web,prosody: add support for JaaS components

docker-compose.yml

@@ -78,6 +78,7 @@ services:
             - ENABLE_TCC
             - ENABLE_TRANSCRIPTIONS
             - ENABLE_XMPP_WEBSOCKET
+            - ENABLE_JAAS_COMPONENTS
             - ETHERPAD_PUBLIC_URL
             - ETHERPAD_URL_BASE
             - E2EPING_NUM_REQUESTS
@@ -158,6 +159,7 @@ services:
             - ENABLE_LOBBY
             - ENABLE_RECORDING
             - ENABLE_XMPP_WEBSOCKET
+            - ENABLE_JAAS_COMPONENTS
             - GLOBAL_CONFIG
             - GLOBAL_MODULES
             - JIBRI_RECORDER_USER

env.example

@@ -36,6 +36,13 @@ TZ=UTC
 #DOCKER_HOST_ADDRESS=192.168.1.1
 
 
+#
+# JaaS Components configuration
+#
+
+# Enable JaaS Components configuration
+#ENABLE_JAAS_COMPONENTS=0
+
 #
 # Let's Encrypt configuration
 #

prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua

@@ -14,7 +14,9 @@
 {{ $ENABLE_AV_MODERATION := .Env.ENABLE_AV_MODERATION | default "true" | toBool }}
 {{ $ENABLE_BREAKOUT_ROOMS := .Env.ENABLE_BREAKOUT_ROOMS | default "true" | toBool }}
 {{ $ENABLE_XMPP_WEBSOCKET := .Env.ENABLE_XMPP_WEBSOCKET | default "1" | toBool }}
+{{ $ENABLE_JAAS_COMPONENTS := .Env.ENABLE_JAAS_COMPONENTS | default "0" | toBool }}
 {{ $PUBLIC_URL := .Env.PUBLIC_URL | default "https://localhost:8443" -}}
+{{ $PUBLIC_URL_DOMAIN := $PUBLIC_URL | trimPrefix "https://" | trimSuffix "/" -}}
 {{ $TURN_PORT := .Env.TURN_PORT | default "443" }}
 {{ $TURNS_PORT := .Env.TURNS_PORT | default "443" }}
 {{ $XMPP_AUTH_DOMAIN := .Env.XMPP_AUTH_DOMAIN | default "auth.meet.jitsi" -}}
@@ -73,6 +75,19 @@ asap_accepted_audiences = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_AU
 consider_bosh_secure = true;
 consider_websocket_secure = true;
 
+{{ if $ENABLE_JAAS_COMPONENTS }}
+VirtualHost "jigasi.meet.jitsi"
+    modules_enabled = {
+      "ping";
+      "bosh";
+    }
+    authentication = "token"
+    app_id = "jitsi";
+    asap_key_server = "https://jaas-public-keys.jitsi.net/jitsi-components/prod-8x8"
+    asap_accepted_issuers = { "jaas-components" }
+    asap_accepted_audiences = { "jigasi.{{ $PUBLIC_URL_DOMAIN }}" }
+{{ end }}
+
 VirtualHost "{{ $XMPP_DOMAIN }}"
 {{ if $ENABLE_AUTH }}
   {{ if eq $AUTH_TYPE "jwt" }}

web/rootfs/defaults/settings-config.js

@@ -214,9 +214,17 @@ config.enableStatsID = {{ $ENABLE_STATS_ID }};
 // Dial in/out services.
 //
 
+{{ if $ENABLE_JAAS_COMPONENTS }}
+config.dialInConfCodeUrl = 'https://conference-mapper.jitsi.net/v1/access';
+config.dialInNumbersUrl = 'https://conference-mapper.jitsi.net/v1/access/dids';
+{{ else }}
 {{ if .Env.CONFCODE_URL -}}
 config.dialInConfCodeUrl = '{{ .Env.CONFCODE_URL }}';
 {{ end -}}
+{{ if .Env.DIALIN_NUMBERS_URL -}}
+config.dialInNumbersUrl = '{{ .Env.DIALIN_NUMBERS_URL }}';
+{{ end -}}
+{{ end -}}
 
 {{ if .Env.DIALIN_NUMBERS_URL -}}
 config.dialInNumbersUrl = '{{ .Env.DIALIN_NUMBERS_URL }}';