From 7821b6b33b75e6c7d4a4b207b0f1f90840f04cfc Mon Sep 17 00:00:00 2001 From: Tobias Reisinger <tobias@msrg.cc> Date: Fri, 13 Jun 2025 16:40:19 +0200 Subject: [PATCH] Replace briefing with jitsi --- playbooks/roles/jitsi/handlers/main.yml | 3 ++ playbooks/roles/jitsi/tasks/main.yml | 12 +++++ playbooks/roles/jitsi/vars/main.yml | 72 +++++++++++++++++++++++++ scripts/visualize.py | 1 + services.auto.tfvars | 32 ++++++----- 5 files changed, 107 insertions(+), 13 deletions(-) create mode 100644 playbooks/roles/jitsi/handlers/main.yml create mode 100644 playbooks/roles/jitsi/tasks/main.yml create mode 100644 playbooks/roles/jitsi/vars/main.yml diff --git a/playbooks/roles/jitsi/handlers/main.yml b/playbooks/roles/jitsi/handlers/main.yml new file mode 100644 index 0000000..4ff0834 --- /dev/null +++ b/playbooks/roles/jitsi/handlers/main.yml @@ -0,0 +1,3 @@ +--- +- name: Restart service {{ role_name }} + ansible.builtin.include_tasks: tasks/restart-service.yml diff --git a/playbooks/roles/jitsi/tasks/main.yml b/playbooks/roles/jitsi/tasks/main.yml new file mode 100644 index 0000000..c7f5423 --- /dev/null +++ b/playbooks/roles/jitsi/tasks/main.yml @@ -0,0 +1,12 @@ +--- +- name: Set common facts + ansible.builtin.import_tasks: tasks/set-default-facts.yml + +- name: Deploy {{ role_name }} + vars: + svc: "{{ jitsi_svc }}" + env: "{{ jitsi_env }}" + compose: "{{ jitsi_compose }}" + block: + - name: Import tasks to deploy common service + ansible.builtin.import_tasks: tasks/deploy-common-service.yml diff --git a/playbooks/roles/jitsi/vars/main.yml b/playbooks/roles/jitsi/vars/main.yml new file mode 100644 index 0000000..07c96e2 --- /dev/null +++ b/playbooks/roles/jitsi/vars/main.yml @@ -0,0 +1,72 @@ +--- +jitsi_image_version: stable-10314 + +jitsi_svc: + domain: "{{ all_services | service_get_domain(role_name) }}" + port: 80 + +jitsi_env: + # https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-docker/ + + TZ: "{{ timezone }}" + PUBLIC_URL: "https://{{ jitsi_svc.domain }}" + + ENABLE_LETSENCRYPT: 0 + DISABLE_HTTPS: 1 + + ENABLE_AUTH: 0 + ENABLE_GUESTS: 1 + + JICOFO_AUTH_PASSWORD: "{{ vault_jitsi.jicofo_auth_password }}" + JVB_AUTH_PASSWORD: "{{ vault_jitsi.jvb_auth_password }}" + + +jitsi_compose: + watchtower: false + image: "jitsi/web:{{ jitsi_image_version }}" + file: + services: + app: + depends_on: + - jvb + prosody: + image: "jitsi/prosody:{{ jitsi_image_version }}" + restart: always + env_file: + - service.env + expose: + - '5222' + - '5269' + - '5347' + - '5280' + networks: + default: + aliases: + - xmpp.meet.jitsi + + jicofo: + image: "jitsi/jicofo:{{ jitsi_image_version }}" + restart: always + env_file: + - service.env + ports: + - '127.0.0.1:8888:8888' + labels: + service: "jitsi-jicofo" + depends_on: + - prosody + networks: + default: + + jvb: + image: "jitsi/jvb:{{ jitsi_image_version }}" + restart: always + env_file: + - service.env + ports: + - '127.0.0.1:8080:8080' + - '10000:10000/udp' + depends_on: + - prosody + networks: + default: diff --git a/scripts/visualize.py b/scripts/visualize.py index a0ee108..47bb950 100755 --- a/scripts/visualize.py +++ b/scripts/visualize.py @@ -13,6 +13,7 @@ icon_overrides = { "extra_services": None, "forgejo_runner": "forgejo", "healthcheck": "healthchecks", + "jitsi": "jitsi-meet", "lego": "lets-encrypt", "lgtm_stack": "grafana", "mailcowdockerized": "mailcow", diff --git a/services.auto.tfvars b/services.auto.tfvars index 0b5ea72..a3a5eb9 100644 --- a/services.auto.tfvars +++ b/services.auto.tfvars @@ -55,19 +55,6 @@ services = { database = false }, - "briefing" = { - host = "node001" - dns = [{ - domain = "meet.serguzim.me" - }] - monitoring = { - url = "/" - group = "3-services" - } - auth = false - database = false - } - "caddy" = { host = "*" ports = [ @@ -349,6 +336,25 @@ services = { database = false }, + "jitsi" = { + host : "node003" + dns = [{ + domain = "meet.serguzim.me" + }] + ports = [{ + description = "Jitsi jvp port for RTP media over UDP" + port = 10000 + protocol = "udp" + type = "firewall" + }] + monitoring = { + url = "/" + group = "3-services" + } + auth = false + database = false + } + "lego" = { host = "*" auth = false