diff --git a/Containers/talk/Dockerfile b/Containers/talk/Dockerfile index 2330c09e..89ab491d 100644 --- a/Containers/talk/Dockerfile +++ b/Containers/talk/Dockerfile @@ -1,70 +1,65 @@ -FROM ubuntu:focal-20230301 +FROM nats:2.9.15-scratch as nats +FROM strukturag/nextcloud-spreed-signaling:1.1.2 as signaling +FROM alpine:3.17.2 +USER root + +COPY --from=nats /nats-server /usr/local/bin/nats-server +COPY --from=signaling /usr/bin/nextcloud-spreed-signaling /usr/local/bin/nextcloud-spreed-signaling RUN set -ex; \ - \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - openssl \ - coturn \ - supervisor \ - curl \ + apk add --no-cache \ ca-certificates \ - netcat \ - dnsutils \ - ; \ - rm -rf /var/lib/apt/lists/* - -RUN set -ex; \ - curl -sL -o "/etc/apt/trusted.gpg.d/morph027-nats-server.asc" "https://packaging.gitlab.io/nats-server/gpg.key"; \ - echo "deb https://packaging.gitlab.io/nats-server nats main" > /etc/apt/sources.list.d/morph027-nats-server.list; \ - . /etc/lsb-release; \ - curl -sL -o "/etc/apt/trusted.gpg.d/morph027-janus.asc" "https://packaging.gitlab.io/janus/gpg.key"; \ - echo "deb https://packaging.gitlab.io/janus/$DISTRIB_CODENAME $DISTRIB_CODENAME main" > /etc/apt/sources.list.d/morph027-janus.list; \ - curl -sL -o "/etc/apt/trusted.gpg.d/morph027-nextcloud-spreed-signaling.asc" "https://packaging.gitlab.io/nextcloud-spreed-signaling/gpg.key"; \ - echo "deb https://packaging.gitlab.io/nextcloud-spreed-signaling signaling main" > /etc/apt/sources.list.d/morph027-nextcloud-spreed-signaling.list - -RUN set -ex; \ - \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - nats-server \ - janus \ - nextcloud-spreed-signaling \ - ; \ - rm -rf /var/lib/apt/lists/* - -RUN adduser --system --group talk - -RUN mkdir /var/log/supervisord; \ - mkdir /var/run/supervisord; \ - chown talk:talk /var/run/supervisord; \ - chown talk:talk /var/log/supervisord; - -COPY start.sh /usr/bin/ -COPY supervisord.conf / -RUN chmod +x /usr/bin/start.sh; \ - chmod +r /supervisord.conf; \ - touch /etc/turnserver.conf; \ - chown talk:talk /etc/turnserver.conf; \ - sed -i '/TURNSERVER_ENABLED/c\TURNSERVER_ENABLED=1' /etc/default/coturn; \ - mkdir -p /var/tmp; - -RUN curl -sL -o "/usr/share/janus/lua/json.lua" "https://raw.githubusercontent.com/rxi/json.lua/master/json.lua"; \ - curl -sL -o "/usr/share/janus/lua/ansicolors.lua" "https://raw.githubusercontent.com/kikito/ansicolors.lua/master/ansicolors.lua" - -RUN mkdir -p /etc/nats; \ - echo "listen: 127.0.0.1:4222" > /etc/nats/nats.conf; \ - mkdir /var/lib/turn; \ - chown talk:talk /etc; \ - chown talk:talk -R /etc/nats; \ - chown talk:talk -R /etc/janus; \ - chown talk:talk -R /etc/signaling; \ - chown talk:talk -R /usr; \ - chown talk:talk -R /var/lib/turn; + tzdata \ + bash \ + coturn \ + openssl \ + supervisor \ + bind-tools \ + netcat-openbsd \ + shadow \ + util-linux \ + build-base \ + lua5.3-dev \ + luarocks5.3; \ + apk add --no-cache janus-gateway --repository http://dl-cdn.alpinelinux.org/alpine/edge/community; \ + useradd --system talk; \ + luarocks-5.3 install luajson; \ + luarocks-5.3 install ansicolors; \ + rename -v ".jcfg.sample" ".jcfg" /etc/janus/*.sample; \ + apk del --no-cache \ + shadow \ + util-linux \ + build-base \ + lua5.3-dev \ + luarocks5.3; # Give root a random password RUN echo "root:$(openssl rand -base64 12)" | chpasswd +COPY --chmod=775 start.sh /usr/bin/start.sh +COPY --chmod=664 supervisord.conf /supervisord.conf + +RUN set -ex; \ + touch \ + /etc/nats.conf \ + /etc/signaling.conf \ + /etc/turnserver.conf; \ + echo "listen: 127.0.0.1:4222" | tee /etc/nats.conf; \ + mkdir -p \ + /var/tmp \ + /var/lib/turn \ + /var/log/supervisord \ + /var/run/supervisord; \ + chown talk:talk -R \ + /usr \ + /etc/janus \ + /etc/nats.conf \ + /etc/signaling.conf \ + /etc/turnserver.conf \ + /var/lib/turn \ + /var/log/supervisord \ + /var/run/supervisord; + # Set default talk port https://github.com/nextcloud/all-in-one/issues/1011 ENV TALK_PORT=3478 diff --git a/Containers/talk/start.sh b/Containers/talk/start.sh index 545e5e68..378811f0 100644 --- a/Containers/talk/start.sh +++ b/Containers/talk/start.sh @@ -51,16 +51,8 @@ denied-peer-ip=203.0.113.0-203.0.113.255 denied-peer-ip=240.0.0.0-255.255.255.255 TURN_CONF -# Janus -set -x -sed -i 's|#interface.*|interface = "lo"|g' /etc/janus/janus.transport.websockets.jcfg -sed -i 's|#ws_interface.*|ws_interface = "lo"|g' /etc/janus/janus.transport.websockets.jcfg -sed -i 's|certfile =|#certfile =|g' /etc/janus/janus.transport.mqtt.jcfg -sed -i 's|keyfile =|#keyfile =|g' /etc/janus/janus.transport.mqtt.jcfg -set +x - # Signling -cat << SIGNALING_CONF > "/etc/signaling/server.conf" +cat << SIGNALING_CONF > "/etc/signaling.conf" [http] listen = 0.0.0.0:8081 diff --git a/Containers/talk/supervisord.conf b/Containers/talk/supervisord.conf index c42bbde1..c3c672a7 100644 --- a/Containers/talk/supervisord.conf +++ b/Containers/talk/supervisord.conf @@ -13,25 +13,25 @@ stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 -command=turnserver +command=turnserver -c /etc/turnserver.conf [program:nats-server] stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 -command=nats-server -c /etc/nats/nats.conf +command=nats-server -c /etc/nats.conf [program:janus] stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 -command=/usr/bin/janus --config=/etc/janus/janus.jcfg --disable-colors --log-stdout +command=janus --config=/etc/janus/janus.jcfg --disable-colors --log-stdout [program:signaling] stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 -command=signaling --config /etc/signaling/server.conf +command=nextcloud-spreed-signaling -config /etc/signaling.conf