chris/scarif
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add jitsi container

Browse Source
This commit is contained in:
Chris
2020-12-22 18:05:10 +00:00
parent 8629648666
commit 43c869e890
4 changed files with 168 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
bootstrap.sh
View File

@@ -52,6 +52,9 @@ chmod +x /app/gitea/gitea
chown -R git /app/gitea/gitea chown -R git /app/gitea/gitea
chown -R git /var/lib/gitea chown -R git /var/lib/gitea
echo "------- Adding config folders for jitsi -------"
mkdir -p /opt/jitsi/{web/letsencrypt,transcripts,prosody/config,prosody/prosody-plugins-custom,jicofo,jvb,jigasi,jibri}
echo "------- Setting up firewall -------" echo "------- Setting up firewall -------"
ufw default deny incoming ufw default deny incoming
ufw default allow outgoing ufw default allow outgoing
@@ -66,3 +69,5 @@ systemctl enable docker --now
docker-compose -f "/opt/scarif/docker-compose.yml" --env-file "/opt/scarif/.env" up -d docker-compose -f "/opt/scarif/docker-compose.yml" --env-file "/opt/scarif/.env" up -d
# Create a super user for pinry # Create a super user for pinry
docker exec -it scarif_pinry_1 python manage.py createsuperuser --settings=pinry.settings.docker docker exec -it scarif_pinry_1 python manage.py createsuperuser --settings=pinry.settings.docker
# Create user for jitsi
docker-compose exec prosody prosodyctl --config /config/prosody.cfg.lua register chris meet.jitsi ${USER_PASSWORD}

164
docker-compose.yml
View File

@@ -1,9 +1,9 @@
# Options for building certificates # Options for building certificates
#x-certs: &certs x-certs: &certs
# image: paulczar/omgwtfssl image: paulczar/omgwtfssl
# restart: "no" restart: "no"
# volumes: volumes:
# - certs:/certs - /opt/ssl:/certs
version: "3.4" version: "3.4"
@@ -67,8 +67,8 @@ services:
- redis - redis
- nginx - nginx
extra_hosts: extra_hosts:
- "tower.scarif.local:${LOCAL_IP}" - "tower.scarif.space:${LOCAL_IP}"
- "office.scarif.local:${LOCAL_IP}" - "office.scarif.space:${LOCAL_IP}"
collabora: collabora:
image: collabora/code image: collabora/code
@@ -90,8 +90,8 @@ services:
networks: networks:
- nginx - nginx
extra_hosts: extra_hosts:
- "tower.scarif.local:${LOCAL_IP}" - "tower.scarif.space:${LOCAL_IP}"
- "office.scarif.local:${LOCAL_IP}" - "office.scarif.space:${LOCAL_IP}"
pinry: pinry:
image: 'getpinry/pinry' image: 'getpinry/pinry'
@@ -133,19 +133,140 @@ services:
depends_on: depends_on:
- db - db
cadvisor: jitsi:
image: gcr.io/cadvisor/cadvisor:v0.37.0 image: jitsi/web:latest
restart: always
volumes: volumes:
- /:/rootfs:ro - /opt/jitsi/web:/config:Z
- /var/run:/var/run:ro - /opt/jitsi/transcripts:/usr/share/jitsi-meet/transcripts:Z
- /sys:/sys:ro environment:
- /var/lib/docker/:/var/lib/docker:ro - ENABLE_LETSENCRYPT=false
- /dev/disk/:/dev/disk:ro - ENABLE_HTTP_REDIRECT=false
privileged: true - ENABLE_HSTS=false
devices: - ENABLE_XMPP_WEBSOCKET=true
- /dev/kmsg - DISABLE_HTTPS=true
- PUBLIC_URL=https://comms.${DOMAIN}
- TZ=UTC
- ENABLE_AUDIO_PROCESSING=true
- ENABLE_AUTH=true
- ENABLE_GUESTS=true
- ENABLE_LIPSYNC=true
- ENABLE_PREJOIN_PAGE=true
- ENABLE_WELCOME_PAGE=true
- ENABLE_CLOSE_PAGE=true
- ENABLE_REQUIRE_DISPLAY_NAME=false
- ENABLE_TALK_WHILE_MUTED=true
- JICOFO_AUTH_USER=focus
- DISABLE_AUDIO_LEVELS=false
- ENABLE_NOISY_MIC_DETECTION=true
- XMPP_AUTH_DOMAIN=auth.meet.jitsi
- XMPP_BOSH_URL_BASE=http://xmpp.meet.jitsi:5280
- XMPP_DOMAIN=meet.jitsi
- XMPP_GUEST_DOMAIN=guest.meet.jitsi
- XMPP_MUC_DOMAIN=muc.meet.jitsi
- XMPP_RECORDER_DOMAIN=recorder.meet.jitsi
networks: networks:
- nginx nginx:
meet.jitsi:
# XMPP server
prosody:
image: jitsi/prosody:latest
restart: always
expose:
- '5222'
- '5347'
- '5280'
volumes:
- /opt/jitsi/prosody/config:/config:Z
- /opt/jitsi/prosody/prosody-plugins-custom:/prosody-plugins-custom:Z
environment:
- AUTH_TYPE=internal
- ENABLE_AUTH=true
- ENABLE_GUESTS=true
- ENABLE_LOBBY=true
- ENABLE_XMPP_WEBSOCKET=true
- XMPP_DOMAIN=meet.jitsi
- XMPP_AUTH_DOMAIN=auth.meet.jitsi
- XMPP_GUEST_DOMAIN=guest.meet.jitsi
- XMPP_MUC_DOMAIN=muc.meet.jitsi
- XMPP_INTERNAL_MUC_DOMAIN=internal-muc.meet.jitsi
- XMPP_RECORDER_DOMAIN=recorder.meet.jitsi
- JICOFO_COMPONENT_SECRET
- JICOFO_AUTH_USER=focus
- JICOFO_AUTH_PASSWORD
- JVB_AUTH_USER=jvb
- JVB_AUTH_PASSWORD
- JIGASI_XMPP_PASSWORD
- JIBRI_XMPP_PASSWORD
- JIBRI_RECORDER_PASSWORD
- PUBLIC_URL=https://comms.${DOMAIN}
- TZ=UTC
networks:
meet.jitsi:
aliases:
- xmpp.meet.jitsi
# Focus component
jicofo:
image: jitsi/jicofo:latest
restart: always
volumes:
- /opt/jitsi/jicofo:/config:Z
environment:
- AUTH_TYPE=internal
- ENABLE_AUTH=true
- XMPP_DOMAIN=meet.jitsi
- XMPP_AUTH_DOMAIN=auth.meet.jitsi
- XMPP_INTERNAL_MUC_DOMAIN=internal-muc.meet.jitsi
- XMPP_MUC_DOMAIN=muc.meet.jitsi
- XMPP_SERVER=xmpp.meet.jitsi
- JICOFO_COMPONENT_SECRET
- JICOFO_AUTH_USER=focus
- JICOFO_AUTH_PASSWORD
- JVB_BREWERY_MUC=jvbbrewery
- JIGASI_BREWERY_MUC=jigasibrewery
- JIBRI_BREWERY_MUC=jibribrewery
- JIBRI_PENDING_TIMEOUT=90
- TZ=UTC
depends_on:
- prosody
networks:
meet.jitsi:
# Video bridge
jvb:
image: jitsi/jvb:latest
restart: always
ports:
- '10000:10000/udp'
- '4443:4443'
volumes:
- /opt/jitsi/jvb:/config:Z
environment:
- DOCKER_HOST_ADDRESS=${LOCAL_IP}
- XMPP_AUTH_DOMAIN=meet.jitsi
- XMPP_INTERNAL_MUC_DOMAIN=internal-muc.meet.jitsi
- XMPP_SERVER=xmpp.meet.jitsi
- JVB_AUTH_USER=jvb
- JVB_AUTH_PASSWORD
- JVB_BREWERY_MUC=jvbbrewery
- JVB_PORT=10000
- JVB_TCP_HARVESTER_DISABLED=true
- JVB_TCP_PORT=4443
- JVB_TCP_MAPPED_PORT=4443
- JVB_STUN_SERVERS=meet-jit-si-turnrelay.jitsi.net:443
- JVB_ENABLE_APIS=
- PUBLIC_URL=https://comms.${DOMAIN}
- TZ=UTC
depends_on:
- prosody
networks:
meet.jitsi:
aliases:
- jvb.meet.jitsi
db: db:
image: mariadb image: mariadb
@@ -182,7 +303,6 @@ services:
- nextcloud - nextcloud
- gitea - gitea
- collabora - collabora
- cadvisor
- pinry - pinry
ports: ports:
- 80:80 - 80:80
@@ -205,7 +325,6 @@ volumes:
monica-public: monica-public:
monica-data: monica-data:
nextcloud: nextcloud:
#certs:
dashboard: dashboard:
pinry: pinry:
@@ -213,3 +332,4 @@ networks:
db: db:
nginx: nginx:
redis: redis:
meet.jitsi:

2
nextcloud/config/config.php
View File

@@ -18,7 +18,7 @@ $CONFIG = [
*/ */
'trusted_domains' => 'trusted_domains' =>
[ [
'tower.scarif.local', 'tower.scarif.space',
], ],
/** /**

20
nginx.conf
View File

@@ -482,6 +482,26 @@ http {
} }
} }
upstream jitsi-handler {
server jitsi:80;
}
server {
listen 443 ssl http2;
ssl_certificate /etc/nginx/certs/scarif.space.crt;
ssl_certificate_key /etc/nginx/certs/scarif.space.key;
gzip_types text/plain text/css application/json application/x-javascript
text/xml application/xml application/xml+rss text/javascript;
server_name comms.scarif.space;
location / {
proxy_pass http://jitsi-handler;
}
}
server { server {
listen 80 default_server; listen 80 default_server;
listen [::]:80 default_server; listen [::]:80 default_server;