Dennis Paradzinski
6efce0c8f1
Some checks failed
deploy / deploy (push) Failing after 3s
Self-hosted Jitsi instance at meet.it.financeflow.de — avoids the meet.jit.si moderator-auth wall. Four components (web/prosody/jicofo/jvb) as raw k3s manifests, same deploy pattern as Embertime (Gitea Actions + kubectl apply + KUBECONFIG_B64 secret). JVB uses hostNetwork + UDP 10000 for media — requires router forward. Component passwords live in a kubectl-applied Secret (not in git); generate-secrets.sh produces a fresh manifest. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
48 lines
1.3 KiB
YAML
48 lines
1.3 KiB
YAML
# XMPP server — cluster-internal only. Holds the conference state and
|
|
# brokers messages between web (client) ↔ jicofo ↔ jvb. Single-replica
|
|
# stateful service; do NOT scale.
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: prosody
|
|
namespace: jitsi
|
|
spec:
|
|
replicas: 1
|
|
strategy:
|
|
type: Recreate
|
|
selector:
|
|
matchLabels: { app: prosody }
|
|
template:
|
|
metadata:
|
|
labels: { app: prosody }
|
|
spec:
|
|
containers:
|
|
- name: prosody
|
|
image: jitsi/prosody:stable
|
|
envFrom:
|
|
- configMapRef: { name: jitsi-config }
|
|
- secretRef: { name: jitsi-secrets }
|
|
ports:
|
|
- { name: c2s, containerPort: 5222 }
|
|
- { name: comp, containerPort: 5347 }
|
|
- { name: bosh, containerPort: 5280 }
|
|
readinessProbe:
|
|
tcpSocket: { port: 5222 }
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 5
|
|
resources:
|
|
requests: { cpu: 50m, memory: 128Mi }
|
|
limits: { cpu: 500m, memory: 512Mi }
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: prosody
|
|
namespace: jitsi
|
|
spec:
|
|
selector: { app: prosody }
|
|
ports:
|
|
- { name: c2s, port: 5222, targetPort: 5222 }
|
|
- { name: comp, port: 5347, targetPort: 5347 }
|
|
- { name: bosh, port: 5280, targetPort: 5280 }
|