Compare commits

..

No commits in common. "main" and "1.3.5" have entirely different histories.
main ... 1.3.5

41 changed files with 1472 additions and 6769 deletions

View file

@ -6,7 +6,7 @@ stages:
- image - image
.img: &img .img: &img
image: "domaindrivenarchitecture/ddadevops-dind:4.11.3" image: "domaindrivenarchitecture/ddadevops-dind:4.7.0"
services: services:
- docker:dind - docker:dind
before_script: before_script:
@ -16,7 +16,7 @@ stages:
- export IMAGE_TAG=$CI_COMMIT_TAG - export IMAGE_TAG=$CI_COMMIT_TAG
.cljs-job: &cljs .cljs-job: &cljs
image: "domaindrivenarchitecture/ddadevops-clj-cljs:4.11.3" image: "domaindrivenarchitecture/ddadevops-clj-cljs:4.7.0"
cache: cache:
key: ${CI_COMMIT_REF_SLUG} key: ${CI_COMMIT_REF_SLUG}
paths: paths:
@ -29,7 +29,7 @@ stages:
- npm install - npm install
.clj-job: &clj .clj-job: &clj
image: "domaindrivenarchitecture/ddadevops-clj:4.11.3" image: "domaindrivenarchitecture/ddadevops-clj-cljs:4.7.0"
cache: cache:
key: ${CI_COMMIT_REF_SLUG} key: ${CI_COMMIT_REF_SLUG}
paths: paths:
@ -93,22 +93,32 @@ package-uberjar:
paths: paths:
- target/uberjar - target/uberjar
package-native: upload-clj-release:
<<: *clj
stage: package
script:
- pyb package_native
artifacts:
paths:
- target/graalvm
release-to-clojars:
<<: *clj <<: *clj
<<: *tag_only <<: *tag_only
stage: upload stage: upload
script: script:
- pyb upload_clj - pyb upload_clj
release-to-gitlab:
<<: *tag_only
stage: upload
image: registry.gitlab.com/gitlab-org/release-cli:latest
artifacts:
paths:
- target/uberjar
- target/frontend-build
script:
- apk --no-cache add curl
- |
release-cli create --name "Release $CI_COMMIT_TAG" --tag-name $CI_COMMIT_TAG \
--assets-link "{\"name\":\"c4k-jitsi-standalone.jar\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-jitsi/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-jitsi-standalone.jar\"}" \
--assets-link "{\"name\":\"c4k-jitsi-standalone.jar.sha256\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-jitsi/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-jitsi-standalone.jar.sha256\"}" \
--assets-link "{\"name\":\"c4k-jitsi-standalone.jar.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-jitsi/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-jitsi-standalone.jar.sha512\"}" \
--assets-link "{\"name\":\"c4k-jitsi.js\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-jitsi/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-jitsi.js\"}" \
--assets-link "{\"name\":\"c4k-jitsi.js.sha256\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-jitsi/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-jitsi.js.sha256\"}" \
--assets-link "{\"name\":\"c4k-jitsi.js.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-jitsi/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-jitsi.js.sha512\"}" \
release-to-forgejo: release-to-forgejo:
<<: *clj <<: *clj
<<: *tag_only <<: *tag_only
@ -116,9 +126,9 @@ release-to-forgejo:
script: script:
- pyb publish_artifacts - pyb publish_artifacts
jitsi-web-image-publish: jitsi-image-test-publish:
<<: *img <<: *img
<<: *tag_only <<: *tag_only
stage: image stage: image
script: script:
- cd infrastructure/web && pyb image publish - cd infrastructure/docker-jitsi-web && pyb image test publish

View file

@ -1,7 +1,7 @@
# convention 4 kubernetes: c4k-jitsi # convention 4 kubernetes: c4k-jitsi
[![Clojars Project](https://img.shields.io/clojars/v/org.domaindrivenarchitecture/c4k-jitsi.svg)](https://clojars.org/org.domaindrivenarchitecture/c4k-jitsi) [![pipeline status](https://gitlab.com/domaindrivenarchitecture/c4k-jitsi/badges/master/pipeline.svg)](https://gitlab.com/domaindrivenarchitecture/c4k-jitsi/-/commits/main) [![Clojars Project](https://img.shields.io/clojars/v/org.domaindrivenarchitecture/c4k-jitsi.svg)](https://clojars.org/org.domaindrivenarchitecture/c4k-jitsi) [![pipeline status](https://gitlab.com/domaindrivenarchitecture/c4k-jitsi/badges/master/pipeline.svg)](https://gitlab.com/domaindrivenarchitecture/c4k-jitsi/-/commits/main)
[<img src="https://domaindrivenarchitecture.org/img/delta-chat.svg" width=20 alt="DeltaChat"> chat over e-mail](mailto:buero@meissa-gmbh.de?subject=community-chat) | [<img src="https://meissa.de/images/parts/contact/mastodon36_hue9b2464f10b18e134322af482b9c915e_5501_filter_14705073121015236177.png" width=20 alt="M"> meissa@social.meissa-gmbh.de](https://social.meissa-gmbh.de/@meissa) | [Blog](https://domaindrivenarchitecture.org) | [Website](https://meissa.de) [<img src="https://domaindrivenarchitecture.org/img/delta-chat.svg" width=20 alt="DeltaChat"> chat over e-mail](mailto:buero@meissa-gmbh.de?subject=community-chat) | [<img src="https://meissa-gmbh.de/img/community/Mastodon_Logotype.svg" width=20 alt="team@social.meissa-gmbh.de"> team@social.meissa-gmbh.de](https://social.meissa-gmbh.de/@team) | [Website & Blog](https://domaindrivenarchitecture.org)
## Purpose ## Purpose
@ -39,14 +39,13 @@ Development happens at: https://repo.prod.meissa.de/meissa/c4k-jitsi
Mirrors are: Mirrors are:
* https://codeberg.org/meissa/c4k-jitsi (Issues and PR) * https://gitlab.com/domaindrivenarchitecture/c4k-jitsi (issues and PR, CI)
* https://gitlab.com/domaindrivenarchitecture/c4k-jitsi (CI)
* https://github.com/DomainDrivenArchitecture/c4k-jitsi * https://github.com/DomainDrivenArchitecture/c4k-jitsi
For more details about our repository model see: https://repo.prod.meissa.de/meissa/federate-your-repos For more details about our repository model see: https://repo.prod.meissa.de/meissa/federate-your-repos
## License ## License
Copyright © 2021, 2022, 2023, 2024 meissa GmbH Copyright © 2022 meissa GmbH
Licensed under the [Apache License, Version 2.0](LICENSE) (the "License") Licensed under the [Apache License, Version 2.0](LICENSE) (the "License")
Pls. find licenses of our subcomponents [here](doc/SUBCOMPONENT_LICENSE) Pls. find licenses of our subcomponents [here](doc/SUBCOMPONENT_LICENSE)

View file

@ -18,21 +18,18 @@ def initialize(project):
"stage": "notused", "stage": "notused",
"project_root_path": PROJECT_ROOT_PATH, "project_root_path": PROJECT_ROOT_PATH,
"build_types": [], "build_types": [],
"release_artifacts": ["target/uberjar/c4k-jitsi-standalone.jar"],
"mixin_types": ["RELEASE"], "mixin_types": ["RELEASE"],
"release_primary_build_file": "project.clj", "release_primary_build_file": "project.clj",
"release_secondary_build_files": [ "release_secondary_build_files": [
"package.json", "package.json",
"infrastructure/web/build.py", "infrastructure/docker-jitsi-web/build.py",
"infrastructure/excalidraw-backend/build.py",
], ],
"release_artifact_server_url": "https://repo.prod.meissa.de", "release_artifact_server_url": "https://repo.prod.meissa.de",
"release_organisation": "meissa", "release_organisation": "meissa",
"release_repository_name": name, "release_repository_name": name,
"release_artifacts": [ "release_artifacts": [
f"target/graalvm/{name}", "target/uberjar/c4k-jitsi-standalone.jar",
f"target/uberjar/{name}-standalone.jar", "target/frontend-build/c4k-jitsi.js",
f"target/frontend-build/{name}.js",
], ],
} }
@ -97,7 +94,6 @@ def package_frontend(project):
@task @task
def package_uberjar(project): def package_uberjar(project):
run("lein uberjar", shell=True, check=True)
run( run(
"sha256sum target/uberjar/c4k-jitsi-standalone.jar > target/uberjar/c4k-jitsi-standalone.jar.sha256", "sha256sum target/uberjar/c4k-jitsi-standalone.jar > target/uberjar/c4k-jitsi-standalone.jar.sha256",
shell=True, shell=True,
@ -110,39 +106,6 @@ def package_uberjar(project):
) )
@task
def package_native(project):
run(
"mkdir -p target/graalvm",
shell=True,
check=True,
)
run(
"native-image " +
"--native-image-info " +
"--report-unsupported-elements-at-runtime " +
"--no-server " +
"--no-fallback " +
"--features=clj_easy.graal_build_time.InitClojureClasses " +
f"-jar target/uberjar/{project.name}-standalone.jar " +
"-H:IncludeResources=.*.yaml " +
"-H:Log=registerResource:verbose " +
f"-H:Name=target/graalvm/{project.name}",
shell=True,
check=True,
)
run(
f"sha256sum target/graalvm/{project.name} > target/graalvm/{project.name}.sha256",
shell=True,
check=True,
)
run(
f"sha512sum target/graalvm/{project.name} > target/graalvm/{project.name}.sha512",
shell=True,
check=True,
)
@task @task
def upload_clj(project): def upload_clj(project):
run("lein deploy", shell=True, check=True) run("lein deploy", shell=True, check=True)
@ -162,22 +125,6 @@ def lint(project):
) )
@task
def inst(project):
package_uberjar(project)
package_native(project)
run(
f"sudo install -m=755 target/uberjar/{project.name}-standalone.jar /usr/local/bin/{project.name}-standalone.jar",
shell=True,
check=True,
)
run(
f"sudo install -m=755 target/graalvm/{project.name} /usr/local/bin/{project.name}",
shell=True,
check=True,
)
@task @task
def patch(project): def patch(project):
linttest(project, "PATCH") linttest(project, "PATCH")
@ -228,4 +175,4 @@ def linttest(project, release_type):
test_clj(project) test_clj(project)
test_cljs(project) test_cljs(project)
test_schema(project) test_schema(project)
lint(project) #lint(project)

View file

@ -4,9 +4,9 @@ from pybuilder.core import task, init
from ddadevops import * from ddadevops import *
name = "c4k-jitsi" name = "c4k-jitsi"
MODULE = "web" MODULE = "app"
PROJECT_ROOT_PATH = "../.." PROJECT_ROOT_PATH = "../.."
version = "2.2.1-dev" version = "1.3.5"
@init @init
@ -22,11 +22,11 @@ def initialize(project):
"project_root_path": PROJECT_ROOT_PATH, "project_root_path": PROJECT_ROOT_PATH,
"build_types": ["IMAGE"], "build_types": ["IMAGE"],
"mixin_types": [], "mixin_types": [],
"image_naming": "NAME_AND_MODULE", "image_naming": "NAME_ONLY",
"image_tag": f"{image_tag}", "image_tag": f"{image_tag}",
} }
project.build_depends_on("ddadevops>=4.7.0") project.build_depends_on("ddadevops>=4.0.0")
build = DevopsImageBuild(project, input) build = DevopsImageBuild(project, input)
build.initialize_build_dir() build.initialize_build_dir()

View file

@ -0,0 +1,5 @@
FROM jitsi/web:stable-8719
# Prepare Configuration
ADD resources /tmp
RUN /tmp/install.sh

View file

@ -0,0 +1,7 @@
#!/bin/bash
set -Eeo pipefail
apt update > /dev/null
install -m 0700 /tmp/install-debug.sh /usr/local/bin/
install -m 0644 /tmp/settings-config.js /defaults/settings-config.js

View file

@ -0,0 +1,389 @@
{{ $DEPLOYMENTINFO_USERREGION := .Env.DEPLOYMENTINFO_USERREGION | default "" -}}
{{ $ENABLE_AUDIO_PROCESSING := .Env.ENABLE_AUDIO_PROCESSING | default "true" | toBool -}}
{{ $ENABLE_BREAKOUT_ROOMS := .Env.ENABLE_BREAKOUT_ROOMS | default "true" | toBool -}}
{{ $ENABLE_CALENDAR := .Env.ENABLE_CALENDAR | default "false" | toBool -}}
{{ $ENABLE_FILE_RECORDING_SERVICE := .Env.ENABLE_FILE_RECORDING_SERVICE | default "false" | toBool -}}
{{ $ENABLE_FILE_RECORDING_SERVICE_SHARING := .Env.ENABLE_FILE_RECORDING_SERVICE_SHARING | default "false" | toBool -}}
{{ $ENABLE_IPV6 := .Env.ENABLE_IPV6 | default "true" | toBool -}}
{{ $ENABLE_LIPSYNC := .Env.ENABLE_LIPSYNC | default "false" | toBool -}}
{{ $ENABLE_NO_AUDIO_DETECTION := .Env.ENABLE_NO_AUDIO_DETECTION | default "true" | toBool -}}
{{ $ENABLE_P2P := .Env.ENABLE_P2P | default "true" | toBool -}}
{{ $ENABLE_PREJOIN_PAGE := .Env.ENABLE_PREJOIN_PAGE | default "true" | toBool -}}
{{ $ENABLE_WELCOME_PAGE := .Env.ENABLE_WELCOME_PAGE | default "true" | toBool -}}
{{ $ENABLE_CLOSE_PAGE := .Env.ENABLE_CLOSE_PAGE | default "false" | toBool -}}
{{ $ENABLE_RECORDING := .Env.ENABLE_RECORDING | default "false" | toBool -}}
{{ $ENABLE_REMB := .Env.ENABLE_REMB | default "true" | toBool -}}
{{ $ENABLE_REQUIRE_DISPLAY_NAME := .Env.ENABLE_REQUIRE_DISPLAY_NAME | default "false" | toBool -}}
{{ $ENABLE_SIMULCAST := .Env.ENABLE_SIMULCAST | default "true" | toBool -}}
{{ $ENABLE_STATS_ID := .Env.ENABLE_STATS_ID | default "false" | toBool -}}
{{ $ENABLE_STEREO := .Env.ENABLE_STEREO | default "false" | toBool -}}
{{ $ENABLE_TALK_WHILE_MUTED := .Env.ENABLE_TALK_WHILE_MUTED | default "false" | toBool -}}
{{ $ENABLE_TCC := .Env.ENABLE_TCC | default "true" | toBool -}}
{{ $ENABLE_TRANSCRIPTIONS := .Env.ENABLE_TRANSCRIPTIONS | default "false" | toBool -}}
{{ $RESOLUTION := .Env.RESOLUTION | default "720" -}}
{{ $RESOLUTION_MIN := .Env.RESOLUTION_MIN | default "180" -}}
{{ $RESOLUTION_WIDTH := .Env.RESOLUTION_WIDTH | default "1280" -}}
{{ $RESOLUTION_WIDTH_MIN := .Env.RESOLUTION_WIDTH_MIN | default "320" -}}
{{ $START_AUDIO_ONLY := .Env.START_AUDIO_ONLY | default "false" | toBool -}}
{{ $START_AUDIO_MUTED := .Env.START_AUDIO_MUTED | default 10 -}}
{{ $START_WITH_AUDIO_MUTED := .Env.START_WITH_AUDIO_MUTED | default "false" | toBool -}}
{{ $START_SILENT := .Env.START_SILENT | default "false" | toBool -}}
{{ $DISABLE_AUDIO_LEVELS := .Env.DISABLE_AUDIO_LEVELS | default "false" | toBool -}}
{{ $ENABLE_NOISY_MIC_DETECTION := .Env.ENABLE_NOISY_MIC_DETECTION | default "true" | toBool -}}
{{ $START_VIDEO_MUTED := .Env.START_VIDEO_MUTED | default 10 -}}
{{ $START_WITH_VIDEO_MUTED := .Env.START_WITH_VIDEO_MUTED | default "false" | toBool -}}
{{ $DESKTOP_SHARING_FRAMERATE_MIN := .Env.DESKTOP_SHARING_FRAMERATE_MIN | default 5 -}}
{{ $DESKTOP_SHARING_FRAMERATE_MAX := .Env.DESKTOP_SHARING_FRAMERATE_MAX | default 5 -}}
{{ $TESTING_OCTO_PROBABILITY := .Env.TESTING_OCTO_PROBABILITY | default "0" -}}
{{ $TESTING_CAP_SCREENSHARE_BITRATE := .Env.TESTING_CAP_SCREENSHARE_BITRATE | default "1" -}}
{{ $XMPP_DOMAIN := .Env.XMPP_DOMAIN -}}
{{ $XMPP_RECORDER_DOMAIN := .Env.XMPP_RECORDER_DOMAIN -}}
{{ $DISABLE_DEEP_LINKING := .Env.DISABLE_DEEP_LINKING | default "false" | toBool -}}
{{ $VIDEOQUALITY_ENFORCE_PREFERRED_CODEC := .Env.VIDEOQUALITY_ENFORCE_PREFERRED_CODEC | default "false" | toBool -}}
{{ $DISABLE_POLLS := .Env.DISABLE_POLLS | default "false" | toBool -}}
{{ $DISABLE_REACTIONS := .Env.DISABLE_REACTIONS | default "false" | toBool -}}
// Video configuration.
//
if (!config.hasOwnProperty('constraints')) config.constraints = {};
if (!config.constraints.hasOwnProperty('video')) config.constraints.video = {};
config.resolution = {{ $RESOLUTION }};
config.constraints.video.height = { ideal: {{ $RESOLUTION }}, max: {{ $RESOLUTION }}, min: {{ $RESOLUTION_MIN }} };
config.constraints.video.width = { ideal: {{ $RESOLUTION_WIDTH }}, max: {{ $RESOLUTION_WIDTH }}, min: {{ $RESOLUTION_WIDTH_MIN }}};
config.disableSimulcast = {{ not $ENABLE_SIMULCAST }};
config.startVideoMuted = {{ $START_VIDEO_MUTED }};
config.startWithVideoMuted = {{ $START_WITH_VIDEO_MUTED }};
{{ if .Env.START_BITRATE -}}
config.startBitrate = '{{ .Env.START_BITRATE }}';
{{ end -}}
// ScreenShare Configuration.
//
config.desktopSharingFrameRate = { min: {{ $DESKTOP_SHARING_FRAMERATE_MIN }}, max: {{ $DESKTOP_SHARING_FRAMERATE_MAX }} };
// Audio configuration.
//
config.enableNoAudioDetection = {{ $ENABLE_NO_AUDIO_DETECTION }};
config.enableTalkWhileMuted = {{ $ENABLE_TALK_WHILE_MUTED }};
config.disableAP = {{ not $ENABLE_AUDIO_PROCESSING }};
config.stereo = {{ $ENABLE_STEREO }};
config.startAudioOnly = {{ $START_AUDIO_ONLY }};
config.startAudioMuted = {{ $START_AUDIO_MUTED }};
config.startWithAudioMuted = {{ $START_WITH_AUDIO_MUTED }};
config.startSilent = {{ $START_SILENT }};
config.disableAudioLevels = {{ $DISABLE_AUDIO_LEVELS }};
config.enableNoisyMicDetection = {{ $ENABLE_NOISY_MIC_DETECTION }};
// Peer-to-Peer options.
//
if (!config.hasOwnProperty('p2p')) config.p2p = {};
config.p2p.enabled = {{ $ENABLE_P2P }};
// Breakout Rooms
//
config.hideAddRoomButton = {{ $ENABLE_BREAKOUT_ROOMS | not }};
// Etherpad
//
{{ if .Env.ETHERPAD_PUBLIC_URL -}}
config.etherpad_base = '{{ .Env.ETHERPAD_PUBLIC_URL }}';
{{ else if .Env.ETHERPAD_URL_BASE -}}
config.etherpad_base = '{{.Env.PUBLIC_URL}}/etherpad/p/';
{{ end -}}
// Recording.
//
{{ if $ENABLE_RECORDING -}}
config.hiddenDomain = '{{ $XMPP_RECORDER_DOMAIN }}';
// Whether to enable file recording or not
config.fileRecordingsEnabled = true;
// Whether to enable live streaming or not.
config.liveStreamingEnabled = true;
{{ if .Env.DROPBOX_APPKEY -}}
// Enable the dropbox integration.
if (!config.hasOwnProperty('dropbox')) config.dropbox = {};
config.dropbox.appKey = '{{ .Env.DROPBOX_APPKEY }}';
{{ if .Env.DROPBOX_REDIRECT_URI -}}
// A URL to redirect the user to, after authenticating
// by default uses:
// 'https://jitsi-meet.example.com/static/oauth.html'
config.dropbox.redirectURI = '{{ .Env.DROPBOX_REDIRECT_URI }}';
{{ end -}}
{{ end -}}
{{ if $ENABLE_FILE_RECORDING_SERVICE -}}
// When integrations like dropbox are enabled only that will be shown,
// by enabling fileRecordingsServiceEnabled, we show both the integrations
// and the generic recording service (its configuration and storage type
// depends on jibri configuration)
config.fileRecordingsServiceEnabled = true;
{{ end -}}
{{ if $ENABLE_FILE_RECORDING_SERVICE_SHARING -}}
// Whether to show the possibility to share file recording with other people
// (e.g. meeting participants), based on the actual implementation
// on the backend.
config.fileRecordingsServiceSharingEnabled = true;
{{ end -}}
{{ end -}}
// Analytics.
//
if (!config.hasOwnProperty('analytics')) config.analytics = {};
{{ if .Env.AMPLITUDE_ID -}}
// The Amplitude APP Key:
config.analytics.amplitudeAPPKey = '{{ .Env.AMPLITUDE_ID }}';
{{ end -}}
{{ if .Env.GOOGLE_ANALYTICS_ID -}}
// The Google Analytics Tracking ID:
config.analytics.googleAnalyticsTrackingId = '{{ .Env.GOOGLE_ANALYTICS_ID }}';
{{ end -}}
{{ if .Env.MATOMO_ENDPOINT -}}
// Matomo endpoint:
config.analytics.matomoEndpoint = '{{ .Env.MATOMO_ENDPOINT }}';
{{ end -}}
{{ if .Env.MATOMO_SITE_ID -}}
// Matomo site ID:
config.analytics.matomoSiteID = '{{ .Env.MATOMO_SITE_ID }}';
{{ end -}}
{{ if .Env.ANALYTICS_SCRIPT_URLS -}}
// Array of script URLs to load as lib-jitsi-meet "analytics handlers".
config.analytics.scriptURLs = [ '{{ join "','" (splitList "," .Env.ANALYTICS_SCRIPT_URLS) }}' ];
{{ end -}}
{{ if .Env.ANALYTICS_WHITELISTED_EVENTS -}}
config.analytics.whiteListedEvents = [ '{{ join "','" (splitList "," .Env.ANALYTICS_WHITELISTED_EVENTS) }}' ];
{{ end -}}
{{ if .Env.CALLSTATS_CUSTOM_SCRIPT_URL -}}
config.callStatsCustomScriptUrl = '{{ .Env.CALLSTATS_CUSTOM_SCRIPT_URL }}';
{{ end -}}
{{ if .Env.CALLSTATS_ID -}}
// To enable sending statistics to callstats.io you must provide the
// Application ID and Secret.
config.callStatsID = '{{ .Env.CALLSTATS_ID }}';
{{ end -}}
{{ if .Env.CALLSTATS_ID -}}
config.callStatsSecret = '{{ .Env.CALLSTATS_SECRET }}';
{{ end -}}
// Enables callstatsUsername to be reported as statsId and used
// by callstats as repoted remote id.
config.enableStatsID = {{ $ENABLE_STATS_ID }};
// Dial in/out services.
//
{{ if .Env.CONFCODE_URL -}}
config.dialInConfCodeUrl = '{{ .Env.CONFCODE_URL }}';
{{ end -}}
{{ if .Env.DIALIN_NUMBERS_URL -}}
config.dialInNumbersUrl = '{{ .Env.DIALIN_NUMBERS_URL }}';
{{ end -}}
{{ if .Env.DIALOUT_AUTH_URL -}}
config.dialOutAuthUrl = '{{ .Env.DIALOUT_AUTH_URL }}';
{{ end -}}
{{ if .Env.DIALOUT_CODES_URL -}}
config.dialOutCodesUrl = '{{ .Env.DIALOUT_CODES_URL }}';
{{ end -}}
// Calendar service integration.
//
config.enableCalendarIntegration = {{ $ENABLE_CALENDAR }};
{{ if .Env.GOOGLE_API_APP_CLIENT_ID -}}
config.googleApiApplicationClientID = '{{ .Env.GOOGLE_API_APP_CLIENT_ID }}';
{{ end -}}
{{ if .Env.MICROSOFT_API_APP_CLIENT_ID -}}
config.microsoftApiApplicationClientID = '{{ .Env.MICROSOFT_API_APP_CLIENT_ID }}';
{{ end -}}
// Invitation service.
//
{{ if .Env.INVITE_SERVICE_URL -}}
config.inviteServiceUrl = '{{ .Env.INVITE_SERVICE_URL }}';
{{ end -}}
{{ if .Env.PEOPLE_SEARCH_URL -}}
config.peopleSearchUrl = '{{ .Env.PEOPLE_SEARCH_URL }}';
config.peopleSearchQueryTypes = ['user','conferenceRooms'];
{{ end -}}
// Miscellaneous.
//
// Prejoin page.
config.prejoinPageEnabled = {{ $ENABLE_PREJOIN_PAGE }};
// Welcome page.
config.enableWelcomePage = {{ $ENABLE_WELCOME_PAGE }};
// Close page.
config.enableClosePage = {{ $ENABLE_CLOSE_PAGE }};
// Default language.
{{ if .Env.DEFAULT_LANGUAGE -}}
config.defaultLanguage = '{{ .Env.DEFAULT_LANGUAGE }}';
{{ end -}}
// Require users to always specify a display name.
config.requireDisplayName = {{ $ENABLE_REQUIRE_DISPLAY_NAME }};
// Chrome extension banner.
{{ if .Env.CHROME_EXTENSION_BANNER_JSON -}}
config.chromeExtensionBanner = {{ .Env.CHROME_EXTENSION_BANNER_JSON }};
{{ end -}}
// Advanced.
//
// Lipsync hack in jicofo, may not be safe.
config.enableLipSync = {{ $ENABLE_LIPSYNC }};
config.enableRemb = {{ $ENABLE_REMB }};
config.enableTcc = {{ $ENABLE_TCC }};
// Enable IPv6 support.
config.useIPv6 = {{ $ENABLE_IPV6 }};
// Transcriptions (subtitles and buttons can be configured in interface_config)
config.transcribingEnabled = {{ $ENABLE_TRANSCRIPTIONS }};
{{ if .Env.DYNAMIC_BRANDING_URL -}}
// External API url used to receive branding specific information.
config.dynamicBrandingUrl = '{{ .Env.DYNAMIC_BRANDING_URL }}';
{{ end -}}
{{ if .Env.TOKEN_AUTH_URL -}}
// Authenticate using external service or just focus external auth window if there is one already.
config.tokenAuthUrl = '{{ .Env.TOKEN_AUTH_URL }}';
{{ end -}}
// Deployment information.
//
if (!config.hasOwnProperty('deploymentInfo')) config.deploymentInfo = {};
{{ if .Env.DEPLOYMENTINFO_ENVIRONMENT -}}
config.deploymentInfo.environment = '{{ .Env.DEPLOYMENTINFO_ENVIRONMENT }}';
{{ end -}}
{{ if .Env.DEPLOYMENTINFO_SHARD -}}
config.deploymentInfo.shard = '{{ .Env.DEPLOYMENTINFO_SHARD }}';
{{ end -}}
{{ if .Env.DEPLOYMENTINFO_ENVIRONMENT_TYPE -}}
config.deploymentInfo.envType = '{{ .Env.DEPLOYMENTINFO_ENVIRONMENT_TYPE }}';
{{ end -}}
{{ if .Env.DEPLOYMENTINFO_REGION -}}
config.deploymentInfo.region = '{{ .Env.DEPLOYMENTINFO_REGION }}';
{{ end -}}
{{ if $DEPLOYMENTINFO_USERREGION -}}
config.deploymentInfo.userRegion = '{{ $DEPLOYMENTINFO_USERREGION }}';
{{ end -}}
// Testing
//
if (!config.hasOwnProperty('testing')) config.testing = {};
if (!config.testing.hasOwnProperty('octo')) config.testing.octo = {};
config.testing.capScreenshareBitrate = {{ $TESTING_CAP_SCREENSHARE_BITRATE }};
config.testing.octo.probability = {{ $TESTING_OCTO_PROBABILITY }};
// Deep Linking
config.disableDeepLinking = {{ $DISABLE_DEEP_LINKING }};
// P2P preferred codec
{{ if .Env.P2P_PREFERRED_CODEC -}}
config.p2p.preferredCodec = '{{ .Env.P2P_PREFERRED_CODEC }}';
{{ end -}}
// enable preffered video Codec
if (!config.hasOwnProperty('videoQuality')) config.videoQuality = {};
{{ if .Env.VIDEOQUALITY_PREFERRED_CODEC -}}
config.videoQuality.preferredCodec = '{{ .Env.VIDEOQUALITY_PREFERRED_CODEC }}';
{{ end -}}
config.videoQuality.enforcePreferredCodec = {{ $VIDEOQUALITY_ENFORCE_PREFERRED_CODEC }};
if (!config.videoQuality.hasOwnProperty('maxBitratesVideo')) config.videoQuality.maxBitratesVideo = {};
{{ if and .Env.VIDEOQUALITY_BITRATE_H264_LOW .Env.VIDEOQUALITY_BITRATE_H264_STANDARD .Env.VIDEOQUALITY_BITRATE_H264_HIGH -}}
config.videoQuality.maxBitratesVideo.H264 = { low: {{ .Env.VIDEOQUALITY_BITRATE_H264_LOW }}, standard: {{ .Env.VIDEOQUALITY_BITRATE_H264_STANDARD }}, high: {{ .Env.VIDEOQUALITY_BITRATE_H264_HIGH }} };
{{ end -}}
{{ if and .Env.VIDEOQUALITY_BITRATE_VP8_LOW .Env.VIDEOQUALITY_BITRATE_VP8_STANDARD .Env.VIDEOQUALITY_BITRATE_VP8_HIGH -}}
config.videoQuality.maxBitratesVideo.VP8 = { low: {{ .Env.VIDEOQUALITY_BITRATE_VP8_LOW }}, standard: {{ .Env.VIDEOQUALITY_BITRATE_VP8_STANDARD }}, high: {{ .Env.VIDEOQUALITY_BITRATE_VP8_HIGH }} };
{{ end -}}
{{ if and .Env.VIDEOQUALITY_BITRATE_VP9_LOW .Env.VIDEOQUALITY_BITRATE_VP9_STANDARD .Env.VIDEOQUALITY_BITRATE_VP9_HIGH -}}
config.videoQuality.maxBitratesVideo.VP9 = { low: {{ .Env.VIDEOQUALITY_BITRATE_VP9_LOW }}, standard: {{ .Env.VIDEOQUALITY_BITRATE_VP9_STANDARD }}, high: {{ .Env.VIDEOQUALITY_BITRATE_VP9_HIGH }} };
{{ end -}}
// Reactions
config.disableReactions = {{ $DISABLE_REACTIONS }};
// Polls
config.disablePolls = {{ $DISABLE_POLLS }};
// Configure toolbar buttons
{{ if .Env.TOOLBAR_BUTTONS -}}
config.toolbarButtons = [ '{{ join "','" (splitList "," .Env.TOOLBAR_BUTTONS) }}' ];
{{ end -}}
// Hides the buttons at pre-join screen
{{ if .Env.HIDE_PREMEETING_BUTTONS -}}
config.hiddenPremeetingButtons = [ '{{ join "','" (splitList "," .Env.HIDE_PREMEETING_BUTTONS) }}' ];
{{ end -}}
// Configure remote participant video menu
if (!config.hasOwnProperty('remoteVideoMenu')) config.remoteVideoMenu = {};
{{ if .Env.DISABLE_KICKOUT -}}
config.remoteVideoMenu.disableKick = {{ .Env.DISABLE_KICKOUT }};
{{ end -}}
{{ if .Env.DISABLE_GRANT_MODERATOR -}}
config.remoteVideoMenu.disableGrantModerator = {{ .Env.DISABLE_GRANT_MODERATOR }};
{{ end -}}
config.disableThirdPartyRequests = true;
config.channelLastN = 8;
config.enableLayerSuspension = true;

View file

@ -0,0 +1,11 @@
FROM c4k-jitsi
RUN apt update
RUN apt -yqq --no-install-recommends --yes install curl default-jre-headless
RUN curl -L -o /tmp/serverspec.jar \
https://github.com/DomainDrivenArchitecture/dda-serverspec-crate/releases/download/1.3.4/dda-serverspec-standalone.jar
COPY serverspec.edn /tmp/serverspec.edn
RUN java -jar /tmp/serverspec.jar /tmp/serverspec.edn -v

View file

@ -0,0 +1,2 @@
{:file [{:path "/usr/local/bin/install-debug.sh" :mod "700"}
{:path "/defaults/settings-config.js" :mod "644"}]}

View file

@ -1,57 +0,0 @@
from os import environ
from datetime import datetime
from pybuilder.core import task, init
from ddadevops import *
name = "c4k-jitsi"
MODULE = "excalidraw-backend"
PROJECT_ROOT_PATH = "../.."
version = "2.2.1-dev"
@init
def initialize(project):
image_tag = version
if "dev" in image_tag:
image_tag += datetime.now().strftime("%Y-%m-%d-%H-%M-%S")
input = {
"name": name,
"module": MODULE,
"stage": "notused",
"project_root_path": PROJECT_ROOT_PATH,
"build_types": ["IMAGE"],
"mixin_types": [],
"image_naming": "NAME_AND_MODULE",
"image_tag": f"{image_tag}",
}
project.build_depends_on("ddadevops>=4.7.0")
build = DevopsImageBuild(project, input)
build.initialize_build_dir()
@task
def image(project):
build = get_devops_build(project)
build.image()
@task
def drun(project):
build = get_devops_build(project)
build.drun()
@task
def test(project):
build = get_devops_build(project)
build.test()
@task
def publish(project):
build = get_devops_build(project)
build.dockerhub_login()
build.dockerhub_publish()

View file

@ -1,13 +0,0 @@
# Taken from: https://github.com/jitsi/excalidraw-backend
FROM node:22-bookworm-slim
WORKDIR /excalidraw-backend
COPY resources/package.json resources/package-lock.json resources/tsconfig.json resources/install.sh resources/src resources/install_functions_debian.sh ./
RUN ./install.sh
EXPOSE 80
EXPOSE 9090
CMD ["npm", "start"]

View file

@ -1,17 +0,0 @@
#!/bin/bash
set -exo pipefail
function main() {
{
upgradeSystem
} > /dev/null
cleanupDocker
}
source ./install_functions_debian.sh
DEBIAN_FRONTEND=noninteractive DEBCONF_NOWARNINGS=yes main
npm audit fix
npm ci --omit=dev
npm run build

File diff suppressed because it is too large Load diff

View file

@ -1,51 +0,0 @@
{
"name": "excalidraw-backend",
"version": "1.1.0",
"main": "src/index.js",
"description": "Excalidraw backend",
"repository": {
"type": "git",
"url": "https://github.com/jitsi/excalidraw-backend"
},
"private": true,
"engines": {
"node": ">=18.0.0",
"npm": ">=10.0.0"
},
"dependencies": {
"@types/debug": "4.1.10",
"@types/express": "4.17.20",
"@types/ms": "0.7.33",
"@types/node": "20.8.7",
"cross-env": "^7.0.3",
"debug": "4.3.4",
"dotenv": "^16.0.0",
"express": "^4.19.2",
"socket.io": "^4.7.2",
"prom-client": "^15.0.0",
"ts-node-dev": "^2.0.0",
"typescript": "5.2.2"
},
"license": "MIT",
"scripts": {
"build": "tsc",
"lint": "eslint .",
"lint-fix": "eslint . --fix",
"start": "tsc && node dist/index.js",
"start:local": "tsc && DEBUG='engine,app,socket.io:client,server' node dist/index.js",
"start:dev": "cross-env NODE_ENV=development ts-node-dev --respawn --transpile-only src/index.ts"
},
"devDependencies": {
"@jitsi/eslint-config": "^4.1.0",
"@typescript-eslint/eslint-plugin": "6.8.0",
"@typescript-eslint/parser": "6.8.0",
"eslint": "^8.1.0",
"eslint-plugin-import": "2.28.1",
"eslint-plugin-jsdoc": "46.8.2",
"eslint-plugin-typescript-sort-keys": "^3.1.0"
},
"optionalDependencies": {
"bufferutil": "^4.0.6",
"utf-8-validate": "^6.0.3"
}
}

View file

@ -1,7 +0,0 @@
module.exports = {
extends: [
'@jitsi/eslint-config',
'@jitsi/eslint-config/jsdoc',
'@jitsi/eslint-config/typescript',
],
};

View file

@ -1,122 +0,0 @@
// Taken from: https://github.com/jitsi/excalidraw-backend
import debug from 'debug';
import dotenv from 'dotenv';
import express from 'express';
import { createServer } from 'node:http';
import { Server } from 'socket.io';
/*
import * as prometheus from 'socket.io-prometheus-metrics';
do not use anymore, since 3 years no further progression, depends on debug 4.1.1,
wich is moderate vulnerable to regular expression denial of service when untrusted user
input is passed into the o formatter.
alternatively could be used prom-client
*/
const serverDebug = debug('httpServer');
const app = express();
const port = process.env.PORT || 80; // default port to listen
const httpServer = createServer(app);
dotenv.config(
process.env.NODE_ENV === 'development'
? { path: '.env.development' }
: { path: '.env.production' }
);
app.get('/', (req, res) => {
res.send('Excalidraw backend is up :)');
});
httpServer.listen(port, () => {
serverDebug(`listening on port: ${port}`);
});
const corsOptions = {
origin: ['jitsi.test.meissa.de', 'jitsi.prod.meissa.de'],
methods: ["GET", "POST"],
credentials: true
};
const io = new Server(httpServer, {
allowEIO3: true,
cors: corsOptions,
maxHttpBufferSize: 1e6,
pingTimeout: 10000
});
// listens on host:9090/metrics
/* do not use
prometheus.metrics(io, {
collectDefaultMetrics: true
});
*/
/* alternatively could be used:
const client = require('prom-client');
const collectDefaultMetrics = client.collectDefaultMetrics;
const Registry = client.Registry;
const register = new Registry();
collectDefaultMetrics({ register });
or more:
https://codersociety.com/blog/articles/nodejs-application-monitoring-with-prometheus-and-grafana
*/
io.on('connection', (socket) => {
serverDebug(`connection established! ${socket.conn.request.url}`);
io.to(`${socket.id}`).emit('init-room');
socket.on('join-room', roomID => {
serverDebug(`${socket.id} has joined ${roomID} for url ${socket.conn.request.url}`);
socket.join(roomID);
if (io.sockets.adapter.rooms.get(roomID)?.size ?? 0 <= 1) {
io.to(`${socket.id}`).emit('first-in-room');
} else {
socket.broadcast.to(roomID).emit('new-user', socket.id);
}
io.in(roomID).emit(
'room-user-change', Array.from(io.sockets.adapter.rooms.get(roomID) ?? [])
);
});
socket.on(
'server-broadcast',
(roomID: string, encryptedData: ArrayBuffer, iv: Uint8Array) => {
socket.broadcast.to(roomID).emit('client-broadcast', encryptedData, iv);
});
socket.on(
'server-volatile-broadcast',
(roomID: string, encryptedData: ArrayBuffer, iv: Uint8Array) => {
socket.volatile.broadcast
.to(roomID)
.emit('client-broadcast', encryptedData, iv);
});
socket.on('disconnecting', () => {
const rooms = io.sockets.adapter.rooms;
for (const roomID of Object.keys(socket.rooms)) {
const clients = Array.from(rooms.get(roomID) ?? []).filter(id => id !== socket.id);
if (roomID !== socket.id) {
socket.to(roomID).emit('user has left', socket.id);
}
if (clients.length > 0) {
socket.broadcast.to(roomID).emit('room-user-change', clients);
}
}
});
socket.on('disconnect', (reason, details) => {
serverDebug(
`${socket.id} was disconnected from url ${socket.conn.request.url} for the following reason: ${reason}
${JSON.stringify(details)}`
);
socket.removeAllListeners();
});
});

View file

@ -1,17 +0,0 @@
{
"compilerOptions": {
"allowSyntheticDefaultImports": true,
"target": "es5",
"lib": ["dom", "dom.iterable", "esnext"],
"allowJs": true,
"skipLibCheck": true,
"esModuleInterop": true,
"strict": true,
"moduleResolution": "Node",
"forceConsistentCasingInFileNames": true,
"resolveJsonModule": true,
"isolatedModules": true,
"outDir": "dist",
}
}

View file

@ -1,6 +0,0 @@
# IMPORTANT: In case of base image update, "./resources/settings-config.js" also has to be updated manually!
FROM jitsi/web:stable-9646
# Prepare Configuration
ADD resources /tmp
RUN /tmp/install.sh

View file

@ -1,17 +0,0 @@
#!/bin/bash
set -exo pipefail
function main() {
{
upgradeSystem
} > /dev/null
install -m 0700 /tmp/install-debug.sh /usr/local/bin/
install -m 0644 /tmp/settings-config.js /defaults/settings-config.js
cleanupDocker
}
source /tmp/install_functions_debian.sh
DEBIAN_FRONTEND=noninteractive DEBCONF_NOWARNINGS=yes main

View file

@ -1,570 +0,0 @@
//https://github.com/jitsi/docker-jitsi-meet/blob/master/web/rootfs/defaults/settings-config.js
{{ $DEPLOYMENTINFO_USERREGION := .Env.DEPLOYMENTINFO_USERREGION | default "" -}}
{{ $ENABLE_AUDIO_PROCESSING := .Env.ENABLE_AUDIO_PROCESSING | default "true" | toBool -}}
{{ $ENABLE_BREAKOUT_ROOMS := .Env.ENABLE_BREAKOUT_ROOMS | default "true" | toBool -}}
{{ $ENABLE_CALENDAR := .Env.ENABLE_CALENDAR | default "false" | toBool -}}
{{ $ENABLE_FILE_RECORDING_SHARING := .Env.ENABLE_FILE_RECORDING_SHARING | default "false" | toBool -}}
{{ $ENABLE_NO_AUDIO_DETECTION := .Env.ENABLE_NO_AUDIO_DETECTION | default "true" | toBool -}}
{{ $ENABLE_P2P := .Env.ENABLE_P2P | default "true" | toBool -}}
{{ $ENABLE_PREJOIN_PAGE := .Env.ENABLE_PREJOIN_PAGE | default "true" | toBool -}}
{{ $ENABLE_WELCOME_PAGE := .Env.ENABLE_WELCOME_PAGE | default "true" | toBool -}}
{{ $ENABLE_CLOSE_PAGE := .Env.ENABLE_CLOSE_PAGE | default "false" | toBool -}}
{{ $ENABLE_RECORDING := .Env.ENABLE_RECORDING | default "false" | toBool -}}
{{ $ENABLE_SERVICE_RECORDING := .Env.ENABLE_SERVICE_RECORDING | default ($ENABLE_RECORDING | printf "%t") | toBool -}}
{{ $ENABLE_LIVESTREAMING := .Env.ENABLE_LIVESTREAMING | default "false" | toBool -}}
{{ $ENABLE_LIVESTREAMING_DATA_PRIVACY_LINK := .Env.ENABLE_LIVESTREAMING_DATA_PRIVACY_LINK | default "https://policies.google.com/privacy" -}}
{{ $ENABLE_LIVESTREAMING_HELP_LINK := .Env.ENABLE_LIVESTREAMING_HELP_LINK | default "https://jitsi.org/live" -}}
{{ $ENABLE_LIVESTREAMING_TERMS_LINK := .Env.ENABLE_LIVESTREAMING_TERMS_LINK | default "https://www.youtube.com/t/terms" -}}
{{ $ENABLE_LIVESTREAMING_VALIDATOR_REGEXP_STRING := .Env.ENABLE_LIVESTREAMING_VALIDATOR_REGEXP_STRING | default "^(?:[a-zA-Z0-9]{4}(?:-(?!$)|$)){4}" -}}
{{ $ENABLE_REMB := .Env.ENABLE_REMB | default "true" | toBool -}}
{{ $ENABLE_REQUIRE_DISPLAY_NAME := .Env.ENABLE_REQUIRE_DISPLAY_NAME | default "false" | toBool -}}
{{ $ENABLE_SIMULCAST := .Env.ENABLE_SIMULCAST | default "true" | toBool -}}
{{ $ENABLE_STEREO := .Env.ENABLE_STEREO | default "false" | toBool -}}
{{ $ENABLE_OPUS_RED := .Env.ENABLE_OPUS_RED | default "false" | toBool -}}
{{ $ENABLE_TALK_WHILE_MUTED := .Env.ENABLE_TALK_WHILE_MUTED | default "false" | toBool -}}
{{ $ENABLE_TCC := .Env.ENABLE_TCC | default "true" | toBool -}}
{{ $ENABLE_TRANSCRIPTIONS := .Env.ENABLE_TRANSCRIPTIONS | default "false" | toBool -}}
{{ $TRANSLATION_LANGUAGES := .Env.TRANSLATION_LANGUAGES | default "[]" -}}
{{ $TRANSLATION_LANGUAGES_HEAD := .Env.TRANSLATION_LANGUAGES_HEAD | default "['en']" -}}
{{ $USE_APP_LANGUAGE := .Env.USE_APP_LANGUAGE | default "true" | toBool -}}
{{ $PREFERRED_LANGUAGE := .Env.PREFERRED_LANGUAGE | default "en-US" -}}
{{ $DISABLE_START_FOR_ALL := .Env.DISABLE_START_FOR_ALL | default "false" | toBool -}}
{{ $AUTO_CAPTION_ON_RECORD := .Env.AUTO_CAPTION_ON_RECORD | default "false" | toBool -}}
{{ $ENABLE_JAAS_COMPONENTS := .Env.ENABLE_JAAS_COMPONENTS | default "0" | toBool }}
{{ $HIDE_PREJOIN_DISPLAY_NAME := .Env.HIDE_PREJOIN_DISPLAY_NAME | default "false" | toBool -}}
{{ $PUBLIC_URL := .Env.PUBLIC_URL | default "https://localhost:8443" -}}
{{ $RESOLUTION := .Env.RESOLUTION | default "720" -}}
{{ $RESOLUTION_MIN := .Env.RESOLUTION_MIN | default "180" -}}
{{ $RESOLUTION_WIDTH := .Env.RESOLUTION_WIDTH | default "1280" -}}
{{ $RESOLUTION_WIDTH_MIN := .Env.RESOLUTION_WIDTH_MIN | default "320" -}}
{{ $START_AUDIO_ONLY := .Env.START_AUDIO_ONLY | default "false" | toBool -}}
{{ $START_AUDIO_MUTED := .Env.START_AUDIO_MUTED | default 10 -}}
{{ $START_WITH_AUDIO_MUTED := .Env.START_WITH_AUDIO_MUTED | default "false" | toBool -}}
{{ $START_SILENT := .Env.START_SILENT | default "false" | toBool -}}
{{ $DISABLE_AUDIO_LEVELS := .Env.DISABLE_AUDIO_LEVELS | default "false" | toBool -}}
{{ $ENABLE_NOISY_MIC_DETECTION := .Env.ENABLE_NOISY_MIC_DETECTION | default "true" | toBool -}}
{{ $START_VIDEO_MUTED := .Env.START_VIDEO_MUTED | default 10 -}}
{{ $START_WITH_VIDEO_MUTED := .Env.START_WITH_VIDEO_MUTED | default "false" | toBool -}}
{{ $DESKTOP_SHARING_FRAMERATE_AUTO := .Env.DESKTOP_SHARING_FRAMERATE_AUTO | default "true" | toBool -}}
{{ $DESKTOP_SHARING_FRAMERATE_MIN := .Env.DESKTOP_SHARING_FRAMERATE_MIN | default 5 -}}
{{ $DESKTOP_SHARING_FRAMERATE_MAX := .Env.DESKTOP_SHARING_FRAMERATE_MAX | default 5 -}}
{{ $XMPP_DOMAIN := .Env.XMPP_DOMAIN | default "meet.jitsi" -}}
{{ $XMPP_RECORDER_DOMAIN := .Env.XMPP_RECORDER_DOMAIN | default "recorder.meet.jitsi" -}}
{{ $DISABLE_DEEP_LINKING := .Env.DISABLE_DEEP_LINKING | default "false" | toBool -}}
{{ $DISABLE_POLLS := .Env.DISABLE_POLLS | default "false" | toBool -}}
{{ $DISABLE_REACTIONS := .Env.DISABLE_REACTIONS | default "false" | toBool -}}
{{ $DISABLE_REMOTE_VIDEO_MENU := .Env.DISABLE_REMOTE_VIDEO_MENU | default "false" | toBool -}}
{{ $DISABLE_PRIVATE_CHAT:= .Env.DISABLE_PRIVATE_CHAT | default "false" | toBool -}}
{{ $DISABLE_KICKOUT := .Env.DISABLE_KICKOUT | default "false" | toBool -}}
{{ $DISABLE_GRANT_MODERATOR := .Env.DISABLE_GRANT_MODERATOR | default "false" | toBool -}}
{{ $ENABLE_E2EPING := .Env.ENABLE_E2EPING | default "false" | toBool -}}
{{ $DISABLE_LOCAL_RECORDING := .Env.DISABLE_LOCAL_RECORDING | default "false" | toBool -}}
{{ $ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT := .Env.ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT | default "false" | toBool -}}
{{ $ENABLE_LOCAL_RECORDING_SELF_START := .Env.ENABLE_LOCAL_RECORDING_SELF_START | default "false" | toBool -}}
{{ $DISABLE_PROFILE := .Env.DISABLE_PROFILE | default "false" | toBool -}}
{{ $ROOM_PASSWORD_DIGITS := .Env.ROOM_PASSWORD_DIGITS | default "false" -}}
{{ $WHITEBOARD_COLLAB_SERVER_PUBLIC_URL := .Env.WHITEBOARD_COLLAB_SERVER_PUBLIC_URL | default "" -}}
{{ $WHITEBOARD_ENABLED := .Env.WHITEBOARD_ENABLED | default "false" | toBool -}}
{{ $TESTING_AV1_SUPPORT := .Env.TESTING_AV1_SUPPORT | default "false" | toBool -}}
// Video configuration.
//
config.resolution = {{ $RESOLUTION }};
config.constraints = {
video: {
height: { ideal: {{ $RESOLUTION }}, max: {{ $RESOLUTION }}, min: {{ $RESOLUTION_MIN }} },
width: { ideal: {{ $RESOLUTION_WIDTH }}, max: {{ $RESOLUTION_WIDTH }}, min: {{ $RESOLUTION_WIDTH_MIN }}},
}
};
{{ if not $ENABLE_SIMULCAST -}}
config.disableSimulcast = true;
{{ end -}}
config.startVideoMuted = {{ $START_VIDEO_MUTED }};
config.startWithVideoMuted = {{ $START_WITH_VIDEO_MUTED }};
config.flags = {
sourceNameSignaling: true,
sendMultipleVideoStreams: true,
receiveMultipleVideoStreams: true
};
// ScreenShare Configuration.
//
{{ if not $DESKTOP_SHARING_FRAMERATE_AUTO -}}
config.desktopSharingFrameRate = {
min: {{ $DESKTOP_SHARING_FRAMERATE_MIN }},
max: {{ $DESKTOP_SHARING_FRAMERATE_MAX }}
};
{{ end -}}
// Audio configuration.
//
config.enableNoAudioDetection = {{ $ENABLE_NO_AUDIO_DETECTION }};
config.enableTalkWhileMuted = {{ $ENABLE_TALK_WHILE_MUTED }};
config.disableAP = {{ not $ENABLE_AUDIO_PROCESSING }};
config.audioQuality = {
stereo: {{ $ENABLE_STEREO }}
};
{{ if .Env.AUDIO_QUALITY_OPUS_BITRATE -}}
config.audioQuality.opusMaxAverageBitrate = '{{ .Env.AUDIO_QUALITY_OPUS_BITRATE }}';
{{ end -}}
config.startAudioOnly = {{ $START_AUDIO_ONLY }};
config.startAudioMuted = {{ $START_AUDIO_MUTED }};
config.startWithAudioMuted = {{ $START_WITH_AUDIO_MUTED }};
config.startSilent = {{ $START_SILENT }};
config.enableOpusRed = {{ $ENABLE_OPUS_RED }};
config.disableAudioLevels = {{ $DISABLE_AUDIO_LEVELS }};
config.enableNoisyMicDetection = {{ $ENABLE_NOISY_MIC_DETECTION }};
// Peer-to-Peer options.
//
config.p2p = {
enabled: {{ $ENABLE_P2P }}
};
// Breakout Rooms
//
config.hideAddRoomButton = {{ $ENABLE_BREAKOUT_ROOMS | not }};
// Etherpad
//
{{ if .Env.ETHERPAD_PUBLIC_URL -}}
config.etherpad_base = '{{ .Env.ETHERPAD_PUBLIC_URL }}';
{{ else if .Env.ETHERPAD_URL_BASE -}}
config.etherpad_base = '{{ $PUBLIC_URL }}/etherpad/p/';
{{ end -}}
// Recording.
//
{{ if $ENABLE_RECORDING -}}
config.hiddenDomain = '{{ $XMPP_RECORDER_DOMAIN }}';
config.recordingService = {
// Whether to enable file recording or not using the "service" defined by the finalizer in Jibri
enabled: {{ $ENABLE_SERVICE_RECORDING }},
// Whether to show the possibility to share file recording with other people
// (e.g. meeting participants), based on the actual implementation
// on the backend.
sharingEnabled: {{ $ENABLE_FILE_RECORDING_SHARING }}
};
// Live streaming configuration.
config.liveStreaming = {
enabled: {{ $ENABLE_LIVESTREAMING }},
dataPrivacyLink: '{{ $ENABLE_LIVESTREAMING_DATA_PRIVACY_LINK }}',
helpLink: '{{ $ENABLE_LIVESTREAMING_HELP_LINK }}',
termsLink: '{{ $ENABLE_LIVESTREAMING_TERMS_LINK }}',
validatorRegExpString: '{{ $ENABLE_LIVESTREAMING_VALIDATOR_REGEXP_STRING }}'
};
{{ if .Env.DROPBOX_APPKEY -}}
// Enable the dropbox integration.
config.dropbox = {
appKey: '{{ .Env.DROPBOX_APPKEY }}'
};
{{ if .Env.DROPBOX_REDIRECT_URI -}}
// A URL to redirect the user to, after authenticating
// by default uses:
// 'https://jitsi-meet.example.com/static/oauth.html'
config.dropbox.redirectURI = '{{ .Env.DROPBOX_REDIRECT_URI }}';
{{ end -}}
{{ end -}}
{{ end -}}
// Local recording configuration.
config.localRecording = {
disable: {{ $DISABLE_LOCAL_RECORDING }},
notifyAllParticipants: {{ $ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT }},
disableSelfRecording: {{ $ENABLE_LOCAL_RECORDING_SELF_START }}
};
// Analytics.
//
config.analytics = {};
{{ if .Env.AMPLITUDE_ID -}}
// The Amplitude APP Key:
config.analytics.amplitudeAPPKey = '{{ .Env.AMPLITUDE_ID }}';
{{ end -}}
{{ if .Env.GOOGLE_ANALYTICS_ID -}}
// The Google Analytics Tracking ID:
config.analytics.googleAnalyticsTrackingId = '{{ .Env.GOOGLE_ANALYTICS_ID }}';
{{ end -}}
{{ if .Env.MATOMO_ENDPOINT -}}
// Matomo endpoint:
config.analytics.matomoEndpoint = '{{ .Env.MATOMO_ENDPOINT }}';
{{ end -}}
{{ if .Env.MATOMO_SITE_ID -}}
// Matomo site ID:
config.analytics.matomoSiteID = '{{ .Env.MATOMO_SITE_ID }}';
{{ end -}}
{{ if .Env.ANALYTICS_SCRIPT_URLS -}}
// Array of script URLs to load as lib-jitsi-meet "analytics handlers".
config.analytics.scriptURLs = [ '{{ join "','" (splitList "," .Env.ANALYTICS_SCRIPT_URLS) }}' ];
{{ end -}}
{{ if .Env.ANALYTICS_WHITELISTED_EVENTS -}}
config.analytics.whiteListedEvents = [ '{{ join "','" (splitList "," .Env.ANALYTICS_WHITELISTED_EVENTS) }}' ];
{{ end -}}
// Dial in/out services.
//
{{ if $ENABLE_JAAS_COMPONENTS }}
config.dialInConfCodeUrl = 'https://conference-mapper.jitsi.net/v1/access';
config.dialInNumbersUrl = 'https://conference-mapper.jitsi.net/v1/access/dids';
{{ else }}
{{ if .Env.CONFCODE_URL -}}
config.dialInConfCodeUrl = '{{ .Env.CONFCODE_URL }}';
{{ end -}}
{{ if .Env.DIALIN_NUMBERS_URL -}}
config.dialInNumbersUrl = '{{ .Env.DIALIN_NUMBERS_URL }}';
{{ end -}}
{{ end -}}
{{ if .Env.DIALOUT_AUTH_URL -}}
config.dialOutAuthUrl = '{{ .Env.DIALOUT_AUTH_URL }}';
{{ end -}}
{{ if .Env.DIALOUT_CODES_URL -}}
config.dialOutCodesUrl = '{{ .Env.DIALOUT_CODES_URL }}';
{{ end -}}
// Calendar service integration.
//
config.enableCalendarIntegration = {{ $ENABLE_CALENDAR }};
{{ if .Env.GOOGLE_API_APP_CLIENT_ID -}}
config.googleApiApplicationClientID = '{{ .Env.GOOGLE_API_APP_CLIENT_ID }}';
{{ end -}}
{{ if .Env.MICROSOFT_API_APP_CLIENT_ID -}}
config.microsoftApiApplicationClientID = '{{ .Env.MICROSOFT_API_APP_CLIENT_ID }}';
{{ end -}}
// Invitation service.
//
{{ if .Env.INVITE_SERVICE_URL -}}
config.inviteServiceUrl = '{{ .Env.INVITE_SERVICE_URL }}';
{{ end -}}
{{ if .Env.PEOPLE_SEARCH_URL -}}
config.peopleSearchUrl = '{{ .Env.PEOPLE_SEARCH_URL }}';
config.peopleSearchQueryTypes = ['user','conferenceRooms'];
{{ end -}}
// Miscellaneous.
//
// Prejoin page.
config.prejoinConfig = {
enabled: {{ $ENABLE_PREJOIN_PAGE }},
// Hides the participant name editing field in the prejoin screen.
hideDisplayName: {{ $HIDE_PREJOIN_DISPLAY_NAME }}
};
// List of buttons to hide from the extra join options dropdown on prejoin screen.
{{ if .Env.HIDE_PREJOIN_EXTRA_BUTTONS -}}
config.prejoinConfig.hideExtraJoinButtons = [ '{{ join "','" (splitList "," .Env.HIDE_PREJOIN_EXTRA_BUTTONS) }}' ];
{{ end -}}
// Welcome page.
config.welcomePage = {
disabled: {{ not $ENABLE_WELCOME_PAGE }}
};
// Close page.
config.enableClosePage = {{ $ENABLE_CLOSE_PAGE }};
// Default language.
{{ if .Env.DEFAULT_LANGUAGE -}}
config.defaultLanguage = '{{ .Env.DEFAULT_LANGUAGE }}';
{{ end -}}
// Require users to always specify a display name.
config.requireDisplayName = {{ $ENABLE_REQUIRE_DISPLAY_NAME }};
// Chrome extension banner.
{{ if .Env.CHROME_EXTENSION_BANNER_JSON -}}
config.chromeExtensionBanner = {{ .Env.CHROME_EXTENSION_BANNER_JSON }};
{{ end -}}
// Disables profile and the edit of all fields from the profile settings (display name and email)
config.disableProfile = {{ $DISABLE_PROFILE }};
// Room password (false for anything, number for max digits)
{{ if $ENABLE_JAAS_COMPONENTS -}}
config.roomPasswordNumberOfDigits = 10;
{{ else -}}
config.roomPasswordNumberOfDigits = {{ $ROOM_PASSWORD_DIGITS }};
{{ end -}}
// Advanced.
//
{{ if not $ENABLE_REMB -}}
config.enableRemb = false;
{{ end -}}
{{ if not $ENABLE_TCC -}}
config.enableTcc = false;
{{ end -}}
// Transcriptions (subtitles and buttons can be configured in interface_config)
config.transcription = {
enabled: {{ $ENABLE_TRANSCRIPTIONS }},
translationLanguages: {{ $TRANSLATION_LANGUAGES }},
translationLanguagesHead: {{ $TRANSLATION_LANGUAGES_HEAD }},
useAppLanguage: {{ $USE_APP_LANGUAGE }},
preferredLanguage: '{{ $PREFERRED_LANGUAGE }}',
disableStartForAll: {{ $DISABLE_START_FOR_ALL }},
autoCaptionOnRecord: {{ $AUTO_CAPTION_ON_RECORD }},
};
// Dynamic branding
{{ if .Env.DYNAMIC_BRANDING_URL -}}
// External API url used to receive branding specific information.
config.dynamicBrandingUrl = '{{ .Env.DYNAMIC_BRANDING_URL }}';
{{ else if .Env.BRANDING_DATA_URL -}}
config.brandingDataUrl = '{{ .Env.BRANDING_DATA_URL }}';
{{ end -}}
{{ if .Env.TOKEN_AUTH_URL -}}
// Authenticate using external service
config.tokenAuthUrl = '{{ .Env.TOKEN_AUTH_URL }}';
{{ end -}}
// Deployment information.
//
config.deploymentInfo = {};
{{ if .Env.DEPLOYMENTINFO_ENVIRONMENT -}}
config.deploymentInfo.environment = '{{ .Env.DEPLOYMENTINFO_ENVIRONMENT }}';
{{ end -}}
{{ if .Env.DEPLOYMENTINFO_SHARD -}}
config.deploymentInfo.shard = '{{ .Env.DEPLOYMENTINFO_SHARD }}';
{{ end -}}
{{ if .Env.DEPLOYMENTINFO_ENVIRONMENT_TYPE -}}
config.deploymentInfo.envType = '{{ .Env.DEPLOYMENTINFO_ENVIRONMENT_TYPE }}';
{{ end -}}
{{ if .Env.DEPLOYMENTINFO_REGION -}}
config.deploymentInfo.region = '{{ .Env.DEPLOYMENTINFO_REGION }}';
{{ end -}}
{{ if $DEPLOYMENTINFO_USERREGION -}}
config.deploymentInfo.userRegion = '{{ $DEPLOYMENTINFO_USERREGION }}';
{{ end -}}
// Deep Linking
config.disableDeepLinking = {{ $DISABLE_DEEP_LINKING }};
// P2P preferred codec
{{ if .Env.P2P_PREFERRED_CODEC -}}
config.p2p.preferredCodec = '{{ .Env.P2P_PREFERRED_CODEC }}';
{{ end -}}
// Video quality settings.
//
config.videoQuality = {};
{{ if .Env.VIDEOQUALITY_PREFERRED_CODEC -}}
config.videoQuality.preferredCodec = '{{ .Env.VIDEOQUALITY_PREFERRED_CODEC }}';
{{ end -}}
config.videoQuality.av1 = {};
{{ if .Env.VIDEOQUALITY_BITRATE_AV1_LOW }}
config.videoQuality.av1.low = {{ .Env.VIDEOQUALITY_BITRATE_AV1_LOW }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_AV1_STANDARD }}
config.videoQuality.av1.standard = {{ .Env.VIDEOQUALITY_BITRATE_AV1_STANDARD }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_AV1_HIGH }}
config.videoQuality.av1.high = {{ .Env.VIDEOQUALITY_BITRATE_AV1_HIGH }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_AV1_FULL }}
config.videoQuality.av1.fullHd = {{ .Env.VIDEOQUALITY_BITRATE_AV1_FULL }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_AV1_ULTRA }}
config.videoQuality.av1.ultraHd = {{ .Env.VIDEOQUALITY_BITRATE_AV1_ULTRA }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_AV1_SS_HIGH }}
config.videoQuality.av1.ssHigh = {{ .Env.VIDEOQUALITY_BITRATE_AV1_SS_HIGH }};
{{ end -}}
config.videoQuality.h264 = {};
{{ if .Env.VIDEOQUALITY_BITRATE_H264_LOW }}
config.videoQuality.h264.low = {{ .Env.VIDEOQUALITY_BITRATE_H264_LOW }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_H264_STANDARD }}
config.videoQuality.h264.standard = {{ .Env.VIDEOQUALITY_BITRATE_H264_STANDARD }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_H264_HIGH }}
config.videoQuality.h264.high = {{ .Env.VIDEOQUALITY_BITRATE_H264_HIGH }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_H264_FULL }}
config.videoQuality.h264.fullHd = {{ .Env.VIDEOQUALITY_BITRATE_H264_FULL }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_H264_ULTRA }}
config.videoQuality.h264.ultraHd = {{ .Env.VIDEOQUALITY_BITRATE_H264_ULTRA }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_H264_SS_HIGH }}
config.videoQuality.h264.ssHigh = {{ .Env.VIDEOQUALITY_BITRATE_H264_SS_HIGH }};
{{ end -}}
config.videoQuality.vp8 = {};
{{ if .Env.VIDEOQUALITY_BITRATE_VP8_LOW }}
config.videoQuality.vp8.low = {{ .Env.VIDEOQUALITY_BITRATE_VP8_LOW }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_VP8_STANDARD }}
config.videoQuality.vp8.standard = {{ .Env.VIDEOQUALITY_BITRATE_VP8_STANDARD }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_VP8_HIGH }}
config.videoQuality.vp8.high = {{ .Env.VIDEOQUALITY_BITRATE_VP8_HIGH }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_VP8_FULL }}
config.videoQuality.vp8.fullHd = {{ .Env.VIDEOQUALITY_BITRATE_VP8_FULL }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_VP8_ULTRA }}
config.videoQuality.vp8.ultraHd = {{ .Env.VIDEOQUALITY_BITRATE_VP8_ULTRA }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_VP8_SS_HIGH }}
config.videoQuality.vp8.ssHigh = {{ .Env.VIDEOQUALITY_BITRATE_VP8_SS_HIGH }};
{{ end -}}
config.videoQuality.vp9 = {};
{{ if .Env.VIDEOQUALITY_BITRATE_VP9_LOW }}
config.videoQuality.vp9.low = {{ .Env.VIDEOQUALITY_BITRATE_VP9_LOW }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_VP9_STANDARD }}
config.videoQuality.vp9.standard = {{ .Env.VIDEOQUALITY_BITRATE_VP9_STANDARD }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_VP9_HIGH }}
config.videoQuality.vp9.high = {{ .Env.VIDEOQUALITY_BITRATE_VP9_HIGH }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_VP9_FULL }}
config.videoQuality.vp9.fullHd = {{ .Env.VIDEOQUALITY_BITRATE_VP9_FULL }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_VP9_ULTRA }}
config.videoQuality.vp9.ultraHd = {{ .Env.VIDEOQUALITY_BITRATE_VP9_ULTRA }};
{{ end -}}
{{ if .Env.VIDEOQUALITY_BITRATE_VP9_SS_HIGH }}
config.videoQuality.vp9.ssHigh = {{ .Env.VIDEOQUALITY_BITRATE_VP9_SS_HIGH }};
{{ end -}}
// Reactions
config.disableReactions = {{ $DISABLE_REACTIONS }};
// Polls
config.disablePolls = {{ $DISABLE_POLLS }};
// Configure toolbar buttons
{{ if .Env.TOOLBAR_BUTTONS -}}
config.toolbarButtons = [ '{{ join "','" (splitList "," .Env.TOOLBAR_BUTTONS) }}' ];
{{ end -}}
// Hides the buttons at pre-join screen
{{ if .Env.HIDE_PREMEETING_BUTTONS -}}
config.hiddenPremeetingButtons = [ '{{ join "','" (splitList "," .Env.HIDE_PREMEETING_BUTTONS) }}' ];
{{ end -}}
// Configure remote participant video menu
config.remoteVideoMenu = {
disabled: {{ $DISABLE_REMOTE_VIDEO_MENU }},
disableKick: {{ $DISABLE_KICKOUT }},
disableGrantModerator: {{ $DISABLE_GRANT_MODERATOR }},
disablePrivateChat: {{ $DISABLE_PRIVATE_CHAT }}
};
// Configure e2eping
config.e2eping = {
enabled: {{ $ENABLE_E2EPING }}
};
{{ if .Env.E2EPING_NUM_REQUESTS -}}
config.e2eping.numRequests = {{ .Env.E2EPING_NUM_REQUESTS }};
{{ end -}}
{{ if .Env.E2EPING_MAX_CONFERENCE_SIZE -}}
config.e2eping.maxConferenceSize = {{ .Env.E2EPING_MAX_CONFERENCE_SIZE }};
{{ end -}}
{{ if .Env.E2EPING_MAX_MESSAGE_PER_SECOND -}}
config.e2eping.maxMessagePerSecond = {{ .Env.E2EPING_MAX_MESSAGE_PER_SECOND }};
{{ end }}
// Settings for the Excalidraw whiteboard integration.
config.whiteboard = {
enabled: {{ $WHITEBOARD_ENABLED }},
collabServerBaseUrl: '{{ $WHITEBOARD_COLLAB_SERVER_PUBLIC_URL }}'
};
// Testing
config.testing = {
enableAv1Support: {{ $TESTING_AV1_SUPPORT }}
};
// CUSTOM ADJUSTMENTS
config.disableThirdPartyRequests = true;
config.channelLastN = 8;
config.enableLayerSuspension = true;

233
jitsi.yaml Normal file
View file

@ -0,0 +1,233 @@
kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
name: jitsi
annotations:
cert-manager.io/cluster-issuer: letsencrypt-staging-issuer
ingress.kubernetes.io/ssl-redirect: 'true'
kubernetes.io/ingress.class: ''
spec:
tls:
- hosts:
- fqdn
secretName: tls-jitsi
rules:
- host: jitsi.test.meissa-gmbh.de
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: web
port:
number: 80
---
apiVersion: v1
kind: Secret
metadata:
name: jitsi-config
type: Opaque
data:
JVB_AUTH_PASSWORD: SnZiQXV0aA==
JICOFO_AUTH_PASSWORD: Smljb2ZvQXV0aA==
JICOFO_COMPONENT_SECRET: Smljb2ZvQ29tcFNlYw==
---
apiVersion: v1
kind: Service
metadata:
labels:
service: jvb
name: jvb-udp
spec:
type: NodePort
externalTrafficPolicy: Cluster
ports:
- port: 30300
protocol: UDP
targetPort: 30300
nodePort: 30300
selector:
app: jitsi
---
apiVersion: v1
kind: Service
metadata:
labels:
service: web
name: web
spec:
ports:
- name: http
port: 80
targetPort: 80
- name: https
port: 443
targetPort: 443
selector:
app: jitsi
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: jitsi
name: jitsi
spec:
strategy:
type: Recreate
selector:
matchLabels:
app: jitsi
template:
metadata:
labels:
app: jitsi
spec:
containers:
- name: jicofo
image: jitsi/jicofo:stable-6826
imagePullPolicy: IfNotPresent
env:
- name: XMPP_SERVER
value: localhost
- name: XMPP_DOMAIN
value: meet.jitsi
- name: XMPP_AUTH_DOMAIN
value: auth.meet.jitsi
- name: XMPP_MUC_DOMAIN
value: muc.meet.jitsi
- name: XMPP_INTERNAL_MUC_DOMAIN
value: internal-muc.meet.jitsi
- name: JICOFO_COMPONENT_SECRET
valueFrom:
secretKeyRef:
name: jitsi-config
key: JICOFO_COMPONENT_SECRET
- name: JICOFO_AUTH_USER
value: focus
- name: JICOFO_AUTH_PASSWORD
valueFrom:
secretKeyRef:
name: jitsi-config
key: JICOFO_AUTH_PASSWORD
- name: TZ
value: Europe/Berlin
- name: JVB_BREWERY_MUC
value: jvbbrewery
- name: prosody
image: jitsi/prosody:stable-6826
imagePullPolicy: IfNotPresent
env:
- name: PUBLIC_URL
value: jitsi.test.meissa-gmbh.de
- name: XMPP_DOMAIN
value: meet.jitsi
- name: XMPP_AUTH_DOMAIN
value: auth.meet.jitsi
- name: XMPP_MUC_DOMAIN
value: muc.meet.jitsi
- name: XMPP_INTERNAL_MUC_DOMAIN
value: internal-muc.meet.jitsi
- name: JICOFO_COMPONENT_SECRET
valueFrom:
secretKeyRef:
name: jitsi-config
key: JICOFO_COMPONENT_SECRET
- name: JVB_AUTH_USER
value: jvb
- name: JVB_AUTH_PASSWORD
valueFrom:
secretKeyRef:
name: jitsi-config
key: JVB_AUTH_PASSWORD
- name: JICOFO_AUTH_USER
value: focus
- name: JICOFO_AUTH_PASSWORD
valueFrom:
secretKeyRef:
name: jitsi-config
key: JICOFO_AUTH_PASSWORD
- name: TZ
value: Europe/Berlin
- name: JVB_TCP_HARVESTER_DISABLED
value: 'true'
- name: web
image: domaindrivenarchitecture/c4k-jitsi
imagePullPolicy: IfNotPresent
env:
- name: PUBLIC_URL
value: jitsi.test.meissa-gmbh.de
- name: XMPP_SERVER
value: localhost
- name: JICOFO_AUTH_USER
value: focus
- name: XMPP_DOMAIN
value: meet.jitsi
- name: XMPP_AUTH_DOMAIN
value: auth.meet.jitsi
- name: XMPP_INTERNAL_MUC_DOMAIN
value: internal-muc.meet.jitsi
- name: XMPP_BOSH_URL_BASE
value: http://127.0.0.1:5280
- name: XMPP_MUC_DOMAIN
value: muc.meet.jitsi
- name: TZ
value: Europe/Berlin
- name: JVB_TCP_HARVESTER_DISABLED
value: 'true'
- name: DEFAULT_LANGUAGE
value: de
- name: RESOLUTION
value: '480'
- name: RESOLUTION_MIN
value: '240'
- name: RESOLUTION_WIDTH
value: '853'
- name: RESOLUTION_WIDTH_MIN
value: '427'
- name: DISABLE_AUDIO_LEVELS
value: 'true'
- name: jvb
image: jitsi/jvb:stable-6826
imagePullPolicy: IfNotPresent
env:
- name: XMPP_SERVER
value: localhost
- name: DOCKER_HOST_ADDRESS
value: localhost
- name: XMPP_DOMAIN
value: meet.jitsi
- name: XMPP_AUTH_DOMAIN
value: auth.meet.jitsi
- name: XMPP_INTERNAL_MUC_DOMAIN
value: internal-muc.meet.jitsi
- name: JVB_STUN_SERVERS
value: stun.1und1.de:3478,stun.t-online.de:3478,stun.hosteurope.de:3478
- name: JICOFO_AUTH_USER
value: focus
- name: JVB_TCP_HARVESTER_DISABLED
value: 'true'
- name: JVB_AUTH_USER
value: jvb
- name: JVB_PORT
value: '30300'
- name: JVB_AUTH_PASSWORD
valueFrom:
secretKeyRef:
name: jitsi-config
key: JVB_AUTH_PASSWORD
- name: JICOFO_AUTH_PASSWORD
valueFrom:
secretKeyRef:
name: jitsi-config
key: JICOFO_AUTH_PASSWORD
- name: JVB_BREWERY_MUC
value: jvbbrewery
- name: TZ
value: Europe/Berlin

View file

@ -0,0 +1,453 @@
14:44:10.320 [main] INFO o.d.p.f.c.processors.RemoteProcessor - Connecting to jitsi.test.meissa-gmbh.de/49.12.243.171 with user: root with ssh-key
14:44:10.717 [main] INFO c.h.s.u.k.OpenSSHKeyV1KeyFile - Read key type: ssh-rsa
14:44:10.815 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:12.201 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "timeout 1 sudo id"
14:44:12.310 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: uid=0(root) gid=0(root) groups=0(root)
, [/bin/bash, -c, timeout 1 sudo id]
14:44:12.385 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "test -e /etc/netplan/99-loopback.yaml"
14:44:12.443 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: FAILED -- Code: 1, [/bin/bash, -c, test -e /etc/netplan/99-loopback.yaml]
14:44:12.460 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo install -m 644 /dev/null /etc/netplan/99-loopback.yaml"
14:44:12.532 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo install -m 644 /dev/null /etc/netplan/99-loopback.yaml]
14:44:12.534 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:12.607 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "netplan apply""
14:44:13.851 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo /bin/bash -c "netplan apply"]
14:44:13.852 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "test -e /etc/rancher/k3s/config.yaml"
14:44:13.911 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: FAILED -- Code: 1, [/bin/bash, -c, test -e /etc/rancher/k3s/config.yaml]
14:44:13.913 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "cd ~/ && test -d /etc/kubernetes/""
14:44:13.981 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: FAILED -- Code: 1, [/bin/bash, -c, sudo /bin/bash -c "cd ~/ && test -d /etc/kubernetes/"]
14:44:13.983 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "cd ~/ && mkdir -p /etc/kubernetes/""
14:44:14.055 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo /bin/bash -c "cd ~/ && mkdir -p /etc/kubernetes/"]
14:44:14.056 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "cd ~/ && test -d /var/lib/rancher/k3s/server/manifests/""
14:44:14.127 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: FAILED -- Code: 1, [/bin/bash, -c, sudo /bin/bash -c "cd ~/ && test -d /var/lib/rancher/k3s/server/manifests/"]
14:44:14.128 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "cd ~/ && mkdir -p /var/lib/rancher/k3s/server/manifests/""
14:44:14.197 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo /bin/bash -c "cd ~/ && mkdir -p /var/lib/rancher/k3s/server/manifests/"]
14:44:14.198 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "cd ~/ && test -d /etc/rancher/k3s/manifests/""
14:44:14.267 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: FAILED -- Code: 1, [/bin/bash, -c, sudo /bin/bash -c "cd ~/ && test -d /etc/rancher/k3s/manifests/"]
14:44:14.267 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "cd ~/ && mkdir -p /etc/rancher/k3s/manifests/""
14:44:14.337 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo /bin/bash -c "cd ~/ && mkdir -p /etc/rancher/k3s/manifests/"]
14:44:14.338 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "cd ~/ && test -d /var/pvc1""
14:44:14.400 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: FAILED -- Code: 1, [/bin/bash, -c, sudo /bin/bash -c "cd ~/ && test -d /var/pvc1"]
14:44:14.401 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "cd ~/ && mkdir -p /var/pvc1""
14:44:14.470 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo /bin/bash -c "cd ~/ && mkdir -p /var/pvc1"]
14:44:14.470 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "cd ~/ && test -d /var/pvc2""
14:44:14.537 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: FAILED -- Code: 1, [/bin/bash, -c, sudo /bin/bash -c "cd ~/ && test -d /var/pvc2"]
14:44:14.537 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "cd ~/ && mkdir -p /var/pvc2""
14:44:14.608 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo /bin/bash -c "cd ~/ && mkdir -p /var/pvc2"]
14:44:14.612 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo install -m 644 /dev/null /etc/rancher/k3s/config.yaml"
14:44:14.684 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo install -m 644 /dev/null /etc/rancher/k3s/config.yaml]
14:44:14.684 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:14.757 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo install -m 755 /dev/null /usr/local/bin/k3s-install.sh"
14:44:14.827 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo install -m 755 /dev/null /usr/local/bin/k3s-install.sh]
14:44:14.827 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:14.936 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "INSTALL_K3S_CHANNEL=latest k3s-install.sh"
14:44:47.826 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: [INFO] Finding release for channel latest
[INFO] Using v1.23.5+k3s1 as release
[INFO] Downloading hash https://github.com/k3s-io/k3s/releases/download/v1.23.5+k3s1/sha256sum-amd64.txt
[INFO] Downloading binary https://github.com/k3s-io/k3s/releases/download/v1.23.5+k3s1/k3s
[INFO] Verifying binary download
[INFO] Installing k3s to /usr/local/bin/k3s
[INFO] Skipping installation of SELinux RPM
[INFO] Creating /usr/local/bin/kubectl symlink to k3s
[INFO] Creating /usr/local/bin/crictl symlink to k3s
[INFO] Creating /usr/local/bin/ctr symlink to k3s
[INFO] Creating killall script /usr/local/bin/k3s-killall.sh
[INFO] Creating uninstall script /usr/local/bin/k3s-uninstall.sh
[INFO] env: Creating environment file /etc/systemd/system/k3s.service.env
[INFO] systemd: Creating service file /etc/systemd/system/k3s.service
[INFO] systemd: Enabling k3s unit
[INFO] systemd: Starting k3s
, Err: Created symlink /etc/systemd/system/multi-user.target.wants/k3s.service → /etc/systemd/system/k3s.service.
[/bin/bash, -c, INSTALL_K3S_CHANNEL=latest k3s-install.sh]
14:44:47.829 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo install -m 644 /dev/null /etc/rancher/k3s/manifests/metallb-namespace.yaml"
14:44:47.889 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo install -m 644 /dev/null /etc/rancher/k3s/manifests/metallb-namespace.yaml]
14:44:47.889 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:47.955 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "kubectl apply -f /etc/rancher/k3s/manifests/metallb-namespace.yaml""
14:44:49.360 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: namespace/metallb-system created
, [/bin/bash, -c, sudo /bin/bash -c "kubectl apply -f /etc/rancher/k3s/manifests/metallb-namespace.yaml"]
14:44:49.363 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo install -m 644 /dev/null /etc/rancher/k3s/manifests/metallb-0.10.2-manifest.yaml"
14:44:49.426 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo install -m 644 /dev/null /etc/rancher/k3s/manifests/metallb-0.10.2-manifest.yaml]
14:44:49.426 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:49.495 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "kubectl apply -f /etc/rancher/k3s/manifests/metallb-0.10.2-manifest.yaml""
14:44:50.193 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: podsecuritypolicy.policy/controller created
podsecuritypolicy.policy/speaker created
serviceaccount/controller created
serviceaccount/speaker created
clusterrole.rbac.authorization.k8s.io/metallb-system:controller created
clusterrole.rbac.authorization.k8s.io/metallb-system:speaker created
role.rbac.authorization.k8s.io/config-watcher created
role.rbac.authorization.k8s.io/pod-lister created
role.rbac.authorization.k8s.io/controller created
clusterrolebinding.rbac.authorization.k8s.io/metallb-system:controller created
clusterrolebinding.rbac.authorization.k8s.io/metallb-system:speaker created
rolebinding.rbac.authorization.k8s.io/config-watcher created
rolebinding.rbac.authorization.k8s.io/pod-lister created
rolebinding.rbac.authorization.k8s.io/controller created
daemonset.apps/speaker created
deployment.apps/controller created
, Err: Warning: policy/v1beta1 PodSecurityPolicy is deprecated in v1.21+, unavailable in v1.25+
[/bin/bash, -c, sudo /bin/bash -c "kubectl apply -f /etc/rancher/k3s/manifests/metallb-0.10.2-manifest.yaml"]
14:44:50.196 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo install -m 644 /dev/null /etc/rancher/k3s/manifests/metallb-config.yaml"
14:44:50.259 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo install -m 644 /dev/null /etc/rancher/k3s/manifests/metallb-config.yaml]
14:44:50.259 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:50.331 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "kubectl apply -f /etc/rancher/k3s/manifests/metallb-config.yaml""
14:44:50.897 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: configmap/config created
, [/bin/bash, -c, sudo /bin/bash -c "kubectl apply -f /etc/rancher/k3s/manifests/metallb-config.yaml"]
14:44:50.900 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo install -m 644 /dev/null /etc/rancher/k3s/manifests/traefik.yaml"
14:44:50.967 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo install -m 644 /dev/null /etc/rancher/k3s/manifests/traefik.yaml]
14:44:50.968 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:51.038 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "kubectl apply -f /etc/rancher/k3s/manifests/traefik.yaml""
14:44:51.614 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: helmchart.helm.cattle.io/traefik-crd created
helmchart.helm.cattle.io/traefik created
, [/bin/bash, -c, sudo /bin/bash -c "kubectl apply -f /etc/rancher/k3s/manifests/traefik.yaml"]
14:44:51.615 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo install -m 644 /dev/null /etc/rancher/k3s/manifests/local-path-provisioner-config.yaml"
14:44:51.674 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo install -m 644 /dev/null /etc/rancher/k3s/manifests/local-path-provisioner-config.yaml]
14:44:51.675 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:51.739 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "kubectl apply -f /etc/rancher/k3s/manifests/local-path-provisioner-config.yaml""
14:44:52.331 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: configmap/local-path-config configured
, Err: Warning: resource configmaps/local-path-config is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by kubectl apply. kubectl apply should only be used on resources created declaratively by either kubectl create --save-config or kubectl apply. The missing annotation will be patched automatically.
[/bin/bash, -c, sudo /bin/bash -c "kubectl apply -f /etc/rancher/k3s/manifests/local-path-provisioner-config.yaml"]
14:44:52.332 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "kubectl set env deployment -n kube-system local-path-provisioner DEPLOY_DATE="$(date)""
14:44:52.844 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: deployment.apps/local-path-provisioner env updated
, [/bin/bash, -c, kubectl set env deployment -n kube-system local-path-provisioner DEPLOY_DATE="$(date)"]
14:44:52.845 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "ln -sf /etc/rancher/k3s/k3s.yaml /etc/kubernetes/admin.conf""
14:44:52.910 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo /bin/bash -c "ln -sf /etc/rancher/k3s/k3s.yaml /etc/kubernetes/admin.conf"]
14:44:52.933 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo install -m 644 /dev/null /etc/rancher/k3s/manifests/cert-manager.yaml"
14:44:53.000 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo install -m 644 /dev/null /etc/rancher/k3s/manifests/cert-manager.yaml]
14:44:53.002 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:53.137 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:53.233 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:53.327 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:53.414 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:53.522 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:53.615 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:53.709 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:53.803 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:53.903 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:54.000 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:54.093 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:54.194 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:54.294 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:54.390 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:54.485 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:54.579 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:54.676 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:54.773 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:54.870 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:54.965 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:55.058 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:55.144 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:55.241 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:55.341 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:55.451 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:55.555 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:55.656 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:55.751 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:44:55.844 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "kubectl apply -f /etc/rancher/k3s/manifests/cert-manager.yaml""
14:45:00.063 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: customresourcedefinition.apiextensions.k8s.io/certificaterequests.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/certificates.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/challenges.acme.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/clusterissuers.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/issuers.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/orders.acme.cert-manager.io created
namespace/cert-manager created
serviceaccount/cert-manager-cainjector created
serviceaccount/cert-manager created
serviceaccount/cert-manager-webhook created
clusterrole.rbac.authorization.k8s.io/cert-manager-cainjector created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-issuers created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-clusterissuers created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-certificates created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-orders created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-challenges created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-ingress-shim created
clusterrole.rbac.authorization.k8s.io/cert-manager-view created
clusterrole.rbac.authorization.k8s.io/cert-manager-edit created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-approve:cert-manager-io created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-certificatesigningrequests created
clusterrole.rbac.authorization.k8s.io/cert-manager-webhook:subjectaccessreviews created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-cainjector created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-issuers created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-clusterissuers created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-certificates created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-orders created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-challenges created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-ingress-shim created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-approve:cert-manager-io created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-certificatesigningrequests created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-webhook:subjectaccessreviews created
role.rbac.authorization.k8s.io/cert-manager-cainjector:leaderelection created
role.rbac.authorization.k8s.io/cert-manager:leaderelection created
role.rbac.authorization.k8s.io/cert-manager-webhook:dynamic-serving created
rolebinding.rbac.authorization.k8s.io/cert-manager-cainjector:leaderelection created
rolebinding.rbac.authorization.k8s.io/cert-manager:leaderelection created
rolebinding.rbac.authorization.k8s.io/cert-manager-webhook:dynamic-serving created
service/cert-manager created
service/cert-manager-webhook created
deployment.apps/cert-manager-cainjector created
deployment.apps/cert-manager created
deployment.apps/cert-manager-webhook created
mutatingwebhookconfiguration.admissionregistration.k8s.io/cert-manager-webhook created
validatingwebhookconfiguration.admissionregistration.k8s.io/cert-manager-webhook created
, [/bin/bash, -c, sudo /bin/bash -c "kubectl apply -f /etc/rancher/k3s/manifests/cert-manager.yaml"]
14:45:00.066 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo install -m 644 /dev/null /etc/rancher/k3s/manifests/le-issuer.yaml"
14:45:00.128 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo install -m 644 /dev/null /etc/rancher/k3s/manifests/le-issuer.yaml]
14:45:00.128 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:45:00.188 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "kubectl apply -f /etc/rancher/k3s/manifests/le-issuer.yaml""
14:45:02.889 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: FAILED -- Code: 1, Err: Error from server (InternalError): error when creating "/etc/rancher/k3s/manifests/le-issuer.yaml": Internal error occurred: failed calling webhook "webhook.cert-manager.io": failed to call webhook: Post "https://cert-manager-webhook.cert-manager.svc:443/mutate?timeout=10s": dial tcp 10.43.225.199:443: connect: connection refused
[/bin/bash, -c, sudo /bin/bash -c "kubectl apply -f /etc/rancher/k3s/manifests/le-issuer.yaml"]
14:45:12.914 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "kubectl apply -f /etc/rancher/k3s/manifests/le-issuer.yaml""
14:45:21.515 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: clusterissuer.cert-manager.io/staging created
, [/bin/bash, -c, sudo /bin/bash -c "kubectl apply -f /etc/rancher/k3s/manifests/le-issuer.yaml"]
14:45:21.519 [main] INFO o.d.p.f.c.processors.LocalProcessor - os.name: Linux
14:45:21.519 [main] INFO o.d.p.f.c.processors.LocalProcessor - user.home: /home/erik
14:45:21.519 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "xxxxxxxx"
14:45:21.530 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "xxxxxxxx"
14:45:21.542 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "wc -c < /home/erik/repo/c4k/c4k-jitsi/jitsi.yaml"
14:45:21.586 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: 5794
, [/bin/bash, -c, wc -c < /home/erik/repo/c4k/c4k-jitsi/jitsi.yaml]
14:45:21.587 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cat /home/erik/repo/c4k/c4k-jitsi/jitsi.yaml"
14:45:21.592 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
name: jitsi
annotations:
cert-manager.io/cluster-issuer: letsencrypt-staging-issuer
ingress.kubernetes.io/ssl-redirect: 'true'
kubernetes.io/ingress.class: ''
spec:
tls:
- hosts:
- fqdn
secretName: tls-jitsi
rules:
- host: jitsi.test.meissa-gmbh.de
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: web
port:
number: 80
---
apiVersion: v1
kind: Secret
metadata:
name: jitsi-config
type: Opaque
data:
JVB_AUTH_PASSWORD: SnZiQXV0aA==
JICOFO_AUTH_PASSWORD: Smljb2ZvQXV0aA==
JICOFO_COMPONENT_SECRET: Smljb2ZvQ29tcFNlYw==
---
apiVersion: v1
kind: Service
metadata:
labels:
service: jvb
name: jvb-udp
spec:
type: NodePort
externalTrafficPolicy: Cluster
ports:
- port: 30300
protocol: UDP
targetPort: 30300
nodePort: 30300
selector:
app: jitsi
---
apiVersion: v1
kind: Service
metadata:
labels:
service: web
name: web
spec:
ports:
- name: http
port: 80
targetPort: 80
- name: https
port: 443
targetPort: 443
selector:
app: jitsi
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: jitsi
name: jitsi
spec:
strategy:
type: Recreate
selector:
matchLabels:
app: jitsi
template:
metadata:
labels:
app: jitsi
spec:
containers:
- name: jicofo
image: jitsi/jicofo:stable-6826
imagePullPolicy: IfNotPresent
env:
- name: XMPP_SERVER
value: localhost
- name: XMPP_DOMAIN
value: meet.jitsi
- name: XMPP_AUTH_DOMAIN
value: auth.meet.jitsi
- name: XMPP_MUC_DOMAIN
value: muc.meet.jitsi
- name: XMPP_INTERNAL_MUC_DOMAIN
value: internal-muc.meet.jitsi
- name: JICOFO_COMPONENT_SECRET
valueFrom:
secretKeyRef:
name: jitsi-config
key: JICOFO_COMPONENT_SECRET
- name: JICOFO_AUTH_USER
value: focus
- name: JICOFO_AUTH_PASSWORD
valueFrom:
secretKeyRef:
name: jitsi-config
key: JICOFO_AUTH_PASSWORD
- name: TZ
value: Europe/Berlin
- name: JVB_BREWERY_MUC
value: jvbbrewery
- name: prosody
image: jitsi/prosody:stable-6826
imagePullPolicy: IfNotPresent
env:
- name: PUBLIC_URL
value: jitsi.test.meissa-gmbh.de
- name: XMPP_DOMAIN
value: meet.jitsi
- name: XMPP_AUTH_DOMAIN
value: auth.meet.jitsi
- name: XMPP_MUC_DOMAIN
value: muc.meet.jitsi
- name: XMPP_INTERNAL_MUC_DOMAIN
value: internal-muc.meet.jitsi
- name: JICOFO_COMPONENT_SECRET
valueFrom:
secretKeyRef:
name: jitsi-config
key: JICOFO_COMPONENT_SECRET
- name: JVB_AUTH_USER
value: jvb
- name: JVB_AUTH_PASSWORD
valueFrom:
secretKeyRef:
name: jitsi-config
key: JVB_AUTH_PASSWORD
- name: JICOFO_AUTH_USER
value: focus
- name: JICOFO_AUTH_PASSWORD
valueFrom:
secretKeyRef:
name: jitsi-config
key: JICOFO_AUTH_PASSWORD
- name: TZ
value: Europe/Berlin
- name: JVB_TCP_HARVESTER_DISABLED
value: 'true'
- name: web
image: domaindrivenarchitecture/c4k-jitsi
imagePullPolicy: IfNotPresent
env:
- name: PUBLIC_URL
value: jitsi.test.meissa-gmbh.de
- name: XMPP_SERVER
value: localhost
- name: JICOFO_AUTH_USER
value: focus
- name: XMPP_DOMAIN
value: meet.jitsi
- name: XMPP_AUTH_DOMAIN
value: auth.meet.jitsi
- name: XMPP_INTERNAL_MUC_DOMAIN
value: internal-muc.meet.jitsi
- name: XMPP_BOSH_URL_BASE
value: http://127.0.0.1:5280
- name: XMPP_MUC_DOMAIN
value: muc.meet.jitsi
- name: TZ
value: Europe/Berlin
- name: JVB_TCP_HARVESTER_DISABLED
value: 'true'
- name: DEFAULT_LANGUAGE
value: de
- name: RESOLUTION
value: '480'
- name: RESOLUTION_MIN
value: '240'
- name: RESOLUTION_WIDTH
value: '853'
- name: RESOLUTION_WIDTH_MIN
value: '427'
- name: DISABLE_AUDIO_LEVELS
value: 'true'
- name: jvb
image: jitsi/jvb:stable-6826
imagePullPolicy: IfNotPresent
env:
- name: XMPP_SERVER
value: localhost
- name: DOCKER_HOST_ADDRESS
value: localhost
- name: XMPP_DOMAIN
value: meet.jitsi
- name: XMPP_AUTH_DOMAIN
value: auth.meet.jitsi
- name: XMPP_INTERNAL_MUC_DOMAIN
value: internal-muc.meet.jitsi
- name: JVB_STUN_SERVERS
value: stun.1und1.de:3478,stun.t-online.de:3478,stun.hosteurope.de:3478
- name: JICOFO_AUTH_USER
value: focus
- name: JVB_TCP_HARVESTER_DISABLED
value: 'true'
- name: JVB_AUTH_USER
value: jvb
- name: JVB_PORT
value: '30300'
- name: JVB_AUTH_PASSWORD
valueFrom:
secretKeyRef:
name: jitsi-config
key: JVB_AUTH_PASSWORD
- name: JICOFO_AUTH_PASSWORD
valueFrom:
secretKeyRef:
name: jitsi-config
key: JICOFO_AUTH_PASSWORD
- name: JVB_BREWERY_MUC
value: jvbbrewery
- name: TZ
value: Europe/Berlin
, [/bin/bash, -c, cat /home/erik/repo/c4k/c4k-jitsi/jitsi.yaml]
14:45:21.593 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo install -m 644 /dev/null /etc/rancher/k3s/manifests/application.yaml"
14:45:21.655 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo install -m 644 /dev/null /etc/rancher/k3s/manifests/application.yaml]
14:45:21.656 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "xxxxxxxx"
14:45:21.739 [main] INFO o.d.p.f.c.processors.RemoteProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/bash -c "kubectl apply -f /etc/rancher/k3s/manifests/application.yaml""
14:45:23.388 [main] INFO o.d.p.f.c.processors.RemoteProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: ingress.networking.k8s.io/jitsi created
secret/jitsi-config created
service/jvb-udp created
service/web created
deployment.apps/jitsi created
, [/bin/bash, -c, sudo /bin/bash -c "kubectl apply -f /etc/rancher/k3s/manifests/application.yaml"]
14:45:23.389 [main] INFO o.d.p.f.c.processors.RemoteProcessor - Disconnecting ssh.

View file

@ -0,0 +1,146 @@
13:56:28.246 [main] INFO o.d.p.f.c.processors.LocalProcessor - os.name: Linux
13:56:28.249 [main] INFO o.d.p.f.c.processors.LocalProcessor - user.home: /home/erik
13:56:28.251 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "xxxxxxxx"
13:56:28.270 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "xxxxxxxx"
13:56:28.294 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd ~/ && test -d repo/c4k/c4k-jira/.git/"
13:56:28.323 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, cd ~/ && test -d repo/c4k/c4k-jira/.git/]
13:56:28.325 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd repo/c4k/c4k-jira && git pull"
13:56:29.917 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: Already up to date.
, [/bin/bash, -c, cd repo/c4k/c4k-jira && git pull]
13:56:29.917 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd ~/ && test -d repo/c4k/c4k-jitsi/.git/"
13:56:29.919 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, cd ~/ && test -d repo/c4k/c4k-jitsi/.git/]
13:56:29.919 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd repo/c4k/c4k-jitsi && git pull"
13:56:31.398 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: Already up to date.
, [/bin/bash, -c, cd repo/c4k/c4k-jitsi && git pull]
13:56:31.399 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd ~/ && test -d repo/c4k/c4k-keycloak/.git/"
13:56:31.402 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, cd ~/ && test -d repo/c4k/c4k-keycloak/.git/]
13:56:31.402 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd repo/c4k/c4k-keycloak && git pull"
13:56:32.832 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: Already up to date.
, [/bin/bash, -c, cd repo/c4k/c4k-keycloak && git pull]
13:56:32.833 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd ~/ && test -d repo/c4k/c4k-mastodon-bot/.git/"
13:56:32.835 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, cd ~/ && test -d repo/c4k/c4k-mastodon-bot/.git/]
13:56:32.836 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd repo/c4k/c4k-mastodon-bot && git pull"
13:56:34.241 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: Already up to date.
, [/bin/bash, -c, cd repo/c4k/c4k-mastodon-bot && git pull]
13:56:34.242 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd ~/ && test -d repo/c4k/c4k-nextcloud/.git/"
13:56:34.245 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, cd ~/ && test -d repo/c4k/c4k-nextcloud/.git/]
13:56:34.246 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd repo/c4k/c4k-nextcloud && git pull"
13:56:35.665 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: Already up to date.
, [/bin/bash, -c, cd repo/c4k/c4k-nextcloud && git pull]
13:56:35.666 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd ~/ && test -d repo/c4k/c4k-shynet/.git/"
13:56:35.670 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, cd ~/ && test -d repo/c4k/c4k-shynet/.git/]
13:56:35.671 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd repo/c4k/c4k-shynet && git pull"
13:56:37.120 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: Already up to date.
, [/bin/bash, -c, cd repo/c4k/c4k-shynet && git pull]
13:56:37.121 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd ~/ && test -d repo/c4k/c4k-common/.git/"
13:56:37.125 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, cd ~/ && test -d repo/c4k/c4k-common/.git/]
13:56:37.125 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd repo/c4k/c4k-common && git pull"
13:56:38.527 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: Already up to date.
, [/bin/bash, -c, cd repo/c4k/c4k-common && git pull]
13:56:38.529 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd repo/provisioning/provs && git pull"
13:56:39.985 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: Already up to date.
, [/bin/bash, -c, cd repo/provisioning/provs && git pull]
13:56:39.986 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd repo/provisioning/meissa-provs && git pull"
13:56:40.292 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: Already up to date.
, [/bin/bash, -c, cd repo/provisioning/meissa-provs && git pull]
13:56:40.293 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd repo/c4k/c4k-jira/ && lein uberjar"
13:56:51.053 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: Created /home/erik/repo/c4k/c4k-jira/target/uberjar/c4k-jira-1.1.2-SNAPSHOT.jar
Created /home/erik/repo/c4k/c4k-jira/target/uberjar/c4k-jira-standalone.jar
, Err: OpenJDK 64-Bit Server VM warning: Options -Xverify:none and -noverify were deprecated in JDK 13 and will likely be removed in a future release.
Compiling dda.c4k-jira.backup
Compiling dda.c4k-jira.core
Compiling dda.c4k-jira.jira
Compiling dda.c4k-jira.uberjar
[/bin/bash, -c, cd repo/c4k/c4k-jira/ && lein uberjar]
13:56:51.053 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/cp -rf repo/c4k/c4k-jira/target/uberjar/c4k-jira-standalone.jar /usr/local/bin/c4k-jira-standalone.jar"
13:56:51.121 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo /bin/cp -rf repo/c4k/c4k-jira/target/uberjar/c4k-jira-standalone.jar /usr/local/bin/c4k-jira-standalone.jar]
13:56:51.122 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "sudo chmod +x /usr/local/bin/c4k-jira-standalone.jar"
13:56:51.132 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo chmod +x /usr/local/bin/c4k-jira-standalone.jar]
13:56:51.133 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd repo/c4k/c4k-jitsi/ && lein uberjar"
13:57:01.082 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: Created /home/erik/repo/c4k/c4k-jitsi/target/uberjar/c4k-jitsi-1.0.0-SNAPSHOT.jar
Created /home/erik/repo/c4k/c4k-jitsi/target/uberjar/c4k-jitsi-standalone.jar
, Err: OpenJDK 64-Bit Server VM warning: Options -Xverify:none and -noverify were deprecated in JDK 13 and will likely be removed in a future release.
Compiling dda.c4k-jitsi.core
Compiling dda.c4k-jitsi.jitsi
Compiling dda.c4k-jitsi.uberjar
[/bin/bash, -c, cd repo/c4k/c4k-jitsi/ && lein uberjar]
13:57:01.082 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/cp -rf repo/c4k/c4k-jitsi/target/uberjar/c4k-jitsi-standalone.jar /usr/local/bin/c4k-jitsi-standalone.jar"
13:57:01.180 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo /bin/cp -rf repo/c4k/c4k-jitsi/target/uberjar/c4k-jitsi-standalone.jar /usr/local/bin/c4k-jitsi-standalone.jar]
13:57:01.181 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "sudo chmod +x /usr/local/bin/c4k-jitsi-standalone.jar"
13:57:01.195 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo chmod +x /usr/local/bin/c4k-jitsi-standalone.jar]
13:57:01.195 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd repo/c4k/c4k-keycloak/ && lein uberjar"
13:57:10.165 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: Created /home/erik/repo/c4k/c4k-keycloak/target/uberjar/c4k-keycloak-0.2.4-SNAPSHOT.jar
Created /home/erik/repo/c4k/c4k-keycloak/target/uberjar/c4k-keycloak-standalone.jar
, Err: OpenJDK 64-Bit Server VM warning: Options -Xverify:none and -noverify were deprecated in JDK 13 and will likely be removed in a future release.
Compiling dda.c4k-keycloak.core
Compiling dda.c4k-keycloak.keycloak
Compiling dda.c4k-keycloak.postgres
Compiling dda.c4k-keycloak.uberjar
Compiling dda.c4k-keycloak.yaml
[/bin/bash, -c, cd repo/c4k/c4k-keycloak/ && lein uberjar]
13:57:10.165 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/cp -rf repo/c4k/c4k-keycloak/target/uberjar/c4k-keycloak-standalone.jar /usr/local/bin/c4k-keycloak-standalone.jar"
13:57:10.187 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo /bin/cp -rf repo/c4k/c4k-keycloak/target/uberjar/c4k-keycloak-standalone.jar /usr/local/bin/c4k-keycloak-standalone.jar]
13:57:10.187 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "sudo chmod +x /usr/local/bin/c4k-keycloak-standalone.jar"
13:57:10.193 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo chmod +x /usr/local/bin/c4k-keycloak-standalone.jar]
13:57:10.194 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd repo/c4k/c4k-mastodon-bot/ && lein uberjar"
13:57:17.810 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: Created /home/erik/repo/c4k/c4k-mastodon-bot/target/uberjar/c4k-mastodon-bot-0.1.11-SNAPSHOT.jar
Created /home/erik/repo/c4k/c4k-mastodon-bot/target/uberjar/c4k-mastodon-bot-standalone.jar
, Err: OpenJDK 64-Bit Server VM warning: Options -Xverify:none and -noverify were deprecated in JDK 13 and will likely be removed in a future release.
Compiling dda.c4k-mastodon-bot.core
Compiling dda.c4k-mastodon-bot.uberjar
Compiling dda.c4k-mastodon-bot.yaml
[/bin/bash, -c, cd repo/c4k/c4k-mastodon-bot/ && lein uberjar]
13:57:17.811 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/cp -rf repo/c4k/c4k-mastodon-bot/target/uberjar/c4k-mastodon-bot-standalone.jar /usr/local/bin/c4k-mastodon-bot-standalone.jar"
13:57:17.857 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo /bin/cp -rf repo/c4k/c4k-mastodon-bot/target/uberjar/c4k-mastodon-bot-standalone.jar /usr/local/bin/c4k-mastodon-bot-standalone.jar]
13:57:17.858 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "sudo chmod +x /usr/local/bin/c4k-mastodon-bot-standalone.jar"
13:57:17.866 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo chmod +x /usr/local/bin/c4k-mastodon-bot-standalone.jar]
13:57:17.867 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd repo/c4k/c4k-nextcloud/ && lein uberjar"
13:57:25.766 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: Created /home/erik/repo/c4k/c4k-nextcloud/target/uberjar/c4k-nextcloud-4.0.1-SNAPSHOT.jar
Created /home/erik/repo/c4k/c4k-nextcloud/target/uberjar/c4k-nextcloud-standalone.jar
, Err: OpenJDK 64-Bit Server VM warning: Options -Xverify:none and -noverify were deprecated in JDK 13 and will likely be removed in a future release.
Compiling dda.c4k-nextcloud.backup
Compiling dda.c4k-nextcloud.core
Compiling dda.c4k-nextcloud.nextcloud
Compiling dda.c4k-nextcloud.uberjar
[/bin/bash, -c, cd repo/c4k/c4k-nextcloud/ && lein uberjar]
13:57:25.766 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/cp -rf repo/c4k/c4k-nextcloud/target/uberjar/c4k-nextcloud-standalone.jar /usr/local/bin/c4k-nextcloud-standalone.jar"
13:57:25.803 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo /bin/cp -rf repo/c4k/c4k-nextcloud/target/uberjar/c4k-nextcloud-standalone.jar /usr/local/bin/c4k-nextcloud-standalone.jar]
13:57:25.803 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "sudo chmod +x /usr/local/bin/c4k-nextcloud-standalone.jar"
13:57:25.812 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo chmod +x /usr/local/bin/c4k-nextcloud-standalone.jar]
13:57:25.813 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd repo/c4k/c4k-shynet/ && lein uberjar"
13:57:37.422 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: Created /home/erik/repo/c4k/c4k-shynet/target/uberjar/c4k-shynet-1.0.7-SNAPSHOT.jar
Created /home/erik/repo/c4k/c4k-shynet/target/uberjar/c4k-shynet-standalone.jar
, Err: OpenJDK 64-Bit Server VM warning: Options -Xverify:none and -noverify were deprecated in JDK 13 and will likely be removed in a future release.
Compiling dda.c4k-shynet.core
Compiling dda.c4k-shynet.shynet
Compiling dda.c4k-shynet.uberjar
[/bin/bash, -c, cd repo/c4k/c4k-shynet/ && lein uberjar]
13:57:37.423 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "sudo /bin/cp -rf repo/c4k/c4k-shynet/target/uberjar/c4k-shynet-standalone.jar /usr/local/bin/c4k-shynet-standalone.jar"
13:57:37.620 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo /bin/cp -rf repo/c4k/c4k-shynet/target/uberjar/c4k-shynet-standalone.jar /usr/local/bin/c4k-shynet-standalone.jar]
13:57:37.621 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "sudo chmod +x /usr/local/bin/c4k-shynet-standalone.jar"
13:57:37.653 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, [/bin/bash, -c, sudo chmod +x /usr/local/bin/c4k-shynet-standalone.jar]
13:57:37.665 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd repo/provisioning/provs && ./gradlew installl"
13:57:50.319 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: Starting a Gradle Daemon (subsequent builds will be faster)
> Task :compileKotlin UP-TO-DATE
> Task :compileJava NO-SOURCE
> Task :processResources UP-TO-DATE
> Task :classes UP-TO-DATE
> Task :uberjarDesktop UP-TO-DATE
> Task :uberjarServer UP-TO-DATE
> Task :uberjarSyspec UP-TO-DATE
> Task :installlocally
BUILD SUCCESSFUL in 12s
6 actionable tasks: 1 executed, 5 up-to-date
, [/bin/bash, -c, cd repo/provisioning/provs && ./gradlew installl]
13:57:50.319 [main] INFO o.d.p.f.c.processors.LocalProcessor - ******************** Prov: "/bin/bash" "-c" "cd repo/provisioning/meissa-provs && ./gradlew installl"
13:57:51.960 [main] INFO o.d.p.f.c.processors.LocalProcessor - --->>> ProcessResult: Succeeded -- Code: 0, Out: > Task :compileKotlin UP-TO-DATE
> Task :compileJava NO-SOURCE
> Task :processResources UP-TO-DATE
> Task :classes UP-TO-DATE
> Task :uberjar UP-TO-DATE
> Task :installlocally
BUILD SUCCESSFUL in 1s
4 actionable tasks: 1 executed, 3 up-to-date
, [/bin/bash, -c, cd repo/provisioning/meissa-provs && ./gradlew installl]

View file

@ -2,7 +2,7 @@
"name": "c4k-jitsi", "name": "c4k-jitsi",
"description": "Generate c4k yaml for a jitsi deployment.", "description": "Generate c4k yaml for a jitsi deployment.",
"author": "meissa GmbH", "author": "meissa GmbH",
"version": "2.2.1-SNAPSHOT", "version": "1.3.5",
"homepage": "https://gitlab.com/domaindrivenarchitecture/c4k-jitsi#readme", "homepage": "https://gitlab.com/domaindrivenarchitecture/c4k-jitsi#readme",
"repository": "https://www.npmjs.com/package/c4k-jitsi", "repository": "https://www.npmjs.com/package/c4k-jitsi",
"license": "APACHE2", "license": "APACHE2",

View file

@ -1,17 +1,16 @@
(defproject org.domaindrivenarchitecture/c4k-jitsi "2.2.1-SNAPSHOT" (defproject org.domaindrivenarchitecture/c4k-jitsi "1.3.5"
:description "jitsi c4k-installation package" :description "jitsi c4k-installation package"
:url "https://domaindrivenarchitecture.org" :url "https://domaindrivenarchitecture.org"
:license {:name "Apache License, Version 2.0" :license {:name "Apache License, Version 2.0"
:url "https://www.apache.org/licenses/LICENSE-2.0.html"} :url "https://www.apache.org/licenses/LICENSE-2.0.html"}
:dependencies [[org.clojure/clojure "1.12.0"] :dependencies [[org.clojure/clojure "1.11.1"]
[org.clojure/tools.reader "1.5.0"] [org.clojure/tools.reader "1.3.6"]
[org.domaindrivenarchitecture/c4k-common-clj "8.0.0"] [org.domaindrivenarchitecture/c4k-common-clj "6.0.2"]
[hickory "0.7.1" :exclusions [viebel/codox-klipse-theme]]] [hickory "0.7.1" :exclusions [viebel/codox-klipse-theme]]]
:target-path "target/%s/" :target-path "target/%s/"
:source-paths ["src/main/cljc" :source-paths ["src/main/cljc"
"src/main/clj"] "src/main/clj"]
:resource-paths ["src/main/resources" :resource-paths ["src/main/resources"]
"project.clj"]
:repositories [["snapshots" :clojars] :repositories [["snapshots" :clojars]
["releases" :clojars]] ["releases" :clojars]]
:deploy-repositories [["snapshots" {:sign-releases false :url "https://clojars.org/repo"}] :deploy-repositories [["snapshots" {:sign-releases false :url "https://clojars.org/repo"}]
@ -23,14 +22,25 @@
:uberjar {:aot :all :uberjar {:aot :all
:main dda.c4k-jitsi.uberjar :main dda.c4k-jitsi.uberjar
:uberjar-name "c4k-jitsi-standalone.jar" :uberjar-name "c4k-jitsi-standalone.jar"
:dependencies [[org.clojure/tools.cli "1.1.230"] :dependencies [[org.clojure/tools.cli "1.0.219"]
[ch.qos.logback/logback-classic "1.5.12" [ch.qos.logback/logback-classic "1.4.8"
:exclusions [com.sun.mail/javax.mail]] :exclusions [com.sun.mail/javax.mail]]
[org.slf4j/jcl-over-slf4j "2.0.16"] [org.slf4j/jcl-over-slf4j "2.0.7"]]}}
[com.github.clj-easy/graal-build-time "1.0.5"]]}}
:release-tasks [["test"] :release-tasks [["test"]
["vcs" "assert-committed"] ["vcs" "assert-committed"]
["change" "version" "leiningen.release/bump-version" "release"] ["change" "version" "leiningen.release/bump-version" "release"]
["vcs" "commit"] ["vcs" "commit"]
["vcs" "tag" "v" "--no-sign"] ["vcs" "tag" "v" "--no-sign"]
["change" "version" "leiningen.release/bump-version"]]) ["change" "version" "leiningen.release/bump-version"]]
:aliases {"native" ["shell"
"native-image"
"--report-unsupported-elements-at-runtime"
"--initialize-at-build-time"
"-jar" "target/uberjar/c4k-jitsi-standalone.jar"
"-H:ResourceConfigurationFiles=graalvm-resource-config.json"
"-H:Log=registerResource"
"-H:Name=target/graalvm/${:name}"]
"inst" ["shell"
"sh"
"-c"
"lein uberjar && sudo install -m=755 target/uberjar/c4k-jitsi-standalone.jar /usr/local/bin/c4k-jitsi-standalone.jar"]})

View file

@ -4,7 +4,7 @@
"src/test/cljc" "src/test/cljc"
"src/test/cljs" "src/test/cljs"
"src/test/resources"] "src/test/resources"]
:dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "8.0.0"] :dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "6.0.2"]
[hickory "0.7.1"]] [hickory "0.7.1"]]
:builds {:frontend {:target :browser :builds {:frontend {:target :browser
:modules {:main {:init-fn dda.c4k-jitsi.browser/init}} :modules {:main {:init-fn dda.c4k-jitsi.browser/init}}

View file

@ -5,11 +5,10 @@
[dda.c4k-jitsi.core :as core])) [dda.c4k-jitsi.core :as core]))
(defn -main [& cmd-args] (defn -main [& cmd-args]
(uberjar/main-cm (uberjar/main-common
"c4k-jitsi" "c4k-jitsi"
core/config? core/config?
core/auth? core/auth?
core/config-defaults core/config-defaults
core/config-objects core/k8s-objects
core/auth-objects
cmd-args)) cmd-args))

View file

@ -7,10 +7,9 @@
[dda.c4k-common.predicate :as cp] [dda.c4k-common.predicate :as cp]
[dda.c4k-common.monitoring :as mon] [dda.c4k-common.monitoring :as mon]
[dda.c4k-common.yaml :as yaml] [dda.c4k-common.yaml :as yaml]
[dda.c4k-jitsi.jitsi :as jitsi] [dda.c4k-jitsi.jitsi :as jitsi]))
[dda.c4k-common.namespace :as ns]))
(def config-defaults {:issuer "staging", :namespace "jitsi"}) (def config-defaults {:issuer "staging"})
(s/def ::mon-cfg ::mon/mon-cfg) (s/def ::mon-cfg ::mon/mon-cfg)
(s/def ::mon-auth ::mon/mon-auth) (s/def ::mon-auth ::mon/mon-auth)
@ -24,36 +23,19 @@
::jitsi/jicofo-component-secret] ::jitsi/jicofo-component-secret]
:opt-un [::mon-auth])) :opt-un [::mon-auth]))
(defn-spec config-objects cp/map-or-seq? (defn-spec k8s-objects cp/map-or-seq?
[config config?]
(map yaml/to-string
(filter
#(not (nil? %))
(cm/concat-vec
(ns/generate config)
[(jitsi/generate-jvb-service config)
(jitsi/generate-web-service config)
(jitsi/generate-etherpad-service config)
(jitsi/generate-excalidraw-backend-service config)
(jitsi/generate-modelector-service config)
(jitsi/generate-deployment config)
(jitsi/generate-excalidraw-deployment config)
(jitsi/generate-modelector-deployment config)]
(jitsi/generate-ingress-web config)
(jitsi/generate-ingress-etherpad config)
(jitsi/generate-ingress-excalidraw-backend config)
(jitsi/generate-ingress-modelector config)
(when (:contains? config :mon-cfg)
(mon/generate-config))))))
(defn-spec auth-objects cp/map-or-seq?
[config config? [config config?
auth auth?] auth auth?]
(map yaml/to-string (map yaml/to-string
(filter (filter
#(not (nil? %)) #(not (nil? %))
(cm/concat-vec (cm/concat-vec
[(jitsi/generate-secret-jitsi config auth)] [(jitsi/generate-secret-jitsi auth)
(jitsi/generate-jvb-service)
(jitsi/generate-web-service)
(jitsi/generate-etherpad-service)
(jitsi/generate-deployment config)]
(jitsi/generate-ingress-web config)
(jitsi/generate-ingress-etherpad config)
(when (:contains? config :mon-cfg) (when (:contains? config :mon-cfg)
(mon/generate-auth (:mon-cfg config) (:mon-auth auth))))))) (mon/generate (:mon-cfg config) (:mon-auth auth)))))))

View file

@ -1,32 +1,37 @@
(ns dda.c4k-jitsi.jitsi (ns dda.c4k-jitsi.jitsi
(:require (:require
[clojure.spec.alpha :as s] [clojure.spec.alpha :as s]
#?(:cljs [shadow.resource :as rc])
#?(:clj [orchestra.core :refer [defn-spec]] #?(:clj [orchestra.core :refer [defn-spec]]
:cljs [orchestra.core :refer-macros [defn-spec]]) :cljs [orchestra.core :refer-macros [defn-spec]])
[dda.c4k-common.yaml :as yaml] [dda.c4k-common.yaml :as yaml]
[dda.c4k-common.common :as cm] [dda.c4k-common.common :as cm]
[dda.c4k-common.ingress :as ing] [dda.c4k-common.ingress :as ing]
[dda.c4k-common.base64 :as b64] [dda.c4k-common.base64 :as b64]
[dda.c4k-common.predicate :as cp] [dda.c4k-common.predicate :as cp]))
#?(:cljs [dda.c4k-common.macros :refer-macros [inline-resources]])))
(s/def ::fqdn cp/fqdn-string?) (s/def ::fqdn cp/fqdn-string?)
(s/def ::issuer cp/letsencrypt-issuer?) (s/def ::issuer cp/letsencrypt-issuer?)
(s/def ::namespace string?)
(s/def ::jvb-auth-password cp/bash-env-string?) (s/def ::jvb-auth-password cp/bash-env-string?)
(s/def ::jicofo-auth-password cp/bash-env-string?) (s/def ::jicofo-auth-password cp/bash-env-string?)
(s/def ::jicofo-component-secret cp/bash-env-string?) (s/def ::jicofo-component-secret cp/bash-env-string?)
(def config? (s/keys :req-un [::fqdn] (def config? (s/keys :req-un [::fqdn]
:opt-un [::issuer :opt-un [::issuer]))
::namespace]))
(def auth? (s/keys :req-un [::jvb-auth-password (def auth? (s/keys :req-un [::jvb-auth-password
::jicofo-auth-password ::jicofo-auth-password
::jicofo-component-secret])) ::jicofo-component-secret]))
#?(:cljs #?(:cljs
(defmethod yaml/load-resource :jitsi [resource-name] (defmethod yaml/load-resource :jitsi [resource-name]
(get (inline-resources "jitsi") resource-name))) (case resource-name
"jitsi/deployment.yaml" (rc/inline "jitsi/deployment.yaml")
"jitsi/etherpad-service.yaml" (rc/inline "jitsi/etherpad-service.yaml")
"jitsi/jvb-service.yaml" (rc/inline "jitsi/jvb-service.yaml")
"jitsi/secret.yaml" (rc/inline "jitsi/secret.yaml")
"jitsi/web-service.yaml" (rc/inline "jitsi/web-service.yaml")
(throw (js/Error. "Undefined Resource!")))))
(defn-spec generate-ingress-web cp/map-or-seq? (defn-spec generate-ingress-web cp/map-or-seq?
[config config?] [config config?]
@ -46,94 +51,29 @@
:fqdns [(str "etherpad." (:fqdn config))]} :fqdns [(str "etherpad." (:fqdn config))]}
config))) config)))
(defn-spec generate-ingress-excalidraw-backend cp/map-or-seq?
[config config?]
(ing/generate-ingress-and-cert
(merge
{:service-name "excalidraw-backend"
:service-port 3002
:fqdns [(str "excalidraw-backend." (:fqdn config))]}
config)))
(defn-spec generate-ingress-modelector cp/map-or-seq?
[config config?]
(ing/generate-ingress-and-cert
(merge
{:service-name "modelector"
:service-port 80
:fqdns [(str "modelector." (:fqdn config))]}
config)))
(defn-spec generate-secret-jitsi cp/map-or-seq? (defn-spec generate-secret-jitsi cp/map-or-seq?
[config config? [auth auth?]
auth auth?] (let [{:keys [jvb-auth-password jicofo-auth-password jicofo-component-secret]} auth]
(let [{:keys [namespace]} config
{:keys [jvb-auth-password jicofo-auth-password jicofo-component-secret]} auth]
(-> (->
(yaml/from-string (yaml/load-resource "jitsi/secret.yaml")) (yaml/from-string (yaml/load-resource "jitsi/secret.yaml"))
(cm/replace-all-matching "NAMESPACE" namespace)
(cm/replace-key-value :JVB_AUTH_PASSWORD (b64/encode jvb-auth-password)) (cm/replace-key-value :JVB_AUTH_PASSWORD (b64/encode jvb-auth-password))
(cm/replace-key-value :JICOFO_AUTH_PASSWORD (b64/encode jicofo-auth-password)) (cm/replace-key-value :JICOFO_AUTH_PASSWORD (b64/encode jicofo-auth-password))
(cm/replace-key-value :JICOFO_COMPONENT_SECRET (b64/encode jicofo-component-secret))))) (cm/replace-key-value :JICOFO_COMPONENT_SECRET (b64/encode jicofo-component-secret)))))
(defn-spec generate-jvb-service cp/map-or-seq? (defn-spec generate-jvb-service cp/map-or-seq? []
[config config?] (yaml/from-string (yaml/load-resource "jitsi/jvb-service.yaml")))
(let [{:keys [namespace]} config]
(->
(yaml/from-string (yaml/load-resource "jitsi/jvb-service.yaml"))
(cm/replace-all-matching "NAMESPACE" namespace))))
(defn-spec generate-web-service cp/map-or-seq? (defn-spec generate-web-service cp/map-or-seq? []
[config config?] (yaml/load-as-edn "jitsi/web-service.yaml"))
(let [{:keys [namespace]} config]
(->
(yaml/load-as-edn "jitsi/web-service.yaml")
(cm/replace-all-matching "NAMESPACE" namespace))))
(defn-spec generate-etherpad-service cp/map-or-seq? (defn-spec generate-etherpad-service cp/map-or-seq? []
[config config?] (yaml/load-as-edn "jitsi/etherpad-service.yaml"))
(let [{:keys [namespace]} config]
(->
(yaml/load-as-edn "jitsi/etherpad-service.yaml")
(cm/replace-all-matching "NAMESPACE" namespace))))
(defn-spec generate-excalidraw-backend-service cp/map-or-seq?
[config config?]
(let [{:keys [namespace]} config]
(->
(yaml/load-as-edn "jitsi/excalidraw-backend-service.yaml")
(cm/replace-all-matching "NAMESPACE" namespace))))
(defn-spec generate-modelector-service cp/map-or-seq?
[config config?]
(let [{:keys [namespace]} config]
(->
(yaml/load-as-edn "jitsi/modelector-service.yaml")
(cm/replace-all-matching "NAMESPACE" namespace))))
(defn-spec generate-deployment cp/map-or-seq? (defn-spec generate-deployment cp/map-or-seq?
[config config?] [config config?]
(let [{:keys [fqdn namespace]} config] (let [{:keys [fqdn]} config]
(-> (->
(yaml/load-as-edn "jitsi/deployment.yaml") (yaml/load-as-edn "jitsi/deployment.yaml")
(cm/replace-all-matching "REPLACE_JITSI_FQDN" fqdn) (cm/replace-all-matching-values-by-new-value "REPLACE_JITSI_FQDN" fqdn)
(cm/replace-all-matching "NAMESPACE" namespace) (cm/replace-all-matching-values-by-new-value "REPLACE_ETHERPAD_URL"
(cm/replace-all-matching "REPLACE_ETHERPAD_URL" (str "https://etherpad." fqdn "/p/")))))
(str "https://etherpad." fqdn "/p/"))
(cm/replace-all-matching "REPLACE_EXCALIDRAW_BACKEND_URL"
(str "https://excalidraw-backend." fqdn)))))
(defn-spec generate-excalidraw-deployment cp/map-or-seq?
[config config?]
(let [{:keys [fqdn namespace]} config]
(->
(yaml/load-as-edn "jitsi/excalidraw-deployment.yaml")
(cm/replace-all-matching "NAMESPACE" namespace))))
(defn-spec generate-modelector-deployment cp/map-or-seq?
[config config?]
(let [{:keys [fqdn namespace]} config]
(->
(yaml/load-as-edn "jitsi/modelector-deployment.yaml")
(cm/replace-all-matching "NAMESPACE" namespace))))

View file

@ -43,7 +43,7 @@
(defn config-from-document [] (defn config-from-document []
(let [issuer (br/get-content-from-element "issuer" :optional true) (let [issuer (br/get-content-from-element "issuer" :optional true)
mon-cluster-name (br/get-content-from-element "mon-cluster-name" :optional true) mon-cluster-name (br/get-content-from-element "mon-cluster-name" :optional true)
mon-cluster-stage (br/get-content-from-element "mon-cluster-stage" :optional true) mon-cluster-stage (br/get-content-from-element "mon-cluster-stage" :optional true :deserializer keyword)
mon-cloud-url (br/get-content-from-element "mon-cloud-url" :optional true)] mon-cloud-url (br/get-content-from-element "mon-cloud-url" :optional true)]
(merge (merge
{:fqdn (br/get-content-from-element "fqdn")} {:fqdn (br/get-content-from-element "fqdn")}
@ -59,10 +59,10 @@
(br/validate! "fqdn" ::jitsi/fqdn) (br/validate! "fqdn" ::jitsi/fqdn)
(br/validate! "issuer" ::jitsi/issuer :optional true) (br/validate! "issuer" ::jitsi/issuer :optional true)
(br/validate! "mon-cluster-name" ::mon/cluster-name :optional true) (br/validate! "mon-cluster-name" ::mon/cluster-name :optional true)
(br/validate! "mon-cluster-stage" ::mon/cluster-stage :optional true) (br/validate! "mon-cluster-stage" ::mon/cluster-stage :optional true :deserializer keyword)
(br/validate! "mon-cloud-url" ::mon/grafana-cloud-url :optional true) (br/validate! "mon-cloud-url" ::mon/grafana-cloud-url :optional true)
(br/validate! "auth" core/auth? :deserializer edn/read-string) (br/validate! "auth" core/auth? :deserializer edn/read-string)
(br/set-form-validated!)) (br/set-validated!))
(defn add-validate-listener [name] (defn add-validate-listener [name]
(-> (br/get-element-by-id name) (-> (br/get-element-by-id name)

View file

@ -4,7 +4,6 @@ metadata:
labels: labels:
app: jitsi app: jitsi
name: jitsi name: jitsi
namespace: NAMESPACE
spec: spec:
strategy: strategy:
type: Recreate type: Recreate
@ -18,11 +17,19 @@ spec:
spec: spec:
containers: containers:
- name: jicofo - name: jicofo
image: jitsi/jicofo:stable-9646 image: jitsi/jicofo:stable-8615
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
env: env:
- name: XMPP_SERVER - name: XMPP_SERVER
value: localhost value: localhost
- name: XMPP_DOMAIN
value: meet.meissa-gmbh
- name: XMPP_AUTH_DOMAIN
value: auth.meet.meissa-gmbh
- name: XMPP_MUC_DOMAIN
value: muc.meet.meissa-gmbh
- name: XMPP_INTERNAL_MUC_DOMAIN
value: internal-muc.meet.meissa-gmbh
- name: JICOFO_COMPONENT_SECRET - name: JICOFO_COMPONENT_SECRET
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
@ -37,14 +44,22 @@ spec:
key: JICOFO_AUTH_PASSWORD key: JICOFO_AUTH_PASSWORD
- name: TZ - name: TZ
value: Europe/Berlin value: Europe/Berlin
- name: JVB_BREWERY_MUC
value: jvbbrewery
- name: prosody - name: prosody
image: jitsi/prosody:stable-9646 image: jitsi/prosody:stable-7287
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
env: env:
- name: PUBLIC_URL - name: PUBLIC_URL
value: REPLACE_JITSI_FQDN value: REPLACE_JITSI_FQDN
- name: XMPP_SERVER - name: XMPP_DOMAIN
value: localhost value: meet.meissa-gmbh
- name: XMPP_AUTH_DOMAIN
value: auth.meet.meissa-gmbh
- name: XMPP_MUC_DOMAIN
value: muc.meet.meissa-gmbh
- name: XMPP_INTERNAL_MUC_DOMAIN
value: internal-muc.meet.meissa-gmbh
- name: JICOFO_COMPONENT_SECRET - name: JICOFO_COMPONENT_SECRET
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
@ -69,17 +84,25 @@ spec:
- name: JVB_TCP_HARVESTER_DISABLED - name: JVB_TCP_HARVESTER_DISABLED
value: "true" value: "true"
- name: web - name: web
image: domaindrivenarchitecture/c4k-jitsi-web image: domaindrivenarchitecture/c4k-jitsi
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
env: env:
- name: PUBLIC_URL - name: PUBLIC_URL
value: REPLACE_JITSI_FQDN value: REPLACE_JITSI_FQDN
- name: XMPP_SERVER - name: XMPP_SERVER
value: localhost value: localhost
- name: XMPP_BOSH_URL_BASE
value: http://127.0.0.1:5280
- name: JICOFO_AUTH_USER - name: JICOFO_AUTH_USER
value: focus value: focus
- name: XMPP_DOMAIN
value: meet.meissa-gmbh
- name: XMPP_AUTH_DOMAIN
value: auth.meet.meissa-gmbh
- name: XMPP_INTERNAL_MUC_DOMAIN
value: internal-muc.meet.meissa-gmbh
- name: XMPP_BOSH_URL_BASE
value: http://127.0.0.1:5280
- name: XMPP_MUC_DOMAIN
value: muc.meet.meissa-gmbh
- name: TZ - name: TZ
value: Europe/Berlin value: Europe/Berlin
- name: JVB_TCP_HARVESTER_DISABLED - name: JVB_TCP_HARVESTER_DISABLED
@ -98,14 +121,8 @@ spec:
value: "true" value: "true"
- name: ETHERPAD_PUBLIC_URL - name: ETHERPAD_PUBLIC_URL
value: REPLACE_ETHERPAD_URL value: REPLACE_ETHERPAD_URL
- name: WHITEBOARD_ENABLED
value: "true"
- name: WHITEBOARD_COLLAB_SERVER_PUBLIC_URL
value: REPLACE_EXCALIDRAW_BACKEND_URL
- name: COLIBRI_WEBSOCKET_REGEX
value: "127.0.0.1"
- name: jvb - name: jvb
image: jitsi/jvb:stable-9646 image: jitsi/jvb:stable-8719
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
env: env:
- name: PUBLIC_URL - name: PUBLIC_URL
@ -114,6 +131,12 @@ spec:
value: localhost value: localhost
- name: DOCKER_HOST_ADDRESS - name: DOCKER_HOST_ADDRESS
value: REPLACE_JITSI_FQDN value: REPLACE_JITSI_FQDN
- name: XMPP_DOMAIN
value: meet.meissa-gmbh
- name: XMPP_AUTH_DOMAIN
value: auth.meet.meissa-gmbh
- name: XMPP_INTERNAL_MUC_DOMAIN
value: internal-muc.meet.meissa-gmbh
- name: JICOFO_AUTH_USER - name: JICOFO_AUTH_USER
value: focus value: focus
- name: JVB_TCP_HARVESTER_DISABLED - name: JVB_TCP_HARVESTER_DISABLED
@ -132,13 +155,19 @@ spec:
secretKeyRef: secretKeyRef:
name: jitsi-config name: jitsi-config
key: JICOFO_AUTH_PASSWORD key: JICOFO_AUTH_PASSWORD
- name: JVB_BREWERY_MUC
value: jvbbrewery
- name: TZ - name: TZ
value: Europe/Berlin value: Europe/Berlin
- name: etherpad - name: etherpad
image: etherpad/etherpad:2 image: etherpad/etherpad:1.9.1
env: env:
- name: XMPP_SERVER - name: XMPP_SERVER
value: localhost value: localhost
- name: XMPP_DOMAIN
value: meet.meissa-gmbh
- name: XMPP_AUTH_DOMAIN
value: auth.meet.meissa-gmbh
- name: JICOFO_COMPONENT_SECRET - name: JICOFO_COMPONENT_SECRET
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
@ -146,6 +175,10 @@ spec:
key: JICOFO_COMPONENT_SECRET key: JICOFO_COMPONENT_SECRET
- name: JICOFO_AUTH_USER - name: JICOFO_AUTH_USER
value: focus value: focus
- name: JVB_BREWERY_MUC
value: jvbbrewery
- name: XMPP_INTERNAL_MUC_DOMAIN
value: internal-muc.meet.meissa-gmbh
- name: JICOFO_AUTH_PASSWORD - name: JICOFO_AUTH_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:

View file

@ -4,7 +4,6 @@ metadata:
labels: labels:
service: etherpad service: etherpad
name: etherpad name: etherpad
namespace: NAMESPACE
spec: spec:
ports: ports:
- name: etherpad - name: etherpad

View file

@ -1,14 +0,0 @@
apiVersion: v1
kind: Service
metadata:
labels:
service: excalidraw-backend
name: excalidraw-backend
namespace: NAMESPACE
spec:
ports:
- name: excalidraw-backend
port: 3002
targetPort: 80
selector:
app: excalidraw-backend

View file

@ -1,21 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: excalidraw-backend
name: excalidraw-backend
namespace: NAMESPACE
spec:
strategy:
type: Recreate
selector:
matchLabels:
app: excalidraw-backend
template:
metadata:
labels:
app: excalidraw-backend
spec:
containers:
- name: excalidraw-backend
image: domaindrivenarchitecture/c4k-jitsi-excalidraw-backend

View file

@ -7,7 +7,6 @@ metadata:
metallb.universe.tf/allow-shared-ip: "shared-ip-service-group" metallb.universe.tf/allow-shared-ip: "shared-ip-service-group"
metallb.universe.tf/address-pool: public metallb.universe.tf/address-pool: public
name: jvb-udp name: jvb-udp
namespace: NAMESPACE
spec: spec:
type: LoadBalancer type: LoadBalancer
ports: ports:

View file

@ -1,26 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: modelector
name: modelector
namespace: NAMESPACE
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: modelector
template:
metadata:
labels:
app: modelector
spec:
containers:
- name: modelector
image: domaindrivenarchitecture/moderator-election-vaadin_fullstack
imagePullPolicy: IfNotPresent
env:
- name: MEMBERNAMES
value: "Micha,Ansgar,Erik,Mirco"

View file

@ -1,14 +0,0 @@
apiVersion: v1
kind: Service
metadata:
labels:
service: modelector
name: modelector
namespace: NAMESPACE
spec:
ports:
- name: "http"
port: 80
targetPort: 8080
selector:
app: modelector

View file

@ -2,7 +2,6 @@ apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: jitsi-config name: jitsi-config
namespace: NAMESPACE
type: Opaque type: Opaque
data: data:
JVB_AUTH_PASSWORD: "jvb-auth" JVB_AUTH_PASSWORD: "jvb-auth"

View file

@ -4,7 +4,6 @@ metadata:
labels: labels:
service: web service: web
name: web name: web
namespace: NAMESPACE
spec: spec:
ports: ports:
- name: "http" - name: "http"

View file

@ -5,18 +5,12 @@
[clojure.spec.test.alpha :as st] [clojure.spec.test.alpha :as st]
[dda.c4k-jitsi.jitsi :as cut])) [dda.c4k-jitsi.jitsi :as cut]))
(st/instrument `cut/generate-deployment) (st/instrument)
(st/instrument `cut/generate-secret-jitsi)
(st/instrument `cut/generate-ingress-web)
(st/instrument `cut/generate-jvb-service)
(deftest should-generate-deployment (deftest should-generate-deployment
(is (= {:apiVersion "apps/v1", (is (= {:apiVersion "apps/v1",
:kind "Deployment", :kind "Deployment",
:metadata :metadata {:labels {:app "jitsi"}, :name "jitsi"},
{:labels {:app "jitsi"},
:name "jitsi"
:namespace "jitsi"},
:spec :spec
{:strategy {:type "Recreate"}, {:strategy {:type "Recreate"},
:selector {:matchLabels {:app "jitsi"}}, :selector {:matchLabels {:app "jitsi"}},
@ -25,21 +19,29 @@
:spec :spec
{:containers {:containers
[{:name "jicofo", [{:name "jicofo",
:image "jitsi/jicofo:stable-9646", :image "jitsi/jicofo:stable-8615",
:imagePullPolicy "IfNotPresent", :imagePullPolicy "IfNotPresent",
:env :env
[{:name "XMPP_SERVER", :value "localhost"} [{:name "XMPP_SERVER", :value "localhost"}
{:name "XMPP_DOMAIN", :value "meet.meissa-gmbh"}
{:name "XMPP_AUTH_DOMAIN", :value "auth.meet.meissa-gmbh"}
{:name "XMPP_MUC_DOMAIN", :value "muc.meet.meissa-gmbh"}
{:name "XMPP_INTERNAL_MUC_DOMAIN", :value "internal-muc.meet.meissa-gmbh"}
{:name "JICOFO_COMPONENT_SECRET", {:name "JICOFO_COMPONENT_SECRET",
:valueFrom {:secretKeyRef {:name "jitsi-config", :key "JICOFO_COMPONENT_SECRET"}}} :valueFrom {:secretKeyRef {:name "jitsi-config", :key "JICOFO_COMPONENT_SECRET"}}}
{:name "JICOFO_AUTH_USER", :value "focus"} {:name "JICOFO_AUTH_USER", :value "focus"}
{:name "JICOFO_AUTH_PASSWORD", :valueFrom {:secretKeyRef {:name "jitsi-config", :key "JICOFO_AUTH_PASSWORD"}}} {:name "JICOFO_AUTH_PASSWORD", :valueFrom {:secretKeyRef {:name "jitsi-config", :key "JICOFO_AUTH_PASSWORD"}}}
{:name "TZ", :value "Europe/Berlin"}]} {:name "TZ", :value "Europe/Berlin"}
{:name "JVB_BREWERY_MUC", :value "jvbbrewery"}]}
{:name "prosody", {:name "prosody",
:image "jitsi/prosody:stable-9646", :image "jitsi/prosody:stable-7287",
:imagePullPolicy "IfNotPresent", :imagePullPolicy "IfNotPresent",
:env :env
[{:name "PUBLIC_URL", :value "xy.xy.xy"} [{:name "PUBLIC_URL", :value "xy.xy.xy"}
{:name "XMPP_SERVER", :value "localhost"} {:name "XMPP_DOMAIN", :value "meet.meissa-gmbh"}
{:name "XMPP_AUTH_DOMAIN", :value "auth.meet.meissa-gmbh"}
{:name "XMPP_MUC_DOMAIN", :value "muc.meet.meissa-gmbh"}
{:name "XMPP_INTERNAL_MUC_DOMAIN", :value "internal-muc.meet.meissa-gmbh"}
{:name "JICOFO_COMPONENT_SECRET", {:name "JICOFO_COMPONENT_SECRET",
:valueFrom {:secretKeyRef {:name "jitsi-config", :key "JICOFO_COMPONENT_SECRET"}}} :valueFrom {:secretKeyRef {:name "jitsi-config", :key "JICOFO_COMPONENT_SECRET"}}}
{:name "JVB_AUTH_USER", :value "jvb"} {:name "JVB_AUTH_USER", :value "jvb"}
@ -49,13 +51,17 @@
{:name "TZ", :value "Europe/Berlin"} {:name "TZ", :value "Europe/Berlin"}
{:name "JVB_TCP_HARVESTER_DISABLED", :value "true"}]} {:name "JVB_TCP_HARVESTER_DISABLED", :value "true"}]}
{:name "web", {:name "web",
:image "domaindrivenarchitecture/c4k-jitsi-web", :image "domaindrivenarchitecture/c4k-jitsi",
:imagePullPolicy "IfNotPresent", :imagePullPolicy "IfNotPresent",
:env :env
[{:name "PUBLIC_URL", :value "xy.xy.xy"} [{:name "PUBLIC_URL", :value "xy.xy.xy"}
{:name "XMPP_SERVER", :value "localhost"} {:name "XMPP_SERVER", :value "localhost"}
{:name "XMPP_BOSH_URL_BASE", :value "http://127.0.0.1:5280"}
{:name "JICOFO_AUTH_USER", :value "focus"} {:name "JICOFO_AUTH_USER", :value "focus"}
{:name "XMPP_DOMAIN", :value "meet.meissa-gmbh"}
{:name "XMPP_AUTH_DOMAIN", :value "auth.meet.meissa-gmbh"}
{:name "XMPP_INTERNAL_MUC_DOMAIN", :value "internal-muc.meet.meissa-gmbh"}
{:name "XMPP_BOSH_URL_BASE", :value "http://127.0.0.1:5280"}
{:name "XMPP_MUC_DOMAIN", :value "muc.meet.meissa-gmbh"}
{:name "TZ", :value "Europe/Berlin"} {:name "TZ", :value "Europe/Berlin"}
{:name "JVB_TCP_HARVESTER_DISABLED", :value "true"} {:name "JVB_TCP_HARVESTER_DISABLED", :value "true"}
{:name "DEFAULT_LANGUAGE", :value "de"} {:name "DEFAULT_LANGUAGE", :value "de"}
@ -64,237 +70,49 @@
{:name "RESOLUTION_WIDTH", :value "853"} {:name "RESOLUTION_WIDTH", :value "853"}
{:name "RESOLUTION_WIDTH_MIN", :value "427"} {:name "RESOLUTION_WIDTH_MIN", :value "427"}
{:name "DISABLE_AUDIO_LEVELS", :value "true"} {:name "DISABLE_AUDIO_LEVELS", :value "true"}
{:name "ETHERPAD_PUBLIC_URL", :value "https://etherpad.xy.xy.xy/p/"} {:name "ETHERPAD_PUBLIC_URL", :value "https://etherpad.xy.xy.xy/p/"}]}
{:name "WHITEBOARD_ENABLED", :value "true"}
{:name "WHITEBOARD_COLLAB_SERVER_PUBLIC_URL", :value "https://excalidraw-backend.xy.xy.xy"}
{:name "COLIBRI_WEBSOCKET_REGEX", :value "127.0.0.1"}]}
{:name "jvb", {:name "jvb",
:image "jitsi/jvb:stable-9646", :image "jitsi/jvb:stable-8719",
:imagePullPolicy "IfNotPresent", :imagePullPolicy "IfNotPresent",
:env :env
[{:name "PUBLIC_URL", :value "xy.xy.xy"} [{:name "PUBLIC_URL", :value "xy.xy.xy"}
{:name "XMPP_SERVER", :value "localhost"} {:name "XMPP_SERVER", :value "localhost"}
{:name "DOCKER_HOST_ADDRESS", :value "xy.xy.xy"} {:name "DOCKER_HOST_ADDRESS", :value "xy.xy.xy"}
{:name "XMPP_DOMAIN", :value "meet.meissa-gmbh"}
{:name "XMPP_AUTH_DOMAIN", :value "auth.meet.meissa-gmbh"}
{:name "XMPP_INTERNAL_MUC_DOMAIN", :value "internal-muc.meet.meissa-gmbh"}
{:name "JICOFO_AUTH_USER", :value "focus"} {:name "JICOFO_AUTH_USER", :value "focus"}
{:name "JVB_TCP_HARVESTER_DISABLED", :value "true"} {:name "JVB_TCP_HARVESTER_DISABLED", :value "true"}
{:name "JVB_AUTH_USER", :value "jvb"} {:name "JVB_AUTH_USER", :value "jvb"}
{:name "JVB_PORT", :value "30300"} {:name "JVB_PORT", :value "30300"}
{:name "JVB_AUTH_PASSWORD", :valueFrom {:secretKeyRef {:name "jitsi-config", :key "JVB_AUTH_PASSWORD"}}} {:name "JVB_AUTH_PASSWORD", :valueFrom {:secretKeyRef {:name "jitsi-config", :key "JVB_AUTH_PASSWORD"}}}
{:name "JICOFO_AUTH_PASSWORD", :valueFrom {:secretKeyRef {:name "jitsi-config", :key "JICOFO_AUTH_PASSWORD"}}} {:name "JICOFO_AUTH_PASSWORD", :valueFrom {:secretKeyRef {:name "jitsi-config", :key "JICOFO_AUTH_PASSWORD"}}}
{:name "JVB_BREWERY_MUC", :value "jvbbrewery"}
{:name "TZ", :value "Europe/Berlin"}]} {:name "TZ", :value "Europe/Berlin"}]}
{:name "etherpad", {:name "etherpad",
:image "etherpad/etherpad:2", :image "etherpad/etherpad:1.9.1",
:env :env
[{:name "XMPP_SERVER", :value "localhost"} [{:name "XMPP_SERVER", :value "localhost"}
{:name "XMPP_DOMAIN", :value "meet.meissa-gmbh"}
{:name "XMPP_AUTH_DOMAIN", :value "auth.meet.meissa-gmbh"}
{:name "JICOFO_COMPONENT_SECRET", {:name "JICOFO_COMPONENT_SECRET",
:valueFrom {:secretKeyRef {:name "jitsi-config", :key "JICOFO_COMPONENT_SECRET"}}} :valueFrom {:secretKeyRef {:name "jitsi-config", :key "JICOFO_COMPONENT_SECRET"}}}
{:name "JICOFO_AUTH_USER", :value "focus"} {:name "JICOFO_AUTH_USER", :value "focus"}
{:name "JVB_BREWERY_MUC", :value "jvbbrewery"}
{:name "XMPP_INTERNAL_MUC_DOMAIN", :value "internal-muc.meet.meissa-gmbh"}
{:name "JICOFO_AUTH_PASSWORD", :valueFrom {:secretKeyRef {:name "jitsi-config", :key "JICOFO_AUTH_PASSWORD"}}} {:name "JICOFO_AUTH_PASSWORD", :valueFrom {:secretKeyRef {:name "jitsi-config", :key "JICOFO_AUTH_PASSWORD"}}}
{:name "TZ", :value "Europe/Berlin"}]}]}}}} {:name "TZ", :value "Europe/Berlin"}]}]}}}}
(cut/generate-deployment {:fqdn "xy.xy.xy" (cut/generate-deployment {:fqdn "xy.xy.xy"}))))
:namespace "jitsi"}))))
(deftest should-generate-secret (deftest should-generate-secret
(is (= {:apiVersion "v1", (is (= {:apiVersion "v1",
:kind "Secret", :kind "Secret",
:metadata :metadata {:name "jitsi-config"},
{:name "jitsi-config"
:namespace "jitsi"},
:type "Opaque", :type "Opaque",
:data :data
{:JVB_AUTH_PASSWORD "anZiLWF1dGg=", {:JVB_AUTH_PASSWORD "anZiLWF1dGg=",
:JICOFO_AUTH_PASSWORD "amljb2ZvLWF1dGg=", :JICOFO_AUTH_PASSWORD "amljb2ZvLWF1dGg=",
:JICOFO_COMPONENT_SECRET "amljb2ZvLWNvbXA="}} :JICOFO_COMPONENT_SECRET "amljb2ZvLWNvbXA="}}
(cut/generate-secret-jitsi (cut/generate-secret-jitsi {:jvb-auth-password "jvb-auth"
{:fqdn "xy.xy.xy"
:namespace "jitsi"}
{:jvb-auth-password "jvb-auth"
:jicofo-auth-password "jicofo-auth" :jicofo-auth-password "jicofo-auth"
:jicofo-component-secret "jicofo-comp"})))) :jicofo-component-secret "jicofo-comp"}))))
(deftest should-generate-ingress-web
(is (= [{:apiVersion "cert-manager.io/v1",
:kind "Certificate",
:metadata
{:name "web",
:labels {:app.kubernetes.part-of "web"},
:namespace "jitsi"},
:spec
{:secretName "web",
:commonName "xy.xy.xy",
:duration "2160h",
:renewBefore "720h",
:dnsNames ["xy.xy.xy"],
:issuerRef {:name "staging", :kind "ClusterIssuer"}}}
{:apiVersion "networking.k8s.io/v1",
:kind "Ingress",
:metadata
{:namespace "jitsi",
:annotations
{:traefik.ingress.kubernetes.io/router.entrypoints "web, websecure",
:traefik.ingress.kubernetes.io/router.middlewares
"default-redirect-https@kubernetescrd",
:metallb.universe.tf/address-pool "public"},
:name "web",
:labels {:app.kubernetes.part-of "web"}},
:spec
{:tls [{:hosts ["xy.xy.xy"], :secretName "web"}],
:rules
[{:host "xy.xy.xy",
:http
{:paths
[{:pathType "Prefix",
:path "/",
:backend {:service {:name "web", :port {:number 80}}}}]}}]}}]
(cut/generate-ingress-web
{:fqdn "xy.xy.xy"
:namespace "jitsi"}))))
(deftest should-generate-ingress-modelector
(is (= [{:apiVersion "cert-manager.io/v1",
:kind "Certificate",
:metadata
{:name "modelector",
:labels {:app.kubernetes.part-of "modelector"},
:namespace "jitsi"},
:spec
{:secretName "modelector",
:commonName "modelector.xy.xy",
:duration "2160h",
:renewBefore "720h",
:dnsNames ["modelector.xy.xy"],
:issuerRef {:name "staging", :kind "ClusterIssuer"}}}
{:apiVersion "networking.k8s.io/v1",
:kind "Ingress",
:metadata
{:namespace "jitsi",
:annotations
{:traefik.ingress.kubernetes.io/router.entrypoints "web, websecure",
:traefik.ingress.kubernetes.io/router.middlewares
"default-redirect-https@kubernetescrd",
:metallb.universe.tf/address-pool "public"},
:name "modelector",
:labels {:app.kubernetes.part-of "modelector"}},
:spec
{:tls [{:hosts ["modelector.xy.xy"], :secretName "modelector"}],
:rules
[{:host "modelector.xy.xy",
:http
{:paths
[{:pathType "Prefix",
:path "/",
:backend {:service {:name "modelector", :port {:number 80}}}}]}}]}}]
(cut/generate-ingress-modelector
{:fqdn "xy.xy"
:namespace "jitsi"}))))
(deftest should-generate-jvb-service
(is (= {:apiVersion "v1",
:kind "Service",
:metadata
{:labels {:service "jvb"},
:annotations
#:metallb.universe.tf{:allow-shared-ip "shared-ip-service-group",
:address-pool "public"},
:name "jvb-udp"
:namespace "jitsi"},
:spec
{:type "LoadBalancer",
:ports
[{:port 30300, :protocol "UDP", :targetPort 30300, :nodePort 30300}],
:selector {:app "jitsi"}}}
(cut/generate-jvb-service
{:fqdn "xy.xy.xy"
:namespace "jitsi"}))))
(deftest should-generate-web-service
(is (= {:apiVersion "v1",
:kind "Service",
:metadata {:labels {:service "web"}, :name "web", :namespace "jitsi"},
:spec
{:ports
[{:name "http", :port 80, :targetPort 80}
{:name "https", :port 443, :targetPort 443}],
:selector {:app "jitsi"}}}
(cut/generate-web-service
{:fqdn "xy.xy.xy"
:namespace "jitsi"}))))
(deftest should-generate-etherpad-service
(is (= {:apiVersion "v1",
:kind "Service",
:metadata
{:labels {:service "etherpad"}, :name "etherpad", :namespace "jitsi"},
:spec
{:ports [{:name "etherpad", :port 9001, :targetPort 9001}],
:selector {:app "jitsi"}}}
(cut/generate-etherpad-service
{:fqdn "xy.xy.xy"
:namespace "jitsi"}))))
(deftest should-generate-excalidraw-backend-service
(is (= {:apiVersion "v1",
:kind "Service",
:metadata
{:labels {:service "excalidraw-backend"},
:name "excalidraw-backend",
:namespace "jitsi"},
:spec
{:ports [{:name "excalidraw-backend", :port 3002, :targetPort 80}],
:selector {:app "excalidraw-backend"}}}
(cut/generate-excalidraw-backend-service
{:fqdn "xy.xy.xy"
:namespace "jitsi"}))))
(deftest should-generate-modelector-service
(is (= {:apiVersion "v1",
:kind "Service",
:metadata
{:labels {:service "modelector"},
:name "modelector",
:namespace "jitsi"},
:spec
{:ports [{:name "http", :port 80, :targetPort 8080}],
:selector {:app "modelector"}}}
(cut/generate-modelector-service
{:fqdn "xy.xy.xy"
:namespace "jitsi"}))))
(deftest should-generate-modelector-deployment
(is (= {:apiVersion "apps/v1",
:kind "Deployment",
:metadata
{:labels {:app "modelector"},
:name "modelector",
:namespace "jitsi"},
:spec
{:selector {:matchLabels {:app "modelector"}},
:replicas 1,
:strategy {:type "Recreate"},
:template
{:metadata {:labels {:app "modelector"}},
:spec
{:containers
[{:name "modelector",
:image "domaindrivenarchitecture/moderator-election-vaadin_fullstack",
:imagePullPolicy "IfNotPresent",
:env
[{:name "MEMBERNAMES",
:value "Micha,Ansgar,Erik,Mirco"}]}]}}}}
(cut/generate-modelector-deployment
{:fqdn "xy.xy.xy"
:namespace "jitsi"}))))
(deftest should-generate-excalidraw-deployment
(is (= {:apiVersion "v1",
:kind "Service",
:metadata
{:labels {:service "excalidraw-backend"},
:name "excalidraw-backend",
:namespace "jitsi"},
:spec
{:ports [{:name "excalidraw-backend", :port 3002, :targetPort 80}],
:selector {:app "excalidraw-backend"}}}
(cut/generate-excalidraw-backend-service
{:fqdn "xy.xy.xy"
:namespace "jitsi"}))))