From d85434eb0542fb8ecd00864e295e54aac4b8e733 Mon Sep 17 00:00:00 2001 From: mmarquez999 Date: Wed, 13 Jul 2022 13:28:13 +0200 Subject: [PATCH 1/5] First jitsi chart --- charts/jitsi/Chart.yaml | 19 ++ charts/jitsi/README.md | 145 +++++++++ charts/jitsi/charts/prosody/.helmignore | 23 ++ charts/jitsi/charts/prosody/Chart.yaml | 21 ++ charts/jitsi/charts/prosody/README.md | 52 ++++ .../jitsi/charts/prosody/templates/NOTES.txt | 21 ++ .../charts/prosody/templates/_helpers.tpl | 63 ++++ .../prosody/templates/envs-configmap.yaml | 12 + .../charts/prosody/templates/envs-secret.yaml | 13 + .../charts/prosody/templates/ingress.yaml | 56 ++++ .../charts/prosody/templates/service.yaml | 26 ++ .../prosody/templates/serviceaccount.yaml | 12 + .../charts/prosody/templates/statefulset.yaml | 130 ++++++++ .../templates/tests/test-connection.yaml | 15 + charts/jitsi/charts/prosody/values.yaml | 94 ++++++ charts/jitsi/docs/index.yaml | 154 ++++++++++ charts/jitsi/docs/robots.txt | 2 + charts/jitsi/templates/NOTES.txt | 21 ++ charts/jitsi/templates/_helpers.tpl | 104 +++++++ charts/jitsi/templates/common-configmap.yaml | 31 ++ charts/jitsi/templates/ingress.yaml | 59 ++++ charts/jitsi/templates/jibri/_helper.tpl | 18 ++ charts/jitsi/templates/jibri/configmap.yaml | 21 ++ charts/jitsi/templates/jibri/deployment.yaml | 93 ++++++ .../jibri/persistentvolumeclaim.yaml | 18 ++ charts/jitsi/templates/jibri/service.yaml | 21 ++ charts/jitsi/templates/jibri/xmpp-secret.yaml | 14 + charts/jitsi/templates/jicofo/_helper.tpl | 18 ++ charts/jitsi/templates/jicofo/configmap.yaml | 22 ++ charts/jitsi/templates/jicofo/deployment.yaml | 76 +++++ .../jitsi/templates/jicofo/xmpp-secret.yaml | 11 + charts/jitsi/templates/jvb/_helper.tpl | 18 ++ charts/jitsi/templates/jvb/configmap.yaml | 28 ++ charts/jitsi/templates/jvb/deployment.yaml | 166 ++++++++++ .../templates/jvb/metrics-prometheus.yaml | 27 ++ .../jitsi/templates/jvb/metrics-service.yaml | 16 + charts/jitsi/templates/jvb/service.yaml | 32 ++ charts/jitsi/templates/jvb/xmpp-secret.yaml | 10 + charts/jitsi/templates/serviceaccount.yaml | 12 + .../templates/tests/test-connection.yaml | 15 + charts/jitsi/templates/web/_helper.tpl | 15 + charts/jitsi/templates/web/configmap.yaml | 24 ++ charts/jitsi/templates/web/deployment.yaml | 84 +++++ charts/jitsi/templates/web/service.yaml | 18 ++ charts/jitsi/values.yaml | 289 ++++++++++++++++++ 45 files changed, 2139 insertions(+) create mode 100644 charts/jitsi/Chart.yaml create mode 100644 charts/jitsi/README.md create mode 100644 charts/jitsi/charts/prosody/.helmignore create mode 100644 charts/jitsi/charts/prosody/Chart.yaml create mode 100644 charts/jitsi/charts/prosody/README.md create mode 100644 charts/jitsi/charts/prosody/templates/NOTES.txt create mode 100644 charts/jitsi/charts/prosody/templates/_helpers.tpl create mode 100644 charts/jitsi/charts/prosody/templates/envs-configmap.yaml create mode 100644 charts/jitsi/charts/prosody/templates/envs-secret.yaml create mode 100644 charts/jitsi/charts/prosody/templates/ingress.yaml create mode 100644 charts/jitsi/charts/prosody/templates/service.yaml create mode 100644 charts/jitsi/charts/prosody/templates/serviceaccount.yaml create mode 100644 charts/jitsi/charts/prosody/templates/statefulset.yaml create mode 100644 charts/jitsi/charts/prosody/templates/tests/test-connection.yaml create mode 100644 charts/jitsi/charts/prosody/values.yaml create mode 100644 charts/jitsi/docs/index.yaml create mode 100644 charts/jitsi/docs/robots.txt create mode 100644 charts/jitsi/templates/NOTES.txt create mode 100644 charts/jitsi/templates/_helpers.tpl create mode 100644 charts/jitsi/templates/common-configmap.yaml create mode 100644 charts/jitsi/templates/ingress.yaml create mode 100644 charts/jitsi/templates/jibri/_helper.tpl create mode 100644 charts/jitsi/templates/jibri/configmap.yaml create mode 100644 charts/jitsi/templates/jibri/deployment.yaml create mode 100644 charts/jitsi/templates/jibri/persistentvolumeclaim.yaml create mode 100644 charts/jitsi/templates/jibri/service.yaml create mode 100644 charts/jitsi/templates/jibri/xmpp-secret.yaml create mode 100644 charts/jitsi/templates/jicofo/_helper.tpl create mode 100644 charts/jitsi/templates/jicofo/configmap.yaml create mode 100644 charts/jitsi/templates/jicofo/deployment.yaml create mode 100644 charts/jitsi/templates/jicofo/xmpp-secret.yaml create mode 100644 charts/jitsi/templates/jvb/_helper.tpl create mode 100644 charts/jitsi/templates/jvb/configmap.yaml create mode 100644 charts/jitsi/templates/jvb/deployment.yaml create mode 100644 charts/jitsi/templates/jvb/metrics-prometheus.yaml create mode 100644 charts/jitsi/templates/jvb/metrics-service.yaml create mode 100644 charts/jitsi/templates/jvb/service.yaml create mode 100644 charts/jitsi/templates/jvb/xmpp-secret.yaml create mode 100644 charts/jitsi/templates/serviceaccount.yaml create mode 100644 charts/jitsi/templates/tests/test-connection.yaml create mode 100644 charts/jitsi/templates/web/_helper.tpl create mode 100644 charts/jitsi/templates/web/configmap.yaml create mode 100644 charts/jitsi/templates/web/deployment.yaml create mode 100644 charts/jitsi/templates/web/service.yaml create mode 100644 charts/jitsi/values.yaml diff --git a/charts/jitsi/Chart.yaml b/charts/jitsi/Chart.yaml new file mode 100644 index 000000000..367848d1c --- /dev/null +++ b/charts/jitsi/Chart.yaml @@ -0,0 +1,19 @@ +apiVersion: v2 +appVersion: stable-6865 +description: > + Helm chart to deploy Jitsi services on Kubernetes. +home: https://github.com/gradiant/openverso-charts +sources: + - https://github.com/jitsi-contrib/jitsi-helm +maintainers: +- email: mmarquez@gradiant.org + name: mmarquez +name: jitsi +version: 0.0.1 +keywords: + - apps + - k8s +dependencies: + - name: prosody + condition: prosody.enabled + version: 1.2.2 diff --git a/charts/jitsi/README.md b/charts/jitsi/README.md new file mode 100644 index 000000000..8d611945d --- /dev/null +++ b/charts/jitsi/README.md @@ -0,0 +1,145 @@ +# jitsi-meet + +![Version: 1.2.2](https://img.shields.io/badge/Version-1.2.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: stable-6865](https://img.shields.io/badge/AppVersion-stable--6865-informational?style=flat-square) + +A Helm chart for Kubernetes + +## Requirements + +| Repository | Name | Version | +|------------|------|---------| +| | prosody | 1.2.2 | + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| enableAuth | bool | `false` | | +| enableGuests | bool | `true` | | +| extraCommonEnvs | object | `{}` | | +| fullnameOverride | string | `""` | | +| global.podAnnotations | object | `{}` | | +| global.podLabels | object | `{}` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| imagePullSecrets | list | `[]` | | +| jibri.breweryMuc | string | `"jibribrewery"` | | +| jibri.enabled | bool | `false` | | +| jibri.extraEnvs | object | `{}` | | +| jibri.image.repository | string | `"jitsi/jibri"` | | +| jibri.livenessProbe.exec.command[0] | string | `"pgrep"` | | +| jibri.livenessProbe.exec.command[1] | string | `"java"` | | +| jibri.persistence.enabled | bool | `false` | | +| jibri.persistence.existingClaim | string | `nil` | | +| jibri.persistence.size | string | `"4Gi"` | | +| jibri.persistence.storageClassName | string | `nil` | | +| jibri.readinessProbe.exec.command[0] | string | `"pgrep"` | | +| jibri.readinessProbe.exec.command[1] | string | `"java"` | | +| jibri.recorder.password | string | `nil` | | +| jibri.recorder.user | string | `"recorder"` | | +| jibri.shm.enabled | bool | `false` | | +| jibri.timeout | int | `90` | | +| jibri.xmpp.password | string | `nil` | | +| jibri.xmpp.user | string | `"jibri"` | | +| jicofo.affinity | object | `{}` | | +| jicofo.extraEnvs | object | `{}` | | +| jicofo.image.repository | string | `"jitsi/jicofo"` | | +| jicofo.livenessProbe.tcpSocket.port | int | `8888` | | +| jicofo.nodeSelector | object | `{}` | | +| jicofo.podAnnotations | object | `{}` | | +| jicofo.podLabels | object | `{}` | | +| jicofo.podSecurityContext | object | `{}` | | +| jicofo.readinessProbe.tcpSocket.port | int | `8888` | | +| jicofo.replicaCount | int | `1` | | +| jicofo.resources | object | `{}` | | +| jicofo.securityContext | object | `{}` | | +| jicofo.tolerations | list | `[]` | | +| jicofo.xmpp.componentSecret | string | `nil` | | +| jicofo.xmpp.password | string | `nil` | | +| jicofo.xmpp.user | string | `"focus"` | | +| jvb.UDPPort | int | `30000` | | +| jvb.affinity | object | `{}` | | +| jvb.breweryMuc | string | `"jvbbrewery"` | | +| jvb.extraEnvs | object | `{}` | | +| jvb.image.repository | string | `"jitsi/jvb"` | | +| jvb.livenessProbe.httpGet.path | string | `"/about/health"` | | +| jvb.livenessProbe.httpGet.port | int | `8080` | | +| jvb.metrics.enabled | bool | `false` | | +| jvb.metrics.image.pullPolicy | string | `"IfNotPresent"` | | +| jvb.metrics.image.repository | string | `"docker.io/systemli/prometheus-jitsi-meet-exporter"` | | +| jvb.metrics.image.tag | string | `"1.1.9"` | | +| jvb.metrics.prometheusAnnotations | bool | `false` | | +| jvb.metrics.resources.limits.cpu | string | `"20m"` | | +| jvb.metrics.resources.limits.memory | string | `"32Mi"` | | +| jvb.metrics.resources.requests.cpu | string | `"10m"` | | +| jvb.metrics.resources.requests.memory | string | `"16Mi"` | | +| jvb.metrics.serviceMonitor.enabled | bool | `true` | | +| jvb.metrics.serviceMonitor.interval | string | `"10s"` | | +| jvb.metrics.serviceMonitor.selector.release | string | `"prometheus-operator"` | | +| jvb.nodeSelector | object | `{}` | | +| jvb.podAnnotations | object | `{}` | | +| jvb.podLabels | object | `{}` | | +| jvb.podSecurityContext | object | `{}` | | +| jvb.publicIP | string | `"1.2.3.4"` | | +| jvb.readinessProbe.httpGet.path | string | `"/about/health"` | | +| jvb.readinessProbe.httpGet.port | int | `8080` | | +| jvb.replicaCount | int | `1` | | +| jvb.resources | object | `{}` | | +| jvb.securityContext | object | `{}` | | +| jvb.service.annotations | object | `{}` | | +| jvb.service.enabled | string | `nil` | | +| jvb.service.externalIPs | list | `[]` | | +| jvb.service.type | string | `"LoadBalancer"` | | +| jvb.stunServers | string | `"meet-jit-si-turnrelay.jitsi.net:443"` | | +| jvb.tolerations | list | `[]` | | +| jvb.useHostPort | bool | `false` | | +| jvb.websockets.enabled | bool | `false` | | +| jvb.xmpp.password | string | `nil` | | +| jvb.xmpp.user | string | `"jvb"` | | +| nameOverride | string | `""` | | +| octo.enabled | bool | `false` | | +| prosody.enabled | bool | `true` | | +| prosody.extraEnvFrom[0].secretRef.name | string | `"{{ include \"prosody.fullname\" . }}-jicofo"` | | +| prosody.extraEnvFrom[1].secretRef.name | string | `"{{ include \"prosody.fullname\" . }}-jvb"` | | +| prosody.extraEnvFrom[2].configMapRef.name | string | `"{{ include \"prosody.fullname\" . }}-common"` | | +| prosody.image.repository | string | `"jitsi/prosody"` | | +| prosody.image.tag | string | `"stable-6865"` | | +| prosody.server | string | `nil` | | +| publicURL | string | `""` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `nil` | | +| tz | string | `"Europe/Amsterdam"` | | +| web.affinity | object | `{}` | | +| web.extraEnvs | object | `{}` | | +| web.httpRedirect | bool | `false` | | +| web.httpsEnabled | bool | `false` | | +| web.image.repository | string | `"jitsi/web"` | | +| web.ingress.annotations."cert-manager.io/cluster-issuer" | string | `"letsencrypt"` | | +| web.ingress.enabled | bool | `false` | | +| web.ingress.hosts[0].host | string | `"jitsi.k8s.gradiant.org"` | | +| web.ingress.hosts[0].paths[0] | string | `"/"` | | +| web.ingress.tls[0].hosts[0] | string | `"jitsi.k8s.gradiant.org"` | | +| web.ingress.tls[0].secretName | string | `"jitsi.k8s.gradiant.org-tls"` | | +| web.livenessProbe.httpGet.path | string | `"/"` | | +| web.livenessProbe.httpGet.port | int | `80` | | +| web.nodeSelector | object | `{}` | | +| web.podAnnotations | object | `{}` | | +| web.podLabels | object | `{}` | | +| web.podSecurityContext | object | `{}` | | +| web.readinessProbe.httpGet.path | string | `"/"` | | +| web.readinessProbe.httpGet.port | int | `80` | | +| web.replicaCount | int | `1` | | +| web.resources | object | `{}` | | +| web.securityContext | object | `{}` | | +| web.service.externalIPs | list | `[]` | | +| web.service.port | int | `80` | | +| web.service.type | string | `"ClusterIP"` | | +| web.tolerations | list | `[]` | | +| xmpp.authDomain | string | `nil` | | +| xmpp.domain | string | `"meet.jitsi"` | | +| xmpp.guestDomain | string | `nil` | | +| xmpp.internalMucDomain | string | `nil` | | +| xmpp.mucDomain | string | `nil` | | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) diff --git a/charts/jitsi/charts/prosody/.helmignore b/charts/jitsi/charts/prosody/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/charts/jitsi/charts/prosody/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/jitsi/charts/prosody/Chart.yaml b/charts/jitsi/charts/prosody/Chart.yaml new file mode 100644 index 000000000..4d000d443 --- /dev/null +++ b/charts/jitsi/charts/prosody/Chart.yaml @@ -0,0 +1,21 @@ +apiVersion: v2 +name: prosody +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 1.2.2 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 0.11.13 diff --git a/charts/jitsi/charts/prosody/README.md b/charts/jitsi/charts/prosody/README.md new file mode 100644 index 000000000..199bb404e --- /dev/null +++ b/charts/jitsi/charts/prosody/README.md @@ -0,0 +1,52 @@ +# prosody + +![Version: 1.2.2](https://img.shields.io/badge/Version-1.2.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.11.13](https://img.shields.io/badge/AppVersion-0.11.13-informational?style=flat-square) + +A Helm chart for Kubernetes + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| dataDir | string | `"/config/data"` | | +| domain | string | `nil` | | +| extraEnvFrom | list | `[]` | | +| extraEnvs | list | `[]` | | +| fullnameOverride | string | `""` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.repository | string | `"nginx"` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths | list | `[]` | | +| ingress.tls | list | `[]` | | +| livenessProbe.httpGet.path | string | `"/http-bind"` | | +| livenessProbe.httpGet.port | string | `"bosh-insecure"` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| persistence.enabled | bool | `true` | | +| persistence.size | string | `"3G"` | | +| persistence.storageClassName | string | `nil` | | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| readinessProbe.httpGet.path | string | `"/http-bind"` | | +| readinessProbe.httpGet.port | string | `"bosh-insecure"` | | +| resources | object | `{}` | | +| secretEnvs | object | `{}` | | +| securityContext | object | `{}` | | +| service.ports.bosh-insecure | int | `5280` | | +| service.ports.bosh-secure | int | `5281` | | +| service.ports.xmpp-c2s | int | `5222` | | +| service.ports.xmpp-component | int | `5347` | | +| service.ports.xmpp-s2s | int | `5269` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `nil` | | +| tolerations | list | `[]` | | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) diff --git a/charts/jitsi/charts/prosody/templates/NOTES.txt b/charts/jitsi/charts/prosody/templates/NOTES.txt new file mode 100644 index 000000000..8df949149 --- /dev/null +++ b/charts/jitsi/charts/prosody/templates/NOTES.txt @@ -0,0 +1,21 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "prosody.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "prosody.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "prosody.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "prosody.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:80 +{{- end }} diff --git a/charts/jitsi/charts/prosody/templates/_helpers.tpl b/charts/jitsi/charts/prosody/templates/_helpers.tpl new file mode 100644 index 000000000..337047221 --- /dev/null +++ b/charts/jitsi/charts/prosody/templates/_helpers.tpl @@ -0,0 +1,63 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "prosody.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "prosody.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "prosody.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "prosody.labels" -}} +helm.sh/chart: {{ include "prosody.chart" . }} +{{ include "prosody.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +Selector labels +*/}} +{{- define "prosody.selectorLabels" -}} +app.kubernetes.io/name: {{ include "prosody.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "prosody.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "prosody.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/charts/jitsi/charts/prosody/templates/envs-configmap.yaml b/charts/jitsi/charts/prosody/templates/envs-configmap.yaml new file mode 100644 index 000000000..fc3cd0a24 --- /dev/null +++ b/charts/jitsi/charts/prosody/templates/envs-configmap.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "prosody.fullname" . }} + labels: + {{- include "prosody.labels" . | nindent 4 }} +data: + {{- range $key, $value := .Values.env }} + {{- if not (kindIs "invalid" $value) }} + {{ $key }}: {{ tpl $value $ | quote }} + {{- end }} + {{- end }} diff --git a/charts/jitsi/charts/prosody/templates/envs-secret.yaml b/charts/jitsi/charts/prosody/templates/envs-secret.yaml new file mode 100644 index 000000000..6c9d059b3 --- /dev/null +++ b/charts/jitsi/charts/prosody/templates/envs-secret.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "prosody.fullname" . }} + labels: + {{- include "prosody.labels" . | nindent 4 }} +type: Opaque +data: + {{- range $key, $value := .Values.secretEnvs }} + {{- if not (kindIs "invalid" $value) }} + {{ $key }}: {{ tpl $value $ | b64enc }} + {{- end }} + {{- end }} diff --git a/charts/jitsi/charts/prosody/templates/ingress.yaml b/charts/jitsi/charts/prosody/templates/ingress.yaml new file mode 100644 index 000000000..fc9612ff2 --- /dev/null +++ b/charts/jitsi/charts/prosody/templates/ingress.yaml @@ -0,0 +1,56 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "prosody.fullname" . -}} +{{- $svcPort := index .Values.service.ports "bosh-insecure" -}} +{{- $kubeVersion := .Capabilities.KubeVersion.GitVersion -}} +{{- if semverCompare ">=1.19-0" $kubeVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" $kubeVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "prosody.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: +{{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ . }} + pathType: Prefix + backend: + {{ if semverCompare ">=1.19-0" $kubeVersion }} + service: + name: {{ $fullName }} + port: + {{ if kindIs "float64" $svcPort }} + number: {{ $svcPort }} + {{ else }} + name: {{ $svcPort }} + {{ end }} + {{ else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{ end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/jitsi/charts/prosody/templates/service.yaml b/charts/jitsi/charts/prosody/templates/service.yaml new file mode 100644 index 000000000..f95c7901f --- /dev/null +++ b/charts/jitsi/charts/prosody/templates/service.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "prosody.fullname" . }} + labels: + {{- include "prosody.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ index .Values.service.ports "bosh-insecure" }} + protocol: TCP + name: tcp-bosh-insecure + - port: {{ index .Values.service.ports "bosh-secure" }} + protocol: TCP + name: tcp-bosh-secure + - port: {{ index .Values.service.ports "xmpp-component" }} + protocol: TCP + name: tcp-xmpp-component + - port: {{ index .Values.service.ports "xmpp-c2s" }} + protocol: TCP + name: tcp-xmpp-c2 + - port: {{ index .Values.service.ports "xmpp-s2s" }} + protocol: TCP + name: tcp-xmpp-s2 + selector: + {{- include "prosody.selectorLabels" . | nindent 4 }} diff --git a/charts/jitsi/charts/prosody/templates/serviceaccount.yaml b/charts/jitsi/charts/prosody/templates/serviceaccount.yaml new file mode 100644 index 000000000..c5706a649 --- /dev/null +++ b/charts/jitsi/charts/prosody/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "prosody.serviceAccountName" . }} + labels: + {{- include "prosody.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end -}} diff --git a/charts/jitsi/charts/prosody/templates/statefulset.yaml b/charts/jitsi/charts/prosody/templates/statefulset.yaml new file mode 100644 index 000000000..dbd13db13 --- /dev/null +++ b/charts/jitsi/charts/prosody/templates/statefulset.yaml @@ -0,0 +1,130 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "prosody.fullname" . }} + labels: + {{- include "prosody.labels" . | nindent 4 }} + {{- with .Values.annotations }} + annotations: + {{ toYaml . | nindent 4 }} + {{- end }} +spec: + serviceName: "prosody" + replicas: 1 + selector: + matchLabels: + {{- include "prosody.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "prosody.selectorLabels" . | nindent 8 }} + {{- range $label, $value := mergeOverwrite .Values.global.podLabels .Values.podLabels }} + {{ $label }}: {{ $value }} + {{- end }} + {{- with mergeOverwrite .Values.global.podAnnotations .Values.podAnnotations }} + annotations: + {{- range $annotation, $value := . }} + {{ $annotation }}: {{ $value }} + {{- end }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "prosody.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ tpl (default .Chart.AppVersion .Values.image.tag ) . }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + envFrom: + - configMapRef: + name: {{ include "prosody.fullname" . }} + - secretRef: + name: {{ include "prosody.fullname" . }} + {{- range .Values.extraEnvFrom }} + - {{ tpl (toYaml . ) $ | indent 12 | trim }} + {{- end }} + {{- if .Values.extraEnvs }} + env: + {{- range .Values.extraEnvs }} + - {{ tpl (toYaml . ) $ | indent 12 | trim }} + {{- end }} + {{- end }} + ports: + - name: xmpp-c2s + containerPort: {{ index .Values.service.ports "xmpp-c2s" }} + protocol: TCP + - name: xmpp-s2s + containerPort: {{ index .Values.service.ports "xmpp-s2s" }} + protocol: TCP + - name: xmpp-component + containerPort: {{ index .Values.service.ports "xmpp-component" }} + protocol: TCP + - name: bosh-insecure + containerPort: {{ index .Values.service.ports "bosh-insecure" }} + protocol: TCP + - name: bosh-secure + containerPort: {{ index .Values.service.ports "bosh-secure" }} + protocol: TCP + {{- with .Values.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.readinessProbe }} + readinessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + - name: prosody-data + mountPath: {{ .Values.dataDir }} + {{- with .Values.extraVolumeMounts }} + {{- toYaml . | nindent 10 }} + {{- end }} + volumes: + - name: prosody-data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: prosody-data + {{- else }} + emptyDir: {} + {{- end }} + {{- with .Values.extraVolumes }} + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if or .Values.persistence.enabled .Values.extraVolumeClaimTemplates }} + volumeClaimTemplates: + - metadata: + name: prosody-data + spec: + accessModes: + - ReadWriteOnce + volumeMode: Filesystem + resources: + requests: + storage: {{ .Values.persistence.size }} + {{- with .Values.persistence.storageClassName }} + storageClassName: {{ . | quote }} + {{- end }} + {{- with .Values.extraVolumeClaimTemplates }} + {{- toYaml . | nindent 2 }} + {{- end }} + {{- end }} diff --git a/charts/jitsi/charts/prosody/templates/tests/test-connection.yaml b/charts/jitsi/charts/prosody/templates/tests/test-connection.yaml new file mode 100644 index 000000000..8a9dd7763 --- /dev/null +++ b/charts/jitsi/charts/prosody/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "prosody.fullname" . }}-test-connection" + labels: + {{- include "prosody.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test-success +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "prosody.fullname" . }}:{{ index .Values.service.ports "bosh-insecure" }}'] + restartPolicy: Never diff --git a/charts/jitsi/charts/prosody/values.yaml b/charts/jitsi/charts/prosody/values.yaml new file mode 100644 index 000000000..c5390532b --- /dev/null +++ b/charts/jitsi/charts/prosody/values.yaml @@ -0,0 +1,94 @@ +# Default values for prosody. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +image: + repository: nginx + pullPolicy: IfNotPresent + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +domain: + +dataDir: /config/data +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: + +podLabels: {} +podAnnotations: {} +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + ports: + bosh-insecure: 5280 + bosh-secure: 5281 + xmpp-c2s: 5222 + xmpp-s2s: 5269 + xmpp-component: 5347 + +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: [] + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +livenessProbe: + httpGet: + path: /http-bind + port: bosh-insecure +readinessProbe: + httpGet: + path: /http-bind + port: bosh-insecure + +persistence: + enabled: true + size: 3G + storageClassName: + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +extraEnvs: [] +extraEnvFrom: [] +secretEnvs: {} diff --git a/charts/jitsi/docs/index.yaml b/charts/jitsi/docs/index.yaml new file mode 100644 index 000000000..708b68a8c --- /dev/null +++ b/charts/jitsi/docs/index.yaml @@ -0,0 +1,154 @@ +apiVersion: v1 +entries: + jitsi-meet: + - apiVersion: v2 + appVersion: stable-6865 + created: "2022-03-10T23:26:16.745929+01:00" + dependencies: + - condition: prosody.enabled + name: prosody + repository: "" + version: 1.2.2 + description: A Helm chart for Kubernetes + digest: 18406c945a2086787be543d6036a46f91fb7c1a5aca7b75f2e9eb6d2447858fb + name: jitsi-meet + type: application + urls: + - https://jitsi-contrib.github.io/jitsi-helm/jitsi-meet-1.2.2.tgz + version: 1.2.2 + - apiVersion: v2 + appVersion: stable-6865 + created: "2022-03-10T23:26:16.744829+01:00" + dependencies: + - condition: prosody.enabled + name: prosody + repository: "" + version: 1.2.1 + description: A Helm chart for Kubernetes + digest: cdd81bdc042771e36060dca0474920df80f7b87c61c09a20b002988bd42eb8a6 + name: jitsi-meet + type: application + urls: + - https://jitsi-contrib.github.io/jitsi-helm/jitsi-meet-1.2.1.tgz + version: 1.2.1 + - apiVersion: v2 + appVersion: stable-6865 + created: "2022-03-10T23:26:16.743473+01:00" + dependencies: + - condition: prosody.enabled + name: prosody + repository: "" + version: 1.2.0 + description: A Helm chart for Kubernetes + digest: d27498c191d77de8bc53d077e664d2a89ac69224ab31956a80e7eebdeed7d05c + name: jitsi-meet + type: application + urls: + - https://jitsi-contrib.github.io/jitsi-helm/jitsi-meet-1.2.0.tgz + version: 1.2.0 + - apiVersion: v2 + appVersion: stable-6726 + created: "2022-03-10T23:26:16.742161+01:00" + dependencies: + - condition: prosody.enabled + name: prosody + repository: "" + version: 1.1.0 + description: A Helm chart for Kubernetes + digest: f6344a12a4964ae731a9048cf5f451a99795268e0dffafb293659b34620ab1f6 + name: jitsi-meet + type: application + urls: + - https://jitsi-contrib.github.io/jitsi-helm/jitsi-meet-1.1.0.tgz + version: 1.1.0 + - apiVersion: v2 + appVersion: stable-6433 + created: "2022-03-10T23:26:16.740804+01:00" + dependencies: + - condition: prosody.enabled + name: prosody + repository: "" + version: 1.0.0 + description: A Helm chart for Kubernetes + digest: ed6a5a05e23d4d951e1c4e18ce5b08564d63ece5aff3055cc0fbc7345d6c42cb + name: jitsi-meet + type: application + urls: + - https://jitsi-contrib.github.io/jitsi-helm/jitsi-meet-1.0.0.tgz + version: 1.0.0 + - apiVersion: v2 + appVersion: stable-5963 + created: "2022-03-10T23:26:16.738696+01:00" + dependencies: + - condition: prosody.enabled + name: prosody + repository: "" + version: 0.2.1 + description: A Helm chart for Kubernetes + digest: a0092b31326bf41597fceb664e3fc669340054f4338a64bdc576f5ef8c24d9b8 + name: jitsi-meet + type: application + urls: + - https://jitsi-contrib.github.io/jitsi-helm/jitsi-meet-0.2.1.tgz + version: 0.2.1 + - apiVersion: v2 + appVersion: stable-5963 + created: "2022-03-10T23:26:16.737151+01:00" + dependencies: + - condition: prosody.enabled + name: prosody + repository: "" + version: 0.2.0 + description: A Helm chart for Kubernetes + digest: 8234cdb12cd20c9e9c1abe8c7d3920549bffb65fbe63b35af43e1cddbdaeeaca + name: jitsi-meet + type: application + urls: + - https://jitsi-contrib.github.io/jitsi-helm/jitsi-meet-0.2.0.tgz + version: 0.2.0 + - apiVersion: v2 + appVersion: stable-5390-3 + created: "2022-03-10T23:26:16.735313+01:00" + dependencies: + - condition: prosody.enabled + name: prosody + repository: "" + version: '*' + description: A Helm chart for Kubernetes + digest: f50c08198000e2b25b1d21fd926a7392bf3027e3e5bb984c9501744389aa90a8 + name: jitsi-meet + type: application + urls: + - https://jitsi-contrib.github.io/jitsi-helm/jitsi-meet-0.1.4.tgz + version: 0.1.4 + - apiVersion: v2 + appVersion: stable-5390-3 + created: "2022-03-10T23:26:16.734192+01:00" + dependencies: + - condition: prosody.enabled + name: prosody + repository: "" + version: '*' + description: A Helm chart for Kubernetes + digest: f5d23258f3021f42029514be9206910864123ecca5bbcc9505b0cc100e7bd5e0 + name: jitsi-meet + type: application + urls: + - https://jitsi-contrib.github.io/jitsi-helm/jitsi-meet-0.1.3.tgz + version: 0.1.3 + - apiVersion: v2 + appVersion: stable-5390-3 + created: "2022-03-10T23:26:16.733045+01:00" + dependencies: + - condition: prosody.enabled + name: prosody + repository: "" + version: '*' + description: A Helm chart for Kubernetes + digest: 3579cde89bd94faf4d94efd94524c64bebf95cfc123446dc0c535bf8e23b70fe + name: jitsi-meet + type: application + urls: + - https://jitsi-contrib.github.io/jitsi-helm/jitsi-meet-0.1.2.tgz + version: 0.1.2 +generated: "2022-03-10T23:26:16.73107+01:00" diff --git a/charts/jitsi/docs/robots.txt b/charts/jitsi/docs/robots.txt new file mode 100644 index 000000000..c6742d8a8 --- /dev/null +++ b/charts/jitsi/docs/robots.txt @@ -0,0 +1,2 @@ +User-Agent: * +Disallow: / diff --git a/charts/jitsi/templates/NOTES.txt b/charts/jitsi/templates/NOTES.txt new file mode 100644 index 000000000..c1e2bccde --- /dev/null +++ b/charts/jitsi/templates/NOTES.txt @@ -0,0 +1,21 @@ +1. Get the application URL by running these commands: +{{- if .Values.web.ingress.enabled }} +{{- range $host := .Values.web.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.web.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.web.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "jitsi-meet.web.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.web.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "jitsi-meet.web.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "jitsi-meet.web.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.web.service.port }} +{{- else if contains "ClusterIP" .Values.web.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "jitsi-meet.name" . }},app.kubernetes.io/component=web,app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:80 +{{- end }} diff --git a/charts/jitsi/templates/_helpers.tpl b/charts/jitsi/templates/_helpers.tpl new file mode 100644 index 000000000..2234537e4 --- /dev/null +++ b/charts/jitsi/templates/_helpers.tpl @@ -0,0 +1,104 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "jitsi-meet.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "jitsi-meet.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "jitsi-meet.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "jitsi-meet.labels" -}} +helm.sh/chart: {{ include "jitsi-meet.chart" . }} +{{ include "jitsi-meet.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +Selector labels +*/}} +{{- define "jitsi-meet.selectorLabels" -}} +app.kubernetes.io/name: {{ include "jitsi-meet.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "jitsi-meet.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "jitsi-meet.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* + https://github.com/helm/helm/issues/4535 +*/}} +{{- define "call-nested" }} +{{- $dot := index . 0 }} +{{- $subchart := index . 1 }} +{{- $template := index . 2 }} +{{- include $template (dict "Chart" (dict "Name" $subchart) "Values" (index $dot.Values $subchart) "Release" $dot.Release "Capabilities" $dot.Capabilities) }} +{{- end }} + +{{- define "jitsi-meet.xmpp.domain" -}} +{{- if .Values.xmpp.domain -}} + {{ .Values.xmpp.domain }} +{{- else -}} + {{ .Release.Namespace }}.svc +{{- end -}} +{{- end -}} + +{{- define "jitsi-meet.xmpp.server" -}} +{{- if .Values.prosody.server -}} + {{ .Values.prosody.server }} +{{- else -}} + {{ include "call-nested" (list . "prosody" "prosody.fullname") }}.{{ .Release.Namespace }}.svc +{{- end -}} +{{- end -}} + + +{{- define "jitsi-meet.publicURL" -}} +{{- if .Values.publicURL }} +{{- .Values.publicURL -}} +{{- else -}} +{{- if .Values.web.ingress.tls -}}https://{{- else -}}http://{{- end -}} +{{- if .Values.web.ingress.tls -}} +{{- (.Values.web.ingress.tls|first).hosts|first -}} +{{- else if .Values.web.ingress.hosts -}} +{{- (.Values.web.ingress.hosts|first).host -}} +{{ required "You need to define a publicURL or some value for ingress" .Values.publicURL }} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/jitsi/templates/common-configmap.yaml b/charts/jitsi/templates/common-configmap.yaml new file mode 100644 index 000000000..e0c2071fd --- /dev/null +++ b/charts/jitsi/templates/common-configmap.yaml @@ -0,0 +1,31 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-common + labels: + {{- include "jitsi-meet.labels" . | nindent 4 }} +data: + ENABLE_AUTH: {{ ternary "1" "0" .Values.enableAuth | quote }} + ENABLE_GUESTS: {{ ternary "1" "0" .Values.enableGuests | quote }} + PUBLIC_URL: {{ include "jitsi-meet.publicURL" . }} + XMPP_DOMAIN: {{ include "jitsi-meet.xmpp.domain" . }} + XMPP_MUC_DOMAIN: {{ .Values.xmpp.mucDomain | default (printf "muc.%s" (include "jitsi-meet.xmpp.domain" .)) }} + XMPP_AUTH_DOMAIN: {{ .Values.xmpp.authDomain | default (printf "auth.%s" (include "jitsi-meet.xmpp.domain" .)) }} + XMPP_GUEST_DOMAIN: {{ .Values.xmpp.guestDomain | default (printf "guest.%s" (include "jitsi-meet.xmpp.domain" .)) }} + XMPP_RECORDER_DOMAIN: {{ .Values.xmpp.recorderDomain | default (printf "recorder.%s" (include "jitsi-meet.xmpp.domain" .)) }} + XMPP_INTERNAL_MUC_DOMAIN: {{ .Values.xmpp.internalMucDomain | default (printf "internal-muc.%s" (include "jitsi-meet.xmpp.domain" .)) }} + {{- if .Values.jibri.enabled }} + ENABLE_RECORDING: "true" + {{- end }} + TZ: '{{ .Values.tz }}' + {{- range $key, $value := .Values.extraCommonEnvs }} + {{- if not (kindIs "invalid" $value) }} + {{ $key }}: {{ tpl $value $ | quote }} + {{- end }} + {{- end }} + {{- if .Values.octo.enabled }} + ENABLE_OCTO: "1" + TESTING_OCTO_PROBABILITY: "1" + DEPLOYMENTINFO_REGION: "all" + DEPLOYMENTINFO_USERREGION: "all" + {{- end }} \ No newline at end of file diff --git a/charts/jitsi/templates/ingress.yaml b/charts/jitsi/templates/ingress.yaml new file mode 100644 index 000000000..a4e582b86 --- /dev/null +++ b/charts/jitsi/templates/ingress.yaml @@ -0,0 +1,59 @@ +{{- if .Values.web.ingress.enabled -}} +{{- $fullName := include "jitsi-meet.web.fullname" . -}} +{{- $svcPort := .Values.web.service.port -}} +{{- $kubeVersion := .Capabilities.KubeVersion.GitVersion -}} +{{- if semverCompare ">=1.19-0" $kubeVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" $kubeVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "jitsi-meet.web.labels" . | nindent 4 }} + {{- with .Values.web.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: +{{- if and .Values.web.ingress.ingressClassName (semverCompare ">=1.19-0" $kubeVersion) }} + ingressClassName: {{ .Values.web.ingress.ingressClassName }} +{{- end }} +{{- if .Values.web.ingress.tls }} + tls: + {{- range .Values.web.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.web.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ . }} + pathType: Prefix + backend: + {{- if semverCompare ">=1.19-0" $kubeVersion }} + service: + name: {{ $fullName }} + port: + {{- if kindIs "float64" $svcPort }} + number: {{ $svcPort }} + {{ else }} + name: {{ $svcPort }} + {{ end }} + {{ else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{ end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/jitsi/templates/jibri/_helper.tpl b/charts/jitsi/templates/jibri/_helper.tpl new file mode 100644 index 000000000..30d1bc4f3 --- /dev/null +++ b/charts/jitsi/templates/jibri/_helper.tpl @@ -0,0 +1,18 @@ + +{{- define "jitsi-meet.jibri.fullname" -}} +{{ include "jitsi-meet.fullname" . }}-jibri +{{- end -}} + +{{- define "jitsi-meet.jibri.labels" -}} +{{ include "jitsi-meet.labels" . }} +app.kubernetes.io/component: jibri +{{- end -}} + +{{- define "jitsi-meet.jibri.selectorLabels" -}} +{{ include "jitsi-meet.selectorLabels" . }} +app.kubernetes.io/component: jibri +{{- end -}} + +{{- define "jitsi-meet.jibri.secret" -}} +{{ include "call-nested" (list . "prosody" "prosody.fullname") }}-jibri +{{- end -}} diff --git a/charts/jitsi/templates/jibri/configmap.yaml b/charts/jitsi/templates/jibri/configmap.yaml new file mode 100644 index 000000000..b19ce116c --- /dev/null +++ b/charts/jitsi/templates/jibri/configmap.yaml @@ -0,0 +1,21 @@ +{{- if .Values.jibri.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "jitsi-meet.jibri.fullname" . }} + labels: + {{- include "jitsi-meet.jibri.labels" . | nindent 4 }} +data: + XMPP_SERVER: '{{ include "jitsi-meet.xmpp.server" . }}' + JIBRI_BREWERY_MUC: '{{ .Values.jibri.breweryMuc }}' + JIBRI_RECORDING_DIR: '{{ .Values.jibri.recordingDir | default "/data/recordings" }}' + JIBRI_FINALIZE_RECORDING_SCRIPT_PATH: "/config/finalize.sh" + JIBRI_STRIP_DOMAIN_JID: muc + JIBRI_LOGS_DIR: "/data/logs" + DISPLAY: ":0" + {{- range $key, $value := .Values.jibri.extraEnvs }} + {{- if not (kindIs "invalid" $value) }} + {{ $key }}: {{ tpl $value $ | quote }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/jitsi/templates/jibri/deployment.yaml b/charts/jitsi/templates/jibri/deployment.yaml new file mode 100644 index 000000000..bb190528b --- /dev/null +++ b/charts/jitsi/templates/jibri/deployment.yaml @@ -0,0 +1,93 @@ +{{- if .Values.jibri.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "jitsi-meet.jibri.fullname" . }} + labels: + {{- include "jitsi-meet.jibri.labels" . | nindent 4 }} + {{- with .Values.jibri.annotations }} + annotations: + {{ toYaml . | nindent 4 }} + {{- end }} +spec: + replicas: {{ .Values.jibri.replicaCount | default 1 }} + selector: + matchLabels: + {{- include "jitsi-meet.jibri.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "jitsi-meet.jibri.selectorLabels" . | nindent 8 }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/jibri/configmap.yaml") . | sha256sum }} + checksum/secret: {{ include (print $.Template.BasePath "/jibri/xmpp-secret.yaml") . | sha256sum }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "jitsi-meet.serviceAccountName" . }} + containers: + - name: {{ .Chart.Name }} + securityContext: + privileged: true + image: "{{ .Values.jibri.image.repository }}:{{ default .Chart.AppVersion .Values.jibri.image.tag }}" + imagePullPolicy: {{ pluck "pullPolicy" .Values.jibri.image .Values.image | first }} + ports: + - name: http-internal + containerPort: 3333 + - name: http-api + containerPort: 2222 + {{- with default .Values.jibri.livenessProbe .Values.jibri.livenessProbeOverride }} + livenessProbe: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with default .Values.jibri.readinessProbe .Values.jibri.readinessProbeOverride }} + readinessProbe: + {{- toYaml . | nindent 10 }} + {{- end }} + + envFrom: + - secretRef: + name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-jibri + - configMapRef: + name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-common + - configMapRef: + name: {{ include "jitsi-meet.jibri.fullname" . }} + + resources: + {{- toYaml .Values.jibri.resources | nindent 12 }} + + volumeMounts: + - name: jibri-data + mountPath: /data + - name: dev-snd + mountPath: /dev/snd + {{- if .Values.jibri.shm.enabled }} + - name: dev-shm + mountPath: /dev/shm + {{- end }} + + volumes: + - name: jibri-data + {{- if .Values.jibri.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Values.jibri.persistence.existingClaim | default (include "jitsi-meet.jibri.fullname" .) }} + {{- else }} + emptyDir: {} + {{- end }} + - name: dev-snd + hostPath: + path: /dev/snd + {{- if .Values.jibri.shm.enabled }} + - name: dev-shm + {{- if .Values.jibri.shm.useHost }} + hostPath: + path: /dev/shm + {{- else }} + emptyDir: + medium: Memory + sizeLimit: {{ .Values.jibri.shm.size | default "256Mi" | quote }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/jitsi/templates/jibri/persistentvolumeclaim.yaml b/charts/jitsi/templates/jibri/persistentvolumeclaim.yaml new file mode 100644 index 000000000..7d1aed621 --- /dev/null +++ b/charts/jitsi/templates/jibri/persistentvolumeclaim.yaml @@ -0,0 +1,18 @@ +{{- if and .Values.jibri.enabled .Values.jibri.persistence.enabled (not .Values.jibri.persistence.existingClaim)}} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ include "jitsi-meet.jibri.fullname" . }} + labels: + {{- include "jitsi-meet.jibri.labels" . | nindent 4 }} + namespace: {{ .Release.Namespace }} +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: {{ .Values.jibri.persistence.size | quote }} + {{- with .Values.jibri.persistence.storageClassName }} + storageClassName: {{ . | quote }} + {{- end }} +{{- end -}} diff --git a/charts/jitsi/templates/jibri/service.yaml b/charts/jitsi/templates/jibri/service.yaml new file mode 100644 index 000000000..f2cf1d278 --- /dev/null +++ b/charts/jitsi/templates/jibri/service.yaml @@ -0,0 +1,21 @@ +{{- if .Values.jibri.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "jitsi-meet.jibri.fullname" . }} + labels: + {{- include "jitsi-meet.jibri.labels" . | nindent 4 }} +spec: + type: ClusterIP + ports: + - name: http-internal + port: 3333 + targetPort: 3333 + protocol: TCP + - name: http-api + port: 2222 + targetPort: 2222 + protocol: TCP + selector: + {{- include "jitsi-meet.jibri.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/jitsi/templates/jibri/xmpp-secret.yaml b/charts/jitsi/templates/jibri/xmpp-secret.yaml new file mode 100644 index 000000000..441908f4f --- /dev/null +++ b/charts/jitsi/templates/jibri/xmpp-secret.yaml @@ -0,0 +1,14 @@ +{{- if .Values.jibri.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-jibri + labels: + {{- include "jitsi-meet.jibri.labels" . | nindent 4 }} +type: Opaque +data: + JIBRI_XMPP_USER: '{{ .Values.jibri.xmpp.user | b64enc }}' + JIBRI_XMPP_PASSWORD: '{{ default (randAlphaNum 10) .Values.jibri.xmpp.password | b64enc }}' + JIBRI_RECORDER_USER: '{{ .Values.jibri.recorder.user | b64enc }}' + JIBRI_RECORDER_PASSWORD: '{{ default (randAlphaNum 10) .Values.jibri.recorder.password | b64enc }}' +{{- end }} diff --git a/charts/jitsi/templates/jicofo/_helper.tpl b/charts/jitsi/templates/jicofo/_helper.tpl new file mode 100644 index 000000000..3a55245d2 --- /dev/null +++ b/charts/jitsi/templates/jicofo/_helper.tpl @@ -0,0 +1,18 @@ + +{{- define "jitsi-meet.jicofo.fullname" -}} +{{ include "jitsi-meet.fullname" . }}-jicofo +{{- end -}} + +{{- define "jitsi-meet.jicofo.labels" -}} +{{ include "jitsi-meet.labels" . }} +app.kubernetes.io/component: jicofo +{{- end -}} + +{{- define "jitsi-meet.jicofo.selectorLabels" -}} +{{ include "jitsi-meet.selectorLabels" . }} +app.kubernetes.io/component: jicofo +{{- end -}} + +{{- define "jitsi-meet.jicofo.secret" -}} +{{ include "call-nested" (list . "prosody" "prosody.fullname") }}-jicofo +{{- end -}} diff --git a/charts/jitsi/templates/jicofo/configmap.yaml b/charts/jitsi/templates/jicofo/configmap.yaml new file mode 100644 index 000000000..39c9672c1 --- /dev/null +++ b/charts/jitsi/templates/jicofo/configmap.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "jitsi-meet.jicofo.fullname" . }} + labels: + {{- include "jitsi-meet.jicofo.labels" . | nindent 4 }} +data: + JVB_BREWERY_MUC: '{{ .Values.jvb.breweryMuc }}' + XMPP_SERVER: '{{ include "jitsi-meet.xmpp.server" . }}' + {{- if .Values.jibri.enabled }} + JIBRI_BREWERY_MUC: '{{ .Values.jibri.breweryMuc }}' + JIBRI_PENDING_TIMEOUT: '{{ .Values.jibri.timeout }}' + {{- end }} + {{- range $key, $value := .Values.jicofo.extraEnvs }} + {{- if not (kindIs "invalid" $value) }} + {{ $key }}: {{ tpl $value $ | quote }} + {{- end }} + {{- end }} + {{- if .Values.octo.enabled }} + ENABLE_OCTO: "1" + OCTO_BRIDGE_SELECTION_STRATEGY: "SplitBridgeSelectionStrategy" + {{- end }} \ No newline at end of file diff --git a/charts/jitsi/templates/jicofo/deployment.yaml b/charts/jitsi/templates/jicofo/deployment.yaml new file mode 100644 index 000000000..a0f818741 --- /dev/null +++ b/charts/jitsi/templates/jicofo/deployment.yaml @@ -0,0 +1,76 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "jitsi-meet.jicofo.fullname" . }} + labels: + {{- include "jitsi-meet.jicofo.labels" . | nindent 4 }} + {{- with .Values.jicofo.annotations }} + annotations: + {{ toYaml . | nindent 4 }} + {{- end }} +spec: + replicas: {{ .Values.jicofo.replicaCount }} + selector: + matchLabels: + {{- include "jitsi-meet.jicofo.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "jitsi-meet.jicofo.selectorLabels" . | nindent 8 }} + {{- range $label, $value := mergeOverwrite .Values.global.podLabels .Values.jicofo.podLabels }} + {{ $label }}: {{ $value }} + {{- end }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/jicofo/configmap.yaml") . | sha256sum }} + checksum/secret: {{ include (print $.Template.BasePath "/jicofo/xmpp-secret.yaml") . | sha256sum }} + {{- range $annotation, $value := mergeOverwrite .Values.global.podAnnotations .Values.jicofo.podAnnotations }} + {{ $annotation }}: {{ $value|quote }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "jitsi-meet.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.jicofo.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.jicofo.securityContext | nindent 12 }} + image: "{{ .Values.jicofo.image.repository }}:{{ default .Chart.AppVersion .Values.jicofo.image.tag }}" + imagePullPolicy: {{ pluck "pullPolicy" .Values.jicofo.image .Values.image | first }} + envFrom: + - secretRef: + name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-jicofo + - configMapRef: + name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-common + - configMapRef: + name: {{ include "jitsi-meet.jicofo.fullname" . }} + ports: + - name: http + containerPort: 80 + protocol: TCP + {{- with .Values.jicofo.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.jicofo.readinessProbe }} + readinessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + resources: + {{- toYaml .Values.jicofo.resources | nindent 12 }} + + {{- with .Values.jicofo.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.jicofo.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.jicofo.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/jitsi/templates/jicofo/xmpp-secret.yaml b/charts/jitsi/templates/jicofo/xmpp-secret.yaml new file mode 100644 index 000000000..de95246b6 --- /dev/null +++ b/charts/jitsi/templates/jicofo/xmpp-secret.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-jicofo + labels: + {{- include "jitsi-meet.jicofo.labels" . | nindent 4 }} +type: Opaque +data: + JICOFO_AUTH_USER: '{{ .Values.jicofo.xmpp.user | b64enc }}' + JICOFO_AUTH_PASSWORD: '{{ default (randAlphaNum 10) .Values.jicofo.xmpp.password | b64enc }}' + JICOFO_COMPONENT_SECRET: '{{ default (randAlphaNum 10) .Values.jicofo.xmpp.componentSecret | b64enc }}' diff --git a/charts/jitsi/templates/jvb/_helper.tpl b/charts/jitsi/templates/jvb/_helper.tpl new file mode 100644 index 000000000..5aa1d9bc9 --- /dev/null +++ b/charts/jitsi/templates/jvb/_helper.tpl @@ -0,0 +1,18 @@ + +{{- define "jitsi-meet.jvb.fullname" -}} +{{ include "jitsi-meet.fullname" . }}-jvb +{{- end -}} + +{{- define "jitsi-meet.jvb.labels" -}} +{{ include "jitsi-meet.labels" . }} +app.kubernetes.io/component: jvb +{{- end -}} + +{{- define "jitsi-meet.jvb.selectorLabels" -}} +{{ include "jitsi-meet.selectorLabels" . }} +app.kubernetes.io/component: jvb +{{- end -}} + +{{- define "jitsi-meet.jvb.secret" -}} +{{ include "call-nested" (list . "prosody" "prosody.fullname") }}-jvb +{{- end -}} diff --git a/charts/jitsi/templates/jvb/configmap.yaml b/charts/jitsi/templates/jvb/configmap.yaml new file mode 100644 index 000000000..12a06c42f --- /dev/null +++ b/charts/jitsi/templates/jvb/configmap.yaml @@ -0,0 +1,28 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "jitsi-meet.jvb.fullname" . }} + labels: + {{- include "jitsi-meet.jvb.labels" . | nindent 4 }} +data: + JVB_BREWERY_MUC: '{{ .Values.jvb.breweryMuc }}' + JVB_PORT: '{{ .Values.jvb.UDPPort }}' + JVB_STUN_SERVERS: '{{.Values.jvb.stunServers }}' + JVB_TCP_HARVESTER_DISABLED: '1' + XMPP_SERVER: '{{ include "jitsi-meet.xmpp.server" . }}' + {{- range $key, $value := .Values.jvb.extraEnvs }} + {{- if not (kindIs "invalid" $value) }} + {{ $key }}: {{ tpl $value $ | quote }} + {{- end }} + {{- end }} + COLIBRI_REST_ENABLED: 'true' + {{- if .Values.jvb.websockets.enabled }} + ENABLE_COLIBRI_WEBSOCKET: 'true' + {{- else }} + ENABLE_COLIBRI_WEBSOCKET: 'false' + {{- end }} + {{- if .Values.octo.enabled }} + ENABLE_OCTO: "1" + JVB_OCTO_BIND_PORT: "4096" + JVB_OCTO_REGION: "all" + {{- end }} \ No newline at end of file diff --git a/charts/jitsi/templates/jvb/deployment.yaml b/charts/jitsi/templates/jvb/deployment.yaml new file mode 100644 index 000000000..7e41d96f1 --- /dev/null +++ b/charts/jitsi/templates/jvb/deployment.yaml @@ -0,0 +1,166 @@ +{{- $serverID := default "podIP" .Values.jvb.websockets.serverID }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "jitsi-meet.jvb.fullname" . }} + labels: + {{- include "jitsi-meet.jvb.labels" . | nindent 4 }} + {{- with .Values.jvb.annotations }} + annotations: + {{ toYaml . | nindent 4 }} + {{- end }} +spec: + replicas: {{ .Values.jvb.replicaCount }} + selector: + matchLabels: + {{- include "jitsi-meet.jvb.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "jitsi-meet.jvb.selectorLabels" . | nindent 8 }} + {{- range $label, $value := mergeOverwrite .Values.global.podLabels .Values.jvb.podLabels }} + {{ $label }}: {{ $value }} + {{- end }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/jvb/configmap.yaml") . | sha256sum }} + checksum/secret: {{ include (print $.Template.BasePath "/jvb/xmpp-secret.yaml") . | sha256sum }} + {{- if and .Values.jvb.metrics.enabled .Values.jvb.metrics.prometheusAnnotations }} + prometheus.io/port: "9888" + prometheus.io/scrape: "true" + {{- end }} + {{- range $annotation, $value := mergeOverwrite .Values.global.podAnnotations .Values.jvb.podAnnotations }} + {{ $annotation }}: {{ $value|quote }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "jitsi-meet.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.jvb.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.jvb.securityContext | nindent 12 }} + image: "{{ .Values.jvb.image.repository }}:{{ default .Chart.AppVersion .Values.jvb.image.tag }}" + imagePullPolicy: {{ pluck "pullPolicy" .Values.jvb.image .Values.image | first }} + envFrom: + - secretRef: + name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-jvb + - configMapRef: + name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-common + - configMapRef: + name: {{ include "jitsi-meet.jvb.fullname" . }} + env: + {{- if or .Values.jvb.useNodeIP .Values.jvb.publicIP }} + - name: DOCKER_HOST_ADDRESS + {{- if .Values.jvb.publicIP }} + value: {{ .Values.jvb.publicIP }} + {{- else }} + valueFrom: + fieldRef: + fieldPath: status.hostIP + {{- end }} + {{- end }} + {{- if .Values.jvb.websockets.enabled }} + - name: JVB_WS_SERVER_ID + {{- if eq $serverID "service" }} + value: {{ include "jitsi-meet.jvb.fullname" . }}.{{ .Release.Namespace }}.svc + {{- else if eq $serverID "podIP" }} + valueFrom: + fieldRef: + fieldPath: status.podIP + {{- else }} + value: {{ $serverID | quote }} + {{- end }} + {{- end }} + {{- if .Values.octo.enabled }} + - name: JVB_OCTO_BIND_ADDRESS + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: JVB_OCTO_PUBLIC_ADDRESS + valueFrom: + fieldRef: + fieldPath: status.podIP + {{- end }} + ports: + - name: rtp-udp + containerPort: {{ .Values.jvb.UDPPort }} + {{- if .Values.jvb.useHostPort }} + hostPort: {{ .Values.jvb.UDPPort }} + {{- end }} + protocol: UDP + {{- if .Values.jvb.websockets.enabled }} + - name: colibri-ws-tcp + containerPort: 9090 + protocol: TCP + {{- end }} + {{- with .Values.jvb.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.jvb.readinessProbe }} + readinessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + resources: + {{- toYaml .Values.jvb.resources | nindent 12 }} + {{- with .Values.jvb.extraVolumeMounts }} + volumeMounts: + {{- toYaml . | nindent 10 }} + {{- end }} + + {{- if .Values.jvb.metrics.enabled }} + - name: metrics + image: {{ .Values.jvb.metrics.image.repository }}:{{ .Values.jvb.metrics.image.tag }} + imagePullPolicy: {{ .Values.jvb.metrics.image.pullPolicy }} + securityContext: + runAsUser: 10001 + command: + - /prometheus-jitsi-meet-exporter + - -videobridge-url + - http://localhost:8080/colibri/stats + ports: + - containerPort: 9888 + name: tcp-metrics + protocol: TCP + readinessProbe: + httpGet: + path: /health + port: 9888 + initialDelaySeconds: 3 + periodSeconds: 5 + resources: + {{- toYaml .Values.jvb.metrics.resources | nindent 12 }} + {{- end }} + + {{- with .Values.jvb.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if or .Values.jvb.useHostPort .Values.jvb.affinity }} + affinity: + {{- if .Values.jvb.affinity }} + {{- toYaml .Values.jvb.affinity | nindent 8 }} + {{- else }} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app.kubernetes.io/component + operator: In + values: + - jvb + topologyKey: "kubernetes.io/hostname" + {{- end }} + {{- end }} + {{- with .Values.jvb.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.jvb.extraVolumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/jitsi/templates/jvb/metrics-prometheus.yaml b/charts/jitsi/templates/jvb/metrics-prometheus.yaml new file mode 100644 index 000000000..5c36c2a91 --- /dev/null +++ b/charts/jitsi/templates/jvb/metrics-prometheus.yaml @@ -0,0 +1,27 @@ +{{- if and (.Values.jvb.metrics.enabled) (.Values.jvb.metrics.serviceMonitor.enabled) }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "jitsi-meet.jvb.fullname" . }} + labels: + {{- include "jitsi-meet.jvb.labels" . | nindent 4 }} + {{- range $key, $value := .Values.jvb.metrics.serviceMonitor.selector }} + {{ $key }}: {{ $value | quote }} + {{- end }} +spec: + endpoints: + - port: tcp-metrics + path: /metrics + {{- if .Values.jvb.metrics.serviceMonitor.honorLabels }} + honorLabels: {{ .Values.jvb.metrics.serviceMonitor.honorLabels }} + {{- end }} + {{- if .Values.jvb.metrics.serviceMonitor.interval }} + interval: {{ .Values.jvb.metrics.serviceMonitor.interval }} + {{- end }} + selector: + matchLabels: + {{- include "jitsi-meet.jvb.labels" . | nindent 6 }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + {{- end -}} diff --git a/charts/jitsi/templates/jvb/metrics-service.yaml b/charts/jitsi/templates/jvb/metrics-service.yaml new file mode 100644 index 000000000..c83215512 --- /dev/null +++ b/charts/jitsi/templates/jvb/metrics-service.yaml @@ -0,0 +1,16 @@ +{{- if .Values.jvb.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "jitsi-meet.jvb.fullname" . }}-metrics + labels: + {{- include "jitsi-meet.jvb.labels" . | nindent 4 }} +spec: + type: ClusterIP + ports: + - port: 9888 + protocol: TCP + name: tcp-metrics + selector: + {{- include "jitsi-meet.jvb.selectorLabels" . | nindent 4 }} + {{- end }} diff --git a/charts/jitsi/templates/jvb/service.yaml b/charts/jitsi/templates/jvb/service.yaml new file mode 100644 index 000000000..b293a256a --- /dev/null +++ b/charts/jitsi/templates/jvb/service.yaml @@ -0,0 +1,32 @@ +{{- if or (and (kindIs "invalid" .Values.jvb.service.enabled) (not .Values.jvb.useHostPort)) .Values.jvb.service.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "jitsi-meet.jvb.fullname" . }} + annotations: + {{- range $key, $value := .Values.jvb.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + labels: + {{- include "jitsi-meet.jvb.labels" . | nindent 4 }} +spec: + type: {{ .Values.jvb.service.type }} + {{- with .Values.jvb.service.LoadbalancerIP }} + loadBalancerIP: {{ . }} + {{- end }} + ports: + - port: {{ default 10000 .Values.jvb.UDPPort }} + protocol: UDP + name: rtp-udp + {{- if .Values.jvb.websockets.enabled }} + - port: 9090 + protocol: TCP + name: colibri-ws-tcp + {{- end }} + {{- with .Values.jvb.service.externalIPs }} + externalIPs: + {{ toYaml . | indent 2 | trim }} + {{- end }} + selector: + {{- include "jitsi-meet.jvb.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/jitsi/templates/jvb/xmpp-secret.yaml b/charts/jitsi/templates/jvb/xmpp-secret.yaml new file mode 100644 index 000000000..4e0a7a465 --- /dev/null +++ b/charts/jitsi/templates/jvb/xmpp-secret.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-jvb + labels: + {{- include "jitsi-meet.jvb.labels" . | nindent 4 }} +type: Opaque +data: + JVB_AUTH_USER: '{{ .Values.jvb.xmpp.user | b64enc }}' + JVB_AUTH_PASSWORD: '{{ default (randAlphaNum 10) .Values.jvb.xmpp.password | b64enc }}' diff --git a/charts/jitsi/templates/serviceaccount.yaml b/charts/jitsi/templates/serviceaccount.yaml new file mode 100644 index 000000000..d0b57df90 --- /dev/null +++ b/charts/jitsi/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "jitsi-meet.serviceAccountName" . }} + labels: + {{- include "jitsi-meet.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end -}} diff --git a/charts/jitsi/templates/tests/test-connection.yaml b/charts/jitsi/templates/tests/test-connection.yaml new file mode 100644 index 000000000..9f523baaf --- /dev/null +++ b/charts/jitsi/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "jitsi-meet.web.fullname" . }}-test-connection" + labels: + {{- include "jitsi-meet.web.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test-success +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "jitsi-meet.web.fullname" . }}:{{ .Values.web.service.port }}'] + restartPolicy: Never diff --git a/charts/jitsi/templates/web/_helper.tpl b/charts/jitsi/templates/web/_helper.tpl new file mode 100644 index 000000000..18b1f09ac --- /dev/null +++ b/charts/jitsi/templates/web/_helper.tpl @@ -0,0 +1,15 @@ + +{{- define "jitsi-meet.web.fullname" -}} +{{ include "jitsi-meet.fullname" . }}-web +{{- end -}} + +{{- define "jitsi-meet.web.labels" -}} +{{ include "jitsi-meet.labels" . }} +app.kubernetes.io/component: web +{{- end -}} + +{{- define "jitsi-meet.web.selectorLabels" -}} +{{ include "jitsi-meet.selectorLabels" . }} +app.kubernetes.io/component: web +{{- end -}} + diff --git a/charts/jitsi/templates/web/configmap.yaml b/charts/jitsi/templates/web/configmap.yaml new file mode 100644 index 000000000..718a134ea --- /dev/null +++ b/charts/jitsi/templates/web/configmap.yaml @@ -0,0 +1,24 @@ +{{- $serverID := default "podIP" .Values.jvb.websockets.serverID }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "jitsi-meet.web.fullname" . }} + labels: + {{- include "jitsi-meet.web.labels" . | nindent 4 }} +data: + DISABLE_HTTPS: {{ ternary "0" "1" .Values.web.httpsEnabled | quote }} + ENABLE_HTTP_REDIRECT: {{ ternary "1" "0" .Values.web.httpRedirect | quote }} + JICOFO_AUTH_USER: '{{ .Values.jicofo.xmpp.user }}' + XMPP_BOSH_URL_BASE: 'http://{{ include "jitsi-meet.xmpp.server" . }}:{{ index .Values.prosody.service.ports "bosh-insecure" }}' + {{- if and .Values.jvb.websockets.enabled (eq $serverID "service") }} + NGINX_RESOLVER: {{ required "(web.resolverIP) Please set an IP address of your KubeDNS service!" .Values.web.resolverIP }} + {{- end }} + {{- if .Values.jibri.enabled }} + ENABLE_RECORDING: "true" + ENABLE_FILE_RECORDING_SERVICE_SHARING: "true" + {{- end }} + {{- range $key, $value := .Values.web.extraEnvs }} + {{- if not (kindIs "invalid" $value) }} + {{ $key }}: {{ tpl $value $ | quote }} + {{- end }} + {{- end }} diff --git a/charts/jitsi/templates/web/deployment.yaml b/charts/jitsi/templates/web/deployment.yaml new file mode 100644 index 000000000..2b9c4ae1a --- /dev/null +++ b/charts/jitsi/templates/web/deployment.yaml @@ -0,0 +1,84 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "jitsi-meet.web.fullname" . }} + labels: + {{- include "jitsi-meet.web.labels" . | nindent 4 }} + {{- with .Values.web.annotations }} + annotations: + {{ toYaml . | nindent 4 }} + {{- end }} +spec: + replicas: {{ .Values.web.replicaCount }} + selector: + matchLabels: + {{- include "jitsi-meet.web.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "jitsi-meet.web.selectorLabels" . | nindent 8 }} + {{- range $label, $value := mergeOverwrite .Values.global.podLabels .Values.web.podLabels }} + {{ $label }}: {{ $value }} + {{- end }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/web/configmap.yaml") . | sha256sum }} + {{- range $annotation, $value := mergeOverwrite .Values.global.podAnnotations .Values.web.podAnnotations }} + {{ $annotation }}: {{ $value|quote }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "jitsi-meet.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.web.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.web.securityContext | nindent 12 }} + image: "{{ .Values.web.image.repository }}:{{ default .Chart.AppVersion .Values.web.image.tag }}" + imagePullPolicy: {{ pluck "pullPolicy" .Values.web.image .Values.image | first }} + envFrom: + - configMapRef: + name: {{ include "jitsi-meet.web.fullname" . }} + - configMapRef: + name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-common + ports: + - name: http + containerPort: 80 + protocol: TCP + - name: https + containerPort: 443 + protocol: TCP + {{- with .Values.web.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.web.readinessProbe }} + readinessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + resources: + {{- toYaml .Values.web.resources | nindent 12 }} + {{- with .Values.web.extraVolumeMounts }} + volumeMounts: + {{- toYaml . | nindent 10 }} + {{- end }} + + {{- with .Values.web.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.web.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.web.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.web.extraVolumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/jitsi/templates/web/service.yaml b/charts/jitsi/templates/web/service.yaml new file mode 100644 index 000000000..bf890a64f --- /dev/null +++ b/charts/jitsi/templates/web/service.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "jitsi-meet.web.fullname" . }} + labels: + {{- include "jitsi-meet.web.labels" . | nindent 4 }} +spec: + type: {{ .Values.web.service.type }} + ports: + - port: {{ .Values.web.service.port }} + protocol: TCP + name: http + {{- with .Values.web.service.externalIPs }} + externalIPs: + {{ toYaml . | indent 2 | trim }} + {{- end }} + selector: + {{- include "jitsi-meet.web.selectorLabels" . | nindent 4 }} diff --git a/charts/jitsi/values.yaml b/charts/jitsi/values.yaml new file mode 100644 index 000000000..a5b8eb765 --- /dev/null +++ b/charts/jitsi/values.yaml @@ -0,0 +1,289 @@ +# Default values for jitsi-meet. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +global: + podLabels: {} + podAnnotations: {} +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +# Set to 'true' to enable internal Authentication via prosody +enableAuth: false + +enableGuests: true +publicURL: "" + +tz: Europe/Amsterdam + +image: + pullPolicy: IfNotPresent + +web: + replicaCount: 1 + image: + repository: jitsi/web + + extraEnvs: {} + service: + type: ClusterIP + port: 80 + externalIPs: [] + + ingress: + # Set to true to enable ingress for web service + enabled: false + annotations: + cert-manager.io/cluster-issuer: letsencrypt + hosts: + - host: jitsi.k8s.gradiant.org + paths: ['/'] + tls: + - secretName: jitsi.k8s.gradiant.org-tls + hosts: + - jitsi.k8s.gradiant.org + + # Useful for ingresses that don't support http-to-https redirect by themself, (namely: GKE), + httpRedirect: false + + # When tls-termination by the ingress is not wanted, enable this and set web.service.type=Loadbalancer + httpsEnabled: false + + ## Resolver IP for nginx. + ## Set this to ClusterIP of your `kube-dns` service + ## when using websockets and discovering JVB's address + ## via k8s services. + # resolverIP: 10.43.0.10 + + livenessProbe: + httpGet: + path: / + port: 80 + readinessProbe: + httpGet: + path: / + port: 80 + + podLabels: {} + podAnnotations: {} + podSecurityContext: {} + # fsGroup: 2000 + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + nodeSelector: {} + + tolerations: [] + + affinity: {} + +jicofo: + replicaCount: 1 + image: + repository: jitsi/jicofo + + xmpp: + user: focus + password: + componentSecret: + + livenessProbe: + tcpSocket: + port: 8888 + readinessProbe: + tcpSocket: + port: 8888 + + podLabels: {} + podAnnotations: {} + podSecurityContext: {} + securityContext: {} + resources: {} + nodeSelector: {} + tolerations: [] + affinity: {} + extraEnvs: {} + +jvb: + # Change publicIP to the external IP allocated for this LoadBalancer service and redeploy + publicIP: 1.2.3.4 + replicaCount: 1 + image: + repository: jitsi/jvb + + xmpp: + user: jvb + password: + + stunServers: 'meet-jit-si-turnrelay.jitsi.net:443' + useHostPort: false + UDPPort: 30000 + service: + enabled: + type: LoadBalancer + externalIPs: [] + annotations: {} + + breweryMuc: jvbbrewery + + livenessProbe: + httpGet: + path: /about/health + port: 8080 + readinessProbe: + httpGet: + path: /about/health + port: 8080 + + podLabels: {} + podAnnotations: {} + podSecurityContext: {} + securityContext: {} + resources: {} + nodeSelector: {} + tolerations: [] + affinity: {} + extraEnvs: {} + + websockets: + ## Set to 'true' to enable Colibri WebSocket support in JVB: + enabled: false + ## Uncomment this to set JVB server ID manually, + ## Or use one of pre-defined values: + ## * "podIP" will fetch JVB pod's IP address from K8s metadata; + ## * "service" will use JVB service name generated by Helm. + ## + ## Don't forget to set `web.resolverIP` to your cluster's + ## DNS service IP when setting this to "service"! + ## + ## (default is "podIP") + # serverID: podIP + + metrics: + enabled: false + prometheusAnnotations: false + image: + repository: docker.io/systemli/prometheus-jitsi-meet-exporter + tag: 1.1.9 + pullPolicy: IfNotPresent + serviceMonitor: + enabled: true + selector: + release: prometheus-operator + interval: 10s + # honorLabels: false + resources: + requests: + cpu: 10m + memory: 16Mi + limits: + cpu: 20m + memory: 32Mi + +octo: + enabled: false + + +jibri: + ## Enabling Jibri will allow users to record + ## and/or stream their meetings (e.g. to YouTube). + enabled: false + + ## Enable persistent storage for local recordings. + ## If disabled, jibri pod will use a transient + ## emptyDir-backed storage instead. + persistence: + enabled: false + size: 4Gi + ## Set this to existing PVC name if you have one. + existingClaim: + storageClassName: + + shm: + ## Set to true to enable "/dev/shm" mount. + ## May be required by built-in Chromium. + enabled: false + ## If "true", will use host's shared memory dir, + ## and if "false" — an emptyDir mount. + # useHost: false + # size: 256Mi + + image: + repository: jitsi/jibri + + breweryMuc: jibribrewery + timeout: 90 + + ## jibri XMPP user credentials: + xmpp: + user: jibri + password: + + ## recorder XMPP user credentials: + recorder: + user: recorder + password: + + livenessProbe: + exec: + command: ["pgrep", "java"] + + readinessProbe: + exec: + command: ["pgrep", "java"] + + extraEnvs: {} + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: + +xmpp: + domain: meet.jitsi + authDomain: + mucDomain: + internalMucDomain: + guestDomain: + +extraCommonEnvs: {} + +prosody: + enabled: true + server: + extraEnvFrom: + - secretRef: + name: '{{ include "prosody.fullname" . }}-jicofo' + - secretRef: + name: '{{ include "prosody.fullname" . }}-jvb' + - configMapRef: + name: '{{ include "prosody.fullname" . }}-common' + ## Uncomment this if you want to use jibri: + # - secretRef: + # name: '{{ include "prosody.fullname" . }}-jibri' + image: + repository: jitsi/prosody + tag: 'stable-6865' From 74ac0b6e28a808a63667d689390f59bcba48fcdd Mon Sep 17 00:00:00 2001 From: mmarquez999 Date: Wed, 13 Jul 2022 16:14:07 +0200 Subject: [PATCH 2/5] Our First Jitsi Chart --- charts/jitsi/Chart.yaml | 2 +- charts/jitsi/values.yaml | 9 ++++----- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/charts/jitsi/Chart.yaml b/charts/jitsi/Chart.yaml index 367848d1c..cf1898702 100644 --- a/charts/jitsi/Chart.yaml +++ b/charts/jitsi/Chart.yaml @@ -7,7 +7,7 @@ sources: - https://github.com/jitsi-contrib/jitsi-helm maintainers: - email: mmarquez@gradiant.org - name: mmarquez + name: mmarquez999 name: jitsi version: 0.0.1 keywords: diff --git a/charts/jitsi/values.yaml b/charts/jitsi/values.yaml index a5b8eb765..ddcb237ba 100644 --- a/charts/jitsi/values.yaml +++ b/charts/jitsi/values.yaml @@ -40,9 +40,9 @@ web: - host: jitsi.k8s.gradiant.org paths: ['/'] tls: - - secretName: jitsi.k8s.gradiant.org-tls - hosts: - - jitsi.k8s.gradiant.org + - secretName: jitsi.k8s.gradiant.org-tls + hosts: + - jitsi.k8s.gradiant.org # Useful for ingresses that don't support http-to-https redirect by themself, (namely: GKE), httpRedirect: false @@ -198,11 +198,10 @@ jvb: limits: cpu: 20m memory: 32Mi - + octo: enabled: false - jibri: ## Enabling Jibri will allow users to record ## and/or stream their meetings (e.g. to YouTube). From 458c37ef5b00e4f3447e0748eb9a49c93c372bf2 Mon Sep 17 00:00:00 2001 From: mmarquez999 Date: Fri, 15 Jul 2022 11:05:23 +0200 Subject: [PATCH 3/5] Splitted UDPPort into UDPPort and NodePort values --- charts/jitsi/templates/jvb/service.yaml | 3 +++ charts/jitsi/values.yaml | 10 +++++++--- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/charts/jitsi/templates/jvb/service.yaml b/charts/jitsi/templates/jvb/service.yaml index b293a256a..09d4fdc35 100644 --- a/charts/jitsi/templates/jvb/service.yaml +++ b/charts/jitsi/templates/jvb/service.yaml @@ -16,6 +16,9 @@ spec: {{- end }} ports: - port: {{ default 10000 .Values.jvb.UDPPort }} + {{- if or (eq .Values.jvb.service.type "NodePort") (eq .Values.jvb.service.type "LoadBalancer") }} + nodePort: {{ .Values.jvb.NodePort }} + {{- end }} protocol: UDP name: rtp-udp {{- if .Values.jvb.websockets.enabled }} diff --git a/charts/jitsi/values.yaml b/charts/jitsi/values.yaml index ddcb237ba..24fef87e0 100644 --- a/charts/jitsi/values.yaml +++ b/charts/jitsi/values.yaml @@ -124,8 +124,6 @@ jicofo: extraEnvs: {} jvb: - # Change publicIP to the external IP allocated for this LoadBalancer service and redeploy - publicIP: 1.2.3.4 replicaCount: 1 image: repository: jitsi/jvb @@ -136,7 +134,13 @@ jvb: stunServers: 'meet-jit-si-turnrelay.jitsi.net:443' useHostPort: false - UDPPort: 30000 + UDPPort: 10000 + ## nodePort used if service type is set to 'LoadBalancer' or 'NodePort'. + ## It will be automatically allocated if it is left with default value + NodePort: 0 + ## Set publicIP for JVB so it can be reachable by all participants, if needed. + ## Change publicIP to the external IP allocated for this LoadBalancer service and redeploy + publicIP: nil service: enabled: type: LoadBalancer From c3868ecd316daba3d5b2a5721958ad44eda13df6 Mon Sep 17 00:00:00 2001 From: mmarquez999 Date: Fri, 15 Jul 2022 11:12:23 +0200 Subject: [PATCH 4/5] Added version bump --- charts/jitsi/Chart.yaml | 2 +- charts/jitsi/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/jitsi/Chart.yaml b/charts/jitsi/Chart.yaml index cf1898702..83b6e2045 100644 --- a/charts/jitsi/Chart.yaml +++ b/charts/jitsi/Chart.yaml @@ -9,7 +9,7 @@ maintainers: - email: mmarquez@gradiant.org name: mmarquez999 name: jitsi -version: 0.0.1 +version: 0.0.2 keywords: - apps - k8s diff --git a/charts/jitsi/values.yaml b/charts/jitsi/values.yaml index 24fef87e0..7c78926c6 100644 --- a/charts/jitsi/values.yaml +++ b/charts/jitsi/values.yaml @@ -135,7 +135,7 @@ jvb: stunServers: 'meet-jit-si-turnrelay.jitsi.net:443' useHostPort: false UDPPort: 10000 - ## nodePort used if service type is set to 'LoadBalancer' or 'NodePort'. + ## nodePort used if service type is set to 'LoadBalancer' or 'NodePort'. ## It will be automatically allocated if it is left with default value NodePort: 0 ## Set publicIP for JVB so it can be reachable by all participants, if needed. From 4bf0b4944ed770d107a93fb33b296fb8a92a7bd4 Mon Sep 17 00:00:00 2001 From: mmarquez999 Date: Fri, 15 Jul 2022 12:00:06 +0200 Subject: [PATCH 5/5] Changed NodePort to nodePort value --- charts/jitsi/templates/jvb/service.yaml | 2 +- charts/jitsi/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/jitsi/templates/jvb/service.yaml b/charts/jitsi/templates/jvb/service.yaml index 09d4fdc35..c35a3db7f 100644 --- a/charts/jitsi/templates/jvb/service.yaml +++ b/charts/jitsi/templates/jvb/service.yaml @@ -17,7 +17,7 @@ spec: ports: - port: {{ default 10000 .Values.jvb.UDPPort }} {{- if or (eq .Values.jvb.service.type "NodePort") (eq .Values.jvb.service.type "LoadBalancer") }} - nodePort: {{ .Values.jvb.NodePort }} + nodePort: {{ .Values.jvb.nodePort }} {{- end }} protocol: UDP name: rtp-udp diff --git a/charts/jitsi/values.yaml b/charts/jitsi/values.yaml index 7c78926c6..043450749 100644 --- a/charts/jitsi/values.yaml +++ b/charts/jitsi/values.yaml @@ -137,7 +137,7 @@ jvb: UDPPort: 10000 ## nodePort used if service type is set to 'LoadBalancer' or 'NodePort'. ## It will be automatically allocated if it is left with default value - NodePort: 0 + nodePort: 0 ## Set publicIP for JVB so it can be reachable by all participants, if needed. ## Change publicIP to the external IP allocated for this LoadBalancer service and redeploy publicIP: nil