Rework jitsi-xmpp to support cert gen
This commit is contained in:
parent
e24522d828
commit
cef60898b5
14 changed files with 122 additions and 41 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -1,3 +1,4 @@
|
|||
*.retry
|
||||
.git_old/
|
||||
debug/gladdrinfo
|
||||
*.swp
|
||||
|
|
8
docker/jitsi/01_gen_certs.yml
Normal file
8
docker/jitsi/01_gen_certs.yml
Normal file
|
@ -0,0 +1,8 @@
|
|||
version: '3'
|
||||
services:
|
||||
jitsi-xmpp:
|
||||
build: ./jitsi-xmpp
|
||||
command: ["/usr/local/bin/xmpp_gen"]
|
||||
volumes: [ './jitsi-certs/:/certs:rw' ]
|
||||
env_file: [ 'dev.env' ]
|
||||
|
17
docker/jitsi/02_run.yml
Normal file
17
docker/jitsi/02_run.yml
Normal file
|
@ -0,0 +1,17 @@
|
|||
version: '3'
|
||||
services:
|
||||
jitsi-xmpp:
|
||||
build: ./jitsi-xmpp
|
||||
ports:
|
||||
- "5222:5222"
|
||||
- "5347:5347"
|
||||
- "5280:5280"
|
||||
env_file: [ 'dev.env' ]
|
||||
jitsi-front:
|
||||
build: ./jitsi-front
|
||||
ports:
|
||||
- "80:80"
|
||||
env_file: [ 'dev.env' ]
|
||||
jitsi-conference-focus:
|
||||
build: ./jitsi-conference-focus
|
||||
env_file: [ 'dev.env' ]
|
|
@ -3,11 +3,18 @@ This installation is inspired by: https://github.com/jitsi/jitsi-meet/blob/maste
|
|||
To build images:
|
||||
|
||||
```
|
||||
docker-compose build
|
||||
docker-compose -f 02_run.yml build
|
||||
```
|
||||
|
||||
To run stack:
|
||||
To gen the certs:
|
||||
|
||||
```
|
||||
docker-compose up --force-recreate
|
||||
docker-compose -f 01_gen_certs.yml up --force-recreate
|
||||
```
|
||||
|
||||
To run the stack:
|
||||
|
||||
|
||||
```
|
||||
docker-compose -f 02_run.yml up --force-recreate
|
||||
```
|
||||
|
|
7
docker/jitsi/dev.env
Normal file
7
docker/jitsi/dev.env
Normal file
|
@ -0,0 +1,7 @@
|
|||
JITSI_SECRET_VIDEOBRIDGE=S3CR3T01
|
||||
JITSI_SECRET_JICOFO_COMPONENT=S3CR3T02
|
||||
JITSI_SECRET_JICOFO_USER=S3CR3T03
|
||||
JITSI_PROSODY_BOSH_PORT=5280
|
||||
JITSI_PROSODY_BOSH_HOST=172.17.0.1
|
||||
JITSI_PROSODY_HOST=172.17.0.1
|
||||
JITSI_CERTS_FOLDER=/certs/
|
|
@ -1,20 +0,0 @@
|
|||
version: '2.0'
|
||||
services:
|
||||
jitsi-xmpp:
|
||||
build: ./jitsi-xmpp
|
||||
ports:
|
||||
- "5222:5222"
|
||||
- "5347:5347"
|
||||
- "5280:5280"
|
||||
environment:
|
||||
- JITSI_SECRET_VIDEOBRIDGE=S3CR3T01
|
||||
- JITSI_SECRET_JICOFO_COMPONENT=S3CR3T02
|
||||
- JITSI_SECRET_JICOFO_USER=S3CR3T03
|
||||
jitsi-front:
|
||||
build: ./jitsi-front
|
||||
ports:
|
||||
- "80:80"
|
||||
environment:
|
||||
- JITSI_PROSODY_BOSH_PORT=5280
|
||||
- JITSI_PROSODY_BOSH_HOST=172.17.0.1
|
||||
|
2
docker/jitsi/jitsi-certs/.gitignore
vendored
Normal file
2
docker/jitsi/jitsi-certs/.gitignore
vendored
Normal file
|
@ -0,0 +1,2 @@
|
|||
*
|
||||
!.gitignore
|
|
@ -0,0 +1,22 @@
|
|||
FROM debian:buster AS builder
|
||||
|
||||
RUN apt-get update && \
|
||||
apt-get install -y openjdk-11-jdk maven git unzip && \
|
||||
git clone --depth=1 https://github.com/jitsi/jicofo.git && \
|
||||
cd jicofo && \
|
||||
mvn package -DskipTests -Dassembly.skipAssembly=false
|
||||
|
||||
RUN cd jicofo && \
|
||||
unzip target/jicofo-1.1-SNAPSHOT-archive.zip && \
|
||||
mv jicofo-1.1-SNAPSHOT /srv/jicofo
|
||||
|
||||
|
||||
FROM debian:buster
|
||||
|
||||
RUN apt-get update && \
|
||||
apt-get install -y openjdk-11-jdk
|
||||
|
||||
COPY --from=builder /srv/jicofo /srv/jicofo
|
||||
COPY jicofo /usr/local/bin/jicofo
|
||||
|
||||
CMD ["/usr/local/bin/jicofo"]
|
8
docker/jitsi/jitsi-conference-focus/jicofo
Executable file
8
docker/jitsi/jitsi-conference-focus/jicofo
Executable file
|
@ -0,0 +1,8 @@
|
|||
#!/bin/bash
|
||||
|
||||
/srv/jicofo/jicofo.sh \
|
||||
--host=${JITSI_PROSODY_HOST} \
|
||||
--domain=jitsi.deuxfleurs.fr \
|
||||
--secret=${JITSI_SECRET_JICOFO_COMPONENT} \
|
||||
--user_domain=auth.jitsi.deuxfleurs.fr \
|
||||
--user_password=${JITSI_SECRET_JICOFO_USER}
|
|
@ -0,0 +1,15 @@
|
|||
FROM debian:buster AS builder
|
||||
|
||||
RUN apt-get update && \
|
||||
apt-get install -y wget unzip
|
||||
|
||||
ENV VERSION=1132
|
||||
RUN wget https://download.jitsi.org/jitsi-videobridge/linux/jitsi-videobridge-linux-x64-${VERSION}.zip -O jvb.zip && \
|
||||
unzip jvb.zip && \
|
||||
mv jitsi-videobridge-linux-x64-${VERSION} jvb
|
||||
|
||||
FROM debian:buster
|
||||
|
||||
RUN apt-get update && \
|
||||
apt-get install -y
|
||||
|
|
@ -4,6 +4,8 @@ RUN apt-get update && \
|
|||
apt-get install -y prosody
|
||||
|
||||
COPY external_components.cfg.lua /etc/prosody/conf.d/external_components.cfg.lua
|
||||
COPY entrypoint.sh /usr/local/bin/entrypoint
|
||||
ENTRYPOINT ["/usr/local/bin/entrypoint"]
|
||||
CMD ["/usr/bin/prosody"]
|
||||
COPY xmpp_conf /usr/local/bin/xmpp_conf
|
||||
COPY xmpp_gen /usr/local/bin/xmpp_gen
|
||||
COPY xmpp_run /usr/local/bin/xmpp_run
|
||||
|
||||
CMD ["/usr/local/bin/xmpp_run"]
|
||||
|
|
|
@ -34,19 +34,4 @@ ln -sf \
|
|||
/etc/prosody/conf.avail/jitsi.deuxfleurs.fr.cfg.lua \
|
||||
/etc/prosody/conf.d/jitsi.deuxfleurs.fr.cfg.lua
|
||||
|
||||
prosodyctl cert generate jitsi.deuxfleurs.fr
|
||||
prosodyctl cert generate auth.jitsi.deuxfleurs.fr
|
||||
|
||||
mkdir -p /usr/local/share/ca-certificates/
|
||||
ln -sf \
|
||||
/var/lib/prosody/auth.jitsi.deuxfleurs.fr.crt \
|
||||
/usr/local/share/ca-certificates/auth.jitsi.deuxfleurs.fr.crt
|
||||
|
||||
prosodyctl register focus auth.jitsi.deuxfleurs.fr ${JITSI_SECRET_JICOFO_USER}
|
||||
|
||||
mkdir /run/prosody
|
||||
touch /run/prosody/prosody.pid
|
||||
chown -R prosody:prosody /run/prosody
|
||||
|
||||
cd /var/lib/prosody
|
||||
su - prosody -s /bin/bash -c "$@"
|
9
docker/jitsi/jitsi-xmpp/xmpp_gen
Executable file
9
docker/jitsi/jitsi-xmpp/xmpp_gen
Executable file
|
@ -0,0 +1,9 @@
|
|||
#!/bin/bash
|
||||
|
||||
/usr/local/bin/xmpp_conf
|
||||
|
||||
prosodyctl cert generate jitsi.deuxfleurs.fr
|
||||
prosodyctl cert generate auth.jitsi.deuxfleurs.fr
|
||||
|
||||
cp /var/lib/prosody/*.crt ${JITSI_CERTS_FOLDER}
|
||||
cp /var/lib/prosody/*.key ${JITSI_CERTS_FOLDER}
|
18
docker/jitsi/jitsi-xmpp/xmpp_run
Executable file
18
docker/jitsi/jitsi-xmpp/xmpp_run
Executable file
|
@ -0,0 +1,18 @@
|
|||
#!/bin/bash
|
||||
|
||||
/usr/local/bin/xmpp_conf
|
||||
cp ${JITSI_CERTS_FOLDER}/* /var/lib/prosody/
|
||||
|
||||
mkdir -p /usr/local/share/ca-certificates/
|
||||
ln -sf \
|
||||
/var/lib/prosody/auth.jitsi.deuxfleurs.fr.crt \
|
||||
/usr/local/share/ca-certificates/auth.jitsi.deuxfleurs.fr.crt
|
||||
|
||||
prosodyctl register focus auth.jitsi.deuxfleurs.fr ${JITSI_SECRET_JICOFO_USER}
|
||||
|
||||
mkdir /run/prosody
|
||||
touch /run/prosody/prosody.pid
|
||||
chown -R prosody:prosody /run/prosody
|
||||
|
||||
cd /var/lib/prosody
|
||||
su - prosody -s /bin/bash -c prosody
|
Reference in a new issue