diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2020-03-27 19:26:50 +0100 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2020-03-27 19:26:50 +0100 |
| commit | 15a5901ead63eb53c8611c524658efb5d2b21a1f (patch) | |
| tree | 9f2e939a459dcc27a3d8a54b73ab8374bf34f417 | |
| parent | coturn: fix variable default (diff) | |
jitsi/meet: 3 out of 4 containers done
| -rw-r--r-- | dan/sk-cloudia.yml | 1 | ||||
| -rw-r--r-- | inventory/host_vars/sk-cloudia/jitsi.yml | 6 | ||||
| -rw-r--r-- | roles/apps/jitsi/meet/defaults/main.yml | 11 | ||||
| -rw-r--r-- | roles/apps/jitsi/meet/tasks/main.yml | 17 | ||||
| -rw-r--r-- | roles/apps/jitsi/meet/templates/pod.yml.j2 | 87 | ||||
| -rw-r--r-- | roles/kubernetes/standalone/templates/kubelet-config.yml.j2 | 4 |
6 files changed, 124 insertions, 2 deletions
diff --git a/dan/sk-cloudia.yml b/dan/sk-cloudia.yml index b02b1d38..1d6883c1 100644 --- a/dan/sk-cloudia.yml +++ b/dan/sk-cloudia.yml @@ -16,3 +16,4 @@ - role: apps/collabora/code - role: apps/etherpad-lite - role: apps/coturn + - role: apps/jitsi/meet diff --git a/inventory/host_vars/sk-cloudia/jitsi.yml b/inventory/host_vars/sk-cloudia/jitsi.yml new file mode 100644 index 00000000..b5b32486 --- /dev/null +++ b/inventory/host_vars/sk-cloudia/jitsi.yml @@ -0,0 +1,6 @@ +--- +jitsi_meet_base_path: /srv/storage/jitsi/meet + +jitsi_meet_version: 4101-2 +jitsi_meet_hostnames: + - meet.elev8.at diff --git a/roles/apps/jitsi/meet/defaults/main.yml b/roles/apps/jitsi/meet/defaults/main.yml new file mode 100644 index 00000000..c1700046 --- /dev/null +++ b/roles/apps/jitsi/meet/defaults/main.yml @@ -0,0 +1,11 @@ +--- +jitsi_meet_base_path: /srv/jitsi/meet + +jitsi_meet_version: 4101-2 +jitsi_meet_inst_name: "{{ jitsi_meet_hostnames[0] }}" +jitsi_meet_hostnames: + - meet.example.com + +jitsi_meet_http_port: 8400 + +jitsi_meet_timezone: Europe/Vienna diff --git a/roles/apps/jitsi/meet/tasks/main.yml b/roles/apps/jitsi/meet/tasks/main.yml new file mode 100644 index 00000000..387df3b8 --- /dev/null +++ b/roles/apps/jitsi/meet/tasks/main.yml @@ -0,0 +1,17 @@ +--- +- name: configure nginx vhost + vars: + nginx_vhost: + name: "jitsi-meet-{{ jitsi_meet_inst_name }}" + template: generic-proxy-no-buffering-with-acme + acme: true + hostnames: "{{ jitsi_meet_hostnames }}" + proxy_pass: "http://127.0.0.1:{{ jitsi_meet_http_port }}" + include_role: + name: nginx/vhost + +- name: generate pod manifests + template: + src: "pod.yml.j2" + dest: "/etc/kubernetes/manifests/jitsi-meet-{{ jitsi_meet_inst_name }}.yml" + mode: 0600 diff --git a/roles/apps/jitsi/meet/templates/pod.yml.j2 b/roles/apps/jitsi/meet/templates/pod.yml.j2 new file mode 100644 index 00000000..685a31f2 --- /dev/null +++ b/roles/apps/jitsi/meet/templates/pod.yml.j2 @@ -0,0 +1,87 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "jitsi-meet-{{ jitsi_meet_inst_name }}" +spec: + containers: + - name: jicofo + image: "jitsi/jicofo:{{ jitsi_meet_version }}" + env: + - name: XMPP_SERVER + value: localhost + - name: XMPP_DOMAIN + value: meet.jitsi + - name: XMPP_AUTH_DOMAIN + value: auth.meet.jitsi + - name: XMPP_INTERNAL_MUC_DOMAIN + value: internal-muc.meet.jitsi + - name: JICOFO_COMPONENT_SECRET +{# TODO: hardcoded value #} + value: "jicofo_component_secret" + - name: JICOFO_AUTH_USER + value: focus + - name: JICOFO_AUTH_PASSWORD +{# TODO: hardcoded value #} + value: "jicofo_auth_password" + - name: TZ + value: {{ jitsi_meet_timezone }} + - name: JVB_BREWERY_MUC + value: jvbbrewery + - name: prosody + image: "jitsi/prosody:{{ jitsi_meet_version }}" + env: + - name: XMPP_DOMAIN + value: meet.jitsi + - name: XMPP_AUTH_DOMAIN + value: auth.meet.jitsi + - name: XMPP_MUC_DOMAIN + value: muc.meet.jitsi + - name: XMPP_INTERNAL_MUC_DOMAIN + value: internal-muc.meet.jitsi + - name: JICOFO_COMPONENT_SECRET +{# TODO: hardcoded value #} + value: "jicofo_component_secret" + - name: JVB_AUTH_USER + value: jvb + - name: JVB_AUTH_PASSWORD +{# TODO: hardcoded value #} + value: "jvb_auth_password" + - name: JICOFO_AUTH_USER + value: focus +{# TODO: hardcoded value #} + value: "jicofo_auth_password" + - name: TZ + value: {{ jitsi_meet_timezone }} + - name: JVB_TCP_HARVESTER_DISABLED + value: "true" + - name: web + image: "jitsi/web:{{ jitsi_meet_version }}" + env: + - name: DISABLE_HTTPS + value: "1" + - name: ENABLE_HTTP_REDIRECT + value: "0" + - name: XMPP_SERVER + value: localhost + - name: JICOFO_AUTH_USER + value: focus + - name: XMPP_DOMAIN + value: meet.jitsi + - name: XMPP_AUTH_DOMAIN + value: auth.meet.jitsi + - name: XMPP_INTERNAL_MUC_DOMAIN + value: internal-muc.meet.jitsi + - name: XMPP_BOSH_URL_BASE + value: http://127.0.0.1:5280 + - name: XMPP_MUC_DOMAIN + value: muc.meet.jitsi + - name: TZ + value: {{ jitsi_meet_timezone }} + - name: JVB_TCP_HARVESTER_DISABLED + value: "true" + resources: + limits: + memory: "1Gi" + ports: + - containerPort: 80 + hostPort: {{ jitsi_meet_http_port }} diff --git a/roles/kubernetes/standalone/templates/kubelet-config.yml.j2 b/roles/kubernetes/standalone/templates/kubelet-config.yml.j2 index 78aec0c4..4e6716eb 100644 --- a/roles/kubernetes/standalone/templates/kubelet-config.yml.j2 +++ b/roles/kubernetes/standalone/templates/kubelet-config.yml.j2 @@ -6,7 +6,7 @@ staticPodPath: /etc/kubernetes/manifests address: {{ kubernetes_standalone_address }} port: {{ kubernetes_standalone_port }} readOnlyPort: {{ kubernetes_standalone_readonly_port }} -healthzBindAdress: {{ kubernetes_standalone_healthz_address }} +healthzBindAddress: {{ kubernetes_standalone_healthz_address }} healthzPort: {{ kubernetes_standalone_healthz_port }} authentication: anonymous: @@ -15,7 +15,7 @@ authentication: enabled: false authorization: mode: AlwaysAllow -Maxpods: {{ kubernetes_standalone_max_pods }} +maxPods: {{ kubernetes_standalone_max_pods }} makeIPTablesUtilChains: false hairpinMode: none resolvConf: {{ kubernetes_standalone_resolv_conf }} |