Compare commits
No commits in common. "289b21220543706309c61072540350edcde1a895" and "1f0cb79d63b25fe137b254596e22e1c407c6a335" have entirely different histories.
289b212205
...
1f0cb79d63
|
@ -7,9 +7,9 @@ type: Opaque
|
||||||
stringData:
|
stringData:
|
||||||
JICOFO_AUTH_PASSWORD: 1b90bbfb8b17b3b8f610dd9e282b076c
|
JICOFO_AUTH_PASSWORD: 1b90bbfb8b17b3b8f610dd9e282b076c
|
||||||
JVB_AUTH_PASSWORD: 21e5abd0efbb69e31facbf735d737caa
|
JVB_AUTH_PASSWORD: 21e5abd0efbb69e31facbf735d737caa
|
||||||
# JIGASI_XMPP_PASSWORD: 78e1d598b43d57a7ce38d5a102a48946
|
JIGASI_XMPP_PASSWORD: 78e1d598b43d57a7ce38d5a102a48946
|
||||||
# JIBRI_RECORDER_PASSWORD: 3fc11181cc426d698317bceab3fe76ad
|
JIBRI_RECORDER_PASSWORD: 3fc11181cc426d698317bceab3fe76ad
|
||||||
# JIBRI_XMPP_PASSWORD: 21412968cb037cd706996bcbb1c5502a
|
JIBRI_XMPP_PASSWORD: 21412968cb037cd706996bcbb1c5502a
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
|
@ -26,7 +26,7 @@ data:
|
||||||
ETHERPAD_SKIN_VARIANTS: "super-light-toolbar super-light-editor light-background full-width-editor"
|
ETHERPAD_SKIN_VARIANTS: "super-light-toolbar super-light-editor light-background full-width-editor"
|
||||||
ENABLE_AUTH: "1"
|
ENABLE_AUTH: "1"
|
||||||
AUTH_TYPE: internal
|
AUTH_TYPE: internal
|
||||||
XMPP_SERVER: jitsi-prosody.external-app-development.svc.cluster.local
|
XMPP_SERVER: prosody.jitsi.svc.cluster.local
|
||||||
XMPP_BOSH_URL_BASE: http://jitsi-prosody.external-app-development.svc.cluster.local:5280
|
XMPP_BOSH_URL: http://prosody:5280
|
||||||
PUBLIC_URL: jitsi.dev.srv.k8s.bevonodas.euronetrt.hu
|
PUBLIC_URL: jitsi.dev.srv.k8s.bevonodas.euronetrt.hu
|
||||||
JVB_PORT: "10000"
|
JVB_PORT: "10000"
|
|
@ -1,11 +1,53 @@
|
||||||
kind: PersistentVolumeClaim
|
kind: PersistentVolumeClaim
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
metadata:
|
metadata:
|
||||||
name: jitsi
|
name: jitsi-web
|
||||||
namespace: external-app-development
|
namespace: external-app-development
|
||||||
spec:
|
spec:
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
storage: 2G
|
storage: 10Mi
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
apiVersion: v1
|
||||||
|
metadata:
|
||||||
|
name: jitsi-prosody
|
||||||
|
namespace: external-app-development
|
||||||
|
spec:
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteMany
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 10Mi
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
apiVersion: v1
|
||||||
|
metadata:
|
||||||
|
name: jitsi-jicofo
|
||||||
|
namespace: external-app-development
|
||||||
|
spec:
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteMany
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 10Mi
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
apiVersion: v1
|
||||||
|
metadata:
|
||||||
|
name: jitsi-jvb
|
||||||
|
namespace: external-app-development
|
||||||
|
spec:
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteMany
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 10Mi
|
||||||
|
|
|
@ -1,12 +1,12 @@
|
||||||
# apiVersion: v1
|
apiVersion: v1
|
||||||
# kind: ConfigMap
|
kind: ConfigMap
|
||||||
# metadata:
|
metadata:
|
||||||
# name: jitsi-web-conf
|
name: jitsi-web-conf
|
||||||
# namespace: external-app-development
|
namespace: external-app-development
|
||||||
# data:
|
data:
|
||||||
# 20-use-env: |-
|
20-use-env: |-
|
||||||
# #!/bin/bash
|
#!/bin/bash
|
||||||
# sed -i "s|xmpp.meet.jitsi|XMPP_SERVER|" /config/nginx/meet.conf
|
sed -i "s|xmpp.meet.jitsi|XMPP_SERVER|" /config/nginx/meet.conf
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
|
@ -37,38 +37,34 @@ spec:
|
||||||
values:
|
values:
|
||||||
- arm64
|
- arm64
|
||||||
- amd64
|
- amd64
|
||||||
# initContainers:
|
initContainers:
|
||||||
# - name: jitsi-web-conf
|
- name: jitsi-web-conf
|
||||||
# image: busybox
|
image: busybox
|
||||||
# args: ["sh", "-c", "cat /20-use-env | sed \"s/XMPP_SERVER/$XMPP_SERVER/\" > /config/20-use-env && chmod +x /config/20-use-env"]
|
args: ["sh", "-c", "cat /20-use-env | sed \"s/XMPP_SERVER/$XMPP_SERVER/\" > /config/20-use-env && chmod +x /config/20-use-env"]
|
||||||
# volumeMounts:
|
volumeMounts:
|
||||||
# - mountPath: /config
|
- mountPath: /config
|
||||||
# name: jitsi
|
name: jitsi-web
|
||||||
# subPath: web
|
- mountPath: /20-use-env
|
||||||
# - mountPath: /20-use-env
|
name: jitsi-web-conf
|
||||||
# name: jitsi-web-conf
|
subPath: 20-use-env
|
||||||
# subPath: 20-use-env
|
envFrom:
|
||||||
# envFrom:
|
- configMapRef:
|
||||||
# - configMapRef:
|
name: jitsi-env
|
||||||
# name: jitsi-env
|
securityContext:
|
||||||
# securityContext:
|
allowPrivilegeEscalation: false
|
||||||
# runAsUser: 1000
|
capabilities:
|
||||||
# runAsGroup: 1000
|
drop:
|
||||||
# allowPrivilegeEscalation: false
|
- ALL
|
||||||
# capabilities:
|
runAsNonRoot: true
|
||||||
# drop:
|
seccompProfile:
|
||||||
# - ALL
|
type: RuntimeDefault
|
||||||
# runAsNonRoot: true
|
|
||||||
# seccompProfile:
|
|
||||||
# type: RuntimeDefault
|
|
||||||
containers:
|
containers:
|
||||||
- name: jitsi-web
|
- name: jitsi-web
|
||||||
image: dowerx/jitsi-web:non-root
|
image: jitsi/web:stable-9457-2
|
||||||
imagePullPolicy: Always
|
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 8000
|
- containerPort: 80
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
- containerPort: 8443
|
- containerPort: 443
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
envFrom:
|
envFrom:
|
||||||
- configMapRef:
|
- configMapRef:
|
||||||
|
@ -84,37 +80,34 @@ spec:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: jitsi-passwords
|
name: jitsi-passwords
|
||||||
key: JVB_AUTH_PASSWORD
|
key: JVB_AUTH_PASSWORD
|
||||||
# - name: JIGASI_XMPP_PASSWORD
|
- name: JIGASI_XMPP_PASSWORD
|
||||||
# valueFrom:
|
valueFrom:
|
||||||
# secretKeyRef:
|
secretKeyRef:
|
||||||
# name: jitsi-passwords
|
name: jitsi-passwords
|
||||||
# key: JIGASI_XMPP_PASSWORD
|
key: JIGASI_XMPP_PASSWORD
|
||||||
# - name: JIBRI_RECORDER_PASSWORD
|
- name: JIBRI_RECORDER_PASSWORD
|
||||||
# valueFrom:
|
valueFrom:
|
||||||
# secretKeyRef:
|
secretKeyRef:
|
||||||
# name: jitsi-passwords
|
name: jitsi-passwords
|
||||||
# key: JIBRI_RECORDER_PASSWORD
|
key: JIBRI_RECORDER_PASSWORD
|
||||||
# - name: JIBRI_XMPP_PASSWORD
|
- name: JIBRI_XMPP_PASSWORD
|
||||||
# valueFrom:
|
valueFrom:
|
||||||
# secretKeyRef:
|
secretKeyRef:
|
||||||
# name: jitsi-passwords
|
name: jitsi-passwords
|
||||||
# key: JIBRI_XMPP_PASSWORD
|
key: JIBRI_XMPP_PASSWORD
|
||||||
# volumeMounts:
|
volumeMounts:
|
||||||
# - mountPath: /config
|
- mountPath: /config
|
||||||
# name: jitsi
|
name: jitsi-web
|
||||||
# subPath: web
|
- mountPath: /var/spool/cron/crontabs
|
||||||
# - mountPath: /var/spool/cron/crontabs
|
name: jitsi-web
|
||||||
# name: jitsi
|
subPath: crontabs
|
||||||
# subPath: web/crontabs
|
- mountPath: /usr/share/jitsi-meet/transcripts
|
||||||
# - mountPath: /usr/share/jitsi-meet/transcripts
|
name: jitsi-web
|
||||||
# name: jitsi
|
subPath: transcripts
|
||||||
# subPath: web/transcripts
|
- mountPath: /etc/cont-init.d/20-use-env
|
||||||
# - mountPath: /etc/cont-init.d/20-use-env
|
name: jitsi-web
|
||||||
# name: jitsi
|
subPath: 20-use-env
|
||||||
# subPath: web/20-use-env
|
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsUser: 1000
|
|
||||||
runAsGroup: 1000
|
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
capabilities:
|
capabilities:
|
||||||
drop:
|
drop:
|
||||||
|
@ -139,16 +132,16 @@ spec:
|
||||||
# port: 80
|
# port: 80
|
||||||
# initialDelaySeconds: 15
|
# initialDelaySeconds: 15
|
||||||
# periodSeconds: 10
|
# periodSeconds: 10
|
||||||
# volumes:
|
volumes:
|
||||||
# - name: jitsi
|
- name: jitsi-web
|
||||||
# persistentVolumeClaim:
|
persistentVolumeClaim:
|
||||||
# claimName: jitsi
|
claimName: jitsi-web
|
||||||
# - name: jitsi-web-conf
|
- name: jitsi-web-conf
|
||||||
# configMap:
|
configMap:
|
||||||
# name: jitsi-web-conf
|
name: jitsi-web-conf
|
||||||
# items:
|
items:
|
||||||
# - key: 20-use-env
|
- key: 20-use-env
|
||||||
# path: 20-use-env
|
path: 20-use-env
|
||||||
---
|
---
|
||||||
kind: Deployment
|
kind: Deployment
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
|
@ -179,7 +172,7 @@ spec:
|
||||||
- amd64
|
- amd64
|
||||||
containers:
|
containers:
|
||||||
- name: jitsi-prosody
|
- name: jitsi-prosody
|
||||||
image: dowerx/prosody:non-root
|
image: jitsi/prosody:stable-9457-2
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 5222
|
- containerPort: 5222
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
|
@ -203,24 +196,22 @@ spec:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: jitsi-passwords
|
name: jitsi-passwords
|
||||||
key: JVB_AUTH_PASSWORD
|
key: JVB_AUTH_PASSWORD
|
||||||
# - name: JIGASI_XMPP_PASSWORD
|
- name: JIGASI_XMPP_PASSWORD
|
||||||
# valueFrom:
|
valueFrom:
|
||||||
# secretKeyRef:
|
secretKeyRef:
|
||||||
# name: jitsi-passwords
|
name: jitsi-passwords
|
||||||
# key: JIGASI_XMPP_PASSWORD
|
key: JIGASI_XMPP_PASSWORD
|
||||||
# - name: JIBRI_RECORDER_PASSWORD
|
- name: JIBRI_RECORDER_PASSWORD
|
||||||
# valueFrom:
|
valueFrom:
|
||||||
# secretKeyRef:
|
secretKeyRef:
|
||||||
# name: jitsi-passwords
|
name: jitsi-passwords
|
||||||
# key: JIBRI_RECORDER_PASSWORD
|
key: JIBRI_RECORDER_PASSWORD
|
||||||
# - name: JIBRI_XMPP_PASSWORD
|
- name: JIBRI_XMPP_PASSWORD
|
||||||
# valueFrom:
|
valueFrom:
|
||||||
# secretKeyRef:
|
secretKeyRef:
|
||||||
# name: jitsi-passwords
|
name: jitsi-passwords
|
||||||
# key: JIBRI_XMPP_PASSWORD
|
key: JIBRI_XMPP_PASSWORD
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsUser: 1000
|
|
||||||
runAsGroup: 1000
|
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
capabilities:
|
capabilities:
|
||||||
drop:
|
drop:
|
||||||
|
@ -230,11 +221,10 @@ spec:
|
||||||
type: RuntimeDefault
|
type: RuntimeDefault
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- mountPath: /config
|
- mountPath: /config
|
||||||
name: jitsi
|
name: jitsi-prosody
|
||||||
subPath: prosody
|
|
||||||
- mountPath: /prosody-plugins-custom
|
- mountPath: /prosody-plugins-custom
|
||||||
name: jitsi
|
name: jitsi-prosody
|
||||||
subPath: prosody/prosody-plugins-custom
|
subPath: prosody-plugins-custom
|
||||||
resources:
|
resources:
|
||||||
limits:
|
limits:
|
||||||
cpu: "500m"
|
cpu: "500m"
|
||||||
|
@ -252,12 +242,10 @@ spec:
|
||||||
# port: 5280
|
# port: 5280
|
||||||
# initialDelaySeconds: 15
|
# initialDelaySeconds: 15
|
||||||
# periodSeconds: 10
|
# periodSeconds: 10
|
||||||
securityContext:
|
|
||||||
fsGroup: 1000
|
|
||||||
volumes:
|
volumes:
|
||||||
- name: jitsi
|
- name: jitsi-prosody
|
||||||
persistentVolumeClaim:
|
persistentVolumeClaim:
|
||||||
claimName: jitsi
|
claimName: jitsi-prosody
|
||||||
---
|
---
|
||||||
kind: Deployment
|
kind: Deployment
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
|
@ -288,7 +276,7 @@ spec:
|
||||||
- amd64
|
- amd64
|
||||||
containers:
|
containers:
|
||||||
- name: jitsi-jicofo
|
- name: jitsi-jicofo
|
||||||
image: dowerx/jicofo:non-root
|
image: jitsi/jicofo:stable-9457-2
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 8888
|
- containerPort: 8888
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
|
@ -306,24 +294,22 @@ spec:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: jitsi-passwords
|
name: jitsi-passwords
|
||||||
key: JVB_AUTH_PASSWORD
|
key: JVB_AUTH_PASSWORD
|
||||||
# - name: JIGASI_XMPP_PASSWORD
|
- name: JIGASI_XMPP_PASSWORD
|
||||||
# valueFrom:
|
valueFrom:
|
||||||
# secretKeyRef:
|
secretKeyRef:
|
||||||
# name: jitsi-passwords
|
name: jitsi-passwords
|
||||||
# key: JIGASI_XMPP_PASSWORD
|
key: JIGASI_XMPP_PASSWORD
|
||||||
# - name: JIBRI_RECORDER_PASSWORD
|
- name: JIBRI_RECORDER_PASSWORD
|
||||||
# valueFrom:
|
valueFrom:
|
||||||
# secretKeyRef:
|
secretKeyRef:
|
||||||
# name: jitsi-passwords
|
name: jitsi-passwords
|
||||||
# key: JIBRI_RECORDER_PASSWORD
|
key: JIBRI_RECORDER_PASSWORD
|
||||||
# - name: JIBRI_XMPP_PASSWORD
|
- name: JIBRI_XMPP_PASSWORD
|
||||||
# valueFrom:
|
valueFrom:
|
||||||
# secretKeyRef:
|
secretKeyRef:
|
||||||
# name: jitsi-passwords
|
name: jitsi-passwords
|
||||||
# key: JIBRI_XMPP_PASSWORD
|
key: JIBRI_XMPP_PASSWORD
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsUser: 1000
|
|
||||||
runAsGroup: 1000
|
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
capabilities:
|
capabilities:
|
||||||
drop:
|
drop:
|
||||||
|
@ -331,10 +317,9 @@ spec:
|
||||||
runAsNonRoot: true
|
runAsNonRoot: true
|
||||||
seccompProfile:
|
seccompProfile:
|
||||||
type: RuntimeDefault
|
type: RuntimeDefault
|
||||||
# volumeMounts:
|
volumeMounts:
|
||||||
# - mountPath: /config
|
- mountPath: /config
|
||||||
# name: jitsi
|
name: jitsi-jicofo
|
||||||
# subPath: jicofo
|
|
||||||
resources:
|
resources:
|
||||||
limits:
|
limits:
|
||||||
cpu: "500m"
|
cpu: "500m"
|
||||||
|
@ -352,10 +337,10 @@ spec:
|
||||||
# port: 8888
|
# port: 8888
|
||||||
# initialDelaySeconds: 15
|
# initialDelaySeconds: 15
|
||||||
# periodSeconds: 10
|
# periodSeconds: 10
|
||||||
# volumes:
|
volumes:
|
||||||
# - name: jitsi
|
- name: jitsi-jicofo
|
||||||
# persistentVolumeClaim:
|
persistentVolumeClaim:
|
||||||
# claimName: jitsi
|
claimName: jitsi-jicofo
|
||||||
---
|
---
|
||||||
kind: Deployment
|
kind: Deployment
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
|
@ -386,7 +371,7 @@ spec:
|
||||||
- amd64
|
- amd64
|
||||||
containers:
|
containers:
|
||||||
- name: jitsi-jvb
|
- name: jitsi-jvb
|
||||||
image: dowerx/jvb:non-root
|
image: jitsi/jvb:stable-9457-2
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 10000
|
- containerPort: 10000
|
||||||
protocol: UDP
|
protocol: UDP
|
||||||
|
@ -406,24 +391,22 @@ spec:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: jitsi-passwords
|
name: jitsi-passwords
|
||||||
key: JVB_AUTH_PASSWORD
|
key: JVB_AUTH_PASSWORD
|
||||||
# - name: JIGASI_XMPP_PASSWORD
|
- name: JIGASI_XMPP_PASSWORD
|
||||||
# valueFrom:
|
valueFrom:
|
||||||
# secretKeyRef:
|
secretKeyRef:
|
||||||
# name: jitsi-passwords
|
name: jitsi-passwords
|
||||||
# key: JIGASI_XMPP_PASSWORD
|
key: JIGASI_XMPP_PASSWORD
|
||||||
# - name: JIBRI_RECORDER_PASSWORD
|
- name: JIBRI_RECORDER_PASSWORD
|
||||||
# valueFrom:
|
valueFrom:
|
||||||
# secretKeyRef:
|
secretKeyRef:
|
||||||
# name: jitsi-passwords
|
name: jitsi-passwords
|
||||||
# key: JIBRI_RECORDER_PASSWORD
|
key: JIBRI_RECORDER_PASSWORD
|
||||||
# - name: JIBRI_XMPP_PASSWORD
|
- name: JIBRI_XMPP_PASSWORD
|
||||||
# valueFrom:
|
valueFrom:
|
||||||
# secretKeyRef:
|
secretKeyRef:
|
||||||
# name: jitsi-passwords
|
name: jitsi-passwords
|
||||||
# key: JIBRI_XMPP_PASSWORD
|
key: JIBRI_XMPP_PASSWORD
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsUser: 1000
|
|
||||||
runAsGroup: 1000
|
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
capabilities:
|
capabilities:
|
||||||
drop:
|
drop:
|
||||||
|
@ -431,10 +414,9 @@ spec:
|
||||||
runAsNonRoot: true
|
runAsNonRoot: true
|
||||||
seccompProfile:
|
seccompProfile:
|
||||||
type: RuntimeDefault
|
type: RuntimeDefault
|
||||||
# volumeMounts:
|
volumeMounts:
|
||||||
# - mountPath: /config
|
- mountPath: /config
|
||||||
# subPath: jvb
|
name: jitsi-jvb
|
||||||
# name: jitsi
|
|
||||||
resources:
|
resources:
|
||||||
limits:
|
limits:
|
||||||
cpu: "500m"
|
cpu: "500m"
|
||||||
|
@ -452,7 +434,7 @@ spec:
|
||||||
# port: 8080
|
# port: 8080
|
||||||
# initialDelaySeconds: 15
|
# initialDelaySeconds: 15
|
||||||
# periodSeconds: 10
|
# periodSeconds: 10
|
||||||
# volumes:
|
volumes:
|
||||||
# - name: jitsi
|
- name: jitsi-jvb
|
||||||
# persistentVolumeClaim:
|
persistentVolumeClaim:
|
||||||
# claimName: jitsi
|
claimName: jitsi-jvb
|
|
@ -5,12 +5,12 @@ metadata:
|
||||||
namespace: external-app-development
|
namespace: external-app-development
|
||||||
spec:
|
spec:
|
||||||
ports:
|
ports:
|
||||||
- port: 8000
|
- port: 80
|
||||||
targetPort: 8000
|
targetPort: 80
|
||||||
name: http
|
name: http
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
- port: 8443
|
- port: 443
|
||||||
targetPort: 8443
|
targetPort: 443
|
||||||
name: https
|
name: https
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
selector:
|
selector:
|
||||||
|
@ -60,7 +60,7 @@ spec:
|
||||||
selector:
|
selector:
|
||||||
app: jitsi-jvb
|
app: jitsi-jvb
|
||||||
|
|
||||||
# ---
|
---
|
||||||
|
|
||||||
# apiVersion: traefik.io/v1alpha1
|
# apiVersion: traefik.io/v1alpha1
|
||||||
# kind: IngressRouteUDP
|
# kind: IngressRouteUDP
|
||||||
|
@ -146,4 +146,4 @@ spec:
|
||||||
service:
|
service:
|
||||||
name: jitsi-web
|
name: jitsi-web
|
||||||
port:
|
port:
|
||||||
number: 8000
|
number: 80
|
|
@ -1,7 +1,7 @@
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: ConfigMap
|
kind: ConfigMap
|
||||||
metadata:
|
metadata:
|
||||||
name: jitsi-users
|
name: users
|
||||||
data:
|
data:
|
||||||
users: |-
|
users: |-
|
||||||
user1 asdqwe
|
user1 asdqwe
|
||||||
|
@ -50,71 +50,61 @@ spec:
|
||||||
- amd64
|
- amd64
|
||||||
containers:
|
containers:
|
||||||
- name: add-users
|
- name: add-users
|
||||||
image: dowerx/prosody:non-root
|
image: jitsi/prosody:stable-9457-2
|
||||||
command: ["/bin/bash", "-c"]
|
command: ["/bin/bash", "-c"]
|
||||||
args: ["bash /clear.sh && bash /add.sh"]
|
args: ["bash /clear.sh && bash /add.sh"]
|
||||||
envFrom:
|
envFrom:
|
||||||
- configMapRef:
|
- configMapRef:
|
||||||
name: jitsi-env
|
name: env
|
||||||
env:
|
env:
|
||||||
- name: JICOFO_AUTH_PASSWORD
|
- name: JICOFO_AUTH_PASSWORD
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: jitsi-passwords
|
name: passwords
|
||||||
key: JICOFO_AUTH_PASSWORD
|
key: JICOFO_AUTH_PASSWORD
|
||||||
- name: JVB_AUTH_PASSWORD
|
- name: JVB_AUTH_PASSWORD
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: jitsi-passwords
|
name: passwords
|
||||||
key: JVB_AUTH_PASSWORD
|
key: JVB_AUTH_PASSWORD
|
||||||
- name: JIGASI_XMPP_PASSWORD
|
- name: JIGASI_XMPP_PASSWORD
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: jitsi-passwords
|
name: passwords
|
||||||
key: JIGASI_XMPP_PASSWORD
|
key: JIGASI_XMPP_PASSWORD
|
||||||
- name: JIBRI_RECORDER_PASSWORD
|
- name: JIBRI_RECORDER_PASSWORD
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: jitsi-passwords
|
name: passwords
|
||||||
key: JIBRI_RECORDER_PASSWORD
|
key: JIBRI_RECORDER_PASSWORD
|
||||||
- name: JIBRI_XMPP_PASSWORD
|
- name: JIBRI_XMPP_PASSWORD
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: jitsi-passwords
|
name: passwords
|
||||||
key: JIBRI_XMPP_PASSWORD
|
key: JIBRI_XMPP_PASSWORD
|
||||||
securityContext:
|
|
||||||
runAsUser: 1000
|
|
||||||
runAsGroup: 1000
|
|
||||||
allowPrivilegeEscalation: false
|
|
||||||
capabilities:
|
|
||||||
drop:
|
|
||||||
- ALL
|
|
||||||
runAsNonRoot: true
|
|
||||||
seccompProfile:
|
|
||||||
type: RuntimeDefault
|
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- mountPath: /config
|
- mountPath: /config
|
||||||
name: jitsi
|
name: prosody
|
||||||
subPath: prosody
|
- mountPath: /prosody-plugins-custom
|
||||||
|
name: prosody
|
||||||
|
subPath: prosody-plugins-custom
|
||||||
- mountPath: /users
|
- mountPath: /users
|
||||||
name: jitsi-users
|
name: users
|
||||||
subPath: users
|
subPath: users
|
||||||
- mountPath: /clear.sh
|
- mountPath: /clear.sh
|
||||||
name: jitsi-users
|
name: users
|
||||||
subPath: clear.sh
|
subPath: clear.sh
|
||||||
- mountPath: /add.sh
|
- mountPath: /add.sh
|
||||||
name: jitsi-users
|
name: users
|
||||||
subPath: add.sh
|
subPath: add.sh
|
||||||
restartPolicy: OnFailure
|
restartPolicy: OnFailure
|
||||||
securityContext:
|
|
||||||
fsGroup: 1000
|
|
||||||
volumes:
|
volumes:
|
||||||
- name: jitsi
|
- name: prosody
|
||||||
persistentVolumeClaim:
|
persistentVolumeClaim:
|
||||||
claimName: jitsi
|
claimName: prosody
|
||||||
- name: jitsi-users
|
- name: users
|
||||||
configMap:
|
configMap:
|
||||||
name: jitsi-users
|
name: users
|
||||||
items:
|
items:
|
||||||
- key: users
|
- key: users
|
||||||
path: users
|
path: users
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
services:
|
services:
|
||||||
# Frontend
|
# Frontend
|
||||||
web:
|
web:
|
||||||
image: dowerx/jitsi-web:non-root
|
image: jitsi/web:non-root
|
||||||
restart: ${RESTART_POLICY:-unless-stopped}
|
restart: ${RESTART_POLICY:-unless-stopped}
|
||||||
ports:
|
ports:
|
||||||
- '${HTTP_PORT}:80'
|
- '${HTTP_PORT}:80'
|
||||||
|
@ -174,7 +174,7 @@ services:
|
||||||
|
|
||||||
# XMPP server
|
# XMPP server
|
||||||
prosody:
|
prosody:
|
||||||
image: dowerx/prosody:non-root
|
image: jitsi/prosody:non-root
|
||||||
restart: ${RESTART_POLICY:-unless-stopped}
|
restart: ${RESTART_POLICY:-unless-stopped}
|
||||||
expose:
|
expose:
|
||||||
- '${XMPP_PORT:-5222}'
|
- '${XMPP_PORT:-5222}'
|
||||||
|
@ -306,7 +306,7 @@ services:
|
||||||
|
|
||||||
# Focus component
|
# Focus component
|
||||||
jicofo:
|
jicofo:
|
||||||
image: dowerx/jicofo:non-root
|
image: jitsi/jicofo:non-root
|
||||||
restart: ${RESTART_POLICY:-unless-stopped}
|
restart: ${RESTART_POLICY:-unless-stopped}
|
||||||
ports:
|
ports:
|
||||||
- '127.0.0.1:${JICOFO_REST_PORT:-8888}:8888'
|
- '127.0.0.1:${JICOFO_REST_PORT:-8888}:8888'
|
||||||
|
@ -388,7 +388,7 @@ services:
|
||||||
# Video bridge
|
# Video bridge
|
||||||
|
|
||||||
jvb:
|
jvb:
|
||||||
image: dowerx/jvb:non-root
|
image: jitsi/jvb:non-root
|
||||||
restart: ${RESTART_POLICY:-unless-stopped}
|
restart: ${RESTART_POLICY:-unless-stopped}
|
||||||
ports:
|
ports:
|
||||||
- '${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp'
|
- '${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp'
|
||||||
|
|
|
@ -1,18 +1,15 @@
|
||||||
registry: docker.io
|
registry: docker.io
|
||||||
repos:
|
repos:
|
||||||
- name: jitsi-base-java
|
- name: base-java
|
||||||
library: dowerx
|
library: jitsi
|
||||||
repo: base-java
|
repo: base-java
|
||||||
action: push
|
action: load
|
||||||
tags:
|
tags:
|
||||||
- name: latest
|
|
||||||
builds:
|
|
||||||
- non-root-amd64
|
|
||||||
- non-root-arm64
|
|
||||||
- name: non-root
|
- name: non-root
|
||||||
builds:
|
builds:
|
||||||
- non-root-amd64
|
- non-root-amd64
|
||||||
- non-root-arm64
|
- non-root-arm64
|
||||||
|
- non-root-armv7
|
||||||
builds:
|
builds:
|
||||||
- arch: amd64
|
- arch: amd64
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
|
@ -22,3 +19,7 @@ repos:
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
tags:
|
tags:
|
||||||
- non-root-arm64
|
- non-root-arm64
|
||||||
|
- arch: armv7
|
||||||
|
dockerfile: Dockerfile
|
||||||
|
tags:
|
||||||
|
- non-root-armv7
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
FROM dowerx/jitsi-base:non-root
|
# jitsi/base-java:non-root
|
||||||
|
FROM jitsi/base:non-root
|
||||||
|
|
||||||
RUN mkdir -p /usr/share/man/man1 && \
|
RUN mkdir -p /usr/share/man/man1 && \
|
||||||
mkdir -p /etc/apt/keyrings/ && \
|
mkdir -p /etc/apt/keyrings/ && \
|
||||||
|
|
|
@ -1,18 +1,15 @@
|
||||||
registry: docker.io
|
registry: docker.io
|
||||||
repos:
|
repos:
|
||||||
- name: jitsi-base
|
- name: base
|
||||||
library: dowerx
|
library: jitsi
|
||||||
repo: base
|
repo: base
|
||||||
action: push
|
action: load
|
||||||
tags:
|
tags:
|
||||||
- name: latest
|
|
||||||
builds:
|
|
||||||
- non-root-amd64
|
|
||||||
- non-root-arm64
|
|
||||||
- name: non-root
|
- name: non-root
|
||||||
builds:
|
builds:
|
||||||
- non-root-amd64
|
- non-root-amd64
|
||||||
- non-root-arm64
|
- non-root-arm64
|
||||||
|
- non-root-armv7
|
||||||
builds:
|
builds:
|
||||||
- arch: amd64
|
- arch: amd64
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
|
@ -22,6 +19,7 @@ repos:
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
tags:
|
tags:
|
||||||
- non-root-arm64
|
- non-root-arm64
|
||||||
env:
|
- arch: armv7
|
||||||
- key: ARCH
|
dockerfile: Dockerfile
|
||||||
value: arm64
|
tags:
|
||||||
|
- non-root-armv7
|
||||||
|
|
|
@ -1,18 +1,15 @@
|
||||||
registry: docker.io
|
registry: docker.io
|
||||||
repos:
|
repos:
|
||||||
- name: jicofo
|
- name: jicofo
|
||||||
library: dowerx
|
library: jitsi
|
||||||
repo: jicofo
|
repo: jicofo
|
||||||
action: push
|
action: load
|
||||||
tags:
|
tags:
|
||||||
- name: latest
|
|
||||||
builds:
|
|
||||||
- non-root-amd64
|
|
||||||
- non-root-arm64
|
|
||||||
- name: non-root
|
- name: non-root
|
||||||
builds:
|
builds:
|
||||||
- non-root-amd64
|
- non-root-amd64
|
||||||
- non-root-arm64
|
- non-root-arm64
|
||||||
|
- non-root-armv7
|
||||||
builds:
|
builds:
|
||||||
- arch: amd64
|
- arch: amd64
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
|
@ -22,3 +19,7 @@ repos:
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
tags:
|
tags:
|
||||||
- non-root-arm64
|
- non-root-arm64
|
||||||
|
- arch: armv7
|
||||||
|
dockerfile: Dockerfile
|
||||||
|
tags:
|
||||||
|
- non-root-armv7
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
FROM dowerx/jitsi-base-java:non-root
|
# jitsi/jicofo:non-root
|
||||||
|
FROM jitsi/base-java:non-root
|
||||||
|
|
||||||
RUN apt-get update && \
|
RUN apt-get update && \
|
||||||
apt-get install -y jicofo && \
|
apt-get install -y jicofo && \
|
||||||
|
|
|
@ -1,18 +1,15 @@
|
||||||
registry: docker.io
|
registry: docker.io
|
||||||
repos:
|
repos:
|
||||||
- name: jvb
|
- name: jvb
|
||||||
library: dowerx
|
library: jitsi
|
||||||
repo: jvb
|
repo: jvb
|
||||||
action: push
|
action: load
|
||||||
tags:
|
tags:
|
||||||
- name: latest
|
|
||||||
builds:
|
|
||||||
- non-root-amd64
|
|
||||||
- non-root-arm64
|
|
||||||
- name: non-root
|
- name: non-root
|
||||||
builds:
|
builds:
|
||||||
- non-root-amd64
|
- non-root-amd64
|
||||||
- non-root-arm64
|
- non-root-arm64
|
||||||
|
- non-root-armv7
|
||||||
builds:
|
builds:
|
||||||
- arch: amd64
|
- arch: amd64
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
|
@ -22,3 +19,7 @@ repos:
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
tags:
|
tags:
|
||||||
- non-root-arm64
|
- non-root-arm64
|
||||||
|
- arch: armv7
|
||||||
|
dockerfile: Dockerfile
|
||||||
|
tags:
|
||||||
|
- non-root-armv7
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
FROM dowerx/jitsi-base-java:non-root
|
# jitsi/jvb:non-root
|
||||||
|
FROM jitsi/base-java:non-root
|
||||||
|
|
||||||
RUN apt-get update && \
|
RUN apt-get update && \
|
||||||
apt-get install -y jitsi-videobridge2 jitsi-autoscaler-sidecar jq curl iproute2 dnsutils libpcap0.8 && \
|
apt-get install -y jitsi-videobridge2 jitsi-autoscaler-sidecar jq curl iproute2 dnsutils libpcap0.8 && \
|
||||||
|
|
|
@ -1,18 +1,15 @@
|
||||||
registry: docker.io
|
registry: docker.io
|
||||||
repos:
|
repos:
|
||||||
- name: prosody
|
- name: prosody
|
||||||
library: dowerx
|
library: jitsi
|
||||||
repo: prosody
|
repo: prosody
|
||||||
action: push
|
action: load
|
||||||
tags:
|
tags:
|
||||||
- name: latest
|
|
||||||
builds:
|
|
||||||
- non-root-amd64
|
|
||||||
- non-root-arm64
|
|
||||||
- name: non-root
|
- name: non-root
|
||||||
builds:
|
builds:
|
||||||
- non-root-amd64
|
- non-root-amd64
|
||||||
- non-root-arm64
|
- non-root-arm64
|
||||||
|
- non-root-armv7
|
||||||
builds:
|
builds:
|
||||||
- arch: amd64
|
- arch: amd64
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
|
@ -22,3 +19,7 @@ repos:
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
tags:
|
tags:
|
||||||
- non-root-arm64
|
- non-root-arm64
|
||||||
|
- arch: armv7
|
||||||
|
dockerfile: Dockerfile
|
||||||
|
tags:
|
||||||
|
- non-root-armv7
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
ARG JITSI_REPO=jitsi
|
ARG JITSI_REPO=jitsi
|
||||||
ARG BASE_TAG=latest
|
ARG BASE_TAG=latest
|
||||||
|
|
||||||
FROM dowerx/jitsi-base:non-root AS builder
|
FROM jitsi/base:non-root AS builder
|
||||||
|
|
||||||
RUN apt-get update && \
|
RUN apt-get update && \
|
||||||
apt-get install -y \
|
apt-get install -y \
|
||||||
|
@ -19,7 +19,7 @@ RUN apt-get update && \
|
||||||
luarocks install lua-cjson 2.1.0-1 && \
|
luarocks install lua-cjson 2.1.0-1 && \
|
||||||
luarocks install net-url 0.9-1
|
luarocks install net-url 0.9-1
|
||||||
|
|
||||||
FROM dowerx/jitsi-base:non-root
|
FROM jitsi/base:non-root
|
||||||
|
|
||||||
ARG VERSION_JITSI_CONTRIB_PROSODY_PLUGINS="20240117"
|
ARG VERSION_JITSI_CONTRIB_PROSODY_PLUGINS="20240117"
|
||||||
ARG VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN="1.8.0"
|
ARG VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN="1.8.0"
|
||||||
|
|
|
@ -1,18 +1,15 @@
|
||||||
registry: docker.io
|
registry: docker.io
|
||||||
repos:
|
repos:
|
||||||
- name: jitsi-web
|
- name: web
|
||||||
library: dowerx
|
library: jitsi
|
||||||
repo: web
|
repo: web
|
||||||
action: push
|
action: load
|
||||||
tags:
|
tags:
|
||||||
- name: latest
|
|
||||||
builds:
|
|
||||||
- non-root-amd64
|
|
||||||
- non-root-arm64
|
|
||||||
- name: non-root
|
- name: non-root
|
||||||
builds:
|
builds:
|
||||||
- non-root-amd64
|
- non-root-amd64
|
||||||
- non-root-arm64
|
- non-root-arm64
|
||||||
|
- non-root-armv7
|
||||||
builds:
|
builds:
|
||||||
- arch: amd64
|
- arch: amd64
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
|
@ -22,3 +19,7 @@ repos:
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
tags:
|
tags:
|
||||||
- non-root-arm64
|
- non-root-arm64
|
||||||
|
- arch: armv7
|
||||||
|
dockerfile: Dockerfile
|
||||||
|
tags:
|
||||||
|
- non-root-armv7
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
FROM dowerx/jitsi-base:non-root
|
# jitsi/web:non-root
|
||||||
|
FROM jitsi/base:non-root
|
||||||
|
|
||||||
RUN \
|
RUN \
|
||||||
apt-get update && apt-get install -y --no-install-recommends \
|
apt-get update && apt-get install -y --no-install-recommends \
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
server {
|
server {
|
||||||
listen 8000 default_server;
|
listen 80 default_server;
|
||||||
|
|
||||||
{{ if .Env.ENABLE_IPV6 | default "1" | toBool }}
|
{{ if .Env.ENABLE_IPV6 | default "1" | toBool }}
|
||||||
listen [::]:8000 default_server;
|
listen [::]:80 default_server;
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
||||||
{{ if .Env.ENABLE_HTTP_REDIRECT | default "0" | toBool }}
|
{{ if .Env.ENABLE_HTTP_REDIRECT | default "0" | toBool }}
|
||||||
|
@ -14,10 +14,10 @@ server {
|
||||||
|
|
||||||
{{ if not (.Env.DISABLE_HTTPS | default "0" | toBool) }}
|
{{ if not (.Env.DISABLE_HTTPS | default "0" | toBool) }}
|
||||||
server {
|
server {
|
||||||
listen 8443 ssl http2;
|
listen 443 ssl http2;
|
||||||
|
|
||||||
{{ if .Env.ENABLE_IPV6 | default "1" | toBool }}
|
{{ if .Env.ENABLE_IPV6 | default "1" | toBool }}
|
||||||
listen [::]:8443 ssl http2;
|
listen [::]:443 ssl http2;
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
||||||
include /config/nginx/ssl.conf;
|
include /config/nginx/ssl.conf;
|
||||||
|
|
Loading…
Reference in New Issue