9 files changed, 55 insertions, 34 deletions

diff --git a/app/build/docker-compose.yml b/app/build/docker-compose.yml
index 0e44928..7774b66 100644
--- a/app/build/docker-compose.yml
+++ b/app/build/docker-compose.yml
@@ -44,7 +44,7 @@ services:
         # https://github.com/jitsi/jicofo
         PREFIXV: stable/jitsi-meet_
         VERSION: 4966
-    image: superboum/amd64_jitsi_conference_focus:v3
+    image: superboum/amd64_jitsi_conference_focus:v4
 
   jitsi-videobridge:
     build:
@@ -53,11 +53,11 @@ services:
         # https://github.com/jitsi/jitsi-videobridge
         PREFIXV: stable/jitsi-meet_
         VERSION: 4966
-    image: superboum/amd64_jitsi_videobridge:v13
+    image: superboum/amd64_jitsi_videobridge:v14
 
   jitsi-xmpp:
     build:
       context: ./jitsi-xmpp
       args:
         VERSION: fake-1
-    image: superboum/amd64_jitsi_xmpp:v2
+    image: superboum/amd64_jitsi_xmpp:v3
diff --git a/app/build/jitsi-conference-focus/Dockerfile b/app/build/jitsi-conference-focus/Dockerfile
index 93301e9..e2c459c 100644
--- a/app/build/jitsi-conference-focus/Dockerfile
+++ b/app/build/jitsi-conference-focus/Dockerfile
@@ -16,7 +16,9 @@ RUN unzip jicofo.zip && \
 FROM debian:buster
 
 RUN apt-get update && \
-    apt-get install -y openjdk-11-jdk ca-certificates
+    apt-get install -y openjdk-11-jre-headless ca-certificates
+
+ENV JAVA_SYS_PROPS="-Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION=/root -Dnet.java.sip.communicator.SC_HOME_DIR_NAME=.sip-communicator -Dnet.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/jitsi"
 
 COPY --from=builder /srv/build /srv/jicofo
 COPY jicofo /usr/local/bin/jicofo
diff --git a/app/build/jitsi-conference-focus/sip-communicator.properties b/app/build/jitsi-conference-focus/sip-communicator.properties
index 5347d51..53c32e2 100644
--- a/app/build/jitsi-conference-focus/sip-communicator.properties
+++ b/app/build/jitsi-conference-focus/sip-communicator.properties
@@ -1 +1,2 @@
 org.jitsi.jicofo.SHORT_ID=1
+org.jitsi.jicofo.BRIDGE_MUC=JvbBrewery@internal.auth.jitsi.deuxfleurs.fr
diff --git a/app/build/jitsi-videobridge/jvb_run b/app/build/jitsi-videobridge/jvb_run
index c5852bc..b86c911 100755
--- a/app/build/jitsi-videobridge/jvb_run
+++ b/app/build/jitsi-videobridge/jvb_run
@@ -8,9 +8,24 @@ EOF
 mkdir -p /root/.sip-communicator
 
 cat > /root/.sip-communicator/sip-communicator.properties <<EOF
+# Enable broadcasting stats/presence in a MUC
+org.jitsi.videobridge.ENABLE_STATISTICS=true
+org.jitsi.videobridge.STATISTICS_TRANSPORT=muc
+
+# Connect to the first XMPP server
+org.jitsi.videobridge.xmpp.user.shard.HOSTNAME=jitsi.deuxfleurs.fr
+org.jitsi.videobridge.xmpp.user.shard.DOMAIN=auth.jitsi.deuxfleurs.fr
+org.jitsi.videobridge.xmpp.user.shard.USERNAME=jvb
+org.jitsi.videobridge.xmpp.user.shard.PASSWORD=${JITSI_SECRET_VIDEOBRIDGE}
+org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS=JvbBrewery@internal.auth.jitsi.deuxfleurs.fr
+org.jitsi.videobridge.xmpp.user.shard.MUC=JvbBrewery@internal.auth.jitsi.deuxfleurs.fr
+org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME=singleton
+org.jitsi.videobridge.xmpp.user.shard.DISABLE_CERTIFICATE_VERIFICATION=true
+
+# Do we need it? @FIXME
 org.jitsi.impl.neomedia.transform.srtp.SRTPCryptoContext.checkReplay=false
-# The videobridge uses 443 by default with 4443 as a fallback, but since we're already
-# running nginx on 443 in this example doc, we specify 4443 manually to avoid a race condition
+
+# NAT things, two times just in case...
 org.ice4j.ice.harvest.TCP_HARVESTER_PORT=${JITSI_VIDEO_TCP}
 org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=${JITSI_NAT_LOCAL_IP}
 org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=${JITSI_NAT_PUBLIC_IP}
diff --git a/app/build/jitsi-xmpp/xmpp_conf b/app/build/jitsi-xmpp/xmpp_conf
index 2a9278e..5990d07 100755
--- a/app/build/jitsi-xmpp/xmpp_conf
+++ b/app/build/jitsi-xmpp/xmpp_conf
@@ -8,31 +8,36 @@ EOF
 mkdir -p /etc/prosody/conf.{d,avail}/
 cat > /etc/prosody/conf.avail/jitsi.deuxfleurs.fr.cfg.lua <<EOF
 VirtualHost "jitsi.deuxfleurs.fr"
-    authentication = "anonymous"
-    ssl = {
-        key = "/var/lib/prosody/jitsi.deuxfleurs.fr.key";
-        certificate = "/var/lib/prosody/jitsi.deuxfleurs.fr.crt";
-    }
-    modules_enabled = {
-        "bosh";
-        "pubsub";
-    }
-    c2s_require_encryption = false
+  authentication = "anonymous"
+  ssl = {
+    key = "/var/lib/prosody/jitsi.deuxfleurs.fr.key";
+    certificate = "/var/lib/prosody/jitsi.deuxfleurs.fr.crt";
+  }
+  modules_enabled = {
+    "bosh";
+    "pubsub";
+  }
+  c2s_require_encryption = false
 
 VirtualHost "auth.jitsi.deuxfleurs.fr"
-    ssl = {
-        key = "/var/lib/prosody/auth.jitsi.deuxfleurs.fr.key";
-        certificate = "/var/lib/prosody/auth.jitsi.deuxfleurs.fr.crt";
-    }
-    authentication = "internal_plain"
-
-admins = { "focus@auth.jitsi.deuxfleurs.fr" }
+  ssl = {
+    key = "/var/lib/prosody/auth.jitsi.deuxfleurs.fr.key";
+    certificate = "/var/lib/prosody/auth.jitsi.deuxfleurs.fr.crt";
+  }
+  authentication = "internal_plain"
+  admins = { "focus@auth.jitsi.deuxfleurs.fr"}
 
 Component "conference.jitsi.deuxfleurs.fr" "muc"
+Component "internal.auth.jitsi.deuxfleurs.fr" "muc"
+  storage = "memory"
+  modules_enabled = { "ping"; }
+  admins = { "focus@auth.jitsi.deuxfleurs.fr", "jvb@auth.jitsi.deuxfleurs.fr" }
+
 Component "jitsi-videobridge.jitsi.deuxfleurs.fr"
     component_secret = "${JITSI_SECRET_VIDEOBRIDGE}"
 Component "focus.jitsi.deuxfleurs.fr"
     component_secret = "${JITSI_SECRET_JICOFO_COMPONENT}"
+
 EOF
 
 ln -sf \
diff --git a/app/build/jitsi-xmpp/xmpp_run b/app/build/jitsi-xmpp/xmpp_run
index 8dfdf86..6383b65 100755
--- a/app/build/jitsi-xmpp/xmpp_run
+++ b/app/build/jitsi-xmpp/xmpp_run
@@ -10,6 +10,7 @@ ln -sf \
   /usr/local/share/ca-certificates/auth.jitsi.deuxfleurs.fr.crt
 
 prosodyctl register focus auth.jitsi.deuxfleurs.fr ${JITSI_SECRET_JICOFO_USER}
+prosodyctl register jvb auth.jitsi.deuxfleurs.fr ${JITSI_SECRET_VIDEOBRIDGE}
 
 mkdir /run/prosody
 touch /run/prosody/prosody.pid
diff --git a/app/integration/jitsi/01_gen_certs.yml b/app/integration/jitsi/01_gen_certs.yml
index 2ba3d1d..bf73291 100644
--- a/app/integration/jitsi/01_gen_certs.yml
+++ b/app/integration/jitsi/01_gen_certs.yml
@@ -1,7 +1,7 @@
 version: '3'
 services:
   jitsi-xmpp:
-    image: ./jitsi-xmpp:v2
+    image: superboum/amd64_jitsi_xmpp:v2
     command: ["/usr/local/bin/xmpp_gen"]
     volumes: [ './jitsi-certs/:/certs:rw' ]
     env_file: [ 'dev.env' ]
diff --git a/app/integration/jitsi/02_run.yml b/app/integration/jitsi/02_run.yml
index 354a548..73eefad 100644
--- a/app/integration/jitsi/02_run.yml
+++ b/app/integration/jitsi/02_run.yml
@@ -1,8 +1,7 @@
 version: '3.4'
 services:
   jitsi-xmpp:
-    image: superboum/amd64_jitsi_xmpp:v2
-    network_mode: host
+    image: superboum/amd64_jitsi_xmpp:v3
     ports:
       - "5222:5222"
       - "5347:5347"
@@ -16,15 +15,13 @@ services:
     env_file: [ 'dev.env' ]
     volumes: [ './jitsi-certs/:/certs:ro' ]
   jitsi-conference-focus:
-    image: superboum/amd64_jitsi_conference_focus:v3
+    image: superboum/amd64_jitsi_conference_focus:v4
     env_file: [ 'dev.env' ]
     volumes: [ './jitsi-certs/:/certs:ro' ]
   jitsi-videobridge:
-    image: superboum/amd64_jitsi_videobridge:v11
-    network_mode: host
+    image: superboum/amd64_jitsi_videobridge:v14
     ports:
       - "8080:8080/tcp"
       - "10000:10000/udp"
     env_file: [ 'dev.env' ]
     volumes: [ './jitsi-certs/:/certs:ro' ]
-    
diff --git a/app/integration/jitsi/dev.env b/app/integration/jitsi/dev.env
index 4fff8c1..1dd2122 100644
--- a/app/integration/jitsi/dev.env
+++ b/app/integration/jitsi/dev.env
@@ -2,9 +2,9 @@ JITSI_SECRET_VIDEOBRIDGE=S3CR3T01
 JITSI_SECRET_JICOFO_COMPONENT=S3CR3T02
 JITSI_SECRET_JICOFO_USER=S3CR3T03
 JITSI_PROSODY_BOSH_PORT=5280
-JITSI_PROSODY_BOSH_HOST=127.0.0.1
-JITSI_PROSODY_HOST=127.0.0.1
+JITSI_PROSODY_BOSH_HOST=172.17.0.1
+JITSI_PROSODY_HOST=172.17.0.1
 JITSI_CERTS_FOLDER=/certs/
-JITSI_NAT_PUBLIC_IP=77.204.7.239
-JITSI_NAT_LOCAL_IP=192.168.0.18
+JITSI_NAT_PUBLIC_IP=37.164.35.154
+JITSI_NAT_LOCAL_IP=192.168.0.231
 JITSI_VIDEO_TCP=8080