even smaller test
grouped deployments together for them to work fixed valid-config and auth
This commit is contained in:
parent
6d54389047
commit
9df05f24ca
10 changed files with 189 additions and 229 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -26,3 +26,4 @@ public/js/
|
|||
|
||||
auth.edn
|
||||
config.edn
|
||||
out.yaml
|
||||
|
|
|
@ -18,11 +18,8 @@
|
|||
(map (fn [x] (yaml/to-string x))
|
||||
[(jitsi/generate-ingress config)
|
||||
(jitsi/generate-secret config)
|
||||
(jitsi/generate-jicofo-deployment)
|
||||
(jitsi/generate-jvb-deployment)
|
||||
(jitsi/generate-jvb-service)
|
||||
(jitsi/generate-prosody-deployment)
|
||||
(jitsi/generate-web-deployment)
|
||||
(jitsi/generate-deployment)
|
||||
(jitsi/generate-web-service)]))
|
||||
|
||||
(defn-spec generate any?
|
||||
|
|
|
@ -4,6 +4,7 @@
|
|||
#?(:cljs [shadow.resource :as rc])
|
||||
[dda.c4k-common.yaml :as yaml]
|
||||
[dda.c4k-common.common :as cm]
|
||||
[dda.c4k-common.base64 :as b64]
|
||||
[dda.c4k-common.predicate :as pred]))
|
||||
|
||||
(s/def ::fqdn pred/fqdn-string?)
|
||||
|
@ -16,43 +17,51 @@
|
|||
(defmethod yaml/load-resource :jitsi [resource-name]
|
||||
(case resource-name
|
||||
"jitsi/ingress.yaml" (rc/inline "jitsi/ingress.yaml")
|
||||
"jitsi/jicofo-deployment.yaml" (rc/inline "jitsi/jicofo-deployment.yaml")
|
||||
"jitsi/jvb-deployment.yaml" (rc/inline "jitsi/jvb-deployment.yaml")
|
||||
"jitsi/jvb-service.yaml" (rc/inline "jitsi/jvb-service.yaml")
|
||||
"jitsi/prosody-deployment.yaml" (rc/inline "jitsi/prosody-deployment.yaml")
|
||||
"jitsi/secret.yaml" (rc/inline "jitsi/secret.yaml")
|
||||
"jitsi/web-deployment.yaml" (rc/inline "jitsi/web-deployment.yaml")
|
||||
"jitsi/web-service.yaml" (rc/inline "jitsi/web-service.yaml")
|
||||
"jitsi/pod-security-policy.yaml" (rc/inline "jitsi/pod-security-policy.yaml")
|
||||
"jitsi/role-binding.yaml" (rc/inline "jitsi/role-binding.yaml")
|
||||
"jitsi/role.yaml" (rc/inline "jitsi/role.yaml")
|
||||
"jitsi/service-account.yaml" (rc/inline "jitsi/service-account.yaml")
|
||||
(throw (js/Error. "Undefined Resource!")))))
|
||||
|
||||
(defn generate-ingress [config]
|
||||
(->
|
||||
; TODO: Update fqdn from config
|
||||
(yaml/from-string (yaml/load-resource "jitsi/ingress.yaml"))))
|
||||
(let [{:keys [fqdn issuer ingress-type]
|
||||
:or {issuer :staging ingress-type :default}} config
|
||||
letsencrypt-issuer (str "letsencrypt-" (name issuer) "-issuer")
|
||||
ingress-kind (if (= :default ingress-type) "" (name ingress-type))]
|
||||
(->
|
||||
(yaml/from-string (yaml/load-resource "jitsi/ingress.yaml"))
|
||||
(assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer)
|
||||
(assoc-in [:metadata :annotations :kubernetes.io/ingress.class] ingress-kind)
|
||||
(cm/replace-all-matching-values-by-new-value "fqdn" fqdn))))
|
||||
|
||||
(defn generate-secret [config]
|
||||
(->
|
||||
; TODO: Update secrets from auth
|
||||
(yaml/from-string (yaml/load-resource "jitsi/secret.yaml"))))
|
||||
|
||||
(defn generate-jicofo-deployment []
|
||||
(->
|
||||
(yaml/from-string (yaml/load-resource "jitsi/jicofo-deployment.yaml"))))
|
||||
|
||||
(defn generate-jvb-deployment []
|
||||
(->
|
||||
(yaml/from-string (yaml/load-resource "jitsi/jvb-deployment.yaml"))))
|
||||
(let [{:keys [jvb-auth-password jicofo-auth-password jicofo-component-secret]} config]
|
||||
(->
|
||||
(yaml/from-string (yaml/load-resource "jitsi/secret.yaml"))
|
||||
(cm/replace-key-value :JVB_AUTH_PASSWORD (b64/encode jvb-auth-password))
|
||||
(cm/replace-key-value :JICOFO_AUTH_PASSWORD (b64/encode jicofo-auth-password))
|
||||
(cm/replace-key-value :JICOFO_COMPONENT_SECRET (b64/encode jicofo-component-secret)))))
|
||||
|
||||
(defn generate-jvb-service []
|
||||
(yaml/from-string (yaml/load-resource "jitsi/jvb-service.yaml")))
|
||||
|
||||
(defn generate-prosody-deployment []
|
||||
(->
|
||||
(yaml/from-string (yaml/load-resource "jitsi/prosody-deployment.yaml"))))
|
||||
|
||||
(defn generate-web-deployment []
|
||||
(->
|
||||
(yaml/from-string (yaml/load-resource "jitsi/web-deployment.yaml"))))
|
||||
|
||||
(defn generate-web-service []
|
||||
(yaml/from-string (yaml/load-resource "jitsi/web-service.yaml")))
|
||||
|
||||
(defn generate-deployment []
|
||||
(yaml/from-string (yaml/load-resource "jitsi/deployment.yaml")))
|
||||
|
||||
(defn generate-pod-security-policy []
|
||||
(yaml/from-string (yaml/load-resource "jitsi/pod-security-policy.yaml")))
|
||||
|
||||
(defn generate-role-binding []
|
||||
(yaml/from-string (yaml/load-resource "jitsi/role-binding.yaml")))
|
||||
|
||||
(defn generate-role []
|
||||
(yaml/from-string (yaml/load-resource "jitsi/role.yaml")))
|
||||
|
||||
(defn generate-service-account []
|
||||
(yaml/from-string (yaml/load-resource "jitsi/service-account.yaml")))
|
147
src/main/resources/jitsi/deployment.yaml
Normal file
147
src/main/resources/jitsi/deployment.yaml
Normal file
|
@ -0,0 +1,147 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
app: jitsi
|
||||
name: jitsi
|
||||
spec:
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app: jitsi
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: jitsi
|
||||
spec:
|
||||
containers:
|
||||
- name: jicofo
|
||||
image: jitsi/jicofo:stable-6826
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: XMPP_SERVER
|
||||
value: localhost
|
||||
- name: XMPP_DOMAIN
|
||||
value: meet.jitsi
|
||||
- name: XMPP_AUTH_DOMAIN
|
||||
value: auth.meet.jitsi
|
||||
- name: XMPP_MUC_DOMAIN
|
||||
value: muc.meet.jitsi
|
||||
- name: XMPP_INTERNAL_MUC_DOMAIN
|
||||
value: internal-muc.meet.jitsi
|
||||
- name: JICOFO_COMPONENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JICOFO_COMPONENT_SECRET
|
||||
- name: JICOFO_AUTH_USER
|
||||
value: focus
|
||||
- name: JICOFO_AUTH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JICOFO_AUTH_PASSWORD
|
||||
- name: TZ
|
||||
value: Europe/Berlin
|
||||
- name: JVB_BREWERY_MUC
|
||||
value: jvbbrewery
|
||||
- name: prosody
|
||||
image: jitsi/prosody:stable-6826
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: PUBLIC_URL
|
||||
value: "https://jitsi.test.meissa-gmbh.de"
|
||||
- name: XMPP_DOMAIN
|
||||
value: meet.jitsi
|
||||
- name: XMPP_AUTH_DOMAIN
|
||||
value: auth.meet.jitsi
|
||||
- name: XMPP_MUC_DOMAIN
|
||||
value: muc.meet.jitsi
|
||||
- name: XMPP_INTERNAL_MUC_DOMAIN
|
||||
value: internal-muc.meet.jitsi
|
||||
- name: JICOFO_COMPONENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JICOFO_COMPONENT_SECRET
|
||||
- name: JVB_AUTH_USER
|
||||
value: jvb
|
||||
- name: JVB_AUTH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JVB_AUTH_PASSWORD
|
||||
- name: JICOFO_AUTH_USER
|
||||
value: focus
|
||||
- name: JICOFO_AUTH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JICOFO_AUTH_PASSWORD
|
||||
- name: TZ
|
||||
value: Europe/Berlin
|
||||
- name: JVB_TCP_HARVESTER_DISABLED
|
||||
value: "true"
|
||||
- name: web
|
||||
image: jitsi/web:stable-6826
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: PUBLIC_URL
|
||||
value: "https://jitsi.test.meissa-gmbh.de"
|
||||
- name: XMPP_SERVER
|
||||
value: localhost
|
||||
- name: JICOFO_AUTH_USER
|
||||
value: focus
|
||||
- name: XMPP_DOMAIN
|
||||
value: meet.jitsi
|
||||
- name: XMPP_AUTH_DOMAIN
|
||||
value: auth.meet.jitsi
|
||||
- name: XMPP_INTERNAL_MUC_DOMAIN
|
||||
value: internal-muc.meet.jitsi
|
||||
- name: XMPP_BOSH_URL_BASE
|
||||
value: http://127.0.0.1:5280
|
||||
- name: XMPP_MUC_DOMAIN
|
||||
value: muc.meet.jitsi
|
||||
- name: TZ
|
||||
value: Europe/Berlin
|
||||
- name: JVB_TCP_HARVESTER_DISABLED
|
||||
value: "true"
|
||||
- name: jvb
|
||||
image: jitsi/jvb:stable-6826
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: XMPP_SERVER
|
||||
value: localhost
|
||||
- name: DOCKER_HOST_ADDRESS
|
||||
value: localhost
|
||||
- name: XMPP_DOMAIN
|
||||
value: meet.jitsi
|
||||
- name: XMPP_AUTH_DOMAIN
|
||||
value: auth.meet.jitsi
|
||||
- name: XMPP_INTERNAL_MUC_DOMAIN
|
||||
value: internal-muc.meet.jitsi
|
||||
- name: JVB_STUN_SERVERS
|
||||
value: stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302
|
||||
- name: JICOFO_AUTH_USER
|
||||
value: focus
|
||||
- name: JVB_TCP_HARVESTER_DISABLED
|
||||
value: "true"
|
||||
- name: JVB_AUTH_USER
|
||||
value: jvb
|
||||
- name: JVB_PORT
|
||||
value: "30300"
|
||||
- name: JVB_AUTH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JVB_AUTH_PASSWORD
|
||||
- name: JICOFO_AUTH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JICOFO_AUTH_PASSWORD
|
||||
- name: JVB_BREWERY_MUC
|
||||
value: jvbbrewery
|
||||
- name: TZ
|
||||
value: Europe/Berlin
|
|
@ -1,46 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
app: jitsi
|
||||
name: jitsi
|
||||
spec:
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app: jitsi
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: jitsi
|
||||
spec:
|
||||
containers:
|
||||
- name: jicofo
|
||||
image: jitsi/jicofo:stable-6826
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: XMPP_SERVER
|
||||
value: localhost
|
||||
- name: XMPP_DOMAIN
|
||||
value: meet.jitsi
|
||||
- name: XMPP_AUTH_DOMAIN
|
||||
value: auth.meet.jitsi
|
||||
- name: XMPP_MUC_DOMAIN
|
||||
value: muc.meet.jitsi
|
||||
- name: XMPP_INTERNAL_MUC_DOMAIN
|
||||
value: internal-muc.meet.jitsi
|
||||
- name: JICOFO_COMPONENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JICOFO_COMPONENT_SECRET
|
||||
- name: JICOFO_AUTH_USER
|
||||
value: focus
|
||||
- name: JICOFO_AUTH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JICOFO_AUTH_PASSWORD
|
||||
- name: TZ
|
||||
value: Europe/Berlin
|
|
@ -1,54 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
app: jitsi
|
||||
name: jitsi
|
||||
spec:
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app: jitsi
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: jitsi
|
||||
spec:
|
||||
containers:
|
||||
- name: jvb
|
||||
image: jitsi/jvb:stable-6826
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: XMPP_SERVER
|
||||
value: localhost
|
||||
- name: DOCKER_HOST_ADDRESS
|
||||
value: localhost
|
||||
- name: XMPP_DOMAIN
|
||||
value: meet.jitsi
|
||||
- name: XMPP_AUTH_DOMAIN
|
||||
value: auth.meet.jitsi
|
||||
- name: XMPP_INTERNAL_MUC_DOMAIN
|
||||
value: internal-muc.meet.jitsi
|
||||
- name: JVB_STUN_SERVERS
|
||||
value: stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302
|
||||
- name: JICOFO_AUTH_USER
|
||||
value: focus
|
||||
- name: JVB_TCP_HARVESTER_DISABLED
|
||||
value: "true"
|
||||
- name: JVB_AUTH_USER
|
||||
value: jvb
|
||||
- name: JVB_PORT
|
||||
value: "30300"
|
||||
- name: JVB_AUTH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JVB_AUTH_PASSWORD
|
||||
- name: JICOFO_AUTH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JICOFO_AUTH_PASSWORD
|
||||
- name: TZ
|
||||
value: Europe/Berlin
|
|
@ -1,53 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
app: jitsi
|
||||
name: jitsi
|
||||
spec:
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app: jitsi
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: jitsi
|
||||
spec:
|
||||
containers:
|
||||
- name: prosody
|
||||
image: jitsi/prosody:stable-6826
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: XMPP_DOMAIN
|
||||
value: meet.jitsi
|
||||
- name: XMPP_AUTH_DOMAIN
|
||||
value: auth.meet.jitsi
|
||||
- name: XMPP_MUC_DOMAIN
|
||||
value: muc.meet.jitsi
|
||||
- name: XMPP_INTERNAL_MUC_DOMAIN
|
||||
value: internal-muc.meet.jitsi
|
||||
- name: JICOFO_COMPONENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JICOFO_COMPONENT_SECRET
|
||||
- name: JVB_AUTH_USER
|
||||
value: jvb
|
||||
- name: JVB_AUTH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JVB_AUTH_PASSWORD
|
||||
- name: JICOFO_AUTH_USER
|
||||
value: focus
|
||||
- name: JICOFO_AUTH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JICOFO_AUTH_PASSWORD
|
||||
- name: TZ
|
||||
value: Europe/Berlin
|
||||
- name: JVB_TCP_HARVESTER_DISABLED
|
||||
value: "true"
|
|
@ -1,40 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
app: jitsi
|
||||
name: jitsi
|
||||
spec:
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app: jitsi
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: jitsi
|
||||
spec:
|
||||
containers:
|
||||
- name: web
|
||||
image: jitsi/web:stable-6826
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: XMPP_SERVER
|
||||
value: localhost
|
||||
- name: JICOFO_AUTH_USER
|
||||
value: focus
|
||||
- name: XMPP_DOMAIN
|
||||
value: meet.jitsi
|
||||
- name: XMPP_AUTH_DOMAIN
|
||||
value: auth.meet.jitsi
|
||||
- name: XMPP_INTERNAL_MUC_DOMAIN
|
||||
value: internal-muc.meet.jitsi
|
||||
- name: XMPP_BOSH_URL_BASE
|
||||
value: http://127.0.0.1:5280
|
||||
- name: XMPP_MUC_DOMAIN
|
||||
value: muc.meet.jitsi
|
||||
- name: TZ
|
||||
value: Europe/Berlin
|
||||
- name: JVB_TCP_HARVESTER_DISABLED
|
||||
value: "true"
|
|
@ -1,3 +1,3 @@
|
|||
{:django-secret-key "django"
|
||||
:postgres-db-user "jitsi"
|
||||
:postgres-db-password "jitsi-db-password"}
|
||||
{:jvb-auth-password "JvbAuth"
|
||||
:jicofo-auth-password "JicofoAuth"
|
||||
:jicofo-component-secret "JicofoCompSec"}
|
||||
|
|
|
@ -1,3 +1,2 @@
|
|||
{:fqdn "statistics.test.meissa-gmbh.de"
|
||||
:issuer :staging
|
||||
:postgres-data-volume-path "/var/postgres"}
|
||||
{:fqdn "jitsi.test.meissa-gmbh.de"
|
||||
:issuer :staging}
|
||||
|
|
Loading…
Reference in a new issue