extern/docker
1
0
Fork 1
mirror of https://github.com/bigbluebutton/docker.git synced 2025-06-26 15:01:33 +02:00
Code Issues Packages Projects Releases Wiki Activity

greenlight v3

Browse Source
This commit is contained in:
chandi 2023-03-21 12:58:28 +01:00
parent 0766a4033c
commit 3d433f8a5c
7 changed files with 99 additions and 221 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
docker-compose.tmpl.yml
View File

@ -156,6 +156,7 @@ services:
- "etherpad:10.7.7.4" - "etherpad:10.7.7.4"
- "webrtc-sfu:10.7.7.1" - "webrtc-sfu:10.7.7.1"
- "html5:10.7.7.11" - "html5:10.7.7.11"
- "greenlight:10.7.7.21"
etherpad: etherpad:
build: mod/etherpad build: mod/etherpad
@ -380,6 +381,10 @@ services:
{{else}} {{else}}
- ./mod/https/site-ipv4only.conf:/etc/nginx/conf.d/bbb-docker.conf - ./mod/https/site-ipv4only.conf:/etc/nginx/conf.d/bbb-docker.conf
{{end}} {{end}}
{{ if isTrue .Env.DEV_MODE }}
# allow bbb api access without https
- ./mod/https/force-https.conf:/usr/local/openresty/nginx/conf/force-https.conf
{{end}}
environment: environment:
{{ if isTrue .Env.DEV_MODE }} {{ if isTrue .Env.DEV_MODE }}
ALLOWED_DOMAINS: "" ALLOWED_DOMAINS: ""
@ -417,24 +422,29 @@ services:
{{ if isTrue .Env.ENABLE_GREENLIGHT }} {{ if isTrue .Env.ENABLE_GREENLIGHT }}
# greenlight # greenlight
greenlight: greenlight:
image: bigbluebutton/greenlight:v2 image: bigbluebutton/greenlight:{{ .Env.TAG_GREENLIGHT }}-alpine
restart: unless-stopped restart: unless-stopped
env_file: .env env_file: .env
depends_on:
- postgres
- redis
environment: environment:
DB_ADAPTER: postgresql DATABASE_URL: postgres://postgres:${POSTGRESQL_SECRET:-password}@postgres:5432/greenlight
DB_HOST: postgres REDIS_URL: redis://redis:6379
DB_NAME: greenlight
DB_USERNAME: postgres
DB_PASSWORD: ${POSTGRESQL_SECRET:-password}
{{ if isTrue .Env.DEV_MODE }} {{ if isTrue .Env.DEV_MODE }}
BIGBLUEBUTTON_ENDPOINT: http://10.7.7.1:48087/bigbluebutton/api/ BIGBLUEBUTTON_ENDPOINT: http://10.7.7.1/bigbluebutton/api
{{else}} {{else}}
BIGBLUEBUTTON_ENDPOINT: https://${DOMAIN}/bigbluebutton/api/ BIGBLUEBUTTON_ENDPOINT: https://${DOMAIN}/bigbluebutton/api
{{end}} {{end}}
BIGBLUEBUTTON_SECRET: ${SHARED_SECRET} BIGBLUEBUTTON_SECRET: ${SHARED_SECRET}
SECRET_KEY_BASE: ${RAILS_SECRET} SECRET_KEY_BASE: ${RAILS_SECRET}
ports: volumes:
- 10.7.7.1:5000:80 - ./greenlight-data:/usr/src/app/storage
networks:
bbb-net:
ipv4_address: 10.7.7.21
postgres: postgres:
image: postgres:12-alpine image: postgres:12-alpine
restart: unless-stopped restart: unless-stopped
@ -449,6 +459,9 @@ services:
retries: 5 retries: 5
volumes: volumes:
- ./postgres-data:/var/lib/postgresql/data - ./postgres-data:/var/lib/postgresql/data
networks:
bbb-net:
ipv4_address: 10.7.7.22
{{end}} {{end}}
{{ if isTrue .Env.ENABLE_PROMETHEUS_EXPORTER }} {{ if isTrue .Env.ENABLE_PROMETHEUS_EXPORTER }}

15
mod/https/force-https.conf Normal file
View File

@ -0,0 +1,15 @@
# overwriting force-https.conf from valian/docker-nginx-auto-ssl
location /bigbluebutton/api/join {
return 301 https://$host$request_uri;
}
# allow /api calls without redirecting to https
location /bigbluebutton/api {
proxy_pass https://127.0.0.1:443;
proxy_ssl_verify off;
}
location / {
return 301 https://$host$request_uri;
}

35
mod/nginx/bbb/greenlight.nginx
View File

@ -1,35 +0,0 @@
# Routes requests to Greenlight based on the '/b' prefix.
# Use this file to route '/b' paths on your BigBlueButton server
# to the Greenlight application. If you are using a different
# subpath, you should change it here.
location /b {
proxy_pass http://host.docker.internal:5000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Ssl on;
proxy_http_version 1.1;
client_max_body_size 1000m;
}
location /b/cable {
proxy_pass http://host.docker.internal:5000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_http_version 1.1;
proxy_read_timeout 6h;
proxy_send_timeout 6h;
client_body_timeout 6h;
send_timeout 6h;
}
# this is necessary for the preupload_presentation feature
location /rails/active_storage {
return 301 /b$request_uri;
}

29
mod/nginx/bigbluebutton
View File

@ -29,12 +29,33 @@ server {
# https://www.eff.org/deeplinks/2021/03/googles-floc-terrible-idea # https://www.eff.org/deeplinks/2021/03/googles-floc-terrible-idea
add_header Permissions-Policy "interest-cohort=()"; add_header Permissions-Policy "interest-cohort=()";
# redirect to greenlight
location = / {
return 302 /b;
}
# Include specific rules for record and playback # Include specific rules for record and playback
include /etc/nginx/bbb/*.nginx; include /etc/nginx/bbb/*.nginx;
location / {
proxy_pass http://greenlight:3000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Ssl on;
proxy_http_version 1.1;
client_max_body_size 1000m;
}
location /cable {
proxy_pass http://greenlight:3000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_http_version 1.1;
proxy_read_timeout 6h;
proxy_send_timeout 6h;
client_body_timeout 6h;
send_timeout 6h;
}
} }

204
sample.env
View File

@ -160,180 +160,42 @@ NUMBER_OF_FRONTEND_NODEJS_PROCESSES=2
# GREENLIGHT CONFIGURATION # GREENLIGHT CONFIGURATION
# ==================================== # ====================================
# Microsoft Office365 Login Provider (optional) ### SMTP CONFIGURATION
# # Emails are required for the basic features of Greenlight to function.
# For in-depth steps on setting up a Office 365 Login Provider, see: # Please refer to your SMTP provider to get the values for the variables below
# #SMTP_SENDER_EMAIL=
# https://docs.bigbluebutton.org/greenlight/gl-config.html#office365-oauth2 #SMTP_SENDER_NAME=
# #SMTP_SERVER=
OFFICE365_KEY= #SMTP_PORT=
OFFICE365_SECRET= #SMTP_DOMAIN=
OFFICE365_HD= #SMTP_USERNAME=
#SMTP_PASSWORD=
# OAUTH2_REDIRECT allows you to specify the redirect_url passed to oauth on sign in. #SMTP_AUTH=
# It is useful for cases when Greenlight is deployed behind a Network Load Balancer or proxy
OAUTH2_REDIRECT=
# LDAP Login Provider (optional)
#
# You can enable LDAP authentication by providing values for the variables below.
# Configuring LDAP authentication will take precedence over all other providers.
# For information about setting up LDAP, see:
#
# https://docs.bigbluebutton.org/greenlight/gl-config.html#ldap-auth
#
# LDAP_SERVER=ldap.example.com
# LDAP_PORT=389
# LDAP_METHOD=plain
# LDAP_UID=uid
# LDAP_BASE=dc=example,dc=com
# LDAP_AUTH=simple
# LDAP_BIND_DN=cn=admin,dc=example,dc=com
# LDAP_PASSWORD=password
# LDAP_ROLE_FIELD=ou
# LDAP_FILTER=(&(attr1=value1)(attr2=value2))
LDAP_SERVER=
LDAP_PORT=
LDAP_METHOD=
LDAP_UID=
LDAP_BASE=
LDAP_BIND_DN=
LDAP_AUTH=
LDAP_PASSWORD=
LDAP_ROLE_FIELD=
LDAP_FILTER=
# Set this to true if you want GreenLight to support user signup and login without
# Omniauth. For more information, see:
#
# https://docs.bigbluebutton.org/greenlight/gl-overview.html#accounts-and-profile
#
ALLOW_GREENLIGHT_ACCOUNTS=true
# Set this to true if you want GreenLight to send verification emails upon
# the creation of a new account
#
# ALLOW_MAIL_NOTIFICATIONS=true
#
# The notifications are sent using sendmail, unless the SMTP_SERVER variable is set.
# In that case, make sure the rest of the variables are properly set.
#
# SMTP_SERVER=smtp.gmail.com
# SMTP_PORT=587
# SMTP_DOMAIN=gmail.com
# SMTP_USERNAME=<youremail@gmail.com>
# SMTP_PASSWORD=<yourpassword>
# SMTP_AUTH=plain
#SMTP_STARTTLS_AUTO=true #SMTP_STARTTLS_AUTO=true
# #SMTP_STARTTLS=false
# If your mail server has a self-signed certificate, you'll also need to include the line below. #SMTP_TLS=false
# Please note that enable this presents its own security risks and should not be done unless necessary. #SMTP_SSL_VERIFY=true
# SMTP_OPENSSL_VERIFY_MODE=none
#
SMTP_SERVER=
SMTP_PORT=
SMTP_DOMAIN=
SMTP_USERNAME=
SMTP_PASSWORD=
SMTP_AUTH=
SMTP_STARTTLS_AUTO=
# Specify the email address that all mail is sent from ### EXTERNAL AUTHENTICATION METHODS
SMTP_SENDER= #
#OPENID_CONNECT_CLIENT_ID=
#OPENID_CONNECT_CLIENT_SECRET=
#OPENID_CONNECT_ISSUER=
#OPENID_CONNECT_REDIRECT=
# Prefix for the applications root URL. # To enable hCaptcha on the user sign up and sign in, define these 2 keys
# Useful for deploying the application to a subdirectory, which is highly recommended #HCAPTCHA_SITE_KEY=
# if deploying on a BigBlueButton server. Keep in mind that if you change this, you'll #HCAPTCHA_SECRET_KEY=
# have to update your authentication callback URL's to reflect this change.
#
# The recommended prefix is "/b".
#
RELATIVE_URL_ROOT=/b
# Specify which settings you would like the users to configure on room creation # Set these if you are using a Simple Storage Service (S3)
# or edit after the room has been created # Uncomment S3_ENDPOINT only if you are using a S3 OTHER than Amazon Web Service (AWS) S3.
# By default, all settings are turned OFF. #S3_ACCESS_KEY_ID=
# #S3_SECRET_ACCESS_KEY=
# Current settings available: #S3_REGION=
# mute-on-join: Automatically mute users by default when they join a room #S3_BUCKET=
# require-moderator-approval: Require moderators to approve new users before they can join the room #S3_ENDPOINT=
# anyone-can-start: Allows anyone with the join url to start the room in BigBlueButton
# all-join-moderator: All users join as moderators in BigBlueButton
ROOM_FEATURES=mute-on-join,require-moderator-approval,anyone-can-start,all-join-moderator
# Specify the maximum number of records to be sent to the BigBlueButton API in one call # Define the default locale language code (i.e. 'en' for English) from the fallowing list:
# Default is set to 25 records # [en, ar, fr, es]
PAGINATION_NUMBER=25 #DEFAULT_LOCALE=en
# Specify the maximum number of rows that should be displayed per page for a paginated table
# Default is set to 25 rows
NUMBER_OF_ROWS=25
# Specify if you want to display the Google Calendar button
# ENABLE_GOOGLE_CALENDAR_BUTTON=true|false
ENABLE_GOOGLE_CALENDAR_BUTTON=
# Set the application into Maintenance Mode
#
# Current options supported:
# true: Renders an error page that does not allow users to access any of the features in the application
# false: Application runs normally
MAINTENANCE_MODE=false
# Displays a flash that appears to inform the user of a scheduled maintenance window
# This variable should contain ONLY the date and time of the scheduled maintenance
#
# Ex: MAINTENANCE_WINDOW=Friday August 18 6pm-10pm EST
MAINTENANCE_WINDOW=
# The link to the Report an Issue button that appears on the 500 page and in the Account Dropdown
#
# Defaults to the Github Issues Page for Greenlight
# Button can be disabled by setting the value to blank
#
# REPORT_ISSUE_URL=https://github.com/bigbluebutton/greenlight/issues/new
# The link to the Need help? button that appears on the Account Dropdown
#
# Defaults to the Greenlight documentation
# Button can be disabled by setting the value to blank
HELP_URL=https://docs.bigbluebutton.org/greenlight/gl-overview.html
# Comment this out to send logs to STDOUT in production instead of log/production.log .
#
# RAILS_LOG_TO_STDOUT=true
#
# When using docker-compose the logs can be sent to an centralized repository like PaperTrail
# just by using the built in driver. Make sure to add to docker-compose.yml the next lines:
#
# logging:
# driver: $LOG_DRIVER
# options:
# syslog-address: $LOG_ADDRESS
# tag: $LOG_TAG
#
# And set this variables up:
#
# LOG_DRIVER=syslog
# LOG_ADDRESS=udp://logs4.papertrailapp.com:[99999]
# LOG_TAG=greenlight.example.com:v2
#
# Check docker-compose and papertrail documentation for encrypting and
# protecting access to the log repository.
# https://docs.docker.com/config/containers/logging/syslog/#options
# https://help.papertrailapp.com/kb/configuration/encrypting-remote-syslog-with-tls-ssl/
#
# For sending logs to a remote aggregator enable these variables:
#
# RAILS_LOG_REMOTE_NAME=logxx.papertrailapp.com
# RAILS_LOG_REMOTE_PORT=9999
# RAILS_LOG_REMOTE_TAG=greenlight
#
# Specify the default registration to be used by Greenlight until an administrator sets the
# registration method
# Allowed values are:
# open - For open registration
# invite - For invite only registration
# approval - For approve/decline registration
DEFAULT_REGISTRATION=open

1
scripts/generate-compose
View File

@ -53,6 +53,7 @@ docker run \
-e TAG_PLAYBACK=${TAG_PLAYBACK} \ -e TAG_PLAYBACK=${TAG_PLAYBACK} \
-e TAG_PADS=${TAG_PADS} \ -e TAG_PADS=${TAG_PADS} \
-e TAG_FREESWITCH=${TAG_FREESWITCH} \ -e TAG_FREESWITCH=${TAG_FREESWITCH} \
-e TAG_GREENLIGHT=${TAG_GREENLIGHT} \
-e DEV_MODE=${DEV_MODE:-false} \ -e DEV_MODE=${DEV_MODE:-false} \
-e EXTERNAL_IPv6=${EXTERNAL_IPv6:-} \ -e EXTERNAL_IPv6=${EXTERNAL_IPv6:-} \
-e ENABLE_RECORDING=${ENABLE_RECORDING:-false} \ -e ENABLE_RECORDING=${ENABLE_RECORDING:-false} \

1
tags.env
View File

@ -18,6 +18,7 @@ TAG_FS_CONFIG=v2.6.0
TAG_FS_BUILD_FILES=v2.6.0 TAG_FS_BUILD_FILES=v2.6.0
TAG_FREESWITCH=v1.10.9 TAG_FREESWITCH=v1.10.9
TAG_GREENLIGHT=v3.0.1
# individual git submodules # individual git submodules
# use `./scripts/checkout-submodules` to ensure, that the submodules # use `./scripts/checkout-submodules` to ensure, that the submodules