Add Jitsi Meet
This commit is contained in:
parent
d91cb37303
commit
63c01ea6a3
|
@ -11,6 +11,13 @@ apps_include:
|
|||
- restic
|
||||
- watchtower
|
||||
|
||||
db_passwords:
|
||||
nextcloud: "{{ vault_db_passwords.nextcloud }}"
|
||||
|
||||
jitsi_passwords:
|
||||
jicofo_auth: "{{ vault_jitsi_passwords.jicofo_auth }}"
|
||||
jvb_auth: "{{ vault_jitsi_passwords.jvb_auth }}"
|
||||
|
||||
redis_passwords:
|
||||
nextcloud: "{{ vault_redis_passwords.nextcloud }}"
|
||||
|
||||
|
|
|
@ -10,8 +10,3 @@ db_host: "{{ hostvars[db_inventory_hostname].internal_ipv4 }}"
|
|||
|
||||
proxy_inventory_hostname: sapt-labr-prx01
|
||||
proxy_host: "{{ hostvars[proxy_inventory_hostname].internal_ipv4 }}"
|
||||
|
||||
databases:
|
||||
nextcloud:
|
||||
username: nextcloud
|
||||
password: "{{ vault_db_passwords.nextcloud }}"
|
||||
|
|
|
@ -1,26 +1,35 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
32366636386565356265326466313931393762623762313230653735336565666662353962386132
|
||||
6533636337326630323066333238346663303238623538390a316230636564386638373233363161
|
||||
65323364613131393236373233383639663566323061613638373533643566363864613563306232
|
||||
3034626662383032390a623036643433366364653135353730346230646437313332333730613933
|
||||
64356134343330306536653136343061646432383861666438646463616465323863636466653935
|
||||
31363565373438313732653466636535346530323836356261666134666661386435306335633235
|
||||
30363432633635653566396132323536323834393534343631323638363939353237633432303165
|
||||
63326464386664336338356236306432633739396464313536343138613030646237663731306233
|
||||
31633735616535336630363563653338343364386533633934386138353265386630326163306331
|
||||
63663635663434356261373066643833656535353066646363353038376337356134663162626331
|
||||
31636665346636396630636663393636343861626636393461303233323564373733613564353166
|
||||
32373332623232303437353931356134616665643863303065396664623736646632336664616235
|
||||
38303337376466363862353338323033643834303238316639616564363435646136323038333264
|
||||
31376565333731623930633261656237313263336231366663373930653063373133383536663531
|
||||
38323665383730616238613239386632333865663465383538326665633631663163643132656138
|
||||
37386336383239666437336432643361376232363131626162373738666130326434383666373234
|
||||
62623432666535643461336661373761346165663435376639393633623432383362613032613838
|
||||
65386361666532303032326362323466303930656536333935633730356636343265306533363238
|
||||
31396164386463633864303335303136663264343465656663373434376634346234336636313363
|
||||
38616639336537346163383562333536343663396462363034656563623831346664666230303464
|
||||
63623432303363653535633536313533343361366235653466653564633034383236613234383861
|
||||
61333730613164383665643037623836346463656439383931316164653533376236336633343533
|
||||
35373035346263343138616365343432636336303339313135326135326165353934613439316335
|
||||
63663964333061333337623365333564353734353733373961633235336230356631333034633430
|
||||
3161
|
||||
34636666353931643133313861616133323761363737363038373162356332653231326334663262
|
||||
3537633032363062326532393861323934343030353563630a336436653832316439633035306538
|
||||
63383039313838373536316165323936636639386564353166363033366538313433636331343166
|
||||
3132386339313533660a306631373333663138663566353863633039303630386562303464393031
|
||||
32653135663931353939623861386637663163393537616531313733623330616239303563336138
|
||||
37353762363931333134343365343265353638326530313232643963303532613535636236633730
|
||||
33316635323666616464323432323830646462626466313936393639616339613662363635353661
|
||||
31633565616137353635333833643963303634333433653437393136353938343734623563646462
|
||||
31396161633861333830336532303138623162623063656163613362313764623566356563616135
|
||||
33313730653366623833333066303932303637633836653463373961626466386538346135383265
|
||||
31613438636566373330616135626638653831306136363365663861316562363338643361333236
|
||||
38366464366538373838326436383130646662633035663566353366306465303532383432363432
|
||||
30626132663635306163616332626233393862326632353635666431326532383930656638646633
|
||||
31313962343035643038393865393036646133326639656336386435616130633962303836643937
|
||||
30366331316134323831613965383736353431346533656334643632626635623631353632346437
|
||||
61386634326230383031663061373030353863353539393533343436616366636234666466636431
|
||||
39393036353064613835353331336333643166353737646461616261633735646430343630636164
|
||||
38666162366139383235646636333934643965666635363731313138323165313164326535343339
|
||||
37386363346336653632316430353138336236613762396637346537313537306566336437653661
|
||||
62383864376237336630316533653338333430313964333663303265396334316166383432303734
|
||||
31343730396532323431643964663161633037346462313165373462663663633863663561633661
|
||||
62336633313338313939396464353137366563613036633634313164386564393266393439306331
|
||||
63393364633863643664393031386161663233333530376364356262363261376166666434633265
|
||||
34623730333535303837623266333963373063363330396462393031356330333138613635613531
|
||||
34323230616161383165303636393130396231643064316438303430373436616635336166666331
|
||||
39386439613166616539393765363066386330633535363132346162343865616234616665633234
|
||||
37363139326536316334333130636436616162363562613863663537636538373664653835623665
|
||||
62623434346264616663313231373365623634653033343464393464666331353431386139643438
|
||||
39306435353833666263353933316233383163363138323931626662383033356535306561343165
|
||||
63643233303866663037376137373233623566323732343361626535613138333538666236326136
|
||||
35323661376134626333666563366438366336623737326636623634623164626630663336373032
|
||||
65643237623463663336393033366433336639396632316539613963643261373632346131656666
|
||||
38303733393136656266366337376537366237663661396433323363353663383735356333626461
|
||||
3864386539313265396630643335343966313537393438613434
|
||||
|
|
|
@ -10,8 +10,3 @@ db_host: "{{ hostvars[db_inventory_hostname].internal_ipv4 }}"
|
|||
|
||||
proxy_inventory_hostname: sapt-labr-prx01
|
||||
proxy_host: "{{ hostvars[proxy_inventory_hostname].internal_ipv4 }}"
|
||||
|
||||
databases:
|
||||
nextcloud:
|
||||
username: nextcloud
|
||||
password: "{{ vault_db_passwords.nextcloud }}"
|
||||
|
|
|
@ -1,26 +1,35 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
64333431356566356137666636636262306262613664663935633934343532663563333837313963
|
||||
3638386534636463646461666338356633356462326663360a393966613865613434663136613933
|
||||
36343438336364636561333130653436386630356630626139643139303636383762663838383463
|
||||
6561336438303235610a663339633133613935383464336164323630316536353130333130316237
|
||||
33383738383535646135326236646233313166336330386362613534343031373234313634313361
|
||||
61303362323961636265616666306632326363656261376564633337343632333732663231643165
|
||||
32356239346535303965653261613437623837326138376231653761366166316639653239653034
|
||||
30333032363932363961336335623464313333653465373965366430306365663739393335343434
|
||||
39623531643563303438306264623866383135303534653131626435623139386666633066356630
|
||||
66633036303264666639663063373635366563313466303932363265623235303432383162636437
|
||||
31666463306238313138373239306531616264353336393138323538353331656132366361653463
|
||||
39356236396134303764326165656136636638303436323932643432366662393864646439656631
|
||||
33316630346330313137383230376433633238626132653861393435313038663066363664633436
|
||||
64336165363637643732626366336338373961336166353533393235333939323563656336633965
|
||||
37646161663334666335646436346432383037633430303838386337303835303336323963373135
|
||||
65643331663933313031323761313765363065383937323461343065313862323032613131666461
|
||||
34623862353337343535356139373830636563643135633530666164653662346133303837653862
|
||||
62336664353034653337646662396536396133623763643264383736363163393831376135373265
|
||||
33613633643962303731623562666435373736336163613465626338663832366334663765353263
|
||||
66643834623066386465396233333334386333663530613466373332393664356465613565356562
|
||||
35643265386462333661346533313336306233313335383830363739333334326234663236653461
|
||||
62396263626637396339373139366332363232326364663764383763666231373532343263393064
|
||||
36303565393362356134643532303239656236343038303263613538613630346264386236656636
|
||||
31373066363635356365316432653931393937333664316265623332643932613934333265626231
|
||||
6564
|
||||
36363561316464613066393161623261663336353838393831626465336236363731643264356662
|
||||
3564626232643538333531366136386166326366373836380a336630643733616261383662313036
|
||||
35663531323938303164366537613939366530633439336638323239623466363337616464396132
|
||||
3333326336386234380a373365613233356338333166363865656335383562643962653166313837
|
||||
34343635356231336634653765663031663362383564303331626564313466656436396339393533
|
||||
39323164353834343563376639666333626239383537653235373736353838323137636439346361
|
||||
36353133323065633565366333303033346432633832316235396436633132613165306430613533
|
||||
33623332333765383932316230323936346266396661646237346665633739616138643232396564
|
||||
32646535336636663736393532636431366530363238616462386164353131343964643436356662
|
||||
34366634343762313833633762356535366234343064306232383037303466316531313733336662
|
||||
35346337373766656466656634626364663131666562326435653134336164376236396630303434
|
||||
37643932383937373038303137623034653731666134656463396362646566643835386162653661
|
||||
33666166613433393461386537316630366632393731643437313362356662643964613661346334
|
||||
64636565393262313462366638323864343530393130333032323036343365383462336461643466
|
||||
34373766393933346264386263373936376536643964396332366138636562313261393638663738
|
||||
34323637393539623266366637646464316436306139643461613834363361376331626366656133
|
||||
36643662313164656232383566373438376437653339303962313432303031353335323162373862
|
||||
34333161343262353331643330646239366132613039323838386237626234313239343066633238
|
||||
36363466373366376466306463356137653363636466303862353262666635323361636335323061
|
||||
39623431373265313665363331313363636232643166363863386130326135326332663066623334
|
||||
65386136623261653732666530373134306635356230623039613130303062356565306466356130
|
||||
33326431626237303063653236656535336437633235323834396135336335653735326139346665
|
||||
39646131313464316261396362323733613863383763633238326661666238633137333835663533
|
||||
31326661363238323032386163323065643166636132616465613237643133623962396264646434
|
||||
65313832373963326430643061353138363430343363663339313133336361356130386638323033
|
||||
35326461336238306261656639336334636637613333646336616336353566616537633664663663
|
||||
35303561306130323663616261323336666235343038356432383333663731336533306333306331
|
||||
39353364646130313633386137393238633163656662386334373161306136623966636135366331
|
||||
63633366343438343730663537306631353762396432393864396462383432333461346565633163
|
||||
64396462306237383762303430306566323436316566363836663565343633656334313434663566
|
||||
66343738353837383364343463656261343337303835313430643739343662613764363862343366
|
||||
36626534316263373462623161666535626533326239616436613836343437653366643834396133
|
||||
31623830643963323164326133353462323861323338376365623563653633346337333637653337
|
||||
3764363865383933323738623062303532353663313465333932
|
||||
|
|
|
@ -40,6 +40,14 @@ apps_vars:
|
|||
gateway_port: 8080
|
||||
version: v0.25.0
|
||||
|
||||
jitsi:
|
||||
backup: false
|
||||
sender: false
|
||||
extra_tasks: true
|
||||
domain: meet.{{ apps_base_domain }}
|
||||
port: 80
|
||||
version: stable
|
||||
|
||||
monerod:
|
||||
backup: false
|
||||
sender: false
|
||||
|
|
27
roles/apps/tasks/extra_tasks/jitsi.yml
Normal file
27
roles/apps/tasks/extra_tasks/jitsi.yml
Normal file
|
@ -0,0 +1,27 @@
|
|||
# vim: ft=yaml.ansible
|
||||
# code: language=ansible
|
||||
---
|
||||
- name: Create subdirectories for Jitsi Meet data
|
||||
ansible.builtin.file:
|
||||
path: "{{ apps_data_root }}/jitsi/data/{{ dir }}"
|
||||
owner: root
|
||||
mode: u=rwx,g=rx,o=rx
|
||||
state: directory
|
||||
loop:
|
||||
- web/transcripts
|
||||
- prosody
|
||||
loop_control:
|
||||
loop_var: dir
|
||||
|
||||
- name: Create subdirectories for Jitsi Meet Prosody data
|
||||
ansible.builtin.file:
|
||||
path: "{{ apps_data_root }}/jitsi/data/{{ dir }}"
|
||||
owner: '101'
|
||||
group: root
|
||||
mode: u=rwx,g=rx,o=rx
|
||||
state: directory
|
||||
loop:
|
||||
- prosody/plugins
|
||||
- prosody/config
|
||||
loop_control:
|
||||
loop_var: dir
|
71
roles/apps/templates/compose-files/jitsi.yml.j2
Normal file
71
roles/apps/templates/compose-files/jitsi.yml.j2
Normal file
|
@ -0,0 +1,71 @@
|
|||
{# code: language=ansible-jinja #}
|
||||
# THIS FILE IS MANAGED BY ANSIBLE
|
||||
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
meet:
|
||||
image: jitsi/web:{{ apps_vars.jitsi.version }}
|
||||
restart: always
|
||||
environment:
|
||||
DISABLE_HTTPS: 1
|
||||
PUBLIC_URL: {{ apps_vars.jitsi.domain }}
|
||||
ENABLE_AUTH: 1
|
||||
ENABLE_GUESTS: 1
|
||||
networks:
|
||||
default:
|
||||
{{ apps_shared_docker_network }}:
|
||||
aliases:
|
||||
- jitsi
|
||||
volumes:
|
||||
- "./data/web/transcripts:/usr/share/jitsi-meet/transcripts:rw"
|
||||
depends_on:
|
||||
- jvb
|
||||
|
||||
prosody:
|
||||
image: jitsi/prosody:{{ apps_vars.jitsi.version }}
|
||||
restart: always
|
||||
environment:
|
||||
JICOFO_AUTH_PASSWORD: {{ jitsi_passwords.jicofo_auth }}
|
||||
JVB_AUTH_PASSWORD: {{ jitsi_passwords.jvb_auth }}
|
||||
ENABLE_AUTH: 1
|
||||
ENABLE_GUESTS: 1
|
||||
AUTH_TYPE: internal
|
||||
volumes:
|
||||
- "./data/prosody/plugins:/prosody-plugins-custom:rw"
|
||||
- "./data/prosody/config:/config:rw"
|
||||
expose:
|
||||
- 5222
|
||||
- 5269
|
||||
- 5280
|
||||
- 5347
|
||||
|
||||
jicofo:
|
||||
image: jitsi/jicofo:{{ apps_vars.jitsi.version }}
|
||||
restart: always
|
||||
environment:
|
||||
JICOFO_AUTH_PASSWORD: "{{ jitsi_passwords.jicofo_auth }}"
|
||||
ENABLE_AUTH: 1
|
||||
AUTH_TYPE: internal
|
||||
XMPP_SERVER: prosody
|
||||
depends_on:
|
||||
- prosody
|
||||
|
||||
jvb:
|
||||
image: jitsi/jvb:{{ apps_vars.jitsi.version }}
|
||||
restart: always
|
||||
environment:
|
||||
JVB_AUTH_PASSWORD: "{{ jitsi_passwords.jvb_auth }}"
|
||||
JVB_WS_DOMAIN: "{{ apps_vars.jitsi.domain }}"
|
||||
XMPP_SERVER: prosody
|
||||
{% if hostname not in groups['production'] %}
|
||||
JVB_ADVERTISE_IPS: {{ ansible_host }}
|
||||
{% endif %}
|
||||
ports:
|
||||
- 10000:10000/udp
|
||||
depends_on:
|
||||
- prosody
|
||||
|
||||
networks:
|
||||
{{ apps_shared_docker_network }}:
|
||||
external: true
|
|
@ -17,7 +17,7 @@ services:
|
|||
environment:
|
||||
POSTGRES_HOST: {{ db_host }}
|
||||
POSTGRES_DB: nextcloud
|
||||
POSTGRES_USER: {{ databases.nextcloud.username }}
|
||||
POSTGRES_USER: nextcloud
|
||||
POSTGRES_PASSWORD: {{ databases.nextcloud.password }}
|
||||
REDIS_HOST: redis
|
||||
REDIS_HOST_PASSWORD: {{ redis_passwords.nextcloud }}
|
||||
|
|
|
@ -14,7 +14,6 @@ server {
|
|||
|
||||
proxy_http_version 1.1;
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
|
||||
location / {
|
||||
proxy_pass $upstream;
|
||||
|
|
29
roles/apps/templates/nginx/conf.d/jitsi.conf.j2
Normal file
29
roles/apps/templates/nginx/conf.d/jitsi.conf.j2
Normal file
|
@ -0,0 +1,29 @@
|
|||
{# code: language=ansible-jinja #}
|
||||
# THIS FILE IS MANAGED BY ANSIBLE
|
||||
|
||||
server {
|
||||
server_name {{ apps_vars.jitsi.domain }};
|
||||
listen 8080;
|
||||
|
||||
set $upstream http://jitsi:{{ apps_vars.jitsi.port }};
|
||||
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto "https";
|
||||
|
||||
proxy_http_version 1.1;
|
||||
proxy_buffering off;
|
||||
|
||||
location / {
|
||||
proxy_pass $upstream;
|
||||
}
|
||||
|
||||
location ~^/(colibri-ws|xmpp-websocket)$ {
|
||||
proxy_pass $upstream;
|
||||
|
||||
# WebSocket support
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $connection_upgrade;
|
||||
}
|
||||
}
|
|
@ -14,7 +14,6 @@ server {
|
|||
|
||||
proxy_http_version 1.1;
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
|
||||
location / {
|
||||
proxy_pass $upstream;
|
||||
|
|
|
@ -14,7 +14,6 @@ server {
|
|||
|
||||
proxy_http_version 1.1;
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
|
||||
location / {
|
||||
proxy_pass $upstream;
|
||||
|
|
|
@ -5,4 +5,4 @@ postgresql_pgdata: "{{ data_fs }}/pgsql/{{ postgresql_version }}/data"
|
|||
postgresql_wal_archive: "{{ data_fs }}/wal-archive"
|
||||
postgresql_service: postgresql-{{ postgresql_version }}
|
||||
|
||||
postgresql_db_list: "{{ databases | dict2items(key_name='name', value_name='vars') }}"
|
||||
postgresql_db_list: "{{ db_passwords | dict2items(key_name='name', value_name='password') }}"
|
||||
|
|
|
@ -1,16 +1,16 @@
|
|||
# vim: ft=yaml.ansible
|
||||
# code: language=ansible
|
||||
---
|
||||
- name: Create database user '{{ db.vars.username }}'
|
||||
- name: Create database user '{{ db.name }}'
|
||||
community.postgresql.postgresql_user:
|
||||
name: "{{ db.vars.username }}"
|
||||
password: "{{ db.vars.password }}"
|
||||
name: "{{ db.name }}"
|
||||
password: "{{ db.password }}"
|
||||
state: present
|
||||
|
||||
- name: Create database '{{ db.name }}'
|
||||
community.postgresql.postgresql_db:
|
||||
name: "{{ db.name }}"
|
||||
owner: "{{ db.vars.username }}"
|
||||
owner: "{{ db.name }}"
|
||||
template: template0
|
||||
encoding: UTF-8
|
||||
state: present
|
||||
|
@ -18,7 +18,7 @@
|
|||
- name: Grant all priviliges to owner on database '{{ db.name }}'
|
||||
community.postgresql.postgresql_privs:
|
||||
database: "{{ db.name }}"
|
||||
roles: "{{ db.vars.username }}"
|
||||
roles: "{{ db.name }}"
|
||||
type: database
|
||||
privs: ALL
|
||||
state: present
|
||||
|
|
|
@ -7,5 +7,5 @@ host all all 127.0.0.1/32 scram-sh
|
|||
host all all ::1/128 scram-sha-256
|
||||
|
||||
{% for db in postgresql_db_list|sort %}
|
||||
host {{ db.name }} {{ db.vars.username }} {{ internal_subnet }} scram-sha-256
|
||||
host {{ db.name }} {{ db.name }} {{ internal_subnet }} scram-sha-256
|
||||
{% endfor %}
|
||||
|
|
Loading…
Reference in a new issue