diff options
author | LUXEY Adrien <adrien.luxey@inria.fr> | 2021-01-29 10:57:42 +0100 |
---|---|---|
committer | LUXEY Adrien <adrien.luxey@inria.fr> | 2021-01-29 10:57:42 +0100 |
commit | 9a263b762bab91fd4406bd4a454267bc71e3a66c (patch) | |
tree | cb207b05ca713a584bbc0a7e7159a590efffdaf7 /app/jitsi/build | |
parent | 8f0cb24246a19f25f1865109730939ea64dbab2b (diff) | |
parent | 982efd1b49f7435f7c49c2099aabfc994d3901fb (diff) | |
download | infrastructure-9a263b762bab91fd4406bd4a454267bc71e3a66c.tar.gz infrastructure-9a263b762bab91fd4406bd4a454267bc71e3a66c.zip |
Merge branch 'master' of git.deuxfleurs.fr:Deuxfleurs/infrastructure
Diffstat (limited to 'app/jitsi/build')
-rw-r--r-- | app/jitsi/build/jitsi-conference-focus/Dockerfile | 18 | ||||
-rwxr-xr-x | app/jitsi/build/jitsi-conference-focus/jicofo | 21 | ||||
-rw-r--r-- | app/jitsi/build/jitsi-conference-focus/sip-communicator.properties | 2 | ||||
-rw-r--r-- | app/jitsi/build/jitsi-xmpp/Dockerfile | 41 | ||||
-rw-r--r-- | app/jitsi/build/jitsi-xmpp/external_components.cfg.lua | 2 | ||||
-rwxr-xr-x | app/jitsi/build/jitsi-xmpp/xmpp_conf | 49 | ||||
-rwxr-xr-x | app/jitsi/build/jitsi-xmpp/xmpp_gen | 9 | ||||
-rwxr-xr-x | app/jitsi/build/jitsi-xmpp/xmpp_prosody | 9 | ||||
-rwxr-xr-x | app/jitsi/build/jitsi-xmpp/xmpp_run | 20 |
9 files changed, 58 insertions, 113 deletions
diff --git a/app/jitsi/build/jitsi-conference-focus/Dockerfile b/app/jitsi/build/jitsi-conference-focus/Dockerfile index e2c459c..db50746 100644 --- a/app/jitsi/build/jitsi-conference-focus/Dockerfile +++ b/app/jitsi/build/jitsi-conference-focus/Dockerfile @@ -1,11 +1,10 @@ -FROM debian:buster AS builder +FROM fedora:33 AS builder + +RUN dnf install -y java-latest-openjdk-headless maven wget unzip ARG PREFIXV ARG VERSION -RUN apt-get update && \ - apt-get install -y openjdk-11-jdk maven wget unzip && \ - wget https://github.com/jitsi/jicofo/archive/${PREFIXV}${VERSION}.zip -O jicofo.zip - +RUN wget https://github.com/jitsi/jicofo/archive/${PREFIXV}${VERSION}.zip -O jicofo.zip RUN unzip jicofo.zip && \ mv jicofo*${VERSION} jicofo && \ cd jicofo && \ @@ -13,15 +12,12 @@ RUN unzip jicofo.zip && \ unzip target/jicofo-1.1-SNAPSHOT-archive.zip && \ mv jicofo-1.1-SNAPSHOT /srv/build -FROM debian:buster +FROM debian:bullseye RUN apt-get update && \ apt-get install -y openjdk-11-jre-headless ca-certificates -ENV JAVA_SYS_PROPS="-Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/root -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=.sip-communicator -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/jitsi" - -COPY --from=builder /srv/build /srv/jicofo -COPY jicofo /usr/local/bin/jicofo -COPY sip-communicator.properties /root/.sip-communicator/sip-communicator.properties +COPY --from=builder /srv/build /usr/share/jicofo +COPY jicofo /usr/local/bin CMD ["/usr/local/bin/jicofo"] diff --git a/app/jitsi/build/jitsi-conference-focus/jicofo b/app/jitsi/build/jitsi-conference-focus/jicofo index 2bc6e3f..2225e98 100755 --- a/app/jitsi/build/jitsi-conference-focus/jicofo +++ b/app/jitsi/build/jitsi-conference-focus/jicofo @@ -1,16 +1,13 @@ #!/bin/bash -cp ${JITSI_CERTS_FOLDER}/auth.jitsi.deuxfleurs.fr.crt /usr/local/share/ca-certificates/auth.jitsi.deuxfleurs.fr.crt update-ca-certificates -f -cat >> /etc/hosts <<EOF -${JITSI_PROSODY_HOST} jitsi.deuxfleurs.fr conference.jitsi.deuxfleurs.fr jitsi-videobridge.jitsi.deuxfleurs.fr focus.jitsi.deuxfleurs.fr auth.jitsi.deuxfleurs.fr -127.0.0.1 `hostname` -EOF - -/srv/jicofo/jicofo.sh \ - --host=${JITSI_PROSODY_HOST} \ - --domain=jitsi.deuxfleurs.fr \ - --secret=${JITSI_SECRET_JICOFO_COMPONENT} \ - --user_domain=auth.jitsi.deuxfleurs.fr \ - --user_password=${JITSI_SECRET_JICOFO_USER} +exec java \ + -Xmx400m \ + -XX:+HeapDumpOnOutOfMemoryError \ + -XX:HeapDumpPath=/tmp \ + -Djdk.tls.ephemeralDHKeySize=2048 \ + -Djava.util.logging.config.file=/usr/share/jicofo/lib/logging.properties \ + -Dconfig.file=/etc/jitsi/jicofo.conf \ + -cp "/usr/share/jicofo/*:/usr/share/jicofo/lib/*" \ + org.jitsi.jicofo.Main diff --git a/app/jitsi/build/jitsi-conference-focus/sip-communicator.properties b/app/jitsi/build/jitsi-conference-focus/sip-communicator.properties deleted file mode 100644 index 53c32e2..0000000 --- a/app/jitsi/build/jitsi-conference-focus/sip-communicator.properties +++ /dev/null @@ -1,2 +0,0 @@ -org.jitsi.jicofo.SHORT_ID=1 -org.jitsi.jicofo.BRIDGE_MUC=JvbBrewery@internal.auth.jitsi.deuxfleurs.fr diff --git a/app/jitsi/build/jitsi-xmpp/Dockerfile b/app/jitsi/build/jitsi-xmpp/Dockerfile index f3dcd36..90aae76 100644 --- a/app/jitsi/build/jitsi-xmpp/Dockerfile +++ b/app/jitsi/build/jitsi-xmpp/Dockerfile @@ -1,13 +1,38 @@ -FROM debian:buster +FROM debian:buster as builder -ARG VERSION +WORKDIR /tmp +ARG MEET_VERSION +ARG PREFIXV +RUN apt-get update && \ + apt-get install -y wget unzip +RUN wget https://github.com/jitsi/jitsi-meet/archive/${PREFIXV}${MEET_VERSION}.zip -O meet.zip +RUN unzip meet.zip && \ + mv jitsi-meet-* jitsi-meet +FROM debian:buster + +ARG PROSODY_VERSION RUN apt-get update && \ - apt-get install -y prosody=${VERSION} + apt-get install -y wget gnupg2 && \ + echo deb http://packages.prosody.im/debian buster main \ + | tee -a /etc/apt/sources.list && \ + wget https://prosody.im/files/prosody-debian-packages.key -O - \ + | apt-key add - && \ + apt-get update && \ + apt-get install -y prosody=${PROSODY_VERSION} lua-event + +RUN mkdir -p /usr/local/share/ca-certificates/ && \ + ln -sf \ + /var/lib/prosody/certs/auth.jitsi.crt \ + /usr/local/share/ca-certificates/auth.jitsi.crt && \ + mkdir /run/prosody && \ + touch /run/prosody/prosody.pid && \ + mkdir -p /var/lib/prosody && \ + chown -R prosody:prosody /var/lib/prosody /run/prosody -COPY external_components.cfg.lua /etc/prosody/conf.d/external_components.cfg.lua -COPY xmpp_conf /usr/local/bin/xmpp_conf -COPY xmpp_gen /usr/local/bin/xmpp_gen -COPY xmpp_run /usr/local/bin/xmpp_run +COPY --from=builder /tmp/jitsi-meet/resources/prosody-plugins /usr/share/jitsi-meet/prosody-plugins/ +COPY xmpp_prosody /usr/local/bin/xmpp_prosody -CMD ["/usr/local/bin/xmpp_run"] +WORKDIR /var/lib/prosody +USER prosody +CMD ["/usr/local/bin/xmpp_prosody"] diff --git a/app/jitsi/build/jitsi-xmpp/external_components.cfg.lua b/app/jitsi/build/jitsi-xmpp/external_components.cfg.lua deleted file mode 100644 index beaaa87..0000000 --- a/app/jitsi/build/jitsi-xmpp/external_components.cfg.lua +++ /dev/null @@ -1,2 +0,0 @@ -component_ports = { 5347 } -component_interface = "0.0.0.0" diff --git a/app/jitsi/build/jitsi-xmpp/xmpp_conf b/app/jitsi/build/jitsi-xmpp/xmpp_conf deleted file mode 100755 index 34b2cb3..0000000 --- a/app/jitsi/build/jitsi-xmpp/xmpp_conf +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash - -cat >> /etc/hosts <<EOF -${JITSI_PROSODY_HOST} jitsi.deuxfleurs.fr conference.jitsi.deuxfleurs.fr jitsi-videobridge.jitsi.deuxfleurs.fr focus.jitsi.deuxfleurs.fr auth.jitsi.deuxfleurs.fr -127.0.0.1 `hostname` -EOF - -mkdir -p /etc/prosody/conf.{d,avail}/ -cat > /etc/prosody/conf.avail/jitsi.deuxfleurs.fr.cfg.lua <<EOF -http_ports = { ${JITSI_PROSODY_BOSH_PORT} } - -VirtualHost "jitsi.deuxfleurs.fr" - authentication = "anonymous" - ssl = { - key = "/var/lib/prosody/jitsi.deuxfleurs.fr.key"; - certificate = "/var/lib/prosody/jitsi.deuxfleurs.fr.crt"; - } - modules_enabled = { - "bosh"; - "pubsub"; - } - c2s_require_encryption = false - -VirtualHost "auth.jitsi.deuxfleurs.fr" - ssl = { - key = "/var/lib/prosody/auth.jitsi.deuxfleurs.fr.key"; - certificate = "/var/lib/prosody/auth.jitsi.deuxfleurs.fr.crt"; - } - authentication = "internal_plain" - admins = { "focus@auth.jitsi.deuxfleurs.fr"} - -Component "conference.jitsi.deuxfleurs.fr" "muc" -Component "internal.auth.jitsi.deuxfleurs.fr" "muc" - storage = "memory" - modules_enabled = { "ping"; } - admins = { "focus@auth.jitsi.deuxfleurs.fr", "jvb@auth.jitsi.deuxfleurs.fr" } - -Component "jitsi-videobridge.jitsi.deuxfleurs.fr" - component_secret = "${JITSI_SECRET_VIDEOBRIDGE}" -Component "focus.jitsi.deuxfleurs.fr" - component_secret = "${JITSI_SECRET_JICOFO_COMPONENT}" - -EOF - -ln -sf \ - /etc/prosody/conf.avail/jitsi.deuxfleurs.fr.cfg.lua \ - /etc/prosody/conf.d/jitsi.deuxfleurs.fr.cfg.lua - - diff --git a/app/jitsi/build/jitsi-xmpp/xmpp_gen b/app/jitsi/build/jitsi-xmpp/xmpp_gen deleted file mode 100755 index 3a2e04a..0000000 --- a/app/jitsi/build/jitsi-xmpp/xmpp_gen +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - -/usr/local/bin/xmpp_conf - -prosodyctl cert generate jitsi.deuxfleurs.fr -prosodyctl cert generate auth.jitsi.deuxfleurs.fr - -cp /var/lib/prosody/*.crt ${JITSI_CERTS_FOLDER} -cp /var/lib/prosody/*.key ${JITSI_CERTS_FOLDER} diff --git a/app/jitsi/build/jitsi-xmpp/xmpp_prosody b/app/jitsi/build/jitsi-xmpp/xmpp_prosody new file mode 100755 index 0000000..af179e5 --- /dev/null +++ b/app/jitsi/build/jitsi-xmpp/xmpp_prosody @@ -0,0 +1,9 @@ +#!/bin/bash +prosodyctl register focus auth.jitsi ${JICOFO_AUTH_PASSWORD} +prosodyctl register jvb auth.jitsi ${JVB_AUTH_PASSWORD} + +# copied from jitsi-meet.postinst +# Make sure the focus@auth user's roster includes the proxy component (this is idempotent) +prosodyctl mod_roster_command subscribe focus.jitsi focus@auth.jitsi + +exec prosody diff --git a/app/jitsi/build/jitsi-xmpp/xmpp_run b/app/jitsi/build/jitsi-xmpp/xmpp_run deleted file mode 100755 index 6383b65..0000000 --- a/app/jitsi/build/jitsi-xmpp/xmpp_run +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash - -/usr/local/bin/xmpp_conf -cp ${JITSI_CERTS_FOLDER}/* /var/lib/prosody/ -chown -R prosody:prosody /var/lib/prosody - -mkdir -p /usr/local/share/ca-certificates/ -ln -sf \ - /var/lib/prosody/auth.jitsi.deuxfleurs.fr.crt \ - /usr/local/share/ca-certificates/auth.jitsi.deuxfleurs.fr.crt - -prosodyctl register focus auth.jitsi.deuxfleurs.fr ${JITSI_SECRET_JICOFO_USER} -prosodyctl register jvb auth.jitsi.deuxfleurs.fr ${JITSI_SECRET_VIDEOBRIDGE} - -mkdir /run/prosody -touch /run/prosody/prosody.pid -chown -R prosody:prosody /run/prosody - -cd /var/lib/prosody -su - prosody -s /bin/bash -c prosody |