home/shoarma
Archived
2
0
Fork 0
Code Issues 5 Pull requests Projects Releases Packages Wiki Activity

add jitsi support

Browse source
This commit is contained in:
Pim Kunis 2023-05-08 15:54:42 +02:00
parent 9092f2cab4
commit 7c640ae576
6 changed files with 132 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
ansible/inventory/host_vars/manager.yml
View file

@ -8,6 +8,7 @@ docker_node_labels:
- hostname: swarmpub2 - hostname: swarmpub2
labels: labels:
public: "true" public: "true"
jitsi: "true"
- hostname: swarmpriv1 - hostname: swarmpriv1
labels: labels:
private: "true" private: "true"

1
ansible/playbooks/stacks.yml
View file

@ -15,3 +15,4 @@
- {role: kms, tags: kms} - {role: kms, tags: kms}
- {role: swarm_dashboard, tags: swarm_dashboard} - {role: swarm_dashboard, tags: swarm_dashboard}
- {role: shephard, tags: shephard} - {role: shephard, tags: shephard}
- {role: jitsi, tags: jitsi}

102
ansible/roles/jitsi/docker-stack.yml.j2 Normal file
View file

@ -0,0 +1,102 @@
# vi: ft=yaml
version: '3.5'
networks:
traefik:
external: true
jitsi:
services:
web:
image: jitsi/web:stable-8218
environment:
- DISABLE_HTTPS=1
- ENABLE_AUTH=0
- ENABLE_GUESTS=1
- ENABLE_IPV6=1
- ENABLE_LETSENCRYPT=0
- PUBLIC_URL=https://meet.pim.kunis.nl
- TZ=Europe/Amsterdam
networks:
- jitsi
- traefik
deploy:
placement:
constraints:
- "node.labels.public == true"
labels:
- traefik.enable=true
- traefik.http.routers.jitsi-web.entrypoints=websecure
- traefik.http.routers.jitsi-web.rule=Host(`meet.pim.kunis.nl`)
- traefik.http.routers.jitsi-web.tls=true
- traefik.http.routers.jitsi-web.tls.certresolver=letsencrypt
- traefik.http.services.jitsi-web.loadbalancer.server.port=80
- traefik.http.routers.jitsi-web.service=jitsi-web
- traefik.docker.network=traefik
prosody:
image: jitsi/prosody:stable-8218
expose:
- '5222'
- '5347'
- '5280'
environment:
- AUTH_TYPE=internal
- ENABLE_AUTH=0
- ENABLE_GUESTS=1
- ENABLE_IPV6=1
- ENABLE_LOBBY=1
- JIBRI_RECORDER_PASSWORD={{ jitsi_password }}
- JIBRI_XMPP_PASSWORD={{ jitsi_password }}
- JICOFO_AUTH_PASSWORD={{ jitsi_password }}
- JIGASI_XMPP_PASSWORD={{ jitsi_password }}
- JVB_AUTH_PASSWORD={{ jitsi_password }}
- PUBLIC_URL=https://meet.pim.kunis.nl
- TZ=Europe/Amsterdam
networks:
jitsi:
aliases:
- xmpp.meet.jitsi
deploy:
placement:
constraints:
- "node.labels.public == true"
jicofo:
image: jitsi/jicofo:stable-8218
environment:
- AUTH_TYPE=internal
- ENABLE_AUTH=0
- JICOFO_AUTH_PASSWORD={{ jitsi_password }}
- SENTRY_DSN=0
- TZ=Europe/Amsterdam
depends_on:
- prosody
networks:
- jitsi
deploy:
placement:
constraints:
- "node.labels.public == true"
jvb:
image: jitsi/jvb:stable-8218
ports:
- '54562:54562/udp'
environment:
- JVB_ADVERTISE_IPS=84.245.14.149,192.168.30.8
- JVB_AUTH_PASSWORD={{ jitsi_password }}
- JVB_PORT=54562
- PUBLIC_URL=https://meet.pim.kunis.nl
- SENTRY_DSN=0
- COLIBRI_REST_ENABLED=0
- TZ=Europe/Amsterdam
depends_on:
- prosody
networks:
- jitsi
- traefik
deploy:
placement:
constraints:
- "node.labels.public == true"

15
ansible/roles/jitsi/tasks/main.yml Normal file
View file

@ -0,0 +1,15 @@
- name: Create working directory
file:
path: /srv/jitsi
state: directory
- name: Copy Docker stack file
template:
src: "{{ role_path }}/docker-stack.yml.j2"
dest: /srv/jitsi/docker-stack.yml
- name: Deploy Docker stack
docker_stack:
name: jitsi
compose:
- /srv/jitsi/docker-stack.yml

8
ansible/roles/jitsi/vars/main.yml Normal file
View file

@ -0,0 +1,8 @@
jitsi_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
66633139653639396435333239316536326366613338646531373063306333383562613462316561
6630373435326631376362643961343936626238663332630a623631613532366539633637333032
35383031306566613466643066366361663039633864643733356366386339366265326237653739
3062313832313638330a636131393130646564366563626430346436656236333961306363633435
39353934386631633132306562396430303738393235656363356666663934626161363365343162
6130346338333734653961633037386133396332643831363939

15
terraform/main.tf
View file

@ -21,8 +21,7 @@ provider "libvirt" {
} }
module "manager" { module "manager" {
#source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian" source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian"
source = "/home/pim/repos/tf-modules/debian"
name = "maestro" name = "maestro"
domain_name = "tf-maestro" domain_name = "tf-maestro"
memory = 1024 memory = 1024
@ -34,8 +33,7 @@ module "manager" {
} }
module "swarmpub1" { module "swarmpub1" {
#source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian" source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian"
source = "/home/pim/repos/tf-modules/debian"
name = "swarmpub1" name = "swarmpub1"
domain_name = "tf-swarmpub1" domain_name = "tf-swarmpub1"
memory = 1024 * 5 memory = 1024 * 5
@ -46,8 +44,7 @@ module "swarmpub1" {
} }
module "swarmpriv1" { module "swarmpriv1" {
#source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian" source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian"
source = "/home/pim/repos/tf-modules/debian"
name = "swarmpriv1" name = "swarmpriv1"
domain_name = "tf-swarmpriv1" domain_name = "tf-swarmpriv1"
memory = 1024 * 5 memory = 1024 * 5
@ -58,8 +55,7 @@ module "swarmpriv1" {
} }
module "swarmpub2" { module "swarmpub2" {
#source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian" source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian"
source = "/home/pim/repos/tf-modules/debian"
name = "swarmpub2" name = "swarmpub2"
domain_name = "tf-swarmpub2" domain_name = "tf-swarmpub2"
memory = 1024 * 3 memory = 1024 * 3
@ -70,8 +66,7 @@ module "swarmpub2" {
} }
module "swarmpriv2" { module "swarmpriv2" {
#source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian" source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian"
source = "/home/pim/repos/tf-modules/debian"
name = "swarmpriv2" name = "swarmpriv2"
domain_name = "tf-swarmpriv2" domain_name = "tf-swarmpriv2"
memory = 1024 * 3 memory = 1024 * 3