evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 18 Releases 32 Wiki Activity

Compare commits

base: evolix:d0c5a9ad687dfd607d2e4371951c9aed03059047
Branches Tags
evolix:stable
evolix:unstable
evolix:patroni
evolix:etcd
evolix:jitsimeet
evolix:monitoringctl
evolix:bind
evolix:peertube
evolix:wip_10691
evolix:multi-php-v2
evolix:etherpad
evolix:gitea
evolix:add-drbd-firewall-rule
evolix:backports_preferences
evolix:migrate-vm-error-handling
evolix:evofs
evolix:goto-postfix-role
evolix:lxc-php82
evolix:timesyncd
evolix:noopensshinlxc
evolix:ssh-split
evolix:rsyslog-remote
evolix:emorino/patroni-etcd
evolix:jitsimeet_docker
evolix:hedgedoc
evolix:privatebin
evolix:mattermost
evolix:p10166-mastodon
evolix:replace_include
evolix:when-not-check
evolix:fix_lxc_php56_debian10
evolix:debian12
evolix:boost-proxy
evolix:debian12-keyring
evolix:evodomains
evolix:vrrp-addresses
evolix:lxc_etc-git
evolix:lxc_etc-commit
evolix:evoacme-v2
evolix:sshd_modular_config
evolix:exclusion_images_evobackup
evolix:rotate_elasticsearch_logs
evolix:evobackup_tags_redux
evolix:log2mail-beats
evolix:T47076
evolix:kvm-guest
evolix:lpoujol/fpm-php
evolix:lxc-php-buster
evolix:simplify-evolinux-users
evolix:openvpn
evolix:newkernel
evolix:etc-git-status-script
evolix:ubuntu
evolix:nagios-sudoers
evolix:configurable-swapiness
evolix:alert5-minifirewall-restart
evolix:fail2ban_ips_tag
evolix:audit-ftpadmin
evolix:projet6062
evolix:whitelisting-changes
evolix:uvrrpd
evolix:packweb-apache-lxc
evolix:backup/jlecour/ssh-groups
evolix:nextcloud
evolix:backup/jlecour/nextcloud
evolix:evoadmin-mail
evolix:haproxy_munin
evolix:evolinux-users
evolix:ansible-log
evolix:ansible-managed
evolix:apache-fix-default-vhost
evolix:ipsec
evolix:courier
evolix:spamassassin
evolix:samba
evolix:munin-openbsd
evolix:24.03
evolix:24.02.1
evolix:24.02
evolix:23.10
evolix:23.04
evolix:23.03.1
evolix:23.03
evolix:22.12
evolix:22.09
evolix:22.07.1
evolix:22.07
evolix:22.06.3
evolix:22.06.2
evolix:22.06.1
evolix:22.06
evolix:22.05.1
evolix:22.05
evolix:22.03
evolix:22.01.3
evolix:22.01.2
evolix:22.01.1
evolix:22.01
evolix:10.6.0
evolix:10.5.1
evolix:10.5.0
evolix:10.4.0
evolix:10.3.0
evolix:10.2.0
evolix:10.1.0
evolix:10.0.0
evolix:9.10.1
evolix:9.10.0
evolix:9.9.0
evolix:9.8.0
evolix:9.7.0
evolix:9.6.0
evolix:9.5.0
evolix:9.4.2
evolix:9.4.1
evolix:9.4.0
evolix:9.3.2
evolix:9.3.1
evolix:9.3.0
evolix:9.2.0
evolix:9.1.9
evolix:9.1.8
evolix:9.1.7
evolix:9.1.6
evolix:9.1.5
evolix:9.1.4
evolix:9.1.3
evolix:9.1.2
evolix:9.1.1
evolix:9.1.0
evolix:9.0.1
evolix:9.0.0
...
compare: evolix:fc30c9b03b2cb90580e43370e722d019b115f5b5
Branches Tags
evolix:unstable
evolix:patroni
evolix:etcd
evolix:jitsimeet
evolix:monitoringctl
evolix:bind
evolix:stable
evolix:peertube
evolix:wip_10691
evolix:multi-php-v2
evolix:etherpad
evolix:gitea
evolix:add-drbd-firewall-rule
evolix:backports_preferences
evolix:migrate-vm-error-handling
evolix:evofs
evolix:goto-postfix-role
evolix:lxc-php82
evolix:timesyncd
evolix:noopensshinlxc
evolix:ssh-split
evolix:rsyslog-remote
evolix:emorino/patroni-etcd
evolix:jitsimeet_docker
evolix:hedgedoc
evolix:privatebin
evolix:mattermost
evolix:p10166-mastodon
evolix:replace_include
evolix:when-not-check
evolix:fix_lxc_php56_debian10
evolix:debian12
evolix:boost-proxy
evolix:debian12-keyring
evolix:evodomains
evolix:vrrp-addresses
evolix:lxc_etc-git
evolix:lxc_etc-commit
evolix:evoacme-v2
evolix:sshd_modular_config
evolix:exclusion_images_evobackup
evolix:rotate_elasticsearch_logs
evolix:evobackup_tags_redux
evolix:log2mail-beats
evolix:T47076
evolix:kvm-guest
evolix:lpoujol/fpm-php
evolix:lxc-php-buster
evolix:simplify-evolinux-users
evolix:openvpn
evolix:newkernel
evolix:etc-git-status-script
evolix:ubuntu
evolix:nagios-sudoers
evolix:configurable-swapiness
evolix:alert5-minifirewall-restart
evolix:fail2ban_ips_tag
evolix:audit-ftpadmin
evolix:projet6062
evolix:whitelisting-changes
evolix:uvrrpd
evolix:packweb-apache-lxc
evolix:backup/jlecour/ssh-groups
evolix:nextcloud
evolix:backup/jlecour/nextcloud
evolix:evoadmin-mail
evolix:haproxy_munin
evolix:evolinux-users
evolix:ansible-log
evolix:ansible-managed
evolix:apache-fix-default-vhost
evolix:ipsec
evolix:courier
evolix:spamassassin
evolix:samba
evolix:munin-openbsd
evolix:24.03
evolix:24.02.1
evolix:24.02
evolix:23.10
evolix:23.04
evolix:23.03.1
evolix:23.03
evolix:22.12
evolix:22.09
evolix:22.07.1
evolix:22.07
evolix:22.06.3
evolix:22.06.2
evolix:22.06.1
evolix:22.06
evolix:22.05.1
evolix:22.05
evolix:22.03
evolix:22.01.3
evolix:22.01.2
evolix:22.01.1
evolix:22.01
evolix:10.6.0
evolix:10.5.1
evolix:10.5.0
evolix:10.4.0
evolix:10.3.0
evolix:10.2.0
evolix:10.1.0
evolix:10.0.0
evolix:9.10.1
evolix:9.10.0
evolix:9.9.0
evolix:9.8.0
evolix:9.7.0
evolix:9.6.0
evolix:9.5.0
evolix:9.4.2
evolix:9.4.1
evolix:9.4.0
evolix:9.3.2
evolix:9.3.1
evolix:9.3.0
evolix:9.2.0
evolix:9.1.9
evolix:9.1.8
evolix:9.1.7
evolix:9.1.6
evolix:9.1.5
evolix:9.1.4
evolix:9.1.3
evolix:9.1.2
evolix:9.1.1
evolix:9.1.0
evolix:9.0.1
evolix:9.0.0

2 commits
d0c5a9ad68 ... fc30c9b03b

Author SHA1 Message Date
Mathieu Gauthier-Pilote fc30c9b03b Make it a variable
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend |:-:|:-:|:-:|:-:|:-: |2852|13|2839|10|:-1: Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/jitsimeet/24//ansiblelint">Evolix » ansible-roles » jitsimeet #24</a>
Details
gitea/ansible-roles/pipeline/head This commit looks good
Details
2024-02-22 16:01:13 -05:00
Mathieu Gauthier-Pilote 3edd1dc3c3 To enable colibri stats and allow external visualisation 2024-02-22 15:56:52 -05:00
4 changed files with 39 additions and 1 deletions
Show stats Expand all files Collapse all files

1
webapps/jitsimeet/defaults/main.yml
View file

@ -13,3 +13,4 @@ jitsi_meet_ssl_key_path: "/etc/ssl/private/ssl-cert-snakeoil.key"
jitsi_meet_turn_secret: "YOU_ABSOLUTELY_MUST_CHANGE_ME"
jitsi_meet_jvb_secret: "NOT_CHANGING_ME_IS_SUPER_UNCOOL"
jitsi_meet_jvb_muc_nick: "1899aaf3-3991-4770-9c8c-113906dc0a2e"
colibri_ext_port: '8443'

29
webapps/jitsimeet/templates/nginx/vhost.conf.j2
View file

@ -238,4 +238,33 @@ server {
}
}
## Pour communiquer les stats colibri à un serveur externe Grafana
server {
listen {{ colibri_ext_port }} ssl http2;
listen [::]:{{ colibri_ext_port }} ssl http2;
server_name {{ domains | first }};
# Mozilla Guideline v5.4, nginx 1.17.7, OpenSSL 1.1.1d, intermediate configuration
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:10m; # about 40000 sessions
ssl_session_tickets off;
add_header Strict-Transport-Security "max-age=63072000" always;
ssl_certificate /etc/letsencrypt/live/{{ domains | first }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ domains | first }}/privkey.pem;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
{% endif %}

8
webapps/jitsimeet/templates/videobridge/jvb.conf.j2
View file

@ -3,10 +3,18 @@ videobridge {
public {
port = 9090
}
private {
port = 8080
}
}
websockets {
enabled = true
domain = "{{ domains | first }}:443"
tls = true
}
apis {
rest {
enabled = true
}
}
}

2
webapps/jitsimeet/templates/videobridge/sip-communicator.properties.j2
View file

@ -1,7 +1,7 @@
org.ice4j.ice.harvest.DISABLE_AWS_HARVESTER=true
org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES={{ turn_domains | first }}:3478
org.jitsi.videobridge.ENABLE_STATISTICS=true
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc,colibri
org.jitsi.videobridge.xmpp.user.shard.HOSTNAME=localhost
org.jitsi.videobridge.xmpp.user.shard.DOMAIN=auth.{{ domains | first }}
org.jitsi.videobridge.xmpp.user.shard.USERNAME=jvb