forked from extern/docker
reduced container privileges
This commit is contained in:
chandi
parent
cb45009e59
commit
5724e437d7
@ -3,11 +3,10 @@ version: '2'
|
||||
services:
|
||||
bbb:
|
||||
image: bbb
|
||||
privileged: true
|
||||
hostname: meet.livingutopia.org
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
- SYS_NICE # for realtime scheduling
|
||||
- SYS_ADMIN # for systemd
|
||||
environment:
|
||||
- container=docker
|
||||
tmpfs:
|
||||
@ -15,7 +14,8 @@ services:
|
||||
- /run/lock
|
||||
- /tmp:exec,mode=777
|
||||
volumes:
|
||||
- ./setup.sh:/opt/docker-bbb/setup.sh
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro # for systemd
|
||||
- ./setup.sh:/opt/setup.sh
|
||||
- ./mod/freeswitch/vars.xml:/opt/freeswitch/conf/vars.xml
|
||||
- ./mod/freeswitch/external.xml:/opt/freeswitch/conf/sip_profiles/external.xml
|
||||
- ./mod/nginx/sip.nginx:/etc/bigbluebutton/nginx/sip.nginx
|
||||
@ -26,7 +26,4 @@ services:
|
||||
- ./mod/web/bigbluebutton.properties:/usr/share/bbb-web/WEB-INF/classes/bigbluebutton.properties
|
||||
- ./mod/kurento/WebRtcEndpoint.conf.ini:/etc/kurento/modules/kurento/WebRtcEndpoint.conf.ini
|
||||
- ./mod/bbb-webrtc-sfu/config.yml:/usr/local/bigbluebutton/bbb-webrtc-sfu/config/default.yml
|
||||
- ./rc.local:/etc/rc.local
|
||||
security_opt:
|
||||
- seccomp:unconfined
|
||||
network_mode: host
|
||||
|
||||
2
setup.sh
2
setup.sh
@ -5,8 +5,6 @@ HOST=meet.livingutopia.org
|
||||
TOMCAT_USER=tomcat7
|
||||
SERVLET_DIR=/usr/share/bbb-web
|
||||
|
||||
echo $HOST > /etc/hostname
|
||||
|
||||
TURN_XML=$SERVLET_DIR/WEB-INF/classes/spring/turn-stun-servers.xml
|
||||
|
||||
while [ ! -f $SERVLET_DIR/WEB-INF/classes/bigbluebutton.properties ]; do sleep 1; echo -n '.'; done
|
||||
|
||||
Loading…
Reference in New Issue
Block a user