From c4a6cf1534b864d3941c839d4a4dca7e505bd828 Mon Sep 17 00:00:00 2001 From: Quentin Date: Sat, 12 Sep 2020 10:03:48 +0200 Subject: Rebase first step --- app_deployment/jitsi.hcl | 258 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 258 insertions(+) create mode 100644 app_deployment/jitsi.hcl (limited to 'app_deployment/jitsi.hcl') diff --git a/app_deployment/jitsi.hcl b/app_deployment/jitsi.hcl new file mode 100644 index 0000000..4ef2f98 --- /dev/null +++ b/app_deployment/jitsi.hcl @@ -0,0 +1,258 @@ +/* + * WIP WIP WIP WIP + * + * + NEED TO SET ENV VARIABLES + */ + +job "jitsi" { + datacenters = ["dc1"] + type = "service" + + constraint { + attribute = "${attr.cpu.arch}" + value = "amd64" + } + + group "core" { + task "xmpp" { + driver = "docker" + config { + image = "superboum/amd64_jitsi_xmpp:v1" + network_mode = "host" + port_map { + xmpp_port = 5222 + ext_port = 5347 + bosh_port = 5280 + } + } + + template { + data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.crt\" }}" + destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.crt" + } + template { + data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.key\" }}" + destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.key" + } + template { + data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.crt\" }}" + destination = "secrets/certs/jitsi.deuxfleurs.fr.crt" + } + template { + data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.key\" }}" + destination = "secrets/certs/jitsi.deuxfleurs.fr.key" + } + artifact { + source = "http://127.0.0.1:8500/v1/kv/secrets/jitsi/global_env?raw" + destination = "secrets/global_env.tpl" + mode = "file" + } + template { + source = "secrets/global_env.tpl" + destination = "secrets/global_env" + env = true + } + + resources { + cpu = 300 + memory = 200 + network { + port "xmpp_port" { + static = "5222" + } + port "ext_port" { + static = "5347" + } + port "bosh_port" { + static = "5280" + } + } + } + + service { + tags = [ + "jitsi" + ] + port = "bosh_port" + address_mode = "host" + name = "jitsi-xmpp-bosh" + check { + type = "tcp" + port = "bosh_port" + interval = "60s" + timeout = "5s" + check_restart { + limit = 3 + grace = "90s" + ignore_warnings = false + } + } + } + } + + task "front" { + driver = "docker" + config { + image = "superboum/amd64_jitsi_front:v5" + network_mode = "host" + port_map { + https_port = 443 + } + } + + template { + data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.crt\" }}" + destination = "secrets/certs/jitsi.deuxfleurs.fr.crt" + } + template { + data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.key\" }}" + destination = "secrets/certs/jitsi.deuxfleurs.fr.key" + } + artifact { + source = "http://127.0.0.1:8500/v1/kv/secrets/jitsi/global_env?raw" + destination = "secrets/global_env.tpl" + mode = "file" + } + template { + source = "secrets/global_env.tpl" + destination = "secrets/global_env" + env = true + } + + resources { + cpu = 300 + memory = 200 + network { + port "https_port" { + static = "443" + } + } + } + + service { + tags = [ + "jitsi", + "traefik.enable=true", + "traefik.frontend.entryPoints=https,http", + "traefik.frontend.rule=Host:jitsi.deuxfleurs.fr;PathPrefix:/", + "traefik.protocol=https" + ] + port = "https_port" + address_mode = "host" + name = "jitsi-front-https" + check { + type = "tcp" + port = "https_port" + interval = "60s" + timeout = "5s" + check_restart { + limit = 3 + grace = "90s" + ignore_warnings = false + } + } + } + } + + task "jicofo" { + driver = "docker" + config { + image = "superboum/amd64_jitsi_conference_focus:v2" + network_mode = "host" + } + + template { + data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.crt\" }}" + destination = "secrets/certs/jitsi.deuxfleurs.fr.crt" + } + template { + data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.crt\" }}" + destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.crt" + } + artifact { + source = "http://127.0.0.1:8500/v1/kv/secrets/jitsi/global_env?raw" + destination = "secrets/global_env.tpl" + mode = "file" + } + template { + source = "secrets/global_env.tpl" + destination = "secrets/global_env" + env = true + } + + resources { + cpu = 300 + memory = 400 + } + } + + task "videobridge" { + driver = "docker" + config { + image = "superboum/amd64_jitsi_videobridge:v9" + network_mode = "host" + port_map { + video1_port = 8080 + video2_port = 10000 + } + ulimit { + nofile = "1048576:1048576" + nproc = "65536:65536" + } + } + + env { + #JITSI_DEBUG = 1 + JITSI_VIDEO_TCP = 8080 + } + + artifact { + source = "http://127.0.0.1:8500/v1/kv/secrets/jitsi/global_env?raw" + destination = "secrets/global_env.tpl" + mode = "file" + } + template { + source = "secrets/global_env.tpl" + destination = "secrets/global_env" + env = true + } + + resources { + cpu = 900 + memory = 1500 + network { + port "video1_port" { + static = "8080" + } + port "video2_port" { + static = "10000" + } + } + + } + + service { + tags = [ + "jitsi", + "(diplonat (tcp_port 8080) (udp_port 10000))" + ] + port = "video1_port" + address_mode = "host" + name = "jitsi-videobridge-video1" + check { + type = "tcp" + port = "video1_port" + interval = "60s" + timeout = "5s" + check_restart { + limit = 3 + grace = "90s" + ignore_warnings = false + } + } + } + } + + } +} + -- cgit v1.2.3