add jitsi meet
This commit is contained in:
parent
724ce880e3
commit
19e407ad0e
14 changed files with 196 additions and 8 deletions
3
Makefile
3
Makefile
|
@ -37,4 +37,7 @@ dataserver:
|
|||
seafile:
|
||||
ansible-playbook playbooks/seafile.yml -i inventory/hosts.yml --ask-vault-pass
|
||||
|
||||
jitsi:
|
||||
ansible-playbook playbooks/jitsi.yml -i inventory/hosts.yml --ask-vault-pass
|
||||
|
||||
.PHONY: run
|
||||
|
|
|
@ -1,2 +1,4 @@
|
|||
base_data_dir: /data
|
||||
base_service_dir: /srv
|
||||
jitsi_videobridge_port: 54562
|
||||
git_ssh_port: 56287
|
||||
|
|
|
@ -11,6 +11,7 @@
|
|||
- radicale
|
||||
- mastodon
|
||||
- seafile
|
||||
- jitsi
|
||||
- name: Setup dataserver
|
||||
hosts: dataserver
|
||||
roles:
|
||||
|
|
4
playbooks/jitsi.yml
Normal file
4
playbooks/jitsi.yml
Normal file
|
@ -0,0 +1,4 @@
|
|||
- name: Install Jitsi Meet
|
||||
hosts: homeserver
|
||||
roles:
|
||||
- jitsi
|
|
@ -20,7 +20,7 @@
|
|||
group: 1000
|
||||
- name: Copy app.ini
|
||||
template:
|
||||
src: "{{ role_path }}/templates/app.ini"
|
||||
src: "{{ role_path }}/templates/app.ini.j2"
|
||||
dest: "{{ service_dir }}/conf/app.ini"
|
||||
register: config
|
||||
- name: Start the Docker Compose
|
||||
|
|
|
@ -18,7 +18,7 @@ SSH_DOMAIN = git.pizzapim.nl
|
|||
HTTP_PORT = 3000
|
||||
ROOT_URL = {{ forgejo.root_url }}
|
||||
DISABLE_SSH = false
|
||||
SSH_PORT = 56287
|
||||
SSH_PORT = {{ git_ssh_port }}
|
||||
SSH_LISTEN_PORT = 22
|
||||
LFS_START_SERVER = true
|
||||
LFS_JWT_SECRET = {{ forgejo.lfs_jwt_secret }}
|
4
roles/jitsi/meta/main.yml
Normal file
4
roles/jitsi/meta/main.yml
Normal file
|
@ -0,0 +1,4 @@
|
|||
dependencies:
|
||||
- role: common
|
||||
- role: docker
|
||||
- role: traefik
|
17
roles/jitsi/tasks/main.yml
Normal file
17
roles/jitsi/tasks/main.yml
Normal file
|
@ -0,0 +1,17 @@
|
|||
- name: Create Jitsi Meet app directory
|
||||
file:
|
||||
path: "{{ service_dir }}"
|
||||
state: directory
|
||||
- name: Copy docker-compose.yml file
|
||||
template:
|
||||
src: "{{ role_path }}/templates/docker-compose.yml.j2"
|
||||
dest: "{{ service_dir }}/docker-compose.yml"
|
||||
- name: Create Jitsi Meet data directory
|
||||
file:
|
||||
path: "{{ data_dir }}"
|
||||
state: directory
|
||||
- name: Start Docker Compose
|
||||
docker_compose:
|
||||
project_src: "{{ service_dir }}"
|
||||
pull: true
|
||||
remove_orphans: true
|
107
roles/jitsi/templates/docker-compose.yml.j2
Normal file
107
roles/jitsi/templates/docker-compose.yml.j2
Normal file
|
@ -0,0 +1,107 @@
|
|||
version: '3.5'
|
||||
|
||||
services:
|
||||
web:
|
||||
image: jitsi/web:stable-8218
|
||||
container_name: jitsi-web
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- {{ data_dir }}/web:/config:Z
|
||||
- {{ data_dir }}/web/crontabs:/var/spool/cron/crontabs:Z
|
||||
- {{ data_dir }}/transcripts:/usr/share/jitsi-meet/transcripts:Z
|
||||
environment:
|
||||
- DISABLE_HTTPS=1
|
||||
- ENABLE_AUTH=1
|
||||
- ENABLE_GUESTS=1
|
||||
- ENABLE_IPV6=1
|
||||
- ENABLE_LETSENCRYPT=0
|
||||
- PUBLIC_URL=https://{{ public_domain }}
|
||||
- TZ=Europe/Amsterdam
|
||||
networks:
|
||||
- meet.jitsi
|
||||
- traefik
|
||||
labels:
|
||||
- traefik.http.routers.jitsi-web.entrypoints=websecure
|
||||
- traefik.http.routers.jitsi-web.rule=Host(`{{ public_domain }}`)
|
||||
- traefik.http.routers.jitsi-web.tls=true
|
||||
- traefik.http.routers.jitsi-web.tls.certresolver=pizzapim
|
||||
- traefik.http.services.jitsi-web.loadbalancer.server.port=80
|
||||
- traefik.http.routers.jitsi-web.service=jitsi-web
|
||||
- traefik.docker.network=traefik
|
||||
|
||||
prosody:
|
||||
image: jitsi/prosody:stable-8218
|
||||
container_name: jitsi-xmpp
|
||||
restart: unless-stopped
|
||||
expose:
|
||||
- '5222'
|
||||
- '5347'
|
||||
- '5280'
|
||||
volumes:
|
||||
- {{ data_dir }}/prosody/config:/config:Z
|
||||
- {{ data_dir }}/prosody/prosody-plugins-custom:/prosody-plugins-custom:Z
|
||||
environment:
|
||||
- AUTH_TYPE=internal
|
||||
- ENABLE_AUTH=1
|
||||
- ENABLE_GUESTS=1
|
||||
- ENABLE_IPV6=1
|
||||
- ENABLE_LOBBY=1
|
||||
- JIBRI_RECORDER_PASSWORD={{ jibri_recorder_password }}
|
||||
- JIBRI_XMPP_PASSWORD={{ jibri_xmpp_password }}
|
||||
- JICOFO_AUTH_PASSWORD={{ jicofo_auth_password }}
|
||||
- JIGASI_XMPP_PASSWORD={{ jigasi_xmpp_password }}
|
||||
- JVB_AUTH_PASSWORD={{ jvb_auth_password }}
|
||||
- PUBLIC_URL=https://{{ public_domain }}
|
||||
- TZ=Europe/Amsterdam
|
||||
networks:
|
||||
meet.jitsi:
|
||||
aliases:
|
||||
- xmpp.meet.jitsi
|
||||
|
||||
jicofo:
|
||||
image: jitsi/jicofo:stable-8218
|
||||
container_name: jitsi-focus
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- {{ data_dir }}/jicofo:/config:Z
|
||||
environment:
|
||||
- AUTH_TYPE=internal
|
||||
- ENABLE_AUTH=1
|
||||
- JICOFO_AUTH_PASSWORD={{ jicofo_auth_password }}
|
||||
- SENTRY_DSN=0
|
||||
- TZ=Europe/Amsterdam
|
||||
depends_on:
|
||||
- prosody
|
||||
networks:
|
||||
meet.jitsi:
|
||||
|
||||
jvb:
|
||||
image: jitsi/jvb:stable-8218
|
||||
container_name: jitsi-videobridge
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- '{{ jitsi_videobridge_port }}:{{ jitsi_videobridge_port }}/udp'
|
||||
volumes:
|
||||
- {{ data_dir }}/jvb:/config:Z
|
||||
environment:
|
||||
- JVB_ADVERTISE_IPS={{ jvb_advertise_ips }}
|
||||
- JVB_AUTH_PASSWORD={{ jvb_auth_password }}
|
||||
- JVB_PORT={{ jitsi_videobridge_port }}
|
||||
- PUBLIC_URL=https://{{ public_domain }}
|
||||
- SENTRY_DSN=0
|
||||
- COLIBRI_REST_ENABLED=0
|
||||
- TZ=Europe/Amsterdam
|
||||
depends_on:
|
||||
- prosody
|
||||
networks:
|
||||
meet.jitsi:
|
||||
labels:
|
||||
- traefik.udp.routers.jitsi-videobridge.rule=HostSNI(`*`)
|
||||
- traefik.udp.routers.jitsi-videobridge.entrypoints=video
|
||||
- traefik.udp.routers.jitsi-videobridge.service=jitsi-videobridge
|
||||
- traefik.udp.services.jitsi-videobridge.loadbalancer.server.port={{ jitsi_videobridge_port }}
|
||||
|
||||
networks:
|
||||
meet.jitsi:
|
||||
traefik:
|
||||
external: true
|
47
roles/jitsi/vars/main.yml
Normal file
47
roles/jitsi/vars/main.yml
Normal file
|
@ -0,0 +1,47 @@
|
|||
service_name: jitsi
|
||||
service_dir: "{{ base_service_dir }}/{{ service_name }}"
|
||||
data_dir: "{{ base_data_dir }}/{{ service_name }}"
|
||||
|
||||
public_domain: "meet.pizzapim.nl"
|
||||
jvb_advertise_ips: "84.245.14.149,192.168.30.3"
|
||||
|
||||
jvb_auth_password: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
32613939646334396165386233353938306165326532336564343762616465323734653564353939
|
||||
6363616139653932326436656530613661326135303738370a653530663733343431663535373663
|
||||
64656565386266613463623036346438636635343061623533343434663131623334333661363135
|
||||
3633646237393563610a353763333332653462653136373139666566333062386265633234613065
|
||||
32616565303764646365653165663862383233643839663563353838663663636332323939373665
|
||||
6131666537326333326332383164333730623865646639353230
|
||||
jibri_recorder_password: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
65386136383631626262393861313161363563376662623964633138376462386366353035363930
|
||||
6637353263633731613037623030646365613364303232620a646366356338383665316432613965
|
||||
35613636343832623731646161373938343866616230613461373964303566323761663536376466
|
||||
6365616132373532350a316639383266393835636233626562636466663737386234333362663066
|
||||
65353534303835636430306536653062636466303265623836643030323237323332353431343066
|
||||
6138383630643735393565363931343162383963343635336138
|
||||
jibri_xmpp_password: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
34323665313961613830346662346137643339316237316532646330393366373236323036373035
|
||||
3530376164303730643832393865643231316537303133340a383562633937353139646231343265
|
||||
33353933633463373366383236643364366631663136313164643231366537303437653962656166
|
||||
3031333735346538370a616539323531653734663533303463623865613739373433656537613636
|
||||
39306363313264306535666237376561633439666232303338343832303637366237323339373431
|
||||
6131333434393931613437383061653238656165356136306331
|
||||
jicofo_auth_password: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
39613461623132346632623664633866356261653737393534366665653966623437323962636430
|
||||
3230656535333631333661653263343663323732376562350a616662353030646164336231366239
|
||||
32373263303962646232383539656435633436633137383837633162363232336134346461386165
|
||||
3633613665393264640a323030666235366363313532623732623862346433343336343035663661
|
||||
63326636386330363362313665643466373935363161383932623839373462613032326331366333
|
||||
3661313266306166633532643333623266316631386532653834
|
||||
jigasi_xmpp_password: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
35303333613961616236623134333063366261336239633836633435323235343864636237626136
|
||||
3635356538663637656639323161316361663636323933370a326430333066383234643064303961
|
||||
36393564646131313938363664636266653362373732656634653966663736313231613163313461
|
||||
6565373230333635650a653630373339376637653634383733613531633535343438326631633739
|
||||
31303966353235333533353730346135323438343266303431376563393330343563363432626639
|
||||
3539636136386563376162383835346166663630633463336132
|
|
@ -1,7 +1,7 @@
|
|||
$ORIGIN pizzapim.nl.
|
||||
$TTL 60
|
||||
|
||||
pizzapim.nl. IN SOA ns.pizzapim.nl. pim.kunis.nl. 2023010701 1800 3600 1209600 3600
|
||||
pizzapim.nl. IN SOA ns.pizzapim.nl. pim.kunis.nl. 2023011400 1800 3600 1209600 3600
|
||||
|
||||
NS ns.pizzapim.nl.
|
||||
NS ns0.transip.net.
|
||||
|
@ -22,3 +22,4 @@ cloud IN CNAME www.pizzapim.nl.
|
|||
social IN CNAME www.pizzapim.nl.
|
||||
dav IN CNAME www.pizzapim.nl.
|
||||
git IN CNAME www.pizzapim.nl.
|
||||
meet IN CNAME www.pizzapim.nl.
|
||||
|
|
|
@ -13,8 +13,8 @@
|
|||
src: "{{ role_path }}/templates/docker-compose.yml.j2"
|
||||
dest: "{{ service_dir }}/docker-compose.yml"
|
||||
- name: Copy traefik.toml
|
||||
copy:
|
||||
src: "{{ role_path }}/files/traefik.toml"
|
||||
template:
|
||||
src: "{{ role_path }}/templates/traefik.toml.j2"
|
||||
dest: "{{ service_dir }}/traefik.toml"
|
||||
- name: Copy services.toml
|
||||
copy:
|
||||
|
|
|
@ -18,7 +18,7 @@ services:
|
|||
ports:
|
||||
- "443:443"
|
||||
- "80:80"
|
||||
- "56287:56287"
|
||||
- "{{ git_ssh_port }}:{{ git_ssh_port }}"
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- {{ service_dir }}/traefik.toml:/etc/traefik/traefik.toml
|
||||
|
|
|
@ -6,7 +6,9 @@ loglevel = "DEBUG"
|
|||
[entryPoints.websecure]
|
||||
address = ":443"
|
||||
[entryPoints.ssh]
|
||||
address = ":56287"
|
||||
address = ":{{ git_ssh_port }}"
|
||||
[entryPoints.video]
|
||||
address = ":{{ jitsi_videobridge_port }}/udp"
|
||||
|
||||
[api]
|
||||
|
Reference in a new issue