oxofrmbl/jitsi-meet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d946046773
jitsi-meet/.gitea/workflows/deploy.yml
Dennis Paradzinski 6efce0c8f1
Some checks failed
deploy / deploy (push) Failing after 3s
Details
chore: initial Jitsi-Meet k3s scaffold for darkemberserver 
Self-hosted Jitsi instance at meet.it.financeflow.de — avoids the
meet.jit.si moderator-auth wall. Four components (web/prosody/jicofo/jvb)
as raw k3s manifests, same deploy pattern as Embertime (Gitea Actions
+ kubectl apply + KUBECONFIG_B64 secret).

JVB uses hostNetwork + UDP 10000 for media — requires router forward.
Component passwords live in a kubectl-applied Secret (not in git);
generate-secrets.sh produces a fresh manifest.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-11 12:55:29 +02:00

67 lines
2.2 KiB
YAML
Raw Blame History

name: deploy
on:
push:
branches: [main]
workflow_dispatch:
jobs:
deploy:
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- name: Install kubectl
uses: azure/setup-kubectl@v4
with:
version: latest
- name: Configure kubectl from secret
run: |
mkdir -p "$HOME/.kube"
echo "${{ secrets.KUBECONFIG_B64 }}" | base64 -d > "$HOME/.kube/config"
chmod 600 "$HOME/.kube/config"
kubectl config current-context
# __PUBLIC_IP__ placeholder in jvb manifest needs the actual public
# IP of darkember. Inject from a repo secret so the manifest stays
# generic in git.
- name: Patch JVB public IP
run: |
test -n "${{ secrets.DARKEMBER_PUBLIC_IP }}" || (echo "secret DARKEMBER_PUBLIC_IP missing" && exit 1)
sed -i "s|__PUBLIC_IP__|${{ secrets.DARKEMBER_PUBLIC_IP }}|g" infra/k3s/60-jvb.yaml
- name: Apply manifests
# 20-secrets.yaml is intentionally NOT applied — secret must be
# created out-of-band (see scripts/generate-secrets.sh) so we
# don't overwrite real values with placeholders.
run: |
kubectl apply -f infra/k3s/00-namespace.yaml
kubectl apply -f infra/k3s/10-config.yaml
kubectl apply -f infra/k3s/30-prosody.yaml
kubectl apply -f infra/k3s/40-jicofo.yaml
kubectl apply -f infra/k3s/50-web.yaml
kubectl apply -f infra/k3s/60-jvb.yaml
kubectl apply -f infra/k3s/70-ingress.yaml
- name: Wait for rollout
run: |
kubectl -n jitsi rollout status deployment/prosody --timeout=3m
kubectl -n jitsi rollout status deployment/jicofo --timeout=3m
kubectl -n jitsi rollout status deployment/jitsi-web --timeout=3m
kubectl -n jitsi rollout status deployment/jvb --timeout=3m
- name: Smoke-check
run: |
for i in 1 2 3 4 5; do
if curl -fsS -o /dev/null -w "%{http_code}\n" https://meet.it.financeflow.de/ | grep -q "200\|301\|302"; then
echo "meet.it.financeflow.de is up"
exit 0
fi
sleep 5
done
echo "smoke-check failed"
exit 1
Reference in New Issue View Git Blame Copy Permalink