Add Jitsi Meet
This commit is contained in:
parent
d91cb37303
commit
d3772a4463
|
@ -5,12 +5,17 @@ apps_include:
|
|||
- nginx
|
||||
- postfix
|
||||
- ipfs
|
||||
- jitsi
|
||||
- monerod
|
||||
- nextcloud
|
||||
- snowflake
|
||||
- restic
|
||||
- watchtower
|
||||
|
||||
jitsi_passwords:
|
||||
jicofo_auth: "{{ vault_jitsi_passwords.jicofo_auth }}"
|
||||
jvb_auth: "{{ vault_jitsi_passwords.jvb_auth }}"
|
||||
|
||||
redis_passwords:
|
||||
nextcloud: "{{ vault_redis_passwords.nextcloud }}"
|
||||
|
||||
|
|
|
@ -5,13 +5,13 @@ base_domain: sapti.me
|
|||
internal_subnet: 10.2.16.0/24
|
||||
postgresql_version: 14
|
||||
|
||||
databases:
|
||||
nextcloud:
|
||||
username: nextcloud
|
||||
password: "{{ vault_databases.nextcloud.password }}"
|
||||
|
||||
db_inventory_hostname: sapt-labp-db01
|
||||
db_host: "{{ hostvars[db_inventory_hostname].internal_ipv4 }}"
|
||||
|
||||
proxy_inventory_hostname: sapt-labr-prx01
|
||||
proxy_host: "{{ hostvars[proxy_inventory_hostname].internal_ipv4 }}"
|
||||
|
||||
databases:
|
||||
nextcloud:
|
||||
username: nextcloud
|
||||
password: "{{ vault_db_passwords.nextcloud }}"
|
||||
|
|
|
@ -1,26 +1,35 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
32366636386565356265326466313931393762623762313230653735336565666662353962386132
|
||||
6533636337326630323066333238346663303238623538390a316230636564386638373233363161
|
||||
65323364613131393236373233383639663566323061613638373533643566363864613563306232
|
||||
3034626662383032390a623036643433366364653135353730346230646437313332333730613933
|
||||
64356134343330306536653136343061646432383861666438646463616465323863636466653935
|
||||
31363565373438313732653466636535346530323836356261666134666661386435306335633235
|
||||
30363432633635653566396132323536323834393534343631323638363939353237633432303165
|
||||
63326464386664336338356236306432633739396464313536343138613030646237663731306233
|
||||
31633735616535336630363563653338343364386533633934386138353265386630326163306331
|
||||
63663635663434356261373066643833656535353066646363353038376337356134663162626331
|
||||
31636665346636396630636663393636343861626636393461303233323564373733613564353166
|
||||
32373332623232303437353931356134616665643863303065396664623736646632336664616235
|
||||
38303337376466363862353338323033643834303238316639616564363435646136323038333264
|
||||
31376565333731623930633261656237313263336231366663373930653063373133383536663531
|
||||
38323665383730616238613239386632333865663465383538326665633631663163643132656138
|
||||
37386336383239666437336432643361376232363131626162373738666130326434383666373234
|
||||
62623432666535643461336661373761346165663435376639393633623432383362613032613838
|
||||
65386361666532303032326362323466303930656536333935633730356636343265306533363238
|
||||
31396164386463633864303335303136663264343465656663373434376634346234336636313363
|
||||
38616639336537346163383562333536343663396462363034656563623831346664666230303464
|
||||
63623432303363653535633536313533343361366235653466653564633034383236613234383861
|
||||
61333730613164383665643037623836346463656439383931316164653533376236336633343533
|
||||
35373035346263343138616365343432636336303339313135326135326165353934613439316335
|
||||
63663964333061333337623365333564353734353733373961633235336230356631333034633430
|
||||
3161
|
||||
38666565393262653238376564633336356466666566613931366465373832646664363362613537
|
||||
6530326438663035393638666338653434633038613733370a313136306661613565353966643038
|
||||
39663237653766333462666238373633363736636365333932373939326631663462373239336232
|
||||
6239613734383439650a393063373963396366396264306437623938366430376531316263653332
|
||||
39313235383962363566623839663662393363393562383837343630616530363438343930306632
|
||||
31323561366234353236323163643731336130643163373031666138316238646234303163356465
|
||||
37306130323338306564356639356165623530366239613965353732333763636132306439613361
|
||||
65623834313236323064346561666433663830356530633635613065383966386464626438386539
|
||||
39316366303966393336353666326239633365333264336165373266393430346361373861303666
|
||||
61333564323834373366316361633966626630316139656331383865663862636437366563366433
|
||||
64346234386637366435663738356363346466386132306163383432353436626332393832343236
|
||||
63316335373435653764383963656362306161643438383336396332376532326430366231656330
|
||||
66356663343939316433386538646364616331316366663433616536666466383432643832316331
|
||||
35346438353061613630303334656633303861633761623066303734323533663665383535623635
|
||||
30323233396531633836393931376631663765656563626334343765333237386132383230336163
|
||||
35373539643033316431373138326130663236663637353638316563613438646438666335643635
|
||||
63663735663434393062636538323363386439643361633565323938383239666665663838313666
|
||||
63646461393565656661666335366663366635393833663333613066316561633431303232383138
|
||||
33323832363461643363303736616234653861323163633231663836316462346237313938343037
|
||||
30663032663664333965333334636235303035383238323935616339323530613532363661616530
|
||||
64646365323731646464623539393166633431306263396564353435666637636362616631323034
|
||||
32303338333066363862643633663735356461626237636665663265316232306561303137656363
|
||||
35663961333666333666613534383133323662333265646131633963656166646133663737316439
|
||||
37646266396663316430313764613235623332343838343830663938646133323636366133623666
|
||||
64633133623564393332663930343530616665306330373131626233653466353334623837653530
|
||||
65323836646163353865396230313538393062316134383934363337653937663233316665326562
|
||||
35383038333433633538306134343130353231313365356331643763343561353232333939643935
|
||||
33663536356639656437343735343965643430646561323434386331616136613832366431383638
|
||||
61666335383430346166663865643336303337303566333461666630323332623639333836663735
|
||||
62313533333230353165626431643034383232306165383630623763636634363066653837393166
|
||||
63303530313830366361653934633661366332336134626231646162336163643964306462363534
|
||||
66663432376332343030636338663563316630643837316130653137333539333762333833666434
|
||||
30326634643163343762373035326539666665316130393564376631303538313030656236663239
|
||||
6462373938366338646539666561666335343665656166383435
|
||||
|
|
|
@ -5,13 +5,13 @@ base_domain: staging.sapti.me
|
|||
internal_subnet: 10.2.19.0/24
|
||||
postgresql_version: 14
|
||||
|
||||
databases:
|
||||
nextcloud:
|
||||
username: nextcloud
|
||||
password: "{{ vault_databases.nextcloud.password }}"
|
||||
|
||||
db_inventory_hostname: sapt-labs-db01
|
||||
db_host: "{{ hostvars[db_inventory_hostname].internal_ipv4 }}"
|
||||
|
||||
proxy_inventory_hostname: sapt-labr-prx01
|
||||
proxy_host: "{{ hostvars[proxy_inventory_hostname].internal_ipv4 }}"
|
||||
|
||||
databases:
|
||||
nextcloud:
|
||||
username: nextcloud
|
||||
password: "{{ vault_db_passwords.nextcloud }}"
|
||||
|
|
|
@ -1,26 +1,35 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
64333431356566356137666636636262306262613664663935633934343532663563333837313963
|
||||
3638386534636463646461666338356633356462326663360a393966613865613434663136613933
|
||||
36343438336364636561333130653436386630356630626139643139303636383762663838383463
|
||||
6561336438303235610a663339633133613935383464336164323630316536353130333130316237
|
||||
33383738383535646135326236646233313166336330386362613534343031373234313634313361
|
||||
61303362323961636265616666306632326363656261376564633337343632333732663231643165
|
||||
32356239346535303965653261613437623837326138376231653761366166316639653239653034
|
||||
30333032363932363961336335623464313333653465373965366430306365663739393335343434
|
||||
39623531643563303438306264623866383135303534653131626435623139386666633066356630
|
||||
66633036303264666639663063373635366563313466303932363265623235303432383162636437
|
||||
31666463306238313138373239306531616264353336393138323538353331656132366361653463
|
||||
39356236396134303764326165656136636638303436323932643432366662393864646439656631
|
||||
33316630346330313137383230376433633238626132653861393435313038663066363664633436
|
||||
64336165363637643732626366336338373961336166353533393235333939323563656336633965
|
||||
37646161663334666335646436346432383037633430303838386337303835303336323963373135
|
||||
65643331663933313031323761313765363065383937323461343065313862323032613131666461
|
||||
34623862353337343535356139373830636563643135633530666164653662346133303837653862
|
||||
62336664353034653337646662396536396133623763643264383736363163393831376135373265
|
||||
33613633643962303731623562666435373736336163613465626338663832366334663765353263
|
||||
66643834623066386465396233333334386333663530613466373332393664356465613565356562
|
||||
35643265386462333661346533313336306233313335383830363739333334326234663236653461
|
||||
62396263626637396339373139366332363232326364663764383763666231373532343263393064
|
||||
36303565393362356134643532303239656236343038303263613538613630346264386236656636
|
||||
31373066363635356365316432653931393937333664316265623332643932613934333265626231
|
||||
6564
|
||||
39333261386639633632616336613338323739393565356466333734663163623561613234656136
|
||||
3364336635623064383363663231303463646432386237300a383734316161366361323333393432
|
||||
34653231643465656462613165366539663063333335366431313666303730316431643534333533
|
||||
6164383833393564660a323165633039353166646232626639376664636665313039376664623465
|
||||
64326462396231393035323739613537323736366462613936666563373139663737626334623837
|
||||
37613333373662666330633131626363643834323531393735613563303930353537656130316664
|
||||
31636632306362343162353536356530383530363530323931623930363239373866343266663132
|
||||
63663036333939316131343162343038323265303336316436373039316134393936613830316465
|
||||
66646131623833636263633238663637363165396136356436316237373130323737616332396136
|
||||
66353636653332346261303965613463323562633566383436613761633064613331653164306263
|
||||
38623063616566376564623535343363383861343338313637666330376161616162613737626434
|
||||
63356333633963656137333736666431346262383434366662323066646561353530343834316161
|
||||
32333861346534373038666563366537313832303265386562393630633861313437353135306231
|
||||
34313766666533306163643237643765616131333830316136336463666637393262313066386663
|
||||
61623735666165383162353361383137616162393239346432386261633933666530313639623465
|
||||
36373037333837346231396636633166393565623261636430303965313635353566633238656632
|
||||
39646136633431326266313066623861333661373431316162316539363139343061656432356365
|
||||
33363763313366636165346236353666656562356339653239666262386264356539653531666261
|
||||
33663538376562663838616161306135646331336362306130396534653335633435656133636265
|
||||
65326431373061393066353732653936343633313366393864633933643563623336353561373234
|
||||
33326535326264386237316663396633353037373364636435346538636337643839643130643934
|
||||
39643864386135623664646230343039623234333636633963626537323062363061643036376431
|
||||
39393537373937363530393039366264633737633661663030303830636636313766373965633531
|
||||
62646235636238616537626638653263343630663535373064376232376638626438346238616337
|
||||
62656330373061306564663062363835326664666234616332316566616537626239633837396230
|
||||
30613036356566383231383631663133653161383334396435363836336364323437353931343231
|
||||
37333032333135333635366634363836656363663834396231323737343238353035366237343239
|
||||
31303135336530313432323238653361646662636362326634313763316566323663356236323933
|
||||
38613262383562626564323434313839633739376536393638363632383933306633333135306263
|
||||
31623834626163663263396638353238653564653464646239643831343230326432383232323135
|
||||
34633632343831306537333264396230323732383761376534303661653764646438626561393731
|
||||
61653434636665346535393763376139656664303738313638336262313830323238343838346536
|
||||
37313535313662323335353865346665323236363830393663613035633936623439616366643439
|
||||
6464316134376336646431616466336436393235336234666236
|
||||
|
|
|
@ -40,6 +40,14 @@ apps_vars:
|
|||
gateway_port: 8080
|
||||
version: v0.25.0
|
||||
|
||||
jitsi:
|
||||
backup: false
|
||||
sender: false
|
||||
extra_tasks: true
|
||||
domain: meet.{{ apps_base_domain }}
|
||||
port: 80
|
||||
version: stable
|
||||
|
||||
monerod:
|
||||
backup: false
|
||||
sender: false
|
||||
|
|
17
roles/apps/files/jitsi/register.sh
Normal file
17
roles/apps/files/jitsi/register.sh
Normal file
|
@ -0,0 +1,17 @@
|
|||
# THIS FILE IS MANAGED BY ANSIBLE
|
||||
#!/usr/bin/env bash
|
||||
|
||||
cd "$(dirname "$0")"
|
||||
chown -R 101:root data/prosody/config/
|
||||
|
||||
USERNAME=$1
|
||||
read -rsp "password: " PASSWORD; echo
|
||||
|
||||
if [[ -f "data/prosody/config/data/meet%2ejitsi/accounts/$USERNAME.dat" ]]; then
|
||||
echo "User $USERNAME exists"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
docker compose exec prosody \
|
||||
/usr/bin/prosodyctl --config /config/prosody.cfg.lua \
|
||||
register $USERNAME meet.jitsi $PASSWORD
|
35
roles/apps/tasks/extra_tasks/jitsi.yml
Normal file
35
roles/apps/tasks/extra_tasks/jitsi.yml
Normal file
|
@ -0,0 +1,35 @@
|
|||
# vim: ft=yaml.ansible
|
||||
# code: language=ansible
|
||||
---
|
||||
- name: Create subdirectories for Jitsi Meet data
|
||||
ansible.builtin.file:
|
||||
path: "{{ apps_data_root }}/jitsi/data/{{ dir }}"
|
||||
owner: root
|
||||
mode: u=rwx,g=rx,o=rx
|
||||
state: directory
|
||||
loop:
|
||||
- web/transcripts
|
||||
- prosody
|
||||
loop_control:
|
||||
loop_var: dir
|
||||
|
||||
- name: Create subdirectories for Jitsi Meet Prosody data
|
||||
ansible.builtin.file:
|
||||
path: "{{ apps_data_root }}/jitsi/data/{{ dir }}"
|
||||
owner: '101'
|
||||
group: root
|
||||
mode: u=rwx,g=rx,o=rx
|
||||
state: directory
|
||||
loop:
|
||||
- prosody/plugins
|
||||
- prosody/config
|
||||
loop_control:
|
||||
loop_var: dir
|
||||
|
||||
- name: Copy user registration script for Jitsi Meet
|
||||
ansible.builtin.copy:
|
||||
src: jitsi/register.sh
|
||||
dest: "{{ apps_data_root }}/jitsi/register.sh"
|
||||
owner: root
|
||||
group: root
|
||||
mode: u=rwx,g=rx,o=rx
|
79
roles/apps/templates/compose-files/jitsi.yml.j2
Normal file
79
roles/apps/templates/compose-files/jitsi.yml.j2
Normal file
|
@ -0,0 +1,79 @@
|
|||
{# code: language=ansible-jinja #}
|
||||
# THIS FILE IS MANAGED BY ANSIBLE
|
||||
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
meet:
|
||||
image: jitsi/web:{{ apps_vars.jitsi.version }}
|
||||
restart: always
|
||||
environment:
|
||||
DISABLE_HTTPS: 1
|
||||
PUBLIC_URL: {{ apps_vars.jitsi.domain }}
|
||||
ENABLE_AUTH: 1
|
||||
ENABLE_GUESTS: 1
|
||||
networks:
|
||||
meet.jitsi:
|
||||
{{ apps_shared_docker_network }}:
|
||||
aliases:
|
||||
- jitsi
|
||||
volumes:
|
||||
- "./data/web/transcripts:/usr/share/jitsi-meet/transcripts:rw"
|
||||
depends_on:
|
||||
- jvb
|
||||
|
||||
prosody:
|
||||
image: jitsi/prosody:{{ apps_vars.jitsi.version }}
|
||||
restart: always
|
||||
environment:
|
||||
JICOFO_AUTH_PASSWORD: {{ jitsi_passwords.jicofo_auth }}
|
||||
JVB_AUTH_PASSWORD: {{ jitsi_passwords.jvb_auth }}
|
||||
ENABLE_AUTH: 1
|
||||
ENABLE_GUESTS: 1
|
||||
AUTH_TYPE: internal
|
||||
networks:
|
||||
meet.jitsi:
|
||||
aliases:
|
||||
- xmpp.meet.jitsi
|
||||
volumes:
|
||||
- "./data/prosody/plugins:/prosody-plugins-custom:rw"
|
||||
- "./data/prosody/config:/config:rw"
|
||||
expose:
|
||||
- 5222
|
||||
- 5269
|
||||
- 5280
|
||||
- 5347
|
||||
|
||||
jicofo:
|
||||
image: jitsi/jicofo:{{ apps_vars.jitsi.version }}
|
||||
restart: always
|
||||
environment:
|
||||
JICOFO_AUTH_PASSWORD: {{ jitsi_passwords.jicofo_auth }}
|
||||
ENABLE_AUTH: 1
|
||||
AUTH_TYPE: internal
|
||||
XMPP_SERVER: prosody
|
||||
networks:
|
||||
- meet.jitsi
|
||||
depends_on:
|
||||
- prosody
|
||||
|
||||
jvb:
|
||||
image: jitsi/jvb:{{ apps_vars.jitsi.version }}
|
||||
restart: always
|
||||
environment:
|
||||
JVB_AUTH_PASSWORD: {{ jitsi_passwords.jvb_auth }}
|
||||
JVB_WS_DOMAIN: {{ apps_vars.jitsi.domain }}
|
||||
{% if hostname not in groups['production'] %}
|
||||
JVB_ADVERTISE_IPS: {{ ansible_host }}
|
||||
{% endif %}
|
||||
networks:
|
||||
- meet.jitsi
|
||||
ports:
|
||||
- 10000:10000/udp
|
||||
depends_on:
|
||||
- prosody
|
||||
|
||||
networks:
|
||||
meet.jitsi:
|
||||
{{ apps_shared_docker_network }}:
|
||||
external: true
|
|
@ -14,7 +14,6 @@ server {
|
|||
|
||||
proxy_http_version 1.1;
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
|
||||
location / {
|
||||
proxy_pass $upstream;
|
||||
|
|
29
roles/apps/templates/nginx/conf.d/jitsi.conf.j2
Normal file
29
roles/apps/templates/nginx/conf.d/jitsi.conf.j2
Normal file
|
@ -0,0 +1,29 @@
|
|||
{# code: language=ansible-jinja #}
|
||||
# THIS FILE IS MANAGED BY ANSIBLE
|
||||
|
||||
server {
|
||||
server_name {{ apps_vars.jitsi.domain }};
|
||||
listen 8080;
|
||||
|
||||
set $upstream http://jitsi:{{ apps_vars.jitsi.port }};
|
||||
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto "https";
|
||||
|
||||
proxy_http_version 1.1;
|
||||
proxy_buffering off;
|
||||
|
||||
location / {
|
||||
proxy_pass $upstream;
|
||||
}
|
||||
|
||||
location ~^/(colibri-ws|xmpp-websocket)$ {
|
||||
proxy_pass $upstream;
|
||||
|
||||
# WebSocket support
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $connection_upgrade;
|
||||
}
|
||||
}
|
|
@ -14,7 +14,6 @@ server {
|
|||
|
||||
proxy_http_version 1.1;
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
|
||||
location / {
|
||||
proxy_pass $upstream;
|
||||
|
|
|
@ -14,7 +14,6 @@ server {
|
|||
|
||||
proxy_http_version 1.1;
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
|
||||
location / {
|
||||
proxy_pass $upstream;
|
||||
|
|
|
@ -77,6 +77,31 @@ ipfs.local.{{ proxy_vars[env].app01.base_domain }} {
|
|||
respond 403
|
||||
}
|
||||
|
||||
meet.{{ proxy_vars[env].app01.base_domain }} {
|
||||
tls {{ tls_email }} {
|
||||
dns njalla {{ njalla_api_token }}
|
||||
}
|
||||
|
||||
header {
|
||||
Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
||||
-Server
|
||||
}
|
||||
|
||||
{% if env == 'production' %}
|
||||
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
||||
{% else %}
|
||||
@local {
|
||||
remote_ip {{ proxy_trusted_subnets | join(' ') }}
|
||||
}
|
||||
|
||||
handle @local {
|
||||
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
|
||||
}
|
||||
|
||||
respond 403
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
xmr.local.{{ proxy_vars[env].app01.base_domain }} {
|
||||
tls {{ tls_email }} {
|
||||
dns njalla {{ njalla_api_token }}
|
||||
|
|
Loading…
Reference in a new issue