diff options
author | Christian Pointner <equinox@spreadspace.org> | 2020-03-29 03:56:01 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2020-03-29 03:56:01 +0200 |
commit | e08af6ff2a528cd16b2999c242242826f30b8866 (patch) | |
tree | 99047b8b866f6181e2db85a8f5701904e7285abc /roles/apps/jitsi | |
parent | nginx: add support for stream proxies (diff) |
jisi meet: still not nice and not working at the moment
Diffstat (limited to 'roles/apps/jitsi')
-rw-r--r-- | roles/apps/jitsi/meet/defaults/main.yml | 1 | ||||
-rw-r--r-- | roles/apps/jitsi/meet/tasks/main.yml | 31 | ||||
-rw-r--r-- | roles/apps/jitsi/meet/templates/pod.yml.j2 | 133 |
3 files changed, 141 insertions, 24 deletions
diff --git a/roles/apps/jitsi/meet/defaults/main.yml b/roles/apps/jitsi/meet/defaults/main.yml index c1700046..7fec62c3 100644 --- a/roles/apps/jitsi/meet/defaults/main.yml +++ b/roles/apps/jitsi/meet/defaults/main.yml @@ -7,5 +7,6 @@ jitsi_meet_hostnames: - meet.example.com jitsi_meet_http_port: 8400 +jitsi_meet_jvb_port: 10000 jitsi_meet_timezone: Europe/Vienna diff --git a/roles/apps/jitsi/meet/tasks/main.yml b/roles/apps/jitsi/meet/tasks/main.yml index 387df3b8..2964b293 100644 --- a/roles/apps/jitsi/meet/tasks/main.yml +++ b/roles/apps/jitsi/meet/tasks/main.yml @@ -1,4 +1,28 @@ --- +- name: create jitsi-meet scripts subdirectories + loop: + - jicofo + - prosody + - web + - jvb + file: + path: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts/{{ item }}" + state: directory + +- name: generate prosody cont-init.d script + copy: + content: | + #!/usr/bin/with-contenv bash + sed -e 's#^\(component_interface\s*=\)#-- \1#g' -i /config/prosody.cfg.lua + dest: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts/prosody/cont-init.sh" + mode: 0755 + +- name: generate pod manifests + template: + src: "pod.yml.j2" + dest: "/etc/kubernetes/manifests/jitsi-meet-{{ jitsi_meet_inst_name }}.yml" + mode: 0600 + - name: configure nginx vhost vars: nginx_vhost: @@ -6,12 +30,7 @@ template: generic-proxy-no-buffering-with-acme acme: true hostnames: "{{ jitsi_meet_hostnames }}" + client_max_body_size: "0" proxy_pass: "http://127.0.0.1:{{ jitsi_meet_http_port }}" include_role: name: nginx/vhost - -- name: generate pod manifests - template: - src: "pod.yml.j2" - dest: "/etc/kubernetes/manifests/jitsi-meet-{{ jitsi_meet_inst_name }}.yml" - mode: 0600 diff --git a/roles/apps/jitsi/meet/templates/pod.yml.j2 b/roles/apps/jitsi/meet/templates/pod.yml.j2 index 685a31f2..3efd007b 100644 --- a/roles/apps/jitsi/meet/templates/pod.yml.j2 +++ b/roles/apps/jitsi/meet/templates/pod.yml.j2 @@ -3,18 +3,37 @@ kind: Pod metadata: name: "jitsi-meet-{{ jitsi_meet_inst_name }}" spec: + initContainers: + - name: prepare-config + image: busybox + workingDir: /config + command: + - sh + - -c + - mkdir -p jicofo prosody web jvb + volumeMounts: + - name: config + mountPath: /config containers: - name: jicofo image: "jitsi/jicofo:{{ jitsi_meet_version }}" + resources: + limits: + memory: "5Gi" + volumeMounts: + - name: config + subPath: jicofo + mountPath: /config env: - name: XMPP_SERVER - value: localhost + value: 127.0.0.1 - name: XMPP_DOMAIN value: meet.jitsi - name: XMPP_AUTH_DOMAIN value: auth.meet.jitsi - name: XMPP_INTERNAL_MUC_DOMAIN value: internal-muc.meet.jitsi + - name: JICOFO_COMPONENT_SECRET {# TODO: hardcoded value #} value: "jicofo_component_secret" @@ -23,12 +42,25 @@ spec: - name: JICOFO_AUTH_PASSWORD {# TODO: hardcoded value #} value: "jicofo_auth_password" - - name: TZ - value: {{ jitsi_meet_timezone }} + - name: JVB_BREWERY_MUC value: jvbbrewery + + - name: TZ + value: {{ jitsi_meet_timezone }} + - name: prosody image: "jitsi/prosody:{{ jitsi_meet_version }}" + resources: + limits: + memory: "512Mi" + volumeMounts: + - name: scripts + subPath: prosody/cont-init.sh + mountPath: /etc/cont-init.d/99-k8s + - name: config + subPath: prosody + mountPath: /config env: - name: XMPP_DOMAIN value: meet.jitsi @@ -38,33 +70,47 @@ spec: value: muc.meet.jitsi - name: XMPP_INTERNAL_MUC_DOMAIN value: internal-muc.meet.jitsi + - name: JICOFO_COMPONENT_SECRET {# TODO: hardcoded value #} value: "jicofo_component_secret" + - name: JICOFO_AUTH_USER + value: focus + - name: JICOFO_AUTH_PASSWORD +{# TODO: hardcoded value #} + value: "jicofo_auth_password" + - name: JVB_AUTH_USER value: jvb - name: JVB_AUTH_PASSWORD {# TODO: hardcoded value #} value: "jvb_auth_password" - - name: JICOFO_AUTH_USER - value: focus -{# TODO: hardcoded value #} - value: "jicofo_auth_password" - - name: TZ - value: {{ jitsi_meet_timezone }} - name: JVB_TCP_HARVESTER_DISABLED value: "true" + + - name: TZ + value: {{ jitsi_meet_timezone }} + - name: web image: "jitsi/web:{{ jitsi_meet_version }}" + resources: + limits: + memory: "1Gi" + ports: + - containerPort: 80 + hostPort: {{ jitsi_meet_http_port }} + volumeMounts: + - name: config + subPath: web + mountPath: /config env: - name: DISABLE_HTTPS value: "1" - name: ENABLE_HTTP_REDIRECT value: "0" + - name: XMPP_SERVER - value: localhost - - name: JICOFO_AUTH_USER - value: focus + value: 127.0.0.1 - name: XMPP_DOMAIN value: meet.jitsi - name: XMPP_AUTH_DOMAIN @@ -75,13 +121,64 @@ spec: value: http://127.0.0.1:5280 - name: XMPP_MUC_DOMAIN value: muc.meet.jitsi - - name: TZ - value: {{ jitsi_meet_timezone }} + + - name: JICOFO_AUTH_USER + value: focus + - name: JVB_TCP_HARVESTER_DISABLED value: "true" + + - name: TZ + value: {{ jitsi_meet_timezone }} + + - name: jvb + image: "jitsi/jvb:{{ jitsi_meet_version }}" resources: limits: - memory: "1Gi" - ports: - - containerPort: 80 - hostPort: {{ jitsi_meet_http_port }} + memory: "5Gi" + volumeMounts: + - name: config + subPath: jvb + mountPath: /config + env: + - name: XMPP_SERVER + value: 127.0.0.1 + - name: XMPP_DOMAIN + value: meet.jitsi + - name: XMPP_AUTH_DOMAIN + value: auth.meet.jitsi + - name: XMPP_INTERNAL_MUC_DOMAIN + value: internal-muc.meet.jitsi + + - name: JICOFO_AUTH_USER + value: focus + - name: JICOFO_AUTH_PASSWORD +{# TODO: hardcoded value #} + value: "jicofo_auth_password" + + - name: JVB_AUTH_USER + value: jvb + - name: JVB_AUTH_PASSWORD +{# TODO: hardcoded value #} + value: "jvb_auth_password" + - name: JVB_BREWERY_MUC + value: jvbbrewery + - name: JVB_PORT + value: "10000" + - name: JVB_TCP_HARVESTER_DISABLED + value: "true" + - name: JVB_STUN_SERVERS + value: stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302 + - name: DOCKER_HOST_ADDRESS + value: "{{ ansible_default_ipv4.address }}" + + - name: TZ + value: {{ jitsi_meet_timezone }} + + volumes: + - name: scripts + hostPath: + path: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts" + - name: config + emptyDir: + medium: Memory |