From 81f81beb106a49651d2765cf37c623e48b22e688 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Samuel=20Tr=C3=A9gou=C3=ABt?= Date: Wed, 28 Apr 2021 15:43:34 +0000 Subject: [PATCH] Jibri installation et configuration --- group_vars/all/vault | 66 ++++---- host_vars/jibri2.komuniki.fr.yml | 5 + host_vars/jitsi2.komuniki.fr.yml | 4 + inventory_staging | 3 +- playbook_staging.yml | 9 +- .../files/chrome-extension-cookie/README.md | 31 ++++ .../chrome-extension-cookie/managed.json | 15 ++ .../chrome-extension-cookie/manifest.json | 18 +++ .../files/chrome-extension-cookie/schema.json | 16 ++ roles/jibri-install/handlers/main.yml | 12 ++ .../tasks/install-chromedriver.yml | 25 +++ .../tasks/install-googlechrome.yml | 29 ++++ roles/jibri-install/tasks/install-jibri.yml | 61 +++++++ roles/jibri-install/tasks/main.yml | 5 + roles/jibri-install/tasks/pre-install.yml | 5 + .../chrome-extension-background.js.j2 | 41 +++++ roles/jibri-install/templates/jibri.conf | 152 ++++++++++++++++++ roles/jitsi-enable-jibri/handlers/main.yml | 18 +++ roles/jitsi-enable-jibri/tasks/main.yml | 52 ++++++ 19 files changed, 533 insertions(+), 34 deletions(-) create mode 100644 host_vars/jibri2.komuniki.fr.yml create mode 100644 host_vars/jitsi2.komuniki.fr.yml create mode 100644 roles/jibri-install/files/chrome-extension-cookie/README.md create mode 100644 roles/jibri-install/files/chrome-extension-cookie/managed.json create mode 100644 roles/jibri-install/files/chrome-extension-cookie/manifest.json create mode 100644 roles/jibri-install/files/chrome-extension-cookie/schema.json create mode 100644 roles/jibri-install/handlers/main.yml create mode 100644 roles/jibri-install/tasks/install-chromedriver.yml create mode 100644 roles/jibri-install/tasks/install-googlechrome.yml create mode 100644 roles/jibri-install/tasks/install-jibri.yml create mode 100644 roles/jibri-install/tasks/main.yml create mode 100644 roles/jibri-install/tasks/pre-install.yml create mode 100644 roles/jibri-install/templates/chrome-extension-background.js.j2 create mode 100644 roles/jibri-install/templates/jibri.conf create mode 100644 roles/jitsi-enable-jibri/handlers/main.yml create mode 100644 roles/jitsi-enable-jibri/tasks/main.yml diff --git a/group_vars/all/vault b/group_vars/all/vault index ebd51d1..2da7788 100644 --- a/group_vars/all/vault +++ b/group_vars/all/vault @@ -1,33 +1,35 @@ $ANSIBLE_VAULT;1.1;AES256 -66376665636436366538646536616266356136383562326135313565616137343661633066633838 -3766383364643637316661393762333639333335373835650a306239363535346436363930376665 -39643865613032386563323262313934353634633432333837613933663766303661363664333132 -3230326235373636380a663264376161616235636638383764343265373866323437393033633535 -66356235643963353265336633643438393136613630313339623764666339653934336631363664 -61623965396537326562326436346132613061326164353263376161313736323334373263623539 -64633136366632623138313066633664663739393236303862313236613333353730646462646433 -37393137313336313835343935633137663336373363663964353630353231643530336536326666 -63373833316337396166643465663966333037373863663533326133613830366631653561376631 -31386362343330313131366534613732396162343864623436646163613339383038303562353138 -37313334343363646639623161373339626365383034613432383335353261306130356465363066 -61626535306139393639643066653930646532336530653563393034353665366136363335353731 -65386439613331396339343630303031313565626264393532393739373531656436616634636630 -32376531323562653835396334306634623830336136313864653535323337346161363363376430 -34356133653631303138303337383238333835356238373261336465356538326439333537666533 -64383832353065383463643632343064663734613239613135663564343333373331623663326235 -62666362383962623833376331323930366361306132376131633066323935643763366336333036 -38323765383137663832613838353131353161336239656633373565333564316164376331393663 -62333565313531373539663932653530333663653431393333663436643363663433343266663064 -63373930343430393261343138363963663065393634663734636565616331343364666331313432 -66613931383765383766623662353831353538313932396332343030326137336438646432666534 -38626533386666373961363838636639323230316632626635323266626139313462386638343137 -36663864626166383861633765343432373539333237303364656338616233383934336365623132 -38623637383366643063616339636633653538303663303364366436396562323835386433383534 -34653132303465356464643966303032646331653162373130333730616439336438333930623236 -37393036636237306165626563643165346461303861396165333937313030653933643630336163 -38353533626531383239336539633238333139633034353437356234626565343863656634623734 -64366636633938663165666530386634363637396535656232363039383936623065303033643166 -32393631656362373566633230393436313138396430383130643339633432363765373539313230 -34393236346332366462623466383463626432613931653961643730643330666662333838366466 -36353439363565653436616236353830633763353236353331623333306239653835393034343237 -33393937303630616136 +33366637616337386438303331383830636131393062366539323333356531656638633362646633 +3836666230323933653534363330386531373964633261350a386164336165666539313433333233 +36363636633263303965396664393136323637323130646135366462623261656161333830666338 +3564353666616561390a663636663162313564666264336661376636643532643833386263383731 +66383564626134613365306262336337656430386263366633633134383730643163356138316664 +61663136633864396237306261346430316635643736346234353133653561373566383638623966 +31336333346138303564643866663563326237653134323834663633643330666263653232366665 +34313537373038363734353766346639636462313962323034623430306465623539396332643130 +62613030303234623865653832313662663764373432393366643262363136333662393439363730 +30343535366331323864653066323333393938366166343463626132636431353663386534633936 +39613163353236613133646464396337363637346336303231343766353134623036333333326337 +33333766656465353638326461613431316236653039376363613536363937666364623166663531 +36316533356464363530323666653436666331393634623539636130323237316663396239396564 +39396236653636643764643636383332336262303234353730376638366236396630666163663266 +35646662643236333630363566613436363737653461363839343131633632616230333737663535 +31353638666233376433303338316465323737353538623530636366353963633663333333346364 +66396562613337343034383137373838306636316334666239663964613134363962353138386663 +37313561386662383066633734653439333035653765393135353663623535656330343963323462 +61623837393131636466346364333734343064643838363836326562613731623730333030373431 +39633435366666333236323430353138663363383064343565316132353561353763326334376237 +66303963316632386464633865613339333133333939356665353165623762333565353837306631 +30393763366231613738386233636439663937393138363338373565613630666234343463353532 +36356531383737656164653935376331666261343239383462333966316335323531386365613138 +30353939366164633730363161393766623638303633396132333339396164666335343836376638 +32323066323631363436346339353838373866613837613666303264613535316134643661313165 +63643039356631376432316563613130376539623638343864303738393132353331623330663235 +66363032646233336566653233336133616561393831386162396631663930626430323766326137 +31643766666538396266626464313036666638326233313065393163393230653135313730633339 +64363338346564316461393963633363306365363034653037653766653930626564393433376536 +33613665346334643361613163623536336138393037333135636664323235326563363761663037 +35396666386433613063313639336239623637623263613762643835356261326236663338376564 +35613633303430333736333531616436656537323335636434316231336633633262343964663261 +37656438393831333730363761316334353265313239343030396534643066323665373862643832 +3862343563316335313338313532643466643330633164383265 diff --git a/host_vars/jibri2.komuniki.fr.yml b/host_vars/jibri2.komuniki.fr.yml new file mode 100644 index 0000000..66be16f --- /dev/null +++ b/host_vars/jibri2.komuniki.fr.yml @@ -0,0 +1,5 @@ +--- +jibri_user: "jibri1" +jibri_password: "{{ vault_jibri1_komuniki }}" +jitsi_server_host: "jitsi2.komuniki.fr" +jitsi_cookie_enabled: true \ No newline at end of file diff --git a/host_vars/jitsi2.komuniki.fr.yml b/host_vars/jitsi2.komuniki.fr.yml new file mode 100644 index 0000000..6e96b61 --- /dev/null +++ b/host_vars/jitsi2.komuniki.fr.yml @@ -0,0 +1,4 @@ +--- +jibri_users: + - user: "jibri1" + password: "{{ vault_jibri1_komuniki }}" \ No newline at end of file diff --git a/inventory_staging b/inventory_staging index 5dd4891..4f65d58 100644 --- a/inventory_staging +++ b/inventory_staging @@ -1,2 +1,3 @@ pp.jitsi.komuniki.fr -jitsi2.komuniki.fr ansible_user=root \ No newline at end of file +jitsi2.komuniki.fr ansible_user=root +jibri2.komuniki.fr ansible_user=root \ No newline at end of file diff --git a/playbook_staging.yml b/playbook_staging.yml index 881a0ae..9fcb467 100644 --- a/playbook_staging.yml +++ b/playbook_staging.yml @@ -8,5 +8,12 @@ - role: jitsi-enable-specific-komuniki - role: jitsi-enable-fr-ln - role: jitsi-enable-calendar + - role: jitsi-enable-jibri tags: - - ppkomki \ No newline at end of file + - ppkomki + +- hosts: jibri2.komuniki.fr + roles: + - role: jibri-install + tags: + - jibri2 \ No newline at end of file diff --git a/roles/jibri-install/files/chrome-extension-cookie/README.md b/roles/jibri-install/files/chrome-extension-cookie/README.md new file mode 100644 index 0000000..5259dba --- /dev/null +++ b/roles/jibri-install/files/chrome-extension-cookie/README.md @@ -0,0 +1,31 @@ +# extension chrome + +cette extension permet de forcer le positionnement de cookie + +il faut d'abord forcer l'installation de cette extension voir la documentation +sur [chromium](http://dev.chromium.org/administrators/policy-list-3#ExtensionInstallForcelist) + + +Puis il faut configurer l'extension via le fichier /etc/chromium/policies/managed/content.json +pour chromium (ou /etc/opt/chrome/policies/managed/managed_policies.json pour chrome) avec le contenu suivant: + +```json +{ + "3rdparty": { + "extensions": { + "gkaeknlffijmeakpmmeigddgjhiidhof": { + "forcedCookies": [ + { + "name": "rgpd", + "value": "nothing", + "domain": "visio.imio.be" + } + ] + } + } + } +} +``` + + +voir la documentation [ici](http://dev.chromium.org/administrators/configuring-policy-for-extensions) diff --git a/roles/jibri-install/files/chrome-extension-cookie/managed.json b/roles/jibri-install/files/chrome-extension-cookie/managed.json new file mode 100644 index 0000000..6ad11c2 --- /dev/null +++ b/roles/jibri-install/files/chrome-extension-cookie/managed.json @@ -0,0 +1,15 @@ +{ + "3rdparty": { + "extensions": { + "gkaeknlffijmeakpmmeigddgjhiidhof": { + "forcedCookies": [ + { + "domain": "toto", + "name": "toto name", + "value": "toto value" + } + ] + } + } + } +} diff --git a/roles/jibri-install/files/chrome-extension-cookie/manifest.json b/roles/jibri-install/files/chrome-extension-cookie/manifest.json new file mode 100644 index 0000000..94e0f9e --- /dev/null +++ b/roles/jibri-install/files/chrome-extension-cookie/manifest.json @@ -0,0 +1,18 @@ +{ + "name": "Force cookie extension", + "version": "1.0.0", + "description": "Will set cookie for particular domain", + "background": { + "scripts": ["background.js"], + "persistent": false + }, + "storage": { + "managed_schema": "schema.json" + }, + "permissions": [ + "storage", + "cookies", + "\u003Call_urls\u003E" + ], + "manifest_version": 2 +} diff --git a/roles/jibri-install/files/chrome-extension-cookie/schema.json b/roles/jibri-install/files/chrome-extension-cookie/schema.json new file mode 100644 index 0000000..e4d170a --- /dev/null +++ b/roles/jibri-install/files/chrome-extension-cookie/schema.json @@ -0,0 +1,16 @@ +{ + "type": "object", + "properties": { + "forcedCookies": { + "type": "array", + "items": { + "type": "object", + "properties": { + "domain": { "type": "string" }, + "name": { "type": "string" }, + "value": { "type": "string" } + } + } + } + } +} diff --git a/roles/jibri-install/handlers/main.yml b/roles/jibri-install/handlers/main.yml new file mode 100644 index 0000000..ce8b36f --- /dev/null +++ b/roles/jibri-install/handlers/main.yml @@ -0,0 +1,12 @@ +--- +- name: restart jibri + systemd: + name: jibri + state: restarted + enabled: true + +- name: restart jibri-xorg + systemd: + name: jibri-xorg + state: restarted + enabled: true diff --git a/roles/jibri-install/tasks/install-chromedriver.yml b/roles/jibri-install/tasks/install-chromedriver.yml new file mode 100644 index 0000000..80c80ea --- /dev/null +++ b/roles/jibri-install/tasks/install-chromedriver.yml @@ -0,0 +1,25 @@ +--- +- block: + - name: installation de unzip + apt: + pkg: + - unzip + - name: récupération de la version pour chromedriver + uri: + url: "https://chromedriver.storage.googleapis.com/LATEST_RELEASE" + method: GET + return_content: true + status_code: 200 + register: _latest_release + until: _latest_release.status == 200 + retries: 5 + - name: répertoire du binaire pour chromedriver + file: + state: directory + path: /usr/local/bin/ + - name: "télécharge de chromedriver pour la version {{ _latest_release.content }}" + unarchive: + src: "http://chromedriver.storage.googleapis.com/{{ _latest_release.content }}/chromedriver_linux64.zip" + dest: /usr/local/bin + mode: "755" + remote_src: true \ No newline at end of file diff --git a/roles/jibri-install/tasks/install-googlechrome.yml b/roles/jibri-install/tasks/install-googlechrome.yml new file mode 100644 index 0000000..c2be7c6 --- /dev/null +++ b/roles/jibri-install/tasks/install-googlechrome.yml @@ -0,0 +1,29 @@ +--- +- name: Import de la clé GPG google + apt_key: + id: 4CCA1EAF950CEE4AB83976DCA040830F7FAC5991 + url: https://dl-ssl.google.com/linux/linux_signing_key.pub + keyring: /etc/apt/trusted.gpg.d/google.gpg + +- name: Ajout du depot google + apt_repository: + repo: deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/google.gpg] http://dl.google.com/linux/chrome/deb/ stable main + update_cache: true + filename: google-chrome + +- name: install google-chrome-stable + apt: + pkg: + - google-chrome-stable + +- name: désactive l'avertissement chrome est contrôllé par un autre logiciel + block: + - name: répertoire policies + file: + state: directory + path: /etc/opt/chrome/policies/managed + - name: CommandLineFlagSecurityWarningsEnabled + copy: + dest: /etc/opt/chrome/policies/managed/managed_policies.json + content: | + { "CommandLineFlagSecurityWarningsEnabled": false } diff --git a/roles/jibri-install/tasks/install-jibri.yml b/roles/jibri-install/tasks/install-jibri.yml new file mode 100644 index 0000000..c4e4925 --- /dev/null +++ b/roles/jibri-install/tasks/install-jibri.yml @@ -0,0 +1,61 @@ +--- +- name: vérification des variables obligatoire + fail: + msg: | + il faut définir les variables `jibri_user` et + `jibri_password`, `jitsi_server_host` pour utiliser ce role + when: (jibri_user is not defined) or + (jibri_password is not defined) or + (jitsi_server_host is not defined) + +# source: https://github.com/jitsi/jibri#jitsi-debian-repository +- name: Import de la clé GPG + apt_key: + id: FFD65A0DA2BEBDEB73D44C8BB4D2D216F1FD7806 + url: https://download.jitsi.org/jitsi-key.gpg.key + keyring: /etc/apt/trusted.gpg.d/jitsi.gpg + +- name: Ajout du depot jitsi + apt_repository: + repo: deb [signed-by=/etc/apt/trusted.gpg.d/jitsi.gpg] https://download.jitsi.org stable/ + update_cache: true + +- name: install jibri + apt: + pkg: + - jibri + notify: restart jibri + +- name: configure jibri + template: + src: ../templates/jibri.conf + dest: /etc/jitsi/jibri/jibri.conf + notify: restart jibri + +- name: configure xorg + lineinfile: + path: /etc/jitsi/jibri/xorg-video-dummy.conf + regexp: "[^?]Virtual " + line: " Virtual 1280 720" + notify: + - restart jibri + - restart jibri-xorg + +- name: configure les cookies (fichier) + copy: + src: ../files/chrome-extension-cookie + dest: /opt/ + mode: '644' + directory_mode: '755' + when: + - jitsi_cookie_enabled is defined + - jitsi_cookie_enabled + +- name: configure les cookies (template) + template: + src: ../templates/chrome-extension-background.js.j2 + dest: /opt/chrome-extension-cookie/background.js + mode: '644' + when: + - jitsi_cookie_enabled is defined + - jitsi_cookie_enabled diff --git a/roles/jibri-install/tasks/main.yml b/roles/jibri-install/tasks/main.yml new file mode 100644 index 0000000..c229dc5 --- /dev/null +++ b/roles/jibri-install/tasks/main.yml @@ -0,0 +1,5 @@ +--- +- include_tasks: pre-install.yml +- include_tasks: install-chromedriver.yml +- include_tasks: install-googlechrome.yml +- include_tasks: install-jibri.yml diff --git a/roles/jibri-install/tasks/pre-install.yml b/roles/jibri-install/tasks/pre-install.yml new file mode 100644 index 0000000..c102b4b --- /dev/null +++ b/roles/jibri-install/tasks/pre-install.yml @@ -0,0 +1,5 @@ +--- +- name: Activation du module snd-aloop + modprobe: + name: snd-aloop + state: present diff --git a/roles/jibri-install/templates/chrome-extension-background.js.j2 b/roles/jibri-install/templates/chrome-extension-background.js.j2 new file mode 100644 index 0000000..10eb1ed --- /dev/null +++ b/roles/jibri-install/templates/chrome-extension-background.js.j2 @@ -0,0 +1,41 @@ + +chrome.runtime.onInstalled.addListener(function() { + chrome.storage.managed.get("forcedCookies", managedItems => { + if (!managedItems.hasOwnProperty('forcedCookies')) { + return; + } + for (const item of managedItems.forcedCookies) { + chrome.cookies.set({ + url: `https://${item.domain}/`, + domain: item.domain, + name: item.name, + value: item.value + }); + } + }) + + // temp hack because loading config from managed policies seems too slow + const forcedCookies = [ + { + domain: "{{ jitsi_server_host }}", + name: "rgpd", + value: "nothing" + }, + {% for host in cookies_dns|default([]) %} + { + domain: "{{ host }}", + name: "rgpd", + value: "nothing" + }, + {% endfor %} + ]; + for (const item of forcedCookies) { + chrome.cookies.set({ + url: `https://${item.domain}/`, + domain: item.domain, + name: item.name, + value: item.value + }); + } + +}); diff --git a/roles/jibri-install/templates/jibri.conf b/roles/jibri-install/templates/jibri.conf new file mode 100644 index 0000000..eb9b4ce --- /dev/null +++ b/roles/jibri-install/templates/jibri.conf @@ -0,0 +1,152 @@ +jibri { + // A unique identifier for this Jibri + // TODO: eventually this will be required with no default + id = "{{ inventory_hostname }}" + // Whether or not Jibri should return to idle state after handling + // (successfully or unsuccessfully) a request. A value of 'true' + // here means that a Jibri will NOT return back to the IDLE state + // and will need to be restarted in order to be used again. + single-use-mode = false + api { + http { + external-api-port = 2222 + internal-api-port = 3333 + } + xmpp { + // See example_xmpp_envs.conf for an example of what is expected here + environments = [ + { + // A user-friendly name for this environment + name = "prod env" + + // A list of XMPP server hosts to which we'll connect + xmpp-server-hosts = [ + "{{ jitsi_server_host }}", + ] + + // The base XMPP domain + xmpp-domain = "{{ jitsi_server_host }}" + + // The MUC we'll join to announce our presence for + // recording and streaming services + control-muc { + domain = "internal.auth.{{ jitsi_server_host }}" + room-name = "JibriBrewery" + nickname = "{{ inventory_hostname }}-nickname" + } + + // The login information for the control MUC + control-login { + domain = "auth.{{ jitsi_server_host }}" + // Optional port, defaults to 5222. + // port = 6222 + username = "{{ jibri_user }}" + password = "{{ jibri_password }}" + } + + // An (optional) MUC configuration where we'll + // join to announce SIP gateway services + # sip-control-muc { + # domain = "domain" + # room-name = "room-name" + # nickname = "nickname" + # } + + // The login information the selenium web client will use + call-login { + domain = "recorder.{{ jitsi_server_host }}" + username = "{{ jibri_user }}-record" + password = "{{ jibri_password }}" + } + + // The value we'll strip from the room JID domain to derive + // the call URL + strip-from-room-domain = "conference." + + // How long Jibri sessions will be allowed to last before + // they are stopped. A value of 0 allows them to go on + // indefinitely + usage-timeout = 1 hour + + // Whether or not we'll automatically trust any cert on + // this XMPP domain + trust-all-xmpp-certs = true + } + ] + } + } + recording { + recordings-directory = "/tmp/recordings" + # TODO: make this an optional param and remove the default + # finalize-script = "/path/to/finalize" + } + streaming { + // A list of regex patterns for allowed RTMP URLs. The RTMP URL used + // when starting a stream must match at least one of the patterns in + // this list. + rtmp-allow-list = [ + // By default, all services are allowed + ".*" + ] + } + ffmpeg { + resolution = "1280x720" + // The audio source that will be used to capture audio on Linux + audio-source = "alsa" + // The audio device that will be used to capture audio on Linux + audio-device = "plug:bsnoop" + } + chrome { + // The flags which will be passed to chromium when launching + flags = [ + {% if jitsi_cookie_enabled | default(false) %} + "--load-extension=/opt/chrome-extension-cookie", + {% endif %} + "--use-fake-ui-for-media-stream", + "--start-maximized", + "--kiosk", + "--enabled", + "--disable-infobars", + "--autoplay-policy=no-user-gesture-required" + ] + } + stats { + enable-stats-d = true + } + webhook { + // A list of subscribers interested in receiving webhook events + subscribers = [] + } + jwt-info { + // The path to a .pem file which will be used to sign JWT tokens used in webhook + // requests. If not set, no JWT will be added to webhook requests. + # signing-key-path = "/path/to/key.pem" + + // The kid to use as part of the JWT + # kid = "key-id" + + // The issuer of the JWT + # issuer = "issuer" + + // The audience of the JWT + # audience = "audience" + + // The TTL of each generated JWT. Can't be less than 10 minutes. + # ttl = 1 hour + } + call-status-checks { + // If all clients have their audio and video muted and if Jibri does not + // detect any data stream (audio or video) comming in, it will stop + // recording after NO_MEDIA_TIMEOUT expires. + no-media-timeout = 30 seconds + + // If all clients have their audio and video muted, Jibri consideres this + // as an empty call and stops the recording after ALL_MUTED_TIMEOUT expires. + all-muted-timeout = 10 minutes + + // When detecting if a call is empty, Jibri takes into consideration for how + // long the call has been empty already. If it has been empty for more than + // DEFAULT_CALL_EMPTY_TIMEOUT, it will consider it empty and stop the recording. + default-call-empty-timeout = 30 seconds + } +} \ No newline at end of file diff --git a/roles/jitsi-enable-jibri/handlers/main.yml b/roles/jitsi-enable-jibri/handlers/main.yml new file mode 100644 index 0000000..015a20f --- /dev/null +++ b/roles/jitsi-enable-jibri/handlers/main.yml @@ -0,0 +1,18 @@ +--- +- name: restart prosody + systemd: + name: prosody + state: restarted + enabled: true + +- name: restart jitsi-videobridge2 + systemd: + name: jitsi-videobridge2 + state: restarted + enabled: true + +- name: restart jicofo + systemd: + name: jicofo + state: restarted + enabled: true \ No newline at end of file diff --git a/roles/jitsi-enable-jibri/tasks/main.yml b/roles/jitsi-enable-jibri/tasks/main.yml new file mode 100644 index 0000000..529aaf2 --- /dev/null +++ b/roles/jitsi-enable-jibri/tasks/main.yml @@ -0,0 +1,52 @@ +--- +- name: vérification des variables obligatoire + fail: + msg: | + il faut définir la variable `jibri_users` + pour utiliser ce role + when: jibri_users is not defined + +- name: configure prosody + blockinfile: + path: /etc/prosody/conf.d/{{ inventory_hostname }}.cfg.lua + marker: "-- {mark} jibri ANSIBLE MANAGED BLOCK" + block: | + VirtualHost "recorder.{{ inventory_hostname }}" + modules_enabled = { + "ping"; + } + authentication = "internal_plain" + notify: + - restart prosody + +- name: utilisateur jibri pour prosody (auth) + command: prosodyctl register {{ item.user }} auth.{{ inventory_hostname }} {{ item.password }} + loop: "{{ jibri_users }}" + +- name: utilisateur jibri pour prosody (recorder) + command: prosodyctl register {{ item.user }}-record recorder.{{ inventory_hostname }} {{ item.password }} + loop: "{{ jibri_users }}" + +- name: authentification jicofo + blockinfile: + path: /etc/jitsi/jicofo/sip-communicator.properties + marker: "# {mark} jibri ANSIBLE MANAGED BLOCK" + block: | + org.jitsi.jicofo.jibri.BREWERY=JibriBrewery@internal.auth.{{ inventory_hostname }} + org.jitsi.jicofo.jibri.PENDING_TIMEOUT=90 + notify: + - restart prosody + - restart jitsi-videobridge2 + - restart jicofo + +- name: livestreaming + lineinfile: + path: /etc/jitsi/meet/{{ inventory_hostname }}-config.js + insertafter: "[^?]// liveStreamingEnabled:" + line: "liveStreamingEnabled: true," + +- name: hidden domain + lineinfile: + path: /etc/jitsi/meet/{{ inventory_hostname }}-config.js + insertbefore: "[^?]// List of undocumented" + line: "hiddenDomain: 'recorder.{{ inventory_hostname}}'," \ No newline at end of file