initial commit

2026-01-01 20:42:59 +00:00
commit 2f557eda8c
9029 changed files with 1490197 additions and 0 deletions
--- a/fluxer_devops/livekit/Dockerfile.caddy
+++ b/fluxer_devops/livekit/Dockerfile.caddy
@@ -0,0 +1,10 @@
+FROM caddy:2-builder AS builder
+
+RUN xcaddy build \
+    --with github.com/abiosoft/caddy-yaml \
+    --with github.com/mholt/caddy-l4 \
+    --with github.com/caddy-dns/porkbun
+
+FROM caddy:2
+
+COPY --from=builder /usr/bin/caddy /usr/bin/caddy
--- a/fluxer_devops/livekit/Makefile
+++ b/fluxer_devops/livekit/Makefile
@@ -0,0 +1,40 @@
+.PHONY: help build-caddy build up down restart logs clean
+
+help:
+	@echo "Available commands:"
+	@echo "  make build-caddy  - Build the Caddy Docker image"
+	@echo "  make build        - Build all images (including Caddy)"
+	@echo "  make up           - Start all services"
+	@echo "  make down         - Stop all services"
+	@echo "  make restart      - Restart all services"
+	@echo "  make logs         - View logs from all services"
+	@echo "  make logs-caddy   - View Caddy logs"
+	@echo "  make logs-livekit - View LiveKit logs"
+	@echo "  make clean        - Stop services and remove volumes"
+
+build-caddy:
+	docker build -f Dockerfile.caddy -t fluxer-livekit-caddy:latest .
+
+build: build-caddy
+	docker compose build
+
+up:
+	docker compose up -d
+
+down:
+	docker compose down
+
+restart:
+	docker compose restart
+
+logs:
+	docker compose logs -f
+
+logs-caddy:
+	docker compose logs -f caddy
+
+logs-livekit:
+	docker compose logs -f livekit
+
+clean:
+	docker compose down -v
--- a/fluxer_devops/livekit/caddy.yaml.template
+++ b/fluxer_devops/livekit/caddy.yaml.template
@@ -0,0 +1,56 @@
+logging:
+  logs:
+    default:
+      level: INFO
+
+storage:
+  module: 'file_system'
+  root: '/data'
+
+apps:
+  tls:
+    automation:
+      policies:
+        - subjects:
+            - '${LIVEKIT_DOMAIN}'
+            - '${LIVEKIT_DOMAIN_TURN}'
+          issuers:
+            - module: acme
+              challenges:
+                dns:
+                  provider:
+                    name: porkbun
+                    api_key: '{env.PORKBUN_API_KEY}'
+                    api_secret_key: '{env.PORKBUN_API_SECRET_KEY}'
+          on_demand: false
+    certificates:
+      automate:
+        - '${LIVEKIT_DOMAIN}'
+        - '${LIVEKIT_DOMAIN_TURN}'
+
+  layer4:
+    servers:
+      main:
+        listen: [':443']
+        routes:
+          - match:
+              - tls:
+                  sni:
+                    - '${LIVEKIT_DOMAIN_TURN}'
+            handle:
+              - handler: tls
+              - handler: proxy
+                upstreams:
+                  - dial: ['livekit:5349']
+
+          - match:
+              - tls:
+                  sni:
+                    - '${LIVEKIT_DOMAIN}'
+            handle:
+              - handler: tls
+                connection_policies:
+                  - alpn: ['http/1.1']
+              - handler: proxy
+                upstreams:
+                  - dial: ['livekit:7880']
--- a/fluxer_devops/livekit/compose.yaml
+++ b/fluxer_devops/livekit/compose.yaml
@@ -0,0 +1,65 @@
+services:
+  valkey:
+    image: valkey/valkey:7.2-alpine
+    hostname: valkey
+    command: >
+      valkey-server
+      --requirepass ${REDIS_PASSWORD}
+      --maxmemory 3gb
+      --maxmemory-policy allkeys-lru
+      --save 900 1
+      --save 300 10
+      --save 60 10000
+      --appendonly yes
+    volumes:
+      - valkey_data:/data
+    restart: unless-stopped
+
+  livekit:
+    image: livekit/livekit-server:latest
+    hostname: livekit
+    entrypoint: /entrypoint.sh
+    env_file:
+      - .env
+    volumes:
+      - ./conf/livekit.yaml.template:/etc/livekit.yaml.template:ro
+      - ./entrypoint.sh:/entrypoint.sh:ro
+    ports:
+      - '7881:7881'
+      - '7882:7882/udp'
+      - '3478:3478/udp'
+    depends_on:
+      - valkey
+    restart: unless-stopped
+    deploy:
+      resources:
+        limits:
+          cpus: '4'
+          memory: 6G
+        reservations:
+          cpus: '1'
+          memory: 2G
+
+  caddy:
+    build:
+      context: .
+      dockerfile: Dockerfile.caddy
+    image: fluxer-livekit-caddy:latest
+    hostname: livekit-caddy
+    entrypoint: /entrypoint-caddy.sh
+    env_file:
+      - .env
+    volumes:
+      - ./caddy.yaml.template:/etc/caddy.yaml.template:ro
+      - ./entrypoint-caddy.sh:/entrypoint-caddy.sh:ro
+      - caddy_data:/data
+    ports:
+      - '443:443'
+      - '80:80'
+    depends_on:
+      - livekit
+    restart: unless-stopped
+
+volumes:
+  valkey_data:
+  caddy_data:
--- a/fluxer_devops/livekit/conf/livekit.yaml.template
+++ b/fluxer_devops/livekit/conf/livekit.yaml.template
@@ -0,0 +1,37 @@
+port: 7880
+bind_addresses:
+  - ''
+
+rtc:
+  tcp_port: 7881
+  udp_port: 7882
+  use_external_ip: false
+  node_ip: ${NODE_IP}
+  enable_loopback_candidate: false
+
+redis:
+  address: valkey:6379
+  username: ''
+  password: ${REDIS_PASSWORD}
+  db: 0
+  use_tls: false
+
+turn:
+  enabled: true
+  domain: ${LIVEKIT_DOMAIN_TURN}
+  tls_port: 5349
+  udp_port: 3478
+  external_tls: true
+
+keys:
+  ${LIVEKIT_API_KEY}: ${LIVEKIT_API_SECRET}
+
+room:
+  auto_create: true
+  empty_timeout: 300
+  departure_timeout: 20
+
+webhook:
+  api_key: ${LIVEKIT_API_KEY}
+  urls:
+    - ${LIVEKIT_WEBHOOK_URL}
--- a/fluxer_devops/livekit/entrypoint-caddy.sh
+++ b/fluxer_devops/livekit/entrypoint-caddy.sh
@@ -0,0 +1,26 @@
+#!/bin/sh
+
+# Copyright (C) 2026 Fluxer Contributors
+#
+# This file is part of Fluxer.
+#
+# Fluxer is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Fluxer is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with Fluxer. If not, see <https://www.gnu.org/licenses/>.
+
+set -e
+
+sed -e "s|\${LIVEKIT_DOMAIN}|${LIVEKIT_DOMAIN}|g" \
+    -e "s|\${LIVEKIT_DOMAIN_TURN}|${LIVEKIT_DOMAIN_TURN}|g" \
+    /etc/caddy.yaml.template > /etc/caddy.yaml
+
+exec caddy run --config /etc/caddy.yaml --adapter yaml "$@"
--- a/fluxer_devops/livekit/entrypoint.sh
+++ b/fluxer_devops/livekit/entrypoint.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+# Copyright (C) 2026 Fluxer Contributors
+#
+# This file is part of Fluxer.
+#
+# Fluxer is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Fluxer is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with Fluxer. If not, see <https://www.gnu.org/licenses/>.
+
+set -e
+
+sed -e "s|\${NODE_IP}|${NODE_IP}|g" \
+    -e "s|\${REDIS_PASSWORD}|${REDIS_PASSWORD}|g" \
+    -e "s|\${LIVEKIT_API_KEY}|${LIVEKIT_API_KEY}|g" \
+    -e "s|\${LIVEKIT_API_SECRET}|${LIVEKIT_API_SECRET}|g" \
+    -e "s|\${LIVEKIT_WEBHOOK_URL}|${LIVEKIT_WEBHOOK_URL}|g" \
+    -e "s|\${LIVEKIT_DOMAIN_TURN}|${LIVEKIT_DOMAIN_TURN}|g" \
+    /etc/livekit.yaml.template > /tmp/livekit.yaml
+
+exec /livekit-server --config /tmp/livekit.yaml "$@"