Update for COTURN
This commit is contained in:
3wc
parent
309122240a
commit
ef719bcee4
|
|
@ -0,0 +1,35 @@
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
environment:
|
||||||
|
- TURN_SERVER=${DOMAIN}
|
||||||
|
- TURN_PORT=3478
|
||||||
|
secrets:
|
||||||
|
- coturn_shared_secret
|
||||||
|
|
||||||
|
coturn:
|
||||||
|
image: instrumentisto/coturn:latest
|
||||||
|
networks:
|
||||||
|
- swarm_host
|
||||||
|
secrets:
|
||||||
|
- coturn_shared_secret
|
||||||
|
configs:
|
||||||
|
- source: turnserver_conf
|
||||||
|
target: /etc/coturn/turnserver.conf
|
||||||
|
|
||||||
|
configs:
|
||||||
|
turnserver_conf:
|
||||||
|
name: ${STACK_NAME}_turnserver_conf_${TURNSERVER_CONF_VERSION}
|
||||||
|
file: turnserver.conf.tmpl
|
||||||
|
template_driver: golang
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
coturn_shared_secret:
|
||||||
|
external: true
|
||||||
|
name: ${STACK_NAME}_coturn_shared_secret_${COTURN_SHARED_SECRET_VERSION}
|
||||||
|
|
||||||
|
networks:
|
||||||
|
# use host-mode networking until Docker can handle mass port-forwards:
|
||||||
|
# https://github.com/moby/moby/issues/11185
|
||||||
|
swarm_host:
|
||||||
|
external:
|
||||||
|
name: 'host'
|
||||||
58
compose.yml
58
compose.yml
|
|
@ -2,7 +2,7 @@
|
||||||
version: "3.8"
|
version: "3.8"
|
||||||
|
|
||||||
services:
|
services:
|
||||||
synapse:
|
app:
|
||||||
image: "matrixdotorg/synapse:latest"
|
image: "matrixdotorg/synapse:latest"
|
||||||
volumes:
|
volumes:
|
||||||
- "synapse:/data"
|
- "synapse:/data"
|
||||||
|
|
@ -12,66 +12,38 @@ services:
|
||||||
- LETSENCRYPT_HOST=${DOMAIN}
|
- LETSENCRYPT_HOST=${DOMAIN}
|
||||||
- SYNAPSE_SERVER_NAME=${DOMAIN}
|
- SYNAPSE_SERVER_NAME=${DOMAIN}
|
||||||
- SYNAPSE_REPORT_STATS=no
|
- SYNAPSE_REPORT_STATS=no
|
||||||
- TURN_SERVER=${DOMAIN}
|
|
||||||
- TURN_PORT=3478
|
|
||||||
networks:
|
networks:
|
||||||
- proxy
|
- proxy
|
||||||
|
configs:
|
||||||
|
- source: entrypoint_conf
|
||||||
|
target: /docker-entrypoint.sh
|
||||||
|
mode: 0555
|
||||||
|
entrypoint: /docker-entrypoint.sh
|
||||||
deploy:
|
deploy:
|
||||||
labels:
|
|
||||||
- "traefik.enable=true"
|
|
||||||
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=8008"
|
|
||||||
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
|
|
||||||
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
|
||||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
|
||||||
restart_policy:
|
restart_policy:
|
||||||
condition: on-failure
|
condition: on-failure
|
||||||
delay: "60s"
|
delay: "60s"
|
||||||
max_attempts: 3
|
max_attempts: 3
|
||||||
window: 120s
|
window: 120s
|
||||||
entrypoint: /docker-entrypoint.sh
|
labels:
|
||||||
configs:
|
- "traefik.enable=true"
|
||||||
- source: entrypoint_conf
|
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=8008"
|
||||||
target: /docker-entrypoint.sh
|
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
|
||||||
mode: 0555
|
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||||
secrets:
|
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||||
- coturn_shared_secret
|
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
|
||||||
|
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
|
||||||
coturn:
|
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
||||||
image: instrumentisto/coturn:latest
|
|
||||||
networks:
|
|
||||||
- swarm_host
|
|
||||||
secrets:
|
|
||||||
- coturn_shared_secret
|
|
||||||
configs:
|
|
||||||
- source: turnserver_conf
|
|
||||||
target: /etc/coturn/turnserver.conf
|
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
synapse:
|
synapse:
|
||||||
traefik_letsencrypt:
|
|
||||||
external: true
|
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
proxy:
|
proxy:
|
||||||
external: true
|
external: true
|
||||||
internal:
|
|
||||||
# use host-mode networking until Docker can handle mass port-forwards:
|
|
||||||
# https://github.com/moby/moby/issues/11185
|
|
||||||
swarm_host:
|
|
||||||
external:
|
|
||||||
name: 'host'
|
|
||||||
|
|
||||||
configs:
|
configs:
|
||||||
entrypoint_conf:
|
entrypoint_conf:
|
||||||
name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_CONF_VERSION}
|
name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_CONF_VERSION}
|
||||||
file: entrypoint.sh.tmpl
|
file: entrypoint.sh.tmpl
|
||||||
template_driver: golang
|
template_driver: golang
|
||||||
turnserver_conf:
|
|
||||||
name: ${STACK_NAME}_turnserver_conf_${TURNSERVER_CONF_VERSION}
|
|
||||||
file: turnserver.conf.tmpl
|
|
||||||
template_driver: golang
|
|
||||||
|
|
||||||
secrets:
|
|
||||||
coturn_shared_secret:
|
|
||||||
external: true
|
|
||||||
name: ${STACK_NAME}_coturn_shared_secret_${COTURN_SHARED_SECRET_VERSION}
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue