data "docker_registry_image" "jitsi_jvb" {
  name = "jitsi/jvb:stable"
}

resource "docker_service" "jitsi_jvb" {
  name = "jitsi_jvb"

  labels {
    label = "shepherd.auto-update"
    value = "true"
  }

  endpoint_spec {
    ports {
      target_port    = 10000
      published_port = 10000
      protocol       = "udp"
      publish_mode   = "host"
    }

    ports {
      target_port    = 4443
      published_port = 4443
      protocol       = "tcp"
      publish_mode   = "host"
    }
  }

  task_spec {
    networks_advanced {
      name = docker_network.jitsi.id
    }

    container_spec {
      image = "${data.docker_registry_image.jitsi_jvb.name}@${data.docker_registry_image.jitsi_jvb.sha256_digest}"

      env = {
        DOCKER_HOST_ADDRESS        = "talk.chaoswest.tv"
        JVB_AUTH_USER              = "jvb"
        JVB_AUTH_PASSWORD          = nonsensitive(var.secrets.jvb_auth_password)
        JVB_BREWERY_MUC            = "jvbbrewery"
        JVB_PORT                   = "10000"
        JVB_TCP_HARVESTER_DISABLED = "true"
        JVB_TCP_PORT               = "4443"
        JVB_TCP_MAPPED_PORT        = "4443"
        JVB_STUN_SERVERS           = "meet-jit-si-turnrelay.jitsi.net:443"
        PUBLIC_URL                 = "https://talk.chaoswest.tv"
        TZ                         = "Europe/Berlin"
        XMPP_AUTH_DOMAIN           = "auth.meet.jitsi"
        XMPP_INTERNAL_MUC_DOMAIN   = "internal-muc.meet.jitsi"
        XMPP_SERVER                = "jitsi_prosody"
      }
    }
  }
}