diff --git a/roles/jitsi/defaults/main.yml b/roles/jitsi/defaults/main.yml index 5e2cf42..96ef5cc 100644 --- a/roles/jitsi/defaults/main.yml +++ b/roles/jitsi/defaults/main.yml @@ -13,6 +13,7 @@ jitsi_videobridge_rtp_port: 10000 jitsi_videobridge_src_ip: - 0.0.0.0/0 +jitsi_videobridge_git_url: https://github.com/jitsi/jitsi-videobridge.git jitsi_jicofo_git_url: https://github.com/jitsi/jicofo.git jitsi_jigasi_git_url: https://github.com/jitsi/jigasi.git jitsi_meet_git_url: https://github.com/jitsi/jitsi-meet.git @@ -60,6 +61,7 @@ jitsi_auth_domain: auth.{{ jitsi_domain }} # jitsi_key_path: /etc/jitsi/ssl/key.pem # Meet configuration. Will be converted to JSON +# See https://github.com/jitsi/jitsi-meet/blob/master/config.js for available settings and their meaning jitsi_meet_conf_base: hosts: domain: "{{ jitsi_domain }}" @@ -67,6 +69,7 @@ jitsi_meet_conf_base: bosh: '//{{ jitsi_domain }}/http-bind' websocket: 'wss://{{ jitsi_domain }}/xmpp-websocket' clientNode: http://jitsi.org/jitsimeet + disableAudioLevels: True testing: enableFirefoxSimulcast: False p2pTestMode: False @@ -91,6 +94,108 @@ jitsi_meet_conf_base: jitsi_meet_conf_extra: {} jitsi_meet_conf: "{{ jitsi_meet_conf_base | combine(jitsi_meet_conf_extra, recursive=True) }}" +# Meet interface configuration. Will be converted to JSON +# See https://github.com/jitsi/jitsi-meet/blob/master/interface_config.js for available settings and their meaning +jitsi_meet_interface_conf_base: + DEFAULT_BACKGROUND: '#474747' + DISABLE_VIDEO_BACKGROUND: False + INITIAL_TOOLBAR_TIMEOUT: 20000 + TOOLBAR_TIMEOUT: 4000 + TOOLBAR_ALWAYS_VISIBLE: False + DEFAULT_REMOTE_DISPLAY_NAME: Happy User + DEFAULT_LOCAL_DISPLAY_NAME: Me + SHOW_JITSI_WATERMARK: False + JITSI_WATERMARK_LINK: 'https://jitsi.org' + SHOW_WATERMARK_FOR_GUESTS: False + SHOW_BRAND_WATERMARK: False + BRAND_WATERMARK_LINK: 'https://www.firewall-services.com' + PROVIDER_NAME: 'Firewall Services' + SHOW_POWERED_BY: False + SHOW_DEEP_LINKING_IMAGE: False + DISPLAY_WELCOME_PAGE_CONTENT: True + DISPLAY_WELCOME_PAGE_TOOLBAR_ADDITIONAL_CONTENT: False + GENERATE_ROOMNAMES_ON_WELCOME_PAGE: True + APP_NAME: Jitsi Meet + NATIVE_APP_NAME: Jitsi Meet + INVITATION_POWERED_BY: True + LANG_DETECTION: True + AUTHENTICATION_ENABLE: True + TOOLBAR_BUTTONS: + - microphone + - camera + - closedcaptions + - desktop + - fullscreen + - fodeviceselection + - hangup + - profile + - info + - chat + - recording + - livestreaming + - etherpad + - sharedvideo + - settings + - raisehand + - videoquality + - filmstrip + - invite + - feedback + - stats + - shortcuts + - tileview + #- videobackgroundblur + - download + - help + - mute-everyone + SETTINGS_SECTIONS: + - devices + - language + - moderator + - profile + - calendar + VIDEO_LAYOUT_FIT: both + VERTICAL_FILMSTRIP: True + filmStripOnly: False + CLOSE_PAGE_GUEST_HINT: False + SHOW_PROMOTIONAL_CLOSE_PAGE: False + RANDOM_AVATAR_URL_PREFIX: False + RANDOM_AVATAR_URL_SUFFIX: False + FILM_STRIP_MAX_HEIGHT: 120 + ENABLE_FEEDBACK_ANIMATION: False + DISABLE_FOCUS_INDICATOR: False + DISABLE_DOMINANT_SPEAKER_INDICATOR: False + DISABLE_TRANSCRIPTION_SUBTITLES: True + DISABLE_RINGING: False + AUDIO_LEVEL_PRIMARY_COLOR: 'rgba(255,255,255,0.4)' + AUDIO_LEVEL_SECONDARY_COLOR: 'rgba(255,255,255,0.2)' + POLICY_LOGO: Null + LOCAL_THUMBNAIL_RATIO: '16 / 9' # 16:9 + REMOTE_THUMBNAIL_RATIO: 1 # 1:1 + LIVE_STREAMING_HELP_LINK: 'https://jitsi.org/live' + MOBILE_APP_PROMO: True + MAXIMUM_ZOOMING_COEFFICIENT: 1.3 + SUPPORT_URL: https://community.jitsi.org/ + CONNECTION_INDICATOR_AUTO_HIDE_ENABLED: True + CONNECTION_INDICATOR_AUTO_HIDE_TIMEOUT: 5000 + CONNECTION_INDICATOR_DISABLED: False + VIDEO_QUALITY_LABEL_DISABLED: False + RECENT_LIST_ENABLED: True + OPTIMAL_BROWSERS: + - chrome + - chromium + - firefox + - nwjs + - electron + UNSUPPORTED_BROWSERS: [] + AUTO_PIN_LATEST_SCREEN_SHARE: remote-only + DISABLE_PRESENCE_STATUS: False + DISABLE_JOIN_LEAVE_NOTIFICATIONS: False + SHOW_CHROME_EXTENSION_BANNER: False +jitsi_meet_interface_conf_extra: {} +jitsi_meet_interface_conf: "{{ jitsi_meet_interface_conf_base | combine(jitsi_meet_interface_conf_extra, recursive=True) }}" + + # If jitsi_auth is ldap # We inherit values from prosody if available, or we try to get values from ad_auth or ldap_auth jitsi_ldap_base: "{{ prosody_ldap_base | default(ad_auth | default(False) | ternary((ad_ldap_user_search_base is defined) | ternary(ad_ldap_user_search_base,'DC=' + ad_realm | default(samba_realm) | default(ansible_domain) | regex_replace('\\.',',DC=')), ldap_user_base + ',' + ldap_base)) }}" diff --git a/roles/jitsi/meta/main.yml b/roles/jitsi/meta/main.yml index c6b3d34..4a109b3 100644 --- a/roles/jitsi/meta/main.yml +++ b/roles/jitsi/meta/main.yml @@ -2,5 +2,6 @@ dependencies: - role: repo_nodejs + - role: maven - role: prosody - role: nginx diff --git a/roles/jitsi/tasks/conf.yml b/roles/jitsi/tasks/conf.yml index 9b35435..ea94eec 100644 --- a/roles/jitsi/tasks/conf.yml +++ b/roles/jitsi/tasks/conf.yml @@ -44,7 +44,12 @@ tags: jitsi - name: Deploy meet configuration - template: src=meet.js.j2 dest={{jitsi_root_dir }}/meet/config.js + template: src={{ item.src }}.j2 dest={{jitsi_root_dir }}/meet/{{ item.dest }} + loop: + - src: meet.js + dest: config.js + - src: meet_interface.js + dest: interface_config.js tags: jitsi - name: Deploy nginx configuration diff --git a/roles/jitsi/tasks/directories.yml b/roles/jitsi/tasks/directories.yml index 31e02fd..1e6a57f 100644 --- a/roles/jitsi/tasks/directories.yml +++ b/roles/jitsi/tasks/directories.yml @@ -12,6 +12,8 @@ owner: "{{ jitsi_user }}" group: "{{ jitsi_user }}" mode: 700 + - dir: "{{ jitsi_root_dir }}/tmp/videobridge" + owner: "{{ jitsi_user }}" - dir: "{{ jitsi_root_dir }}/tmp/jicofo" owner: "{{ jitsi_user }}" - dir: "{{ jitsi_root_dir }}/tmp/jigasi" diff --git a/roles/jitsi/tasks/facts.yml b/roles/jitsi/tasks/facts.yml index 2f8e551..3e70bcd 100644 --- a/roles/jitsi/tasks/facts.yml +++ b/roles/jitsi/tasks/facts.yml @@ -27,7 +27,7 @@ set_fact: jitsi_videobridge_install_mode='upgrade' when: - jitsi_videobridge_version_file.stat.exists - - jitsi_videobridge_current_version != jitsi_videobridge_version + - jitsi_videobridge_current_version | string != jitsi_videobridge_version | string tags: jitsi - name: Set videobridge install mode diff --git a/roles/jitsi/tasks/install.yml b/roles/jitsi/tasks/install.yml index d3d0b3f..866043c 100644 --- a/roles/jitsi/tasks/install.yml +++ b/roles/jitsi/tasks/install.yml @@ -4,7 +4,6 @@ yum: name: - java-1.8.0-openjdk - - maven - git - nodejs - libXScrnSaver @@ -15,6 +14,9 @@ register: jitsi_cert_file tags: jitsi + # If you use an Let's Encrypt cert, it might not be there yet. In this case, create a link + # to the default prosody cert so the service can be started. The cert will be obtained after that and + # override the links - name: Link cert to the default one file: path={{ jitsi_cert_path }} src=/etc/prosody/certs/localhost.crt state=link when: not jitsi_cert_file.stat.exists @@ -30,35 +32,51 @@ when: not jitsi_key_file.stat.exists tags: jitsi -- when: jitsi_videobridge_install_mode != 'none' + # Needed if you use a proxy, as maven does not honor the standard $http_proxy / $https_proxy env +- name: Configure maven for {{ jitsi_user }} + template: src=maven.xml.j2 dest={{ jitsi_root_dir }}/.m2/settings.xml + tags: jitsi + + # Now, for every component, we will clone or update the repo. + # If the repo changed since the last run, we rebuild and restart the corresponding component +- name: Clone videobridge repo + git: + repo: "{{ jitsi_videobridge_git_url }}" + dest: "{{ jitsi_root_dir }}/tmp/videobridge" + force: True + become_user: "{{ jitsi_user }}" + register: jitsi_videobridge_git + tags: jitsi + +- name: Check if videobridge is built + stat: path={{ jitsi_root_dir }}/videobridge/jvb.sh + register: jitsi_videobridge_script tags: jitsi + +- name: Install or update videobridge block: - - name: Download videobridge - get_url: - url: "{{ jitsi_videobridge_archive_url }}" - dest: "{{ jitsi_root_dir }}/tmp" - checksum: sha1:{{ jitsi_videobridge_archive_sha1 }} - - - name: Extract videobridge + - name: Build videobridge + command: /opt/maven/apache-maven/bin/mvn package -Dassembly.skipAssembly=false + args: + chdir: "{{ jitsi_root_dir }}/tmp/videobridge" + become_user: "{{ jitsi_user }}" + + - name: Extract videobridge archive unarchive: - src: "{{ jitsi_root_dir }}/tmp/jitsi-videobridge-linux-x64-{{ jitsi_videobridge_version }}.zip" + src: "{{ jitsi_root_dir }}/tmp/videobridge/target/jitsi-videobridge-2.1-SNAPSHOT-archive.zip" dest: "{{ jitsi_root_dir }}/tmp/" remote_src: True - - name: Move videobridge to its final location + - name: Move videobridge to its final directory synchronize: - src: "{{ jitsi_root_dir }}/tmp/jitsi-videobridge-linux-x64-{{ jitsi_videobridge_version }}/" + src: "{{ jitsi_root_dir }}/tmp/jitsi-videobridge-2.1-SNAPSHOT/" dest: "{{ jitsi_root_dir }}/videobridge/" recursive: True delete: True delegate_to: "{{ inventory_hostname }}" + notify: restart jitsi-videobridge -- name: Write installed version - copy: content={{ jitsi_videobridge_version }} dest={{ jitsi_root_dir }}/meta/ansible_videobridge_version - tags: jitsi - -- name: Configure maven for {{ jitsi_user }} - template: src=maven.xml.j2 dest={{ jitsi_root_dir }}/.m2/settings.xml + when: jitsi_videobridge_git.changed or not jitsi_videobridge_script.stat.exists tags: jitsi - name: Clone jicofo repo @@ -78,7 +96,7 @@ - name: Install or update jicofo block: - name: Build jicofo - command: mvn package -DskipTests -Dassembly.skipAssembly=false + command: /opt/maven/apache-maven/bin/mvn package -DskipTests -Dassembly.skipAssembly=false args: chdir: "{{ jitsi_root_dir }}/tmp/jicofo" become_user: "{{ jitsi_user }}" @@ -117,7 +135,7 @@ - name: Install or update jigasi block: - name: Build jigasi - command: mvn package -DskipTests -Dassembly.skipAssembly=false + command: /opt/maven/apache-maven/bin/mvn package -DskipTests -Dassembly.skipAssembly=false args: chdir: "{{ jitsi_root_dir }}/tmp/jigasi" become_user: "{{ jitsi_user }}" diff --git a/roles/jitsi/templates/meet_interface.js.j2 b/roles/jitsi/templates/meet_interface.js.j2 new file mode 100644 index 0000000..940b648 --- /dev/null +++ b/roles/jitsi/templates/meet_interface.js.j2 @@ -0,0 +1 @@ +var interfaceConfig = {{ jitsi_meet_interface_conf | to_nice_json(indent=4) }}; diff --git a/roles/kanboard/defaults/main.yml b/roles/kanboard/defaults/main.yml index 6b33d1f..0cc750f 100644 --- a/roles/kanboard/defaults/main.yml +++ b/roles/kanboard/defaults/main.yml @@ -2,9 +2,9 @@ kanboard_id: "1" kanboard_manage_upgrade: True -kanboard_version: '1.2.13' +kanboard_version: '1.2.14' kanboard_zip_url: https://github.com/kanboard/kanboard/archive/v{{ kanboard_version }}.zip -kanboard_zip_sha1: 5c36ea60b9e01a889ea66c0025d6c98835c9ec37 +kanboard_zip_sha1: 90818c414b11dbb4cd60e0a3361e98b5b9a1db48 # enabled prop for the ReverseProxyLdap plugin is managed automatically # True if kanboard_ldap_auth and kanboard_proxy_auth are both True, or # False otherwise @@ -15,8 +15,8 @@ kanboard_plugins: zip_sha1: d264754e0de2c0e2500b839e8adb693cf59c3f66 calendar: name: Calendar - version: '1.1.0' - zip_sha1: 64a2af92e13d6753c5dff7a8be92d24a8b32966e + version: '1.1.1' + zip_sha1: de4195ade4391bc6e46f7a993e9220144581f913 enabled: True gantt: name: Gantt diff --git a/roles/squid/files/acl/software_various.domains b/roles/squid/files/acl/software_various.domains index 1c55b4a..080b1ed 100644 --- a/roles/squid/files/acl/software_various.domains +++ b/roles/squid/files/acl/software_various.domains @@ -131,6 +131,10 @@ maven.wso2.org packages.confluent.io maven.fabric.io jitpack.io +miroir.univ-lorraine.fr +download.java.net +forumarchivebuilder.googlecode.com +maven.java.net # Unifi www.ubnt.com