openvidu/openvidu-server/deployments/enterprise/docker-compose/.env

# OpenVidu configuration
# ----------------------
# Documentation: https://docs.openvidu.io/en/stable/reference-docs/openvidu-config/

# NOTE: This file doesn't need to quote assignment values, like most shells do.
# All values are stored as-is, even if they contain spaces, so don't quote them.

# Domain name. If you do not have one, the public IP of the machine.
# For example: 198.51.100.1, or openvidu.example.com
DOMAIN_OR_PUBLIC_IP=

# OpenVidu Pro License
OPENVIDU_PRO_LICENSE=

# OpenVidu SECRET used for apps to connect to OpenVidu server and users to access to OpenVidu Dashboard
OPENVIDU_SECRET=

# OpenVidu edition to use. Can be "pro" or "enterprise"
OPENVIDU_EDITION=enterprise

# Media Server to use
OPENVIDU_ENTERPRISE_MEDIA_SERVER=

# Certificate type:
# - selfsigned:  Self signed certificate. Not recommended for production use.
#                Users will see an ERROR when connected to web page.
# - owncert:     Valid certificate purchased in a Internet services company.
#                Please put the certificates files inside folder ./owncert
#                with names certificate.key and certificate.cert
# - letsencrypt: Generate a new certificate using letsencrypt. Please set the
#                required contact email for Let's Encrypt in LETSENCRYPT_EMAIL
#                variable.
CERTIFICATE_TYPE=selfsigned

# If CERTIFICATE_TYPE=letsencrypt, you need to configure a valid email for notifications
LETSENCRYPT_EMAIL=user@example.com

# Proxy configuration
# If you want to change the ports on which openvidu listens, uncomment the following lines

# Allows any request to http://DOMAIN_OR_PUBLIC_IP:HTTP_PORT/ to be automatically
# redirected to https://DOMAIN_OR_PUBLIC_IP:HTTPS_PORT/.
# WARNING: the default port 80 cannot be changed during the first boot
# if you have chosen to deploy with the option CERTIFICATE_TYPE=letsencrypt
# HTTP_PORT=80

# Changes the port of all services exposed by OpenVidu.
# SDKs, REST clients and browsers will have to connect to this port
# HTTPS_PORT=443

# Old paths are considered now deprecated, but still supported by default.
# OpenVidu Server will log a WARN message every time a deprecated path is called, indicating
# the new path that should be used instead. You can set property SUPPORT_DEPRECATED_API=false
# to stop allowing the use of old paths.
# Default value is true
# SUPPORT_DEPRECATED_API=false

# If true request to with www will be redirected to non-www requests
# Default value is false
# REDIRECT_WWW=false

# How many workers to configure in nginx proxy.
# The more workers, the more requests will be handled
# Default value is 10240
# WORKER_CONNECTIONS=10240

# Access restrictions
# In this section you will be able to restrict the IPs from which you can access to
# Openvidu API and the Administration Panel
# WARNING! If you touch this configuration you can lose access to the platform from some IPs.
# Use it carefully.

# This section limits access to the /dashboard (OpenVidu CE) and /inspector (OpenVidu Pro) pages.
# The form for a single IP or an IP range is:
# ALLOWED_ACCESS_TO_DASHBOARD=198.51.100.1 and ALLOWED_ACCESS_TO_DASHBOARD=198.51.100.0/24
# To limit multiple IPs or IP ranges, separate by commas like this:
# ALLOWED_ACCESS_TO_DASHBOARD=198.51.100.1, 198.51.100.0/24
# ALLOWED_ACCESS_TO_DASHBOARD=

# This section limits access to the Openvidu REST API.
# The form for a single IP or an IP range is:
# ALLOWED_ACCESS_TO_RESTAPI=198.51.100.1 and ALLOWED_ACCESS_TO_RESTAPI=198.51.100.0/24
# To limit multiple IPs or or IP ranges, separate by commas like this:
# ALLOWED_ACCESS_TO_RESTAPI=198.51.100.1, 198.51.100.0/24
# ALLOWED_ACCESS_TO_RESTAPI=

# Mode of cluster management. Can be auto (OpenVidu manages Media Nodes on its own.
# Parameter KMS_URIS is ignored) or manual (user must manage Media Nodes. Parameter
# KMS_URIS is used: if any uri is provided it must be valid)
OPENVIDU_PRO_CLUSTER_MODE=manual

# Which environment are you using
# Possibles values: aws, on_premise
OPENVIDU_PRO_CLUSTER_ENVIRONMENT=on_premise

# Unique identifier of your cluster. Each OpenVidu Server Pro instance corresponds to one cluster.
# You can launch as many clusters as you want with your license key.
# Cluster ID will always be stored to disk so restarting OpenVidu Server Pro will keep the same previous cluster ID
# if this configuration parameter is not given a distinct value.
# OPENVIDU_PRO_CLUSTER_ID=

# The desired number of Media Nodes on startup. First the autodiscovery process is performed.
# If there are too many Media Nodes after that, they will be dropped until this number is reached.
# If there are not enough, more will be launched.
# This only takes place if OPENVIDU_PRO_CLUSTER_MODE is set to auto
# If set to zero no media servers will be lauched.
# Type: number >= 0
#OPENVIDU_PRO_CLUSTER_MEDIA_NODES=

# How often each running Media Node will send OpenVidu Server Pro Node load metrics, in seconds.
# This property is only used when OPENVIDU_PRO_CLUSTER_LOAD_STRATEGY is 'cpu'. Other load strategies
# gather information synchronously when required
# Type: number >= 0
# OPENVIDU_PRO_CLUSTER_LOAD_INTERVAL=

# Whether to enable or disable autoscaling. With autoscaling the number of Media Nodes will
# be automatically adjusted according to existing load
# Values: true | false
OPENVIDU_PRO_CLUSTER_AUTOSCALING=false

# How often the autoscaling algorithm runs, in seconds
# Type number >= 0
# OPENVIDU_PRO_CLUSTER_AUTOSCALING_INTERVAL=

# If autoscaling is enabled, the upper limit of Media Nodes that can be reached.
# Even when the average load exceeds the threshold, no more Media Nodes will be added to cluster
# Type number >= 0
# OPENVIDU_PRO_CLUSTER_AUTOSCALING_MAX_NODES=

# If autoscaling is enabled, the lower limit of Media Nodes that can be reached.
# Even when the average load is inferior to the threshold, no more Media Nodes will
# be removed from the cluster
# OPENVIDU_PRO_CLUSTER_AUTOSCALING_MIN_NODES=

# If autoscaling is enabled, the upper average load threshold that will trigger the addition
# of a new Media Node.
# Percentage value (0 min, 100 max)
# OPENVIDU_PRO_CLUSTER_AUTOSCALING_MAX_LOAD=

# If autoscaling is enabled, the lower average load threshold that will trigger the removal
# of an existing Media Node.
# Percentage value (0 min, 100 max)
# OPENVIDU_PRO_CLUSTER_AUTOSCALING_MIN_LOAD=

# What parameter should be used to distribute the creation of new sessions
# (and therefore distribution of load) among all available Media Nodes
OPENVIDU_PRO_CLUSTER_LOAD_STRATEGY=streams

# Whether to enable or disable Network Quality API. You can monitor and
# warn users about the quality of their networks with this feature
# OPENVIDU_PRO_NETWORK_QUALITY=false

# If OPENVIDU_PRO_NETWORK_QUALITY=true, how often the network quality
# algorithm will be invoked for each user, in seconds
# OPENVIDU_PRO_NETWORK_QUALITY_INTERVAL=5

# If you want to use Elasticsearch and Kibana, this variable should be set to true.
OPENVIDU_PRO_ELASTICSEARCH=true

# Max days until delete indexes in state of rollover on Elasticsearch
# Type number >= 0
# Default Value is 7
# OPENVIDU_PRO_ELASTICSEARCH_MAX_DAYS_DELETE=

# If you have an external Elasticsearch and Kibana already running, put here the url to elasticsearch and kibana services.
# If you want to use the deployed Elasticsearch and Kibana locally, keep these variables commented.
#OPENVIDU_PRO_ELASTICSEARCH_HOST=
#OPENVIDU_PRO_KIBANA_HOST=

# Speech To Text service module to be enabled. Can be: [disabled, vosk, azure]
# Default is disabled
# OPENVIDU_PRO_SPEECH_TO_TEXT=disabled

# Speech To Text service module Docker image to be used in media nodes
# This parameter is empty by default, because the default image is the one provided by OpenVidu
# If defined, it will override the default image
# OPENVIDU_PRO_SPEECH_TO_TEXT_IMAGE=

# If OPENVIDU_PRO_SPEECH_TO_TEXT=azure, Azure key for the Speech To Text service.
# See https://azure.microsoft.com/en-us/products/cognitive-services/speech-to-text/
# OPENVIDU_PRO_SPEECH_TO_TEXT_AZURE_KEY=

# If OPENVIDU_PRO_SPEECH_TO_TEXT=azure, Azure region in which the Speech To Text service is located (e.g. 'westeurope').
# Default value is empty
# See https://azure.microsoft.com/en-us/products/cognitive-services/speech-to-text/"
# OPENVIDU_PRO_SPEECH_TO_TEXT_AZURE_REGION=

# Where to store recording files. Can be 'local' (local storage) or 's3' (AWS bucket).
# You will need to define a OPENVIDU_PRO_AWS_S3_BUCKET if you use it.
#OPENVIDU_PRO_RECORDING_STORAGE=

# S3 Bucket where to store recording files. May include paths to allow navigating
# folder structures inside the bucket. This property is only taken into account
# if OPENVIDU_PRO_RECORDING_STORAGE=s3
#OPENVIDU_PRO_AWS_S3_BUCKET=

# If OPENVIDU_PRO_RECORDING_STORAGE=s3, the collection of HTTP header values that the internal AWS client  will use during
# the upload process. The property is a key-value map of strings, following the format of a JSON object. For example, for applying
# server-side encryption with AES-256, this header is mandatory: {"x-amz-server-side-encryption":"AES256"}.
# The list of available headers can be found here: https://docs.aws.amazon.com/AWSJavaSDK/latest/javadoc/com/amazonaws/services/s3/Headers.html
# This property is only taken into account if OPENVIDU_PRO_RECORDING_STORAGE=s3
#OPENVIDU_PRO_AWS_S3_HEADERS=


# This property applies to OPENVIDU_PRO_RECORDING_STORAGE=s3 and/or OPENVIDU_PRO_SPEECH_TO_TEXT=aws.
# It is the AWS long-lived credentials access key. Depending on the service you have enabled:
#   - OPENVIDU_PRO_RECORDING_STORAGE=s3: Must have read and write permissions over the bucket defined in property
#       OPENVIDU_PRO_AWS_S3_BUCKET. In this case credentials are optional:
#       if not provided the internal S3 client will try to use the default AWS credentials of the Master Node, if available
#   - OPENVIDU_PRO_SPEECH_TO_TEXT=aws: Must have permissions to manage Amazon Transcribe services.
#       In this case credentials are mandatory.
# OPENVIDU_PRO_AWS_ACCESS_KEY=

# This property applies to OPENVIDU_PRO_RECORDING_STORAGE=s3 and/or OPENVIDU_PRO_SPEECH_TO_TEXT=aws.
# It is the AWS long-lived credentials secret key. Depending on the service you have enabled:
#   - OPENVIDU_PRO_RECORDING_STORAGE=s3: In this case credentials are optional: if not provided then the internal
#       S3 client will try to use the default AWS credentials of the machine, if available.
#   - OPENVIDU_PRO_SPEECH_TO_TEXT=aws: In this case credentials are mandatory.
# OPENVIDU_PRO_AWS_SECRET_KEY=


# This property applies to OPENVIDU_PRO_RECORDING_STORAGE=s3 and/or OPENVIDU_PRO_SPEECH_TO_TEXT=aws.
# It is the AWS region hosting the services. Depending on the service you have enabled:
#   - OPENVIDU_PRO_RECORDING_STORAGE=s3: AWS region in which the S3 bucket is located (e.g. "eu-west-1").
#       If not provided, the region will try to be discovered automatically, although this is not always possible.
#   - OPENVIDU_PRO_SPEECH_TO_TEXT=aws: AWS region where Amazon Transcribe will operate. In this case the property is always mandatory.
#OPENVIDU_PRO_AWS_REGION=

# Whether to enable recording module or not
OPENVIDU_RECORDING=false

# Use recording module with debug mode.
OPENVIDU_RECORDING_DEBUG=false

# Openvidu Folder Record used for save the openvidu recording videos. Change it
# with the folder you want to use from your host.
OPENVIDU_RECORDING_PATH=/opt/openvidu/recordings

# System path where OpenVidu Server should look for custom recording layouts
OPENVIDU_RECORDING_CUSTOM_LAYOUT=/opt/openvidu/custom-layout

# if true any client can connect to
# https://OPENVIDU_SERVER_IP:OPENVIDU_PORT/recordings/any_session_file.mp4
# and access any recorded video file. If false this path will be secured with
# OPENVIDU_SECRET param just as OpenVidu Server dashboard at
# https://OPENVIDU_SERVER_IP:OPENVIDU_PORT
# Values: true | false
OPENVIDU_RECORDING_PUBLIC_ACCESS=false

# Which users should receive the recording events in the client side
# (recordingStarted, recordingStopped). Can be all (every user connected to
# the session), publisher_moderator (users with role 'PUBLISHER' or
# 'MODERATOR'), moderator (only users with role 'MODERATOR') or none
# (no user will receive these events)
OPENVIDU_RECORDING_NOTIFICATION=publisher_moderator

# Timeout in seconds for recordings to automatically stop (and the session involved to be closed)
# when conditions are met: a session recording is started but no user is publishing to it or a session
# is being recorded and last user disconnects. If a user publishes within the timeout in either case,
# the automatic stop of the recording is cancelled
# 0 means no timeout
OPENVIDU_RECORDING_AUTOSTOP_TIMEOUT=120

# Maximum video bandwidth sent from clients to OpenVidu Server, in kbps.
# 0 means unconstrained
OPENVIDU_STREAMS_VIDEO_MAX_RECV_BANDWIDTH=1000

# Minimum video bandwidth sent from clients to OpenVidu Server, in kbps.
# 0 means unconstrained
OPENVIDU_STREAMS_VIDEO_MIN_RECV_BANDWIDTH=300

# Maximum video bandwidth sent from OpenVidu Server to clients, in kbps.
# 0 means unconstrained
OPENVIDU_STREAMS_VIDEO_MAX_SEND_BANDWIDTH=1000

# Minimum video bandwidth sent from OpenVidu Server to clients, in kbps.
# 0 means unconstrained
OPENVIDU_STREAMS_VIDEO_MIN_SEND_BANDWIDTH=300

# All sessions of OpenVidu will try to force this codec. If OPENVIDU_STREAMS_ALLOW_TRANSCODING=true
# when a codec can not be forced, transcoding will be allowed
# Values: MEDIA_SERVER_PREFERRED, NONE, VP8, VP9, H264
# Default value is MEDIA_SERVER_PREFERRED
# OPENVIDU_STREAMS_FORCED_VIDEO_CODEC=MEDIA_SERVER_PREFERRED

# Allow transcoding if codec specified in OPENVIDU_STREAMS_FORCED_VIDEO_CODEC can not be applied
# Values: true | false
# Default value is false
# OPENVIDU_STREAMS_ALLOW_TRANSCODING=false

# Use Simulcast video on WebRTC Publishers.
# Senders will encode duplicate video streams with different qualities,
# so the media server is able to select the most appropriate quality stream
# for each Subscriber.
# This setting is honored only if OpenVidu Server was configured to use the
# mediasoup media server. Otherwise, Simulcast will be disabled.
# Values: true | false
# Default: false
#OPENVIDU_WEBRTC_SIMULCAST=false

# Send openvidu-browser logs of clients to Elasticsearch
# Possible values:
# - disabled: Don't send logs. (default)
# - debug: Send all openvidu-browser logs
# - debug_app: Send openvidu-browser logs and frontend app logs
# OPENVIDU_BROWSER_LOGS=disabled

# true to enable OpenVidu Webhook service. false' otherwise
# Values: true | false
OPENVIDU_WEBHOOK=false

# HTTP endpoint where OpenVidu Server will send Webhook HTTP POST messages
# Must be a valid URL: http(s)://ENDPOINT
#OPENVIDU_WEBHOOK_ENDPOINT=

# List of headers that OpenVidu Webhook service will attach to HTTP POST messages
#OPENVIDU_WEBHOOK_HEADERS=

# List of events that will be sent by OpenVidu Webhook service
# Default value is all available events
OPENVIDU_WEBHOOK_EVENTS=[sessionCreated,sessionDestroyed,participantJoined,participantLeft,webrtcConnectionCreated,webrtcConnectionDestroyed,recordingStatusChanged,filterEventDispatched,mediaNodeStatusChanged,nodeCrashed,nodeRecovered,broadcastStarted,broadcastStopped]

# How often the garbage collector of non active sessions runs.
# This helps cleaning up sessions that have been initialized through
# REST API (and maybe tokens have been created for them) but have had no users connected.
# Default to 900s (15 mins). 0 to disable non active sessions garbage collector
OPENVIDU_SESSIONS_GARBAGE_INTERVAL=900

# Minimum time in seconds that a non active session must have been in existence
# for the garbage collector of non active sessions to remove it. Default to 3600s (1 hour).
# If non active sessions garbage collector is disabled
# (property 'OPENVIDU_SESSIONS_GARBAGE_INTERVAL' to 0) this property is ignored
OPENVIDU_SESSIONS_GARBAGE_THRESHOLD=3600

# Call Detail Record enabled
# Whether to enable Call Detail Record or not
# Values: true | false
OPENVIDU_CDR=false

# Path where the cdr log files are hosted
OPENVIDU_CDR_PATH=/opt/openvidu/cdr

# Openvidu Server Level logs
# --------------------------
# Uncomment the next line and define this variable to change
# the verbosity level of the logs of Openvidu Service
# RECOMENDED VALUES: INFO for normal logs DEBUG for more verbose logs
# OV_CE_DEBUG_LEVEL=INFO

# OpenVidu Java Options
# --------------------------
# Uncomment the next line and define this to add options to java command
# Documentation: https://docs.oracle.com/cd/E37116_01/install.111210/e23737/configuring_jvm.htm#OUDIG00058
# JAVA_OPTIONS=-Xms2048m -Xmx4096m

# ElasticSearch Java Options
# --------------------------
# Uncomment the next line and define this to add options to java command of Elasticsearch
# Documentation: https://docs.oracle.com/cd/E37116_01/install.111210/e23737/configuring_jvm.htm#OUDIG00058
# By default ElasticSearch is configured to use "-Xms2g -Xmx2g" as Java Min and Max memory heap allocation
# ES_JAVA_OPTS=-Xms2048m -Xmx4096m

# Kibana And ElasticSearch Credentials Configuration
# --------------------------
# Kibana And ElasticSearch Basic Auth configuration (Credentials)
# This credentials will aso be valid for Kibana dashboard
ELASTICSEARCH_USERNAME=elasticadmin
ELASTICSEARCH_PASSWORD=

# Media Node Configuration
# --------------------------
# You can add any KMS environment variable as described in the
# documentation of the docker image: https://hub.docker.com/r/kurento/kurento-media-server
# If you want to add an environment variable to KMS, you must add a variable using this prefix: 'KMS_DOCKER_ENV_',
# followed by the environment variable you want to setup.
# For example if you want to setup KMS_MIN_PORT to 50000, it would be KMS_DOCKER_ENV_KMS_MIN_PORT=50000

# Docker hub kurento media server: https://hub.docker.com/r/kurento/kurento-media-server
# Uncomment the next line and define this variable with KMS image that you want use
# By default, KMS_IMAGE is defined in media nodes and it does not need to be specified unless
# you want to use a specific version of KMS
# KMS_IMAGE=kurento/kurento-media-server:7.1.1

# Uncomment the next line and define this variable to change
# the verbosity level of the logs of KMS
# Documentation: https://doc-kurento.readthedocs.io/en/stable/features/logging.html
# KMS_DOCKER_ENV_GST_DEBUG=

# Coturn deployment in media nodes (Experimental)
# --------------------------
# OpenVidu PRO/Enterprise includes a default TURN/STUN deployment (Coturn).
# By default, Coturn is deployed in master nodes, but if you want to deploy
# Coturn in the media nodes, you just need to set OPENVIDU_PRO_COTURN_IN_MEDIA_NODES=true
# Default value is OPENVIDU_PRO_COTURN_IN_MEDIA_NODES=false
# For Coturn to work, you need at least this ports open:
# For master node you need 3478 TCP/UDP open in the master node.
# For Media nodes you need 443 TCP/UDP open in media nodes.
# More info about Coturn configuration in OpenVidu PRO/ENTERPRISE:
#    - https://docs.openvidu.io/en/stable/deployment/pro/on-premises/#coturn-configuration
OPENVIDU_PRO_COTURN_IN_MEDIA_NODES=false

# Private Docker registries for custom images
# --------------------------
# By default OpenVidu PRO/Enterprise uses the public Docker Hub registry to pull the images,
# but if you want to use a private registry, you can define your own repository and credentials
# in this environment variable.
# You can define as many registries as you want, each repository must be separated by a comma.
# The format of the variable is: OPENVIDU_PRO_DOCKER_REGISTRIES=["serveraddress=yourserver.com,username=user,password=pass"]
# OPENVIDU_PRO_DOCKER_REGISTRIES=


# Cloudformation configuration
# --------------------------
# If you're working outside AWS ignore this section
#AWS_DEFAULT_REGION=
#AWS_IMAGE_ID=
#AWS_INSTANCE_TYPE=
#AWS_INSTANCE_ID=
#AWS_KEY_NAME=
#AWS_SUBNET_ID=
#AWS_SECURITY_GROUP=
#AWS_STACK_ID=
#AWS_STACK_NAME=
#AWS_CLI_DOCKER_TAG=
#AWS_VOLUME_SIZE=

# AWS ASG configuration
# --------------------------
RM_REDIS_IP=
RM_REDIS_PORT=
RM_SQS_QUEUE=
RM_CLOUDFORMATION_ARN=
RM_S3_CONFIGURATION_BUCKET=
RM_S3_CONFIGURATION_BUCKET_REGION=
RM_MEDIA_NODES_AUTOSCALING_GROUP_NAME=
RM_MASTER_NODES_AUTOSCALING_GROUP_NAME=