job "jitsi" { datacenters = ["dc1"] type = "service" constraint { attribute = "${attr.cpu.arch}" value = "amd64" } group "core" { task "xmpp" { driver = "docker" config { image = "superboum/amd64_jitsi_xmpp:v4" network_mode = "host" } template { data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.crt\" }}" destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.crt" } template { data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.key\" }}" destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.key" } template { data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.crt\" }}" destination = "secrets/certs/jitsi.deuxfleurs.fr.crt" } template { data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.key\" }}" destination = "secrets/certs/jitsi.deuxfleurs.fr.key" } artifact { source = "http://127.0.0.1:8500/v1/kv/secrets/jitsi/global_env?raw" destination = "secrets/global_env.tpl" mode = "file" } template { source = "secrets/global_env.tpl" destination = "secrets/global_env" env = true } resources { cpu = 300 memory = 200 } service { tags = [ "jitsi", "bosh" ] port = 5280 address_mode = "driver" name = "jitsi-xmpp-bosh" check { type = "tcp" address_mode = "driver" port = 5280 interval = "60s" timeout = "5s" check_restart { limit = 3 grace = "90s" ignore_warnings = false } } } service { tags = [ "jitsi", "ext" ] port = 5347 address_mode = "driver" name = "jitsi-ext" } service { tags = [ "jitsi", "xmpp" ] port = 5222 address_mode = "driver" name = "jitsi-xmpp" } } task "front" { driver = "docker" config { image = "superboum/amd64_jitsi_meet:v1" network_mode = "host" } template { data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.crt\" }}" destination = "secrets/certs/jitsi.deuxfleurs.fr.crt" } template { data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.key\" }}" destination = "secrets/certs/jitsi.deuxfleurs.fr.key" } artifact { source = "http://127.0.0.1:8500/v1/kv/secrets/jitsi/global_env?raw" destination = "secrets/global_env.tpl" mode = "file" } template { source = "secrets/global_env.tpl" destination = "secrets/global_env" env = true } resources { cpu = 300 memory = 200 } service { tags = [ "jitsi", "traefik.enable=true", "traefik.frontend.entryPoints=https,http", "traefik.frontend.rule=Host:jitsi.deuxfleurs.fr;PathPrefix:/", "traefik.protocol=https" ] port = 443 address_mode = "driver" name = "jitsi-front-https" check { type = "tcp" port = 443 address_mode = "driver" interval = "60s" timeout = "5s" check_restart { limit = 3 grace = "90s" ignore_warnings = false } } } } task "jicofo" { driver = "docker" config { image = "superboum/amd64_jitsi_conference_focus:v5" network_mode = "host" } template { data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.crt\" }}" destination = "secrets/certs/jitsi.deuxfleurs.fr.crt" } template { data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.crt\" }}" destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.crt" } artifact { source = "http://127.0.0.1:8500/v1/kv/secrets/jitsi/global_env?raw" destination = "secrets/global_env.tpl" mode = "file" } template { source = "secrets/global_env.tpl" destination = "secrets/global_env" env = true } resources { cpu = 300 memory = 400 } } task "videobridge" { driver = "docker" config { image = "superboum/amd64_jitsi_videobridge:v15" network_mode = "host" port_map { video1_port = 8080 } # this is a hack, check secrets/jitsi/global_env to understand why ulimit { nofile = "1048576:1048576" nproc = "65536:65536" } } env { #JITSI_DEBUG = 1 JITSI_VIDEO_TCP = 8080 } artifact { source = "http://127.0.0.1:8500/v1/kv/secrets/jitsi/global_env?raw" destination = "secrets/global_env.tpl" mode = "file" } template { source = "secrets/global_env.tpl" destination = "secrets/global_env" env = true } resources { cpu = 900 memory = 1500 network { port "video1_port" { static = "8080" } # this is a hack } } service { tags = [ "jitsi", "(diplonat (tcp_port 8080))" ] port = 8080 address_mode = "driver" name = "jitsi-videobridge-video1" check { type = "tcp" port = 8080 address_mode = "driver" interval = "60s" timeout = "5s" check_restart { limit = 3 grace = "90s" ignore_warnings = false } } } service { tags = [ "jitsi", "(diplonat (udp_port 10000))" ] port = 10000 address_mode = "driver" name = "jitsi-videobridge-video2" } } } }