diff options
| author | Alex Auvolat <alex@adnab.me> | 2022-08-24 15:42:47 +0200 |
|---|---|---|
| committer | Alex Auvolat <alex@adnab.me> | 2022-08-24 15:42:47 +0200 |
| commit | 2e8923b383eb06c53261eee8e5c442b857fb67e4 (patch) | |
| tree | 0ad148f75f7b54dfed2dbac8f43f6df9badc502a /app/jitsi/config | |
| parent | 9848f3090f77363a2fda0f9fa673ebcf1fb8228c (diff) | |
| download | nixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.tar.gz nixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.zip | |
Move app files into cluster subdirectories; add prod garage
Diffstat (limited to 'app/jitsi/config')
| -rw-r--r-- | app/jitsi/config/config.js | 773 | ||||
| -rw-r--r-- | app/jitsi/config/jicofo.conf | 273 | ||||
| -rw-r--r-- | app/jitsi/config/nginx.conf | 133 | ||||
| -rw-r--r-- | app/jitsi/config/prosody.cfg.lua | 135 | ||||
| -rw-r--r-- | app/jitsi/config/videobridge.conf | 290 |
5 files changed, 0 insertions, 1604 deletions
diff --git a/app/jitsi/config/config.js b/app/jitsi/config/config.js deleted file mode 100644 index 9464f37..0000000 --- a/app/jitsi/config/config.js +++ /dev/null @@ -1,773 +0,0 @@ -/* eslint-disable no-unused-vars, no-var */ - -var config = { - // Connection - // - - hosts: { - // XMPP domain. - domain: 'jitsi', - - // When using authentication, domain for guest users. - // anonymousdomain: 'guest.example.com', - - // Domain for authenticated users. Defaults to <domain>. - // authdomain: 'jitsi-meet.example.com', - - // Focus component domain. Defaults to focus.<domain>. - // focus: 'focus.jitsi-meet.example.com', - - // XMPP MUC domain. FIXME: use XEP-0030 to discover it. - muc: 'conference.jitsi' - }, - - // BOSH URL. FIXME: use XEP-0156 to discover it. - bosh: '//jitsi.deuxfleurs.fr/http-bind', - - // Websocket URL - // websocket: 'wss://jitsi-meet.example.com/xmpp-websocket', - - // The name of client node advertised in XEP-0115 'c' stanza - clientNode: 'http://jitsi.org/jitsimeet', - - // The real JID of focus participant - can be overridden here - // Do not change username - FIXME: Make focus username configurable - // https://github.com/jitsi/jitsi-meet/issues/7376 - // focusUserJid: 'focus@auth.jitsi-meet.example.com', - - - // Testing / experimental features. - // - - testing: { - // Disables the End to End Encryption feature. Useful for debugging - // issues related to insertable streams. - // disableE2EE: false, - - // P2P test mode disables automatic switching to P2P when there are 2 - // participants in the conference. - p2pTestMode: false - - // Enables the test specific features consumed by jitsi-meet-torture - // testMode: false - - // Disables the auto-play behavior of *all* newly created video element. - // This is useful when the client runs on a host with limited resources. - // noAutoPlayVideo: false - - // Enable / disable 500 Kbps bitrate cap on desktop tracks. When enabled, - // simulcast is turned off for the desktop share. If presenter is turned - // on while screensharing is in progress, the max bitrate is automatically - // adjusted to 2.5 Mbps. This takes a value between 0 and 1 which determines - // the probability for this to be enabled. - // capScreenshareBitrate: 1 // 0 to disable - - // Enable callstats only for a percentage of users. - // This takes a value between 0 and 100 which determines the probability for - // the callstats to be enabled. - // callStatsThreshold: 5 // enable callstats for 5% of the users. - }, - - // Disables ICE/UDP by filtering out local and remote UDP candidates in - // signalling. - // webrtcIceUdpDisable: false, - - // Disables ICE/TCP by filtering out local and remote TCP candidates in - // signalling. - // webrtcIceTcpDisable: false, - - - // Media - // - - // Audio - - // Disable measuring of audio levels. - // disableAudioLevels: false, - // audioLevelsInterval: 200, - - // Enabling this will run the lib-jitsi-meet no audio detection module which - // will notify the user if the current selected microphone has no audio - // input and will suggest another valid device if one is present. - enableNoAudioDetection: true, - - // Enabling this will show a "Save Logs" link in the GSM popover that can be - // used to collect debug information (XMPP IQs, SDP offer/answer cycles) - // about the call. - // enableSaveLogs: false, - - // Enabling this will run the lib-jitsi-meet noise detection module which will - // notify the user if there is noise, other than voice, coming from the current - // selected microphone. The purpose it to let the user know that the input could - // be potentially unpleasant for other meeting participants. - enableNoisyMicDetection: false, - - // Start the conference in audio only mode (no video is being received nor - // sent). - startAudioOnly: false, - - // Every participant after the Nth will start audio muted. - startAudioMuted: 5, - - // Start calls with audio muted. Unlike the option above, this one is only - // applied locally. FIXME: having these 2 options is confusing. - // startWithAudioMuted: false, - - // Enabling it (with #params) will disable local audio output of remote - // participants and to enable it back a reload is needed. - // startSilent: false - - // Sets the preferred target bitrate for the Opus audio codec by setting its - // 'maxaveragebitrate' parameter. Currently not available in p2p mode. - // Valid values are in the range 6000 to 510000 - // opusMaxAverageBitrate: 20000, - - // Enables support for opus-red (redundancy for Opus). - // enableOpusRed: false - - // Video - - // Sets the preferred resolution (height) for local video. Defaults to 720. - // resolution: 720, - - // How many participants while in the tile view mode, before the receiving video quality is reduced from HD to SD. - // Use -1 to disable. - // maxFullResolutionParticipants: 2, - - // w3c spec-compliant video constraints to use for video capture. Currently - // used by browsers that return true from lib-jitsi-meet's - // util#browser#usesNewGumFlow. The constraints are independent from - // this config's resolution value. Defaults to requesting an ideal - // resolution of 720p. - // constraints: { - // video: { - // height: { - // ideal: 720, - // max: 720, - // min: 240 - // } - // } - // }, - - // Enable / disable simulcast support. - // disableSimulcast: false, - - // Enable / disable layer suspension. If enabled, endpoints whose HD - // layers are not in use will be suspended (no longer sent) until they - // are requested again. - // enableLayerSuspension: false, - - // Every participant after the Nth will start video muted. - startVideoMuted: 5, - - // Start calls with video muted. Unlike the option above, this one is only - // applied locally. FIXME: having these 2 options is confusing. - // startWithVideoMuted: false, - - // If set to true, prefer to use the H.264 video codec (if supported). - // Note that it's not recommended to do this because simulcast is not - // supported when using H.264. For 1-to-1 calls this setting is enabled by - // default and can be toggled in the p2p section. - // This option has been deprecated, use preferredCodec under videoQuality section instead. - // preferH264: true, - - // If set to true, disable H.264 video codec by stripping it out of the - // SDP. - // disableH264: false, - - // Desktop sharing - - // Optional desktop sharing frame rate options. Default value: min:5, max:5. - // desktopSharingFrameRate: { - // min: 5, - // max: 5 - // }, - - // Try to start calls with screen-sharing instead of camera video. - // startScreenSharing: false, - - // Recording - - // Whether to enable file recording or not. - // fileRecordingsEnabled: false, - // Enable the dropbox integration. - // dropbox: { - // appKey: '<APP_KEY>' // Specify your app key here. - // // A URL to redirect the user to, after authenticating - // // by default uses: - // // 'https://jitsi-meet.example.com/static/oauth.html' - // redirectURI: - // 'https://jitsi-meet.example.com/subfolder/static/oauth.html' - // }, - // When integrations like dropbox are enabled only that will be shown, - // by enabling fileRecordingsServiceEnabled, we show both the integrations - // and the generic recording service (its configuration and storage type - // depends on jibri configuration) - // fileRecordingsServiceEnabled: false, - // Whether to show the possibility to share file recording with other people - // (e.g. meeting participants), based on the actual implementation - // on the backend. - // fileRecordingsServiceSharingEnabled: false, - - // Whether to enable live streaming or not. - // liveStreamingEnabled: false, - - // Transcription (in interface_config, - // subtitles and buttons can be configured) - // transcribingEnabled: false, - - // Enables automatic turning on captions when recording is started - // autoCaptionOnRecord: false, - - // Misc - - // Default value for the channel "last N" attribute. -1 for unlimited. - channelLastN: -1, - - // Provides a way to use different "last N" values based on the number of participants in the conference. - // The keys in an Object represent number of participants and the values are "last N" to be used when number of - // participants gets to or above the number. - // - // For the given example mapping, "last N" will be set to 20 as long as there are at least 5, but less than - // 29 participants in the call and it will be lowered to 15 when the 30th participant joins. The 'channelLastN' - // will be used as default until the first threshold is reached. - // - // lastNLimits: { - // 5: 20, - // 30: 15, - // 50: 10, - // 70: 5, - // 90: 2 - // }, - - // Specify the settings for video quality optimizations on the client. - // videoQuality: { - // // Provides a way to prevent a video codec from being negotiated on the JVB connection. The codec specified - // // here will be removed from the list of codecs present in the SDP answer generated by the client. If the - // // same codec is specified for both the disabled and preferred option, the disable settings will prevail. - // // Note that 'VP8' cannot be disabled since it's a mandatory codec, the setting will be ignored in this case. - // disabledCodec: 'H264', - // - // // Provides a way to set a preferred video codec for the JVB connection. If 'H264' is specified here, - // // simulcast will be automatically disabled since JVB doesn't support H264 simulcast yet. This will only - // // rearrange the the preference order of the codecs in the SDP answer generated by the browser only if the - // // preferred codec specified here is present. Please ensure that the JVB offers the specified codec for this - // // to take effect. - // preferredCodec: 'VP8', - // - // // Provides a way to configure the maximum bitrates that will be enforced on the simulcast streams for - // // video tracks. The keys in the object represent the type of the stream (LD, SD or HD) and the values - // // are the max.bitrates to be set on that particular type of stream. The actual send may vary based on - // // the available bandwidth calculated by the browser, but it will be capped by the values specified here. - // // This is currently not implemented on app based clients on mobile. - // maxBitratesVideo: { - // low: 200000, - // standard: 500000, - // high: 1500000 - // }, - // - // // The options can be used to override default thresholds of video thumbnail heights corresponding to - // // the video quality levels used in the application. At the time of this writing the allowed levels are: - // // 'low' - for the low quality level (180p at the time of this writing) - // // 'standard' - for the medium quality level (360p) - // // 'high' - for the high quality level (720p) - // // The keys should be positive numbers which represent the minimal thumbnail height for the quality level. - // // - // // With the default config value below the application will use 'low' quality until the thumbnails are - // // at least 360 pixels tall. If the thumbnail height reaches 720 pixels then the application will switch to - // // the high quality. - // minHeightForQualityLvl: { - // 360: 'standard', - // 720: 'high' - // }, - // - // // Provides a way to resize the desktop track to 720p (if it is greater than 720p) before creating a canvas - // // for the presenter mode (camera picture-in-picture mode with screenshare). - // resizeDesktopForPresenter: false - // }, - - // // Options for the recording limit notification. - // recordingLimit: { - // - // // The recording limit in minutes. Note: This number appears in the notification text - // // but doesn't enforce the actual recording time limit. This should be configured in - // // jibri! - // limit: 60, - // - // // The name of the app with unlimited recordings. - // appName: 'Unlimited recordings APP', - // - // // The URL of the app with unlimited recordings. - // appURL: 'https://unlimited.recordings.app.com/' - // }, - - // Disables or enables RTX (RFC 4588) (defaults to false). - // disableRtx: false, - - // Disables or enables TCC support in this client (default: enabled). - // enableTcc: true, - - // Disables or enables REMB support in this client (default: enabled). - // enableRemb: true, - - // Enables ICE restart logic in LJM and displays the page reload overlay on - // ICE failure. Current disabled by default because it's causing issues with - // signaling when Octo is enabled. Also when we do an "ICE restart"(which is - // not a real ICE restart), the client maintains the TCC sequence number - // counter, but the bridge resets it. The bridge sends media packets with - // TCC sequence numbers starting from 0. - // enableIceRestart: false, - - // Use TURN/UDP servers for the jitsi-videobridge connection (by default - // we filter out TURN/UDP because it is usually not needed since the - // bridge itself is reachable via UDP) - // useTurnUdp: false - - // UI - // - - // Disables responsive tiles. - // disableResponsiveTiles: false, - - // Hides lobby button - // hideLobbyButton: false, - - // Require users to always specify a display name. - // requireDisplayName: true, - - // Whether to use a welcome page or not. In case it's false a random room - // will be joined when no room is specified. - enableWelcomePage: true, - - // Disable app shortcuts that are registered upon joining a conference - // disableShortcuts: false, - - // Disable initial browser getUserMedia requests. - // This is useful for scenarios where users might want to start a conference for screensharing only - // disableInitialGUM: false, - - // Enabling the close page will ignore the welcome page redirection when - // a call is hangup. - // enableClosePage: false, - - // Disable hiding of remote thumbnails when in a 1-on-1 conference call. - // disable1On1Mode: false, - - // Default language for the user interface. - defaultLanguage: 'fr', - - // Disables profile and the edit of all fields from the profile settings (display name and email) - // disableProfile: false, - - // Whether or not some features are checked based on token. - // enableFeaturesBasedOnToken: false, - - // When enabled the password used for locking a room is restricted to up to the number of digits specified - // roomPasswordNumberOfDigits: 10, - // default: roomPasswordNumberOfDigits: false, - - // Message to show the users. Example: 'The service will be down for - // maintenance at 01:00 AM GMT, - // noticeMessage: '', - - // Enables calendar integration, depends on googleApiApplicationClientID - // and microsoftApiApplicationClientID - // enableCalendarIntegration: false, - - // When 'true', it shows an intermediate page before joining, where the user can configure their devices. - prejoinPageEnabled: true, - - // If etherpad integration is enabled, setting this to true will - // automatically open the etherpad when a participant joins. This - // does not affect the mobile app since opening an etherpad - // obscures the conference controls -- it's better to let users - // choose to open the pad on their own in that case. - // openSharedDocumentOnJoin: false, - - // If true, shows the unsafe room name warning label when a room name is - // deemed unsafe (due to the simplicity in the name) and a password is not - // set or the lobby is not enabled. - // enableInsecureRoomNameWarning: false, - - // Whether to automatically copy invitation URL after creating a room. - // Document should be focused for this option to work - // enableAutomaticUrlCopy: false, - - // Base URL for a Gravatar-compatible service. Defaults to libravatar. - // gravatarBaseURL: 'https://seccdn.libravatar.org/avatar/'; - - // Stats - // - - // Whether to enable stats collection or not in the TraceablePeerConnection. - // This can be useful for debugging purposes (post-processing/analysis of - // the webrtc stats) as it is done in the jitsi-meet-torture bandwidth - // estimation tests. - // gatherStats: false, - - // The interval at which PeerConnection.getStats() is called. Defaults to 10000 - // pcStatsInterval: 10000, - - // To enable sending statistics to callstats.io you must provide the - // Application ID and Secret. - // callStatsID: '', - // callStatsSecret: '', - - // Enables sending participants' display names to callstats - // enableDisplayNameInStats: false, - - // Enables sending participants' emails (if available) to callstats and other analytics - // enableEmailInStats: false, - - // Privacy - // - - // If third party requests are disabled, no other server will be contacted. - // This means avatars will be locally generated and callstats integration - // will not function. - // disableThirdPartyRequests: false, - - - // Peer-To-Peer mode: used (if enabled) when there are just 2 participants. - // - - p2p: { - // Enables peer to peer mode. When enabled the system will try to - // establish a direct connection when there are exactly 2 participants - // in the room. If that succeeds the conference will stop sending data - // through the JVB and use the peer to peer connection instead. When a - // 3rd participant joins the conference will be moved back to the JVB - // connection. - enabled: true, - - // The STUN servers that will be used in the peer to peer connections - stunServers: [ - - // { urls: 'stun:jitsi-meet.example.com:3478' }, - { urls: 'stun:meet-jit-si-turnrelay.jitsi.net:443' } - ] - - // Sets the ICE transport policy for the p2p connection. At the time - // of this writing the list of possible values are 'all' and 'relay', - // but that is subject to change in the future. The enum is defined in - // the WebRTC standard: - // https://www.w3.org/TR/webrtc/#rtcicetransportpolicy-enum. - // If not set, the effective value is 'all'. - // iceTransportPolicy: 'all', - - // If set to true, it will prefer to use H.264 for P2P calls (if H.264 - // is supported). This setting is deprecated, use preferredCodec instead. - // preferH264: true - - // Provides a way to set the video codec preference on the p2p connection. Acceptable - // codec values are 'VP8', 'VP9' and 'H264'. - // preferredCodec: 'H264', - - // If set to true, disable H.264 video codec by stripping it out of the - // SDP. This setting is deprecated, use disabledCodec instead. - // disableH264: false, - - // Provides a way to prevent a video codec from being negotiated on the p2p connection. - // disabledCodec: '', - - // How long we're going to wait, before going back to P2P after the 3rd - // participant has left the conference (to filter out page reload). - // backToP2PDelay: 5 - }, - - analytics: { - // The Google Analytics Tracking ID: - // googleAnalyticsTrackingId: 'your-tracking-id-UA-123456-1' - - // Matomo configuration: - // matomoEndpoint: 'https://your-matomo-endpoint/', - // matomoSiteID: '42', - - // The Amplitude APP Key: - // amplitudeAPPKey: '<APP_KEY>' - - // Configuration for the rtcstats server: - // By enabling rtcstats server every time a conference is joined the rtcstats - // module connects to the provided rtcstatsEndpoint and sends statistics regarding - // PeerConnection states along with getStats metrics polled at the specified - // interval. - // rtcstatsEnabled: true, - - // In order to enable rtcstats one needs to provide a endpoint url. - // rtcstatsEndpoint: wss://rtcstats-server-pilot.jitsi.net/, - - // The interval at which rtcstats will poll getStats, defaults to 1000ms. - // If the value is set to 0 getStats won't be polled and the rtcstats client - // will only send data related to RTCPeerConnection events. - // rtcstatsPolIInterval: 1000 - - // Array of script URLs to load as lib-jitsi-meet "analytics handlers". - // scriptURLs: [ - // "libs/analytics-ga.min.js", // google-analytics - // "https://example.com/my-custom-analytics.js" - // ], - }, - - // Logs that should go be passed through the 'log' event if a handler is defined for it - // apiLogLevels: ['warn', 'log', 'error', 'info', 'debug'], - - // Information about the jitsi-meet instance we are connecting to, including - // the user region as seen by the server. - deploymentInfo: { - // shard: "shard1", - // region: "europe", - // userRegion: "asia" - }, - - // Decides whether the start/stop recording audio notifications should play on record. - // disableRecordAudioNotification: false, - - // Information for the chrome extension banner - // chromeExtensionBanner: { - // // The chrome extension to be installed address - // url: 'https://chrome.google.com/webstore/detail/jitsi-meetings/kglhbbefdnlheedjiejgomgmfplipfeb', - - // // Extensions info which allows checking if they are installed or not - // chromeExtensionsInfo: [ - // { - // id: 'kglhbbefdnlheedjiejgomgmfplipfeb', - // path: 'jitsi-logo-48x48.png' - // } - // ] - // }, - - // Local Recording - // - - // localRecording: { - // Enables local recording. - // Additionally, 'localrecording' (all lowercase) needs to be added to - // TOOLBAR_BUTTONS in interface_config.js for the Local Recording - // button to show up on the toolbar. - // - // enabled: true, - // - - // The recording format, can be one of 'ogg', 'flac' or 'wav'. - // format: 'flac' - // - - // }, - - // Options related to end-to-end (participant to participant) ping. - // e2eping: { - // // The interval in milliseconds at which pings will be sent. - // // Defaults to 10000, set to <= 0 to disable. - // pingInterval: 10000, - // - // // The interval in milliseconds at which analytics events - // // with the measured RTT will be sent. Defaults to 60000, set - // // to <= 0 to disable. - // analyticsInterval: 60000, - // }, - - // If set, will attempt to use the provided video input device label when - // triggering a screenshare, instead of proceeding through the normal flow - // for obtaining a desktop stream. - // NOTE: This option is experimental and is currently intended for internal - // use only. - // _desktopSharingSourceDevice: 'sample-id-or-label', - - // If true, any checks to handoff to another application will be prevented - // and instead the app will continue to display in the current browser. - // disableDeepLinking: false, - - // A property to disable the right click context menu for localVideo - // the menu has option to flip the locally seen video for local presentations - // disableLocalVideoFlip: false, - - // Mainly privacy related settings - - // Disables all invite functions from the app (share, invite, dial out...etc) - // disableInviteFunctions: true, - - // Disables storing the room name to the recents list - // doNotStoreRoom: true, - - // Deployment specific URLs. - // deploymentUrls: { - // // If specified a 'Help' button will be displayed in the overflow menu with a link to the specified URL for - // // user documentation. - // userDocumentationURL: 'https://docs.example.com/video-meetings.html', - // // If specified a 'Download our apps' button will be displayed in the overflow menu with a link - // // to the specified URL for an app download page. - // downloadAppsUrl: 'https://docs.example.com/our-apps.html' - // }, - - // Options related to the remote participant menu. - // remoteVideoMenu: { - // // If set to true the 'Kick out' button will be disabled. - // disableKick: true - // }, - - // If set to true all muting operations of remote participants will be disabled. - // disableRemoteMute: true, - - // Enables support for lip-sync for this client (if the browser supports it). - // enableLipSync: false - - /** - External API url used to receive branding specific information. - If there is no url set or there are missing fields, the defaults are applied. - None of the fields are mandatory and the response must have the shape: - { - // The hex value for the colour used as background - backgroundColor: '#fff', - // The url for the image used as background - backgroundImageUrl: 'https://example.com/background-img.png', - // The anchor url used when clicking the logo image - logoClickUrl: 'https://example-company.org', - // The url used for the image used as logo - logoImageUrl: 'https://example.com/logo-img.png' - } - */ - // dynamicBrandingUrl: '', - - // The URL of the moderated rooms microservice, if available. If it - // is present, a link to the service will be rendered on the welcome page, - // otherwise the app doesn't render it. - // moderatedRoomServiceUrl: 'https://moderated.jitsi-meet.example.com', - - // If true, tile view will not be enabled automatically when the participants count threshold is reached. - // disableTileView: true, - - // Hides the conference subject - // hideConferenceSubject: true - - // Hides the conference timer. - // hideConferenceTimer: true, - - // Hides the participants stats - // hideParticipantsStats: true - - // Sets the conference subject - // subject: 'Conference Subject', - - // List of undocumented settings used in jitsi-meet - /** - _immediateReloadThreshold - debug - debugAudioLevels - deploymentInfo - dialInConfCodeUrl - dialInNumbersUrl - dialOutAuthUrl - dialOutCodesUrl - disableRemoteControl - displayJids - etherpad_base - externalConnectUrl - firefox_fake_device - googleApiApplicationClientID - iAmRecorder - iAmSipGateway - microsoftApiApplicationClientID - peopleSearchQueryTypes - peopleSearchUrl - requireDisplayName - tokenAuthUrl - */ - - /** - * This property can be used to alter the generated meeting invite links (in combination with a branding domain - * which is retrieved internally by jitsi meet) (e.g. https://meet.jit.si/someMeeting - * can become https://brandedDomain/roomAlias) - */ - // brandingRoomAlias: null, - - // List of undocumented settings used in lib-jitsi-meet - /** - _peerConnStatusOutOfLastNTimeout - _peerConnStatusRtcMuteTimeout - abTesting - avgRtpStatsN - callStatsConfIDNamespace - callStatsCustomScriptUrl - desktopSharingSources - disableAEC - disableAGC - disableAP - disableHPF - disableNS - enableTalkWhileMuted - forceJVB121Ratio - forceTurnRelay - hiddenDomain - ignoreStartMuted - websocketKeepAlive - websocketKeepAliveUrl - */ - - /** - Use this array to configure which notifications will be shown to the user - The items correspond to the title or description key of that notification - Some of these notifications also depend on some other internal logic to be displayed or not, - so adding them here will not ensure they will always be displayed - - A falsy value for this prop will result in having all notifications enabled (e.g null, undefined, false) - */ - // notifications: [ - // 'connection.CONNFAIL', // shown when the connection fails, - // 'dialog.cameraNotSendingData', // shown when there's no feed from user's camera - // 'dialog.kickTitle', // shown when user has been kicked - // 'dialog.liveStreaming', // livestreaming notifications (pending, on, off, limits) - // 'dialog.lockTitle', // shown when setting conference password fails - // 'dialog.maxUsersLimitReached', // shown when maximmum users limit has been reached - // 'dialog.micNotSendingData', // shown when user's mic is not sending any audio - // 'dialog.passwordNotSupportedTitle', // shown when setting conference password fails due to password format - // 'dialog.recording', // recording notifications (pending, on, off, limits) - // 'dialog.remoteControlTitle', // remote control notifications (allowed, denied, start, stop, error) - // 'dialog.reservationError', - // 'dialog.serviceUnavailable', // shown when server is not reachable - // 'dialog.sessTerminated', // shown when there is a failed conference session - // 'dialog.tokenAuthFailed', // show when an invalid jwt is used - // 'dialog.transcribing', // transcribing notifications (pending, off) - // 'dialOut.statusMessage', // shown when dial out status is updated. - // 'liveStreaming.busy', // shown when livestreaming service is busy - // 'liveStreaming.failedToStart', // shown when livestreaming fails to start - // 'liveStreaming.unavailableTitle', // shown when livestreaming service is not reachable - // 'lobby.joinRejectedMessage', // shown when while in a lobby, user's request to join is rejected - // 'lobby.notificationTitle', // shown when lobby is toggled and when join requests are allowed / denied - // 'localRecording.localRecording', // shown when a local recording is started - // 'notify.disconnected', // shown when a participant has left - // 'notify.grantedTo', // shown when moderator rights were granted to a participant - // 'notify.invitedOneMember', // shown when 1 participant has been invited - // 'notify.invitedThreePlusMembers', // shown when 3+ participants have been invited - // 'notify.invitedTwoMembers', // shown when 2 participants have been invited - // 'notify.kickParticipant', // shown when a participant is kicked - // 'notify.mutedRemotelyTitle', // shown when user is muted by a remote party - // 'notify.mutedTitle', // shown when user has been muted upon joining, - // 'notify.newDeviceAudioTitle', // prompts the user to use a newly detected audio device - // 'notify.newDeviceCameraTitle', // prompts the user to use a newly detected camera - // 'notify.passwordRemovedRemotely', // shown when a password has been removed remotely - // 'notify.passwordSetRemotely', // shown when a password has been set remotely - // 'notify.raisedHand', // shown when a partcipant used raise hand, - // 'notify.startSilentTitle', // shown when user joined with no audio - // 'prejoin.errorDialOut', - // 'prejoin.errorDialOutDisconnected', - // 'prejoin.errorDialOutFailed', - // 'prejoin.errorDialOutStatus', - // 'prejoin.errorStatusCode', - // 'prejoin.errorValidation', - // 'recording.busy', // shown when recording service is busy - // 'recording.failedToStart', // shown when recording fails to start - // 'recording.unavailableTitle', // shown when recording service is not reachable - // 'toolbar.noAudioSignalTitle', // shown when a broken mic is detected - // 'toolbar.noisyAudioInputTitle', // shown when noise is detected for the current microphone - // 'toolbar.talkWhileMutedPopup', // shown when user tries to speak while muted - // 'transcribing.failedToStart' // shown when transcribing fails to start - // ] - - // Allow all above example options to include a trailing comma and - // prevent fear when commenting out the last value. - makeJsonParserHappy: 'even if last key had a trailing comma' - - // no configuration value should follow this line. -}; - -/* eslint-enable no-unused-vars, no-var */ diff --git a/app/jitsi/config/jicofo.conf b/app/jitsi/config/jicofo.conf deleted file mode 100644 index 5586348..0000000 --- a/app/jitsi/config/jicofo.conf +++ /dev/null @@ -1,273 +0,0 @@ -jicofo { - // Authentication with external services - authentication { - enabled = false - // The type of authentication. Supported values are XMPP, JWT or SHIBBOLETH (default). - type = SHIBBOLETH - - // The pattern of authentication URL. See ShibbolethAuthAuthority for more information. - # login-url = - - # logout-url = - - authentication-lifetime = 24 hours - enable-auto-login = true - } - // Configuration related to jitsi-videobridge - bridge { - // The maximum number of participants in a single conference to put on one bridge (use -1 for no maximum). - max-bridge-participants = -1 - // The assumed maximum packet rate that a bridge can handle. - max-bridge-packet-rate = 50000 - // The assumed average packet rate per participant. - average-participant-packet-rate-pps = 500 - // The assumed average stress per participant. - average-participant-stress = 0.01 - // The assumed time that an endpoint takes to start contributing fully to the load on a bridge. To avoid allocating - // a burst of endpoints to the same bridge, the bridge stress is adjusted by adding the number of new endpoints - // in the last [participant-rampup-time] multiplied by [average-participant-stress]. - participant-rampup-interval = 20 seconds - // The stress level above which a bridge is considered overstressed. - stress-threshold = 0.8 - // The amount of to wait before retrying using a failed bridge. - failure-reset-threshold = 1 minute - // The bridge selection strategy. The built-in strategies are: - // SingleBridgeSelectionStrategy: Use the least loaded bridge, do not split a conference between bridges (Octo). - // SplitBridgeSelectionStrategy: Use a separate bridge for each participant (for testing). - // RegionBasedBridgeSelectionStrategy: Attempt to put each participant in a bridge in their local region (i.e. use - // Octo for geo-location). - // IntraRegionBridgeSelectionStrategy: Use additional bridges when a bridge becomes overloaded (i.e. use Octo for - // load balancing). - // - // Additionally, you can use the fully qualified class name for custom BridgeSelectionStrategy implementations. - selection-strategy = SingleBridgeSelectionStrategy - health-checks { - // Whether jicofo should perform periodic health checks to the connected bridges. - enabled = true - // The interval at which to perform health checks. - interval = 10 seconds - // When a health checks times out, jicofo will retry and only consider it fail after the retry fails. This - // configures the delay between the original health check timing out and the second health check being sent. - // It is a duration and defaults to half the [interval]. - # retry-delay = 5 seconds - } - - // The JID of the MUC to be used as a brewery for bridge instances. - brewery-jid = "jvbbrewery@internal.auth.jitsi" - } - // Configure the codecs and RTP extensions to be used in the offer sent to clients. - codec { - video { - vp8 { - enabled = true - pt = 100 - // Payload type for the associated RTX stream. Set to -1 to disable RTX. - rtx-pt = 96 - } - vp9 { - enabled = true - pt = 101 - // Payload type for the associated RTX stream. Set to -1 to disable RTX. - rtx-pt = 97 - } - h264 { - enabled = true - pt = 107 - // Payload type for the associated RTX stream. Set to -1 to disable RTX. - rtx-pt = 99 - } - } - - audio { - isac-16000 { - enabled = true - pt = 103 - } - isac-32000 { - enabled = true - pt = 104 - } - opus { - enabled = true - pt = 111 - minptime = 10 - use-inband-fec = true - red { - enabled = false - pt = 112 - } - } - telephone-event { - enabled = true - pt = 126 - } - } - - // RTP header extensions - rtp-extensions { - audio-level { - enabled = true - id = 1 - } - tof { - // TOF is currently disabled, because we don't support it in the bridge - // (and currently clients seem to not use it when abs-send-time is - // available). - enabled = false - id = 2 - } - abs-send-time { - enabled = true - id = 3 - } - rid { - enabled = false - id = 4 - } - tcc { - enabled = true - id = 5 - } - video-content-type { - enabled = false - id = 7 - } - framemarking { - enabled = false - id = 9 - } - } - } - - conference { - // Whether to automatically grant the 'owner' role to the first participant in the conference (and subsequently to - // the next in line when the current owner leaves). - enable-auto-owner = true - - // How long to wait for the initial participant in a conference. - initial-timeout = 15 seconds - - // Whether jicofo should inject a random SSRC for endpoints which don't advertise any SSRCs. This is a temporary - // workaround for an issue with signaling endpoints for Octo. - inject-ssrc-for-recv-only-endpoints = false - - max-ssrcs-per-user = 20 - - // How long a participant's media session will be kept alive once it remains the only participant in the room. - single-participant-timeout = 20 seconds - - // The minimum number of participants required for the conference to be started. - min-participants = 2 - - // Experimental. - enable-lip-sync = false - - shared-document { - // If `true` the shared document uses a random name. Otherwise, it uses the conference name. - use-random-name = false - } - } - - // Configuration for the internal health checks performed by jicofo. - health { - // Whether to perform health checks. - enabled = false - - // The interval between health checks. If set to 0, periodic health checks will not be performed. - interval = 10 seconds - - # The timeout for a health check - timeout = 30 seconds - - # If performing a health check takes longer than this, it is considered unsuccessful. - max-check-duration = 20 seconds - - # The prefix to use when creating MUC rooms for the purpose of health checks. - room-name-prefix = "__jicofo-health-check" - } - - jibri { - // The JID of the MUC to be used as a brewery for jibri instances for streaming. - # brewery-jid = "jibribrewery@example.com" - - // How many times to retry a given Jibri request before giving up. Set to -1 to allow infinite retries. - num-retries = 5 - - // How long to wait for Jibri to start recording from the time it accepts a START request. - pending-timeout = 90 seconds - } - - jibri-sip { - // The JID of the MUC to be used as a brewery for jibri instances for SIP. - # brewery-jid = "jibrisipbrewery@example.com" - } - - jigasi { - // The JID of the MUC to be used as a brewery for jigasi instances. - # brewery-jid = "jigasibrewery@example.com" - } - - // The region in which the machine is running. - #local-region="us-east-1" - - octo { - // Whether or not to use Octo. Note that when enabled, its use will be determined by - // $jicofo.bridge.selection-strategy. - enabled = false - - // An identifier of the Jicofo instance, used for the purpose of generating conference IDs unique across a set of - // Jicofo instances. Valid values are [1, 65535]. The value 0 is used when none is explicitly configured. - id = 1 - } - - rest { - port = 8888 - tls-port = 8843 - } - - sctp { - // Whether to allocate SCTP channels on the bridge (only when the client advertises support, and SCTP is - // enabled in the per-conference configuration). - enabled = true - } - - task-pools { - shared-pool-max-threads = 1500 - } - - xmpp { - // The separate XMPP connection used for communication with clients (endpoints). - client { - enabled = true - hostname = "{{ env "NOMAD_IP_xmpp_port" }}" - port = {{ env "NOMAD_PORT_xmpp_port" }} - domain = "auth.jitsi" - username = "focus" - password = "{{ key "secrets/jitsi/jicofo_pass" | trimSpace }}" - - // How long to wait for a response to a stanza before giving up. - reply-timeout = 15 seconds - - // The JID/domain of the MUC service used for conferencing. - conference-muc-jid = conference.jitsi - - // A flag to suppress the TLS certificate verification. - disable-certificate-verification = false - } - // The separate XMPP connection used for internal services (currently only jitsi-videobridge). - service { - enabled = false - hostname = "jitsi-xmpp" - port = 5222 - domain = "auth.jitsi" - username = "focus" - password = "jicofopass" - - // How long to wait for a response to a stanza before giving up. - reply-timeout = 15 seconds - - // A flag to suppress the TLS certificate verification. - disable-certificate-verification = false - } - } -} diff --git a/app/jitsi/config/nginx.conf b/app/jitsi/config/nginx.conf deleted file mode 100644 index 32cc3c1..0000000 --- a/app/jitsi/config/nginx.conf +++ /dev/null @@ -1,133 +0,0 @@ -# some doc: https://www.nginx.com/resources/wiki/start/topics/examples/full/ -error_log /dev/stderr info; - -events {} - -http { - ## - # Basic Settings - ## - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 65; - types_hash_max_size 2048; - - - # mimetypes, required by jitsi! - include /etc/nginx/mime.types; - default_type application/octet-stream; - - types { - application/wasm wasm; - } - - ## - # SSL Settings - ## - - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE - ssl_prefer_server_ciphers on; - - ## - # Gzip Settings - ## - gzip on; - - access_log /dev/stdout; - server_names_hash_bucket_size 64; - - # inspired by https://raw.githubusercontent.com/jitsi/docker-jitsi-meet/master/web/rootfs/defaults/meet.conf - server { - #listen 0.0.0.0:{{ env "NOMAD_PORT_https_port" }} ssl http2 default_server; - #listen [::]:{{ env "NOMAD_PORT_https_port" }} ssl http2 default_server; - listen 0.0.0.0:{{ env "NOMAD_PORT_https_port" }} default_server; - listen [::]:{{ env "NOMAD_PORT_https_port" }} default_server; - client_max_body_size 0; - server_name _; - - # ssi on with javascript for multidomain variables in config.js - ssi on; - ssi_types application/x-javascript application/javascript; - - #ssl_certificate /etc/nginx/jitsi.crt; - #ssl_certificate_key /etc/nginx/jitsi.key; - root /srv/jitsi-meet; - index index.html; - error_page 404 /static/404.html; - - location = /config.js { - alias /srv/jitsi-meet/config.js; - } - - location = /interface_config.js { - alias /srv/jitsi-meet/interface_config.js; - } - - location = /external_api.js { - alias /srv/jitsi-meet/libs/external_api.min.js; - } - - # ensure all static content can always be found first - location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)$ - { - add_header 'Access-Control-Allow-Origin' '*'; - alias /srv/jitsi-meet/$1/$2; - } - - # not used yet VVV - # colibri (JVB) websockets - #location ~ ^/colibri-ws/([a-zA-Z0-9-\.]+)/(.*) { - # proxy_pass http://$1:9090/colibri-ws/$1/$2$is_args$args; - # proxy_http_version 1.1; - # proxy_set_header Upgrade $http_upgrade; - # proxy_set_header Connection "upgrade"; - # tcp_nodelay on; - #} - - location = /http-bind { - # We add CORS to use a different frontend which is useful for load testing as we do not want to advertise too much our URL - add_header 'Access-Control-Allow-Headers' 'content-type'; - add_header 'Access-Control-Allow-Methods' 'GET,POST,PUT,DELETE,OPTIONS'; - add_header 'Access-Control-Allow-Origin' '*'; - proxy_pass http://{{ env "NOMAD_ADDR_bosh_port" }}/http-bind; - proxy_set_header X-Forwarded-For \$remote_addr; - #proxy_set_header Host \$http_host; - } - - # not used yet VVV - # xmpp websockets - #location = /xmpp-websocket { - # proxy_pass {{ .Env.XMPP_BOSH_URL_BASE }}/xmpp-websocket; - # proxy_http_version 1.1; - # proxy_set_header Connection "upgrade"; - # proxy_set_header Upgrade $http_upgrade; - # proxy_set_header Host {{ .Env.XMPP_DOMAIN }}; - # proxy_set_header X-Forwarded-For $remote_addr; - # tcp_nodelay on; - #} - - location ~ ^/([^/?&:'"]+)$ { - try_files $uri @root_path; - } - - location @root_path { - rewrite ^/(.*)$ / break; - } - - # Not used yet VVVV - # Etherpad-lite - # location /etherpad/ { - # proxy_http_version 1.1; - # proxy_set_header Upgrade $http_upgrade; - # proxy_set_header Connection 'upgrade'; - # proxy_set_header Host $host; - # proxy_cache_bypass $http_upgrade; - # proxy_pass {{ .Env.ETHERPAD_URL_BASE }}/; - # proxy_set_header X-Forwarded-For $remote_addr; - # proxy_buffering off; - # proxy_set_header Host {{ .Env.XMPP_DOMAIN }}; - # } - - } -} diff --git a/app/jitsi/config/prosody.cfg.lua b/app/jitsi/config/prosody.cfg.lua deleted file mode 100644 index 7141f8b..0000000 --- a/app/jitsi/config/prosody.cfg.lua +++ /dev/null @@ -1,135 +0,0 @@ -modules_enabled = { - "roster"; -- Allow users to have a roster. Recommended ;) - "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in. - "tls"; -- Add support for secure TLS on c2s/s2s connections - "dialback"; -- s2s dialback support - "disco"; -- Service discovery - "posix"; -- POSIX functionality, sends server to background, enables syslog, etc. - "version"; -- Replies to server version requests - "uptime"; -- Report how long server has been running - "time"; -- Let others know the time here on this server - "ping"; -- Replies to XMPP pings with pongs - "pep"; -- Enables users to publish their mood, activity, playing music and more - -- jitsi - --"smacks"; -- not shipped with prosody - "carbons"; - "mam"; - "lastactivity"; - "offline"; - "pubsub"; - "adhoc"; - "websocket"; - --"http_altconnect"; -- not shipped with prosody -} -modules_disabled = { "s2s" } - -plugin_paths = { "/usr/share/jitsi-meet/prosody-plugins/" } - -log = { - --log less on console with warn="*console"; or err="*console" or more with debug="*console" - info="*console"; -} -daemonize = false -use_libevent = true - --- domain mapper options, must at least have domain base set to use the mapper -muc_mapper_domain_base = "jitsi.deuxfleurs.fr"; - ---@FIXME would be great to configure it ---turncredentials_secret = "__turnSecret__"; - ---turncredentials = { --- { type = "stun", host = "jitmeet.example.com", port = "3478" }, --- { type = "turn", host = "jitmeet.example.com", port = "3478", transport = "udp" }, --- { type = "turns", host = "jitmeet.example.com", port = "5349", transport = "tcp" } ---}; - -cross_domain_bosh = false; -consider_bosh_secure = true; -component_ports = { } -- it seems we don't need external components for now... -https_ports = { } -- we don't need https -http_ports = { {{env "NOMAD_PORT_bosh_port" }} } -c2s_ports = { {{env "NOMAD_PORT_xmpp_port" }} } - - --- https://ssl-config.mozilla.org/#server=haproxy&version=2.1&config=intermediate&openssl=1.1.0g&guideline=5.4 -ssl = { - protocol = "tlsv1_2+"; - ciphers = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384" -} - -VirtualHost "jitsi" - enabled = true -- Remove this line to enable this host - authentication = "anonymous" - -- Properties below are modified by jitsi-meet-tokens package config - -- and authentication above is switched to "token" - --app_id="example_app_id" - --app_secret="example_app_secret" - -- Assign this host a certificate for TLS, otherwise it would use the one - -- set in the global section (if any). - -- Note that old-style SSL on port 5223 only supports one certificate, and will always - -- use the global one. - ssl = { - key = "/var/lib/prosody/jitsi.key"; - certificate = "/var/lib/prosody/jitsi.crt"; - } - speakerstats_component = "speakerstats.jitsi" - conference_duration_component = "conferenceduration.jitsi" - -- we need bosh - modules_enabled = { - "bosh"; - "pubsub"; - "ping"; -- Enable mod_ping - "speakerstats"; - --"turncredentials"; not supported yet - "conference_duration"; - "muc_lobby_rooms"; - } - c2s_require_encryption = false - lobby_muc = "lobby.jitsi" - main_muc = "conference.jitsi" - -- muc_lobby_whitelist = { "recorder.jitmeet.example.com" } -- Here we can whitelist jibri to enter lobby enabled rooms - -Component "conference.jitsi" "muc" - storage = "memory" - modules_enabled = { - "muc_meeting_id"; - "muc_domain_mapper"; - --"token_verification"; - } - admins = { "focus@auth.jitsi" } - muc_room_locking = false - muc_room_default_public_jids = true - --- internal muc component -Component "internal.auth.jitsi" "muc" - storage = "memory" - modules_enabled = { - "ping"; - } - admins = { "focus@auth.jitsi", "jvb@auth.jitsi" } - muc_room_locking = false - muc_room_default_public_jids = true - -VirtualHost "auth.jitsi" - ssl = { - key = "/var/lib/prosody/auth.jitsi.key"; - certificate = "/var/lib/prosody/auth.jitsi.crt"; - } - authentication = "internal_plain" - -Component "focus.jitsi" "client_proxy" - target_address = "focus@auth.jitsi" - -Component "speakerstats.jitsi" "speakerstats_component" - muc_component = "conference.jitsi" - -Component "conferenceduration.jitsi" "conference_duration_component" - muc_component = "conference.jitsi" - -Component "lobby.jitsi" "muc" - storage = "memory" - restrict_room_creation = true - muc_room_locking = false - muc_room_default_public_jids = true - diff --git a/app/jitsi/config/videobridge.conf b/app/jitsi/config/videobridge.conf deleted file mode 100644 index a7c166a..0000000 --- a/app/jitsi/config/videobridge.conf +++ /dev/null @@ -1,290 +0,0 @@ -videobridge { - entity-expiration { - # If an entity has no activity after this timeout, it is expired - timeout=1 minute - - # The interval at which the videobridge will check for expired entities - check-interval=${videobridge.entity-expiration.timeout} - } - health { - # The interval between health checks - interval=10 seconds - - # The timeout for a health check - timeout=30 seconds - - # If performing a health check takes longer than this, it is considered unsuccessful. - max-check-duration=3 seconds - - # Whether or not health check failures should be 'sticky' - # (i.e. once the bridge becomes unhealthy, it will never - # go back to a healthy state) - sticky-failures=false - } - ep-connection-status { - # How long we'll wait for an endpoint to *start* sending - # data before we consider it 'inactive' - first-transfer-timeout=15 seconds - - # How long an endpoint can be 'inactive' before it will - # be considered disconnected - max-inactivity-limit=3 seconds - - # How often we check endpoint's connectivity status - check-interval=500 milliseconds - } - cc { - bwe-change-threshold=0.15 - thumbnail-max-height-px=180 - onstage-ideal-height-px=1080 - onstage-preferred-height-px=360 - onstage-preferred-framerate=30 - enable-onstage-video-suspend=false - trust-bwe=true - - # How often we check to send probing data - padding-period=15ms - - # How often we'll force recalculations of forwarded - # streams - max-time-between-calculations = 15 seconds - - # A JVB-wide last-n value, observed by all endpoints. Endpoints - # will take the minimum of their setting and this one (-1 implies - # no last-n limit) - jvb-last-n = -1 - } - # The APIs by which the JVB can be controlled - apis { - xmpp-client { - # The interval at which presence is published in the configured MUCs. - presence-interval = ${videobridge.stats.interval} - - configs { - unique-xmpp-server { - hostname="{{ env "NOMAD_IP_xmpp_port" }}" - port = {{ env "NOMAD_PORT_xmpp_port" }} - domain = "auth.jitsi" - username = "jvb" - password = "{{ key "secrets/jitsi/jvb_pass" | trimSpace }}" - muc_jids = "jvbbrewery@internal.auth.jitsi" - # The muc_nickname must be unique across all jitsi-videobridge instances - muc_nickname = "unique-jvb-server" - disable_certificate_verification = false - } - # example-connection-id { - # For the properties which should be - # filled out here, see MucClientConfiguration - # } - } - } - # The COLIBRI REST API - rest { - enabled = true - } - jvb-api { - enabled = true - } - } - # Configuration of the different REST APIs. - # Note that the COLIBRI REST API is configured under videobridge.apis.rest instead. - rest { - debug { - enabled = true - } - health { - enabled = true - } - shutdown { - # Note that the shutdown API requires the COLIBRI API to also be enabled. - enabled = false - } - version { - enabled = true - } - } - http-servers { - # The HTTP server which hosts services intended for 'public' use - # (e.g. websockets for the bridge channel connection) - public { - # See JettyBundleActivatorConfig in Jicoco for values - port = -1 - tls-port = -1 - } - # The HTTP server which hosts services intended for 'private' use - # (e.g. health or debug stats) - private { - # See JettyBundleActivatorConfig in Jicoco for values - host = 127.0.0.1 - } - } - octo { - # Whether or not Octo is enabled - enabled=false - - # A string denoting the 'region' of this JVB. This region - # will be used by Jicofo in the selection of a bridge for - # a client by comparing it to the client's region. - # Must be set when 'enabled' is true - #region="us-west-1" - - # The address on which the Octo relay should bind - # Must be set when 'enabled' is true - #bind-address=198.51.100.1 - - # The port to which the Octo relay should bind - bind-port=4096 - - # The address which controls the public address which - # will be part of the Octo relayId - #public-address=198.51.100.1 - - # The size of the incoming octo queue. This queue is per-remote-endpoint, - # so it matches what we use for local endpoints - recv-queue-size=1024 - - # The size of the outgoing octo queue. This is a per-originating-endpoint - # queue, so assuming all packets are routed (as they currently are for Octo) - # it should be the same size as the transceiver recv queue in - # jitsi-media-transform. Repeating the description from there: - # Assuming 300pps for high-definition, 200pps for standard-definition, - # 100pps for low-definition and 50pps for audio, this queue is fed - # 650pps, so its size in terms of millis is 1024/650*1000 ~= 1575ms. - send-queue-size=1024 - } - load-management { - # Whether or not the reducer will be enabled to take actions to mitigate load - reducer-enabled = false - load-measurements { - packet-rate { - # The packet rate at which we'll consider the bridge overloaded - load-threshold = 50000 - # The packet rate at which we'll consider the bridge 'underloaded' enough - # to start recovery - recovery-threshold = 40000 - } - } - load-reducers { - last-n { - # The factor by which we'll reduce the current last-n when trying to reduce load - reduction-scale = .75 - # The factor by which we'll increase the current last-n when trying to recover - recover-scale = 1.25 - # The minimum time in between runs of the last-n reducer to reduce or recover from - # load - impact-time = 1 minute - # The lowest value we'll set for last-n - minimum-last-n-value = 0 - # The highest last-n value we'll enforce. Once the enforced last-n exceeds this value - # we'll remove the limit entirely - maximum-enforced-last-n-value = 40 - } - } - } - sctp { - # Whether SCTP data channels are enabled. - enabled=true - } - stats { - # Whether periodic collection of statistics is enabled or not. When enabled they are accessible through the REST - # API (at `/colibri/stats`), and are available to other modules (e.g. to be pushed to callstats or in a MUC). - enabled = true - - # The interval at which stats are gathered. - interval = 5 seconds - - # Configuration related to pushing statistics to callstats.io. - callstats { - # An integer application ID (use 0 to disable pushing stats to callstats). - app-id = 0 - - # The shared secred to authentication with callstats.io. - //app-secret = "s3cret" - - # ID of the key that was used to generate token. - //key-id = "abcd" - - # The path to private key file. - //key-path = "/etc/jitsi/videobridge/ecpriv.jwk" - - # The ID of the server instance to be used when reporting to callstats. - bridge-id = "jitsi" - - # TODO: document - //conference-id-prefix = "abcd" - - # The interval at which statististics will be published to callstats. This affects both per-conference and global - # statistics. - # Note that this value will be overriden if a "callstatsio" transport is defined in the parent "stats" section. - interval = ${videobridge.stats.interval} - } - } - websockets { - enabled=false - server-id="default-id" - - # Optional, even when 'enabled' is set to true - # tls=true - # Must be set when enabled = true - #domain="some-domain" - } - ice { - tcp { - # Whether ICE/TCP is enabled. - enabled = true - - # The port to bind to for ICE/TCP. - port = {{ env "NOMAD_PORT_video_port" }} - - # An optional additional port to advertise. - # mapped-port = 8443 - # Whether to use "ssltcp" or plain "tcp". - ssltcp = true - } - - udp { - # The port for ICE/UDP. - port = {{ env "NOMAD_PORT_video_port" }} - } - - # An optional prefix to include in STUN username fragments generated by the bridge. - #ufrag-prefix = "jvb-123:" - - # Which candidate pairs to keep alive. The accepted values are defined in ice4j's KeepAliveStrategy: - # "selected_and_tcp", "selected_only", or "all_succeeded". - keep-alive-strategy = "selected_and_tcp" - - # Whether to use the "component socket" feature of ice4j. - use-component-socket = true - - # Whether to attempt DNS resolution for remote candidates that contain a non-literal address. When set to 'false' - # such candidates will be ignored. - resolve-remote-candidates = false - - # The nomination strategy to use for ICE. THe accepted values are defined in ice4j's NominationStrategy: - # "NominateFirstValid", "NominateHighestPriority", "NominateFirstHostOrReflexiveValid", or "NominateBestRTT". - nomination-strategy = "NominateFirstValid" - } - - transport { - send { - # The size of the dtls-transport outgoing queue. This is a per-participant - # queue. Packets from the egress end-up in this queue right before - # transmission by the outgoing srtp pipeline (which mainly consists of the - # packet sender). - # - # Its size needs to be of the same order of magnitude as the rtp sender - # queue. In a 100 participant call, assuming 300pps for the on-stage and - # 100pps for low-definition, last-n 20 and 2 participants talking, so - # 2*50pps for audio, this queue is fed 300+19*100+2*50 = 2300pps, so its - # size in terms of millis is 1024/2300*1000 ~= 445ms. - queue-size=1024 - } - } - - version { - // Wheather to announe the jitsi-videobridge version to clients in the ServerHello message. - announce = false - } -} - |