yanistyle/element-docker-demo
1
0
Fork 0
mirror of https://github.com/element-hq/element-docker-demo.git synced 2026-01-25 22:37:00 +03:00
Code Issues Packages Projects Releases Wiki Activity

make livekit almost work

Browse Source
This commit is contained in:
Matthew Hodgson
2024-11-05 10:16:14 +00:00
parent b17f81a6e3
commit 01b3f9f435
8 changed files with 63 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.env-sample
View File

@@ -12,6 +12,7 @@ DOMAIN=example.com
HOMESERVER_FQDN=matrix.$DOMAIN HOMESERVER_FQDN=matrix.$DOMAIN
ELEMENT_WEB_FQDN=element.$DOMAIN ELEMENT_WEB_FQDN=element.$DOMAIN
ELEMENT_CALL_FQDN=call.$DOMAIN ELEMENT_CALL_FQDN=call.$DOMAIN
LIVEKIT_FQDN=livekit.$DOMAIN
MAS_FQDN=auth.$DOMAIN MAS_FQDN=auth.$DOMAIN
REPORT_STATS=yes REPORT_STATS=yes
@@ -26,6 +27,8 @@ MAS_CLIENT_ID="0000000000000000000SYNAPSE"
MAS_EMAIL_FROM='"Matrix Authentication Service" <support@${DOMAIN}>' MAS_EMAIL_FROM='"Matrix Authentication Service" <support@${DOMAIN}>'
MAS_EMAIL_REPLY_TO='"Matrix Authentication Service" <support@${DOMAIN}>' MAS_EMAIL_REPLY_TO='"Matrix Authentication Service" <support@${DOMAIN}>'
LIVEKIT_NODE_IP=127.0.0.1
COUNTRY=GB COUNTRY=GB
# as a convenience for creating /etc/hosts # as a convenience for creating /etc/hosts

2
README.md
View File

@@ -25,7 +25,7 @@ cp "$(mkcert -CAROOT)"/rootCA.pem data/nginx/ssl
# make an .env to configure your environment # make an .env to configure your environment
cp .env-sample .env cp .env-sample .env
sed -ie s/example.com/$DOMAIN/ .env sed -ir s/example.com/$DOMAIN/ .env
docker compose up docker compose up
``` ```

31
compose.yml
View File

@@ -29,7 +29,6 @@ services:
image: ghcr.io/element-hq/matrix-authentication-service:latest image: ghcr.io/element-hq/matrix-authentication-service:latest
volumes: volumes:
- ${VOLUME_PATH}/data/mas:/data:rw - ${VOLUME_PATH}/data/mas:/data:rw
env_file: .env
# FIXME: stop this regenerating a spurious default config every time # FIXME: stop this regenerating a spurious default config every time
# We can't do the same approach as synapse (unless use a debug image of MAS) as MAS is distroless and has no bash. # We can't do the same approach as synapse (unless use a debug image of MAS) as MAS is distroless and has no bash.
command: "config generate -o /data/config.yaml.default" command: "config generate -o /data/config.yaml.default"
@@ -78,18 +77,8 @@ services:
depends_on: depends_on:
init: init:
condition: service_completed_successfully condition: service_completed_successfully
# synapse: synapse:
# condition: service_started condition: service_started
# synapse-generic-worker-1:
# condition: service_started
# synapse-federation-sender-1:
# condition: service_started
# matrix-authentication-service:
# condition: service_started
# element-web:
# condition: service_started
# element-call:
# condition: service_started
# certbot: # certbot:
# image: certbot/certbot:latest # image: certbot/certbot:latest
@@ -129,6 +118,11 @@ services:
redis: redis:
image: redis:latest image: redis:latest
restart: unless-stopped restart: unless-stopped
# healthcheck:
# test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
# interval: 1s
# timeout: 3s
# retries: 5
networks: networks:
- backend - backend
@@ -148,6 +142,8 @@ services:
secrets: secrets:
- synapse_signing_key - synapse_signing_key
depends_on: depends_on:
redis:
condition: service_started
postgres: postgres:
condition: service_healthy condition: service_healthy
init: init:
@@ -257,11 +253,14 @@ services:
init: init:
condition: service_completed_successfully condition: service_completed_successfully
livekit-server: livekit:
image: livekit/livekit-server:latest image: livekit/livekit-server:latest
restart: unless-stopped restart: unless-stopped
volumes:
- ${VOLUME_PATH}/data/livekit/config.yaml:/etc/livekit.yaml
command: --config /etc/livekit.yaml --node-ip ${LIVEKIT_NODE_IP}
ports: ports:
- 7880:7880 # HTTP API # - 7880:7880 # HTTP listener
- 7881:7881 # WS signalling - 7881:7881 # WS signalling
# - 50000-60000:50000-60000/tcp # TCP media # - 50000-60000:50000-60000/tcp # TCP media
# - 50000-60000:50000-60000/udp # UDP media # - 50000-60000:50000-60000/udp # UDP media
@@ -270,3 +269,5 @@ services:
depends_on: depends_on:
init: init:
condition: service_completed_successfully condition: service_completed_successfully
redis:
condition: service_started

9
data-template/element-web/config.json
View File

@@ -17,7 +17,11 @@
"default_widget_container_height": 280, "default_widget_container_height": 280,
"default_country_code": "${COUNTRY}", "default_country_code": "${COUNTRY}",
"show_labs_settings": false, "show_labs_settings": false,
"features": {}, "features": {
"feature_video_rooms": true,
"feature_group_calls": true,
"feature_element_call_video_rooms": true
},
"default_federate": true, "default_federate": true,
"default_theme": "light", "default_theme": "light",
"room_directory": { "room_directory": {
@@ -27,8 +31,7 @@
"breadcrumbs": true "breadcrumbs": true
}, },
"element_call": { "element_call": {
"url": "https://${ELEMENT_CALL_FQDN}", "url": "https://${ELEMENT_CALL_FQDN}"
"brand": "Element Call"
}, },
"map_style_url": "https://api.maptiler.com/maps/streets/style.json?key=fU3vlMsMn4Jb6dnEIFsx" "map_style_url": "https://api.maptiler.com/maps/streets/style.json?key=fU3vlMsMn4Jb6dnEIFsx"
} }

3
data-template/mas/config.yaml
View File

@@ -86,6 +86,9 @@ policy:
admin_users: admin_users:
- admin - admin
account:
password_registration_enabled: false
branding: branding:
service_name: null service_name: null
policy_uri: null policy_uri: null

18
data-template/nginx/conf.d/app.conf
View File

@@ -66,7 +66,7 @@ server {
include /etc/nginx/conf.d/include/ssl.conf; include /etc/nginx/conf.d/include/ssl.conf;
location / { location / {
proxy_pass http://element-call; proxy_pass http://element-call:8080;
proxy_set_header X-Forwarded-For ${DOLLAR}remote_addr; proxy_set_header X-Forwarded-For ${DOLLAR}remote_addr;
} }
} }
@@ -84,6 +84,18 @@ server {
} }
} }
server {
server_name ${LIVEKIT_FQDN};
server_tokens off;
include /etc/nginx/conf.d/include/ssl.conf;
location / {
proxy_pass http://livekit:7880;
proxy_set_header X-Forwarded-For ${DOLLAR}remote_addr;
}
}
server { server {
server_name ${HOMESERVER_FQDN}; server_name ${HOMESERVER_FQDN};
server_tokens off; server_tokens off;
@@ -106,21 +118,25 @@ server {
location ~ ^/_matrix/client/(r0|v3)/sync${DOLLAR} { location ~ ^/_matrix/client/(r0|v3)/sync${DOLLAR} {
proxy_pass http://synapse-generic-worker-1:8081; proxy_pass http://synapse-generic-worker-1:8081;
proxy_set_header X-Forwarded-For ${DOLLAR}remote_addr; proxy_set_header X-Forwarded-For ${DOLLAR}remote_addr;
proxy_set_header X-Forwarded-Proto ${DOLLAR}scheme;
} }
location ~ ^/_matrix/client/(api/v1|r0|v3)/events${DOLLAR} { location ~ ^/_matrix/client/(api/v1|r0|v3)/events${DOLLAR} {
proxy_pass http://synapse-generic-worker-1:8081; proxy_pass http://synapse-generic-worker-1:8081;
proxy_set_header X-Forwarded-For ${DOLLAR}remote_addr; proxy_set_header X-Forwarded-For ${DOLLAR}remote_addr;
proxy_set_header X-Forwarded-Proto ${DOLLAR}scheme;
} }
location ~ ^/_matrix/client/(api/v1|r0|v3)/initialSync${DOLLAR} { location ~ ^/_matrix/client/(api/v1|r0|v3)/initialSync${DOLLAR} {
proxy_pass http://synapse-generic-worker-1:8081; proxy_pass http://synapse-generic-worker-1:8081;
proxy_set_header X-Forwarded-For ${DOLLAR}remote_addr; proxy_set_header X-Forwarded-For ${DOLLAR}remote_addr;
proxy_set_header X-Forwarded-Proto ${DOLLAR}scheme;
} }
location ~ ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync${DOLLAR} { location ~ ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync${DOLLAR} {
proxy_pass http://synapse-generic-worker-1:8081; proxy_pass http://synapse-generic-worker-1:8081;
proxy_set_header X-Forwarded-For ${DOLLAR}remote_addr; proxy_set_header X-Forwarded-For ${DOLLAR}remote_addr;
proxy_set_header X-Forwarded-Proto ${DOLLAR}scheme;
} }
location / { location / {

2
data-template/nginx/www/.well-known/matrix/client
View File

@@ -12,7 +12,7 @@
"org.matrix.msc4143.rtc_foci": [ "org.matrix.msc4143.rtc_foci": [
{ {
"type": "livekit", "type": "livekit",
"livekit_service_url": "https://${ELEMENT_CALL_FQDN}" "livekit_service_url": "https://${LIVEKIT_FQDN}"
} }
] ]
} }

16
init/init.sh
View File

@@ -42,6 +42,16 @@ then
head -c16 /dev/urandom | base64 | tr -d '=' > /secrets/postgres/postgres_password head -c16 /dev/urandom | base64 | tr -d '=' > /secrets/postgres/postgres_password
fi fi
mkdir -p /secrets/livekit
if [[ ! -f /secrets/livekit/livekit_api_key ]]
then
(echo -n API; (head -c8 /dev/urandom | base64)) | tr -d '=' > /secrets/livekit/livekit_api_key
fi
if [[ ! -f /secrets/livekit/livekit_secret_key ]]
then
head -c28 /dev/urandom | base64 | tr -d '=' > /secrets/livekit/livekit_secret_key
fi
# TODO: compare the default generated config with our templates to see if our templates are stale # TODO: compare the default generated config with our templates to see if our templates are stale
# we'd have to strip out the secrets from the generated configs to be able to diff them sensibly # we'd have to strip out the secrets from the generated configs to be able to diff them sensibly
@@ -78,6 +88,12 @@ export DOLLAR='$' # evil hack to escape dollars in config files
template "/data-template/mas" template "/data-template/mas"
) )
(
export SECRETS_LIVEKIT_API_KEY=$(</secrets/livekit/livekit_api_key)
export SECRETS_LIVEKIT_SECRET_KEY=$(</secrets/livekit/livekit_secret_key)
template "/data-template/livekit"
)
template "/data-template/element-web" template "/data-template/element-web"
template "/data-template/element-call" template "/data-template/element-call"
template "/data-template/nginx" template "/data-template/nginx"