athaliar/dockerStuff
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

more updates march

Browse Source
This commit is contained in:
Nathan root
2026-03-01 17:38:47 +00:00
parent ceee62f62c
commit a085ba9714
810 changed files with 27066 additions and 6471 deletions
Download Patch File Download Diff File Expand all files Collapse all files

238
jitsi/config/jitsi-meet-cfg/web/config.js Normal file
View File

@@ -0,0 +1,238 @@
// Jitsi Meet configuration.
var config = {};
config.hosts = {};
config.hosts.domain = 'meet.jitsi';
var subdir = '<!--# echo var="subdir" default="" -->';
var subdomain = '<!--# echo var="subdomain" default="" -->';
if (subdir.startsWith('<!--')) {
subdir = '';
}
if (subdomain) {
subdomain = subdomain.substring(0,subdomain.length-1).split('.').join('_').toLowerCase() + '.';
}
config.hosts.muc = 'muc.' + subdomain + 'meet.jitsi';
config.bosh = 'https://jitsi.athaliapps.xyz/' + subdir + 'http-bind';
config.websocket = 'wss://jitsi.athaliapps.xyz/' + subdir + 'xmpp-websocket';
config.bridgeChannel = {
preferSctp: true
};
// Video configuration.
//
config.resolution = 720;
config.constraints = {
video: {
height: { ideal: 720, max: 720, min: 180 },
width: { ideal: 1280, max: 1280, min: 320},
}
};
config.startVideoMuted = 10;
config.startWithVideoMuted = false;
config.flags = {
sourceNameSignaling: true,
sendMultipleVideoStreams: true,
receiveMultipleVideoStreams: true
};
// ScreenShare Configuration.
//
// Audio configuration.
//
config.enableNoAudioDetection = true;
config.enableTalkWhileMuted = false;
config.disableAP = false;
config.disableAGC = false;
config.audioQuality = {
stereo: false
};
config.startAudioOnly = false;
config.startAudioMuted = 10;
config.startWithAudioMuted = false;
config.startSilent = false;
config.enableOpusRed = false;
config.disableAudioLevels = false;
config.enableNoisyMicDetection = true;
// Peer-to-Peer options.
//
config.p2p = {
enabled: true,
codecPreferenceOrder: ["AV1", "VP9", "VP8", "H264"],
mobileCodecPreferenceOrder: ["VP8", "VP9", "H264", "AV1"]
};
// Breakout Rooms
//
config.hideAddRoomButton = false;
// Etherpad
//
// Recording.
//
config.hiddenDomain = 'hidden.meet.jitsi';
config.recordingService = {
// Whether to enable file recording or not using the "service" defined by the finalizer in Jibri
enabled: true,
// Whether to show the possibility to share file recording with other people
// (e.g. meeting participants), based on the actual implementation
// on the backend.
sharingEnabled: false
};
// Live streaming configuration.
config.liveStreaming = {
enabled: false,
dataPrivacyLink: 'https://policies.google.com/privacy',
helpLink: 'https://jitsi.org/live',
termsLink: 'https://www.youtube.com/t/terms',
validatorRegExpString: '^(?:[a-zA-Z0-9]{4}(?:-(?!$)|$)){4}'
};
// Local recording configuration.
config.localRecording = {
disable: false,
notifyAllParticipants: false,
disableSelfRecording: false
};
// Analytics.
//
config.analytics = {};
// Dial in/out services.
//
// Calendar service integration.
//
config.enableCalendarIntegration = false;
// Invitation service.
//
// Miscellaneous.
//
// Prejoin page.
config.prejoinConfig = {
enabled: true,
// Hides the participant name editing field in the prejoin screen.
hideDisplayName: false
};
// List of buttons to hide from the extra join options dropdown on prejoin screen.
// Welcome page.
config.welcomePage = {
disabled: false
};
// Close page.
config.enableClosePage = false;
// Default language.
// Require users to always specify a display name.
config.requireDisplayName = false;
// Chrome extension banner.
// Disables profile and the edit of all fields from the profile settings (display name and email)
config.disableProfile = false;
// Room password (false for anything, number for max digits)
config.roomPasswordNumberOfDigits = false;
// Advanced.
//
// Transcriptions (subtitles and buttons can be configured in interface_config)
config.transcription = {
enabled: false,
disableClosedCaptions: true,
translationLanguages: [],
translationLanguagesHead: ['en'],
useAppLanguage: true,
preferredLanguage: 'en-US',
disableStartForAll: false,
autoCaptionOnRecord: false,
};
// Dynamic branding
// Deployment information.
//
config.deploymentInfo = {};
// Deep Linking
config.disableDeepLinking = false;
// P2P preferred codec
// Video quality settings.
//
config.videoQuality = {};
config.videoQuality.codecPreferenceOrder = ["AV1", "VP9", "VP8", "H264"];
config.videoQuality.mobileCodecPreferenceOrder = ["VP8", "VP9", "H264", "AV1"];
config.videoQuality.enableAdaptiveMode = true;
config.videoQuality.av1 = {};
config.videoQuality.h264 = {};
config.videoQuality.vp8 = {};
config.videoQuality.vp9 = {};
// Reactions
config.disableReactions = false;
// Polls
config.disablePolls = false;
// Configure toolbar buttons
// Hides the buttons at pre-join screen
// Configure remote participant video menu
config.remoteVideoMenu = {
disabled: false,
disableKick: false,
disableGrantModerator: false,
disablePrivateChat: false
};
// Configure e2eping
config.e2eping = {
enabled: false
};
// Settings for the Excalidraw whiteboard integration.
config.whiteboard = {
enabled: false,
};
// JaaS support: pre-configure image if JAAS_APP_ID was set.
// Testing
config.testing = {
enableCodecSelectionAPI: true
};

251
jitsi/config/jitsi-meet-cfg/web/interface_config.js Normal file
View File

@@ -0,0 +1,251 @@
/* eslint-disable no-unused-vars, no-var, max-len */
/* eslint sort-keys: ["error", "asc", {"caseSensitive": false}] */
/**
* !!!IMPORTANT!!!
*
* This file is considered deprecated. All options will eventually be moved to
* config.js, and no new options should be added here.
*/
var interfaceConfig = {
APP_NAME: 'Jitsi Meet',
AUDIO_LEVEL_PRIMARY_COLOR: 'rgba(255,255,255,0.4)',
AUDIO_LEVEL_SECONDARY_COLOR: 'rgba(255,255,255,0.2)',
/**
* A UX mode where the last screen share participant is automatically
* pinned. Valid values are the string "remote-only" so remote participants
* get pinned but not local, otherwise any truthy value for all participants,
* and any falsy value to disable the feature.
*
* Note: this mode is experimental and subject to breakage.
*/
AUTO_PIN_LATEST_SCREEN_SHARE: 'remote-only',
BRAND_WATERMARK_LINK: '',
CLOSE_PAGE_GUEST_HINT: false, // A html text to be shown to guests on the close page, false disables it
DEFAULT_BACKGROUND: '#040404',
DEFAULT_WELCOME_PAGE_LOGO_URL: 'images/watermark.svg',
DISABLE_DOMINANT_SPEAKER_INDICATOR: false,
/**
* If true, notifications regarding joining/leaving are no longer displayed.
*/
DISABLE_JOIN_LEAVE_NOTIFICATIONS: false,
/**
* If true, presence status: busy, calling, connected etc. is not displayed.
*/
DISABLE_PRESENCE_STATUS: false,
/**
* Whether the speech to text transcription subtitles panel is disabled.
* If {@code undefined}, defaults to {@code false}.
*
* @type {boolean}
*/
DISABLE_TRANSCRIPTION_SUBTITLES: false,
/**
* Whether or not the blurred video background for large video should be
* displayed on browsers that can support it.
*/
DISABLE_VIDEO_BACKGROUND: false,
DISPLAY_WELCOME_FOOTER: true,
DISPLAY_WELCOME_PAGE_ADDITIONAL_CARD: false,
DISPLAY_WELCOME_PAGE_CONTENT: false,
DISPLAY_WELCOME_PAGE_TOOLBAR_ADDITIONAL_CONTENT: false,
ENABLE_DIAL_OUT: true,
FILM_STRIP_MAX_HEIGHT: 120,
GENERATE_ROOMNAMES_ON_WELCOME_PAGE: true,
/**
* Hide the invite prompt in the header when alone in the meeting.
*/
HIDE_INVITE_MORE_HEADER: false,
JITSI_WATERMARK_LINK: 'https://jitsi.org',
LANG_DETECTION: true, // Allow i18n to detect the system language
LOCAL_THUMBNAIL_RATIO: 16 / 9, // 16:9
/**
* Maximum coefficient of the ratio of the large video to the visible area
* after the large video is scaled to fit the window.
*
* @type {number}
*/
MAXIMUM_ZOOMING_COEFFICIENT: 1.3,
/**
* Whether the mobile app Jitsi Meet is to be promoted to participants
* attempting to join a conference in a mobile Web browser. If
* {@code undefined}, defaults to {@code true}.
*
* @type {boolean}
*/
MOBILE_APP_PROMO: true,
// Names of browsers which should show a warning stating the current browser
// has a suboptimal experience. Browsers which are not listed as optimal or
// unsupported are considered suboptimal. Valid values are:
// chrome, chromium, electron, firefox , safari, webkit
OPTIMAL_BROWSERS: [ 'chrome', 'chromium', 'firefox', 'electron', 'safari', 'webkit' ],
POLICY_LOGO: null,
PROVIDER_NAME: 'Jitsi',
/**
* If true, will display recent list
*
* @type {boolean}
*/
RECENT_LIST_ENABLED: true,
REMOTE_THUMBNAIL_RATIO: 1, // 1:1
SETTINGS_SECTIONS: [ 'devices', 'language', 'moderator', 'profile', 'calendar', 'sounds', 'more' ],
/**
* Specify which sharing features should be displayed. If the value is not set
* all sharing features will be shown. You can set [] to disable all.
*/
// SHARING_FEATURES: ['email', 'url', 'dial-in', 'embed'],
SHOW_BRAND_WATERMARK: false,
/**
* Decides whether the chrome extension banner should be rendered on the landing page and during the meeting.
* If this is set to false, the banner will not be rendered at all. If set to true, the check for extension(s)
* being already installed is done before rendering.
*/
SHOW_CHROME_EXTENSION_BANNER: false,
SHOW_JITSI_WATERMARK: true,
SHOW_POWERED_BY: false,
SHOW_PROMOTIONAL_CLOSE_PAGE: false,
/*
* If indicated some of the error dialogs may point to the support URL for
* help.
*/
SUPPORT_URL: 'https://community.jitsi.org/',
// Browsers, in addition to those which do not fully support WebRTC, that
// are not supported and should show the unsupported browser page.
UNSUPPORTED_BROWSERS: [],
/**
* Whether to show thumbnails in filmstrip as a column instead of as a row.
*/
VERTICAL_FILMSTRIP: true,
// Determines how the video would fit the screen. 'both' would fit the whole
// screen, 'height' would fit the original video height to the height of the
// screen, 'width' would fit the original video width to the width of the
// screen respecting ratio, 'nocrop' would make the video as large as
// possible and preserve aspect ratio without cropping.
VIDEO_LAYOUT_FIT: 'both',
/**
* If true, hides the video quality label indicating the resolution status
* of the current large video.
*
* @type {boolean}
*/
VIDEO_QUALITY_LABEL_DISABLED: false,
/**
* How many columns the tile view can expand to. The respected range is
* between 1 and 5.
*/
// TILE_VIEW_MAX_COLUMNS: 5,
// List of undocumented settings
/**
INDICATOR_FONT_SIZES
PHONE_NUMBER_REGEX
*/
// -----------------DEPRECATED CONFIGS BELOW THIS LINE-----------------------------
/**
* Specify URL for downloading ios mobile app.
*/
// MOBILE_DOWNLOAD_LINK_IOS: 'https://itunes.apple.com/us/app/jitsi-meet/id1165103905',
/**
* Specify custom URL for downloading android mobile app.
*/
// MOBILE_DOWNLOAD_LINK_ANDROID: 'https://play.google.com/store/apps/details?id=org.jitsi.meet',
/**
* Specify mobile app scheme for opening the app from the mobile browser.
*/
// APP_SCHEME: 'org.jitsi.meet',
// NATIVE_APP_NAME: 'Jitsi Meet',
/**
* Hide the logo on the deep linking pages.
*/
// HIDE_DEEP_LINKING_LOGO: false,
/**
* Specify the Android app package name.
*/
// ANDROID_APP_PACKAGE: 'org.jitsi.meet',
/**
* Specify custom URL for downloading f droid app.
*/
// MOBILE_DOWNLOAD_LINK_F_DROID: 'https://f-droid.org/packages/org.jitsi.meet/',
// Connection indicators (
// CONNECTION_INDICATOR_AUTO_HIDE_ENABLED,
// CONNECTION_INDICATOR_AUTO_HIDE_TIMEOUT,
// CONNECTION_INDICATOR_DISABLED) got moved to config.js.
// Please use disableModeratorIndicator from config.js
// DISABLE_FOCUS_INDICATOR: false,
// Please use defaultLocalDisplayName from config.js
// DEFAULT_LOCAL_DISPLAY_NAME: 'me',
// Please use defaultLogoUrl from config.js
// DEFAULT_LOGO_URL: 'images/watermark.svg',
// Please use defaultRemoteDisplayName from config.js
// DEFAULT_REMOTE_DISPLAY_NAME: 'Fellow Jitster',
// Moved to config.js as `toolbarConfig.initialTimeout`.
// INITIAL_TOOLBAR_TIMEOUT: 20000,
// Please use `liveStreaming.helpLink` from config.js
// Documentation reference for the live streaming feature.
// LIVE_STREAMING_HELP_LINK: 'https://jitsi.org/live',
// Moved to config.js as `toolbarConfig.alwaysVisible`.
// TOOLBAR_ALWAYS_VISIBLE: false,
// This config was moved to config.js as `toolbarButtons`.
// TOOLBAR_BUTTONS: [],
// Moved to config.js as `toolbarConfig.timeout`.
// TOOLBAR_TIMEOUT: 4000,
// Allow all above example options to include a trailing comma and
// prevent fear when commenting out the last value.
// eslint-disable-next-line sort-keys
makeJsonParserHappy: 'even if last key had a trailing comma'
// No configuration value should follow this line.
};
/* eslint-enable no-unused-vars, no-var, max-len */

22
jitsi/config/jitsi-meet-cfg/web/keys/cert.crt Normal file
View File

@@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDpTCCAo2gAwIBAgIUCjyN8IyKCfIabmaZ9G/nDIKtS+AwDQYJKoZIhvcNAQEL
BQAwYjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlRYMQ8wDQYDVQQHDAZBdXN0aW4x
EjAQBgNVBAoMCWppdHNpLm9yZzEVMBMGA1UECwwMSml0c2kgU2VydmVyMQowCAYD
VQQDDAEqMB4XDTI2MDExNjE4MDAwNloXDTM2MDExNDE4MDAwNlowYjELMAkGA1UE
BhMCVVMxCzAJBgNVBAgMAlRYMQ8wDQYDVQQHDAZBdXN0aW4xEjAQBgNVBAoMCWpp
dHNpLm9yZzEVMBMGA1UECwwMSml0c2kgU2VydmVyMQowCAYDVQQDDAEqMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GaG+yX+PMHSQXg+wgLgqwrSZNWw
a07ps/CDasyrr1kQHgfM3UCK+FQqfU/8d0Vx2p/KlYIHAvLPMTUqAGsP9sa2rqCE
Qsmsn515mETadsXCB8gkBYHg5VnoFcOpzBhCkptj09PJilk4OaHpTAwu3IrVHkJo
Elpr3rmpfJFMNCJRl1TnfGk8hX06l5Ff9mt1ZWJzofvEWI0LPI3P3QjeTh8r4bb6
JUOM+3bMD3TAvSIRuD2naydx6N4glZIYmIaIHLmPkWKC72IYTU1xxdfOiVib0niI
Cqs/YmKMRY/ZCh+LZNNV48rBoUtl9XuJ48N/oo9i7UopHpNALd16YjNNYwIDAQAB
o1MwUTAdBgNVHQ4EFgQUDHIhGtX3WXvmjqbd67UwBfSLkP0wHwYDVR0jBBgwFoAU
DHIhGtX3WXvmjqbd67UwBfSLkP0wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0B
AQsFAAOCAQEAqqHwvZ3p9fXd+4y+m2hxvIhrNwlja++dcmCVwE0uKhUvcK8Ofkgi
RGDqj5PPnl1njVqU8fi8S/Udy600WmIg9PQuVdD08j54gSk8Vtpf/DHNThbUytjB
0eytLBLji+Dq0iD8Q5fEa7xdSCn84Os5qZBaDiykh2GyoeMu9gbikcUWFj1wKtAO
31rJAqMIRb36xfjZukDmlohvdFBH7U/YYLXhTvTytgfROI+C1GGSBBc5xWhMjY3V
nXUda2ADlw3Z0YQKm93bG9klfDKU3TiKyX7vUkpuQwyTANL9K0FBUgbUB/PLG6Zj
Pq/QC9EtKbbfiCl0/9CaCrbm2vkHsxhQRw==
-----END CERTIFICATE-----

28
jitsi/config/jitsi-meet-cfg/web/keys/cert.key Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEuwIBADANBgkqhkiG9w0BAQEFAASCBKUwggShAgEAAoIBAQDcZob7Jf48wdJB
eD7CAuCrCtJk1bBrTumz8INqzKuvWRAeB8zdQIr4VCp9T/x3RXHan8qVggcC8s8x
NSoAaw/2xrauoIRCyayfnXmYRNp2xcIHyCQFgeDlWegVw6nMGEKSm2PT08mKWTg5
oelMDC7citUeQmgSWmveual8kUw0IlGXVOd8aTyFfTqXkV/2a3VlYnOh+8RYjQs8
jc/dCN5OHyvhtvolQ4z7dswPdMC9IhG4PadrJ3Ho3iCVkhiYhogcuY+RYoLvYhhN
TXHF186JWJvSeIgKqz9iYoxFj9kKH4tk01XjysGhS2X1e4njw3+ij2LtSikek0At
3XpiM01jAgMBAAECggEAYYkD4h/5p1SU4gE/MKeKWlczLYl9hbeJ5+YfmkNSFQrC
fa+xAxbdiTDiDsu3a+bxEDGXutsslCr08w9Wc5HtoiVlUdlaPp42RPqxBWgvD9HL
YJs7Ca7k4kqL0RniSh5QU8XtgyAd+BosriCPeGaJ1HKiBr6XhMu8Ifgi36wDP6w/
5nMvuqrXA4pYaUTtVOWERctuHoibyiwLL9qVzUy0W4NqCH8F38vqXCutdNTQk+A+
epUtznF93ElcTD/uqNxUvWg7xBcqB4x/IOPnG0eRKh8Q/hccXw+dr/G6gubWhAdr
+IKE5BqJ27gxY18XJ1uJMPHZnCqOJIufJjVWbvp7vQKBgQD330t69bxs7BiqBM9h
G+se5f6wpzDBgHJlJvDMfZTcVd+uyhZPmroeuOwA5dfEMmQeJU7pAIlQymDEw1Qv
gpv+4q1lI0bmfidqJmhoHPDJcAx5UWzKI4gnz72nhg4Ep8lOB4qdJVS0zC6yOUpF
CoBXZ7GZH7LpUItnqIFq+ydWRQKBgQDjoKCXLtj3LOGp0SWwcAQOAAn0MIUXSf1A
lM0S6LpWpL5sIeEkkthAvB0bHsoFkfNfaIyYS/fkHm4r33rkM6iBjv0BD3H3oD2b
9fnkIYPZ3QV5nDfk2GabNO0RBJLvzks90c+99+gfunoKV+b6TVwh2Suyoe1uf3Fu
OJIdSMoDhwKBgQCbJgQ70aaAUwNZICuh7/SqYXGapvuokrqHv+kHRi+v/nxFDq8K
YqHO6xaltTfp0VTDXbzXsQNCM3qAjnaaSllUIBRCcuNFEH+hPKsrR7obi+vy39mF
aNoneSuPuSP7G/6vvZ6woBY2GHu+CIgJUPpmOzx5yNKWoViwqFNhYBUONQKBgAbQ
hj5Abspnk5Hr6v7vO4/XvHSNB079LhHC4qjQQtPZNsIx+XWI1+SIPS7UqyOjjO+s
R5k/nPo9VvsFQ76VNVQ7naNsfPL23yFOKd8Eidf53/IWFS5KtDetS/OYeXWobWQ6
ZcfAJjjc8k5g909DBaEVyVMduef29MRh+S3bQgD9An8Wmqqzs7YT/+lyxWf2itFj
xKIxallQb/gZNqNrSixWYYhY6w3EIcp7cEvUgG4lf+8fQJfQhH7bxlvaPcsJJ7UY
JhLT/7gWMwv3mO85hR5wgXGP/HqBGOcgsAb+MM16kHY+DUAU3G8PoOonPK4s+61t
NEy8c2SwvY1Yjst/dqU6
-----END PRIVATE KEY-----

141
jitsi/config/jitsi-meet-cfg/web/nginx/meet.conf Normal file
View File

@@ -0,0 +1,141 @@
server_name _;
charset utf8;
client_max_body_size 0;
root /usr/share/jitsi-meet;
# ssi on with javascript for multidomain variables in config.js
ssi on;
ssi_types application/x-javascript application/javascript;
index index.html index.htm;
error_page 404 /static/404.html;
# Security headers
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
set $prefix "";
# Opt out of FLoC (deprecated)
add_header Permissions-Policy "interest-cohort=()";
include /config/nginx-custom/*.conf;
location = /config.js {
alias /config/config.js;
}
location = /interface_config.js {
alias /config/interface_config.js;
}
location = /external_api.js {
alias /usr/share/jitsi-meet/libs/external_api.min.js;
}
# ensure all static content can always be found first
location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known|transcripts)/(.*)$ {
add_header 'Access-Control-Allow-Origin' '*';
alias /usr/share/jitsi-meet/$1/$2;
# cache all versioned files
if ($arg_v) {
expires 1y;
}
}
# BOSH
location = /http-bind {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host meet.jitsi;
proxy_pass http://xmpp.meet.jitsi:5280/http-bind?prefix=$prefix&$args;
}
# xmpp websockets
location = /xmpp-websocket {
tcp_nodelay on;
proxy_http_version 1.1;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host meet.jitsi;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://xmpp.meet.jitsi:5280/xmpp-websocket?prefix=$prefix&$args;
}
location ~ ^/([^/?&:'"]+)$ {
try_files $uri @root_path;
}
location @root_path {
rewrite ^/(.*)$ / break;
}
# Matches /(TENANT)/pwa-worker.js or /(TENANT)/manifest.json to rewrite to / and look for file
location ~ ^/([^/?&:'"]+)/(pwa-worker.js|manifest.json)$ {
set $subdomain "$1.";
set $subdir "$1/";
rewrite ^/([^/?&:'"]+)/(pwa-worker.js|manifest.json)$ /$2;
}
location ~ ^/([^/?&:'"]+)/config.js$ {
set $subdomain "$1.";
set $subdir "$1/";
alias /config/config.js;
}
# BOSH for subdomains
location ~ ^/([^/?&:'"]+)/http-bind {
set $subdomain "$1.";
set $subdir "$1/";
set $prefix "$1";
rewrite ^/(.*)$ /http-bind;
}
# websockets for subdomains
location ~ ^/([^/?&:'"]+)/xmpp-websocket {
set $subdomain "$1.";
set $subdir "$1/";
set $prefix "$1";
rewrite ^/(.*)$ /xmpp-websocket;
}
# Anything that didn't match above, and isn't a real file, assume it's a room name and redirect to /
location ~ ^/([^/?&:'"]+)/(.*)$ {
set $subdomain "$1.";
set $subdir "$1/";
rewrite ^/([^/?&:'"]+)/(.*)$ /$2;
}

69
jitsi/config/jitsi-meet-cfg/web/nginx/nginx.conf Normal file
View File

@@ -0,0 +1,69 @@
user www-data;
worker_processes 4;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
client_max_body_size 0;
resolver 127.0.0.11;
include /etc/nginx/mime.types;
types {
# add support for the wav MIME type that is requried to playback wav files in Firefox.
audio/wav wav;
}
default_type application/octet-stream;
##
# Logging Settings
##
access_log /dev/stdout;
error_log /dev/stderr;
##
# Gzip Settings
##
gzip on;
gzip_types text/plain text/css application/javascript application/json;
gzip_vary on;
gzip_min_length 860;
##
# Connection header for WebSocket reverse proxy
##
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
##
# Virtual Host Configs
##
include /config/nginx/site-confs/*;
}
daemon off;

24
jitsi/config/jitsi-meet-cfg/web/nginx/site-confs/default Normal file
View File

@@ -0,0 +1,24 @@
server {
listen 80 default_server;
listen [::]:80 default_server;
include /config/nginx/meet.conf;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
include /config/nginx/ssl.conf;
include /config/nginx/meet.conf;
}

25
jitsi/config/jitsi-meet-cfg/web/nginx/ssl.conf Normal file
View File

@@ -0,0 +1,25 @@
# session settings
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
# ssl certs
ssl_certificate /config/keys/cert.crt;
ssl_certificate_key /config/keys/cert.key;
# protocols
# Mozilla Guideline v5.6, nginx 1.14.2, OpenSSL 1.1.1d, intermediate configuration, no OCSP
# https://ssl-config.mozilla.org/#server=nginx&version=1.14.2&config=intermediate&openssl=1.1.1d&ocsp=false&guideline=5.6
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
# Diffie-Hellman parameter for DHE cipher suites
ssl_dhparam /defaults/ffdhe2048.txt;
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
add_header Strict-Transport-Security "max-age=63072000" always;