From 42cee31cd3fce7b372efb9c26650d78eaff85cac Mon Sep 17 00:00:00 2001 From: eyad-hussein Date: Mon, 26 Aug 2024 06:48:43 +0300 Subject: [PATCH 1/5] feat: create jitsi application files to host on the grid --- tfgrid3/jitsi/.gitignore | 1 + tfgrid3/jitsi/Dockerfile | 22 ++++++++ tfgrid3/jitsi/README.md | 17 ++++++ tfgrid3/jitsi/scripts/init.sh | 9 ++++ tfgrid3/jitsi/scripts/install_jitsi.sh | 16 ++++++ tfgrid3/jitsi/scripts/jicofo.sh | 40 ++++++++++++++ tfgrid3/jitsi/scripts/jvb.sh | 59 +++++++++++++++++++++ tfgrid3/jitsi/scripts/nginx.sh | 51 ++++++++++++++++++ tfgrid3/jitsi/scripts/prosody.sh | 69 +++++++++++++++++++++++++ tfgrid3/jitsi/scripts/setup_hostname.sh | 6 +++ tfgrid3/jitsi/start.sh | 8 +++ tfgrid3/jitsi/zinit/install_jitsi.yaml | 4 ++ tfgrid3/jitsi/zinit/jicofo.yaml | 5 ++ tfgrid3/jitsi/zinit/jvb.yaml | 7 +++ tfgrid3/jitsi/zinit/nginx.yaml | 5 ++ tfgrid3/jitsi/zinit/prosody.yaml | 5 ++ tfgrid3/jitsi/zinit/setup_hostname.yaml | 5 ++ tfgrid3/jitsi/zinit/ssh-init.yaml | 3 ++ tfgrid3/jitsi/zinit/sshd.yaml | 3 ++ 19 files changed, 335 insertions(+) create mode 100644 tfgrid3/jitsi/.gitignore create mode 100644 tfgrid3/jitsi/Dockerfile create mode 100644 tfgrid3/jitsi/README.md create mode 100644 tfgrid3/jitsi/scripts/init.sh create mode 100644 tfgrid3/jitsi/scripts/install_jitsi.sh create mode 100644 tfgrid3/jitsi/scripts/jicofo.sh create mode 100644 tfgrid3/jitsi/scripts/jvb.sh create mode 100644 tfgrid3/jitsi/scripts/nginx.sh create mode 100644 tfgrid3/jitsi/scripts/prosody.sh create mode 100644 tfgrid3/jitsi/scripts/setup_hostname.sh create mode 100644 tfgrid3/jitsi/start.sh create mode 100644 tfgrid3/jitsi/zinit/install_jitsi.yaml create mode 100644 tfgrid3/jitsi/zinit/jicofo.yaml create mode 100644 tfgrid3/jitsi/zinit/jvb.yaml create mode 100644 tfgrid3/jitsi/zinit/nginx.yaml create mode 100644 tfgrid3/jitsi/zinit/prosody.yaml create mode 100644 tfgrid3/jitsi/zinit/setup_hostname.yaml create mode 100644 tfgrid3/jitsi/zinit/ssh-init.yaml create mode 100644 tfgrid3/jitsi/zinit/sshd.yaml diff --git a/tfgrid3/jitsi/.gitignore b/tfgrid3/jitsi/.gitignore new file mode 100644 index 00000000..8ff54e8c --- /dev/null +++ b/tfgrid3/jitsi/.gitignore @@ -0,0 +1 @@ +archive \ No newline at end of file diff --git a/tfgrid3/jitsi/Dockerfile b/tfgrid3/jitsi/Dockerfile new file mode 100644 index 00000000..48b6c3c3 --- /dev/null +++ b/tfgrid3/jitsi/Dockerfile @@ -0,0 +1,22 @@ +FROM ubuntu:22.04 + +ENV DEBIAN_FRONTEND=noninteractive + +RUN apt update && \ + apt -y install wget openssh-server + +RUN wget -O /sbin/zinit https://github.com/threefoldtech/zinit/releases/download/v0.2.5/zinit && \ + chmod +x /sbin/zinit + +COPY zinit /etc/zinit +COPY start.sh /start.sh + +RUN chmod +x /sbin/zinit && chmod +x /start.sh + +COPY scripts /root/scripts + +RUN chmod +x /root/scripts/*.sh + +RUN /root/scripts/init.sh + +ENTRYPOINT ["zinit", "init"] \ No newline at end of file diff --git a/tfgrid3/jitsi/README.md b/tfgrid3/jitsi/README.md new file mode 100644 index 00000000..9b8cb51f --- /dev/null +++ b/tfgrid3/jitsi/README.md @@ -0,0 +1,17 @@ +# Development Guide for Ubuntu:22.04 image +## This guide will take you through steps for pulling & running ubuntu:22.04 image + +### Pull the image +```bash +docker pull threefolddev/ubuntu:22.04 +``` + +### Build the image +```bash +docker build -t threefolddev/ubuntu:22.04 . +``` + +### RUN the image +```bash +sudo docker run -d --name threefolddev/ubuntu:22.04 +``` diff --git a/tfgrid3/jitsi/scripts/init.sh b/tfgrid3/jitsi/scripts/init.sh new file mode 100644 index 00000000..b2c28df8 --- /dev/null +++ b/tfgrid3/jitsi/scripts/init.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +apt upgrade -y +apt install curl gnupg2 nginx-full -y +apt install apt-transport-https -y +apt install software-properties-common -y +apt-add-repository universe -y +apt install openjdk-11-jdk -y +apt update diff --git a/tfgrid3/jitsi/scripts/install_jitsi.sh b/tfgrid3/jitsi/scripts/install_jitsi.sh new file mode 100644 index 00000000..eb0841ea --- /dev/null +++ b/tfgrid3/jitsi/scripts/install_jitsi.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +curl -sL https://prosody.im/files/prosody-debian-packages.key -o /etc/apt/keyrings/prosody-debian-packages.key +echo "deb [signed-by=/etc/apt/keyrings/prosody-debian-packages.key] http://packages.prosody.im/debian $(lsb_release -sc) main" | tee /etc/apt/sources.list.d/prosody-debian-packages.list +apt install lua5.2 + + +curl -sL https://download.jitsi.org/jitsi-key.gpg.key | sh -c 'gpg --dearmor > /usr/share/keyrings/jitsi-keyring.gpg' +echo "deb [signed-by=/usr/share/keyrings/jitsi-keyring.gpg] https://download.jitsi.org stable/" | tee /etc/apt/sources.list.d/jitsi-stable.list + +apt update + +echo "jitsi-videobridge2 jitsi-videobridge/jvb-hostname string $(hostname)" | debconf-set-selections +echo "jitsi-meet jitsi-meet/cert-choice select Generate a new self-signed certificate" | debconf-set-selections + +apt install jitsi-meet -y \ No newline at end of file diff --git a/tfgrid3/jitsi/scripts/jicofo.sh b/tfgrid3/jitsi/scripts/jicofo.sh new file mode 100644 index 00000000..4d61c586 --- /dev/null +++ b/tfgrid3/jitsi/scripts/jicofo.sh @@ -0,0 +1,40 @@ +#!/bin/bash + +. /lib/lsb/init-functions + +# Include jicofo defaults if available +if [ -f /etc/jitsi/jicofo/config ]; then + . /etc/jitsi/jicofo/config +fi + +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin +DAEMON=/usr/share/jicofo/jicofo.sh +DAEMON_DIR=/usr/share/jicofo/ +NAME=jicofo +USER=jicofo +PIDFILE=/var/run/jicofo.pid +LOGFILE=/var/log/jitsi/jicofo.log +DESC=jicofo + + +if [ ! -x $DAEMON ] ;then + echo "Daemon not executable: $DAEMON" + exit 1 +fi + +set -e + + +start() { + if [ -f $PIDFILE ]; then + echo "$NAME seems to be already running, we found pidfile $PIDFILE." + exit 1 + fi + echo -n "Starting $NAME: " + export JICOFO_AUTH_PASSWORD JICOFO_MAX_MEMORY + start-stop-daemon --start --quiet --background --chuid $USER --make-pidfile --pidfile $PIDFILE \ + --exec /bin/bash -- -c "cd $DAEMON_DIR; JAVA_SYS_PROPS=\"$JAVA_SYS_PROPS\" exec $DAEMON $JICOFO_OPTS < /dev/null >> $LOGFILE 2>&1" + echo "$NAME started." +} + +start \ No newline at end of file diff --git a/tfgrid3/jitsi/scripts/jvb.sh b/tfgrid3/jitsi/scripts/jvb.sh new file mode 100644 index 00000000..e8b98d94 --- /dev/null +++ b/tfgrid3/jitsi/scripts/jvb.sh @@ -0,0 +1,59 @@ +#!/bin/bash + + +. /lib/lsb/init-functions + +# Include videobridge defaults if available +if [ -f /etc/jitsi/videobridge/config ]; then + . /etc/jitsi/videobridge/config +fi + +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin +DAEMON=/usr/share/jitsi-videobridge/jvb.sh +NAME=jvb +USER=jvb +# A tmpfs backed directory just for the JVB process. This is introduced +# to hold packet arrival times, but it may be otherwise useful in the future. +TMPPATH=/var/run/jitsi-videobridge +PIDFILE=/var/run/jitsi-videobridge.pid +LOGFILE=/var/log/jitsi/jvb.log +DESC=jitsi-videobridge + + +if [ ! -d "$TMPPATH" ]; then + mkdir "$TMPPATH" + chown $USER:adm "$TMPPATH" +fi + +if [ ! $JVB_HOST ]; then + JVB_HOST=localhost +fi +# TODO: remove this when support for --apis is removed +DAEMON_OPTS="$JVB_OPTS" + +if [ ! -x $DAEMON ] ;then + echo "Daemon not executable: $DAEMON" + exit 1 +fi + +set -e + + +start() { + if [ -f $PIDFILE ]; then + echo "$DESC seems to be already running, we found pidfile $PIDFILE." + exit 1 + fi + echo -n "Starting $DESC: " + DAEMON_START_CMD="JAVA_SYS_PROPS=\"$JAVA_SYS_PROPS\" exec $DAEMON $DAEMON_OPTS < /dev/null >> $LOGFILE 2>&1" + AUTHBIND_CMD="" + if [ "$AUTHBIND" = "yes" ]; then + AUTHBIND_CMD="/usr/bin/authbind --deep /bin/bash -c " + DAEMON_START_CMD="'$DAEMON_START_CMD'" + fi + start-stop-daemon --start --quiet --background --chuid $USER --make-pidfile --pidfile $PIDFILE \ + --exec /bin/bash -- -c "$AUTHBIND_CMD $DAEMON_START_CMD" + echo "$NAME started." +} + +start \ No newline at end of file diff --git a/tfgrid3/jitsi/scripts/nginx.sh b/tfgrid3/jitsi/scripts/nginx.sh new file mode 100644 index 00000000..a37da7bd --- /dev/null +++ b/tfgrid3/jitsi/scripts/nginx.sh @@ -0,0 +1,51 @@ +#!/bin/sh + +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin +DAEMON=/usr/sbin/nginx +NAME=nginx +DESC=nginx + +# Include nginx defaults if available +if [ -r /etc/default/nginx ]; then + . /etc/default/nginx +fi + +STOP_SCHEDULE="${STOP_SCHEDULE:-QUIT/5/TERM/5/KILL/5}" + +test -x $DAEMON || exit 0 + +. /lib/init/vars.sh +. /lib/lsb/init-functions + +# Try to extract nginx pidfile +PID=$(cat /etc/nginx/nginx.conf | grep -Ev '^\s*#' | awk 'BEGIN { RS="[;{}]" } { if ($1 == "pid") print $2 }' | head -n1) +if [ -z "$PID" ]; then + PID=/run/nginx.pid +fi + +if [ -n "$ULIMIT" ]; then + # Set ulimit if it is set in /etc/default/nginx + ulimit $ULIMIT +fi + +start_nginx() { + # Start the daemon/service + # + # Returns: + # 0 if daemon has been started + # 1 if daemon was already running + # 2 if daemon could not be started + start-stop-daemon --start --quiet --pidfile $PID --exec $DAEMON --test > /dev/null \ + || return 1 + start-stop-daemon --start --quiet --pidfile $PID --exec $DAEMON -- \ + $DAEMON_OPTS 2>/dev/null \ + || return 2 +} + + +log_daemon_msg "Starting $DESC" "$NAME" +start_nginx +case "$?" in + 0|1) log_end_msg 0 ;; + 2) log_end_msg 1 ;; +esac \ No newline at end of file diff --git a/tfgrid3/jitsi/scripts/prosody.sh b/tfgrid3/jitsi/scripts/prosody.sh new file mode 100644 index 00000000..aec4d483 --- /dev/null +++ b/tfgrid3/jitsi/scripts/prosody.sh @@ -0,0 +1,69 @@ +#!/bin/bash + +set -e + + +USER=prosody +DAEMON=/usr/bin/prosody +PIDPATH=/run/prosody +PIDFILE="$PIDPATH"/prosody.pid +RUNTIME= + +NICE= +MAXFDS= +CPUSCHED= +IOSCHED= + +test -x "$DAEMON" || exit 0 + +. /lib/lsb/init-functions + +if [ -f /etc/default/prosody ] ; then + . /etc/default/prosody +fi + +start_opts() { + test -z "$NICE" || printf " --nicelevel %s" $NICE + test -z "$CPUSCHED" || printf " --procsched %s" $CPUSCHED + test -z "$IOSCHED" || printf " --iosched %s" $IOSCHED + test -n "$RUNTIME" || printf " --startas %s -- -D" "$DAEMON" + test -z "$RUNTIME" || printf " --exec %s -- %s -D" "$RUNTIME" "$DAEMON" +} + +test -z "$MAXFDS" || ulimit -n "$MAXFDS" + + +if [ ! -d "$PIDPATH" ]; then + mkdir "$PIDPATH"; + chown "$USER:adm" "$PIDPATH"; +fi + +# Check that user 'prosody' exists +check_user() { + if ! getent passwd "$USER" >/dev/null; then + exit 1; + fi +} + +start_prosody () { + mkdir -p "$(dirname $PIDFILE)" + chown prosody:adm "$(dirname $PIDFILE)" + [ -x /sbin/restorecon ] && /sbin/restorecon `dirname $PIDFILE` + if start-stop-daemon --start --quiet --pidfile "$PIDFILE" \ + --chuid "$USER" --oknodo --user "$USER" \ + $(start_opts); + then + return 0 + else + return 1 + fi +} + + +check_user +log_daemon_msg "Starting Prosody XMPP Server" "prosody" +if start_prosody; then + log_end_msg 0; +else + log_end_msg 1; +fi \ No newline at end of file diff --git a/tfgrid3/jitsi/scripts/setup_hostname.sh b/tfgrid3/jitsi/scripts/setup_hostname.sh new file mode 100644 index 00000000..6794ec45 --- /dev/null +++ b/tfgrid3/jitsi/scripts/setup_hostname.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +echo "$JITSI_HOSTNAME" > /etc/hostname +PUBLIC_IP=$(curl -s ifconfig.me) +echo "$PUBLIC_IP $JITSI_HOSTNAME" >> /etc/hosts +hostname "$JITSI_HOSTNAME" \ No newline at end of file diff --git a/tfgrid3/jitsi/start.sh b/tfgrid3/jitsi/start.sh new file mode 100644 index 00000000..2f0f39fe --- /dev/null +++ b/tfgrid3/jitsi/start.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +mkdir -p /var/run/sshd +mkdir -p /root/.ssh +touch /root/.ssh/authorized_keys + +chmod 700 /root/.ssh +chmod 600 /root/.ssh/authorized_keys diff --git a/tfgrid3/jitsi/zinit/install_jitsi.yaml b/tfgrid3/jitsi/zinit/install_jitsi.yaml new file mode 100644 index 00000000..aadc9870 --- /dev/null +++ b/tfgrid3/jitsi/zinit/install_jitsi.yaml @@ -0,0 +1,4 @@ +exec: /root/scripts/install_jitsi.sh +after: + - setup_hostname +oneshot: true diff --git a/tfgrid3/jitsi/zinit/jicofo.yaml b/tfgrid3/jitsi/zinit/jicofo.yaml new file mode 100644 index 00000000..10b79b9c --- /dev/null +++ b/tfgrid3/jitsi/zinit/jicofo.yaml @@ -0,0 +1,5 @@ +exec: root/scripts/jicofo.sh +log: ring +after: + - prosody +oneshot: true diff --git a/tfgrid3/jitsi/zinit/jvb.yaml b/tfgrid3/jitsi/zinit/jvb.yaml new file mode 100644 index 00000000..758e21c8 --- /dev/null +++ b/tfgrid3/jitsi/zinit/jvb.yaml @@ -0,0 +1,7 @@ +exec: root/scripts/jvb.sh +signal: + stop: SIGKILL +log: ring +after: + - jicofo +oneshot: true diff --git a/tfgrid3/jitsi/zinit/nginx.yaml b/tfgrid3/jitsi/zinit/nginx.yaml new file mode 100644 index 00000000..ed448528 --- /dev/null +++ b/tfgrid3/jitsi/zinit/nginx.yaml @@ -0,0 +1,5 @@ +exec: root/scripts/nginx.sh +oneshot: true +log: ring +after: + - install_jitsi diff --git a/tfgrid3/jitsi/zinit/prosody.yaml b/tfgrid3/jitsi/zinit/prosody.yaml new file mode 100644 index 00000000..52994347 --- /dev/null +++ b/tfgrid3/jitsi/zinit/prosody.yaml @@ -0,0 +1,5 @@ +exec: /root/scripts/prosody.sh +log: ring +after: + - install_jitsi +oneshot: true diff --git a/tfgrid3/jitsi/zinit/setup_hostname.yaml b/tfgrid3/jitsi/zinit/setup_hostname.yaml new file mode 100644 index 00000000..08e54a43 --- /dev/null +++ b/tfgrid3/jitsi/zinit/setup_hostname.yaml @@ -0,0 +1,5 @@ +exec: /root/scripts/setup_hostname.sh +after: + - sshd +log: ring +oneshot: true diff --git a/tfgrid3/jitsi/zinit/ssh-init.yaml b/tfgrid3/jitsi/zinit/ssh-init.yaml new file mode 100644 index 00000000..7d7096f5 --- /dev/null +++ b/tfgrid3/jitsi/zinit/ssh-init.yaml @@ -0,0 +1,3 @@ +exec: /start.sh +log: stdout +oneshot: true diff --git a/tfgrid3/jitsi/zinit/sshd.yaml b/tfgrid3/jitsi/zinit/sshd.yaml new file mode 100644 index 00000000..8381580f --- /dev/null +++ b/tfgrid3/jitsi/zinit/sshd.yaml @@ -0,0 +1,3 @@ +exec: bash -c "/usr/sbin/sshd -D" +after: + - ssh-init From 78c122d11e4250512413e541186ada1df82c73a0 Mon Sep 17 00:00:00 2001 From: eyad-hussein Date: Wed, 28 Aug 2024 20:00:51 +0300 Subject: [PATCH 2/5] feat: create jitsi flist and tested manually --- tfgrid3/jitsi/Dockerfile | 18 ++- tfgrid3/jitsi/config/nginx.conf | 204 ++++++++++++++++++++++++ tfgrid3/jitsi/scripts/init.sh | 9 -- tfgrid3/jitsi/scripts/install_jitsi.sh | 10 -- tfgrid3/jitsi/scripts/jicofo.sh | 42 ++--- tfgrid3/jitsi/scripts/jvb.sh | 61 +------ tfgrid3/jitsi/scripts/nginx.sh | 54 +------ tfgrid3/jitsi/scripts/prosody.sh | 70 ++------ tfgrid3/jitsi/scripts/ufw.sh | 9 ++ tfgrid3/jitsi/zinit/jicofo.yaml | 2 - tfgrid3/jitsi/zinit/jvb.yaml | 2 - tfgrid3/jitsi/zinit/nginx.yaml | 3 +- tfgrid3/jitsi/zinit/prosody.yaml | 2 - tfgrid3/jitsi/zinit/setup_hostname.yaml | 1 - tfgrid3/jitsi/zinit/ufw.yaml | 4 + 15 files changed, 264 insertions(+), 227 deletions(-) create mode 100644 tfgrid3/jitsi/config/nginx.conf delete mode 100644 tfgrid3/jitsi/scripts/init.sh create mode 100644 tfgrid3/jitsi/scripts/ufw.sh create mode 100644 tfgrid3/jitsi/zinit/ufw.yaml diff --git a/tfgrid3/jitsi/Dockerfile b/tfgrid3/jitsi/Dockerfile index 48b6c3c3..5e3f8d89 100644 --- a/tfgrid3/jitsi/Dockerfile +++ b/tfgrid3/jitsi/Dockerfile @@ -3,10 +3,12 @@ FROM ubuntu:22.04 ENV DEBIAN_FRONTEND=noninteractive RUN apt update && \ - apt -y install wget openssh-server +apt -y install wget openssh-server RUN wget -O /sbin/zinit https://github.com/threefoldtech/zinit/releases/download/v0.2.5/zinit && \ - chmod +x /sbin/zinit +chmod +x /sbin/zinit + +RUN apt upgrade -y COPY zinit /etc/zinit COPY start.sh /start.sh @@ -14,9 +16,19 @@ COPY start.sh /start.sh RUN chmod +x /sbin/zinit && chmod +x /start.sh COPY scripts /root/scripts +COPY config /root/config RUN chmod +x /root/scripts/*.sh -RUN /root/scripts/init.sh +RUN apt install -y curl gnupg2 nginx-full apt-transport-https \ + software-properties-common openjdk-11-jdk ufw && \ + apt-add-repository universe -y + +RUN curl -sL https://prosody.im/files/prosody-debian-packages.key -o /etc/apt/keyrings/prosody-debian-packages.key && \ + echo "deb [signed-by=/etc/apt/keyrings/prosody-debian-packages.key] http://packages.prosody.im/debian $(lsb_release -sc) main" | tee /etc/apt/sources.list.d/prosody-debian-packages.list && \ + curl -sL https://download.jitsi.org/jitsi-key.gpg.key | gpg --dearmor -o /usr/share/keyrings/jitsi-keyring.gpg && \ + echo "deb [signed-by=/usr/share/keyrings/jitsi-keyring.gpg] https://download.jitsi.org stable/" | tee /etc/apt/sources.list.d/jitsi-stable.list && \ + apt update && \ + apt install -y lua5.2 ENTRYPOINT ["zinit", "init"] \ No newline at end of file diff --git a/tfgrid3/jitsi/config/nginx.conf b/tfgrid3/jitsi/config/nginx.conf new file mode 100644 index 00000000..5a812c35 --- /dev/null +++ b/tfgrid3/jitsi/config/nginx.conf @@ -0,0 +1,204 @@ +server_names_hash_bucket_size 64; + +types { +# nginx's default mime.types doesn't include a mapping for wasm or wav. + application/wasm wasm; + audio/wav wav; +} +upstream prosody { + zone upstreams 64K; + server 127.0.0.1:5280; + keepalive 2; +} +upstream jvb1 { + zone upstreams 64K; + server 127.0.0.1:9090; + keepalive 2; +} +map $arg_vnode $prosody_node { + default prosody; + v1 v1; + v2 v2; + v3 v3; + v4 v4; + v5 v5; + v6 v6; + v7 v7; + v8 v8; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + listen 80; + listen [::]:80; + server_name {JITSI_HOSTNAME}; + + # Mozilla Guideline v5.4, nginx 1.17.7, OpenSSL 1.1.1d, intermediate configuration + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + + ssl_session_timeout 1d; + ssl_session_cache shared:SSL:10m; # about 40000 sessions + ssl_session_tickets off; + + add_header Strict-Transport-Security "max-age=63072000" always; + set $prefix ""; + set $custom_index ""; + set $config_js_location /etc/jitsi/meet/{JITSI_HOSTNAME}-config.js; + + ssl_certificate /etc/jitsi/meet/{JITSI_HOSTNAME}.crt; + ssl_certificate_key /etc/jitsi/meet/{JITSI_HOSTNAME}.key; + + root /usr/share/jitsi-meet; + + # ssi on with javascript for multidomain variables in config.js + ssi on; + ssi_types application/x-javascript application/javascript; + + index index.html index.htm; + error_page 404 /static/404.html; + + gzip on; + gzip_types text/plain text/css application/javascript application/json image/x-icon application/octet-stream application/wasm; + gzip_vary on; + gzip_proxied no-cache no-store private expired auth; + gzip_min_length 512; + + include /etc/jitsi/meet/jaas/*.conf; + + location = /config.js { + alias $config_js_location; + } + + location = /external_api.js { + alias /usr/share/jitsi-meet/libs/external_api.min.js; + } + + location = /_api/room-info { + proxy_pass http://prosody/room-info?prefix=$prefix&$args; + proxy_http_version 1.1; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header Host $http_host; + } + + location ~ ^/_api/public/(.*)$ { + autoindex off; + alias /etc/jitsi/meet/public/$1; + } + + # ensure all static content can always be found first + location ~ ^/(libs|css|static|images|fonts|lang|sounds|.well-known)/(.*)$ + { + add_header 'Access-Control-Allow-Origin' '*'; + alias /usr/share/jitsi-meet/$1/$2; + + # cache all versioned files + if ($arg_v) { + expires 1y; + } + } + + # BOSH + location = /http-bind { + proxy_pass http://$prosody_node/http-bind?prefix=$prefix&$args; + proxy_http_version 1.1; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header Host $http_host; + proxy_set_header Connection ""; + } + + # xmpp websockets + location = /xmpp-websocket { + proxy_pass http://$prosody_node/xmpp-websocket?prefix=$prefix&$args; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host $http_host; + tcp_nodelay on; + } + + # colibri (JVB) websockets for jvb1 + location ~ ^/colibri-ws/default-id/(.*) { + proxy_pass http://jvb1/colibri-ws/default-id/$1$is_args$args; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + tcp_nodelay on; + } + + # load test minimal client, uncomment when used + #location ~ ^/_load-test/([^/?&:'"]+)$ { + # rewrite ^/_load-test/(.*)$ /load-test/index.html break; + #} + #location ~ ^/_load-test/libs/(.*)$ { + # add_header 'Access-Control-Allow-Origin' '*'; + # alias /usr/share/jitsi-meet/load-test/libs/$1; + #} + + location ~ ^/conference-request/v1(\/.*)?$ { + proxy_pass http://127.0.0.1:8888/conference-request/v1$1; + add_header "Cache-Control" "no-cache, no-store"; + add_header 'Access-Control-Allow-Origin' '*'; + } + location ~ ^/([^/?&:'"]+)/conference-request/v1(\/.*)?$ { + rewrite ^/([^/?&:'"]+)/conference-request/v1(\/.*)?$ /conference-request/v1$2; + } + + location ~ ^/([^/?&:'"]+)$ { + set $roomname "$1"; + try_files $uri @root_path; + } + + location @root_path { + rewrite ^/(.*)$ /$custom_index break; + } + + location ~ ^/([^/?&:'"]+)/config.js$ + { + set $subdomain "$1."; + set $subdir "$1/"; + + alias $config_js_location; + } + + # Matches /(TENANT)/pwa-worker.js or /(TENANT)/manifest.json to rewrite to / and look for file + location ~ ^/([^/?&:'"]+)/(pwa-worker.js|manifest.json)$ { + set $subdomain "$1."; + set $subdir "$1/"; + rewrite ^/([^/?&:'"]+)/(pwa-worker.js|manifest.json)$ /$2; + } + + # BOSH for subdomains + location ~ ^/([^/?&:'"]+)/http-bind { + set $subdomain "$1."; + set $subdir "$1/"; + set $prefix "$1"; + + rewrite ^/(.*)$ /http-bind; + } + + # websockets for subdomains + location ~ ^/([^/?&:'"]+)/xmpp-websocket { + set $subdomain "$1."; + set $subdir "$1/"; + set $prefix "$1"; + + rewrite ^/(.*)$ /xmpp-websocket; + } + + location ~ ^/([^/?&:'"]+)/_api/room-info { + set $subdomain "$1."; + set $subdir "$1/"; + set $prefix "$1"; + + rewrite ^/(.*)$ /_api/room-info; + } + + # Anything that didn't match above, and isn't a real file, assume it's a room name and redirect to / + location ~ ^/([^/?&:'"]+)/(.*)$ { + set $subdomain "$1."; + set $subdir "$1/"; + rewrite ^/([^/?&:'"]+)/(.*)$ /$2; + } +} diff --git a/tfgrid3/jitsi/scripts/init.sh b/tfgrid3/jitsi/scripts/init.sh deleted file mode 100644 index b2c28df8..00000000 --- a/tfgrid3/jitsi/scripts/init.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - -apt upgrade -y -apt install curl gnupg2 nginx-full -y -apt install apt-transport-https -y -apt install software-properties-common -y -apt-add-repository universe -y -apt install openjdk-11-jdk -y -apt update diff --git a/tfgrid3/jitsi/scripts/install_jitsi.sh b/tfgrid3/jitsi/scripts/install_jitsi.sh index eb0841ea..628c76bd 100644 --- a/tfgrid3/jitsi/scripts/install_jitsi.sh +++ b/tfgrid3/jitsi/scripts/install_jitsi.sh @@ -1,15 +1,5 @@ #!/bin/bash -curl -sL https://prosody.im/files/prosody-debian-packages.key -o /etc/apt/keyrings/prosody-debian-packages.key -echo "deb [signed-by=/etc/apt/keyrings/prosody-debian-packages.key] http://packages.prosody.im/debian $(lsb_release -sc) main" | tee /etc/apt/sources.list.d/prosody-debian-packages.list -apt install lua5.2 - - -curl -sL https://download.jitsi.org/jitsi-key.gpg.key | sh -c 'gpg --dearmor > /usr/share/keyrings/jitsi-keyring.gpg' -echo "deb [signed-by=/usr/share/keyrings/jitsi-keyring.gpg] https://download.jitsi.org stable/" | tee /etc/apt/sources.list.d/jitsi-stable.list - -apt update - echo "jitsi-videobridge2 jitsi-videobridge/jvb-hostname string $(hostname)" | debconf-set-selections echo "jitsi-meet jitsi-meet/cert-choice select Generate a new self-signed certificate" | debconf-set-selections diff --git a/tfgrid3/jitsi/scripts/jicofo.sh b/tfgrid3/jitsi/scripts/jicofo.sh index 4d61c586..b2996deb 100644 --- a/tfgrid3/jitsi/scripts/jicofo.sh +++ b/tfgrid3/jitsi/scripts/jicofo.sh @@ -1,40 +1,18 @@ #!/bin/bash . /lib/lsb/init-functions - -# Include jicofo defaults if available -if [ -f /etc/jitsi/jicofo/config ]; then - . /etc/jitsi/jicofo/config -fi - -PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -DAEMON=/usr/share/jicofo/jicofo.sh -DAEMON_DIR=/usr/share/jicofo/ -NAME=jicofo -USER=jicofo -PIDFILE=/var/run/jicofo.pid -LOGFILE=/var/log/jitsi/jicofo.log -DESC=jicofo - - -if [ ! -x $DAEMON ] ;then - echo "Daemon not executable: $DAEMON" - exit 1 -fi +. /etc/jitsi/jicofo/config set -e +echo -n "Starting jicofo: " +export JICOFO_AUTH_PASSWORD JICOFO_MAX_MEMORY + +SCRIPT_DIR="$(dirname "$(readlink -f /usr/share/jicofo/jicofo.sh)")" +mainClass="org.jitsi.jicofo.Main" +cp=$(JARS=($SCRIPT_DIR/jicofo*.jar $SCRIPT_DIR/lib/*.jar); IFS=:; echo "${JARS[*]}") -start() { - if [ -f $PIDFILE ]; then - echo "$NAME seems to be already running, we found pidfile $PIDFILE." - exit 1 - fi - echo -n "Starting $NAME: " - export JICOFO_AUTH_PASSWORD JICOFO_MAX_MEMORY - start-stop-daemon --start --quiet --background --chuid $USER --make-pidfile --pidfile $PIDFILE \ - --exec /bin/bash -- -c "cd $DAEMON_DIR; JAVA_SYS_PROPS=\"$JAVA_SYS_PROPS\" exec $DAEMON $JICOFO_OPTS < /dev/null >> $LOGFILE 2>&1" - echo "$NAME started." -} +if [ -z "$JICOFO_MAX_MEMORY" ]; then JICOFO_MAX_MEMORY=3072m; fi -start \ No newline at end of file +cd /usr/share/jicofo/ +exec java -Xmx$JICOFO_MAX_MEMORY -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/tmp -Djdk.tls.ephemeralDHKeySize=2048 $JAVA_SYS_PROPS -cp $cp $mainClass "$@" \ No newline at end of file diff --git a/tfgrid3/jitsi/scripts/jvb.sh b/tfgrid3/jitsi/scripts/jvb.sh index e8b98d94..93f12540 100644 --- a/tfgrid3/jitsi/scripts/jvb.sh +++ b/tfgrid3/jitsi/scripts/jvb.sh @@ -1,59 +1,14 @@ #!/bin/bash +. /etc/jitsi/videobridge/config -. /lib/lsb/init-functions +echo -n "Starting jvb: " -# Include videobridge defaults if available -if [ -f /etc/jitsi/videobridge/config ]; then - . /etc/jitsi/videobridge/config -fi +SCRIPT_DIR="$(dirname "$(readlink -f /usr/share/jitsi-videobridge/jvb.sh)")" +mainClass="org.jitsi.videobridge.MainKt" +cp=$SCRIPT_DIR/jitsi-videobridge.jar:$SCRIPT_DIR/lib/* -PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -DAEMON=/usr/share/jitsi-videobridge/jvb.sh -NAME=jvb -USER=jvb -# A tmpfs backed directory just for the JVB process. This is introduced -# to hold packet arrival times, but it may be otherwise useful in the future. -TMPPATH=/var/run/jitsi-videobridge -PIDFILE=/var/run/jitsi-videobridge.pid -LOGFILE=/var/log/jitsi/jvb.log -DESC=jitsi-videobridge +if [ -z "$VIDEOBRIDGE_MAX_MEMORY" ]; then VIDEOBRIDGE_MAX_MEMORY=3072m; fi +if [ -z "$VIDEOBRIDGE_GC_TYPE" ]; then VIDEOBRIDGE_GC_TYPE=G1GC; fi - -if [ ! -d "$TMPPATH" ]; then - mkdir "$TMPPATH" - chown $USER:adm "$TMPPATH" -fi - -if [ ! $JVB_HOST ]; then - JVB_HOST=localhost -fi -# TODO: remove this when support for --apis is removed -DAEMON_OPTS="$JVB_OPTS" - -if [ ! -x $DAEMON ] ;then - echo "Daemon not executable: $DAEMON" - exit 1 -fi - -set -e - - -start() { - if [ -f $PIDFILE ]; then - echo "$DESC seems to be already running, we found pidfile $PIDFILE." - exit 1 - fi - echo -n "Starting $DESC: " - DAEMON_START_CMD="JAVA_SYS_PROPS=\"$JAVA_SYS_PROPS\" exec $DAEMON $DAEMON_OPTS < /dev/null >> $LOGFILE 2>&1" - AUTHBIND_CMD="" - if [ "$AUTHBIND" = "yes" ]; then - AUTHBIND_CMD="/usr/bin/authbind --deep /bin/bash -c " - DAEMON_START_CMD="'$DAEMON_START_CMD'" - fi - start-stop-daemon --start --quiet --background --chuid $USER --make-pidfile --pidfile $PIDFILE \ - --exec /bin/bash -- -c "$AUTHBIND_CMD $DAEMON_START_CMD" - echo "$NAME started." -} - -start \ No newline at end of file +exec java -Xmx$VIDEOBRIDGE_MAX_MEMORY $VIDEOBRIDGE_DEBUG_OPTIONS -XX:+Use$VIDEOBRIDGE_GC_TYPE -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/tmp -Djdk.tls.ephemeralDHKeySize=2048 -Djdk.net.usePlainDatagramSocketImpl=true $JAVA_SYS_PROPS -cp $cp $mainClass "$@" \ No newline at end of file diff --git a/tfgrid3/jitsi/scripts/nginx.sh b/tfgrid3/jitsi/scripts/nginx.sh index a37da7bd..9061f655 100644 --- a/tfgrid3/jitsi/scripts/nginx.sh +++ b/tfgrid3/jitsi/scripts/nginx.sh @@ -1,51 +1,5 @@ -#!/bin/sh +#!/bin/bash -PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -DAEMON=/usr/sbin/nginx -NAME=nginx -DESC=nginx - -# Include nginx defaults if available -if [ -r /etc/default/nginx ]; then - . /etc/default/nginx -fi - -STOP_SCHEDULE="${STOP_SCHEDULE:-QUIT/5/TERM/5/KILL/5}" - -test -x $DAEMON || exit 0 - -. /lib/init/vars.sh -. /lib/lsb/init-functions - -# Try to extract nginx pidfile -PID=$(cat /etc/nginx/nginx.conf | grep -Ev '^\s*#' | awk 'BEGIN { RS="[;{}]" } { if ($1 == "pid") print $2 }' | head -n1) -if [ -z "$PID" ]; then - PID=/run/nginx.pid -fi - -if [ -n "$ULIMIT" ]; then - # Set ulimit if it is set in /etc/default/nginx - ulimit $ULIMIT -fi - -start_nginx() { - # Start the daemon/service - # - # Returns: - # 0 if daemon has been started - # 1 if daemon was already running - # 2 if daemon could not be started - start-stop-daemon --start --quiet --pidfile $PID --exec $DAEMON --test > /dev/null \ - || return 1 - start-stop-daemon --start --quiet --pidfile $PID --exec $DAEMON -- \ - $DAEMON_OPTS 2>/dev/null \ - || return 2 -} - - -log_daemon_msg "Starting $DESC" "$NAME" -start_nginx -case "$?" in - 0|1) log_end_msg 0 ;; - 2) log_end_msg 1 ;; -esac \ No newline at end of file +sed -i "s/{JITSI_HOSTNAME}/$JITSI_HOSTNAME/g" /root/config/nginx.conf +cp /root/config/nginx.conf "/etc/nginx/sites-enabled/${JITSI_HOSTNAME}.conf" +/usr/sbin/nginx \ No newline at end of file diff --git a/tfgrid3/jitsi/scripts/prosody.sh b/tfgrid3/jitsi/scripts/prosody.sh index aec4d483..4d3e4457 100644 --- a/tfgrid3/jitsi/scripts/prosody.sh +++ b/tfgrid3/jitsi/scripts/prosody.sh @@ -2,68 +2,16 @@ set -e - USER=prosody -DAEMON=/usr/bin/prosody -PIDPATH=/run/prosody -PIDFILE="$PIDPATH"/prosody.pid -RUNTIME= - -NICE= -MAXFDS= -CPUSCHED= -IOSCHED= - -test -x "$DAEMON" || exit 0 - -. /lib/lsb/init-functions - -if [ -f /etc/default/prosody ] ; then - . /etc/default/prosody -fi - -start_opts() { - test -z "$NICE" || printf " --nicelevel %s" $NICE - test -z "$CPUSCHED" || printf " --procsched %s" $CPUSCHED - test -z "$IOSCHED" || printf " --iosched %s" $IOSCHED - test -n "$RUNTIME" || printf " --startas %s -- -D" "$DAEMON" - test -z "$RUNTIME" || printf " --exec %s -- %s -D" "$RUNTIME" "$DAEMON" -} +PIDFILE=/run/prosody/prosody.pid -test -z "$MAXFDS" || ulimit -n "$MAXFDS" +mkdir -p "$(dirname "$PIDFILE")" +chown "$USER:adm" "$(dirname "$PIDFILE")" - -if [ ! -d "$PIDPATH" ]; then - mkdir "$PIDPATH"; - chown "$USER:adm" "$PIDPATH"; -fi - -# Check that user 'prosody' exists -check_user() { - if ! getent passwd "$USER" >/dev/null; then - exit 1; - fi -} - -start_prosody () { - mkdir -p "$(dirname $PIDFILE)" - chown prosody:adm "$(dirname $PIDFILE)" - [ -x /sbin/restorecon ] && /sbin/restorecon `dirname $PIDFILE` - if start-stop-daemon --start --quiet --pidfile "$PIDFILE" \ - --chuid "$USER" --oknodo --user "$USER" \ - $(start_opts); - then - return 0 - else - return 1 - fi -} - - -check_user -log_daemon_msg "Starting Prosody XMPP Server" "prosody" -if start_prosody; then - log_end_msg 0; +echo "Starting Prosody XMPP Server as user $USER..." +if su -s /bin/bash -c /usr/bin/prosody "$USER"; then + echo "Prosody started successfully." else - log_end_msg 1; -fi \ No newline at end of file + echo "Failed to start Prosody." + exit 1 +fi diff --git a/tfgrid3/jitsi/scripts/ufw.sh b/tfgrid3/jitsi/scripts/ufw.sh new file mode 100644 index 00000000..c6328a31 --- /dev/null +++ b/tfgrid3/jitsi/scripts/ufw.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +ufw allow 80/tcp +ufw allow 443/tcp +ufw allow 10000/udp +ufw allow 22/tcp +ufw allow 3478/udp +ufw allow 5349/tcp +echo y | ufw enable \ No newline at end of file diff --git a/tfgrid3/jitsi/zinit/jicofo.yaml b/tfgrid3/jitsi/zinit/jicofo.yaml index 10b79b9c..46ebcb92 100644 --- a/tfgrid3/jitsi/zinit/jicofo.yaml +++ b/tfgrid3/jitsi/zinit/jicofo.yaml @@ -1,5 +1,3 @@ exec: root/scripts/jicofo.sh -log: ring after: - prosody -oneshot: true diff --git a/tfgrid3/jitsi/zinit/jvb.yaml b/tfgrid3/jitsi/zinit/jvb.yaml index 758e21c8..d8c57d8e 100644 --- a/tfgrid3/jitsi/zinit/jvb.yaml +++ b/tfgrid3/jitsi/zinit/jvb.yaml @@ -1,7 +1,5 @@ exec: root/scripts/jvb.sh signal: stop: SIGKILL -log: ring after: - jicofo -oneshot: true diff --git a/tfgrid3/jitsi/zinit/nginx.yaml b/tfgrid3/jitsi/zinit/nginx.yaml index ed448528..12dbff8d 100644 --- a/tfgrid3/jitsi/zinit/nginx.yaml +++ b/tfgrid3/jitsi/zinit/nginx.yaml @@ -1,5 +1,4 @@ -exec: root/scripts/nginx.sh +exec: /root/scripts/nginx.sh oneshot: true -log: ring after: - install_jitsi diff --git a/tfgrid3/jitsi/zinit/prosody.yaml b/tfgrid3/jitsi/zinit/prosody.yaml index 52994347..41369951 100644 --- a/tfgrid3/jitsi/zinit/prosody.yaml +++ b/tfgrid3/jitsi/zinit/prosody.yaml @@ -1,5 +1,3 @@ exec: /root/scripts/prosody.sh -log: ring after: - install_jitsi -oneshot: true diff --git a/tfgrid3/jitsi/zinit/setup_hostname.yaml b/tfgrid3/jitsi/zinit/setup_hostname.yaml index 08e54a43..0acaacfb 100644 --- a/tfgrid3/jitsi/zinit/setup_hostname.yaml +++ b/tfgrid3/jitsi/zinit/setup_hostname.yaml @@ -1,5 +1,4 @@ exec: /root/scripts/setup_hostname.sh after: - sshd -log: ring oneshot: true diff --git a/tfgrid3/jitsi/zinit/ufw.yaml b/tfgrid3/jitsi/zinit/ufw.yaml new file mode 100644 index 00000000..bc5c1da9 --- /dev/null +++ b/tfgrid3/jitsi/zinit/ufw.yaml @@ -0,0 +1,4 @@ +exec: /root/scripts/ufw.sh +after: + - install_jitsi +oneshot: true From c48107b8511a6f34dc72ade8b494686a2df82a3a Mon Sep 17 00:00:00 2001 From: eyad-hussein Date: Wed, 28 Aug 2024 20:33:56 +0300 Subject: [PATCH 3/5] docs: create readme file highlighting the image contents --- tfgrid3/jitsi/README.md | 56 +++++++++++++++++++++++++++++++++++------ 1 file changed, 48 insertions(+), 8 deletions(-) diff --git a/tfgrid3/jitsi/README.md b/tfgrid3/jitsi/README.md index 9b8cb51f..87e226a0 100644 --- a/tfgrid3/jitsi/README.md +++ b/tfgrid3/jitsi/README.md @@ -1,17 +1,57 @@ -# Development Guide for Ubuntu:22.04 image -## This guide will take you through steps for pulling & running ubuntu:22.04 image +# Jitsi TF Image + +The image contains: + +- prosody xmpp server -- a communication server +- jicofo(used by Jitsi) -- conference orchestrator +- jitsi-videobridge(jvb) -- WebRTC compatible video router + +Exposed ports: + +- 80 +- 443 +- 10000 +- 22 +- 3478 +- 5349 + +# Usage + +If you want to build the image from scratch, follow the steps below: + +1- Clone the repository and navigate to the jitsi directory -### Pull the image ```bash -docker pull threefolddev/ubuntu:22.04 +git clone git git@github.com:threefoldtech/tf-images.git +cd tfgrid3/jitsi ``` -### Build the image +2- Edit it however you please + +3- Build the image + ```bash -docker build -t threefolddev/ubuntu:22.04 . +docker build -t jitsi . ``` -### RUN the image +The following is just one way to convert the image to an flist, you can use any other method you prefer. + +4- Push the image to docker hub + ```bash -sudo docker run -d --name threefolddev/ubuntu:22.04 +docker tag jitsi {dockerhub-username}/jitsi ``` + +5- Convert it to an flist using the convertor in [Zero-OS Hub](https://hub.grid.tf/docker-convert) + +6- Deploy the container on the grid using the flist URL you got from the previous step + +# Environment Variables + +- `SSH_KEY` -- the ssh key to be used to access the container +- `JITSI_HOSTNAME` -- this is the domain name that will be used to access the jitsi server(fqdn) + +--- + +- Current Docker Hub image: [eyadhussein/jitsi](https://hub.docker.com/repository/docker/eyadhussein/jitsi) +- Current flist: [jitsi flist](https://hub.grid.tf/eyadhussein.3bot/eyadhussein-jitsi-latest.flist.md) From 8ac4fc7d2a38c54c7c9def9731ff70e7b99f6ae6 Mon Sep 17 00:00:00 2001 From: eyad-hussein Date: Wed, 28 Aug 2024 20:33:56 +0300 Subject: [PATCH 4/5] docs: create readme file highlighting the image contents --- tfgrid3/jitsi/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tfgrid3/jitsi/Dockerfile b/tfgrid3/jitsi/Dockerfile index 5e3f8d89..632190d4 100644 --- a/tfgrid3/jitsi/Dockerfile +++ b/tfgrid3/jitsi/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:22.04 +FROM ubuntu ENV DEBIAN_FRONTEND=noninteractive From 0c0fde3f29a7240a9a2cfb73c3d72206ae44a302 Mon Sep 17 00:00:00 2001 From: eyad-hussein Date: Wed, 28 Aug 2024 20:41:51 +0300 Subject: [PATCH 5/5] fix: specify ubuntu 22.04 image in Dockerfile --- tfgrid3/jitsi/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tfgrid3/jitsi/Dockerfile b/tfgrid3/jitsi/Dockerfile index 632190d4..5e3f8d89 100644 --- a/tfgrid3/jitsi/Dockerfile +++ b/tfgrid3/jitsi/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu +FROM ubuntu:22.04 ENV DEBIAN_FRONTEND=noninteractive