diff --git a/README.md b/README.md index faf349afd6..b5eaf863d7 100644 --- a/README.md +++ b/README.md @@ -388,6 +388,22 @@ Variable | Description | Example For setting the Google Cloud Credentials please read https://cloud.google.com/text-to-speech/docs/quickstart-protocol section "Before you begin" paragraph 1 to 5. +### Access and Application logging + +For privacy reasons it is important to have the possibility to disable all logs about the users. To achieve this you can configure the log level for each component with these options: + +Variable | Description | Default value +--- | --- | --- +`PROSODY_LOG_LEVEL` | Controls which logs are output from prosody and associated modules. [Supported levels](https://prosody.im/doc/logging) | info +`JVB_LOG_LEVEL` | Controls which logs are written to stdout. [Supported java log levels](https://docs.oracle.com/javase/8/docs/api/java/util/logging/Level.html) | INFO +`JICOFO_LOG_LEVEL` | Controls which logs are written to stdout. [Supported java log levels](https://docs.oracle.com/javase/8/docs/api/java/util/logging/Level.html) | INFO +`JIGASI_LOG_LEVEL` | Controls which logs are written to stdout. [Supported java log levels](https://docs.oracle.com/javase/8/docs/api/java/util/logging/Level.html) | INFO +`JIBRI_LOG_LEVEL` | Controls which logs are written to stdout. [Supported java log levels](https://docs.oracle.com/javase/8/docs/api/java/util/logging/Level.html) | INFO +`ENABLE_WEB_ACCESS_LOGS` | Controls access logs written to stdout for nginx | true +`ETHERPAD_DISABLE_IP_LOGGING` | Disable IP logging | false +`ETHERPAD_LOG_LEVEL` | Controls which logs are written to stdout. Supported levels: DEBUG, INFO, WARN, ERROR | INFO + + ### Advanced configuration These configuration options are already set and generally don't need to be changed. @@ -433,7 +449,6 @@ Variable | Description | Default value `JIGASI_TRANSCRIBER_ADVERTISE_URL` | Jigasi will post an URL to the chat with transcription file | true `DISABLE_HTTPS` | Handle TLS connections outside of this setup | 1 `ENABLE_HTTP_REDIRECT` | Redirect HTTP traffic to HTTPS (necessary for Let's Encrypt) | 1 -`LOG_LEVEL` | Controls which logs are output from prosody and associated modules | info ### Running behind NAT or on a LAN environment diff --git a/docker-compose.yml b/docker-compose.yml index 112b86c35a..38490fa6d7 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -38,6 +38,7 @@ services: - JIBRI_RECORDER_USER - JIBRI_RECORDER_PASSWORD - ENABLE_RECORDING + - ENABLE_WEB_ACCESS_LOGS networks: meet.jitsi: aliases: @@ -100,7 +101,7 @@ services: - JWT_ALLOW_EMPTY - JWT_AUTH_TYPE - JWT_TOKEN_AUTH_MODULE - - LOG_LEVEL + - PROSODY_LOG_LEVEL - TZ networks: meet.jitsi: @@ -128,6 +129,7 @@ services: - JIGASI_SIP_URI - JIBRI_BREWERY_MUC - JIBRI_PENDING_TIMEOUT + - JICOFO_LOG_LEVEL - TZ depends_on: - prosody @@ -156,6 +158,7 @@ services: - JVB_TCP_PORT - JVB_STUN_SERVERS - JVB_ENABLE_APIS + - JVB_LOG_LEVEL - TZ depends_on: - prosody diff --git a/env.example b/env.example index 20a3590eff..e8994198c7 100644 --- a/env.example +++ b/env.example @@ -71,6 +71,11 @@ TZ=Europe/Amsterdam # Set etherpad-lite URL (uncomment to enable) #ETHERPAD_URL_BASE=http://etherpad.meet.jitsi:9001 +# Disable IP logging +#ETHERPAD_DISABLE_IP_LOGGING=false + +# Controls which logs are written to stdout. Supported levels: DEBUG, INFO, WARN, ERROR +#ETHERPAD_LOG_LEVEL=INFO # # Basic Jigasi configuration options (needed for SIP gateway support) @@ -200,6 +205,9 @@ XMPP_MUC_MODULES= # Custom Prosody modules for internal MUC component (comma separated) XMPP_INTERNAL_MUC_MODULES= +# Controls which logs are output from prosody and associated modules +PROSODY_LOG_LEVEL=info + # MUC for the JVB pool JVB_BREWERY_MUC=jvbbrewery @@ -220,6 +228,12 @@ JVB_TCP_PORT=4443 # See https://github.com/jitsi/jitsi-videobridge/blob/master/doc/rest.md for more information #JVB_ENABLE_APIS=rest,colibri +# Controls which logs are written to stdout. Supported java log levels are SEVERE, WARNING, INFO, CONFIG, FINE, FINER, FINEST +#JVB_LOG_LEVEL=INFO + +# XMPP component password for Jicofo +JICOFO_COMPONENT_SECRET=s3cr37 + # XMPP user for Jicofo client connections. # NOTE: this option doesn't currently work due to a bug JICOFO_AUTH_USER=focus @@ -227,6 +241,9 @@ JICOFO_AUTH_USER=focus # Base URL of Jicofo's reservation REST API #JICOFO_RESERVATION_REST_BASE_URL=http://reservation.example.com +# Controls which logs are written to stdout. Supported java log levels are SEVERE, WARNING, INFO, CONFIG, FINE, FINER, FINEST +#JICOFO_LOG_LEVEL=INFO + # XMPP user for Jigasi MUC client connections JIGASI_XMPP_USER=jigasi @@ -274,6 +291,9 @@ JIGASI_PORT_MAX=20050 #GC_CLIENT_ID= #GC_CLIENT_CERT_URL= +# Controls which logs are written to stdout. Supported java log levels are SEVERE, WARNING, INFO, CONFIG, FINE, FINER, FINEST +#JIGASI_LOG_LEVEL=INFO + # Enable recording #ENABLE_RECORDING=1 @@ -311,6 +331,12 @@ JIBRI_STRIP_DOMAIN_JID=muc # Directory for logs inside Jibri container JIBRI_LOGS_DIR=/config/logs +# Controls which logs are written to stdout. Supported java log levels are SEVERE, WARNING, INFO, CONFIG, FINE, FINER, FINEST +#JIBRI_LOG_LEVEL=INFO + +# Controls access logs written to stdout for nginx +#ENABLE_WEB_ACCESS_LOGS=true + # Disable HTTPS: handle TLS connections outside of this setup #DISABLE_HTTPS=1 diff --git a/etherpad.yml b/etherpad.yml index 2d24fc36fa..98f17fc7d7 100644 --- a/etherpad.yml +++ b/etherpad.yml @@ -5,6 +5,9 @@ services: etherpad: image: jitsi/etherpad restart: ${RESTART_POLICY} + environment: + - ETHERPAD_DISABLE_IP_LOGGING + - ETHERPAD_LOG_LEVEL networks: meet.jitsi: aliases: diff --git a/etherpad/rootfs/defaults/settings.json b/etherpad/rootfs/defaults/settings.json index f01f6195b1..e322ed21c6 100644 --- a/etherpad/rootfs/defaults/settings.json +++ b/etherpad/rootfs/defaults/settings.json @@ -234,7 +234,7 @@ /* * Privacy: disable IP logging */ - "disableIPlogging" : false, + "disableIPlogging" : "${ETHERPAD_DISABLE_IP_LOGGING:false}", /* * Time (in seconds) to automatically reconnect pad when a "Force reconnect" @@ -362,7 +362,7 @@ * * Valid values: DEBUG, INFO, WARN, ERROR */ - "loglevel": "INFO", + "loglevel": "${ETHERPAD_LOG_LEVEL:INFO}", /* * Logging configuration. See log4js documentation for further information: diff --git a/jibri.yml b/jibri.yml index 806532f151..834010901e 100644 --- a/jibri.yml +++ b/jibri.yml @@ -27,6 +27,7 @@ services: - JIBRI_FINALIZE_RECORDING_SCRIPT_PATH - JIBRI_STRIP_DOMAIN_JID - JIBRI_LOGS_DIR + - JIBRI_LOG_LEVEL - DISPLAY=:0 - TZ depends_on: diff --git a/jibri/rootfs/defaults/config.json b/jibri/rootfs/defaults/config.json index a455cfdf17..1cde20658f 100644 --- a/jibri/rootfs/defaults/config.json +++ b/jibri/rootfs/defaults/config.json @@ -26,7 +26,7 @@ "control_muc": { "domain": "{{ .Env.XMPP_INTERNAL_MUC_DOMAIN }}", "room_name": "{{ .Env.JIBRI_BREWERY_MUC }}", - // MUST be unic for every instanse + // MUST be unic for every instanse "nickname": "jibri-instanse-{{ .Env.JIBRI_INSTANCE_ID }}" }, // All participants in a call join a muc so they can exchange diff --git a/jibri/rootfs/defaults/logging.properties b/jibri/rootfs/defaults/logging.properties index ba6c34eaf4..5d5472b0ad 100644 --- a/jibri/rootfs/defaults/logging.properties +++ b/jibri/rootfs/defaults/logging.properties @@ -1,33 +1,32 @@ handlers = java.util.logging.FileHandler, java.util.logging.ConsoleHandler - -java.util.logging.FileHandler.level = FINE +java.util.logging.FileHandler.level = {{ .Env.JIBRI_LOG_LEVEL | default "FINE" }} java.util.logging.FileHandler.pattern = {{ .Env.JIBRI_LOGS_DIR }}/log.%g.txt java.util.logging.FileHandler.formatter = net.java.sip.communicator.util.ScLogFormatter java.util.logging.FileHandler.count = 10 java.util.logging.FileHandler.limit = 10000000 -org.jitsi.jibri.capture.ffmpeg.util.FfmpegFileHandler.level = FINE +org.jitsi.jibri.capture.ffmpeg.util.FfmpegFileHandler.level = {{ .Env.JIBRI_LOG_LEVEL | default "FINE" }} org.jitsi.jibri.capture.ffmpeg.util.FfmpegFileHandler.pattern = {{ .Env.JIBRI_LOGS_DIR }}/ffmpeg.%g.txt org.jitsi.jibri.capture.ffmpeg.util.FfmpegFileHandler.formatter = net.java.sip.communicator.util.ScLogFormatter org.jitsi.jibri.capture.ffmpeg.util.FfmpegFileHandler.count = 10 org.jitsi.jibri.capture.ffmpeg.util.FfmpegFileHandler.limit = 10000000 -org.jitsi.jibri.sipgateway.pjsua.util.PjsuaFileHandler.level = FINE +org.jitsi.jibri.sipgateway.pjsua.util.PjsuaFileHandler.level = {{ .Env.JIBRI_LOG_LEVEL | default "FINE" }} org.jitsi.jibri.sipgateway.pjsua.util.PjsuaFileHandler.pattern = {{ .Env.JIBRI_LOGS_DIR }}/pjsua.%g.txt org.jitsi.jibri.sipgateway.pjsua.util.PjsuaFileHandler.formatter = net.java.sip.communicator.util.ScLogFormatter org.jitsi.jibri.sipgateway.pjsua.util.PjsuaFileHandler.count = 10 org.jitsi.jibri.sipgateway.pjsua.util.PjsuaFileHandler.limit = 10000000 -org.jitsi.jibri.selenium.util.BrowserFileHandler.level = FINE +org.jitsi.jibri.selenium.util.BrowserFileHandler.level = {{ .Env.JIBRI_LOG_LEVEL | default "FINE" }} org.jitsi.jibri.selenium.util.BrowserFileHandler.pattern = {{ .Env.JIBRI_LOGS_DIR }}/browser.%g.txt org.jitsi.jibri.selenium.util.BrowserFileHandler.formatter = net.java.sip.communicator.util.ScLogFormatter org.jitsi.jibri.selenium.util.BrowserFileHandler.count = 10 org.jitsi.jibri.selenium.util.BrowserFileHandler.limit = 10000000 -java.util.logging.ConsoleHandler.level = FINE +java.util.logging.ConsoleHandler.level = {{ .Env.JIBRI_LOG_LEVEL | default "FINE" }} java.util.logging.ConsoleHandler.formatter = net.java.sip.communicator.util.ScLogFormatter -org.jitsi.level = FINE +org.jitsi.level = {{ .Env.JIBRI_LOG_LEVEL | default "FINE" }} -org.glassfish.level = INFO -org.osgi.level = INFO +org.glassfish.level = {{ .Env.JIBRI_LOG_LEVEL | default "INFO" }} +org.osgi.level = {{ .Env.JIBRI_LOG_LEVEL | default "INFO" }} diff --git a/jicofo/rootfs/defaults/logging.properties b/jicofo/rootfs/defaults/logging.properties index f8fd21a78e..9a57914318 100644 --- a/jicofo/rootfs/defaults/logging.properties +++ b/jicofo/rootfs/defaults/logging.properties @@ -1,18 +1,18 @@ handlers= java.util.logging.ConsoleHandler -java.util.logging.ConsoleHandler.level = ALL +java.util.logging.ConsoleHandler.level = {{ .Env.JIBRI_LOG_LEVEL | default "INFO" }} java.util.logging.ConsoleHandler.formatter = net.java.sip.communicator.util.ScLogFormatter net.java.sip.communicator.util.ScLogFormatter.programname=Jicofo -.level=INFO -net.sf.level=SEVERE -net.java.sip.communicator.plugin.reconnectplugin.level=FINE -org.ice4j.level=SEVERE -org.jitsi.impl.neomedia.level=SEVERE +.level={{ .Env.JIBRI_LOG_LEVEL | default "INFO" }} +net.sf.level={{ .Env.JIBRI_LOG_LEVEL | default "SEVERE" }} +net.java.sip.communicator.plugin.reconnectplugin.level={{ .Env.JIBRI_LOG_LEVEL | default "FINE" }} +org.ice4j.level={{ .Env.JIBRI_LOG_LEVEL | default "SEVERE" }} +org.jitsi.impl.neomedia.level={{ .Env.JIBRI_LOG_LEVEL | default "SEVERE" }} # Do not worry about missing strings -net.java.sip.communicator.service.resources.AbstractResourcesService.level=SEVERE +net.java.sip.communicator.service.resources.AbstractResourcesService.level={{ .Env.JIBRI_LOG_LEVEL | default "SEVERE" }} #net.java.sip.communicator.service.protocol.level=ALL diff --git a/jicofo/rootfs/etc/cont-init.d/10-config b/jicofo/rootfs/etc/cont-init.d/10-config index eac6164423..a5c8be6328 100644 --- a/jicofo/rootfs/etc/cont-init.d/10-config +++ b/jicofo/rootfs/etc/cont-init.d/10-config @@ -22,7 +22,7 @@ if [[ ! -f /config/sip-communicator.properties ]]; then fi if [[ ! -f /config/logging.properties ]]; then - cp /defaults/logging.properties /config + tpl /defaults/logging.properties /config/logging.properties fi chown -R jicofo:jitsi /config diff --git a/jigasi.yml b/jigasi.yml index c36fc171fb..0a8a117c45 100644 --- a/jigasi.yml +++ b/jigasi.yml @@ -31,6 +31,7 @@ services: - JIGASI_HEALTH_CHECK_INTERVAL - JIGASI_SIP_KEEP_ALIVE_METHOD - JIGASI_ENABLE_SDES_SRTP + - JIGASI_LOG_LEVEL - ENABLE_TRANSCRIPTIONS - JIGASI_TRANSCRIBER_ADVERTISE_URL - JIGASI_TRANSCRIBER_RECORD_AUDIO diff --git a/jigasi/rootfs/defaults/logging.properties b/jigasi/rootfs/defaults/logging.properties index 188619ad48..b19ed0a1d1 100644 --- a/jigasi/rootfs/defaults/logging.properties +++ b/jigasi/rootfs/defaults/logging.properties @@ -1,18 +1,18 @@ handlers= java.util.logging.ConsoleHandler -java.util.logging.ConsoleHandler.level = ALL -java.util.logging.ConsoleHandler.formatter = net.java.sip.communicator.util.ScLogFormatter +java.util.logging.ConsoleHandler.level={{ .Env.JIGASI_LOG_LEVEL | default "INFO" }} +java.util.logging.ConsoleHandler.formatter=net.java.sip.communicator.util.ScLogFormatter net.java.sip.communicator.util.ScLogFormatter.programname=Jigasi -.level=INFO -net.sf.level=SEVERE -net.java.sip.communicator.plugin.reconnectplugin.level=FINE -org.ice4j.level=SEVERE -org.jitsi.impl.neomedia.level=SEVERE +.level={{ .Env.JIGASI_LOG_LEVEL | default "INFO" }} +net.sf.level={{ .Env.JIGASI_LOG_LEVEL | default "SEVERE" }} +net.java.sip.communicator.plugin.reconnectplugin.level={{ .Env.JIGASI_LOG_LEVEL | default "FINE" }} +org.ice4j.level={{ .Env.JIGASI_LOG_LEVEL | default "SEVERE" }} +org.jitsi.impl.neomedia.level={{ .Env.JIGASI_LOG_LEVEL | default "SEVERE" }} # Do not worry about missing strings -net.java.sip.communicator.service.resources.AbstractResourcesService.level=SEVERE +net.java.sip.communicator.service.resources.AbstractResourcesService.level={{ .Env.JIGASI_LOG_LEVEL | default "SEVERE" }} #net.java.sip.communicator.service.protocol.level=ALL diff --git a/jigasi/rootfs/etc/cont-init.d/10-config b/jigasi/rootfs/etc/cont-init.d/10-config index c99f712596..8391b5f81b 100644 --- a/jigasi/rootfs/etc/cont-init.d/10-config +++ b/jigasi/rootfs/etc/cont-init.d/10-config @@ -16,7 +16,7 @@ if [[ ! -f /config/sip-communicator.properties ]]; then fi if [[ ! -f /config/logging.properties ]]; then - cp /defaults/logging.properties /config + tpl /defaults/logging.properties /config/logging.properties fi mkdir -pm777 /tmp/transcripts diff --git a/jvb/rootfs/defaults/logging.properties b/jvb/rootfs/defaults/logging.properties index 11f5667fe3..0dfb28f12e 100644 --- a/jvb/rootfs/defaults/logging.properties +++ b/jvb/rootfs/defaults/logging.properties @@ -1,14 +1,14 @@ handlers= java.util.logging.ConsoleHandler -java.util.logging.ConsoleHandler.level = ALL -java.util.logging.ConsoleHandler.formatter = net.java.sip.communicator.util.ScLogFormatter +java.util.logging.ConsoleHandler.level={{ .Env.JIGASI_LOG_LEVEL | default "INFO" }} +java.util.logging.ConsoleHandler.formatter=net.java.sip.communicator.util.ScLogFormatter net.java.sip.communicator.util.ScLogFormatter.programname=JVB -.level=INFO +.level={{ .Env.JIGASI_LOG_LEVEL | default "INFO" }} -org.jitsi.videobridge.xmpp.ComponentImpl.level=FINE +org.jitsi.videobridge.xmpp.ComponentImpl.level={{ .Env.JIGASI_LOG_LEVEL | default "FINE" }} # All of the INFO level logs from MediaStreamImpl are unnecessary in the context of jitsi-videobridge. -org.jitsi.impl.neomedia.MediaStreamImpl.level=WARNING +org.jitsi.impl.neomedia.MediaStreamImpl.level={{ .Env.JIGASI_LOG_LEVEL | default "WARNING" }} diff --git a/jvb/rootfs/etc/cont-init.d/10-config b/jvb/rootfs/etc/cont-init.d/10-config index 11af52c21c..7f4ee854fe 100644 --- a/jvb/rootfs/etc/cont-init.d/10-config +++ b/jvb/rootfs/etc/cont-init.d/10-config @@ -16,7 +16,7 @@ if [[ ! -f /config/sip-communicator.properties ]]; then fi if [[ ! -f /config/logging.properties ]]; then - cp /defaults/logging.properties /config + tpl /defaults/logging.properties /config/logging.properties fi chown -R jvb:jitsi /config diff --git a/prosody/rootfs/defaults/prosody.cfg.lua b/prosody/rootfs/defaults/prosody.cfg.lua index 9e215b9f4e..a767e1b287 100644 --- a/prosody/rootfs/defaults/prosody.cfg.lua +++ b/prosody/rootfs/defaults/prosody.cfg.lua @@ -1,4 +1,4 @@ -{{ $LOG_LEVEL := .Env.LOG_LEVEL | default "info" }} +{{ $LOG_LEVEL := .Env.PROSODY_LOG_LEVEL | default "info" }} -- Prosody Example Configuration File -- diff --git a/web/rootfs/defaults/nginx.conf b/web/rootfs/defaults/nginx.conf index fa1a78e325..b7b048627c 100644 --- a/web/rootfs/defaults/nginx.conf +++ b/web/rootfs/defaults/nginx.conf @@ -1,3 +1,5 @@ +{{ $ENABLE_ACCESS_LOGS := .Env.ENABLE_WEB_ACCESS_LOGS | default "1" | toBool }} + user www-data; worker_processes 4; pid /run/nginx.pid; @@ -33,7 +35,11 @@ http { # Logging Settings ## + {{ if .ENABLE_ACCESS_LOGS }} access_log /dev/stdout; + {{ else }} + access_log off; + {{ end }} error_log /dev/stderr; ## @@ -53,7 +59,7 @@ http { ## # Virtual Host Configs ## - include /config/nginx/site-confs/*; + include /config/nginx/site-confs/*; } diff --git a/web/rootfs/etc/cont-init.d/10-config b/web/rootfs/etc/cont-init.d/10-config index f70482beed..8094109216 100644 --- a/web/rootfs/etc/cont-init.d/10-config +++ b/web/rootfs/etc/cont-init.d/10-config @@ -54,7 +54,7 @@ fi # copy config files if [[ ! -f /config/nginx/nginx.conf ]]; then - cp /defaults/nginx.conf /config/nginx/nginx.conf + tpl /defaults/nginx.conf /config/nginx/nginx.conf fi if [[ ! -f /config/nginx/meet.conf ]]; then