aboutsummaryrefslogtreecommitdiff
path: root/app/jitsi/config/prosody.cfg.lua
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2022-08-24 15:42:47 +0200
committerAlex Auvolat <alex@adnab.me>2022-08-24 15:42:47 +0200
commit2e8923b383eb06c53261eee8e5c442b857fb67e4 (patch)
tree0ad148f75f7b54dfed2dbac8f43f6df9badc502a /app/jitsi/config/prosody.cfg.lua
parent9848f3090f77363a2fda0f9fa673ebcf1fb8228c (diff)
downloadnixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.tar.gz
nixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.zip
Move app files into cluster subdirectories; add prod garage
Diffstat (limited to 'app/jitsi/config/prosody.cfg.lua')
-rw-r--r--app/jitsi/config/prosody.cfg.lua135
1 files changed, 0 insertions, 135 deletions
diff --git a/app/jitsi/config/prosody.cfg.lua b/app/jitsi/config/prosody.cfg.lua
deleted file mode 100644
index 7141f8b..0000000
--- a/app/jitsi/config/prosody.cfg.lua
+++ /dev/null
@@ -1,135 +0,0 @@
-modules_enabled = {
- "roster"; -- Allow users to have a roster. Recommended ;)
- "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.
- "tls"; -- Add support for secure TLS on c2s/s2s connections
- "dialback"; -- s2s dialback support
- "disco"; -- Service discovery
- "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
- "version"; -- Replies to server version requests
- "uptime"; -- Report how long server has been running
- "time"; -- Let others know the time here on this server
- "ping"; -- Replies to XMPP pings with pongs
- "pep"; -- Enables users to publish their mood, activity, playing music and more
- -- jitsi
- --"smacks"; -- not shipped with prosody
- "carbons";
- "mam";
- "lastactivity";
- "offline";
- "pubsub";
- "adhoc";
- "websocket";
- --"http_altconnect"; -- not shipped with prosody
-}
-modules_disabled = { "s2s" }
-
-plugin_paths = { "/usr/share/jitsi-meet/prosody-plugins/" }
-
-log = {
- --log less on console with warn="*console"; or err="*console" or more with debug="*console"
- info="*console";
-}
-daemonize = false
-use_libevent = true
-
--- domain mapper options, must at least have domain base set to use the mapper
-muc_mapper_domain_base = "jitsi.deuxfleurs.fr";
-
---@FIXME would be great to configure it
---turncredentials_secret = "__turnSecret__";
-
---turncredentials = {
--- { type = "stun", host = "jitmeet.example.com", port = "3478" },
--- { type = "turn", host = "jitmeet.example.com", port = "3478", transport = "udp" },
--- { type = "turns", host = "jitmeet.example.com", port = "5349", transport = "tcp" }
---};
-
-cross_domain_bosh = false;
-consider_bosh_secure = true;
-component_ports = { } -- it seems we don't need external components for now...
-https_ports = { } -- we don't need https
-http_ports = { {{env "NOMAD_PORT_bosh_port" }} }
-c2s_ports = { {{env "NOMAD_PORT_xmpp_port" }} }
-
-
--- https://ssl-config.mozilla.org/#server=haproxy&version=2.1&config=intermediate&openssl=1.1.0g&guideline=5.4
-ssl = {
- protocol = "tlsv1_2+";
- ciphers = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"
-}
-
-VirtualHost "jitsi"
- enabled = true -- Remove this line to enable this host
- authentication = "anonymous"
- -- Properties below are modified by jitsi-meet-tokens package config
- -- and authentication above is switched to "token"
- --app_id="example_app_id"
- --app_secret="example_app_secret"
- -- Assign this host a certificate for TLS, otherwise it would use the one
- -- set in the global section (if any).
- -- Note that old-style SSL on port 5223 only supports one certificate, and will always
- -- use the global one.
- ssl = {
- key = "/var/lib/prosody/jitsi.key";
- certificate = "/var/lib/prosody/jitsi.crt";
- }
- speakerstats_component = "speakerstats.jitsi"
- conference_duration_component = "conferenceduration.jitsi"
- -- we need bosh
- modules_enabled = {
- "bosh";
- "pubsub";
- "ping"; -- Enable mod_ping
- "speakerstats";
- --"turncredentials"; not supported yet
- "conference_duration";
- "muc_lobby_rooms";
- }
- c2s_require_encryption = false
- lobby_muc = "lobby.jitsi"
- main_muc = "conference.jitsi"
- -- muc_lobby_whitelist = { "recorder.jitmeet.example.com" } -- Here we can whitelist jibri to enter lobby enabled rooms
-
-Component "conference.jitsi" "muc"
- storage = "memory"
- modules_enabled = {
- "muc_meeting_id";
- "muc_domain_mapper";
- --"token_verification";
- }
- admins = { "focus@auth.jitsi" }
- muc_room_locking = false
- muc_room_default_public_jids = true
-
--- internal muc component
-Component "internal.auth.jitsi" "muc"
- storage = "memory"
- modules_enabled = {
- "ping";
- }
- admins = { "focus@auth.jitsi", "jvb@auth.jitsi" }
- muc_room_locking = false
- muc_room_default_public_jids = true
-
-VirtualHost "auth.jitsi"
- ssl = {
- key = "/var/lib/prosody/auth.jitsi.key";
- certificate = "/var/lib/prosody/auth.jitsi.crt";
- }
- authentication = "internal_plain"
-
-Component "focus.jitsi" "client_proxy"
- target_address = "focus@auth.jitsi"
-
-Component "speakerstats.jitsi" "speakerstats_component"
- muc_component = "conference.jitsi"
-
-Component "conferenceduration.jitsi" "conference_duration_component"
- muc_component = "conference.jitsi"
-
-Component "lobby.jitsi" "muc"
- storage = "memory"
- restrict_room_creation = true
- muc_room_locking = false
- muc_room_default_public_jids = true
-