diff --git a/hosts b/hosts index 4c20271..7365089 100644 --- a/hosts +++ b/hosts @@ -62,4 +62,4 @@ photo_editing video_editing [jitsimeet] -ubuntu-test \ No newline at end of file +ubuntu-test jitsi_fqdn=mewimeet.de \ No newline at end of file diff --git a/roles/jitsimeet/files/jitsi-statistics.sh b/roles/jitsimeet/files/jitsi-statistics.sh new file mode 100755 index 0000000..0bace55 --- /dev/null +++ b/roles/jitsimeet/files/jitsi-statistics.sh @@ -0,0 +1,29 @@ +#!/bin/bash - +#=============================================================================== +# +# FILE: jitsi-statistics.sh +# +# USAGE: ./jitsi-statistics.sh +# +# DESCRIPTION: +# +# OPTIONS: --- +# REQUIREMENTS: --- +# BUGS: --- +# NOTES: --- +# AUTHOR: YOUR NAME (), +# ORGANIZATION: +# CREATED: 02/15/2021 13:14 +# REVISION: --- +#=============================================================================== + +set -o nounset # Treat unset variables as an error + +# cpu +awk '{u=$2+$4; t=$2+$4+$5; if (NR==1){uuu1=u; ttt1=t;} else print ($2+$4-u1) * 100 / (t-t1) ""; }' <(grep 'cpu ' /proc/stat) <(sleep 1;grep 'cpu ' /proc/stat) > /usr/share/jitsi-meet/cpu.txt +#memory +free -m | awk 'NR==2{printf "%s", $3 }' > /usr/share/jitsi-meet/memory.txt +# statistic +rm /usr/share/jitsi-meet/stats.json +curl -s http://127.0.0.1:8080/colibri/stats >> /usr/share/jitsi-meet/stats.json + diff --git a/roles/jitsimeet/files/jitsi_etc/jicofo/config b/roles/jitsimeet/files/jitsi_etc/jicofo/config new file mode 100644 index 0000000..db42ca6 --- /dev/null +++ b/roles/jitsimeet/files/jitsi_etc/jicofo/config @@ -0,0 +1,27 @@ +# Jitsi Conference Focus settings +# sets the host name of the XMPP server +JICOFO_HOST=localhost + +# sets the XMPP domain (default: none) +JICOFO_HOSTNAME=mewimeet.de + +# sets the secret used to authenticate as an XMPP component +JICOFO_SECRET=QX6oyTT2 + +# sets the port to use for the XMPP component connection +JICOFO_PORT=5347 + +# sets the XMPP domain name to use for XMPP user logins +JICOFO_AUTH_DOMAIN=auth.mewimeet.de + +# sets the username to use for XMPP user logins +JICOFO_AUTH_USER=focus + +# sets the password to use for XMPP user logins +JICOFO_AUTH_PASSWORD=skrXCC0Z + +# extra options to pass to the jicofo daemon +JICOFO_OPTS="" + +# adds java system props that are passed to jicofo (default are for home and logging config file) +JAVA_SYS_PROPS="-Dconfig.file=/etc/jitsi/jicofo/jicofo.conf -Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/jitsi -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=jicofo -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/jitsi -Djava.util.logging.config.file=/etc/jitsi/jicofo/logging.properties" diff --git a/roles/jitsimeet/files/jitsi_etc/jicofo/jicofo.conf b/roles/jitsimeet/files/jitsi_etc/jicofo/jicofo.conf new file mode 100644 index 0000000..fd9a5db --- /dev/null +++ b/roles/jitsimeet/files/jitsi_etc/jicofo/jicofo.conf @@ -0,0 +1,10 @@ +# Jicofo HOCON configuration. See /usr/share/jicofo/jicofo.jar/reference.conf for +#available options, syntax, and default values. +jicofo { + xmpp: { + client: { + client-proxy: focus.mewimeet.de + } + trusted-domains: [ "recorder.mewimeet.de" ] + } +} diff --git a/roles/jitsimeet/files/jitsi_etc/jicofo/logging.properties b/roles/jitsimeet/files/jitsi_etc/jicofo/logging.properties new file mode 100644 index 0000000..7181e26 --- /dev/null +++ b/roles/jitsimeet/files/jitsi_etc/jicofo/logging.properties @@ -0,0 +1,38 @@ + +handlers= java.util.logging.ConsoleHandler + +# Handlers with XMPP debug enabled: +#handlers= java.util.logging.ConsoleHandler, org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler + +# Handlers with syslog enabled: +#handlers= java.util.logging.ConsoleHandler, com.agafua.syslog.SyslogHandler +#handlers= java.util.logging.ConsoleHandler, io.sentry.jul.SentryHandler + +java.util.logging.ConsoleHandler.level = ALL +java.util.logging.ConsoleHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter +java.util.logging.ConsoleHandler.filter = org.jitsi.impl.protocol.xmpp.log.ExcludeXmppPackets + +org.jitsi.utils.logging2.JitsiLogFormatter.programname=Jicofo +.level=INFO + +# To enable XMPP packets logging add XmppPacketsFileHandler to the handlers property +org.jitsi.impl.protocol.xmpp.log.PacketDebugger.level=ALL +org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler.pattern=/var/log/jitsi/jicofo-xmpp.log +org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler.append=true +org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler.limit=200000000 +org.jitsi.impl.protocol.xmpp.log.XmppPacketsFileHandler.count=3 + +# Syslog (uncomment handler to use) +com.agafua.syslog.SyslogHandler.transport = udp +com.agafua.syslog.SyslogHandler.facility = local0 +com.agafua.syslog.SyslogHandler.port = 514 +com.agafua.syslog.SyslogHandler.hostname = localhost +com.agafua.syslog.SyslogHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter +com.agafua.syslog.SyslogHandler.escapeNewlines = false +com.agafua.syslog.SyslogHandler.filter = org.jitsi.impl.protocol.xmpp.log.ExcludeXmppPackets + +# Sentry (uncomment handler to use) +io.sentry.jul.SentryHandler.level=WARNING + +# uncomment to see how Jicofo talks to the JVB +#org.jitsi.impl.protocol.xmpp.colibri.level=ALL diff --git a/roles/jitsimeet/files/jitsi_etc/jicofo/sip-communicator.properties b/roles/jitsimeet/files/jitsi_etc/jicofo/sip-communicator.properties new file mode 100644 index 0000000..8d61d15 --- /dev/null +++ b/roles/jitsimeet/files/jitsi_etc/jicofo/sip-communicator.properties @@ -0,0 +1 @@ +org.jitsi.jicofo.BRIDGE_MUC=JvbBrewery@internal.auth.mewimeet.de diff --git a/roles/jitsimeet/files/jitsi_etc/meet/mewimeet.de-config.js b/roles/jitsimeet/files/jitsi_etc/meet/mewimeet.de-config.js new file mode 100644 index 0000000..85a7e17 --- /dev/null +++ b/roles/jitsimeet/files/jitsi_etc/meet/mewimeet.de-config.js @@ -0,0 +1,760 @@ +/* eslint-disable no-unused-vars, no-var */ + +var config = { + // Connection + // + + hosts: { + // XMPP domain. + domain: 'mewimeet.de', + + // When using authentication, domain for guest users. + // anonymousdomain: 'guest.example.com', + + // Domain for authenticated users. Defaults to . + // authdomain: 'mewimeet.de', + + // Focus component domain. Defaults to focus.. + // focus: 'focus.mewimeet.de', + + // XMPP MUC domain. FIXME: use XEP-0030 to discover it. + muc: 'conference.mewimeet.de' + }, + + // BOSH URL. FIXME: use XEP-0156 to discover it. + bosh: '//mewimeet.de/http-bind', + + // Websocket URL + // websocket: 'wss://mewimeet.de/xmpp-websocket', + + // The name of client node advertised in XEP-0115 'c' stanza + clientNode: 'http://jitsi.org/jitsimeet', + + // The real JID of focus participant - can be overridden here + // Do not change username - FIXME: Make focus username configurable + // https://github.com/jitsi/jitsi-meet/issues/7376 + // focusUserJid: 'focus@auth.mewimeet.de', + + + // Testing / experimental features. + // + + testing: { + // Disables the End to End Encryption feature. Useful for debugging + // issues related to insertable streams. + // disableE2EE: false, + + // P2P test mode disables automatic switching to P2P when there are 2 + // participants in the conference. + p2pTestMode: false + + // Enables the test specific features consumed by jitsi-meet-torture + // testMode: false + + // Disables the auto-play behavior of *all* newly created video element. + // This is useful when the client runs on a host with limited resources. + // noAutoPlayVideo: false + + // Enable / disable 500 Kbps bitrate cap on desktop tracks. When enabled, + // simulcast is turned off for the desktop share. If presenter is turned + // on while screensharing is in progress, the max bitrate is automatically + // adjusted to 2.5 Mbps. This takes a value between 0 and 1 which determines + // the probability for this to be enabled. + // capScreenshareBitrate: 1 // 0 to disable + + // Enable callstats only for a percentage of users. + // This takes a value between 0 and 100 which determines the probability for + // the callstats to be enabled. + // callStatsThreshold: 5 // enable callstats for 5% of the users. + }, + + // Disables ICE/UDP by filtering out local and remote UDP candidates in + // signalling. + // webrtcIceUdpDisable: false, + + // Disables ICE/TCP by filtering out local and remote TCP candidates in + // signalling. + // webrtcIceTcpDisable: false, + + + // Media + // + + // Audio + + // Disable measuring of audio levels. + // disableAudioLevels: false, + // audioLevelsInterval: 200, + + // Enabling this will run the lib-jitsi-meet no audio detection module which + // will notify the user if the current selected microphone has no audio + // input and will suggest another valid device if one is present. + enableNoAudioDetection: true, + + // Enabling this will show a "Save Logs" link in the GSM popover that can be + // used to collect debug information (XMPP IQs, SDP offer/answer cycles) + // about the call. + // enableSaveLogs: false, + + // Enabling this will run the lib-jitsi-meet noise detection module which will + // notify the user if there is noise, other than voice, coming from the current + // selected microphone. The purpose it to let the user know that the input could + // be potentially unpleasant for other meeting participants. + enableNoisyMicDetection: true, + + // Start the conference in audio only mode (no video is being received nor + // sent). + // startAudioOnly: false, + + // Every participant after the Nth will start audio muted. + // startAudioMuted: 10, + + // Start calls with audio muted. Unlike the option above, this one is only + // applied locally. FIXME: having these 2 options is confusing. + startWithAudioMuted: true, + + // Enabling it (with #params) will disable local audio output of remote + // participants and to enable it back a reload is needed. + // startSilent: false + + // Sets the preferred target bitrate for the Opus audio codec by setting its + // 'maxaveragebitrate' parameter. Currently not available in p2p mode. + // Valid values are in the range 6000 to 510000 + // opusMaxAverageBitrate: 20000, + + // Enables support for opus-red (redundancy for Opus). + // enableOpusRed: false + + // Video + + // Sets the preferred resolution (height) for local video. Defaults to 720. + resolution: 720, + // resolution: 480, + + // How many participants while in the tile view mode, before the receiving video quality is reduced from HD to SD. + // Use -1 to disable. + // maxFullResolutionParticipants: 2, + + // w3c spec-compliant video constraints to use for video capture. Currently + // used by browsers that return true from lib-jitsi-meet's + // util#browser#usesNewGumFlow. The constraints are independent from + // this config's resolution value. Defaults to requesting an ideal + // resolution of 720p. + constraints: { + video: { + height: { + ideal: 720, + max: 720, + min: 240 + } + } + }, + // constraints: { + // video: { + // aspectRatio: 16 / 9, + // height: { + // ideal: 480, + // max: 480, + // min: 240 + // } + // } + // }, + + // Enable / disable simulcast support. + // disableSimulcast: false, + + // Enable / disable layer suspension. If enabled, endpoints whose HD + // layers are not in use will be suspended (no longer sent) until they + // are requested again. + // enableLayerSuspension: false, + + // Every participant after the Nth will start video muted. + // startVideoMuted: 10, + + // Start calls with video muted. Unlike the option above, this one is only + // applied locally. FIXME: having these 2 options is confusing. + startWithVideoMuted: true, + + // If set to true, prefer to use the H.264 video codec (if supported). + // Note that it's not recommended to do this because simulcast is not + // supported when using H.264. For 1-to-1 calls this setting is enabled by + // default and can be toggled in the p2p section. + // This option has been deprecated, use preferredCodec under videoQuality section instead. + // preferH264: true, + + // If set to true, disable H.264 video codec by stripping it out of the + // SDP. + // disableH264: false, + + // Desktop sharing + + // Optional desktop sharing frame rate options. Default value: min:5, max:5. + // desktopSharingFrameRate: { + // min: 5, + // max: 5 + // }, + + // Try to start calls with screen-sharing instead of camera video. + // startScreenSharing: false, + + // Recording + + // Whether to enable file recording or not. + // fileRecordingsEnabled: false, + // Enable the dropbox integration. + // dropbox: { + // appKey: '' // Specify your app key here. + // // A URL to redirect the user to, after authenticating + // // by default uses: + // // 'https://mewimeet.de/static/oauth.html' + // redirectURI: + // 'https://mewimeet.de/subfolder/static/oauth.html' + // }, + // When integrations like dropbox are enabled only that will be shown, + // by enabling fileRecordingsServiceEnabled, we show both the integrations + // and the generic recording service (its configuration and storage type + // depends on jibri configuration) + // fileRecordingsServiceEnabled: false, + // Whether to show the possibility to share file recording with other people + // (e.g. meeting participants), based on the actual implementation + // on the backend. + // fileRecordingsServiceSharingEnabled: false, + + // Whether to enable live streaming or not. + // liveStreamingEnabled: false, + + // Transcription (in interface_config, + // subtitles and buttons can be configured) + // transcribingEnabled: false, + + // Enables automatic turning on captions when recording is started + // autoCaptionOnRecord: false, + + // Misc + + // Default value for the channel "last N" attribute. -1 for unlimited. + channelLastN: -1, + + // Provides a way to use different "last N" values based on the number of participants in the conference. + // The keys in an Object represent number of participants and the values are "last N" to be used when number of + // participants gets to or above the number. + // + // For the given example mapping, "last N" will be set to 20 as long as there are at least 5, but less than + // 29 participants in the call and it will be lowered to 15 when the 30th participant joins. The 'channelLastN' + // will be used as default until the first threshold is reached. + // + // lastNLimits: { + // 5: 20, + // 30: 15, + // 50: 10, + // 70: 5, + // 90: 2 + // }, + + // Specify the settings for video quality optimizations on the client. + // videoQuality: { + // // Provides a way to prevent a video codec from being negotiated on the JVB connection. The codec specified + // // here will be removed from the list of codecs present in the SDP answer generated by the client. If the + // // same codec is specified for both the disabled and preferred option, the disable settings will prevail. + // // Note that 'VP8' cannot be disabled since it's a mandatory codec, the setting will be ignored in this case. + // disabledCodec: 'H264', + // + // // Provides a way to set a preferred video codec for the JVB connection. If 'H264' is specified here, + // // simulcast will be automatically disabled since JVB doesn't support H264 simulcast yet. This will only + // // rearrange the the preference order of the codecs in the SDP answer generated by the browser only if the + // // preferred codec specified here is present. Please ensure that the JVB offers the specified codec for this + // // to take effect. + // preferredCodec: 'VP8', + // + // // Provides a way to configure the maximum bitrates that will be enforced on the simulcast streams for + // // video tracks. The keys in the object represent the type of the stream (LD, SD or HD) and the values + // // are the max.bitrates to be set on that particular type of stream. The actual send may vary based on + // // the available bandwidth calculated by the browser, but it will be capped by the values specified here. + // // This is currently not implemented on app based clients on mobile. + // maxBitratesVideo: { + // low: 200000, + // standard: 500000, + // high: 1500000 + // }, + // + // // The options can be used to override default thresholds of video thumbnail heights corresponding to + // // the video quality levels used in the application. At the time of this writing the allowed levels are: + // // 'low' - for the low quality level (180p at the time of this writing) + // // 'standard' - for the medium quality level (360p) + // // 'high' - for the high quality level (720p) + // // The keys should be positive numbers which represent the minimal thumbnail height for the quality level. + // // + // // With the default config value below the application will use 'low' quality until the thumbnails are + // // at least 360 pixels tall. If the thumbnail height reaches 720 pixels then the application will switch to + // // the high quality. + // minHeightForQualityLvl: { + // 360: 'standard', + // 720: 'high' + // }, + // + // // Provides a way to resize the desktop track to 720p (if it is greater than 720p) before creating a canvas + // // for the presenter mode (camera picture-in-picture mode with screenshare). + // resizeDesktopForPresenter: false + // }, + + // // Options for the recording limit notification. + // recordingLimit: { + // + // // The recording limit in minutes. Note: This number appears in the notification text + // // but doesn't enforce the actual recording time limit. This should be configured in + // // jibri! + // limit: 60, + // + // // The name of the app with unlimited recordings. + // appName: 'Unlimited recordings APP', + // + // // The URL of the app with unlimited recordings. + // appURL: 'https://unlimited.recordings.app.com/' + // }, + + // Disables or enables RTX (RFC 4588) (defaults to false). + // disableRtx: false, + + // Disables or enables TCC support in this client (default: enabled). + // enableTcc: true, + + // Disables or enables REMB support in this client (default: enabled). + // enableRemb: true, + + // Enables ICE restart logic in LJM and displays the page reload overlay on + // ICE failure. Current disabled by default because it's causing issues with + // signaling when Octo is enabled. Also when we do an "ICE restart"(which is + // not a real ICE restart), the client maintains the TCC sequence number + // counter, but the bridge resets it. The bridge sends media packets with + // TCC sequence numbers starting from 0. + // enableIceRestart: false, + + // Use TURN/UDP servers for the jitsi-videobridge connection (by default + // we filter out TURN/UDP because it is usually not needed since the + // bridge itself is reachable via UDP) + // useTurnUdp: false + + // UI + // + + // Hides lobby button + // hideLobbyButton: false, + + // Require users to always specify a display name. + requireDisplayName: true, + + // Whether to use a welcome page or not. In case it's false a random room + // will be joined when no room is specified. + enableWelcomePage: true, + + // Enabling the close page will ignore the welcome page redirection when + // a call is hangup. + // enableClosePage: false, + enableClosePage: true, + + // Disable hiding of remote thumbnails when in a 1-on-1 conference call. + // disable1On1Mode: false, + + // Default language for the user interface. + // defaultLanguage: 'en', + + // Disables profile and the edit of all fields from the profile settings (display name and email) + // disableProfile: false, + + // Whether or not some features are checked based on token. + // enableFeaturesBasedOnToken: false, + + // When enabled the password used for locking a room is restricted to up to the number of digits specified + // roomPasswordNumberOfDigits: 10, + // default: roomPasswordNumberOfDigits: false, + + // Message to show the users. Example: 'The service will be down for + // maintenance at 01:00 AM GMT, + // noticeMessage: '', + + // Enables calendar integration, depends on googleApiApplicationClientID + // and microsoftApiApplicationClientID + // enableCalendarIntegration: false, + + // When 'true', it shows an intermediate page before joining, where the user can configure their devices. + prejoinPageEnabled: true, + + // If etherpad integration is enabled, setting this to true will + // automatically open the etherpad when a participant joins. This + // does not affect the mobile app since opening an etherpad + // obscures the conference controls -- it's better to let users + // choose to open the pad on their own in that case. + // openSharedDocumentOnJoin: false, + + // If true, shows the unsafe room name warning label when a room name is + // deemed unsafe (due to the simplicity in the name) and a password is not + // set or the lobby is not enabled. + enableInsecureRoomNameWarning: true, + + // Whether to automatically copy invitation URL after creating a room. + // Document should be focused for this option to work + // enableAutomaticUrlCopy: false, + + // Base URL for a Gravatar-compatible service. Defaults to libravatar. + // gravatarBaseURL: 'https://seccdn.libravatar.org/avatar/'; + + // Stats + // + + // Whether to enable stats collection or not in the TraceablePeerConnection. + // This can be useful for debugging purposes (post-processing/analysis of + // the webrtc stats) as it is done in the jitsi-meet-torture bandwidth + // estimation tests. + // gatherStats: false, + + // The interval at which PeerConnection.getStats() is called. Defaults to 10000 + // pcStatsInterval: 10000, + + // To enable sending statistics to callstats.io you must provide the + // Application ID and Secret. + // callStatsID: '', + // callStatsSecret: '', + + // Enables sending participants' display names to callstats + // enableDisplayNameInStats: false, + + // Enables sending participants' emails (if available) to callstats and other analytics + // enableEmailInStats: false, + + // Privacy + // + + // If third party requests are disabled, no other server will be contacted. + // This means avatars will be locally generated and callstats integration + // will not function. + disableThirdPartyRequests: true, + + + // Peer-To-Peer mode: used (if enabled) when there are just 2 participants. + // + + p2p: { + // Enables peer to peer mode. When enabled the system will try to + // establish a direct connection when there are exactly 2 participants + // in the room. If that succeeds the conference will stop sending data + // through the JVB and use the peer to peer connection instead. When a + // 3rd participant joins the conference will be moved back to the JVB + // connection. + enabled: false, + + // The STUN servers that will be used in the peer to peer connections + stunServers: [ + + { urls: 'stun:mewimeet.de:3478' }, + //{ urls: 'stun:meet-jit-si-turnrelay.jitsi.net:443' } + ] + + // Sets the ICE transport policy for the p2p connection. At the time + // of this writing the list of possible values are 'all' and 'relay', + // but that is subject to change in the future. The enum is defined in + // the WebRTC standard: + // https://www.w3.org/TR/webrtc/#rtcicetransportpolicy-enum. + // If not set, the effective value is 'all'. + // iceTransportPolicy: 'all', + + // If set to true, it will prefer to use H.264 for P2P calls (if H.264 + // is supported). This setting is deprecated, use preferredCodec instead. + // preferH264: true + + // Provides a way to set the video codec preference on the p2p connection. Acceptable + // codec values are 'VP8', 'VP9' and 'H264'. + // preferredCodec: 'H264', + + // If set to true, disable H.264 video codec by stripping it out of the + // SDP. This setting is deprecated, use disabledCodec instead. + // disableH264: false, + + // Provides a way to prevent a video codec from being negotiated on the p2p connection. + // disabledCodec: '', + + // How long we're going to wait, before going back to P2P after the 3rd + // participant has left the conference (to filter out page reload). + // backToP2PDelay: 5 + }, + + analytics: { + // The Google Analytics Tracking ID: + // googleAnalyticsTrackingId: 'your-tracking-id-UA-123456-1' + + // Matomo configuration: + // matomoEndpoint: 'https://your-matomo-endpoint/', + // matomoSiteID: '42', + + // The Amplitude APP Key: + // amplitudeAPPKey: '' + + // Configuration for the rtcstats server: + // By enabling rtcstats server every time a conference is joined the rtcstats + // module connects to the provided rtcstatsEndpoint and sends statistics regarding + // PeerConnection states along with getStats metrics polled at the specified + // interval. + // rtcstatsEnabled: true, + + // In order to enable rtcstats one needs to provide a endpoint url. + // rtcstatsEndpoint: wss://rtcstats-server-pilot.jitsi.net/, + + // The interval at which rtcstats will poll getStats, defaults to 1000ms. + // If the value is set to 0 getStats won't be polled and the rtcstats client + // will only send data related to RTCPeerConnection events. + // rtcstatsPolIInterval: 1000 + + // Array of script URLs to load as lib-jitsi-meet "analytics handlers". + // scriptURLs: [ + // "libs/analytics-ga.min.js", // google-analytics + // "https://example.com/my-custom-analytics.js" + // ], + }, + + // Logs that should go be passed through the 'log' event if a handler is defined for it + // apiLogLevels: ['warn', 'log', 'error', 'info', 'debug'], + + // Information about the jitsi-meet instance we are connecting to, including + // the user region as seen by the server. + deploymentInfo: { + shard: "server1", + region: "europe", + userRegion: "europe" + }, + + // Decides whether the start/stop recording audio notifications should play on record. + // disableRecordAudioNotification: false, + + // Information for the chrome extension banner + // chromeExtensionBanner: { + // // The chrome extension to be installed address + // url: 'https://chrome.google.com/webstore/detail/jitsi-meetings/kglhbbefdnlheedjiejgomgmfplipfeb', + + // // Extensions info which allows checking if they are installed or not + // chromeExtensionsInfo: [ + // { + // id: 'kglhbbefdnlheedjiejgomgmfplipfeb', + // path: 'jitsi-logo-48x48.png' + // } + // ] + // }, + + // Local Recording + // + + localRecording: { + // Enables local recording. + // Additionally, 'localrecording' (all lowercase) needs to be added to + // TOOLBAR_BUTTONS in interface_config.js for the Local Recording + // button to show up on the toolbar. + // + enabled: true, + // + + // The recording format, can be one of 'ogg', 'flac' or 'wav'. + // format: 'flac' + // + + }, + + // Options related to end-to-end (participant to participant) ping. + // e2eping: { + // // The interval in milliseconds at which pings will be sent. + // // Defaults to 10000, set to <= 0 to disable. + // pingInterval: 10000, + // + // // The interval in milliseconds at which analytics events + // // with the measured RTT will be sent. Defaults to 60000, set + // // to <= 0 to disable. + // analyticsInterval: 60000, + // }, + + // If set, will attempt to use the provided video input device label when + // triggering a screenshare, instead of proceeding through the normal flow + // for obtaining a desktop stream. + // NOTE: This option is experimental and is currently intended for internal + // use only. + // _desktopSharingSourceDevice: 'sample-id-or-label', + + // If true, any checks to handoff to another application will be prevented + // and instead the app will continue to display in the current browser. + // disableDeepLinking: false, + + // A property to disable the right click context menu for localVideo + // the menu has option to flip the locally seen video for local presentations + // disableLocalVideoFlip: false, + + // Mainly privacy related settings + + // Disables all invite functions from the app (share, invite, dial out...etc) + // disableInviteFunctions: true, + + // Disables storing the room name to the recents list + doNotStoreRoom: true, + + // Deployment specific URLs. + // deploymentUrls: { + // // If specified a 'Help' button will be displayed in the overflow menu with a link to the specified URL for + // // user documentation. + // userDocumentationURL: 'https://docs.example.com/video-meetings.html', + // // If specified a 'Download our apps' button will be displayed in the overflow menu with a link + // // to the specified URL for an app download page. + // downloadAppsUrl: 'https://docs.example.com/our-apps.html' + // }, + + // Options related to the remote participant menu. + // remoteVideoMenu: { + // // If set to true the 'Kick out' button will be disabled. + // disableKick: true + // }, + + // Moved from interfaceConfig(TOOLBAR_BUTTONS). + // The name of the toolbar buttons to display in the toolbar, including the + // "More actions" menu. If present, the button will display. Exceptions are + // "livestreaming" and "recording" which also require being a moderator and + // some other values in config.js to be enabled. Also, the "profile" button will + // not display for users with a JWT. + // Notes: + // - it's impossible to choose which buttons go in the "More actions" menu + // - it's impossible to control the placement of buttons + // - 'desktop' controls the "Share your screen" button + // - if `toolbarButtons` is undefined, we fallback to enabling all buttons on the UI + toolbarButtons: [ + 'camera', + 'chat', + 'closedcaptions', + 'desktop', + 'download', + 'embedmeeting', + 'etherpad', + 'feedback', + 'filmstrip', + 'fullscreen', + 'hangup', + 'help', + 'invite', + // 'livestreaming', + 'localrecording', + 'microphone', + 'mute-everyone', + 'mute-video-everyone', + 'participants-pane', + 'profile', + 'raisehand', + // 'recording', + 'security', + 'select-background', + 'settings', + 'shareaudio', + 'sharedvideo', + 'shortcuts', + 'stats', + 'tileview', + 'toggle-camera', + 'videoquality', + '__end' + ], + // If set to true all muting operations of remote participants will be disabled. + // disableRemoteMute: true, + + // Enables support for lip-sync for this client (if the browser supports it). + // enableLipSync: false + + /** + External API url used to receive branding specific information. + If there is no url set or there are missing fields, the defaults are applied. + None of the fields are mandatory and the response must have the shape: + { + // The hex value for the colour used as background + backgroundColor: '#fff', + // The url for the image used as background + backgroundImageUrl: 'https://example.com/background-img.png', + // The anchor url used when clicking the logo image + logoClickUrl: 'https://example-company.org', + // The url used for the image used as logo + logoImageUrl: 'https://example.com/logo-img.png' + } + */ + // dynamicBrandingUrl: '', + + // The URL of the moderated rooms microservice, if available. If it + // is present, a link to the service will be rendered on the welcome page, + // otherwise the app doesn't render it. + // moderatedRoomServiceUrl: 'https://moderated.mewimeet.de', + + // If true, tile view will not be enabled automatically when the participants count threshold is reached. + // disableTileView: true, + + // Hides the conference subject + // hideConferenceSubject: true + + // Hides the conference timer. + // hideConferenceTimer: true, + + // Hides the participants stats + // hideParticipantsStats: true + + // Sets the conference subject + // subject: 'Conference Subject', + + // List of undocumented settings used in jitsi-meet + /** + _immediateReloadThreshold + debug + debugAudioLevels + deploymentInfo + dialInConfCodeUrl + dialInNumbersUrl + dialOutAuthUrl + dialOutCodesUrl + disableRemoteControl + displayJids + etherpad_base + externalConnectUrl + firefox_fake_device + googleApiApplicationClientID + iAmRecorder + iAmSipGateway + microsoftApiApplicationClientID + peopleSearchQueryTypes + peopleSearchUrl + requireDisplayName + tokenAuthUrl + */ + + /** + * This property can be used to alter the generated meeting invite links (in combination with a branding domain + * which is retrieved internally by jitsi meet) (e.g. https://meet.jit.si/someMeeting + * can become https://brandedDomain/roomAlias) + */ + // brandingRoomAlias: null, + + // List of undocumented settings used in lib-jitsi-meet + /** + _peerConnStatusOutOfLastNTimeout + _peerConnStatusRtcMuteTimeout + abTesting + avgRtpStatsN + callStatsConfIDNamespace + callStatsCustomScriptUrl + desktopSharingSources + disableAEC + disableAGC + disableAP + disableHPF + disableNS + enableTalkWhileMuted + forceJVB121Ratio + forceTurnRelay + hiddenDomain + ignoreStartMuted + */ + + + // Allow all above example options to include a trailing comma and + // prevent fear when commenting out the last value. + makeJsonParserHappy: 'even if last key had a trailing comma' + + // no configuration value should follow this line. +}; + +/* eslint-enable no-unused-vars, no-var */ diff --git a/roles/jitsimeet/files/jitsi_etc/meet/mewimeet.de.crt b/roles/jitsimeet/files/jitsi_etc/meet/mewimeet.de.crt new file mode 100644 index 0000000..ada0291 --- /dev/null +++ b/roles/jitsimeet/files/jitsi_etc/meet/mewimeet.de.crt @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFazCCA1OgAwIBAgIULq/oDtzgQH7vA6vxmixotrA9EIYwDQYJKoZIhvcNAQEL +BQAwXDELMAkGA1UECgwCZGUxETAPBgNVBAsMCG1ld2ltZWV0MRQwEgYDVQQDDAtt +ZXdpbWVldC5kZTEkMCIGCSqGSIb3DQEJARYVd2VibWFzdGVyQG1ld2ltZWV0LmRl +MB4XDTIxMDEyOTExMjczMFoXDTMxMDEyNzExMjczMFowXDELMAkGA1UECgwCZGUx +ETAPBgNVBAsMCG1ld2ltZWV0MRQwEgYDVQQDDAttZXdpbWVldC5kZTEkMCIGCSqG +SIb3DQEJARYVd2VibWFzdGVyQG1ld2ltZWV0LmRlMIICIjANBgkqhkiG9w0BAQEF +AAOCAg8AMIICCgKCAgEA3Ow9xCEwyrTnoIsC2pQALrb4KKx6G/owbCLW1WVV8ggw +wcF6Udxwy2L3mvAoJKn+uXiS+4i8ksTH3tlrhq1/zgSZ8R62JUG8H7V3bN5PkFds +l36UyIFBwkFBqcnSwu5iZyb4QeoTtecKVqtMqkyDsWkn+xxCJa1qZ2cK7sEm8mQ1 +qBMTBfBicGg7+Z4dsYOQ6aTJEzZ+xTawBSPH8vMH9MHUOTKD7n+3xUyoXNX0hGN5 +1gpsUbQidUuHSnoW2q1qQ0EPR4Fmhx+OxgxH3u7M3/ZiwmwV1vu0eOpcCprexJ4p +w8oT1pnLcrvYE8GVpjK7wIRsEZ1MRB/ET9mwyjhzY8HmUA+BbEfNwAmgBFwungpO +Qzt/3QVkd17czC5ngwpRCk9CJK+h6+gmhFcKwf4xNLXUgoXBs+TlQxeb+0YH9fgD +KZyvQYEDnIGwhcImOpAAail1bCoh4rvLJE1WTtozZZQtoiegC/ZAPa6PrnitN21I +JryVKO6dzXA3yZniyH/ESn6+blCAbRWJX/wjaCN9k7QW3IBLc3rkB/21OLRGFIDG +VSWgg/y5Iw8OvDRoSXWYhkVeQPZncGBk5AbLwFT4VlhP+7vTXjbPvfJ9F9FeL9lx +EV90wOEjB2cjQBzXON9yEDlgQdyzu7bS97ZSSqOVOL5JqL3Yf3N5NJ5T7T5kk+cC +AwEAAaMlMCMwIQYDVR0RBBowGIIJbG9jYWxob3N0ggttZXdpbWVldC5kZTANBgkq +hkiG9w0BAQsFAAOCAgEAMKSmUqdJ0gsBQtaweLQ9OdSSF4Wm24rw9jg6p4+0k1ly +SxE4gh7IqSv/szjeBKylLIBz+wVCADrFTUpDV2ro3cfoRNwTfbayxk85KtK31Byi +3ydOxVHnYq1dHQQGMl8q3XMtKgGFzWkpNgkzMfoxTmvJsu+x3PAqUh/OEqC/BwH1 +P/bGNfh/1Ur+OcfixswOwY82p7Mb92mNALVvgPlQpZqLAtbAcfwd4b8DVZPmF379 +09zLtrh0/GMUp9dnHv9PWnUxBap2Q8+qBsojUbxXrsmlyJJANfPuWlC/ipDl3Hds +rwGbK2MkaGLnyz5U8sYNxm+0FBygLD7Q1iBOiQhtYTqpQ2pxC3wgfTr1KMnhbzP1 +zU66l87Ckd/rU4i/dgFFQofqYmPQrZt4CCOtCSY8SQCUREXg7G7pvfyfRXosnox2 +fsbjIrQzgeRrsje9bMUujRUgh7pb4g6K+RhdYNsFVgQZbc5HCmya7EKB+nnLtLYg +z2HZ1OdfOQ1hnuZ1zvRXg+YSUPTh2eNC6yuMDLe9BOcwpuhW59CWAU3/atQO1lEf +sSUE2qNZ0sI9Ce6Enow3+0RkAlCIwjqpZxvZjE2q3O4s2WwKro1A2L9MxzTfupy8 +tDS5m5E190718Q/AWvHBtJdEIOcNmv4YNVk78OTXxzbD9R2Kd9IN0ob7QMI89oM= +-----END CERTIFICATE----- diff --git a/roles/jitsimeet/files/jitsi_etc/meet/mewimeet.de.key b/roles/jitsimeet/files/jitsi_etc/meet/mewimeet.de.key new file mode 100644 index 0000000..3663764 --- /dev/null +++ b/roles/jitsimeet/files/jitsi_etc/meet/mewimeet.de.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDc7D3EITDKtOeg +iwLalAAutvgorHob+jBsItbVZVXyCDDBwXpR3HDLYvea8Cgkqf65eJL7iLySxMfe +2WuGrX/OBJnxHrYlQbwftXds3k+QV2yXfpTIgUHCQUGpydLC7mJnJvhB6hO15wpW +q0yqTIOxaSf7HEIlrWpnZwruwSbyZDWoExMF8GJwaDv5nh2xg5DppMkTNn7FNrAF +I8fy8wf0wdQ5MoPuf7fFTKhc1fSEY3nWCmxRtCJ1S4dKehbarWpDQQ9HgWaHH47G +DEfe7szf9mLCbBXW+7R46lwKmt7EninDyhPWmctyu9gTwZWmMrvAhGwRnUxEH8RP +2bDKOHNjweZQD4FsR83ACaAEXC6eCk5DO3/dBWR3XtzMLmeDClEKT0Ikr6Hr6CaE +VwrB/jE0tdSChcGz5OVDF5v7Rgf1+AMpnK9BgQOcgbCFwiY6kABqKXVsKiHiu8sk +TVZO2jNllC2iJ6AL9kA9ro+ueK03bUgmvJUo7p3NcDfJmeLIf8RKfr5uUIBtFYlf +/CNoI32TtBbcgEtzeuQH/bU4tEYUgMZVJaCD/LkjDw68NGhJdZiGRV5A9mdwYGTk +BsvAVPhWWE/7u9NeNs+98n0X0V4v2XERX3TA4SMHZyNAHNc433IQOWBB3LO7ttL3 +tlJKo5U4vkmovdh/c3k0nlPtPmST5wIDAQABAoICAC5S4wizJPX8RO1m+Kw4iGlD +OHne4KPpLCogjAem/gSILyERnsJ3hLdBA0ZbwS8e7iiZ3cgcfd4QoRBbaq6MxtW+ +JUFn/S2GwRmtBWOwoeJUUpLZmf0JDW7cHBasGSOCtOOISloX6RYlYgeWV7cF4D9d +G2MOI9ieqkcQVjyGB9KfrJiXl0+RfjKvyJOo0fUc70/um7MJpD9aHkKVpCGPUEXE +Nunfa8agxTn7vvnoayMvcKau/NONAAS0V6QIQa6M2lFL3RZTTdpbhaaFgLSAQjlc +Ao1d+J5hnRAVpEMdAkUcHQnO36YKDZz7Qm2yE90Lmk7d9YMkBo/qUVGlBesBN0B5 +9jdxHqkTRzuSELh4psS/c82wAelSb9JG5P1d4QfBtE06tcEki7jh6JkI6xURaciJ +ocBwk6fswZNiiEbpQxbVCPZIPX7mqALxGYQR+HKCgeQyiP1/yYjXpKLA77SndDHS +BHDHTe2AbGsHiWEttX+jeVSqJVG156gTtwNQ2JK754Rv01s48cMfILBE4xTWUTeU +diFteUrJsefZ80/3B+i1esorRT2y8hxUMgVKqDWdHg/Gk0WFviipaemwZJvFCCl7 +iFNvpsB7y7+PheAGzp7PxtL4emmIVIen99mKJBqfd0Kwit9dIHZlqpGpuwm70xKO +2QCgrn+rxMrh8id0LB3xAoIBAQDuSXz3YFSCbs8Ev6S133utl317HeatdSBEu165 +4KImSUWKITNDmqbUeaSwktC5wPb6tI8A8oUsk26ShLMBqLUFCOp3M2eYiyJZPpOg +7irJA0gqD2M6ipJdGDYb/MkKlOArsHu6elwv+0br1Y8tum2Ey4Hr7WH8QwCVC2Z8 +tVp9F2E2aAeG09i1Sdi2k5Vv22mJSYcKkY/ucLJ8px7ip0Qv26H61YCuhwjEbR/r +hka/K7/I8v9v8jfmboXvRKuhbbmx1TmlU5nb5ojHV5HynbcrMTJx1zeVgC0ZLXL5 +BxBDvH+tuNllzAErRr8n7yI8MVq2rpE+70WQQ0zIebO9CVSLAoIBAQDtWFFy2cb/ +JwBYXcYyCnqVyHLkpGfmRs8PQ8/WZXb9XV7Go0/Kf6lFRoIatiBaLmg3TOudLJ3H +ToL1w/vSeWg3f7e6chF+h2zWDx2elSkYUM0dqtAHRJbgoKEdJbRTH9HupnRWcaQI +GxiXgAYMfcX6WkoQcQKvkBRdtIvNaPnUu0lYlftBZzQyRng6NdARTJW8tcBl1z5K +dB/3jR12to1M3XFLN+/3DX3W3TIWLxeqBiZp4dizD8vzou0erPghkNMNgGdA0hrS +IeOfz+AFmZTEDV9LjezMP+7TDhpNLRprwqOpnhhlnuXpO9Sf4rO7nZKofoZOmofT +jbXu3tsWW/2VAoIBAQCIjsj1I9mKnmI5gHKuYBMK2sRoqCwov/TsLs0MjTWf52HY +1UoBtkFhhwzgvGKt8W4ZIxzJGDNF5n/5q97CVqLW7dMg2O7HtwTKTFhiY9tVM3JJ +2GOvivZyL4vi4i18yPDnWM6vgawPO1vbj5nsROi6r74XLQV4ghV1VQE4+t2OzrVB +bsDRfdq1mkp953o+jmme6epgHid0KFXBpizHC8DCBIaBr5V9b5mQqFEgsuUcbcAN +M2U8DH4IqtJK2vnZG37N8TqGCrEkGqvMQd08QzJTqHAWWZZbMQenZCp9mJSznPU2 +47aC5jTNTlACXMMr58Tq6IQIoyskj80THtvou84dAoIBAC/CygEWmdjWfFdL54pC +WZCymYwxGUdZkGk9+CDooh0yINRQIMpbDjEGkz/UzoXXONmH/RHP3KAyyF+0ZIRi +MfqZFNvMAIE5t0kMGaXD1lUyTVRe/yW3Q7VIHaPD5pmjmZcwn9CVZbDL4xL5jD4P +QTuz15ufYi76C18f6dIYAc4xMf1FkR4EKpjDXYY5NfmFM8yZtnHH8p0A6T3jg75T +1fNVzGqagwtwB5apRF76cwSf4DMGY5kE4MHSU20M2ZHHlvDsmdqNbSBD+Y47QpVd +5nXdSwPlN3WSl/iYqepF3T86F70WN0qbwyBADfVupURn3Q9TBqvipNqJdcbvyZ6i +PFECggEAM1AXeyBWYncInCKBNZ0RL1ebsJzfXr46QWfGGB8Wvsvkiwgd4uGNbOyz +fIXzoKnCsBX616rYXYQzD5i6xYTK65AYMB78ob2B+DMxK5w7fuEAkeFzWzifcxeM +A1j7ShH2KBfIuSmn/x6IUI7ttEPTtqF0i8KE5OAdyXHdKKhEu2ZGuaAwDMFiJFj2 +jVBrLjdxhlCWf6Ni9GdzcBQXv0E1nXD2da/cntBjHTeOBedoAiDvCfDj++HIR2N9 +b2FmnzU5Sg8hxXrWSvusYQG5hrbh4fhEzrz4mT3qpjqdZGAvvqKJbXuTM1GrZBnR +keSc8QTQKH4jLs9k3REYPFRyHRRPAg== +-----END PRIVATE KEY----- diff --git a/roles/jitsimeet/files/jitsi_etc/videobridge/callstats-java-sdk.properties b/roles/jitsimeet/files/jitsi_etc/videobridge/callstats-java-sdk.properties new file mode 100644 index 0000000..8fe294e --- /dev/null +++ b/roles/jitsimeet/files/jitsi_etc/videobridge/callstats-java-sdk.properties @@ -0,0 +1,5 @@ +CallStats.BaseURL = https://collector.callstats.io:443 +CallStats.AuthTimeOut = 5000 +CallStats.ConnectionTimeOut = 30000 +CallStats.SOTimeOut = 30000 +CallStats.keepAliveInterval = 1000 diff --git a/roles/jitsimeet/files/jitsi_etc/videobridge/config b/roles/jitsimeet/files/jitsi_etc/videobridge/config new file mode 100644 index 0000000..f069398 --- /dev/null +++ b/roles/jitsimeet/files/jitsi_etc/videobridge/config @@ -0,0 +1,20 @@ +# Jitsi Videobridge settings + +# sets the XMPP domain (default: none) +JVB_HOSTNAME=mewimeet.de + +# sets the hostname of the XMPP server (default: domain if set, localhost otherwise) +JVB_HOST= + +# sets the port of the XMPP server (default: 5275) +JVB_PORT=5347 + +# sets the shared secret used to authenticate to the XMPP server +JVB_SECRET=40asD7gu + +# extra options to pass to the JVB daemon +JVB_OPTS="--apis=rest," + + +# adds java system props that are passed to jvb (default are for home and logging config file) +JAVA_SYS_PROPS="-Dconfig.file=/etc/jitsi/videobridge/jvb.conf -Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/jitsi -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=videobridge -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/jitsi -Djava.util.logging.config.file=/etc/jitsi/videobridge/logging.properties" diff --git a/roles/jitsimeet/files/jitsi_etc/videobridge/jvb.conf b/roles/jitsimeet/files/jitsi_etc/videobridge/jvb.conf new file mode 100644 index 0000000..54cc683 --- /dev/null +++ b/roles/jitsimeet/files/jitsi_etc/videobridge/jvb.conf @@ -0,0 +1,12 @@ +videobridge { + http-servers { + public { + port = 9090 + } + } + websockets { + enabled = true + domain = "mewimeet.de:443" + tls = true + } +} diff --git a/roles/jitsimeet/files/jitsi_etc/videobridge/log4j2.xml b/roles/jitsimeet/files/jitsi_etc/videobridge/log4j2.xml new file mode 100644 index 0000000..a9bcaef --- /dev/null +++ b/roles/jitsimeet/files/jitsi_etc/videobridge/log4j2.xml @@ -0,0 +1,33 @@ + + + + /var/log/jitsi + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/roles/jitsimeet/files/jitsi_etc/videobridge/logging.properties b/roles/jitsimeet/files/jitsi_etc/videobridge/logging.properties new file mode 100644 index 0000000..3c364a4 --- /dev/null +++ b/roles/jitsimeet/files/jitsi_etc/videobridge/logging.properties @@ -0,0 +1,34 @@ +handlers= java.util.logging.ConsoleHandler +#handlers= java.util.logging.ConsoleHandler, com.agafua.syslog.SyslogHandler +#handlers= java.util.logging.ConsoleHandler, io.sentry.jul.SentryHandler + +java.util.logging.ConsoleHandler.level = ALL +java.util.logging.ConsoleHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter + +org.jitsi.utils.logging2.JitsiLogFormatter.programname=JVB +.level=INFO + +# Syslog (uncomment handler to use) +com.agafua.syslog.SyslogHandler.transport = udp +com.agafua.syslog.SyslogHandler.facility = local0 +com.agafua.syslog.SyslogHandler.port = 514 +com.agafua.syslog.SyslogHandler.hostname = localhost +com.agafua.syslog.SyslogHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter +com.agafua.syslog.SyslogHandler.escapeNewlines = false + +# Sentry (uncomment handler to use) +io.sentry.jul.SentryHandler.level=WARNING + +# time series logging +java.util.logging.SimpleFormatter.format= %5$s%n +java.util.logging.FileHandler.level = ALL +java.util.logging.FileHandler.formatter = java.util.logging.SimpleFormatter +java.util.logging.FileHandler.pattern = /tmp/jvb-series.log +java.util.logging.FileHandler.limit = 200000000 +java.util.logging.FileHandler.count = 1 +java.util.logging.FileHandler.append = false + +timeseries.level=OFF +timeseries.useParentHandlers = false +# time series logging is disabled by default. Uncomment the line below to enable it. +#timeseries.handlers = java.util.logging.FileHandler diff --git a/roles/jitsimeet/files/jitsi_etc/videobridge/logging.properties.dpkg-old b/roles/jitsimeet/files/jitsi_etc/videobridge/logging.properties.dpkg-old new file mode 100644 index 0000000..8e9af29 --- /dev/null +++ b/roles/jitsimeet/files/jitsi_etc/videobridge/logging.properties.dpkg-old @@ -0,0 +1,44 @@ +handlers= java.util.logging.ConsoleHandler +#handlers= java.util.logging.ConsoleHandler, com.agafua.syslog.SyslogHandler +#handlers= java.util.logging.ConsoleHandler, io.sentry.jul.SentryHandler + +java.util.logging.ConsoleHandler.level = ALL +java.util.logging.ConsoleHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter + +net.java.sip.communicator.util.ScLogFormatter.programname=JVB + +.level=WARNING + +org.jitsi.videobridge.xmpp.ComponentImpl.level=FINE + +# All of the INFO level logs from MediaStreamImpl are unnecessary in the context of jitsi-videobridge. +org.jitsi.impl.neomedia.MediaStreamImpl.level=WARNING + +# Syslog (uncomment handler to use) +com.agafua.syslog.SyslogHandler.transport = udp +com.agafua.syslog.SyslogHandler.facility = local0 +com.agafua.syslog.SyslogHandler.port = 514 +com.agafua.syslog.SyslogHandler.hostname = localhost +com.agafua.syslog.SyslogHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter +com.agafua.syslog.SyslogHandler.escapeNewlines = false + +# Sentry (uncomment handler to use) +io.sentry.jul.SentryHandler.level=WARNING + +# to disable double timestamps in syslog uncomment next line +#net.java.sip.communicator.util.ScLogFormatter.disableTimestamp=true + +# time series logging +java.util.logging.SimpleFormatter.format= %5$s%n +java.util.logging.FileHandler.level = ALL +java.util.logging.FileHandler.formatter = java.util.logging.SimpleFormatter +java.util.logging.FileHandler.pattern = /tmp/jvb-series.log +java.util.logging.FileHandler.limit = 200000000 +java.util.logging.FileHandler.count = 1 +java.util.logging.FileHandler.append = false + +timeseries.level=OFF +timeseries.org.jitsi.videobridge.cc.allocation.BitrateAllocator.level=ALL +timeseries.useParentHandlers = false +# time series logging is disabled by default. Uncomment the line below to enable it. +#timeseries.handlers = java.util.logging.FileHandler diff --git a/roles/jitsimeet/files/jitsi_etc/videobridge/sip-communicator.properties b/roles/jitsimeet/files/jitsi_etc/videobridge/sip-communicator.properties new file mode 100644 index 0000000..c23465c --- /dev/null +++ b/roles/jitsimeet/files/jitsi_etc/videobridge/sip-communicator.properties @@ -0,0 +1,10 @@ +org.ice4j.ice.harvest.DISABLE_AWS_HARVESTER=true +org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES=meet-jit-si-turnrelay.jitsi.net:443 +org.jitsi.videobridge.ENABLE_STATISTICS=true +org.jitsi.videobridge.STATISTICS_TRANSPORT=muc,colibri +org.jitsi.videobridge.xmpp.user.shard.HOSTNAME=localhost +org.jitsi.videobridge.xmpp.user.shard.DOMAIN=auth.mewimeet.de +org.jitsi.videobridge.xmpp.user.shard.USERNAME=jvb +org.jitsi.videobridge.xmpp.user.shard.PASSWORD=40asD7gu +org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS=JvbBrewery@internal.auth.mewimeet.de +org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME=27bc8fdd-a3ea-4eef-ab78-eea0cf703453 diff --git a/roles/jitsimeet/files/plugin.head.html b/roles/jitsimeet/files/plugin.head.html new file mode 100644 index 0000000..ee7d8a9 --- /dev/null +++ b/roles/jitsimeet/files/plugin.head.html @@ -0,0 +1,39 @@ + diff --git a/roles/jitsimeet/files/set_debconf.sh b/roles/jitsimeet/files/set_debconf.sh new file mode 100755 index 0000000..b9de19d --- /dev/null +++ b/roles/jitsimeet/files/set_debconf.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +JITSI_FQDN=$1 + +cat << EOF | sudo debconf-set-selections +jitsi-videobridge jitsi-videobridge/jvb-hostname string "${JITSI_FQDN}" +jitsi-meet jitsi-meet/jvb-serve boolean false +jitsi-meet-prosody jitsi-videobridge/jvb-hostname string "${JITSI_FQDN}" +jitsi-meet-web-config jitsi-meet/cert-choice select I want to use my own certificate +jitsi-meet-web-config jitsi-meet/cert-path-crt string /etc/ssl/"${JITSI_FQDN}".crt +jitsi-meet-web-config jitsi-meet/cert-path-key string /etc/ssl/"${JITSI_FQDN}".key +EOF \ No newline at end of file diff --git a/roles/jitsimeet/files/top-view-photo-of-people-near-wooden-table-3183150.jpg b/roles/jitsimeet/files/top-view-photo-of-people-near-wooden-table-3183150.jpg new file mode 100644 index 0000000..1ce80db Binary files /dev/null and b/roles/jitsimeet/files/top-view-photo-of-people-near-wooden-table-3183150.jpg differ diff --git a/roles/jitsimeet/files/top-view-photo-of-people-near-wooden-table-3183150_small.jpg b/roles/jitsimeet/files/top-view-photo-of-people-near-wooden-table-3183150_small.jpg new file mode 100644 index 0000000..f106e9e Binary files /dev/null and b/roles/jitsimeet/files/top-view-photo-of-people-near-wooden-table-3183150_small.jpg differ diff --git a/roles/jitsimeet/files/update_jitsi.sh b/roles/jitsimeet/files/update_jitsi.sh new file mode 100755 index 0000000..b488d1c --- /dev/null +++ b/roles/jitsimeet/files/update_jitsi.sh @@ -0,0 +1,101 @@ +#!/bin/bash - +#=============================================================================== +# +# FILE: update_jitsi.sh +# +# USAGE: ./update_jitsi.sh +# +# DESCRIPTION: +# +# OPTIONS: --- +# REQUIREMENTS: --- +# BUGS: --- +# NOTES: --- +# AUTHOR: YOUR NAME (), +# ORGANIZATION: +# CREATED: 07/13/2021 16:50 +# REVISION: --- +#=============================================================================== + +set -o nounset # Treat unset variables as an error + +echo "Update System and Jitsi Meet" +apt update -qq +apt upgrade -qq -y + +echo "+ Copying background image" +cp /home/rene/top-view-photo-of-people-near-wooden-table-3183150_small.jpg /usr/share/jitsi-meet/images/welcome-background-cust.png + +echo "+ Modify interface_config.js" +sed -i -e "s/APP_NAME.*$/APP_NAME: 'Mewimeet',/" /usr/share/jitsi-meet/interface_config.js +sed -i -e "s/jitsi.org/mewimeet.de/g" /usr/share/jitsi-meet/interface_config.js +sed -i -e "s/_CONTENT: false/_CONTENT: true/g" /usr/share/jitsi-meet/interface_config.js + +echo "+ Modify welcomePageAdditionalContent.html" +cat << EOF > /usr/share/jitsi-meet/static/welcomePageAdditionalContent.html + +EOF + +echo "+ Modify plugin.head.html" +cat </usr/share/jitsi-meet/plugin.head.html + +EOF + +echo "+ Restarting Services" +for SERVICE in prosody jicofo jitsi-videobridge2 nginx; do + systemctl restart "${SERVICE}" +done + diff --git a/roles/jitsimeet/files/welcomePageAdditionalContent.html b/roles/jitsimeet/files/welcomePageAdditionalContent.html new file mode 100644 index 0000000..b56e3c4 --- /dev/null +++ b/roles/jitsimeet/files/welcomePageAdditionalContent.html @@ -0,0 +1,16 @@ + diff --git a/roles/jitsimeet/handlers/main.yml b/roles/jitsimeet/handlers/main.yml new file mode 100644 index 0000000..2559181 --- /dev/null +++ b/roles/jitsimeet/handlers/main.yml @@ -0,0 +1,13 @@ +--- +- name: apt_update + apt: update_cache=yes + +- name: restart_nginx + service: + name: "nginx" + state: restarted + +- name: restart_jitsi + service: + name: "prosody jicofo jitsi-videobridge2" + notify: restart_nginx \ No newline at end of file diff --git a/roles/jitsimeet/tasks/install_jitsimeet.yml b/roles/jitsimeet/tasks/install_jitsimeet.yml new file mode 100644 index 0000000..bdca4bb --- /dev/null +++ b/roles/jitsimeet/tasks/install_jitsimeet.yml @@ -0,0 +1,97 @@ +# $ cat << EOF | sudo debconf-set-selections +# jitsi-videobridge jitsi-videobridge/jvb-hostname string meet.example.com +# jitsi-meet jitsi-meet/jvb-serve boolean false +# jitsi-meet-prosody jitsi-videobridge/jvb-hostname string meet.example.com +# jitsi-meet-web-config jitsi-meet/cert-choice select I want to use my own certificate +# jitsi-meet-web-config jitsi-meet/cert-path-crt string /etc/ssl/meet.example.com.crt +# jitsi-meet-web-config jitsi-meet/cert-path-key string /etc/ssl/meet.example.com.key +# EOF + + +# - nginx +# - prosody +# - jicofo +# - jitsi-meet-web +# - jitsi-meet-prosody +# - jitsi-meet-web-config +# - jitsi-videobridge2 + +- name: jitsimeet | set debconf vars + shell: + cmd: "{{ playbook_dir }}/roles/jitsimeet/files/set_debconf.sh {{ jitsi_fqdn }}" + +- name: jitsimeet | install packages + package: + name: + - prosody + - jicofo + - jitsi-meet-web + - jitsi-meet-prosody + - jitsi-meet-web-config + - jitsi-videobridge2 + notify: restart_nginx + +- name: jitsimeet | copy custom settings + copy: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + with_items: + - { src: "top-view-photo-of-people-near-wooden-table-3183150_small.jpg", dest: "/usr/share/jitsi-meet/images/welcome-background-cust.png" } + - { src: "welcomePageAdditionalContent.html", dest: "/usr/share/jitsi-meet/static/" } + - { src: "plugin.head.html", dest: "/usr/share/jitsi-meet/" } + - { src: "jitsi-statistics.sh", dest: "/root/" } + notify: restart_jitsi + +- name: jitsimeet | copy /etc/jitsi + copy: + src: "{{ item.src }}" + dest: "/etc/jitsi/" + owner: "{{ item.owner }}" + group: "{{ item.group }}" + loop: + - { src: "jitsi_etc/jicofo", owner: "jicofo", group: "jitsi" } + - { src: "jitsi_etc/meet", owner: "root", group: "root" } + - { src: "jitsi_etc/videobridge", owner: "jvb", group: "jitsi" } + notify: restart_jitsi + +- name: jitsimeet | Modify interface_config.js + replace: + path: "/usr/share/jitsi-meet/interface_config.js" + regexp: "{{ item.regexp }}" + replace: "{{ item.repl }}" + backup: True + loop: + - { regexp: "APP_NAME.*$", repl: "APP_NAME: 'Mewimeet'," } + - { regexp: "jitsi.org", repl: "mewimeet.de" } + - { regexp: "_CONTENT: false", repl: "_CONTENT: true"} + notify: restart_jitsi + +- name: jitsimeet | get all language files + find: + paths: "/usr/share/jitsi-meet/lang/" + patterns: '*.json' + recurse: yes + register: files_to_change + +- name: jitsimeet | Replace branding in language files + replace: + path: "{{ item.path }}" + regexp: '"headerTitle":.*$' + replace: '"headerTitle": "Mewimeet",' + backup: True + loop_control: + label: "{{ item.path }}" + loop: "{{ files_to_change.files }}" + notify: restart_jitsi + +- name: jitsimeet | cron | schedule refresh of statistics + cron: + name: "Get statistics for Jitsi [{{ my_idx }}]" + user: root + job: "{{ item }}" + loop_control: + index_var: my_idx + loop: + - "/root/jitsi-statistics.sh" + - "sleep 20; /root/jitsi-statistics.sh" + - "sleep 40; /root/jitsi-statistics.sh" diff --git a/roles/jitsimeet/tasks/main.yml b/roles/jitsimeet/tasks/main.yml index f489960..e789976 100644 --- a/roles/jitsimeet/tasks/main.yml +++ b/roles/jitsimeet/tasks/main.yml @@ -5,20 +5,14 @@ - block: - debug: msg: Debug + # import role webserver - import_role: name: webserver # required. The name of the role to be executed. + # install software - - name: jitsimeet | adjust limits - blockinfile: - path: "/etc/systemd/system.conf" # required. The file to modify. Before Ansible 2.3 this option was only usable as I(dest), I(destfile) and I(name). - block: | # not required. The text to insert inside the marker lines. If it is missing or an empty string, the block will be removed as if C(state) were specified to C(absent). - DefaultLimitNOFILE=65000 - DefaultLimitNPROC=65000 - DefaultTasksMax=65000 - - name: jitsimeet | reload systemd - systemd: - daemon_reload: true # not required. Run daemon-reload before doing any other operations, to make sure systemd has read any changes. When set to C(yes), runs daemon-reload even if the module does not start or stop anything. + - include_tasks: prepare_system.yml + - include_tasks: install_jitsimeet.yml rescue: - set_fact: task_failed=true diff --git a/roles/jitsimeet/tasks/prepare_system.yml b/roles/jitsimeet/tasks/prepare_system.yml new file mode 100644 index 0000000..53036b8 --- /dev/null +++ b/roles/jitsimeet/tasks/prepare_system.yml @@ -0,0 +1,32 @@ +- name: jitsimeet | adjust limits + blockinfile: + path: "/etc/systemd/system.conf" + block: | + DefaultLimitNOFILE=65000 + DefaultLimitNPROC=65000 + DefaultTasksMax=65000 + +- name: jitsimeet | reload systemd + systemd: + daemon_reload: true + +- name: jitsimeet | import GPG key + apt_key: + url: "https://download.jitsi.org/jitsi-key.gpg.key" + state: present # not required. choices: absent;present. Ensures that the key is present (added) or absent (revoked). + +- name: jitsimeet | add repository + lineinfile: + path: "/etc/apt/sources.list.d/jitsi-stable.list" + line: "deb https://download.jitsi.org stable/" + create: True + backup: True + notify: apt_update + +- name: jitsimeet | flush handlers + meta: flush_handlers + +- name: jitsimeet | add debconf-utils package + package: + name: debconf-utils + state: latest \ No newline at end of file