Compare commits
9 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 79ca223d5a | |||
| 7c854a6a09 | |||
| 6ca05c68de | |||
| 55b3183eb7 | |||
| 9464f285a2 | |||
| 2dae69cd9d | |||
| b42307fcd5 | |||
| 8724a91981 | |||
| 88781e760a |
3
airgap/.gitignore
vendored
3
airgap/.gitignore
vendored
@ -1,3 +0,0 @@
|
||||
# Build artifacts — do not commit
|
||||
loop-airgap-bundle-*/
|
||||
*.tar.gz
|
||||
@ -1,86 +0,0 @@
|
||||
# Loop Air-Gapped Installation
|
||||
|
||||
This bundle contains everything needed to deploy Loop without internet access.
|
||||
|
||||
## Contents
|
||||
|
||||
- `images/` — Docker images (pre-pulled, saved as tar archives)
|
||||
- `helm/` — Helm charts with vendored dependencies
|
||||
- `docker-compose/` — Docker Compose files
|
||||
- `install.sh` — Installation script
|
||||
|
||||
## Prerequisites
|
||||
|
||||
### For Kubernetes (Helm) deployment:
|
||||
- Kubernetes cluster (v1.21+)
|
||||
- `helm` CLI (v3.x)
|
||||
- `kubectl` configured for your cluster
|
||||
- `docker` or `ctr` (containerd) on nodes for image loading
|
||||
|
||||
### For Docker Compose deployment:
|
||||
- Docker Engine (v20+)
|
||||
- Docker Compose (v2+)
|
||||
|
||||
## Quick Start
|
||||
|
||||
### Option A: Kubernetes (Helm)
|
||||
|
||||
```bash
|
||||
# 1. Load images on the current machine
|
||||
# (repeat on ALL cluster nodes, or use --nodes flag)
|
||||
./install.sh helm --namespace loop
|
||||
|
||||
# With SSH to cluster nodes (loads images on all nodes automatically):
|
||||
./install.sh helm --namespace loop --nodes node1,node2,node3
|
||||
|
||||
# With LiveKit:
|
||||
./install.sh helm --namespace loop --with-livekit
|
||||
|
||||
# With custom values:
|
||||
./install.sh helm --namespace loop --values my-values.yaml
|
||||
```
|
||||
|
||||
### Option B: Docker Compose
|
||||
|
||||
```bash
|
||||
./install.sh compose
|
||||
|
||||
# With LiveKit:
|
||||
./install.sh compose --with-livekit
|
||||
```
|
||||
|
||||
## Manual Image Loading (Kubernetes)
|
||||
|
||||
If you cannot use `--nodes`, load images manually on EACH cluster node:
|
||||
|
||||
```bash
|
||||
# For containerd (most K8s distributions):
|
||||
for f in images/*.tar; do
|
||||
sudo ctr -n k8s.io images import "$f"
|
||||
done
|
||||
|
||||
# For Docker:
|
||||
for f in images/*.tar; do
|
||||
docker load -i "$f"
|
||||
done
|
||||
```
|
||||
|
||||
## Configuration
|
||||
|
||||
Edit `helm/loop-enterprise-stack/values.yaml` before installation to customize:
|
||||
|
||||
- `global.siteUrl` — your Loop URL (REQUIRED)
|
||||
- `global.loopLicense` — your license key (REQUIRED)
|
||||
- PostgreSQL credentials
|
||||
- MinIO credentials
|
||||
- Ingress settings
|
||||
|
||||
The `values-airgap.yaml` file is applied automatically and sets:
|
||||
- `imagePullPolicy: IfNotPresent` (prevents pull attempts)
|
||||
- Push notifications disabled (external server unreachable)
|
||||
|
||||
## Updating
|
||||
|
||||
To update Loop in an air-gapped environment:
|
||||
1. Receive a new bundle from your provider
|
||||
2. Extract and run `./install.sh` again (uses `helm upgrade --install`)
|
||||
@ -1,211 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||
REPO_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
|
||||
|
||||
# Defaults
|
||||
WITH_LIVEKIT=false
|
||||
VERSION=""
|
||||
|
||||
usage() {
|
||||
cat <<EOF
|
||||
Usage: $0 [OPTIONS]
|
||||
|
||||
Build air-gapped bundle for Loop on-premises deployment.
|
||||
Run this on a machine WITH internet access.
|
||||
|
||||
Options:
|
||||
--with-livekit Include LiveKit server and Redis images/charts
|
||||
--version VER Override app version (default: read from Chart.yaml)
|
||||
-h, --help Show this help
|
||||
EOF
|
||||
exit 0
|
||||
}
|
||||
|
||||
while [[ $# -gt 0 ]]; do
|
||||
case "$1" in
|
||||
--with-livekit) WITH_LIVEKIT=true; shift ;;
|
||||
--version) [[ -z "${2:-}" ]] && { echo "ERROR: --version requires an argument"; exit 1; }; VERSION="$2"; shift 2 ;;
|
||||
-h|--help) usage ;;
|
||||
*) echo "Unknown option: $1"; usage ;;
|
||||
esac
|
||||
done
|
||||
|
||||
# Read version from Chart.yaml if not overridden
|
||||
if [[ -z "$VERSION" ]]; then
|
||||
VERSION=$(grep '^appVersion:' "$REPO_ROOT/loop-enterprise-stack/Chart.yaml" | awk '{print $2}')
|
||||
fi
|
||||
if [[ -z "$VERSION" ]]; then
|
||||
echo "ERROR: Could not determine version. Set --version or check Chart.yaml"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
BUNDLE_NAME="loop-airgap-bundle-${VERSION}"
|
||||
BUNDLE_DIR="$SCRIPT_DIR/$BUNDLE_NAME"
|
||||
|
||||
echo "==> Building air-gapped bundle v${VERSION}"
|
||||
echo " LiveKit: ${WITH_LIVEKIT}"
|
||||
|
||||
# ---- Image lists ----
|
||||
|
||||
# Core Helm images (used by loop-enterprise-stack)
|
||||
HELM_IMAGES=(
|
||||
"registry.loop.ru/loop/server:${VERSION}"
|
||||
"appropriate/curl:latest"
|
||||
)
|
||||
|
||||
# Core Docker Compose images
|
||||
COMPOSE_IMAGES=(
|
||||
"registry.loop.ru/loop/server:${VERSION}"
|
||||
"nginx:latest"
|
||||
"postgres:15-alpine3.21"
|
||||
"minio/minio:RELEASE.2022-08-26T19-53-15Z"
|
||||
"minio/mc:RELEASE.2022-08-28T20-08-11Z"
|
||||
)
|
||||
|
||||
# LiveKit images (optional)
|
||||
LIVEKIT_IMAGES=()
|
||||
|
||||
echo "==> Image lists prepared"
|
||||
|
||||
# ---- Prerequisites check ----
|
||||
for cmd in docker helm tar gzip; do
|
||||
if ! command -v "$cmd" &>/dev/null; then
|
||||
echo "ERROR: '$cmd' is required but not found in PATH"
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
# ---- Vendor Helm dependencies ----
|
||||
echo "==> Vendoring Helm dependencies for loop-enterprise-stack..."
|
||||
helm dependency update "$REPO_ROOT/loop-enterprise-stack/"
|
||||
|
||||
echo "==> Extracting Bitnami image references via helm template..."
|
||||
BITNAMI_IMAGES=$(helm template test "$REPO_ROOT/loop-enterprise-stack/" 2>/dev/null \
|
||||
| grep 'image:' \
|
||||
| sed -E 's/.*image:[[:space:]]*"?([^"[:space:]]+)"?.*/\1/' \
|
||||
| sort -u \
|
||||
| grep -v 'registry.loop.ru' \
|
||||
| grep -v 'appropriate/curl')
|
||||
|
||||
while IFS= read -r img; do
|
||||
[[ -n "$img" ]] && HELM_IMAGES+=("$img")
|
||||
done <<< "$BITNAMI_IMAGES"
|
||||
|
||||
if [[ "$WITH_LIVEKIT" == "true" ]]; then
|
||||
echo "==> Vendoring Helm dependencies for loop-livekit-server..."
|
||||
helm dependency update "$REPO_ROOT/loop-livekit-server/"
|
||||
|
||||
echo "==> Extracting LiveKit image references via helm template..."
|
||||
LK_IMAGES=$(helm template test "$REPO_ROOT/loop-livekit-server/" 2>/dev/null \
|
||||
| grep 'image:' \
|
||||
| sed -E 's/.*image:[[:space:]]*"?([^"[:space:]]+)"?.*/\1/' \
|
||||
| sort -u)
|
||||
|
||||
while IFS= read -r img; do
|
||||
[[ -n "$img" ]] && LIVEKIT_IMAGES+=("$img")
|
||||
done <<< "$LK_IMAGES"
|
||||
fi
|
||||
|
||||
echo "==> Helm images to bundle:"
|
||||
printf ' %s\n' "${HELM_IMAGES[@]}"
|
||||
if [[ "$WITH_LIVEKIT" == "true" ]]; then
|
||||
echo "==> LiveKit images to bundle:"
|
||||
printf ' %s\n' "${LIVEKIT_IMAGES[@]}"
|
||||
fi
|
||||
echo "==> Compose images to bundle:"
|
||||
printf ' %s\n' "${COMPOSE_IMAGES[@]}"
|
||||
|
||||
# ---- Prepare bundle directory ----
|
||||
rm -rf "$BUNDLE_DIR"
|
||||
mkdir -p "$BUNDLE_DIR/images"
|
||||
mkdir -p "$BUNDLE_DIR/helm"
|
||||
mkdir -p "$BUNDLE_DIR/docker-compose"
|
||||
if [[ "$WITH_LIVEKIT" == "true" ]]; then
|
||||
mkdir -p "$BUNDLE_DIR/images/livekit"
|
||||
fi
|
||||
|
||||
# ---- Pull and save Helm images ----
|
||||
echo "==> Pulling and saving Helm images..."
|
||||
for img in "${HELM_IMAGES[@]}"; do
|
||||
echo " Pulling: $img"
|
||||
docker pull "$img"
|
||||
safe_name=$(echo "$img" | tr '/:' '_')
|
||||
echo " Saving: $img -> images/${safe_name}.tar"
|
||||
docker save "$img" -o "$BUNDLE_DIR/images/${safe_name}.tar"
|
||||
done
|
||||
|
||||
# ---- Pull and save Compose-only images (skip duplicates) ----
|
||||
echo "==> Pulling and saving Compose-only images..."
|
||||
for img in "${COMPOSE_IMAGES[@]}"; do
|
||||
safe_name=$(echo "$img" | tr '/:' '_')
|
||||
if [[ -f "$BUNDLE_DIR/images/${safe_name}.tar" ]]; then
|
||||
echo " Skipping (already saved): $img"
|
||||
continue
|
||||
fi
|
||||
echo " Pulling: $img"
|
||||
docker pull "$img"
|
||||
echo " Saving: $img -> images/${safe_name}.tar"
|
||||
docker save "$img" -o "$BUNDLE_DIR/images/${safe_name}.tar"
|
||||
done
|
||||
|
||||
# ---- Pull and save LiveKit images ----
|
||||
if [[ "$WITH_LIVEKIT" == "true" ]] && [[ ${#LIVEKIT_IMAGES[@]} -gt 0 ]]; then
|
||||
echo "==> Pulling and saving LiveKit images..."
|
||||
for img in "${LIVEKIT_IMAGES[@]}"; do
|
||||
echo " Pulling: $img"
|
||||
docker pull "$img"
|
||||
safe_name=$(echo "$img" | tr '/:' '_')
|
||||
echo " Saving: $img -> images/livekit/${safe_name}.tar"
|
||||
docker save "$img" -o "$BUNDLE_DIR/images/livekit/${safe_name}.tar"
|
||||
done
|
||||
fi
|
||||
|
||||
# ---- Copy Helm charts (with vendored dependencies) ----
|
||||
echo "==> Copying Helm charts..."
|
||||
cp -r "$REPO_ROOT/loop-enterprise-stack" "$BUNDLE_DIR/helm/loop-enterprise-stack"
|
||||
rm -rf "$BUNDLE_DIR/helm/loop-enterprise-stack/.git"
|
||||
|
||||
if [[ "$WITH_LIVEKIT" == "true" ]]; then
|
||||
cp -r "$REPO_ROOT/loop-livekit-server" "$BUNDLE_DIR/helm/loop-livekit-server"
|
||||
rm -rf "$BUNDLE_DIR/helm/loop-livekit-server/.git"
|
||||
fi
|
||||
|
||||
# ---- Copy docker-compose files ----
|
||||
echo "==> Copying docker-compose files..."
|
||||
cp -r "$REPO_ROOT/docker-compose/"* "$BUNDLE_DIR/docker-compose/"
|
||||
|
||||
# ---- Copy air-gapped values overrides ----
|
||||
echo "==> Copying air-gapped values overrides..."
|
||||
if [[ -f "$SCRIPT_DIR/values-airgap-stack.yaml" ]]; then
|
||||
cp "$SCRIPT_DIR/values-airgap-stack.yaml" "$BUNDLE_DIR/helm/loop-enterprise-stack/values-airgap.yaml"
|
||||
fi
|
||||
if [[ -f "$SCRIPT_DIR/docker-compose-airgap.override.yml" ]]; then
|
||||
cp "$SCRIPT_DIR/docker-compose-airgap.override.yml" "$BUNDLE_DIR/docker-compose/docker-compose-airgap.override.yml"
|
||||
fi
|
||||
if [[ "$WITH_LIVEKIT" == "true" ]] && [[ -f "$SCRIPT_DIR/values-airgap-livekit.yaml" ]]; then
|
||||
cp "$SCRIPT_DIR/values-airgap-livekit.yaml" "$BUNDLE_DIR/helm/loop-livekit-server/values-airgap.yaml"
|
||||
fi
|
||||
|
||||
# ---- Copy install script ----
|
||||
echo "==> Copying install script..."
|
||||
if [[ -f "$SCRIPT_DIR/install.sh" ]]; then
|
||||
cp "$SCRIPT_DIR/install.sh" "$BUNDLE_DIR/install.sh"
|
||||
chmod +x "$BUNDLE_DIR/install.sh"
|
||||
fi
|
||||
|
||||
# ---- Copy README ----
|
||||
if [[ -f "$SCRIPT_DIR/README-airgap.md" ]]; then
|
||||
cp "$SCRIPT_DIR/README-airgap.md" "$BUNDLE_DIR/README.md"
|
||||
fi
|
||||
|
||||
# ---- Package bundle ----
|
||||
echo "==> Packaging bundle..."
|
||||
tar -czf "$SCRIPT_DIR/${BUNDLE_NAME}.tar.gz" -C "$SCRIPT_DIR" "$BUNDLE_NAME"
|
||||
rm -rf "$BUNDLE_DIR"
|
||||
|
||||
BUNDLE_SIZE=$(du -sh "$SCRIPT_DIR/${BUNDLE_NAME}.tar.gz" | awk '{print $1}')
|
||||
echo ""
|
||||
echo "==> Bundle created: ${BUNDLE_NAME}.tar.gz (${BUNDLE_SIZE})"
|
||||
echo " Transfer this file to the air-gapped environment and run install.sh"
|
||||
@ -1,9 +0,0 @@
|
||||
# Air-gapped overrides for Docker Compose deployment
|
||||
# Disables external services unreachable in closed networks
|
||||
|
||||
services:
|
||||
loop:
|
||||
environment:
|
||||
MM_EMAILSETTINGS_PUSHNOTIFICATIONSERVER: ""
|
||||
MM_EMAILSETTINGS_SENDPUSHNOTIFICATIONS: "false"
|
||||
MM_CALLS_RTCD_URL: ""
|
||||
@ -1,235 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||
|
||||
# Defaults
|
||||
MODE=""
|
||||
WITH_LIVEKIT=false
|
||||
CUSTOM_VALUES=""
|
||||
NODES=""
|
||||
NAMESPACE="loop"
|
||||
RELEASE_NAME="loop-stack"
|
||||
LIVEKIT_RELEASE_NAME="loop-livekit"
|
||||
|
||||
usage() {
|
||||
cat <<EOF
|
||||
Usage: $0 MODE [OPTIONS]
|
||||
|
||||
Install Loop in an air-gapped environment.
|
||||
|
||||
Modes:
|
||||
helm Deploy to Kubernetes via Helm
|
||||
compose Deploy via Docker Compose
|
||||
|
||||
Options:
|
||||
--with-livekit Also install LiveKit server
|
||||
--values FILE Additional Helm values file (helm mode only)
|
||||
--namespace NS Kubernetes namespace (default: loop)
|
||||
--release NAME Helm release name (default: loop-stack)
|
||||
--nodes node1,node2,... SSH to these nodes to load images (helm mode only)
|
||||
-h, --help Show this help
|
||||
EOF
|
||||
exit 0
|
||||
}
|
||||
|
||||
[[ $# -eq 0 ]] && usage
|
||||
|
||||
MODE="$1"; shift
|
||||
|
||||
case "$MODE" in
|
||||
helm|compose) ;;
|
||||
-h|--help) usage ;;
|
||||
*) echo "ERROR: Unknown mode '$MODE'. Use 'helm' or 'compose'."; usage ;;
|
||||
esac
|
||||
|
||||
while [[ $# -gt 0 ]]; do
|
||||
case "$1" in
|
||||
--with-livekit) WITH_LIVEKIT=true; shift ;;
|
||||
--values) [[ -z "${2:-}" ]] && { echo "ERROR: --values requires an argument"; exit 1; }; CUSTOM_VALUES="$2"; shift 2 ;;
|
||||
--namespace) [[ -z "${2:-}" ]] && { echo "ERROR: --namespace requires an argument"; exit 1; }; NAMESPACE="$2"; shift 2 ;;
|
||||
--release) [[ -z "${2:-}" ]] && { echo "ERROR: --release requires an argument"; exit 1; }; RELEASE_NAME="$2"; shift 2 ;;
|
||||
--nodes) [[ -z "${2:-}" ]] && { echo "ERROR: --nodes requires an argument"; exit 1; }; NODES="$2"; shift 2 ;;
|
||||
-h|--help) usage ;;
|
||||
*) echo "Unknown option: $1"; usage ;;
|
||||
esac
|
||||
done
|
||||
|
||||
echo "==> Loop Air-Gapped Installer"
|
||||
echo " Mode: ${MODE}"
|
||||
echo " LiveKit: ${WITH_LIVEKIT}"
|
||||
|
||||
# ---- Detect container runtime ----
|
||||
detect_runtime() {
|
||||
if command -v docker &>/dev/null; then
|
||||
echo "docker"
|
||||
elif command -v ctr &>/dev/null; then
|
||||
echo "containerd"
|
||||
elif command -v crictl &>/dev/null; then
|
||||
echo "crictl"
|
||||
else
|
||||
echo "none"
|
||||
fi
|
||||
}
|
||||
|
||||
# ---- Load images locally ----
|
||||
load_images_local() {
|
||||
local dir="$1"
|
||||
local runtime
|
||||
runtime=$(detect_runtime)
|
||||
|
||||
echo "==> Loading images from ${dir} (runtime: ${runtime})..."
|
||||
|
||||
for tarfile in "$dir"/*.tar; do
|
||||
[[ -f "$tarfile" ]] || continue
|
||||
echo " Loading: $(basename "$tarfile")"
|
||||
case "$runtime" in
|
||||
docker)
|
||||
docker load -i "$tarfile"
|
||||
;;
|
||||
containerd)
|
||||
ctr -n k8s.io images import "$tarfile"
|
||||
;;
|
||||
crictl)
|
||||
if command -v ctr &>/dev/null; then
|
||||
ctr -n k8s.io images import "$tarfile"
|
||||
else
|
||||
echo " WARNING: crictl detected but ctr not found. Please load manually:"
|
||||
echo " ctr -n k8s.io images import $tarfile"
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
echo " ERROR: No container runtime found. Install docker or containerd."
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
done
|
||||
}
|
||||
|
||||
# ---- Load images on remote nodes via SSH ----
|
||||
load_images_remote() {
|
||||
local dir="$1"
|
||||
local nodes_csv="$2"
|
||||
|
||||
IFS=',' read -ra NODE_LIST <<< "$nodes_csv"
|
||||
|
||||
for node in "${NODE_LIST[@]}"; do
|
||||
node=$(echo "$node" | xargs)
|
||||
echo "==> Loading images on remote node: ${node}"
|
||||
|
||||
ssh "$node" "mkdir -p /tmp/loop-airgap-images"
|
||||
|
||||
echo " Copying image tars to ${node}..."
|
||||
scp "$dir"/*.tar "${node}:/tmp/loop-airgap-images/"
|
||||
|
||||
ssh "$node" bash -s <<'REMOTE_SCRIPT'
|
||||
set -euo pipefail
|
||||
if command -v ctr &>/dev/null; then
|
||||
for f in /tmp/loop-airgap-images/*.tar; do
|
||||
echo " Loading: $(basename "$f")"
|
||||
ctr -n k8s.io images import "$f"
|
||||
done
|
||||
elif command -v docker &>/dev/null; then
|
||||
for f in /tmp/loop-airgap-images/*.tar; do
|
||||
echo " Loading: $(basename "$f")"
|
||||
docker load -i "$f"
|
||||
done
|
||||
else
|
||||
echo "ERROR: No container runtime found on $(hostname)"
|
||||
exit 1
|
||||
fi
|
||||
rm -rf /tmp/loop-airgap-images
|
||||
REMOTE_SCRIPT
|
||||
|
||||
echo " Done: ${node}"
|
||||
done
|
||||
}
|
||||
|
||||
# ==== MAIN INSTALLATION ====
|
||||
|
||||
# ---- Load core images locally ----
|
||||
load_images_local "$SCRIPT_DIR/images"
|
||||
|
||||
# ---- Load LiveKit images if requested ----
|
||||
if [[ "$WITH_LIVEKIT" == "true" ]] && [[ -d "$SCRIPT_DIR/images/livekit" ]]; then
|
||||
load_images_local "$SCRIPT_DIR/images/livekit"
|
||||
fi
|
||||
|
||||
# ---- Load images on remote nodes (Helm mode only) ----
|
||||
if [[ "$MODE" == "helm" ]] && [[ -n "$NODES" ]]; then
|
||||
load_images_remote "$SCRIPT_DIR/images" "$NODES"
|
||||
if [[ "$WITH_LIVEKIT" == "true" ]] && [[ -d "$SCRIPT_DIR/images/livekit" ]]; then
|
||||
load_images_remote "$SCRIPT_DIR/images/livekit" "$NODES"
|
||||
fi
|
||||
fi
|
||||
|
||||
# ==== HELM MODE ====
|
||||
if [[ "$MODE" == "helm" ]]; then
|
||||
if ! command -v helm &>/dev/null; then
|
||||
echo "ERROR: 'helm' is required but not found in PATH"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
CHART_DIR="$SCRIPT_DIR/helm/loop-enterprise-stack"
|
||||
AIRGAP_VALUES="$CHART_DIR/values-airgap.yaml"
|
||||
|
||||
echo "==> Installing Loop via Helm..."
|
||||
echo " Namespace: ${NAMESPACE}"
|
||||
echo " Release: ${RELEASE_NAME}"
|
||||
|
||||
HELM_CMD="helm upgrade --install ${RELEASE_NAME} ${CHART_DIR}"
|
||||
HELM_CMD+=" --namespace ${NAMESPACE} --create-namespace"
|
||||
|
||||
if [[ -f "$AIRGAP_VALUES" ]]; then
|
||||
HELM_CMD+=" -f ${AIRGAP_VALUES}"
|
||||
fi
|
||||
|
||||
if [[ -n "$CUSTOM_VALUES" ]]; then
|
||||
HELM_CMD+=" -f ${CUSTOM_VALUES}"
|
||||
fi
|
||||
|
||||
echo " Running: ${HELM_CMD}"
|
||||
eval "$HELM_CMD"
|
||||
|
||||
if [[ "$WITH_LIVEKIT" == "true" ]]; then
|
||||
LK_CHART_DIR="$SCRIPT_DIR/helm/loop-livekit-server"
|
||||
LK_AIRGAP_VALUES="$LK_CHART_DIR/values-airgap.yaml"
|
||||
|
||||
echo "==> Installing LiveKit via Helm..."
|
||||
LK_CMD="helm upgrade --install ${LIVEKIT_RELEASE_NAME} ${LK_CHART_DIR}"
|
||||
LK_CMD+=" --namespace ${NAMESPACE} --create-namespace"
|
||||
|
||||
if [[ -f "$LK_AIRGAP_VALUES" ]]; then
|
||||
LK_CMD+=" -f ${LK_AIRGAP_VALUES}"
|
||||
fi
|
||||
|
||||
echo " Running: ${LK_CMD}"
|
||||
eval "$LK_CMD"
|
||||
fi
|
||||
|
||||
echo ""
|
||||
echo "==> Helm installation complete!"
|
||||
echo " Check status: helm list -n ${NAMESPACE}"
|
||||
echo " Check pods: kubectl get pods -n ${NAMESPACE}"
|
||||
fi
|
||||
|
||||
# ==== COMPOSE MODE ====
|
||||
if [[ "$MODE" == "compose" ]]; then
|
||||
COMPOSE_DIR="$SCRIPT_DIR/docker-compose"
|
||||
AIRGAP_OVERRIDE="$COMPOSE_DIR/docker-compose-airgap.override.yml"
|
||||
|
||||
echo "==> Installing Loop via Docker Compose..."
|
||||
|
||||
COMPOSE_CMD="docker compose -f ${COMPOSE_DIR}/docker-compose.yml"
|
||||
if [[ -f "$AIRGAP_OVERRIDE" ]]; then
|
||||
COMPOSE_CMD+=" -f ${AIRGAP_OVERRIDE}"
|
||||
fi
|
||||
COMPOSE_CMD+=" up -d"
|
||||
|
||||
echo " Running: ${COMPOSE_CMD}"
|
||||
eval "$COMPOSE_CMD"
|
||||
|
||||
echo ""
|
||||
echo "==> Docker Compose installation complete!"
|
||||
echo " Check status: docker compose -f ${COMPOSE_DIR}/docker-compose.yml ps"
|
||||
fi
|
||||
@ -1,12 +0,0 @@
|
||||
# Air-gapped overrides for loop-livekit-server
|
||||
# Applied automatically by install.sh in air-gapped environments
|
||||
|
||||
redis:
|
||||
image:
|
||||
pullPolicy: IfNotPresent
|
||||
master:
|
||||
persistence:
|
||||
storageClass: ""
|
||||
replica:
|
||||
persistence:
|
||||
storageClass: ""
|
||||
@ -1,18 +0,0 @@
|
||||
# Air-gapped overrides for loop-enterprise-stack
|
||||
# Applied automatically by install.sh in air-gapped environments
|
||||
|
||||
loop-enterprise-edition:
|
||||
# Prevent Kubernetes from trying to pull images from external registries
|
||||
loopApp:
|
||||
image:
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
initContainerImage:
|
||||
imagePullPolicy: IfNotPresent
|
||||
|
||||
# Disable push notifications (push.loop.ru unreachable in air-gapped)
|
||||
global:
|
||||
features:
|
||||
notifications:
|
||||
push:
|
||||
useHPNS: false
|
||||
29
docker-compose/.env-example
Normal file
29
docker-compose/.env-example
Normal file
@ -0,0 +1,29 @@
|
||||
########## Обязательные переменные ##########
|
||||
|
||||
# Система Loop поставляется с несколькими дополнительными сервисами:
|
||||
# - PostgreSQL - основная БД для хранения данных
|
||||
# - Minio - S3 файловое хранилище
|
||||
# - Nginx - используется как reverse-proxy
|
||||
|
||||
# loop:
|
||||
|
||||
SITEURL=loop.example.com
|
||||
HTTP_PROTOCOL=https://
|
||||
GIPHYSDKKEY=GIPHYSDKKEY
|
||||
|
||||
# db:
|
||||
|
||||
PG_PASSWORD=password
|
||||
PG_USER=loopuser
|
||||
PG_DB_NAME=loop_db
|
||||
|
||||
# s3:
|
||||
|
||||
MINIO_ROOT_USER=MINIO_ROOT_USER
|
||||
MINIO_ROOT_PASSWORD=MINIO_ROOT_PASSWORD
|
||||
|
||||
# s3-client:
|
||||
|
||||
ACCESS_KEY_ID=AWS_ACCESS_KEY_ID
|
||||
SECRET_ACCESS_KEY=AWS_SECRET_ACCESS_KEY
|
||||
BUCKET_NAME=looponprem-bucket
|
||||
@ -16,6 +16,7 @@ services:
|
||||
- loop
|
||||
|
||||
loop:
|
||||
container_name: loop
|
||||
image: "registry.loop.ru/loop/server:10.0.3"
|
||||
restart: "unless-stopped"
|
||||
depends_on:
|
||||
@ -26,22 +27,21 @@ services:
|
||||
- "8443:8443/udp"
|
||||
|
||||
environment:
|
||||
MM_CALLS_RTCD_URL: "http://rtcd.loop.ru:33045" #This is the URL for interacting with the RTC (Real-Time Communication) server, which handles calls in real time.
|
||||
MM_EMAILSETTINGS_PUSHNOTIFICATIONSERVER: "https://push.loop.ru" #This evn indicates the server that sends push notifications.
|
||||
MM_EMAILSETTINGS_SENDPUSHNOTIFICATIONS: "true" #This env indicates whether push notifications are allowed for email
|
||||
MM_EXPERIMENTALSETTINGS_ENABLEAPPBAR: "true" #This env indicates whether the application panel is enabled
|
||||
MM_FEATUREFLAGS_AppsEnabled: "true" #Indicates the availability and ability to use certain applications or functions, for example, access to the gallery to download images
|
||||
MM_FILESETTINGS_AMAZONS3ACCESSKEYID: "<AWS_ACCESS_KEY_ID>" #Access Key ID to access s3 storage
|
||||
MM_FILESETTINGS_AMAZONS3BUCKET: "looponprem-bucket" #The name of the S3 bucket where the files are stored
|
||||
MM_FILESETTINGS_AMAZONS3ACCESSKEYID: ${ACCESS_KEY_ID} #Access Key ID to access s3 storage
|
||||
MM_FILESETTINGS_AMAZONS3BUCKET: ${BUCKET_NAME} #The name of the S3 bucket where the files are stored
|
||||
MM_FILESETTINGS_AMAZONS3ENDPOINT: "minio:9000" #The URL of the S3 storage endpoint
|
||||
MM_FILESETTINGS_AMAZONS3PATHPREFIX: "loop" #This option allows you to specify the path to files on S3
|
||||
MM_FILESETTINGS_AMAZONS3SECRETACCESSKEY: "<AWS_SECRET_ACCESS_KEY>" #The secret key for accessing S3 storage
|
||||
MM_FILESETTINGS_AMAZONS3SECRETACCESSKEY: ${SECRET_ACCESS_KEY} #The secret key for accessing S3 storage
|
||||
MM_FILESETTINGS_AMAZONS3SSE: "false" #Env indicates whether SSL (Server-Side Encryption) is enabled for S3
|
||||
MM_FILESETTINGS_AMAZONS3SSL: "false" #Env indicates whether the connection to Amazon S3 should take place over SSL
|
||||
MM_FILESETTINGS_DRIVERNAME: "amazons3" #The name of the driver for working with files
|
||||
MM_FILESETTINGS_MAXFILESIZE: 1048576000 #The maximum file size to download, specified in bytes.
|
||||
MM_JOBSETTINGS_RUNJOBS: "false" #Specifies whether job should be performed
|
||||
MM_JOBSETTINGS_RUNSCHEDULER: "false" #The flag indicates whether the task scheduler should be started
|
||||
MM_JOBSETTINGS_RUNJOBS: "true" #Default is true, only disable when a job-server is deployed.
|
||||
MM_JOBSETTINGS_RUNSCHEDULER: "true" #Default is true, only disable when a job-server is deployed.
|
||||
MM_LOGSETTINGS_CONSOLEJSON: "false" #The flag indicates whether the output to the console should be in JSON format
|
||||
MM_LOGSETTINGS_CONSOLELEVEL: "DEBUG" #Logging level for console output
|
||||
MM_LOGSETTINGS_FILELEVEL: "DEBUG" #The logging level for writing to a file
|
||||
@ -55,11 +55,11 @@ services:
|
||||
MM_SERVICESETTINGS_ENABLEOAUTHSERVICEPROVIDER: "true" #It is used to determine whether the use of third-party OAuth service providers is allowed
|
||||
MM_SERVICESETTINGS_ENABLETESTING: "true" #The flag indicates whether testing is allowed
|
||||
MM_SERVICESETTINGS_ENABLEUSERACCESSTOKENS: "true" #The flag indicates whether user access tokens are allowed
|
||||
MM_SERVICESETTINGS_GIPHYSDKKEY: "<GiphySDKkey>" #Giphy SDK key for integration with Giphy
|
||||
MM_SERVICESETTINGS_GIPHYSDKKEY: ${GIPHYSDKKEY} #Giphy SDK key for integration with Giphy
|
||||
MM_SERVICESETTINGS_LICENSEFILELOCATION: "/mattermost/config/license.txt" #The path to the license file
|
||||
MM_SERVICESETTINGS_LISTENADDRESS: ":8065" #The address and port on which the service is listening.
|
||||
MM_SERVICESETTINGS_SITEURL: "https://loop.example.com" #The public URL of the service.
|
||||
MM_SQLSETTINGS_DATASOURCE: "postgres://loopuser:<password>@db/loop_db?sslmode=disable\u0026connect_timeout=10" #Data source for connecting to the PostgreSQL database
|
||||
MM_SERVICESETTINGS_SITEURL: ${HTTP_PROTOCOL}${SITEURL} #The public URL of the service.
|
||||
MM_SQLSETTINGS_DATASOURCE: "postgres://${PG_USER}:${PG_PASSWORD}@db/${PG_DB_NAME}?sslmode=disable\u0026connect_timeout=10" #Data source for connecting to the PostgreSQL database
|
||||
MM_SQLSETTINGS_DRIVERNAME: "postgres" #Name of the database driver
|
||||
MM_TEAMSETTINGS_MAXUSERSPERTEAM: 500 #Maximum number of users per team
|
||||
|
||||
@ -78,9 +78,9 @@ services:
|
||||
image: "postgres:15-alpine3.21"
|
||||
restart: "unless-stopped"
|
||||
environment:
|
||||
POSTGRES_PASSWORD: "<password>"
|
||||
POSTGRES_USER: "loopuser"
|
||||
POSTGRES_DB: "loop_db"
|
||||
POSTGRES_PASSWORD: ${PG_PASSWORD}
|
||||
POSTGRES_USER: ${PG_USER}
|
||||
POSTGRES_DB: ${PG_DB_NAME}
|
||||
volumes:
|
||||
- ./db:/var/lib/postgresql/data
|
||||
networks:
|
||||
@ -91,8 +91,8 @@ services:
|
||||
image: minio/minio:RELEASE.2022-08-26T19-53-15Z
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
MINIO_ROOT_USER: <MINIO_ROOT_USER>
|
||||
MINIO_ROOT_PASSWORD: <MINIO_ROOT_PASSWORD>
|
||||
MINIO_ROOT_USER: ${MINIO_ROOT_USER}
|
||||
MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD}
|
||||
command: server --address :9000 --console-address :9001 /data
|
||||
ports:
|
||||
- "9000"
|
||||
@ -108,14 +108,14 @@ services:
|
||||
volumes:
|
||||
- ./minio:/tmp/policies
|
||||
environment:
|
||||
AWS_ACCESS_KEY_ID: <AWS_ACCESS_KEY_ID>
|
||||
AWS_SECRET_ACCESS_KEY: <AWS_SECRET_ACCESS_KEY>
|
||||
AWS_ACCESS_KEY_ID: ${ACCESS_KEY_ID}
|
||||
AWS_SECRET_ACCESS_KEY: ${SECRET_ACCESS_KEY}
|
||||
entrypoint: >
|
||||
/bin/sh -c "
|
||||
until (/usr/bin/mc config host add loop http://minio:9000 <MINIO_ROOT_USER> <MINIO_ROOT_PASSWORD>) do echo '...waiting...' && sleep 1; done;
|
||||
/usr/bin/mc mb loop/looponprem-bucket;
|
||||
/usr/bin/mc admin user add loop <AWS_ACCESS_KEY_ID> <AWS_SECRET_ACCESS_KEY>;
|
||||
/usr/bin/mc admin policy set loop readwrite user=<AWS_ACCESS_KEY_ID>;
|
||||
until (/usr/bin/mc config host add loop http://minio:9000 ${MINIO_ROOT_USER} ${MINIO_ROOT_PASSWORD}) do echo '...waiting...' && sleep 1; done;
|
||||
/usr/bin/mc mb loop/${BUCKET_NAME};
|
||||
/usr/bin/mc admin user add loop ${ACCESS_KEY_ID} ${SECRET_ACCESS_KEY};
|
||||
/usr/bin/mc admin policy set loop readwrite user= ${ACCESS_KEY_ID};
|
||||
exit 0;
|
||||
"
|
||||
networks:
|
||||
|
||||
@ -11,7 +11,7 @@ map $http_x_forwarded_proto $proxy_x_forwarded_proto {
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
server_name loop.example.com;
|
||||
server_name ${SITEURL};
|
||||
|
||||
ssl_certificate /etc/nginx/ssl/server.crt;
|
||||
ssl_certificate_key /etc/nginx/ssl/server.key;
|
||||
|
||||
@ -15,4 +15,4 @@ maintainers:
|
||||
name: stuart.armstrong
|
||||
name: loop-enterprise-edition
|
||||
type: application
|
||||
version: 1.0.4
|
||||
version: 1.0.5
|
||||
|
||||
@ -15,18 +15,6 @@ global:
|
||||
enableLinkPreviews: true # Предпросмотр ссылок
|
||||
enableCustomEmoji: true # Поддержка пользовательских эмодзи
|
||||
|
||||
# Настройки email-уведомлений
|
||||
sendEmailNotifications: false # Включить email-уведомления
|
||||
requireEmailVerification: false # Требовать подтверждение email
|
||||
feedbackName: "" # Имя отправителя отзывов
|
||||
feedbackEmail: "" # Email для отзывов
|
||||
feedbackOrganization: "" # Организация
|
||||
smtpUsername: "" # SMTP логин
|
||||
smtpPassword: "" # SMTP пароль
|
||||
smtpServer: "" # SMTP сервер
|
||||
smtpPort: "" # SMTP порт
|
||||
connectionSecurity: "" # тип подключения: пусто, TLS или STARTTLS
|
||||
|
||||
features:
|
||||
database:
|
||||
external:
|
||||
@ -226,6 +214,30 @@ loopApp:
|
||||
value: "true" # Разрешить создание access токенов для пользователей
|
||||
- name: MM_SERVICESETTINGS_GIPHYSDKKEY
|
||||
value: "" # Ключ SDK Giphy для интеграции с Giphy
|
||||
- name: MM_EMAILSETTINGS_SENDEMAILNOTIFICATIONS
|
||||
value: "false"
|
||||
- name: MM_EMAILSETTINGS_REQUIREMAILVERIFICATION
|
||||
value: "false" # Требовать подтверждение email
|
||||
- name: MM_EMAILSETTINGS_FEEDBACKEMAIL
|
||||
value: "" # Email-адрес для сбора отзывов и обратной связи от пользователей
|
||||
- name: MM_EMAILSETTINGS_FEEDBACKNAME
|
||||
value: "" # Имя отправителя, которое будет отображаться в письмах с отзывами
|
||||
- name: MM_EMAILSETTINGS_FEEDBACKORGANIZATION
|
||||
value: "" # Название организации/компании, от имени которой отправляются письма с отзывами
|
||||
- name: MM_EMAILSETTINGS_SMTPUSERNAME
|
||||
value: "" # SMTP логин
|
||||
- name: MM_EMAILSETTINGS_CONNECTIONSECURITY
|
||||
value: "" # тип подключения: пусто, TLS или STARTTLS
|
||||
- name: MM_EMAILSETTINGS_SMTPPASSWORD
|
||||
value: "" # SMTP пароль для аутентификации
|
||||
- name: MM_EMAILSETTINGS_ENABLESMTPAUTH
|
||||
value: "" # Включить SMTP-аутентификацию (true/false)
|
||||
- name: MM_EMAILSETTINGS_SMTPPORT
|
||||
value: "" # SMTP порт для подключения (например, 25, 465, 587)
|
||||
- name: MM_EMAILSETTINGS_REPLYTOADDRESS
|
||||
value: "" # Адрес для ответа (куда будут приходить ответы на письма)
|
||||
- name: MM_EMAILSETTINGS_SMTPSERVER
|
||||
value: ""
|
||||
|
||||
## Следующие переменные требуются для запуска в кластерном режиме:
|
||||
# - name: MM_CLUSTERSETTINGS_ENABLE
|
||||
|
||||
@ -3,7 +3,7 @@ appVersion: 10.0.3
|
||||
dependencies:
|
||||
- name: loop-enterprise-edition
|
||||
repository: https://artifacts.wilix.dev/repository/helm-loop
|
||||
version: 1.0.4
|
||||
version: 1.0.5
|
||||
alias: loop-enterprise-edition
|
||||
- condition: postgresql.enabled
|
||||
name: postgresql
|
||||
@ -28,4 +28,4 @@ maintainers:
|
||||
name: stuart.armstrong
|
||||
name: loop-enterprise-stack
|
||||
type: application
|
||||
version: 1.0.6
|
||||
version: 1.0.7
|
||||
|
||||
@ -15,18 +15,6 @@ global:
|
||||
enableLinkPreviews: true
|
||||
enableCustomEmoji: true
|
||||
|
||||
# Settings to enable email notifications
|
||||
sendEmailNotifications: false
|
||||
requireEmailVerification: false
|
||||
feedbackName: ""
|
||||
feedbackEmail: ""
|
||||
feedbackOrganization: ""
|
||||
smtpUsername: ""
|
||||
smtpPassword: ""
|
||||
smtpServer: ""
|
||||
smtpPort: ""
|
||||
connectionSecurity: "" # empty, TLS, or STARTTLS
|
||||
|
||||
features:
|
||||
database:
|
||||
external:
|
||||
@ -188,6 +176,31 @@ loop-enterprise-edition:
|
||||
value: "true" #The flag indicates whether user access tokens are allowed
|
||||
- name: MM_SERVICESETTINGS_GIPHYSDKKEY
|
||||
value: "" #Giphy SDK key for integration with Giphy
|
||||
- name: MM_EMAILSETTINGS_SENDEMAILNOTIFICATIONS
|
||||
value: "false"
|
||||
- name: MM_EMAILSETTINGS_REQUIREMAILVERIFICATION
|
||||
value: "false" # Требовать подтверждение email
|
||||
- name: MM_EMAILSETTINGS_FEEDBACKEMAIL
|
||||
value: "" # Email-адрес для сбора отзывов и обратной связи от пользователей
|
||||
- name: MM_EMAILSETTINGS_FEEDBACKNAME
|
||||
value: "" # Имя отправителя, которое будет отображаться в письмах с отзывами
|
||||
- name: MM_EMAILSETTINGS_FEEDBACKORGANIZATION
|
||||
value: "" # Название организации/компании, от имени которой отправляются письма с отзывами
|
||||
- name: MM_EMAILSETTINGS_SMTPUSERNAME
|
||||
value: "" # SMTP логин
|
||||
- name: MM_EMAILSETTINGS_CONNECTIONSECURITY
|
||||
value: "" # тип подключения: пусто, TLS или STARTTLS
|
||||
- name: MM_EMAILSETTINGS_SMTPPASSWORD
|
||||
value: "" # SMTP пароль для аутентификации
|
||||
- name: MM_EMAILSETTINGS_ENABLESMTPAUTH
|
||||
value: "" # Включить SMTP-аутентификацию (true/false)
|
||||
- name: MM_EMAILSETTINGS_SMTPPORT
|
||||
value: "" # SMTP порт для подключения (например, 25, 465, 587)
|
||||
- name: MM_EMAILSETTINGS_REPLYTOADDRESS
|
||||
value: "" # Адрес для ответа (куда будут приходить ответы на письма)
|
||||
- name: MM_EMAILSETTINGS_SMTPSERVER
|
||||
value: ""
|
||||
|
||||
## The following environment variables are required to run loop in clustered mode.
|
||||
# - name: MM_CLUSTERSETTINGS_ENABLE
|
||||
# value: "true"
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user