apiVersion: v1 kind: ConfigMap metadata: name: jitsi-web-conf namespace: external-app-development data: 20-use-env: |- #!/bin/bash sed -i "s|xmpp.meet.jitsi|XMPP_SERVER|" /config/nginx/meet.conf --- kind: Deployment apiVersion: apps/v1 metadata: name: jitsi-web namespace: external-app-development spec: strategy: type: Recreate replicas: 1 selector: matchLabels: app: jitsi-web template: metadata: labels: app: jitsi-web spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/arch operator: In values: - arm64 - amd64 initContainers: - name: jitsi-web-conf image: busybox args: ["sh", "-c", "cat /20-use-env | sed \"s/XMPP_SERVER/$XMPP_SERVER/\" > /config/20-use-env && chmod +x /config/20-use-env"] volumeMounts: - mountPath: /config name: jitsi-web - mountPath: /20-use-env name: jitsi-web-conf subPath: 20-use-env envFrom: - configMapRef: name: jitsi-env securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL runAsNonRoot: true seccompProfile: type: RuntimeDefault containers: - name: jitsi-web image: jitsi/web:stable-9457-2 ports: - containerPort: 80 protocol: TCP - containerPort: 443 protocol: TCP envFrom: - configMapRef: name: jitsi-env env: - name: JICOFO_AUTH_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JICOFO_AUTH_PASSWORD - name: JVB_AUTH_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JVB_AUTH_PASSWORD - name: JIGASI_XMPP_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JIGASI_XMPP_PASSWORD - name: JIBRI_RECORDER_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JIBRI_RECORDER_PASSWORD - name: JIBRI_XMPP_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JIBRI_XMPP_PASSWORD volumeMounts: - mountPath: /config name: jitsi-web - mountPath: /var/spool/cron/crontabs name: jitsi-web subPath: crontabs - mountPath: /usr/share/jitsi-meet/transcripts name: jitsi-web subPath: transcripts - mountPath: /etc/cont-init.d/20-use-env name: jitsi-web subPath: 20-use-env securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL runAsNonRoot: true seccompProfile: type: RuntimeDefault resources: limits: cpu: "500m" memory: "512Mi" requests: cpu: "10m" memory: "10Mi" # readinessProbe: # tcpSocket: # port: 80 # initialDelaySeconds: 15 # periodSeconds: 10 # livenessProbe: # tcpSocket: # port: 80 # initialDelaySeconds: 15 # periodSeconds: 10 volumes: - name: jitsi-web persistentVolumeClaim: claimName: jitsi-web - name: jitsi-web-conf configMap: name: jitsi-web-conf items: - key: 20-use-env path: 20-use-env --- kind: Deployment apiVersion: apps/v1 metadata: name: jitsi-prosody namespace: external-app-development spec: strategy: type: Recreate replicas: 1 selector: matchLabels: app: jitsi-prosody template: metadata: labels: app: jitsi-prosody spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/arch operator: In values: - arm64 - amd64 containers: - name: jitsi-prosody image: jitsi/prosody:stable-9457-2 ports: - containerPort: 5222 protocol: TCP - containerPort: 5269 protocol: TCP - containerPort: 5347 protocol: TCP - containerPort: 5280 protocol: TCP envFrom: - configMapRef: name: jitsi-env env: - name: JICOFO_AUTH_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JICOFO_AUTH_PASSWORD - name: JVB_AUTH_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JVB_AUTH_PASSWORD - name: JIGASI_XMPP_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JIGASI_XMPP_PASSWORD - name: JIBRI_RECORDER_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JIBRI_RECORDER_PASSWORD - name: JIBRI_XMPP_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JIBRI_XMPP_PASSWORD securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL runAsNonRoot: true seccompProfile: type: RuntimeDefault volumeMounts: - mountPath: /config name: jitsi-prosody - mountPath: /prosody-plugins-custom name: jitsi-prosody subPath: prosody-plugins-custom resources: limits: cpu: "500m" memory: "512Mi" requests: cpu: "10m" memory: "10Mi" # readinessProbe: # tcpSocket: # port: 5280 # initialDelaySeconds: 15 # periodSeconds: 10 # livenessProbe: # tcpSocket: # port: 5280 # initialDelaySeconds: 15 # periodSeconds: 10 volumes: - name: jitsi-prosody persistentVolumeClaim: claimName: jitsi-prosody --- kind: Deployment apiVersion: apps/v1 metadata: name: jitsi-jicofo namespace: external-app-development spec: strategy: type: Recreate replicas: 1 selector: matchLabels: app: jitsi-jicofo template: metadata: labels: app: jitsi-jicofo spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/arch operator: In values: - arm64 - amd64 containers: - name: jitsi-jicofo image: jitsi/jicofo:stable-9457-2 ports: - containerPort: 8888 protocol: TCP envFrom: - configMapRef: name: jitsi-env env: - name: JICOFO_AUTH_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JICOFO_AUTH_PASSWORD - name: JVB_AUTH_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JVB_AUTH_PASSWORD - name: JIGASI_XMPP_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JIGASI_XMPP_PASSWORD - name: JIBRI_RECORDER_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JIBRI_RECORDER_PASSWORD - name: JIBRI_XMPP_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JIBRI_XMPP_PASSWORD securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL runAsNonRoot: true seccompProfile: type: RuntimeDefault volumeMounts: - mountPath: /config name: jitsi-jicofo resources: limits: cpu: "500m" memory: "512Mi" requests: cpu: "10m" memory: "10Mi" # readinessProbe: # tcpSocket: # port: 8888 # initialDelaySeconds: 15 # periodSeconds: 10 # livenessProbe: # tcpSocket: # port: 8888 # initialDelaySeconds: 15 # periodSeconds: 10 volumes: - name: jitsi-jicofo persistentVolumeClaim: claimName: jitsi-jicofo --- kind: Deployment apiVersion: apps/v1 metadata: name: jitsi-jvb namespace: external-app-development spec: strategy: type: Recreate replicas: 1 selector: matchLabels: app: jitsi-jvb template: metadata: labels: app: jitsi-jvb spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/arch operator: In values: - arm64 - amd64 containers: - name: jitsi-jvb image: jitsi/jvb:stable-9457-2 ports: - containerPort: 10000 protocol: UDP - containerPort: 8080 protocol: TCP envFrom: - configMapRef: name: jitsi-env env: - name: JICOFO_AUTH_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JICOFO_AUTH_PASSWORD - name: JVB_AUTH_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JVB_AUTH_PASSWORD - name: JIGASI_XMPP_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JIGASI_XMPP_PASSWORD - name: JIBRI_RECORDER_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JIBRI_RECORDER_PASSWORD - name: JIBRI_XMPP_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JIBRI_XMPP_PASSWORD securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL runAsNonRoot: true seccompProfile: type: RuntimeDefault volumeMounts: - mountPath: /config name: jitsi-jvb resources: limits: cpu: "500m" memory: "512Mi" requests: cpu: "10m" memory: "10Mi" # readinessProbe: # tcpSocket: # port: 8080 # initialDelaySeconds: 15 # periodSeconds: 10 # livenessProbe: # tcpSocket: # port: 8080 # initialDelaySeconds: 15 # periodSeconds: 10 volumes: - name: jitsi-jvb persistentVolumeClaim: claimName: jitsi-jvb