apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ include "jitsi-meet.name-prosody" . }} labels: {{ include "jitsi-meet.labels" . | indent 4 }} spec: serviceName: {{ include "jitsi-meet.name-prosody" . }} replicas: {{ .Values.prosody.replicaCount }} selector: matchLabels: app.kubernetes.io/name: {{ include "jitsi-meet.name-prosody" . }} app.kubernetes.io/instance: {{ .Release.Name }} template: metadata: labels: app.kubernetes.io/name: {{ include "jitsi-meet.name-prosody" . }} app.kubernetes.io/instance: {{ .Release.Name }} spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ template "jitsi-meet.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: - name: {{ include "jitsi-meet.name-prosody" . }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.prosody.image.repository }}:{{ .Values.prosody.image.tag }}" imagePullPolicy: {{ .Values.prosody.image.pullPolicy }} env: {{ if .Values.jicofo.userAuth.enabled }} - name: JICOFO_AUTH_USER value: "{{ .Values.jicofo.userAuth.name }}" - name: JICOFO_AUTH_PASSWORD valueFrom: secretKeyRef: name: {{ include "jitsi-meet.name-jicofo-config" . }} key: JICOFO_AUTH_PASSWORD {{ end }} {{ if .Values.jicofo.componentSecret }} - name: JICOFO_COMPONENT_SECRET valueFrom: secretKeyRef: name: {{ include "jitsi-meet.name-jicofo-config" . }} key: JICOFO_COMPONENT_SECRET {{ end }} {{- if .Values.jvb.userAuth.enabled }} - name: JVB_AUTH_USER value: {{ .Values.jvb.userAuth.name }} - name: JVB_AUTH_PASSWORD valueFrom: secretKeyRef: name: {{ template "jitsi-meet.name-jvb-config" . }} key: JVB_AUTH_PASSWORD {{- end }} {{- if .Values.prosody.auth.enabled }} - name: ENABLE_AUTH value: "1" - name: ENABLE_GUESTS value: {{ .Values.prosody.auth.guest | quote }} - name: AUTH_TYPE value: {{ .Values.prosody.auth.type | quote }} {{- end }} {{- range .Values.prosody.environment }} - name: {{ .name | quote }} value: {{ .value | quote }} {{- end }} {{- range .Values.common.environment }} - name: {{ .name | quote }} value: {{ .value | quote }} {{- end }} ports: - containerPort: 5222 protocol: TCP name: c2s1 - containerPort: 5269 protocol: TCP name: c2s2 - containerPort: 5280 protocol: TCP name: web - containerPort: 5347 protocol: TCP name: xmpp # lifecycle: # postStart: # exec: # command: # - /bin/bash # - -c # - cat /var/app/prosody.cfg.lua | base64 -d > /defaults/prosody.cfg.lua # - cat /var/app/jitsi-meet.cfg.lua | base64 -d > /defaults/conf.d/jitsi-meet.cfg.lua # # {{ if .Values.prosody.auth.enabled }} # # - prosodyctl --config /config/prosody.cfg.lua register me $XMPP_DOMAIN $JVB_AUTH_PASSWORD; # # {{ end }} resources: {{- toYaml .Values.prosody.resources | nindent 12 }} volumeMounts: - name: config-prosody mountPath: "/var/app" - name: {{ include "jitsi-meet.name-jicofo" . }} image: "{{ .Values.jicofo.image.repository }}:{{ .Values.jicofo.image.tag }}" imagePullPolicy: {{ .Values.jicofo.image.pullPolicy }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} ports: - name: http containerPort: 80 protocol: TCP env: {{ if .Values.jicofo.userAuth.enabled }} - name: JICOFO_AUTH_USER value: {{ .Values.jicofo.userAuth.name }} - name: JICOFO_AUTH_PASSWORD valueFrom: secretKeyRef: name: {{ include "jitsi-meet.name-jicofo-config" . }} key: JICOFO_AUTH_PASSWORD {{ end }} {{ if .Values.jicofo.componentSecret }} - name: JICOFO_COMPONENT_SECRET valueFrom: secretKeyRef: name: {{ include "jitsi-meet.name-jicofo-config" . }} key: JICOFO_COMPONENT_SECRET {{ end }} - name: XMPP_SERVER value: "localhost" {{- if .Values.prosody.auth.enabled }} - name: ENABLE_AUTH value: "1" {{- end }} {{- range .Values.jicofo.environment }} - name: {{ .name | quote }} value: {{ .value | quote }} {{- end }} {{- range .Values.common.environment }} - name: {{ .name | quote }} value: {{ .value | quote }} {{- end }} resources: {{- toYaml .Values.jicofo.resources | nindent 12 }} # lifecycle: # postStart: # exec: # command: # - /bin/bash # - -c # - cp /var/app/sip-communicator.properties /defaults/sip-communicator.properties volumeMounts: - name: config-jicofo mountPath: "/var/app" {{ if .Values.prosody.recorder }} - name: {{ include "jitsi-meet.name-jibri" . }} image: "{{ .Values.jibri.image.repository }}:{{ .Values.jibri.image.tag }}" imagePullPolicy: {{ .Values.jibri.image.pullPolicy }} securityContext: # required to record sound privileged: true capabilities: add: - SYS_RESOURCE - NET_BIND_SERVICE {{- with .Values.jibri.podSecurityContext }} {{- toYaml . | nindent 12 }} {{- end }} env: - name: XMPP_SERVER value: localhost {{- range .Values.jibri.environment }} - name: {{ .name | quote }} value: {{ .value | quote }} {{- end }} {{- range .Values.common.environment }} - name: {{ .name | quote }} value: {{ .value | quote }} {{- end }} volumeMounts: - mountPath: /dev/shm name: shm - mountPath: /dev/snd name: dev-snd {{ end }} volumes: - name: config-jicofo configMap: name: {{ template "jitsi-meet.name-jicofo-config" . }}-cm - name: config-prosody configMap: name: {{ template "jitsi-meet.name-prosody" . }}-config-cm {{ if .Values.prosody.recorder }} - name: shm hostPath: path: /dev/shm - name: dev-snd hostPath: path: /dev/snd {{ end }} {{- with .Values.prosody.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.prosody.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.prosody.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }}