diff options
author | Alex Auvolat <alex@adnab.me> | 2022-08-24 15:42:47 +0200 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2022-08-24 15:42:47 +0200 |
commit | 2e8923b383eb06c53261eee8e5c442b857fb67e4 (patch) | |
tree | 0ad148f75f7b54dfed2dbac8f43f6df9badc502a /app/jitsi/integration/prosody | |
parent | 9848f3090f77363a2fda0f9fa673ebcf1fb8228c (diff) | |
download | nixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.tar.gz nixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.zip |
Move app files into cluster subdirectories; add prod garage
Diffstat (limited to 'app/jitsi/integration/prosody')
-rw-r--r-- | app/jitsi/integration/prosody/prosody.cfg.lua | 137 | ||||
-rw-r--r-- | app/jitsi/integration/prosody/prosody.cfg.lua.back | 64 |
2 files changed, 0 insertions, 201 deletions
diff --git a/app/jitsi/integration/prosody/prosody.cfg.lua b/app/jitsi/integration/prosody/prosody.cfg.lua deleted file mode 100644 index b5bc0b9..0000000 --- a/app/jitsi/integration/prosody/prosody.cfg.lua +++ /dev/null @@ -1,137 +0,0 @@ -modules_enabled = { - "roster"; -- Allow users to have a roster. Recommended ;) - "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in. - "tls"; -- Add support for secure TLS on c2s/s2s connections - "dialback"; -- s2s dialback support - "disco"; -- Service discovery - "posix"; -- POSIX functionality, sends server to background, enables syslog, etc. - "version"; -- Replies to server version requests - "uptime"; -- Report how long server has been running - "time"; -- Let others know the time here on this server - "ping"; -- Replies to XMPP pings with pongs - "pep"; -- Enables users to publish their mood, activity, playing music and more - -- jitsi - --"smacks"; -- not shipped with prosody - "carbons"; - "mam"; - "lastactivity"; - "offline"; - "pubsub"; - "adhoc"; - "websocket"; - --"http_altconnect"; -- not shipped with prosody -} -modules_disabled = { "s2s" } - -plugin_paths = { "/usr/share/jitsi-meet/prosody-plugins/" } - -log = { - --log less on console with warn="*console"; or err="*console" or more with debug="*console" - info="*console"; -} -daemonize = false -use_libevent = true - --- domain mapper options, must at least have domain base set to use the mapper -muc_mapper_domain_base = "jitsi.deuxfleurs.fr"; - ---@FIXME would be great to configure it ---turncredentials_secret = "__turnSecret__"; - ---turncredentials = { --- { type = "stun", host = "jitmeet.example.com", port = "3478" }, --- { type = "turn", host = "jitmeet.example.com", port = "3478", transport = "udp" }, --- { type = "turns", host = "jitmeet.example.com", port = "5349", transport = "tcp" } ---}; - -cross_domain_bosh = false; -consider_bosh_secure = true; ---component_ports = { 5347 } -component_ports = { } -- it seems we don't need external components for now... -https_ports = { } -- we don't need http -http_ports = { 5280 } -c2s_ports = { 5222 } -s2s_ports = { } - - --- https://ssl-config.mozilla.org/#server=haproxy&version=2.1&config=intermediate&openssl=1.1.0g&guideline=5.4 -ssl = { - protocol = "tlsv1_2+"; - ciphers = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384" -} - -VirtualHost "jitsi" - enabled = true -- Remove this line to enable this host - authentication = "anonymous" - -- Properties below are modified by jitsi-meet-tokens package config - -- and authentication above is switched to "token" - --app_id="example_app_id" - --app_secret="example_app_secret" - -- Assign this host a certificate for TLS, otherwise it would use the one - -- set in the global section (if any). - -- Note that old-style SSL on port 5223 only supports one certificate, and will always - -- use the global one. - ssl = { - key = "/var/lib/prosody/jitsi.key"; - certificate = "/var/lib/prosody/jitsi.crt"; - } - speakerstats_component = "speakerstats.jitsi" - conference_duration_component = "conferenceduration.jitsi" - -- we need bosh - modules_enabled = { - "bosh"; - "pubsub"; - "ping"; -- Enable mod_ping - "speakerstats"; - --"turncredentials"; not supported yet - "conference_duration"; - "muc_lobby_rooms"; - } - c2s_require_encryption = false - lobby_muc = "lobby.jitsi" - main_muc = "conference.jitsi" - -- muc_lobby_whitelist = { "recorder.jitmeet.example.com" } -- Here we can whitelist jibri to enter lobby enabled rooms - -Component "conference.jitsi" "muc" - storage = "memory" - modules_enabled = { - "muc_meeting_id"; - "muc_domain_mapper"; - --"token_verification"; - } - admins = { "focus@auth.jitsi" } - muc_room_locking = false - muc_room_default_public_jids = true - --- internal muc component -Component "internal.auth.jitsi" "muc" - storage = "memory" - modules_enabled = { - "ping"; - } - admins = { "focus@auth.jitsi", "jvb@auth.jitsi" } - muc_room_locking = false - muc_room_default_public_jids = true - -VirtualHost "auth.jitsi" - ssl = { - key = "/var/lib/prosody/auth.jitsi.key"; - certificate = "/var/lib/prosody/auth.jitsi.crt"; - } - authentication = "internal_plain" - -Component "focus.jitsi" "client_proxy" - target_address = "focus@auth.jitsi" - -Component "speakerstats.jitsi" "speakerstats_component" - muc_component = "conference.jitsi" - -Component "conferenceduration.jitsi" "conference_duration_component" - muc_component = "conference.jitsi" - -Component "lobby.jitsi" "muc" - storage = "memory" - restrict_room_creation = true - muc_room_locking = false - muc_room_default_public_jids = true - diff --git a/app/jitsi/integration/prosody/prosody.cfg.lua.back b/app/jitsi/integration/prosody/prosody.cfg.lua.back deleted file mode 100644 index d03d7c9..0000000 --- a/app/jitsi/integration/prosody/prosody.cfg.lua.back +++ /dev/null @@ -1,64 +0,0 @@ -daemonize = false -allow_registration = false -use_libevent = true -component_interface = "0.0.0.0" -component_ports = { 5347 } -http_ports = { 5280 } -https_ports = {} - --- Not sure all modules are required -modules_enabled = { - "roster"; -- Allow users to have a roster. Recommended ;) - "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in. - "tls"; -- Add support for secure TLS on c2s/s2s connections - "dialback"; -- s2s dialback support - "disco"; -- Service discovery - "posix"; -- POSIX functionality, sends server to background, enables syslog, etc. - "version"; -- Replies to server version requests - "uptime"; -- Report how long server has been running - "time"; -- Let others know the time here on this server - "ping"; -- Replies to XMPP pings with pongs - "pep"; -- Enables users to publish their mood, activity, playing music and more - -- jitsi - --"smacks"; -- not shipped with prosody - "carbons"; - "mam"; - "lastactivity"; - "offline"; - "pubsub"; - "adhoc"; - "websocket"; - --"http_altconnect"; -- not shipped with prosody -} - -log = { - --log less on console with warn="*console"; or err="*console" or more with debug="*console" - debug="*console"; -} - -VirtualHost "jitsi" - authentication = "anonymous" - ssl = { - key = "/var/lib/prosody/jitsi.key"; - certificate = "/var/lib/prosody/jitsi.crt"; - } - modules_enabled = { - "bosh"; - "pubsub"; - } - c2s_require_encryption = false - -VirtualHost "auth.jitsi" - ssl = { - key = "/var/lib/prosody/auth.jitsi.key"; - certificate = "/var/lib/prosody/auth.jitsi.crt"; - } - authentication = "internal_plain" - admins = { "focus@auth.jitsi"} - -Component "conference.jitsi" "muc" -Component "internal.auth.jitsi" "muc" - storage = "memory" - modules_enabled = { "ping"; } - admins = { "focus@auth.jitsi", "jvb@auth.jitsi" } - |