system-config/playbooks/roles/jitsi-meet/tasks/main.yaml

- name: Create docker-compose dir
  file:
    name: /etc/jitsi-meet-docker
    state: directory
    mode: 0755
    owner: root
    group: root
- name: Copy docker-compose config
  copy:
    src: "jitsi-meet-docker/{{ docker_compose_file }}"
    dest: /etc/jitsi-meet-docker/docker-compose.yaml
    mode: 0644
    owner: root
    group: root
- name: Write env file
  template:
    src: "{{ docker_compose_env_file }}"
    dest: /etc/jitsi-meet-docker/.env
- name: Ensure jitsi-meet volume directories exist
  file:
    state: directory
    path: "/var/jitsi-meet/{{ item }}"
  loop:
    - jvb
    - web
    - web/nginx
    - web/nginx/site-confs
    - defaults
    - defaults/web
    - defaults/web/nginx
    - defaults/jvb

# These files are interpreted by the container at startup and are templated
# using the frep tool. Ideally we'll keep the content in templates to a
# minumum and rely on upstream as much as possible.
- name: Write nginx meet config template
  copy:
    src: meet.conf
    dest: /var/jitsi-meet/defaults/web/nginx/meet.conf
- name: Write settings-config.js config template
  copy:
    src: settings-config.js
    dest: /var/jitsi-meet/defaults/web/settings-config.js
- name: Write jvb.conf config template
  copy:
    src: jvb.conf
    dest: /var/jitsi-meet/defaults/jvb/jvb.conf

# This file appears to be consumed as is by the jitsi meet web process.
# No funny templating or replacement.
- name: Write interface config
  copy:
    src: interface_config.js
    dest: /var/jitsi-meet/defaults/web/interface_config.js

# This prepares a keystore for the JVB websocket connection
- name: Install java for keytool
  package:
    name: openjdk-11-jre-headless
    state: present
- name: Create keystore if it isn't present
  command:
    cmd: >
      keytool -genkeypair
              -alias {{ inventory_hostname }}.key
              -keyalg RSA
              -keysize 2048
              -validity 3652
              -keystore /var/jitsi-meet/jvb/jvb-keystore.store
              -storepass {{ meetpad_jvb_keystore_password }}
    # Jitsi meet appears to do SNI via the CN in the cert, but not
    # other validation of the cert issuer.
    stdin: |
      {{ public_v4 }}
      OpenDev
      Open Infra Foundation
      Austin
      Texas
      US
      yes
    creates: /var/jitsi-meet/jvb/jvb-keystore.store

- name: Get list of image IDs pre pull
  # The --quiet flag prints out only image IDs
  command: docker image list --quiet
  register: pre_pull_image_ids

- name: Run docker-compose pull
  shell:
    cmd: docker-compose pull
    chdir: /etc/jitsi-meet-docker/

- name: Get list of image IDs post pull
  # The --quiet flag prints out only image IDs
  command: docker image list --quiet
  register: post_pull_image_ids

- name: Stop/Start containers if needed
  when: pre_pull_image_ids.stdout_lines|sort != post_pull_image_ids.stdout_lines|sort
  block:
    - name: Run docker-compose down
      shell:
        cmd: docker-compose down
        chdir: /etc/jitsi-meet-docker/
    - name: Run docker-compose up
      shell:
        cmd: docker-compose up -d
        chdir: /etc/jitsi-meet-docker/
    - name: Run docker prune to cleanup unneeded images
      shell:
        cmd: docker image prune -f