aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorQuentin Dufour <quentin@deuxfleurs.fr>2020-03-27 22:48:12 +0100
committerQuentin Dufour <quentin@deuxfleurs.fr>2020-03-27 22:48:12 +0100
commit395437ebb91aad86bd7a92514146e7661568e8d8 (patch)
tree55b7e31d625935b1cf753c13f7c9bfce95cf7726
parentabf0b925cc79483cac8b4338f2be83bc7e17f8b3 (diff)
downloadinfrastructure-395437ebb91aad86bd7a92514146e7661568e8d8.tar.gz
infrastructure-395437ebb91aad86bd7a92514146e7661568e8d8.zip
Still fixing jitsi nomad service
-rw-r--r--consul/secrets/jitsi/global_env.sample2
-rw-r--r--docker/jitsi/02_run.yml2
-rwxr-xr-xdocker/jitsi/jitsi-videobridge/jvb_run5
-rw-r--r--nomad/jitsi.hcl30
4 files changed, 31 insertions, 8 deletions
diff --git a/consul/secrets/jitsi/global_env.sample b/consul/secrets/jitsi/global_env.sample
index 3c0f84a..658c9c9 100644
--- a/consul/secrets/jitsi/global_env.sample
+++ b/consul/secrets/jitsi/global_env.sample
@@ -6,4 +6,4 @@ JITSI_PROSODY_BOSH_HOST=127.0.0.1
JITSI_PROSODY_HOST=127.0.0.1
JITSI_CERTS_FOLDER=/secrets/certs/
JITSI_NAT_PUBLIC_IP=redacted
-JITSI_NAT_LOCAL_IP={{ env "NOMAD_IP_videobridge_video1_port" }}
+JITSI_NAT_LOCAL_IP={{ env "NOMAD_IP_video1_port" }}
diff --git a/docker/jitsi/02_run.yml b/docker/jitsi/02_run.yml
index af615a9..a3dcda6 100644
--- a/docker/jitsi/02_run.yml
+++ b/docker/jitsi/02_run.yml
@@ -26,7 +26,7 @@ services:
volumes: [ './jitsi-certs/:/certs:ro' ]
jitsi-videobridge:
build: ./jitsi-videobridge
- image: superboum/amd64_jitsi_videobridge:v1
+ image: superboum/amd64_jitsi_videobridge:v3
network_mode: host
ports:
- "4443:4443"
diff --git a/docker/jitsi/jitsi-videobridge/jvb_run b/docker/jitsi/jitsi-videobridge/jvb_run
index 2431081..7078239 100755
--- a/docker/jitsi/jitsi-videobridge/jvb_run
+++ b/docker/jitsi/jitsi-videobridge/jvb_run
@@ -6,14 +6,17 @@ ${JITSI_PROSODY_HOST} jitsi.deuxfleurs.fr conference.jitsi.deuxfleurs.fr jitsi-v
EOF
cd /srv/jvb
+mkdir -p /srv/jvb/.sip-communicator
-cat > ~/.sip-communicator/sip-communicator.properties <<EOF
+cat > /srv/jvb/.sip-communicator/sip-communicator.properties <<EOF
org.jitsi.impl.neomedia.transform.srtp.SRTPCryptoContext.checkReplay=false
# The videobridge uses 443 by default with 4443 as a fallback, but since we're already
# running nginx on 443 in this example doc, we specify 4443 manually to avoid a race condition
org.jitsi.videobridge.TCP_HARVESTER_PORT=4443
org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=${JITSI_NAT_LOCAL_IP}
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=${JITSI_NAT_PUBLIC_IP}
+org.jitsi.videobridge.NAT_HARVESTER_LOCAL_ADDRESS=${JITSI_NAT_LOCAL_IP}
+org.jitsi.videobridge.NAT_HARVESTER_PUBLIC_ADDRESS=${JITSI_NAT_PUBLIC_IP}
EOF
./jvb.sh \
diff --git a/nomad/jitsi.hcl b/nomad/jitsi.hcl
index 6b54d14..e6fc964 100644
--- a/nomad/jitsi.hcl
+++ b/nomad/jitsi.hcl
@@ -42,8 +42,13 @@ job "jitsi" {
data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.key\" }}"
destination = "secrets/certs/jitsi.deuxfleurs.fr.key"
}
+ artifact {
+ source = "http://127.0.0.1:8500/v1/kv/secrets/jitsi/global_env?raw"
+ destination = "secrets/global_env.tpl"
+ mode = "file"
+ }
template {
- data = "{{ key \"secrets/jitsi/global_env\" }}"
+ source = "secrets/global_env.tpl"
destination = "secrets/global_env"
env = true
}
@@ -103,8 +108,13 @@ job "jitsi" {
data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.key\" }}"
destination = "secrets/certs/jitsi.deuxfleurs.fr.key"
}
+ artifact {
+ source = "http://127.0.0.1:8500/v1/kv/secrets/jitsi/global_env?raw"
+ destination = "secrets/global_env.tpl"
+ mode = "file"
+ }
template {
- data = "{{ key \"secrets/jitsi/global_env\" }}"
+ source = "secrets/global_env.tpl"
destination = "secrets/global_env"
env = true
}
@@ -159,8 +169,13 @@ job "jitsi" {
data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.crt\" }}"
destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.crt"
}
+ artifact {
+ source = "http://127.0.0.1:8500/v1/kv/secrets/jitsi/global_env?raw"
+ destination = "secrets/global_env.tpl"
+ mode = "file"
+ }
template {
- data = "{{ key \"secrets/jitsi/global_env\" }}"
+ source = "secrets/global_env.tpl"
destination = "secrets/global_env"
env = true
}
@@ -174,7 +189,7 @@ job "jitsi" {
task "videobridge" {
driver = "docker"
config {
- image = "superboum/amd64_jitsi_videobridge:v1"
+ image = "superboum/amd64_jitsi_videobridge:v3"
network_mode = "host"
port_map {
video1_port = 4443
@@ -182,8 +197,13 @@ job "jitsi" {
}
}
+ artifact {
+ source = "http://127.0.0.1:8500/v1/kv/secrets/jitsi/global_env?raw"
+ destination = "secrets/global_env.tpl"
+ mode = "file"
+ }
template {
- data = "{{ key \"secrets/jitsi/global_env\" }}"
+ source = "secrets/global_env.tpl"
destination = "secrets/global_env"
env = true
}