From 14b0c085fbd5c5507e755a8486e6e50f4d6f54e9 Mon Sep 17 00:00:00 2001 From: chandi Date: Mon, 13 Dec 2021 17:52:13 +0100 Subject: [PATCH] BBB v2.4-rc-7 --- README.md | 2 +- docker-compose.tmpl.yml | 2 ++ mod/apps-akka/Dockerfile | 4 ++-- mod/bbb-web/Dockerfile | 14 ++++++------ mod/etherpad/Dockerfile | 14 +++++------- mod/fsesl-akka/Dockerfile | 6 ++--- mod/html5/Dockerfile | 4 ++-- mod/mongo/mongod.conf | 3 +++ mod/nginx/Dockerfile | 2 +- mod/nginx/bbb/loadbalancer.nginx | 4 ++++ mod/nginx/bbb/presentation-slides.nginx | 12 ++++++++++ mod/nginx/bbb/web.nginx | 30 +++++++++++++++++++++---- mod/nginx/bbb/webrtc-sfu.nginx | 14 +++++++++--- mod/recordings/Dockerfile | 2 +- mod/webrtc-sfu/bbb-webrtc-sfu | 2 +- 15 files changed, 81 insertions(+), 34 deletions(-) create mode 100644 mod/nginx/bbb/loadbalancer.nginx diff --git a/README.md b/README.md index 4e7a4c6..6837a9d 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ # 📦 BigBlueButton 2.4 Docker -Version: 2.4-rc-5 | [Changelog](CHANGELOG.md) | [Issues](https://github.com/bigbluebutton/docker/issues) +Version: 2.4-rc-7 | [Changelog](CHANGELOG.md) | [Issues](https://github.com/bigbluebutton/docker/issues) ## Features - Easy installation diff --git a/docker-compose.tmpl.yml b/docker-compose.tmpl.yml index 5f93f42..ee9fc58 100644 --- a/docker-compose.tmpl.yml +++ b/docker-compose.tmpl.yml @@ -243,6 +243,8 @@ services: jodconverter: build: mod/jodconverter restart: unless-stopped + tmpfs: + - /tmp deploy: resources: limits: diff --git a/mod/apps-akka/Dockerfile b/mod/apps-akka/Dockerfile index 97067dc..07b4775 100644 --- a/mod/apps-akka/Dockerfile +++ b/mod/apps-akka/Dockerfile @@ -3,7 +3,7 @@ FROM mozilla/sbt:8u212_1.2.8 AS builder RUN apt-get update && apt-get install -y subversion # download bbb-common-message -ENV TAG_COMMON_MESSAGE v2.4-rc-5 +ENV TAG_COMMON_MESSAGE v2.4-rc-7 RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG_COMMON_MESSAGE/bbb-common-message /bbb-common-message \ && rm -rf /bbb-common-message/.svn @@ -14,7 +14,7 @@ RUN cd /bbb-common-message \ # =================================================== -ENV TAG v2.4-rc-5 +ENV TAG v2.4-rc-7 RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG/akka-bbb-apps /source \ && rm -rf /source/.svn diff --git a/mod/bbb-web/Dockerfile b/mod/bbb-web/Dockerfile index 1f32681..4ec69e7 100644 --- a/mod/bbb-web/Dockerfile +++ b/mod/bbb-web/Dockerfile @@ -3,7 +3,7 @@ FROM mozilla/sbt:8u212_1.2.8 AS builder RUN apt-get update && apt-get install -y subversion # download bbb-common-message -ENV TAG_COMMON_MESSAGE v2.4-rc-5 +ENV TAG_COMMON_MESSAGE v2.4-rc-7 RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG_COMMON_MESSAGE/bbb-common-message /bbb-common-message \ && rm -rf /bbb-common-message/.svn @@ -26,7 +26,7 @@ RUN cd /opt \ ENV PATH="/opt/gradle-6.7/bin:${PATH}" # download bbb-common-web -ENV TAG_COMMON_WEB v2.4-rc-5 +ENV TAG_COMMON_WEB v2.4-rc-7 RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG_COMMON_WEB/bbb-common-web /bbb-common-web \ && rm -rf /bbb-common-message/.svn @@ -35,7 +35,7 @@ RUN cd /bbb-common-web \ && ./deploy.sh # download bbb-web -ENV TAG_WEB v2.4-rc-5 +ENV TAG_WEB v2.4-rc-7 RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG_WEB/bigbluebutton-web /bbb-web \ && rm -rf /bbb-web/.svn @@ -77,10 +77,10 @@ RUN wget -q https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VE RUN mkdir -p /usr/share/bigbluebutton/blank \ && cd /usr/share/bigbluebutton/blank \ && wget \ - https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.4-rc-5/bigbluebutton-config/slides/blank-svg.svg \ - https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.4-rc-5/bigbluebutton-config/slides/blank-thumb.png \ - https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.4-rc-5/bigbluebutton-config/slides/blank-presentation.pdf \ - https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.4-rc-5/bigbluebutton-config/slides/blank-png.png \ + https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.4-rc-7/bigbluebutton-config/slides/blank-svg.svg \ + https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.4-rc-7/bigbluebutton-config/slides/blank-thumb.png \ + https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.4-rc-7/bigbluebutton-config/slides/blank-presentation.pdf \ + https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.4-rc-7/bigbluebutton-config/slides/blank-png.png \ && sed -i 's///g' /etc/ImageMagick-6/policy.xml # get bbb-web diff --git a/mod/etherpad/Dockerfile b/mod/etherpad/Dockerfile index db4c305..a8d4ebc 100644 --- a/mod/etherpad/Dockerfile +++ b/mod/etherpad/Dockerfile @@ -7,17 +7,13 @@ RUN apt-get update \ USER etherpad -# only used to trigger a fresh run of the npm install -# command without caching -ENV TAG v2.4-rc-5 - # ep_cursortrace: using mconf's fork due to https://github.com/ether/ep_cursortrace/pull/25 not being accepted upstream RUN npm install \ - git+https://github.com/mconf/ep_cursortrace.git \ - git+https://git@github.com/pedrobmarin/ep_pad_ttl.git \ - git+https://git@github.com/pedrobmarin/ep_redis_publisher.git \ - git+https://git@github.com/ether/ep_disable_chat.git \ - git+https://github.com/ether/ep_sticky_attributes.git \ + git+https://github.com/mconf/ep_cursortrace.git#v3.1.8 \ + git+https://github.com/pedrobmarin/ep_pad_ttl.git#360136cd38493dd698435631f2373cbb7089082d \ + git+https://github.com/pedrobmarin/ep_redis_publisher.git#ed7d8af49876757559ef9d7c8970665c08445d4b \ + git+https://github.com/ether/ep_disable_chat.git#v0.0.3 \ + git+https://github.com/ether/ep_sticky_attributes.git#v0.1.9 \ # remove npm lockfile, because somehow it prevents etherpad from detecting the manual added plugin ep_bigbluebutton_patches && rm package-lock.json diff --git a/mod/fsesl-akka/Dockerfile b/mod/fsesl-akka/Dockerfile index aab2101..91d8d06 100644 --- a/mod/fsesl-akka/Dockerfile +++ b/mod/fsesl-akka/Dockerfile @@ -3,7 +3,7 @@ FROM mozilla/sbt:8u212_1.2.8 AS builder RUN apt-get update && apt-get install -y subversion # download bbb-common-message -ENV TAG_COMMON_MESSAGE v2.4-rc-5 +ENV TAG_COMMON_MESSAGE v2.4-rc-7 RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG_COMMON_MESSAGE/bbb-common-message /bbb-common-message \ && rm -rf /bbb-common-message/.svn @@ -13,7 +13,7 @@ RUN cd /bbb-common-message \ # =================================================== -ENV TAG_FSESL v2.4-rc-5 +ENV TAG_FSESL v2.4-rc-7 RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG_FSESL/bbb-fsesl-client /bbb-fsesl-client \ && rm -rf /bbb-fsesl-client/.svn @@ -21,7 +21,7 @@ RUN cd /bbb-fsesl-client \ && ./deploy.sh -ENV TAG v2.4-rc-5 +ENV TAG v2.4-rc-7 RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG/akka-bbb-fsesl /source \ && rm -rf /source/.svn diff --git a/mod/html5/Dockerfile b/mod/html5/Dockerfile index 97ac31a..15c24f4 100644 --- a/mod/html5/Dockerfile +++ b/mod/html5/Dockerfile @@ -14,7 +14,7 @@ USER meteor ENV METEOR_VERSION 2.5 RUN curl -sL https://install.meteor.com?release=$METEOR_VERSION | sed s/--progress-bar/-sL/g | /bin/sh -ENV TAG v2.4-rc-5 +ENV TAG v2.4-rc-7 RUN cd ~ \ && svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG/bigbluebutton-html5 \ && mv ~/bigbluebutton-html5 ~/source \ @@ -41,4 +41,4 @@ COPY bbb-html5.yml /app/bbb-html5.yml.tmpl ENTRYPOINT ["/entrypoint.sh"] # lets set the tag again, so that it is include in the image for later version retrieval -ENV TAG v2.4-rc-5 +ENV TAG v2.4-rc-7 diff --git a/mod/mongo/mongod.conf b/mod/mongo/mongod.conf index bce6bd9..f791065 100644 --- a/mod/mongo/mongod.conf +++ b/mod/mongo/mongod.conf @@ -28,3 +28,6 @@ replication: setParameter: diagnosticDataCollectionEnabled: false + +security: + javascriptEnabled: false diff --git a/mod/nginx/Dockerfile b/mod/nginx/Dockerfile index 3fc4c05..aa7b532 100644 --- a/mod/nginx/Dockerfile +++ b/mod/nginx/Dockerfile @@ -4,7 +4,7 @@ RUN apk add subversion git # -------------------- -ENV TAG_LEARNING_DASHBOARD v2.4-rc-5 +ENV TAG_LEARNING_DASHBOARD v2.4-rc-7 RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG_LEARNING_DASHBOARD/bbb-learning-dashboard /bbb-learning-dashboard && rm -r /bbb-learning-dashboard/.svn RUN cd /bbb-learning-dashboard && npm ci && npm run build diff --git a/mod/nginx/bbb/loadbalancer.nginx b/mod/nginx/bbb/loadbalancer.nginx new file mode 100644 index 0000000..e254118 --- /dev/null +++ b/mod/nginx/bbb/loadbalancer.nginx @@ -0,0 +1,4 @@ +# If you run this BBB node behind a proxy loadbalancer set the hostname of +# the loadbalancer here. This will be used to add CORS headers so requesting +# slides and API calls won't fail +set $bbb_loadbalancer_node ''; diff --git a/mod/nginx/bbb/presentation-slides.nginx b/mod/nginx/bbb/presentation-slides.nginx index d458a1b..1ea4c4f 100644 --- a/mod/nginx/bbb/presentation-slides.nginx +++ b/mod/nginx/bbb/presentation-slides.nginx @@ -22,20 +22,32 @@ location ~^\/bigbluebutton\/presentation\/(?[A-Za-z0-9\-]+)\/(?[A-Za-z0-9\-]+)\/(?[A-Za-z0-9\-]+)\/svg\/(?\d+)$ { default_type image/svg+xml; alias /var/bigbluebutton/$meeting_id_2/$meeting_id_2/$pres_id/svgs/slide$page_num.svg; + if ($bbb_loadbalancer_node) { + add_header 'Access-Control-Allow-Origin' $bbb_loadbalancer_node always; + } } location ~^\/bigbluebutton\/presentation\/(?[A-Za-z0-9\-]+)\/(?[A-Za-z0-9\-]+)\/(?[A-Za-z0-9\-]+)\/slide\/(?\d+)$ { alias /var/bigbluebutton/$meeting_id_2/$meeting_id_2/$pres_id/slide-$page_num.swf; + if ($bbb_loadbalancer_node) { + add_header 'Access-Control-Allow-Origin' $bbb_loadbalancer_node always; + } } location ~^\/bigbluebutton\/presentation\/(?[A-Za-z0-9\-]+)\/(?[A-Za-z0-9\-]+)\/(?[A-Za-z0-9\-]+)\/thumbnail\/(?\d+)$ { default_type image/png; alias /var/bigbluebutton/$meeting_id_2/$meeting_id_2/$pres_id/thumbnails/thumb-$page_num.png; + if ($bbb_loadbalancer_node) { + add_header 'Access-Control-Allow-Origin' $bbb_loadbalancer_node always; + } } location ~^\/bigbluebutton\/presentation\/(?[A-Za-z0-9\-]+)\/(?[A-Za-z0-9\-]+)\/(?[A-Za-z0-9\-]+)\/textfiles\/(?\d+)$ { default_type text/plain; alias /var/bigbluebutton/$meeting_id_2/$meeting_id_2/$pres_id/textfiles/slide-$page_num.txt; + if ($bbb_loadbalancer_node) { + add_header 'Access-Control-Allow-Origin' $bbb_loadbalancer_node always; + } } diff --git a/mod/nginx/bbb/web.nginx b/mod/nginx/bbb/web.nginx index bc310a8..8352ccf 100755 --- a/mod/nginx/bbb/web.nginx +++ b/mod/nginx/bbb/web.nginx @@ -7,18 +7,34 @@ proxy_redirect default; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - # Workaround IE refusal to set cookies in iframe - add_header P3P 'CP="No P3P policy available"'; + # Workaround IE refusal to set cookies in iframe + add_header P3P 'CP="No P3P policy available"'; + if ($bbb_loadbalancer_node) { + add_header 'Access-Control-Allow-Origin' $bbb_loadbalancer_node always; + add_header 'Access-Control-Allow-Credentials' 'true' always; + } } location ~ "^\/bigbluebutton\/presentation\/(?[a-zA-Z0-9_-]+)/upload$" { - proxy_pass http://bbb-web:8090; + # Grails can't handle CORS OPTION preflight requests correctly -> lets do this in nginx + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' $bbb_loadbalancer_node always; + add_header 'Access-Control-Allow-Credentials' 'true' always; + add_header 'Content-Type' 'text/plain; charset=utf-8'; + add_header 'Content-Length' 0; + return 204; + } + proxy_pass http://bbb-web:8090; proxy_redirect default; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # Workaround IE refusal to set cookies in iframe - add_header P3P 'CP="No P3P policy available"'; + add_header P3P 'CP="No P3P policy available"'; + if ($bbb_loadbalancer_node) { + add_header 'Access-Control-Allow-Origin' $bbb_loadbalancer_node always; + add_header 'Access-Control-Allow-Credentials' 'true' always; + } # high limit for presentation as bbb-web will reject upload if larger than configured client_max_body_size 1000m; @@ -57,6 +73,9 @@ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # Workaround IE refusal to set cookies in iframe add_header P3P 'CP="No P3P policy available"'; + if ($bbb_loadbalancer_node) { + add_header 'Access-Control-Allow-Origin' $bbb_loadbalancer_node always; + } } location = /bigbluebutton/presentation/checkPresentation { @@ -102,6 +121,9 @@ location ~ "^/bigbluebutton\/textTrack\/(?[a-zA-Z0-9]+)\/(?[a-zA-Z0-9_-]+)\/(?.+)$" { # Workaround IE refusal to set cookies in iframe add_header P3P 'CP="No P3P policy available"'; + if ($bbb_loadbalancer_node) { + add_header 'Access-Control-Allow-Origin' $bbb_loadbalancer_node always; + } # Allow 30M uploaded presentation document. client_max_body_size 30m; diff --git a/mod/nginx/bbb/webrtc-sfu.nginx b/mod/nginx/bbb/webrtc-sfu.nginx index b9d96e2..71a5a00 100644 --- a/mod/nginx/bbb/webrtc-sfu.nginx +++ b/mod/nginx/bbb/webrtc-sfu.nginx @@ -1,14 +1,22 @@ location /bbb-webrtc-sfu { + auth_request /bigbluebutton/connection/checkAuthorization; + auth_request_set $auth_status $upstream_status; + # Extra variables are annotated by bbb-web as custom headers + auth_request_set $user_id $sent_http_user_id; + auth_request_set $meeting_id $sent_http_meeting_id; + auth_request_set $voice_bridge $sent_http_voice_bridge; + proxy_pass http://webrtc-sfu:3008; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; + # Following custom headers are used by bbb-webrtc-sfu + proxy_set_header User-Id $user_id; + proxy_set_header Meeting-Id $meeting_id; + proxy_set_header Voice-Bridge $voice_bridge; proxy_read_timeout 6h; proxy_send_timeout 6h; client_body_timeout 6h; send_timeout 6h; - - auth_request /bigbluebutton/connection/checkAuthorization; - auth_request_set $auth_status $upstream_status; } diff --git a/mod/recordings/Dockerfile b/mod/recordings/Dockerfile index 5b447c6..e50cdf0 100644 --- a/mod/recordings/Dockerfile +++ b/mod/recordings/Dockerfile @@ -45,7 +45,7 @@ RUN mkdir -p \ /usr/local/bigbluebutton/core \ /etc/bigbluebutton -ENV TAG v2.4-rc-5 +ENV TAG v2.4-rc-7 # add bbb-record-core (lib, scripts and Gemfile) RUN cd /usr/local/bigbluebutton/core \ diff --git a/mod/webrtc-sfu/bbb-webrtc-sfu b/mod/webrtc-sfu/bbb-webrtc-sfu index c33878c..4e0fa6b 160000 --- a/mod/webrtc-sfu/bbb-webrtc-sfu +++ b/mod/webrtc-sfu/bbb-webrtc-sfu @@ -1 +1 @@ -Subproject commit c33878c89e5f4486ca980086e814491ece436e1c +Subproject commit 4e0fa6bf8ffc1bb8fbbe4fe9843651331e018188