commit
be00452782
@ -23,6 +23,7 @@ If you decide to go with the alternative method ([Server Delegation via a DNS SR
|
||||
| A | `matrix` | - | - | - | `matrix-server-IP` |
|
||||
| CNAME | `riot` | - | - | - | `matrix.<your-domain>` |
|
||||
| CNAME | `dimension` (*) | - | - | - | `matrix.<your-domain>` |
|
||||
| CNAME | `jitsi` (*) | - | - | - | `matrix.<your-domain>` |
|
||||
| SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.<your-domain>` |
|
||||
|
||||
|
||||
@ -38,6 +39,8 @@ If you'd rather instruct the playbook not to install Riot (`matrix_riot_web_enab
|
||||
|
||||
The `dimension.<your-domain>` subdomain may be necessary, because this playbook could install the [Dimension integrations manager](http://dimension.t2bot.io/) for you. Dimension installation is disabled by default, because it's only possible to install it after the other Matrix services are working (see [Setting up Dimension](configuring-playbook-dimension.md) later). If you do not wish to set up Dimension, feel free to skip the `dimension.<your-domain>` DNS record.
|
||||
|
||||
The `jitsi.<your-domain>` subdomain may be necessary, because this playbook could install the [Jitsi video-conferencing platform](https://jitsi.org/) for you. Jitsi installation is disabled by default, because it may be heavy and is not a core required component. To learn how to install it, see our [Jitsi](configuring-playbook-jitsi.md) guide. If you do not wish to set up Jitsi, feel free to skip the `jitsi.<your-domain>` DNS record.
|
||||
|
||||
|
||||
## `_matrix-identity._tcp` SRV record setup
|
||||
|
||||
|
36
docs/configuring-playbook-jitsi.md
Normal file
36
docs/configuring-playbook-jitsi.md
Normal file
@ -0,0 +1,36 @@
|
||||
# Jitsi
|
||||
|
||||
The playbook can install the [Jitsi](https://jitsi.org/) video-conferencing platform and integrate it with [Riot](configuring-playbook-riot-web.md).
|
||||
|
||||
Jitsi installation is **not enabled by default**, because it's not a core component of Matrix services.
|
||||
|
||||
The setup done by the playbook is very similar to [docker-jitsi-meet](https://github.com/jitsi/docker-jitsi-meet).
|
||||
|
||||
|
||||
## Prerequisites
|
||||
|
||||
Before installing Jitsi, make sure you've created the `jitsi.DOMAIN` DNS record. See [Configuring DNS](configuring-dns.md).
|
||||
|
||||
You may also need to open the following ports to your server:
|
||||
|
||||
- `udp/10000` - RTP media over UDP
|
||||
- `tcp/4443` - RTP media fallback over TCP
|
||||
|
||||
|
||||
## Installation
|
||||
|
||||
Add this to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration:
|
||||
|
||||
```yaml
|
||||
matrix_jitsi_enabled: true
|
||||
|
||||
# We only need this temporarily - until Jitsi integration in riot-web is finalized.
|
||||
# Remove this line in the future, to switch back to a stable riot-web version.
|
||||
matrix_riot_web_docker_image: "vectorim/riot-web:develop"
|
||||
```
|
||||
|
||||
Then re-run the playbook: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start`
|
||||
|
||||
.. and fully reload your riot-web page (at `riot.DOMAIN`).
|
||||
|
||||
Starting a video-conference in a room with more than 2 members should then create a Jitsi widget which utilizes your self-hosted Jitsi server.
|
@ -392,6 +392,41 @@ matrix_email2matrix_enabled: false
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-jitsi
|
||||
#
|
||||
######################################################################
|
||||
|
||||
matrix_jitsi_enabled: false
|
||||
|
||||
# Normally, matrix-nginx-proxy is enabled and nginx can reach jitsi/web over the container network.
|
||||
# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose
|
||||
# the Jitsi HTTP port to the local host.
|
||||
matrix_jitsi_web_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:12080' }}"
|
||||
|
||||
matrix_jitsi_jibri_xmpp_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'jibri') | to_uuid }}"
|
||||
matrix_jitsi_jicofo_auth_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'jicofo') | to_uuid }}"
|
||||
matrix_jitsi_jvb_auth_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'jvb') | to_uuid }}"
|
||||
|
||||
matrix_jitsi_web_stun_servers: |
|
||||
{{
|
||||
[
|
||||
matrix_server_fqn_matrix + ':5349',
|
||||
matrix_server_fqn_matrix + ':3478',
|
||||
]
|
||||
if matrix_coturn_enabled
|
||||
else [ 'stun.l.google.com:19302', 'stun1.l.google.com:19302', 'stun2.l.google.com:19302']
|
||||
}}
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# /matrix-jitsi
|
||||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-mailer
|
||||
@ -482,6 +517,7 @@ matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb: "{{ matrix_s
|
||||
matrix_nginx_proxy_proxy_matrix_enabled: true
|
||||
matrix_nginx_proxy_proxy_riot_enabled: "{{ matrix_riot_web_enabled }}"
|
||||
matrix_nginx_proxy_proxy_dimension_enabled: "{{ matrix_dimension_enabled }}"
|
||||
matrix_nginx_proxy_proxy_jitsi_enabled: "{{ matrix_jitsi_enabled }}"
|
||||
|
||||
matrix_nginx_proxy_proxy_matrix_corporal_api_enabled: "{{ matrix_corporal_enabled and matrix_corporal_http_api_enabled }}"
|
||||
matrix_nginx_proxy_proxy_matrix_corporal_api_addr_with_container: "matrix-corporal:41081"
|
||||
@ -525,6 +561,8 @@ matrix_ssl_domains_to_obtain_certificates_for: |
|
||||
+
|
||||
([matrix_server_fqn_dimension] if matrix_dimension_enabled else [])
|
||||
+
|
||||
([matrix_server_fqn_jitsi])
|
||||
+
|
||||
([matrix_domain] if matrix_nginx_proxy_base_domain_serving_enabled else [])
|
||||
}}
|
||||
|
||||
@ -596,6 +634,8 @@ matrix_riot_web_enable_presence_by_hs_url: |
|
||||
|
||||
matrix_riot_web_welcome_user_id: ~
|
||||
|
||||
matrix_riot_web_jitsi_preferredDomain: "{{ matrix_server_fqn_jitsi if matrix_jitsi_enabled else '' }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# /matrix-riot-web
|
||||
|
@ -18,6 +18,9 @@ matrix_server_fqn_riot: "riot.{{ matrix_domain }}"
|
||||
# This is where you access the Dimension.
|
||||
matrix_server_fqn_dimension: "dimension.{{ matrix_domain }}"
|
||||
|
||||
# This is where you access Jitsi.
|
||||
matrix_server_fqn_jitsi: "jitsi.{{ matrix_domain }}"
|
||||
|
||||
matrix_user_username: "matrix"
|
||||
matrix_user_uid: 991
|
||||
matrix_user_gid: 991
|
||||
@ -69,4 +72,4 @@ run_stop: true
|
||||
|
||||
# Building every docker image from source on the target host
|
||||
# Controlling docker image build is possible on a per unit base
|
||||
matrix_container_images_self_build: false
|
||||
matrix_container_images_self_build: false
|
||||
|
116
roles/matrix-jitsi/defaults/main.yml
Normal file
116
roles/matrix-jitsi/defaults/main.yml
Normal file
@ -0,0 +1,116 @@
|
||||
matrix_jitsi_enabled: true
|
||||
|
||||
matrix_jitsi_base_path: "{{ matrix_base_data_path }}/jitsi"
|
||||
|
||||
matrix_jitsi_enable_auth: false
|
||||
matrix_jitsi_enable_guests: false
|
||||
matrix_jitsi_enable_recording: true
|
||||
matrix_jitsi_enable_transcriptions: true
|
||||
|
||||
matrix_jitsi_timezone: UTC
|
||||
|
||||
matrix_jitsi_xmpp_domain: matrix-jitsi-web
|
||||
matrix_jitsi_xmpp_server: matrix-jitsi-prosody
|
||||
matrix_jitsi_xmpp_auth_domain: auth.meet.jitsi
|
||||
matrix_jitsi_xmpp_bosh_url_base: http://{{ matrix_jitsi_xmpp_server }}:5280
|
||||
matrix_jitsi_xmpp_guest_domain: guest.meet.jitsi
|
||||
matrix_jitsi_xmpp_muc_domain: muc.meet.jitsi
|
||||
matrix_jitsi_xmpp_internal_muc_domain: internal-muc.meet.jitsi
|
||||
|
||||
matrix_jitsi_recorder_domain: recorder.meet.jitsi
|
||||
|
||||
|
||||
matrix_jitsi_jibri_brewery_muc: jibribrewery
|
||||
matrix_jitsi_jibri_pending_timeout: 90
|
||||
matrix_jitsi_jibri_xmpp_user: jibri
|
||||
matrix_jitsi_jibri_xmpp_password: jibri-password
|
||||
matrix_jitsi_jibri_recorder_user: recorder
|
||||
matrix_jitsi_jibri_recorder_password: recorder-password
|
||||
|
||||
|
||||
matrix_jitsi_web_docker_image: "jitsi/web:4101"
|
||||
matrix_jitsi_web_docker_image_force_pull: "{{ matrix_jitsi_web_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_jitsi_web_base_path: "{{ matrix_base_data_path }}/jitsi/web"
|
||||
matrix_jitsi_web_config_path: "{{ matrix_jitsi_web_base_path }}/config"
|
||||
matrix_jitsi_web_transcripts_path: "{{ matrix_jitsi_web_base_path }}/transcripts"
|
||||
|
||||
matrix_jitsi_web_public_url: "https://{{ matrix_server_fqn_jitsi }}"
|
||||
|
||||
# STUN servers used in the web UI. Feel free to point them to your own STUN server.
|
||||
matrix_jitsi_web_stun_servers: ['stun.l.google.com:19302', 'stun1.l.google.com:19302', 'stun2.l.google.com:19302']
|
||||
|
||||
# Controls whether the matrix-jitsi-web container exposes its HTTP port (tcp/80 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:12080"), or empty string to not expose.
|
||||
matrix_jitsi_web_container_http_host_bind_port: ''
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_jitsi_web_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-jitsi-web.service depends on
|
||||
matrix_jitsi_web_systemd_required_services_list: ['docker.service']
|
||||
|
||||
|
||||
matrix_jitsi_prosody_docker_image: "jitsi/prosody:4101"
|
||||
matrix_jitsi_prosody_docker_image_force_pull: "{{ matrix_jitsi_prosody_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_jitsi_prosody_base_path: "{{ matrix_base_data_path }}/jitsi/prosody"
|
||||
matrix_jitsi_prosody_config_path: "{{ matrix_jitsi_prosody_base_path }}/config"
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_jitsi_prosody_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-jitsi-prosody.service depends on
|
||||
matrix_jitsi_prosody_systemd_required_services_list: ['docker.service']
|
||||
|
||||
|
||||
matrix_jitsi_jicofo_docker_image: "jitsi/jicofo:4101"
|
||||
matrix_jitsi_jicofo_docker_image_force_pull: "{{ matrix_jitsi_jicofo_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_jitsi_jicofo_base_path: "{{ matrix_base_data_path }}/jitsi/jicofo"
|
||||
matrix_jitsi_jicofo_config_path: "{{ matrix_jitsi_jicofo_base_path }}/config"
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_jitsi_jicofo_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-jitsi-jicofo.service depends on
|
||||
matrix_jitsi_jicofo_systemd_required_services_list: ['docker.service', 'matrix-jitsi-prosody.service']
|
||||
|
||||
matrix_jitsi_jicofo_component_secret: s3cr37
|
||||
matrix_jitsi_jicofo_auth_user: focus
|
||||
matrix_jitsi_jicofo_auth_password: passw0rd
|
||||
|
||||
|
||||
matrix_jitsi_jvb_docker_image: "jitsi/jvb:4101"
|
||||
matrix_jitsi_jvb_docker_image_force_pull: "{{ matrix_jitsi_jvb_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_jitsi_jvb_base_path: "{{ matrix_base_data_path }}/jitsi/jvb"
|
||||
matrix_jitsi_jvb_config_path: "{{ matrix_jitsi_jvb_base_path }}/config"
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_jitsi_jvb_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-jitsi-jvb.service depends on
|
||||
matrix_jitsi_jvb_systemd_required_services_list: ['docker.service', 'matrix-jitsi-prosody.service']
|
||||
|
||||
matrix_jitsi_jvb_auth_user: jvb
|
||||
matrix_jitsi_jvb_auth_password: passw0rd
|
||||
|
||||
# STUN servers used by JVB on the server-side, so it can discover its own external IP address.
|
||||
# Pointing this to a STUN server running on the same Docker network may lead to incorrect IP address discovery.
|
||||
matrix_jitsi_jvb_stun_servers: ['stun.l.google.com:19302', 'stun1.l.google.com:19302', 'stun2.l.google.com:19302']
|
||||
|
||||
matrix_jitsi_jvb_brewery_muc: jvbbrewery
|
||||
matrix_jitsi_jvb_rtp_udp_port: 10000
|
||||
matrix_jitsi_jvb_rtp_tcp_port: 4443
|
||||
|
||||
# Controls whether the matrix-jitsi-jvb container exposes its RTP UDP port (udp/10000 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:10000"), or empty string to not expose.
|
||||
matrix_jitsi_jvb_container_rtp_udp_host_bind_port: "{{ matrix_jitsi_jvb_rtp_udp_port }}"
|
||||
|
||||
# Controls whether the matrix-jitsi-jvb container exposes its RTP UDP port (udp/4443 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:4443"), or empty string to not expose.
|
||||
matrix_jitsi_jvb_container_rtp_tcp_host_bind_port: "{{ matrix_jitsi_jvb_rtp_tcp_port }}"
|
3
roles/matrix-jitsi/tasks/init.yml
Normal file
3
roles/matrix-jitsi/tasks/init.yml
Normal file
@ -0,0 +1,3 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-jitsi-web', 'matrix-jitsi-prosody', 'matrix-jitsi-jicofo', 'matrix-jitsi-jvb'] }}"
|
||||
when: matrix_jitsi_enabled|bool
|
33
roles/matrix-jitsi/tasks/main.yml
Normal file
33
roles/matrix-jitsi/tasks/main.yml
Normal file
@ -0,0 +1,33 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_jitsi_base.yml"
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-jitsi
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_jitsi_web.yml"
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-jitsi
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_jitsi_prosody.yml"
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-jitsi
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_jitsi_jicofo.yml"
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-jitsi
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_jitsi_jvb.yml"
|
||||
when: run_setup|bool
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-jitsi
|
20
roles/matrix-jitsi/tasks/setup_jitsi_base.yml
Normal file
20
roles/matrix-jitsi/tasks/setup_jitsi_base.yml
Normal file
@ -0,0 +1,20 @@
|
||||
---
|
||||
|
||||
#
|
||||
# Tasks related to setting up jitsi
|
||||
#
|
||||
|
||||
- name: Ensure Matrix jitsi base path exists
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_jitsi_base_path }}", when: true }
|
||||
when: matrix_jitsi_enabled|bool and item.when
|
||||
|
||||
#
|
||||
# Tasks related to getting rid of jitsi (if it was previously enabled)
|
||||
#
|
96
roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml
Normal file
96
roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml
Normal file
@ -0,0 +1,96 @@
|
||||
---
|
||||
|
||||
#
|
||||
# Tasks related to setting up jitsi-jicofo
|
||||
#
|
||||
|
||||
- name: Ensure Matrix jitsi-jicofo path exists
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0777
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_jitsi_jicofo_base_path }}", when: true }
|
||||
- { path: "{{ matrix_jitsi_jicofo_config_path }}", when: true }
|
||||
when: matrix_jitsi_enabled|bool and item.when
|
||||
|
||||
- name: Ensure jitsi-jicofo Docker image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_jitsi_jicofo_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_jitsi_jicofo_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_jicofo_docker_image_force_pull }}"
|
||||
when: matrix_jitsi_enabled|bool
|
||||
|
||||
- name: Ensure jitsi-jicofo environment variables file created
|
||||
template:
|
||||
src: "{{ role_path }}/templates/jicofo/env.j2"
|
||||
dest: "{{ matrix_jitsi_jicofo_base_path }}/env"
|
||||
mode: 0640
|
||||
when: matrix_jitsi_enabled|bool
|
||||
|
||||
- name: Ensure jitsi-jicofo configuration files created
|
||||
template:
|
||||
src: "{{ role_path }}/templates/jicofo/{{ item }}.j2"
|
||||
dest: "{{ matrix_jitsi_jicofo_config_path }}/{{ item }}"
|
||||
mode: 0644
|
||||
with_items:
|
||||
- sip-communicator.properties
|
||||
- logging.properties
|
||||
when: matrix_jitsi_enabled|bool
|
||||
|
||||
- name: Ensure matrix-jitsi-jicofo.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/jicofo/matrix-jitsi-jicofo.service.j2"
|
||||
dest: "/etc/systemd/system/matrix-jitsi-jicofo.service"
|
||||
mode: 0644
|
||||
register: matrix_jitsi_jicofo_systemd_service_result
|
||||
when: matrix_jitsi_enabled|bool
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-jitsi-jicofo.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_jitsi_enabled and matrix_jitsi_jicofo_systemd_service_result.changed"
|
||||
|
||||
#
|
||||
# Tasks related to getting rid of jitsi-jicofo (if it was previously enabled)
|
||||
#
|
||||
|
||||
- name: Check existence of matrix-jitsi-jicofo service
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-jitsi-jicofo.service"
|
||||
register: matrix_jitsi_jicofo_service_stat
|
||||
when: "not matrix_jitsi_enabled|bool"
|
||||
|
||||
- name: Ensure matrix-jitsi-jicofo is stopped
|
||||
service:
|
||||
name: matrix-jitsi-jicofo
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_jicofo_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-jitsi-jicofo.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-jitsi-jicofo.service"
|
||||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_jicofo_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-jitsi-jicofo.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_jicofo_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure Matrix jitsi-jicofo paths doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_jitsi_jicofo_base_path }}"
|
||||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool"
|
||||
|
||||
- name: Ensure jitsi-jicofo Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_jitsi_jicofo_docker_image }}"
|
||||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool"
|
89
roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml
Normal file
89
roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml
Normal file
@ -0,0 +1,89 @@
|
||||
---
|
||||
|
||||
#
|
||||
# Tasks related to setting up jitsi-jvb
|
||||
#
|
||||
|
||||
- name: Ensure Matrix jitsi-jvb path exists
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0777
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_jitsi_jvb_base_path }}", when: true }
|
||||
- { path: "{{ matrix_jitsi_jvb_config_path }}", when: true }
|
||||
when: matrix_jitsi_enabled|bool and item.when
|
||||
|
||||
- name: Ensure jitsi-jvb Docker image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_jitsi_jvb_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_jitsi_jvb_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_jvb_docker_image_force_pull }}"
|
||||
when: matrix_jitsi_enabled|bool
|
||||
|
||||
- name: Ensure jitsi-jvb configuration files created
|
||||
template:
|
||||
src: "{{ role_path }}/templates/jvb/{{ item }}.j2"
|
||||
dest: "{{ matrix_jitsi_jvb_config_path }}/{{ item }}"
|
||||
mode: 0644
|
||||
with_items:
|
||||
- sip-communicator.properties
|
||||
- logging.properties
|
||||
when: matrix_jitsi_enabled|bool
|
||||
|
||||
- name: Ensure matrix-jitsi-jvb.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/jvb/matrix-jitsi-jvb.service.j2"
|
||||
dest: "/etc/systemd/system/matrix-jitsi-jvb.service"
|
||||
mode: 0644
|
||||
register: matrix_jitsi_jvb_systemd_service_result
|
||||
when: matrix_jitsi_enabled|bool
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-jitsi-jvb.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_jitsi_enabled and matrix_jitsi_jvb_systemd_service_result.changed"
|
||||
|
||||
#
|
||||
# Tasks related to getting rid of jitsi-jvb (if it was previously enabled)
|
||||
#
|
||||
|
||||
- name: Check existence of matrix-jitsi-jvb service
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-jitsi-jvb.service"
|
||||
register: matrix_jitsi_jvb_service_stat
|
||||
when: "not matrix_jitsi_enabled|bool"
|
||||
|
||||
- name: Ensure matrix-jitsi-jvb is stopped
|
||||
service:
|
||||
name: matrix-jitsi-jvb
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_jvb_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-jitsi-jvb.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-jitsi-jvb.service"
|
||||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_jvb_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-jitsi-jvb.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_jvb_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure Matrix jitsi-jvb paths doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_jitsi_jvb_base_path }}"
|
||||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool"
|
||||
|
||||
- name: Ensure jitsi-jvb Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_jitsi_jvb_docker_image }}"
|
||||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool"
|
86
roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml
Normal file
86
roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml
Normal file
@ -0,0 +1,86 @@
|
||||
---
|
||||
|
||||
#
|
||||
# Tasks related to setting up jitsi-prosody
|
||||
#
|
||||
|
||||
- name: Ensure Matrix jitsi-prosody path exists
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0777
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_jitsi_prosody_base_path }}", when: true }
|
||||
- { path: "{{ matrix_jitsi_prosody_config_path }}", when: true }
|
||||
when: matrix_jitsi_enabled|bool and item.when
|
||||
|
||||
- name: Ensure jitsi-prosody Docker image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_jitsi_prosody_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_jitsi_prosody_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_prosody_docker_image_force_pull }}"
|
||||
when: matrix_jitsi_enabled|bool
|
||||
|
||||
- name: Ensure jitsi-prosody environment variables file created
|
||||
template:
|
||||
src: "{{ role_path }}/templates/prosody/env.j2"
|
||||
dest: "{{ matrix_jitsi_prosody_base_path }}/env"
|
||||
mode: 0640
|
||||
when: matrix_jitsi_enabled|bool
|
||||
|
||||
- name: Ensure matrix-jitsi-prosody.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/prosody/matrix-jitsi-prosody.service.j2"
|
||||
dest: "/etc/systemd/system/matrix-jitsi-prosody.service"
|
||||
mode: 0644
|
||||
register: matrix_jitsi_prosody_systemd_service_result
|
||||
when: matrix_jitsi_enabled|bool
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-jitsi-prosody.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_jitsi_enabled and matrix_jitsi_prosody_systemd_service_result.changed"
|
||||
|
||||
#
|
||||
# Tasks related to getting rid of jitsi-prosody (if it was previously enabled)
|
||||
#
|
||||
|
||||
- name: Check existence of matrix-jitsi-prosody service
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-jitsi-prosody.service"
|
||||
register: matrix_jitsi_prosody_service_stat
|
||||
when: "not matrix_jitsi_enabled|bool"
|
||||
|
||||
- name: Ensure matrix-jitsi-prosody is stopped
|
||||
service:
|
||||
name: matrix-jitsi-prosody
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_prosody_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-jitsi-prosody.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-jitsi-prosody.service"
|
||||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_prosody_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-jitsi-prosody.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_prosody_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure Matrix jitsi-prosody paths doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_jitsi_prosody_base_path }}"
|
||||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool"
|
||||
|
||||
- name: Ensure jitsi-prosody Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_jitsi_prosody_docker_image }}"
|
||||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool"
|
97
roles/matrix-jitsi/tasks/setup_jitsi_web.yml
Normal file
97
roles/matrix-jitsi/tasks/setup_jitsi_web.yml
Normal file
@ -0,0 +1,97 @@
|
||||
---
|
||||
|
||||
#
|
||||
# Tasks related to setting up jitsi-web
|
||||
#
|
||||
|
||||
- name: Ensure Matrix jitsi-web path exists
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0777
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_username }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_jitsi_web_base_path }}", when: true }
|
||||
- { path: "{{ matrix_jitsi_web_config_path }}", when: true }
|
||||
- { path: "{{ matrix_jitsi_web_transcripts_path }}", when: true }
|
||||
when: matrix_jitsi_enabled|bool and item.when
|
||||
|
||||
- name: Ensure jitsi-web Docker image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_jitsi_web_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_jitsi_web_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_web_docker_image_force_pull }}"
|
||||
when: matrix_jitsi_enabled|bool
|
||||
|
||||
- name: Ensure jitsi-web environment variables file created
|
||||
template:
|
||||
src: "{{ role_path }}/templates/web/env.j2"
|
||||
dest: "{{ matrix_jitsi_web_base_path }}/env"
|
||||
mode: 0640
|
||||
when: matrix_jitsi_enabled|bool
|
||||
|
||||
- name: Ensure jitsi-web configuration files created
|
||||
template:
|
||||
src: "{{ role_path }}/templates/web/{{ item }}.j2"
|
||||
dest: "{{ matrix_jitsi_web_config_path }}/{{ item }}"
|
||||
mode: 0644
|
||||
with_items:
|
||||
- config.js
|
||||
- interface_config.js
|
||||
when: matrix_jitsi_enabled|bool
|
||||
|
||||
- name: Ensure matrix-jitsi-web.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/web/matrix-jitsi-web.service.j2"
|
||||
dest: "/etc/systemd/system/matrix-jitsi-web.service"
|
||||
mode: 0644
|
||||
register: matrix_jitsi_web_systemd_service_result
|
||||
when: matrix_jitsi_enabled|bool
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-jitsi-web.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_jitsi_enabled and matrix_jitsi_web_systemd_service_result.changed"
|
||||
|
||||
#
|
||||
# Tasks related to getting rid of jitsi-web (if it was previously enabled)
|
||||
#
|
||||
|
||||
- name: Check existence of matrix-jitsi-web service
|
||||
stat:
|
||||
path: "/etc/systemd/system/matrix-jitsi-web.service"
|
||||
register: matrix_jitsi_web_service_stat
|
||||
when: "not matrix_jitsi_enabled|bool"
|
||||
|
||||
- name: Ensure matrix-jitsi-web is stopped
|
||||
service:
|
||||
name: matrix-jitsi-web
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_web_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-jitsi-web.service doesn't exist
|
||||
file:
|
||||
path: "/etc/systemd/system/matrix-jitsi-web.service"
|
||||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_web_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-jitsi-web.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "not matrix_jitsi_enabled|bool and matrix_jitsi_web_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure Matrix jitsi-web paths doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_jitsi_web_base_path }}"
|
||||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool"
|
||||
|
||||
- name: Ensure jitsi-web Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_jitsi_web_docker_image }}"
|
||||
state: absent
|
||||
when: "not matrix_jitsi_enabled|bool"
|
17
roles/matrix-jitsi/templates/jicofo/env.j2
Normal file
17
roles/matrix-jitsi/templates/jicofo/env.j2
Normal file
@ -0,0 +1,17 @@
|
||||
ENABLE_AUTH={{ 1 if matrix_jitsi_enable_auth else 0 }}
|
||||
|
||||
XMPP_DOMAIN={{ matrix_jitsi_xmpp_domain }}
|
||||
XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }}
|
||||
XMPP_INTERNAL_MUC_DOMAIN={{ matrix_jitsi_xmpp_internal_muc_domain }}
|
||||
XMPP_SERVER={{ matrix_jitsi_xmpp_server }}
|
||||
|
||||
JICOFO_COMPONENT_SECRET={{ matrix_jitsi_jicofo_component_secret }}
|
||||
JICOFO_AUTH_USER={{ matrix_jitsi_jicofo_auth_user }}
|
||||
JICOFO_AUTH_PASSWORD={{ matrix_jitsi_jicofo_auth_password }}
|
||||
|
||||
JVB_BREWERY_MUC={{ matrix_jitsi_jvb_brewery_muc }}
|
||||
|
||||
JIBRI_BREWERY_MUC={{ matrix_jitsi_jibri_brewery_muc }}
|
||||
JIBRI_PENDING_TIMEOUT={{ matrix_jitsi_jibri_pending_timeout }}
|
||||
|
||||
TZ={{ matrix_jitsi_timezone }}
|
20
roles/matrix-jitsi/templates/jicofo/logging.properties.j2
Normal file
20
roles/matrix-jitsi/templates/jicofo/logging.properties.j2
Normal file
@ -0,0 +1,20 @@
|
||||
handlers= java.util.logging.ConsoleHandler
|
||||
|
||||
java.util.logging.ConsoleHandler.level = ALL
|
||||
java.util.logging.ConsoleHandler.formatter = net.java.sip.communicator.util.ScLogFormatter
|
||||
|
||||
net.java.sip.communicator.util.ScLogFormatter.programname=Jicofo
|
||||
|
||||
.level=INFO
|
||||
net.sf.level=SEVERE
|
||||
net.java.sip.communicator.plugin.reconnectplugin.level=FINE
|
||||
org.ice4j.level=SEVERE
|
||||
org.jitsi.impl.neomedia.level=SEVERE
|
||||
|
||||
# Do not worry about missing strings
|
||||
net.java.sip.communicator.service.resources.AbstractResourcesService.level=SEVERE
|
||||
|
||||
#net.java.sip.communicator.service.protocol.level=ALL
|
||||
|
||||
# Enable debug packets logging
|
||||
#org.jitsi.impl.protocol.xmpp.level=FINE
|
@ -0,0 +1,31 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=Matrix jitsi-jicofo server
|
||||
{% for service in matrix_jitsi_jicofo_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStartPre=-/usr/bin/docker kill matrix-jitsi-jicofo
|
||||
ExecStartPre=-/usr/bin/docker rm matrix-jitsi-jicofo
|
||||
|
||||
ExecStart=/usr/bin/docker run --rm --name matrix-jitsi-jicofo \
|
||||
--log-driver=none \
|
||||
--network={{ matrix_docker_network }} \
|
||||
--env-file={{ matrix_jitsi_jicofo_base_path }}/env \
|
||||
-v {{ matrix_jitsi_jicofo_config_path }}:/config \
|
||||
{% for arg in matrix_jitsi_jicofo_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_jitsi_jicofo_docker_image }}
|
||||
|
||||
ExecStop=-/usr/bin/docker kill matrix-jitsi-jicofo
|
||||
ExecStop=-/usr/bin/docker rm matrix-jitsi-jicofo
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-jitsi-jicofo
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
@ -0,0 +1,5 @@
|
||||
org.jitsi.jicofo.ALWAYS_TRUST_MODE_ENABLED=true
|
||||
org.jitsi.jicofo.BRIDGE_MUC={{ matrix_jitsi_jvb_brewery_muc }}@{{ matrix_jitsi_xmpp_internal_muc_domain }}
|
||||
|
||||
org.jitsi.jicofo.jibri.BREWERY={{ matrix_jitsi_jibri_brewery_muc }}@{{ matrix_jitsi_xmpp_internal_muc_domain }}
|
||||
org.jitsi.jicofo.jibri.PENDING_TIMEOUT=90
|
13
roles/matrix-jitsi/templates/jvb/logging.properties.j2
Normal file
13
roles/matrix-jitsi/templates/jvb/logging.properties.j2
Normal file
@ -0,0 +1,13 @@
|
||||
handlers= java.util.logging.ConsoleHandler
|
||||
|
||||
java.util.logging.ConsoleHandler.level = ALL
|
||||
java.util.logging.ConsoleHandler.formatter = net.java.sip.communicator.util.ScLogFormatter
|
||||
|
||||
net.java.sip.communicator.util.ScLogFormatter.programname=JVB
|
||||
|
||||
.level=INFO
|
||||
|
||||
org.jitsi.videobridge.xmpp.ComponentImpl.level=FINE
|
||||
|
||||
# All of the INFO level logs from MediaStreamImpl are unnecessary in the context of jitsi-videobridge.
|
||||
org.jitsi.impl.neomedia.MediaStreamImpl.level=WARNING
|
36
roles/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2
Normal file
36
roles/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2
Normal file
@ -0,0 +1,36 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=Matrix jitsi-jvb server
|
||||
{% for service in matrix_jitsi_jvb_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStartPre=-/usr/bin/docker kill matrix-jitsi-jvb
|
||||
ExecStartPre=-/usr/bin/docker rm matrix-jitsi-jvb
|
||||
|
||||
ExecStart=/usr/bin/docker run --rm --name matrix-jitsi-jvb \
|
||||
--log-driver=none \
|
||||
--network={{ matrix_docker_network }} \
|
||||
{% if matrix_jitsi_jvb_container_rtp_udp_host_bind_port %}
|
||||
-p {{ matrix_jitsi_jvb_container_rtp_udp_host_bind_port }}:{{ matrix_jitsi_jvb_rtp_udp_port }}/udp \
|
||||
{% endif %}
|
||||
{% if matrix_jitsi_jvb_container_rtp_tcp_host_bind_port %}
|
||||
-p {{ matrix_jitsi_jvb_container_rtp_tcp_host_bind_port }}:{{ matrix_jitsi_jvb_rtp_tcp_port }} \
|
||||
{% endif %}
|
||||
-v {{ matrix_jitsi_jvb_config_path }}:/config \
|
||||
{% for arg in matrix_jitsi_jvb_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_jitsi_jvb_docker_image }}
|
||||
|
||||
ExecStop=-/usr/bin/docker kill matrix-jitsi-jvb
|
||||
ExecStop=-/usr/bin/docker rm matrix-jitsi-jvb
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-jitsi-jvb
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
@ -0,0 +1,19 @@
|
||||
org.jitsi.videobridge.SINGLE_PORT_HARVESTER_PORT={{ matrix_jitsi_jvb_rtp_udp_port }}
|
||||
org.jitsi.videobridge.DISABLE_TCP_HARVESTER=false
|
||||
org.jitsi.videobridge.TCP_HARVESTER_PORT={{ matrix_jitsi_jvb_rtp_tcp_port }}
|
||||
|
||||
{% if matrix_jitsi_jvb_stun_servers|length > 0 %}
|
||||
org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES={{ matrix_jitsi_jvb_stun_servers|join(',') }}
|
||||
{% endif %}
|
||||
|
||||
org.jitsi.videobridge.xmpp.user.shard.HOSTNAME={{ matrix_jitsi_xmpp_server }}
|
||||
org.jitsi.videobridge.xmpp.user.shard.DOMAIN={{ matrix_jitsi_xmpp_auth_domain }}
|
||||
org.jitsi.videobridge.xmpp.user.shard.USERNAME={{ matrix_jitsi_jvb_auth_user }}
|
||||
org.jitsi.videobridge.xmpp.user.shard.PASSWORD={{ matrix_jitsi_jvb_auth_password }}
|
||||
org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS={{ matrix_jitsi_jvb_brewery_muc }}@{{ matrix_jitsi_xmpp_internal_muc_domain }}
|
||||
org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME=matrix-jitsi-jvb
|
||||
org.jitsi.videobridge.xmpp.user.shard.DISABLE_CERTIFICATE_VERIFICATION=true
|
||||
|
||||
org.jitsi.videobridge.ENABLE_STATISTICS=true
|
||||
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc
|
||||
org.jitsi.videobridge.STATISTICS_INTERVAL=5000
|
31
roles/matrix-jitsi/templates/prosody/env.j2
Normal file
31
roles/matrix-jitsi/templates/prosody/env.j2
Normal file
@ -0,0 +1,31 @@
|
||||
AUTH_TYPE=internal
|
||||
|
||||
ENABLE_AUTH={{ 1 if matrix_jitsi_enable_auth else 0 }}
|
||||
ENABLE_GUESTS={{ 1 if matrix_jitsi_enable_guests else 0 }}
|
||||
|
||||
XMPP_DOMAIN={{ matrix_jitsi_xmpp_domain }}
|
||||
XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }}
|
||||
XMPP_GUEST_DOMAIN={{ matrix_jitsi_xmpp_guest_domain }}
|
||||
XMPP_MUC_DOMAIN={{ matrix_jitsi_xmpp_muc_domain }}
|
||||
XMPP_INTERNAL_MUC_DOMAIN={{ matrix_jitsi_xmpp_internal_muc_domain }}
|
||||
|
||||
XMPP_MODULES=
|
||||
XMPP_MUC_MODULES=
|
||||
XMPP_INTERNAL_MUC_MODULES=
|
||||
|
||||
XMPP_RECORDER_DOMAIN={{ matrix_jitsi_recorder_domain }}
|
||||
|
||||
JICOFO_COMPONENT_SECRET={{ matrix_jitsi_jicofo_component_secret }}
|
||||
JICOFO_AUTH_USER={{ matrix_jitsi_jicofo_auth_user }}
|
||||
JICOFO_AUTH_PASSWORD={{ matrix_jitsi_jicofo_auth_password }}
|
||||
|
||||
JVB_AUTH_USER={{ matrix_jitsi_jvb_auth_user }}
|
||||
JVB_AUTH_PASSWORD={{ matrix_jitsi_jvb_auth_password }}
|
||||
|
||||
JIBRI_XMPP_USER={{ matrix_jitsi_jibri_xmpp_user }}
|
||||
JIBRI_XMPP_PASSWORD={{ matrix_jitsi_jibri_xmpp_password }}
|
||||
|
||||
JIBRI_RECORDER_USER={{ matrix_jitsi_jibri_recorder_user }}
|
||||
JIBRI_RECORDER_PASSWORD={{ matrix_jitsi_jibri_recorder_password }}
|
||||
|
||||
TZ={{ matrix_jitsi_timezone }}
|
@ -0,0 +1,31 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=Matrix jitsi-prosody server
|
||||
{% for service in matrix_jitsi_prosody_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStartPre=-/usr/bin/docker kill matrix-jitsi-prosody
|
||||
ExecStartPre=-/usr/bin/docker rm matrix-jitsi-prosody
|
||||
|
||||
ExecStart=/usr/bin/docker run --rm --name matrix-jitsi-prosody \
|
||||
--log-driver=none \
|
||||
--network={{ matrix_docker_network }} \
|
||||
--env-file={{ matrix_jitsi_prosody_base_path }}/env \
|
||||
-v {{ matrix_jitsi_prosody_config_path }}:/config \
|
||||
{% for arg in matrix_jitsi_prosody_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_jitsi_prosody_docker_image }}
|
||||
|
||||
ExecStop=-/usr/bin/docker kill matrix-jitsi-prosody
|
||||
ExecStop=-/usr/bin/docker rm matrix-jitsi-prosody
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-jitsi-prosody
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
486
roles/matrix-jitsi/templates/web/config.js.j2
Normal file
486
roles/matrix-jitsi/templates/web/config.js.j2
Normal file
@ -0,0 +1,486 @@
|
||||
/* eslint-disable no-unused-vars, no-var */
|
||||
|
||||
var config = {
|
||||
// Configuration
|
||||
//
|
||||
|
||||
// Alternative location for the configuration.
|
||||
// configLocation: './config.json',
|
||||
|
||||
// Custom function which given the URL path should return a room name.
|
||||
// getroomnode: function (path) { return 'someprefixpossiblybasedonpath'; },
|
||||
|
||||
|
||||
// Connection
|
||||
//
|
||||
|
||||
hosts: {
|
||||
// XMPP domain.
|
||||
domain: '{{ matrix_jitsi_xmpp_domain }}',
|
||||
|
||||
{% if matrix_jitsi_enable_guests %}
|
||||
// When using authentication, domain for guest users.
|
||||
anonymousdomain: 'guest.example.com',
|
||||
|
||||
// Domain for authenticated users. Defaults to <domain>.
|
||||
authdomain: '{{ matrix_jitsi_xmpp_domain }}',
|
||||
{% endif %}
|
||||
|
||||
// Jirecon recording component domain.
|
||||
// jirecon: 'jirecon.{{ matrix_jitsi_xmpp_domain }}',
|
||||
|
||||
// Call control component (Jigasi).
|
||||
// call_control: 'callcontrol.{{ matrix_jitsi_xmpp_domain }}',
|
||||
|
||||
// Focus component domain. Defaults to focus.<domain>.
|
||||
// focus: 'focus.{{ matrix_jitsi_xmpp_domain }}',
|
||||
|
||||
// XMPP MUC domain. FIXME: use XEP-0030 to discover it.
|
||||
muc: {{ matrix_jitsi_xmpp_muc_domain|to_json }},
|
||||
},
|
||||
|
||||
// BOSH URL. FIXME: use XEP-0156 to discover it.
|
||||
bosh: '/http-bind',
|
||||
|
||||
// The name of client node advertised in XEP-0115 'c' stanza
|
||||
clientNode: 'http://jitsi.org/jitsimeet',
|
||||
|
||||
// The real JID of focus participant - can be overridden here
|
||||
focusUserJid: {{ matrix_jitsi_jicofo_auth_user|to_json }} + '@' + {{ matrix_jitsi_xmpp_auth_domain|to_json }},
|
||||
|
||||
|
||||
// Testing / experimental features.
|
||||
//
|
||||
|
||||
testing: {
|
||||
// Enables experimental simulcast support on Firefox.
|
||||
enableFirefoxSimulcast: false,
|
||||
|
||||
// P2P test mode disables automatic switching to P2P when there are 2
|
||||
// participants in the conference.
|
||||
p2pTestMode: false
|
||||
|
||||
// Enables the test specific features consumed by jitsi-meet-torture
|
||||
// testMode: false
|
||||
},
|
||||
|
||||
// Disables ICE/UDP by filtering out local and remote UDP candidates in
|
||||
// signalling.
|
||||
// webrtcIceUdpDisable: false,
|
||||
|
||||
// Disables ICE/TCP by filtering out local and remote TCP candidates in
|
||||
// signalling.
|
||||
// webrtcIceTcpDisable: false,
|
||||
|
||||
|
||||
// Media
|
||||
//
|
||||
|
||||
// Audio
|
||||
|
||||
// Disable measuring of audio levels.
|
||||
// disableAudioLevels: false,
|
||||
|
||||
// Start the conference in audio only mode (no video is being received nor
|
||||
// sent).
|
||||
// startAudioOnly: false,
|
||||
|
||||
// Every participant after the Nth will start audio muted.
|
||||
// startAudioMuted: 10,
|
||||
|
||||
// Start calls with audio muted. Unlike the option above, this one is only
|
||||
// applied locally. FIXME: having these 2 options is confusing.
|
||||
// startWithAudioMuted: false,
|
||||
|
||||
// Enabling it (with #params) will disable local audio output of remote
|
||||
// participants and to enable it back a reload is needed.
|
||||
// startSilent: false
|
||||
|
||||
// Video
|
||||
|
||||
// Sets the preferred resolution (height) for local video. Defaults to 720.
|
||||
// resolution: 720,
|
||||
|
||||
// w3c spec-compliant video constraints to use for video capture. Currently
|
||||
// used by browsers that return true from lib-jitsi-meet's
|
||||
// util#browser#usesNewGumFlow. The constraints are independency from
|
||||
// this config's resolution value. Defaults to requesting an ideal aspect
|
||||
// ratio of 16:9 with an ideal resolution of 720.
|
||||
// constraints: {
|
||||
// video: {
|
||||
// aspectRatio: 16 / 9,
|
||||
// height: {
|
||||
// ideal: 720,
|
||||
// max: 720,
|
||||
// min: 240
|
||||
// }
|
||||
// }
|
||||
// },
|
||||
|
||||
// Enable / disable simulcast support.
|
||||
// disableSimulcast: false,
|
||||
|
||||
// Enable / disable layer suspension. If enabled, endpoints whose HD
|
||||
// layers are not in use will be suspended (no longer sent) until they
|
||||
// are requested again.
|
||||
// enableLayerSuspension: false,
|
||||
|
||||
// Suspend sending video if bandwidth estimation is too low. This may cause
|
||||
// problems with audio playback. Disabled until these are fixed.
|
||||
disableSuspendVideo: true,
|
||||
|
||||
// Every participant after the Nth will start video muted.
|
||||
// startVideoMuted: 10,
|
||||
|
||||
// Start calls with video muted. Unlike the option above, this one is only
|
||||
// applied locally. FIXME: having these 2 options is confusing.
|
||||
// startWithVideoMuted: false,
|
||||
|
||||
// If set to true, prefer to use the H.264 video codec (if supported).
|
||||
// Note that it's not recommended to do this because simulcast is not
|
||||
// supported when using H.264. For 1-to-1 calls this setting is enabled by
|
||||
// default and can be toggled in the p2p section.
|
||||
// preferH264: true,
|
||||
|
||||
// If set to true, disable H.264 video codec by stripping it out of the
|
||||
// SDP.
|
||||
// disableH264: false,
|
||||
|
||||
// Desktop sharing
|
||||
|
||||
// The ID of the jidesha extension for Chrome.
|
||||
desktopSharingChromeExtId: null,
|
||||
|
||||
// Whether desktop sharing should be disabled on Chrome.
|
||||
// desktopSharingChromeDisabled: false,
|
||||
|
||||
// The media sources to use when using screen sharing with the Chrome
|
||||
// extension.
|
||||
desktopSharingChromeSources: [ 'screen', 'window', 'tab' ],
|
||||
|
||||
// Required version of Chrome extension
|
||||
desktopSharingChromeMinExtVersion: '0.1',
|
||||
|
||||
// Whether desktop sharing should be disabled on Firefox.
|
||||
// desktopSharingFirefoxDisabled: false,
|
||||
|
||||
// Optional desktop sharing frame rate options. Default value: min:5, max:5.
|
||||
// desktopSharingFrameRate: {
|
||||
// min: 5,
|
||||
// max: 5
|
||||
// },
|
||||
|
||||
// Try to start calls with screen-sharing instead of camera video.
|
||||
// startScreenSharing: false,
|
||||
|
||||
// Recording
|
||||
hiddenDomain: {{ matrix_jitsi_recorder_domain|to_json }},
|
||||
|
||||
// Whether to enable file recording or not.
|
||||
fileRecordingsEnabled: {{ matrix_jitsi_enable_recording|to_json }},
|
||||
// Enable the dropbox integration.
|
||||
// dropbox: {
|
||||
// appKey: '<APP_KEY>' // Specify your app key here.
|
||||
// // A URL to redirect the user to, after authenticating
|
||||
// // by default uses:
|
||||
// // 'https://{{ matrix_jitsi_xmpp_domain }}/static/oauth.html'
|
||||
// redirectURI:
|
||||
// 'https://{{ matrix_jitsi_xmpp_domain }}/subfolder/static/oauth.html'
|
||||
// },
|
||||
// When integrations like dropbox are enabled only that will be shown,
|
||||
// by enabling fileRecordingsServiceEnabled, we show both the integrations
|
||||
// and the generic recording service (its configuration and storage type
|
||||
// depends on jibri configuration)
|
||||
// fileRecordingsServiceEnabled: false,
|
||||
// Whether to show the possibility to share file recording with other people
|
||||
// (e.g. meeting participants), based on the actual implementation
|
||||
// on the backend.
|
||||
// fileRecordingsServiceSharingEnabled: false,
|
||||
|
||||
// Whether to enable live streaming or not.
|
||||
liveStreamingEnabled: {{ matrix_jitsi_enable_recording|to_json }},
|
||||
|
||||
// Transcription (in interface_config,
|
||||
// subtitles and buttons can be configured)
|
||||
transcribingEnabled: {{ matrix_jitsi_enable_transcriptions|to_json }},
|
||||
|
||||
// Misc
|
||||
|
||||
// Default value for the channel "last N" attribute. -1 for unlimited.
|
||||
channelLastN: -1,
|
||||
|
||||
// Disables or enables RTX (RFC 4588) (defaults to false).
|
||||
// disableRtx: false,
|
||||
|
||||
// Disables or enables TCC (the default is in Jicofo and set to true)
|
||||
// (draft-holmer-rmcat-transport-wide-cc-extensions-01). This setting
|
||||
// affects congestion control, it practically enables send-side bandwidth
|
||||
// estimations.
|
||||
// enableTcc: true,
|
||||
|
||||
// Disables or enables REMB (the default is in Jicofo and set to false)
|
||||
// (draft-alvestrand-rmcat-remb-03). This setting affects congestion
|
||||
// control, it practically enables recv-side bandwidth estimations. When
|
||||
// both TCC and REMB are enabled, TCC takes precedence. When both are
|
||||
// disabled, then bandwidth estimations are disabled.
|
||||
// enableRemb: false,
|
||||
|
||||
// Defines the minimum number of participants to start a call (the default
|
||||
// is set in Jicofo and set to 2).
|
||||
// minParticipants: 2,
|
||||
|
||||
// Use XEP-0215 to fetch STUN and TURN servers.
|
||||
// useStunTurn: true,
|
||||
|
||||
// Enable IPv6 support.
|
||||
// useIPv6: true,
|
||||
|
||||
// Enables / disables a data communication channel with the Videobridge.
|
||||
// Values can be 'datachannel', 'websocket', true (treat it as
|
||||
// 'datachannel'), undefined (treat it as 'datachannel') and false (don't
|
||||
// open any channel).
|
||||
// openBridgeChannel: true,
|
||||
|
||||
|
||||
// UI
|
||||
//
|
||||
|
||||
// Use display name as XMPP nickname.
|
||||
// useNicks: false,
|
||||
|
||||
// Require users to always specify a display name.
|
||||
// requireDisplayName: true,
|
||||
|
||||
// Whether to use a welcome page or not. In case it's false a random room
|
||||
// will be joined when no room is specified.
|
||||
enableWelcomePage: true,
|
||||
|
||||
// Enabling the close page will ignore the welcome page redirection when
|
||||
// a call is hangup.
|
||||
// enableClosePage: false,
|
||||
|
||||
// Disable hiding of remote thumbnails when in a 1-on-1 conference call.
|
||||
// disable1On1Mode: false,
|
||||
|
||||
// Default language for the user interface.
|
||||
// defaultLanguage: 'en',
|
||||
|
||||
// If true all users without a token will be considered guests and all users
|
||||
// with token will be considered non-guests. Only guests will be allowed to
|
||||
// edit their profile.
|
||||
enableUserRolesBasedOnToken: false,
|
||||
|
||||
// Whether or not some features are checked based on token.
|
||||
// enableFeaturesBasedOnToken: false,
|
||||
|
||||
// Enable lock room for all moderators, even when userRolesBasedOnToken is enabled and participants are guests.
|
||||
// lockRoomGuestEnabled: false,
|
||||
|
||||
// When enabled the password used for locking a room is restricted to up to the number of digits specified
|
||||
// roomPasswordNumberOfDigits: 10,
|
||||
// default: roomPasswordNumberOfDigits: false,
|
||||
|
||||
// Message to show the users. Example: 'The service will be down for
|
||||
// maintenance at 01:00 AM GMT,
|
||||
// noticeMessage: '',
|
||||
|
||||
// Enables calendar integration, depends on googleApiApplicationClientID
|
||||
// and microsoftApiApplicationClientID
|
||||
// enableCalendarIntegration: false,
|
||||
|
||||
// Stats
|
||||
//
|
||||
|
||||
// Whether to enable stats collection or not in the TraceablePeerConnection.
|
||||
// This can be useful for debugging purposes (post-processing/analysis of
|
||||
// the webrtc stats) as it is done in the jitsi-meet-torture bandwidth
|
||||
// estimation tests.
|
||||
// gatherStats: false,
|
||||
|
||||
// To enable sending statistics to callstats.io you must provide the
|
||||
// Application ID and Secret.
|
||||
// callStatsID: '',
|
||||
// callStatsSecret: '',
|
||||
|
||||
// enables callstatsUsername to be reported as statsId and used
|
||||
// by callstats as repoted remote id
|
||||
// enableStatsID: false
|
||||
|
||||
// enables sending participants display name to callstats
|
||||
// enableDisplayNameInStats: false
|
||||
|
||||
|
||||
// Privacy
|
||||
//
|
||||
|
||||
// If third party requests are disabled, no other server will be contacted.
|
||||
// This means avatars will be locally generated and callstats integration
|
||||
// will not function.
|
||||
// disableThirdPartyRequests: false,
|
||||
|
||||
|
||||
// Peer-To-Peer mode: used (if enabled) when there are just 2 participants.
|
||||
//
|
||||
|
||||
p2p: {
|
||||
// Enables peer to peer mode. When enabled the system will try to
|
||||
// establish a direct connection when there are exactly 2 participants
|
||||
// in the room. If that succeeds the conference will stop sending data
|
||||
// through the JVB and use the peer to peer connection instead. When a
|
||||
// 3rd participant joins the conference will be moved back to the JVB
|
||||
// connection.
|
||||
enabled: true,
|
||||
|
||||
// Use XEP-0215 to fetch STUN and TURN servers.
|
||||
// useStunTurn: true,
|
||||
|
||||
// The STUN servers that will be used in the peer to peer connections
|
||||
{% if matrix_jitsi_web_stun_servers|length > 0 %}
|
||||
stunServers: [
|
||||
{% for url in matrix_jitsi_web_stun_servers %}
|
||||
{ urls: {{ url|to_json }} }{% if not loop.last %},{% endif %}
|
||||
{% endfor %}
|
||||
],
|
||||
{% endif %}
|
||||
|
||||
// Sets the ICE transport policy for the p2p connection. At the time
|
||||
// of this writing the list of possible values are 'all' and 'relay',
|
||||
// but that is subject to change in the future. The enum is defined in
|
||||
// the WebRTC standard:
|
||||
// https://www.w3.org/TR/webrtc/#rtcicetransportpolicy-enum.
|
||||
// If not set, the effective value is 'all'.
|
||||
// iceTransportPolicy: 'all',
|
||||
|
||||
// If set to true, it will prefer to use H.264 for P2P calls (if H.264
|
||||
// is supported).
|
||||
preferH264: true
|
||||
|
||||
// If set to true, disable H.264 video codec by stripping it out of the
|
||||
// SDP.
|
||||
// disableH264: false,
|
||||
|
||||
// How long we're going to wait, before going back to P2P after the 3rd
|
||||
// participant has left the conference (to filter out page reload).
|
||||
// backToP2PDelay: 5
|
||||
},
|
||||
|
||||
analytics: {
|
||||
// The Google Analytics Tracking ID:
|
||||
// googleAnalyticsTrackingId: 'your-tracking-id-UA-123456-1'
|
||||
|
||||
// The Amplitude APP Key:
|
||||
// amplitudeAPPKey: '<APP_KEY>'
|
||||
|
||||
// Array of script URLs to load as lib-jitsi-meet "analytics handlers".
|
||||
// scriptURLs: [
|
||||
// "libs/analytics-ga.min.js", // google-analytics
|
||||
// "https://example.com/my-custom-analytics.js"
|
||||
// ],
|
||||
},
|
||||
|
||||
// Information about the jitsi-meet instance we are connecting to, including
|
||||
// the user region as seen by the server.
|
||||
deploymentInfo: {
|
||||
// shard: "shard1",
|
||||
// region: "europe",
|
||||
// userRegion: "asia"
|
||||
}
|
||||
|
||||
// Local Recording
|
||||
//
|
||||
|
||||
// localRecording: {
|
||||
// Enables local recording.
|
||||
// Additionally, 'localrecording' (all lowercase) needs to be added to
|
||||
// TOOLBAR_BUTTONS in interface_config.js for the Local Recording
|
||||
// button to show up on the toolbar.
|
||||
//
|
||||
// enabled: true,
|
||||
//
|
||||
|
||||
// The recording format, can be one of 'ogg', 'flac' or 'wav'.
|
||||
// format: 'flac'
|
||||
//
|
||||
|
||||
// }
|
||||
|
||||
// Options related to end-to-end (participant to participant) ping.
|
||||
// e2eping: {
|
||||
// // The interval in milliseconds at which pings will be sent.
|
||||
// // Defaults to 10000, set to <= 0 to disable.
|
||||
// pingInterval: 10000,
|
||||
//
|
||||
// // The interval in milliseconds at which analytics events
|
||||
// // with the measured RTT will be sent. Defaults to 60000, set
|
||||
// // to <= 0 to disable.
|
||||
// analyticsInterval: 60000,
|
||||
// }
|
||||
|
||||
// If set, will attempt to use the provided video input device label when
|
||||
// triggering a screenshare, instead of proceeding through the normal flow
|
||||
// for obtaining a desktop stream.
|
||||
// NOTE: This option is experimental and is currently intended for internal
|
||||
// use only.
|
||||
// _desktopSharingSourceDevice: 'sample-id-or-label'
|
||||
|
||||
// If true, any checks to handoff to another application will be prevented
|
||||
// and instead the app will continue to display in the current browser.
|
||||
// disableDeepLinking: false
|
||||
|
||||
// A property to disable the right click context menu for localVideo
|
||||
// the menu has option to flip the locally seen video for local presentations
|
||||
// disableLocalVideoFlip: false
|
||||
|
||||
// List of undocumented settings used in jitsi-meet
|
||||
/**
|
||||
_immediateReloadThreshold
|
||||
autoRecord
|
||||
autoRecordToken
|
||||
debug
|
||||
debugAudioLevels
|
||||
deploymentInfo
|
||||
dialInConfCodeUrl
|
||||
dialInNumbersUrl
|
||||
dialOutAuthUrl
|
||||
dialOutCodesUrl
|
||||
disableRemoteControl
|
||||
displayJids
|
||||
etherpad_base
|
||||
externalConnectUrl
|
||||
firefox_fake_device
|
||||
googleApiApplicationClientID
|
||||
iAmRecorder
|
||||
iAmSipGateway
|
||||
microsoftApiApplicationClientID
|
||||
peopleSearchQueryTypes
|
||||
peopleSearchUrl
|
||||
requireDisplayName
|
||||
tokenAuthUrl
|
||||
*/
|
||||
|
||||
// List of undocumented settings used in lib-jitsi-meet
|
||||
/**
|
||||
_peerConnStatusOutOfLastNTimeout
|
||||
_peerConnStatusRtcMuteTimeout
|
||||
abTesting
|
||||
avgRtpStatsN
|
||||
callStatsConfIDNamespace
|
||||
callStatsCustomScriptUrl
|
||||
desktopSharingSources
|
||||
disableAEC
|
||||
disableAGC
|
||||
disableAP
|
||||
disableHPF
|
||||
disableNS
|
||||
enableLipSync
|
||||
enableTalkWhileMuted
|
||||
forceJVB121Ratio
|
||||
hiddenDomain
|
||||
ignoreStartMuted
|
||||
nick
|
||||
startBitrate
|
||||
*/
|
||||
|
||||
};
|
||||
|
||||
/* eslint-enable no-unused-vars, no-var */
|
28
roles/matrix-jitsi/templates/web/env.j2
Normal file
28
roles/matrix-jitsi/templates/web/env.j2
Normal file
@ -0,0 +1,28 @@
|
||||
ENABLE_AUTH={{ 1 if matrix_jitsi_enable_auth else 0 }}
|
||||
ENABLE_GUESTS={{ 1 if matrix_jitsi_enable_guests else 0 }}
|
||||
|
||||
ENABLE_TRANSCRIPTIONS={{ 1 if matrix_jitsi_enable_transcriptions else 0 }}
|
||||
|
||||
DISABLE_HTTPS=1
|
||||
|
||||
JICOFO_AUTH_USER={{ matrix_jitsi_jicofo_auth_user }}
|
||||
|
||||
PUBLIC_URL={{ matrix_jitsi_web_public_url }}
|
||||
|
||||
XMPP_DOMAIN={{ matrix_jitsi_xmpp_domain }}
|
||||
XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }}
|
||||
XMPP_BOSH_URL_BASE={{ matrix_jitsi_xmpp_bosh_url_base }}
|
||||
XMPP_GUEST_DOMAIN={{ matrix_jitsi_xmpp_guest_domain }}
|
||||
XMPP_MUC_DOMAIN={{ matrix_jitsi_xmpp_muc_domain }}
|
||||
XMPP_RECORDER_DOMAIN={{ matrix_jitsi_recorder_domain }}
|
||||
|
||||
TZ={{ matrix_jitsi_timezone }}
|
||||
|
||||
JIBRI_BREWERY_MUC={{ matrix_jitsi_jibri_brewery_muc }}
|
||||
JIBRI_PENDING_TIMEOUT={{ matrix_jitsi_jibri_pending_timeout }}
|
||||
JIBRI_XMPP_USER={{ matrix_jitsi_jibri_xmpp_user }}
|
||||
JIBRI_XMPP_PASSWORD={{ matrix_jitsi_jibri_xmpp_password }}
|
||||
JIBRI_RECORDER_USER={{ matrix_jitsi_jibri_recorder_user }}
|
||||
JIBRI_RECORDER_PASSWORD={{ matrix_jitsi_jibri_recorder_password }}
|
||||
|
||||
ENABLE_RECORDING={{ 1 if matrix_jitsi_enable_recording else 0 }}
|
230
roles/matrix-jitsi/templates/web/interface_config.js.j2
Normal file
230
roles/matrix-jitsi/templates/web/interface_config.js.j2
Normal file
@ -0,0 +1,230 @@
|
||||
/* eslint-disable no-unused-vars, no-var, max-len */
|
||||
|
||||
var interfaceConfig = {
|
||||
// TO FIX: this needs to be handled from SASS variables. There are some
|
||||
// methods allowing to use variables both in css and js.
|
||||
DEFAULT_BACKGROUND: '#474747',
|
||||
|
||||
/**
|
||||
* Whether or not the blurred video background for large video should be
|
||||
* displayed on browsers that can support it.
|
||||
*/
|
||||
DISABLE_VIDEO_BACKGROUND: false,
|
||||
|
||||
INITIAL_TOOLBAR_TIMEOUT: 20000,
|
||||
TOOLBAR_TIMEOUT: 4000,
|
||||
TOOLBAR_ALWAYS_VISIBLE: false,
|
||||
DEFAULT_REMOTE_DISPLAY_NAME: 'Fellow Jitster',
|
||||
DEFAULT_LOCAL_DISPLAY_NAME: 'me',
|
||||
SHOW_JITSI_WATERMARK: true,
|
||||
JITSI_WATERMARK_LINK: 'https://jitsi.org',
|
||||
|
||||
// if watermark is disabled by default, it can be shown only for guests
|
||||
SHOW_WATERMARK_FOR_GUESTS: true,
|
||||
SHOW_BRAND_WATERMARK: false,
|
||||
BRAND_WATERMARK_LINK: '',
|
||||
SHOW_POWERED_BY: false,
|
||||
SHOW_DEEP_LINKING_IMAGE: false,
|
||||
GENERATE_ROOMNAMES_ON_WELCOME_PAGE: true,
|
||||
DISPLAY_WELCOME_PAGE_CONTENT: true,
|
||||
APP_NAME: 'Jitsi Meet',
|
||||
NATIVE_APP_NAME: 'Jitsi Meet',
|
||||
PROVIDER_NAME: 'Jitsi',
|
||||
LANG_DETECTION: false, // Allow i18n to detect the system language
|
||||
INVITATION_POWERED_BY: true,
|
||||
|
||||
/**
|
||||
* If we should show authentication block in profile
|
||||
*/
|
||||
AUTHENTICATION_ENABLE: true,
|
||||
|
||||
/**
|
||||
* The name of the toolbar buttons to display in the toolbar. If present,
|
||||
* the button will display. Exceptions are "livestreaming" and "recording"
|
||||
* which also require being a moderator and some values in config.js to be
|
||||
* enabled. Also, the "profile" button will not display for user's with a
|
||||
* jwt.
|
||||
*/
|
||||
TOOLBAR_BUTTONS: [
|
||||
{% if matrix_jitsi_enable_transcriptions %}
|
||||
'closedcaptions',
|
||||
{% endif %}
|
||||
|
||||
'microphone', 'camera', 'desktop', 'fullscreen',
|
||||
'fodeviceselection', 'hangup', 'profile', 'info', 'chat', 'recording',
|
||||
'livestreaming', 'etherpad', 'sharedvideo', 'settings', 'raisehand',
|
||||
'videoquality', 'filmstrip', 'invite', 'feedback', 'stats', 'shortcuts',
|
||||
'tileview', 'videobackgroundblur'
|
||||
],
|
||||
|
||||
SETTINGS_SECTIONS: [ 'devices', 'language', 'moderator', 'profile', 'calendar' ],
|
||||
|
||||
// Determines how the video would fit the screen. 'both' would fit the whole
|
||||
// screen, 'height' would fit the original video height to the height of the
|
||||
// screen, 'width' would fit the original video width to the width of the
|
||||
// screen respecting ratio.
|
||||
VIDEO_LAYOUT_FIT: 'both',
|
||||
|
||||
/**
|
||||
* Whether to only show the filmstrip (and hide the toolbar).
|
||||
*/
|
||||
filmStripOnly: false,
|
||||
|
||||
/**
|
||||
* Whether to show thumbnails in filmstrip as a column instead of as a row.
|
||||
*/
|
||||
VERTICAL_FILMSTRIP: true,
|
||||
|
||||
// A html text to be shown to guests on the close page, false disables it
|
||||
CLOSE_PAGE_GUEST_HINT: false,
|
||||
RANDOM_AVATAR_URL_PREFIX: false,
|
||||
RANDOM_AVATAR_URL_SUFFIX: false,
|
||||
FILM_STRIP_MAX_HEIGHT: 120,
|
||||
|
||||
// Enables feedback star animation.
|
||||
ENABLE_FEEDBACK_ANIMATION: false,
|
||||
DISABLE_FOCUS_INDICATOR: false,
|
||||
DISABLE_DOMINANT_SPEAKER_INDICATOR: false,
|
||||
|
||||
/**
|
||||
* Whether the speech to text transcription subtitles panel is disabled.
|
||||
* If {@code undefined}, defaults to {@code false}.
|
||||
*
|
||||
* @type {boolean}
|
||||
*/
|
||||
DISABLE_TRANSCRIPTION_SUBTITLES: false,
|
||||
|
||||
/**
|
||||
* Whether the ringing sound in the call/ring overlay is disabled. If
|
||||
* {@code undefined}, defaults to {@code false}.
|
||||
*
|
||||
* @type {boolean}
|
||||
*/
|
||||
DISABLE_RINGING: false,
|
||||
AUDIO_LEVEL_PRIMARY_COLOR: 'rgba(255,255,255,0.4)',
|
||||
AUDIO_LEVEL_SECONDARY_COLOR: 'rgba(255,255,255,0.2)',
|
||||
POLICY_LOGO: null,
|
||||
LOCAL_THUMBNAIL_RATIO: 16 / 9, // 16:9
|
||||
REMOTE_THUMBNAIL_RATIO: 1, // 1:1
|
||||
// Documentation reference for the live streaming feature.
|
||||
LIVE_STREAMING_HELP_LINK: 'https://jitsi.org/live',
|
||||
|
||||
/**
|
||||
* Whether the mobile app Jitsi Meet is to be promoted to participants
|
||||
* attempting to join a conference in a mobile Web browser. If
|
||||
* {@code undefined}, defaults to {@code true}.
|
||||
*
|
||||
* @type {boolean}
|
||||
*/
|
||||
MOBILE_APP_PROMO: true,
|
||||
|
||||
/**
|
||||
* Maximum coeficient of the ratio of the large video to the visible area
|
||||
* after the large video is scaled to fit the window.
|
||||
*
|
||||
* @type {number}
|
||||
*/
|
||||
MAXIMUM_ZOOMING_COEFFICIENT: 1.3,
|
||||
|
||||
/*
|
||||
* If indicated some of the error dialogs may point to the support URL for
|
||||
* help.
|
||||
*/
|
||||
SUPPORT_URL: 'https://github.com/jitsi/jitsi-meet/issues/new',
|
||||
|
||||
/**
|
||||
* Whether the connection indicator icon should hide itself based on
|
||||
* connection strength. If true, the connection indicator will remain
|
||||
* displayed while the participant has a weak connection and will hide
|
||||
* itself after the CONNECTION_INDICATOR_HIDE_TIMEOUT when the connection is
|
||||
* strong.
|
||||
*
|
||||
* @type {boolean}
|
||||
*/
|
||||
CONNECTION_INDICATOR_AUTO_HIDE_ENABLED: true,
|
||||
|
||||
/**
|
||||
* How long the connection indicator should remain displayed before hiding.
|
||||
* Used in conjunction with CONNECTION_INDICATOR_AUTOHIDE_ENABLED.
|
||||
*
|
||||
* @type {number}
|
||||
*/
|
||||
CONNECTION_INDICATOR_AUTO_HIDE_TIMEOUT: 5000,
|
||||
|
||||
/**
|
||||
* If true, hides the connection indicators completely.
|
||||
*
|
||||
* @type {boolean}
|
||||
*/
|
||||
CONNECTION_INDICATOR_DISABLED: false,
|
||||
|
||||
/**
|
||||
* If true, hides the video quality label indicating the resolution status
|
||||
* of the current large video.
|
||||
*
|
||||
* @type {boolean}
|
||||
*/
|
||||
VIDEO_QUALITY_LABEL_DISABLED: false,
|
||||
|
||||
/**
|
||||
* If true, will display recent list
|
||||
*
|
||||
* @type {boolean}
|
||||
*/
|
||||
RECENT_LIST_ENABLED: true,
|
||||
|
||||
// Names of browsers which should show a warning stating the current browser
|
||||
// has a suboptimal experience. Browsers which are not listed as optimal or
|
||||
// unsupported are considered suboptimal. Valid values are:
|
||||
// chrome, chromium, edge, electron, firefox, nwjs, opera, safari
|
||||
OPTIMAL_BROWSERS: [ 'chrome', 'chromium', 'firefox', 'nwjs', 'electron' ],
|
||||
|
||||
// Browsers, in addition to those which do not fully support WebRTC, that
|
||||
// are not supported and should show the unsupported browser page.
|
||||
UNSUPPORTED_BROWSERS: [],
|
||||
|
||||
/**
|
||||
* A UX mode where the last screen share participant is automatically
|
||||
* pinned. Valid values are the string "remote-only" so remote participants
|
||||
* get pinned but not local, otherwise any truthy value for all participants,
|
||||
* and any falsy value to disable the feature.
|
||||
*
|
||||
* Note: this mode is experimental and subject to breakage.
|
||||
*/
|
||||
AUTO_PIN_LATEST_SCREEN_SHARE: 'remote-only'
|
||||
|
||||
/**
|
||||
* How many columns the tile view can expand to. The respected range is
|
||||
* between 1 and 5.
|
||||
*/
|
||||
// TILE_VIEW_MAX_COLUMNS: 5,
|
||||
|
||||
/**
|
||||
* Specify custom URL for downloading android mobile app.
|
||||
*/
|
||||
// MOBILE_DOWNLOAD_LINK_ANDROID: 'https://play.google.com/store/apps/details?id=org.jitsi.meet',
|
||||
|
||||
/**
|
||||
* Specify URL for downloading ios mobile app.
|
||||
*/
|
||||
// MOBILE_DOWNLOAD_LINK_IOS: 'https://itunes.apple.com/us/app/jitsi-meet/id1165103905',
|
||||
|
||||
/**
|
||||
* Specify mobile app scheme for opening the app from the mobile browser.
|
||||
*/
|
||||
// APP_SCHEME: 'org.jitsi.meet',
|
||||
|
||||
/**
|
||||
* Specify the Android app package name.
|
||||
*/
|
||||
// ANDROID_APP_PACKAGE: 'org.jitsi.meet',
|
||||
|
||||
/**
|
||||
* Override the behavior of some notifications to remain displayed until
|
||||
* explicitly dismissed through a user action. The value is how long, in
|
||||
* milliseconds, those notifications should remain displayed.
|
||||
*/
|
||||
// ENFORCE_NOTIFICATION_AUTO_DISMISS_TIMEOUT: 15000,
|
||||
};
|
||||
|
||||
/* eslint-enable no-unused-vars, no-var, max-len */
|
35
roles/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2
Normal file
35
roles/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2
Normal file
@ -0,0 +1,35 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=Matrix jitsi-web server
|
||||
{% for service in matrix_jitsi_web_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStartPre=-/usr/bin/docker kill matrix-jitsi-web
|
||||
ExecStartPre=-/usr/bin/docker rm matrix-jitsi-web
|
||||
|
||||
ExecStart=/usr/bin/docker run --rm --name matrix-jitsi-web \
|
||||
--log-driver=none \
|
||||
--network={{ matrix_docker_network }} \
|
||||
--env-file={{ matrix_jitsi_web_base_path }}/env \
|
||||
{% if matrix_jitsi_web_container_http_host_bind_port %}
|
||||
-p {{ matrix_jitsi_web_container_http_host_bind_port }}:80 \
|
||||
{% endif %}
|
||||
-v {{ matrix_jitsi_web_config_path }}:/config \
|
||||
-v {{ matrix_jitsi_web_transcripts_path }}:/usr/share/jitsi-meet/transcripts \
|
||||
{% for arg in matrix_jitsi_web_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_jitsi_web_docker_image }}
|
||||
|
||||
ExecStop=-/usr/bin/docker kill matrix-jitsi-web
|
||||
ExecStop=-/usr/bin/docker rm matrix-jitsi-web
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-jitsi-web
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
@ -105,6 +105,10 @@ matrix_nginx_proxy_proxy_matrix_hostname: "{{ matrix_server_fqn_matrix }}"
|
||||
matrix_nginx_proxy_proxy_dimension_enabled: false
|
||||
matrix_nginx_proxy_proxy_dimension_hostname: "{{ matrix_server_fqn_dimension }}"
|
||||
|
||||
# Controls whether proxying the jitsi domain should be done.
|
||||
matrix_nginx_proxy_proxy_jitsi_enabled: false
|
||||
matrix_nginx_proxy_proxy_jitsi_hostname: "{{ matrix_server_fqn_jitsi }}"
|
||||
|
||||
# Controls whether proxying for the matrix-corporal API (`/_matrix/corporal`) should be done (on the matrix domain)
|
||||
matrix_nginx_proxy_proxy_matrix_corporal_api_enabled: false
|
||||
matrix_nginx_proxy_proxy_matrix_corporal_api_addr_with_container: "matrix-corporal:41081"
|
||||
@ -164,6 +168,9 @@ matrix_nginx_proxy_proxy_riot_additional_server_configuration_blocks: []
|
||||
# A list of strings containing additional configuration blocks to add to the matrix dimension's server configuration.
|
||||
matrix_nginx_proxy_proxy_dimension_additional_server_configuration_blocks: []
|
||||
|
||||
# A list of strings containing additional configuration blocks to add to the jitsi's server configuration.
|
||||
matrix_nginx_proxy_proxy_jitsi_additional_server_configuration_blocks: []
|
||||
|
||||
# A list of strings containing additional configuration blocks to add to the matrix domain server configuration.
|
||||
matrix_nginx_proxy_proxy_domain_additional_server_configuration_blocks: []
|
||||
|
||||
|
@ -66,6 +66,13 @@
|
||||
mode: 0644
|
||||
when: matrix_nginx_proxy_proxy_dimension_enabled|bool
|
||||
|
||||
- name: Ensure Matrix nginx-proxy configuration for jitsi domain exists
|
||||
template:
|
||||
src: "{{ role_path }}/templates/nginx/conf.d/matrix-jitsi.conf.j2"
|
||||
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-jitsi.conf"
|
||||
mode: 0644
|
||||
when: matrix_nginx_proxy_proxy_jitsi_enabled|bool
|
||||
|
||||
- name: Ensure Matrix nginx-proxy data directory for base domain exists
|
||||
file:
|
||||
path: "{{ matrix_nginx_proxy_data_path }}/matrix-domain"
|
||||
@ -163,6 +170,12 @@
|
||||
state: absent
|
||||
when: "not matrix_nginx_proxy_proxy_dimension_enabled|bool"
|
||||
|
||||
- name: Ensure Matrix nginx-proxy configuration for jitsi domain deleted
|
||||
file:
|
||||
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-jitsi.conf"
|
||||
state: absent
|
||||
when: "not matrix_nginx_proxy_proxy_jitsi_enabled|bool"
|
||||
|
||||
- name: Ensure Matrix nginx-proxy homepage for base domain deleted
|
||||
file:
|
||||
path: "{{ matrix_nginx_proxy_data_path }}/matrix-domain/index.html"
|
||||
|
@ -0,0 +1,72 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
|
||||
{% macro render_vhost_directives() %}
|
||||
gzip on;
|
||||
gzip_types text/plain application/json application/javascript text/css image/x-icon font/ttf image/gif;
|
||||
{% for configuration_block in matrix_nginx_proxy_proxy_jitsi_additional_server_configuration_blocks %}
|
||||
{{- configuration_block }}
|
||||
{% endfor %}
|
||||
|
||||
location / {
|
||||
{% if matrix_nginx_proxy_enabled %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "matrix-jitsi-web:80";
|
||||
proxy_pass http://$backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:12080;
|
||||
{% endif %}
|
||||
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
}
|
||||
{% endmacro %}
|
||||
|
||||
server {
|
||||
listen {{ 8080 if matrix_nginx_proxy_enabled else 80 }};
|
||||
server_name {{ matrix_nginx_proxy_proxy_jitsi_hostname }};
|
||||
|
||||
server_tokens off;
|
||||
root /dev/null;
|
||||
|
||||
{% if matrix_nginx_proxy_https_enabled %}
|
||||
location /.well-known/acme-challenge {
|
||||
{% if matrix_nginx_proxy_enabled %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "matrix-certbot:8080";
|
||||
proxy_pass http://$backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_ssl_lets_encrypt_certbot_standalone_http_port }};
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
location / {
|
||||
return 301 https://$http_host$request_uri;
|
||||
}
|
||||
{% else %}
|
||||
{{ render_vhost_directives() }}
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
{% if matrix_nginx_proxy_https_enabled %}
|
||||
server {
|
||||
listen {{ 8443 if matrix_nginx_proxy_enabled else 443 }} ssl http2;
|
||||
listen [::]:{{ 8443 if matrix_nginx_proxy_enabled else 443 }} ssl http2;
|
||||
|
||||
server_name {{ matrix_nginx_proxy_proxy_dimension_hostname }};
|
||||
|
||||
server_tokens off;
|
||||
root /dev/null;
|
||||
|
||||
ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_jitsi_hostname }}/fullchain.pem;
|
||||
ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_jitsi_hostname }}/privkey.pem;
|
||||
ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }};
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
|
||||
|
||||
{{ render_vhost_directives() }}
|
||||
}
|
||||
{% endif %}
|
@ -58,6 +58,8 @@ matrix_riot_web_branding_welcomeBackgroundUrl: ~
|
||||
# point this to a `home.html` template file on your local filesystem.
|
||||
matrix_riot_web_embedded_pages_home_path: ~
|
||||
|
||||
matrix_riot_web_jitsi_preferredDomain: ''
|
||||
|
||||
# Controls whether the self-check feature should validate SSL certificates.
|
||||
matrix_riot_web_self_check_validate_certificates: true
|
||||
|
||||
|
@ -30,6 +30,12 @@
|
||||
"embeddedPages": {
|
||||
"homeUrl": {{ matrix_riot_web_embedded_pages_home_url|string|to_json }}
|
||||
},
|
||||
{% if matrix_riot_web_jitsi_preferredDomain is not none %}
|
||||
"jitsi": {
|
||||
"preferredDomain": {{ matrix_riot_web_jitsi_preferredDomain|to_json }},
|
||||
"externalApiUrl": "https://{{ matrix_riot_web_jitsi_preferredDomain }}/libs/external_api.min.js"
|
||||
},
|
||||
{% endif %}
|
||||
"branding": {
|
||||
"authFooterLinks": {{ matrix_riot_web_branding_authFooterLinks|to_json }},
|
||||
"authHeaderLogoUrl": {{ matrix_riot_web_branding_authHeaderLogoUrl|to_json }},
|
||||
|
Loading…
Reference in New Issue
Block a user