mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2025-01-11 18:57:18 +01:00
Switch to exported Jitsi role
This commit is contained in:
parent
2135f93c20
commit
1d00d15482
23
CHANGELOG.md
23
CHANGELOG.md
@ -1,3 +1,24 @@
|
|||||||
|
# 2023-04-03
|
||||||
|
|
||||||
|
## The matrix-jitsi role lives independently now
|
||||||
|
|
||||||
|
**TLDR**: the `matrix-jitsi` role is now included from the [ansible-role-jitsi](https://github.com/mother-of-all-self-hosting/ansible-role-jitsi) repository, part of the [MASH playbook](https://github.com/mother-of-all-self-hosting/mash-playbook). Some variables have been renamed. All functionality remains intact.
|
||||||
|
|
||||||
|
The `matrix-jitsi` role has been relocated in its own repository, part of the [MASH playbook](https://github.com/mother-of-all-self-hosting/mash-playbook) project - an Ansible playbook for self-hosting [a growing list of FOSS software](https://github.com/mother-of-all-self-hosting/mash-playbook/blob/main/docs/supported-services.md). If hosting a Jitsi stack on the Matrix server itself did not stand right with you or you always wanted to host most stuff, you can now use this new playbook to do so.
|
||||||
|
|
||||||
|
As part of the extraction process of this role out of the Matrix playbook, a few other things improved:
|
||||||
|
|
||||||
|
- **native Traefik support** has been added
|
||||||
|
- **support for hosting under a subpath** has been added, although it suffers from a few minor issues listed [here](https://github.com/mother-of-all-self-hosting/mash-playbook/blob/main/docs/services/jitsi.md#url)
|
||||||
|
|
||||||
|
You need to **update you roles** (`just roles` or `make roles`) regardless of whether you're using Jitsi or not.
|
||||||
|
|
||||||
|
If you're making use of Jitsi via this playbook, you will need to update variable references in your `vars.yml` file:
|
||||||
|
|
||||||
|
- `matrix_jitsi_*_docker_image_` -> `matrix_jitsi_*_container_image_`
|
||||||
|
- `matrix_jitsi_` -> `jitsi_`
|
||||||
|
- some other internal variables have changed, but the playbook will tell you about them
|
||||||
|
|
||||||
# 2023-03-22
|
# 2023-03-22
|
||||||
|
|
||||||
## ntfy Web App is disabled by default
|
## ntfy Web App is disabled by default
|
||||||
@ -1556,7 +1577,7 @@ People who have [fine-tuned Jitsi](docs/configuring-playbook-jitsi.md#optional-f
|
|||||||
|
|
||||||
The next time you run the playbook [installation](docs/installing.md) command, our validation logic will tell you if you're using some variables like that and will recommend a migration path for each one.
|
The next time you run the playbook [installation](docs/installing.md) command, our validation logic will tell you if you're using some variables like that and will recommend a migration path for each one.
|
||||||
|
|
||||||
Additionally, we've recently disabled transcriptions (`matrix_jitsi_enable_transcriptions: false`) and recording (`matrix_jitsi_enable_recording: false`) by default. These features did not work anyway, because we don't install the required dependencies for them (Jigasi and Jibri, respectively). If you've been somehow pointing your Jitsi installation to some manually installed Jigasi/Jibri service, you may need to toggle these flags back to enabled to have transcriptions and recordings working.
|
Additionally, we've recently disabled transcriptions (`jitsi_enable_transcriptions: false`) and recording (`jitsi_enable_recording: false`) by default. These features did not work anyway, because we don't install the required dependencies for them (Jigasi and Jibri, respectively). If you've been somehow pointing your Jitsi installation to some manually installed Jigasi/Jibri service, you may need to toggle these flags back to enabled to have transcriptions and recordings working.
|
||||||
|
|
||||||
|
|
||||||
# 2020-11-23
|
# 2020-11-23
|
||||||
|
@ -9,12 +9,12 @@ The setup done by the playbook is very similar to [docker-jitsi-meet](https://gi
|
|||||||
|
|
||||||
## Prerequisites
|
## Prerequisites
|
||||||
|
|
||||||
Before installing Jitsi, make sure you've created the `jitsi.DOMAIN` DNS record. See [Configuring DNS](configuring-dns.md).
|
Before installing Jitsi, make sure you've created the `jitsi.DOMAIN` DNS record (unless you've changed `jitsi_hostname`, as described below). See [Configuring DNS](configuring-dns.md) for details about DNS changes.
|
||||||
|
|
||||||
You may also need to open the following ports to your server:
|
You may also need to open the following ports to your server:
|
||||||
|
|
||||||
- `4443/tcp` - RTP media fallback over TCP
|
- `4443/tcp` - RTP media fallback over TCP
|
||||||
- `10000/udp` - RTP media over UDP. Depending on your firewall/NAT setup, incoming RTP packets on port `10000` may have the external IP of your firewall as destination address, due to the usage of STUN in JVB (see [`matrix_jitsi_jvb_stun_servers`](../roles/custom/matrix-jitsi/defaults/main.yml)).
|
- `10000/udp` - RTP media over UDP. Depending on your firewall/NAT setup, incoming RTP packets on port `10000` may have the external IP of your firewall as destination address, due to the usage of STUN in JVB (see [`jitsi_jvb_stun_servers`](https://github.com/mother-of-all-self-hosting/ansible-role-jitsi/blob/main/defaults/main.yml)).
|
||||||
|
|
||||||
|
|
||||||
## Installation
|
## Installation
|
||||||
@ -22,9 +22,14 @@ You may also need to open the following ports to your server:
|
|||||||
Add this to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration:
|
Add this to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_jitsi_enabled: true
|
jitsi_enabled: true
|
||||||
```
|
|
||||||
|
|
||||||
|
# Uncomment and adjust if you need to use another hostname
|
||||||
|
# jitsi_hostname: "jitsi.{{ matrix_domain }}"
|
||||||
|
|
||||||
|
# Uncomment and possible adjust if you'd like to host under a subpath
|
||||||
|
# jitsi_path_prefix: /jitsi
|
||||||
|
```
|
||||||
|
|
||||||
## (Optional) Configure Jitsi authentication and guests mode
|
## (Optional) Configure Jitsi authentication and guests mode
|
||||||
|
|
||||||
@ -47,9 +52,9 @@ If a registered host is not yet present, guests are put on hold in individual wa
|
|||||||
Add these lines to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration:
|
Add these lines to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_jitsi_enable_auth: true
|
jitsi_enable_auth: true
|
||||||
matrix_jitsi_enable_guests: true
|
jitsi_enable_guests: true
|
||||||
matrix_jitsi_prosody_auth_internal_accounts:
|
jitsi_prosody_auth_internal_accounts:
|
||||||
- username: "jitsi-moderator"
|
- username: "jitsi-moderator"
|
||||||
password: "secret-password"
|
password: "secret-password"
|
||||||
- username: "another-user"
|
- username: "another-user"
|
||||||
@ -62,7 +67,7 @@ matrix_jitsi_prosody_auth_internal_accounts:
|
|||||||
|
|
||||||
### Authenticate using Matrix OpenID (Auth-Type 'matrix')
|
### Authenticate using Matrix OpenID (Auth-Type 'matrix')
|
||||||
|
|
||||||
**Attention: Probably breaks jitsi in federated rooms and does not allow sharing conference links with guests.**
|
**Attention: Probably breaks Jitsi in federated rooms and does not allow sharing conference links with guests.**
|
||||||
|
|
||||||
Using this authentication type require a [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service).
|
Using this authentication type require a [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service).
|
||||||
By default, this playbook creates and configures a user-verification-service to run locally, see [configuring-user-verification-service](configuring-playbook-user-verification-service.md).
|
By default, this playbook creates and configures a user-verification-service to run locally, see [configuring-user-verification-service](configuring-playbook-user-verification-service.md).
|
||||||
@ -70,8 +75,8 @@ By default, this playbook creates and configures a user-verification-service to
|
|||||||
To enable set this configuration at host level:
|
To enable set this configuration at host level:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_jitsi_enable_auth: true
|
jitsi_enable_auth: true
|
||||||
matrix_jitsi_auth_type: "matrix"
|
jitsi_auth_type: matrix
|
||||||
matrix_user_verification_service_enabled: true
|
matrix_user_verification_service_enabled: true
|
||||||
```
|
```
|
||||||
|
|
||||||
@ -82,21 +87,21 @@ For more information see also [https://github.com/matrix-org/prosody-mod-auth-ma
|
|||||||
An example LDAP configuration could be:
|
An example LDAP configuration could be:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_jitsi_enable_auth: true
|
jitsi_enable_auth: true
|
||||||
matrix_jitsi_auth_type: ldap
|
jitsi_auth_type: ldap
|
||||||
matrix_jitsi_ldap_url: "ldap://ldap.DOMAIN"
|
jitsi_ldap_url: "ldap://ldap.DOMAIN"
|
||||||
matrix_jitsi_ldap_base: "OU=People,DC=DOMAIN"
|
jitsi_ldap_base: "OU=People,DC=DOMAIN"
|
||||||
#matrix_jitsi_ldap_binddn: ""
|
#jitsi_ldap_binddn: ""
|
||||||
#matrix_jitsi_ldap_bindpw: ""
|
#jitsi_ldap_bindpw: ""
|
||||||
matrix_jitsi_ldap_filter: "uid=%u"
|
jitsi_ldap_filter: "uid=%u"
|
||||||
matrix_jitsi_ldap_auth_method: "bind"
|
jitsi_ldap_auth_method: "bind"
|
||||||
matrix_jitsi_ldap_version: "3"
|
jitsi_ldap_version: "3"
|
||||||
matrix_jitsi_ldap_use_tls: true
|
jitsi_ldap_use_tls: true
|
||||||
matrix_jitsi_ldap_tls_ciphers: ""
|
jitsi_ldap_tls_ciphers: ""
|
||||||
matrix_jitsi_ldap_tls_check_peer: true
|
jitsi_ldap_tls_check_peer: true
|
||||||
matrix_jitsi_ldap_tls_cacert_file: "/etc/ssl/certs/ca-certificates.crt"
|
jitsi_ldap_tls_cacert_file: "/etc/ssl/certs/ca-certificates.crt"
|
||||||
matrix_jitsi_ldap_tls_cacert_dir: "/etc/ssl/certs"
|
jitsi_ldap_tls_cacert_dir: "/etc/ssl/certs"
|
||||||
matrix_jitsi_ldap_start_tls: false
|
jitsi_ldap_start_tls: false
|
||||||
```
|
```
|
||||||
|
|
||||||
For more information refer to the [docker-jitsi-meet](https://github.com/jitsi/docker-jitsi-meet#authentication-using-ldap) and the [saslauthd `LDAP_SASLAUTHD`](https://github.com/winlibs/cyrus-sasl/blob/master/saslauthd/LDAP_SASLAUTHD) documentation.
|
For more information refer to the [docker-jitsi-meet](https://github.com/jitsi/docker-jitsi-meet#authentication-using-ldap) and the [saslauthd `LDAP_SASLAUTHD`](https://github.com/winlibs/cyrus-sasl/blob/master/saslauthd/LDAP_SASLAUTHD) documentation.
|
||||||
@ -113,7 +118,7 @@ Here is how to do it in the playbook.
|
|||||||
Add these two lines to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration:
|
Add these two lines to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_jitsi_jvb_container_extra_arguments:
|
jitsi_jvb_container_extra_arguments:
|
||||||
- '--env "JVB_ADVERTISE_IPS=<Local IP address of the host>"'
|
- '--env "JVB_ADVERTISE_IPS=<Local IP address of the host>"'
|
||||||
```
|
```
|
||||||
|
|
||||||
@ -122,7 +127,7 @@ matrix_jitsi_jvb_container_extra_arguments:
|
|||||||
Sample **additional** `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration to save up resources (explained below):
|
Sample **additional** `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration to save up resources (explained below):
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_jitsi_web_custom_config_extension: |
|
jitsi_web_custom_config_extension: |
|
||||||
config.enableLayerSuspension = true;
|
config.enableLayerSuspension = true;
|
||||||
|
|
||||||
config.disableAudioLevels = true;
|
config.disableAudioLevels = true;
|
||||||
@ -130,13 +135,12 @@ matrix_jitsi_web_custom_config_extension: |
|
|||||||
// Limit the number of video feeds forwarded to each client
|
// Limit the number of video feeds forwarded to each client
|
||||||
config.channelLastN = 4;
|
config.channelLastN = 4;
|
||||||
|
|
||||||
matrix_jitsi_web_config_resolution_width_ideal_and_max: 480
|
jitsi_web_config_resolution_width_ideal_and_max: 480
|
||||||
matrix_jitsi_web_config_resolution_height_ideal_and_max: 240
|
jitsi_web_config_resolution_height_ideal_and_max: 240
|
||||||
```
|
```
|
||||||
|
|
||||||
You may want to **suspend unused video layers** until they are requested again, to save up resources on both server and clients.
|
You may want to **suspend unused video layers** until they are requested again, to save up resources on both server and clients.
|
||||||
Read more on this feature [here](https://jitsi.org/blog/new-off-stage-layer-suppression-feature/)
|
Read more on this feature [here](https://jitsi.org/blog/new-off-stage-layer-suppression-feature/)
|
||||||
For this add this line to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration:
|
|
||||||
|
|
||||||
You may wish to **disable audio levels** to avoid excessive refresh of the client-side page and decrease the CPU consumption involved.
|
You may wish to **disable audio levels** to avoid excessive refresh of the client-side page and decrease the CPU consumption involved.
|
||||||
|
|
||||||
@ -150,10 +154,10 @@ You may want to **limit the maximum video resolution**, to save up resources on
|
|||||||
|
|
||||||
The playbook allows a user to set a max number of participants allowed to join a Jitsi conference. By default there is no limit.
|
The playbook allows a user to set a max number of participants allowed to join a Jitsi conference. By default there is no limit.
|
||||||
|
|
||||||
In order to set the max number of participants add the following variable to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configuration:
|
In order to set the max number of participants use the following **additional** configuration:
|
||||||
|
|
||||||
```
|
```yaml
|
||||||
matrix_prosody_jitsi_max_participants: <INTEGER OF MAX PARTICPANTS>
|
jitsi_prosody_max_participants: 4 # example value
|
||||||
```
|
```
|
||||||
|
|
||||||
## (Optional) Additional JVBs
|
## (Optional) Additional JVBs
|
||||||
@ -170,17 +174,17 @@ For this role to work you will need an additional section in the ansible hosts f
|
|||||||
```
|
```
|
||||||
|
|
||||||
Each JVB will require a server id to be set so that it can be uniquely identified and this allows Jitsi to keep track of which conferences are on which JVB.
|
Each JVB will require a server id to be set so that it can be uniquely identified and this allows Jitsi to keep track of which conferences are on which JVB.
|
||||||
The server id is set with the variable `matrix_jitsi_jvb_server_id` which ends up as the JVB_WS_SERVER_ID environment variables in the JVB docker container.
|
The server id is set with the variable `jitsi_jvb_server_id` which ends up as the JVB_WS_SERVER_ID environment variables in the JVB docker container.
|
||||||
This variable can be set via the host file, a parameter to the ansible command or in the `vars.yaml` for the host which will have the additional JVB. For example:
|
This variable can be set via the host file, a parameter to the ansible command or in the `vars.yaml` for the host which will have the additional JVB. For example:
|
||||||
|
|
||||||
``` yaml
|
``` yaml
|
||||||
matrix_jitsi_jvb_server_id: 'jvb-2'
|
jitsi_jvb_server_id: 'jvb-2'
|
||||||
```
|
```
|
||||||
|
|
||||||
``` INI
|
``` INI
|
||||||
[jitsi_jvb_servers]
|
[jitsi_jvb_servers]
|
||||||
jvb-2.example.com ansible_host=192.168.0.2 matrix_jitsi_jvb_server_id=jvb-2
|
jvb-2.example.com ansible_host=192.168.0.2 jitsi_jvb_server_id=jvb-2
|
||||||
jvb-3.example.com ansible_host=192.168.0.3 matrix_jitsi_jvb_server_id=jvb-2
|
jvb-3.example.com ansible_host=192.168.0.3 jitsi_jvb_server_id=jvb-2
|
||||||
```
|
```
|
||||||
|
|
||||||
Note that the server id `jvb-1` is reserved for the JVB instance running on the Matrix host and therefore should not be used as the id of an additional jvb host.
|
Note that the server id `jvb-1` is reserved for the JVB instance running on the Matrix host and therefore should not be used as the id of an additional jvb host.
|
||||||
@ -188,20 +192,20 @@ Note that the server id `jvb-1` is reserved for the JVB instance running on the
|
|||||||
The additional JVB will also need to expose the colibri web socket port and this can be done with the following variable:
|
The additional JVB will also need to expose the colibri web socket port and this can be done with the following variable:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_jitsi_jvb_container_colibri_ws_host_bind_port: 9090
|
jitsi_jvb_container_colibri_ws_host_bind_port: 9090
|
||||||
```
|
```
|
||||||
|
|
||||||
The JVB will also need to know where the prosody xmpp server is located, similar to the server id this can be set in the vars for the JVB by using the variable
|
The JVB will also need to know where the prosody xmpp server is located, similar to the server id this can be set in the vars for the JVB by using the variable
|
||||||
`matrix_jitsi_xmpp_server`. The Jitsi prosody container is deployed on the matrix server by default so the value can be set to the matrix domain. For example:
|
`jitsi_xmpp_server`. The Jitsi prosody container is deployed on the matrix server by default so the value can be set to the matrix domain. For example:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_jitsi_xmpp_server: "{{ matrix_domain }}"
|
jitsi_xmpp_server: "{{ matrix_domain }}"
|
||||||
```
|
```
|
||||||
|
|
||||||
However, it can also be set the ip address of the matrix server. This can be useful if you wish to use a private ip. For example:
|
However, it can also be set the ip address of the matrix server. This can be useful if you wish to use a private ip. For example:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_jitsi_xmpp_server: "192.168.0.1"
|
jitsi_xmpp_server: "192.168.0.1"
|
||||||
```
|
```
|
||||||
|
|
||||||
The nginx configuration will also need to be updated in order to deal with the additional JVB servers. This is achieved via its own configuration variable
|
The nginx configuration will also need to be updated in order to deal with the additional JVB servers. This is achieved via its own configuration variable
|
||||||
@ -227,7 +231,7 @@ Since element already sends the url of configured Matrix avatars to Jitsi, we di
|
|||||||
To enable Gravatar set:
|
To enable Gravatar set:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_jitsi_disable_gravatar: false
|
jitsi_disable_gravatar: false
|
||||||
```
|
```
|
||||||
|
|
||||||
**Beware:** This leaks information to a third party, namely the Gravatar-Service (unless configured otherwise: gravatar.com).
|
**Beware:** This leaks information to a third party, namely the Gravatar-Service (unless configured otherwise: gravatar.com).
|
||||||
@ -255,7 +259,7 @@ You can use the self-hosted Jitsi server in multiple ways:
|
|||||||
|
|
||||||
### Rebuilding your Jitsi installation
|
### Rebuilding your Jitsi installation
|
||||||
|
|
||||||
**If you ever run into any trouble** or **if you change configuration (`matrix_jitsi_*` variables) too much**, we urge you to rebuild your Jitsi setup.
|
**If you ever run into any trouble** or **if you change configuration (`jitsi_*` variables) too much**, we urge you to rebuild your Jitsi setup.
|
||||||
|
|
||||||
We normally don't require such manual intervention for other services, but Jitsi services generate a lot of configuration files on their own.
|
We normally don't require such manual intervention for other services, but Jitsi services generate a lot of configuration files on their own.
|
||||||
|
|
||||||
@ -263,7 +267,6 @@ These files are not all managed by Ansible (at least not yet), so you may someti
|
|||||||
|
|
||||||
To rebuild your Jitsi configuration:
|
To rebuild your Jitsi configuration:
|
||||||
|
|
||||||
- SSH into the server and do this:
|
- ask Ansible to stop all Jitsi services: `just run-tags stop-group --extra-vars=group=jitsi`
|
||||||
- stop all Jitsi services (`systemctl stop matrix-jitsi-*`).
|
- SSH into the server and do this and remove all Jitsi configuration & data (`rm -rf /matrix/jitsi`)
|
||||||
- remove all Jitsi configuration & data (`rm -rf /matrix/jitsi`)
|
- ask Ansible to set up Jitsi anew and restart services (`just install-service jitsi`)
|
||||||
- ask Ansible to set up Jitsi anew and restart services (`ansible-playbook -i inventory/hosts setup.yml --tags=setup-jitsi,start`)
|
|
||||||
|
@ -36,7 +36,7 @@ If you have or want to enable [Jitsi](configuring-playbook-jitsi.md), you might
|
|||||||
If you do not do it, Jitsi will fall back to an upstream service.
|
If you do not do it, Jitsi will fall back to an upstream service.
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_jitsi_web_stun_servers:
|
jitsi_web_stun_servers:
|
||||||
- stun:HOSTNAME_OR_IP:PORT
|
- stun:HOSTNAME_OR_IP:PORT
|
||||||
```
|
```
|
||||||
You can put multiple host/port combinations if you like.
|
You can put multiple host/port combinations if you like.
|
||||||
|
@ -262,7 +262,7 @@ matrix_server_fqn_element: "element.YOUR_BASE_DOMAIN"
|
|||||||
# Feel free to use `dimension.matrix.YOUR_BASE_DOMAIN`, if you'd prefer that.
|
# Feel free to use `dimension.matrix.YOUR_BASE_DOMAIN`, if you'd prefer that.
|
||||||
matrix_server_fqn_dimension: "dimension.YOUR_BASE_DOMAIN"
|
matrix_server_fqn_dimension: "dimension.YOUR_BASE_DOMAIN"
|
||||||
|
|
||||||
# This is where you access Jitsi (if enabled via `matrix_jitsi_enabled: true`; NOT enabled by default).
|
# This is where you access Jitsi (if enabled via `jitsi_enabled: true`; NOT enabled by default).
|
||||||
#
|
#
|
||||||
# Feel free to use `jitsi.matrix.YOUR_BASE_DOMAIN`, if you'd prefer that.
|
# Feel free to use `jitsi.matrix.YOUR_BASE_DOMAIN`, if you'd prefer that.
|
||||||
matrix_server_fqn_jitsi: "jitsi.YOUR_BASE_DOMAIN"
|
matrix_server_fqn_jitsi: "jitsi.YOUR_BASE_DOMAIN"
|
||||||
|
@ -192,7 +192,7 @@ matrix_homeserver_app_service_config_files_auto: |
|
|||||||
|
|
||||||
# This list is not exhaustive and final.
|
# This list is not exhaustive and final.
|
||||||
# Synapse workers are still injected into the list at runtime.
|
# Synapse workers are still injected into the list at runtime.
|
||||||
# Additional JVB workers (playbooks/jitsi_jvb.yml -- roles/custom/matrix-jitsi/tasks/init_additional_jvb.yml) override this variable at runtime as well.
|
# Additional JVB workers (playbooks/jitsi_jvb.yml -- roles/galaxy/jitsi/tasks/init_additional_jvb.yml) override this variable at runtime as well.
|
||||||
#
|
#
|
||||||
# Priority levels are like this:
|
# Priority levels are like this:
|
||||||
# - core services (the homeserver) get a level of ~1000
|
# - core services (the homeserver) get a level of ~1000
|
||||||
@ -314,13 +314,13 @@ devture_systemd_service_manager_services_list_auto: |
|
|||||||
+
|
+
|
||||||
([{'name': (grafana_identifier + '.service'), 'priority': 4000, 'groups': ['matrix', 'monitoring', 'grafana']}] if grafana_enabled else [])
|
([{'name': (grafana_identifier + '.service'), 'priority': 4000, 'groups': ['matrix', 'monitoring', 'grafana']}] if grafana_enabled else [])
|
||||||
+
|
+
|
||||||
([{'name': 'matrix-jitsi-web.service', 'priority': 4200, 'groups': ['matrix', 'jitsi', 'jitsi-web']}] if matrix_jitsi_enabled else [])
|
([{'name': (jitsi_identifier + '-web.service'), 'priority': 4200, 'groups': ['matrix', 'jitsi', 'jitsi-web']}] if jitsi_enabled else [])
|
||||||
+
|
+
|
||||||
([{'name': 'matrix-jitsi-prosody.service', 'priority': 4000, 'groups': ['matrix', 'jitsi', 'jitsi-prosody']}] if matrix_jitsi_enabled else [])
|
([{'name': (jitsi_identifier + '-prosody.service'), 'priority': 4000, 'groups': ['matrix', 'jitsi', 'jitsi-prosody']}] if jitsi_enabled else [])
|
||||||
+
|
+
|
||||||
([{'name': 'matrix-jitsi-jicofo.service', 'priority': 4100, 'groups': ['matrix', 'jitsi', 'jitsi-jicofo']}] if matrix_jitsi_enabled else [])
|
([{'name': (jitsi_identifier + '-jicofo.service'), 'priority': 4100, 'groups': ['matrix', 'jitsi', 'jitsi-jicofo']}] if jitsi_enabled else [])
|
||||||
+
|
+
|
||||||
([{'name': 'matrix-jitsi-jvb.service', 'priority': 4100, 'groups': ['matrix', 'jitsi', 'jitsi-jvb']}] if matrix_jitsi_enabled else [])
|
([{'name': (jitsi_identifier + '-jvb.service'), 'priority': 4100, 'groups': ['matrix', 'jitsi', 'jitsi-jvb']}] if jitsi_enabled else [])
|
||||||
+
|
+
|
||||||
([{'name': 'matrix-ldap-registration-proxy.service', 'priority': 2000, 'groups': ['matrix', 'ldap-registration-proxy']}] if matrix_ldap_registration_proxy_enabled else [])
|
([{'name': 'matrix-ldap-registration-proxy.service', 'priority': 2000, 'groups': ['matrix', 'ldap-registration-proxy']}] if matrix_ldap_registration_proxy_enabled else [])
|
||||||
+
|
+
|
||||||
@ -2278,7 +2278,7 @@ etherpad_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}"
|
|||||||
|
|
||||||
etherpad_base_path: "{{ matrix_base_data_path }}/etherpad"
|
etherpad_base_path: "{{ matrix_base_data_path }}/etherpad"
|
||||||
|
|
||||||
etherpad_framing_enabled: "{{ matrix_dimension_enabled or matrix_jitsi_enabled }}"
|
etherpad_framing_enabled: "{{ matrix_dimension_enabled or jitsi_enabled }}"
|
||||||
|
|
||||||
etherpad_hostname: "{{ matrix_server_fqn_etherpad }}"
|
etherpad_hostname: "{{ matrix_server_fqn_etherpad }}"
|
||||||
|
|
||||||
@ -2352,26 +2352,57 @@ matrix_email2matrix_container_image_self_build: "{{ matrix_architecture not in [
|
|||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
#
|
#
|
||||||
# matrix-jitsi
|
# jitsi
|
||||||
#
|
#
|
||||||
######################################################################
|
######################################################################
|
||||||
|
|
||||||
matrix_jitsi_enabled: false
|
jitsi_enabled: false
|
||||||
|
|
||||||
|
jitsi_architecture: "{{ matrix_architecture }}"
|
||||||
|
|
||||||
|
jitsi_hostname: "{{ matrix_server_fqn_jitsi }}"
|
||||||
|
|
||||||
|
jitsi_identifier: matrix-jitsi
|
||||||
|
|
||||||
|
jitsi_base_path: "{{ matrix_base_data_path }}/jitsi"
|
||||||
|
|
||||||
|
jitsi_uid: "{{ matrix_user_uid }}"
|
||||||
|
jitsi_gid: "{{ matrix_user_gid }}"
|
||||||
|
|
||||||
# Normally, matrix-nginx-proxy is enabled and nginx can reach jitsi/web over the container network.
|
# Normally, matrix-nginx-proxy is enabled and nginx can reach jitsi/web over the container network.
|
||||||
# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose
|
# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose
|
||||||
# the Jitsi HTTP port to the local host.
|
# the Jitsi HTTP port to the local host.
|
||||||
matrix_jitsi_web_container_http_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '13080') if matrix_playbook_service_host_bind_interface_prefix else '' }}"
|
jitsi_web_container_http_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '13080') if matrix_playbook_service_host_bind_interface_prefix else '' }}"
|
||||||
|
|
||||||
matrix_jitsi_jvb_container_colibri_ws_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '13090') if matrix_playbook_service_host_bind_interface_prefix else '' }}"
|
jitsi_web_container_additional_networks_auto: |
|
||||||
|
{{
|
||||||
|
([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network else [])
|
||||||
|
}}
|
||||||
|
|
||||||
matrix_jitsi_prosody_container_http_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '5280') if matrix_playbook_service_host_bind_interface_prefix else '' }}"
|
jitsi_jvb_container_colibri_ws_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '13090') if matrix_playbook_service_host_bind_interface_prefix else '' }}"
|
||||||
|
|
||||||
matrix_jitsi_jibri_xmpp_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'jibri', rounds=655555) | to_uuid }}"
|
jitsi_jvb_container_additional_networks_auto: |
|
||||||
matrix_jitsi_jicofo_auth_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'jicofo', rounds=655555) | to_uuid }}"
|
{{
|
||||||
matrix_jitsi_jvb_auth_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'jvb', rounds=655555) | to_uuid }}"
|
([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network else [])
|
||||||
|
}}
|
||||||
|
|
||||||
matrix_jitsi_web_stun_servers: |
|
jitsi_prosody_container_http_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '5280') if matrix_playbook_service_host_bind_interface_prefix else '' }}"
|
||||||
|
|
||||||
|
jitsi_prosody_container_additional_networks_auto: |
|
||||||
|
{{
|
||||||
|
([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network else [])
|
||||||
|
}}
|
||||||
|
|
||||||
|
jitsi_container_labels_traefik_enabled: "{{ matrix_playbook_traefik_labels_enabled }}"
|
||||||
|
jitsi_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
|
||||||
|
jitsi_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
|
||||||
|
jitsi_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
|
||||||
|
|
||||||
|
jitsi_jibri_xmpp_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'jibri', rounds=655555) | to_uuid }}"
|
||||||
|
jitsi_jicofo_auth_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'jicofo', rounds=655555) | to_uuid }}"
|
||||||
|
jitsi_jvb_auth_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'jvb', rounds=655555) | to_uuid }}"
|
||||||
|
|
||||||
|
jitsi_web_stun_servers: |
|
||||||
{{
|
{{
|
||||||
[
|
[
|
||||||
'stun:' + matrix_server_fqn_matrix + ':5349',
|
'stun:' + matrix_server_fqn_matrix + ':5349',
|
||||||
@ -2381,24 +2412,39 @@ matrix_jitsi_web_stun_servers: |
|
|||||||
else [ 'stun:meet-jit-si-turnrelay.jitsi.net:443']
|
else [ 'stun:meet-jit-si-turnrelay.jitsi.net:443']
|
||||||
}}
|
}}
|
||||||
|
|
||||||
|
# The Jitsi instance installed by this playbook is meant for embedding into Matrix clients, so framing is allowed.
|
||||||
|
jitsi_web_framing_enabled: true
|
||||||
|
|
||||||
|
jitsi_turn_credentials: "{{ matrix_coturn_turn_static_auth_secret if matrix_coturn_enabled else '' }}"
|
||||||
|
jitsi_turn_host: "{{ ('turn.' + matrix_server_fqn_matrix) if matrix_coturn_enabled else '' }}"
|
||||||
|
jitsi_turns_host: "{{ ('turn.' + matrix_server_fqn_matrix) if matrix_coturn_enabled else '' }}"
|
||||||
|
jitsi_turn_port: "{{ matrix_coturn_container_stun_plain_host_bind_port if matrix_coturn_enabled else '' }}"
|
||||||
|
jitsi_turns_port: "{{ matrix_coturn_container_stun_tls_host_bind_port if matrix_coturn_enabled else '' }}"
|
||||||
|
|
||||||
# If the self-hosted Etherpad instance is available, it will also show up in Jitsi conferences,
|
# If the self-hosted Etherpad instance is available, it will also show up in Jitsi conferences,
|
||||||
# unless explicitly disabled by setting `matrix_jitsi_etherpad_enabled` to false.
|
# unless explicitly disabled by setting `jitsi_etherpad_enabled` to false.
|
||||||
# Falls back to the scalar.vector.im etherpad in case someone sets `matrix_jitsi_etherpad_enabled` to true,
|
# Falls back to the scalar.vector.im etherpad in case someone sets `jitsi_etherpad_enabled` to true,
|
||||||
# while also setting `etherpad_enabled` to false.
|
# while also setting `etherpad_enabled` to false.
|
||||||
matrix_jitsi_etherpad_enabled: "{{ etherpad_enabled }}"
|
jitsi_etherpad_enabled: "{{ etherpad_enabled }}"
|
||||||
matrix_jitsi_etherpad_base: "{{ etherpad_base_url if etherpad_enabled else 'https://scalar.vector.im/etherpad' }}"
|
jitsi_etherpad_base: "{{ etherpad_base_url if etherpad_enabled else 'https://scalar.vector.im/etherpad' }}"
|
||||||
|
|
||||||
# Allow verification using JWT and matrix-UVS
|
# Allow verification using JWT and matrix-UVS
|
||||||
matrix_jitsi_prosody_auth_matrix_uvs_auth_token: "{{ matrix_user_verification_service_uvs_auth_token }}"
|
jitsi_prosody_auth_matrix_uvs_auth_token: "{{ matrix_user_verification_service_uvs_auth_token }}"
|
||||||
matrix_jitsi_prosody_auth_matrix_uvs_location: "{{ matrix_user_verification_service_container_url }}"
|
jitsi_prosody_auth_matrix_uvs_location: "{{ matrix_user_verification_service_container_url }}"
|
||||||
|
|
||||||
matrix_jitsi_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
|
jitsi_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
|
||||||
|
|
||||||
|
# Gravatar is enabled by default upstream, but there's no need to leak data there needlessly
|
||||||
|
# when embedding Jitsi in Matrix rooms.
|
||||||
|
jitsi_disable_gravatar: true
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
#
|
#
|
||||||
# /matrix-jitsi
|
# /jitsi
|
||||||
#
|
#
|
||||||
######################################################################
|
######################################################################
|
||||||
|
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
#
|
#
|
||||||
# matrix-ldap-registration-proxy
|
# matrix-ldap-registration-proxy
|
||||||
@ -2557,8 +2603,7 @@ matrix_nginx_proxy_proxy_rageshake_enabled: "{{ matrix_rageshake_enabled and mat
|
|||||||
matrix_nginx_proxy_proxy_etherpad_enabled: "{{ etherpad_enabled and not etherpad_nginx_proxy_dimension_integration_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}"
|
matrix_nginx_proxy_proxy_etherpad_enabled: "{{ etherpad_enabled and not etherpad_nginx_proxy_dimension_integration_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}"
|
||||||
matrix_nginx_proxy_proxy_bot_go_neb_enabled: "{{ matrix_bot_go_neb_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}"
|
matrix_nginx_proxy_proxy_bot_go_neb_enabled: "{{ matrix_bot_go_neb_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}"
|
||||||
|
|
||||||
matrix_nginx_proxy_proxy_jitsi_enabled: "{{ matrix_jitsi_enabled }}"
|
matrix_nginx_proxy_proxy_jitsi_enabled: "{{ jitsi_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}"
|
||||||
matrix_nginx_proxy_proxy_jitsi_manage_wellknown: "{{ matrix_jitsi_require_well_known }}"
|
|
||||||
|
|
||||||
matrix_nginx_proxy_proxy_grafana_enabled: "{{ grafana_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}"
|
matrix_nginx_proxy_proxy_grafana_enabled: "{{ grafana_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}"
|
||||||
matrix_nginx_proxy_proxy_sygnal_enabled: "{{ matrix_sygnal_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}"
|
matrix_nginx_proxy_proxy_sygnal_enabled: "{{ matrix_sygnal_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}"
|
||||||
@ -2570,7 +2615,6 @@ matrix_nginx_proxy_container_labels_traefik_entrypoints: "{{ devture_traefik_ent
|
|||||||
matrix_nginx_proxy_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
|
matrix_nginx_proxy_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
|
||||||
|
|
||||||
matrix_nginx_proxy_container_labels_traefik_proxy_matrix_enabled: true
|
matrix_nginx_proxy_container_labels_traefik_proxy_matrix_enabled: true
|
||||||
matrix_nginx_proxy_container_labels_traefik_proxy_jitsi_enabled: "{{ matrix_jitsi_enabled }}"
|
|
||||||
|
|
||||||
matrix_nginx_proxy_proxy_matrix_corporal_api_enabled: "{{ matrix_corporal_enabled and matrix_corporal_http_api_enabled }}"
|
matrix_nginx_proxy_proxy_matrix_corporal_api_enabled: "{{ matrix_corporal_enabled and matrix_corporal_http_api_enabled }}"
|
||||||
matrix_nginx_proxy_proxy_matrix_corporal_api_addr_with_container: "matrix-corporal:41081"
|
matrix_nginx_proxy_proxy_matrix_corporal_api_addr_with_container: "matrix-corporal:41081"
|
||||||
@ -2656,7 +2700,7 @@ matrix_nginx_proxy_systemd_wanted_services_list: |
|
|||||||
+
|
+
|
||||||
([(ntfy_identifier + '.service')] if ntfy_enabled else [])
|
([(ntfy_identifier + '.service')] if ntfy_enabled else [])
|
||||||
+
|
+
|
||||||
(['matrix-jitsi.service'] if matrix_jitsi_enabled else [])
|
([(jitsi_identifier + '-web.service')] if jitsi_enabled else [])
|
||||||
+
|
+
|
||||||
(['matrix-sliding-sync-proxy.service'] if matrix_sliding_sync_enabled else [])
|
(['matrix-sliding-sync-proxy.service'] if matrix_sliding_sync_enabled else [])
|
||||||
+
|
+
|
||||||
@ -2687,7 +2731,7 @@ matrix_ssl_domains_to_obtain_certificates_for: |
|
|||||||
+
|
+
|
||||||
([matrix_server_fqn_bot_go_neb] if matrix_bot_go_neb_enabled else [])
|
([matrix_server_fqn_bot_go_neb] if matrix_bot_go_neb_enabled else [])
|
||||||
+
|
+
|
||||||
([matrix_server_fqn_jitsi] if matrix_jitsi_enabled else [])
|
([matrix_server_fqn_jitsi] if jitsi_enabled else [])
|
||||||
+
|
+
|
||||||
([matrix_server_fqn_grafana] if grafana_enabled else [])
|
([matrix_server_fqn_grafana] if grafana_enabled else [])
|
||||||
+
|
+
|
||||||
@ -3185,7 +3229,7 @@ matrix_client_element_enable_presence_by_hs_url: |
|
|||||||
|
|
||||||
matrix_client_element_welcome_user_id: ~
|
matrix_client_element_welcome_user_id: ~
|
||||||
|
|
||||||
matrix_client_element_jitsi_preferredDomain: "{{ matrix_server_fqn_jitsi if matrix_jitsi_enabled else '' }}"
|
matrix_client_element_jitsi_preferredDomain: "{{ matrix_server_fqn_jitsi if jitsi_enabled else '' }}"
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
#
|
#
|
||||||
@ -4007,7 +4051,7 @@ matrix_user_verification_service_systemd_required_services_list: |
|
|||||||
# If Jitsi is not managed by this playbook, or you otherwise have a need for it, you can expose
|
# If Jitsi is not managed by this playbook, or you otherwise have a need for it, you can expose
|
||||||
# matrix-user-verfification-services's client-server port to port 3003.
|
# matrix-user-verfification-services's client-server port to port 3003.
|
||||||
# By default Matrix-User-Verification-Service binds to port 3000, which collides with grafana, therefore this uses port 3003.
|
# By default Matrix-User-Verification-Service binds to port 3000, which collides with grafana, therefore this uses port 3003.
|
||||||
matrix_user_verification_service_container_http_host_bind_port: "{{ '' if (matrix_jitsi_enabled | bool and matrix_jitsi_enable_auth | bool and matrix_jitsi_auth_type == 'matrix') else matrix_playbook_service_host_bind_interface_prefix ~ '3003' }}"
|
matrix_user_verification_service_container_http_host_bind_port: "{{ '' if (jitsi_enabled | bool and jitsi_enable_auth | bool and jitsi_auth_type == 'matrix') else matrix_playbook_service_host_bind_interface_prefix ~ '3003' }}"
|
||||||
|
|
||||||
# URL exposed in the docker network
|
# URL exposed in the docker network
|
||||||
matrix_user_verification_service_container_url: "http://{{ matrix_user_verification_service_container_name }}:3000"
|
matrix_user_verification_service_container_url: "http://{{ matrix_user_verification_service_container_name }}:3000"
|
||||||
|
@ -8,5 +8,5 @@
|
|||||||
- role: galaxy/com.devture.ansible.role.systemd_docker_base
|
- role: galaxy/com.devture.ansible.role.systemd_docker_base
|
||||||
|
|
||||||
- custom/matrix-base
|
- custom/matrix-base
|
||||||
- custom/matrix-jitsi
|
- galaxy/jitsi
|
||||||
- custom/matrix-common-after
|
- custom/matrix-common-after
|
||||||
|
@ -100,7 +100,7 @@
|
|||||||
- custom/matrix-client-element
|
- custom/matrix-client-element
|
||||||
- custom/matrix-client-hydrogen
|
- custom/matrix-client-hydrogen
|
||||||
- custom/matrix-client-cinny
|
- custom/matrix-client-cinny
|
||||||
- custom/matrix-jitsi
|
- galaxy/jitsi
|
||||||
- custom/matrix-user-verification-service
|
- custom/matrix-user-verification-service
|
||||||
- custom/matrix-ldap-registration-proxy
|
- custom/matrix-ldap-registration-proxy
|
||||||
- custom/matrix-ma1sd
|
- custom/matrix-ma1sd
|
||||||
|
@ -34,6 +34,9 @@
|
|||||||
name: geerlingguy.docker
|
name: geerlingguy.docker
|
||||||
- src: git+https://gitlab.com/etke.cc/roles/grafana.git
|
- src: git+https://gitlab.com/etke.cc/roles/grafana.git
|
||||||
version: v9.4.7-1
|
version: v9.4.7-1
|
||||||
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git
|
||||||
|
version: v8319-6
|
||||||
|
name: jitsi
|
||||||
- src: git+https://gitlab.com/etke.cc/roles/ntfy.git
|
- src: git+https://gitlab.com/etke.cc/roles/ntfy.git
|
||||||
version: v2.3.1-0
|
version: v2.3.1-0
|
||||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git
|
||||||
|
@ -1,320 +0,0 @@
|
|||||||
---
|
|
||||||
# Project source code URL: https://github.com/jitsi/docker-jitsi-meet
|
|
||||||
|
|
||||||
matrix_jitsi_enabled: true
|
|
||||||
|
|
||||||
matrix_jitsi_base_path: "{{ matrix_base_data_path }}/jitsi"
|
|
||||||
|
|
||||||
matrix_jitsi_enable_auth: false
|
|
||||||
matrix_jitsi_enable_guests: false
|
|
||||||
matrix_jitsi_enable_recording: false
|
|
||||||
matrix_jitsi_enable_transcriptions: false
|
|
||||||
matrix_jitsi_enable_jaas_components: false
|
|
||||||
matrix_jitsi_enable_p2p: true
|
|
||||||
matrix_jitsi_enable_av_moderation: true
|
|
||||||
matrix_jitsi_enable_breakout_rooms: true
|
|
||||||
matrix_jitsi_disable_gravatar: true
|
|
||||||
|
|
||||||
# Authentication type, must be one of internal, jwt, matrix or ldap.
|
|
||||||
# Currently, only internal, matrix and ldap mechanisms are supported by this playbook.
|
|
||||||
# matrix auth verifies against matrix openID, and requires a user-verification-service to run.
|
|
||||||
matrix_jitsi_auth_type: internal
|
|
||||||
|
|
||||||
# A list of Jitsi (Prosody) accounts to create using the internal authentication mechanism.
|
|
||||||
#
|
|
||||||
# Accounts added here and subsequently removed will not be automatically removed
|
|
||||||
# from the Prosody server until user account cleaning is integrated into the playbook.
|
|
||||||
#
|
|
||||||
# Example:
|
|
||||||
# matrix_jitsi_prosody_auth_internal_accounts:
|
|
||||||
# - username: "jitsi-moderator"
|
|
||||||
# password: "secret-password"
|
|
||||||
# - username: "another-user"
|
|
||||||
# password: "another-password"
|
|
||||||
matrix_jitsi_prosody_auth_internal_accounts: []
|
|
||||||
|
|
||||||
# Configuration options for LDAP authentication. For details see upstream:
|
|
||||||
# https://github.com/jitsi/docker-jitsi-meet#authentication-using-ldap.
|
|
||||||
# Defaults are taken from:
|
|
||||||
# https://github.com/jitsi/docker-jitsi-meet/blob/master/prosody/rootfs/defaults/saslauthd.conf
|
|
||||||
matrix_jitsi_ldap_url: ""
|
|
||||||
matrix_jitsi_ldap_base: ""
|
|
||||||
matrix_jitsi_ldap_binddn: ""
|
|
||||||
matrix_jitsi_ldap_bindpw: ""
|
|
||||||
matrix_jitsi_ldap_filter: "uid=%u"
|
|
||||||
matrix_jitsi_ldap_auth_method: "bind"
|
|
||||||
matrix_jitsi_ldap_version: "3"
|
|
||||||
matrix_jitsi_ldap_use_tls: false
|
|
||||||
matrix_jitsi_ldap_tls_ciphers: ""
|
|
||||||
matrix_jitsi_ldap_tls_check_peer: false
|
|
||||||
matrix_jitsi_ldap_tls_cacert_file: "/etc/ssl/certs/ca-certificates.crt"
|
|
||||||
matrix_jitsi_ldap_tls_cacert_dir: "/etc/ssl/certs"
|
|
||||||
matrix_jitsi_ldap_start_tls: false
|
|
||||||
|
|
||||||
# Auth type: matrix
|
|
||||||
matrix_jitsi_prosody_auth_matrix_user_verification_repo_location: "https://github.com/matrix-org/prosody-mod-auth-matrix-user-verification"
|
|
||||||
matrix_jitsi_prosody_auth_matrix_user_verification_repo_target: "{{ matrix_jitsi_prosody_ext_path }}/prosody_auth_matrix_user_verification"
|
|
||||||
matrix_jitsi_prosody_auth_matrix_user_verification_repo_version: "2839499cb03894d8cfc3e5b2219441427cb133d8" # v1.8.0
|
|
||||||
matrix_jitsi_prosody_auth_matrix_uvs_sync_power_levels: true
|
|
||||||
matrix_jitsi_prosody_auth_matrix_uvs_location: ""
|
|
||||||
# Should match domain, see https://github.com/vector-im/element-web/pull/15114/commits/0410a6b3be82a41457275e4d1ce879dea146e092
|
|
||||||
matrix_jitsi_prosody_auth_matrix_jwt_app_id: "{{ matrix_server_fqn_jitsi }}"
|
|
||||||
matrix_jitsi_prosody_auth_matrix_files:
|
|
||||||
- path: "mod_auth_matrix_user_verification.lua"
|
|
||||||
when: true
|
|
||||||
- path: "mod_matrix_power_sync.lua"
|
|
||||||
when: "{{ matrix_jitsi_prosody_auth_matrix_uvs_sync_power_levels }}"
|
|
||||||
|
|
||||||
# Plugged in group_vars
|
|
||||||
matrix_jitsi_prosody_auth_matrix_uvs_auth_token: ''
|
|
||||||
|
|
||||||
matrix_jitsi_timezone: UTC
|
|
||||||
|
|
||||||
matrix_jitsi_xmpp_domain: meet.jitsi
|
|
||||||
matrix_jitsi_xmpp_server: xmpp.meet.jitsi
|
|
||||||
matrix_jitsi_xmpp_auth_domain: auth.meet.jitsi
|
|
||||||
matrix_jitsi_xmpp_bosh_url_base: http://{{ matrix_jitsi_xmpp_server }}:5280
|
|
||||||
matrix_jitsi_xmpp_guest_domain: guest.meet.jitsi
|
|
||||||
matrix_jitsi_xmpp_muc_domain: muc.meet.jitsi
|
|
||||||
matrix_jitsi_xmpp_internal_muc_domain: internal-muc.meet.jitsi
|
|
||||||
matrix_jitsi_xmpp_modules: ''
|
|
||||||
|
|
||||||
matrix_jitsi_recorder_domain: recorder.meet.jitsi
|
|
||||||
|
|
||||||
|
|
||||||
matrix_jitsi_jibri_brewery_muc: jibribrewery
|
|
||||||
matrix_jitsi_jibri_pending_timeout: 90
|
|
||||||
matrix_jitsi_jibri_xmpp_user: jibri
|
|
||||||
matrix_jitsi_jibri_xmpp_password: ''
|
|
||||||
matrix_jitsi_jibri_recorder_user: recorder
|
|
||||||
matrix_jitsi_jibri_recorder_password: ''
|
|
||||||
|
|
||||||
matrix_jitsi_enable_lobby: false
|
|
||||||
|
|
||||||
matrix_jitsi_version: stable-8319
|
|
||||||
matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility
|
|
||||||
|
|
||||||
matrix_jitsi_web_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/web:{{ matrix_jitsi_container_image_tag }}"
|
|
||||||
matrix_jitsi_web_docker_image_force_pull: "{{ matrix_jitsi_web_docker_image.endswith(':latest') }}"
|
|
||||||
|
|
||||||
matrix_jitsi_web_base_path: "{{ matrix_base_data_path }}/jitsi/web"
|
|
||||||
matrix_jitsi_web_config_path: "{{ matrix_jitsi_web_base_path }}/config"
|
|
||||||
matrix_jitsi_web_transcripts_path: "{{ matrix_jitsi_web_base_path }}/transcripts"
|
|
||||||
matrix_jitsi_web_crontabs_path: "{{ matrix_jitsi_web_base_path }}/crontabs"
|
|
||||||
|
|
||||||
matrix_jitsi_web_public_url: "https://{{ matrix_server_fqn_jitsi }}"
|
|
||||||
|
|
||||||
# STUN servers used in the web UI. Feel free to point them to your own STUN server.
|
|
||||||
# Addresses need to be prefixed with one of `stun:`, `turn:` or `turns:`.
|
|
||||||
matrix_jitsi_web_stun_servers: ['stun:meet-jit-si-turnrelay.jitsi.net:443']
|
|
||||||
|
|
||||||
# Setting up TURN
|
|
||||||
# Default set with Coturn container
|
|
||||||
matrix_jitsi_turn_credentials: "{{ matrix_coturn_turn_static_auth_secret }}"
|
|
||||||
matrix_jitsi_turn_host: "turn.{{ matrix_server_fqn_matrix }}"
|
|
||||||
matrix_jitsi_turns_host: "turn.{{ matrix_server_fqn_matrix }}"
|
|
||||||
matrix_jitsi_turn_port: "{{ matrix_coturn_container_stun_plain_host_bind_port }}"
|
|
||||||
matrix_jitsi_turns_port: "{{ matrix_coturn_container_stun_tls_host_bind_port }}"
|
|
||||||
matrix_jitsi_turn_transport: tcp
|
|
||||||
|
|
||||||
# Controls whether Etherpad will be available within Jitsi
|
|
||||||
matrix_jitsi_etherpad_enabled: false
|
|
||||||
|
|
||||||
# Controls whether the matrix-jitsi-web container exposes its HTTP port (tcp/80 in the container).
|
|
||||||
#
|
|
||||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:13080"), or empty string to not expose.
|
|
||||||
matrix_jitsi_web_container_http_host_bind_port: ''
|
|
||||||
|
|
||||||
# A list of extra arguments to pass to the container
|
|
||||||
matrix_jitsi_web_container_extra_arguments: []
|
|
||||||
|
|
||||||
# List of systemd services that matrix-jitsi-web.service depends on
|
|
||||||
matrix_jitsi_web_systemd_required_services_list: ['docker.service']
|
|
||||||
|
|
||||||
|
|
||||||
# Custom configuration to be appended to `interface_config.js`, passed to Jitsi Web.
|
|
||||||
#
|
|
||||||
# Note: not to be confused with `matrix_jitsi_web_custom_config_extension`.
|
|
||||||
#
|
|
||||||
# For interface configuration, the flow is like this:
|
|
||||||
# - a default `interface_config.js` is generated from within the docker image
|
|
||||||
# - the contents of `matrix_jitsi_web_custom_interface_config_extension` is appended and can define new settings or override defaults.
|
|
||||||
#
|
|
||||||
# Example:
|
|
||||||
# matrix_jitsi_web_custom_interface_config_extension: |
|
|
||||||
# interfaceConfig.LANG_DETECTION = false;
|
|
||||||
# interfaceConfig.SHOW_JITSI_WATERMARK = false;
|
|
||||||
# interfaceConfig.DISABLE_VIDEO_BACKGROUND = true;
|
|
||||||
matrix_jitsi_web_custom_interface_config_extension: ''
|
|
||||||
|
|
||||||
|
|
||||||
# Controls after which participant audio will be muted. If not specified, defaults to Jitsi's default value (likely 10)
|
|
||||||
matrix_jitsi_web_config_start_audio_muted_after_nth_participant: ~
|
|
||||||
# Controls after which participant video will be muted. If not specified, defaults to Jitsi's default value (likely 10)
|
|
||||||
matrix_jitsi_web_config_start_video_muted_after_nth_participant: ~
|
|
||||||
|
|
||||||
matrix_jitsi_web_config_defaultLanguage: 'en' # noqa var-naming
|
|
||||||
|
|
||||||
# Ideal and also maximum resolution width. If not specified, defaults to Jitsi's default value (likely 1280)
|
|
||||||
matrix_jitsi_web_config_resolution_width_ideal_and_max: ~
|
|
||||||
# Minimum resolution width. If not specified, defaults to Jitsi's default value (likely 320)
|
|
||||||
matrix_jitsi_web_config_resolution_width_min: ~
|
|
||||||
# Ideal and also maximum resolution height. If not specified, defaults to Jitsi's default value (likely 720)
|
|
||||||
matrix_jitsi_web_config_resolution_height_ideal_and_max: ~
|
|
||||||
# Minimum resolution height. If not specified, defaults to Jitsi's default value (likely 180)
|
|
||||||
matrix_jitsi_web_config_resolution_height_min: ~
|
|
||||||
|
|
||||||
# Custom configuration to be injected into `custom-config.js`, passed to Jitsi Web.
|
|
||||||
# This configuration gets appended to the final configuration that Jitsi Web uses.
|
|
||||||
#
|
|
||||||
# Note: not to be confused with `matrix_jitsi_web_custom_interface_config_extension`.
|
|
||||||
#
|
|
||||||
# The flow is like this:
|
|
||||||
# - some default configuration is automatically generated based on the environment variables passed to the Jitsi Web container
|
|
||||||
# - the contents of `custom-config.js` is appended to it (see `templates/web/custom-config.js.j2`)
|
|
||||||
# - said `custom-config.js` contains your custom contents specified in `matrix_jitsi_web_custom_config_extension`.
|
|
||||||
#
|
|
||||||
# Example:
|
|
||||||
# matrix_jitsi_web_custom_config_extension: |
|
|
||||||
# if (!config.hasOwnProperty('testing')) config.testing = {};
|
|
||||||
# config.testing.p2pTestMode = true
|
|
||||||
matrix_jitsi_web_custom_config_extension: ''
|
|
||||||
|
|
||||||
# Additional environment variables to pass to the Jitsi Web container.
|
|
||||||
# You can use this to further influence the default configuration generated by the Jitsi Web container on every startup.
|
|
||||||
# Besides influencing the final configuration by passing environment variables, you can also inject custom configuration
|
|
||||||
# by using `matrix_jitsi_web_custom_config_extension`.
|
|
||||||
#
|
|
||||||
# Example:
|
|
||||||
# matrix_jitsi_web_environment_variables_extension: |
|
|
||||||
# ENABLE_FILE_RECORDING_SERVICE=1
|
|
||||||
# DROPBOX_APPKEY=something
|
|
||||||
# DROPBOX_REDIRECT_URI=something
|
|
||||||
matrix_jitsi_web_environment_variables_extension: ''
|
|
||||||
|
|
||||||
|
|
||||||
matrix_jitsi_prosody_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/prosody:{{ matrix_jitsi_container_image_tag }}"
|
|
||||||
matrix_jitsi_prosody_docker_image_force_pull: "{{ matrix_jitsi_prosody_docker_image.endswith(':latest') }}"
|
|
||||||
|
|
||||||
matrix_jitsi_prosody_base_path: "{{ matrix_base_data_path }}/jitsi/prosody"
|
|
||||||
matrix_jitsi_prosody_config_path: "{{ matrix_jitsi_prosody_base_path }}/config"
|
|
||||||
matrix_jitsi_prosody_plugins_path: "{{ matrix_jitsi_prosody_base_path }}/prosody-plugins-custom"
|
|
||||||
matrix_jitsi_prosody_ext_path: "{{ matrix_jitsi_prosody_base_path }}/ext"
|
|
||||||
|
|
||||||
# well known is currently only needed for auth type "matrix"
|
|
||||||
matrix_jitsi_require_well_known: "{{ matrix_jitsi_enable_auth | bool and matrix_jitsi_auth_type == 'matrix' }}"
|
|
||||||
matrix_jitsi_wellknown_element_jitsi_json: '{"auth": "openidtoken-jwt"}'
|
|
||||||
|
|
||||||
#
|
|
||||||
matrix_jitsi_muc_modules: |
|
|
||||||
{{
|
|
||||||
(['matrix_power_sync'] if matrix_jitsi_prosody_auth_matrix_uvs_sync_power_levels | bool else [])
|
|
||||||
}}
|
|
||||||
|
|
||||||
# A list of extra arguments to pass to the container
|
|
||||||
matrix_jitsi_prosody_container_extra_arguments: []
|
|
||||||
|
|
||||||
# List of systemd services that matrix-jitsi-prosody.service depends on
|
|
||||||
matrix_jitsi_prosody_systemd_required_services_list: ['docker.service']
|
|
||||||
|
|
||||||
# Neccessary Port binding for those disabling the integrated nginx proxy
|
|
||||||
matrix_jitsi_prosody_container_http_host_bind_port: ''
|
|
||||||
|
|
||||||
matrix_jitsi_prosody_container_jvb_host_bind_port: 5222
|
|
||||||
|
|
||||||
matrix_jitsi_jicofo_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/jicofo:{{ matrix_jitsi_container_image_tag }}"
|
|
||||||
matrix_jitsi_jicofo_docker_image_force_pull: "{{ matrix_jitsi_jicofo_docker_image.endswith(':latest') }}"
|
|
||||||
|
|
||||||
matrix_jitsi_jicofo_base_path: "{{ matrix_base_data_path }}/jitsi/jicofo"
|
|
||||||
matrix_jitsi_jicofo_config_path: "{{ matrix_jitsi_jicofo_base_path }}/config"
|
|
||||||
|
|
||||||
# A list of extra arguments to pass to the container
|
|
||||||
matrix_jitsi_jicofo_container_extra_arguments: []
|
|
||||||
|
|
||||||
# List of systemd services that matrix-jitsi-jicofo.service depends on
|
|
||||||
matrix_jitsi_jicofo_systemd_required_services_list: ['docker.service', 'matrix-jitsi-prosody.service']
|
|
||||||
|
|
||||||
matrix_jitsi_jicofo_component_secret: ''
|
|
||||||
matrix_jitsi_jicofo_auth_user: focus
|
|
||||||
matrix_jitsi_jicofo_auth_password: ''
|
|
||||||
|
|
||||||
# To enable Sentry integration for Jicofo, specify a valid DSN connection string
|
|
||||||
matrix_jitsi_jicofo_sentry_dsn: ''
|
|
||||||
|
|
||||||
matrix_jitsi_jvb_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/jvb:{{ matrix_jitsi_container_image_tag }}"
|
|
||||||
matrix_jitsi_jvb_docker_image_force_pull: "{{ matrix_jitsi_jvb_docker_image.endswith(':latest') }}"
|
|
||||||
|
|
||||||
matrix_jitsi_jvb_base_path: "{{ matrix_base_data_path }}/jitsi/jvb"
|
|
||||||
matrix_jitsi_jvb_config_path: "{{ matrix_jitsi_jvb_base_path }}/config"
|
|
||||||
|
|
||||||
# A list of extra arguments to pass to the container
|
|
||||||
matrix_jitsi_jvb_container_extra_arguments: []
|
|
||||||
|
|
||||||
# List of systemd services that matrix-jitsi-jvb.service depends on
|
|
||||||
matrix_jitsi_jvb_systemd_required_services_list: ['docker.service']
|
|
||||||
|
|
||||||
matrix_jitsi_jvb_auth_user: jvb
|
|
||||||
matrix_jitsi_jvb_auth_password: ''
|
|
||||||
|
|
||||||
# To enable Sentry integration for JVB, specify a valid DSN connection string
|
|
||||||
matrix_jitsi_jvb_sentry_dsn: ''
|
|
||||||
|
|
||||||
# STUN servers used by JVB on the server-side, so it can discover its own external IP address.
|
|
||||||
# Pointing this to a STUN server running on the same Docker network may lead to incorrect IP address discovery.
|
|
||||||
matrix_jitsi_jvb_stun_servers: ['meet-jit-si-turnrelay.jitsi.net:443']
|
|
||||||
|
|
||||||
matrix_jitsi_jvb_brewery_muc: jvbbrewery
|
|
||||||
matrix_jitsi_jvb_rtp_udp_port: 10000
|
|
||||||
matrix_jitsi_jvb_rtp_tcp_port: 4443
|
|
||||||
matrix_jitsi_jvb_server_id: 'jvb-1'
|
|
||||||
|
|
||||||
|
|
||||||
# Custom configuration to be injected into `custom-sip-communicator.properties`, passed to Jitsi JVB.
|
|
||||||
# This configuration gets appended to the final configuration that Jitsi JVB uses.
|
|
||||||
#
|
|
||||||
# The flow is like this:
|
|
||||||
# - some default configuration is automatically generated based on the environment variables passed to the Jitsi JVB container
|
|
||||||
# - the contents of `custom-sip-communicator.properties` is appended to it (see `templates/jvb/custom-sip-communicator.properties.j2`)
|
|
||||||
# - said `custom-sip-communicator.properties` contains your custom contents specified in `matrix_jitsi_jvb_custom_config_extension`.
|
|
||||||
#
|
|
||||||
# Example:
|
|
||||||
# matrix_jitsi_jvb_custom_config_extension: |
|
|
||||||
# org.jitsi.videobridge.xmpp.user.shard.DISABLE_CERTIFICATE_VERIFICATION=false
|
|
||||||
# org.jitsi.videobridge.ENABLE_STATISTICS=false
|
|
||||||
matrix_jitsi_jvb_custom_config_extension: ''
|
|
||||||
|
|
||||||
# Additional environment variables to pass to the Jitsi JVB container.
|
|
||||||
# You can use this to further influence the default configuration generated by the Jitsi JVB container on every startup.
|
|
||||||
# Besides influencing the final configuration by passing environment variables, you can also inject custom configuration
|
|
||||||
# by using `matrix_jitsi_jvb_custom_config_extension`.
|
|
||||||
#
|
|
||||||
# Example:
|
|
||||||
# matrix_jitsi_jvb_environment_variables_extension: |
|
|
||||||
# SOME_VARIABLE=1
|
|
||||||
# ANOTHER_VARIABLE=something
|
|
||||||
matrix_jitsi_jvb_environment_variables_extension: ''
|
|
||||||
|
|
||||||
# Controls whether the matrix-jitsi-jvb container exposes its RTP UDP port (udp/10000 in the container).
|
|
||||||
#
|
|
||||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:10000"), or empty string to not expose.
|
|
||||||
matrix_jitsi_jvb_container_rtp_udp_host_bind_port: "{{ matrix_jitsi_jvb_rtp_udp_port }}"
|
|
||||||
|
|
||||||
# Controls whether the matrix-jitsi-jvb container exposes its RTP UDP port (udp/4443 in the container).
|
|
||||||
#
|
|
||||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:4443"), or empty string to not expose.
|
|
||||||
matrix_jitsi_jvb_container_rtp_tcp_host_bind_port: "{{ matrix_jitsi_jvb_rtp_tcp_port }}"
|
|
||||||
|
|
||||||
# Controls whether the matrix-jitsi-jvb container exposes its Colibri WebSocket port (tcp/9090 in the container).
|
|
||||||
#
|
|
||||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:12090"), or empty string to not expose.
|
|
||||||
matrix_jitsi_jvb_container_colibri_ws_host_bind_port: ''
|
|
||||||
|
|
||||||
# Default max participants to the empty string
|
|
||||||
#
|
|
||||||
# The setting requires an integer to be set for usage and allows a user to specify the max number of particpants on a conference.
|
|
||||||
matrix_prosody_jitsi_max_participants: ''
|
|
||||||
|
|
||||||
# Allows abailty to set XMPP AUTH user if using JIGASI
|
|
||||||
matrix_jitsi_jigasi_xmpp_user: ''
|
|
||||||
# Allows abailty to set XMPP AUTH pasword if using JIGASI
|
|
||||||
matrix_jitsi_jigasi_xmpp_password: ''
|
|
@ -1,5 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- ansible.builtin.set_fact:
|
|
||||||
devture_systemd_service_manager_services_list_auto: "{{ [{'name': 'matrix-jitsi-jvb.service', 'priority': 1000, 'groups': ['matrix', 'jitsi', 'jitsi-jvb']}] }}"
|
|
||||||
when: matrix_jitsi_enabled | bool
|
|
@ -1,75 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- tags:
|
|
||||||
- setup-additional-jitsi-jvb
|
|
||||||
- install-additional-jitsi-jvb
|
|
||||||
block:
|
|
||||||
- when: matrix_jitsi_enabled | bool
|
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/init_additional_jvb.yml"
|
|
||||||
|
|
||||||
- tags:
|
|
||||||
- setup-all
|
|
||||||
- setup-jitsi
|
|
||||||
- setup-additional-jitsi-jvb
|
|
||||||
- install-all
|
|
||||||
- install-jitsi
|
|
||||||
- install-additional-jitsi-jvb
|
|
||||||
block:
|
|
||||||
- when: matrix_jitsi_enabled | bool
|
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
|
||||||
|
|
||||||
- when: matrix_jitsi_enabled | bool
|
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_jitsi_base.yml"
|
|
||||||
|
|
||||||
- tags:
|
|
||||||
- setup-all
|
|
||||||
- setup-jitsi
|
|
||||||
- install-all
|
|
||||||
- install-jitsi
|
|
||||||
block:
|
|
||||||
- when: matrix_jitsi_enabled | bool
|
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_jitsi_web_install.yml"
|
|
||||||
|
|
||||||
- when: matrix_jitsi_enabled | bool
|
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_jitsi_prosody_install.yml"
|
|
||||||
|
|
||||||
- when: matrix_jitsi_enabled | bool
|
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_jitsi_jicofo_install.yml"
|
|
||||||
|
|
||||||
- tags:
|
|
||||||
- setup-all
|
|
||||||
- setup-jitsi
|
|
||||||
block:
|
|
||||||
- when: not matrix_jitsi_enabled | bool
|
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_jitsi_web_uninstall.yml"
|
|
||||||
|
|
||||||
- when: not matrix_jitsi_enabled | bool
|
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_jitsi_prosody_uninstall.yml"
|
|
||||||
|
|
||||||
- when: not matrix_jitsi_enabled | bool
|
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_jitsi_jicofo_uninstall.yml"
|
|
||||||
|
|
||||||
- tags:
|
|
||||||
- setup-all
|
|
||||||
- setup-jitsi
|
|
||||||
- setup-additional-jitsi-jvb
|
|
||||||
- install-all
|
|
||||||
- install-jitsi
|
|
||||||
- install-additional-jitsi-jvb
|
|
||||||
block:
|
|
||||||
- when: matrix_jitsi_enabled | bool
|
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_jitsi_jvb_install.yml"
|
|
||||||
|
|
||||||
- tags:
|
|
||||||
- setup-all
|
|
||||||
- setup-jitsi
|
|
||||||
- setup-additional-jitsi-jvb
|
|
||||||
block:
|
|
||||||
- when: not matrix_jitsi_enabled | bool
|
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_jitsi_jvb_uninstall.yml"
|
|
||||||
|
|
||||||
- tags:
|
|
||||||
- self-check
|
|
||||||
block:
|
|
||||||
- when: matrix_jitsi_enable_auth | bool and matrix_jitsi_auth_type == 'matrix'
|
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/self_check_matrix_auth.yml"
|
|
@ -1,63 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- ansible.builtin.set_fact:
|
|
||||||
matrix_jitsi_prosody_self_check_uvs_health_url: "{{ matrix_jitsi_prosody_auth_matrix_uvs_location }}/health"
|
|
||||||
matrix_jitsi_element_jitsi_well_known_url: "{{ matrix_jitsi_web_public_url }}/.well-known/element/jitsi"
|
|
||||||
|
|
||||||
- name: Check if jitsi serves the .well-known/element/jitsi
|
|
||||||
ansible.builtin.uri:
|
|
||||||
url: "{{ matrix_jitsi_element_jitsi_well_known_url }}"
|
|
||||||
follow_redirects: none
|
|
||||||
return_content: true
|
|
||||||
validate_certs: "{{ matrix_jitsi_self_check_validate_certificates }}"
|
|
||||||
headers:
|
|
||||||
Origin: example.com
|
|
||||||
check_mode: false
|
|
||||||
register: result_well_known_jitsi_element_jitsi
|
|
||||||
ignore_errors: true
|
|
||||||
|
|
||||||
- name: Fail if .well-known not working
|
|
||||||
ansible.builtin.fail:
|
|
||||||
msg: |
|
|
||||||
Failed checking that the Jitsi well-known file for Element auth is configured at `{{ matrix_jitsi_element_jitsi_well_known_url }}`
|
|
||||||
Full error: {{ result_well_known_jitsi_element_jitsi }}
|
|
||||||
when: "result_well_known_jitsi_element_jitsi.failed"
|
|
||||||
|
|
||||||
- name: Parse JSON for well-known payload at the matrix hostname
|
|
||||||
ansible.builtin.set_fact:
|
|
||||||
well_known_matrix_payload: "{{ result_well_known_jitsi_element_jitsi.content | from_json }}"
|
|
||||||
|
|
||||||
- name: Fail if .well-known not CORS-aware
|
|
||||||
ansible.builtin.fail:
|
|
||||||
msg: "The well-known file on `{{ matrix_jitsi_element_jitsi_well_known_url }}` is not CORS-aware. The file needs to be served with an Access-Control-Allow-Origin header set."
|
|
||||||
when: "'access_control_allow_origin' not in result_well_known_jitsi_element_jitsi"
|
|
||||||
|
|
||||||
- name: Report working .well-known
|
|
||||||
ansible.builtin.debug:
|
|
||||||
msg: "well-known is configured correctly at `{{ matrix_jitsi_element_jitsi_well_known_url }}`"
|
|
||||||
|
|
||||||
- name: Check if we can reach the user verification service and if it's healthy
|
|
||||||
ansible.builtin.command:
|
|
||||||
argv:
|
|
||||||
- "docker"
|
|
||||||
- "exec"
|
|
||||||
- "matrix-jitsi-prosody"
|
|
||||||
- "wget"
|
|
||||||
- "-O"
|
|
||||||
- "-"
|
|
||||||
- "--quiet"
|
|
||||||
- "{{ matrix_jitsi_prosody_self_check_uvs_health_url | quote }}"
|
|
||||||
register: matrix_jitsi_prosody_self_check_uvs_result
|
|
||||||
changed_when: false
|
|
||||||
ignore_errors: true
|
|
||||||
|
|
||||||
- name: Fail if user verification service is not (reachable and healthy)
|
|
||||||
ansible.builtin.fail:
|
|
||||||
msg: |
|
|
||||||
Failed checking user verification service is up (checked endpoint: `{{ matrix_jitsi_prosody_self_check_uvs_health_url }}`).
|
|
||||||
Full error: {{ matrix_jitsi_prosody_self_check_uvs_result }}
|
|
||||||
when: "matrix_jitsi_prosody_self_check_uvs_result.failed"
|
|
||||||
|
|
||||||
- name: Report healthy user verification service
|
|
||||||
ansible.builtin.debug:
|
|
||||||
msg: "User verification service is working (checked endpoint: `{{ matrix_jitsi_prosody_self_check_uvs_health_url }}`)"
|
|
@ -1,16 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- ansible.builtin.include_role:
|
|
||||||
name: custom/matrix-base
|
|
||||||
tasks_from: ensure_openssl_installed
|
|
||||||
|
|
||||||
- name: Ensure Matrix jitsi base path exists
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
mode: 0750
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
with_items:
|
|
||||||
- {path: "{{ matrix_jitsi_base_path }}", when: true}
|
|
||||||
when: item.when | bool
|
|
@ -1,51 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Ensure Matrix jitsi-jicofo path exists
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
mode: 0777
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
with_items:
|
|
||||||
- {path: "{{ matrix_jitsi_jicofo_base_path }}", when: true}
|
|
||||||
- {path: "{{ matrix_jitsi_jicofo_config_path }}", when: true}
|
|
||||||
when: item.when | bool
|
|
||||||
|
|
||||||
- name: Ensure jitsi-jicofo Docker image is pulled
|
|
||||||
community.docker.docker_image:
|
|
||||||
name: "{{ matrix_jitsi_jicofo_docker_image }}"
|
|
||||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
|
||||||
force_source: "{{ matrix_jitsi_jicofo_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
|
||||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_jicofo_docker_image_force_pull }}"
|
|
||||||
register: result
|
|
||||||
retries: "{{ devture_playbook_help_container_retries_count }}"
|
|
||||||
delay: "{{ devture_playbook_help_container_retries_delay }}"
|
|
||||||
until: result is not failed
|
|
||||||
|
|
||||||
- name: Ensure jitsi-jicofo environment variables file created
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ role_path }}/templates/jicofo/env.j2"
|
|
||||||
dest: "{{ matrix_jitsi_jicofo_base_path }}/env"
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
mode: 0640
|
|
||||||
when: matrix_jitsi_enabled | bool
|
|
||||||
|
|
||||||
- name: Ensure jitsi-jicofo configuration files created
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ role_path }}/templates/jicofo/{{ item }}.j2"
|
|
||||||
dest: "{{ matrix_jitsi_jicofo_config_path }}/{{ item }}"
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
mode: 0644
|
|
||||||
with_items:
|
|
||||||
- sip-communicator.properties
|
|
||||||
- logging.properties
|
|
||||||
|
|
||||||
- name: Ensure matrix-jitsi-jicofo.service installed
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ role_path }}/templates/jicofo/matrix-jitsi-jicofo.service.j2"
|
|
||||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-jicofo.service"
|
|
||||||
mode: 0644
|
|
||||||
register: matrix_jitsi_jicofo_systemd_service_result
|
|
@ -1,25 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Check existence of matrix-jitsi-jicofo service
|
|
||||||
ansible.builtin.stat:
|
|
||||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-jicofo.service"
|
|
||||||
register: matrix_jitsi_jicofo_service_stat
|
|
||||||
|
|
||||||
- when: matrix_jitsi_jicofo_service_stat.stat.exists | bool
|
|
||||||
block:
|
|
||||||
- name: Ensure matrix-jitsi-jicofo is stopped
|
|
||||||
ansible.builtin.service:
|
|
||||||
name: matrix-jitsi-jicofo
|
|
||||||
state: stopped
|
|
||||||
enabled: false
|
|
||||||
daemon_reload: true
|
|
||||||
|
|
||||||
- name: Ensure matrix-jitsi-jicofo.service doesn't exist
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-jicofo.service"
|
|
||||||
state: absent
|
|
||||||
|
|
||||||
- name: Ensure Matrix jitsi-jicofo paths doesn't exist
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ matrix_jitsi_jicofo_base_path }}"
|
|
||||||
state: absent
|
|
@ -1,49 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Ensure Matrix jitsi-jvb path exists
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
mode: 0777
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
with_items:
|
|
||||||
- {path: "{{ matrix_jitsi_jvb_base_path }}", when: true}
|
|
||||||
- {path: "{{ matrix_jitsi_jvb_config_path }}", when: true}
|
|
||||||
when: item.when | bool
|
|
||||||
|
|
||||||
- name: Ensure jitsi-jvb Docker image is pulled
|
|
||||||
community.docker.docker_image:
|
|
||||||
name: "{{ matrix_jitsi_jvb_docker_image }}"
|
|
||||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
|
||||||
force_source: "{{ matrix_jitsi_jvb_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
|
||||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_jvb_docker_image_force_pull }}"
|
|
||||||
register: result
|
|
||||||
retries: "{{ devture_playbook_help_container_retries_count }}"
|
|
||||||
delay: "{{ devture_playbook_help_container_retries_delay }}"
|
|
||||||
until: result is not failed
|
|
||||||
|
|
||||||
- name: Ensure jitsi-jvb configuration files created
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ role_path }}/templates/jvb/{{ item }}.j2"
|
|
||||||
dest: "{{ matrix_jitsi_jvb_config_path }}/{{ item }}"
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
mode: 0644
|
|
||||||
with_items:
|
|
||||||
- custom-sip-communicator.properties
|
|
||||||
- logging.properties
|
|
||||||
|
|
||||||
- name: Ensure jitsi-jvb environment variables file created
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ role_path }}/templates/jvb/env.j2"
|
|
||||||
dest: "{{ matrix_jitsi_jvb_base_path }}/env"
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
mode: 0640
|
|
||||||
|
|
||||||
- name: Ensure matrix-jitsi-jvb.service installed
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ role_path }}/templates/jvb/matrix-jitsi-jvb.service.j2"
|
|
||||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-jvb.service"
|
|
||||||
mode: 0644
|
|
@ -1,25 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Check existence of matrix-jitsi-jvb service
|
|
||||||
ansible.builtin.stat:
|
|
||||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-jvb.service"
|
|
||||||
register: matrix_jitsi_jvb_service_stat
|
|
||||||
|
|
||||||
- when: matrix_jitsi_jvb_service_stat.stat.exists | bool
|
|
||||||
block:
|
|
||||||
- name: Ensure matrix-jitsi-jvb is stopped
|
|
||||||
ansible.builtin.service:
|
|
||||||
name: matrix-jitsi-jvb
|
|
||||||
state: stopped
|
|
||||||
enabled: false
|
|
||||||
daemon_reload: true
|
|
||||||
|
|
||||||
- name: Ensure matrix-jitsi-jvb.service doesn't exist
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-jvb.service"
|
|
||||||
state: absent
|
|
||||||
|
|
||||||
- name: Ensure Matrix jitsi-jvb paths doesn't exist
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ matrix_jitsi_jvb_base_path }}"
|
|
||||||
state: absent
|
|
@ -1,85 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Ensure Matrix jitsi-prosody environment exists
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
mode: 0777
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
with_items:
|
|
||||||
- {path: "{{ matrix_jitsi_prosody_base_path }}", when: true}
|
|
||||||
- {path: "{{ matrix_jitsi_prosody_config_path }}", when: true}
|
|
||||||
- {path: "{{ matrix_jitsi_prosody_plugins_path }}", when: true}
|
|
||||||
- {path: "{{ matrix_jitsi_prosody_ext_path }}", when: true}
|
|
||||||
when: item.when | bool
|
|
||||||
|
|
||||||
- name: Ensure jitsi-prosody Docker image is pulled
|
|
||||||
community.docker.docker_image:
|
|
||||||
name: "{{ matrix_jitsi_prosody_docker_image }}"
|
|
||||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
|
||||||
force_source: "{{ matrix_jitsi_prosody_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
|
||||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_prosody_docker_image_force_pull }}"
|
|
||||||
register: result
|
|
||||||
retries: "{{ devture_playbook_help_container_retries_count }}"
|
|
||||||
delay: "{{ devture_playbook_help_container_retries_delay }}"
|
|
||||||
until: result is not failed
|
|
||||||
|
|
||||||
- name: Ensure jitsi-prosody environment variables file is created
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ role_path }}/templates/prosody/env.j2"
|
|
||||||
dest: "{{ matrix_jitsi_prosody_base_path }}/env"
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
mode: 0640
|
|
||||||
|
|
||||||
# Configure matrix authentication.
|
|
||||||
- name: Install user verification plugin
|
|
||||||
ansible.builtin.include_tasks:
|
|
||||||
file: "{{ role_path }}/tasks/util/setup_jitsi_auth_uvs_install.yml"
|
|
||||||
when: matrix_jitsi_enable_auth | bool and matrix_jitsi_auth_type == "matrix"
|
|
||||||
|
|
||||||
- name: Manage Jitsi .well-known
|
|
||||||
when: matrix_jitsi_require_well_known | bool
|
|
||||||
block:
|
|
||||||
- name: Ensure .well-known directories exist
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
mode: 0775
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
with_items:
|
|
||||||
- {path: "{{ matrix_static_files_base_path }}/.well-known/element", when: "{{ matrix_jitsi_enable_auth | bool and matrix_jitsi_auth_type == 'matrix' }}"}
|
|
||||||
when: item.when | bool
|
|
||||||
|
|
||||||
# Create .well-known/element/jitsi in the static file directory for nginx-proxy.
|
|
||||||
- name: Ensure Jitsi /.well-known/element/jitsi configured
|
|
||||||
ansible.builtin.copy:
|
|
||||||
content: "{{ matrix_jitsi_wellknown_element_jitsi_json }}"
|
|
||||||
dest: "{{ matrix_static_files_base_path }}/.well-known/element/jitsi"
|
|
||||||
mode: 0644
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
when: matrix_jitsi_enable_auth | bool and matrix_jitsi_auth_type == "matrix"
|
|
||||||
# END Block
|
|
||||||
|
|
||||||
# Remove matrix authentication if disabled
|
|
||||||
- name: Ensure user verification plugin is not present if matrix auth is disabled
|
|
||||||
ansible.builtin.include_tasks:
|
|
||||||
file: "{{ role_path }}/tasks/util/setup_jitsi_auth_uvs_uninstall.yml"
|
|
||||||
when: (not matrix_jitsi_enable_auth | bool) or (matrix_jitsi_auth_type != "matrix")
|
|
||||||
|
|
||||||
- name: Ensure matrix-jitsi-prosody.service file is installed
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ role_path }}/templates/prosody/matrix-jitsi-prosody.service.j2"
|
|
||||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-prosody.service"
|
|
||||||
mode: 0644
|
|
||||||
register: matrix_jitsi_prosody_systemd_service_result
|
|
||||||
|
|
||||||
# Tasks that require a running prosody container are called in this file.
|
|
||||||
- name: Run prosody related tasks, that require a running container.
|
|
||||||
ansible.builtin.include_tasks:
|
|
||||||
file: "{{ role_path }}/tasks/util/setup_jitsi_prosody_post_setup_hooks.yml"
|
|
||||||
when:
|
|
||||||
- matrix_jitsi_enable_auth | bool and matrix_jitsi_auth_type == "internal"
|
|
@ -1,25 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Check if matrix-jitsi-prosody.service file exists
|
|
||||||
ansible.builtin.stat:
|
|
||||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-prosody.service"
|
|
||||||
register: matrix_jitsi_prosody_service_stat
|
|
||||||
|
|
||||||
- when: matrix_jitsi_prosody_service_stat.stat.exists | bool
|
|
||||||
block:
|
|
||||||
- name: Ensure matrix-jitsi-prosody is stopped
|
|
||||||
ansible.builtin.service:
|
|
||||||
name: matrix-jitsi-prosody
|
|
||||||
state: stopped
|
|
||||||
enabled: false
|
|
||||||
daemon_reload: true
|
|
||||||
|
|
||||||
- name: Ensure matrix-jitsi-prosody.service file doesn't exist
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-prosody.service"
|
|
||||||
state: absent
|
|
||||||
|
|
||||||
- name: Ensure Matrix jitsi-prosody paths doesn't exist
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ matrix_jitsi_prosody_base_path }}"
|
|
||||||
state: absent
|
|
@ -1,52 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Ensure Matrix jitsi-web path exists
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
mode: 0777
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
with_items:
|
|
||||||
- {path: "{{ matrix_jitsi_web_base_path }}", when: true}
|
|
||||||
- {path: "{{ matrix_jitsi_web_config_path }}", when: true}
|
|
||||||
- {path: "{{ matrix_jitsi_web_transcripts_path }}", when: true}
|
|
||||||
- {path: "{{ matrix_jitsi_web_crontabs_path }}", when: true}
|
|
||||||
when: item.when | bool
|
|
||||||
|
|
||||||
- name: Ensure jitsi-web Docker image is pulled
|
|
||||||
community.docker.docker_image:
|
|
||||||
name: "{{ matrix_jitsi_web_docker_image }}"
|
|
||||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
|
||||||
force_source: "{{ matrix_jitsi_web_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
|
||||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_web_docker_image_force_pull }}"
|
|
||||||
register: result
|
|
||||||
retries: "{{ devture_playbook_help_container_retries_count }}"
|
|
||||||
delay: "{{ devture_playbook_help_container_retries_delay }}"
|
|
||||||
until: result is not failed
|
|
||||||
|
|
||||||
- name: Ensure jitsi-web environment variables file created
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ role_path }}/templates/web/env.j2"
|
|
||||||
dest: "{{ matrix_jitsi_web_base_path }}/env"
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
mode: 0640
|
|
||||||
|
|
||||||
- name: Ensure jitsi-web configuration files created
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ role_path }}/templates/web/{{ item }}.j2"
|
|
||||||
dest: "{{ matrix_jitsi_web_config_path }}/{{ item }}"
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
mode: 0644
|
|
||||||
with_items:
|
|
||||||
- custom-config.js
|
|
||||||
- custom-interface_config.js
|
|
||||||
|
|
||||||
- name: Ensure matrix-jitsi-web.service installed
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ role_path }}/templates/web/matrix-jitsi-web.service.j2"
|
|
||||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-web.service"
|
|
||||||
mode: 0644
|
|
||||||
register: matrix_jitsi_web_systemd_service_result
|
|
@ -1,25 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Check existence of matrix-jitsi-web service
|
|
||||||
ansible.builtin.stat:
|
|
||||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-web.service"
|
|
||||||
register: matrix_jitsi_web_service_stat
|
|
||||||
|
|
||||||
- when: matrix_jitsi_web_service_stat.stat.exists | bool
|
|
||||||
block:
|
|
||||||
- name: Ensure matrix-jitsi-web is stopped
|
|
||||||
ansible.builtin.service:
|
|
||||||
name: matrix-jitsi-web
|
|
||||||
state: stopped
|
|
||||||
enabled: false
|
|
||||||
daemon_reload: true
|
|
||||||
|
|
||||||
- name: Ensure matrix-jitsi-web.service doesn't exist
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-web.service"
|
|
||||||
state: absent
|
|
||||||
|
|
||||||
- name: Ensure Matrix jitsi-web paths doesn't exist
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ matrix_jitsi_web_base_path }}"
|
|
||||||
state: absent
|
|
@ -1,17 +0,0 @@
|
|||||||
---
|
|
||||||
#
|
|
||||||
# Tasks related to configuring Jitsi internal authentication on a running prosody instance.
|
|
||||||
#
|
|
||||||
|
|
||||||
- name: Ensure Jitsi internal authentication users are configured
|
|
||||||
ansible.builtin.shell: "{{ devture_systemd_docker_base_host_command_docker }} exec matrix-jitsi-prosody prosodyctl --config /config/prosody.cfg.lua register {{ item.username | quote }} meet.jitsi {{ item.password | quote }}"
|
|
||||||
with_items: "{{ matrix_jitsi_prosody_auth_internal_accounts }}"
|
|
||||||
when:
|
|
||||||
- matrix_jitsi_prosody_auth_internal_accounts|length > 0
|
|
||||||
register: matrix_jitsi_user_configuration_result
|
|
||||||
changed_when: matrix_jitsi_user_configuration_result.rc == 0
|
|
||||||
no_log: true
|
|
||||||
|
|
||||||
#
|
|
||||||
# Tasks related to clean up after configuring internal authentication.
|
|
||||||
#
|
|
@ -1,20 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Checkout Prosody Auth Matrix User Verification Plugin Repo
|
|
||||||
ansible.builtin.git:
|
|
||||||
repo: "{{ matrix_jitsi_prosody_auth_matrix_user_verification_repo_location }}"
|
|
||||||
dest: "{{ matrix_jitsi_prosody_auth_matrix_user_verification_repo_target }}"
|
|
||||||
version: "{{ matrix_jitsi_prosody_auth_matrix_user_verification_repo_version }}"
|
|
||||||
become: true
|
|
||||||
become_user: "{{ matrix_user_username }}"
|
|
||||||
|
|
||||||
- name: Install Prosody Auth Matrix User Verification Plugin
|
|
||||||
ansible.builtin.copy:
|
|
||||||
remote_src: true
|
|
||||||
src: "{{ matrix_jitsi_prosody_auth_matrix_user_verification_repo_target }}/{{ item.path }}"
|
|
||||||
dest: "{{ matrix_jitsi_prosody_plugins_path }}/{{ item.path }}"
|
|
||||||
mode: 0644
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
with_items: "{{ matrix_jitsi_prosody_auth_matrix_files }}"
|
|
||||||
when: item.when | bool
|
|
@ -1,20 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Remove all files regarding prosody mod auth_matrix_user_verification and .well-known/element/jitsi
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ item }}"
|
|
||||||
state: absent
|
|
||||||
with_flattened:
|
|
||||||
- "{{ matrix_static_files_base_path }}/.well-known/element/jitsi"
|
|
||||||
- "{{ matrix_jitsi_prosody_auth_matrix_user_verification_repo_target }}"
|
|
||||||
- "{{ matrix_jitsi_prosody_auth_matrix_files | map(attribute='path') | map('regex_replace', '^', matrix_jitsi_prosody_plugins_path+'/') | list }}"
|
|
||||||
register: matrix_jitsi_prosody_auth_matrix_user_verification_uninstalled
|
|
||||||
|
|
||||||
- when: matrix_jitsi_prosody_auth_matrix_user_verification_uninstalled.changed
|
|
||||||
block:
|
|
||||||
- name: Populate service facts
|
|
||||||
ansible.builtin.service_facts:
|
|
||||||
|
|
||||||
- name: Ensure prosody is restarted later on if currently running
|
|
||||||
ansible.builtin.set_fact:
|
|
||||||
matrix_jitsi_prosody_require_restart: "{{ true if ansible_facts.services['matrix-jitsi-prosody.service']['state'] == 'running' else false }}"
|
|
@ -1,49 +0,0 @@
|
|||||||
---
|
|
||||||
#####
|
|
||||||
#
|
|
||||||
# This tasks file starts and stops (if state before was stopped) a prosody container during setup to run commands,
|
|
||||||
# that require a running prosody container.
|
|
||||||
# The task is called in ../setup_jitsi_prosody_install.yml.
|
|
||||||
#
|
|
||||||
# Important: The task is called conditionally, as to only start if really needed.
|
|
||||||
# So if you add or change anything - remember to also change the 'when' in: ../setup_jitsi_prosody_install.yml
|
|
||||||
#
|
|
||||||
#####
|
|
||||||
|
|
||||||
#
|
|
||||||
# Start Necessary Services
|
|
||||||
#
|
|
||||||
|
|
||||||
- name: Ensure matrix-jitsi-prosody container is running
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
state: "{{ 'restarted' if matrix_jitsi_prosody_require_restart | default(false) | bool else 'started' }}"
|
|
||||||
name: matrix-jitsi-prosody
|
|
||||||
register: matrix_jitsi_prosody_start_result
|
|
||||||
|
|
||||||
# If the flag was set, we can safely disable now.
|
|
||||||
- name: Disable require restart flag
|
|
||||||
ansible.builtin.set_fact:
|
|
||||||
matrix_jitsi_prosody_require_restart: false
|
|
||||||
|
|
||||||
#
|
|
||||||
# Tasks related to configuring Jitsi internal authentication
|
|
||||||
#
|
|
||||||
|
|
||||||
- name: Ensure internal authentication is properly configured
|
|
||||||
ansible.builtin.include_tasks:
|
|
||||||
file: "{{ role_path }}/tasks/util/prosody_post_setup_hooks/setup_jitsi_auth_internal.yml"
|
|
||||||
when: matrix_jitsi_enable_auth | bool and matrix_jitsi_auth_type == "internal"
|
|
||||||
|
|
||||||
#
|
|
||||||
# Tasks related to ...
|
|
||||||
#
|
|
||||||
|
|
||||||
|
|
||||||
#
|
|
||||||
# Stop Necessary Services
|
|
||||||
#
|
|
||||||
- name: Ensure matrix-jitsi-prosody container is stopped if necessary
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
state: stopped
|
|
||||||
name: matrix-jitsi-prosody
|
|
||||||
when: matrix_jitsi_prosody_start_result.changed | bool
|
|
@ -1,81 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Fail if on an unsupported architecture
|
|
||||||
ansible.builtin.fail:
|
|
||||||
msg: "Jitsi only supports the amd64 architecture right now. See https://github.com/jitsi/docker-jitsi-meet/issues/1069 and https://github.com/jitsi/docker-jitsi-meet/issues/1214"
|
|
||||||
when: matrix_jitsi_enabled | bool and matrix_architecture not in ['amd64', 'arm64']
|
|
||||||
|
|
||||||
- name: Fail if required Jitsi settings not defined
|
|
||||||
ansible.builtin.fail:
|
|
||||||
msg: >-
|
|
||||||
You need to define a required configuration setting (`{{ item }}`) to properly configure Jitsi.
|
|
||||||
|
|
||||||
If you're setting up Jitsi for the first time, you may have missed a step.
|
|
||||||
Refer to our setup instructions (docs/configuring-playbook-jitsi.md).
|
|
||||||
|
|
||||||
If you had previously setup Jitsi successfully and are only now facing this error,
|
|
||||||
it means that your installation is most likely using default passwords previously defined by the playbook.
|
|
||||||
These defaults are insecure. Jitsi should be rebuilt with secure values.
|
|
||||||
Refer to the "Rebuilding your Jitsi installation" section in our setup instructions (docs/configuring-playbook-jitsi.md).
|
|
||||||
when: "vars[item] == ''"
|
|
||||||
with_items:
|
|
||||||
- "matrix_jitsi_jibri_xmpp_password"
|
|
||||||
- "matrix_jitsi_jibri_recorder_password"
|
|
||||||
- "matrix_jitsi_jicofo_auth_password"
|
|
||||||
- "matrix_jitsi_jvb_auth_password"
|
|
||||||
|
|
||||||
|
|
||||||
- name: Fail if authentication is enabled, but not properly configured.
|
|
||||||
ansible.builtin.fail:
|
|
||||||
msg: >-
|
|
||||||
You have enabled authentication, but the configured auth type is missing required configuration.
|
|
||||||
|
|
||||||
Auth type 'internal':
|
|
||||||
At least one Jitsi user needs to be defined in `matrix_jitsi_prosody_auth_internal_accounts` when using internal authentication.
|
|
||||||
If you're setting up Jitsi for the first time, you may have missed a step.
|
|
||||||
Refer to our setup instructions (docs/configuring-playbook-jitsi.md).
|
|
||||||
|
|
||||||
Auth type 'matrix':
|
|
||||||
If you want to enable matrix_user_verification in jitsi,
|
|
||||||
please provide an auth token for the user verification service (uvs) using `matrix_jitsi_prosody_auth_matrix_uvs_auth_token`.
|
|
||||||
If the user-verfication-service is also managed by this playbook the token is derived from `matrix_homeserver_generic_secret_key` in the group vars.
|
|
||||||
when:
|
|
||||||
- matrix_jitsi_enable_auth | bool
|
|
||||||
- ((matrix_jitsi_auth_type == 'internal' and matrix_jitsi_prosody_auth_internal_accounts|length == 0)
|
|
||||||
or (matrix_jitsi_auth_type == 'matrix' and matrix_jitsi_prosody_auth_matrix_uvs_auth_token|length == 0))
|
|
||||||
|
|
||||||
|
|
||||||
- name: (Deprecation) Catch and report renamed settings
|
|
||||||
ansible.builtin.fail:
|
|
||||||
msg: >-
|
|
||||||
Your configuration contains a variable, which now has a different name.
|
|
||||||
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
|
||||||
when: "item.old in vars"
|
|
||||||
with_items:
|
|
||||||
- {'old': 'matrix_jitsi_web_config_constraints_enabled', 'new': '<Now unnecessary. Constraints are always applied automatically>'}
|
|
||||||
- {'old': 'matrix_jitsi_web_config_constraints_video_aspectRatio', 'new': '<Not applicable anymore>'}
|
|
||||||
- {'old': 'matrix_jitsi_web_config_constraints_video_height_ideal', 'new': 'matrix_jitsi_web_config_resolution_height_ideal_and_max'}
|
|
||||||
- {'old': 'matrix_jitsi_web_config_constraints_video_height_max', 'new': 'matrix_jitsi_web_config_resolution_height_ideal_and_max'}
|
|
||||||
- {'old': 'matrix_jitsi_web_config_constraints_video_height_min', 'new': 'matrix_jitsi_web_config_resolution_height_min'}
|
|
||||||
- {'old': 'matrix_jitsi_web_config_disableAudioLevels', 'new': '<Can be set by using matrix_jitsi_web_custom_config_extension. Example in docs/configuring-playbook-jitsi.md>'}
|
|
||||||
- {'old': 'matrix_jitsi_web_config_enableLayerSuspension', 'new': '<Can be set by using matrix_jitsi_web_custom_config_extension. Example in docs/configuring-playbook-jitsi.md>'}
|
|
||||||
- {'old': 'matrix_jitsi_web_config_channelLastN', 'new': '<Can be set by using matrix_jitsi_web_custom_config_extension. Example in docs/configuring-playbook-jitsi.md>'}
|
|
||||||
- {'old': 'matrix_jitsi_web_config_testing_p2pTestMode', 'new': '<Can be set by using matrix_jitsi_web_custom_config_extension>'}
|
|
||||||
- {'old': 'matrix_jitsi_web_config_start_with_audio_muted', 'new': '<Superseded by matrix_jitsi_web_config_start_audio_muted_after_nth_participant>'}
|
|
||||||
- {'old': 'matrix_jitsi_web_config_start_with_video_muted', 'new': '<Superseded by matrix_jitsi_web_config_start_video_muted_after_nth_participant>'}
|
|
||||||
- {'old': 'matrix_jitsi_web_interface_config_show_watermark_for_guests', 'new': '<Not applicable anymore>'}
|
|
||||||
- {'old': 'matrix_jitsi_web_interface_config_invitation_powered_by', 'new': '<Not applicable anymore>'}
|
|
||||||
- {'old': 'matrix_jisti_web_interface_config_show_deep_linking_image', 'new': 'matrix_jitsi_web_interface_config_show_deep_linking_image'}
|
|
||||||
- {'old': 'matrix_jitsi_web_interface_config_lang_detection', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
||||||
- {'old': 'matrix_jitsi_web_interface_config_show_jitsi_watermark', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
||||||
- {'old': 'matrix_jitsi_web_interface_config_jitsi_watermark_link', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
||||||
- {'old': 'matrix_jitsi_web_interface_config_show_brand_watermark', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
||||||
- {'old': 'matrix_jitsi_web_interface_config_brand_watermark_link', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
||||||
- {'old': 'matrix_jitsi_web_interface_config_generate_room_names_on_welcome_page', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
||||||
- {'old': 'matrix_jitsi_web_interface_config_display_welcome_page_content', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
||||||
- {'old': 'matrix_jitsi_web_interface_config_app_name', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
||||||
- {'old': 'matrix_jitsi_web_interface_config_native_app_name', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
||||||
- {'old': 'matrix_jitsi_web_interface_config_provider_name', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
||||||
- {'old': 'matrix_jitsi_web_interface_config_show_powered_by', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
||||||
- {'old': 'matrix_jitsi_web_interface_config_disable_transcription_subtitles', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
||||||
- {'old': 'matrix_jitsi_web_interface_config_show_deep_linking_image', 'new': '<Deprecated, use matrix_jitsi_web_custom_interface_config_extension instead'}
|
|
@ -1,38 +0,0 @@
|
|||||||
AUTH_TYPE={{ matrix_jitsi_auth_type }}
|
|
||||||
BRIDGE_AVG_PARTICIPANT_STRESS
|
|
||||||
BRIDGE_STRESS_THRESHOLD
|
|
||||||
ENABLE_AUTH={{ 1 if matrix_jitsi_enable_auth else 0 }}
|
|
||||||
ENABLE_AUTO_OWNER
|
|
||||||
ENABLE_CODEC_VP8
|
|
||||||
ENABLE_CODEC_VP9
|
|
||||||
ENABLE_CODEC_H264
|
|
||||||
ENABLE_OCTO
|
|
||||||
ENABLE_RECORDING
|
|
||||||
ENABLE_SCTP
|
|
||||||
ENABLE_AUTO_LOGIN
|
|
||||||
JICOFO_AUTH_USER={{ matrix_jitsi_jicofo_auth_user }}
|
|
||||||
JICOFO_AUTH_PASSWORD={{ matrix_jitsi_jicofo_auth_password }}
|
|
||||||
JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS
|
|
||||||
JICOFO_CONF_INITIAL_PARTICIPANT_WAIT_TIMEOUT
|
|
||||||
JICOFO_CONF_SINGLE_PARTICIPANT_TIMEOUT
|
|
||||||
JICOFO_ENABLE_HEALTH_CHECKS
|
|
||||||
JICOFO_SHORT_ID
|
|
||||||
JICOFO_RESERVATION_ENABLED
|
|
||||||
JICOFO_RESERVATION_REST_BASE_URL
|
|
||||||
JIBRI_BREWERY_MUC={{ matrix_jitsi_jibri_brewery_muc }}
|
|
||||||
JIBRI_REQUEST_RETRIES
|
|
||||||
JIBRI_PENDING_TIMEOUT={{ matrix_jitsi_jibri_pending_timeout }}
|
|
||||||
JIGASI_BREWERY_MUC
|
|
||||||
JIGASI_SIP_URI
|
|
||||||
JVB_BREWERY_MUC={{ matrix_jitsi_jvb_brewery_muc }}
|
|
||||||
MAX_BRIDGE_PARTICIPANTS
|
|
||||||
OCTO_BRIDGE_SELECTION_STRATEGY
|
|
||||||
SENTRY_DSN={{ matrix_jitsi_jicofo_sentry_dsn }}
|
|
||||||
SENTRY_ENVIRONMENT
|
|
||||||
SENTRY_RELEASE
|
|
||||||
TZ={{ matrix_jitsi_timezone }}
|
|
||||||
XMPP_DOMAIN={{ matrix_jitsi_xmpp_domain }}
|
|
||||||
XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }}
|
|
||||||
XMPP_INTERNAL_MUC_DOMAIN={{ matrix_jitsi_xmpp_internal_muc_domain }}
|
|
||||||
XMPP_MUC_DOMAIN={{ matrix_jitsi_xmpp_muc_domain }}
|
|
||||||
XMPP_SERVER={{ matrix_jitsi_xmpp_server }}
|
|
@ -1,27 +0,0 @@
|
|||||||
{% raw %}
|
|
||||||
{{ if .Env.SENTRY_DSN | default "0" | toBool }}
|
|
||||||
handlers=java.util.logging.ConsoleHandler,io.sentry.jul.SentryHandler
|
|
||||||
{{ else }}
|
|
||||||
handlers= java.util.logging.ConsoleHandler
|
|
||||||
{{ end }}
|
|
||||||
{% endraw %}
|
|
||||||
|
|
||||||
java.util.logging.ConsoleHandler.level = ALL
|
|
||||||
java.util.logging.ConsoleHandler.formatter = net.java.sip.communicator.util.ScLogFormatter
|
|
||||||
|
|
||||||
net.java.sip.communicator.util.ScLogFormatter.programname=Jicofo
|
|
||||||
|
|
||||||
.level=INFO
|
|
||||||
net.sf.level=SEVERE
|
|
||||||
net.java.sip.communicator.plugin.reconnectplugin.level=FINE
|
|
||||||
org.ice4j.level=SEVERE
|
|
||||||
org.jitsi.impl.neomedia.level=SEVERE
|
|
||||||
io.sentry.jul.SentryHandler.level=WARNING
|
|
||||||
|
|
||||||
# Do not worry about missing strings
|
|
||||||
net.java.sip.communicator.service.resources.AbstractResourcesService.level=SEVERE
|
|
||||||
|
|
||||||
#net.java.sip.communicator.service.protocol.level=ALL
|
|
||||||
|
|
||||||
# Enable debug packets logging
|
|
||||||
#org.jitsi.impl.protocol.xmpp.level=FINE
|
|
@ -1,33 +0,0 @@
|
|||||||
#jinja2: lstrip_blocks: "True"
|
|
||||||
[Unit]
|
|
||||||
Description=Matrix jitsi-jicofo server
|
|
||||||
{% for service in matrix_jitsi_jicofo_systemd_required_services_list %}
|
|
||||||
Requires={{ service }}
|
|
||||||
After={{ service }}
|
|
||||||
{% endfor %}
|
|
||||||
DefaultDependencies=no
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
|
|
||||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true'
|
|
||||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true'
|
|
||||||
|
|
||||||
ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-jicofo \
|
|
||||||
--log-driver=none \
|
|
||||||
--network={{ matrix_docker_network }} \
|
|
||||||
--env-file={{ matrix_jitsi_jicofo_base_path }}/env \
|
|
||||||
--mount type=bind,src={{ matrix_jitsi_jicofo_config_path }},dst=/config \
|
|
||||||
{% for arg in matrix_jitsi_jicofo_container_extra_arguments %}
|
|
||||||
{{ arg }} \
|
|
||||||
{% endfor %}
|
|
||||||
{{ matrix_jitsi_jicofo_docker_image }}
|
|
||||||
|
|
||||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true'
|
|
||||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true'
|
|
||||||
Restart=always
|
|
||||||
RestartSec=30
|
|
||||||
SyslogIdentifier=matrix-jitsi-jicofo
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
@ -1,9 +0,0 @@
|
|||||||
org.jitsi.jicofo.ALWAYS_TRUST_MODE_ENABLED=true
|
|
||||||
org.jitsi.jicofo.BRIDGE_MUC={{ matrix_jitsi_jvb_brewery_muc }}@{{ matrix_jitsi_xmpp_internal_muc_domain }}
|
|
||||||
|
|
||||||
org.jitsi.jicofo.jibri.BREWERY={{ matrix_jitsi_jibri_brewery_muc }}@{{ matrix_jitsi_xmpp_internal_muc_domain }}
|
|
||||||
org.jitsi.jicofo.jibri.PENDING_TIMEOUT=90
|
|
||||||
|
|
||||||
{% if matrix_jitsi_enable_auth %}
|
|
||||||
org.jitsi.jicofo.auth.URL=XMPP:{{ matrix_jitsi_xmpp_domain }}
|
|
||||||
{% endif %}
|
|
@ -1,7 +0,0 @@
|
|||||||
org.jitsi.videobridge.xmpp.user.shard.DISABLE_CERTIFICATE_VERIFICATION=true
|
|
||||||
|
|
||||||
org.jitsi.videobridge.ENABLE_STATISTICS=true
|
|
||||||
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc
|
|
||||||
org.jitsi.videobridge.STATISTICS_INTERVAL=5000
|
|
||||||
|
|
||||||
{{ matrix_jitsi_jvb_custom_config_extension }}
|
|
@ -1,31 +0,0 @@
|
|||||||
DOCKER_HOST_ADDRESS
|
|
||||||
ENABLE_COLIBRI_WEBSOCKET
|
|
||||||
ENABLE_OCTO
|
|
||||||
JVB_AUTH_USER={{ matrix_jitsi_jvb_auth_user }}
|
|
||||||
JVB_AUTH_PASSWORD={{ matrix_jitsi_jvb_auth_password }}
|
|
||||||
JVB_BREWERY_MUC={{ matrix_jitsi_jvb_brewery_muc }}
|
|
||||||
JVB_PORT={{ matrix_jitsi_jvb_rtp_udp_port }}
|
|
||||||
JVB_TCP_HARVESTER_DISABLED=true
|
|
||||||
JVB_TCP_PORT={{ matrix_jitsi_jvb_rtp_tcp_port }}
|
|
||||||
JVB_TCP_MAPPED_PORT={{ matrix_jitsi_jvb_rtp_tcp_port }}
|
|
||||||
{% if matrix_jitsi_jvb_stun_servers|length > 0 %}
|
|
||||||
JVB_STUN_SERVERS={{ matrix_jitsi_jvb_stun_servers|join(',') }}
|
|
||||||
{% endif %}
|
|
||||||
JVB_OCTO_BIND_ADDRESS
|
|
||||||
JVB_OCTO_PUBLIC_ADDRESS
|
|
||||||
JVB_OCTO_BIND_PORT
|
|
||||||
JVB_OCTO_REGION
|
|
||||||
JVB_WS_DOMAIN
|
|
||||||
JVB_WS_SERVER_ID={{ matrix_jitsi_jvb_server_id }}
|
|
||||||
PUBLIC_URL={{ matrix_jitsi_web_public_url }}
|
|
||||||
SENTRY_DSN={{ matrix_jitsi_jvb_sentry_dsn }}
|
|
||||||
SENTRY_ENVIRONMENT
|
|
||||||
SENTRY_RELEASE
|
|
||||||
COLIBRI_REST_ENABLED
|
|
||||||
SHUTDOWN_REST_ENABLED
|
|
||||||
TZ={{ matrix_jitsi_timezone }}
|
|
||||||
XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }}
|
|
||||||
XMPP_INTERNAL_MUC_DOMAIN={{ matrix_jitsi_xmpp_internal_muc_domain }}
|
|
||||||
XMPP_SERVER={{ matrix_jitsi_xmpp_server }}
|
|
||||||
|
|
||||||
{{ matrix_jitsi_jvb_environment_variables_extension }}
|
|
@ -1,20 +0,0 @@
|
|||||||
{% raw %}
|
|
||||||
{{ if .Env.SENTRY_DSN | default "0" | toBool }}
|
|
||||||
handlers=java.util.logging.ConsoleHandler,io.sentry.jul.SentryHandler
|
|
||||||
{{ else }}
|
|
||||||
handlers= java.util.logging.ConsoleHandler
|
|
||||||
{{ end }}
|
|
||||||
{% endraw %}
|
|
||||||
|
|
||||||
java.util.logging.ConsoleHandler.level = ALL
|
|
||||||
java.util.logging.ConsoleHandler.formatter = net.java.sip.communicator.util.ScLogFormatter
|
|
||||||
|
|
||||||
net.java.sip.communicator.util.ScLogFormatter.programname=JVB
|
|
||||||
|
|
||||||
.level=INFO
|
|
||||||
|
|
||||||
org.jitsi.videobridge.xmpp.ComponentImpl.level=FINE
|
|
||||||
io.sentry.jul.SentryHandler.level=WARNING
|
|
||||||
|
|
||||||
# All of the INFO level logs from MediaStreamImpl are unnecessary in the context of jitsi-videobridge.
|
|
||||||
org.jitsi.impl.neomedia.MediaStreamImpl.level=WARNING
|
|
@ -1,43 +0,0 @@
|
|||||||
#jinja2: lstrip_blocks: "True"
|
|
||||||
[Unit]
|
|
||||||
Description=Matrix jitsi-jvb server
|
|
||||||
{% for service in matrix_jitsi_jvb_systemd_required_services_list %}
|
|
||||||
Requires={{ service }}
|
|
||||||
After={{ service }}
|
|
||||||
{% endfor %}
|
|
||||||
DefaultDependencies=no
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
|
|
||||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true'
|
|
||||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true'
|
|
||||||
|
|
||||||
ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-jvb \
|
|
||||||
--log-driver=none \
|
|
||||||
--network={{ matrix_docker_network }} \
|
|
||||||
--network-alias=jvb.meet.jitsi \
|
|
||||||
--env-file={{ matrix_jitsi_jvb_base_path }}/env \
|
|
||||||
{% if matrix_jitsi_jvb_container_rtp_udp_host_bind_port %}
|
|
||||||
-p {{ matrix_jitsi_jvb_container_rtp_udp_host_bind_port }}:{{ matrix_jitsi_jvb_rtp_udp_port }}/udp \
|
|
||||||
{% endif %}
|
|
||||||
{% if matrix_jitsi_jvb_container_rtp_tcp_host_bind_port %}
|
|
||||||
-p {{ matrix_jitsi_jvb_container_rtp_tcp_host_bind_port }}:{{ matrix_jitsi_jvb_rtp_tcp_port }} \
|
|
||||||
{% endif %}
|
|
||||||
{% if matrix_jitsi_jvb_container_colibri_ws_host_bind_port %}
|
|
||||||
-p {{ matrix_jitsi_jvb_container_colibri_ws_host_bind_port }}:9090 \
|
|
||||||
{% endif %}
|
|
||||||
--mount type=bind,src={{ matrix_jitsi_jvb_config_path }},dst=/config \
|
|
||||||
{% for arg in matrix_jitsi_jvb_container_extra_arguments %}
|
|
||||||
{{ arg }} \
|
|
||||||
{% endfor %}
|
|
||||||
{{ matrix_jitsi_jvb_docker_image }}
|
|
||||||
|
|
||||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true'
|
|
||||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true'
|
|
||||||
Restart=always
|
|
||||||
RestartSec=30
|
|
||||||
SyslogIdentifier=matrix-jitsi-jvb
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
@ -1,70 +0,0 @@
|
|||||||
AUTH_TYPE={{ matrix_jitsi_auth_type }}
|
|
||||||
DISABLE_POLLS
|
|
||||||
ENABLE_AUTH={{ 1 if matrix_jitsi_enable_auth else 0 }}
|
|
||||||
ENABLE_AV_MODERATION={{1 if matrix_jitsi_enable_av_moderation else 0}}
|
|
||||||
ENABLE_BREAKOUT_ROOMS={{1 if matrix_jitsi_enable_breakout_rooms else 0}}
|
|
||||||
ENABLE_GUESTS={{ 1 if matrix_jitsi_enable_guests else 0 }}
|
|
||||||
ENABLE_LOBBY={{ 1 if matrix_jitsi_enable_lobby else 0 }}
|
|
||||||
ENABLE_XMPP_WEBSOCKET
|
|
||||||
GLOBAL_CONFIG
|
|
||||||
GLOBAL_MODULES
|
|
||||||
JIBRI_RECORDER_USER={{ matrix_jitsi_jibri_recorder_user }}
|
|
||||||
JIBRI_RECORDER_PASSWORD={{ matrix_jitsi_jibri_recorder_password }}
|
|
||||||
JIBRI_XMPP_USER={{ matrix_jitsi_jibri_xmpp_user }}
|
|
||||||
JIBRI_XMPP_PASSWORD={{ matrix_jitsi_jibri_xmpp_password }}
|
|
||||||
JICOFO_AUTH_USER={{ matrix_jitsi_jicofo_auth_user }}
|
|
||||||
JICOFO_AUTH_PASSWORD={{ matrix_jitsi_jicofo_auth_password }}
|
|
||||||
JICOFO_COMPONENT_SECRET
|
|
||||||
JIGASI_XMPP_USER={{ matrix_jitsi_jigasi_xmpp_user }}
|
|
||||||
JIGASI_XMPP_PASSWORD={{ matrix_jitsi_jigasi_xmpp_password }}
|
|
||||||
JVB_AUTH_USER={{ matrix_jitsi_jvb_auth_user }}
|
|
||||||
JVB_AUTH_PASSWORD={{ matrix_jitsi_jvb_auth_password }}
|
|
||||||
JWT_APP_ID
|
|
||||||
JWT_APP_SECRET
|
|
||||||
JWT_ACCEPTED_ISSUERS
|
|
||||||
JWT_ACCEPTED_AUDIENCES
|
|
||||||
JWT_ASAP_KEYSERVER
|
|
||||||
JWT_ALLOW_EMPTY
|
|
||||||
JWT_AUTH_TYPE
|
|
||||||
JWT_TOKEN_AUTH_MODULE
|
|
||||||
LOG_LEVEL
|
|
||||||
LDAP_AUTH_METHOD={{ matrix_jitsi_ldap_auth_method }}
|
|
||||||
LDAP_BASE={{ matrix_jitsi_ldap_base }}
|
|
||||||
LDAP_BINDDN={{ matrix_jitsi_ldap_binddn }}
|
|
||||||
LDAP_BINDPW={{ matrix_jitsi_ldap_bindpw }}
|
|
||||||
LDAP_FILTER={{ matrix_jitsi_ldap_filter }}
|
|
||||||
LDAP_VERSION={{ matrix_jitsi_ldap_version }}
|
|
||||||
LDAP_TLS_CIPHERS={{ matrix_jitsi_ldap_tls_ciphers }}
|
|
||||||
LDAP_TLS_CHECK_PEER={{ 1 if matrix_jitsi_ldap_tls_check_peer else 0 }}
|
|
||||||
LDAP_TLS_CACERT_FILE={{ matrix_jitsi_ldap_tls_cacert_file }}
|
|
||||||
LDAP_TLS_CACERT_DIR={{ matrix_jitsi_ldap_tls_cacert_dir }}
|
|
||||||
LDAP_START_TLS={{ 1 if matrix_jitsi_ldap_start_tls else 0 }}
|
|
||||||
LDAP_URL={{ matrix_jitsi_ldap_url }}
|
|
||||||
LDAP_USE_TLS={{ 1 if matrix_jitsi_ldap_use_tls else 0 }}
|
|
||||||
MATRIX_UVS_ISSUER={{ matrix_jitsi_prosody_auth_matrix_jwt_app_id }}
|
|
||||||
MATRIX_UVS_URL={{ matrix_jitsi_prosody_auth_matrix_uvs_location }}
|
|
||||||
{% if matrix_jitsi_prosody_auth_matrix_uvs_auth_token is defined %}
|
|
||||||
MATRIX_UVS_AUTH_TOKEN={{ matrix_jitsi_prosody_auth_matrix_uvs_auth_token }}
|
|
||||||
{% endif %}
|
|
||||||
MATRIX_UVS_SYNC_POWER_LEVELS={{ 'true' if matrix_jitsi_prosody_auth_matrix_uvs_sync_power_levels else 'false' }}
|
|
||||||
PUBLIC_URL={{ matrix_jitsi_web_public_url }}
|
|
||||||
TURN_CREDENTIALS={{ matrix_jitsi_turn_credentials }}
|
|
||||||
TURN_HOST={{ matrix_jitsi_turn_host }}
|
|
||||||
TURNS_HOST={{ matrix_jitsi_turns_host }}
|
|
||||||
TURN_PORT={{ matrix_jitsi_turn_port }}
|
|
||||||
TURNS_PORT={{ matrix_jitsi_turns_port }}
|
|
||||||
TURN_TRANSPORT={{ matrix_jitsi_turn_transport }}
|
|
||||||
TZ={{ matrix_jitsi_timezone }}
|
|
||||||
XMPP_DOMAIN={{ matrix_jitsi_xmpp_domain }}
|
|
||||||
XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }}
|
|
||||||
XMPP_GUEST_DOMAIN={{ matrix_jitsi_xmpp_guest_domain }}
|
|
||||||
XMPP_MUC_DOMAIN={{ matrix_jitsi_xmpp_muc_domain }}
|
|
||||||
XMPP_INTERNAL_MUC_DOMAIN={{ matrix_jitsi_xmpp_internal_muc_domain }}
|
|
||||||
XMPP_MODULES={{ matrix_jitsi_xmpp_modules }}
|
|
||||||
XMPP_MUC_MODULES={{ matrix_jitsi_muc_modules | join(',') }}
|
|
||||||
XMPP_INTERNAL_MUC_MODULES=
|
|
||||||
XMPP_RECORDER_DOMAIN={{ matrix_jitsi_recorder_domain }}
|
|
||||||
XMPP_CROSS_DOMAIN=true
|
|
||||||
{% if matrix_prosody_jitsi_max_participants is number %}
|
|
||||||
MAX_PARTICIPANTS={{ matrix_prosody_jitsi_max_participants }}
|
|
||||||
{% endif %}
|
|
@ -1,41 +0,0 @@
|
|||||||
#jinja2: lstrip_blocks: "True"
|
|
||||||
[Unit]
|
|
||||||
Description=Matrix jitsi-prosody server
|
|
||||||
{% for service in matrix_jitsi_prosody_systemd_required_services_list %}
|
|
||||||
Requires={{ service }}
|
|
||||||
After={{ service }}
|
|
||||||
{% endfor %}
|
|
||||||
DefaultDependencies=no
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
|
|
||||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true'
|
|
||||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true'
|
|
||||||
|
|
||||||
ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-prosody \
|
|
||||||
--log-driver=none \
|
|
||||||
--network={{ matrix_docker_network }} \
|
|
||||||
--network-alias={{ matrix_jitsi_xmpp_server }} \
|
|
||||||
{% if matrix_jitsi_prosody_container_http_host_bind_port %}
|
|
||||||
-p {{ matrix_jitsi_prosody_container_http_host_bind_port }}:5280 \
|
|
||||||
{% endif %}
|
|
||||||
{% if matrix_jitsi_prosody_container_jvb_host_bind_port %}
|
|
||||||
-p {{ matrix_jitsi_prosody_container_jvb_host_bind_port }}:5222 \
|
|
||||||
{% endif %}
|
|
||||||
--env-file={{ matrix_jitsi_prosody_base_path }}/env \
|
|
||||||
--mount type=bind,src={{ matrix_jitsi_prosody_config_path }},dst=/config \
|
|
||||||
--mount type=bind,src={{ matrix_jitsi_prosody_plugins_path }},dst=/prosody-plugins-custom \
|
|
||||||
{% for arg in matrix_jitsi_prosody_container_extra_arguments %}
|
|
||||||
{{ arg }} \
|
|
||||||
{% endfor %}
|
|
||||||
{{ matrix_jitsi_prosody_docker_image }}
|
|
||||||
|
|
||||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true'
|
|
||||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true'
|
|
||||||
Restart=always
|
|
||||||
RestartSec=30
|
|
||||||
SyslogIdentifier=matrix-jitsi-prosody
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
@ -1,22 +0,0 @@
|
|||||||
config.defaultLanguage = {{ matrix_jitsi_web_config_defaultLanguage|to_json }};
|
|
||||||
|
|
||||||
|
|
||||||
if (!config.hasOwnProperty('p2p')) config.p2p = {% raw %}{}{% endraw %};
|
|
||||||
|
|
||||||
{% if matrix_jitsi_web_stun_servers|length > 0 %}
|
|
||||||
config.p2p.stunServers = [
|
|
||||||
{% for url in matrix_jitsi_web_stun_servers %}
|
|
||||||
{ urls: {{ url|to_json }} }{% if not loop.last %},{% endif %}
|
|
||||||
{% endfor %}
|
|
||||||
];
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if matrix_jitsi_disable_gravatar %}
|
|
||||||
config.gravatar = {'disabled': true};
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if matrix_jitsi_etherpad_enabled %}
|
|
||||||
config.etherpad_base = {{ (matrix_jitsi_etherpad_base + '/p/') |to_json }}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{{ matrix_jitsi_web_custom_config_extension }}
|
|
@ -1,3 +0,0 @@
|
|||||||
|
|
||||||
{{ matrix_jitsi_web_custom_interface_config_extension }}
|
|
||||||
|
|
@ -1,111 +0,0 @@
|
|||||||
AMPLITUDE_ID
|
|
||||||
ANALYTICS_SCRIPT_URLS
|
|
||||||
ANALYTICS_WHITELISTED_EVENTS
|
|
||||||
CALLSTATS_CUSTOM_SCRIPT_URL
|
|
||||||
CALLSTATS_ID
|
|
||||||
CALLSTATS_SECRET
|
|
||||||
CHROME_EXTENSION_BANNER_JSON
|
|
||||||
CONFCODE_URL
|
|
||||||
CONFIG_EXTERNAL_CONNECT
|
|
||||||
DEFAULT_LANGUAGE
|
|
||||||
DEPLOYMENTINFO_ENVIRONMENT
|
|
||||||
DEPLOYMENTINFO_ENVIRONMENT_TYPE
|
|
||||||
DEPLOYMENTINFO_REGION
|
|
||||||
DEPLOYMENTINFO_SHARD
|
|
||||||
DEPLOYMENTINFO_USERREGION
|
|
||||||
DESKTOP_SHARING_FRAMERATE_MIN
|
|
||||||
DESKTOP_SHARING_FRAMERATE_MAX
|
|
||||||
DIALIN_NUMBERS_URL
|
|
||||||
DIALOUT_AUTH_URL
|
|
||||||
DIALOUT_CODES_URL
|
|
||||||
DISABLE_AUDIO_LEVELS
|
|
||||||
DISABLE_DEEP_LINKING
|
|
||||||
DISABLE_HTTPS=0
|
|
||||||
DISABLE_POLLS
|
|
||||||
DISABLE_REACTIONS
|
|
||||||
DROPBOX_APPKEY
|
|
||||||
DROPBOX_REDIRECT_URI
|
|
||||||
DYNAMIC_BRANDING_URL
|
|
||||||
ENABLE_AUDIO_PROCESSING
|
|
||||||
ENABLE_AUTH={{ 1 if matrix_jitsi_enable_auth else 0 }}
|
|
||||||
ENABLE_BREAKOUT_ROOMS={{1 if matrix_jitsi_enable_breakout_rooms else 0}}
|
|
||||||
ENABLE_CALENDAR
|
|
||||||
ENABLE_COLIBRI_WEBSOCKET
|
|
||||||
ENABLE_FILE_RECORDING_SERVICE
|
|
||||||
ENABLE_FILE_RECORDING_SERVICE_SHARING
|
|
||||||
ENABLE_FLOC=0
|
|
||||||
ENABLE_GUESTS={{ 1 if matrix_jitsi_enable_guests else 0 }}
|
|
||||||
ENABLE_HSTS=0
|
|
||||||
ENABLE_HTTP_REDIRECT=0
|
|
||||||
ENABLE_IPV6
|
|
||||||
ENABLE_LETSENCRYPT=0
|
|
||||||
ENABLE_LIPSYNC
|
|
||||||
ENABLE_NO_AUDIO_DETECTION
|
|
||||||
ENABLE_NOISY_MIC_DETECTION
|
|
||||||
ENABLE_PREJOIN_PAGE
|
|
||||||
ENABLE_P2P={{ 1 if matrix_jitsi_enable_p2p else 0 }}
|
|
||||||
ENABLE_WELCOME_PAGE
|
|
||||||
ENABLE_CLOSE_PAGE
|
|
||||||
ENABLE_RECORDING={{ 1 if matrix_jitsi_enable_recording else 0 }}
|
|
||||||
ENABLE_REMB
|
|
||||||
ENABLE_REQUIRE_DISPLAY_NAME
|
|
||||||
ENABLE_SIMULCAST
|
|
||||||
ENABLE_STATS_ID
|
|
||||||
ENABLE_STEREO
|
|
||||||
ENABLE_SUBDOMAINS
|
|
||||||
ENABLE_TALK_WHILE_MUTED
|
|
||||||
ENABLE_TCC
|
|
||||||
ENABLE_TRANSCRIPTIONS={{ 1 if matrix_jitsi_enable_transcriptions else 0 }}
|
|
||||||
ENABLE_XMPP_WEBSOCKET
|
|
||||||
ENABLE_JAAS_COMPONENTS={{ 1 if matrix_jitsi_enable_jaas_components else false }}
|
|
||||||
ETHERPAD_PUBLIC_URL
|
|
||||||
ETHERPAD_URL_BASE={{ (matrix_jitsi_etherpad_base + '/') if matrix_jitsi_etherpad_enabled else ''}}
|
|
||||||
GOOGLE_ANALYTICS_ID
|
|
||||||
GOOGLE_API_APP_CLIENT_ID
|
|
||||||
INVITE_SERVICE_URL
|
|
||||||
JICOFO_AUTH_USER={{ matrix_jitsi_jicofo_auth_user }}
|
|
||||||
LETSENCRYPT_DOMAIN={{ matrix_server_fqn_jitsi }}
|
|
||||||
LETSENCRYPT_EMAIL={{ matrix_ssl_lets_encrypt_support_email }}
|
|
||||||
LETSENCRYPT_USE_STAGING=0
|
|
||||||
MATOMO_ENDPOINT
|
|
||||||
MATOMO_SITE_ID
|
|
||||||
MICROSOFT_API_APP_CLIENT_ID
|
|
||||||
NGINX_RESOLVER
|
|
||||||
NGINX_WORKER_PROCESSES
|
|
||||||
NGINX_WORKER_CONNECTIONS
|
|
||||||
PEOPLE_SEARCH_URL
|
|
||||||
PUBLIC_URL={{ matrix_jitsi_web_public_url }}
|
|
||||||
RESOLUTION={{ matrix_jitsi_web_config_resolution_height_ideal_and_max }}
|
|
||||||
RESOLUTION_MIN={{ matrix_jitsi_web_config_resolution_height_min }}
|
|
||||||
RESOLUTION_WIDTH={{ matrix_jitsi_web_config_resolution_width_ideal_and_max }}
|
|
||||||
RESOLUTION_WIDTH_MIN={{ matrix_jitsi_web_config_resolution_width_min }}
|
|
||||||
START_AUDIO_MUTED={{ matrix_jitsi_web_config_start_audio_muted_after_nth_participant }}
|
|
||||||
START_AUDIO_ONLY
|
|
||||||
START_BITRATE
|
|
||||||
START_SILENT
|
|
||||||
START_WITH_AUDIO_MUTED
|
|
||||||
START_VIDEO_MUTED={{ matrix_jitsi_web_config_start_video_muted_after_nth_participant }}
|
|
||||||
START_WITH_VIDEO_MUTED
|
|
||||||
TESTING_CAP_SCREENSHARE_BITRATE
|
|
||||||
TESTING_OCTO_PROBABILITY
|
|
||||||
TOKEN_AUTH_URL
|
|
||||||
TZ={{ matrix_jitsi_timezone }}
|
|
||||||
VIDEOQUALITY_BITRATE_H264_LOW
|
|
||||||
VIDEOQUALITY_BITRATE_H264_STANDARD
|
|
||||||
VIDEOQUALITY_BITRATE_H264_HIGH
|
|
||||||
VIDEOQUALITY_BITRATE_VP8_LOW
|
|
||||||
VIDEOQUALITY_BITRATE_VP8_STANDARD
|
|
||||||
VIDEOQUALITY_BITRATE_VP8_HIGH
|
|
||||||
VIDEOQUALITY_BITRATE_VP9_LOW
|
|
||||||
VIDEOQUALITY_BITRATE_VP9_STANDARD
|
|
||||||
VIDEOQUALITY_BITRATE_VP9_HIGH
|
|
||||||
VIDEOQUALITY_ENFORCE_PREFERRED_CODEC
|
|
||||||
VIDEOQUALITY_PREFERRED_CODEC
|
|
||||||
XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }}
|
|
||||||
XMPP_BOSH_URL_BASE={{ matrix_jitsi_xmpp_bosh_url_base }}
|
|
||||||
XMPP_DOMAIN={{ matrix_jitsi_xmpp_domain }}
|
|
||||||
XMPP_GUEST_DOMAIN={{ matrix_jitsi_xmpp_guest_domain }}
|
|
||||||
XMPP_MUC_DOMAIN={{ matrix_jitsi_xmpp_muc_domain }}
|
|
||||||
XMPP_RECORDER_DOMAIN={{ matrix_jitsi_recorder_domain }}
|
|
||||||
|
|
||||||
{{ matrix_jitsi_web_environment_variables_extension }}
|
|
@ -1,39 +0,0 @@
|
|||||||
#jinja2: lstrip_blocks: "True"
|
|
||||||
[Unit]
|
|
||||||
Description=Matrix jitsi-web server
|
|
||||||
{% for service in matrix_jitsi_web_systemd_required_services_list %}
|
|
||||||
Requires={{ service }}
|
|
||||||
After={{ service }}
|
|
||||||
{% endfor %}
|
|
||||||
DefaultDependencies=no
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
|
|
||||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true'
|
|
||||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true'
|
|
||||||
|
|
||||||
ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-web \
|
|
||||||
--log-driver=none \
|
|
||||||
--network={{ matrix_docker_network }} \
|
|
||||||
--network-alias={{ matrix_jitsi_xmpp_domain }} \
|
|
||||||
--env-file={{ matrix_jitsi_web_base_path }}/env \
|
|
||||||
{% if matrix_jitsi_web_container_http_host_bind_port %}
|
|
||||||
-p {{ matrix_jitsi_web_container_http_host_bind_port }}:80 \
|
|
||||||
{% endif %}
|
|
||||||
--mount type=bind,src={{ matrix_jitsi_web_config_path }},dst=/config \
|
|
||||||
--mount type=bind,src={{ matrix_jitsi_web_transcripts_path }},dst=/usr/share/jitsi-meet/transcripts \
|
|
||||||
--mount type=bind,src={{ matrix_jitsi_web_crontabs_path }},dst=/var/spool/cron/crontabs \
|
|
||||||
{% for arg in matrix_jitsi_web_container_extra_arguments %}
|
|
||||||
{{ arg }} \
|
|
||||||
{% endfor %}
|
|
||||||
{{ matrix_jitsi_web_docker_image }}
|
|
||||||
|
|
||||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true'
|
|
||||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true'
|
|
||||||
Restart=always
|
|
||||||
RestartSec=30
|
|
||||||
SyslogIdentifier=matrix-jitsi-web
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
@ -63,11 +63,6 @@ matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_rule: "Host(
|
|||||||
matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_entrypoint: "{{ matrix_federation_traefik_entrypoint }}"
|
matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_entrypoint: "{{ matrix_federation_traefik_entrypoint }}"
|
||||||
matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_entrypoints: "{{ matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_entrypoint }}"
|
matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_entrypoints: "{{ matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_entrypoint }}"
|
||||||
|
|
||||||
matrix_nginx_proxy_container_labels_traefik_proxy_jitsi_enabled: false
|
|
||||||
matrix_nginx_proxy_container_labels_traefik_proxy_jitsi_hostname: "{{ matrix_server_fqn_jitsi }}"
|
|
||||||
matrix_nginx_proxy_container_labels_traefik_proxy_jitsi_tls: "{{ matrix_nginx_proxy_container_labels_traefik_entrypoints != 'web' }}"
|
|
||||||
matrix_nginx_proxy_container_labels_traefik_proxy_jitsi_rule: "Host(`{{ matrix_nginx_proxy_container_labels_traefik_proxy_jitsi_hostname }}`)"
|
|
||||||
|
|
||||||
# matrix_nginx_proxy_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
|
# matrix_nginx_proxy_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
|
||||||
# See `../templates/labels.j2` for details.
|
# See `../templates/labels.j2` for details.
|
||||||
#
|
#
|
||||||
@ -249,8 +244,6 @@ matrix_nginx_proxy_proxy_bot_go_neb_hostname: "{{ matrix_server_fqn_bot_go_neb }
|
|||||||
# Controls whether proxying the jitsi domain should be done.
|
# Controls whether proxying the jitsi domain should be done.
|
||||||
matrix_nginx_proxy_proxy_jitsi_enabled: false
|
matrix_nginx_proxy_proxy_jitsi_enabled: false
|
||||||
matrix_nginx_proxy_proxy_jitsi_hostname: "{{ matrix_server_fqn_jitsi }}"
|
matrix_nginx_proxy_proxy_jitsi_hostname: "{{ matrix_server_fqn_jitsi }}"
|
||||||
matrix_nginx_proxy_proxy_jitsi_manage_wellknown: false
|
|
||||||
matrix_nginx_proxy_proxy_jitsi_well_known_configuration_blocks: []
|
|
||||||
|
|
||||||
# Controls whether proxying the grafana domain should be done.
|
# Controls whether proxying the grafana domain should be done.
|
||||||
matrix_nginx_proxy_proxy_grafana_enabled: false
|
matrix_nginx_proxy_proxy_grafana_enabled: false
|
||||||
|
@ -38,19 +38,6 @@ traefik.http.routers.matrix-nginx-proxy-matrix-federation.tls.certResolver={{ ma
|
|||||||
traefik.http.routers.matrix-nginx-proxy-matrix-federation.entrypoints={{ matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_entrypoints }}
|
traefik.http.routers.matrix-nginx-proxy-matrix-federation.entrypoints={{ matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_entrypoints }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
|
||||||
{% if matrix_nginx_proxy_container_labels_traefik_proxy_jitsi_enabled %}
|
|
||||||
# Jitsi
|
|
||||||
traefik.http.routers.matrix-nginx-proxy-jitsi.rule={{ matrix_nginx_proxy_container_labels_traefik_proxy_jitsi_rule }}
|
|
||||||
traefik.http.routers.matrix-nginx-proxy-jitsi.service=matrix-nginx-proxy-web
|
|
||||||
traefik.http.routers.matrix-nginx-proxy-jitsi.tls={{ matrix_nginx_proxy_container_labels_traefik_proxy_jitsi_tls | to_json }}
|
|
||||||
{% if matrix_nginx_proxy_container_labels_traefik_proxy_jitsi_tls %}
|
|
||||||
traefik.http.routers.matrix-nginx-proxy-jitsi.tls.certResolver={{ matrix_nginx_proxy_container_labels_traefik_tls_certResolver }}
|
|
||||||
{% endif %}
|
|
||||||
traefik.http.routers.matrix-nginx-proxy-jitsi.entrypoints={{ matrix_nginx_proxy_container_labels_traefik_entrypoints }}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
|
|
||||||
traefik.http.services.matrix-nginx-proxy-web.loadbalancer.server.port=8080
|
traefik.http.services.matrix-nginx-proxy-web.loadbalancer.server.port=8080
|
||||||
|
|
||||||
{% if matrix_nginx_proxy_proxy_matrix_federation_api_enabled %}
|
{% if matrix_nginx_proxy_proxy_matrix_federation_api_enabled %}
|
||||||
|
@ -18,15 +18,6 @@
|
|||||||
{{- configuration_block }}
|
{{- configuration_block }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
{% if matrix_nginx_proxy_proxy_jitsi_manage_wellknown %}
|
|
||||||
location /.well-known {
|
|
||||||
root {{ matrix_static_files_base_path }};
|
|
||||||
expires 4h;
|
|
||||||
default_type application/json;
|
|
||||||
add_header Access-Control-Allow-Origin *;
|
|
||||||
}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
{% if matrix_nginx_proxy_enabled %}
|
{% if matrix_nginx_proxy_enabled %}
|
||||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||||
@ -83,7 +74,7 @@
|
|||||||
location = /xmpp-websocket {
|
location = /xmpp-websocket {
|
||||||
{% if matrix_nginx_proxy_enabled %}
|
{% if matrix_nginx_proxy_enabled %}
|
||||||
resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s;
|
resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s;
|
||||||
set $backend {{ matrix_jitsi_xmpp_bosh_url_base }};
|
set $backend {{ jitsi_xmpp_bosh_url_base }};
|
||||||
proxy_pass $backend$request_uri;
|
proxy_pass $backend$request_uri;
|
||||||
{% else %}
|
{% else %}
|
||||||
{# Generic configuration for use outside of our container setup #}
|
{# Generic configuration for use outside of our container setup #}
|
||||||
|
@ -23,3 +23,6 @@ matrix_playbook_migration_matrix_etherpad_migration_validation_enabled: true
|
|||||||
|
|
||||||
# Controls if (`matrix_aux` -> `aux`) validation will run.
|
# Controls if (`matrix_aux` -> `aux`) validation will run.
|
||||||
matrix_playbook_migration_matrix_aux_migration_validation_enabled: true
|
matrix_playbook_migration_matrix_aux_migration_validation_enabled: true
|
||||||
|
|
||||||
|
# Controls if (`matrix_jitsi` -> `jitsi`) validation will run.
|
||||||
|
matrix_playbook_migration_matrix_jitsi_migration_validation_enabled: true
|
||||||
|
@ -56,7 +56,9 @@
|
|||||||
- {'old': 'matrix_prometheus_scraper_hookshot_targets', 'new': '<superseded by matrix_prometheus_services_connect_scraper_hookshot_static_configs_target>'}
|
- {'old': 'matrix_prometheus_scraper_hookshot_targets', 'new': '<superseded by matrix_prometheus_services_connect_scraper_hookshot_static_configs_target>'}
|
||||||
- {'old': 'matrix_prometheus_scraper_nginxlog_enabled', 'new': 'matrix_prometheus_services_connect_scraper_nginxlog_enabled'}
|
- {'old': 'matrix_prometheus_scraper_nginxlog_enabled', 'new': 'matrix_prometheus_services_connect_scraper_nginxlog_enabled'}
|
||||||
- {'old': 'matrix_prometheus_scraper_nginxlog_server_port', 'new': 'matrix_prometheus_services_connect_scraper_nginxlog_static_configs_target'}
|
- {'old': 'matrix_prometheus_scraper_nginxlog_server_port', 'new': 'matrix_prometheus_services_connect_scraper_nginxlog_static_configs_target'}
|
||||||
- {'old': 'XXXXX', 'new': 'XXXXX'}
|
- {'old': 'matrix_prosody_jitsi_max_participants', 'new': 'jitsi_prosody_max_participants'}
|
||||||
|
- {'old': 'jitsi_require_well_known', 'new': 'jitsi_web_well_known_element_jitsi_enabled'}
|
||||||
|
- {'old': 'jitsi_wellknown_element_jitsi_json', 'new': 'jitsi_web_well_known_element_jitsi_json'}
|
||||||
|
|
||||||
- name: (Deprecation) Catch and report matrix_postgres variables
|
- name: (Deprecation) Catch and report matrix_postgres variables
|
||||||
ansible.builtin.fail:
|
ansible.builtin.fail:
|
||||||
@ -191,3 +193,18 @@
|
|||||||
Please change your configuration (vars.yml) to rename all variables (`matrix_aux_` -> `aux_`).
|
Please change your configuration (vars.yml) to rename all variables (`matrix_aux_` -> `aux_`).
|
||||||
We found usage of the following variables: {{ matrix_playbook_migration_aux_migration_vars.keys() | join(', ') }}
|
We found usage of the following variables: {{ matrix_playbook_migration_aux_migration_vars.keys() | join(', ') }}
|
||||||
when: "matrix_playbook_migration_aux_migration_vars | length > 0"
|
when: "matrix_playbook_migration_aux_migration_vars | length > 0"
|
||||||
|
|
||||||
|
- when: matrix_playbook_migration_matrix_jitsi_migration_validation_enabled | bool
|
||||||
|
block:
|
||||||
|
- ansible.builtin.set_fact:
|
||||||
|
matrix_playbook_migration_jitsi_migration_vars: |-
|
||||||
|
{{ vars | dict2items | selectattr('key', 'match', 'matrix_jitsi_.*') | list | items2dict }}
|
||||||
|
|
||||||
|
- name: (Deprecation) Catch and report matrix_jitsi variables
|
||||||
|
ansible.builtin.fail:
|
||||||
|
msg: >-
|
||||||
|
The matrix-jitsi role that used to be part of this playbook has been replaced by https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.
|
||||||
|
The new role is compatible with the old one, but uses different names for its variables.
|
||||||
|
Please change your configuration (vars.yml) to rename all variables (`matrix_jitsi_` -> `jitsi_`).
|
||||||
|
We found usage of the following variables: {{ matrix_playbook_migration_jitsi_migration_vars.keys() | join(', ') }}
|
||||||
|
when: "matrix_playbook_migration_jitsi_migration_vars | length > 0"
|
||||||
|
Loading…
Reference in New Issue
Block a user