From 0d8b66abd77a64dd9192f0e80b3cf954fe3c38d1 Mon Sep 17 00:00:00 2001
From: Antonis Christofides <achristofides@admin.grnet.gr>
Date: Mon, 21 Aug 2023 20:19:52 +0300
Subject: [PATCH 1/2] Simplify additional JVB configuration

The variable matrix_nginx_proxy_proxy_jitsi_additional_jvbs isn't
needed, as this information is already in the inventory.

This contribution is provided by GRNET S.A. (grnet.gr).
---
 docs/configuring-playbook-jitsi.md                   | 12 ------------
 roles/custom/matrix-nginx-proxy/defaults/main.yml    |  9 ---------
 .../templates/nginx/conf.d/matrix-jitsi.conf.j2      |  6 +++---
 3 files changed, 3 insertions(+), 24 deletions(-)

diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md
index 1213f46a..87184f9b 100644
--- a/docs/configuring-playbook-jitsi.md
+++ b/docs/configuring-playbook-jitsi.md
@@ -218,18 +218,6 @@ jitsi_prosody_container_jvb_host_bind_port: 5222
 
 (The default is empty; if it's set then docker forwards the port.)
 
-The nginx configuration will also need to be updated in order to deal with the additional JVB servers. This is achieved via its own configuration variable
-`matrix_nginx_proxy_proxy_jitsi_additional_jvbs`, which contains a dictionary of server ids to ip addresses.
-
-For example,
-
-``` yaml
-matrix_nginx_proxy_proxy_jitsi_additional_jvbs:
-   jvb-2: 192.168.0.2
-   jvb-3: 192.168.0.3
-```
-
-
 Applied together this will allow you to provision extra JVB instances which will register themselves with the prosody service and be available for jicofo
 to route conferences too.
 
diff --git a/roles/custom/matrix-nginx-proxy/defaults/main.yml b/roles/custom/matrix-nginx-proxy/defaults/main.yml
index a817b225..eae9e61b 100644
--- a/roles/custom/matrix-nginx-proxy/defaults/main.yml
+++ b/roles/custom/matrix-nginx-proxy/defaults/main.yml
@@ -701,12 +701,3 @@ matrix_nginx_proxy_proxy_matrix_nginx_status_allowed_addresses: ['{{ ansible_def
 # http://nginx.org/en/docs/ngx_core_module.html#worker_connections
 matrix_nginx_proxy_worker_processes: auto
 matrix_nginx_proxy_worker_connections: 1024
-
-# A mapping of JVB server ids to hostname/ipa addresses used to add additional jvb blocks
-# to the Jitsi's server configuration (matrix-jitsi.conf)
-# Note: avoid using the JVB server id  "jvb-1" as this is reserved for the main host.
-# Example:
-# matrix_nginx_proxy_proxy_jitsi_additional_jvbs:
-#   jvb-2: 192.168.0.1
-#   jvb-3: 192.168.0.2
-matrix_nginx_proxy_proxy_jitsi_additional_jvbs: {}
diff --git a/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2
index 5493c2b0..4a9983f4 100644
--- a/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2
+++ b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2
@@ -53,10 +53,10 @@
 
 		tcp_nodelay on;
 	}
-	{% for id, ip_address in matrix_nginx_proxy_proxy_jitsi_additional_jvbs.items() %}
+	{% for host in groups['jitsi_jvb_servers'] %}
 	# colibri (JVB) websockets for additional JVBs
-	location ~ ^/colibri-ws/{{ id | regex_escape }}/(.*) {
-		proxy_pass http://{{ ip_address }}:9090/colibri-ws/{{ id }}/$1$is_args$args;
+	location ~ ^/colibri-ws/{{ hostvars[host]['jitsi_jvb_server_id'] | regex_escape }}/(.*) {
+		proxy_pass http://{{ host }}:9090/colibri-ws/{{ hostvars[host]['jitsi_jvb_server_id'] }}/$1$is_args$args;
 
 		proxy_set_header Host $host;
 		proxy_set_header X-Forwarded-For {{ matrix_nginx_proxy_x_forwarded_for }};

From 242e0ee829834e28f72eca509218a83c4d37d88d Mon Sep 17 00:00:00 2001
From: Antonis Christofides <achristofides@admin.grnet.gr>
Date: Wed, 23 Aug 2023 20:03:53 +0300
Subject: [PATCH 2/2] Proxy additional JVBs through traefik (fixes #2721)

Traefik wasn't proxying /colibri-ws/jvb-X/ to additional jvbs. This
fixes it.

This contribution is provided by GRNET S.A. (grnet.gr).
---
 group_vars/matrix_servers | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers
index 816fb2b1..7b7ed58e 100755
--- a/group_vars/matrix_servers
+++ b/group_vars/matrix_servers
@@ -2555,6 +2555,38 @@ jitsi_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method
 # when embedding Jitsi in Matrix rooms.
 jitsi_disable_gravatar: true
 
+# Traefik proxying for additional JVBs. These can't be configured using Docker
+# labels, like the first JVB is, because they run on different hosts, so we add
+# the necessary configuration to the file provider.
+devture_traefik_provider_configuration_extension_yaml: |
+  http:
+   routers:
+     {% for host in groups['jitsi_jvb_servers'] %}
+
+     additional-{{ hostvars[host]['jitsi_jvb_server_id'] }}-router:
+       entryPoints:
+         - "{{ devture_traefik_entrypoint_primary }}"
+       rule: "Host(`{{ jitsi_hostname }}`) && PathPrefix(`/colibri-ws/{{ hostvars[host]['jitsi_jvb_server_id'] }}/`)"
+       service: additional-{{ hostvars[host]['jitsi_jvb_server_id'] }}-service
+       {% if devture_traefik_entrypoint_primary != 'web' %}
+
+       tls:
+         certResolver: "{{ devture_traefik_certResolver_primary }}"
+
+       {% endif %}
+
+     {% endfor %}
+
+   services:
+     {% for host in groups['jitsi_jvb_servers'] %}
+
+     additional-{{ hostvars[host]['jitsi_jvb_server_id'] }}-service:
+       loadBalancer:
+         servers:
+           - url: "http://{{ host }}:9090/"
+
+     {% endfor %}
+
 ######################################################################
 #
 # /jitsi