From e98740d6f2196782789d3d7989abb4acf73e1c2b Mon Sep 17 00:00:00 2001
From: Robin <robin@robin.town>
Date: Thu, 26 Sep 2024 14:11:40 -0400
Subject: [PATCH 1/3] Make it possible to use the JWT service with a local
 homeserver

I recently tried to use the dev configs with a local homeserver and found that the configuration was not compatible with this. We need to relax the network isolation and TLS cert verification requirements for fully local development to be possible.
---
 backend-docker-compose.yml | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/backend-docker-compose.yml b/backend-docker-compose.yml
index 75b7f7206..a15f6403a 100644
--- a/backend-docker-compose.yml
+++ b/backend-docker-compose.yml
@@ -7,12 +7,16 @@ services:
   auth-service:
     image: ghcr.io/element-hq/lk-jwt-service:latest-ci
     hostname: auth-server
-    ports:
-      - 8881:8080
+    # Use host network in case the configured homeserver runs on localhost
+    network_mode: host
     environment:
+      - LK_JWT_PORT=8881
       - LIVEKIT_URL=ws://localhost:7880
       - LIVEKIT_KEY=devkey
       - LIVEKIT_SECRET=secret
+      # If the configured homeserver runs on localhost, it'll probably be using
+      # a self-signed certificate
+      - LIVEKIT_INSECURE_SKIP_VERIFY_TLS=YES_I_KNOW_WHAT_I_AM_DOING
     deploy:
       restart_policy:
         condition: on-failure

From f0e59baad48e3505560e7ab015bbe4d0a8c63ff2 Mon Sep 17 00:00:00 2001
From: Robin <robin@robin.town>
Date: Thu, 26 Sep 2024 16:53:45 -0400
Subject: [PATCH 2/3] Make the SFU actually usable

---
 backend-docker-compose.yml | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/backend-docker-compose.yml b/backend-docker-compose.yml
index a15f6403a..bf228bf68 100644
--- a/backend-docker-compose.yml
+++ b/backend-docker-compose.yml
@@ -27,11 +27,15 @@ services:
     image: livekit/livekit-server:latest
     command: --dev --config /etc/livekit.yaml
     restart: unless-stopped
-    ports:
-      - "7880:7880"
-      - "7881:7881"
-      - "7882:7882"
-      - "50100-50200:50100-50200"
+    # The SFU seems to work far more reliably when we let it share the host
+    # network rather than opening specific ports (but why?? we're not missing
+    # any…)
+    network_mode: host
+    # ports:
+    #   - "7880:7880"
+    #   - "7881:7881"
+    #   - "7882:7882"
+    #   - "50100-50200:50100-50200"
     volumes:
       - ./backend/livekit.yaml:/etc/livekit.yaml
     networks:

From 5cf1cf9e54b0170f41dc958b9a624dc5936a0d52 Mon Sep 17 00:00:00 2001
From: Robin <robin@robin.town>
Date: Fri, 27 Sep 2024 16:35:39 -0400
Subject: [PATCH 3/3] Make port types explicit

Co-authored-by: fkwp <fkwp@users.noreply.github.com>
---
 backend-docker-compose.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/backend-docker-compose.yml b/backend-docker-compose.yml
index bf228bf68..7f72360ed 100644
--- a/backend-docker-compose.yml
+++ b/backend-docker-compose.yml
@@ -32,10 +32,10 @@ services:
     # any…)
     network_mode: host
     # ports:
-    #   - "7880:7880"
-    #   - "7881:7881"
-    #   - "7882:7882"
-    #   - "50100-50200:50100-50200"
+    #   - "7880:7880/tcp"
+    #   - "7881:7881/tcp"
+    #   - "7882:7882/tcp"
+    #   - "50100-50200:50100-50200/upd"
     volumes:
       - ./backend/livekit.yaml:/etc/livekit.yaml
     networks: