From 15a5901ead63eb53c8611c524658efb5d2b21a1f Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Fri, 27 Mar 2020 19:26:50 +0100 Subject: jitsi/meet: 3 out of 4 containers done --- roles/apps/jitsi/meet/defaults/main.yml | 11 +++ roles/apps/jitsi/meet/tasks/main.yml | 17 +++++ roles/apps/jitsi/meet/templates/pod.yml.j2 | 87 ++++++++++++++++++++++ .../standalone/templates/kubelet-config.yml.j2 | 4 +- 4 files changed, 117 insertions(+), 2 deletions(-) create mode 100644 roles/apps/jitsi/meet/defaults/main.yml create mode 100644 roles/apps/jitsi/meet/tasks/main.yml create mode 100644 roles/apps/jitsi/meet/templates/pod.yml.j2 (limited to 'roles') diff --git a/roles/apps/jitsi/meet/defaults/main.yml b/roles/apps/jitsi/meet/defaults/main.yml new file mode 100644 index 00000000..c1700046 --- /dev/null +++ b/roles/apps/jitsi/meet/defaults/main.yml @@ -0,0 +1,11 @@ +--- +jitsi_meet_base_path: /srv/jitsi/meet + +jitsi_meet_version: 4101-2 +jitsi_meet_inst_name: "{{ jitsi_meet_hostnames[0] }}" +jitsi_meet_hostnames: + - meet.example.com + +jitsi_meet_http_port: 8400 + +jitsi_meet_timezone: Europe/Vienna diff --git a/roles/apps/jitsi/meet/tasks/main.yml b/roles/apps/jitsi/meet/tasks/main.yml new file mode 100644 index 00000000..387df3b8 --- /dev/null +++ b/roles/apps/jitsi/meet/tasks/main.yml @@ -0,0 +1,17 @@ +--- +- name: configure nginx vhost + vars: + nginx_vhost: + name: "jitsi-meet-{{ jitsi_meet_inst_name }}" + template: generic-proxy-no-buffering-with-acme + acme: true + hostnames: "{{ jitsi_meet_hostnames }}" + proxy_pass: "http://127.0.0.1:{{ jitsi_meet_http_port }}" + include_role: + name: nginx/vhost + +- name: generate pod manifests + template: + src: "pod.yml.j2" + dest: "/etc/kubernetes/manifests/jitsi-meet-{{ jitsi_meet_inst_name }}.yml" + mode: 0600 diff --git a/roles/apps/jitsi/meet/templates/pod.yml.j2 b/roles/apps/jitsi/meet/templates/pod.yml.j2 new file mode 100644 index 00000000..685a31f2 --- /dev/null +++ b/roles/apps/jitsi/meet/templates/pod.yml.j2 @@ -0,0 +1,87 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "jitsi-meet-{{ jitsi_meet_inst_name }}" +spec: + containers: + - name: jicofo + image: "jitsi/jicofo:{{ jitsi_meet_version }}" + env: + - name: XMPP_SERVER + value: localhost + - name: XMPP_DOMAIN + value: meet.jitsi + - name: XMPP_AUTH_DOMAIN + value: auth.meet.jitsi + - name: XMPP_INTERNAL_MUC_DOMAIN + value: internal-muc.meet.jitsi + - name: JICOFO_COMPONENT_SECRET +{# TODO: hardcoded value #} + value: "jicofo_component_secret" + - name: JICOFO_AUTH_USER + value: focus + - name: JICOFO_AUTH_PASSWORD +{# TODO: hardcoded value #} + value: "jicofo_auth_password" + - name: TZ + value: {{ jitsi_meet_timezone }} + - name: JVB_BREWERY_MUC + value: jvbbrewery + - name: prosody + image: "jitsi/prosody:{{ jitsi_meet_version }}" + env: + - name: XMPP_DOMAIN + value: meet.jitsi + - name: XMPP_AUTH_DOMAIN + value: auth.meet.jitsi + - name: XMPP_MUC_DOMAIN + value: muc.meet.jitsi + - name: XMPP_INTERNAL_MUC_DOMAIN + value: internal-muc.meet.jitsi + - name: JICOFO_COMPONENT_SECRET +{# TODO: hardcoded value #} + value: "jicofo_component_secret" + - name: JVB_AUTH_USER + value: jvb + - name: JVB_AUTH_PASSWORD +{# TODO: hardcoded value #} + value: "jvb_auth_password" + - name: JICOFO_AUTH_USER + value: focus +{# TODO: hardcoded value #} + value: "jicofo_auth_password" + - name: TZ + value: {{ jitsi_meet_timezone }} + - name: JVB_TCP_HARVESTER_DISABLED + value: "true" + - name: web + image: "jitsi/web:{{ jitsi_meet_version }}" + env: + - name: DISABLE_HTTPS + value: "1" + - name: ENABLE_HTTP_REDIRECT + value: "0" + - name: XMPP_SERVER + value: localhost + - name: JICOFO_AUTH_USER + value: focus + - name: XMPP_DOMAIN + value: meet.jitsi + - name: XMPP_AUTH_DOMAIN + value: auth.meet.jitsi + - name: XMPP_INTERNAL_MUC_DOMAIN + value: internal-muc.meet.jitsi + - name: XMPP_BOSH_URL_BASE + value: http://127.0.0.1:5280 + - name: XMPP_MUC_DOMAIN + value: muc.meet.jitsi + - name: TZ + value: {{ jitsi_meet_timezone }} + - name: JVB_TCP_HARVESTER_DISABLED + value: "true" + resources: + limits: + memory: "1Gi" + ports: + - containerPort: 80 + hostPort: {{ jitsi_meet_http_port }} diff --git a/roles/kubernetes/standalone/templates/kubelet-config.yml.j2 b/roles/kubernetes/standalone/templates/kubelet-config.yml.j2 index 78aec0c4..4e6716eb 100644 --- a/roles/kubernetes/standalone/templates/kubelet-config.yml.j2 +++ b/roles/kubernetes/standalone/templates/kubelet-config.yml.j2 @@ -6,7 +6,7 @@ staticPodPath: /etc/kubernetes/manifests address: {{ kubernetes_standalone_address }} port: {{ kubernetes_standalone_port }} readOnlyPort: {{ kubernetes_standalone_readonly_port }} -healthzBindAdress: {{ kubernetes_standalone_healthz_address }} +healthzBindAddress: {{ kubernetes_standalone_healthz_address }} healthzPort: {{ kubernetes_standalone_healthz_port }} authentication: anonymous: @@ -15,7 +15,7 @@ authentication: enabled: false authorization: mode: AlwaysAllow -Maxpods: {{ kubernetes_standalone_max_pods }} +maxPods: {{ kubernetes_standalone_max_pods }} makeIPTablesUtilChains: false hairpinMode: none resolvConf: {{ kubernetes_standalone_resolv_conf }} -- cgit v1.2.3