Dennis Paradzinski
6efce0c8f1
Some checks failed
deploy / deploy (push) Failing after 3s
Self-hosted Jitsi instance at meet.it.financeflow.de — avoids the meet.jit.si moderator-auth wall. Four components (web/prosody/jicofo/jvb) as raw k3s manifests, same deploy pattern as Embertime (Gitea Actions + kubectl apply + KUBECONFIG_B64 secret). JVB uses hostNetwork + UDP 10000 for media — requires router forward. Component passwords live in a kubectl-applied Secret (not in git); generate-secrets.sh produces a fresh manifest. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
41 lines
1018 B
YAML
41 lines
1018 B
YAML
# Static Meet UI + nginx that proxies XMPP-over-BOSH back to prosody.
|
|
# Exposed via Ingress in 70-ingress.yaml.
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: jitsi-web
|
|
namespace: jitsi
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels: { app: jitsi-web }
|
|
template:
|
|
metadata:
|
|
labels: { app: jitsi-web }
|
|
spec:
|
|
containers:
|
|
- name: web
|
|
image: jitsi/web:stable
|
|
envFrom:
|
|
- configMapRef: { name: jitsi-config }
|
|
- secretRef: { name: jitsi-secrets }
|
|
ports:
|
|
- { name: http, containerPort: 80 }
|
|
readinessProbe:
|
|
httpGet: { path: /, port: 80 }
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 5
|
|
resources:
|
|
requests: { cpu: 50m, memory: 128Mi }
|
|
limits: { cpu: 500m, memory: 512Mi }
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: jitsi-web
|
|
namespace: jitsi
|
|
spec:
|
|
selector: { app: jitsi-web }
|
|
ports:
|
|
- { name: http, port: 80, targetPort: 80 }
|