setup script, readme update and .env rework

This commit is contained in:
chandi 2020-06-06 14:39:54 +02:00
parent 55d35d20ca
commit 8ab2bec71e
3 changed files with 154 additions and 69 deletions

View File

@ -1,8 +1,5 @@
# BigBlueButton Docker
## Please note
- Not well tested, can be still really buggy. Don't use for production!
## Install
1. Install docker-ce & docker-compose
1. follow instructions
@ -18,31 +15,18 @@
$ git clone --recurse-submodules https://github.com/alangecker/bigbluebutton-docker.git bbb-docker
$ cd bbb-docker
```
6. Create `.env` with `$ cp sample.env .env`
7. Adjust the values in `.env`
- **Important:** don't forget to change `ETHERPAD_API_KEY`, `SHARED_SECRET` and `RAILS_SECRET` to any random values! For example generated with `pwgen 40 3`
- `DOMAIN` and `EXTERNAL_IP` are also required. For example, use `dig +short <DOMAIN>` to get your external ip address.
8. Start container. either...
- **Most common setup**: BigBlueButton with automatic HTTPS certificate retrieval and Greenlight
```bash
$ docker-compose \
-f docker-compose.yml \
-f docker-compose.https.yml \
-f docker-compose.greenlight.yml \
up --detach
```
- **Individual parts**:
- BigBlueButton `$ docker-compose up -d`
- HTTPS reverse proxy
- `$ docker-compose -f docker-compose.https.yml up -d`
- API demos
- `$ docker-compose -f docker-compose.demo.yml up -d`
- Access https://bbb.example.com/demo/
- Greenlight
- `$ docker-compose -f docker-compose.greenlight.yml up -d`
- Create an administrator account \
`$ docker exec greenlight-v2 bundle exec rake admin:create`
- Access https://bbb.example.com/b
6. Run setup:
```bash
$ ./scripts/setup
```
7. Start containers:
```bash
$ ./scripts/compose up -d
```
8. If you use greenlight, you can create an admin account with:
```bash
$ ./scripts/compose exec greenlight bundle exec rake admin:create
```
@ -65,53 +49,32 @@ Also don't forget to forward all necassary ports listed in http://docs.bigbluebu
## Upgrading
### Upgrade BigBlueButton
```bash
cd bbb-docker
# pull repo changes
git pull
# update bbb-webrtc-sfu
git submodule update --remote
# rebuild images
docker-compose build --pull --no-cache
# recreate updated services
docker-compose up -d
```
### Upgrade Greenlight
**Important:** especially with a version before 2020-05-17 create a database backup first, otherwise the data will not be persistent between container recreations.
```bash
cd bbb-docker
# if you use greenlight:
# create a database backup
docker exec -t docker_postgres_1 pg_dumpall -c -U postgres > /root/greenlight_`date +%d-%m-%Y"_"%H_%M_%S`.sql
# pull repo changes
git pull
# upgrade!
./scripts/upgrade
# pull image updates
docker-compose -f docker-compose.greenlight.yml pull
# recreate & restart services if necessary
docker-compose -f docker-compose.greenlight.yml up -d
# restart updated services
./scripts/compose up -d
```
### Upgrade HTTPS Proxy
[to be written]
If you're on an old version, you might get following error: \
`no such file or directory: ./scripts/upgrade` \
A simple `$ git pull` resolves that, by fetching a newer version which includes the upgrade script.
## Special thanks to
- @dkrenn, whos dockerized version (bigbluebutton#8858)(https://github.com/bigbluebutton/bigbluebutton/pull/8858) helped me a lot in understand and some configs.
## Open Tasks
- add support for recording
- further separate bbb-core into individual container
- add coturn
- add prometheus exporter
- further separate `bbb-core` into individual container
- enable IPv6 support
- fix captions (they don't appear, `readOnlyPadId` is missing)
- switch to `node:12-buster-slim` for `html5`
- switch to `node:12-buster-slim` for `webrtc-sfu`
- drop root privileges in `webrtc-sfu`
- drop root privileges in `kurento`
- switch `html5` to node v12
- drop root privileges in `webrtc-sfu`

View File

@ -1,8 +1,31 @@
# important! change these to random values
ETHERPAD_API_KEY=NEQKi2eFXSBce4kyGjwAzMn2jeF66peNYQmyFVRr
# ====================================
# ADDITIONS to BigBlueButton
# ====================================
# (place a '#' before to disable them)
# HTTPS Proxy
# fully automated Lets Encrypt certificates
ENABLE_HTTPS_PROXY=true
# Greenlight Frontend
# https://docs.bigbluebutton.org/greenlight/gl-overview.html
ENABLE_GREENLIGHT=true
# ====================================
# SECRETS
# ====================================
# important! change these to any random values
SHARED_SECRET=w6y7nycPafjPhVz3gZdBpQhR4H4MvEQzcZzia5LT
ETHERPAD_API_KEY=NEQKi2eFXSBce4kyGjwAzMn2jeF66peNYQmyFVRr
RAILS_SECRET=cdfbae48b197805a435ab7881da31c642ac1a7d4d5c006441efa8125ae63865ce7c915c651117e0f14358cd98f5287c431929e0f796f4100b2b1c3eb5baad1b0
# ====================================
# CONNECTION
# ====================================
DOMAIN=bbb.example.com
EXTERNAL_IP=144.76.97.10
@ -20,6 +43,11 @@ STUN_PORT=3478
#TURN_SERVER=turns:turn.example.com:443?transport=tcp
#TURN_SECRET=
# ====================================
# CUSTOMIZATION
# ====================================
CLIENT_TITLE=BigBlueButton
WELCOME_FOOTER=This server is running <a href="http://docs.bigbluebutton.org/" target="_blank"><u>BigBlueButton</u></a>.
@ -32,9 +60,9 @@ WELCOME_FOOTER=This server is running <a href="http://docs.bigbluebutton.org/" t
DEFAULT_PRESENTATION=./mod/nginx/default.pdf
# -------------------------------
# greenlight configuration
# -------------------------------
# ====================================
# GREENLIGHT CONFIGURATION
# ====================================
# Microsoft Office365 Login Provider (optional)
#
@ -63,17 +91,21 @@ OAUTH2_REDIRECT=
# LDAP_METHOD=plain
# LDAP_UID=uid
# LDAP_BASE=dc=example,dc=com
# LDAP_AUTH=simple
# LDAP_BIND_DN=cn=admin,dc=example,dc=com
# LDAP_PASSWORD=password
# LDAP_ROLE_FIELD=ou
# LDAP_FILTER=(&(attr1=value1)(attr2=value2))
LDAP_SERVER=
LDAP_PORT=
LDAP_METHOD=
LDAP_UID=
LDAP_BASE=
LDAP_BIND_DN=
LDAP_AUTH=
LDAP_PASSWORD=
LDAP_ROLE_FIELD=
LDAP_FILTER=
# Set this to true if you want GreenLight to support user signup and login without
# Omniauth. For more information, see:
@ -82,7 +114,6 @@ LDAP_ROLE_FIELD=
#
ALLOW_GREENLIGHT_ACCOUNTS=true
# Set this to true if you want GreenLight to send verification emails upon
# the creation of a new account
#
@ -99,6 +130,10 @@ ALLOW_GREENLIGHT_ACCOUNTS=true
# SMTP_AUTH=plain
# SMTP_STARTTLS_AUTO=true
#
# If your mail server has a self-signed certificate, you'll also need to include the line below.
# Please note that enable this presents its own security risks and should not be done unless necessary.
# SMTP_OPENSSL_VERIFY_MODE=none
#
SMTP_SERVER=
SMTP_PORT=
SMTP_DOMAIN=
@ -138,6 +173,10 @@ PAGINATION_NUMBER=25
# Default is set to 25 rows
NUMBER_OF_ROWS=25
# Specify if you want to display the Google Calendar button
# ENABLE_GOOGLE_CALENDAR_BUTTON=true|false
ENABLE_GOOGLE_CALENDAR_BUTTON=
# Set the application into Maintenance Mode
#
# Current options supported:
@ -155,7 +194,14 @@ MAINTENANCE_WINDOW=
#
# Defaults to the Github Issues Page for Greenlight
# Button can be disabled by setting the value to blank
REPORT_ISSUE_URL=https://github.com/bigbluebutton/greenlight/issues/new
#
# REPORT_ISSUE_URL=https://github.com/bigbluebutton/greenlight/issues/new
# The link to the Need help? button that appears on the Account Dropdown
#
# Defaults to the Greenlight documentation
# Button can be disabled by setting the value to blank
HELP_URL=https://docs.bigbluebutton.org/greenlight/gl-overview.html
# Comment this out to send logs to STDOUT in production instead of log/production.log .
#

76
scripts/setup Executable file
View File

@ -0,0 +1,76 @@
#!/bin/bash
set -e
cd $(dirname $0)/..
EXTERNAL_IP=$(curl -s http://whatismyip.akamai.com)
# load .env
if [ -f .env ]
then
echo "Error: the configuration file .env already exists."
echo "either edit variables manually in there or remove the file and try this script again"
exit 1
fi
greenlight="n"
while [[ ! $greenlight =~ ^(y|n)$ ]]; do
read -p "Should greenlight be included? (y/n): " greenlight
done
https_proxy="n"
while [[ ! $https_proxy =~ ^(y|n)$ ]]; do
read -p "Should an automatic HTTPS Proxy be included? (y/n): " https_proxy
done
DOMAIN=""
while [[ -z "$DOMAIN" ]]; do
read -p "Please enter the domain name: " DOMAIN
done
ip_correct=""
while [[ ! $ip_correct =~ ^(y|n)$ ]]; do
read -p "Is $EXTERNAL_IP your external IPv4 address? (y/n): " ip_correct
done
if [ ! "$ip_correct" == "y" ]
then
EXTERNAL_IP=""
while [[ ! $EXTERNAL_IP =~ ^[1-9][0-9]{0,2}\.[1-9][0-9]{0,2}\.[1-9][0-9]{0,2}\.[1-9][0-9]{0,2}$ ]]; do
read -p "Please enter correct IPv4 address: " EXTERNAL_IP
done
fi
# write settings
cp sample.env .env
sed -i "s/EXTERNAL_IP=.*/EXTERNAL_IP=$EXTERNAL_IP/" .env
sed -i "s/DOMAIN=.*/DOMAIN=$DOMAIN/" .env
if [ ! "$greenlight" == "y" ]
then
sed -i "s/ENABLE_GREENLIGHT.*/#ENABLE_GREENLIGHT=true/" .env
fi
if [ ! "$https_proxy" == "y" ]
then
sed -i "s/ENABLE_HTTPS_PROXY.*/#ENABLE_HTTPS_PROXY=true/" .env
fi
# change secrets
RANDOM_1=$(pwgen -v 40 1)
RANDOM_2=$(pwgen -v 40 1)
RANDOM_3=$(pwgen -v 120 1)
sed -i "s/SHARED_SECRET=.*/SHARED_SECRET=$RANDOM_1/" .env
sed -i "s/ETHERPAD_API_KEY=.*/ETHERPAD_API_KEY=$RANDOM_2/" .env
sed -i "s/RAILS_SECRET=.*/RAILS_SECRET=$RANDOM_3/" .env
echo "--------------------------------------------------"
echo "configuration file .env got successfully created!"
echo ""
echo "you can look through it for further adjusments"
echo " $ nano .env"
echo ""
echo "to start bigbluebutton run"
echo " $ ./scripts/compose up -d"