From d9486290c25f7ab6a6ec4186c28f5d719d151c45 Mon Sep 17 00:00:00 2001
From: Yohann D'ANELLO <ynerant@crans.org>
Date: Thu, 4 Mar 2021 11:07:47 +0100
Subject: [PATCH 1/4] [jitsi] Prepare Jitsi role
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
---
hosts | 5 +++++
plays/jitsi.yml | 11 +++++++++++
2 files changed, 16 insertions(+)
create mode 100755 plays/jitsi.yml
diff --git a/hosts b/hosts
index 546127cf..c95de5ce 100644
--- a/hosts
+++ b/hosts
@@ -26,6 +26,7 @@ sputnik.adm.crans.org
[certbot:children]
dovecot
gitlab
+jitsi
mailman
radius # We use certbot to manage LE certificates
reverseproxy
@@ -69,6 +70,9 @@ horde.adm.crans.org
[irc]
irc.adm.crans.org
+[jitsi]
+jitsi.adm.crans.org
+
[keepalived:children]
routeurs_vm
@@ -93,6 +97,7 @@ charybde.adm.crans.org
[nginx:children]
django_cas
+jitsi
mailman
reverseproxy
roundcube
diff --git a/plays/jitsi.yml b/plays/jitsi.yml
new file mode 100755
index 00000000..4dbecfec
--- /dev/null
+++ b/plays/jitsi.yml
@@ -0,0 +1,11 @@
+#!/usr/bin/env ansible-playbook
+---
+- hosts: jitsi
+ vars:
+ certbot: '{{ loc_certbot | default(glob_certbot | default([])) }}'
+ nginx: '{{ glob_nginx | default({}) | combine(loc_nginx | default({})) }}'
+ jitsi: '{{ glob_jitsi | default({}) | combine(loc_jitsi | default({})) }}'
+ roles:
+ - jitsi
+ - certbot
+ - nginx
--
GitLab
From 3deae233b135441a1b6a2fd553f0769286969b5c Mon Sep 17 00:00:00 2001
From: Yohann D'ANELLO <ynerant@crans.org>
Date: Thu, 4 Mar 2021 16:12:43 +0100
Subject: [PATCH 2/4] [Jitsi] Add Jitsi role
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
---
group_vars/jitsi.yml | 8 ++
plays/jitsi.yml | 2 +-
roles/jitsi/tasks/main.yml | 81 +++++++++++++++++++
.../apt/sources.list.d/jitsi.list.j2 | 3 +
.../templates/update-motd.d/05-service.j2 | 3 +
5 files changed, 96 insertions(+), 1 deletion(-)
create mode 100644 group_vars/jitsi.yml
create mode 100644 roles/jitsi/tasks/main.yml
create mode 100644 roles/jitsi/templates/apt/sources.list.d/jitsi.list.j2
create mode 100755 roles/jitsi/templates/update-motd.d/05-service.j2
diff --git a/group_vars/jitsi.yml b/group_vars/jitsi.yml
new file mode 100644
index 00000000..d15d25c1
--- /dev/null
+++ b/group_vars/jitsi.yml
@@ -0,0 +1,8 @@
+---
+# We use embedded Jitsi configuration
+loc_nginx:
+ servers: []
+
+glob_jitsi:
+ ip: "{{ query('ldap', 'ip', ansible_hostname, 'srv') }}"
+ hostname: "{{ ansible_hostname }}.crans.org"
diff --git a/plays/jitsi.yml b/plays/jitsi.yml
index 4dbecfec..77395233 100755
--- a/plays/jitsi.yml
+++ b/plays/jitsi.yml
@@ -6,6 +6,6 @@
nginx: '{{ glob_nginx | default({}) | combine(loc_nginx | default({})) }}'
jitsi: '{{ glob_jitsi | default({}) | combine(loc_jitsi | default({})) }}'
roles:
- - jitsi
- certbot
- nginx
+ - jitsi
diff --git a/roles/jitsi/tasks/main.yml b/roles/jitsi/tasks/main.yml
new file mode 100644
index 00000000..988c6bc3
--- /dev/null
+++ b/roles/jitsi/tasks/main.yml
@@ -0,0 +1,81 @@
+---
+- name: Install basic Jitsi dependencies
+ apt:
+ update_cache: true
+ install_recommends: false
+ name:
+ - apt-transport-https
+ - gnupg2
+ - nginx
+ - sudo
+ register: apt_result
+ retries: 3
+ until: apt_result is succeeded
+
+- name: Define host
+ lineinfile:
+ path: /etc/hosts
+ regexp: "^{{ item }}"
+ line: '{{ item }} {{ jitsi.hostname }}'
+ loop: "{{ jitsi.ip }}"
+
+- name: Import public key of Jitsi repository
+ apt_key:
+ url: https://download.jitsi.org/jitsi-key.gpg.key
+
+- name: Configure Jitsi repository
+ template:
+ src: apt/sources.list.d/jitsi.list.j2
+ dest: /etc/apt/sources.list.d/jitsi.list
+ mode: 0644
+ owner: root
+ group: root
+
+- name: Configure debian questions
+ debconf:
+ name: "{{ item.name }}"
+ question: "{{ item.question }}"
+ value: "{{ item.value }}"
+ vtype: "{{ item.vtype }}"
+ loop:
+ - name: jitsi-meet-prosody
+ question: jitsi-videobridge/jvb-hostname
+ value: "{{ jitsi.hostname }}"
+ vtype: "string"
+ - name: jitsi-meet-web-config
+ question: jitsi-meet/cert-choice
+ value: "I want to use my own certificate"
+ vtype: "select"
+ - name: jitsi-meet-web-config
+ question: jitsi-meet/cert-path-crt
+ value: "/etc/letsencrypt/live/{{ certbot[0].certname }}/fullchain.pem"
+ vtype: "string"
+ - name: jitsi-meet-web-config
+ question: jitsi-meet/cert-path-key
+ value: "/etc/letsencrypt/live/{{ certbot[0].certname }}/privkey.pem"
+ vtype: "string"
+
+- name: Install Jitsi-meet
+ apt:
+ update_cache: true
+ install_recommends: false
+ name:
+ - jitsi-meet
+ register: apt_result
+ retries: 3
+ until: apt_result is succeeded
+
+- name: Apply Jitsi configuration
+ lineinfile:
+ path: "/etc/jitsi/meet/{{ jitsi.hostname }}-config.js"
+ regexp: "{{ item }}"
+ line: " {{ item }}: true,"
+ loop:
+ - "liveStreamingEnabled"
+ - "prejoinPageEnabled"
+
+- name: Indicate role in motd
+ template:
+ src: update-motd.d/05-service.j2
+ dest: /etc/update-motd.d/05-jitsi
+ mode: 0755
diff --git a/roles/jitsi/templates/apt/sources.list.d/jitsi.list.j2 b/roles/jitsi/templates/apt/sources.list.d/jitsi.list.j2
new file mode 100644
index 00000000..4d0cc941
--- /dev/null
+++ b/roles/jitsi/templates/apt/sources.list.d/jitsi.list.j2
@@ -0,0 +1,3 @@
+{{ ansible_header | comment }}
+
+deb https://download.jitsi.org stable/
diff --git a/roles/jitsi/templates/update-motd.d/05-service.j2 b/roles/jitsi/templates/update-motd.d/05-service.j2
new file mode 100755
index 00000000..d1f74295
--- /dev/null
+++ b/roles/jitsi/templates/update-motd.d/05-service.j2
@@ -0,0 +1,3 @@
+#!/usr/bin/tail +14
+{{ ansible_header | comment }}
+�[0m> �[38;5;82mJitsi�[0m a été déployé sur cette machine. Voir �[38;5;6m/etc/jitsi/�[0m.
--
GitLab
From b34b1aac4fcb69357e29e487341f1e1f2684bb30 Mon Sep 17 00:00:00 2001
From: Yohann D'ANELLO <ynerant@crans.org>
Date: Thu, 4 Mar 2021 18:03:29 +0100
Subject: [PATCH 3/4] [Jitsi] Remove dependencies that not in the good role
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
---
roles/jitsi/tasks/main.yml | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/roles/jitsi/tasks/main.yml b/roles/jitsi/tasks/main.yml
index 988c6bc3..a9f64c91 100644
--- a/roles/jitsi/tasks/main.yml
+++ b/roles/jitsi/tasks/main.yml
@@ -1,13 +1,11 @@
---
-- name: Install basic Jitsi dependencies
+- name: Install GPG dependencies
apt:
update_cache: true
install_recommends: false
name:
- apt-transport-https
- gnupg2
- - nginx
- - sudo
register: apt_result
retries: 3
until: apt_result is succeeded
--
GitLab
From f9cc32b71bcfc19cbcecb863383870f23a220210 Mon Sep 17 00:00:00 2001
From: Yohann D'ANELLO <ynerant@crans.org>
Date: Thu, 4 Mar 2021 18:08:27 +0100
Subject: [PATCH 4/4] [Jitsi] Put configuration in group vars
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
---
group_vars/jitsi.yml | 3 +++
roles/jitsi/tasks/main.yml | 4 +---
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/group_vars/jitsi.yml b/group_vars/jitsi.yml
index d15d25c1..a9d1b0fc 100644
--- a/group_vars/jitsi.yml
+++ b/group_vars/jitsi.yml
@@ -6,3 +6,6 @@ loc_nginx:
glob_jitsi:
ip: "{{ query('ldap', 'ip', ansible_hostname, 'srv') }}"
hostname: "{{ ansible_hostname }}.crans.org"
+ configuration:
+ - "liveStreamingEnabled"
+ - "prejoinPageEnabled"
diff --git a/roles/jitsi/tasks/main.yml b/roles/jitsi/tasks/main.yml
index a9f64c91..b2500196 100644
--- a/roles/jitsi/tasks/main.yml
+++ b/roles/jitsi/tasks/main.yml
@@ -68,9 +68,7 @@
path: "/etc/jitsi/meet/{{ jitsi.hostname }}-config.js"
regexp: "{{ item }}"
line: " {{ item }}: true,"
- loop:
- - "liveStreamingEnabled"
- - "prejoinPageEnabled"
+ loop: "{{ jitsi.configuration }}"
- name: Indicate role in motd
template:
--
GitLab