From d9c31201d63ae188e42290940c2b9ba84a50fe6e Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sun, 17 May 2020 05:41:50 +0200 Subject: jitsi-meet: actually use real secrets --- roles/apps/jitsi/meet/defaults/main.yml | 5 +++++ roles/apps/jitsi/meet/templates/pod.yml.j2 | 21 +++++++-------------- 2 files changed, 12 insertions(+), 14 deletions(-) (limited to 'roles') diff --git a/roles/apps/jitsi/meet/defaults/main.yml b/roles/apps/jitsi/meet/defaults/main.yml index 6b7b545e..f86582a5 100644 --- a/roles/apps/jitsi/meet/defaults/main.yml +++ b/roles/apps/jitsi/meet/defaults/main.yml @@ -10,3 +10,8 @@ jitsi_meet_http_port: 8400 jitsi_meet_jvb_port: 10000 jitsi_meet_timezone: Europe/Vienna + +# jitsi_meet_secrets: +# jicofo_component_secret: "" +# jicofo_auth_password: "" +# jvb_auth_password: "" diff --git a/roles/apps/jitsi/meet/templates/pod.yml.j2 b/roles/apps/jitsi/meet/templates/pod.yml.j2 index 3efd007b..93a4a33f 100644 --- a/roles/apps/jitsi/meet/templates/pod.yml.j2 +++ b/roles/apps/jitsi/meet/templates/pod.yml.j2 @@ -35,13 +35,11 @@ spec: value: internal-muc.meet.jitsi - name: JICOFO_COMPONENT_SECRET -{# TODO: hardcoded value #} - value: "jicofo_component_secret" + value: "{{ jitsi_meet_secrets.jicofo_component_secret }}" - name: JICOFO_AUTH_USER value: focus - name: JICOFO_AUTH_PASSWORD -{# TODO: hardcoded value #} - value: "jicofo_auth_password" + value: "{{ jitsi_meet_secrets.jicofo_auth_password }}" - name: JVB_BREWERY_MUC value: jvbbrewery @@ -72,19 +70,16 @@ spec: value: internal-muc.meet.jitsi - name: JICOFO_COMPONENT_SECRET -{# TODO: hardcoded value #} - value: "jicofo_component_secret" + value: "{{ jitsi_meet_secrets.jicofo_component_secret }}" - name: JICOFO_AUTH_USER value: focus - name: JICOFO_AUTH_PASSWORD -{# TODO: hardcoded value #} - value: "jicofo_auth_password" + value: "{{ jitsi_meet_secrets.jicofo_auth_password }}" - name: JVB_AUTH_USER value: jvb - name: JVB_AUTH_PASSWORD -{# TODO: hardcoded value #} - value: "jvb_auth_password" + value: "{{ jitsi_meet_secrets.jvb_auth_password }}" - name: JVB_TCP_HARVESTER_DISABLED value: "true" @@ -153,14 +148,12 @@ spec: - name: JICOFO_AUTH_USER value: focus - name: JICOFO_AUTH_PASSWORD -{# TODO: hardcoded value #} - value: "jicofo_auth_password" + value: "{{ jitsi_meet_secrets.jicofo_auth_password }}" - name: JVB_AUTH_USER value: jvb - name: JVB_AUTH_PASSWORD -{# TODO: hardcoded value #} - value: "jvb_auth_password" + value: "{{ jitsi_meet_secrets.jvb_auth_password }}" - name: JVB_BREWERY_MUC value: jvbbrewery - name: JVB_PORT -- cgit v1.2.3