Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- resource "azurerm_container_group" "jitsigroup" {
- name = "${var.prefix}-containers"
- location = azurerm_resource_group.rg.location
- resource_group_name = azurerm_resource_group.rg.name
- ip_address_type = "public"
- dns_name_label = "${var.prefix}-jitsi"
- os_type = "linux"
- // restart_policy = var.restart_policy
- image_registry_credential {
- username = data.azurerm_key_vault_secret.acr_pull_user.value
- password = data.azurerm_key_vault_secret.acr_pull_password.value
- server = var.acr_server
- }
- // need to create an identity to grant access to the shares
- identity {
- type = "SystemAssigned"
- }
- container {
- name = "web"
- image = "${var.acr_server}/jitsi-web"
- cpu = "0.5"
- memory = "0.5"
- ports {
- port = var.http_port
- }
- ports {
- port = var.https_port
- }
- environment_variables = {
- TZ = var.tz
- JICOFO_AUTH_USER = var.jicofo_auth_user
- XMPP_DOMAIN = var.xmpp_domain
- XMPP_AUTH_DOMAIN = var.xmpp_auth_domain
- XMPP_BOSH_URL_BASE = var.xmpp_bosh_url_base
- XMPP_MUC_DOMAIN = var.xmpp_muc_domain
- ENABLE_LETSENCRYPT = var.enable_letsencrypt
- LETSENCRYPT_DOMAIN = var.letsencrypt_domain
- LETSENCRYPT_EMAIL = var.letsencrypt_email
- PUBLIC_URL = var.public_url
- }
- volume {
- name = azurerm_storage_share.config_web.name
- mount_path = "/config"
- storage_account_name = azurerm_storage_account.config.name
- storage_account_key = data.azurerm_key_vault_secret.storage_account_key.value
- share_name = azurerm_storage_share.config_web.name
- }
- volume {
- name = azurerm_storage_share.letsencrypt_web.name
- mount_path = "/etc/letsencrypt"
- storage_account_name = azurerm_storage_account.config.name
- storage_account_key = data.azurerm_key_vault_secret.storage_account_key.value
- share_name = azurerm_storage_share.letsencrypt_web.name
- }
- volume {
- name = "logs-web"
- mount_path = "/var/log"
- storage_account_name = azurerm_storage_account.config.name
- storage_account_key = data.azurerm_key_vault_secret.storage_account_key.value
- share_name = azurerm_storage_share.logs.name
- }
- }
- container {
- name = "prosody"
- image = "${var.acr_server}/jitsi-prosody"
- cpu = "0.5"
- memory = "0.5"
- ports {
- port = 5222
- }
- ports {
- port = 5347
- }
- ports {
- port = 5280
- }
- environment_variables = {
- JICOFO_AUTH_USER = var.jicofo_auth_user
- JVB_AUTH_USER = var.jvb_auth_user
- XMPP_DOMAIN = var.xmpp_domain
- XMPP_AUTH_DOMAIN = var.xmpp_auth_domain
- XMPP_MUC_DOMAIN = var.xmpp_muc_domain
- XMPP_INTERNAL_MUC_DOMAIN = var.xmpp_internal_muc_domain
- TZ = var.tz
- }
- secure_environment_variables = {
- JICOFO_COMPONENT_SECRET = data.azurerm_key_vault_secret.jicofo_component_secret.value
- JVB_AUTH_PASSWORD = data.azurerm_key_vault_secret.jvb_auth_password.value
- }
- volume {
- name = azurerm_storage_share.prosody_config.name
- mount_path = "/config"
- storage_account_name = azurerm_storage_account.config.name
- storage_account_key = data.azurerm_key_vault_secret.storage_account_key.value
- share_name = azurerm_storage_share.prosody_config.name
- }
- volume {
- name = "prosody-log"
- mount_path = "/var/log"
- storage_account_name = azurerm_storage_account.config.name
- storage_account_key = data.azurerm_key_vault_secret.storage_account_key.value
- share_name = azurerm_storage_share.logs.name
- }
- }
- container {
- name = "jicofo"
- image = "${var.acr_server}/jitsi-jicofo"
- memory = 0.5
- cpu = 0.5
- environment_variables = {
- JICOFO_AUTH_USER = var.jicofo_auth_user
- XMPP_DOMAIN = var.xmpp_domain
- XMPP_AUTH_DOMAIN = var.xmpp_auth_domain
- XMPP_INTERNAL_MUC_DOMAIN = var.xmpp_internal_muc_domain
- XMPP_SERVER = var.xmpp_server
- JVB_BREWERY_MUC = var.jvb_brewery_muc
- TZ = var.tz
- }
- secure_environment_variables = {
- JICOFO_AUTH_PASSWORD = data.azurerm_key_vault_secret.jicofo_auth.value
- JICOFO_COMPONENT_SECRET = data.azurerm_key_vault_secret.jicofo_component_secret.value
- }
- volume {
- name = azurerm_storage_share.jicofo_config.name
- mount_path = "/config"
- storage_account_name = azurerm_storage_account.config.name
- storage_account_key = data.azurerm_key_vault_secret.storage_account_key.value
- share_name = azurerm_storage_share.jicofo_config.name
- }
- volume {
- name = "jicofo-log"
- mount_path = "/var/log"
- storage_account_name = azurerm_storage_account.config.name
- storage_account_key = data.azurerm_key_vault_secret.storage_account_key.value
- share_name = azurerm_storage_share.logs.name
- }
- // depends on prosody
- }
- container {
- name = "jvb"
- image = "${var.acr_server}/jitsi-jvb"
- cpu = "0.5"
- memory = "0.5"
- ports {
- port = var.jvb_port
- protocol = "UDP"
- }
- ports {
- port = var.jvb_tcp_port
- protocol = "TCP"
- }
- environment_variables = {
- XMPP_AUTH_DOMAIN = var.xmpp_auth_domain
- XMPP_INTERNAL_MUC_DOMAIN = var.xmpp_internal_muc_domain
- XMPP_SERVER = var.xmpp_server
- JVB_AUTH_USER = var.jvb_auth_user
- JVB_BREWERY_MUC = var.jvb_brewery_muc
- JVB_PORT = var.jvb_port
- JVB_TCP_HARVESTER_DISABLED = var.jvb_tcp_harvester_disabled
- JVB_STUN_SERVERS = var.jvb_stun_servers
- TZ = var.tz
- }
- secure_environment_variables = {
- JVB_AUTH_PASSWORD = data.azurerm_key_vault_secret.jvb_auth_password.value
- }
- volume {
- name = azurerm_storage_share.jvb_config.name
- mount_path = "/config"
- storage_account_name = azurerm_storage_account.config.name
- storage_account_key = data.azurerm_key_vault_secret.storage_account_key.value
- share_name = azurerm_storage_share.jvb_config.name
- }
- volume {
- name = "jvb-log"
- mount_path = "/var/log"
- storage_account_name = azurerm_storage_account.config.name
- storage_account_key = data.azurerm_key_vault_secret.storage_account_key.value
- share_name = azurerm_storage_share.logs.name
- }
- }
- }
Add Comment
Please, Sign In to add comment