diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2021-07-25 23:08:12 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2021-07-25 23:08:12 +0200 |
| commit | 1658e701dd8dfc27876e1a01007c47af05be4682 (patch) | |
| tree | 417593857d845d27a3aaa067539afdf92191e4b4 /roles | |
| parent | ele-media: upgrade nextcloud and run cron script every 10mins (diff) | |
jitis/meet-stream-ui: enable http auth and support new config
Diffstat (limited to 'roles')
| -rw-r--r-- | roles/apps/jitsi/meet/defaults/main.yml | 3 | ||||
| -rw-r--r-- | roles/apps/jitsi/meet/tasks/main.yml | 29 | ||||
| -rw-r--r-- | roles/apps/jitsi/meet/templates/pod-spec.yml.j2 | 13 |
3 files changed, 41 insertions, 4 deletions
diff --git a/roles/apps/jitsi/meet/defaults/main.yml b/roles/apps/jitsi/meet/defaults/main.yml index 2580fe15..02f4a2b2 100644 --- a/roles/apps/jitsi/meet/defaults/main.yml +++ b/roles/apps/jitsi/meet/defaults/main.yml @@ -26,4 +26,7 @@ jitsi_meet_timezone: Europe/Vienna # jitsi_meet_streamui: # http_port: "{{ jitsi_meet_http_port + 1 }}" +# http_auth: +# user: password # image_tag: latest +# default_control_room: gieThoh3 diff --git a/roles/apps/jitsi/meet/tasks/main.yml b/roles/apps/jitsi/meet/tasks/main.yml index e83c789e..b9dcbeb0 100644 --- a/roles/apps/jitsi/meet/tasks/main.yml +++ b/roles/apps/jitsi/meet/tasks/main.yml @@ -97,10 +97,31 @@ - name: configure stream-ui http proxy locations when: jitsi_meet_streamui is defined - set_fact: - nginx_vhost_locations_streamui: - '/stream-ui/': - proxy_pass: "http://127.0.0.1:{{ jitsi_meet_streamui.http_port }}/" + block: + - name: generate basic auth password file for stream-ui + when: "'http_auth' in jitsi_meet_streamui" + vars: + nginx_auth_basic_filename: "jitsi-meet-{{ jitsi_meet_inst_name }}-streamui" + nginx_auth_basic_users: "{{ jitsi_meet_streamui.http_auth }}" + include_role: + name: nginx/auth/basic + + - name: set stream-ui vhost config with authentication + when: "'http_auth' in jitsi_meet_streamui" + set_fact: + nginx_vhost_locations_streamui: + '/stream-ui/': + proxy_pass: "http://127.0.0.1:{{ jitsi_meet_streamui.http_port }}/" + extra_directives: |- + auth_basic "Jitsi Stream-UI"; + auth_basic_user_file /etc/nginx/auth/jitsi-meet-{{ jitsi_meet_inst_name }}-streamui.htpasswd; + + - name: set stream-ui vhost config without authentication + when: "'http_auth' not in jitsi_meet_streamui" + set_fact: + nginx_vhost_locations_streamui: + '/stream-ui/': + proxy_pass: "http://127.0.0.1:{{ jitsi_meet_streamui.http_port }}/" - name: configure nginx vhost vars: diff --git a/roles/apps/jitsi/meet/templates/pod-spec.yml.j2 b/roles/apps/jitsi/meet/templates/pod-spec.yml.j2 index 95f49982..b822c708 100644 --- a/roles/apps/jitsi/meet/templates/pod-spec.yml.j2 +++ b/roles/apps/jitsi/meet/templates/pod-spec.yml.j2 @@ -212,6 +212,8 @@ containers: - name: JVB_BREWERY_MUC value: jvbbrewery + - name: PUBLIC_URL + value: "https://{{ jitsi_meet_hostname }}" - name: JVB_PORT value: "{{ jitsi_meet_jvb_port }}" - name: JVB_TCP_HARVESTER_DISABLED @@ -235,6 +237,17 @@ containers: containerPort: 3000 hostPort: {{ jitsi_meet_streamui.http_port }} hostIP: 127.0.0.1 + env: + - name: HTTP_PATH + value: "/stream-ui" + - name: JITSI_XMPP_ID + value: "display@stream-ui.meet.jitsi" + - name: JITSI_XMPP_PASSWORD + value: "{{ jitsi_meet_secrets.streamuidisplay_auth_password }}" +{% if 'default_control_room' in jitsi_meet_streamui %} + - name: DEFAULT_CONTROL_ROOM + value: "{{ jitsi_meet_streamui.default_control_room }}" +{% endif %} {% endif %} volumes: |