diff --git a/matrix/element-call/README.md b/matrix/element-call/README.md index ccf643f..389caf6 100644 --- a/matrix/element-call/README.md +++ b/matrix/element-call/README.md @@ -51,7 +51,7 @@ haven't installed that, you should create the user yourself: adduser --system turnserver ``` -Create a key and secret: {#keysecret} +## Create a key and secret: {#keysecret} ``` livekit-server generate-keys @@ -99,6 +99,8 @@ chown root:turnserver /etc/livekit/livekit.yaml chmod 640 /etc/livekit/livekit.yaml ``` +## TLS certificate + The TLS-certificate files are not in the usual place under `/etc/letsencrypt/live`, see [DNS and certificate](../coturn/README.md#dnscert) under coturn why that is. @@ -121,6 +123,9 @@ from the outside world. See [LiveKit's config documentation](https://github.com/livekit/livekit/blob/master/config-sample.yaml) for more options. + +## Systemd + Now define a systemd servicefile, like this: ``` @@ -211,6 +216,8 @@ cp ~user/lk-jwt-service/lk-jwt-service /usr/local/sbin chown root:root /usr/local/sbin/lk-jwt-service ``` +## Systemd + Create a service file for systemd, something like this: ``` @@ -232,6 +239,8 @@ ExecStart=/usr/local/sbin/lk-jwt-service WantedBy=multi-user.target ``` +## Configuration {#jwtconfig} + We read the options from `/etc/lk-jwt-service/config`, which we make read-only for group `www-data` and non-accessible by anyone else. @@ -243,7 +252,7 @@ chgrp -R www-data /etc/lk-jwt-service chmod -R o-rwx /etc/lk-jwt-service ``` -{#jwtconfig}This is what you should put into that config file, +This is what you should put into that config file, `/etc/lk-jwt-service/config`. The `LIVEKIT_SECRET` and `LIVEKIT_KEY` are the ones you created while [configuring LiveKit](#keysecret). @@ -299,6 +308,8 @@ cd element-call After that, you can find the whole shebang under "dist". Copy that to `/var/www/element-call` and point nginx to it ([see nginx](../nginx#callwidget)). +## Configuring + It needs a tiny bit of configuring. The default configuration under `config/config.sample.json` is a good place to start, copy it to `/etc/element-call` and change where necessary: