diff --git a/Dockerfile b/Dockerfile index 91121f6..dafeb02 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ FROM ubuntu:16.04 MAINTAINER ffdixon@bigbluebutton.org ENV DEBIAN_FRONTEND noninteractive -# RUN echo 'Acquire::http::Proxy "http://192.168.0.130:3142";' > /etc/apt/apt.conf.d/01proxy +RUN echo 'Acquire::http::Proxy "http://192.168.0.130:3142 ";' > /etc/apt/apt.conf.d/01proxy RUN apt-get update && apt-get install -y wget RUN echo "deb http://ubuntu.bigbluebutton.org/xenial-200 bigbluebutton-xenial main " | tee /etc/apt/sources.list.d/bigbluebutton.list @@ -51,6 +51,9 @@ ADD supervisord.conf /etc/supervisor/conf.d/supervisord.conf # -- Modify FreeSWITCH event_socket.conf.xml to listen to IPV4 ADD mod/event_socket.conf.xml /opt/freeswitch/etc/freeswitch/autoload_configs +ADD mod/external.xml /opt/freeswitch/conf/sip_profiles/external.xml + +RUN apt-get install -y coturn vim # -- Finish startup ADD setup.sh /root/setup.sh diff --git a/mod/external.xml b/mod/external.xml new file mode 100644 index 0000000..f4b5c94 --- /dev/null +++ b/mod/external.xml @@ -0,0 +1,113 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/setup.sh b/setup.sh index 5c78c52..cc05e95 100755 --- a/setup.sh +++ b/setup.sh @@ -3,7 +3,7 @@ # # BlueButton open source conferencing system - http://www.bigbluebutton.org/ # -# Copyright (c) 2018 BigBlueButton Inc. +# Copyright (c) 2018 BigBlueButton Inc. # # This program is free software; you can redistribute it and/or modify it under the # terms of the GNU Lesser General Public License as published by the Free Software @@ -37,8 +37,8 @@ while getopts "eh:" opt; do e) SECRET=$OPTARG ;; - :) - echo "Missing option argument for -$OPTARG" >&2; + :) + echo "Missing option argument for -$OPTARG" >&2; exit 1 ;; \?) @@ -74,19 +74,19 @@ PROTOCOL_HTTP=http PROTOCOL_RTMP=rtmp IP=$(echo "$(LANG=c ifconfig | awk -v RS="" '{gsub (/\n[ ]*inet /," ")}1' | grep ^et.* | grep addr: | head -n1 | sed 's/.*addr://g' | sed 's/ .*//g')$(LANG=c ifconfig | awk -v RS="" '{gsub (/\n[ ]*inet /," ")}1' | grep ^en.* | grep addr: | head -n1 | sed 's/.*addr://g' | sed 's/ .*//g')" | head -n1) -sed -i 's///g' \ - /opt/freeswitch/etc/freeswitch/autoload_configs/switch.conf.xml -sed -i 's///g' \ - /opt/freeswitch/etc/freeswitch/autoload_configs/switch.conf.xml +#sed -i 's///g' \ +# /opt/freeswitch/etc/freeswitch/autoload_configs/switch.conf.xml +#sed -i 's///g' \ +# /opt/freeswitch/etc/freeswitch/autoload_configs/switch.conf.xml sed -i "s/stun:stun.freeswitch.org/$HOST/g" /opt/freeswitch/etc/freeswitch/vars.xml sed -i "s//g" /opt/freeswitch/conf/sip_profiles/external.xml +#sed -i "s/ext-rtp-ip\" value=\"\$\${local_ip_v4/ext-rtp-ip\" value=\"\$\${external_rtp_ip/g" /opt/freeswitch/conf/sip_profiles/external.xml +#sed -i "s/ext-sip-ip\" value=\"\$\${local_ip_v4/ext-sip-ip\" value=\"\$\${external_sip_ip/g" /opt/freeswitch/conf/sip_profiles/external.xml +#sed -i "s//g" /opt/freeswitch/conf/sip_profiles/external.xml -sed -i "s/proxy_pass .*/proxy_pass $PROTOCOL_HTTP:\/\/$HOST:5066;/g" /etc/bigbluebutton/nginx/sip.nginx +sed -i "s/proxy_pass .*/proxy_pass $PROTOCOL_HTTP:\/\/$IP:5066;/g" /etc/bigbluebutton/nginx/sip.nginx #sed -i "s/porttest host=\(\"[^\"]*\"\)/porttest host=\"$HOST\"/g" /var/www/bigbluebutton/client/conf/config.xml sed -i "s/publishURI=\"[^\"]*\"/publishURI=\"$HOST\"/" /var/www/bigbluebutton/client/conf/config.xml @@ -114,14 +114,83 @@ sed -i "s/deskshareip[ ]*=[ ]*\"[^\"]*\"/deskshareip=\"$HOST\"/g" \ sed -i "s/defaultPresentationURL[ ]*=[ ]*\"[^\"]*\"/defaultPresentationURL=\"${PROTOCOL_HTTP}:\/\/$HOST\/default.pdf\"/g" \ /usr/share/bbb-apps-akka/conf/application.conf -cat > /etc/kurento/modules/kurento/BaseRtpEndpoint.conf.ini << HERE -minPort=16435 -maxPort=16484 -HERE +#cat > /etc/kurento/modules/kurento/BaseRtpEndpoint.conf.ini << HERE +#minPort=16435 +#maxPort=16484 +#HERE sed -i 's/.*stunServerAddress.*/stunServerAddress=64.233.177.127/g' /etc/kurento/modules/kurento/WebRtcEndpoint.conf.ini sed -i 's/.*stunServerPort.*/stunServerPort=19302/g' /etc/kurento/modules/kurento/WebRtcEndpoint.conf.ini +echo "denied-peer-ip=0.0.0.0-255.255.255.255" >> /etc/turnserver.conf +echo "allowed-peer-ip=$IP" >> /etc/turnserver.conf + +TURN_SECRET=`openssl rand -hex 16` + +cat > /etc/turnserver.conf << HERE +denied-peer-ip=0.0.0.0-255.255.255.255 +allowed-peer-ip=$IP +fingerprint +lt-cred-mech +use-auth-secret +static-auth-secret=$TURN_SECRET +HERE + +cat > /var/lib/tomcat7/webapps/bigbluebutton/WEB-INF/spring/turn-stun-servers.xml << HERE + + + + + + + + + + + + + + + + + + + + + + + + + + +HERE + +cat > /opt/freeswitch/conf/autoload_configs/acl.conf.xml << HERE + + + + + + + + + + + + + + + +HERE + # Fix to ensure application.conf has the latest shared secret SECRET=$(cat /var/lib/tomcat7/webapps/bigbluebutton/WEB-INF/classes/bigbluebutton.properties | grep -v '#' | grep securitySalt | cut -d= -f2); @@ -145,7 +214,7 @@ rm /usr/share/red5/log/sip.log sed -i 's/BigBlueButton.logger.debug("rap-archive-worker done")/sleep 20; BigBlueButton.logger.debug("rap-archive-worker done")/g' /usr/local/bigbluebutton/core/scripts/rap-archive-worker.rb sed -i 's/BigBlueButton.logger.debug("rap-process-worker done")/sleep 20; BigBlueButton.logger.debug("rap-process-worker done")/g' /usr/local/bigbluebutton/core/scripts/rap-process-worker.rb sed -i 's/BigBlueButton.logger.debug("rap-sanity-worker done")/sleep 20 ; BigBlueButton.logger.debug("rap-sanity-worker done")/g' /usr/local/bigbluebutton/core/scripts/rap-sanity-worker.rb -sed -i 's/BigBlueButton.logger.debug("rap-publish-worker done")/sleep 20; BigBlueButton.logger.debug("rap-publish-worker done")/g' /usr/local/bigbluebutton/core/scripts/rap-publish-worker.rb +sed -i 's/BigBlueButton.logger.debug("rap-publish-worker done")/sleep 20; BigBlueButton.logger.debug("rap-publish-worker done")/g' /usr/local/bigbluebutton/core/scripts/rap-publish-worker.rb # Start BigBlueButton! # @@ -156,5 +225,5 @@ export DAEMON_LOG=/var/log/kurento-media-server export GST_DEBUG="3,Kurento*:4,kms*:4" export KURENTO_LOGS_PATH=$DAEMON_LOG -/usr/bin/supervisord +exec /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf diff --git a/supervisord.conf b/supervisord.conf index 1475108..5d9575f 100644 --- a/supervisord.conf +++ b/supervisord.conf @@ -96,3 +96,10 @@ startsecs = 0 autorestart = false user=tomcat7 command=/usr/lib/jvm/java-1.8.0-openjdk-amd64/jre/bin/java -Djava.util.logging.config.file=/var/lib/tomcat7/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.awt.headless=true -Xmx128m -XX:+UseConcMarkSweepGC -Xms256m -Xmx256m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/bigbluebutton/diagnostics -Djava.endorsed.dirs=/usr/share/tomcat7/endorsed -classpath /usr/share/tomcat7/bin/bootstrap.jar:/usr/share/tomcat7/bin/tomcat-juli.jar -Dcatalina.base=/var/lib/tomcat7 -Dcatalina.home=/usr/share/tomcat7 -Djava.io.tmpdir=/tmp/tomcat7-tomcat7-tmp org.apache.catalina.startup.Bootstrap start + +[program:coturn] +startsecs = 0 +autorestart = false +user=turnserver +command=/usr/bin/turnserver -c /etc/turnserver.conf +