Rubisel Prieto Dupeyrón
5 years ago
committed by
GitHub
parent
10983b4d5e
commit
7652807930
@ -0,0 +1,18 @@ |
||||
# Basic configuration to use with the traefik reverse proxy |
||||
|
||||
Note: Tested with traefik 2.1.3 |
||||
|
||||
- When running behind traefik, it's a better practice to remove the port-binds for the web service. |
||||
- The provided example uses an external network with the name "web". This is the network which moste likely was created while setting up traefik. |
||||
- Look for comments starting with **#traefik:** to see the changes made in docker-compose.yml. |
||||
- Traefik obtains Let's Encrypt certificates automatically. |
||||
|
||||
Uncomment and set DOCKER_HOST_ADDRESS in .env. I'm pretty sure, that this is mandatory for the docker-setup and should be clearer in the original README. Could be the proxying, didn't investigate further. |
||||
|
||||
## TODO |
||||
|
||||
Add or rewrite the example with docker-compose extends |
||||
|
||||
````env |
||||
DOCKER_HOST_ADDRESS=1.2.3.4 |
||||
```` |
||||
@ -0,0 +1,174 @@ |
||||
version: '3' |
||||
|
||||
services: |
||||
# Frontend |
||||
web: |
||||
image: jitsi/web |
||||
volumes: |
||||
- ${CONFIG}/web:/config |
||||
- ${CONFIG}/web/letsencrypt:/etc/letsencrypt |
||||
- ${CONFIG}/transcripts:/usr/share/jitsi-meet/transcripts |
||||
environment: |
||||
- ENABLE_AUTH |
||||
- ENABLE_GUESTS |
||||
- ENABLE_LETSENCRYPT |
||||
- ENABLE_HTTP_REDIRECT |
||||
- ENABLE_TRANSCRIPTIONS |
||||
- DISABLE_HTTPS |
||||
- JICOFO_AUTH_USER |
||||
- LETSENCRYPT_DOMAIN |
||||
- LETSENCRYPT_EMAIL |
||||
- PUBLIC_URL |
||||
- XMPP_DOMAIN |
||||
- XMPP_AUTH_DOMAIN |
||||
- XMPP_BOSH_URL_BASE |
||||
- XMPP_GUEST_DOMAIN |
||||
- XMPP_MUC_DOMAIN |
||||
- XMPP_RECORDER_DOMAIN |
||||
- ETHERPAD_URL_BASE |
||||
- TZ |
||||
- JIBRI_BREWERY_MUC |
||||
- JIBRI_PENDING_TIMEOUT |
||||
- JIBRI_XMPP_USER |
||||
- JIBRI_XMPP_PASSWORD |
||||
- JIBRI_RECORDER_USER |
||||
- JIBRI_RECORDER_PASSWORD |
||||
- ENABLE_RECORDING |
||||
networks: |
||||
# traefik: change the following line to your external docker network |
||||
web: |
||||
meet.jitsi: |
||||
aliases: |
||||
- ${XMPP_DOMAIN} |
||||
labels: |
||||
traefik.http.middlewares.redirect.redirectscheme.scheme: https |
||||
traefik.http.routers.app-http.entrypoints: web |
||||
traefik.http.routers.app-http.middlewares: redirect |
||||
traefik.http.routers.app-http.rule: 'Host(`your.host.name`)' |
||||
traefik.http.routers.app.entrypoints: websecure |
||||
traefik.http.routers.app.rule: 'Host(`your.host.name`)' |
||||
traefik.http.routers.app.tls: 'true' |
||||
traefik.http.routers.app.tls.certresolver: le |
||||
traefik.http.services.app.loadbalancer.server.port: 80 |
||||
|
||||
# XMPP server |
||||
prosody: |
||||
image: jitsi/prosody |
||||
expose: |
||||
- '5222' |
||||
- '5347' |
||||
- '5280' |
||||
volumes: |
||||
- ${CONFIG}/prosody:/config |
||||
environment: |
||||
- AUTH_TYPE |
||||
- ENABLE_AUTH |
||||
- ENABLE_GUESTS |
||||
- GLOBAL_MODULES |
||||
- GLOBAL_CONFIG |
||||
- LDAP_URL |
||||
- LDAP_BASE |
||||
- LDAP_BINDDN |
||||
- LDAP_BINDPW |
||||
- LDAP_FILTER |
||||
- LDAP_AUTH_METHOD |
||||
- LDAP_VERSION |
||||
- LDAP_USE_TLS |
||||
- LDAP_TLS_CIPHERS |
||||
- LDAP_TLS_CHECK_PEER |
||||
- LDAP_TLS_CACERT_FILE |
||||
- LDAP_TLS_CACERT_DIR |
||||
- LDAP_START_TLS |
||||
- XMPP_DOMAIN |
||||
- XMPP_AUTH_DOMAIN |
||||
- XMPP_GUEST_DOMAIN |
||||
- XMPP_MUC_DOMAIN |
||||
- XMPP_INTERNAL_MUC_DOMAIN |
||||
- XMPP_MODULES |
||||
- XMPP_MUC_MODULES |
||||
- XMPP_INTERNAL_MUC_MODULES |
||||
- XMPP_RECORDER_DOMAIN |
||||
- JICOFO_COMPONENT_SECRET |
||||
- JICOFO_AUTH_USER |
||||
- JICOFO_AUTH_PASSWORD |
||||
- JVB_AUTH_USER |
||||
- JVB_AUTH_PASSWORD |
||||
- JIGASI_XMPP_USER |
||||
- JIGASI_XMPP_PASSWORD |
||||
- JIBRI_XMPP_USER |
||||
- JIBRI_XMPP_PASSWORD |
||||
- JIBRI_RECORDER_USER |
||||
- JIBRI_RECORDER_PASSWORD |
||||
- JWT_APP_ID |
||||
- JWT_APP_SECRET |
||||
- JWT_ACCEPTED_ISSUERS |
||||
- JWT_ACCEPTED_AUDIENCES |
||||
- JWT_ASAP_KEYSERVER |
||||
- JWT_ALLOW_EMPTY |
||||
- JWT_AUTH_TYPE |
||||
- JWT_TOKEN_AUTH_MODULE |
||||
- LOG_LEVEL |
||||
- TZ |
||||
networks: |
||||
meet.jitsi: |
||||
aliases: |
||||
- ${XMPP_SERVER} |
||||
|
||||
# Focus component |
||||
jicofo: |
||||
image: jitsi/jicofo |
||||
volumes: |
||||
- ${CONFIG}/jicofo:/config |
||||
environment: |
||||
- ENABLE_AUTH |
||||
- XMPP_DOMAIN |
||||
- XMPP_AUTH_DOMAIN |
||||
- XMPP_INTERNAL_MUC_DOMAIN |
||||
- XMPP_SERVER |
||||
- JICOFO_COMPONENT_SECRET |
||||
- JICOFO_AUTH_USER |
||||
- JICOFO_AUTH_PASSWORD |
||||
- JICOFO_RESERVATION_REST_BASE_URL |
||||
- JVB_BREWERY_MUC |
||||
- JIGASI_BREWERY_MUC |
||||
- JIBRI_BREWERY_MUC |
||||
- JIBRI_PENDING_TIMEOUT |
||||
- TZ |
||||
depends_on: |
||||
- prosody |
||||
networks: |
||||
meet.jitsi: |
||||
|
||||
# Video bridge |
||||
jvb: |
||||
image: jitsi/jvb |
||||
ports: |
||||
- '${JVB_PORT}:${JVB_PORT}/udp' |
||||
- '${JVB_TCP_PORT}:${JVB_TCP_PORT}' |
||||
volumes: |
||||
- ${CONFIG}/jvb:/config |
||||
environment: |
||||
- DOCKER_HOST_ADDRESS |
||||
- XMPP_AUTH_DOMAIN |
||||
- XMPP_INTERNAL_MUC_DOMAIN |
||||
- XMPP_SERVER |
||||
- JVB_AUTH_USER |
||||
- JVB_AUTH_PASSWORD |
||||
- JVB_BREWERY_MUC |
||||
- JVB_PORT |
||||
- JVB_TCP_HARVESTER_DISABLED |
||||
- JVB_TCP_PORT |
||||
- JVB_STUN_SERVERS |
||||
- JVB_ENABLE_APIS |
||||
- TZ |
||||
depends_on: |
||||
- prosody |
||||
networks: |
||||
meet.jitsi: |
||||
|
||||
# Custom network so all services can communicate using a FQDN |
||||
networks: |
||||
meet.jitsi: |
||||
# traefik: change the following line to your external docker network |
||||
web: |
||||
external: true |
||||
Loading…
Reference in new issue