Adjusted variables and docker-compose file to account for multitenancy setups.
This commit is contained in:
parent
44711308a6
commit
8ef0adbb17
5 changed files with 29 additions and 15 deletions
|
|
@ -18,6 +18,7 @@ Role Variables
|
||||||
| --------------------------- | ------------------------------------------------------------------------------- | ------------------ |
|
| --------------------------- | ------------------------------------------------------------------------------- | ------------------ |
|
||||||
| jitsi_install_user | The user who is going to manage/run the Docker Compose services | {{ ansible_user }} |
|
| jitsi_install_user | The user who is going to manage/run the Docker Compose services | {{ ansible_user }} |
|
||||||
| jitsi_install_path | The location where the service should be deployed | /home/{{ jitsi_install_user }} |
|
| jitsi_install_path | The location where the service should be deployed | /home/{{ jitsi_install_user }} |
|
||||||
|
| jitsi_multitenant_label | A label (unique accross all instances on this host) identifying the tenant | |
|
||||||
| jitsi_build_latest_image_from_source | Will fetch the master of `jitsi_docker_upstream_repo_url` and build the docker image as sometimes the latest available images in the Docker Hub are too old | yes |
|
| jitsi_build_latest_image_from_source | Will fetch the master of `jitsi_docker_upstream_repo_url` and build the docker image as sometimes the latest available images in the Docker Hub are too old | yes |
|
||||||
| jitsi_docker_upstream_repo_url | Git repo of docker-jitsi-meet required by `jitsi_build_latest_image_from_source` | https://github.com/jitsi/docker-jitsi-meet.git |
|
| jitsi_docker_upstream_repo_url | Git repo of docker-jitsi-meet required by `jitsi_build_latest_image_from_source` | https://github.com/jitsi/docker-jitsi-meet.git |
|
||||||
| *jitsi_letsencrypt_email* | E-Mail adress used for requesting certificates | Not set |
|
| *jitsi_letsencrypt_email* | E-Mail adress used for requesting certificates | Not set |
|
||||||
|
|
@ -27,6 +28,8 @@ Role Variables
|
||||||
| jitsi_enable_third_party_requests | Whether to allow third party requests, e.g. to Gravatar (if a user sets her email address) | no |
|
| jitsi_enable_third_party_requests | Whether to allow third party requests, e.g. to Gravatar (if a user sets her email address) | no |
|
||||||
| jitsi_exposed_http_port | Exposed container port for HTTP | 8000 |
|
| jitsi_exposed_http_port | Exposed container port for HTTP | 8000 |
|
||||||
| jitsi_exposed_https_port | Exposed container port for HTTPS | 8443 |
|
| jitsi_exposed_https_port | Exposed container port for HTTPS | 8443 |
|
||||||
|
| jitsi_bridge_udp_port | Port for this instance's Jitsi Video Bridge | 10000 |
|
||||||
|
| jitsi_bridge_tcp_port | TCP fallback port for the Jitsi Video Bridge | 4443 |
|
||||||
| jitsi_jibri_recorder_password | Provide a secure password\* | |
|
| jitsi_jibri_recorder_password | Provide a secure password\* | |
|
||||||
| jitsi_jibri_recorder_user | | |
|
| jitsi_jibri_recorder_user | | |
|
||||||
| jitsi_jibri_xmpp_password | | |
|
| jitsi_jibri_xmpp_password | | |
|
||||||
|
|
|
||||||
|
|
@ -4,10 +4,15 @@ docker_user: deploy
|
||||||
jitsi_image_version: stable-8960-1
|
jitsi_image_version: stable-8960-1
|
||||||
jitsi_install_user: '{{ ansible_user }}' # This user must be present on the host
|
jitsi_install_user: '{{ ansible_user }}' # This user must be present on the host
|
||||||
jitsi_install_path: '/home/{{ jitsi_install_user }}'
|
jitsi_install_path: '/home/{{ jitsi_install_user }}'
|
||||||
|
jitsi_multitenant_label:
|
||||||
|
jitsi_multitenant_postfix: "{{ '_' + jitsi_multitenant_label if (jitsi_multitenant_label) else '' }}"
|
||||||
|
|
||||||
#jitsi_letsencrypt_email:alice@host.tld
|
#jitsi_letsencrypt_email:alice@host.tld
|
||||||
jitsi_enable_letsencrypt: no
|
jitsi_enable_letsencrypt: no
|
||||||
jitsi_exposed_http_port: 8000
|
jitsi_exposed_http_port: 8000
|
||||||
jitsi_exposed_https_port: 8443
|
jitsi_exposed_https_port: 8443
|
||||||
|
jitsi_bridge_udp_port: 10000
|
||||||
|
jitsi_bridge_tcp_port: 4443
|
||||||
jitsi_virtual_host: localhost
|
jitsi_virtual_host: localhost
|
||||||
jitsi_public_url: http://{{ jitsi_virtual_host }}
|
jitsi_public_url: http://{{ jitsi_virtual_host }}
|
||||||
jitsi_timezone: Europe/Amsterdam
|
jitsi_timezone: Europe/Amsterdam
|
||||||
|
|
|
||||||
|
|
@ -79,7 +79,7 @@
|
||||||
|
|
||||||
- assert:
|
- assert:
|
||||||
that:
|
that:
|
||||||
- "output.services['web']['jitsi_web_1'].state.running"
|
- "output.services['web']['jitsi{{ jitsi_multitenant_postfix }}_web_1'].state.running"
|
||||||
|
|
||||||
- name: "Config: Set channelLastN"
|
- name: "Config: Set channelLastN"
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
|
|
||||||
|
|
@ -156,20 +156,20 @@ services:
|
||||||
labels:
|
labels:
|
||||||
traefik.enable: true
|
traefik.enable: true
|
||||||
traefik.docker.network: traefik_public
|
traefik.docker.network: traefik_public
|
||||||
traefik.http.routers.jitsi.rule: Host(`{{ jitsi_virtual_host }}`)
|
traefik.http.routers.jitsi{{ jitsi_multitenant_postfix }}.rule: Host(`{{ jitsi_virtual_host }}`)
|
||||||
traefik.http.routers.jitsi.entrypoints: websecure
|
traefik.http.routers.jitsi{{ jitsi_multitenant_postfix }}.entrypoints: websecure
|
||||||
traefik.http.routers.jitsi.tls: true
|
traefik.http.routers.jitsi{{ jitsi_multitenant_postfix }}.tls: true
|
||||||
traefik.http.routers.jitsi.tls.certresolver: defaultresolver
|
traefik.http.routers.jitsi{{ jitsi_multitenant_postfix }}.tls.certresolver: defaultresolver
|
||||||
traefik.http.middlewares.jitsi-headers.headers.SSLRedirect: true
|
traefik.http.middlewares.jitsi{{ jitsi_multitenant_postfix }}-headers.headers.SSLRedirect: true
|
||||||
traefik.http.middlewares.jitsi-headers.headers.browserXSSFilter: true
|
traefik.http.middlewares.jitsi{{ jitsi_multitenant_postfix }}-headers.headers.browserXSSFilter: true
|
||||||
traefik.http.middlewares.jitsi-headers.headers.contentTypeNosniff: true
|
traefik.http.middlewares.jitsi{{ jitsi_multitenant_postfix }}-headers.headers.contentTypeNosniff: true
|
||||||
traefik.http.middlewares.jitsi-headers.headers.forceSTSHeader: true
|
traefik.http.middlewares.jitsi{{ jitsi_multitenant_postfix }}-headers.headers.forceSTSHeader: true
|
||||||
traefik.http.middlewares.jitsi-headers.headers.STSSeconds: 315360000
|
traefik.http.middlewares.jitsi{{ jitsi_multitenant_postfix }}-headers.headers.STSSeconds: 315360000
|
||||||
traefik.http.middlewares.jitsi-headers.headers.STSIncludeSubdomains: true
|
traefik.http.middlewares.jitsi{{ jitsi_multitenant_postfix }}-headers.headers.STSIncludeSubdomains: true
|
||||||
traefik.http.middlewares.jitsi-headers.headers.STSPreload: true
|
traefik.http.middlewares.jitsi{{ jitsi_multitenant_postfix }}-headers.headers.STSPreload: true
|
||||||
traefik.http.middlewares.jitsi-headers.headers.featurePolicy: geolocation 'none'; payment 'none'
|
traefik.http.middlewares.jitsi{{ jitsi_multitenant_postfix }}-headers.headers.featurePolicy: geolocation 'none'; payment 'none'
|
||||||
traefik.http.middlewares.jitsi-headers.headers.contentSecurityPolicy: default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline'; worker-src 'self' blob:; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; form-action 'none'; block-all-mixed-content
|
traefik.http.middlewares.jitsi{{ jitsi_multitenant_postfix }}-headers.headers.contentSecurityPolicy: default-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline'; worker-src 'self' blob:; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; form-action 'none'; block-all-mixed-content
|
||||||
traefik.http.routers.jitsi.middlewares: jitsi-headers
|
traefik.http.routers.jitsi{{ jitsi_multitenant_postfix }}.middlewares: jitsi{{ jitsi_multitenant_postfix }}-headers
|
||||||
networks:
|
networks:
|
||||||
public:
|
public:
|
||||||
meet.jitsi:
|
meet.jitsi:
|
||||||
|
|
|
||||||
|
|
@ -11,6 +11,12 @@
|
||||||
################################################################################
|
################################################################################
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# Docker Compose configuration
|
||||||
|
#
|
||||||
|
# Project name for this Docker Compose setup
|
||||||
|
COMPOSE_PROJECT_NAME=jitsi{{ jitsi_multitenant_postfix }}
|
||||||
|
|
||||||
#
|
#
|
||||||
# Basic configuration options
|
# Basic configuration options
|
||||||
#
|
#
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue