|
|
|
---
|
|
|
|
|
|
|
|
jitsi_root_dir: /opt/jitsi
|
|
|
|
jitsi_user: jitsi
|
|
|
|
|
|
|
|
jitsi_videobridge_version: 1132
|
|
|
|
jitsi_videobridge_archive_url: https://download.jitsi.org/jitsi-videobridge/linux/jitsi-videobridge-linux-x64-{{ jitsi_videobridge_version }}.zip
|
|
|
|
jitsi_videobridge_archive_sha1: 2e749f4667bc5650c0af59c23241ad094a24e1f2
|
|
|
|
|
|
|
|
jitsi_videobridge_harvester_port: 4443
|
|
|
|
# This one cannot be changed
|
|
|
|
jitsi_videobridge_rtp_port: 10000
|
|
|
|
jitsi_videobridge_src_ip:
|
|
|
|
- 0.0.0.0/0
|
|
|
|
|
|
|
|
jitsi_jicofo_git_url: https://github.com/jitsi/jicofo.git
|
|
|
|
jitsi_jigasi_git_url: https://github.com/jitsi/jigasi.git
|
|
|
|
jitsi_meet_git_url: https://github.com/jitsi/jitsi-meet.git
|
|
|
|
|
|
|
|
# XMPP server. Set to localhost would mean no certificate validation
|
|
|
|
jitsi_xmpp_server: "{{ inventory_hostname }}"
|
|
|
|
# Port on which to connect to the XMPP server to register as a component
|
|
|
|
jitsi_xmpp_component_port: 5347
|
|
|
|
|
|
|
|
jitsi_stun_servers: []
|
|
|
|
# jitsi_stun_servers:
|
|
|
|
# - stun:meet-jit-si-turnrelay.jitsi.net:443
|
|
|
|
|
|
|
|
jitsi_turn_secret: "{{ turnserver_auth_secret | default('p@ssw0rd') }}"
|
|
|
|
|
|
|
|
# Authentication. Can be set to
|
|
|
|
# * False : no authentication at all (can also be None)
|
|
|
|
# * sso : In this case, you have to protect /login with your SSO system (through a reverse proxy)
|
|
|
|
# And once authenticated, send the HTTP headers mail and displayName with the appropriate values
|
|
|
|
# Note that jitsi Android client does not support sso authentication, so mobile users will be able
|
|
|
|
# to join an existing conf, but not create one easily
|
|
|
|
# * ldap : Will use an LDAP server for authentication. Works on mobile, but is a bit less convinient
|
|
|
|
# than sso for desktop users. See all the jitsi_ldap_xxxx settings
|
|
|
|
jitsi_auth: False
|
|
|
|
|
|
|
|
# Secret to register on the XMPP server. A random one will be generated if not defined
|
|
|
|
# jitsi_videobridge_xmpp_secret: S3cr3t.
|
|
|
|
# jitsi_jicofo_xmpp_secret: p@ssw0rd
|
|
|
|
|
|
|
|
# Password for the focus user on the auth domain
|
|
|
|
# jitsi_jicofo_xmpp_pass: p@ssw0rd
|
|
|
|
|
|
|
|
jitsi_domain: "{{ inventory_hostname }}"
|
|
|
|
jitsi_auth_domain: auth.{{ jitsi_domain }}
|
|
|
|
|
|
|
|
# Can be either true, in which case a cert will be automatically obtained using letsencrypt
|
|
|
|
# or can be a name, in which case you have to configure letsencrypt to obtain the cert yourself
|
|
|
|
# jitsi_letsencrypt_cert: True
|
|
|
|
# or
|
|
|
|
# jitsi_letsencrypt_cert: jitsi.example.com
|
|
|
|
#
|
|
|
|
# or, you can also set custom cert path
|
|
|
|
#
|
|
|
|
# jitsi_cert_path: /etc/jitsi/ssl/cert.pem
|
|
|
|
# jitsi_key_path: /etc/jitsi/ssl/key.pem
|
|
|
|
|
|
|
|
# Meet configuration. Will be converted to JSON
|
|
|
|
jitsi_meet_conf_base:
|
|
|
|
hosts:
|
|
|
|
domain: "{{ jitsi_domain }}"
|
|
|
|
muc: conference.{{ jitsi_domain }}
|
|
|
|
bosh: '//{{ jitsi_domain }}/http-bind'
|
|
|
|
websocket: 'wss://{{ jitsi_domain }}/xmpp-websocket'
|
|
|
|
clientNode: http://jitsi.org/jitsimeet
|
|
|
|
testing:
|
|
|
|
enableFirefoxSimulcast: False
|
|
|
|
p2pTestMode: False
|
|
|
|
enableNoAudioDetection: True
|
|
|
|
enableNoisyMicDetection: True
|
|
|
|
desktopSharingChromeExtId: null
|
|
|
|
desktopSharingChromeSources:
|
|
|
|
- screen
|
|
|
|
- window
|
|
|
|
- tab
|
|
|
|
desktopSharingChromeMinExtVersion: 0.1
|
|
|
|
channelLastN: -1
|
|
|
|
requireDisplayName: False
|
|
|
|
enableCalendarIntegration: False
|
|
|
|
disableThirdPartyRequests: True
|
|
|
|
enableWelcomePage: True
|
|
|
|
p2p:
|
|
|
|
enabled: True
|
|
|
|
useStunTurn: True
|
|
|
|
stunServers: "{{ jitsi_stun_servers }}"
|
|
|
|
preferH264: True
|
|
|
|
jitsi_meet_conf_extra: {}
|
|
|
|
jitsi_meet_conf: "{{ jitsi_meet_conf_base | combine(jitsi_meet_conf_extra, recursive=True) }}"
|
|
|
|
|
|
|
|
# If jitsi_auth is ldap
|
|
|
|
# We inherit values from prosody if available, or we try to get values from ad_auth or ldap_auth
|
|
|
|
jitsi_ldap_base: "{{ prosody_ldap_base | default(ad_auth | default(False) | ternary((ad_ldap_user_search_base is defined) | ternary(ad_ldap_user_search_base,'DC=' + ad_realm | default(samba_realm) | default(ansible_domain) | regex_replace('\\.',',DC=')), ldap_user_base + ',' + ldap_base)) }}"
|
|
|
|
jitsi_ldap_servers: "{{ prosody_ldap_server | default(ad_ldap_servers | default([ad_auth | default(False) | ternary(ad_realm | default(samba_realm) | default(ansible_domain) | lower, ldap_uri | default('ldap://' + ansible_domain) | urlsplit('hostname'))]))}}"
|
|
|
|
jitsi_ldap_bind_dn: "{{ prosody_ldap_bind_dn | default(None) }}"
|
|
|
|
jitsi_ldap_bind_pass: "{{ prosody_ldap_bind_pass | default(None) }}"
|
|
|
|
jitsi_ldap_filter: "{{ prosody_ldap_filter | default(ad_auth | default(False) | ternary('(&(objectClass=user)(sAMAccountName=%s))','(&(objectClass=inetOrgPerson)(uid=%s))')) }}"
|
|
|
|
jitsi_ldap_starttls: "{{ prosody_ldap_starttls | default(True) }}"
|
|
|
|
|
|
|
|
# Jigasi settings
|
|
|
|
|
|
|
|
# Default room on which to connect inbound SIP calls
|
|
|
|
# if no Jitsi-Conference-Room SIP header is found
|
|
|
|
jitsi_jigasi_default_room: sip
|
|
|
|
|
|
|
|
# SIP settings
|
|
|
|
#jitsi_jigasi_sip_user:
|
|
|
|
#jitsi_jigasi_sip_secret:
|
|
|
|
#jitsi_jigasi_sip_server:
|
|
|
|
|
|
|
|
# Password to auth as an XMPP user. A random one will be created if missing
|
|
|
|
#jitsi_jigasi_xmpp_pass:
|