dowerx
/
jitsi-k8s
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: dowerx:289b21220543706309c61072540350edcde1a895
Branches Tags
dowerx:master
..
compare: dowerx:1f0cb79d63b25fe137b254596e22e1c407c6a335
Branches Tags
dowerx:master

No commits in common. "289b21220543706309c61072540350edcde1a895" and "1f0cb79d63b25fe137b254596e22e1c407c6a335" have entirely different histories.
289b212205 ... 1f0cb79d63

18 changed files with 278 additions and 257 deletions
Show Stats Expand all files Collapse all files

10
00-common.yml
View File

@ -7,9 +7,9 @@ type: Opaque
stringData: stringData:
JICOFO_AUTH_PASSWORD: 1b90bbfb8b17b3b8f610dd9e282b076c JICOFO_AUTH_PASSWORD: 1b90bbfb8b17b3b8f610dd9e282b076c
JVB_AUTH_PASSWORD: 21e5abd0efbb69e31facbf735d737caa JVB_AUTH_PASSWORD: 21e5abd0efbb69e31facbf735d737caa
# JIGASI_XMPP_PASSWORD: 78e1d598b43d57a7ce38d5a102a48946 JIGASI_XMPP_PASSWORD: 78e1d598b43d57a7ce38d5a102a48946
# JIBRI_RECORDER_PASSWORD: 3fc11181cc426d698317bceab3fe76ad JIBRI_RECORDER_PASSWORD: 3fc11181cc426d698317bceab3fe76ad
# JIBRI_XMPP_PASSWORD: 21412968cb037cd706996bcbb1c5502a JIBRI_XMPP_PASSWORD: 21412968cb037cd706996bcbb1c5502a
--- ---
@ -26,7 +26,7 @@ data:
ETHERPAD_SKIN_VARIANTS: "super-light-toolbar super-light-editor light-background full-width-editor" ETHERPAD_SKIN_VARIANTS: "super-light-toolbar super-light-editor light-background full-width-editor"
ENABLE_AUTH: "1" ENABLE_AUTH: "1"
AUTH_TYPE: internal AUTH_TYPE: internal
XMPP_SERVER: jitsi-prosody.external-app-development.svc.cluster.local XMPP_SERVER: prosody.jitsi.svc.cluster.local
XMPP_BOSH_URL_BASE: http://jitsi-prosody.external-app-development.svc.cluster.local:5280 XMPP_BOSH_URL: http://prosody:5280
PUBLIC_URL: jitsi.dev.srv.k8s.bevonodas.euronetrt.hu PUBLIC_URL: jitsi.dev.srv.k8s.bevonodas.euronetrt.hu
JVB_PORT: "10000" JVB_PORT: "10000"

46
01-storages.yml
View File

@ -1,11 +1,53 @@
kind: PersistentVolumeClaim kind: PersistentVolumeClaim
apiVersion: v1 apiVersion: v1
metadata: metadata:
name: jitsi name: jitsi-web
namespace: external-app-development namespace: external-app-development
spec: spec:
accessModes: accessModes:
- ReadWriteMany - ReadWriteMany
resources: resources:
requests: requests:
storage: 2G storage: 10Mi
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: jitsi-prosody
namespace: external-app-development
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 10Mi
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: jitsi-jicofo
namespace: external-app-development
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 10Mi
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: jitsi-jvb
namespace: external-app-development
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 10Mi

292
02-deployments.yml
View File

@ -1,12 +1,12 @@
# apiVersion: v1 apiVersion: v1
# kind: ConfigMap kind: ConfigMap
# metadata: metadata:
# name: jitsi-web-conf name: jitsi-web-conf
# namespace: external-app-development namespace: external-app-development
# data: data:
# 20-use-env: |- 20-use-env: |-
# #!/bin/bash #!/bin/bash
# sed -i "s|xmpp.meet.jitsi|XMPP_SERVER|" /config/nginx/meet.conf sed -i "s|xmpp.meet.jitsi|XMPP_SERVER|" /config/nginx/meet.conf
--- ---
@ -37,38 +37,34 @@ spec:
values: values:
- arm64 - arm64
- amd64 - amd64
# initContainers: initContainers:
# - name: jitsi-web-conf - name: jitsi-web-conf
# image: busybox image: busybox
# args: ["sh", "-c", "cat /20-use-env | sed \"s/XMPP_SERVER/$XMPP_SERVER/\" > /config/20-use-env && chmod +x /config/20-use-env"] args: ["sh", "-c", "cat /20-use-env | sed \"s/XMPP_SERVER/$XMPP_SERVER/\" > /config/20-use-env && chmod +x /config/20-use-env"]
# volumeMounts: volumeMounts:
# - mountPath: /config - mountPath: /config
# name: jitsi name: jitsi-web
# subPath: web - mountPath: /20-use-env
# - mountPath: /20-use-env name: jitsi-web-conf
# name: jitsi-web-conf subPath: 20-use-env
# subPath: 20-use-env envFrom:
# envFrom: - configMapRef:
# - configMapRef: name: jitsi-env
# name: jitsi-env securityContext:
# securityContext: allowPrivilegeEscalation: false
# runAsUser: 1000 capabilities:
# runAsGroup: 1000 drop:
# allowPrivilegeEscalation: false - ALL
# capabilities: runAsNonRoot: true
# drop: seccompProfile:
# - ALL type: RuntimeDefault
# runAsNonRoot: true
# seccompProfile:
# type: RuntimeDefault
containers: containers:
- name: jitsi-web - name: jitsi-web
image: dowerx/jitsi-web:non-root image: jitsi/web:stable-9457-2
imagePullPolicy: Always
ports: ports:
- containerPort: 8000 - containerPort: 80
protocol: TCP protocol: TCP
- containerPort: 8443 - containerPort: 443
protocol: TCP protocol: TCP
envFrom: envFrom:
- configMapRef: - configMapRef:
@ -84,37 +80,34 @@ spec:
secretKeyRef: secretKeyRef:
name: jitsi-passwords name: jitsi-passwords
key: JVB_AUTH_PASSWORD key: JVB_AUTH_PASSWORD
# - name: JIGASI_XMPP_PASSWORD - name: JIGASI_XMPP_PASSWORD
# valueFrom: valueFrom:
# secretKeyRef: secretKeyRef:
# name: jitsi-passwords name: jitsi-passwords
# key: JIGASI_XMPP_PASSWORD key: JIGASI_XMPP_PASSWORD
# - name: JIBRI_RECORDER_PASSWORD - name: JIBRI_RECORDER_PASSWORD
# valueFrom: valueFrom:
# secretKeyRef: secretKeyRef:
# name: jitsi-passwords name: jitsi-passwords
# key: JIBRI_RECORDER_PASSWORD key: JIBRI_RECORDER_PASSWORD
# - name: JIBRI_XMPP_PASSWORD - name: JIBRI_XMPP_PASSWORD
# valueFrom: valueFrom:
# secretKeyRef: secretKeyRef:
# name: jitsi-passwords name: jitsi-passwords
# key: JIBRI_XMPP_PASSWORD key: JIBRI_XMPP_PASSWORD
# volumeMounts: volumeMounts:
# - mountPath: /config - mountPath: /config
# name: jitsi name: jitsi-web
# subPath: web - mountPath: /var/spool/cron/crontabs
# - mountPath: /var/spool/cron/crontabs name: jitsi-web
# name: jitsi subPath: crontabs
# subPath: web/crontabs - mountPath: /usr/share/jitsi-meet/transcripts
# - mountPath: /usr/share/jitsi-meet/transcripts name: jitsi-web
# name: jitsi subPath: transcripts
# subPath: web/transcripts - mountPath: /etc/cont-init.d/20-use-env
# - mountPath: /etc/cont-init.d/20-use-env name: jitsi-web
# name: jitsi subPath: 20-use-env
# subPath: web/20-use-env
securityContext: securityContext:
runAsUser: 1000
runAsGroup: 1000
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
capabilities: capabilities:
drop: drop:
@ -139,16 +132,16 @@ spec:
# port: 80 # port: 80
# initialDelaySeconds: 15 # initialDelaySeconds: 15
# periodSeconds: 10 # periodSeconds: 10
# volumes: volumes:
# - name: jitsi - name: jitsi-web
# persistentVolumeClaim: persistentVolumeClaim:
# claimName: jitsi claimName: jitsi-web
# - name: jitsi-web-conf - name: jitsi-web-conf
# configMap: configMap:
# name: jitsi-web-conf name: jitsi-web-conf
# items: items:
# - key: 20-use-env - key: 20-use-env
# path: 20-use-env path: 20-use-env
--- ---
kind: Deployment kind: Deployment
apiVersion: apps/v1 apiVersion: apps/v1
@ -179,7 +172,7 @@ spec:
- amd64 - amd64
containers: containers:
- name: jitsi-prosody - name: jitsi-prosody
image: dowerx/prosody:non-root image: jitsi/prosody:stable-9457-2
ports: ports:
- containerPort: 5222 - containerPort: 5222
protocol: TCP protocol: TCP
@ -203,24 +196,22 @@ spec:
secretKeyRef: secretKeyRef:
name: jitsi-passwords name: jitsi-passwords
key: JVB_AUTH_PASSWORD key: JVB_AUTH_PASSWORD
# - name: JIGASI_XMPP_PASSWORD - name: JIGASI_XMPP_PASSWORD
# valueFrom: valueFrom:
# secretKeyRef: secretKeyRef:
# name: jitsi-passwords name: jitsi-passwords
# key: JIGASI_XMPP_PASSWORD key: JIGASI_XMPP_PASSWORD
# - name: JIBRI_RECORDER_PASSWORD - name: JIBRI_RECORDER_PASSWORD
# valueFrom: valueFrom:
# secretKeyRef: secretKeyRef:
# name: jitsi-passwords name: jitsi-passwords
# key: JIBRI_RECORDER_PASSWORD key: JIBRI_RECORDER_PASSWORD
# - name: JIBRI_XMPP_PASSWORD - name: JIBRI_XMPP_PASSWORD
# valueFrom: valueFrom:
# secretKeyRef: secretKeyRef:
# name: jitsi-passwords name: jitsi-passwords
# key: JIBRI_XMPP_PASSWORD key: JIBRI_XMPP_PASSWORD
securityContext: securityContext:
runAsUser: 1000
runAsGroup: 1000
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
capabilities: capabilities:
drop: drop:
@ -230,11 +221,10 @@ spec:
type: RuntimeDefault type: RuntimeDefault
volumeMounts: volumeMounts:
- mountPath: /config - mountPath: /config
name: jitsi name: jitsi-prosody
subPath: prosody
- mountPath: /prosody-plugins-custom - mountPath: /prosody-plugins-custom
name: jitsi name: jitsi-prosody
subPath: prosody/prosody-plugins-custom subPath: prosody-plugins-custom
resources: resources:
limits: limits:
cpu: "500m" cpu: "500m"
@ -252,12 +242,10 @@ spec:
# port: 5280 # port: 5280
# initialDelaySeconds: 15 # initialDelaySeconds: 15
# periodSeconds: 10 # periodSeconds: 10
securityContext:
fsGroup: 1000
volumes: volumes:
- name: jitsi - name: jitsi-prosody
persistentVolumeClaim: persistentVolumeClaim:
claimName: jitsi claimName: jitsi-prosody
--- ---
kind: Deployment kind: Deployment
apiVersion: apps/v1 apiVersion: apps/v1
@ -288,7 +276,7 @@ spec:
- amd64 - amd64
containers: containers:
- name: jitsi-jicofo - name: jitsi-jicofo
image: dowerx/jicofo:non-root image: jitsi/jicofo:stable-9457-2
ports: ports:
- containerPort: 8888 - containerPort: 8888
protocol: TCP protocol: TCP
@ -306,24 +294,22 @@ spec:
secretKeyRef: secretKeyRef:
name: jitsi-passwords name: jitsi-passwords
key: JVB_AUTH_PASSWORD key: JVB_AUTH_PASSWORD
# - name: JIGASI_XMPP_PASSWORD - name: JIGASI_XMPP_PASSWORD
# valueFrom: valueFrom:
# secretKeyRef: secretKeyRef:
# name: jitsi-passwords name: jitsi-passwords
# key: JIGASI_XMPP_PASSWORD key: JIGASI_XMPP_PASSWORD
# - name: JIBRI_RECORDER_PASSWORD - name: JIBRI_RECORDER_PASSWORD
# valueFrom: valueFrom:
# secretKeyRef: secretKeyRef:
# name: jitsi-passwords name: jitsi-passwords
# key: JIBRI_RECORDER_PASSWORD key: JIBRI_RECORDER_PASSWORD
# - name: JIBRI_XMPP_PASSWORD - name: JIBRI_XMPP_PASSWORD
# valueFrom: valueFrom:
# secretKeyRef: secretKeyRef:
# name: jitsi-passwords name: jitsi-passwords
# key: JIBRI_XMPP_PASSWORD key: JIBRI_XMPP_PASSWORD
securityContext: securityContext:
runAsUser: 1000
runAsGroup: 1000
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
capabilities: capabilities:
drop: drop:
@ -331,10 +317,9 @@ spec:
runAsNonRoot: true runAsNonRoot: true
seccompProfile: seccompProfile:
type: RuntimeDefault type: RuntimeDefault
# volumeMounts: volumeMounts:
# - mountPath: /config - mountPath: /config
# name: jitsi name: jitsi-jicofo
# subPath: jicofo
resources: resources:
limits: limits:
cpu: "500m" cpu: "500m"
@ -352,10 +337,10 @@ spec:
# port: 8888 # port: 8888
# initialDelaySeconds: 15 # initialDelaySeconds: 15
# periodSeconds: 10 # periodSeconds: 10
# volumes: volumes:
# - name: jitsi - name: jitsi-jicofo
# persistentVolumeClaim: persistentVolumeClaim:
# claimName: jitsi claimName: jitsi-jicofo
--- ---
kind: Deployment kind: Deployment
apiVersion: apps/v1 apiVersion: apps/v1
@ -386,7 +371,7 @@ spec:
- amd64 - amd64
containers: containers:
- name: jitsi-jvb - name: jitsi-jvb
image: dowerx/jvb:non-root image: jitsi/jvb:stable-9457-2
ports: ports:
- containerPort: 10000 - containerPort: 10000
protocol: UDP protocol: UDP
@ -406,24 +391,22 @@ spec:
secretKeyRef: secretKeyRef:
name: jitsi-passwords name: jitsi-passwords
key: JVB_AUTH_PASSWORD key: JVB_AUTH_PASSWORD
# - name: JIGASI_XMPP_PASSWORD - name: JIGASI_XMPP_PASSWORD
# valueFrom: valueFrom:
# secretKeyRef: secretKeyRef:
# name: jitsi-passwords name: jitsi-passwords
# key: JIGASI_XMPP_PASSWORD key: JIGASI_XMPP_PASSWORD
# - name: JIBRI_RECORDER_PASSWORD - name: JIBRI_RECORDER_PASSWORD
# valueFrom: valueFrom:
# secretKeyRef: secretKeyRef:
# name: jitsi-passwords name: jitsi-passwords
# key: JIBRI_RECORDER_PASSWORD key: JIBRI_RECORDER_PASSWORD
# - name: JIBRI_XMPP_PASSWORD - name: JIBRI_XMPP_PASSWORD
# valueFrom: valueFrom:
# secretKeyRef: secretKeyRef:
# name: jitsi-passwords name: jitsi-passwords
# key: JIBRI_XMPP_PASSWORD key: JIBRI_XMPP_PASSWORD
securityContext: securityContext:
runAsUser: 1000
runAsGroup: 1000
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
capabilities: capabilities:
drop: drop:
@ -431,10 +414,9 @@ spec:
runAsNonRoot: true runAsNonRoot: true
seccompProfile: seccompProfile:
type: RuntimeDefault type: RuntimeDefault
# volumeMounts: volumeMounts:
# - mountPath: /config - mountPath: /config
# subPath: jvb name: jitsi-jvb
# name: jitsi
resources: resources:
limits: limits:
cpu: "500m" cpu: "500m"
@ -452,7 +434,7 @@ spec:
# port: 8080 # port: 8080
# initialDelaySeconds: 15 # initialDelaySeconds: 15
# periodSeconds: 10 # periodSeconds: 10
# volumes: volumes:
# - name: jitsi - name: jitsi-jvb
# persistentVolumeClaim: persistentVolumeClaim:
# claimName: jitsi claimName: jitsi-jvb

12
03-services.yml
View File

@ -5,12 +5,12 @@ metadata:
namespace: external-app-development namespace: external-app-development
spec: spec:
ports: ports:
- port: 8000 - port: 80
targetPort: 8000 targetPort: 80
name: http name: http
protocol: TCP protocol: TCP
- port: 8443 - port: 443
targetPort: 8443 targetPort: 443
name: https name: https
protocol: TCP protocol: TCP
selector: selector:
@ -60,7 +60,7 @@ spec:
selector: selector:
app: jitsi-jvb app: jitsi-jvb
# --- ---
# apiVersion: traefik.io/v1alpha1 # apiVersion: traefik.io/v1alpha1
# kind: IngressRouteUDP # kind: IngressRouteUDP
@ -146,4 +146,4 @@ spec:
service: service:
name: jitsi-web name: jitsi-web
port: port:
number: 8000 number: 80

48
04-add-users.yml
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
name: jitsi-users name: users
data: data:
users: |- users: |-
user1 asdqwe user1 asdqwe
@ -50,71 +50,61 @@ spec:
- amd64 - amd64
containers: containers:
- name: add-users - name: add-users
image: dowerx/prosody:non-root image: jitsi/prosody:stable-9457-2
command: ["/bin/bash", "-c"] command: ["/bin/bash", "-c"]
args: ["bash /clear.sh && bash /add.sh"] args: ["bash /clear.sh && bash /add.sh"]
envFrom: envFrom:
- configMapRef: - configMapRef:
name: jitsi-env name: env
env: env:
- name: JICOFO_AUTH_PASSWORD - name: JICOFO_AUTH_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: jitsi-passwords name: passwords
key: JICOFO_AUTH_PASSWORD key: JICOFO_AUTH_PASSWORD
- name: JVB_AUTH_PASSWORD - name: JVB_AUTH_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: jitsi-passwords name: passwords
key: JVB_AUTH_PASSWORD key: JVB_AUTH_PASSWORD
- name: JIGASI_XMPP_PASSWORD - name: JIGASI_XMPP_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: jitsi-passwords name: passwords
key: JIGASI_XMPP_PASSWORD key: JIGASI_XMPP_PASSWORD
- name: JIBRI_RECORDER_PASSWORD - name: JIBRI_RECORDER_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: jitsi-passwords name: passwords
key: JIBRI_RECORDER_PASSWORD key: JIBRI_RECORDER_PASSWORD
- name: JIBRI_XMPP_PASSWORD - name: JIBRI_XMPP_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: jitsi-passwords name: passwords
key: JIBRI_XMPP_PASSWORD key: JIBRI_XMPP_PASSWORD
securityContext:
runAsUser: 1000
runAsGroup: 1000
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
volumeMounts: volumeMounts:
- mountPath: /config - mountPath: /config
name: jitsi name: prosody
subPath: prosody - mountPath: /prosody-plugins-custom
name: prosody
subPath: prosody-plugins-custom
- mountPath: /users - mountPath: /users
name: jitsi-users name: users
subPath: users subPath: users
- mountPath: /clear.sh - mountPath: /clear.sh
name: jitsi-users name: users
subPath: clear.sh subPath: clear.sh
- mountPath: /add.sh - mountPath: /add.sh
name: jitsi-users name: users
subPath: add.sh subPath: add.sh
restartPolicy: OnFailure restartPolicy: OnFailure
securityContext:
fsGroup: 1000
volumes: volumes:
- name: jitsi - name: prosody
persistentVolumeClaim: persistentVolumeClaim:
claimName: jitsi claimName: prosody
- name: jitsi-users - name: users
configMap: configMap:
name: jitsi-users name: users
items: items:
- key: users - key: users
path: users path: users

8
containers/docker-compose.yml
View File

@ -1,7 +1,7 @@
services: services:
# Frontend # Frontend
web: web:
image: dowerx/jitsi-web:non-root image: jitsi/web:non-root
restart: ${RESTART_POLICY:-unless-stopped} restart: ${RESTART_POLICY:-unless-stopped}
ports: ports:
- '${HTTP_PORT}:80' - '${HTTP_PORT}:80'
@ -174,7 +174,7 @@ services:
# XMPP server # XMPP server
prosody: prosody:
image: dowerx/prosody:non-root image: jitsi/prosody:non-root
restart: ${RESTART_POLICY:-unless-stopped} restart: ${RESTART_POLICY:-unless-stopped}
expose: expose:
- '${XMPP_PORT:-5222}' - '${XMPP_PORT:-5222}'
@ -306,7 +306,7 @@ services:
# Focus component # Focus component
jicofo: jicofo:
image: dowerx/jicofo:non-root image: jitsi/jicofo:non-root
restart: ${RESTART_POLICY:-unless-stopped} restart: ${RESTART_POLICY:-unless-stopped}
ports: ports:
- '127.0.0.1:${JICOFO_REST_PORT:-8888}:8888' - '127.0.0.1:${JICOFO_REST_PORT:-8888}:8888'
@ -388,7 +388,7 @@ services:
# Video bridge # Video bridge
jvb: jvb:
image: dowerx/jvb:non-root image: jitsi/jvb:non-root
restart: ${RESTART_POLICY:-unless-stopped} restart: ${RESTART_POLICY:-unless-stopped}
ports: ports:
- '${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp' - '${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp'

15
containers/non-root/base-java.build.yml
View File

@ -1,18 +1,15 @@
registry: docker.io registry: docker.io
repos: repos:
- name: jitsi-base-java - name: base-java
library: dowerx library: jitsi
repo: base-java repo: base-java
action: push action: load
tags: tags:
- name: latest
builds:
- non-root-amd64
- non-root-arm64
- name: non-root - name: non-root
builds: builds:
- non-root-amd64 - non-root-amd64
- non-root-arm64 - non-root-arm64
- non-root-armv7
builds: builds:
- arch: amd64 - arch: amd64
dockerfile: Dockerfile dockerfile: Dockerfile
@ -22,3 +19,7 @@ repos:
dockerfile: Dockerfile dockerfile: Dockerfile
tags: tags:
- non-root-arm64 - non-root-arm64
- arch: armv7
dockerfile: Dockerfile
tags:
- non-root-armv7

3
containers/non-root/base-java/Dockerfile
View File

@ -1,4 +1,5 @@
FROM dowerx/jitsi-base:non-root # jitsi/base-java:non-root
FROM jitsi/base:non-root
RUN mkdir -p /usr/share/man/man1 && \ RUN mkdir -p /usr/share/man/man1 && \
mkdir -p /etc/apt/keyrings/ && \ mkdir -p /etc/apt/keyrings/ && \

18
containers/non-root/base.build.yml
View File

@ -1,18 +1,15 @@
registry: docker.io registry: docker.io
repos: repos:
- name: jitsi-base - name: base
library: dowerx library: jitsi
repo: base repo: base
action: push action: load
tags: tags:
- name: latest
builds:
- non-root-amd64
- non-root-arm64
- name: non-root - name: non-root
builds: builds:
- non-root-amd64 - non-root-amd64
- non-root-arm64 - non-root-arm64
- non-root-armv7
builds: builds:
- arch: amd64 - arch: amd64
dockerfile: Dockerfile dockerfile: Dockerfile
@ -22,6 +19,7 @@ repos:
dockerfile: Dockerfile dockerfile: Dockerfile
tags: tags:
- non-root-arm64 - non-root-arm64
env: - arch: armv7
- key: ARCH dockerfile: Dockerfile
value: arm64 tags:
- non-root-armv7

13
containers/non-root/jicofo.build.yml
View File

@ -1,18 +1,15 @@
registry: docker.io registry: docker.io
repos: repos:
- name: jicofo - name: jicofo
library: dowerx library: jitsi
repo: jicofo repo: jicofo
action: push action: load
tags: tags:
- name: latest
builds:
- non-root-amd64
- non-root-arm64
- name: non-root - name: non-root
builds: builds:
- non-root-amd64 - non-root-amd64
- non-root-arm64 - non-root-arm64
- non-root-armv7
builds: builds:
- arch: amd64 - arch: amd64
dockerfile: Dockerfile dockerfile: Dockerfile
@ -22,3 +19,7 @@ repos:
dockerfile: Dockerfile dockerfile: Dockerfile
tags: tags:
- non-root-arm64 - non-root-arm64
- arch: armv7
dockerfile: Dockerfile
tags:
- non-root-armv7

3
containers/non-root/jicofo/Dockerfile
View File

@ -1,4 +1,5 @@
FROM dowerx/jitsi-base-java:non-root # jitsi/jicofo:non-root
FROM jitsi/base-java:non-root
RUN apt-get update && \ RUN apt-get update && \
apt-get install -y jicofo && \ apt-get install -y jicofo && \

13
containers/non-root/jvb.build.yml
View File

@ -1,18 +1,15 @@
registry: docker.io registry: docker.io
repos: repos:
- name: jvb - name: jvb
library: dowerx library: jitsi
repo: jvb repo: jvb
action: push action: load
tags: tags:
- name: latest
builds:
- non-root-amd64
- non-root-arm64
- name: non-root - name: non-root
builds: builds:
- non-root-amd64 - non-root-amd64
- non-root-arm64 - non-root-arm64
- non-root-armv7
builds: builds:
- arch: amd64 - arch: amd64
dockerfile: Dockerfile dockerfile: Dockerfile
@ -22,3 +19,7 @@ repos:
dockerfile: Dockerfile dockerfile: Dockerfile
tags: tags:
- non-root-arm64 - non-root-arm64
- arch: armv7
dockerfile: Dockerfile
tags:
- non-root-armv7

3
containers/non-root/jvb/Dockerfile
View File

@ -1,4 +1,5 @@
FROM dowerx/jitsi-base-java:non-root # jitsi/jvb:non-root
FROM jitsi/base-java:non-root
RUN apt-get update && \ RUN apt-get update && \
apt-get install -y jitsi-videobridge2 jitsi-autoscaler-sidecar jq curl iproute2 dnsutils libpcap0.8 && \ apt-get install -y jitsi-videobridge2 jitsi-autoscaler-sidecar jq curl iproute2 dnsutils libpcap0.8 && \

13
containers/non-root/prosody.build.yml
View File

@ -1,18 +1,15 @@
registry: docker.io registry: docker.io
repos: repos:
- name: prosody - name: prosody
library: dowerx library: jitsi
repo: prosody repo: prosody
action: push action: load
tags: tags:
- name: latest
builds:
- non-root-amd64
- non-root-arm64
- name: non-root - name: non-root
builds: builds:
- non-root-amd64 - non-root-amd64
- non-root-arm64 - non-root-arm64
- non-root-armv7
builds: builds:
- arch: amd64 - arch: amd64
dockerfile: Dockerfile dockerfile: Dockerfile
@ -22,3 +19,7 @@ repos:
dockerfile: Dockerfile dockerfile: Dockerfile
tags: tags:
- non-root-arm64 - non-root-arm64
- arch: armv7
dockerfile: Dockerfile
tags:
- non-root-armv7

4
containers/non-root/prosody/Dockerfile
View File

@ -1,7 +1,7 @@
ARG JITSI_REPO=jitsi ARG JITSI_REPO=jitsi
ARG BASE_TAG=latest ARG BASE_TAG=latest
FROM dowerx/jitsi-base:non-root AS builder FROM jitsi/base:non-root AS builder
RUN apt-get update && \ RUN apt-get update && \
apt-get install -y \ apt-get install -y \
@ -19,7 +19,7 @@ RUN apt-get update && \
luarocks install lua-cjson 2.1.0-1 && \ luarocks install lua-cjson 2.1.0-1 && \
luarocks install net-url 0.9-1 luarocks install net-url 0.9-1
FROM dowerx/jitsi-base:non-root FROM jitsi/base:non-root
ARG VERSION_JITSI_CONTRIB_PROSODY_PLUGINS="20240117" ARG VERSION_JITSI_CONTRIB_PROSODY_PLUGINS="20240117"
ARG VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN="1.8.0" ARG VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN="1.8.0"

15
containers/non-root/web.build.yml
View File

@ -1,18 +1,15 @@
registry: docker.io registry: docker.io
repos: repos:
- name: jitsi-web - name: web
library: dowerx library: jitsi
repo: web repo: web
action: push action: load
tags: tags:
- name: latest
builds:
- non-root-amd64
- non-root-arm64
- name: non-root - name: non-root
builds: builds:
- non-root-amd64 - non-root-amd64
- non-root-arm64 - non-root-arm64
- non-root-armv7
builds: builds:
- arch: amd64 - arch: amd64
dockerfile: Dockerfile dockerfile: Dockerfile
@ -22,3 +19,7 @@ repos:
dockerfile: Dockerfile dockerfile: Dockerfile
tags: tags:
- non-root-arm64 - non-root-arm64
- arch: armv7
dockerfile: Dockerfile
tags:
- non-root-armv7

3
containers/non-root/web/Dockerfile
View File

@ -1,4 +1,5 @@
FROM dowerx/jitsi-base:non-root # jitsi/web:non-root
FROM jitsi/base:non-root
RUN \ RUN \
apt-get update && apt-get install -y --no-install-recommends \ apt-get update && apt-get install -y --no-install-recommends \

8
containers/non-root/web/defaults/default
View File

@ -1,8 +1,8 @@
server { server {
listen 8000 default_server; listen 80 default_server;
{{ if .Env.ENABLE_IPV6 | default "1" | toBool }} {{ if .Env.ENABLE_IPV6 | default "1" | toBool }}
listen [::]:8000 default_server; listen [::]:80 default_server;
{{ end }} {{ end }}
{{ if .Env.ENABLE_HTTP_REDIRECT | default "0" | toBool }} {{ if .Env.ENABLE_HTTP_REDIRECT | default "0" | toBool }}
@ -14,10 +14,10 @@ server {
{{ if not (.Env.DISABLE_HTTPS | default "0" | toBool) }} {{ if not (.Env.DISABLE_HTTPS | default "0" | toBool) }}
server { server {
listen 8443 ssl http2; listen 443 ssl http2;
{{ if .Env.ENABLE_IPV6 | default "1" | toBool }} {{ if .Env.ENABLE_IPV6 | default "1" | toBool }}
listen [::]:8443 ssl http2; listen [::]:443 ssl http2;
{{ end }} {{ end }}
include /config/nginx/ssl.conf; include /config/nginx/ssl.conf;