· 6 years ago · Nov 30, 2019, 09:46 PM
1# General configuration: folders where the configuration and the plugins
2# can be found, how output should be logged, whether Janus should run as
3# a daemon or in foreground, default interface to use, debug/logging level
4# and, if needed, shared apisecret and/or token authentication mechanism
5# between application(s) and Janus.
6general: {
7 configs_folder = "/usr/local/etc/janus" # Configuration files folder
8 plugins_folder = "/usr/local/lib/janus/plugins" # Plugins folder
9 transports_folder = "/usr/local/lib/janus/transports" # Transports folder
10 events_folder = "/usr/local/lib/janus/events" # Event handlers folder
11
12 # The next settings configure logging
13 #log_to_stdout = false # Whether the Janus output should be written
14 # to stdout or not (default=true)
15 #log_to_file = "/path/to/janus.log" # Whether to use a log file or not
16 debug_level = 4 # Debug/logging level, valid values are 0-7
17 #debug_timestamps = true # Whether to show a timestamp for each log line
18 #debug_colors = false # Whether colors should be disabled in the log
19 #debug_locks = true # Whether to enable debugging of locks (very verbose!)
20
21 # This is what you configure if you want to launch Janus as a daemon
22 #daemonize = true # Whether Janus should run as a daemon
23 # or not (default=run in foreground)
24 #pid_file = "/path/to/janus.pid" # PID file to create when Janus has been
25 # started, and to destroy at shutdown
26
27 # There are different ways you can authenticate the Janus and Admin APIs
28 #api_secret = "xxxxxxx" # String that all Janus requests must contain
29 # to be accepted/authorized by the Janus core.
30 # Useful if you're wrapping all Janus API requests
31 # in your servers (that is, not in the browser,
32 # where you do the things your way) and you
33 # don't want other application to mess with
34 # this Janus instance.
35 #token_auth = true # Enable a token based authentication
36 # mechanism to force users to always provide
37 # a valid token in all requests. Useful if
38 # you want to authenticate requests from web
39 # users.
40 #token_auth_secret = "xxxxxxx" # Use HMAC-SHA1 signed tokens (with token_auth). Note that
41 # without this, the Admin API MUST
42 # be enabled, as tokens are added and removed
43 # through messages sent there.
44 admin_secret = "xxxxxxxx" # String that all Janus requests must contain
45 # to be accepted/authorized by the admin/monitor.
46 # only needed if you enabled the admin API
47 # in any of the available transports.
48
49 # Generic settings
50 #interface = "1.2.3.4" # Interface to use (will be used in SDP)
51 #server_name = "MyJanusInstance"# Public name of this Janus instance
52 # as it will appear in an info request
53 #session_timeout = 60 # How long (in seconds) we should wait before
54 # deciding a Janus session has timed out. A
55 # session times out when no request is received
56 # for session_timeout seconds (default=60s).
57 # Setting this to 0 will disable the timeout
58 # mechanism, which is NOT suggested as it may
59 # risk having orphaned sessions (sessions not
60 # controlled by any transport and never freed).
61 # To avoid timeouts, keep-alives can be used.
62 #candidates_timeout = 45 # How long (in seconds) we should keep hold of
63 # pending (trickle) candidates before discarding
64 # them (default=45s). Notice that setting this
65 # to 0 will NOT disable the timeout, but will
66 # be considered an invalid value and ignored.
67 #reclaim_session_timeout = 0 # How long (in seconds) we should wait for a
68 # janus session to be reclaimed after the transport
69 # is gone. After the transport is gone, a session
70 # times out when no request is received for
71 # reclaim_session_timeout seconds (default=0s).
72 # Setting this to 0 will disable the timeout
73 # mechanism, and sessions will be destroyed immediately
74 # if the transport is gone.
75 #recordings_tmp_ext = "tmp" # The extension for recordings, in Janus, is
76 # .mjr, a custom format we devised ourselves.
77 # By default, we save to .mjr directly. If you'd
78 # rather the recording filename have a temporary
79 # extension while it's being saved, and only
80 # have the .mjr extension when the recording
81 # is over (e.g., to automatically trigger some
82 # external scripts), then uncomment and set the
83 # recordings_tmp_ext property to the extension
84 # to add to the base (e.g., tmp --> .mjr.tmp).
85 #event_loops = 8 # By default, Janus handles each have their own
86 # event loop and related thread for all the media
87 # routing and management. If for some reason you'd
88 # rather limit the number of loop/threads, and
89 # you want handles to share those, you can do that
90 # configuring the event_loops property: this will
91 # spawn the specified amount of threads at startup,
92 # run a separate event loop on each of them, and
93 # add new handles to one of them when attaching.
94 # Notice that, while cutting the number of threads
95 # and possibly reducing context switching, this
96 # might have an impact on the media delivery,
97 # especially if the available loops can't take
98 # care of all the handles and their media in time.
99 # As such, if you want to use this you should
100 # provision the correct value according to the
101 # available resources (e.g., CPUs available).
102 #opaqueid_in_api = true # Opaque IDs set by applications are typically
103 # only passed to event handlers for correlation
104 # purposes, but not sent back to the user or
105 # application in the related Janus API responses
106 # or events; in case you need them to be in the
107 # Janus API too, set this property to 'true'.
108 #hide_dependencies = true # By default, a call to the "info" endpoint of
109 # either the Janus or Admin API now also returns
110 # the versions of the main dependencies (e.g.,
111 # libnice, libsrtp, which crypto library is in
112 # use and so on). Should you want that info not
113 # to be disclose, set 'hide_dependencies' to true.
114
115 # The following is ONLY useful when debugging RTP/RTCP packets,
116 # e.g., to look at unencrypted live traffic with a browser. By
117 # default it is obviously disabled, as WebRTC mandates encryption.
118 #no_webrtc_encryption = true
119}
120
121# Certificate and key to use for DTLS (and passphrase if needed). If missing,
122# Janus will autogenerate a self-signed certificate to use. Notice that
123# self-signed certificates are fine for the purpose of WebRTC DTLS
124# connectivity, for the time being, at least until Identity Providers
125# are standardized and implemented in browsers.
126certificates: {
127 #cert_pem = "xxxxxxxx"
128 #cert_key = "xxxxxxxx"
129 #cert_pwd = "secretpassphrase"
130}
131
132# Media-related stuff: you can configure whether if you want
133# to enable IPv6 support, if RFC4588 support for retransmissions
134# should be negotiated or not (off by default), the maximum size
135# of the NACK queue (in milliseconds, defaults to 500ms) for retransmissions, the
136# range of ports to use for RTP and RTCP (by default, no range is envisaged), the
137# starting MTU for DTLS (1200 by default, it adapts automatically),
138# how much time, in seconds, should pass with no media (audio or
139# video) being received before Janus notifies you about this (default=1s,
140# 0 disables these events entirely), how many lost packets should trigger
141# a 'slowlink' event to users (default=4), and how often, in milliseconds,
142# to send the Transport Wide Congestion Control feedback information back
143# to senders, if negotiated (default=1s). Finally, if you're using BoringSSL
144# you can customize the frequency of retransmissions: OpenSSL has a fixed
145# value of 1 second (the default), while BoringSSL can override that. Notice
146# that lower values (e.g., 100ms) will typically get you faster connection
147# times, but may not work in case the RTT of the user is high: as such,
148# you should pick a reasonable trade-off (usually 2*max expected RTT).
149media: {
150 #ipv6 = true
151 #max_nack_queue = 500
152 #rfc_4588 = true
153 #rtp_port_range = "20000-40000"
154 #dtls_mtu = 1200
155 #no_media_timer = 1
156 #slowlink_threshold = 4
157 #twcc_period = 200
158 #dtls_timeout = 500
159}
160
161# NAT-related stuff: specifically, you can configure the STUN/TURN
162# servers to use to gather candidates if the gateway is behind a NAT,
163# and srflx/relay candidates are needed. In case STUN is not enough and
164# this is needed (it shouldn't), you can also configure Janus to use a
165# TURN server# please notice that this does NOT refer to TURN usage in
166# browsers, but in the gathering of relay candidates by Janus itself,
167# e.g., if you want to limit the ports used by a Janus instance on a
168# private machine. Furthermore, you can choose whether Janus should be
169# configured to do full-trickle (Janus also trickles its candidates to
170# users) rather than the default half-trickle (Janus supports trickle
171# candidates from users, but sends its own within the SDP), and whether
172# it should work in ICE-Lite mode (by default it doesn't). Finally,
173# you can also enable ICE-TCP support (beware that it currently *only*
174# works if you enable ICE Lite as well), choose which interfaces should
175# be used for gathering candidates, and enable or disable the
176# internal libnice debugging, if needed.
177nat: {
178 stun_server = "stun.l.google.com"
179 stun_port = 19302
180 nice_debug = true
181 full_trickle = true
182 #ice_lite = true
183 #ice_tcp = true
184
185 # In case you're deploying Janus on a server which is configured with
186 # a 1:1 NAT (e.g., Amazon EC2), you might want to also specify the public
187 # address of the machine using the setting below. This will result in
188 # all host candidates (which normally have a private IP address) to
189 # be rewritten with the public address provided in the settings. As
190 # such, use the option with caution and only if you know what you're doing.
191 # Make sure you keep ICE Lite disabled, though, as it's not strictly
192 # speaking a publicly reachable server, and a NAT is still involved.
193 nat_1_1_mapping = "144.217.240.121"
194
195 # You can configure a TURN server in two different ways: specifying a
196 # statically configured TURN server, and thus provide the address of the
197 # TURN server, the transport (udp/tcp/tls) to use, and a set of valid
198 # credentials to authenticate...
199 #turn_server = "myserver"
200 #turn_port = 3478
201 #turn_type = "udp"
202 #turn_user = "myuser"
203 #turn_pwd = "mypassword"
204
205 # ... or you can make use of the TURN REST API to get info on one or more
206 # TURN services dynamically. This makes use of the proposed standard of
207 # such an API (https://tools.ietf.org/html/draft-uberti-behave-turn-rest-00)
208 # which is currently available in both rfc5766-turn-server and coturn.
209 # You enable this by specifying the address of your TURN REST API backend,
210 # the HTTP method to use (GET or POST) and, if required, the API key Janus
211 # must provide.
212 #turn_rest_api = "http://yourbackend.com/path/to/api"
213 #turn_rest_api_key = "anyapikeyyoumayhaveset"
214 #turn_rest_api_method = "GET"
215
216 # You can also choose which interfaces should be explicitly used by the
217 # gateway for the purpose of ICE candidates gathering, thus excluding
218 # others that may be available. To do so, use the 'ice_enforce_list'
219 # setting and pass it a comma-separated list of interfaces or IP addresses
220 # to enforce. This is especially useful if the server hosting the gateway
221 # has several interfaces, and you only want a subset to be used. Any of
222 # the following examples are valid:
223 # ice_enforce_list = "eth0"
224 # ice_enforce_list = "eth0,eth1"
225 # ice_enforce_list = "eth0,192.168."
226 # ice_enforce_list = "eth0,192.168.0.1"
227 # By default, no interface is enforced, meaning Janus will try to use them all.
228 #ice_enforce_list = "eth0"
229
230 # In case you don't want to specify specific interfaces to use, but would
231 # rather tell Janus to use all the available interfaces except some that
232 # you don't want to involve, you can also choose which interfaces or IP
233 # addresses should be excluded and ignored by the gateway for the purpose
234 # of ICE candidates gathering. To do so, use the 'ice_ignore_list' setting
235 # and pass it a comma-separated list of interfaces or IP addresses to
236 # ignore. This is especially useful if the server hosting the gateway
237 # has several interfaces you already know will not be used or will simply
238 # always slow down ICE (e.g., virtual interfaces created by VMware).
239 # Partial strings are supported, which means that any of the following
240 # examples are valid:
241 # ice_ignore_list = "vmnet8,192.168.0.1,10.0.0.1"
242 # ice_ignore_list = "vmnet,192.168."
243 # Just beware that the ICE ignore list is not used if an enforce list
244 # has been configured. By default, Janus ignores all interfaces whose
245 # name starts with 'vmnet', to skip VMware interfaces:
246 ice_ignore_list = "vmnet"
247
248 # In case you want to allow Janus to start even if the configured STUN or TURN
249 # server is unreachable, you can set 'ignore_unreachable_ice_server' to true.
250 # WARNING: We do not recommend to ignore reachability problems, particularly
251 # if you run Janus in the cloud. Before enabling this flag, make sure your
252 # system is correctly configured and Janus starts after the network layer of
253 # your machine is ready. Note that Linux distributions offer such directives.
254 # You could use the following directive in systemd: 'After=network-online.target'
255 # https://www.freedesktop.org/software/systemd/man/systemd.unit.html#Before=
256 # ignore_unreachable_ice_server = true
257}
258
259# You can choose which of the available plugins should be
260# enabled or not. Use the 'disable' directive to prevent Janus from
261# loading one or more plugins: use a comma separated list of plugin file
262# names to identify the plugins to disable. By default all available
263# plugins are enabled and loaded at startup.
264plugins: {
265 #disable = "libjanus_voicemail.so,libjanus_recordplay.so"
266}
267
268# You can choose which of the available transports should be enabled or
269# not. Use the 'disable' directive to prevent Janus from loading one
270# or more transport: use a comma separated list of transport file names
271# to identify the transports to disable. By default all available
272# transports are enabled and loaded at startup.
273transports: {
274 #disable = "libjanus_rabbitmq.so"
275}
276
277# Event handlers allow you to receive live events from Janus happening
278# in core and/or plugins. Since this can require some more resources,
279# the feature is disabled by default. Setting broadcast to yes will
280# enable them. You can then choose which of the available event handlers
281# should be loaded or not. Use the 'disable' directive to prevent Janus
282# from loading one or more event handlers: use a comma separated list of
283# file names to identify the event handlers to disable. By default, if
284# broadcast is set to yes all available event handlers are enabled and
285# loaded at startup. Finally, you can choose how often media statistics
286# (packets sent/received, losses, etc.) should be sent: by default it's
287# once per second (audio and video statistics sent separately), but may
288# considered too verbose, or you may want to limit the number of events,
289# especially if you have many PeerConnections active. To change this,
290# just set 'stats_period' to the number of seconds that should pass in
291# between statistics for each handle. Setting it to 0 disables them (but
292# not other media-related events).
293events: {
294 #broadcast = true
295 #disable = "libjanus_sampleevh.so"
296 #stats_period = 5
297}