mirror of
				https://github.com/spantaleev/matrix-docker-ansible-deploy.git
				synced 2025-10-26 01:53:24 +00:00 
			
		
		
		
	| @@ -23,6 +23,7 @@ If you decide to go with the alternative method ([Server Delegation via a DNS SR | ||||
| | A     | `matrix`                     | -        | -      | -    | `matrix-server-IP`     | | ||||
| | CNAME | `riot`                       | -        | -      | -    | `matrix.<your-domain>` | | ||||
| | CNAME | `dimension` (*)              | -        | -      | -    | `matrix.<your-domain>` | | ||||
| | CNAME | `jitsi` (*)                  | -        | -      | -    | `matrix.<your-domain>` | | ||||
| | SRV   | `_matrix-identity._tcp`      | 10       | 0      | 443  | `matrix.<your-domain>` | | ||||
|  | ||||
|  | ||||
| @@ -38,6 +39,8 @@ If you'd rather instruct the playbook not to install Riot (`matrix_riot_web_enab | ||||
|  | ||||
| The `dimension.<your-domain>` subdomain may be necessary, because this playbook could install the [Dimension integrations manager](http://dimension.t2bot.io/) for you. Dimension installation is disabled by default, because it's only possible to install it after the other Matrix services are working (see [Setting up Dimension](configuring-playbook-dimension.md) later). If you do not wish to set up Dimension, feel free to skip the `dimension.<your-domain>` DNS record. | ||||
|  | ||||
| The `jitsi.<your-domain>` subdomain may be necessary, because this playbook could install the [Jitsi video-conferencing platform](https://jitsi.org/) for you. Jitsi installation is disabled by default, because it may be heavy and is not a core required component. To learn how to install it, see our [Jitsi](configuring-playbook-jitsi.md) guide. If you do not wish to set up Jitsi, feel free to skip the `jitsi.<your-domain>` DNS record. | ||||
|  | ||||
|  | ||||
| ## `_matrix-identity._tcp` SRV record setup | ||||
|  | ||||
|   | ||||
							
								
								
									
										36
									
								
								docs/configuring-playbook-jitsi.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										36
									
								
								docs/configuring-playbook-jitsi.md
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,36 @@ | ||||
| # Jitsi | ||||
|  | ||||
| The playbook can install the [Jitsi](https://jitsi.org/) video-conferencing platform and integrate it with [Riot](configuring-playbook-riot-web.md). | ||||
|  | ||||
| Jitsi installation is **not enabled by default**, because it's not a core component of Matrix services. | ||||
|  | ||||
| The setup done by the playbook is very similar to [docker-jitsi-meet](https://github.com/jitsi/docker-jitsi-meet). | ||||
|  | ||||
|  | ||||
| ## Prerequisites | ||||
|  | ||||
| Before installing Jitsi, make sure you've created the `jitsi.DOMAIN` DNS record. See [Configuring DNS](configuring-dns.md). | ||||
|  | ||||
| You may also need to open the following ports to your server: | ||||
|  | ||||
| - `udp/10000` - RTP media over UDP | ||||
| - `tcp/4443` - RTP media fallback over TCP | ||||
|  | ||||
|  | ||||
| ## Installation | ||||
|  | ||||
| Add this to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration: | ||||
|  | ||||
| ```yaml | ||||
| matrix_jitsi_enabled: true | ||||
|  | ||||
| # We only need this temporarily - until Jitsi integration in riot-web is finalized. | ||||
| # Remove this line in the future, to switch back to a stable riot-web version. | ||||
| matrix_riot_web_docker_image: "vectorim/riot-web:develop" | ||||
| ``` | ||||
|  | ||||
| Then re-run the playbook: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` | ||||
|  | ||||
| .. and fully reload your riot-web page (at `riot.DOMAIN`). | ||||
|  | ||||
| Starting a video-conference in a room with more than 2 members should then create a Jitsi widget which utilizes your self-hosted Jitsi server. | ||||
| @@ -392,6 +392,41 @@ matrix_email2matrix_enabled: false | ||||
|  | ||||
|  | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # matrix-jitsi | ||||
| # | ||||
| ###################################################################### | ||||
|  | ||||
| matrix_jitsi_enabled: false | ||||
|  | ||||
| # Normally, matrix-nginx-proxy is enabled and nginx can reach jitsi/web over the container network. | ||||
| # If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose | ||||
| # the Jitsi HTTP port to the local host. | ||||
| matrix_jitsi_web_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:12080' }}" | ||||
|  | ||||
| matrix_jitsi_jibri_xmpp_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'jibri') | to_uuid }}" | ||||
| matrix_jitsi_jicofo_auth_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'jicofo') | to_uuid }}" | ||||
| matrix_jitsi_jvb_auth_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'jvb') | to_uuid }}" | ||||
|  | ||||
| matrix_jitsi_web_stun_servers: | | ||||
|   {{ | ||||
|     [ | ||||
|       matrix_server_fqn_matrix + ':5349', | ||||
|       matrix_server_fqn_matrix + ':3478', | ||||
|     ] | ||||
|     if matrix_coturn_enabled | ||||
|     else [ 'stun.l.google.com:19302', 'stun1.l.google.com:19302', 'stun2.l.google.com:19302'] | ||||
|   }} | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-jitsi | ||||
| # | ||||
| ###################################################################### | ||||
|  | ||||
|  | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # matrix-mailer | ||||
| @@ -482,6 +517,7 @@ matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb: "{{ matrix_s | ||||
| matrix_nginx_proxy_proxy_matrix_enabled: true | ||||
| matrix_nginx_proxy_proxy_riot_enabled: "{{ matrix_riot_web_enabled }}" | ||||
| matrix_nginx_proxy_proxy_dimension_enabled: "{{ matrix_dimension_enabled }}" | ||||
| matrix_nginx_proxy_proxy_jitsi_enabled: "{{ matrix_jitsi_enabled }}" | ||||
|  | ||||
| matrix_nginx_proxy_proxy_matrix_corporal_api_enabled: "{{ matrix_corporal_enabled and matrix_corporal_http_api_enabled }}" | ||||
| matrix_nginx_proxy_proxy_matrix_corporal_api_addr_with_container: "matrix-corporal:41081" | ||||
| @@ -525,6 +561,8 @@ matrix_ssl_domains_to_obtain_certificates_for: | | ||||
|     + | ||||
|     ([matrix_server_fqn_dimension] if matrix_dimension_enabled else []) | ||||
|     + | ||||
|     ([matrix_server_fqn_jitsi]) | ||||
|     + | ||||
|     ([matrix_domain] if matrix_nginx_proxy_base_domain_serving_enabled else []) | ||||
|   }} | ||||
|  | ||||
| @@ -596,6 +634,8 @@ matrix_riot_web_enable_presence_by_hs_url: | | ||||
|  | ||||
| matrix_riot_web_welcome_user_id: ~ | ||||
|  | ||||
| matrix_riot_web_jitsi_preferredDomain: "{{ matrix_server_fqn_jitsi if matrix_jitsi_enabled else '' }}" | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-riot-web | ||||
|   | ||||
| @@ -18,6 +18,9 @@ matrix_server_fqn_riot: "riot.{{ matrix_domain }}" | ||||
| # This is where you access the Dimension. | ||||
| matrix_server_fqn_dimension: "dimension.{{ matrix_domain }}" | ||||
|  | ||||
| # This is where you access Jitsi. | ||||
| matrix_server_fqn_jitsi: "jitsi.{{ matrix_domain }}" | ||||
|  | ||||
| matrix_user_username: "matrix" | ||||
| matrix_user_uid: 991 | ||||
| matrix_user_gid: 991 | ||||
| @@ -69,4 +72,4 @@ run_stop: true | ||||
|  | ||||
| # Building every docker image from source on the target host | ||||
| # Controlling docker image build is possible on a per unit base | ||||
| matrix_container_images_self_build: false | ||||
| matrix_container_images_self_build: false | ||||
|   | ||||
							
								
								
									
										116
									
								
								roles/matrix-jitsi/defaults/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										116
									
								
								roles/matrix-jitsi/defaults/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,116 @@ | ||||
| matrix_jitsi_enabled: true | ||||
|  | ||||
| matrix_jitsi_base_path: "{{ matrix_base_data_path }}/jitsi" | ||||
|  | ||||
| matrix_jitsi_enable_auth: false | ||||
| matrix_jitsi_enable_guests: false | ||||
| matrix_jitsi_enable_recording: true | ||||
| matrix_jitsi_enable_transcriptions: true | ||||
|  | ||||
| matrix_jitsi_timezone: UTC | ||||
|  | ||||
| matrix_jitsi_xmpp_domain: matrix-jitsi-web | ||||
| matrix_jitsi_xmpp_server: matrix-jitsi-prosody | ||||
| matrix_jitsi_xmpp_auth_domain: auth.meet.jitsi | ||||
| matrix_jitsi_xmpp_bosh_url_base: http://{{ matrix_jitsi_xmpp_server }}:5280 | ||||
| matrix_jitsi_xmpp_guest_domain: guest.meet.jitsi | ||||
| matrix_jitsi_xmpp_muc_domain: muc.meet.jitsi | ||||
| matrix_jitsi_xmpp_internal_muc_domain: internal-muc.meet.jitsi | ||||
|  | ||||
| matrix_jitsi_recorder_domain: recorder.meet.jitsi | ||||
|  | ||||
|  | ||||
| matrix_jitsi_jibri_brewery_muc: jibribrewery | ||||
| matrix_jitsi_jibri_pending_timeout: 90 | ||||
| matrix_jitsi_jibri_xmpp_user: jibri | ||||
| matrix_jitsi_jibri_xmpp_password: jibri-password | ||||
| matrix_jitsi_jibri_recorder_user: recorder | ||||
| matrix_jitsi_jibri_recorder_password: recorder-password | ||||
|  | ||||
|  | ||||
| matrix_jitsi_web_docker_image: "jitsi/web:4101" | ||||
| matrix_jitsi_web_docker_image_force_pull: "{{ matrix_jitsi_web_docker_image.endswith(':latest') }}" | ||||
|  | ||||
| matrix_jitsi_web_base_path: "{{ matrix_base_data_path }}/jitsi/web" | ||||
| matrix_jitsi_web_config_path: "{{ matrix_jitsi_web_base_path }}/config" | ||||
| matrix_jitsi_web_transcripts_path: "{{ matrix_jitsi_web_base_path }}/transcripts" | ||||
|  | ||||
| matrix_jitsi_web_public_url: "https://{{ matrix_server_fqn_jitsi }}" | ||||
|  | ||||
| # STUN servers used in the web UI. Feel free to point them to your own STUN server. | ||||
| matrix_jitsi_web_stun_servers: ['stun.l.google.com:19302', 'stun1.l.google.com:19302', 'stun2.l.google.com:19302'] | ||||
|  | ||||
| # Controls whether the matrix-jitsi-web container exposes its HTTP port (tcp/80 in the container). | ||||
| # | ||||
| # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:12080"), or empty string to not expose. | ||||
| matrix_jitsi_web_container_http_host_bind_port: '' | ||||
|  | ||||
| # A list of extra arguments to pass to the container | ||||
| matrix_jitsi_web_container_extra_arguments: [] | ||||
|  | ||||
| # List of systemd services that matrix-jitsi-web.service depends on | ||||
| matrix_jitsi_web_systemd_required_services_list: ['docker.service'] | ||||
|  | ||||
|  | ||||
| matrix_jitsi_prosody_docker_image: "jitsi/prosody:4101" | ||||
| matrix_jitsi_prosody_docker_image_force_pull: "{{ matrix_jitsi_prosody_docker_image.endswith(':latest') }}" | ||||
|  | ||||
| matrix_jitsi_prosody_base_path: "{{ matrix_base_data_path }}/jitsi/prosody" | ||||
| matrix_jitsi_prosody_config_path: "{{ matrix_jitsi_prosody_base_path }}/config" | ||||
|  | ||||
| # A list of extra arguments to pass to the container | ||||
| matrix_jitsi_prosody_container_extra_arguments: [] | ||||
|  | ||||
| # List of systemd services that matrix-jitsi-prosody.service depends on | ||||
| matrix_jitsi_prosody_systemd_required_services_list: ['docker.service'] | ||||
|  | ||||
|  | ||||
| matrix_jitsi_jicofo_docker_image: "jitsi/jicofo:4101" | ||||
| matrix_jitsi_jicofo_docker_image_force_pull: "{{ matrix_jitsi_jicofo_docker_image.endswith(':latest') }}" | ||||
|  | ||||
| matrix_jitsi_jicofo_base_path: "{{ matrix_base_data_path }}/jitsi/jicofo" | ||||
| matrix_jitsi_jicofo_config_path: "{{ matrix_jitsi_jicofo_base_path }}/config" | ||||
|  | ||||
| # A list of extra arguments to pass to the container | ||||
| matrix_jitsi_jicofo_container_extra_arguments: [] | ||||
|  | ||||
| # List of systemd services that matrix-jitsi-jicofo.service depends on | ||||
| matrix_jitsi_jicofo_systemd_required_services_list: ['docker.service', 'matrix-jitsi-prosody.service'] | ||||
|  | ||||
| matrix_jitsi_jicofo_component_secret: s3cr37 | ||||
| matrix_jitsi_jicofo_auth_user: focus | ||||
| matrix_jitsi_jicofo_auth_password: passw0rd | ||||
|  | ||||
|  | ||||
| matrix_jitsi_jvb_docker_image: "jitsi/jvb:4101" | ||||
| matrix_jitsi_jvb_docker_image_force_pull: "{{ matrix_jitsi_jvb_docker_image.endswith(':latest') }}" | ||||
|  | ||||
| matrix_jitsi_jvb_base_path: "{{ matrix_base_data_path }}/jitsi/jvb" | ||||
| matrix_jitsi_jvb_config_path: "{{ matrix_jitsi_jvb_base_path }}/config" | ||||
|  | ||||
| # A list of extra arguments to pass to the container | ||||
| matrix_jitsi_jvb_container_extra_arguments: [] | ||||
|  | ||||
| # List of systemd services that matrix-jitsi-jvb.service depends on | ||||
| matrix_jitsi_jvb_systemd_required_services_list: ['docker.service', 'matrix-jitsi-prosody.service'] | ||||
|  | ||||
| matrix_jitsi_jvb_auth_user: jvb | ||||
| matrix_jitsi_jvb_auth_password: passw0rd | ||||
|  | ||||
| # STUN servers used by JVB on the server-side, so it can discover its own external IP address. | ||||
| # Pointing this to a STUN server running on the same Docker network may lead to incorrect IP address discovery. | ||||
| matrix_jitsi_jvb_stun_servers: ['stun.l.google.com:19302', 'stun1.l.google.com:19302', 'stun2.l.google.com:19302'] | ||||
|  | ||||
| matrix_jitsi_jvb_brewery_muc: jvbbrewery | ||||
| matrix_jitsi_jvb_rtp_udp_port: 10000 | ||||
| matrix_jitsi_jvb_rtp_tcp_port: 4443 | ||||
|  | ||||
| # Controls whether the matrix-jitsi-jvb container exposes its RTP UDP port (udp/10000 in the container). | ||||
| # | ||||
| # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:10000"), or empty string to not expose. | ||||
| matrix_jitsi_jvb_container_rtp_udp_host_bind_port: "{{ matrix_jitsi_jvb_rtp_udp_port }}" | ||||
|  | ||||
| # Controls whether the matrix-jitsi-jvb container exposes its RTP UDP port (udp/4443 in the container). | ||||
| # | ||||
| # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:4443"), or empty string to not expose. | ||||
| matrix_jitsi_jvb_container_rtp_tcp_host_bind_port: "{{ matrix_jitsi_jvb_rtp_tcp_port }}" | ||||
							
								
								
									
										3
									
								
								roles/matrix-jitsi/tasks/init.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								roles/matrix-jitsi/tasks/init.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,3 @@ | ||||
| - set_fact: | ||||
|     matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-jitsi-web', 'matrix-jitsi-prosody', 'matrix-jitsi-jicofo', 'matrix-jitsi-jvb'] }}" | ||||
|   when: matrix_jitsi_enabled|bool | ||||
							
								
								
									
										33
									
								
								roles/matrix-jitsi/tasks/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										33
									
								
								roles/matrix-jitsi/tasks/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,33 @@ | ||||
| - import_tasks: "{{ role_path }}/tasks/init.yml" | ||||
|   tags: | ||||
|     - always | ||||
|  | ||||
| - import_tasks: "{{ role_path }}/tasks/setup_jitsi_base.yml" | ||||
|   when: run_setup|bool | ||||
|   tags: | ||||
|     - setup-all | ||||
|     - setup-jitsi | ||||
|  | ||||
| - import_tasks: "{{ role_path }}/tasks/setup_jitsi_web.yml" | ||||
|   when: run_setup|bool | ||||
|   tags: | ||||
|     - setup-all | ||||
|     - setup-jitsi | ||||
|  | ||||
| - import_tasks: "{{ role_path }}/tasks/setup_jitsi_prosody.yml" | ||||
|   when: run_setup|bool | ||||
|   tags: | ||||
|     - setup-all | ||||
|     - setup-jitsi | ||||
|  | ||||
| - import_tasks: "{{ role_path }}/tasks/setup_jitsi_jicofo.yml" | ||||
|   when: run_setup|bool | ||||
|   tags: | ||||
|     - setup-all | ||||
|     - setup-jitsi | ||||
|  | ||||
| - import_tasks: "{{ role_path }}/tasks/setup_jitsi_jvb.yml" | ||||
|   when: run_setup|bool | ||||
|   tags: | ||||
|     - setup-all | ||||
|     - setup-jitsi | ||||
							
								
								
									
										20
									
								
								roles/matrix-jitsi/tasks/setup_jitsi_base.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										20
									
								
								roles/matrix-jitsi/tasks/setup_jitsi_base.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,20 @@ | ||||
| --- | ||||
|  | ||||
| # | ||||
| # Tasks related to setting up jitsi | ||||
| # | ||||
|  | ||||
| - name: Ensure Matrix jitsi base path exists | ||||
|   file: | ||||
|     path: "{{ item.path }}" | ||||
|     state: directory | ||||
|     mode: 0750 | ||||
|     owner: "{{ matrix_user_username }}" | ||||
|     group: "{{ matrix_user_username }}" | ||||
|   with_items: | ||||
|     - { path: "{{ matrix_jitsi_base_path }}", when: true } | ||||
|   when: matrix_jitsi_enabled|bool and item.when | ||||
|  | ||||
| # | ||||
| # Tasks related to getting rid of jitsi (if it was previously enabled) | ||||
| # | ||||
							
								
								
									
										96
									
								
								roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										96
									
								
								roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,96 @@ | ||||
| --- | ||||
|  | ||||
| # | ||||
| # Tasks related to setting up jitsi-jicofo | ||||
| # | ||||
|  | ||||
| - name: Ensure Matrix jitsi-jicofo path exists | ||||
|   file: | ||||
|     path: "{{ item.path }}" | ||||
|     state: directory | ||||
|     mode: 0777 | ||||
|     owner: "{{ matrix_user_username }}" | ||||
|     group: "{{ matrix_user_username }}" | ||||
|   with_items: | ||||
|     - { path: "{{ matrix_jitsi_jicofo_base_path }}", when: true } | ||||
|     - { path: "{{ matrix_jitsi_jicofo_config_path }}", when: true } | ||||
|   when: matrix_jitsi_enabled|bool and item.when | ||||
|  | ||||
| - name: Ensure jitsi-jicofo Docker image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_jitsi_jicofo_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_jitsi_jicofo_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_jicofo_docker_image_force_pull }}" | ||||
|   when: matrix_jitsi_enabled|bool | ||||
|  | ||||
| - name: Ensure jitsi-jicofo environment variables file created | ||||
|   template: | ||||
|     src: "{{ role_path }}/templates/jicofo/env.j2" | ||||
|     dest: "{{ matrix_jitsi_jicofo_base_path }}/env" | ||||
|     mode: 0640 | ||||
|   when: matrix_jitsi_enabled|bool | ||||
|  | ||||
| - name: Ensure jitsi-jicofo configuration files created | ||||
|   template: | ||||
|     src: "{{ role_path }}/templates/jicofo/{{ item }}.j2" | ||||
|     dest: "{{ matrix_jitsi_jicofo_config_path }}/{{ item }}" | ||||
|     mode: 0644 | ||||
|   with_items: | ||||
|     - sip-communicator.properties | ||||
|     - logging.properties | ||||
|   when: matrix_jitsi_enabled|bool | ||||
|  | ||||
| - name: Ensure matrix-jitsi-jicofo.service installed | ||||
|   template: | ||||
|     src: "{{ role_path }}/templates/jicofo/matrix-jitsi-jicofo.service.j2" | ||||
|     dest: "/etc/systemd/system/matrix-jitsi-jicofo.service" | ||||
|     mode: 0644 | ||||
|   register: matrix_jitsi_jicofo_systemd_service_result | ||||
|   when: matrix_jitsi_enabled|bool | ||||
|  | ||||
| - name: Ensure systemd reloaded after matrix-jitsi-jicofo.service installation | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_jitsi_enabled and matrix_jitsi_jicofo_systemd_service_result.changed" | ||||
|  | ||||
| # | ||||
| # Tasks related to getting rid of jitsi-jicofo (if it was previously enabled) | ||||
| # | ||||
|  | ||||
| - name: Check existence of matrix-jitsi-jicofo service | ||||
|   stat: | ||||
|     path: "/etc/systemd/system/matrix-jitsi-jicofo.service" | ||||
|   register: matrix_jitsi_jicofo_service_stat | ||||
|   when: "not matrix_jitsi_enabled|bool" | ||||
|  | ||||
| - name: Ensure matrix-jitsi-jicofo is stopped | ||||
|   service: | ||||
|     name: matrix-jitsi-jicofo | ||||
|     state: stopped | ||||
|     daemon_reload: yes | ||||
|   register: stopping_result | ||||
|   when: "not matrix_jitsi_enabled|bool and matrix_jitsi_jicofo_service_stat.stat.exists" | ||||
|  | ||||
| - name: Ensure matrix-jitsi-jicofo.service doesn't exist | ||||
|   file: | ||||
|     path: "/etc/systemd/system/matrix-jitsi-jicofo.service" | ||||
|     state: absent | ||||
|   when: "not matrix_jitsi_enabled|bool and matrix_jitsi_jicofo_service_stat.stat.exists" | ||||
|  | ||||
| - name: Ensure systemd reloaded after matrix-jitsi-jicofo.service removal | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "not matrix_jitsi_enabled|bool and matrix_jitsi_jicofo_service_stat.stat.exists" | ||||
|  | ||||
| - name: Ensure Matrix jitsi-jicofo paths doesn't exist | ||||
|   file: | ||||
|     path: "{{ matrix_jitsi_jicofo_base_path }}" | ||||
|     state: absent | ||||
|   when: "not matrix_jitsi_enabled|bool" | ||||
|  | ||||
| - name: Ensure jitsi-jicofo Docker image doesn't exist | ||||
|   docker_image: | ||||
|     name: "{{ matrix_jitsi_jicofo_docker_image }}" | ||||
|     state: absent | ||||
|   when: "not matrix_jitsi_enabled|bool" | ||||
							
								
								
									
										89
									
								
								roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										89
									
								
								roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,89 @@ | ||||
| --- | ||||
|  | ||||
| # | ||||
| # Tasks related to setting up jitsi-jvb | ||||
| # | ||||
|  | ||||
| - name: Ensure Matrix jitsi-jvb path exists | ||||
|   file: | ||||
|     path: "{{ item.path }}" | ||||
|     state: directory | ||||
|     mode: 0777 | ||||
|     owner: "{{ matrix_user_username }}" | ||||
|     group: "{{ matrix_user_username }}" | ||||
|   with_items: | ||||
|     - { path: "{{ matrix_jitsi_jvb_base_path }}", when: true } | ||||
|     - { path: "{{ matrix_jitsi_jvb_config_path }}", when: true } | ||||
|   when: matrix_jitsi_enabled|bool and item.when | ||||
|  | ||||
| - name: Ensure jitsi-jvb Docker image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_jitsi_jvb_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_jitsi_jvb_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_jvb_docker_image_force_pull }}" | ||||
|   when: matrix_jitsi_enabled|bool | ||||
|  | ||||
| - name: Ensure jitsi-jvb configuration files created | ||||
|   template: | ||||
|     src: "{{ role_path }}/templates/jvb/{{ item }}.j2" | ||||
|     dest: "{{ matrix_jitsi_jvb_config_path }}/{{ item }}" | ||||
|     mode: 0644 | ||||
|   with_items: | ||||
|     - sip-communicator.properties | ||||
|     - logging.properties | ||||
|   when: matrix_jitsi_enabled|bool | ||||
|  | ||||
| - name: Ensure matrix-jitsi-jvb.service installed | ||||
|   template: | ||||
|     src: "{{ role_path }}/templates/jvb/matrix-jitsi-jvb.service.j2" | ||||
|     dest: "/etc/systemd/system/matrix-jitsi-jvb.service" | ||||
|     mode: 0644 | ||||
|   register: matrix_jitsi_jvb_systemd_service_result | ||||
|   when: matrix_jitsi_enabled|bool | ||||
|  | ||||
| - name: Ensure systemd reloaded after matrix-jitsi-jvb.service installation | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_jitsi_enabled and matrix_jitsi_jvb_systemd_service_result.changed" | ||||
|  | ||||
| # | ||||
| # Tasks related to getting rid of jitsi-jvb (if it was previously enabled) | ||||
| # | ||||
|  | ||||
| - name: Check existence of matrix-jitsi-jvb service | ||||
|   stat: | ||||
|     path: "/etc/systemd/system/matrix-jitsi-jvb.service" | ||||
|   register: matrix_jitsi_jvb_service_stat | ||||
|   when: "not matrix_jitsi_enabled|bool" | ||||
|  | ||||
| - name: Ensure matrix-jitsi-jvb is stopped | ||||
|   service: | ||||
|     name: matrix-jitsi-jvb | ||||
|     state: stopped | ||||
|     daemon_reload: yes | ||||
|   register: stopping_result | ||||
|   when: "not matrix_jitsi_enabled|bool and matrix_jitsi_jvb_service_stat.stat.exists" | ||||
|  | ||||
| - name: Ensure matrix-jitsi-jvb.service doesn't exist | ||||
|   file: | ||||
|     path: "/etc/systemd/system/matrix-jitsi-jvb.service" | ||||
|     state: absent | ||||
|   when: "not matrix_jitsi_enabled|bool and matrix_jitsi_jvb_service_stat.stat.exists" | ||||
|  | ||||
| - name: Ensure systemd reloaded after matrix-jitsi-jvb.service removal | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "not matrix_jitsi_enabled|bool and matrix_jitsi_jvb_service_stat.stat.exists" | ||||
|  | ||||
| - name: Ensure Matrix jitsi-jvb paths doesn't exist | ||||
|   file: | ||||
|     path: "{{ matrix_jitsi_jvb_base_path }}" | ||||
|     state: absent | ||||
|   when: "not matrix_jitsi_enabled|bool" | ||||
|  | ||||
| - name: Ensure jitsi-jvb Docker image doesn't exist | ||||
|   docker_image: | ||||
|     name: "{{ matrix_jitsi_jvb_docker_image }}" | ||||
|     state: absent | ||||
|   when: "not matrix_jitsi_enabled|bool" | ||||
							
								
								
									
										86
									
								
								roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										86
									
								
								roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,86 @@ | ||||
| --- | ||||
|  | ||||
| # | ||||
| # Tasks related to setting up jitsi-prosody | ||||
| # | ||||
|  | ||||
| - name: Ensure Matrix jitsi-prosody path exists | ||||
|   file: | ||||
|     path: "{{ item.path }}" | ||||
|     state: directory | ||||
|     mode: 0777 | ||||
|     owner: "{{ matrix_user_username }}" | ||||
|     group: "{{ matrix_user_username }}" | ||||
|   with_items: | ||||
|     - { path: "{{ matrix_jitsi_prosody_base_path }}", when: true } | ||||
|     - { path: "{{ matrix_jitsi_prosody_config_path }}", when: true } | ||||
|   when: matrix_jitsi_enabled|bool and item.when | ||||
|  | ||||
| - name: Ensure jitsi-prosody Docker image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_jitsi_prosody_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_jitsi_prosody_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_prosody_docker_image_force_pull }}" | ||||
|   when: matrix_jitsi_enabled|bool | ||||
|  | ||||
| - name: Ensure jitsi-prosody environment variables file created | ||||
|   template: | ||||
|     src: "{{ role_path }}/templates/prosody/env.j2" | ||||
|     dest: "{{ matrix_jitsi_prosody_base_path }}/env" | ||||
|     mode: 0640 | ||||
|   when: matrix_jitsi_enabled|bool | ||||
|  | ||||
| - name: Ensure matrix-jitsi-prosody.service installed | ||||
|   template: | ||||
|     src: "{{ role_path }}/templates/prosody/matrix-jitsi-prosody.service.j2" | ||||
|     dest: "/etc/systemd/system/matrix-jitsi-prosody.service" | ||||
|     mode: 0644 | ||||
|   register: matrix_jitsi_prosody_systemd_service_result | ||||
|   when: matrix_jitsi_enabled|bool | ||||
|  | ||||
| - name: Ensure systemd reloaded after matrix-jitsi-prosody.service installation | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_jitsi_enabled and matrix_jitsi_prosody_systemd_service_result.changed" | ||||
|  | ||||
| # | ||||
| # Tasks related to getting rid of jitsi-prosody (if it was previously enabled) | ||||
| # | ||||
|  | ||||
| - name: Check existence of matrix-jitsi-prosody service | ||||
|   stat: | ||||
|     path: "/etc/systemd/system/matrix-jitsi-prosody.service" | ||||
|   register: matrix_jitsi_prosody_service_stat | ||||
|   when: "not matrix_jitsi_enabled|bool" | ||||
|  | ||||
| - name: Ensure matrix-jitsi-prosody is stopped | ||||
|   service: | ||||
|     name: matrix-jitsi-prosody | ||||
|     state: stopped | ||||
|     daemon_reload: yes | ||||
|   register: stopping_result | ||||
|   when: "not matrix_jitsi_enabled|bool and matrix_jitsi_prosody_service_stat.stat.exists" | ||||
|  | ||||
| - name: Ensure matrix-jitsi-prosody.service doesn't exist | ||||
|   file: | ||||
|     path: "/etc/systemd/system/matrix-jitsi-prosody.service" | ||||
|     state: absent | ||||
|   when: "not matrix_jitsi_enabled|bool and matrix_jitsi_prosody_service_stat.stat.exists" | ||||
|  | ||||
| - name: Ensure systemd reloaded after matrix-jitsi-prosody.service removal | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "not matrix_jitsi_enabled|bool and matrix_jitsi_prosody_service_stat.stat.exists" | ||||
|  | ||||
| - name: Ensure Matrix jitsi-prosody paths doesn't exist | ||||
|   file: | ||||
|     path: "{{ matrix_jitsi_prosody_base_path }}" | ||||
|     state: absent | ||||
|   when: "not matrix_jitsi_enabled|bool" | ||||
|  | ||||
| - name: Ensure jitsi-prosody Docker image doesn't exist | ||||
|   docker_image: | ||||
|     name: "{{ matrix_jitsi_prosody_docker_image }}" | ||||
|     state: absent | ||||
|   when: "not matrix_jitsi_enabled|bool" | ||||
							
								
								
									
										97
									
								
								roles/matrix-jitsi/tasks/setup_jitsi_web.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										97
									
								
								roles/matrix-jitsi/tasks/setup_jitsi_web.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,97 @@ | ||||
| --- | ||||
|  | ||||
| # | ||||
| # Tasks related to setting up jitsi-web | ||||
| # | ||||
|  | ||||
| - name: Ensure Matrix jitsi-web path exists | ||||
|   file: | ||||
|     path: "{{ item.path }}" | ||||
|     state: directory | ||||
|     mode: 0777 | ||||
|     owner: "{{ matrix_user_username }}" | ||||
|     group: "{{ matrix_user_username }}" | ||||
|   with_items: | ||||
|     - { path: "{{ matrix_jitsi_web_base_path }}", when: true } | ||||
|     - { path: "{{ matrix_jitsi_web_config_path }}", when: true } | ||||
|     - { path: "{{ matrix_jitsi_web_transcripts_path }}", when: true } | ||||
|   when: matrix_jitsi_enabled|bool and item.when | ||||
|  | ||||
| - name: Ensure jitsi-web Docker image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_jitsi_web_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_jitsi_web_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_web_docker_image_force_pull }}" | ||||
|   when: matrix_jitsi_enabled|bool | ||||
|  | ||||
| - name: Ensure jitsi-web environment variables file created | ||||
|   template: | ||||
|     src: "{{ role_path }}/templates/web/env.j2" | ||||
|     dest: "{{ matrix_jitsi_web_base_path }}/env" | ||||
|     mode: 0640 | ||||
|   when: matrix_jitsi_enabled|bool | ||||
|  | ||||
| - name: Ensure jitsi-web configuration files created | ||||
|   template: | ||||
|     src: "{{ role_path }}/templates/web/{{ item }}.j2" | ||||
|     dest: "{{ matrix_jitsi_web_config_path }}/{{ item }}" | ||||
|     mode: 0644 | ||||
|   with_items: | ||||
|     - config.js | ||||
|     - interface_config.js | ||||
|   when: matrix_jitsi_enabled|bool | ||||
|  | ||||
| - name: Ensure matrix-jitsi-web.service installed | ||||
|   template: | ||||
|     src: "{{ role_path }}/templates/web/matrix-jitsi-web.service.j2" | ||||
|     dest: "/etc/systemd/system/matrix-jitsi-web.service" | ||||
|     mode: 0644 | ||||
|   register: matrix_jitsi_web_systemd_service_result | ||||
|   when: matrix_jitsi_enabled|bool | ||||
|  | ||||
| - name: Ensure systemd reloaded after matrix-jitsi-web.service installation | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_jitsi_enabled and matrix_jitsi_web_systemd_service_result.changed" | ||||
|  | ||||
| # | ||||
| # Tasks related to getting rid of jitsi-web (if it was previously enabled) | ||||
| # | ||||
|  | ||||
| - name: Check existence of matrix-jitsi-web service | ||||
|   stat: | ||||
|     path: "/etc/systemd/system/matrix-jitsi-web.service" | ||||
|   register: matrix_jitsi_web_service_stat | ||||
|   when: "not matrix_jitsi_enabled|bool" | ||||
|  | ||||
| - name: Ensure matrix-jitsi-web is stopped | ||||
|   service: | ||||
|     name: matrix-jitsi-web | ||||
|     state: stopped | ||||
|     daemon_reload: yes | ||||
|   register: stopping_result | ||||
|   when: "not matrix_jitsi_enabled|bool and matrix_jitsi_web_service_stat.stat.exists" | ||||
|  | ||||
| - name: Ensure matrix-jitsi-web.service doesn't exist | ||||
|   file: | ||||
|     path: "/etc/systemd/system/matrix-jitsi-web.service" | ||||
|     state: absent | ||||
|   when: "not matrix_jitsi_enabled|bool and matrix_jitsi_web_service_stat.stat.exists" | ||||
|  | ||||
| - name: Ensure systemd reloaded after matrix-jitsi-web.service removal | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "not matrix_jitsi_enabled|bool and matrix_jitsi_web_service_stat.stat.exists" | ||||
|  | ||||
| - name: Ensure Matrix jitsi-web paths doesn't exist | ||||
|   file: | ||||
|     path: "{{ matrix_jitsi_web_base_path }}" | ||||
|     state: absent | ||||
|   when: "not matrix_jitsi_enabled|bool" | ||||
|  | ||||
| - name: Ensure jitsi-web Docker image doesn't exist | ||||
|   docker_image: | ||||
|     name: "{{ matrix_jitsi_web_docker_image }}" | ||||
|     state: absent | ||||
|   when: "not matrix_jitsi_enabled|bool" | ||||
							
								
								
									
										17
									
								
								roles/matrix-jitsi/templates/jicofo/env.j2
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										17
									
								
								roles/matrix-jitsi/templates/jicofo/env.j2
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,17 @@ | ||||
| ENABLE_AUTH={{ 1 if matrix_jitsi_enable_auth else 0 }} | ||||
|  | ||||
| XMPP_DOMAIN={{ matrix_jitsi_xmpp_domain }} | ||||
| XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }} | ||||
| XMPP_INTERNAL_MUC_DOMAIN={{ matrix_jitsi_xmpp_internal_muc_domain }} | ||||
| XMPP_SERVER={{ matrix_jitsi_xmpp_server }} | ||||
|  | ||||
| JICOFO_COMPONENT_SECRET={{ matrix_jitsi_jicofo_component_secret }} | ||||
| JICOFO_AUTH_USER={{ matrix_jitsi_jicofo_auth_user }} | ||||
| JICOFO_AUTH_PASSWORD={{ matrix_jitsi_jicofo_auth_password }} | ||||
|  | ||||
| JVB_BREWERY_MUC={{ matrix_jitsi_jvb_brewery_muc }} | ||||
|  | ||||
| JIBRI_BREWERY_MUC={{ matrix_jitsi_jibri_brewery_muc }} | ||||
| JIBRI_PENDING_TIMEOUT={{ matrix_jitsi_jibri_pending_timeout }} | ||||
|  | ||||
| TZ={{ matrix_jitsi_timezone }} | ||||
							
								
								
									
										20
									
								
								roles/matrix-jitsi/templates/jicofo/logging.properties.j2
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										20
									
								
								roles/matrix-jitsi/templates/jicofo/logging.properties.j2
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,20 @@ | ||||
| handlers= java.util.logging.ConsoleHandler | ||||
|  | ||||
| java.util.logging.ConsoleHandler.level = ALL | ||||
| java.util.logging.ConsoleHandler.formatter = net.java.sip.communicator.util.ScLogFormatter | ||||
|  | ||||
| net.java.sip.communicator.util.ScLogFormatter.programname=Jicofo | ||||
|  | ||||
| .level=INFO | ||||
| net.sf.level=SEVERE | ||||
| net.java.sip.communicator.plugin.reconnectplugin.level=FINE | ||||
| org.ice4j.level=SEVERE | ||||
| org.jitsi.impl.neomedia.level=SEVERE | ||||
|  | ||||
| # Do not worry about missing strings | ||||
| net.java.sip.communicator.service.resources.AbstractResourcesService.level=SEVERE | ||||
|  | ||||
| #net.java.sip.communicator.service.protocol.level=ALL | ||||
|  | ||||
| # Enable debug packets logging | ||||
| #org.jitsi.impl.protocol.xmpp.level=FINE | ||||
| @@ -0,0 +1,31 @@ | ||||
| #jinja2: lstrip_blocks: "True" | ||||
| [Unit] | ||||
| Description=Matrix jitsi-jicofo server | ||||
| {% for service in matrix_jitsi_jicofo_systemd_required_services_list %} | ||||
| Requires={{ service }} | ||||
| After={{ service }} | ||||
| {% endfor %} | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
| ExecStartPre=-/usr/bin/docker kill matrix-jitsi-jicofo | ||||
| ExecStartPre=-/usr/bin/docker rm matrix-jitsi-jicofo | ||||
|  | ||||
| ExecStart=/usr/bin/docker run --rm --name matrix-jitsi-jicofo \ | ||||
| 			--log-driver=none \ | ||||
| 			--network={{ matrix_docker_network }} \ | ||||
| 			--env-file={{ matrix_jitsi_jicofo_base_path }}/env \ | ||||
| 			-v {{ matrix_jitsi_jicofo_config_path }}:/config \ | ||||
| 			{% for arg in matrix_jitsi_jicofo_container_extra_arguments %} | ||||
| 			{{ arg }} \ | ||||
| 			{% endfor %} | ||||
| 			{{ matrix_jitsi_jicofo_docker_image }} | ||||
|  | ||||
| ExecStop=-/usr/bin/docker kill matrix-jitsi-jicofo | ||||
| ExecStop=-/usr/bin/docker rm matrix-jitsi-jicofo | ||||
| Restart=always | ||||
| RestartSec=30 | ||||
| SyslogIdentifier=matrix-jitsi-jicofo | ||||
|  | ||||
| [Install] | ||||
| WantedBy=multi-user.target | ||||
| @@ -0,0 +1,5 @@ | ||||
| org.jitsi.jicofo.ALWAYS_TRUST_MODE_ENABLED=true | ||||
| org.jitsi.jicofo.BRIDGE_MUC={{ matrix_jitsi_jvb_brewery_muc }}@{{ matrix_jitsi_xmpp_internal_muc_domain }} | ||||
|  | ||||
| org.jitsi.jicofo.jibri.BREWERY={{ matrix_jitsi_jibri_brewery_muc }}@{{ matrix_jitsi_xmpp_internal_muc_domain }} | ||||
| org.jitsi.jicofo.jibri.PENDING_TIMEOUT=90 | ||||
							
								
								
									
										13
									
								
								roles/matrix-jitsi/templates/jvb/logging.properties.j2
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										13
									
								
								roles/matrix-jitsi/templates/jvb/logging.properties.j2
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,13 @@ | ||||
| handlers= java.util.logging.ConsoleHandler | ||||
|  | ||||
| java.util.logging.ConsoleHandler.level = ALL | ||||
| java.util.logging.ConsoleHandler.formatter = net.java.sip.communicator.util.ScLogFormatter | ||||
|  | ||||
| net.java.sip.communicator.util.ScLogFormatter.programname=JVB | ||||
|  | ||||
| .level=INFO | ||||
|  | ||||
| org.jitsi.videobridge.xmpp.ComponentImpl.level=FINE | ||||
|  | ||||
| # All of the INFO level logs from MediaStreamImpl are unnecessary in the context of jitsi-videobridge. | ||||
| org.jitsi.impl.neomedia.MediaStreamImpl.level=WARNING | ||||
							
								
								
									
										36
									
								
								roles/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										36
									
								
								roles/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,36 @@ | ||||
| #jinja2: lstrip_blocks: "True" | ||||
| [Unit] | ||||
| Description=Matrix jitsi-jvb server | ||||
| {% for service in matrix_jitsi_jvb_systemd_required_services_list %} | ||||
| Requires={{ service }} | ||||
| After={{ service }} | ||||
| {% endfor %} | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
| ExecStartPre=-/usr/bin/docker kill matrix-jitsi-jvb | ||||
| ExecStartPre=-/usr/bin/docker rm matrix-jitsi-jvb | ||||
|  | ||||
| ExecStart=/usr/bin/docker run --rm --name matrix-jitsi-jvb \ | ||||
| 			--log-driver=none \ | ||||
| 			--network={{ matrix_docker_network }} \ | ||||
| 			{% if matrix_jitsi_jvb_container_rtp_udp_host_bind_port %} | ||||
| 			-p {{ matrix_jitsi_jvb_container_rtp_udp_host_bind_port }}:{{ matrix_jitsi_jvb_rtp_udp_port }}/udp \ | ||||
| 			{% endif %} | ||||
| 			{% if matrix_jitsi_jvb_container_rtp_tcp_host_bind_port %} | ||||
| 			-p {{ matrix_jitsi_jvb_container_rtp_tcp_host_bind_port }}:{{ matrix_jitsi_jvb_rtp_tcp_port }} \ | ||||
| 			{% endif %} | ||||
| 			-v {{ matrix_jitsi_jvb_config_path }}:/config \ | ||||
| 			{% for arg in matrix_jitsi_jvb_container_extra_arguments %} | ||||
| 			{{ arg }} \ | ||||
| 			{% endfor %} | ||||
| 			{{ matrix_jitsi_jvb_docker_image }} | ||||
|  | ||||
| ExecStop=-/usr/bin/docker kill matrix-jitsi-jvb | ||||
| ExecStop=-/usr/bin/docker rm matrix-jitsi-jvb | ||||
| Restart=always | ||||
| RestartSec=30 | ||||
| SyslogIdentifier=matrix-jitsi-jvb | ||||
|  | ||||
| [Install] | ||||
| WantedBy=multi-user.target | ||||
| @@ -0,0 +1,19 @@ | ||||
| org.jitsi.videobridge.SINGLE_PORT_HARVESTER_PORT={{ matrix_jitsi_jvb_rtp_udp_port }} | ||||
| org.jitsi.videobridge.DISABLE_TCP_HARVESTER=false | ||||
| org.jitsi.videobridge.TCP_HARVESTER_PORT={{ matrix_jitsi_jvb_rtp_tcp_port }} | ||||
|  | ||||
| {% if matrix_jitsi_jvb_stun_servers|length > 0 %} | ||||
| org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES={{ matrix_jitsi_jvb_stun_servers|join(',') }} | ||||
| {% endif %} | ||||
|  | ||||
| org.jitsi.videobridge.xmpp.user.shard.HOSTNAME={{ matrix_jitsi_xmpp_server }} | ||||
| org.jitsi.videobridge.xmpp.user.shard.DOMAIN={{ matrix_jitsi_xmpp_auth_domain }} | ||||
| org.jitsi.videobridge.xmpp.user.shard.USERNAME={{ matrix_jitsi_jvb_auth_user }} | ||||
| org.jitsi.videobridge.xmpp.user.shard.PASSWORD={{ matrix_jitsi_jvb_auth_password }} | ||||
| org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS={{ matrix_jitsi_jvb_brewery_muc }}@{{ matrix_jitsi_xmpp_internal_muc_domain }} | ||||
| org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME=matrix-jitsi-jvb | ||||
| org.jitsi.videobridge.xmpp.user.shard.DISABLE_CERTIFICATE_VERIFICATION=true | ||||
|  | ||||
| org.jitsi.videobridge.ENABLE_STATISTICS=true | ||||
| org.jitsi.videobridge.STATISTICS_TRANSPORT=muc | ||||
| org.jitsi.videobridge.STATISTICS_INTERVAL=5000 | ||||
							
								
								
									
										31
									
								
								roles/matrix-jitsi/templates/prosody/env.j2
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										31
									
								
								roles/matrix-jitsi/templates/prosody/env.j2
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,31 @@ | ||||
| AUTH_TYPE=internal | ||||
|  | ||||
| ENABLE_AUTH={{ 1 if matrix_jitsi_enable_auth else 0 }} | ||||
| ENABLE_GUESTS={{ 1 if matrix_jitsi_enable_guests else 0 }} | ||||
|  | ||||
| XMPP_DOMAIN={{ matrix_jitsi_xmpp_domain }} | ||||
| XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }} | ||||
| XMPP_GUEST_DOMAIN={{ matrix_jitsi_xmpp_guest_domain }} | ||||
| XMPP_MUC_DOMAIN={{ matrix_jitsi_xmpp_muc_domain }} | ||||
| XMPP_INTERNAL_MUC_DOMAIN={{ matrix_jitsi_xmpp_internal_muc_domain }} | ||||
|  | ||||
| XMPP_MODULES= | ||||
| XMPP_MUC_MODULES= | ||||
| XMPP_INTERNAL_MUC_MODULES= | ||||
|  | ||||
| XMPP_RECORDER_DOMAIN={{ matrix_jitsi_recorder_domain }} | ||||
|  | ||||
| JICOFO_COMPONENT_SECRET={{ matrix_jitsi_jicofo_component_secret }} | ||||
| JICOFO_AUTH_USER={{ matrix_jitsi_jicofo_auth_user }} | ||||
| JICOFO_AUTH_PASSWORD={{ matrix_jitsi_jicofo_auth_password }} | ||||
|  | ||||
| JVB_AUTH_USER={{ matrix_jitsi_jvb_auth_user }} | ||||
| JVB_AUTH_PASSWORD={{ matrix_jitsi_jvb_auth_password }} | ||||
|  | ||||
| JIBRI_XMPP_USER={{ matrix_jitsi_jibri_xmpp_user }} | ||||
| JIBRI_XMPP_PASSWORD={{ matrix_jitsi_jibri_xmpp_password }} | ||||
|  | ||||
| JIBRI_RECORDER_USER={{ matrix_jitsi_jibri_recorder_user }} | ||||
| JIBRI_RECORDER_PASSWORD={{ matrix_jitsi_jibri_recorder_password }} | ||||
|  | ||||
| TZ={{ matrix_jitsi_timezone }} | ||||
| @@ -0,0 +1,31 @@ | ||||
| #jinja2: lstrip_blocks: "True" | ||||
| [Unit] | ||||
| Description=Matrix jitsi-prosody server | ||||
| {% for service in matrix_jitsi_prosody_systemd_required_services_list %} | ||||
| Requires={{ service }} | ||||
| After={{ service }} | ||||
| {% endfor %} | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
| ExecStartPre=-/usr/bin/docker kill matrix-jitsi-prosody | ||||
| ExecStartPre=-/usr/bin/docker rm matrix-jitsi-prosody | ||||
|  | ||||
| ExecStart=/usr/bin/docker run --rm --name matrix-jitsi-prosody \ | ||||
| 			--log-driver=none \ | ||||
| 			--network={{ matrix_docker_network }} \ | ||||
| 			--env-file={{ matrix_jitsi_prosody_base_path }}/env \ | ||||
| 			-v {{ matrix_jitsi_prosody_config_path }}:/config \ | ||||
| 			{% for arg in matrix_jitsi_prosody_container_extra_arguments %} | ||||
| 			{{ arg }} \ | ||||
| 			{% endfor %} | ||||
| 			{{ matrix_jitsi_prosody_docker_image }} | ||||
|  | ||||
| ExecStop=-/usr/bin/docker kill matrix-jitsi-prosody | ||||
| ExecStop=-/usr/bin/docker rm matrix-jitsi-prosody | ||||
| Restart=always | ||||
| RestartSec=30 | ||||
| SyslogIdentifier=matrix-jitsi-prosody | ||||
|  | ||||
| [Install] | ||||
| WantedBy=multi-user.target | ||||
							
								
								
									
										486
									
								
								roles/matrix-jitsi/templates/web/config.js.j2
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										486
									
								
								roles/matrix-jitsi/templates/web/config.js.j2
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,486 @@ | ||||
| /* eslint-disable no-unused-vars, no-var */ | ||||
|  | ||||
| var config = { | ||||
|     // Configuration | ||||
|     // | ||||
|  | ||||
|     // Alternative location for the configuration. | ||||
|     // configLocation: './config.json', | ||||
|  | ||||
|     // Custom function which given the URL path should return a room name. | ||||
|     // getroomnode: function (path) { return 'someprefixpossiblybasedonpath'; }, | ||||
|  | ||||
|  | ||||
|     // Connection | ||||
|     // | ||||
|  | ||||
|     hosts: { | ||||
|         // XMPP domain. | ||||
|         domain: '{{ matrix_jitsi_xmpp_domain }}', | ||||
|  | ||||
|         {% if matrix_jitsi_enable_guests %} | ||||
|         // When using authentication, domain for guest users. | ||||
| 		anonymousdomain: 'guest.example.com', | ||||
|  | ||||
|         // Domain for authenticated users. Defaults to <domain>. | ||||
|         authdomain: '{{ matrix_jitsi_xmpp_domain }}', | ||||
|         {% endif %} | ||||
|  | ||||
|         // Jirecon recording component domain. | ||||
|         // jirecon: 'jirecon.{{ matrix_jitsi_xmpp_domain }}', | ||||
|  | ||||
|         // Call control component (Jigasi). | ||||
|         // call_control: 'callcontrol.{{ matrix_jitsi_xmpp_domain }}', | ||||
|  | ||||
|         // Focus component domain. Defaults to focus.<domain>. | ||||
|         // focus: 'focus.{{ matrix_jitsi_xmpp_domain }}', | ||||
|  | ||||
|         // XMPP MUC domain. FIXME: use XEP-0030 to discover it. | ||||
|         muc: {{ matrix_jitsi_xmpp_muc_domain|to_json }}, | ||||
|     }, | ||||
|  | ||||
|     // BOSH URL. FIXME: use XEP-0156 to discover it. | ||||
|     bosh: '/http-bind', | ||||
|  | ||||
|     // The name of client node advertised in XEP-0115 'c' stanza | ||||
|     clientNode: 'http://jitsi.org/jitsimeet', | ||||
|  | ||||
|     // The real JID of focus participant - can be overridden here | ||||
|     focusUserJid: {{ matrix_jitsi_jicofo_auth_user|to_json }} + '@' + {{ matrix_jitsi_xmpp_auth_domain|to_json }}, | ||||
|  | ||||
|  | ||||
|     // Testing / experimental features. | ||||
|     // | ||||
|  | ||||
|     testing: { | ||||
|         // Enables experimental simulcast support on Firefox. | ||||
|         enableFirefoxSimulcast: false, | ||||
|  | ||||
|         // P2P test mode disables automatic switching to P2P when there are 2 | ||||
|         // participants in the conference. | ||||
|         p2pTestMode: false | ||||
|  | ||||
|         // Enables the test specific features consumed by jitsi-meet-torture | ||||
|         // testMode: false | ||||
|     }, | ||||
|  | ||||
|     // Disables ICE/UDP by filtering out local and remote UDP candidates in | ||||
|     // signalling. | ||||
|     // webrtcIceUdpDisable: false, | ||||
|  | ||||
|     // Disables ICE/TCP by filtering out local and remote TCP candidates in | ||||
|     // signalling. | ||||
|     // webrtcIceTcpDisable: false, | ||||
|  | ||||
|  | ||||
|     // Media | ||||
|     // | ||||
|  | ||||
|     // Audio | ||||
|  | ||||
|     // Disable measuring of audio levels. | ||||
|     // disableAudioLevels: false, | ||||
|  | ||||
|     // Start the conference in audio only mode (no video is being received nor | ||||
|     // sent). | ||||
|     // startAudioOnly: false, | ||||
|  | ||||
|     // Every participant after the Nth will start audio muted. | ||||
|     // startAudioMuted: 10, | ||||
|  | ||||
|     // Start calls with audio muted. Unlike the option above, this one is only | ||||
|     // applied locally. FIXME: having these 2 options is confusing. | ||||
|     // startWithAudioMuted: false, | ||||
|  | ||||
|     // Enabling it (with #params) will disable local audio output of remote | ||||
|     // participants and to enable it back a reload is needed. | ||||
|     // startSilent: false | ||||
|  | ||||
|     // Video | ||||
|  | ||||
|     // Sets the preferred resolution (height) for local video. Defaults to 720. | ||||
|     // resolution: 720, | ||||
|  | ||||
|     // w3c spec-compliant video constraints to use for video capture. Currently | ||||
|     // used by browsers that return true from lib-jitsi-meet's | ||||
|     // util#browser#usesNewGumFlow. The constraints are independency from | ||||
|     // this config's resolution value. Defaults to requesting an ideal aspect | ||||
|     // ratio of 16:9 with an ideal resolution of 720. | ||||
|     // constraints: { | ||||
|     //     video: { | ||||
|     //         aspectRatio: 16 / 9, | ||||
|     //         height: { | ||||
|     //             ideal: 720, | ||||
|     //             max: 720, | ||||
|     //             min: 240 | ||||
|     //         } | ||||
|     //     } | ||||
|     // }, | ||||
|  | ||||
|     // Enable / disable simulcast support. | ||||
|     // disableSimulcast: false, | ||||
|  | ||||
|     // Enable / disable layer suspension.  If enabled, endpoints whose HD | ||||
|     // layers are not in use will be suspended (no longer sent) until they | ||||
|     // are requested again. | ||||
|     // enableLayerSuspension: false, | ||||
|  | ||||
|     // Suspend sending video if bandwidth estimation is too low. This may cause | ||||
|     // problems with audio playback. Disabled until these are fixed. | ||||
|     disableSuspendVideo: true, | ||||
|  | ||||
|     // Every participant after the Nth will start video muted. | ||||
|     // startVideoMuted: 10, | ||||
|  | ||||
|     // Start calls with video muted. Unlike the option above, this one is only | ||||
|     // applied locally. FIXME: having these 2 options is confusing. | ||||
|     // startWithVideoMuted: false, | ||||
|  | ||||
|     // If set to true, prefer to use the H.264 video codec (if supported). | ||||
|     // Note that it's not recommended to do this because simulcast is not | ||||
|     // supported when  using H.264. For 1-to-1 calls this setting is enabled by | ||||
|     // default and can be toggled in the p2p section. | ||||
|     // preferH264: true, | ||||
|  | ||||
|     // If set to true, disable H.264 video codec by stripping it out of the | ||||
|     // SDP. | ||||
|     // disableH264: false, | ||||
|  | ||||
|     // Desktop sharing | ||||
|  | ||||
|     // The ID of the jidesha extension for Chrome. | ||||
|     desktopSharingChromeExtId: null, | ||||
|  | ||||
|     // Whether desktop sharing should be disabled on Chrome. | ||||
|     // desktopSharingChromeDisabled: false, | ||||
|  | ||||
|     // The media sources to use when using screen sharing with the Chrome | ||||
|     // extension. | ||||
|     desktopSharingChromeSources: [ 'screen', 'window', 'tab' ], | ||||
|  | ||||
|     // Required version of Chrome extension | ||||
|     desktopSharingChromeMinExtVersion: '0.1', | ||||
|  | ||||
|     // Whether desktop sharing should be disabled on Firefox. | ||||
|     // desktopSharingFirefoxDisabled: false, | ||||
|  | ||||
|     // Optional desktop sharing frame rate options. Default value: min:5, max:5. | ||||
|     // desktopSharingFrameRate: { | ||||
|     //     min: 5, | ||||
|     //     max: 5 | ||||
|     // }, | ||||
|  | ||||
|     // Try to start calls with screen-sharing instead of camera video. | ||||
|     // startScreenSharing: false, | ||||
|  | ||||
|     // Recording | ||||
| hiddenDomain: {{ matrix_jitsi_recorder_domain|to_json }}, | ||||
|  | ||||
|     // Whether to enable file recording or not. | ||||
|     fileRecordingsEnabled: {{ matrix_jitsi_enable_recording|to_json }}, | ||||
|     // Enable the dropbox integration. | ||||
|     // dropbox: { | ||||
|     //     appKey: '<APP_KEY>' // Specify your app key here. | ||||
|     //     // A URL to redirect the user to, after authenticating | ||||
|     //     // by default uses: | ||||
|     //     // 'https://{{ matrix_jitsi_xmpp_domain }}/static/oauth.html' | ||||
|     //     redirectURI: | ||||
|     //          'https://{{ matrix_jitsi_xmpp_domain }}/subfolder/static/oauth.html' | ||||
|     // }, | ||||
|     // When integrations like dropbox are enabled only that will be shown, | ||||
|     // by enabling fileRecordingsServiceEnabled, we show both the integrations | ||||
|     // and the generic recording service (its configuration and storage type | ||||
|     // depends on jibri configuration) | ||||
|     // fileRecordingsServiceEnabled: false, | ||||
|     // Whether to show the possibility to share file recording with other people | ||||
|     // (e.g. meeting participants), based on the actual implementation | ||||
|     // on the backend. | ||||
|     // fileRecordingsServiceSharingEnabled: false, | ||||
|  | ||||
|     // Whether to enable live streaming or not. | ||||
|     liveStreamingEnabled: {{ matrix_jitsi_enable_recording|to_json }}, | ||||
|  | ||||
|     // Transcription (in interface_config, | ||||
|     // subtitles and buttons can be configured) | ||||
|     transcribingEnabled: {{ matrix_jitsi_enable_transcriptions|to_json }}, | ||||
|  | ||||
|     // Misc | ||||
|  | ||||
|     // Default value for the channel "last N" attribute. -1 for unlimited. | ||||
|     channelLastN: -1, | ||||
|  | ||||
|     // Disables or enables RTX (RFC 4588) (defaults to false). | ||||
|     // disableRtx: false, | ||||
|  | ||||
|     // Disables or enables TCC (the default is in Jicofo and set to true) | ||||
|     // (draft-holmer-rmcat-transport-wide-cc-extensions-01). This setting | ||||
|     // affects congestion control, it practically enables send-side bandwidth | ||||
|     // estimations. | ||||
|     // enableTcc: true, | ||||
|  | ||||
|     // Disables or enables REMB (the default is in Jicofo and set to false) | ||||
|     // (draft-alvestrand-rmcat-remb-03). This setting affects congestion | ||||
|     // control, it practically enables recv-side bandwidth estimations. When | ||||
|     // both TCC and REMB are enabled, TCC takes precedence. When both are | ||||
|     // disabled, then bandwidth estimations are disabled. | ||||
|     // enableRemb: false, | ||||
|  | ||||
|     // Defines the minimum number of participants to start a call (the default | ||||
|     // is set in Jicofo and set to 2). | ||||
|     // minParticipants: 2, | ||||
|  | ||||
|     // Use XEP-0215 to fetch STUN and TURN servers. | ||||
|     // useStunTurn: true, | ||||
|  | ||||
|     // Enable IPv6 support. | ||||
|     // useIPv6: true, | ||||
|  | ||||
|     // Enables / disables a data communication channel with the Videobridge. | ||||
|     // Values can be 'datachannel', 'websocket', true (treat it as | ||||
|     // 'datachannel'), undefined (treat it as 'datachannel') and false (don't | ||||
|     // open any channel). | ||||
|     // openBridgeChannel: true, | ||||
|  | ||||
|  | ||||
|     // UI | ||||
|     // | ||||
|  | ||||
|     // Use display name as XMPP nickname. | ||||
|     // useNicks: false, | ||||
|  | ||||
|     // Require users to always specify a display name. | ||||
|     // requireDisplayName: true, | ||||
|  | ||||
|     // Whether to use a welcome page or not. In case it's false a random room | ||||
|     // will be joined when no room is specified. | ||||
|     enableWelcomePage: true, | ||||
|  | ||||
|     // Enabling the close page will ignore the welcome page redirection when | ||||
|     // a call is hangup. | ||||
|     // enableClosePage: false, | ||||
|  | ||||
|     // Disable hiding of remote thumbnails when in a 1-on-1 conference call. | ||||
|     // disable1On1Mode: false, | ||||
|  | ||||
|     // Default language for the user interface. | ||||
|     // defaultLanguage: 'en', | ||||
|  | ||||
|     // If true all users without a token will be considered guests and all users | ||||
|     // with token will be considered non-guests. Only guests will be allowed to | ||||
|     // edit their profile. | ||||
|     enableUserRolesBasedOnToken: false, | ||||
|  | ||||
|     // Whether or not some features are checked based on token. | ||||
|     // enableFeaturesBasedOnToken: false, | ||||
|  | ||||
|     // Enable lock room for all moderators, even when userRolesBasedOnToken is enabled and participants are guests. | ||||
|     // lockRoomGuestEnabled: false, | ||||
|  | ||||
|     // When enabled the password used for locking a room is restricted to up to the number of digits specified | ||||
|     // roomPasswordNumberOfDigits: 10, | ||||
|     // default: roomPasswordNumberOfDigits: false, | ||||
|  | ||||
|     // Message to show the users. Example: 'The service will be down for | ||||
|     // maintenance at 01:00 AM GMT, | ||||
|     // noticeMessage: '', | ||||
|  | ||||
|     // Enables calendar integration, depends on googleApiApplicationClientID | ||||
|     // and microsoftApiApplicationClientID | ||||
|     // enableCalendarIntegration: false, | ||||
|  | ||||
|     // Stats | ||||
|     // | ||||
|  | ||||
|     // Whether to enable stats collection or not in the TraceablePeerConnection. | ||||
|     // This can be useful for debugging purposes (post-processing/analysis of | ||||
|     // the webrtc stats) as it is done in the jitsi-meet-torture bandwidth | ||||
|     // estimation tests. | ||||
|     // gatherStats: false, | ||||
|  | ||||
|     // To enable sending statistics to callstats.io you must provide the | ||||
|     // Application ID and Secret. | ||||
|     // callStatsID: '', | ||||
|     // callStatsSecret: '', | ||||
|  | ||||
|     // enables callstatsUsername to be reported as statsId and used | ||||
|     // by callstats as repoted remote id | ||||
|     // enableStatsID: false | ||||
|  | ||||
|     // enables sending participants display name to callstats | ||||
|     // enableDisplayNameInStats: false | ||||
|  | ||||
|  | ||||
|     // Privacy | ||||
|     // | ||||
|  | ||||
|     // If third party requests are disabled, no other server will be contacted. | ||||
|     // This means avatars will be locally generated and callstats integration | ||||
|     // will not function. | ||||
|     // disableThirdPartyRequests: false, | ||||
|  | ||||
|  | ||||
|     // Peer-To-Peer mode: used (if enabled) when there are just 2 participants. | ||||
|     // | ||||
|  | ||||
|     p2p: { | ||||
|         // Enables peer to peer mode. When enabled the system will try to | ||||
|         // establish a direct connection when there are exactly 2 participants | ||||
|         // in the room. If that succeeds the conference will stop sending data | ||||
|         // through the JVB and use the peer to peer connection instead. When a | ||||
|         // 3rd participant joins the conference will be moved back to the JVB | ||||
|         // connection. | ||||
|         enabled: true, | ||||
|  | ||||
|         // Use XEP-0215 to fetch STUN and TURN servers. | ||||
|         // useStunTurn: true, | ||||
|  | ||||
|         // The STUN servers that will be used in the peer to peer connections | ||||
|         {% if matrix_jitsi_web_stun_servers|length > 0 %} | ||||
|         stunServers: [ | ||||
|             {% for url in matrix_jitsi_web_stun_servers %} | ||||
|                 { urls: {{ url|to_json }} }{% if not loop.last %},{% endif %} | ||||
|             {% endfor %} | ||||
|         ], | ||||
|         {% endif %} | ||||
|  | ||||
|         // Sets the ICE transport policy for the p2p connection. At the time | ||||
|         // of this writing the list of possible values are 'all' and 'relay', | ||||
|         // but that is subject to change in the future. The enum is defined in | ||||
|         // the WebRTC standard: | ||||
|         // https://www.w3.org/TR/webrtc/#rtcicetransportpolicy-enum. | ||||
|         // If not set, the effective value is 'all'. | ||||
|         // iceTransportPolicy: 'all', | ||||
|  | ||||
|         // If set to true, it will prefer to use H.264 for P2P calls (if H.264 | ||||
|         // is supported). | ||||
|         preferH264: true | ||||
|  | ||||
|         // If set to true, disable H.264 video codec by stripping it out of the | ||||
|         // SDP. | ||||
|         // disableH264: false, | ||||
|  | ||||
|         // How long we're going to wait, before going back to P2P after the 3rd | ||||
|         // participant has left the conference (to filter out page reload). | ||||
|         // backToP2PDelay: 5 | ||||
|     }, | ||||
|  | ||||
|     analytics: { | ||||
|         // The Google Analytics Tracking ID: | ||||
|         // googleAnalyticsTrackingId: 'your-tracking-id-UA-123456-1' | ||||
|  | ||||
|         // The Amplitude APP Key: | ||||
|         // amplitudeAPPKey: '<APP_KEY>' | ||||
|  | ||||
|         // Array of script URLs to load as lib-jitsi-meet "analytics handlers". | ||||
|         // scriptURLs: [ | ||||
|         //      "libs/analytics-ga.min.js", // google-analytics | ||||
|         //      "https://example.com/my-custom-analytics.js" | ||||
|         // ], | ||||
|     }, | ||||
|  | ||||
|     // Information about the jitsi-meet instance we are connecting to, including | ||||
|     // the user region as seen by the server. | ||||
|     deploymentInfo: { | ||||
|         // shard: "shard1", | ||||
|         // region: "europe", | ||||
|         // userRegion: "asia" | ||||
|     } | ||||
|  | ||||
|     // Local Recording | ||||
|     // | ||||
|  | ||||
|     // localRecording: { | ||||
|     // Enables local recording. | ||||
|     // Additionally, 'localrecording' (all lowercase) needs to be added to | ||||
|     // TOOLBAR_BUTTONS in interface_config.js for the Local Recording | ||||
|     // button to show up on the toolbar. | ||||
|     // | ||||
|     //     enabled: true, | ||||
|     // | ||||
|  | ||||
|     // The recording format, can be one of 'ogg', 'flac' or 'wav'. | ||||
|     //     format: 'flac' | ||||
|     // | ||||
|  | ||||
|     // } | ||||
|  | ||||
|     // Options related to end-to-end (participant to participant) ping. | ||||
|     // e2eping: { | ||||
|     //   // The interval in milliseconds at which pings will be sent. | ||||
|     //   // Defaults to 10000, set to <= 0 to disable. | ||||
|     //   pingInterval: 10000, | ||||
|     // | ||||
|     //   // The interval in milliseconds at which analytics events | ||||
|     //   // with the measured RTT will be sent. Defaults to 60000, set | ||||
|     //   // to <= 0 to disable. | ||||
|     //   analyticsInterval: 60000, | ||||
|     //   } | ||||
|  | ||||
|     // If set, will attempt to use the provided video input device label when | ||||
|     // triggering a screenshare, instead of proceeding through the normal flow | ||||
|     // for obtaining a desktop stream. | ||||
|     // NOTE: This option is experimental and is currently intended for internal | ||||
|     // use only. | ||||
|     // _desktopSharingSourceDevice: 'sample-id-or-label' | ||||
|  | ||||
|     // If true, any checks to handoff to another application will be prevented | ||||
|     // and instead the app will continue to display in the current browser. | ||||
|     // disableDeepLinking: false | ||||
|  | ||||
|     // A property to disable the right click context menu for localVideo | ||||
|     // the menu has option to flip the locally seen video for local presentations | ||||
|     // disableLocalVideoFlip: false | ||||
|  | ||||
|     // List of undocumented settings used in jitsi-meet | ||||
|     /** | ||||
|      _immediateReloadThreshold | ||||
|      autoRecord | ||||
|      autoRecordToken | ||||
|      debug | ||||
|      debugAudioLevels | ||||
|      deploymentInfo | ||||
|      dialInConfCodeUrl | ||||
|      dialInNumbersUrl | ||||
|      dialOutAuthUrl | ||||
|      dialOutCodesUrl | ||||
|      disableRemoteControl | ||||
|      displayJids | ||||
|      etherpad_base | ||||
|      externalConnectUrl | ||||
|      firefox_fake_device | ||||
|      googleApiApplicationClientID | ||||
|      iAmRecorder | ||||
|      iAmSipGateway | ||||
|      microsoftApiApplicationClientID | ||||
|      peopleSearchQueryTypes | ||||
|      peopleSearchUrl | ||||
|      requireDisplayName | ||||
|      tokenAuthUrl | ||||
|      */ | ||||
|  | ||||
|     // List of undocumented settings used in lib-jitsi-meet | ||||
|     /** | ||||
|      _peerConnStatusOutOfLastNTimeout | ||||
|      _peerConnStatusRtcMuteTimeout | ||||
|      abTesting | ||||
|      avgRtpStatsN | ||||
|      callStatsConfIDNamespace | ||||
|      callStatsCustomScriptUrl | ||||
|      desktopSharingSources | ||||
|      disableAEC | ||||
|      disableAGC | ||||
|      disableAP | ||||
|      disableHPF | ||||
|      disableNS | ||||
|      enableLipSync | ||||
|      enableTalkWhileMuted | ||||
|      forceJVB121Ratio | ||||
|      hiddenDomain | ||||
|      ignoreStartMuted | ||||
|      nick | ||||
|      startBitrate | ||||
|      */ | ||||
|  | ||||
| }; | ||||
|  | ||||
| /* eslint-enable no-unused-vars, no-var */ | ||||
							
								
								
									
										28
									
								
								roles/matrix-jitsi/templates/web/env.j2
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										28
									
								
								roles/matrix-jitsi/templates/web/env.j2
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,28 @@ | ||||
| ENABLE_AUTH={{ 1 if matrix_jitsi_enable_auth else 0 }} | ||||
| ENABLE_GUESTS={{ 1 if matrix_jitsi_enable_guests else 0 }} | ||||
|  | ||||
| ENABLE_TRANSCRIPTIONS={{ 1 if matrix_jitsi_enable_transcriptions else 0 }} | ||||
|  | ||||
| DISABLE_HTTPS=1 | ||||
|  | ||||
| JICOFO_AUTH_USER={{ matrix_jitsi_jicofo_auth_user }} | ||||
|  | ||||
| PUBLIC_URL={{ matrix_jitsi_web_public_url }} | ||||
|  | ||||
| XMPP_DOMAIN={{ matrix_jitsi_xmpp_domain }} | ||||
| XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }} | ||||
| XMPP_BOSH_URL_BASE={{ matrix_jitsi_xmpp_bosh_url_base }} | ||||
| XMPP_GUEST_DOMAIN={{ matrix_jitsi_xmpp_guest_domain }} | ||||
| XMPP_MUC_DOMAIN={{ matrix_jitsi_xmpp_muc_domain }} | ||||
| XMPP_RECORDER_DOMAIN={{ matrix_jitsi_recorder_domain }} | ||||
|  | ||||
| TZ={{ matrix_jitsi_timezone }} | ||||
|  | ||||
| JIBRI_BREWERY_MUC={{ matrix_jitsi_jibri_brewery_muc }} | ||||
| JIBRI_PENDING_TIMEOUT={{ matrix_jitsi_jibri_pending_timeout }} | ||||
| JIBRI_XMPP_USER={{ matrix_jitsi_jibri_xmpp_user }} | ||||
| JIBRI_XMPP_PASSWORD={{ matrix_jitsi_jibri_xmpp_password }} | ||||
| JIBRI_RECORDER_USER={{ matrix_jitsi_jibri_recorder_user }} | ||||
| JIBRI_RECORDER_PASSWORD={{ matrix_jitsi_jibri_recorder_password }} | ||||
|  | ||||
| ENABLE_RECORDING={{ 1 if matrix_jitsi_enable_recording else 0 }} | ||||
							
								
								
									
										230
									
								
								roles/matrix-jitsi/templates/web/interface_config.js.j2
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										230
									
								
								roles/matrix-jitsi/templates/web/interface_config.js.j2
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,230 @@ | ||||
| /* eslint-disable no-unused-vars, no-var, max-len */ | ||||
|  | ||||
| var interfaceConfig = { | ||||
|     // TO FIX: this needs to be handled from SASS variables. There are some | ||||
|     // methods allowing to use variables both in css and js. | ||||
|     DEFAULT_BACKGROUND: '#474747', | ||||
|  | ||||
|     /** | ||||
|      * Whether or not the blurred video background for large video should be | ||||
|      * displayed on browsers that can support it. | ||||
|      */ | ||||
|     DISABLE_VIDEO_BACKGROUND: false, | ||||
|  | ||||
|     INITIAL_TOOLBAR_TIMEOUT: 20000, | ||||
|     TOOLBAR_TIMEOUT: 4000, | ||||
|     TOOLBAR_ALWAYS_VISIBLE: false, | ||||
|     DEFAULT_REMOTE_DISPLAY_NAME: 'Fellow Jitster', | ||||
|     DEFAULT_LOCAL_DISPLAY_NAME: 'me', | ||||
|     SHOW_JITSI_WATERMARK: true, | ||||
|     JITSI_WATERMARK_LINK: 'https://jitsi.org', | ||||
|  | ||||
|     // if watermark is disabled by default, it can be shown only for guests | ||||
|     SHOW_WATERMARK_FOR_GUESTS: true, | ||||
|     SHOW_BRAND_WATERMARK: false, | ||||
|     BRAND_WATERMARK_LINK: '', | ||||
|     SHOW_POWERED_BY: false, | ||||
|     SHOW_DEEP_LINKING_IMAGE: false, | ||||
|     GENERATE_ROOMNAMES_ON_WELCOME_PAGE: true, | ||||
|     DISPLAY_WELCOME_PAGE_CONTENT: true, | ||||
|     APP_NAME: 'Jitsi Meet', | ||||
|     NATIVE_APP_NAME: 'Jitsi Meet', | ||||
|     PROVIDER_NAME: 'Jitsi', | ||||
|     LANG_DETECTION: false, // Allow i18n to detect the system language | ||||
|     INVITATION_POWERED_BY: true, | ||||
|  | ||||
|     /** | ||||
|      * If we should show authentication block in profile | ||||
|      */ | ||||
|     AUTHENTICATION_ENABLE: true, | ||||
|  | ||||
|     /** | ||||
|      * The name of the toolbar buttons to display in the toolbar. If present, | ||||
|      * the button will display. Exceptions are "livestreaming" and "recording" | ||||
|      * which also require being a moderator and some values in config.js to be | ||||
|      * enabled. Also, the "profile" button will not display for user's with a | ||||
|      * jwt. | ||||
|      */ | ||||
|     TOOLBAR_BUTTONS: [ | ||||
| 		{% if matrix_jitsi_enable_transcriptions %} | ||||
|             'closedcaptions', | ||||
| 		{% endif %} | ||||
|  | ||||
|         'microphone', 'camera', 'desktop', 'fullscreen', | ||||
|         'fodeviceselection', 'hangup', 'profile', 'info', 'chat', 'recording', | ||||
|         'livestreaming', 'etherpad', 'sharedvideo', 'settings', 'raisehand', | ||||
|         'videoquality', 'filmstrip', 'invite', 'feedback', 'stats', 'shortcuts', | ||||
|         'tileview', 'videobackgroundblur' | ||||
|     ], | ||||
|  | ||||
|     SETTINGS_SECTIONS: [ 'devices', 'language', 'moderator', 'profile', 'calendar' ], | ||||
|  | ||||
|     // Determines how the video would fit the screen. 'both' would fit the whole | ||||
|     // screen, 'height' would fit the original video height to the height of the | ||||
|     // screen, 'width' would fit the original video width to the width of the | ||||
|     // screen respecting ratio. | ||||
|     VIDEO_LAYOUT_FIT: 'both', | ||||
|  | ||||
|     /** | ||||
|      * Whether to only show the filmstrip (and hide the toolbar). | ||||
|      */ | ||||
|     filmStripOnly: false, | ||||
|  | ||||
|     /** | ||||
|      * Whether to show thumbnails in filmstrip as a column instead of as a row. | ||||
|      */ | ||||
|     VERTICAL_FILMSTRIP: true, | ||||
|  | ||||
|     // A html text to be shown to guests on the close page, false disables it | ||||
|     CLOSE_PAGE_GUEST_HINT: false, | ||||
|     RANDOM_AVATAR_URL_PREFIX: false, | ||||
|     RANDOM_AVATAR_URL_SUFFIX: false, | ||||
|     FILM_STRIP_MAX_HEIGHT: 120, | ||||
|  | ||||
|     // Enables feedback star animation. | ||||
|     ENABLE_FEEDBACK_ANIMATION: false, | ||||
|     DISABLE_FOCUS_INDICATOR: false, | ||||
|     DISABLE_DOMINANT_SPEAKER_INDICATOR: false, | ||||
|  | ||||
|     /** | ||||
|      * Whether the speech to text transcription subtitles panel is disabled. | ||||
|      * If {@code undefined}, defaults to {@code false}. | ||||
|      * | ||||
|      * @type {boolean} | ||||
|      */ | ||||
|     DISABLE_TRANSCRIPTION_SUBTITLES: false, | ||||
|  | ||||
|     /** | ||||
|      * Whether the ringing sound in the call/ring overlay is disabled. If | ||||
|      * {@code undefined}, defaults to {@code false}. | ||||
|      * | ||||
|      * @type {boolean} | ||||
|      */ | ||||
|     DISABLE_RINGING: false, | ||||
|     AUDIO_LEVEL_PRIMARY_COLOR: 'rgba(255,255,255,0.4)', | ||||
|     AUDIO_LEVEL_SECONDARY_COLOR: 'rgba(255,255,255,0.2)', | ||||
|     POLICY_LOGO: null, | ||||
|     LOCAL_THUMBNAIL_RATIO: 16 / 9, // 16:9 | ||||
|     REMOTE_THUMBNAIL_RATIO: 1, // 1:1 | ||||
|     // Documentation reference for the live streaming feature. | ||||
|     LIVE_STREAMING_HELP_LINK: 'https://jitsi.org/live', | ||||
|  | ||||
|     /** | ||||
|      * Whether the mobile app Jitsi Meet is to be promoted to participants | ||||
|      * attempting to join a conference in a mobile Web browser. If | ||||
|      * {@code undefined}, defaults to {@code true}. | ||||
|      * | ||||
|      * @type {boolean} | ||||
|      */ | ||||
|     MOBILE_APP_PROMO: true, | ||||
|  | ||||
|     /** | ||||
|      * Maximum coeficient of the ratio of the large video to the visible area | ||||
|      * after the large video is scaled to fit the window. | ||||
|      * | ||||
|      * @type {number} | ||||
|      */ | ||||
|     MAXIMUM_ZOOMING_COEFFICIENT: 1.3, | ||||
|  | ||||
|     /* | ||||
|      * If indicated some of the error dialogs may point to the support URL for | ||||
|      * help. | ||||
|      */ | ||||
|     SUPPORT_URL: 'https://github.com/jitsi/jitsi-meet/issues/new', | ||||
|  | ||||
|     /** | ||||
|      * Whether the connection indicator icon should hide itself based on | ||||
|      * connection strength. If true, the connection indicator will remain | ||||
|      * displayed while the participant has a weak connection and will hide | ||||
|      * itself after the CONNECTION_INDICATOR_HIDE_TIMEOUT when the connection is | ||||
|      * strong. | ||||
|      * | ||||
|      * @type {boolean} | ||||
|      */ | ||||
|     CONNECTION_INDICATOR_AUTO_HIDE_ENABLED: true, | ||||
|  | ||||
|     /** | ||||
|      * How long the connection indicator should remain displayed before hiding. | ||||
|      * Used in conjunction with CONNECTION_INDICATOR_AUTOHIDE_ENABLED. | ||||
|      * | ||||
|      * @type {number} | ||||
|      */ | ||||
|     CONNECTION_INDICATOR_AUTO_HIDE_TIMEOUT: 5000, | ||||
|  | ||||
|     /** | ||||
|      * If true, hides the connection indicators completely. | ||||
|      * | ||||
|      * @type {boolean} | ||||
|      */ | ||||
|     CONNECTION_INDICATOR_DISABLED: false, | ||||
|  | ||||
|     /** | ||||
|      * If true, hides the video quality label indicating the resolution status | ||||
|      * of the current large video. | ||||
|      * | ||||
|      * @type {boolean} | ||||
|      */ | ||||
|     VIDEO_QUALITY_LABEL_DISABLED: false, | ||||
|  | ||||
|     /** | ||||
|      * If true, will display recent list | ||||
|      * | ||||
|      * @type {boolean} | ||||
|      */ | ||||
|     RECENT_LIST_ENABLED: true, | ||||
|  | ||||
|     // Names of browsers which should show a warning stating the current browser | ||||
|     // has a suboptimal experience. Browsers which are not listed as optimal or | ||||
|     // unsupported are considered suboptimal. Valid values are: | ||||
|     // chrome, chromium, edge, electron, firefox, nwjs, opera, safari | ||||
|     OPTIMAL_BROWSERS: [ 'chrome', 'chromium', 'firefox', 'nwjs', 'electron' ], | ||||
|  | ||||
|     // Browsers, in addition to those which do not fully support WebRTC, that | ||||
|     // are not supported and should show the unsupported browser page. | ||||
|     UNSUPPORTED_BROWSERS: [], | ||||
|  | ||||
|     /** | ||||
|      * A UX mode where the last screen share participant is automatically | ||||
|      * pinned. Valid values are the string "remote-only" so remote participants | ||||
|      * get pinned but not local, otherwise any truthy value for all participants, | ||||
|      * and any falsy value to disable the feature. | ||||
|      * | ||||
|      * Note: this mode is experimental and subject to breakage. | ||||
|      */ | ||||
|     AUTO_PIN_LATEST_SCREEN_SHARE: 'remote-only' | ||||
|  | ||||
|     /** | ||||
|      * How many columns the tile view can expand to. The respected range is | ||||
|      * between 1 and 5. | ||||
|      */ | ||||
|     // TILE_VIEW_MAX_COLUMNS: 5, | ||||
|  | ||||
|     /** | ||||
|      * Specify custom URL for downloading android mobile app. | ||||
|      */ | ||||
|     // MOBILE_DOWNLOAD_LINK_ANDROID: 'https://play.google.com/store/apps/details?id=org.jitsi.meet', | ||||
|  | ||||
|     /** | ||||
|      * Specify URL for downloading ios mobile app. | ||||
|      */ | ||||
|     // MOBILE_DOWNLOAD_LINK_IOS: 'https://itunes.apple.com/us/app/jitsi-meet/id1165103905', | ||||
|  | ||||
|     /** | ||||
|      * Specify mobile app scheme for opening the app from the mobile browser. | ||||
|      */ | ||||
|     // APP_SCHEME: 'org.jitsi.meet', | ||||
|  | ||||
|     /** | ||||
|      * Specify the Android app package name. | ||||
|      */ | ||||
|     // ANDROID_APP_PACKAGE: 'org.jitsi.meet', | ||||
|  | ||||
|     /** | ||||
|      * Override the behavior of some notifications to remain displayed until | ||||
|      * explicitly dismissed through a user action. The value is how long, in | ||||
|      * milliseconds, those notifications should remain displayed. | ||||
|      */ | ||||
|     // ENFORCE_NOTIFICATION_AUTO_DISMISS_TIMEOUT: 15000, | ||||
| }; | ||||
|  | ||||
| /* eslint-enable no-unused-vars, no-var, max-len */ | ||||
							
								
								
									
										35
									
								
								roles/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										35
									
								
								roles/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,35 @@ | ||||
| #jinja2: lstrip_blocks: "True" | ||||
| [Unit] | ||||
| Description=Matrix jitsi-web server | ||||
| {% for service in matrix_jitsi_web_systemd_required_services_list %} | ||||
| Requires={{ service }} | ||||
| After={{ service }} | ||||
| {% endfor %} | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
| ExecStartPre=-/usr/bin/docker kill matrix-jitsi-web | ||||
| ExecStartPre=-/usr/bin/docker rm matrix-jitsi-web | ||||
|  | ||||
| ExecStart=/usr/bin/docker run --rm --name matrix-jitsi-web \ | ||||
| 			--log-driver=none \ | ||||
| 			--network={{ matrix_docker_network }} \ | ||||
| 			--env-file={{ matrix_jitsi_web_base_path }}/env \ | ||||
| 			{% if matrix_jitsi_web_container_http_host_bind_port %} | ||||
| 			-p {{ matrix_jitsi_web_container_http_host_bind_port }}:80 \ | ||||
| 			{% endif %} | ||||
| 			-v {{ matrix_jitsi_web_config_path }}:/config \ | ||||
| 			-v {{ matrix_jitsi_web_transcripts_path }}:/usr/share/jitsi-meet/transcripts \ | ||||
| 			{% for arg in matrix_jitsi_web_container_extra_arguments %} | ||||
| 			{{ arg }} \ | ||||
| 			{% endfor %} | ||||
| 			{{ matrix_jitsi_web_docker_image }} | ||||
|  | ||||
| ExecStop=-/usr/bin/docker kill matrix-jitsi-web | ||||
| ExecStop=-/usr/bin/docker rm matrix-jitsi-web | ||||
| Restart=always | ||||
| RestartSec=30 | ||||
| SyslogIdentifier=matrix-jitsi-web | ||||
|  | ||||
| [Install] | ||||
| WantedBy=multi-user.target | ||||
| @@ -105,6 +105,10 @@ matrix_nginx_proxy_proxy_matrix_hostname: "{{ matrix_server_fqn_matrix }}" | ||||
| matrix_nginx_proxy_proxy_dimension_enabled: false | ||||
| matrix_nginx_proxy_proxy_dimension_hostname: "{{ matrix_server_fqn_dimension }}" | ||||
|  | ||||
| # Controls whether proxying the jitsi domain should be done. | ||||
| matrix_nginx_proxy_proxy_jitsi_enabled: false | ||||
| matrix_nginx_proxy_proxy_jitsi_hostname: "{{ matrix_server_fqn_jitsi }}" | ||||
|  | ||||
| # Controls whether proxying for the matrix-corporal API (`/_matrix/corporal`) should be done (on the matrix domain) | ||||
| matrix_nginx_proxy_proxy_matrix_corporal_api_enabled: false | ||||
| matrix_nginx_proxy_proxy_matrix_corporal_api_addr_with_container: "matrix-corporal:41081" | ||||
| @@ -164,6 +168,9 @@ matrix_nginx_proxy_proxy_riot_additional_server_configuration_blocks: [] | ||||
| # A list of strings containing additional configuration blocks to add to the matrix dimension's server configuration. | ||||
| matrix_nginx_proxy_proxy_dimension_additional_server_configuration_blocks: [] | ||||
|  | ||||
| # A list of strings containing additional configuration blocks to add to the jitsi's server configuration. | ||||
| matrix_nginx_proxy_proxy_jitsi_additional_server_configuration_blocks: [] | ||||
|  | ||||
| # A list of strings containing additional configuration blocks to add to the matrix domain server configuration. | ||||
| matrix_nginx_proxy_proxy_domain_additional_server_configuration_blocks: [] | ||||
|  | ||||
|   | ||||
| @@ -66,6 +66,13 @@ | ||||
|     mode: 0644 | ||||
|   when: matrix_nginx_proxy_proxy_dimension_enabled|bool | ||||
|  | ||||
| - name: Ensure Matrix nginx-proxy configuration for jitsi domain exists | ||||
|   template: | ||||
|     src: "{{ role_path }}/templates/nginx/conf.d/matrix-jitsi.conf.j2" | ||||
|     dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-jitsi.conf" | ||||
|     mode: 0644 | ||||
|   when: matrix_nginx_proxy_proxy_jitsi_enabled|bool | ||||
|  | ||||
| - name: Ensure Matrix nginx-proxy data directory for base domain exists | ||||
|   file: | ||||
|     path: "{{ matrix_nginx_proxy_data_path }}/matrix-domain" | ||||
| @@ -163,6 +170,12 @@ | ||||
|     state: absent | ||||
|   when: "not matrix_nginx_proxy_proxy_dimension_enabled|bool" | ||||
|  | ||||
| - name: Ensure Matrix nginx-proxy configuration for jitsi domain deleted | ||||
|   file: | ||||
|     path: "{{ matrix_nginx_proxy_confd_path }}/matrix-jitsi.conf" | ||||
|     state: absent | ||||
|   when: "not matrix_nginx_proxy_proxy_jitsi_enabled|bool" | ||||
|  | ||||
| - name: Ensure Matrix nginx-proxy homepage for base domain deleted | ||||
|   file: | ||||
|     path: "{{ matrix_nginx_proxy_data_path }}/matrix-domain/index.html" | ||||
|   | ||||
| @@ -0,0 +1,72 @@ | ||||
| #jinja2: lstrip_blocks: "True" | ||||
|  | ||||
| {% macro render_vhost_directives() %} | ||||
| 	gzip on; | ||||
| 	gzip_types text/plain application/json application/javascript text/css image/x-icon font/ttf image/gif; | ||||
| {% for configuration_block in matrix_nginx_proxy_proxy_jitsi_additional_server_configuration_blocks %} | ||||
| 	{{- configuration_block }} | ||||
| {% endfor %} | ||||
|  | ||||
| 	location / { | ||||
| 		{% if matrix_nginx_proxy_enabled %} | ||||
| 			{# Use the embedded DNS resolver in Docker containers to discover the service #} | ||||
| 			resolver 127.0.0.11 valid=5s; | ||||
| 			set $backend "matrix-jitsi-web:80"; | ||||
| 			proxy_pass http://$backend; | ||||
| 		{% else %} | ||||
| 			{# Generic configuration for use outside of our container setup #} | ||||
| 			proxy_pass http://127.0.0.1:12080; | ||||
| 		{% endif %} | ||||
|  | ||||
| 		proxy_set_header Host $host; | ||||
| 		proxy_set_header X-Forwarded-For $remote_addr; | ||||
| 	} | ||||
| {% endmacro %} | ||||
|  | ||||
| server { | ||||
| 	listen {{ 8080 if matrix_nginx_proxy_enabled else 80 }}; | ||||
| 	server_name {{ matrix_nginx_proxy_proxy_jitsi_hostname }}; | ||||
|  | ||||
| 	server_tokens off; | ||||
| 	root /dev/null; | ||||
|  | ||||
| 	{% if matrix_nginx_proxy_https_enabled %} | ||||
| 		location /.well-known/acme-challenge { | ||||
| 			{% if matrix_nginx_proxy_enabled %} | ||||
| 				{# Use the embedded DNS resolver in Docker containers to discover the service #} | ||||
| 				resolver 127.0.0.11 valid=5s; | ||||
| 				set $backend "matrix-certbot:8080"; | ||||
| 				proxy_pass http://$backend; | ||||
| 			{% else %} | ||||
| 				{# Generic configuration for use outside of our container setup #} | ||||
| 				proxy_pass http://127.0.0.1:{{ matrix_ssl_lets_encrypt_certbot_standalone_http_port }}; | ||||
| 			{% endif %} | ||||
| 		} | ||||
|  | ||||
| 		location / { | ||||
| 			return 301 https://$http_host$request_uri; | ||||
| 		} | ||||
| 	{% else %} | ||||
| 		{{ render_vhost_directives() }} | ||||
| 	{% endif %} | ||||
| } | ||||
|  | ||||
| {% if matrix_nginx_proxy_https_enabled %} | ||||
| server { | ||||
| 	listen {{ 8443 if matrix_nginx_proxy_enabled else 443 }} ssl http2; | ||||
| 	listen [::]:{{ 8443 if matrix_nginx_proxy_enabled else 443 }} ssl http2; | ||||
|  | ||||
| 	server_name {{ matrix_nginx_proxy_proxy_dimension_hostname }}; | ||||
|  | ||||
| 	server_tokens off; | ||||
| 	root /dev/null; | ||||
|  | ||||
| 	ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_jitsi_hostname }}/fullchain.pem; | ||||
| 	ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_jitsi_hostname }}/privkey.pem; | ||||
| 	ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }}; | ||||
| 	ssl_prefer_server_ciphers on; | ||||
| 	ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; | ||||
|  | ||||
| 	{{ render_vhost_directives() }} | ||||
| } | ||||
| {% endif %} | ||||
| @@ -58,6 +58,8 @@ matrix_riot_web_branding_welcomeBackgroundUrl: ~ | ||||
| # point this to a `home.html` template file on your local filesystem. | ||||
| matrix_riot_web_embedded_pages_home_path: ~ | ||||
|  | ||||
| matrix_riot_web_jitsi_preferredDomain: '' | ||||
|  | ||||
| # Controls whether the self-check feature should validate SSL certificates. | ||||
| matrix_riot_web_self_check_validate_certificates: true | ||||
|  | ||||
|   | ||||
| @@ -30,6 +30,12 @@ | ||||
| 	"embeddedPages": { | ||||
| 		"homeUrl": {{ matrix_riot_web_embedded_pages_home_url|string|to_json }} | ||||
| 	}, | ||||
| 	{% if matrix_riot_web_jitsi_preferredDomain is not none %} | ||||
| 	"jitsi": { | ||||
|         "preferredDomain": {{ matrix_riot_web_jitsi_preferredDomain|to_json }}, | ||||
|         "externalApiUrl": "https://{{ matrix_riot_web_jitsi_preferredDomain }}/libs/external_api.min.js" | ||||
|     }, | ||||
| 	{% endif %} | ||||
| 	"branding": { | ||||
| 		"authFooterLinks": {{ matrix_riot_web_branding_authFooterLinks|to_json }}, | ||||
| 		"authHeaderLogoUrl": {{ matrix_riot_web_branding_authHeaderLogoUrl|to_json }}, | ||||
|   | ||||
		Reference in New Issue
	
	Block a user