Compare commits
2 commits
d0c5a9ad68
...
fc30c9b03b
Author | SHA1 | Date | |
---|---|---|---|
fc30c9b03b | |||
3edd1dc3c3 |
|
@ -13,3 +13,4 @@ jitsi_meet_ssl_key_path: "/etc/ssl/private/ssl-cert-snakeoil.key"
|
|||
jitsi_meet_turn_secret: "YOU_ABSOLUTELY_MUST_CHANGE_ME"
|
||||
jitsi_meet_jvb_secret: "NOT_CHANGING_ME_IS_SUPER_UNCOOL"
|
||||
jitsi_meet_jvb_muc_nick: "1899aaf3-3991-4770-9c8c-113906dc0a2e"
|
||||
colibri_ext_port: '8443'
|
||||
|
|
|
@ -238,4 +238,33 @@ server {
|
|||
}
|
||||
}
|
||||
|
||||
## Pour communiquer les stats colibri à un serveur externe Grafana
|
||||
server {
|
||||
listen {{ colibri_ext_port }} ssl http2;
|
||||
listen [::]:{{ colibri_ext_port }} ssl http2;
|
||||
|
||||
server_name {{ domains | first }};
|
||||
|
||||
# Mozilla Guideline v5.4, nginx 1.17.7, OpenSSL 1.1.1d, intermediate configuration
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
|
||||
ssl_prefer_server_ciphers off;
|
||||
|
||||
ssl_session_timeout 1d;
|
||||
ssl_session_cache shared:SSL:10m; # about 40000 sessions
|
||||
ssl_session_tickets off;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/{{ domains | first }}/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/{{ domains | first }}/privkey.pem;
|
||||
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:8080;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
}
|
||||
}
|
||||
|
||||
{% endif %}
|
||||
|
|
|
@ -3,10 +3,18 @@ videobridge {
|
|||
public {
|
||||
port = 9090
|
||||
}
|
||||
private {
|
||||
port = 8080
|
||||
}
|
||||
}
|
||||
websockets {
|
||||
enabled = true
|
||||
domain = "{{ domains | first }}:443"
|
||||
tls = true
|
||||
}
|
||||
apis {
|
||||
rest {
|
||||
enabled = true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
org.ice4j.ice.harvest.DISABLE_AWS_HARVESTER=true
|
||||
org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES={{ turn_domains | first }}:3478
|
||||
org.jitsi.videobridge.ENABLE_STATISTICS=true
|
||||
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc
|
||||
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc,colibri
|
||||
org.jitsi.videobridge.xmpp.user.shard.HOSTNAME=localhost
|
||||
org.jitsi.videobridge.xmpp.user.shard.DOMAIN=auth.{{ domains | first }}
|
||||
org.jitsi.videobridge.xmpp.user.shard.USERNAME=jvb
|
||||
|
|
Loading…
Reference in a new issue