forked from Deuxfleurs/infrastructure
WIP integration jitsi
This commit is contained in:
parent
7b57ff72a9
commit
4809e27220
12 changed files with 90 additions and 64 deletions
|
@ -74,7 +74,7 @@ services:
|
|||
context: ./jitsi/build/jitsi-xmpp
|
||||
args:
|
||||
VERSION: 0.11.2-1
|
||||
image: superboum/amd64_jitsi_xmpp:v8
|
||||
image: superboum/amd64_jitsi_xmpp:v9
|
||||
|
||||
plume:
|
||||
build:
|
||||
|
|
|
@ -5,15 +5,16 @@ ARG VERSION
|
|||
RUN apt-get update && \
|
||||
apt-get install -y prosody=${VERSION}
|
||||
|
||||
mkdir -p /usr/local/share/ca-certificates/
|
||||
RUN mkdir -p /usr/local/share/ca-certificates/ && \
|
||||
ln -sf \
|
||||
/var/lib/prosody/auth.jitsi.crt \
|
||||
/usr/local/share/ca-certificates/auth.jitsi.crt
|
||||
/var/lib/prosody/certs/auth.jitsi.crt \
|
||||
/usr/local/share/ca-certificates/auth.jitsi.crt && \
|
||||
mkdir /run/prosody && \
|
||||
touch /run/prosody/prosody.pid && \
|
||||
mkdir -p /var/lib/prosody
|
||||
|
||||
COPY xmpp_gen /usr/local/bin/xmpp_gen
|
||||
COPY xmpp_run /usr/local/bin/xmpp_run
|
||||
COPY xmpp_root /usr/local/bin/xmpp_root
|
||||
COPY xmpp_prosody /usr/local/bin/xmpp_prosody
|
||||
|
||||
USER prosody
|
||||
RUN mkdir /run/prosody && touch /run/prosody/prosody.pid
|
||||
WORKDIR /var/lib/prosody
|
||||
CMD ["/usr/local/bin/xmpp_run"]
|
||||
CMD ["/usr/local/bin/xmpp_root"]
|
||||
|
|
|
@ -1,4 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
prosodyctl cert generate jitsi.deuxfleurs.fr
|
||||
prosodyctl cert generate auth.jitsi.deuxfleurs.fr
|
5
app/jitsi/build/jitsi-xmpp/xmpp_prosody
Executable file
5
app/jitsi/build/jitsi-xmpp/xmpp_prosody
Executable file
|
@ -0,0 +1,5 @@
|
|||
#!/bin/bash
|
||||
chown -R prosody:prosody /var/lib/prosody /etc/prosody /run/prosody
|
||||
|
||||
cat /etc/prosody/accounts.txt | xargs -n3 prosodyctl register
|
||||
exec prosody
|
4
app/jitsi/build/jitsi-xmpp/xmpp_root
Executable file
4
app/jitsi/build/jitsi-xmpp/xmpp_root
Executable file
|
@ -0,0 +1,4 @@
|
|||
#!/bin/bash
|
||||
|
||||
chown -R prosody:prosody /var/lib/prosody /etc/prosody /run/prosody
|
||||
exec su -s /bin/bash -c /usr/local/bin/xmpp_prosody - prosody
|
|
@ -1,4 +0,0 @@
|
|||
#!/bin/bash
|
||||
prosodyctl register focus auth.jitsi.deuxfleurs.fr ${JITSI_SECRET_JICOFO_USER}
|
||||
prosodyctl register jvb auth.jitsi.deuxfleurs.fr ${JITSI_SECRET_VIDEOBRIDGE}
|
||||
exec prosody
|
|
@ -1,8 +0,0 @@
|
|||
version: '3'
|
||||
services:
|
||||
jitsi-xmpp:
|
||||
image: superboum/amd64_jitsi_xmpp:v2
|
||||
command: ["/usr/local/bin/xmpp_gen"]
|
||||
volumes: [ './jitsi-certs/:/certs:rw' ]
|
||||
env_file: [ 'dev.env' ]
|
||||
|
|
@ -1,27 +0,0 @@
|
|||
version: '3.4'
|
||||
services:
|
||||
jitsi-xmpp:
|
||||
image: superboum/amd64_jitsi_xmpp:v3
|
||||
ports:
|
||||
- "5222:5222"
|
||||
- "5347:5347"
|
||||
- "5280:5280"
|
||||
env_file: [ 'dev.env' ]
|
||||
volumes: [ './jitsi-certs/:/certs:ro' ]
|
||||
jitsi-meet:
|
||||
image: superboum/amd64_jitsi_meet:v1
|
||||
ports:
|
||||
- "443:443"
|
||||
env_file: [ 'dev.env' ]
|
||||
volumes: [ './jitsi-certs/:/certs:ro' ]
|
||||
jitsi-conference-focus:
|
||||
image: superboum/amd64_jitsi_conference_focus:v4
|
||||
env_file: [ 'dev.env' ]
|
||||
volumes: [ './jitsi-certs/:/certs:ro' ]
|
||||
jitsi-videobridge:
|
||||
image: superboum/amd64_jitsi_videobridge:v14
|
||||
ports:
|
||||
- "8080:8080/tcp"
|
||||
- "10000:10000/udp"
|
||||
env_file: [ 'dev.env' ]
|
||||
volumes: [ './jitsi-certs/:/certs:ro' ]
|
|
@ -46,6 +46,12 @@ But we can see this is a deprecated thing, it has been already removed from mast
|
|||
For now (as per v5390) we will keep `JICOFO_SECRET` environment variable but will assume no other environment variable is set
|
||||
But maybe this value is deprecated: the check is still here but it is not used anymore?!
|
||||
|
||||
## Generate certs with prosody
|
||||
```
|
||||
prosodyctl cert generate auth.jitsi
|
||||
prosodyctl cert generate jitsi
|
||||
```
|
||||
|
||||
## Resources to understand jitsi
|
||||
|
||||
- [jicofo/debian/postinst](https://github.com/jitsi/jicofo/blob/master/debian/postinst)
|
||||
|
|
22
app/jitsi/integration/docker-compose.yml
Normal file
22
app/jitsi/integration/docker-compose.yml
Normal file
|
@ -0,0 +1,22 @@
|
|||
version: '3.4'
|
||||
services:
|
||||
jitsi-xmpp:
|
||||
image: superboum/amd64_jitsi_xmpp:v9
|
||||
volumes:
|
||||
- "./prosody/prosody.cfg.lua:/etc/prosody/prosody.cfg.lua"
|
||||
- "./prosody/accounts.txt:/etc/prosody/accounts.txt"
|
||||
- "./prosody/certs/jitsi.crt:/var/lib/prosody/jitsi.crt"
|
||||
- "./prosody/certs/jitsi.key:/var/lib/prosody/jitsi.key"
|
||||
- "./prosody/certs/auth.jitsi.crt:/var/lib/prosody/auth.jitsi.crt"
|
||||
- "./prosody/certs/auth.jitsi.key:/var/lib/prosody/auth.jitsi.key"
|
||||
jitsi-meet:
|
||||
image: superboum/amd64_jitsi_meet:v1
|
||||
ports:
|
||||
- "443:443"
|
||||
jitsi-conference-focus:
|
||||
image: superboum/amd64_jitsi_conference_focus:v4
|
||||
jitsi-videobridge:
|
||||
image: superboum/amd64_jitsi_videobridge:v14
|
||||
ports:
|
||||
- "8080:8080/tcp"
|
||||
- "10000:10000/udp"
|
2
app/jitsi/integration/prosody/accounts.txt
Normal file
2
app/jitsi/integration/prosody/accounts.txt
Normal file
|
@ -0,0 +1,2 @@
|
|||
focus auth.jitsi xxx
|
||||
jvb auth.jitsi yyy
|
|
@ -1,12 +1,41 @@
|
|||
component_ports = { 5347 }
|
||||
daemonize = false
|
||||
allow_registration = false
|
||||
use_libevent = true
|
||||
component_interface = "0.0.0.0"
|
||||
http_ports = { ${JITSI_PROSODY_BOSH_PORT} }
|
||||
log = {
|
||||
error="/dev/stderr"
|
||||
info="/dev/stdout"
|
||||
component_ports = { 5347 }
|
||||
http_ports = { 5280 }
|
||||
|
||||
-- Not sure all modules are required
|
||||
modules_enabled = {
|
||||
"roster"; -- Allow users to have a roster. Recommended ;)
|
||||
"saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.
|
||||
"tls"; -- Add support for secure TLS on c2s/s2s connections
|
||||
"dialback"; -- s2s dialback support
|
||||
"disco"; -- Service discovery
|
||||
"posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
|
||||
"compression"; -- Stream compression (requires the lua-zlib package installed)
|
||||
"version"; -- Replies to server version requests
|
||||
"uptime"; -- Report how long server has been running
|
||||
"time"; -- Let others know the time here on this server
|
||||
"ping"; -- Replies to XMPP pings with pongs
|
||||
"pep"; -- Enables users to publish their mood, activity, playing music and more
|
||||
-- jitsi
|
||||
"smacks";
|
||||
"carbons";
|
||||
"mam";
|
||||
"lastactivity";
|
||||
"offline";
|
||||
"pubsub";
|
||||
"adhoc";
|
||||
"websocket";
|
||||
"http_altconnect";
|
||||
}
|
||||
|
||||
VirtualHost "jitsi.deuxfleurs.fr"
|
||||
log = {
|
||||
"*console";
|
||||
}
|
||||
|
||||
VirtualHost "jitsi"
|
||||
authentication = "anonymous"
|
||||
ssl = {
|
||||
key = "/var/lib/prosody/jitsi.key";
|
||||
|
@ -18,17 +47,17 @@ VirtualHost "jitsi.deuxfleurs.fr"
|
|||
}
|
||||
c2s_require_encryption = false
|
||||
|
||||
VirtualHost "auth.jitsi.deuxfleurs.fr"
|
||||
VirtualHost "auth.jitsi"
|
||||
ssl = {
|
||||
key = "/var/lib/prosody/auth.jitsi.key";
|
||||
certificate = "/var/lib/prosody/auth.jitsi.crt";
|
||||
}
|
||||
authentication = "internal_plain"
|
||||
admins = { "focus@auth.jitsi.deuxfleurs.fr"}
|
||||
admins = { "focus@auth.jitsi"}
|
||||
|
||||
Component "conference.jitsi.deuxfleurs.fr" "muc"
|
||||
Component "internal.auth.jitsi.deuxfleurs.fr" "muc"
|
||||
Component "conference.jitsi" "muc"
|
||||
Component "internal.auth.jitsi" "muc"
|
||||
storage = "memory"
|
||||
modules_enabled = { "ping"; }
|
||||
admins = { "focus@auth.jitsi.deuxfleurs.fr", "jvb@auth.jitsi.deuxfleurs.fr" }
|
||||
admins = { "focus@auth.jitsi", "jvb@auth.jitsi" }
|
||||
|
||||
|
|
Loading…
Reference in a new issue