diff --git a/base/Dockerfile b/base/Dockerfile index f651761..44efb4e 100644 --- a/base/Dockerfile +++ b/base/Dockerfile @@ -4,6 +4,7 @@ ARG JITSI_RELEASE=stable ADD https://github.com/just-containers/s6-overlay/releases/download/v1.21.4.0/s6-overlay-amd64.tar.gz /tmp/s6-overlay.tar.gz ADD https://download.jitsi.org/jitsi-key.gpg.key /tmp/jitsi.key +ADD https://github.com/subchen/frep/releases/download/v1.3.3/frep-1.3.3-linux-amd64 /usr/bin/frep COPY rootfs / @@ -18,6 +19,7 @@ RUN \ apt-dpkg-wrap apt-get update && \ apt-dpkg-wrap apt-get dist-upgrade -y && \ apt-dpkg-wrap apt-get autoremove -y --purge gnupg && \ - apt-cleanup + apt-cleanup && \ + chmod +x /usr/bin/frep ENTRYPOINT [ "/init" ] diff --git a/base/rootfs/usr/bin/tpl b/base/rootfs/usr/bin/tpl new file mode 100755 index 0000000..c18fb0e --- /dev/null +++ b/base/rootfs/usr/bin/tpl @@ -0,0 +1,4 @@ +#!/bin/bash + +exec frep $1:- + diff --git a/jvb/rootfs/defaults/sip-communicator.properties b/jvb/rootfs/defaults/sip-communicator.properties index ac231b1..7ef2c21 100644 --- a/jvb/rootfs/defaults/sip-communicator.properties +++ b/jvb/rootfs/defaults/sip-communicator.properties @@ -1,5 +1,5 @@ -org.jitsi.videobridge.AUTHORIZED_SOURCE_REGEXP=${JICOFO_AUTH_USER}@${XMPP_AUTH_DOMAIN}/.* +org.jitsi.videobridge.AUTHORIZED_SOURCE_REGEXP={{ .Env.JICOFO_AUTH_USER }}@{{ .Env.XMPP_AUTH_DOMAIN }}/.* org.jitsi.videobridge.TCP_HARVESTER_PORT=4443 -org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES=${JVB_STUN_SERVERS} +org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES={{ .Env.JVB_STUN_SERVERS }} org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS= org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS= diff --git a/jvb/rootfs/etc/cont-init.d/10-config b/jvb/rootfs/etc/cont-init.d/10-config index a4fe547..937d03b 100644 --- a/jvb/rootfs/etc/cont-init.d/10-config +++ b/jvb/rootfs/etc/cont-init.d/10-config @@ -1,13 +1,7 @@ #!/usr/bin/with-contenv bash if [[ ! -f /config/sip-communicator.properties ]]; then - cp /defaults/sip-communicator.properties /config - sed -i \ - -e "s,\${XMPP_DOMAIN},$XMPP_DOMAIN,g" \ - -e "s,\${XMPP_AUTH_DOMAIN},$XMPP_AUTH_DOMAIN,g" \ - -e "s,\${JICOFO_AUTH_USER},$JICOFO_AUTH_USER,g" \ - -e "s#\${JVB_STUN_SERVERS}#$JVB_STUN_SERVERS#g" \ - /config/sip-communicator.properties + tpl /defaults/sip-communicator.properties > /config/sip-communicator.properties fi if [[ ! -f /config/logging.properties ]]; then diff --git a/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua b/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua index bc859bc..2cd8da0 100644 --- a/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua +++ b/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua @@ -1,10 +1,10 @@ -admins = { "${JICOFO_AUTH_USER}@${XMPP_AUTH_DOMAIN}" } +admins = { "{{ .Env.JICOFO_AUTH_USER }}@{{ .Env.XMPP_AUTH_DOMAIN }}" } -VirtualHost "${XMPP_DOMAIN}" +VirtualHost "{{ .Env.XMPP_DOMAIN }}" authentication = "anonymous" ssl = { - key = "/config/certs/${XMPP_DOMAIN}.key"; - certificate = "/config/certs/${XMPP_DOMAIN}.crt"; + key = "/config/certs/{{ .Env.XMPP_DOMAIN }}.key"; + certificate = "/config/certs/{{ .Env.XMPP_DOMAIN }}.crt"; } modules_enabled = { "bosh"; @@ -14,19 +14,19 @@ VirtualHost "${XMPP_DOMAIN}" c2s_require_encryption = false -VirtualHost "${XMPP_AUTH_DOMAIN}" +VirtualHost "{{ .Env.XMPP_AUTH_DOMAIN }}" ssl = { - key = "/config/certs/${XMPP_AUTH_DOMAIN}.key"; - certificate = "/config/certs/${XMPP_AUTH_DOMAIN}.crt"; + key = "/config/certs/{{ .Env.XMPP_AUTH_DOMAIN }}.key"; + certificate = "/config/certs/{{ .Env.XMPP_AUTH_DOMAIN }}.crt"; } authentication = "internal_plain" -Component "${XMPP_MUC_DOMAIN}" "muc" +Component "{{ .Env.XMPP_MUC_DOMAIN }}" "muc" storage = "none" -Component "jitsi-videobridge.${XMPP_DOMAIN}" - component_secret = "${JVB_COMPONENT_SECRET}" +Component "jitsi-videobridge.{{ .Env.XMPP_DOMAIN }}" + component_secret = "{{ .Env.JVB_COMPONENT_SECRET }}" -Component "focus.${XMPP_DOMAIN}" - component_secret = "${JICOFO_COMPONENT_SECRET}" +Component "focus.{{ .Env.XMPP_DOMAIN }}" + component_secret = "{{ .Env.JICOFO_COMPONENT_SECRET }}" diff --git a/prosody/rootfs/etc/cont-init.d/10-config b/prosody/rootfs/etc/cont-init.d/10-config index bc1d700..b11a9ac 100644 --- a/prosody/rootfs/etc/cont-init.d/10-config +++ b/prosody/rootfs/etc/cont-init.d/10-config @@ -9,14 +9,7 @@ fi if [[ ! -f $PROSODY_CFG ]]; then cp -r /defaults/* /config - sed -i \ - -e "s,\${XMPP_DOMAIN},$XMPP_DOMAIN,g" \ - -e "s,\${XMPP_AUTH_DOMAIN},$XMPP_AUTH_DOMAIN,g" \ - -e "s,\${XMPP_MUC_DOMAIN},$XMPP_MUC_DOMAIN,g" \ - -e "s,\${JICOFO_AUTH_USER},$JICOFO_AUTH_USER,g" \ - -e "s,\${JICOFO_COMPONENT_SECRET},$JICOFO_COMPONENT_SECRET,g" \ - -e "s,\${JVB_COMPONENT_SECRET},$JVB_COMPONENT_SECRET,g" \ - /config/conf.d/jitsi-meet.cfg.lua + tpl /defaults/conf.d/jitsi-meet.cfg.lua > /config/conf.d/jitsi-meet.cfg.lua prosodyctl --config $PROSODY_CFG register $JICOFO_AUTH_USER $XMPP_AUTH_DOMAIN $JICOFO_AUTH_PASSWORD fi diff --git a/web/rootfs/defaults/default b/web/rootfs/defaults/default index dfa6064..53a7b60 100644 --- a/web/rootfs/defaults/default +++ b/web/rootfs/defaults/default @@ -31,8 +31,8 @@ server { # BOSH location /http-bind { - proxy_pass ${XMPP_BOSH_URL_BASE}/http-bind; + proxy_pass {{ .Env.XMPP_BOSH_URL_BASE }}/http-bind; proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header Host ${XMPP_DOMAIN}; + proxy_set_header Host {{ .Env.XMPP_DOMAIN }}; } } diff --git a/web/rootfs/etc/cont-init.d/10-config b/web/rootfs/etc/cont-init.d/10-config index 788c22d..b1a5bb3 100644 --- a/web/rootfs/etc/cont-init.d/10-config +++ b/web/rootfs/etc/cont-init.d/10-config @@ -13,11 +13,7 @@ if [[ ! -f /config/nginx/nginx.conf ]]; then fi if [[ ! -f /config/nginx/site-confs/default ]]; then - cp /defaults/default /config/nginx/site-confs/default - sed -i \ - -e "s,\${XMPP_DOMAIN},$XMPP_DOMAIN,g" \ - -e "s,\${XMPP_BOSH_URL_BASE},$XMPP_BOSH_URL_BASE,g" \ - /config/nginx/site-confs/default + tpl /defaults/default > /config/nginx/site-confs/default fi if [[ ! -f /config/config.js ]]; then