--- jitsi_root_dir: /opt/jitsi jitsi_user: jitsi jitsi_videobridge_version: 1132 jitsi_videobridge_archive_url: https://download.jitsi.org/jitsi-videobridge/linux/jitsi-videobridge-linux-x64-{{ jitsi_videobridge_version }}.zip jitsi_videobridge_archive_sha1: 2e749f4667bc5650c0af59c23241ad094a24e1f2 jitsi_videobridge_harvester_port: 4443 # This one cannot be changed jitsi_videobridge_rtp_port: 10000 jitsi_videobridge_src_ip: - 0.0.0.0/0 jitsi_jicofo_git_url: https://github.com/jitsi/jicofo.git jitsi_jigasi_git_url: https://github.com/jitsi/jigasi.git jitsi_meet_git_url: https://github.com/jitsi/jitsi-meet.git # XMPP server. Set to localhost would mean no certificate validation jitsi_xmpp_server: "{{ inventory_hostname }}" # Port on which to connect to the XMPP server to register as a component jitsi_xmpp_component_port: 5347 jitsi_stun_servers: [] # jitsi_stun_servers: # - stun:meet-jit-si-turnrelay.jitsi.net:443 jitsi_turn_secret: "{{ turnserver_auth_secret | default('p@ssw0rd') }}" # Authentication. Can be set to # * False : no authentication at all (can also be None) # * sso : In this case, you have to protect /login with your SSO system (through a reverse proxy) # And once authenticated, send the HTTP headers mail and displayName with the appropriate values # Note that jitsi Android client does not support sso authentication, so mobile users will be able # to join an existing conf, but not create one easily # * ldap : Will use an LDAP server for authentication. Works on mobile, but is a bit less convinient # than sso for desktop users. See all the jitsi_ldap_xxxx settings jitsi_auth: False # Secret to register on the XMPP server. A random one will be generated if not defined # jitsi_videobridge_xmpp_secret: S3cr3t. # jitsi_jicofo_xmpp_secret: p@ssw0rd # Password for the focus user on the auth domain # jitsi_jicofo_xmpp_pass: p@ssw0rd jitsi_domain: "{{ inventory_hostname }}" jitsi_auth_domain: auth.{{ jitsi_domain }} # Can be either true, in which case a cert will be automatically obtained using letsencrypt # or can be a name, in which case you have to configure letsencrypt to obtain the cert yourself # jitsi_letsencrypt_cert: True # or # jitsi_letsencrypt_cert: jitsi.example.com # # or, you can also set custom cert path # # jitsi_cert_path: /etc/jitsi/ssl/cert.pem # jitsi_key_path: /etc/jitsi/ssl/key.pem # Meet configuration. Will be converted to JSON jitsi_meet_conf_base: hosts: domain: "{{ jitsi_domain }}" muc: conference.{{ jitsi_domain }} bosh: '//{{ jitsi_domain }}/http-bind' websocket: 'wss://{{ jitsi_domain }}/xmpp-websocket' clientNode: http://jitsi.org/jitsimeet testing: enableFirefoxSimulcast: False p2pTestMode: False enableNoAudioDetection: True enableNoisyMicDetection: True desktopSharingChromeExtId: null desktopSharingChromeSources: - screen - window - tab desktopSharingChromeMinExtVersion: 0.1 channelLastN: -1 requireDisplayName: False enableCalendarIntegration: False disableThirdPartyRequests: True enableWelcomePage: True p2p: enabled: True useStunTurn: True stunServers: "{{ jitsi_stun_servers }}" preferH264: True jitsi_meet_conf_extra: {} jitsi_meet_conf: "{{ jitsi_meet_conf_base | combine(jitsi_meet_conf_extra, recursive=True) }}" # If jitsi_auth is ldap # We inherit values from prosody if available, or we try to get values from ad_auth or ldap_auth jitsi_ldap_base: "{{ prosody_ldap_base | default(ad_auth | default(False) | ternary((ad_ldap_user_search_base is defined) | ternary(ad_ldap_user_search_base,'DC=' + ad_realm | default(samba_realm) | default(ansible_domain) | regex_replace('\\.',',DC=')), ldap_user_base + ',' + ldap_base)) }}" jitsi_ldap_servers: "{{ prosody_ldap_server | default(ad_ldap_servers | default([ad_auth | default(False) | ternary(ad_realm | default(samba_realm) | default(ansible_domain) | lower, ldap_uri | default('ldap://' + ansible_domain) | urlsplit('hostname'))]))}}" jitsi_ldap_bind_dn: "{{ prosody_ldap_bind_dn | default(None) }}" jitsi_ldap_bind_pass: "{{ prosody_ldap_bind_pass | default(None) }}" jitsi_ldap_filter: "{{ prosody_ldap_filter | default(ad_auth | default(False) | ternary('(&(objectClass=user)(sAMAccountName=%s))','(&(objectClass=inetOrgPerson)(uid=%s))')) }}" jitsi_ldap_starttls: "{{ prosody_ldap_starttls | default(True) }}" # Jigasi settings # Default room on which to connect inbound SIP calls # if no Jitsi-Conference-Room SIP header is found jitsi_jigasi_default_room: sip # SIP settings #jitsi_jigasi_sip_user: #jitsi_jigasi_sip_secret: #jitsi_jigasi_sip_server: # Password to auth as an XMPP user. A random one will be created if missing #jitsi_jigasi_xmpp_pass: