801d8c2843
This fixes the JVB connection info to use IP addrs instead of names since nginx can't seem to do name lookups. Additionally, we modify the cert CN to match the IP address used. Change-Id: I6bbca44b60559d9586741c6540cb390371e3c120
94 lines
2.6 KiB
YAML
94 lines
2.6 KiB
YAML
- name: Create docker-compose dir
|
|
file:
|
|
name: /etc/jitsi-meet-docker
|
|
state: directory
|
|
mode: 0755
|
|
owner: root
|
|
group: root
|
|
- name: Copy docker-compose config
|
|
copy:
|
|
src: "jitsi-meet-docker/{{ docker_compose_file }}"
|
|
dest: /etc/jitsi-meet-docker/docker-compose.yaml
|
|
mode: 0644
|
|
owner: root
|
|
group: root
|
|
- name: Write env file
|
|
template:
|
|
src: "{{ docker_compose_env_file }}"
|
|
dest: /etc/jitsi-meet-docker/.env
|
|
- name: Ensure jitsi-meet volume directories exist
|
|
file:
|
|
state: directory
|
|
path: "/var/jitsi-meet/{{ item }}"
|
|
loop:
|
|
- jvb
|
|
- web
|
|
- web/nginx
|
|
- web/nginx/site-confs
|
|
- defaults
|
|
- defaults/web
|
|
- defaults/web/nginx
|
|
- defaults/jvb
|
|
|
|
# These files are interpreted by the container at startup and are templated
|
|
# using the frep tool. Ideally we'll keep the content in templates to a
|
|
# minumum and rely on upstream as much as possible.
|
|
- name: Write nginx meet config template
|
|
copy:
|
|
src: meet.conf
|
|
dest: /var/jitsi-meet/defaults/web/nginx/meet.conf
|
|
- name: Write settings-config.js config template
|
|
copy:
|
|
src: settings-config.js
|
|
dest: /var/jitsi-meet/defaults/web/settings-config.js
|
|
- name: Write jvb.conf config template
|
|
copy:
|
|
src: jvb.conf
|
|
dest: /var/jitsi-meet/defaults/jvb/jvb.conf
|
|
|
|
# This file appears to be consumed as is by the jitsi meet web process.
|
|
# No funny templating or replacement.
|
|
- name: Write interface config
|
|
copy:
|
|
src: interface_config.js
|
|
dest: /var/jitsi-meet/defaults/web/interface_config.js
|
|
|
|
# This prepares a keystore for the JVB websocket connection
|
|
- name: Install java for keytool
|
|
package:
|
|
name: openjdk-11-jre-headless
|
|
state: present
|
|
- name: Create keystore if it isn't present
|
|
command:
|
|
cmd: >
|
|
keytool -genkeypair
|
|
-alias {{ inventory_hostname }}.key
|
|
-keyalg RSA
|
|
-keysize 2048
|
|
-validity 3652
|
|
-keystore /var/jitsi-meet/jvb/jvb-keystore.store
|
|
-storepass {{ meetpad_jvb_keystore_password }}
|
|
# Jitsi meet appears to do SNI via the CN in the cert, but not
|
|
# other validation of the cert issuer.
|
|
stdin: |
|
|
{{ public_v4 }}
|
|
OpenDev
|
|
Open Infra Foundation
|
|
Austin
|
|
Texas
|
|
US
|
|
yes
|
|
creates: /var/jitsi-meet/jvb/jvb-keystore.store
|
|
|
|
- name: Run docker-compose pull
|
|
shell:
|
|
cmd: docker-compose pull
|
|
chdir: /etc/jitsi-meet-docker/
|
|
- name: Run docker-compose up
|
|
shell:
|
|
cmd: docker-compose up -d
|
|
chdir: /etc/jitsi-meet-docker/
|
|
- name: Run docker prune to cleanup unneeded images
|
|
shell:
|
|
cmd: docker image prune -f
|