diff --git a/defaults/main.yml b/defaults/main.yml index 4c4bea9..bbc459b 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,7 +1,6 @@ --- # defaults file for jitsi docker_user: deploy -jitsi_image_version: stable-8960-1 #jitsi_letsencrypt_email:alice@host.tld jitsi_enable_letsencrypt: no jitsi_exposed_http_port: 8000 @@ -9,20 +8,9 @@ jitsi_exposed_https_port: 8443 jitsi_virtual_host: localhost jitsi_public_url: http://{{ jitsi_virtual_host }} jitsi_timezone: Europe/Amsterdam +jitsi_jvb_stun_servers: meet-jit-si-turnrelay.jitsi.net:443 jitsi_web_channel_last_n: 3 jitsi_build_latest_image_from_source: yes jitsi_docker_upstream_repo_url: https://github.com/jitsi/docker-jitsi-meet.git jitsi_enable_third_party_requests: no -jitsi_jvb_advertise_ips: "{{ jitsi_docker_host_address }}" - -jitsi_jvb_stun_servers: meet-jit-si-turnrelay.jitsi.net:443 -jitsi_jvb_port: 10000 -jitsi_jvb_tcp_port: 4443 -jitsi_jvb_tcp_mapped_port: 4443 - - -# jitsi_turn_credentials: -# jitsi_turn_host: -jitsi_turn_port: 3478 -# jitsi_turns_host: -jitsi_turns_port: 5349 \ No newline at end of file +jitsi_jvb_advertise_ips: "{{ jitsi_docker_host_address }}" \ No newline at end of file diff --git a/tasks/main.yml b/tasks/main.yml index 4cb9289..df582f2 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -81,6 +81,21 @@ that: - "output.services['web']['jitsi_web_1'].state.running" +- name: "Test whether Jitsi is healthy from the outside" + when: not ansible_check_mode + become: false + uri: + url: https://{{ jitsi_virtual_host }} + return_content: yes + timeout: 300 + validate_certs: no + register: url_check + delegate_to: localhost + until: "'Jitsi Meet' in url_check.content" + retries: 5 + delay: 10 + tags: health + - name: "Config: Set channelLastN" lineinfile: path: /home/{{ docker_user }}/jitsi/conf/web/config.js @@ -98,17 +113,3 @@ when: jitsi_enable_third_party_requests == False tags: config -- name: "Test whether Jitsi is healthy from the outside" - when: not ansible_check_mode - become: false - uri: - url: "{{ jitsi_public_url }}" - return_content: yes - timeout: 300 - validate_certs: no - register: url_check - delegate_to: localhost - until: "'<title>Jitsi Meet' in url_check.content" - retries: 5 - delay: 10 - tags: health diff --git a/templates/docker-compose.jitsi.yml.j2 b/templates/docker-compose.jitsi.yml.j2 index e63e39e..a6ce02c 100644 --- a/templates/docker-compose.jitsi.yml.j2 +++ b/templates/docker-compose.jitsi.yml.j2 @@ -3,7 +3,7 @@ version: '3.5' services: # Frontend web: - image: jitsi/web:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/web:${JITSI_IMAGE_VERSION:-stable-7830} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${HTTP_PORT}:80' @@ -17,13 +17,11 @@ services: - ANALYTICS_SCRIPT_URLS - ANALYTICS_WHITELISTED_EVENTS - AUDIO_QUALITY_OPUS_BITRATE - - AUTO_CAPTION_ON_RECORD - BRANDING_DATA_URL - CALLSTATS_CUSTOM_SCRIPT_URL - CALLSTATS_ID - CALLSTATS_SECRET - CHROME_EXTENSION_BANNER_JSON - - COLIBRI_WEBSOCKET_PORT - CONFCODE_URL - CONFIG_EXTERNAL_CONNECT - DEFAULT_LANGUAGE @@ -48,7 +46,6 @@ services: - DISABLE_PROFILE - DISABLE_REACTIONS - DISABLE_REMOTE_VIDEO_MENU - - DISABLE_START_FOR_ALL - DROPBOX_APPKEY - DROPBOX_REDIRECT_URI - DYNAMIC_BRANDING_URL @@ -74,10 +71,6 @@ services: - ENABLE_WELCOME_PAGE - ENABLE_CLOSE_PAGE - ENABLE_LIVESTREAMING - - ENABLE_LIVESTREAMING_DATA_PRIVACY_LINK - - ENABLE_LIVESTREAMING_HELP_LINK - - ENABLE_LIVESTREAMING_TERMS_LINK - - ENABLE_LIVESTREAMING_VALIDATOR_REGEXP_STRING - ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT - ENABLE_LOCAL_RECORDING_SELF_START - ENABLE_RECORDING @@ -93,6 +86,7 @@ services: - ENABLE_TRANSCRIPTIONS - ENABLE_XMPP_WEBSOCKET - ENABLE_JAAS_COMPONENTS + - ENABLE_MULTI_STREAM - ETHERPAD_PUBLIC_URL - ETHERPAD_URL_BASE - E2EPING_NUM_REQUESTS @@ -104,6 +98,10 @@ services: - HIDE_PREJOIN_DISPLAY_NAME - HIDE_PREJOIN_EXTRA_BUTTONS - INVITE_SERVICE_URL + - JICOFO_AUTH_USER + - LETSENCRYPT_DOMAIN + - LETSENCRYPT_EMAIL + - LETSENCRYPT_USE_STAGING - MATOMO_ENDPOINT - MATOMO_SITE_ID - MICROSOFT_API_APP_CLIENT_ID @@ -111,7 +109,6 @@ services: - NGINX_WORKER_PROCESSES - NGINX_WORKER_CONNECTIONS - PEOPLE_SEARCH_URL - - PREFERRED_LANGUAGE - PUBLIC_URL - P2P_PREFERRED_CODEC - RESOLUTION @@ -129,10 +126,7 @@ services: - TESTING_OCTO_PROBABILITY - TOKEN_AUTH_URL - TOOLBAR_BUTTONS - - TRANSLATION_LANGUAGES - - TRANSLATION_LANGUAGES_HEAD - TZ - - USE_APP_LANGUAGE - VIDEOQUALITY_BITRATE_H264_LOW - VIDEOQUALITY_BITRATE_H264_STANDARD - VIDEOQUALITY_BITRATE_H264_HIGH @@ -151,8 +145,6 @@ services: - XMPP_MUC_DOMAIN - XMPP_RECORDER_DOMAIN - XMPP_PORT - - WHITEBOARD_ENABLED - - WHITEBOARD_COLLAB_SERVER_PUBLIC_URL labels: traefik.enable: true traefik.docker.network: traefik_public @@ -173,10 +165,12 @@ services: networks: public: meet.jitsi: + aliases: + - ${XMPP_DOMAIN} # XMPP server prosody: - image: jitsi/prosody:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/prosody:${JITSI_IMAGE_VERSION:-stable-7830} restart: ${RESTART_POLICY:-unless-stopped} expose: - '${XMPP_PORT:-5222}' @@ -210,6 +204,7 @@ services: - JIBRI_RECORDER_PASSWORD - JIBRI_XMPP_USER - JIBRI_XMPP_PASSWORD + - JICOFO_AUTH_USER - JICOFO_AUTH_PASSWORD - JICOFO_COMPONENT_SECRET - JIGASI_XMPP_USER @@ -244,22 +239,14 @@ services: - LDAP_URL - LDAP_USE_TLS - MAX_PARTICIPANTS - - PROSODY_AUTH_TYPE - PROSODY_RESERVATION_ENABLED - PROSODY_RESERVATION_REST_BASE_URL - - PROSODY_ENABLE_RATE_LIMITS - - PROSODY_RATE_LIMIT_LOGIN_RATE - - PROSODY_RATE_LIMIT_SESSION_RATE - - PROSODY_RATE_LIMIT_TIMEOUT - - PROSODY_RATE_LIMIT_ALLOW_RANGES - - PROSODY_RATE_LIMIT_CACHE_SIZE - PUBLIC_URL - TURN_CREDENTIALS - TURN_HOST - TURNS_HOST - TURN_PORT - TURNS_PORT - - TURN_TRANSPORT - TZ - XMPP_DOMAIN - XMPP_AUTH_DOMAIN @@ -279,10 +266,8 @@ services: # Focus component jicofo: - image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable-7830} restart: ${RESTART_POLICY:-unless-stopped} - ports: - - '127.0.0.1:${JICOFO_REST_PORT:-8888}:8888' volumes: - ${CONFIG}/jicofo:/config:Z environment: @@ -294,40 +279,23 @@ services: - ENABLE_CODEC_VP8 - ENABLE_CODEC_VP9 - ENABLE_CODEC_H264 - - ENABLE_CODEC_OPUS_RED - - ENABLE_JVB_XMPP_SERVER - ENABLE_OCTO - ENABLE_RECORDING - ENABLE_SCTP - ENABLE_AUTO_LOGIN - - JICOFO_AUTH_LIFETIME + - JICOFO_AUTH_USER - JICOFO_AUTH_PASSWORD - - JICOFO_AUTH_TYPE - - JICOFO_BRIDGE_REGION_GROUPS - - JICOFO_ENABLE_AUTH - JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS - JICOFO_CONF_INITIAL_PARTICIPANT_WAIT_TIMEOUT - JICOFO_CONF_SINGLE_PARTICIPANT_TIMEOUT - - JICOFO_CONF_SOURCE_SIGNALING_DELAYS - - JICOFO_CONF_MAX_AUDIO_SENDERS - - JICOFO_CONF_MAX_VIDEO_SENDERS - - JICOFO_CONF_STRIP_SIMULCAST - - JICOFO_CONF_SSRC_REWRITING - JICOFO_ENABLE_HEALTH_CHECKS - - JICOFO_ENABLE_REST - - JICOFO_HEALTH_CHECKS_USE_PRESENCE - - JICOFO_MULTI_STREAM_BACKWARD_COMPAT - - JICOFO_OCTO_REGION + - JICOFO_SHORT_ID - JIBRI_BREWERY_MUC - JIBRI_REQUEST_RETRIES - JIBRI_PENDING_TIMEOUT - JIGASI_BREWERY_MUC - JIGASI_SIP_URI - JVB_BREWERY_MUC - - JVB_XMPP_AUTH_DOMAIN - - JVB_XMPP_INTERNAL_MUC_DOMAIN - - JVB_XMPP_PORT - - JVB_XMPP_SERVER - MAX_BRIDGE_PARTICIPANTS - OCTO_BRIDGE_SELECTION_STRATEGY - SENTRY_DSN="${JICOFO_SENTRY_DSN:-0}" @@ -348,19 +316,18 @@ services: # Video bridge jvb: - image: jitsi/jvb:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/jvb:${JITSI_IMAGE_VERSION:-stable-7830} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp' - - '${JVB_TCP_MAPPED_PORT:-4443}:${JVB_TCP_PORT:-4443}' - '127.0.0.1:${JVB_COLIBRI_PORT:-8080}:8080' volumes: - ${CONFIG}/jvb:/config:Z environment: - DOCKER_HOST_ADDRESS - ENABLE_COLIBRI_WEBSOCKET - - ENABLE_JVB_XMPP_SERVER - ENABLE_OCTO + - ENABLE_MULTI_STREAM - JVB_ADVERTISE_IPS - JVB_ADVERTISE_PRIVATE_CANDIDATES - JVB_AUTH_USER @@ -375,10 +342,6 @@ services: - JVB_OCTO_RELAY_ID - JVB_WS_DOMAIN - JVB_WS_SERVER_ID - - JVB_XMPP_AUTH_DOMAIN - - JVB_XMPP_INTERNAL_MUC_DOMAIN - - JVB_XMPP_PORT - - JVB_XMPP_SERVER - PUBLIC_URL - SENTRY_DSN="${JVB_SENTRY_DSN:-0}" - SENTRY_ENVIRONMENT diff --git a/templates/env.jitsi.j2 b/templates/env.jitsi.j2 index 0f30bf2..b0a2292 100644 --- a/templates/env.jitsi.j2 +++ b/templates/env.jitsi.j2 @@ -39,35 +39,16 @@ DOCKER_HOST_ADDRESS={{ jitsi_docker_host_address }} # This setting deprecates DOCKER_HOST_ADDRESS, and supports a comma separated list of IPs # See the "Running behind NAT or on a LAN environment" section in the Handbook: # https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-docker#running-behind-nat-or-on-a-lan-environment -JVB_ADVERTISE_IPS={{ jitsi_jvb_advertise_ips }} +#JVB_ADVERTISE_IPS={{ jitsi_jvb_advertise_ips }} JVB_STUN_SERVERS={{ jitsi_jvb_stun_servers }} -# Media port for the Jitsi Videobridge -JVB_PORT={{ jitsi_jvb_port }} - -# TCP Fallback for Jitsi Videobridge for when UDP isn't available -JVB_TCP_HARVESTER_DISABLED=true -JVB_TCP_PORT={{ jitsi_jvb_tcp_port }} -JVB_TCP_MAPPED_PORT={{ jitsi_jvb_tcp_mapped_port }} - -# A comma separated list of APIs to enable when the JVB is started [default: none] -# See https://github.com/jitsi/jitsi-videobridge/blob/master/doc/rest.md for more information -JVB_ENABLE_APIS=rest,colibri - -TURN_CREDENTIALS={{ jitsi_turn_credentials }} -TURNS_HOST={{ jitsi_turns_host }} -TURNS_PORT={{ jitsi_turns_port }} -TURN_HOST={{ jitsi_turn_host }} -TURN_PORT={{ jitsi_turn_port }} - # # JaaS Components (beta) # https://jaas.8x8.vc # # Enable JaaS Components (hosted Jigasi) -# NOTE: if Let's Encrypt is enabled a JaaS account will be automatically created, using the provided email in LETSENCRYPT_EMAIL #ENABLE_JAAS_COMPONENTS=0 {% if jitsi_enable_letsencrypt %} @@ -240,7 +221,4 @@ JIBRI_XMPP_PASSWORD={{ jitsi_jibri_xmpp_password }} RESTART_POLICY=unless-stopped # Jitsi image version (useful for local development) -JITSI_IMAGE_VERSION={{ jitsi_image_version }} - -# https://github.com/jitsi/docker-jitsi-meet/issues/1566#issuecomment-1609404560 -JVB_DISABLE_STUN=true \ No newline at end of file +#JITSI_IMAGE_VERSION=latest