From b81bd5cd98d56684cf31b9d8a7f796760a455dfb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sa=C3=BAl=20Ibarra=20Corretg=C3=A9?= Date: Tue, 2 May 2023 09:47:42 +0200 Subject: [PATCH 01/28] misc: working on unstable --- docker-compose.yml | 8 ++++---- jibri.yml | 2 +- jigasi.yml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 2a30e92a91..1acaa54884 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.5' services: # Frontend web: - image: jitsi/web:${JITSI_IMAGE_VERSION:-stable-8615} + image: jitsi/web:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${HTTP_PORT}:80' @@ -157,7 +157,7 @@ services: # XMPP server prosody: - image: jitsi/prosody:${JITSI_IMAGE_VERSION:-stable-8615} + image: jitsi/prosody:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} expose: - '${XMPP_PORT:-5222}' @@ -259,7 +259,7 @@ services: # Focus component jicofo: - image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable-8615} + image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} ports: - '127.0.0.1:8888:8888' @@ -325,7 +325,7 @@ services: # Video bridge jvb: - image: jitsi/jvb:${JITSI_IMAGE_VERSION:-stable-8615} + image: jitsi/jvb:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp' diff --git a/jibri.yml b/jibri.yml index d59af23144..9eb9a79a22 100644 --- a/jibri.yml +++ b/jibri.yml @@ -2,7 +2,7 @@ version: '3.5' services: jibri: - image: jitsi/jibri:${JITSI_IMAGE_VERSION:-stable-8615} + image: jitsi/jibri:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} volumes: - ${CONFIG}/jibri:/config:Z diff --git a/jigasi.yml b/jigasi.yml index 38f63f79e8..dbbbcbe113 100644 --- a/jigasi.yml +++ b/jigasi.yml @@ -3,7 +3,7 @@ version: '3.5' services: # SIP gateway (audio) jigasi: - image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-stable-8615} + image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${JIGASI_PORT_MIN:-20000}-${JIGASI_PORT_MAX:-20050}:${JIGASI_PORT_MIN:-20000}-${JIGASI_PORT_MAX:-20050}/udp' From 809f63c2d8fc6ab723997d1b5b8d777eb112e402 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sa=C3=BAl=20Ibarra=20Corretg=C3=A9?= Date: Mon, 8 May 2023 13:41:33 +0200 Subject: [PATCH 02/28] compose: add ability to configure the Jicofo REST port in the host Fixes: https://github.com/jitsi/docker-jitsi-meet/issues/1546 --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 1acaa54884..6c7bd592b9 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -262,7 +262,7 @@ services: image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} ports: - - '127.0.0.1:8888:8888' + - '127.0.0.1:${JICOFO_REST_PORT:-8888}:8888' volumes: - ${CONFIG}/jicofo:/config:Z environment: From e4c8c2a963f0267ff07a6e2a2df038d456f8e171 Mon Sep 17 00:00:00 2001 From: Aaron van Meerten Date: Tue, 16 May 2023 12:35:24 -0500 Subject: [PATCH 03/28] jibri: pre-warm chrome first before starting jibri (#1549) --- jibri/rootfs/etc/services.d/40-jibri/run | 2 ++ 1 file changed, 2 insertions(+) diff --git a/jibri/rootfs/etc/services.d/40-jibri/run b/jibri/rootfs/etc/services.d/40-jibri/run index 5240da2920..f62ce24d34 100644 --- a/jibri/rootfs/etc/services.d/40-jibri/run +++ b/jibri/rootfs/etc/services.d/40-jibri/run @@ -4,5 +4,7 @@ HOME=/home/jibri DAEMON=/opt/jitsi/jibri/launch.sh +# pre-warm google chrome before jibri launches to ensure fast chrome launch during recordings +s6-setuidgid jibri /usr/bin/google-chrome --timeout=1000 --headless about:blank exec s6-setuidgid jibri /bin/bash -c "exec $DAEMON" From c2f01f336fe6037e986611686b6fd94055c418a3 Mon Sep 17 00:00:00 2001 From: emrah Date: Mon, 22 May 2023 18:53:21 +0300 Subject: [PATCH 04/28] web: update livestreaming settings according to new config.js --- docker-compose.yml | 4 ++++ web/rootfs/defaults/settings-config.js | 25 +++++++++++++++++-------- 2 files changed, 21 insertions(+), 8 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 6c7bd592b9..e71a955d13 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -74,6 +74,10 @@ services: - ENABLE_WELCOME_PAGE - ENABLE_CLOSE_PAGE - ENABLE_LIVESTREAMING + - ENABLE_LIVESTREAMING_DATA_PRIVACY_LINK + - ENABLE_LIVESTREAMING_HELP_LINK + - ENABLE_LIVESTREAMING_TERMS_LINK + - ENABLE_LIVESTREAMING_VALIDATOR_REGEXP_STRING - ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT - ENABLE_LOCAL_RECORDING_SELF_START - ENABLE_RECORDING diff --git a/web/rootfs/defaults/settings-config.js b/web/rootfs/defaults/settings-config.js index 62d3dfbb1c..5151b84978 100644 --- a/web/rootfs/defaults/settings-config.js +++ b/web/rootfs/defaults/settings-config.js @@ -13,6 +13,10 @@ {{ $ENABLE_RECORDING := .Env.ENABLE_RECORDING | default "false" | toBool -}} {{ $ENABLE_SERVICE_RECORDING := .Env.ENABLE_SERVICE_RECORDING | default ($ENABLE_RECORDING | printf "%t") | toBool -}} {{ $ENABLE_LIVESTREAMING := .Env.ENABLE_LIVESTREAMING | default "false" | toBool -}} +{{ $ENABLE_LIVESTREAMING_DATA_PRIVACY_LINK := .Env.ENABLE_LIVESTREAMING_DATA_PRIVACY_LINK | default "https://policies.google.com/privacy" -}} +{{ $ENABLE_LIVESTREAMING_HELP_LINK := .Env.ENABLE_LIVESTREAMING_HELP_LINK | default "https://jitsi.org/live" -}} +{{ $ENABLE_LIVESTREAMING_TERMS_LINK := .Env.ENABLE_LIVESTREAMING_TERMS_LINK | default "https://www.youtube.com/t/terms" -}} +{{ $ENABLE_LIVESTREAMING_VALIDATOR_REGEXP_STRING := .Env.ENABLE_LIVESTREAMING_VALIDATOR_REGEXP_STRING | default "^(?:[a-zA-Z0-9]{4}(?:-(?!$)|$)){4}" -}} {{ $ENABLE_REMB := .Env.ENABLE_REMB | default "true" | toBool -}} {{ $ENABLE_REQUIRE_DISPLAY_NAME := .Env.ENABLE_REQUIRE_DISPLAY_NAME | default "false" | toBool -}} {{ $ENABLE_SIMULCAST := .Env.ENABLE_SIMULCAST | default "true" | toBool -}} @@ -153,8 +157,18 @@ if (!config.hasOwnProperty('recordingService')) config.recordingService = {}; // Whether to enable file recording or not using the "service" defined by the finalizer in Jibri config.recordingService.enabled = {{ $ENABLE_SERVICE_RECORDING }}; -// Whether to enable live streaming or not. -config.liveStreamingEnabled = {{ $ENABLE_LIVESTREAMING }}; +// Whether to show the possibility to share file recording with other people +// (e.g. meeting participants), based on the actual implementation +// on the backend. +config.recordingService.sharingEnabled = {{ $ENABLE_FILE_RECORDING_SHARING }}; + +// Live streaming configuration. +if (!config.hasOwnProperty('liveStreaming')) config.liveStreaming = {}; +config.liveStreaming.enabled = {{ $ENABLE_LIVESTREAMING }}; +config.liveStreaming.dataPrivacyLink= '{{ $ENABLE_LIVESTREAMING_DATA_PRIVACY_LINK }}'; +config.liveStreaming.helpLink= '{{ $ENABLE_LIVESTREAMING_HELP_LINK }}'; +config.liveStreaming.termsLink= '{{ $ENABLE_LIVESTREAMING_TERMS_LINK }}'; +config.liveStreaming.validatorRegExpString= '{{ $ENABLE_LIVESTREAMING_VALIDATOR_REGEXP_STRING }}'; {{ if .Env.DROPBOX_APPKEY -}} // Enable the dropbox integration. @@ -167,11 +181,6 @@ config.dropbox.appKey = '{{ .Env.DROPBOX_APPKEY }}'; config.dropbox.redirectURI = '{{ .Env.DROPBOX_REDIRECT_URI }}'; {{ end -}} {{ end -}} - -// Whether to show the possibility to share file recording with other people -// (e.g. meeting participants), based on the actual implementation -// on the backend. -config.recordingService.sharingEnabled = {{ $ENABLE_FILE_RECORDING_SHARING }}; {{ end -}} @@ -468,4 +477,4 @@ config.e2eping.maxMessagePerSecond = {{ .Env.E2EPING_MAX_MESSAGE_PER_SECOND }}; // Settings for the Excalidraw whiteboard integration. if (!config.hasOwnProperty('whiteboard')) config.whiteboard = {}; config.whiteboard.enabled = {{ $WHITEBOARD_ENABLED }}; -config.whiteboard.collabServerBaseUrl = '{{ $WHITEBOARD_COLLAB_SERVER_PUBLIC_URL }}'; \ No newline at end of file +config.whiteboard.collabServerBaseUrl = '{{ $WHITEBOARD_COLLAB_SERVER_PUBLIC_URL }}'; From ce59d1ed5d2878bc7ff3367e77508dec861391da Mon Sep 17 00:00:00 2001 From: Aaron van Meerten Date: Tue, 23 May 2023 13:19:18 -0500 Subject: [PATCH 05/28] jibri: upgrade chrome to 113 (#1555) --- jibri/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/jibri/Dockerfile b/jibri/Dockerfile index 498a2d0da2..8924c60acb 100644 --- a/jibri/Dockerfile +++ b/jibri/Dockerfile @@ -12,8 +12,8 @@ ARG TARGETPLATFORM ARG USE_CHROMIUM=0 #ARG CHROME_RELEASE=latest #ARG CHROMEDRIVER_MAJOR_RELEASE=latest -ARG CHROME_RELEASE=112.0.5615.49 -ARG CHROMEDRIVER_MAJOR_RELEASE=112 +ARG CHROME_RELEASE=113.0.5672.126 +ARG CHROMEDRIVER_MAJOR_RELEASE=113 COPY rootfs/ / From 9776714d0584354c5ae1474de8c2377fca4d79b5 Mon Sep 17 00:00:00 2001 From: emrah Date: Thu, 1 Jun 2023 22:35:18 +0300 Subject: [PATCH 06/28] prosody: allow multiple TURN (#1559) --- .../rootfs/defaults/conf.d/jitsi-meet.cfg.lua | 96 ++++++++++--------- 1 file changed, 52 insertions(+), 44 deletions(-) diff --git a/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua b/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua index 603f9ecd46..54887b8861 100644 --- a/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua +++ b/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua @@ -1,48 +1,52 @@ -{{ $ENABLE_AUTH := .Env.ENABLE_AUTH | default "0" | toBool }} +{{ $ENABLE_AUTH := .Env.ENABLE_AUTH | default "0" | toBool -}} {{ $ENABLE_GUEST_DOMAIN := and $ENABLE_AUTH (.Env.ENABLE_GUESTS | default "0" | toBool)}} -{{ $ENABLE_RECORDING := .Env.ENABLE_RECORDING | default "0" | toBool }} -{{ $AUTH_TYPE := .Env.AUTH_TYPE | default "internal" }} +{{ $ENABLE_RECORDING := .Env.ENABLE_RECORDING | default "0" | toBool -}} +{{ $AUTH_TYPE := .Env.AUTH_TYPE | default "internal" -}} {{ $JIBRI_XMPP_USER := .Env.JIBRI_XMPP_USER | default "jibri" -}} {{ $JIGASI_XMPP_USER := .Env.JIGASI_XMPP_USER | default "jigasi" -}} {{ $JVB_AUTH_USER := .Env.JVB_AUTH_USER | default "jvb" -}} -{{ $JWT_ASAP_KEYSERVER := .Env.JWT_ASAP_KEYSERVER | default "" }} -{{ $JWT_ALLOW_EMPTY := .Env.JWT_ALLOW_EMPTY | default "0" | toBool }} -{{ $JWT_AUTH_TYPE := .Env.JWT_AUTH_TYPE | default "token" }} +{{ $JWT_ASAP_KEYSERVER := .Env.JWT_ASAP_KEYSERVER | default "" -}} +{{ $JWT_ALLOW_EMPTY := .Env.JWT_ALLOW_EMPTY | default "0" | toBool -}} +{{ $JWT_AUTH_TYPE := .Env.JWT_AUTH_TYPE | default "token" -}} {{ $JWT_ENABLE_DOMAIN_VERIFICATION := .Env.JWT_ENABLE_DOMAIN_VERIFICATION | default "false" | toBool -}} -{{ $MATRIX_UVS_ISSUER := .Env.MATRIX_UVS_ISSUER | default "issuer" }} -{{ $MATRIX_UVS_SYNC_POWER_LEVELS := .Env.MATRIX_UVS_SYNC_POWER_LEVELS | default "0" | toBool }} -{{ $JWT_TOKEN_AUTH_MODULE := .Env.JWT_TOKEN_AUTH_MODULE | default "token_verification" }} -{{ $ENABLE_LOBBY := .Env.ENABLE_LOBBY | default "true" | toBool }} -{{ $ENABLE_AV_MODERATION := .Env.ENABLE_AV_MODERATION | default "true" | toBool }} -{{ $ENABLE_BREAKOUT_ROOMS := .Env.ENABLE_BREAKOUT_ROOMS | default "true" | toBool }} -{{ $ENABLE_END_CONFERENCE := .Env.ENABLE_END_CONFERENCE | default "true" | toBool }} -{{ $ENABLE_XMPP_WEBSOCKET := .Env.ENABLE_XMPP_WEBSOCKET | default "1" | toBool }} -{{ $ENABLE_JAAS_COMPONENTS := .Env.ENABLE_JAAS_COMPONENTS | default "0" | toBool }} -{{ $ENABLE_RATE_LIMITS := .Env.PROSODY_ENABLE_RATE_LIMITS | default "0" | toBool }} +{{ $MATRIX_UVS_ISSUER := .Env.MATRIX_UVS_ISSUER | default "issuer" -}} +{{ $MATRIX_UVS_SYNC_POWER_LEVELS := .Env.MATRIX_UVS_SYNC_POWER_LEVELS | default "0" | toBool -}} +{{ $JWT_TOKEN_AUTH_MODULE := .Env.JWT_TOKEN_AUTH_MODULE | default "token_verification" -}} +{{ $ENABLE_LOBBY := .Env.ENABLE_LOBBY | default "true" | toBool -}} +{{ $ENABLE_AV_MODERATION := .Env.ENABLE_AV_MODERATION | default "true" | toBool -}} +{{ $ENABLE_BREAKOUT_ROOMS := .Env.ENABLE_BREAKOUT_ROOMS | default "true" | toBool -}} +{{ $ENABLE_END_CONFERENCE := .Env.ENABLE_END_CONFERENCE | default "true" | toBool -}} +{{ $ENABLE_XMPP_WEBSOCKET := .Env.ENABLE_XMPP_WEBSOCKET | default "1" | toBool -}} +{{ $ENABLE_JAAS_COMPONENTS := .Env.ENABLE_JAAS_COMPONENTS | default "0" | toBool -}} +{{ $ENABLE_RATE_LIMITS := .Env.PROSODY_ENABLE_RATE_LIMITS | default "0" | toBool -}} {{ $PUBLIC_URL := .Env.PUBLIC_URL | default "https://localhost:8443" -}} {{ $PUBLIC_URL_DOMAIN := $PUBLIC_URL | trimPrefix "https://" | trimSuffix "/" -}} -{{ $TURN_PORT := .Env.TURN_PORT | default "443" }} -{{ $TURNS_PORT := .Env.TURNS_PORT | default "443" }} +{{ $TURN_HOST := .Env.TURN_HOST | default "" -}} +{{ $TURN_HOSTS := splitList "," $TURN_HOST -}} +{{ $TURN_PORT := .Env.TURN_PORT | default "443" -}} {{ $TURN_TRANSPORT := .Env.TURN_TRANSPORT | default "tcp" -}} {{ $TURN_TRANSPORTS := splitList "," $TURN_TRANSPORT -}} +{{ $TURNS_HOST := .Env.TURNS_HOST | default "" -}} +{{ $TURNS_HOSTS := splitList "," $TURNS_HOST -}} +{{ $TURNS_PORT := .Env.TURNS_PORT | default "443" -}} {{ $XMPP_AUTH_DOMAIN := .Env.XMPP_AUTH_DOMAIN | default "auth.meet.jitsi" -}} {{ $XMPP_DOMAIN := .Env.XMPP_DOMAIN | default "meet.jitsi" -}} {{ $XMPP_GUEST_DOMAIN := .Env.XMPP_GUEST_DOMAIN | default "guest.meet.jitsi" -}} {{ $XMPP_INTERNAL_MUC_DOMAIN := .Env.XMPP_INTERNAL_MUC_DOMAIN | default "internal-muc.meet.jitsi" -}} {{ $XMPP_MUC_DOMAIN := .Env.XMPP_MUC_DOMAIN | default "muc.meet.jitsi" -}} -{{ $XMPP_MUC_DOMAIN_PREFIX := (split "." $XMPP_MUC_DOMAIN)._0 }} +{{ $XMPP_MUC_DOMAIN_PREFIX := (split "." $XMPP_MUC_DOMAIN)._0 -}} {{ $XMPP_RECORDER_DOMAIN := .Env.XMPP_RECORDER_DOMAIN | default "recorder.meet.jitsi" -}} {{ $JIBRI_RECORDER_USER := .Env.JIBRI_RECORDER_USER | default "recorder" -}} {{ $JIGASI_TRANSCRIBER_USER := .Env.JIGASI_TRANSCRIBER_USER | default "transcriber" -}} {{ $DISABLE_POLLS := .Env.DISABLE_POLLS | default "false" | toBool -}} {{ $ENABLE_SUBDOMAINS := .Env.ENABLE_SUBDOMAINS | default "true" | toBool -}} -{{ $PROSODY_RESERVATION_ENABLED := .Env.PROSODY_RESERVATION_ENABLED | default "false" | toBool }} -{{ $PROSODY_RESERVATION_REST_BASE_URL := .Env.PROSODY_RESERVATION_REST_BASE_URL | default "" }} -{{ $RATE_LIMIT_LOGIN_RATE := .Env.PROSODY_RATE_LIMIT_LOGIN_RATE | default "3" }} -{{ $RATE_LIMIT_SESSION_RATE := .Env.PROSODY_RATE_LIMIT_SESSION_RATE | default "200" }} -{{ $RATE_LIMIT_TIMEOUT := .Env.PROSODY_RATE_LIMIT_TIMEOUT | default "60" }} -{{ $RATE_LIMIT_ALLOW_RANGES := .Env.PROSODY_RATE_LIMIT_ALLOW_RANGES | default "10.0.0.0/8" }} -{{ $RATE_LIMIT_CACHE_SIZE := .Env.PROSODY_RATE_LIMIT_CACHE_SIZE | default "10000" }} +{{ $PROSODY_RESERVATION_ENABLED := .Env.PROSODY_RESERVATION_ENABLED | default "false" | toBool -}} +{{ $PROSODY_RESERVATION_REST_BASE_URL := .Env.PROSODY_RESERVATION_REST_BASE_URL | default "" -}} +{{ $RATE_LIMIT_LOGIN_RATE := .Env.PROSODY_RATE_LIMIT_LOGIN_RATE | default "3" -}} +{{ $RATE_LIMIT_SESSION_RATE := .Env.PROSODY_RATE_LIMIT_SESSION_RATE | default "200" -}} +{{ $RATE_LIMIT_TIMEOUT := .Env.PROSODY_RATE_LIMIT_TIMEOUT | default "60" -}} +{{ $RATE_LIMIT_ALLOW_RANGES := .Env.PROSODY_RATE_LIMIT_ALLOW_RANGES | default "10.0.0.0/8" -}} +{{ $RATE_LIMIT_CACHE_SIZE := .Env.PROSODY_RATE_LIMIT_CACHE_SIZE | default "10000" -}} {{ $ENV := .Env -}} admins = { @@ -70,28 +74,32 @@ muc_mapper_domain_prefix = "{{ $XMPP_MUC_DOMAIN_PREFIX }}"; http_default_host = "{{ $XMPP_DOMAIN }}" -{{ if .Env.TURN_CREDENTIALS }} +{{ if .Env.TURN_CREDENTIALS -}} external_service_secret = "{{.Env.TURN_CREDENTIALS}}"; -{{ end }} +{{- end }} -{{ if or .Env.TURN_HOST .Env.TURNS_HOST }} +{{ if or .Env.TURN_HOST .Env.TURNS_HOST -}} +{{- $comma := "" -}} external_services = { - {{ if .Env.TURN_HOST }} - {{ range $index, $transport := $TURN_TRANSPORTS }} - {{ if gt $index 0 }} - , - {{ end }} - { type = "turn", host = "{{ $ENV.TURN_HOST }}", port = {{ $TURN_PORT }}, transport = "{{ $transport }}", secret = true, ttl = 86400, algorithm = "turn" } - {{ end }} - {{ end }} - {{ if and .Env.TURN_HOST .Env.TURNS_HOST }} - , - {{ end }} - {{ if .Env.TURNS_HOST }} - { type = "turns", host = "{{ .Env.TURNS_HOST }}", port = {{ $TURNS_PORT }}, transport = "tcp", secret = true, ttl = 86400, algorithm = "turn" } - {{ end }} + {{ if $TURN_HOST -}} + {{- range $idx1, $host := $TURN_HOSTS -}} + {{- range $idx2, $transport := $TURN_TRANSPORTS -}} + {{- $comma }} + { type = "turn", host = "{{ $host }}", port = {{ $TURN_PORT }}, transport = "{{ $transport }}", secret = true, ttl = 86400, algorithm = "turn" } + {{- $comma = "," -}} + {{- end -}} + {{- end -}} + {{- end -}} + + {{- if $TURNS_HOST -}} + {{- range $idx, $host := $TURNS_HOSTS -}} + {{- $comma }} + { type = "turns", host = "{{ $host }}", port = {{ $TURNS_PORT }}, transport = "tcp", secret = true, ttl = 86400, algorithm = "turn" } + {{- $comma = "," -}} + {{- end }} + {{- end }} }; -{{ end }} +{{- end }} {{ if and $ENABLE_AUTH (eq $AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_ISSUERS }} asap_accepted_issuers = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_ISSUERS) }}" } From a41578c328a16b3ee831b00a41ec0f9bed75b773 Mon Sep 17 00:00:00 2001 From: emrah Date: Fri, 2 Jun 2023 15:00:40 +0300 Subject: [PATCH 07/28] prosody: update the comma logic while listing TURNs --- prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua b/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua index 54887b8861..117bf0e604 100644 --- a/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua +++ b/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua @@ -79,23 +79,20 @@ external_service_secret = "{{.Env.TURN_CREDENTIALS}}"; {{- end }} {{ if or .Env.TURN_HOST .Env.TURNS_HOST -}} -{{- $comma := "" -}} external_services = { {{ if $TURN_HOST -}} {{- range $idx1, $host := $TURN_HOSTS -}} {{- range $idx2, $transport := $TURN_TRANSPORTS -}} - {{- $comma }} + {{- if or $idx1 $idx2 -}},{{- end }} { type = "turn", host = "{{ $host }}", port = {{ $TURN_PORT }}, transport = "{{ $transport }}", secret = true, ttl = 86400, algorithm = "turn" } - {{- $comma = "," -}} {{- end -}} {{- end -}} {{- end -}} {{- if $TURNS_HOST -}} {{- range $idx, $host := $TURNS_HOSTS -}} - {{- $comma }} + {{- if or $TURN_HOST $idx -}},{{- end }} { type = "turns", host = "{{ $host }}", port = {{ $TURNS_PORT }}, transport = "tcp", secret = true, ttl = 86400, algorithm = "turn" } - {{- $comma = "," -}} {{- end }} {{- end }} }; From 57a7c22e1d2977bbff2bd838e7de406419bf04e4 Mon Sep 17 00:00:00 2001 From: Luigi Rubino Date: Tue, 6 Jun 2023 19:41:33 +0200 Subject: [PATCH 08/28] jicofo: add ability to disable auth --- docker-compose.yml | 1 + jicofo/rootfs/defaults/jicofo.conf | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index e71a955d13..d618ebedf5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -286,6 +286,7 @@ services: - ENABLE_AUTO_LOGIN - JICOFO_AUTH_PASSWORD - JICOFO_BRIDGE_REGION_GROUPS + - JICOFO_ENABLE_AUTH - JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS - JICOFO_CONF_INITIAL_PARTICIPANT_WAIT_TIMEOUT - JICOFO_CONF_SINGLE_PARTICIPANT_TIMEOUT diff --git a/jicofo/rootfs/defaults/jicofo.conf b/jicofo/rootfs/defaults/jicofo.conf index 85d9951609..2a639d7e61 100644 --- a/jicofo/rootfs/defaults/jicofo.conf +++ b/jicofo/rootfs/defaults/jicofo.conf @@ -1,4 +1,5 @@ {{ $ENABLE_AUTH := .Env.ENABLE_AUTH | default "0" | toBool }} +{{ $JICOFO_ENABLE_AUTH := (.Env.JICOFO_ENABLE_AUTH | default .Env.ENABLE_AUTH) | default "0" | toBool }} {{ $ENABLE_SCTP := .Env.ENABLE_SCTP | default "0" | toBool }} {{ $AUTH_TYPE := .Env.AUTH_TYPE | default "internal" }} {{ $ENABLE_RECORDING := .Env.ENABLE_RECORDING | default "0" | toBool }} @@ -24,7 +25,7 @@ {{ $XMPP_SERVER := .Env.XMPP_SERVER | default "xmpp.meet.jitsi" -}} jicofo { - {{ if $ENABLE_AUTH }} + {{ if $JICOFO_ENABLE_AUTH }} authentication { enabled = true // The type of authentication. Supported values are XMPP, JWT or SHIBBOLETH (default). From 0569bce51badef290118c8e8c35bd5309c3b1d99 Mon Sep 17 00:00:00 2001 From: Aaron van Meerten Date: Tue, 6 Jun 2023 13:31:00 -0500 Subject: [PATCH 09/28] jibri: add autoscaler-sidecar service support (#1562) --- jibri.yml | 9 ++++++ jibri/Dockerfile | 2 +- .../rootfs/defaults/autoscaler-sidecar.config | 14 +++++++++ jibri/rootfs/defaults/jibri.conf | 5 ++- jibri/rootfs/etc/cont-init.d/10-config | 31 +++++++++++++++++++ .../etc/services.d/50-autoscaler-sidecar/run | 10 ++++++ 6 files changed, 69 insertions(+), 2 deletions(-) create mode 100644 jibri/rootfs/defaults/autoscaler-sidecar.config create mode 100644 jibri/rootfs/etc/services.d/50-autoscaler-sidecar/run diff --git a/jibri.yml b/jibri.yml index 9eb9a79a22..38eb6987d8 100644 --- a/jibri.yml +++ b/jibri.yml @@ -10,9 +10,17 @@ services: cap_add: - SYS_ADMIN environment: + - AUTOSCALER_SIDECAR_KEY_FILE + - AUTOSCALER_SIDECAR_KEY_ID + - AUTOSCALER_SIDECAR_GROUP_NAME + - AUTOSCALER_SIDECAR_INSTANCE_ID + - AUTOSCALER_SIDECAR_PORT + - AUTOSCALER_SIDECAR_REGION + - AUTOSCALER_URL - CHROMIUM_FLAGS - DISPLAY=:0 - ENABLE_STATS_D + - JIBRI_WEBHOOK_SUBSCRIBERS - JIBRI_HTTP_API_EXTERNAL_PORT - JIBRI_HTTP_API_INTERNAL_PORT - JIBRI_RECORDING_RESOLUTION @@ -25,6 +33,7 @@ services: - JIBRI_RECORDING_DIR - JIBRI_FINALIZE_RECORDING_SCRIPT_PATH - JIBRI_STRIP_DOMAIN_JID + - LOCAL_ADDRESS - PUBLIC_URL - TZ - XMPP_AUTH_DOMAIN diff --git a/jibri/Dockerfile b/jibri/Dockerfile index 8924c60acb..1a680b2fd8 100644 --- a/jibri/Dockerfile +++ b/jibri/Dockerfile @@ -18,7 +18,7 @@ ARG CHROMEDRIVER_MAJOR_RELEASE=113 COPY rootfs/ / RUN apt-dpkg-wrap apt-get update && \ - apt-dpkg-wrap apt-get install -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" jibri libgl1-mesa-dri procps jitsi-upload-integrations jq pulseaudio dbus dbus-x11 rtkit unzip && \ + apt-dpkg-wrap apt-get install -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" jibri libgl1-mesa-dri procps jitsi-upload-integrations jitsi-autoscaler-sidecar jq pulseaudio dbus dbus-x11 rtkit unzip && \ /usr/bin/install-chrome.sh && \ apt-cleanup && \ adduser jibri rtkit diff --git a/jibri/rootfs/defaults/autoscaler-sidecar.config b/jibri/rootfs/defaults/autoscaler-sidecar.config new file mode 100644 index 0000000000..9b20a27bec --- /dev/null +++ b/jibri/rootfs/defaults/autoscaler-sidecar.config @@ -0,0 +1,14 @@ +{{ $JIBRI_HTTP_API_EXTERNAL_PORT := .Env.JIBRI_HTTP_API_EXTERNAL_PORT | default "2222" -}} +export PORT={{ .Env.AUTOSCALER_SIDECAR_PORT }} +export GRACEFUL_SHUTDOWN_SCRIPT="/opt/jitsi/jibri/wait_graceful_shutdown.sh" +export TERMINATE_SCRIPT="/opt/jitsi/jibri/shutdown.sh" +export ENABLE_REPORT_STATS=true +export POLLING_URL="{{ .Env.AUTOSCALER_URL }}/sidecar/poll" +export STATUS_URL="{{ .Env.AUTOSCALER_URL }}/sidecar/status" +export STATS_RETRIEVE_URL="http://localhost:{{ $JIBRI_HTTP_API_EXTERNAL_PORT }}/jibri/api/v1.0/health" +export STATS_REPORT_URL="{{ .Env.AUTOSCALER_URL }}/sidecar/stats" +export ASAP_SIGNING_KEY_FILE="{{ .Env.AUTOSCALER_SIDECAR_KEY_FILE }}" +export ASAP_JWT_KID="{{ .Env.AUTOSCALER_SIDECAR_KEY_ID }}" +export INSTANCE_TYPE="jibri" +export INSTANCE_ID="{{ .Env.AUTOSCALER_SIDECAR_INSTANCE_ID }}" +export INSTANCE_METADATA='{"environment":"{{ .Env.XMPP_ENV_NAME }}","region":"{{ .Env.AUTOSCALER_SIDECAR_REGION }}","group":"{{ .Env.AUTOSCALER_SIDECAR_GROUP_NAME }}","name":"{{ .Env.JIBRI_INSTANCE_ID }}","version":"{{ .Env.JIBRI_VERSION }}","privateIp":"{{ .Env.LOCAL_ADDRESS }}"}' diff --git a/jibri/rootfs/defaults/jibri.conf b/jibri/rootfs/defaults/jibri.conf index bc786a2be7..c4a616adfe 100644 --- a/jibri/rootfs/defaults/jibri.conf +++ b/jibri/rootfs/defaults/jibri.conf @@ -106,7 +106,10 @@ jibri { finalize-script = "{{ .Env.JIBRI_FINALIZE_RECORDING_SCRIPT_PATH }}" {{ end -}} } - +{{ if .Env.JIBRI_WEBHOOK_SUBSCRIBERS -}} + webhook { + subscribers = [{{ range $index, $element := splitList "," .Env.JIBRI_WEBHOOK_SUBSCRIBERS }}{{ if gt $index 0}},{{ end }}"{{ $element }}"{{ end }}] + }{{ end }} ffmpeg { resolution = "{{ $JIBRI_RECORDING_RESOLUTION }}" // The audio source that will be used to capture audio on Linux diff --git a/jibri/rootfs/etc/cont-init.d/10-config b/jibri/rootfs/etc/cont-init.d/10-config index 2cf1522803..a90c673b15 100644 --- a/jibri/rootfs/etc/cont-init.d/10-config +++ b/jibri/rootfs/etc/cont-init.d/10-config @@ -30,6 +30,37 @@ fi # set random jibri nickname for the instance if is not set [ -z "${JIBRI_INSTANCE_ID}" ] && export JIBRI_INSTANCE_ID="jibri-$(date +%N)" +# check for AUTOSCALER_URL, AUTOSCALER_SIDECAR_KEY_FILE and AUTOSCALER_SIDECAR_KEY_ID as indicator that sidecar should be enabled +if [ -n "$AUTOSCALER_URL" ]; then + if [ -z "$AUTOSCALER_SIDECAR_KEY_FILE" ]; then + export AUTOSCALER_SIDECAR_KEY_FILE="/etc/jitsi/autoscaler-sidecar/asap.pem" + fi + if [ -z "$AUTOSCALER_SIDECAR_KEY_ID" ]; then + # assume key id is equal to the base real path of the key file minus .pem + export AUTOSCALER_SIDECAR_KEY_ID="$(basename "$(realpath "$AUTOSCALER_SIDECAR_KEY_FILE")" | tr -d '.pem')" + fi + + if [ -f "$AUTOSCALER_SIDECAR_KEY_FILE" ]; then + echo "AUTOSCALER_URL found, enabling autoscaler sidecar" + + export JIBRI_VERSION="$(dpkg -s jibri | grep Version | awk '{print $2}' | sed 's/..$//')" + + [ -z "$AUTOSCALER_SIDECAR_PORT" ] && export AUTOSCALER_SIDECAR_PORT="6000" + [ -z "$JIBRI_WEBHOOK_SUBSCRIBERS" ] && export JIBRI_WEBHOOK_SUBSCRIBERS="http://localhost:$AUTOSCALER_SIDECAR_PORT/hook" + [ -z "$AUTOSCALER_SIDECAR_INSTANCE_ID" ] && export AUTOSCALER_SIDECAR_INSTANCE_ID="$JIBRI_INSTANCE_ID" + [ -z "$AUTOSCALER_SIDECAR_REGION" ] && export AUTOSCALER_SIDECAR_REGION="docker" + [ -z "$AUTOSCALER_SIDECAR_GROUP_NAME" ] && export AUTOSCALER_SIDECAR_GROUP_NAME="docker-jibri" + [ -z "$LOCAL_ADDRESS" ] && export LOCAL_ADDRESS="$(ip route get 1 | grep -oP '(?<=src ).*' | awk '{ print $1 '})" + + mkdir -p /etc/jitsi/autoscaler-sidecar + tpl /defaults/autoscaler-sidecar.config > /etc/jitsi/autoscaler-sidecar/config + else + echo "No key file at $AUTOSCALER_SIDECAR_KEY_FILE, leaving autoscaler sidecar disabled" + fi +else + echo "No AUTOSCALER_URL defined, leaving autoscaler sidecar disabled" +fi + # always recreate configs tpl /defaults/jibri.conf > /etc/jitsi/jibri/jibri.conf tpl /defaults/logging.properties > /etc/jitsi/jibri/logging.properties diff --git a/jibri/rootfs/etc/services.d/50-autoscaler-sidecar/run b/jibri/rootfs/etc/services.d/50-autoscaler-sidecar/run new file mode 100644 index 0000000000..22f775088e --- /dev/null +++ b/jibri/rootfs/etc/services.d/50-autoscaler-sidecar/run @@ -0,0 +1,10 @@ +#!/usr/bin/with-contenv bash + +if [[ -n "$AUTOSCALER_URL" ]] && [[ -f "/etc/jitsi/autoscaler-sidecar/config" ]]; then + DAEMON="/usr/bin/node /usr/share/jitsi-autoscaler-sidecar/app.js" + exec s6-setuidgid autoscaler-sidecar /bin/bash -c ". /etc/jitsi/autoscaler-sidecar/config && exec $DAEMON" +else + # if autoscaler-sidecar should not be started, + # prevent s6 from restarting this script again and again + s6-svc -O /var/run/s6/services/50-autoscaler-sidecar +fi From 94c7060cb5e506549581d0a4e40cb93141930aff Mon Sep 17 00:00:00 2001 From: Aaron van Meerten Date: Wed, 7 Jun 2023 13:43:26 -0500 Subject: [PATCH 10/28] jibri: params to override statsd host and port --- jibri.yml | 2 ++ jibri/rootfs/defaults/jibri.conf | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/jibri.yml b/jibri.yml index 38eb6987d8..62027e145e 100644 --- a/jibri.yml +++ b/jibri.yml @@ -33,6 +33,8 @@ services: - JIBRI_RECORDING_DIR - JIBRI_FINALIZE_RECORDING_SCRIPT_PATH - JIBRI_STRIP_DOMAIN_JID + - JIBRI_STATSD_HOST + - JIBRI_STATSD_PORT - LOCAL_ADDRESS - PUBLIC_URL - TZ diff --git a/jibri/rootfs/defaults/jibri.conf b/jibri/rootfs/defaults/jibri.conf index c4a616adfe..3436c23612 100644 --- a/jibri/rootfs/defaults/jibri.conf +++ b/jibri/rootfs/defaults/jibri.conf @@ -15,6 +15,8 @@ {{ $XMPP_PORT := .Env.XMPP_PORT | default "5222" -}} {{ $XMPP_SERVER := .Env.XMPP_SERVER | default "xmpp.meet.jitsi" -}} {{ $XMPP_SERVERS := splitList "," $XMPP_SERVER -}} +{{ $STATSD_HOST := .Env.JIBRI_STATSD_HOST | default "localhost" -}} +{{ $STATSD_PORT := .Env.JIBRI_STATSD_PORT | default "8125" -}} {{/* assign env from context, preserve during range when . is re-assigned */}} {{ $ENV := .Env -}} @@ -130,6 +132,8 @@ jibri { {{ if .Env.ENABLE_STATS_D -}} stats { enable-stats-d = {{ .Env.ENABLE_STATS_D }} + host = "{{ $STATSD_HOST }}" + port = {{ $STATSD_PORT }} } {{ end -}} } \ No newline at end of file From 6f722932f1e50df5685318d2aecbe5febbaf84de Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sa=C3=BAl=20Ibarra=20Corretg=C3=A9?= Date: Tue, 13 Jun 2023 23:04:39 +0200 Subject: [PATCH 11/28] jibri: bump Chrome version --- jibri/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/jibri/Dockerfile b/jibri/Dockerfile index 1a680b2fd8..abd465c52a 100644 --- a/jibri/Dockerfile +++ b/jibri/Dockerfile @@ -12,8 +12,8 @@ ARG TARGETPLATFORM ARG USE_CHROMIUM=0 #ARG CHROME_RELEASE=latest #ARG CHROMEDRIVER_MAJOR_RELEASE=latest -ARG CHROME_RELEASE=113.0.5672.126 -ARG CHROMEDRIVER_MAJOR_RELEASE=113 +ARG CHROME_RELEASE=114.0.5735.90 +ARG CHROMEDRIVER_MAJOR_RELEASE=114 COPY rootfs/ / From e9f36d6aef094f356937b1813cab9f2ac1f29444 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sa=C3=BAl=20Ibarra=20Corretg=C3=A9?= Date: Wed, 14 Jun 2023 23:34:57 +0200 Subject: [PATCH 12/28] release: stable-8719 * 6f72293 jibri: bump Chrome version * 94c7060 jibri: params to override statsd host and port * 0569bce jibri: add autoscaler-sidecar service support (#1562) * 57a7c22 jicofo: add ability to disable auth * a41578c prosody: update the comma logic while listing TURNs * 9776714 prosody: allow multiple TURN (#1559) * ce59d1e jibri: upgrade chrome to 113 (#1555) * c2f01f3 web: update livestreaming settings according to new config.js * e4c8c2a jibri: pre-warm chrome first before starting jibri (#1549) * 809f63c compose: add ability to configure the Jicofo REST port in the host * b81bd5c misc: working on unstable --- CHANGELOG.md | 16 ++++++++++++++++ docker-compose.yml | 8 ++++---- jibri.yml | 2 +- jigasi.yml | 2 +- 4 files changed, 22 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1b6dc6d6c2..63894958f8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,19 @@ +## stable-8719 + +Based on stable release 8719. + +* 6f72293 jibri: bump Chrome version +* 94c7060 jibri: params to override statsd host and port +* 0569bce jibri: add autoscaler-sidecar service support (#1562) +* 57a7c22 jicofo: add ability to disable auth +* a41578c prosody: update the comma logic while listing TURNs +* 9776714 prosody: allow multiple TURN (#1559) +* ce59d1e jibri: upgrade chrome to 113 (#1555) +* c2f01f3 web: update livestreaming settings according to new config.js +* e4c8c2a jibri: pre-warm chrome first before starting jibri (#1549) +* 809f63c compose: add ability to configure the Jicofo REST port in the host +* b81bd5c misc: working on unstable + ## stable-8615 Based on stable release 8615. diff --git a/docker-compose.yml b/docker-compose.yml index d618ebedf5..89570bba6e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.5' services: # Frontend web: - image: jitsi/web:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/web:${JITSI_IMAGE_VERSION:-stable-8719} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${HTTP_PORT}:80' @@ -161,7 +161,7 @@ services: # XMPP server prosody: - image: jitsi/prosody:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/prosody:${JITSI_IMAGE_VERSION:-stable-8719} restart: ${RESTART_POLICY:-unless-stopped} expose: - '${XMPP_PORT:-5222}' @@ -263,7 +263,7 @@ services: # Focus component jicofo: - image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable-8719} restart: ${RESTART_POLICY:-unless-stopped} ports: - '127.0.0.1:${JICOFO_REST_PORT:-8888}:8888' @@ -330,7 +330,7 @@ services: # Video bridge jvb: - image: jitsi/jvb:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/jvb:${JITSI_IMAGE_VERSION:-stable-8719} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp' diff --git a/jibri.yml b/jibri.yml index 62027e145e..fbc2dd9d65 100644 --- a/jibri.yml +++ b/jibri.yml @@ -2,7 +2,7 @@ version: '3.5' services: jibri: - image: jitsi/jibri:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/jibri:${JITSI_IMAGE_VERSION:-stable-8719} restart: ${RESTART_POLICY:-unless-stopped} volumes: - ${CONFIG}/jibri:/config:Z diff --git a/jigasi.yml b/jigasi.yml index dbbbcbe113..255c7883db 100644 --- a/jigasi.yml +++ b/jigasi.yml @@ -3,7 +3,7 @@ version: '3.5' services: # SIP gateway (audio) jigasi: - image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-stable-8719} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${JIGASI_PORT_MIN:-20000}-${JIGASI_PORT_MAX:-20050}:${JIGASI_PORT_MIN:-20000}-${JIGASI_PORT_MAX:-20050}/udp' From 58d47365fc0b84f5720869db5c1424e4bab6709a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sa=C3=BAl=20Ibarra=20Corretg=C3=A9?= Date: Wed, 14 Jun 2023 23:53:41 +0200 Subject: [PATCH 13/28] misc: working on unstable --- docker-compose.yml | 8 ++++---- jibri.yml | 2 +- jigasi.yml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 89570bba6e..d618ebedf5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.5' services: # Frontend web: - image: jitsi/web:${JITSI_IMAGE_VERSION:-stable-8719} + image: jitsi/web:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${HTTP_PORT}:80' @@ -161,7 +161,7 @@ services: # XMPP server prosody: - image: jitsi/prosody:${JITSI_IMAGE_VERSION:-stable-8719} + image: jitsi/prosody:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} expose: - '${XMPP_PORT:-5222}' @@ -263,7 +263,7 @@ services: # Focus component jicofo: - image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable-8719} + image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} ports: - '127.0.0.1:${JICOFO_REST_PORT:-8888}:8888' @@ -330,7 +330,7 @@ services: # Video bridge jvb: - image: jitsi/jvb:${JITSI_IMAGE_VERSION:-stable-8719} + image: jitsi/jvb:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp' diff --git a/jibri.yml b/jibri.yml index fbc2dd9d65..62027e145e 100644 --- a/jibri.yml +++ b/jibri.yml @@ -2,7 +2,7 @@ version: '3.5' services: jibri: - image: jitsi/jibri:${JITSI_IMAGE_VERSION:-stable-8719} + image: jitsi/jibri:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} volumes: - ${CONFIG}/jibri:/config:Z diff --git a/jigasi.yml b/jigasi.yml index 255c7883db..dbbbcbe113 100644 --- a/jigasi.yml +++ b/jigasi.yml @@ -3,7 +3,7 @@ version: '3.5' services: # SIP gateway (audio) jigasi: - image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-stable-8719} + image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${JIGASI_PORT_MIN:-20000}-${JIGASI_PORT_MAX:-20050}:${JIGASI_PORT_MIN:-20000}-${JIGASI_PORT_MAX:-20050}/udp' From dc1994a66a5b66f8a141113f39cb514b92cf8354 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sa=C3=BAl=20Ibarra=20Corretg=C3=A9?= Date: Thu, 29 Jun 2023 14:53:36 +0200 Subject: [PATCH 14/28] jicofo: remove shibboleth authentication options It got removed from Jicofo. --- jicofo/rootfs/defaults/jicofo.conf | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/jicofo/rootfs/defaults/jicofo.conf b/jicofo/rootfs/defaults/jicofo.conf index 2a639d7e61..6a54d93590 100644 --- a/jicofo/rootfs/defaults/jicofo.conf +++ b/jicofo/rootfs/defaults/jicofo.conf @@ -28,20 +28,13 @@ jicofo { {{ if $JICOFO_ENABLE_AUTH }} authentication { enabled = true - // The type of authentication. Supported values are XMPP, JWT or SHIBBOLETH (default). + // The type of authentication. Supported values are XMPP or JWT. {{ if eq $AUTH_TYPE "jwt" }} type = JWT - {{ else if eq $AUTH_TYPE "shibboleth" }} - type = SHIBBOLETH {{ else }} type = XMPP {{ end }} - {{ if eq $AUTH_TYPE "shibboleth" }} - login-url = "shibboleth:default" - logout-url = "shibboleth:default" - {{ else }} login-url = "{{ $XMPP_DOMAIN }}" - {{ end }} enable-auto-login={{ $ENABLE_AUTO_LOGIN }} } {{ end }} From f18acb493dc15bb0bc35836715d92fc4c9444ac3 Mon Sep 17 00:00:00 2001 From: emrah Date: Sat, 1 Jul 2023 17:02:00 +0300 Subject: [PATCH 15/28] jicofo, prosody: allow to set different AUTH_TYPE --- docker-compose.yml | 2 ++ jicofo/rootfs/defaults/jicofo.conf | 23 ++++++++++--------- .../rootfs/defaults/conf.d/jitsi-meet.cfg.lua | 23 ++++++++++--------- prosody/rootfs/defaults/saslauthd.conf | 4 +++- 4 files changed, 29 insertions(+), 23 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index d618ebedf5..ded4d1b6c2 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -229,6 +229,7 @@ services: - LDAP_URL - LDAP_USE_TLS - MAX_PARTICIPANTS + - PROSODY_AUTH_TYPE - PROSODY_RESERVATION_ENABLED - PROSODY_RESERVATION_REST_BASE_URL - PROSODY_ENABLE_RATE_LIMITS @@ -285,6 +286,7 @@ services: - ENABLE_SCTP - ENABLE_AUTO_LOGIN - JICOFO_AUTH_PASSWORD + - JICOFO_AUTH_TYPE - JICOFO_BRIDGE_REGION_GROUPS - JICOFO_ENABLE_AUTH - JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS diff --git a/jicofo/rootfs/defaults/jicofo.conf b/jicofo/rootfs/defaults/jicofo.conf index 6a54d93590..7738600b40 100644 --- a/jicofo/rootfs/defaults/jicofo.conf +++ b/jicofo/rootfs/defaults/jicofo.conf @@ -1,13 +1,14 @@ -{{ $ENABLE_AUTH := .Env.ENABLE_AUTH | default "0" | toBool }} -{{ $JICOFO_ENABLE_AUTH := (.Env.JICOFO_ENABLE_AUTH | default .Env.ENABLE_AUTH) | default "0" | toBool }} -{{ $ENABLE_SCTP := .Env.ENABLE_SCTP | default "0" | toBool }} -{{ $AUTH_TYPE := .Env.AUTH_TYPE | default "internal" }} -{{ $ENABLE_RECORDING := .Env.ENABLE_RECORDING | default "0" | toBool }} -{{ $ENABLE_OCTO := .Env.ENABLE_OCTO | default "0" | toBool }} -{{ $ENABLE_AUTO_LOGIN := .Env.ENABLE_AUTO_LOGIN | default "1" | toBool }} -{{ $ENABLE_REST := .Env.JICOFO_ENABLE_REST | default "0" | toBool }} -{{ $ENABLE_JVB_XMPP_SERVER := .Env.ENABLE_JVB_XMPP_SERVER | default "0" | toBool }} -{{ $HEALTH_CHECKS_USE_PRESENCE := .Env.JICOFO_HEALTH_CHECKS_USE_PRESENCE | default "0" | toBool }} +{{ $ENABLE_AUTH := .Env.ENABLE_AUTH | default "0" -}} +{{ $JICOFO_ENABLE_AUTH := .Env.JICOFO_ENABLE_AUTH | default $ENABLE_AUTH | toBool -}} +{{ $AUTH_TYPE := .Env.AUTH_TYPE | default "internal" -}} +{{ $JICOFO_AUTH_TYPE := .Env.JICOFO_AUTH_TYPE | default $AUTH_TYPE -}} +{{ $ENABLE_SCTP := .Env.ENABLE_SCTP | default "0" | toBool -}} +{{ $ENABLE_RECORDING := .Env.ENABLE_RECORDING | default "0" | toBool -}} +{{ $ENABLE_OCTO := .Env.ENABLE_OCTO | default "0" | toBool -}} +{{ $ENABLE_AUTO_LOGIN := .Env.ENABLE_AUTO_LOGIN | default "1" | toBool -}} +{{ $ENABLE_REST := .Env.JICOFO_ENABLE_REST | default "0" | toBool -}} +{{ $ENABLE_JVB_XMPP_SERVER := .Env.ENABLE_JVB_XMPP_SERVER | default "0" | toBool -}} +{{ $HEALTH_CHECKS_USE_PRESENCE := .Env.JICOFO_HEALTH_CHECKS_USE_PRESENCE | default "0" | toBool -}} {{ $JIBRI_BREWERY_MUC := .Env.JIBRI_BREWERY_MUC | default "jibribrewery" -}} {{ $JIGASI_BREWERY_MUC := .Env.JIGASI_BREWERY_MUC | default "jigasibrewery" -}} {{ $JVB_BREWERY_MUC := .Env.JVB_BREWERY_MUC | default "jvbbrewery" -}} @@ -29,7 +30,7 @@ jicofo { authentication { enabled = true // The type of authentication. Supported values are XMPP or JWT. - {{ if eq $AUTH_TYPE "jwt" }} + {{ if eq $JICOFO_AUTH_TYPE "jwt" }} type = JWT {{ else }} type = XMPP diff --git a/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua b/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua index 117bf0e604..c26f8f860b 100644 --- a/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua +++ b/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua @@ -1,7 +1,8 @@ {{ $ENABLE_AUTH := .Env.ENABLE_AUTH | default "0" | toBool -}} -{{ $ENABLE_GUEST_DOMAIN := and $ENABLE_AUTH (.Env.ENABLE_GUESTS | default "0" | toBool)}} -{{ $ENABLE_RECORDING := .Env.ENABLE_RECORDING | default "0" | toBool -}} {{ $AUTH_TYPE := .Env.AUTH_TYPE | default "internal" -}} +{{ $PROSODY_AUTH_TYPE := .Env.PROSODY_AUTH_TYPE | default $AUTH_TYPE -}} +{{ $ENABLE_GUEST_DOMAIN := and $ENABLE_AUTH (.Env.ENABLE_GUESTS | default "0" | toBool) -}} +{{ $ENABLE_RECORDING := .Env.ENABLE_RECORDING | default "0" | toBool -}} {{ $JIBRI_XMPP_USER := .Env.JIBRI_XMPP_USER | default "jibri" -}} {{ $JIGASI_XMPP_USER := .Env.JIGASI_XMPP_USER | default "jigasi" -}} {{ $JVB_AUTH_USER := .Env.JVB_AUTH_USER | default "jvb" -}} @@ -98,11 +99,11 @@ external_services = { }; {{- end }} -{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_ISSUERS }} +{{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_ISSUERS }} asap_accepted_issuers = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_ISSUERS) }}" } {{ end }} -{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_AUDIENCES }} +{{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_AUDIENCES }} asap_accepted_audiences = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_AUDIENCES) }}" } {{ end }} @@ -125,7 +126,7 @@ VirtualHost "jigasi.meet.jitsi" VirtualHost "{{ $XMPP_DOMAIN }}" {{ if $ENABLE_AUTH }} - {{ if eq $AUTH_TYPE "jwt" }} + {{ if eq $PROSODY_AUTH_TYPE "jwt" }} authentication = "{{ $JWT_AUTH_TYPE }}" app_id = "{{ .Env.JWT_APP_ID }}" app_secret = "{{ .Env.JWT_APP_SECRET }}" @@ -134,11 +135,11 @@ VirtualHost "{{ $XMPP_DOMAIN }}" asap_key_server = "{{ .Env.JWT_ASAP_KEYSERVER }}" {{ end }} enable_domain_verification = {{ $JWT_ENABLE_DOMAIN_VERIFICATION }} - {{ else if eq $AUTH_TYPE "ldap" }} + {{ else if eq $PROSODY_AUTH_TYPE "ldap" }} authentication = "cyrus" cyrus_application_name = "xmpp" allow_unencrypted_plain_auth = true - {{ else if eq $AUTH_TYPE "matrix" }} + {{ else if eq $PROSODY_AUTH_TYPE "matrix" }} authentication = "matrix_user_verification" app_id = "{{ $MATRIX_UVS_ISSUER }}" uvs_base_url = "{{ .Env.MATRIX_UVS_URL }}" @@ -148,7 +149,7 @@ VirtualHost "{{ $XMPP_DOMAIN }}" {{ if $MATRIX_UVS_SYNC_POWER_LEVELS }} uvs_sync_power_levels = true {{ end }} - {{ else if eq $AUTH_TYPE "internal" }} + {{ else if eq $PROSODY_AUTH_TYPE "internal" }} authentication = "internal_hashed" {{ end }} {{ else }} @@ -187,7 +188,7 @@ VirtualHost "{{ $XMPP_DOMAIN }}" {{ if .Env.XMPP_MODULES }} "{{ join "\";\n\"" (splitList "," .Env.XMPP_MODULES) }}"; {{ end }} - {{ if and $ENABLE_AUTH (eq $AUTH_TYPE "ldap") }} + {{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "ldap") }} "auth_cyrus"; {{end}} {{ if $PROSODY_RESERVATION_ENABLED }} @@ -270,10 +271,10 @@ Component "{{ $XMPP_MUC_DOMAIN }}" "muc" {{ if .Env.XMPP_MUC_MODULES -}} "{{ join "\";\n\"" (splitList "," .Env.XMPP_MUC_MODULES) }}"; {{ end -}} - {{ if and $ENABLE_AUTH (eq $AUTH_TYPE "jwt") -}} + {{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "jwt") -}} "{{ $JWT_TOKEN_AUTH_MODULE }}"; {{ end }} - {{ if and $ENABLE_AUTH (eq $AUTH_TYPE "matrix") $MATRIX_UVS_SYNC_POWER_LEVELS -}} + {{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "matrix") $MATRIX_UVS_SYNC_POWER_LEVELS -}} "matrix_power_sync"; {{ end -}} {{ if not $DISABLE_POLLS -}} diff --git a/prosody/rootfs/defaults/saslauthd.conf b/prosody/rootfs/defaults/saslauthd.conf index 543b5eb9e1..79cdc0ad61 100644 --- a/prosody/rootfs/defaults/saslauthd.conf +++ b/prosody/rootfs/defaults/saslauthd.conf @@ -1,6 +1,8 @@ +{{ $AUTH_TYPE := .Env.AUTH_TYPE | default "internal" -}} +{{ $PROSODY_AUTH_TYPE := .Env.PROSODY_AUTH_TYPE | default $AUTH_TYPE }} {{ $XMPP_DOMAIN := .Env.XMPP_DOMAIN | default "meet.jitsi" -}} -{{ if eq (.Env.AUTH_TYPE | default "internal") "ldap" }} +{{ if eq $PROSODY_AUTH_TYPE "ldap" }} ldap_servers: {{ .Env.LDAP_URL }} ldap_search_base: {{ .Env.LDAP_BASE }} {{ if .Env.LDAP_BINDDN | default "" }} From 497015b63e842612bf83fc68c7e4c4fa1e24bb4d Mon Sep 17 00:00:00 2001 From: emrah Date: Thu, 13 Jul 2023 15:37:33 +0300 Subject: [PATCH 16/28] jicofo: add JICOFO_AUTH_LIFETIME as environment variable --- docker-compose.yml | 1 + jicofo/rootfs/defaults/jicofo.conf | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index ded4d1b6c2..003d8837d6 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -285,6 +285,7 @@ services: - ENABLE_RECORDING - ENABLE_SCTP - ENABLE_AUTO_LOGIN + - JICOFO_AUTH_LIFETIME - JICOFO_AUTH_PASSWORD - JICOFO_AUTH_TYPE - JICOFO_BRIDGE_REGION_GROUPS diff --git a/jicofo/rootfs/defaults/jicofo.conf b/jicofo/rootfs/defaults/jicofo.conf index 7738600b40..c5c8b3bd14 100644 --- a/jicofo/rootfs/defaults/jicofo.conf +++ b/jicofo/rootfs/defaults/jicofo.conf @@ -2,6 +2,7 @@ {{ $JICOFO_ENABLE_AUTH := .Env.JICOFO_ENABLE_AUTH | default $ENABLE_AUTH | toBool -}} {{ $AUTH_TYPE := .Env.AUTH_TYPE | default "internal" -}} {{ $JICOFO_AUTH_TYPE := .Env.JICOFO_AUTH_TYPE | default $AUTH_TYPE -}} +{{ $JICOFO_AUTH_LIFETIME := .Env.JICOFO_AUTH_LIFETIME | default "24 hours" -}} {{ $ENABLE_SCTP := .Env.ENABLE_SCTP | default "0" | toBool -}} {{ $ENABLE_RECORDING := .Env.ENABLE_RECORDING | default "0" | toBool -}} {{ $ENABLE_OCTO := .Env.ENABLE_OCTO | default "0" | toBool -}} @@ -36,7 +37,8 @@ jicofo { type = XMPP {{ end }} login-url = "{{ $XMPP_DOMAIN }}" - enable-auto-login={{ $ENABLE_AUTO_LOGIN }} + enable-auto-login = {{ $ENABLE_AUTO_LOGIN }} + authentication-lifetime = {{ $JICOFO_AUTH_LIFETIME }} } {{ end }} From 6bb2455b964968ea7ee258e9b57c33dcd186507b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=94=D0=B0=D0=BC=D1=8F=D0=BD=20=D0=9C=D0=B8=D0=BD=D0=BA?= =?UTF-8?q?=D0=BE=D0=B2?= Date: Fri, 21 Jul 2023 00:19:50 -0500 Subject: [PATCH 17/28] jibri: add extra fonts --- jibri/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jibri/Dockerfile b/jibri/Dockerfile index abd465c52a..b6aa1cbdc2 100644 --- a/jibri/Dockerfile +++ b/jibri/Dockerfile @@ -18,7 +18,7 @@ ARG CHROMEDRIVER_MAJOR_RELEASE=114 COPY rootfs/ / RUN apt-dpkg-wrap apt-get update && \ - apt-dpkg-wrap apt-get install -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" jibri libgl1-mesa-dri procps jitsi-upload-integrations jitsi-autoscaler-sidecar jq pulseaudio dbus dbus-x11 rtkit unzip && \ + apt-dpkg-wrap apt-get install -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" jibri libgl1-mesa-dri procps jitsi-upload-integrations jitsi-autoscaler-sidecar jq pulseaudio dbus dbus-x11 rtkit unzip fonts-noto && \ /usr/bin/install-chrome.sh && \ apt-cleanup && \ adduser jibri rtkit From b5b8ea28cd0bec24e567bf11cee23e53976bd992 Mon Sep 17 00:00:00 2001 From: Daniel McAssey Date: Fri, 21 Jul 2023 11:22:41 +0100 Subject: [PATCH 18/28] jigasi: add toggle to enable REST shutdown --- jigasi.yml | 1 + jigasi/rootfs/defaults/sip-communicator.properties | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/jigasi.yml b/jigasi.yml index dbbbcbe113..210d5916cc 100644 --- a/jigasi.yml +++ b/jigasi.yml @@ -47,6 +47,7 @@ services: - GC_CLIENT_EMAIL - GC_CLIENT_ID - GC_CLIENT_CERT_URL + - SHUTDOWN_REST_ENABLED - SENTRY_DSN="${JIGASI_SENTRY_DSN:-0}" - SENTRY_ENVIRONMENT - SENTRY_RELEASE diff --git a/jigasi/rootfs/defaults/sip-communicator.properties b/jigasi/rootfs/defaults/sip-communicator.properties index ce0eb74b27..a13e49bc97 100644 --- a/jigasi/rootfs/defaults/sip-communicator.properties +++ b/jigasi/rootfs/defaults/sip-communicator.properties @@ -8,6 +8,7 @@ {{ $XMPP_PORT := .Env.XMPP_PORT | default "5222" -}} {{ $XMPP_SERVER := .Env.XMPP_SERVER | default "xmpp.meet.jitsi" -}} {{ $XMPP_SERVERS := splitList "," $XMPP_SERVER -}} +{{ $SHUTDOWN_REST_ENABLED := .Env.SHUTDOWN_REST_ENABLED | default "false" | toBool -}} {{ $DISABLE_SIP := .Env.JIGASI_DISABLE_SIP | default "false" | toBool -}} {{/* assign env from context, preserve during range when . is re-assigned */}} {{ $ENV := .Env -}} @@ -20,6 +21,9 @@ net.java.sip.communicator.impl.neomedia.codec.audio.opus.encoder.COMPLEXITY=10 # Disables packet logging net.java.sip.communicator.packetlogging.PACKET_LOGGING_ENABLED=false +# Control REST Shutdown +org.jitsi.jigasi.ENABLE_REST_SHUTDOWN={{ $SHUTDOWN_REST_ENABLED }} + # SIP account net.java.sip.communicator.impl.protocol.sip.acc1=acc1 {{ if .Env.JIGASI_SIP_SERVER }} From 1cbb8f8cec9b29036cf6f24ebd087b8ea58958ee Mon Sep 17 00:00:00 2001 From: emrah Date: Tue, 8 Aug 2023 10:07:35 +0300 Subject: [PATCH 19/28] prosody: add hybrid_matrix_token as a new authentication method --- prosody/Dockerfile | 8 ++++++- .../rootfs/defaults/conf.d/jitsi-meet.cfg.lua | 23 ++++++++++++++++--- 2 files changed, 27 insertions(+), 4 deletions(-) diff --git a/prosody/Dockerfile b/prosody/Dockerfile index 9d6d3b78b1..762c4f2878 100644 --- a/prosody/Dockerfile +++ b/prosody/Dockerfile @@ -27,6 +27,7 @@ LABEL org.opencontainers.image.url="https://prosody.im/" LABEL org.opencontainers.image.source="https://github.com/jitsi/docker-jitsi-meet" LABEL org.opencontainers.image.documentation="https://jitsi.github.io/handbook/" +ARG VERSION_JITSI_CONTRIB_PROSODY_PLUGINS="20230803" ARG VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN="1.8.0" RUN wget -qO /etc/apt/trusted.gpg.d/prosody.gpg https://prosody.im/files/prosody-debian-packages.key && \ @@ -59,7 +60,12 @@ RUN wget -qO /etc/apt/trusted.gpg.d/prosody.gpg https://prosody.im/files/prosody tar -xf v$VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN.tar.gz && \ mv prosody-mod-auth-matrix-user-verification-$VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN/mod_auth_matrix_user_verification.lua /prosody-plugins && \ mv prosody-mod-auth-matrix-user-verification-$VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN/mod_matrix_power_sync.lua /prosody-plugins && \ - rm -rf prosody-mod-auth-matrix-user-verification-$VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN v$VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN.tar.gz + rm -rf prosody-mod-auth-matrix-user-verification-$VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN v$VERSION_MATRIX_USER_VERIFICATION_SERVICE_PLUGIN.tar.gz && \ + wget -q https://github.com/jitsi-contrib/prosody-plugins/archive/refs/tags/v$VERSION_JITSI_CONTRIB_PROSODY_PLUGINS.tar.gz && \ + tar -xf v$VERSION_JITSI_CONTRIB_PROSODY_PLUGINS.tar.gz && \ + mv prosody-plugins-$VERSION_JITSI_CONTRIB_PROSODY_PLUGINS/auth_hybrid_matrix_token/mod_auth_hybrid_matrix_token.lua /prosody-plugins && \ + mv prosody-plugins-$VERSION_JITSI_CONTRIB_PROSODY_PLUGINS/auth_hybrid_matrix_token/mod_matrix_affiliation.lua /prosody-plugins && \ + rm -rf prosody-plugins-$VERSION_JITSI_CONTRIB_PROSODY_PLUGINS v$VERSION_JITSI_CONTRIB_PROSODY_PLUGINS.tar.gz COPY rootfs/ / diff --git a/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua b/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua index c26f8f860b..ec53852409 100644 --- a/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua +++ b/prosody/rootfs/defaults/conf.d/jitsi-meet.cfg.lua @@ -99,11 +99,11 @@ external_services = { }; {{- end }} -{{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_ISSUERS }} +{{ if and $ENABLE_AUTH (or (eq $PROSODY_AUTH_TYPE "jwt") (eq $PROSODY_AUTH_TYPE "hybrid_matrix_token")) .Env.JWT_ACCEPTED_ISSUERS }} asap_accepted_issuers = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_ISSUERS) }}" } {{ end }} -{{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "jwt") .Env.JWT_ACCEPTED_AUDIENCES }} +{{ if and $ENABLE_AUTH (or (eq $PROSODY_AUTH_TYPE "jwt") (eq $PROSODY_AUTH_TYPE "hybrid_matrix_token")) .Env.JWT_ACCEPTED_AUDIENCES }} asap_accepted_audiences = { "{{ join "\",\"" (splitList "," .Env.JWT_ACCEPTED_AUDIENCES) }}" } {{ end }} @@ -149,6 +149,20 @@ VirtualHost "{{ $XMPP_DOMAIN }}" {{ if $MATRIX_UVS_SYNC_POWER_LEVELS }} uvs_sync_power_levels = true {{ end }} + {{ else if eq $PROSODY_AUTH_TYPE "hybrid_matrix_token" }} + authentication = "hybrid_matrix_token" + app_id = "{{ .Env.JWT_APP_ID }}" + app_secret = "{{ .Env.JWT_APP_SECRET }}" + allow_empty_token = {{ $JWT_ALLOW_EMPTY }} + enable_domain_verification = {{ $JWT_ENABLE_DOMAIN_VERIFICATION }} + + uvs_base_url = "{{ .Env.MATRIX_UVS_URL }}" + {{ if .Env.MATRIX_UVS_ISSUER }} + uvs_issuer = "{{ .Env.MATRIX_UVS_ISSUER }}" + {{ end }} + {{ if .Env.MATRIX_UVS_AUTH_TOKEN }} + uvs_auth_token = "{{ .Env.MATRIX_UVS_AUTH_TOKEN }}" + {{ end }} {{ else if eq $PROSODY_AUTH_TYPE "internal" }} authentication = "internal_hashed" {{ end }} @@ -271,12 +285,15 @@ Component "{{ $XMPP_MUC_DOMAIN }}" "muc" {{ if .Env.XMPP_MUC_MODULES -}} "{{ join "\";\n\"" (splitList "," .Env.XMPP_MUC_MODULES) }}"; {{ end -}} - {{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "jwt") -}} + {{ if and $ENABLE_AUTH (or (eq $PROSODY_AUTH_TYPE "jwt") (eq $PROSODY_AUTH_TYPE "hybrid_matrix_token")) -}} "{{ $JWT_TOKEN_AUTH_MODULE }}"; {{ end }} {{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "matrix") $MATRIX_UVS_SYNC_POWER_LEVELS -}} "matrix_power_sync"; {{ end -}} + {{ if and $ENABLE_AUTH (eq $PROSODY_AUTH_TYPE "hybrid_matrix_token") $MATRIX_UVS_SYNC_POWER_LEVELS -}} + "matrix_affiliation"; + {{ end -}} {{ if not $DISABLE_POLLS -}} "polls"; {{ end -}} From 69bf9b980449cce4fc30c8bad83164401eae2a36 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sa=C3=BAl=20Ibarra=20Corretg=C3=A9?= Date: Fri, 1 Sep 2023 23:53:29 +0200 Subject: [PATCH 20/28] release: stable-8922 * 1cbb8f8 prosody: add hybrid_matrix_token as a new authentication method * b5b8ea2 jigasi: add toggle to enable REST shutdown * 6bb2455 jibri: add extra fonts * 497015b jicofo: add JICOFO_AUTH_LIFETIME as environment variable * f18acb4 jicofo, prosody: allow to set different AUTH_TYPE * dc1994a jicofo: remove shibboleth authentication options * 58d4736 misc: working on unstable --- CHANGELOG.md | 12 ++++++++++++ docker-compose.yml | 8 ++++---- jibri.yml | 2 +- jigasi.yml | 2 +- 4 files changed, 18 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 63894958f8..801e959275 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,15 @@ +## stable-8922 + +Based on stable release 8922. + +* 1cbb8f8 prosody: add hybrid_matrix_token as a new authentication method +* b5b8ea2 jigasi: add toggle to enable REST shutdown +* 6bb2455 jibri: add extra fonts +* 497015b jicofo: add JICOFO_AUTH_LIFETIME as environment variable +* f18acb4 jicofo, prosody: allow to set different AUTH_TYPE +* dc1994a jicofo: remove shibboleth authentication options +* 58d4736 misc: working on unstable + ## stable-8719 Based on stable release 8719. diff --git a/docker-compose.yml b/docker-compose.yml index 003d8837d6..2a6c0570c7 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.5' services: # Frontend web: - image: jitsi/web:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/web:${JITSI_IMAGE_VERSION:-stable-8922} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${HTTP_PORT}:80' @@ -161,7 +161,7 @@ services: # XMPP server prosody: - image: jitsi/prosody:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/prosody:${JITSI_IMAGE_VERSION:-stable-8922} restart: ${RESTART_POLICY:-unless-stopped} expose: - '${XMPP_PORT:-5222}' @@ -264,7 +264,7 @@ services: # Focus component jicofo: - image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable-8922} restart: ${RESTART_POLICY:-unless-stopped} ports: - '127.0.0.1:${JICOFO_REST_PORT:-8888}:8888' @@ -333,7 +333,7 @@ services: # Video bridge jvb: - image: jitsi/jvb:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/jvb:${JITSI_IMAGE_VERSION:-stable-8922} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp' diff --git a/jibri.yml b/jibri.yml index 62027e145e..d76c2a6559 100644 --- a/jibri.yml +++ b/jibri.yml @@ -2,7 +2,7 @@ version: '3.5' services: jibri: - image: jitsi/jibri:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/jibri:${JITSI_IMAGE_VERSION:-stable-8922} restart: ${RESTART_POLICY:-unless-stopped} volumes: - ${CONFIG}/jibri:/config:Z diff --git a/jigasi.yml b/jigasi.yml index 210d5916cc..1fc805fd38 100644 --- a/jigasi.yml +++ b/jigasi.yml @@ -3,7 +3,7 @@ version: '3.5' services: # SIP gateway (audio) jigasi: - image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-stable-8922} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${JIGASI_PORT_MIN:-20000}-${JIGASI_PORT_MAX:-20050}:${JIGASI_PORT_MIN:-20000}-${JIGASI_PORT_MAX:-20050}/udp' From 6e5931906b15bff8c5151f4b12d3c265392b30cd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sa=C3=BAl=20Ibarra=20Corretg=C3=A9?= Date: Sat, 2 Sep 2023 00:10:14 +0200 Subject: [PATCH 21/28] misc: working on unstable --- docker-compose.yml | 8 ++++---- jibri.yml | 2 +- jigasi.yml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 2a6c0570c7..003d8837d6 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.5' services: # Frontend web: - image: jitsi/web:${JITSI_IMAGE_VERSION:-stable-8922} + image: jitsi/web:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${HTTP_PORT}:80' @@ -161,7 +161,7 @@ services: # XMPP server prosody: - image: jitsi/prosody:${JITSI_IMAGE_VERSION:-stable-8922} + image: jitsi/prosody:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} expose: - '${XMPP_PORT:-5222}' @@ -264,7 +264,7 @@ services: # Focus component jicofo: - image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable-8922} + image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} ports: - '127.0.0.1:${JICOFO_REST_PORT:-8888}:8888' @@ -333,7 +333,7 @@ services: # Video bridge jvb: - image: jitsi/jvb:${JITSI_IMAGE_VERSION:-stable-8922} + image: jitsi/jvb:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp' diff --git a/jibri.yml b/jibri.yml index d76c2a6559..62027e145e 100644 --- a/jibri.yml +++ b/jibri.yml @@ -2,7 +2,7 @@ version: '3.5' services: jibri: - image: jitsi/jibri:${JITSI_IMAGE_VERSION:-stable-8922} + image: jitsi/jibri:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} volumes: - ${CONFIG}/jibri:/config:Z diff --git a/jigasi.yml b/jigasi.yml index 1fc805fd38..210d5916cc 100644 --- a/jigasi.yml +++ b/jigasi.yml @@ -3,7 +3,7 @@ version: '3.5' services: # SIP gateway (audio) jigasi: - image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-stable-8922} + image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-unstable} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${JIGASI_PORT_MIN:-20000}-${JIGASI_PORT_MAX:-20050}:${JIGASI_PORT_MIN:-20000}-${JIGASI_PORT_MAX:-20050}/udp' From 916bccbad68e6508d8a700ea53e32e039f8bca66 Mon Sep 17 00:00:00 2001 From: Aaron van Meerten Date: Mon, 28 Aug 2023 16:13:28 -0400 Subject: [PATCH 22/28] jibri: autoscaler sidecar tuning parameters --- jibri.yml | 3 +++ jibri/rootfs/defaults/autoscaler-sidecar.config | 6 +++++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/jibri.yml b/jibri.yml index 62027e145e..a66613a5f3 100644 --- a/jibri.yml +++ b/jibri.yml @@ -13,9 +13,12 @@ services: - AUTOSCALER_SIDECAR_KEY_FILE - AUTOSCALER_SIDECAR_KEY_ID - AUTOSCALER_SIDECAR_GROUP_NAME + - AUTOSCALER_SIDECAR_HOST_ID - AUTOSCALER_SIDECAR_INSTANCE_ID - AUTOSCALER_SIDECAR_PORT - AUTOSCALER_SIDECAR_REGION + - AUTOSCALER_SIDECAR_SHUTDOWN_POLLING_INTERVAL + - AUTOSCALER_SIDECAR_STATS_POLLING_INTERVAL - AUTOSCALER_URL - CHROMIUM_FLAGS - DISPLAY=:0 diff --git a/jibri/rootfs/defaults/autoscaler-sidecar.config b/jibri/rootfs/defaults/autoscaler-sidecar.config index 9b20a27bec..70d14ee706 100644 --- a/jibri/rootfs/defaults/autoscaler-sidecar.config +++ b/jibri/rootfs/defaults/autoscaler-sidecar.config @@ -1,4 +1,8 @@ {{ $JIBRI_HTTP_API_EXTERNAL_PORT := .Env.JIBRI_HTTP_API_EXTERNAL_PORT | default "2222" -}} +{{ $SHUTDOWN_POLLING_INTERVAL := .Env.AUTOSCALER_SIDECAR_SHUTDOWN_POLLING_INTERVAL | default "60" -}} +{{ $STATS_POLLING_INTERVAL := .Env.AUTOSCALER_SIDECAR_STATS_POLLING_INTERVAL | default "30" -}} +export SHUTDOWN_POLLING_INTERVAL={{ $SHUTDOWN_POLLING_INTERVAL }} +export STATS_POLLING_INTERVAL={{ $STATS_POLLING_INTERVAL }} export PORT={{ .Env.AUTOSCALER_SIDECAR_PORT }} export GRACEFUL_SHUTDOWN_SCRIPT="/opt/jitsi/jibri/wait_graceful_shutdown.sh" export TERMINATE_SCRIPT="/opt/jitsi/jibri/shutdown.sh" @@ -11,4 +15,4 @@ export ASAP_SIGNING_KEY_FILE="{{ .Env.AUTOSCALER_SIDECAR_KEY_FILE }}" export ASAP_JWT_KID="{{ .Env.AUTOSCALER_SIDECAR_KEY_ID }}" export INSTANCE_TYPE="jibri" export INSTANCE_ID="{{ .Env.AUTOSCALER_SIDECAR_INSTANCE_ID }}" -export INSTANCE_METADATA='{"environment":"{{ .Env.XMPP_ENV_NAME }}","region":"{{ .Env.AUTOSCALER_SIDECAR_REGION }}","group":"{{ .Env.AUTOSCALER_SIDECAR_GROUP_NAME }}","name":"{{ .Env.JIBRI_INSTANCE_ID }}","version":"{{ .Env.JIBRI_VERSION }}","privateIp":"{{ .Env.LOCAL_ADDRESS }}"}' +export INSTANCE_METADATA='{"environment":"{{ .Env.XMPP_ENV_NAME }}","region":"{{ .Env.AUTOSCALER_SIDECAR_REGION }}","group":"{{ .Env.AUTOSCALER_SIDECAR_GROUP_NAME }}","name":"{{ .Env.JIBRI_INSTANCE_ID }}","version":"{{ .Env.JIBRI_VERSION }}","privateIp":"{{ .Env.LOCAL_ADDRESS }}","hostId":"{{ .Env.AUTOSCALER_SIDECAR_HOST_ID }}"}' From 2c0a7931b2d29bf1f30944c2c827aa619a10ffa0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sa=C3=BAl=20Ibarra=20Corretg=C3=A9?= Date: Mon, 11 Sep 2023 11:41:27 +0200 Subject: [PATCH 23/28] jibri: update Chrome to 116 Note the URL for the ChromeDriver has changed now. --- jibri/Dockerfile | 4 ++-- jibri/rootfs/usr/bin/install-chrome.sh | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/jibri/Dockerfile b/jibri/Dockerfile index b6aa1cbdc2..e8da8cf70e 100644 --- a/jibri/Dockerfile +++ b/jibri/Dockerfile @@ -12,8 +12,8 @@ ARG TARGETPLATFORM ARG USE_CHROMIUM=0 #ARG CHROME_RELEASE=latest #ARG CHROMEDRIVER_MAJOR_RELEASE=latest -ARG CHROME_RELEASE=114.0.5735.90 -ARG CHROMEDRIVER_MAJOR_RELEASE=114 +ARG CHROME_RELEASE=116.0.5845.96 +ARG CHROMEDRIVER_MAJOR_RELEASE=116 COPY rootfs/ / diff --git a/jibri/rootfs/usr/bin/install-chrome.sh b/jibri/rootfs/usr/bin/install-chrome.sh index 5f10aeb3c3..bc7a3b9918 100755 --- a/jibri/rootfs/usr/bin/install-chrome.sh +++ b/jibri/rootfs/usr/bin/install-chrome.sh @@ -28,7 +28,7 @@ else fi CHROMEDRIVER_ZIP="/tmp/chromedriver_linux64.zip" - curl -4Lso ${CHROMEDRIVER_ZIP} "https://chromedriver.storage.googleapis.com/${CHROMEDRIVER_RELEASE}/chromedriver_linux64.zip" + curl -4Lso ${CHROMEDRIVER_ZIP} "https://edgedl.me.gvt1.com/edgedl/chrome/chrome-for-testing/${CHROMEDRIVER_RELEASE}/linux64/chromedriver-linux64.zip" unzip ${CHROMEDRIVER_ZIP} -d /tmp/chromedriver mv /tmp/chromedriver/chromedriver /usr/bin/ chmod +x /usr/bin/chromedriver From fd1c308b494ab90b8c1e84a23e9156662b1e26e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sa=C3=BAl=20Ibarra=20Corretg=C3=A9?= Date: Tue, 12 Sep 2023 09:18:40 +0200 Subject: [PATCH 24/28] jibri: fix new ChromeDriver API endpoints --- jibri/rootfs/usr/bin/install-chrome.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/jibri/rootfs/usr/bin/install-chrome.sh b/jibri/rootfs/usr/bin/install-chrome.sh index bc7a3b9918..0fb65642f4 100755 --- a/jibri/rootfs/usr/bin/install-chrome.sh +++ b/jibri/rootfs/usr/bin/install-chrome.sh @@ -22,9 +22,9 @@ else google-chrome --version if [ "${CHROMEDRIVER_MAJOR_RELEASE}" = "latest" ]; then - CHROMEDRIVER_RELEASE="$(curl -4Ls https://chromedriver.storage.googleapis.com/LATEST_RELEASE)" + CHROMEDRIVER_RELEASE="$(curl -4Ls https://googlechromelabs.github.io/chrome-for-testing/LATEST_RELEASE_STABLE)" else - CHROMEDRIVER_RELEASE="$(curl -4Ls https://chromedriver.storage.googleapis.com/LATEST_RELEASE_${CHROMEDRIVER_MAJOR_RELEASE})" + CHROMEDRIVER_RELEASE="$(curl -4Ls https://googlechromelabs.github.io/chrome-for-testing/LATEST_RELEASE_${CHROMEDRIVER_MAJOR_RELEASE})" fi CHROMEDRIVER_ZIP="/tmp/chromedriver_linux64.zip" From a76b1f4b4a1c525d5b175815bcd1983ac542579e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sa=C3=BAl=20Ibarra=20Corretg=C3=A9?= Date: Tue, 12 Sep 2023 09:24:05 +0200 Subject: [PATCH 25/28] jibri: simplify ChromeDriver download --- jibri/Dockerfile | 3 +-- jibri/rootfs/usr/bin/install-chrome.sh | 9 ++++++--- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/jibri/Dockerfile b/jibri/Dockerfile index e8da8cf70e..52f8698cba 100644 --- a/jibri/Dockerfile +++ b/jibri/Dockerfile @@ -11,9 +11,8 @@ LABEL org.opencontainers.image.documentation="https://jitsi.github.io/handbook/" ARG TARGETPLATFORM ARG USE_CHROMIUM=0 #ARG CHROME_RELEASE=latest -#ARG CHROMEDRIVER_MAJOR_RELEASE=latest +# https://googlechromelabs.github.io/chrome-for-testing/ ARG CHROME_RELEASE=116.0.5845.96 -ARG CHROMEDRIVER_MAJOR_RELEASE=116 COPY rootfs/ / diff --git a/jibri/rootfs/usr/bin/install-chrome.sh b/jibri/rootfs/usr/bin/install-chrome.sh index 0fb65642f4..6665d063eb 100755 --- a/jibri/rootfs/usr/bin/install-chrome.sh +++ b/jibri/rootfs/usr/bin/install-chrome.sh @@ -21,10 +21,13 @@ else google-chrome --version - if [ "${CHROMEDRIVER_MAJOR_RELEASE}" = "latest" ]; then - CHROMEDRIVER_RELEASE="$(curl -4Ls https://googlechromelabs.github.io/chrome-for-testing/LATEST_RELEASE_STABLE)" + BASE_URL=https://googlechromelabs.github.io/chrome-for-testing + + if [ "${CHROME_RELEASE}" = "latest" ]; then + CHROMEDRIVER_RELEASE="$(curl -4Ls ${BASE_URL}/LATEST_RELEASE_STABLE)" else - CHROMEDRIVER_RELEASE="$(curl -4Ls https://googlechromelabs.github.io/chrome-for-testing/LATEST_RELEASE_${CHROMEDRIVER_MAJOR_RELEASE})" + CHROMEDRIVER_MAJOR_RELEASE=$(echo $CHROME_RELEASE | cut -d. -f1) + CHROMEDRIVER_RELEASE="$(curl -4Ls ${BASE_URL}/LATEST_RELEASE_${CHROMEDRIVER_MAJOR_RELEASE})" fi CHROMEDRIVER_ZIP="/tmp/chromedriver_linux64.zip" From 603d4611792e67c48f6623b49fd956c4eab23cef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sa=C3=BAl=20Ibarra=20Corretg=C3=A9?= Date: Tue, 12 Sep 2023 09:46:46 +0200 Subject: [PATCH 26/28] jibri: adapt to new ChromeDriver zip file structure --- jibri/rootfs/usr/bin/install-chrome.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/jibri/rootfs/usr/bin/install-chrome.sh b/jibri/rootfs/usr/bin/install-chrome.sh index 6665d063eb..8a291108f0 100755 --- a/jibri/rootfs/usr/bin/install-chrome.sh +++ b/jibri/rootfs/usr/bin/install-chrome.sh @@ -32,8 +32,8 @@ else CHROMEDRIVER_ZIP="/tmp/chromedriver_linux64.zip" curl -4Lso ${CHROMEDRIVER_ZIP} "https://edgedl.me.gvt1.com/edgedl/chrome/chrome-for-testing/${CHROMEDRIVER_RELEASE}/linux64/chromedriver-linux64.zip" - unzip ${CHROMEDRIVER_ZIP} -d /tmp/chromedriver - mv /tmp/chromedriver/chromedriver /usr/bin/ + unzip ${CHROMEDRIVER_ZIP} -d /tmp/ + mv /tmp/chromedriver-linux64/chromedriver /usr/bin/ chmod +x /usr/bin/chromedriver rm -rf /tmp/chromedriver* fi From b3abfc0b0b0edb5f0f85598443d0a7c4755dbb8f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sa=C3=BAl=20Ibarra=20Corretg=C3=A9?= Date: Tue, 12 Sep 2023 10:29:30 +0200 Subject: [PATCH 27/28] ci: split unstable build and test workflows (#1601) * ci: split unstable build and test workflows In order to make multi-arch builds the buildx action will use the docker-container driver, which does not support loading images, and thus the jvb image won't be built based on the "base-java" image, in turn based on the "base" image. That works only when pushing. If we setup buildx to use the "docker" driver it will just build for the current architecture, but it will properly load images and the base images will be used correctly. One downside is that jobs cannot be run in parallel, but it seems to be Fast Enough (R) for now. --- .github/workflows/ci.yml | 84 +++++++++++++++++++++ .github/workflows/unstable.yml | 134 --------------------------------- 2 files changed, 84 insertions(+), 134 deletions(-) create mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000000..c6f7318d2f --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,84 @@ +name: CI Test Build + +on: + pull_request: + push: + branches: + - master + +jobs: + build: + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@v3 + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v2 + with: + driver: docker + + - name: Build base + uses: docker/build-push-action@v2 + with: + context: ./base + load: true + tags: | + jitsi/base:latest + build-args: | + JITSI_RELEASE=unstable + + - name: Build base-java + uses: docker/build-push-action@v2 + with: + context: ./base-java + load: true + tags: | + jitsi/base-java:latest + + - name: Build jibri + uses: docker/build-push-action@v2 + with: + context: ./jibri + load: true + tags: | + jitsi/jibri:latest + + - name: Build jicofo + uses: docker/build-push-action@v2 + with: + context: ./jicofo + load: true + tags: | + jitsi/jicofo:latest + + - name: Build jigasi + uses: docker/build-push-action@v2 + with: + context: ./jigasi + load: true + tags: | + jitsi/jigasi:latest + + - name: Build jvb + uses: docker/build-push-action@v2 + with: + context: ./jvb + load: true + tags: | + jitsi/jvb:latest + + - name: Build prosody + uses: docker/build-push-action@v2 + with: + context: ./prosody + load: true + tags: | + jitsi/prosody:latest + + - name: Build web + uses: docker/build-push-action@v2 + with: + context: ./web + load: true + tags: | + jitsi/web:latest diff --git a/.github/workflows/unstable.yml b/.github/workflows/unstable.yml index db54d1d97c..3dbad53e97 100644 --- a/.github/workflows/unstable.yml +++ b/.github/workflows/unstable.yml @@ -1,7 +1,6 @@ name: Unstable Build on: - pull_request: schedule: - cron: "0 6 * * *" workflow_dispatch: @@ -70,13 +69,11 @@ jobs: uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 - if: ${{ github.event_name != 'pull_request' }} with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push uses: docker/build-push-action@v2 - if: ${{ github.event_name != 'pull_request' }} with: push: true context: ./base @@ -88,19 +85,6 @@ jobs: platforms: linux/amd64,linux/arm64 cache-from: type=gha cache-to: type=gha,mode=max - - name: Dryrun - uses: docker/build-push-action@v2 - if: ${{ github.event_name == 'pull_request' }} - with: - context: ./base - tags: | - jitsi/base:${{ needs.version.outputs.base }} - jitsi/base:${{ needs.version.outputs.date }} - build-args: | - JITSI_RELEASE=unstable - platforms: linux/amd64,linux/arm64 - cache-from: type=gha - cache-to: type=gha,mode=max base-java: runs-on: ubuntu-latest @@ -116,13 +100,11 @@ jobs: uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 - if: ${{ github.event_name != 'pull_request' }} with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push uses: docker/build-push-action@v2 - if: ${{ github.event_name != 'pull_request' }} with: push: true context: ./base-java @@ -135,20 +117,6 @@ jobs: platforms: linux/amd64,linux/arm64 cache-from: type=gha cache-to: type=gha,mode=max - - name: Dryrun - uses: docker/build-push-action@v2 - if: ${{ github.event_name == 'pull_request' }} - with: - context: ./base-java - tags: | - jitsi/base-java:${{ needs.version.outputs.base }} - jitsi/base-java:${{ needs.version.outputs.date }} - build-args: | - JITSI_REPO=jitsi - BASE_TAG=${{ needs.version.outputs.base }} - platforms: linux/amd64,linux/arm64 - cache-from: type=gha - cache-to: type=gha,mode=max jibri: runs-on: ubuntu-latest @@ -164,13 +132,11 @@ jobs: uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 - if: ${{ github.event_name != 'pull_request' }} with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push uses: docker/build-push-action@v2 - if: ${{ github.event_name != 'pull_request' }} with: push: true context: ./jibri @@ -184,21 +150,6 @@ jobs: platforms: linux/amd64,linux/arm64 cache-from: type=gha cache-to: type=gha,mode=max - - name: Dryrun - uses: docker/build-push-action@v2 - if: ${{ github.event_name == 'pull_request' }} - with: - context: ./jibri - tags: | - jitsi/jibri:${{ needs.version.outputs.base }} - jitsi/jibri:${{ needs.version.outputs.date }} - jitsi/jibri:${{ needs.version.outputs.jibri_version }} - build-args: | - JITSI_REPO=jitsi - BASE_TAG=${{ needs.version.outputs.base }} - platforms: linux/amd64,linux/arm64 - cache-from: type=gha - cache-to: type=gha,mode=max jicofo: runs-on: ubuntu-latest @@ -214,13 +165,11 @@ jobs: uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 - if: ${{ github.event_name != 'pull_request' }} with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push uses: docker/build-push-action@v2 - if: ${{ github.event_name != 'pull_request' }} with: push: true context: ./jicofo @@ -234,21 +183,6 @@ jobs: platforms: linux/amd64,linux/arm64 cache-from: type=gha cache-to: type=gha,mode=max - - name: Dryrun - uses: docker/build-push-action@v2 - if: ${{ github.event_name == 'pull_request' }} - with: - context: ./jicofo - tags: | - jitsi/jicofo:${{ needs.version.outputs.base }} - jitsi/jicofo:${{ needs.version.outputs.date }} - jitsi/jicofo:${{ needs.version.outputs.jicofo_version }} - build-args: | - JITSI_REPO=jitsi - BASE_TAG=${{ needs.version.outputs.base }} - platforms: linux/amd64,linux/arm64 - cache-from: type=gha - cache-to: type=gha,mode=max jigasi: runs-on: ubuntu-latest @@ -264,13 +198,11 @@ jobs: uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 - if: ${{ github.event_name != 'pull_request' }} with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push uses: docker/build-push-action@v2 - if: ${{ github.event_name != 'pull_request' }} with: push: true context: ./jigasi @@ -284,21 +216,6 @@ jobs: platforms: linux/amd64,linux/arm64 cache-from: type=gha cache-to: type=gha,mode=max - - name: Dryrun - uses: docker/build-push-action@v2 - if: ${{ github.event_name == 'pull_request' }} - with: - context: ./jigasi - tags: | - jitsi/jigasi:${{ needs.version.outputs.base }} - jitsi/jigasi:${{ needs.version.outputs.date }} - jitsi/jigasi:${{ needs.version.outputs.jigasi_version }} - build-args: | - JITSI_REPO=jitsi - BASE_TAG=${{ needs.version.outputs.base }} - platforms: linux/amd64,linux/arm64 - cache-from: type=gha - cache-to: type=gha,mode=max jvb: runs-on: ubuntu-latest @@ -314,13 +231,11 @@ jobs: uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 - if: ${{ github.event_name != 'pull_request' }} with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push uses: docker/build-push-action@v2 - if: ${{ github.event_name != 'pull_request' }} with: push: true context: ./jvb @@ -334,21 +249,6 @@ jobs: platforms: linux/amd64,linux/arm64 cache-from: type=gha cache-to: type=gha,mode=max - - name: Dryrun - uses: docker/build-push-action@v2 - if: ${{ github.event_name == 'pull_request' }} - with: - context: ./jvb - tags: | - jitsi/jvb:${{ needs.version.outputs.base }} - jitsi/jvb:${{ needs.version.outputs.date }} - jitsi/jvb:${{ needs.version.outputs.jvb_version }} - build-args: | - JITSI_REPO=jitsi - BASE_TAG=${{ needs.version.outputs.base }} - platforms: linux/amd64,linux/arm64 - cache-from: type=gha - cache-to: type=gha,mode=max prosody: runs-on: ubuntu-latest @@ -364,13 +264,11 @@ jobs: uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 - if: ${{ github.event_name != 'pull_request' }} with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push uses: docker/build-push-action@v2 - if: ${{ github.event_name != 'pull_request' }} with: push: true context: ./prosody @@ -384,21 +282,6 @@ jobs: platforms: linux/amd64,linux/arm64 cache-from: type=gha cache-to: type=gha,mode=max - - name: Dryrun - uses: docker/build-push-action@v2 - if: ${{ github.event_name == 'pull_request' }} - with: - context: ./prosody - tags: | - jitsi/prosody:${{ needs.version.outputs.base }} - jitsi/prosody:${{ needs.version.outputs.date }} - jitsi/prosody:${{ needs.version.outputs.prosody_version }} - build-args: | - JITSI_REPO=jitsi - BASE_TAG=${{ needs.version.outputs.base }} - platforms: linux/amd64,linux/arm64 - cache-from: type=gha - cache-to: type=gha,mode=max web: runs-on: ubuntu-latest @@ -414,13 +297,11 @@ jobs: uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 - if: ${{ github.event_name != 'pull_request' }} with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push uses: docker/build-push-action@v2 - if: ${{ github.event_name != 'pull_request' }} with: push: true context: ./web @@ -434,18 +315,3 @@ jobs: platforms: linux/amd64,linux/arm64 cache-from: type=gha cache-to: type=gha,mode=max - - name: Dryrun - uses: docker/build-push-action@v2 - if: ${{ github.event_name == 'pull_request' }} - with: - context: ./web - tags: | - jitsi/web:${{ needs.version.outputs.base }} - jitsi/web:${{ needs.version.outputs.date }} - jitsi/web:${{ needs.version.outputs.web_version }} - build-args: | - JITSI_REPO=jitsi - BASE_TAG=${{ needs.version.outputs.base }} - platforms: linux/amd64,linux/arm64 - cache-from: type=gha - cache-to: type=gha,mode=max From 38d5db92d51773b9e1e9a094756503e903c76ade Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sa=C3=BAl=20Ibarra=20Corretg=C3=A9?= Date: Tue, 12 Sep 2023 10:48:15 +0200 Subject: [PATCH 28/28] release: stable-8922-1 * b3abfc0 ci: split unstable build and test workflows (#1601) * 603d461 jibri: adapt to new ChromeDriver zip file structure * a76b1f4 jibri: simplify ChromeDriver download * fd1c308 jibri: fix new ChromeDriver API endpoints * 2c0a793 jibri: update Chrome to 116 * 916bccb jibri: autoscaler sidecar tuning parameters * 6e59319 misc: working on unstable --- CHANGELOG.md | 12 ++++++++++++ docker-compose.yml | 8 ++++---- jibri.yml | 2 +- jigasi.yml | 2 +- 4 files changed, 18 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 801e959275..d0b54b1d66 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,15 @@ +## stable-8922-1 + +Based on stable release 8922-1. + +* b3abfc0 ci: split unstable build and test workflows (#1601) +* 603d461 jibri: adapt to new ChromeDriver zip file structure +* a76b1f4 jibri: simplify ChromeDriver download +* fd1c308 jibri: fix new ChromeDriver API endpoints +* 2c0a793 jibri: update Chrome to 116 +* 916bccb jibri: autoscaler sidecar tuning parameters +* 6e59319 misc: working on unstable + ## stable-8922 Based on stable release 8922. diff --git a/docker-compose.yml b/docker-compose.yml index 003d8837d6..4b6bdae70a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.5' services: # Frontend web: - image: jitsi/web:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/web:${JITSI_IMAGE_VERSION:-stable-8922-1} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${HTTP_PORT}:80' @@ -161,7 +161,7 @@ services: # XMPP server prosody: - image: jitsi/prosody:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/prosody:${JITSI_IMAGE_VERSION:-stable-8922-1} restart: ${RESTART_POLICY:-unless-stopped} expose: - '${XMPP_PORT:-5222}' @@ -264,7 +264,7 @@ services: # Focus component jicofo: - image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable-8922-1} restart: ${RESTART_POLICY:-unless-stopped} ports: - '127.0.0.1:${JICOFO_REST_PORT:-8888}:8888' @@ -333,7 +333,7 @@ services: # Video bridge jvb: - image: jitsi/jvb:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/jvb:${JITSI_IMAGE_VERSION:-stable-8922-1} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp' diff --git a/jibri.yml b/jibri.yml index a66613a5f3..56f3c146f6 100644 --- a/jibri.yml +++ b/jibri.yml @@ -2,7 +2,7 @@ version: '3.5' services: jibri: - image: jitsi/jibri:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/jibri:${JITSI_IMAGE_VERSION:-stable-8922-1} restart: ${RESTART_POLICY:-unless-stopped} volumes: - ${CONFIG}/jibri:/config:Z diff --git a/jigasi.yml b/jigasi.yml index 210d5916cc..1744d07e83 100644 --- a/jigasi.yml +++ b/jigasi.yml @@ -3,7 +3,7 @@ version: '3.5' services: # SIP gateway (audio) jigasi: - image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-unstable} + image: jitsi/jigasi:${JITSI_IMAGE_VERSION:-stable-8922-1} restart: ${RESTART_POLICY:-unless-stopped} ports: - '${JIGASI_PORT_MIN:-20000}-${JIGASI_PORT_MAX:-20050}:${JIGASI_PORT_MIN:-20000}-${JIGASI_PORT_MAX:-20050}/udp'