--- - name: prepare storage volume vars: storage_volume: "{{ jitsi_meet_storage }}" include_role: name: "storage/{{ jitsi_meet_storage.type }}/volume" - set_fact: jitsi_meet_basepath: "{{ storage_volume_mountpoint }}" - name: create jitsi-meet scripts subdirectories loop: - jicofo - prosody - web - jvb file: path: "{{ jitsi_meet_basepath }}/{{ jitsi_meet_inst_name }}/scripts/{{ item }}" state: directory - name: configure base pod config hash items set_fact: kubernetes_standalone_pod_config_hash_items_base: - path: "{{ jitsi_meet_basepath }}/{{ jitsi_meet_inst_name }}/scripts/prosody/cont-init.sh" properties: - checksum kubernetes_standalone_pod_config_hash_items_streamui: [] kubernetes_standalone_pod_config_hash_items_jvb_conf_extra: [] - name: generate generic prosody cont-init script copy: content: | #!/usr/bin/with-contenv bash sed -e 's#^\(component_interface\s*=\)#-- \1#g' -i /config/prosody.cfg.lua {% if jitsi_meet_auth is defined %} echo "authentication enabled:" {% for username, password in jitsi_meet_auth.users.items() %} echo " * registering user: {{ username }}" prosodyctl --config "/config/prosody.cfg.lua" register "{{ username }}" $XMPP_DOMAIN "{{ password }}" {% endfor %} {% endif %} dest: "{{ jitsi_meet_basepath }}/{{ jitsi_meet_inst_name }}/scripts/prosody/cont-init.sh" mode: 0750 - name: generate stream-ui specific cont-init scripts when: jitsi_meet_streamui is defined block: - name: generate stream-ui specific cont-init scripts for prosody copy: content: | #!/usr/bin/with-contenv bash cat << EOF > /config/conf.d/stream-ui.cfg.lua VirtualHost "stream-ui.meet.jitsi" modules_enabled = { "ping"; } authentication = "internal_hashed" EOF prosodyctl --config "/config/prosody.cfg.lua" register display stream-ui.meet.jitsi "{{ jitsi_meet_secrets.streamuidisplay_auth_password }}" dest: "{{ jitsi_meet_basepath }}/{{ jitsi_meet_inst_name }}/scripts/prosody/streamui.sh" mode: 0750 - name: generate stream-ui specific cont-init scripts for web copy: content: | #!/usr/bin/with-contenv bash cat << EOF >> /config/config.js // Hide Stream-UI Displays config.hiddenDomain = 'stream-ui.meet.jitsi'; EOF dest: "{{ jitsi_meet_basepath }}/{{ jitsi_meet_inst_name }}/scripts/web/streamui.sh" mode: 0755 - name: configure stream-ui pod config hash items set_fact: kubernetes_standalone_pod_config_hash_items_streamui: - path: "{{ jitsi_meet_basepath }}/{{ jitsi_meet_inst_name }}/scripts/prosody/streamui.sh" properties: - checksum - path: "{{ jitsi_meet_basepath }}/{{ jitsi_meet_inst_name }}/scripts/web/streamui.sh" properties: - checksum - name: generate jvb cont-init script for extra config snippet when: jitsi_meet_jvb_config_extra is defined block: - name: add jvb extra config snippet to cont-init script of jvb copy: content: | #!/usr/bin/with-contenv bash cat << EOF >> /config/jvb.conf {{ jitsi_meet_jvb_config_extra }} EOF dest: "{{ jitsi_meet_basepath }}/{{ jitsi_meet_inst_name }}/scripts/jvb/cont-init.sh" mode: 0750 - name: configure jvb extra config pod config hash items set_fact: kubernetes_standalone_pod_config_hash_items_jvb_conf_extra: - path: "{{ jitsi_meet_basepath }}/{{ jitsi_meet_inst_name }}/scripts/jvb/cont-init.sh" properties: - checksum - name: install pod manifest vars: kubernetes_standalone_pod: name: "jitsi-meet-{{ jitsi_meet_inst_name }}" spec: "{{ lookup('template', 'pod-spec.yml.j2') }}" mode: "0600" config_hash_items: "{{ kubernetes_standalone_pod_config_hash_items_base + kubernetes_standalone_pod_config_hash_items_streamui + kubernetes_standalone_pod_config_hash_items_jvb_conf_extra }}" include_role: name: kubernetes/standalone/pod - name: configure base http proxy locations set_fact: nginx_vhost_locations_base: '/': proxy_pass: "http://127.0.0.1:{{ jitsi_meet_http_port }}" extra_directives: |- client_max_body_size 0; nginx_vhost_locations_streamui: {} - name: configure stream-ui http proxy locations when: jitsi_meet_streamui is defined block: - name: generate basic auth password file for stream-ui when: "'http_auth' in jitsi_meet_streamui" vars: nginx_auth_basic_filename: "jitsi-meet-{{ jitsi_meet_inst_name }}-streamui" nginx_auth_basic_users: "{{ jitsi_meet_streamui.http_auth }}" include_role: name: nginx/auth/basic - name: set stream-ui vhost config with authentication when: "'http_auth' in jitsi_meet_streamui" set_fact: nginx_vhost_locations_streamui: '/stream-ui/': proxy_pass: "http://127.0.0.1:{{ jitsi_meet_streamui.http_port }}/" extra_directives: |- auth_basic "Jitsi Stream-UI"; auth_basic_user_file /etc/nginx/auth/jitsi-meet-{{ jitsi_meet_inst_name }}-streamui.htpasswd; - name: set stream-ui vhost config without authentication when: "'http_auth' not in jitsi_meet_streamui" set_fact: nginx_vhost_locations_streamui: '/stream-ui/': proxy_pass: "http://127.0.0.1:{{ jitsi_meet_streamui.http_port }}/" - name: configure nginx vhost vars: nginx_vhost: name: "jitsi-meet-{{ jitsi_meet_inst_name }}" template: generic tls: certificate_provider: "{{ acme_client }}" hostnames: - "{{ jitsi_meet_hostname }}" locations: "{{ nginx_vhost_locations_base | combine(nginx_vhost_locations_streamui) }}" include_role: name: nginx/vhost