178 lines
6.3 KiB
YAML
178 lines
6.3 KiB
YAML
# Jeffsi Meet - Docker Compose for Traefik + Cloudflare Tunnel
|
|
# Based on docker-jitsi-meet, customized for Netcup RS 8000 deployment
|
|
|
|
services:
|
|
# Frontend - Web interface
|
|
web:
|
|
image: jitsi/web:${JITSI_IMAGE_VERSION:-stable}
|
|
restart: ${RESTART_POLICY:-unless-stopped}
|
|
# No HTTP/HTTPS ports - Traefik handles incoming traffic
|
|
volumes:
|
|
- ${CONFIG}/web:/config:Z
|
|
- ${CONFIG}/web/crontabs:/var/spool/cron/crontabs:Z
|
|
- ${CONFIG}/transcripts:/usr/share/jitsi-meet/transcripts:Z
|
|
# Custom branding
|
|
- ./branding/images:/usr/share/jitsi-meet/images/custom:ro
|
|
- ./branding/interface_config.js:/defaults/interface_config.js:ro
|
|
labels:
|
|
# Traefik routing - web entrypoint (Cloudflare tunnel sends to :80)
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.jeffsi-meet.rule=Host(`meet.jeffemmett.com`)"
|
|
- "traefik.http.routers.jeffsi-meet.entrypoints=web"
|
|
- "traefik.http.services.jeffsi-meet.loadbalancer.server.port=80"
|
|
# BOSH/WebSocket support - tell Jitsi the original request was HTTPS
|
|
- "traefik.http.middlewares.jeffsi-meet-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
|
|
- "traefik.http.routers.jeffsi-meet.middlewares=jeffsi-meet-headers"
|
|
environment:
|
|
# Basic
|
|
- PUBLIC_URL=https://meet.jeffemmett.com
|
|
- TZ=${TZ:-UTC}
|
|
# Features
|
|
- ENABLE_COLIBRI_WEBSOCKET=1
|
|
- ENABLE_XMPP_WEBSOCKET=1
|
|
- ENABLE_PREJOIN_PAGE=true
|
|
- ENABLE_WELCOME_PAGE=false
|
|
- ENABLE_CLOSE_PAGE=true
|
|
- ENABLE_P2P=true
|
|
- ENABLE_SIMULCAST=true
|
|
- ENABLE_BREAKOUT_ROOMS=true
|
|
# Disable HTTPS in container (Traefik handles TLS)
|
|
- DISABLE_HTTPS=1
|
|
# Auth
|
|
- ENABLE_AUTH
|
|
- ENABLE_GUESTS
|
|
# Domain config
|
|
- XMPP_DOMAIN=meet.jitsi
|
|
- XMPP_AUTH_DOMAIN=auth.meet.jitsi
|
|
- XMPP_BOSH_URL_BASE=http://prosody:5280
|
|
- XMPP_GUEST_DOMAIN=guest.meet.jitsi
|
|
- XMPP_MUC_DOMAIN=muc.meet.jitsi
|
|
- XMPP_RECORDER_DOMAIN=recorder.meet.jitsi
|
|
# Recording
|
|
- ENABLE_RECORDING
|
|
# Codec preferences
|
|
- CODEC_ORDER_JVB=VP9,VP8,H264
|
|
networks:
|
|
- meet.jitsi
|
|
- traefik-public
|
|
depends_on:
|
|
- prosody
|
|
- jvb
|
|
|
|
# XMPP server
|
|
prosody:
|
|
image: jitsi/prosody:${JITSI_IMAGE_VERSION:-stable}
|
|
restart: ${RESTART_POLICY:-unless-stopped}
|
|
expose:
|
|
- '5222'
|
|
- '5269'
|
|
- '5347'
|
|
- '5280'
|
|
volumes:
|
|
- ${CONFIG}/prosody/config:/config:Z
|
|
- ${CONFIG}/prosody/prosody-plugins-custom:/prosody-plugins-custom:Z
|
|
environment:
|
|
- PUBLIC_URL=https://meet.jeffemmett.com
|
|
- TZ=${TZ:-UTC}
|
|
# Auth
|
|
- AUTH_TYPE=${AUTH_TYPE:-internal}
|
|
- ENABLE_AUTH=${ENABLE_AUTH:-0}
|
|
- ENABLE_GUESTS=${ENABLE_GUESTS:-1}
|
|
# Features
|
|
- ENABLE_BREAKOUT_ROOMS=1
|
|
- ENABLE_LOBBY=1
|
|
- ENABLE_AV_MODERATION=1
|
|
- ENABLE_XMPP_WEBSOCKET=1
|
|
# Credentials
|
|
- JICOFO_AUTH_PASSWORD
|
|
- JVB_AUTH_USER
|
|
- JVB_AUTH_PASSWORD
|
|
- JIBRI_XMPP_USER
|
|
- JIBRI_XMPP_PASSWORD
|
|
- JIBRI_RECORDER_USER
|
|
- JIBRI_RECORDER_PASSWORD
|
|
# JWT (optional)
|
|
- JWT_APP_ID
|
|
- JWT_APP_SECRET
|
|
- JWT_ACCEPTED_ISSUERS
|
|
- JWT_ACCEPTED_AUDIENCES
|
|
# Domain
|
|
- XMPP_DOMAIN=meet.jitsi
|
|
- XMPP_AUTH_DOMAIN=auth.meet.jitsi
|
|
- XMPP_GUEST_DOMAIN=guest.meet.jitsi
|
|
- XMPP_MUC_DOMAIN=muc.meet.jitsi
|
|
- XMPP_INTERNAL_MUC_DOMAIN=internal-muc.meet.jitsi
|
|
- XMPP_RECORDER_DOMAIN=recorder.meet.jitsi
|
|
networks:
|
|
meet.jitsi:
|
|
aliases:
|
|
- xmpp.meet.jitsi
|
|
|
|
# Focus component
|
|
jicofo:
|
|
image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-stable}
|
|
restart: ${RESTART_POLICY:-unless-stopped}
|
|
volumes:
|
|
- ${CONFIG}/jicofo:/config:Z
|
|
environment:
|
|
- TZ=${TZ:-UTC}
|
|
- AUTH_TYPE=${AUTH_TYPE:-internal}
|
|
- ENABLE_AUTH=${ENABLE_AUTH:-0}
|
|
- ENABLE_RECORDING
|
|
- ENABLE_SCTP=1
|
|
# Credentials
|
|
- JICOFO_AUTH_PASSWORD
|
|
# JVB
|
|
- JVB_BREWERY_MUC=jvbbrewery@internal-muc.meet.jitsi
|
|
# Domain
|
|
- XMPP_DOMAIN=meet.jitsi
|
|
- XMPP_AUTH_DOMAIN=auth.meet.jitsi
|
|
- XMPP_INTERNAL_MUC_DOMAIN=internal-muc.meet.jitsi
|
|
- XMPP_MUC_DOMAIN=muc.meet.jitsi
|
|
- XMPP_SERVER=prosody
|
|
networks:
|
|
- meet.jitsi
|
|
depends_on:
|
|
- prosody
|
|
|
|
# Video bridge - handles actual video/audio
|
|
jvb:
|
|
image: jitsi/jvb:${JITSI_IMAGE_VERSION:-stable}
|
|
restart: ${RESTART_POLICY:-unless-stopped}
|
|
ports:
|
|
# UDP for video bridge - MUST be directly exposed (using 10200 to avoid conflict with coturn)
|
|
- '10200:10200/udp'
|
|
volumes:
|
|
- ${CONFIG}/jvb:/config:Z
|
|
environment:
|
|
- TZ=${TZ:-UTC}
|
|
- PUBLIC_URL=https://meet.jeffemmett.com
|
|
# Credentials
|
|
- JVB_AUTH_USER
|
|
- JVB_AUTH_PASSWORD
|
|
- JVB_BREWERY_MUC=jvbbrewery@internal-muc.meet.jitsi
|
|
# Network - IMPORTANT: Set to server's public IP
|
|
- JVB_ADVERTISE_IPS=${JVB_ADVERTISE_IPS}
|
|
- JVB_PORT=10200
|
|
- JVB_STUN_SERVERS=meet-jit-si-turnrelay.jitsi.net:443
|
|
# WebSocket
|
|
- ENABLE_COLIBRI_WEBSOCKET=1
|
|
- JVB_WS_DOMAIN=meet.jeffemmett.com
|
|
- JVB_WS_SERVER_ID=default-id
|
|
# Domain
|
|
- XMPP_AUTH_DOMAIN=auth.meet.jitsi
|
|
- XMPP_INTERNAL_MUC_DOMAIN=internal-muc.meet.jitsi
|
|
- XMPP_SERVER=prosody
|
|
# Memory
|
|
- VIDEOBRIDGE_MAX_MEMORY=${VIDEOBRIDGE_MAX_MEMORY:-3072m}
|
|
networks:
|
|
- meet.jitsi
|
|
depends_on:
|
|
- prosody
|
|
|
|
networks:
|
|
meet.jitsi:
|
|
driver: bridge
|
|
traefik-public:
|
|
external: true
|