aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorQuentin <quentin@deuxfleurs.fr>2020-09-13 11:46:14 +0200
committerQuentin <quentin@deuxfleurs.fr>2020-09-13 11:46:14 +0200
commitda034dabfcedcded964b6022153cf5a8a7ae9380 (patch)
tree46a773e021e58c57a0a0436e4efd0deb133f0199
parent744fa8b8c9cfd17ee34967f70393e7597d75daa6 (diff)
downloadinfrastructure-da034dabfcedcded964b6022153cf5a8a7ae9380.tar.gz
infrastructure-da034dabfcedcded964b6022153cf5a8a7ae9380.zip
Finally it seems to work
-rw-r--r--app/build/docker-compose.yml6
-rw-r--r--app/build/jitsi-conference-focus/Dockerfile4
-rw-r--r--app/build/jitsi-conference-focus/sip-communicator.properties1
-rwxr-xr-xapp/build/jitsi-videobridge/jvb_run19
-rwxr-xr-xapp/build/jitsi-xmpp/xmpp_conf39
-rwxr-xr-xapp/build/jitsi-xmpp/xmpp_run1
-rw-r--r--app/integration/jitsi/01_gen_certs.yml2
-rw-r--r--app/integration/jitsi/02_run.yml9
-rw-r--r--app/integration/jitsi/dev.env8
9 files changed, 55 insertions, 34 deletions
diff --git a/app/build/docker-compose.yml b/app/build/docker-compose.yml
index 0e44928..7774b66 100644
--- a/app/build/docker-compose.yml
+++ b/app/build/docker-compose.yml
@@ -44,7 +44,7 @@ services:
# https://github.com/jitsi/jicofo
PREFIXV: stable/jitsi-meet_
VERSION: 4966
- image: superboum/amd64_jitsi_conference_focus:v3
+ image: superboum/amd64_jitsi_conference_focus:v4
jitsi-videobridge:
build:
@@ -53,11 +53,11 @@ services:
# https://github.com/jitsi/jitsi-videobridge
PREFIXV: stable/jitsi-meet_
VERSION: 4966
- image: superboum/amd64_jitsi_videobridge:v13
+ image: superboum/amd64_jitsi_videobridge:v14
jitsi-xmpp:
build:
context: ./jitsi-xmpp
args:
VERSION: fake-1
- image: superboum/amd64_jitsi_xmpp:v2
+ image: superboum/amd64_jitsi_xmpp:v3
diff --git a/app/build/jitsi-conference-focus/Dockerfile b/app/build/jitsi-conference-focus/Dockerfile
index 93301e9..e2c459c 100644
--- a/app/build/jitsi-conference-focus/Dockerfile
+++ b/app/build/jitsi-conference-focus/Dockerfile
@@ -16,7 +16,9 @@ RUN unzip jicofo.zip && \
FROM debian:buster
RUN apt-get update && \
- apt-get install -y openjdk-11-jdk ca-certificates
+ apt-get install -y openjdk-11-jre-headless ca-certificates
+
+ENV JAVA_SYS_PROPS="-Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/root -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=.sip-communicator -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/jitsi"
COPY --from=builder /srv/build /srv/jicofo
COPY jicofo /usr/local/bin/jicofo
diff --git a/app/build/jitsi-conference-focus/sip-communicator.properties b/app/build/jitsi-conference-focus/sip-communicator.properties
index 5347d51..53c32e2 100644
--- a/app/build/jitsi-conference-focus/sip-communicator.properties
+++ b/app/build/jitsi-conference-focus/sip-communicator.properties
@@ -1 +1,2 @@
org.jitsi.jicofo.SHORT_ID=1
+org.jitsi.jicofo.BRIDGE_MUC=JvbBrewery@internal.auth.jitsi.deuxfleurs.fr
diff --git a/app/build/jitsi-videobridge/jvb_run b/app/build/jitsi-videobridge/jvb_run
index c5852bc..b86c911 100755
--- a/app/build/jitsi-videobridge/jvb_run
+++ b/app/build/jitsi-videobridge/jvb_run
@@ -8,9 +8,24 @@ EOF
mkdir -p /root/.sip-communicator
cat > /root/.sip-communicator/sip-communicator.properties <<EOF
+# Enable broadcasting stats/presence in a MUC
+org.jitsi.videobridge.ENABLE_STATISTICS=true
+org.jitsi.videobridge.STATISTICS_TRANSPORT=muc
+
+# Connect to the first XMPP server
+org.jitsi.videobridge.xmpp.user.shard.HOSTNAME=jitsi.deuxfleurs.fr
+org.jitsi.videobridge.xmpp.user.shard.DOMAIN=auth.jitsi.deuxfleurs.fr
+org.jitsi.videobridge.xmpp.user.shard.USERNAME=jvb
+org.jitsi.videobridge.xmpp.user.shard.PASSWORD=${JITSI_SECRET_VIDEOBRIDGE}
+org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS=JvbBrewery@internal.auth.jitsi.deuxfleurs.fr
+org.jitsi.videobridge.xmpp.user.shard.MUC=JvbBrewery@internal.auth.jitsi.deuxfleurs.fr
+org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME=singleton
+org.jitsi.videobridge.xmpp.user.shard.DISABLE_CERTIFICATE_VERIFICATION=true
+
+# Do we need it? @FIXME
org.jitsi.impl.neomedia.transform.srtp.SRTPCryptoContext.checkReplay=false
-# The videobridge uses 443 by default with 4443 as a fallback, but since we're already
-# running nginx on 443 in this example doc, we specify 4443 manually to avoid a race condition
+
+# NAT things, two times just in case...
org.ice4j.ice.harvest.TCP_HARVESTER_PORT=${JITSI_VIDEO_TCP}
org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=${JITSI_NAT_LOCAL_IP}
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=${JITSI_NAT_PUBLIC_IP}
diff --git a/app/build/jitsi-xmpp/xmpp_conf b/app/build/jitsi-xmpp/xmpp_conf
index 2a9278e..5990d07 100755
--- a/app/build/jitsi-xmpp/xmpp_conf
+++ b/app/build/jitsi-xmpp/xmpp_conf
@@ -8,31 +8,36 @@ EOF
mkdir -p /etc/prosody/conf.{d,avail}/
cat > /etc/prosody/conf.avail/jitsi.deuxfleurs.fr.cfg.lua <<EOF
VirtualHost "jitsi.deuxfleurs.fr"
- authentication = "anonymous"
- ssl = {
- key = "/var/lib/prosody/jitsi.deuxfleurs.fr.key";
- certificate = "/var/lib/prosody/jitsi.deuxfleurs.fr.crt";
- }
- modules_enabled = {
- "bosh";
- "pubsub";
- }
- c2s_require_encryption = false
+ authentication = "anonymous"
+ ssl = {
+ key = "/var/lib/prosody/jitsi.deuxfleurs.fr.key";
+ certificate = "/var/lib/prosody/jitsi.deuxfleurs.fr.crt";
+ }
+ modules_enabled = {
+ "bosh";
+ "pubsub";
+ }
+ c2s_require_encryption = false
VirtualHost "auth.jitsi.deuxfleurs.fr"
- ssl = {
- key = "/var/lib/prosody/auth.jitsi.deuxfleurs.fr.key";
- certificate = "/var/lib/prosody/auth.jitsi.deuxfleurs.fr.crt";
- }
- authentication = "internal_plain"
-
-admins = { "focus@auth.jitsi.deuxfleurs.fr" }
+ ssl = {
+ key = "/var/lib/prosody/auth.jitsi.deuxfleurs.fr.key";
+ certificate = "/var/lib/prosody/auth.jitsi.deuxfleurs.fr.crt";
+ }
+ authentication = "internal_plain"
+ admins = { "focus@auth.jitsi.deuxfleurs.fr"}
Component "conference.jitsi.deuxfleurs.fr" "muc"
+Component "internal.auth.jitsi.deuxfleurs.fr" "muc"
+ storage = "memory"
+ modules_enabled = { "ping"; }
+ admins = { "focus@auth.jitsi.deuxfleurs.fr", "jvb@auth.jitsi.deuxfleurs.fr" }
+
Component "jitsi-videobridge.jitsi.deuxfleurs.fr"
component_secret = "${JITSI_SECRET_VIDEOBRIDGE}"
Component "focus.jitsi.deuxfleurs.fr"
component_secret = "${JITSI_SECRET_JICOFO_COMPONENT}"
+
EOF
ln -sf \
diff --git a/app/build/jitsi-xmpp/xmpp_run b/app/build/jitsi-xmpp/xmpp_run
index 8dfdf86..6383b65 100755
--- a/app/build/jitsi-xmpp/xmpp_run
+++ b/app/build/jitsi-xmpp/xmpp_run
@@ -10,6 +10,7 @@ ln -sf \
/usr/local/share/ca-certificates/auth.jitsi.deuxfleurs.fr.crt
prosodyctl register focus auth.jitsi.deuxfleurs.fr ${JITSI_SECRET_JICOFO_USER}
+prosodyctl register jvb auth.jitsi.deuxfleurs.fr ${JITSI_SECRET_VIDEOBRIDGE}
mkdir /run/prosody
touch /run/prosody/prosody.pid
diff --git a/app/integration/jitsi/01_gen_certs.yml b/app/integration/jitsi/01_gen_certs.yml
index 2ba3d1d..bf73291 100644
--- a/app/integration/jitsi/01_gen_certs.yml
+++ b/app/integration/jitsi/01_gen_certs.yml
@@ -1,7 +1,7 @@
version: '3'
services:
jitsi-xmpp:
- image: ./jitsi-xmpp:v2
+ image: superboum/amd64_jitsi_xmpp:v2
command: ["/usr/local/bin/xmpp_gen"]
volumes: [ './jitsi-certs/:/certs:rw' ]
env_file: [ 'dev.env' ]
diff --git a/app/integration/jitsi/02_run.yml b/app/integration/jitsi/02_run.yml
index 354a548..73eefad 100644
--- a/app/integration/jitsi/02_run.yml
+++ b/app/integration/jitsi/02_run.yml
@@ -1,8 +1,7 @@
version: '3.4'
services:
jitsi-xmpp:
- image: superboum/amd64_jitsi_xmpp:v2
- network_mode: host
+ image: superboum/amd64_jitsi_xmpp:v3
ports:
- "5222:5222"
- "5347:5347"
@@ -16,15 +15,13 @@ services:
env_file: [ 'dev.env' ]
volumes: [ './jitsi-certs/:/certs:ro' ]
jitsi-conference-focus:
- image: superboum/amd64_jitsi_conference_focus:v3
+ image: superboum/amd64_jitsi_conference_focus:v4
env_file: [ 'dev.env' ]
volumes: [ './jitsi-certs/:/certs:ro' ]
jitsi-videobridge:
- image: superboum/amd64_jitsi_videobridge:v11
- network_mode: host
+ image: superboum/amd64_jitsi_videobridge:v14
ports:
- "8080:8080/tcp"
- "10000:10000/udp"
env_file: [ 'dev.env' ]
volumes: [ './jitsi-certs/:/certs:ro' ]
-
diff --git a/app/integration/jitsi/dev.env b/app/integration/jitsi/dev.env
index 4fff8c1..1dd2122 100644
--- a/app/integration/jitsi/dev.env
+++ b/app/integration/jitsi/dev.env
@@ -2,9 +2,9 @@ JITSI_SECRET_VIDEOBRIDGE=S3CR3T01
JITSI_SECRET_JICOFO_COMPONENT=S3CR3T02
JITSI_SECRET_JICOFO_USER=S3CR3T03
JITSI_PROSODY_BOSH_PORT=5280
-JITSI_PROSODY_BOSH_HOST=127.0.0.1
-JITSI_PROSODY_HOST=127.0.0.1
+JITSI_PROSODY_BOSH_HOST=172.17.0.1
+JITSI_PROSODY_HOST=172.17.0.1
JITSI_CERTS_FOLDER=/certs/
-JITSI_NAT_PUBLIC_IP=77.204.7.239
-JITSI_NAT_LOCAL_IP=192.168.0.18
+JITSI_NAT_PUBLIC_IP=37.164.35.154
+JITSI_NAT_LOCAL_IP=192.168.0.231
JITSI_VIDEO_TCP=8080