aboutsummaryrefslogtreecommitdiff
path: root/app/jitsi/config
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2022-08-24 15:42:47 +0200
committerAlex Auvolat <alex@adnab.me>2022-08-24 15:42:47 +0200
commit2e8923b383eb06c53261eee8e5c442b857fb67e4 (patch)
tree0ad148f75f7b54dfed2dbac8f43f6df9badc502a /app/jitsi/config
parent9848f3090f77363a2fda0f9fa673ebcf1fb8228c (diff)
downloadnixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.tar.gz
nixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.zip
Move app files into cluster subdirectories; add prod garage
Diffstat (limited to 'app/jitsi/config')
-rw-r--r--app/jitsi/config/config.js773
-rw-r--r--app/jitsi/config/jicofo.conf273
-rw-r--r--app/jitsi/config/nginx.conf133
-rw-r--r--app/jitsi/config/prosody.cfg.lua135
-rw-r--r--app/jitsi/config/videobridge.conf290
5 files changed, 0 insertions, 1604 deletions
diff --git a/app/jitsi/config/config.js b/app/jitsi/config/config.js
deleted file mode 100644
index 9464f37..0000000
--- a/app/jitsi/config/config.js
+++ /dev/null
@@ -1,773 +0,0 @@
-/* eslint-disable no-unused-vars, no-var */
-
-var config = {
- // Connection
- //
-
- hosts: {
- // XMPP domain.
- domain: 'jitsi',
-
- // When using authentication, domain for guest users.
- // anonymousdomain: 'guest.example.com',
-
- // Domain for authenticated users. Defaults to <domain>.
- // authdomain: 'jitsi-meet.example.com',
-
- // Focus component domain. Defaults to focus.<domain>.
- // focus: 'focus.jitsi-meet.example.com',
-
- // XMPP MUC domain. FIXME: use XEP-0030 to discover it.
- muc: 'conference.jitsi'
- },
-
- // BOSH URL. FIXME: use XEP-0156 to discover it.
- bosh: '//jitsi.deuxfleurs.fr/http-bind',
-
- // Websocket URL
- // websocket: 'wss://jitsi-meet.example.com/xmpp-websocket',
-
- // The name of client node advertised in XEP-0115 'c' stanza
- clientNode: 'http://jitsi.org/jitsimeet',
-
- // The real JID of focus participant - can be overridden here
- // Do not change username - FIXME: Make focus username configurable
- // https://github.com/jitsi/jitsi-meet/issues/7376
- // focusUserJid: 'focus@auth.jitsi-meet.example.com',
-
-
- // Testing / experimental features.
- //
-
- testing: {
- // Disables the End to End Encryption feature. Useful for debugging
- // issues related to insertable streams.
- // disableE2EE: false,
-
- // P2P test mode disables automatic switching to P2P when there are 2
- // participants in the conference.
- p2pTestMode: false
-
- // Enables the test specific features consumed by jitsi-meet-torture
- // testMode: false
-
- // Disables the auto-play behavior of *all* newly created video element.
- // This is useful when the client runs on a host with limited resources.
- // noAutoPlayVideo: false
-
- // Enable / disable 500 Kbps bitrate cap on desktop tracks. When enabled,
- // simulcast is turned off for the desktop share. If presenter is turned
- // on while screensharing is in progress, the max bitrate is automatically
- // adjusted to 2.5 Mbps. This takes a value between 0 and 1 which determines
- // the probability for this to be enabled.
- // capScreenshareBitrate: 1 // 0 to disable
-
- // Enable callstats only for a percentage of users.
- // This takes a value between 0 and 100 which determines the probability for
- // the callstats to be enabled.
- // callStatsThreshold: 5 // enable callstats for 5% of the users.
- },
-
- // Disables ICE/UDP by filtering out local and remote UDP candidates in
- // signalling.
- // webrtcIceUdpDisable: false,
-
- // Disables ICE/TCP by filtering out local and remote TCP candidates in
- // signalling.
- // webrtcIceTcpDisable: false,
-
-
- // Media
- //
-
- // Audio
-
- // Disable measuring of audio levels.
- // disableAudioLevels: false,
- // audioLevelsInterval: 200,
-
- // Enabling this will run the lib-jitsi-meet no audio detection module which
- // will notify the user if the current selected microphone has no audio
- // input and will suggest another valid device if one is present.
- enableNoAudioDetection: true,
-
- // Enabling this will show a "Save Logs" link in the GSM popover that can be
- // used to collect debug information (XMPP IQs, SDP offer/answer cycles)
- // about the call.
- // enableSaveLogs: false,
-
- // Enabling this will run the lib-jitsi-meet noise detection module which will
- // notify the user if there is noise, other than voice, coming from the current
- // selected microphone. The purpose it to let the user know that the input could
- // be potentially unpleasant for other meeting participants.
- enableNoisyMicDetection: false,
-
- // Start the conference in audio only mode (no video is being received nor
- // sent).
- startAudioOnly: false,
-
- // Every participant after the Nth will start audio muted.
- startAudioMuted: 5,
-
- // Start calls with audio muted. Unlike the option above, this one is only
- // applied locally. FIXME: having these 2 options is confusing.
- // startWithAudioMuted: false,
-
- // Enabling it (with #params) will disable local audio output of remote
- // participants and to enable it back a reload is needed.
- // startSilent: false
-
- // Sets the preferred target bitrate for the Opus audio codec by setting its
- // 'maxaveragebitrate' parameter. Currently not available in p2p mode.
- // Valid values are in the range 6000 to 510000
- // opusMaxAverageBitrate: 20000,
-
- // Enables support for opus-red (redundancy for Opus).
- // enableOpusRed: false
-
- // Video
-
- // Sets the preferred resolution (height) for local video. Defaults to 720.
- // resolution: 720,
-
- // How many participants while in the tile view mode, before the receiving video quality is reduced from HD to SD.
- // Use -1 to disable.
- // maxFullResolutionParticipants: 2,
-
- // w3c spec-compliant video constraints to use for video capture. Currently
- // used by browsers that return true from lib-jitsi-meet's
- // util#browser#usesNewGumFlow. The constraints are independent from
- // this config's resolution value. Defaults to requesting an ideal
- // resolution of 720p.
- // constraints: {
- // video: {
- // height: {
- // ideal: 720,
- // max: 720,
- // min: 240
- // }
- // }
- // },
-
- // Enable / disable simulcast support.
- // disableSimulcast: false,
-
- // Enable / disable layer suspension. If enabled, endpoints whose HD
- // layers are not in use will be suspended (no longer sent) until they
- // are requested again.
- // enableLayerSuspension: false,
-
- // Every participant after the Nth will start video muted.
- startVideoMuted: 5,
-
- // Start calls with video muted. Unlike the option above, this one is only
- // applied locally. FIXME: having these 2 options is confusing.
- // startWithVideoMuted: false,
-
- // If set to true, prefer to use the H.264 video codec (if supported).
- // Note that it's not recommended to do this because simulcast is not
- // supported when using H.264. For 1-to-1 calls this setting is enabled by
- // default and can be toggled in the p2p section.
- // This option has been deprecated, use preferredCodec under videoQuality section instead.
- // preferH264: true,
-
- // If set to true, disable H.264 video codec by stripping it out of the
- // SDP.
- // disableH264: false,
-
- // Desktop sharing
-
- // Optional desktop sharing frame rate options. Default value: min:5, max:5.
- // desktopSharingFrameRate: {
- // min: 5,
- // max: 5
- // },
-
- // Try to start calls with screen-sharing instead of camera video.
- // startScreenSharing: false,
-
- // Recording
-
- // Whether to enable file recording or not.
- // fileRecordingsEnabled: false,
- // Enable the dropbox integration.
- // dropbox: {
- // appKey: '<APP_KEY>' // Specify your app key here.
- // // A URL to redirect the user to, after authenticating
- // // by default uses:
- // // 'https://jitsi-meet.example.com/static/oauth.html'
- // redirectURI:
- // 'https://jitsi-meet.example.com/subfolder/static/oauth.html'
- // },
- // When integrations like dropbox are enabled only that will be shown,
- // by enabling fileRecordingsServiceEnabled, we show both the integrations
- // and the generic recording service (its configuration and storage type
- // depends on jibri configuration)
- // fileRecordingsServiceEnabled: false,
- // Whether to show the possibility to share file recording with other people
- // (e.g. meeting participants), based on the actual implementation
- // on the backend.
- // fileRecordingsServiceSharingEnabled: false,
-
- // Whether to enable live streaming or not.
- // liveStreamingEnabled: false,
-
- // Transcription (in interface_config,
- // subtitles and buttons can be configured)
- // transcribingEnabled: false,
-
- // Enables automatic turning on captions when recording is started
- // autoCaptionOnRecord: false,
-
- // Misc
-
- // Default value for the channel "last N" attribute. -1 for unlimited.
- channelLastN: -1,
-
- // Provides a way to use different "last N" values based on the number of participants in the conference.
- // The keys in an Object represent number of participants and the values are "last N" to be used when number of
- // participants gets to or above the number.
- //
- // For the given example mapping, "last N" will be set to 20 as long as there are at least 5, but less than
- // 29 participants in the call and it will be lowered to 15 when the 30th participant joins. The 'channelLastN'
- // will be used as default until the first threshold is reached.
- //
- // lastNLimits: {
- // 5: 20,
- // 30: 15,
- // 50: 10,
- // 70: 5,
- // 90: 2
- // },
-
- // Specify the settings for video quality optimizations on the client.
- // videoQuality: {
- // // Provides a way to prevent a video codec from being negotiated on the JVB connection. The codec specified
- // // here will be removed from the list of codecs present in the SDP answer generated by the client. If the
- // // same codec is specified for both the disabled and preferred option, the disable settings will prevail.
- // // Note that 'VP8' cannot be disabled since it's a mandatory codec, the setting will be ignored in this case.
- // disabledCodec: 'H264',
- //
- // // Provides a way to set a preferred video codec for the JVB connection. If 'H264' is specified here,
- // // simulcast will be automatically disabled since JVB doesn't support H264 simulcast yet. This will only
- // // rearrange the the preference order of the codecs in the SDP answer generated by the browser only if the
- // // preferred codec specified here is present. Please ensure that the JVB offers the specified codec for this
- // // to take effect.
- // preferredCodec: 'VP8',
- //
- // // Provides a way to configure the maximum bitrates that will be enforced on the simulcast streams for
- // // video tracks. The keys in the object represent the type of the stream (LD, SD or HD) and the values
- // // are the max.bitrates to be set on that particular type of stream. The actual send may vary based on
- // // the available bandwidth calculated by the browser, but it will be capped by the values specified here.
- // // This is currently not implemented on app based clients on mobile.
- // maxBitratesVideo: {
- // low: 200000,
- // standard: 500000,
- // high: 1500000
- // },
- //
- // // The options can be used to override default thresholds of video thumbnail heights corresponding to
- // // the video quality levels used in the application. At the time of this writing the allowed levels are:
- // // 'low' - for the low quality level (180p at the time of this writing)
- // // 'standard' - for the medium quality level (360p)
- // // 'high' - for the high quality level (720p)
- // // The keys should be positive numbers which represent the minimal thumbnail height for the quality level.
- // //
- // // With the default config value below the application will use 'low' quality until the thumbnails are
- // // at least 360 pixels tall. If the thumbnail height reaches 720 pixels then the application will switch to
- // // the high quality.
- // minHeightForQualityLvl: {
- // 360: 'standard',
- // 720: 'high'
- // },
- //
- // // Provides a way to resize the desktop track to 720p (if it is greater than 720p) before creating a canvas
- // // for the presenter mode (camera picture-in-picture mode with screenshare).
- // resizeDesktopForPresenter: false
- // },
-
- // // Options for the recording limit notification.
- // recordingLimit: {
- //
- // // The recording limit in minutes. Note: This number appears in the notification text
- // // but doesn't enforce the actual recording time limit. This should be configured in
- // // jibri!
- // limit: 60,
- //
- // // The name of the app with unlimited recordings.
- // appName: 'Unlimited recordings APP',
- //
- // // The URL of the app with unlimited recordings.
- // appURL: 'https://unlimited.recordings.app.com/'
- // },
-
- // Disables or enables RTX (RFC 4588) (defaults to false).
- // disableRtx: false,
-
- // Disables or enables TCC support in this client (default: enabled).
- // enableTcc: true,
-
- // Disables or enables REMB support in this client (default: enabled).
- // enableRemb: true,
-
- // Enables ICE restart logic in LJM and displays the page reload overlay on
- // ICE failure. Current disabled by default because it's causing issues with
- // signaling when Octo is enabled. Also when we do an "ICE restart"(which is
- // not a real ICE restart), the client maintains the TCC sequence number
- // counter, but the bridge resets it. The bridge sends media packets with
- // TCC sequence numbers starting from 0.
- // enableIceRestart: false,
-
- // Use TURN/UDP servers for the jitsi-videobridge connection (by default
- // we filter out TURN/UDP because it is usually not needed since the
- // bridge itself is reachable via UDP)
- // useTurnUdp: false
-
- // UI
- //
-
- // Disables responsive tiles.
- // disableResponsiveTiles: false,
-
- // Hides lobby button
- // hideLobbyButton: false,
-
- // Require users to always specify a display name.
- // requireDisplayName: true,
-
- // Whether to use a welcome page or not. In case it's false a random room
- // will be joined when no room is specified.
- enableWelcomePage: true,
-
- // Disable app shortcuts that are registered upon joining a conference
- // disableShortcuts: false,
-
- // Disable initial browser getUserMedia requests.
- // This is useful for scenarios where users might want to start a conference for screensharing only
- // disableInitialGUM: false,
-
- // Enabling the close page will ignore the welcome page redirection when
- // a call is hangup.
- // enableClosePage: false,
-
- // Disable hiding of remote thumbnails when in a 1-on-1 conference call.
- // disable1On1Mode: false,
-
- // Default language for the user interface.
- defaultLanguage: 'fr',
-
- // Disables profile and the edit of all fields from the profile settings (display name and email)
- // disableProfile: false,
-
- // Whether or not some features are checked based on token.
- // enableFeaturesBasedOnToken: false,
-
- // When enabled the password used for locking a room is restricted to up to the number of digits specified
- // roomPasswordNumberOfDigits: 10,
- // default: roomPasswordNumberOfDigits: false,
-
- // Message to show the users. Example: 'The service will be down for
- // maintenance at 01:00 AM GMT,
- // noticeMessage: '',
-
- // Enables calendar integration, depends on googleApiApplicationClientID
- // and microsoftApiApplicationClientID
- // enableCalendarIntegration: false,
-
- // When 'true', it shows an intermediate page before joining, where the user can configure their devices.
- prejoinPageEnabled: true,
-
- // If etherpad integration is enabled, setting this to true will
- // automatically open the etherpad when a participant joins. This
- // does not affect the mobile app since opening an etherpad
- // obscures the conference controls -- it's better to let users
- // choose to open the pad on their own in that case.
- // openSharedDocumentOnJoin: false,
-
- // If true, shows the unsafe room name warning label when a room name is
- // deemed unsafe (due to the simplicity in the name) and a password is not
- // set or the lobby is not enabled.
- // enableInsecureRoomNameWarning: false,
-
- // Whether to automatically copy invitation URL after creating a room.
- // Document should be focused for this option to work
- // enableAutomaticUrlCopy: false,
-
- // Base URL for a Gravatar-compatible service. Defaults to libravatar.
- // gravatarBaseURL: 'https://seccdn.libravatar.org/avatar/';
-
- // Stats
- //
-
- // Whether to enable stats collection or not in the TraceablePeerConnection.
- // This can be useful for debugging purposes (post-processing/analysis of
- // the webrtc stats) as it is done in the jitsi-meet-torture bandwidth
- // estimation tests.
- // gatherStats: false,
-
- // The interval at which PeerConnection.getStats() is called. Defaults to 10000
- // pcStatsInterval: 10000,
-
- // To enable sending statistics to callstats.io you must provide the
- // Application ID and Secret.
- // callStatsID: '',
- // callStatsSecret: '',
-
- // Enables sending participants' display names to callstats
- // enableDisplayNameInStats: false,
-
- // Enables sending participants' emails (if available) to callstats and other analytics
- // enableEmailInStats: false,
-
- // Privacy
- //
-
- // If third party requests are disabled, no other server will be contacted.
- // This means avatars will be locally generated and callstats integration
- // will not function.
- // disableThirdPartyRequests: false,
-
-
- // Peer-To-Peer mode: used (if enabled) when there are just 2 participants.
- //
-
- p2p: {
- // Enables peer to peer mode. When enabled the system will try to
- // establish a direct connection when there are exactly 2 participants
- // in the room. If that succeeds the conference will stop sending data
- // through the JVB and use the peer to peer connection instead. When a
- // 3rd participant joins the conference will be moved back to the JVB
- // connection.
- enabled: true,
-
- // The STUN servers that will be used in the peer to peer connections
- stunServers: [
-
- // { urls: 'stun:jitsi-meet.example.com:3478' },
- { urls: 'stun:meet-jit-si-turnrelay.jitsi.net:443' }
- ]
-
- // Sets the ICE transport policy for the p2p connection. At the time
- // of this writing the list of possible values are 'all' and 'relay',
- // but that is subject to change in the future. The enum is defined in
- // the WebRTC standard:
- // https://www.w3.org/TR/webrtc/#rtcicetransportpolicy-enum.
- // If not set, the effective value is 'all'.
- // iceTransportPolicy: 'all',
-
- // If set to true, it will prefer to use H.264 for P2P calls (if H.264
- // is supported). This setting is deprecated, use preferredCodec instead.
- // preferH264: true
-
- // Provides a way to set the video codec preference on the p2p connection. Acceptable
- // codec values are 'VP8', 'VP9' and 'H264'.
- // preferredCodec: 'H264',
-
- // If set to true, disable H.264 video codec by stripping it out of the
- // SDP. This setting is deprecated, use disabledCodec instead.
- // disableH264: false,
-
- // Provides a way to prevent a video codec from being negotiated on the p2p connection.
- // disabledCodec: '',
-
- // How long we're going to wait, before going back to P2P after the 3rd
- // participant has left the conference (to filter out page reload).
- // backToP2PDelay: 5
- },
-
- analytics: {
- // The Google Analytics Tracking ID:
- // googleAnalyticsTrackingId: 'your-tracking-id-UA-123456-1'
-
- // Matomo configuration:
- // matomoEndpoint: 'https://your-matomo-endpoint/',
- // matomoSiteID: '42',
-
- // The Amplitude APP Key:
- // amplitudeAPPKey: '<APP_KEY>'
-
- // Configuration for the rtcstats server:
- // By enabling rtcstats server every time a conference is joined the rtcstats
- // module connects to the provided rtcstatsEndpoint and sends statistics regarding
- // PeerConnection states along with getStats metrics polled at the specified
- // interval.
- // rtcstatsEnabled: true,
-
- // In order to enable rtcstats one needs to provide a endpoint url.
- // rtcstatsEndpoint: wss://rtcstats-server-pilot.jitsi.net/,
-
- // The interval at which rtcstats will poll getStats, defaults to 1000ms.
- // If the value is set to 0 getStats won't be polled and the rtcstats client
- // will only send data related to RTCPeerConnection events.
- // rtcstatsPolIInterval: 1000
-
- // Array of script URLs to load as lib-jitsi-meet "analytics handlers".
- // scriptURLs: [
- // "libs/analytics-ga.min.js", // google-analytics
- // "https://example.com/my-custom-analytics.js"
- // ],
- },
-
- // Logs that should go be passed through the 'log' event if a handler is defined for it
- // apiLogLevels: ['warn', 'log', 'error', 'info', 'debug'],
-
- // Information about the jitsi-meet instance we are connecting to, including
- // the user region as seen by the server.
- deploymentInfo: {
- // shard: "shard1",
- // region: "europe",
- // userRegion: "asia"
- },
-
- // Decides whether the start/stop recording audio notifications should play on record.
- // disableRecordAudioNotification: false,
-
- // Information for the chrome extension banner
- // chromeExtensionBanner: {
- // // The chrome extension to be installed address
- // url: 'https://chrome.google.com/webstore/detail/jitsi-meetings/kglhbbefdnlheedjiejgomgmfplipfeb',
-
- // // Extensions info which allows checking if they are installed or not
- // chromeExtensionsInfo: [
- // {
- // id: 'kglhbbefdnlheedjiejgomgmfplipfeb',
- // path: 'jitsi-logo-48x48.png'
- // }
- // ]
- // },
-
- // Local Recording
- //
-
- // localRecording: {
- // Enables local recording.
- // Additionally, 'localrecording' (all lowercase) needs to be added to
- // TOOLBAR_BUTTONS in interface_config.js for the Local Recording
- // button to show up on the toolbar.
- //
- // enabled: true,
- //
-
- // The recording format, can be one of 'ogg', 'flac' or 'wav'.
- // format: 'flac'
- //
-
- // },
-
- // Options related to end-to-end (participant to participant) ping.
- // e2eping: {
- // // The interval in milliseconds at which pings will be sent.
- // // Defaults to 10000, set to <= 0 to disable.
- // pingInterval: 10000,
- //
- // // The interval in milliseconds at which analytics events
- // // with the measured RTT will be sent. Defaults to 60000, set
- // // to <= 0 to disable.
- // analyticsInterval: 60000,
- // },
-
- // If set, will attempt to use the provided video input device label when
- // triggering a screenshare, instead of proceeding through the normal flow
- // for obtaining a desktop stream.
- // NOTE: This option is experimental and is currently intended for internal
- // use only.
- // _desktopSharingSourceDevice: 'sample-id-or-label',
-
- // If true, any checks to handoff to another application will be prevented
- // and instead the app will continue to display in the current browser.
- // disableDeepLinking: false,
-
- // A property to disable the right click context menu for localVideo
- // the menu has option to flip the locally seen video for local presentations
- // disableLocalVideoFlip: false,
-
- // Mainly privacy related settings
-
- // Disables all invite functions from the app (share, invite, dial out...etc)
- // disableInviteFunctions: true,
-
- // Disables storing the room name to the recents list
- // doNotStoreRoom: true,
-
- // Deployment specific URLs.
- // deploymentUrls: {
- // // If specified a 'Help' button will be displayed in the overflow menu with a link to the specified URL for
- // // user documentation.
- // userDocumentationURL: 'https://docs.example.com/video-meetings.html',
- // // If specified a 'Download our apps' button will be displayed in the overflow menu with a link
- // // to the specified URL for an app download page.
- // downloadAppsUrl: 'https://docs.example.com/our-apps.html'
- // },
-
- // Options related to the remote participant menu.
- // remoteVideoMenu: {
- // // If set to true the 'Kick out' button will be disabled.
- // disableKick: true
- // },
-
- // If set to true all muting operations of remote participants will be disabled.
- // disableRemoteMute: true,
-
- // Enables support for lip-sync for this client (if the browser supports it).
- // enableLipSync: false
-
- /**
- External API url used to receive branding specific information.
- If there is no url set or there are missing fields, the defaults are applied.
- None of the fields are mandatory and the response must have the shape:
- {
- // The hex value for the colour used as background
- backgroundColor: '#fff',
- // The url for the image used as background
- backgroundImageUrl: 'https://example.com/background-img.png',
- // The anchor url used when clicking the logo image
- logoClickUrl: 'https://example-company.org',
- // The url used for the image used as logo
- logoImageUrl: 'https://example.com/logo-img.png'
- }
- */
- // dynamicBrandingUrl: '',
-
- // The URL of the moderated rooms microservice, if available. If it
- // is present, a link to the service will be rendered on the welcome page,
- // otherwise the app doesn't render it.
- // moderatedRoomServiceUrl: 'https://moderated.jitsi-meet.example.com',
-
- // If true, tile view will not be enabled automatically when the participants count threshold is reached.
- // disableTileView: true,
-
- // Hides the conference subject
- // hideConferenceSubject: true
-
- // Hides the conference timer.
- // hideConferenceTimer: true,
-
- // Hides the participants stats
- // hideParticipantsStats: true
-
- // Sets the conference subject
- // subject: 'Conference Subject',
-
- // List of undocumented settings used in jitsi-meet
- /**
- _immediateReloadThreshold
- debug
- debugAudioLevels
- deploymentInfo
- dialInConfCodeUrl
- dialInNumbersUrl
- dialOutAuthUrl
- dialOutCodesUrl
- disableRemoteControl
- displayJids
- etherpad_base
- externalConnectUrl
- firefox_fake_device
- googleApiApplicationClientID
- iAmRecorder
- iAmSipGateway
- microsoftApiApplicationClientID
- peopleSearchQueryTypes
- peopleSearchUrl
- requireDisplayName
- tokenAuthUrl
- */
-
- /**
- * This property can be used to alter the generated meeting invite links (in combination with a branding domain
- * which is retrieved internally by jitsi meet) (e.g. https://meet.jit.si/someMeeting
- * can become https://brandedDomain/roomAlias)
- */
- // brandingRoomAlias: null,
-
- // List of undocumented settings used in lib-jitsi-meet
- /**
- _peerConnStatusOutOfLastNTimeout
- _peerConnStatusRtcMuteTimeout
- abTesting
- avgRtpStatsN
- callStatsConfIDNamespace
- callStatsCustomScriptUrl
- desktopSharingSources
- disableAEC
- disableAGC
- disableAP
- disableHPF
- disableNS
- enableTalkWhileMuted
- forceJVB121Ratio
- forceTurnRelay
- hiddenDomain
- ignoreStartMuted
- websocketKeepAlive
- websocketKeepAliveUrl
- */
-
- /**
- Use this array to configure which notifications will be shown to the user
- The items correspond to the title or description key of that notification
- Some of these notifications also depend on some other internal logic to be displayed or not,
- so adding them here will not ensure they will always be displayed
-
- A falsy value for this prop will result in having all notifications enabled (e.g null, undefined, false)
- */
- // notifications: [
- // 'connection.CONNFAIL', // shown when the connection fails,
- // 'dialog.cameraNotSendingData', // shown when there's no feed from user's camera
- // 'dialog.kickTitle', // shown when user has been kicked
- // 'dialog.liveStreaming', // livestreaming notifications (pending, on, off, limits)
- // 'dialog.lockTitle', // shown when setting conference password fails
- // 'dialog.maxUsersLimitReached', // shown when maximmum users limit has been reached
- // 'dialog.micNotSendingData', // shown when user's mic is not sending any audio
- // 'dialog.passwordNotSupportedTitle', // shown when setting conference password fails due to password format
- // 'dialog.recording', // recording notifications (pending, on, off, limits)
- // 'dialog.remoteControlTitle', // remote control notifications (allowed, denied, start, stop, error)
- // 'dialog.reservationError',
- // 'dialog.serviceUnavailable', // shown when server is not reachable
- // 'dialog.sessTerminated', // shown when there is a failed conference session
- // 'dialog.tokenAuthFailed', // show when an invalid jwt is used
- // 'dialog.transcribing', // transcribing notifications (pending, off)
- // 'dialOut.statusMessage', // shown when dial out status is updated.
- // 'liveStreaming.busy', // shown when livestreaming service is busy
- // 'liveStreaming.failedToStart', // shown when livestreaming fails to start
- // 'liveStreaming.unavailableTitle', // shown when livestreaming service is not reachable
- // 'lobby.joinRejectedMessage', // shown when while in a lobby, user's request to join is rejected
- // 'lobby.notificationTitle', // shown when lobby is toggled and when join requests are allowed / denied
- // 'localRecording.localRecording', // shown when a local recording is started
- // 'notify.disconnected', // shown when a participant has left
- // 'notify.grantedTo', // shown when moderator rights were granted to a participant
- // 'notify.invitedOneMember', // shown when 1 participant has been invited
- // 'notify.invitedThreePlusMembers', // shown when 3+ participants have been invited
- // 'notify.invitedTwoMembers', // shown when 2 participants have been invited
- // 'notify.kickParticipant', // shown when a participant is kicked
- // 'notify.mutedRemotelyTitle', // shown when user is muted by a remote party
- // 'notify.mutedTitle', // shown when user has been muted upon joining,
- // 'notify.newDeviceAudioTitle', // prompts the user to use a newly detected audio device
- // 'notify.newDeviceCameraTitle', // prompts the user to use a newly detected camera
- // 'notify.passwordRemovedRemotely', // shown when a password has been removed remotely
- // 'notify.passwordSetRemotely', // shown when a password has been set remotely
- // 'notify.raisedHand', // shown when a partcipant used raise hand,
- // 'notify.startSilentTitle', // shown when user joined with no audio
- // 'prejoin.errorDialOut',
- // 'prejoin.errorDialOutDisconnected',
- // 'prejoin.errorDialOutFailed',
- // 'prejoin.errorDialOutStatus',
- // 'prejoin.errorStatusCode',
- // 'prejoin.errorValidation',
- // 'recording.busy', // shown when recording service is busy
- // 'recording.failedToStart', // shown when recording fails to start
- // 'recording.unavailableTitle', // shown when recording service is not reachable
- // 'toolbar.noAudioSignalTitle', // shown when a broken mic is detected
- // 'toolbar.noisyAudioInputTitle', // shown when noise is detected for the current microphone
- // 'toolbar.talkWhileMutedPopup', // shown when user tries to speak while muted
- // 'transcribing.failedToStart' // shown when transcribing fails to start
- // ]
-
- // Allow all above example options to include a trailing comma and
- // prevent fear when commenting out the last value.
- makeJsonParserHappy: 'even if last key had a trailing comma'
-
- // no configuration value should follow this line.
-};
-
-/* eslint-enable no-unused-vars, no-var */
diff --git a/app/jitsi/config/jicofo.conf b/app/jitsi/config/jicofo.conf
deleted file mode 100644
index 5586348..0000000
--- a/app/jitsi/config/jicofo.conf
+++ /dev/null
@@ -1,273 +0,0 @@
-jicofo {
- // Authentication with external services
- authentication {
- enabled = false
- // The type of authentication. Supported values are XMPP, JWT or SHIBBOLETH (default).
- type = SHIBBOLETH
-
- // The pattern of authentication URL. See ShibbolethAuthAuthority for more information.
- # login-url =
-
- # logout-url =
-
- authentication-lifetime = 24 hours
- enable-auto-login = true
- }
- // Configuration related to jitsi-videobridge
- bridge {
- // The maximum number of participants in a single conference to put on one bridge (use -1 for no maximum).
- max-bridge-participants = -1
- // The assumed maximum packet rate that a bridge can handle.
- max-bridge-packet-rate = 50000
- // The assumed average packet rate per participant.
- average-participant-packet-rate-pps = 500
- // The assumed average stress per participant.
- average-participant-stress = 0.01
- // The assumed time that an endpoint takes to start contributing fully to the load on a bridge. To avoid allocating
- // a burst of endpoints to the same bridge, the bridge stress is adjusted by adding the number of new endpoints
- // in the last [participant-rampup-time] multiplied by [average-participant-stress].
- participant-rampup-interval = 20 seconds
- // The stress level above which a bridge is considered overstressed.
- stress-threshold = 0.8
- // The amount of to wait before retrying using a failed bridge.
- failure-reset-threshold = 1 minute
- // The bridge selection strategy. The built-in strategies are:
- // SingleBridgeSelectionStrategy: Use the least loaded bridge, do not split a conference between bridges (Octo).
- // SplitBridgeSelectionStrategy: Use a separate bridge for each participant (for testing).
- // RegionBasedBridgeSelectionStrategy: Attempt to put each participant in a bridge in their local region (i.e. use
- // Octo for geo-location).
- // IntraRegionBridgeSelectionStrategy: Use additional bridges when a bridge becomes overloaded (i.e. use Octo for
- // load balancing).
- //
- // Additionally, you can use the fully qualified class name for custom BridgeSelectionStrategy implementations.
- selection-strategy = SingleBridgeSelectionStrategy
- health-checks {
- // Whether jicofo should perform periodic health checks to the connected bridges.
- enabled = true
- // The interval at which to perform health checks.
- interval = 10 seconds
- // When a health checks times out, jicofo will retry and only consider it fail after the retry fails. This
- // configures the delay between the original health check timing out and the second health check being sent.
- // It is a duration and defaults to half the [interval].
- # retry-delay = 5 seconds
- }
-
- // The JID of the MUC to be used as a brewery for bridge instances.
- brewery-jid = "jvbbrewery@internal.auth.jitsi"
- }
- // Configure the codecs and RTP extensions to be used in the offer sent to clients.
- codec {
- video {
- vp8 {
- enabled = true
- pt = 100
- // Payload type for the associated RTX stream. Set to -1 to disable RTX.
- rtx-pt = 96
- }
- vp9 {
- enabled = true
- pt = 101
- // Payload type for the associated RTX stream. Set to -1 to disable RTX.
- rtx-pt = 97
- }
- h264 {
- enabled = true
- pt = 107
- // Payload type for the associated RTX stream. Set to -1 to disable RTX.
- rtx-pt = 99
- }
- }
-
- audio {
- isac-16000 {
- enabled = true
- pt = 103
- }
- isac-32000 {
- enabled = true
- pt = 104
- }
- opus {
- enabled = true
- pt = 111
- minptime = 10
- use-inband-fec = true
- red {
- enabled = false
- pt = 112
- }
- }
- telephone-event {
- enabled = true
- pt = 126
- }
- }
-
- // RTP header extensions
- rtp-extensions {
- audio-level {
- enabled = true
- id = 1
- }
- tof {
- // TOF is currently disabled, because we don't support it in the bridge
- // (and currently clients seem to not use it when abs-send-time is
- // available).
- enabled = false
- id = 2
- }
- abs-send-time {
- enabled = true
- id = 3
- }
- rid {
- enabled = false
- id = 4
- }
- tcc {
- enabled = true
- id = 5
- }
- video-content-type {
- enabled = false
- id = 7
- }
- framemarking {
- enabled = false
- id = 9
- }
- }
- }
-
- conference {
- // Whether to automatically grant the 'owner' role to the first participant in the conference (and subsequently to
- // the next in line when the current owner leaves).
- enable-auto-owner = true
-
- // How long to wait for the initial participant in a conference.
- initial-timeout = 15 seconds
-
- // Whether jicofo should inject a random SSRC for endpoints which don't advertise any SSRCs. This is a temporary
- // workaround for an issue with signaling endpoints for Octo.
- inject-ssrc-for-recv-only-endpoints = false
-
- max-ssrcs-per-user = 20
-
- // How long a participant's media session will be kept alive once it remains the only participant in the room.
- single-participant-timeout = 20 seconds
-
- // The minimum number of participants required for the conference to be started.
- min-participants = 2
-
- // Experimental.
- enable-lip-sync = false
-
- shared-document {
- // If `true` the shared document uses a random name. Otherwise, it uses the conference name.
- use-random-name = false
- }
- }
-
- // Configuration for the internal health checks performed by jicofo.
- health {
- // Whether to perform health checks.
- enabled = false
-
- // The interval between health checks. If set to 0, periodic health checks will not be performed.
- interval = 10 seconds
-
- # The timeout for a health check
- timeout = 30 seconds
-
- # If performing a health check takes longer than this, it is considered unsuccessful.
- max-check-duration = 20 seconds
-
- # The prefix to use when creating MUC rooms for the purpose of health checks.
- room-name-prefix = "__jicofo-health-check"
- }
-
- jibri {
- // The JID of the MUC to be used as a brewery for jibri instances for streaming.
- # brewery-jid = "jibribrewery@example.com"
-
- // How many times to retry a given Jibri request before giving up. Set to -1 to allow infinite retries.
- num-retries = 5
-
- // How long to wait for Jibri to start recording from the time it accepts a START request.
- pending-timeout = 90 seconds
- }
-
- jibri-sip {
- // The JID of the MUC to be used as a brewery for jibri instances for SIP.
- # brewery-jid = "jibrisipbrewery@example.com"
- }
-
- jigasi {
- // The JID of the MUC to be used as a brewery for jigasi instances.
- # brewery-jid = "jigasibrewery@example.com"
- }
-
- // The region in which the machine is running.
- #local-region="us-east-1"
-
- octo {
- // Whether or not to use Octo. Note that when enabled, its use will be determined by
- // $jicofo.bridge.selection-strategy.
- enabled = false
-
- // An identifier of the Jicofo instance, used for the purpose of generating conference IDs unique across a set of
- // Jicofo instances. Valid values are [1, 65535]. The value 0 is used when none is explicitly configured.
- id = 1
- }
-
- rest {
- port = 8888
- tls-port = 8843
- }
-
- sctp {
- // Whether to allocate SCTP channels on the bridge (only when the client advertises support, and SCTP is
- // enabled in the per-conference configuration).
- enabled = true
- }
-
- task-pools {
- shared-pool-max-threads = 1500
- }
-
- xmpp {
- // The separate XMPP connection used for communication with clients (endpoints).
- client {
- enabled = true
- hostname = "{{ env "NOMAD_IP_xmpp_port" }}"
- port = {{ env "NOMAD_PORT_xmpp_port" }}
- domain = "auth.jitsi"
- username = "focus"
- password = "{{ key "secrets/jitsi/jicofo_pass" | trimSpace }}"
-
- // How long to wait for a response to a stanza before giving up.
- reply-timeout = 15 seconds
-
- // The JID/domain of the MUC service used for conferencing.
- conference-muc-jid = conference.jitsi
-
- // A flag to suppress the TLS certificate verification.
- disable-certificate-verification = false
- }
- // The separate XMPP connection used for internal services (currently only jitsi-videobridge).
- service {
- enabled = false
- hostname = "jitsi-xmpp"
- port = 5222
- domain = "auth.jitsi"
- username = "focus"
- password = "jicofopass"
-
- // How long to wait for a response to a stanza before giving up.
- reply-timeout = 15 seconds
-
- // A flag to suppress the TLS certificate verification.
- disable-certificate-verification = false
- }
- }
-}
diff --git a/app/jitsi/config/nginx.conf b/app/jitsi/config/nginx.conf
deleted file mode 100644
index 32cc3c1..0000000
--- a/app/jitsi/config/nginx.conf
+++ /dev/null
@@ -1,133 +0,0 @@
-# some doc: https://www.nginx.com/resources/wiki/start/topics/examples/full/
-error_log /dev/stderr info;
-
-events {}
-
-http {
- ##
- # Basic Settings
- ##
- sendfile on;
- tcp_nopush on;
- tcp_nodelay on;
- keepalive_timeout 65;
- types_hash_max_size 2048;
-
-
- # mimetypes, required by jitsi!
- include /etc/nginx/mime.types;
- default_type application/octet-stream;
-
- types {
- application/wasm wasm;
- }
-
- ##
- # SSL Settings
- ##
-
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
- ssl_prefer_server_ciphers on;
-
- ##
- # Gzip Settings
- ##
- gzip on;
-
- access_log /dev/stdout;
- server_names_hash_bucket_size 64;
-
- # inspired by https://raw.githubusercontent.com/jitsi/docker-jitsi-meet/master/web/rootfs/defaults/meet.conf
- server {
- #listen 0.0.0.0:{{ env "NOMAD_PORT_https_port" }} ssl http2 default_server;
- #listen [::]:{{ env "NOMAD_PORT_https_port" }} ssl http2 default_server;
- listen 0.0.0.0:{{ env "NOMAD_PORT_https_port" }} default_server;
- listen [::]:{{ env "NOMAD_PORT_https_port" }} default_server;
- client_max_body_size 0;
- server_name _;
-
- # ssi on with javascript for multidomain variables in config.js
- ssi on;
- ssi_types application/x-javascript application/javascript;
-
- #ssl_certificate /etc/nginx/jitsi.crt;
- #ssl_certificate_key /etc/nginx/jitsi.key;
- root /srv/jitsi-meet;
- index index.html;
- error_page 404 /static/404.html;
-
- location = /config.js {
- alias /srv/jitsi-meet/config.js;
- }
-
- location = /interface_config.js {
- alias /srv/jitsi-meet/interface_config.js;
- }
-
- location = /external_api.js {
- alias /srv/jitsi-meet/libs/external_api.min.js;
- }
-
- # ensure all static content can always be found first
- location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)$
- {
- add_header 'Access-Control-Allow-Origin' '*';
- alias /srv/jitsi-meet/$1/$2;
- }
-
- # not used yet VVV
- # colibri (JVB) websockets
- #location ~ ^/colibri-ws/([a-zA-Z0-9-\.]+)/(.*) {
- # proxy_pass http://$1:9090/colibri-ws/$1/$2$is_args$args;
- # proxy_http_version 1.1;
- # proxy_set_header Upgrade $http_upgrade;
- # proxy_set_header Connection "upgrade";
- # tcp_nodelay on;
- #}
-
- location = /http-bind {
- # We add CORS to use a different frontend which is useful for load testing as we do not want to advertise too much our URL
- add_header 'Access-Control-Allow-Headers' 'content-type';
- add_header 'Access-Control-Allow-Methods' 'GET,POST,PUT,DELETE,OPTIONS';
- add_header 'Access-Control-Allow-Origin' '*';
- proxy_pass http://{{ env "NOMAD_ADDR_bosh_port" }}/http-bind;
- proxy_set_header X-Forwarded-For \$remote_addr;
- #proxy_set_header Host \$http_host;
- }
-
- # not used yet VVV
- # xmpp websockets
- #location = /xmpp-websocket {
- # proxy_pass {{ .Env.XMPP_BOSH_URL_BASE }}/xmpp-websocket;
- # proxy_http_version 1.1;
- # proxy_set_header Connection "upgrade";
- # proxy_set_header Upgrade $http_upgrade;
- # proxy_set_header Host {{ .Env.XMPP_DOMAIN }};
- # proxy_set_header X-Forwarded-For $remote_addr;
- # tcp_nodelay on;
- #}
-
- location ~ ^/([^/?&:'"]+)$ {
- try_files $uri @root_path;
- }
-
- location @root_path {
- rewrite ^/(.*)$ / break;
- }
-
- # Not used yet VVVV
- # Etherpad-lite
- # location /etherpad/ {
- # proxy_http_version 1.1;
- # proxy_set_header Upgrade $http_upgrade;
- # proxy_set_header Connection 'upgrade';
- # proxy_set_header Host $host;
- # proxy_cache_bypass $http_upgrade;
- # proxy_pass {{ .Env.ETHERPAD_URL_BASE }}/;
- # proxy_set_header X-Forwarded-For $remote_addr;
- # proxy_buffering off;
- # proxy_set_header Host {{ .Env.XMPP_DOMAIN }};
- # }
-
- }
-}
diff --git a/app/jitsi/config/prosody.cfg.lua b/app/jitsi/config/prosody.cfg.lua
deleted file mode 100644
index 7141f8b..0000000
--- a/app/jitsi/config/prosody.cfg.lua
+++ /dev/null
@@ -1,135 +0,0 @@
-modules_enabled = {
- "roster"; -- Allow users to have a roster. Recommended ;)
- "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.
- "tls"; -- Add support for secure TLS on c2s/s2s connections
- "dialback"; -- s2s dialback support
- "disco"; -- Service discovery
- "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
- "version"; -- Replies to server version requests
- "uptime"; -- Report how long server has been running
- "time"; -- Let others know the time here on this server
- "ping"; -- Replies to XMPP pings with pongs
- "pep"; -- Enables users to publish their mood, activity, playing music and more
- -- jitsi
- --"smacks"; -- not shipped with prosody
- "carbons";
- "mam";
- "lastactivity";
- "offline";
- "pubsub";
- "adhoc";
- "websocket";
- --"http_altconnect"; -- not shipped with prosody
-}
-modules_disabled = { "s2s" }
-
-plugin_paths = { "/usr/share/jitsi-meet/prosody-plugins/" }
-
-log = {
- --log less on console with warn="*console"; or err="*console" or more with debug="*console"
- info="*console";
-}
-daemonize = false
-use_libevent = true
-
--- domain mapper options, must at least have domain base set to use the mapper
-muc_mapper_domain_base = "jitsi.deuxfleurs.fr";
-
---@FIXME would be great to configure it
---turncredentials_secret = "__turnSecret__";
-
---turncredentials = {
--- { type = "stun", host = "jitmeet.example.com", port = "3478" },
--- { type = "turn", host = "jitmeet.example.com", port = "3478", transport = "udp" },
--- { type = "turns", host = "jitmeet.example.com", port = "5349", transport = "tcp" }
---};
-
-cross_domain_bosh = false;
-consider_bosh_secure = true;
-component_ports = { } -- it seems we don't need external components for now...
-https_ports = { } -- we don't need https
-http_ports = { {{env "NOMAD_PORT_bosh_port" }} }
-c2s_ports = { {{env "NOMAD_PORT_xmpp_port" }} }
-
-
--- https://ssl-config.mozilla.org/#server=haproxy&version=2.1&config=intermediate&openssl=1.1.0g&guideline=5.4
-ssl = {
- protocol = "tlsv1_2+";
- ciphers = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"
-}
-
-VirtualHost "jitsi"
- enabled = true -- Remove this line to enable this host
- authentication = "anonymous"
- -- Properties below are modified by jitsi-meet-tokens package config
- -- and authentication above is switched to "token"
- --app_id="example_app_id"
- --app_secret="example_app_secret"
- -- Assign this host a certificate for TLS, otherwise it would use the one
- -- set in the global section (if any).
- -- Note that old-style SSL on port 5223 only supports one certificate, and will always
- -- use the global one.
- ssl = {
- key = "/var/lib/prosody/jitsi.key";
- certificate = "/var/lib/prosody/jitsi.crt";
- }
- speakerstats_component = "speakerstats.jitsi"
- conference_duration_component = "conferenceduration.jitsi"
- -- we need bosh
- modules_enabled = {
- "bosh";
- "pubsub";
- "ping"; -- Enable mod_ping
- "speakerstats";
- --"turncredentials"; not supported yet
- "conference_duration";
- "muc_lobby_rooms";
- }
- c2s_require_encryption = false
- lobby_muc = "lobby.jitsi"
- main_muc = "conference.jitsi"
- -- muc_lobby_whitelist = { "recorder.jitmeet.example.com" } -- Here we can whitelist jibri to enter lobby enabled rooms
-
-Component "conference.jitsi" "muc"
- storage = "memory"
- modules_enabled = {
- "muc_meeting_id";
- "muc_domain_mapper";
- --"token_verification";
- }
- admins = { "focus@auth.jitsi" }
- muc_room_locking = false
- muc_room_default_public_jids = true
-
--- internal muc component
-Component "internal.auth.jitsi" "muc"
- storage = "memory"
- modules_enabled = {
- "ping";
- }
- admins = { "focus@auth.jitsi", "jvb@auth.jitsi" }
- muc_room_locking = false
- muc_room_default_public_jids = true
-
-VirtualHost "auth.jitsi"
- ssl = {
- key = "/var/lib/prosody/auth.jitsi.key";
- certificate = "/var/lib/prosody/auth.jitsi.crt";
- }
- authentication = "internal_plain"
-
-Component "focus.jitsi" "client_proxy"
- target_address = "focus@auth.jitsi"
-
-Component "speakerstats.jitsi" "speakerstats_component"
- muc_component = "conference.jitsi"
-
-Component "conferenceduration.jitsi" "conference_duration_component"
- muc_component = "conference.jitsi"
-
-Component "lobby.jitsi" "muc"
- storage = "memory"
- restrict_room_creation = true
- muc_room_locking = false
- muc_room_default_public_jids = true
-
diff --git a/app/jitsi/config/videobridge.conf b/app/jitsi/config/videobridge.conf
deleted file mode 100644
index a7c166a..0000000
--- a/app/jitsi/config/videobridge.conf
+++ /dev/null
@@ -1,290 +0,0 @@
-videobridge {
- entity-expiration {
- # If an entity has no activity after this timeout, it is expired
- timeout=1 minute
-
- # The interval at which the videobridge will check for expired entities
- check-interval=${videobridge.entity-expiration.timeout}
- }
- health {
- # The interval between health checks
- interval=10 seconds
-
- # The timeout for a health check
- timeout=30 seconds
-
- # If performing a health check takes longer than this, it is considered unsuccessful.
- max-check-duration=3 seconds
-
- # Whether or not health check failures should be 'sticky'
- # (i.e. once the bridge becomes unhealthy, it will never
- # go back to a healthy state)
- sticky-failures=false
- }
- ep-connection-status {
- # How long we'll wait for an endpoint to *start* sending
- # data before we consider it 'inactive'
- first-transfer-timeout=15 seconds
-
- # How long an endpoint can be 'inactive' before it will
- # be considered disconnected
- max-inactivity-limit=3 seconds
-
- # How often we check endpoint's connectivity status
- check-interval=500 milliseconds
- }
- cc {
- bwe-change-threshold=0.15
- thumbnail-max-height-px=180
- onstage-ideal-height-px=1080
- onstage-preferred-height-px=360
- onstage-preferred-framerate=30
- enable-onstage-video-suspend=false
- trust-bwe=true
-
- # How often we check to send probing data
- padding-period=15ms
-
- # How often we'll force recalculations of forwarded
- # streams
- max-time-between-calculations = 15 seconds
-
- # A JVB-wide last-n value, observed by all endpoints. Endpoints
- # will take the minimum of their setting and this one (-1 implies
- # no last-n limit)
- jvb-last-n = -1
- }
- # The APIs by which the JVB can be controlled
- apis {
- xmpp-client {
- # The interval at which presence is published in the configured MUCs.
- presence-interval = ${videobridge.stats.interval}
-
- configs {
- unique-xmpp-server {
- hostname="{{ env "NOMAD_IP_xmpp_port" }}"
- port = {{ env "NOMAD_PORT_xmpp_port" }}
- domain = "auth.jitsi"
- username = "jvb"
- password = "{{ key "secrets/jitsi/jvb_pass" | trimSpace }}"
- muc_jids = "jvbbrewery@internal.auth.jitsi"
- # The muc_nickname must be unique across all jitsi-videobridge instances
- muc_nickname = "unique-jvb-server"
- disable_certificate_verification = false
- }
- # example-connection-id {
- # For the properties which should be
- # filled out here, see MucClientConfiguration
- # }
- }
- }
- # The COLIBRI REST API
- rest {
- enabled = true
- }
- jvb-api {
- enabled = true
- }
- }
- # Configuration of the different REST APIs.
- # Note that the COLIBRI REST API is configured under videobridge.apis.rest instead.
- rest {
- debug {
- enabled = true
- }
- health {
- enabled = true
- }
- shutdown {
- # Note that the shutdown API requires the COLIBRI API to also be enabled.
- enabled = false
- }
- version {
- enabled = true
- }
- }
- http-servers {
- # The HTTP server which hosts services intended for 'public' use
- # (e.g. websockets for the bridge channel connection)
- public {
- # See JettyBundleActivatorConfig in Jicoco for values
- port = -1
- tls-port = -1
- }
- # The HTTP server which hosts services intended for 'private' use
- # (e.g. health or debug stats)
- private {
- # See JettyBundleActivatorConfig in Jicoco for values
- host = 127.0.0.1
- }
- }
- octo {
- # Whether or not Octo is enabled
- enabled=false
-
- # A string denoting the 'region' of this JVB. This region
- # will be used by Jicofo in the selection of a bridge for
- # a client by comparing it to the client's region.
- # Must be set when 'enabled' is true
- #region="us-west-1"
-
- # The address on which the Octo relay should bind
- # Must be set when 'enabled' is true
- #bind-address=198.51.100.1
-
- # The port to which the Octo relay should bind
- bind-port=4096
-
- # The address which controls the public address which
- # will be part of the Octo relayId
- #public-address=198.51.100.1
-
- # The size of the incoming octo queue. This queue is per-remote-endpoint,
- # so it matches what we use for local endpoints
- recv-queue-size=1024
-
- # The size of the outgoing octo queue. This is a per-originating-endpoint
- # queue, so assuming all packets are routed (as they currently are for Octo)
- # it should be the same size as the transceiver recv queue in
- # jitsi-media-transform. Repeating the description from there:
- # Assuming 300pps for high-definition, 200pps for standard-definition,
- # 100pps for low-definition and 50pps for audio, this queue is fed
- # 650pps, so its size in terms of millis is 1024/650*1000 ~= 1575ms.
- send-queue-size=1024
- }
- load-management {
- # Whether or not the reducer will be enabled to take actions to mitigate load
- reducer-enabled = false
- load-measurements {
- packet-rate {
- # The packet rate at which we'll consider the bridge overloaded
- load-threshold = 50000
- # The packet rate at which we'll consider the bridge 'underloaded' enough
- # to start recovery
- recovery-threshold = 40000
- }
- }
- load-reducers {
- last-n {
- # The factor by which we'll reduce the current last-n when trying to reduce load
- reduction-scale = .75
- # The factor by which we'll increase the current last-n when trying to recover
- recover-scale = 1.25
- # The minimum time in between runs of the last-n reducer to reduce or recover from
- # load
- impact-time = 1 minute
- # The lowest value we'll set for last-n
- minimum-last-n-value = 0
- # The highest last-n value we'll enforce. Once the enforced last-n exceeds this value
- # we'll remove the limit entirely
- maximum-enforced-last-n-value = 40
- }
- }
- }
- sctp {
- # Whether SCTP data channels are enabled.
- enabled=true
- }
- stats {
- # Whether periodic collection of statistics is enabled or not. When enabled they are accessible through the REST
- # API (at `/colibri/stats`), and are available to other modules (e.g. to be pushed to callstats or in a MUC).
- enabled = true
-
- # The interval at which stats are gathered.
- interval = 5 seconds
-
- # Configuration related to pushing statistics to callstats.io.
- callstats {
- # An integer application ID (use 0 to disable pushing stats to callstats).
- app-id = 0
-
- # The shared secred to authentication with callstats.io.
- //app-secret = "s3cret"
-
- # ID of the key that was used to generate token.
- //key-id = "abcd"
-
- # The path to private key file.
- //key-path = "/etc/jitsi/videobridge/ecpriv.jwk"
-
- # The ID of the server instance to be used when reporting to callstats.
- bridge-id = "jitsi"
-
- # TODO: document
- //conference-id-prefix = "abcd"
-
- # The interval at which statististics will be published to callstats. This affects both per-conference and global
- # statistics.
- # Note that this value will be overriden if a "callstatsio" transport is defined in the parent "stats" section.
- interval = ${videobridge.stats.interval}
- }
- }
- websockets {
- enabled=false
- server-id="default-id"
-
- # Optional, even when 'enabled' is set to true
- # tls=true
- # Must be set when enabled = true
- #domain="some-domain"
- }
- ice {
- tcp {
- # Whether ICE/TCP is enabled.
- enabled = true
-
- # The port to bind to for ICE/TCP.
- port = {{ env "NOMAD_PORT_video_port" }}
-
- # An optional additional port to advertise.
- # mapped-port = 8443
- # Whether to use "ssltcp" or plain "tcp".
- ssltcp = true
- }
-
- udp {
- # The port for ICE/UDP.
- port = {{ env "NOMAD_PORT_video_port" }}
- }
-
- # An optional prefix to include in STUN username fragments generated by the bridge.
- #ufrag-prefix = "jvb-123:"
-
- # Which candidate pairs to keep alive. The accepted values are defined in ice4j's KeepAliveStrategy:
- # "selected_and_tcp", "selected_only", or "all_succeeded".
- keep-alive-strategy = "selected_and_tcp"
-
- # Whether to use the "component socket" feature of ice4j.
- use-component-socket = true
-
- # Whether to attempt DNS resolution for remote candidates that contain a non-literal address. When set to 'false'
- # such candidates will be ignored.
- resolve-remote-candidates = false
-
- # The nomination strategy to use for ICE. THe accepted values are defined in ice4j's NominationStrategy:
- # "NominateFirstValid", "NominateHighestPriority", "NominateFirstHostOrReflexiveValid", or "NominateBestRTT".
- nomination-strategy = "NominateFirstValid"
- }
-
- transport {
- send {
- # The size of the dtls-transport outgoing queue. This is a per-participant
- # queue. Packets from the egress end-up in this queue right before
- # transmission by the outgoing srtp pipeline (which mainly consists of the
- # packet sender).
- #
- # Its size needs to be of the same order of magnitude as the rtp sender
- # queue. In a 100 participant call, assuming 300pps for the on-stage and
- # 100pps for low-definition, last-n 20 and 2 participants talking, so
- # 2*50pps for audio, this queue is fed 300+19*100+2*50 = 2300pps, so its
- # size in terms of millis is 1024/2300*1000 ~= 445ms.
- queue-size=1024
- }
- }
-
- version {
- // Wheather to announe the jitsi-videobridge version to clients in the ServerHello message.
- announce = false
- }
-}
-