npm - @drumee/setup-infra - Versions diffs - 1.0.15 → 1.0.16 - Mend

@drumee/setup-infra 1.0.15 → 1.0.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (74) hide show

package/templates/etc/jitsi/web/config.private.js.tpl ADDED Viewed

@@ -0,0 +1,208 @@
+// Jitsi Meet configuration.
+var config = {};
+if (!config.hasOwnProperty('hosts')) config.hosts = {};
+config.hosts.domain = '<%= jitsi_private_domain %>';
+config.focusUserJid = 'focus@auth.<%= jitsi_private_domain %>';
+var subdir = '<!--# echo var="subdir" default="" -->';
+var subdomain = "<!--# echo var="subdomain" default="" -->";
+if (subdir.startsWith('<!--')) {
+    subdir = '';
+}
+if (subdomain) {
+    subdomain = subdomain.substring(0,subdomain.length-1).split('.').join('_').toLowerCase() + '.';
+}
+config.hosts.muc = 'muc.' + subdomain + '<%= jitsi_private_domain %>';
+config.bosh = '/http-bind';
+config.websocket = 'wss://<%= jitsi_private_domain %>:<%= public_https_port %>/' + subdir + 'xmpp-websocket';
+// Video configuration.
+//
+if (!config.hasOwnProperty('constraints')) config.constraints = {};
+if (!config.constraints.hasOwnProperty('video')) config.constraints.video = {};
+config.resolution = 720;
+config.constraints.video.height = { ideal: 720, max: 720, min: 180 };
+config.constraints.video.width = { ideal: 1280, max: 1280, min: 320};
+config.disableSimulcast = false;
+config.startVideoMuted = 10;
+config.startWithVideoMuted = false;
+if (!config.hasOwnProperty('flags')) config.flags = {};
+config.flags.sourceNameSignaling = true;
+config.flags.sendMultipleVideoStreams = true;
+config.flags.receiveMultipleVideoStreams = true;
+// ScreenShare Configuration.
+//
+config.desktopSharingFrameRate = { min: 5, max: 5 };
+// Audio configuration.
+//
+config.enableNoAudioDetection = true;
+config.enableTalkWhileMuted = false;
+config.disableAP = false;
+if (!config.hasOwnProperty('audioQuality')) config.audioQuality = {};
+config.audioQuality.stereo = false;
+config.startAudioOnly = false;
+config.startAudioMuted = 10;
+config.startWithAudioMuted = false;
+config.startSilent = false;
+config.enableOpusRed = false;
+config.disableAudioLevels = false;
+config.enableNoisyMicDetection = true;
+// Peer-to-Peer options.
+//
+if (!config.hasOwnProperty('p2p')) config.p2p = {};
+config.p2p.enabled = true;
+// Breakout Rooms
+//
+config.hideAddRoomButton = false;
+// Etherpad
+//
+// Recording.
+//
+// Local recording configuration.
+if (!config.hasOwnProperty('localRecording')) config.localRecording = {};
+config.localRecording.disable = false;
+config.localRecording.notifyAllParticipants = false;
+config.localRecording.disableSelfRecording = false;
+// Analytics.
+//
+if (!config.hasOwnProperty('analytics')) config.analytics = {};
+// Enables callstatsUsername to be reported as statsId and used
+// by callstats as repoted remote id.
+config.enableStatsID = false;
+// Dial in/out services.
+//
+// Calendar service integration.
+//
+config.enableCalendarIntegration = false;
+// Invitation service.
+//
+// Miscellaneous.
+//
+// Prejoin page.
+if (!config.hasOwnProperty('prejoinConfig')) config.prejoinConfig = {};
+config.prejoinConfig.enabled = true;
+// Hides the participant name editing field in the prejoin screen.
+config.prejoinConfig.hideDisplayName = false;
+// List of buttons to hide from the extra join options dropdown on prejoin screen.
+// Welcome page.
+config.enableWelcomePage = true;
+// Close page.
+config.enableClosePage = false;
+// Default language.
+// Require users to always specify a display name.
+config.requireDisplayName = false;
+// Chrome extension banner.
+// Disables profile and the edit of all fields from the profile settings (display name and email)
+config.disableProfile = false;
+// Room password (false for anything, number for max digits)
+config.roomPasswordNumberOfDigits = false;
+// Advanced.
+//
+// Lipsync hack in jicofo, may not be safe.
+config.enableLipSync = false;
+config.enableRemb = true;
+config.enableTcc = true;
+// Enable IPv6 support.
+config.useIPv6 = true;
+// Transcriptions (subtitles and buttons can be configured in interface_config)
+config.transcription = { enabled: false };
+config.transcription.translationLanguages = [];
+config.transcription.translationLanguagesHead = ['en'];
+config.transcription.useAppLanguage = true;
+config.transcription.preferredLanguage = 'en-US';
+config.transcription.disableStartForAll = false;
+config.transcription.autoCaptionOnRecord = false;
+// Deployment information.
+//
+if (!config.hasOwnProperty('deploymentInfo')) config.deploymentInfo = {};
+// Testing
+//
+if (!config.hasOwnProperty('testing')) config.testing = {};
+if (!config.testing.hasOwnProperty('octo')) config.testing.octo = {};
+config.testing.capScreenshareBitrate = 1;
+config.testing.octo.probability = 0;
+// Deep Linking
+config.disableDeepLinking = false;
+// P2P preferred codec
+// Enable preferred video Codec
+if (!config.hasOwnProperty('videoQuality')) config.videoQuality = {};
+config.videoQuality.enforcePreferredCodec = false;
+if (!config.videoQuality.hasOwnProperty('maxBitratesVideo')) config.videoQuality.maxBitratesVideo = null;
+// Reactions
+config.disableReactions = false;
+// Polls
+config.disablePolls = false;
+// Configure toolbar buttons
+// Hides the buttons at pre-join screen
+// Configure remote participant video menu
+if (!config.hasOwnProperty('remoteVideoMenu')) config.remoteVideoMenu = {};
+config.remoteVideoMenu.disabled = false;
+config.remoteVideoMenu.disableKick = false;
+config.remoteVideoMenu.disableGrantModerator = false;
+config.remoteVideoMenu.disablePrivateChat = false;
+// Configure e2eping
+if (!config.hasOwnProperty('e2eping')) config.e2eping = {};
+config.e2eping.enabled = false;
+// Settings for the Excalidraw whiteboard integration.
+if (!config.hasOwnProperty('whiteboard')) config.whiteboard = {};
+config.whiteboard.enabled = false;
+config.whiteboard.collabServerBaseUrl = '';

package/templates/etc/jitsi/web/{config.js.tpl → config.public.js.tpl} RENAMED Viewed

@@ -3,8 +3,8 @@ var config = {};
 if (!config.hasOwnProperty('hosts')) config.hosts = {};
-config.hosts.domain = '<%= jitsi_domain %>';
-config.focusUserJid = 'focus@auth.<%= jitsi_domain %>';
+config.hosts.domain = '<%= jitsi_public_domain %>';
+config.focusUserJid = 'focus@auth.<%= jitsi_public_domain %>';
 var subdir = '<!--# echo var="subdir" default="" -->';
 var subdomain = "<!--# echo var="subdomain" default="" -->";
@@ -14,10 +14,10 @@ if (subdir.startsWith('<!--')) {
 if (subdomain) {
     subdomain = subdomain.substring(0,subdomain.length-1).split('.').join('_').toLowerCase() + '.';
 }
-config.hosts.muc = 'muc.' + subdomain + '<%= jitsi_domain %>';
+config.hosts.muc = 'muc.' + subdomain + '<%= jitsi_public_domain %>';
 config.bosh = '/http-bind';
-config.websocket = 'wss://<%= jitsi_domain %>:443/' + subdir + 'xmpp-websocket';
+config.websocket = 'wss://<%= jitsi_public_domain %>:<%= public_https_port %>/' + subdir + 'xmpp-websocket';
 // Video configuration.
 //

package/templates/etc/jitsi/web/defaults/default CHANGED Viewed

@@ -14,10 +14,10 @@ server {
 {{ if not (.Env.DISABLE_HTTPS | default "0" | toBool) }}
 server {
-	listen 443 ssl http2;
+	listen <%= public_https_port %> ssl http2;
 	{{ if .Env.ENABLE_IPV6 | default "1" | toBool }}
-	listen [::]:443 ssl http2;
+	listen [::]:<%= public_https_port %> ssl http2;
 	{{ end }}
 	include /config/nginx/ssl.conf;

package/templates/etc/jitsi/web/defaults/meet.conf CHANGED Viewed

@@ -13,7 +13,7 @@ charset utf8;
 client_max_body_size 0;
-root /usr/share/jitsi-meet;
+root <%= jitsi_root_dir %>;
 # ssi on with javascript for multidomain variables in config.js
 ssi on;
@@ -44,7 +44,7 @@ location = /interface_config.js {
 }
 location = /external_api.js {
-    alias /usr/share/jitsi-meet/libs/external_api.min.js;
+    alias <%= jitsi_root_dir %>/libs/external_api.min.js;
 }
 {{ if $ENABLE_JAAS_COMPONENTS }}
@@ -59,7 +59,7 @@ location = /_api/room-info {
 # ensure all static content can always be found first
 location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)$ {
     add_header 'Access-Control-Allow-Origin' '*';
-    alias /usr/share/jitsi-meet/$1/$2;
+    alias <%= jitsi_root_dir %>/$1/$2;
     # cache all versioned files
     if ($arg_v) {

package/templates/etc/mysql/mariadb.conf.d/50-server.cnf CHANGED Viewed

@@ -52,7 +52,7 @@ bind-address            = 127.0.0.1
 # Both location gets rotated by the cronjob.
 # Be aware that this log type is a performance killer.
 # Recommend only changing this at runtime for short testing periods if needed!
-#general_log_file       = /var/log/mysql/mysql.log
+#general_log_file       = <%= db_dir %>/log/mysql.log
 #general_log            = 1
 # When running under systemd, error logging goes via stdout/stderr to journald
@@ -60,6 +60,7 @@ bind-address            = 127.0.0.1
 # /etc/mysql/conf.d/mariadb.conf.d/50-mysqld_safe.cnf
 # Enable this if you want to have error logging into a separate file
 log_error = /var/log/mysql/error.log
 # Enable the slow query log to see queries with especially long duration
 #log_slow_query_file    = /var/log/mysql/mariadb-slow.log
 #log_slow_query_time    = 10
@@ -71,7 +72,7 @@ log_error = /var/log/mysql/error.log
 # note: if you are setting up a replication slave, see README.Debian about
 #       other settings you may need to change.
 #server-id              = 1
-#log_bin                = /var/log/mysql/mysql-bin.log
+#log_bin                = <%= db_dir %>/log/mysql-bin.log
 expire_logs_days        = 10
 #max_binlog_size        = 100M
@@ -92,7 +93,6 @@ expire_logs_days        = 10
 # MySQL/MariaDB default is Latin1, but in Debian we rather default to the full
 # utf8 4-byte character set. See also client.cnf
-character-set-client-handshake = FALSE
 character-set-server  = utf8mb4
 collation-server      = utf8mb4_general_ci

package/templates/etc/nginx/modules-enabled/{90-turn-relay.conf → 90-turn-relay.private.conf.tpl} RENAMED Viewed

@@ -1,20 +1,20 @@
 stream {
     map $ssl_preread_server_name $name {
-        <%= jitsi_domain %> web_backend;
-        turn-jitsi.<%= jitsi_domain %> turn_backend;
+        turn.<%= jitsi_private_domain %> web_backend;
+        turn-jitsi.<%= jitsi_private_domain %> turn_backend;
     }
     upstream web_backend {
-        server 127.0.0.1:4444;
+        server 127.0.0.1:3478;
     }
     upstream turn_backend {
-        server <%= public_ip4 %>:5349;
+        server <%= private_ip4 %>:5349;
     }
     server {
-        listen 443;
-        listen [::]:443;
+        listen <%= public_https_port %> udp;
+        listen [::]:<%= public_https_port %> udp;
         # since 1.11.5
         ssl_preread on;

package/templates/etc/nginx/modules-enabled/{90-turn-relay.conf.tpl → 90-turn-relay.public.conf.tpl} RENAMED Viewed

@@ -1,7 +1,7 @@
 stream {
     map $ssl_preread_server_name $name {
-        turn.<%= jitsi_domain %> web_backend;
-        turn-jitsi.<%= jitsi_domain %> turn_backend;
+        turn.<%= jitsi_public_domain %> web_backend;
+        turn-jitsi.<%= jitsi_public_domain %> turn_backend;
     }
     upstream web_backend {
@@ -13,8 +13,8 @@ stream {
     }
     server {
-        listen 443 udp;
-        listen [::]:443 udp;
+        listen <%= public_https_port %> udp;
+        listen [::]:<%= public_https_port %> udp;
         # since 1.11.5
         ssl_preread on;

package/templates/etc/nginx/nginx.conf CHANGED Viewed

@@ -1,5 +1,5 @@
-user <%= system_user %>;
+user www-data;
 worker_processes 4;
 pid /run/nginx.pid;
 include /etc/nginx/modules-enabled/*.conf;
@@ -59,6 +59,8 @@ http {
 	# Virtual Host Configs
 	##
 	include /etc/nginx/sites-enabled/*.conf;
+	disable_symlinks <%= disable_symlinks %>;
 }

package/templates/etc/nginx/sites-enabled/{public.conf.tpl → 01-public.conf.tpl} RENAMED Viewed

@@ -10,16 +10,16 @@
 proxy_cache_path <%= cache_dir %>/<%= public_domain %> levels=1:2 keys_zone=<%= public_domain %>_keys_zone:10m max_size=10g inactive=60m;
 server {
-	listen <%= http_port %>;
-	listen [::]:<%= http_port %>;
+	listen <%= public_http_port %>;
+	listen [::]:<%= public_http_port %>;
 	server_name <%= public_domain %>;
 	location / {
 		return  301 https://$host$request_uri;
 	}
 }
 server {
-	listen <%= https_port %> ssl;
-	listen [::]:<%= https_port %> ssl;
+	listen <%= public_https_port %> ssl;
+	listen [::]:<%= public_https_port %> ssl;
 	#
 	root <%= server_dir %>;
 	server_name <%= public_domain %>;
@@ -31,10 +31,10 @@ server {
 	set $prefix "";
-	include /etc/drumee/ssl/main.conf;
+	include /etc/drumee/ssl/public.conf;
 	include /etc/drumee/infrastructure/routes/*.conf;
-	include /etc/drumee/infrastructure/internals/*.conf;
-	include /etc/drumee/infrastructure/mfs.conf;
+	include /etc/drumee/infrastructure/internals/accel.public.conf;
+	include /etc/drumee/infrastructure/mfs.public.conf;
 }

package/templates/etc/nginx/sites-enabled/{private.conf.tpl → 02-private.conf.tpl} RENAMED Viewed

@@ -10,16 +10,16 @@
 proxy_cache_path <%= cache_dir %>/<%= private_domain %> levels=1:2 keys_zone=<%= private_domain %>_keys_zone:10m max_size=10g inactive=60m;
 server {
-	listen <%= http_port %>;
-	listen [::]:<%= http_port %>;
+	listen <%= public_http_port %>;
+	listen [::]:<%= public_http_port %>;
 	server_name <%= private_domain %>;
 	location / {
 		return  301 https://$host$request_uri;
 	}
 }
 server {
-	listen <%= https_port %> ssl;
-	listen [::]:<%= https_port %> ssl;
+	listen <%= public_https_port %> ssl;
+	listen [::]:<%= public_https_port %> ssl;
 	#
 	root <%= server_dir %>;
 	server_name <%= private_domain %>;
@@ -33,8 +33,8 @@ server {
 	include /etc/drumee/ssl/private.conf;
 	include /etc/drumee/infrastructure/routes/*.conf;
-	include /etc/drumee/infrastructure/internals/*.conf;
-	include /etc/drumee/infrastructure/mfs.conf;
+	include /etc/drumee/infrastructure/internals/accel.private.conf;
+	include /etc/drumee/infrastructure/mfs.private.conf;
 }

package/templates/etc/nginx/sites-enabled/{jitsi.conf.tpl → 20-jitsi.private.conf.tpl} RENAMED Viewed

@@ -12,17 +12,17 @@ map $http_upgrade $connection_upgrade {
 }
 server {
-	listen <%= http_port %> default_server;
-	listen [::]:<%= http_port %> default_server;
-    server_name *.<%= jitsi_domain %>;
-	include /etc/jitsi/meet.conf;
+	listen <%= public_http_port %> default_server;
+	listen [::]:<%= public_http_port %> default_server;
+    server_name *.<%= jitsi_private_domain %>;
+	include /etc/jitsi/meet.private.conf;
 }
 server {
-	listen <%= https_port %> ssl http2;
-	listen [::]:<%= https_port %> ssl http2;
-	server_name <%= jitsi_domain %>;
-	include /etc/jitsi/ssl.conf;
-	include /etc/jitsi/meet.conf;
+	listen <%= public_https_port %> ssl http2;
+	listen [::]:<%= public_https_port %> ssl http2;
+	server_name <%= jitsi_private_domain %>;
+	include /etc/jitsi/ssl.private.conf;
+	include /etc/jitsi/meet.private.conf;
 }

package/templates/etc/nginx/sites-enabled/{pivate.jitsi.conf.tpl → 20-jitsi.public.conf.tpl} RENAMED Viewed

@@ -12,17 +12,17 @@ map $http_upgrade $connection_upgrade {
 }
 server {
-	listen <%= http_port %> default_server;
-	listen [::]:<%= http_port %> default_server;
-    server_name *.<%= jitsi_domain %>;
-	include /etc/jitsi/meet.conf;
+	listen <%= public_http_port %> default_server;
+	listen [::]:<%= public_http_port %> default_server;
+    server_name *.<%= jitsi_public_domain %>;
+	include /etc/jitsi/meet.public.conf;
 }
 server {
-	listen <%= https_port %> ssl;
-	listen [::]:<%= https_port %> ssl;
-	server_name <%= jitsi_domain %>;
-	include /etc/jitsi/ssl.conf;
-	include /etc/jitsi/meet.conf;
+	listen <%= public_https_port %> ssl http2;
+	listen [::]:<%= public_https_port %> ssl http2;
+	server_name <%= jitsi_public_domain %>;
+	include /etc/jitsi/ssl.public.conf;
+	include /etc/jitsi/meet.public.conf;
 }

package/templates/etc/nginx/sites-enabled/{localhost.conf → loopback.tpl} RENAMED Viewed

@@ -3,18 +3,19 @@
 # !!!!!!! DO NOT EDIT !!!!!!!!
 # Config file automatically generated by <setup-infra>
 # Purpose     : Provide Nginx config to a specific server
-# Server name : localhost
+# Server name : loopback
 # Date        : <%= date %>
 # -------------------------------------------------------------
-proxy_cache_path <%= drumee_root %>/cache/localhost levels=1:2 keys_zone=localhost_keys_zone:10m max_size=10g inactive=60m;
+proxy_cache_path <%= cache_dir %>/loopback levels=1:2 keys_zone=loopback_keys_zone:10m max_size=10g inactive=60m;
 server {
-	listen <%= http_port %>;
-	listen [::]:<%= http_port %>;
-	server_name localhost;
+	listen 127.0.0.1:<%= public_http_port %>;
+	server_name _;
 	#
-	root <%= drumee_root %>/runtime/server;
-	client_max_body_size 10G;
+	root <%= server_dir %>;
+	server_name _;
+	client_max_body_size <%= max_body_size %>;
 	# Security headers
 	add_header X-Content-Type-Options nosniff;
@@ -22,10 +23,10 @@ server {
 	set $prefix "";
+	include /etc/drumee/ssl/main.conf;
 	include /etc/drumee/infrastructure/routes/*.conf;
-	include /etc/drumee/infrastructure/internals/accel.conf;
+	include /etc/drumee/infrastructure/internals/*.conf;
 	include /etc/drumee/infrastructure/mfs.conf;
 }

package/templates/etc/nginx/sites-enabled/turnrelay.conf.tpl CHANGED Viewed

@@ -1,9 +1,9 @@
 server {
     listen 4444 ssl;
     listen [::]:4444 ssl;
-    server_name turn.<%= jitsi_domain %>;
-    ssl_certificate_key <%= certs_dir %>/<%= jitsi_domain %>_ecc/<%= jitsi_domain %>.key;
-    ssl_certificate <%= certs_dir %>/<%= jitsi_domain %>_ecc/fullchain.cer;
-    ssl_trusted_certificate <%= certs_dir %>/<%= jitsi_domain %>_ecc/ca.cer;
+    server_name turn.<%= jitsi_public_domain %>;
+    ssl_certificate_key <%= certs_dir %>/<%= jitsi_public_domain %>_ecc/<%= jitsi_public_domain %>.key;
+    ssl_certificate <%= certs_dir %>/<%= jitsi_public_domain %>_ecc/fullchain.cer;
+    ssl_trusted_certificate <%= certs_dir %>/<%= jitsi_public_domain %>_ecc/ca.cer;
 }