system-config/playbooks/roles/jitsi-meet/files/jvb.conf

// This file originates from
// https://github.com/jitsi/docker-jitsi-meet/blob/stable-7648-4/jvb/rootfs/defaults/jvb.conf
// We have modified it to run an ssl https server instead of a normal http
// server.

{{ $COLIBRI_REST_ENABLED := .Env.COLIBRI_REST_ENABLED | default "false" | toBool -}}
{{ $ENABLE_COLIBRI_WEBSOCKET := .Env.ENABLE_COLIBRI_WEBSOCKET | default "1" | toBool -}}
{{ $ENABLE_OCTO := .Env.ENABLE_OCTO | default "0" | toBool -}}
{{ $ENABLE_MULTI_STREAM := .Env.ENABLE_MULTI_STREAM | default "true" | toBool -}}
{{ $JVB_DISABLE_STUN := .Env.JVB_DISABLE_STUN | default "0" | toBool -}}
{{ $JVB_STUN_SERVERS := .Env.JVB_STUN_SERVERS | default "meet-jit-si-turnrelay.jitsi.net:443" -}}
{{ $JVB_AUTH_USER := .Env.JVB_AUTH_USER | default "jvb" -}}
{{ $JVB_BREWERY_MUC := .Env.JVB_BREWERY_MUC | default "jvbbrewery" -}}
{{ $JVB_MUC_NICKNAME := .Env.JVB_MUC_NICKNAME | default .Env.HOSTNAME -}}
{{ $JVB_ADVERTISE_PRIVATE_CANDIDATES := .Env.JVB_ADVERTISE_PRIVATE_CANDIDATES | default "true" | toBool -}}
{{ $PUBLIC_URL_DOMAIN := .Env.PUBLIC_URL | default "https://localhost:8443" | trimPrefix "https://" | trimSuffix "/" -}}
{{ $SHUTDOWN_REST_ENABLED := .Env.SHUTDOWN_REST_ENABLED | default "false" | toBool -}}
{{ $WS_DOMAIN := .Env.JVB_WS_DOMAIN | default $PUBLIC_URL_DOMAIN -}}
{{ $WS_SERVER_ID := .Env.JVB_WS_SERVER_ID | default .Env.JVB_WS_SERVER_ID_FALLBACK -}}
{{ $XMPP_AUTH_DOMAIN := .Env.XMPP_AUTH_DOMAIN | default "auth.meet.jitsi" -}}
{{ $XMPP_INTERNAL_MUC_DOMAIN := .Env.XMPP_INTERNAL_MUC_DOMAIN | default "internal-muc.meet.jitsi" -}}
{{ $XMPP_PORT := .Env.XMPP_PORT | default "5222" -}}
{{ $XMPP_SERVER := .Env.XMPP_SERVER | default "xmpp.meet.jitsi" -}}
{{ $XMPP_SERVERS := splitList "," $XMPP_SERVER -}}
{{/* assign env from context, preserve during range when . is re-assigned */}}
{{ $ENV := .Env -}}

videobridge {
    ice {
        udp {
            port = {{ .Env.JVB_PORT | default 10000 }}
        }
        advertise-private-candidates = {{ $JVB_ADVERTISE_PRIVATE_CANDIDATES }}
    }
    apis {
        xmpp-client {
            configs {
{{ range $index, $element := $XMPP_SERVERS -}}
{{ $SERVER := splitn ":" 2 $element }}
                shard{{ $index }} {
                    HOSTNAME = "{{ $SERVER._0 }}"
                    PORT = "{{ $SERVER._1 | default $XMPP_PORT }}"
                    DOMAIN = "{{ $XMPP_AUTH_DOMAIN }}"
                    USERNAME = "{{ $JVB_AUTH_USER }}"
                    PASSWORD = "{{ $ENV.JVB_AUTH_PASSWORD }}"
                    MUC_JIDS = "{{ $JVB_BREWERY_MUC }}@{{ $XMPP_INTERNAL_MUC_DOMAIN }}"
                    MUC_NICKNAME = "{{ $JVB_MUC_NICKNAME }}"
                    DISABLE_CERTIFICATE_VERIFICATION = true
                }
{{ end -}}
            }
        }
        rest {
            enabled = {{ $COLIBRI_REST_ENABLED }}
        }
    }
    rest {
        shutdown {
            enabled = {{ $SHUTDOWN_REST_ENABLED }}
        }
    }
    stats {
        enabled = true
    }
    websockets {
        enabled = {{ $ENABLE_COLIBRI_WEBSOCKET }}
        domain = "{{ $WS_DOMAIN }}"
        tls = true
        server-id = "{{ $WS_SERVER_ID }}"
    }
    multi-stream {
        enabled = {{ $ENABLE_MULTI_STREAM }}
    }
    http-servers {
        private {
          host = 0.0.0.0
        }
        public {
            host = 0.0.0.0
            tls-port = 9090
            key-store-path={{ .Env.JVB_KEYSTORE_PATH }}
            key-store-password={{ .Env.JVB_KEYSTORE_PASSWORD }}
        }
    }

    {{ if $ENABLE_OCTO -}}
    octo {
        enabled = true
        bind-address = "{{ .Env.JVB_OCTO_BIND_ADDRESS | default "0.0.0.0" }}"
        public-address = "{{ .Env.JVB_OCTO_PUBLIC_ADDRESS }}"
        bind-port = "{{ .Env.JVB_OCTO_BIND_PORT | default "4096" }}"
        region = "{{ .Env.JVB_OCTO_REGION | default "europe" }}"
    }
    {{ end -}}
}

ice4j {
    harvest {
        mapping {
            stun {
{{ if not $JVB_DISABLE_STUN -}}
                addresses = [ "{{ join "\",\"" (splitList "," $JVB_STUN_SERVERS) }}" ]
{{ else -}}
                enabled = false
{{ end -}}
            }
            static-mappings = [
{{ if .Env.DOCKER_HOST_ADDRESS -}}
                {
                    local-address = "{{ .Env.LOCAL_ADDRESS }}"
                    public-address = "{{ .Env.DOCKER_HOST_ADDRESS }}"
                }
{{ end -}}
            ]
        }
    }
}