internal_hashed" + +-- Proxy to jicofo's user JID, so that it doesn't have to register as a component. +Component "focus.__DOMAIN__" "client_proxy" + target_address = "__FOCUS_USER__@auth.__DOMAIN__" + +Component "speakerstats.__DOMAIN__" "speakerstats_component" + muc_component = "conference.__DOMAIN__" + +Component "conferenceduration.__DOMAIN__" "conference_duration_component" + muc_component = "conference.__DOMAIN__" + +Component "avmoderation.__DOMAIN__" "av_moderation_component" + muc_component = "conference.__DOMAIN__" + +Component "lobby.__DOMAIN__" "muc" + storage = "memory" + restrict_room_creation = true + muc_room_locking = false + muc_room_default_public_jids = true + modules_enabled = { + "muc_rate_limit"; + "polls"; + } diff --git a/doc/.gitkeep b/doc/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md new file mode 100644 index 0000000..6233043 --- /dev/null +++ b/doc/DESCRIPTION.md @@ -0,0 +1,9 @@ +Jitsi Meet is a libre software (Apache) WebRTC JavaScript app that uses Jitsi Videobridge to provide high quality, secure, and scalable video conferences. + +## Disclaimer + +**Jitsi** for YunoHost for now as some limitations: + * Can only be used using Chrome/Chromium + * Is limited to two participants + +Those limitations come from the packaging of the upstream app. Have to be improved. diff --git a/doc/DESCRIPTION_fr.md b/doc/DESCRIPTION_fr.md new file mode 100644 index 0000000..6fda900 --- /dev/null +++ b/doc/DESCRIPTION_fr.md @@ -0,0 +1,8 @@ +Jitsi Meet est un logiciel libre (Apache) dont Jitsi Videobridge, avec WebRTC Javascript, propose des vidéos-conférences de haute qualité, sécurisées et évolutives. + +## Avertissements +**Jitsi-meet** pour YunoHost est limité actuellement : + * Il ne peut être utilisé qu'avec Chrome ou un navigateur basé sur Chromium + * Il est limité à 2 participants par réunion + +Ces limitations viennent de la manière dont l'application a été empaquetée pour YunoHost. À améliorer. diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md new file mode 100644 index 0000000..0e30e5a --- /dev/null +++ b/doc/DISCLAIMER.md @@ -0,0 +1,9 @@ +## Important points before installing + +1. **Jitsi** requires a dedicated **root domain**, eg. jitsi.domain.tld +2. **Jitsi** requires you create additionals domains in your DNS and in your YunoHost + * auth.jitsi.domain.tld + * conference.jitsi.domain.tld + * jitsi-videobridge.jitsi.domain.tld + * focus.jitsi.domain.tld +3. **Jitsi** requires the ports TCP/4443 and UDP/10000 to be forwarded to your YunoHost (The same way you forwarded 80 (HTTP), 443 (HTTPS), etc... https://yunohost.org/#/isp_box_config) diff --git a/doc/DISCLAIMER_fr.md b/doc/DISCLAIMER_fr.md new file mode 100644 index 0000000..4799c46 --- /dev/null +++ b/doc/DISCLAIMER_fr.md @@ -0,0 +1,9 @@ +## Points importants à préparer avant l'installation + +1. **Jitsi** a besoin d'un **domaine racine** dédié, par exemple : jitsi.domain.tld +2. **Jitsi** nécessite des domaines supplémentaires au niveau du DNS et de votre YunoHost + * auth.jitsi.domain.tld + * conference.jitsi.domain.tld + * jitsi-videobridge.jitsi.domain.tld + * focus.jitsi.domain.tld +3. **Jitsi** demande que les ports TCP/4443 et UDP/10000 soient routés vers votre YunoHost (De la même manière que le sont les ports 80 (HTTP), 443 (HTTPS), etc... https://yunohost.org/#/isp_box_config) diff --git a/doc/screenshots/.gitkeep b/doc/screenshots/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/doc/screenshots/screenshot.png b/doc/screenshots/screenshot.png new file mode 100644 index 0000000..e9890da Binary files /dev/null and b/doc/screenshots/screenshot.png differ diff --git a/manifest.json b/manifest.json index e55b926..7016f4c 100644 --- a/manifest.json +++ b/manifest.json @@ -8,6 +8,13 @@ }, "version": "1.0.4466~ynh1", "url": "https://jitsi.org/Projects/JitMeet", + "upstream": { + "license": "Apache-2.0", + "website": "https://jitsi.org/", + "demo": "https://meet.jit.si/", + "userdoc": "https://jitsi.org/user-faq/", + "code": "https://github.com/jitsi/jitsi-meet" + }, "license": "Apache-2.0", "maintainer": { "name": "yalh76" @@ -17,7 +24,7 @@ "email": "julien.malik@paraiso.me" }, "requirements": { - "yunohost": ">= 3.8" + "yunohost": ">= 4.3.0" }, "multi_instance": false, "services": [ @@ -27,12 +34,7 @@ "install" : [ { "name": "domain", - "type": "domain", - "ask": { - "en": "Choose a domain for Jitsi Meet", - "fr": "Choisissez un domaine pour Jitsi Meet" - }, - "example": "domain.org" + "type": "domain" } ] } diff --git a/pull_request_template.md b/pull_request_template.md deleted file mode 100644 index 09eba52..0000000 --- a/pull_request_template.md +++ /dev/null @@ -1,18 +0,0 @@ -## Problem -- *Description of why you made this PR* - -## Solution -- *And how do you fix that problem* - -## PR Status -- [ ] Code finished. -- [ ] Tested with Package_check. -- [ ] Fix or enhancement tested. -- [ ] Upgrade from last version tested. -- [ ] Can be reviewed and tested. - -## Package_check results ---- -*If you have access to [App Continuous Integration for packagers](https://yunohost.org/#/packaging_apps_ci) you can provide a link to the package_check results like below, replacing '-NUM-' in this link by the PR number and USERNAME by your username on the ci-apps-dev. Or you provide a screenshot or a pastebin of the results* - -[![Build Status](https://ci-apps-dev.yunohost.org/jenkins/job/jitsi_ynh%20PR-NUM-%20(USERNAME)/badge/icon)](https://ci-apps-dev.yunohost.org/jenkins/job/jitsi_ynh%20PR-NUM-%20(USERNAME)/) diff --git a/scripts/backup b/scripts/backup index 2ccff41..9add3f2 100644 --- a/scripts/backup +++ b/scripts/backup @@ -47,25 +47,6 @@ ynh_backup --src_path="$final_path" ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# SPECIFIC BACKUP -#================================================= -# BACKUP METRONOME -#================================================= - -# Backup Metronome domain conf template -ynh_backup --src_path="/usr/share/yunohost/templates/jitsi/$domain.cfg.lua" -ynh_backup --src_path="/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua" - -# Backup Metronome Hook -ynh_backup --src_path="/usr/share/yunohost/hooks/conf_regen/50-metronome_$app" - -#================================================= -# BACKUP THE APP CONFIG -#================================================= - -ynh_backup --src_path="/etc/$app" - #================================================= # SPECIFIC BACKUP #================================================= @@ -81,6 +62,14 @@ ynh_backup --src_path="/etc/logrotate.d/$app" ynh_backup --src_path="/etc/systemd/system/$app-videobridge.service" ynh_backup --src_path="/etc/systemd/system/$app-jicofo.service" +#================================================= +# BACKUP VARIOUS FILES +#================================================= + +ynh_backup --src_path="/etc/$app/" + +ynh_backup --src_path="/etc/prosody/conf.avail/$domain.cfg.lua" + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/install b/scripts/install index 2471d61..386a037 100644 --- a/scripts/install +++ b/scripts/install @@ -72,22 +72,22 @@ ynh_app_setting_set --app=$app --key=videobridge_user --value=$videobridge_user #================================================= # FIND AND OPEN A PORT #================================================= -ynh_script_progression --message="Configuring firewall..." +ynh_script_progression --message="Finding an available port..." # Find an available port -port=$(ynh_find_port --port=4443) +port=4443 # Open this port ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port ynh_app_setting_set --app=$app --key=port --value=$port # Find an available port -port_videobridge=$(ynh_find_port --port=10000) +port_videobridge=10000 # Open this port ynh_exec_warn_less yunohost firewall allow --no-upnp UDP $port_videobridge ynh_app_setting_set --app=$app --key=port_videobridge --value=$port_videobridge # Find an available port -port_component=$(ynh_find_port --port=5347) +port_component=5347 ynh_app_setting_set --app=$app --key=port_component --value=$port_component #================================================= @@ -97,7 +97,18 @@ ynh_script_progression --message="Installing dependencies..." ynh_install_app_dependencies $pkg_dependencies -#ynh_install_nodejs --nodejs_version=10 +if ! yunohost app list | grep -q "prosody" +then + yunohost app install prosody --args "domain=$domain&admin=$admin&language=$language&password=$password" +fi + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -105,10 +116,9 @@ ynh_install_app_dependencies $pkg_dependencies ynh_script_progression --message="Setting up source files..." ynh_app_setting_set --app=$app --key=final_path --value=$final_path - # Download, check integrity, uncompress and patch the source from app.src declare -A packages -packages[jicofo]="jicofo" +packages[jitsi-jicofo]="jicofo" packages[jitsi-meet-prosody]="jitsi-meet/prosody-plugins" packages[jitsi-meet-web]="jitsi-meet" packages[jitsi-videobridge]="jitsi-videobridge" @@ -125,76 +135,46 @@ do ynh_secure_remove --file="$final_path/${package}_temp" done -# Adapt prosody module to metronome -for file in $final_path/jitsi-meet-prosody/*.lua -do - ynh_replace_string --match_string="prosody" --replace_string="metronome" --target_file="$file" - ynh_replace_string --match_string="Prosody" --replace_string="Metronome" --target_file="$file" -done - -for directory in $final_path/jitsi-meet-prosody/*/; do - for file in $directory/*.lua - do - ynh_replace_string --match_string="prosody" --replace_string="metronome" --target_file="$file" - ynh_replace_string --match_string="Prosody" --replace_string="Metronome" --target_file="$file" - done -done - -# workaround for mod_muc_domain_mapper -ynh_replace_string --match_string="module:log(\"debug\"" --replace_string="-- module:log(\"debug\"" --target_file="$final_path/jitsi-meet-prosody/mod_muc_domain_mapper.lua" +chown -R $app: $final_path #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Configuring nginx web server..." +ynh_script_progression --message="Configuring NGINX web server..." -# Create a dedicated nginx config +# Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." - -# Create a system user -ynh_system_user_create --username=$app --home_dir=$final_path - #================================================= # SPECIFIC SETUP #================================================= -# CONFIGURE METRONOME +# CONFIGURE PROSODY #================================================= -ynh_script_progression --message="Configuring metronome..." +ynh_script_progression --message="Configuring prosody..." +ynh_add_config --template="../conf/prosody.cfg.lua" --destination="/etc/prosody/conf.avail/$domain.cfg.lua" +chmod 644 "/etc/prosody/conf.avail/$domain.cfg.lua" +ln -s "/etc/prosody/conf.avail/$domain.cfg.lua" "/etc/prosody/conf.d/$domain.cfg.lua" -# Create focus user -yunohost domain add auth.$domain -# yunohost user create $focus_user -f $focus_user -l $focus_user -m ${focus_user}@auth.$domain -p $focus_password -q 0 -# yunohost user create $videobridge_user -f $videobridge_user -l $videobridge_user -m ${videobridge_user}@auth.$domain -p $videobridge_secret -q 0 +echo | prosodyctl cert generate $domain +ln -sf "/var/lib/prosody/$domain.key" "/etc/prosody/certs/$domain.key" +ln -sf "/var/lib/prosody/$domain.crt" "/etc/prosody/certs/$domain.crt" +ln -sf "/var/lib/prosody/$domain.crt" "/usr/local/share/ca-certificates/$domain.crt" -# Add Metronome domain conf template -metronome_conf="/usr/share/yunohost/templates/jitsi/$domain.cfg.lua" -mkdir -p /usr/share/yunohost/templates/jitsi/ -cp ../conf/metronome.cfg.lua $metronome_conf -ynh_replace_string --match_string="__PORT_COMPONENT__" --replace_string="$port_component" --target_file="$metronome_conf" -ynh_replace_string --match_string="__FINAL_PATH__" --replace_string="$final_path" --target_file="$metronome_conf" -ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$metronome_conf" -ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$metronome_conf" -ynh_replace_string --match_string="__TURN_SECRET__" --replace_string="$turn_secret" --target_file="$metronome_conf" -ynh_replace_string --match_string="__FOCUS_SECRET__" --replace_string="$focus_secret" --target_file="$metronome_conf" -ynh_replace_string --match_string="__FOCUS_USER__" --replace_string="$focus_user" --target_file="$metronome_conf" -ynh_replace_string --match_string="__VIDEOBRIDGE_USER__" --replace_string="$videobridge_user" --target_file="$metronome_conf" -ynh_replace_string --match_string="__VIDEOBRIDGE_SECRET__" --replace_string="$videobridge_secret" --target_file="$metronome_conf" +echo | prosodyctl cert generate "auth.$domain" +ln -sf "/var/lib/prosody/auth.$domain.key" "/etc/prosody/certs/auth.$domain.key" +ln -sf "/var/lib/prosody/auth.$domain.crt" "/etc/prosody/certs/auth.$domain.crt" +ln -sf "/var/lib/prosody/auth.$domain.crt" "/usr/local/share/ca-certificates/auth.$domain.crt" -touch "/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua" +update-ca-certificates -f -# Add Metronome hook -cp -R ../conf/metronome_regen_conf.hook /usr/share/yunohost/hooks/conf_regen/50-metronome_$app +ynh_systemd_action --service_name="prosody" --action="restart" -yunohost tools regen-conf metronome --force +prosodyctl register "$focus_user" "auth.$domain" "$focus_password" -metronomectl adduser $focus_user@auth.$domain $focus_password || true -metronomectl adduser $videobridge_user@auth.$domain $videobridge_secret || true +prosodyctl register "$videobridge_user" "auth.$domain" "$videobridge_secret" + +prosodyctl mod_roster_command subscribe $focus_user.$domain $focus_user@auth.$domain #================================================= # CONFIGURE JITSI-VIDEOBRIDGE @@ -209,36 +189,15 @@ ynh_app_setting_set --app=$app --key=muc_nickname --value=$muc_nickname mkdir -p "/etc/$app/videobridge" -jitsi_videobridge_sip_communicator_conf="/etc/$app/videobridge/sip-communicator.properties" -cp ../conf/jitsi-videobridge-sip-communicator.properties "$jitsi_videobridge_sip_communicator_conf" -ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$jitsi_videobridge_sip_communicator_conf" -ynh_replace_string --match_string="__PRIVATE_IPV4__" --replace_string="$private_ipv4" --target_file="$jitsi_videobridge_sip_communicator_conf" -ynh_replace_string --match_string="__PUBLIC_IPV4__" --replace_string="$public_ipv4" --target_file="$jitsi_videobridge_sip_communicator_conf" -ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$jitsi_videobridge_sip_communicator_conf" -ynh_replace_string --match_string="__VIDEOBRIDGE_USER__" --replace_string="$videobridge_user" --target_file="$jitsi_videobridge_sip_communicator_conf" -ynh_replace_string --match_string="__VIDEOBRIDGE_SECRET__" --replace_string="$videobridge_secret" --target_file="$jitsi_videobridge_sip_communicator_conf" -ynh_replace_string --match_string="__MUC_NICKNAME__" --replace_string="$muc_nickname" --target_file="$jitsi_videobridge_sip_communicator_conf" +ynh_add_config --template="../conf/jitsi-videobridge-callstats-java-sdk.properties" --destination="/etc/$app/videobridge/callstats-java-sdk.properties" -jitsi_videobridge_conf="/etc/$app/videobridge/config" -cp ../conf/jitsi-videobridge.config "$jitsi_videobridge_conf" -ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$jitsi_videobridge_conf" -ynh_replace_string --match_string="__PORT_COMPONENT__" --replace_string="$port_component" --target_file="$jitsi_videobridge_conf" -ynh_replace_string --match_string="__VIDEOBRIDGE_SECRET__" --replace_string="$videobridge_secret" --target_file="$jitsi_videobridge_conf" -ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$jitsi_videobridge_conf" +ynh_add_config --template="../conf/jitsi-videobridge-jvb.conf" --destination="/etc/$app/videobridge/jvb.conf" -jitsi_videobridge_logging_conf="/etc/$app/videobridge/logging.properties" -cp ../conf/jitsi-videobridge-logging.properties "$jitsi_videobridge_logging_conf" +ynh_add_config --template="../conf/jitsi-videobridge-logging.properties" --destination="/etc/$app/videobridge/logging.properties" -jitsi_videobridge_callstats_java_sdk_conf="/etc/$app/videobridge/callstats-java-sdk.properties" -cp ../conf/jitsi-videobridge-callstats-java-sdk.properties "$jitsi_videobridge_callstats_java_sdk_conf" +ynh_add_config --template="../conf/jitsi-videobridge-sip-communicator.properties" --destination="/etc/$app/videobridge/sip-communicator.properties" -jitsi_videobridge_log4j2_conf="/etc/$app/videobridge/log4j2.xml" -cp ../conf/jitsi-videobridge-log4j2.xml "$jitsi_videobridge_log4j2_conf" -ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$jitsi_videobridge_log4j2_conf" - -jitsi_videobridge_20_jvb_udp_buffers_conf="/etc/sysctl.d/20-jvb-udp-buffers.conf" -cp ../conf/jitsi-videobridge-20-jvb-udp-buffers.conf "$jitsi_videobridge_20_jvb_udp_buffers_conf" -sysctl --system || true +ynh_add_config --template="../conf/jitsi-videobridge.config" --destination="/etc/$app/videobridge/config" #================================================= # CONFIGURE JITSI-JICOFO @@ -247,21 +206,11 @@ ynh_script_progression --message="Configuring Jitsi-Jicofo..." mkdir -p "/etc/$app/jicofo" -jitsi_jicofo_sip_communicator_conf="/etc/$app/jicofo/sip-communicator.properties" -cp ../conf/jitsi-jicofo-sip-communicator.properties "$jitsi_jicofo_sip_communicator_conf" -ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$jitsi_jicofo_sip_communicator_conf" +ynh_add_config --template="../conf/jitsi-jicofo-config" --destination="/etc/$app/jicofo/config" -jitsi_jicofo_conf="/etc/$app/jicofo/config" -cp ../conf/jitsi-jicofo.config "$jitsi_jicofo_conf" -ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$jitsi_jicofo_conf" -ynh_replace_string --match_string="__PORT_COMPONENT__" --replace_string="$port_component" --target_file="$jitsi_jicofo_conf" -ynh_replace_string --match_string="__FOCUS_SECRET__" --replace_string="$focus_secret" --target_file="$jitsi_jicofo_conf" -ynh_replace_string --match_string="__FOCUS_USER__" --replace_string="$focus_user" --target_file="$jitsi_jicofo_conf" -ynh_replace_string --match_string="__FOCUS_PASSWORD__" --replace_string="$focus_password" --target_file="$jitsi_jicofo_conf" -ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$jitsi_jicofo_conf" +ynh_add_config --template="../conf/jitsi-jicofo-jicofo.conf" --destination="/etc/$app/jicofo/jicofo.conf" -jitsi_jicofo_logging_conf="/etc/$app/jicofo/logging.properties" -cp ../conf/jitsi-jicofo-logging.properties "$jitsi_jicofo_logging_conf" +ynh_add_config --template="../conf/jitsi-jicofo-logging.properties" --destination="/etc/$app/jicofo/logging.properties" #================================================= # CONFIGURE JITSI-MEET @@ -270,9 +219,8 @@ ynh_script_progression --message="Configuring Jitsi-Meet..." mkdir -p "/etc/$app/meet" -jitsi_meet_conf="/etc/$app/meet/$domain-config.js" -ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="../conf/config.js" -cpp -undef -P ../conf/config.js -o "$jitsi_meet_conf" +ynh_add_config --template="../conf/jitsi-meet-config.js" --destination="/etc/$app/meet/$domain-config.js" +chmod 644 "/etc/$app/meet/$domain-config.js" #================================================= # CREATE LOG DIR @@ -280,6 +228,8 @@ cpp -undef -P ../conf/config.js -o "$jitsi_meet_conf" ynh_script_progression --message="Creating log dir..." mkdir -p "/var/log/$app" +chown -R $app: /var/log/$app +chmod -R 770 /var/log/$app #================================================= # SETUP SYSTEMD @@ -290,20 +240,6 @@ ynh_script_progression --message="Configuring a systemd service..." ynh_add_systemd_config --service=$app-videobridge --template="jitsi-videobridge.service" ynh_add_systemd_config --service=$app-jicofo --template="jitsi-jicofo.service" -#================================================= -# STORE THE CONFIG FILE CHECKSUM -#================================================= -ynh_script_progression --message="Storing the config file checksum..." - -# Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="$jitsi_videobridge_sip_communicator_conf" -ynh_store_file_checksum --file="$jitsi_videobridge_conf" -ynh_store_file_checksum --file="$jitsi_videobridge_logging_conf" -ynh_store_file_checksum --file="$jitsi_jicofo_sip_communicator_conf" -ynh_store_file_checksum --file="$jitsi_jicofo_conf" -ynh_store_file_checksum --file="$jitsi_jicofo_logging_conf" -ynh_store_file_checksum --file="$jitsi_meet_conf" - #================================================= # GENERIC FINALIZATION #================================================= @@ -312,11 +248,10 @@ ynh_store_file_checksum --file="$jitsi_meet_conf" ynh_script_progression --message="Securing files and directories..." # Set permissions to app files -chown -R $app: $final_path chown -R $app: /etc/$app -chown -R $app: /var/log/$app -chmod -R 770 /var/log/$app +#================================================= +# GENERIC FINALIZATION #================================================= # SETUP LOGROTATE #================================================= @@ -345,15 +280,15 @@ ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path=" #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring SSOwat..." +ynh_script_progression --message="Configuring permissions..." # Make app public -ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" +ynh_permission_update --permission="main" --add="visitors" #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/remove b/scripts/remove index 9e3e883..88fd557 100644 --- a/scripts/remove +++ b/scripts/remove @@ -18,9 +18,9 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) port=$(ynh_app_setting_get --app=$app --key=port) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) port_videobridge=$(ynh_app_setting_get --app=$app --key=port_videobridge) port_component=$(ynh_app_setting_get --app=$app --key=port_component) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) focus_user=$(ynh_app_setting_get --app=$app --key=focus_user) videobridge_user=$(ynh_app_setting_get --app=$app --key=videobridge_user) @@ -30,7 +30,7 @@ videobridge_user=$(ynh_app_setting_get --app=$app --key=videobridge_user) # REMOVE SERVICE INTEGRATION IN YUNOHOST #================================================= -# Remove the service from the list of services known by Yunohost (added from `yunohost service add`) +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) if ynh_exec_warn_less yunohost service status $app-videobridge >/dev/null then ynh_script_progression --message="Removing $app-videobridge service..." @@ -53,14 +53,39 @@ ynh_remove_systemd_config --service=$app-videobridge ynh_remove_systemd_config --service=$app-jicofo #================================================= -# REMOVE DEPENDENCIES +# RECONFIGURE PROSODY #================================================= -ynh_script_progression --message="Removing dependencies..." +ynh_script_progression --message="Reconfiguring Prosody..." -# Remove metapackage and its dependencies -ynh_remove_app_dependencies +prosodyctl deluser $focus_user@auth.$domain || true +prosodyctl deluser $videobridge_user@auth.$domain || true -#ynh_remove_nodejs +# Remove domain conf template +ynh_secure_remove --file="/etc/prosody/conf.d/$domain.cfg.lua" +ynh_secure_remove --file="/etc/prosody/conf.avail/$domain.cfg.lua" +ynh_secure_remove --file="/etc/prosody/certs/$domain.key" +ynh_secure_remove --file="/etc/prosody/certs/$domain.crt" +ynh_secure_remove --file="/var/lib/prosody/$domain.key" +ynh_secure_remove --file="/var/lib/prosody/$domain.crt" +ynh_secure_remove --file="/var/lib/prosody/$domain.cnf" +ynh_secure_remove --file="/etc/prosody/certs/auth.$domain.key" +ynh_secure_remove --file="/etc/prosody/certs/auth.$domain.crt" +ynh_secure_remove --file="/var/lib/prosody/auth.$domain.key" +ynh_secure_remove --file="/var/lib/prosody/auth.$domain.crt" +ynh_secure_remove --file="/var/lib/prosody/auth.$domain.cnf" +ynh_secure_remove --file="/usr/local/share/ca-certificates/auth.$domain.crt" + +update-ca-certificates -f + +ynh_systemd_action --service_name=prosody --action=restart + +#================================================= +# REMOVE LOGROTATE CONFIGURATION +#================================================= +ynh_script_progression --message="Removing logrotate configuration..." + +# Remove the app-specific logrotate config +ynh_remove_logrotate #================================================= # REMOVE APP MAIN DIR @@ -73,18 +98,18 @@ ynh_secure_remove --file="$final_path" #================================================= # REMOVE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Removing nginx web server configuration..." +ynh_script_progression --message="Removing NGINX web server configuration..." -# Remove the dedicated nginx config +# Remove the dedicated NGINX config ynh_remove_nginx_config #================================================= -# REMOVE LOGROTATE CONFIGURATION +# REMOVE DEPENDENCIES #================================================= -ynh_script_progression --message="Removing logrotate configuration..." +ynh_script_progression --message="Removing dependencies..." -# Remove the app-specific logrotate config -ynh_remove_logrotate +# Remove metapackage and its dependencies +ynh_remove_app_dependencies #================================================= # CLOSE A PORT @@ -102,57 +127,16 @@ then ynh_exec_warn_less yunohost firewall disallow UDP $port_videobridge fi -if yunohost firewall list | grep -q "\- $port_component$" -then - ynh_script_progression --message="Closing port $port_component..." - ynh_exec_warn_less yunohost firewall disallow TCP $port_component -fi - #================================================= # SPECIFIC REMOVE #================================================= -# RECONFIGURE METRONOME +# REMOVE VARIOUS FILES #================================================= -ynh_script_progression --message="Reconfiguring Metronome..." +ynh_script_progression --message="Removing various files..." -metronomectl deluser $focus_user@auth.$domain || true -metronomectl deluser $videobridge_user@auth.$domain || true - -# Remove domain conf template -ynh_secure_remove --file="/usr/share/yunohost/templates/jitsi/$domain.cfg.lua" -ynh_secure_remove --file="/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua" - -# Remove Jitsi template directory -if [ -z "$(ls -A /usr/share/yunohost/templates/jitsi)" ]; then - ynh_secure_remove --file="/usr/share/yunohost/templates/jitsi" -fi - -# Remove Metronome Hook -ynh_secure_remove --file="/usr/share/yunohost/hooks/conf_regen/50-metronome_$app" - -yunohost tools regen-conf metronome --force - -# Delete focus user -# yunohost user delete $focus_user --purge -# yunohost user delete $videobridge_user --purge -yunohost domain remove auth.$domain - -#================================================= -# REMOVE THE CONFIG -#================================================= -ynh_script_progression --message="Removing the config..." - -# Remove the log files +# Remove a directory securely ynh_secure_remove --file="/etc/$app" -ynh_secure_remove --file="/etc/sysctl.d/20-jvb-udp-buffers.conf" -sysctl --system || true - -#================================================= -# REMOVE THE LOG FILES -#================================================= -ynh_script_progression --message="Removing the log files..." - # Remove the log files ynh_secure_remove --file="/var/log/$app" diff --git a/scripts/restore b/scripts/restore index 10c76f1..c976aad 100644 --- a/scripts/restore +++ b/scripts/restore @@ -23,7 +23,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading settings..." +ynh_script_progression --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME @@ -47,8 +47,6 @@ port_component=$(ynh_app_setting_get --app=$app --key=port_component) #================================================= ynh_script_progression --message="Validating restoration parameters..." -ynh_webpath_available --domain=$domain --path_url=$path_url \ - || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ || ynh_die --message="There is already a directory: $final_path " @@ -57,10 +55,18 @@ test ! -d $final_path \ #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the nginx configuration..." +ynh_script_progression --message="Restoring the NGINX web server configuration..." ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -68,20 +74,6 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$final_path" -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir=$final_path - -#================================================= -# RESTORE USER RIGHTS -#================================================= -ynh_script_progression --message="Restoring user rights..." - -# Restore permissions on app files chown -R root: $final_path #================================================= @@ -94,7 +86,10 @@ ynh_script_progression --message="Reinstalling dependencies..." # Define and install dependencies ynh_install_app_dependencies $pkg_dependencies -#ynh_install_nodejs --nodejs_version=10 +if ! yunohost app list | grep -q "prosody" +then + yunohost app install prosody --args "domain=$domain&admin=$admin&language=$language&password=$password" +fi #================================================= # CONFIGURE FIREWALL @@ -106,26 +101,29 @@ ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port ynh_exec_warn_less yunohost firewall allow --no-upnp UDP $port_videobridge #================================================= -# CONFIGURE METRONOME +# CONFIGURE PROSODY #================================================= -ynh_script_progression --message="Configuring metronome..." +ynh_script_progression --message="Configuring prosody..." -# Create additional domains -yunohost domain add auth.$domain +ynh_restore_file --origin_path="/etc/prosody/conf.avail/$domain.cfg.lua" +ln -s "/etc/prosody/conf.avail/$domain.cfg.lua" "/etc/prosody/conf.d/$domain.cfg.lua" -# Create focus user -yunohost user create $focus_user -f $focus_user -l $focus_user -m ${focus_user}@auth.$domain -p $focus_password -q 0 -yunohost user create $videobridge_user -f $videobridge_user -l $videobridge_user -m ${videobridge_user}@auth.$domain -p $videobridge_secret -q 0 +ln -sf /var/lib/prosody/$domain.key /etc/prosody/certs/$domain.key +ln -sf /var/lib/prosody/$domain.crt /etc/prosody/certs/$domain.crt -# Restore Metronome domain conf template -mkdir -p /usr/share/yunohost/templates/jitsi/ -ynh_restore_file --origin_path="/usr/share/yunohost/templates/jitsi/$domain.cfg.lua" -ynh_restore_file --origin_path="/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua" +ln -sf "/var/lib/prosody/auth.$domain.key" "/etc/prosody/certs/auth.$domain.key" +ln -sf "/var/lib/prosody/auth.$domain.crt" "/etc/prosody/certs/auth.$domain.crt" +ln -sf "/var/lib/prosody/auth.$domain.crt" "/usr/local/share/ca-certificates/auth.$domain.crt" -# Restore Metronome Hook -ynh_restore_file --origin_path="/usr/share/yunohost/hooks/conf_regen/50-metronome_$app" +update-ca-certificates -f -yunohost tools regen-conf metronome --force +ynh_systemd_action --service_name="prosody" --action="restart" + +prosodyctl register "$focus_user" "auth.$domain" "$focus_password" + +prosodyctl register "$videobridge_user" "auth.$domain" "$videobridge_secret" + +prosodyctl mod_roster_command subscribe $focus_user.$domain $focus_user@auth.$domain #================================================= # RESTORE THE APP CONFIG @@ -152,13 +150,20 @@ systemctl enable $app-videobridge.service ynh_restore_file --origin_path="/etc/systemd/system/$app-jicofo.service" systemctl enable $app-jicofo.service +#================================================= +# RESTORE THE LOGROTATE CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the logrotate configuration..." + +ynh_restore_file --origin_path="/etc/logrotate.d/$app" + #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." -yunohost service add $app-videobridge --log "/var/log/$app/$app-videobridge.log" -yunohost service add $app-jicofo --log "/var/log/$app/$app-jicofo.log" +yunohost service add $app-videobridge --log="/var/log/$app/$app-videobridge.log" +yunohost service add $app-jicofo --log="/var/log/$app/$app-jicofo.log" #================================================= # START SYSTEMD SERVICE @@ -168,19 +173,12 @@ ynh_script_progression --message="Starting a systemd service..." ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log" ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log" -#================================================= -# RESTORE THE LOGROTATE CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the logrotate configuration..." - -ynh_restore_file --origin_path="/etc/logrotate.d/$app" - #================================================= # GENERIC FINALIZATION #================================================= # RELOAD NGINX AND PHP-FPM #================================================= -ynh_script_progression --message="Reloading nginx web server and php-fpm..." +ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/upgrade b/scripts/upgrade index 3417659..d9d6086 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -39,61 +39,6 @@ ynh_script_progression --message="Checking version..." upgrade_type=$(ynh_check_app_version_changed) current_version=$(ynh_read_manifest --manifest="/etc/yunohost/apps/$app/manifest.json" --manifest_key="version" || echo 1.0) -#================================================= -# ENSURE DOWNWARD COMPATIBILITY -#================================================= -ynh_script_progression --message="Ensuring downward compatibility..." - -# If final_path doesn't exist, create it -if [ -z "$final_path" ]; then - final_path=/var/www/$app - ynh_app_setting_set --app=$app --key=final_path --value=$final_path -fi - -if ynh_version_gt "1.0.3387~ynh2" "${current_version}" ; then - # Add Metronome domain conf template - metronome_conf="/usr/share/yunohost/templates/jitsi/$domain.cfg.lua" - mkdir -p /usr/share/yunohost/templates/jitsi/ - cp ../conf/metronome.cfg.lua $metronome_conf - ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$metronome_conf" - ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$metronome_conf" - ynh_replace_string --match_string="__FOCUS_SECRET__" --replace_string="$focus_secret" --target_file="$metronome_conf" - ynh_replace_string --match_string="__PORT_COMPONENT__" --replace_string="$port_component" --target_file="$metronome_conf" - - touch "/usr/share/yunohost/templates/jitsi/auth.$domain.cfg.lua" - touch "/usr/share/yunohost/templates/jitsi/conference.$domain.cfg.lua" - touch "/usr/share/yunohost/templates/jitsi/jitsi-videobridge.$domain.cfg.lua" - touch "/usr/share/yunohost/templates/jitsi/focus.$domain.cfg.lua" - - # Add Metronome hook - cp -R ../conf/metronome_regen_conf.hook /usr/share/yunohost/hooks/conf_regen/50-metronome_$app - - yunohost tools regen-conf metronome --force -fi - -if ynh_version_gt "1.0.3969~ynh1" "${current_version}" ; then - # Remove not needed domains - yunohost domain remove conference.$domain - yunohost domain remove jitsi-videobridge.$domain - yunohost domain remove focus.$domain - - # Remove Previously installed Metronome modules - ynh_secure_remove --file="/usr/lib/metronome/modules/mod_carbons.lua" - ynh_secure_remove --file="/usr/lib/metronome/modules/mod_http_altconnect.lua" - ynh_secure_remove --file="/usr/lib/metronome/modules/mod_smacks.lua" - - # Remove nodejs - ynh_remove_nodejs -fi - -# Closing port_component -if yunohost firewall list | grep -q "\- $port_component$" -then - ynh_script_progression --message="Closing port $port_component..." - ynh_exec_warn_less yunohost firewall disallow TCP $port_component -fi - - #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= @@ -102,9 +47,9 @@ ynh_script_progression --message="Backing up the app before upgrading (may take # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup ynh_clean_check_starting + # Restore it if the upgrade fails + ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -119,6 +64,25 @@ ynh_script_progression --message="Stopping a systemd service..." ynh_systemd_action --service_name=$app-videobridge --action="stop" --log_path="/var/log/$app/$app-videobridge.log" ynh_systemd_action --service_name=$app-jicofo --action="stop" --log_path="/var/log/$app/$app-jicofo.log" +#================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= +ynh_script_progression --message="Ensuring downward compatibility..." + +# If final_path doesn't exist, create it +if [ -z "$final_path" ]; then + final_path=/var/www/$app + ynh_app_setting_set --app=$app --key=final_path --value=$final_path +fi + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -129,7 +93,7 @@ then # Download, check integrity, uncompress and patch the source from app.src declare -A packages - packages[jicofo]="jicofo" + packages[jitsi-jicofo]="jicofo" packages[jitsi-meet-prosody]="jitsi-meet/prosody-plugins" packages[jitsi-meet-web]="jitsi-meet" packages[jitsi-videobridge]="jitsi-videobridge" @@ -146,29 +110,14 @@ then mv "$final_path/${package}_temp/usr/share/${packages[$package]}/" "$final_path/${package}/" ynh_secure_remove --file="$final_path/${package}_temp" done - - # Adapt prosody module to metronome - for file in $final_path/jitsi-meet-prosody/*.lua - do - ynh_replace_string --match_string="prosody" --replace_string="metronome" --target_file="$file" - ynh_replace_string --match_string="Prosody" --replace_string="Metronome" --target_file="$file" - done - - for directory in $final_path/jitsi-meet-prosody/*/; do - for file in $directory/*.lua - do - ynh_replace_string --match_string="prosody" --replace_string="metronome" --target_file="$file" - ynh_replace_string --match_string="Prosody" --replace_string="Metronome" --target_file="$file" - done - done fi #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Upgrading nginx web server configuration..." +ynh_script_progression --message="Upgrading NGINX web server configuration..." -# Create a dedicated nginx config +# Create a dedicated NGINX config ynh_add_nginx_config #================================================= @@ -178,15 +127,12 @@ ynh_script_progression --message="Upgrading dependencies..." ynh_install_app_dependencies $pkg_dependencies -#ynh_install_nodejs --nodejs_version=10 - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir=$final_path +if ! yunohost app list | grep -q "prosody" +then + yunohost app install prosody --args "domain=$domain&admin=$admin&language=$language&password=$password" +elfi + yunohost app upgrade +fi #================================================= # SPECIFIC UPGRADE @@ -232,10 +178,6 @@ then jitsi_videobridge_log4j2_conf="/etc/$app/videobridge/log4j2.xml" cp ../conf/jitsi-videobridge-log4j2.xml "$jitsi_videobridge_log4j2_conf" ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$jitsi_videobridge_log4j2_conf" - - jitsi_videobridge_20_jvb_udp_buffers_conf="/etc/sysctl.d/videobridge/20-jvb-udp-buffers.conf" - cp ../conf/jitsi-videobridge-20-jvb-udp-buffers.conf "$jitsi_videobridge_20_jvb_udp_buffers_conf" - sysctl --system || true fi #================================================= @@ -329,18 +271,10 @@ ynh_script_progression --message="Starting a systemd service..." ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log" ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log" -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Upgrading SSOwat configuration..." - -# Make app public -ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" - #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --service_name=nginx --action=reload