mirror of
https://github.com/jech/galene.git
synced 2024-11-14 20:55:57 +01:00
Documentation improvements.
Document the new perimssion "caption".
This commit is contained in:
parent
b103342626
commit
010228b188
1 changed files with 69 additions and 21 deletions
90
README
90
README
|
@ -10,7 +10,7 @@ Quick start:
|
||||||
cd galene
|
cd galene
|
||||||
CGO_ENABLED=0 go build -ldflags='-s -w'
|
CGO_ENABLED=0 go build -ldflags='-s -w'
|
||||||
mkdir groups
|
mkdir groups
|
||||||
echo '{"users": {"bob": {"password":"secret", "permissions":"op"}}}' > \
|
echo '{"users": {"bob": {"password":"1234", "permissions":"op"}}}' > \
|
||||||
groups/example.json
|
groups/example.json
|
||||||
./galene &
|
./galene &
|
||||||
|
|
||||||
|
@ -88,21 +88,37 @@ file may look as follows:
|
||||||
"canonicalHost": "galene.example.org"
|
"canonicalHost": "galene.example.org"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
or, better, with a hashed password:
|
||||||
|
|
||||||
|
{
|
||||||
|
"users": {
|
||||||
|
"root": {
|
||||||
|
"password":{"type":"bcrypt","key":"$2a$10$bTWW..."},
|
||||||
|
"permissions": "admin"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"canonicalHost": "galene.example.org"
|
||||||
|
}
|
||||||
|
|
||||||
The fields are as follows:
|
The fields are as follows:
|
||||||
|
|
||||||
- `users` defines the users allowed to administer the server, and has the
|
- `users` defines the users allowed to administer the server, and has the
|
||||||
same syntax as user definitions in groups (see below), except that the
|
same syntax as user definitions in groups (see below), except that the
|
||||||
only meaningful permission is `"admin"`;
|
only meaningful permission is `"admin"`;
|
||||||
- `writableGroups`: if true, then the API can modify group description
|
|
||||||
files; by default, group files are treated as read-only;
|
- `writableGroups`: if true, then the API can modify group description
|
||||||
- `publicServer`: if true, then cross-origin access to the server is
|
files; by default, group files are treated as read-only;
|
||||||
allowed. This is safe if the server is on the public Internet, but not
|
|
||||||
necessarily so if it is on a private network.
|
- `publicServer`: if true, then cross-origin access to the server is
|
||||||
- `proxyURL`: if running behind a reverse proxy, this specifies the
|
allowed. This is safe if the server is on the public Internet, but not
|
||||||
root URL that will be visible outside the proxy.
|
necessarily so if it is on a private network.
|
||||||
- `canonicalHost`: the canonical name of the host running the server; this
|
|
||||||
will cause clients to be redirected if they use a different hostname to
|
- `proxyURL`: if running behind a reverse proxy, this specifies the root
|
||||||
access the server.
|
URL that will be visible outside the proxy.
|
||||||
|
|
||||||
|
- `canonicalHost`: the canonical name of the host running the server;
|
||||||
|
this will cause clients to be redirected if they use a different
|
||||||
|
hostname to access the server.
|
||||||
|
|
||||||
|
|
||||||
# Group definitions
|
# Group definitions
|
||||||
|
@ -175,49 +191,81 @@ specify at least one user definition (`op`, `presenter`, or `other`),
|
||||||
nobody will be able to join the group. The following fields are allowed:
|
nobody will be able to join the group. The following fields are allowed:
|
||||||
|
|
||||||
- `users`: is a dictionary that maps user names to dictionaries with
|
- `users`: is a dictionary that maps user names to dictionaries with
|
||||||
entries `password` and `permissions`; `permissions` should be one of
|
entries `password` and `permissions`; see below for a description of
|
||||||
`op`, `present`, `message` or `observe`.
|
possible permissions;
|
||||||
|
|
||||||
- `wildcard-user` is a dictionaries with entries `password` and `permissions`
|
- `wildcard-user` is a dictionaries with entries `password` and `permissions`
|
||||||
that will be used for usernames with no matching entry in the `users`
|
that will be used for usernames with no matching entry in the `users`
|
||||||
dictionary;
|
dictionary;
|
||||||
|
|
||||||
- `authKeys`, `authServer` and `authPortal`: see *Authorisation* below;
|
- `authKeys`, `authServer` and `authPortal`: see *Authorisation* below;
|
||||||
|
|
||||||
- `public`: if true, then the group is listed on the landing page;
|
- `public`: if true, then the group is listed on the landing page;
|
||||||
|
|
||||||
- `displayName`: a human-friendly version of the group name;
|
- `displayName`: a human-friendly version of the group name;
|
||||||
|
|
||||||
- `description`: a human-readable description of the group; this is
|
- `description`: a human-readable description of the group; this is
|
||||||
displayed on the landing page for public groups;
|
displayed on the landing page for public groups;
|
||||||
|
|
||||||
- `contact`: a human-readable contact for this group, such as an e-mail
|
- `contact`: a human-readable contact for this group, such as an e-mail
|
||||||
address;
|
address, ignored by the server;
|
||||||
- `comment`: a human-readable string;
|
|
||||||
|
- `comment`: a human-readable string, ignored by the server;
|
||||||
|
|
||||||
- `max-clients`: the maximum number of clients that may join the group at
|
- `max-clients`: the maximum number of clients that may join the group at
|
||||||
a time;
|
a time;
|
||||||
|
|
||||||
- `max-history-age`: the time, in seconds, during which chat history is
|
- `max-history-age`: the time, in seconds, during which chat history is
|
||||||
kept (default 14400, i.e. 4 hours);
|
kept (default 14400, i.e. 4 hours);
|
||||||
|
|
||||||
- `not-before` and `expires`: the times (in ISO 8601 or RFC 3339 format)
|
- `not-before` and `expires`: the times (in ISO 8601 or RFC 3339 format)
|
||||||
between which joining the group is allowed;
|
between which joining the group is allowed;
|
||||||
|
|
||||||
- `allow-recording`: if true, then recording is allowed in this group;
|
- `allow-recording`: if true, then recording is allowed in this group;
|
||||||
|
|
||||||
- `unrestricted-tokens`: if true, then ordinary users (without the "op"
|
- `unrestricted-tokens`: if true, then ordinary users (without the "op"
|
||||||
privilege) are allowed to create tokens;
|
privilege) are allowed to create tokens;
|
||||||
|
|
||||||
- `allow-anonymous`: if true, then users may connect with an empty username;
|
- `allow-anonymous`: if true, then users may connect with an empty username;
|
||||||
|
|
||||||
- `auto-subgroups`: if true, then subgroups of the form `group/subgroup`
|
- `auto-subgroups`: if true, then subgroups of the form `group/subgroup`
|
||||||
are automatically created when first accessed;
|
are automatically created when first accessed;
|
||||||
|
|
||||||
- `autolock`: if true, the group will start locked and become locked
|
- `autolock`: if true, the group will start locked and become locked
|
||||||
whenever there are no clients with operator privileges;
|
whenever there are no clients with operator privileges;
|
||||||
|
|
||||||
- `autokick`: if true, all clients will be kicked out whenever there are
|
- `autokick`: if true, all clients will be kicked out whenever there are
|
||||||
no clients with operator privileges; this is not recommended, prefer
|
no clients with operator privileges; this is not recommended, prefer
|
||||||
the `autolock` option instead;
|
the `autolock` option instead;
|
||||||
|
|
||||||
- `redirect`: if set, then attempts to join the group will be redirected
|
- `redirect`: if set, then attempts to join the group will be redirected
|
||||||
to the given URL; most other fields are ignored in this case;
|
to the given URL; most other fields are ignored in this case;
|
||||||
|
|
||||||
- `codecs`: this is a list of codecs allowed in this group. The default
|
- `codecs`: this is a list of codecs allowed in this group. The default
|
||||||
is `["vp8", "opus"]`.
|
is `["vp8", "opus"]`.
|
||||||
|
|
||||||
|
The value of the `permissions` entry in a user definition can either be an
|
||||||
|
array of individual permissions, as carried by the protocol, or one of
|
||||||
|
the following strings:
|
||||||
|
|
||||||
|
- `op`, a group operator with all rights except administering the group;
|
||||||
|
- `present`, an ordinary user with the right to publish audio and video
|
||||||
|
streams and send chat messages;
|
||||||
|
- `message`, a user with the right to send chat messages;
|
||||||
|
- `observe`, a user that receives media streams and chat messages, but
|
||||||
|
is not allowed to send them;
|
||||||
|
- `caption`, a user with the right to display captions (only);
|
||||||
|
- `admin`, a user with the right to administer the group (only).
|
||||||
|
|
||||||
Supported video codecs include:
|
Supported video codecs include:
|
||||||
|
|
||||||
- `"vp8"` (compatible with all supported browsers);
|
- `"vp8"` (compatible with all supported browsers);
|
||||||
- `"vp9"` (better video quality, but incompatible with Safari);
|
- `"vp9"` (better video quality, but incompatible with Safari; buggy in
|
||||||
|
Firefox);
|
||||||
- `"av1"` (even better video quality, only supported by some browsers,
|
- `"av1"` (even better video quality, only supported by some browsers,
|
||||||
recording is not supported, SVC is not supported);
|
recording is not supported, SVC is not supported);
|
||||||
- `"h264"` (incompatible with Debian and with some Android devices, SVC
|
- `"h264"` (incompatible with Debian and with some older Android devices,
|
||||||
is not supported).
|
- SVC is not supported).
|
||||||
|
|
||||||
Supported audio codecs include `"opus"`, `"g722"`, `"pcmu"` and `"pcma"`.
|
Supported audio codecs include `"opus"`, `"g722"`, `"pcmu"` and `"pcma"`.
|
||||||
Only Opus can be recorded to disk. There is no good reason to use
|
Only Opus can be recorded to disk. There is no good reason to use
|
||||||
|
|
Loading…
Reference in a new issue