More sane jitsi config

3 years ago · fe8736a48f
parent 5809c3920f
commit fe8736a48f
10 changed files with 88 additions and 125 deletions
--- a/.env.example
+++ b/.env.example
@ -26,68 +26,17 @@ JVB_TAG=
 JVB_CONTAINER_NAME=
 JVB_RESTART=
 # Media port
-JVB_PORT=10000
+JVB_PORT=
 JVB_TCP_PORT=4443
 # Public URL for the web service (required)
 PUBLIC_URL=https://sub.domain.tld
 #
 # Security
 #
 # - Set these to strong passwords to avoid intruders from impersonating a
 #   service account.
 # - The service(s) won't start unless these are specified.
 # - Running ./gen-passwords.sh will update .env with strong passwords.
 # - You may skip the Jigasi and Jibri passwords if you are not using those.
 # - DO NOT reuse passwords.
 #
 # Prosody (XMPP Server) and Jicofo (Focus Component)
 #
 # XMPP component password for Jicofo
 JICOFO_COMPONENT_SECRET=
 # XMPP password for Jicofo client connections
 JICOFO_AUTH_PASSWORD=
 #
 # Prosody (XMPP Server) and Jvb (Video Bridge)
 #
 # XMPP password for JVB client connections
 JVB_AUTH_PASSWORD=
 #
 # Authentication configuration (see handbook for details)
 #
 # Enable authentication
 ENABLE_AUTH=1
 # Enable guest access
 ENABLE_GUESTS=1
 # Select authentication type: internal, jwt or ldap
 AUTH_TYPE=internal
 #
 # Advanced configuration options (you generally don't need to change these)
 #
 # Internal XMPP domain
 XMPP_DOMAIN=meet.jitsi
 # Internal XMPP server
-XMPP_SERVER=xmpp.meet.jitsi
+XMPP_SERVER=
 # Internal XMPP domain for authenticated services
-XMPP_AUTH_DOMAIN=auth.meet.jitsi
+XMPP_AUTH_DOMAIN=
-# XMPP domain for the MUC
+# Internal XMPP server URL
-XMPP_MUC_DOMAIN=muc.meet.jitsi
+XMPP_BOSH_URL_BASE=
 # XMPP domain for the internal MUC used for jibri, jigasi and jvb pools
 XMPP_INTERNAL_MUC_DOMAIN=internal-muc.meet.jitsi
 # XMPP domain for unauthenticated users
 XMPP_GUEST_DOMAIN=guest.meet.jitsi
 # MUC for the JVB pool
 JVB_BREWERY_MUC=jvbbrewery
 # XMPP user for JVB client connections
 JVB_AUTH_USER=jvb
 # XMPP user for Jicofo client connections.
 # NOTE: this option doesn't currently work due to a bug
 JICOFO_AUTH_USER=focus
 # XMPP domain for the jibri recorder
 XMPP_RECORDER_DOMAIN=recorder.meet.jitsi
--- a/.gitignore
+++ b/.gitignore
@ -1 +1,2 @@
 *.env
 vol/
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -7,33 +7,26 @@ services:
    restart: ${WEB_RESTART:-unless-stopped}
    expose:
      - "80"
-      - "8443"
+      - "443"
    networks:
      meet.jitsi:
        aliases:
          - ${XMPP_DOMAIN}
      webservices:
    volumes:
-      - ${LOCAL_STACK_DIR}/web:/config:Z
+      - ${LOCAL_STACK_DIR:-./vol}/web:/config:Z
-      - ${LOCAL_STACK_DIR}/transcripts:/usr/share/jitsi-meet/transcripts:Z
+      - ${LOCAL_STACK_DIR:-./vol}/transcripts:/usr/share/jitsi-meet/transcripts:Z
-      - ${LOCAL_STACK_DIR}/web/custom/images:/usr/share/jitsi-meet/images:ro
+      - ${LOCAL_STACK_DIR:-./vol}/web/custom/images:/usr/share/jitsi-meet/images:ro
-      - ${LOCAL_STACK_DIR}/web/custom/title.html:/usr/share/jitsi-meet/title.html:ro
+      - ${LOCAL_STACK_DIR:-./vol}/web/custom/title.html:/usr/share/jitsi-meet/title.html:ro
-      - ${LOCAL_STACK_DIR}/web/custom/body.html:/usr/share/jitsi-meet/body.html:ro
+      - ${LOCAL_STACK_DIR:-./vol}/web/custom/body.html:/usr/share/jitsi-meet/body.html:ro
-      - ${LOCAL_STACK_DIR}/web/custom/css/custom.css:/usr/share/jitsi-meet/css/custom.css:ro
+      - ${LOCAL_STACK_DIR:-./vol}/web/custom/css/custom.css:/usr/share/jitsi-meet/css/custom.css:ro
    env_file:
      - web.env
      - web-prosody-jicofo.env
      - web-prosody.env
    environment:
-      - TZ
+      - TZ=${TZ:-Etc/UTC}
      - ENABLE_XMPP_WEBSOCKET
      - PUBLIC_URL
-      - ENABLE_AUTH
+      - XMPP_AUTH_DOMAIN=${XMPP_AUTH_DOMAIN:-auth.meet.jitsi}
-      - ENABLE_GUESTS
+      - XMPP_BOSH_URL_BASE=${XMPP_BOSH_URL_BASE:-http://xmpp.meet.jitsi:5280}
      - JICOFO_AUTH_USER
      - XMPP_AUTH_DOMAIN
      - XMPP_DOMAIN
      - XMPP_GUEST_DOMAIN
      - XMPP_MUC_DOMAIN
      - XMPP_RECORDER_DOMAIN
  prosody:
    image: ${PRS_IMG:-jitsi/prosody}:${PRS_TAG:-latest}
@ -46,30 +39,21 @@ services:
    networks:
      meet.jitsi:
        aliases:
-          - ${XMPP_SERVER}
+          - ${XMPP_SERVER:-xmpp.meet.jitsi}
    volumes:
-      - ${LOCAL_STACK_DIR}/prosody/config:/config:Z
+      - ${LOCAL_STACK_DIR:-./vol}/prosody/config:/config:Z
-      - ${LOCAL_STACK_DIR}/prosody/prosody-plugins-custom:/prosody-plugins-custom:Z
+      - ${LOCAL_STACK_DIR:-./vol}/prosody/prosody-plugins-custom:/prosody-plugins-custom:Z
    env_file:
      - prosody.env
      - prosody-jicofo.env
      - prosody-jvb.env
      - web-prosody-jicofo.env
      - web-prosody.env
      - prosody-jicofo-jvb.env
    environment:
-      - TZ
+      - TZ=${TZ:-Etc/UTC}
      - JICOFO_COMPONENT_SECRET
      - JICOFO_AUTH_PASSWORD
      - JVB_AUTH_PASSWORD
      - AUTH_TYPE
      - ENABLE_AUTH
      - ENABLE_GUESTS
      - ENABLE_XMPP_WEBSOCKET
      - XMPP_DOMAIN
      - XMPP_AUTH_DOMAIN
      - XMPP_GUEST_DOMAIN
      - XMPP_MUC_DOMAIN
      - XMPP_INTERNAL_MUC_DOMAIN
      - XMPP_RECORDER_DOMAIN
      - JICOFO_AUTH_USER
      - JVB_AUTH_USER
      - PUBLIC_URL
      - XMPP_AUTH_DOMAIN=${XMPP_AUTH_DOMAIN:-auth.meet.jitsi}
  jicofo:
    image: ${JCF_IMG:-jitsi/jicofo}:${JCF_TAG:-latest}
@ -78,22 +62,17 @@ services:
    networks:
      meet.jitsi:
    volumes:
-      - ${LOCAL_STACK_DIR}/jicofo:/config:Z
+      - ${LOCAL_STACK_DIR:-./vol}/jicofo:/config:Z
    env_file:
      - jicofo.env
      - prosody-jicofo.env
      - web-prosody-jicofo.env
      - prosody-jicofo-jvb.env
      - jicofo-jvb.env
    environment:
-      - TZ
+      - TZ=${TZ:-Etc/UTC}
-      - JICOFO_COMPONENT_SECRET
+      - XMPP_AUTH_DOMAIN=${XMPP_AUTH_DOMAIN:-auth.meet.jitsi}
-      - JICOFO_AUTH_PASSWORD
+      - XMPP_SERVER=${XMPP_SERVER:-xmpp.meet.jitsi}
      - AUTH_TYPE
      - ENABLE_AUTH
      - XMPP_DOMAIN
      - XMPP_AUTH_DOMAIN
      - XMPP_INTERNAL_MUC_DOMAIN
      - XMPP_MUC_DOMAIN
      - XMPP_SERVER
      - JICOFO_AUTH_USER
      - JVB_BREWERY_MUC
    depends_on:
      - prosody
@ -102,27 +81,22 @@ services:
    container_name: ${JVB_CONTAINER_NAME:-jitsi-jvb}
    restart: ${JVB_RESTART:-unless-stopped}
    ports:
-      - ${JVB_PORT}:${JVB_PORT}/udp
+      - ${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp
      - ${JVB_TCP_PORT}:${JVB_TCP_PORT}
    networks:
      meet.jitsi:
        aliases:
          - jvb.meet.jitsi
    volumes:
-      - ${LOCAL_STACK_DIR}/jvb:/config:Z
+      - ${LOCAL_STACK_DIR:-./vol}/jvb:/config:Z
    env_file:
      - jvb.env
      - prosody-jvb.env
      - prosody-jicofo-jvb.env
      - jicofo-jvb.env
    environment:
-      - TZ
+      - TZ=${TZ:-Etc/UTC}
      - JVB_AUTH_PASSWORD
      - XMPP_AUTH_DOMAIN
      - XMPP_INTERNAL_MUC_DOMAIN
      - XMPP_SERVER
      - JVB_AUTH_USER
      - JVB_BREWERY_MUC
      - JVB_TCP_PORT
      - JVB_PORT
      - PUBLIC_URL
      - XMPP_AUTH_DOMAIN=${XMPP_AUTH_DOMAIN:-auth.meet.jitsi}
      - XMPP_SERVER=${XMPP_SERVER:-xmpp.meet.jitsi}
      - JVB_PORT=${JVB_PORT:-10000}
    depends_on:
      - prosody
--- a/jicofo-jvb.env.example
+++ b/jicofo-jvb.env.example
@ -0,0 +1,2 @@
 # MUC for the JVB pool
 JVB_BREWERY_MUC=jvbbrewery
--- a/prosody-jicofo-jvb.env.example
+++ b/prosody-jicofo-jvb.env.example
@ -0,0 +1,2 @@
 # XMPP domain for the internal MUC used for jibri, jigasi and jvb pools
 XMPP_INTERNAL_MUC_DOMAIN=internal-muc.meet.jitsi
--- a/prosody-jicofo.env.example
+++ b/prosody-jicofo.env.example
@ -0,0 +1,9 @@
 # Prosody (XMPP Server) and Jicofo (Focus Component)
 #
 # XMPP component password for Jicofo
 JICOFO_COMPONENT_SECRET=q9jw8pt7v7dplm548yg8uksz0gylemg5
 # XMPP password for Jicofo client connections
 JICOFO_AUTH_PASSWORD=q9jw8pt7v7dplm548yg8uksz0gylemg5
 # Select authentication type: internal, jwt or ldap
 AUTH_TYPE=internal
--- a/prosody-jvb.env.example
+++ b/prosody-jvb.env.example
@ -0,0 +1,7 @@
 # Prosody (XMPP Server) and Jvb (Video Bridge)
 #
 # XMPP password for JVB client connections
 JVB_AUTH_PASSWORD=9m0elmhpkblm5pwiixdnpkviu0u7slpd
 # XMPP user for JVB client connections
 JVB_AUTH_USER=jvb
--- a/web-prosody-jicofo.env.example
+++ b/web-prosody-jicofo.env.example
@ -0,0 +1,12 @@
 # Enable authentication
 ENABLE_AUTH=1
 # Internal XMPP domain
 XMPP_DOMAIN=meet.jitsi
 # XMPP domain for the MUC
 XMPP_MUC_DOMAIN=muc.meet.jitsi
 # XMPP user for Jicofo client connections.
 # NOTE: this option doesn't currently work due to a bug
 JICOFO_AUTH_USER=focus
--- a/web-prosody.env.example
+++ b/web-prosody.env.example
@ -0,0 +1,10 @@
 # Enable guest access
 ENABLE_GUESTS=1
 # XMPP domain for unauthenticated users
 XMPP_GUEST_DOMAIN=guest.meet.jitsi
 # XMPP domain for the jibri recorder
 XMPP_RECORDER_DOMAIN=recorder.meet.jitsi
 ENABLE_XMPP_WEBSOCKET=1
--- a/web.env.example
+++ b/web.env.example
@ -8,7 +8,7 @@ ENABLE_LETSENCRYPT=0
 #ENABLE_HTTP_REDIRECT=1
 # Disable HTTPS: handle TLS connections outside of this setup
-#DISABLE_HTTPS=1
+DISABLE_HTTPS=1
 # Domain for which to generate the certificate
 #LETSENCRYPT_DOMAIN=meet.example.com
@ -95,8 +95,5 @@ START_VIDEO_MUTED
 TESTING_CAP_SCREENSHARE_BITRATE
 TESTING_OCTO_PROBABILITY
 # Internal XMPP server URL
 XMPP_BOSH_URL_BASE=http://xmpp.meet.jitsi:5280
 # Authenticate using external service or just focus external auth window if there is one already.
 # TOKEN_AUTH_URL=https://auth.meet.example.com/{room}
		`@ -0,0 +1,2 @@`
							`# MUC for the JVB pool`
							`JVB_BREWERY_MUC=jvbbrewery`
		`@ -0,0 +1,2 @@`
							`# XMPP domain for the internal MUC used for jibri, jigasi and jvb pools`
							`XMPP_INTERNAL_MUC_DOMAIN=internal-muc.meet.jitsi`