Merge branch 'main' of gitlab.com:domaindrivenarchitecture/c4k-jitsi
This commit is contained in:
commit
b627e3d5c1
23 changed files with 180 additions and 517 deletions
|
@ -48,7 +48,7 @@ test-schema:
|
||||||
stage: build_and_test
|
stage: build_and_test
|
||||||
script:
|
script:
|
||||||
- lein uberjar
|
- lein uberjar
|
||||||
- java -jar target/uberjar/c4k-jitsi-standalone.jar valid-config.edn valid-auth.edn | kubeconform --kubernetes-version 1.19.0 --strict --skip Certificate -
|
- java -jar target/uberjar/c4k-jitsi-standalone.jar src/test/resources/jitsi-test/valid-config.yaml src/test/resources/jitsi-test/valid-auth.yaml | kubeconform --kubernetes-version 1.19.0 --strict --skip Certificate -
|
||||||
artifacts:
|
artifacts:
|
||||||
paths:
|
paths:
|
||||||
- target/uberjar
|
- target/uberjar
|
||||||
|
|
|
@ -25,8 +25,8 @@ Your input will stay in your browser. No server interaction is required.
|
||||||
|
|
||||||
You will also be able to try out on cli:
|
You will also be able to try out on cli:
|
||||||
```
|
```
|
||||||
target/graalvm/c4k-jitsi src/test/resources/valid-config.edn src/test/resources/valid-auth.edn | kubeval -
|
target/graalvm/c4k-jitsi src/test/resources/jitsi-test/valid-config.yaml src/test/resources/jitsi-test/valid-auth.yaml | kubeval -
|
||||||
target/graalvm/c4k-jitsi src/test/resources/valid-config.edn src/test/resources/valid-auth.edn | kubectl apply -f -
|
target/graalvm/c4k-jitsi src/test/resources/jitsi-test/valid-config.yaml src/test/resources/jitsi-test/valid-auth.yaml | kubectl apply -f -
|
||||||
```
|
```
|
||||||
|
|
||||||
## Documentation
|
## Documentation
|
||||||
|
|
|
@ -1,9 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
if [ $# != 4 ]
|
|
||||||
then
|
|
||||||
echo "expected 4 arguments (webserver-pod-name, username, email, password)"
|
|
||||||
exit -1
|
|
||||||
fi
|
|
||||||
|
|
||||||
kubectl exec $1 -- python3 manage.py shell -c "from django.contrib.auth import get_user_model; User = get_user_model(); User.objects.create_superuser('$2', '$3', '$4')"
|
|
|
@ -45,7 +45,7 @@ output "ipv4" {
|
||||||
|
|
||||||
## k8s minicluster
|
## k8s minicluster
|
||||||
|
|
||||||
For k8s installation we use our [dda-k8s-crate](https://github.com/DomainDrivenArchitecture/dda-k8s-crate) with the following configuation:
|
For k8s installation we use our [provs](https://repo.prod.meissa.de/meissa/provs) with the following configuation:
|
||||||
|
|
||||||
|
|
||||||
```
|
```
|
||||||
|
@ -69,5 +69,5 @@ with the following config.edn:
|
||||||
```
|
```
|
||||||
{:fqdn "the-fqdn-from aws_route53_record.v4_neu"
|
{:fqdn "the-fqdn-from aws_route53_record.v4_neu"
|
||||||
:postgres-data-volume-path "/var/postgres" ;; Volume was configured at dda-k8s-crate, results in a PersistentVolume definition.
|
:postgres-data-volume-path "/var/postgres" ;; Volume was configured at dda-k8s-crate, results in a PersistentVolume definition.
|
||||||
:issuer :prod }
|
:issuer "prod" }
|
||||||
```
|
```
|
||||||
|
|
BIN
doc/tryItOut.png
BIN
doc/tryItOut.png
Binary file not shown.
Before Width: | Height: | Size: 48 KiB After Width: | Height: | Size: 83 KiB |
|
@ -2,7 +2,7 @@
|
||||||
"name": "c4k-jitsi",
|
"name": "c4k-jitsi",
|
||||||
"description": "Generate c4k yaml for a jitsi deployment.",
|
"description": "Generate c4k yaml for a jitsi deployment.",
|
||||||
"author": "meissa GmbH",
|
"author": "meissa GmbH",
|
||||||
"version": "1.2.2-SNAPSHOT",
|
"version": "1.3.2",
|
||||||
"homepage": "https://gitlab.com/domaindrivenarchitecture/c4k-jitsi#readme",
|
"homepage": "https://gitlab.com/domaindrivenarchitecture/c4k-jitsi#readme",
|
||||||
"repository": "https://www.npmjs.com/package/c4k-jitsi",
|
"repository": "https://www.npmjs.com/package/c4k-jitsi",
|
||||||
"license": "APACHE2",
|
"license": "APACHE2",
|
||||||
|
|
12
project.clj
12
project.clj
|
@ -1,11 +1,11 @@
|
||||||
(defproject org.domaindrivenarchitecture/c4k-jitsi "1.2.2-SNAPSHOT"
|
(defproject org.domaindrivenarchitecture/c4k-jitsi "1.3.3-SNAPSHOT"
|
||||||
:description "jitsi c4k-installation package"
|
:description "jitsi c4k-installation package"
|
||||||
:url "https://domaindrivenarchitecture.org"
|
:url "https://domaindrivenarchitecture.org"
|
||||||
:license {:name "Apache License, Version 2.0"
|
:license {:name "Apache License, Version 2.0"
|
||||||
:url "https://www.apache.org/licenses/LICENSE-2.0.html"}
|
:url "https://www.apache.org/licenses/LICENSE-2.0.html"}
|
||||||
:dependencies [[org.clojure/clojure "1.10.3"]
|
:dependencies [[org.clojure/clojure "1.11.1"]
|
||||||
[org.clojure/tools.reader "1.3.6"]
|
[org.clojure/tools.reader "1.3.6"]
|
||||||
[org.domaindrivenarchitecture/c4k-common-clj "2.1.0"]
|
[org.domaindrivenarchitecture/c4k-common-clj "5.0.1"]
|
||||||
[hickory "0.7.1"]]
|
[hickory "0.7.1"]]
|
||||||
:target-path "target/%s/"
|
:target-path "target/%s/"
|
||||||
:source-paths ["src/main/cljc"
|
:source-paths ["src/main/cljc"
|
||||||
|
@ -22,10 +22,10 @@
|
||||||
:uberjar {:aot :all
|
:uberjar {:aot :all
|
||||||
:main dda.c4k-jitsi.uberjar
|
:main dda.c4k-jitsi.uberjar
|
||||||
:uberjar-name "c4k-jitsi-standalone.jar"
|
:uberjar-name "c4k-jitsi-standalone.jar"
|
||||||
:dependencies [[org.clojure/tools.cli "1.0.206"]
|
:dependencies [[org.clojure/tools.cli "1.0.214"]
|
||||||
[ch.qos.logback/logback-classic "1.3.0-alpha4"
|
[ch.qos.logback/logback-classic "1.4.5"
|
||||||
:exclusions [com.sun.mail/javax.mail]]
|
:exclusions [com.sun.mail/javax.mail]]
|
||||||
[org.slf4j/jcl-over-slf4j "2.0.0-alpha1"]]}}
|
[org.slf4j/jcl-over-slf4j "2.0.6"]]}}
|
||||||
:release-tasks [["test"]
|
:release-tasks [["test"]
|
||||||
["vcs" "assert-committed"]
|
["vcs" "assert-committed"]
|
||||||
["change" "version" "leiningen.release/bump-version" "release"]
|
["change" "version" "leiningen.release/bump-version" "release"]
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
"src/test/cljc"
|
"src/test/cljc"
|
||||||
"src/test/cljs"
|
"src/test/cljs"
|
||||||
"src/test/resources"]
|
"src/test/resources"]
|
||||||
:dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "1.0.0"]
|
:dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "5.0.1"]
|
||||||
[hickory "0.7.1"]]
|
[hickory "0.7.1"]]
|
||||||
:builds {:frontend {:target :browser
|
:builds {:frontend {:target :browser
|
||||||
:modules {:main {:init-fn dda.c4k-jitsi.browser/init}}
|
:modules {:main {:init-fn dda.c4k-jitsi.browser/init}}
|
||||||
|
|
|
@ -1,56 +1,14 @@
|
||||||
(ns dda.c4k-jitsi.uberjar
|
(ns dda.c4k-jitsi.uberjar
|
||||||
(:gen-class)
|
(:gen-class)
|
||||||
(:require
|
(:require
|
||||||
[clojure.spec.alpha :as s]
|
[dda.c4k-common.uberjar :as uberjar]
|
||||||
[clojure.string :as cs]
|
|
||||||
[clojure.tools.reader.edn :as edn]
|
|
||||||
[expound.alpha :as expound]
|
|
||||||
[dda.c4k-jitsi.core :as core]))
|
[dda.c4k-jitsi.core :as core]))
|
||||||
|
|
||||||
(def usage
|
|
||||||
"usage:
|
|
||||||
|
|
||||||
c4k-jitsi {your configuraton file} {your authorization file}")
|
|
||||||
|
|
||||||
(s/def ::options (s/* #{"-h"}))
|
|
||||||
(s/def ::filename (s/and string?
|
|
||||||
#(not (cs/starts-with? % "-"))))
|
|
||||||
(s/def ::cmd-args (s/cat :options ::options
|
|
||||||
:args (s/?
|
|
||||||
(s/cat :config ::filename
|
|
||||||
:auth ::filename))))
|
|
||||||
|
|
||||||
(defn expound-config
|
|
||||||
[config]
|
|
||||||
(expound/expound ::core/config config))
|
|
||||||
|
|
||||||
(defn invalid-args-msg
|
|
||||||
[spec args]
|
|
||||||
(s/explain spec args)
|
|
||||||
(println (str "Bad commandline arguments\n" usage)))
|
|
||||||
|
|
||||||
(defn -main [& cmd-args]
|
(defn -main [& cmd-args]
|
||||||
(let [parsed-args-cmd (s/conform ::cmd-args cmd-args)]
|
(uberjar/main-common
|
||||||
(if (= ::s/invalid parsed-args-cmd)
|
"c4k-jitsi"
|
||||||
(invalid-args-msg ::cmd-args cmd-args)
|
core/config?
|
||||||
(let [{:keys [options args]} parsed-args-cmd
|
core/auth?
|
||||||
{:keys [config auth]} args]
|
core/config-defaults
|
||||||
(cond
|
core/k8s-objects
|
||||||
(some #(= "-h" %) options)
|
cmd-args))
|
||||||
(println usage)
|
|
||||||
:default
|
|
||||||
(let [config-str (slurp config)
|
|
||||||
auth-str (slurp auth)
|
|
||||||
config-edn (edn/read-string config-str)
|
|
||||||
auth-edn (edn/read-string auth-str)
|
|
||||||
config-valid? (s/valid? core/config? config-edn)
|
|
||||||
auth-valid? (s/valid? core/auth? auth-edn)]
|
|
||||||
(if (and config-valid? auth-valid?)
|
|
||||||
(println (core/generate config-edn auth-edn))
|
|
||||||
(do
|
|
||||||
(when (not config-valid?)
|
|
||||||
(println
|
|
||||||
(expound/expound-str core/config? config-edn {:print-specs? false})))
|
|
||||||
(when (not auth-valid?)
|
|
||||||
(println
|
|
||||||
(expound/expound-str core/auth? auth-edn {:print-specs? false})))))))))))
|
|
||||||
|
|
|
@ -1,35 +1,41 @@
|
||||||
(ns dda.c4k-jitsi.core
|
(ns dda.c4k-jitsi.core
|
||||||
(:require
|
(:require
|
||||||
[clojure.string :as cs]
|
|
||||||
[clojure.spec.alpha :as s]
|
[clojure.spec.alpha :as s]
|
||||||
#?(:clj [orchestra.core :refer [defn-spec]]
|
#?(:clj [orchestra.core :refer [defn-spec]]
|
||||||
:cljs [orchestra.core :refer-macros [defn-spec]])
|
:cljs [orchestra.core :refer-macros [defn-spec]])
|
||||||
|
[dda.c4k-common.common :as cm]
|
||||||
|
[dda.c4k-common.predicate :as cp]
|
||||||
|
[dda.c4k-common.monitoring :as mon]
|
||||||
[dda.c4k-common.yaml :as yaml]
|
[dda.c4k-common.yaml :as yaml]
|
||||||
[dda.c4k-jitsi.jitsi :as jitsi]))
|
[dda.c4k-jitsi.jitsi :as jitsi]))
|
||||||
|
|
||||||
(def config-defaults {:issuer :staging})
|
(def config-defaults {:issuer "staging"})
|
||||||
|
|
||||||
|
(s/def ::mon-cfg mon/config?)
|
||||||
|
(s/def ::mon-auth mon/auth?)
|
||||||
|
|
||||||
(def config? (s/keys :req-un [::jitsi/fqdn]
|
(def config? (s/keys :req-un [::jitsi/fqdn]
|
||||||
:opt-un [::jitsi/issuer ::jitsi/ingress-type]))
|
:opt-un [::jitsi/issuer
|
||||||
|
::mon-cfg]))
|
||||||
|
|
||||||
(def auth? (s/keys :req-un [::jitsi/jvb-auth-password ::jitsi/jicofo-auth-password ::jitsi/jicofo-component-secret]))
|
(def auth? (s/keys :req-un [::jitsi/jvb-auth-password
|
||||||
|
::jitsi/jicofo-auth-password
|
||||||
|
::jitsi/jicofo-component-secret]
|
||||||
|
:opt-un [::mon-auth]))
|
||||||
|
|
||||||
(defn k8s-objects [config]
|
(defn-spec k8s-objects cp/map-or-seq?
|
||||||
|
[config config?
|
||||||
|
auth auth?]
|
||||||
(map yaml/to-string
|
(map yaml/to-string
|
||||||
[(jitsi/generate-secret-jitsi config)
|
(filter
|
||||||
(jitsi/generate-certificate-jitsi config)
|
#(not (nil? %))
|
||||||
(jitsi/generate-certificate-etherpad config)
|
(cm/concat-vec
|
||||||
|
[(jitsi/generate-secret-jitsi auth)
|
||||||
(jitsi/generate-jvb-service)
|
(jitsi/generate-jvb-service)
|
||||||
(jitsi/generate-web-service)
|
(jitsi/generate-web-service)
|
||||||
(jitsi/generate-etherpad-service)
|
(jitsi/generate-etherpad-service)
|
||||||
(jitsi/generate-ingress-jitsi config)
|
(jitsi/generate-deployment config)]
|
||||||
|
(jitsi/generate-ingress-web config)
|
||||||
(jitsi/generate-ingress-etherpad config)
|
(jitsi/generate-ingress-etherpad config)
|
||||||
(jitsi/generate-deployment config)]))
|
(when (:contains? config :mon-cfg)
|
||||||
|
(mon/generate (:mon-cfg config) (:mon-auth auth)))))))
|
||||||
(defn-spec generate any?
|
|
||||||
[my-config config?
|
|
||||||
my-auth auth?]
|
|
||||||
(let [resulting-config (merge config-defaults my-config my-auth)]
|
|
||||||
(cs/join
|
|
||||||
"\n---\n"
|
|
||||||
(k8s-objects resulting-config))))
|
|
||||||
|
|
|
@ -2,95 +2,78 @@
|
||||||
(:require
|
(:require
|
||||||
[clojure.spec.alpha :as s]
|
[clojure.spec.alpha :as s]
|
||||||
#?(:cljs [shadow.resource :as rc])
|
#?(:cljs [shadow.resource :as rc])
|
||||||
|
#?(:clj [orchestra.core :refer [defn-spec]]
|
||||||
|
:cljs [orchestra.core :refer-macros [defn-spec]])
|
||||||
[dda.c4k-common.yaml :as yaml]
|
[dda.c4k-common.yaml :as yaml]
|
||||||
[dda.c4k-common.common :as cm]
|
[dda.c4k-common.common :as cm]
|
||||||
|
[dda.c4k-common.ingress :as ing]
|
||||||
[dda.c4k-common.base64 :as b64]
|
[dda.c4k-common.base64 :as b64]
|
||||||
[dda.c4k-common.predicate :as pred]))
|
[dda.c4k-common.predicate :as cp]))
|
||||||
|
|
||||||
(s/def ::fqdn pred/fqdn-string?)
|
(s/def ::fqdn cp/fqdn-string?)
|
||||||
(s/def ::issuer pred/letsencrypt-issuer?)
|
(s/def ::issuer cp/letsencrypt-issuer?)
|
||||||
(s/def ::jvb-auth-password pred/bash-env-string?)
|
(s/def ::jvb-auth-password cp/bash-env-string?)
|
||||||
(s/def ::jicofo-auth-password pred/bash-env-string?)
|
(s/def ::jicofo-auth-password cp/bash-env-string?)
|
||||||
(s/def ::jicofo-component-secret pred/bash-env-string?)
|
(s/def ::jicofo-component-secret cp/bash-env-string?)
|
||||||
|
|
||||||
|
(def config? (s/keys :req-un [::fqdn]
|
||||||
|
:opt-un [::issuer]))
|
||||||
|
|
||||||
|
(def auth? (s/keys :req-un [::jvb-auth-password
|
||||||
|
::jicofo-auth-password
|
||||||
|
::jicofo-component-secret]))
|
||||||
|
|
||||||
#?(:cljs
|
#?(:cljs
|
||||||
(defmethod yaml/load-resource :jitsi [resource-name]
|
(defmethod yaml/load-resource :jitsi [resource-name]
|
||||||
(case resource-name
|
(case resource-name
|
||||||
"jitsi/deployment.yaml" (rc/inline "jitsi/deployment.yaml")
|
"jitsi/deployment.yaml" (rc/inline "jitsi/deployment.yaml")
|
||||||
"jitsi/etherpad-service.yaml" (rc/inline "jitsi/etherpad-service.yaml")
|
"jitsi/etherpad-service.yaml" (rc/inline "jitsi/etherpad-service.yaml")
|
||||||
"jitsi/ingress-jitsi.yaml" (rc/inline "jitsi/ingress-jitsi.yaml")
|
|
||||||
"jitsi/ingress-etherpad.yaml" (rc/inline "jitsi/ingress-etherpad.yaml")
|
|
||||||
"jitsi/jvb-service.yaml" (rc/inline "jitsi/jvb-service.yaml")
|
"jitsi/jvb-service.yaml" (rc/inline "jitsi/jvb-service.yaml")
|
||||||
"jitsi/secret.yaml" (rc/inline "jitsi/secret.yaml")
|
"jitsi/secret.yaml" (rc/inline "jitsi/secret.yaml")
|
||||||
"jitsi/web-service.yaml" (rc/inline "jitsi/web-service.yaml")
|
"jitsi/web-service.yaml" (rc/inline "jitsi/web-service.yaml")
|
||||||
(throw (js/Error. "Undefined Resource!")))))
|
(throw (js/Error. "Undefined Resource!")))))
|
||||||
|
|
||||||
(defn generate-ingress-jitsi [config]
|
(defn-spec generate-ingress-web cp/map-or-seq?
|
||||||
(let [{:keys [fqdn issuer ingress-type]
|
[config config?]
|
||||||
:or {issuer :staging ingress-type :default}} config
|
(ing/generate-ingress-and-cert
|
||||||
letsencrypt-issuer (name issuer)
|
(merge
|
||||||
ingress-kind (if (= :default ingress-type) "" (name ingress-type))]
|
{:service-name "web"
|
||||||
(->
|
:service-port 80
|
||||||
(yaml/from-string (yaml/load-resource "jitsi/ingress-jitsi.yaml"))
|
:fqdns [(:fqdn config)]}
|
||||||
(assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer)
|
config)))
|
||||||
(assoc-in [:metadata :annotations :kubernetes.io/ingress.class] ingress-kind)
|
|
||||||
(cm/replace-all-matching-values-by-new-value "REPLACE_JITSI_FQDN" fqdn))))
|
|
||||||
|
|
||||||
(defn generate-ingress-etherpad [config]
|
(defn-spec generate-ingress-etherpad cp/map-or-seq?
|
||||||
(let [{:keys [fqdn issuer ingress-type]
|
[config config?]
|
||||||
:or {issuer :staging ingress-type :default}} config
|
(ing/generate-ingress-and-cert
|
||||||
letsencrypt-issuer (name issuer)
|
(merge
|
||||||
ingress-kind (if (= :default ingress-type) "" (name ingress-type))]
|
{:service-name "etherpad"
|
||||||
(->
|
:service-port 9001
|
||||||
(yaml/from-string (yaml/load-resource "jitsi/ingress-etherpad.yaml"))
|
:fqdns [(str "etherpad." (:fqdn config))]}
|
||||||
(assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer)
|
config)))
|
||||||
(assoc-in [:metadata :annotations :kubernetes.io/ingress.class] ingress-kind)
|
|
||||||
(cm/replace-all-matching-values-by-new-value "REPLACE_ETHERPAD_FQDN"
|
|
||||||
(str "etherpad." fqdn)))))
|
|
||||||
|
|
||||||
(defn generate-secret-jitsi [config]
|
(defn-spec generate-secret-jitsi cp/map-or-seq?
|
||||||
(let [{:keys [jvb-auth-password jicofo-auth-password jicofo-component-secret]} config]
|
[auth auth?]
|
||||||
|
(let [{:keys [jvb-auth-password jicofo-auth-password jicofo-component-secret]} auth]
|
||||||
(->
|
(->
|
||||||
(yaml/from-string (yaml/load-resource "jitsi/secret.yaml"))
|
(yaml/from-string (yaml/load-resource "jitsi/secret.yaml"))
|
||||||
(cm/replace-key-value :JVB_AUTH_PASSWORD (b64/encode jvb-auth-password))
|
(cm/replace-key-value :JVB_AUTH_PASSWORD (b64/encode jvb-auth-password))
|
||||||
(cm/replace-key-value :JICOFO_AUTH_PASSWORD (b64/encode jicofo-auth-password))
|
(cm/replace-key-value :JICOFO_AUTH_PASSWORD (b64/encode jicofo-auth-password))
|
||||||
(cm/replace-key-value :JICOFO_COMPONENT_SECRET (b64/encode jicofo-component-secret)))))
|
(cm/replace-key-value :JICOFO_COMPONENT_SECRET (b64/encode jicofo-component-secret)))))
|
||||||
|
|
||||||
(defn generate-jvb-service []
|
(defn-spec generate-jvb-service cp/map-or-seq? []
|
||||||
(yaml/from-string (yaml/load-resource "jitsi/jvb-service.yaml")))
|
(yaml/from-string (yaml/load-resource "jitsi/jvb-service.yaml")))
|
||||||
|
|
||||||
(defn generate-web-service []
|
(defn-spec generate-web-service cp/map-or-seq? []
|
||||||
(yaml/from-string (yaml/load-resource "jitsi/web-service.yaml")))
|
(yaml/load-as-edn "jitsi/web-service.yaml"))
|
||||||
|
|
||||||
(defn generate-etherpad-service []
|
(defn-spec generate-etherpad-service cp/map-or-seq? []
|
||||||
(yaml/from-string (yaml/load-resource "jitsi/etherpad-service.yaml")))
|
(yaml/load-as-edn "jitsi/etherpad-service.yaml"))
|
||||||
|
|
||||||
(defn generate-deployment [config]
|
(defn-spec generate-deployment cp/map-or-seq?
|
||||||
|
[config config?]
|
||||||
(let [{:keys [fqdn]} config]
|
(let [{:keys [fqdn]} config]
|
||||||
(->
|
(->
|
||||||
(yaml/from-string (yaml/load-resource "jitsi/deployment.yaml"))
|
(yaml/load-as-edn "jitsi/deployment.yaml")
|
||||||
(cm/replace-all-matching-values-by-new-value "REPLACE_JITSI_FQDN" fqdn)
|
(cm/replace-all-matching-values-by-new-value "REPLACE_JITSI_FQDN" fqdn)
|
||||||
(cm/replace-all-matching-values-by-new-value "REPLACE_ETHERPAD_URL"
|
(cm/replace-all-matching-values-by-new-value "REPLACE_ETHERPAD_URL"
|
||||||
(str "https://etherpad." fqdn "/p/")))))
|
(str "https://etherpad." fqdn "/p/")))))
|
||||||
|
|
||||||
(defn generate-certificate-jitsi
|
|
||||||
[config]
|
|
||||||
(let [{:keys [fqdn issuer ingress-type]
|
|
||||||
:or {issuer :staging ingress-type :default}} config
|
|
||||||
letsencrypt-issuer (name issuer)
|
|
||||||
ingress-kind (if (= :default ingress-type) "" (name ingress-type))]
|
|
||||||
(->
|
|
||||||
(yaml/load-as-edn "jitsi/certificate-jitsi.yaml")
|
|
||||||
(assoc-in [:spec :issuerRef :name] letsencrypt-issuer)
|
|
||||||
(cm/replace-all-matching-values-by-new-value "REPLACE_JITSI_FQDN" fqdn))))
|
|
||||||
|
|
||||||
(defn generate-certificate-etherpad
|
|
||||||
[config]
|
|
||||||
(let [{:keys [fqdn issuer ingress-type]
|
|
||||||
:or {issuer :staging ingress-type :default}} config
|
|
||||||
letsencrypt-issuer (name issuer)
|
|
||||||
ingress-kind (if (= :default ingress-type) "" (name ingress-type))]
|
|
||||||
(->
|
|
||||||
(yaml/load-as-edn "jitsi/certificate-etherpad.yaml")
|
|
||||||
(assoc-in [:spec :issuerRef :name] letsencrypt-issuer)
|
|
||||||
(cm/replace-all-matching-values-by-new-value "REPLACE_ETHERPAD_FQDN" (str "etherpad." fqdn)))))
|
|
|
@ -1,24 +1,37 @@
|
||||||
(ns dda.c4k-jitsi.browser
|
(ns dda.c4k-jitsi.browser
|
||||||
(:require
|
(:require
|
||||||
[clojure.tools.reader.edn :as edn]
|
[clojure.tools.reader.edn :as edn]
|
||||||
[dda.c4k-jitsi.core :as core]
|
[dda.c4k-common.monitoring :as mon]
|
||||||
[dda.c4k-jitsi.jitsi :as jitsi]
|
[dda.c4k-common.common :as cm]
|
||||||
[dda.c4k-common.browser :as br]
|
[dda.c4k-common.browser :as br]
|
||||||
[dda.c4k-common.postgres :as pgc]))
|
[dda.c4k-jitsi.core :as core]
|
||||||
|
[dda.c4k-jitsi.jitsi :as jitsi]))
|
||||||
|
|
||||||
(defn generate-content
|
(defn generate-content []
|
||||||
[]
|
(cm/concat-vec
|
||||||
(into [] (concat [(assoc (br/generate-needs-validation) :content
|
[(assoc
|
||||||
(into [] (concat (br/generate-input-field "fqdn" "Your fqdn:" "jitsi.prod.meissa-gmbh.de")
|
(br/generate-needs-validation) :content
|
||||||
|
(cm/concat-vec
|
||||||
|
(br/generate-group
|
||||||
|
"domain"
|
||||||
|
(cm/concat-vec
|
||||||
|
(br/generate-input-field "fqdn" "Your fqdn:" "jitsi.prod.meissa-gmbh.de")
|
||||||
(br/generate-input-field "issuer" "(Optional) Your issuer prod/staging:" "")
|
(br/generate-input-field "issuer" "(Optional) Your issuer prod/staging:" "")
|
||||||
[(br/generate-br)]
|
(br/generate-input-field "mon-cluster-name" "(Optional) monitoring cluster name:" "jitsi")
|
||||||
|
(br/generate-input-field "mon-cluster-stage" "(Optional) monitoring cluster stage:" "test")
|
||||||
|
(br/generate-input-field "mon-cloud-url" "(Optional) grafana cloud url:" "https://prometheus-prod-01-eu-west-0.grafana.net/api/prom/push")
|
||||||
|
))
|
||||||
|
(br/generate-group
|
||||||
|
"credentials"
|
||||||
(br/generate-text-area "auth" "Your auth.edn:" "{:jvb-auth-password \"jitsi\"
|
(br/generate-text-area "auth" "Your auth.edn:" "{:jvb-auth-password \"jitsi\"
|
||||||
:jicofo-auth-password \"jicofo-password\"
|
:jicofo-auth-password \"jicofo-password\"
|
||||||
:jicofo-component-secret \"jicofo-component-secrect\"}"
|
:jicofo-component-secret \"jicofo-component-secrect\"
|
||||||
"5")
|
:mon-auth {:grafana-cloud-user \"your-user-id\"
|
||||||
|
:grafana-cloud-password \"your-cloud-password\"}}}"
|
||||||
|
"5"))
|
||||||
[(br/generate-br)]
|
[(br/generate-br)]
|
||||||
(br/generate-button "generate-button" "Generate c4k yaml"))))]
|
(br/generate-button "generate-button" "Generate c4k yaml")))]
|
||||||
(br/generate-output "c4k-jitsi-output" "Your c4k deployment.yaml:" "25"))))
|
(br/generate-output "c4k-jitsi-output" "Your c4k deployment.yaml:" "25")))
|
||||||
|
|
||||||
(defn generate-content-div
|
(defn generate-content-div
|
||||||
[]
|
[]
|
||||||
|
@ -28,16 +41,26 @@
|
||||||
(generate-content)})
|
(generate-content)})
|
||||||
|
|
||||||
(defn config-from-document []
|
(defn config-from-document []
|
||||||
(let [issuer (br/get-content-from-element "issuer" :optional true :deserializer keyword)]
|
(let [issuer (br/get-content-from-element "issuer" :optional true)
|
||||||
|
mon-cluster-name (br/get-content-from-element "mon-cluster-name" :optional true)
|
||||||
|
mon-cluster-stage (br/get-content-from-element "mon-cluster-stage" :optional true :deserializer keyword)
|
||||||
|
mon-cloud-url (br/get-content-from-element "mon-cloud-url" :optional true)]
|
||||||
(merge
|
(merge
|
||||||
{:fqdn (br/get-content-from-element "fqdn")}
|
{:fqdn (br/get-content-from-element "fqdn")}
|
||||||
(when (some? issuer)
|
(when (some? issuer)
|
||||||
{:issuer issuer})
|
{:issuer issuer})
|
||||||
|
(when (some? mon-cluster-name)
|
||||||
|
{:mon-cfg {:cluster-name mon-cluster-name
|
||||||
|
:cluster-stage (keyword mon-cluster-stage)
|
||||||
|
:grafana-cloud-url mon-cloud-url}})
|
||||||
)))
|
)))
|
||||||
|
|
||||||
(defn validate-all! []
|
(defn validate-all! []
|
||||||
(br/validate! "fqdn" ::jitsi/fqdn)
|
(br/validate! "fqdn" ::jitsi/fqdn)
|
||||||
(br/validate! "issuer" ::jitsi/issuer :optional true :deserializer keyword)
|
(br/validate! "issuer" ::jitsi/issuer :optional true)
|
||||||
|
(br/validate! "mon-cluster-name" ::mon/cluster-name :optional true)
|
||||||
|
(br/validate! "mon-cluster-stage" ::mon/cluster-stage :optional true :deserializer keyword)
|
||||||
|
(br/validate! "mon-cloud-url" ::mon/grafana-cloud-url :optional true)
|
||||||
(br/validate! "auth" core/auth? :deserializer edn/read-string)
|
(br/validate! "auth" core/auth? :deserializer edn/read-string)
|
||||||
(br/set-validated!))
|
(br/set-validated!))
|
||||||
|
|
||||||
|
@ -52,10 +75,15 @@
|
||||||
(.getElementById "generate-button")
|
(.getElementById "generate-button")
|
||||||
(.addEventListener "click"
|
(.addEventListener "click"
|
||||||
#(do (validate-all!)
|
#(do (validate-all!)
|
||||||
(-> (core/generate
|
(-> (cm/generate-common
|
||||||
(config-from-document)
|
(config-from-document)
|
||||||
(br/get-content-from-element "auth" :deserializer edn/read-string))
|
(br/get-content-from-element "auth" :deserializer edn/read-string)
|
||||||
|
{}
|
||||||
|
core/k8s-objects)
|
||||||
(br/set-output!)))))
|
(br/set-output!)))))
|
||||||
(add-validate-listener "fqdn")
|
(add-validate-listener "fqdn")
|
||||||
(add-validate-listener "issuer")
|
(add-validate-listener "issuer")
|
||||||
|
(add-validate-listener "mon-cluster-name")
|
||||||
|
(add-validate-listener "mon-cluster-stage")
|
||||||
|
(add-validate-listener "mon-cloud-url")
|
||||||
(add-validate-listener "auth"))
|
(add-validate-listener "auth"))
|
|
@ -1,15 +0,0 @@
|
||||||
apiVersion: cert-manager.io/v1
|
|
||||||
kind: Certificate
|
|
||||||
metadata:
|
|
||||||
name: etherpad-cert
|
|
||||||
namespace: default
|
|
||||||
spec:
|
|
||||||
secretName: etherpad-cert
|
|
||||||
commonName: REPLACE_ETHERPAD_FQDN
|
|
||||||
duration: 2160h # 90d
|
|
||||||
renewBefore: 360h # 15d
|
|
||||||
dnsNames:
|
|
||||||
- REPLACE_ETHERPAD_FQDN
|
|
||||||
issuerRef:
|
|
||||||
name: REPLACEME
|
|
||||||
kind: ClusterIssuer
|
|
|
@ -1,15 +0,0 @@
|
||||||
apiVersion: cert-manager.io/v1
|
|
||||||
kind: Certificate
|
|
||||||
metadata:
|
|
||||||
name: jitsi-cert
|
|
||||||
namespace: default
|
|
||||||
spec:
|
|
||||||
secretName: jitsi-cert
|
|
||||||
commonName: REPLACE_JITSI_FQDN
|
|
||||||
duration: 2160h # 90d
|
|
||||||
renewBefore: 360h # 15d
|
|
||||||
dnsNames:
|
|
||||||
- REPLACE_JITSI_FQDN
|
|
||||||
issuerRef:
|
|
||||||
name: REPLACEME
|
|
||||||
kind: ClusterIssuer
|
|
|
@ -1,23 +0,0 @@
|
||||||
apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: etherpad
|
|
||||||
annotations:
|
|
||||||
cert-manager.io/cluster-issuer: REPLACEME
|
|
||||||
ingress.kubernetes.io/ssl-redirect: "true"
|
|
||||||
spec:
|
|
||||||
tls:
|
|
||||||
- hosts:
|
|
||||||
- REPLACE_ETHERPAD_FQDN
|
|
||||||
secretName: etherpad-cert
|
|
||||||
rules:
|
|
||||||
- host: REPLACE_ETHERPAD_FQDN
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
pathType: Prefix
|
|
||||||
backend:
|
|
||||||
service:
|
|
||||||
name: etherpad
|
|
||||||
port:
|
|
||||||
number: 9001
|
|
|
@ -1,23 +0,0 @@
|
||||||
apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: jitsi
|
|
||||||
annotations:
|
|
||||||
cert-manager.io/cluster-issuer: REPLACEME
|
|
||||||
ingress.kubernetes.io/ssl-redirect: "true"
|
|
||||||
spec:
|
|
||||||
tls:
|
|
||||||
- hosts:
|
|
||||||
- REPLACE_JITSI_FQDN
|
|
||||||
secretName: jitsi-cert
|
|
||||||
rules:
|
|
||||||
- host: REPLACE_JITSI_FQDN
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
pathType: Prefix
|
|
||||||
backend:
|
|
||||||
service:
|
|
||||||
name: web
|
|
||||||
port:
|
|
||||||
number: 80
|
|
20
src/test/cljc/dda/c4k_jitsi/core_test.cljc
Normal file
20
src/test/cljc/dda/c4k_jitsi/core_test.cljc
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
(ns dda.c4k-jitsi.core-test
|
||||||
|
(:require
|
||||||
|
#?(:cljs [shadow.resource :as rc])
|
||||||
|
#?(:clj [clojure.test :refer [deftest is are testing run-tests]]
|
||||||
|
:cljs [cljs.test :refer-macros [deftest is are testing run-tests]])
|
||||||
|
[clojure.spec.alpha :as s]
|
||||||
|
[dda.c4k-common.yaml :as yaml]
|
||||||
|
[dda.c4k-jitsi.core :as cut]))
|
||||||
|
|
||||||
|
#?(:cljs
|
||||||
|
(defmethod yaml/load-resource :jitsi-test [resource-name]
|
||||||
|
(case resource-name
|
||||||
|
"jitsi-test/valid-auth.yaml" (rc/inline "jitsi-test/valid-auth.yaml")
|
||||||
|
"jitsi-test/valid-config.yaml" (rc/inline "jitsi-test/valid-config.yaml")
|
||||||
|
(throw (js/Error. "Undefined Resource!")))))
|
||||||
|
|
||||||
|
(deftest validate-valid-resources
|
||||||
|
(is (s/valid? cut/config? (yaml/load-as-edn "jitsi-test/valid-config.yaml")))
|
||||||
|
(is (s/valid? cut/auth? (yaml/load-as-edn "jitsi-test/valid-auth.yaml")))
|
||||||
|
)
|
|
@ -5,7 +5,7 @@
|
||||||
[clojure.spec.test.alpha :as st]
|
[clojure.spec.test.alpha :as st]
|
||||||
[dda.c4k-jitsi.jitsi :as cut]))
|
[dda.c4k-jitsi.jitsi :as cut]))
|
||||||
|
|
||||||
;;(st/instrument)
|
(st/instrument)
|
||||||
|
|
||||||
(deftest should-generate-deployment
|
(deftest should-generate-deployment
|
||||||
(is (= {:apiVersion "apps/v1",
|
(is (= {:apiVersion "apps/v1",
|
||||||
|
@ -37,7 +37,7 @@
|
||||||
:image "jitsi/prosody:stable-7287",
|
:image "jitsi/prosody:stable-7287",
|
||||||
:imagePullPolicy "IfNotPresent",
|
:imagePullPolicy "IfNotPresent",
|
||||||
:env
|
:env
|
||||||
[{:name "PUBLIC_URL", :value "xy"}
|
[{:name "PUBLIC_URL", :value "xy.xy.xy"}
|
||||||
{:name "XMPP_DOMAIN", :value "meet.meissa-gmbh"}
|
{:name "XMPP_DOMAIN", :value "meet.meissa-gmbh"}
|
||||||
{:name "XMPP_AUTH_DOMAIN", :value "auth.meet.meissa-gmbh"}
|
{:name "XMPP_AUTH_DOMAIN", :value "auth.meet.meissa-gmbh"}
|
||||||
{:name "XMPP_MUC_DOMAIN", :value "muc.meet.meissa-gmbh"}
|
{:name "XMPP_MUC_DOMAIN", :value "muc.meet.meissa-gmbh"}
|
||||||
|
@ -54,7 +54,7 @@
|
||||||
:image "domaindrivenarchitecture/c4k-jitsi",
|
:image "domaindrivenarchitecture/c4k-jitsi",
|
||||||
:imagePullPolicy "IfNotPresent",
|
:imagePullPolicy "IfNotPresent",
|
||||||
:env
|
:env
|
||||||
[{:name "PUBLIC_URL", :value "xy"}
|
[{:name "PUBLIC_URL", :value "xy.xy.xy"}
|
||||||
{:name "XMPP_SERVER", :value "localhost"}
|
{:name "XMPP_SERVER", :value "localhost"}
|
||||||
{:name "JICOFO_AUTH_USER", :value "focus"}
|
{:name "JICOFO_AUTH_USER", :value "focus"}
|
||||||
{:name "XMPP_DOMAIN", :value "meet.meissa-gmbh"}
|
{:name "XMPP_DOMAIN", :value "meet.meissa-gmbh"}
|
||||||
|
@ -70,14 +70,14 @@
|
||||||
{:name "RESOLUTION_WIDTH", :value "853"}
|
{:name "RESOLUTION_WIDTH", :value "853"}
|
||||||
{:name "RESOLUTION_WIDTH_MIN", :value "427"}
|
{:name "RESOLUTION_WIDTH_MIN", :value "427"}
|
||||||
{:name "DISABLE_AUDIO_LEVELS", :value "true"}
|
{:name "DISABLE_AUDIO_LEVELS", :value "true"}
|
||||||
{:name "ETHERPAD_PUBLIC_URL", :value "https://etherpad.xy/p/"}]}
|
{:name "ETHERPAD_PUBLIC_URL", :value "https://etherpad.xy.xy.xy/p/"}]}
|
||||||
{:name "jvb",
|
{:name "jvb",
|
||||||
:image "jitsi/jvb:stable-7287",
|
:image "jitsi/jvb:stable-7287",
|
||||||
:imagePullPolicy "IfNotPresent",
|
:imagePullPolicy "IfNotPresent",
|
||||||
:env
|
:env
|
||||||
[{:name "PUBLIC_URL", :value "xy"}
|
[{:name "PUBLIC_URL", :value "xy.xy.xy"}
|
||||||
{:name "XMPP_SERVER", :value "localhost"}
|
{:name "XMPP_SERVER", :value "localhost"}
|
||||||
{:name "DOCKER_HOST_ADDRESS", :value "xy"}
|
{:name "DOCKER_HOST_ADDRESS", :value "xy.xy.xy"}
|
||||||
{:name "XMPP_DOMAIN", :value "meet.meissa-gmbh"}
|
{:name "XMPP_DOMAIN", :value "meet.meissa-gmbh"}
|
||||||
{:name "XMPP_AUTH_DOMAIN", :value "auth.meet.meissa-gmbh"}
|
{:name "XMPP_AUTH_DOMAIN", :value "auth.meet.meissa-gmbh"}
|
||||||
{:name "XMPP_INTERNAL_MUC_DOMAIN", :value "internal-muc.meet.meissa-gmbh"}
|
{:name "XMPP_INTERNAL_MUC_DOMAIN", :value "internal-muc.meet.meissa-gmbh"}
|
||||||
|
@ -102,45 +102,7 @@
|
||||||
{:name "XMPP_INTERNAL_MUC_DOMAIN", :value "internal-muc.meet.meissa-gmbh"}
|
{:name "XMPP_INTERNAL_MUC_DOMAIN", :value "internal-muc.meet.meissa-gmbh"}
|
||||||
{:name "JICOFO_AUTH_PASSWORD", :valueFrom {:secretKeyRef {:name "jitsi-config", :key "JICOFO_AUTH_PASSWORD"}}}
|
{:name "JICOFO_AUTH_PASSWORD", :valueFrom {:secretKeyRef {:name "jitsi-config", :key "JICOFO_AUTH_PASSWORD"}}}
|
||||||
{:name "TZ", :value "Europe/Berlin"}]}]}}}}
|
{:name "TZ", :value "Europe/Berlin"}]}]}}}}
|
||||||
(cut/generate-deployment {:fqdn "xy"}))))
|
(cut/generate-deployment {:fqdn "xy.xy.xy"}))))
|
||||||
|
|
||||||
(deftest should-generate-ingress-jitsi
|
|
||||||
(is (= {:apiVersion "networking.k8s.io/v1",
|
|
||||||
:kind "Ingress",
|
|
||||||
:metadata
|
|
||||||
{:name "jitsi",
|
|
||||||
:annotations
|
|
||||||
{:cert-manager.io/cluster-issuer "staging",
|
|
||||||
:ingress.kubernetes.io/ssl-redirect "true",
|
|
||||||
:kubernetes.io/ingress.class ""}},
|
|
||||||
:spec
|
|
||||||
{:tls [{:hosts ["test.com"], :secretName "jitsi-cert"}],
|
|
||||||
:rules
|
|
||||||
[{:host "test.com",
|
|
||||||
:http {:paths [{:path "/", :pathType "Prefix", :backend {:service {:name "web", :port {:number 80}}}}]}}]}}
|
|
||||||
(cut/generate-ingress-jitsi {:fqdn "test.com" :issuer :staging}))))
|
|
||||||
|
|
||||||
(deftest should-generate-ingress-etherpad
|
|
||||||
(is (= {:apiVersion "networking.k8s.io/v1",
|
|
||||||
:kind "Ingress",
|
|
||||||
:metadata
|
|
||||||
{:name "etherpad",
|
|
||||||
:annotations
|
|
||||||
{:cert-manager.io/cluster-issuer "staging",
|
|
||||||
:ingress.kubernetes.io/ssl-redirect "true",
|
|
||||||
:kubernetes.io/ingress.class ""}},
|
|
||||||
:spec
|
|
||||||
{:tls [{:hosts ["etherpad.test.com"], :secretName "etherpad-cert"}],
|
|
||||||
:rules
|
|
||||||
[{:host "etherpad.test.com",
|
|
||||||
:http
|
|
||||||
{:paths
|
|
||||||
[{:path "/",
|
|
||||||
:pathType "Prefix",
|
|
||||||
:backend
|
|
||||||
{:service {:name "etherpad", :port {:number 9001}}}}]}}]}}
|
|
||||||
(cut/generate-ingress-etherpad {:fqdn "test.com" :issuer :staging}))))
|
|
||||||
|
|
||||||
|
|
||||||
(deftest should-generate-secret
|
(deftest should-generate-secret
|
||||||
(is (= {:apiVersion "v1",
|
(is (= {:apiVersion "v1",
|
||||||
|
|
6
src/test/resources/jitsi-test/valid-auth.yaml
Normal file
6
src/test/resources/jitsi-test/valid-auth.yaml
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
jvb-auth-password: "JvbAuth"
|
||||||
|
jicofo-auth-password: "JicofoAuth"
|
||||||
|
jicofo-component-secret: "JicofoCompSec"
|
||||||
|
mon-auth:
|
||||||
|
grafana-cloud-user: "user"
|
||||||
|
grafana-cloud-password: "password"
|
6
src/test/resources/jitsi-test/valid-config.yaml
Normal file
6
src/test/resources/jitsi-test/valid-config.yaml
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
fqdn: "jitsi.test.meissa-gmbh.de"
|
||||||
|
issuer: "staging"
|
||||||
|
mon-cfg:
|
||||||
|
grafana-cloud-url: "url-for-your-prom-remote-write-endpoint"
|
||||||
|
cluster-name: "jitsi"
|
||||||
|
cluster-stage: "test"
|
216
test.yaml
216
test.yaml
|
@ -1,216 +0,0 @@
|
||||||
kind: Ingress
|
|
||||||
apiVersion: networking.k8s.io/v1
|
|
||||||
metadata:
|
|
||||||
name: jitsi
|
|
||||||
annotations:
|
|
||||||
cert-manager.io/cluster-issuer: letsencrypt-staging-issuer
|
|
||||||
kubernetes.io/ingress.class: ''
|
|
||||||
spec:
|
|
||||||
tls:
|
|
||||||
- hosts:
|
|
||||||
- jitsi.test.meissa-gmbh.de
|
|
||||||
secretName: tls-jitsi
|
|
||||||
rules:
|
|
||||||
- host: jitsi.test.meissa-gmbh.de
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
pathType: Prefix
|
|
||||||
backend:
|
|
||||||
service:
|
|
||||||
name: web
|
|
||||||
port:
|
|
||||||
number: 80
|
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Secret
|
|
||||||
metadata:
|
|
||||||
name: jitsi-config
|
|
||||||
type: Opaque
|
|
||||||
data:
|
|
||||||
JVB_AUTH_PASSWORD: SnZiQXV0aA==
|
|
||||||
JICOFO_AUTH_PASSWORD: Smljb2ZvQXV0aA==
|
|
||||||
JICOFO_COMPONENT_SECRET: Smljb2ZvQ29tcFNlYw==
|
|
||||||
|
|
||||||
---
|
|
||||||
- apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
service: jvb
|
|
||||||
name: jvb-udp
|
|
||||||
spec:
|
|
||||||
type: NodePort
|
|
||||||
externalTrafficPolicy: Cluster
|
|
||||||
ports:
|
|
||||||
- port: 30300
|
|
||||||
protocol: UDP
|
|
||||||
targetPort: 30300
|
|
||||||
nodePort: 30300
|
|
||||||
selector:
|
|
||||||
app: jitsi
|
|
||||||
- apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
service: web
|
|
||||||
name: web
|
|
||||||
spec:
|
|
||||||
ports:
|
|
||||||
- name: http
|
|
||||||
port: 80
|
|
||||||
targetPort: 80
|
|
||||||
- name: https
|
|
||||||
port: 443
|
|
||||||
targetPort: 443
|
|
||||||
selector:
|
|
||||||
app: jitsi
|
|
||||||
- apiVersion: apps/v1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: jitsi
|
|
||||||
name: jitsi
|
|
||||||
spec:
|
|
||||||
strategy:
|
|
||||||
type: Recreate
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app: jitsi
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: jitsi
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- name: jicofo
|
|
||||||
image: jitsi/jicofo:stable-6826
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
env:
|
|
||||||
- name: XMPP_SERVER
|
|
||||||
value: localhost
|
|
||||||
- name: XMPP_DOMAIN
|
|
||||||
value: meet.jitsi
|
|
||||||
- name: XMPP_AUTH_DOMAIN
|
|
||||||
value: auth.meet.jitsi
|
|
||||||
- name: XMPP_MUC_DOMAIN
|
|
||||||
value: muc.meet.jitsi
|
|
||||||
- name: XMPP_INTERNAL_MUC_DOMAIN
|
|
||||||
value: internal-muc.meet.jitsi
|
|
||||||
- name: JICOFO_COMPONENT_SECRET
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: jitsi-config
|
|
||||||
key: JICOFO_COMPONENT_SECRET
|
|
||||||
- name: JICOFO_AUTH_USER
|
|
||||||
value: focus
|
|
||||||
- name: JICOFO_AUTH_PASSWORD
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: jitsi-config
|
|
||||||
key: JICOFO_AUTH_PASSWORD
|
|
||||||
- name: TZ
|
|
||||||
value: Europe/Berlin
|
|
||||||
- name: JVB_BREWERY_MUC
|
|
||||||
value: jvbbrewery
|
|
||||||
- name: prosody
|
|
||||||
image: jitsi/prosody:stable-6826
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
env:
|
|
||||||
- name: PUBLIC_URL
|
|
||||||
value: https://jitsi.test.meissa-gmbh.de
|
|
||||||
- name: XMPP_DOMAIN
|
|
||||||
value: meet.jitsi
|
|
||||||
- name: XMPP_AUTH_DOMAIN
|
|
||||||
value: auth.meet.jitsi
|
|
||||||
- name: XMPP_MUC_DOMAIN
|
|
||||||
value: muc.meet.jitsi
|
|
||||||
- name: XMPP_INTERNAL_MUC_DOMAIN
|
|
||||||
value: internal-muc.meet.jitsi
|
|
||||||
- name: JICOFO_COMPONENT_SECRET
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: jitsi-config
|
|
||||||
key: JICOFO_COMPONENT_SECRET
|
|
||||||
- name: JVB_AUTH_USER
|
|
||||||
value: jvb
|
|
||||||
- name: JVB_AUTH_PASSWORD
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: jitsi-config
|
|
||||||
key: JVB_AUTH_PASSWORD
|
|
||||||
- name: JICOFO_AUTH_USER
|
|
||||||
value: focus
|
|
||||||
- name: JICOFO_AUTH_PASSWORD
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: jitsi-config
|
|
||||||
key: JICOFO_AUTH_PASSWORD
|
|
||||||
- name: TZ
|
|
||||||
value: Europe/Berlin
|
|
||||||
- name: JVB_TCP_HARVESTER_DISABLED
|
|
||||||
value: 'true'
|
|
||||||
- name: web
|
|
||||||
image: jitsi/web:stable-6826
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
env:
|
|
||||||
- name: PUBLIC_URL
|
|
||||||
value: https://jitsi.test.meissa-gmbh.de
|
|
||||||
- name: XMPP_SERVER
|
|
||||||
value: localhost
|
|
||||||
- name: JICOFO_AUTH_USER
|
|
||||||
value: focus
|
|
||||||
- name: XMPP_DOMAIN
|
|
||||||
value: meet.jitsi
|
|
||||||
- name: XMPP_AUTH_DOMAIN
|
|
||||||
value: auth.meet.jitsi
|
|
||||||
- name: XMPP_INTERNAL_MUC_DOMAIN
|
|
||||||
value: internal-muc.meet.jitsi
|
|
||||||
- name: XMPP_BOSH_URL_BASE
|
|
||||||
value: http://127.0.0.1:5280
|
|
||||||
- name: XMPP_MUC_DOMAIN
|
|
||||||
value: muc.meet.jitsi
|
|
||||||
- name: TZ
|
|
||||||
value: Europe/Berlin
|
|
||||||
- name: JVB_TCP_HARVESTER_DISABLED
|
|
||||||
value: 'true'
|
|
||||||
- name: jvb
|
|
||||||
image: jitsi/jvb:stable-6826
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
env:
|
|
||||||
- name: XMPP_SERVER
|
|
||||||
value: localhost
|
|
||||||
- name: DOCKER_HOST_ADDRESS
|
|
||||||
value: localhost
|
|
||||||
- name: XMPP_DOMAIN
|
|
||||||
value: meet.jitsi
|
|
||||||
- name: XMPP_AUTH_DOMAIN
|
|
||||||
value: auth.meet.jitsi
|
|
||||||
- name: XMPP_INTERNAL_MUC_DOMAIN
|
|
||||||
value: internal-muc.meet.jitsi
|
|
||||||
- name: JVB_STUN_SERVERS
|
|
||||||
value: stun.1und1.de:3478,stun.t-online.de:3478,stun.hosteurope.de:3478
|
|
||||||
- name: JICOFO_AUTH_USER
|
|
||||||
value: focus
|
|
||||||
- name: JVB_TCP_HARVESTER_DISABLED
|
|
||||||
value: 'true'
|
|
||||||
- name: JVB_AUTH_USER
|
|
||||||
value: jvb
|
|
||||||
- name: JVB_PORT
|
|
||||||
value: '30300'
|
|
||||||
- name: JVB_AUTH_PASSWORD
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: jitsi-config
|
|
||||||
key: JVB_AUTH_PASSWORD
|
|
||||||
- name: JICOFO_AUTH_PASSWORD
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: jitsi-config
|
|
||||||
key: JICOFO_AUTH_PASSWORD
|
|
||||||
- name: JVB_BREWERY_MUC
|
|
||||||
value: jvbbrewery
|
|
||||||
- name: TZ
|
|
||||||
value: Europe/Berlin
|
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
{:jvb-auth-password "JvbAuth"
|
|
||||||
:jicofo-auth-password "JicofoAuth"
|
|
||||||
:jicofo-component-secret "JicofoCompSec"}
|
|
|
@ -1,2 +0,0 @@
|
||||||
{:fqdn "jitsi.test.meissa-gmbh.de"
|
|
||||||
:issuer :staging}
|
|
Loading…
Reference in a new issue