From 4a772e50f4fe02bc2041078bfe350510e8b5f52a Mon Sep 17 00:00:00 2001 From: ewang Date: Fri, 21 May 2021 15:26:06 +0200 Subject: [PATCH 1/4] Allow Jitsi XMPP webscoket support for users using own webserver. Added: - Conditional localhost Port bindings for Jitsi Prosody systemd template - Added variable to main.yml to allow overriding from vars.yml --- roles/matrix-jitsi/defaults/main.yml | 2 +- .../templates/prosody/matrix-jitsi-prosody.service.j2 | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index 7dcff9872..9d092b533 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -175,7 +175,7 @@ matrix_jitsi_prosody_container_extra_arguments: [] # List of systemd services that matrix-jitsi-prosody.service depends on matrix_jitsi_prosody_systemd_required_services_list: ['docker.service'] - +matrix_jitsi_prosody_container_http_host_bind_port: '' matrix_jitsi_jicofo_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/jicofo:{{ matrix_jitsi_container_image_tag }}" matrix_jitsi_jicofo_docker_image_force_pull: "{{ matrix_jitsi_jicofo_docker_image.endswith(':latest') }}" diff --git a/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 b/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 index b3525a745..48036fb52 100644 --- a/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 +++ b/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 @@ -16,6 +16,9 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-prosody \ --log-driver=none \ --network={{ matrix_docker_network }} \ + {% if matrix_jitsi_prosody_container_http_host_bind_port %} + -p {{ matrix_jitsi_prosody_container_http_host_bind_port }}:{{ matrix_jitsi_prosody_container_http_host_bind_port }} + {% endif %} --env-file={{ matrix_jitsi_prosody_base_path }}/env \ --mount type=bind,src={{ matrix_jitsi_prosody_config_path }},dst=/config \ --mount type=bind,src={{ matrix_jitsi_prosody_plugins_path }},dst=/prosody-plugins-custom \ From 1bb6ed97aeaad2f40d802a4fb06a50148aa7354d Mon Sep 17 00:00:00 2001 From: ewang Date: Sat, 22 May 2021 15:53:42 +0200 Subject: [PATCH 2/4] Make port bindings default for those disabling nginx proxy I changed the conditional statement in prosody systemd template to bind the localhost port by default if people have set ```matrix_nginx_proxy_enabled == false ```. Hopefully that should make it the default behaviour now. --- .../templates/prosody/matrix-jitsi-prosody.service.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 b/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 index 48036fb52..0d604e129 100644 --- a/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 +++ b/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 @@ -16,8 +16,8 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-prosody \ --log-driver=none \ --network={{ matrix_docker_network }} \ - {% if matrix_jitsi_prosody_container_http_host_bind_port %} - -p {{ matrix_jitsi_prosody_container_http_host_bind_port }}:{{ matrix_jitsi_prosody_container_http_host_bind_port }} + {% if matrix_nginx_proxy_enabled == false %} + -p {{ matrix_jitsi_prosody_container_http_host_bind_port }}:5280 \ {% endif %} --env-file={{ matrix_jitsi_prosody_base_path }}/env \ --mount type=bind,src={{ matrix_jitsi_prosody_config_path }},dst=/config \ From ef6a7e051c18d6fb465f1c3373e77c8e49eff56b Mon Sep 17 00:00:00 2001 From: Eagle-251 <70513930+Eagle-251@users.noreply.github.com> Date: Sat, 22 May 2021 15:55:50 +0200 Subject: [PATCH 3/4] Fix missing port binding. --- roles/matrix-jitsi/defaults/main.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index 9d092b533..811df1338 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -175,7 +175,9 @@ matrix_jitsi_prosody_container_extra_arguments: [] # List of systemd services that matrix-jitsi-prosody.service depends on matrix_jitsi_prosody_systemd_required_services_list: ['docker.service'] -matrix_jitsi_prosody_container_http_host_bind_port: '' + +# Neccessary Port binding for those disabling the integrated nginx proxy +matrix_jitsi_prosody_container_http_host_bind_port: 5280 matrix_jitsi_jicofo_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/jicofo:{{ matrix_jitsi_container_image_tag }}" matrix_jitsi_jicofo_docker_image_force_pull: "{{ matrix_jitsi_jicofo_docker_image.endswith(':latest') }}" From 409cd2b9a36b384055226a0d274cba4ef81a458e Mon Sep 17 00:00:00 2001 From: ewang Date: Sun, 23 May 2021 14:06:18 +0200 Subject: [PATCH 4/4] Source port binding from group vars in line other components --- group_vars/matrix_servers | 2 ++ roles/matrix-jitsi/defaults/main.yml | 2 +- .../templates/prosody/matrix-jitsi-prosody.service.j2 | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index e9be72ca3..86f1d5a36 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1053,6 +1053,8 @@ matrix_jitsi_web_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_ena matrix_jitsi_jvb_container_colibri_ws_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:13090' }}" +matrix_jitsi_prosody_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:5280' }}" + matrix_jitsi_jibri_xmpp_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'jibri') | to_uuid }}" matrix_jitsi_jicofo_auth_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'jicofo') | to_uuid }}" matrix_jitsi_jvb_auth_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'jvb') | to_uuid }}" diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index 811df1338..14545bc97 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -177,7 +177,7 @@ matrix_jitsi_prosody_container_extra_arguments: [] matrix_jitsi_prosody_systemd_required_services_list: ['docker.service'] # Neccessary Port binding for those disabling the integrated nginx proxy -matrix_jitsi_prosody_container_http_host_bind_port: 5280 +matrix_jitsi_prosody_container_http_host_bind_port: '' matrix_jitsi_jicofo_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/jicofo:{{ matrix_jitsi_container_image_tag }}" matrix_jitsi_jicofo_docker_image_force_pull: "{{ matrix_jitsi_jicofo_docker_image.endswith(':latest') }}" diff --git a/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 b/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 index 0d604e129..4445e52bd 100644 --- a/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 +++ b/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 @@ -16,7 +16,7 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-prosody \ --log-driver=none \ --network={{ matrix_docker_network }} \ - {% if matrix_nginx_proxy_enabled == false %} + {% if matrix_jitsi_prosody_container_http_host_bind_port %} -p {{ matrix_jitsi_prosody_container_http_host_bind_port }}:5280 \ {% endif %} --env-file={{ matrix_jitsi_prosody_base_path }}/env \