2025-09-07 13:20:49 -05:00
|
|
|
# services/jitsi/deployment.yaml
|
|
|
|
|
apiVersion: apps/v1
|
|
|
|
|
kind: Deployment
|
|
|
|
|
metadata:
|
|
|
|
|
name: jitsi-prosody
|
|
|
|
|
namespace: jitsi
|
|
|
|
|
spec:
|
2025-09-08 21:58:50 -05:00
|
|
|
replicas: 0
|
2025-09-07 13:20:49 -05:00
|
|
|
selector:
|
|
|
|
|
matchLabels: { app: jitsi-prosody }
|
|
|
|
|
template:
|
|
|
|
|
metadata:
|
|
|
|
|
labels: { app: jitsi-prosody }
|
|
|
|
|
spec:
|
|
|
|
|
nodeSelector:
|
2025-09-08 21:58:50 -05:00
|
|
|
kubernetes.io/hostname: titan-22
|
2025-09-07 13:20:49 -05:00
|
|
|
kubernetes.io/arch: amd64
|
|
|
|
|
containers:
|
|
|
|
|
- name: prosody
|
|
|
|
|
image: jitsi/prosody:stable
|
|
|
|
|
ports:
|
|
|
|
|
- { name: c2s, containerPort: 5222, protocol: TCP }
|
|
|
|
|
- { name: http, containerPort: 5280, protocol: TCP }
|
|
|
|
|
- { name: comp, containerPort: 5347, protocol: TCP }
|
|
|
|
|
env:
|
|
|
|
|
- { name: XMPP_DOMAIN, value: "meet.jitsi" }
|
|
|
|
|
- { name: XMPP_AUTH_DOMAIN, value: "auth.meet.jitsi" }
|
|
|
|
|
- { name: XMPP_MUC_DOMAIN, value: "muc.meet.jitsi" }
|
|
|
|
|
- { name: XMPP_INTERNAL_MUC_DOMAIN, value: "internal-muc.meet.jitsi" }
|
|
|
|
|
- { name: ENABLE_AUTH, value: "0" } # open instance, no auth (fastest path)
|
|
|
|
|
- { name: ENABLE_GUESTS, value: "1" }
|
|
|
|
|
- { name: JICOFO_AUTH_USER, value: "focus" }
|
|
|
|
|
- { name: JVB_AUTH_USER, value: "jvb" }
|
|
|
|
|
- name: JICOFO_AUTH_PASSWORD
|
|
|
|
|
valueFrom: { secretKeyRef: { name: jitsi-internal-secrets, key: JICOFO_AUTH_PASSWORD } }
|
|
|
|
|
- name: JICOFO_COMPONENT_SECRET
|
|
|
|
|
valueFrom: { secretKeyRef: { name: jitsi-internal-secrets, key: JICOFO_COMPONENT_SECRET } }
|
|
|
|
|
- name: JVB_AUTH_PASSWORD
|
|
|
|
|
valueFrom: { secretKeyRef: { name: jitsi-internal-secrets, key: JVB_AUTH_PASSWORD } }
|
|
|
|
|
volumeMounts:
|
|
|
|
|
- { name: cfg, mountPath: /config }
|
|
|
|
|
volumes:
|
|
|
|
|
- name: cfg
|
|
|
|
|
persistentVolumeClaim: { claimName: jitsi-prosody-config }
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
apiVersion: apps/v1
|
|
|
|
|
kind: Deployment
|
|
|
|
|
metadata:
|
|
|
|
|
name: jitsi-jicofo
|
|
|
|
|
namespace: jitsi
|
|
|
|
|
spec:
|
2025-09-08 21:58:50 -05:00
|
|
|
replicas: 0
|
2025-09-07 13:20:49 -05:00
|
|
|
selector:
|
|
|
|
|
matchLabels: { app: jitsi-jicofo }
|
|
|
|
|
template:
|
|
|
|
|
metadata:
|
|
|
|
|
labels: { app: jitsi-jicofo }
|
|
|
|
|
spec:
|
|
|
|
|
nodeSelector:
|
|
|
|
|
kubernetes.io/hostname: titan-22
|
|
|
|
|
kubernetes.io/arch: amd64
|
|
|
|
|
containers:
|
|
|
|
|
- name: jicofo
|
|
|
|
|
image: jitsi/jicofo:stable
|
|
|
|
|
env:
|
|
|
|
|
- { name: XMPP_DOMAIN, value: "meet.jitsi" }
|
|
|
|
|
- { name: XMPP_AUTH_DOMAIN, value: "auth.meet.jitsi" }
|
|
|
|
|
- { name: XMPP_MUC_DOMAIN, value: "muc.meet.jitsi" }
|
|
|
|
|
- { name: XMPP_INTERNAL_MUC_DOMAIN, value: "internal-muc.meet.jitsi" }
|
|
|
|
|
- { name: XMPP_SERVER, value: "jitsi-prosody.jitsi.svc.cluster.local" }
|
|
|
|
|
- { name: JICOFO_AUTH_USER, value: "focus" }
|
|
|
|
|
- name: JICOFO_AUTH_PASSWORD
|
|
|
|
|
valueFrom: { secretKeyRef: { name: jitsi-internal-secrets, key: JICOFO_AUTH_PASSWORD } }
|
|
|
|
|
- name: JICOFO_COMPONENT_SECRET
|
|
|
|
|
valueFrom: { secretKeyRef: { name: jitsi-internal-secrets, key: JICOFO_COMPONENT_SECRET } }
|
|
|
|
|
- { name: JVB_BREWERY_MUC, value: "jvbbrewery" }
|
|
|
|
|
volumeMounts:
|
|
|
|
|
- { name: cfg, mountPath: /config }
|
|
|
|
|
volumes:
|
|
|
|
|
- name: cfg
|
|
|
|
|
persistentVolumeClaim: { claimName: jitsi-jicofo-config }
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
apiVersion: apps/v1
|
|
|
|
|
kind: Deployment
|
|
|
|
|
metadata:
|
|
|
|
|
name: jitsi-jvb
|
|
|
|
|
namespace: jitsi
|
|
|
|
|
spec:
|
2025-09-08 21:58:50 -05:00
|
|
|
replicas: 0
|
2025-09-07 13:20:49 -05:00
|
|
|
selector:
|
|
|
|
|
matchLabels: { app: jitsi-jvb }
|
|
|
|
|
template:
|
|
|
|
|
metadata:
|
|
|
|
|
labels: { app: jitsi-jvb }
|
|
|
|
|
spec:
|
|
|
|
|
nodeSelector:
|
|
|
|
|
kubernetes.io/hostname: titan-22
|
|
|
|
|
kubernetes.io/arch: amd64
|
|
|
|
|
containers:
|
|
|
|
|
- name: jvb
|
|
|
|
|
image: jitsi/jvb:stable
|
|
|
|
|
ports:
|
|
|
|
|
- { name: colibri-ws, containerPort: 9090, protocol: TCP } # WebSocket control channel
|
|
|
|
|
- { name: rtp-udp, containerPort: 10000, hostPort: 10000, protocol: UDP } # media
|
2025-09-07 14:31:53 -05:00
|
|
|
- { name: rtp-tcp, containerPort: 4443, hostPort: 4443, protocol: TCP }
|
2025-09-07 13:20:49 -05:00
|
|
|
env:
|
|
|
|
|
- { name: XMPP_DOMAIN, value: "meet.jitsi" }
|
|
|
|
|
- { name: XMPP_AUTH_DOMAIN, value: "auth.meet.jitsi" }
|
|
|
|
|
- { name: XMPP_MUC_DOMAIN, value: "muc.meet.jitsi" }
|
|
|
|
|
- { name: XMPP_INTERNAL_MUC_DOMAIN, value: "internal-muc.meet.jitsi" }
|
|
|
|
|
- { name: XMPP_SERVER, value: "jitsi-prosody.jitsi.svc.cluster.local" }
|
|
|
|
|
- { name: JVB_AUTH_USER, value: "jvb" }
|
|
|
|
|
- name: JVB_AUTH_PASSWORD
|
|
|
|
|
valueFrom: { secretKeyRef: { name: jitsi-internal-secrets, key: JVB_AUTH_PASSWORD } }
|
|
|
|
|
- { name: JVB_BREWERY_MUC, value: "jvbbrewery" }
|
|
|
|
|
- { name: JVB_PORT, value: "10000" } # matches hostPort above
|
|
|
|
|
- { name: ENABLE_COLIBRI_WEBSOCKET, value: "1" } # enables /colibri-ws
|
2025-09-07 14:31:53 -05:00
|
|
|
# - { name: JVB_STUN_SERVERS, value: "stun.l.google.com:19302,stun1.l.google.com:19302,meet-jit-si-turnrelay.jitsi.net:443" }
|
|
|
|
|
- { name: JVB_ENABLE_APIS, value: "rest,colibri" }
|
|
|
|
|
- { name: JVB_WS_DOMAIN, value: "meet.bstein.dev:443" }
|
|
|
|
|
- { name: JVB_WS_TLS, value: "true" }
|
|
|
|
|
- { name: JVB_ADVERTISE_IPS, value: "38.28.125.112" }
|
|
|
|
|
- { name: JVB_TCP_HARVESTER_DISABLED, value: "false" }
|
|
|
|
|
- { name: JVB_TCP_PORT, value: "4443" }
|
2025-09-07 13:20:49 -05:00
|
|
|
volumeMounts:
|
|
|
|
|
- { name: cfg, mountPath: /config }
|
|
|
|
|
volumes:
|
|
|
|
|
- name: cfg
|
|
|
|
|
persistentVolumeClaim: { claimName: jitsi-jvb-config }
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
apiVersion: apps/v1
|
|
|
|
|
kind: Deployment
|
|
|
|
|
metadata:
|
|
|
|
|
name: jitsi-web
|
|
|
|
|
namespace: jitsi
|
|
|
|
|
spec:
|
2025-09-08 21:58:50 -05:00
|
|
|
replicas: 0
|
2025-09-07 13:20:49 -05:00
|
|
|
selector:
|
|
|
|
|
matchLabels: { app: jitsi-web }
|
|
|
|
|
template:
|
|
|
|
|
metadata:
|
|
|
|
|
labels: { app: jitsi-web }
|
|
|
|
|
spec:
|
|
|
|
|
nodeSelector:
|
|
|
|
|
kubernetes.io/hostname: titan-22
|
|
|
|
|
kubernetes.io/arch: amd64
|
|
|
|
|
containers:
|
|
|
|
|
- name: web
|
|
|
|
|
image: jitsi/web:stable
|
|
|
|
|
ports:
|
|
|
|
|
- { name: http, containerPort: 80, protocol: TCP }
|
|
|
|
|
env:
|
|
|
|
|
- { name: PUBLIC_URL, value: "https://meet.bstein.dev" }
|
|
|
|
|
- { name: XMPP_DOMAIN, value: "meet.jitsi" }
|
|
|
|
|
- { name: XMPP_AUTH_DOMAIN, value: "auth.meet.jitsi" }
|
|
|
|
|
- { name: XMPP_MUC_DOMAIN, value: "muc.meet.jitsi" }
|
|
|
|
|
- { name: XMPP_INTERNAL_MUC_DOMAIN, value: "internal-muc.meet.jitsi" }
|
2025-09-07 14:31:53 -05:00
|
|
|
- { name: XMPP_BOSH_URL_BASE, value: "https://meet.bstein.dev" }
|
2025-09-07 13:20:49 -05:00
|
|
|
- { name: ENABLE_XMPP_WEBSOCKET, value: "1" }
|
|
|
|
|
- { name: ENABLE_COLIBRI_WEBSOCKET, value: "1" }
|
|
|
|
|
volumeMounts:
|
|
|
|
|
- { name: cfg, mountPath: /config }
|
|
|
|
|
volumes:
|
|
|
|
|
- name: cfg
|
|
|
|
|
persistentVolumeClaim: { claimName: jitsi-web-config }
|
