optional https reverse proxy

README.md

@@ -2,7 +2,6 @@
 
 ## Please note
 - Not well tested, can be still really buggy. Don't use for production! 
-- Serves BBB on HTTP Port 8080. It is your responsibility to add a HTTPS reverse proxy
 
 ## Install
 1. Install docker-ce & docker-compose
@@ -21,16 +20,31 @@
    ```
 6. Create `.env` with `$ cp sample.env .env`
 7. Adjust the values in `.env` (don't forget to change the `ETHERPAD_API_KEY`, `SHARED_SECRET` and `RAILS_SECRET`!)
-8. Start BigBlueButton `$ docker-compose up -d` and wait ages until all images are built
-9. Optionally...
-    - Start api demos
-        - `$ docker-compose -f docker-compose.demo.yml up -d`
-        - Access https://bbb.example.com/demo/
-    - Start greenlight
-        - `$ docker-compose -f docker-compose.greenlight.yml up -d`
-        - Create an administrator account \
-        `$ docker exec greenlight-v2 bundle exec rake admin:create`
-        - Access https://bbb.example.com/b
+8. Start container. either...
+    - **Most common setup**: BigBlueButton with automatic HTTPS certificate retrieval and Greenlight
+        ```bash
+        $ docker-compose \
+            -f docker-compose.yml \
+            -f docker-compose.https.yml \
+            -f docker-compose.greenlight.yml \
+            up --detach
+        ```
+    - **Individual parts**:
+        - BigBlueButton `$ docker-compose up -d`
+        - HTTPS reverse proxy
+            - `$ docker-compose -f docker-compose.https.yml up -d`
+        - API demos
+            - `$ docker-compose -f docker-compose.demo.yml up -d`
+            - Access https://bbb.example.com/demo/
+        - Greenlight
+            - `$ docker-compose -f docker-compose.greenlight.yml up -d`
+            - Create an administrator account \
+            `$ docker exec greenlight-v2 bundle exec rake admin:create`
+            - Access https://bbb.example.com/b
+
+
+
+
 
 ## Note if you use a Firewall / NAT
 Kurento binds somehow always to the external IP instead of the local one or `0.0.0.0`. For that reason you need to add your external IP to your interface.
@@ -47,7 +61,6 @@ Specific to your linux distribution. Use a search engine of your choice. ;)
 Also don't forget to forward all necassary ports listed in http://docs.bigbluebutton.org/2.2/configure-firewall.html
 
 ## Open Tasks
-- add optional https support via lets encrypt
 - add support for recording
 - further separate bbb-core into individual container
 

docker-compose.https.yml

@@ -0,0 +1,16 @@
+version: '3.6'
+services:
+  https_proxy:
+    image: valian/docker-nginx-auto-ssl
+    restart: on-failure
+    ports:
+      - 80:80
+      - 443:443
+    volumes:
+      - ssl_data:/etc/resty-auto-ssl
+    environment:
+      ALLOWED_DOMAINS: ${DOMAIN}
+      SITES: ${DOMAIN}=10.7.7.1:8080
+
+volumes:
+  ssl_data: