forked from Deuxfleurs/infrastructure
Polish configuration
This commit is contained in:
parent
cb69a1123c
commit
0a87d26e47
7 changed files with 28 additions and 45 deletions
|
@ -47,8 +47,7 @@ services:
|
||||||
context: ./jitsi/build/jitsi-meet
|
context: ./jitsi/build/jitsi-meet
|
||||||
args:
|
args:
|
||||||
# https://github.com/jitsi/jitsi-meet
|
# https://github.com/jitsi/jitsi-meet
|
||||||
PREFIXV: jitsi-meet_
|
MEET_TAG: jitsi-meet_5463
|
||||||
VERSION: 5463
|
|
||||||
image: superboum/amd64_jitsi_meet:v4
|
image: superboum/amd64_jitsi_meet:v4
|
||||||
|
|
||||||
jitsi-conference-focus:
|
jitsi-conference-focus:
|
||||||
|
@ -72,8 +71,7 @@ services:
|
||||||
build:
|
build:
|
||||||
context: ./jitsi/build/jitsi-xmpp
|
context: ./jitsi/build/jitsi-xmpp
|
||||||
args:
|
args:
|
||||||
PREFIXV: jitsi-meet_
|
MEET_TAG: jitsi-meet_5463
|
||||||
MEET_VERSION: 5463
|
|
||||||
PROSODY_VERSION: 0.11.7-1~buster4
|
PROSODY_VERSION: 0.11.7-1~buster4
|
||||||
image: superboum/amd64_jitsi_xmpp:v9
|
image: superboum/amd64_jitsi_xmpp:v9
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
FROM fedora:33 AS builder
|
FROM debian:buster AS builder
|
||||||
|
|
||||||
# unzip is required when executing the mvn package command
|
# unzip is required when executing the mvn package command
|
||||||
RUN dnf install -y java-latest-openjdk-headless maven git unzip
|
RUN apt-get update && \
|
||||||
|
apt-get install -y openjdk-11-jdk-headless maven git unzip
|
||||||
|
|
||||||
ARG JICOFO_TAG
|
ARG JICOFO_TAG
|
||||||
RUN git clone --depth 1 --branch $JICOFO_TAG https://github.com/jitsi/jicofo
|
RUN git clone --depth 1 --branch $JICOFO_TAG https://github.com/jitsi/jicofo
|
||||||
|
@ -14,7 +15,7 @@ RUN mvn package -DskipTests -Dassembly.skipAssembly=false
|
||||||
RUN unzip target/jicofo-1.1-SNAPSHOT-archive.zip && \
|
RUN unzip target/jicofo-1.1-SNAPSHOT-archive.zip && \
|
||||||
mv jicofo-1.1-SNAPSHOT /srv/build
|
mv jicofo-1.1-SNAPSHOT /srv/build
|
||||||
|
|
||||||
FROM debian:bullseye
|
FROM debian:buster
|
||||||
|
|
||||||
RUN apt-get update && \
|
RUN apt-get update && \
|
||||||
apt-get install -y openjdk-11-jre-headless ca-certificates
|
apt-get install -y openjdk-11-jre-headless ca-certificates
|
||||||
|
|
|
@ -2,15 +2,7 @@
|
||||||
|
|
||||||
update-ca-certificates -f
|
update-ca-certificates -f
|
||||||
|
|
||||||
if [ -z "${JICOFO_MEMORY}" ]; then
|
|
||||||
echo "You must set the env variable 'JICOFO_MEMORY'. eg. JICOFO_MEMORY=3072m"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
exec java \
|
exec java \
|
||||||
-Xmx${JICOFO_MEMORY} \
|
|
||||||
-XX:+HeapDumpOnOutOfMemoryError \
|
|
||||||
-XX:HeapDumpPath=/tmp \
|
|
||||||
-Djdk.tls.ephemeralDHKeySize=2048 \
|
-Djdk.tls.ephemeralDHKeySize=2048 \
|
||||||
-Djava.util.logging.config.file=/usr/share/jicofo/lib/logging.properties \
|
-Djava.util.logging.config.file=/usr/share/jicofo/lib/logging.properties \
|
||||||
-Dconfig.file=/etc/jitsi/jicofo.conf \
|
-Dconfig.file=/etc/jitsi/jicofo.conf \
|
||||||
|
|
|
@ -1,18 +1,15 @@
|
||||||
FROM debian:buster AS builder
|
FROM debian:buster AS builder
|
||||||
|
|
||||||
ARG PREFIXV
|
|
||||||
ARG VERSION
|
|
||||||
|
|
||||||
RUN apt-get update && \
|
RUN apt-get update && \
|
||||||
apt-get install -y curl && \
|
apt-get install -y curl && \
|
||||||
curl -sL https://deb.nodesource.com/setup_14.x | bash - && \
|
curl -sL https://deb.nodesource.com/setup_14.x | bash - && \
|
||||||
apt-get install -y git nodejs make wget unzip && \
|
apt-get install -y git nodejs make git unzip
|
||||||
wget https://github.com/jitsi/jitsi-meet/archive/${PREFIXV}${VERSION}.zip -O jitsi-meet.zip
|
|
||||||
|
|
||||||
RUN unzip jitsi-meet.zip && \
|
ARG MEET_TAG
|
||||||
mv jitsi-meet-*${VERSION} jitsi-meet && \
|
RUN git clone --depth 1 --branch ${MEET_TAG} https://github.com/jitsi/jitsi-meet
|
||||||
cd jitsi-meet && \
|
|
||||||
npm install && \
|
WORKDIR jitsi-meet
|
||||||
|
RUN npm install && \
|
||||||
make
|
make
|
||||||
|
|
||||||
FROM debian:buster
|
FROM debian:buster
|
||||||
|
|
|
@ -9,18 +9,9 @@ if [ -z "${JITSI_NAT_PUBLIC_IP}" ]; then
|
||||||
JITSI_NAT_PUBLIC_IP=$(curl https://ifconfig.me)
|
JITSI_NAT_PUBLIC_IP=$(curl https://ifconfig.me)
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -z "${JVB_MEMORY}" ]; then
|
|
||||||
echo "You must set the env variable 'JVB_MEMORY'. eg: JVB_MEMORY=3072m"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "NAT config: ${JITSI_NAT_LOCAL_IP} -> ${JITSI_NAT_PUBLIC_IP}"
|
echo "NAT config: ${JITSI_NAT_LOCAL_IP} -> ${JITSI_NAT_PUBLIC_IP}"
|
||||||
|
|
||||||
exec java \
|
exec java \
|
||||||
-Xmx${JVB_MEMORY} \
|
|
||||||
-XX:+UseConcMarkSweepGC \
|
|
||||||
-XX:+HeapDumpOnOutOfMemoryError \
|
|
||||||
-XX:HeapDumpPath=/tmp \
|
|
||||||
-Djdk.tls.ephemeralDHKeySize=2048 \
|
-Djdk.tls.ephemeralDHKeySize=2048 \
|
||||||
-Djava.util.logging.config.file=/usr/share/jvb/lib/logging.properties \
|
-Djava.util.logging.config.file=/usr/share/jvb/lib/logging.properties \
|
||||||
-Dconfig.file=/etc/jitsi/videobridge.conf \
|
-Dconfig.file=/etc/jitsi/videobridge.conf \
|
||||||
|
|
|
@ -1,13 +1,10 @@
|
||||||
FROM debian:buster as builder
|
FROM debian:buster as builder
|
||||||
|
|
||||||
WORKDIR /tmp
|
|
||||||
ARG MEET_VERSION
|
|
||||||
ARG PREFIXV
|
|
||||||
RUN apt-get update && \
|
RUN apt-get update && \
|
||||||
apt-get install -y wget unzip
|
apt-get install -y git unzip
|
||||||
RUN wget https://github.com/jitsi/jitsi-meet/archive/${PREFIXV}${MEET_VERSION}.zip -O meet.zip
|
|
||||||
RUN unzip meet.zip && \
|
ARG MEET_TAG
|
||||||
mv jitsi-meet-* jitsi-meet
|
RUN git clone --depth 1 --branch ${MEET_TAG} https://github.com/jitsi/jitsi-meet/
|
||||||
|
|
||||||
FROM debian:buster
|
FROM debian:buster
|
||||||
|
|
||||||
|
@ -30,7 +27,7 @@ RUN mkdir -p /usr/local/share/ca-certificates/ && \
|
||||||
mkdir -p /var/lib/prosody && \
|
mkdir -p /var/lib/prosody && \
|
||||||
chown -R prosody:prosody /var/lib/prosody /run/prosody
|
chown -R prosody:prosody /var/lib/prosody /run/prosody
|
||||||
|
|
||||||
COPY --from=builder /tmp/jitsi-meet/resources/prosody-plugins /usr/share/jitsi-meet/prosody-plugins/
|
COPY --from=builder /jitsi-meet/resources/prosody-plugins /usr/share/jitsi-meet/prosody-plugins/
|
||||||
COPY xmpp_prosody /usr/local/bin/xmpp_prosody
|
COPY xmpp_prosody /usr/local/bin/xmpp_prosody
|
||||||
|
|
||||||
WORKDIR /var/lib/prosody
|
WORKDIR /var/lib/prosody
|
||||||
|
|
|
@ -21,12 +21,13 @@ modules_enabled = {
|
||||||
"websocket";
|
"websocket";
|
||||||
--"http_altconnect"; -- not shipped with prosody
|
--"http_altconnect"; -- not shipped with prosody
|
||||||
}
|
}
|
||||||
|
modules_disabled = { "s2s" }
|
||||||
|
|
||||||
plugin_paths = { "/usr/share/jitsi-meet/prosody-plugins/" }
|
plugin_paths = { "/usr/share/jitsi-meet/prosody-plugins/" }
|
||||||
|
|
||||||
log = {
|
log = {
|
||||||
--log less on console with warn="*console"; or err="*console" or more with debug="*console"
|
--log less on console with warn="*console"; or err="*console" or more with debug="*console"
|
||||||
debug="*console";
|
info="*console";
|
||||||
}
|
}
|
||||||
daemonize = false
|
daemonize = false
|
||||||
use_libevent = true
|
use_libevent = true
|
||||||
|
@ -45,10 +46,12 @@ muc_mapper_domain_base = "jitsi.deuxfleurs.fr";
|
||||||
|
|
||||||
cross_domain_bosh = false;
|
cross_domain_bosh = false;
|
||||||
consider_bosh_secure = true;
|
consider_bosh_secure = true;
|
||||||
https_ports = { }; -- Remove this line to prevent listening on port 5284
|
--component_ports = { 5347 }
|
||||||
component_interface = "0.0.0.0"
|
component_ports = { } -- it seems we don't need external components for now...
|
||||||
component_ports = { 5347 }
|
https_ports = { } -- we don't need http
|
||||||
http_ports = { 5280 }
|
http_ports = { 5280 }
|
||||||
|
c2s_ports = { 5222 }
|
||||||
|
s2s_ports = { }
|
||||||
|
|
||||||
|
|
||||||
-- https://ssl-config.mozilla.org/#server=haproxy&version=2.1&config=intermediate&openssl=1.1.0g&guideline=5.4
|
-- https://ssl-config.mozilla.org/#server=haproxy&version=2.1&config=intermediate&openssl=1.1.0g&guideline=5.4
|
||||||
|
@ -111,6 +114,10 @@ Component "internal.auth.jitsi" "muc"
|
||||||
muc_room_default_public_jids = true
|
muc_room_default_public_jids = true
|
||||||
|
|
||||||
VirtualHost "auth.jitsi"
|
VirtualHost "auth.jitsi"
|
||||||
|
ssl = {
|
||||||
|
key = "/var/lib/prosody/auth.jitsi.key";
|
||||||
|
certificate = "/var/lib/prosody/auth.jitsi.crt";
|
||||||
|
}
|
||||||
authentication = "internal_plain"
|
authentication = "internal_plain"
|
||||||
|
|
||||||
Component "focus.jitsi" "client_proxy"
|
Component "focus.jitsi" "client_proxy"
|
||||||
|
|
Loading…
Reference in a new issue