Initial import

2025-12-19 22:16:49 +00:00 · 2021-11-30 11:20:42 +01:00 · 2021-11-30 11:20:42 +01:00 · 2295a33590
commit 2295a33590
884 changed files with 93939 additions and 0 deletions
--- a/Containers/talk/Dockerfile
+++ b/Containers/talk/Dockerfile
@ -0,0 +1,64 @@
+FROM ubuntu:focal
+
+EXPOSE 3478
+
+RUN set -ex; \
+    \
+    apt-get update; \
+    apt-get install -y --no-install-recommends \
+        openssl \
+        coturn \
+        supervisor \
+        curl \
+        ca-certificates \
+    ; \
+    rm -rf /var/lib/apt/lists/*
+
+RUN set -ex; \
+    curl -sL -o "/etc/apt/trusted.gpg.d/morph027-nats-server.asc" "https://packaging.gitlab.io/nats-server/gpg.key"; \
+    echo "deb https://packaging.gitlab.io/nats-server nats main" > /etc/apt/sources.list.d/morph027-nats-server.list; \
+    . /etc/lsb-release; \
+    curl -sL -o "/etc/apt/trusted.gpg.d/morph027-janus.asc" "https://packaging.gitlab.io/janus/gpg.key"; \
+    echo "deb https://packaging.gitlab.io/janus/$DISTRIB_CODENAME $DISTRIB_CODENAME main" > /etc/apt/sources.list.d/morph027-janus.list; \
+    curl -sL -o "/etc/apt/trusted.gpg.d/morph027-nextcloud-spreed-signaling.asc" "https://packaging.gitlab.io/nextcloud-spreed-signaling/gpg.key"; \
+    echo "deb https://packaging.gitlab.io/nextcloud-spreed-signaling signaling main" > /etc/apt/sources.list.d/morph027-nextcloud-spreed-signaling.list
+
+RUN set -ex; \
+    \
+    apt-get update; \
+    apt-get install -y --no-install-recommends \
+        nats-server \
+        janus \
+        nextcloud-spreed-signaling \
+    ; \
+    rm -rf /var/lib/apt/lists/*
+
+RUN adduser --system --group talk
+
+RUN mkdir /var/log/supervisord; \
+    mkdir /var/run/supervisord; \
+    chown talk:talk /var/run/supervisord; \
+    chown talk:talk /var/log/supervisord;
+
+COPY start.sh /usr/bin/
+COPY supervisord.conf /
+RUN chmod +x /usr/bin/start.sh; \
+    chmod +r /supervisord.conf; \
+    touch /etc/turnserver.conf; \
+    chown talk:talk /etc/turnserver.conf; \
+    sed -i '/TURNSERVER_ENABLED/c\TURNSERVER_ENABLED=1' /etc/default/coturn; \
+    mkdir -p /var/tmp;
+
+RUN mkdir -p /etc/nats; \
+    echo "listen: 127.0.0.1:4222" > /etc/nats/nats.conf; \
+    chown talk:talk -R /etc/nats; \
+    chown talk:talk -R /etc/janus; \
+    chown talk:talk -R /etc/signaling; \
+    chown talk:talk -R /usr/share/janus
+
+# Give root a random password
+RUN echo "root:$(openssl rand -base64 12)" | chpasswd
+
+USER talk
+ENTRYPOINT ["start.sh"]
+CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]
--- a/Containers/talk/start.sh
+++ b/Containers/talk/start.sh
@ -0,0 +1,67 @@
+#!/bin/bash
+
+# Variables
+if [ -z "$NC_DOMAIN" ]; then
+    echo "You need to provide the NC_DOMAIN."
+    exit 1
+elif [ -z "$TURN_SECRET" ]; then
+    echo "You need to provide the TURN_SECRET."
+    exit 1
+elif [ -z "$JANUS_API_KEY" ]; then
+    echo "You need to provide the JANUS_API_KEY."
+    exit 1
+elif [ -z "$SIGNALING_SECRET" ]; then
+    echo "You need to provide the JANUS_API_KEY."
+    exit 1
+fi
+
+# Turn
+cat << TURN_CONF > "/etc/turnserver.conf"
+listening-port=3478
+fingerprint
+use-auth-secret
+static-auth-secret=$TURN_SECRET
+realm=$NC_DOMAIN
+total-quota=100
+bps-capacity=0
+stale-nonce
+no-multicast-peers
+simple-log
+pidfile=/var/tmp/turnserver.pid
+TURN_CONF
+
+# Janus
+sed -i "s|#turn_rest_api_key.*|turn_rest_api_key = $JANUS_API_KEY|" /etc/janus/janus.jcfg
+sed -i "s|#full_trickle|full_trickle|g" /etc/janus/janus.jcfg
+sed -i 's|#interface.*|interface = "lo"|g' /etc/janus/janus.transport.websockets.jcfg
+sed -i 's|#ws_interface.*|ws_interface = "lo"|g' /etc/janus/janus.transport.websockets.jcfg
+
+# Signling
+cat << SIGNALING_CONF > "/etc/signaling/server.conf"
+[http]
+listen = 0.0.0.0:8081
+[app]
+debug = false
+[sessions]
+hashkey = $(openssl rand -hex 16)
+blockkey = $(openssl rand -hex 16)
+[clients]
+internalsecret = $(openssl rand -hex 16)
+[backend]
+allowed = ${NC_DOMAIN}
+allowall = false
+secret = ${SIGNALING_SECRET}
+timeout = 10
+connectionsperhost = 8
+[nats]
+url = nats://127.0.0.1:4222
+[mcu]
+type = janus
+url = ws://127.0.0.1:8188
+[turn]
+apikey = ${JANUS_API_KEY}
+secret = ${TURN_SECRET}
+servers = turn:$NC_DOMAIN:3478?transport=tcp,turn:$NC_DOMAIN:3478?transport=udp
+SIGNALING_CONF
+
+exec "$@"
--- a/Containers/talk/supervisord.conf
+++ b/Containers/talk/supervisord.conf
@ -0,0 +1,37 @@
+[supervisord]
+nodaemon=true
+nodaemon=true
+logfile=/var/log/supervisord/supervisord.log
+pidfile=/var/run/supervisord/supervisord.pid
+childlogdir=/var/log/supervisord/
+logfile_maxbytes=50MB                           
+logfile_backups=10                              
+loglevel=error
+
+[program:turnserver]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+command=turnserver
+
+[program:nats-server]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+command=nats-server -c /etc/nats/nats.conf
+
+[program:janus]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+command=janus
+
+[program:signaling]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+command=signaling -config /etc/signaling/server.conf