From d84934e7f51d3fe1fee32a70070483a30c11f5d8 Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Wed, 10 Feb 2021 22:19:57 +0100 Subject: [PATCH 01/24] move videobridge into seperate role --- {defaults => jitsi-meet/defaults}/main.yml | 3 - {handlers => jitsi-meet/handlers}/main.yml | 0 jitsi-meet/meta/main.yml | 8 +++ .../molecule}/default/converge.yml | 0 .../molecule}/default/molecule.yml | 0 .../molecule}/default/requirements.yml | 0 .../default/roles/ansible-role-jitsi-meet | 0 .../molecule}/docker/INSTALL.rst | 0 .../molecule}/docker/molecule.yml | 0 {tasks => jitsi-meet/tasks}/jitsi-meet.yml | 36 ---------- {tasks => jitsi-meet/tasks}/main.yml | 7 -- {tasks => jitsi-meet/tasks}/nginx.yml | 0 {tasks => jitsi-meet/tasks}/prosody.yml | 0 .../tasks}/ui_customization.yml | 0 .../templates}/interface_config.js.j2 | 0 .../templates}/jicofo/config.j2 | 0 .../jicofo/sip-communicator.properties.j2 | 0 .../templates}/logrotate.d/jicofo.j2 | 0 .../templates}/logrotate.d/nginx.j2 | 0 .../templates}/logrotate.d/prosody.j2 | 0 .../templates}/meet-config.js.j2 | 0 .../templates}/nginx/nginx.conf.j2 | 0 .../nginx/sites-available/vhost.conf.j2 | 16 +++-- .../prosody/conf.avail/virtualhost.cfg.lua.j2 | 0 .../templates}/prosody/prosody.cfg.lua.j2 | 0 .../templates}/title.html.j2 | 0 jitsi-videobridge/defaults/main.yml | 11 +++ jitsi-videobridge/handlers/main.yml | 5 ++ jitsi-videobridge/meta/main.yml | 9 +++ jitsi-videobridge/tasks/main.yml | 69 +++++++++++++++++++ .../templates}/videobridge/config.j2 | 0 .../templates/videobridge/jvb.conf.j2 | 13 ++++ .../videobridge/logging.properties.j2 | 0 .../sip-communicator.properties.j2 | 0 meta/main.yml | 11 +-- 35 files changed, 126 insertions(+), 62 deletions(-) rename {defaults => jitsi-meet/defaults}/main.yml (98%) rename {handlers => jitsi-meet/handlers}/main.yml (100%) create mode 100644 jitsi-meet/meta/main.yml rename {molecule => jitsi-meet/molecule}/default/converge.yml (100%) rename {molecule => jitsi-meet/molecule}/default/molecule.yml (100%) rename {molecule => jitsi-meet/molecule}/default/requirements.yml (100%) rename {molecule => jitsi-meet/molecule}/default/roles/ansible-role-jitsi-meet (100%) rename {molecule => jitsi-meet/molecule}/docker/INSTALL.rst (100%) rename {molecule => jitsi-meet/molecule}/docker/molecule.yml (100%) rename {tasks => jitsi-meet/tasks}/jitsi-meet.yml (65%) rename {tasks => jitsi-meet/tasks}/main.yml (71%) rename {tasks => jitsi-meet/tasks}/nginx.yml (100%) rename {tasks => jitsi-meet/tasks}/prosody.yml (100%) rename {tasks => jitsi-meet/tasks}/ui_customization.yml (100%) rename {templates => jitsi-meet/templates}/interface_config.js.j2 (100%) rename {templates => jitsi-meet/templates}/jicofo/config.j2 (100%) rename {templates => jitsi-meet/templates}/jicofo/sip-communicator.properties.j2 (100%) rename {templates => jitsi-meet/templates}/logrotate.d/jicofo.j2 (100%) rename {templates => jitsi-meet/templates}/logrotate.d/nginx.j2 (100%) rename {templates => jitsi-meet/templates}/logrotate.d/prosody.j2 (100%) rename {templates => jitsi-meet/templates}/meet-config.js.j2 (100%) rename {templates => jitsi-meet/templates}/nginx/nginx.conf.j2 (100%) rename {templates => jitsi-meet/templates}/nginx/sites-available/vhost.conf.j2 (89%) rename {templates => jitsi-meet/templates}/prosody/conf.avail/virtualhost.cfg.lua.j2 (100%) rename {templates => jitsi-meet/templates}/prosody/prosody.cfg.lua.j2 (100%) rename {templates => jitsi-meet/templates}/title.html.j2 (100%) create mode 100644 jitsi-videobridge/defaults/main.yml create mode 100644 jitsi-videobridge/handlers/main.yml create mode 100644 jitsi-videobridge/meta/main.yml create mode 100644 jitsi-videobridge/tasks/main.yml rename {templates => jitsi-videobridge/templates}/videobridge/config.j2 (100%) create mode 100644 jitsi-videobridge/templates/videobridge/jvb.conf.j2 rename {templates => jitsi-videobridge/templates}/videobridge/logging.properties.j2 (100%) rename {templates => jitsi-videobridge/templates}/videobridge/sip-communicator.properties.j2 (100%) diff --git a/defaults/main.yml b/jitsi-meet/defaults/main.yml similarity index 98% rename from defaults/main.yml rename to jitsi-meet/defaults/main.yml index 3d7370f..b622f08 100644 --- a/defaults/main.yml +++ b/jitsi-meet/defaults/main.yml @@ -5,12 +5,10 @@ jitsi_meet_packages: - jitsi-meet-prosody - jitsi-meet-web - jitsi-meet-web-config - - jitsi-videobridge2 jitsi_meet_server_name: "meet.example.com" jitsi_meet_server_name_aliases: [] -jitsi_meet_videobridge_port: 5347 jitsi_meet_jicofo_user: focus jitsi_meet_jicofo_port: 5347 @@ -79,7 +77,6 @@ jitsi_meet_debsums_ignore_custom_assets: false ## Logging jitsi_meet_logrotate_retained_days: 7 jitsi_meet_loglevel: "WARNING" -jitsi_meet_videobridge_loglevel: "{{ jitsi_meet_loglevel }}" jitsi_meet_jicofo_loglevel: "{{ jitsi_meet_loglevel }}" jitsi_meet_jicofo_logging_properties: | handlers= java.util.logging.ConsoleHandler diff --git a/handlers/main.yml b/jitsi-meet/handlers/main.yml similarity index 100% rename from handlers/main.yml rename to jitsi-meet/handlers/main.yml diff --git a/jitsi-meet/meta/main.yml b/jitsi-meet/meta/main.yml new file mode 100644 index 0000000..76c9fce --- /dev/null +++ b/jitsi-meet/meta/main.yml @@ -0,0 +1,8 @@ +--- +dependencies: + - role: systemli.apt_repositories + vars: + apt_repositories: + - preset: jitsi + name: download_jitsi_org + packages: "{{ jitsi_meet_packages }}" diff --git a/molecule/default/converge.yml b/jitsi-meet/molecule/default/converge.yml similarity index 100% rename from molecule/default/converge.yml rename to jitsi-meet/molecule/default/converge.yml diff --git a/molecule/default/molecule.yml b/jitsi-meet/molecule/default/molecule.yml similarity index 100% rename from molecule/default/molecule.yml rename to jitsi-meet/molecule/default/molecule.yml diff --git a/molecule/default/requirements.yml b/jitsi-meet/molecule/default/requirements.yml similarity index 100% rename from molecule/default/requirements.yml rename to jitsi-meet/molecule/default/requirements.yml diff --git a/molecule/default/roles/ansible-role-jitsi-meet b/jitsi-meet/molecule/default/roles/ansible-role-jitsi-meet similarity index 100% rename from molecule/default/roles/ansible-role-jitsi-meet rename to jitsi-meet/molecule/default/roles/ansible-role-jitsi-meet diff --git a/molecule/docker/INSTALL.rst b/jitsi-meet/molecule/docker/INSTALL.rst similarity index 100% rename from molecule/docker/INSTALL.rst rename to jitsi-meet/molecule/docker/INSTALL.rst diff --git a/molecule/docker/molecule.yml b/jitsi-meet/molecule/docker/molecule.yml similarity index 100% rename from molecule/docker/molecule.yml rename to jitsi-meet/molecule/docker/molecule.yml diff --git a/tasks/jitsi-meet.yml b/jitsi-meet/tasks/jitsi-meet.yml similarity index 65% rename from tasks/jitsi-meet.yml rename to jitsi-meet/tasks/jitsi-meet.yml index 3672aca..2ce9e4c 100644 --- a/tasks/jitsi-meet.yml +++ b/jitsi-meet/tasks/jitsi-meet.yml @@ -7,10 +7,6 @@ value: "{{ item.value }}" vtype: "{{ item.vtype }}" loop: - - name: jitsi-videobridge2 - question: jitsi-videobridge/jvb-hostname - value: "{{ jitsi_meet_server_name }}" - vtype: string - name: jitsi-meet-web-config question: jitsi-meet/cert-choice value: "{{ jitsi_meet_cert_choice }}" @@ -35,15 +31,6 @@ state: present update_cache: yes -- name: Copy videobridge sip-communicator.properties - template: - src: videobridge/sip-communicator.properties.j2 - dest: /etc/jitsi/videobridge/sip-communicator.properties - owner: jvb - group: jitsi - mode: 0640 - notify: restart jitsi-videobridge2 - - name: Copy jicofo config template: src: jicofo/config.j2 @@ -71,35 +58,12 @@ mode: 0640 notify: restart jicofo -- name: Copy jitsi-videobridge2 config - template: - src: videobridge/config.j2 - dest: /etc/jitsi/videobridge/config - owner: jvb - group: jitsi - mode: 0640 - notify: restart jitsi-videobridge2 - -- name: Copy jitsi-videobridge2 log.properties - template: - src: videobridge/logging.properties.j2 - dest: /etc/jitsi/videobridge/logging.properties - owner: jvb - group: jitsi - mode: 0640 - notify: restart jitsi-videobridge2 - - name: Copy jitsi meet config template: mode: 0644 src: meet-config.js.j2 dest: "/etc/jitsi/meet/{{ jitsi_meet_server_name }}-config.js" -- name: Enable jitsi-videobridge2 - service: - name: jitsi-videobridge2 - enabled: yes - - name: Enable jicofo service: name: jicofo diff --git a/tasks/main.yml b/jitsi-meet/tasks/main.yml similarity index 71% rename from tasks/main.yml rename to jitsi-meet/tasks/main.yml index 642bbbd..9a72db5 100644 --- a/tasks/main.yml +++ b/jitsi-meet/tasks/main.yml @@ -4,17 +4,10 @@ set_fact: "{{ item }}": "{{ (item + jitsi_meet_base_secret | string) | hash('sha1') }}" loop: - - jitsi_meet_videobridge_secret - - jitsi_meet_videobridge_password - jitsi_meet_jicofo_secret - jitsi_meet_jicofo_password when: jitsi_meet_base_secret is defined -- name: Derive videobridge nickname - set_fact: - jitsi_meet_videobridge_muc_nickname: "{{ (jitsi_meet_base_secret | string + 'jvb_muc_nick') | to_uuid }}" - when: jitsi_meet_base_secret is defined - - import_tasks: jitsi-meet.yml - import_tasks: prosody.yml - import_tasks: ui_customization.yml diff --git a/tasks/nginx.yml b/jitsi-meet/tasks/nginx.yml similarity index 100% rename from tasks/nginx.yml rename to jitsi-meet/tasks/nginx.yml diff --git a/tasks/prosody.yml b/jitsi-meet/tasks/prosody.yml similarity index 100% rename from tasks/prosody.yml rename to jitsi-meet/tasks/prosody.yml diff --git a/tasks/ui_customization.yml b/jitsi-meet/tasks/ui_customization.yml similarity index 100% rename from tasks/ui_customization.yml rename to jitsi-meet/tasks/ui_customization.yml diff --git a/templates/interface_config.js.j2 b/jitsi-meet/templates/interface_config.js.j2 similarity index 100% rename from templates/interface_config.js.j2 rename to jitsi-meet/templates/interface_config.js.j2 diff --git a/templates/jicofo/config.j2 b/jitsi-meet/templates/jicofo/config.j2 similarity index 100% rename from templates/jicofo/config.j2 rename to jitsi-meet/templates/jicofo/config.j2 diff --git a/templates/jicofo/sip-communicator.properties.j2 b/jitsi-meet/templates/jicofo/sip-communicator.properties.j2 similarity index 100% rename from templates/jicofo/sip-communicator.properties.j2 rename to jitsi-meet/templates/jicofo/sip-communicator.properties.j2 diff --git a/templates/logrotate.d/jicofo.j2 b/jitsi-meet/templates/logrotate.d/jicofo.j2 similarity index 100% rename from templates/logrotate.d/jicofo.j2 rename to jitsi-meet/templates/logrotate.d/jicofo.j2 diff --git a/templates/logrotate.d/nginx.j2 b/jitsi-meet/templates/logrotate.d/nginx.j2 similarity index 100% rename from templates/logrotate.d/nginx.j2 rename to jitsi-meet/templates/logrotate.d/nginx.j2 diff --git a/templates/logrotate.d/prosody.j2 b/jitsi-meet/templates/logrotate.d/prosody.j2 similarity index 100% rename from templates/logrotate.d/prosody.j2 rename to jitsi-meet/templates/logrotate.d/prosody.j2 diff --git a/templates/meet-config.js.j2 b/jitsi-meet/templates/meet-config.js.j2 similarity index 100% rename from templates/meet-config.js.j2 rename to jitsi-meet/templates/meet-config.js.j2 diff --git a/templates/nginx/nginx.conf.j2 b/jitsi-meet/templates/nginx/nginx.conf.j2 similarity index 100% rename from templates/nginx/nginx.conf.j2 rename to jitsi-meet/templates/nginx/nginx.conf.j2 diff --git a/templates/nginx/sites-available/vhost.conf.j2 b/jitsi-meet/templates/nginx/sites-available/vhost.conf.j2 similarity index 89% rename from templates/nginx/sites-available/vhost.conf.j2 rename to jitsi-meet/templates/nginx/sites-available/vhost.conf.j2 index 650132e..81aec66 100644 --- a/templates/nginx/sites-available/vhost.conf.j2 +++ b/jitsi-meet/templates/nginx/sites-available/vhost.conf.j2 @@ -88,14 +88,16 @@ server { tcp_nodelay on; } - # colibri (JVB) websockets for jvb1 - location ~ ^/colibri-ws/default-id/(.*) { - proxy_pass http://127.0.0.1:9090/colibri-ws/default-id/$1$is_args$args; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - tcp_nodelay on; + # colibri (JVB) websockets +{% for videobridge in groups['videobridges'] %} + location ~ ^/colibri-ws/{{ videobridge }}/(.*) { + proxy_pass http://{{ hostvars[videobridge]['ansible_default_ipv4']['address'] }}:9090/colibri-ws/{{ videobridge }}/$1$is_args$args; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + tcp_nodelay on; } +{% endfor %} location ~ ^/([^/?&:'"]+)$ { try_files $uri @root_path; diff --git a/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 b/jitsi-meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 similarity index 100% rename from templates/prosody/conf.avail/virtualhost.cfg.lua.j2 rename to jitsi-meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 diff --git a/templates/prosody/prosody.cfg.lua.j2 b/jitsi-meet/templates/prosody/prosody.cfg.lua.j2 similarity index 100% rename from templates/prosody/prosody.cfg.lua.j2 rename to jitsi-meet/templates/prosody/prosody.cfg.lua.j2 diff --git a/templates/title.html.j2 b/jitsi-meet/templates/title.html.j2 similarity index 100% rename from templates/title.html.j2 rename to jitsi-meet/templates/title.html.j2 diff --git a/jitsi-videobridge/defaults/main.yml b/jitsi-videobridge/defaults/main.yml new file mode 100644 index 0000000..6750024 --- /dev/null +++ b/jitsi-videobridge/defaults/main.yml @@ -0,0 +1,11 @@ +--- +# Global +jitsi_meet_server_name: "meet.example.com" +jitsi_meet_config_stun_servers: + - stun:meet-jit-si-turnrelay.jitsi.net:443 + +# Videobridge +jitsi_meet_videobridge_port: 5347 + +## Logging +jitsi_meet_videobridge_loglevel: "{{ jitsi_meet_loglevel }}" diff --git a/jitsi-videobridge/handlers/main.yml b/jitsi-videobridge/handlers/main.yml new file mode 100644 index 0000000..9964ec6 --- /dev/null +++ b/jitsi-videobridge/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: restart jitsi-videobridge2 + service: + name: jitsi-videobridge2 + state: restarted diff --git a/jitsi-videobridge/meta/main.yml b/jitsi-videobridge/meta/main.yml new file mode 100644 index 0000000..7bdfb31 --- /dev/null +++ b/jitsi-videobridge/meta/main.yml @@ -0,0 +1,9 @@ +--- +dependencies: + - role: systemli.apt_repositories + vars: + apt_repositories: + - preset: jitsi + name: download_jitsi_org + packages: + - jitsi-videobridge2 diff --git a/jitsi-videobridge/tasks/main.yml b/jitsi-videobridge/tasks/main.yml new file mode 100644 index 0000000..7a73c5d --- /dev/null +++ b/jitsi-videobridge/tasks/main.yml @@ -0,0 +1,69 @@ +--- +- name: Derive individual secrets from base secret + set_fact: + "{{ item }}": "{{ (item + jitsi_meet_base_secret | string) | hash('sha1') }}" + loop: + - jitsi_meet_videobridge_secret + - jitsi_meet_videobridge_password + when: jitsi_meet_base_secret is defined + +- name: Derive videobridge nickname + set_fact: + jitsi_meet_videobridge_muc_nickname: "{{ (jitsi_meet_base_secret | string + 'jvb_muc_nick') | to_uuid }}" + when: jitsi_meet_base_secret is defined + +- name: Set debconf options for jitsi-videobridge + debconf: + name: "{{ item.name }}" + question: "{{ item.question }}" + value: "{{ item.value }}" + vtype: "{{ item.vtype }}" + loop: + - name: jitsi-videobridge2 + question: jitsi-videobridge/jvb-hostname + value: "{{ jitsi_meet_server_name }}" + vtype: string + +- name: Install jitsi-videobridge + apt: + pkg: jitsi-videobridge2 + install_recommends: no + state: present + update_cache: yes + +- name: Copy videobridge sip-communicator.properties + template: + src: videobridge/sip-communicator.properties.j2 + dest: /etc/jitsi/videobridge/sip-communicator.properties + owner: jvb + group: jitsi + mode: 0640 + notify: restart jitsi-videobridge2 + +- name: Copy jitsi-videobridge2 config + template: + src: videobridge/{{ item }}.j2 + dest: /etc/jitsi/videobridge/{{ item }} + owner: jvb + group: jitsi + mode: 0640 + with_items: + - config + - jvb.conf + notify: restart jitsi-videobridge2 + +- name: Copy jitsi-videobridge2 log.properties + template: + src: videobridge/logging.properties.j2 + dest: /etc/jitsi/videobridge/logging.properties + owner: jvb + group: jitsi + mode: 0640 + notify: restart jitsi-videobridge2 + +- name: Enable jitsi-videobridge2 + service: + name: jitsi-videobridge2 + enabled: yes + +- meta: flush_handlers diff --git a/templates/videobridge/config.j2 b/jitsi-videobridge/templates/videobridge/config.j2 similarity index 100% rename from templates/videobridge/config.j2 rename to jitsi-videobridge/templates/videobridge/config.j2 diff --git a/jitsi-videobridge/templates/videobridge/jvb.conf.j2 b/jitsi-videobridge/templates/videobridge/jvb.conf.j2 new file mode 100644 index 0000000..c36e349 --- /dev/null +++ b/jitsi-videobridge/templates/videobridge/jvb.conf.j2 @@ -0,0 +1,13 @@ +videobridge { + http-servers { + public { + port = 9090 + } + } + websockets { + enabled = true + domain = "{{ jitsi_meet_server_name }}:443" + tls = true + server-id = {{ ansible_hostname }} + } +} diff --git a/templates/videobridge/logging.properties.j2 b/jitsi-videobridge/templates/videobridge/logging.properties.j2 similarity index 100% rename from templates/videobridge/logging.properties.j2 rename to jitsi-videobridge/templates/videobridge/logging.properties.j2 diff --git a/templates/videobridge/sip-communicator.properties.j2 b/jitsi-videobridge/templates/videobridge/sip-communicator.properties.j2 similarity index 100% rename from templates/videobridge/sip-communicator.properties.j2 rename to jitsi-videobridge/templates/videobridge/sip-communicator.properties.j2 diff --git a/meta/main.yml b/meta/main.yml index 55c3161..7cbb72d 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: role_name: jitsi_meet - author: systemli + author: technischerpunkt description: Install and maintain jitsi-meet. Contains tests for Molecule. - company: systemli.org + company: technischer.org license: GPLv3 min_ansible_version: 2.2 galaxy_tags: @@ -16,10 +16,3 @@ galaxy_info: - buster notifications: webhooks: https://galaxy.ansible.com/api/v1/notifications/ -dependencies: - - role: systemli.apt_repositories - vars: - apt_repositories: - - preset: jitsi - name: download_jitsi_org - packages: "{{ jitsi_meet_packages }}" From 7c49f46c634f69595b96eca6ceb97761e64111da Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Fri, 12 Feb 2021 19:20:55 +0100 Subject: [PATCH 02/24] move to hashed passwords --- .../templates/prosody/conf.avail/virtualhost.cfg.lua.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/jitsi-meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 b/jitsi-meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 index f11e5a4..b076162 100644 --- a/jitsi-meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 +++ b/jitsi-meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 @@ -71,7 +71,7 @@ VirtualHost "auth.{{ jitsi_meet_server_name }}" key = "/etc/prosody/certs/auth.{{ jitsi_meet_server_name }}.key"; certificate = "/etc/prosody/certs/auth.{{ jitsi_meet_server_name }}.crt"; } - authentication = "internal_plain" + authentication = "internal_hashed" Component "focus.{{ jitsi_meet_server_name }}" component_secret = "{{ jitsi_meet_jicofo_secret }}" @@ -90,5 +90,5 @@ VirtualHost "recorder.{{ jitsi_meet_server_name }}" modules_enabled = { "ping"; } - authentication = "internal_plain" + authentication = "internal_hashed" {% endif %} From 94b2263198312ad696fb034a759c14492b67579d Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Fri, 12 Feb 2021 19:21:56 +0100 Subject: [PATCH 03/24] configure for multiple videobridge setup --- jitsi-meet/tasks/main.yml | 2 ++ jitsi-meet/templates/jicofo/config.j2 | 7 ++++++- jitsi-meet/templates/nginx/sites-available/vhost.conf.j2 | 4 ++-- jitsi-meet/templates/prosody/prosody.cfg.lua.j2 | 2 ++ jitsi-videobridge/defaults/main.yml | 7 +++++++ jitsi-videobridge/tasks/main.yml | 5 ----- jitsi-videobridge/templates/videobridge/config.j2 | 7 ++++++- .../templates/videobridge/sip-communicator.properties.j2 | 4 +++- 8 files changed, 28 insertions(+), 10 deletions(-) diff --git a/jitsi-meet/tasks/main.yml b/jitsi-meet/tasks/main.yml index 9a72db5..8454e6a 100644 --- a/jitsi-meet/tasks/main.yml +++ b/jitsi-meet/tasks/main.yml @@ -4,6 +4,8 @@ set_fact: "{{ item }}": "{{ (item + jitsi_meet_base_secret | string) | hash('sha1') }}" loop: + - jitsi_meet_videobridge_secret + - jitsi_meet_videobridge_password - jitsi_meet_jicofo_secret - jitsi_meet_jicofo_password when: jitsi_meet_base_secret is defined diff --git a/jitsi-meet/templates/jicofo/config.j2 b/jitsi-meet/templates/jicofo/config.j2 index ab5a5c2..59e65e7 100644 --- a/jitsi-meet/templates/jicofo/config.j2 +++ b/jitsi-meet/templates/jicofo/config.j2 @@ -24,4 +24,9 @@ JICOFO_AUTH_PASSWORD={{ jitsi_meet_jicofo_password }} JICOFO_OPTS="" # adds java system props that are passed to jicofo (default are for home and logging config file) -JAVA_SYS_PROPS="-Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/jitsi -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=jicofo -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/jitsi -Djava.util.logging.config.file=/etc/jitsi/jicofo/logging.properties" +JAVA_SYS_PROPS=" \ + -Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/jitsi \ + -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=jicofo \ + -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/jitsi \ + -Djava.util.logging.config.file=/etc/jitsi/jicofo/logging.properties \ +" diff --git a/jitsi-meet/templates/nginx/sites-available/vhost.conf.j2 b/jitsi-meet/templates/nginx/sites-available/vhost.conf.j2 index 81aec66..15c50d3 100644 --- a/jitsi-meet/templates/nginx/sites-available/vhost.conf.j2 +++ b/jitsi-meet/templates/nginx/sites-available/vhost.conf.j2 @@ -89,9 +89,9 @@ server { } # colibri (JVB) websockets -{% for videobridge in groups['videobridges'] %} +{% for videobridge in jitsi_meet_videobridge_instances %} location ~ ^/colibri-ws/{{ videobridge }}/(.*) { - proxy_pass http://{{ hostvars[videobridge]['ansible_default_ipv4']['address'] }}:9090/colibri-ws/{{ videobridge }}/$1$is_args$args; + proxy_pass http://{{ hostvars[videobridge]['private_ipv4'] | default(hostvars[videobridge]['ansible_default_ipv4']['address']) }}:9090/colibri-ws/{{ videobridge }}/$1$is_args$args; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; diff --git a/jitsi-meet/templates/prosody/prosody.cfg.lua.j2 b/jitsi-meet/templates/prosody/prosody.cfg.lua.j2 index 00f6832..54a1c00 100644 --- a/jitsi-meet/templates/prosody/prosody.cfg.lua.j2 +++ b/jitsi-meet/templates/prosody/prosody.cfg.lua.j2 @@ -23,6 +23,8 @@ -- Example: admins = { "user1@example.com", "user2@example.net" } admins = { } +network_backend = "epoll" + -- Enable use of libevent for better performance under high load -- For more information see: https://prosody.im/doc/libevent --use_libevent = true diff --git a/jitsi-videobridge/defaults/main.yml b/jitsi-videobridge/defaults/main.yml index 6750024..180f99f 100644 --- a/jitsi-videobridge/defaults/main.yml +++ b/jitsi-videobridge/defaults/main.yml @@ -3,9 +3,16 @@ jitsi_meet_server_name: "meet.example.com" jitsi_meet_config_stun_servers: - stun:meet-jit-si-turnrelay.jitsi.net:443 +jitsi_meet_jicofo_user: focus # Videobridge jitsi_meet_videobridge_port: 5347 +jitsi_meet_videobridge_instances: "{{ groups['videobridges'] }}" + +## single server vs scalable setup +jitsi_meet_single_instance: "{{ inventory_hostname == groups['meet'][0] }}" +jitsi_meet_videobridge_prosody_server_ip: "{{ jitsi_meet_single_instance | ternary('localhost', (hostvars[groups['meet'][0]]['private_ipv4'] | default(hostvars[groups['meet'][0]]['ansible_default_ipv4']['address']))) }}" +jitsi_meet_videobridge_muc_nickname: "{{ jitsi_meet_single_instance | ternary('jvb1', inventory_hostname) }}" ## Logging jitsi_meet_videobridge_loglevel: "{{ jitsi_meet_loglevel }}" diff --git a/jitsi-videobridge/tasks/main.yml b/jitsi-videobridge/tasks/main.yml index 7a73c5d..ae1ebc1 100644 --- a/jitsi-videobridge/tasks/main.yml +++ b/jitsi-videobridge/tasks/main.yml @@ -7,11 +7,6 @@ - jitsi_meet_videobridge_password when: jitsi_meet_base_secret is defined -- name: Derive videobridge nickname - set_fact: - jitsi_meet_videobridge_muc_nickname: "{{ (jitsi_meet_base_secret | string + 'jvb_muc_nick') | to_uuid }}" - when: jitsi_meet_base_secret is defined - - name: Set debconf options for jitsi-videobridge debconf: name: "{{ item.name }}" diff --git a/jitsi-videobridge/templates/videobridge/config.j2 b/jitsi-videobridge/templates/videobridge/config.j2 index 39739b0..706583a 100644 --- a/jitsi-videobridge/templates/videobridge/config.j2 +++ b/jitsi-videobridge/templates/videobridge/config.j2 @@ -16,4 +16,9 @@ JVB_SECRET={{ jitsi_meet_videobridge_secret }} JVB_OPTS="--apis=rest,xmpp" # adds java system props that are passed to jvb (default are for home and logging config file) -JAVA_SYS_PROPS="-Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/jitsi -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=videobridge -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/jitsi -Djava.util.logging.config.file=/etc/jitsi/videobridge/logging.properties" +JAVA_SYS_PROPS=" \ + -Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/jitsi \ + -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=videobridge \ + -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/jitsi \ + -Djava.util.logging.config.file=/etc/jitsi/videobridge/logging.properties \ +" diff --git a/jitsi-videobridge/templates/videobridge/sip-communicator.properties.j2 b/jitsi-videobridge/templates/videobridge/sip-communicator.properties.j2 index 72c19e2..bdc56b8 100644 --- a/jitsi-videobridge/templates/videobridge/sip-communicator.properties.j2 +++ b/jitsi-videobridge/templates/videobridge/sip-communicator.properties.j2 @@ -1,10 +1,12 @@ org.ice4j.ice.harvest.DISABLE_AWS_HARVESTER=true org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES={{ jitsi_meet_config_stun_servers[0] }} +org.jitsi.videobridge.AUTHORIZED_SOURCE_REGEXP=jvbbrewery@internal.auth.{{ jitsi_meet_server_name }}/{{ jitsi_meet_jicofo_user }}.*$ org.jitsi.videobridge.ENABLE_STATISTICS=true org.jitsi.videobridge.STATISTICS_TRANSPORT=muc,colibri -org.jitsi.videobridge.xmpp.user.shard.HOSTNAME=localhost +org.jitsi.videobridge.xmpp.user.shard.HOSTNAME={{ jitsi_meet_videobridge_prosody_server_ip }} org.jitsi.videobridge.xmpp.user.shard.DOMAIN=auth.{{ jitsi_meet_server_name }} org.jitsi.videobridge.xmpp.user.shard.USERNAME=jvb org.jitsi.videobridge.xmpp.user.shard.PASSWORD={{ jitsi_meet_videobridge_password }} org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS=JvbBrewery@internal.auth.{{ jitsi_meet_server_name }} org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME={{ jitsi_meet_videobridge_muc_nickname }} +org.jitsi.videobridge.xmpp.user.shard.DISABLE_CERTIFICATE_VERIFICATION=true From 7a83fc4e8bea533efb6b0c7b7a9d6c3ff9ccd2cf Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Fri, 12 Feb 2021 19:40:56 +0100 Subject: [PATCH 04/24] correct variable location --- jitsi-meet/defaults/main.yml | 2 ++ jitsi-videobridge/defaults/main.yml | 1 - 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/jitsi-meet/defaults/main.yml b/jitsi-meet/defaults/main.yml index b622f08..70c8382 100644 --- a/jitsi-meet/defaults/main.yml +++ b/jitsi-meet/defaults/main.yml @@ -9,6 +9,8 @@ jitsi_meet_packages: jitsi_meet_server_name: "meet.example.com" jitsi_meet_server_name_aliases: [] +jitsi_meet_videobridge_instances: "{{ groups['videobridges'] }}" + jitsi_meet_jicofo_user: focus jitsi_meet_jicofo_port: 5347 diff --git a/jitsi-videobridge/defaults/main.yml b/jitsi-videobridge/defaults/main.yml index 180f99f..928f889 100644 --- a/jitsi-videobridge/defaults/main.yml +++ b/jitsi-videobridge/defaults/main.yml @@ -7,7 +7,6 @@ jitsi_meet_jicofo_user: focus # Videobridge jitsi_meet_videobridge_port: 5347 -jitsi_meet_videobridge_instances: "{{ groups['videobridges'] }}" ## single server vs scalable setup jitsi_meet_single_instance: "{{ inventory_hostname == groups['meet'][0] }}" From 9b0ac8af1987e708ce7b27d0d24a5c644d90ab6f Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Sat, 13 Feb 2021 13:53:01 +0100 Subject: [PATCH 05/24] change default log level to warning --- jitsi-videobridge/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jitsi-videobridge/defaults/main.yml b/jitsi-videobridge/defaults/main.yml index 928f889..5856c2c 100644 --- a/jitsi-videobridge/defaults/main.yml +++ b/jitsi-videobridge/defaults/main.yml @@ -14,4 +14,4 @@ jitsi_meet_videobridge_prosody_server_ip: "{{ jitsi_meet_single_instance | terna jitsi_meet_videobridge_muc_nickname: "{{ jitsi_meet_single_instance | ternary('jvb1', inventory_hostname) }}" ## Logging -jitsi_meet_videobridge_loglevel: "{{ jitsi_meet_loglevel }}" +jitsi_meet_videobridge_loglevel: "WARNING" From d53e5efd6bf5f73f73d6f443242b07721a34c453 Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Sat, 13 Feb 2021 13:55:23 +0100 Subject: [PATCH 06/24] rename folders --- {jitsi-meet => meet}/defaults/main.yml | 0 {jitsi-meet => meet}/handlers/main.yml | 0 {jitsi-meet => meet}/meta/main.yml | 0 {jitsi-meet => meet}/molecule/default/converge.yml | 0 {jitsi-meet => meet}/molecule/default/molecule.yml | 0 {jitsi-meet => meet}/molecule/default/requirements.yml | 0 .../molecule/default/roles/ansible-role-jitsi-meet | 0 {jitsi-meet => meet}/molecule/docker/INSTALL.rst | 0 {jitsi-meet => meet}/molecule/docker/molecule.yml | 0 {jitsi-meet => meet}/tasks/jitsi-meet.yml | 0 {jitsi-meet => meet}/tasks/main.yml | 0 {jitsi-meet => meet}/tasks/nginx.yml | 0 {jitsi-meet => meet}/tasks/prosody.yml | 0 {jitsi-meet => meet}/tasks/ui_customization.yml | 0 {jitsi-meet => meet}/templates/interface_config.js.j2 | 0 {jitsi-meet => meet}/templates/jicofo/config.j2 | 0 .../templates/jicofo/sip-communicator.properties.j2 | 0 {jitsi-meet => meet}/templates/logrotate.d/jicofo.j2 | 0 {jitsi-meet => meet}/templates/logrotate.d/nginx.j2 | 0 {jitsi-meet => meet}/templates/logrotate.d/prosody.j2 | 0 {jitsi-meet => meet}/templates/meet-config.js.j2 | 0 {jitsi-meet => meet}/templates/nginx/nginx.conf.j2 | 0 .../templates/nginx/sites-available/vhost.conf.j2 | 0 .../templates/prosody/conf.avail/virtualhost.cfg.lua.j2 | 0 {jitsi-meet => meet}/templates/prosody/prosody.cfg.lua.j2 | 0 {jitsi-meet => meet}/templates/title.html.j2 | 0 {jitsi-videobridge => videobridge}/defaults/main.yml | 0 {jitsi-videobridge => videobridge}/handlers/main.yml | 0 {jitsi-videobridge => videobridge}/meta/main.yml | 0 {jitsi-videobridge => videobridge}/tasks/main.yml | 0 .../templates/videobridge/config.j2 | 0 .../templates/videobridge/jvb.conf.j2 | 0 .../templates/videobridge/logging.properties.j2 | 0 .../templates/videobridge/sip-communicator.properties.j2 | 0 34 files changed, 0 insertions(+), 0 deletions(-) rename {jitsi-meet => meet}/defaults/main.yml (100%) rename {jitsi-meet => meet}/handlers/main.yml (100%) rename {jitsi-meet => meet}/meta/main.yml (100%) rename {jitsi-meet => meet}/molecule/default/converge.yml (100%) rename {jitsi-meet => meet}/molecule/default/molecule.yml (100%) rename {jitsi-meet => meet}/molecule/default/requirements.yml (100%) rename {jitsi-meet => meet}/molecule/default/roles/ansible-role-jitsi-meet (100%) rename {jitsi-meet => meet}/molecule/docker/INSTALL.rst (100%) rename {jitsi-meet => meet}/molecule/docker/molecule.yml (100%) rename {jitsi-meet => meet}/tasks/jitsi-meet.yml (100%) rename {jitsi-meet => meet}/tasks/main.yml (100%) rename {jitsi-meet => meet}/tasks/nginx.yml (100%) rename {jitsi-meet => meet}/tasks/prosody.yml (100%) rename {jitsi-meet => meet}/tasks/ui_customization.yml (100%) rename {jitsi-meet => meet}/templates/interface_config.js.j2 (100%) rename {jitsi-meet => meet}/templates/jicofo/config.j2 (100%) rename {jitsi-meet => meet}/templates/jicofo/sip-communicator.properties.j2 (100%) rename {jitsi-meet => meet}/templates/logrotate.d/jicofo.j2 (100%) rename {jitsi-meet => meet}/templates/logrotate.d/nginx.j2 (100%) rename {jitsi-meet => meet}/templates/logrotate.d/prosody.j2 (100%) rename {jitsi-meet => meet}/templates/meet-config.js.j2 (100%) rename {jitsi-meet => meet}/templates/nginx/nginx.conf.j2 (100%) rename {jitsi-meet => meet}/templates/nginx/sites-available/vhost.conf.j2 (100%) rename {jitsi-meet => meet}/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 (100%) rename {jitsi-meet => meet}/templates/prosody/prosody.cfg.lua.j2 (100%) rename {jitsi-meet => meet}/templates/title.html.j2 (100%) rename {jitsi-videobridge => videobridge}/defaults/main.yml (100%) rename {jitsi-videobridge => videobridge}/handlers/main.yml (100%) rename {jitsi-videobridge => videobridge}/meta/main.yml (100%) rename {jitsi-videobridge => videobridge}/tasks/main.yml (100%) rename {jitsi-videobridge => videobridge}/templates/videobridge/config.j2 (100%) rename {jitsi-videobridge => videobridge}/templates/videobridge/jvb.conf.j2 (100%) rename {jitsi-videobridge => videobridge}/templates/videobridge/logging.properties.j2 (100%) rename {jitsi-videobridge => videobridge}/templates/videobridge/sip-communicator.properties.j2 (100%) diff --git a/jitsi-meet/defaults/main.yml b/meet/defaults/main.yml similarity index 100% rename from jitsi-meet/defaults/main.yml rename to meet/defaults/main.yml diff --git a/jitsi-meet/handlers/main.yml b/meet/handlers/main.yml similarity index 100% rename from jitsi-meet/handlers/main.yml rename to meet/handlers/main.yml diff --git a/jitsi-meet/meta/main.yml b/meet/meta/main.yml similarity index 100% rename from jitsi-meet/meta/main.yml rename to meet/meta/main.yml diff --git a/jitsi-meet/molecule/default/converge.yml b/meet/molecule/default/converge.yml similarity index 100% rename from jitsi-meet/molecule/default/converge.yml rename to meet/molecule/default/converge.yml diff --git a/jitsi-meet/molecule/default/molecule.yml b/meet/molecule/default/molecule.yml similarity index 100% rename from jitsi-meet/molecule/default/molecule.yml rename to meet/molecule/default/molecule.yml diff --git a/jitsi-meet/molecule/default/requirements.yml b/meet/molecule/default/requirements.yml similarity index 100% rename from jitsi-meet/molecule/default/requirements.yml rename to meet/molecule/default/requirements.yml diff --git a/jitsi-meet/molecule/default/roles/ansible-role-jitsi-meet b/meet/molecule/default/roles/ansible-role-jitsi-meet similarity index 100% rename from jitsi-meet/molecule/default/roles/ansible-role-jitsi-meet rename to meet/molecule/default/roles/ansible-role-jitsi-meet diff --git a/jitsi-meet/molecule/docker/INSTALL.rst b/meet/molecule/docker/INSTALL.rst similarity index 100% rename from jitsi-meet/molecule/docker/INSTALL.rst rename to meet/molecule/docker/INSTALL.rst diff --git a/jitsi-meet/molecule/docker/molecule.yml b/meet/molecule/docker/molecule.yml similarity index 100% rename from jitsi-meet/molecule/docker/molecule.yml rename to meet/molecule/docker/molecule.yml diff --git a/jitsi-meet/tasks/jitsi-meet.yml b/meet/tasks/jitsi-meet.yml similarity index 100% rename from jitsi-meet/tasks/jitsi-meet.yml rename to meet/tasks/jitsi-meet.yml diff --git a/jitsi-meet/tasks/main.yml b/meet/tasks/main.yml similarity index 100% rename from jitsi-meet/tasks/main.yml rename to meet/tasks/main.yml diff --git a/jitsi-meet/tasks/nginx.yml b/meet/tasks/nginx.yml similarity index 100% rename from jitsi-meet/tasks/nginx.yml rename to meet/tasks/nginx.yml diff --git a/jitsi-meet/tasks/prosody.yml b/meet/tasks/prosody.yml similarity index 100% rename from jitsi-meet/tasks/prosody.yml rename to meet/tasks/prosody.yml diff --git a/jitsi-meet/tasks/ui_customization.yml b/meet/tasks/ui_customization.yml similarity index 100% rename from jitsi-meet/tasks/ui_customization.yml rename to meet/tasks/ui_customization.yml diff --git a/jitsi-meet/templates/interface_config.js.j2 b/meet/templates/interface_config.js.j2 similarity index 100% rename from jitsi-meet/templates/interface_config.js.j2 rename to meet/templates/interface_config.js.j2 diff --git a/jitsi-meet/templates/jicofo/config.j2 b/meet/templates/jicofo/config.j2 similarity index 100% rename from jitsi-meet/templates/jicofo/config.j2 rename to meet/templates/jicofo/config.j2 diff --git a/jitsi-meet/templates/jicofo/sip-communicator.properties.j2 b/meet/templates/jicofo/sip-communicator.properties.j2 similarity index 100% rename from jitsi-meet/templates/jicofo/sip-communicator.properties.j2 rename to meet/templates/jicofo/sip-communicator.properties.j2 diff --git a/jitsi-meet/templates/logrotate.d/jicofo.j2 b/meet/templates/logrotate.d/jicofo.j2 similarity index 100% rename from jitsi-meet/templates/logrotate.d/jicofo.j2 rename to meet/templates/logrotate.d/jicofo.j2 diff --git a/jitsi-meet/templates/logrotate.d/nginx.j2 b/meet/templates/logrotate.d/nginx.j2 similarity index 100% rename from jitsi-meet/templates/logrotate.d/nginx.j2 rename to meet/templates/logrotate.d/nginx.j2 diff --git a/jitsi-meet/templates/logrotate.d/prosody.j2 b/meet/templates/logrotate.d/prosody.j2 similarity index 100% rename from jitsi-meet/templates/logrotate.d/prosody.j2 rename to meet/templates/logrotate.d/prosody.j2 diff --git a/jitsi-meet/templates/meet-config.js.j2 b/meet/templates/meet-config.js.j2 similarity index 100% rename from jitsi-meet/templates/meet-config.js.j2 rename to meet/templates/meet-config.js.j2 diff --git a/jitsi-meet/templates/nginx/nginx.conf.j2 b/meet/templates/nginx/nginx.conf.j2 similarity index 100% rename from jitsi-meet/templates/nginx/nginx.conf.j2 rename to meet/templates/nginx/nginx.conf.j2 diff --git a/jitsi-meet/templates/nginx/sites-available/vhost.conf.j2 b/meet/templates/nginx/sites-available/vhost.conf.j2 similarity index 100% rename from jitsi-meet/templates/nginx/sites-available/vhost.conf.j2 rename to meet/templates/nginx/sites-available/vhost.conf.j2 diff --git a/jitsi-meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 b/meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 similarity index 100% rename from jitsi-meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 rename to meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 diff --git a/jitsi-meet/templates/prosody/prosody.cfg.lua.j2 b/meet/templates/prosody/prosody.cfg.lua.j2 similarity index 100% rename from jitsi-meet/templates/prosody/prosody.cfg.lua.j2 rename to meet/templates/prosody/prosody.cfg.lua.j2 diff --git a/jitsi-meet/templates/title.html.j2 b/meet/templates/title.html.j2 similarity index 100% rename from jitsi-meet/templates/title.html.j2 rename to meet/templates/title.html.j2 diff --git a/jitsi-videobridge/defaults/main.yml b/videobridge/defaults/main.yml similarity index 100% rename from jitsi-videobridge/defaults/main.yml rename to videobridge/defaults/main.yml diff --git a/jitsi-videobridge/handlers/main.yml b/videobridge/handlers/main.yml similarity index 100% rename from jitsi-videobridge/handlers/main.yml rename to videobridge/handlers/main.yml diff --git a/jitsi-videobridge/meta/main.yml b/videobridge/meta/main.yml similarity index 100% rename from jitsi-videobridge/meta/main.yml rename to videobridge/meta/main.yml diff --git a/jitsi-videobridge/tasks/main.yml b/videobridge/tasks/main.yml similarity index 100% rename from jitsi-videobridge/tasks/main.yml rename to videobridge/tasks/main.yml diff --git a/jitsi-videobridge/templates/videobridge/config.j2 b/videobridge/templates/videobridge/config.j2 similarity index 100% rename from jitsi-videobridge/templates/videobridge/config.j2 rename to videobridge/templates/videobridge/config.j2 diff --git a/jitsi-videobridge/templates/videobridge/jvb.conf.j2 b/videobridge/templates/videobridge/jvb.conf.j2 similarity index 100% rename from jitsi-videobridge/templates/videobridge/jvb.conf.j2 rename to videobridge/templates/videobridge/jvb.conf.j2 diff --git a/jitsi-videobridge/templates/videobridge/logging.properties.j2 b/videobridge/templates/videobridge/logging.properties.j2 similarity index 100% rename from jitsi-videobridge/templates/videobridge/logging.properties.j2 rename to videobridge/templates/videobridge/logging.properties.j2 diff --git a/jitsi-videobridge/templates/videobridge/sip-communicator.properties.j2 b/videobridge/templates/videobridge/sip-communicator.properties.j2 similarity index 100% rename from jitsi-videobridge/templates/videobridge/sip-communicator.properties.j2 rename to videobridge/templates/videobridge/sip-communicator.properties.j2 From 8cd91f14e65eaea2a80873767181f5bd0b702927 Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Sat, 13 Feb 2021 19:00:06 +0100 Subject: [PATCH 07/24] install jitsi packages seperatly --- meet/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meet/defaults/main.yml b/meet/defaults/main.yml index 70c8382..78935f6 100644 --- a/meet/defaults/main.yml +++ b/meet/defaults/main.yml @@ -1,7 +1,7 @@ --- jitsi_meet_packages: - - jitsi-meet + - jicofo - jitsi-meet-prosody - jitsi-meet-web - jitsi-meet-web-config From 3f64433d1c07f5c5b327e736bf3c1cd9f683f464 Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Sun, 14 Feb 2021 17:54:47 +0100 Subject: [PATCH 08/24] jitsi-meet-prosody needs jitsi-videobridge2 debconf --- meet/tasks/jitsi-meet.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/meet/tasks/jitsi-meet.yml b/meet/tasks/jitsi-meet.yml index 2ce9e4c..24b7959 100644 --- a/meet/tasks/jitsi-meet.yml +++ b/meet/tasks/jitsi-meet.yml @@ -23,6 +23,14 @@ question: jitsi-meet-prosody/turn-secret value: "{{ jitsi_meet_turn_secret }}" vtype: string + - name: jitsi-meet-prosody + question: jitsi-videobridge/jvb-hostname + value: "{{ jitsi_meet_server_name }}" + vtype: string + - name: jitsi-videobridge2 + question: jitsi-videobridge/jvb-hostname + value: "{{ jitsi_meet_server_name }}" + vtype: string - name: Install jitsi-meet apt: From 66003d088c333c8132766e449ee0cdf4d652745a Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Sun, 14 Feb 2021 19:16:40 +0100 Subject: [PATCH 09/24] fix debconf --- meet/tasks/jitsi-meet.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/meet/tasks/jitsi-meet.yml b/meet/tasks/jitsi-meet.yml index 24b7959..3f99136 100644 --- a/meet/tasks/jitsi-meet.yml +++ b/meet/tasks/jitsi-meet.yml @@ -31,6 +31,10 @@ question: jitsi-videobridge/jvb-hostname value: "{{ jitsi_meet_server_name }}" vtype: string + - name: jitsi-meet + question: jitsi-meet/jvb-serve + value: "false" + vtype: boolean - name: Install jitsi-meet apt: From 9ddd1518744baede61db08aedc3f576be3f563d5 Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Sun, 14 Feb 2021 19:53:19 +0100 Subject: [PATCH 10/24] fix prosody warnings --- meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 b/meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 index b076162..ebe76cf 100644 --- a/meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 +++ b/meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 @@ -15,6 +15,7 @@ turncredentials = { cross_domain_bosh = false; consider_bosh_secure = true; +https_ports = { } -- https is proxied through nginx VirtualHost "{{ jitsi_meet_server_name }}" -- enabled = false -- Remove this line to enable this host From bb300855d456c8773874547cbb457790a4d72450 Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Sun, 14 Feb 2021 19:57:38 +0100 Subject: [PATCH 11/24] fix jicofo config --- meet/tasks/jitsi-meet.yml | 1 - meet/templates/jicofo/sip-communicator.properties.j2 | 4 +++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/meet/tasks/jitsi-meet.yml b/meet/tasks/jitsi-meet.yml index 3f99136..86b5fc8 100644 --- a/meet/tasks/jitsi-meet.yml +++ b/meet/tasks/jitsi-meet.yml @@ -59,7 +59,6 @@ owner: jicofo group: jitsi notify: restart jicofo - when: jitsi_meet_jibri_enabled - name: Copy Jicofo log.properties copy: diff --git a/meet/templates/jicofo/sip-communicator.properties.j2 b/meet/templates/jicofo/sip-communicator.properties.j2 index d716b1a..6e99030 100644 --- a/meet/templates/jicofo/sip-communicator.properties.j2 +++ b/meet/templates/jicofo/sip-communicator.properties.j2 @@ -1,3 +1,5 @@ org.jitsi.jicofo.BRIDGE_MUC=JvbBrewery@internal.auth.{{ jitsi_meet_server_name }} +{% if jitsi_meet_jibri_enabled == true %} org.jitsi.jicofo.jibri.BREWERY=JibriBrewery@internal.auth.{{ jitsi_meet_server_name }} -org.jitsi.jicofo.jibri.PENDING_TIMEOUT=90 \ No newline at end of file +org.jitsi.jicofo.jibri.PENDING_TIMEOUT=90 +{% endif %} From e491da5d9825def9eb921230e7a3392a9eb4fba5 Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Sun, 14 Feb 2021 21:07:03 +0100 Subject: [PATCH 12/24] fix jicofo logging --- meet/defaults/main.yml | 40 ----------------- meet/tasks/jitsi-meet.yml | 6 +-- meet/templates/jicofo/logging.properties.j2 | 50 +++++++++++++++++++++ 3 files changed, 53 insertions(+), 43 deletions(-) create mode 100644 meet/templates/jicofo/logging.properties.j2 diff --git a/meet/defaults/main.yml b/meet/defaults/main.yml index 78935f6..f880655 100644 --- a/meet/defaults/main.yml +++ b/meet/defaults/main.yml @@ -80,46 +80,6 @@ jitsi_meet_debsums_ignore_custom_assets: false jitsi_meet_logrotate_retained_days: 7 jitsi_meet_loglevel: "WARNING" jitsi_meet_jicofo_loglevel: "{{ jitsi_meet_loglevel }}" -jitsi_meet_jicofo_logging_properties: | - handlers= java.util.logging.ConsoleHandler - #handlers= java.util.logging.ConsoleHandler, com.agafua.syslog.SyslogHandler - - java.util.logging.ConsoleHandler.level = {{ jitsi_meet_jicofo_loglevel }} - java.util.logging.ConsoleHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter - - net.java.sip.communicator.util.ScLogFormatter.programname=JVB - - .level= {{ jitsi_meet_jicofo_loglevel }} - - org.jitsi.videobridge.xmpp.ComponentImpl.level=FINE - - # All of the INFO level logs from MediaStreamImpl are unnecessary in the context of jitsi-videobridge. - org.jitsi.impl.neomedia.MediaStreamImpl.level=WARNING - - # Syslog(uncomment handler to use) - com.agafua.syslog.SyslogHandler.transport = udp - com.agafua.syslog.SyslogHandler.facility = local0 - com.agafua.syslog.SyslogHandler.port = 514 - com.agafua.syslog.SyslogHandler.hostname = localhost - com.agafua.syslog.SyslogHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter - com.agafua.syslog.SyslogHandler.escapeNewlines = false - - # to disable double timestamps in syslog uncomment next line - #net.java.sip.communicator.util.ScLogFormatter.disableTimestamp=true - - # time series logging - java.util.logging.SimpleFormatter.format= %5$s%n - java.util.logging.FileHandler.level = ALL - java.util.logging.FileHandler.formatter = java.util.logging.SimpleFormatter - java.util.logging.FileHandler.pattern = /tmp/jvb-series.log - java.util.logging.FileHandler.limit = 200000000 - java.util.logging.FileHandler.count = 1 - java.util.logging.FileHandler.append = false - - timeseries.level=OFF - timeseries.org.jitsi.videobridge.cc.vp8.level=ALL - timeseries.useParentHandlers = false - timeseries.handlers = java.util.logging.FileHandler jitsi_meet_nginx_base_config: True diff --git a/meet/tasks/jitsi-meet.yml b/meet/tasks/jitsi-meet.yml index 86b5fc8..539605b 100644 --- a/meet/tasks/jitsi-meet.yml +++ b/meet/tasks/jitsi-meet.yml @@ -60,9 +60,9 @@ group: jitsi notify: restart jicofo -- name: Copy Jicofo log.properties - copy: - content: "{{ jitsi_meet_jicofo_logging_properties }}" +- name: Copy Jicofo logging.properties + template: + src: jicofo/logging.properties.j2 dest: /etc/jitsi/jicofo/logging.properties owner: jicofo group: jitsi diff --git a/meet/templates/jicofo/logging.properties.j2 b/meet/templates/jicofo/logging.properties.j2 new file mode 100644 index 0000000..f149386 --- /dev/null +++ b/meet/templates/jicofo/logging.properties.j2 @@ -0,0 +1,50 @@ +handlers= java.util.logging.ConsoleHandler + +# Handlers with XMPP debug enabled: +#handlers= java.util.logging.ConsoleHandler, org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler + +# Handlers with syslog enabled: +#handlers= java.util.logging.ConsoleHandler, com.agafua.syslog.SyslogHandler + +java.util.logging.ConsoleHandler.level = {{ jitsi_meet_jicofo_loglevel }} +java.util.logging.ConsoleHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter +java.util.logging.ConsoleHandler.filter = org.jitsi.impl.protocol.xmpp.log.ExcludeXmppPackets + +net.java.sip.communicator.util.ScLogFormatter.programname=Jicofo +.level= {{ jitsi_meet_jicofo_loglevel }} + +# To enable XMPP packets logging add XmppPacketsFileHandler to the handlers property +org.jitsi.impl.protocol.xmpp.log.PacketDebugger.level=ALL +org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler.pattern=/var/log/jitsi/jicofo-xmpp.log +org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler.append=true +org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler.limit=200000000 +org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler.count=3 + +# Syslog (uncomment handler to use) +com.agafua.syslog.SyslogHandler.transport = udp +com.agafua.syslog.SyslogHandler.facility = local0 +com.agafua.syslog.SyslogHandler.port = 514 +com.agafua.syslog.SyslogHandler.hostname = localhost +com.agafua.syslog.SyslogHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter +com.agafua.syslog.SyslogHandler.escapeNewlines = false +com.agafua.syslog.SyslogHandler.filter = org.jitsi.impl.protocol.xmpp.log.ExcludeXmppPackets + +# to disable double timestamps in syslog uncomment next line +#net.java.sip.communicator.util.ScLogFormatter.disableTimestamp=true + +# time series logging +java.util.logging.SimpleFormatter.format= %5$s%n +java.util.logging.FileHandler.level = ALL +java.util.logging.FileHandler.formatter = java.util.logging.SimpleFormatter +java.util.logging.FileHandler.pattern = /tmp/jvb-series.log +java.util.logging.FileHandler.limit = 200000000 +java.util.logging.FileHandler.count = 1 +java.util.logging.FileHandler.append = false + +timeseries.level=OFF +timeseries.org.jitsi.videobridge.cc.vp8.level=ALL +timeseries.useParentHandlers = false +timeseries.handlers = java.util.logging.FileHandler + +# uncomment to see how Jicofo talks to the JVB +#org.jitsi.impl.protocol.xmpp.colibri.level=ALL From 4b973c900aac87ebc83cbb62f502b528441f231f Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Sun, 14 Feb 2021 22:32:49 +0100 Subject: [PATCH 13/24] configure octo --- meet/defaults/main.yml | 12 ++++++++---- meet/templates/jicofo/sip-communicator.properties.j2 | 4 ++++ meet/templates/meet-config.js.j2 | 5 +++++ videobridge/defaults/main.yml | 6 ++++++ .../videobridge/sip-communicator.properties.j2 | 10 ++++++++++ 5 files changed, 33 insertions(+), 4 deletions(-) diff --git a/meet/defaults/main.yml b/meet/defaults/main.yml index f880655..bad04e0 100644 --- a/meet/defaults/main.yml +++ b/meet/defaults/main.yml @@ -75,6 +75,14 @@ jitsi_meet_title_favicon: images/favicon.ico?v=1 jitsi_meet_debsums_ignore_custom_assets: false +# Jibri +jitsi_meet_jibri_enabled: False +jitsi_meet_jibri_password: "CHANGEME6" +jitsi_meet_recorder_password: "CHANGEME7" + +# Octo +jitsi_meet_octo_enabled: False +jitsi_meet_octo_selection_strategy: "RegionBasedBridgeSelectionStrategy" ## Logging jitsi_meet_logrotate_retained_days: 7 @@ -87,10 +95,6 @@ jitsi_meet_nginx_base_config: True jitsi_meet_nginx_access_log: "off" jitsi_meet_nginx_error_log: /var/log/nginx/error.log -jitsi_meet_jibri_enabled: False -jitsi_meet_jibri_password: "CHANGEME6" -jitsi_meet_recorder_password: "CHANGEME7" - jitsi_meet_nginx_ssl_preset: "intermediate" jitsi_meet_nginx_ssl_presets: modern: diff --git a/meet/templates/jicofo/sip-communicator.properties.j2 b/meet/templates/jicofo/sip-communicator.properties.j2 index 6e99030..189da48 100644 --- a/meet/templates/jicofo/sip-communicator.properties.j2 +++ b/meet/templates/jicofo/sip-communicator.properties.j2 @@ -3,3 +3,7 @@ org.jitsi.jicofo.BRIDGE_MUC=JvbBrewery@internal.auth.{{ jitsi_meet_server_name } org.jitsi.jicofo.jibri.BREWERY=JibriBrewery@internal.auth.{{ jitsi_meet_server_name }} org.jitsi.jicofo.jibri.PENDING_TIMEOUT=90 {% endif %} + +{% if jitsi_meet_octo_enabled %} +org.jitsi.jicofo.BridgeSelector.BRIDGE_SELECTION_STRATEGY={{ jitsi_meet_octo_selection_strategy }} +{% endif %} diff --git a/meet/templates/meet-config.js.j2 b/meet/templates/meet-config.js.j2 index 119731c..c92e1b2 100644 --- a/meet/templates/meet-config.js.j2 +++ b/meet/templates/meet-config.js.j2 @@ -44,6 +44,11 @@ var config = { // testing: { +{% if jitsi_meet_octo_enabled %} + octo: { + probability: 1 + }, +{% endif %} // P2P test mode disables automatic switching to P2P when there are 2 // participants in the conference. p2pTestMode: false diff --git a/videobridge/defaults/main.yml b/videobridge/defaults/main.yml index 5856c2c..aa6c739 100644 --- a/videobridge/defaults/main.yml +++ b/videobridge/defaults/main.yml @@ -13,5 +13,11 @@ jitsi_meet_single_instance: "{{ inventory_hostname == groups['meet'][0] }}" jitsi_meet_videobridge_prosody_server_ip: "{{ jitsi_meet_single_instance | ternary('localhost', (hostvars[groups['meet'][0]]['private_ipv4'] | default(hostvars[groups['meet'][0]]['ansible_default_ipv4']['address']))) }}" jitsi_meet_videobridge_muc_nickname: "{{ jitsi_meet_single_instance | ternary('jvb1', inventory_hostname) }}" +# Octo +jitsi_meet_octo_enabled: False +jitsi_meet_octo_private_ip: "{{ ansible_default_ipv4.address }}" +jitsi_meet_octo_public_ip: "{{ ansible_default_ipv4.address }}" +jitsi_meet_octo_region: region1 + ## Logging jitsi_meet_videobridge_loglevel: "WARNING" diff --git a/videobridge/templates/videobridge/sip-communicator.properties.j2 b/videobridge/templates/videobridge/sip-communicator.properties.j2 index bdc56b8..9451e52 100644 --- a/videobridge/templates/videobridge/sip-communicator.properties.j2 +++ b/videobridge/templates/videobridge/sip-communicator.properties.j2 @@ -10,3 +10,13 @@ org.jitsi.videobridge.xmpp.user.shard.PASSWORD={{ jitsi_meet_videobridge_passwor org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS=JvbBrewery@internal.auth.{{ jitsi_meet_server_name }} org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME={{ jitsi_meet_videobridge_muc_nickname }} org.jitsi.videobridge.xmpp.user.shard.DISABLE_CERTIFICATE_VERIFICATION=true + +{% if jitsi_meet_octo_enabled %} +# the address to bind to locally +org.jitsi.videobridge.octo.BIND_ADDRESS={{ jitsi_meet_octo_private_ip }} +# the address to advertise (in case BIND_ADDRESS is not accessible) +org.jitsi.videobridge.octo.PUBLIC_ADDRESS={{ jitsi_meet_octo_public_ip }} +# the port to bind to +org.jitsi.videobridge.octo.BIND_PORT=4096 +org.jitsi.videobridge.REGION={{ jitsi_meet_octo_region }} +{% endif %} From eea9cb606a32070b78d6a937a4a61d5b31e840ea Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Sun, 14 Feb 2021 22:46:38 +0100 Subject: [PATCH 14/24] make jicofo warning go away --- meet/templates/jicofo/sip-communicator.properties.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/meet/templates/jicofo/sip-communicator.properties.j2 b/meet/templates/jicofo/sip-communicator.properties.j2 index 189da48..1fade67 100644 --- a/meet/templates/jicofo/sip-communicator.properties.j2 +++ b/meet/templates/jicofo/sip-communicator.properties.j2 @@ -6,4 +6,5 @@ org.jitsi.jicofo.jibri.PENDING_TIMEOUT=90 {% if jitsi_meet_octo_enabled %} org.jitsi.jicofo.BridgeSelector.BRIDGE_SELECTION_STRATEGY={{ jitsi_meet_octo_selection_strategy }} +org.jitsi.jicofo.SHORT_ID=1 {% endif %} From 9868d60a8a97a4651f5f6df43f22314b347dbd31 Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Tue, 16 Feb 2021 00:26:31 +0100 Subject: [PATCH 15/24] expose octo region in config --- meet/templates/meet-config.js.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meet/templates/meet-config.js.j2 b/meet/templates/meet-config.js.j2 index c92e1b2..ebf13a5 100644 --- a/meet/templates/meet-config.js.j2 +++ b/meet/templates/meet-config.js.j2 @@ -385,8 +385,8 @@ var config = { // the user region as seen by the server. deploymentInfo: { // shard: "shard1", - // region: "europe", - // userRegion: "asia" + region: "{{ jitsi_meet_octo_region }}", + userRegion: "{{ jitsi_meet_octo_region }}" }, // Decides whether the start/stop recording audio notifications should play on record. From f640c32b59f0f9f8f5976280975a096845763190 Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Fri, 19 Feb 2021 12:36:03 +0100 Subject: [PATCH 16/24] make load packet-rate configurable --- videobridge/defaults/main.yml | 5 +++++ videobridge/templates/videobridge/jvb.conf.j2 | 11 +++++++++++ 2 files changed, 16 insertions(+) diff --git a/videobridge/defaults/main.yml b/videobridge/defaults/main.yml index aa6c739..3fc6e6e 100644 --- a/videobridge/defaults/main.yml +++ b/videobridge/defaults/main.yml @@ -19,5 +19,10 @@ jitsi_meet_octo_private_ip: "{{ ansible_default_ipv4.address }}" jitsi_meet_octo_public_ip: "{{ ansible_default_ipv4.address }}" jitsi_meet_octo_region: region1 +## The packet rate (pps) at which we'll consider the bridge overloaded +jitsi_meet_videobridge_load_threshold: 50000 +## The packet rate (pps) at which we'll consider the bridge 'underloaded' enough to start recovery +jitsi_meet_videobridge_recovery_threshold: 40000 + ## Logging jitsi_meet_videobridge_loglevel: "WARNING" diff --git a/videobridge/templates/videobridge/jvb.conf.j2 b/videobridge/templates/videobridge/jvb.conf.j2 index c36e349..b5f7eb5 100644 --- a/videobridge/templates/videobridge/jvb.conf.j2 +++ b/videobridge/templates/videobridge/jvb.conf.j2 @@ -10,4 +10,15 @@ videobridge { tls = true server-id = {{ ansible_hostname }} } + load-management { + load-measurements { + packet-rate { + # The packet rate at which we'll consider the bridge overloaded + load-threshold = {{ jitsi_meet_videobridge_load_threshold }} + # The packet rate at which we'll consider the bridge 'underloaded' enough + # to start recovery + recovery-threshold = {{ jitsi_meet_videobridge_recovery_threshold }} + } + } + } } From a45ea508a9b9d4eeb87e2e2880e46db6df7f0f91 Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Tue, 23 Feb 2021 19:33:09 +0100 Subject: [PATCH 17/24] add log config to vhost --- meet/defaults/main.yml | 2 +- meet/templates/nginx/sites-available/vhost.conf.j2 | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/meet/defaults/main.yml b/meet/defaults/main.yml index bad04e0..1bfa4cc 100644 --- a/meet/defaults/main.yml +++ b/meet/defaults/main.yml @@ -93,7 +93,7 @@ jitsi_meet_nginx_base_config: True # Disable nginx access log per default jitsi_meet_nginx_access_log: "off" -jitsi_meet_nginx_error_log: /var/log/nginx/error.log +jitsi_meet_nginx_error_log: "/var/log/nginx/{{ jitsi_meet_server_name }}.error.log" jitsi_meet_nginx_ssl_preset: "intermediate" jitsi_meet_nginx_ssl_presets: diff --git a/meet/templates/nginx/sites-available/vhost.conf.j2 b/meet/templates/nginx/sites-available/vhost.conf.j2 index 15c50d3..7120536 100644 --- a/meet/templates/nginx/sites-available/vhost.conf.j2 +++ b/meet/templates/nginx/sites-available/vhost.conf.j2 @@ -39,6 +39,9 @@ server { add_header Strict-Transport-Security "max-age=31536000"; + access_log {{ jitsi_meet_nginx_access_log }}; + error_log {{ jitsi_meet_nginx_error_log }}; + root /usr/share/jitsi-meet; # ssi on with javascript for multidomain variables in config.js From 16cc933c9156406d69767aed41da998a05d82a4a Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Tue, 23 Feb 2021 19:33:55 +0100 Subject: [PATCH 18/24] redirect, instead of listening on multiple hosts --- .../nginx/sites-available/vhost.conf.j2 | 38 +++++++++++++++++-- 1 file changed, 35 insertions(+), 3 deletions(-) diff --git a/meet/templates/nginx/sites-available/vhost.conf.j2 b/meet/templates/nginx/sites-available/vhost.conf.j2 index 7120536..468437e 100644 --- a/meet/templates/nginx/sites-available/vhost.conf.j2 +++ b/meet/templates/nginx/sites-available/vhost.conf.j2 @@ -2,21 +2,53 @@ server { listen 80; listen [::]:80; - server_name {{ jitsi_meet_server_name }} {{ jitsi_meet_server_name_aliases | join(' ')}}; + server_name {{ jitsi_meet_server_name }} {{ jitsi_meet_server_name_aliases | join(' ') }}; {% block acme_challenge -%} include acme-challenge-location.conf; {% endblock -%} location / { - return 301 https://$host$request_uri; + return 301 https://{{ jitsi_meet_server_name }}$request_uri; } } +{% if jitsi_meet_server_name_aliases | length > 0 -%} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name {{ jitsi_meet_server_name_aliases | join(' ') }}; + + ssl_protocols {{ jitsi_meet_nginx_ssl_protocols }}; + ssl_prefer_server_ciphers {{ jitsi_meet_nginx_ssl_prefer_server_ciphers }}; + {% if not jitsi_meet_nginx_ssl_ciphers == "" %} + ssl_ciphers "{{ jitsi_meet_nginx_ssl_ciphers }}"; + {% endif %} + + {% if not jitsi_meet_nginx_ssl_preset == "modern" %} + ssl_dhparam {{ jitsi_meet_nginx_ssl_dhparam }}; + {% endif %} + + ssl_certificate {{ jitsi_meet_ssl_cert_path }}; + ssl_certificate_key {{ jitsi_meet_ssl_key_path }}; + ssl_session_timeout 1d; + ssl_session_cache shared:MozSSL:10m; # about 40000 sessions + ssl_session_tickets off; + + ssl_stapling on; + ssl_stapling_verify on; + + add_header Strict-Transport-Security "max-age=31536000"; + + return 301 https://{{ jitsi_meet_server_name }}$request_uri; +} +{% endif %} + server { listen 443 ssl http2; listen [::]:443 ssl http2; - server_name {{ jitsi_meet_server_name }} {{ jitsi_meet_server_name_aliases | join(' ')}}; + server_name {{ jitsi_meet_server_name }}; ssl_protocols {{ jitsi_meet_nginx_ssl_protocols }}; ssl_prefer_server_ciphers {{ jitsi_meet_nginx_ssl_prefer_server_ciphers }}; From ae63ea468b5da552c887dc19cf7fe7488ab6bcb9 Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Sat, 6 Mar 2021 15:16:32 +0100 Subject: [PATCH 19/24] allow more settings to be configured for client side performance --- meet/defaults/main.yml | 19 +++++++++++++++++++ meet/templates/interface_config.js.j2 | 18 +++++++----------- meet/templates/meet-config.js.j2 | 8 ++++---- 3 files changed, 30 insertions(+), 15 deletions(-) diff --git a/meet/defaults/main.yml b/meet/defaults/main.yml index 1bfa4cc..cf529ce 100644 --- a/meet/defaults/main.yml +++ b/meet/defaults/main.yml @@ -24,6 +24,8 @@ jitsi_meet_cert_choice: "Generate a new self-signed certificate (You will later jitsi_meet_config_default_language: "de" jitsi_meet_config_disable_third_party_requests: "true" jitsi_meet_config_disable_audio_levels: "false" +jitsi_meet_config_enable_no_audio_detection: "true" +jitsi_meet_config_enable_noisy_mic_detection: "true" jitsi_meet_config_disable_aec: "false" # disable acoustic echo cancellation jitsi_meet_config_disable_agc: "false" # disable automatic gain control jitsi_meet_config_disable_ap: "false" # disable all audio processing @@ -36,11 +38,16 @@ jitsi_meet_config_require_display_name: "false" jitsi_meet_config_resolution: 720 jitsi_meet_config_constraints: video: + frameRate: + max: 20 + min: 5 height: ideal: "{{ jitsi_meet_config_resolution }}" max: 720 min: 240 jitsi_meet_config_start_audio_only: "false" +jitsi_meet_config_start_audio_muted: 10 # every participant after the Nth will start audio muted +jitsi_meet_config_start_video_muted: 10 # every participant after the Nth will start video muted jitsi_meet_config_stun_servers: - stun:meet-jit-si-turnrelay.jitsi.net:443 @@ -66,7 +73,19 @@ jitsi_meet_interface_mobile_download_link_android: https://play.google.com/store jitsi_meet_interface_mobile_download_link_f_droid: https://f-droid.org/en/packages/org.jitsi.meet/ jitsi_meet_interface_mobile_download_link_ios: https://itunes.apple.com/us/app/jitsi-meet/id1165103905 jitsi_meet_interface_native_app_name: Jitsi Meet +jitsi_meet_interface_connection_indicator_disabled: "false" +jitsi_meet_interface_disable_dominant_speaker_indicator: "false" +jitsi_meet_interface_disable_focus_indicator: "false" +jitsi_meet_interface_disable_join_leave_notifications: "false" jitsi_meet_interface_disable_video_background: "false" +jitsi_meet_interface_set_filmstrip_enabled: "true" +jitsi_meet_interface_toolbar_buttons: [ + 'microphone', 'camera', 'closedcaptions', 'desktop', 'embedmeeting', 'fullscreen', + 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording', + 'livestreaming', 'etherpad', 'sharedvideo', 'settings', 'raisehand', + 'videoquality', 'filmstrip', 'invite', 'feedback', 'stats', 'shortcuts', + 'tileview', 'videobackgroundblur', 'download', 'help', 'mute-everyone', 'security' +] # Jitsi Meet variables for title.html diff --git a/meet/templates/interface_config.js.j2 b/meet/templates/interface_config.js.j2 index 0ad350d..8efdce8 100644 --- a/meet/templates/interface_config.js.j2 +++ b/meet/templates/interface_config.js.j2 @@ -42,7 +42,7 @@ var interfaceConfig = { * * @type {boolean} */ - CONNECTION_INDICATOR_DISABLED: false, + CONNECTION_INDICATOR_DISABLED: {{ jitsi_meet_interface_connection_indicator_disabled }}, DEFAULT_BACKGROUND: '{{ jitsi_meet_interface_default_background }}', DEFAULT_LOCAL_DISPLAY_NAME: '{{ jitsi_meet_interface_default_local_display_name }}', @@ -50,14 +50,14 @@ var interfaceConfig = { DEFAULT_REMOTE_DISPLAY_NAME: '{{ jitsi_meet_interface_default_remote_display_name }}', DEFAULT_WELCOME_PAGE_LOGO_URL: '{{ jitsi_meet_interface_default_welcome_page_logo_url }}', - DISABLE_DOMINANT_SPEAKER_INDICATOR: false, + DISABLE_DOMINANT_SPEAKER_INDICATOR: {{ jitsi_meet_interface_disable_dominant_speaker_indicator }}, - DISABLE_FOCUS_INDICATOR: false, + DISABLE_FOCUS_INDICATOR: {{ jitsi_meet_interface_disable_focus_indicator }}, /** * If true, notifications regarding joining/leaving are no longer displayed. */ - DISABLE_JOIN_LEAVE_NOTIFICATIONS: false, + DISABLE_JOIN_LEAVE_NOTIFICATIONS: {{ jitsi_meet_interface_disable_join_leave_notifications }}, /** * If true, presence status: busy, calling, connected etc. is not displayed. @@ -201,13 +201,7 @@ var interfaceConfig = { * - it's impossible to control the placement of buttons * - 'desktop' controls the "Share your screen" button */ - TOOLBAR_BUTTONS: [ - 'microphone', 'camera', 'closedcaptions', 'desktop', 'embedmeeting', 'fullscreen', - 'fodeviceselection', 'hangup', 'profile', 'chat', 'recording', - 'livestreaming', 'etherpad', 'sharedvideo', 'settings', 'raisehand', - 'videoquality', 'filmstrip', 'invite', 'feedback', 'stats', 'shortcuts', - 'tileview', 'videobackgroundblur', 'download', 'help', 'mute-everyone', 'security' - ], + TOOLBAR_BUTTONS: {{ jitsi_meet_interface_toolbar_buttons | to_nice_json }}, TOOLBAR_TIMEOUT: 4000, @@ -215,6 +209,8 @@ var interfaceConfig = { // are not supported and should show the unsupported browser page. UNSUPPORTED_BROWSERS: [], + SET_FILMSTRIP_ENABLED: {{ jitsi_meet_interface_set_filmstrip_enabled }}, + /** * Whether to show thumbnails in filmstrip as a column instead of as a row. */ diff --git a/meet/templates/meet-config.js.j2 b/meet/templates/meet-config.js.j2 index ebf13a5..cf8bf19 100644 --- a/meet/templates/meet-config.js.j2 +++ b/meet/templates/meet-config.js.j2 @@ -82,20 +82,20 @@ var config = { // Enabling this will run the lib-jitsi-meet no audio detection module which // will notify the user if the current selected microphone has no audio // input and will suggest another valid device if one is present. - enableNoAudioDetection: true, + enableNoAudioDetection: {{ jitsi_meet_config_enable_no_audio_detection }}, // Enabling this will run the lib-jitsi-meet noise detection module which will // notify the user if there is noise, other than voice, coming from the current // selected microphone. The purpose it to let the user know that the input could // be potentially unpleasant for other meeting participants. - enableNoisyMicDetection: true, + enableNoisyMicDetection: {{ jitsi_meet_config_enable_noisy_mic_detection }}, // Start the conference in audio only mode (no video is being received nor // sent). startAudioOnly: {{ jitsi_meet_config_start_audio_only }}, // Every participant after the Nth will start audio muted. - // startAudioMuted: 10, + startAudioMuted: {{ jitsi_meet_config_start_audio_muted }}, // Start calls with audio muted. Unlike the option above, this one is only // applied locally. FIXME: having these 2 options is confusing. @@ -126,7 +126,7 @@ var config = { enableLayerSuspension: {{ jitsi_meet_config_layer_suspension }}, // Every participant after the Nth will start video muted. - // startVideoMuted: 10, + startVideoMuted: {{ jitsi_meet_config_start_video_muted }}, // Start calls with video muted. Unlike the option above, this one is only // applied locally. FIXME: having these 2 options is confusing. From 8602e2a44ed22e386da34089f15240939c28afad Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Sat, 6 Mar 2021 15:53:00 +0100 Subject: [PATCH 20/24] add lastNlimits to config --- meet/templates/meet-config.js.j2 | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/meet/templates/meet-config.js.j2 b/meet/templates/meet-config.js.j2 index cf8bf19..e63cc83 100644 --- a/meet/templates/meet-config.js.j2 +++ b/meet/templates/meet-config.js.j2 @@ -210,6 +210,22 @@ var config = { // Default value for the channel "last N" attribute. -1 for unlimited. channelLastN: {{ jitsi_meet_config_last_n }}, + // Provides a way to use different "last N" values based on the number of participants in the conference. + // The keys in an Object represent number of participants and the values are "last N" to be used when number of + // participants gets to or above the number. + // + // For the given example mapping, "last N" will be set to 20 as long as there are at least 5, but less than + // 29 participants in the call and it will be lowered to 15 when the 30th participant joins. The 'channelLastN' + // will be used as default until the first threshold is reached. + // + // lastNLimits: { + // 5: 20, + // 30: 15, + // 50: 10, + // 70: 5, + // 90: 2 + // }, + // Disables or enables RTX (RFC 4588) (defaults to false). // disableRtx: false, From 1544e73be6ab717c54aa4cb180d9e853a8eb7196 Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Sat, 6 Mar 2021 21:38:10 +0100 Subject: [PATCH 21/24] pull in sub roles as dependencies --- meet/meta/main.yml | 2 ++ meta/main.yml | 3 +++ videobridge/meta/main.yml | 2 ++ 3 files changed, 7 insertions(+) diff --git a/meet/meta/main.yml b/meet/meta/main.yml index 76c9fce..e740962 100644 --- a/meet/meta/main.yml +++ b/meet/meta/main.yml @@ -1,4 +1,6 @@ --- +galaxy_info: + role_name: meet dependencies: - role: systemli.apt_repositories vars: diff --git a/meta/main.yml b/meta/main.yml index 7cbb72d..3f91959 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -16,3 +16,6 @@ galaxy_info: - buster notifications: webhooks: https://galaxy.ansible.com/api/v1/notifications/ +dependencies: + - role: meet + - role: videobridge diff --git a/videobridge/meta/main.yml b/videobridge/meta/main.yml index 7bdfb31..138721d 100644 --- a/videobridge/meta/main.yml +++ b/videobridge/meta/main.yml @@ -1,4 +1,6 @@ --- +galaxy_info: + role_name: videobridge dependencies: - role: systemli.apt_repositories vars: From 57fd72ddb0d78cde4c091fa5ca4ab1c2e56590b3 Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Sat, 6 Mar 2021 22:47:01 +0100 Subject: [PATCH 22/24] make role backwards compatible --- meet/defaults/main.yml | 6 +++++- meet/tasks/jitsi-meet.yml | 2 +- meet/templates/jicofo/sip-communicator.properties.j2 | 8 ++++---- meet/templates/nginx/sites-available/vhost.conf.j2 | 8 ++++---- meta/main.yml | 4 ++-- videobridge/defaults/main.yml | 4 ++-- .../templates/videobridge/sip-communicator.properties.j2 | 4 ++-- 7 files changed, 20 insertions(+), 16 deletions(-) diff --git a/meet/defaults/main.yml b/meet/defaults/main.yml index cf529ce..ca6ebed 100644 --- a/meet/defaults/main.yml +++ b/meet/defaults/main.yml @@ -9,7 +9,11 @@ jitsi_meet_packages: jitsi_meet_server_name: "meet.example.com" jitsi_meet_server_name_aliases: [] -jitsi_meet_videobridge_instances: "{{ groups['videobridges'] }}" +## single server vs scalable setup +jitsi_meet_single_instance: True +jitsi_meet_videobridge_instances: + - name: 'default-id' + ip: 127.0.0.1 jitsi_meet_jicofo_user: focus jitsi_meet_jicofo_port: 5347 diff --git a/meet/tasks/jitsi-meet.yml b/meet/tasks/jitsi-meet.yml index 539605b..d1b2b34 100644 --- a/meet/tasks/jitsi-meet.yml +++ b/meet/tasks/jitsi-meet.yml @@ -33,7 +33,7 @@ vtype: string - name: jitsi-meet question: jitsi-meet/jvb-serve - value: "false" + value: "{{ jitsi_meet_single_instance | to_json }}" vtype: boolean - name: Install jitsi-meet diff --git a/meet/templates/jicofo/sip-communicator.properties.j2 b/meet/templates/jicofo/sip-communicator.properties.j2 index 1fade67..a87fd5d 100644 --- a/meet/templates/jicofo/sip-communicator.properties.j2 +++ b/meet/templates/jicofo/sip-communicator.properties.j2 @@ -1,10 +1,10 @@ org.jitsi.jicofo.BRIDGE_MUC=JvbBrewery@internal.auth.{{ jitsi_meet_server_name }} -{% if jitsi_meet_jibri_enabled == true %} +{% if jitsi_meet_jibri_enabled == true -%} org.jitsi.jicofo.jibri.BREWERY=JibriBrewery@internal.auth.{{ jitsi_meet_server_name }} org.jitsi.jicofo.jibri.PENDING_TIMEOUT=90 -{% endif %} +{% endif -%} -{% if jitsi_meet_octo_enabled %} +{% if jitsi_meet_octo_enabled -%} org.jitsi.jicofo.BridgeSelector.BRIDGE_SELECTION_STRATEGY={{ jitsi_meet_octo_selection_strategy }} org.jitsi.jicofo.SHORT_ID=1 -{% endif %} +{% endif -%} diff --git a/meet/templates/nginx/sites-available/vhost.conf.j2 b/meet/templates/nginx/sites-available/vhost.conf.j2 index 468437e..e8391bf 100644 --- a/meet/templates/nginx/sites-available/vhost.conf.j2 +++ b/meet/templates/nginx/sites-available/vhost.conf.j2 @@ -124,15 +124,15 @@ server { } # colibri (JVB) websockets -{% for videobridge in jitsi_meet_videobridge_instances %} - location ~ ^/colibri-ws/{{ videobridge }}/(.*) { - proxy_pass http://{{ hostvars[videobridge]['private_ipv4'] | default(hostvars[videobridge]['ansible_default_ipv4']['address']) }}:9090/colibri-ws/{{ videobridge }}/$1$is_args$args; +{% for videobridge in jitsi_meet_videobridge_instances -%} + location ~ ^/colibri-ws/{{ videobridge.name }}/(.*) { + proxy_pass http://{{ videobridge.ip }}:9090/colibri-ws/{{ videobridge.name }}/$1$is_args$args; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; tcp_nodelay on; } -{% endfor %} +{% endfor -%} location ~ ^/([^/?&:'"]+)$ { try_files $uri @root_path; diff --git a/meta/main.yml b/meta/main.yml index 3f91959..e2877ee 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -17,5 +17,5 @@ galaxy_info: notifications: webhooks: https://galaxy.ansible.com/api/v1/notifications/ dependencies: - - role: meet - - role: videobridge + - role: jitsi_meet/meet + - role: jitsi_meet/videobridge diff --git a/videobridge/defaults/main.yml b/videobridge/defaults/main.yml index 3fc6e6e..6122152 100644 --- a/videobridge/defaults/main.yml +++ b/videobridge/defaults/main.yml @@ -9,8 +9,8 @@ jitsi_meet_jicofo_user: focus jitsi_meet_videobridge_port: 5347 ## single server vs scalable setup -jitsi_meet_single_instance: "{{ inventory_hostname == groups['meet'][0] }}" -jitsi_meet_videobridge_prosody_server_ip: "{{ jitsi_meet_single_instance | ternary('localhost', (hostvars[groups['meet'][0]]['private_ipv4'] | default(hostvars[groups['meet'][0]]['ansible_default_ipv4']['address']))) }}" +jitsi_meet_single_instance: True +jitsi_meet_videobridge_prosody_server_ip: "localhost" jitsi_meet_videobridge_muc_nickname: "{{ jitsi_meet_single_instance | ternary('jvb1', inventory_hostname) }}" # Octo diff --git a/videobridge/templates/videobridge/sip-communicator.properties.j2 b/videobridge/templates/videobridge/sip-communicator.properties.j2 index 9451e52..5d6ecbe 100644 --- a/videobridge/templates/videobridge/sip-communicator.properties.j2 +++ b/videobridge/templates/videobridge/sip-communicator.properties.j2 @@ -11,7 +11,7 @@ org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS=JvbBrewery@internal.auth.{{ jitsi org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME={{ jitsi_meet_videobridge_muc_nickname }} org.jitsi.videobridge.xmpp.user.shard.DISABLE_CERTIFICATE_VERIFICATION=true -{% if jitsi_meet_octo_enabled %} +{% if jitsi_meet_octo_enabled -%} # the address to bind to locally org.jitsi.videobridge.octo.BIND_ADDRESS={{ jitsi_meet_octo_private_ip }} # the address to advertise (in case BIND_ADDRESS is not accessible) @@ -19,4 +19,4 @@ org.jitsi.videobridge.octo.PUBLIC_ADDRESS={{ jitsi_meet_octo_public_ip }} # the port to bind to org.jitsi.videobridge.octo.BIND_PORT=4096 org.jitsi.videobridge.REGION={{ jitsi_meet_octo_region }} -{% endif %} +{% endif -%} From 95794825f510093b630a85868af987f625bda8e3 Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Sat, 6 Mar 2021 23:20:01 +0100 Subject: [PATCH 23/24] pin all packages on single instance --- meet/defaults/main.yml | 1 - videobridge/defaults/main.yml | 6 ++++++ videobridge/meta/main.yml | 3 +-- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/meet/defaults/main.yml b/meet/defaults/main.yml index ca6ebed..137152f 100644 --- a/meet/defaults/main.yml +++ b/meet/defaults/main.yml @@ -1,5 +1,4 @@ --- - jitsi_meet_packages: - jicofo - jitsi-meet-prosody diff --git a/videobridge/defaults/main.yml b/videobridge/defaults/main.yml index 6122152..55664b5 100644 --- a/videobridge/defaults/main.yml +++ b/videobridge/defaults/main.yml @@ -12,6 +12,12 @@ jitsi_meet_videobridge_port: 5347 jitsi_meet_single_instance: True jitsi_meet_videobridge_prosody_server_ip: "localhost" jitsi_meet_videobridge_muc_nickname: "{{ jitsi_meet_single_instance | ternary('jvb1', inventory_hostname) }}" +_jitsi_meet_apt_repositories_pin_packages: + - jicofo + - jitsi-meet-prosody + - jitsi-meet-web + - jitsi-meet-web-config +jitsi_meet_apt_repositories_pin_packages: "{{ ['jitsi-videobridge2'] + (jitsi_meet_single_instance | ternary(_jitsi_meet_apt_repositories_pin_packages, [])) }}" # Octo jitsi_meet_octo_enabled: False diff --git a/videobridge/meta/main.yml b/videobridge/meta/main.yml index 138721d..bcdaf18 100644 --- a/videobridge/meta/main.yml +++ b/videobridge/meta/main.yml @@ -7,5 +7,4 @@ dependencies: apt_repositories: - preset: jitsi name: download_jitsi_org - packages: - - jitsi-videobridge2 + packages: "{{ jitsi_meet_apt_repositories_pin_packages }}" From a5ed4f9d323730beb6b01d302faaec9e7f7a883b Mon Sep 17 00:00:00 2001 From: murmel <63870352+murme1@users.noreply.github.com> Date: Sun, 22 Aug 2021 21:25:35 +0200 Subject: [PATCH 24/24] WIP: add jigasi --- meet/defaults/main.yml | 3 +++ meet/tasks/main.yml | 1 + meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 | 9 +++++++-- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/meet/defaults/main.yml b/meet/defaults/main.yml index cf4c10f..a1edb52 100644 --- a/meet/defaults/main.yml +++ b/meet/defaults/main.yml @@ -103,6 +103,9 @@ jitsi_meet_jibri_enabled: False jitsi_meet_jibri_password: "CHANGEME6" jitsi_meet_recorder_password: "CHANGEME7" +# Jigasi SIP Dial-In +jitsi_meet_jigasi_enabled: False + # Octo jitsi_meet_octo_enabled: False jitsi_meet_octo_selection_strategy: "RegionBasedBridgeSelectionStrategy" diff --git a/meet/tasks/main.yml b/meet/tasks/main.yml index 8454e6a..cd1db30 100644 --- a/meet/tasks/main.yml +++ b/meet/tasks/main.yml @@ -8,6 +8,7 @@ - jitsi_meet_videobridge_password - jitsi_meet_jicofo_secret - jitsi_meet_jicofo_password + - jitsi_meet_jigasi_secret when: jitsi_meet_base_secret is defined - import_tasks: jitsi-meet.yml diff --git a/meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 b/meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 index ec6f67a..088052c 100644 --- a/meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 +++ b/meet/templates/prosody/conf.avail/virtualhost.cfg.lua.j2 @@ -66,7 +66,7 @@ Component "internal.auth.{{ jitsi_meet_server_name }}" "muc" modules_enabled = { "ping"; } - admins = { "focus@auth.{{ jitsi_meet_server_name }}", "jvb@auth.{{ jitsi_meet_server_name }}" } + admins = { "focus@auth.{{ jitsi_meet_server_name }}", "jvb@auth.{{ jitsi_meet_server_name }}"{% if jitsi_meet_jigasi_enabled %}, "jigasi@auth.{{ jitsi_meet_server_name }}"{% endif %} } muc_room_locking = false muc_room_default_public_jids = true muc_room_cache_size = 1000 @@ -90,7 +90,12 @@ Component "conferenceduration.{{ jitsi_meet_server_name }}" "conference_duration Component "jitsi-videobridge.{{ jitsi_meet_server_name }}" component_secret = "{{ jitsi_meet_videobridge_secret }}" -{% if jitsi_meet_jibri_enabled %} +{% if jitsi_meet_jigasi_enabled -%} +Component "callcontrol.{{ jitsi_meet_server_name }}" + component_secret = "{{ jitsi_meet_jigasi_secret }}" +{% endif %} + +{% if jitsi_meet_jibri_enabled -%} VirtualHost "recorder.{{ jitsi_meet_server_name }}" modules_enabled = { "ping";