jitsi changed
This commit is contained in:
85
README.md
Normal file
85
README.md
Normal file
@@ -0,0 +1,85 @@
|
||||
# PoliticTalk Jitsi Setup
|
||||
|
||||
This folder is the local source of truth for the PoliticTalk Jitsi setup used by:
|
||||
|
||||
```text
|
||||
https://politictalk.parallelglobe.io
|
||||
```
|
||||
|
||||
The VPS still runs the actual Jitsi services. Changes should be made here first, committed to Git, pulled on the VPS, then deployed into the system Jitsi paths with the deploy script.
|
||||
|
||||
## Structure
|
||||
|
||||
```text
|
||||
jitsi/
|
||||
config/
|
||||
politictalk.parallelglobe.io-config.js
|
||||
assets/
|
||||
public/politictalk/
|
||||
branding.json
|
||||
pgLogo.svg
|
||||
nginx/
|
||||
politictalk.parallelglobe.io.conf
|
||||
scripts/
|
||||
deploy-vps.sh
|
||||
templates/
|
||||
```
|
||||
|
||||
## Current Meeting Policy
|
||||
|
||||
- Meetings start in audio-only mode.
|
||||
- Participants join with microphone muted.
|
||||
- Participants join with camera off.
|
||||
- Camera/prejoin camera controls are hidden.
|
||||
- Toolbar is limited to microphone, chat, raise hand, fullscreen, noise suppression, participants pane, and hangup.
|
||||
- Chat and polls are enabled.
|
||||
- Invite/share controls are disabled.
|
||||
- Room names are not stored in recent rooms.
|
||||
- E2EE support is enabled in the Jitsi config.
|
||||
- The logo and dynamic branding point to PoliticTalk public assets.
|
||||
|
||||
## VPS Paths
|
||||
|
||||
The deploy script copies local files into these VPS paths:
|
||||
|
||||
```text
|
||||
jitsi/config/politictalk.parallelglobe.io-config.js
|
||||
-> /etc/jitsi/meet/politictalk.parallelglobe.io-config.js
|
||||
|
||||
jitsi/assets/public/politictalk/*
|
||||
-> /etc/jitsi/meet/public/politictalk/
|
||||
|
||||
jitsi/nginx/politictalk.parallelglobe.io.conf
|
||||
-> /etc/nginx/sites-available/politictalk.parallelglobe.io.conf
|
||||
```
|
||||
|
||||
By default, the deploy script does not replace nginx config unless `DEPLOY_NGINX=1` is set.
|
||||
|
||||
## Deploy On VPS
|
||||
|
||||
After pulling the latest repo changes on the VPS:
|
||||
|
||||
```bash
|
||||
cd /path/to/pg/jitsi
|
||||
sudo ./scripts/deploy-vps.sh
|
||||
```
|
||||
|
||||
To also deploy the nginx vhost:
|
||||
|
||||
```bash
|
||||
cd /path/to/pg/jitsi
|
||||
sudo DEPLOY_NGINX=1 ./scripts/deploy-vps.sh
|
||||
```
|
||||
|
||||
For current `config.js`, branding, and asset changes, an nginx reload is enough. Future JWT/auth changes may require restarting Prosody and Jicofo.
|
||||
|
||||
## Future Auth Work
|
||||
|
||||
The future authenticated flow should be:
|
||||
|
||||
```text
|
||||
PgPlatform -> PgApi verifies event/user -> PgApi creates short-lived Jitsi JWT
|
||||
-> PgPlatform prejoin/iframe -> Jitsi validates JWT on VPS
|
||||
```
|
||||
|
||||
Do not commit real secrets here. JWT secrets, Prosody passwords, and private keys should stay in VPS-only environment/config files.
|
||||
Reference in New Issue
Block a user