From a036987ba45d723f38ab8415868d65f276ee7336 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 25 Aug 2023 15:43:16 +0300 Subject: [PATCH] Do not define devture_traefik_provider_configuration_extension_yaml in group_vars/matrix_servers `devture_traefik_provider_configuration_extension_yaml` should not be set automatically by the playbook. It's a variable to be used by users. Moreover, setting for for everyone (not just people who have additional JVBs) means that for most people the following error will be produced: > 'dict object' has no attribute 'jitsi_jvb_servers' .. as detailed in https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2844 Fixes a regression introduced in: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2842 --- docs/configuring-playbook-jitsi.md | 36 ++++++++++++++++++++++++++++++ group_vars/matrix_servers | 32 -------------------------- 2 files changed, 36 insertions(+), 32 deletions(-) diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index 87184f9ba..53eb35ded 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -221,6 +221,42 @@ jitsi_prosody_container_jvb_host_bind_port: 5222 Applied together this will allow you to provision extra JVB instances which will register themselves with the prosody service and be available for jicofo to route conferences too. +To make Traefik reverse-proxy to these additional JVBs (living on other hosts), **you would need to add the following Traefik configuration extension**: + +```yaml +# Traefik proxying for additional JVBs. These can't be configured using Docker +# labels, like the first JVB is, because they run on different hosts, so we add +# the necessary configuration to the file provider. +devture_traefik_provider_configuration_extension_yaml: | + http: + routers: + {% for host in groups['jitsi_jvb_servers'] %} + + additional-{{ hostvars[host]['jitsi_jvb_server_id'] }}-router: + entryPoints: + - "{{ devture_traefik_entrypoint_primary }}" + rule: "Host(`{{ jitsi_hostname }}`) && PathPrefix(`/colibri-ws/{{ hostvars[host]['jitsi_jvb_server_id'] }}/`)" + service: additional-{{ hostvars[host]['jitsi_jvb_server_id'] }}-service + {% if devture_traefik_entrypoint_primary != 'web' %} + + tls: + certResolver: "{{ devture_traefik_certResolver_primary }}" + + {% endif %} + + {% endfor %} + + services: + {% for host in groups['jitsi_jvb_servers'] %} + + additional-{{ hostvars[host]['jitsi_jvb_server_id'] }}-service: + loadBalancer: + servers: + - url: "http://{{ host }}:9090/" + + {% endfor %} +``` + ## (Optional) Enable Gravatar In the default Jisti Meet configuration, gravatar.com is enabled as an avatar service. This results in third party request leaking data to gravatar. diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 7b7ed58ea..816fb2b1b 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2555,38 +2555,6 @@ jitsi_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method # when embedding Jitsi in Matrix rooms. jitsi_disable_gravatar: true -# Traefik proxying for additional JVBs. These can't be configured using Docker -# labels, like the first JVB is, because they run on different hosts, so we add -# the necessary configuration to the file provider. -devture_traefik_provider_configuration_extension_yaml: | - http: - routers: - {% for host in groups['jitsi_jvb_servers'] %} - - additional-{{ hostvars[host]['jitsi_jvb_server_id'] }}-router: - entryPoints: - - "{{ devture_traefik_entrypoint_primary }}" - rule: "Host(`{{ jitsi_hostname }}`) && PathPrefix(`/colibri-ws/{{ hostvars[host]['jitsi_jvb_server_id'] }}/`)" - service: additional-{{ hostvars[host]['jitsi_jvb_server_id'] }}-service - {% if devture_traefik_entrypoint_primary != 'web' %} - - tls: - certResolver: "{{ devture_traefik_certResolver_primary }}" - - {% endif %} - - {% endfor %} - - services: - {% for host in groups['jitsi_jvb_servers'] %} - - additional-{{ hostvars[host]['jitsi_jvb_server_id'] }}-service: - loadBalancer: - servers: - - url: "http://{{ host }}:9090/" - - {% endfor %} - ###################################################################### # # /jitsi