Make JVB websockets reverse-proxying work

This commit is contained in:
Slavi Pantaleev 2020-11-27 17:57:07 +02:00
parent fa76128fd8
commit b354155d7c
4 changed files with 31 additions and 0 deletions

View File

@ -671,6 +671,8 @@ matrix_jitsi_enabled: false
# the Jitsi HTTP port to the local host. # the Jitsi HTTP port to the local host.
matrix_jitsi_web_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:12080' }}" matrix_jitsi_web_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:12080' }}"
matrix_jitsi_jvb_container_colibri_ws_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:12090' }}"
matrix_jitsi_jibri_xmpp_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'jibri') | to_uuid }}" matrix_jitsi_jibri_xmpp_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'jibri') | to_uuid }}"
matrix_jitsi_jicofo_auth_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'jicofo') | to_uuid }}" matrix_jitsi_jicofo_auth_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'jicofo') | to_uuid }}"
matrix_jitsi_jvb_auth_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'jvb') | to_uuid }}" matrix_jitsi_jvb_auth_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'jvb') | to_uuid }}"

View File

@ -247,3 +247,8 @@ matrix_jitsi_jvb_container_rtp_udp_host_bind_port: "{{ matrix_jitsi_jvb_rtp_udp_
# #
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:4443"), or empty string to not expose. # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:4443"), or empty string to not expose.
matrix_jitsi_jvb_container_rtp_tcp_host_bind_port: "{{ matrix_jitsi_jvb_rtp_tcp_port }}" matrix_jitsi_jvb_container_rtp_tcp_host_bind_port: "{{ matrix_jitsi_jvb_rtp_tcp_port }}"
# Controls whether the matrix-jitsi-jvb container exposes its Colibri WebSocket port (tcp/9090 in the container).
#
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:12090"), or empty string to not expose.
matrix_jitsi_jvb_container_colibri_ws_host_bind_port: ''

View File

@ -21,6 +21,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jvb \
{% if matrix_jitsi_jvb_container_rtp_tcp_host_bind_port %} {% if matrix_jitsi_jvb_container_rtp_tcp_host_bind_port %}
-p {{ matrix_jitsi_jvb_container_rtp_tcp_host_bind_port }}:{{ matrix_jitsi_jvb_rtp_tcp_port }} \ -p {{ matrix_jitsi_jvb_container_rtp_tcp_host_bind_port }}:{{ matrix_jitsi_jvb_rtp_tcp_port }} \
{% endif %} {% endif %}
{% if matrix_jitsi_jvb_container_colibri_ws_host_bind_port %}
-p {{ matrix_jitsi_jvb_container_colibri_ws_host_bind_port }}:9090 \
{% endif %}
--mount type=bind,src={{ matrix_jitsi_jvb_config_path }},dst=/config \ --mount type=bind,src={{ matrix_jitsi_jvb_config_path }},dst=/config \
{% for arg in matrix_jitsi_jvb_container_extra_arguments %} {% for arg in matrix_jitsi_jvb_container_extra_arguments %}
{{ arg }} \ {{ arg }} \

View File

@ -23,6 +23,27 @@
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
} }
# colibri (JVB) websockets
location ~ ^/colibri-ws/([a-zA-Z0-9-\.]+)/(.*) {
{% if matrix_nginx_proxy_enabled %}
resolver 127.0.0.11 valid=5s;
set $backend "matrix-jitsi-jvb:9090";
proxy_pass http://$backend;
{% else %}
{# Generic configuration for use outside of our container setup #}
proxy_pass http://127.0.0.1:12090;
{% endif %}
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
tcp_nodelay on;
}
{% endmacro %} {% endmacro %}
server { server {