meissa/c4k-jitsi
6
0
Fork 0
Code Issues Pull requests Projects Releases14 Packages Wiki Activity

review & finish auth

Browse source
This commit is contained in:
Michael Jerger 2025-02-14 10:57:00 +01:00
parent a4a8c3b319
commit b79956fe77
16 changed files with 94 additions and 36 deletions

2
src/main/cljc/dda/c4k_jitsi/core.cljc
View file

@ -56,7 +56,7 @@
(filter (filter
#(not (nil? %)) #(not (nil? %))
(cm/concat-vec (cm/concat-vec
(jitsi/prosody-secret auth) (jitsi/prosody-auth auth)
;[(jitsi/generate-secret-jitsi config auth)] ;[(jitsi/generate-secret-jitsi config auth)]
(when (:contains? config :mon-cfg) (when (:contains? config :mon-cfg)
(mon/generate-auth (:mon-cfg config) (:mon-auth auth))))))) (mon/generate-auth (:mon-cfg config) (:mon-auth auth)))))))

55
src/main/cljc/dda/c4k_jitsi/jitsi.cljc
View file

@ -138,37 +138,36 @@
(yaml/load-as-edn "jitsi/modelector-deployment.yaml") (yaml/load-as-edn "jitsi/modelector-deployment.yaml")
(cm/replace-all-matching "NAMESPACE" namespace)))) (cm/replace-all-matching "NAMESPACE" namespace))))
(defn- load-and-adjust-namespace
[file namespace]
(->
(yaml/load-as-edn file)
(cm/replace-all-matching "NAMESPACE" namespace)))
(defn-spec prosody-config cp/map-or-seq? (defn-spec prosody-config cp/map-or-seq?
[config config?] [config config?]
(let [{:keys [fqdn namespace]} config] (let [{:keys [fqdn namespace]} config]
[(-> [(load-and-adjust-namespace "jitsi/prosody-config-serviceaccount.yaml" namespace)
(yaml/load-as-edn "jitsi/prosody-sa.yaml")
(cm/replace-all-matching "NAMESPACE" namespace))
(-> (->
(yaml/load-as-edn "jitsi/prosody-common-cm.yaml") (load-and-adjust-namespace "jitsi/prosody-config-common-cm.yaml" namespace)
(cm/replace-all-matching "JITSI_FQDN" fqdn) (cm/replace-all-matching "JITSI_FQDN" fqdn))
(cm/replace-all-matching "NAMESPACE" namespace)) (load-and-adjust-namespace "jitsi/prosody-config-default-cm.yaml" namespace)
(-> (load-and-adjust-namespace "jitsi/prosody-config-envs-cm.yaml" namespace)
(yaml/load-as-edn "jitsi/prosody-default-cm.yaml") (load-and-adjust-namespace "jitsi/prosody-config-init-cm.yaml"namespace)
(cm/replace-all-matching "NAMESPACE" namespace)) (load-and-adjust-namespace "jitsi/prosody-config-stateful-set.yaml" namespace)
(-> (load-and-adjust-namespace "jitsi/prosody-config-service.yaml" namespace)
(yaml/load-as-edn "jitsi/prosody-envs-cm.yaml") (load-and-adjust-namespace "jitsi/prosody-config-test-deployment.yaml" namespace)]))
(cm/replace-all-matching "NAMESPACE" namespace))
(->
(yaml/load-as-edn "jitsi/prosody-init-cm.yaml")
(cm/replace-all-matching "NAMESPACE" namespace))
(->
(yaml/load-as-edn "jitsi/prosody-stateful-set.yaml")
(cm/replace-all-matching "NAMESPACE" namespace))
(->
(yaml/load-as-edn "jitsi/prosody-service.yaml")
(cm/replace-all-matching "NAMESPACE" namespace))
(->
(yaml/load-as-edn "jitsi/prosody-test-deployment.yaml")
(cm/replace-all-matching "NAMESPACE" namespace))]))
(defn-spec prosody-secret cp/map-or-seq? (defn-spec prosody-auth cp/map-or-seq?
[auth auth?] [auth auth?]
[(-> (let [{:keys [jvb-auth-password jicofo-auth-password jicofo-component-secret]} auth]
(yaml/load-as-edn "jitsi/prosody-secret.yaml") [(load-and-adjust-namespace "jitsi/prosody-auth-secret.yaml" namespace)
(cm/replace-all-matching "NAMESPACE" namespace))]) (load-and-adjust-namespace "jitsi/prosody-auth-jibri-secret.yaml" namespace)
(->
(load-and-adjust-namespace "jitsi/prosody-auth-jicofo-secret.yaml" namespace)
(cm/replace-key-value :JICOFO_AUTH_PASSWORD (b64/encode jicofo-auth-password))
(cm/replace-key-value :JICOFO_COMPONENT_SECRET (b64/encode jicofo-component-secret)))
(load-and-adjust-namespace "jitsi/prosody-auth-jigasi-secret.yaml" namespace)
(->
(load-and-adjust-namespace "jitsi/prosody-auth-jvb-secret.yaml" namespace)
(cm/replace-key-value :JVB_AUTH_PASSWORD (b64/encode jvb-auth-password)))]))

10
src/main/resources/jitsi/prosody-auth-jibri-secret.yaml Normal file
View file

@ -0,0 +1,10 @@
apiVersion: v1
kind: Secret
metadata:
name: prosody-jibri
namespace: NAMESPACE
labels:
app.kubernetes.io/name: jitsi-meet
app.kubernetes.io/component: jibri
type: Opaque
data:

13
src/main/resources/jitsi/prosody-auth-jicofo-secret.yaml Normal file
View file

@ -0,0 +1,13 @@
apiVersion: v1
kind: Secret
metadata:
name: prosody-jicofo
namespace: NAMESPACE
labels:
app.kubernetes.io/name: jitsi-meet
app.kubernetes.io/component: jicofo
type: Opaque
data:
JICOFO_AUTH_USER: 'Zm9jdXM='
JICOFO_AUTH_PASSWORD: REPLACE_ME
JICOFO_COMPONENT_SECRET: REPLACE_ME

10
src/main/resources/jitsi/prosody-auth-jigasi-secret.yaml Normal file
View file

@ -0,0 +1,10 @@
apiVersion: v1
kind: Secret
metadata:
name: prosody-jigasi
namespace: NAMESPACE
labels:
app.kubernetes.io/name: jitsi-meet
app.kubernetes.io/component: jigasi
type: Opaque
data:

12
src/main/resources/jitsi/prosody-auth-jvb-secret.yaml Normal file
View file

@ -0,0 +1,12 @@
apiVersion: v1
kind: Secret
metadata:
name: prosody-jvb
namespace: NAMESPACE
labels:
app.kubernetes.io/name: jitsi-meet
app.kubernetes.io/component: jvb
type: Opaque
data:
JVB_AUTH_USER: 'anZi'
JVB_AUTH_PASSWORD: REPLACE_ME

1
src/main/resources/jitsi/prosody-secret.yaml → src/main/resources/jitsi/prosody-auth-secret.yaml
View file

@ -5,5 +5,6 @@ metadata:
namespace: NAMESPACE namespace: NAMESPACE
labels: labels:
app.kubernetes.io/name: prosody app.kubernetes.io/name: prosody
app.kubernetes.io/component: prosody
type: Opaque type: Opaque
data: data:

1
src/main/resources/jitsi/prosody-common-cm.yaml → src/main/resources/jitsi/prosody-config-common-cm.yaml
View file

@ -6,6 +6,7 @@ metadata:
namespace: NAMESPACE namespace: NAMESPACE
labels: labels:
app.kubernetes.io/name: jitsi-meet app.kubernetes.io/name: jitsi-meet
app.kubernetes.io/component: prosody
data: data:
ENABLE_AUTH: "0" ENABLE_AUTH: "0"
ENABLE_GUESTS: "1" ENABLE_GUESTS: "1"

1
src/main/resources/jitsi/prosody-default-cm.yaml → src/main/resources/jitsi/prosody-config-default-cm.yaml
View file

@ -5,6 +5,7 @@ metadata:
namespace: NAMESPACE namespace: NAMESPACE
labels: labels:
app.kubernetes.io/name: prosody app.kubernetes.io/name: prosody
app.kubernetes.io/component: prosody
data: data:
prosody.cfg.lua: | prosody.cfg.lua: |
# Using prosody /default/prosody.cfg.lua from container image # Using prosody /default/prosody.cfg.lua from container image

1
src/main/resources/jitsi/prosody-envs-cm.yaml → src/main/resources/jitsi/prosody-config-envs-cm.yaml
View file

@ -5,4 +5,5 @@ metadata:
namespace: NAMESPACE namespace: NAMESPACE
labels: labels:
app.kubernetes.io/name: prosody app.kubernetes.io/name: prosody
app.kubernetes.io/component: prosody
data: data:

1
src/main/resources/jitsi/prosody-init-cm.yaml → src/main/resources/jitsi/prosody-config-init-cm.yaml
View file

@ -5,6 +5,7 @@ metadata:
namespace: NAMESPACE namespace: NAMESPACE
labels: labels:
app.kubernetes.io/name: prosody app.kubernetes.io/name: prosody
app.kubernetes.io/component: prosody
data: data:
10-config: | 10-config: |
# Using prosody /etc/cont-init.d/10-config from container image # Using prosody /etc/cont-init.d/10-config from container image

1
src/main/resources/jitsi/prosody-service.yaml → src/main/resources/jitsi/prosody-config-service.yaml
View file

@ -5,6 +5,7 @@ metadata:
namespace: NAMESPACE namespace: NAMESPACE
labels: labels:
app.kubernetes.io/name: prosody app.kubernetes.io/name: prosody
app.kubernetes.io/component: prosody
spec: spec:
type: ClusterIP type: ClusterIP
ports: ports:

3
src/main/resources/jitsi/prosody-sa.yaml → src/main/resources/jitsi/prosody-config-serviceaccount.yaml
View file

@ -4,4 +4,5 @@ metadata:
name: prosody name: prosody
namespace: NAMESPACE namespace: NAMESPACE
labels: labels:
app.kubernetes.io/name: prosody app.kubernetes.io/name: prosody
app.kubernetes.io/component: prosody

1
src/main/resources/jitsi/prosody-stateful-set.yaml → src/main/resources/jitsi/prosody-config-stateful-set.yaml
View file

@ -5,6 +5,7 @@ metadata:
namespace: NAMESPACE namespace: NAMESPACE
labels: labels:
app.kubernetes.io/name: prosody app.kubernetes.io/name: prosody
app.kubernetes.io/component: prosody
spec: spec:
serviceName: "prosody" serviceName: "prosody"
replicas: 1 replicas: 1

1
src/main/resources/jitsi/prosody-test-deployment.yaml → src/main/resources/jitsi/prosody-config-test-deployment.yaml
View file

@ -5,6 +5,7 @@ metadata:
namespace: NAMESPACE namespace: NAMESPACE
labels: labels:
app.kubernetes.io/name: "prosody-test-connection" app.kubernetes.io/name: "prosody-test-connection"
app.kubernetes.io/component: prosody
spec: spec:
replicas: 0 replicas: 0
strategy: strategy:

17
src/test/cljc/dda/c4k_jitsi/jitsi_test.cljc
View file

@ -306,8 +306,8 @@
{:name "prosody", {:name "prosody",
:namespace "jitsi", :namespace "jitsi",
:labels :labels
{:app.kubernetes.io/name "prosody"}}} #:app.kubernetes.io{:name "prosody" :component "prosody"}}}
(first (cut/prosody (first (cut/prosody-config
{:fqdn "xy.xy.xy" {:fqdn "xy.xy.xy"
:namespace "jitsi"})))) :namespace "jitsi"}))))
(is (= {:apiVersion "v1", (is (= {:apiVersion "v1",
@ -316,7 +316,7 @@
{:name "prosody-common", {:name "prosody-common",
:namespace "jitsi", :namespace "jitsi",
:labels :labels
#:app.kubernetes.io{:name "jitsi-meet"}}, #:app.kubernetes.io{:name "jitsi-meet" :component "prosody"}},
:data :data
{:ENABLE_AUTH "0", {:ENABLE_AUTH "0",
:ENABLE_GUESTS "1", :ENABLE_GUESTS "1",
@ -331,10 +331,15 @@
:ENABLE_COLIBRI_WEBSOCKET_UNSAFE_REGEX "1", :ENABLE_COLIBRI_WEBSOCKET_UNSAFE_REGEX "1",
:ENABLE_XMPP_WEBSOCKET "true", :ENABLE_XMPP_WEBSOCKET "true",
:TZ "Europe/Amsterdam"}} :TZ "Europe/Amsterdam"}}
(second (cut/prosody (second (cut/prosody-config
{:fqdn "xy.xy.xy" {:fqdn "xy.xy.xy"
:namespace "jitsi"})))) :namespace "jitsi"}))))
(is (= 8 (is (= 8
(count (cut/prosody (count (cut/prosody-config
{:fqdn "xy.xy.xy" {:fqdn "xy.xy.xy"
:namespace "jitsi"}))))) :namespace "jitsi"}))))
(is (= 5
(count (cut/prosody-auth
{:jvb-auth-password "jvb-auth"
:jicofo-auth-password "jicofo-auth"
:jicofo-component-secret "jicofo-comp"})))))