bongole/Dockerfile

## docker-compose-janus.yml
version: '3'
services:
  janus:
    image: 'myjanus'
    networks:
      private_nw:
        ipv4_address: 172.19.0.2
    command: janus --log-file=/dev/stdout
  turn:
    image: 'instrumentisto/coturn'
    ports:
      #- '3478:3478/tcp'
      #- '3478:3478/udp'
      - '443:443/tcp'
      - '443:443/udp'
    networks:
      default:
      private_nw:
        ipv4_address: 172.19.0.3
    command: -n -v --log-file=/dev/stdout --lt-cred-mech --fingerprint --no-multicast-peers --no-cli \
             --no-stun --no-tlsv1 \
             --no-tcp --no-dtls \
             -a -u user1:pass1 \
             --listening-ip=0.0.0.0 \
             --tls-listening-port=443 \
             --listening-port=443 \
             --cert=/tls/test-cert.pem --pkey=/tls/test-key.pem \
             --relay-ip=172.19.0.3
    volumes:
      - ./tls:/tls
    depends_on:
      - janus
  socat1:
    image: 'alpine/socat'
    ports:
      - '8188:8188'
    command: tcp-l:8188,fork,reuseaddr tcp:172.19.0.2:8188
    networks:
      default:
      private_nw:
        ipv4_address: 172.19.0.4
    depends_on:
      - janus
  socat2:
    image: 'alpine/socat'
    ports:
      - '8088:8088'
    command: tcp-l:8088,fork,reuseaddr tcp:172.19.0.2:8088
    networks:
      default:
      private_nw:
        ipv4_address: 172.19.0.5
    depends_on:
      - janus

networks:
  private_nw:
    internal: true
    ipam:
      driver: default
      config:
        - subnet: 172.19.0.0/24
# mkcert https://github.com/FiloSottile/mkcert

## docker-compose-turns.yml
version: '3'
services:
  janus:
    image: 'myjanus'
    networks:
      private_nw:
        ipv4_address: 172.19.0.2
    command: janus --log-file=/dev/stdout
  turn:
    image: 'instrumentisto/coturn'
    ports:
      #- '3478:3478/tcp'
      #- '3478:3478/udp'
      - '443:443/tcp'
      - '443:443/udp'
    networks:
      default:
      private_nw:
        ipv4_address: 172.19.0.3
    command: -n -v --log-file=/dev/stdout --lt-cred-mech --fingerprint --no-multicast-peers --no-cli \
             --no-stun --no-tlsv1 \
             --no-tcp --no-dtls \
             -a -u user1:pass1 \
             --listening-ip=0.0.0.0 \
             --tls-listening-port=443 \
             --listening-port=443 \
             --cert=/tls/test-cert.pem --pkey=/tls/test-key.pem \
             --relay-ip=172.19.0.3
    volumes:
      - ./tls:/tls
    depends_on:
      - janus
  socat1:
    image: 'alpine/socat'
    ports:
      - '8188:8188'
    command: tcp-l:8188,fork,reuseaddr tcp:172.19.0.2:8188
    networks:
      default:
      private_nw:
        ipv4_address: 172.19.0.4
    depends_on:
      - janus
  socat2:
    image: 'alpine/socat'
    ports:
      - '8088:8088'
    command: tcp-l:8088,fork,reuseaddr tcp:172.19.0.2:8088
    networks:
      default:
      private_nw:
        ipv4_address: 172.19.0.5
    depends_on:
      - janus

networks:
  private_nw:
    internal: true
    ipam:
      driver: default
      config:
        - subnet: 172.19.0.0/24

## Dockerfile
FROM ubuntu:20.04 AS build-env

ENV DEBIAN_FRONTEND=noninteractive
RUN sed -i.bak -e "s%http://archive.ubuntu.com/ubuntu/%http://ftp.iij.ad.jp/pub/linux/ubuntu/archive/%g" /etc/apt/sources.list
RUN apt-get update \
      && apt-get install -y --no-install-recommends wget curl ca-certificates build-essential checkinstall git  \
          python3-pip \
          libmicrohttpd-dev libjansson-dev \
          libssl-dev libsofia-sip-ua-dev libglib2.0-dev \
          libopus-dev libogg-dev libcurl4-openssl-dev \
          libconfig-dev pkg-config gengetopt libtool automake cmake tzdata golang \
      && pip3 install meson ninja

ARG SRTP_VERSION=2.3.0
ARG LIBNICE_VERSION=0.1.17
ARG BORINGSSL_VERSION=chromium-stable
ARG LIBWEBSOCKETS_VERSION=4.1.0
ARG JANUS_VERSION=0.10.5

# srtp
RUN cd /tmp \
      && wget -O libsrtp.tar.gz https://github.com/cisco/libsrtp/archive/v$SRTP_VERSION.tar.gz \
      && tar xfv libsrtp.tar.gz \
      && cd libsrtp-* \
      && ./configure --prefix=/usr --enable-openssl \
      && make -j$(nproc) shared_library \
      && checkinstall -y

# nice
RUN  cd /tmp \
     && git clone --depth 1 -b $LIBNICE_VERSION  https://gitlab.freedesktop.org/libnice/libnice.git libnice-$LIBNICE_VERSION \
     && cd libnice-* \
     && meson --prefix=/usr build \
     && ninja -C build \
     && checkinstall -y ninja -C build install

# boringssl
RUN  cd /tmp \
     && git clone --depth 1 -b $BORINGSSL_VERSION  https://boringssl.googlesource.com/boringssl \
     && cd boringssl \
     && sed -i s/" -Werror"//g CMakeLists.txt \
     && mkdir -p build \
     && cd build \
     && cmake -DCMAKE_CXX_FLAGS="-lrt" .. \
     && make -j$(nproc) \
     && cd .. \
     && mkdir -p /opt/boringssl \
     && cp -R include /opt/boringssl/ \
     && mkdir -p /opt/boringssl/lib \
     && cp build/ssl/libssl.a /opt/boringssl/lib/ \
     && cp build/crypto/libcrypto.a /opt/boringssl/lib/

# websocket
RUN  cd /tmp \
     && wget -O libwebsockets.tar.gz https://github.com/warmcat/libwebsockets/archive/v$LIBWEBSOCKETS_VERSION.tar.gz \
     && tar xvf libwebsockets.tar.gz \
     && cd libwebsockets-* \
     && mkdir libwebsockets-$LIBWEBSOCKETS_VERSION \
     && cd libwebsockets-* \
     && cmake -DCMAKE_INSTALL_PREFIX:PATH=/usr -DCMAKE_C_FLAGS="-fpic" -DLWS_MAX_SMP=1 -DLWS_IPV6="ON" .. \
     && make -j$(nproc) \
     && checkinstall -y

# janus
RUN  cd /tmp \
     && wget -O janus-gateway.tar.gz https://github.com/meetecho/janus-gateway/archive/v$JANUS_VERSION.tar.gz \
     && tar xvf janus-gateway.tar.gz \
     && cd janus-gateway-* \
     && ./autogen.sh \
     && ./configure --disable-post-processing --enable-boringssl=/opt/boringssl/ --disable-data-channels --disable-rabbitmq \
                    --disable-mqtt --disable-unix-sockets --enable-dtls-settimeout --disable-plugin-echotest --disable-plugin-recordplay \
                    --disable-plugin-sip --disable-plugin-videocall --disable-plugin-voicemail --disable-plugin-textroom --enable-rest \
                    --enable-turn-rest-api --enable-plugin-audiobridge --disable-plugin-videoroom --disable-plugin-nosip --disable-plugin-lua \
                    --disable-all-event-handler --enable-json-logger --enable-plugin-duktape \
     && make -j$(nproc) \
     && make configs \
     && checkinstall -y

FROM ubuntu:20.04
COPY --from=build-env /tmp/*/*.deb /tmp/
COPY --from=build-env /tmp/*/*/*.deb /tmp/
RUN sed -i.bak -e "s%http://archive.ubuntu.com/ubuntu/%http://ftp.iij.ad.jp/pub/linux/ubuntu/archive/%g" /etc/apt/sources.list
RUN apt-get update \
    && apt-get upgrade -y \
    && apt-get install -y --no-install-recommends wget curl ca-certificates vim less tcpdump tzdata net-tools iputils-ping \
        libmicrohttpd12 libjansson4 \
        libssl1.1 libsofia-sip-ua0 libglib2.0-0 \
        libopus0 libogg0 libcurl4 \
        libconfig9 linux-tools-generic \
    && apt-get install /tmp/*.deb \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \
    && for f in $(ls /usr/local/etc/janus/*sample); do mv $f ${f%.*}; done \
    && rm -f /usr/bin/perf \
    && ln -s /usr/lib/linux-tools/*/perf /usr/bin/perf \
    && ldconfig
COPY ./janus.plugin.audiobridge.jcfg /usr/local/etc/janus

ENV TZ Asia/Tokyo
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

# docker run --rm -p 8188:8188 -p 8088:8088 -p 40000-40100:40000-40100/udp myjanus janus -r 40000-40100  -1 $(ifconfig eth0 | awk '/inet / {print $2}') --log-file=/dev/stdout
# docker run --rm --network host myjanus janus -r 30000-40000  -1 $(ifconfig eth0 | awk '/inet / {print $2}') --log-file=/dev/stdout

## janus.plugin.audiobridge.jcfg
general: {
        #admin_key = "supersecret"              # If set, rooms can be created via API only
                                                                        # if this key is provided in the request
        #lock_rtp_forward = true                # Whether the admin_key above should be
                                                                        # enforced for RTP forwarding requests too
        #lock_play_file = true                  # Whether the admin_key above should be
                                                                        # enforced for playing .opus files too
        #record_tmp_ext = "tmp"                 # Optional temporary extension to add to filenames
                                                                        # while recording: e.g., setting "tmp" would mean
                                                                        # .wav --> .wav.tmp until the file is closed
        #events = false                                 # Whether events should be sent to event
                                                                        # handlers (default=true)

        # By default, integers are used as a unique ID for both rooms and participants.
        # In case you want to use strings instead (e.g., a UUID), set string_ids to true.
        string_ids = true
}
	version: '3'
	services:
	janus:
	image: 'myjanus'
	networks:
	private_nw:
	ipv4_address: 172.19.0.2
	command: janus --log-file=/dev/stdout
	turn:
	image: 'instrumentisto/coturn'
	ports:
	#- '3478:3478/tcp'
	#- '3478:3478/udp'
	- '443:443/tcp'
	- '443:443/udp'
	networks:
	default:
	private_nw:
	ipv4_address: 172.19.0.3
	command: -n -v --log-file=/dev/stdout --lt-cred-mech --fingerprint --no-multicast-peers --no-cli \
	--no-stun --no-tlsv1 \
	--no-tcp --no-dtls \
	-a -u user1:pass1 \
	--listening-ip=0.0.0.0 \
	--tls-listening-port=443 \
	--listening-port=443 \
	--cert=/tls/test-cert.pem --pkey=/tls/test-key.pem \
	--relay-ip=172.19.0.3
	volumes:
	- ./tls:/tls
	depends_on:
	- janus
	socat1:
	image: 'alpine/socat'
	ports:
	- '8188:8188'
	command: tcp-l:8188,fork,reuseaddr tcp:172.19.0.2:8188
	networks:
	default:
	private_nw:
	ipv4_address: 172.19.0.4
	depends_on:
	- janus
	socat2:
	image: 'alpine/socat'
	ports:
	- '8088:8088'
	command: tcp-l:8088,fork,reuseaddr tcp:172.19.0.2:8088
	networks:
	default:
	private_nw:
	ipv4_address: 172.19.0.5
	depends_on:
	- janus

	networks:
	private_nw:
	internal: true
	ipam:
	driver: default
	config:
	- subnet: 172.19.0.0/24
	# mkcert https://github.com/FiloSottile/mkcert
	FROM ubuntu:20.04 AS build-env

	ENV DEBIAN_FRONTEND=noninteractive
	RUN sed -i.bak -e "s%http://archive.ubuntu.com/ubuntu/%http://ftp.iij.ad.jp/pub/linux/ubuntu/archive/%g" /etc/apt/sources.list
	RUN apt-get update \
	&& apt-get install -y --no-install-recommends wget curl ca-certificates build-essential checkinstall git \
	python3-pip \
	libmicrohttpd-dev libjansson-dev \
	libssl-dev libsofia-sip-ua-dev libglib2.0-dev \
	libopus-dev libogg-dev libcurl4-openssl-dev \
	libconfig-dev pkg-config gengetopt libtool automake cmake tzdata golang \
	&& pip3 install meson ninja

	ARG SRTP_VERSION=2.3.0
	ARG LIBNICE_VERSION=0.1.17
	ARG BORINGSSL_VERSION=chromium-stable
	ARG LIBWEBSOCKETS_VERSION=4.1.0
	ARG JANUS_VERSION=0.10.5

	# srtp
	RUN cd /tmp \
	&& wget -O libsrtp.tar.gz https://github.com/cisco/libsrtp/archive/v$SRTP_VERSION.tar.gz \
	&& tar xfv libsrtp.tar.gz \
	&& cd libsrtp-* \
	&& ./configure --prefix=/usr --enable-openssl \
	&& make -j$(nproc) shared_library \
	&& checkinstall -y

	# nice
	RUN cd /tmp \
	&& git clone --depth 1 -b $LIBNICE_VERSION https://gitlab.freedesktop.org/libnice/libnice.git libnice-$LIBNICE_VERSION \
	&& cd libnice-* \
	&& meson --prefix=/usr build \
	&& ninja -C build \
	&& checkinstall -y ninja -C build install

	# boringssl
	RUN cd /tmp \
	&& git clone --depth 1 -b $BORINGSSL_VERSION https://boringssl.googlesource.com/boringssl \
	&& cd boringssl \
	&& sed -i s/" -Werror"//g CMakeLists.txt \
	&& mkdir -p build \
	&& cd build \
	&& cmake -DCMAKE_CXX_FLAGS="-lrt" .. \
	&& make -j$(nproc) \
	&& cd .. \
	&& mkdir -p /opt/boringssl \
	&& cp -R include /opt/boringssl/ \
	&& mkdir -p /opt/boringssl/lib \
	&& cp build/ssl/libssl.a /opt/boringssl/lib/ \
	&& cp build/crypto/libcrypto.a /opt/boringssl/lib/

	# websocket
	RUN cd /tmp \
	&& wget -O libwebsockets.tar.gz https://github.com/warmcat/libwebsockets/archive/v$LIBWEBSOCKETS_VERSION.tar.gz \
	&& tar xvf libwebsockets.tar.gz \
	&& cd libwebsockets-* \
	&& mkdir libwebsockets-$LIBWEBSOCKETS_VERSION \
	&& cd libwebsockets-* \
	&& cmake -DCMAKE_INSTALL_PREFIX:PATH=/usr -DCMAKE_C_FLAGS="-fpic" -DLWS_MAX_SMP=1 -DLWS_IPV6="ON" .. \
	&& make -j$(nproc) \
	&& checkinstall -y

	# janus
	RUN cd /tmp \
	&& wget -O janus-gateway.tar.gz https://github.com/meetecho/janus-gateway/archive/v$JANUS_VERSION.tar.gz \
	&& tar xvf janus-gateway.tar.gz \
	&& cd janus-gateway-* \
	&& ./autogen.sh \
	&& ./configure --disable-post-processing --enable-boringssl=/opt/boringssl/ --disable-data-channels --disable-rabbitmq \
	--disable-mqtt --disable-unix-sockets --enable-dtls-settimeout --disable-plugin-echotest --disable-plugin-recordplay \
	--disable-plugin-sip --disable-plugin-videocall --disable-plugin-voicemail --disable-plugin-textroom --enable-rest \
	--enable-turn-rest-api --enable-plugin-audiobridge --disable-plugin-videoroom --disable-plugin-nosip --disable-plugin-lua \
	--disable-all-event-handler --enable-json-logger --enable-plugin-duktape \
	&& make -j$(nproc) \
	&& make configs \
	&& checkinstall -y

	FROM ubuntu:20.04
	COPY --from=build-env /tmp//.deb /tmp/
	COPY --from=build-env /tmp///*.deb /tmp/
	RUN sed -i.bak -e "s%http://archive.ubuntu.com/ubuntu/%http://ftp.iij.ad.jp/pub/linux/ubuntu/archive/%g" /etc/apt/sources.list
	RUN apt-get update \
	&& apt-get upgrade -y \
	&& apt-get install -y --no-install-recommends wget curl ca-certificates vim less tcpdump tzdata net-tools iputils-ping \
	libmicrohttpd12 libjansson4 \
	libssl1.1 libsofia-sip-ua0 libglib2.0-0 \
	libopus0 libogg0 libcurl4 \
	libconfig9 linux-tools-generic \
	&& apt-get install /tmp/*.deb \
	&& apt-get clean \
	&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \
	&& for f in $(ls /usr/local/etc/janus/sample); do mv $f ${f%.}; done \
	&& rm -f /usr/bin/perf \
	&& ln -s /usr/lib/linux-tools/*/perf /usr/bin/perf \
	&& ldconfig
	COPY ./janus.plugin.audiobridge.jcfg /usr/local/etc/janus

	ENV TZ Asia/Tokyo
	RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

	# docker run --rm -p 8188:8188 -p 8088:8088 -p 40000-40100:40000-40100/udp myjanus janus -r 40000-40100 -1 $(ifconfig eth0 \| awk '/inet / {print $2}') --log-file=/dev/stdout
	# docker run --rm --network host myjanus janus -r 30000-40000 -1 $(ifconfig eth0 \| awk '/inet / {print $2}') --log-file=/dev/stdout
	general: {
	#admin_key = "supersecret" # If set, rooms can be created via API only
	# if this key is provided in the request
	#lock_rtp_forward = true # Whether the admin_key above should be
	# enforced for RTP forwarding requests too
	#lock_play_file = true # Whether the admin_key above should be
	# enforced for playing .opus files too
	#record_tmp_ext = "tmp" # Optional temporary extension to add to filenames
	# while recording: e.g., setting "tmp" would mean
	# .wav --> .wav.tmp until the file is closed
	#events = false # Whether events should be sent to event
	# handlers (default=true)

	# By default, integers are used as a unique ID for both rooms and participants.
	# In case you want to use strings instead (e.g., a UUID), set string_ids to true.
	string_ids = true
	}