4f0bed6998
We've been running into problems with Jitsi-Meet processes not restarting cleanly if we only docker-compose up after image pulls. Instead, check for whether the pull resulted in new image downloads and then cleanly down and up the containers, which seems to address the problem based on manual testing on the servers. Change-Id: Id551767e72102a4b8667aa9dacc81755f332a278
102 lines
2.9 KiB
YAML
102 lines
2.9 KiB
YAML
- name: Create docker-compose dir
|
|
file:
|
|
name: /etc/jitsi-meet-docker
|
|
state: directory
|
|
mode: 0755
|
|
owner: root
|
|
group: root
|
|
- name: Copy docker-compose config
|
|
copy:
|
|
src: "jitsi-meet-docker/{{ docker_compose_file }}"
|
|
dest: /etc/jitsi-meet-docker/docker-compose.yaml
|
|
mode: 0644
|
|
owner: root
|
|
group: root
|
|
- name: Write env file
|
|
template:
|
|
src: "{{ docker_compose_env_file }}"
|
|
dest: /etc/jitsi-meet-docker/.env
|
|
- name: Ensure jitsi-meet volume directories exist
|
|
file:
|
|
state: directory
|
|
path: "/var/jitsi-meet/{{ item }}"
|
|
loop:
|
|
- jvb
|
|
- web
|
|
- web/nginx
|
|
- web/nginx/site-confs
|
|
- defaults
|
|
- defaults/web
|
|
- defaults/web/nginx
|
|
- defaults/jvb
|
|
|
|
# These files are interpreted by the container at startup and are templated
|
|
# using the frep tool. Ideally we'll keep the content in templates to a
|
|
# minumum and rely on upstream as much as possible.
|
|
- name: Write nginx meet config template
|
|
copy:
|
|
src: meet.conf
|
|
dest: /var/jitsi-meet/defaults/web/nginx/meet.conf
|
|
- name: Write settings-config.js config template
|
|
copy:
|
|
src: settings-config.js
|
|
dest: /var/jitsi-meet/defaults/web/settings-config.js
|
|
- name: Write jvb.conf config template
|
|
copy:
|
|
src: jvb.conf
|
|
dest: /var/jitsi-meet/defaults/jvb/jvb.conf
|
|
|
|
# This file appears to be consumed as is by the jitsi meet web process.
|
|
# No funny templating or replacement.
|
|
- name: Write interface config
|
|
copy:
|
|
src: interface_config.js
|
|
dest: /var/jitsi-meet/defaults/web/interface_config.js
|
|
|
|
# This prepares a keystore for the JVB websocket connection
|
|
- name: Install java for keytool
|
|
package:
|
|
name: openjdk-11-jre-headless
|
|
state: present
|
|
- name: Create keystore if it isn't present
|
|
command:
|
|
cmd: >
|
|
keytool -genkeypair
|
|
-alias {{ inventory_hostname }}.key
|
|
-keyalg RSA
|
|
-keysize 2048
|
|
-validity 3652
|
|
-keystore /var/jitsi-meet/jvb/jvb-keystore.store
|
|
-storepass {{ meetpad_jvb_keystore_password }}
|
|
# Jitsi meet appears to do SNI via the CN in the cert, but not
|
|
# other validation of the cert issuer.
|
|
stdin: |
|
|
{{ public_v4 }}
|
|
OpenDev
|
|
Open Infra Foundation
|
|
Austin
|
|
Texas
|
|
US
|
|
yes
|
|
creates: /var/jitsi-meet/jvb/jvb-keystore.store
|
|
|
|
- name: Run docker-compose pull
|
|
shell:
|
|
cmd: docker-compose pull
|
|
chdir: /etc/jitsi-meet-docker/
|
|
register: docker_compose_pull
|
|
- name: Stop/Start containers if needed
|
|
when: "'downloaded newer image' in docker_compose_pull.stderr"
|
|
block:
|
|
- name: Run docker-compose down
|
|
shell:
|
|
cmd: docker-compose down
|
|
chdir: /etc/jitsi-meet-docker/
|
|
- name: Run docker-compose up
|
|
shell:
|
|
cmd: docker-compose up -d
|
|
chdir: /etc/jitsi-meet-docker/
|
|
- name: Run docker prune to cleanup unneeded images
|
|
shell:
|
|
cmd: docker image prune -f
|