c79c11c2b7
So that we can run jitsi-meet with local modifications, build our own container images. This builds the base, prosody, and web images from the docker-jitsi-meet project. That project has distinct Dockerfiles for each image, but for simplicity, this change combines them into a single multi-stage Dockerfile. The minor stylistic differences between the different sections are a result of that, and are intentional in order to minimise the delta from the source material. Again, for simplicity, this change does not publish the base image since it is not anticipated that we will run this build often. If we do, we could split this back out. The upstream images are based on pre-built debian packages hosted by the jitsi project. Since our goal is to modify the software, we will need to rebuild the debian packages as well. This adds a new builder image that is used to build the debian packages initially. The docker-jitsi-meet project also has Dockerfiles for several more images, but since the immediate need is only for the "web" image (built from the "jitsi-meet" project), we only build that image and the "prosody" image (not strictly necessary, but it is also a product of the "jisti-meet" repository, so it seems a good practice to build it as well). Change-Id: Ib3177ebfe2b8732a3522a1fa101fe95586dd1e1b
133 lines
3.9 KiB
Docker
133 lines
3.9 KiB
Docker
# Based on https://github.com/jitsi/docker-jitsi-meet/
|
|
# Licensed under the ASL v2.
|
|
|
|
FROM docker.io/library/debian:stretch-slim as build
|
|
ENV DEBIAN_FRONTEND=noninteractive
|
|
|
|
RUN \
|
|
mkdir -p /usr/share/man/man1/ && \
|
|
apt-get update && \
|
|
apt-get dist-upgrade -y && \
|
|
apt-get install -y apt-transport-https \
|
|
apt-utils ca-certificates gnupg git build-essential fakeroot \
|
|
devscripts openjdk-8-jre-headless openjdk-8-jdk-headless maven && \
|
|
curl -sS https://deb.nodesource.com/gpgkey/nodesource.gpg.key | \
|
|
apt-key add - && \
|
|
echo "deb https://deb.nodesource.com/node_10.x stretch main" | \
|
|
tee /etc/apt/sources.list.d/nodesource.list && \
|
|
apt-get update && \
|
|
apt-get install -y nodejs npm && \
|
|
echo "deb http://ftp.debian.org/debian stretch-backports main" > /etc/apt/sources.list.d/backports.list && \
|
|
apt-get update && \
|
|
apt-get install -y -t stretch-backports debhelper && \
|
|
rm -rf /var/lib/apt/lists/
|
|
|
|
RUN git clone https://github.com/jitsi/jitsi-meet
|
|
|
|
RUN \
|
|
cd jitsi-meet && \
|
|
npm install && \
|
|
make && \
|
|
debuild -b -uc -us
|
|
|
|
######################################################################
|
|
FROM docker.io/library/debian:stretch-slim as base
|
|
|
|
ADD https://github.com/just-containers/s6-overlay/releases/download/v1.21.4.0/s6-overlay-amd64.tar.gz /tmp/s6-overlay.tar.gz
|
|
ADD https://github.com/subchen/frep/releases/download/v1.3.5/frep-1.3.5-linux-amd64 /usr/bin/frep
|
|
|
|
COPY base/rootfs /
|
|
|
|
RUN \
|
|
tar xfz /tmp/s6-overlay.tar.gz -C / && \
|
|
rm -f /tmp/*.tar.gz && \
|
|
apt-dpkg-wrap apt-get update && \
|
|
apt-dpkg-wrap apt-get install -y apt-transport-https apt-utils ca-certificates gnupg && \
|
|
echo "deb http://ftp.debian.org/debian stretch-backports main" > /etc/apt/sources.list.d/backports.list && \
|
|
apt-dpkg-wrap apt-get dist-upgrade -y && \
|
|
apt-cleanup && \
|
|
chmod +x /usr/bin/frep
|
|
|
|
RUN \
|
|
[ "$JITSI_RELEASE" = "unstable" ] && \
|
|
apt-dpkg-wrap apt-get update && \
|
|
apt-dpkg-wrap apt-get install -y jq procps curl vim iputils-ping net-tools && \
|
|
apt-cleanup || \
|
|
true
|
|
|
|
ENTRYPOINT [ "/init" ]
|
|
|
|
######################################################################
|
|
FROM base as web
|
|
|
|
COPY --from=build /*.deb /output/
|
|
|
|
RUN \
|
|
apt-dpkg-wrap apt-get update && \
|
|
apt-dpkg-wrap apt-get install -y cron nginx-extras && \
|
|
dpkg -i /output/jitsi-meet-web*.deb &&\
|
|
apt-dpkg-wrap apt-get install -y -t stretch-backports certbot && \
|
|
apt-cleanup && \
|
|
rm -fr /output && \
|
|
rm -f /etc/nginx/conf.d/default.conf && \
|
|
rm -f /usr/share/jitsi-meet/interface_config.js
|
|
|
|
COPY web/rootfs/ /
|
|
|
|
EXPOSE 80 443
|
|
|
|
VOLUME ["/config", "/etc/letsencrypt"]
|
|
|
|
######################################################################
|
|
FROM base as prosody
|
|
|
|
COPY --from=build /*.deb /output/
|
|
|
|
RUN \
|
|
apt-dpkg-wrap apt-get update \
|
|
&& apt-dpkg-wrap apt-get install -t stretch-backports -y \
|
|
prosody \
|
|
liblua5.2-dev \
|
|
sasl2-bin \
|
|
libsasl2-modules-ldap \
|
|
libsasl2-dev \
|
|
libssl1.0-dev \
|
|
lua-basexx \
|
|
lua-ldap \
|
|
luarocks \
|
|
git \
|
|
gcc \
|
|
patch \
|
|
&& luarocks install cyrussasl 1.1.0-1 \
|
|
&& luarocks install lua-cjson 2.1.0-1 \
|
|
&& luarocks install luajwtjitsi 1.3-7 \
|
|
&& luarocks install net-url 0.9-1 \
|
|
&& apt-dpkg-wrap apt-get remove -t stretch-backports -y \
|
|
git \
|
|
gcc \
|
|
luarocks \
|
|
libsasl2-dev \
|
|
libssl1.0-dev \
|
|
liblua5.2-dev \
|
|
&& apt-cleanup \
|
|
&& rm -rf /etc/prosody /var/cache/apt
|
|
|
|
RUN \
|
|
apt-dpkg-wrap apt-get update \
|
|
&& apt-dpkg-wrap apt-get install -y libssl-dev \
|
|
&& dpkg -x /output/jitsi-meet-prosody*.deb /tmp \
|
|
&& mv /tmp/usr/share/jitsi-meet/prosody-plugins /prosody-plugins \
|
|
&& apt-cleanup \
|
|
&& rm -fr /output \
|
|
&& rm -rf /tmp/usr /var/cache/apt
|
|
|
|
RUN \
|
|
sed -i s/hook/hook_global/g /prosody-plugins/mod_auth_token.lua \
|
|
&& patch -d /usr/lib/prosody/modules/muc -p0 < /prosody-plugins/muc_owner_allow_kick.patch
|
|
|
|
COPY prosody/rootfs/ /
|
|
|
|
EXPOSE 5222 5269 5347 5280
|
|
|
|
VOLUME ["/config", "/prosody-plugins-custom"]
|