modules_enabled = { "roster"; -- Allow users to have a roster. Recommended ;) "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in. "tls"; -- Add support for secure TLS on c2s/s2s connections "dialback"; -- s2s dialback support "disco"; -- Service discovery "posix"; -- POSIX functionality, sends server to background, enables syslog, etc. "version"; -- Replies to server version requests "uptime"; -- Report how long server has been running "time"; -- Let others know the time here on this server "ping"; -- Replies to XMPP pings with pongs "pep"; -- Enables users to publish their mood, activity, playing music and more -- jitsi --"smacks"; -- not shipped with prosody "carbons"; "mam"; "lastactivity"; "offline"; "pubsub"; "adhoc"; "websocket"; --"http_altconnect"; -- not shipped with prosody } modules_disabled = { "s2s" } plugin_paths = { "/usr/share/jitsi-meet/prosody-plugins/" } log = { --log less on console with warn="*console"; or err="*console" or more with debug="*console" info="*console"; } daemonize = false use_libevent = true -- domain mapper options, must at least have domain base set to use the mapper muc_mapper_domain_base = "jitsi.deuxfleurs.fr"; --@FIXME would be great to configure it --turncredentials_secret = "__turnSecret__"; --turncredentials = { -- { type = "stun", host = "jitmeet.example.com", port = "3478" }, -- { type = "turn", host = "jitmeet.example.com", port = "3478", transport = "udp" }, -- { type = "turns", host = "jitmeet.example.com", port = "5349", transport = "tcp" } --}; cross_domain_bosh = false; consider_bosh_secure = true; component_ports = { } -- it seems we don't need external components for now... https_ports = { } -- we don't need https http_ports = { {{env "NOMAD_PORT_bosh_port" }} } http_interfaces = { "0.0.0.0", "::" } c2s_ports = { {{env "NOMAD_PORT_xmpp_port" }} } -- https://ssl-config.mozilla.org/#server=haproxy&version=2.1&config=intermediate&openssl=1.1.0g&guideline=5.4 ssl = { protocol = "tlsv1_2+"; ciphers = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384" } VirtualHost "jitsi" enabled = true -- Remove this line to enable this host authentication = "anonymous" -- Properties below are modified by jitsi-meet-tokens package config -- and authentication above is switched to "token" --app_id="example_app_id" --app_secret="example_app_secret" -- Assign this host a certificate for TLS, otherwise it would use the one -- set in the global section (if any). -- Note that old-style SSL on port 5223 only supports one certificate, and will always -- use the global one. ssl = { key = "/var/lib/prosody/jitsi.key"; certificate = "/var/lib/prosody/jitsi.crt"; } speakerstats_component = "speakerstats.jitsi" conference_duration_component = "conferenceduration.jitsi" -- we need bosh modules_enabled = { "bosh"; "pubsub"; "ping"; -- Enable mod_ping "speakerstats"; --"turncredentials"; not supported yet "conference_duration"; "muc_lobby_rooms"; } c2s_require_encryption = false lobby_muc = "lobby.jitsi" main_muc = "conference.jitsi" -- muc_lobby_whitelist = { "recorder.jitmeet.example.com" } -- Here we can whitelist jibri to enter lobby enabled rooms http_host = "jitsi-bosh" Component "conference.jitsi" "muc" storage = "memory" modules_enabled = { "muc_meeting_id"; "muc_domain_mapper"; --"token_verification"; } admins = { "focus@auth.jitsi" } muc_room_locking = false muc_room_default_public_jids = true -- internal muc component Component "internal.auth.jitsi" "muc" storage = "memory" modules_enabled = { "ping"; } admins = { "focus@auth.jitsi", "jvb@auth.jitsi" } muc_room_locking = false muc_room_default_public_jids = true VirtualHost "auth.jitsi" ssl = { key = "/var/lib/prosody/auth.jitsi.key"; certificate = "/var/lib/prosody/auth.jitsi.crt"; } authentication = "internal_plain" Component "focus.jitsi" "client_proxy" target_address = "focus@auth.jitsi" Component "speakerstats.jitsi" "speakerstats_component" muc_component = "conference.jitsi" Component "conferenceduration.jitsi" "conference_duration_component" muc_component = "conference.jitsi" Component "lobby.jitsi" "muc" storage = "memory" restrict_room_creation = true muc_room_locking = false muc_room_default_public_jids = true