mirror/matrix-docker-ansible-deploy
1
0
Fork 0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2025-07-08 09:04:31 +02:00
Code Issues Packages Projects Releases Wiki Activity

Rework LiveKit JWT Service role

Browse Source
This commit is contained in:
Slavi Pantaleev
2024-11-23 16:40:50 +02:00
parent bb925f4782
commit 5642755273
25 changed files with 378 additions and 334 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
docs/configuring-playbook-element-call.md
View File

@ -25,16 +25,13 @@ Ensure that the following DNS names have a public IP/FQDN:
## Adjusting the playbook configuration
NOTE: Element call is dependent on two other services for it to function as intended. In orter to utilise Element Call you need to also enable the [JWT Service](configuring-playbook-jwt-service.md) and [Livekit Server](configuring-playbook-livekit-server.md).
NOTE: Enabling Element Call will automatically enable the [LiveKit JWT Service](configuring-playbook-livekit-jwt-service.md) and Livekit Server services.
Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file:
```yaml
matrix_element_call_enabled: true
# Set a secure key for LiveKit authentication
livekit_server_config_keys_devkey: 'your-secure-livekit-key'
```
## Installing
@ -43,7 +40,7 @@ After configuring the playbook and potentially [adjusting your DNS records](#adj
## Usage
Once installed, Element Call integrates seamlessly with Matrix clients like Element Web. When the Element Call service is installed, the `/.well-known/matrix/client` file is also updated. A new `org.matrix.msc4143.rtc_foci` section is added to point to your JWT service URL (e.g., `https://sfu-jwt.example.com`).
Once installed, Element Call integrates seamlessly with Matrix clients like [Element Web](configuring-playbook-client-element-web.md). When the Element Call service is installed, the `/.well-known/matrix/client` file is also updated. A new `org.matrix.msc4143.rtc_foci` section is added to point to your LiveKit JWT service URL (e.g., `https://matrix.example.com/lk-jwt-service`).
Additionally, the `/.well-known/element/element.json` file is created to help Element clients discover the Element Call URL (e.g., `https://call.example.com`).
@ -53,7 +50,7 @@ To ensure the services function correctly, the following firewall rules and port
LiveKit:
• Forward UDP ports 50100:50200 to the Docker instance running LiveKit.
• Forward UDP ports 50100:50120 to the Docker instance running LiveKit.
• Forward TCP port 7881 to the Docker instance running LiveKit.
Element Call:

21
docs/configuring-playbook-jwt-service.md
View File

@ -1,6 +1,6 @@
# Setting up JWT Service (optional)
The playbook can install and configure [JWT Service](https://github.com/element-hq/lk-jwt-service) for you.
The playbook can install and configure [LiveKit JWT Service](https://github.com/element-hq/lk-jwt-service) for you.
LK-JWT-Service is currently used for a single reason: generate JWT tokens with a given identity for a given room, so that users can use them to authenticate against LiveKit SFU.
@ -8,28 +8,23 @@ See the project's [documentation](https://github.com/element-hq/lk-jwt-service/)
## Decide on a domain and path
By default, JWT Service is configured to be served on the Matrix domain (`sfu-jwt.DOMAIN`, controlled by the `matrix_jwt-service_hostname` variable).
By default, JWT Service is configured to be served:
- on the Matrix domain (`matrix.example.com`), configurable via `matrix_livekit_jwt_service_hostname`
- under a `/lk-jwt-service` path prefix, configurable via `matrix_livekit_jwt_service_path_prefix`
This makes it easy to set it up, **without** having to adjust your DNS records manually.
If you'd like to run JWT Service on another hostname or path, use the `matrix_jwt-service_hostname` variable.
## Adjusting DNS records
If you've changed the default hostname, **you may need to adjust your DNS** records accordingly to point to the correct server.
Ensure that the following DNS names have a public IP/FQDN:
- `sfu-jwt.DOMAIN`
## Adjusting the playbook configuration
Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file:
```yaml
matrix_jwt_service_enabled: true
# Set a secure key for LiveKit authentication
matrix_element_call_livekit_dev_key: 'your-secure-livekit-key'
matrix_livekit_jwt_service_enabled: true
```
## Installing
@ -38,8 +33,8 @@ After configuring the playbook and potentially [adjusting your DNS records](#adj
## Usage
Once installed, a new `org.matrix.msc4143.rtc_foci` section is added to the element web client to point to your JWT service URL (e.g., `https://sfu-jwt.example.com`).
Once installed, a new `org.matrix.msc4143.rtc_foci` section is added to the Element web client to point to your JWT service URL (e.g., `https://matrix.example.com/lk-jwt-service`).
## Additional Information
Refer to the JWT-Service documentation for more details on configuring and using JWT Service.
Refer to the LiveKit JWT-Service documentation for more details on configuring and using JWT Service.

2
docs/configuring-playbook.md
View File

@ -214,7 +214,7 @@ Various services that don't fit any other categories.
- [Setting up the Element Call server](configuring-playbook-element-call.md) (optional)
- [Setting up the JWT Service](configuring-playbook-jwt-service.md) (optional)
- [Setting up the LiveKit JWT Service](configuring-playbook-livekit-jwt-service.md) (optional)
- [Setting up the Livekit server](configuring-playbook-livekit-server.md) (optional)