Du kan inte välja fler än 25 ämnen Ämnen måste starta med en bokstav eller siffra, kan innehålla bindestreck ('-') och vara max 35 tecken långa.

434 lines
13KB

  1. jitsi_meet_config_subdirectories:
  2. - web/crontabs
  3. - web/letsencrypt
  4. - transcripts
  5. - prosody/config
  6. - prosody/prosody-plugins-custom
  7. - jicofo
  8. - jvb
  9. - jigasi
  10. - jibri
  11. jitsi_meet_docker_env:
  12. # Security
  13. #
  14. # Set these to strong passwords to avoid intruders from impersonating a service account
  15. # The service(s) won't start unless these are specified
  16. # Running ./gen-passwords.sh will update .env with strong passwords
  17. # You may skip the Jigasi and Jibri passwords if you are not using those
  18. # DO NOT reuse passwords
  19. #
  20. # XMPP password for Jicofo client connections
  21. JICOFO_AUTH_PASSWORD: "{{jitsi_meet_jicofo_auth_password}}"
  22. # XMPP password for JVB client connections
  23. JVB_AUTH_PASSWORD: "{{jitsi_meet_jvb_auth_password}}"
  24. # XMPP password for Jigasi MUC client connections
  25. JIGASI_XMPP_PASSWORD: "{{jitsi_meet_jvb_auth_password}}"
  26. # XMPP recorder password for Jibri client connections
  27. JIBRI_RECORDER_PASSWORD: "{{jitsi_meet_jvb_auth_password}}"
  28. # XMPP password for Jibri client connections
  29. JIBRI_XMPP_PASSWORD: "{{jitsi_meet_jvb_auth_password}}"
  30. #
  31. # Basic configuration options
  32. #
  33. # Directory where all configuration will be stored
  34. CONFIG: "{{jitsi_meet_config_directory}}"
  35. # Exposed HTTP port
  36. HTTP_PORT: "{{jitsi_meet_http_port}}"
  37. # Exposed HTTPS port
  38. HTTPS_PORT: "{{jitsi_meet_https_port}}"
  39. # System time zone
  40. TZ: "{{jitsi_meet_timezone}}"
  41. # Public URL for the web service (required)
  42. PUBLIC_URL: "{{ jitsi_meet_public_url }}"
  43. # IP address of the Docker host
  44. # See the "Running behind NAT or on a LAN environment" section in the Handbook:
  45. # https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-docker#running-behind-nat-or-on-a-lan-environment
  46. DOCKER_HOST_ADDRESS: "{{ jitsi_meet_docker_host_address }}"
  47. # Control whether the lobby feature should be enabled or not
  48. ENABLE_LOBBY: "{{jitsi_meet_enable_lobby|ternary('1','0')}}"
  49. # Control whether the A/V moderation should be enabled or not
  50. ENABLE_AV_MODERATION: "{{jitsi_meet_enable_av_moderation|ternary('1','0')}}"
  51. # Show a prejoin page before entering a conference
  52. ENABLE_PREJOIN_PAGE: "{{jitsi_meet_enable_prejoin_page|ternary('1','0')}}"
  53. # Enable the welcome page
  54. ENABLE_WELCOME_PAGE: "{{jitsi_meet_enable_welcome_page|ternary('1','0')}}"
  55. # Enable the close page
  56. ENABLE_CLOSE_PAGE: "{{jitsi_meet_enable_close_page|ternary('1','0')}}"
  57. # Disable measuring of audio levels
  58. DISABLE_AUDIO_LEVELS: "{{jitsi_meet_disable_audio_levels|ternary('1','0')}}"
  59. # Enable noisy mic detection
  60. ENABLE_NOISY_MIC_DETECTION: "{{jitsi_meet_enable_noisy_mic_detection|ternary('1','0')}}"
  61. # Enable breakout rooms
  62. ENABLE_BREAKOUT_ROOMS: "{{jitsi_meet_enable_breakout_rooms|ternary('1','0')}}"
  63. #
  64. # Let's Encrypt configuration
  65. #
  66. # Enable Let's Encrypt certificate generation
  67. ENABLE_LETSENCRYPT: "{{jitsi_meet_enable_letsencrypt|ternary('1','0')}}"
  68. # Domain for which to generate the certificate
  69. LETSENCRYPT_DOMAIN: "{{jitsi_meet_letsencrypt_domain}}"
  70. # E-Mail for receiving important account notifications (mandatory)
  71. LETSENCRYPT_EMAIL: "{{jitsi_meet_letsencrypt_email}}"
  72. # Use the staging server (for avoiding rate limits while testing)
  73. LETSENCRYPT_USE_STAGING: "{{jitsi_meet_letsencrypt_use_staging|ternary('1','0')}}"
  74. #
  75. # Etherpad integration (for document sharing)
  76. #
  77. # Set etherpad-lite URL in docker local network (uncomment to enable)
  78. #ETHERPAD_URL_BASE=http://etherpad.meet.jitsi:9001
  79. # Set etherpad-lite public URL, including /p/ pad path fragment (uncomment to enable)
  80. #ETHERPAD_PUBLIC_URL=https://etherpad.my.domain/p/
  81. # Name your etherpad instance!
  82. #ETHERPAD_TITLE=Video Chat
  83. # The default text of a pad
  84. #ETHERPAD_DEFAULT_PAD_TEXT="Welcome to Web Chat!\n\n"
  85. # Name of the skin for etherpad
  86. #ETHERPAD_SKIN_NAME=colibris
  87. # Skin variants for etherpad
  88. #ETHERPAD_SKIN_VARIANTS="super-light-toolbar super-light-editor light-background full-width-editor"
  89. #
  90. # Basic Jigasi configuration options (needed for SIP gateway support)
  91. #
  92. # SIP URI for incoming / outgoing calls
  93. #JIGASI_SIP_URI=test@sip2sip.info
  94. # Password for the specified SIP account as a clear text
  95. #JIGASI_SIP_PASSWORD=passw0rd
  96. # SIP server (use the SIP account domain if in doubt)
  97. #JIGASI_SIP_SERVER=sip2sip.info
  98. # SIP server port
  99. #JIGASI_SIP_PORT=5060
  100. # SIP server transport
  101. #JIGASI_SIP_TRANSPORT=UDP
  102. #
  103. # Authentication configuration (see handbook for details)
  104. #
  105. # Enable authentication
  106. #ENABLE_AUTH=1
  107. # Enable guest access
  108. #ENABLE_GUESTS=1
  109. # Select authentication type: internal, jwt, ldap or matrix
  110. #AUTH_TYPE=internal
  111. # JWT authentication
  112. #
  113. # Application identifier
  114. #JWT_APP_ID=my_jitsi_app_id
  115. # Application secret known only to your token generator
  116. #JWT_APP_SECRET=my_jitsi_app_secret
  117. # (Optional) Set asap_accepted_issuers as a comma separated list
  118. #JWT_ACCEPTED_ISSUERS=my_web_client,my_app_client
  119. # (Optional) Set asap_accepted_audiences as a comma separated list
  120. #JWT_ACCEPTED_AUDIENCES=my_server1,my_server2
  121. # LDAP authentication (for more information see the Cyrus SASL saslauthd.conf man page)
  122. #
  123. # LDAP url for connection
  124. #LDAP_URL=ldaps://ldap.domain.com/
  125. # LDAP base DN. Can be empty
  126. #LDAP_BASE=DC=example,DC=domain,DC=com
  127. # LDAP user DN. Do not specify this parameter for the anonymous bind
  128. #LDAP_BINDDN=CN=binduser,OU=users,DC=example,DC=domain,DC=com
  129. # LDAP user password. Do not specify this parameter for the anonymous bind
  130. #LDAP_BINDPW=LdapUserPassw0rd
  131. # LDAP filter. Tokens example:
  132. # %1-9 - if the input key is user@mail.domain.com, then %1 is com, %2 is domain and %3 is mail
  133. # %s - %s is replaced by the complete service string
  134. # %r - %r is replaced by the complete realm string
  135. #LDAP_FILTER=(sAMAccountName=%u)
  136. # LDAP authentication method
  137. #LDAP_AUTH_METHOD=bind
  138. # LDAP version
  139. #LDAP_VERSION=3
  140. # LDAP TLS using
  141. #LDAP_USE_TLS=1
  142. # List of SSL/TLS ciphers to allow
  143. #LDAP_TLS_CIPHERS=SECURE256:SECURE128:!AES-128-CBC:!ARCFOUR-128:!CAMELLIA-128-CBC:!3DES-CBC:!CAMELLIA-128-CBC
  144. # Require and verify server certificate
  145. #LDAP_TLS_CHECK_PEER=1
  146. # Path to CA cert file. Used when server certificate verify is enabled
  147. #LDAP_TLS_CACERT_FILE=/etc/ssl/certs/ca-certificates.crt
  148. # Path to CA certs directory. Used when server certificate verify is enabled
  149. #LDAP_TLS_CACERT_DIR=/etc/ssl/certs
  150. # Wether to use starttls, implies LDAPv3 and requires ldap:// instead of ldaps://
  151. # LDAP_START_TLS=1
  152. # Matrix authentication (for more information see the documention of the "Prosody Auth Matrix User Verification" at https://github.com/matrix-org/prosody-mod-auth-matrix-user-verification)
  153. #
  154. # Base URL to the matrix user verification service (without ending slash)
  155. #MATRIX_UVS_URL=https://uvs.example.com:3000
  156. # (optional) The issuer of the auth token to be passed through. Must match what is being set as `iss` in the JWT. Defaut value is "issuer".
  157. #MATRIX_UVS_ISSUER=issuer
  158. # (optional) user verification service auth token, if authentication enabled
  159. #MATRIX_UVS_AUTH_TOKEN=changeme
  160. # (optional) Make Matrix room moderators owners of the Prosody room.
  161. #MATRIX_UVS_SYNC_POWER_LEVELS=1
  162. #
  163. # Advanced configuration options (you generally don't need to change these)
  164. #
  165. # Internal XMPP domain
  166. XMPP_DOMAIN: meet.jitsi
  167. # Internal XMPP server
  168. XMPP_SERVER: xmpp.meet.jitsi
  169. # Internal XMPP server URL
  170. XMPP_BOSH_URL_BASE: http://xmpp.meet.jitsi:5280
  171. # Internal XMPP domain for authenticated services
  172. XMPP_AUTH_DOMAIN: auth.meet.jitsi
  173. # XMPP domain for the MUC
  174. XMPP_MUC_DOMAIN: muc.meet.jitsi
  175. # XMPP domain for the internal MUC used for jibri, jigasi and jvb pools
  176. XMPP_INTERNAL_MUC_DOMAIN: internal-muc.meet.jitsi
  177. # XMPP domain for unauthenticated users
  178. XMPP_GUEST_DOMAIN: guest.meet.jitsi
  179. # Custom Prosody modules for XMPP_DOMAIN (comma separated)
  180. XMPP_MODULES: ''
  181. # Custom Prosody modules for MUC component (comma separated)
  182. XMPP_MUC_MODULES: ''
  183. # Custom Prosody modules for internal MUC component (comma separated)
  184. XMPP_INTERNAL_MUC_MODULES: ''
  185. # MUC for the JVB pool
  186. JVB_BREWERY_MUC: jvbbrewery
  187. # XMPP user for JVB client connections
  188. JVB_AUTH_USER: jvb
  189. # STUN servers used to discover the server's public IP
  190. JVB_STUN_SERVERS: meet-jit-si-turnrelay.jitsi.net:443
  191. # Media port for the Jitsi Videobridge
  192. JVB_PORT: 10000
  193. # XMPP user for Jicofo client connections.
  194. # NOTE: this option doesn't currently work due to a bug
  195. JICOFO_AUTH_USER: focus
  196. # Base URL of Jicofo's reservation REST API
  197. #JICOFO_RESERVATION_REST_BASE_URL=http://reservation.example.com
  198. # Enable Jicofo's health check REST API (http://<jicofo_base_url>:8888/about/health)
  199. #JICOFO_ENABLE_HEALTH_CHECKS=true
  200. # XMPP user for Jigasi MUC client connections
  201. JIGASI_XMPP_USER: jigasi
  202. # MUC name for the Jigasi pool
  203. JIGASI_BREWERY_MUC: jigasibrewery
  204. # Minimum port for media used by Jigasi
  205. JIGASI_PORT_MIN: 20000
  206. # Maximum port for media used by Jigasi
  207. JIGASI_PORT_MAX: 20050
  208. # Enable SDES srtp
  209. #JIGASI_ENABLE_SDES_SRTP=1
  210. # Keepalive method
  211. #JIGASI_SIP_KEEP_ALIVE_METHOD=OPTIONS
  212. # Health-check extension
  213. #JIGASI_HEALTH_CHECK_SIP_URI=keepalive
  214. # Health-check interval
  215. #JIGASI_HEALTH_CHECK_INTERVAL=300000
  216. #
  217. # Enable Jigasi transcription
  218. #ENABLE_TRANSCRIPTIONS=1
  219. # Jigasi will record audio when transcriber is on [default: false]
  220. #JIGASI_TRANSCRIBER_RECORD_AUDIO=true
  221. # Jigasi will send transcribed text to the chat when transcriber is on [default: false]
  222. #JIGASI_TRANSCRIBER_SEND_TXT=true
  223. # Jigasi will post an url to the chat with transcription file [default: false]
  224. #JIGASI_TRANSCRIBER_ADVERTISE_URL=true
  225. # Credentials for connect to Cloud Google API from Jigasi
  226. # Please read https://cloud.google.com/text-to-speech/docs/quickstart-protocol
  227. # section "Before you begin" paragraph 1 to 5
  228. # Copy the values from the json to the related env vars
  229. #GC_PROJECT_ID=
  230. #GC_PRIVATE_KEY_ID=
  231. #GC_PRIVATE_KEY=
  232. #GC_CLIENT_EMAIL=
  233. #GC_CLIENT_ID=
  234. #GC_CLIENT_CERT_URL=
  235. # Enable recording
  236. #ENABLE_RECORDING=1
  237. # XMPP domain for the jibri recorder
  238. XMPP_RECORDER_DOMAIN: recorder.meet.jitsi
  239. # XMPP recorder user for Jibri client connections
  240. JIBRI_RECORDER_USER: recorder
  241. # Directory for recordings inside Jibri container
  242. JIBRI_RECORDING_DIR: /config/recordings
  243. # The finalizing script. Will run after recording is complete
  244. #JIBRI_FINALIZE_RECORDING_SCRIPT_PATH=/config/finalize.sh
  245. # XMPP user for Jibri client connections
  246. JIBRI_XMPP_USER: jibri
  247. # MUC name for the Jibri pool
  248. JIBRI_BREWERY_MUC: jibribrewery
  249. # MUC connection timeout
  250. JIBRI_PENDING_TIMEOUT: 90
  251. # When jibri gets a request to start a service for a room, the room
  252. # jid will look like: roomName@optional.prefixes.subdomain.xmpp_domain
  253. # We'll build the url for the call by transforming that into:
  254. # https://xmpp_domain/subdomain/roomName
  255. # So if there are any prefixes in the jid (like jitsi meet, which
  256. # has its participants join a muc at conference.xmpp_domain) then
  257. # list that prefix here so it can be stripped out to generate
  258. # the call url correctly
  259. JIBRI_STRIP_DOMAIN_JID: muc
  260. # Directory for logs inside Jibri container
  261. JIBRI_LOGS_DIR: /config/logs
  262. # Configure an external TURN server
  263. # TURN_CREDENTIALS=secret
  264. # TURN_HOST=turnserver.example.com
  265. # TURN_PORT=443
  266. # TURNS_HOST=turnserver.example.com
  267. # TURNS_PORT=443
  268. # Disable HTTPS: handle TLS connections outside of this setup
  269. #DISABLE_HTTPS=1
  270. # Enable FLoC
  271. # Opt-In to Federated Learning of Cohorts tracking
  272. #ENABLE_FLOC=0
  273. # Redirect HTTP traffic to HTTPS
  274. # Necessary for Let's Encrypt, relies on standard HTTPS port (443)
  275. ENABLE_HTTP_REDIRECT: 1
  276. # Send a `strict-transport-security` header to force browsers to use
  277. # a secure and trusted connection. Recommended for production use.
  278. # Defaults to 1 (send the header).
  279. # ENABLE_HSTS=1
  280. # Enable IPv6
  281. # Provides means to disable IPv6 in environments that don't support it (get with the times, people!)
  282. #ENABLE_IPV6=1
  283. # Container restart policy
  284. # Defaults to unless-stopped
  285. RESTART_POLICY: unless-stopped
  286. # Authenticate using external service or just focus external auth window if there is one already.
  287. # TOKEN_AUTH_URL=https://auth.meet.example.com/{room}
  288. # Sentry Error Tracking
  289. # Sentry Data Source Name (Endpoint for Sentry project)
  290. # Example: https://public:private@host:port/1
  291. #JVB_SENTRY_DSN=
  292. #JICOFO_SENTRY_DSN=
  293. #JIGASI_SENTRY_DSN=
  294. # Optional environment info to filter events
  295. #SENTRY_ENVIRONMENT=production
  296. # Optional release info to filter events
  297. #SENTRY_RELEASE=1.0.0
  298. # Optional properties for shutdown api
  299. #COLIBRI_REST_ENABLED=true
  300. #SHUTDOWN_REST_ENABLED=true
  301. # Configure toolbar buttons. Add the buttons name separated with comma(no spaces between comma)
  302. #TOOLBAR_BUTTONS=
  303. # Hide the buttons at pre-join screen. Add the buttons name separated with comma
  304. #HIDE_PREMEETING_BUTTONS=