aboutsummaryrefslogblamecommitdiff
path: root/nomad/jitsi.hcl
blob: 4ef2f9881f44d138f5c6fec1aa84e7f7c917923c (plain) (tree)
1
2
3
4


                  
                                























                                               















                                                                         




                                                                           
                
                                         



                                          







































                                   
                                                





                             
                

                                                                    

                

                                                                    
       




                                                                           
                
                                         



                                          














                                                    

                                                                        




















                                   
                                                           


                             







                                                                         




                                                                           
                
                                         



                                          

                 
                    





                        
                                                      

                             
                            

                             



                                    

       
           

                              

       




                                                                           
                
                                         



                                          
                 

                     

                              
                           









                              

                                                       




















                                         
/*
 * WIP WIP WIP WIP
 *
 *   + NEED TO SET ENV VARIABLES
 */

job "jitsi" {
  datacenters = ["dc1"]
  type = "service"

  constraint {
    attribute = "${attr.cpu.arch}"
    value     = "amd64"
  }

  group "core" {
    task "xmpp" {
      driver = "docker"
      config {
        image = "superboum/amd64_jitsi_xmpp:v1"
        network_mode = "host"
        port_map {
          xmpp_port = 5222
          ext_port = 5347
          bosh_port = 5280
        }
      }

      template {
        data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.crt\" }}"
        destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.crt"
      }
      template {
        data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.key\" }}"
        destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.key"
      }
      template {
        data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.crt\" }}"
        destination = "secrets/certs/jitsi.deuxfleurs.fr.crt"
      }
      template {
        data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.key\" }}"
        destination = "secrets/certs/jitsi.deuxfleurs.fr.key"
      }
      artifact {
        source = "http://127.0.0.1:8500/v1/kv/secrets/jitsi/global_env?raw"
        destination = "secrets/global_env.tpl"
        mode = "file"
      }
      template {
        source = "secrets/global_env.tpl"
        destination = "secrets/global_env"
        env = true
      }

      resources {
        cpu = 300
        memory = 200
        network {
          port "xmpp_port" {
            static = "5222"
          }
          port "ext_port" {
            static = "5347"
          }
          port "bosh_port" {
            static = "5280"
          }
        }
      }

      service {
        tags = [
          "jitsi"
        ]
        port = "bosh_port"
        address_mode = "host"
        name = "jitsi-xmpp-bosh"
        check {
          type = "tcp"
          port = "bosh_port"
          interval = "60s"
          timeout = "5s"
          check_restart {
            limit = 3
            grace = "90s"
            ignore_warnings = false
          }
        }
      }
    }

    task "front" {
      driver = "docker"
      config {
        image = "superboum/amd64_jitsi_front:v5"
        network_mode = "host"
        port_map {
          https_port = 443
        }
      }

      template {
        data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.crt\" }}"
        destination = "secrets/certs/jitsi.deuxfleurs.fr.crt"
      }
      template {
        data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.key\" }}"
        destination = "secrets/certs/jitsi.deuxfleurs.fr.key"
      }
      artifact {
        source = "http://127.0.0.1:8500/v1/kv/secrets/jitsi/global_env?raw"
        destination = "secrets/global_env.tpl"
        mode = "file"
      }
      template {
        source = "secrets/global_env.tpl"
        destination = "secrets/global_env"
        env = true
      }

      resources {
        cpu = 300
        memory = 200
        network {
          port "https_port" {
            static = "443"
          }
        }
      } 

     service {
        tags = [
          "jitsi",
          "traefik.enable=true",
          "traefik.frontend.entryPoints=https,http",
          "traefik.frontend.rule=Host:jitsi.deuxfleurs.fr;PathPrefix:/",
          "traefik.protocol=https"
        ]
        port = "https_port"
        address_mode = "host"
        name = "jitsi-front-https"
        check {
          type = "tcp"
          port = "https_port"
          interval = "60s"
          timeout = "5s"
          check_restart {
            limit = 3
            grace = "90s"
            ignore_warnings = false
          }
        }
      }
    }

    task "jicofo" {
      driver = "docker"
      config {
        image = "superboum/amd64_jitsi_conference_focus:v2"
        network_mode = "host"
      }

      template {
        data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.crt\" }}"
        destination = "secrets/certs/jitsi.deuxfleurs.fr.crt"
      }
      template {
        data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.crt\" }}"
        destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.crt"
      }
      artifact {
        source = "http://127.0.0.1:8500/v1/kv/secrets/jitsi/global_env?raw"
        destination = "secrets/global_env.tpl"
        mode = "file"
      }
      template {
        source = "secrets/global_env.tpl"
        destination = "secrets/global_env"
        env = true
      }

      resources {
        cpu = 300
        memory = 400
      } 
    }

    task "videobridge" {
      driver = "docker"
      config {
        image = "superboum/amd64_jitsi_videobridge:v9"
        network_mode = "host"
        port_map {
          video1_port = 8080
          video2_port = 10000
        }
        ulimit {
          nofile = "1048576:1048576"
          nproc = "65536:65536"
        }
      }

      env {
        #JITSI_DEBUG = 1
        JITSI_VIDEO_TCP = 8080
      }

      artifact {
        source = "http://127.0.0.1:8500/v1/kv/secrets/jitsi/global_env?raw"
        destination = "secrets/global_env.tpl"
        mode = "file"
      }
      template {
        source = "secrets/global_env.tpl"
        destination = "secrets/global_env"
        env = true
      }

      resources {
        cpu = 900
        memory = 1500
        network {
          port "video1_port" {
            static = "8080"
          }
          port "video2_port" {
            static = "10000"
          }
        }

      } 

      service {
        tags = [
          "jitsi",
          "(diplonat (tcp_port 8080) (udp_port 10000))"
        ]
        port = "video1_port"
        address_mode = "host"
        name = "jitsi-videobridge-video1"
        check {
          type = "tcp"
          port = "video1_port"
          interval = "60s"
          timeout = "5s"
          check_restart {
            limit = 3
            grace = "90s"
            ignore_warnings = false
          }
        }
      }
    }

  }
}