ka
/
ansible-role-jitsi-meet
1
0
Форкнуть 0
Код Задачи 0 Pull Request'ы 0 Релизы 0 Вики Активность
Вы не можете выбрать более 25 тем Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.
1 коммит
1 ветка
27KB
Дерево: d0903a7208
Ветки Теги
${ item.name }
Создать ветку ${ searchTerm }
из 'd0903a7208'
${ noResults }
ansible-role-jitsi-meet/vars/main.yaml

434 строки
13KB
Исходник Blame История 

  1. jitsi_meet_config_subdirectories:

  2.   - web/crontabs

  3.   - web/letsencrypt

  4.   - transcripts

  5.   - prosody/config

  6.   - prosody/prosody-plugins-custom

  7.   - jicofo

  8.   - jvb

  9.   - jigasi

  10.   - jibri

  11. 

  12. jitsi_meet_docker_env:

  13. 

  14.   # Security

  15.   #

  16.   # Set these to strong passwords to avoid intruders from impersonating a service account

  17.   # The service(s) won't start unless these are specified

  18.   # Running ./gen-passwords.sh will update .env with strong passwords

  19.   # You may skip the Jigasi and Jibri passwords if you are not using those

  20.   # DO NOT reuse passwords

  21.   #

  22. 

  23.   # XMPP password for Jicofo client connections

  24.   JICOFO_AUTH_PASSWORD: "{{jitsi_meet_jicofo_auth_password}}"

  25. 

  26.   # XMPP password for JVB client connections

  27.   JVB_AUTH_PASSWORD: "{{jitsi_meet_jvb_auth_password}}"

  28. 

  29.   # XMPP password for Jigasi MUC client connections

  30.   JIGASI_XMPP_PASSWORD: "{{jitsi_meet_jvb_auth_password}}"

  31. 

  32.   # XMPP recorder password for Jibri client connections

  33.   JIBRI_RECORDER_PASSWORD: "{{jitsi_meet_jvb_auth_password}}"

  34. 

  35.   # XMPP password for Jibri client connections

  36.   JIBRI_XMPP_PASSWORD: "{{jitsi_meet_jvb_auth_password}}"

  37. 

  38. 

  39.   #

  40.   # Basic configuration options

  41.   #

  42. 

  43.   # Directory where all configuration will be stored

  44.   CONFIG: "{{jitsi_meet_config_directory}}"

  45. 

  46.   # Exposed HTTP port

  47.   HTTP_PORT: "{{jitsi_meet_http_port}}"

  48. 

  49.   # Exposed HTTPS port

  50.   HTTPS_PORT: "{{jitsi_meet_https_port}}"

  51. 

  52.   # System time zone

  53.   TZ: "{{jitsi_meet_timezone}}"

  54. 

  55.   # Public URL for the web service (required)

  56.   PUBLIC_URL: "{{ jitsi_meet_public_url }}"

  57. 

  58.   # IP address of the Docker host

  59.   # See the "Running behind NAT or on a LAN environment" section in the Handbook:

  60.   # https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-docker#running-behind-nat-or-on-a-lan-environment

  61.   DOCKER_HOST_ADDRESS: "{{ jitsi_meet_docker_host_address }}"

  62. 

  63.   # Control whether the lobby feature should be enabled or not

  64.   ENABLE_LOBBY: "{{jitsi_meet_enable_lobby|ternary('1','0')}}"

  65. 

  66.   # Control whether the A/V moderation should be enabled or not

  67.   ENABLE_AV_MODERATION: "{{jitsi_meet_enable_av_moderation|ternary('1','0')}}"

  68. 

  69.   # Show a prejoin page before entering a conference

  70.   ENABLE_PREJOIN_PAGE: "{{jitsi_meet_enable_prejoin_page|ternary('1','0')}}"

  71. 

  72.   # Enable the welcome page

  73.   ENABLE_WELCOME_PAGE: "{{jitsi_meet_enable_welcome_page|ternary('1','0')}}"

  74. 

  75.   # Enable the close page

  76.   ENABLE_CLOSE_PAGE: "{{jitsi_meet_enable_close_page|ternary('1','0')}}"

  77. 

  78.   # Disable measuring of audio levels

  79.   DISABLE_AUDIO_LEVELS: "{{jitsi_meet_disable_audio_levels|ternary('1','0')}}"

  80. 

  81.   # Enable noisy mic detection

  82.   ENABLE_NOISY_MIC_DETECTION: "{{jitsi_meet_enable_noisy_mic_detection|ternary('1','0')}}"

  83. 

  84.   # Enable breakout rooms

  85.   ENABLE_BREAKOUT_ROOMS: "{{jitsi_meet_enable_breakout_rooms|ternary('1','0')}}"

  86. 

  87. 

  88.   #

  89.   # Let's Encrypt configuration

  90.   #

  91. 

  92.   # Enable Let's Encrypt certificate generation

  93.   ENABLE_LETSENCRYPT: "{{jitsi_meet_enable_letsencrypt|ternary('1','0')}}"

  94. 

  95.   # Domain for which to generate the certificate

  96.   LETSENCRYPT_DOMAIN: "{{jitsi_meet_letsencrypt_domain}}"

  97. 

  98.   # E-Mail for receiving important account notifications (mandatory)

  99.   LETSENCRYPT_EMAIL: "{{jitsi_meet_letsencrypt_email}}"

  100. 

  101.   # Use the staging server (for avoiding rate limits while testing)

  102.   LETSENCRYPT_USE_STAGING: "{{jitsi_meet_letsencrypt_use_staging|ternary('1','0')}}"

  103. 

  104. 

  105.   #

  106.   # Etherpad integration (for document sharing)

  107.   #

  108. 

  109.   # Set etherpad-lite URL in docker local network (uncomment to enable)

  110.   #ETHERPAD_URL_BASE=http://etherpad.meet.jitsi:9001

  111. 

  112.   # Set etherpad-lite public URL, including /p/ pad path fragment (uncomment to enable)

  113.   #ETHERPAD_PUBLIC_URL=https://etherpad.my.domain/p/

  114. 

  115.   # Name your etherpad instance!

  116.   #ETHERPAD_TITLE=Video Chat

  117. 

  118.   # The default text of a pad

  119.   #ETHERPAD_DEFAULT_PAD_TEXT="Welcome to Web Chat!\n\n"

  120. 

  121.   # Name of the skin for etherpad

  122.   #ETHERPAD_SKIN_NAME=colibris

  123. 

  124.   # Skin variants for etherpad

  125.   #ETHERPAD_SKIN_VARIANTS="super-light-toolbar super-light-editor light-background full-width-editor"

  126. 

  127. 

  128.   #

  129.   # Basic Jigasi configuration options (needed for SIP gateway support)

  130.   #

  131. 

  132.   # SIP URI for incoming / outgoing calls

  133.   #JIGASI_SIP_URI=test@sip2sip.info

  134. 

  135.   # Password for the specified SIP account as a clear text

  136.   #JIGASI_SIP_PASSWORD=passw0rd

  137. 

  138.   # SIP server (use the SIP account domain if in doubt)

  139.   #JIGASI_SIP_SERVER=sip2sip.info

  140. 

  141.   # SIP server port

  142.   #JIGASI_SIP_PORT=5060

  143. 

  144.   # SIP server transport

  145.   #JIGASI_SIP_TRANSPORT=UDP

  146. 

  147.   #

  148.   # Authentication configuration (see handbook for details)

  149.   #

  150. 

  151.   # Enable authentication

  152.   #ENABLE_AUTH=1

  153. 

  154.   # Enable guest access

  155.   #ENABLE_GUESTS=1

  156. 

  157.   # Select authentication type: internal, jwt, ldap or matrix

  158.   #AUTH_TYPE=internal

  159. 

  160.   # JWT authentication

  161.   #

  162. 

  163.   # Application identifier

  164.   #JWT_APP_ID=my_jitsi_app_id

  165. 

  166.   # Application secret known only to your token generator

  167.   #JWT_APP_SECRET=my_jitsi_app_secret

  168. 

  169.   # (Optional) Set asap_accepted_issuers as a comma separated list

  170.   #JWT_ACCEPTED_ISSUERS=my_web_client,my_app_client

  171. 

  172.   # (Optional) Set asap_accepted_audiences as a comma separated list

  173.   #JWT_ACCEPTED_AUDIENCES=my_server1,my_server2

  174. 

  175. 

  176.   # LDAP authentication (for more information see the Cyrus SASL saslauthd.conf man page)

  177.   #

  178. 

  179.   # LDAP url for connection

  180.   #LDAP_URL=ldaps://ldap.domain.com/

  181. 

  182.   # LDAP base DN. Can be empty

  183.   #LDAP_BASE=DC=example,DC=domain,DC=com

  184. 

  185.   # LDAP user DN. Do not specify this parameter for the anonymous bind

  186.   #LDAP_BINDDN=CN=binduser,OU=users,DC=example,DC=domain,DC=com

  187. 

  188.   # LDAP user password. Do not specify this parameter for the anonymous bind

  189.   #LDAP_BINDPW=LdapUserPassw0rd

  190. 

  191.   # LDAP filter. Tokens example:

  192.   # %1-9 - if the input key is user@mail.domain.com, then %1 is com, %2 is domain and %3 is mail

  193.   # %s - %s is replaced by the complete service string

  194.   # %r - %r is replaced by the complete realm string

  195.   #LDAP_FILTER=(sAMAccountName=%u)

  196. 

  197.   # LDAP authentication method

  198.   #LDAP_AUTH_METHOD=bind

  199. 

  200.   # LDAP version

  201.   #LDAP_VERSION=3

  202. 

  203.   # LDAP TLS using

  204.   #LDAP_USE_TLS=1

  205. 

  206.   # List of SSL/TLS ciphers to allow

  207.   #LDAP_TLS_CIPHERS=SECURE256:SECURE128:!AES-128-CBC:!ARCFOUR-128:!CAMELLIA-128-CBC:!3DES-CBC:!CAMELLIA-128-CBC

  208. 

  209.   # Require and verify server certificate

  210.   #LDAP_TLS_CHECK_PEER=1

  211. 

  212.   # Path to CA cert file. Used when server certificate verify is enabled

  213.   #LDAP_TLS_CACERT_FILE=/etc/ssl/certs/ca-certificates.crt

  214. 

  215.   # Path to CA certs directory. Used when server certificate verify is enabled

  216.   #LDAP_TLS_CACERT_DIR=/etc/ssl/certs

  217. 

  218.   # Wether to use starttls, implies LDAPv3 and requires ldap:// instead of ldaps://

  219.   # LDAP_START_TLS=1

  220. 

  221. 

  222.   # Matrix authentication (for more information see the documention of the "Prosody Auth Matrix User Verification" at https://github.com/matrix-org/prosody-mod-auth-matrix-user-verification)

  223.   #

  224. 

  225.   # Base URL to the matrix user verification service (without ending slash)

  226.   #MATRIX_UVS_URL=https://uvs.example.com:3000

  227. 

  228.   # (optional) The issuer of the auth token to be passed through. Must match what is being set as `iss` in the JWT. Defaut value is "issuer".

  229.   #MATRIX_UVS_ISSUER=issuer

  230. 

  231.   # (optional) user verification service auth token, if authentication enabled

  232.   #MATRIX_UVS_AUTH_TOKEN=changeme

  233. 

  234.   # (optional) Make Matrix room moderators owners of the Prosody room.

  235.   #MATRIX_UVS_SYNC_POWER_LEVELS=1

  236. 

  237. 

  238.   #

  239.   # Advanced configuration options (you generally don't need to change these)

  240.   #

  241. 

  242.   # Internal XMPP domain

  243.   XMPP_DOMAIN: meet.jitsi

  244. 

  245.   # Internal XMPP server

  246.   XMPP_SERVER: xmpp.meet.jitsi

  247. 

  248.   # Internal XMPP server URL

  249.   XMPP_BOSH_URL_BASE: http://xmpp.meet.jitsi:5280

  250. 

  251.   # Internal XMPP domain for authenticated services

  252.   XMPP_AUTH_DOMAIN: auth.meet.jitsi

  253. 

  254.   # XMPP domain for the MUC

  255.   XMPP_MUC_DOMAIN: muc.meet.jitsi

  256. 

  257.   # XMPP domain for the internal MUC used for jibri, jigasi and jvb pools

  258.   XMPP_INTERNAL_MUC_DOMAIN: internal-muc.meet.jitsi

  259. 

  260.   # XMPP domain for unauthenticated users

  261.   XMPP_GUEST_DOMAIN: guest.meet.jitsi

  262. 

  263.   # Custom Prosody modules for XMPP_DOMAIN (comma separated)

  264.   XMPP_MODULES: ''

  265. 

  266.   # Custom Prosody modules for MUC component (comma separated)

  267.   XMPP_MUC_MODULES: ''

  268. 

  269.   # Custom Prosody modules for internal MUC component (comma separated)

  270.   XMPP_INTERNAL_MUC_MODULES: ''

  271. 

  272.   # MUC for the JVB pool

  273.   JVB_BREWERY_MUC: jvbbrewery

  274. 

  275.   # XMPP user for JVB client connections

  276.   JVB_AUTH_USER: jvb

  277. 

  278.   # STUN servers used to discover the server's public IP

  279.   JVB_STUN_SERVERS: meet-jit-si-turnrelay.jitsi.net:443

  280. 

  281.   # Media port for the Jitsi Videobridge

  282.   JVB_PORT: 10000

  283. 

  284.   # XMPP user for Jicofo client connections.

  285.   # NOTE: this option doesn't currently work due to a bug

  286.   JICOFO_AUTH_USER: focus

  287. 

  288.   # Base URL of Jicofo's reservation REST API

  289.   #JICOFO_RESERVATION_REST_BASE_URL=http://reservation.example.com

  290. 

  291.   # Enable Jicofo's health check REST API (http://<jicofo_base_url>:8888/about/health)

  292.   #JICOFO_ENABLE_HEALTH_CHECKS=true

  293. 

  294.   # XMPP user for Jigasi MUC client connections

  295.   JIGASI_XMPP_USER: jigasi

  296. 

  297.   # MUC name for the Jigasi pool

  298.   JIGASI_BREWERY_MUC: jigasibrewery

  299. 

  300.   # Minimum port for media used by Jigasi

  301.   JIGASI_PORT_MIN: 20000

  302. 

  303.   # Maximum port for media used by Jigasi

  304.   JIGASI_PORT_MAX: 20050

  305. 

  306.   # Enable SDES srtp

  307.   #JIGASI_ENABLE_SDES_SRTP=1

  308. 

  309.   # Keepalive method

  310.   #JIGASI_SIP_KEEP_ALIVE_METHOD=OPTIONS

  311. 

  312.   # Health-check extension

  313.   #JIGASI_HEALTH_CHECK_SIP_URI=keepalive

  314. 

  315.   # Health-check interval

  316.   #JIGASI_HEALTH_CHECK_INTERVAL=300000

  317.   #

  318.   # Enable Jigasi transcription

  319.   #ENABLE_TRANSCRIPTIONS=1

  320. 

  321.   # Jigasi will record audio when transcriber is on [default: false]

  322.   #JIGASI_TRANSCRIBER_RECORD_AUDIO=true

  323. 

  324.   # Jigasi will send transcribed text to the chat when transcriber is on [default: false]

  325.   #JIGASI_TRANSCRIBER_SEND_TXT=true

  326. 

  327.   # Jigasi will post an url to the chat with transcription file [default: false]

  328.   #JIGASI_TRANSCRIBER_ADVERTISE_URL=true

  329. 

  330.   # Credentials for connect to Cloud Google API from Jigasi

  331.   # Please read https://cloud.google.com/text-to-speech/docs/quickstart-protocol

  332.   # section "Before you begin" paragraph 1 to 5

  333.   # Copy the values from the json to the related env vars

  334.   #GC_PROJECT_ID=

  335.   #GC_PRIVATE_KEY_ID=

  336.   #GC_PRIVATE_KEY=

  337.   #GC_CLIENT_EMAIL=

  338.   #GC_CLIENT_ID=

  339.   #GC_CLIENT_CERT_URL=

  340. 

  341.   # Enable recording

  342.   #ENABLE_RECORDING=1

  343. 

  344.   # XMPP domain for the jibri recorder

  345.   XMPP_RECORDER_DOMAIN: recorder.meet.jitsi

  346. 

  347.   # XMPP recorder user for Jibri client connections

  348.   JIBRI_RECORDER_USER: recorder

  349. 

  350.   # Directory for recordings inside Jibri container

  351.   JIBRI_RECORDING_DIR: /config/recordings

  352. 

  353.   # The finalizing script. Will run after recording is complete

  354.   #JIBRI_FINALIZE_RECORDING_SCRIPT_PATH=/config/finalize.sh

  355. 

  356.   # XMPP user for Jibri client connections

  357.   JIBRI_XMPP_USER: jibri

  358. 

  359.   # MUC name for the Jibri pool

  360.   JIBRI_BREWERY_MUC: jibribrewery

  361. 

  362.   # MUC connection timeout

  363.   JIBRI_PENDING_TIMEOUT: 90

  364. 

  365.   # When jibri gets a request to start a service for a room, the room

  366.   # jid will look like: roomName@optional.prefixes.subdomain.xmpp_domain

  367.   # We'll build the url for the call by transforming that into:

  368.   # https://xmpp_domain/subdomain/roomName

  369.   # So if there are any prefixes in the jid (like jitsi meet, which

  370.   # has its participants join a muc at conference.xmpp_domain) then

  371.   # list that prefix here so it can be stripped out to generate

  372.   # the call url correctly

  373.   JIBRI_STRIP_DOMAIN_JID: muc

  374. 

  375.   # Directory for logs inside Jibri container

  376.   JIBRI_LOGS_DIR: /config/logs

  377. 

  378.   # Configure an external TURN server

  379.   # TURN_CREDENTIALS=secret

  380.   # TURN_HOST=turnserver.example.com

  381.   # TURN_PORT=443

  382.   # TURNS_HOST=turnserver.example.com

  383.   # TURNS_PORT=443

  384. 

  385.   # Disable HTTPS: handle TLS connections outside of this setup

  386.   #DISABLE_HTTPS=1

  387. 

  388.   # Enable FLoC

  389.   # Opt-In to Federated Learning of Cohorts tracking

  390.   #ENABLE_FLOC=0

  391. 

  392.   # Redirect HTTP traffic to HTTPS

  393.   # Necessary for Let's Encrypt, relies on standard HTTPS port (443)

  394.   ENABLE_HTTP_REDIRECT: 1

  395. 

  396.   # Send a `strict-transport-security` header to force browsers to use

  397.   # a secure and trusted connection. Recommended for production use.

  398.   # Defaults to 1 (send the header).

  399.   # ENABLE_HSTS=1

  400. 

  401.   # Enable IPv6

  402.   # Provides means to disable IPv6 in environments that don't support it (get with the times, people!)

  403.   #ENABLE_IPV6=1

  404. 

  405.   # Container restart policy

  406.   # Defaults to unless-stopped

  407.   RESTART_POLICY: unless-stopped

  408. 

  409.   # Authenticate using external service or just focus external auth window if there is one already.

  410.   # TOKEN_AUTH_URL=https://auth.meet.example.com/{room}

  411. 

  412.   # Sentry Error Tracking

  413.   # Sentry Data Source Name (Endpoint for Sentry project)

  414.   # Example: https://public:private@host:port/1

  415.   #JVB_SENTRY_DSN=

  416.   #JICOFO_SENTRY_DSN=

  417.   #JIGASI_SENTRY_DSN=

  418. 

  419.   # Optional environment info to filter events

  420.   #SENTRY_ENVIRONMENT=production

  421. 

  422.   # Optional release info to filter events

  423.   #SENTRY_RELEASE=1.0.0

  424. 

  425.   # Optional properties for shutdown api

  426.   #COLIBRI_REST_ENABLED=true

  427.   #SHUTDOWN_REST_ENABLED=true

  428. 

  429.   # Configure toolbar buttons. Add the buttons name separated with comma(no spaces between comma)

  430.   #TOOLBAR_BUTTONS=

  431. 

  432.   # Hide the buttons at pre-join screen. Add the buttons name separated with comma

  433.   #HIDE_PREMEETING_BUTTONS=