diff --git a/examples/README.md b/examples/README.md index 84ca610..21e3f61 100644 --- a/examples/README.md +++ b/examples/README.md @@ -1,11 +1,5 @@ # Community Examples -The examples contained in this directory have been provided by the community -and allow users to run the container setup in scenarios other than the -default one (using Docker Compose). - -Since they are maintained by the community, they may not provide the same -features as the default setup. - -No support is provided for these, but if you found a bug and can fix it -we'll be happy to accept a Pull-Request to fix it! +This folder used to contain community maintained example configurations for +Kubernetes and Traefik. They have now been migrated to the [jitsi-contrib](https://github.com/jitsi-contrib) +organization. diff --git a/examples/kubernetes/README.md b/examples/kubernetes/README.md deleted file mode 100644 index d01c4da..0000000 --- a/examples/kubernetes/README.md +++ /dev/null @@ -1,30 +0,0 @@ -# Install guide for kubernetes - -This guide will deploy jitsi in the most simple way: as several containers in a single pod. This is enough to start in case your hardware is enough. If you need to scale components to severa instance, you'll have to modify it to use several services and pods. - -Create a namespace to deploy jitsi to: - -`kubectl create namespace jitsi` - -Add the secret with secret values (replace `...` with some random strings): - -`kubectl create secret generic jitsi-config -n jitsi --from-literal=JICOFO_COMPONENT_SECRET=... --from-literal=JICOFO_AUTH_PASSWORD=... --from-literal=JVB_AUTH_PASSWORD=... ` - -Deploy the service to listen for JVB UDP traffic on all cluster nodes port 30300: - -`kubectl create -f jvb-service.yaml` - -If PodSecurityPolicies were enabled, we would then install a PSP and Role for jitsi: - -`kubectl create -f rbac.yaml` - -Now we can deploy the rest of the application. First modify the `DOCKER_HOST_ADDRESS` env value in deployment.yaml to point to one of nodes in your cluster (or load-balancer for all nodes if you have one), and then deploy it: - -`kubectl create -f deployment.yaml` - -To expose the webapp, we can use Ingress (replace the `host` value with your actual hostname): - -`kubectl create -f web-service.yaml` - -You can either use "https" or "http" service port, depending on whether your ingress allows self-signed certs. - diff --git a/examples/kubernetes/deployment.yaml b/examples/kubernetes/deployment.yaml deleted file mode 100644 index 05d27d8..0000000 --- a/examples/kubernetes/deployment.yaml +++ /dev/null @@ -1,153 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: jitsi - namespace: jitsi ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - k8s-app: jitsi - name: jitsi - namespace: jitsi -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - k8s-app: jitsi - template: - metadata: - labels: - k8s-app: jitsi - spec: - containers: - - name: jicofo - image: jitsi/jicofo - imagePullPolicy: Always - env: - - name: XMPP_SERVER - value: localhost - - name: XMPP_DOMAIN - value: meet.jitsi - - name: XMPP_AUTH_DOMAIN - value: auth.meet.jitsi - - name: XMPP_MUC_DOMAIN - value: muc.meet.jitsi - - name: XMPP_INTERNAL_MUC_DOMAIN - value: internal-muc.meet.jitsi - - name: JICOFO_COMPONENT_SECRET - valueFrom: - secretKeyRef: - name: jitsi-config - key: JICOFO_COMPONENT_SECRET - - name: JICOFO_AUTH_USER - value: focus - - name: JICOFO_AUTH_PASSWORD - valueFrom: - secretKeyRef: - name: jitsi-config - key: JICOFO_AUTH_PASSWORD - - name: TZ - value: America/Los_Angeles - - name: JVB_BREWERY_MUC - value: jvbbrewery - - name: prosody - image: jitsi/prosody - imagePullPolicy: Always - env: - - name: XMPP_DOMAIN - value: meet.jitsi - - name: XMPP_AUTH_DOMAIN - value: auth.meet.jitsi - - name: XMPP_MUC_DOMAIN - value: muc.meet.jitsi - - name: XMPP_INTERNAL_MUC_DOMAIN - value: internal-muc.meet.jitsi - - name: JICOFO_COMPONENT_SECRET - valueFrom: - secretKeyRef: - name: jitsi-config - key: JICOFO_COMPONENT_SECRET - - name: JVB_AUTH_USER - value: jvb - - name: JVB_AUTH_PASSWORD - valueFrom: - secretKeyRef: - name: jitsi-config - key: JVB_AUTH_PASSWORD - - name: JICOFO_AUTH_USER - value: focus - - name: JICOFO_AUTH_PASSWORD - valueFrom: - secretKeyRef: - name: jitsi-config - key: JICOFO_AUTH_PASSWORD - - name: TZ - value: America/Los_Angeles - - name: JVB_TCP_HARVESTER_DISABLED - value: "true" - - name: web - image: jitsi/web - imagePullPolicy: Always - env: - - name: XMPP_SERVER - value: localhost - - name: JICOFO_AUTH_USER - value: focus - - name: XMPP_DOMAIN - value: meet.jitsi - - name: XMPP_AUTH_DOMAIN - value: auth.meet.jitsi - - name: XMPP_INTERNAL_MUC_DOMAIN - value: internal-muc.meet.jitsi - - name: XMPP_BOSH_URL_BASE - value: http://127.0.0.1:5280 - - name: XMPP_MUC_DOMAIN - value: muc.meet.jitsi - - name: TZ - value: America/Los_Angeles - - name: JVB_TCP_HARVESTER_DISABLED - value: "true" - - name: jvb - image: jitsi/jvb - imagePullPolicy: Always - env: - - name: XMPP_SERVER - value: localhost - - name: DOCKER_HOST_ADDRESS - value: - - name: XMPP_DOMAIN - value: meet.jitsi - - name: XMPP_AUTH_DOMAIN - value: auth.meet.jitsi - - name: XMPP_INTERNAL_MUC_DOMAIN - value: internal-muc.meet.jitsi - - name: JVB_STUN_SERVERS - value: stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302 - - name: JICOFO_AUTH_USER - value: focus - - name: JVB_TCP_HARVESTER_DISABLED - value: "true" - - name: JVB_AUTH_USER - value: jvb - - name: JVB_PORT - value: "30300" - - name: JVB_AUTH_PASSWORD - valueFrom: - secretKeyRef: - name: jitsi-config - key: JVB_AUTH_PASSWORD - - name: JICOFO_AUTH_PASSWORD - valueFrom: - secretKeyRef: - name: jitsi-config - key: JICOFO_AUTH_PASSWORD - - name: JVB_BREWERY_MUC - value: jvbbrewery - - name: TZ - value: America/Los_Angeles - serviceAccountName: jitsi diff --git a/examples/kubernetes/jvb-service.yaml b/examples/kubernetes/jvb-service.yaml deleted file mode 100644 index 6cf1434..0000000 --- a/examples/kubernetes/jvb-service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - service: jvb - name: jvb-udp - namespace: jitsi -spec: - type: NodePort - externalTrafficPolicy: Cluster - ports: - - port: 30300 - protocol: UDP - targetPort: 30300 - nodePort: 30300 - selector: - k8s-app: jitsi diff --git a/examples/kubernetes/rbac.yaml b/examples/kubernetes/rbac.yaml deleted file mode 100644 index e25723b..0000000 --- a/examples/kubernetes/rbac.yaml +++ /dev/null @@ -1,57 +0,0 @@ ---- -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: jitsi-privileged -spec: - allowPrivilegeEscalation: true - fsGroup: - rule: RunAsAny - hostIPC: false - hostNetwork: true - hostPID: true - hostPorts: - - max: 65535 - min: 0 - privileged: true - runAsUser: - rule: RunAsAny - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - volumes: - - configMap - - downwardAPI - - emptyDir - - persistentVolumeClaim - - projected - - secret ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: jitsi-privileged - namespace: jitsi -rules: -- apiGroups: - - policy - resources: - - podsecuritypolicies - resourceNames: - - jitsi-privileged - verbs: - - use ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: jitsi-privileged - namespace: jitsi -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: jitsi-privileged -subjects: -- kind: ServiceAccount - name: jitsi diff --git a/examples/kubernetes/web-service.yaml b/examples/kubernetes/web-service.yaml deleted file mode 100644 index 37b07bc..0000000 --- a/examples/kubernetes/web-service.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - service: web - name: web - namespace: jitsi -spec: - ports: - - name: "http" - port: 80 - targetPort: 80 - - name: "https" - port: 443 - targetPort: 443 - selector: - k8s-app: jitsi ---- - apiVersion: networking.k8s.io/v1beta1 - kind: Ingress - metadata: - name: jitsi - namespace: jitsi - spec: - rules: - - host: ... - http: - paths: - - path: / - backend: - serviceName: web - servicePort: https \ No newline at end of file diff --git a/examples/traefik-v2/README.md b/examples/traefik-v2/README.md deleted file mode 100644 index 585f224..0000000 --- a/examples/traefik-v2/README.md +++ /dev/null @@ -1,18 +0,0 @@ -# Basic configuration to use with the traefik reverse proxy - -Note: Tested with traefik 2.2.0 - -- When running behind traefik, it's a better practice to remove the port-binds for the web service. -- The provided example uses an external network with the name "web". This is the network which moste likely was created while setting up traefik. -- Look for comments starting with **#traefik:** to see the changes made in docker-compose.yml. -- Traefik obtains Let's Encrypt certificates automatically. - -Uncomment and set DOCKER_HOST_ADDRESS in .env. I'm pretty sure, that this is mandatory for the docker-setup and should be clearer in the original README. Could be the proxying, didn't investigate further. - -## TODO - -Add or rewrite the example with docker-compose extends - -````env -DOCKER_HOST_ADDRESS=1.2.3.4 -```` diff --git a/examples/traefik-v2/docker-compose.yml b/examples/traefik-v2/docker-compose.yml deleted file mode 100644 index c63f6dd..0000000 --- a/examples/traefik-v2/docker-compose.yml +++ /dev/null @@ -1,272 +0,0 @@ -version: '3' - -services: - # Frontend - web: - image: jitsi/web - volumes: - - ${CONFIG}/web:/config - - ${CONFIG}/web/letsencrypt:/etc/letsencrypt - - ${CONFIG}/transcripts:/usr/share/jitsi-meet/transcripts - environment: - - ENABLE_LETSENCRYPT - - ENABLE_HTTP_REDIRECT - - ENABLE_HSTS - - ENABLE_XMPP_WEBSOCKET - - DISABLE_HTTPS - - LETSENCRYPT_DOMAIN - - LETSENCRYPT_EMAIL - - LETSENCRYPT_USE_STAGING - - PUBLIC_URL - - TZ - - AMPLITUDE_ID - - ANALYTICS_SCRIPT_URLS - - ANALYTICS_WHITELISTED_EVENTS - - BRIDGE_CHANNEL - - CALLSTATS_CUSTOM_SCRIPT_URL - - CALLSTATS_ID - - CALLSTATS_SECRET - - CHROME_EXTENSION_BANNER_JSON - - CONFCODE_URL - - CONFIG_EXTERNAL_CONNECT - - DEPLOYMENTINFO_ENVIRONMENT - - DEPLOYMENTINFO_ENVIRONMENT_TYPE - - DEPLOYMENTINFO_USERREGION - - DIALIN_NUMBERS_URL - - DIALOUT_AUTH_URL - - DIALOUT_CODES_URL - - DROPBOX_APPKEY - - DROPBOX_REDIRECT_URI - - DYNAMIC_BRANDING_URL - - ENABLE_AUDIO_PROCESSING - - ENABLE_AUTH - - ENABLE_CALENDAR - - ENABLE_FILE_RECORDING_SERVICE - - ENABLE_FILE_RECORDING_SERVICE_SHARING - - ENABLE_GUESTS - - ENABLE_IPV6 - - ENABLE_LIPSYNC - - ENABLE_NO_AUDIO_DETECTION - - ENABLE_P2P - - ENABLE_PREJOIN_PAGE - - ENABLE_WELCOME_PAGE - - ENABLE_CLOSE_PAGE - - ENABLE_RECORDING - - ENABLE_REMB - - ENABLE_REQUIRE_DISPLAY_NAME - - ENABLE_SIMULCAST - - ENABLE_STATS_ID - - ENABLE_STEREO - - ENABLE_SUBDOMAINS - - ENABLE_TALK_WHILE_MUTED - - ENABLE_TCC - - ENABLE_TRANSCRIPTIONS - - ETHERPAD_PUBLIC_URL - - ETHERPAD_URL_BASE - - GOOGLE_ANALYTICS_ID - - GOOGLE_API_APP_CLIENT_ID - - INVITE_SERVICE_URL - - JICOFO_AUTH_USER - - MATOMO_ENDPOINT - - MATOMO_SITE_ID - - MICROSOFT_API_APP_CLIENT_ID - - NGINX_RESOLVER - - NGINX_WORKER_PROCESSES - - NGINX_WORKER_CONNECTIONS - - PEOPLE_SEARCH_URL - - RESOLUTION - - RESOLUTION_MIN - - RESOLUTION_WIDTH - - RESOLUTION_WIDTH_MIN - - START_AUDIO_ONLY - - START_AUDIO_MUTED - - DISABLE_AUDIO_LEVELS - - ENABLE_NOISY_MIC_DETECTION - - START_BITRATE - - DESKTOP_SHARING_FRAMERATE_MIN - - DESKTOP_SHARING_FRAMERATE_MAX - - START_VIDEO_MUTED - - TESTING_CAP_SCREENSHARE_BITRATE - - TESTING_OCTO_PROBABILITY - - XMPP_AUTH_DOMAIN - - XMPP_BOSH_URL_BASE - - XMPP_DOMAIN - - XMPP_GUEST_DOMAIN - - XMPP_MUC_DOMAIN - - XMPP_RECORDER_DOMAIN - - TOKEN_AUTH_URL - networks: - # traefik: change the following line to your external docker network - web: - meet.jitsi: - aliases: - - ${XMPP_DOMAIN} - labels: - traefik.http.middlewares.redirect.redirectscheme.scheme: https - traefik.http.routers.app-http.entrypoints: web - traefik.http.routers.app-http.middlewares: redirect - traefik.http.routers.app-http.rule: 'Host(`your.host.name`)' - traefik.http.routers.app.entrypoints: websecure - traefik.http.routers.app.rule: 'Host(`your.host.name`)' - traefik.http.routers.app.tls: 'true' - traefik.http.routers.app.tls.certresolver: le - traefik.http.services.app.loadbalancer.server.port: 80 - # traefik: change the following line to your external docker network - traefik.docker.network: web - - # XMPP server - prosody: - image: jitsi/prosody - expose: - - '5222' - - '5347' - - '5280' - volumes: - - ${CONFIG}/prosody:/config - environment: - - AUTH_TYPE - - ENABLE_AUTH - - ENABLE_GUESTS - - ENABLE_LOBBY - - ENABLE_AV_MODERATION - - ENABLE_XMPP_WEBSOCKET - - GLOBAL_MODULES - - GLOBAL_CONFIG - - LDAP_URL - - LDAP_BASE - - LDAP_BINDDN - - LDAP_BINDPW - - LDAP_FILTER - - LDAP_AUTH_METHOD - - LDAP_VERSION - - LDAP_USE_TLS - - LDAP_TLS_CIPHERS - - LDAP_TLS_CHECK_PEER - - LDAP_TLS_CACERT_FILE - - LDAP_TLS_CACERT_DIR - - LDAP_START_TLS - - XMPP_DOMAIN - - XMPP_AUTH_DOMAIN - - XMPP_GUEST_DOMAIN - - XMPP_MUC_DOMAIN - - XMPP_INTERNAL_MUC_DOMAIN - - XMPP_MODULES - - XMPP_MUC_MODULES - - XMPP_INTERNAL_MUC_MODULES - - XMPP_RECORDER_DOMAIN - - XMPP_CROSS_DOMAIN - - JICOFO_COMPONENT_SECRET - - JICOFO_AUTH_USER - - JICOFO_AUTH_PASSWORD - - JVB_AUTH_USER - - JVB_AUTH_PASSWORD - - JIGASI_XMPP_USER - - JIGASI_XMPP_PASSWORD - - JIBRI_XMPP_USER - - JIBRI_XMPP_PASSWORD - - JIBRI_RECORDER_USER - - JIBRI_RECORDER_PASSWORD - - JWT_APP_ID - - JWT_APP_SECRET - - JWT_ACCEPTED_ISSUERS - - JWT_ACCEPTED_AUDIENCES - - JWT_ASAP_KEYSERVER - - JWT_ALLOW_EMPTY - - JWT_AUTH_TYPE - - JWT_TOKEN_AUTH_MODULE - - LOG_LEVEL - - PUBLIC_URL - - TZ - networks: - meet.jitsi: - aliases: - - ${XMPP_SERVER} - - # Focus component - jicofo: - image: jitsi/jicofo - volumes: - - ${CONFIG}/jicofo:/config - environment: - - AUTH_TYPE - - BRIDGE_AVG_PARTICIPANT_STRESS - - BRIDGE_STRESS_THRESHOLD - - ENABLE_AUTH - - ENABLE_AUTO_OWNER - - ENABLE_CODEC_VP8 - - ENABLE_CODEC_VP9 - - ENABLE_CODEC_H264 - - ENABLE_RECORDING - - ENABLE_SCTP - - JICOFO_COMPONENT_SECRET - - JICOFO_AUTH_USER - - JICOFO_AUTH_PASSWORD - - JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS - - JICOFO_CONF_INITIAL_PARTICIPANT_WAIT_TIMEOUT - - JICOFO_CONF_SINGLE_PARTICIPANT_TIMEOUT - - JICOFO_ENABLE_HEALTH_CHECKS - - JICOFO_SHORT_ID - - JICOFO_RESERVATION_ENABLED - - JICOFO_RESERVATION_REST_BASE_URL - - JIBRI_BREWERY_MUC - - JIBRI_REQUEST_RETRIES - - JIBRI_PENDING_TIMEOUT - - JIGASI_BREWERY_MUC - - JIGASI_SIP_URI - - JVB_BREWERY_MUC - - MAX_BRIDGE_PARTICIPANTS - - OCTO_BRIDGE_SELECTION_STRATEGY - - TZ - - XMPP_DOMAIN - - XMPP_AUTH_DOMAIN - - XMPP_INTERNAL_MUC_DOMAIN - - XMPP_MUC_DOMAIN - - XMPP_SERVER - depends_on: - - prosody - networks: - meet.jitsi: - - # Video bridge - jvb: - image: jitsi/jvb - ports: - - '${JVB_PORT}:${JVB_PORT}/udp' - - '${JVB_TCP_MAPPED_PORT}:${JVB_TCP_PORT}' - volumes: - - ${CONFIG}/jvb:/config - environment: - - DOCKER_HOST_ADDRESS - - XMPP_AUTH_DOMAIN - - XMPP_INTERNAL_MUC_DOMAIN - - XMPP_SERVER - - JVB_AUTH_USER - - JVB_AUTH_PASSWORD - - JVB_BREWERY_MUC - - JVB_PORT - - JVB_TCP_HARVESTER_DISABLED - - JVB_TCP_PORT - - JVB_TCP_MAPPED_PORT - - JVB_STUN_SERVERS - - JVB_ENABLE_APIS - - JVB_WS_DOMAIN - - JVB_WS_SERVER_ID - - PUBLIC_URL - - COLIBRI_REST_ENABLED - - SHUTDOWN_REST_ENABLED - - TZ - depends_on: - - prosody - networks: - meet.jitsi: - labels: - traefik.udp.routers.jvb.entrypoints: video - traefik.udp.routers.jvb.service: jvb - traefik.udp.services.jvb.loadbalancer.server.port: 10000 - -# Custom network so all services can communicate using a FQDN -networks: - meet.jitsi: - # traefik: change the following line to your external docker network - web: - external: true diff --git a/examples/traefik/README.md b/examples/traefik/README.md deleted file mode 100644 index b2c4ce0..0000000 --- a/examples/traefik/README.md +++ /dev/null @@ -1,17 +0,0 @@ -# Basic configuration to use with the traefik reverse proxy - -Note: Tested with traefik 1.7 - -- When running behind traefik, it's a better practice to remove the port-binds for the web service. -- The provided example uses an external network with the name "web". This is the network which moste likely was created while setting up traefik. -- Look for comments starting with **#traefik:** to see the changes made in docker-compose.yml. - -Uncomment and set DOCKER_HOST_ADDRESS in .env. I'm pretty sure, that this is mandatory for the docker-setup and should be clearer in the original README. Could be the proxying, didn't investigate further. - -## TODO - -Add or rewrite the example with docker-compose extends - -````env -DOCKER_HOST_ADDRESS=1.2.3.4 -```` diff --git a/examples/traefik/docker-compose.yml b/examples/traefik/docker-compose.yml deleted file mode 100644 index 3a986e3..0000000 --- a/examples/traefik/docker-compose.yml +++ /dev/null @@ -1,182 +0,0 @@ -version: '3' - -services: - # Frontend - web: - image: jitsi/web - restart: ${RESTART_POLICY} - volumes: - - ${CONFIG}/web:/config:Z - - ${CONFIG}/web/letsencrypt:/etc/letsencrypt:Z - - ${CONFIG}/transcripts:/usr/share/jitsi-meet/transcripts:Z - environment: - - ENABLE_AUTH - - ENABLE_GUESTS - - ENABLE_LETSENCRYPT - - ENABLE_HTTP_REDIRECT - - ENABLE_TRANSCRIPTIONS - - DISABLE_HTTPS - - JICOFO_AUTH_USER - - LETSENCRYPT_DOMAIN - - LETSENCRYPT_EMAIL - - PUBLIC_URL - - XMPP_DOMAIN - - XMPP_AUTH_DOMAIN - - XMPP_BOSH_URL_BASE - - XMPP_GUEST_DOMAIN - - XMPP_MUC_DOMAIN - - XMPP_RECORDER_DOMAIN - - ETHERPAD_URL_BASE - - ETHERPAD_PUBLIC_URL - - TZ - - JIBRI_BREWERY_MUC - - JIBRI_PENDING_TIMEOUT - - JIBRI_XMPP_USER - - JIBRI_XMPP_PASSWORD - - JIBRI_RECORDER_USER - - JIBRI_RECORDER_PASSWORD - - ENABLE_RECORDING - networks: - # traefik: change the following line to your external docker network - web: - meet.jitsi: - aliases: - - ${XMPP_DOMAIN} - labels: - # traefik: change that to your external network - - "traefik.docker.network=web" - - "traefik.enable=true" - - "traefik.backend=jc_backend" - # traefik: change that to your actual fqdn - - "traefik.basic.frontend.rule=Host:your.host.name" - - "traefik.basic.port=80" - - # XMPP server - prosody: - image: jitsi/prosody - restart: ${RESTART_POLICY} - expose: - - '5222' - - '5347' - - '5280' - volumes: - - ${CONFIG}/prosody/config:/config:Z - - ${CONFIG}/prosody/prosody-plugins-custom:/prosody-plugins-custom:Z - environment: - - AUTH_TYPE - - ENABLE_AUTH - - ENABLE_GUESTS - - GLOBAL_MODULES - - GLOBAL_CONFIG - - LDAP_URL - - LDAP_BASE - - LDAP_BINDDN - - LDAP_BINDPW - - LDAP_FILTER - - LDAP_AUTH_METHOD - - LDAP_VERSION - - LDAP_USE_TLS - - LDAP_TLS_CIPHERS - - LDAP_TLS_CHECK_PEER - - LDAP_TLS_CACERT_FILE - - LDAP_TLS_CACERT_DIR - - LDAP_START_TLS - - XMPP_DOMAIN - - XMPP_AUTH_DOMAIN - - XMPP_GUEST_DOMAIN - - XMPP_MUC_DOMAIN - - XMPP_INTERNAL_MUC_DOMAIN - - XMPP_MODULES - - XMPP_MUC_MODULES - - XMPP_INTERNAL_MUC_MODULES - - XMPP_RECORDER_DOMAIN - - JICOFO_COMPONENT_SECRET - - JICOFO_AUTH_USER - - JICOFO_AUTH_PASSWORD - - JVB_AUTH_USER - - JVB_AUTH_PASSWORD - - JIGASI_XMPP_USER - - JIGASI_XMPP_PASSWORD - - JIBRI_XMPP_USER - - JIBRI_XMPP_PASSWORD - - JIBRI_RECORDER_USER - - JIBRI_RECORDER_PASSWORD - - JWT_APP_ID - - JWT_APP_SECRET - - JWT_ACCEPTED_ISSUERS - - JWT_ACCEPTED_AUDIENCES - - JWT_ASAP_KEYSERVER - - JWT_ALLOW_EMPTY - - JWT_AUTH_TYPE - - JWT_TOKEN_AUTH_MODULE - - LOG_LEVEL - - TZ - networks: - meet.jitsi: - aliases: - - ${XMPP_SERVER} - - # Focus component - jicofo: - image: jitsi/jicofo - restart: ${RESTART_POLICY} - volumes: - - ${CONFIG}/jicofo:/config:Z - environment: - - AUTH_TYPE - - ENABLE_AUTH - - XMPP_DOMAIN - - XMPP_AUTH_DOMAIN - - XMPP_INTERNAL_MUC_DOMAIN - - XMPP_SERVER - - JICOFO_COMPONENT_SECRET - - JICOFO_AUTH_USER - - JICOFO_AUTH_PASSWORD - - JICOFO_RESERVATION_REST_BASE_URL - - JVB_BREWERY_MUC - - JIGASI_BREWERY_MUC - - JIBRI_BREWERY_MUC - - JIGASI_SIP_URI - - JIBRI_PENDING_TIMEOUT - - TZ - depends_on: - - prosody - networks: - meet.jitsi: - - # Video bridge - jvb: - image: jitsi/jvb - restart: ${RESTART_POLICY} - ports: - - '${JVB_PORT}:${JVB_PORT}/udp' - - '${JVB_TCP_MAPPED_PORT}:${JVB_TCP_PORT}' - volumes: - - ${CONFIG}/jvb:/config:Z - environment: - - DOCKER_HOST_ADDRESS - - XMPP_AUTH_DOMAIN - - XMPP_INTERNAL_MUC_DOMAIN - - XMPP_SERVER - - JVB_AUTH_USER - - JVB_AUTH_PASSWORD - - JVB_BREWERY_MUC - - JVB_PORT - - JVB_TCP_HARVESTER_DISABLED - - JVB_TCP_PORT - - JVB_STUN_SERVERS - - JVB_ENABLE_APIS - - COLIBRI_REST_ENABLED - - SHUTDOWN_REST_ENABLED - - TZ - depends_on: - - prosody - networks: - meet.jitsi: - -# Custom network so all services can communicate using a FQDN -networks: - meet.jitsi: - # traefik: change the following line to your external docker network - web: - external: true