athaliar/dockerStuff
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

more updates march

Browse Source
This commit is contained in:
Nathan root
2026-03-01 17:38:47 +00:00
parent ceee62f62c
commit a085ba9714
810 changed files with 27066 additions and 6471 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
jitsi/config/jitsi-meet-cfg/jibri/recordings/de5a80fe-e70e-496a-b9ee-b6277187488e/metadata.json Normal file
View File

@@ -0,0 +1 @@
{"meeting_url":"https://jitsi.athaliapps.xyz//waaa","participants":[],"share":true}

BIN
jitsi/config/jitsi-meet-cfg/jibri/recordings/de5a80fe-e70e-496a-b9ee-b6277187488e/waaa_2026-01-16-18-53-13.mp4 Normal file
View File

Binary file not shown.

132
jitsi/config/jitsi-meet-cfg/jicofo/jicofo.conf Normal file
View File

@@ -0,0 +1,132 @@
jicofo {
// Configuration related to jitsi-videobridge
bridge {
brewery-jid = "jvbbrewery@internal-muc.meet.jitsi"
}
// Configure the codecs and RTP extensions to be used in the offer sent to clients.
codec {
video {
}
audio {
}
rtp-extensions {
video-layers-allocation {
enabled = false
}
}
}
conference {
max-ssrcs-per-user = "20"
max-ssrc-groups-per-user = "20"
}
jibri {
brewery-jid = "jibribrewery@internal-muc.meet.jitsi"
pending-timeout = "90"
}
octo {
// Whether or not to use Octo. Note that when enabled, its use will be determined by
// $jicofo.bridge.selection-strategy. There's a corresponding flag in the JVB and these
// two MUST be in sync (otherwise bridges will crash because they won't know how to
// deal with octo channels).
enabled = false
sctp-datachannels = true
}
sctp {
enabled = true
}
xmpp {
client {
enabled = true
hostname = "xmpp.meet.jitsi"
port = "5222"
domain = "auth.meet.jitsi"
xmpp-domain = "meet.jitsi"
username = "focus"
password = "94ff7046987877b99cbf8b1e15aa4c84"
conference-muc-jid = "muc.meet.jitsi"
client-proxy = "focus.meet.jitsi"
disable-certificate-verification = true
}
trusted-domains = [ "hidden.meet.jitsi" ]
}
}
include "custom-jicofo.conf"

13
jitsi/config/jitsi-meet-cfg/jicofo/logging.properties Normal file
View File

@@ -0,0 +1,13 @@
handlers= java.util.logging.ConsoleHandler
java.util.logging.ConsoleHandler.level = ALL
java.util.logging.ConsoleHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter
org.jitsi.utils.logging2.JitsiLogFormatter.programname=Jicofo
.level=INFO
io.sentry.jul.SentryHandler.level=WARNING
# Enable debug packets logging
#org.jitsi.impl.protocol.xmpp.level=FINE

93
jitsi/config/jitsi-meet-cfg/jvb/jvb.conf Normal file
View File

@@ -0,0 +1,93 @@
videobridge {
cc {
use-vla-target-bitrate = false
trust-bwe = true
}
ice {
udp {
port = 10000
}
advertise-private-candidates = true
}
apis {
xmpp-client {
configs {
shard0 {
HOSTNAME = "xmpp.meet.jitsi"
PORT = "5222"
DOMAIN = "auth.meet.jitsi"
USERNAME = "jvb"
PASSWORD = "44d9e2703b1f2a09f518e88adb2bff5b"
MUC_JIDS = "jvbbrewery@internal-muc.meet.jitsi"
MUC_NICKNAME = "4e7d9023d072"
DISABLE_CERTIFICATE_VERIFICATION = true
}
}
}
rest {
enabled = false
}
}
rest {
shutdown {
enabled = false
}
}
sctp {
enabled = true
use-usrsctp = false
}
stats {
enabled = true
}
websockets {
enabled = false
domain = "jitsi.athaliapps.xyz"
tls = true
server-id = "172.21.0.5"
}
http-servers {
private {
host = 0.0.0.0
send-server-version = false
}
public {
host = 0.0.0.0
port = 9090
send-server-version = false
}
}
health {
require-valid-address = false
}
}
jmt {
bwe {
estimator {
engine = "GoogleCc2"
}
}
}
ice4j {
harvest {
mapping {
aws {
enabled = false
}
stun {
addresses = [ "meet-jit-si-turnrelay.jitsi.net:443" ]
}
static-mappings = [
]
}
}
}
include "custom-jvb.conf"

10
jitsi/config/jitsi-meet-cfg/jvb/logging.properties Normal file
View File

@@ -0,0 +1,10 @@
handlers= java.util.logging.ConsoleHandler
java.util.logging.ConsoleHandler.level = ALL
java.util.logging.ConsoleHandler.formatter = org.jitsi.utils.logging2.JitsiLogFormatter
org.jitsi.utils.logging2.JitsiLogFormatter.programname=JVB
.level=INFO
io.sentry.jul.SentryHandler.level=WARNING

27
jitsi/config/jitsi-meet-cfg/prosody/config/certs/auth.meet.jitsi.crt Normal file
View File

@@ -0,0 +1,27 @@
-----BEGIN CERTIFICATE-----
MIIEiTCCA3GgAwIBAgIUROLDqMTQcjv4ed46Vwnn5GwdMNAwDQYJKoZIhvcNAQEL
BQAwgZkxCzAJBgNVBAYTAkdCMRUwEwYDVQQHDAxUaGUgSW50ZXJuZXQxGjAYBgNV
BAoMEVlvdXIgT3JnYW5pc2F0aW9uMRgwFgYDVQQLDA9YTVBQIERlcGFydG1lbnQx
GDAWBgNVBAMMD2F1dGgubWVldC5qaXRzaTEjMCEGCSqGSIb3DQEJARYUeG1wcEBh
dXRoLm1lZXQuaml0c2kwHhcNMjYwMTE2MTc1NjQxWhcNMjcwMTE2MTc1NjQxWjCB
mTELMAkGA1UEBhMCR0IxFTATBgNVBAcMDFRoZSBJbnRlcm5ldDEaMBgGA1UECgwR
WW91ciBPcmdhbmlzYXRpb24xGDAWBgNVBAsMD1hNUFAgRGVwYXJ0bWVudDEYMBYG
A1UEAwwPYXV0aC5tZWV0LmppdHNpMSMwIQYJKoZIhvcNAQkBFhR4bXBwQGF1dGgu
bWVldC5qaXRzaTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ6l2BBG
35BzAnR1Zlu+CFkLDd4P6mrMCWUQ0zQwNvbjGD664BkwmuyxNmCIL/Gn/kOJa9tx
4hcIdMOj3gUJtVcfhiLwum8+ZrsPbzu2jusZ7Ot1kHnURXaQh5bw3rKIWEpU5IdH
PWn58Q/CBQFhHITbw6bQc5eGEis3wmNSYqtd4TL8a1J5GgLlspK/7QBoBatlpu+P
IttNbNTTtWhdOfdKPGRPNj8SYRNga+aefK7Pkz5Wx4l8ypeguUvZTWSJxJetScH/
xRR9n/DUnDrh9AGiyTy/fWJH8++o51s4J/LpKObv+tvp/4+2ilqu2IHwx61n4+Fn
hljIF6IoD0inmpMCAwEAAaOBxjCBwzCBkwYDVR0RBIGLMIGIoCoGCCsGAQUFBwgH
oB4WHF94bXBwLWNsaWVudC5hdXRoLm1lZXQuaml0c2mgKgYIKwYBBQUHCAegHhYc
X3htcHAtc2VydmVyLmF1dGgubWVldC5qaXRzaaAdBggrBgEFBQcIBaARDA9hdXRo
Lm1lZXQuaml0c2mCD2F1dGgubWVldC5qaXRzaTAMBgNVHRMEBTADAQH/MB0GA1Ud
DgQWBBS/u1DPLBur9ylkND3heEIhbtYVxjANBgkqhkiG9w0BAQsFAAOCAQEAAbc/
5aVW0PRJ7pj3UHagTarQqKXbcUucj/b4jJiEZqAygECG5GLWJ7orhHr/uUWLXXuH
Ii7yfAiI9gfakAIzqO+B+B6W2/cK/WYOtKLzbhNDaqLkwroW/akxdVlIWau1XBPq
wQuk/8WoaNO+/62bkA5txVVMBG2Pd3XbI/SU0g0xUIjYuUFry+EZ1BIPDzXSqe32
a4vK4jhKWJt51D9trUeqHuCsRxuY5mmcyPXu3L0wPsYPARqUCuH4c1CJ2pCwtnzY
3pHndxtAmvt97W08fJbmwvH3CrS4n9lUm4R1umt7nvvv3X8Uy+r1J57k1ZF+dTX0
CB9fzc3S2lLKZz4hxg==
-----END CERTIFICATE-----

28
jitsi/config/jitsi-meet-cfg/prosody/config/certs/auth.meet.jitsi.key Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCepdgQRt+QcwJ0
dWZbvghZCw3eD+pqzAllENM0MDb24xg+uuAZMJrssTZgiC/xp/5DiWvbceIXCHTD
o94FCbVXH4Yi8LpvPma7D287to7rGezrdZB51EV2kIeW8N6yiFhKVOSHRz1p+fEP
wgUBYRyE28Om0HOXhhIrN8JjUmKrXeEy/GtSeRoC5bKSv+0AaAWrZabvjyLbTWzU
07VoXTn3SjxkTzY/EmETYGvmnnyuz5M+VseJfMqXoLlL2U1kicSXrUnB/8UUfZ/w
1Jw64fQBosk8v31iR/PvqOdbOCfy6Sjm7/rb6f+PtopartiB8MetZ+PhZ4ZYyBei
KA9Ip5qTAgMBAAECggEAHyNP4An5EUHxhmgQegs3Wjq4MxCOov1/Do4Z1hFsiFKU
TKOjHm6SycgScynntxeQ6TKMr9qPVJP9TvTXu8dnBz2Rt0PmY7UstqRV4bN4I57I
CILfo3nNVHMTmcWXABWQtq4o2IBcBnPfI4eiMd4cmdsEcLZTKbdP05mzFolyAk4w
rB8QTh3zb/AHbWvE/av4BltL+njHaA2eyuYFpBeg0GrloUnevu2WsXJJ+ecS9zr5
vzY+DS2LadmBq4A6Yzt7iaBHVSGR/uAgkd+u+MQmbkW5wD/Znq0bOAo/G+dYWXGb
LRUa8mS/nXJuDlio3RyskRL2H42fSiRjGkppmYNZeQKBgQDJjluquTTLHcCbmMXM
yuJ9kDCrXCtEekQr3Z66WXUClpc1mhWiTupLQfja+TgJKwszqZFukfdvJ6KuwlT7
1p+6bHfH6eZC9bfJDYZBEimdRifB3wupB1zG52fyQ4TkJjG6YyI0y+4+/Tsy+6Rn
ax2gFixiPWCcxn9GPDRvOHZHXQKBgQDJgF8ljuSMZQaxKyatpOTtnsDJtLDpcqs4
PPy6Dk3/SvjXie5tVQiMS04QLV1HbPXj3cWUw5/a3MdM2cORyfsuEeWzaXdS8Yhz
4A6Xz8FpA5ALfHqdHdMn/n4S19hv08NC1giQUSYVbj1Bvf/FI9mW41PNiXFkNmc0
GVGLkMz6rwKBgQC7lydx6hZcxUAykSnnxRyvyLfDhXEvtqwkN4w33HKvCgGJ/fMM
sW4WxTwccb/ZqJowZy3YPzqP1c/v3ybBjav0EmgZRHTu9UsscM33WjQpENaH9lQf
6Z5L8awpKvZQccvusb1wbi07quyiMtt89ZEJIhoFBSMaRxTGBdq3eVF8cQKBgG9M
V8GgDr85Yhvj8MZC6SwS3vvKsVkQvGAg15tRIWXcnFw5VJfROxp60dB/riEwnxTQ
vzyvXRF/lxnswmg5f2LwAcc6fu0yeiM+4/CYkYUWsa6WgAdenO5fVHXGAUerWRQG
ss479GQr8uvoLWlPpvT/9Z72xsoKfrC5N2B2h7IDAoGAJY114ZODRPa+5zdb7w5g
OxHZgBKaqrhCJEa6V8XD9gPiwpN+zKj30y0qFlZQyoGnc06FaD3oTo3SnqofS9VT
IxRhfhoE0ALFMF5Fgu1KxVVAFELnjkocX9rFs0CPv9t+QaWvI2v6N/IjlKT5ps0e
L49rnKVKmCBxRAQhQkX5YMk=
-----END PRIVATE KEY-----

51
jitsi/config/jitsi-meet-cfg/prosody/config/certs/meet.jitsi.crt Normal file
View File

@@ -0,0 +1,51 @@
-----BEGIN CERTIFICATE-----
MIIJBzCCB++gAwIBAgIUH+KYpsT4hdVdVRHyRjdOC3nuuNYwDQYJKoZIhvcNAQEL
BQAwgY8xCzAJBgNVBAYTAkdCMRUwEwYDVQQHDAxUaGUgSW50ZXJuZXQxGjAYBgNV
BAoMEVlvdXIgT3JnYW5pc2F0aW9uMRgwFgYDVQQLDA9YTVBQIERlcGFydG1lbnQx
EzARBgNVBAMMCm1lZXQuaml0c2kxHjAcBgkqhkiG9w0BCQEWD3htcHBAbWVldC5q
aXRzaTAeFw0yNjAxMTYxNzU2NDFaFw0yNzAxMTYxNzU2NDFaMIGPMQswCQYDVQQG
EwJHQjEVMBMGA1UEBwwMVGhlIEludGVybmV0MRowGAYDVQQKDBFZb3VyIE9yZ2Fu
aXNhdGlvbjEYMBYGA1UECwwPWE1QUCBEZXBhcnRtZW50MRMwEQYDVQQDDAptZWV0
LmppdHNpMR4wHAYJKoZIhvcNAQkBFg94bXBwQG1lZXQuaml0c2kwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIX2+FTCLVn10kfWdfsakC9zBrJf6+1URz
N8t3kpnx86tOBxbmm516JB30AfvvxP/nPY5fMw8m6MXN/D/PJKHXmS2qOPVlueyc
HxXR9yFZ4eeFYO8UxnDpvNnyadY0velt5vqmc2qT+icXevfTJHkFiL2zmk+SR0sM
LqxcamagtsoreYhqWfwoJaP0VLSGqz6Ox7BJ9OEc0+h9LgXb/B5G4zku8Qkvi1/6
ml45WMvrf1kqr7+WQJ6nG0QmrtOH3AhNrOFIhRk5ObQkRV5cIxZRt8aC4P71Bi6O
rKz0FmQIIpv7lvoO6d0Y0vAF2ISBQ//LHvVVa/v6WzI+jOOArU6XAgMBAAGjggVX
MIIFUzAMBgNVHRMEBTADAQH/MIIFIgYDVR0RBIIFGTCCBRWgKgYIKwYBBQUHCAeg
HhYcX3htcHAtY2xpZW50LmF1dGgubWVldC5qaXRzaaAqBggrBgEFBQcIB6AeFhxf
eG1wcC1zZXJ2ZXIuYXV0aC5tZWV0LmppdHNpoB0GCCsGAQUFBwgFoBEMD2F1dGgu
bWVldC5qaXRzaaArBggrBgEFBQcIB6AfFh1feG1wcC1zZXJ2ZXIucG9sbHMubWVl
dC5qaXRzaaAeBggrBgEFBQcIBaASDBBwb2xscy5tZWV0LmppdHNpoDIGCCsGAQUF
BwgHoCYWJF94bXBwLXNlcnZlci5hdm1vZGVyYXRpb24ubWVldC5qaXRzaaAlBggr
BgEFBQcIBaAZDBdhdm1vZGVyYXRpb24ubWVldC5qaXRzaaApBggrBgEFBQcIB6Ad
FhtfeG1wcC1zZXJ2ZXIubXVjLm1lZXQuaml0c2mgHAYIKwYBBQUHCAWgEAwObXVj
Lm1lZXQuaml0c2mgLgYIKwYBBQUHCAegIhYgX3htcHAtc2VydmVyLmJyZWFrb3V0
Lm1lZXQuaml0c2mgIQYIKwYBBQUHCAWgFQwTYnJlYWtvdXQubWVldC5qaXRzaaAy
BggrBgEFBQcIB6AmFiRfeG1wcC1zZXJ2ZXIuaW50ZXJuYWwtbXVjLm1lZXQuaml0
c2mgJQYIKwYBBQUHCAWgGQwXaW50ZXJuYWwtbXVjLm1lZXQuaml0c2mgLgYIKwYB
BQUHCAegIhYgX3htcHAtc2VydmVyLm1ldGFkYXRhLm1lZXQuaml0c2mgIQYIKwYB
BQUHCAWgFQwTbWV0YWRhdGEubWVldC5qaXRzaaAyBggrBgEFBQcIB6AmFiRfeG1w
cC1zZXJ2ZXIuc3BlYWtlcnN0YXRzLm1lZXQuaml0c2mgJQYIKwYBBQUHCAWgGQwX
c3BlYWtlcnN0YXRzLm1lZXQuaml0c2mgJQYIKwYBBQUHCAegGRYXX3htcHAtY2xp
ZW50Lm1lZXQuaml0c2mgJQYIKwYBBQUHCAegGRYXX3htcHAtc2VydmVyLm1lZXQu
aml0c2mgGAYIKwYBBQUHCAWgDAwKbWVldC5qaXRzaaAzBggrBgEFBQcIB6AnFiVf
eG1wcC1zZXJ2ZXIuZW5kY29uZmVyZW5jZS5tZWV0LmppdHNpoCYGCCsGAQUFBwgF
oBoMGGVuZGNvbmZlcmVuY2UubWVldC5qaXRzaaArBggrBgEFBQcIB6AfFh1feG1w
cC1zZXJ2ZXIubG9iYnkubWVldC5qaXRzaaAeBggrBgEFBQcIBaASDBBsb2JieS5t
ZWV0LmppdHNpoCsGCCsGAQUFBwgHoB8WHV94bXBwLXNlcnZlci5mb2N1cy5tZWV0
LmppdHNpoB4GCCsGAQUFBwgFoBIMEGZvY3VzLm1lZXQuaml0c2mCD2F1dGgubWVl
dC5qaXRzaYIQcG9sbHMubWVldC5qaXRzaYIXYXZtb2RlcmF0aW9uLm1lZXQuaml0
c2mCDm11Yy5tZWV0LmppdHNpghNicmVha291dC5tZWV0LmppdHNpghdpbnRlcm5h
bC1tdWMubWVldC5qaXRzaYITbWV0YWRhdGEubWVldC5qaXRzaYIXc3BlYWtlcnN0
YXRzLm1lZXQuaml0c2mCCm1lZXQuaml0c2mCGGVuZGNvbmZlcmVuY2UubWVldC5q
aXRzaYIQbG9iYnkubWVldC5qaXRzaYIQZm9jdXMubWVldC5qaXRzaTAdBgNVHQ4E
FgQUfUndA7nZG7ipv25FeT9o+RKo/FMwDQYJKoZIhvcNAQELBQADggEBAE7OyO81
OfRw2yhp3bTCpsakv8TP6HG4vSfui4iDQgAuyY6/OhX9IFNLcgLLkQNChKH4jI6L
naCeM0sI4q3LqJnE1UUVngn2ov+dyY4A9+CEPXBRVgN5XRBnQXsFNL39q6+fucXR
OOjQpvakhRQKB64GWgt/vlZxoEuofsnmPc20zhpktJL3NDTsXRPjVoHQlHalaDTk
uh9MgU/MOP/wMzCHAq2L4aWetMxgirrtFqBgL2MEtSRBcqu2gIARnejywfmPgG7x
tSwtHL//FyT6fS+TG0fB7mxIDCVdJkMScdIvFvPa39DqZb+l4g3VL5DS+ctbQHlX
L+xdHJuEssWajAU=
-----END CERTIFICATE-----

28
jitsi/config/jitsi-meet-cfg/prosody/config/certs/meet.jitsi.key Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDIX2+FTCLVn10k
fWdfsakC9zBrJf6+1URzN8t3kpnx86tOBxbmm516JB30AfvvxP/nPY5fMw8m6MXN
/D/PJKHXmS2qOPVlueycHxXR9yFZ4eeFYO8UxnDpvNnyadY0velt5vqmc2qT+icX
evfTJHkFiL2zmk+SR0sMLqxcamagtsoreYhqWfwoJaP0VLSGqz6Ox7BJ9OEc0+h9
LgXb/B5G4zku8Qkvi1/6ml45WMvrf1kqr7+WQJ6nG0QmrtOH3AhNrOFIhRk5ObQk
RV5cIxZRt8aC4P71Bi6OrKz0FmQIIpv7lvoO6d0Y0vAF2ISBQ//LHvVVa/v6WzI+
jOOArU6XAgMBAAECggEAE27ODgt4RWeTTPqsj+dXEOaQV5PzxOZCITqEDTC2pXSQ
ZJzjZ7In77SZAxU+Ld7ZQsABktIM4iUpKfUQ6zIOUC6W8y9a/Wauv+Vz5E0neuQh
5Bmmlkk4ojKioJQLJkpU3UfNf18qMvfL2sceSef7pMHCRCzvEqy/ZosQRFY9ZdCo
h620izh2xkPFYkaLJY+Q3EUmXC+CLstu6dsYrdHUJi9eR1ok0UfBI3rM7D2F1JQ1
lwi5vXaQLFIosFRLNBs13rv0RvFKFBDuztLpt+F+HWlOXtkWNxuNQu8VM8y6KnMA
+saXTdh5eWHMUnBV7aO7mA7Ae7D7UU+EE0AmT2tawQKBgQDtiXWcERyI0ZBlqokg
G5vLEzJmLyAIVnOjCEyLWnGXsT/9jyo7WGfsNId5DLk76kR9x9UKEOtmLTC/usz7
u/ainOCAil7DF49ksX5LPusn0kjuAnDyranK0aSAWcgwR2V5s9CiS3NPtKEe583W
JSPzR8+x3A66DFZ/BSbna3OziQKBgQDX8nqmjTy5yx9TohXLB4w2RLnBRUngalGK
rlCzqY5QIS0fUhsOd71fqobgYTT8qvSG1cq6bVDOB2+NLp8pyLzhLozHvCdDEPMt
JGj3SoWBT5t7NtVXghgQqvlYyo9fH77EmuxxCjLA3vznqbIOn2a5tklH4v3r95IY
xY2N5xTJHwKBgCujfT/WxO890NFcqySC7fQ46qFrNu9RMp1ZAPb4/rVnkuH6Uz/j
1fPHErxiYgVn3H1fIPxgb16uHq6amt4EgiMNvxDeWtpskaNmGFWqkXkXYN6ZBDcR
QIhKS3ZpCCYWd8YMCuBGDEEwZglPfLlCyYAASV/blbkIWzuqrqMFUpRBAoGABYXB
9ThvcSDssCrY+9Q5lbm0NmkbNo4Bf9ZtYerYJNx0VvS2lGwjf6rQwDQ8Mqn8juYw
xQu+oUY3aBjlISBtFCUonIMHTgPE9EaWGJzjRSdQBpqkYhSFoQd+UPL9L6WUL1r2
6P0lxyDsvs/sKcuRyPYMcbYwYDR4nAGRWSursGkCgYBY2H1C7vH2v7d1pTdL8L78
IJw3xrD2o8MoG8SXpQeer8Edk335Y07TEJaPXsDIk84gyKselD284hSQyRQiv+A6
yfrwS+4gIKA/4n68k3fX1bnOF1pxFWINQmHwtDfBLiMCZ+Tz2V6/XBqzymO1HxQB
SLBrJopVWCn09lh32GqoQw==
-----END PRIVATE KEY-----

210
jitsi/config/jitsi-meet-cfg/prosody/config/conf.d/jitsi-meet.cfg.lua Normal file
View File

@@ -0,0 +1,210 @@
admins = {
"jigasi@auth.meet.jitsi",
"jibri@auth.meet.jitsi",
"focus@auth.meet.jitsi",
"jvb@auth.meet.jitsi"
}
unlimited_jids = {
"focus@auth.meet.jitsi",
"jvb@auth.meet.jitsi"
}
plugin_paths = { "/prosody-plugins-custom", "/prosody-plugins/", "/prosody-plugins-contrib" }
muc_mapper_domain_base = "meet.jitsi";
muc_mapper_domain_prefix = "muc";
recorder_prefixes = { "jibricorder@hidden.meet.jitsi" };
transcriber_prefixes = { "transcriber@hidden.meet.jitsi" };
http_default_host = "meet.jitsi"
consider_bosh_secure = true;
consider_websocket_secure = true;
smacks_max_unacked_stanzas = 5;
smacks_hibernation_time = 60;
smacks_max_old_sessions = 1;
VirtualHost "meet.jitsi"
authentication = "jitsi-anonymous"
ssl = {
key = "/config/certs/meet.jitsi.key";
certificate = "/config/certs/meet.jitsi.crt";
}
modules_enabled = {
"bosh";
"features_identity";
"websocket";
"smacks"; -- XEP-0198: Stream Management
"conference_duration";
"muc_lobby_rooms";
"muc_breakout_rooms";
}
main_muc = "muc.meet.jitsi"
lobby_muc = "lobby.meet.jitsi"
muc_lobby_whitelist = { "hidden.meet.jitsi" }
breakout_rooms_muc = "breakout.meet.jitsi"
c2s_require_encryption = true
VirtualHost "auth.meet.jitsi"
ssl = {
key = "/config/certs/auth.meet.jitsi.key";
certificate = "/config/certs/auth.meet.jitsi.crt";
}
modules_enabled = {
"limits_exception";
"smacks";
}
authentication = "internal_hashed"
smacks_hibernation_time = 15;
VirtualHost "hidden.meet.jitsi"
modules_enabled = {
"smacks";
}
authentication = "internal_hashed"
Component "internal-muc.meet.jitsi" "muc"
storage = "memory"
modules_enabled = {
"muc_hide_all";
"muc_filter_access";
}
restrict_room_creation = true
muc_filter_whitelist="auth.meet.jitsi"
muc_room_locking = false
muc_room_default_public_jids = true
muc_room_cache_size = 1000
muc_tombstones = false
muc_room_allow_persistent = false
Component "muc.meet.jitsi" "muc"
restrict_room_creation = true
storage = "memory"
modules_enabled = {
"muc_hide_all";
"muc_meeting_id";
"muc_domain_mapper";
"muc_password_whitelist";
}
-- The size of the cache that saves state for IP addresses
rate_limit_cache_size = 10000;
muc_room_cache_size = 10000
muc_room_locking = false
muc_room_default_public_jids = true
muc_password_whitelist = {
"focus@auth.meet.jitsi";
"jibricorder@hidden.meet.jitsi";
}
muc_tombstones = false
muc_room_allow_persistent = false
Component "focus.meet.jitsi" "client_proxy"
target_address = "focus@auth.meet.jitsi"
Component "speakerstats.meet.jitsi" "speakerstats_component"
muc_component = "muc.meet.jitsi"
Component "endconference.meet.jitsi" "end_conference"
muc_component = "muc.meet.jitsi"
Component "avmoderation.meet.jitsi" "av_moderation_component"
muc_component = "muc.meet.jitsi"
Component "lobby.meet.jitsi" "muc"
storage = "memory"
restrict_room_creation = true
muc_tombstones = false
muc_room_allow_persistent = false
muc_room_cache_size = 10000
muc_room_locking = false
muc_room_default_public_jids = true
modules_enabled = {
"muc_hide_all";
}
Component "breakout.meet.jitsi" "muc"
storage = "memory"
restrict_room_creation = true
muc_room_cache_size = 10000
muc_room_locking = false
muc_room_default_public_jids = true
muc_tombstones = false
muc_room_allow_persistent = false
modules_enabled = {
"muc_hide_all";
"muc_meeting_id";
}
Component "metadata.meet.jitsi" "room_metadata_component"
muc_component = "muc.meet.jitsi"
breakout_rooms_component = "breakout.meet.jitsi"
Component "polls.meet.jitsi" "polls_component"

8
jitsi/config/jitsi-meet-cfg/prosody/config/data/auth%2emeet%2ejitsi/accounts/focus.dat Normal file
View File

@@ -0,0 +1,8 @@
return {
["stored_key"] = "d5f30854172b578423d1f634a0123d458b77aa83";
["server_key"] = "4dd8d1597bc8ebd4a4927f4766c3f50b7f15ce5e";
["salt"] = "cfa75b87-3310-43e0-96de-3d9cd877c42c";
["updated"] = 1771159995;
["created"] = 1771159995;
["iteration_count"] = 10000;
};

8
jitsi/config/jitsi-meet-cfg/prosody/config/data/auth%2emeet%2ejitsi/accounts/jibri.dat Normal file
View File

@@ -0,0 +1,8 @@
return {
["stored_key"] = "72999fc0d164b80af2aada0e3e010d7159a9b135";
["created"] = 1771159996;
["iteration_count"] = 10000;
["server_key"] = "5c8b1ecd580e79be5bf0c78288aa2a6facbeb8be";
["updated"] = 1771159996;
["salt"] = "1ab9fcf9-d2c7-45a2-8159-a7b21e64537b";
};

8
jitsi/config/jitsi-meet-cfg/prosody/config/data/auth%2emeet%2ejitsi/accounts/jigasi.dat Normal file
View File

@@ -0,0 +1,8 @@
return {
["stored_key"] = "6ccd1286118f62e771a6d0b810a5b3816a3cbbc8";
["updated"] = 1771159997;
["salt"] = "22d87674-9ee6-4797-8b68-675238befebc";
["iteration_count"] = 10000;
["server_key"] = "d8a8186ebcac156a5ccd4ea0672ce6ce16b9f572";
["created"] = 1771159997;
};

8
jitsi/config/jitsi-meet-cfg/prosody/config/data/auth%2emeet%2ejitsi/accounts/jvb.dat Normal file
View File

@@ -0,0 +1,8 @@
return {
["iteration_count"] = 10000;
["server_key"] = "682417cfb5ab08af468c63939c93a77627092f8a";
["created"] = 1771159996;
["stored_key"] = "31c1eaad2c7864fcf687e8a2a598f671b7078bd0";
["salt"] = "f21edf85-bab8-4cff-9a25-0bd407c3e8d4";
["updated"] = 1771159996;
};

3
jitsi/config/jitsi-meet-cfg/prosody/config/data/auth%2emeet%2ejitsi/cron.dat Normal file
View File

@@ -0,0 +1,3 @@
return {
["tokenauth/clear_expired_grants"] = 1772304798;
};

10
jitsi/config/jitsi-meet-cfg/prosody/config/data/auth%2emeet%2ejitsi/roster/focus.dat Normal file
View File

@@ -0,0 +1,10 @@
return {
[false] = {
["version"] = 2;
["pending"] = {};
};
["focus.meet.jitsi"] = {
["groups"] = {};
["subscription"] = "from";
};
};

6
jitsi/config/jitsi-meet-cfg/prosody/config/data/auth%2emeet%2ejitsi/smacks_h/focus.dat Normal file
View File

@@ -0,0 +1,6 @@
return {
["29mD6U3eKdAM"] = {
["h"] = 256283;
["t"] = 1771150708;
};
};

6
jitsi/config/jitsi-meet-cfg/prosody/config/data/auth%2emeet%2ejitsi/smacks_h/jibri.dat Normal file
View File

@@ -0,0 +1,6 @@
return {
["q31fs-cxAA87"] = {
["h"] = 85388;
["t"] = 1771150708;
};
};

6
jitsi/config/jitsi-meet-cfg/prosody/config/data/auth%2emeet%2ejitsi/smacks_h/jvb.dat Normal file
View File

@@ -0,0 +1,6 @@
return {
["8GG5iSn1TZ3P"] = {
["h"] = 768516;
["t"] = 1771150708;
};
};

8
jitsi/config/jitsi-meet-cfg/prosody/config/data/hidden%2emeet%2ejitsi/accounts/jibricorder.dat Normal file
View File

@@ -0,0 +1,8 @@
return {
["salt"] = "9584f0d8-cb40-46a8-933a-df4e348b7b11";
["updated"] = 1771159996;
["created"] = 1771159996;
["server_key"] = "f300772638dfe10690cceabd8ca9623880eb4167";
["iteration_count"] = 10000;
["stored_key"] = "c675b6787bd42e88463966582e21244084a2f17a";
};

3
jitsi/config/jitsi-meet-cfg/prosody/config/data/hidden%2emeet%2ejitsi/cron.dat Normal file
View File

@@ -0,0 +1,3 @@
return {
["tokenauth/clear_expired_grants"] = 1772304798;
};

6
jitsi/config/jitsi-meet-cfg/prosody/config/data/hidden%2emeet%2ejitsi/smacks_h/jibricorder.dat Normal file
View File

@@ -0,0 +1,6 @@
return {
["kQ5j80obn78Z"] = {
["h"] = 30;
["t"] = 1768589795;
};
};

1
jitsi/config/jitsi-meet-cfg/prosody/config/data/prosody.pid Normal file
View File

@@ -0,0 +1 @@
241

220
jitsi/config/jitsi-meet-cfg/prosody/config/prosody.cfg.lua Normal file
View File

@@ -0,0 +1,220 @@
-- Prosody Example Configuration File
--
-- Information on configuring Prosody can be found on our
-- website at http://prosody.im/doc/configure
--
-- Tip: You can check that the syntax of this file is correct
-- when you have finished by running: luac -p prosody.cfg.lua
-- If there are any errors, it will let you know what and where
-- they are, otherwise it will keep quiet.
--
-- The only thing left to do is rename this file to remove the .dist ending, and fill in the
-- blanks. Good luck, and happy Jabbering!
---------- Server-wide settings ----------
-- Settings in this section apply to the whole server and are the default settings
-- for any virtual hosts
-- This is a (by default, empty) list of accounts that are admins
-- for the server. Note that you must create the accounts separately
-- (see http://prosody.im/doc/creating_accounts for info)
-- Example: admins = { "user1@example.com", "user2@example.net" }
admins = { }
component_admins_as_room_owners = true
-- Enable use of libevent for better performance under high load
-- For more information see: http://prosody.im/doc/libevent
--use_libevent = true;
-- This is the list of modules Prosody will load on startup.
-- It looks for mod_modulename.lua in the plugins folder, so make sure that exists too.
-- Documentation on modules can be found at: http://prosody.im/doc/modules
modules_enabled = {
-- Generally required
"roster"; -- Allow users to have a roster. Recommended ;)
"saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.
"tls"; -- Add support for secure TLS on c2s/s2s connections
"disco"; -- Service discovery
-- Not essential, but recommended
"private"; -- Private XML storage (for room bookmarks, etc.)
"limits"; -- Enable bandwidth limiting for XMPP connections
-- These are commented by default as they have a performance impact
--"privacy"; -- Support privacy lists
--"compression"; -- Stream compression (Debian: requires lua-zlib module to work)
-- Admin interfaces
-- "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands
--"admin_telnet"; -- Opens telnet console interface on localhost port 5582
-- Nice to have
"version"; -- Replies to server version requests
"ping"; -- Replies to XMPP pings with pongs
-- HTTP modules
--"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"
--"http_files"; -- Serve static files from a directory over HTTP
-- Other specific functionality
"posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
--"groups"; -- Shared roster support
--"announce"; -- Send announcement to all online users
--"welcome"; -- Welcome users who register accounts
--"watchregistrations"; -- Alert admins of registrations
--"motd"; -- Send a message to users when they log in
--"legacyauth"; -- Legacy authentication. Only used by some old clients and bots.
"http_health";
};
component_ports = { }
https_ports = { }
trusted_proxies = {
"127.0.0.1";
"::1";
}
-- These modules are auto-loaded, but should you want
-- to disable them then uncomment them here:
modules_disabled = {
"offline"; -- Store offline messages
"register";
-- "c2s"; -- Handle client connections
"s2s"; -- Handle server-to-server connections
};
-- Disable account creation by default, for security
-- For more information see http://prosody.im/doc/creating_accounts
allow_registration = false;
-- Enable rate limits for incoming connections
limits = {
-- Limit incoming client connections
c2s = {
rate = "10kb/s";
};
-- Limit incoming server connections
s2sin = {
rate = "30kb/s";
};
}
--Prosody garbage collector settings
--For more information see https://prosody.im/doc/advanced_gc
gc = {
mode = "incremental";
threshold = 400;
speed = 250;
step_size = 13;
}
pidfile = "/config/data/prosody.pid";
-- Force clients to use encrypted connections? This option will
-- prevent clients from authenticating unless they are using encryption.
c2s_require_encryption = true;
-- set c2s port
c2s_ports = { 5222 } -- Listen on specific c2s port
c2s_interfaces = { "*", "::" }
-- Force certificate authentication for server-to-server connections?
-- This provides ideal security, but requires servers you communicate
-- with to support encryption AND present valid, trusted certificates.
-- NOTE: Your version of LuaSec must support certificate verification!
-- For more information see http://prosody.im/doc/s2s#security
s2s_secure_auth = false
-- Many servers don't support encryption or have invalid or self-signed
-- certificates. You can list domains here that will not be required to
-- authenticate using certificates. They will be authenticated using DNS.
--s2s_insecure_domains = { "gmail.com" }
-- Even if you leave s2s_secure_auth disabled, you can still require valid
-- certificates for some domains by specifying a list here.
--s2s_secure_domains = { "jabber.org" }
-- Select the authentication backend to use. The 'internal' providers
-- use Prosody's configured data storage to store the authentication data.
-- To allow Prosody to offer secure authentication mechanisms to clients, the
-- default provider stores passwords in plaintext. If you do not trust your
-- server please see http://prosody.im/doc/modules/mod_auth_internal_hashed
-- for information about using the hashed backend.
authentication = "internal_hashed"
-- Select the storage backend to use. By default Prosody uses flat files
-- in its configured data directory, but it also supports more backends
-- through modules. An "sql" backend is included by default, but requires
-- additional dependencies. See http://prosody.im/doc/storage for more info.
--storage = "sql" -- Default is "internal" (Debian: "sql" requires one of the
-- lua-dbi-sqlite3, lua-dbi-mysql or lua-dbi-postgresql packages to work)
-- For the "sql" backend, you can uncomment *one* of the below to configure:
--sql = { driver = "SQLite3", database = "prosody.sqlite" } -- Default. 'database' is the filename.
--sql = { driver = "MySQL", database = "prosody", username = "prosody", password = "secret", host = "localhost" }
--sql = { driver = "PostgreSQL", database = "prosody", username = "prosody", password = "secret", host = "localhost" }
-- Logging configuration
-- For advanced logging see http://prosody.im/doc/logging
--
-- Debian:
-- Logs info and higher to /var/log
-- Logs errors to syslog also
log = {
{ levels = {min = "info"}, timestamps = "%Y-%m-%d %X", to = "console"};
}
-- Enable use of native prosody 0.11 support for epoll over select
network_backend = "epoll";
-- Set the TCP backlog to 511 since the kernel rounds it up to the next power of 2: 512.
network_settings = {
tcp_backlog = 511;
}
unbound = {
resolvconf = true
}
http_ports = { 5280 }
http_interfaces = { "*", "::" }
data_path = "/config/data"
Include "conf.d/*.cfg.lua"

13
jitsi/config/jitsi-meet-cfg/prosody/config/rules.d/jvb_muc_presence_filter.pfw Normal file
View File

@@ -0,0 +1,13 @@
{{ $JVB_XMPP_AUTH_DOMAIN := .Env.JVB_XMPP_AUTH_DOMAIN | default "auth.jvb.meet.jitsi" -}}
{{ $JVB_XMPP_INTERNAL_MUC_DOMAIN := .Env.JVB_XMPP_INTERNAL_MUC_DOMAIN | default "muc.jvb.meet.jitsi" -}}
{{ $JVB_AUTH_USER := .Env.JVB_AUTH_USER | default "jvb" -}}
{{ $JVB_BREWERY_MUC := .Env.JVB_BREWERY_MUC | default "jvbbrewery" -}}
# Drop all presence from a jvb in a MUC to a jvb
FROM: {{ $JVB_BREWERY_MUC }}@{{ $JVB_XMPP_INTERNAL_MUC_DOMAIN }}
TO: {{ $JVB_AUTH_USER }}@{{ $JVB_XMPP_AUTH_DOMAIN }}
KIND: presence
# Seems safer to allow all "unavailable" to pass
TYPE: available
# Allow self-presence (code=110)
NOT INSPECT: {http://jabber.org/protocol/muc#user}x/status@code=110
DROP.

30
jitsi/config/jitsi-meet-cfg/prosody/config/saslauthd.conf Normal file
View File

@@ -0,0 +1,30 @@
{{ $AUTH_TYPE := .Env.AUTH_TYPE | default "internal" -}}
{{ $PROSODY_AUTH_TYPE := .Env.PROSODY_AUTH_TYPE | default $AUTH_TYPE }}
{{ $XMPP_DOMAIN := .Env.XMPP_DOMAIN | default "meet.jitsi" -}}
{{ if eq $PROSODY_AUTH_TYPE "ldap" }}
ldap_servers: {{ .Env.LDAP_URL }}
ldap_search_base: {{ .Env.LDAP_BASE }}
{{ if .Env.LDAP_BINDDN | default "" }}
ldap_bind_dn: {{ .Env.LDAP_BINDDN }}
ldap_bind_pw: {{ .Env.LDAP_BINDPW }}
{{ end }}
ldap_filter: {{ .Env.LDAP_FILTER | default "uid=%u" }}
ldap_version: {{ .Env.LDAP_VERSION | default "3" }}
ldap_auth_method: {{ .Env.LDAP_AUTH_METHOD | default "bind" }}
{{ if .Env.LDAP_USE_TLS | default "0" | toBool }}
ldap_tls_key: /config/certs/{{ $XMPP_DOMAIN }}.key
ldap_tls_cert: /config/certs/{{ $XMPP_DOMAIN }}.crt
{{ if .Env.LDAP_TLS_CHECK_PEER | default "0" | toBool }}
ldap_tls_check_peer: yes
ldap_tls_cacert_file: {{ .Env.LDAP_TLS_CACERT_FILE | default "/etc/ssl/certs/ca-certificates.crt" }}
ldap_tls_cacert_dir: {{ .Env.LDAP_TLS_CACERT_DIR | default "/etc/ssl/certs" }}
{{ end }}
{{ if .Env.LDAP_TLS_CIPHERS }}
ldap_tls_ciphers: {{ .Env.LDAP_TLS_CIPHERS }}
{{ end }}
{{ end }}
{{ end }}
{{ if .Env.LDAP_START_TLS | default "0" | toBool }}
ldap_start_tls: yes
{{ end }}

238
jitsi/config/jitsi-meet-cfg/web/config.js Normal file
View File

@@ -0,0 +1,238 @@
// Jitsi Meet configuration.
var config = {};
config.hosts = {};
config.hosts.domain = 'meet.jitsi';
var subdir = '<!--# echo var="subdir" default="" -->';
var subdomain = '<!--# echo var="subdomain" default="" -->';
if (subdir.startsWith('<!--')) {
subdir = '';
}
if (subdomain) {
subdomain = subdomain.substring(0,subdomain.length-1).split('.').join('_').toLowerCase() + '.';
}
config.hosts.muc = 'muc.' + subdomain + 'meet.jitsi';
config.bosh = 'https://jitsi.athaliapps.xyz/' + subdir + 'http-bind';
config.websocket = 'wss://jitsi.athaliapps.xyz/' + subdir + 'xmpp-websocket';
config.bridgeChannel = {
preferSctp: true
};
// Video configuration.
//
config.resolution = 720;
config.constraints = {
video: {
height: { ideal: 720, max: 720, min: 180 },
width: { ideal: 1280, max: 1280, min: 320},
}
};
config.startVideoMuted = 10;
config.startWithVideoMuted = false;
config.flags = {
sourceNameSignaling: true,
sendMultipleVideoStreams: true,
receiveMultipleVideoStreams: true
};
// ScreenShare Configuration.
//
// Audio configuration.
//
config.enableNoAudioDetection = true;
config.enableTalkWhileMuted = false;
config.disableAP = false;
config.disableAGC = false;
config.audioQuality = {
stereo: false
};
config.startAudioOnly = false;
config.startAudioMuted = 10;
config.startWithAudioMuted = false;
config.startSilent = false;
config.enableOpusRed = false;
config.disableAudioLevels = false;
config.enableNoisyMicDetection = true;
// Peer-to-Peer options.
//
config.p2p = {
enabled: true,
codecPreferenceOrder: ["AV1", "VP9", "VP8", "H264"],
mobileCodecPreferenceOrder: ["VP8", "VP9", "H264", "AV1"]
};
// Breakout Rooms
//
config.hideAddRoomButton = false;
// Etherpad
//
// Recording.
//
config.hiddenDomain = 'hidden.meet.jitsi';
config.recordingService = {
// Whether to enable file recording or not using the "service" defined by the finalizer in Jibri
enabled: true,
// Whether to show the possibility to share file recording with other people
// (e.g. meeting participants), based on the actual implementation
// on the backend.
sharingEnabled: false
};
// Live streaming configuration.
config.liveStreaming = {
enabled: false,
dataPrivacyLink: 'https://policies.google.com/privacy',
helpLink: 'https://jitsi.org/live',
termsLink: 'https://www.youtube.com/t/terms',
validatorRegExpString: '^(?:[a-zA-Z0-9]{4}(?:-(?!$)|$)){4}'
};
// Local recording configuration.
config.localRecording = {
disable: false,
notifyAllParticipants: false,
disableSelfRecording: false
};
// Analytics.
//
config.analytics = {};
// Dial in/out services.
//
// Calendar service integration.
//
config.enableCalendarIntegration = false;
// Invitation service.
//
// Miscellaneous.
//
// Prejoin page.
config.prejoinConfig = {
enabled: true,
// Hides the participant name editing field in the prejoin screen.
hideDisplayName: false
};
// List of buttons to hide from the extra join options dropdown on prejoin screen.
// Welcome page.
config.welcomePage = {
disabled: false
};
// Close page.
config.enableClosePage = false;
// Default language.
// Require users to always specify a display name.
config.requireDisplayName = false;
// Chrome extension banner.
// Disables profile and the edit of all fields from the profile settings (display name and email)
config.disableProfile = false;
// Room password (false for anything, number for max digits)
config.roomPasswordNumberOfDigits = false;
// Advanced.
//
// Transcriptions (subtitles and buttons can be configured in interface_config)
config.transcription = {
enabled: false,
disableClosedCaptions: true,
translationLanguages: [],
translationLanguagesHead: ['en'],
useAppLanguage: true,
preferredLanguage: 'en-US',
disableStartForAll: false,
autoCaptionOnRecord: false,
};
// Dynamic branding
// Deployment information.
//
config.deploymentInfo = {};
// Deep Linking
config.disableDeepLinking = false;
// P2P preferred codec
// Video quality settings.
//
config.videoQuality = {};
config.videoQuality.codecPreferenceOrder = ["AV1", "VP9", "VP8", "H264"];
config.videoQuality.mobileCodecPreferenceOrder = ["VP8", "VP9", "H264", "AV1"];
config.videoQuality.enableAdaptiveMode = true;
config.videoQuality.av1 = {};
config.videoQuality.h264 = {};
config.videoQuality.vp8 = {};
config.videoQuality.vp9 = {};
// Reactions
config.disableReactions = false;
// Polls
config.disablePolls = false;
// Configure toolbar buttons
// Hides the buttons at pre-join screen
// Configure remote participant video menu
config.remoteVideoMenu = {
disabled: false,
disableKick: false,
disableGrantModerator: false,
disablePrivateChat: false
};
// Configure e2eping
config.e2eping = {
enabled: false
};
// Settings for the Excalidraw whiteboard integration.
config.whiteboard = {
enabled: false,
};
// JaaS support: pre-configure image if JAAS_APP_ID was set.
// Testing
config.testing = {
enableCodecSelectionAPI: true
};

251
jitsi/config/jitsi-meet-cfg/web/interface_config.js Normal file
View File

@@ -0,0 +1,251 @@
/* eslint-disable no-unused-vars, no-var, max-len */
/* eslint sort-keys: ["error", "asc", {"caseSensitive": false}] */
/**
* !!!IMPORTANT!!!
*
* This file is considered deprecated. All options will eventually be moved to
* config.js, and no new options should be added here.
*/
var interfaceConfig = {
APP_NAME: 'Jitsi Meet',
AUDIO_LEVEL_PRIMARY_COLOR: 'rgba(255,255,255,0.4)',
AUDIO_LEVEL_SECONDARY_COLOR: 'rgba(255,255,255,0.2)',
/**
* A UX mode where the last screen share participant is automatically
* pinned. Valid values are the string "remote-only" so remote participants
* get pinned but not local, otherwise any truthy value for all participants,
* and any falsy value to disable the feature.
*
* Note: this mode is experimental and subject to breakage.
*/
AUTO_PIN_LATEST_SCREEN_SHARE: 'remote-only',
BRAND_WATERMARK_LINK: '',
CLOSE_PAGE_GUEST_HINT: false, // A html text to be shown to guests on the close page, false disables it
DEFAULT_BACKGROUND: '#040404',
DEFAULT_WELCOME_PAGE_LOGO_URL: 'images/watermark.svg',
DISABLE_DOMINANT_SPEAKER_INDICATOR: false,
/**
* If true, notifications regarding joining/leaving are no longer displayed.
*/
DISABLE_JOIN_LEAVE_NOTIFICATIONS: false,
/**
* If true, presence status: busy, calling, connected etc. is not displayed.
*/
DISABLE_PRESENCE_STATUS: false,
/**
* Whether the speech to text transcription subtitles panel is disabled.
* If {@code undefined}, defaults to {@code false}.
*
* @type {boolean}
*/
DISABLE_TRANSCRIPTION_SUBTITLES: false,
/**
* Whether or not the blurred video background for large video should be
* displayed on browsers that can support it.
*/
DISABLE_VIDEO_BACKGROUND: false,
DISPLAY_WELCOME_FOOTER: true,
DISPLAY_WELCOME_PAGE_ADDITIONAL_CARD: false,
DISPLAY_WELCOME_PAGE_CONTENT: false,
DISPLAY_WELCOME_PAGE_TOOLBAR_ADDITIONAL_CONTENT: false,
ENABLE_DIAL_OUT: true,
FILM_STRIP_MAX_HEIGHT: 120,
GENERATE_ROOMNAMES_ON_WELCOME_PAGE: true,
/**
* Hide the invite prompt in the header when alone in the meeting.
*/
HIDE_INVITE_MORE_HEADER: false,
JITSI_WATERMARK_LINK: 'https://jitsi.org',
LANG_DETECTION: true, // Allow i18n to detect the system language
LOCAL_THUMBNAIL_RATIO: 16 / 9, // 16:9
/**
* Maximum coefficient of the ratio of the large video to the visible area
* after the large video is scaled to fit the window.
*
* @type {number}
*/
MAXIMUM_ZOOMING_COEFFICIENT: 1.3,
/**
* Whether the mobile app Jitsi Meet is to be promoted to participants
* attempting to join a conference in a mobile Web browser. If
* {@code undefined}, defaults to {@code true}.
*
* @type {boolean}
*/
MOBILE_APP_PROMO: true,
// Names of browsers which should show a warning stating the current browser
// has a suboptimal experience. Browsers which are not listed as optimal or
// unsupported are considered suboptimal. Valid values are:
// chrome, chromium, electron, firefox , safari, webkit
OPTIMAL_BROWSERS: [ 'chrome', 'chromium', 'firefox', 'electron', 'safari', 'webkit' ],
POLICY_LOGO: null,
PROVIDER_NAME: 'Jitsi',
/**
* If true, will display recent list
*
* @type {boolean}
*/
RECENT_LIST_ENABLED: true,
REMOTE_THUMBNAIL_RATIO: 1, // 1:1
SETTINGS_SECTIONS: [ 'devices', 'language', 'moderator', 'profile', 'calendar', 'sounds', 'more' ],
/**
* Specify which sharing features should be displayed. If the value is not set
* all sharing features will be shown. You can set [] to disable all.
*/
// SHARING_FEATURES: ['email', 'url', 'dial-in', 'embed'],
SHOW_BRAND_WATERMARK: false,
/**
* Decides whether the chrome extension banner should be rendered on the landing page and during the meeting.
* If this is set to false, the banner will not be rendered at all. If set to true, the check for extension(s)
* being already installed is done before rendering.
*/
SHOW_CHROME_EXTENSION_BANNER: false,
SHOW_JITSI_WATERMARK: true,
SHOW_POWERED_BY: false,
SHOW_PROMOTIONAL_CLOSE_PAGE: false,
/*
* If indicated some of the error dialogs may point to the support URL for
* help.
*/
SUPPORT_URL: 'https://community.jitsi.org/',
// Browsers, in addition to those which do not fully support WebRTC, that
// are not supported and should show the unsupported browser page.
UNSUPPORTED_BROWSERS: [],
/**
* Whether to show thumbnails in filmstrip as a column instead of as a row.
*/
VERTICAL_FILMSTRIP: true,
// Determines how the video would fit the screen. 'both' would fit the whole
// screen, 'height' would fit the original video height to the height of the
// screen, 'width' would fit the original video width to the width of the
// screen respecting ratio, 'nocrop' would make the video as large as
// possible and preserve aspect ratio without cropping.
VIDEO_LAYOUT_FIT: 'both',
/**
* If true, hides the video quality label indicating the resolution status
* of the current large video.
*
* @type {boolean}
*/
VIDEO_QUALITY_LABEL_DISABLED: false,
/**
* How many columns the tile view can expand to. The respected range is
* between 1 and 5.
*/
// TILE_VIEW_MAX_COLUMNS: 5,
// List of undocumented settings
/**
INDICATOR_FONT_SIZES
PHONE_NUMBER_REGEX
*/
// -----------------DEPRECATED CONFIGS BELOW THIS LINE-----------------------------
/**
* Specify URL for downloading ios mobile app.
*/
// MOBILE_DOWNLOAD_LINK_IOS: 'https://itunes.apple.com/us/app/jitsi-meet/id1165103905',
/**
* Specify custom URL for downloading android mobile app.
*/
// MOBILE_DOWNLOAD_LINK_ANDROID: 'https://play.google.com/store/apps/details?id=org.jitsi.meet',
/**
* Specify mobile app scheme for opening the app from the mobile browser.
*/
// APP_SCHEME: 'org.jitsi.meet',
// NATIVE_APP_NAME: 'Jitsi Meet',
/**
* Hide the logo on the deep linking pages.
*/
// HIDE_DEEP_LINKING_LOGO: false,
/**
* Specify the Android app package name.
*/
// ANDROID_APP_PACKAGE: 'org.jitsi.meet',
/**
* Specify custom URL for downloading f droid app.
*/
// MOBILE_DOWNLOAD_LINK_F_DROID: 'https://f-droid.org/packages/org.jitsi.meet/',
// Connection indicators (
// CONNECTION_INDICATOR_AUTO_HIDE_ENABLED,
// CONNECTION_INDICATOR_AUTO_HIDE_TIMEOUT,
// CONNECTION_INDICATOR_DISABLED) got moved to config.js.
// Please use disableModeratorIndicator from config.js
// DISABLE_FOCUS_INDICATOR: false,
// Please use defaultLocalDisplayName from config.js
// DEFAULT_LOCAL_DISPLAY_NAME: 'me',
// Please use defaultLogoUrl from config.js
// DEFAULT_LOGO_URL: 'images/watermark.svg',
// Please use defaultRemoteDisplayName from config.js
// DEFAULT_REMOTE_DISPLAY_NAME: 'Fellow Jitster',
// Moved to config.js as `toolbarConfig.initialTimeout`.
// INITIAL_TOOLBAR_TIMEOUT: 20000,
// Please use `liveStreaming.helpLink` from config.js
// Documentation reference for the live streaming feature.
// LIVE_STREAMING_HELP_LINK: 'https://jitsi.org/live',
// Moved to config.js as `toolbarConfig.alwaysVisible`.
// TOOLBAR_ALWAYS_VISIBLE: false,
// This config was moved to config.js as `toolbarButtons`.
// TOOLBAR_BUTTONS: [],
// Moved to config.js as `toolbarConfig.timeout`.
// TOOLBAR_TIMEOUT: 4000,
// Allow all above example options to include a trailing comma and
// prevent fear when commenting out the last value.
// eslint-disable-next-line sort-keys
makeJsonParserHappy: 'even if last key had a trailing comma'
// No configuration value should follow this line.
};
/* eslint-enable no-unused-vars, no-var, max-len */

22
jitsi/config/jitsi-meet-cfg/web/keys/cert.crt Normal file
View File

@@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDpTCCAo2gAwIBAgIUCjyN8IyKCfIabmaZ9G/nDIKtS+AwDQYJKoZIhvcNAQEL
BQAwYjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlRYMQ8wDQYDVQQHDAZBdXN0aW4x
EjAQBgNVBAoMCWppdHNpLm9yZzEVMBMGA1UECwwMSml0c2kgU2VydmVyMQowCAYD
VQQDDAEqMB4XDTI2MDExNjE4MDAwNloXDTM2MDExNDE4MDAwNlowYjELMAkGA1UE
BhMCVVMxCzAJBgNVBAgMAlRYMQ8wDQYDVQQHDAZBdXN0aW4xEjAQBgNVBAoMCWpp
dHNpLm9yZzEVMBMGA1UECwwMSml0c2kgU2VydmVyMQowCAYDVQQDDAEqMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GaG+yX+PMHSQXg+wgLgqwrSZNWw
a07ps/CDasyrr1kQHgfM3UCK+FQqfU/8d0Vx2p/KlYIHAvLPMTUqAGsP9sa2rqCE
Qsmsn515mETadsXCB8gkBYHg5VnoFcOpzBhCkptj09PJilk4OaHpTAwu3IrVHkJo
Elpr3rmpfJFMNCJRl1TnfGk8hX06l5Ff9mt1ZWJzofvEWI0LPI3P3QjeTh8r4bb6
JUOM+3bMD3TAvSIRuD2naydx6N4glZIYmIaIHLmPkWKC72IYTU1xxdfOiVib0niI
Cqs/YmKMRY/ZCh+LZNNV48rBoUtl9XuJ48N/oo9i7UopHpNALd16YjNNYwIDAQAB
o1MwUTAdBgNVHQ4EFgQUDHIhGtX3WXvmjqbd67UwBfSLkP0wHwYDVR0jBBgwFoAU
DHIhGtX3WXvmjqbd67UwBfSLkP0wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0B
AQsFAAOCAQEAqqHwvZ3p9fXd+4y+m2hxvIhrNwlja++dcmCVwE0uKhUvcK8Ofkgi
RGDqj5PPnl1njVqU8fi8S/Udy600WmIg9PQuVdD08j54gSk8Vtpf/DHNThbUytjB
0eytLBLji+Dq0iD8Q5fEa7xdSCn84Os5qZBaDiykh2GyoeMu9gbikcUWFj1wKtAO
31rJAqMIRb36xfjZukDmlohvdFBH7U/YYLXhTvTytgfROI+C1GGSBBc5xWhMjY3V
nXUda2ADlw3Z0YQKm93bG9klfDKU3TiKyX7vUkpuQwyTANL9K0FBUgbUB/PLG6Zj
Pq/QC9EtKbbfiCl0/9CaCrbm2vkHsxhQRw==
-----END CERTIFICATE-----

28
jitsi/config/jitsi-meet-cfg/web/keys/cert.key Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEuwIBADANBgkqhkiG9w0BAQEFAASCBKUwggShAgEAAoIBAQDcZob7Jf48wdJB
eD7CAuCrCtJk1bBrTumz8INqzKuvWRAeB8zdQIr4VCp9T/x3RXHan8qVggcC8s8x
NSoAaw/2xrauoIRCyayfnXmYRNp2xcIHyCQFgeDlWegVw6nMGEKSm2PT08mKWTg5
oelMDC7citUeQmgSWmveual8kUw0IlGXVOd8aTyFfTqXkV/2a3VlYnOh+8RYjQs8
jc/dCN5OHyvhtvolQ4z7dswPdMC9IhG4PadrJ3Ho3iCVkhiYhogcuY+RYoLvYhhN
TXHF186JWJvSeIgKqz9iYoxFj9kKH4tk01XjysGhS2X1e4njw3+ij2LtSikek0At
3XpiM01jAgMBAAECggEAYYkD4h/5p1SU4gE/MKeKWlczLYl9hbeJ5+YfmkNSFQrC
fa+xAxbdiTDiDsu3a+bxEDGXutsslCr08w9Wc5HtoiVlUdlaPp42RPqxBWgvD9HL
YJs7Ca7k4kqL0RniSh5QU8XtgyAd+BosriCPeGaJ1HKiBr6XhMu8Ifgi36wDP6w/
5nMvuqrXA4pYaUTtVOWERctuHoibyiwLL9qVzUy0W4NqCH8F38vqXCutdNTQk+A+
epUtznF93ElcTD/uqNxUvWg7xBcqB4x/IOPnG0eRKh8Q/hccXw+dr/G6gubWhAdr
+IKE5BqJ27gxY18XJ1uJMPHZnCqOJIufJjVWbvp7vQKBgQD330t69bxs7BiqBM9h
G+se5f6wpzDBgHJlJvDMfZTcVd+uyhZPmroeuOwA5dfEMmQeJU7pAIlQymDEw1Qv
gpv+4q1lI0bmfidqJmhoHPDJcAx5UWzKI4gnz72nhg4Ep8lOB4qdJVS0zC6yOUpF
CoBXZ7GZH7LpUItnqIFq+ydWRQKBgQDjoKCXLtj3LOGp0SWwcAQOAAn0MIUXSf1A
lM0S6LpWpL5sIeEkkthAvB0bHsoFkfNfaIyYS/fkHm4r33rkM6iBjv0BD3H3oD2b
9fnkIYPZ3QV5nDfk2GabNO0RBJLvzks90c+99+gfunoKV+b6TVwh2Suyoe1uf3Fu
OJIdSMoDhwKBgQCbJgQ70aaAUwNZICuh7/SqYXGapvuokrqHv+kHRi+v/nxFDq8K
YqHO6xaltTfp0VTDXbzXsQNCM3qAjnaaSllUIBRCcuNFEH+hPKsrR7obi+vy39mF
aNoneSuPuSP7G/6vvZ6woBY2GHu+CIgJUPpmOzx5yNKWoViwqFNhYBUONQKBgAbQ
hj5Abspnk5Hr6v7vO4/XvHSNB079LhHC4qjQQtPZNsIx+XWI1+SIPS7UqyOjjO+s
R5k/nPo9VvsFQ76VNVQ7naNsfPL23yFOKd8Eidf53/IWFS5KtDetS/OYeXWobWQ6
ZcfAJjjc8k5g909DBaEVyVMduef29MRh+S3bQgD9An8Wmqqzs7YT/+lyxWf2itFj
xKIxallQb/gZNqNrSixWYYhY6w3EIcp7cEvUgG4lf+8fQJfQhH7bxlvaPcsJJ7UY
JhLT/7gWMwv3mO85hR5wgXGP/HqBGOcgsAb+MM16kHY+DUAU3G8PoOonPK4s+61t
NEy8c2SwvY1Yjst/dqU6
-----END PRIVATE KEY-----

141
jitsi/config/jitsi-meet-cfg/web/nginx/meet.conf Normal file
View File

@@ -0,0 +1,141 @@
server_name _;
charset utf8;
client_max_body_size 0;
root /usr/share/jitsi-meet;
# ssi on with javascript for multidomain variables in config.js
ssi on;
ssi_types application/x-javascript application/javascript;
index index.html index.htm;
error_page 404 /static/404.html;
# Security headers
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
set $prefix "";
# Opt out of FLoC (deprecated)
add_header Permissions-Policy "interest-cohort=()";
include /config/nginx-custom/*.conf;
location = /config.js {
alias /config/config.js;
}
location = /interface_config.js {
alias /config/interface_config.js;
}
location = /external_api.js {
alias /usr/share/jitsi-meet/libs/external_api.min.js;
}
# ensure all static content can always be found first
location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known|transcripts)/(.*)$ {
add_header 'Access-Control-Allow-Origin' '*';
alias /usr/share/jitsi-meet/$1/$2;
# cache all versioned files
if ($arg_v) {
expires 1y;
}
}
# BOSH
location = /http-bind {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host meet.jitsi;
proxy_pass http://xmpp.meet.jitsi:5280/http-bind?prefix=$prefix&$args;
}
# xmpp websockets
location = /xmpp-websocket {
tcp_nodelay on;
proxy_http_version 1.1;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host meet.jitsi;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://xmpp.meet.jitsi:5280/xmpp-websocket?prefix=$prefix&$args;
}
location ~ ^/([^/?&:'"]+)$ {
try_files $uri @root_path;
}
location @root_path {
rewrite ^/(.*)$ / break;
}
# Matches /(TENANT)/pwa-worker.js or /(TENANT)/manifest.json to rewrite to / and look for file
location ~ ^/([^/?&:'"]+)/(pwa-worker.js|manifest.json)$ {
set $subdomain "$1.";
set $subdir "$1/";
rewrite ^/([^/?&:'"]+)/(pwa-worker.js|manifest.json)$ /$2;
}
location ~ ^/([^/?&:'"]+)/config.js$ {
set $subdomain "$1.";
set $subdir "$1/";
alias /config/config.js;
}
# BOSH for subdomains
location ~ ^/([^/?&:'"]+)/http-bind {
set $subdomain "$1.";
set $subdir "$1/";
set $prefix "$1";
rewrite ^/(.*)$ /http-bind;
}
# websockets for subdomains
location ~ ^/([^/?&:'"]+)/xmpp-websocket {
set $subdomain "$1.";
set $subdir "$1/";
set $prefix "$1";
rewrite ^/(.*)$ /xmpp-websocket;
}
# Anything that didn't match above, and isn't a real file, assume it's a room name and redirect to /
location ~ ^/([^/?&:'"]+)/(.*)$ {
set $subdomain "$1.";
set $subdir "$1/";
rewrite ^/([^/?&:'"]+)/(.*)$ /$2;
}

69
jitsi/config/jitsi-meet-cfg/web/nginx/nginx.conf Normal file
View File

@@ -0,0 +1,69 @@
user www-data;
worker_processes 4;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
client_max_body_size 0;
resolver 127.0.0.11;
include /etc/nginx/mime.types;
types {
# add support for the wav MIME type that is requried to playback wav files in Firefox.
audio/wav wav;
}
default_type application/octet-stream;
##
# Logging Settings
##
access_log /dev/stdout;
error_log /dev/stderr;
##
# Gzip Settings
##
gzip on;
gzip_types text/plain text/css application/javascript application/json;
gzip_vary on;
gzip_min_length 860;
##
# Connection header for WebSocket reverse proxy
##
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
##
# Virtual Host Configs
##
include /config/nginx/site-confs/*;
}
daemon off;

24
jitsi/config/jitsi-meet-cfg/web/nginx/site-confs/default Normal file
View File

@@ -0,0 +1,24 @@
server {
listen 80 default_server;
listen [::]:80 default_server;
include /config/nginx/meet.conf;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
include /config/nginx/ssl.conf;
include /config/nginx/meet.conf;
}

25
jitsi/config/jitsi-meet-cfg/web/nginx/ssl.conf Normal file
View File

@@ -0,0 +1,25 @@
# session settings
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
# ssl certs
ssl_certificate /config/keys/cert.crt;
ssl_certificate_key /config/keys/cert.key;
# protocols
# Mozilla Guideline v5.6, nginx 1.14.2, OpenSSL 1.1.1d, intermediate configuration, no OCSP
# https://ssl-config.mozilla.org/#server=nginx&version=1.14.2&config=intermediate&openssl=1.1.1d&ocsp=false&guideline=5.6
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
# Diffie-Hellman parameter for DHE cipher suites
ssl_dhparam /defaults/ffdhe2048.txt;
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
add_header Strict-Transport-Security "max-age=63072000" always;