From 48878f5d4cb19b12c0c33ec0d066106c65d24f9a Mon Sep 17 00:00:00 2001 From: akshaya Date: Wed, 3 Mar 2021 21:44:42 -0800 Subject: [PATCH] Jibri initial commit Most of the work is done [here](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/739). --- group_vars/matrix_servers | 1 + roles/matrix-jitsi/defaults/main.yml | 18 +++++ roles/matrix-jitsi/tasks/init_jibri.yml | 3 + roles/matrix-jitsi/tasks/main.yml | 10 +++ .../matrix-jitsi/tasks/setup_jitsi_jibri.yml | 65 +++++++++++++++++++ .../tasks/setup_jitsi_prosody.yml | 8 +++ .../templates/jibri/config.json.j2 | 30 +++++++++ roles/matrix-jitsi/templates/jibri/env.j2 | 16 +++++ .../templates/jibri/finalize.sh.j2 | 0 .../templates/jibri/jibri.cfg.lua.j2 | 12 ++++ .../templates/jibri/logging.properties.j2 | 33 ++++++++++ .../jibri/matrix-jitsi-jibri.service.j2 | 35 ++++++++++ 12 files changed, 231 insertions(+) create mode 100644 roles/matrix-jitsi/tasks/init_jibri.yml create mode 100644 roles/matrix-jitsi/tasks/setup_jitsi_jibri.yml create mode 100644 roles/matrix-jitsi/templates/jibri/config.json.j2 create mode 100644 roles/matrix-jitsi/templates/jibri/env.j2 create mode 100644 roles/matrix-jitsi/templates/jibri/finalize.sh.j2 create mode 100644 roles/matrix-jitsi/templates/jibri/jibri.cfg.lua.j2 create mode 100644 roles/matrix-jitsi/templates/jibri/logging.properties.j2 create mode 100644 roles/matrix-jitsi/templates/jibri/matrix-jitsi-jibri.service.j2 diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index cc45042dbd6..5daed2bcf1c 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1067,6 +1067,7 @@ matrix_jitsi_prosody_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy matrix_jitsi_jibri_xmpp_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'jibri') | to_uuid }}" matrix_jitsi_jicofo_auth_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'jicofo') | to_uuid }}" matrix_jitsi_jvb_auth_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'jvb') | to_uuid }}" +matrix_jitsi_jibri_recorder_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'recorder') | to_uuid }}" matrix_jitsi_web_stun_servers: | {{ diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index 8c8d9156b82..5a857e90111 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -170,6 +170,7 @@ matrix_jitsi_prosody_docker_image_force_pull: "{{ matrix_jitsi_prosody_docker_im matrix_jitsi_prosody_base_path: "{{ matrix_base_data_path }}/jitsi/prosody" matrix_jitsi_prosody_config_path: "{{ matrix_jitsi_prosody_base_path }}/config" matrix_jitsi_prosody_plugins_path: "{{ matrix_jitsi_prosody_base_path }}/prosody-plugins-custom" +matrix_jitsi_prosody_confd_path: "{{ matrix_jitsi_prosody_config_path }}/conf.d" # A list of extra arguments to pass to the container matrix_jitsi_prosody_container_extra_arguments: [] @@ -259,3 +260,20 @@ matrix_jitsi_jvb_container_rtp_tcp_host_bind_port: "{{ matrix_jitsi_jvb_rtp_tcp_ # # Takes an ":" or "" value (e.g. "127.0.0.1:12090"), or empty string to not expose. matrix_jitsi_jvb_container_colibri_ws_host_bind_port: '' + +#Jibri +matrix_jitsi_jibri_enabled: false +matrix_jitsi_jibri_docker_image: "docker.io/jitsi/jibri:{{ matrix_jitsi_container_image_tag }}" +matrix_jitsi_jibri_docker_image_force_pull: "{{ matrix_jitsi_jibri_docker_image.endswith(':latest') }}" + +matrix_jitsi_jibri_base_path: "{{ matrix_base_data_path }}/jitsi/jibri" +matrix_jitsi_jibri_config_path: "{{ matrix_jitsi_jibri_base_path }}/config" +matrix_jitsi_jibri_logs_path: "{{ matrix_jitsi_jibri_base_path }}/logs" +matrix_jitsi_jibri_recording_path: "{{ matrix_jitsi_jibri_base_path }}/recordings" +matrix_jitsi_jibri_finalize_recording_script_path: "{{ matrix_jitsi_jibri_config_path }}/finalize.sh" +matrix_jitsi_jibri_strip_domain_jid: '' +# A list of extra arguments to pass to the container +matrix_jitsi_jibri_container_extra_arguments: [] + +# List of systemd services that matrix-jitsi-jibri.service depends on +matrix_jitsi_jibri_systemd_required_services_list: ['docker.service', 'matrix-jitsi-jicofo.service', 'matrix-jitsi-prosody.service'] diff --git a/roles/matrix-jitsi/tasks/init_jibri.yml b/roles/matrix-jitsi/tasks/init_jibri.yml new file mode 100644 index 00000000000..a792d4ab9fe --- /dev/null +++ b/roles/matrix-jitsi/tasks/init_jibri.yml @@ -0,0 +1,3 @@ +- set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-jitsi-jibri'] }}" + when: matrix_jitsi_jibri_enabled|bool diff --git a/roles/matrix-jitsi/tasks/main.yml b/roles/matrix-jitsi/tasks/main.yml index e4f3508f3f5..349520032d5 100644 --- a/roles/matrix-jitsi/tasks/main.yml +++ b/roles/matrix-jitsi/tasks/main.yml @@ -2,6 +2,10 @@ tags: - always +- import_tasks: "{{ role_path }}/tasks/init_jibri.yml" + tags: + - always + - import_tasks: "{{ role_path }}/tasks/validate_config.yml" when: "run_setup|bool and matrix_jitsi_enabled|bool" tags: @@ -37,3 +41,9 @@ tags: - setup-all - setup-jitsi + +- import_tasks: "{{ role_path }}/tasks/setup_jitsi_jibri.yml" + when: run_setup|bool + tags: + - setup-all + - setup-jitsi diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_jibri.yml b/roles/matrix-jitsi/tasks/setup_jitsi_jibri.yml new file mode 100644 index 00000000000..1736b7f7b6e --- /dev/null +++ b/roles/matrix-jitsi/tasks/setup_jitsi_jibri.yml @@ -0,0 +1,65 @@ +--- + +# +# Tasks related to setting up jitsi-jibri +# + +- name: Ensure Matrix jitsi-jibri path exists + file: + path: "{{ item.path }}" + state: directory + mode: 0777 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - { path: "{{ matrix_jitsi_jibri_base_path }}", when: true } + - { path: "{{ matrix_jitsi_jibri_config_path }}", when: true } + - { path: "{{ matrix_jitsi_jibri_logs_path }}" , when: true} + - { path: "{{ matrix_jitsi_jibri_recording_path }}" , when: true} + when: matrix_jitsi_enabled|bool and matrix_jitsi_jibri_enabled|bool and item.when + +- name: Ensure jitsi-jibri Docker image is pulled + docker_image: + name: "{{ matrix_jitsi_jibri_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_jitsi_jibri_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_jibri_docker_image_force_pull }}" + when: matrix_jitsi_enabled|bool and matrix_jitsi_jibri_enabled|bool + +- name: Ensure jitsi-jibri environment variables file created + template: + src: "{{ role_path }}/templates/jibri/env.j2" + dest: "{{ matrix_jitsi_jibri_base_path }}/env" + mode: 0640 + when: matrix_jitsi_enabled|bool and matrix_jitsi_jibri_enabled|bool + +- name: Ensure jitsi-jibri finalize.sh file created + template: + src: "{{ role_path }}/templates/jibri/finalize.sh.j2" + dest: "{{ matrix_jitsi_jibri_config_path }}/finalize.sh" + mode: 0740 + when: matrix_jitsi_enabled|bool and matrix_jitsi_jibri_enabled|bool + + +- name: Ensure jitsi-jibri configuration files created + template: + src: "{{ role_path }}/templates/jibri/{{ item }}.j2" + dest: "{{ matrix_jitsi_jibri_config_path }}/{{ item }}" + mode: 0644 + with_items: + - config.json + - logging.properties + when: matrix_jitsi_enabled|bool and matrix_jitsi_jibri_enabled|bool + +- name: Ensure matrix-jitsi-jibri.service installed + template: + src: "{{ role_path }}/templates/jibri/matrix-jitsi-jibri.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-jitsi-jibri.service" + mode: 0644 + register: matrix_jitsi_jibri_systemd_service_result + when: matrix_jitsi_enabled|bool and matrix_jitsi_jibri_enabled|bool + +- name: Ensure systemd reloaded after matrix-jitsi-jibri.service installation + service: + daemon_reload: yes + when: "matrix_jitsi_enabled and matrix_jitsi_jibri_systemd_service_result.changed" diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml b/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml index fd051fdadeb..502e70ce7b8 100644 --- a/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml +++ b/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml @@ -15,6 +15,7 @@ - { path: "{{ matrix_jitsi_prosody_base_path }}", when: true } - { path: "{{ matrix_jitsi_prosody_config_path }}", when: true } - { path: "{{ matrix_jitsi_prosody_plugins_path }}", when: true } + - { path: "{{ matrix_jitsi_prosody_confd_path }}", when: true } when: matrix_jitsi_enabled|bool and item.when - name: Ensure jitsi-prosody Docker image is pulled @@ -45,6 +46,13 @@ daemon_reload: yes when: "matrix_jitsi_enabled and matrix_jitsi_prosody_systemd_service_result.changed" +- name: Ensure jitsi- jibri.cfg.lua file created + template: + src: "{{ role_path }}/templates/jibri/jibri.cfg.lua.j2" + dest: "{{ matrix_jitsi_prosody_confd_path }}/jibri.cfg.lua" + mode: 0644 + when: matrix_jitsi_enabled|bool and matrix_jitsi_jibri_enabled|bool + # # Tasks related to getting rid of jitsi-prosody (if it was previously enabled) # diff --git a/roles/matrix-jitsi/templates/jibri/config.json.j2 b/roles/matrix-jitsi/templates/jibri/config.json.j2 new file mode 100644 index 00000000000..923b2e728b9 --- /dev/null +++ b/roles/matrix-jitsi/templates/jibri/config.json.j2 @@ -0,0 +1,30 @@ +{ + "recording_directory":{{ matrix_jitsi_jibri_recording_path|string|to_json }}, + "finalize_recording_script_path": {{ matrix_jitsi_jibri_finalize_recording_script_path|string|to_json }}, + "xmpp_environments": [ + { + "name": "prod environment", + "xmpp_server_hosts": [ + {{ matrix_jitsi_xmpp_server|string|to_json }} + ], + "xmpp_domain": {{ matrix_jitsi_xmpp_domain|string|to_json }}, + "control_login": { + "domain": {{ matrix_jitsi_xmpp_auth_domain|string|to_json }}, + "username": {{ matrix_jitsi_jibri_xmpp_user|string|to_json }}, + "password": {{ matrix_jitsi_jibri_xmpp_password|string|to_json }} + }, + "control_muc": { + "domain": {{ matrix_jitsi_xmpp_internal_muc_domain|string|to_json }}, + "room_name": {{ matrix_jitsi_jibri_brewery_muc|string|to_json }}, + "nickname": "jibri-instance-1" + }, + "call_login": { + "domain": {{ matrix_jitsi_recorder_domain|string|to_json }}, + "username": {{ matrix_jitsi_jibri_recorder_user|string|to_json }}, + "password": {{ matrix_jitsi_jibri_recorder_password|string|to_json }} + }, + "room_jid_domain_string_to_strip_from_start": {{ matrix_jitsi_jibri_strip_domain_jid|string|to_json }}, + "usage_timeout": "0" + } + ] +} diff --git a/roles/matrix-jitsi/templates/jibri/env.j2 b/roles/matrix-jitsi/templates/jibri/env.j2 new file mode 100644 index 00000000000..7c3de4aaf45 --- /dev/null +++ b/roles/matrix-jitsi/templates/jibri/env.j2 @@ -0,0 +1,16 @@ +XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }} +XMPP_INTERNAL_MUC_DOMAIN={{ matrix_jitsi_xmpp_internal_muc_domain }} +XMPP_RECORDER_DOMAIN={{ matrix_jitsi_recorder_domain }} +XMPP_SERVER={{ matrix_jitsi_xmpp_server }} +XMPP_DOMAIN={{ matrix_jitsi_xmpp_domain }} +JIBRI_XMPP_USER={{ matrix_jitsi_jibri_xmpp_user }} +JIBRI_XMPP_PASSWORD={{ matrix_jitsi_jibri_xmpp_password }} +JIBRI_BREWERY_MUC={{ matrix_jitsi_jvb_brewery_muc }} +JIBRI_RECORDER_USER={{ matrix_jitsi_jibri_recorder_user }} +JIBRI_RECORDER_PASSWORD={{ matrix_jitsi_jibri_recorder_password }} +JIBRI_RECORDING_DIR={{ matrix_jitsi_jibri_recording_path }} +JIBRI_FINALIZE_RECORDING_SCRIPT_PATH={{ matrix_jitsi_jibri_finalize_recording_script_path }} +JIBRI_STRIP_DOMAIN_JID={{ matrix_jitsi_jibri_strip_domain_jid }} +JIBRI_LOGS_DIR={{ matrix_jitsi_jibri_logs_path }} +DISPLAY=:0 +TZ={{ matrix_jitsi_timezone }} diff --git a/roles/matrix-jitsi/templates/jibri/finalize.sh.j2 b/roles/matrix-jitsi/templates/jibri/finalize.sh.j2 new file mode 100644 index 00000000000..e69de29bb2d diff --git a/roles/matrix-jitsi/templates/jibri/jibri.cfg.lua.j2 b/roles/matrix-jitsi/templates/jibri/jibri.cfg.lua.j2 new file mode 100644 index 00000000000..661ad6b270f --- /dev/null +++ b/roles/matrix-jitsi/templates/jibri/jibri.cfg.lua.j2 @@ -0,0 +1,12 @@ +Component {{ matrix_jitsi_xmpp_internal_muc_domain|string|to_json }} "muc" + modules_enabled = { + "ping"; + } + storage = "memory" + muc_room_cache_size = 1000 + +VirtualHost {{ matrix_jitsi_recorder_domain|string|to_json }} + modules_enabled = { + "ping"; + } + authentication = "internal_plain" diff --git a/roles/matrix-jitsi/templates/jibri/logging.properties.j2 b/roles/matrix-jitsi/templates/jibri/logging.properties.j2 new file mode 100644 index 00000000000..04048f42423 --- /dev/null +++ b/roles/matrix-jitsi/templates/jibri/logging.properties.j2 @@ -0,0 +1,33 @@ +handlers = java.util.logging.FileHandler, java.util.logging.ConsoleHandler + +java.util.logging.FileHandler.level = FINE +java.util.logging.FileHandler.pattern = {{ matrix_jitsi_jibri_logs_path }}/log.%g.txt +java.util.logging.FileHandler.formatter = net.java.sip.communicator.util.ScLogFormatter +java.util.logging.FileHandler.count = 10 +java.util.logging.FileHandler.limit = 10000000 + +org.jitsi.jibri.capture.ffmpeg.util.FfmpegFileHandler.level = FINE +org.jitsi.jibri.capture.ffmpeg.util.FfmpegFileHandler.pattern = {{ matrix_jitsi_jibri_logs_path }}/ffmpeg.%g.txt +org.jitsi.jibri.capture.ffmpeg.util.FfmpegFileHandler.formatter = net.java.sip.communicator.util.ScLogFormatter +org.jitsi.jibri.capture.ffmpeg.util.FfmpegFileHandler.count = 10 +org.jitsi.jibri.capture.ffmpeg.util.FfmpegFileHandler.limit = 10000000 + +org.jitsi.jibri.sipgateway.pjsua.util.PjsuaFileHandler.level = FINE +org.jitsi.jibri.sipgateway.pjsua.util.PjsuaFileHandler.pattern = {{ matrix_jitsi_jibri_logs_path }}/pjsua.%g.txt +org.jitsi.jibri.sipgateway.pjsua.util.PjsuaFileHandler.formatter = net.java.sip.communicator.util.ScLogFormatter +org.jitsi.jibri.sipgateway.pjsua.util.PjsuaFileHandler.count = 10 +org.jitsi.jibri.sipgateway.pjsua.util.PjsuaFileHandler.limit = 10000000 + +org.jitsi.jibri.selenium.util.BrowserFileHandler.level = FINE +org.jitsi.jibri.selenium.util.BrowserFileHandler.pattern = {{ matrix_jitsi_jibri_logs_path }}/browser.%g.txt +org.jitsi.jibri.selenium.util.BrowserFileHandler.formatter = net.java.sip.communicator.util.ScLogFormatter +org.jitsi.jibri.selenium.util.BrowserFileHandler.count = 10 +org.jitsi.jibri.selenium.util.BrowserFileHandler.limit = 10000000 + +java.util.logging.ConsoleHandler.level = FINE +java.util.logging.ConsoleHandler.formatter = net.java.sip.communicator.util.ScLogFormatter + +org.jitsi.level = FINE + +org.glassfish.level = INFO +org.osgi.level = INFO diff --git a/roles/matrix-jitsi/templates/jibri/matrix-jitsi-jibri.service.j2 b/roles/matrix-jitsi/templates/jibri/matrix-jitsi-jibri.service.j2 new file mode 100644 index 00000000000..beaac934529 --- /dev/null +++ b/roles/matrix-jitsi/templates/jibri/matrix-jitsi-jibri.service.j2 @@ -0,0 +1,35 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=Matrix jitsi-jibri server +{% for service in matrix_jitsi_jibri_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} + +[Service] +Type=simple +ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-jitsi-jibri +ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-jitsi-jibri + +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jibri \ + --log-driver=none \ + --network={{ matrix_docker_network }} \ + --env-file={{ matrix_jitsi_jibri_base_path }}/env \ + --device=/dev/snd:/dev/snd \ + --mount type=bind,src={{ matrix_jitsi_jibri_base_path }},dst={{ matrix_jitsi_jibri_base_path }} \ + {% for arg in matrix_jitsi_jibri_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + -v /dev/shm:/dev/shm \ + --cap-add=SYS_ADMIN \ + --cap-add=NET_BIND_SERVICE \ + {{ matrix_jitsi_jibri_docker_image }} + +ExecStop=-{{ matrix_host_command_docker }} kill matrix-jitsi-jibri +ExecStop=-{{ matrix_host_command_docker }} rm matrix-jitsi-jibri +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-jitsi-jibri + +[Install] +WantedBy=multi-user.target