Advertisement
Guest User

Untitled

a guest
Oct 21st, 2021
56
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # General configuration: folders where the configuration and the plugins
  2. # can be found, how output should be logged, whether Janus should run as
  3. # a daemon or in foreground, default interface to use, debug/logging level
  4. # and, if needed, shared apisecret and/or token authentication mechanism
  5. # between application(s) and Janus.
  6. general: {
  7. configs_folder = "/opt/janus/etc/janus" # Configuration files folder
  8. plugins_folder = "/opt/janus/lib/janus/plugins" # Plugins folder
  9. transports_folder = "/opt/janus/lib/janus/transports" # Transports folder
  10. events_folder = "/opt/janus/lib/janus/events" # Event handlers folder
  11. loggers_folder = "/opt/janus/lib/janus/loggers" # External loggers folder
  12.  
  13. # The next settings configure logging
  14. log_to_stdout = false # Whether the Janus output should be written
  15. # to stdout or not (default=true)
  16. log_to_file = "/opt/janus/janus.log" # Whether to use a log file or not
  17. debug_level = 5 # Debug/logging level, valid values are 0-7
  18. #debug_timestamps = true # Whether to show a timestamp for each log line
  19. #debug_colors = false # Whether colors should be disabled in the log
  20. #debug_locks = true # Whether to enable debugging of locks (very verbose!)
  21. #log_prefix = "[janus] " # In case you want log lines to be prefixed by some
  22. # custom text, you can use the 'log_prefix' property.
  23. # It supports terminal colors, meaning something like
  24. # "[\x1b[32mjanus\x1b[0m] " would show a green "janus"
  25. # string in square brackets (assuming debug_colors=true).
  26.  
  27. # This is what you configure if you want to launch Janus as a daemon
  28. #daemonize = true # Whether Janus should run as a daemon
  29. # or not (default=run in foreground)
  30. #pid_file = "/path/to/janus.pid" # PID file to create when Janus has been
  31. # started, and to destroy at shutdown
  32.  
  33. # There are different ways you can authenticate the Janus and Admin APIs
  34. #api_secret = "janusrocks" # String that all Janus requests must contain
  35. # to be accepted/authorized by the Janus core.
  36. # Useful if you're wrapping all Janus API requests
  37. # in your servers (that is, not in the browser,
  38. # where you do the things your way) and you
  39. # don't want other application to mess with
  40. # this Janus instance.
  41. #token_auth = true # Enable a token based authentication
  42. # mechanism to force users to always provide
  43. # a valid token in all requests. Useful if
  44. # you want to authenticate requests from web
  45. # users.
  46. #token_auth_secret = "janus" # Use HMAC-SHA1 signed tokens (with token_auth). Note that
  47. # without this, the Admin API MUST
  48. # be enabled, as tokens are added and removed
  49. # through messages sent there.
  50. admin_secret = "janusoverlord" # String that all Janus requests must contain
  51. # to be accepted/authorized by the admin/monitor.
  52. # only needed if you enabled the admin API
  53. # in any of the available transports.
  54.  
  55. # Generic settings
  56. #interface = "1.2.3.4" # Interface to use (will be used in SDP)
  57. server_name = "TEC-13"# Public name of this Janus instance
  58. # as it will appear in an info request
  59. session_timeout = 60000 # How long (in seconds) we should wait before
  60. # deciding a Janus session has timed out. A
  61. # session times out when no request is received
  62. # for session_timeout seconds (default=60s).
  63. # Setting this to 0 will disable the timeout
  64. # mechanism, which is NOT suggested as it may
  65. # risk having orphaned sessions (sessions not
  66. # controlled by any transport and never freed).
  67. # To avoid timeouts, keep-alives can be used.
  68. #candidates_timeout = 45 # How long (in seconds) we should keep hold of
  69. # pending (trickle) candidates before discarding
  70. # them (default=45s). Notice that setting this
  71. # to 0 will NOT disable the timeout, but will
  72. # be considered an invalid value and ignored.
  73. #reclaim_session_timeout = 0 # How long (in seconds) we should wait for a
  74. # janus session to be reclaimed after the transport
  75. # is gone. After the transport is gone, a session
  76. # times out when no request is received for
  77. # reclaim_session_timeout seconds (default=0s).
  78. # Setting this to 0 will disable the timeout
  79. # mechanism, and sessions will be destroyed immediately
  80. # if the transport is gone.
  81. #recordings_tmp_ext = "tmp" # The extension for recordings, in Janus, is
  82. # .mjr, a custom format we devised ourselves.
  83. # By default, we save to .mjr directly. If you'd
  84. # rather the recording filename have a temporary
  85. # extension while it's being saved, and only
  86. # have the .mjr extension when the recording
  87. # is over (e.g., to automatically trigger some
  88. # external scripts), then uncomment and set the
  89. # recordings_tmp_ext property to the extension
  90. # to add to the base (e.g., tmp --> .mjr.tmp).
  91. #event_loops = 8 # By default, Janus handles each have their own
  92. # event loop and related thread for all the media
  93. # routing and management. If for some reason you'd
  94. # rather limit the number of loop/threads, and
  95. # you want handles to share those, you can do that
  96. # configuring the event_loops property: this will
  97. # spawn the specified amount of threads at startup,
  98. # run a separate event loop on each of them, and
  99. # add new handles to one of them when attaching.
  100. # Notice that, while cutting the number of threads
  101. # and possibly reducing context switching, this
  102. # might have an impact on the media delivery,
  103. # especially if the available loops can't take
  104. # care of all the handles and their media in time.
  105. # As such, if you want to use this you should
  106. # provision the correct value according to the
  107. # available resources (e.g., CPUs available).
  108. #allow_loop_indication = true # In case a static number of event loops is
  109. # configured as explained above, by default
  110. # new handles will be allocated on one loop or
  111. # another by the Janus core itself. In some cases
  112. # it may be helpful to manually tell the Janus
  113. # core which loop a handle should be added to,
  114. # e.g., to group viewers of the same stream on
  115. # the same loop. This is possible via the Janus
  116. # API when performing the 'attach' request, but
  117. # only if allow_loop_indication is set to true;
  118. # it's set to false by default to avoid abuses.
  119. # Don't change if you don't know what you're doing!
  120. #opaqueid_in_api = true # Opaque IDs set by applications are typically
  121. # only passed to event handlers for correlation
  122. # purposes, but not sent back to the user or
  123. # application in the related Janus API responses
  124. # or events; in case you need them to be in the
  125. # Janus API too, set this property to 'true'.
  126. #hide_dependencies = true # By default, a call to the "info" endpoint of
  127. # either the Janus or Admin API now also returns
  128. # the versions of the main dependencies (e.g.,
  129. # libnice, libsrtp, which crypto library is in
  130. # use and so on). Should you want that info not
  131. # to be disclose, set 'hide_dependencies' to true.
  132.  
  133. # The following is ONLY useful when debugging RTP/RTCP packets,
  134. # e.g., to look at unencrypted live traffic with a browser. By
  135. # default it is obviously disabled, as WebRTC mandates encryption.
  136. #no_webrtc_encryption = true
  137.  
  138. # Janus provides ways via its API to specify custom paths to save
  139. # files to (e.g., recordings, pcap captures and the like). In order
  140. # to avoid people can mess with folders they're not supposed to,
  141. # you can configure an array of folders that Janus should prevent
  142. # creating files in. If the 'protected_folder' property below is
  143. # commented, no folder is protected.
  144. # Notice that at the moment this only covers attempts to start
  145. # an .mjr recording and pcap/text2pcap packet captures.
  146. protected_folders = [
  147. "/bin",
  148. "/boot",
  149. "/dev",
  150. "/etc",
  151. "/initrd",
  152. "/lib",
  153. "/lib32",
  154. "/lib64",
  155. "/proc",
  156. "/sbin",
  157. "/sys",
  158. "/usr",
  159. "/var",
  160. # We add what are usually the folders Janus is installed to
  161. # as well: we don't just put "/opt/janus" because that would
  162. # include folders like "/opt/janus/share" that is where
  163. # recordings might be saved to by some plugins
  164. "/opt/janus/bin",
  165. "/opt/janus/etc",
  166. "/opt/janus/include",
  167. "/opt/janus/lib",
  168. "/opt/janus/lib32",
  169. "/opt/janus/lib64",
  170. "/opt/janus/sbin"
  171. ]
  172. }
  173.  
  174. # Certificate and key to use for DTLS (and passphrase if needed). If missing,
  175. # Janus will autogenerate a self-signed certificate to use. Notice that
  176. # self-signed certificates are fine for the purpose of WebRTC DTLS
  177. # connectivity, for the time being, at least until Identity Providers
  178. # are standardized and implemented in browsers. If for some reason you
  179. # want to enforce the DTLS stack in Janus to enforce valid certificates
  180. # from peers, though, you can do that setting 'dtls_accept_selfsigned' to
  181. # 'false' below: DO NOT TOUCH THAT IF YOU DO NOT KNOW WHAT YOU'RE DOING!
  182. # You can also configure the DTLS ciphers to offer: the default if not
  183. # set is "DEFAULT:!NULL:!aNULL:!SHA256:!SHA384:!aECDH:!AESGCM+AES256:!aPSK"
  184. # Finally, by default NIST P-256 certificates are generated (see #1997),
  185. # but RSA generation is still supported if you set 'rsa_private_key' to 'true'.
  186. certificates: {
  187. #cert_pem = "/path/to/certificate.pem"
  188. #cert_key = "/path/to/key.pem"
  189. #cert_pwd = "secretpassphrase"
  190. #dtls_accept_selfsigned = false
  191. #dtls_ciphers = "your-desired-openssl-ciphers"
  192. #rsa_private_key = false
  193. }
  194.  
  195. # Media-related stuff: you can configure whether if you want to enable IPv6
  196. # support (and link-local IPs), the minimum size of the NACK queue (in ms,
  197. # defaults to 200ms) for retransmissions no matter the RTT, the range of
  198. # ports to use for RTP and RTCP (by default, no range is envisaged), the
  199. # starting MTU for DTLS (1200 by default, it adapts automatically),
  200. # how much time, in seconds, should pass with no media (audio or
  201. # video) being received before Janus notifies you about this (default=1s,
  202. # 0 disables these events entirely), how many lost packets should trigger
  203. # a 'slowlink' event to users (default=4), and how often, in milliseconds,
  204. # to send the Transport Wide Congestion Control feedback information back
  205. # to senders, if negotiated (default=200ms). Finally, if you're using BoringSSL
  206. # you can customize the frequency of retransmissions: OpenSSL has a fixed
  207. # value of 1 second (the default), while BoringSSL can override that. Notice
  208. # that lower values (e.g., 100ms) will typically get you faster connection
  209. # times, but may not work in case the RTT of the user is high: as such,
  210. # you should pick a reasonable trade-off (usually 2*max expected RTT).
  211. media: {
  212. #ipv6 = true
  213. #ipv6_linklocal = true
  214. #min_nack_queue = 500
  215. rtp_port_range = "5002-65535"
  216. #dtls_mtu = 1200
  217. #no_media_timer = 1
  218. #slowlink_threshold = 4
  219. #twcc_period = 100
  220. #dtls_timeout = 500
  221.  
  222. # Janus can do some optimizations on the NACK queue, specifically when
  223. # keyframes are involved. Namely, you can configure Janus so that any
  224. # time a keyframe is sent to a user, the NACK buffer for that connection
  225. # is emptied. This allows Janus to ignore NACK requests for packets
  226. # sent shortly before the keyframe was sent, since it can be assumed
  227. # that the keyframe will restore a complete working image for the user
  228. # anyway (which is the main reason why video retransmissions are typically
  229. # required). While this optimization is known to work fine in most cases,
  230. # it can backfire in some edge cases, and so is disabled by default.
  231. #nack_optimizations = true
  232.  
  233. # If you need DSCP packet marking and prioritization, you can configure
  234. # the 'dscp' property to a specific values, and Janus will try to
  235. # set it on all outgoing packets using libnice. Normally, the specs
  236. # suggest to use different values depending on whether audio, video
  237. # or data are used, but since all PeerConnections in Janus are bundled,
  238. # we can only use one. You can refer to this document for more info:
  239. # https://tools.ietf.org/html/draft-ietf-tsvwg-rtcweb-qos-18#page-6
  240. # That said, DON'T TOUCH THIS IF YOU DON'T KNOW WHAT IT MEANS!
  241. #dscp = 46
  242. }
  243.  
  244. # NAT-related stuff: specifically, you can configure the STUN/TURN
  245. # servers to use to gather candidates if the gateway is behind a NAT,
  246. # and srflx/relay candidates are needed. In case STUN is not enough and
  247. # this is needed (it shouldn't), you can also configure Janus to use a
  248. # TURN server# please notice that this does NOT refer to TURN usage in
  249. # browsers, but in the gathering of relay candidates by Janus itself,
  250. # e.g., if you want to limit the ports used by a Janus instance on a
  251. # private machine. Furthermore, you can choose whether Janus should be
  252. # configured to do full-trickle (Janus also trickles its candidates to
  253. # users) rather than the default half-trickle (Janus supports trickle
  254. # candidates from users, but sends its own within the SDP), and whether
  255. # it should work in ICE-Lite mode (by default it doesn't). If libnice is
  256. # at least 0.1.15, you can choose which ICE nomination mode to use: valid
  257. # values are "regular" and "aggressive" (the default depends on the libnice
  258. # version itself; if we can set it, we set aggressive nomination). You can
  259. # also configure whether to use connectivity checks as keep-alives, which
  260. # might help detecting when a peer is no longer available (notice that
  261. # current libnice master is breaking connections after 50 seconds when
  262. # keepalive-conncheck is being used, so if you want to use it, better
  263. # sticking to 0.1.18 until the issue is addressed upstream). Finally,
  264. # you can also enable ICE-TCP support (beware that this may lead to problems
  265. # if you do not enable ICE Lite as well), choose which interfaces should
  266. # be used for gathering candidates, and enable or disable the
  267. # internal libnice debugging, if needed.
  268. nat: {
  269. stun_server = "turn.tecnosul.tech"
  270. stun_port = 3478
  271. nice_debug = true
  272. #full_trickle = true
  273. #ice_nomination = "regular"
  274. #ice_keepalive_conncheck = true
  275. #ice_lite = true
  276. #ice_tcp = true
  277.  
  278. # By default Janus tries to resolve mDNS (.local) candidates: even
  279. # though this is now done asynchronously and shouldn't keep the API
  280. # busy, even in case mDNS resolution takes a long time to timeout,
  281. # you can choose to drop all .local candidates instead, which is
  282. # helpful in case you know clients will never be in the same private
  283. # network as the one the Janus instance is running from. Notice that
  284. # this will cause ICE to fail if mDNS is the only way to connect!
  285. #ignore_mdns = true
  286.  
  287. # In case you're deploying Janus on a server which is configured with
  288. # a 1:1 NAT (e.g., Amazon EC2), you might want to also specify the public
  289. # address of the machine using the setting below. This will result in
  290. # all host candidates (which normally have a private IP address) to
  291. # be rewritten with the public address provided in the settings. As
  292. # such, use the option with caution and only if you know what you're doing.
  293. # Make sure you keep ICE Lite disabled, though, as it's not strictly
  294. # speaking a publicly reachable server, and a NAT is still involved.
  295. # If you'd rather keep the private IP address in place, rather than
  296. # replacing it (and so have both of them as advertised candidates),
  297. # then set the 'keep_private_host' property to true.
  298. # Multiple public IP addresses can be specified as a comma separated list
  299. # if the Janus is deployed in a DMZ between two 1-1 NAT for internal and
  300. # external users.
  301. nat_1_1_mapping = "45.6.178.19"
  302. keep_private_host = true
  303.  
  304. # You can configure a TURN server in two different ways: specifying a
  305. # statically configured TURN server, and thus provide the address of the
  306. # TURN server, the transport (udp/tcp/tls) to use, and a set of valid
  307. # credentials to authenticate. Notice that you should NEVER configure
  308. # a TURN server for Janus unless it's really what you want! If you want
  309. # *users* to use TURN, then you need to configure that on the client
  310. # side, and NOT in Janus. The following TURN configuration should ONLY
  311. # be enabled when Janus itself is sitting behind a restrictive firewall
  312. # (e.g., it's part of a service installed on a box in a private home).
  313. #turn_server = "turn.tecnosul.tech"
  314. #turn_port = 5349
  315. #turn_type = "udp"
  316. #turn_user = "turnadmin"
  317. #turn_pwd = "pass"
  318.  
  319. # You can also make use of the TURN REST API to get info on one or more
  320. # TURN services dynamically. This makes use of the proposed standard of
  321. # such an API (https://tools.ietf.org/html/draft-uberti-behave-turn-rest-00)
  322. # which is currently available in both rfc5766-turn-server and coturn.
  323. # You enable this by specifying the address of your TURN REST API backend,
  324. # the HTTP method to use (GET or POST) and, if required, the API key Janus
  325. # must provide. The timeout can be configured in seconds, with a default of
  326. # 10 seconds and a minimum of 1 second. Notice that the 'opaque_id' provided
  327. # via Janus API will be used as the username for a specific PeerConnection
  328. # by default; if that one is missing, the 'session_id' will be used as the
  329. # username instead.
  330. #turn_rest_api = "http://yourbackend.com/path/to/api"
  331. #turn_rest_api_key = "anyapikeyyoumayhaveset"
  332. #turn_rest_api_method = "GET"
  333. #turn_rest_api_timeout = 10
  334.  
  335. # In case a TURN server is provided, you can allow applications to force
  336. # Janus to use TURN (https://github.com/meetecho/janus-gateway/pull/2774).
  337. # This is NOT allowed by default: only enable it if you know what you're doing.
  338. #allow_force_relay = true
  339.  
  340. # You can also choose which interfaces should be explicitly used by the
  341. # gateway for the purpose of ICE candidates gathering, thus excluding
  342. # others that may be available. To do so, use the 'ice_enforce_list'
  343. # setting and pass it a comma-separated list of interfaces or IP addresses
  344. # to enforce. This is especially useful if the server hosting the gateway
  345. # has several interfaces, and you only want a subset to be used. Any of
  346. # the following examples are valid:
  347. # ice_enforce_list = "eth0"
  348. # ice_enforce_list = "eth0,eth1"
  349. # ice_enforce_list = "eth0,192.168."
  350. # ice_enforce_list = "eth0,192.168.0.1"
  351. # By default, no interface is enforced, meaning Janus will try to use them all.
  352. #ice_enforce_list = "eth0"
  353.  
  354. # In case you don't want to specify specific interfaces to use, but would
  355. # rather tell Janus to use all the available interfaces except some that
  356. # you don't want to involve, you can also choose which interfaces or IP
  357. # addresses should be excluded and ignored by the gateway for the purpose
  358. # of ICE candidates gathering. To do so, use the 'ice_ignore_list' setting
  359. # and pass it a comma-separated list of interfaces or IP addresses to
  360. # ignore. This is especially useful if the server hosting the gateway
  361. # has several interfaces you already know will not be used or will simply
  362. # always slow down ICE (e.g., virtual interfaces created by VMware).
  363. # Partial strings are supported, which means that any of the following
  364. # examples are valid:
  365. # ice_ignore_list = "vmnet8,192.168.0.1,10.0.0.1"
  366. # ice_ignore_list = "vmnet,192.168."
  367. # Just beware that the ICE ignore list is not used if an enforce list
  368. # has been configured. By default, Janus ignores all interfaces whose
  369. # name starts with 'vmnet', to skip VMware interfaces:
  370. ice_ignore_list = "vmnet"
  371.  
  372. # In case you want to allow Janus to start even if the configured STUN or TURN
  373. # server is unreachable, you can set 'ignore_unreachable_ice_server' to true.
  374. # WARNING: We do not recommend to ignore reachability problems, particularly
  375. # if you run Janus in the cloud. Before enabling this flag, make sure your
  376. # system is correctly configured and Janus starts after the network layer of
  377. # your machine is ready. Note that Linux distributions offer such directives.
  378. # You could use the following directive in systemd: 'After=network-online.target'
  379. # https://www.freedesktop.org/software/systemd/man/systemd.unit.html#Before=
  380. #ignore_unreachable_ice_server = true
  381. }
  382.  
  383. # You can choose which of the available plugins should be
  384. # enabled or not. Use the 'disable' directive to prevent Janus from
  385. # loading one or more plugins: use a comma separated list of plugin file
  386. # names to identify the plugins to disable. By default all available
  387. # plugins are enabled and loaded at startup.
  388. plugins: {
  389. #disable = "libjanus_voicemail.so,libjanus_recordplay.so"
  390. }
  391.  
  392. # You can choose which of the available transports should be enabled or
  393. # not. Use the 'disable' directive to prevent Janus from loading one
  394. # or more transport: use a comma separated list of transport file names
  395. # to identify the transports to disable. By default all available
  396. # transports are enabled and loaded at startup.
  397. transports: {
  398. #disable = "libjanus_rabbitmq.so"
  399. }
  400.  
  401. # As a core feature, Janus can log either on the standard output, or to
  402. # a local file. Should you need more advanced logging functionality, you
  403. # can make use of one of the custom loggers, or write one yourself. Use the
  404. # 'disable' directive to prevent Janus from loading one or more loggers:
  405. # use a comma separated list of logger file names to identify the loggers
  406. # to disable. By default all available loggers are enabled and loaded at startup.
  407. loggers: {
  408. #disable = "libjanus_jsonlog.so"
  409. }
  410.  
  411. # Event handlers allow you to receive live events from Janus happening
  412. # in core and/or plugins. Since this can require some more resources,
  413. # the feature is disabled by default. Setting broadcast to yes will
  414. # enable them. You can then choose which of the available event handlers
  415. # should be loaded or not. Use the 'disable' directive to prevent Janus
  416. # from loading one or more event handlers: use a comma separated list of
  417. # file names to identify the event handlers to disable. By default, if
  418. # broadcast is set to yes all available event handlers are enabled and
  419. # loaded at startup. Finally, you can choose how often media statistics
  420. # (packets sent/received, losses, etc.) should be sent: by default it's
  421. # once per second (audio and video statistics sent separately), but may
  422. # considered too verbose, or you may want to limit the number of events,
  423. # especially if you have many PeerConnections active. To change this,
  424. # just set 'stats_period' to the number of seconds that should pass in
  425. # between statistics for each handle. Setting it to 0 disables them (but
  426. # not other media-related events).
  427. events: {
  428. #broadcast = true
  429. #disable = "libjanus_sampleevh.so"
  430. #stats_period = 5
  431. }
  432.  
Advertisement
RAW Paste Data Copied
Advertisement