infrastructure/app/deployment/jitsi.hcl

job "jitsi" {
  datacenters = ["dc1"]
  type = "service"

  constraint {
    attribute = "${attr.cpu.arch}"
    value     = "amd64"
  }

  group "core" {

    network {
      port "bosh_port" { }
      port "ext_port" { static = 5347 }
      port "xmpp_port" { static = 5222 }
      port "https_port" { }
      port "video1_port" { static = 8080 }
      port "video2_port" { static = 10000 }
    }

    task "xmpp" {
      driver = "docker"
      config {
        image = "superboum/amd64_jitsi_xmpp:v8"
        ports = [ "bosh_port", "ext_port", "xmpp_port" ]
        network_mode = "host"
      }

      template {
        data = file("../config/configuration/jitsi/global_env.tpl")
        destination = "secrets/global_env"
        env = true
      }

      # --- secrets ---
      template {
        data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.crt\" }}"
        destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.crt"
      }

      template {
        data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.key\" }}"
        destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.key"
      }

      template {
        data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.crt\" }}"
        destination = "secrets/certs/jitsi.deuxfleurs.fr.crt"
      }

      template {
        data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.key\" }}"
        destination = "secrets/certs/jitsi.deuxfleurs.fr.key"
      }

      resources {
        cpu = 300
        memory = 200
      }

      service {
        tags = [ "jitsi", "bosh" ]
        port = "bosh_port"
        address_mode = "host"
        name = "jitsi-xmpp-bosh"
        check {
          type = "tcp"
          port = "bosh_port"
          interval = "60s"
          timeout = "5s"
          check_restart {
            limit = 3
            grace = "90s"
            ignore_warnings = false
          }
        }
      }

      service {
        tags = [ "jitsi", "ext" ]
        port = "ext_port"
        address_mode = "host"
        name = "jitsi-ext"
      }

      service {
        tags = [ "jitsi", "xmpp" ]
        port = "xmpp_port"
        address_mode = "host"
        name = "jitsi-xmpp"
      }
    }

    task "front" {
      driver = "docker"
      config {
        image = "superboum/amd64_jitsi_meet:v3"
        network_mode = "host"
        ports = [ "https_port" ]
      }

      template {
        data = file("../config/configuration/jitsi/global_env.tpl")
        destination = "secrets/global_env"
        env = true
      }

      # --- secrets ---
      template {
        data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.crt\" }}"
        destination = "secrets/certs/jitsi.deuxfleurs.fr.crt"
      }
      template {
        data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.key\" }}"
        destination = "secrets/certs/jitsi.deuxfleurs.fr.key"
      }

      resources {
        cpu = 300
        memory = 200
      } 

     service {
        tags = [
          "jitsi",
          "traefik.enable=true",
          "traefik.frontend.entryPoints=https,http",
          "traefik.frontend.rule=Host:jitsi.deuxfleurs.fr;PathPrefix:/",
          "traefik.protocol=https"
        ]
        port = "https_port"
        address_mode = "host"
        name = "jitsi-front-https"
        check {
          type = "tcp"
          port = "https_port"
          interval = "60s"
          timeout = "5s"
          check_restart {
            limit = 3
            grace = "90s"
            ignore_warnings = false
          }
        }
      }
    }

    task "jicofo" {
      driver = "docker"
      config {
        image = "superboum/amd64_jitsi_conference_focus:v6"
        network_mode = "host"
      }

      template {
        data = file("../config/configuration/jitsi/global_env.tpl")
        destination = "secrets/global_env"
        env = true
      }

      #--- secrets ---
      template {
        data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.crt\" }}"
        destination = "secrets/certs/jitsi.deuxfleurs.fr.crt"
      }

      template {
        data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.crt\" }}"
        destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.crt"
      }

      resources {
        cpu = 300
        memory = 400
      } 
    }

    task "videobridge" {
      driver = "docker"
      config {
        image = "superboum/amd64_jitsi_videobridge:v16"
        network_mode = "host"
        ports = [ "video1_port", "video2_port" ] 
        ulimit {
          nofile = "1048576:1048576"
          nproc = "65536:65536"
        }
      }

      env {
        #JITSI_DEBUG = 1
        JITSI_VIDEO_TCP = 8080
        VIDEOBRIDGE_MAX_MEMORY = "1450m"
      }

      template {
        data = file("../config/configuration/jitsi/global_env.tpl")
        destination = "secrets/global_env"
        env = true
      }

      resources {
        cpu = 900
        memory = 1500
      } 

      service {
        tags = [ "jitsi", "(diplonat (tcp_port 8080))" ]
        port = "video1_port"
        address_mode = "host"
        name = "jitsi-videobridge-video1"
        check {
          type = "tcp"
          port = "video1_port"
          interval = "60s"
          timeout = "5s"
          check_restart {
            limit = 3
            grace = "90s"
            ignore_warnings = false
          }
        }
      }

      service {
        tags = [ "jitsi", "(diplonat (udp_port 10000))" ]
        port = "video2_port"
        address_mode = "host"
        name = "jitsi-videobridge-video2"
      }
    }
  }
}
Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`job "jitsi" {`
			`datacenters = ["dc1"]`
			`type = "service"`

			`constraint {`
			`attribute = "${attr.cpu.arch}"`
			`value = "amd64"`
			`}`

			`group "core" {`
Migrate jitsi 2020-12-23 14:55:17 +00:00
			`network {`
			`port "bosh_port" { }`
			`port "ext_port" { static = 5347 }`
			`port "xmpp_port" { static = 5222 }`
			`port "https_port" { }`
			`port "video1_port" { static = 8080 }`
			`port "video2_port" { static = 10000 }`
			`}`

Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`task "xmpp" {`
			`driver = "docker"`
			`config {`
Migrate jitsi 2020-12-23 14:55:17 +00:00			`image = "superboum/amd64_jitsi_xmpp:v8"`
			`ports = [ "bosh_port", "ext_port", "xmpp_port" ]`
Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`network_mode = "host"`
			`}`

Migrate jitsi 2020-12-23 14:55:17 +00:00			`template {`
			`data = file("../config/configuration/jitsi/global_env.tpl")`
			`destination = "secrets/global_env"`
			`env = true`
			`}`

			`# --- secrets ---`
First deployment of Jitsi on nomad 2020-03-27 20:50:00 +00:00			`template {`
			`data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.crt\" }}"`
			`destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.crt"`
			`}`
Migrate jitsi 2020-12-23 14:55:17 +00:00
First deployment of Jitsi on nomad 2020-03-27 20:50:00 +00:00			`template {`
			`data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.key\" }}"`
			`destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.key"`
			`}`
Migrate jitsi 2020-12-23 14:55:17 +00:00
First deployment of Jitsi on nomad 2020-03-27 20:50:00 +00:00			`template {`
			`data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.crt\" }}"`
			`destination = "secrets/certs/jitsi.deuxfleurs.fr.crt"`
			`}`
Migrate jitsi 2020-12-23 14:55:17 +00:00
First deployment of Jitsi on nomad 2020-03-27 20:50:00 +00:00			`template {`
			`data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.key\" }}"`
			`destination = "secrets/certs/jitsi.deuxfleurs.fr.key"`
			`}`

Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`resources {`
			`cpu = 300`
			`memory = 200`
			`}`

			`service {`
rework jitsi service 2020-10-28 13:12:15 +00:00			`tags = [ "jitsi", "bosh" ]`
Migrate jitsi 2020-12-23 14:55:17 +00:00			`port = "bosh_port"`
			`address_mode = "host"`
Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`name = "jitsi-xmpp-bosh"`
			`check {`
			`type = "tcp"`
Migrate jitsi 2020-12-23 14:55:17 +00:00			`port = "bosh_port"`
Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`interval = "60s"`
			`timeout = "5s"`
			`check_restart {`
			`limit = 3`
			`grace = "90s"`
			`ignore_warnings = false`
			`}`
			`}`
			`}`
rework jitsi service 2020-10-28 13:12:15 +00:00
			`service {`
			`tags = [ "jitsi", "ext" ]`
Migrate jitsi 2020-12-23 14:55:17 +00:00			`port = "ext_port"`
			`address_mode = "host"`
rework jitsi service 2020-10-28 13:12:15 +00:00			`name = "jitsi-ext"`
			`}`

			`service {`
			`tags = [ "jitsi", "xmpp" ]`
Migrate jitsi 2020-12-23 14:55:17 +00:00			`port = "xmpp_port"`
			`address_mode = "host"`
rework jitsi service 2020-10-28 13:12:15 +00:00			`name = "jitsi-xmpp"`
			`}`
Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`}`

			`task "front" {`
			`driver = "docker"`
			`config {`
Upgrade jitsi 2021-01-13 13:42:14 +00:00			`image = "superboum/amd64_jitsi_meet:v3"`
Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`network_mode = "host"`
Migrate jitsi 2020-12-23 14:55:17 +00:00			`ports = [ "https_port" ]`
Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`}`

Migrate jitsi 2020-12-23 14:55:17 +00:00			`template {`
			`data = file("../config/configuration/jitsi/global_env.tpl")`
			`destination = "secrets/global_env"`
			`env = true`
			`}`

			`# --- secrets ---`
First deployment of Jitsi on nomad 2020-03-27 20:50:00 +00:00			`template {`
Fix a stupid error 2020-03-27 20:54:11 +00:00			`data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.crt\" }}"`
			`destination = "secrets/certs/jitsi.deuxfleurs.fr.crt"`
First deployment of Jitsi on nomad 2020-03-27 20:50:00 +00:00			`}`
			`template {`
Fix a stupid error 2020-03-27 20:54:11 +00:00			`data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.key\" }}"`
			`destination = "secrets/certs/jitsi.deuxfleurs.fr.key"`
First deployment of Jitsi on nomad 2020-03-27 20:50:00 +00:00			`}`

Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`resources {`
			`cpu = 300`
			`memory = 200`
			`}`

			`service {`
			`tags = [`
			`"jitsi",`
			`"traefik.enable=true",`
			`"traefik.frontend.entryPoints=https,http",`
First deployment of Jitsi on nomad 2020-03-27 20:50:00 +00:00			`"traefik.frontend.rule=Host:jitsi.deuxfleurs.fr;PathPrefix:/",`
			`"traefik.protocol=https"`
Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`]`
Migrate jitsi 2020-12-23 14:55:17 +00:00			`port = "https_port"`
			`address_mode = "host"`
Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`name = "jitsi-front-https"`
			`check {`
			`type = "tcp"`
Migrate jitsi 2020-12-23 14:55:17 +00:00			`port = "https_port"`
Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`interval = "60s"`
			`timeout = "5s"`
			`check_restart {`
			`limit = 3`
			`grace = "90s"`
			`ignore_warnings = false`
			`}`
			`}`
			`}`
			`}`

			`task "jicofo" {`
			`driver = "docker"`
			`config {`
Upgrade jitsi 2021-01-13 13:42:14 +00:00			`image = "superboum/amd64_jitsi_conference_focus:v6"`
Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`network_mode = "host"`
			`}`

Migrate jitsi 2020-12-23 14:55:17 +00:00			`template {`
			`data = file("../config/configuration/jitsi/global_env.tpl")`
			`destination = "secrets/global_env"`
			`env = true`
			`}`

			`#--- secrets ---`
First deployment of Jitsi on nomad 2020-03-27 20:50:00 +00:00			`template {`
			`data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.crt\" }}"`
			`destination = "secrets/certs/jitsi.deuxfleurs.fr.crt"`
			`}`
Migrate jitsi 2020-12-23 14:55:17 +00:00
First deployment of Jitsi on nomad 2020-03-27 20:50:00 +00:00			`template {`
			`data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.crt\" }}"`
			`destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.crt"`
			`}`

Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`resources {`
			`cpu = 300`
Read domain name from LDAP 2020-06-14 09:48:53 +00:00			`memory = 400`
Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`}`
			`}`

			`task "videobridge" {`
			`driver = "docker"`
			`config {`
Upgrade jitsi 2021-01-13 13:42:14 +00:00			`image = "superboum/amd64_jitsi_videobridge:v16"`
Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`network_mode = "host"`
Migrate jitsi 2020-12-23 14:55:17 +00:00			`ports = [ "video1_port", "video2_port" ]`
[jitsi] Increase resource limit 2020-03-28 07:39:02 +00:00			`ulimit {`
			`nofile = "1048576:1048576"`
			`nproc = "65536:65536"`
			`}`
Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`}`

Try to improve Jitsi 2020-04-02 18:24:50 +00:00			`env {`
Last jitsi config 2020-04-05 08:41:24 +00:00			`#JITSI_DEBUG = 1`
			`JITSI_VIDEO_TCP = 8080`
Set Jitsi videobridge max memory 2020-12-02 11:28:19 +00:00			`VIDEOBRIDGE_MAX_MEMORY = "1450m"`
Try to improve Jitsi 2020-04-02 18:24:50 +00:00			`}`

First deployment of Jitsi on nomad 2020-03-27 20:50:00 +00:00			`template {`
Migrate jitsi 2020-12-23 14:55:17 +00:00			`data = file("../config/configuration/jitsi/global_env.tpl")`
First deployment of Jitsi on nomad 2020-03-27 20:50:00 +00:00			`destination = "secrets/global_env"`
			`env = true`
			`}`

Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`resources {`
[jitsi] Increase resource limit 2020-03-28 07:39:02 +00:00			`cpu = 900`
			`memory = 1500`
Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`}`

			`service {`
rework jitsi service 2020-10-28 13:12:15 +00:00			`tags = [ "jitsi", "(diplonat (tcp_port 8080))" ]`
Migrate jitsi 2020-12-23 14:55:17 +00:00			`port = "video1_port"`
			`address_mode = "host"`
Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`name = "jitsi-videobridge-video1"`
			`check {`
			`type = "tcp"`
Migrate jitsi 2020-12-23 14:55:17 +00:00			`port = "video1_port"`
Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`interval = "60s"`
			`timeout = "5s"`
			`check_restart {`
			`limit = 3`
			`grace = "90s"`
			`ignore_warnings = false`
			`}`
			`}`
			`}`

rework jitsi service 2020-10-28 13:12:15 +00:00			`service {`
			`tags = [ "jitsi", "(diplonat (udp_port 10000))" ]`
Migrate jitsi 2020-12-23 14:55:17 +00:00			`port = "video2_port"`
			`address_mode = "host"`
rework jitsi service 2020-10-28 13:12:15 +00:00			`name = "jitsi-videobridge-video2"`
			`}`
			`}`
Add a WIP jitsi hcl file 2020-03-27 08:49:51 +00:00			`}`
			`}`