setup script, readme update and .env rework

2024-11-22 08:03:19 +01:00 · 2020-06-06 14:39:54 +02:00 · 2020-06-06 14:39:54 +02:00 · 8ab2bec71e
commit 8ab2bec71e
parent 55d35d20ca
3 changed files with 154 additions and 69 deletions
--- a/README.md
+++ b/README.md
@ -1,8 +1,5 @@
 # BigBlueButton Docker
 ## Please note
 - Not well tested, can be still really buggy. Don't use for production! 
 ## Install
 1. Install docker-ce & docker-compose
    1. follow instructions
@ -18,31 +15,18 @@
   $ git clone --recurse-submodules https://github.com/alangecker/bigbluebutton-docker.git bbb-docker
   $ cd bbb-docker
   ```
-6. Create `.env` with `$ cp sample.env .env`
+6. Run setup:
-7. Adjust the values in `.env`
+   ```bash
-   - **Important:** don't forget to change `ETHERPAD_API_KEY`, `SHARED_SECRET` and `RAILS_SECRET` to any random values! For example generated with `pwgen 40 3`
+   $ ./scripts/setup
-   - `DOMAIN` and `EXTERNAL_IP` are also required. For example, use `dig +short <DOMAIN>` to get your external ip address. 
+   ```
-8. Start container. either...
+7. Start containers:
-    - **Most common setup**: BigBlueButton with automatic HTTPS certificate retrieval and Greenlight
+    ```bash
-        ```bash
+    $ ./scripts/compose up -d
-        $ docker-compose \
+    ```
-            -f docker-compose.yml \
+8. If you use greenlight, you can create an admin account with:
-            -f docker-compose.https.yml \
+    ```bash
-            -f docker-compose.greenlight.yml \
+    $ ./scripts/compose exec greenlight bundle exec rake admin:create
-            up --detach
+    ```
        ```
    - **Individual parts**:
        - BigBlueButton `$ docker-compose up -d`
        - HTTPS reverse proxy
            - `$ docker-compose -f docker-compose.https.yml up -d`
        - API demos
            - `$ docker-compose -f docker-compose.demo.yml up -d`
            - Access https://bbb.example.com/demo/
        - Greenlight
            - `$ docker-compose -f docker-compose.greenlight.yml up -d`
            - Create an administrator account \
            `$ docker exec greenlight-v2 bundle exec rake admin:create`
            - Access https://bbb.example.com/b
@ -65,53 +49,32 @@ Also don't forget to forward all necassary ports listed in http://docs.bigbluebu
 ## Upgrading
 ### Upgrade BigBlueButton
 ```bash
 cd bbb-docker
 # pull repo changes
 git pull 
 # update bbb-webrtc-sfu
 git submodule update --remote 
 # rebuild images
 docker-compose build --pull --no-cache 
 # recreate updated services
 docker-compose up -d
 ```
 ### Upgrade Greenlight
 **Important:** especially with a version before 2020-05-17 create a database backup first, otherwise the data will not be persistent between container recreations.
 ```bash
 cd bbb-docker
 # if you use greenlight:
 # create a database backup
 docker exec -t docker_postgres_1 pg_dumpall -c -U postgres > /root/greenlight_`date +%d-%m-%Y"_"%H_%M_%S`.sql
-# pull repo changes
+# upgrade!
-git pull 
+./scripts/upgrade
-# pull image updates
+# restart updated services
-docker-compose -f docker-compose.greenlight.yml pull
+./scripts/compose up -d
 # recreate & restart services if necessary
 docker-compose -f docker-compose.greenlight.yml up -d
 ```
-### Upgrade HTTPS Proxy
+If you're on an old version, you might get following error: \
-[to be written]
+`no such file or directory: ./scripts/upgrade` \
 A simple `$ git pull` resolves that, by fetching a newer version which includes the upgrade script.
 ## Special thanks to
 - @dkrenn, whos dockerized version (bigbluebutton#8858)(https://github.com/bigbluebutton/bigbluebutton/pull/8858) helped me a lot in understand and some configs.
 ## Open Tasks
 - add support for recording
- further separate bbb-core into individual container
+- add coturn
 - add prometheus exporter
 - further separate `bbb-core` into individual container
 - enable IPv6 support
- fix captions (they don't appear, `readOnlyPadId` is missing)
+- switch `html5` to node v12
- switch to `node:12-buster-slim` for `html5`
+- drop root privileges in `webrtc-sfu`
 - switch to `node:12-buster-slim` for `webrtc-sfu` 
 - drop root privileges in `webrtc-sfu`
 - drop root privileges in `kurento`
--- a/sample.env
+++ b/sample.env
@ -1,8 +1,31 @@
-# important! change these to random values
+# ====================================
-ETHERPAD_API_KEY=NEQKi2eFXSBce4kyGjwAzMn2jeF66peNYQmyFVRr
+# ADDITIONS to BigBlueButton
 # ====================================
 # (place a '#' before to disable them)
 # HTTPS Proxy
 # fully automated Lets Encrypt certificates
 ENABLE_HTTPS_PROXY=true
 # Greenlight Frontend
 # https://docs.bigbluebutton.org/greenlight/gl-overview.html
 ENABLE_GREENLIGHT=true
 # ====================================
 # SECRETS
 # ====================================
 # important! change these to any random values
 SHARED_SECRET=w6y7nycPafjPhVz3gZdBpQhR4H4MvEQzcZzia5LT
 ETHERPAD_API_KEY=NEQKi2eFXSBce4kyGjwAzMn2jeF66peNYQmyFVRr
 RAILS_SECRET=cdfbae48b197805a435ab7881da31c642ac1a7d4d5c006441efa8125ae63865ce7c915c651117e0f14358cd98f5287c431929e0f796f4100b2b1c3eb5baad1b0
 # ====================================
 # CONNECTION
 # ====================================
 DOMAIN=bbb.example.com
 EXTERNAL_IP=144.76.97.10
@ -20,6 +43,11 @@ STUN_PORT=3478
 #TURN_SERVER=turns:turn.example.com:443?transport=tcp
 #TURN_SECRET=
 # ====================================
 # CUSTOMIZATION
 # ====================================
 CLIENT_TITLE=BigBlueButton
 WELCOME_FOOTER=This server is running <a href="http://docs.bigbluebutton.org/" target="_blank"><u>BigBlueButton</u></a>.
@ -32,9 +60,9 @@ WELCOME_FOOTER=This server is running <a href="http://docs.bigbluebutton.org/" t
 DEFAULT_PRESENTATION=./mod/nginx/default.pdf
-# -------------------------------
+# ====================================
-# greenlight configuration
+# GREENLIGHT CONFIGURATION
-# -------------------------------
+# ====================================
 # Microsoft Office365 Login Provider (optional)
 #
@ -63,17 +91,21 @@ OAUTH2_REDIRECT=
 #   LDAP_METHOD=plain
 #   LDAP_UID=uid
 #   LDAP_BASE=dc=example,dc=com
 #   LDAP_AUTH=simple
 #   LDAP_BIND_DN=cn=admin,dc=example,dc=com
 #   LDAP_PASSWORD=password
 #   LDAP_ROLE_FIELD=ou
 #   LDAP_FILTER=(&(attr1=value1)(attr2=value2))
 LDAP_SERVER=
 LDAP_PORT=
 LDAP_METHOD=
 LDAP_UID=
 LDAP_BASE=
 LDAP_BIND_DN=
 LDAP_AUTH=
 LDAP_PASSWORD=
 LDAP_ROLE_FIELD=
 LDAP_FILTER=
 # Set this to true if you want GreenLight to support user signup and login without
 # Omniauth. For more information, see:
@ -82,7 +114,6 @@ LDAP_ROLE_FIELD=
 #
 ALLOW_GREENLIGHT_ACCOUNTS=true
 # Set this to true if you want GreenLight to send verification emails upon
 # the creation of a new account
 #
@ -99,6 +130,10 @@ ALLOW_GREENLIGHT_ACCOUNTS=true
 #   SMTP_AUTH=plain
 #   SMTP_STARTTLS_AUTO=true
 #
 # If your mail server has a self-signed certificate, you'll also need to include the line below. 
 # Please note that enable this presents its own security risks and should not be done unless necessary.
 #   SMTP_OPENSSL_VERIFY_MODE=none
 #
 SMTP_SERVER=
 SMTP_PORT=
 SMTP_DOMAIN=
@ -138,6 +173,10 @@ PAGINATION_NUMBER=25
 # Default is set to 25 rows
 NUMBER_OF_ROWS=25
 # Specify if you want to display the Google Calendar button
 #   ENABLE_GOOGLE_CALENDAR_BUTTON=true|false
 ENABLE_GOOGLE_CALENDAR_BUTTON=
 # Set the application into Maintenance Mode
 #
 # Current options supported:
@ -155,7 +194,14 @@ MAINTENANCE_WINDOW=
 #
 # Defaults to the Github Issues Page for Greenlight
 # Button can be disabled by setting the value to blank
-REPORT_ISSUE_URL=https://github.com/bigbluebutton/greenlight/issues/new
+#
 # REPORT_ISSUE_URL=https://github.com/bigbluebutton/greenlight/issues/new
 # The link to the Need help? button that appears on the Account Dropdown
 #
 # Defaults to the Greenlight documentation
 # Button can be disabled by setting the value to blank
 HELP_URL=https://docs.bigbluebutton.org/greenlight/gl-overview.html
 # Comment this out to send logs to STDOUT in production instead of log/production.log .
 #
--- a/scripts/setup
+++ b/scripts/setup
@ -0,0 +1,76 @@
 #!/bin/bash
 set -e
 cd $(dirname $0)/..
 EXTERNAL_IP=$(curl -s http://whatismyip.akamai.com)
 # load .env
 if [ -f .env ]
 then
  echo "Error: the configuration file .env already exists."
  echo "either edit variables manually in there or remove the file and try this script again"
  exit 1
 fi
 greenlight="n"
 while [[ ! $greenlight =~ ^(y|n)$ ]]; do
    read -p "Should greenlight be included? (y/n): " greenlight
 done
 https_proxy="n"
 while [[ ! $https_proxy =~ ^(y|n)$ ]]; do
    read -p "Should an automatic HTTPS Proxy be included? (y/n): " https_proxy
 done
 DOMAIN=""
 while [[ -z "$DOMAIN" ]]; do
    read -p "Please enter the domain name: " DOMAIN
 done
 ip_correct=""
 while [[ ! $ip_correct =~ ^(y|n)$ ]]; do
    read -p "Is $EXTERNAL_IP your external IPv4 address? (y/n): " ip_correct
 done
 if [ ! "$ip_correct" == "y" ]
 then
    EXTERNAL_IP=""
    while [[ ! $EXTERNAL_IP =~ ^[1-9][0-9]{0,2}\.[1-9][0-9]{0,2}\.[1-9][0-9]{0,2}\.[1-9][0-9]{0,2}$ ]]; do
        read -p "Please enter correct IPv4 address: " EXTERNAL_IP
    done
 fi
 # write settings
 cp sample.env .env
 sed -i "s/EXTERNAL_IP=.*/EXTERNAL_IP=$EXTERNAL_IP/" .env
 sed -i "s/DOMAIN=.*/DOMAIN=$DOMAIN/" .env
 if [ ! "$greenlight" == "y" ]
 then
    sed -i "s/ENABLE_GREENLIGHT.*/#ENABLE_GREENLIGHT=true/" .env
 fi
 if [ ! "$https_proxy" == "y" ]
 then
    sed -i "s/ENABLE_HTTPS_PROXY.*/#ENABLE_HTTPS_PROXY=true/" .env
 fi
 # change secrets
 RANDOM_1=$(pwgen -v 40 1)
 RANDOM_2=$(pwgen -v 40 1)
 RANDOM_3=$(pwgen -v 120 1)
 sed -i "s/SHARED_SECRET=.*/SHARED_SECRET=$RANDOM_1/" .env
 sed -i "s/ETHERPAD_API_KEY=.*/ETHERPAD_API_KEY=$RANDOM_2/" .env
 sed -i "s/RAILS_SECRET=.*/RAILS_SECRET=$RANDOM_3/" .env
 echo "--------------------------------------------------"
 echo "configuration file .env got successfully created!"
 echo ""
 echo "you can look through it for further adjusments"
 echo "  $ nano .env"
 echo ""
 echo "to start bigbluebutton run"
 echo "  $ ./scripts/compose up -d"