--- # Project source code URL: https://github.com/jitsi/docker-jitsi-meet matrix_jitsi_enabled: true matrix_jitsi_base_path: "{{ matrix_base_data_path }}/jitsi" matrix_jitsi_enable_auth: false matrix_jitsi_enable_guests: false matrix_jitsi_enable_recording: false matrix_jitsi_enable_transcriptions: false matrix_jitsi_enable_jaas_components: false matrix_jitsi_enable_p2p: true matrix_jitsi_enable_av_moderation: true matrix_jitsi_enable_breakout_rooms: true matrix_jitsi_disable_gravatar: true # Authentication type, must be one of internal, jwt, matrix or ldap. # Currently, only internal, matrix and ldap mechanisms are supported by this playbook. # matrix auth verifies against matrix openID, and requires a user-verification-service to run. matrix_jitsi_auth_type: internal # A list of Jitsi (Prosody) accounts to create using the internal authentication mechanism. # # Accounts added here and subsequently removed will not be automatically removed # from the Prosody server until user account cleaning is integrated into the playbook. # # Example: # matrix_jitsi_prosody_auth_internal_accounts: # - username: "jitsi-moderator" # password: "secret-password" # - username: "another-user" # password: "another-password" matrix_jitsi_prosody_auth_internal_accounts: [] # Configuration options for LDAP authentication. For details see upstream: # https://github.com/jitsi/docker-jitsi-meet#authentication-using-ldap. # Defaults are taken from: # https://github.com/jitsi/docker-jitsi-meet/blob/master/prosody/rootfs/defaults/saslauthd.conf matrix_jitsi_ldap_url: "" matrix_jitsi_ldap_base: "" matrix_jitsi_ldap_binddn: "" matrix_jitsi_ldap_bindpw: "" matrix_jitsi_ldap_filter: "uid=%u" matrix_jitsi_ldap_auth_method: "bind" matrix_jitsi_ldap_version: "3" matrix_jitsi_ldap_use_tls: false matrix_jitsi_ldap_tls_ciphers: "" matrix_jitsi_ldap_tls_check_peer: false matrix_jitsi_ldap_tls_cacert_file: "/etc/ssl/certs/ca-certificates.crt" matrix_jitsi_ldap_tls_cacert_dir: "/etc/ssl/certs" matrix_jitsi_ldap_start_tls: false # Auth type: matrix matrix_jitsi_prosody_auth_matrix_user_verification_repo_location: "https://github.com/matrix-org/prosody-mod-auth-matrix-user-verification" matrix_jitsi_prosody_auth_matrix_user_verification_repo_target: "{{ matrix_jitsi_prosody_ext_path }}/prosody_auth_matrix_user_verification" matrix_jitsi_prosody_auth_matrix_user_verification_repo_version: "2839499cb03894d8cfc3e5b2219441427cb133d8" # v1.8.0 matrix_jitsi_prosody_auth_matrix_uvs_sync_power_levels: true matrix_jitsi_prosody_auth_matrix_uvs_location: "{{ matrix_user_verification_service_container_url }}" # Should match domain, see https://github.com/vector-im/element-web/pull/15114/commits/0410a6b3be82a41457275e4d1ce879dea146e092 matrix_jitsi_prosody_auth_matrix_jwt_app_id: "{{ matrix_server_fqn_jitsi }}" matrix_jitsi_prosody_auth_matrix_files: - path: "mod_auth_matrix_user_verification.lua" when: true - path: "mod_matrix_power_sync.lua" when: "{{ matrix_jitsi_prosody_auth_matrix_uvs_sync_power_levels }}" # Plugged in group_vars #matrix_jitsi_prosody_auth_matrix_uvs_auth_token: matrix_jitsi_timezone: UTC matrix_jitsi_xmpp_domain: meet.jitsi matrix_jitsi_xmpp_server: xmpp.meet.jitsi matrix_jitsi_xmpp_auth_domain: auth.meet.jitsi matrix_jitsi_xmpp_bosh_url_base: http://{{ matrix_jitsi_xmpp_server }}:5280 matrix_jitsi_xmpp_guest_domain: guest.meet.jitsi matrix_jitsi_xmpp_muc_domain: muc.meet.jitsi matrix_jitsi_xmpp_internal_muc_domain: internal-muc.meet.jitsi matrix_jitsi_xmpp_modules: '' matrix_jitsi_recorder_domain: recorder.meet.jitsi matrix_jitsi_jibri_brewery_muc: jibribrewery matrix_jitsi_jibri_pending_timeout: 90 matrix_jitsi_jibri_xmpp_user: jibri matrix_jitsi_jibri_xmpp_password: '' matrix_jitsi_jibri_recorder_user: recorder matrix_jitsi_jibri_recorder_password: '' matrix_jitsi_enable_lobby: false matrix_jitsi_version: stable-8218 matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility matrix_jitsi_web_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/web:{{ matrix_jitsi_container_image_tag }}" matrix_jitsi_web_docker_image_force_pull: "{{ matrix_jitsi_web_docker_image.endswith(':latest') }}" matrix_jitsi_web_base_path: "{{ matrix_base_data_path }}/jitsi/web" matrix_jitsi_web_config_path: "{{ matrix_jitsi_web_base_path }}/config" matrix_jitsi_web_transcripts_path: "{{ matrix_jitsi_web_base_path }}/transcripts" matrix_jitsi_web_crontabs_path: "{{ matrix_jitsi_web_base_path }}/crontabs" matrix_jitsi_web_public_url: "https://{{ matrix_server_fqn_jitsi }}" # STUN servers used in the web UI. Feel free to point them to your own STUN server. # Addresses need to be prefixed with one of `stun:`, `turn:` or `turns:`. matrix_jitsi_web_stun_servers: ['stun:meet-jit-si-turnrelay.jitsi.net:443'] # Setting up TURN # Default set with Coturn container matrix_jitsi_turn_credentials: "{{ matrix_coturn_turn_static_auth_secret }}" matrix_jitsi_turn_host: "turn.{{ matrix_server_fqn_matrix }}" matrix_jitsi_turns_host: "turn.{{ matrix_server_fqn_matrix }}" matrix_jitsi_turn_port: "{{ matrix_coturn_container_stun_plain_host_bind_port }}" matrix_jitsi_turns_port: "{{ matrix_coturn_container_stun_tls_host_bind_port }}" matrix_jitsi_turn_transport: tcp # Controls whether Etherpad will be available within Jitsi matrix_jitsi_etherpad_enabled: false # Controls whether the matrix-jitsi-web container exposes its HTTP port (tcp/80 in the container). # # Takes an ":" or "" value (e.g. "127.0.0.1:13080"), or empty string to not expose. matrix_jitsi_web_container_http_host_bind_port: '' # A list of extra arguments to pass to the container matrix_jitsi_web_container_extra_arguments: [] # List of systemd services that matrix-jitsi-web.service depends on matrix_jitsi_web_systemd_required_services_list: ['docker.service'] # Custom configuration to be appended to `interface_config.js`, passed to Jitsi Web. # # Note: not to be confused with `matrix_jitsi_web_custom_config_extension`. # # For interface configuration, the flow is like this: # - a default `interface_config.js` is generated from within the docker image # - the contents of `matrix_jitsi_web_custom_interface_config_extension` is appended and can define new settings or override defaults. # # Example: # matrix_jitsi_web_custom_interface_config_extension: | # interfaceConfig.LANG_DETECTION = false; # interfaceConfig.SHOW_JITSI_WATERMARK = false; # interfaceConfig.DISABLE_VIDEO_BACKGROUND = true; matrix_jitsi_web_custom_interface_config_extension: '' # Controls after which participant audio will be muted. If not specified, defaults to Jitsi's default value (likely 10) matrix_jitsi_web_config_start_audio_muted_after_nth_participant: ~ # Controls after which participant video will be muted. If not specified, defaults to Jitsi's default value (likely 10) matrix_jitsi_web_config_start_video_muted_after_nth_participant: ~ matrix_jitsi_web_config_defaultLanguage: 'en' # noqa var-naming # Ideal and also maximum resolution width. If not specified, defaults to Jitsi's default value (likely 1280) matrix_jitsi_web_config_resolution_width_ideal_and_max: ~ # Minimum resolution width. If not specified, defaults to Jitsi's default value (likely 320) matrix_jitsi_web_config_resolution_width_min: ~ # Ideal and also maximum resolution height. If not specified, defaults to Jitsi's default value (likely 720) matrix_jitsi_web_config_resolution_height_ideal_and_max: ~ # Minimum resolution height. If not specified, defaults to Jitsi's default value (likely 180) matrix_jitsi_web_config_resolution_height_min: ~ # Custom configuration to be injected into `custom-config.js`, passed to Jitsi Web. # This configuration gets appended to the final configuration that Jitsi Web uses. # # Note: not to be confused with `matrix_jitsi_web_custom_interface_config_extension`. # # The flow is like this: # - some default configuration is automatically generated based on the environment variables passed to the Jitsi Web container # - the contents of `custom-config.js` is appended to it (see `templates/web/custom-config.js.j2`) # - said `custom-config.js` contains your custom contents specified in `matrix_jitsi_web_custom_config_extension`. # # Example: # matrix_jitsi_web_custom_config_extension: | # if (!config.hasOwnProperty('testing')) config.testing = {}; # config.testing.p2pTestMode = true matrix_jitsi_web_custom_config_extension: '' # Additional environment variables to pass to the Jitsi Web container. # You can use this to further influence the default configuration generated by the Jitsi Web container on every startup. # Besides influencing the final configuration by passing environment variables, you can also inject custom configuration # by using `matrix_jitsi_web_custom_config_extension`. # # Example: # matrix_jitsi_web_environment_variables_extension: | # ENABLE_FILE_RECORDING_SERVICE=1 # DROPBOX_APPKEY=something # DROPBOX_REDIRECT_URI=something matrix_jitsi_web_environment_variables_extension: '' matrix_jitsi_prosody_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/prosody:{{ matrix_jitsi_container_image_tag }}" matrix_jitsi_prosody_docker_image_force_pull: "{{ matrix_jitsi_prosody_docker_image.endswith(':latest') }}" matrix_jitsi_prosody_base_path: "{{ matrix_base_data_path }}/jitsi/prosody" matrix_jitsi_prosody_config_path: "{{ matrix_jitsi_prosody_base_path }}/config" matrix_jitsi_prosody_plugins_path: "{{ matrix_jitsi_prosody_base_path }}/prosody-plugins-custom" matrix_jitsi_prosody_ext_path: "{{ matrix_jitsi_prosody_base_path }}/ext" # well known is currently only needed for auth type "matrix" matrix_jitsi_require_well_known: "{{ matrix_jitsi_enable_auth | bool and matrix_jitsi_auth_type == 'matrix' }}" matrix_jitsi_wellknown_element_jitsi_json: '{"auth": "openidtoken-jwt"}' # matrix_jitsi_muc_modules: | {{ (['matrix_power_sync'] if matrix_jitsi_prosody_auth_matrix_uvs_sync_power_levels | bool else []) }} # A list of extra arguments to pass to the container matrix_jitsi_prosody_container_extra_arguments: [] # List of systemd services that matrix-jitsi-prosody.service depends on matrix_jitsi_prosody_systemd_required_services_list: ['docker.service'] # Neccessary Port binding for those disabling the integrated nginx proxy matrix_jitsi_prosody_container_http_host_bind_port: '' matrix_jitsi_prosody_container_jvb_host_bind_port: 5222 matrix_jitsi_jicofo_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/jicofo:{{ matrix_jitsi_container_image_tag }}" matrix_jitsi_jicofo_docker_image_force_pull: "{{ matrix_jitsi_jicofo_docker_image.endswith(':latest') }}" matrix_jitsi_jicofo_base_path: "{{ matrix_base_data_path }}/jitsi/jicofo" matrix_jitsi_jicofo_config_path: "{{ matrix_jitsi_jicofo_base_path }}/config" # A list of extra arguments to pass to the container matrix_jitsi_jicofo_container_extra_arguments: [] # List of systemd services that matrix-jitsi-jicofo.service depends on matrix_jitsi_jicofo_systemd_required_services_list: ['docker.service', 'matrix-jitsi-prosody.service'] matrix_jitsi_jicofo_component_secret: '' matrix_jitsi_jicofo_auth_user: focus matrix_jitsi_jicofo_auth_password: '' # To enable Sentry integration for Jicofo, specify a valid DSN connection string matrix_jitsi_jicofo_sentry_dsn: '' matrix_jitsi_jvb_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/jvb:{{ matrix_jitsi_container_image_tag }}" matrix_jitsi_jvb_docker_image_force_pull: "{{ matrix_jitsi_jvb_docker_image.endswith(':latest') }}" matrix_jitsi_jvb_base_path: "{{ matrix_base_data_path }}/jitsi/jvb" matrix_jitsi_jvb_config_path: "{{ matrix_jitsi_jvb_base_path }}/config" # A list of extra arguments to pass to the container matrix_jitsi_jvb_container_extra_arguments: [] # List of systemd services that matrix-jitsi-jvb.service depends on matrix_jitsi_jvb_systemd_required_services_list: ['docker.service'] matrix_jitsi_jvb_auth_user: jvb matrix_jitsi_jvb_auth_password: '' # To enable Sentry integration for JVB, specify a valid DSN connection string matrix_jitsi_jvb_sentry_dsn: '' # STUN servers used by JVB on the server-side, so it can discover its own external IP address. # Pointing this to a STUN server running on the same Docker network may lead to incorrect IP address discovery. matrix_jitsi_jvb_stun_servers: ['meet-jit-si-turnrelay.jitsi.net:443'] matrix_jitsi_jvb_brewery_muc: jvbbrewery matrix_jitsi_jvb_rtp_udp_port: 10000 matrix_jitsi_jvb_rtp_tcp_port: 4443 matrix_jitsi_jvb_server_id: 'jvb-1' # Custom configuration to be injected into `custom-sip-communicator.properties`, passed to Jitsi JVB. # This configuration gets appended to the final configuration that Jitsi JVB uses. # # The flow is like this: # - some default configuration is automatically generated based on the environment variables passed to the Jitsi JVB container # - the contents of `custom-sip-communicator.properties` is appended to it (see `templates/jvb/custom-sip-communicator.properties.j2`) # - said `custom-sip-communicator.properties` contains your custom contents specified in `matrix_jitsi_jvb_custom_config_extension`. # # Example: # matrix_jitsi_jvb_custom_config_extension: | # org.jitsi.videobridge.xmpp.user.shard.DISABLE_CERTIFICATE_VERIFICATION=false # org.jitsi.videobridge.ENABLE_STATISTICS=false matrix_jitsi_jvb_custom_config_extension: '' # Additional environment variables to pass to the Jitsi JVB container. # You can use this to further influence the default configuration generated by the Jitsi JVB container on every startup. # Besides influencing the final configuration by passing environment variables, you can also inject custom configuration # by using `matrix_jitsi_jvb_custom_config_extension`. # # Example: # matrix_jitsi_jvb_environment_variables_extension: | # SOME_VARIABLE=1 # ANOTHER_VARIABLE=something matrix_jitsi_jvb_environment_variables_extension: '' # Controls whether the matrix-jitsi-jvb container exposes its RTP UDP port (udp/10000 in the container). # # Takes an ":" or "" value (e.g. "127.0.0.1:10000"), or empty string to not expose. matrix_jitsi_jvb_container_rtp_udp_host_bind_port: "{{ matrix_jitsi_jvb_rtp_udp_port }}" # Controls whether the matrix-jitsi-jvb container exposes its RTP UDP port (udp/4443 in the container). # # Takes an ":" or "" value (e.g. "127.0.0.1:4443"), or empty string to not expose. matrix_jitsi_jvb_container_rtp_tcp_host_bind_port: "{{ matrix_jitsi_jvb_rtp_tcp_port }}" # Controls whether the matrix-jitsi-jvb container exposes its Colibri WebSocket port (tcp/9090 in the container). # # Takes an ":" or "" value (e.g. "127.0.0.1:12090"), or empty string to not expose. matrix_jitsi_jvb_container_colibri_ws_host_bind_port: '' # Default max participants to the empty string # # The setting requires an integer to be set for usage and allows a user to specify the max number of particpants on a conference. matrix_prosody_jitsi_max_participants: ''