aboutsummaryrefslogtreecommitdiff
path: root/cluster/prod/app/jitsi/config/jicofo.conf
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2022-08-24 15:42:47 +0200
committerAlex Auvolat <alex@adnab.me>2022-08-24 15:42:47 +0200
commit2e8923b383eb06c53261eee8e5c442b857fb67e4 (patch)
tree0ad148f75f7b54dfed2dbac8f43f6df9badc502a /cluster/prod/app/jitsi/config/jicofo.conf
parent9848f3090f77363a2fda0f9fa673ebcf1fb8228c (diff)
downloadnixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.tar.gz
nixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.zip
Move app files into cluster subdirectories; add prod garage
Diffstat (limited to 'cluster/prod/app/jitsi/config/jicofo.conf')
-rw-r--r--cluster/prod/app/jitsi/config/jicofo.conf273
1 files changed, 273 insertions, 0 deletions
diff --git a/cluster/prod/app/jitsi/config/jicofo.conf b/cluster/prod/app/jitsi/config/jicofo.conf
new file mode 100644
index 0000000..5586348
--- /dev/null
+++ b/cluster/prod/app/jitsi/config/jicofo.conf
@@ -0,0 +1,273 @@
+jicofo {
+ // Authentication with external services
+ authentication {
+ enabled = false
+ // The type of authentication. Supported values are XMPP, JWT or SHIBBOLETH (default).
+ type = SHIBBOLETH
+
+ // The pattern of authentication URL. See ShibbolethAuthAuthority for more information.
+ # login-url =
+
+ # logout-url =
+
+ authentication-lifetime = 24 hours
+ enable-auto-login = true
+ }
+ // Configuration related to jitsi-videobridge
+ bridge {
+ // The maximum number of participants in a single conference to put on one bridge (use -1 for no maximum).
+ max-bridge-participants = -1
+ // The assumed maximum packet rate that a bridge can handle.
+ max-bridge-packet-rate = 50000
+ // The assumed average packet rate per participant.
+ average-participant-packet-rate-pps = 500
+ // The assumed average stress per participant.
+ average-participant-stress = 0.01
+ // The assumed time that an endpoint takes to start contributing fully to the load on a bridge. To avoid allocating
+ // a burst of endpoints to the same bridge, the bridge stress is adjusted by adding the number of new endpoints
+ // in the last [participant-rampup-time] multiplied by [average-participant-stress].
+ participant-rampup-interval = 20 seconds
+ // The stress level above which a bridge is considered overstressed.
+ stress-threshold = 0.8
+ // The amount of to wait before retrying using a failed bridge.
+ failure-reset-threshold = 1 minute
+ // The bridge selection strategy. The built-in strategies are:
+ // SingleBridgeSelectionStrategy: Use the least loaded bridge, do not split a conference between bridges (Octo).
+ // SplitBridgeSelectionStrategy: Use a separate bridge for each participant (for testing).
+ // RegionBasedBridgeSelectionStrategy: Attempt to put each participant in a bridge in their local region (i.e. use
+ // Octo for geo-location).
+ // IntraRegionBridgeSelectionStrategy: Use additional bridges when a bridge becomes overloaded (i.e. use Octo for
+ // load balancing).
+ //
+ // Additionally, you can use the fully qualified class name for custom BridgeSelectionStrategy implementations.
+ selection-strategy = SingleBridgeSelectionStrategy
+ health-checks {
+ // Whether jicofo should perform periodic health checks to the connected bridges.
+ enabled = true
+ // The interval at which to perform health checks.
+ interval = 10 seconds
+ // When a health checks times out, jicofo will retry and only consider it fail after the retry fails. This
+ // configures the delay between the original health check timing out and the second health check being sent.
+ // It is a duration and defaults to half the [interval].
+ # retry-delay = 5 seconds
+ }
+
+ // The JID of the MUC to be used as a brewery for bridge instances.
+ brewery-jid = "jvbbrewery@internal.auth.jitsi"
+ }
+ // Configure the codecs and RTP extensions to be used in the offer sent to clients.
+ codec {
+ video {
+ vp8 {
+ enabled = true
+ pt = 100
+ // Payload type for the associated RTX stream. Set to -1 to disable RTX.
+ rtx-pt = 96
+ }
+ vp9 {
+ enabled = true
+ pt = 101
+ // Payload type for the associated RTX stream. Set to -1 to disable RTX.
+ rtx-pt = 97
+ }
+ h264 {
+ enabled = true
+ pt = 107
+ // Payload type for the associated RTX stream. Set to -1 to disable RTX.
+ rtx-pt = 99
+ }
+ }
+
+ audio {
+ isac-16000 {
+ enabled = true
+ pt = 103
+ }
+ isac-32000 {
+ enabled = true
+ pt = 104
+ }
+ opus {
+ enabled = true
+ pt = 111
+ minptime = 10
+ use-inband-fec = true
+ red {
+ enabled = false
+ pt = 112
+ }
+ }
+ telephone-event {
+ enabled = true
+ pt = 126
+ }
+ }
+
+ // RTP header extensions
+ rtp-extensions {
+ audio-level {
+ enabled = true
+ id = 1
+ }
+ tof {
+ // TOF is currently disabled, because we don't support it in the bridge
+ // (and currently clients seem to not use it when abs-send-time is
+ // available).
+ enabled = false
+ id = 2
+ }
+ abs-send-time {
+ enabled = true
+ id = 3
+ }
+ rid {
+ enabled = false
+ id = 4
+ }
+ tcc {
+ enabled = true
+ id = 5
+ }
+ video-content-type {
+ enabled = false
+ id = 7
+ }
+ framemarking {
+ enabled = false
+ id = 9
+ }
+ }
+ }
+
+ conference {
+ // Whether to automatically grant the 'owner' role to the first participant in the conference (and subsequently to
+ // the next in line when the current owner leaves).
+ enable-auto-owner = true
+
+ // How long to wait for the initial participant in a conference.
+ initial-timeout = 15 seconds
+
+ // Whether jicofo should inject a random SSRC for endpoints which don't advertise any SSRCs. This is a temporary
+ // workaround for an issue with signaling endpoints for Octo.
+ inject-ssrc-for-recv-only-endpoints = false
+
+ max-ssrcs-per-user = 20
+
+ // How long a participant's media session will be kept alive once it remains the only participant in the room.
+ single-participant-timeout = 20 seconds
+
+ // The minimum number of participants required for the conference to be started.
+ min-participants = 2
+
+ // Experimental.
+ enable-lip-sync = false
+
+ shared-document {
+ // If `true` the shared document uses a random name. Otherwise, it uses the conference name.
+ use-random-name = false
+ }
+ }
+
+ // Configuration for the internal health checks performed by jicofo.
+ health {
+ // Whether to perform health checks.
+ enabled = false
+
+ // The interval between health checks. If set to 0, periodic health checks will not be performed.
+ interval = 10 seconds
+
+ # The timeout for a health check
+ timeout = 30 seconds
+
+ # If performing a health check takes longer than this, it is considered unsuccessful.
+ max-check-duration = 20 seconds
+
+ # The prefix to use when creating MUC rooms for the purpose of health checks.
+ room-name-prefix = "__jicofo-health-check"
+ }
+
+ jibri {
+ // The JID of the MUC to be used as a brewery for jibri instances for streaming.
+ # brewery-jid = "jibribrewery@example.com"
+
+ // How many times to retry a given Jibri request before giving up. Set to -1 to allow infinite retries.
+ num-retries = 5
+
+ // How long to wait for Jibri to start recording from the time it accepts a START request.
+ pending-timeout = 90 seconds
+ }
+
+ jibri-sip {
+ // The JID of the MUC to be used as a brewery for jibri instances for SIP.
+ # brewery-jid = "jibrisipbrewery@example.com"
+ }
+
+ jigasi {
+ // The JID of the MUC to be used as a brewery for jigasi instances.
+ # brewery-jid = "jigasibrewery@example.com"
+ }
+
+ // The region in which the machine is running.
+ #local-region="us-east-1"
+
+ octo {
+ // Whether or not to use Octo. Note that when enabled, its use will be determined by
+ // $jicofo.bridge.selection-strategy.
+ enabled = false
+
+ // An identifier of the Jicofo instance, used for the purpose of generating conference IDs unique across a set of
+ // Jicofo instances. Valid values are [1, 65535]. The value 0 is used when none is explicitly configured.
+ id = 1
+ }
+
+ rest {
+ port = 8888
+ tls-port = 8843
+ }
+
+ sctp {
+ // Whether to allocate SCTP channels on the bridge (only when the client advertises support, and SCTP is
+ // enabled in the per-conference configuration).
+ enabled = true
+ }
+
+ task-pools {
+ shared-pool-max-threads = 1500
+ }
+
+ xmpp {
+ // The separate XMPP connection used for communication with clients (endpoints).
+ client {
+ enabled = true
+ hostname = "{{ env "NOMAD_IP_xmpp_port" }}"
+ port = {{ env "NOMAD_PORT_xmpp_port" }}
+ domain = "auth.jitsi"
+ username = "focus"
+ password = "{{ key "secrets/jitsi/jicofo_pass" | trimSpace }}"
+
+ // How long to wait for a response to a stanza before giving up.
+ reply-timeout = 15 seconds
+
+ // The JID/domain of the MUC service used for conferencing.
+ conference-muc-jid = conference.jitsi
+
+ // A flag to suppress the TLS certificate verification.
+ disable-certificate-verification = false
+ }
+ // The separate XMPP connection used for internal services (currently only jitsi-videobridge).
+ service {
+ enabled = false
+ hostname = "jitsi-xmpp"
+ port = 5222
+ domain = "auth.jitsi"
+ username = "focus"
+ password = "jicofopass"
+
+ // How long to wait for a response to a stanza before giving up.
+ reply-timeout = 15 seconds
+
+ // A flag to suppress the TLS certificate verification.
+ disable-certificate-verification = false
+ }
+ }
+}