commit f40557c1893f6f516786989d62da9db0a3d543d2 parent 85d013bd4cfd60ebbab428d7097cf42a547cd5b1 Author: Paco Esteban <paco@e1e0.net> Date: Tue, 21 Apr 2020 20:10:14 +0200 jitsi playbook: make jitsi instance authenticated Diffstat:
| M | jitsi.yml | | | 48 | ++++++++++++++++++++++++++++++++++++++++++++++++ |
1 file changed, 48 insertions(+), 0 deletions(-)
diff --git a/jitsi.yml b/jitsi.yml @@ -111,3 +111,51 @@ ufw: state: enabled policy: deny + - name: configure sec on prosody + lineinfile: + path: "/etc/prosody/prosody.cfg.lua" + regexp: 'authentication = .anonymous.' + line: 'authentication = "internal_plain"' + notify: restart prosody + - name: configure guest vhost on prosody + blockinfile: + path: "/etc/prosody/prosody.cfg.lua" + block: | + VirtualHost "guest.{{ jitsi_meet_server_name }}" + authentication = "anonymous" + c2s_require_encryption = false + marker: "-- {mark} ANSIBLE MANAGED BLOCK" + notify: restart prosody + - name: configure jitsi guest domain + lineinfile: + path: "/etc/jitsi/meet/{{ jitsi_meet_server_name }}-config.js" + regexp: 'anonymousdomain:' + line: > + anonymousdomain: 'guest.{{ jitsi_meet_server_name }}', + notify: + - restart videobridge + - restart jicofo + - name: configure jicofo + lineinfile: + path: "/etc/jitsi/jicofo/sip-communicator.properties" + line: 'org.jitsi.jicofo.auth.URL=XMPP:{{ jitsi_meet_server_name }}' + notify: + - restart videobridge + - restart jicofo + handlers: + - name: restart sshd + service: + name: sshd + state: restarted + - name: restart prosody + service: + name: prosody + state: restarted + - name: restart jicofo + service: + name: jicofo + state: restarted + - name: restart videobridge + service: + name: jitsi-videobridge2 + state: restarted