Resolve conficts

2024-11-26 01:53:22 +01:00 · 2018-08-31 09:16:27 -05:00 · 2018-08-31 09:16:27 -05:00 · edfe84d82d
commit edfe84d82d
parent c4bae24d2c c1854b83ea
5 changed files with 303 additions and 45 deletions
--- a/README.md
+++ b/README.md
@ -1,21 +1,21 @@
 # Overview
-These are scripts to run BigBlueButton within Docker.  
+Note: This branch contains work in progress for incorporating the HTML5 client into the Docker image.
-For detailed instructions on how to setup BigBlueButton in Docker, see the [setup instructions](http://docs.bigbluebutton.org/labs/docker.html).
+To run BigBlueButton in Docker, run the command
 To run BigBlueButton in Docker with a single command, run:
 ~~~
-docker run -p 80:80/tcp -p 1935:1935/tcp -p 5066:5066/tcp -p 32730-32768:32730-32768/udp -p 2202:2202 --cap-add=NET_ADMIN --name bigbluebutton bigbluebutton/bigbluebutton -h <YOUR_HOST_IP>
+docker run -p 80:80/tcp -p 443:443/tcp -p 1935:1935 -p 5066:5066 -p 3478:3478 -p 3478:3478/udp b2 -h <HOST_IP>
 ~~~
 Make sure you provide the host IP at the end of the command. This will take some time to pull the image from Docker hub.
 For details see the [setup instructions](http://docs.bigbluebutton.org/labs/docker.html).
 Once running, you can navigate to `http://<YOUR_HOST_IP>` to access your BigBlueButton server.
-## Keep in mind...
+## Future Plans
-Our goal was to allow people to try a BigBlueButton server with a single command. This is not meant for production use, but rather for testing and trying out BigBlueButton.
+Our goal was to allow developers to run BigBlueButton server with a single command.  This Docker image is not meant for production use, but rather for testing and trying out BigBlueButton.
-We may work on a production-ready version that seperates the BigBlueButton components into containers using [docker-compose](https://github.com/docker/compose) in the future.
+Still, it good step towards separating BigBlueButton into individual components for running under docker-compose or kubernetes.
--- a/mod/external.xml
+++ b/mod/external.xml
@ -0,0 +1,113 @@
 <profile name="external">
  <!-- http://wiki.freeswitch.org/wiki/Sofia_Configuration_Files -->
  <!-- This profile is only for outbound registrations to providers -->
  <gateways>
    <X-PRE-PROCESS cmd="include" data="external/*.xml"/>
  </gateways>
  <aliases>
    <!--
        <alias name="outbound"/>
        <alias name="nat"/>
    -->
  </aliases>
  <domains>
    <domain name="all" alias="false" parse="true"/>
  </domains>
  <settings>
    <param name="debug" value="0"/>
    <!-- If you want FreeSWITCH to shutdown if this profile fails to load, uncomment the next line. -->
    <!-- <param name="shutdown-on-fail" value="true"/> -->
    <param name="sip-trace" value="no"/>
    <param name="sip-capture" value="no"/>
    <param name="rfc2833-pt" value="101"/>
    <!-- RFC 5626 : Send reg-id and sip.instance -->
    <!--<param name="enable-rfc-5626" value="true"/> -->
    <param name="sip-port" value="$${external_sip_port}"/>
    <param name="dialplan" value="XML"/>
    <param name="context" value="public"/>
    <param name="dtmf-duration" value="2000"/>
    <param name="inbound-codec-prefs" value="$${global_codec_prefs}"/>
    <param name="outbound-codec-prefs" value="$${outbound_codec_prefs}"/>
    <param name="hold-music" value="$${hold_music}"/>
    <param name="rtp-timer-name" value="soft"/>
    <!--<param name="enable-100rel" value="true"/>-->
    <!--<param name="disable-srv503" value="true"/>-->
    <!-- This could be set to "passive" -->
    <param name="local-network-acl" value="localnet.auto"/>
    <param name="manage-presence" value="false"/>
    <!-- used to share presence info across sofia profiles
         manage-presence needs to be set to passive on this profile
         if you want it to behave as if it were the internal profile
         for presence.
    -->
    <!-- Name of the db to use for this profile -->
    <!--<param name="dbname" value="share_presence"/>-->
    <!--<param name="presence-hosts" value="$${domain}"/>-->
    <!--<param name="force-register-domain" value="$${domain}"/>-->
    <!--all inbound reg will stored in the db using this domain -->
    <!--<param name="force-register-db-domain" value="$${domain}"/>-->
    <!-- ************************************************* -->
    <!--<param name="aggressive-nat-detection" value="true"/>-->
    <param name="inbound-codec-negotiation" value="generous"/>
    <param name="nonce-ttl" value="60"/>
    <param name="auth-calls" value="false"/>
    <param name="inbound-late-negotiation" value="true"/>
    <param name="inbound-zrtp-passthru" value="true"/> <!-- (also enables late negotiation) -->
    <!--
        DO NOT USE HOSTNAMES, ONLY IP ADDRESSES IN THESE SETTINGS!
    <param name="rtp-ip" value="$${local_ip_v4}"/>
    <param name="sip-ip" value="$${local_ip_v4}"/>
    <param name="ext-rtp-ip" value="auto-nat"/>
    <param name="ext-sip-ip" value="auto-nat"/>
    -->
    <param name="rtp-ip" value="$${local_ip_v4}"/>
    <param name="sip-ip" value="$${local_ip_v4}"/>
    <param name="ext-rtp-ip" value="$${local_ip_v4}"/>
    <param name="ext-sip-ip" value="$${local_ip_v4}"/>
    <param name="rtp-timeout-sec" value="300"/>
    <param name="rtp-hold-timeout-sec" value="1800"/>
    <param name="enable-3pcc" value="true"/>
    <!-- TLS: disabled by default, set to "true" to enable -->
    <param name="tls" value="$${external_ssl_enable}"/>
    <!-- Set to true to not bind on the normal sip-port but only on the TLS port -->
    <param name="tls-only" value="false"/>
    <!-- additional bind parameters for TLS -->
    <param name="tls-bind-params" value="transport=tls"/>
    <!-- Port to listen on for TLS requests. (5081 will be used if unspecified) -->
    <param name="tls-sip-port" value="$${external_tls_port}"/>
    <!-- Location of the agent.pem and cafile.pem ssl certificates (needed for TLS server) -->
    <!--<param name="tls-cert-dir" value=""/>-->
    <!-- Optionally set the passphrase password used by openSSL to encrypt/decrypt TLS private key files -->
    <param name="tls-passphrase" value=""/>
    <!-- Verify the date on TLS certificates -->
    <param name="tls-verify-date" value="true"/>
    <!-- TLS verify policy, when registering/inviting gateways with other servers (outbound) or handling inbound registration/invite requests how should we verify their certificate -->
    <!-- set to 'in' to only verify incoming connections, 'out' to only verify outgoing connections, 'all' to verify all connections, also 'in_subjects', 'out_subjects' and 'all_subjects' for subject validation. Multiple policies can be split with a '|' pipe -->
    <param name="tls-verify-policy" value="none"/>
    <!-- Certificate max verify depth to use for validating peer TLS certificates when the verify policy is not none -->
    <param name="tls-verify-depth" value="2"/>
    <!-- If the tls-verify-policy is set to subjects_all or subjects_in this sets which subjects are allowed, multiple subjects can be split with a '|' pipe -->
    <param name="tls-verify-in-subjects" value=""/>
    <!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not work with TLSv1 -->
    <param name="tls-version" value="$${sip_tls_version}"/>
    <param name="ws-binding"  value=":5066"/>
    <param name="apply-candidate-acl" value="webrtc-turn"/>
    <!-- enable rtcp on every channel also can be done per leg basis with rtcp_audio_interval_msec variable set to passthru to pass it across a call-->
    <param name="rtcp-audio-interval-msec" value="5000"/>
    <param name="rtcp-video-interval-msec" value="5000"/>
    <!-- Cut down in the join time -->
    <param name="dtmf-type" value="info"/>
    <param name="liberal-dtmf" value="true"/>
  </settings>
 </profile>
--- a/restart.sh
+++ b/restart.sh
@ -0,0 +1,19 @@
 #!/bin/bash -x
 ID=`docker ps --format "{{.ID}}" --filter ancestor=bigbluebutton/b2`
 if [ "$ID" != "" ]; then
  docker stop $ID
 fi
 docker build -t bigbluebutton/b2 .
 docker run -p 80:80/tcp -p 443:443/tcp -p 1935:1935/tcp -p 5066:5066/tcp -p 3478:3478/udp -p 3478:3478 -v /home/firstuser/dev/bigbluebutton/bigbluebutton-html5:/root/bigbluebutton-html5 --cap-add=NET_ADMIN bigbluebutton/b2 -h 192.168.0.130 > /dev/null
 cat << HERE
   docker exec -it `docker ps --format "{{.ID}}" --filter ancestor=bigbluebutton/b2` supervisorctl status
   docker exec -it `docker ps --format "{{.ID}}" --filter ancestor=bigbluebutton/b2` /bin/bash
 HERE
 ID=`docker ps --format "{{.ID}}" --filter ancestor=bigbluebutton/b2`
--- a/setup.sh
+++ b/setup.sh
@ -1,13 +1,29 @@
 #!/bin/bash
 #
 # BlueButton open source conferencing system - http://www.bigbluebutton.org/
 #
 # Copyright (c) 2018 BigBlueButton Inc.
 #
 # This program is free software; you can redistribute it and/or modify it under the
 # terms of the GNU Lesser General Public License as published by the Free Software
 # Foundation; either version 3.0 of the License, or (at your option) any later
 # version.
 #
 # BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
 # PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
 #
 # You should have received a copy of the GNU Lesser General Public License along
 # with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
 #
 set -x
 change_var_value () {
        sed -i "s<^[[:blank:]#]*\(${2}\).*<\1=${3}<" $1
 }
-# docker build -t ffdixon/play_win .
+# docker run -p 80:80/tcp -p 443:443/tcp -p 1935:1935 -p 5066:5066 -p 3478:3478 -p 3478:3478/udp b2 -h 192.168.0.130
 # docker run -p 80:80/tcp -p 443:443/tcp -p 1935:1935/tcp -p 5066:5066/tcp -p 2202:2202 -p 32750-32768:32750-32768/udp --cap-add=NET_ADMIN ffdixon/play_win -h 192.168.0.130
 # docker run -p 80:80/tcp -p 443:443/tcp -p 1935:1935/tcp -p 5066:5066/tcp -p 2202:2202 -p 32750-32768:32750-32768/udp --cap-add=NET_ADMIN ffdixon/play_win -h 192.168.10.186
 while getopts "eh:" opt; do
  case $opt in
@ -21,8 +37,8 @@ while getopts "eh:" opt; do
    e)
      SECRET=$OPTARG
      ;;
-    :) 
+    :)
-      echo "Missing option argument for -$OPTARG" >&2; 
+      echo "Missing option argument for -$OPTARG" >&2;
      exit 1
      ;;
    \?)
@ -48,38 +64,28 @@ while [ ! -f /var/lib/tomcat7/webapps/demo/bbb_api_conf.jsp ]; do sleep 1; done
 sudo /etc/init.d/tomcat7 stop
 # Setup loopback address so FreeSWITCH can bind WS-BIND-URL to host IP
 #
 sudo ip addr add $HOST dev lo
 # Setup the BigBlueButton configuration files
 #
 PROTOCOL_HTTP=http
 PROTOCOL_RTMP=rtmp
 IP=$(echo "$(LANG=c ifconfig  | awk -v RS="" '{gsub (/\n[ ]*inet /," ")}1' | grep ^et.* | grep addr: | head -n1 | sed 's/.*addr://g' | sed 's/ .*//g')$(LANG=c ifconfig  | awk -v RS="" '{gsub (/\n[ ]*inet /," ")}1' | grep ^en.* | grep addr: | head -n1 | sed 's/.*addr://g' | sed 's/ .*//g')" | head -n1)
-sed -i 's/<!-- <param name="rtp-start-port" value="16384"\/> -->/<param name="rtp-start-port" value="32750"\/>/g' /opt/freeswitch/etc/freeswitch/autoload_configs/switch.conf.xml
+xmlstarlet edit --inplace --update '//X-PRE-PROCESS[@cmd="set" and starts-with(@data, "external_rtp_ip=")]/@data' --value "stun:coturn" /opt/freeswitch/conf/vars.xml
-sed -i 's/<!-- <param name="rtp-end-port" value="32768"\/> -->/<param name="rtp-end-port" value="32768"\/>/g' /opt/freeswitch/etc/freeswitch/autoload_configs/switch.conf.xml
+xmlstarlet edit --inplace --update '//X-PRE-PROCESS[@cmd="set" and starts-with(@data, "external_sip_ip=")]/@data' --value "stun:coturn" /opt/freeswitch/conf/vars.xml
 xmlstarlet edit --inplace --update '//X-PRE-PROCESS[@cmd="set" and starts-with(@data, "local_ip_v4=")]/@data' --value "${IP}" /opt/freeswitch/conf/vars.xml
-sed -i "s/stun:stun.freeswitch.org/$HOST/g" /opt/freeswitch/etc/freeswitch/vars.xml
+sed -i "s/proxy_pass .*/proxy_pass $PROTOCOL_HTTP:\/\/$IP:5066;/g" /etc/bigbluebutton/nginx/sip.nginx
 sed -i "s/<X-PRE-PROCESS cmd=\"set\" data=\"local_ip_v4=.*//g" /opt/freeswitch/etc/freeswitch/vars.xml
 sed -i "s/ext-rtp-ip\" value=\"\$\${local_ip_v4/ext-rtp-ip\" value=\"\$\${external_rtp_ip/g" /opt/freeswitch/conf/sip_profiles/external.xml
 sed -i "s/ext-sip-ip\" value=\"\$\${local_ip_v4/ext-sip-ip\" value=\"\$\${external_sip_ip/g" /opt/freeswitch/conf/sip_profiles/external.xml
 sed -i "s/<param name=\"ws-binding\".*/<param name=\"ws-binding\"  value=\"$HOST:5066\"\/>/g" /opt/freeswitch/conf/sip_profiles/external.xml
 sed -i "s/proxy_pass .*/proxy_pass $PROTOCOL_HTTP:\/\/$HOST:5066;/g" /etc/bigbluebutton/nginx/sip.nginx
 sed -i "s/porttest host=\(\"[^\"]*\"\)/porttest host=rtmp://\"$HOST\"/g" /var/www/bigbluebutton/client/conf/config.xml
 sed -i "s/publishURI=\"[^\"]*\"/publishURI=\"$HOST\"/" /var/www/bigbluebutton/client/conf/config.xml
 sed -i "s/http[s]*:\/\/\([^\"\/]*\)\([\"\/]\)/$PROTOCOL_HTTP:\/\/$HOST\2/g"  /var/www/bigbluebutton/client/conf/config.xml
 sed -i "s/rtmp[s]*:\/\/\([^\"\/]*\)\([\"\/]\)/$PROTOCOL_RTMP:\/\/$HOST\2/g" /var/www/bigbluebutton/client/conf/config.xml
 sed -i "s/server_name  .*/server_name  $HOST;/g" /etc/nginx/sites-available/bigbluebutton
 sed -i "s/bigbluebutton.web.serverURL=http[s]*:\/\/.*/bigbluebutton.web.serverURL=$PROTOCOL_HTTP:\/\/$HOST/g" \
-                        /var/lib/tomcat7/webapps/bigbluebutton/WEB-INF/classes/bigbluebutton.properties
+  /var/lib/tomcat7/webapps/bigbluebutton/WEB-INF/classes/bigbluebutton.properties
 # Update Java screen share configuration
 change_var_value /usr/share/red5/webapps/screenshare/WEB-INF/screenshare.properties streamBaseUrl rtmp://$HOST/screenshare
 change_var_value /usr/share/red5/webapps/screenshare/WEB-INF/screenshare.properties jnlpUrl $PROTOCOL_HTTP://$HOST/screenshare
 change_var_value /usr/share/red5/webapps/screenshare/WEB-INF/screenshare.properties jnlpFile $PROTOCOL_HTTP://$HOST/screenshare/screenshare.jnlp
@ -88,38 +94,137 @@ change_var_value /usr/share/red5/webapps/sip/WEB-INF/bigbluebutton-sip.propertie
 change_var_value /usr/share/red5/webapps/sip/WEB-INF/bigbluebutton-sip.properties freeswitch.ip $IP
 sed -i  "s/bbbWebAPI[ ]*=[ ]*\"[^\"]*\"/bbbWebAPI=\"${PROTOCOL_HTTP}:\/\/$HOST\/bigbluebutton\/api\"/g" \
-	/usr/share/bbb-apps-akka/conf/application.conf
+  /usr/share/bbb-apps-akka/conf/application.conf
 sed -i "s/bbbWebHost[ ]*=[ ]*\"[^\"]*\"/bbbWebHost=\"$HOST\"/g" \
-	/usr/share/bbb-apps-akka/conf/application.conf
+  /usr/share/bbb-apps-akka/conf/application.conf
 sed -i "s/deskshareip[ ]*=[ ]*\"[^\"]*\"/deskshareip=\"$HOST\"/g" \
-	/usr/share/bbb-apps-akka/conf/application.conf
+  /usr/share/bbb-apps-akka/conf/application.conf
 sed -i  "s/defaultPresentationURL[ ]*=[ ]*\"[^\"]*\"/defaultPresentationURL=\"${PROTOCOL_HTTP}:\/\/$HOST\/default.pdf\"/g" \
-	/usr/share/bbb-apps-akka/conf/application.conf
+  /usr/share/bbb-apps-akka/conf/application.conf
-# Fix to ensure application.conf has the latest shared secret
+cat > /etc/kurento/modules/kurento/WebRtcEndpoint.conf.ini  << HERE
 ; Only IP address are supported, not domain names for addresses
 ; You have to find a valid stun server. You can check if it works
 ; using this tool:
 ;   http://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/
 ;stunServerAddress=64.233.177.127
 ;stunServerPort=19302
 turnURL=kurento:kurento@${HOST}:3478
 ;pemCertificate is deprecated. Please use pemCertificateRSA instead
 ;pemCertificate=<path>
 ;pemCertificateRSA=<path>
 ;pemCertificateECDSA=<path>
 HERE
 TURN_SECRET=`openssl rand -hex 16`
 # Configure coturn to handle incoming UDP connections
 cat > /etc/turnserver.conf << HERE
 denied-peer-ip=0.0.0.0-255.255.255.255
 allowed-peer-ip=$IP
 fingerprint
 lt-cred-mech
 use-auth-secret
 static-auth-secret=$TURN_SECRET
 user=user:password
 log-file=/var/log/turn.log
 HERE
 # Setup tomcat7 to share the TURN server information with clients (with matching secret)
 cat > /var/lib/tomcat7/webapps/bigbluebutton/WEB-INF/spring/turn-stun-servers.xml << HERE
 <?xml version="1.0" encoding="UTF-8"?>
 <beans xmlns="http://www.springframework.org/schema/beans" 
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd">
   <bean id="turn0" class="org.bigbluebutton.web.services.turn.TurnServer">
      <constructor-arg index="0" value="$TURN_SECRET" />
      <constructor-arg index="1" value="turn:$HOST:3478" />
      <constructor-arg index="2" value="86400" />
   </bean>
   <bean id="turn1" class="org.bigbluebutton.web.services.turn.TurnServer">
      <constructor-arg index="0" value="$TURN_SECRET" />
      <constructor-arg index="1" value="turn:$HOST:3478?transport=tcp" />
      <constructor-arg index="2" value="86400" />
   </bean>
   <bean id="stunTurnService" class="org.bigbluebutton.web.services.turn.StunTurnService">
      <property name="stunServers">
         <set />
      </property>
      <property name="turnServers">
         <set>
            <ref bean="turn0" />
            <ref bean="turn1" />
         </set>
      </property>
      <property name="remoteIceCandidates">
         <set />
      </property>
   </bean>
 </beans>
 HERE
 cat > /opt/freeswitch/conf/autoload_configs/acl.conf.xml << HERE
 <configuration name="acl.conf" description="Network Lists">
  <network-lists>
    <list name="domains" default="allow">
      <!-- domain= is special it scans the domain from the directory to build the ACL -->
      <node type="allow" domain="\$\${domain}"/>
      <!-- use cidr= if you wish to allow ip ranges to this domains acl. -->
      <!-- <node type="allow" cidr="192.168.0.0/24"/> -->
    </list>
    <list name="webrtc-turn" default="deny">
      <node type="allow" cidr="$IP/32"/>
    </list>
  </network-lists>
 </configuration>
 HERE
 # Ensure bbb-apps-akka has the latest shared secret from bbb-web
 SECRET=$(cat /var/lib/tomcat7/webapps/bigbluebutton/WEB-INF/classes/bigbluebutton.properties | grep -v '#' | grep securitySalt | cut -d= -f2);
 sed -i "s/sharedSecret[ ]*=[ ]*\"[^\"]*\"/sharedSecret=\"$SECRET\"/g" \
-	/usr/share/bbb-apps-akka/conf/application.conf
+  /usr/share/bbb-apps-akka/conf/application.conf
 sed -i "s/BigBlueButtonURL = \"http[s]*:\/\/\([^\"\/]*\)\([\"\/]\)/BigBlueButtonURL = \"$PROTOCOL_HTTP:\/\/$HOST\2/g" \
-                        /var/lib/tomcat7/webapps/demo/bbb_api_conf.jsp
+  /var/lib/tomcat7/webapps/demo/bbb_api_conf.jsp
 sed -i "s/playback_host: .*/playback_host: $HOST/g" /usr/local/bigbluebutton/core/scripts/bigbluebutton.yml
 sed -i 's/daemonize no/daemonize yes/g' /etc/redis/redis.conf
 sed -i "s|\"wsUrl.*|\"wsUrl\": \"ws://$HOST/bbb-webrtc-sfu\",|g" \
  /usr/share/meteor/bundle/programs/server/assets/app/config/settings-production.json
 rm /usr/share/red5/log/sip.log
 # Add a sleep to each recording process so we can restart with supervisord
 # (This works around the limitation that supervisord can't restart after intervals)
 sed -i 's/BigBlueButton.logger.debug("rap-archive-worker done")/sleep 20; BigBlueButton.logger.debug("rap-archive-worker done")/g' /usr/local/bigbluebutton/core/scripts/rap-archive-worker.rb
 sed -i 's/BigBlueButton.logger.debug("rap-process-worker done")/sleep 20; BigBlueButton.logger.debug("rap-process-worker done")/g' /usr/local/bigbluebutton/core/scripts/rap-process-worker.rb
-
+sed -i 's/BigBlueButton.logger.debug("rap-sanity-worker done")/sleep 20 ; BigBlueButton.logger.debug("rap-sanity-worker done")/g'  /usr/local/bigbluebutton/core/scripts/rap-sanity-worker.rb
-sed -i 's/BigBlueButton.logger.debug("rap-sanity-worker done")/sleep 20; BigBlueButton.logger.debug("rap-sanity-worker done")/g' /usr/local/bigbluebutton/core/scripts/rap-sanity-worker.rb
+sed -i 's/BigBlueButton.logger.debug("rap-publish-worker done")/sleep 20; BigBlueButton.logger.debug("rap-publish-worker done")/g' /usr/local/bigbluebutton/core/scripts/rap-publish-worker.rb
 sed -i 's/BigBlueButton.logger.debug("rap-publish-worker done")/sleep 20; BigBlueButton.logger.debug("rap-publish-worker done")/g' /usr/local/bigbluebutton/core/scripts/rap-publish-worker.rb 
 # Start BigBlueButton!
 #
-/usr/bin/supervisord
+
 export NODE_ENV=production
 export DAEMON_LOG=/var/log/kurento-media-server
 export GST_DEBUG="3,Kurento*:4,kms*:4"
 export KURENTO_LOGS_PATH=$DAEMON_LOG
 cat << HERE
 BigBlueButton is now starting up at this address
  http://$HOST
 HERE
 updatedb
 exec /usr/bin/supervisord > /var/log/supervisord.log
--- a/supervisord.conf
+++ b/supervisord.conf
@ -77,11 +77,25 @@ stderr_logfile=/var/log/supervisor/%(program_name)s.log
 user=mongodb
 autorestart=true
 [program:bbb-webrtc-sfu]
 command=/usr/bin/node server.js
 directory=/usr/local/bigbluebutton/bbb-webrtc-sfu
 user=bigbluebutton
 group=bigbluebutton
 autorestart=true
 [program:kurento-media-server]
 command=/usr/bin/kurento-media-server
 directory=/usr/share/meteor/bundle
 user=kurento
 group=kurento
 autorestart=true
 [program:bbb-html5]
 command=/usr/share/meteor/bundle/systemd_start.sh
 directory=/usr/share/meteor/bundle
-user=meteor
+#user=meteor
-group=meteor
+#group=meteor
 autorestart=true
 [program:tomcat7]
@ -89,3 +103,10 @@ startsecs = 0
 autorestart = false
 user=tomcat7
 command=/usr/lib/jvm/java-1.8.0-openjdk-amd64/jre/bin/java -Djava.util.logging.config.file=/var/lib/tomcat7/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.awt.headless=true -Xmx128m -XX:+UseConcMarkSweepGC -Xms256m -Xmx256m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/bigbluebutton/diagnostics -Djava.endorsed.dirs=/usr/share/tomcat7/endorsed -classpath /usr/share/tomcat7/bin/bootstrap.jar:/usr/share/tomcat7/bin/tomcat-juli.jar -Dcatalina.base=/var/lib/tomcat7 -Dcatalina.home=/usr/share/tomcat7 -Djava.io.tmpdir=/tmp/tomcat7-tomcat7-tmp org.apache.catalina.startup.Bootstrap start
 [program:coturn]
 startsecs = 0
 autorestart = false
 user=turnserver
 command=/usr/bin/turnserver -c /etc/turnserver.conf -u kurento:kurento