dev mode: use local networks IP instead of docker internal 10.7.7.1

this led to multiple issues with UDP pakets being lost due to IP mismatch
2024-12-27 09:08:51 +01:00 · 2024-11-25 13:08:38 +01:00 · 2024-11-25 13:08:38 +01:00 · 17aa49968d
commit 17aa49968d
parent d6c1b0a5ec
5 changed files with 19 additions and 10 deletions
--- a/docker-compose.tmpl.yml
+++ b/docker-compose.tmpl.yml
@ -181,9 +181,9 @@ services:
    environment:
      ESL_PASSWORD: ${FSESL_PASSWORD:-ClueCon}
      {{ if .Env.EXTERNAL_IPv6 }}
-      MS_WEBRTC_LISTEN_IPS: '[{"ip":"::", "announcedIp":"{{ .Env.EXTERNAL_IPv6 }}"}, {"ip":"0.0.0.0", "announcedIp":"${EXTERNAL_IPv4}"}]'
+      MS_WEBRTC_LISTEN_IPS: '[{"ip":"::", "announcedIp":"${EXTERNAL_IPv6}"}, {"ip":"${EXTERNAL_IPv4}", "announcedIp":"${EXTERNAL_IPv4}"}]'
      {{else}}
-      MS_WEBRTC_LISTEN_IPS: '[{"ip":"0.0.0.0", "announcedIp":"${EXTERNAL_IPv4}"}]'
+      MS_WEBRTC_LISTEN_IPS: '[{"ip":"${EXTERNAL_IPv4}", "announcedIp":"${EXTERNAL_IPv4}"}]'
      {{end}}
    volumes:
      - ./data/mediasoup:/var/mediasoup
@ -416,6 +416,7 @@ services:
      - ./data/haproxy/letsencrypt:/etc/letsencrypt
      - ./mod/haproxy/haproxy.cfg:/etc/haproxy/haproxy.cfg
    environment:
+      - DEV_MODE=${DEV_MODE:-}
      - CERT1=${DOMAIN}
      - STAGING=true
      - EMAIL=test@chandi.it
@ -431,6 +432,8 @@ services:
      - "--external-ip=${EXTERNAL_IPv6:-::1}/${EXTERNAL_IPv6:-::1}"
      - "--static-auth-secret=${TURN_SECRET}"
      - "--allowed-peer-ip=${EXTERNAL_IPv4}"
+      - "--relay-ip=${EXTERNAL_IPv4}"
+      - "--relay-ip=${EXTERNAL_IPv6:-::1}"
    volumes:
      - ./mod/coturn/turnserver.conf:/etc/coturn/turnserver.conf
    network_mode: host
--- a/mod/bbb-web/turn-stun-servers.xml
+++ b/mod/bbb-web/turn-stun-servers.xml
@ -14,7 +14,7 @@
        <constructor-arg index="2" value="86400"/>
    </bean>

-    {{if and (isTrue .Env.ENABLE_HTTPS_PROXY) (ne .Env.DOMAIN "10.7.7.1")  }}
+    {{if and (isTrue .Env.ENABLE_HTTPS_PROXY) (not (isTrue .Env.DEV_MODE))  }}
    {{/* ignore when using a self signed certificate in dev mode */}}
    <bean id="turn1" class="org.bigbluebutton.web.services.turn.TurnServer">
        <constructor-arg index="0" value="{{ .Env.TURN_SECRET }}"/>
@ -42,7 +42,7 @@
            <set>
                <ref bean="turn0" />
                
-                {{if and (isTrue .Env.ENABLE_HTTPS_PROXY) (ne .Env.DOMAIN "10.7.7.1")  }}
+                {{if and (isTrue .Env.ENABLE_HTTPS_PROXY) (not (isTrue .Env.DEV_MODE))  }}
                <ref bean="turn1" />
                {{end}}

--- a/mod/coturn/turnserver.conf
+++ b/mod/coturn/turnserver.conf
@ -25,5 +25,4 @@ no-multicast-peers

 # we only need to allow peer connections from the machine itself (from mediasoup or freeswitch).
 denied-peer-ip=0.0.0.0-255.255.255.255
-denied-peer-ip=::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
-allowed-peer-ip=10.7.7.1
+denied-peer-ip=::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
--- a/mod/haproxy/bootstrap.sh
+++ b/mod/haproxy/bootstrap.sh
@ -7,8 +7,7 @@ set -e

 declare -p | grep -Ev '^declare -[[:alpha:]]*r' > /container.env

-
-if [ "x$CERT1" = "x10.7.7.1" ]; then
+if [ "$DEV_MODE" ]; then
    # use self signed certificate
    if [ ! -f /etc/haproxy/certs/haproxy-10.7.7.1.pem ]; then
        mkdir -p /etc/haproxy/certs
--- a/scripts/dev
+++ b/scripts/dev
@ -38,6 +38,14 @@ echo ""
 echo "# ensure submodules are checked out"
 ensure_submodules

+echo ""
+echo "# ensure IP in .env is correct"
+EXTERNAL_IPv4=$(ip route get 8.8.8.8 | head -1 | awk '{ print $7 }')
+echo "The IP of this machine in the local network seems to be"
+echo "   $EXTERNAL_IPv4"
+sed -i "s/EXTERNAL_IPv4=.*/EXTERNAL_IPv4=${EXTERNAL_IPv4}/" .env
+sed -i "s/DOMAIN=.*/DOMAIN=${EXTERNAL_IPv4}/" .env
+
 echo ""
 echo "# recreating docker-compose.yml"
 ./scripts/generate-compose
@ -51,8 +59,8 @@ echo ""
 echo "============================================"
 echo "BBB Development server"
 echo "============================================"
-echo "API Mate: https://mconf.github.io/api-mate/#server=https://10.7.7.1/bigbluebutton/api&sharedSecret=SuperSecret"
-echo "Greenlight: https://10.7.7.1/"
+echo "API Mate: https://mconf.github.io/api-mate/#server=https://${EXTERNAL_IPv4}/bigbluebutton/api&sharedSecret=SuperSecret"
+echo "Greenlight: https://${EXTERNAL_IPv4}/"
 echo "Check containers:     docker-compose ps"
 echo "Rebuilding container: docker-compose up --build CONTAINERNAME"
 echo "============================================"