mkdir -p './binfmt.d'
mkdir -p './ca-certificates/update.d'
mkdir -p './dbus-1/session.d'
+mkdir -p './dconf/db'
mkdir -p './dovecot/private'
mkdir -p './dpkg/dpkg.cfg.d'
mkdir -p './fail2ban/fail2ban.d'
maybe chmod 0644 'X11/Xresources/x11-common'
maybe chmod 0755 'X11/Xsession'
maybe chmod 0755 'X11/Xsession.d'
+maybe chmod 0644 'X11/Xsession.d/20dbus_xdg-runtime'
maybe chmod 0644 'X11/Xsession.d/20x11-common_process-args'
maybe chmod 0644 'X11/Xsession.d/30x11-common_xresources'
maybe chmod 0644 'X11/Xsession.d/35x11-common_xhost-local'
maybe chmod 0755 'dbus-1/system.d'
maybe chmod 0644 'dbus-1/system.d/com.ubuntu.LanguageSelector.conf'
maybe chmod 0644 'dbus-1/system.d/org.freedesktop.Accounts.conf'
+maybe chmod 0755 'dconf'
+maybe chmod 0755 'dconf/db'
maybe chmod 0644 'debconf.conf'
maybe chmod 0644 'debian_version'
maybe chmod 0755 'default'
maybe chmod 0755 'init.d/icinga2'
maybe chmod 0755 'init.d/ipsec'
maybe chmod 0755 'init.d/irqbalance'
+maybe chmod 0755 'init.d/janus'
maybe chmod 0755 'init.d/keyboard-setup.sh'
maybe chmod 0755 'init.d/kmod'
maybe chmod 0755 'init.d/knockd'
maybe chmod 0600 'ipsec.secrets'
maybe chmod 0644 'issue'
maybe chmod 0644 'issue.net'
+maybe chmod 0755 'janus'
+maybe chmod 0644 'janus/janus.eventhandler.rabbitmqevh.jcfg'
+maybe chmod 0644 'janus/janus.eventhandler.sampleevh.jcfg'
+maybe chmod 0644 'janus/janus.jcfg'
+maybe chmod 0644 'janus/janus.plugin.audiobridge.jcfg'
+maybe chmod 0644 'janus/janus.plugin.duktape.jcfg'
+maybe chmod 0644 'janus/janus.plugin.echotest.jcfg'
+maybe chmod 0644 'janus/janus.plugin.lua.jcfg'
+maybe chmod 0644 'janus/janus.plugin.nosip.jcfg'
+maybe chmod 0644 'janus/janus.plugin.recordplay.jcfg'
+maybe chmod 0644 'janus/janus.plugin.sip.jcfg'
+maybe chmod 0644 'janus/janus.plugin.sipre.jcfg'
+maybe chmod 0644 'janus/janus.plugin.streaming.jcfg'
+maybe chmod 0644 'janus/janus.plugin.textroom.jcfg'
+maybe chmod 0644 'janus/janus.plugin.videocall.jcfg'
+maybe chmod 0644 'janus/janus.plugin.videoroom.jcfg'
+maybe chmod 0644 'janus/janus.plugin.voicemail.jcfg'
+maybe chmod 0644 'janus/janus.transport.http.jcfg'
+maybe chmod 0644 'janus/janus.transport.nanomsg.jcfg'
+maybe chmod 0644 'janus/janus.transport.pfunix.jcfg'
+maybe chmod 0644 'janus/janus.transport.rabbitmq.jcfg'
+maybe chmod 0644 'janus/janus.transport.websockets.jcfg'
maybe chmod 0755 'kernel'
maybe chmod 0644 'kernel-img.conf'
maybe chmod 0755 'kernel/install.d'
--- /dev/null
+# vim:set ft=sh sw=2 sts=2 et:
+
+if [ -z "$DBUS_SESSION_BUS_ADDRESS" ] && [ -n "$XDG_RUNTIME_DIR" ] && \
+ [ "$XDG_RUNTIME_DIR" = "/run/user/`id -u`" ] && \
+ [ -S "$XDG_RUNTIME_DIR/bus" ]; then
+ # We are under systemd-logind or something remarkably similar, and
+ # a user-session socket has already been set up.
+ #
+ # Be nice to non-libdbus, non-sd-bus implementations by using
+ # that as the session bus address in the environment. The check for
+ # XDG_RUNTIME_DIR = "/run/user/`id -u`" is because we know that
+ # form of the address, from systemd-logind, doesn't need escaping,
+ # whereas arbitrary addresses might.
+ DBUS_SESSION_BUS_ADDRESS="unix:path=$XDG_RUNTIME_DIR/bus"
+ export DBUS_SESSION_BUS_ADDRESS
+fi
+
+if [ -x "/usr/bin/dbus-update-activation-environment" ]; then
+ # tell dbus-daemon --session (and systemd --user, if running)
+ # to put a minimal subset of the Xsession's environment in activated
+ # services' environments
+ dbus-update-activation-environment --verbose --systemd \
+ DBUS_SESSION_BUS_ADDRESS DISPLAY XAUTHORITY
+fi
--- /dev/null
+#!/bin/sh
+# kFreeBSD do not accept scripts as interpreters, using #!/bin/sh and sourcing.
+if [ true != "$INIT_D_SCRIPT_SOURCED" ] ; then
+ set "$0" "$@"; INIT_D_SCRIPT_SOURCED=true . /lib/init/init-d-script
+fi
+### BEGIN INIT INFO
+# Provides: janus
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Janus WebRTC gateway
+# Description: General purpose WebRTC Gateway.
+### END INIT INFO
+
+# Author: Jonas Smedegaard <dr@jones.dk>
+
+DESC="Janus WebRTC gateway"
+DAEMON=/usr/bin/janus
+
+# This may be overridden in /etc/default/janus
+DAEMON_ARGS=${DAEMON_ARGS:---pid-file=$PIDFILE --disable-colors}
--- /dev/null
+# This configures the RabbitMQ event handler.
+
+general: {
+ enabled = false # By default the module is not enabled
+ events = "all" # Comma separated list of the events mask you're interested
+ # in. Valid values are none, sessions, handles, jsep, webrtc,
+ # media, plugins, transports, core, external and all. By
+ # default we subscribe to everything (all)
+ grouping = true # Whether events should be sent individually , or if it's ok
+ # to group them. The default is 'yes' to limit the number of
+ # messages
+ json = "indented" # Whether the JSON messages should be indented (default),
+ # plain (no indentation) or compact (no indentation and no spaces)
+
+ host = "localhost" # The address of the RabbitMQ server
+ #port = 5672 # The port of the RabbitMQ server (5672 by default)
+ #username = "guest" # Username to use to authenticate, if needed
+ #password = "guest" # Password to use to authenticate, if needed
+ #vhost = "/" # Virtual host to specify when logging in, if needed
+ #exchange = "janus-exchange"
+ route_key = "janus-events" # Name of the queue for event messages
+
+ #ssl_enable = false # Whether ssl support must be enabled
+ #ssl_verify_peer = true # Whether peer verification must be enabled
+ #ssl_verify_hostname = true # Whether hostname verification must be enabled
+
+ # Certificates to use when SSL support is enabled, if needed
+ #ssl_cacert = "/path/to/cacert.pem"
+ ssl_cert = "/etc/ssl/certs/ssl-cert-snakeoil.pem"
+ ssl_key = "/etc/ssl/private/ssl-cert-snakeoil.key"
+}
--- /dev/null
+# This configures the sample event handler. Since this plugin simply
+# forwards each event it receives via HTTP POST, you simply need to
+# configure (i) which events to subscribe to, and (ii) the address of
+# the web server which will receive the requests.
+
+general: {
+ enabled = false # By default the module is not enabled
+ events = "all" # Comma separated list of the events mask you're interested
+ # in. Valid values are none, sessions, handles, jsep, webrtc,
+ # media, plugins, transports, core, external and all. By
+ # default we subscribe to everything (all)
+ grouping = true # Whether events should be sent individually (one per
+ # HTTP POST, JSON object), or if it's ok to group them
+ # (one or more per HTTP POST, JSON array with objects)
+ # The default is 'yes' to limit the number of connections.
+
+ # Address the plugin will send all events to as HTTP POST
+ # requests with an application/json payload. In case
+ # authentication is required to contact the backend, set
+ # the credentials as well (basic authentication only).
+ json = "indented" # Whether the JSON messages should be indented (default),
+ # plain (no indentation) or compact (no indentation and no spaces)
+
+ backend = "http://your.webserver.here/and/a/path"
+ #backend_user = "myuser"
+ #backend_pwd = "mypwd"
+
+ # You can also configure how retransmissions should
+ # happen, after a failed attempt to deliver an event.
+ # Specifically, you can specify how many times a
+ # retransmission should be attempted (default=5) and
+ # which step is used, in milliseconds, for the exponential
+ # backoff before retrying (e.g, if step=100ms, then the
+ # the first retry will happen after 100ms, the second
+ # after 200ms, then 400ms, and so on). If the event cannot
+ # be retransmitted after the maximum number of attemps
+ # is reached, then it's lost. Beware that retransmissions
+ # will also delay pending events and increase the queue.
+ #max_retransmissions = 5
+ #retransmissions_backoff = 100
+}
--- /dev/null
+# General configuration: folders where the configuration and the plugins
+# can be found, how output should be logged, whether Janus should run as
+# a daemon or in foreground, default interface to use, debug/logging level
+# and, if needed, shared apisecret and/or token authentication mechanism
+# between application(s) and Janus.
+general: {
+ configs_folder = "/etc/janus" # Configuration files folder
+ plugins_folder = "/usr/lib/x86_64-linux-gnu/janus/plugins" # Plugins folder
+ transports_folder = "/usr/lib/x86_64-linux-gnu/janus/transports" # Transports folder
+ events_folder = "/usr/lib/x86_64-linux-gnu/janus/events" # Event handlers folder
+
+ # The next settings configure logging
+ #log_to_stdout = false # Whether the Janus output should be written
+ # to stdout or not (default=true)
+ #log_to_file = "/path/to/janus.log" # Whether to use a log file or not
+ debug_level = 4 # Debug/logging level, valid values are 0-7
+ #debug_timestamps = true # Whether to show a timestamp for each log line
+ #debug_colors = false # Whether colors should be disabled in the log
+ #debug_locks = true # Whether to enable debugging of locks (very verbose!)
+
+ # This is what you configure if you want to launch Janus as a daemon
+ #daemonize = true # Whether Janus should run as a daemon
+ # or not (default=run in foreground)
+ #pid_file = "/path/to/janus.pid" # PID file to create when Janus has been
+ # started, and to destroy at shutdown
+
+ # There are different ways you can authenticate the Janus and Admin APIs
+ #api_secret = "janusrocks" # String that all Janus requests must contain
+ # to be accepted/authorized by the Janus core.
+ # Useful if you're wrapping all Janus API requests
+ # in your servers (that is, not in the browser,
+ # where you do the things your way) and you
+ # don't want other application to mess with
+ # this Janus instance.
+ #token_auth = true # Enable a token based authentication
+ # mechanism to force users to always provide
+ # a valid token in all requests. Useful if
+ # you want to authenticate requests from web
+ # users.
+ #token_auth_secret = "janus" # Use HMAC-SHA1 signed tokens (with token_auth). Note that
+ # without this, the Admin API MUST
+ # be enabled, as tokens are added and removed
+ # through messages sent there.
+ admin_secret = "janusoverlord" # String that all Janus requests must contain
+ # to be accepted/authorized by the admin/monitor.
+ # only needed if you enabled the admin API
+ # in any of the available transports.
+
+ # Generic settings
+ #interface = "1.2.3.4" # Interface to use (will be used in SDP)
+ #server_name = "MyJanusInstance"# Public name of this Janus instance
+ # as it will appear in an info request
+ #session_timeout = 60 # How long (in seconds) we should wait before
+ # deciding a Janus session has timed out. A
+ # session times out when no request is received
+ # for session_timeout seconds (default=60s).
+ # Setting this to 0 will disable the timeout
+ # mechanism, which is NOT suggested as it may
+ # risk having orphaned sessions (sessions not
+ # controlled by any transport and never freed).
+ # To avoid timeouts, keep-alives can be used.
+ #candidates_timeout = 45 # How long (in seconds) we should keep hold of
+ # pending (trickle) candidates before discarding
+ # them (default=45s). Notice that setting this
+ # to 0 will NOT disable the timeout, but will
+ # be considered an invalid value and ignored.
+ #reclaim_session_timeout = 0 # How long (in seconds) we should wait for a
+ # janus session to be reclaimed after the transport
+ # is gone. After the transport is gone, a session
+ # times out when no request is received for
+ # reclaim_session_timeout seconds (default=0s).
+ # Setting this to 0 will disable the timeout
+ # mechanism, and sessions will be destroyed immediately
+ # if the transport is gone.
+ #recordings_tmp_ext = "tmp" # The extension for recordings, in Janus, is
+ # .mjr, a custom format we devised ourselves.
+ # By default, we save to .mjr directly. If you'd
+ # rather the recording filename have a temporary
+ # extension while it's being saved, and only
+ # have the .mjr extension when the recording
+ # is over (e.g., to automatically trigger some
+ # external scripts), then uncomment and set the
+ # recordings_tmp_ext property to the extension
+ # to add to the base (e.g., tmp --> .mjr.tmp).
+ #event_loops = 8 # By default, Janus handles each have their own
+ # event loop and related thread for all the media
+ # routing and management. If for some reason you'd
+ # rather limit the number of loop/threads, and
+ # you want handles to share those, you can do that
+ # configuring the event_loops property: this will
+ # spawn the specified amount of threads at startup,
+ # run a separate event loop on each of them, and
+ # add new handles to one of them when attaching.
+ # Notice that, while cutting the number of threads
+ # and possibly reducing context switching, this
+ # might have an impact on the media delivery,
+ # especially if the available loops can't take
+ # care of all the handles and their media in time.
+ # As such, if you want to use this you should
+ # provision the correct value according to the
+ # available resources (e.g., CPUs available).
+ #opaqueid_in_api = true # Opaque IDs set by applications are typically
+ # only passed to event handlers for correlation
+ # purposes, but not sent back to the user or
+ # application in the related Janus API responses
+ # or events; in case you need them to be in the
+ # Janus API too, set this property to 'true'.
+ #hide_dependencies = true # By default, a call to the "info" endpoint of
+ # either the Janus or Admin API now also returns
+ # the versions of the main dependencies (e.g.,
+ # libnice, libsrtp, which crypto library is in
+ # use and so on). Should you want that info not
+ # to be disclose, set 'hide_dependencies' to true.
+
+ # The following is ONLY useful when debugging RTP/RTCP packets,
+ # e.g., to look at unencrypted live traffic with a browser. By
+ # default it is obviously disabled, as WebRTC mandates encryption.
+ #no_webrtc_encryption = true
+}
+
+# Certificate and key to use for DTLS (and passphrase if needed). If missing,
+# Janus will autogenerate a self-signed certificate to use. Notice that
+# self-signed certificates are fine for the purpose of WebRTC DTLS
+# connectivity, for the time being, at least until Identity Providers
+# are standardized and implemented in browsers.
+certificates: {
+ cert_pem = "/etc/ssl/certs/ssl-cert-snakeoil.pem"
+ cert_key = "/etc/ssl/private/ssl-cert-snakeoil.key"
+ #cert_pwd = "secretpassphrase"
+}
+
+# Media-related stuff: you can configure whether if you want
+# to enable IPv6 support, if RFC4588 support for retransmissions
+# should be negotiated or not (off by default), the maximum size
+# of the NACK queue (in milliseconds, defaults to 500ms) for retransmissions, the
+# range of ports to use for RTP and RTCP (by default, no range is envisaged), the
+# starting MTU for DTLS (1200 by default, it adapts automatically),
+# how much time, in seconds, should pass with no media (audio or
+# video) being received before Janus notifies you about this (default=1s,
+# 0 disables these events entirely), how many lost packets should trigger
+# a 'slowlink' event to users (default=4), and how often, in milliseconds,
+# to send the Transport Wide Congestion Control feedback information back
+# to senders, if negotiated (default=1s). Finally, if you're using BoringSSL
+# you can customize the frequency of retransmissions: OpenSSL has a fixed
+# value of 1 second (the default), while BoringSSL can override that. Notice
+# that lower values (e.g., 100ms) will typically get you faster connection
+# times, but may not work in case the RTT of the user is high: as such,
+# you should pick a reasonable trade-off (usually 2*max expected RTT).
+media: {
+ #ipv6 = true
+ #max_nack_queue = 500
+ #rfc_4588 = true
+ #rtp_port_range = "20000-40000"
+ #dtls_mtu = 1200
+ #no_media_timer = 1
+ #slowlink_threshold = 4
+ #twcc_period = 200
+ #dtls_timeout = 500
+}
+
+# NAT-related stuff: specifically, you can configure the STUN/TURN
+# servers to use to gather candidates if the gateway is behind a NAT,
+# and srflx/relay candidates are needed. In case STUN is not enough and
+# this is needed (it shouldn't), you can also configure Janus to use a
+# TURN server# please notice that this does NOT refer to TURN usage in
+# browsers, but in the gathering of relay candidates by Janus itself,
+# e.g., if you want to limit the ports used by a Janus instance on a
+# private machine. Furthermore, you can choose whether Janus should be
+# configured to do full-trickle (Janus also trickles its candidates to
+# users) rather than the default half-trickle (Janus supports trickle
+# candidates from users, but sends its own within the SDP), and whether
+# it should work in ICE-Lite mode (by default it doesn't). Finally,
+# you can also enable ICE-TCP support (beware that it currently *only*
+# works if you enable ICE Lite as well), choose which interfaces should
+# be used for gathering candidates, and enable or disable the
+# internal libnice debugging, if needed.
+nat: {
+ #stun_server = "stun.voip.eutelia.it"
+ #stun_port = 3478
+ nice_debug = false
+ #full_trickle = true
+ #ice_lite = true
+ #ice_tcp = true
+
+ # In case you're deploying Janus on a server which is configured with
+ # a 1:1 NAT (e.g., Amazon EC2), you might want to also specify the public
+ # address of the machine using the setting below. This will result in
+ # all host candidates (which normally have a private IP address) to
+ # be rewritten with the public address provided in the settings. As
+ # such, use the option with caution and only if you know what you're doing.
+ # Make sure you keep ICE Lite disabled, though, as it's not strictly
+ # speaking a publicly reachable server, and a NAT is still involved.
+ #nat_1_1_mapping = "1.2.3.4"
+
+ # You can configure a TURN server in two different ways: specifying a
+ # statically configured TURN server, and thus provide the address of the
+ # TURN server, the transport (udp/tcp/tls) to use, and a set of valid
+ # credentials to authenticate...
+ #turn_server = "myturnserver.com"
+ #turn_port = 3478
+ #turn_type = "udp"
+ #turn_user = "myuser"
+ #turn_pwd = "mypassword"
+
+ # ... or you can make use of the TURN REST API to get info on one or more
+ # TURN services dynamically. This makes use of the proposed standard of
+ # such an API (https://tools.ietf.org/html/draft-uberti-behave-turn-rest-00)
+ # which is currently available in both rfc5766-turn-server and coturn.
+ # You enable this by specifying the address of your TURN REST API backend,
+ # the HTTP method to use (GET or POST) and, if required, the API key Janus
+ # must provide.
+ #turn_rest_api = "http://yourbackend.com/path/to/api"
+ #turn_rest_api_key = "anyapikeyyoumayhaveset"
+ #turn_rest_api_method = "GET"
+
+ # You can also choose which interfaces should be explicitly used by the
+ # gateway for the purpose of ICE candidates gathering, thus excluding
+ # others that may be available. To do so, use the 'ice_enforce_list'
+ # setting and pass it a comma-separated list of interfaces or IP addresses
+ # to enforce. This is especially useful if the server hosting the gateway
+ # has several interfaces, and you only want a subset to be used. Any of
+ # the following examples are valid:
+ # ice_enforce_list = "eth0"
+ # ice_enforce_list = "eth0,eth1"
+ # ice_enforce_list = "eth0,192.168."
+ # ice_enforce_list = "eth0,192.168.0.1"
+ # By default, no interface is enforced, meaning Janus will try to use them all.
+ #ice_enforce_list = "eth0"
+
+ # In case you don't want to specify specific interfaces to use, but would
+ # rather tell Janus to use all the available interfaces except some that
+ # you don't want to involve, you can also choose which interfaces or IP
+ # addresses should be excluded and ignored by the gateway for the purpose
+ # of ICE candidates gathering. To do so, use the 'ice_ignore_list' setting
+ # and pass it a comma-separated list of interfaces or IP addresses to
+ # ignore. This is especially useful if the server hosting the gateway
+ # has several interfaces you already know will not be used or will simply
+ # always slow down ICE (e.g., virtual interfaces created by VMware).
+ # Partial strings are supported, which means that any of the following
+ # examples are valid:
+ # ice_ignore_list = "vmnet8,192.168.0.1,10.0.0.1"
+ # ice_ignore_list = "vmnet,192.168."
+ # Just beware that the ICE ignore list is not used if an enforce list
+ # has been configured. By default, Janus ignores all interfaces whose
+ # name starts with 'vmnet', to skip VMware interfaces:
+ ice_ignore_list = "vmnet"
+}
+
+# You can choose which of the available plugins should be
+# enabled or not. Use the 'disable' directive to prevent Janus from
+# loading one or more plugins: use a comma separated list of plugin file
+# names to identify the plugins to disable. By default all available
+# plugins are enabled and loaded at startup.
+plugins: {
+ #disable = "libjanus_voicemail.so,libjanus_recordplay.so"
+}
+
+# You can choose which of the available transports should be enabled or
+# not. Use the 'disable' directive to prevent Janus from loading one
+# or more transport: use a comma separated list of transport file names
+# to identify the transports to disable. By default all available
+# transports are enabled and loaded at startup.
+transports: {
+ #disable = "libjanus_rabbitmq.so"
+}
+
+# Event handlers allow you to receive live events from Janus happening
+# in core and/or plugins. Since this can require some more resources,
+# the feature is disabled by default. Setting broadcast to yes will
+# enable them. You can then choose which of the available event handlers
+# should be loaded or not. Use the 'disable' directive to prevent Janus
+# from loading one or more event handlers: use a comma separated list of
+# file names to identify the event handlers to disable. By default, if
+# broadcast is set to yes all available event handlers are enabled and
+# loaded at startup. Finally, you can choose how often media statistics
+# (packets sent/received, losses, etc.) should be sent: by default it's
+# once per second (audio and video statistics sent separately), but may
+# considered too verbose, or you may want to limit the number of events,
+# especially if you have many PeerConnections active. To change this,
+# just set 'stats_period' to the number of seconds that should pass in
+# between statistics for each handle. Setting it to 0 disables them (but
+# not other media-related events).
+events: {
+ #broadcast = true
+ #disable = "libjanus_sampleevh.so"
+ #stats_period = 5
+}
--- /dev/null
+# room-<unique room ID>: {
+# description = "This is my awesome room"
+# is_private = true|false (whether this room should be in the public list, default=true)
+# secret = "<optional password needed for manipulating (e.g. destroying) the room>"
+# pin = "<optional password needed for joining the room>"
+# sampling_rate = <sampling rate> (e.g., 16000 for wideband mixing)
+# audiolevel_ext = true|false (whether the ssrc-audio-level RTP extension must
+# be negotiated/used or not for new joins, default=true)
+# audiolevel_event = true|false (whether to emit event to other users or not, default=false)
+# audio_active_packets = 100 (number of packets with audio level, default=100, 2 seconds)
+# audio_level_average = 25 (average value of audio level, 127=muted, 0='too loud', default=25)
+# record = true|false (whether this room should be recorded, default=false)
+# record_file = "/path/to/recording.wav" (where to save the recording)
+#
+# The following lines are only needed if you want the mixed audio
+# to be automatically forwarded via plain RTP to an external component
+# (e.g., an ffmpeg script, or a gstreamer pipeline) for processing
+# By default plain RTP is used, SRTP must be configured if needed
+# rtp_forward_id = numeric RTP forwarder ID for referencing it via API (optional: random ID used if missing)
+# rtp_forward_host = "<host address to forward RTP packets of mixed audio to>"
+# rtp_forward_port = port to forward RTP packets of mixed audio to
+# rtp_forward_ssrc = SSRC to use to use when streaming (optional: stream_id used if missing)
+# rtp_forward_ptype = payload type to use when streaming (optional: 100 used if missing)
+# rtp_forward_srtp_suite = length of authentication tag (32 or 80)
+# rtp_forward_srtp_crypto = "<key to use as crypto (base64 encoded key as in SDES)>"
+# rtp_forward_always_on = true|false, whether silence should be forwarded when the room is empty (optional: false used if missing)
+#}
+
+general: {
+ #admin_key = "supersecret" # If set, rooms can be created via API only
+ # if this key is provided in the request
+ #lock_rtp_forward = true # Whether the admin_key above should be
+ # enforced for RTP forwarding requests too
+ #record_tmp_ext = "tmp" # Optional temporary extension to add to filenames
+ # while recording: e.g., setting "tmp" would mean
+ # .wav --> .wav.tmp until the file is closed
+ #events = false # Whether events should be sent to event
+ # handlers (default=true)
+}
+
+room-1234: {
+ description = "Demo Room"
+ secret = "adminpwd"
+ sampling_rate = 16000
+ record = false
+ #record_file = "/path/to/recording.wav"
+}
--- /dev/null
+# The only things you configure in here are which JavaScipt file to load and,
+# optionally, the paths to add for searching libraries and a configuration
+# file, if the script will need it. For what concerns the libraries path,
+# by default this configuration file adds a path to where the JS samples
+# have been installed, as it contains a couple of helper libraries the
+# samples use; should you be interested in adding more, just add other
+# paths separated by a semicolon. Due to the syntax of the configuration
+# file, make sure you escape all semicolons with a trailing slash, in case.
+# The 'config' property is entirely script specific, instead: if your
+# script will need to rely on an XML configuration file in its initialization,
+# for instance, then set the 'config' property as the path to the file;
+# it will be passed, as is, to your script in the init() call. None of
+# the samples use this property, which is why it's commented out.
+
+general: {
+ path = "/usr/share/janus/duktape"
+ script = "/usr/share/janus/duktape/echotest.js"
+ #script = "/usr/share/janus/duktape/videoroom.js"
+ #config = "/path/to/configfile"
+}
--- /dev/null
+# events = true|false, whether events should be sent to event handlers
+
+general: {
+ #events = false
+}
--- /dev/null
+# The only things you configure in here are which lua script to load and,
+# optionally, the paths to add for searching libraries and a configuration
+# file, if the script will need it. For what concerns the libraries path,
+# by default this configuration file adds a path to where the Lua samples
+# have been installed, as it contains a couple of helper libraries the
+# samples use; should you be interested in adding more, just add other
+# paths separated by a semicolon. Due to the syntax of the configuration
+# file, make sure you escape all semicolons with a trailing slash, in case.
+# The 'config' property is entirely script specific, instead: if your
+# script will need to rely on an XML configuration file in its initialization,
+# for instance, then set the 'config' property as the path to the file;
+# it will be passed, as is, to your script in the init() call. None of
+# the samples use this property, which is why it's commented out.
+
+general: {
+ path = "/usr/share/janus/lua"
+ script = "/usr/share/janus/lua/echotest.lua"
+ #script = "/usr/share/janus/lua/videoroom.lua"
+ #config = "/path/to/configfile"
+}
--- /dev/null
+general: {
+ # Specify which local IP address to bind to for media.
+ # If not set it will be automatically guessed from the system
+ #local_ip = "1.2.3.4"
+
+ # Specify which (public) IP address to advertise in the SDP.
+ # If not set, the value above or anything autodetected will be used
+ #sdp_ip = "1.2.3.4"
+
+ # Range of ports to use for RTP/RTCP (default=10000-60000)
+ rtp_port_range = "20000-40000"
+
+ # Whether events should be sent to event handlers (default=true)
+ #events = false
+}
--- /dev/null
+# path = where to place recordings in the file system
+# events = true|false, whether events should be sent to event handlers
+
+general: {
+ path = "/usr/share/janus/recordings"
+ #events = false
+}
--- /dev/null
+general: {
+ # Specify which local IP address to bind to for SIP stack and media.
+ # If not set it will be automatically guessed from the system
+ #local_ip = "1.2.3.4"
+
+ # Specify which (public) IP address to advertise in the SDP.
+ # If not set, the value above or anything autodetected will be used
+ #sdp_ip = "1.2.3.4"
+
+ # Enable local keep-alives to keep the registration open. Keep-alives are
+ # sent in the form of OPTIONS requests, at the given interval inseconds.
+ # (0 to disable)
+ keepalive_interval = 120
+
+ # Indicate if the server is behind NAT. If so, the server will use STUN
+ # to guess its own public IP address and use it in the Contact header of
+ # outgoing requests
+ behind_nat = false
+
+ # User-Agent string to be used
+ # user_agent = "Cool WebRTC Gateway"
+
+ # Expiration time for registrations
+ register_ttl = 3600
+
+ # Range of ports to use for RTP/RTCP (default=10000-60000)
+ rtp_port_range = "20000-40000"
+
+ # Whether events should be sent to event handlers (default=true)
+ #events = false
+}
--- /dev/null
+general: {
+ # Specify which local IP address to bind to for SIP stack and media.
+ # If not set it will be automatically guessed from the system
+ #local_ip = "1.2.3.4"
+
+ # Specify which (public) IP address to advertise in the SDP.
+ # If not set, the value above or anything autodetected will be used
+ #sdp_ip = "1.2.3.4"
+
+ # User-Agent string to be used
+ # user_agent = "Cool WebRTC Gateway"
+
+ # Expiration time for registrations
+ register_ttl = 3600
+
+ # Range of ports to use for RTP/RTCP (default=10000-60000)
+ rtp_port_range = "20000-40000"
+
+ # Whether events should be sent to event handlers (default=true)
+ #events = false
+}
--- /dev/null
+# stream-name: {
+# type = rtp|live|ondemand|rtsp
+# rtp = stream originated by an external tool (e.g., gstreamer or
+# ffmpeg) and sent to the plugin via RTP
+# live = local file streamed live to multiple listeners
+# (multiple listeners = same streaming context)
+# ondemand = local file streamed on-demand to a single listener
+# (multiple listeners = different streaming contexts)
+# rtsp = stream originated by an external RTSP feed (only
+# available if libcurl support was compiled)
+# id = <unique numeric ID> (if missing, a random one will be generated)
+# description = This is my awesome stream
+# is_private = true|false (private streams don't appear when you do a 'list'
+# request)
+# secret = <optional password needed for manipulating (e.g., destroying
+# or enabling/disabling) the stream>
+# pin = <optional password needed for watching the stream>
+# filename = path to the local file to stream (only for live/ondemand)
+# audio = true|false (do/don't stream audio)
+# video = true|false (do/don't stream video)
+# The following options are only valid for the 'rtp' type:
+# data = true|false (do/don't stream text via datachannels)
+# audioport = local port for receiving audio frames
+# audiortcpport = local port, if any, for receiving and sending audio RTCP feedback
+# audiomcast = multicast group port for receiving audio frames, if any
+# audioiface = network interface or IP address to bind to, if any (binds to all otherwise)
+# audiopt = <audio RTP payload type> (e.g., 111)
+# audiortpmap = RTP map of the audio codec (e.g., opus/48000/2)
+# audioskew = true|false (whether the plugin should perform skew
+# analisys and compensation on incoming audio RTP stream, EXPERIMENTAL)
+# videoport = local port for receiving video frames
+# videortcpport = local port, if any, for receiving and sending video RTCP feedback
+# videomcast = multicast group port for receiving video frames, if any
+# videoiface = network interface or IP address to bind to, if any (binds to all otherwise)
+# videopt = <video RTP payload type> (e.g., 100)
+# videortpmap = RTP map of the video codec (e.g., VP8/90000)
+# videobufferkf = true|false (whether the plugin should store the latest
+# keyframe and send it immediately for new viewers, EXPERIMENTAL)
+# videosimulcast = true|false (do|don't enable video simulcasting)
+# videoport2 = second local port for receiving video frames (only for rtp, and simulcasting)
+# videoport3 = third local port for receiving video frames (only for rtp, and simulcasting)
+# videoskew = true|false (whether the plugin should perform skew
+# analisys and compensation on incoming video RTP stream, EXPERIMENTAL)
+# videosvc = true|false (whether the video will have SVC support; works only for VP9-SVC, default=false)
+# collision = in case of collision (more than one SSRC hitting the same port), the plugin
+# will discard incoming RTP packets with a new SSRC unless this many milliseconds
+# passed, which would then change the current SSRC (0=disabled)
+# dataport = local port for receiving data messages to relay
+# dataiface = network interface or IP address to bind to, if any (binds to all otherwise)
+# databuffermsg = true|false (whether the plugin should store the latest
+# message and send it immediately for new viewers)
+# threads = number of threads to assist with the relaying part, which can help
+# if you expect a lot of viewers that may cause the RTP receiving part
+# in the Streaming plugin to slow down and fail to catch up (default=0)
+#
+# In case you want to use SRTP for your RTP-based mountpoint, you'll need
+# to configure the SRTP-related properties as well, namely the suite to
+# use for hashing (32 or 80) and the crypto information for decrypting
+# the stream (as a base64 encoded string the way SDES does it). Notice
+# that with SRTP involved you'll have to pay extra attention to what you
+# feed the mountpoint, as you may risk getting SRTP decrypt errors:
+# srtpsuite = 32
+# srtpcrypto = WbTBosdVUZqEb6Htqhn+m3z7wUh4RJVR8nE15GbN
+#
+# The following options are only valid for the 'rstp' type:
+# url = RTSP stream URL (only for restreaming RTSP)
+# rtsp_user = RTSP authorization username (only if type=rtsp)
+# rtsp_pwd = RTSP authorization password (only if type=rtsp)
+# rtspiface = network interface or IP address to bind to, if any (binds to all otherwise), when receiving RTSP streams
+# rtsp_failcheck = whether an error should be returned if connecting to the RTSP server fails (default=true)
+#
+# Notice that, for 'rtsp' mountpoints, normally the plugin uses the exact
+# SDP rtpmap and fmtp attributes the remote camera or RTSP server sent.
+# In case the values set remotely are known to conflict with WebRTC viewers,
+# you can override both using the settings introduced above.
+#
+# To test the 'gstreamer-sample' example, check the test_gstreamer.sh
+# script in the plugins/streams folder. The live and on-demand audio
+# file streams, use a couple of files (radio.alaw, music.mulaw) that are
+# provided in the plugins/streams folder.
+#}
+
+general: {
+ #admin_key = "supersecret" # If set, mountpoints can be created via API
+ # only if this key is provided in the request
+ #rtp_port_range = "20000-40000" # Range of ports to use for RTP/RTCP when '0' is
+ # passed as port for a mountpoint (default=10000-60000)
+ #events = false # Whether events should be sent to event
+ # handlers (default=true)
+}
+
+gstreamer-sample: {
+ type = "rtp"
+ id = 1
+ description = "Opus/VP8 live stream coming from gstreamer"
+ audio = true
+ video = true
+ audioport = 5002
+ audiopt = 111
+ audiortpmap = "opus/48000/2"
+ videoport = 5004
+ videopt = 100
+ videortpmap = "VP8/90000"
+ secret = "adminpwd"
+}
+
+file-live-sample: {
+ type = "live"
+ id = 2
+ description = "a-law file source (radio broadcast)"
+ filename = "/usr/share/janus/streams/radio.alaw"
+ audio = true
+ video = false
+ secret = "adminpwd"
+}
+
+file-ondemand-sample: {
+ type = "ondemand"
+ id = 3
+ description = "mu-law file source (music)"
+ filename = "/usr/share/janus/streams/music.mulaw"
+ audio = true
+ video = false
+ secret = "adminpwd"
+}
+
+#
+# All browsers also support H.264, often through Cisco's OpenH264 plugin.
+# The only profile that is definitely supported is the baseline one, which
+# means that if you try a higher one it might or might not work. No matter
+# which profile you encode, though, you can put a custom one in the SDP if
+# you override the fmtp SDP attribute via 'videofmtp'. The following is an
+# example of how to create a simple H.264 mountpoint: you can feed it via
+# an x264enc+rtph264pay pipeline in gstreamer, an ffmpeg script or other.
+#
+#h264-sample: {
+ #type = "rtp"
+ #id = 10
+ #description = "H.264 live stream coming from gstreamer"
+ #audio = false
+ #video = true
+ #videoport = 8004
+ #videopt = 126
+ #videortpmap = "H264/90000"
+ #videofmtp = "profile-level-id=42e01f;packetization-mode=1"
+#}
+
+#
+# The Streaming plugin also supports the broadcasting of datachannel
+# messages, either by themselves or along other audio/video streams (e.g.,
+# to add a subtitle to a stream you're sending). The following is an
+# example of how you can create a datachannel-only mountpoint: you can
+# feed it with any tool that can send UDP datagrams, e.g., netcat.
+# Notice that the 'rtp' type just indicates this is a live mountpoint:
+# datachannel messages will be sent as usual, and not use RTP at all.
+#
+#data-example: {
+ #type = "rtp"
+ #id = 15
+ #description = "Datachannel stream from an UDP source"
+ #audio = false
+ #video = false
+ #data = true
+ #dataport = 5008
+#}
+
+#
+# This is a sample configuration for Opus/VP8 multicast streams. You
+# need an external script to feed data on those ports, of course.
+#
+#gstreamer-multicast: {
+ #type = "rtp"
+ #id = 20
+ #description = "Opus/VP8 live multicast stream sample"
+ #audio = true
+ #video = true
+ #audioport = 5002
+ #audiomcast = "232.3.4.5"
+ #audiopt = 111
+ #audiortpmap = "opus/48000/2"
+ #videoport = 5004
+ #videomcast = "232.3.4.5"
+ #videopt = 100
+ #videortpmap = "VP8/90000"
+#}
+
+#
+# This is a sample configuration for an RTSP stream: you can specify
+# the url to connect to and whether or not authentication is needed
+# using the url/rtsp_user/rtsp_pwd settings (but notice that digest
+# authentication will only work if you installed libcurl >= 7.45.0)
+# NOTE WELL: the plugin does NOT transcode, so the RTSP stream MUST be
+# in a format the browser can digest (e.g., VP8 or H.264 baseline for video)
+# Again, you can override payload type, rtpmap and/or fmtp, if needed
+#
+#rtsp-test: {
+ #type = "rtsp"
+ #id = 99
+ #description = "RTSP Test"
+ #audio = false
+ #video = true
+ #url = "rtsp://127.0.0.1:8554/unicast"
+ #rtsp_user = "username"
+ #rtsp_pwd = "password"
+#}
--- /dev/null
+# room-<unique room ID>: {
+# description = This is my awesome room
+# is_private = true|false (whether this room should be in the public list, default=true)
+# secret = <optional password needed for manipulating (e.g. destroying) the room>
+# pin = <optional password needed for joining the room>
+# post = <optional backend to contact via HTTP post for all incoming messages>
+#}
+
+general: {
+ #admin_key = "supersecret" # If set, rooms can be created via API only
+ # if this key is provided in the request
+ json = "indented" # Whether the data channel JSON messages should be indented (default),
+ # plain (no indentation) or compact (no indentation and no spaces)
+ #events = false # Whether events should be sent to event
+ # handlers (default=true)
+}
+
+room-1234: {
+ description = "Demo Room"
+ # is_private = true
+ secret = "adminpwd"
+ # pin = "roompwd"
+ # post = "http://example.com/forward/here"
+}
--- /dev/null
+# events = true|false, whether events should be sent to event handlers
+
+general: {
+ #events = false
+}
--- /dev/null
+# room-<unique room ID>: {
+# description = This is my awesome room
+# is_private = true|false (whether this room should be in the public list, default=true)
+# secret = <optional password needed for manipulating (e.g. destroying) the room>
+# pin = <optional password needed for joining the room>
+# require_pvtid = true|false (whether subscriptions are required to provide a valid
+# a valid private_id to associate with a publisher, default=false)
+# publishers = <max number of concurrent senders> (e.g., 6 for a video
+# conference or 1 for a webinar)
+# bitrate = <max video bitrate for senders> (e.g., 128000)
+# bitrate_cap = true|false (whether the above cap should act as a hard limit to
+# dynamic bitrate changes by publishers; default=false, publishers can go beyond that)
+# fir_freq = <send a FIR to publishers every fir_freq seconds> (0=disable)
+# audiocodec = opus|g722|pcmu|pcma|isac32|isac16 (audio codec(s) to force on publishers, default=opus
+# can be a comma separated list in order of preference, e.g., opus,pcmu)
+# videocodec = vp8|vp9|h264 (video codec(s) to force on publishers, default=vp8
+# can be a comma separated list in order of preference, e.g., vp9,vp8,h264)
+# opus_fec = true|false (whether inband FEC must be negotiated; only works for Opus, default=false)
+# video_svc = true|false (whether SVC support must be enabled; only works for VP9, default=false)
+# audiolevel_ext = true|false (whether the ssrc-audio-level RTP extension must
+# be negotiated/used or not for new publishers, default=true)
+# audiolevel_event = true|false (whether to emit event to other users or not, default=false)
+# audio_active_packets = 100 (number of packets with audio level, default=100, 2 seconds)
+# audio_level_average = 25 (average value of audio level, 127=muted, 0='too loud', default=25)
+# videoorient_ext = true|false (whether the video-orientation RTP extension must
+# be negotiated/used or not for new publishers, default=true)
+# playoutdelay_ext = true|false (whether the playout-delay RTP extension must
+# be negotiated/used or not for new publishers, default=true)
+# transport_wide_cc_ext = true|false (whether the transport wide CC RTP extension must be
+# negotiated/used or not for new publishers, default=true)
+# record = true|false (whether this room should be recorded, default=false)
+# rec_dir = <folder where recordings should be stored, when enabled>
+# notify_joining = true|false (optional, whether to notify all participants when a new
+# participant joins the room. The Videoroom plugin by design only notifies
+# new feeds (publishers), and enabling this may result extra notification
+# traffic. This flag is particularly useful when enabled with require_pvtid
+# for admin to manage listening only participants. default=false)
+#}
+
+general: {
+ #admin_key = "supersecret" # If set, rooms can be created via API only
+ # if this key is provided in the request
+ #lock_rtp_forward = true # Whether the admin_key above should be
+ # enforced for RTP forwarding requests too
+ #events = false # Whether events should be sent to event
+ # handlers (default=true)
+}
+
+room-1234: {
+ description = "Demo Room"
+ secret = "adminpwd"
+ publishers = 6
+ bitrate = 128000
+ fir_freq = 10
+ #audiocodec = "opus"
+ #videocodec = "vp8"
+ record = false
+ #rec_dir = "/path/to/recordings-folder"
+}
+
+# This other demo room here is only there in case you want to play with
+# the VP9 SVC support. Notice that you'll need a Chrome launched with
+# the flag that enables that support, or otherwise you'll be using just
+# plain VP9 (which is good if you want to test how this indeed affect
+# what receivers will get, whether they're encoding SVC or not).
+room-5678: {
+ description = "VP9-SVC Demo Room"
+ secret = "adminpwd"
+ publishers = 6
+ bitrate = 512000
+ fir_freq = 10
+ videocodec = "vp9"
+ video_svc = true
+}
--- /dev/null
+# path = where to place recordings in the file system (should be in a
+# properly configured web server, if you want the demo to work)
+# base = base path to use when returning the recording URI (use this
+# to make sure the file in the path you chose is reachable via HTTP)
+# events = true|false, whether events should be sent to event handlers
+
+general: {
+ path = "/usr/share/janus/demos/voicemail/"
+ base = "/voicemail/"
+ events = true
+}
--- /dev/null
+# Web server stuff: whether any should be enabled, which ports they
+# should use, whether security should be handled directly or demanded to
+# an external application (e.g., web frontend) and what should be the
+# base path for the Janus API protocol. You can also specify the
+# threading model to use for the HTTP webserver: by default this is
+# 'unlimited' (which means a thread per connection, as specified by the
+# libmicrohttpd documentation), using a number will make use of a thread
+# pool instead. Since long polls are involved, make sure you choose a
+# value that doesn't keep new connections waiting. Notice that by default
+# all the web servers will try and bind on both IPv4 and IPv6: if you
+# want to only bind to IPv4 addresses (e.g., because your system does not
+# support IPv6), you should set the web server 'ip' property to '0.0.0.0'.
+general: {
+ json = "indented" # Whether the JSON messages should be indented (default),
+ # plain (no indentation) or compact (no indentation and no spaces)
+ base_path = "/janus" # Base path to bind to in the web server (plain HTTP only)
+ threads = "unlimited" # unlimited=thread per connection, number=thread pool
+ http = true # Whether to enable the plain HTTP interface
+ port = 8088 # Web server HTTP port
+ #interface = "eth0" # Whether we should bind this server to a specific interface only
+ #ip = "192.168.0.1" # Whether we should bind this server to a specific IP address (v4 or v6) only
+ https = false # Whether to enable HTTPS (default=false)
+ #secure_port = 8089 # Web server HTTPS port, if enabled
+ #secure_interface = "eth0" # Whether we should bind this server to a specific interface only
+ #secure_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address (v4 or v6) only
+ #acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses
+}
+
+# Janus can also expose an admin/monitor endpoint, to allow you to check
+# which sessions are up, which handles they're managing, their current
+# status and so on. This provides a useful aid when debugging potential
+# issues in Janus. The configuration is pretty much the same as the one
+# already presented above for the webserver stuff, as the API is very
+# similar: choose the base bath for the admin/monitor endpoint (/admin
+# by default), ports, threading model, etc. Besides, you can specify
+# a secret that must be provided in all requests as a crude form of
+# authorization mechanism, and partial or full source IPs if you want to
+# limit access basing on IP addresses. For security reasons, this
+# endpoint is disabled by default, enable it by setting admin_http=true.
+admin: {
+ admin_base_path = "/admin" # Base path to bind to in the admin/monitor web server (plain HTTP only)
+ admin_threads = "unlimited" # unlimited=thread per connection, number=thread pool
+ admin_http = false # Whether to enable the plain HTTP interface
+ admin_port = 7088 # Admin/monitor web server HTTP port
+ #admin_interface = "eth0" # Whether we should bind this server to a specific interface only
+ #admin_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address (v4 or v6) only
+ admin_https = false # Whether to enable HTTPS (default=false)
+ #admin_secure_port = 7889 # Admin/monitor web server HTTPS port, if enabled
+ #admin_secure_interface = "eth0" # Whether we should bind this server to a specific interface only
+ #admin_secure_ip = "192.168.0.1 # Whether we should bind this server to a specific IP address (v4 or v6) only
+ #admin_acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses
+}
+
+# The HTTP servers created in Janus support CORS out of the box, but by
+# default they return a wildcard (*) in the 'Access-Control-Allow-Origin'
+# header. This works fine in most situations, except when we have to
+# respond to a credential request (withCredentials=true in the XHR). If
+# you need that, uncomment and set the 'allow_origin' below to specify
+# what must be returned in 'Access-Control-Allow-Origin'. More details:
+# https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
+cors: {
+ #allow_origin = "http://foo.example"
+}
+
+# Certificate and key to use for HTTPS, if enabled (and passphrase if needed).
+# You can also disable insecure protocols and ciphers by configuring the
+# 'ciphers' property accordingly (no limitation by default).
+certificates: {
+ cert_pem = "/etc/ssl/certs/ssl-cert-snakeoil.pem"
+ cert_key = "/etc/ssl/private/ssl-cert-snakeoil.key"
+ #cert_pwd = "secretpassphrase"
+ #ciphers = "PFS:-VERS-TLS1.0:-VERS-TLS1.1:-3DES-CBC:-ARCFOUR-128"
+}
--- /dev/null
+# You can also control a Janus instance using Nanomsg sockets. The only
+# aspect you need to configure here is the address to use for the
+# communication, and whether the address should be used to bind locally
+# or to connect to a remote endpoint. Notice that the only supported
+# pattern is NN_PAIR, so you'll only be able to have a single client
+# controlling the API with this plugin. As usual, both Janus API and Admin
+# API endpoints can be configured.
+general: {
+ enabled = true # Whether to enable the Nanomsg interface
+ # for Janus API clients
+ json = "indented" # Whether the JSON messages should be indented (default),
+ # plain (no indentation) or compact (no indentation and no spaces)
+ #mode = "bind" # Whether we should 'bind' to the specified
+ # address (default), or connect to it if remote
+ address = "ipc:///tmp/janus.ipc" # Address to use (Janus API), refer
+ # to the Nanomsg documentation for more info
+ # on different transports you can use here
+}
+
+# As with other transport plugins, you can use Nanomsg to interact with
+# the Admin API as well: in case you're interested in it, a different
+# address needs to be provided.
+admin: {
+ admin_enabled = false # Whether to enable the Nanomsg interface
+ # for Admin API clients
+ #admin_mode = "bind"
+ #admin_address = "ipc:///tmp/janus-admin.ipc"
+}
--- /dev/null
+# You can also control a Janus instance using Unix Sockets. The only
+# aspect you need to configure here is the path of the Unix Sockets
+# server. Notice that by default the interface is disabled, as you need
+# to specify the path(s) to bind to for the API(s).
+general: {
+ enabled = false # Whether to enable the Unix Sockets interface
+ # for Janus API clients
+ json = "indented" # Whether the JSON messages should be indented (default),
+ # plain (no indentation) or compact (no indentation and no spaces)
+ #path = "/path/to/ux-janusapi" # Path to bind to (Janus API)
+ #type = "SOCK_SEQPACKET" # SOCK_SEQPACKET (default) or SOCK_DGRAM?
+}
+
+# As with other transport plugins, you can use Unix Sockets to interact
+# with the Admin API as well: in case you're interested in it, a different
+# path needs to be provided.
+admin: {
+ admin_enabled = false # Whether to enable the Unix Sockets interface
+ # for Admin API clients
+ #admin_path = "/path/to/ux-janusadmin" # Path to bind to (Admin API)
+ #admin_type = "SOCK_SEQPACKET" # SOCK_SEQPACKET (default) or SOCK_DGRAM?
+}
--- /dev/null
+# Configuration of the RabbitMQ additional transport for the Janus API.
+# This is only useful when you're wrapping Janus requests in your server
+# application, and handling the communication with clients your own way.
+# At the moment, only a single "application" can be handled at the same
+# time, meaning that Janus won't implement multiple queues to handle
+# multiple concurrent "application servers" taking advantage of its
+# features. Support for this is planned, though (e.g., through some kind
+# of negotiation to create queues on the fly). Right now, you can only
+# configure the address of the RabbitMQ server to use, and the queues to
+# make use of to receive (to-janus) and send (from-janus) messages
+# from/to an external application. If you're using the same RabbitMQ
+# server instance for multiple Janus instances, make sure you configure
+# different queues for each of them (e.g., from-janus-1/to-janus-1 and
+# from-janus-2/to-janus-2), or otherwise both the instances will make
+# use of the same queues and messages will get lost. The integration
+# is disabled by default, so set enabled=true if you want to use it.
+general: {
+ enabled = false # Whether the support must be enabled
+ json = "indented" # Whether the JSON messages should be indented (default),
+ # plain (no indentation) or compact (no indentation and no spaces)
+ host = "localhost" # The address of the RabbitMQ server
+ #port = 5672 # The port of the RabbitMQ server (5672 by default)
+ #username = "guest" # Username to use to authenticate, if needed
+ #password = "guest" # Password to use to authenticate, if needed
+ #vhost = "/" # Virtual host to specify when logging in, if needed
+ to_janus = "to-janus" # Name of the queue for incoming messages
+ from_janus = "from-janus" # Name of the queue for outgoing messages
+ #janus_exchange = "janus-exchange" # Exchange for outgoing messages, using default if not provided
+ #ssl_enabled = false # Whether ssl support must be enabled
+ #ssl_verify_peer = true # Whether peer verification must be enabled
+ #ssl_verify_hostname = true # Whether hostname verification must be enabled
+
+ # Certificates to use when SSL support is enabled, if needed
+ #ssl_cacert = "/path/to/cacert.pem"
+ ssl_cert = "/etc/ssl/certs/ssl-cert-snakeoil.pem"
+ ssl_key = "/etc/ssl/private/ssl-cert-snakeoil.key"
+}
+
+# If you want to expose the Admin API via RabbitMQ as well, you need to
+# specify a different set of queues, as you cannot mix Janus API and
+# Admin API messaging. The same RabbitMQ server is supposed to be used.
+# Notice that by default the Admin API support via RabbitMQ is disabled.
+admin: {
+ #admin_enabled = false # Whether the support must be enabled
+ #to_janus_admin = "to-janus-admin" # Name of the queue for incoming messages
+ #from_janus_admin = "from-janus-admin" # Name of the queue for outgoing messages
+}
--- /dev/null
+# WebSockets stuff: whether they should be enabled, which ports they
+# should use, and so on.
+general: {
+ json = "indented" # Whether the JSON messages should be indented (default),
+ # plain (no indentation) or compact (no indentation and no spaces)
+ #pingpong_trigger = 30 # After how many seconds of idle, a PING should be sent
+ #pingpong_timeout = 10 # After how many seconds of not getting a PONG, a timeout should be detected
+
+ ws = true # Whether to enable the WebSockets API
+ ws_port = 8188 # WebSockets server port
+ #ws_interface = "eth0" # Whether we should bind this server to a specific interface only
+ #ws_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address only
+ wss = false # Whether to enable secure WebSockets
+ #wss_port = 8989 # WebSockets server secure port, if enabled
+ #wss_interface = "eth0" # Whether we should bind this server to a specific interface only
+ #wss_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address only
+ #ws_logging = "err,warn" # libwebsockets debugging level as a comma separated list of things
+ # to debug, supported values: err, warn, notice, info, debug, parser,
+ # header, ext, client, latency, user, count (plus 'none' and 'all')
+ #ws_acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses
+}
+
+# If you want to expose the Admin API via WebSockets as well, you need to
+# specify a different server instance, as you cannot mix Janus API and
+# Admin API messaging. Notice that by default the Admin API support via
+# WebSockets is disabled.
+admin: {
+ admin_ws = false # Whether to enable the Admin API WebSockets API
+ admin_ws_port = 7188 # Admin API WebSockets server port, if enabled
+ #admin_ws_interface = "eth0" # Whether we should bind this server to a specific interface only
+ #admin_ws_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address only
+ admin_wss = false # Whether to enable the Admin API secure WebSockets
+ #admin_wss_port = 7989 # Admin API WebSockets server secure port, if enabled
+ #admin_wss_interface = "eth0" # Whether we should bind this server to a specific interface only
+ #admin_wss_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address only
+ #admin_ws_acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses
+}
+
+# Certificate and key to use for any secure WebSocket server, if enabled (and passphrase if needed).
+certificates: {
+ cert_pem = "/etc/ssl/certs/ssl-cert-snakeoil.pem"
+ cert_key = "/etc/ssl/private/ssl-cert-snakeoil.key"
+ #cert_pwd = "secretpassphrase"
+}
--- /dev/null
+../init.d/janus
\ No newline at end of file
--- /dev/null
+../init.d/janus
\ No newline at end of file
--- /dev/null
+../init.d/janus
\ No newline at end of file
--- /dev/null
+../init.d/janus
\ No newline at end of file
--- /dev/null
+../init.d/janus
\ No newline at end of file
--- /dev/null
+../init.d/janus
\ No newline at end of file
--- /dev/null
+../init.d/janus
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/janus.service
\ No newline at end of file
projects / vserver / commitdiff