const os = require('os'); const userRoles = require('../userRoles'); // const AwaitQueue = require('awaitqueue'); // const axios = require('axios'); module.exports = { // Auth conf /* auth : { lti : { consumerKey : 'key', consumerSecret : 'secret' }, oidc: { // The issuer URL for OpenID Connect discovery // The OpenID Provider Configuration Document // could be discovered on: // issuerURL + '/.well-known/openid-configuration' issuerURL : 'https://example.com', clientOptions : { client_id : '', client_secret : '', scope : 'openid email profile', // where client.example.com is your multiparty meeting server redirect_uri : 'https://client.example.com/auth/callback' } } }, */ // URI and key for requesting geoip-based TURN server closest to the client turnAPIKey : 'examplekey', turnAPIURI : 'https://example.com/api/turn', turnAPIparams : { 'uri_schema' : 'turn', 'transport' : 'tcp', 'ip_ver' : 'ipv4', 'servercount' : '2' }, // Backup turnservers if REST fails or is not configured backupTurnServers : [ { urls : [ 'turn:turn.example.com:443?transport=tcp' ], username : 'example', credential : 'example' } ], fileTracker : 'wss://tracker.lab.vvc.niif.hu:443', redisOptions : {}, // session cookie secret cookieSecret : 'T0P-S3cR3t_cook!e', cookieName : 'multiparty-meeting.sid', tls : { cert : `${__dirname}/../certs/mediasoup-demo.localhost.cert.pem`, key : `${__dirname}/../certs/mediasoup-demo.localhost.key.pem` }, // listening Host or IP // If omitted listens on every IP. ("0.0.0.0" and "::") //listeningHost: 'localhost', // Listening port for https server. listeningPort : 443, // Any http request is redirected to https. // Listening port for http server. listeningRedirectPort : 80, // Listens only on http, only on listeningPort // listeningRedirectPort disabled // use case: loadbalancer backend httpOnly : false, // This logger class will have the log function // called every time there is a room created or destroyed, // or peer created or destroyed. This would then be able // to log to a file or external service. /* StatusLogger : class { constructor() { this._queue = new AwaitQueue(); } // rooms: number of rooms // peers: number of peers // eslint-disable-next-line no-unused-vars async log({ rooms, peers }) { this._queue.push(async () => { // Do your logging in here, use queue to keep correct order // eslint-disable-next-line no-console console.log('Number of rooms: ', rooms); // eslint-disable-next-line no-console console.log('Number of peers: ', peers); }) .catch((error) => { // eslint-disable-next-line no-console console.log('error in log', error); }); } }, */ // WebServer/Express trust proxy config for httpOnly mode // You can find more info: // - https://expressjs.com/en/guide/behind-proxies.html // - https://www.npmjs.com/package/proxy-addr // use case: loadbalancer backend trustProxy : '', // This function will be called on successful login through oidc. // Use this function to map your oidc userinfo to the Peer object. // The roomId is equal to the room name. // See examples below. // Examples: /* // All authenicated users will be MODERATOR and AUTHENTICATED userMapping : async ({ peer, roomId, userinfo }) => { peer.addRole(userRoles.MODERATOR); peer.addRole(userRoles.AUTHENTICATED); }, // All authenicated users will be AUTHENTICATED, // and those with the moderator role set in the userinfo // will also be MODERATOR userMapping : async ({ peer, roomId, userinfo }) => { if ( Array.isArray(userinfo.meet_roles) && userinfo.meet_roles.includes('moderator') ) { peer.addRole(userRoles.MODERATOR); } if ( Array.isArray(userinfo.meet_roles) && userinfo.meet_roles.includes('meetingadmin') ) { peer.addRole(userRoles.ADMIN); } peer.addRole(userRoles.AUTHENTICATED); }, // All authenicated users will be AUTHENTICATED, // and those with email ending with @example.com // will also be MODERATOR userMapping : async ({ peer, roomId, userinfo }) => { if (userinfo.email && userinfo.email.endsWith('@example.com')) { peer.addRole(userRoles.MODERATOR); } peer.addRole(userRoles.AUTHENTICATED); } // All authenicated users will be AUTHENTICATED, // and those with email ending with @example.com // will also be MODERATOR userMapping : async ({ peer, roomId, userinfo }) => { if (userinfo.email && userinfo.email.endsWith('@example.com')) { peer.addRole(userRoles.MODERATOR); } peer.addRole(userRoles.AUTHENTICATED); }, */ // eslint-disable-next-line no-unused-vars userMapping : async ({ peer, roomId, userinfo }) => { if (userinfo.picture != null) { if (!userinfo.picture.match(/^http/g)) { peer.picture = `data:image/jpeg;base64, ${userinfo.picture}`; } else { peer.picture = userinfo.picture; } } if (userinfo.nickname != null) { peer.displayName = userinfo.nickname; } if (userinfo.name != null) { peer.displayName = userinfo.name; } if (userinfo.email != null) { peer.email = userinfo.email; } }, // All users have the role "NORMAL" by default. Other roles need to be // added in the "userMapping" function. The following accesses and // permissions are arrays of roles. Roles can be changed in userRoles.js // // Example: // [ userRoles.MODERATOR, userRoles.AUTHENTICATED ] accessFromRoles : { // The role(s) will gain access to the room // even if it is locked (!) BYPASS_ROOM_LOCK : [ userRoles.ADMIN ], // The role(s) will gain access to the room without // going into the lobby. If you want to restrict access to your // server to only directly allow authenticated users, you could // add the userRoles.AUTHENTICATED to the user in the userMapping // function, and change to BYPASS_LOBBY : [ userRoles.AUTHENTICATED ] BYPASS_LOBBY : [ userRoles.NORMAL ] }, permissionsFromRoles : { // The role(s) have permission to lock/unlock a room CHANGE_ROOM_LOCK : [ userRoles.NORMAL ], // The role(s) have permission to promote a peer from the lobby PROMOTE_PEER : [ userRoles.NORMAL ], // The role(s) have permission to send chat messages SEND_CHAT : [ userRoles.NORMAL ], // The role(s) have permission to moderate chat MODERATE_CHAT : [ userRoles.MODERATOR ], // The role(s) have permission to share screen SHARE_SCREEN : [ userRoles.NORMAL ], // The role(s) have permission to share files SHARE_FILE : [ userRoles.NORMAL ], // The role(s) have permission to moderate files MODERATE_FILES : [ userRoles.MODERATOR ], // The role(s) have permission to moderate room (e.g. kick user) MODERATE_ROOM : [ userRoles.MODERATOR ] }, // When truthy, the room will be open to all users when as long as there // are allready users in the room activateOnHostJoin : true, // Mediasoup settings mediasoup : { numWorkers : Object.keys(os.cpus()).length, // mediasoup Worker settings. worker : { logLevel : 'warn', logTags : [ 'info', 'ice', 'dtls', 'rtp', 'srtp', 'rtcp' ], rtcMinPort : 40000, rtcMaxPort : 49999 }, // mediasoup Router settings. router : { // Router media codecs. mediaCodecs : [ { kind : 'audio', mimeType : 'audio/opus', clockRate : 48000, channels : 2 }, { kind : 'video', mimeType : 'video/VP8', clockRate : 90000, parameters : { 'x-google-start-bitrate' : 1000 } }, { kind : 'video', mimeType : 'video/VP9', clockRate : 90000, parameters : { 'profile-id' : 2, 'x-google-start-bitrate' : 1000 } }, { kind : 'video', mimeType : 'video/h264', clockRate : 90000, parameters : { 'packetization-mode' : 1, 'profile-level-id' : '4d0032', 'level-asymmetry-allowed' : 1, 'x-google-start-bitrate' : 1000 } }, { kind : 'video', mimeType : 'video/h264', clockRate : 90000, parameters : { 'packetization-mode' : 1, 'profile-level-id' : '42e01f', 'level-asymmetry-allowed' : 1, 'x-google-start-bitrate' : 1000 } } ] }, // mediasoup WebRtcTransport settings. webRtcTransport : { listenIps : [ // change 192.0.2.1 IPv4 to your server's IPv4 address!! { ip: '192.0.2.1', announcedIp: null } // Can have multiple listening interfaces // change 2001:DB8::1 IPv6 to your server's IPv6 address!! // { ip: '2001:DB8::1', announcedIp: null } ], initialAvailableOutgoingBitrate : 1000000, minimumAvailableOutgoingBitrate : 600000, // Additional options that are not part of WebRtcTransportOptions. maxIncomingBitrate : 1500000 } } };