Been getting config files downloaded

2026-02-23 22:01:38 +01:00
parent 56591b2c53
commit 359bd210ff
9021 changed files with 4554 additions and 118044 deletions
@@ -0,0 +1,79 @@
+# Web server stuff: whether any should be enabled, which ports they
+# should use, whether security should be handled directly or demanded to
+# an external application (e.g., web frontend) and what should be the
+# base path for the Janus API protocol. Notice that by default
+# all the web servers will try and bind on both IPv4 and IPv6: if you
+# want to only bind to IPv4 addresses (e.g., because your system does not
+# support IPv6), you should set the web server 'ip' property to '0.0.0.0'.
+# To see debug logs from the HTTP server library, set 'mhd_debug'.
+general: {
+	enabled = true
+	#events = true					# Whether to notify event handlers about transport events (default=true)
+	json = "indented"				# Whether the JSON messages should be indented (default),
+									# plain (no indentation) or compact (no indentation and no spaces)
+	base_path = "/janus"			# Base path to bind to in the web server (plain HTTP only)
+	http = true						# Whether to enable the plain HTTP interface
+	port = 8088						# Web server HTTP port
+	interface = "eth0"				# Whether we should bind this server to a specific interface only
+	#ip = "192.168.0.1"				# Whether we should bind this server to a specific IP address (v4 or v6) only
+	https = false					# Whether to enable HTTPS (default=false)
+	#secure_port = 8089				# Web server HTTPS port, if enabled
+	#secure_interface = "eth0"		# Whether we should bind this server to a specific interface only
+	#secure_ip = "192.168.0.1"		# Whether we should bind this server to a specific IP address (v4 or v6) only
+	#acl = "127.,192.168.0."		# Only allow requests coming from this comma separated list of addresses
+	#acl_forwarded = true			# Whether we should check the X-Forwarded-For header too for the ACL
+									# (default=false, since without a proxy in the middle this could be abused)
+	#mhd_connection_limit = 1020		# Open connections limit in libmicrohttpd (default=1020)
+	#mhd_debug = false					# Ask libmicrohttpd to write warning and error messages to stderr (default=false)
+}
+
+# Janus can also expose an admin/monitor endpoint, to allow you to check
+# which sessions are up, which handles they're managing, their current
+# status and so on. This provides a useful aid when debugging potential
+# issues in Janus. The configuration is pretty much the same as the one
+# already presented above for the webserver stuff, as the API is very
+# similar: choose the base bath for the admin/monitor endpoint (/admin
+# by default), ports, etc. Besides, you can specify
+# a secret that must be provided in all requests as a crude form of
+# authorization mechanism, and partial or full source IPs if you want to
+# limit access basing on IP addresses. For security reasons, this
+# endpoint is disabled by default, enable it by setting admin_http=true.
+admin: {
+	admin_base_path = "/admin"			# Base path to bind to in the admin/monitor web server (plain HTTP only)
+	admin_http = false					# Whether to enable the plain HTTP interface
+	admin_port = 7088					# Admin/monitor web server HTTP port
+	#admin_interface = "eth0"			# Whether we should bind this server to a specific interface only
+	#admin_ip = "192.168.0.1"			# Whether we should bind this server to a specific IP address (v4 or v6) only
+	admin_https = false					# Whether to enable HTTPS (default=false)
+	#admin_secure_port = 7889			# Admin/monitor web server HTTPS port, if enabled
+	#admin_secure_interface = "eth0"	# Whether we should bind this server to a specific interface only
+	#admin_secure_ip = "192.168.0.1"	# Whether we should bind this server to a specific IP address (v4 or v6) only
+	#admin_acl = "127.,192.168.0."		# Only allow requests coming from this comma separated list of addresses
+	#admin_acl_forwarded = true			# Whether we should check the X-Forwarded-For header too for the admin ACL
+										# (default=false, since without a proxy in the middle this could be abused)
+}
+
+# The HTTP servers created in Janus support CORS out of the box, but by
+# default they return a wildcard (*) in the 'Access-Control-Allow-Origin'
+# header. This works fine in most situations, except when we have to
+# respond to a credential request (withCredentials=true in the XHR). If
+# you need that, uncomment and set the 'allow_origin' below to specify
+# what must be returned in 'Access-Control-Allow-Origin'. More details:
+# https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
+# In case you want to enforce the Origin validation, rather than leave
+# it to browsers, you can set 'enforce_cors' to 'true' to have Janus
+# return a '403 Forbidden' for all requests that don't comply.
+cors: {
+	#allow_origin = "http://foo.example"
+	#enforce_cors = true
+}
+
+# Certificate and key to use for HTTPS, if enabled (and passphrase if needed).
+# You can also disable insecure protocols and ciphers by configuring the
+# 'ciphers' property accordingly (no limitation by default).
+certificates: {
+	#cert_pem = "/path/to/cert.pem"
+	#cert_key = "/path/to/key.pem"
+	#cert_pwd = "secretpassphrase"
+	#ciphers = "PFS:-VERS-TLS1.0:-VERS-TLS1.1:-3DES-CBC:-ARCFOUR-128"
+}
@@ -0,0 +1,73 @@
+# WebSockets stuff: whether they should be enabled, which ports they
+# should use, and so on.
+general: {
+	events = true					# Whether to notify event handlers about transport events (default=true)
+	json = "indented"				# Whether the JSON messages should be indented (default),
+									# plain (no indentation) or compact (no indentation and no spaces)
+	#pingpong_trigger = 30			# After how many seconds of idle, a PING should be sent
+	#pingpong_timeout = 10			# After how many seconds of not getting a PONG, a timeout should be detected
+        enabled = true
+	ws = true						# Whether to enable the WebSockets API
+	ws_port = 8188					# WebSockets server port
+	#ws_interface = "eth0"			# Whether we should bind this server to a specific interface only
+	ws_ip = "0.0.0.0"			# Whether we should bind this server to a specific IP address only
+	#ws_unix = "/run/ws.sock"		# Use WebSocket server over UNIX socket instead of TCP
+	wss = false						# Whether to enable secure WebSockets
+	#wss_port = 8989				# WebSockets server secure port, if enabled
+	#wss_interface = "eth0"			# Whether we should bind this server to a specific interface only
+	#wss_ip = "192.168.0.1"			# Whether we should bind this server to a specific IP address only
+	#wss_unix = "/run/wss.sock"		# Use WebSocket server over UNIX socket instead of TCP
+	ws_logging = "err,warn,debug"		# libwebsockets debugging level as a comma separated list of things
+									# to debug, supported values: err, warn, notice, info, debug, parser,
+									# header, ext, client, latency, user, count (plus 'none' and 'all')
+	#ws_acl = "127.,192.168.0."		# Only allow requests coming from this comma separated list of addresses
+	#ws_acl_forwarded = true		# Whether we should check the X-Forwarded-For header too for the ACL
+									# (default=false, since without a proxy in the middle this could be abused)
+        
+}
+
+# If you want to expose the Admin API via WebSockets as well, you need to
+# specify a different server instance, as you cannot mix Janus API and
+# Admin API messaging. Notice that by default the Admin API support via
+# WebSockets is disabled.
+admin: {
+	admin_ws = false					# Whether to enable the Admin API WebSockets API
+	admin_ws_port = 7188				# Admin API WebSockets server port, if enabled
+	#admin_ws_interface = "eth0"		# Whether we should bind this server to a specific interface only
+	#admin_ws_ip = "192.168.0.1"		# Whether we should bind this server to a specific IP address only
+	#admin_ws_unix = "/run/aws.sock"	# Use WebSocket server over UNIX socket instead of TCP
+	admin_wss = false					# Whether to enable the Admin API secure WebSockets
+	#admin_wss_port = 7989				# Admin API WebSockets server secure port, if enabled
+	#admin_wss_interface = "eth0"		# Whether we should bind this server to a specific interface only
+	#admin_wss_ip = "192.168.0.1"		# Whether we should bind this server to a specific IP address only
+	#admin_wss_unix = "/run/awss.sock"	# Use WebSocket server over UNIX socket instead of TCP
+	#admin_ws_acl = "127.,192.168.0."	# Only allow requests coming from this comma separated list of addresses
+	#admin_ws_acl_forwarded = true		# Whether we should check the X-Forwarded-For header too for the ACL
+										# (default=false, since without a proxy in the middle this could be abused)
+}
+
+# The HTTP servers created in Janus support CORS out of the box, but by
+# default they return a wildcard (*) in the 'Access-Control-Allow-Origin'
+# header. This works fine in most situations, except when we have to
+# respond to a credential request (withCredentials=true in the XHR). If
+# you need that, uncomment and set the 'allow_origin' below to specify
+# what must be returned in 'Access-Control-Allow-Origin'. More details:
+# https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
+# In case you want to enforce the Origin validation, rather than leave
+# it to browsers, you can set 'enforce_cors' to 'true' to have Janus
+# return a '403 Forbidden' for all requests that don't comply.
+cors: {
+	#allow_origin = "http://foo.example"
+	#enforce_cors = true
+}
+
+# Certificate and key to use for any secure WebSocket server, if enabled (and passphrase if needed).
+# You can also disable insecure protocols and ciphers by configuring the
+# 'ciphers' property accordingly (no limitation by default).
+# Examples of recommended cipher strings at https://cheatsheetseries.owasp.org/cheatsheets/TLS_Cipher_String_Cheat_Sheet.html
+certificates: {
+	#cert_pem = "/path/to/cert.pem"
+	#cert_key = "/path/to/key.pem"
+	#cert_pwd = "secretpassphrase"
+	#ciphers = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256"
+}