diff --git a/conf/config.js b/conf/config.js index 11acce7..cbccfcf 100644 --- a/conf/config.js +++ b/conf/config.js @@ -14,9 +14,6 @@ var config = { // Domain for authenticated users. Defaults to . // authdomain: '__DOMAIN__', - // Jirecon recording component domain. - // jirecon: 'jirecon.__DOMAIN__', - // Call control component (Jigasi). // call_control: 'callcontrol.__DOMAIN__', @@ -24,7 +21,7 @@ var config = { // focus: 'focus.__DOMAIN__', // XMPP MUC domain. FIXME: use XEP-0030 to discover it. - muc: 'conference.__DOMAIN__' + muc: 'conference.__DOMAIN__' }, // BOSH URL. FIXME: use XEP-0156 to discover it. @@ -37,6 +34,8 @@ var config = { clientNode: 'http://jitsi.org/jitsimeet', // The real JID of focus participant - can be overridden here + // Do not change username - FIXME: Make focus username configurable + // https://github.com/jitsi/jitsi-meet/issues/7376 // focusUserJid: 'focus@auth.__DOMAIN__', @@ -44,6 +43,10 @@ var config = { // testing: { + // Disables the End to End Encryption feature. Useful for debugging + // issues related to insertable streams. + // disableE2EE: false, + // P2P test mode disables automatic switching to P2P when there are 2 // participants in the conference. p2pTestMode: false @@ -61,6 +64,11 @@ var config = { // adjusted to 2.5 Mbps. This takes a value between 0 and 1 which determines // the probability for this to be enabled. // capScreenshareBitrate: 1 // 0 to disable + + // Enable callstats only for a percentage of users. + // This takes a value between 0 and 100 which determines the probability for + // the callstats to be enabled. + // callStatsThreshold: 5 // enable callstats for 5% of the users. }, // Disables ICE/UDP by filtering out local and remote UDP candidates in @@ -107,11 +115,23 @@ var config = { // participants and to enable it back a reload is needed. // startSilent: false + // Sets the preferred target bitrate for the Opus audio codec by setting its + // 'maxaveragebitrate' parameter. Currently not available in p2p mode. + // Valid values are in the range 6000 to 510000 + // opusMaxAverageBitrate: 20000, + + // Enables redundancy for Opus + // enableOpusRed: false + // Video // Sets the preferred resolution (height) for local video. Defaults to 720. // resolution: 720, + // How many participants while in the tile view mode, before the receiving video quality is reduced from HD to SD. + // Use -1 to disable. + // maxFullResolutionParticipants: 2, + // w3c spec-compliant video constraints to use for video capture. Currently // used by browsers that return true from lib-jitsi-meet's // util#browser#usesNewGumFlow. The constraints are independent from @@ -146,6 +166,7 @@ var config = { // Note that it's not recommended to do this because simulcast is not // supported when using H.264. For 1-to-1 calls this setting is enabled by // default and can be toggled in the p2p section. + // This option has been deprecated, use preferredCodec under videoQuality section instead. // preferH264: true, // If set to true, disable H.264 video codec by stripping it out of the @@ -154,22 +175,6 @@ var config = { // Desktop sharing - // The ID of the jidesha extension for Chrome. - desktopSharingChromeExtId: null, - - // Whether desktop sharing should be disabled on Chrome. - // desktopSharingChromeDisabled: false, - - // The media sources to use when using screen sharing with the Chrome - // extension. - desktopSharingChromeSources: [ 'screen', 'window', 'tab' ], - - // Required version of Chrome extension - desktopSharingChromeMinExtVersion: '0.1', - - // Whether desktop sharing should be disabled on Firefox. - // desktopSharingFirefoxDisabled: false, - // Optional desktop sharing frame rate options. Default value: min:5, max:5. // desktopSharingFrameRate: { // min: 5, @@ -188,9 +193,9 @@ var config = { // appKey: '' // Specify your app key here. // // A URL to redirect the user to, after authenticating // // by default uses: - // // 'https://jitsi-meet.example.com/static/oauth.html' + // // 'https://__DOMAIN__/static/oauth.html' // redirectURI: - // 'https://jitsi-meet.example.com/subfolder/static/oauth.html' + // 'https://__DOMAIN__/subfolder/static/oauth.html' // }, // When integrations like dropbox are enabled only that will be shown, // by enabling fileRecordingsServiceEnabled, we show both the integrations @@ -217,6 +222,64 @@ var config = { // Default value for the channel "last N" attribute. -1 for unlimited. channelLastN: -1, + // Provides a way to use different "last N" values based on the number of participants in the conference. + // The keys in an Object represent number of participants and the values are "last N" to be used when number of + // participants gets to or above the number. + // + // For the given example mapping, "last N" will be set to 20 as long as there are at least 5, but less than + // 29 participants in the call and it will be lowered to 15 when the 30th participant joins. The 'channelLastN' + // will be used as default until the first threshold is reached. + // + // lastNLimits: { + // 5: 20, + // 30: 15, + // 50: 10, + // 70: 5, + // 90: 2 + // }, + + // Specify the settings for video quality optimizations on the client. + // videoQuality: { + // // Provides a way to prevent a video codec from being negotiated on the JVB connection. The codec specified + // // here will be removed from the list of codecs present in the SDP answer generated by the client. If the + // // same codec is specified for both the disabled and preferred option, the disable settings will prevail. + // // Note that 'VP8' cannot be disabled since it's a mandatory codec, the setting will be ignored in this case. + // disabledCodec: 'H264', + // + // // Provides a way to set a preferred video codec for the JVB connection. If 'H264' is specified here, + // // simulcast will be automatically disabled since JVB doesn't support H264 simulcast yet. This will only + // // rearrange the the preference order of the codecs in the SDP answer generated by the browser only if the + // // preferred codec specified here is present. Please ensure that the JVB offers the specified codec for this + // // to take effect. + // preferredCodec: 'VP8', + // + // // Provides a way to configure the maximum bitrates that will be enforced on the simulcast streams for + // // video tracks. The keys in the object represent the type of the stream (LD, SD or HD) and the values + // // are the max.bitrates to be set on that particular type of stream. The actual send may vary based on + // // the available bandwidth calculated by the browser, but it will be capped by the values specified here. + // // This is currently not implemented on app based clients on mobile. + // maxBitratesVideo: { + // low: 200000, + // standard: 500000, + // high: 1500000 + // }, + // + // // The options can be used to override default thresholds of video thumbnail heights corresponding to + // // the video quality levels used in the application. At the time of this writing the allowed levels are: + // // 'low' - for the low quality level (180p at the time of this writing) + // // 'standard' - for the medium quality level (360p) + // // 'high' - for the high quality level (720p) + // // The keys should be positive numbers which represent the minimal thumbnail height for the quality level. + // // + // // With the default config value below the application will use 'low' quality until the thumbnails are + // // at least 360 pixels tall. If the thumbnail height reaches 720 pixels then the application will switch to + // // the high quality. + // minHeightForQualityLvl: { + // 360: 'standard, + // 720: 'high' + // } + // }, + // // Options for the recording limit notification. // recordingLimit: { // @@ -260,10 +323,6 @@ var config = { // is set in Jicofo and set to 2). // minParticipants: 2, - // Use the TURN servers discovered via XEP-0215 for the jitsi-videobridge - // connection - // useStunTurn: true, - // Use TURN/UDP servers for the jitsi-videobridge connection (by default // we filter out TURN/UDP because it is usually not needed since the // bridge itself is reachable via UDP) @@ -274,11 +333,15 @@ var config = { // 'datachannel'), undefined (treat it as 'datachannel') and false (don't // open any channel). // openBridgeChannel: true, + openBridgeChannel: 'websocket', // UI // + // Hides lobby button + // hideLobbyButton: false, + // Require users to always specify a display name. // requireDisplayName: true, @@ -319,14 +382,18 @@ var config = { // and microsoftApiApplicationClientID // enableCalendarIntegration: false, - // When 'true', it shows an intermediate page before joining, where the user can configure its devices. + // When 'true', it shows an intermediate page before joining, where the user can configure their devices. // prejoinPageEnabled: false, - // If true, shows the unsafe roon name warning label when a room name is + // If true, shows the unsafe room name warning label when a room name is // deemed unsafe (due to the simplicity in the name) and a password is not // set or the lobby is not enabled. // enableInsecureRoomNameWarning: false, + // Whether to automatically copy invitation URL after creating a room. + // Document should be focused for this option to work + // enableAutomaticUrlCopy: false, + // Stats // @@ -344,10 +411,10 @@ var config = { // callStatsID: '', // callStatsSecret: '', - // enables sending participants display name to callstats + // Enables sending participants' display names to callstats // enableDisplayNameInStats: false, - // enables sending participants email if available to callstats and other analytics + // Enables sending participants' emails (if available) to callstats and other analytics // enableEmailInStats: false, // Privacy @@ -371,15 +438,12 @@ var config = { // connection. enabled: true, - // Use XEP-0215 to fetch STUN and TURN servers. - // useStunTurn: true, - // The STUN servers that will be used in the peer to peer connections stunServers: [ - // { urls: 'stun:__DOMAIN__:4446' }, + // { urls: 'stun:__DOMAIN__:3478' }, { urls: 'stun:meet-jit-si-turnrelay.jitsi.net:443' } - ], + ] // Sets the ICE transport policy for the p2p connection. At the time // of this writing the list of possible values are 'all' and 'relay', @@ -390,13 +454,20 @@ var config = { // iceTransportPolicy: 'all', // If set to true, it will prefer to use H.264 for P2P calls (if H.264 - // is supported). - preferH264: true + // is supported). This setting is deprecated, use preferredCodec instead. + // preferH264: true + + // Provides a way to set the video codec preference on the p2p connection. Acceptable + // codec values are 'VP8', 'VP9' and 'H264'. + // preferredCodec: 'H264', // If set to true, disable H.264 video codec by stripping it out of the - // SDP. + // SDP. This setting is deprecated, use disabledCodec instead. // disableH264: false, + // Provides a way to prevent a video codec from being negotiated on the p2p connection. + // disabledCodec: '', + // How long we're going to wait, before going back to P2P after the 3rd // participant has left the conference (to filter out page reload). // backToP2PDelay: 5 @@ -413,6 +484,21 @@ var config = { // The Amplitude APP Key: // amplitudeAPPKey: '' + // Configuration for the rtcstats server: + // By enabling rtcstats server every time a conference is joined the rtcstats + // module connects to the provided rtcstatsEndpoint and sends statistics regarding + // PeerConnection states along with getStats metrics polled at the specified + // interval. + // rtcstatsEnabled: true, + + // In order to enable rtcstats one needs to provide a endpoint url. + // rtcstatsEndpoint: wss://rtcstats-server-pilot.jitsi.net/, + + // The interval at which rtcstats will poll getStats, defaults to 1000ms. + // If the value is set to 0 getStats won't be polled and the rtcstats client + // will only send data related to RTCPeerConnection events. + // rtcstatsPolIInterval: 1000 + // Array of script URLs to load as lib-jitsi-meet "analytics handlers". // scriptURLs: [ // "libs/analytics-ga.min.js", // google-analytics @@ -420,6 +506,9 @@ var config = { // ], }, + // Logs that should go be passed through the 'log' event if a handler is defined for it + // apiLogLevels: ['warn', 'log', 'error', 'info', 'debug'], + // Information about the jitsi-meet instance we are connecting to, including // the user region as seen by the server. deploymentInfo: { @@ -520,7 +609,7 @@ var config = { /** External API url used to receive branding specific information. If there is no url set or there are missing fields, the defaults are applied. - None of the fieds are mandatory and the response must have the shape: + None of the fields are mandatory and the response must have the shape: { // The hex value for the colour used as background backgroundColor: '#fff', @@ -534,11 +623,14 @@ var config = { */ // brandingDataUrl: '', + // The URL of the moderated rooms microservice, if available. If it + // is present, a link to the service will be rendered on the welcome page, + // otherwise the app doesn't render it. + // moderatedRoomServiceUrl: 'https://moderated.__DOMAIN__', + // List of undocumented settings used in jitsi-meet /** _immediateReloadThreshold - autoRecord - autoRecordToken debug debugAudioLevels deploymentInfo @@ -561,6 +653,13 @@ var config = { tokenAuthUrl */ + /** + * This property can be used to alter the generated meeting invite links (in combination with a branding domain + * which is retrieved internally by jitsi meet) (e.g. https://meet.jit.si/someMeeting + * can become https://brandedDomain/roomAlias) + */ + // brandingRoomAlias: null, + // List of undocumented settings used in lib-jitsi-meet /** _peerConnStatusOutOfLastNTimeout diff --git a/conf/jitsi-jicofo-logging.properties b/conf/jitsi-jicofo-logging.properties index 078e3e1..aa53e29 100644 --- a/conf/jitsi-jicofo-logging.properties +++ b/conf/jitsi-jicofo-logging.properties @@ -6,6 +6,7 @@ handlers= java.util.logging.ConsoleHandler # Handlers with syslog enabled: #handlers= java.util.logging.ConsoleHandler, com.agafua.syslog.SyslogHandler +#handlers= java.util.logging.ConsoleHandler, io.sentry.jul.SentryHandler java.util.logging.ConsoleHandler.level = ALL java.util.logging.ConsoleHandler.formatter = net.java.sip.communicator.util.ScLogFormatter @@ -31,7 +32,7 @@ org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler.append=true org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler.limit=200000000 org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler.count=3 -# Syslog(uncomment handler to use) +# Syslog (uncomment handler to use) com.agafua.syslog.SyslogHandler.transport = udp com.agafua.syslog.SyslogHandler.facility = local0 com.agafua.syslog.SyslogHandler.port = 514 @@ -40,6 +41,9 @@ com.agafua.syslog.SyslogHandler.formatter = net.java.sip.communicator.util.ScLog com.agafua.syslog.SyslogHandler.escapeNewlines = false com.agafua.syslog.SyslogHandler.filter = org.jitsi.impl.protocol.xmpp.log.ExcludeXmppPackets +# Sentry (uncomment handler to use) +io.sentry.jul.SentryHandler.level=WARNING + # to disable double timestamps in syslog uncomment next line #net.java.sip.communicator.util.ScLogFormatter.disableTimestamp=true diff --git a/conf/jitsi-jicofo-sip-communicator.properties b/conf/jitsi-jicofo-sip-communicator.properties index a30f768..8ca1252 100644 --- a/conf/jitsi-jicofo-sip-communicator.properties +++ b/conf/jitsi-jicofo-sip-communicator.properties @@ -1,2 +1 @@ org.jitsi.jicofo.BRIDGE_MUC=JvbBrewery@internal.auth.__DOMAIN__ -org.jitsi.jicofo.health.ENABLE_HEALTH_CHECKS=true diff --git a/conf/jitsi-jicofo.config b/conf/jitsi-jicofo.config index 326a32d..46c0f30 100644 --- a/conf/jitsi-jicofo.config +++ b/conf/jitsi-jicofo.config @@ -5,18 +5,18 @@ JICOFO_HOST=127.0.0.1 # sets the XMPP domain (default: none) JICOFO_HOSTNAME=__DOMAIN__ -# sets the port to use for the XMPP component connection -JICOFO_PORT=__PORT_COMPONENT__ - # sets the secret used to authenticate as an XMPP component JICOFO_SECRET=__FOCUS_SECRET__ -# sets the username to use for XMPP user logins -JICOFO_AUTH_USER=__FOCUS_USER__ +# sets the port to use for the XMPP component connection +JICOFO_PORT=__PORT_COMPONENT__ # sets the XMPP domain name to use for XMPP user logins JICOFO_AUTH_DOMAIN=auth.__DOMAIN__ +# sets the username to use for XMPP user logins +JICOFO_AUTH_USER=__FOCUS_USER__ + # sets the password to use for XMPP user logins JICOFO_AUTH_PASSWORD=__FOCUS_PASSWORD__ @@ -24,4 +24,5 @@ JICOFO_AUTH_PASSWORD=__FOCUS_PASSWORD__ JICOFO_OPTS="" # adds java system props that are passed to jicofo (default are for home and logging config file) -JAVA_SYS_PROPS="-Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/__APP__ -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=jicofo -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/__APP__ -Djava.util.logging.config.file=/etc/__APP__/jicofo/logging.properties" +JAVA_SYS_PROPS="-Dconfig.file=/etc/__APP__/jicofo/jicofo.conf -Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/__APP__ -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=jicofo -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/__APP__ -Djava.util.logging.config.file=/etc/__APP__/jicofo/logging.properties" + diff --git a/conf/jitsi-videobridge-log4j2.xml b/conf/jitsi-videobridge-log4j2.xml index 38f6202..94af885 100644 --- a/conf/jitsi-videobridge-log4j2.xml +++ b/conf/jitsi-videobridge-log4j2.xml @@ -1,26 +1,26 @@ - /var/log/__APP__ - + /var/log/__APP__ + - - - - - - - + + + + + + + - - + + diff --git a/conf/jitsi-videobridge-logging.properties b/conf/jitsi-videobridge-logging.properties index ba2009b..058de95 100644 --- a/conf/jitsi-videobridge-logging.properties +++ b/conf/jitsi-videobridge-logging.properties @@ -1,5 +1,6 @@ handlers= java.util.logging.ConsoleHandler #handlers= java.util.logging.ConsoleHandler, com.agafua.syslog.SyslogHandler +#handlers= java.util.logging.ConsoleHandler, io.sentry.jul.SentryHandler java.util.logging.ConsoleHandler.level = ALL java.util.logging.ConsoleHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter @@ -13,7 +14,7 @@ org.jitsi.videobridge.xmpp.ComponentImpl.level=FINE # All of the INFO level logs from MediaStreamImpl are unnecessary in the context of jitsi-videobridge. org.jitsi.impl.neomedia.MediaStreamImpl.level=WARNING -# Syslog(uncomment handler to use) +# Syslog (uncomment handler to use) com.agafua.syslog.SyslogHandler.transport = udp com.agafua.syslog.SyslogHandler.facility = local0 com.agafua.syslog.SyslogHandler.port = 514 @@ -21,5 +22,23 @@ com.agafua.syslog.SyslogHandler.hostname = 127.0.0.1 com.agafua.syslog.SyslogHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter com.agafua.syslog.SyslogHandler.escapeNewlines = false +# Sentry (uncomment handler to use) +io.sentry.jul.SentryHandler.level=WARNING + # to disable double timestamps in syslog uncomment next line #net.java.sip.communicator.util.ScLogFormatter.disableTimestamp=true + +# time series logging +java.util.logging.SimpleFormatter.format= %5$s%n +java.util.logging.FileHandler.level = ALL +java.util.logging.FileHandler.formatter = java.util.logging.SimpleFormatter +java.util.logging.FileHandler.pattern = /tmp/jvb-series.log +java.util.logging.FileHandler.limit = 200000000 +java.util.logging.FileHandler.count = 1 +java.util.logging.FileHandler.append = false + +timeseries.level=OFF +timeseries.org.jitsi.videobridge.cc.BitrateController.level=ALL +timeseries.useParentHandlers = false +# time series logging is disabled by default. Uncomment the line below to enable it. +#timeseries.handlers = java.util.logging.FileHandler diff --git a/conf/jitsi-videobridge.config b/conf/jitsi-videobridge.config index 5280acf..2ffcc96 100644 --- a/conf/jitsi-videobridge.config +++ b/conf/jitsi-videobridge.config @@ -1,11 +1,11 @@ # Jitsi Videobridge settings -# sets the hostname of the XMPP server (default: domain if set, 127.0.0.1 otherwise) -JVB_HOST=127.0.0.1 - # sets the XMPP domain (default: none) JVB_HOSTNAME=__DOMAIN__ +# sets the hostname of the XMPP server (default: domain if set, localhost otherwise) +JVB_HOST=127.0.0.1 + # sets the port of the XMPP server (default: 5275) JVB_PORT=__PORT_COMPONENT__ @@ -13,8 +13,8 @@ JVB_PORT=__PORT_COMPONENT__ JVB_SECRET=__VIDEOBRIDGE_SECRET__ # extra options to pass to the JVB daemon -JVB_OPTS="--apis=xmpp,rest" +JVB_OPTS="--apis=," # adds java system props that are passed to jvb (default are for home and logging config file) -JAVA_SYS_PROPS="-Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/__APP__ -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=videobridge -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/__APP__ -Djava.util.logging.config.file=/etc/__APP__/videobridge/logging.properties" +JAVA_SYS_PROPS="-Dconfig.file=/etc/__APP__/videobridge/jvb.conf -Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/__APP__ -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=videobridge -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/__APP__ -Djava.util.logging.config.file=/etc/__APP__/videobridge/logging.properties" diff --git a/conf/metronome.cfg.lua b/conf/metronome.cfg.lua index 824a977..9ada76f 100644 --- a/conf/metronome.cfg.lua +++ b/conf/metronome.cfg.lua @@ -1,80 +1,78 @@ -component_ports = { __PORT_COMPONENT__ } - --- Make the focus user a global administrator -admins = { "__FOCUS_USER__@auth.__DOMAIN__" } - --- c2s_require_encryption = false --Why would it be needed? --- s2s_secure_auth = false - plugin_paths = { "__FINAL_PATH__/jitsi-meet-prosody/" } -- domain mapper options, must at least have domain base set to use the mapper muc_mapper_domain_base = "__DOMAIN__"; +turncredentials_secret = "__TURN_SECRET__"; + +turncredentials = { + { type = "stun", host = "__DOMAIN__", port = "3478" }, + { type = "turn", host = "__DOMAIN__", port = "3478", transport = "udp" }, + { type = "turns", host = "__DOMAIN__", port = "5349", transport = "tcp" } +}; + cross_domain_bosh = false; consider_bosh_secure = true; +-- https_ports = { }; -- Remove this line to prevent listening on port 5284 + +-- https://ssl-config.mozilla.org/#server=haproxy&version=2.1&config=intermediate&openssl=1.1.0g&guideline=5.4 +--ssl = { +-- protocol = "tlsv1_2+"; +-- ciphers = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384" +--} VirtualHost "__DOMAIN__" - authentication = "anonymous" - -- Properties below are modified by jitsi-meet-tokens package config - -- and authentication above is switched to "token" - --app_id="example_app_id" - --app_secret="example_app_secret" - -- Assign this host a certificate for TLS, otherwise it would use the one - -- set in the global section (if any). - -- Note that old-style SSL on port 5223 only supports one certificate, and will always - -- use the global one. - ssl = { - key = "/etc/yunohost/certs/__DOMAIN__/key.pem"; - certificate = "/etc/yunohost/certs/__DOMAIN__/crt.pem"; - } - speakerstats_component = "speakerstats.__DOMAIN__" - conference_duration_component = "conferenceduration.__DOMAIN__" - -- we need bosh - modules_enabled = { - "bosh"; - "pubsub"; - "ping"; -- Enable mod_ping - "speakerstats"; - -- "turncredentials"; - "conference_duration"; - "extdisco"; - } - c2s_require_encryption = false - external_services = { - ["__DOMAIN__"] = { - { type = "stun", port = "4446", trasport = "udp" }, - { type = "stun", port = "4446", trasport = "tcp" }, - { type = "turn", port = "4446", transport = "udp", turn_secret = "__TURN_SECRET__", turn_ttl = "86400" }, - { type = "turns", port = "443", transport = "tcp", turn_secret = "__TURN_SECRET__", turn_ttl = "86400" } + authentication = "anonymous" + -- Properties below are modified by jitsi-meet-tokens package config + -- and authentication above is switched to "token" + --app_id="example_app_id" + --app_secret="example_app_secret" + -- Assign this host a certificate for TLS, otherwise it would use the one + -- set in the global section (if any). + -- Note that old-style SSL on port 5223 only supports one certificate, and will always + -- use the global one. + ssl = { + key = "/etc/yunohost/certs/__DOMAIN__/key.pem"; + certificate = "/etc/yunohost/certs/__DOMAIN__/crt.pem"; } - } + speakerstats_component = "speakerstats.__DOMAIN__" + conference_duration_component = "conferenceduration.__DOMAIN__" + -- we need bosh + modules_enabled = { + "bosh"; + "pubsub"; + "ping"; -- Enable mod_ping + "speakerstats"; + "turncredentials"; + "conference_duration"; + "muc_lobby_rooms"; + } + c2s_require_encryption = false + lobby_muc = "lobby.__DOMAIN__" + main_muc = "conference.__DOMAIN__" + -- muc_lobby_whitelist = { "recorder.__DOMAIN__" } -- Here we can whitelist jibri to enter lobby enabled rooms + Component "conference.__DOMAIN__" "muc" - storage = "internal" + --storage = "internal" modules_enabled = { "muc_meeting_id"; "muc_domain_mapper"; -- "token_verification"; } admins = { "__FOCUS_USER__@auth.__DOMAIN__" } - allow_anonymous_creation = true - instant_room_on_creation = true - room_default_config = { - whois = "anyone"; - } + muc_room_locking = false + muc_room_default_public_jids = true -- internal muc component Component "internal.auth.__DOMAIN__" "muc" - storage = "internal" + --storage = "internal" modules_enabled = { "ping"; } admins = { "__FOCUS_USER__@auth.__DOMAIN__", "__VIDEOBRIDGE_USER__@auth.__DOMAIN__" } - instant_room_on_creation = true - room_default_config = { - whois = "anyone"; - } + muc_room_locking = false + muc_room_default_public_jids = true VirtualHost "auth.__DOMAIN__" ssl = { @@ -85,12 +83,15 @@ VirtualHost "auth.__DOMAIN__" Component "focus.__DOMAIN__" component_secret = "__FOCUS_SECRET__" - -Component "jitsi-videobridge.__DOMAIN__" - component_secret = "__VIDEOBRIDGE_SECRET__" Component "speakerstats.__DOMAIN__" "speakerstats_component" muc_component = "conference.__DOMAIN__" Component "conferenceduration.__DOMAIN__" "conference_duration_component" muc_component = "conference.__DOMAIN__" + +Component "lobby.__DOMAIN__" "muc" + storage = "memory" + restrict_room_creation = true + muc_room_locking = false + muc_room_default_public_jids = true diff --git a/scripts/install b/scripts/install index 2471d61..4361fa2 100644 --- a/scripts/install +++ b/scripts/install @@ -140,6 +140,9 @@ for directory in $final_path/jitsi-meet-prosody/*/; do done done +# workaround for mod_turncredentials.lua +ynh_replace_string --match_string="local hmac_sha1 = require \"util.hashes\".hmac_sha1;" --replace_string="local hmac_sha1 = require \"util.hmac\".sha1;" --target_file="$final_path/jitsi-meet-prosody/mod_turncredentials.lua" + # workaround for mod_muc_domain_mapper ynh_replace_string --match_string="module:log(\"debug\"" --replace_string="-- module:log(\"debug\"" --target_file="$final_path/jitsi-meet-prosody/mod_muc_domain_mapper.lua"