aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorQuentin Dufour <quentin@deuxfleurs.fr>2020-03-22 18:01:54 +0100
committerQuentin Dufour <quentin@deuxfleurs.fr>2020-03-22 18:01:54 +0100
commitcef60898b5db0e314a435121606b04b1ad6ffbdd (patch)
tree12d34ff821c0aa473af7fdf4a3ec6e46c3e702e8
parente24522d8285878240ee0d873616bc177313aa7ba (diff)
downloadinfrastructure-cef60898b5db0e314a435121606b04b1ad6ffbdd.tar.gz
infrastructure-cef60898b5db0e314a435121606b04b1ad6ffbdd.zip
Rework jitsi-xmpp to support cert gen
-rw-r--r--.gitignore1
-rw-r--r--docker/jitsi/01_gen_certs.yml8
-rw-r--r--docker/jitsi/02_run.yml17
-rw-r--r--docker/jitsi/README.md13
-rw-r--r--docker/jitsi/dev.env7
-rw-r--r--docker/jitsi/docker-compose.yml20
-rw-r--r--docker/jitsi/jitsi-certs/.gitignore2
-rw-r--r--docker/jitsi/jitsi-conference-focus/Dockerfile22
-rwxr-xr-xdocker/jitsi/jitsi-conference-focus/jicofo8
-rw-r--r--docker/jitsi/jitsi-videobridge/Dockerfile15
-rw-r--r--docker/jitsi/jitsi-xmpp/Dockerfile8
-rwxr-xr-xdocker/jitsi/jitsi-xmpp/xmpp_conf (renamed from docker/jitsi/jitsi-xmpp/entrypoint.sh)15
-rwxr-xr-xdocker/jitsi/jitsi-xmpp/xmpp_gen9
-rwxr-xr-xdocker/jitsi/jitsi-xmpp/xmpp_run18
14 files changed, 122 insertions, 41 deletions
diff --git a/.gitignore b/.gitignore
index 55145d5..189f683 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
*.retry
.git_old/
debug/gladdrinfo
+*.swp
diff --git a/docker/jitsi/01_gen_certs.yml b/docker/jitsi/01_gen_certs.yml
new file mode 100644
index 0000000..8c97384
--- /dev/null
+++ b/docker/jitsi/01_gen_certs.yml
@@ -0,0 +1,8 @@
+version: '3'
+services:
+ jitsi-xmpp:
+ build: ./jitsi-xmpp
+ command: ["/usr/local/bin/xmpp_gen"]
+ volumes: [ './jitsi-certs/:/certs:rw' ]
+ env_file: [ 'dev.env' ]
+
diff --git a/docker/jitsi/02_run.yml b/docker/jitsi/02_run.yml
new file mode 100644
index 0000000..f2ec9e9
--- /dev/null
+++ b/docker/jitsi/02_run.yml
@@ -0,0 +1,17 @@
+version: '3'
+services:
+ jitsi-xmpp:
+ build: ./jitsi-xmpp
+ ports:
+ - "5222:5222"
+ - "5347:5347"
+ - "5280:5280"
+ env_file: [ 'dev.env' ]
+ jitsi-front:
+ build: ./jitsi-front
+ ports:
+ - "80:80"
+ env_file: [ 'dev.env' ]
+ jitsi-conference-focus:
+ build: ./jitsi-conference-focus
+ env_file: [ 'dev.env' ]
diff --git a/docker/jitsi/README.md b/docker/jitsi/README.md
index 8ca8ec5..ea90274 100644
--- a/docker/jitsi/README.md
+++ b/docker/jitsi/README.md
@@ -3,11 +3,18 @@ This installation is inspired by: https://github.com/jitsi/jitsi-meet/blob/maste
To build images:
```
-docker-compose build
+docker-compose -f 02_run.yml build
```
-To run stack:
+To gen the certs:
```
-docker-compose up --force-recreate
+docker-compose -f 01_gen_certs.yml up --force-recreate
+```
+
+To run the stack:
+
+
+```
+docker-compose -f 02_run.yml up --force-recreate
```
diff --git a/docker/jitsi/dev.env b/docker/jitsi/dev.env
new file mode 100644
index 0000000..6fe8ed1
--- /dev/null
+++ b/docker/jitsi/dev.env
@@ -0,0 +1,7 @@
+JITSI_SECRET_VIDEOBRIDGE=S3CR3T01
+JITSI_SECRET_JICOFO_COMPONENT=S3CR3T02
+JITSI_SECRET_JICOFO_USER=S3CR3T03
+JITSI_PROSODY_BOSH_PORT=5280
+JITSI_PROSODY_BOSH_HOST=172.17.0.1
+JITSI_PROSODY_HOST=172.17.0.1
+JITSI_CERTS_FOLDER=/certs/
diff --git a/docker/jitsi/docker-compose.yml b/docker/jitsi/docker-compose.yml
deleted file mode 100644
index 2cc7e62..0000000
--- a/docker/jitsi/docker-compose.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-version: '2.0'
-services:
- jitsi-xmpp:
- build: ./jitsi-xmpp
- ports:
- - "5222:5222"
- - "5347:5347"
- - "5280:5280"
- environment:
- - JITSI_SECRET_VIDEOBRIDGE=S3CR3T01
- - JITSI_SECRET_JICOFO_COMPONENT=S3CR3T02
- - JITSI_SECRET_JICOFO_USER=S3CR3T03
- jitsi-front:
- build: ./jitsi-front
- ports:
- - "80:80"
- environment:
- - JITSI_PROSODY_BOSH_PORT=5280
- - JITSI_PROSODY_BOSH_HOST=172.17.0.1
-
diff --git a/docker/jitsi/jitsi-certs/.gitignore b/docker/jitsi/jitsi-certs/.gitignore
new file mode 100644
index 0000000..d6b7ef3
--- /dev/null
+++ b/docker/jitsi/jitsi-certs/.gitignore
@@ -0,0 +1,2 @@
+*
+!.gitignore
diff --git a/docker/jitsi/jitsi-conference-focus/Dockerfile b/docker/jitsi/jitsi-conference-focus/Dockerfile
index e69de29..7933ed9 100644
--- a/docker/jitsi/jitsi-conference-focus/Dockerfile
+++ b/docker/jitsi/jitsi-conference-focus/Dockerfile
@@ -0,0 +1,22 @@
+FROM debian:buster AS builder
+
+RUN apt-get update && \
+ apt-get install -y openjdk-11-jdk maven git unzip && \
+ git clone --depth=1 https://github.com/jitsi/jicofo.git && \
+ cd jicofo && \
+ mvn package -DskipTests -Dassembly.skipAssembly=false
+
+RUN cd jicofo && \
+ unzip target/jicofo-1.1-SNAPSHOT-archive.zip && \
+ mv jicofo-1.1-SNAPSHOT /srv/jicofo
+
+
+FROM debian:buster
+
+RUN apt-get update && \
+ apt-get install -y openjdk-11-jdk
+
+COPY --from=builder /srv/jicofo /srv/jicofo
+COPY jicofo /usr/local/bin/jicofo
+
+CMD ["/usr/local/bin/jicofo"]
diff --git a/docker/jitsi/jitsi-conference-focus/jicofo b/docker/jitsi/jitsi-conference-focus/jicofo
new file mode 100755
index 0000000..34b5548
--- /dev/null
+++ b/docker/jitsi/jitsi-conference-focus/jicofo
@@ -0,0 +1,8 @@
+#!/bin/bash
+
+/srv/jicofo/jicofo.sh \
+ --host=${JITSI_PROSODY_HOST} \
+ --domain=jitsi.deuxfleurs.fr \
+ --secret=${JITSI_SECRET_JICOFO_COMPONENT} \
+ --user_domain=auth.jitsi.deuxfleurs.fr \
+ --user_password=${JITSI_SECRET_JICOFO_USER}
diff --git a/docker/jitsi/jitsi-videobridge/Dockerfile b/docker/jitsi/jitsi-videobridge/Dockerfile
index e69de29..7216b8c 100644
--- a/docker/jitsi/jitsi-videobridge/Dockerfile
+++ b/docker/jitsi/jitsi-videobridge/Dockerfile
@@ -0,0 +1,15 @@
+FROM debian:buster AS builder
+
+RUN apt-get update && \
+ apt-get install -y wget unzip
+
+ENV VERSION=1132
+RUN wget https://download.jitsi.org/jitsi-videobridge/linux/jitsi-videobridge-linux-x64-${VERSION}.zip -O jvb.zip && \
+ unzip jvb.zip && \
+ mv jitsi-videobridge-linux-x64-${VERSION} jvb
+
+FROM debian:buster
+
+RUN apt-get update && \
+ apt-get install -y
+
diff --git a/docker/jitsi/jitsi-xmpp/Dockerfile b/docker/jitsi/jitsi-xmpp/Dockerfile
index 4d71a13..3733d49 100644
--- a/docker/jitsi/jitsi-xmpp/Dockerfile
+++ b/docker/jitsi/jitsi-xmpp/Dockerfile
@@ -4,6 +4,8 @@ RUN apt-get update && \
apt-get install -y prosody
COPY external_components.cfg.lua /etc/prosody/conf.d/external_components.cfg.lua
-COPY entrypoint.sh /usr/local/bin/entrypoint
-ENTRYPOINT ["/usr/local/bin/entrypoint"]
-CMD ["/usr/bin/prosody"]
+COPY xmpp_conf /usr/local/bin/xmpp_conf
+COPY xmpp_gen /usr/local/bin/xmpp_gen
+COPY xmpp_run /usr/local/bin/xmpp_run
+
+CMD ["/usr/local/bin/xmpp_run"]
diff --git a/docker/jitsi/jitsi-xmpp/entrypoint.sh b/docker/jitsi/jitsi-xmpp/xmpp_conf
index e6ab4e5..c7534ba 100755
--- a/docker/jitsi/jitsi-xmpp/entrypoint.sh
+++ b/docker/jitsi/jitsi-xmpp/xmpp_conf
@@ -34,19 +34,4 @@ ln -sf \
/etc/prosody/conf.avail/jitsi.deuxfleurs.fr.cfg.lua \
/etc/prosody/conf.d/jitsi.deuxfleurs.fr.cfg.lua
-prosodyctl cert generate jitsi.deuxfleurs.fr
-prosodyctl cert generate auth.jitsi.deuxfleurs.fr
-mkdir -p /usr/local/share/ca-certificates/
-ln -sf \
- /var/lib/prosody/auth.jitsi.deuxfleurs.fr.crt \
- /usr/local/share/ca-certificates/auth.jitsi.deuxfleurs.fr.crt
-
-prosodyctl register focus auth.jitsi.deuxfleurs.fr ${JITSI_SECRET_JICOFO_USER}
-
-mkdir /run/prosody
-touch /run/prosody/prosody.pid
-chown -R prosody:prosody /run/prosody
-
-cd /var/lib/prosody
-su - prosody -s /bin/bash -c "$@"
diff --git a/docker/jitsi/jitsi-xmpp/xmpp_gen b/docker/jitsi/jitsi-xmpp/xmpp_gen
new file mode 100755
index 0000000..3a2e04a
--- /dev/null
+++ b/docker/jitsi/jitsi-xmpp/xmpp_gen
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+/usr/local/bin/xmpp_conf
+
+prosodyctl cert generate jitsi.deuxfleurs.fr
+prosodyctl cert generate auth.jitsi.deuxfleurs.fr
+
+cp /var/lib/prosody/*.crt ${JITSI_CERTS_FOLDER}
+cp /var/lib/prosody/*.key ${JITSI_CERTS_FOLDER}
diff --git a/docker/jitsi/jitsi-xmpp/xmpp_run b/docker/jitsi/jitsi-xmpp/xmpp_run
new file mode 100755
index 0000000..ca2b7cf
--- /dev/null
+++ b/docker/jitsi/jitsi-xmpp/xmpp_run
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+/usr/local/bin/xmpp_conf
+cp ${JITSI_CERTS_FOLDER}/* /var/lib/prosody/
+
+mkdir -p /usr/local/share/ca-certificates/
+ln -sf \
+ /var/lib/prosody/auth.jitsi.deuxfleurs.fr.crt \
+ /usr/local/share/ca-certificates/auth.jitsi.deuxfleurs.fr.crt
+
+prosodyctl register focus auth.jitsi.deuxfleurs.fr ${JITSI_SECRET_JICOFO_USER}
+
+mkdir /run/prosody
+touch /run/prosody/prosody.pid
+chown -R prosody:prosody /run/prosody
+
+cd /var/lib/prosody
+su - prosody -s /bin/bash -c prosody