diff --git a/playbooks/roles/jitsi-meet/files/interface_config.js b/playbooks/roles/jitsi-meet/files/interface_config.js index 769515f8dd..14db5d7413 100644 --- a/playbooks/roles/jitsi-meet/files/interface_config.js +++ b/playbooks/roles/jitsi-meet/files/interface_config.js @@ -1,87 +1,60 @@ +/* Based on + * https://github.com/jitsi/jitsi-meet/blob/jitsi-meet_7648/interface_config.js + * Licensed under the ASL v2. + */ + /* eslint-disable no-unused-vars, no-var, max-len */ +/* eslint sort-keys: ["error", "asc", {"caseSensitive": false}] */ + +/** + * !!!IMPORTANT!!! + * + * This file is considered deprecated. All options will eventually be moved to + * config.js, and no new options should be added here. + */ var interfaceConfig = { - // TO FIX: this needs to be handled from SASS variables. There are some - // methods allowing to use variables both in css and js. - DEFAULT_BACKGROUND: '#474747', - - /** - * Whether or not the blurred video background for large video should be - * displayed on browsers that can support it. - */ - DISABLE_VIDEO_BACKGROUND: true, - - INITIAL_TOOLBAR_TIMEOUT: 20000, - TOOLBAR_TIMEOUT: 4000, - TOOLBAR_ALWAYS_VISIBLE: false, - DEFAULT_REMOTE_DISPLAY_NAME: 'Fellow Jitster', - DEFAULT_LOCAL_DISPLAY_NAME: 'me', - SHOW_JITSI_WATERMARK: false, - JITSI_WATERMARK_LINK: 'https://jitsi.org', - - // if watermark is disabled by default, it can be shown only for guests - SHOW_WATERMARK_FOR_GUESTS: false, - SHOW_BRAND_WATERMARK: false, - BRAND_WATERMARK_LINK: '', - SHOW_POWERED_BY: false, - SHOW_DEEP_LINKING_IMAGE: false, - GENERATE_ROOMNAMES_ON_WELCOME_PAGE: true, - DISPLAY_WELCOME_PAGE_CONTENT: true, APP_NAME: 'Jitsi Meet', - NATIVE_APP_NAME: 'Jitsi Meet', - PROVIDER_NAME: 'Jitsi', - LANG_DETECTION: false, // Allow i18n to detect the system language - INVITATION_POWERED_BY: true, + AUDIO_LEVEL_PRIMARY_COLOR: 'rgba(255,255,255,0.4)', + AUDIO_LEVEL_SECONDARY_COLOR: 'rgba(255,255,255,0.2)', /** - * If we should show authentication block in profile + * A UX mode where the last screen share participant is automatically + * pinned. Valid values are the string "remote-only" so remote participants + * get pinned but not local, otherwise any truthy value for all participants, + * and any falsy value to disable the feature. + * + * Note: this mode is experimental and subject to breakage. */ - AUTHENTICATION_ENABLE: true, + AUTO_PIN_LATEST_SCREEN_SHARE: 'remote-only', + BRAND_WATERMARK_LINK: '', - /** - * The name of the toolbar buttons to display in the toolbar. If present, - * the button will display. Exceptions are "livestreaming" and "recording" - * which also require being a moderator and some values in config.js to be - * enabled. Also, the "profile" button will not display for user's with a - * jwt. - */ - TOOLBAR_BUTTONS: [ - 'microphone', 'camera', 'closedcaptions', 'desktop', 'fullscreen', - 'fodeviceselection', 'hangup', 'profile', 'info', 'chat', 'recording', - 'livestreaming', 'etherpad', 'sharedvideo', 'settings', 'raisehand', - 'videoquality', 'filmstrip', 'invite', 'feedback', 'stats', 'shortcuts', - 'tileview' - ], + CLOSE_PAGE_GUEST_HINT: false, // A html text to be shown to guests on the close page, false disables it - SETTINGS_SECTIONS: [ 'devices', 'language', 'moderator', 'profile', 'calendar' ], + DEFAULT_BACKGROUND: '#040404', + DEFAULT_LOGO_URL: 'images/watermark.svg', + DEFAULT_WELCOME_PAGE_LOGO_URL: 'images/watermark.svg', - // Determines how the video would fit the screen. 'both' would fit the whole - // screen, 'height' would fit the original video height to the height of the - // screen, 'width' would fit the original video width to the width of the - // screen respecting ratio. - VIDEO_LAYOUT_FIT: 'both', - - /** - * Whether to only show the filmstrip (and hide the toolbar). - */ - filmStripOnly: false, - - /** - * Whether to show thumbnails in filmstrip as a column instead of as a row. - */ - VERTICAL_FILMSTRIP: true, - - // A html text to be shown to guests on the close page, false disables it - CLOSE_PAGE_GUEST_HINT: false, - RANDOM_AVATAR_URL_PREFIX: false, - RANDOM_AVATAR_URL_SUFFIX: false, - FILM_STRIP_MAX_HEIGHT: 120, - - // Enables feedback star animation. - ENABLE_FEEDBACK_ANIMATION: false, - DISABLE_FOCUS_INDICATOR: false, DISABLE_DOMINANT_SPEAKER_INDICATOR: false, + /** + * If true, notifications regarding joining/leaving are no longer displayed. + */ + DISABLE_JOIN_LEAVE_NOTIFICATIONS: false, + + /** + * If true, presence status: busy, calling, connected etc. is not displayed. + */ + DISABLE_PRESENCE_STATUS: false, + + /** + * Whether the ringing sound in the call/ring overlay is disabled. If + * {@code undefined}, defaults to {@code false}. + * + * @type {boolean} + */ + DISABLE_RINGING: false, + /** * Whether the speech to text transcription subtitles panel is disabled. * If {@code undefined}, defaults to {@code false}. @@ -91,19 +64,46 @@ var interfaceConfig = { DISABLE_TRANSCRIPTION_SUBTITLES: false, /** - * Whether the ringing sound in the call/ring overlay is disabled. If - * {@code undefined}, defaults to {@code false}. - * - * @type {boolean} + * Whether or not the blurred video background for large video should be + * displayed on browsers that can support it. */ - DISABLE_RINGING: false, - AUDIO_LEVEL_PRIMARY_COLOR: 'rgba(255,255,255,0.4)', - AUDIO_LEVEL_SECONDARY_COLOR: 'rgba(255,255,255,0.2)', - POLICY_LOGO: null, + DISABLE_VIDEO_BACKGROUND: true, + + DISPLAY_WELCOME_FOOTER: true, + DISPLAY_WELCOME_PAGE_ADDITIONAL_CARD: false, + DISPLAY_WELCOME_PAGE_CONTENT: false, + DISPLAY_WELCOME_PAGE_TOOLBAR_ADDITIONAL_CONTENT: false, + + ENABLE_DIAL_OUT: true, + + ENABLE_FEEDBACK_ANIMATION: false, // Enables feedback star animation. + + FILM_STRIP_MAX_HEIGHT: 120, + + GENERATE_ROOMNAMES_ON_WELCOME_PAGE: true, + + /** + * Hide the logo on the deep linking pages. + */ + HIDE_DEEP_LINKING_LOGO: false, + + /** + * Hide the invite prompt in the header when alone in the meeting. + */ + HIDE_INVITE_MORE_HEADER: false, + + JITSI_WATERMARK_LINK: 'https://jitsi.org', + + LANG_DETECTION: true, // Allow i18n to detect the system language LOCAL_THUMBNAIL_RATIO: 16 / 9, // 16:9 - REMOTE_THUMBNAIL_RATIO: 1, // 1:1 - // Documentation reference for the live streaming feature. - LIVE_STREAMING_HELP_LINK: 'https://jitsi.org/live', + + /** + * Maximum coefficient of the ratio of the large video to the visible area + * after the large video is scaled to fit the window. + * + * @type {number} + */ + MAXIMUM_ZOOMING_COEFFICIENT: 1.3, /** * Whether the mobile app Jitsi Meet is to be promoted to participants @@ -115,44 +115,82 @@ var interfaceConfig = { MOBILE_APP_PROMO: true, /** - * Maximum coeficient of the ratio of the large video to the visible area - * after the large video is scaled to fit the window. - * - * @type {number} + * Specify custom URL for downloading android mobile app. */ - MAXIMUM_ZOOMING_COEFFICIENT: 1.3, + MOBILE_DOWNLOAD_LINK_ANDROID: 'https://play.google.com/store/apps/details?id=org.jitsi.meet', + + /** + * Specify custom URL for downloading f droid app. + */ + MOBILE_DOWNLOAD_LINK_F_DROID: 'https://f-droid.org/en/packages/org.jitsi.meet/', + + /** + * Specify URL for downloading ios mobile app. + */ + MOBILE_DOWNLOAD_LINK_IOS: 'https://itunes.apple.com/us/app/jitsi-meet/id1165103905', + + NATIVE_APP_NAME: 'Jitsi Meet', + + // Names of browsers which should show a warning stating the current browser + // has a suboptimal experience. Browsers which are not listed as optimal or + // unsupported are considered suboptimal. Valid values are: + // chrome, chromium, edge, electron, firefox, nwjs, opera, safari + OPTIMAL_BROWSERS: [ 'chrome', 'chromium', 'firefox', 'nwjs', 'electron', 'safari' ], + + POLICY_LOGO: null, + PROVIDER_NAME: 'Jitsi', + + /** + * If true, will display recent list + * + * @type {boolean} + */ + RECENT_LIST_ENABLED: true, + REMOTE_THUMBNAIL_RATIO: 1, // 1:1 + + SETTINGS_SECTIONS: [ 'devices', 'language', 'moderator', 'profile', 'calendar', 'sounds', 'more' ], + + /** + * Specify which sharing features should be displayed. If the value is not set + * all sharing features will be shown. You can set [] to disable all. + */ + // SHARING_FEATURES: ['email', 'url', 'dial-in', 'embed'], + + SHOW_BRAND_WATERMARK: false, + + /** + * Decides whether the chrome extension banner should be rendered on the landing page and during the meeting. + * If this is set to false, the banner will not be rendered at all. If set to true, the check for extension(s) + * being already installed is done before rendering. + */ + SHOW_CHROME_EXTENSION_BANNER: false, + + SHOW_DEEP_LINKING_IMAGE: false, + SHOW_JITSI_WATERMARK: false, + SHOW_POWERED_BY: false, + SHOW_PROMOTIONAL_CLOSE_PAGE: false, /* * If indicated some of the error dialogs may point to the support URL for * help. */ - SUPPORT_URL: 'https://github.com/jitsi/jitsi-meet/issues/new', + SUPPORT_URL: 'https://community.jitsi.org/', + + // Browsers, in addition to those which do not fully support WebRTC, that + // are not supported and should show the unsupported browser page. + UNSUPPORTED_BROWSERS: [], /** - * Whether the connection indicator icon should hide itself based on - * connection strength. If true, the connection indicator will remain - * displayed while the participant has a weak connection and will hide - * itself after the CONNECTION_INDICATOR_HIDE_TIMEOUT when the connection is - * strong. - * - * @type {boolean} + * Whether to show thumbnails in filmstrip as a column instead of as a row. */ - CONNECTION_INDICATOR_AUTO_HIDE_ENABLED: true, + VERTICAL_FILMSTRIP: true, - /** - * How long the connection indicator should remain displayed before hiding. - * Used in conjunction with CONNECTION_INDICATOR_AUTOHIDE_ENABLED. - * - * @type {number} - */ - CONNECTION_INDICATOR_AUTO_HIDE_TIMEOUT: 5000, - - /** - * If true, hides the connection indicators completely. - * - * @type {boolean} - */ - CONNECTION_INDICATOR_DISABLED: false, + // Determines how the video would fit the screen. 'both' would fit the whole + // screen, 'height' would fit the original video height to the height of the + // screen, 'width' would fit the original video width to the width of the + // screen respecting ratio, 'nocrop' would make the video as large as + // possible and preserve aspect ratio without cropping. + VIDEO_LAYOUT_FIT: 'both', /** * If true, hides the video quality label indicating the resolution status @@ -162,33 +200,6 @@ var interfaceConfig = { */ VIDEO_QUALITY_LABEL_DISABLED: false, - /** - * If true, will display recent list - * - * @type {boolean} - */ - RECENT_LIST_ENABLED: true, - - // Names of browsers which should show a warning stating the current browser - // has a suboptimal experience. Browsers which are not listed as optimal or - // unsupported are considered suboptimal. Valid values are: - // chrome, chromium, edge, electron, firefox, nwjs, opera, safari - OPTIMAL_BROWSERS: [ 'chrome', 'chromium', 'nwjs', 'electron' ], - - // Browsers, in addition to those which do not fully support WebRTC, that - // are not supported and should show the unsupported browser page. - UNSUPPORTED_BROWSERS: [], - - /** - * A UX mode where the last screen share participant is automatically - * pinned. Valid values are the string "remote-only" so remote participants - * get pinned but not local, otherwise any truthy value for all participants, - * and any falsy value to disable the feature. - * - * Note: this mode is experimental and subject to breakage. - */ - AUTO_PIN_LATEST_SCREEN_SHARE: 'remote-only' - /** * How many columns the tile view can expand to. The respected range is * between 1 and 5. @@ -196,14 +207,15 @@ var interfaceConfig = { // TILE_VIEW_MAX_COLUMNS: 5, /** - * Specify custom URL for downloading android mobile app. + * Specify Firebase dynamic link properties for the mobile apps. */ - // MOBILE_DOWNLOAD_LINK_ANDROID: 'https://play.google.com/store/apps/details?id=org.jitsi.meet', - - /** - * Specify URL for downloading ios mobile app. - */ - // MOBILE_DOWNLOAD_LINK_IOS: 'https://itunes.apple.com/us/app/jitsi-meet/id1165103905', + // MOBILE_DYNAMIC_LINK: { + // APN: 'org.jitsi.meet', + // APP_CODE: 'w2atb', + // CUSTOM_DOMAIN: undefined, + // IBI: 'com.atlassian.JitsiMeet.ios', + // ISI: '1165103905' + // }, /** * Specify mobile app scheme for opening the app from the mobile browser. @@ -215,12 +227,50 @@ var interfaceConfig = { */ // ANDROID_APP_PACKAGE: 'org.jitsi.meet', + // List of undocumented settings /** - * Override the behavior of some notifications to remain displayed until - * explicitly dismissed through a user action. The value is how long, in - * milliseconds, those notifications should remain displayed. - */ - // ENFORCE_NOTIFICATION_AUTO_DISMISS_TIMEOUT: 15000, + INDICATOR_FONT_SIZES + PHONE_NUMBER_REGEX + */ + + // -----------------DEPRECATED CONFIGS BELOW THIS LINE----------------------------- + + // Connection indicators ( + // CONNECTION_INDICATOR_AUTO_HIDE_ENABLED, + // CONNECTION_INDICATOR_AUTO_HIDE_TIMEOUT, + // CONNECTION_INDICATOR_DISABLED) got moved to config.js. + + // Please use disableModeratorIndicator from config.js + // DISABLE_FOCUS_INDICATOR: false, + + // Please use defaultLocalDisplayName from config.js + // DEFAULT_LOCAL_DISPLAY_NAME: 'me', + + // Please use defaultRemoteDisplayName from config.js + // DEFAULT_REMOTE_DISPLAY_NAME: 'Fellow Jitster', + + // Moved to config.js as `toolbarConfig.initialTimeout`. + // INITIAL_TOOLBAR_TIMEOUT: 20000, + + // Please use `liveStreaming.helpLink` from config.js + // Documentation reference for the live streaming feature. + // LIVE_STREAMING_HELP_LINK: 'https://jitsi.org/live', + + // Moved to config.js as `toolbarConfig.alwaysVisible`. + // TOOLBAR_ALWAYS_VISIBLE: false, + + // This config was moved to config.js as `toolbarButtons`. + // TOOLBAR_BUTTONS: [], + + // Moved to config.js as `toolbarConfig.timeout`. + // TOOLBAR_TIMEOUT: 4000, + + // Allow all above example options to include a trailing comma and + // prevent fear when commenting out the last value. + // eslint-disable-next-line sort-keys + makeJsonParserHappy: 'even if last key had a trailing comma' + + // No configuration value should follow this line. }; /* eslint-enable no-unused-vars, no-var, max-len */ diff --git a/playbooks/roles/jitsi-meet/files/jitsi-meet-docker/jvb-docker-compose.yaml b/playbooks/roles/jitsi-meet/files/jitsi-meet-docker/jvb-docker-compose.yaml index d20dd4006c..94bc0b4075 100644 --- a/playbooks/roles/jitsi-meet/files/jitsi-meet-docker/jvb-docker-compose.yaml +++ b/playbooks/roles/jitsi-meet/files/jitsi-meet-docker/jvb-docker-compose.yaml @@ -1,12 +1,13 @@ -# Based on https://github.com/jitsi/docker-jitsi-meet/blob/df404476160526d8512fb23b606965b98f7f25f3/docker-compose.yml +# Based on https://github.com/jitsi/docker-jitsi-meet/blob/stable-7648-4/docker-compose.yml # Licensed under the ASL v2. -version: '2' +version: '3.5' services: # Video bridge jvb: - image: docker.io/jitsi/jvb + image: docker.io/jitsi/jvb:stable + restart: ${RESTART_POLICY:-unless-stopped} network_mode: host volumes: - ${CONFIG}/jvb:/config diff --git a/playbooks/roles/jitsi-meet/files/jitsi-meet-docker/meet-docker-compose.yaml b/playbooks/roles/jitsi-meet/files/jitsi-meet-docker/meet-docker-compose.yaml index 1a903f7d3b..539a9b669d 100644 --- a/playbooks/roles/jitsi-meet/files/jitsi-meet-docker/meet-docker-compose.yaml +++ b/playbooks/roles/jitsi-meet/files/jitsi-meet-docker/meet-docker-compose.yaml @@ -1,12 +1,13 @@ -# Based on https://github.com/jitsi/docker-jitsi-meet/blob/df404476160526d8512fb23b606965b98f7f25f3/docker-compose.yml +# Based on https://github.com/jitsi/docker-jitsi-meet/blob/stable-7648-4/docker-compose.yml # Licensed under the ASL v2. -version: '2' +version: '3.5' services: # Frontend web: - image: docker.io/jitsi/web + image: docker.io/jitsi/web:stable + restart: ${RESTART_POLICY:-unless-stopped} network_mode: host volumes: - ${CONFIG}/web:/config @@ -41,12 +42,13 @@ services: - JIBRI_RECORDER_USER - JIBRI_RECORDER_PASSWORD - ENABLE_RECORDING - - START_VIDEO_MUTED - - START_AUDIO_MUTED + - START_WITH_AUDIO_MUTED + - START_WITH_VIDEO_MUTED # XMPP server prosody: - image: docker.io/jitsi/prosody + image: docker.io/jitsi/prosody:stable + restart: ${RESTART_POLICY:-unless-stopped} network_mode: host volumes: - ${CONFIG}/prosody:/config @@ -103,7 +105,8 @@ services: # Focus component jicofo: - image: docker.io/jitsi/jicofo + image: docker.io/jitsi/jicofo:stable + restart: ${RESTART_POLICY:-unless-stopped} network_mode: host volumes: - ${CONFIG}/jicofo:/config @@ -127,7 +130,8 @@ services: # Video bridge jvb: - image: docker.io/jitsi/jvb + image: docker.io/jitsi/jvb:stable + restart: ${RESTART_POLICY:-unless-stopped} network_mode: host volumes: - ${CONFIG}/jvb:/config diff --git a/playbooks/roles/jitsi-meet/files/meet.conf b/playbooks/roles/jitsi-meet/files/meet.conf index de9fc5f7dd..c8fedd8019 100644 --- a/playbooks/roles/jitsi-meet/files/meet.conf +++ b/playbooks/roles/jitsi-meet/files/meet.conf @@ -1,4 +1,13 @@ +# Unchanged copy of +# https://github.com/jitsi/docker-jitsi-meet/blob/stable-7648-4/web/rootfs/defaults/meet.conf +# Licensed under the ASL v2. + +{{ $ENABLE_COLIBRI_WEBSOCKET := .Env.ENABLE_COLIBRI_WEBSOCKET | default "1" | toBool }} +{{ $ENABLE_JAAS_COMPONENTS := .Env.ENABLE_JAAS_COMPONENTS | default "0" | toBool }} {{ $ENABLE_XMPP_WEBSOCKET := .Env.ENABLE_XMPP_WEBSOCKET | default "1" | toBool }} +{{ $ENABLE_SUBDOMAINS := .Env.ENABLE_SUBDOMAINS | default "true" | toBool -}} +{{ $XMPP_DOMAIN := .Env.XMPP_DOMAIN | default "meet.jitsi" -}} +{{ $XMPP_BOSH_URL_BASE := .Env.XMPP_BOSH_URL_BASE | default "http://xmpp.meet.jitsi:5280" -}} server_name _; @@ -17,6 +26,13 @@ error_page 404 /static/404.html; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; +{{ if .Env.DEPLOYMENTINFO_SHARD }} +add_header X-Jitsi-Shard {{ .Env.DEPLOYMENTINFO_SHARD }}; +{{ end }} + +# Opt out of FLoC (deprecated) +add_header Permissions-Policy "interest-cohort=()"; + location = /config.js { alias /config/config.js; } @@ -29,41 +45,74 @@ location = /external_api.js { alias /usr/share/jitsi-meet/libs/external_api.min.js; } +{{ if $ENABLE_JAAS_COMPONENTS }} +location = /_api/room-info { + proxy_pass {{ $XMPP_BOSH_URL_BASE }}/room-info?prefix=$prefix&$args; + proxy_http_version 1.1; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header Host $http_host; +} +{{ end }} + # ensure all static content can always be found first -location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)$ -{ +location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)$ { add_header 'Access-Control-Allow-Origin' '*'; alias /usr/share/jitsi-meet/$1/$2; + + # cache all versioned files + if ($arg_v) { + expires 1y; + } } +{{ if $ENABLE_COLIBRI_WEBSOCKET }} # colibri (JVB) websockets -location ~ ^/colibri-ws/([a-zA-Z0-9-\.]+)/(.*) { - proxy_pass http://$1:9090/colibri-ws/$1/$2$is_args$args; +location ~ ^/colibri-ws/([a-zA-Z0-9-\._]+)/(.*) { + tcp_nodelay on; + proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - tcp_nodelay on; + proxy_set_header Connection $connection_upgrade; + + proxy_pass http://$1:9090/colibri-ws/$1/$2$is_args$args; } +{{ end }} # BOSH location = /http-bind { - proxy_pass {{ .Env.XMPP_BOSH_URL_BASE }}/http-bind; proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header Host {{ .Env.XMPP_DOMAIN }}; + proxy_set_header Host {{ $XMPP_DOMAIN }}; + + proxy_pass {{ $XMPP_BOSH_URL_BASE }}/http-bind; } {{ if $ENABLE_XMPP_WEBSOCKET }} # xmpp websockets location = /xmpp-websocket { - proxy_pass {{ .Env.XMPP_BOSH_URL_BASE }}/xmpp-websocket; - proxy_http_version 1.1; - - proxy_set_header Connection "upgrade"; - proxy_set_header Upgrade $http_upgrade; - - proxy_set_header Host {{ .Env.XMPP_DOMAIN }}; - proxy_set_header X-Forwarded-For $remote_addr; tcp_nodelay on; + + proxy_http_version 1.1; + proxy_set_header Connection $connection_upgrade; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Host {{ $XMPP_DOMAIN }}; + proxy_set_header X-Forwarded-For $remote_addr; + + proxy_pass {{ $XMPP_BOSH_URL_BASE }}/xmpp-websocket; +} +{{ end }} + +{{ if .Env.ETHERPAD_URL_BASE }} +# Etherpad-lite +location ^~ /etherpad/ { + proxy_buffering off; + proxy_cache_bypass $http_upgrade; + + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Forwarded-For $remote_addr; + + proxy_pass {{ .Env.ETHERPAD_URL_BASE }}/; } {{ end }} @@ -75,22 +124,48 @@ location @root_path { rewrite ^/(.*)$ / break; } -{{ if .Env.ETHERPAD_URL_BASE }} -# Etherpad-lite -location /etherpad/ { - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection 'upgrade'; - # Commented out as we want the default behavior of using - # $proxy_host as the Host header value - #proxy_set_header Host $host; - proxy_cache_bypass $http_upgrade; +{{ if $ENABLE_SUBDOMAINS }} + location ~ ^/([^/?&:'"]+)/config.js$ { + set $subdomain "$1."; + set $subdir "$1/"; - proxy_pass {{ .Env.ETHERPAD_URL_BASE }}/; - proxy_set_header X-Forwarded-For $remote_addr; - proxy_buffering off; - # Commented out as we want the default behavior of using - # $proxy_host as the Host header value - #proxy_set_header Host {{ .Env.XMPP_DOMAIN }}; -} + alias /config/config.js; + } + + # BOSH for subdomains + location ~ ^/([^/?&:'"]+)/http-bind { + set $subdomain "$1."; + set $subdir "$1/"; + set $prefix "$1"; + + rewrite ^/(.*)$ /http-bind; + } + + {{ if $ENABLE_XMPP_WEBSOCKET }} + # websockets for subdomains + location ~ ^/([^/?&:'"]+)/xmpp-websocket { + set $subdomain "$1."; + set $subdir "$1/"; + set $prefix "$1"; + + rewrite ^/(.*)$ /xmpp-websocket; + } + {{ end }} + + {{ if $ENABLE_JAAS_COMPONENTS }} + location ~ ^/([^/?&:'"]+)/_api/room-info { + set $subdomain "$1."; + set $subdir "$1/"; + set $prefix "$1"; + + rewrite ^/(.*)$ /_api/room-info; + } + {{ end }} + + # Anything that didn't match above, and isn't a real file, assume it's a room name and redirect to / + location ~ ^/([^/?&:'"]+)/(.*)$ { + set $subdomain "$1."; + set $subdir "$1/"; + rewrite ^/([^/?&:'"]+)/(.*)$ /$2; + } {{ end }} diff --git a/playbooks/roles/jitsi-meet/files/settings-config.js b/playbooks/roles/jitsi-meet/files/settings-config.js index cb79dfbd76..67c27b4811 100644 --- a/playbooks/roles/jitsi-meet/files/settings-config.js +++ b/playbooks/roles/jitsi-meet/files/settings-config.js @@ -1,40 +1,70 @@ +// Based on +// https://github.com/jitsi/docker-jitsi-meet/blob/stable-7648-4/web/rootfs/defaults/settings-config.js +// Licensed under the ASL v2. + +// Customized for OpenDev, all overrides go here (and remember to comment out +// any defaults from the example): +config.openSharedDocumentOnJoin = true; + {{ $DEPLOYMENTINFO_USERREGION := .Env.DEPLOYMENTINFO_USERREGION | default "" -}} -{{ $BRIDGE_CHANNEL := .Env.BRIDGE_CHANNEL | default "websocket" -}} {{ $ENABLE_AUDIO_PROCESSING := .Env.ENABLE_AUDIO_PROCESSING | default "true" | toBool -}} +{{ $ENABLE_BREAKOUT_ROOMS := .Env.ENABLE_BREAKOUT_ROOMS | default "true" | toBool -}} {{ $ENABLE_CALENDAR := .Env.ENABLE_CALENDAR | default "false" | toBool -}} -{{ $ENABLE_FILE_RECORDING_SERVICE := .Env.ENABLE_FILE_RECORDING_SERVICE | default "false" | toBool -}} -{{ $ENABLE_FILE_RECORDING_SERVICE_SHARING := .Env.ENABLE_FILE_RECORDING_SERVICE_SHARING | default "false" | toBool -}} +{{ $ENABLE_FILE_RECORDING_SHARING := .Env.ENABLE_FILE_RECORDING_SHARING | default "false" | toBool -}} {{ $ENABLE_IPV6 := .Env.ENABLE_IPV6 | default "true" | toBool -}} {{ $ENABLE_LIPSYNC := .Env.ENABLE_LIPSYNC | default "false" | toBool -}} -{{ $ENABLE_NO_AUDIO_DETECTION := .Env.ENABLE_NO_AUDIO_DETECTION | default "false" | toBool -}} +{{ $ENABLE_NO_AUDIO_DETECTION := .Env.ENABLE_NO_AUDIO_DETECTION | default "true" | toBool -}} {{ $ENABLE_P2P := .Env.ENABLE_P2P | default "true" | toBool -}} -{{ $ENABLE_PREJOIN_PAGE := .Env.ENABLE_PREJOIN_PAGE | default "false" | toBool -}} +{{ $ENABLE_PREJOIN_PAGE := .Env.ENABLE_PREJOIN_PAGE | default "true" | toBool -}} {{ $ENABLE_WELCOME_PAGE := .Env.ENABLE_WELCOME_PAGE | default "true" | toBool -}} {{ $ENABLE_CLOSE_PAGE := .Env.ENABLE_CLOSE_PAGE | default "false" | toBool -}} {{ $ENABLE_RECORDING := .Env.ENABLE_RECORDING | default "false" | toBool -}} +{{ $ENABLE_SERVICE_RECORDING := .Env.ENABLE_SERVICE_RECORDING | default ($ENABLE_RECORDING | printf "%t") | toBool -}} +{{ $ENABLE_LIVESTREAMING := .Env.ENABLE_LIVESTREAMING | default "false" | toBool -}} {{ $ENABLE_REMB := .Env.ENABLE_REMB | default "true" | toBool -}} {{ $ENABLE_REQUIRE_DISPLAY_NAME := .Env.ENABLE_REQUIRE_DISPLAY_NAME | default "false" | toBool -}} {{ $ENABLE_SIMULCAST := .Env.ENABLE_SIMULCAST | default "true" | toBool -}} {{ $ENABLE_STATS_ID := .Env.ENABLE_STATS_ID | default "false" | toBool -}} {{ $ENABLE_STEREO := .Env.ENABLE_STEREO | default "false" | toBool -}} +{{ $ENABLE_OPUS_RED := .Env.ENABLE_OPUS_RED | default "false" | toBool -}} {{ $ENABLE_TALK_WHILE_MUTED := .Env.ENABLE_TALK_WHILE_MUTED | default "false" | toBool -}} {{ $ENABLE_TCC := .Env.ENABLE_TCC | default "true" | toBool -}} {{ $ENABLE_TRANSCRIPTIONS := .Env.ENABLE_TRANSCRIPTIONS | default "false" | toBool -}} +{{ $ENABLE_JAAS_COMPONENTS := .Env.ENABLE_JAAS_COMPONENTS | default "0" | toBool }} +{{ $ENABLE_MULTI_STREAM := .Env.ENABLE_MULTI_STREAM | default "true" | toBool }} +{{ $HIDE_PREJOIN_DISPLAY_NAME := .Env.HIDE_PREJOIN_DISPLAY_NAME | default "false" | toBool -}} +{{ $PUBLIC_URL := .Env.PUBLIC_URL | default "https://localhost:8443" -}} {{ $RESOLUTION := .Env.RESOLUTION | default "720" -}} {{ $RESOLUTION_MIN := .Env.RESOLUTION_MIN | default "180" -}} {{ $RESOLUTION_WIDTH := .Env.RESOLUTION_WIDTH | default "1280" -}} {{ $RESOLUTION_WIDTH_MIN := .Env.RESOLUTION_WIDTH_MIN | default "320" -}} {{ $START_AUDIO_ONLY := .Env.START_AUDIO_ONLY | default "false" | toBool -}} {{ $START_AUDIO_MUTED := .Env.START_AUDIO_MUTED | default 10 -}} +{{ $START_WITH_AUDIO_MUTED := .Env.START_WITH_AUDIO_MUTED | default "false" | toBool -}} +{{ $START_SILENT := .Env.START_SILENT | default "false" | toBool -}} {{ $DISABLE_AUDIO_LEVELS := .Env.DISABLE_AUDIO_LEVELS | default "false" | toBool -}} {{ $ENABLE_NOISY_MIC_DETECTION := .Env.ENABLE_NOISY_MIC_DETECTION | default "true" | toBool -}} {{ $START_VIDEO_MUTED := .Env.START_VIDEO_MUTED | default 10 -}} +{{ $START_WITH_VIDEO_MUTED := .Env.START_WITH_VIDEO_MUTED | default "false" | toBool -}} {{ $DESKTOP_SHARING_FRAMERATE_MIN := .Env.DESKTOP_SHARING_FRAMERATE_MIN | default 5 -}} {{ $DESKTOP_SHARING_FRAMERATE_MAX := .Env.DESKTOP_SHARING_FRAMERATE_MAX | default 5 -}} {{ $TESTING_OCTO_PROBABILITY := .Env.TESTING_OCTO_PROBABILITY | default "0" -}} {{ $TESTING_CAP_SCREENSHARE_BITRATE := .Env.TESTING_CAP_SCREENSHARE_BITRATE | default "1" -}} -{{ $XMPP_DOMAIN := .Env.XMPP_DOMAIN -}} -{{ $XMPP_RECORDER_DOMAIN := .Env.XMPP_RECORDER_DOMAIN -}} +{{ $XMPP_DOMAIN := .Env.XMPP_DOMAIN | default "meet.jitsi" -}} +{{ $XMPP_RECORDER_DOMAIN := .Env.XMPP_RECORDER_DOMAIN | default "recorder.meet.jitsi" -}} +{{ $DISABLE_DEEP_LINKING := .Env.DISABLE_DEEP_LINKING | default "false" | toBool -}} +{{ $VIDEOQUALITY_ENFORCE_PREFERRED_CODEC := .Env.VIDEOQUALITY_ENFORCE_PREFERRED_CODEC | default "false" | toBool -}} +{{ $DISABLE_POLLS := .Env.DISABLE_POLLS | default "false" | toBool -}} +{{ $DISABLE_REACTIONS := .Env.DISABLE_REACTIONS | default "false" | toBool -}} +{{ $DISABLE_REMOTE_VIDEO_MENU := .Env.DISABLE_REMOTE_VIDEO_MENU | default "false" | toBool -}} +{{ $DISABLE_PRIVATE_CHAT:= .Env.DISABLE_PRIVATE_CHAT | default "false" | toBool -}} +{{ $DISABLE_KICKOUT := .Env.DISABLE_KICKOUT | default "false" | toBool -}} +{{ $DISABLE_GRANT_MODERATOR := .Env.DISABLE_GRANT_MODERATOR | default "false" | toBool -}} +{{ $ENABLE_E2EPING := .Env.ENABLE_E2EPING | default "false" | toBool -}} +{{ $DISABLE_LOCAL_RECORDING := .Env.DISABLE_LOCAL_RECORDING | default "false" | toBool -}} +{{ $ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT := .Env.ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT | default "false" | toBool -}} +{{ $ENABLE_LOCAL_RECORDING_SELF_START := .Env.ENABLE_LOCAL_RECORDING_SELF_START | default "false" | toBool -}} +{{ $DISABLE_PROFILE := .Env.DISABLE_PROFILE | default "false" | toBool -}} // Video configuration. @@ -48,13 +78,21 @@ config.constraints.video.height = { ideal: {{ $RESOLUTION }}, max: {{ $RESOLUTIO config.constraints.video.width = { ideal: {{ $RESOLUTION_WIDTH }}, max: {{ $RESOLUTION_WIDTH }}, min: {{ $RESOLUTION_WIDTH_MIN }}}; config.disableSimulcast = {{ not $ENABLE_SIMULCAST }}; config.startVideoMuted = {{ $START_VIDEO_MUTED }}; +config.startWithVideoMuted = {{ $START_WITH_VIDEO_MUTED }}; {{ if .Env.START_BITRATE -}} config.startBitrate = '{{ .Env.START_BITRATE }}'; {{ end -}} - + +if (!config.hasOwnProperty('flags')) config.flags = {}; +config.flags.sourceNameSignaling = {{ $ENABLE_MULTI_STREAM }}; +config.flags.sendMultipleVideoStreams = {{ $ENABLE_MULTI_STREAM }}; +config.flags.receiveMultipleVideoStreams = {{ $ENABLE_MULTI_STREAM }}; + + // ScreenShare Configuration. // + config.desktopSharingFrameRate = { min: {{ $DESKTOP_SHARING_FRAMERATE_MIN }}, max: {{ $DESKTOP_SHARING_FRAMERATE_MAX }} }; // Audio configuration. @@ -63,9 +101,19 @@ config.desktopSharingFrameRate = { min: {{ $DESKTOP_SHARING_FRAMERATE_MIN }}, ma config.enableNoAudioDetection = {{ $ENABLE_NO_AUDIO_DETECTION }}; config.enableTalkWhileMuted = {{ $ENABLE_TALK_WHILE_MUTED }}; config.disableAP = {{ not $ENABLE_AUDIO_PROCESSING }}; -config.stereo = {{ $ENABLE_STEREO }}; + +if (!config.hasOwnProperty('audioQuality')) config.audioQuality = {}; +config.audioQuality.stereo = {{ $ENABLE_STEREO }}; + +{{ if .Env.AUDIO_QUALITY_OPUS_BITRATE -}} +config.audioQuality.opusMaxAverageBitrate = '{{ .Env.AUDIO_QUALITY_OPUS_BITRATE }}'; +{{ end -}} + config.startAudioOnly = {{ $START_AUDIO_ONLY }}; config.startAudioMuted = {{ $START_AUDIO_MUTED }}; +config.startWithAudioMuted = {{ $START_WITH_AUDIO_MUTED }}; +config.startSilent = {{ $START_SILENT }}; +config.enableOpusRed = {{ $ENABLE_OPUS_RED }}; config.disableAudioLevels = {{ $DISABLE_AUDIO_LEVELS }}; config.enableNoisyMicDetection = {{ $ENABLE_NOISY_MIC_DETECTION }}; @@ -78,31 +126,35 @@ if (!config.hasOwnProperty('p2p')) config.p2p = {}; config.p2p.enabled = {{ $ENABLE_P2P }}; +// Breakout Rooms +// + +config.hideAddRoomButton = {{ $ENABLE_BREAKOUT_ROOMS | not }}; + + // Etherpad // {{ if .Env.ETHERPAD_PUBLIC_URL -}} config.etherpad_base = '{{ .Env.ETHERPAD_PUBLIC_URL }}'; {{ else if .Env.ETHERPAD_URL_BASE -}} -config.etherpad_base = '{{.Env.PUBLIC_URL}}/etherpad/p/'; +config.etherpad_base = '{{ $PUBLIC_URL }}/etherpad/p/'; {{ end -}} -config.useRoomAsSharedDocumentName = true; -config.openSharedDocumentOnJoin = true; - - // Recording. // -{{ if $ENABLE_RECORDING -}} +{{ if $ENABLE_RECORDING -}} config.hiddenDomain = '{{ $XMPP_RECORDER_DOMAIN }}'; -// Whether to enable file recording or not -config.fileRecordingsEnabled = true; +if (!config.hasOwnProperty('recordingService')) config.recordingService = {}; + +// Whether to enable file recording or not using the "service" defined by the finalizer in Jibri +config.recordingService.enabled = {{ $ENABLE_SERVICE_RECORDING }}; // Whether to enable live streaming or not. -config.liveStreamingEnabled = true; +config.liveStreamingEnabled = {{ $ENABLE_LIVESTREAMING }}; {{ if .Env.DROPBOX_APPKEY -}} // Enable the dropbox integration. @@ -116,22 +168,20 @@ config.dropbox.redirectURI = '{{ .Env.DROPBOX_REDIRECT_URI }}'; {{ end -}} {{ end -}} -{{ if $ENABLE_FILE_RECORDING_SERVICE -}} -// When integrations like dropbox are enabled only that will be shown, -// by enabling fileRecordingsServiceEnabled, we show both the integrations -// and the generic recording service (its configuration and storage type -// depends on jibri configuration) -config.fileRecordingsServiceEnabled = true; -{{ end -}} -{{ if $ENABLE_FILE_RECORDING_SERVICE_SHARING -}} // Whether to show the possibility to share file recording with other people // (e.g. meeting participants), based on the actual implementation // on the backend. -config.fileRecordingsServiceSharingEnabled = true; -{{ end -}} +config.recordingService.sharingEnabled = {{ $ENABLE_FILE_RECORDING_SHARING }}; {{ end -}} +// Local recording configuration. +if (!config.hasOwnProperty('localRecording')) config.localRecording = {}; +config.localRecording.disable = {{ $DISABLE_LOCAL_RECORDING }}; +config.localRecording.notifyAllParticipants = {{ $ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT }}; +config.localRecording.disableSelfRecording = {{ $ENABLE_LOCAL_RECORDING_SELF_START }}; + + // Analytics. // @@ -188,13 +238,17 @@ config.enableStatsID = {{ $ENABLE_STATS_ID }}; // Dial in/out services. // +{{ if $ENABLE_JAAS_COMPONENTS }} +config.dialInConfCodeUrl = 'https://conference-mapper.jitsi.net/v1/access'; +config.dialInNumbersUrl = 'https://conference-mapper.jitsi.net/v1/access/dids'; +{{ else }} {{ if .Env.CONFCODE_URL -}} config.dialInConfCodeUrl = '{{ .Env.CONFCODE_URL }}'; {{ end -}} - {{ if .Env.DIALIN_NUMBERS_URL -}} config.dialInNumbersUrl = '{{ .Env.DIALIN_NUMBERS_URL }}'; {{ end -}} +{{ end -}} {{ if .Env.DIALOUT_AUTH_URL -}} config.dialOutAuthUrl = '{{ .Env.DIALOUT_AUTH_URL }}'; @@ -236,7 +290,16 @@ config.peopleSearchQueryTypes = ['user','conferenceRooms']; // // Prejoin page. -config.prejoinPageEnabled = {{ $ENABLE_PREJOIN_PAGE }}; +if (!config.hasOwnProperty('prejoinConfig')) config.prejoinConfig = {}; +config.prejoinConfig.enabled = {{ $ENABLE_PREJOIN_PAGE }}; + +// Hides the participant name editing field in the prejoin screen. +config.prejoinConfig.hideDisplayName = {{ $HIDE_PREJOIN_DISPLAY_NAME }}; + +// List of buttons to hide from the extra join options dropdown on prejoin screen. +{{ if .Env.HIDE_PREJOIN_EXTRA_BUTTONS -}} +config.prejoinConfig.hideExtraJoinButtons = [ '{{ join "','" (splitList "," .Env.HIDE_PREJOIN_EXTRA_BUTTONS) }}' ]; +{{ end -}} // Welcome page. config.enableWelcomePage = {{ $ENABLE_WELCOME_PAGE }}; @@ -244,14 +307,22 @@ config.enableWelcomePage = {{ $ENABLE_WELCOME_PAGE }}; // Close page. config.enableClosePage = {{ $ENABLE_CLOSE_PAGE }}; +// Default language. +{{ if .Env.DEFAULT_LANGUAGE -}} +config.defaultLanguage = '{{ .Env.DEFAULT_LANGUAGE }}'; +{{ end -}} + // Require users to always specify a display name. config.requireDisplayName = {{ $ENABLE_REQUIRE_DISPLAY_NAME }}; + // Chrome extension banner. {{ if .Env.CHROME_EXTENSION_BANNER_JSON -}} config.chromeExtensionBanner = {{ .Env.CHROME_EXTENSION_BANNER_JSON }}; {{ end -}} +// Disables profile and the edit of all fields from the profile settings (display name and email) +config.disableProfile = {{ $DISABLE_PROFILE }}; // Advanced. // @@ -262,8 +333,6 @@ config.enableLipSync = {{ $ENABLE_LIPSYNC }}; config.enableRemb = {{ $ENABLE_REMB }}; config.enableTcc = {{ $ENABLE_TCC }}; -config.openBridgeChannel = '{{ $BRIDGE_CHANNEL }}'; - // Enable IPv6 support. config.useIPv6 = {{ $ENABLE_IPV6 }}; @@ -273,6 +342,8 @@ config.transcribingEnabled = {{ $ENABLE_TRANSCRIPTIONS }}; {{ if .Env.DYNAMIC_BRANDING_URL -}} // External API url used to receive branding specific information. config.dynamicBrandingUrl = '{{ .Env.DYNAMIC_BRANDING_URL }}'; +{{ else if .Env.BRANDING_DATA_URL -}} +config.brandingDataUrl = '{{ .Env.BRANDING_DATA_URL }}'; {{ end -}} {{ if .Env.TOKEN_AUTH_URL -}} @@ -290,10 +361,18 @@ if (!config.hasOwnProperty('deploymentInfo')) config.deploymentInfo = {}; config.deploymentInfo.environment = '{{ .Env.DEPLOYMENTINFO_ENVIRONMENT }}'; {{ end -}} +{{ if .Env.DEPLOYMENTINFO_SHARD -}} +config.deploymentInfo.shard = '{{ .Env.DEPLOYMENTINFO_SHARD }}'; +{{ end -}} + {{ if .Env.DEPLOYMENTINFO_ENVIRONMENT_TYPE -}} config.deploymentInfo.envType = '{{ .Env.DEPLOYMENTINFO_ENVIRONMENT_TYPE }}'; {{ end -}} +{{ if .Env.DEPLOYMENTINFO_REGION -}} +config.deploymentInfo.region = '{{ .Env.DEPLOYMENTINFO_REGION }}'; +{{ end -}} + {{ if $DEPLOYMENTINFO_USERREGION -}} config.deploymentInfo.userRegion = '{{ $DEPLOYMENTINFO_USERREGION }}'; {{ end -}} @@ -307,3 +386,69 @@ if (!config.testing.hasOwnProperty('octo')) config.testing.octo = {}; config.testing.capScreenshareBitrate = {{ $TESTING_CAP_SCREENSHARE_BITRATE }}; config.testing.octo.probability = {{ $TESTING_OCTO_PROBABILITY }}; + +// Deep Linking +config.disableDeepLinking = {{ $DISABLE_DEEP_LINKING }}; + +// P2P preferred codec +{{ if .Env.P2P_PREFERRED_CODEC -}} +config.p2p.preferredCodec = '{{ .Env.P2P_PREFERRED_CODEC }}'; +{{ end -}} + +// enable preffered video Codec +if (!config.hasOwnProperty('videoQuality')) config.videoQuality = {}; +{{ if .Env.VIDEOQUALITY_PREFERRED_CODEC -}} +config.videoQuality.preferredCodec = '{{ .Env.VIDEOQUALITY_PREFERRED_CODEC }}'; +{{ end -}} + +config.videoQuality.enforcePreferredCodec = {{ $VIDEOQUALITY_ENFORCE_PREFERRED_CODEC }}; + +if (!config.videoQuality.hasOwnProperty('maxBitratesVideo')) config.videoQuality.maxBitratesVideo = null; +{{ if and .Env.VIDEOQUALITY_BITRATE_H264_LOW .Env.VIDEOQUALITY_BITRATE_H264_STANDARD .Env.VIDEOQUALITY_BITRATE_H264_HIGH -}} +config.videoQuality.maxBitratesVideo = config.videoQuality.maxBitratesVideo || {} +config.videoQuality.maxBitratesVideo.H264 = { low: {{ .Env.VIDEOQUALITY_BITRATE_H264_LOW }}, standard: {{ .Env.VIDEOQUALITY_BITRATE_H264_STANDARD }}, high: {{ .Env.VIDEOQUALITY_BITRATE_H264_HIGH }} }; +{{ end -}} +{{ if and .Env.VIDEOQUALITY_BITRATE_VP8_LOW .Env.VIDEOQUALITY_BITRATE_VP8_STANDARD .Env.VIDEOQUALITY_BITRATE_VP8_HIGH -}} +config.videoQuality.maxBitratesVideo = config.videoQuality.maxBitratesVideo || {} +config.videoQuality.maxBitratesVideo.VP8 = { low: {{ .Env.VIDEOQUALITY_BITRATE_VP8_LOW }}, standard: {{ .Env.VIDEOQUALITY_BITRATE_VP8_STANDARD }}, high: {{ .Env.VIDEOQUALITY_BITRATE_VP8_HIGH }} }; +{{ end -}} +{{ if and .Env.VIDEOQUALITY_BITRATE_VP9_LOW .Env.VIDEOQUALITY_BITRATE_VP9_STANDARD .Env.VIDEOQUALITY_BITRATE_VP9_HIGH -}} +config.videoQuality.maxBitratesVideo = config.videoQuality.maxBitratesVideo || {} +config.videoQuality.maxBitratesVideo.VP9 = { low: {{ .Env.VIDEOQUALITY_BITRATE_VP9_LOW }}, standard: {{ .Env.VIDEOQUALITY_BITRATE_VP9_STANDARD }}, high: {{ .Env.VIDEOQUALITY_BITRATE_VP9_HIGH }} }; +{{ end -}} + + // Reactions +config.disableReactions = {{ $DISABLE_REACTIONS }}; + +// Polls +config.disablePolls = {{ $DISABLE_POLLS }}; + +// Configure toolbar buttons +{{ if .Env.TOOLBAR_BUTTONS -}} +config.toolbarButtons = [ '{{ join "','" (splitList "," .Env.TOOLBAR_BUTTONS) }}' ]; +{{ end -}} + +// Hides the buttons at pre-join screen +{{ if .Env.HIDE_PREMEETING_BUTTONS -}} +config.hiddenPremeetingButtons = [ '{{ join "','" (splitList "," .Env.HIDE_PREMEETING_BUTTONS) }}' ]; +{{ end -}} + +// Configure remote participant video menu +if (!config.hasOwnProperty('remoteVideoMenu')) config.remoteVideoMenu = {}; +config.remoteVideoMenu.disabled = {{ $DISABLE_REMOTE_VIDEO_MENU }}; +config.remoteVideoMenu.disableKick = {{ $DISABLE_KICKOUT }}; +config.remoteVideoMenu.disableGrantModerator = {{ $DISABLE_GRANT_MODERATOR }}; +config.remoteVideoMenu.disablePrivateChat = {{ $DISABLE_PRIVATE_CHAT }}; + +// Configure e2eping +if (!config.hasOwnProperty('e2eping')) config.e2eping = {}; +config.e2eping.enabled = {{ $ENABLE_E2EPING }}; +{{ if .Env.E2EPING_NUM_REQUESTS -}} +config.e2eping.numRequests = {{ .Env.E2EPING_NUM_REQUESTS }}; +{{ end -}} +{{ if .Env.E2EPING_MAX_CONFERENCE_SIZE -}} +config.e2eping.maxConferenceSize = {{ .Env.E2EPING_MAX_CONFERENCE_SIZE }}; +{{ end -}} +{{ if .Env.E2EPING_MAX_MESSAGE_PER_SECOND -}} +config.e2eping.maxMessagePerSecond = {{ .Env.E2EPING_MAX_MESSAGE_PER_SECOND }}; +{{ end }} diff --git a/playbooks/roles/jitsi-meet/templates/jvb-env.j2 b/playbooks/roles/jitsi-meet/templates/jvb-env.j2 index 0de855b16f..94b30a7f7d 100644 --- a/playbooks/roles/jitsi-meet/templates/jvb-env.j2 +++ b/playbooks/roles/jitsi-meet/templates/jvb-env.j2 @@ -1,56 +1,112 @@ -# Based on https://github.com/jitsi/docker-jitsi-meet/blob/df404476160526d8512fb23b606965b98f7f25f3/env.example +# Based on https://github.com/jitsi/docker-jitsi-meet/blob/stable-7648-4/env.example # Licensed under the ASL v2. -# Customized for OpenDev: - -# Directory where all configuration will be stored. +# Customized for OpenDev, all overrides go here (and remember to comment out +# any defaults from the example): CONFIG=/var/jitsi-meet +XMPP_SERVER={{ meetpad_jvb_xmpp_server }} +XMPP_AUTH_DOMAIN=auth.localhost +XMPP_INTERNAL_MUC_DOMAIN=internal-muc.localhost +JVB_AUTH_PASSWORD={{ meetpad_jvb_auth_password }} +JVB_PORT=10000 -# Directory where templates to generate configs are stored. -DEFAULTS=/var/jitsi-meet/defaults +# shellcheck disable=SC2034 -# System time zone. -TZ=Etc/UTC +################################################################################ +################################################################################ +# Welcome to the Jitsi Meet Docker setup! +# +# This sample .env file contains some basic options to get you started. +# The full options reference can be found here: +# https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-docker +################################################################################ +################################################################################ -# Public URL for the web service. -PUBLIC_URL=https://meetpad.opendev.org - -# Set etherpad-lite URL (uncomment to enable). -ETHERPAD_URL_BASE=https://etherpad.opendev.org # # Basic configuration options # -# IP address of the Docker host. See the "Running on a LAN environment" section -# in the README. +# Directory where all configuration will be stored +#CONFIG=~/.jitsi-meet-cfg + +# Exposed HTTP port +HTTP_PORT=8000 + +# Exposed HTTPS port +HTTPS_PORT=8443 + +# System time zone +TZ=UTC + +# Public URL for the web service (required) +#PUBLIC_URL=https://meet.example.com + +# IP address of the Docker host +# See the "Running behind NAT or on a LAN environment" section in the Handbook: +# https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-docker#running-behind-nat-or-on-a-lan-environment #DOCKER_HOST_ADDRESS=192.168.1.1 + +# +# JaaS Components (beta) +# https://jaas.8x8.vc +# + +# Enable JaaS Components (hosted Jigasi) +#ENABLE_JAAS_COMPONENTS=0 + # # Let's Encrypt configuration # -# Enable Let's Encrypt certificate generation. +# Enable Let's Encrypt certificate generation #ENABLE_LETSENCRYPT=1 -# Domain for which to generate the certificate. +# Domain for which to generate the certificate #LETSENCRYPT_DOMAIN=meet.example.com -# E-Mail for receiving important account notifications (mandatory). +# E-Mail for receiving important account notifications (mandatory) #LETSENCRYPT_EMAIL=alice@atlanta.net +# Use the staging server (for avoiding rate limits while testing) +#LETSENCRYPT_USE_STAGING=1 + + +# +# Etherpad integration (for document sharing) +# + +# Set etherpad-lite URL in docker local network (uncomment to enable) +#ETHERPAD_URL_BASE=http://etherpad.meet.jitsi:9001 + +# Set etherpad-lite public URL, including /p/ pad path fragment (uncomment to enable) +#ETHERPAD_PUBLIC_URL=https://etherpad.my.domain/p/ + +# Name your etherpad instance! +ETHERPAD_TITLE=Video Chat + +# The default text of a pad +ETHERPAD_DEFAULT_PAD_TEXT="Welcome to Web Chat!\n\n" + +# Name of the skin for etherpad +ETHERPAD_SKIN_NAME=colibris + +# Skin variants for etherpad +ETHERPAD_SKIN_VARIANTS="super-light-toolbar super-light-editor light-background full-width-editor" + # # Basic Jigasi configuration options (needed for SIP gateway support) # -# SIP URI for incoming / outgoing calls. +# SIP URI for incoming / outgoing calls #JIGASI_SIP_URI=test@sip2sip.info # Password for the specified SIP account as a clear text #JIGASI_SIP_PASSWORD=passw0rd -# SIP server (use the SIP account domain if in doubt). +# SIP server (use the SIP account domain if in doubt) #JIGASI_SIP_SERVER=sip2sip.info # SIP server port @@ -59,54 +115,54 @@ ETHERPAD_URL_BASE=https://etherpad.opendev.org # SIP server transport #JIGASI_SIP_TRANSPORT=UDP + # -# Authentication configuration (see README for details) +# Authentication configuration (see handbook for details) # -# Enable authentication. +# Enable authentication #ENABLE_AUTH=1 -# Enable guest access. +# Enable guest access #ENABLE_GUESTS=1 -# Select authentication type: internal, jwt or ldap +# Select authentication type: internal, jwt, ldap or matrix #AUTH_TYPE=internal -# JWT auuthentication +# JWT authentication # -# Application identifier. +# Application identifier #JWT_APP_ID=my_jitsi_app_id -# Application secret known only to your token. +# Application secret known only to your token generator #JWT_APP_SECRET=my_jitsi_app_secret -# (Optional) Set asap_accepted_issuers as a comma separated list. +# (Optional) Set asap_accepted_issuers as a comma separated list #JWT_ACCEPTED_ISSUERS=my_web_client,my_app_client -# (Optional) Set asap_accepted_audiences as a comma separated list. +# (Optional) Set asap_accepted_audiences as a comma separated list #JWT_ACCEPTED_AUDIENCES=my_server1,my_server2 - # LDAP authentication (for more information see the Cyrus SASL saslauthd.conf man page) # -# LDAP url for connection. +# LDAP url for connection #LDAP_URL=ldaps://ldap.domain.com/ # LDAP base DN. Can be empty #LDAP_BASE=DC=example,DC=domain,DC=com -# LDAP user DN. Do not specify this parameter for the anonymous bind. +# LDAP user DN. Do not specify this parameter for the anonymous bind #LDAP_BINDDN=CN=binduser,OU=users,DC=example,DC=domain,DC=com -# LDAP user password. Do not specify this parameter for the anonymous bind. +# LDAP user password. Do not specify this parameter for the anonymous bind #LDAP_BINDPW=LdapUserPassw0rd # LDAP filter. Tokens example: -# %1-9 - if the input key is user@mail.domain.com, then %1 is com, %2 is domain and %3 is mail. -# %s - %s is replaced by the complete service string. -# %r - %r is replaced by the complete realm string. +# %1-9 - if the input key is user@mail.domain.com, then %1 is com, %2 is domain and %3 is mail +# %s - %s is replaced by the complete service string +# %r - %r is replaced by the complete realm string #LDAP_FILTER=(sAMAccountName=%u) # LDAP authentication method @@ -118,16 +174,16 @@ ETHERPAD_URL_BASE=https://etherpad.opendev.org # LDAP TLS using #LDAP_USE_TLS=1 -# List of SSL/TLS ciphers to allow. +# List of SSL/TLS ciphers to allow #LDAP_TLS_CIPHERS=SECURE256:SECURE128:!AES-128-CBC:!ARCFOUR-128:!CAMELLIA-128-CBC:!3DES-CBC:!CAMELLIA-128-CBC # Require and verify server certificate #LDAP_TLS_CHECK_PEER=1 -# Path to CA cert file. Used when server sertificate verify is enabled. +# Path to CA cert file. Used when server certificate verify is enabled #LDAP_TLS_CACERT_FILE=/etc/ssl/certs/ca-certificates.crt -# Path to CA certs directory. Used when server sertificate verify is enabled. +# Path to CA certs directory. Used when server certificate verify is enabled #LDAP_TLS_CACERT_DIR=/etc/ssl/certs # Wether to use starttls, implies LDAPv3 and requires ldap:// instead of ldaps:// @@ -135,75 +191,36 @@ ETHERPAD_URL_BASE=https://etherpad.opendev.org # -# Advanced configuration options (you generally don't need to change these) +# Security +# +# Set these to strong passwords to avoid intruders from impersonating a service account +# The service(s) won't start unless these are specified +# Running ./gen-passwords.sh will update .env with strong passwords +# You may skip the Jigasi and Jibri passwords if you are not using those +# DO NOT reuse passwords # -# Internal XMPP domain. -XMPP_DOMAIN=localhost +# XMPP password for Jicofo client connections +#JICOFO_AUTH_PASSWORD= -# Internal XMPP server -XMPP_SERVER={{ meetpad_jvb_xmpp_server }} +# XMPP password for JVB client connections +#JVB_AUTH_PASSWORD= -# Internal XMPP server URL -XMPP_BOSH_URL_BASE=http://localhost:5280 +# XMPP password for Jigasi MUC client connections +#JIGASI_XMPP_PASSWORD= -# Internal XMPP domain for authenticated services. -XMPP_AUTH_DOMAIN=auth.localhost +# XMPP recorder password for Jibri client connections +#JIBRI_RECORDER_PASSWORD= -# XMPP domain for the MUC. -XMPP_MUC_DOMAIN=muc.localhost +# XMPP password for Jibri client connections +#JIBRI_XMPP_PASSWORD= -# XMPP domain for the internal MUC used for jibri, jigasi and jvb pools. -XMPP_INTERNAL_MUC_DOMAIN=internal-muc.localhost +# +# Docker Compose options +# -# XMPP domain for unauthenticated users. -XMPP_GUEST_DOMAIN=guest.localhost +# Container restart policy +#RESTART_POLICY=unless-stopped -# Custom Prosody modules for XMPP_DOMAIN (comma separated) -XMPP_MODULES= - -# Custom Prosody modules for MUC component (comma separated) -XMPP_MUC_MODULES= - -# Custom Prosody modules for internal MUC component (comma separated) -XMPP_INTERNAL_MUC_MODULES= - -# MUC for the JVB pool. -JVB_BREWERY_MUC=jvbbrewery - -# XMPP user for JVB client connections. -JVB_AUTH_USER=jvb - -# XMPP password for JVB client connections. -JVB_AUTH_PASSWORD={{ meetpad_jvb_auth_password }} - -# STUN servers used to discover the server's public IP. -JVB_STUN_SERVERS=stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302 - -# Media port for the Jitsi Videobridge -JVB_PORT=10000 - -# TCP Fallback for Jitsi Videobridge for when UDP isn't available -JVB_TCP_HARVESTER_DISABLED=true -JVB_TCP_PORT=4443 - -# A comma separated list of APIs to enable when the JVB is started. The default is none. -# See https://github.com/jitsi/jitsi-videobridge/blob/master/doc/rest.md for more information -#JVB_ENABLE_APIS=rest,colibri - -# Disable HTTPS. This can be useful if TLS connections are going to be handled outside of this setup. -#DISABLE_HTTPS=1 - -# Redirects HTTP traffic to HTTPS. Only works with the standard HTTPS port (443). -ENABLE_HTTP_REDIRECT=1 - -# Participants after the Nth (value below) joining will have their video muted. -# This should mute video for all participants who join. -START_VIDEO_MUTED=0 - -# Participants after the Nth (value below) joining will have their audio muted. -# This should mute audio for all participants who join. -START_AUDIO_MUTED=0 - -# Disable P2P connections for meetings between two participants. -ENABLE_P2P=false +# Jitsi image version (useful for local development) +#JITSI_IMAGE_VERSION=latest diff --git a/playbooks/roles/jitsi-meet/templates/meet-env.j2 b/playbooks/roles/jitsi-meet/templates/meet-env.j2 index 01b8a48b01..5e59f15c8c 100644 --- a/playbooks/roles/jitsi-meet/templates/meet-env.j2 +++ b/playbooks/roles/jitsi-meet/templates/meet-env.j2 @@ -1,56 +1,130 @@ -# Based on https://github.com/jitsi/docker-jitsi-meet/blob/df404476160526d8512fb23b606965b98f7f25f3/env.example +# Based on https://github.com/jitsi/docker-jitsi-meet/blob/stable-7648-4/env.example # Licensed under the ASL v2. -# Customized for OpenDev: - -# Directory where all configuration will be stored. +# Customized for OpenDev, all overrides go here (and remember to comment out +# any defaults from the example): CONFIG=/var/jitsi-meet - -# Directory where templates to generate configs are stored. DEFAULTS=/var/jitsi-meet/defaults - -# System time zone. -TZ=Etc/UTC - -# Public URL for the web service. PUBLIC_URL=https://meetpad.opendev.org - -# Set etherpad-lite URL (uncomment to enable). ETHERPAD_URL_BASE=https://etherpad.opendev.org +ENABLE_XMPP_WEBSOCKET=0 +XMPP_DOMAIN=localhost +XMPP_SERVER=localhost +XMPP_BOSH_URL_BASE=http://localhost:5280 +XMPP_AUTH_DOMAIN=auth.localhost +XMPP_MUC_DOMAIN=muc.localhost +XMPP_INTERNAL_MUC_DOMAIN=internal-muc.localhost +XMPP_GUEST_DOMAIN=guest.localhost +JVB_AUTH_PASSWORD={{ meetpad_jvb_auth_password }} +JVB_PORT=10000 +JICOFO_COMPONENT_SECRET={{ meetpad_jicofo_component_secret }} +JICOFO_AUTH_PASSWORD={{ meetpad_jicofo_auth_password }} +JIGASI_XMPP_PASSWORD={{ meetpad_jigasi_xmpp_password }} +XMPP_RECORDER_DOMAIN=recorder.localhost +JIBRI_RECORDER_PASSWORD={{ meetpad_jibri_recorder_password }} +JIBRI_XMPP_PASSWORD={{ meetpad_jibri_xmpp_password }} +ENABLE_HTTP_REDIRECT=1 +START_WITH_AUDIO_MUTED=true +START_WITH_VIDEO_MUTED=true +ENABLE_P2P=false + +# shellcheck disable=SC2034 + +################################################################################ +################################################################################ +# Welcome to the Jitsi Meet Docker setup! +# +# This sample .env file contains some basic options to get you started. +# The full options reference can be found here: +# https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-docker +################################################################################ +################################################################################ + # # Basic configuration options # -# IP address of the Docker host. See the "Running on a LAN environment" section -# in the README. +# Directory where all configuration will be stored +#CONFIG=~/.jitsi-meet-cfg + +# Exposed HTTP port +HTTP_PORT=8000 + +# Exposed HTTPS port +HTTPS_PORT=8443 + +# System time zone +TZ=UTC + +# Public URL for the web service (required) +#PUBLIC_URL=https://meet.example.com + +# IP address of the Docker host +# See the "Running behind NAT or on a LAN environment" section in the Handbook: +# https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-docker#running-behind-nat-or-on-a-lan-environment #DOCKER_HOST_ADDRESS=192.168.1.1 + +# +# JaaS Components (beta) +# https://jaas.8x8.vc +# + +# Enable JaaS Components (hosted Jigasi) +#ENABLE_JAAS_COMPONENTS=0 + # # Let's Encrypt configuration # -# Enable Let's Encrypt certificate generation. +# Enable Let's Encrypt certificate generation #ENABLE_LETSENCRYPT=1 -# Domain for which to generate the certificate. +# Domain for which to generate the certificate #LETSENCRYPT_DOMAIN=meet.example.com -# E-Mail for receiving important account notifications (mandatory). +# E-Mail for receiving important account notifications (mandatory) #LETSENCRYPT_EMAIL=alice@atlanta.net +# Use the staging server (for avoiding rate limits while testing) +#LETSENCRYPT_USE_STAGING=1 + + +# +# Etherpad integration (for document sharing) +# + +# Set etherpad-lite URL in docker local network (uncomment to enable) +#ETHERPAD_URL_BASE=http://etherpad.meet.jitsi:9001 + +# Set etherpad-lite public URL, including /p/ pad path fragment (uncomment to enable) +#ETHERPAD_PUBLIC_URL=https://etherpad.my.domain/p/ + +# Name your etherpad instance! +ETHERPAD_TITLE=Video Chat + +# The default text of a pad +ETHERPAD_DEFAULT_PAD_TEXT="Welcome to Web Chat!\n\n" + +# Name of the skin for etherpad +ETHERPAD_SKIN_NAME=colibris + +# Skin variants for etherpad +ETHERPAD_SKIN_VARIANTS="super-light-toolbar super-light-editor light-background full-width-editor" + # # Basic Jigasi configuration options (needed for SIP gateway support) # -# SIP URI for incoming / outgoing calls. +# SIP URI for incoming / outgoing calls #JIGASI_SIP_URI=test@sip2sip.info # Password for the specified SIP account as a clear text #JIGASI_SIP_PASSWORD=passw0rd -# SIP server (use the SIP account domain if in doubt). +# SIP server (use the SIP account domain if in doubt) #JIGASI_SIP_SERVER=sip2sip.info # SIP server port @@ -59,54 +133,54 @@ ETHERPAD_URL_BASE=https://etherpad.opendev.org # SIP server transport #JIGASI_SIP_TRANSPORT=UDP + # -# Authentication configuration (see README for details) +# Authentication configuration (see handbook for details) # -# Enable authentication. +# Enable authentication #ENABLE_AUTH=1 -# Enable guest access. +# Enable guest access #ENABLE_GUESTS=1 -# Select authentication type: internal, jwt or ldap +# Select authentication type: internal, jwt, ldap or matrix #AUTH_TYPE=internal -# JWT auuthentication +# JWT authentication # -# Application identifier. +# Application identifier #JWT_APP_ID=my_jitsi_app_id -# Application secret known only to your token. +# Application secret known only to your token generator #JWT_APP_SECRET=my_jitsi_app_secret -# (Optional) Set asap_accepted_issuers as a comma separated list. +# (Optional) Set asap_accepted_issuers as a comma separated list #JWT_ACCEPTED_ISSUERS=my_web_client,my_app_client -# (Optional) Set asap_accepted_audiences as a comma separated list. +# (Optional) Set asap_accepted_audiences as a comma separated list #JWT_ACCEPTED_AUDIENCES=my_server1,my_server2 - # LDAP authentication (for more information see the Cyrus SASL saslauthd.conf man page) # -# LDAP url for connection. +# LDAP url for connection #LDAP_URL=ldaps://ldap.domain.com/ # LDAP base DN. Can be empty #LDAP_BASE=DC=example,DC=domain,DC=com -# LDAP user DN. Do not specify this parameter for the anonymous bind. +# LDAP user DN. Do not specify this parameter for the anonymous bind #LDAP_BINDDN=CN=binduser,OU=users,DC=example,DC=domain,DC=com -# LDAP user password. Do not specify this parameter for the anonymous bind. +# LDAP user password. Do not specify this parameter for the anonymous bind #LDAP_BINDPW=LdapUserPassw0rd # LDAP filter. Tokens example: -# %1-9 - if the input key is user@mail.domain.com, then %1 is com, %2 is domain and %3 is mail. -# %s - %s is replaced by the complete service string. -# %r - %r is replaced by the complete realm string. +# %1-9 - if the input key is user@mail.domain.com, then %1 is com, %2 is domain and %3 is mail +# %s - %s is replaced by the complete service string +# %r - %r is replaced by the complete realm string #LDAP_FILTER=(sAMAccountName=%u) # LDAP authentication method @@ -118,16 +192,16 @@ ETHERPAD_URL_BASE=https://etherpad.opendev.org # LDAP TLS using #LDAP_USE_TLS=1 -# List of SSL/TLS ciphers to allow. +# List of SSL/TLS ciphers to allow #LDAP_TLS_CIPHERS=SECURE256:SECURE128:!AES-128-CBC:!ARCFOUR-128:!CAMELLIA-128-CBC:!3DES-CBC:!CAMELLIA-128-CBC # Require and verify server certificate #LDAP_TLS_CHECK_PEER=1 -# Path to CA cert file. Used when server sertificate verify is enabled. +# Path to CA cert file. Used when server certificate verify is enabled #LDAP_TLS_CACERT_FILE=/etc/ssl/certs/ca-certificates.crt -# Path to CA certs directory. Used when server sertificate verify is enabled. +# Path to CA certs directory. Used when server certificate verify is enabled #LDAP_TLS_CACERT_DIR=/etc/ssl/certs # Wether to use starttls, implies LDAPv3 and requires ldap:// instead of ldaps:// @@ -135,180 +209,36 @@ ETHERPAD_URL_BASE=https://etherpad.opendev.org # -# Advanced configuration options (you generally don't need to change these) +# Security +# +# Set these to strong passwords to avoid intruders from impersonating a service account +# The service(s) won't start unless these are specified +# Running ./gen-passwords.sh will update .env with strong passwords +# You may skip the Jigasi and Jibri passwords if you are not using those +# DO NOT reuse passwords # -# Needed to make newer jitsi meet happy. Testing with this set to 1 results -# in "You have been disconnected" client errors. Need to do more investigating -# into how this is meant to work. -ENABLE_XMPP_WEBSOCKET=0 +# XMPP password for Jicofo client connections +#JICOFO_AUTH_PASSWORD= -# Internal XMPP domain. -XMPP_DOMAIN=localhost +# XMPP password for JVB client connections +#JVB_AUTH_PASSWORD= -# Internal XMPP server -XMPP_SERVER=localhost +# XMPP password for Jigasi MUC client connections +#JIGASI_XMPP_PASSWORD= -# Internal XMPP server URL -XMPP_BOSH_URL_BASE=http://localhost:5280 +# XMPP recorder password for Jibri client connections +#JIBRI_RECORDER_PASSWORD= -# Internal XMPP domain for authenticated services. -XMPP_AUTH_DOMAIN=auth.localhost +# XMPP password for Jibri client connections +#JIBRI_XMPP_PASSWORD= -# XMPP domain for the MUC. -XMPP_MUC_DOMAIN=muc.localhost - -# XMPP domain for the internal MUC used for jibri, jigasi and jvb pools. -XMPP_INTERNAL_MUC_DOMAIN=internal-muc.localhost - -# XMPP domain for unauthenticated users. -XMPP_GUEST_DOMAIN=guest.localhost - -# Custom Prosody modules for XMPP_DOMAIN (comma separated) -XMPP_MODULES= - -# Custom Prosody modules for MUC component (comma separated) -XMPP_MUC_MODULES= - -# Custom Prosody modules for internal MUC component (comma separated) -XMPP_INTERNAL_MUC_MODULES= - -# MUC for the JVB pool. -JVB_BREWERY_MUC=jvbbrewery - -# XMPP user for JVB client connections. -JVB_AUTH_USER=jvb - -# XMPP password for JVB client connections. -JVB_AUTH_PASSWORD={{ meetpad_jvb_auth_password }} - -# STUN servers used to discover the server's public IP. -JVB_STUN_SERVERS=stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302 - -# Media port for the Jitsi Videobridge -JVB_PORT=10000 - -# TCP Fallback for Jitsi Videobridge for when UDP isn't available -JVB_TCP_HARVESTER_DISABLED=true -JVB_TCP_PORT=4443 - -# A comma separated list of APIs to enable when the JVB is started. The default is none. -# See https://github.com/jitsi/jitsi-videobridge/blob/master/doc/rest.md for more information -#JVB_ENABLE_APIS=rest,colibri - -# XMPP component password for Jicofo. -JICOFO_COMPONENT_SECRET={{ meetpad_jicofo_component_secret }} - -# XMPP user for Jicofo client connections. NOTE: this option doesn't currently work due to a bug. -JICOFO_AUTH_USER=focus - -# XMPP password for Jicofo client connections. -JICOFO_AUTH_PASSWORD={{ meetpad_jicofo_auth_password }} - -# Base URL of Jicofo's reservation REST API -#JICOFO_RESERVATION_REST_BASE_URL=http://reservation.example.com - -# XMPP user for Jigasi MUC client connections. -JIGASI_XMPP_USER=jigasi - -# XMPP password for Jigasi MUC client connections. -JIGASI_XMPP_PASSWORD={{ meetpad_jigasi_xmpp_password }} - -# MUC name for the Jigasi pool. -JIGASI_BREWERY_MUC=jigasibrewery - -# Minimum port for media used by Jigasi. -JIGASI_PORT_MIN=20000 - -# Maximum port for media used by Jigasi. -JIGASI_PORT_MAX=20050 - -# Enable SDES srtp -#JIGASI_ENABLE_SDES_SRTP=1 - -# Keepalive method -#JIGASI_SIP_KEEP_ALIVE_METHOD=OPTIONS - -# Health-check extension -#JIGASI_HEALTH_CHECK_SIP_URI=keepalive - -# Health-check interval -#JIGASI_HEALTH_CHECK_INTERVAL=300000 # -# Enable Jigasi transcription. -#ENABLE_TRANSCRIPTIONS=1 +# Docker Compose options +# -# Jigasi will recordord an audio when transcriber is on. Default false. -#JIGASI_TRANSCRIBER_RECORD_AUDIO=true +# Container restart policy +#RESTART_POLICY=unless-stopped -# Jigasi will send transcribed text to the chat when transcriber is on. Default false. -#JIGASI_TRANSCRIBER_SEND_TXT=true - -# Jigasi post to the chat an url with transcription file. Default false. -#JIGASI_TRANSCRIBER_ADVERTISE_URL=true - -# Credentials for connect to Cloud Google API from Jigasi. Path located inside the container. -# Please read https://cloud.google.com/text-to-speech/docs/quickstart-protocol -# section "Before you begin" from 1 to 5 paragraph. Copy the key on -# the docker host to ${CONFIG}/jigasi/key.json and to enable this setting: -#GOOGLE_APPLICATION_CREDENTIALS=/config/key.json - -# Enable recording -#ENABLE_RECORDING=1 - -# XMPP domain for the jibri recorder -XMPP_RECORDER_DOMAIN=recorder.localhost - -# XMPP recorder user for Jibri client connections. -JIBRI_RECORDER_USER=recorder - -# XMPP recorder password for Jibri client connections. -JIBRI_RECORDER_PASSWORD={{ meetpad_jibri_recorder_password }} - -# Directory for recordings inside Jibri container. -JIBRI_RECORDING_DIR=/config/recordings - -# The finalizing script. Will run after recording is complete. -JIBRI_FINALIZE_RECORDING_SCRIPT_PATH=/config/finalize.sh - -# XMPP user for Jibri client connections. -JIBRI_XMPP_USER=jibri - -# XMPP password for Jibri client connections. -JIBRI_XMPP_PASSWORD={{ meetpad_jibri_xmpp_password }} - -# MUC name for the Jibri pool. -JIBRI_BREWERY_MUC=jibribrewery - -# MUC connection timeout -JIBRI_PENDING_TIMEOUT=90 - -# When jibri gets a request to start a service for a room, the room -# jid will look like: roomName@optional.prefixes.subdomain.xmpp_domain -# We'll build the url for the call by transforming that into: -# https://xmpp_domain/subdomain/roomName -# So if there are any prefixes in the jid (like jitsi meet, which -# has its participants join a muc at conference.xmpp_domain) then -# list that prefix here so it can be stripped out to generate -# the call url correctly. -JIBRI_STRIP_DOMAIN_JID=muc - -# Directory for logs inside Jibri container. -JIBRI_LOGS_DIR=/config/logs - -# Disable HTTPS. This can be useful if TLS connections are going to be handled outside of this setup. -#DISABLE_HTTPS=1 - -# Redirects HTTP traffic to HTTPS. Only works with the standard HTTPS port (443). -ENABLE_HTTP_REDIRECT=1 - -# Participants after the Nth (value below) joining will have their video muted. -# This should mute video for all participants who join. -START_VIDEO_MUTED=0 - -# Participants after the Nth (value below) joining will have their audio muted. -# This should mute audio for all participants who join. -START_AUDIO_MUTED=0 - -# Disable P2P connections for meetings between two participants. -ENABLE_P2P=false +# Jitsi image version (useful for local development) +#JITSI_IMAGE_VERSION=latest