summaryrefslogtreecommitdiff
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/apps/jitsi/meet/tasks/main.yml17
-rw-r--r--roles/apps/jitsi/meet/templates/pod-spec.yml.j2185
-rw-r--r--roles/apps/jitsi/meet/templates/pod.yml.j2190
3 files changed, 197 insertions, 195 deletions
diff --git a/roles/apps/jitsi/meet/tasks/main.yml b/roles/apps/jitsi/meet/tasks/main.yml
index 66644f8f..f5bcbd21 100644
--- a/roles/apps/jitsi/meet/tasks/main.yml
+++ b/roles/apps/jitsi/meet/tasks/main.yml
@@ -17,11 +17,18 @@
dest: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts/prosody/cont-init.sh"
mode: 0755
-- name: generate pod manifests
- template:
- src: "pod.yml.j2"
- dest: "/etc/kubernetes/manifests/jitsi-meet-{{ jitsi_meet_inst_name }}.yml"
- mode: 0600
+- name: install pod manifest
+ vars:
+ kubernetes_standalone_pod:
+ name: "jitsi-meet-{{ jitsi_meet_inst_name }}"
+ spec: "{{ lookup('template', 'pod-spec.yml.j2') }}"
+ mode: 0600
+ config_hash_items:
+ - path: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts/prosody/cont-init.sh"
+ properties:
+ - checksum
+ include_role:
+ name: kubernetes/standalone/pod
## TODO: https://github.com/jitsi/jitsi-meet/blob/master/doc/turn.md
diff --git a/roles/apps/jitsi/meet/templates/pod-spec.yml.j2 b/roles/apps/jitsi/meet/templates/pod-spec.yml.j2
new file mode 100644
index 00000000..7461658f
--- /dev/null
+++ b/roles/apps/jitsi/meet/templates/pod-spec.yml.j2
@@ -0,0 +1,185 @@
+initContainers:
+- name: prepare-config
+ image: busybox
+ workingDir: /config
+ command:
+ - sh
+ - -c
+ - mkdir -p jicofo prosody web jvb
+ volumeMounts:
+ - name: config
+ mountPath: /config
+containers:
+- name: jicofo
+ image: "jitsi/jicofo:{{ jitsi_meet_version }}"
+ resources:
+ requests:
+ memory: "1Gi"
+ limits:
+ memory: "4Gi"
+ volumeMounts:
+ - name: config
+ subPath: jicofo
+ mountPath: /config
+ env:
+ - name: XMPP_SERVER
+ value: 127.0.0.1
+ - name: XMPP_DOMAIN
+ value: meet.jitsi
+ - name: XMPP_AUTH_DOMAIN
+ value: auth.meet.jitsi
+ - name: XMPP_INTERNAL_MUC_DOMAIN
+ value: internal-muc.meet.jitsi
+
+ - name: JICOFO_COMPONENT_SECRET
+ value: "{{ jitsi_meet_secrets.jicofo_component_secret }}"
+ - name: JICOFO_AUTH_USER
+ value: focus
+ - name: JICOFO_AUTH_PASSWORD
+ value: "{{ jitsi_meet_secrets.jicofo_auth_password }}"
+
+ - name: JVB_BREWERY_MUC
+ value: jvbbrewery
+
+ - name: TZ
+ value: {{ jitsi_meet_timezone }}
+
+- name: prosody
+ image: "jitsi/prosody:{{ jitsi_meet_version }}"
+ resources:
+ requests:
+ memory: "128Mi"
+ limits:
+ memory: "512Mi"
+ volumeMounts:
+ - name: scripts
+ subPath: prosody/cont-init.sh
+ mountPath: /etc/cont-init.d/99-k8s
+ - name: config
+ subPath: prosody
+ mountPath: /config
+ env:
+ - name: XMPP_DOMAIN
+ value: meet.jitsi
+ - name: XMPP_AUTH_DOMAIN
+ value: auth.meet.jitsi
+ - name: XMPP_MUC_DOMAIN
+ value: muc.meet.jitsi
+ - name: XMPP_INTERNAL_MUC_DOMAIN
+ value: internal-muc.meet.jitsi
+
+ - name: JICOFO_COMPONENT_SECRET
+ value: "{{ jitsi_meet_secrets.jicofo_component_secret }}"
+ - name: JICOFO_AUTH_USER
+ value: focus
+ - name: JICOFO_AUTH_PASSWORD
+ value: "{{ jitsi_meet_secrets.jicofo_auth_password }}"
+
+ - name: JVB_AUTH_USER
+ value: jvb
+ - name: JVB_AUTH_PASSWORD
+ value: "{{ jitsi_meet_secrets.jvb_auth_password }}"
+ - name: JVB_TCP_HARVESTER_DISABLED
+ value: "true"
+
+ - name: TZ
+ value: {{ jitsi_meet_timezone }}
+
+- name: web
+ image: "jitsi/web:{{ jitsi_meet_version }}"
+ resources:
+ requests:
+ memory: "256Mi"
+ limits:
+ memory: "1Gi"
+ ports:
+ - protocol: TCP
+ containerPort: 80
+ hostPort: {{ jitsi_meet_http_port }}
+ hostIP: 127.0.0.1
+ volumeMounts:
+ - name: config
+ subPath: web
+ mountPath: /config
+ env:
+ - name: DISABLE_HTTPS
+ value: "1"
+ - name: ENABLE_HTTP_REDIRECT
+ value: "0"
+
+ - name: XMPP_SERVER
+ value: 127.0.0.1
+ - name: XMPP_DOMAIN
+ value: meet.jitsi
+ - name: XMPP_AUTH_DOMAIN
+ value: auth.meet.jitsi
+ - name: XMPP_INTERNAL_MUC_DOMAIN
+ value: internal-muc.meet.jitsi
+ - name: XMPP_BOSH_URL_BASE
+ value: http://127.0.0.1:5280
+ - name: XMPP_MUC_DOMAIN
+ value: muc.meet.jitsi
+
+ - name: JICOFO_AUTH_USER
+ value: focus
+
+ - name: JVB_TCP_HARVESTER_DISABLED
+ value: "true"
+
+ - name: TZ
+ value: {{ jitsi_meet_timezone }}
+
+- name: jvb
+ image: "jitsi/jvb:{{ jitsi_meet_version }}"
+ resources:
+ requests:
+ memory: "1Gi"
+ limits:
+ memory: "4Gi"
+ ports:
+ - protocol: UDP
+ containerPort: {{ jitsi_meet_jvb_port }}
+ hostPort: {{ jitsi_meet_jvb_port }}
+ hostIP: "{{ external_ip | default(ansible_default_ipv4.address) }}"
+ volumeMounts:
+ - name: config
+ subPath: jvb
+ mountPath: /config
+ env:
+ - name: XMPP_SERVER
+ value: 127.0.0.1
+ - name: XMPP_DOMAIN
+ value: meet.jitsi
+ - name: XMPP_AUTH_DOMAIN
+ value: auth.meet.jitsi
+ - name: XMPP_INTERNAL_MUC_DOMAIN
+ value: internal-muc.meet.jitsi
+
+ - name: JICOFO_AUTH_USER
+ value: focus
+ - name: JICOFO_AUTH_PASSWORD
+ value: "{{ jitsi_meet_secrets.jicofo_auth_password }}"
+
+ - name: JVB_AUTH_USER
+ value: jvb
+ - name: JVB_AUTH_PASSWORD
+ value: "{{ jitsi_meet_secrets.jvb_auth_password }}"
+ - name: JVB_BREWERY_MUC
+ value: jvbbrewery
+ - name: JVB_PORT
+ value: "{{ jitsi_meet_jvb_port }}"
+ - name: JVB_TCP_HARVESTER_DISABLED
+ value: "true"
+ - name: DOCKER_HOST_ADDRESS
+ value: "{{ external_ip | default(ansible_default_ipv4.address) }}"
+
+ - name: TZ
+ value: {{ jitsi_meet_timezone }}
+
+volumes:
+- name: scripts
+ hostPath:
+ path: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts"
+- name: config
+ emptyDir:
+ medium: Memory
diff --git a/roles/apps/jitsi/meet/templates/pod.yml.j2 b/roles/apps/jitsi/meet/templates/pod.yml.j2
deleted file mode 100644
index 1504211a..00000000
--- a/roles/apps/jitsi/meet/templates/pod.yml.j2
+++ /dev/null
@@ -1,190 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
- name: "jitsi-meet-{{ jitsi_meet_inst_name }}"
-spec:
- initContainers:
- - name: prepare-config
- image: busybox
- workingDir: /config
- command:
- - sh
- - -c
- - mkdir -p jicofo prosody web jvb
- volumeMounts:
- - name: config
- mountPath: /config
- containers:
- - name: jicofo
- image: "jitsi/jicofo:{{ jitsi_meet_version }}"
- resources:
- requests:
- memory: "1Gi"
- limits:
- memory: "4Gi"
- volumeMounts:
- - name: config
- subPath: jicofo
- mountPath: /config
- env:
- - name: XMPP_SERVER
- value: 127.0.0.1
- - name: XMPP_DOMAIN
- value: meet.jitsi
- - name: XMPP_AUTH_DOMAIN
- value: auth.meet.jitsi
- - name: XMPP_INTERNAL_MUC_DOMAIN
- value: internal-muc.meet.jitsi
-
- - name: JICOFO_COMPONENT_SECRET
- value: "{{ jitsi_meet_secrets.jicofo_component_secret }}"
- - name: JICOFO_AUTH_USER
- value: focus
- - name: JICOFO_AUTH_PASSWORD
- value: "{{ jitsi_meet_secrets.jicofo_auth_password }}"
-
- - name: JVB_BREWERY_MUC
- value: jvbbrewery
-
- - name: TZ
- value: {{ jitsi_meet_timezone }}
-
- - name: prosody
- image: "jitsi/prosody:{{ jitsi_meet_version }}"
- resources:
- requests:
- memory: "128Mi"
- limits:
- memory: "512Mi"
- volumeMounts:
- - name: scripts
- subPath: prosody/cont-init.sh
- mountPath: /etc/cont-init.d/99-k8s
- - name: config
- subPath: prosody
- mountPath: /config
- env:
- - name: XMPP_DOMAIN
- value: meet.jitsi
- - name: XMPP_AUTH_DOMAIN
- value: auth.meet.jitsi
- - name: XMPP_MUC_DOMAIN
- value: muc.meet.jitsi
- - name: XMPP_INTERNAL_MUC_DOMAIN
- value: internal-muc.meet.jitsi
-
- - name: JICOFO_COMPONENT_SECRET
- value: "{{ jitsi_meet_secrets.jicofo_component_secret }}"
- - name: JICOFO_AUTH_USER
- value: focus
- - name: JICOFO_AUTH_PASSWORD
- value: "{{ jitsi_meet_secrets.jicofo_auth_password }}"
-
- - name: JVB_AUTH_USER
- value: jvb
- - name: JVB_AUTH_PASSWORD
- value: "{{ jitsi_meet_secrets.jvb_auth_password }}"
- - name: JVB_TCP_HARVESTER_DISABLED
- value: "true"
-
- - name: TZ
- value: {{ jitsi_meet_timezone }}
-
- - name: web
- image: "jitsi/web:{{ jitsi_meet_version }}"
- resources:
- requests:
- memory: "256Mi"
- limits:
- memory: "1Gi"
- ports:
- - protocol: TCP
- containerPort: 80
- hostPort: {{ jitsi_meet_http_port }}
- hostIP: 127.0.0.1
- volumeMounts:
- - name: config
- subPath: web
- mountPath: /config
- env:
- - name: DISABLE_HTTPS
- value: "1"
- - name: ENABLE_HTTP_REDIRECT
- value: "0"
-
- - name: XMPP_SERVER
- value: 127.0.0.1
- - name: XMPP_DOMAIN
- value: meet.jitsi
- - name: XMPP_AUTH_DOMAIN
- value: auth.meet.jitsi
- - name: XMPP_INTERNAL_MUC_DOMAIN
- value: internal-muc.meet.jitsi
- - name: XMPP_BOSH_URL_BASE
- value: http://127.0.0.1:5280
- - name: XMPP_MUC_DOMAIN
- value: muc.meet.jitsi
-
- - name: JICOFO_AUTH_USER
- value: focus
-
- - name: JVB_TCP_HARVESTER_DISABLED
- value: "true"
-
- - name: TZ
- value: {{ jitsi_meet_timezone }}
-
- - name: jvb
- image: "jitsi/jvb:{{ jitsi_meet_version }}"
- resources:
- requests:
- memory: "1Gi"
- limits:
- memory: "4Gi"
- ports:
- - protocol: UDP
- containerPort: {{ jitsi_meet_jvb_port }}
- hostPort: {{ jitsi_meet_jvb_port }}
- hostIP: "{{ external_ip | default(ansible_default_ipv4.address) }}"
- volumeMounts:
- - name: config
- subPath: jvb
- mountPath: /config
- env:
- - name: XMPP_SERVER
- value: 127.0.0.1
- - name: XMPP_DOMAIN
- value: meet.jitsi
- - name: XMPP_AUTH_DOMAIN
- value: auth.meet.jitsi
- - name: XMPP_INTERNAL_MUC_DOMAIN
- value: internal-muc.meet.jitsi
-
- - name: JICOFO_AUTH_USER
- value: focus
- - name: JICOFO_AUTH_PASSWORD
- value: "{{ jitsi_meet_secrets.jicofo_auth_password }}"
-
- - name: JVB_AUTH_USER
- value: jvb
- - name: JVB_AUTH_PASSWORD
- value: "{{ jitsi_meet_secrets.jvb_auth_password }}"
- - name: JVB_BREWERY_MUC
- value: jvbbrewery
- - name: JVB_PORT
- value: "{{ jitsi_meet_jvb_port }}"
- - name: JVB_TCP_HARVESTER_DISABLED
- value: "true"
- - name: DOCKER_HOST_ADDRESS
- value: "{{ external_ip | default(ansible_default_ipv4.address) }}"
-
- - name: TZ
- value: {{ jitsi_meet_timezone }}
-
- volumes:
- - name: scripts
- hostPath:
- path: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts"
- - name: config
- emptyDir:
- medium: Memory