Build jitsi-meet images
So that we can run jitsi-meet with local modifications, build our
own container images. This builds the base, prosody, and web images
from the docker-jitsi-meet project. That project has distinct
Dockerfiles for each image, but for simplicity, this change combines
them into a single multi-stage Dockerfile. The minor stylistic
differences between the different sections are a result of that, and
are intentional in order to minimise the delta from the source material.
Again, for simplicity, this change does not publish the base image
since it is not anticipated that we will run this build often. If we do,
we could split this back out.
The upstream images are based on pre-built debian packages hosted by
the jitsi project. Since our goal is to modify the software, we will
need to rebuild the debian packages as well. This adds a new builder
image that is used to build the debian packages initially.
The docker-jitsi-meet project also has Dockerfiles for several more
images, but since the immediate need is only for the "web" image (built
from the "jitsi-meet" project), we only build that image and the "prosody"
image (not strictly necessary, but it is also a product of the "jisti-meet"
repository, so it seems a good practice to build it as well).
Change-Id: Ib3177ebfe2b8732a3522a1fa101fe95586dd1e1b
2020-03-23 09:52:15 -07:00
|
|
|
# Based on https://github.com/jitsi/docker-jitsi-meet/
|
|
|
|
|
# Licensed under the ASL v2.
|
|
|
|
|
|
|
|
|
|
FROM docker.io/library/debian:stretch-slim as build
|
|
|
|
|
ENV DEBIAN_FRONTEND=noninteractive
|
|
|
|
|
|
|
|
|
|
RUN \
|
|
|
|
|
mkdir -p /usr/share/man/man1/ && \
|
|
|
|
|
apt-get update && \
|
|
|
|
|
apt-get dist-upgrade -y && \
|
|
|
|
|
apt-get install -y apt-transport-https \
|
|
|
|
|
apt-utils ca-certificates gnupg git build-essential fakeroot \
|
|
|
|
|
devscripts openjdk-8-jre-headless openjdk-8-jdk-headless maven && \
|
|
|
|
|
curl -sS https://deb.nodesource.com/gpgkey/nodesource.gpg.key | \
|
|
|
|
|
apt-key add - && \
|
|
|
|
|
echo "deb https://deb.nodesource.com/node_10.x stretch main" | \
|
|
|
|
|
tee /etc/apt/sources.list.d/nodesource.list && \
|
|
|
|
|
apt-get update && \
|
|
|
|
|
apt-get install -y nodejs npm && \
|
|
|
|
|
echo "deb http://ftp.debian.org/debian stretch-backports main" > /etc/apt/sources.list.d/backports.list && \
|
|
|
|
|
apt-get update && \
|
|
|
|
|
apt-get install -y -t stretch-backports debhelper && \
|
|
|
|
|
rm -rf /var/lib/apt/lists/
|
|
|
|
|
|
2020-03-23 10:58:10 -07:00
|
|
|
# TODO(jeblair): either get https://github.com/jitsi/jitsi-meet/pull/5270 merged
|
|
|
|
|
# or create a local fork, or carry a local patch we apply here
|
|
|
|
|
RUN git clone https://github.com/jeblair/jitsi-meet && \
|
|
|
|
|
cd jitsi-meet && \
|
|
|
|
|
git checkout etherpad-on-join
|
Build jitsi-meet images
So that we can run jitsi-meet with local modifications, build our
own container images. This builds the base, prosody, and web images
from the docker-jitsi-meet project. That project has distinct
Dockerfiles for each image, but for simplicity, this change combines
them into a single multi-stage Dockerfile. The minor stylistic
differences between the different sections are a result of that, and
are intentional in order to minimise the delta from the source material.
Again, for simplicity, this change does not publish the base image
since it is not anticipated that we will run this build often. If we do,
we could split this back out.
The upstream images are based on pre-built debian packages hosted by
the jitsi project. Since our goal is to modify the software, we will
need to rebuild the debian packages as well. This adds a new builder
image that is used to build the debian packages initially.
The docker-jitsi-meet project also has Dockerfiles for several more
images, but since the immediate need is only for the "web" image (built
from the "jitsi-meet" project), we only build that image and the "prosody"
image (not strictly necessary, but it is also a product of the "jisti-meet"
repository, so it seems a good practice to build it as well).
Change-Id: Ib3177ebfe2b8732a3522a1fa101fe95586dd1e1b
2020-03-23 09:52:15 -07:00
|
|
|
|
|
|
|
|
RUN \
|
|
|
|
|
cd jitsi-meet && \
|
|
|
|
|
npm install && \
|
|
|
|
|
make && \
|
|
|
|
|
debuild -b -uc -us
|
|
|
|
|
|
|
|
|
|
######################################################################
|
|
|
|
|
FROM docker.io/library/debian:stretch-slim as base
|
|
|
|
|
|
|
|
|
|
ADD https://github.com/just-containers/s6-overlay/releases/download/v1.21.4.0/s6-overlay-amd64.tar.gz /tmp/s6-overlay.tar.gz
|
|
|
|
|
ADD https://github.com/subchen/frep/releases/download/v1.3.5/frep-1.3.5-linux-amd64 /usr/bin/frep
|
|
|
|
|
|
|
|
|
|
COPY base/rootfs /
|
|
|
|
|
|
|
|
|
|
RUN \
|
|
|
|
|
tar xfz /tmp/s6-overlay.tar.gz -C / && \
|
|
|
|
|
rm -f /tmp/*.tar.gz && \
|
|
|
|
|
apt-dpkg-wrap apt-get update && \
|
|
|
|
|
apt-dpkg-wrap apt-get install -y apt-transport-https apt-utils ca-certificates gnupg && \
|
|
|
|
|
echo "deb http://ftp.debian.org/debian stretch-backports main" > /etc/apt/sources.list.d/backports.list && \
|
|
|
|
|
apt-dpkg-wrap apt-get dist-upgrade -y && \
|
|
|
|
|
apt-cleanup && \
|
|
|
|
|
chmod +x /usr/bin/frep
|
|
|
|
|
|
|
|
|
|
RUN \
|
|
|
|
|
[ "$JITSI_RELEASE" = "unstable" ] && \
|
|
|
|
|
apt-dpkg-wrap apt-get update && \
|
|
|
|
|
apt-dpkg-wrap apt-get install -y jq procps curl vim iputils-ping net-tools && \
|
|
|
|
|
apt-cleanup || \
|
|
|
|
|
true
|
|
|
|
|
|
|
|
|
|
ENTRYPOINT [ "/init" ]
|
|
|
|
|
|
|
|
|
|
######################################################################
|
|
|
|
|
FROM base as web
|
|
|
|
|
|
|
|
|
|
COPY --from=build /*.deb /output/
|
|
|
|
|
|
|
|
|
|
RUN \
|
|
|
|
|
apt-dpkg-wrap apt-get update && \
|
|
|
|
|
apt-dpkg-wrap apt-get install -y cron nginx-extras && \
|
|
|
|
|
dpkg -i /output/jitsi-meet-web*.deb &&\
|
|
|
|
|
apt-dpkg-wrap apt-get install -y -t stretch-backports certbot && \
|
|
|
|
|
apt-cleanup && \
|
|
|
|
|
rm -fr /output && \
|
|
|
|
|
rm -f /etc/nginx/conf.d/default.conf && \
|
|
|
|
|
rm -f /usr/share/jitsi-meet/interface_config.js
|
|
|
|
|
|
|
|
|
|
COPY web/rootfs/ /
|
|
|
|
|
|
|
|
|
|
EXPOSE 80 443
|
|
|
|
|
|
|
|
|
|
VOLUME ["/config", "/etc/letsencrypt"]
|
|
|
|
|
|
|
|
|
|
######################################################################
|
|
|
|
|
FROM base as prosody
|
|
|
|
|
|
|
|
|
|
COPY --from=build /*.deb /output/
|
|
|
|
|
|
|
|
|
|
RUN \
|
|
|
|
|
apt-dpkg-wrap apt-get update \
|
|
|
|
|
&& apt-dpkg-wrap apt-get install -t stretch-backports -y \
|
|
|
|
|
prosody \
|
|
|
|
|
liblua5.2-dev \
|
|
|
|
|
sasl2-bin \
|
|
|
|
|
libsasl2-modules-ldap \
|
|
|
|
|
libsasl2-dev \
|
|
|
|
|
libssl1.0-dev \
|
|
|
|
|
lua-basexx \
|
|
|
|
|
lua-ldap \
|
|
|
|
|
luarocks \
|
|
|
|
|
git \
|
|
|
|
|
gcc \
|
|
|
|
|
patch \
|
|
|
|
|
&& luarocks install cyrussasl 1.1.0-1 \
|
|
|
|
|
&& luarocks install lua-cjson 2.1.0-1 \
|
|
|
|
|
&& luarocks install luajwtjitsi 1.3-7 \
|
|
|
|
|
&& luarocks install net-url 0.9-1 \
|
|
|
|
|
&& apt-dpkg-wrap apt-get remove -t stretch-backports -y \
|
|
|
|
|
git \
|
|
|
|
|
gcc \
|
|
|
|
|
luarocks \
|
|
|
|
|
libsasl2-dev \
|
|
|
|
|
libssl1.0-dev \
|
|
|
|
|
liblua5.2-dev \
|
|
|
|
|
&& apt-cleanup \
|
|
|
|
|
&& rm -rf /etc/prosody /var/cache/apt
|
|
|
|
|
|
|
|
|
|
RUN \
|
|
|
|
|
apt-dpkg-wrap apt-get update \
|
|
|
|
|
&& apt-dpkg-wrap apt-get install -y libssl-dev \
|
|
|
|
|
&& dpkg -x /output/jitsi-meet-prosody*.deb /tmp \
|
|
|
|
|
&& mv /tmp/usr/share/jitsi-meet/prosody-plugins /prosody-plugins \
|
|
|
|
|
&& apt-cleanup \
|
|
|
|
|
&& rm -fr /output \
|
|
|
|
|
&& rm -rf /tmp/usr /var/cache/apt
|
|
|
|
|
|
|
|
|
|
RUN \
|
|
|
|
|
sed -i s/hook/hook_global/g /prosody-plugins/mod_auth_token.lua \
|
|
|
|
|
&& patch -d /usr/lib/prosody/modules/muc -p0 < /prosody-plugins/muc_owner_allow_kick.patch
|
|
|
|
|
|
|
|
|
|
COPY prosody/rootfs/ /
|
|
|
|
|
|
|
|
|
|
EXPOSE 5222 5269 5347 5280
|
|
|
|
|
|
|
|
|
|
VOLUME ["/config", "/prosody-plugins-custom"]
|