Nav apraksta
Nevar pievienot vairāk kā 25 tēmas Tēmai ir jāsākas ar burtu vai ciparu, tā var saturēt domu zīmes ('-') un var būt līdz 35 simboliem gara.

etc_prosody_conf.avail_jitsi_domain.cfg.lua.j2 4.5KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126
  1. plugin_paths = { "/usr/share/jitsi-meet/prosody-plugins/" }
  2. -- domain mapper options, must at least have domain base set to use the mapper
  3. muc_mapper_domain_base = "{{ jitsi_domain }}";
  4. external_service_secret = "6XhEs5NEtN735NXh";
  5. external_services = {
  6. { type = "stun", host = "{{ jitsi_domain }}", port = 3478 },
  7. { type = "turn", host = "{{ jitsi_domain }}", port = 3478, transport = "udp", secret = true, ttl = 86400, algorithm = "turn" },
  8. { type = "turns", host = "{{ jitsi_domain }}", port = 5349, transport = "tcp", secret = true, ttl = 86400, algorithm = "turn" }
  9. };
  10. cross_domain_bosh = false;
  11. consider_bosh_secure = true;
  12. -- https_ports = { }; -- Remove this line to prevent listening on port 5284
  13. -- https://ssl-config.mozilla.org/#server=haproxy&version=2.1&config=intermediate&openssl=1.1.0g&guideline=5.4
  14. ssl = {
  15. protocol = "tlsv1_2+";
  16. ciphers = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"
  17. }
  18. {% if jitsi_enable_ldap == true %}
  19. -- https://modules.prosody.im/mod_lib_ldap.html
  20. -- https://modules.prosody.im/mod_auth_ldap2.html
  21. authentication = 'ldap2'
  22. ldap = {
  23. hostname = 'localhost',
  24. bind_dn = 'cn=admin,{{ ldap_domain_string }}',
  25. bind_password = '{{ slapd_admin_password }}',
  26. use_tls = false,
  27. user = {
  28. usernamefield = 'uid',
  29. basedn = 'ou=people,{{ ldap_domain_string }}',
  30. filter = '(objectClass=*)',
  31. -- admin?
  32. --namefield = 'cn',
  33. },
  34. }
  35. {% endif %}
  36. VirtualHost "{{ jitsi_domain }}"
  37. -- enabled = false -- Remove this line to enable this host
  38. -- authentication = "anonymous"
  39. {% if jitsi_enable_ldap == true %}
  40. authentication = "ldap2"
  41. {% else %}
  42. authentication = "internal_hashed"
  43. {% endif %}
  44. -- Properties below are modified by jitsi-meet-tokens package config
  45. -- and authentication above is switched to "token"
  46. --app_id="example_app_id"
  47. --app_secret="example_app_secret"
  48. -- Assign this host a certificate for TLS, otherwise it would use the one
  49. -- set in the global section (if any).
  50. -- Note that old-style SSL on port 5223 only supports one certificate, and will always
  51. -- use the global one.
  52. ssl = {
  53. key = "/etc/prosody/certs/{{ jitsi_domain }}.key";
  54. certificate = "/etc/prosody/certs/{{ jitsi_domain }}.crt";
  55. }
  56. speakerstats_component = "speakerstats.{{ jitsi_domain }}"
  57. conference_duration_component = "conferenceduration.{{ jitsi_domain }}"
  58. -- we need bosh
  59. modules_enabled = {
  60. "bosh";
  61. "pubsub";
  62. "ping"; -- Enable mod_ping
  63. "speakerstats";
  64. "external_services";
  65. "conference_duration";
  66. "muc_lobby_rooms";
  67. }
  68. c2s_require_encryption = false
  69. lobby_muc = "lobby.{{ jitsi_domain }}"
  70. main_muc = "conference.{{ jitsi_domain }}"
  71. -- muc_lobby_whitelist = { "recorder.{{ jitsi_domain }}" } -- Here we can whitelist jibri to enter lobby enabled rooms
  72. VirtualHost "guest.{{ jitsi_domain }}"
  73. authentication = "anonymous"
  74. c2s_require_encryption = false
  75. Component "conference.{{ jitsi_domain }}" "muc"
  76. storage = "memory"
  77. modules_enabled = {
  78. "muc_meeting_id";
  79. "muc_domain_mapper";
  80. --"token_verification";
  81. }
  82. admins = { "focus@auth.{{ jitsi_domain }}" }
  83. muc_room_locking = false
  84. muc_room_default_public_jids = true
  85. -- internal muc component
  86. Component "internal.auth.{{ jitsi_domain }}" "muc"
  87. storage = "memory"
  88. modules_enabled = {
  89. "ping";
  90. }
  91. admins = { "focus@auth.{{ jitsi_domain }}", "jvb@auth.{{ jitsi_domain }}" }
  92. muc_room_locking = false
  93. muc_room_default_public_jids = true
  94. VirtualHost "auth.{{ jitsi_domain }}"
  95. ssl = {
  96. key = "/etc/prosody/certs/auth.{{ jitsi_domain }}.key";
  97. certificate = "/etc/prosody/certs/auth.{{ jitsi_domain }}.crt";
  98. }
  99. authentication = "internal_hashed"
  100. -- Proxy to jicofo's user JID, so that it doesn't have to register as a component.
  101. Component "focus.{{ jitsi_domain }}" "client_proxy"
  102. target_address = "focus@auth.{{ jitsi_domain }}"
  103. Component "speakerstats.{{ jitsi_domain }}" "speakerstats_component"
  104. muc_component = "conference.{{ jitsi_domain }}"
  105. Component "conferenceduration.{{ jitsi_domain }}" "conference_duration_component"
  106. muc_component = "conference.{{ jitsi_domain }}"
  107. Component "lobby.{{ jitsi_domain }}" "muc"
  108. storage = "memory"
  109. restrict_room_creation = true
  110. muc_room_locking = false
  111. muc_room_default_public_jids = true