certbot-auto will install both Python 2 and 3 packages thus resulting un
unnecessary image bloat. Also, there is no need to install compilers or
development libraries since Wheels are available for the required
packags.
We noticed that websocket were broken with this config.
We believe that the translation from old config to new config in [this commit](130eb551a7 (diff-6f9b0c296a7ff789834c1414349f64f956f2b64df6e405fd45f62c6a11edad3fL34)) didn't translate it well.
We are actually wondering what does private stands for in this context.
With this change, we can confirm that wss works again as expected.
My editor detected `.env` as shell script and thus automatically checked
it with ShellCheck. I would propose to make it a valid shell script that
complies with ShellCheck by default. To do this, we just need to disable
https://github.com/koalaman/shellcheck/wiki/SC2034 because the variables
are not used (in that file).
When you search for "docker-compose .env shellcheck SC2034" it turns out
that I am not the first one to do this :)
* 7ab45bb web: add ability to configure prejoin page
* 0c95794 jvb: regenerate config on every boot
* 3ef2221 jvb: add ability to set the WS domain with an env var
* 79d2601 jvb: add ability to specify set the WS_SERVER_ID with an env var
* b277926 jvb: make colibri websocket endpoints dynamic for multiple jvbs
* 991f695 web: remove no longer needed settings
* 8b7cbc3 revert "jicofo: no auth URL in JWT auth mode"
* 33b386b jvb: add missing variable to docker-compose
* 087f024 web: configure brandingDataUrl with env variables
* a404653 web: configure startAudioOnly using environment variable
* e195cbf jvb: make jvb apis available from outside the container
* 409cade web: configure Matomo using environment variables
* b731c60 doc: update CHANGELOG
* 0fbf3b7 misc: working on latest
Variable JVB_TCP_MAPPED_PORT is used in jvb/roots/defaults/sip-communicator.properties, but is not defined yet in the docker-compose.yml file
(Variable added in commit 1205170056)
* 5ceaf5f web: add IPv6 support
* aff3775 xmpp: allow recorders to bypass lobby
* ad5625b jvb: switch to WebSocket based bridge channels
* 8110336 web: add ability to configure the nginx resolver
* 2f47518 jicofo: no auth URL in JWT auth mode
* c149463 web: build config.js on each boot
* c792bbc base: update frep
* bec928c prosody: configure lobby on the guest domain is necessary
* bcbd977 jicofo: pass XMPP_MUC_DOMAIN through docker-compose.yml
* 8f9caa4 jicofo: set XMPP_MUC_COMPONENT_PREFIX
* 2a0120d web: set security headers also for non HTTPS
* e6586f2 jvb: set LOCAL_ADDRESS to the correct local IP (#630)
* 97f5e75 base: optimize size
* b78c89e misc: minor Dockerfile Improvements
* a754519 misc: working on latest
There's no need to have Jicofo involved in authentication
when JWT authentication type is configured in Prosody in which case
Prosody plugins are validating the token when user tries to enter
a MUC.
This mechanism was initially designed for 'internal' Prosody
XMPP authentication with guest access. In this mode only admin users
are allowed to create MUC rooms and Jicofo is an admin. In this flow,
a user first joins from domain with authentication enabled and it
will receive a session ID from Jicofo. Now the client will store this
session ID in the local storage and use it next time when coming back
to Jitsi Meet to make Jicofo create a MUC room for him/her.
https://jitsi.github.io/handbook/docs/devops-guide/secure-domain
The EXT_JWT mode was an experiment at some point, but now should
probably be removed. It may come handy only in case where there is
no JWT verification in Prosody and all users connect as anonymous and
MUC creation is only allowed to Jicofo.
If the lobby is enabled and ENABLE_AUTH and ENABLE_GUESTS is true, and
therefore the guest.$XMPP_DOMAIN domain is to be defined, the lobby config
should be placed in the guest domain.
NAT_HARVESTER_LOCAL_ADDRESS needs to bet set to the local IP that is actually
used to communicate with clients.
In Docker containers "hostname -I" returns the IPs of all interfaces. The order
of the IPs depends on the interface create order.
Docker makes no guarantees about the interface order and in my tests it is
random.
As a result NAT_HARVESTER_LOCAL_ADDRESS is sometimes set to the IP of the
internal meet.jitsi interface.
Fix this by setting it to the source IP used for routing to $DOCKER_HOST_ADDRESS
Adds 2803 kB disk space for iproute2 and dependencies.
Partly addresses #338
* a81ad73 prosody: add support for lobby
* baed605 web: fix removing closed captions button if transcription is enabled
* edecacd etherpad: add ability to use a external server
* a7563d4 jvb: use JVB_TCP_PORT for exposing the port
* b235ea1 prosody: disable s2s module
* 1d428a8 prosody: use a 2-stage build
* 613c26c misc: working on latest
* 4d72ee3 release: stable-4627-1
* 22b7063 examples: update Traefik v1 example
* 1381b08 prosody: fix installing dependdencies
* 2900c11 misc: add extra line to tag message
* c57a84b misc: working on latest