setup script, readme update and .env rework

2024-11-22 08:03:19 +01:00 · 2020-06-06 14:39:54 +02:00 · 2020-06-06 14:39:54 +02:00 · 8ab2bec71e
commit 8ab2bec71e
parent 55d35d20ca
3 changed files with 154 additions and 69 deletions
--- a/README.md
+++ b/README.md
@ -1,8 +1,5 @@
 # BigBlueButton Docker

-## Please note
- Not well tested, can be still really buggy. Don't use for production! 
-
 ## Install
 1. Install docker-ce & docker-compose
    1. follow instructions
@ -18,31 +15,18 @@
   $ git clone --recurse-submodules https://github.com/alangecker/bigbluebutton-docker.git bbb-docker
   $ cd bbb-docker
   ```
-6. Create `.env` with `$ cp sample.env .env`
-7. Adjust the values in `.env`
-   - **Important:** don't forget to change `ETHERPAD_API_KEY`, `SHARED_SECRET` and `RAILS_SECRET` to any random values! For example generated with `pwgen 40 3`
-   - `DOMAIN` and `EXTERNAL_IP` are also required. For example, use `dig +short <DOMAIN>` to get your external ip address. 
-8. Start container. either...
-    - **Most common setup**: BigBlueButton with automatic HTTPS certificate retrieval and Greenlight
-        ```bash
-        $ docker-compose \
-            -f docker-compose.yml \
-            -f docker-compose.https.yml \
-            -f docker-compose.greenlight.yml \
-            up --detach
-        ```
-    - **Individual parts**:
-        - BigBlueButton `$ docker-compose up -d`
-        - HTTPS reverse proxy
-            - `$ docker-compose -f docker-compose.https.yml up -d`
-        - API demos
-            - `$ docker-compose -f docker-compose.demo.yml up -d`
-            - Access https://bbb.example.com/demo/
-        - Greenlight
-            - `$ docker-compose -f docker-compose.greenlight.yml up -d`
-            - Create an administrator account \
-            `$ docker exec greenlight-v2 bundle exec rake admin:create`
-            - Access https://bbb.example.com/b
+6. Run setup:
+   ```bash
+   $ ./scripts/setup
+   ```
+7. Start containers:
+    ```bash
+    $ ./scripts/compose up -d
+    ```
+8. If you use greenlight, you can create an admin account with:
+    ```bash
+    $ ./scripts/compose exec greenlight bundle exec rake admin:create
+    ```



@ -65,53 +49,32 @@ Also don't forget to forward all necassary ports listed in http://docs.bigbluebu

 ## Upgrading

-### Upgrade BigBlueButton
-```bash
-cd bbb-docker
-
-# pull repo changes
-git pull 
-
-# update bbb-webrtc-sfu
-git submodule update --remote 
-
-# rebuild images
-docker-compose build --pull --no-cache 
-
-# recreate updated services
-docker-compose up -d
-```
-
-### Upgrade Greenlight
-**Important:** especially with a version before 2020-05-17 create a database backup first, otherwise the data will not be persistent between container recreations.
 ```bash
 cd bbb-docker

+# if you use greenlight:
 # create a database backup
 docker exec -t docker_postgres_1 pg_dumpall -c -U postgres > /root/greenlight_`date +%d-%m-%Y"_"%H_%M_%S`.sql

-# pull repo changes
-git pull 
+# upgrade!
+./scripts/upgrade

-# pull image updates
-docker-compose -f docker-compose.greenlight.yml pull
-
-# recreate & restart services if necessary
-docker-compose -f docker-compose.greenlight.yml up -d
+# restart updated services
+./scripts/compose up -d
 ```

-### Upgrade HTTPS Proxy
-[to be written]
+If you're on an old version, you might get following error: \
+`no such file or directory: ./scripts/upgrade` \
+A simple `$ git pull` resolves that, by fetching a newer version which includes the upgrade script.

 ## Special thanks to
 - @dkrenn, whos dockerized version (bigbluebutton#8858)(https://github.com/bigbluebutton/bigbluebutton/pull/8858) helped me a lot in understand and some configs.

 ## Open Tasks
 - add support for recording
- further separate bbb-core into individual container
+- add coturn
+- add prometheus exporter
+- further separate `bbb-core` into individual container
 - enable IPv6 support
- fix captions (they don't appear, `readOnlyPadId` is missing)
- switch to `node:12-buster-slim` for `html5`
- switch to `node:12-buster-slim` for `webrtc-sfu` 
+- switch `html5` to node v12
 - drop root privileges in `webrtc-sfu`
- drop root privileges in `kurento`
--- a/sample.env
+++ b/sample.env
@ -1,8 +1,31 @@
-# important! change these to random values
-ETHERPAD_API_KEY=NEQKi2eFXSBce4kyGjwAzMn2jeF66peNYQmyFVRr
+# ====================================
+# ADDITIONS to BigBlueButton
+# ====================================
+# (place a '#' before to disable them)
+
+# HTTPS Proxy
+# fully automated Lets Encrypt certificates
+ENABLE_HTTPS_PROXY=true
+
+# Greenlight Frontend
+# https://docs.bigbluebutton.org/greenlight/gl-overview.html
+ENABLE_GREENLIGHT=true
+
+
+# ====================================
+# SECRETS
+# ====================================
+# important! change these to any random values
 SHARED_SECRET=w6y7nycPafjPhVz3gZdBpQhR4H4MvEQzcZzia5LT
+ETHERPAD_API_KEY=NEQKi2eFXSBce4kyGjwAzMn2jeF66peNYQmyFVRr
 RAILS_SECRET=cdfbae48b197805a435ab7881da31c642ac1a7d4d5c006441efa8125ae63865ce7c915c651117e0f14358cd98f5287c431929e0f796f4100b2b1c3eb5baad1b0

+
+
+# ====================================
+# CONNECTION
+# ====================================
+
 DOMAIN=bbb.example.com

 EXTERNAL_IP=144.76.97.10
@ -20,6 +43,11 @@ STUN_PORT=3478
 #TURN_SERVER=turns:turn.example.com:443?transport=tcp
 #TURN_SECRET=

+
+# ====================================
+# CUSTOMIZATION
+# ====================================
+
 CLIENT_TITLE=BigBlueButton

 WELCOME_FOOTER=This server is running <a href="http://docs.bigbluebutton.org/" target="_blank"><u>BigBlueButton</u></a>.
@ -32,9 +60,9 @@ WELCOME_FOOTER=This server is running <a href="http://docs.bigbluebutton.org/" t
 DEFAULT_PRESENTATION=./mod/nginx/default.pdf


-# -------------------------------
-# greenlight configuration
-# -------------------------------
+# ====================================
+# GREENLIGHT CONFIGURATION
+# ====================================

 # Microsoft Office365 Login Provider (optional)
 #
@ -63,17 +91,21 @@ OAUTH2_REDIRECT=
 #   LDAP_METHOD=plain
 #   LDAP_UID=uid
 #   LDAP_BASE=dc=example,dc=com
+#   LDAP_AUTH=simple
 #   LDAP_BIND_DN=cn=admin,dc=example,dc=com
 #   LDAP_PASSWORD=password
 #   LDAP_ROLE_FIELD=ou
+#   LDAP_FILTER=(&(attr1=value1)(attr2=value2))
 LDAP_SERVER=
 LDAP_PORT=
 LDAP_METHOD=
 LDAP_UID=
 LDAP_BASE=
 LDAP_BIND_DN=
+LDAP_AUTH=
 LDAP_PASSWORD=
 LDAP_ROLE_FIELD=
+LDAP_FILTER=

 # Set this to true if you want GreenLight to support user signup and login without
 # Omniauth. For more information, see:
@ -82,7 +114,6 @@ LDAP_ROLE_FIELD=
 #
 ALLOW_GREENLIGHT_ACCOUNTS=true

-
 # Set this to true if you want GreenLight to send verification emails upon
 # the creation of a new account
 #
@ -99,6 +130,10 @@ ALLOW_GREENLIGHT_ACCOUNTS=true
 #   SMTP_AUTH=plain
 #   SMTP_STARTTLS_AUTO=true
 #
+# If your mail server has a self-signed certificate, you'll also need to include the line below. 
+# Please note that enable this presents its own security risks and should not be done unless necessary.
+#   SMTP_OPENSSL_VERIFY_MODE=none
+#
 SMTP_SERVER=
 SMTP_PORT=
 SMTP_DOMAIN=
@ -138,6 +173,10 @@ PAGINATION_NUMBER=25
 # Default is set to 25 rows
 NUMBER_OF_ROWS=25

+# Specify if you want to display the Google Calendar button
+#   ENABLE_GOOGLE_CALENDAR_BUTTON=true|false
+ENABLE_GOOGLE_CALENDAR_BUTTON=
+
 # Set the application into Maintenance Mode
 #
 # Current options supported:
@ -155,7 +194,14 @@ MAINTENANCE_WINDOW=
 #
 # Defaults to the Github Issues Page for Greenlight
 # Button can be disabled by setting the value to blank
-REPORT_ISSUE_URL=https://github.com/bigbluebutton/greenlight/issues/new
+#
+# REPORT_ISSUE_URL=https://github.com/bigbluebutton/greenlight/issues/new
+
+# The link to the Need help? button that appears on the Account Dropdown
+#
+# Defaults to the Greenlight documentation
+# Button can be disabled by setting the value to blank
+HELP_URL=https://docs.bigbluebutton.org/greenlight/gl-overview.html

 # Comment this out to send logs to STDOUT in production instead of log/production.log .
 #
--- a/scripts/setup
+++ b/scripts/setup
@ -0,0 +1,76 @@
+#!/bin/bash
+
+set -e
+cd $(dirname $0)/..
+
+EXTERNAL_IP=$(curl -s http://whatismyip.akamai.com)
+
+# load .env
+if [ -f .env ]
+then
+  echo "Error: the configuration file .env already exists."
+  echo "either edit variables manually in there or remove the file and try this script again"
+  exit 1
+fi
+
+greenlight="n"
+while [[ ! $greenlight =~ ^(y|n)$ ]]; do
+    read -p "Should greenlight be included? (y/n): " greenlight
+done
+
+https_proxy="n"
+while [[ ! $https_proxy =~ ^(y|n)$ ]]; do
+    read -p "Should an automatic HTTPS Proxy be included? (y/n): " https_proxy
+done
+
+DOMAIN=""
+while [[ -z "$DOMAIN" ]]; do
+    read -p "Please enter the domain name: " DOMAIN
+done
+
+ip_correct=""
+while [[ ! $ip_correct =~ ^(y|n)$ ]]; do
+    read -p "Is $EXTERNAL_IP your external IPv4 address? (y/n): " ip_correct
+done
+
+if [ ! "$ip_correct" == "y" ]
+then
+    EXTERNAL_IP=""
+    while [[ ! $EXTERNAL_IP =~ ^[1-9][0-9]{0,2}\.[1-9][0-9]{0,2}\.[1-9][0-9]{0,2}\.[1-9][0-9]{0,2}$ ]]; do
+        read -p "Please enter correct IPv4 address: " EXTERNAL_IP
+    done
+fi
+
+
+
+# write settings
+cp sample.env .env
+sed -i "s/EXTERNAL_IP=.*/EXTERNAL_IP=$EXTERNAL_IP/" .env
+sed -i "s/DOMAIN=.*/DOMAIN=$DOMAIN/" .env
+
+if [ ! "$greenlight" == "y" ]
+then
+    sed -i "s/ENABLE_GREENLIGHT.*/#ENABLE_GREENLIGHT=true/" .env
+fi
+
+if [ ! "$https_proxy" == "y" ]
+then
+    sed -i "s/ENABLE_HTTPS_PROXY.*/#ENABLE_HTTPS_PROXY=true/" .env
+fi
+
+# change secrets
+RANDOM_1=$(pwgen -v 40 1)
+RANDOM_2=$(pwgen -v 40 1)
+RANDOM_3=$(pwgen -v 120 1)
+sed -i "s/SHARED_SECRET=.*/SHARED_SECRET=$RANDOM_1/" .env
+sed -i "s/ETHERPAD_API_KEY=.*/ETHERPAD_API_KEY=$RANDOM_2/" .env
+sed -i "s/RAILS_SECRET=.*/RAILS_SECRET=$RANDOM_3/" .env
+
+echo "--------------------------------------------------"
+echo "configuration file .env got successfully created!"
+echo ""
+echo "you can look through it for further adjusments"
+echo "  $ nano .env"
+echo ""
+echo "to start bigbluebutton run"
+echo "  $ ./scripts/compose up -d"