fixed etherpad

This commit is contained in:
jerger 2022-06-07 19:34:48 +02:00
parent f2074ef59b
commit 9b5bcb9691
6 changed files with 84 additions and 35 deletions

View file

@ -16,11 +16,12 @@
(defn k8s-objects [config] (defn k8s-objects [config]
(map yaml/to-string (map yaml/to-string
[(jitsi/generate-ingress config) [(jitsi/generate-secret-jitsi config)
(jitsi/generate-secret config)
(jitsi/generate-jvb-service) (jitsi/generate-jvb-service)
(jitsi/generate-web-service) (jitsi/generate-web-service)
(jitsi/generate-etherpad-service) (jitsi/generate-etherpad-service)
(jitsi/generate-ingress-jitsi config)
(jitsi/generate-ingress-etherpad config)
(jitsi/generate-deployment config)])) (jitsi/generate-deployment config)]))
(defn-spec generate any? (defn-spec generate any?

View file

@ -18,25 +18,37 @@
(case resource-name (case resource-name
"jitsi/deployment.yaml" (rc/inline "jitsi/deployment.yaml") "jitsi/deployment.yaml" (rc/inline "jitsi/deployment.yaml")
"jitsi/etherpad-service.yaml" (rc/inline "jitsi/etherpad-service.yaml") "jitsi/etherpad-service.yaml" (rc/inline "jitsi/etherpad-service.yaml")
"jitsi/ingress.yaml" (rc/inline "jitsi/ingress.yaml") "jitsi/ingress-jitsi.yaml" (rc/inline "jitsi/ingress-jitsi.yaml")
"jitsi/ingress-etherpad.yaml" (rc/inline "jitsi/ingress-etherpad.yaml")
"jitsi/jvb-service.yaml" (rc/inline "jitsi/jvb-service.yaml") "jitsi/jvb-service.yaml" (rc/inline "jitsi/jvb-service.yaml")
"jitsi/secret.yaml" (rc/inline "jitsi/secret.yaml") "jitsi/secret.yaml" (rc/inline "jitsi/secret.yaml")
"jitsi/web-service.yaml" (rc/inline "jitsi/web-service.yaml") "jitsi/web-service.yaml" (rc/inline "jitsi/web-service.yaml")
(throw (js/Error. "Undefined Resource!"))))) (throw (js/Error. "Undefined Resource!")))))
(defn generate-ingress [config] (defn generate-ingress-jitsi [config]
(let [{:keys [fqdn issuer ingress-type] (let [{:keys [fqdn issuer ingress-type]
:or {issuer :staging ingress-type :default}} config :or {issuer :staging ingress-type :default}} config
letsencrypt-issuer (name issuer) letsencrypt-issuer (name issuer)
ingress-kind (if (= :default ingress-type) "" (name ingress-type))] ingress-kind (if (= :default ingress-type) "" (name ingress-type))]
(-> (->
(yaml/from-string (yaml/load-resource "jitsi/ingress.yaml")) (yaml/from-string (yaml/load-resource "jitsi/ingress-jitsi.yaml"))
(assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer) (assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer)
(assoc-in [:metadata :annotations :kubernetes.io/ingress.class] ingress-kind) (assoc-in [:metadata :annotations :kubernetes.io/ingress.class] ingress-kind)
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn) (cm/replace-all-matching-values-by-new-value "REPLACE_JITSI_FQDN" fqdn))))
(cm/replace-all-matching-values-by-new-value "ETHERPAD_FQDN" (str "https://etherpad." fqdn "/p/")))))
(defn generate-secret [config] (defn generate-ingress-etherpad [config]
(let [{:keys [fqdn issuer ingress-type]
:or {issuer :staging ingress-type :default}} config
letsencrypt-issuer (name issuer)
ingress-kind (if (= :default ingress-type) "" (name ingress-type))]
(->
(yaml/from-string (yaml/load-resource "jitsi/ingress-etherpad.yaml"))
(assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer)
(assoc-in [:metadata :annotations :kubernetes.io/ingress.class] ingress-kind)
(cm/replace-all-matching-values-by-new-value "REPLACE_ETHERPAD_FQDN"
(str "etherpad." fqdn)))))
(defn generate-secret-jitsi [config]
(let [{:keys [jvb-auth-password jicofo-auth-password jicofo-component-secret]} config] (let [{:keys [jvb-auth-password jicofo-auth-password jicofo-component-secret]} config]
(-> (->
(yaml/from-string (yaml/load-resource "jitsi/secret.yaml")) (yaml/from-string (yaml/load-resource "jitsi/secret.yaml"))
@ -57,5 +69,6 @@
(let [{:keys [fqdn]} config] (let [{:keys [fqdn]} config]
(-> (->
(yaml/from-string (yaml/load-resource "jitsi/deployment.yaml")) (yaml/from-string (yaml/load-resource "jitsi/deployment.yaml"))
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn) (cm/replace-all-matching-values-by-new-value "REPLACE_JITSI_FQDN" fqdn)
(cm/replace-all-matching-values-by-new-value "ETHERPAD_FQDN" (str "https://etherpad." fqdn "/p/"))))) (cm/replace-all-matching-values-by-new-value "REPLACE_ETHERPAD_URL"
(str "https://etherpad." fqdn "/p/")))))

View file

@ -51,7 +51,7 @@ spec:
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
env: env:
- name: PUBLIC_URL - name: PUBLIC_URL
value: FQDN value: REPLACE_JITSI_FQDN
- name: XMPP_DOMAIN - name: XMPP_DOMAIN
value: meet.meissa-gmbh value: meet.meissa-gmbh
- name: XMPP_AUTH_DOMAIN - name: XMPP_AUTH_DOMAIN
@ -88,7 +88,7 @@ spec:
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
env: env:
- name: PUBLIC_URL - name: PUBLIC_URL
value: FQDN value: REPLACE_JITSI_FQDN
- name: XMPP_SERVER - name: XMPP_SERVER
value: localhost value: localhost
- name: JICOFO_AUTH_USER - name: JICOFO_AUTH_USER
@ -120,17 +120,17 @@ spec:
- name: DISABLE_AUDIO_LEVELS - name: DISABLE_AUDIO_LEVELS
value: "true" value: "true"
- name: ETHERPAD_PUBLIC_URL - name: ETHERPAD_PUBLIC_URL
value: ETHERPAD_FQDN value: REPLACE_ETHERPAD_URL
- name: jvb - name: jvb
image: jitsi/jvb:stable-7287 image: jitsi/jvb:stable-7287
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
env: env:
- name: PUBLIC_URL - name: PUBLIC_URL
value: FQDN value: REPLACE_JITSI_FQDN
- name: XMPP_SERVER - name: XMPP_SERVER
value: localhost value: localhost
- name: DOCKER_HOST_ADDRESS - name: DOCKER_HOST_ADDRESS
value: FQDN value: REPLACE_JITSI_FQDN
- name: XMPP_DOMAIN - name: XMPP_DOMAIN
value: meet.meissa-gmbh value: meet.meissa-gmbh
- name: XMPP_AUTH_DOMAIN - name: XMPP_AUTH_DOMAIN

View file

@ -0,0 +1,23 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: etherpad
annotations:
cert-manager.io/cluster-issuer: REPLACEME
ingress.kubernetes.io/ssl-redirect: "true"
spec:
tls:
- hosts:
- REPLACE_ETHERPAD_FQDN
secretName: tls-etherpad
rules:
- host: REPLACE_ETHERPAD_FQDN
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: etherpad
port:
number: 9001

View file

@ -8,10 +8,10 @@ metadata:
spec: spec:
tls: tls:
- hosts: - hosts:
- FQDN - REPLACE_JITSI_FQDN
secretName: tls-jitsi secretName: tls-jitsi
rules: rules:
- host: FQDN - host: REPLACE_JITSI_FQDN
http: http:
paths: paths:
- path: / - path: /
@ -21,13 +21,3 @@ spec:
name: web name: web
port: port:
number: 80 number: 80
- host: etherpad.jitsi.test.meissa-gmbh.de
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: etherpad
port:
number: 9001

View file

@ -2,8 +2,10 @@
(:require (:require
#?(:clj [clojure.test :refer [deftest is are testing run-tests]] #?(:clj [clojure.test :refer [deftest is are testing run-tests]]
:cljs [cljs.test :refer-macros [deftest is are testing run-tests]]) :cljs [cljs.test :refer-macros [deftest is are testing run-tests]])
[clojure.spec.test.alpha :as st]
[dda.c4k-jitsi.jitsi :as cut])) [dda.c4k-jitsi.jitsi :as cut]))
;;(st/instrument)
(deftest should-generate-deployment (deftest should-generate-deployment
(is (= {:apiVersion "apps/v1", (is (= {:apiVersion "apps/v1",
@ -102,7 +104,7 @@
{:name "TZ", :value "Europe/Berlin"}]}]}}}} {:name "TZ", :value "Europe/Berlin"}]}]}}}}
(cut/generate-deployment {:fqdn "xy"})))) (cut/generate-deployment {:fqdn "xy"}))))
(deftest should-generate-ingress (deftest should-generate-ingress-jitsi
(is (= {:apiVersion "networking.k8s.io/v1", (is (= {:apiVersion "networking.k8s.io/v1",
:kind "Ingress", :kind "Ingress",
:metadata :metadata
@ -115,10 +117,30 @@
{:tls [{:hosts ["test.com"], :secretName "tls-jitsi"}], {:tls [{:hosts ["test.com"], :secretName "tls-jitsi"}],
:rules :rules
[{:host "test.com", [{:host "test.com",
:http {:paths [{:path "/", :pathType "Prefix", :backend {:service {:name "web", :port {:number 80}}}}]}} :http {:paths [{:path "/", :pathType "Prefix", :backend {:service {:name "web", :port {:number 80}}}}]}}]}}
{:host "etherpad.jitsi.test.meissa-gmbh.de", (cut/generate-ingress-jitsi {:fqdn "test.com" :issuer :staging}))))
:http {:paths [{:path "/", :pathType "Prefix", :backend {:service {:name "etherpad", :port {:number 9001}}}}]}}]}}
(cut/generate-ingress {:fqdn "test.com" :issuer :staging})))) (deftest should-generate-ingress-etherpad
(is (= {:apiVersion "networking.k8s.io/v1",
:kind "Ingress",
:metadata
{:name "etherpad",
:annotations
{:cert-manager.io/cluster-issuer "staging",
:ingress.kubernetes.io/ssl-redirect "true",
:kubernetes.io/ingress.class ""}},
:spec
{:tls [{:hosts ["etherpad.test.com"], :secretName "tls-etherpad"}],
:rules
[{:host "etherpad.test.com",
:http
{:paths
[{:path "/",
:pathType "Prefix",
:backend
{:service {:name "etherpad", :port {:number 9001}}}}]}}]}}
(cut/generate-ingress-etherpad {:fqdn "test.com" :issuer :staging}))))
(deftest should-generate-secret (deftest should-generate-secret
(is (= {:apiVersion "v1", (is (= {:apiVersion "v1",
@ -129,6 +151,6 @@
{:JVB_AUTH_PASSWORD "anZiLWF1dGg=", {:JVB_AUTH_PASSWORD "anZiLWF1dGg=",
:JICOFO_AUTH_PASSWORD "amljb2ZvLWF1dGg=", :JICOFO_AUTH_PASSWORD "amljb2ZvLWF1dGg=",
:JICOFO_COMPONENT_SECRET "amljb2ZvLWNvbXA="}} :JICOFO_COMPONENT_SECRET "amljb2ZvLWNvbXA="}}
(cut/generate-secret {:jvb-auth-password "jvb-auth" (cut/generate-secret-jitsi {:jvb-auth-password "jvb-auth"
:jicofo-auth-password "jicofo-auth" :jicofo-auth-password "jicofo-auth"
:jicofo-component-secret "jicofo-comp"})))) :jicofo-component-secret "jicofo-comp"}))))