Commit Graph

44 Commits

Author SHA1 Message Date
Frank de Lange 29c16e42bd
Move STUN/TURN to IANA-assigned ports - 3478 and 5349 (TLS) (#6172)
* Move STUN/TURN to IANA-assigned ports - 3478 and 5349 (TLS)

* Change remaining references to TURNS port from 4445 to 5349

* Change back TURNS to 443
2020-07-07 08:14:28 -05:00
Saúl Ibarra Corretgé 2f841fab73 turn: update default coturn configuration 2020-07-03 17:36:04 +02:00
Дамян Минков 78b01d2c97
Adding whitelist and move away from using custom field for password. (#6621)
* Adding whitelist and move away from using custom field for password.

We re-use room lock for lobby password.

* Make sure we do not run muc-occupant-pre-join for non members only rooms.

* Destroying lobby room, when main room is destroyed or membersonly is disabled.

* Adds destroy reason.

* Clears lobby room instance on destroy.

Fixes problem with on/off/on of lobby feature.

* Add lobby room jid only when members only is on.

* Sends main room jid on lobby destroy.

We can use that in client loggic to auto-join lobby participants to main room as lobby is disabled while waiting.

* fix: Fixes using is_healthcheck_room.

* squash: Enables lobby rooms feature by default.

* chore(deps): Update lib-jitsi-meet, to enable lobby rooms.
2020-05-27 18:01:41 -05:00
Jonathan Lennox 393fb692ca Make TLS configs in Debian sample files follow Mozilla security guidelines. 2020-05-20 12:03:41 -05:00
crouchingtigerhiddenadam 591ea0a44a
doc: quick install guide updates
* optional fix for https port 5284 error

https://community.jitsi.org/t/no-certificate-present-in-ssl-tls-configuration-for-https-port-5284/47836/7

* usage of sudo and systemctl made more consistent

* jigasi download url changed to stable

Jigasi download url changed. Is this required in addition to apt install jigasi as part of the quick install guide?

* wget/dpkg removed from jagasi instructions
2020-05-12 16:32:37 +02:00
Дамян Минков ffdd4f2eed
debian: updates around coturn package and order of install (#5729)
* debian: Update coturn udp port to non-privileged one.

* debian: Turnserver config requires jitsi-meet-web-config files.

* doc: Updates doc, removing `--no-install-recommends`.

* debian: Moves checks and configs to default to prosody 0.11.

* debian: Disable room locking on internal muc.

* add scripts for deploying coturn with certbot

* turnserver: Removes unused variable showing error.

* debian: updates let's encrypt and coturn scripts.

* debian: Detect failure to retrieve external ip address.

* debian: Always configure turn when the turnserver package is installed.

Co-authored-by: Julien Fastré <julien.fastre@champs-libres.coop>
2020-04-08 13:06:49 -05:00
Paul Menzel 0b0a19ea5c doc/debian/jitsi-meet-turn: Correct file name to `README` 2020-04-08 10:59:30 -05:00
Russell Graves b10aa422ca
Add gzip to nginx server config. (#5700)
* Add gzip and expiration to nginx server config.

* Add application/json to gzip_types line to cover translations.

* Add gzip_vary for content caches, remove expires section.

Per discussion, expiration seems likely to cause more confusion than it solves.  Add gzip_vary to prevent content caches from caching un-compressed versions of the content and confusing browsers.
2020-04-07 09:42:27 -05:00
Damian Goeldi 47cffeb00a add missing IPv6 listener to nginx jitsi module 2020-04-06 21:27:40 -05:00
Dara Poon 0e16008085
Use regexes to match ALPN protocols (#5651)
nginx presents the client's list of ALPN protocols as
$ssl_preread_alpn_protocols, a comma-separated string.  Use regular
expressions to match each item in the list, rather than the exact value
of the entire list at once.
2020-04-05 09:23:43 -05:00
damencho 6e4c1f64d8 debian: Adds syslog logging. 2020-04-01 15:18:49 -05:00
damencho 06641a7dd6 This is to prevent item-not-found when multiple users try to join at the same time.
This is to prevent item-not-found when multiple users try to join while jicofo is still configuring the room. Credits @paweldomas
2020-03-31 09:36:30 +02:00
Giorgio Bonfiglio 5d8d0b9a01 fix broken ipv6 listener 2020-03-17 22:31:56 +00:00
paweldomas 74a5eb2d81 add websocket templates to nginx example config 2020-01-24 15:21:10 -06:00
damencho 91fb4665d6 Fixes conference duration config to use valid IDNA. 2020-01-14 12:16:39 +00:00
theunafraid c2cf09a2ca Add conference timer (#4958) 2020-01-13 17:12:25 +00:00
Дамян Минков c73ba37202
Introduces installing coturn as turn server for jitsi-meet (#4959)
* Adds package that can configure using turnserver for jitsi-meet.

Activates http2 on the nginx host and uses the alpn send with the web requests to multiplex traffic to be served as web of proxied to the turn server.
It needs nginx at least v1.13.10.
Adds turncredentials module from Philipp Hancke, with small modification (all int values for hosts need to be strings/tostring()) in order to be able to use the module with prosody 0.11.

* Moves loading of stream after loading stream module (50-..).

* Leaves DISABLE_TCP_HARVESTER to be handled by jvb.

* Fixes comments.

* Properly detect first time coturn install and configure it.

* Handles upgrading from jetty serving web.

* Does not create jvb user if already exists.

* Fixes let's encrypt and adds turnserver handling.

* Enables use of turn server in config.js if available.

* Adds a check whether prosody config exists.

There are cases where deployments can still have configured prosody in the main prosody config in /etc/prosody.
2020-01-09 16:51:27 +00:00
damencho d9282f873c Migrate to using mucs for jvb. 2020-01-08 11:18:36 +00:00
damencho 2420a68be9 Enables speakerstats component and module by default. 2019-12-10 10:55:56 +01:00
damencho ebfc5a95ff Activates multidomain by default when installing with nginx. 2019-12-10 10:55:56 +01:00
damencho db6a2673de Handles unique Id for a meeting. 2019-11-26 10:37:19 +00:00
damencho e11d4d3101 Installs prosody plugins with jitsi-meet-prosody package. 2019-11-26 10:37:19 +00:00
damencho 1fd326f980 Fixes nginx match rule, containing wrong chars.
Also adds a missing '/'.
2019-11-15 14:10:55 +00:00
damencho f46387a226 Adds room name validation logic for web. 2019-10-16 17:52:24 +01:00
damencho 2180d33e3d Adds alias for external_api.js in all default web config. 2019-04-23 20:31:53 +00:00
damencho 9fb49cb59b Updates default config, avoids storing muc data on prosody restart. 2017-05-16 16:04:26 -05:00
cmrd Senya 71da05dc96 Explicitly set c2s_require_encryption to false
Jitsi Meet doesn't seem to work with c2s_require_encryption set to true.
c2s_require_encryption is false by default. However it is possible that
in some Prosody configurations it is overriden by a global config to be
true. In that case Jitsi Meet might not work out-of-box. So let's set it
explicitly to be sure it is correct.
2017-04-16 21:19:47 +03:00
damencho 1d7da21e48 Moves all static content/files in a new folder.
Also clears debian package from including *.js files from source roote folder, files which were not used.
2017-03-20 16:05:11 -05:00
damencho e51f791ab0 Configures to use apache when this is the available web server. 2016-11-29 23:11:15 -06:00
damencho 8da0d3a1f1 Removes dependencies to other components.
Now the web app can be installed separately from jicofo and jitsi-videobridge, or can be installed on machine running nginx or apache. Currently only nginx will be configured and apache config is left to user. Later we can add and the apache config. Renames jitsi-meet to jitsi-meet-web (just the web content) and jitsi-meet-web-config (configuring jetty, nginx or apache). A new jitsi-meet package will be introduced, a meta package depending on jicofo, jvb and the current packages.
2016-11-28 13:13:08 -06:00
Дамян Минков dd4a5f2705 Adds 404 error page in default configs. 2016-10-26 09:21:15 -05:00
hristoterezov 02f176c75a Changes the implementation of the iframe API to use postis 2016-06-17 15:35:40 -05:00
paweldomas 9d60af1a9d New JWT token impl that does not require token verification in Jicofo and uses anonymous authentication method(token goes as BOSH query param). Adds 'allow_empty_token" config option. 2015-12-22 19:51:43 +01:00
paweldomas ca89b59638 Fixes for jitsi-meet-tokens Debian package. 2015-11-03 11:11:54 -06:00
paweldomas 531b81cce3 Adds Prosody plugin for token authentication. 2015-11-02 15:28:18 -06:00
damencho 14fe5d09d1 Adds ssl stronger settings to default nginx config. 2015-10-26 12:47:34 -05:00
damencho 8a22060aa8 Enables ping module when configuring prosody. 2015-08-27 16:03:46 -05:00
Damian Minkov 4db75446f3 Do not edit /etc/nginx/nginx.conf file directly. 2015-03-05 17:52:05 +02:00
Damian Minkov 8334036cf4 Moves admins definition as it seems on some distributions after latest lua updates, causes trouble for prosody. 2015-02-12 15:39:56 +02:00
paweldomas ed78c0053c Makes it possible to append URL parameters after room name. Adds ?login=true to enforce authenticated domain when anonymous domain is used. This allows to get moderator permissions after room has been created. 2015-01-16 13:22:02 +01:00
paweldomas f749bed1dd Adds jicofo debian package integration. 2014-12-02 20:11:54 +01:00
Damian Minkov 75586431a4 Moves config.js in /etc/jitsi/meet. 2014-10-23 11:14:54 +03:00
Damian Minkov ee324cf41f Adds prosody config to conf.avail and enable it in conf.d so we don't wipe prosody config on installing meet. 2014-10-23 11:14:53 +03:00
Damian Minkov 2df001c125 Removes usr/share/doc/ from debian folder. 2014-10-20 11:40:54 +03:00