Added documentation and examples for multitenancy setups.

examples/multitenancy/host_vars/server1/firewall.yml

@@ -0,0 +1,16 @@
+# Firewall
+firewall_disable_ufw: true
+firewall_flush_rules_and_chains: true
+firewall_additional_rules:
+  - "iptables --policy INPUT DENY"
+firewall_allowed_tcp_ports:
+  - "22"
+  - "80"
+  - "443"
+  # Jitsi
+  - "4443" # tenant_a
+  - "4543" # tenant_b
+firewall_allowed_udp_ports:
+  # Jitsi
+  - "10000" # tenant_a
+  - "11000" # tenant_b

examples/multitenancy/host_vars/server1/server1.yml

@@ -0,0 +1,6 @@
+# General settings
+ansible_user: deploy
+update_hostname: yes
+hostname: "multitenant-server1"
+users: []
+sudoers: []

examples/multitenancy/host_vars/server1/traefik.yml

@@ -0,0 +1,8 @@
+# Traefik proxy
+traefik_letsencrypt_email: max@example.com
+traefik_install_user: "{{ default_user }}"
+traefik_expose_internally: True
+traefik_expose_externally: False
+traefik_enable_acme: True
+traefik_use_acme_staging: False
+traefik_dns_challenge_provider: False

examples/multitenancy/host_vars/server1_tenant_a/jitsi_docker.yml

@@ -0,0 +1,26 @@
+jitsi_install_user: "{{ default_user }}"
+jitsi_install_path: "{{ tenant_install_path }}"
+jitsi_multitenant_label: "tenant_a"
+jitsi_docker_image_tag: 'latest'
+jitsi_public_url: https://tenant-a.example.com
+jitsi_docker_host_address: "{{ ansible_host }}"
+jitsi_exposed_http_port: 8010
+jitsi_exposed_https_port: 8453
+jitsi_bridge_udp_port: 11000
+jitsi_bridge_tcp_port: 4543
+jitsi_timezone: Europe/Amsterdam
+jitsi_enable_letsencrypt: False
+jitsi_virtual_host: tenant-a.example.com
+jitsi_jvb_stun_servers: meet-jit-si-turnrelay.jitsi.net:443
+# Passwords
+jitsi_jibri_recorder_password: secret1-CHANGE-ME
+jitsi_jibri_recorder_user: recorder
+jitsi_jibri_xmpp_password: secret2-CHANGE-ME
+jitsi_jibri_xmpp_user: jibri
+jitsi_jicofo_auth_password: secret3-CHANGE-ME
+jitsi_jicofo_auth_user: focus
+jitsi_jicofo_component_secret: secret4-CHANGE-ME
+jitsi_jigasi_xmpp_password: secret5-CHANGE-ME
+jitsi_jigasi_xmpp_user: jigasi
+jitsi_jvb_auth_user: jvb
+jitsi_jvb_auth_password: secret6-CHANGE-ME

examples/multitenancy/host_vars/server1_tenant_a/server1_tenant_a.yml

@@ -0,0 +1,3 @@
+ansible_user: deploy
+# Multitenant setup for tenant_a
+tenant_name: "tenant_a"

examples/multitenancy/host_vars/server1_tenant_b/jitsi_docker.yml

@@ -0,0 +1,26 @@
+jitsi_install_user: "{{ default_user }}"
+jitsi_install_path: "{{ tenant_install_path }}"
+jitsi_multitenant_label: "tenant_b"
+jitsi_docker_image_tag: 'latest'
+jitsi_public_url: https://tenant-b.example.com
+jitsi_docker_host_address: "{{ ansible_host }}"
+jitsi_exposed_http_port: 8010
+jitsi_exposed_https_port: 8453
+jitsi_bridge_udp_port: 11000
+jitsi_bridge_tcp_port: 4543
+jitsi_timezone: Europe/Amsterdam
+jitsi_enable_letsencrypt: False
+jitsi_virtual_host: tenant-b.example.com
+jitsi_jvb_stun_servers: meet-jit-si-turnrelay.jitsi.net:443
+# Passwords
+jitsi_jibri_recorder_password: secret1-CHANGE-ME
+jitsi_jibri_recorder_user: recorder
+jitsi_jibri_xmpp_password: secret2-CHANGE-ME
+jitsi_jibri_xmpp_user: jibri
+jitsi_jicofo_auth_password: secret3-CHANGE-ME
+jitsi_jicofo_auth_user: focus
+jitsi_jicofo_component_secret: secret4-CHANGE-ME
+jitsi_jigasi_xmpp_password: secret5-CHANGE-ME
+jitsi_jigasi_xmpp_user: jigasi
+jitsi_jvb_auth_user: jvb
+jitsi_jvb_auth_password: secret6-CHANGE-ME

examples/multitenancy/host_vars/server1_tenant_b/server1_tenant_b.yml

@@ -0,0 +1,3 @@
+ansible_user: deploy
+# Multitenant setup for tenant_b
+tenant_name: "tenant_b"