oxofrmbl/jitsi-meet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8e76a96668
jitsi-meet/infra/k3s
History
Dennis Paradzinski 8e76a96668
All checks were successful
deploy / deploy (push) Successful in 4s
Details
feat: switch Prosody to JWT auth (HS256, Embertime as issuer) 
Replaces the anonymous-OK setup with JWT-gated joins. Only participants
that Embertime invited get a valid token — random URL-guessers can no
longer enter rooms even if they discover the slug.

- ConfigMap: ENABLE_AUTH=1 + AUTH_TYPE=jwt + JWT_APP_ID=embertime
- 20-secrets.yaml.example: JWT_APP_SECRET placeholder with docs
- CLAUDE.md: documents the new auth model + rotation flow

Pipeline rolls config out; the secret itself stays out-of-band — admin
copies it from Embertime UI (Settings → Meeting-Server) or queries the
embertime DB directly.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-11 15:19:00 +02:00
..
00-namespace.yaml chore: initial Jitsi-Meet k3s scaffold for darkemberserver 2026-05-11 12:55:29 +02:00
10-config.yaml feat: switch Prosody to JWT auth (HS256, Embertime as issuer) 2026-05-11 15:19:00 +02:00
20-secrets.yaml.example feat: switch Prosody to JWT auth (HS256, Embertime as issuer) 2026-05-11 15:19:00 +02:00
30-prosody.yaml chore: initial Jitsi-Meet k3s scaffold for darkemberserver 2026-05-11 12:55:29 +02:00
40-jicofo.yaml chore: initial Jitsi-Meet k3s scaffold for darkemberserver 2026-05-11 12:55:29 +02:00
50-web.yaml chore: initial Jitsi-Meet k3s scaffold for darkemberserver 2026-05-11 12:55:29 +02:00
60-jvb.yaml fix(jvb): shift media port to UDP 10001 (10000 taken by OpenDesk bundle) 2026-05-11 14:48:10 +02:00
70-ingress.yaml chore: initial Jitsi-Meet k3s scaffold for darkemberserver 2026-05-11 12:55:29 +02:00