diff options
| -rw-r--r-- | dan/host_vars/ele-jitsi.yml | 43 | ||||
| -rw-r--r-- | inventory/host_vars/ch-equinox-t450s.yml | 1 | ||||
| -rw-r--r-- | inventory/host_vars/ch-equinox-ws.yml | 1 | ||||
| -rw-r--r-- | inventory/host_vars/ele-jitsi.yml | 3 | ||||
| -rw-r--r-- | roles/apps/jitsi/meet/defaults/main.yml | 3 | ||||
| -rw-r--r-- | roles/apps/jitsi/meet/tasks/main.yml | 29 | ||||
| -rw-r--r-- | roles/apps/jitsi/meet/templates/pod-spec.yml.j2 | 13 |
7 files changed, 68 insertions, 25 deletions
diff --git a/dan/host_vars/ele-jitsi.yml b/dan/host_vars/ele-jitsi.yml index a97ec42a..035bfdde 100644 --- a/dan/host_vars/ele-jitsi.yml +++ b/dan/host_vars/ele-jitsi.yml @@ -1,22 +1,23 @@ $ANSIBLE_VAULT;1.2;AES256;dan -65396235316532653335326234663533333566343234613963356665343735353438326336306661 -3232376265623734393135363137343565646366383766650a373063663439313266633066656361 -32646335633534643536316631353764393061366363353162613533643338393461633166346133 -3962313836326438340a343531356237396536346437383934393838353232303632303735353230 -33363361323833626366613666636262336363306664363861613434626163303862366234373739 -30333065316264396532306666353863653533313139663766393934346337656133393362343565 -33616637633832653639346431373634373830623266326339326364313136316639363335626361 -39633131653762316266326538616239663833303664333131363665366638313736343165616439 -64383336353032366331333233623939626463656261393834653563373464366165323664396463 -66376431633965643261656231346666613163306639636431616139616466643137313931613833 -66323862646362616433393862633634656330313766396564396461646530363062616333616231 -38643036663961316139376635613039306362303635306265376435633662353066393633643435 -37386136666130363363396438386166363161393832646439323137616236303861643231353433 -39386134626533383964623731383938636632616435663335346561303061633535313266313336 -62303637616631653663386236396664363164303032333133313330303164346464666135623065 -61313131616335663531343364306462633732633766333838666333646133653965393033636663 -39613462653262343461616233323939623432386136643633623162633462376630656265373032 -65626266356562393237303338646461393030386464393835613566356334393663323462303237 -61666331653838363233626165636230646361393662666337323932643032343434386139363664 -63356235646230343265613163353534316264303237373830393832333937616535313233666639 -34353034636562633532616231633463633132376463646631363939323830616133 +30326363623630653461323465633363363163333639653937393936643464656431343536633361 +3765306565306632346132333736623932356637313864650a393538643166336266363934333762 +31353131393939623339626333376266356436313433643639366539666133316261623466316233 +6236653561313432370a396331306536363466383763343564623832343531653761643236386236 +30613336326262356337376266323562383634356436303030326438653266653931356436386264 +63383430393535393265666638643831323764303134643965633966633064326436623965613064 +36373135626531316136333963396139656366303133353835353266343837653732666437343535 +31333934613436383863633265363632623962336238336331653037303038663663323564356662 +61623865393538373862353930353766363937396538636362663030366435323735376332393030 +65396534633364633664383963313539623466336236336261326237306664313232366264383731 +36376364313865336137303063383630653962633835363933316232373235613666363930356232 +66313363373135386562303665323863646635623765303361366233666565363863326264393733 +39363038356639346639653832366636656136326666336333393161346231303733336136333831 +63376266316634363330343631623062626336366662643562316661663032613361376134393731 +39353333643938643265383238323864393532396532656433343964643632626662383865383139 +33303238613036353365623739323435666531306466636238626336396566663132356131343530 +61663561313539363237663662386638666438383962303030373039626335616332646662656463 +62663763353035306335333931666631303237316666343339623066373230323165613930626561 +62346630396332333737623239353964313963613166336435313236333638303363356536346638 +62316261333565383531303730346465663065356333383935333332343633636266336439653538 +33366263316231303139643430636433666135313432393939646439373463613165653130643965 +6235393431663932613665343765383037333931323461636664 diff --git a/inventory/host_vars/ch-equinox-t450s.yml b/inventory/host_vars/ch-equinox-t450s.yml index df7759e3..d94aa203 100644 --- a/inventory/host_vars/ch-equinox-t450s.yml +++ b/inventory/host_vars/ch-equinox-t450s.yml @@ -266,6 +266,7 @@ ws_base_extra_packages: - python3-httplib2 - python3-jinja2 - python3-netaddr + - python3-passlib # resolvelib is not packaged for current ubuntu releases - also ansible needs special versions -> leave it to pip # - python3-resolvelib - python3-yaml diff --git a/inventory/host_vars/ch-equinox-ws.yml b/inventory/host_vars/ch-equinox-ws.yml index 8e97ab10..aee2482e 100644 --- a/inventory/host_vars/ch-equinox-ws.yml +++ b/inventory/host_vars/ch-equinox-ws.yml @@ -263,6 +263,7 @@ ws_base_extra_packages: - python3-httplib2 - python3-jinja2 - python3-netaddr + - python3-passlib # resolvelib is not packaged for current ubuntu releases - also ansible needs special versions -> leave it to pip # - python3-resolvelib - python3-yaml diff --git a/inventory/host_vars/ele-jitsi.yml b/inventory/host_vars/ele-jitsi.yml index 80032c54..0815fbd8 100644 --- a/inventory/host_vars/ele-jitsi.yml +++ b/inventory/host_vars/ele-jitsi.yml @@ -49,4 +49,7 @@ jitsi_meet_auth: jitsi_meet_streamui: http_port: "{{ jitsi_meet_http_port + 1 }}" +# http_auth: +# operator: "{{ vault_jitsi_meet_auth_user_passwords['operator'] }}" image_tag: latest + default_control_room: lashuu8O diff --git a/roles/apps/jitsi/meet/defaults/main.yml b/roles/apps/jitsi/meet/defaults/main.yml index 2580fe15..02f4a2b2 100644 --- a/roles/apps/jitsi/meet/defaults/main.yml +++ b/roles/apps/jitsi/meet/defaults/main.yml @@ -26,4 +26,7 @@ jitsi_meet_timezone: Europe/Vienna # jitsi_meet_streamui: # http_port: "{{ jitsi_meet_http_port + 1 }}" +# http_auth: +# user: password # image_tag: latest +# default_control_room: gieThoh3 diff --git a/roles/apps/jitsi/meet/tasks/main.yml b/roles/apps/jitsi/meet/tasks/main.yml index e83c789e..b9dcbeb0 100644 --- a/roles/apps/jitsi/meet/tasks/main.yml +++ b/roles/apps/jitsi/meet/tasks/main.yml @@ -97,10 +97,31 @@ - name: configure stream-ui http proxy locations when: jitsi_meet_streamui is defined - set_fact: - nginx_vhost_locations_streamui: - '/stream-ui/': - proxy_pass: "http://127.0.0.1:{{ jitsi_meet_streamui.http_port }}/" + block: + - name: generate basic auth password file for stream-ui + when: "'http_auth' in jitsi_meet_streamui" + vars: + nginx_auth_basic_filename: "jitsi-meet-{{ jitsi_meet_inst_name }}-streamui" + nginx_auth_basic_users: "{{ jitsi_meet_streamui.http_auth }}" + include_role: + name: nginx/auth/basic + + - name: set stream-ui vhost config with authentication + when: "'http_auth' in jitsi_meet_streamui" + set_fact: + nginx_vhost_locations_streamui: + '/stream-ui/': + proxy_pass: "http://127.0.0.1:{{ jitsi_meet_streamui.http_port }}/" + extra_directives: |- + auth_basic "Jitsi Stream-UI"; + auth_basic_user_file /etc/nginx/auth/jitsi-meet-{{ jitsi_meet_inst_name }}-streamui.htpasswd; + + - name: set stream-ui vhost config without authentication + when: "'http_auth' not in jitsi_meet_streamui" + set_fact: + nginx_vhost_locations_streamui: + '/stream-ui/': + proxy_pass: "http://127.0.0.1:{{ jitsi_meet_streamui.http_port }}/" - name: configure nginx vhost vars: diff --git a/roles/apps/jitsi/meet/templates/pod-spec.yml.j2 b/roles/apps/jitsi/meet/templates/pod-spec.yml.j2 index 95f49982..b822c708 100644 --- a/roles/apps/jitsi/meet/templates/pod-spec.yml.j2 +++ b/roles/apps/jitsi/meet/templates/pod-spec.yml.j2 @@ -212,6 +212,8 @@ containers: - name: JVB_BREWERY_MUC value: jvbbrewery + - name: PUBLIC_URL + value: "https://{{ jitsi_meet_hostname }}" - name: JVB_PORT value: "{{ jitsi_meet_jvb_port }}" - name: JVB_TCP_HARVESTER_DISABLED @@ -235,6 +237,17 @@ containers: containerPort: 3000 hostPort: {{ jitsi_meet_streamui.http_port }} hostIP: 127.0.0.1 + env: + - name: HTTP_PATH + value: "/stream-ui" + - name: JITSI_XMPP_ID + value: "display@stream-ui.meet.jitsi" + - name: JITSI_XMPP_PASSWORD + value: "{{ jitsi_meet_secrets.streamuidisplay_auth_password }}" +{% if 'default_control_room' in jitsi_meet_streamui %} + - name: DEFAULT_CONTROL_ROOM + value: "{{ jitsi_meet_streamui.default_control_room }}" +{% endif %} {% endif %} volumes: |