2021-02-01 09:50:38 +01:00
|
|
|
jicofo {
|
|
|
|
// Authentication with external services
|
|
|
|
authentication {
|
|
|
|
enabled = false
|
|
|
|
// The type of authentication. Supported values are XMPP, JWT or SHIBBOLETH (default).
|
|
|
|
type = SHIBBOLETH
|
|
|
|
|
|
|
|
// The pattern of authentication URL. See ShibbolethAuthAuthority for more information.
|
|
|
|
# login-url =
|
|
|
|
|
|
|
|
# logout-url =
|
|
|
|
|
|
|
|
authentication-lifetime = 24 hours
|
|
|
|
enable-auto-login = true
|
|
|
|
}
|
|
|
|
// Configuration related to jitsi-videobridge
|
|
|
|
bridge {
|
|
|
|
// The maximum number of participants in a single conference to put on one bridge (use -1 for no maximum).
|
|
|
|
max-bridge-participants = -1
|
|
|
|
// The assumed maximum packet rate that a bridge can handle.
|
|
|
|
max-bridge-packet-rate = 50000
|
|
|
|
// The assumed average packet rate per participant.
|
|
|
|
average-participant-packet-rate-pps = 500
|
|
|
|
// The assumed average stress per participant.
|
|
|
|
average-participant-stress = 0.01
|
|
|
|
// The assumed time that an endpoint takes to start contributing fully to the load on a bridge. To avoid allocating
|
|
|
|
// a burst of endpoints to the same bridge, the bridge stress is adjusted by adding the number of new endpoints
|
|
|
|
// in the last [participant-rampup-time] multiplied by [average-participant-stress].
|
|
|
|
participant-rampup-interval = 20 seconds
|
|
|
|
// The stress level above which a bridge is considered overstressed.
|
|
|
|
stress-threshold = 0.8
|
|
|
|
// The amount of to wait before retrying using a failed bridge.
|
|
|
|
failure-reset-threshold = 1 minute
|
|
|
|
// The bridge selection strategy. The built-in strategies are:
|
|
|
|
// SingleBridgeSelectionStrategy: Use the least loaded bridge, do not split a conference between bridges (Octo).
|
|
|
|
// SplitBridgeSelectionStrategy: Use a separate bridge for each participant (for testing).
|
|
|
|
// RegionBasedBridgeSelectionStrategy: Attempt to put each participant in a bridge in their local region (i.e. use
|
|
|
|
// Octo for geo-location).
|
|
|
|
// IntraRegionBridgeSelectionStrategy: Use additional bridges when a bridge becomes overloaded (i.e. use Octo for
|
|
|
|
// load balancing).
|
|
|
|
//
|
|
|
|
// Additionally, you can use the fully qualified class name for custom BridgeSelectionStrategy implementations.
|
|
|
|
selection-strategy = SingleBridgeSelectionStrategy
|
|
|
|
health-checks {
|
|
|
|
// Whether jicofo should perform periodic health checks to the connected bridges.
|
|
|
|
enabled = true
|
|
|
|
// The interval at which to perform health checks.
|
|
|
|
interval = 10 seconds
|
|
|
|
// When a health checks times out, jicofo will retry and only consider it fail after the retry fails. This
|
|
|
|
// configures the delay between the original health check timing out and the second health check being sent.
|
|
|
|
// It is a duration and defaults to half the [interval].
|
|
|
|
# retry-delay = 5 seconds
|
|
|
|
}
|
|
|
|
|
|
|
|
// The JID of the MUC to be used as a brewery for bridge instances.
|
|
|
|
brewery-jid = "jvbbrewery@internal.auth.jitsi"
|
|
|
|
}
|
|
|
|
// Configure the codecs and RTP extensions to be used in the offer sent to clients.
|
|
|
|
codec {
|
|
|
|
video {
|
|
|
|
vp8 {
|
|
|
|
enabled = true
|
|
|
|
pt = 100
|
|
|
|
// Payload type for the associated RTX stream. Set to -1 to disable RTX.
|
|
|
|
rtx-pt = 96
|
|
|
|
}
|
|
|
|
vp9 {
|
|
|
|
enabled = true
|
|
|
|
pt = 101
|
|
|
|
// Payload type for the associated RTX stream. Set to -1 to disable RTX.
|
|
|
|
rtx-pt = 97
|
|
|
|
}
|
|
|
|
h264 {
|
|
|
|
enabled = true
|
|
|
|
pt = 107
|
|
|
|
// Payload type for the associated RTX stream. Set to -1 to disable RTX.
|
|
|
|
rtx-pt = 99
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
audio {
|
|
|
|
isac-16000 {
|
|
|
|
enabled = true
|
|
|
|
pt = 103
|
|
|
|
}
|
|
|
|
isac-32000 {
|
|
|
|
enabled = true
|
|
|
|
pt = 104
|
|
|
|
}
|
|
|
|
opus {
|
|
|
|
enabled = true
|
|
|
|
pt = 111
|
|
|
|
minptime = 10
|
|
|
|
use-inband-fec = true
|
|
|
|
red {
|
|
|
|
enabled = false
|
|
|
|
pt = 112
|
|
|
|
}
|
|
|
|
}
|
|
|
|
telephone-event {
|
|
|
|
enabled = true
|
|
|
|
pt = 126
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// RTP header extensions
|
|
|
|
rtp-extensions {
|
|
|
|
audio-level {
|
|
|
|
enabled = true
|
|
|
|
id = 1
|
|
|
|
}
|
|
|
|
tof {
|
|
|
|
// TOF is currently disabled, because we don't support it in the bridge
|
|
|
|
// (and currently clients seem to not use it when abs-send-time is
|
|
|
|
// available).
|
|
|
|
enabled = false
|
|
|
|
id = 2
|
|
|
|
}
|
|
|
|
abs-send-time {
|
|
|
|
enabled = true
|
|
|
|
id = 3
|
|
|
|
}
|
|
|
|
rid {
|
|
|
|
enabled = false
|
|
|
|
id = 4
|
|
|
|
}
|
|
|
|
tcc {
|
|
|
|
enabled = true
|
|
|
|
id = 5
|
|
|
|
}
|
|
|
|
video-content-type {
|
|
|
|
enabled = false
|
|
|
|
id = 7
|
|
|
|
}
|
|
|
|
framemarking {
|
|
|
|
enabled = false
|
|
|
|
id = 9
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
conference {
|
|
|
|
// Whether to automatically grant the 'owner' role to the first participant in the conference (and subsequently to
|
|
|
|
// the next in line when the current owner leaves).
|
|
|
|
enable-auto-owner = true
|
|
|
|
|
|
|
|
// How long to wait for the initial participant in a conference.
|
|
|
|
initial-timeout = 15 seconds
|
|
|
|
|
|
|
|
// Whether jicofo should inject a random SSRC for endpoints which don't advertise any SSRCs. This is a temporary
|
|
|
|
// workaround for an issue with signaling endpoints for Octo.
|
|
|
|
inject-ssrc-for-recv-only-endpoints = false
|
|
|
|
|
|
|
|
max-ssrcs-per-user = 20
|
|
|
|
|
|
|
|
// How long a participant's media session will be kept alive once it remains the only participant in the room.
|
|
|
|
single-participant-timeout = 20 seconds
|
|
|
|
|
|
|
|
// The minimum number of participants required for the conference to be started.
|
|
|
|
min-participants = 2
|
|
|
|
|
|
|
|
// Experimental.
|
|
|
|
enable-lip-sync = false
|
|
|
|
|
|
|
|
shared-document {
|
|
|
|
// If `true` the shared document uses a random name. Otherwise, it uses the conference name.
|
|
|
|
use-random-name = false
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Configuration for the internal health checks performed by jicofo.
|
|
|
|
health {
|
|
|
|
// Whether to perform health checks.
|
|
|
|
enabled = false
|
|
|
|
|
|
|
|
// The interval between health checks. If set to 0, periodic health checks will not be performed.
|
|
|
|
interval = 10 seconds
|
|
|
|
|
|
|
|
# The timeout for a health check
|
|
|
|
timeout = 30 seconds
|
|
|
|
|
|
|
|
# If performing a health check takes longer than this, it is considered unsuccessful.
|
|
|
|
max-check-duration = 20 seconds
|
|
|
|
|
|
|
|
# The prefix to use when creating MUC rooms for the purpose of health checks.
|
|
|
|
room-name-prefix = "__jicofo-health-check"
|
|
|
|
}
|
|
|
|
|
|
|
|
jibri {
|
|
|
|
// The JID of the MUC to be used as a brewery for jibri instances for streaming.
|
|
|
|
# brewery-jid = "jibribrewery@example.com"
|
|
|
|
|
|
|
|
// How many times to retry a given Jibri request before giving up. Set to -1 to allow infinite retries.
|
|
|
|
num-retries = 5
|
|
|
|
|
|
|
|
// How long to wait for Jibri to start recording from the time it accepts a START request.
|
|
|
|
pending-timeout = 90 seconds
|
|
|
|
}
|
|
|
|
|
|
|
|
jibri-sip {
|
|
|
|
// The JID of the MUC to be used as a brewery for jibri instances for SIP.
|
|
|
|
# brewery-jid = "jibrisipbrewery@example.com"
|
|
|
|
}
|
|
|
|
|
|
|
|
jigasi {
|
|
|
|
// The JID of the MUC to be used as a brewery for jigasi instances.
|
|
|
|
# brewery-jid = "jigasibrewery@example.com"
|
|
|
|
}
|
|
|
|
|
|
|
|
// The region in which the machine is running.
|
|
|
|
#local-region="us-east-1"
|
|
|
|
|
|
|
|
octo {
|
|
|
|
// Whether or not to use Octo. Note that when enabled, its use will be determined by
|
|
|
|
// $jicofo.bridge.selection-strategy.
|
|
|
|
enabled = false
|
|
|
|
|
|
|
|
// An identifier of the Jicofo instance, used for the purpose of generating conference IDs unique across a set of
|
|
|
|
// Jicofo instances. Valid values are [1, 65535]. The value 0 is used when none is explicitly configured.
|
|
|
|
id = 1
|
|
|
|
}
|
|
|
|
|
|
|
|
rest {
|
|
|
|
port = 8888
|
|
|
|
tls-port = 8843
|
|
|
|
}
|
|
|
|
|
|
|
|
sctp {
|
|
|
|
// Whether to allocate SCTP channels on the bridge (only when the client advertises support, and SCTP is
|
|
|
|
// enabled in the per-conference configuration).
|
|
|
|
enabled = true
|
|
|
|
}
|
|
|
|
|
|
|
|
task-pools {
|
|
|
|
shared-pool-max-threads = 1500
|
|
|
|
}
|
|
|
|
|
|
|
|
xmpp {
|
|
|
|
// The separate XMPP connection used for communication with clients (endpoints).
|
|
|
|
client {
|
|
|
|
enabled = true
|
|
|
|
hostname = "{{ env "NOMAD_IP_xmpp_port" }}"
|
|
|
|
port = {{ env "NOMAD_PORT_xmpp_port" }}
|
|
|
|
domain = "auth.jitsi"
|
|
|
|
username = "focus"
|
2021-02-01 10:29:13 +01:00
|
|
|
password = {{ key "secrets/jitsi/jicofo_pass" | trimSpace }}
|
2021-02-01 09:50:38 +01:00
|
|
|
|
|
|
|
// How long to wait for a response to a stanza before giving up.
|
|
|
|
reply-timeout = 15 seconds
|
|
|
|
|
|
|
|
// The JID/domain of the MUC service used for conferencing.
|
|
|
|
conference-muc-jid = conference.jitsi
|
|
|
|
|
|
|
|
// A flag to suppress the TLS certificate verification.
|
|
|
|
disable-certificate-verification = false
|
|
|
|
}
|
|
|
|
// The separate XMPP connection used for internal services (currently only jitsi-videobridge).
|
|
|
|
service {
|
|
|
|
enabled = false
|
|
|
|
hostname = "jitsi-xmpp"
|
|
|
|
port = 5222
|
|
|
|
domain = "auth.jitsi"
|
|
|
|
username = "focus"
|
|
|
|
password = "jicofopass"
|
|
|
|
|
|
|
|
// How long to wait for a response to a stanza before giving up.
|
|
|
|
reply-timeout = 15 seconds
|
|
|
|
|
|
|
|
// A flag to suppress the TLS certificate verification.
|
|
|
|
disable-certificate-verification = false
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|